Projects
osmocom:nightly
open5gs
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 740
View file
open5gs_2.7.1.39.dc2e1.202406292026.dsc -> open5gs_2.7.1.48.555c2.202406302026.dsc
Changed
@@ -2,7 +2,7 @@ Source: open5gs Binary: open5gs-common, open5gs-mme, open5gs-sgwc, open5gs-smf, open5gs-amf, open5gs-sgwu, open5gs-upf, open5gs-hss, open5gs-pcrf, open5gs-nrf, open5gs-scp, open5gs-sepp, open5gs-ausf, open5gs-udm, open5gs-pcf, open5gs-nssf, open5gs-bsf, open5gs-udr, open5gs, open5gs-dbg Architecture: any -Version: 2.7.1.39.dc2e1.202406292026 +Version: 2.7.1.48.555c2.202406302026 Maintainer: Harald Welte <laforge@gnumonks.org> Uploaders: Sukchan Lee <acetcom@gmail.com> Homepage: https://open5gs.org @@ -32,8 +32,8 @@ open5gs-udr deb net optional arch=any open5gs-upf deb net optional arch=any Checksums-Sha1: - 1a6471ddca77dd973e09bdc3f087e03ae40c3942 14495900 open5gs_2.7.1.39.dc2e1.202406292026.tar.xz + 3f4e25914c7b987f8b9d20b7885615c24f4d4808 14496172 open5gs_2.7.1.48.555c2.202406302026.tar.xz Checksums-Sha256: - d0078850e3027046f2298d07f140810fa05498eac21373f570e21954b313029b 14495900 open5gs_2.7.1.39.dc2e1.202406292026.tar.xz + 196b81e7669588a696d887dfbc0deff7f33935c7bcb80d93fbd14ead3b56325e 14496172 open5gs_2.7.1.48.555c2.202406302026.tar.xz Files: - bad65dc8af8fa7e13375b4dec57d8e7c 14495900 open5gs_2.7.1.39.dc2e1.202406292026.tar.xz + 1cb6f81f50f1ab8ce45aeb3c541c42ed 14496172 open5gs_2.7.1.48.555c2.202406302026.tar.xz
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/.tarball-version -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/.tarball-version
Changed
@@ -1 +1 @@ -2.7.1.39-dc2e1.202406292026 +2.7.1.48-555c2.202406302026
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/debian/changelog -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/debian/changelog
Changed
@@ -1,8 +1,8 @@ -open5gs (2.7.1.39.dc2e1.202406292026) unstable; urgency=medium +open5gs (2.7.1.48.555c2.202406302026) unstable; urgency=medium * Automatically generated changelog entry for building the Osmocom nightly feed - -- Osmocom OBS scripts <info@osmocom.org> Sat, 29 Jun 2024 20:27:34 +0000 + -- Osmocom OBS scripts <info@osmocom.org> Sun, 30 Jun 2024 20:27:35 +0000 open5gs (2.7.1) unstable; urgency=medium
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/core/ogs-macros.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/core/ogs-macros.h
Changed
@@ -222,6 +222,9 @@ ((__oBJ)->reference_count)-- #define OGS_OBJECT_IS_REF(__oBJ) ((__oBJ)->reference_count > 1) +#define OGS_POINTER_TO_UINT(u) ((uintptr_t)(u)) +#define OGS_UINT_TO_POINTER(u) ((void *)(uintptr_t)(u)) + #ifdef __cplusplus } #endif
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/core/ogs-pool.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/core/ogs-pool.h
Changed
@@ -28,7 +28,11 @@ extern "C" { #endif -typedef uint32_t ogs_pool_id_t; +#define OGS_INVALID_POOL_ID 0 +#define OGS_MIN_POOL_ID 1 +#define OGS_MAX_POOL_ID 0x7fffffff + +typedef int32_t ogs_pool_id_t; #define OGS_POOL(pool, type) \ struct { \ @@ -36,6 +40,9 @@ int head, tail; \ int size, avail; \ type **free, *array, **index; \ + \ + ogs_hash_t *id_hash; \ + ogs_pool_id_t id; \ } pool /* @@ -57,6 +64,9 @@ (pool)->freei = &((pool)->arrayi); \ (pool)->indexi = NULL; \ } \ + \ + (pool)->id_hash = ogs_hash_make(); \ + ogs_assert((pool)->id_hash); \ } while (0) /* @@ -70,6 +80,9 @@ free((pool)->free); \ free((pool)->array); \ free((pool)->index); \ + \ + ogs_assert((pool)->id_hash); \ + ogs_hash_destroy((pool)->id_hash); \ } while (0) /* @@ -93,6 +106,9 @@ (pool)->freei = &((pool)->arrayi); \ (pool)->indexi = NULL; \ } \ + \ + (pool)->id_hash = ogs_hash_make(); \ + ogs_assert((pool)->id_hash); \ } while (0) /* @@ -108,14 +124,11 @@ ogs_free((pool)->free); \ ogs_free((pool)->array); \ ogs_free((pool)->index); \ + \ + ogs_assert((pool)->id_hash); \ + ogs_hash_destroy((pool)->id_hash); \ } while (0) -#define ogs_pool_index(pool, node) (((node) - (pool)->array)+1) -#define ogs_pool_find(pool, _index) \ - (_index > 0 && _index <= (pool)->size) ? (pool)->index_index-1 : NULL -#define ogs_pool_cycle(pool, node) \ - ogs_pool_find((pool), ogs_pool_index((pool), (node))) - #define ogs_pool_alloc(pool, node) do { \ *(node) = NULL; \ if ((pool)->avail > 0) { \ @@ -136,6 +149,31 @@ } \ } while (0) +#define ogs_pool_index(pool, node) (((node) - (pool)->array)+1) +#define ogs_pool_find(pool, _index) \ + (_index > 0 && _index <= (pool)->size) ? (pool)->index_index-1 : NULL + +#define ogs_pool_id_calloc(pool, node) do { \ + ogs_pool_alloc(pool, node); \ + if (*node) { \ + memset(*(node), 0, sizeof(**(node))); \ + (*(node))->id = OGS_NEXT_ID((pool)->id, 1, OGS_MAX_POOL_ID); \ + ogs_hash_set((pool)->id_hash, \ + &((*(node))->id), sizeof(ogs_pool_id_t), *(node)); \ + } \ +} while (0) + +#define ogs_pool_id_free(pool, node) do { \ + ogs_assert(((node)->id) >= OGS_MIN_POOL_ID && \ + ((node)->id) <= OGS_MAX_POOL_ID); \ + ogs_hash_set((pool)->id_hash, \ + &((node)->id), sizeof(ogs_pool_id_t), NULL); \ + ogs_pool_free(pool, node); \ +} while (0) + +#define ogs_pool_find_by_id(pool, id) \ + ogs_hash_get((pool)->id_hash, &id, sizeof(ogs_pool_id_t)) + #define ogs_pool_size(pool) ((pool)->size) #define ogs_pool_avail(pool) ((pool)->avail)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/core/ogs-timer.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/core/ogs-timer.c
Changed
@@ -73,12 +73,6 @@ ogs_free(manager); } -static ogs_timer_t *ogs_timer_cycle(ogs_timer_mgr_t *manager, ogs_timer_t *timer) -{ - ogs_assert(manager); - return ogs_pool_cycle(&manager->pool, timer); -} - ogs_timer_t *ogs_timer_add( ogs_timer_mgr_t *manager, void (*cb)(void *data), void *data) { @@ -106,11 +100,6 @@ ogs_assert(timer); manager = timer->manager; ogs_assert(manager); - timer = ogs_timer_cycle(manager, timer); - if (!timer) { - ogs_fatal("ogs_timer_delete() failed in %s", file_line); - ogs_assert_if_reached(); - } ogs_timer_stop(timer); @@ -126,11 +115,6 @@ manager = timer->manager; ogs_assert(manager); - timer = ogs_timer_cycle(manager, timer); - if (!timer) { - ogs_fatal("ogs_timer_start() failed in %s", file_line); - ogs_assert_if_reached(); - } if (timer->running == true) ogs_rbtree_delete(&manager->tree, timer); @@ -145,11 +129,6 @@ ogs_assert(timer); manager = timer->manager; ogs_assert(manager); - timer = ogs_timer_cycle(manager, timer); - if (!timer) { - ogs_fatal("ogs_timer_stop() failed in %s", file_line); - ogs_assert_if_reached(); - } if (timer->running == false) return;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/gtp/xact.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/gtp/xact.c
Changed
@@ -75,9 +75,8 @@ ogs_assert(gnode); ogs_assert(hdesc); - ogs_pool_alloc(&pool, &xact); + ogs_pool_id_calloc(&pool, &xact); ogs_assert(xact); - memset(xact, 0, sizeof *xact); xact->index = ogs_pool_index(&pool, xact); xact->gtp_version = 1; @@ -131,9 +130,8 @@ ogs_assert(gnode); ogs_assert(hdesc); - ogs_pool_alloc(&pool, &xact); + ogs_pool_id_calloc(&pool, &xact); ogs_assert(xact); - memset(xact, 0, sizeof *xact); xact->index = ogs_pool_index(&pool, xact); xact->gtp_version = 2; @@ -184,9 +182,8 @@ ogs_assert(gnode); - ogs_pool_alloc(&pool, &xact); + ogs_pool_id_calloc(&pool, &xact); ogs_assert(xact); - memset(xact, 0, sizeof *xact); xact->index = ogs_pool_index(&pool, xact); xact->gtp_version = gtp_version; @@ -216,9 +213,9 @@ return xact; } -ogs_gtp_xact_t *ogs_gtp_xact_cycle(ogs_gtp_xact_t *xact) +ogs_gtp_xact_t *ogs_gtp_xact_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&pool, xact); + return ogs_pool_find_by_id(&pool, id); } void ogs_gtp_xact_delete_all(ogs_gtp_node_t *gnode) @@ -1134,11 +1131,11 @@ ogs_assert(xact1); ogs_assert(xact2); - ogs_assert(xact1->assoc_xact == NULL); - ogs_assert(xact2->assoc_xact == NULL); + ogs_assert(xact1->assoc_xact_id == OGS_INVALID_POOL_ID); + ogs_assert(xact2->assoc_xact_id == OGS_INVALID_POOL_ID); - xact1->assoc_xact = xact2; - xact2->assoc_xact = xact1; + xact1->assoc_xact_id = xact2->id; + xact2->assoc_xact_id = xact1->id; } void ogs_gtp_xact_deassociate(ogs_gtp_xact_t *xact1, ogs_gtp_xact_t *xact2) @@ -1146,16 +1143,17 @@ ogs_assert(xact1); ogs_assert(xact2); - ogs_assert(xact1->assoc_xact != NULL); - ogs_assert(xact2->assoc_xact != NULL); + ogs_assert(xact1->assoc_xact_id != OGS_INVALID_POOL_ID); + ogs_assert(xact2->assoc_xact_id != OGS_INVALID_POOL_ID); - xact1->assoc_xact = NULL; - xact2->assoc_xact = NULL; + xact1->assoc_xact_id = OGS_INVALID_POOL_ID; + xact2->assoc_xact_id = OGS_INVALID_POOL_ID; } static int ogs_gtp_xact_delete(ogs_gtp_xact_t *xact) { char bufOGS_ADDRSTRLEN; + ogs_gtp_xact_t *assoc_xact = NULL; ogs_assert(xact); ogs_assert(xact->gnode); @@ -1178,12 +1176,13 @@ if (xact->tm_holding) ogs_timer_delete(xact->tm_holding); - if (xact->assoc_xact) - ogs_gtp_xact_deassociate(xact, xact->assoc_xact); + assoc_xact = ogs_gtp_xact_find_by_id(xact->assoc_xact_id); + if (assoc_xact) + ogs_gtp_xact_deassociate(xact, assoc_xact); ogs_list_remove(xact->org == OGS_GTP_LOCAL_ORIGINATOR ? &xact->gnode->local_list : &xact->gnode->remote_list, xact); - ogs_pool_free(&pool, xact); + ogs_pool_id_free(&pool, xact); return OGS_OK; }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/gtp/xact.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/gtp/xact.h
Changed
@@ -59,6 +59,8 @@ typedef struct ogs_gtp_xact_s { ogs_lnode_t node; /**< A node of list */ + ogs_pool_id_t id; + /* * Issues #3240 * @@ -110,7 +112,7 @@ uint32_t local_teid; /**< Local TEID, expected in reply from peer */ - void *assoc_xact; /**< Associated GTP transaction */ + ogs_pool_id_t assoc_xact_id; /**< Associated GTP transaction ID */ void *pfcp_xact; /**< Associated PFCP transaction */ #define OGS_GTP_MODIFY_TFT_UPDATE ((uint64_t)1<<0) @@ -159,7 +161,7 @@ ogs_gtp2_header_t *hdesc, ogs_pkbuf_t *pkbuf, void (*cb)(ogs_gtp_xact_t *xact, void *data), void *data); -ogs_gtp_xact_t *ogs_gtp_xact_cycle(ogs_gtp_xact_t *xact); +ogs_gtp_xact_t *ogs_gtp_xact_find_by_id(ogs_pool_id_t id); void ogs_gtp_xact_delete_all(ogs_gtp_node_t *gnode); int ogs_gtp1_xact_update_tx(ogs_gtp_xact_t *xact,
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/pfcp/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/pfcp/context.c
Changed
@@ -873,11 +873,6 @@ return node; } -ogs_pfcp_node_t *ogs_pfcp_node_cycle(ogs_pfcp_node_t *node) -{ - return ogs_pool_cycle(&ogs_pfcp_node_pool, node); -} - void ogs_pfcp_node_free(ogs_pfcp_node_t *node) { ogs_assert(node);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/pfcp/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/pfcp/context.h
Changed
@@ -393,7 +393,6 @@ int ogs_pfcp_context_parse_config(const char *local, const char *remote); ogs_pfcp_node_t *ogs_pfcp_node_new(ogs_sockaddr_t *sa_list); -ogs_pfcp_node_t *ogs_pfcp_node_cycle(ogs_pfcp_node_t *node); void ogs_pfcp_node_free(ogs_pfcp_node_t *node); ogs_pfcp_node_t *ogs_pfcp_node_add(
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/pfcp/xact.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/pfcp/xact.c
Changed
@@ -75,9 +75,8 @@ ogs_assert(node); - ogs_pool_alloc(&pool, &xact); + ogs_pool_id_calloc(&pool, &xact); ogs_assert(xact); - memset(xact, 0, sizeof *xact); xact->index = ogs_pool_index(&pool, xact); xact->org = OGS_PFCP_LOCAL_ORIGINATOR; @@ -124,9 +123,8 @@ ogs_assert(node); - ogs_pool_alloc(&pool, &xact); + ogs_pool_id_calloc(&pool, &xact); ogs_assert(xact); - memset(xact, 0, sizeof *xact); xact->index = ogs_pool_index(&pool, xact); xact->org = OGS_PFCP_REMOTE_ORIGINATOR; @@ -171,6 +169,11 @@ ogs_pfcp_xact_delete(xact); } +ogs_pfcp_xact_t *ogs_pfcp_xact_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&pool, id); +} + int ogs_pfcp_xact_update_tx(ogs_pfcp_xact_t *xact, ogs_pfcp_header_t *hdesc, ogs_pkbuf_t *pkbuf) { @@ -802,7 +805,7 @@ ogs_list_remove(xact->org == OGS_PFCP_LOCAL_ORIGINATOR ? &xact->node->local_list : &xact->node->remote_list, xact); - ogs_pool_free(&pool, xact); + ogs_pool_id_free(&pool, xact); return OGS_OK; }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/pfcp/xact.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/pfcp/xact.h
Changed
@@ -35,6 +35,8 @@ ogs_lnode_t lnode; /**< A node of list */ ogs_lnode_t tmpnode; /**< A node of temp-list */ + ogs_pool_id_t id; + ogs_pool_id_t index; #define OGS_PFCP_LOCAL_ORIGINATOR 0 @@ -68,13 +70,13 @@ uint64_t local_seid; /**< Local SEID, expected in reply from peer */ - void *assoc_xact; /**< Associated GTP transaction */ + ogs_pool_id_t assoc_xact_id; /**< Associated GTP transaction ID */ ogs_pkbuf_t *gtpbuf; /**< GTP packet buffer */ uint8_t gtp_pti; /**< GTP Procedure transaction identity */ uint8_t gtp_cause; /**< GTP Cause Value */ - void *assoc_stream; /**< Associated SBI session */ + ogs_pool_id_t assoc_stream_id; /**< Associated SBI session ID */ bool epc; /**< EPC or 5GC */ @@ -134,6 +136,7 @@ ogs_pfcp_xact_t *ogs_pfcp_xact_local_create(ogs_pfcp_node_t *node, void (*cb)(ogs_pfcp_xact_t *xact, void *data), void *data); void ogs_pfcp_xact_delete_all(ogs_pfcp_node_t *node); +ogs_pfcp_xact_t *ogs_pfcp_xact_find_by_id(ogs_pool_id_t id); int ogs_pfcp_xact_update_tx(ogs_pfcp_xact_t *xact, ogs_pfcp_header_t *hdesc, ogs_pkbuf_t *pkbuf);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/sbi/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/sbi/context.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -2257,6 +2257,7 @@ } ogs_sbi_xact_t *ogs_sbi_xact_add( + ogs_pool_id_t sbi_object_id, ogs_sbi_object_t *sbi_object, ogs_sbi_service_type_e service_type, ogs_sbi_discovery_option_t *discovery_option, @@ -2266,13 +2267,13 @@ ogs_assert(sbi_object); - ogs_pool_alloc(&xact_pool, &xact); + ogs_pool_id_calloc(&xact_pool, &xact); if (!xact) { - ogs_error("ogs_pool_alloc() failed"); + ogs_error("ogs_pool_id_calloc() failed"); return NULL; } - memset(xact, 0, sizeof(ogs_sbi_xact_t)); + xact->sbi_object_id = sbi_object_id; xact->sbi_object = sbi_object; xact->service_type = service_type; xact->requester_nf_type = NF_INSTANCE_TYPE(ogs_sbi_self()->nf_instance); @@ -2301,13 +2302,14 @@ xact->discovery_option = discovery_option; xact->t_response = ogs_timer_add( - ogs_app()->timer_mgr, ogs_timer_sbi_client_wait_expire, xact); + ogs_app()->timer_mgr, ogs_timer_sbi_client_wait_expire, + OGS_UINT_TO_POINTER(xact->id)); if (!xact->t_response) { ogs_error("ogs_timer_add() failed"); if (xact->discovery_option) ogs_sbi_discovery_option_free(xact->discovery_option); - ogs_pool_free(&xact_pool, xact); + ogs_pool_id_free(&xact_pool, xact); return NULL; } @@ -2324,7 +2326,7 @@ ogs_sbi_discovery_option_free(xact->discovery_option); ogs_timer_delete(xact->t_response); - ogs_pool_free(&xact_pool, xact); + ogs_pool_id_free(&xact_pool, xact); return NULL; } @@ -2383,7 +2385,7 @@ ogs_free(xact->target_apiroot); ogs_list_remove(&sbi_object->xact_list, xact); - ogs_pool_free(&xact_pool, xact); + ogs_pool_id_free(&xact_pool, xact); } void ogs_sbi_xact_remove_all(ogs_sbi_object_t *sbi_object) @@ -2396,9 +2398,9 @@ ogs_sbi_xact_remove(xact); } -ogs_sbi_xact_t *ogs_sbi_xact_cycle(ogs_sbi_xact_t *xact) +ogs_sbi_xact_t *ogs_sbi_xact_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&xact_pool, xact); + return ogs_pool_find_by_id(&xact_pool, id); } ogs_sbi_subscription_spec_t *ogs_sbi_subscription_spec_add(
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/sbi/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/sbi/context.h
Changed
@@ -216,6 +216,8 @@ typedef struct ogs_sbi_xact_s { ogs_lnode_t lnode; + ogs_pool_id_t id; + ogs_sbi_service_type_e service_type; OpenAPI_nf_type_e requester_nf_type; ogs_sbi_discovery_option_t *discovery_option; @@ -223,11 +225,13 @@ ogs_sbi_request_t *request; ogs_timer_t *t_response; - ogs_sbi_stream_t *assoc_stream; + ogs_pool_id_t assoc_stream_id; + int state; char *target_apiroot; ogs_sbi_object_t *sbi_object; + ogs_pool_id_t sbi_object_id; } ogs_sbi_xact_t; typedef struct ogs_sbi_nf_service_s { @@ -539,13 +543,14 @@ void ogs_sbi_object_free(ogs_sbi_object_t *sbi_object); ogs_sbi_xact_t *ogs_sbi_xact_add( + ogs_pool_id_t sbi_object_id, ogs_sbi_object_t *sbi_object, ogs_sbi_service_type_e service_type, ogs_sbi_discovery_option_t *discovery_option, ogs_sbi_build_f build, void *context, void *data); void ogs_sbi_xact_remove(ogs_sbi_xact_t *xact); void ogs_sbi_xact_remove_all(ogs_sbi_object_t *sbi_object); -ogs_sbi_xact_t *ogs_sbi_xact_cycle(ogs_sbi_xact_t *xact); +ogs_sbi_xact_t *ogs_sbi_xact_find_by_id(ogs_pool_id_t id); ogs_sbi_subscription_spec_t *ogs_sbi_subscription_spec_add( OpenAPI_nf_type_e nf_type, const char *service_name);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/sbi/mhd-server.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/sbi/mhd-server.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019,2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -41,6 +41,9 @@ static ogs_sbi_server_t *server_from_stream(ogs_sbi_stream_t *stream); +static ogs_pool_id_t id_from_stream(ogs_sbi_stream_t *stream); +static void *stream_find_by_id(ogs_pool_id_t id); + const ogs_sbi_server_actions_t ogs_mhd_server_actions = { server_init, server_final, @@ -52,6 +55,8 @@ server_send_response, server_from_stream, + id_from_stream, + stream_find_by_id, }; static void run(short when, ogs_socket_t fd, void *data); @@ -79,6 +84,8 @@ typedef struct ogs_sbi_session_s { ogs_lnode_t lnode; + ogs_pool_id_t id; + struct MHD_Connection *connection; ogs_sbi_request_t *request; @@ -125,9 +132,8 @@ ogs_assert(request); ogs_assert(connection); - ogs_pool_alloc(&session_pool, &sbi_sess); + ogs_pool_id_calloc(&session_pool, &sbi_sess); ogs_assert(sbi_sess); - memset(sbi_sess, 0, sizeof(ogs_sbi_session_t)); sbi_sess->server = server; sbi_sess->request = request; @@ -137,7 +143,7 @@ ogs_app()->timer_mgr, session_timer_expired, sbi_sess); if (!sbi_sess->timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&session_pool, sbi_sess); + ogs_pool_id_free(&session_pool, sbi_sess); return NULL; } @@ -170,7 +176,7 @@ MHD_resume_connection(connection); - ogs_pool_free(&session_pool, sbi_sess); + ogs_pool_id_free(&session_pool, sbi_sess); } static void session_timer_expired(void *data) @@ -320,12 +326,8 @@ ogs_sbi_session_t *sbi_sess = NULL; ogs_assert(response); - - sbi_sess = ogs_pool_cycle(&session_pool, (ogs_sbi_session_t *)stream); - if (!sbi_sess) { - ogs_error("session has already been removed"); - return true; - } + sbi_sess = (ogs_sbi_session_t *)stream; + ogs_assert(sbi_sess); connection = sbi_sess->connection; ogs_assert(connection); @@ -571,7 +573,7 @@ ogs_assert(sbi_sess); ogs_assert(server->cb); - if (server->cb(request, sbi_sess) != OGS_OK) { + if (server->cb(request, OGS_UINT_TO_POINTER(sbi_sess->id)) != OGS_OK) { ogs_warn("server callback error"); ogs_assert(true == ogs_sbi_server_send_error((ogs_sbi_stream_t *)sbi_sess, @@ -608,3 +610,16 @@ return sbi_sess->server; } + +static ogs_pool_id_t id_from_stream(ogs_sbi_stream_t *stream) +{ + ogs_sbi_session_t *sbi_sess = (ogs_sbi_session_t *)stream; + + ogs_assert(sbi_sess); + return sbi_sess->id; +} + +static void *stream_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&session_pool, id); +}
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/sbi/nghttp2-server.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/sbi/nghttp2-server.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019,2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -39,6 +39,9 @@ static ogs_sbi_server_t *server_from_stream(ogs_sbi_stream_t *stream); +static ogs_pool_id_t id_from_stream(ogs_sbi_stream_t *stream); +static void *stream_find_by_id(ogs_pool_id_t id); + const ogs_sbi_server_actions_t ogs_nghttp2_server_actions = { server_init, server_final, @@ -50,6 +53,9 @@ server_send_response, server_from_stream, + + id_from_stream, + stream_find_by_id, }; struct h2_settings { @@ -81,6 +87,8 @@ typedef struct ogs_sbi_stream_s { ogs_lnode_t lnode; + ogs_pool_id_t id; + int32_t stream_id; ogs_sbi_request_t *request; bool memory_overflow; @@ -360,7 +368,9 @@ SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verify_callback); - context = ogs_sbi_server_id_context(server); + ogs_assert(server->id >= OGS_MIN_POOL_ID && + server->id <= OGS_MAX_POOL_ID); + context = ogs_msprintf("%d", server->id); if (!context) { ogs_error("ogs_sbi_server_id_context() failed"); @@ -580,12 +590,7 @@ return false; } - stream = ogs_pool_cycle(&stream_pool, stream); - if (!stream) { - ogs_error("stream has already been removed"); - return true; - } - + ogs_assert(stream); sbi_sess = stream->session; ogs_assert(sbi_sess); ogs_assert(sbi_sess->session); @@ -706,17 +711,16 @@ ogs_assert(sbi_sess); - ogs_pool_alloc(&stream_pool, &stream); + ogs_pool_id_calloc(&stream_pool, &stream); if (!stream) { - ogs_error("ogs_pool_alloc() failed"); + ogs_error("ogs_pool_id_calloc() failed"); return NULL; } - memset(stream, 0, sizeof(ogs_sbi_stream_t)); stream->request = ogs_sbi_request_new(); if (!stream->request) { ogs_error("ogs_sbi_request_new() failed"); - ogs_pool_free(&stream_pool, stream); + ogs_pool_id_free(&stream_pool, stream); return NULL; } @@ -743,7 +747,7 @@ ogs_assert(stream->request); ogs_sbi_request_free(stream->request); - ogs_pool_free(&stream_pool, stream); + ogs_pool_id_free(&stream_pool, stream); } static void stream_remove_all(ogs_sbi_session_t *sbi_sess) @@ -756,6 +760,17 @@ stream_remove(stream); } +static ogs_pool_id_t id_from_stream(ogs_sbi_stream_t *stream) +{ + ogs_assert(stream); + return stream->id; +} + +static void *stream_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&stream_pool, id); +} + static ogs_sbi_session_t *session_add( ogs_sbi_server_t *server, ogs_sock_t *sock) { @@ -1169,7 +1184,8 @@ break; } - if (server->cb(request, stream) != OGS_OK) { + if (server->cb(request, + OGS_UINT_TO_POINTER(stream->id)) != OGS_OK) { ogs_warn("server callback error"); ogs_assert(true == ogs_sbi_server_send_error(stream,
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/sbi/path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/sbi/path.c
Changed
@@ -90,6 +90,7 @@ ogs_event_t *e = NULL; ogs_sbi_xact_t *xact = NULL; + ogs_pool_id_t xact_id = 0; ogs_sbi_object_t *sbi_object = NULL; ogs_sbi_service_type_e service_type = OGS_SBI_SERVICE_TYPE_NULL; ogs_sbi_discovery_option_t *discovery_option = NULL; @@ -99,10 +100,10 @@ ogs_hash_index_t *hi = NULL; char *producer_id = NULL; - xact = data; - ogs_assert(xact); + xact_id = OGS_POINTER_TO_UINT(data); + ogs_assert(xact_id >= OGS_MIN_POOL_ID && xact_id <= OGS_MAX_POOL_ID); - xact = ogs_sbi_xact_cycle(xact); + xact = ogs_sbi_xact_find_by_id(xact_id); if (!xact) { ogs_error("SBI transaction has already been removed"); if (response) @@ -349,7 +350,8 @@ ogs_free(apiroot); rc = ogs_sbi_client_send_via_scp_or_sepp( - scp_client, ogs_sbi_client_handler, request, xact); + scp_client, ogs_sbi_client_handler, request, + OGS_UINT_TO_POINTER(xact->id)); ogs_expect(rc == true); return (rc == true) ? OGS_OK : OGS_ERROR; @@ -486,7 +488,8 @@ } rc = ogs_sbi_client_send_via_scp_or_sepp( - scp_client, client_discover_cb, request, xact); + scp_client, client_discover_cb, request, + OGS_UINT_TO_POINTER(xact->id)); ogs_expect(rc == true); return (rc == true) ? OGS_OK : OGS_ERROR; } @@ -498,7 +501,8 @@ /* If `client` instance is available, use direct communication */ rc = ogs_sbi_send_request_to_client( - client, ogs_sbi_client_handler, request, xact); + client, ogs_sbi_client_handler, request, + OGS_UINT_TO_POINTER(xact->id)); ogs_expect(rc == true); return (rc == true) ? OGS_OK : OGS_ERROR; @@ -558,7 +562,8 @@ } rc = ogs_sbi_client_send_request( - client, ogs_sbi_client_handler, request, xact); + client, ogs_sbi_client_handler, request, + OGS_UINT_TO_POINTER(xact->id)); ogs_expect(rc == true); ogs_sbi_request_free(request); @@ -680,7 +685,8 @@ } rc = ogs_sbi_client_send_request( - nrf_client, sepp_discover_handler, nrf_request, xact); + nrf_client, sepp_discover_handler, nrf_request, + OGS_UINT_TO_POINTER(xact->id)); if (rc == false) { ogs_error("ogs_sbi_client_send_request() failed"); ogs_sbi_xact_remove(xact); @@ -693,7 +699,8 @@ } rc = ogs_sbi_send_request_to_client( - client, ogs_sbi_client_handler, request, xact); + client, ogs_sbi_client_handler, request, + OGS_UINT_TO_POINTER(xact->id)); if (rc == false) { ogs_error("ogs_sbi_send_request_to_client() failed"); ogs_sbi_xact_remove(xact); @@ -856,26 +863,40 @@ char *strerror = NULL; ogs_sbi_message_t message; - ogs_sbi_xact_t *xact = data; + ogs_sbi_xact_t *xact = NULL; + ogs_pool_id_t xact_id = 0; ogs_sbi_request_t *request = NULL; ogs_sbi_client_t *scp_client = NULL, *sepp_client = NULL; - ogs_assert(xact); - request = xact->request; - ogs_assert(request); + xact_id = OGS_POINTER_TO_UINT(data); + ogs_assert(xact_id >= OGS_MIN_POOL_ID && xact_id <= OGS_MAX_POOL_ID); - if (status != OGS_OK) { + xact = ogs_sbi_xact_find_by_id(xact_id); + if (!xact) { + ogs_error("SBI transaction has already been removed"); + if (response) + ogs_sbi_response_free(response); + return OGS_ERROR; + } + + if (status != OGS_OK) { ogs_log_message( status == OGS_DONE ? OGS_LOG_DEBUG : OGS_LOG_WARN, 0, "sepp_discover_handler() failed %d", status); + if (response) + ogs_sbi_response_free(response); + ogs_sbi_xact_remove(xact); + return OGS_ERROR; } ogs_assert(response); + request = xact->request; + ogs_assert(request); rv = ogs_sbi_parse_response(&message, response); if (rv != OGS_OK) { @@ -915,7 +936,8 @@ if (false == ogs_sbi_client_send_via_scp_or_sepp( scp_client ? scp_client : sepp_client, - ogs_sbi_client_handler, request, xact)) { + ogs_sbi_client_handler, request, + OGS_UINT_TO_POINTER(xact->id))) { strerror = ogs_msprintf("ogs_sbi_client_send_via_scp_or_sepp() failed"); goto cleanup; }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/sbi/server.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/sbi/server.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019,2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -62,9 +62,8 @@ ogs_assert(addr); ogs_assert(scheme); - ogs_pool_alloc(&server_pool, &server); + ogs_pool_id_calloc(&server_pool, &server); ogs_assert(server); - memset(server, 0, sizeof(ogs_sbi_server_t)); if (interface) server->interface = ogs_strdup(interface); @@ -114,7 +113,7 @@ if (server->cert) ogs_free(server->cert); - ogs_pool_free(&server_pool, server); + ogs_pool_id_free(&server_pool, server); } void ogs_sbi_server_remove_all(void) @@ -238,12 +237,17 @@ ogs_sbi_server_t *ogs_sbi_server_from_stream(ogs_sbi_stream_t *stream) { - return ogs_sbi_server_actions.from_stream(stream); + return ogs_sbi_server_actions.server_from_stream(stream); } -char *ogs_sbi_server_id_context(ogs_sbi_server_t *server) +ogs_pool_id_t ogs_sbi_id_from_stream(ogs_sbi_stream_t *stream) { - return ogs_msprintf("%d", (int)ogs_pool_index(&server_pool, server)); + return ogs_sbi_server_actions.id_from_stream(stream); +} + +void *ogs_sbi_stream_find_by_id(ogs_pool_id_t id) +{ + return ogs_sbi_server_actions.stream_find_by_id(id); } static ogs_sbi_server_t *ogs_sbi_server_find_by_interface(
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/lib/sbi/server.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/lib/sbi/server.h
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019,2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -37,6 +37,8 @@ ogs_socknode_t node; ogs_sockaddr_t *advertise; + ogs_pool_id_t id; + char *interface; OpenAPI_uri_scheme_e scheme; char *private_key, *cert; @@ -64,7 +66,10 @@ bool (*send_response)( ogs_sbi_stream_t *stream, ogs_sbi_response_t *response); - ogs_sbi_server_t *(*from_stream)(ogs_sbi_stream_t *stream); + ogs_sbi_server_t *(*server_from_stream)(ogs_sbi_stream_t *stream); + + ogs_pool_id_t (*id_from_stream)(ogs_sbi_stream_t *stream); + void *(*stream_find_by_id)(ogs_pool_id_t id); } ogs_sbi_server_actions_t; void ogs_sbi_server_init(int num_of_session_pool, int num_of_stream_pool); @@ -96,7 +101,9 @@ ogs_sbi_stream_t *stream, OpenAPI_problem_details_t *problem); ogs_sbi_server_t *ogs_sbi_server_from_stream(ogs_sbi_stream_t *stream); -char *ogs_sbi_server_id_context(ogs_sbi_server_t *server); + +ogs_pool_id_t ogs_sbi_id_from_stream(ogs_sbi_stream_t *stream); +void *ogs_sbi_stream_find_by_id(ogs_pool_id_t id); ogs_sbi_server_t *ogs_sbi_server_first(void); ogs_sbi_server_t *ogs_sbi_server_next(ogs_sbi_server_t *current);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/amf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/amf-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -64,9 +64,12 @@ amf_sess_t *sess = NULL; ogs_sbi_object_t *sbi_object = NULL; + ogs_pool_id_t sbi_object_id = OGS_INVALID_POOL_ID; ogs_sbi_xact_t *sbi_xact = NULL; + ogs_pool_id_t sbi_xact_id = OGS_INVALID_POOL_ID; int state = AMF_CREATE_SM_CONTEXT_NO_STATE; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *sbi_request = NULL; ogs_sbi_service_type_e service_type = OGS_SBI_SERVICE_TYPE_NULL; @@ -89,8 +92,16 @@ case OGS_EVENT_SBI_SERVER: sbi_request = e->h.sbi.request; ogs_assert(sbi_request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&sbi_message, sbi_request); if (rv != OGS_OK) { @@ -365,8 +376,18 @@ CASE(OGS_SBI_SERVICE_NAME_NNRF_DISC) SWITCH(sbi_message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_NF_INSTANCES) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); + if (!sbi_xact) { + /* CLIENT_WAIT timer could remove SBI transaction + * before receiving SBI message */ + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); + break; + } SWITCH(sbi_message.h.method) CASE(OGS_SBI_HTTP_METHOD_GET) @@ -395,25 +416,28 @@ CASE(OGS_SBI_SERVICE_NAME_NUDM_SDM) CASE(OGS_SBI_SERVICE_NAME_NPCF_AM_POLICY_CONTROL) CASE(OGS_SBI_SERVICE_NAME_NAMF_COMM) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } state = sbi_xact->state; - amf_ue = (amf_ue_t *)sbi_xact->sbi_object; - ogs_assert(amf_ue); + sbi_object_id = sbi_xact->sbi_object_id; + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); ogs_sbi_xact_remove(sbi_xact); - amf_ue = amf_ue_cycle(amf_ue); + amf_ue = amf_ue_find_by_id(sbi_object_id); if (!amf_ue) { ogs_error("UE(amf_ue) Context has already been removed"); break; @@ -421,7 +445,7 @@ ogs_assert(OGS_FSM_STATE(&amf_ue->sm)); - e->amf_ue = amf_ue; + e->amf_ue_id = amf_ue->id; e->h.sbi.message = &sbi_message;; e->h.sbi.state = state; @@ -429,25 +453,28 @@ break; CASE(OGS_SBI_SERVICE_NAME_NSMF_PDUSESSION) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } state = sbi_xact->state; - sess = (amf_sess_t *)sbi_xact->sbi_object; - ogs_assert(sess); + sbi_object_id = sbi_xact->sbi_object_id; + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); ogs_sbi_xact_remove(sbi_xact); - sess = amf_sess_cycle(sess); + sess = amf_sess_find_by_id(sbi_object_id); if (!sess) { /* * 1. If AMF-UE context is duplicated in Identity-Response, @@ -485,15 +512,16 @@ break; } - amf_ue = sess->amf_ue; - ogs_assert(amf_ue); - amf_ue = amf_ue_cycle(amf_ue); - ogs_assert(amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); + if (!amf_ue) { + ogs_error("UE(amf-ue) context has already been removed"); + break; + } ogs_assert(OGS_FSM_STATE(&amf_ue->sm)); - e->amf_ue = amf_ue; - e->sess = sess; + e->amf_ue_id = amf_ue->id; + e->sess_id = sess->id; e->h.sbi.message = &sbi_message;; SWITCH(sbi_message.h.resource.component2) @@ -545,39 +573,43 @@ break; CASE(OGS_SBI_SERVICE_NAME_NNSSF_NSSELECTION) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - sess = (amf_sess_t *)sbi_xact->sbi_object; - ogs_assert(sess); + sbi_object_id = sbi_xact->sbi_object_id; + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); state = sbi_xact->state; ogs_sbi_xact_remove(sbi_xact); - sess = amf_sess_cycle(sess); + sess = amf_sess_find_by_id(sbi_object_id); if (!sess) { ogs_error("Session has already been removed"); break; } - amf_ue = sess->amf_ue; - ogs_assert(amf_ue); - amf_ue = amf_ue_cycle(amf_ue); - ogs_assert(amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); + if (!amf_ue) { + ogs_error("UE(amf-ue) context has already been removed"); + break; + } ogs_assert(OGS_FSM_STATE(&amf_ue->sm)); - e->amf_ue = amf_ue; - e->sess = sess; + e->amf_ue_id = amf_ue->id; + e->sess_id = sess->id; e->h.sbi.message = &sbi_message;; e->h.sbi.state = state; @@ -667,17 +699,26 @@ * 4. timer expiration event is processed. (double-free SBI xact) * * To avoid double-free SBI xact, - * we need to check ogs_sbi_xact_cycle() + * we need to check ogs_sbi_xact_find_by_id() */ - sbi_xact = ogs_sbi_xact_cycle(e->h.sbi.data); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } sbi_object = sbi_xact->sbi_object; ogs_assert(sbi_object); + sbi_object_id = sbi_xact->sbi_object_id; + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); + service_type = sbi_xact->service_type; ogs_sbi_xact_remove(sbi_xact); @@ -687,9 +728,7 @@ switch(sbi_object->type) { case OGS_SBI_OBJ_UE_TYPE: - amf_ue = (amf_ue_t *)sbi_object; - ogs_assert(amf_ue); - amf_ue = amf_ue_cycle(amf_ue); + amf_ue = amf_ue_find_by_id(sbi_object_id); if (!amf_ue) { ogs_error("UE(amf_ue) Context has already been removed"); break; @@ -703,15 +742,13 @@ break; case OGS_SBI_OBJ_SESS_TYPE: - sess = (amf_sess_t *)sbi_object; - ogs_assert(sess); - sess = amf_sess_cycle(sess); + sess = amf_sess_find_by_id(sbi_object_id); if (!sess) { ogs_error("Session has already been removed"); break; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf_ue) Context has already been removed"); break; @@ -720,13 +757,15 @@ ogs_error("%d:%d Cannot receive SBI message", sess->psi, sess->pti); if (sess->payload_container_type) { - r = nas_5gs_send_back_gsm_message(sess->ran_ue, sess, + r = nas_5gs_send_back_gsm_message( + ran_ue_find_by_id(sess->ran_ue_id), sess, OGS_5GMM_CAUSE_PAYLOAD_WAS_NOT_FORWARDED, AMF_NAS_BACKOFF_TIME); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); } else { - r = ngap_send_error_indication2(sess->ran_ue, + r = ngap_send_error_indication2( + ran_ue_find_by_id(sess->ran_ue_id), NGAP_Cause_PR_transport, NGAP_CauseTransport_transport_resource_unavailable); ogs_expect(r == OGS_OK); @@ -760,7 +799,11 @@ gnb = amf_gnb_find_by_addr(addr); if (!gnb) { gnb = amf_gnb_add(sock, addr); - ogs_assert(gnb); + if (!gnb) { + ogs_error("amf_gnb_add() failed"); + ogs_sock_destroy(sock); + ogs_free(addr); + } } else { ogs_warn("gNB context duplicated with IP-address %s!!!", OGS_ADDR(addr, buf)); @@ -782,7 +825,10 @@ gnb = amf_gnb_find_by_addr(addr); if (!gnb) { gnb = amf_gnb_add(sock, addr); - ogs_assert(gnb); + if (!gnb) { + ogs_error("amf_gnb_add() failed"); + ogs_free(addr); + } } else { ogs_free(addr); } @@ -833,7 +879,7 @@ rc = ogs_ngap_decode(&ngap_message, pkbuf); if (rc == OGS_OK) { - e->gnb = gnb; + e->gnb_id = gnb->id; e->ngap.message = &ngap_message; ogs_fsm_dispatch(&gnb->sm, e); } else { @@ -850,13 +896,14 @@ break; case AMF_EVENT_NGAP_TIMER: - ran_ue = e->ran_ue; - ogs_assert(ran_ue); + ran_ue = ran_ue_find_by_id(e->ran_ue_id); + if (!ran_ue) { + ogs_error("NG Context has already been removed"); + break; + } switch (e->h.timer_id) { case AMF_TIMER_NG_DELAYED_SEND: - gnb = e->gnb; - ogs_assert(gnb); pkbuf = e->pkbuf; ogs_assert(pkbuf); @@ -880,18 +927,22 @@ break; case AMF_EVENT_5GMM_MESSAGE: - ran_ue = e->ran_ue; - ogs_assert(ran_ue); pkbuf = e->pkbuf; ogs_assert(pkbuf); + ran_ue = ran_ue_find_by_id(e->ran_ue_id); + if (!ran_ue) { + ogs_error("NG Context has already been removed"); + break; + } + if (ogs_nas_5gmm_decode(&nas_message, pkbuf) != OGS_OK) { ogs_error("ogs_nas_5gmm_decode() failed"); ogs_pkbuf_free(pkbuf); break; } - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (!amf_ue) { amf_ue = amf_ue_find_by_message(&nas_message); if (!amf_ue) { @@ -986,7 +1037,7 @@ ogs_assert(amf_ue); ogs_assert(OGS_FSM_STATE(&amf_ue->sm)); - e->amf_ue = amf_ue; + e->amf_ue_id = amf_ue->id; e->nas.message = &nas_message; ogs_fsm_dispatch(&amf_ue->sm, e); @@ -995,7 +1046,7 @@ break; case AMF_EVENT_5GMM_TIMER: - amf_ue = amf_ue_cycle(e->amf_ue); + amf_ue = amf_ue_find_by_id(e->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf_ue) Context has already been removed"); break;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/context.c
Changed
@@ -1201,9 +1201,11 @@ ogs_assert(sock); ogs_assert(addr); - ogs_pool_alloc(&amf_gnb_pool, &gnb); - ogs_assert(gnb); - memset(gnb, 0, sizeof *gnb); + ogs_pool_id_calloc(&amf_gnb_pool, &gnb); + if (!gnb) { + ogs_error("ogs_pool_id_calloc() failed"); + return NULL; + } /* Defaut RAT-Type */ gnb->rat_type = OpenAPI_rat_type_NR; @@ -1227,7 +1229,7 @@ gnb->sctp.addr, sizeof(ogs_sockaddr_t), gnb); memset(&e, 0, sizeof(e)); - e.gnb = gnb; + e.gnb_id = gnb->id; ogs_fsm_init(&gnb->sm, ngap_state_initial, ngap_state_final, &e); ogs_list_add(&self.gnb_list, gnb); @@ -1249,7 +1251,7 @@ ogs_list_remove(&self.gnb_list, gnb); memset(&e, 0, sizeof(e)); - e.gnb = gnb; + e.gnb_id = gnb->id; ogs_fsm_fini(&gnb->sm, &e); ogs_hash_set(self.gnb_addr_hash, @@ -1258,7 +1260,7 @@ ogs_sctp_flush_and_destroy(&gnb->sctp); - ogs_pool_free(&amf_gnb_pool, gnb); + ogs_pool_id_free(&amf_gnb_pool, gnb); amf_metrics_inst_global_dec(AMF_METR_GLOB_GAUGE_GNB); ogs_info("Removed Number of gNBs is now %d", ogs_list_count(&self.gnb_list)); @@ -1313,9 +1315,9 @@ return SOCK_STREAM; } -amf_gnb_t *amf_gnb_cycle(amf_gnb_t *gnb) +amf_gnb_t *amf_gnb_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&amf_gnb_pool, gnb); + return ogs_pool_find_by_id(&amf_gnb_pool, id); } /** ran_ue_context handling function */ @@ -1325,19 +1327,18 @@ ogs_assert(gnb); - ogs_pool_alloc(&ran_ue_pool, &ran_ue); + ogs_pool_id_calloc(&ran_ue_pool, &ran_ue); if (ran_ue == NULL) { ogs_error("Could not allocate ran_ue context from pool"); return NULL; } - memset(ran_ue, 0, sizeof *ran_ue); - ran_ue->t_ng_holding = ogs_timer_add( - ogs_app()->timer_mgr, amf_timer_ng_holding_timer_expire, ran_ue); + ogs_app()->timer_mgr, amf_timer_ng_holding_timer_expire, + OGS_UINT_TO_POINTER(ran_ue->id)); if (!ran_ue->t_ng_holding) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&ran_ue_pool, ran_ue); + ogs_pool_id_free(&ran_ue_pool, ran_ue); return NULL; } @@ -1357,7 +1358,7 @@ ran_ue->gnb_ostream_id = OGS_NEXT_ID(gnb->ostream_id, 1, gnb->max_num_of_ostreams-1); - ran_ue->gnb = gnb; + ran_ue->gnb_id = gnb->id; ogs_list_add(&gnb->ran_ue_list, ran_ue); @@ -1368,33 +1369,40 @@ void ran_ue_remove(ran_ue_t *ran_ue) { + amf_gnb_t *gnb = NULL; + ogs_assert(ran_ue); - ogs_assert(ran_ue->gnb); - ogs_list_remove(&ran_ue->gnb->ran_ue_list, ran_ue); + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); + + if (gnb) ogs_list_remove(&gnb->ran_ue_list, ran_ue); ogs_assert(ran_ue->t_ng_holding); ogs_timer_delete(ran_ue->t_ng_holding); - ogs_pool_free(&ran_ue_pool, ran_ue); + ogs_pool_id_free(&ran_ue_pool, ran_ue); stats_remove_ran_ue(); } void ran_ue_switch_to_gnb(ran_ue_t *ran_ue, amf_gnb_t *new_gnb) { + amf_gnb_t *gnb = NULL; + ogs_assert(ran_ue); - ogs_assert(ran_ue->gnb); ogs_assert(new_gnb); + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); + ogs_assert(gnb); + /* Remove from the old gnb */ - ogs_list_remove(&ran_ue->gnb->ran_ue_list, ran_ue); + ogs_list_remove(&gnb->ran_ue_list, ran_ue); /* Add to the new gnb */ ogs_list_add(&new_gnb->ran_ue_list, ran_ue); /* Switch to gnb */ - ran_ue->gnb = new_gnb; + ran_ue->gnb_id = new_gnb->id; } ran_ue_t *ran_ue_find_by_ran_ue_ngap_id( @@ -1420,9 +1428,9 @@ return ran_ue_find(amf_ue_ngap_id); } -ran_ue_t *ran_ue_cycle(ran_ue_t *ran_ue) +ran_ue_t *ran_ue_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&ran_ue_pool, ran_ue); + return ogs_pool_find_by_id(&ran_ue_pool, id); } void amf_ue_new_guti(amf_ue_t *amf_ue) @@ -1520,39 +1528,44 @@ amf_ue_t *amf_ue = NULL; ogs_assert(ran_ue); - gnb = ran_ue->gnb; - ogs_assert(gnb); - ogs_pool_alloc(&amf_ue_pool, &amf_ue); + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); + if (!gnb) { + ogs_error("%d gNB has already been removed", ran_ue->gnb_id); + return NULL; + } + + ogs_pool_id_calloc(&amf_ue_pool, &amf_ue); if (amf_ue == NULL) { ogs_error("Could not allocate amf_ue context from pool"); return NULL; } - memset(amf_ue, 0, sizeof *amf_ue); - /* Add All Timers */ amf_ue->t3513.timer = ogs_timer_add( - ogs_app()->timer_mgr, amf_timer_t3513_expire, amf_ue); + ogs_app()->timer_mgr, amf_timer_t3513_expire, + OGS_UINT_TO_POINTER(amf_ue->id)); if (!amf_ue->t3513.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); return NULL; } amf_ue->t3513.pkbuf = NULL; amf_ue->t3522.timer = ogs_timer_add( - ogs_app()->timer_mgr, amf_timer_t3522_expire, amf_ue); + ogs_app()->timer_mgr, amf_timer_t3522_expire, + OGS_UINT_TO_POINTER(amf_ue->id)); if (!amf_ue->t3522.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); return NULL; } amf_ue->t3522.pkbuf = NULL; amf_ue->t3550.timer = ogs_timer_add( - ogs_app()->timer_mgr, amf_timer_t3550_expire, amf_ue); + ogs_app()->timer_mgr, amf_timer_t3550_expire, + OGS_UINT_TO_POINTER(amf_ue->id)); if (!amf_ue->t3550.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); return NULL; } amf_ue->t3550.pkbuf = NULL; @@ -1560,39 +1573,43 @@ ogs_app()->timer_mgr, amf_timer_t3555_expire, amf_ue); if (!amf_ue->t3555.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); return NULL; } amf_ue->t3555.pkbuf = NULL; amf_ue->t3560.timer = ogs_timer_add( - ogs_app()->timer_mgr, amf_timer_t3560_expire, amf_ue); + ogs_app()->timer_mgr, amf_timer_t3560_expire, + OGS_UINT_TO_POINTER(amf_ue->id)); if (!amf_ue->t3560.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); return NULL; } amf_ue->t3560.pkbuf = NULL; amf_ue->t3570.timer = ogs_timer_add( - ogs_app()->timer_mgr, amf_timer_t3570_expire, amf_ue); + ogs_app()->timer_mgr, amf_timer_t3570_expire, + OGS_UINT_TO_POINTER(amf_ue->id)); if (!amf_ue->t3570.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); return NULL; } amf_ue->t3570.pkbuf = NULL; amf_ue->mobile_reachable.timer = ogs_timer_add( - ogs_app()->timer_mgr, amf_timer_mobile_reachable_expire, amf_ue); + ogs_app()->timer_mgr, amf_timer_mobile_reachable_expire, + OGS_UINT_TO_POINTER(amf_ue->id)); if (!amf_ue->mobile_reachable.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); return NULL; } amf_ue->mobile_reachable.pkbuf = NULL; amf_ue->implicit_deregistration.timer = ogs_timer_add( - ogs_app()->timer_mgr, amf_timer_implicit_deregistration_expire, amf_ue); + ogs_app()->timer_mgr, amf_timer_implicit_deregistration_expire, + OGS_UINT_TO_POINTER(amf_ue->id)); if (!amf_ue->implicit_deregistration.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); return NULL; } amf_ue->implicit_deregistration.pkbuf = NULL; @@ -1713,7 +1730,7 @@ amf_ue_deassociate(amf_ue); - ogs_pool_free(&amf_ue_pool, amf_ue); + ogs_pool_id_free(&amf_ue_pool, amf_ue); ogs_info("Removed Number of AMF-UEs is now %d", ogs_list_count(&self.amf_ue_list)); @@ -1724,7 +1741,7 @@ amf_ue_t *amf_ue = NULL, *next = NULL;; ogs_list_for_each_safe(&self.amf_ue_list, next, amf_ue) { - ran_ue_t *ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue_t *ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (ran_ue) ran_ue_remove(ran_ue); @@ -1739,7 +1756,7 @@ ogs_assert(amf_ue); memset(&e, 0, sizeof(e)); - e.amf_ue = amf_ue; + e.amf_ue_id = amf_ue->id; ogs_fsm_init(&amf_ue->sm, gmm_state_initial, gmm_state_final, &e); } @@ -1750,7 +1767,7 @@ ogs_assert(amf_ue); memset(&e, 0, sizeof(e)); - e.amf_ue = amf_ue; + e.amf_ue_id = amf_ue->id; ogs_fsm_fini(&amf_ue->sm, &e); } @@ -2075,13 +2092,20 @@ ogs_pool_index(&amf_ue_pool, old_amf_ue)) { ogs_warn("%s OLD UE Context Release", suci); if (CM_CONNECTED(old_amf_ue)) { + ran_ue_t *ran_ue = ran_ue_find_by_id(old_amf_ue->ran_ue_id); /* Implcit NG release */ ogs_warn("%s Implicit NG release", suci); - ogs_warn("%s RAN_UE_NGAP_ID%lld AMF_UE_NGAP_ID%lld", - old_amf_ue->suci, - (long long)old_amf_ue->ran_ue->ran_ue_ngap_id, - (long long)old_amf_ue->ran_ue->amf_ue_ngap_id); - ran_ue_remove(old_amf_ue->ran_ue); + if (ran_ue) { + ogs_warn("%s RAN_UE_NGAP_ID%lld " + "AMF_UE_NGAP_ID%lld", + old_amf_ue->suci, + (long long)ran_ue->ran_ue_ngap_id, + (long long)ran_ue->amf_ue_ngap_id); + ran_ue_remove(ran_ue); + } else { + ogs_error("%s RAN-NG Context has already been removed", + old_amf_ue->suci); + } } /* @@ -2099,7 +2123,7 @@ /* Phase-1 : Change AMF-UE Context in Session Context */ ogs_list_for_each(&old_amf_ue->sess_list, old_sess) - old_sess->amf_ue = amf_ue; + old_sess->amf_ue_id = amf_ue->id; /* Phase-2 : Move Session Context from OLD to NEW AMF-UE Context */ memcpy(&amf_ue->sess_list, @@ -2138,10 +2162,17 @@ amf_gnb_t *gnb = NULL; ran_ue_t *ran_ue = NULL; - ran_ue = amf_ue->ran_ue; - ogs_assert(ran_ue); - gnb = ran_ue->gnb; - ogs_assert(gnb); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s RAN-NG Context has already been removed", amf_ue->suci); + return OpenAPI_rat_type_NULL; + } + + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); + if (!gnb) { + ogs_error("%d gNB has already been removed", ran_ue->gnb_id); + return OpenAPI_rat_type_NULL; + } return gnb->rat_type; } @@ -2151,35 +2182,31 @@ ogs_assert(amf_ue); ogs_assert(ran_ue); - amf_ue->ran_ue = ran_ue; - ran_ue->amf_ue = amf_ue; + amf_ue->ran_ue_id = ran_ue->id; + ran_ue->amf_ue_id = amf_ue->id; } void ran_ue_deassociate(ran_ue_t *ran_ue) { ogs_assert(ran_ue); - ran_ue->amf_ue = NULL; + ran_ue->amf_ue_id = OGS_INVALID_POOL_ID; } void amf_ue_deassociate(amf_ue_t *amf_ue) { ogs_assert(amf_ue); - amf_ue->ran_ue = NULL; + amf_ue->ran_ue_id = OGS_INVALID_POOL_ID; } void source_ue_associate_target_ue( ran_ue_t *source_ue, ran_ue_t *target_ue) { - amf_ue_t *amf_ue = NULL; - ogs_assert(source_ue); ogs_assert(target_ue); - amf_ue = source_ue->amf_ue; - ogs_assert(amf_ue); - target_ue->amf_ue = amf_ue; - target_ue->source_ue = source_ue; - source_ue->target_ue = target_ue; + target_ue->amf_ue_id = source_ue->amf_ue_id; + target_ue->source_ue_id = source_ue->id; + source_ue->target_ue_id = target_ue->id; } void source_ue_deassociate_target_ue(ran_ue_t *ran_ue) @@ -2188,22 +2215,28 @@ ran_ue_t *target_ue = NULL; ogs_assert(ran_ue); - if (ran_ue->target_ue) { + if (ran_ue->target_ue_id >= OGS_MIN_POOL_ID && + ran_ue->target_ue_id <= OGS_MAX_POOL_ID) { source_ue = ran_ue; - target_ue = ran_ue->target_ue; + target_ue = ran_ue_find_by_id(ran_ue->target_ue_id); - ogs_assert(source_ue->target_ue); - ogs_assert(target_ue->source_ue); - source_ue->target_ue = NULL; - target_ue->source_ue = NULL; - } else if (ran_ue->source_ue) { + ogs_assert(source_ue->target_ue_id >= OGS_MIN_POOL_ID && + source_ue->target_ue_id <= OGS_MAX_POOL_ID); + ogs_assert(target_ue->source_ue_id >= OGS_MIN_POOL_ID && + target_ue->source_ue_id <= OGS_MAX_POOL_ID); + source_ue->target_ue_id = OGS_INVALID_POOL_ID; + target_ue->source_ue_id = OGS_INVALID_POOL_ID; + } else if (ran_ue->source_ue_id >= OGS_MIN_POOL_ID && + ran_ue->source_ue_id <= OGS_MAX_POOL_ID) { target_ue = ran_ue; - source_ue = ran_ue->source_ue; + source_ue = ran_ue_find_by_id(ran_ue->source_ue_id); - ogs_assert(source_ue->target_ue); - ogs_assert(target_ue->source_ue); - source_ue->target_ue = NULL; - target_ue->source_ue = NULL; + ogs_assert(source_ue->target_ue_id >= OGS_MIN_POOL_ID && + source_ue->target_ue_id <= OGS_MAX_POOL_ID); + ogs_assert(target_ue->source_ue_id >= OGS_MIN_POOL_ID && + target_ue->source_ue_id <= OGS_MAX_POOL_ID); + source_ue->target_ue_id = OGS_INVALID_POOL_ID; + target_ue->source_ue_id = OGS_INVALID_POOL_ID; } } @@ -2214,13 +2247,12 @@ ogs_assert(amf_ue); ogs_assert(psi != OGS_NAS_PDU_SESSION_IDENTITY_UNASSIGNED); - ogs_pool_alloc(&amf_sess_pool, &sess); + ogs_pool_id_calloc(&amf_sess_pool, &sess); ogs_assert(sess); - memset(sess, 0, sizeof *sess); sess->sbi.type = OGS_SBI_OBJ_SESS_TYPE; - sess->amf_ue = amf_ue; + sess->amf_ue_id = amf_ue->id; sess->psi = psi; sess->s_nssai.sst = 0; @@ -2237,10 +2269,15 @@ void amf_sess_remove(amf_sess_t *sess) { + amf_ue_t *amf_ue = NULL; + ogs_assert(sess); - ogs_assert(sess->amf_ue); - ogs_list_remove(&sess->amf_ue->sess_list, sess); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); + if (amf_ue) + ogs_list_remove(&amf_ue->sess_list, sess); + else + ogs_error("UE(amf-ue) context has already been removed"); /* Free SBI object memory */ if (ogs_list_count(&sess->sbi.xact_list)) @@ -2277,7 +2314,7 @@ if (sess->nssf.nrf.client) ogs_sbi_client_remove(sess->nssf.nrf.client); - ogs_pool_free(&amf_sess_pool, sess); + ogs_pool_id_free(&amf_sess_pool, sess); stats_remove_amf_session(); } @@ -2302,14 +2339,14 @@ return NULL; } -amf_ue_t *amf_ue_cycle(amf_ue_t *amf_ue) +amf_ue_t *amf_ue_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&amf_ue_pool, amf_ue); + return ogs_pool_find_by_id(&amf_ue_pool, id); } -amf_sess_t *amf_sess_cycle(amf_sess_t *sess) +amf_sess_t *amf_sess_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&amf_sess_pool, sess); + return ogs_pool_find_by_id(&amf_sess_pool, id); } void amf_sbi_select_nf( @@ -2748,15 +2785,16 @@ ran_ue_t *ran_ue = NULL; ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { ogs_error("%s RAN-NG Context has already been removed", amf_ue->supi); return false; } - gnb = amf_gnb_cycle(ran_ue->gnb); + + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); if (!gnb) { - ogs_error("gNB has already been removed"); + ogs_error("%d gNB has already been removed", ran_ue->gnb_id); return false; }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/context.h
Changed
@@ -127,6 +127,8 @@ typedef struct amf_gnb_s { ogs_lnode_t lnode; + ogs_pool_id_t id; + ogs_fsm_t sm; /* A state machine */ uint32_t gnb_id; /* gNB_ID received from gNB */ @@ -162,6 +164,7 @@ struct ran_ue_s { ogs_lnode_t lnode; uint32_t index; + ogs_pool_id_t id; /* UE identity */ #define INVALID_UE_NGAP_ID 0xffffffffffffffffULL /* Initial value of ran_ue_ngap_id */ @@ -176,13 +179,14 @@ #define CONTEXT_SETUP_ESTABLISHED(__aMF) \ CM_CONNECTED(__aMF) && \ - ((__aMF)->ran_ue->initial_context_setup_response_received == true) + (ran_ue_find_by_id((__aMF)->ran_ue_id)-> \ + initial_context_setup_response_received == true) bool initial_context_setup_response_received; bool ue_ambr_sent; /* Handover Info */ - ran_ue_t *source_ue; - ran_ue_t *target_ue; + ogs_pool_id_t source_ue_id; + ogs_pool_id_t target_ue_id; /* Use amf_ue->nr_tai, amf_ue->nr_cgi. * Do not access ran_ue->saved.tai ran_ue->saved.nr_cgi. @@ -214,12 +218,14 @@ } psimask; /* Related Context */ - amf_gnb_t *gnb; - amf_ue_t *amf_ue; + ogs_pool_id_t gnb_id; + ogs_pool_id_t amf_ue_id; }; struct amf_ue_s { ogs_sbi_object_t sbi; + ogs_pool_id_t id; + ogs_fsm_t sm; struct { @@ -417,53 +423,67 @@ uint64_t am_policy_control_features; /* SBI Features */ #define CM_CONNECTED(__aMF) \ - ((__aMF) && ((__aMF)->ran_ue != NULL) && ran_ue_cycle((__aMF)->ran_ue)) + ((__aMF) && \ + ((__aMF)->ran_ue_id >= OGS_MIN_POOL_ID) && \ + ((__aMF)->ran_ue_id <= OGS_MAX_POOL_ID) && \ + (ran_ue_find_by_id((__aMF)->ran_ue_id))) #define CM_IDLE(__aMF) \ ((__aMF) && \ - (((__aMF)->ran_ue == NULL) || (ran_ue_cycle((__aMF)->ran_ue) == NULL))) + (((__aMF)->ran_ue_id < OGS_MIN_POOL_ID) || \ + ((__aMF)->ran_ue_id > OGS_MAX_POOL_ID) || \ + (ran_ue_find_by_id((__aMF)->ran_ue_id) == NULL))) /* NG UE context */ - ran_ue_t *ran_ue; + ogs_pool_id_t ran_ue_id; #define HOLDING_NG_CONTEXT(__aMF) \ do { \ - ran_ue_deassociate((__aMF)->ran_ue); \ + ran_ue_t *ran_ue_holding = NULL; \ + \ + (__aMF)->ran_ue_holding_id = OGS_INVALID_POOL_ID; \ \ - (__aMF)->ran_ue_holding = ran_ue_cycle((__aMF)->ran_ue); \ - if ((__aMF)->ran_ue_holding) { \ + ran_ue_holding = ran_ue_find_by_id((__aMF)->ran_ue_id); \ + if (ran_ue_holding) { \ + ran_ue_deassociate(ran_ue_holding); \ + \ ogs_warn("%s Holding NG Context", (__aMF)->suci); \ ogs_warn("%s RAN_UE_NGAP_ID%lld AMF_UE_NGAP_ID%lld", \ (__aMF)->suci, \ - (long long)(__aMF)->ran_ue_holding->ran_ue_ngap_id, \ - (long long)(__aMF)->ran_ue_holding->amf_ue_ngap_id); \ + (long long)ran_ue_holding->ran_ue_ngap_id, \ + (long long)ran_ue_holding->amf_ue_ngap_id); \ \ - (__aMF)->ran_ue_holding->ue_ctx_rel_action = \ + ran_ue_holding->ue_ctx_rel_action = \ NGAP_UE_CTX_REL_NG_CONTEXT_REMOVE; \ - ogs_timer_start((__aMF)->ran_ue_holding->t_ng_holding, \ + ogs_timer_start(ran_ue_holding->t_ng_holding, \ amf_timer_cfg(AMF_TIMER_NG_HOLDING)->duration); \ + \ + (__aMF)->ran_ue_holding_id = (__aMF)->ran_ue_id; \ } else \ ogs_error("%s NG Context has already been removed", \ (__aMF)->suci); \ } while(0) #define CLEAR_NG_CONTEXT(__aMF) \ do { \ - if (ran_ue_cycle((__aMF)->ran_ue_holding)) { \ + ran_ue_t *ran_ue_holding = NULL; \ + \ + ran_ue_holding = ran_ue_find_by_id((__aMF)->ran_ue_holding_id); \ + if (ran_ue_holding) { \ int r; \ ogs_warn("%s Clear NG Context", (__aMF)->suci); \ ogs_warn("%s RAN_UE_NGAP_ID%lld AMF_UE_NGAP_ID%lld", \ (__aMF)->suci, \ - (long long)(__aMF)->ran_ue_holding->ran_ue_ngap_id, \ - (long long)(__aMF)->ran_ue_holding->amf_ue_ngap_id); \ + (long long)ran_ue_holding->ran_ue_ngap_id, \ + (long long)ran_ue_holding->amf_ue_ngap_id); \ \ r = ngap_send_ran_ue_context_release_command( \ - (__aMF)->ran_ue_holding, \ + ran_ue_holding, \ NGAP_Cause_PR_nas, NGAP_CauseNas_normal_release, \ NGAP_UE_CTX_REL_NG_CONTEXT_REMOVE, 0); \ ogs_expect(r == OGS_OK); \ ogs_assert(r != OGS_ERROR); \ } \ - (__aMF)->ran_ue_holding = NULL; \ + (__aMF)->ran_ue_holding_id = OGS_INVALID_POOL_ID; \ } while(0) - ran_ue_t *ran_ue_holding; + ogs_pool_id_t ran_ue_holding_id; #define CLEAR_AMF_UE_ALL_TIMERS(__aMF) \ do { \ @@ -562,6 +582,7 @@ typedef struct amf_sess_s { ogs_sbi_object_t sbi; + ogs_pool_id_t id; uint8_t psi; /* PDU Session Identity */ uint8_t pti; /* Procedure Trasaction Identity */ @@ -656,10 +677,12 @@ #define AMF_SESS_STORE_N2_TRANSFER(__sESS, __n2Type, __n2Buf) \ do { \ ogs_assert(__sESS); \ - ogs_assert((__sESS)->amf_ue); \ if ((__sESS)->transfer.__n2Type) { \ - ogs_warn("%s:%d N2 transfer message duplicated. Overwritten", \ - ((__sESS)->amf_ue)->supi, (__sESS)->psi); \ + amf_ue_t *amf_ue = amf_ue_find_by_id((__sESS)->amf_ue_id); \ + if (amf_ue) \ + ogs_warn("%s:%d " \ + "N2 transfer message duplicated. Overwritten", \ + amf_ue->supi, (__sESS)->psi); \ ogs_pkbuf_free((__sESS)->transfer.__n2Type); \ } \ (__sESS)->transfer.__n2Type = __n2Buf; \ @@ -733,18 +756,21 @@ #define AMF_SESS_STORE_5GSM_MESSAGE(__sESS, __tYPE, __n1Buf, __n2Buf) \ do { \ + amf_ue_t *amf_ue = NULL; \ ogs_assert(__sESS); \ - ogs_assert((__sESS)->amf_ue); \ + amf_ue = amf_ue_find_by_id((__sESS)->amf_ue_id); \ if ((__sESS)->gsm_message.n1buf) { \ - ogs_warn("%s:%d N1 message duplicated. Overwritten", \ - ((__sESS)->amf_ue)->supi, (__sESS)->psi); \ + if (amf_ue) \ + ogs_warn("%s:%d N1 message duplicated. Overwritten", \ + amf_ue->supi, (__sESS)->psi); \ ogs_pkbuf_free((__sESS)->gsm_message.n1buf); \ } \ (__sESS)->gsm_message.n1buf = __n1Buf; \ \ if ((__sESS)->gsm_message.n2buf) { \ - ogs_warn("%s:%d N2 message duplicated. Overwritten", \ - ((__sESS)->amf_ue)->supi, (__sESS)->psi); \ + if (amf_ue) \ + ogs_warn("%s:%d N2 message duplicated. Overwritten", \ + amf_ue->supi, (__sESS)->psi); \ ogs_pkbuf_free((__sESS)->gsm_message.n2buf); \ } \ (__sESS)->gsm_message.n2buf = __n2Buf; \ @@ -789,8 +815,8 @@ ogs_list_t bearer_list; /* Related Context */ - amf_ue_t *amf_ue; - ran_ue_t *ran_ue; + ogs_pool_id_t amf_ue_id; + ogs_pool_id_t ran_ue_id; ogs_s_nssai_t s_nssai; ogs_s_nssai_t mapped_hplmn; @@ -812,7 +838,7 @@ amf_gnb_t *amf_gnb_find_by_gnb_id(uint32_t gnb_id); int amf_gnb_set_gnb_id(amf_gnb_t *gnb, uint32_t gnb_id); int amf_gnb_sock_type(ogs_sock_t *sock); -amf_gnb_t *amf_gnb_cycle(amf_gnb_t *gnb); +amf_gnb_t *amf_gnb_find_by_id(ogs_pool_id_t id); ran_ue_t *ran_ue_add(amf_gnb_t *gnb, uint64_t ran_ue_ngap_id); void ran_ue_remove(ran_ue_t *ran_ue); @@ -821,7 +847,7 @@ amf_gnb_t *gnb, uint64_t ran_ue_ngap_id); ran_ue_t *ran_ue_find(uint32_t index); ran_ue_t *ran_ue_find_by_amf_ue_ngap_id(uint64_t amf_ue_ngap_id); -ran_ue_t *ran_ue_cycle(ran_ue_t *ran_ue); +ran_ue_t *ran_ue_find_by_id(ogs_pool_id_t id); void amf_ue_new_guti(amf_ue_t *amf_ue); void amf_ue_confirm_guti(amf_ue_t *amf_ue); @@ -924,8 +950,8 @@ amf_sess_t *amf_sess_find_by_psi(amf_ue_t *amf_ue, uint8_t psi); amf_sess_t *amf_sess_find_by_dnn(amf_ue_t *amf_ue, char *dnn); -amf_ue_t *amf_ue_cycle(amf_ue_t *amf_ue); -amf_sess_t *amf_sess_cycle(amf_sess_t *sess); +amf_ue_t *amf_ue_find_by_id(ogs_pool_id_t id); +amf_sess_t *amf_sess_find_by_id(ogs_pool_id_t id); void amf_sbi_select_nf( ogs_sbi_object_t *sbi_object,
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/event.h
Changed
@@ -74,11 +74,10 @@ ogs_nas_5gs_message_t *message; } nas; - amf_gnb_t *gnb; - ran_ue_t *ran_ue; - amf_ue_t *amf_ue; - amf_sess_t *sess; - amf_bearer_t *bearer; + ogs_pool_id_t gnb_id; + ogs_pool_id_t ran_ue_id; + ogs_pool_id_t amf_ue_id; + ogs_pool_id_t sess_id; ogs_timer_t *timer; } amf_event_t;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/gmm-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/gmm-build.c
Changed
@@ -636,7 +636,7 @@ ogs_nas_gprs_timer_3_t *back_off_timer_value = NULL; ogs_assert(sess); - amf_ue = sess->amf_ue; + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); ogs_assert(payload_container_type); ogs_assert(payload_container);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/gmm-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/gmm-handler.c
Changed
@@ -50,7 +50,7 @@ ogs_nas_ue_security_capability_t *ue_security_capability = NULL; ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_assert(registration_request); @@ -632,7 +632,7 @@ ogs_nas_key_set_identifier_t *ngksi = NULL; ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ngksi = &service_request->ngksi; @@ -850,7 +850,7 @@ ogs_nas_de_registration_type_t *de_registration_type = NULL; ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_assert(deregistration_request); @@ -974,7 +974,7 @@ ogs_assert(identity_response); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_assert(identity_response); @@ -1040,7 +1040,7 @@ ogs_nas_mobile_identity_imeisv_t *mobile_identity_imeisv = NULL; ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_assert(security_mode_complete); @@ -1139,8 +1139,8 @@ ogs_nas_dnn_t *dnn = NULL; ogs_nas_5gsm_header_t *gsm_header = NULL; - ogs_assert(amf_ue_cycle(amf_ue)); - ogs_assert(ran_ue_cycle(ran_ue)); + ogs_assert(amf_ue); + ogs_assert(ran_ue); ogs_assert(ul_nas_transport); payload_container_type = &ul_nas_transport->payload_container_type;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/gmm-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/gmm-sm.c
Changed
@@ -74,12 +74,12 @@ amf_sm_debug(e); - if (e->sess) { - sess = e->sess; - amf_ue = sess->amf_ue; + sess = amf_sess_find_by_id(e->sess_id); + if (sess) { + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); } else { - amf_ue = e->amf_ue; + amf_ue = amf_ue_find_by_id(e->amf_ue_id); ogs_assert(amf_ue); } @@ -575,7 +575,7 @@ xact_count = amf_sess_xact_count(amf_ue); amf_sbi_send_release_all_sessions( - amf_ue->ran_ue, amf_ue, + ran_ue_find_by_id(amf_ue->ran_ue_id), amf_ue, AMF_RELEASE_SM_CONTEXT_NO_STATE); if (!AMF_SESSION_RELEASE_PENDING(amf_ue) && @@ -630,12 +630,12 @@ amf_sm_debug(e); - if (e->sess) { - sess = e->sess; - amf_ue = sess->amf_ue; + sess = amf_sess_find_by_id(e->sess_id); + if (sess) { + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); } else { - amf_ue = e->amf_ue; + amf_ue = amf_ue_find_by_id(e->amf_ue_id); ogs_assert(amf_ue); } @@ -1142,7 +1142,7 @@ if (amf_ue->explict_de_registered.n1_done == true) { r = ngap_send_ran_ue_context_release_command( - amf_ue->ran_ue, + ran_ue_find_by_id(amf_ue->ran_ue_id), NGAP_Cause_PR_misc, NGAP_CauseMisc_om_intervention, NGAP_UE_CTX_REL_UE_CONTEXT_REMOVE, 0); @@ -1194,12 +1194,12 @@ ogs_assert(e); - if (e->sess) { - sess = e->sess; - amf_ue = sess->amf_ue; + sess = amf_sess_find_by_id(e->sess_id); + if (sess) { + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); } else { - amf_ue = e->amf_ue; + amf_ue = amf_ue_find_by_id(e->amf_ue_id); ogs_assert(amf_ue); } @@ -1208,7 +1208,7 @@ nas_message = e->nas.message; ogs_assert(nas_message); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); h.type = e->nas.type; @@ -1618,12 +1618,12 @@ amf_sm_debug(e); - if (e->sess) { - sess = e->sess; - amf_ue = sess->amf_ue; + sess = amf_sess_find_by_id(e->sess_id); + if (sess) { + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); } else { - amf_ue = e->amf_ue; + amf_ue = amf_ue_find_by_id(e->amf_ue_id); ogs_assert(amf_ue); } @@ -1636,7 +1636,7 @@ nas_message = e->nas.message; ogs_assert(nas_message); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); h.type = e->nas.type; @@ -1908,7 +1908,7 @@ amf_sm_debug(e); - amf_ue = e->amf_ue; + amf_ue = amf_ue_find_by_id(e->amf_ue_id); ogs_assert(amf_ue); switch (e->h.id) { @@ -1924,7 +1924,7 @@ nas_message = e->nas.message; ogs_assert(nas_message); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); h.type = e->nas.type; @@ -2068,7 +2068,8 @@ if (amf_ue->t3560.retry_count >= amf_timer_cfg(AMF_TIMER_T3560)->max_count) { ogs_warn("%s Retransmission failed. Stop", amf_ue->supi); - r = nas_5gs_send_gmm_reject(amf_ue->ran_ue, amf_ue, + r = nas_5gs_send_gmm_reject( + ran_ue_find_by_id(amf_ue->ran_ue_id), amf_ue, OGS_5GMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -2112,12 +2113,12 @@ amf_sm_debug(e); - if (e->sess) { - sess = e->sess; - amf_ue = sess->amf_ue; + sess = amf_sess_find_by_id(e->sess_id); + if (sess) { + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); } else { - amf_ue = e->amf_ue; + amf_ue = amf_ue_find_by_id(e->amf_ue_id); ogs_assert(amf_ue); } @@ -2143,7 +2144,7 @@ ogs_error("%s HTTP response error %d", amf_ue->supi, sbi_message->res_status); r = nas_5gs_send_gmm_reject( - amf_ue->ran_ue, amf_ue, + ran_ue_find_by_id(amf_ue->ran_ue_id), amf_ue, OGS_5GMM_CAUSE_5GS_SERVICES_NOT_ALLOWED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -2188,7 +2189,7 @@ ogs_error("%s HTTP response error %d", amf_ue->supi, sbi_message->res_status); r = nas_5gs_send_gmm_reject( - amf_ue->ran_ue, amf_ue, + ran_ue_find_by_id(amf_ue->ran_ue_id), amf_ue, OGS_5GMM_CAUSE_5GS_SERVICES_NOT_ALLOWED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -2275,7 +2276,7 @@ nas_message = e->nas.message; ogs_assert(nas_message); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); h.type = e->nas.type; @@ -2459,12 +2460,12 @@ amf_sm_debug(e); - if (e->sess) { - sess = e->sess; - amf_ue = sess->amf_ue; + sess = amf_sess_find_by_id(e->sess_id); + if (sess) { + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); } else { - amf_ue = e->amf_ue; + amf_ue = amf_ue_find_by_id(e->amf_ue_id); ogs_assert(amf_ue); } @@ -2497,12 +2498,12 @@ amf_sm_debug(e); - if (e->sess) { - sess = e->sess; - amf_ue = sess->amf_ue; + sess = amf_sess_find_by_id(e->sess_id); + if (sess) { + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); } else { - amf_ue = e->amf_ue; + amf_ue = amf_ue_find_by_id(e->amf_ue_id); ogs_assert(amf_ue); } @@ -2516,7 +2517,8 @@ xact_count = amf_sess_xact_count(amf_ue); amf_sbi_send_release_all_sessions( - amf_ue->ran_ue, amf_ue, AMF_RELEASE_SM_CONTEXT_NO_STATE); + ran_ue_find_by_id(amf_ue->ran_ue_id), amf_ue, + AMF_RELEASE_SM_CONTEXT_NO_STATE); if (!AMF_SESSION_RELEASE_PENDING(amf_ue) && amf_sess_xact_count(amf_ue) == xact_count) { @@ -2534,7 +2536,7 @@ nas_message = e->nas.message; ogs_assert(nas_message); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); h.type = e->nas.type;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/namf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/namf-handler.c
Changed
@@ -177,7 +177,7 @@ * 4.3.2 PDU Session Establishment * ***********************************/ - ran_ue = ran_ue_cycle(sess->ran_ue); + ran_ue = ran_ue_find_by_id(sess->ran_ue_id); if (ran_ue) { if (sess->pdu_session_establishment_accept) { ogs_pkbuf_free(sess->pdu_session_establishment_accept); @@ -480,7 +480,8 @@ ogs_error("%d:%d PDU session establishment reject", sess->psi, sess->pti); - r = nas_5gs_send_gsm_reject(sess->ran_ue, sess, + r = nas_5gs_send_gsm_reject( + ran_ue_find_by_id(sess->ran_ue_id), sess, OGS_NAS_PAYLOAD_CONTAINER_N1_SM_INFORMATION, n1buf); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -1003,7 +1004,7 @@ } if (amf_ue) { - ran_ue_t *ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue_t *ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { ogs_error("NG context has already been removed"); /* ran_ue is required for amf_ue_is_rat_restricted() */ @@ -1092,6 +1093,7 @@ ogs_sbi_response_t *response = NULL; ogs_sbi_message_t sendmsg; amf_ue_t *amf_ue = NULL; + ran_ue_t *ran_ue = NULL; OpenAPI_ambr_t *UeAmbr = NULL; OpenAPI_list_t *MmContextList = NULL; @@ -1246,8 +1248,9 @@ * Context TRANSFERRED !!! * So, we removed UE context. */ - if (amf_ue->ran_ue) - ran_ue_remove(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (ran_ue) + ran_ue_remove(ran_ue); amf_ue_remove(amf_ue); return OGS_OK;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/nas-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/nas-path.c
Changed
@@ -25,16 +25,22 @@ int nas_5gs_send_to_gnb(amf_ue_t *amf_ue, ogs_pkbuf_t *pkbuf) { int rv; + ran_ue_t *ran_ue = NULL; ogs_assert(pkbuf); - amf_ue = amf_ue_cycle(amf_ue); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); ogs_pkbuf_free(pkbuf); return OGS_NOTFOUND; } - rv = ngap_send_to_ran_ue(amf_ue->ran_ue, pkbuf); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s RAN-NG Context has already been removed", amf_ue->suci); + return OGS_NOTFOUND; + } + + rv = ngap_send_to_ran_ue(ran_ue, pkbuf); ogs_expect(rv == OGS_OK); return rv; @@ -46,7 +52,7 @@ int rv; ogs_pkbuf_t *ngapbuf = NULL; - ogs_assert(ran_ue_cycle(ran_ue)); + ogs_assert(ran_ue); ogs_assert(pkbuf); ngapbuf = ngap_build_downlink_nas_transport(ran_ue, pkbuf, false, false); @@ -71,14 +77,14 @@ ogs_pkbuf_t *ngapbuf = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { - ogs_error("NG context has already been removed"); + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -177,8 +183,8 @@ int rv; ogs_pkbuf_t *gmmbuf = NULL; - ogs_assert(ran_ue_cycle(ran_ue)); - ogs_assert(amf_ue_cycle(amf_ue)); + ogs_assert(ran_ue); + ogs_assert(amf_ue); switch (amf_ue->nas.registration.value) { case OGS_NAS_5GS_REGISTRATION_TYPE_INITIAL: @@ -225,14 +231,14 @@ ogs_pkbuf_t *gmmbuf = NULL; ogs_pkbuf_t *ngapbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { - ogs_error("NG context has already been removed"); + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -289,7 +295,7 @@ rv = nas_5gs_send_to_gnb(amf_ue, ngapbuf); ogs_expect(rv == OGS_OK); } else { - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); ogs_expect(rv == OGS_OK); } } @@ -303,8 +309,8 @@ int rv; ogs_pkbuf_t *gmmbuf = NULL; - ogs_assert(ran_ue_cycle(ran_ue)); - ogs_assert(amf_ue_cycle(amf_ue)); + ogs_assert(ran_ue); + ogs_assert(amf_ue); ogs_debug("%s Service reject", amf_ue->supi); @@ -327,14 +333,14 @@ ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { - ogs_error("NG context has already been removed"); + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -349,7 +355,7 @@ return OGS_ERROR; } - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); if (rv != OGS_OK) { ogs_error("nas_5gs_send_to_downlink_nas_transport() failed"); return rv; @@ -374,14 +380,14 @@ ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { - ogs_error("NG context has already been removed"); + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -407,7 +413,7 @@ ogs_timer_start(amf_ue->t3522.timer, amf_timer_cfg(AMF_TIMER_T3522)->duration); - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -416,15 +422,17 @@ int nas_5gs_send_identity_request(amf_ue_t *amf_ue) { int rv; + ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!ran_ue_cycle(amf_ue->ran_ue)) { - ogs_error("NG context has already been removed"); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -449,7 +457,7 @@ ogs_timer_start(amf_ue->t3570.timer, amf_timer_cfg(AMF_TIMER_T3570)->duration); - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -458,15 +466,17 @@ int nas_5gs_send_authentication_request(amf_ue_t *amf_ue) { int rv; + ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!ran_ue_cycle(amf_ue->ran_ue)) { - ogs_error("NG context has already been removed"); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -493,7 +503,7 @@ amf_metrics_inst_global_inc(AMF_METR_GLOB_CTR_AMF_AUTH_REQ); - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -502,15 +512,17 @@ int nas_5gs_send_authentication_reject(amf_ue_t *amf_ue) { int rv; + ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!ran_ue_cycle(amf_ue->ran_ue)) { - ogs_error("NG context has already been removed"); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -524,7 +536,7 @@ amf_metrics_inst_global_inc(AMF_METR_GLOB_CTR_AMF_AUTH_REJECT); - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -533,15 +545,17 @@ int nas_5gs_send_security_mode_command(amf_ue_t *amf_ue) { int rv; + ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!ran_ue_cycle(amf_ue->ran_ue)) { - ogs_error("NG context has already been removed"); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -566,7 +580,7 @@ ogs_timer_start(amf_ue->t3560.timer, amf_timer_cfg(AMF_TIMER_T3560)->duration); - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -576,15 +590,17 @@ amf_ue_t *amf_ue, gmm_configuration_update_command_param_t *param) { int rv; + ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!ran_ue_cycle(amf_ue->ran_ue)) { - ogs_error("NG context has already been removed"); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -627,7 +643,7 @@ amf_metrics_inst_global_inc(AMF_METR_GLOB_CTR_MM_CONF_UPDATE); - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -645,16 +661,16 @@ ogs_pkbuf_t *ngapbuf = NULL; ogs_assert(sess); - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); if (n1smbuf) ogs_pkbuf_free(n1smbuf); ogs_pkbuf_free(n2smbuf); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { - ogs_warn("NG context has already been removed"); + ogs_error("%s NG context has already been removed", amf_ue->supi); if (n1smbuf) ogs_pkbuf_free(n1smbuf); ogs_pkbuf_free(n2smbuf); return OGS_NOTFOUND; @@ -709,16 +725,16 @@ ogs_pkbuf_t *ngapbuf = NULL; ogs_assert(sess); - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); if (n1smbuf) ogs_pkbuf_free(n1smbuf); ogs_pkbuf_free(n2smbuf); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { - ogs_warn("%s NG context has already been removed", amf_ue->supi); + ogs_error("%s NG context has already been removed", amf_ue->supi); if (n1smbuf) ogs_pkbuf_free(n1smbuf); ogs_pkbuf_free(n2smbuf); return OGS_NOTFOUND; @@ -770,16 +786,16 @@ ogs_assert(n2smbuf); ogs_assert(sess); - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); if (n1smbuf) ogs_pkbuf_free(n1smbuf); ogs_pkbuf_free(n2smbuf); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { - ogs_warn("NG context has already been removed"); + ogs_error("%s NG context has already been removed", amf_ue->supi); if (n1smbuf) ogs_pkbuf_free(n1smbuf); ogs_pkbuf_free(n2smbuf); return OGS_NOTFOUND; @@ -862,15 +878,17 @@ int nas_5gs_send_gmm_status(amf_ue_t *amf_ue, ogs_nas_5gmm_cause_t cause) { int rv; + ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *gmmbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!ran_ue_cycle(amf_ue->ran_ue)) { - ogs_error("NG context has already been removed"); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; } @@ -882,7 +900,7 @@ return OGS_ERROR; } - rv = nas_5gs_send_to_downlink_nas_transport(amf_ue->ran_ue, gmmbuf); + rv = nas_5gs_send_to_downlink_nas_transport(ran_ue, gmmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -893,13 +911,11 @@ { int rv; - amf_ue = amf_ue_cycle(amf_ue); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(ran_ue); if (!ran_ue) { ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; @@ -950,11 +966,17 @@ int nas_5gs_send_gmm_reject_from_sbi(amf_ue_t *amf_ue, int status) { int rv; + ran_ue_t *ran_ue = NULL; ogs_assert(amf_ue); - rv = nas_5gs_send_gmm_reject( - amf_ue->ran_ue, amf_ue, gmm_cause_from_sbi(status)); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { + ogs_error("%s NG context has already been removed", amf_ue->supi); + return OGS_NOTFOUND; + } + + rv = nas_5gs_send_gmm_reject(ran_ue, amf_ue, gmm_cause_from_sbi(status)); ogs_expect(rv == OGS_OK); return rv; @@ -969,20 +991,17 @@ ogs_pkbuf_t *gmmbuf = NULL; amf_ue_t *amf_ue = NULL; - ogs_assert(sess); - sess = amf_sess_cycle(sess); if (!sess) { ogs_error("Session has already been removed"); return OGS_NOTFOUND; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(ran_ue); if (!ran_ue) { ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; @@ -1025,19 +1044,18 @@ amf_ue_t *amf_ue = NULL; ogs_assert(sess); - sess = amf_sess_cycle(sess); + if (!sess) { ogs_error("Session has already been removed"); return OGS_NOTFOUND; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(ran_ue); if (!ran_ue) { ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; @@ -1061,20 +1079,17 @@ ogs_pkbuf_t *pbuf = NULL; amf_ue_t *amf_ue = NULL; - ogs_assert(sess); - sess = amf_sess_cycle(sess); if (!sess) { ogs_error("Session has already been removed"); return OGS_NOTFOUND; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(ran_ue); if (!ran_ue) { ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/ngap-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/ngap-build.c
Changed
@@ -313,9 +313,8 @@ NGAP_AllowedNSSAI_t *AllowedNSSAI = NULL; ogs_assert(gmmbuf); - ran_ue = ran_ue_cycle(ran_ue); ogs_assert(ran_ue); - amf_ue = amf_ue_cycle(ran_ue->amf_ue); + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); ogs_assert(amf_ue); ogs_debug("DownlinkNASTransport"); @@ -470,9 +469,8 @@ NGAP_MaskedIMEISV_t *MaskedIMEISV = NULL; NGAP_NAS_PDU_t *NAS_PDU = NULL; - amf_ue = amf_ue_cycle(amf_ue); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_debug("InitialContextSetupRequest(UE)"); @@ -781,9 +779,8 @@ NGAP_UESecurityCapabilities_t *UESecurityCapabilities = NULL; NGAP_SecurityKey_t *SecurityKey = NULL; - amf_ue = amf_ue_cycle(amf_ue); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_debug("UEContextModificationRequest(UE)"); @@ -932,9 +929,8 @@ NGAP_MaskedIMEISV_t *MaskedIMEISV = NULL; ogs_assert(sess); - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(ran_ue); ogs_assert(ran_ue); ogs_debug("InitialContextSetupRequest(Session)"); @@ -1222,7 +1218,6 @@ NGAP_UE_NGAP_IDs_t *UE_NGAP_IDs = NULL; NGAP_Cause_t *Cause = NULL; - ran_ue = ran_ue_cycle(ran_ue); ogs_assert(ran_ue); ogs_debug("UEContextReleaseCommand"); @@ -1298,9 +1293,8 @@ NGAP_PDUSessionResourceSetupListSUReq_t *PDUSessionList = NULL; NGAP_PDUSessionResourceSetupItemSUReq_t *PDUSessionItem = NULL; - amf_ue = amf_ue_cycle(amf_ue); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_debug("PDUSessionResourceSetupRequest(UE)"); @@ -1466,9 +1460,8 @@ ogs_assert(n2smbuf); ogs_assert(sess); - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(ran_ue); ogs_assert(ran_ue); ogs_debug("PDUSessionResourceSetupRequest(Session)"); @@ -1609,9 +1602,9 @@ ogs_assert(n2smbuf); ogs_assert(sess); - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_debug("PDUSessionResourceModifyRequest"); @@ -1709,9 +1702,9 @@ ogs_assert(n2smbuf); ogs_assert(sess); - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_debug("PDUSessionResourceReleaseCommand"); @@ -1815,7 +1808,6 @@ NGAP_TAIListForPagingItem_t *TAIItem = NULL; NGAP_TAI_t *tAI = NULL; - amf_ue = amf_ue_cycle(amf_ue); ogs_assert(amf_ue); ogs_debug("Paging"); @@ -1942,9 +1934,8 @@ NGAP_PDUSessionResourceSwitchedList_t *PDUSessionResourceSwitchedList; NGAP_AllowedNSSAI_t *AllowedNSSAI = NULL; - amf_ue = amf_ue_cycle(amf_ue); ogs_assert(amf_ue); - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); ogs_assert(ran_ue); ogs_debug("PathSwitchAcknowledge"); @@ -2110,9 +2101,8 @@ *SourceToTarget_TransparentContainer = NULL; NGAP_GUAMI_t *GUAMI = NULL; - target_ue = ran_ue_cycle(target_ue); ogs_assert(target_ue); - amf_ue = amf_ue_cycle(target_ue->amf_ue); + amf_ue = amf_ue_find_by_id(target_ue->amf_ue_id); ogs_assert(amf_ue); ogs_debug("HandoverRequest"); @@ -2410,7 +2400,6 @@ NGAP_RAN_UE_NGAP_ID_t *RAN_UE_NGAP_ID = NULL; NGAP_Cause_t *Cause = NULL; - source_ue = ran_ue_cycle(source_ue); ogs_assert(source_ue); ogs_assert(cause); @@ -2495,9 +2484,8 @@ NGAP_TargetToSource_TransparentContainer_t *TargetToSource_TransparentContainer = NULL; - source_ue = ran_ue_cycle(source_ue); ogs_assert(source_ue); - amf_ue = amf_ue_cycle(source_ue->amf_ue); + amf_ue = amf_ue_find_by_id(source_ue->amf_ue_id); ogs_assert(amf_ue); ogs_debug("HandoverCommand"); @@ -2614,7 +2602,6 @@ NGAP_AMF_UE_NGAP_ID_t *AMF_UE_NGAP_ID = NULL; NGAP_RAN_UE_NGAP_ID_t *RAN_UE_NGAP_ID = NULL; - source_ue = ran_ue_cycle(source_ue); ogs_assert(source_ue); ogs_debug("HandoverCancelAcknowledge"); @@ -2680,7 +2667,6 @@ NGAP_RANStatusTransfer_TransparentContainer_t *RANStatusTransfer_TransparentContainer = NULL; - target_ue = ran_ue_cycle(target_ue); ogs_assert(target_ue); ogs_assert(transfer);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/ngap-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/ngap-handler.c
Changed
@@ -696,7 +696,7 @@ return; } - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -783,6 +783,7 @@ int i, r; ran_ue_t *ran_ue = NULL; + amf_ue_t *amf_ue = NULL; uint64_t amf_ue_ngap_id; NGAP_InitiatingMessage_t *initiatingMessage = NULL; @@ -872,9 +873,9 @@ return; } - if (ran_ue->amf_ue) - OGS_ASN_STORE_DATA(&ran_ue->amf_ue->ueRadioCapability, - UERadioCapability); + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); + if (amf_ue) + OGS_ASN_STORE_DATA(&amf_ue->ueRadioCapability, UERadioCapability); } void ngap_handle_initial_context_setup_response( @@ -969,7 +970,7 @@ ran_ue->initial_context_setup_response_received = true; - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -1268,7 +1269,7 @@ * may in principle be adopted. The RAN should ensure * that no hanging resources remain at the RAN. */ - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (amf_ue) { /* * if T3550 is running, Registration complete will be sent. @@ -1569,7 +1570,7 @@ break; } - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -1720,12 +1721,7 @@ ogs_assert(ran_ue); - if (ran_ue_cycle(ran_ue) == NULL) { - ogs_error("NG context has already been removed"); - return; - } - - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); ogs_info("UE Context Release Action:%d", ran_ue->ue_ctx_rel_action); ogs_info(" RAN_UE_NGAP_ID%lld AMF_UE_NGAP_ID%lld", @@ -1821,12 +1817,14 @@ ogs_error("No UE(amf-ue) context"); return; } - if (!amf_ue->ran_ue) { + + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); + if (!ran_ue) { ogs_error("No NG context"); return; } - r = ngap_send_handover_cancel_ack(amf_ue->ran_ue); + r = ngap_send_handover_cancel_ack(ran_ue); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); break; @@ -1945,7 +1943,7 @@ (long long)ran_ue->ran_ue_ngap_id, (long long)ran_ue->amf_ue_ngap_id); - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -2267,7 +2265,7 @@ (long long)ran_ue->ran_ue_ngap_id, (long long)ran_ue->amf_ue_ngap_id); - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -2454,7 +2452,7 @@ (long long)ran_ue->ran_ue_ngap_id, (long long)ran_ue->amf_ue_ngap_id); - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -2802,7 +2800,7 @@ return; } - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -3133,7 +3131,7 @@ (long long)source_ue->ran_ue_ngap_id, (long long)source_ue->amf_ue_ngap_id); - amf_ue = source_ue->amf_ue; + amf_ue = amf_ue_find_by_id(source_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -3251,7 +3249,7 @@ return; } - target_ue = ran_ue_cycle(source_ue->target_ue); + target_ue = ran_ue_find_by_id(source_ue->target_ue_id); if (target_ue) { /* * Issue #3014 @@ -3521,7 +3519,7 @@ target_ue->ran_ue_ngap_id = *RAN_UE_NGAP_ID; - source_ue = target_ue->source_ue; + source_ue = ran_ue_find_by_id(target_ue->source_ue_id); if (!source_ue) { ogs_error("Cannot find Source-UE Context %lld", (long long)amf_ue_ngap_id); @@ -3533,7 +3531,7 @@ ogs_assert(r != OGS_ERROR); return; } - amf_ue = target_ue->amf_ue; + amf_ue = amf_ue_find_by_id(target_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -3728,7 +3726,7 @@ return; } - source_ue = target_ue->source_ue; + source_ue = ran_ue_find_by_id(target_ue->source_ue_id); if (!source_ue) { ogs_error("Cannot find Source-UE Context %lld", (long long)amf_ue_ngap_id); @@ -3853,7 +3851,7 @@ return; } - target_ue = source_ue->target_ue; + target_ue = ran_ue_find_by_id(source_ue->target_ue_id); if (!target_ue) { ogs_error("Cannot find Source-UE Context %lld", (long long)amf_ue_ngap_id); @@ -3865,7 +3863,7 @@ ogs_assert(r != OGS_ERROR); return; } - amf_ue = source_ue->amf_ue; + amf_ue = amf_ue_find_by_id(source_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -4005,7 +4003,7 @@ return; } - target_ue = source_ue->target_ue; + target_ue = ran_ue_find_by_id(source_ue->target_ue_id); if (!target_ue) { ogs_error("Cannot find Source-UE Context %lld", (long long)amf_ue_ngap_id); @@ -4017,7 +4015,7 @@ ogs_assert(r != OGS_ERROR); return; } - amf_ue = source_ue->amf_ue; + amf_ue = amf_ue_find_by_id(source_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -4127,7 +4125,7 @@ return; } - source_ue = target_ue->source_ue; + source_ue = ran_ue_find_by_id(target_ue->source_ue_id); if (!source_ue) { ogs_error("Cannot find Source-UE Context %lld", (long long)amf_ue_ngap_id); @@ -4139,7 +4137,7 @@ ogs_assert(r != OGS_ERROR); return; } - amf_ue = target_ue->amf_ue; + amf_ue = amf_ue_find_by_id(target_ue->amf_ue_id); if (!amf_ue) { ogs_error("Cannot find AMF-UE Context %lld", (long long)amf_ue_ngap_id); @@ -4663,7 +4661,7 @@ /* RAN_UE Context where PartOfNG_interface was requested */ ran_ue->part_of_ng_reset_requested = true; - amf_ue = ran_ue->amf_ue; + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); /* * Issues #1928 *
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/ngap-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/ngap-path.c
Changed
@@ -51,12 +51,7 @@ char bufOGS_ADDRSTRLEN; ogs_assert(pkbuf); - - if (!amf_gnb_cycle(gnb)) { - ogs_error("gNB has already been removed"); - ogs_pkbuf_free(pkbuf); - return OGS_NOTFOUND; - } + ogs_assert(gnb); ogs_assert(gnb->sctp.sock); if (gnb->sctp.sock->fd == INVALID_SOCKET) { @@ -83,15 +78,24 @@ int ngap_send_to_ran_ue(ran_ue_t *ran_ue, ogs_pkbuf_t *pkbuf) { int rv; + amf_gnb_t *gnb = NULL; + ogs_assert(pkbuf); - if (!ran_ue_cycle(ran_ue)) { + if (!ran_ue) { ogs_error("NG context has already been removed"); ogs_pkbuf_free(pkbuf); return OGS_NOTFOUND; } - rv = ngap_send_to_gnb(ran_ue->gnb, pkbuf, ran_ue->gnb_ostream_id); + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); + if (!gnb) { + ogs_error("%d gNB has already been removed", ran_ue->gnb_id); + ogs_pkbuf_free(pkbuf); + return OGS_NOTFOUND; + } + + rv = ngap_send_to_gnb(gnb, pkbuf, ran_ue->gnb_ostream_id); ogs_expect(rv == OGS_OK); return rv; @@ -112,8 +116,7 @@ ogs_app()->timer_mgr, amf_timer_ng_delayed_send, e); ogs_assert(e->timer); e->pkbuf = pkbuf; - e->ran_ue = ran_ue; - e->gnb = ran_ue->gnb; + e->ran_ue_id = ran_ue->id; ogs_timer_start(e->timer, duration); @@ -136,7 +139,7 @@ e = amf_event_new(AMF_EVENT_5GSM_MESSAGE); ogs_assert(e); - e->amf_ue = amf_ue; + e->amf_ue_id = amf_ue->id; e->pkbuf = esmbuf; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -153,6 +156,8 @@ { int rv; + amf_ue_t *amf_ue = NULL; + ogs_nas_5gs_security_header_t *sh = NULL; ogs_nas_security_header_type_t security_header_type; @@ -163,6 +168,8 @@ ogs_assert(ran_ue); ogs_assert(nasPdu); + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); + /* The Packet Buffer(pkbuf_t) for NAS message MUST make a HEADROOM. * When calculating AES_CMAC, we need to use the headroom of the packet. */ nasbuf = ogs_pkbuf_alloc(NULL, OGS_NAS_HEADROOM+nasPdu->size); @@ -204,8 +211,8 @@ return OGS_ERROR; } - if (ran_ue->amf_ue) { - if (nas_5gs_security_decode(ran_ue->amf_ue, + if (amf_ue) { + if (nas_5gs_security_decode(amf_ue, security_header_type, nasbuf) != OGS_OK) { ogs_error("nas_eps_security_decode failed()"); ran_ue_remove(ran_ue); @@ -249,7 +256,7 @@ ogs_pkbuf_free(nasbuf); return OGS_ERROR; } - e->ran_ue = ran_ue; + e->ran_ue_id = ran_ue->id; e->ngap.code = procedureCode; e->nas.type = security_header_type.type; e->pkbuf = nasbuf; @@ -262,7 +269,6 @@ return rv; } else if (h->extended_protocol_discriminator == OGS_NAS_EXTENDED_PROTOCOL_DISCRIMINATOR_5GSM) { - amf_ue_t *amf_ue = ran_ue->amf_ue; if (!amf_ue) { ogs_error("No UE Context"); ogs_pkbuf_free(nasbuf); @@ -288,12 +294,9 @@ int rv; ogs_pkbuf_t *ngap_buffer; - ogs_debug("NG-Setup response"); + ogs_assert(gnb); - if (!amf_gnb_cycle(gnb)) { - ogs_error("gNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("NG-Setup response"); ngap_buffer = ngap_build_ng_setup_response(); if (!ngap_buffer) { @@ -313,12 +316,9 @@ int rv; ogs_pkbuf_t *ngap_buffer; - ogs_debug("NG-Setup failure"); + ogs_assert(gnb); - if (!amf_gnb_cycle(gnb)) { - ogs_error("gNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("NG-Setup failure"); ngap_buffer = ngap_build_ng_setup_failure( group, cause, NGAP_TimeToWait_v10s); @@ -338,12 +338,9 @@ int rv; ogs_pkbuf_t *ngap_buffer; - ogs_debug("RANConfigurationUpdateAcknowledge"); + ogs_assert(gnb); - if (!amf_gnb_cycle(gnb)) { - ogs_error("gNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("RANConfigurationUpdateAcknowledge"); ngap_buffer = ngap_build_ran_configuration_update_ack(); if (!ngap_buffer) { @@ -363,12 +360,9 @@ int rv; ogs_pkbuf_t *ngap_buffer; - ogs_debug("RANConfigurationUpdateFailure"); + ogs_assert(gnb); - if (!amf_gnb_cycle(gnb)) { - ogs_error("gNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("RANConfigurationUpdateFailure"); ngap_buffer = ngap_build_ran_configuration_update_failure( group, cause, NGAP_TimeToWait_v10s); @@ -390,7 +384,7 @@ int rv; ogs_pkbuf_t *ngapbuf = NULL; - if (!ran_ue_cycle(ran_ue)) { + if (!ran_ue) { ogs_error("NG context has already been removed"); return OGS_NOTFOUND; } @@ -427,13 +421,14 @@ { int rv; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } rv = ngap_send_ran_ue_context_release_command( - amf_ue->ran_ue, group, cause, action, duration); + ran_ue_find_by_id(amf_ue->ran_ue_id), + group, cause, action, duration); ogs_expect(rv == OGS_OK); ogs_debug(" SUPI%s", amf_ue->supi); @@ -449,7 +444,7 @@ ogs_debug("NG-Paging"); - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } @@ -503,10 +498,7 @@ int rv; ogs_pkbuf_t *ngapbuf = NULL; - if (!amf_gnb_cycle(target_gnb)) { - ogs_error("gNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_assert(target_gnb); ogs_assert(transfer); ngapbuf = ngap_build_downlink_ran_configuration_transfer(transfer); @@ -529,20 +521,18 @@ ran_ue_t *ran_ue = NULL; ogs_pkbuf_t *ngapbuf = NULL; - ogs_assert(sess); - sess = amf_sess_cycle(sess); if (!sess) { ogs_error("Session has already been removed"); return OGS_NOTFOUND; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - ran_ue = ran_ue_cycle(amf_ue->ran_ue); + ran_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!ran_ue) { ogs_error("%s NG context has already been removed", amf_ue->supi); return OGS_NOTFOUND; @@ -567,18 +557,18 @@ ran_ue_t *source_ue = NULL, *target_ue = NULL; ogs_pkbuf_t *ngapbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - source_ue = ran_ue_cycle(amf_ue->ran_ue); + source_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!source_ue) { ogs_error("NG context has already been removed"); return OGS_NOTFOUND; } - target_ue = ran_ue_cycle(source_ue->target_ue); + target_ue = ran_ue_find_by_id(source_ue->target_ue_id); if (!target_ue) { ogs_error("NG context has already been removed"); return OGS_NOTFOUND; @@ -602,7 +592,7 @@ int rv; ogs_pkbuf_t *ngapbuf = NULL; - if (!ran_ue_cycle(source_ue)) { + if (!source_ue) { ogs_error("NG context has already been removed"); return OGS_NOTFOUND; } @@ -628,12 +618,12 @@ ran_ue_t *source_ue = NULL; ogs_pkbuf_t *ngapbuf = NULL; - if (!amf_ue_cycle(amf_ue)) { + if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); return OGS_NOTFOUND; } - source_ue = ran_ue_cycle(amf_ue->ran_ue); + source_ue = ran_ue_find_by_id(amf_ue->ran_ue_id); if (!source_ue) { ogs_error("NG context has already been removed"); return OGS_NOTFOUND; @@ -656,7 +646,7 @@ int rv; ogs_pkbuf_t *ngapbuf = NULL; - if (!ran_ue_cycle(source_ue)) { + if (!source_ue) { ogs_error("NG context has already been removed"); return OGS_NOTFOUND; } @@ -680,7 +670,7 @@ int rv; ogs_pkbuf_t *ngapbuf = NULL; - if (!ran_ue_cycle(target_ue)) { + if (!target_ue) { ogs_error("NG context has already been removed"); return OGS_NOTFOUND; } @@ -707,10 +697,7 @@ int rv; ogs_pkbuf_t *ngapbuf = NULL; - if (!amf_gnb_cycle(gnb)) { - ogs_error("gNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_assert(gnb); ngapbuf = ogs_ngap_build_error_indication( ran_ue_ngap_id, amf_ue_ngap_id, group, cause); @@ -729,15 +716,21 @@ ran_ue_t *ran_ue, NGAP_Cause_PR group, long cause) { int rv; + amf_gnb_t *gnb = NULL; - ran_ue = ran_ue_cycle(ran_ue); if (!ran_ue) { ogs_error("NG context has already been removed"); return OGS_NOTFOUND; } + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); + if (!gnb) { + ogs_error("%d gNB has already been removed", ran_ue->gnb_id); + return OGS_NOTFOUND; + } + rv = ngap_send_error_indication( - ran_ue->gnb, &ran_ue->ran_ue_ngap_id, &ran_ue->amf_ue_ngap_id, + gnb, &ran_ue->ran_ue_ngap_id, &ran_ue->amf_ue_ngap_id, group, cause); ogs_expect(rv == OGS_OK); @@ -751,10 +744,7 @@ int rv; ogs_pkbuf_t *ngapbuf = NULL; - if (!amf_gnb_cycle(gnb)) { - ogs_error("gNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_assert(gnb); ngapbuf = ogs_ngap_build_ng_reset_ack(partOfNG_Interface); if (!ngapbuf) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/ngap-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/ngap-sm.c
Changed
@@ -54,7 +54,7 @@ amf_sm_debug(e); - gnb = e->gnb; + gnb = amf_gnb_find_by_id(e->gnb_id); ogs_assert(gnb); switch (e->h.id) { @@ -191,10 +191,10 @@ case AMF_EVENT_NGAP_TIMER: switch (e->h.timer_id) { case AMF_TIMER_NG_DELAYED_SEND: - ogs_assert(e->ran_ue); ogs_assert(e->pkbuf); - r = ngap_send_to_ran_ue(e->ran_ue, e->pkbuf); + r = ngap_send_to_ran_ue( + ran_ue_find_by_id(e->ran_ue_id), e->pkbuf); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/nnrf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/nnrf-handler.c
Changed
@@ -84,13 +84,15 @@ ogs_error("%d:%d (NF discover) No %s", sess->psi, sess->pti, ogs_sbi_service_type_to_name(service_type)); if (sess->payload_container_type) { - r = nas_5gs_send_back_gsm_message(sess->ran_ue, sess, + r = nas_5gs_send_back_gsm_message( + ran_ue_find_by_id(sess->ran_ue_id), sess, OGS_5GMM_CAUSE_PAYLOAD_WAS_NOT_FORWARDED, AMF_NAS_BACKOFF_TIME); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); } else { - r = ngap_send_error_indication2(sess->ran_ue, + r = ngap_send_error_indication2( + ran_ue_find_by_id(sess->ran_ue_id), NGAP_Cause_PR_transport, NGAP_CauseTransport_transport_resource_unavailable); ogs_expect(r == OGS_OK);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/nnssf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/nnssf-handler.c
Changed
@@ -42,21 +42,20 @@ ogs_assert(recvmsg); ogs_assert(!SESSION_CONTEXT_IN_SMF(sess)); - sess = amf_sess_cycle(sess); if (!sess) { ogs_error("Session has already been removed"); return OGS_ERROR; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf_ue) Context has already been removed"); return OGS_ERROR; } - ran_ue = ran_ue_cycle(sess->ran_ue); + ran_ue = ran_ue_find_by_id(sess->ran_ue_id); if (!ran_ue) { - ogs_error("NG context has already been removed"); + ogs_error("%s RAN-NG Context has already been removed", amf_ue->supi); return OGS_ERROR; }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/npcf-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/npcf-build.c
Changed
@@ -38,7 +38,7 @@ ogs_assert(amf_ue); ogs_assert(amf_ue->supi); - ogs_assert(ran_ue_cycle(amf_ue->ran_ue)); + ogs_assert(ran_ue_find_by_id(amf_ue->ran_ue_id)); memset(&message, 0, sizeof(message)); message.h.method = (char *)OGS_SBI_HTTP_METHOD_POST;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/nsmf-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/nsmf-build.c
Changed
@@ -39,10 +39,10 @@ ogs_sbi_nf_instance_t *pcf_nf_instance = NULL; ogs_assert(sess); - amf_ue = sess->amf_ue; + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); ogs_assert(amf_ue->nas.access_type); - ogs_assert(ran_ue_cycle(amf_ue->ran_ue)); + ogs_assert(ran_ue_find_by_id(amf_ue->ran_ue_id)); memset(&message, 0, sizeof(message)); message.h.method = (char *)OGS_SBI_HTTP_METHOD_POST; @@ -274,7 +274,7 @@ ogs_assert(param); ogs_assert(sess); ogs_assert(sess->sm_context.resource_uri); - amf_ue = sess->amf_ue; + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); ogs_assert(amf_ue); memset(&message, 0, sizeof(message)); @@ -407,8 +407,6 @@ ogs_assert(sess); ogs_assert(sess->sm_context.resource_uri); - amf_ue = sess->amf_ue; - ogs_assert(amf_ue); memset(&message, 0, sizeof(message)); message.h.method = (char *)OGS_SBI_HTTP_METHOD_POST; @@ -432,6 +430,13 @@ } memset(&ueLocation, 0, sizeof(ueLocation)); + + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); + if (!amf_ue) { + ogs_error("UE(amf_ue) Context has already been removed"); + goto end; + } + ueLocation.nr_location = ogs_sbi_build_nr_location( &amf_ue->nr_tai, &amf_ue->nr_cgi); if (!ueLocation.nr_location) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/nsmf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/nsmf-handler.c
Changed
@@ -33,20 +33,19 @@ ran_ue_t *ran_ue = NULL; ogs_assert(recvmsg); - ogs_assert(sess); - sess = amf_sess_cycle(sess); + if (!sess) { ogs_error("Session has already been removed"); return OGS_ERROR; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf_ue) Context has already been removed"); return OGS_ERROR; } - ran_ue = ran_ue_cycle(sess->ran_ue); + ran_ue = ran_ue_find_by_id(sess->ran_ue_id); if (!ran_ue) { ogs_error("%s RAN-NG Context has already been removed", amf_ue->supi); return OGS_ERROR; @@ -255,20 +254,19 @@ ran_ue_t *ran_ue = NULL; ogs_assert(recvmsg); - ogs_assert(sess); - sess = amf_sess_cycle(sess); + if (!sess) { ogs_error("Session has already been removed"); return OGS_ERROR; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf_ue) Context has already been removed"); return OGS_ERROR; } - ran_ue = ran_ue_cycle(sess->ran_ue); + ran_ue = ran_ue_find_by_id(sess->ran_ue_id); if (recvmsg->res_status == OGS_SBI_HTTP_STATUS_NO_CONTENT || recvmsg->res_status == OGS_SBI_HTTP_STATUS_OK) { @@ -711,9 +709,9 @@ if (AMF_SESSION_SYNC_DONE(amf_ue, state)) { ran_ue_t *source_ue = NULL, *target_ue = NULL; - source_ue = sess->ran_ue; + source_ue = ran_ue_find_by_id(sess->ran_ue_id); ogs_assert(source_ue); - target_ue = ran_ue_cycle(source_ue->target_ue); + target_ue = ran_ue_find_by_id(source_ue->target_ue_id); if (target_ue) { r = ngap_send_ran_ue_context_release_command( target_ue, @@ -783,13 +781,14 @@ amf_ue_deassociate(amf_ue); if (ran_ue) { - amf_gnb_t *gnb = ran_ue->gnb; - ogs_assert(gnb); + amf_gnb_t *gnb = NULL; + + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); ogs_debug(" SUPI%s", amf_ue->supi); ran_ue_remove(ran_ue); - if (ogs_list_count(&gnb->ran_ue_list) == 0) { + if (gnb && ogs_list_count(&gnb->ran_ue_list) == 0) { r = ngap_send_ng_reset_ack(gnb, NULL); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -839,33 +838,35 @@ amf_ue_deassociate(amf_ue); if (ran_ue) { - amf_gnb_t *gnb = ran_ue->gnb; - ogs_assert(gnb); + amf_gnb_t *gnb = NULL; + + gnb = amf_gnb_find_by_id(ran_ue->gnb_id); ogs_debug(" SUPI%s", amf_ue->supi); ran_ue_remove(ran_ue); - ogs_list_for_each(&gnb->ran_ue_list, iter) { - if (iter->part_of_ng_reset_requested == true) { - /* The GNB_UE context - * where PartOfNG_interface was requested - * still remains */ - return OGS_OK; + if (gnb) { + ogs_list_for_each(&gnb->ran_ue_list, iter) { + if (iter->part_of_ng_reset_requested == true) { + /* The GNB_UE context + * where PartOfNG_interface was requested + * still remains */ + return OGS_OK; + } } - } - /* All GNB_UE context - * where PartOfNG_interface was requested - * REMOVED */ - ogs_assert(gnb->ng_reset_ack); - r = ngap_send_to_gnb( - gnb, gnb->ng_reset_ack, NGAP_NON_UE_SIGNALLING); - ogs_expect(r == OGS_OK); - ogs_assert(r != OGS_ERROR); - - /* Clear NG-Reset Ack Buffer */ - gnb->ng_reset_ack = NULL; + /* All GNB_UE context + * where PartOfNG_interface was requested + * REMOVED */ + ogs_assert(gnb->ng_reset_ack); + r = ngap_send_to_gnb( + gnb, gnb->ng_reset_ack, NGAP_NON_UE_SIGNALLING); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + /* Clear NG-Reset Ack Buffer */ + gnb->ng_reset_ack = NULL; + } } else { ogs_warn("%s RAN-NG Context has already been removed", amf_ue->supi); @@ -936,8 +937,16 @@ ogs_pkbuf_t *n2smbuf = NULL; #endif - amf_ue = sess->amf_ue; - ogs_assert(amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); + if (!amf_ue) { + ogs_error("%d:%d UE context has already been removed %d", + sess->psi, sess->pti, recvmsg->res_status); + r = ngap_send_error_indication2(ran_ue, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return OGS_ERROR; + } SmContextUpdateError = recvmsg->SmContextUpdateError; if (!SmContextUpdateError) { @@ -1072,20 +1081,18 @@ amf_ue_t *amf_ue = NULL; ran_ue_t *ran_ue = NULL; - ogs_assert(sess); - sess = amf_sess_cycle(sess); if (!sess) { ogs_error("Session has already been removed"); return OGS_ERROR; } - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf_ue) Context has already been removed"); return OGS_ERROR; } - ran_ue = ran_ue_cycle(sess->ran_ue); + ran_ue = ran_ue_find_by_id(sess->ran_ue_id); /* * To check if Reactivation Request has been used.
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/nudm-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/nudm-handler.c
Changed
@@ -144,7 +144,7 @@ if (amf_update_allowed_nssai(amf_ue) == false) { ogs_error("No Allowed-NSSAI"); r = nas_5gs_send_gmm_reject( - amf_ue->ran_ue, amf_ue, + ran_ue_find_by_id(amf_ue->ran_ue_id), amf_ue, OGS_5GMM_CAUSE_NO_NETWORK_SLICES_AVAILABLE); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -154,7 +154,7 @@ if (amf_ue_is_rat_restricted(amf_ue)) { ogs_error("Registration rejected due to RAT restrictions"); r = nas_5gs_send_gmm_reject( - amf_ue->ran_ue, amf_ue, + ran_ue_find_by_id(amf_ue->ran_ue_id), amf_ue, OGS_5GMM_CAUSE_5GS_SERVICES_NOT_ALLOWED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/sbi-path.c
Changed
@@ -127,7 +127,7 @@ } xact = ogs_sbi_xact_add( - &amf_ue->sbi, service_type, discovery_option, + amf_ue->id, &amf_ue->sbi, service_type, discovery_option, (ogs_sbi_build_f)build, amf_ue, data); if (!xact) { ogs_error("amf_ue_sbi_discover_and_send() failed"); @@ -169,21 +169,18 @@ ogs_assert(build); if (ran_ue) { - sess->ran_ue = ran_ue_cycle(ran_ue); - if (!sess->ran_ue) { - ogs_error("NG context has already been removed"); - return OGS_NOTFOUND; - } + sess->ran_ue_id = ran_ue->id; } else - sess->ran_ue = NULL; + sess->ran_ue_id = OGS_INVALID_POOL_ID; xact = ogs_sbi_xact_add( - &sess->sbi, service_type, discovery_option, + sess->id, &sess->sbi, service_type, discovery_option, (ogs_sbi_build_f)build, sess, data); if (!xact) { ogs_error("amf_sess_sbi_discover_and_send() failed"); - r = nas_5gs_send_back_gsm_message(sess->ran_ue, sess, - OGS_5GMM_CAUSE_PAYLOAD_WAS_NOT_FORWARDED, AMF_NAS_BACKOFF_TIME); + r = nas_5gs_send_back_gsm_message( + ran_ue_find_by_id(sess->ran_ue_id), sess, + OGS_5GMM_CAUSE_PAYLOAD_WAS_NOT_FORWARDED, AMF_NAS_BACKOFF_TIME); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); return OGS_ERROR; @@ -195,8 +192,9 @@ if (rv != OGS_OK) { ogs_error("amf_sess_sbi_discover_and_send() failed"); ogs_sbi_xact_remove(xact); - r = nas_5gs_send_back_gsm_message(sess->ran_ue, sess, - OGS_5GMM_CAUSE_PAYLOAD_WAS_NOT_FORWARDED, AMF_NAS_BACKOFF_TIME); + r = nas_5gs_send_back_gsm_message( + ran_ue_find_by_id(sess->ran_ue_id), sess, + OGS_5GMM_CAUSE_PAYLOAD_WAS_NOT_FORWARDED, AMF_NAS_BACKOFF_TIME); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); return rv; @@ -211,6 +209,7 @@ ogs_sbi_message_t message; ogs_sbi_xact_t *xact = NULL; + ogs_pool_id_t xact_id = OGS_INVALID_POOL_ID; ogs_sbi_service_type_e service_type = OGS_SBI_SERVICE_TYPE_NULL; OpenAPI_nf_type_e requester_nf_type = OpenAPI_nf_type_NULL; ogs_sbi_discovery_option_t *discovery_option = NULL; @@ -218,10 +217,10 @@ ran_ue_t *ran_ue = NULL; amf_sess_t *sess = NULL; - xact = data; - ogs_assert(xact); + xact_id = OGS_POINTER_TO_UINT(data); + ogs_assert(xact_id >= OGS_MIN_POOL_ID && xact_id <= OGS_MAX_POOL_ID); - xact = ogs_sbi_xact_cycle(xact); + xact = ogs_sbi_xact_find_by_id(xact_id); if (!xact) { ogs_error("SBI transaction has already been removed"); if (response) @@ -229,16 +228,13 @@ return OGS_ERROR; } - sess = (amf_sess_t *)xact->sbi_object; - ogs_assert(sess); - service_type = xact->service_type; ogs_assert(service_type); requester_nf_type = xact->requester_nf_type; ogs_assert(requester_nf_type); discovery_option = xact->discovery_option; - sess = amf_sess_cycle(sess); + sess = amf_sess_find_by_id(xact->sbi_object_id); if (!sess) { ogs_error("Session has already been removed"); ogs_sbi_xact_remove(xact); @@ -248,7 +244,7 @@ } ogs_assert(sess->sbi.type == OGS_SBI_OBJ_SESS_TYPE); - amf_ue = amf_ue_cycle(sess->amf_ue); + amf_ue = amf_ue_find_by_id(sess->amf_ue_id); if (!amf_ue) { ogs_error("UE(amf-ue) context has already been removed"); ogs_sbi_xact_remove(xact); @@ -256,7 +252,7 @@ ogs_sbi_response_free(response); return OGS_ERROR; } - ran_ue = ran_ue_cycle(sess->ran_ue); + ran_ue = ran_ue_find_by_id(sess->ran_ue_id); if (!ran_ue) { ogs_error("%s NG context has already been removed", amf_ue->supi); ogs_sbi_xact_remove(xact); @@ -367,16 +363,13 @@ ogs_sbi_service_type_to_name(service_type)); if (ran_ue) { - sess->ran_ue = ran_ue_cycle(ran_ue); - if (!sess->ran_ue) { - ogs_error("NG context has already been removed"); - return OGS_NOTFOUND; - } + sess->ran_ue_id = ran_ue->id; } else - sess->ran_ue = NULL; + sess->ran_ue_id = OGS_INVALID_POOL_ID; xact = ogs_sbi_xact_add( - &sess->sbi, service_type, discovery_option, NULL, NULL, NULL); + sess->id, &sess->sbi, + service_type, discovery_option, NULL, NULL, NULL); if (!xact) { ogs_error("ogs_sbi_xact_add() failed"); return OGS_ERROR; @@ -391,7 +384,8 @@ } return ogs_sbi_client_send_request( - client, client_discover_cb, xact->request, xact) == true ? OGS_OK : OGS_ERROR; + client, client_discover_cb, xact->request, + OGS_UINT_TO_POINTER(xact->id)) == true ? OGS_OK : OGS_ERROR; } void amf_sbi_send_activating_session( @@ -457,7 +451,7 @@ ogs_list_for_each_safe(&gnb->ran_ue_list, ran_ue_next, ran_ue) { int old_xact_count = 0, new_xact_count = 0; - amf_ue = amf_ue_cycle(ran_ue->amf_ue); + amf_ue = amf_ue_find_by_id(ran_ue->amf_ue_id); if (amf_ue) { old_xact_count = amf_sess_xact_count(amf_ue);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/amf/timer.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/amf/timer.c
Changed
@@ -49,9 +49,6 @@ { .have = true, .duration = ogs_time_from_sec(30) }, }; -static void gmm_timer_event_send( - amf_timer_e timer_id, amf_ue_t *amf_ue); - amf_timer_cfg_t *amf_timer_cfg(amf_timer_e id) { ogs_assert(id < MAX_NUM_OF_AMF_TIMER); @@ -124,16 +121,17 @@ } static void gmm_timer_event_send( - amf_timer_e timer_id, amf_ue_t *amf_ue) + amf_timer_e timer_id, void *data) { int rv; amf_event_t *e = NULL; - ogs_assert(amf_ue); + + ogs_assert(data); e = amf_event_new(AMF_EVENT_5GMM_TIMER); ogs_assert(e); e->h.timer_id = timer_id; - e->amf_ue = amf_ue; + e->amf_ue_id = OGS_POINTER_TO_UINT(data); rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -172,16 +170,14 @@ { int rv; amf_event_t *e = NULL; - ran_ue_t *ran_ue = NULL; ogs_assert(data); - ran_ue = data; e = amf_event_new(AMF_EVENT_NGAP_TIMER); ogs_assert(e); e->h.timer_id = AMF_TIMER_NG_HOLDING; - e->ran_ue = ran_ue; + e->ran_ue_id = OGS_POINTER_TO_UINT(data); rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/ausf/ausf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/ausf/ausf-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -39,6 +39,7 @@ int rv; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -46,8 +47,10 @@ ogs_sbi_response_t *response = NULL; ogs_sbi_message_t message; ogs_sbi_xact_t *sbi_xact = NULL; + ogs_pool_id_t sbi_xact_id = OGS_INVALID_POOL_ID; ausf_ue_t *ausf_ue = NULL; + ogs_pool_id_t ausf_ue_id = OGS_INVALID_POOL_ID; ausf_sm_debug(e); @@ -63,8 +66,16 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) { @@ -154,7 +165,7 @@ ogs_assert(OGS_FSM_STATE(&ausf_ue->sm)); - e->ausf_ue = ausf_ue; + e->ausf_ue_id = ausf_ue->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&ausf_ue->sm, e); if (OGS_FSM_CHECK(&ausf_ue->sm, ausf_ue_state_exception)) { @@ -267,8 +278,18 @@ CASE(OGS_SBI_SERVICE_NAME_NNRF_DISC) SWITCH(message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_NF_INSTANCES) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); + if (!sbi_xact) { + /* CLIENT_WAIT timer could remove SBI transaction + * before receiving SBI message */ + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); + break; + } SWITCH(message.h.method) CASE(OGS_SBI_HTTP_METHOD_GET) @@ -293,31 +314,36 @@ break; CASE(OGS_SBI_SERVICE_NAME_NUDM_UEAU) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - ausf_ue = (ausf_ue_t *)sbi_xact->sbi_object; - ogs_assert(ausf_ue); - - e->h.sbi.data = sbi_xact->assoc_stream; + ausf_ue_id = sbi_xact->sbi_object_id; + ogs_assert(ausf_ue_id >= OGS_MIN_POOL_ID && + ausf_ue_id <= OGS_MAX_POOL_ID); + + ogs_assert(sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID); + e->h.sbi.data = OGS_UINT_TO_POINTER(sbi_xact->assoc_stream_id); ogs_sbi_xact_remove(sbi_xact); - ausf_ue = ausf_ue_cycle(ausf_ue); + ausf_ue = ausf_ue_find_by_id(ausf_ue_id); if (!ausf_ue) { ogs_error("UE(ausf-ue) Context has already been removed"); break; } - e->ausf_ue = ausf_ue; + e->ausf_ue_id = ausf_ue->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&ausf_ue->sm, e); @@ -413,20 +439,32 @@ * 4. timer expiration event is processed. (double-free SBI xact) * * To avoid double-free SBI xact, - * we need to check ogs_sbi_xact_cycle() + * we need to check ogs_sbi_xact_find_by_id() */ - sbi_xact = ogs_sbi_xact_cycle(e->h.sbi.data); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - stream = sbi_xact->assoc_stream; - ogs_assert(stream); + ogs_assert(sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID); + stream = ogs_sbi_stream_find_by_id(sbi_xact->assoc_stream_id); ogs_sbi_xact_remove(sbi_xact); ogs_error("Cannot receive SBI message"); + + if (!stream) { + ogs_error("STREAM has alreadt been removed %d", + sbi_xact->assoc_stream_id); + break; + } ogs_assert(true == ogs_sbi_server_send_error(stream, OGS_SBI_HTTP_STATUS_GATEWAY_TIMEOUT, NULL,
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/ausf/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/ausf/context.c
Changed
@@ -131,13 +131,11 @@ ogs_assert(suci); - ogs_pool_alloc(&ausf_ue_pool, &ausf_ue); + ogs_pool_id_calloc(&ausf_ue_pool, &ausf_ue); if (!ausf_ue) { - ogs_error("ogs_pool_alloc() failed"); + ogs_error("ogs_pool_id_calloc() failed"); return NULL; } - ogs_assert(ausf_ue); - memset(ausf_ue, 0, sizeof *ausf_ue); ausf_ue->ctx_id = ogs_msprintf("%d", (int)ogs_pool_index(&ausf_ue_pool, ausf_ue)); @@ -148,7 +146,7 @@ ogs_hash_set(self.suci_hash, ausf_ue->suci, strlen(ausf_ue->suci), ausf_ue); memset(&e, 0, sizeof(e)); - e.ausf_ue = ausf_ue; + e.ausf_ue_id = ausf_ue->id; ogs_fsm_init(&ausf_ue->sm, ausf_ue_state_initial, ausf_ue_state_final, &e); ogs_list_add(&self.ausf_ue_list, ausf_ue); @@ -165,7 +163,7 @@ ogs_list_remove(&self.ausf_ue_list, ausf_ue); memset(&e, 0, sizeof(e)); - e.ausf_ue = ausf_ue; + e.ausf_ue_id = ausf_ue->id; ogs_fsm_fini(&ausf_ue->sm, &e); /* Free SBI object memory */ @@ -191,7 +189,7 @@ if (ausf_ue->serving_network_name) ogs_free(ausf_ue->serving_network_name); - ogs_pool_free(&ausf_ue_pool, ausf_ue); + ogs_pool_id_free(&ausf_ue_pool, ausf_ue); } void ausf_ue_remove_all(void) @@ -229,9 +227,9 @@ return ogs_pool_find(&ausf_ue_pool, atoll(ctx_id)); } -ausf_ue_t *ausf_ue_cycle(ausf_ue_t *ausf_ue) +ausf_ue_t *ausf_ue_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&ausf_ue_pool, ausf_ue); + return ogs_pool_find_by_id(&ausf_ue_pool, id); } int get_ue_load(void)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/ausf/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/ausf/context.h
Changed
@@ -44,6 +44,7 @@ struct ausf_ue_s { ogs_sbi_object_t sbi; + ogs_pool_id_t id; ogs_fsm_t sm; char *ctx_id; @@ -93,8 +94,8 @@ ausf_ue_t *ausf_ue_find_by_supi(char *supi); ausf_ue_t *ausf_ue_find_by_suci_or_supi(char *suci_or_supi); ausf_ue_t *ausf_ue_find_by_ctx_id(char *ctx_id); +ausf_ue_t *ausf_ue_find_by_id(ogs_pool_id_t id); -ausf_ue_t *ausf_ue_cycle(ausf_ue_t *ausf_ue); int get_ue_load(void); #ifdef __cplusplus
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/ausf/event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/ausf/event.h
Changed
@@ -31,7 +31,7 @@ typedef struct ausf_event_s { ogs_event_t h; - ausf_ue_t *ausf_ue; + ogs_pool_id_t ausf_ue_id; } ausf_event_t; OGS_STATIC_ASSERT(OGS_EVENT_SIZE >= sizeof(ausf_event_t));
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/ausf/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/ausf/sbi-path.c
Changed
@@ -88,8 +88,11 @@ ogs_assert(stream); ogs_assert(build); + ogs_assert(ausf_ue->id >= OGS_MIN_POOL_ID && + ausf_ue->id <= OGS_MAX_POOL_ID); + xact = ogs_sbi_xact_add( - &ausf_ue->sbi, service_type, discovery_option, + ausf_ue->id, &ausf_ue->sbi, service_type, discovery_option, (ogs_sbi_build_f)build, ausf_ue, data); if (!xact) { ogs_error("ausf_sbi_discover_and_send() failed"); @@ -100,7 +103,9 @@ return OGS_ERROR; } - xact->assoc_stream = stream; + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); r = ogs_sbi_discover_and_send(xact); if (r != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/ausf/ue-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/ausf/ue-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2022 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -31,7 +31,7 @@ ausf_sm_debug(e); - ausf_ue = e->ausf_ue; + ausf_ue = ausf_ue_find_by_id(e->ausf_ue_id); ogs_assert(ausf_ue); OGS_FSM_TRAN(s, &ausf_ue_state_operational); @@ -46,7 +46,7 @@ ausf_sm_debug(e); - ausf_ue = e->ausf_ue; + ausf_ue = ausf_ue_find_by_id(e->ausf_ue_id); ogs_assert(ausf_ue); } @@ -56,6 +56,7 @@ ausf_ue_t *ausf_ue = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *message = NULL; ogs_assert(s); @@ -63,7 +64,7 @@ ausf_sm_debug(e); - ausf_ue = e->ausf_ue; + ausf_ue = ausf_ue_find_by_id(e->ausf_ue_id); ogs_assert(ausf_ue); switch (e->h.id) { @@ -76,8 +77,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.method) CASE(OGS_SBI_HTTP_METHOD_POST) @@ -143,10 +152,18 @@ message = e->h.sbi.message; ogs_assert(message); - ausf_ue = e->ausf_ue; + ausf_ue = ausf_ue_find_by_id(e->ausf_ue_id); ogs_assert(ausf_ue); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NUDM_UEAU) @@ -225,7 +242,7 @@ ausf_sm_debug(e); - ausf_ue = e->ausf_ue; + ausf_ue = ausf_ue_find_by_id(e->ausf_ue_id); ogs_assert(ausf_ue); switch (e->h.id) { @@ -249,7 +266,7 @@ ausf_sm_debug(e); - ausf_ue = e->ausf_ue; + ausf_ue = ausf_ue_find_by_id(e->ausf_ue_id); ogs_assert(ausf_ue); switch (e->h.id) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/bsf/bsf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/bsf/bsf-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -44,6 +44,7 @@ bsf_sess_t *sess = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -51,6 +52,7 @@ ogs_sbi_response_t *response = NULL; ogs_sbi_message_t message; ogs_sbi_xact_t *sbi_xact = NULL; + ogs_pool_id_t sbi_xact_id = OGS_INVALID_POOL_ID; bsf_sm_debug(e); @@ -66,8 +68,16 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) { @@ -285,8 +295,18 @@ CASE(OGS_SBI_SERVICE_NAME_NNRF_DISC) SWITCH(message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_NF_INSTANCES) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); + if (!sbi_xact) { + /* CLIENT_WAIT timer could remove SBI transaction + * before receiving SBI message */ + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); + break; + } SWITCH(message.h.method) CASE(OGS_SBI_HTTP_METHOD_GET) @@ -393,15 +413,22 @@ * 4. timer expiration event is processed. (double-free SBI xact) * * To avoid double-free SBI xact, - * we need to check ogs_sbi_xact_cycle() + * we need to check ogs_sbi_xact_find_by_id() */ - sbi_xact = ogs_sbi_xact_cycle(e->h.sbi.data); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - stream = sbi_xact->assoc_stream; + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(sbi_xact->assoc_stream_id); /* Here, we should not use ogs_assert(stream) * since 'namf-comm' service has no an associated stream. */
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/bsf/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/bsf/sbi-path.c
Changed
@@ -89,7 +89,7 @@ ogs_assert(build); xact = ogs_sbi_xact_add( - &sess->sbi, service_type, discovery_option, + 0, &sess->sbi, service_type, discovery_option, (ogs_sbi_build_f)build, sess, data); if (!xact) { ogs_error("bsf_sbi_discover_and_send() failed"); @@ -100,7 +100,9 @@ return OGS_ERROR; } - xact->assoc_stream = stream; + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); r = ogs_sbi_discover_and_send(xact); if (r != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/emm-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/emm-handler.c
Changed
@@ -55,15 +55,14 @@ char imsi_bcdOGS_MAX_IMSI_BCD_LEN+1; ogs_assert(mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_assert(esm_message_container); if (!esm_message_container->length) { ogs_error("No ESM Message Container"); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_SEMANTICALLY_INCORRECT_MESSAGE, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -143,7 +142,7 @@ /* Send Attach Reject */ ogs_warn("Cannot find Served TAIPLMN_ID:%06x,TAC:%d", ogs_plmn_id_hexdump(&mme_ue->tai.plmn_id), mme_ue->tai.tac); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_TRACKING_AREA_NOT_ALLOWED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -187,7 +186,7 @@ "but Integrity0x%x cannot be bypassed with EIA0", mme_selected_enc_algorithm(mme_ue), mme_selected_int_algorithm(mme_ue)); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_UE_SECURITY_CAPABILITIES_MISMATCH, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -210,7 +209,7 @@ emm_cause = emm_cause_from_access_control(mme_ue); if (emm_cause != OGS_NAS_EMM_CAUSE_REQUEST_ACCEPTED) { ogs_error("Rejected by PLMN-ID access control"); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, emm_cause, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -270,7 +269,6 @@ struct tm gmt, local; ogs_assert(mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); ogs_info(" IMSI%s", mme_ue->imsi_bcd); @@ -358,7 +356,8 @@ return OGS_ERROR; } - r = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + r = nas_eps_send_to_downlink_nas_transport( + enb_ue_find_by_id(mme_ue->enb_ue_id), emmbuf); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -379,7 +378,7 @@ ogs_assert(identity_response); ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); mobile_identity = &identity_response->mobile_identity; @@ -391,7 +390,7 @@ ogs_error("mobile_identity length (%d != %d)", (int)sizeof(ogs_nas_mobile_identity_imsi_t), mobile_identity->length); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_SEMANTICALLY_INCORRECT_MESSAGE, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -404,7 +403,7 @@ emm_cause = emm_cause_from_access_control(mme_ue); if (emm_cause != OGS_NAS_EMM_CAUSE_REQUEST_ACCEPTED) { ogs_error("Rejected by PLMN-ID access control"); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, emm_cause, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -417,7 +416,7 @@ if (mme_ue->imsi_len != OGS_MAX_IMSI_LEN) { ogs_error("Invalid IMSI LEN%d", mme_ue->imsi_len); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_SEMANTICALLY_INCORRECT_MESSAGE, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -595,7 +594,7 @@ enb_ue_t *enb_ue = NULL; ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_assert(pkbuf); @@ -656,7 +655,7 @@ /* Send TAU reject */ ogs_warn("Cannot find Served TAIPLMN_ID:%06x,TAC:%d", ogs_plmn_id_hexdump(&mme_ue->tai.plmn_id), mme_ue->tai.tac); - r = nas_eps_send_tau_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_tau_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_TRACKING_AREA_NOT_ALLOWED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -750,7 +749,7 @@ enb_ue_t *enb_ue = NULL; ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); /* Set Service Type */ @@ -793,7 +792,7 @@ /* Send TAU reject */ ogs_warn("Cannot find Served TAIPLMN_ID:%06x,TAC:%d", ogs_plmn_id_hexdump(&mme_ue->tai.plmn_id), mme_ue->tai.tac); - r = nas_eps_send_tau_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_tau_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_TRACKING_AREA_NOT_ALLOWED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -823,7 +822,6 @@ ogs_nas_mobile_identity_t *imeisv = &security_mode_complete->imeisv; ogs_assert(mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); if (security_mode_complete->presencemask & OGS_NAS_EPS_SECURITY_MODE_COMMAND_IMEISV_REQUEST_PRESENT) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/emm-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/emm-sm.c
Changed
@@ -72,7 +72,7 @@ mme_sm_debug(e); - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); switch (e->id) { @@ -123,7 +123,7 @@ mme_sm_debug(e); - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); switch (e->id) { @@ -297,7 +297,7 @@ mme_sm_debug(e); - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); switch (e->id) { @@ -305,7 +305,7 @@ message = e->nas_message; ogs_assert(message); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); h.type = e->nas_type; @@ -898,17 +898,22 @@ } else { S1AP_MME_UE_S1AP_ID_t MME_UE_S1AP_ID; S1AP_ENB_UE_S1AP_ID_t ENB_UE_S1AP_ID; + mme_enb_t *enb = NULL; ogs_warn("No connection of MSC/VLR"); MME_UE_S1AP_ID = enb_ue->mme_ue_s1ap_id; ENB_UE_S1AP_ID = enb_ue->enb_ue_s1ap_id; - r = s1ap_send_error_indication(enb_ue->enb, - &MME_UE_S1AP_ID, &ENB_UE_S1AP_ID, - S1AP_Cause_PR_transport, - S1AP_CauseTransport_transport_resource_unavailable); - ogs_expect(r == OGS_OK); - ogs_assert(r != OGS_ERROR); + enb = mme_enb_find_by_id(enb_ue->enb_id); + if (enb) { + r = s1ap_send_error_indication(enb, + &MME_UE_S1AP_ID, &ENB_UE_S1AP_ID, + S1AP_Cause_PR_transport, + S1AP_CauseTransport_transport_resource_unavailable); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + } else + ogs_error("eNB has already been removed"); } break; @@ -945,9 +950,8 @@ mme_sm_debug(e); - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); switch (e->id) { case OGS_FSM_ENTRY_SIG: @@ -958,7 +962,7 @@ message = e->nas_message; ogs_assert(message); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); switch (message->emm.h.message_type) { @@ -1146,7 +1150,7 @@ mme_sm_debug(e); - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); switch (e->id) { @@ -1162,7 +1166,7 @@ message = e->nas_message; ogs_assert(message); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); if (message->emm.h.security_header_type @@ -1327,7 +1331,8 @@ "Stop retransmission", mme_ue->imsi_bcd); OGS_FSM_TRAN(&mme_ue->sm, &emm_state_exception); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject( + enb_ue_find_by_id(mme_ue->enb_ue_id), mme_ue, OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -1364,7 +1369,7 @@ mme_sm_debug(e); - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); switch (e->id) { @@ -1376,7 +1381,7 @@ message = e->nas_message; ogs_assert(message); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); xact_count = mme_ue_xact_count(mme_ue, OGS_GTP_LOCAL_ORIGINATOR); @@ -1606,7 +1611,7 @@ mme_timer_cfg(MME_TIMER_T3450)->duration); r = nas_eps_send_to_downlink_nas_transport( - mme_ue->enb_ue, emmbuf); + enb_ue_find_by_id(mme_ue->enb_ue_id), emmbuf); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); } @@ -1635,7 +1640,7 @@ ogs_assert(e); mme_sm_debug(e); - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); switch (e->id) { @@ -1650,7 +1655,7 @@ message = e->nas_message; ogs_assert(message); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); h.type = e->nas_type;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/esm-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/esm-build.c
Changed
@@ -33,7 +33,7 @@ &message.esm.pdn_connectivity_reject; ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); ogs_debug("PDN connectivity reject"); @@ -68,9 +68,9 @@ mme_sess_t *sess = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); ogs_debug("ESM information request"); @@ -117,7 +117,7 @@ ogs_session_t *session = NULL; ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); session = sess->session; ogs_assert(session); @@ -269,9 +269,9 @@ &activate_dedicated_eps_bearer_context_request->tft; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); linked_bearer = mme_linked_bearer(bearer); ogs_assert(linked_bearer); @@ -333,9 +333,9 @@ &modify_eps_bearer_context_request->tft; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); ogs_debug("Modify bearer context request"); @@ -383,9 +383,9 @@ &message.esm.deactivate_eps_bearer_context_request; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); ogs_debug("Deactivate bearer context request");
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/esm-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/esm-handler.c
Changed
@@ -37,11 +37,10 @@ uint8_t security_protected_required = 0; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); ogs_assert(req); @@ -180,9 +179,8 @@ mme_ue_t *mme_ue = NULL; ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); ogs_assert(rsp); @@ -278,9 +276,9 @@ mme_sess_t *sess = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); r = nas_eps_send_bearer_resource_allocation_reject( @@ -297,7 +295,7 @@ mme_ue_t *mme_ue = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); ogs_assert(OGS_OK ==
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/esm-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/esm-sm.c
Changed
@@ -70,6 +70,8 @@ { int r, rv; mme_ue_t *mme_ue = NULL; + sgw_ue_t *sgw_ue = NULL; + enb_ue_t *enb_ue = NULL; mme_sess_t *sess = NULL; mme_bearer_t *bearer = NULL; ogs_nas_eps_message_t *message = NULL; @@ -83,13 +85,12 @@ mme_sm_debug(e); - bearer = e->bearer; + bearer = mme_bearer_find_by_id(e->bearer_id); ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); switch (e->id) { case OGS_FSM_ENTRY_SIG: @@ -119,9 +120,12 @@ ogs_debug(" IMSI%s PTI%d EBI%d", mme_ue->imsi_bcd, sess->pti, bearer->ebi); if (MME_HAVE_SGW_S1U_PATH(sess)) { + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); + ogs_assert(sgw_ue); + ogs_assert(OGS_OK == - mme_gtp_send_delete_session_request(mme_ue->sgw_ue, sess, - OGS_GTP_DELETE_SEND_DEACTIVATE_BEARER_CONTEXT_REQUEST)); + mme_gtp_send_delete_session_request(sgw_ue, sess, + OGS_GTP_DELETE_SEND_DEACTIVATE_BEARER_CONTEXT_REQUEST)); } else { r = nas_eps_send_deactivate_bearer_context_request(bearer); ogs_expect(r == OGS_OK); @@ -141,15 +145,19 @@ CLEAR_BEARER_TIMER(bearer->t3489); h.type = e->nas_type; + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (h.integrity_protected == 0) { ogs_error("%s No Integrity Protected", mme_ue->imsi_bcd); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + + ogs_assert(enb_ue); + + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); - ogs_assert(mme_ue->enb_ue); - r = s1ap_send_ue_context_release_command(mme_ue->enb_ue, + r = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, S1AP_UE_CTX_REL_UE_CONTEXT_REMOVE, 0); ogs_expect(r == OGS_OK); @@ -160,13 +168,15 @@ if (!SECURITY_CONTEXT_IS_VALID(mme_ue)) { ogs_warn("%s No Security Context", mme_ue->imsi_bcd); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + + ogs_assert(enb_ue); + + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); - ogs_assert(mme_ue->enb_ue); - r = s1ap_send_ue_context_release_command(mme_ue->enb_ue, + r = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, S1AP_UE_CTX_REL_UE_CONTEXT_REMOVE, 0); ogs_expect(r == OGS_OK); @@ -268,6 +278,7 @@ { int r, rv; mme_ue_t *mme_ue = NULL; + sgw_ue_t *sgw_ue = NULL; mme_sess_t *sess = NULL; mme_bearer_t *bearer = NULL; ogs_nas_eps_message_t *message = NULL; @@ -277,11 +288,11 @@ mme_sm_debug(e); - bearer = e->bearer; + bearer = mme_bearer_find_by_id(e->bearer_id); ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); switch (e->id) { @@ -313,8 +324,11 @@ ogs_debug(" IMSI%s PTI%d EBI%d", mme_ue->imsi_bcd, sess->pti, bearer->ebi); if (MME_HAVE_SGW_S1U_PATH(sess)) { + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); + ogs_assert(sgw_ue); + ogs_assert(OGS_OK == - mme_gtp_send_delete_session_request(mme_ue->sgw_ue, sess, + mme_gtp_send_delete_session_request(sgw_ue, sess, OGS_GTP_DELETE_SEND_DEACTIVATE_BEARER_CONTEXT_REQUEST)); } else { r = nas_eps_send_deactivate_bearer_context_request(bearer); @@ -383,11 +397,11 @@ mme_sm_debug(e); - bearer = e->bearer; + bearer = mme_bearer_find_by_id(e->bearer_id); ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); switch (e->id) { @@ -472,7 +486,7 @@ ogs_assert(e); mme_sm_debug(e); - bearer = e->bearer; + bearer = mme_bearer_find_by_id(e->bearer_id); switch (e->id) { case OGS_FSM_ENTRY_SIG:
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-context.c
Changed
@@ -2617,7 +2617,7 @@ ogs_assert(sess); ogs_assert(sess->session); ogs_assert(sess->session->name); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); for (i = 0; i < pgw->num_of_apn; i++) @@ -2795,9 +2795,11 @@ ogs_assert(sock); ogs_assert(addr); - ogs_pool_alloc(&mme_enb_pool, &enb); - ogs_assert(enb); - memset(enb, 0, sizeof *enb); + ogs_pool_id_calloc(&mme_enb_pool, &enb); + if (!enb) { + ogs_error("ogs_pool_id_calloc() failed"); + return NULL; + } enb->sctp.sock = sock; enb->sctp.addr = addr; @@ -2820,7 +2822,7 @@ enb->sctp.addr, sizeof(ogs_sockaddr_t), enb); memset(&e, 0, sizeof(e)); - e.enb = enb; + e.enb_id = enb->id; ogs_fsm_init(&enb->sm, s1ap_state_initial, s1ap_state_final, &e); ogs_list_add(&self.enb_list, enb); @@ -2842,7 +2844,7 @@ ogs_list_remove(&self.enb_list, enb); memset(&e, 0, sizeof(e)); - e.enb = enb; + e.enb_id = enb->id; ogs_fsm_fini(&enb->sm, &e); ogs_hash_set(self.enb_addr_hash, @@ -2858,7 +2860,7 @@ ogs_sctp_flush_and_destroy(&enb->sctp); - ogs_pool_free(&mme_enb_pool, enb); + ogs_pool_id_free(&mme_enb_pool, enb); mme_metrics_inst_global_dec(MME_METR_GLOB_GAUGE_ENB); ogs_info("Removed Number of eNBs is now %d", ogs_list_count(&self.enb_list)); @@ -2917,9 +2919,9 @@ return SOCK_STREAM; } -mme_enb_t *mme_enb_cycle(mme_enb_t *enb) +mme_enb_t *mme_enb_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&mme_enb_pool, enb); + return ogs_pool_find_by_id(&mme_enb_pool, id); } /** enb_ue_context handling function */ @@ -2929,19 +2931,18 @@ ogs_assert(enb); - ogs_pool_alloc(&enb_ue_pool, &enb_ue); + ogs_pool_id_calloc(&enb_ue_pool, &enb_ue); if (enb_ue == NULL) { ogs_error("Could not allocate enb_ue context from pool"); return NULL; } - memset(enb_ue, 0, sizeof *enb_ue); - enb_ue->t_s1_holding = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_s1_holding_timer_expire, enb_ue); + ogs_app()->timer_mgr, mme_timer_s1_holding_timer_expire, + OGS_UINT_TO_POINTER(enb_ue->id)); if (!enb_ue->t_s1_holding) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&enb_ue_pool, enb_ue); + ogs_pool_id_free(&enb_ue_pool, enb_ue); return NULL; } @@ -2961,7 +2962,7 @@ enb_ue->enb_ostream_id = OGS_NEXT_ID(enb->ostream_id, 1, enb->max_num_of_ostreams-1); - enb_ue->enb = enb; + enb_ue->enb_id = enb->id; ogs_list_add(&enb->enb_ue_list, enb_ue); @@ -2975,33 +2976,35 @@ mme_enb_t *enb = NULL; ogs_assert(enb_ue); - enb = enb_ue->enb; - ogs_assert(enb); - ogs_list_remove(&enb->enb_ue_list, enb_ue); + enb = mme_enb_find_by_id(enb_ue->enb_id); + + if (enb) ogs_list_remove(&enb->enb_ue_list, enb_ue); ogs_assert(enb_ue->t_s1_holding); ogs_timer_delete(enb_ue->t_s1_holding); - ogs_pool_free(&enb_ue_pool, enb_ue); + ogs_pool_id_free(&enb_ue_pool, enb_ue); stats_remove_enb_ue(); } void enb_ue_switch_to_enb(enb_ue_t *enb_ue, mme_enb_t *new_enb) { + mme_enb_t *enb = NULL; ogs_assert(enb_ue); - ogs_assert(enb_ue->enb); ogs_assert(new_enb); + enb = mme_enb_find_by_id(enb_ue->enb_id); + /* Remove from the old enb */ - ogs_list_remove(&enb_ue->enb->enb_ue_list, enb_ue); + ogs_list_remove(&enb->enb_ue_list, enb_ue); /* Add to the new enb */ ogs_list_add(&new_enb->enb_ue_list, enb_ue); /* Switch to enb */ - enb_ue->enb = new_enb; + enb_ue->enb_id = new_enb->id; } enb_ue_t *enb_ue_find_by_enb_ue_s1ap_id( @@ -3027,9 +3030,9 @@ return enb_ue_find(mme_ue_s1ap_id); } -enb_ue_t *enb_ue_cycle(enb_ue_t *enb_ue) +enb_ue_t *enb_ue_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&enb_ue_pool, enb_ue); + return ogs_pool_find_by_id(&enb_ue_pool, id); } /** sgw_ue_context handling function */ @@ -3039,15 +3042,15 @@ ogs_assert(sgw); - ogs_pool_alloc(&sgw_ue_pool, &sgw_ue); + ogs_pool_id_calloc(&sgw_ue_pool, &sgw_ue); ogs_assert(sgw_ue); - memset(sgw_ue, 0, sizeof *sgw_ue); sgw_ue->t_s11_holding = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_s11_holding_timer_expire, sgw_ue); + ogs_app()->timer_mgr, mme_timer_s11_holding_timer_expire, + OGS_UINT_TO_POINTER(sgw_ue->id)); if (!sgw_ue->t_s11_holding) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&sgw_ue_pool, sgw_ue); + ogs_pool_id_free(&sgw_ue_pool, sgw_ue); return NULL; } @@ -3071,7 +3074,7 @@ ogs_assert(sgw_ue->t_s11_holding); ogs_timer_delete(sgw_ue->t_s11_holding); - ogs_pool_free(&sgw_ue_pool, sgw_ue); + ogs_pool_id_free(&sgw_ue_pool, sgw_ue); } void sgw_ue_switch_to_sgw(sgw_ue_t *sgw_ue, mme_sgw_t *new_sgw) @@ -3090,9 +3093,9 @@ sgw_ue->sgw = new_sgw; } -sgw_ue_t *sgw_ue_cycle(sgw_ue_t *sgw_ue) +sgw_ue_t *sgw_ue_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&sgw_ue_pool, sgw_ue); + return ogs_pool_find_by_id(&sgw_ue_pool, id); } sgw_relocation_e sgw_ue_check_if_relocated(mme_ue_t *mme_ue) @@ -3102,9 +3105,9 @@ mme_sgw_t *current = NULL, *changed = NULL; ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); - source_ue = sgw_ue_cycle(mme_ue->sgw_ue); + source_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(source_ue); current = source_ue->sgw; @@ -3114,13 +3117,13 @@ if (!changed) return SGW_WITHOUT_RELOCATION; /* Check if Old Source UE */ - old_source_ue = sgw_ue_cycle(source_ue->source_ue); + old_source_ue = sgw_ue_find_by_id(source_ue->source_ue_id); if (old_source_ue) { sgw_ue_source_deassociate_target(old_source_ue); sgw_ue_remove(old_source_ue); } - target_ue = sgw_ue_cycle(source_ue->target_ue); + target_ue = sgw_ue_find_by_id(source_ue->target_ue_id); if (target_ue) { ogs_error("SGW-UE source has already been associated with target"); return SGW_HAS_ALREADY_BEEN_RELOCATED; @@ -3254,80 +3257,90 @@ char bufOGS_ADDRSTRLEN; ogs_assert(enb_ue); - enb = enb_ue->enb; - ogs_assert(enb); - ogs_pool_alloc(&mme_ue_pool, &mme_ue); + enb = mme_enb_find_by_id(enb_ue->enb_id); + if (!enb) { + ogs_error("%d eNB has already been removed", enb_ue->enb_id); + return NULL; + } + + ogs_pool_id_calloc(&mme_ue_pool, &mme_ue); if (mme_ue == NULL) { ogs_error("Could not allocate mme_ue context from pool"); return NULL; } - memset(mme_ue, 0, sizeof *mme_ue); - /* Add All Timers */ mme_ue->t3413.timer = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_t3413_expire, mme_ue); + ogs_app()->timer_mgr, mme_timer_t3413_expire, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!mme_ue->t3413.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); return NULL; } mme_ue->t3413.pkbuf = NULL; mme_ue->t3422.timer = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_t3422_expire, mme_ue); + ogs_app()->timer_mgr, mme_timer_t3422_expire, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!mme_ue->t3422.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); return NULL; } mme_ue->t3422.pkbuf = NULL; mme_ue->t3450.timer = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_t3450_expire, mme_ue); + ogs_app()->timer_mgr, mme_timer_t3450_expire, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!mme_ue->t3450.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); return NULL; } mme_ue->t3450.pkbuf = NULL; mme_ue->t3460.timer = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_t3460_expire, mme_ue); + ogs_app()->timer_mgr, mme_timer_t3460_expire, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!mme_ue->t3460.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); return NULL; } mme_ue->t3460.pkbuf = NULL; mme_ue->t3470.timer = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_t3470_expire, mme_ue); + ogs_app()->timer_mgr, mme_timer_t3470_expire, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!mme_ue->t3470.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); return NULL; } mme_ue->t3470.pkbuf = NULL; mme_ue->t_mobile_reachable.timer = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_mobile_reachable_expire, mme_ue); + ogs_app()->timer_mgr, mme_timer_mobile_reachable_expire, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!mme_ue->t_mobile_reachable.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); return NULL; } mme_ue->t_mobile_reachable.pkbuf = NULL; mme_ue->t_implicit_detach.timer = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_implicit_detach_expire, mme_ue); + ogs_app()->timer_mgr, mme_timer_implicit_detach_expire, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!mme_ue->t_implicit_detach.timer) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); return NULL; } mme_ue->t_implicit_detach.pkbuf = NULL; mme_ue->gn.t_gn_holding = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_gn_holding_timer_expire, mme_ue); + ogs_app()->timer_mgr, mme_timer_gn_holding_timer_expire, + OGS_UINT_TO_POINTER(mme_ue->id)); if (! mme_ue->gn.t_gn_holding) { ogs_error("ogs_timer_add() failed"); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); return NULL; } @@ -3384,6 +3397,7 @@ void mme_ue_remove(mme_ue_t *mme_ue) { + sgw_ue_t *sgw_ue = NULL; ogs_assert(mme_ue); ogs_list_remove(&self.mme_ue_list, mme_ue); @@ -3395,8 +3409,8 @@ ogs_hash_set(self.mme_gn_teid_hash, &mme_ue->gn.mme_gn_teid, sizeof(mme_ue->gn.mme_gn_teid), NULL); - ogs_assert(mme_ue->sgw_ue); - sgw_ue_remove(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); + if (sgw_ue) sgw_ue_remove(sgw_ue); if (mme_ue->imsi_len != 0) ogs_hash_set(mme_self()->imsi_ue_hash, @@ -3443,7 +3457,7 @@ ogs_pool_free(&mme_s11_teid_pool, mme_ue->mme_s11_teid_node); ogs_pool_free(&mme_gn_teid_pool, mme_ue->gn.mme_gn_teid_node); - ogs_pool_free(&mme_ue_pool, mme_ue); + ogs_pool_id_free(&mme_ue_pool, mme_ue); ogs_info("Removed Number of MME-UEs is now %d", ogs_list_count(&self.mme_ue_list)); @@ -3454,7 +3468,7 @@ mme_ue_t *mme_ue = NULL, *next = NULL;; ogs_list_for_each_safe(&self.mme_ue_list, next, mme_ue) { - enb_ue_t *enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue_t *enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); if (enb_ue) enb_ue_remove(enb_ue); @@ -3462,9 +3476,9 @@ } } -mme_ue_t *mme_ue_cycle(mme_ue_t *mme_ue) +mme_ue_t *mme_ue_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&mme_ue_pool, mme_ue); + return ogs_pool_find_by_id(&mme_ue_pool, id); } void mme_ue_fsm_init(mme_ue_t *mme_ue) @@ -3474,7 +3488,7 @@ ogs_assert(mme_ue); memset(&e, 0, sizeof(e)); - e.mme_ue = mme_ue; + e.mme_ue_id = mme_ue->id; ogs_fsm_init(&mme_ue->sm, emm_state_initial, emm_state_final, &e); } @@ -3485,7 +3499,7 @@ ogs_assert(mme_ue); memset(&e, 0, sizeof(e)); - e.mme_ue = mme_ue; + e.mme_ue_id = mme_ue->id; ogs_fsm_fini(&mme_ue->sm, &e); } @@ -3705,6 +3719,7 @@ mme_ue_t *old_mme_ue = NULL; mme_sess_t *old_sess = NULL; mme_bearer_t *old_bearer = NULL; + sgw_ue_t *sgw_ue = NULL, *old_sgw_ue = NULL; ogs_assert(mme_ue && imsi_bcd); ogs_cpystrn(mme_ue->imsi_bcd, imsi_bcd, OGS_MAX_IMSI_BCD_LEN+1); @@ -3718,13 +3733,19 @@ ogs_pool_index(&mme_ue_pool, old_mme_ue)) { ogs_warn("%s OLD UE Context Release", mme_ue->imsi_bcd); if (ECM_CONNECTED(old_mme_ue)) { + enb_ue_t *enb_ue = enb_ue_find_by_id(old_mme_ue->enb_ue_id); /* Implcit S1 release */ ogs_warn("%s Implicit S1 release", mme_ue->imsi_bcd); - ogs_warn("%s ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", - old_mme_ue->imsi_bcd, - old_mme_ue->enb_ue->enb_ue_s1ap_id, - old_mme_ue->enb_ue->mme_ue_s1ap_id); - enb_ue_remove(old_mme_ue->enb_ue); + if (enb_ue) { + ogs_warn("%s ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", + old_mme_ue->imsi_bcd, + enb_ue->enb_ue_s1ap_id, + enb_ue->mme_ue_s1ap_id); + enb_ue_remove(enb_ue); + } else { + ogs_error("%s S1 Context has already been removed", + old_mme_ue->imsi_bcd); + } } /* @@ -3742,14 +3763,14 @@ /* Phase-1 : Change MME-UE Context in Session Context */ ogs_list_for_each(&old_mme_ue->sess_list, old_sess) { ogs_list_for_each(&old_sess->bearer_list, old_bearer) { - old_bearer->mme_ue = mme_ue; + old_bearer->mme_ue_id = mme_ue->id; if (old_bearer->ebi_node) ogs_pool_free( &old_mme_ue->ebi_pool, old_bearer->ebi_node); old_bearer->ebi_node = NULL; } - old_sess->mme_ue = mme_ue; + old_sess->mme_ue_id = mme_ue->id; } /* Phase-2 : Move Session Context from OLD to NEW MME-UE Context */ @@ -3760,11 +3781,12 @@ memset(&old_mme_ue->sess_list, 0, sizeof(old_mme_ue->sess_list)); /* Phase-4 : Move sgw_ue->sgw_s11_teid */ - ogs_assert(old_mme_ue->sgw_ue); - ogs_assert(mme_ue->sgw_ue); - mme_ue->sgw_ue->sgw_s11_teid = old_mme_ue->sgw_ue->sgw_s11_teid; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); + ogs_assert(sgw_ue); + old_sgw_ue = sgw_ue_find_by_id(old_mme_ue->sgw_ue_id); + ogs_assert(old_sgw_ue); + sgw_ue->sgw_s11_teid = old_sgw_ue->sgw_s11_teid; - MME_UE_CHECK(OGS_LOG_WARN, old_mme_ue); mme_ue_remove(old_mme_ue); } } @@ -3875,7 +3897,7 @@ ogs_assert(org == OGS_GTP_LOCAL_ORIGINATOR || org == OGS_GTP_REMOTE_ORIGINATOR); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); if (!sgw_ue) return 0; gnode = sgw_ue->gnode; @@ -3891,34 +3913,30 @@ ogs_assert(mme_ue); ogs_assert(enb_ue); - mme_ue->enb_ue = enb_ue; - enb_ue->mme_ue = mme_ue; + mme_ue->enb_ue_id = enb_ue->id; + enb_ue->mme_ue_id = mme_ue->id; } void enb_ue_deassociate(enb_ue_t *enb_ue) { ogs_assert(enb_ue); - enb_ue->mme_ue = NULL; + enb_ue->mme_ue_id = OGS_INVALID_POOL_ID; } void enb_ue_unlink(mme_ue_t *mme_ue) { ogs_assert(mme_ue); - mme_ue->enb_ue = NULL; + mme_ue->enb_ue_id = OGS_INVALID_POOL_ID; } void enb_ue_source_associate_target(enb_ue_t *source_ue, enb_ue_t *target_ue) { - mme_ue_t *mme_ue = NULL; - ogs_assert(source_ue); ogs_assert(target_ue); - mme_ue = source_ue->mme_ue; - ogs_assert(mme_ue); - target_ue->mme_ue = mme_ue; - target_ue->source_ue = source_ue; - source_ue->target_ue = target_ue; + target_ue->mme_ue_id = source_ue->mme_ue_id; + target_ue->source_ue_id = source_ue->id; + source_ue->target_ue_id = target_ue->id; } void enb_ue_source_deassociate_target(enb_ue_t *enb_ue) @@ -3927,22 +3945,28 @@ enb_ue_t *target_ue = NULL; ogs_assert(enb_ue); - if (enb_ue->target_ue) { + if (enb_ue->target_ue_id >= OGS_MIN_POOL_ID && + enb_ue->target_ue_id <= OGS_MAX_POOL_ID) { source_ue = enb_ue; - target_ue = enb_ue->target_ue; + target_ue = enb_ue_find_by_id(enb_ue->target_ue_id); - ogs_assert(source_ue->target_ue); - ogs_assert(target_ue->source_ue); - source_ue->target_ue = NULL; - target_ue->source_ue = NULL; - } else if (enb_ue->source_ue) { + ogs_assert(source_ue->target_ue_id >= OGS_MIN_POOL_ID && + source_ue->target_ue_id <= OGS_MAX_POOL_ID); + ogs_assert(target_ue->source_ue_id >= OGS_MIN_POOL_ID && + target_ue->source_ue_id <= OGS_MAX_POOL_ID); + source_ue->target_ue_id = OGS_INVALID_POOL_ID; + target_ue->source_ue_id = OGS_INVALID_POOL_ID; + } else if (enb_ue->source_ue_id >= OGS_MIN_POOL_ID && + enb_ue->source_ue_id <= OGS_MAX_POOL_ID) { target_ue = enb_ue; - source_ue = enb_ue->source_ue; + source_ue = enb_ue_find_by_id(enb_ue->source_ue_id); - ogs_assert(source_ue->target_ue); - ogs_assert(target_ue->source_ue); - source_ue->target_ue = NULL; - target_ue->source_ue = NULL; + ogs_assert(source_ue->target_ue_id >= OGS_MIN_POOL_ID && + source_ue->target_ue_id <= OGS_MAX_POOL_ID); + ogs_assert(target_ue->source_ue_id >= OGS_MIN_POOL_ID && + target_ue->source_ue_id <= OGS_MAX_POOL_ID); + source_ue->target_ue_id = OGS_INVALID_POOL_ID; + target_ue->source_ue_id = OGS_INVALID_POOL_ID; } } @@ -3951,34 +3975,30 @@ ogs_assert(mme_ue); ogs_assert(sgw_ue); - mme_ue->sgw_ue = sgw_ue; - sgw_ue->mme_ue = mme_ue; + mme_ue->sgw_ue_id = sgw_ue->id; + sgw_ue->mme_ue_id = mme_ue->id; } void sgw_ue_deassociate(sgw_ue_t *sgw_ue) { ogs_assert(sgw_ue); - sgw_ue->mme_ue = NULL; + sgw_ue->mme_ue_id = OGS_INVALID_POOL_ID; } void sgw_ue_unlink(mme_ue_t *mme_ue) { ogs_assert(mme_ue); - mme_ue->sgw_ue = NULL; + mme_ue->sgw_ue_id = OGS_INVALID_POOL_ID; } void sgw_ue_source_associate_target(sgw_ue_t *source_ue, sgw_ue_t *target_ue) { - mme_ue_t *mme_ue = NULL; - ogs_assert(source_ue); ogs_assert(target_ue); - mme_ue = source_ue->mme_ue; - ogs_assert(mme_ue); - target_ue->mme_ue = mme_ue; - target_ue->source_ue = source_ue; - source_ue->target_ue = target_ue; + target_ue->mme_ue_id = source_ue->mme_ue_id; + target_ue->source_ue_id = source_ue->id; + source_ue->target_ue_id = target_ue->id; } void sgw_ue_source_deassociate_target(sgw_ue_t *sgw_ue) @@ -3987,22 +4007,28 @@ sgw_ue_t *target_ue = NULL; ogs_assert(sgw_ue); - if (sgw_ue->target_ue) { + if (sgw_ue->target_ue_id >= OGS_MIN_POOL_ID && + sgw_ue->target_ue_id <= OGS_MAX_POOL_ID) { source_ue = sgw_ue; - target_ue = sgw_ue->target_ue; + target_ue = sgw_ue_find_by_id(sgw_ue->target_ue_id); - ogs_assert(source_ue->target_ue); - ogs_assert(target_ue->source_ue); - source_ue->target_ue = NULL; - target_ue->source_ue = NULL; - } else if (sgw_ue->source_ue) { + ogs_assert(source_ue->target_ue_id >= OGS_MIN_POOL_ID && + source_ue->target_ue_id <= OGS_MAX_POOL_ID); + ogs_assert(target_ue->source_ue_id >= OGS_MIN_POOL_ID && + target_ue->source_ue_id <= OGS_MAX_POOL_ID); + source_ue->target_ue_id = OGS_INVALID_POOL_ID; + target_ue->source_ue_id = OGS_INVALID_POOL_ID; + } else if (sgw_ue->source_ue_id >= OGS_MIN_POOL_ID && + sgw_ue->source_ue_id <= OGS_MAX_POOL_ID) { target_ue = sgw_ue; - source_ue = sgw_ue->source_ue; + source_ue = sgw_ue_find_by_id(sgw_ue->source_ue_id); - ogs_assert(source_ue->target_ue); - ogs_assert(target_ue->source_ue); - source_ue->target_ue = NULL; - target_ue->source_ue = NULL; + ogs_assert(source_ue->target_ue_id >= OGS_MIN_POOL_ID && + source_ue->target_ue_id <= OGS_MAX_POOL_ID); + ogs_assert(target_ue->source_ue_id >= OGS_MIN_POOL_ID && + target_ue->source_ue_id <= OGS_MAX_POOL_ID); + source_ue->target_ue_id = OGS_INVALID_POOL_ID; + target_ue->source_ue_id = OGS_INVALID_POOL_ID; } } @@ -4014,13 +4040,12 @@ ogs_assert(mme_ue); ogs_assert(pti != OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED); - ogs_pool_alloc(&mme_sess_pool, &sess); + ogs_pool_id_calloc(&mme_sess_pool, &sess); ogs_assert(sess); - memset(sess, 0, sizeof *sess); ogs_list_init(&sess->bearer_list); - sess->mme_ue = mme_ue; + sess->mme_ue_id = mme_ue->id; sess->pti = pti; bearer = mme_bearer_add(sess); @@ -4038,7 +4063,7 @@ mme_ue_t *mme_ue = NULL; ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); ogs_list_remove(&mme_ue->sess_list, sess); @@ -4050,7 +4075,7 @@ OGS_TLV_CLEAR_DATA(&sess->pgw_pco); OGS_TLV_CLEAR_DATA(&sess->pgw_epco); - ogs_pool_free(&mme_sess_pool, sess); + ogs_pool_id_free(&mme_sess_pool, sess); stats_remove_mme_session(); } @@ -4090,7 +4115,7 @@ bearer = mme_bearer_find_by_ue_ebi(mme_ue, ebi); if (bearer) - return bearer->sess; + return mme_sess_find_by_id(bearer->sess_id); return NULL; } @@ -4112,6 +4137,11 @@ return NULL; } +mme_sess_t *mme_sess_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&mme_sess_pool, id); +} + mme_sess_t *mme_sess_first(const mme_ue_t *mme_ue) { return ogs_list_first(&mme_ue->sess_list); @@ -4142,12 +4172,11 @@ mme_ue_t *mme_ue = NULL; ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); - ogs_pool_alloc(&mme_bearer_pool, &bearer); + ogs_pool_id_calloc(&mme_bearer_pool, &bearer); ogs_assert(bearer); - memset(bearer, 0, sizeof *bearer); ogs_list_init(&bearer->update.xact_list); @@ -4159,17 +4188,18 @@ ogs_assert(bearer->ebi >= MIN_EPS_BEARER_ID && bearer->ebi <= MAX_EPS_BEARER_ID); - bearer->mme_ue = mme_ue; - bearer->sess = sess; + bearer->mme_ue_id = mme_ue->id; + bearer->sess_id = sess->id; ogs_list_add(&sess->bearer_list, bearer); bearer->t3489.timer = ogs_timer_add( - ogs_app()->timer_mgr, mme_timer_t3489_expire, bearer); + ogs_app()->timer_mgr, mme_timer_t3489_expire, + OGS_UINT_TO_POINTER(bearer->id)); bearer->t3489.pkbuf = NULL; memset(&e, 0, sizeof(e)); - e.bearer = bearer; + e.bearer_id = bearer->id; ogs_fsm_init(&bearer->sm, esm_state_initial, esm_state_final, &e); return bearer; @@ -4178,32 +4208,36 @@ void mme_bearer_remove(mme_bearer_t *bearer) { mme_event_t e; + mme_ue_t *mme_ue = NULL; + mme_sess_t *sess = NULL; ogs_gtp_xact_t *xact = NULL, *next_xact = NULL; ogs_assert(bearer); - ogs_assert(bearer->mme_ue); - ogs_assert(bearer->sess); + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); + ogs_assert(mme_ue); + sess = mme_sess_find_by_id(bearer->sess_id); + ogs_assert(sess); memset(&e, 0, sizeof(e)); - e.bearer = bearer; + e.bearer_id = bearer->id; ogs_fsm_fini(&bearer->sm, &e); CLEAR_BEARER_ALL_TIMERS(bearer); ogs_timer_delete(bearer->t3489.timer); - ogs_list_remove(&bearer->sess->bearer_list, bearer); + ogs_list_remove(&sess->bearer_list, bearer); OGS_TLV_CLEAR_DATA(&bearer->tft); if (bearer->ebi_node) - ogs_pool_free(&bearer->mme_ue->ebi_pool, bearer->ebi_node); + ogs_pool_free(&mme_ue->ebi_pool, bearer->ebi_node); ogs_list_for_each_entry_safe(&bearer->update.xact_list, next_xact, xact, to_update_node) { ogs_list_remove(&bearer->update.xact_list, &xact->to_update_node); } - ogs_pool_free(&mme_bearer_pool, bearer); + ogs_pool_id_free(&mme_bearer_pool, bearer); } void mme_bearer_remove_all(mme_sess_t *sess) @@ -4268,10 +4302,14 @@ mme_bearer_t *bearer = NULL; mme_sess_t *sess = NULL; + mme_ue_t *sess_mme_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_assert(mme_ue); ogs_assert(message); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + pti = message->esm.h.procedure_transaction_identity; ebi = message->esm.h.eps_bearer_identity; @@ -4283,7 +4321,7 @@ bearer = mme_bearer_find_by_ue_ebi(mme_ue, ebi); if (!bearer) { ogs_error("No Bearer : EBI%d", ebi); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -4297,7 +4335,7 @@ if (pti == OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED) { ogs_error("ESM message type: %d, Both PTI%d and EBI%d are 0", message->esm.h.message_type, pti, ebi); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -4316,7 +4354,7 @@ if (!bearer) { ogs_error("No Bearer : Linked-EBI%d", linked_eps_bearer_identity->eps_bearer_identity); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -4367,7 +4405,7 @@ } if (bearer) { - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); sess->pti = pti; @@ -4402,11 +4440,12 @@ ogs_debug("%s:%d:%d:%p", sess->session ? sess->session->name : "Unknown", sess->pti, pti, sess); + + sess_mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_debug("%s:%p", - sess->mme_ue ? sess->mme_ue->imsi_bcd : "Unknown", - sess->mme_ue); + sess_mme_ue ? sess_mme_ue->imsi_bcd : "Unknown", + sess_mme_ue); } - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); } if (!sess) { @@ -4417,20 +4456,22 @@ ogs_debug("%s:%d:%d:%p", sess->session ? sess->session->name : "Unknown", sess->pti, pti, sess); + + sess_mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_debug("%s:%p", - sess->mme_ue ? sess->mme_ue->imsi_bcd : "Unknown", - sess->mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); + sess_mme_ue ? sess_mme_ue->imsi_bcd : "Unknown", + sess_mme_ue); } else { sess->pti = pti; ogs_debug("%s:%p", mme_ue->imsi_bcd, mme_ue); ogs_debug("%s:%d:%d:%p", sess->session ? sess->session->name : "Unknown", sess->pti, pti, sess); + + sess_mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_debug("%s:%p", - sess->mme_ue ? sess->mme_ue->imsi_bcd : "Unknown", - sess->mme_ue); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); + sess_mme_ue ? sess_mme_ue->imsi_bcd : "Unknown", + sess_mme_ue); } } else { @@ -4438,7 +4479,7 @@ if (!sess) { ogs_error("No Session : ESM message type%d, PTI%d", message->esm.h.message_type, pti); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -4468,7 +4509,7 @@ mme_sess_t *sess = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); return mme_default_bearer_in_sess(sess); @@ -4487,9 +4528,9 @@ return ogs_list_next(bearer); } -mme_bearer_t *mme_bearer_cycle(mme_bearer_t *bearer) +mme_bearer_t *mme_bearer_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&mme_bearer_pool, bearer); + return ogs_pool_find_by_id(&mme_bearer_pool, id); } void mme_session_remove_all(mme_ue_t *mme_ue)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-context.h
Changed
@@ -146,45 +146,6 @@ /* Generator for unique identification */ uint32_t mme_ue_s1ap_id; /* mme_ue_s1ap_id generator */ -#define MME_UE_CHECK(level, __mME) \ - do { \ - sgw_ue_t *__sGW = (((mme_ue_t *)__mME)->sgw_ue); \ - mme_sess_t *__sESS = NULL; \ - mme_bearer_t *__bEARER = NULL; \ - \ - ogs_log_message(level, 0, "MME-UE Context Memory%p:%p", \ - (__mME), mme_ue_cycle((__mME))); \ - ogs_log_message(level, 0, "SGW-UE Context Memory%p:%p", \ - (__sGW), sgw_ue_cycle((__sGW))); \ - ogs_log_message(level, 0, \ - "IMSI %s NAS-EPS Type%d", \ - (__mME) ? ((mme_ue_t *)__mME)->imsi_bcd : "No MME_UE", \ - (__mME) ? ((mme_ue_t *)__mME)->nas_eps.type : 0); \ - ogs_log_message(level, 0, \ - "MME_S11_TEID%d SGW_S11_TEID%d", \ - (__mME) ? ((mme_ue_t *)__mME)->mme_s11_teid : 0, \ - (__sGW) ? (__sGW)->sgw_s11_teid : 0); \ - if (!mme_ue_cycle(__mME)) { \ - ogs_log_message(level, 0, \ - "MME-UE Context has already been removed"); \ - break; \ - } \ - ogs_list_for_each(&((mme_ue_t *)__mME)->sess_list, (__sESS)) { \ - ogs_log_message(level, 0, "SESS(%p) %s:%d", (__sESS), \ - (__sESS)->session ? (__sESS)->session->name : "Unknown", \ - (__sESS)->pti); \ - ogs_list_for_each(&(__sESS)->bearer_list, (__bEARER)) { \ - ogs_log_message(level, 0, \ - "BEARER(%p) %d ENB_S1U_TEID%d SGW_S1U_TEID%d", \ - (__bEARER), (__bEARER)->ebi, \ - (__bEARER)->enb_s1u_teid, (__bEARER)->sgw_s1u_teid); \ - ogs_assert((__bEARER)->sess == (__sESS)); \ - ogs_assert((__bEARER)->mme_ue == (__mME)); \ - } \ - ogs_assert((__sESS)->mme_ue == (__mME)); \ - } \ - } while(0) - ogs_list_t mme_ue_list; ogs_hash_t *enb_addr_hash; /* hash table for ENB Address */ @@ -273,6 +234,7 @@ typedef struct mme_enb_s { ogs_lnode_t lnode; + ogs_pool_id_t id; ogs_fsm_t sm; /* A state machine */ @@ -298,6 +260,7 @@ struct enb_ue_s { ogs_lnode_t lnode; + ogs_pool_id_t id; uint32_t index; /* UE identity */ @@ -309,8 +272,8 @@ /* Handover Info */ S1AP_HandoverType_t handover_type; - enb_ue_t *source_ue; - enb_ue_t *target_ue; + ogs_pool_id_t source_ue_id; + ogs_pool_id_t target_ue_id; /* Use mme_ue->tai, mme_ue->e_cgi. * Do not access enb_ue->saved.tai enb_ue->saved.e_cgi. @@ -339,15 +302,16 @@ bool part_of_s1_reset_requested; /* Related Context */ - mme_enb_t *enb; - mme_ue_t *mme_ue; + ogs_pool_id_t enb_id; + ogs_pool_id_t mme_ue_id; }; struct sgw_ue_s { ogs_lnode_t lnode; + ogs_pool_id_t id; - sgw_ue_t *source_ue; - sgw_ue_t *target_ue; + ogs_pool_id_t source_ue_id; + ogs_pool_id_t target_ue_id; /* UE identity */ uint32_t sgw_s11_teid; /* SGW-S11-TEID is received from SGW */ @@ -360,11 +324,12 @@ mme_sgw_t *sgw; ogs_gtp_node_t *gnode; }; - mme_ue_t *mme_ue; + ogs_pool_id_t mme_ue_id; }; struct mme_ue_s { ogs_lnode_t lnode; + ogs_pool_id_t id; ogs_fsm_t sm; /* A state machine */ struct { @@ -536,50 +501,66 @@ /* Paging Info */ #define ECM_CONNECTED(__mME) \ - ((__mME) && ((__mME)->enb_ue != NULL) && enb_ue_cycle((__mME)->enb_ue)) + ((__mME) && \ + ((__mME)->enb_ue_id >= OGS_MIN_POOL_ID) && \ + ((__mME)->enb_ue_id <= OGS_MAX_POOL_ID) && \ + (enb_ue_find_by_id((__mME)->enb_ue_id))) #define ECM_IDLE(__mME) \ ((__mME) && \ - (((__mME)->enb_ue == NULL) || (enb_ue_cycle((__mME)->enb_ue) == NULL))) - enb_ue_t *enb_ue; /* S1 UE context */ + (((__mME)->enb_ue_id < OGS_MIN_POOL_ID) || \ + ((__mME)->enb_ue_id > OGS_MAX_POOL_ID) || \ + (enb_ue_find_by_id((__mME)->enb_ue_id) == NULL))) + ogs_pool_id_t enb_ue_id; #define HOLDING_S1_CONTEXT(__mME) \ do { \ - enb_ue_deassociate((__mME)->enb_ue); \ + enb_ue_t *enb_ue_holding = NULL; \ + \ + (__mME)->enb_ue_holding_id = OGS_INVALID_POOL_ID; \ \ - (__mME)->enb_ue_holding = enb_ue_cycle((__mME)->enb_ue); \ - if ((__mME)->enb_ue_holding) { \ + enb_ue_holding = enb_ue_find_by_id((__mME)->enb_ue_id); \ + if (enb_ue_holding) { \ + enb_ue_deassociate(enb_ue_holding); \ + \ ogs_warn("%s Holding S1 Context", (__mME)->imsi_bcd); \ ogs_warn("%s ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", \ - (__mME)->imsi_bcd, (__mME)->enb_ue_holding->enb_ue_s1ap_id, \ - (__mME)->enb_ue_holding->mme_ue_s1ap_id); \ + (__mME)->imsi_bcd, \ + enb_ue_holding->enb_ue_s1ap_id, \ + enb_ue_holding->mme_ue_s1ap_id); \ \ - (__mME)->enb_ue_holding->ue_ctx_rel_action = \ + enb_ue_holding->ue_ctx_rel_action = \ S1AP_UE_CTX_REL_S1_CONTEXT_REMOVE; \ - ogs_timer_start((__mME)->enb_ue_holding->t_s1_holding, \ + ogs_timer_start(enb_ue_holding->t_s1_holding, \ mme_timer_cfg(MME_TIMER_S1_HOLDING)->duration); \ + \ + (__mME)->enb_ue_holding_id = (__mME)->enb_ue_id; \ } else \ ogs_error("%s S1 Context has already been removed", \ (__mME)->imsi_bcd); \ } while(0) #define CLEAR_S1_CONTEXT(__mME) \ do { \ - if (enb_ue_cycle((__mME)->enb_ue_holding)) { \ + enb_ue_t *enb_ue_holding = NULL; \ + \ + enb_ue_holding = enb_ue_find_by_id((__mME)->enb_ue_holding_id); \ + if (enb_ue_holding) { \ int r; \ ogs_warn("%s Clear S1 Context", (__mME)->imsi_bcd); \ ogs_warn("%s ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", \ - (__mME)->imsi_bcd, (__mME)->enb_ue_holding->enb_ue_s1ap_id, \ - (__mME)->enb_ue_holding->mme_ue_s1ap_id); \ + (__mME)->imsi_bcd, \ + enb_ue_holding->enb_ue_s1ap_id, \ + enb_ue_holding->mme_ue_s1ap_id); \ \ r = s1ap_send_ue_context_release_command( \ - (__mME)->enb_ue_holding, \ + enb_ue_holding, \ S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, \ S1AP_UE_CTX_REL_S1_CONTEXT_REMOVE, 0); \ ogs_expect(r == OGS_OK); \ ogs_assert(r != OGS_ERROR); \ } \ - (__mME)->enb_ue_holding = NULL; \ + (__mME)->enb_ue_holding_id = OGS_INVALID_POOL_ID; \ } while(0) - enb_ue_t *enb_ue_holding; + ogs_pool_id_t enb_ue_holding_id; struct { #define MME_CLEAR_PAGING_INFO(__mME) \ @@ -596,7 +577,7 @@ ogs_assert(__tYPE); \ ogs_debug("%s Store Paging Info", mme_ue->imsi_bcd); \ (__mME)->paging.type = __tYPE; \ - (__mME)->paging.data = __dATA; \ + (__mME)->paging.data = OGS_UINT_TO_POINTER(__dATA); \ } while(0) #define MME_PAGING_ONGOING(__mME) ((__mME) && ((__mME)->paging.type)) @@ -614,7 +595,7 @@ } paging; /* SGW UE context */ - sgw_ue_t *sgw_ue; + ogs_pool_id_t sgw_ue_id; /* Save PDN Connectivity Request */ ogs_nas_esm_message_container_t pdn_connectivity_request; @@ -715,19 +696,25 @@ }; #define SESSION_CONTEXT_IS_AVAILABLE(__mME) \ - ((__mME) && ((__mME)->sgw_ue) && (((__mME)->sgw_ue)->sgw_s11_teid)) + ((__mME) && \ + ((__mME)->sgw_ue_id >= OGS_MIN_POOL_ID) && \ + ((__mME)->sgw_ue_id <= OGS_MAX_POOL_ID) && \ + (sgw_ue_find_by_id((__mME)->sgw_ue_id)) && \ + (sgw_ue_find_by_id((__mME)->sgw_ue_id)->sgw_s11_teid)) #define CLEAR_SESSION_CONTEXT(__mME) \ do { \ + sgw_ue_t *sgw_ue = NULL; \ ogs_assert((__mME)); \ - ((__mME)->sgw_ue)->sgw_s11_teid = 0; \ + sgw_ue = sgw_ue_find_by_id((__mME)->sgw_ue_id); \ + if (sgw_ue) sgw_ue->sgw_s11_teid = 0; \ } while(0) #define MME_SESS_CLEAR(__sESS) \ do { \ mme_ue_t *mme_ue = NULL; \ ogs_assert(__sESS); \ - mme_ue = (__sESS)->mme_ue; \ + mme_ue = mme_ue_find_by_id((__sESS)->mme_ue_id); \ ogs_assert(mme_ue); \ ogs_info("Removed Session: UE IMSI:%s APN:%s", \ mme_ue->imsi_bcd, \ @@ -743,6 +730,7 @@ (mme_ue_have_session_release_pending(__mME)) typedef struct mme_sess_s { ogs_lnode_t lnode; + ogs_pool_id_t id; uint8_t pti; /* Procedure Trasaction Identity */ @@ -756,7 +744,7 @@ ogs_list_t bearer_list; /* Related Context */ - mme_ue_t *mme_ue; + ogs_pool_id_t mme_ue_id; ogs_session_t *session; @@ -821,6 +809,8 @@ ogs_lnode_t lnode; ogs_lnode_t to_modify_node; + ogs_pool_id_t id; + ogs_fsm_t sm; /* State Machine */ uint8_t *ebi_node; /* Pool-Node for EPS Bearer ID */ @@ -870,8 +860,8 @@ } t3489; /* Related Context */ - mme_ue_t *mme_ue; - mme_sess_t *sess; + ogs_pool_id_t mme_ue_id; + ogs_pool_id_t sess_id; /* * Issues #3240 @@ -889,7 +879,7 @@ * as a list so that we can manage multiple of them. */ struct { - ogs_gtp_xact_t *xact; + ogs_pool_id_t xact_id; } create, delete, notify; struct { ogs_list_t xact_list; @@ -940,7 +930,7 @@ mme_enb_t *mme_enb_find_by_enb_id(uint32_t enb_id); int mme_enb_set_enb_id(mme_enb_t *enb, uint32_t enb_id); int mme_enb_sock_type(ogs_sock_t *sock); -mme_enb_t *mme_enb_cycle(mme_enb_t *enb); +mme_enb_t *mme_enb_find_by_id(ogs_pool_id_t id); enb_ue_t *enb_ue_add(mme_enb_t *enb, uint32_t enb_ue_s1ap_id); void enb_ue_remove(enb_ue_t *enb_ue); @@ -949,12 +939,12 @@ const mme_enb_t *enb, uint32_t enb_ue_s1ap_id); enb_ue_t *enb_ue_find(uint32_t index); enb_ue_t *enb_ue_find_by_mme_ue_s1ap_id(uint32_t mme_ue_s1ap_id); -enb_ue_t *enb_ue_cycle(enb_ue_t *enb_ue); +enb_ue_t *enb_ue_find_by_id(ogs_pool_id_t id); sgw_ue_t *sgw_ue_add(mme_sgw_t *sgw); void sgw_ue_remove(sgw_ue_t *sgw_ue); void sgw_ue_switch_to_sgw(sgw_ue_t *sgw_ue, mme_sgw_t *new_sgw); -sgw_ue_t *sgw_ue_cycle(sgw_ue_t *sgw_ue); +sgw_ue_t *sgw_ue_find_by_id(ogs_pool_id_t id); typedef enum { SGW_WITHOUT_RELOCATION = 1, @@ -969,7 +959,7 @@ mme_ue_t *mme_ue_add(enb_ue_t *enb_ue); void mme_ue_remove(mme_ue_t *mme_ue); void mme_ue_remove_all(void); -mme_ue_t *mme_ue_cycle(mme_ue_t *mme_ue); +mme_ue_t *mme_ue_find_by_id(ogs_pool_id_t id); void mme_ue_fsm_init(mme_ue_t *mme_ue); void mme_ue_fsm_fini(mme_ue_t *mme_ue); @@ -1059,6 +1049,7 @@ mme_sess_t *mme_sess_find_by_pti(const mme_ue_t *mme_ue, uint8_t pti); mme_sess_t *mme_sess_find_by_ebi(const mme_ue_t *mme_ue, uint8_t ebi); mme_sess_t *mme_sess_find_by_apn(const mme_ue_t *mme_ue, const char *apn); +mme_sess_t *mme_sess_find_by_id(ogs_pool_id_t id); mme_sess_t *mme_sess_first(const mme_ue_t *mme_ue); mme_sess_t *mme_sess_next(mme_sess_t *sess); @@ -1075,7 +1066,7 @@ mme_bearer_t *mme_linked_bearer(mme_bearer_t *bearer); mme_bearer_t *mme_bearer_first(const mme_sess_t *sess); mme_bearer_t *mme_bearer_next(mme_bearer_t *bearer); -mme_bearer_t *mme_bearer_cycle(mme_bearer_t *bearer); +mme_bearer_t *mme_bearer_find_by_id(ogs_pool_id_t id); void mme_session_remove_all(mme_ue_t *mme_ue); ogs_session_t *mme_session_find_by_apn(mme_ue_t *mme_ue, const char *apn);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-event.h
Changed
@@ -94,12 +94,11 @@ ogs_diam_s6a_message_t *s6a_message; mme_vlr_t *vlr; - mme_enb_t *enb; - enb_ue_t *enb_ue; - sgw_ue_t *sgw_ue; - mme_ue_t *mme_ue; - mme_sess_t *sess; - mme_bearer_t *bearer; + ogs_pool_id_t enb_id; + ogs_pool_id_t enb_ue_id; + ogs_pool_id_t sgw_ue_id; + ogs_pool_id_t mme_ue_id; + ogs_pool_id_t bearer_id; ogs_timer_t *timer; } mme_event_t;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-fd-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-fd-path.c
Changed
@@ -34,8 +34,8 @@ mme_ue_t *mme_ue, uint32_t *subdatamask); struct sess_state { - mme_ue_t *mme_ue; - enb_ue_t *enb_ue; + ogs_pool_id_t mme_ue_id; + ogs_pool_id_t enb_ue_id; struct timespec ts; /* Time of sending the message */ }; @@ -678,12 +678,12 @@ uint8_t resyncOGS_AUTS_LEN + OGS_RAND_LEN; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return; } - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); return; } @@ -697,8 +697,8 @@ sess_data = ogs_calloc(1, sizeof (*sess_data)); ogs_assert(sess_data); - sess_data->mme_ue = mme_ue; - sess_data->enb_ue = enb_ue; + sess_data->mme_ue_id = mme_ue->id; + sess_data->enb_ue_id = enb_ue->id; /* Create the request */ ret = fd_msg_new(ogs_diam_s6a_cmd_air, MSGFL_ALLOC_ETEID, &req); @@ -870,9 +870,9 @@ return; } - mme_ue = sess_data->mme_ue; + mme_ue = mme_ue_find_by_id(sess_data->mme_ue_id); ogs_assert(mme_ue); - enb_ue = sess_data->enb_ue; + enb_ue = enb_ue_find_by_id(sess_data->enb_ue_id); ogs_assert(enb_ue); /* Set Authentication-Information Command */ @@ -1033,8 +1033,8 @@ int rv; e = mme_event_new(MME_EVENT_S6A_MESSAGE); ogs_assert(e); - e->mme_ue = mme_ue; - e->enb_ue = enb_ue; + e->mme_ue_id = mme_ue->id; + e->enb_ue_id = enb_ue->id; e->s6a_message = s6a_message; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -1102,12 +1102,12 @@ struct session *session = NULL; ogs_nas_plmn_id_t nas_plmn_id; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return; } - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); return; } @@ -1117,8 +1117,8 @@ /* Create the random value to store with the session */ sess_data = ogs_calloc(1, sizeof(*sess_data)); ogs_assert(sess_data); - sess_data->mme_ue = mme_ue; - sess_data->enb_ue = enb_ue; + sess_data->mme_ue_id = mme_ue->id; + sess_data->enb_ue_id = enb_ue->id; /* Create the request */ ret = fd_msg_new(ogs_diam_s6a_cmd_ulr, MSGFL_ALLOC_ETEID, &req); @@ -1307,9 +1307,9 @@ return; } - mme_ue = sess_data->mme_ue; + mme_ue = mme_ue_find_by_id(sess_data->mme_ue_id); ogs_assert(mme_ue); - enb_ue = sess_data->enb_ue; + enb_ue = enb_ue_find_by_id(sess_data->enb_ue_id); ogs_assert(enb_ue); /* Set Update-Location Command */ @@ -1451,8 +1451,8 @@ int rv; e = mme_event_new(MME_EVENT_S6A_MESSAGE); ogs_assert(e); - e->mme_ue = mme_ue; - e->enb_ue = enb_ue; + e->mme_ue_id = mme_ue->id; + e->enb_ue_id = enb_ue->id; e->s6a_message = s6a_message; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -1524,12 +1524,12 @@ struct sess_state *sess_data = NULL, *svg; struct session *session = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return; } - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); return; } @@ -1539,8 +1539,8 @@ /* Create the random value to store with the session */ sess_data = ogs_calloc(1, sizeof(*sess_data)); ogs_assert(sess_data); - sess_data->mme_ue = mme_ue; - sess_data->enb_ue = enb_ue; + sess_data->mme_ue_id = mme_ue->id; + sess_data->enb_ue_id = enb_ue->id; /* Create the request */ ret = fd_msg_new(ogs_diam_s6a_cmd_pur, MSGFL_ALLOC_ETEID, &req); @@ -1664,9 +1664,9 @@ return; } - mme_ue = sess_data->mme_ue; + mme_ue = mme_ue_find_by_id(sess_data->mme_ue_id); ogs_assert(mme_ue); - enb_ue = sess_data->enb_ue; + enb_ue = enb_ue_find_by_id(sess_data->enb_ue_id); ogs_assert(enb_ue); /* Set Purge-UE Command */ @@ -1764,8 +1764,8 @@ int rv; e = mme_event_new(MME_EVENT_S6A_MESSAGE); ogs_assert(e); - e->mme_ue = mme_ue; - e->enb_ue = enb_ue; + e->mme_ue_id = mme_ue->id; + e->enb_ue_id = enb_ue->id; e->s6a_message = s6a_message; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -1922,7 +1922,7 @@ e = mme_event_new(MME_EVENT_S6A_MESSAGE); ogs_assert(e); - e->mme_ue = mme_ue; + e->mme_ue_id = mme_ue->id; e->s6a_message = s6a_message; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -2213,7 +2213,7 @@ int rv; e = mme_event_new(MME_EVENT_S6A_MESSAGE); ogs_assert(e); - e->mme_ue = mme_ue; + e->mme_ue_id = mme_ue->id; e->s6a_message = s6a_message; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-gn-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-gn-build.c
Changed
@@ -24,7 +24,11 @@ static int sess_fill_mm_context_decoded(mme_sess_t *sess, ogs_gtp1_mm_context_decoded_t *mmctx_dec) { - mme_ue_t *mme_ue = sess->mme_ue; + mme_ue_t *mme_ue = NULL; + + ogs_assert(sess); + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); + ogs_assert(mme_ue); *mmctx_dec = (ogs_gtp1_mm_context_decoded_t) { .gupii = 1, /* Integrity Protection not required */ .ugipai = 1, /* Ignore "Used GPRS integrity protection algorithm" field" */ @@ -55,8 +59,13 @@ static void build_qos_profile_from_session(ogs_gtp1_qos_profile_decoded_t *qos_pdec, const mme_sess_t *sess, const mme_bearer_t *bearer) { - const mme_ue_t *mme_ue = sess->mme_ue; + mme_ue_t *mme_ue = NULL; const ogs_session_t *session = sess->session; + + ogs_assert(sess); + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); + ogs_assert(mme_ue); + /* FIXME: Initialize with defaults: */ memset(qos_pdec, 0, sizeof(*qos_pdec));
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-gn-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-gn-handler.c
Changed
@@ -302,6 +302,7 @@ char imsi_bcdOGS_MAX_IMSI_BCD_LEN+1; ogs_gtp1_mm_context_decoded_t gtp1_mm_ctx; ogs_gtp1_pdp_context_decoded_t gtp1_pdp_ctx; + enb_ue_t *enb_ue = NULL; mme_sess_t *sess = NULL; uint8_t ret_cause = OGS_GTP1_CAUSE_REQUEST_ACCEPTED; @@ -318,6 +319,8 @@ return OGS_GTP1_CAUSE_IMSI_IMEI_NOT_KNOWN; } + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + switch (resp->cause.u8) { case OGS_GTP1_CAUSE_REQUEST_ACCEPTED: break; /* Handle below */ @@ -338,7 +341,7 @@ if (resp->cause.u8 != OGS_GTP1_CAUSE_REQUEST_ACCEPTED) { ogs_error("Gn Rx SGSN Context Response cause:%u", resp->cause.u8); - rv = nas_eps_send_tau_reject(mme_ue->enb_ue, mme_ue, emm_cause); + rv = nas_eps_send_tau_reject(enb_ue, mme_ue, emm_cause); return OGS_GTP1_CAUSE_SYSTEM_FAILURE; } @@ -428,7 +431,7 @@ nack_and_reject: rv = mme_gtp1_send_sgsn_context_ack(mme_ue, gtp1_cause, xact); ogs_info("%s TAU Reject OGS_NAS_EMM_CAUSE:%d", mme_ue->imsi_bcd, emm_cause); - rv = nas_eps_send_tau_reject(mme_ue->enb_ue, mme_ue, emm_cause); + rv = nas_eps_send_tau_reject(enb_ue, mme_ue, emm_cause); return OGS_GTP1_CAUSE_SYSTEM_FAILURE; } @@ -437,6 +440,7 @@ ogs_gtp_xact_t *xact, mme_ue_t *mme_ue, ogs_gtp1_sgsn_context_acknowledge_t *req) { int rv; + enb_ue_t *enb_ue = NULL; ogs_debug("Gn Rx SGSN Context Acknowledge"); @@ -451,6 +455,8 @@ return; } + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + /* 3GPP TS 23.060 6.9.1.2.2 Step 4), 3GPP TS 23.401 D.3.5 Step 4) * The new SGSN sends an SGSN Context Acknowledge message to the old SGSN. The old MME (which is the old * SGSN from the new SGSN's point of view) marks in its context that the information in the GWs and the HSS are @@ -473,8 +479,8 @@ * connection is released by the source eNodeB. The source eNodeB confirms the release of the RRC connection * and of the S1-U connection by sending a S1-U Release Complete message to the source MME." */ - if (mme_ue->enb_ue) { - rv = s1ap_send_ue_context_release_command(mme_ue->enb_ue, + if (enb_ue) { + rv = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, S1AP_UE_CTX_REL_S1_REMOVE_AND_UNLINK, 0); ogs_expect(rv == OGS_OK);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-gtp-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-gtp-path.c
Changed
@@ -102,9 +102,12 @@ { int r; mme_ue_t *mme_ue = NULL; + ogs_pool_id_t mme_ue_id = OGS_INVALID_POOL_ID; enb_ue_t *enb_ue = NULL; mme_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; mme_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; uint8_t type = 0; ogs_assert(xact); @@ -115,22 +118,30 @@ case OGS_GTP2_RELEASE_ACCESS_BEARERS_REQUEST_TYPE: case OGS_GTP2_CREATE_INDIRECT_DATA_FORWARDING_TUNNEL_REQUEST_TYPE: case OGS_GTP2_DELETE_INDIRECT_DATA_FORWARDING_TUNNEL_REQUEST_TYPE: - mme_ue = data; + mme_ue_id = OGS_POINTER_TO_UINT(data); + ogs_assert(mme_ue_id >= OGS_MIN_POOL_ID && + mme_ue_id <= OGS_MAX_POOL_ID); + mme_ue = mme_ue_find_by_id(mme_ue_id); ogs_assert(mme_ue); break; case OGS_GTP2_CREATE_SESSION_REQUEST_TYPE: case OGS_GTP2_DELETE_SESSION_REQUEST_TYPE: - sess = data; + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + sess = mme_sess_find_by_id(sess_id); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); break; case OGS_GTP2_BEARER_RESOURCE_COMMAND_TYPE: - bearer = data; + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); + bearer = mme_bearer_find_by_id(bearer_id); ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); break; default: @@ -154,7 +165,7 @@ */ CLEAR_SESSION_CONTEXT(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); if (enb_ue) { r = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, @@ -244,13 +255,13 @@ mme_ue_t *mme_ue = NULL; sgw_ue_t *sgw_ue = NULL; - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); if (create_action == OGS_GTP_CREATE_IN_PATH_SWITCH_REQUEST) { - sgw_ue = sgw_ue_cycle(sgw_ue->target_ue); + sgw_ue = sgw_ue_find_by_id(sgw_ue->target_ue_id); ogs_assert(sgw_ue); } @@ -264,7 +275,9 @@ return OGS_ERROR; } - xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, sess); + xact = ogs_gtp_xact_local_create( + sgw_ue->gnode, &h, pkbuf, timeout, + OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR; @@ -290,7 +303,7 @@ ogs_pkbuf_t *pkbuf = NULL; ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); memset(&h, 0, sizeof(ogs_gtp2_header_t)); @@ -303,7 +316,9 @@ return OGS_ERROR; } - xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, mme_ue); + xact = ogs_gtp_xact_local_create( + sgw_ue->gnode, &h, pkbuf, timeout, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR; @@ -328,7 +343,7 @@ ogs_assert(action); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); ogs_assert(sgw_ue); @@ -342,7 +357,9 @@ return OGS_ERROR; } - xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, s11buf, timeout, sess); + xact = ogs_gtp_xact_local_create( + sgw_ue->gnode, &h, s11buf, timeout, + OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR; @@ -363,11 +380,10 @@ sgw_ue_t *sgw_ue = NULL; ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); ogs_assert(action); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); ogs_list_for_each_safe(&mme_ue->sess_list, next_sess, sess) { if (MME_HAVE_SGW_S1U_PATH(sess)) { mme_gtp_send_delete_session_request(sgw_ue, sess, action); @@ -390,16 +406,19 @@ ogs_pkbuf_t *pkbuf = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; - ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; - ogs_assert(sgw_ue); - xact = ogs_gtp_xact_cycle(bearer->create.xact); + ogs_assert(bearer->create.xact_id >= OGS_MIN_POOL_ID && + bearer->create.xact_id <= OGS_MAX_POOL_ID); + xact = ogs_gtp_xact_find_by_id(bearer->create.xact_id); if (!xact) { - ogs_warn("GTP transaction(CREATE) has already been removed"); + ogs_error("GTP transaction(CREATE) has already been removed"); return OGS_OK; } + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); + ogs_assert(mme_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); + ogs_assert(sgw_ue); + memset(&h, 0, sizeof(ogs_gtp2_header_t)); h.type = OGS_GTP2_CREATE_BEARER_RESPONSE_TYPE; h.teid = sgw_ue->sgw_s11_teid; @@ -435,9 +454,9 @@ ogs_pkbuf_t *pkbuf = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); /* @@ -500,16 +519,19 @@ ogs_pkbuf_t *pkbuf = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; - ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; - ogs_assert(sgw_ue); - xact = ogs_gtp_xact_cycle(bearer->delete.xact); + ogs_assert(bearer->delete.xact_id >= OGS_MIN_POOL_ID && + bearer->delete.xact_id <= OGS_MAX_POOL_ID); + xact = ogs_gtp_xact_find_by_id(bearer->delete.xact_id); if (!xact) { - ogs_warn("GTP transaction(DELETE) has already been removed"); + ogs_error("GTP transaction(DELETE) has already been removed"); return OGS_OK; } + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); + ogs_assert(mme_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); + ogs_assert(sgw_ue); + memset(&h, 0, sizeof(ogs_gtp2_header_t)); h.type = OGS_GTP2_DELETE_BEARER_RESPONSE_TYPE; h.teid = sgw_ue->sgw_s11_teid; @@ -542,7 +564,7 @@ ogs_assert(action); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); memset(&h, 0, sizeof(ogs_gtp2_header_t)); @@ -555,7 +577,9 @@ return OGS_ERROR; } - xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, mme_ue); + xact = ogs_gtp_xact_local_create( + sgw_ue->gnode, &h, pkbuf, timeout, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR; @@ -575,7 +599,7 @@ enb_ue_t *enb_ue = NULL, *next = NULL; ogs_list_for_each_safe(&enb->enb_ue_list, next, enb_ue) { - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (mme_ue) { if (action == OGS_GTP_RELEASE_S1_CONTEXT_REMOVE_BY_LO_CONNREFUSED) { @@ -631,14 +655,17 @@ ogs_pkbuf_t *s11buf = NULL; ogs_assert(bearer); - xact = ogs_gtp_xact_cycle(bearer->notify.xact); + ogs_assert(bearer->notify.xact_id >= OGS_MIN_POOL_ID && + bearer->notify.xact_id <= OGS_MAX_POOL_ID); + xact = ogs_gtp_xact_find_by_id(bearer->notify.xact_id); if (!xact) { - ogs_warn("GTP transaction(NOTIFY) has already been removed"); + ogs_error("GTP transaction(NOTIFY) has already been removed"); return OGS_OK; } - mme_ue = bearer->mme_ue; + + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); /* Build Downlink data notification ack */ @@ -674,7 +701,7 @@ sgw_ue_t *sgw_ue = NULL; ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); memset(&h, 0, sizeof(ogs_gtp2_header_t)); @@ -689,7 +716,9 @@ return OGS_ERROR; } - xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, mme_ue); + xact = ogs_gtp_xact_local_create( + sgw_ue->gnode, &h, pkbuf, timeout, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR; @@ -713,7 +742,7 @@ ogs_assert(action); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); memset(&h, 0, sizeof(ogs_gtp2_header_t)); @@ -727,7 +756,9 @@ } ogs_pkbuf_reserve(pkbuf, OGS_TLV_MAX_HEADROOM); - xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, mme_ue); + xact = ogs_gtp_xact_local_create( + sgw_ue->gnode, &h, pkbuf, timeout, + OGS_UINT_TO_POINTER(mme_ue->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR; @@ -753,9 +784,9 @@ sgw_ue_t *sgw_ue = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); memset(&h, 0, sizeof(ogs_gtp2_header_t)); @@ -768,7 +799,9 @@ return OGS_ERROR; } - xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, bearer); + xact = ogs_gtp_xact_local_create( + sgw_ue->gnode, &h, pkbuf, timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-path.c
Changed
@@ -76,14 +76,13 @@ if (!MME_SESSION_RELEASE_PENDING(mme_ue) && mme_ue_xact_count(mme_ue, OGS_GTP_LOCAL_ORIGINATOR) == xact_count) { - enb_ue_t *enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue_t *enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); if (enb_ue) { ogs_assert(OGS_OK == s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, S1AP_UE_CTX_REL_UE_CONTEXT_REMOVE, 0)); } else { - MME_UE_CHECK(OGS_LOG_WARN, mme_ue); mme_ue_remove(mme_ue); } } @@ -129,7 +128,7 @@ if (!MME_SESSION_RELEASE_PENDING(mme_ue) && mme_ue_xact_count(mme_ue, OGS_GTP_LOCAL_ORIGINATOR) == xact_count) { - enb_ue_t *enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue_t *enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); if (enb_ue) { r = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, @@ -148,7 +147,7 @@ mme_ue_t *mme_ue = NULL; ogs_assert(enb_ue); - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (mme_ue) { ogs_debug("%s Release access bearer request", mme_ue->imsi_bcd); ogs_assert(OGS_OK == @@ -173,7 +172,8 @@ switch (mme_ue->paging.type) { case MME_PAGING_TYPE_DOWNLINK_DATA_NOTIFICATION: - bearer = mme_bearer_cycle(mme_ue->paging.data); + bearer = mme_bearer_find_by_id( + OGS_POINTER_TO_UINT(mme_ue->paging.data)); if (!bearer) { ogs_error("No Bearer %d", mme_ue->paging.type); goto cleanup; @@ -190,7 +190,8 @@ } break; case MME_PAGING_TYPE_CREATE_BEARER: - bearer = mme_bearer_cycle(mme_ue->paging.data); + bearer = mme_bearer_find_by_id( + OGS_POINTER_TO_UINT(mme_ue->paging.data)); if (!bearer) { ogs_error("No Bearer %d", mme_ue->paging.type); goto cleanup; @@ -207,7 +208,8 @@ } break; case MME_PAGING_TYPE_UPDATE_BEARER: - bearer = mme_bearer_cycle(mme_ue->paging.data); + bearer = mme_bearer_find_by_id( + OGS_POINTER_TO_UINT(mme_ue->paging.data)); if (!bearer) { ogs_error("No Bearer %d", mme_ue->paging.type); goto cleanup; @@ -240,7 +242,8 @@ } break; case MME_PAGING_TYPE_DELETE_BEARER: - bearer = mme_bearer_cycle(mme_ue->paging.data); + bearer = mme_bearer_find_by_id( + OGS_POINTER_TO_UINT(mme_ue->paging.data)); if (!bearer) { ogs_error("No Bearer %d", mme_ue->paging.type); goto cleanup;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-s11-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-s11-build.c
Changed
@@ -55,13 +55,13 @@ session = sess->session; ogs_assert(session); ogs_assert(session->name); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); if (create_action == OGS_GTP_CREATE_IN_PATH_SWITCH_REQUEST) { - sgw_ue = sgw_ue_cycle(sgw_ue->target_ue); + sgw_ue = sgw_ue_find_by_id(sgw_ue->target_ue_id); ogs_assert(sgw_ue); } @@ -405,7 +405,7 @@ ogs_debug("Modifty Bearer Request"); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); ogs_assert(ogs_list_count(&mme_ue->bearer_to_modify_list)); @@ -448,7 +448,7 @@ memset(&indication, 0, sizeof(ogs_gtp2_indication_t)); ogs_list_for_each_entry( &mme_ue->bearer_to_modify_list, bearer, to_modify_node) { - mme_sess_t *sess = bearer->sess; + mme_sess_t *sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); if (sess->ue_request_type.value == OGS_NAS_EPS_REQUEST_TYPE_HANDOVER) { @@ -513,9 +513,9 @@ sgw_ue_t *sgw_ue = NULL; ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); bearer = mme_default_bearer_in_sess(sess); ogs_assert(bearer); @@ -576,9 +576,9 @@ sgw_ue_t *sgw_ue = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); ogs_debug("Create Bearer Response"); @@ -683,9 +683,9 @@ sgw_ue_t *sgw_ue = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); ogs_debug("Update Bearer Response"); @@ -762,9 +762,9 @@ sgw_ue_t *sgw_ue = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); ogs_debug("Delete Bearer Response"); @@ -918,7 +918,7 @@ int len; ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); ogs_debug("Create Indirect Data Forwarding Tunnel Request"); @@ -1002,11 +1002,11 @@ mme_bearer_t *linked_bearer = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = sess->mme_ue; + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); ogs_debug("Bearer Resource Command");
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-s11-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-s11-handler.c
Changed
@@ -62,16 +62,13 @@ static void gtp_remote_holding_timeout(ogs_gtp_xact_t *xact, void *data) { char bufOGS_ADDRSTRLEN; - mme_bearer_t *bearer = data; + mme_bearer_t *bearer = NULL; uint8_t type; ogs_assert(xact); - bearer = mme_bearer_cycle(bearer); - ogs_assert(bearer); - type = xact->seqxact->step-1.type; - ogs_warn("%d %s HOLDING TIMEOUT " + ogs_error("%d %s HOLDING TIMEOUT " "for step %d type %d peer %s:%d", xact->xid, xact->org == OGS_GTP_LOCAL_ORIGINATOR ? "LOCAL " : "REMOTE", @@ -79,6 +76,13 @@ OGS_ADDR(&xact->gnode->addr, buf), OGS_PORT(&xact->gnode->addr)); + ogs_assert(data); + bearer = mme_bearer_find_by_id(OGS_POINTER_TO_UINT(data)); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + /* * Issues #3240 * @@ -182,6 +186,7 @@ mme_sess_t *sess = NULL; mme_ue_t *mme_ue = NULL; sgw_ue_t *source_ue = NULL, *target_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_session_t *session = NULL; ogs_gtp2_bearer_qos_t bearer_qos; ogs_gtp2_ambr_t *ambr = NULL; @@ -197,11 +202,10 @@ ********************/ ogs_assert(xact); create_action = xact->create_action; - sess = xact->data; + sess = mme_sess_find_by_id(OGS_POINTER_TO_UINT(xact->data)); ogs_assert(sess); - MME_UE_CHECK(OGS_LOG_DEBUG, sess->mme_ue); - mme_ue = mme_ue_cycle(sess->mme_ue); + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); rv = ogs_gtp_xact_commit(xact); if (rv != OGS_OK) { @@ -213,11 +217,12 @@ ogs_error("MME-UE Context has already been removed"); return; } - source_ue = sgw_ue_cycle(mme_ue->sgw_ue); + source_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(source_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); if (create_action == OGS_GTP_CREATE_IN_PATH_SWITCH_REQUEST) { - target_ue = sgw_ue_cycle(source_ue->target_ue); + target_ue = sgw_ue_find_by_id(source_ue->target_ue_id); ogs_assert(target_ue); } else { target_ue = source_ue; @@ -248,7 +253,7 @@ if (create_action == OGS_GTP_CREATE_IN_ATTACH_REQUEST) { ogs_error("%s Attach reject Cause:%d", mme_ue->imsi_bcd, session_cause); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_NETWORK_FAILURE, OGS_NAS_ESM_CAUSE_NETWORK_FAILURE); ogs_expect(r == OGS_OK); @@ -299,7 +304,7 @@ if (create_action == OGS_GTP_CREATE_IN_ATTACH_REQUEST) { ogs_error("%s Attach reject Cause:%d", mme_ue->imsi_bcd, session_cause); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_NETWORK_FAILURE, OGS_NAS_ESM_CAUSE_NETWORK_FAILURE); ogs_expect(r == OGS_OK); @@ -307,7 +312,7 @@ } else if (create_action == OGS_GTP_CREATE_IN_TRACKING_AREA_UPDATE) { ogs_error("%s TAU reject Cause:%d", mme_ue->imsi_bcd, session_cause); - r = nas_eps_send_tau_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_tau_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_NETWORK_FAILURE); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -338,7 +343,7 @@ mme_ue->imsi_bcd, bearer_cause); if (create_action == OGS_GTP_CREATE_IN_ATTACH_REQUEST) { ogs_error("%s Attach reject", mme_ue->imsi_bcd); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_NETWORK_FAILURE, OGS_NAS_ESM_CAUSE_NETWORK_FAILURE); ogs_expect(r == OGS_OK); @@ -358,7 +363,7 @@ ogs_error("%s GTP Cause VALUE:%d", mme_ue->imsi_bcd, session_cause); if (create_action == OGS_GTP_CREATE_IN_ATTACH_REQUEST) { ogs_error("%s Attach reject", mme_ue->imsi_bcd); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_NETWORK_FAILURE, OGS_NAS_ESM_CAUSE_NETWORK_FAILURE); ogs_expect(r == OGS_OK); @@ -525,7 +530,7 @@ } else if (create_action == OGS_GTP_CREATE_IN_TRACKING_AREA_UPDATE) { /* 3GPP TS 23.401 D.3.6 step 13, 14: */ - mme_s6a_send_ulr(mme_ue->enb_ue, mme_ue); + mme_s6a_send_ulr(enb_ue, mme_ue); } else if (create_action == OGS_GTP_CREATE_IN_UPLINK_NAS_TRANSPORT) { r = nas_eps_send_activate_default_bearer_context_request( bearer, create_action); @@ -571,8 +576,7 @@ ogs_assert(xact); modify_action = xact->modify_action; - MME_UE_CHECK(OGS_LOG_DEBUG, xact->data); - mme_ue = mme_ue_cycle(xact->data); + mme_ue = mme_ue_find_by_id(OGS_POINTER_TO_UINT(xact->data)); rv = ogs_gtp_xact_commit(xact); if (rv != OGS_OK) { @@ -584,7 +588,7 @@ ogs_error("MME-UE Context has already been removed"); return; } - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); /************************ @@ -673,6 +677,7 @@ sgw_ue_t *source_ue = NULL, *target_ue = NULL; mme_sess_t *sess = NULL; mme_ue_t *mme_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_assert(rsp); @@ -684,12 +689,11 @@ ogs_assert(xact); action = xact->delete_action; ogs_assert(action); - sess = xact->data; + sess = mme_sess_find_by_id(OGS_POINTER_TO_UINT(xact->data)); ogs_assert(sess); ogs_debug("delete_session_response - xact:%p, sess:%p", xact, sess); - MME_UE_CHECK(OGS_LOG_DEBUG, sess->mme_ue); - mme_ue = mme_ue_cycle(sess->mme_ue); + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); rv = ogs_gtp_xact_commit(xact); if (rv != OGS_OK) { @@ -701,11 +705,11 @@ ogs_error("MME-UE Context has already been removed"); return; } - target_ue = sgw_ue_cycle(mme_ue->sgw_ue); + target_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(target_ue); if (action == OGS_GTP_DELETE_IN_PATH_SWITCH_REQUEST) { - source_ue = sgw_ue_cycle(target_ue->source_ue); + source_ue = sgw_ue_find_by_id(target_ue->source_ue_id); if (!source_ue) /* InterRAT to 2G/3G (SGSN) case: */ source_ue = target_ue; ogs_assert(source_ue); @@ -754,6 +758,8 @@ ogs_assert(target_ue); ogs_assert(source_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + ogs_debug(" MME_S11_TEID%d SGW_S11_TEID%d", mme_ue->mme_s11_teid, source_ue->sgw_s11_teid); @@ -763,7 +769,7 @@ * of the detach accept from UE */ } else if (action == OGS_GTP_DELETE_SEND_AUTHENTICATION_REQUEST) { if (mme_sess_count(mme_ue) == 1) /* Last Session */ { - mme_s6a_send_air(mme_ue->enb_ue, mme_ue, NULL); + mme_s6a_send_air(enb_ue, mme_ue, NULL); } } else if (action == OGS_GTP_DELETE_SEND_DETACH_ACCEPT) { @@ -791,11 +797,9 @@ } else if (action == OGS_GTP_DELETE_SEND_RELEASE_WITH_UE_CONTEXT_REMOVE) { if (mme_sess_count(mme_ue) == 1) /* Last Session */ { if (ECM_IDLE(mme_ue)) { - MME_UE_CHECK(OGS_LOG_ERROR, mme_ue); mme_ue_remove(mme_ue); } else { - ogs_assert(mme_ue->enb_ue); - r = s1ap_send_ue_context_release_command(mme_ue->enb_ue, + r = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, S1AP_UE_CTX_REL_UE_CONTEXT_REMOVE, 0); ogs_expect(r == OGS_OK); @@ -806,17 +810,11 @@ } else if (action == OGS_GTP_DELETE_SEND_RELEASE_WITH_S1_REMOVE_AND_UNLINK) { if (mme_sess_count(mme_ue) == 1) /* Last Session */ { - enb_ue_t *enb_ue = NULL; - - enb_ue = enb_ue_cycle(mme_ue->enb_ue); - if (enb_ue) { - r = s1ap_send_ue_context_release_command(enb_ue, - S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, - S1AP_UE_CTX_REL_S1_REMOVE_AND_UNLINK, 0); - ogs_expect(r == OGS_OK); - ogs_assert(r != OGS_ERROR); - } else - ogs_error("ENB-S1 Context has already been removed"); + r = s1ap_send_ue_context_release_command(enb_ue, + S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, + S1AP_UE_CTX_REL_S1_REMOVE_AND_UNLINK, 0); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); } } else if (action == OGS_GTP_DELETE_HANDLE_PDN_CONNECTIVITY_REQUEST) { @@ -825,7 +823,7 @@ &mme_ue->pdn_connectivity_request); if (rv != OGS_OK) { ogs_error("nas_eps_send_emm_to_esm() failed"); - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK); @@ -883,7 +881,7 @@ ogs_error("No Context in TEID"); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); if (req->linked_eps_bearer_id.presence == 0) { @@ -1028,7 +1026,8 @@ * If GTP-xact Holding timer is expired, * OLD bearer->xact memory will be automatically removed. */ - bearer->create.xact = xact; + ogs_assert(xact->id >= OGS_MIN_POOL_ID && xact->id <= OGS_MAX_POOL_ID); + bearer->create.xact_id = xact->id; /* Before Activate DEDICATED bearer, check DEFAULT bearer status */ default_bearer = mme_default_bearer_in_sess(sess); @@ -1040,7 +1039,7 @@ if (OGS_FSM_CHECK(&default_bearer->sm, esm_state_active)) { if (ECM_IDLE(mme_ue)) { MME_STORE_PAGING_INFO(mme_ue, - MME_PAGING_TYPE_CREATE_BEARER, bearer); + MME_PAGING_TYPE_CREATE_BEARER, bearer->id); r = s1ap_send_paging(mme_ue, S1AP_CNDomain_ps); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -1084,7 +1083,7 @@ ogs_error("No Context in TEID"); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); if (req->bearer_contexts.presence == 0) { @@ -1119,7 +1118,7 @@ ogs_assert(sgw_ue); ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); ogs_debug(" MME_S11_TEID%d SGW_S11_TEID%d", @@ -1155,7 +1154,7 @@ */ xact->cb = gtp_remote_holding_timeout; - xact->data = bearer; + xact->data = OGS_UINT_TO_POINTER(bearer->id); ogs_list_add(&bearer->update.xact_list, &xact->to_update_node); @@ -1192,7 +1191,7 @@ req->bearer_contexts.tft.presence == 1) { if (ECM_IDLE(mme_ue)) { MME_STORE_PAGING_INFO(mme_ue, - MME_PAGING_TYPE_UPDATE_BEARER, bearer); + MME_PAGING_TYPE_UPDATE_BEARER, bearer->id); r = s1ap_send_paging(mme_ue, S1AP_CNDomain_ps); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -1249,7 +1248,7 @@ ogs_error("No Context in TEID"); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); if (req->linked_eps_bearer_id.presence == 1) { @@ -1309,7 +1308,7 @@ ogs_assert(sgw_ue); ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); ogs_debug(" MME_S11_TEID%d SGW_S11_TEID%d", @@ -1329,11 +1328,12 @@ * If GTP-xact Holding timer is expired, * OLD bearer->xact memory will be automatically removed. */ - bearer->delete.xact = xact; + ogs_assert(xact->id >= OGS_MIN_POOL_ID && xact->id <= OGS_MAX_POOL_ID); + bearer->delete.xact_id = xact->id; if (ECM_IDLE(mme_ue)) { MME_STORE_PAGING_INFO(mme_ue, - MME_PAGING_TYPE_DELETE_BEARER, bearer); + MME_PAGING_TYPE_DELETE_BEARER, bearer->id); r = s1ap_send_paging(mme_ue, S1AP_CNDomain_ps); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -1370,8 +1370,7 @@ action = xact->release_action; ogs_assert(action); - MME_UE_CHECK(OGS_LOG_DEBUG, xact->data); - mme_ue = mme_ue_cycle(xact->data); + mme_ue = mme_ue_find_by_id(OGS_POINTER_TO_UINT(xact->data)); rv = ogs_gtp_xact_commit(xact); if (rv != OGS_OK) { @@ -1383,7 +1382,7 @@ ogs_error("MME-UE Context has already been removed"); return; } - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); /*********************** @@ -1421,7 +1420,7 @@ } if (action == OGS_GTP_RELEASE_SEND_UE_CONTEXT_RELEASE_COMMAND) { - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); if (enb_ue) { r = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, @@ -1449,17 +1448,18 @@ * for new UE-associated logical S1-connections over the S1 interface, * the MME shall respond with the RESET ACKNOWLEDGE message. */ - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); enb_ue_unlink(mme_ue); if (enb_ue) { - mme_enb_t *enb = enb_ue->enb; - ogs_assert(enb); + mme_enb_t *enb = NULL; + + enb = mme_enb_find_by_id(enb_ue->enb_id); enb_ue_remove(enb_ue); - if (ogs_list_count(&enb->enb_ue_list) == 0) { + if (enb && ogs_list_count(&enb->enb_ue_list) == 0) { r = s1ap_send_s1_reset_ack(enb, NULL); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -1471,35 +1471,39 @@ } else if (action == OGS_GTP_RELEASE_S1_CONTEXT_REMOVE_BY_RESET_PARTIAL) { enb_ue_t *iter = NULL; - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); enb_ue_unlink(mme_ue); if (enb_ue) { - mme_enb_t *enb = enb_ue->enb; - ogs_assert(enb); + mme_enb_t *enb = NULL; + + enb = mme_enb_find_by_id(enb_ue->enb_id); enb_ue_remove(enb_ue); - ogs_list_for_each(&enb->enb_ue_list, iter) { - if (iter->part_of_s1_reset_requested == true) { - /* The ENB_UE context - * where PartOfS1_interface was requested - * still remains */ - return; + if (enb) { + ogs_list_for_each(&enb->enb_ue_list, iter) { + if (iter->part_of_s1_reset_requested == true) { + /* The ENB_UE context + * where PartOfS1_interface was requested + * still remains */ + return; + } } - } - /* All ENB_UE context - * where PartOfS1_interface was requested - * REMOVED */ - ogs_assert(enb->s1_reset_ack); - r = s1ap_send_to_enb(enb, enb->s1_reset_ack, S1AP_NON_UE_SIGNALLING); - ogs_expect(r == OGS_OK); - ogs_assert(r != OGS_ERROR); + /* All ENB_UE context + * where PartOfS1_interface was requested + * REMOVED */ + ogs_assert(enb->s1_reset_ack); + r = s1ap_send_to_enb( + enb, enb->s1_reset_ack, S1AP_NON_UE_SIGNALLING); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); - /* Clear S1-Reset Ack Buffer */ - enb->s1_reset_ack = NULL; + /* Clear S1-Reset Ack Buffer */ + enb->s1_reset_ack = NULL; + } } else { ogs_error("ENB-S1 Context has already been removed"); } @@ -1534,7 +1538,7 @@ ogs_error("No UE Context"); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); if (noti->eps_bearer_id.presence == 0) { @@ -1577,7 +1581,8 @@ * If GTP-xact Holding timer is expired, * OLD bearer->xact memory will be automatically removed. */ - bearer->notify.xact = xact; + ogs_assert(xact->id >= OGS_MIN_POOL_ID && xact->id <= OGS_MAX_POOL_ID); + bearer->notify.xact_id = xact->id; if (noti->cause.presence) { ogs_gtp2_cause_t *cause = noti->cause.data; @@ -1601,7 +1606,7 @@ */ if (ECM_IDLE(mme_ue)) { MME_STORE_PAGING_INFO(mme_ue, - MME_PAGING_TYPE_DOWNLINK_DATA_NOTIFICATION, bearer); + MME_PAGING_TYPE_DOWNLINK_DATA_NOTIFICATION, bearer->id); r = s1ap_send_paging(mme_ue, S1AP_CNDomain_ps); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); @@ -1637,7 +1642,7 @@ * included in Downlink Data Notification is "Error Indication received * from RNC/eNodeB/S4-SGSN" */ - enb_ue_t *enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue_t *enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); r = s1ap_send_ue_context_release_command(enb_ue, @@ -1675,7 +1680,7 @@ * Check Transaction ********************/ ogs_assert(xact); - mme_ue = mme_ue_cycle(xact->data); + mme_ue = mme_ue_find_by_id(OGS_POINTER_TO_UINT(xact->data)); rv = ogs_gtp_xact_commit(xact); if (rv != OGS_OK) { @@ -1687,7 +1692,7 @@ ogs_error("MME-UE Context has already been removed"); return; } - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); /************************ @@ -1781,7 +1786,7 @@ } } - source_ue = enb_ue_cycle(mme_ue->enb_ue); + source_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(source_ue); r = s1ap_send_handover_command(source_ue); @@ -1810,7 +1815,7 @@ ogs_assert(xact); action = xact->delete_indirect_action; ogs_assert(action); - mme_ue = mme_ue_cycle(xact->data); + mme_ue = mme_ue_find_by_id(OGS_POINTER_TO_UINT(xact->data)); rv = ogs_gtp_xact_commit(xact); if (rv != OGS_OK) { @@ -1822,7 +1827,7 @@ ogs_error("MME-UE Context has already been removed"); return; } - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); /************************ @@ -1890,7 +1895,7 @@ if (action == OGS_GTP_DELETE_INDIRECT_HANDOVER_COMPLETE) { /* Nothing to do */ } else if (action == OGS_GTP_DELETE_INDIRECT_HANDOVER_CANCEL) { - r = s1ap_send_handover_cancel_ack(mme_ue->enb_ue); + r = s1ap_send_handover_cancel_ack(enb_ue_find_by_id(mme_ue->enb_ue_id)); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); } else { @@ -1917,11 +1922,11 @@ * Check Transaction ********************/ ogs_assert(xact); - bearer = xact->data; + bearer = mme_bearer_find_by_id(OGS_POINTER_TO_UINT(xact->data)); ogs_assert(ind); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = mme_ue_cycle(sess->mme_ue); + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); rv = ogs_gtp_xact_commit(xact); if (rv != OGS_OK) { @@ -1933,7 +1938,7 @@ ogs_error("MME-UE Context has already been removed"); return; } - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); if (!mme_ue_from_teid)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-s6a-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-s6a-handler.c
Changed
@@ -153,7 +153,6 @@ if (s6a_message->result_code != ER_DIAMETER_SUCCESS) { ogs_error("Purge UE failed for IMSI%s %d", mme_ue->imsi_bcd, s6a_message->result_code); - MME_UE_CHECK(OGS_LOG_ERROR, mme_ue); mme_ue_remove(mme_ue); return OGS_ERROR; } @@ -161,7 +160,6 @@ if (pua_message->pua_flags & OGS_DIAM_S6A_PUA_FLAGS_FREEZE_MTMSI) ogs_debug("Freeze M-TMSI requested but not implemented."); - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); mme_ue_remove(mme_ue); return OGS_OK; @@ -220,7 +218,6 @@ clr_message = &s6a_message->clr_message; ogs_assert(clr_message); - mme_ue = mme_ue_cycle(mme_ue); if (!mme_ue) { ogs_warn("UE(mme-ue) context has already been removed"); return; @@ -236,7 +233,6 @@ */ if (OGS_FSM_CHECK(&mme_ue->sm, emm_state_de_registered)) { ogs_warn("UE has already been de-registered"); - MME_UE_CHECK(OGS_LOG_ERROR, mme_ue); mme_ue_remove(mme_ue); return; }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-sm.c
Changed
@@ -111,7 +111,11 @@ enb = mme_enb_find_by_addr(addr); if (!enb) { enb = mme_enb_add(sock, addr); - ogs_assert(enb); + if (!enb) { + ogs_error("mme_enb_add() failed"); + ogs_sock_destroy(sock); + ogs_free(addr); + } } else { ogs_warn("eNB context duplicated with IP-address %s!!!", OGS_ADDR(addr, buf)); @@ -136,7 +140,10 @@ enb = mme_enb_find_by_addr(addr); if (!enb) { enb = mme_enb_add(sock, addr); - ogs_assert(enb); + if (!enb) { + ogs_error("amf_enb_add() failed"); + ogs_free(addr); + } } else { ogs_free(addr); } @@ -193,7 +200,7 @@ rc = ogs_s1ap_decode(&s1ap_message, pkbuf); if (rc == OGS_OK) { - e->enb = enb; + e->enb_id = enb->id; e->s1ap_message = &s1ap_message; ogs_fsm_dispatch(&enb->sm, e); } else { @@ -210,13 +217,14 @@ break; case MME_EVENT_S1AP_TIMER: - enb_ue = e->enb_ue; - ogs_assert(enb_ue); + enb_ue = enb_ue_find_by_id(e->enb_ue_id); + if (!enb_ue) { + ogs_error("S1 Context has already been removed"); + break; + } switch (e->timer_id) { case MME_TIMER_S1_DELAYED_SEND: - enb = e->enb; - ogs_assert(enb); pkbuf = e->pkbuf; ogs_assert(pkbuf); @@ -239,18 +247,22 @@ break; case MME_EVENT_EMM_MESSAGE: - enb_ue = e->enb_ue; - ogs_assert(enb_ue); pkbuf = e->pkbuf; ogs_assert(pkbuf); + enb_ue = enb_ue_find_by_id(e->enb_ue_id); + if (!enb_ue) { + ogs_error("S1 Context has already been removed"); + break; + } + if (ogs_nas_emm_decode(&nas_message, pkbuf) != OGS_OK) { ogs_error("ogs_nas_emm_decode() failed"); ogs_pkbuf_free(pkbuf); return; } - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (!mme_ue) { mme_ue = mme_ue_find_by_message(&nas_message); if (!mme_ue) { @@ -266,7 +278,6 @@ return; } - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); ogs_assert(ECM_IDLE(mme_ue)); } else { /* Here, if the MME_UE Context is found, @@ -326,14 +337,12 @@ enb_ue ? enb_ue->enb_ue_s1ap_id : 0, enb_ue ? enb_ue->mme_ue_s1ap_id : 0); ogs_fatal("context %p:%p", enb_ue, mme_ue); - ogs_fatal("cycle %p:%p", - enb_ue_cycle(enb_ue), mme_ue_cycle(mme_ue)); ogs_fatal("IMSI %s", mme_ue ? mme_ue->imsi_bcd : "No MME_UE"); ogs_assert_if_reached(); } ogs_assert(OGS_FSM_STATE(&mme_ue->sm)); - e->mme_ue = mme_ue; + e->mme_ue_id = mme_ue->id; e->nas_message = &nas_message; ogs_fsm_dispatch(&mme_ue->sm, e); @@ -344,7 +353,7 @@ ogs_pkbuf_free(pkbuf); break; case MME_EVENT_EMM_TIMER: - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); ogs_assert(OGS_FSM_STATE(&mme_ue->sm)); @@ -352,7 +361,7 @@ break; case MME_EVENT_ESM_MESSAGE: - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); pkbuf = e->pkbuf; @@ -438,24 +447,20 @@ */ if (OGS_FSM_CHECK(&mme_ue->sm, emm_state_de_registered)) { ESM_MESSAGE_CHECK; - MME_UE_CHECK(OGS_LOG_ERROR, mme_ue); ogs_pkbuf_free(pkbuf); break; } else if (OGS_FSM_CHECK(&mme_ue->sm, emm_state_authentication)) { ESM_MESSAGE_CHECK; - MME_UE_CHECK(OGS_LOG_ERROR, mme_ue); ogs_pkbuf_free(pkbuf); break; } else if (OGS_FSM_CHECK(&mme_ue->sm, emm_state_security_mode)) { ESM_MESSAGE_CHECK; - MME_UE_CHECK(OGS_LOG_ERROR, mme_ue); ogs_pkbuf_free(pkbuf); break; } else if (OGS_FSM_CHECK(&mme_ue->sm, emm_state_initial_context_setup)) { } else if (OGS_FSM_CHECK(&mme_ue->sm, emm_state_registered)) { } else if (OGS_FSM_CHECK(&mme_ue->sm, emm_state_exception)) { ESM_MESSAGE_CHECK; - MME_UE_CHECK(OGS_LOG_ERROR, mme_ue); ogs_pkbuf_free(pkbuf); break; } @@ -467,12 +472,12 @@ break; } - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); default_bearer = mme_default_bearer_in_sess(sess); ogs_assert(default_bearer); - e->bearer = bearer; + e->bearer_id = bearer->id; e->nas_message = &nas_message; ogs_fsm_dispatch(&bearer->sm, e); @@ -508,7 +513,7 @@ break; case MME_EVENT_ESM_TIMER: - bearer = e->bearer; + bearer = mme_bearer_find_by_id(e->bearer_id); ogs_assert(bearer); ogs_assert(OGS_FSM_STATE(&bearer->sm)); @@ -560,13 +565,13 @@ * decide whether to process or * ignore the Authentication-Information-Answer as shown below. */ - mme_ue = mme_ue_cycle(e->mme_ue); + mme_ue = mme_ue_find_by_id(e->mme_ue_id); if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); goto cleanup; } - enb_ue = enb_ue_cycle(e->enb_ue); + enb_ue = enb_ue_find_by_id(e->enb_ue_id); /* * The 'enb_ue' context is not checked * because the status is checked in the sending routine. @@ -616,7 +621,7 @@ r = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, - mme_ue_cycle(enb_ue->mme_ue) ? + mme_ue_find_by_id(enb_ue->mme_ue_id) ? S1AP_UE_CTX_REL_UE_CONTEXT_REMOVE : S1AP_UE_CTX_REL_S1_CONTEXT_REMOVE, 0); ogs_expect(r == OGS_OK); @@ -775,10 +780,16 @@ break; case MME_EVENT_S11_TIMER: - sgw_ue = e->sgw_ue; - ogs_assert(sgw_ue); - mme_ue = sgw_ue->mme_ue; - ogs_assert(mme_ue); + sgw_ue = sgw_ue_find_by_id(e->sgw_ue_id); + if (!sgw_ue) { + ogs_error("SGW-UE Context has already been removed"); + break; + } + mme_ue = mme_ue_find_by_id(sgw_ue->mme_ue_id); + if (!mme_ue) { + ogs_error("MME-UE Context has already been removed"); + break; + } switch (e->timer_id) { case MME_TIMER_S11_HOLDING: @@ -867,9 +878,9 @@ break; case MME_EVENT_GN_TIMER: - mme_ue = e->mme_ue; + mme_ue = mme_ue_find_by_id(e->mme_ue_id); ogs_assert(mme_ue); - sgw_ue = mme_ue->sgw_ue; + sgw_ue = sgw_ue_find_by_id(mme_ue->sgw_ue_id); ogs_assert(sgw_ue); switch (e->timer_id) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/mme-timer.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/mme-timer.c
Changed
@@ -63,11 +63,6 @@ { .have = true, .duration = ogs_time_from_sec(20) }, }; -static void emm_timer_event_send( - mme_timer_e timer_id, mme_ue_t *mme_ue); -static void esm_timer_event_send( - mme_timer_e timer_id, mme_bearer_t *bearer); - mme_timer_cfg_t *mme_timer_cfg(mme_timer_e id) { ogs_assert(id < MAX_NUM_OF_MME_TIMER); @@ -129,16 +124,16 @@ } -static void emm_timer_event_send( - mme_timer_e timer_id, mme_ue_t *mme_ue) +static void emm_timer_event_send(mme_timer_e timer_id, void *data) { int rv; mme_event_t *e = NULL; - ogs_assert(mme_ue); + + ogs_assert(data); e = mme_event_new(MME_EVENT_EMM_TIMER); e->timer_id = timer_id; - e->mme_ue = mme_ue; + e->mme_ue_id = OGS_POINTER_TO_UINT(data); rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -176,20 +171,16 @@ emm_timer_event_send(MME_TIMER_IMPLICIT_DETACH, data); } -static void esm_timer_event_send( - mme_timer_e timer_id, mme_bearer_t *bearer) +static void esm_timer_event_send(mme_timer_e timer_id, void *data) { int rv; mme_event_t *e = NULL; - mme_ue_t *mme_ue = NULL; - ogs_assert(bearer); - mme_ue = bearer->mme_ue; - ogs_assert(bearer); + + ogs_assert(data); e = mme_event_new(MME_EVENT_ESM_TIMER); e->timer_id = timer_id; - e->mme_ue = mme_ue; - e->bearer = bearer; + e->bearer_id = OGS_POINTER_TO_UINT(data); rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -224,15 +215,13 @@ { int rv; mme_event_t *e = NULL; - enb_ue_t *enb_ue = NULL; ogs_assert(data); - enb_ue = data; e = mme_event_new(MME_EVENT_S1AP_TIMER); e->timer_id = MME_TIMER_S1_HOLDING; - e->enb_ue = enb_ue; + e->enb_ue_id = OGS_POINTER_TO_UINT(data); rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -245,15 +234,13 @@ { int rv; mme_event_t *e = NULL; - sgw_ue_t *sgw_ue = NULL; ogs_assert(data); - sgw_ue = data; e = mme_event_new(MME_EVENT_S11_TIMER); e->timer_id = MME_TIMER_S11_HOLDING; - e->sgw_ue = sgw_ue; + e->sgw_ue_id = OGS_POINTER_TO_UINT(data); rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { @@ -266,15 +253,13 @@ { int rv; mme_event_t *e = NULL; - mme_ue_t *mme_ue; ogs_assert(data); - mme_ue = data; e = mme_event_new(MME_EVENT_GN_TIMER); e->timer_id = MME_TIMER_GN_HOLDING; - e->mme_ue = mme_ue; + e->mme_ue_id = OGS_POINTER_TO_UINT(data); rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/nas-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/nas-path.c
Changed
@@ -29,16 +29,24 @@ int nas_eps_send_to_enb(mme_ue_t *mme_ue, ogs_pkbuf_t *pkbuf) { int rv; + enb_ue_t *enb_ue = NULL; ogs_assert(pkbuf); - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); ogs_pkbuf_free(pkbuf); return OGS_NOTFOUND; } - rv = s1ap_send_to_enb_ue(mme_ue->enb_ue, pkbuf); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { + ogs_error("S1 context has already been removed"); + ogs_pkbuf_free(pkbuf); + return OGS_NOTFOUND; + } + + rv = s1ap_send_to_enb_ue(enb_ue, pkbuf); ogs_expect(rv == OGS_OK); return rv; @@ -56,7 +64,7 @@ return OGS_ERROR; } - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } @@ -84,7 +92,7 @@ ogs_assert(pkbuf); - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); ogs_pkbuf_free(pkbuf); return OGS_NOTFOUND; @@ -105,16 +113,18 @@ int nas_eps_send_attach_accept(mme_ue_t *mme_ue) { int rv; + enb_ue_t *enb_ue = NULL; mme_sess_t *sess = NULL; ogs_pkbuf_t *s1apbuf = NULL; ogs_pkbuf_t *esmbuf = NULL, *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -184,12 +194,12 @@ mme_sess_t *sess = NULL; ogs_pkbuf_t *esmbuf = NULL, *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -221,14 +231,16 @@ int nas_eps_send_identity_request(mme_ue_t *mme_ue) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -254,7 +266,7 @@ ogs_timer_start(mme_ue->t3470.timer, mme_timer_cfg(MME_TIMER_T3470)->duration); - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -263,14 +275,16 @@ int nas_eps_send_authentication_request(mme_ue_t *mme_ue) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -296,7 +310,7 @@ ogs_timer_start(mme_ue->t3460.timer, mme_timer_cfg(MME_TIMER_T3460)->duration); - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -305,14 +319,16 @@ int nas_eps_send_security_mode_command(mme_ue_t *mme_ue) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -338,7 +354,7 @@ ogs_timer_start(mme_ue->t3460.timer, mme_timer_cfg(MME_TIMER_T3460)->duration); - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -347,14 +363,16 @@ int nas_eps_send_authentication_reject(mme_ue_t *mme_ue) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -367,7 +385,7 @@ return OGS_ERROR; } - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -376,14 +394,16 @@ int nas_eps_send_detach_request(mme_ue_t *mme_ue) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -409,7 +429,7 @@ ogs_timer_start(mme_ue->t3422.timer, mme_timer_cfg(MME_TIMER_T3422)->duration); - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -418,15 +438,16 @@ int nas_eps_send_detach_accept(mme_ue_t *mme_ue) { int rv; - + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -441,14 +462,14 @@ return OGS_ERROR; } - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); if (rv != OGS_OK) { ogs_error("nas_eps_send_to_downlink_nas_transport() failed"); return rv; } } - rv = s1ap_send_ue_context_release_command(mme_ue->enb_ue, + rv = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_detach, S1AP_UE_CTX_REL_S1_REMOVE_AND_UNLINK, 0); ogs_expect(rv == OGS_OK); @@ -460,18 +481,20 @@ mme_sess_t *sess, ogs_nas_esm_cause_t esm_cause, int create_action) { int rv; - mme_ue_t *mme_ue; + mme_ue_t *mme_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *esmbuf = NULL; ogs_assert(sess); - mme_ue = sess->mme_ue; - if (!mme_ue_cycle(mme_ue)) { + mme_ue = mme_ue_find_by_id(sess->mme_ue_id); + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -479,14 +502,14 @@ if (create_action == OGS_GTP_CREATE_IN_ATTACH_REQUEST) { /* During the UE-attach process, we'll send Attach-Reject * with pyggybacking PDN-connectivity-Reject */ - rv = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + rv = nas_eps_send_attach_reject(enb_ue, mme_ue, OGS_NAS_EMM_CAUSE_ESM_FAILURE, esm_cause); if (rv != OGS_OK) { ogs_error("nas_eps_send_attach_reject() failed"); return rv; } - rv = s1ap_send_ue_context_release_command(mme_ue->enb_ue, + rv = s1ap_send_ue_context_release_command(enb_ue, S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release, S1AP_UE_CTX_REL_UE_CONTEXT_REMOVE, 0); ogs_expect(rv == OGS_OK); @@ -498,7 +521,7 @@ return OGS_ERROR; } - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, esmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, esmbuf); ogs_expect(rv == OGS_OK); } @@ -509,17 +532,19 @@ { int rv; mme_ue_t *mme_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *esmbuf = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; - if (!mme_ue_cycle(mme_ue)) { + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -543,7 +568,7 @@ ogs_timer_start(bearer->t3489.timer, mme_timer_cfg(MME_TIMER_T3489)->duration); - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, esmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, esmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -557,18 +582,20 @@ ogs_pkbuf_t *esmbuf = NULL; mme_sess_t *sess = NULL; mme_ue_t *mme_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = mme_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - mme_ue = bearer->mme_ue; - if (!mme_ue_cycle(mme_ue)) { + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -599,16 +626,18 @@ ogs_pkbuf_t *s1apbuf = NULL; ogs_pkbuf_t *esmbuf = NULL; mme_ue_t *mme_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; - if (!mme_ue_cycle(mme_ue)) { + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -654,16 +683,18 @@ ogs_pkbuf_t *s1apbuf = NULL; ogs_pkbuf_t *esmbuf = NULL; mme_ue_t *mme_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; - if (!mme_ue_cycle(mme_ue)) { + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -685,7 +716,7 @@ rv = nas_eps_send_to_enb(mme_ue, s1apbuf); ogs_expect(rv == OGS_OK); } else { - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, esmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, esmbuf); ogs_expect(rv == OGS_OK); } @@ -698,16 +729,18 @@ ogs_pkbuf_t *s1apbuf = NULL; ogs_pkbuf_t *esmbuf = NULL; mme_ue_t *mme_ue = NULL; + enb_ue_t *enb_ue = NULL; ogs_assert(bearer); - mme_ue = bearer->mme_ue; - if (!mme_ue_cycle(mme_ue)) { + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -736,14 +769,16 @@ mme_ue_t *mme_ue, uint8_t pti, ogs_nas_esm_cause_t esm_cause) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *esmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -757,7 +792,7 @@ return OGS_ERROR; } - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, esmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, esmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -767,14 +802,16 @@ mme_ue_t *mme_ue, uint8_t pti, ogs_nas_esm_cause_t esm_cause) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *esmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -788,7 +825,7 @@ return OGS_ERROR; } - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, esmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, esmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -798,14 +835,16 @@ mme_ue_t *mme_ue, S1AP_ProcedureCode_t procedureCode) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -841,7 +880,7 @@ rv = nas_eps_send_to_enb(mme_ue, s1apbuf); ogs_expect(rv == OGS_OK); } else if (procedureCode == S1AP_ProcedureCode_id_downlinkNASTransport) { - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); ogs_expect(rv == OGS_OK); } else ogs_assert_if_reached(); @@ -855,12 +894,12 @@ int rv; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -886,12 +925,12 @@ int rv; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -914,14 +953,16 @@ int nas_eps_send_cs_service_notification(mme_ue_t *mme_ue) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -934,7 +975,7 @@ return OGS_ERROR; } - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); ogs_expect(rv == OGS_OK); return rv; @@ -944,14 +985,16 @@ mme_ue_t *mme_ue, uint8_t *buffer, uint8_t length) { int rv; + enb_ue_t *enb_ue = NULL; ogs_pkbuf_t *emmbuf = NULL; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -967,7 +1010,7 @@ return OGS_ERROR; } - rv = nas_eps_send_to_downlink_nas_transport(mme_ue->enb_ue, emmbuf); + rv = nas_eps_send_to_downlink_nas_transport(enb_ue, emmbuf); ogs_expect(rv == OGS_OK); return rv;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/s1ap-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/s1ap-build.c
Changed
@@ -283,7 +283,6 @@ S1AP_NAS_PDU_t *NAS_PDU = NULL; ogs_assert(emmbuf); - enb_ue = enb_ue_cycle(enb_ue); ogs_assert(enb_ue); ogs_debug("DownlinkNASTransport"); @@ -427,9 +426,8 @@ mme_sess_t *sess = NULL; mme_bearer_t *bearer = NULL; - mme_ue = mme_ue_cycle(mme_ue); ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_debug("InitialContextSetupRequest"); @@ -621,7 +619,6 @@ } if (!E_RABToBeSetupListCtxtSUReq->list.count) { - MME_UE_CHECK(OGS_LOG_ERROR, mme_ue); ogs_list_for_each(&mme_ue->sess_list, sess) { ogs_error(" APN%s", sess->session ? sess->session->name : "Unknown"); @@ -847,9 +844,8 @@ enb_ue_t *enb_ue = NULL; - mme_ue = mme_ue_cycle(mme_ue); ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_debug("UEContextModificationRequest"); @@ -983,7 +979,6 @@ S1AP_UE_S1AP_IDs_t *UE_S1AP_IDs = NULL; S1AP_Cause_t *Cause = NULL; - enb_ue = enb_ue_cycle(enb_ue); ogs_assert(enb_ue); if (enb_ue->mme_ue_s1ap_id == 0) { @@ -1069,9 +1064,9 @@ ogs_assert(esmbuf); ogs_assert(bearer); - mme_ue = mme_ue_cycle(bearer->mme_ue); + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_debug("E-RABSetupRequest"); @@ -1202,9 +1197,9 @@ ogs_assert(esmbuf); ogs_assert(bearer); - mme_ue = mme_ue_cycle(bearer->mme_ue); + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_debug("E-RABModifyRequest"); @@ -1330,9 +1325,9 @@ ogs_assert(esmbuf); ogs_assert(bearer); - mme_ue = mme_ue_cycle(bearer->mme_ue); + mme_ue = mme_ue_find_by_id(bearer->mme_ue_id); ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_debug("E-RABReleaseCommand"); @@ -1451,9 +1446,8 @@ mme_sess_t *sess = NULL; mme_bearer_t *bearer = NULL; - mme_ue = mme_ue_cycle(mme_ue); ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_debug("E-RABModificationConfirm"); @@ -1553,7 +1547,6 @@ uint64_t ue_imsi_value = 0; int i = 0; - mme_ue = mme_ue_cycle(mme_ue); ogs_assert(mme_ue); ogs_debug("Paging"); @@ -1776,9 +1769,8 @@ mme_bearer_t *bearer = NULL; enb_ue_t *enb_ue = NULL; - mme_ue = mme_ue_cycle(mme_ue); ogs_assert(mme_ue); - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); ogs_assert(enb_ue); ogs_debug("PathSwitchAcknowledge"); @@ -1973,9 +1965,8 @@ mme_sess_t *sess = NULL; mme_bearer_t *bearer = NULL; - source_ue = enb_ue_cycle(source_ue); ogs_assert(source_ue); - mme_ue = mme_ue_cycle(source_ue->mme_ue); + mme_ue = mme_ue_find_by_id(source_ue->mme_ue_id); ogs_assert(mme_ue); ogs_debug("HandoverCommand"); @@ -2132,7 +2123,6 @@ S1AP_ENB_UE_S1AP_ID_t *ENB_UE_S1AP_ID = NULL; S1AP_Cause_t *Cause = NULL; - source_ue = enb_ue_cycle(source_ue); ogs_assert(source_ue); ogs_assert(group); @@ -2225,9 +2215,8 @@ ogs_assert(cause); ogs_assert(source_totarget_transparentContainer); - target_ue = enb_ue_cycle(target_ue); ogs_assert(target_ue); - mme_ue = mme_ue_cycle(target_ue->mme_ue); + mme_ue = mme_ue_find_by_id(target_ue->mme_ue_id); ogs_assert(mme_ue); ogs_debug("HandoverRequest"); @@ -2460,7 +2449,6 @@ S1AP_MME_UE_S1AP_ID_t *MME_UE_S1AP_ID = NULL; S1AP_ENB_UE_S1AP_ID_t *ENB_UE_S1AP_ID = NULL; - source_ue = enb_ue_cycle(source_ue); ogs_assert(source_ue); ogs_debug("HandoverCancelAcknowledge"); @@ -2524,7 +2512,6 @@ S1AP_ENB_StatusTransfer_TransparentContainer_t *ENB_StatusTransfer_TransparentContainer = NULL; - target_ue = enb_ue_cycle(target_ue); ogs_assert(target_ue); ogs_assert(enb_statustransfer_transparentContainer);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/s1ap-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/s1ap-handler.c
Changed
@@ -505,7 +505,6 @@ ogs_info("Unknown UE by S_TMSIG:%d,C:%d,M_TMSI:0x%x", nas_guti.mme_gid, nas_guti.mme_code, nas_guti.m_tmsi); } else { - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); ogs_info(" S_TMSIG:%d,C:%d,M_TMSI:0x%x IMSI:%s", mme_ue->current.guti.mme_gid, mme_ue->current.guti.mme_code, @@ -542,16 +541,15 @@ } } } else { + mme_ue_t *mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); ogs_error("Known UE ENB_UE_S1AP_ID%d %p:%p", - (int)*ENB_UE_S1AP_ID, enb_ue, enb_ue->mme_ue); - if (enb_ue->mme_ue) { - MME_UE_CHECK(OGS_LOG_DEBUG, enb_ue->mme_ue); + (int)*ENB_UE_S1AP_ID, enb_ue, mme_ue); + if (mme_ue) { ogs_error(" S_TMSIG:%d,C:%d,M_TMSI:0x%x IMSI:%s", - enb_ue->mme_ue->current.guti.mme_gid, - enb_ue->mme_ue->current.guti.mme_code, - enb_ue->mme_ue->current.guti.m_tmsi, - MME_UE_HAVE_IMSI(enb_ue->mme_ue) - ? enb_ue->mme_ue->imsi_bcd : "Unknown"); + mme_ue->current.guti.mme_gid, + mme_ue->current.guti.mme_code, + mme_ue->current.guti.m_tmsi, + MME_UE_HAVE_IMSI(mme_ue) ? mme_ue->imsi_bcd : "Unknown"); } } @@ -631,6 +629,7 @@ S1AP_CellIdentity_t *cell_ID = NULL; enb_ue_t *enb_ue = NULL; + mme_ue_t *mme_ue = NULL; ogs_eps_tai_t tai; int served_tai_index = 0; @@ -784,10 +783,8 @@ enb_ue->saved.tai.tac, enb_ue->saved.e_cgi.cell_id); /* Copy Stream-No/TAI/ECGI from enb_ue */ - if (enb_ue->mme_ue) { - mme_ue_t *mme_ue = enb_ue->mme_ue; - - MME_UE_CHECK(OGS_LOG_DEBUG, enb_ue->mme_ue); + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); + if (mme_ue) { memcpy(&mme_ue->tai, &enb_ue->saved.tai, sizeof(ogs_eps_tai_t)); memcpy(&mme_ue->e_cgi, &enb_ue->saved.e_cgi, sizeof(ogs_e_cgi_t)); mme_ue->ue_location_timestamp = ogs_time_now(); @@ -814,6 +811,7 @@ S1AP_UERadioCapability_t *UERadioCapability = NULL; enb_ue_t *enb_ue = NULL; + mme_ue_t *mme_ue = NULL; ogs_assert(enb); ogs_assert(enb->sctp.sock); @@ -889,11 +887,10 @@ ogs_debug(" ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id); - if (enb_ue->mme_ue) { + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); + if (mme_ue) { ogs_assert(UERadioCapability); - MME_UE_CHECK(OGS_LOG_DEBUG, enb_ue->mme_ue); - OGS_ASN_STORE_DATA(&enb_ue->mme_ue->ueRadioCapability, - UERadioCapability); + OGS_ASN_STORE_DATA(&mme_ue->ueRadioCapability, UERadioCapability); } } @@ -989,13 +986,12 @@ ogs_debug(" ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id); - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; } - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); if (E_RABSetupListCtxtSURes) { int uli_presence = 0; @@ -1188,7 +1184,7 @@ ogs_debug(" CauseGroup:%d Cause:%d", Cause->present, (int)Cause->choice.radioNetwork); - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (mme_ue) { /* @@ -1300,7 +1296,7 @@ ogs_debug(" ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id); - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; @@ -1412,7 +1408,7 @@ ogs_debug(" CauseGroup:%d Cause:%d", Cause->present, (int)Cause->choice.radioNetwork); - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; @@ -1522,7 +1518,7 @@ ogs_debug(" ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id); - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; @@ -1857,9 +1853,7 @@ int r; mme_ue_t *mme_ue = NULL; - ogs_assert(enb_ue); - - if (enb_ue_cycle(enb_ue) == NULL) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); return; } @@ -1868,7 +1862,7 @@ ogs_info(" ENB_UE_S1AP_ID%d MME_UE_S1AP_ID%d", enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id); - mme_ue = mme_ue_cycle(enb_ue->mme_ue); + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (mme_ue) { ogs_info(" IMSI%s", mme_ue->imsi_bcd); @@ -1964,7 +1958,6 @@ return; } - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); mme_ue_remove(mme_ue); break; case S1AP_UE_CTX_REL_S1_HANDOVER_COMPLETE: @@ -2008,11 +2001,12 @@ ogs_warn(" Packet could be dropped during S1-Handover"); mme_ue_clear_indirect_tunnel(mme_ue); - if (!mme_ue->enb_ue) { + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); + if (!enb_ue) { ogs_error("No S1 context"); return; } - r = s1ap_send_handover_cancel_ack(mme_ue->enb_ue); + r = s1ap_send_handover_cancel_ack(enb_ue); ogs_expect(r == OGS_OK); ogs_assert(r != OGS_ERROR); } @@ -2153,13 +2147,12 @@ return; } - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; } - MME_UE_CHECK(OGS_LOG_DEBUG, mme_ue); ogs_list_init(&mme_ue->bearer_to_modify_list); for (i = 0; i < E_RABToBeModifiedListBearerModInd->list.count; i++) { @@ -2510,7 +2503,7 @@ return; } - mme_ue = mme_ue_cycle(enb_ue->mme_ue); + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; @@ -2816,7 +2809,7 @@ return; } - mme_ue = source_ue->mme_ue; + mme_ue = mme_ue_find_by_id(source_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; @@ -3112,7 +3105,7 @@ return; } - source_ue = target_ue->source_ue; + source_ue = enb_ue_find_by_id(target_ue->source_ue_id); if (!source_ue) { ogs_error("No Source UE"); r = s1ap_send_error_indication(enb, MME_UE_S1AP_ID, ENB_UE_S1AP_ID, @@ -3122,7 +3115,7 @@ return; } - mme_ue = source_ue->mme_ue; + mme_ue = mme_ue_find_by_id(source_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; @@ -3315,7 +3308,7 @@ return; } - source_ue = target_ue->source_ue; + source_ue = enb_ue_find_by_id(target_ue->source_ue_id); if (!source_ue) { ogs_error("No Source UE"); r = s1ap_send_error_indication(enb, MME_UE_S1AP_ID, NULL, @@ -3437,7 +3430,7 @@ return; } - target_ue = source_ue->target_ue; + target_ue = enb_ue_find_by_id(source_ue->target_ue_id); if (!target_ue) { ogs_error("No Target UE"); r = s1ap_send_error_indication(enb, MME_UE_S1AP_ID, ENB_UE_S1AP_ID, @@ -3565,7 +3558,7 @@ return; } - target_ue = source_ue->target_ue; + target_ue = enb_ue_find_by_id(source_ue->target_ue_id); if (!target_ue) { ogs_error("No Target UE"); r = s1ap_send_error_indication(enb, MME_UE_S1AP_ID, ENB_UE_S1AP_ID, @@ -3711,7 +3704,7 @@ tAC = &TAI->tAC; ogs_assert(tAC && tAC->size == sizeof(uint16_t)); - source_ue = target_ue->source_ue; + source_ue = enb_ue_find_by_id(target_ue->source_ue_id); if (!source_ue) { ogs_error("No Source UE"); r = s1ap_send_error_indication(enb, MME_UE_S1AP_ID, ENB_UE_S1AP_ID, @@ -3721,7 +3714,7 @@ return; } - mme_ue = source_ue->mme_ue; + mme_ue = mme_ue_find_by_id(source_ue->mme_ue_id); if (!mme_ue) { ogs_error("No UE(mme-ue) context"); return; @@ -3944,7 +3937,7 @@ /* ENB_UE Context where PartOfS1_interface was requested */ enb_ue->part_of_s1_reset_requested = true; - mme_ue = enb_ue->mme_ue; + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); if (mme_ue) { ogs_assert(OGS_OK == mme_gtp_send_release_access_bearers_request(mme_ue,
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/s1ap-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/s1ap-path.c
Changed
@@ -52,12 +52,7 @@ char bufOGS_ADDRSTRLEN; ogs_assert(pkbuf); - - if (!mme_enb_cycle(enb)) { - ogs_error("eNB has already been removed"); - ogs_pkbuf_free(pkbuf); - return OGS_NOTFOUND; - } + ogs_assert(enb); ogs_assert(enb->sctp.sock); if (enb->sctp.sock->fd == INVALID_SOCKET) { @@ -84,15 +79,24 @@ int s1ap_send_to_enb_ue(enb_ue_t *enb_ue, ogs_pkbuf_t *pkbuf) { int rv; + mme_enb_t *enb = NULL; + ogs_assert(pkbuf); - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); ogs_pkbuf_free(pkbuf); return OGS_NOTFOUND; } - rv = s1ap_send_to_enb(enb_ue->enb, pkbuf, enb_ue->enb_ostream_id); + enb = mme_enb_find_by_id(enb_ue->enb_id); + if (!enb) { + ogs_error("%d eNB has already been removed", enb_ue->enb_id); + ogs_pkbuf_free(pkbuf); + return OGS_NOTFOUND; + } + + rv = s1ap_send_to_enb(enb, pkbuf, enb_ue->enb_ostream_id); ogs_expect(rv == OGS_OK); return rv; @@ -113,8 +117,7 @@ ogs_app()->timer_mgr, mme_timer_s1_delayed_send, e); ogs_assert(e->timer); e->pkbuf = pkbuf; - e->enb_ue = enb_ue; - e->enb = enb_ue->enb; + e->enb_ue_id = enb_ue->id; ogs_timer_start(e->timer, duration); @@ -139,7 +142,7 @@ e = mme_event_new(MME_EVENT_ESM_MESSAGE); ogs_assert(e); - e->mme_ue = mme_ue; + e->mme_ue_id = mme_ue->id; e->pkbuf = esmbuf; e->nas_type = nas_type; e->create_action = create_action; @@ -157,6 +160,9 @@ S1AP_ProcedureCode_t procedureCode, S1AP_NAS_PDU_t *nasPdu) { int rv; + + mme_ue_t *mme_ue = NULL; + ogs_nas_eps_security_header_t *sh = NULL; ogs_nas_security_header_type_t security_header_type; @@ -167,6 +173,8 @@ ogs_assert(enb_ue); ogs_assert(nasPdu); + mme_ue = mme_ue_find_by_id(enb_ue->mme_ue_id); + /* The Packet Buffer(pkbuf_t) for NAS message MUST make a HEADROOM. * When calculating AES_CMAC, we need to use the headroom of the packet. */ nasbuf = ogs_pkbuf_alloc(NULL, OGS_NAS_HEADROOM+nasPdu->size); @@ -211,8 +219,8 @@ return OGS_ERROR; } - if (enb_ue->mme_ue) { - if (nas_eps_security_decode(enb_ue->mme_ue, + if (mme_ue) { + if (nas_eps_security_decode(mme_ue, security_header_type, nasbuf) != OGS_OK) { ogs_error("nas_eps_security_decode failed()"); enb_ue_remove(enb_ue); @@ -259,7 +267,7 @@ ogs_pkbuf_free(nasbuf); return OGS_ERROR; } - e->enb_ue = enb_ue; + e->enb_ue_id = enb_ue->id; e->s1ap_code = procedureCode; e->nas_type = security_header_type.type; e->pkbuf = nasbuf; @@ -272,7 +280,6 @@ return rv; } else if (h->protocol_discriminator == OGS_NAS_PROTOCOL_DISCRIMINATOR_ESM) { - mme_ue_t *mme_ue = enb_ue->mme_ue; if (!mme_ue) { ogs_error("No UE Context"); ogs_pkbuf_free(nasbuf); @@ -299,12 +306,9 @@ int rv; ogs_pkbuf_t *s1ap_buffer; - ogs_debug("S1-Setup response"); + ogs_assert(enb); - if (!mme_enb_cycle(enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("S1-Setup response"); s1ap_buffer = s1ap_build_setup_rsp(); if (!s1ap_buffer) { @@ -324,12 +328,9 @@ int rv; ogs_pkbuf_t *s1ap_buffer; - ogs_debug("S1-Setup failure"); + ogs_assert(enb); - if (!mme_enb_cycle(enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("S1-Setup failure"); s1ap_buffer = s1ap_build_setup_failure(group, cause, S1AP_TimeToWait_v10s); if (!s1ap_buffer) { @@ -348,12 +349,9 @@ int rv; ogs_pkbuf_t *s1ap_buffer; - ogs_debug("ENBConfigurationUpdateAcknowledge"); + ogs_assert(enb); - if (!mme_enb_cycle(enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("ENBConfigurationUpdateAcknowledge"); s1ap_buffer = s1ap_build_enb_configuration_update_ack(); if (!s1ap_buffer) { @@ -373,12 +371,9 @@ int rv; ogs_pkbuf_t *s1ap_buffer; - ogs_debug("ENBConfigurationUpdateFailure"); + ogs_assert(enb); - if (!mme_enb_cycle(enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("ENBConfigurationUpdateFailure"); s1ap_buffer = s1ap_build_enb_configuration_update_failure( group, cause, S1AP_TimeToWait_v10s); @@ -400,12 +395,12 @@ ogs_debug("InitialContextSetupRequest"); - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + if (!enb_ue_find_by_id(mme_ue->enb_ue_id)) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -429,12 +424,12 @@ ogs_debug("UEContextModificationRequest"); - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + if (!enb_ue_find_by_id(mme_ue->enb_ue_id)) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -460,7 +455,7 @@ ogs_debug("UEContextReleaseCommand"); - if (!enb_ue_cycle(enb_ue)) { + if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -498,7 +493,7 @@ ogs_debug("S1-Paging"); - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } @@ -550,15 +545,11 @@ int rv; ogs_pkbuf_t *s1apbuf = NULL; - ogs_debug("MMEConfigurationTransfer"); - - if (!mme_enb_cycle(target_enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } - + ogs_assert(target_enb); ogs_assert(SONConfigurationTransfer); + ogs_debug("MMEConfigurationTransfer"); + s1apbuf = s1ap_build_mme_configuration_transfer(SONConfigurationTransfer); if (!s1apbuf) { ogs_error("s1ap_build_mme_configuration_transfer() failed"); @@ -577,12 +568,9 @@ int rv; ogs_pkbuf_t *s1apbuf = NULL; - ogs_debug("Tx MME Direct Information Transfer"); + ogs_assert(target_enb); - if (!mme_enb_cycle(target_enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_debug("Tx MME Direct Information Transfer"); s1apbuf = s1ap_build_direct_information_transfer(buf, buf_len); if (!s1apbuf) { @@ -603,12 +591,12 @@ ogs_debug("E-RABModificationConfirm"); - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + if (!enb_ue_find_by_id(mme_ue->enb_ue_id)) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -633,12 +621,12 @@ ogs_debug("PathSwitchAcknowledge"); - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!enb_ue_cycle(mme_ue->enb_ue)) { + if (!enb_ue_find_by_id(mme_ue->enb_ue_id)) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -663,12 +651,12 @@ ogs_debug("HandoverCommand"); - if (!enb_ue_cycle(source_ue)) { + if (!source_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } - if (!mme_ue_cycle(source_ue->mme_ue)) { + if (!mme_ue_find_by_id(source_ue->mme_ue_id)) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } @@ -693,7 +681,7 @@ ogs_debug("HandoverPreparationFailure"); - if (!enb_ue_cycle(source_ue)) { + if (!source_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -719,7 +707,7 @@ ogs_debug("HandoverCancelAcknowledge"); - if (!enb_ue_cycle(source_ue)) { + if (!source_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -748,24 +736,21 @@ enb_ue_t *target_ue = NULL; + ogs_assert(target_enb); + ogs_info("HandoverRequest"); - if (!enb_ue_cycle(source_ue)) { + if (!source_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } - if (!mme_ue_cycle(source_ue->mme_ue)) { + if (!mme_ue_find_by_id(source_ue->mme_ue_id)) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - if (!mme_enb_cycle(target_enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } - - target_ue = enb_ue_cycle(source_ue->target_ue); + target_ue = enb_ue_find_by_id(source_ue->target_ue_id); if (target_ue) { /* * Issue #3014 @@ -844,7 +829,7 @@ ogs_info("MMEStatusTransfer"); - if (!enb_ue_cycle(target_ue)) { + if (!target_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } @@ -871,12 +856,9 @@ int rv; ogs_pkbuf_t *s1apbuf = NULL; - ogs_info("ErrorIndication"); + ogs_assert(enb); - if (!mme_enb_cycle(enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_info("ErrorIndication"); s1apbuf = ogs_s1ap_build_error_indication( mme_ue_s1ap_id, enb_ue_s1ap_id, group, cause); @@ -901,18 +883,18 @@ S1AP_MME_UE_S1AP_ID_t mme_ue_s1ap_id; S1AP_ENB_UE_S1AP_ID_t enb_ue_s1ap_id; - if (!mme_ue_cycle(mme_ue)) { + if (!mme_ue) { ogs_error("UE(mme-ue) context has already been removed"); return OGS_NOTFOUND; } - enb_ue = enb_ue_cycle(mme_ue->enb_ue); + enb_ue = enb_ue_find_by_id(mme_ue->enb_ue_id); if (!enb_ue) { ogs_error("S1 context has already been removed"); return OGS_NOTFOUND; } - enb = mme_enb_cycle(enb_ue->enb); + enb = mme_enb_find_by_id(enb_ue->enb_id); if (!enb) { ogs_error("eNB has already been removed"); return OGS_NOTFOUND; @@ -935,10 +917,7 @@ int rv; ogs_pkbuf_t *s1apbuf = NULL; - if (!mme_enb_cycle(enb)) { - ogs_error("eNB has already been removed"); - return OGS_NOTFOUND; - } + ogs_assert(enb); ogs_info("S1-Reset Acknowledge"); s1apbuf = ogs_s1ap_build_s1_reset_ack(partOfS1_Interface);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/s1ap-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/s1ap-sm.c
Changed
@@ -59,7 +59,7 @@ mme_sm_debug(e); - enb = e->enb; + enb = mme_enb_find_by_id(e->enb_id); ogs_assert(enb); switch (e->id) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/mme/sgsap-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/mme/sgsap-handler.c
Changed
@@ -124,7 +124,8 @@ return; error: - r = nas_eps_send_attach_reject(mme_ue->enb_ue, mme_ue, + r = nas_eps_send_attach_reject( + enb_ue_find_by_id(mme_ue->enb_ue_id), mme_ue, OGS_NAS_EMM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED, OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); ogs_expect(r == OGS_OK);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/nrf/nf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/nrf/nf-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019,2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -85,6 +85,7 @@ ogs_sbi_nf_instance_t *nf_instance = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *message = NULL; ogs_assert(s); @@ -105,8 +106,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NNRF_NFM) @@ -176,6 +185,7 @@ ogs_sbi_nf_instance_t *nf_instance = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *message = NULL; ogs_sbi_response_t *response = NULL; @@ -218,8 +228,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NNRF_NFM)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/nrf/nrf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/nrf/nrf-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -40,6 +40,7 @@ { int rv; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -63,8 +64,15 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/nssf/nssf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/nssf/nssf-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -43,6 +43,7 @@ const char *api_version = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -64,8 +65,16 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/am-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/am-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2022 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -40,6 +40,7 @@ pcf_ue_t *pcf_ue = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id; ogs_sbi_message_t *message = NULL; ogs_assert(s); @@ -47,7 +48,7 @@ pcf_sm_debug(e); - pcf_ue = e->pcf_ue; + pcf_ue = pcf_ue_find_by_id(e->pcf_ue_id); ogs_assert(pcf_ue); switch (e->h.id) { @@ -60,8 +61,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.method) CASE(OGS_SBI_HTTP_METHOD_POST) @@ -91,8 +100,16 @@ case OGS_EVENT_SBI_CLIENT: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NUDR_DR) @@ -160,7 +177,7 @@ pcf_sm_debug(e); - pcf_ue = e->pcf_ue; + pcf_ue = pcf_ue_find_by_id(e->pcf_ue_id); ogs_assert(pcf_ue); switch (e->h.id) { @@ -184,7 +201,7 @@ pcf_sm_debug(e); - pcf_ue = e->pcf_ue; + pcf_ue = pcf_ue_find_by_id(e->pcf_ue_id); ogs_assert(pcf_ue); switch (e->h.id) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/context.c
Changed
@@ -331,9 +331,8 @@ ogs_assert(supi); - ogs_pool_alloc(&pcf_ue_pool, &pcf_ue); + ogs_pool_id_calloc(&pcf_ue_pool, &pcf_ue); ogs_assert(pcf_ue); - memset(pcf_ue, 0, sizeof *pcf_ue); /* SBI Type */ pcf_ue->sbi.type = OGS_SBI_OBJ_UE_TYPE; @@ -351,7 +350,7 @@ ogs_hash_set(self.supi_hash, pcf_ue->supi, strlen(pcf_ue->supi), pcf_ue); memset(&e, 0, sizeof(e)); - e.pcf_ue = pcf_ue; + e.pcf_ue_id = pcf_ue->id; ogs_fsm_init(&pcf_ue->sm, pcf_am_state_initial, pcf_am_state_final, &e); ogs_list_add(&self.pcf_ue_list, pcf_ue); @@ -368,7 +367,7 @@ ogs_list_remove(&self.pcf_ue_list, pcf_ue); memset(&e, 0, sizeof(e)); - e.pcf_ue = pcf_ue; + e.pcf_ue_id = pcf_ue->id; ogs_fsm_fini(&pcf_ue->sm, &e); /* Free SBI object memory */ @@ -400,7 +399,7 @@ if (pcf_ue->pei) ogs_free(pcf_ue->pei); - ogs_pool_free(&pcf_ue_pool, pcf_ue); + ogs_pool_id_free(&pcf_ue_pool, pcf_ue); } void pcf_ue_remove_all(void) @@ -431,9 +430,8 @@ ogs_assert(pcf_ue); ogs_assert(psi != OGS_NAS_PDU_SESSION_IDENTITY_UNASSIGNED); - ogs_pool_alloc(&pcf_sess_pool, &sess); + ogs_pool_id_calloc(&pcf_sess_pool, &sess); ogs_assert(sess); - memset(sess, 0, sizeof *sess); ogs_list_init(&sess->app_list); @@ -456,14 +454,14 @@ (int)ogs_pool_index(&pcf_sess_pool, sess)); ogs_assert(sess->sm_policy_id); - sess->pcf_ue = pcf_ue; + sess->pcf_ue_id = pcf_ue->id; sess->psi = psi; sess->s_nssai.sst = 0; sess->s_nssai.sd.v = OGS_S_NSSAI_NO_SD_VALUE; memset(&e, 0, sizeof(e)); - e.sess = sess; + e.sess_id = sess->id; ogs_fsm_init(&sess->sm, pcf_sm_state_initial, pcf_sm_state_final, &e); ogs_list_add(&pcf_ue->sess_list, sess); @@ -474,14 +472,16 @@ void pcf_sess_remove(pcf_sess_t *sess) { pcf_event_t e; + pcf_ue_t *pcf_ue = NULL; ogs_assert(sess); - ogs_assert(sess->pcf_ue); + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); + ogs_assert(pcf_ue); - ogs_list_remove(&sess->pcf_ue->sess_list, sess); + ogs_list_remove(&pcf_ue->sess_list, sess); memset(&e, 0, sizeof(e)); - e.sess = sess; + e.sess_id = sess->id; ogs_fsm_fini(&sess->sm, &e); /* Free SBI object memory */ @@ -520,7 +520,7 @@ if (sess->subscribed_default_qos) OpenAPI_subscribed_default_qos_free(sess->subscribed_default_qos); - ogs_pool_free(&pcf_sess_pool, sess); + ogs_pool_id_free(&pcf_sess_pool, sess); } void pcf_sess_remove_all(pcf_ue_t *pcf_ue) @@ -710,14 +710,14 @@ &ipv6prefix, (ipv6prefix.len >> 3) + 1); } -pcf_ue_t *pcf_ue_cycle(pcf_ue_t *pcf_ue) +pcf_ue_t *pcf_ue_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&pcf_ue_pool, pcf_ue); + return ogs_pool_find_by_id(&pcf_ue_pool, id); } -pcf_sess_t *pcf_sess_cycle(pcf_sess_t *sess) +pcf_sess_t *pcf_sess_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&pcf_sess_pool, sess); + return ogs_pool_find_by_id(&pcf_sess_pool, id); } pcf_app_t *pcf_app_add(pcf_sess_t *sess)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/context.h
Changed
@@ -47,6 +47,7 @@ struct pcf_ue_s { ogs_sbi_object_t sbi; + ogs_pool_id_t id; ogs_fsm_t sm; char *association_id; @@ -75,6 +76,7 @@ struct pcf_sess_s { ogs_sbi_object_t sbi; + ogs_pool_id_t id; ogs_fsm_t sm; char *sm_policy_id; @@ -154,7 +156,7 @@ ogs_list_t app_list; /* Related Context */ - pcf_ue_t *pcf_ue; + ogs_pool_id_t pcf_ue_id; }; typedef struct pcf_app_s { @@ -202,8 +204,8 @@ int pcf_sessions_number_by_snssai_and_dnn( pcf_ue_t *pcf_ue, ogs_s_nssai_t *s_nssai, char *dnn); -pcf_ue_t *pcf_ue_cycle(pcf_ue_t *pcf_ue); -pcf_sess_t *pcf_sess_cycle(pcf_sess_t *sess); +pcf_ue_t *pcf_ue_find_by_id(ogs_pool_id_t id); +pcf_sess_t *pcf_sess_find_by_id(ogs_pool_id_t id); pcf_app_t *pcf_app_add(pcf_sess_t *sess); int pcf_app_remove(pcf_app_t *app);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/event.h
Changed
@@ -33,8 +33,8 @@ typedef struct pcf_event_s { ogs_event_t h; - pcf_ue_t *pcf_ue; - pcf_sess_t *sess; + ogs_pool_id_t pcf_ue_id; + ogs_pool_id_t sess_id; pcf_app_t *app; } pcf_event_t;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/nbsf-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/nbsf-build.c
Changed
@@ -38,7 +38,7 @@ int i; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); nf_instance = data; @@ -187,7 +187,7 @@ ogs_sbi_request_t *request = NULL; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); ogs_assert(sess->binding.resource_uri);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/nbsf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/nbsf-handler.c
Changed
@@ -70,7 +70,7 @@ ogs_sockaddr_t *addr = NULL, *addr6 = NULL; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); ogs_assert(stream); server = ogs_sbi_server_from_stream(stream); @@ -423,7 +423,7 @@ if (SmPolicyDecision.supp_feat) ogs_free(SmPolicyDecision.supp_feat); - pcf_metrics_inst_by_slice_add(&sess->pcf_ue->guami.plmn_id, + pcf_metrics_inst_by_slice_add(&pcf_ue->guami.plmn_id, &sess->s_nssai, PCF_METR_CTR_PA_POLICYSMASSOSUCC, 1); OGS_SESSION_DATA_FREE(&session_data);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/nnrf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/nnrf-handler.c
Changed
@@ -26,6 +26,7 @@ int r; ogs_sbi_nf_instance_t *nf_instance = NULL; ogs_sbi_object_t *sbi_object = NULL; + ogs_pool_id_t sbi_object_id = OGS_INVALID_POOL_ID; ogs_sbi_service_type_e service_type = OGS_SBI_SERVICE_TYPE_NULL; ogs_sbi_discovery_option_t *discovery_option = NULL; ogs_sbi_stream_t *stream = NULL; @@ -48,8 +49,15 @@ requester_nf_type = xact->requester_nf_type; ogs_assert(requester_nf_type); + sbi_object_id = xact->sbi_object_id; + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); + discovery_option = xact->discovery_option; - stream = xact->assoc_stream; + + if (xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(xact->assoc_stream_id); SearchResult = recvmsg->SearchResult; if (!SearchResult) { @@ -58,12 +66,12 @@ } if (sbi_object->type == OGS_SBI_OBJ_UE_TYPE) { - pcf_ue = (pcf_ue_t *)sbi_object; + pcf_ue = pcf_ue_find_by_id(sbi_object_id); ogs_assert(pcf_ue); } else if (sbi_object->type == OGS_SBI_OBJ_SESS_TYPE) { - sess = (pcf_sess_t *)sbi_object; + sess = pcf_sess_find_by_id(sbi_object_id); ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); } else { ogs_fatal("(NF discover) Not implemented %s:%d",
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/npcf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/npcf-handler.c
Changed
@@ -235,7 +235,7 @@ char *home_network_domain = NULL; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(stream); ogs_assert(message); @@ -580,7 +580,7 @@ OpenAPI_sm_policy_delete_data_t *SmPolicyDeleteData = NULL; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(stream); ogs_assert(message); @@ -681,7 +681,7 @@ OpenAPI_lnode_t *node = NULL, *node2 = NULL, *node3 = NULL; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(stream); ogs_assert(recvmsg); @@ -1188,7 +1188,7 @@ OpenAPI_lnode_t *node = NULL, *node2 = NULL, *node3 = NULL; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(app_session); ogs_assert(stream); ogs_assert(recvmsg);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/nudr-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/nudr-build.c
Changed
@@ -51,7 +51,7 @@ ogs_sbi_request_t *request = NULL; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); memset(&message, 0, sizeof(message));
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/nudr-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/nudr-handler.c
Changed
@@ -193,7 +193,7 @@ int r; ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); ogs_assert(stream); server = ogs_sbi_server_from_stream(stream);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/pcf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/pcf-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -39,6 +39,7 @@ int rv; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -48,11 +49,14 @@ ogs_sbi_object_t *sbi_object = NULL; ogs_sbi_xact_t *sbi_xact = NULL; + ogs_pool_id_t sbi_xact_id = OGS_INVALID_POOL_ID; ogs_sbi_service_type_e service_type = OGS_SBI_SERVICE_TYPE_NULL; pcf_ue_t *pcf_ue = NULL; + ogs_pool_id_t pcf_ue_id = OGS_INVALID_POOL_ID; pcf_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; pcf_app_t *app_session = NULL; pcf_sm_debug(e); @@ -69,8 +73,16 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) { @@ -159,7 +171,7 @@ ogs_assert(OGS_FSM_STATE(&pcf_ue->sm)); - e->pcf_ue = pcf_ue; + e->pcf_ue_id = pcf_ue->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&pcf_ue->sm, e); if (OGS_FSM_CHECK(&pcf_ue->sm, pcf_am_state_exception)) { @@ -264,7 +276,7 @@ ogs_assert(OGS_FSM_STATE(&sess->sm)); - e->sess = sess; + e->sess_id = sess->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&sess->sm, e); if (OGS_FSM_CHECK(&sess->sm, pcf_sm_state_exception)) { @@ -314,7 +326,7 @@ ogs_assert(OGS_FSM_STATE(&sess->sm)); - e->sess = sess; + e->sess_id = sess->id; e->app = app_session; e->h.sbi.message = &message; ogs_fsm_dispatch(&sess->sm, e); @@ -428,8 +440,18 @@ CASE(OGS_SBI_SERVICE_NAME_NNRF_DISC) SWITCH(message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_NF_INSTANCES) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); + if (!sbi_xact) { + /* CLIENT_WAIT timer could remove SBI transaction + * before receiving SBI message */ + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); + break; + } SWITCH(message.h.method) CASE(OGS_SBI_HTTP_METHOD_GET) @@ -458,32 +480,39 @@ CASE(OGS_SBI_RESOURCE_NAME_POLICY_DATA) SWITCH(message.h.resource.component3) CASE(OGS_SBI_RESOURCE_NAME_AM_DATA) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error( + "SBI transaction has already been removed %d", + sbi_xact_id); break; } - pcf_ue = (pcf_ue_t *)sbi_xact->sbi_object; - ogs_assert(pcf_ue); - - e->h.sbi.data = sbi_xact->assoc_stream; + pcf_ue_id = sbi_xact->sbi_object_id; + ogs_assert(pcf_ue_id >= OGS_MIN_POOL_ID && + pcf_ue_id <= OGS_MAX_POOL_ID); + + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + e->h.sbi.data = + OGS_UINT_TO_POINTER(sbi_xact->assoc_stream_id); ogs_sbi_xact_remove(sbi_xact); - pcf_ue = pcf_ue_cycle(pcf_ue); + pcf_ue = pcf_ue_find_by_id(pcf_ue_id); if (!pcf_ue) { ogs_error("UE(pcf_ue) Context " "has already been removed"); break; } - e->pcf_ue = pcf_ue; + e->pcf_ue_id = pcf_ue->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&pcf_ue->sm, e); @@ -494,36 +523,41 @@ break; CASE(OGS_SBI_RESOURCE_NAME_SM_DATA) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error( + "SBI transaction has already been removed %d", + sbi_xact_id); break; } - sess = (pcf_sess_t *)sbi_xact->sbi_object; - ogs_assert(sess); - - e->h.sbi.data = sbi_xact->assoc_stream; + sess_id = sbi_xact->sbi_object_id; + ogs_assert(sess_id >= OGS_MIN_POOL_ID && + sess_id <= OGS_MAX_POOL_ID); + + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + e->h.sbi.data = + OGS_UINT_TO_POINTER(sbi_xact->assoc_stream_id); ogs_sbi_xact_remove(sbi_xact); - sess = pcf_sess_cycle(sess); + sess = pcf_sess_find_by_id(sess_id); if (!sess) { ogs_error("Session has already been removed"); break; } - pcf_ue = sess->pcf_ue; - ogs_assert(pcf_ue); - pcf_ue = pcf_ue_cycle(pcf_ue); + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); - e->sess = sess; + e->sess_id = sess->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&sess->sm, e); @@ -552,37 +586,39 @@ SWITCH(message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_PCF_BINDINGS) + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); - - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - sess = (pcf_sess_t *)sbi_xact->sbi_object; - ogs_assert(sess); - - e->h.sbi.data = sbi_xact->assoc_stream; + sess_id = sbi_xact->sbi_object_id; + ogs_assert(sess_id >= OGS_MIN_POOL_ID && + sess_id <= OGS_MAX_POOL_ID); + + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + e->h.sbi.data = OGS_UINT_TO_POINTER(sbi_xact->assoc_stream_id); ogs_sbi_xact_remove(sbi_xact); - sess = pcf_sess_cycle(sess); + sess = pcf_sess_find_by_id(sess_id); if (!sess) { ogs_error("Session has already been removed"); break; } - pcf_ue = sess->pcf_ue; - ogs_assert(pcf_ue); - pcf_ue = pcf_ue_cycle(pcf_ue); + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); - e->sess = sess; + e->sess_id = sess->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&sess->sm, e); @@ -687,19 +723,25 @@ * 4. timer expiration event is processed. (double-free SBI xact) * * To avoid double-free SBI xact, - * we need to check ogs_sbi_xact_cycle() + * we need to check ogs_sbi_xact_find_by_id() */ - sbi_xact = ogs_sbi_xact_cycle(e->h.sbi.data); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } sbi_object = sbi_xact->sbi_object; ogs_assert(sbi_object); - stream = sbi_xact->assoc_stream; - ogs_assert(stream); + ogs_assert(sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID); + stream = ogs_sbi_stream_find_by_id(sbi_xact->assoc_stream_id); service_type = sbi_xact->service_type; @@ -710,9 +752,11 @@ switch(sbi_object->type) { case OGS_SBI_OBJ_UE_TYPE: - pcf_ue = (pcf_ue_t *)sbi_object; - ogs_assert(pcf_ue); - pcf_ue = pcf_ue_cycle(pcf_ue); + pcf_ue_id = sbi_xact->sbi_object_id; + ogs_assert(pcf_ue_id >= OGS_MIN_POOL_ID && + pcf_ue_id <= OGS_MAX_POOL_ID); + + pcf_ue = pcf_ue_find_by_id(pcf_ue_id); if (!pcf_ue) { ogs_error("UE(pcf_ue) has already been removed"); break; @@ -721,9 +765,11 @@ break; case OGS_SBI_OBJ_SESS_TYPE: - sess = (pcf_sess_t *)sbi_object; - ogs_assert(sess); - sess = pcf_sess_cycle(sess); + sess_id = sbi_xact->sbi_object_id; + ogs_assert(sess_id >= OGS_MIN_POOL_ID && + sess_id <= OGS_MAX_POOL_ID); + + sess = pcf_sess_find_by_id(sess_id); if (!sess) { ogs_error("Session has already been removed"); break; @@ -739,6 +785,12 @@ } ogs_error("Cannot receive SBI message"); + + if (!stream) { + ogs_error("STREAM has alreadt been removed %d", + sbi_xact->assoc_stream_id); + break; + } ogs_assert(true == ogs_sbi_server_send_error(stream, OGS_SBI_HTTP_STATUS_GATEWAY_TIMEOUT, NULL,
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/sbi-path.c
Changed
@@ -124,6 +124,7 @@ } static int pcf_sbi_discover_and_send( + ogs_pool_id_t sbi_object_id, ogs_sbi_object_t *sbi_object, ogs_sbi_service_type_e service_type, ogs_sbi_discovery_option_t *discovery_option, @@ -138,15 +139,22 @@ ogs_assert(stream); ogs_assert(build); + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); + xact = ogs_sbi_xact_add( - sbi_object, service_type, discovery_option, + sbi_object_id, sbi_object, service_type, discovery_option, build, context, data); if (!xact) { ogs_error("ogs_sbi_xact_add() failed"); return OGS_ERROR; } - xact->assoc_stream = stream; + if (stream) { + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); + } r = ogs_sbi_discover_and_send(xact); if (r != OGS_OK) { @@ -167,8 +175,8 @@ int r; r = pcf_sbi_discover_and_send( - &pcf_ue->sbi, service_type, discovery_option, - (ogs_sbi_build_f)build, pcf_ue, stream, data); + pcf_ue->id, &pcf_ue->sbi, service_type, discovery_option, + (ogs_sbi_build_f)build, pcf_ue, stream, data); if (r != OGS_OK) { ogs_error("pcf_ue_sbi_discover_and_send() failed"); ogs_assert(true == @@ -190,13 +198,18 @@ ogs_assert(sess); ogs_assert(service_type); - xact = ogs_sbi_xact_add(&sess->sbi, service_type, NULL, NULL, NULL, NULL); + xact = ogs_sbi_xact_add( + 0, &sess->sbi, service_type, NULL, NULL, NULL, NULL); if (!xact) { ogs_error("ogs_sbi_xact_add() failed"); return OGS_ERROR; } - xact->assoc_stream = stream; + if (stream) { + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); + } return ogs_sbi_discover_only(xact); } @@ -210,8 +223,8 @@ int r; r = pcf_sbi_discover_and_send( - &sess->sbi, service_type, discovery_option, - (ogs_sbi_build_f)build, sess, stream, data); + sess->id, &sess->sbi, service_type, discovery_option, + (ogs_sbi_build_f)build, sess, stream, data); if (r != OGS_OK) { ogs_error("pcf_sess_sbi_discover_and_send() failed"); ogs_assert(true ==
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/pcf/sm-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/pcf/sm-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2022 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -42,6 +42,7 @@ pcf_sess_t *sess = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id; ogs_sbi_message_t *message = NULL; ogs_assert(s); @@ -49,9 +50,9 @@ pcf_sm_debug(e); - sess = e->sess; + sess = pcf_sess_find_by_id(e->sess_id); ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); switch (e->h.id) { @@ -64,8 +65,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NPCF_SMPOLICYCONTROL) @@ -161,8 +170,16 @@ case OGS_EVENT_SBI_CLIENT: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NUDR_DR) @@ -317,15 +334,14 @@ pcf_sm_debug(e); - sess = e->sess; + sess = pcf_sess_find_by_id(e->sess_id); ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); switch (e->h.id) { case OGS_FSM_ENTRY_SIG: - ogs_assert(sess->pcf_ue); - pcf_metrics_inst_by_slice_add(&sess->pcf_ue->guami.plmn_id, + pcf_metrics_inst_by_slice_add(&pcf_ue->guami.plmn_id, &sess->s_nssai, PCF_METR_GAUGE_PA_SESSIONNBR, -1); break; @@ -349,15 +365,14 @@ pcf_sm_debug(e); - sess = e->sess; + sess = pcf_sess_find_by_id(e->sess_id); ogs_assert(sess); - pcf_ue = sess->pcf_ue; + pcf_ue = pcf_ue_find_by_id(sess->pcf_ue_id); ogs_assert(pcf_ue); switch (e->h.id) { case OGS_FSM_ENTRY_SIG: - ogs_assert(sess->pcf_ue); - pcf_metrics_inst_by_slice_add(&sess->pcf_ue->guami.plmn_id, + pcf_metrics_inst_by_slice_add(&pcf_ue->guami.plmn_id, &sess->s_nssai, PCF_METR_GAUGE_PA_SESSIONNBR, -1); break;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/scp/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/scp/context.c
Changed
@@ -304,11 +304,11 @@ return OGS_OK; } -scp_assoc_t *scp_assoc_add(ogs_sbi_stream_t *stream) +scp_assoc_t *scp_assoc_add(ogs_pool_id_t stream_id) { scp_assoc_t *assoc = NULL; - ogs_assert(stream); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && stream_id <= OGS_MAX_POOL_ID); ogs_pool_alloc(&scp_assoc_pool, &assoc); if (!assoc) { @@ -318,7 +318,7 @@ } memset(assoc, 0, sizeof *assoc); - assoc->stream = stream; + assoc->stream_id = stream_id; assoc->discovery_option = ogs_sbi_discovery_option_new(); ogs_assert(assoc->discovery_option);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/scp/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/scp/context.h
Changed
@@ -43,7 +43,7 @@ typedef struct scp_assoc_s { ogs_lnode_t lnode; - ogs_sbi_stream_t *stream; + ogs_pool_id_t stream_id; ogs_sbi_client_t *client; ogs_sbi_client_t *nrf_client; @@ -67,7 +67,7 @@ int scp_context_parse_config(void); -scp_assoc_t *scp_assoc_add(ogs_sbi_stream_t *stream); +scp_assoc_t *scp_assoc_add(ogs_pool_id_t stream_id); void scp_assoc_remove(scp_assoc_t *assoc); void scp_assoc_remove_all(void);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/scp/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/scp/sbi-path.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -110,7 +110,8 @@ ogs_hash_index_t *hi; ogs_sbi_client_t *client = NULL, *nrf_client = NULL, *next_scp = NULL; ogs_sbi_client_t *sepp_client = NULL; - ogs_sbi_stream_t *stream = data; + ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; OpenAPI_nf_type_e target_nf_type = OpenAPI_nf_type_NULL; OpenAPI_nf_type_e requester_nf_type = OpenAPI_nf_type_NULL; @@ -133,10 +134,19 @@ ogs_assert(request); ogs_assert(request->h.uri); - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } /* SCP Context */ - assoc = scp_assoc_add(stream); + assoc = scp_assoc_add(stream_id); if (!assoc) { ogs_error("scp_assoc_add() failed"); return OGS_ERROR; @@ -621,10 +631,13 @@ { scp_assoc_t *assoc = data; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_assert(assoc); - stream = assoc->stream; - ogs_assert(stream); + + stream_id = assoc->stream_id; + ogs_assert(stream_id >= OGS_MIN_POOL_ID && stream_id <= OGS_MAX_POOL_ID); + stream = ogs_sbi_stream_find_by_id(stream_id); if (status != OGS_OK) { @@ -632,13 +645,17 @@ status == OGS_DONE ? OGS_LOG_DEBUG : OGS_LOG_WARN, 0, "response_handler() failed %d", status); + scp_assoc_remove(assoc); + + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } ogs_assert(true == ogs_sbi_server_send_error(stream, OGS_SBI_HTTP_STATUS_INTERNAL_SERVER_ERROR, NULL, "response_handler() failed", NULL, NULL)); - scp_assoc_remove(assoc); - return OGS_ERROR; } @@ -652,9 +669,14 @@ ogs_error("No NF-Instance ID"); } - ogs_expect(true == ogs_sbi_server_send_response(stream, response)); scp_assoc_remove(assoc); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } + ogs_expect(true == ogs_sbi_server_send_response(stream, response)); + return OGS_OK; } @@ -667,6 +689,7 @@ scp_assoc_t *assoc = data; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_service_type_e service_type = OGS_SBI_SERVICE_TYPE_NULL; @@ -680,9 +703,6 @@ ogs_sbi_client_t *sepp_client = NULL; ogs_assert(assoc); - stream = assoc->stream; - - ogs_assert(stream); request = assoc->request; ogs_assert(request); service_type = assoc->service_type; @@ -695,18 +715,27 @@ discovery_option = assoc->discovery_option; ogs_assert(discovery_option); + stream_id = assoc->stream_id; + ogs_assert(stream_id >= OGS_MIN_POOL_ID && stream_id <= OGS_MAX_POOL_ID); + stream = ogs_sbi_stream_find_by_id(stream_id); + if (status != OGS_OK) { ogs_log_message( status == OGS_DONE ? OGS_LOG_DEBUG : OGS_LOG_WARN, 0, "nf_discover_handler() failed %d", status); + scp_assoc_remove(assoc); + + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } ogs_assert(true == ogs_sbi_server_send_error(stream, OGS_SBI_HTTP_STATUS_INTERNAL_SERVER_ERROR, NULL, "nf_discover_handler() failed", NULL, NULL)); - scp_assoc_remove(assoc); return OGS_ERROR; } @@ -789,6 +818,12 @@ ogs_assert(strerror); ogs_error("%s", strerror); + scp_assoc_remove(assoc); + + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } ogs_assert(true == ogs_sbi_server_send_error( stream, OGS_SBI_HTTP_STATUS_BAD_REQUEST, NULL, strerror, NULL, @@ -796,8 +831,6 @@ ogs_free(strerror); - scp_assoc_remove(assoc); - ogs_sbi_response_free(response); ogs_sbi_message_free(&message); @@ -813,17 +846,17 @@ scp_assoc_t *assoc = data; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_client_t *sepp_client = NULL; ogs_assert(assoc); - ogs_assert(assoc->target_apiroot); - stream = assoc->stream; - ogs_assert(stream); - request = assoc->request; - ogs_assert(request); + + stream_id = assoc->stream_id; + ogs_assert(stream_id >= OGS_MIN_POOL_ID && stream_id <= OGS_MAX_POOL_ID); + stream = ogs_sbi_stream_find_by_id(stream_id); if (status != OGS_OK) { @@ -831,12 +864,17 @@ status == OGS_DONE ? OGS_LOG_DEBUG : OGS_LOG_WARN, 0, "sepp_discover_handler() failed %d", status); + scp_assoc_remove(assoc); + + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } ogs_assert(true == ogs_sbi_server_send_error(stream, OGS_SBI_HTTP_STATUS_INTERNAL_SERVER_ERROR, NULL, "sepp_discover_handler() failed", NULL, NULL)); - scp_assoc_remove(assoc); return OGS_ERROR; } @@ -869,6 +907,10 @@ goto cleanup; } + ogs_assert(assoc->target_apiroot); + request = assoc->request; + ogs_assert(request); + if (false == send_request( sepp_client, response_handler, request, false, assoc)) { strerror = ogs_msprintf("send_request() failed"); @@ -884,6 +926,12 @@ ogs_assert(strerror); ogs_error("%s", strerror); + scp_assoc_remove(assoc); + + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } ogs_assert(true == ogs_sbi_server_send_error( stream, OGS_SBI_HTTP_STATUS_BAD_REQUEST, NULL, strerror, NULL, @@ -891,8 +939,6 @@ ogs_free(strerror); - scp_assoc_remove(assoc); - ogs_sbi_response_free(response); ogs_sbi_message_free(&message);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/scp/scp-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/scp/scp-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -40,6 +40,7 @@ int rv; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -47,6 +48,7 @@ ogs_sbi_response_t *response = NULL; ogs_sbi_message_t message; ogs_sbi_xact_t *sbi_xact = NULL; + ogs_pool_id_t sbi_xact_id = OGS_INVALID_POOL_ID; scp_sm_debug(e); @@ -62,8 +64,16 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) { @@ -297,15 +307,22 @@ * 4. timer expiration event is processed. (double-free SBI xact) * * To avoid double-free SBI xact, - * we need to check ogs_sbi_xact_cycle() + * we need to check ogs_sbi_xact_find_by_id() */ - sbi_xact = ogs_sbi_xact_cycle(e->h.sbi.data); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - stream = sbi_xact->assoc_stream; + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(sbi_xact->assoc_stream_id); /* Here, we should not use ogs_assert(stream) * since 'namf-comm' service has no an associated stream. */
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sepp/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sepp/context.c
Changed
@@ -538,11 +538,11 @@ return NULL; } -sepp_assoc_t *sepp_assoc_add(ogs_sbi_stream_t *stream) +sepp_assoc_t *sepp_assoc_add(ogs_pool_id_t stream_id) { sepp_assoc_t *assoc = NULL; - ogs_assert(stream); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && stream_id <= OGS_MAX_POOL_ID); ogs_pool_alloc(&sepp_assoc_pool, &assoc); if (!assoc) { @@ -552,7 +552,7 @@ } memset(assoc, 0, sizeof *assoc); - assoc->stream = stream; + assoc->stream_id = stream_id; ogs_list_add(&self.assoc_list, assoc);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sepp/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sepp/context.h
Changed
@@ -82,7 +82,7 @@ typedef struct sepp_assoc_s { ogs_lnode_t lnode; - ogs_sbi_stream_t *stream; + ogs_pool_id_t stream_id; ogs_sbi_client_t *client; ogs_sbi_client_t *nrf_client; @@ -106,7 +106,7 @@ sepp_node_t *sepp_node_find_by_receiver(char *receiver); sepp_node_t *sepp_node_find_by_plmn_id(uint16_t mcc, uint16_t mnc); -sepp_assoc_t *sepp_assoc_add(ogs_sbi_stream_t *stream); +sepp_assoc_t *sepp_assoc_add(ogs_pool_id_t stream_id); void sepp_assoc_remove(sepp_assoc_t *assoc); void sepp_assoc_remove_all(void);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sepp/handshake-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sepp/handshake-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2023-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -87,6 +87,7 @@ sepp_node_t *sepp_node = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *message = NULL; ogs_assert(s); @@ -118,8 +119,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_N32C_HANDSHAKE) @@ -282,6 +291,7 @@ sepp_node_t *sepp_node = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *message = NULL; ogs_assert(s); @@ -304,8 +314,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_N32C_HANDSHAKE) @@ -420,6 +438,7 @@ sepp_node_t *sepp_node = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *message = NULL; ogs_assert(s); @@ -447,8 +466,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_N32C_HANDSHAKE)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sepp/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sepp/sbi-path.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2023-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -158,6 +158,7 @@ ogs_hash_index_t *hi; ogs_sbi_client_t *client = NULL, *scp_client = NULL; ogs_sbi_stream_t *stream = data; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_server_t *server = NULL; ogs_sbi_request_t sepp_request; @@ -177,7 +178,17 @@ ogs_assert(request); ogs_assert(request->h.uri); - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } + server = ogs_sbi_server_from_stream(stream); ogs_assert(server); @@ -207,7 +218,7 @@ sepp_node_t *sepp_node = NULL; bool do_not_remove_custom_header; - assoc = sepp_assoc_add(stream); + assoc = sepp_assoc_add(stream_id); if (!assoc) { ogs_error("sepp_assoc_add() failed"); return OGS_ERROR; @@ -408,10 +419,13 @@ { sepp_assoc_t *assoc = data; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_assert(assoc); - stream = assoc->stream; - ogs_assert(stream); + + stream_id = assoc->stream_id; + ogs_assert(stream_id >= OGS_MIN_POOL_ID && stream_id <= OGS_MAX_POOL_ID); + stream = ogs_sbi_stream_find_by_id(stream_id); if (status != OGS_OK) { @@ -419,21 +433,30 @@ status == OGS_DONE ? OGS_LOG_DEBUG : OGS_LOG_WARN, 0, "response_handler() failed %d", status); + sepp_assoc_remove(assoc); + + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } ogs_assert(true == ogs_sbi_server_send_error(stream, OGS_SBI_HTTP_STATUS_INTERNAL_SERVER_ERROR, NULL, "response_handler() failed", NULL, NULL)); - sepp_assoc_remove(assoc); - return OGS_ERROR; } ogs_assert(response); - ogs_expect(true == ogs_sbi_server_send_response(stream, response)); sepp_assoc_remove(assoc); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + return OGS_ERROR; + } + ogs_expect(true == ogs_sbi_server_send_response(stream, response)); + return OGS_OK; }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sepp/sepp-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sepp/sepp-sm.c
Changed
@@ -42,6 +42,7 @@ sepp_node_t *sepp_node = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_server_t *server = NULL; @@ -64,8 +65,17 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } + server = ogs_sbi_server_from_stream(stream); ogs_assert(server);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/context.c
Changed
@@ -212,9 +212,8 @@ ogs_assert(imsi); ogs_assert(imsi_len); - ogs_pool_alloc(&sgwc_ue_pool, &sgwc_ue); + ogs_pool_id_calloc(&sgwc_ue_pool, &sgwc_ue); ogs_assert(sgwc_ue); - memset(sgwc_ue, 0, sizeof *sgwc_ue); /* Set SGW-S11-TEID */ ogs_pool_alloc(&sgwc_s11_teid_pool, &sgwc_ue->sgw_s11_teid_node); @@ -255,7 +254,7 @@ sgwc_sess_remove_all(sgwc_ue); ogs_pool_free(&sgwc_s11_teid_pool, sgwc_ue->sgw_s11_teid_node); - ogs_pool_free(&sgwc_ue_pool, sgwc_ue); + ogs_pool_id_free(&sgwc_ue_pool, sgwc_ue); ogs_info("Removed Number of SGWC-UEs is now %d", ogs_list_count(&self.sgw_ue_list)); @@ -295,19 +294,23 @@ return ogs_hash_get(self.sgw_s11_teid_hash, &teid, sizeof(teid)); } +sgwc_ue_t *sgwc_ue_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&sgwc_ue_pool, id); +} + sgwc_sess_t *sgwc_sess_add(sgwc_ue_t *sgwc_ue, char *apn) { sgwc_sess_t *sess = NULL; ogs_assert(sgwc_ue); - ogs_pool_alloc(&sgwc_sess_pool, &sess); + ogs_pool_id_calloc(&sgwc_sess_pool, &sess); if (!sess) { ogs_error("Maximum number of session%lld reached", (long long)ogs_app()->pool.sess); return NULL; } - memset(sess, 0, sizeof *sess); ogs_pfcp_pool_init(&sess->pfcp); @@ -328,7 +331,7 @@ sess->session.name = ogs_strdup(apn); ogs_assert(sess->session.name); - sess->sgwc_ue = sgwc_ue; + sess->sgwc_ue_id = sgwc_ue->id; ogs_list_add(&sgwc_ue->sess_list, sess); @@ -344,7 +347,7 @@ ogs_assert(node); ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); ogs_assert(sess->session.name); @@ -430,7 +433,7 @@ sgwc_ue_t *sgwc_ue = NULL; ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); ogs_list_remove(&sgwc_ue->sess_list, sess); @@ -449,7 +452,7 @@ ogs_free(sess->session.name); ogs_pool_free(&sgwc_sxa_seid_pool, sess->sgwc_sxa_seid_node); - ogs_pool_free(&sgwc_sess_pool, sess); + ogs_pool_id_free(&sgwc_sess_pool, sess); stats_remove_sgwc_session(); @@ -497,14 +500,14 @@ bearer = sgwc_bearer_find_by_ue_ebi(sgwc_ue, ebi); if (bearer) - return bearer->sess; + return sgwc_sess_find_by_id(bearer->sess_id); return NULL; } -sgwc_sess_t *sgwc_sess_cycle(sgwc_sess_t *sess) +sgwc_sess_t *sgwc_sess_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&sgwc_sess_pool, sess); + return ogs_pool_find_by_id(&sgwc_sess_pool, id); } int sgwc_sess_pfcp_xact_count( @@ -518,14 +521,24 @@ ogs_list_for_each(&sgwc_ue->sess_list, sess) { ogs_pfcp_node_t *pfcp_node = sess->pfcp_node; ogs_pfcp_xact_t *pfcp_xact = NULL; + ogs_assert(pfcp_node); ogs_list_for_each(&pfcp_node->local_list, pfcp_xact) { - if (sess != pfcp_xact->data) - continue; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; + if (pfcp_type && pfcp_type != pfcp_xact->seq0.type) continue; + if (!(pfcp_xact->modify_flags & OGS_PFCP_MODIFY_SESSION)) + continue; if (modify_flags && modify_flags != pfcp_xact->modify_flags) continue; + + sess_id = OGS_POINTER_TO_UINT(pfcp_xact->data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && + sess_id <= OGS_MAX_POOL_ID); + if (sess->id != sess_id) + continue; + xact_count++; } } @@ -540,15 +553,14 @@ sgwc_ue_t *sgwc_ue = NULL; ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); - ogs_pool_alloc(&sgwc_bearer_pool, &bearer); + ogs_pool_id_calloc(&sgwc_bearer_pool, &bearer); ogs_assert(bearer); - memset(bearer, 0, sizeof *bearer); - bearer->sgwc_ue = sgwc_ue; - bearer->sess = sess; + bearer->sgwc_ue_id = sgwc_ue->id; + bearer->sess_id = sess->id; /* Downlink */ tunnel = sgwc_tunnel_add(bearer, OGS_GTP2_F_TEID_S5_S8_SGW_GTP_U); @@ -565,14 +577,17 @@ int sgwc_bearer_remove(sgwc_bearer_t *bearer) { + sgwc_sess_t *sess = NULL; + ogs_assert(bearer); - ogs_assert(bearer->sess); + sess = sgwc_sess_find_by_id(bearer->sess_id); + ogs_assert(sess); - ogs_list_remove(&bearer->sess->bearer_list, bearer); + ogs_list_remove(&sess->bearer_list, bearer); sgwc_tunnel_remove_all(bearer); - ogs_pool_free(&sgwc_bearer_pool, bearer); + ogs_pool_id_free(&sgwc_bearer_pool, bearer); return OGS_OK; } @@ -618,9 +633,9 @@ return ogs_list_first(&sess->bearer_list); } -sgwc_bearer_t *sgwc_bearer_cycle(sgwc_bearer_t *bearer) +sgwc_bearer_t *sgwc_bearer_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&sgwc_bearer_pool, bearer); + return ogs_pool_find_by_id(&sgwc_bearer_pool, id); } sgwc_tunnel_t *sgwc_tunnel_add( @@ -636,7 +651,7 @@ uint8_t dst_if = OGS_PFCP_INTERFACE_UNKNOWN; ogs_assert(bearer); - sess = bearer->sess; + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); switch (interface_type) { @@ -663,9 +678,8 @@ ogs_assert_if_reached(); } - ogs_pool_alloc(&sgwc_tunnel_pool, &tunnel); + ogs_pool_id_calloc(&sgwc_tunnel_pool, &tunnel); ogs_assert(tunnel); - memset(tunnel, 0, sizeof *tunnel); tunnel->interface_type = interface_type; @@ -751,7 +765,7 @@ tunnel->pdr = pdr; tunnel->far = far; - tunnel->bearer = bearer; + tunnel->bearer_id = bearer->id; ogs_list_add(&bearer->tunnel_list, tunnel); @@ -760,10 +774,13 @@ int sgwc_tunnel_remove(sgwc_tunnel_t *tunnel) { + sgwc_bearer_t *bearer = NULL; + ogs_assert(tunnel); - ogs_assert(tunnel->bearer); + bearer = sgwc_bearer_find_by_id(tunnel->bearer_id); + ogs_assert(bearer); - ogs_list_remove(&tunnel->bearer->tunnel_list, tunnel); + ogs_list_remove(&bearer->tunnel_list, tunnel); ogs_pfcp_pdr_remove(tunnel->pdr); ogs_pfcp_far_remove(tunnel->far); @@ -773,7 +790,7 @@ if (tunnel->local_addr6) ogs_freeaddrinfo(tunnel->local_addr6); - ogs_pool_free(&sgwc_tunnel_pool, tunnel); + ogs_pool_id_free(&sgwc_tunnel_pool, tunnel); return OGS_OK; } @@ -863,6 +880,11 @@ return NULL; } +sgwc_tunnel_t *sgwc_tunnel_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&sgwc_tunnel_pool, id); +} + sgwc_tunnel_t *sgwc_dl_tunnel_in_bearer(sgwc_bearer_t *bearer) { ogs_assert(bearer);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/context.h
Changed
@@ -51,6 +51,7 @@ typedef struct sgwc_ue_s { ogs_lnode_t lnode; + ogs_pool_id_t id; ogs_pool_id_t *sgw_s11_teid_node; /* A node of SGW-S11-TEID */ uint32_t sgw_s11_teid; /* SGW-S11-TEID is derived from NODE */ @@ -74,6 +75,7 @@ #define SGWC_SESS(pfcp_sess) ogs_container_of(pfcp_sess, sgwc_sess_t, pfcp) typedef struct sgwc_sess_s { ogs_lnode_t lnode; /* A node of list_t */ + ogs_pool_id_t id; ogs_pool_id_t *sgwc_sxa_seid_node; /* A node of SGWC-SXA-SEID */ ogs_pfcp_sess_t pfcp; /* PFCP session context */ @@ -93,22 +95,24 @@ ogs_gtp_node_t *gnode; ogs_pfcp_node_t *pfcp_node; - sgwc_ue_t *sgwc_ue; + ogs_pool_id_t sgwc_ue_id; } sgwc_sess_t; typedef struct sgwc_bearer_s { ogs_lnode_t lnode; + ogs_pool_id_t id; ogs_lnode_t to_modify_node; uint8_t ebi; ogs_list_t tunnel_list; - sgwc_sess_t *sess; - sgwc_ue_t *sgwc_ue; + ogs_pool_id_t sess_id; + ogs_pool_id_t sgwc_ue_id; } sgwc_bearer_t; typedef struct sgwc_tunnel_s { ogs_lnode_t lnode; + ogs_pool_id_t id; uint8_t interface_type; @@ -123,7 +127,7 @@ ogs_ip_t remote_ip; /* Related Context */ - sgwc_bearer_t *bearer; + ogs_pool_id_t bearer_id; ogs_gtp_node_t *gnode; } sgwc_tunnel_t; @@ -141,6 +145,7 @@ sgwc_ue_t *sgwc_ue_add(uint8_t *imsi, int imsi_len); int sgwc_ue_remove(sgwc_ue_t *sgwc_ue); void sgwc_ue_remove_all(void); +sgwc_ue_t *sgwc_ue_find_by_id(ogs_pool_id_t id); sgwc_sess_t *sgwc_sess_add(sgwc_ue_t *sgwc_ue, char *apn); @@ -154,7 +159,7 @@ sgwc_sess_t *sgwc_sess_find_by_apn(sgwc_ue_t *sgwc_ue, char *apn); sgwc_sess_t *sgwc_sess_find_by_ebi(sgwc_ue_t *sgwc_ue, uint8_t ebi); -sgwc_sess_t *sgwc_sess_cycle(sgwc_sess_t *sess); +sgwc_sess_t *sgwc_sess_find_by_id(ogs_pool_id_t id); #define SGWC_SESSION_SYNC_DONE(__sGWC, __tYPE, __fLAGS) \ (sgwc_sess_pfcp_xact_count(__sGWC, __tYPE, __fLAGS) == 0) @@ -169,7 +174,7 @@ sgwc_bearer_t *sgwc_bearer_find_by_ue_ebi( sgwc_ue_t *sgwc_ue, uint8_t ebi); sgwc_bearer_t *sgwc_default_bearer_in_sess(sgwc_sess_t *sess); -sgwc_bearer_t *sgwc_bearer_cycle(sgwc_bearer_t *bearer); +sgwc_bearer_t *sgwc_bearer_find_by_id(ogs_pool_id_t id); sgwc_tunnel_t *sgwc_tunnel_add( sgwc_bearer_t *bearer, uint8_t interface_type); @@ -184,6 +189,7 @@ sgwc_sess_t *sess, ogs_pfcp_far_id_t far_id); sgwc_tunnel_t *sgwc_dl_tunnel_in_bearer(sgwc_bearer_t *bearer); sgwc_tunnel_t *sgwc_ul_tunnel_in_bearer(sgwc_bearer_t *bearer); +sgwc_tunnel_t *sgwc_tunnel_find_by_id(ogs_pool_id_t id); #ifdef __cplusplus }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/event.h
Changed
@@ -57,10 +57,8 @@ ogs_gtp2_message_t *gtp_message; ogs_pfcp_node_t *pfcp_node; - ogs_pfcp_xact_t *pfcp_xact; + ogs_pool_id_t pfcp_xact_id; ogs_pfcp_message_t *pfcp_message; - - sgwc_bearer_t *bearer; } sgwc_event_t; OGS_STATIC_ASSERT(OGS_EVENT_SIZE >= sizeof(sgwc_event_t));
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/gtp-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/gtp-path.c
Changed
@@ -144,19 +144,29 @@ static void bearer_timeout(ogs_gtp_xact_t *xact, void *data) { sgwc_bearer_t *bearer = data; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; sgwc_sess_t *sess = NULL; sgwc_ue_t *sgwc_ue = NULL; uint8_t type = 0; ogs_assert(xact); - ogs_assert(bearer); - sess = bearer->sess; + type = xact->seq0.type; + + ogs_assert(data); + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); - type = xact->seq0.type; - switch (type) { case OGS_GTP2_DOWNLINK_DATA_NOTIFICATION_TYPE: ogs_warn("%s No Downlink Data Notification ACK", sgwc_ue->imsi_bcd); @@ -178,7 +188,7 @@ ogs_pkbuf_t *pkbuf = NULL; ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); ogs_assert(xact); @@ -219,9 +229,9 @@ ogs_assert(bearer); - sess = bearer->sess; + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - sgwc_ue = bearer->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(bearer->sgwc_ue_id); ogs_assert(sgwc_ue); ogs_assert(sgwc_ue->gnode); @@ -240,7 +250,8 @@ } gtp_xact = ogs_gtp_xact_local_create( - sgwc_ue->gnode, &h, pkbuf, bearer_timeout, bearer); + sgwc_ue->gnode, &h, pkbuf, bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!gtp_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/pfcp-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/pfcp-path.c
Changed
@@ -170,11 +170,23 @@ static void sess_timeout(ogs_pfcp_xact_t *xact, void *data) { + sgwc_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; uint8_t type; ogs_assert(xact); type = xact->seq0.type; + ogs_assert(data); + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = sgwc_sess_find_by_id(sess_id); + if (!sess) { + ogs_error("Session has already been removed %d", type); + return; + } + switch (type) { case OGS_PFCP_SESSION_ESTABLISHMENT_REQUEST_TYPE: ogs_error("No PFCP session establishment response"); @@ -193,11 +205,23 @@ static void bearer_timeout(ogs_pfcp_xact_t *xact, void *data) { + sgwc_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; uint8_t type; ogs_assert(xact); type = xact->seq0.type; + ogs_assert(data); + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + switch (type) { case OGS_PFCP_SESSION_MODIFICATION_REQUEST_TYPE: ogs_error("No PFCP session modification response"); @@ -243,7 +267,7 @@ } int sgwc_pfcp_send_session_establishment_request( - sgwc_sess_t *sess, ogs_gtp_xact_t *gtp_xact, ogs_pkbuf_t *gtpbuf, + sgwc_sess_t *sess, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf, uint64_t flags) { int rv; @@ -253,13 +277,14 @@ ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } - xact->assoc_xact = gtp_xact; + xact->assoc_xact_id = gtp_xact_id; if (gtpbuf) { xact->gtpbuf = ogs_pkbuf_copy(gtpbuf); if (!xact->gtpbuf) { @@ -323,7 +348,7 @@ } int sgwc_pfcp_send_session_modification_request( - sgwc_sess_t *sess, ogs_gtp_xact_t *gtp_xact, + sgwc_sess_t *sess, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf, uint64_t flags) { ogs_pfcp_xact_t *xact = NULL; @@ -331,13 +356,14 @@ ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } - xact->assoc_xact = gtp_xact; + xact->assoc_xact_id = gtp_xact_id; xact->modify_flags = flags | OGS_PFCP_MODIFY_SESSION; if (gtpbuf) { xact->gtpbuf = ogs_pkbuf_copy(gtpbuf); @@ -355,7 +381,7 @@ } int sgwc_pfcp_send_bearer_modification_request( - sgwc_bearer_t *bearer, ogs_gtp_xact_t *gtp_xact, + sgwc_bearer_t *bearer, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf, uint64_t flags) { int rv; @@ -365,16 +391,17 @@ sgwc_sess_t *sess = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, bearer_timeout, bearer); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, bearer_timeout, OGS_UINT_TO_POINTER(bearer->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } - xact->assoc_xact = gtp_xact; + xact->assoc_xact_id = gtp_xact_id; xact->modify_flags = flags; if (gtpbuf) { xact->gtpbuf = ogs_pkbuf_copy(gtpbuf); @@ -410,7 +437,7 @@ } int sgwc_pfcp_send_session_deletion_request( - sgwc_sess_t *sess, ogs_gtp_xact_t *gtp_xact, ogs_pkbuf_t *gtpbuf) + sgwc_sess_t *sess, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf) { int rv; ogs_pkbuf_t *sxabuf = NULL; @@ -419,13 +446,14 @@ ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } - xact->assoc_xact = gtp_xact; + xact->assoc_xact_id = gtp_xact_id; if (gtpbuf) { xact->gtpbuf = ogs_pkbuf_copy(gtpbuf); if (!xact->gtpbuf) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/pfcp-path.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/pfcp-path.h
Changed
@@ -33,18 +33,18 @@ sgwc_sess_t *sess, ogs_pfcp_xact_t *xact); int sgwc_pfcp_send_session_establishment_request( - sgwc_sess_t *sess, ogs_gtp_xact_t *gtp_xact, ogs_pkbuf_t *gtpbuf, + sgwc_sess_t *sess, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf, uint64_t flags); int sgwc_pfcp_send_session_modification_request( - sgwc_sess_t *sess, ogs_gtp_xact_t *gtp_xact, + sgwc_sess_t *sess, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf, uint64_t flags); int sgwc_pfcp_send_bearer_modification_request( - sgwc_bearer_t *bearer, ogs_gtp_xact_t *gtp_xact, + sgwc_bearer_t *bearer, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf, uint64_t flags); int sgwc_pfcp_send_session_deletion_request( - sgwc_sess_t *sess, ogs_gtp_xact_t *gtp_xact, ogs_pkbuf_t *gtpbuf); + sgwc_sess_t *sess, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf); int sgwc_pfcp_send_session_report_response( ogs_pfcp_xact_t *xact, sgwc_sess_t *sess, uint8_t cause);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/pfcp-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/pfcp-sm.c
Changed
@@ -121,7 +121,7 @@ case SGWC_EVT_SXA_MESSAGE: message = e->pfcp_message; ogs_assert(message); - xact = e->pfcp_xact; + xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(xact); switch (message->h.type) { @@ -203,7 +203,7 @@ case SGWC_EVT_SXA_MESSAGE: message = e->pfcp_message; ogs_assert(message); - xact = e->pfcp_xact; + xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(xact); if (message->h.seid_presence && message->h.seid != 0) { @@ -400,7 +400,7 @@ sgwc_ue->imsi_bcd, sess->session.name); ogs_assert(OGS_OK == sgwc_pfcp_send_session_establishment_request( - sess, NULL, NULL, + sess, OGS_INVALID_POOL_ID, NULL, OGS_PFCP_CREATE_RESTORATION_INDICATION)); } }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/s11-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/s11-build.c
Changed
@@ -44,7 +44,7 @@ ogs_debug("SGWC Create Session Response"); ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); ogs_debug(" SGW_S5C_TEID0x%x PGW_S5C_TEID0x%x", @@ -141,7 +141,7 @@ sgwc_sess_t *sess = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); /* Build downlink notification message */
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/s11-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/s11-handler.c
Changed
@@ -24,27 +24,33 @@ static void gtp_sess_timeout(ogs_gtp_xact_t *xact, void *data) { - sgwc_sess_t *sess = data; + sgwc_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; sgwc_ue_t *sgwc_ue = NULL; uint8_t type = 0; ogs_assert(xact); - ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; - ogs_assert(sgwc_ue); - type = xact->seq0.type; + ogs_assert(data); + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = sgwc_sess_find_by_id(sess_id); + if (!sess) { + ogs_error("Session has already been removed %d", type); + return; + } + + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); + ogs_assert(sgwc_ue); + switch (type) { case OGS_GTP2_DELETE_SESSION_REQUEST_TYPE: ogs_error("%s No Delete Session Response", sgwc_ue->imsi_bcd); - if (!sgwc_sess_cycle(sess)) { - ogs_error("%s Session has already been removed", - sgwc_ue->imsi_bcd); - break; - } ogs_assert(OGS_OK == - sgwc_pfcp_send_session_deletion_request(sess, NULL, NULL)); + sgwc_pfcp_send_session_deletion_request( + sess, OGS_INVALID_POOL_ID, NULL)); break; default: ogs_error("GTP Timeout : IMSI%s Message-Type%d", @@ -54,31 +60,53 @@ static void gtp_bearer_timeout(ogs_gtp_xact_t *xact, void *data) { - sgwc_bearer_t *bearer = data; + sgwc_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; sgwc_sess_t *sess = NULL; sgwc_ue_t *sgwc_ue = NULL; uint8_t type = 0; ogs_assert(xact); - ogs_assert(bearer); - sess = bearer->sess; + type = xact->seq0.type; + + ogs_assert(data); + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); - type = xact->seq0.type; - ogs_error("GTP Timeout : IMSI%s Message-Type%d", sgwc_ue->imsi_bcd, type); } static void pfcp_sess_timeout(ogs_pfcp_xact_t *xact, void *data) { + sgwc_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; uint8_t type; ogs_assert(xact); type = xact->seq0.type; + ogs_assert(data); + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = sgwc_sess_find_by_id(sess_id); + if (!sess) { + ogs_error("Session has already been removed %d", type); + return; + } + switch (type) { case OGS_PFCP_SESSION_ESTABLISHMENT_REQUEST_TYPE: ogs_error("No PFCP session establishment response"); @@ -383,7 +411,7 @@ ogs_assert(OGS_OK == sgwc_pfcp_send_session_establishment_request( - sess, s11_xact, gtpbuf, 0)); + sess, s11_xact->id, gtpbuf, 0)); } void sgwc_s11_handle_modify_bearer_request( @@ -465,22 +493,28 @@ break; } - sess = bearer->sess; + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); ogs_list_for_each_entry(&pfcp_xact_list, pfcp_xact, tmpnode) { - if (sess == pfcp_xact->data) { - current_xact = pfcp_xact; - break; + if (pfcp_xact->modify_flags & OGS_PFCP_MODIFY_SESSION) { + ogs_pool_id_t sess_id = OGS_POINTER_TO_UINT(pfcp_xact->data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && + sess_id <= OGS_MAX_POOL_ID); + if (sess->id == sess_id) { + current_xact = pfcp_xact; + break; + } } } if (!current_xact) { current_xact = ogs_pfcp_xact_local_create( - sess->pfcp_node, pfcp_sess_timeout, sess); + sess->pfcp_node, pfcp_sess_timeout, + OGS_UINT_TO_POINTER(sess->id)); ogs_assert(current_xact); - current_xact->assoc_xact = s11_xact; + current_xact->assoc_xact_id = s11_xact->id; current_xact->modify_flags = OGS_PFCP_MODIFY_SESSION| OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_ACTIVATE; if (gtpbuf) { @@ -566,8 +600,20 @@ ogs_debug(" ENB_S1U_TEID%d SGW_S1U_TEID%d", dl_tunnel->remote_teid, dl_tunnel->local_teid); - ogs_list_for_each_entry(&pfcp_xact_list, pfcp_xact, tmpnode) - sgwc_pfcp_send_bearer_to_modify_list(pfcp_xact->data, pfcp_xact); + ogs_list_for_each_entry(&pfcp_xact_list, pfcp_xact, tmpnode) { + if (pfcp_xact->modify_flags & OGS_PFCP_MODIFY_SESSION) { + sgwc_sess_t *sess = NULL; + + ogs_pool_id_t sess_id = OGS_POINTER_TO_UINT(pfcp_xact->data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && + sess_id <= OGS_MAX_POOL_ID); + + sess = sgwc_sess_find_by_id(sess_id); + ogs_assert(sess); + + sgwc_pfcp_send_bearer_to_modify_list(sess, pfcp_xact); + } + } } void sgwc_s11_handle_delete_session_request( @@ -657,7 +703,8 @@ indication->scope_indication == 1) { ogs_assert(OGS_OK == - sgwc_pfcp_send_session_deletion_request(sess, s11_xact, gtpbuf)); + sgwc_pfcp_send_session_deletion_request( + sess, s11_xact->id, gtpbuf)); } else { message->h.type = OGS_GTP2_DELETE_SESSION_REQUEST_TYPE; @@ -670,7 +717,8 @@ } s5c_xact = ogs_gtp_xact_local_create( - sess->gnode, &message->h, gtpbuf, gtp_sess_timeout, sess); + sess->gnode, &message->h, gtpbuf, gtp_sess_timeout, + OGS_UINT_TO_POINTER(sess->id)); if (!s5c_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return; @@ -695,6 +743,7 @@ sgwc_sess_t *sess = NULL; sgwc_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; sgwc_tunnel_t *dl_tunnel = NULL, *ul_tunnel = NULL; ogs_pfcp_far_t *far = NULL; @@ -715,17 +764,29 @@ * Check Transaction ********************/ ogs_assert(s11_xact); - s5c_xact = s11_xact->assoc_xact; + s5c_xact = ogs_gtp_xact_find_by_id(s11_xact->assoc_xact_id); ogs_assert(s5c_xact); - if (s11_xact->xid & OGS_GTP_CMD_XACT_ID) + if (s11_xact->xid & OGS_GTP_CMD_XACT_ID) { /* MME received Bearer Resource Modification Request */ - bearer = s5c_xact->data; - else - bearer = s11_xact->data; + ogs_assert(s5c_xact->data); + bearer_id = OGS_POINTER_TO_UINT(s5c_xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); - ogs_assert(bearer); - sess = bearer->sess; + bearer = sgwc_bearer_find_by_id(bearer_id); + ogs_assert(bearer); + } else { + ogs_assert(s11_xact->data); + bearer_id = OGS_POINTER_TO_UINT(s11_xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); + ogs_assert(bearer); + } + + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); rv = ogs_gtp_xact_commit(s11_xact); @@ -765,7 +826,7 @@ if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { ogs_assert(OGS_OK == sgwc_pfcp_send_bearer_modification_request( - bearer, NULL, NULL, + bearer, OGS_INVALID_POOL_ID, NULL, OGS_PFCP_MODIFY_UL_ONLY|OGS_PFCP_MODIFY_REMOVE)); ogs_gtp_send_error_message(s5c_xact, sess ? sess->pgw_s5c_teid : 0, OGS_GTP2_CREATE_BEARER_RESPONSE_TYPE, cause_value); @@ -784,7 +845,7 @@ ogs_error("GTP Cause Value:%d", cause_value); ogs_assert(OGS_OK == sgwc_pfcp_send_bearer_modification_request( - bearer, NULL, NULL, + bearer, OGS_INVALID_POOL_ID, NULL, OGS_PFCP_MODIFY_UL_ONLY|OGS_PFCP_MODIFY_REMOVE)); ogs_gtp_send_error_message(s5c_xact, sess ? sess->pgw_s5c_teid : 0, OGS_GTP2_CREATE_BEARER_RESPONSE_TYPE, cause_value); @@ -867,7 +928,7 @@ ogs_assert(OGS_OK == sgwc_pfcp_send_bearer_modification_request( - bearer, s5c_xact, gtpbuf, + bearer, s5c_xact->id, gtpbuf, OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_CREATE)); } @@ -882,6 +943,7 @@ ogs_gtp_xact_t *s5c_xact = NULL; sgwc_sess_t *sess = NULL; sgwc_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; ogs_gtp2_update_bearer_response_t *rsp = NULL; ogs_assert(sgwc_ue); @@ -895,17 +957,29 @@ * Check Transaction ********************/ ogs_assert(s11_xact); - s5c_xact = s11_xact->assoc_xact; + s5c_xact = ogs_gtp_xact_find_by_id(s11_xact->assoc_xact_id); ogs_assert(s5c_xact); - if (s11_xact->xid & OGS_GTP_CMD_XACT_ID) + if (s11_xact->xid & OGS_GTP_CMD_XACT_ID) { /* MME received Bearer Resource Modification Request */ - bearer = s5c_xact->data; - else - bearer = s11_xact->data; + ogs_assert(s5c_xact->data); + bearer_id = OGS_POINTER_TO_UINT(s5c_xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); - ogs_assert(bearer); - sess = bearer->sess; + bearer = sgwc_bearer_find_by_id(bearer_id); + ogs_assert(bearer); + } else { + ogs_assert(s11_xact->data); + bearer_id = OGS_POINTER_TO_UINT(s11_xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); + ogs_assert(bearer); + } + + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); rv = ogs_gtp_xact_commit(s11_xact); @@ -1005,6 +1079,7 @@ sgwc_sess_t *sess = NULL; sgwc_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; ogs_gtp2_delete_bearer_response_t *rsp = NULL; ogs_assert(sgwc_ue); @@ -1018,17 +1093,29 @@ * Check Transaction ********************/ ogs_assert(s11_xact); - s5c_xact = s11_xact->assoc_xact; + s5c_xact = ogs_gtp_xact_find_by_id(s11_xact->assoc_xact_id); ogs_assert(s5c_xact); - if (s11_xact->xid & OGS_GTP_CMD_XACT_ID) + if (s11_xact->xid & OGS_GTP_CMD_XACT_ID) { /* MME received Bearer Resource Modification Request */ - bearer = s5c_xact->data; - else - bearer = s11_xact->data; + ogs_assert(s5c_xact->data); + bearer_id = OGS_POINTER_TO_UINT(s5c_xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); - ogs_assert(bearer); - sess = bearer->sess; + bearer = sgwc_bearer_find_by_id(bearer_id); + ogs_assert(bearer); + } else { + ogs_assert(s11_xact->data); + bearer_id = OGS_POINTER_TO_UINT(s11_xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); + ogs_assert(bearer); + } + + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); rv = ogs_gtp_xact_commit(s11_xact); @@ -1065,7 +1152,8 @@ } ogs_assert(OGS_OK == - sgwc_pfcp_send_session_deletion_request(sess, s5c_xact, gtpbuf)); + sgwc_pfcp_send_session_deletion_request( + sess, s5c_xact->id, gtpbuf)); } else { /* * << EPS Bearer IDs >> @@ -1117,7 +1205,7 @@ ogs_assert(OGS_OK == sgwc_pfcp_send_bearer_modification_request( - bearer, s5c_xact, gtpbuf, OGS_PFCP_MODIFY_REMOVE)); + bearer, s5c_xact->id, gtpbuf, OGS_PFCP_MODIFY_REMOVE)); } } @@ -1166,7 +1254,7 @@ ogs_assert(OGS_OK == sgwc_pfcp_send_session_modification_request( - sess, s11_xact, gtpbuf, + sess, s11_xact->id, gtpbuf, OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_DEACTIVATE)); } } @@ -1179,6 +1267,7 @@ uint8_t cause_value; sgwc_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; sgwc_sess_t *sess = NULL; ogs_gtp2_downlink_data_notification_acknowledge_t *ack = NULL; @@ -1191,9 +1280,14 @@ * Check Transaction ********************/ ogs_assert(s11_xact); - bearer = s11_xact->data; + ogs_assert(s11_xact->data); + bearer_id = OGS_POINTER_TO_UINT(s11_xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); ogs_assert(bearer); - sess = bearer->sess; + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); rv = ogs_gtp_xact_commit(s11_xact); @@ -1359,7 +1453,7 @@ ogs_assert(OGS_OK == sgwc_pfcp_send_session_modification_request( - sess, s11_xact, gtpbuf, + sess, s11_xact->id, gtpbuf, OGS_PFCP_MODIFY_INDIRECT|OGS_PFCP_MODIFY_CREATE)); } } @@ -1405,7 +1499,7 @@ ogs_assert(OGS_OK == sgwc_pfcp_send_session_modification_request( - sess, s11_xact, gtpbuf, + sess, s11_xact->id, gtpbuf, OGS_PFCP_MODIFY_INDIRECT| OGS_PFCP_MODIFY_REMOVE)); } } @@ -1492,7 +1586,7 @@ * Check ALL Context ********************/ ogs_assert(bearer); - sess = bearer->sess; + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); ogs_assert(sess->gnode); ogs_assert(sgwc_ue); @@ -1512,7 +1606,8 @@ } s5c_xact = ogs_gtp_xact_local_create( - sess->gnode, &message->h, pkbuf, gtp_bearer_timeout, bearer); + sess->gnode, &message->h, pkbuf, gtp_bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!s5c_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/s5c-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/s5c-handler.c
Changed
@@ -24,34 +24,39 @@ static void bearer_timeout(ogs_gtp_xact_t *xact, void *data) { - sgwc_bearer_t *bearer = data; + sgwc_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; sgwc_sess_t *sess = NULL; sgwc_ue_t *sgwc_ue = NULL; uint8_t type = 0; ogs_assert(xact); - ogs_assert(bearer); - sess = bearer->sess; + type = xact->seq0.type; + + ogs_assert(data); + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); - type = xact->seq0.type; - switch (type) { case OGS_GTP2_UPDATE_BEARER_REQUEST_TYPE: ogs_error("%s No Update Bearer Response", sgwc_ue->imsi_bcd); break; case OGS_GTP2_DELETE_BEARER_REQUEST_TYPE: ogs_error("%s No Delete Bearer Response", sgwc_ue->imsi_bcd); - if (!sgwc_bearer_cycle(bearer)) { - ogs_error("%s Bearer has already been removed", - sgwc_ue->imsi_bcd); - break; - } ogs_assert(OGS_OK == sgwc_pfcp_send_bearer_modification_request( - bearer, NULL, NULL, OGS_PFCP_MODIFY_REMOVE)); + bearer, OGS_INVALID_POOL_ID, NULL, OGS_PFCP_MODIFY_REMOVE)); break; default: ogs_error("GTP Timeout : IMSI%s Message-Type%d", @@ -91,7 +96,7 @@ * Check Transaction ********************/ ogs_assert(s5c_xact); - s11_xact = s5c_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(s5c_xact->assoc_xact_id); ogs_assert(s11_xact); rv = ogs_gtp_xact_commit(s5c_xact); @@ -117,7 +122,7 @@ ogs_error("No Context in TEID Cause:%d", session_cause); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); } @@ -280,7 +285,7 @@ ogs_assert(OGS_OK == sgwc_pfcp_send_session_modification_request( - sess, s11_xact, gtpbuf, + sess, s11_xact->id, gtpbuf, OGS_PFCP_MODIFY_UL_ONLY|OGS_PFCP_MODIFY_ACTIVATE)); } @@ -309,7 +314,7 @@ * Check Transaction ********************/ ogs_assert(s5c_xact); - s11_xact = s5c_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(s5c_xact->assoc_xact_id); ogs_assert(s11_xact); modify_action = s5c_xact->modify_action; @@ -336,7 +341,7 @@ ogs_error("No Context in TEID Cause:%d", session_cause); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); } @@ -450,7 +455,7 @@ * Check Transaction ********************/ ogs_assert(s5c_xact); - s11_xact = s5c_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(s5c_xact->assoc_xact_id); ogs_assert(s11_xact); rv = ogs_gtp_xact_commit(s5c_xact); @@ -476,7 +481,7 @@ ogs_error("No Context in TEID Cause:%d", session_cause); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); } @@ -518,7 +523,7 @@ * 2. SMF sends Delete Session Response to SGW/MME. */ ogs_assert(OGS_OK == - sgwc_pfcp_send_session_deletion_request(sess, s11_xact, gtpbuf)); + sgwc_pfcp_send_session_deletion_request(sess, s11_xact->id, gtpbuf)); } void sgwc_s5c_handle_create_bearer_request( @@ -556,7 +561,7 @@ ogs_error("No Context in TEID"); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); } @@ -637,7 +642,7 @@ ogs_assert(OGS_OK == sgwc_pfcp_send_bearer_modification_request( - bearer, s5c_xact, gtpbuf, + bearer, s5c_xact->id, gtpbuf, OGS_PFCP_MODIFY_UL_ONLY|OGS_PFCP_MODIFY_CREATE)); } @@ -673,7 +678,7 @@ ogs_error("No Context in TEID"); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); if (req->bearer_contexts.presence == 0) { @@ -725,10 +730,11 @@ return; } - s11_xact = s5c_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(s5c_xact->assoc_xact_id); if (!s11_xact) { s11_xact = ogs_gtp_xact_local_create( - sgwc_ue->gnode, &message->h, pkbuf, bearer_timeout, bearer); + sgwc_ue->gnode, &message->h, pkbuf, bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!s11_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return; @@ -783,7 +789,7 @@ ogs_error("No Context in TEID"); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); if (req->linked_eps_bearer_id.presence == 0 && @@ -866,7 +872,7 @@ return; } - s11_xact = s5c_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(s5c_xact->assoc_xact_id); if (!s11_xact) { /* * 1. SMF sends Delete Bearer Request(DEFAULT BEARER) to SGW/MME. @@ -883,7 +889,8 @@ * 2. MME sends Delete Bearer Response(DEDICATED BEARER) to SGW/SMF. */ s11_xact = ogs_gtp_xact_local_create( - sgwc_ue->gnode, &message->h, pkbuf, bearer_timeout, bearer); + sgwc_ue->gnode, &message->h, pkbuf, bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!s11_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return; @@ -929,7 +936,7 @@ * Check Transaction ********************/ ogs_assert(s5c_xact); - s11_xact = s5c_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(s5c_xact->assoc_xact_id); ogs_assert(s11_xact); /************************ @@ -941,7 +948,7 @@ ogs_error("No Context in TEID"); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } else { - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/sgwc-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/sgwc-sm.c
Changed
@@ -114,7 +114,7 @@ } e->pfcp_message = pfcp_message; - e->pfcp_xact = pfcp_xact; + e->pfcp_xact_id = pfcp_xact ? pfcp_xact->id : OGS_INVALID_POOL_ID; e->gtp_message = NULL; if (pfcp_xact->gtpbuf) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwc/sxa-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwc/sxa-handler.c
Changed
@@ -62,13 +62,25 @@ static void sess_timeout(ogs_gtp_xact_t *xact, void *data) { - sgwc_sess_t *sess = data; + sgwc_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; sgwc_ue_t *sgwc_ue = NULL; uint8_t type = 0; ogs_assert(xact); - ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + type = xact->seq0.type; + + ogs_assert(data); + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = sgwc_sess_find_by_id(sess_id); + if (!sess) { + ogs_error("Session has already been removed %d", type); + return; + } + + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); type = xact->seq0.type; @@ -76,13 +88,9 @@ switch (type) { case OGS_GTP2_CREATE_SESSION_REQUEST_TYPE: ogs_error("%s No Create Session Response", sgwc_ue->imsi_bcd); - if (!sgwc_sess_cycle(sess)) { - ogs_warn("%s Session has already been removed", - sgwc_ue->imsi_bcd); - break; - } ogs_assert(OGS_OK == - sgwc_pfcp_send_session_deletion_request(sess, NULL, NULL)); + sgwc_pfcp_send_session_deletion_request( + sess, OGS_INVALID_POOL_ID, NULL)); break; default: ogs_error("GTP Timeout : IMSI%s Message-Type%d", @@ -92,30 +100,36 @@ static void bearer_timeout(ogs_gtp_xact_t *xact, void *data) { - sgwc_bearer_t *bearer = data; + sgwc_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; sgwc_sess_t *sess = NULL; sgwc_ue_t *sgwc_ue = NULL; uint8_t type = 0; ogs_assert(xact); - ogs_assert(bearer); - sess = bearer->sess; + type = xact->seq0.type; + + ogs_assert(data); + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); - type = xact->seq0.type; - switch (type) { case OGS_GTP2_CREATE_BEARER_REQUEST_TYPE: ogs_error("%s No Create Bearer Response", sgwc_ue->imsi_bcd); - if (!sgwc_bearer_cycle(bearer)) { - ogs_warn("%s Bearer has already been removed", sgwc_ue->imsi_bcd); - break; - } ogs_assert(OGS_OK == sgwc_pfcp_send_bearer_modification_request( - bearer, NULL, NULL, + bearer, OGS_INVALID_POOL_ID, NULL, OGS_PFCP_MODIFY_UL_ONLY|OGS_PFCP_MODIFY_REMOVE)); break; default: @@ -164,7 +178,7 @@ create_session_request = &recv_message->create_session_request; ogs_assert(create_session_request); - s11_xact = pfcp_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s11_xact); ogs_pfcp_xact_commit(pfcp_xact); @@ -244,7 +258,7 @@ } if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { - if (sess) sgwc_ue = sess->sgwc_ue; + if (sess) sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_gtp_send_error_message( s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, OGS_GTP2_CREATE_SESSION_RESPONSE_TYPE, cause_value); @@ -383,7 +397,8 @@ ogs_assert(sess->gnode); s5c_xact = ogs_gtp_xact_local_create( - sess->gnode, &send_message.h, pkbuf, sess_timeout, sess); + sess->gnode, &send_message.h, pkbuf, sess_timeout, + OGS_UINT_TO_POINTER(sess->id)); if (!s5c_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return; @@ -427,7 +442,8 @@ ogs_assert(sess->gnode); s5c_xact = ogs_gtp_xact_local_create( - sess->gnode, &recv_message->h, pkbuf, sess_timeout, sess); + sess->gnode, &recv_message->h, pkbuf, sess_timeout, + OGS_UINT_TO_POINTER(sess->id)); if (!s5c_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return; @@ -475,31 +491,41 @@ if (flags & OGS_PFCP_MODIFY_SESSION) { if (!sess) { + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; + ogs_error("No Context"); - sess = pfcp_xact->data; + sess_id = OGS_POINTER_TO_UINT(pfcp_xact->data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && + sess_id <= OGS_MAX_POOL_ID); + + sess = sgwc_sess_find_by_id(sess_id); ogs_assert(sess); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); } else { - bearer = pfcp_xact->data; + ogs_pool_id_t bearer_id = OGS_POINTER_TO_UINT(pfcp_xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); + + bearer = sgwc_bearer_find_by_id(bearer_id); ogs_assert(bearer); if (!sess) { ogs_error("No Context"); - sess = bearer->sess; + sess = sgwc_sess_find_by_id(bearer->sess_id); ogs_assert(sess); cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } - sgwc_ue = bearer->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(bearer->sgwc_ue_id); ogs_assert(sgwc_ue); } @@ -578,7 +604,7 @@ * } */ if (flags & OGS_PFCP_MODIFY_REMOVE) { - s5c_xact = pfcp_xact->assoc_xact; + s5c_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); if (s5c_xact) { ogs_gtp_send_error_message( @@ -588,7 +614,7 @@ sgwc_bearer_remove(bearer); } else if (flags & OGS_PFCP_MODIFY_CREATE) { - s5c_xact = pfcp_xact->assoc_xact; + s5c_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s5c_xact); ogs_gtp_send_error_message( @@ -598,7 +624,7 @@ } else if (flags & OGS_PFCP_MODIFY_ACTIVATE) { if (flags & OGS_PFCP_MODIFY_UL_ONLY) { - s11_xact = pfcp_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s11_xact); ogs_gtp_send_error_message( @@ -606,7 +632,7 @@ OGS_GTP2_CREATE_SESSION_RESPONSE_TYPE, cause_value); } else if (flags & OGS_PFCP_MODIFY_DL_ONLY) { - s11_xact = pfcp_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s11_xact); ogs_gtp_send_error_message( @@ -617,7 +643,7 @@ ogs_assert_if_reached(); } } else if (flags & OGS_PFCP_MODIFY_DEACTIVATE) { - s11_xact = pfcp_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s11_xact); ogs_gtp_send_error_message( @@ -652,7 +678,7 @@ */ if (flags & OGS_PFCP_MODIFY_REMOVE) { if (flags & OGS_PFCP_MODIFY_INDIRECT) { - s11_xact = pfcp_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s11_xact); ogs_pfcp_xact_commit(pfcp_xact); @@ -713,7 +739,7 @@ } } else { - s5c_xact = pfcp_xact->assoc_xact; + s5c_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_pfcp_xact_commit(pfcp_xact); @@ -746,7 +772,7 @@ ogs_gtp2_create_bearer_request_t *gtp_req = NULL; ogs_gtp2_f_teid_t sgw_s1u_teid; - s5c_xact = pfcp_xact->assoc_xact; + s5c_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s5c_xact); ogs_pfcp_xact_commit(pfcp_xact); @@ -780,7 +806,8 @@ ogs_assert(sgwc_ue->gnode); ogs_assert(bearer); s11_xact = ogs_gtp_xact_local_create(sgwc_ue->gnode, - &recv_message->h, pkbuf, bearer_timeout, bearer); + &recv_message->h, pkbuf, bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!s11_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return; @@ -796,7 +823,7 @@ ogs_gtp2_create_bearer_response_t *gtp_rsp = NULL; ogs_gtp2_f_teid_t sgw_s5u_teid, pgw_s5u_teid; - s5c_xact = pfcp_xact->assoc_xact; + s5c_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s5c_xact); ogs_pfcp_xact_commit(pfcp_xact); @@ -854,7 +881,7 @@ ogs_expect(rv == OGS_OK); } else if (flags & OGS_PFCP_MODIFY_INDIRECT) { - s11_xact = pfcp_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s11_xact); ogs_pfcp_xact_commit(pfcp_xact); @@ -987,7 +1014,7 @@ } else if (flags & OGS_PFCP_MODIFY_ACTIVATE) { OGS_LIST(bearer_to_modify_list); - s11_xact = pfcp_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s11_xact); ogs_list_copy(&bearer_to_modify_list, @@ -1094,7 +1121,7 @@ ogs_assert(sess->gnode); s5c_xact = ogs_gtp_xact_local_create( sess->gnode, &recv_message->h, pkbuf, - sess_timeout, sess); + sess_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!s5c_xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return; @@ -1194,7 +1221,7 @@ } else if (flags & OGS_PFCP_MODIFY_DEACTIVATE) { if (flags & OGS_PFCP_MODIFY_ERROR_INDICATION) { /* It's faked method for receiving `bearer` context */ - bearer = pfcp_xact->assoc_xact; + bearer = sgwc_bearer_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(bearer); ogs_pfcp_xact_commit(pfcp_xact); @@ -1208,7 +1235,7 @@ } } else { - s11_xact = pfcp_xact->assoc_xact; + s11_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(s11_xact); ogs_pfcp_xact_commit(pfcp_xact); @@ -1293,7 +1320,7 @@ cause_value = OGS_GTP2_CAUSE_MANDATORY_IE_MISSING; } - gtp_xact = pfcp_xact->assoc_xact; + gtp_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_pfcp_xact_commit(pfcp_xact); @@ -1314,7 +1341,7 @@ * 1. MME sends Delete Session Request to SGW/SMF. * 2. SMF sends Delete Session Response to SGW/MME. */ - if (sess) sgwc_ue = sess->sgwc_ue; + if (sess) sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); teid = sgwc_ue ? sgwc_ue->mme_s11_teid : 0; break; case OGS_GTP2_DELETE_BEARER_RESPONSE_TYPE: @@ -1347,7 +1374,7 @@ } ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); if (gtp_xact) { @@ -1377,10 +1404,7 @@ } cleanup: - if (sgwc_sess_cycle(sess)) - sgwc_sess_remove(sess); - else - ogs_error("Session has already been removed"); + sgwc_sess_remove(sess); } void sgwc_sxa_handle_session_report_request( @@ -1426,7 +1450,7 @@ } ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; + sgwc_ue = sgwc_ue_find_by_id(sess->sgwc_ue_id); ogs_assert(sgwc_ue); if (!sgwc_ue->gnode) { @@ -1476,7 +1500,7 @@ if (far) { tunnel = sgwc_tunnel_find_by_far_id(sess, far->id); ogs_assert(tunnel); - bearer = tunnel->bearer; + bearer = sgwc_bearer_find_by_id(tunnel->bearer_id); ogs_assert(bearer); if (far->dst_if == OGS_PFCP_INTERFACE_ACCESS) { ogs_warn("%s Error Indication from eNB", sgwc_ue->imsi_bcd); @@ -1485,7 +1509,7 @@ sgwc_pfcp_send_session_modification_request(sess, /* We only use the `assoc_xact` parameter temporarily here * to pass the `bearer` context. */ - (ogs_gtp_xact_t *)bearer, + bearer->id, NULL, OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_DEACTIVATE| OGS_PFCP_MODIFY_ERROR_INDICATION)); @@ -1496,13 +1520,14 @@ sgwc_ue->imsi_bcd); ogs_assert(OGS_OK == sgwc_pfcp_send_session_deletion_request( - sess, NULL, NULL)); + sess, OGS_INVALID_POOL_ID, NULL)); } else { ogs_error("%s Error Indication(Dedicated Bearer) " "from SMF", sgwc_ue->imsi_bcd); ogs_assert(OGS_OK == sgwc_pfcp_send_bearer_modification_request( - bearer, NULL, NULL, OGS_PFCP_MODIFY_REMOVE)); + bearer, OGS_INVALID_POOL_ID, NULL, + OGS_PFCP_MODIFY_REMOVE)); } } else { ogs_error("Error Indication Ignored for Indirect Tunnel");
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwu/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwu/context.c
Changed
@@ -141,9 +141,8 @@ ogs_assert(cp_f_seid); - ogs_pool_alloc(&sgwu_sess_pool, &sess); + ogs_pool_id_calloc(&sgwu_sess_pool, &sess); ogs_assert(sess); - memset(sess, 0, sizeof *sess); ogs_pfcp_pool_init(&sess->pfcp); @@ -197,7 +196,7 @@ ogs_pfcp_pool_final(&sess->pfcp); ogs_pool_free(&sgwu_sxa_seid_pool, sess->sgwu_sxa_seid_node); - ogs_pool_free(&sgwu_sess_pool, sess); + ogs_pool_id_free(&sgwu_sess_pool, sess); ogs_info("Removed Number of SGWU-sessions is now %d", ogs_list_count(&self.sess_list)); @@ -238,6 +237,11 @@ return ogs_hash_get(self.sgwu_sxa_seid_hash, &seid, sizeof(seid)); } +sgwu_sess_t *sgwu_sess_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&sgwu_sess_pool, id); +} + sgwu_sess_t *sgwu_sess_add_by_message(ogs_pfcp_message_t *message) { sgwu_sess_t *sess = NULL;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwu/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwu/context.h
Changed
@@ -47,6 +47,7 @@ #define SGWU_SESS(pfcp_sess) ogs_container_of(pfcp_sess, sgwu_sess_t, pfcp) typedef struct sgwu_sess_s { ogs_lnode_t lnode; + ogs_pool_id_t id; ogs_pool_id_t *sgwu_sxa_seid_node; /* A node of SGWU-SXA-SEID */ ogs_pfcp_sess_t pfcp; @@ -74,6 +75,7 @@ sgwu_sess_t *sgwu_sess_find_by_sgwc_sxa_seid(uint64_t seid); sgwu_sess_t *sgwu_sess_find_by_sgwc_sxa_f_seid(ogs_pfcp_f_seid_t *f_seid); sgwu_sess_t *sgwu_sess_find_by_sgwu_sxa_seid(uint64_t seid); +sgwu_sess_t *sgwu_sess_find_by_id(ogs_pool_id_t id); #ifdef __cplusplus }
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwu/event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwu/event.h
Changed
@@ -52,7 +52,7 @@ ogs_gtp_node_t *gnode; ogs_pfcp_node_t *pfcp_node; - ogs_pfcp_xact_t *pfcp_xact; + ogs_pool_id_t pfcp_xact_id; ogs_pfcp_message_t *pfcp_message; sgwu_bearer_t *bearer;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwu/pfcp-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwu/pfcp-path.c
Changed
@@ -267,11 +267,23 @@ static void sess_timeout(ogs_pfcp_xact_t *xact, void *data) { + sgwu_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; uint8_t type; ogs_assert(xact); type = xact->seq0.type; + ogs_assert(data); + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = sgwu_sess_find_by_id(sess_id); + if (!sess) { + ogs_error("Session has already been removed %d", type); + return; + } + switch (type) { case OGS_PFCP_SESSION_REPORT_REQUEST_TYPE: ogs_error("No PFCP session report response"); @@ -297,7 +309,8 @@ h.type = OGS_PFCP_SESSION_REPORT_REQUEST_TYPE; h.seid = sess->sgwc_sxa_f_seid.seid; - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwu/pfcp-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwu/pfcp-sm.c
Changed
@@ -117,7 +117,7 @@ case SGWU_EVT_SXA_MESSAGE: message = e->pfcp_message; ogs_assert(message); - xact = e->pfcp_xact; + xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(xact); switch (message->h.type) { @@ -199,7 +199,7 @@ case SGWU_EVT_SXA_MESSAGE: message = e->pfcp_message; ogs_assert(message); - xact = e->pfcp_xact; + xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(xact); if (message->h.seid_presence && message->h.seid != 0)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/sgwu/sgwu-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/sgwu/sgwu-sm.c
Changed
@@ -82,7 +82,7 @@ } e->pfcp_message = pfcp_message; - e->pfcp_xact = xact; + e->pfcp_xact_id = xact ? xact->id : OGS_INVALID_POOL_ID; ogs_fsm_dispatch(&node->sm, e); if (OGS_FSM_CHECK(&node->sm, sgwu_pfcp_state_exception)) { ogs_error("PFCP state machine exception");
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/binding.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/binding.c
Changed
@@ -26,29 +26,36 @@ static void gtp_bearer_timeout(ogs_gtp_xact_t *xact, void *data) { - smf_bearer_t *bearer = data; + smf_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; smf_sess_t *sess = NULL; smf_ue_t *smf_ue = NULL; uint8_t type = 0; - ogs_assert(bearer); - sess = bearer->sess; + ogs_assert(xact); + type = xact->seq0.type; + + ogs_assert(data); + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); + + bearer = smf_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); - type = xact->seq0.type; - switch (type) { case OGS_GTP2_CREATE_BEARER_REQUEST_TYPE: ogs_error("%s No Create Bearer Response", smf_ue->imsi_bcd); - if (!smf_bearer_cycle(bearer)) { - ogs_warn("%s Bearer has already been removed", smf_ue->imsi_bcd); - break; - } ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_REMOVE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_REMOVE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); break; @@ -348,7 +355,7 @@ ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_CREATE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_CREATE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); } else { @@ -376,7 +383,8 @@ } xact = ogs_gtp_xact_local_create( - sess->gnode, &h, pkbuf, gtp_bearer_timeout, bearer); + sess->gnode, &h, pkbuf, gtp_bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return; @@ -413,7 +421,7 @@ */ ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_DEACTIVATE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); @@ -435,7 +443,7 @@ ogs_gtp2_tft_t tft; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); h.type = OGS_GTP2_CREATE_BEARER_REQUEST_TYPE; @@ -452,7 +460,8 @@ } xact = ogs_gtp_xact_local_create( - sess->gnode, &h, pkbuf, gtp_bearer_timeout, bearer); + sess->gnode, &h, pkbuf, gtp_bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/context.c
Changed
@@ -1003,13 +1003,12 @@ { smf_ue_t *smf_ue = NULL; - ogs_pool_alloc(&smf_ue_pool, &smf_ue); + ogs_pool_id_calloc(&smf_ue_pool, &smf_ue); if (!smf_ue) { ogs_error("Maximum number of smf_ue%lld reached", (long long)ogs_global_conf()->max.ue); return NULL; } - memset(smf_ue, 0, sizeof *smf_ue); ogs_list_init(&smf_ue->sess_list); @@ -1074,7 +1073,7 @@ ogs_hash_set(self.imsi_hash, smf_ue->imsi, smf_ue->imsi_len, NULL); } - ogs_pool_free(&smf_ue_pool, smf_ue); + ogs_pool_id_free(&smf_ue_pool, smf_ue); smf_metrics_inst_global_dec(SMF_METR_GLOB_GAUGE_UES_ACTIVE); ogs_info("Removed Number of SMF-UEs is now %d", @@ -1200,13 +1199,12 @@ ogs_assert(smf_ue); ogs_assert(apn); - ogs_pool_alloc(&smf_sess_pool, &sess); + ogs_pool_id_calloc(&smf_sess_pool, &sess); if (!sess) { ogs_error("Maximum number of session%lld reached", (long long)ogs_app()->pool.sess); return NULL; } - memset(sess, 0, sizeof *sess); ogs_pfcp_pool_init(&sess->pfcp); smf_qfi_pool_init(sess); @@ -1243,10 +1241,10 @@ sess->epc = true; memset(&e, 0, sizeof(e)); - e.sess = sess; + e.sess_id = sess->id; ogs_fsm_init(&sess->sm, smf_gsm_state_initial, smf_gsm_state_final, &e); - sess->smf_ue = smf_ue; + sess->smf_ue_id = smf_ue->id; ogs_list_add(&smf_ue->sess_list, sess); @@ -1412,13 +1410,12 @@ ogs_assert(smf_ue); ogs_assert(psi != OGS_NAS_PDU_SESSION_IDENTITY_UNASSIGNED); - ogs_pool_alloc(&smf_sess_pool, &sess); + ogs_pool_id_calloc(&smf_sess_pool, &sess); if (!sess) { ogs_error("Maximum number of session%lld reached", (long long)ogs_app()->pool.sess); return NULL; } - memset(sess, 0, sizeof *sess); /* SBI Features */ OGS_SBI_FEATURES_SET(sess->smpolicycontrol_features, @@ -1461,10 +1458,10 @@ sess->charging.id = sess->index; memset(&e, 0, sizeof(e)); - e.sess = sess; + e.sess_id = sess->id; ogs_fsm_init(&sess->sm, smf_gsm_state_initial, smf_gsm_state_final, &e); - sess->smf_ue = smf_ue; + sess->smf_ue_id = smf_ue->id; ogs_list_add(&smf_ue->sess_list, sess); @@ -1528,7 +1525,7 @@ uint8_t cause_value = OGS_PFCP_CAUSE_REQUEST_ACCEPTED; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); if (sess->session.session_type == OGS_PDU_SESSION_TYPE_IPV4V6) { @@ -1675,7 +1672,7 @@ char buf2OGS_ADDRSTRLEN; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_info("Removed Session: UE IMSI:%s DNN:%s:%d IPv4:%s IPv6:%s", @@ -1687,7 +1684,7 @@ ogs_list_remove(&smf_ue->sess_list, sess); memset(&e, 0, sizeof(e)); - e.sess = sess; + e.sess_id = sess->id; ogs_fsm_fini(&sess->sm, &e); OGS_TLV_CLEAR_DATA(&sess->gtp.ue_pco); @@ -1799,7 +1796,7 @@ stats_remove_smf_session(sess); ogs_pool_free(&smf_n4_seid_pool, sess->smf_n4_seid_node); - ogs_pool_free(&smf_sess_pool, sess); + ogs_pool_id_free(&smf_sess_pool, sess); } void smf_sess_remove_all(smf_ue_t *smf_ue) @@ -1923,9 +1920,8 @@ ogs_assert(sess); - ogs_pool_alloc(&smf_bearer_pool, &qos_flow); + ogs_pool_id_calloc(&smf_bearer_pool, &qos_flow); ogs_assert(qos_flow); - memset(qos_flow, 0, sizeof *qos_flow); smf_pf_identifier_pool_init(qos_flow); @@ -2022,7 +2018,7 @@ qos_flow->qfi = ul_pdr->qfi = qer->qfi = *(qos_flow->qfi_node); - qos_flow->sess = sess; + qos_flow->sess_id = sess->id; ogs_list_add(&sess->bearer_list, qos_flow); smf_metrics_inst_by_5qi_add(&sess->serving_plmn_id, &sess->s_nssai, @@ -2364,9 +2360,8 @@ ogs_assert(sess); - ogs_pool_alloc(&smf_bearer_pool, &bearer); + ogs_pool_id_calloc(&smf_bearer_pool, &bearer); ogs_assert(bearer); - memset(bearer, 0, sizeof *bearer); smf_pf_identifier_pool_init(bearer); @@ -2435,7 +2430,7 @@ ul_far->apply_action = OGS_PFCP_APPLY_ACTION_FORW; - bearer->sess = sess; + bearer->sess_id = sess->id; ogs_list_add(&sess->bearer_list, bearer); @@ -2445,10 +2440,12 @@ int smf_bearer_remove(smf_bearer_t *bearer) { + smf_sess_t *sess = NULL; ogs_assert(bearer); - ogs_assert(bearer->sess); + sess = smf_sess_find_by_id(bearer->sess_id); + ogs_assert(sess); - ogs_list_remove(&bearer->sess->bearer_list, bearer); + ogs_list_remove(&sess->bearer_list, bearer); ogs_assert(bearer->dl_pdr); ogs_pfcp_pdr_remove(bearer->dl_pdr); @@ -2477,9 +2474,9 @@ smf_pf_identifier_pool_final(bearer); if (SMF_IS_QOF_FLOW(bearer)) - ogs_pool_free(&bearer->sess->qfi_pool, bearer->qfi_node); + ogs_pool_free(&sess->qfi_pool, bearer->qfi_node); - ogs_pool_free(&smf_bearer_pool, bearer); + ogs_pool_id_free(&smf_bearer_pool, bearer); smf_metrics_inst_global_dec(SMF_METR_GLOB_GAUGE_BEARERS_ACTIVE); return OGS_OK; @@ -2614,7 +2611,7 @@ ogs_pfcp_qer_t *qer = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); dl_pdr = bearer->dl_pdr; @@ -2644,24 +2641,29 @@ return ogs_list_first(&sess->bearer_list); } -smf_ue_t *smf_ue_cycle(smf_ue_t *smf_ue) +smf_ue_t *smf_ue_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&smf_ue_pool, id); +} + +smf_sess_t *smf_sess_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&smf_ue_pool, smf_ue); + return ogs_pool_find_by_id(&smf_sess_pool, id); } -smf_sess_t *smf_sess_cycle(smf_sess_t *sess) +smf_bearer_t *smf_bearer_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&smf_sess_pool, sess); + return ogs_pool_find_by_id(&smf_bearer_pool, id); } -smf_bearer_t *smf_bearer_cycle(smf_bearer_t *bearer) +smf_bearer_t *smf_qos_flow_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&smf_bearer_pool, bearer); + return ogs_pool_find_by_id(&smf_bearer_pool, id); } -smf_bearer_t *smf_qos_flow_cycle(smf_bearer_t *qos_flow) +smf_pf_t *smf_pf_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&smf_bearer_pool, qos_flow); + return ogs_pool_find_by_id(&smf_pf_pool, id); } smf_pf_t *smf_pf_add(smf_bearer_t *bearer) @@ -2670,17 +2672,16 @@ smf_pf_t *pf = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - ogs_pool_alloc(&smf_pf_pool, &pf); + ogs_pool_id_calloc(&smf_pf_pool, &pf); ogs_assert(pf); - memset(pf, 0, sizeof *pf); ogs_pool_alloc(&bearer->pf_identifier_pool, &pf->identifier_node); if (!pf->identifier_node) { ogs_error("smf_pf_add: Expectation `pf->identifier_node' failed"); - ogs_pool_free(&smf_pf_pool, pf); + ogs_pool_id_free(&smf_pf_pool, pf); return NULL; } @@ -2692,7 +2693,7 @@ if (!pf->precedence_node) { ogs_error("smf_pf_add: Expectation `pf->precedence_node' failed"); ogs_pool_free(&bearer->pf_identifier_pool, pf->identifier_node); - ogs_pool_free(&smf_pf_pool, pf); + ogs_pool_id_free(&smf_pf_pool, pf); return NULL; } @@ -2703,7 +2704,7 @@ /* Re-use 'pf_precedence_pool' to generate SDF Filter ID */ pf->sdf_filter_id = *(pf->precedence_node); - pf->bearer = bearer; + pf->bearer_id = bearer->id; ogs_list_add(&bearer->pf_list, pf); @@ -2712,21 +2713,26 @@ int smf_pf_remove(smf_pf_t *pf) { + smf_sess_t *sess = NULL; + smf_bearer_t *bearer = NULL; + ogs_assert(pf); - ogs_assert(pf->bearer); - ogs_assert(pf->bearer->sess); + bearer = smf_bearer_find_by_id(pf->bearer_id); + ogs_assert(bearer); + sess = smf_sess_find_by_id(bearer->sess_id); + ogs_assert(sess); - ogs_list_remove(&pf->bearer->pf_list, pf); + ogs_list_remove(&bearer->pf_list, pf); if (pf->flow_description) ogs_free(pf->flow_description); if (pf->identifier_node) - ogs_pool_free(&pf->bearer->pf_identifier_pool, pf->identifier_node); + ogs_pool_free(&bearer->pf_identifier_pool, pf->identifier_node); if (pf->precedence_node) ogs_pool_free( - &pf->bearer->sess->pf_precedence_pool, pf->precedence_node); + &sess->pf_precedence_pool, pf->precedence_node); - ogs_pool_free(&smf_pf_pool, pf); + ogs_pool_id_free(&smf_pf_pool, pf); return OGS_OK; } @@ -2740,12 +2746,13 @@ smf_pf_remove(pf); } -smf_pf_t *smf_pf_find_by_id(smf_bearer_t *bearer, uint8_t id) +smf_pf_t *smf_pf_find_by_identifier( + smf_bearer_t *bearer, uint8_t identifier) { smf_pf_t *pf = NULL; ogs_list_for_each(&bearer->pf_list, pf) { - if (pf->identifier == id) return pf; + if (pf->identifier == identifier) return pf; } return NULL;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/context.h
Changed
@@ -112,6 +112,7 @@ typedef struct smf_ue_s { ogs_lnode_t lnode; + ogs_pool_id_t id; /* SUPI */ char *supi; @@ -138,7 +139,7 @@ do { \ smf_ue_t *smf_ue = NULL; \ ogs_assert(__sESS); \ - smf_ue = (__sESS)->smf_ue; \ + smf_ue = smf_ue_find_by_id((__sESS)->smf_ue_id); \ ogs_assert(smf_ue); \ smf_metrics_inst_by_slice_add(&(__sESS)->serving_plmn_id, \ &(__sESS)->s_nssai, SMF_METR_GAUGE_SM_SESSIONNBR, -1); \ @@ -155,6 +156,8 @@ ogs_lnode_t lnode; ogs_lnode_t to_add_node; + ogs_pool_id_t id; + ED3(uint8_t spare:2;, uint8_t direction:2;, uint8_t identifier:4;) @@ -169,11 +172,12 @@ ogs_ipfw_rule_t ipfw_rule; char *flow_description; - smf_bearer_t *bearer; + ogs_pool_id_t bearer_id; } smf_pf_t; typedef struct smf_bearer_s { ogs_lnode_t lnode; /**< A node of list_t */ + ogs_pool_id_t id; ogs_lnode_t to_modify_node; ogs_lnode_t to_delete_node; @@ -212,12 +216,13 @@ uint8_t num_of_pf_to_delete; uint8_t pf_to_deleteOGS_MAX_NUM_OF_FLOW_IN_NAS; - smf_sess_t *sess; + ogs_pool_id_t sess_id; } smf_bearer_t; #define SMF_SESS(pfcp_sess) ogs_container_of(pfcp_sess, smf_sess_t, pfcp) typedef struct smf_sess_s { ogs_sbi_object_t sbi; + ogs_pool_id_t id; uint32_t index; /* An index of this node */ ogs_pool_id_t *smf_n4_seid_node; /* A node of SMF-N4-SEID */ @@ -464,7 +469,7 @@ ogs_gtp_node_t *gnode; ogs_pfcp_node_t *pfcp_node; - smf_ue_t *smf_ue; + ogs_pool_id_t smf_ue_id; bool n1_released; bool n2_released; @@ -544,15 +549,17 @@ void smf_bearer_tft_update(smf_bearer_t *bearer); void smf_bearer_qos_update(smf_bearer_t *bearer); -smf_ue_t *smf_ue_cycle(smf_ue_t *smf_ue); -smf_sess_t *smf_sess_cycle(smf_sess_t *sess); -smf_bearer_t *smf_qos_flow_cycle(smf_bearer_t *qos_flow); -smf_bearer_t *smf_bearer_cycle(smf_bearer_t *bearer); +smf_ue_t *smf_ue_find_by_id(ogs_pool_id_t id); +smf_sess_t *smf_sess_find_by_id(ogs_pool_id_t id); +smf_bearer_t *smf_bearer_find_by_id(ogs_pool_id_t id); +smf_bearer_t *smf_qos_flow_find_by_id(ogs_pool_id_t id); +smf_pf_t *smf_pf_find_by_id(ogs_pool_id_t id); smf_pf_t *smf_pf_add(smf_bearer_t *bearer); int smf_pf_remove(smf_pf_t *pf); void smf_pf_remove_all(smf_bearer_t *bearer); -smf_pf_t *smf_pf_find_by_id(smf_bearer_t *smf_bearer, uint8_t id); +smf_pf_t *smf_pf_find_by_identifier( + smf_bearer_t *bearer, uint8_t identifier); smf_pf_t *smf_pf_find_by_flow( smf_bearer_t *bearer, uint8_t direction, char *flow_description); smf_pf_t *smf_pf_first(smf_bearer_t *bearer);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/event.h
Changed
@@ -72,10 +72,10 @@ ogs_pkbuf_t *pkbuf; smf_gtp_node_t *gnode; - ogs_gtp_xact_t *gtp_xact; + ogs_pool_id_t gtp_xact_id; ogs_pfcp_node_t *pfcp_node; - ogs_pfcp_xact_t *pfcp_xact; + ogs_pool_id_t pfcp_xact_id; ogs_pfcp_message_t *pfcp_message; union { @@ -99,7 +99,7 @@ ogs_nas_5gs_message_t *message; } nas; - smf_sess_t *sess; + ogs_pool_id_t sess_id; } smf_event_t; OGS_STATIC_ASSERT(OGS_EVENT_SIZE >= sizeof(smf_event_t));
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/fd-path.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/fd-path.h
Changed
@@ -38,9 +38,9 @@ int smf_s6b_init(void); void smf_s6b_final(void); -void smf_gx_send_ccr(smf_sess_t *sess, ogs_gtp_xact_t *xact, +void smf_gx_send_ccr(smf_sess_t *sess, ogs_pool_id_t xact_id, uint32_t cc_request_type); -void smf_gy_send_ccr(smf_sess_t *sess, void *xact, +void smf_gy_send_ccr(smf_sess_t *sess, ogs_pool_id_t xact_id, uint32_t cc_request_type); void smf_s6b_send_aar(smf_sess_t *sess, ogs_gtp_xact_t *xact);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/gn-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/gn-handler.c
Changed
@@ -118,7 +118,7 @@ if (cause_value != OGS_GTP1_CAUSE_REQUEST_ACCEPTED) return cause_value; - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); /* Store NSAPI */ @@ -383,7 +383,7 @@ } ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug(" SGW_S5C_TEID0x%x SMF_N4_TEID0x%x", @@ -485,7 +485,7 @@ h.teid = sess->sgw_s5c_teid; /* Set bearer so it's accessible later when handling PFCP Session Modification Response */ - xact->data = bearer; + xact->data = OGS_UINT_TO_POINTER(bearer->id); /* Update remote TEID and GTP-U IP address on the UPF. UpdatePDPContextResp * will be sent when UPF answers back this request @@ -509,7 +509,7 @@ } } - rv = smf_epc_pfcp_send_all_pdr_modification_request(sess, xact, NULL, + rv = smf_epc_pfcp_send_all_pdr_modification_request(sess, xact->id, NULL, OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_ACTIVATE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP1_CAUSE_REACTIACTION_REQUESTED);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/gsm-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/gsm-handler.c
Changed
@@ -212,7 +212,7 @@ ogs_pkbuf_t *n1smbuf = NULL; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(stream); ogs_assert(pdu_session_modification_request); @@ -256,7 +256,7 @@ for (j = 0; j < qos_rulei.num_of_packet_filter && j < OGS_MAX_NUM_OF_FLOW_IN_NAS; j++) { - pf = smf_pf_find_by_id( + pf = smf_pf_find_by_identifier( qos_flow, qos_rulei.pfj.identifier+1); if (pf) { ogs_assert( @@ -328,7 +328,7 @@ for (j = 0; j < qos_rulei.num_of_packet_filter && j < OGS_MAX_NUM_OF_FLOW_IN_NAS; j++) { - pf = smf_pf_find_by_id( + pf = smf_pf_find_by_identifier( qos_flow, qos_rulei.pfj.identifier+1); if (!pf) pf = smf_pf_add(qos_flow); @@ -405,7 +405,7 @@ for (j = 0; j < qos_rulei.num_of_packet_filter && j < OGS_MAX_NUM_OF_FLOW_IN_NAS; j++) { - pf = smf_pf_find_by_id( + pf = smf_pf_find_by_identifier( qos_flow, qos_rulei.pfj.identifier+1); if (pf) { qos_flow->pf_to_delete
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/gsm-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/gsm-sm.c
Changed
@@ -1,6 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> - + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -89,7 +88,7 @@ OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE, gtp_cause); } -static bool send_ccr_init_req_gx_gy(smf_sess_t *sess, smf_event_t *e) +static bool send_ccr_init_req_gx_gy(smf_sess_t *sess, ogs_gtp_xact_t *gtp_xact) { int use_gy = smf_use_gy_iface(); @@ -97,28 +96,31 @@ ogs_error("No Gy Diameter Peer"); /* TODO: drop Gx connection here, * possibly move to another "releasing" state! */ - uint8_t gtp_cause = (e->gtp_xact->gtp_version == 1) ? + uint8_t gtp_cause = (gtp_xact->gtp_version == 1) ? OGS_GTP1_CAUSE_NO_RESOURCES_AVAILABLE : OGS_GTP2_CAUSE_UE_NOT_AUTHORISED_BY_OCS_OR_EXTERNAL_AAA_SERVER; - send_gtp_create_err_msg(sess, e->gtp_xact, gtp_cause); + send_gtp_create_err_msg(sess, gtp_xact, gtp_cause); return false; } sess->sm_data.gx_ccr_init_in_flight = true; - smf_gx_send_ccr(sess, e->gtp_xact, - OGS_DIAM_GX_CC_REQUEST_TYPE_INITIAL_REQUEST); + smf_gx_send_ccr( + sess, gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID, + OGS_DIAM_GX_CC_REQUEST_TYPE_INITIAL_REQUEST); if (use_gy == 1) { /* Gy is available, * set up session for the bearer before accepting it towards the UE */ sess->sm_data.gy_ccr_init_in_flight = true; - smf_gy_send_ccr(sess, e->gtp_xact, - OGS_DIAM_GY_CC_REQUEST_TYPE_INITIAL_REQUEST); + smf_gy_send_ccr( + sess, gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID, + OGS_DIAM_GY_CC_REQUEST_TYPE_INITIAL_REQUEST); } return true; } -static bool send_ccr_termination_req_gx_gy_s6b(smf_sess_t *sess, smf_event_t *e) +static bool send_ccr_termination_req_gx_gy_s6b( + smf_sess_t *sess, ogs_gtp_xact_t *gtp_xact) { /* TODO: we should take into account here whether "sess" has an active Gy session created, not whether one was supposedly created as per policy */ @@ -128,29 +130,31 @@ ogs_error("No Gy Diameter Peer"); /* TODO: drop Gx connection here, * possibly move to another "releasing" state! */ - uint8_t gtp_cause = (e->gtp_xact->gtp_version == 1) ? + uint8_t gtp_cause = (gtp_xact->gtp_version == 1) ? OGS_GTP1_CAUSE_NO_RESOURCES_AVAILABLE : OGS_GTP2_CAUSE_UE_NOT_AUTHORISED_BY_OCS_OR_EXTERNAL_AAA_SERVER; - send_gtp_delete_err_msg(sess, e->gtp_xact, gtp_cause); + send_gtp_delete_err_msg(sess, gtp_xact, gtp_cause); return false; } if (sess->gtp_rat_type == OGS_GTP2_RAT_TYPE_WLAN) { sess->sm_data.s6b_str_in_flight = true; - smf_s6b_send_str(sess, e->gtp_xact, + smf_s6b_send_str(sess, gtp_xact, OGS_DIAM_TERMINATION_CAUSE_DIAMETER_LOGOUT); } sess->sm_data.gx_ccr_term_in_flight = true; - smf_gx_send_ccr(sess, e->gtp_xact, - OGS_DIAM_GX_CC_REQUEST_TYPE_TERMINATION_REQUEST); + smf_gx_send_ccr( + sess, gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID, + OGS_DIAM_GX_CC_REQUEST_TYPE_TERMINATION_REQUEST); if (use_gy == 1) { /* Gy is available, * set up session for the bearer before accepting it towards the UE */ sess->sm_data.gy_ccr_term_in_flight = true; - smf_gy_send_ccr(sess, e->gtp_xact, - OGS_DIAM_GY_CC_REQUEST_TYPE_TERMINATION_REQUEST); + smf_gy_send_ccr( + sess, gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID, + OGS_DIAM_GY_CC_REQUEST_TYPE_TERMINATION_REQUEST); } return true; } @@ -165,10 +169,12 @@ ogs_gtp1_message_t *gtp1_message = NULL; ogs_gtp2_message_t *gtp2_message = NULL; uint8_t gtp1_cause, gtp2_cause; + ogs_gtp_xact_t *gtp_xact = NULL; ogs_nas_5gs_message_t *nas_message = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *sbi_message = NULL; ogs_assert(s); @@ -176,7 +182,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -196,17 +202,18 @@ case SMF_EVT_GN_MESSAGE: gtp1_message = e->gtp1_message; ogs_assert(gtp1_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(gtp1_message->h.type) { case OGS_GTP1_CREATE_PDP_CONTEXT_REQUEST_TYPE: gtp1_cause = smf_gn_handle_create_pdp_context_request(sess, - e->gtp_xact, + gtp_xact, &e->gtp1_message->create_pdp_context_request); if (gtp1_cause != OGS_GTP1_CAUSE_REQUEST_ACCEPTED) { - send_gtp_create_err_msg(sess, e->gtp_xact, gtp1_cause); + send_gtp_create_err_msg(sess, gtp_xact, gtp1_cause); return; } - if (send_ccr_init_req_gx_gy(sess, e) == true) + if (send_ccr_init_req_gx_gy(sess, gtp_xact) == true) OGS_FSM_TRAN(s, smf_gsm_state_wait_epc_auth_initial); } break; @@ -214,23 +221,24 @@ case SMF_EVT_S5C_MESSAGE: gtp2_message = e->gtp2_message; ogs_assert(gtp2_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(gtp2_message->h.type) { case OGS_GTP2_CREATE_SESSION_REQUEST_TYPE: gtp2_cause = smf_s5c_handle_create_session_request(sess, - e->gtp_xact, + gtp_xact, &e->gtp2_message->create_session_request); if (gtp2_cause != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { - send_gtp_create_err_msg(sess, e->gtp_xact, gtp2_cause); + send_gtp_create_err_msg(sess, gtp_xact, gtp2_cause); return; } switch (sess->gtp_rat_type) { case OGS_GTP2_RAT_TYPE_EUTRAN: - if (send_ccr_init_req_gx_gy(sess, e) == true) + if (send_ccr_init_req_gx_gy(sess, gtp_xact) == true) OGS_FSM_TRAN(s, smf_gsm_state_wait_epc_auth_initial); break; case OGS_GTP2_RAT_TYPE_WLAN: - smf_s6b_send_aar(sess, e->gtp_xact); + smf_s6b_send_aar(sess, gtp_xact); sess->sm_data.s6b_aar_in_flight = true; OGS_FSM_TRAN(s, smf_gsm_state_wait_epc_auth_initial); /* Gx/Gy Init Req is done after s6b AAR + AAA */ @@ -249,8 +257,16 @@ case OGS_EVENT_SBI_SERVER: sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(sbi_message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NSMF_PDUSESSION) @@ -289,11 +305,19 @@ case SMF_EVT_5GSM_MESSAGE: nas_message = e->nas.message; ogs_assert(nas_message); - stream = e->h.sbi.data; - ogs_assert(stream); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } + switch (nas_message->gsm.h.message_type) { case OGS_NAS_5GS_PDU_SESSION_ESTABLISHMENT_REQUEST: rv = gsm_handle_pdu_session_establishment_request(sess, stream, @@ -339,25 +363,28 @@ uint32_t diam_err; bool need_gy_terminate = false; + ogs_gtp_xact_t *gtp_xact = NULL; + ogs_assert(s); ogs_assert(e); smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { case SMF_EVT_S6B_MESSAGE: s6b_message = e->s6b_message; ogs_assert(s6b_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(s6b_message->cmd_code) { case OGS_DIAM_S6B_CMD_AUTHENTICATION_AUTHORIZATION: sess->sm_data.s6b_aar_in_flight = false; sess->sm_data.s6b_aaa_err = s6b_message->result_code; if (s6b_message->result_code == ER_DIAMETER_SUCCESS) { - send_ccr_init_req_gx_gy(sess, e); + send_ccr_init_req_gx_gy(sess, gtp_xact); return; } goto test_can_proceed; @@ -367,14 +394,15 @@ case SMF_EVT_GX_MESSAGE: gx_message = e->gx_message; ogs_assert(gx_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(gx_message->cmd_code) { case OGS_DIAM_GX_CMD_CODE_CREDIT_CONTROL: switch(gx_message->cc_request_type) { case OGS_DIAM_GX_CC_REQUEST_TYPE_INITIAL_REQUEST: - ogs_assert(e->gtp_xact); + ogs_assert(gtp_xact); diam_err = smf_gx_handle_cca_initial_request(sess, - gx_message, e->gtp_xact); + gx_message, gtp_xact); sess->sm_data.gx_ccr_init_in_flight = false; sess->sm_data.gx_cca_init_err = diam_err; goto test_can_proceed; @@ -386,14 +414,15 @@ case SMF_EVT_GY_MESSAGE: gy_message = e->gy_message; ogs_assert(gy_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(gy_message->cmd_code) { case OGS_DIAM_GY_CMD_CODE_CREDIT_CONTROL: switch(gy_message->cc_request_type) { case OGS_DIAM_GY_CC_REQUEST_TYPE_INITIAL_REQUEST: - ogs_assert(e->gtp_xact); + ogs_assert(gtp_xact); diam_err = smf_gy_handle_cca_initial_request(sess, - gy_message, e->gtp_xact, &need_gy_terminate); + gy_message, gtp_xact, &need_gy_terminate); sess->sm_data.gy_ccr_init_in_flight = false; sess->sm_data.gy_cca_init_err = diam_err; goto test_can_proceed; @@ -419,23 +448,29 @@ if (diam_err == ER_DIAMETER_SUCCESS) { OGS_FSM_TRAN(s, smf_gsm_state_wait_pfcp_establishment); + ogs_assert(gtp_xact); ogs_assert(OGS_OK == smf_epc_pfcp_send_session_establishment_request( - sess, e->gtp_xact, 0)); + sess, + gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID, 0)); } else { /* Tear down Gx/Gy session if its sm_data.*init_err == ER_DIAMETER_SUCCESS */ if (sess->sm_data.gx_cca_init_err == ER_DIAMETER_SUCCESS) { sess->sm_data.gx_ccr_term_in_flight = true; - smf_gx_send_ccr(sess, e->gtp_xact, OGS_DIAM_GX_CC_REQUEST_TYPE_TERMINATION_REQUEST); + smf_gx_send_ccr( + sess, gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID, + OGS_DIAM_GX_CC_REQUEST_TYPE_TERMINATION_REQUEST); } if (smf_use_gy_iface() == 1 && (sess->sm_data.gy_cca_init_err == ER_DIAMETER_SUCCESS || need_gy_terminate)) { sess->sm_data.gy_ccr_term_in_flight = true; - smf_gy_send_ccr(sess, e->gtp_xact, OGS_DIAM_GY_CC_REQUEST_TYPE_TERMINATION_REQUEST); + smf_gy_send_ccr( + sess, gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID, + OGS_DIAM_GY_CC_REQUEST_TYPE_TERMINATION_REQUEST); } uint8_t gtp_cause = gtp_cause_from_diameter( - e->gtp_xact->gtp_version, diam_err, NULL); - send_gtp_create_err_msg(sess, e->gtp_xact, gtp_cause); + gtp_xact->gtp_version, diam_err, NULL); + send_gtp_create_err_msg(sess, gtp_xact, gtp_cause); } } } @@ -447,6 +482,7 @@ smf_sess_t *sess = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *sbi_message = NULL; int state = 0; @@ -456,7 +492,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -469,13 +505,20 @@ sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); SWITCH(sbi_message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NUDM_SDM) - stream = e->h.sbi.data; - ogs_assert(stream); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(sbi_message->h.resource.component1) CASE(OGS_SBI_RESOURCE_NAME_SM_DATA) @@ -601,7 +644,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -609,7 +652,7 @@ break; case SMF_EVT_N4_MESSAGE: - pfcp_xact = e->pfcp_xact; + pfcp_xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(pfcp_xact); pfcp_message = e->pfcp_message; ogs_assert(pfcp_message); @@ -617,7 +660,8 @@ switch (pfcp_message->h.type) { case OGS_PFCP_SESSION_ESTABLISHMENT_RESPONSE_TYPE: if (pfcp_xact->epc) { - ogs_gtp_xact_t *gtp_xact = pfcp_xact->assoc_xact; + ogs_gtp_xact_t *gtp_xact = + ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); ogs_assert(gtp_xact); pfcp_cause = smf_epc_n4_handle_session_establishment_response( @@ -627,31 +671,28 @@ /* FIXME: tear down Gy and Gx */ gtp_cause = gtp_cause_from_pfcp( pfcp_cause, gtp_xact->gtp_version); - send_gtp_create_err_msg(sess, e->gtp_xact, gtp_cause); + send_gtp_create_err_msg(sess, gtp_xact, gtp_cause); return; } - gtp_xact = pfcp_xact->assoc_xact; - if (gtp_xact) { - switch (gtp_xact->gtp_version) { - case 1: - rv = smf_gtp1_send_create_pdp_context_response( - sess, gtp_xact); - break; - case 2: - rv = smf_gtp2_send_create_session_response( - sess, gtp_xact); - break; - default: - rv = OGS_ERROR; - break; - } - /* If no CreatePDPCtxResp can be sent, - * then tear down the session: */ - if (rv != OGS_OK) { - OGS_FSM_TRAN(s, smf_gsm_state_wait_pfcp_deletion); - return; - } + switch (gtp_xact->gtp_version) { + case 1: + rv = smf_gtp1_send_create_pdp_context_response( + sess, gtp_xact); + break; + case 2: + rv = smf_gtp2_send_create_session_response( + sess, gtp_xact); + break; + default: + rv = OGS_ERROR; + break; + } + /* If no CreatePDPCtxResp can be sent, + * then tear down the session: */ + if (rv != OGS_OK) { + OGS_FSM_TRAN(s, smf_gsm_state_wait_pfcp_deletion); + return; } if (sess->gtp_rat_type == OGS_GTP2_RAT_TYPE_WLAN) { @@ -735,8 +776,10 @@ ogs_nas_5gs_message_t *nas_message = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *sbi_message = NULL; + ogs_gtp_xact_t *gtp_xact = NULL; ogs_gtp1_message_t *gtp1_message = NULL; ogs_gtp2_message_t *gtp2_message = NULL; uint8_t gtp1_cause, gtp2_cause; @@ -750,7 +793,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -763,14 +806,15 @@ case SMF_EVT_GN_MESSAGE: gtp1_message = e->gtp1_message; ogs_assert(gtp1_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(gtp1_message->h.type) { case OGS_GTP1_DELETE_PDP_CONTEXT_REQUEST_TYPE: gtp1_cause = smf_gn_handle_delete_pdp_context_request(sess, - e->gtp_xact, + gtp_xact, >p1_message->delete_pdp_context_request); if (gtp1_cause != OGS_GTP1_CAUSE_REQUEST_ACCEPTED) { - ogs_gtp1_send_error_message(e->gtp_xact, sess->sgw_s5c_teid, + ogs_gtp1_send_error_message(gtp_xact, sess->sgw_s5c_teid, OGS_GTP1_DELETE_PDP_CONTEXT_RESPONSE_TYPE, gtp1_cause); return; } @@ -781,14 +825,15 @@ case SMF_EVT_S5C_MESSAGE: gtp2_message = e->gtp2_message; ogs_assert(gtp2_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(gtp2_message->h.type) { case OGS_GTP2_DELETE_SESSION_REQUEST_TYPE: gtp2_cause = smf_s5c_handle_delete_session_request( - sess, e->gtp_xact, + sess, gtp_xact, >p2_message->delete_session_request); if (gtp2_cause != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { - ogs_gtp2_send_error_message(e->gtp_xact, sess->sgw_s5c_teid, + ogs_gtp2_send_error_message(gtp_xact, sess->sgw_s5c_teid, OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE, gtp2_cause); return; } @@ -796,9 +841,8 @@ break; case OGS_GTP2_DELETE_BEARER_RESPONSE_TYPE: release = smf_s5c_handle_delete_bearer_response( - sess, e->gtp_xact, &e->gtp2_message->delete_bearer_response); + sess, gtp_xact, &e->gtp2_message->delete_bearer_response); if (release) { - e->gtp_xact = NULL; OGS_FSM_TRAN(s, smf_gsm_state_wait_pfcp_deletion); } break; @@ -809,7 +853,7 @@ break; case SMF_EVT_N4_MESSAGE: - pfcp_xact = e->pfcp_xact; + pfcp_xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(pfcp_xact); pfcp_message = e->pfcp_message; ogs_assert(pfcp_message); @@ -856,13 +900,15 @@ case SMF_EVT_GY_MESSAGE: gy_message = e->gy_message; ogs_assert(gy_message); + pfcp_xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); switch(gy_message->cmd_code) { case OGS_DIAM_GY_CMD_CODE_CREDIT_CONTROL: switch (gy_message->cc_request_type) { case OGS_DIAM_GY_CC_REQUEST_TYPE_UPDATE_REQUEST: - ogs_assert(e->pfcp_xact); - diam_err = smf_gy_handle_cca_update_request(sess, gy_message, e->pfcp_xact); + ogs_assert(pfcp_xact); + diam_err = smf_gy_handle_cca_update_request( + sess, gy_message, pfcp_xact); if (diam_err != ER_DIAMETER_SUCCESS) OGS_FSM_TRAN(s, smf_gsm_state_wait_pfcp_deletion); break; @@ -874,8 +920,16 @@ case OGS_EVENT_SBI_SERVER: sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(sbi_message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NSMF_PDUSESSION) @@ -913,12 +967,15 @@ sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); SWITCH(sbi_message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NPCF_SMPOLICYCONTROL) - stream = e->h.sbi.data; + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + if (stream_id >= OGS_MIN_POOL_ID && stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(stream_id); + state = e->h.sbi.state; SWITCH(sbi_message->h.resource.component0) @@ -1062,11 +1119,19 @@ case SMF_EVT_5GSM_MESSAGE: nas_message = e->nas.message; ogs_assert(nas_message); - stream = e->h.sbi.data; - ogs_assert(stream); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } + switch (nas_message->gsm.h.message_type) { case OGS_NAS_5GS_PDU_SESSION_MODIFICATION_REQUEST: rv = gsm_handle_pdu_session_modification_request(sess, stream, @@ -1128,14 +1193,22 @@ break; case SMF_EVT_NGAP_MESSAGE: - stream = e->h.sbi.data; - ogs_assert(stream); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); pkbuf = e->pkbuf; ogs_assert(pkbuf); ogs_assert(e->ngap.type); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } + switch (e->ngap.type) { case OpenAPI_n2_sm_info_type_PDU_RES_SETUP_RSP: rv = ngap_handle_pdu_session_resource_setup_response_transfer( @@ -1263,6 +1336,7 @@ smf_sess_t *sess = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *sbi_message = NULL; ogs_pfcp_xact_t *pfcp_xact = NULL; @@ -1276,7 +1350,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -1285,12 +1359,21 @@ * we'll use `sess->epc` */ if (sess->epc) { /* EPC */ + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); ogs_assert(OGS_OK == - smf_epc_pfcp_send_session_deletion_request(sess, e->gtp_xact)); + smf_epc_pfcp_send_session_deletion_request( + sess, gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID)); } else { /* 5GC */ - stream = e->h.sbi.data; - ogs_assert(stream); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } ogs_assert(OGS_OK == smf_5gc_pfcp_send_session_deletion_request( @@ -1306,7 +1389,7 @@ break; /* ignore */ case SMF_EVT_N4_MESSAGE: - pfcp_xact = e->pfcp_xact; + pfcp_xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(pfcp_xact); pfcp_message = e->pfcp_message; ogs_assert(pfcp_message); @@ -1314,7 +1397,7 @@ switch (pfcp_message->h.type) { case OGS_PFCP_SESSION_DELETION_RESPONSE_TYPE: if (pfcp_xact->epc) { - gtp_xact = pfcp_xact->assoc_xact; + gtp_xact = ogs_gtp_xact_find_by_id(pfcp_xact->assoc_xact_id); pfcp_cause = smf_epc_n4_handle_session_deletion_response( sess, pfcp_xact, @@ -1327,14 +1410,18 @@ send_gtp_delete_err_msg(sess, gtp_xact, gtp_cause); break; } - e->gtp_xact = gtp_xact; - if (send_ccr_termination_req_gx_gy_s6b(sess, e) == true) + if (send_ccr_termination_req_gx_gy_s6b( + sess, gtp_xact) == true) OGS_FSM_TRAN(s, smf_gsm_state_wait_epc_auth_release); /* else: free session? */ } else { int trigger; - stream = pfcp_xact->assoc_stream; + if (pfcp_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + pfcp_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id( + pfcp_xact->assoc_stream_id); + trigger = pfcp_xact->delete_trigger; ogs_assert(trigger); @@ -1422,15 +1509,22 @@ sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); SWITCH(sbi_message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NPCF_SMPOLICYCONTROL) ogs_pkbuf_t *n1smbuf = NULL; - stream = e->h.sbi.data; - ogs_assert(stream); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } ogs_error("%s:%d state %d res_status %d", smf_ue->supi, sess->psi, @@ -1462,12 +1556,14 @@ ogs_diam_s6b_message_t *s6b_message = NULL; uint32_t diam_err; + ogs_gtp_xact_t *gtp_xact = NULL; + ogs_assert(s); ogs_assert(e); smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -1486,13 +1582,14 @@ case SMF_EVT_GX_MESSAGE: gx_message = e->gx_message; ogs_assert(gx_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(gx_message->cmd_code) { case OGS_DIAM_GX_CMD_CODE_CREDIT_CONTROL: switch(gx_message->cc_request_type) { case OGS_DIAM_GX_CC_REQUEST_TYPE_TERMINATION_REQUEST: diam_err = smf_gx_handle_cca_termination_request(sess, - gx_message, e->gtp_xact); + gx_message, gtp_xact); sess->sm_data.gx_ccr_term_in_flight = false; sess->sm_data.gx_cca_term_err = diam_err; goto test_can_proceed; @@ -1504,13 +1601,14 @@ case SMF_EVT_GY_MESSAGE: gy_message = e->gy_message; ogs_assert(gy_message); + gtp_xact = ogs_gtp_xact_find_by_id(e->gtp_xact_id); switch(gy_message->cmd_code) { case OGS_DIAM_GY_CMD_CODE_CREDIT_CONTROL: switch(gy_message->cc_request_type) { case OGS_DIAM_GY_CC_REQUEST_TYPE_TERMINATION_REQUEST: diam_err = smf_gy_handle_cca_termination_request(sess, - gy_message, e->gtp_xact); + gy_message, gtp_xact); sess->sm_data.gy_ccr_term_in_flight = false; sess->sm_data.gy_cca_term_err = diam_err; goto test_can_proceed; @@ -1548,26 +1646,26 @@ diam_err = sess->sm_data.s6b_sta_err; /* Initiated by peer request, let's answer: */ - if (e->gtp_xact) { + if (gtp_xact) { if (diam_err == ER_DIAMETER_SUCCESS) { /* * 1. MME sends Delete Session Request to SGW/SMF. * 2. SMF sends Delete Session Response to SGW/MME. */ - switch (e->gtp_xact->gtp_version) { + switch (gtp_xact->gtp_version) { case 1: smf_gtp1_send_delete_pdp_context_response( - sess, e->gtp_xact); + sess, gtp_xact); break; case 2: smf_gtp2_send_delete_session_response( - sess, e->gtp_xact); + sess, gtp_xact); break; } } else { uint8_t gtp_cause = gtp_cause_from_diameter( - e->gtp_xact->gtp_version, diam_err, NULL); - send_gtp_delete_err_msg(sess, e->gtp_xact, gtp_cause); + gtp_xact->gtp_version, diam_err, NULL); + send_gtp_delete_err_msg(sess, gtp_xact, gtp_cause); } } OGS_FSM_TRAN(s, smf_gsm_state_epc_session_will_release); @@ -1586,6 +1684,7 @@ ogs_nas_5gs_message_t *nas_message = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *sbi_message = NULL; ogs_assert(s); @@ -1593,7 +1692,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -1605,8 +1704,16 @@ case OGS_EVENT_SBI_SERVER: sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(sbi_message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NSMF_PDUSESSION) @@ -1644,7 +1751,7 @@ sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); SWITCH(sbi_message->h.service.name) @@ -1669,8 +1776,15 @@ CASE(OGS_SBI_SERVICE_NAME_NPCF_SMPOLICYCONTROL) ogs_pkbuf_t *n1smbuf = NULL; - stream = e->h.sbi.data; - ogs_assert(stream); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } ogs_error("%s:%d state %d res_status %d", smf_ue->supi, sess->psi, @@ -1692,14 +1806,22 @@ break; case SMF_EVT_NGAP_MESSAGE: - stream = e->h.sbi.data; - ogs_assert(stream); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); pkbuf = e->pkbuf; ogs_assert(pkbuf); ogs_assert(e->ngap.type); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } + switch (e->ngap.type) { case OpenAPI_n2_sm_info_type_PDU_RES_SETUP_RSP: /* @@ -1766,11 +1888,19 @@ case SMF_EVT_5GSM_MESSAGE: nas_message = e->nas.message; ogs_assert(nas_message); - stream = e->h.sbi.data; - ogs_assert(stream); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } + switch (nas_message->gsm.h.message_type) { case OGS_NAS_5GS_PDU_SESSION_RELEASE_COMPLETE: ogs_assert(true == ogs_sbi_send_http_status_no_content(stream)); @@ -1815,7 +1945,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -1846,7 +1976,7 @@ sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); SWITCH(sbi_message->h.service.name) @@ -1925,6 +2055,7 @@ smf_sess_t *sess = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *sbi_message = NULL; ogs_assert(s); @@ -1932,7 +2063,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -1945,8 +2076,16 @@ case OGS_EVENT_SBI_SERVER: sbi_message = e->h.sbi.message; ogs_assert(sbi_message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(sbi_message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NSMF_PDUSESSION) @@ -1992,7 +2131,7 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch (e->h.id) { @@ -2019,9 +2158,9 @@ smf_sm_debug(e); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); switch (e->h.id) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/gtp-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/gtp-path.c
Changed
@@ -369,7 +369,7 @@ smf_sess_t *sess = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); memset(&h, 0, sizeof(ogs_gtp1_header_t)); @@ -384,7 +384,8 @@ } xact = ogs_gtp1_xact_local_create( - sess->gnode, &h, pkbuf, bearer_timeout, bearer); + sess->gnode, &h, pkbuf, bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!xact) { ogs_error("ogs_gtp1_xact_local_create() failed"); return OGS_ERROR; @@ -409,7 +410,7 @@ ogs_assert(bearer); ogs_assert(xact); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); memset(&h, 0, sizeof(ogs_gtp1_header_t)); @@ -546,7 +547,7 @@ smf_sess_t *sess = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); memset(&h, 0, sizeof(ogs_gtp2_header_t)); @@ -561,7 +562,8 @@ } xact = ogs_gtp_xact_local_create( - sess->gnode, &h, pkbuf, bearer_timeout, bearer); + sess->gnode, &h, pkbuf, bearer_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!xact) { ogs_error("ogs_gtp_xact_local_create() failed"); return OGS_ERROR; @@ -730,30 +732,36 @@ static void bearer_timeout(ogs_gtp_xact_t *xact, void *data) { - smf_bearer_t *bearer = data; + smf_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; smf_sess_t *sess = NULL; smf_ue_t *smf_ue = NULL; uint8_t type = 0; - ogs_assert(bearer); - sess = bearer->sess; + ogs_assert(xact); + type = xact->seq0.type; + + ogs_assert(data); + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); + + bearer = smf_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); - type = xact->seq0.type; - switch (type) { case OGS_GTP2_DELETE_BEARER_REQUEST_TYPE: ogs_error("%s No Delete Bearer Response", smf_ue->imsi_bcd); - if (!smf_bearer_cycle(bearer)) { - ogs_warn("%s Bearer has already been removed", smf_ue->imsi_bcd); - break; - } - ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_REMOVE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_REMOVE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); break;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/gx-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/gx-path.c
Changed
@@ -29,10 +29,10 @@ os0_t peer_host; /* Peer Host */ #define NUM_CC_REQUEST_SLOT 4 - smf_sess_t *sess; + ogs_pool_id_t sess_id; struct { uint32_t cc_req_no; - ogs_gtp_xact_t *ptr; + ogs_pool_id_t id; } xact_dataNUM_CC_REQUEST_SLOT; uint32_t cc_request_type; @@ -88,7 +88,7 @@ } /* 3GPP TS 29.212 5.6.2 Credit-Control-Request */ -void smf_gx_send_ccr(smf_sess_t *sess, ogs_gtp_xact_t *xact, +void smf_gx_send_ccr(smf_sess_t *sess, ogs_pool_id_t xact_id, uint32_t cc_request_type) { int ret; @@ -112,7 +112,7 @@ ogs_assert(sess); ogs_assert(sess->ipv4 || sess->ipv6); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("Credit-Control-Request"); @@ -198,9 +198,9 @@ sess_data->cc_request_type, sess_data->cc_request_number); /* Update session state */ - sess_data->sess = sess; + sess_data->sess_id = sess->id; req_slot = sess_data->cc_request_number % NUM_CC_REQUEST_SLOT; - sess_data->xact_datareq_slot.ptr = xact; + sess_data->xact_datareq_slot.id = xact_id; sess_data->xact_datareq_slot.cc_req_no = sess_data->cc_request_number; /* Set Origin-Host & Origin-Realm */ @@ -718,7 +718,6 @@ int new; struct msg *req = NULL; smf_event_t *e = NULL; - ogs_gtp_xact_t *xact = NULL; smf_sess_t *sess = NULL; ogs_diam_gx_message_t *gx_message = NULL; uint32_t req_slot, cc_request_number = 0; @@ -767,8 +766,7 @@ ogs_debug(" CC-Request-Number%d", cc_request_number); - xact = sess_data->xact_datareq_slot.ptr; - sess = sess_data->sess; + sess = smf_sess_find_by_id(sess_data->sess_id); ogs_assert(sess_data->xact_datareq_slot.cc_req_no == cc_request_number); ogs_assert(sess); @@ -1039,9 +1037,9 @@ e = smf_event_new(SMF_EVT_GX_MESSAGE); ogs_assert(e); - e->sess = sess; + e->sess_id = sess->id; e->gx_message = gx_message; - e->gtp_xact = xact; + e->gtp_xact_id = sess_data->xact_datareq_slot.id; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { ogs_error("ogs_queue_push() failed:%d", (int)rv); @@ -1166,7 +1164,7 @@ } /* Get Session Information */ - sess = sess_data->sess; + sess = smf_sess_find_by_id(sess_data->sess_id); ogs_assert(sess); ret = fd_msg_browse(qry, MSG_BRW_FIRST_CHILD, &avp, NULL); @@ -1283,7 +1281,7 @@ e = smf_event_new(SMF_EVT_GX_MESSAGE); ogs_assert(e); - e->sess = sess; + e->sess_id = sess->id; e->gx_message = gx_message; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/gy-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/gy-handler.c
Changed
@@ -257,7 +257,7 @@ if (modify_flags) { modify_flags |= OGS_PFCP_MODIFY_URR|OGS_PFCP_MODIFY_UL_ONLY; rv = smf_epc_pfcp_send_all_pdr_modification_request( - sess, pfcp_xact, NULL, modify_flags, + sess, OGS_INVALID_POOL_ID, NULL, modify_flags, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP1_CAUSE_REACTIACTION_REQUESTED); ogs_assert(rv == OGS_OK);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/gy-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/gy-path.c
Changed
@@ -31,11 +31,11 @@ #define NUM_CC_REQUEST_SLOT 4 - smf_sess_t *sess; + ogs_pool_id_t sess_id; struct { uint32_t cc_req_no; bool pfcp; - void *ptr; /* INITIAL: ogs_gtp_xact_t, UPDATE: ogs_pfcp_xact_t */ + ogs_pool_id_t id; /* INITIAL: ogs_gtp_xact_t, UPDATE: ogs_pfcp_xact_t */ } xact_dataNUM_CC_REQUEST_SLOT; uint32_t cc_request_type; uint32_t cc_request_number; @@ -345,6 +345,12 @@ char bufOGS_PLMNIDSTRLEN; char digit; + smf_ue_t *smf_ue = NULL; + + ogs_assert(sess); + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); + ogs_assert(smf_ue); + /* PS-Information, TS 32.299 sec 7.2.158 */ ret = fd_msg_avp_new(ogs_diam_gy_ps_information, 0, &avpch1); ogs_assert(ret == 0); @@ -555,7 +561,7 @@ ret = fd_msg_avp_add(avpch1, MSG_BRW_LAST_CHILD, avpch2); ogs_assert(ret == 0); - if (sess->smf_ue->imeisv_len > 0) { + if (smf_ue->imeisv_len > 0) { /* User-Equipment-Info, 3GPP TS 32.299 7.1.17 */ ret = fd_msg_avp_new(ogs_diam_gy_user_equipment_info, 0, &avpch2); @@ -572,7 +578,7 @@ ret = fd_msg_avp_new(ogs_diam_gy_user_equipment_info_value, 0, &avpch3); ogs_assert(ret == 0); digit = '0'; - val.os.data = (uint8_t*)&sess->smf_ue->imeisv_bcd0; + val.os.data = (uint8_t*)&smf_ue->imeisv_bcd0; val.os.len = 16; ret = fd_msg_avp_setvalue(avpch3, &val); ogs_assert(ret == 0); @@ -610,7 +616,7 @@ } /* 3GPP TS 32.299 6.4.2 Credit-Control-Request message */ -void smf_gy_send_ccr(smf_sess_t *sess, void *xact, +void smf_gy_send_ccr(smf_sess_t *sess, ogs_pool_id_t xact_id, uint32_t cc_request_type) { @@ -630,7 +636,7 @@ ogs_assert(sess); ogs_assert(sess->ipv4 || sess->ipv6); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("GyCredit-Control-Request"); @@ -713,14 +719,14 @@ sess_data->cc_request_type, sess_data->cc_request_number); /* Update session state */ - sess_data->sess = sess; + sess_data->sess_id = sess->id; req_slot = sess_data->cc_request_number % NUM_CC_REQUEST_SLOT; if (cc_request_type == OGS_DIAM_GY_CC_REQUEST_TYPE_UPDATE_REQUEST) sess_data->xact_datareq_slot.pfcp = true; else sess_data->xact_datareq_slot.pfcp = false; sess_data->xact_datareq_slot.cc_req_no = sess_data->cc_request_number; - sess_data->xact_datareq_slot.ptr = xact; + sess_data->xact_datareq_slot.id = xact_id; /* Origin-Host & Origin-Realm */ @@ -958,7 +964,6 @@ int new; struct msg *req = NULL; smf_event_t *e = NULL; - void *xact = NULL; smf_sess_t *sess = NULL; ogs_diam_gy_message_t *gy_message = NULL; uint32_t req_slot, cc_request_number = 0; @@ -1007,9 +1012,8 @@ ogs_debug(" CC-Request-Number%d", cc_request_number); - xact = sess_data->xact_datareq_slot.ptr; ogs_assert(sess_data->xact_datareq_slot.cc_req_no == cc_request_number); - sess = sess_data->sess; + sess = smf_sess_find_by_id(sess_data->sess_id); ogs_assert(sess); gy_message = ogs_calloc(1, sizeof(ogs_diam_gy_message_t)); @@ -1175,15 +1179,13 @@ e = smf_event_new(SMF_EVT_GY_MESSAGE); ogs_assert(e); - e->sess = sess; + e->sess_id = sess->id; e->gy_message = gy_message; - if (gy_message->cc_request_type == OGS_DIAM_GY_CC_REQUEST_TYPE_UPDATE_REQUEST) { - ogs_assert(sess_data->xact_datareq_slot.pfcp == true); - e->pfcp_xact = xact; - } else { - ogs_assert(sess_data->xact_datareq_slot.pfcp == false); - e->gtp_xact = xact; - } + if (sess_data->xact_datareq_slot.pfcp == true) + e->pfcp_xact_id = sess_data->xact_datareq_slot.id; + else + e->gtp_xact_id = sess_data->xact_datareq_slot.id; + rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { ogs_error("ogs_queue_push() failed:%d", (int)rv); @@ -1302,7 +1304,7 @@ } /* Get Session Information */ - sess = sess_data->sess; + sess = smf_sess_find_by_id(sess_data->sess_id); ogs_assert(sess); /* TODO: parsing of msg into gy_message */ @@ -1311,7 +1313,7 @@ e = smf_event_new(SMF_EVT_GY_MESSAGE); ogs_assert(e); - e->sess = sess; + e->sess_id = sess->id; e->gy_message = gy_message; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/n4-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/n4-build.c
Changed
@@ -44,7 +44,7 @@ ogs_debug("Session Establishment Request"); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(xact);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/n4-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/n4-handler.c
Changed
@@ -258,15 +258,16 @@ ogs_assert(flags); /* 'stream' could be NULL in smf_qos_flow_binding() */ - stream = xact->assoc_stream; + if (xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(xact->assoc_stream_id); if (flags & OGS_PFCP_MODIFY_SESSION) { /* If smf_5gc_pfcp_send_all_pdr_modification_request() is called */ } else { /* If smf_5gc_pfcp_send_qos_flow_modification_request() is called */ - qos_flow = xact->data; - ogs_assert(qos_flow); + qos_flow = smf_qos_flow_find_by_id(OGS_POINTER_TO_UINT(xact->data)); } ogs_list_copy(&pdr_to_create_list, &xact->pdr_to_create_list); @@ -494,10 +495,12 @@ ogs_list_for_each_entry_safe(&sess->qos_flow_to_modify_list, next, qos_flow, to_modify_node) { + smf_sess_t *sess = smf_sess_find_by_id(qos_flow->sess_id); + ogs_assert(sess); smf_metrics_inst_by_5qi_add( - &qos_flow->sess->serving_plmn_id, - &qos_flow->sess->s_nssai, - qos_flow->sess->session.qos.index, + &sess->serving_plmn_id, + &sess->s_nssai, + sess->session.qos.index, SMF_METR_GAUGE_SM_QOSFLOWNBR, -1); smf_bearer_remove(qos_flow); } @@ -526,10 +529,12 @@ ogs_list_for_each_entry_safe(&sess->qos_flow_to_modify_list, next, qos_flow, to_modify_node) { + smf_sess_t *sess = smf_sess_find_by_id(qos_flow->sess_id); + ogs_assert(sess); smf_metrics_inst_by_5qi_add( - &qos_flow->sess->serving_plmn_id, - &qos_flow->sess->s_nssai, - qos_flow->sess->session.qos.index, + &sess->serving_plmn_id, + &sess->s_nssai, + sess->session.qos.index, SMF_METR_GAUGE_SM_QOSFLOWNBR, -1); smf_bearer_remove(qos_flow); } @@ -855,8 +860,7 @@ /* If smf_epc_pfcp_send_pdr_modification_request() is called */ } else { /* If smf_epc_pfcp_send_bearer_modification_request() is called */ - bearer = xact->data; - ogs_assert(bearer); + bearer = smf_bearer_find_by_id(OGS_POINTER_TO_UINT(xact->data)); } flags = xact->modify_flags; ogs_assert(flags); @@ -865,7 +869,7 @@ PFCP Session Report Request, xact->assoc_xact is not a gtp_xact. No need to do anything. */ if (!(flags & OGS_PFCP_MODIFY_URR)) { - gtp_xact = xact->assoc_xact; + gtp_xact = ogs_gtp_xact_find_by_id(xact->assoc_xact_id); gtp_pti = xact->gtp_pti; gtp_cause = xact->gtp_cause; } @@ -1003,7 +1007,7 @@ * * To do this, I saved Bearer Context in Transaction Context. */ - gtp_xact->data = bearer; + gtp_xact->data = OGS_UINT_TO_POINTER(bearer->id); rv = ogs_gtp_xact_commit(gtp_xact); ogs_expect(rv == OGS_OK); @@ -1057,9 +1061,15 @@ /* SMF send Update PDP Context Response (GTPv1C) to SGSN */ if (gtp_xact->gtp_version == 1) { + ogs_pool_id_t bearer_id = OGS_POINTER_TO_UINT(gtp_xact->data); - bearer = gtp_xact->data; - smf_gtp1_send_update_pdp_context_response(bearer, gtp_xact); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && + bearer_id <= OGS_MAX_POOL_ID); + bearer = smf_bearer_find_by_id(bearer_id); + if (bearer) + smf_gtp1_send_update_pdp_context_response(bearer, gtp_xact); + else + ogs_error("Bearer has already been removed"); } else { @@ -1191,7 +1201,7 @@ } ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); report_type.value = pfcp_req->report_type.u8; @@ -1337,7 +1347,8 @@ switch (smf_use_gy_iface()) { case 1: if (!sess->gy.final_unit) { - smf_gy_send_ccr(sess, pfcp_xact, + smf_gy_send_ccr( + sess, pfcp_xact->id, OGS_DIAM_GY_CC_REQUEST_TYPE_UPDATE_REQUEST); } else { ogs_debug("%s:%s Rx PFCP report after Gy Final Unit Indication", @@ -1376,7 +1387,7 @@ smf_ue->imsi_bcd, sess->session.name); ogs_assert(OGS_OK == smf_epc_pfcp_send_session_deletion_request( - sess, NULL)); + sess, OGS_INVALID_POOL_ID)); } else { ogs_warn("%s:%s Error Indication from gNB", smf_ue->supi, sess->session.name);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/namf-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/namf-build.c
Changed
@@ -44,7 +44,7 @@ OpenAPI_ref_to_binary_data_t ngapData; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(smf_ue->supi);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/namf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/namf-handler.c
Changed
@@ -29,7 +29,7 @@ OpenAPI_n1_n2_message_transfer_rsp_data_t *N1N2MessageTransferRspData; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(state); ogs_assert(recvmsg);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/nas-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/nas-path.c
Changed
@@ -30,9 +30,17 @@ e = smf_event_new(SMF_EVT_5GSM_MESSAGE); ogs_assert(e); - e->sess = sess; - e->h.sbi.data = stream; + + e->sess_id = sess->id; e->pkbuf = pkbuf; + + if (stream) { + ogs_pool_id_t stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + e->h.sbi.data = OGS_UINT_TO_POINTER(stream_id);; + } + rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { ogs_error("ogs_queue_push() failed:%d", (int)rv);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/ngap-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/ngap-handler.c
Changed
@@ -46,7 +46,7 @@ ogs_assert(stream); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("PDUSessionResourceSetupResponseTransfer"); @@ -185,7 +185,7 @@ ogs_assert(stream); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("PDUSessionResourceSetupUnsuccessfulTransfer"); @@ -285,7 +285,7 @@ ogs_assert(stream); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("PDUSessionResourceModifyResponseTransfer"); @@ -390,7 +390,7 @@ ogs_assert(stream); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("PathSwitchRequestTransfer"); @@ -517,7 +517,7 @@ ogs_assert(stream); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("HandoverRequiredTransfer"); @@ -569,7 +569,7 @@ ogs_assert(stream); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("HandoverRequestAcknowledgeTransfer");
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/ngap-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/ngap-path.c
Changed
@@ -30,10 +30,17 @@ e = smf_event_new(SMF_EVT_NGAP_MESSAGE); ogs_assert(e); - e->sess = sess; - e->h.sbi.data = stream; + e->sess_id = sess->id; e->pkbuf = pkbuf; e->ngap.type = type; + + if (stream) { + ogs_pool_id_t stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + e->h.sbi.data = OGS_UINT_TO_POINTER(stream_id);; + } + rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) { ogs_error("ogs_queue_push() failed:%d", (int)rv);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/npcf-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/npcf-build.c
Changed
@@ -38,7 +38,7 @@ ogs_assert(sess); ogs_assert(sess->sm_context_ref); ogs_assert(sess->session.name); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); memset(&message, 0, sizeof(message)); @@ -301,7 +301,7 @@ ogs_assert(sess); ogs_assert(sess->sm_context_ref); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(sess->policy_association.resource_uri);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/npcf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/npcf-handler.c
Changed
@@ -304,7 +304,7 @@ ogs_sockaddr_t *addr = NULL, *addr6 = NULL; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(recvmsg); @@ -699,7 +699,7 @@ ogs_assert(sess); ogs_assert(stream); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(recvmsg); @@ -748,7 +748,7 @@ ogs_assert(sess); ogs_assert(stream); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(recvmsg);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/nsmf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/nsmf-handler.c
Changed
@@ -49,7 +49,7 @@ ogs_assert(message); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); SmContextCreateData = message->SmContextCreateData; @@ -398,7 +398,7 @@ ogs_assert(message); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); SmContextUpdateData = message->SmContextUpdateData; @@ -818,7 +818,7 @@ ogs_assert(stream); ogs_assert(message); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); memset(¶m, 0, sizeof(param));
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/nudm-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/nudm-build.c
Changed
@@ -26,7 +26,7 @@ ogs_sbi_request_t *request = NULL; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(smf_ue->supi); @@ -62,7 +62,7 @@ ogs_assert(sess); ogs_assert(sess->psi); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(smf_ue->supi); @@ -123,7 +123,7 @@ ogs_assert(sess); ogs_assert(sess->psi); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(smf_ue->supi);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/nudm-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/nudm-handler.c
Changed
@@ -53,7 +53,7 @@ ogs_assert(sess); ogs_assert(stream); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); server = ogs_sbi_server_from_stream(stream); ogs_assert(server);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/pfcp-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/pfcp-path.c
Changed
@@ -210,6 +210,7 @@ static void sess_5gc_timeout(ogs_pfcp_xact_t *xact, void *data) { + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; smf_ue_t *smf_ue = NULL; smf_sess_t *sess = NULL; ogs_sbi_stream_t *stream = NULL; @@ -222,24 +223,30 @@ ogs_assert(xact); ogs_assert(data); - sess = smf_sess_cycle(data); + if (xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(xact->assoc_stream_id); + + type = xact->seq0.type; + + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = smf_sess_find_by_id(sess_id); if (!sess) { - ogs_warn("Session has already been removed"); + ogs_error("Session has already been removed %d", type); return; } - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); - stream = xact->assoc_stream; - type = xact->seq0.type; - switch (type) { case OGS_PFCP_SESSION_ESTABLISHMENT_REQUEST_TYPE: ogs_warn("No PFCP session establishment response"); e = smf_event_new(SMF_EVT_N4_TIMER); ogs_assert(e); - e->sess = sess; + e->sess_id = sess->id; e->h.timer_id = SMF_TIMER_PFCP_NO_ESTABLISHMENT_RESPONSE; e->pfcp_node = sess->pfcp_node; @@ -298,7 +305,7 @@ removal from pfcp-sm state machine. */ e = smf_event_new(SMF_EVT_N4_TIMER); ogs_assert(e); - e->sess = sess; + e->sess_id = sess->id; e->h.timer_id = SMF_TIMER_PFCP_NO_DELETION_RESPONSE; e->pfcp_node = sess->pfcp_node; @@ -316,11 +323,23 @@ static void sess_epc_timeout(ogs_pfcp_xact_t *xact, void *data) { + smf_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; uint8_t type; ogs_assert(xact); type = xact->seq0.type; + ogs_assert(data); + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = smf_sess_find_by_id(sess_id); + if (!sess) { + ogs_error("Session has already been removed %d", type); + return; + } + switch (type) { case OGS_PFCP_SESSION_ESTABLISHMENT_REQUEST_TYPE: ogs_warn("No PFCP session establishment response"); @@ -339,11 +358,23 @@ static void bearer_epc_timeout(ogs_pfcp_xact_t *xact, void *data) { + smf_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; uint8_t type; ogs_assert(xact); type = xact->seq0.type; + ogs_assert(data); + bearer_id = OGS_POINTER_TO_UINT(data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); + + bearer = smf_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed %d", type); + return; + } + switch (type) { case OGS_PFCP_SESSION_MODIFICATION_REQUEST_TYPE: ogs_error("No PFCP session modification response"); @@ -407,7 +438,8 @@ ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_5gc_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_5gc_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; @@ -480,13 +512,19 @@ if ((flags & OGS_PFCP_MODIFY_ERROR_INDICATION) == 0) ogs_assert(stream); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_5gc_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_5gc_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } - xact->assoc_stream = stream; + if (stream) { + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); + } + xact->local_seid = sess->smf_n4_seid; xact->modify_flags = flags | OGS_PFCP_MODIFY_SESSION; @@ -510,13 +548,19 @@ ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_5gc_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_5gc_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } - xact->assoc_stream = stream; + if (stream) { + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); + } + xact->local_seid = sess->smf_n4_seid; xact->modify_flags = flags | OGS_PFCP_MODIFY_SESSION; @@ -538,13 +582,19 @@ ogs_assert(sess); ogs_assert(trigger); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_5gc_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_5gc_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } - xact->assoc_stream = stream; + if (stream) { + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); + } + xact->delete_trigger = trigger; xact->local_seid = sess->smf_n4_seid; @@ -571,7 +621,7 @@ } int smf_epc_pfcp_send_session_establishment_request( - smf_sess_t *sess, void *gtp_xact, uint64_t flags) + smf_sess_t *sess, ogs_pool_id_t gtp_xact_id, uint64_t flags) { int rv; ogs_pkbuf_t *n4buf = NULL; @@ -580,14 +630,15 @@ ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_epc_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_epc_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } xact->epc = true; /* EPC PFCP transaction */ - xact->assoc_xact = gtp_xact; + xact->assoc_xact_id = gtp_xact_id; xact->local_seid = sess->smf_n4_seid; xact->create_flags = flags; @@ -644,7 +695,7 @@ } int smf_epc_pfcp_send_all_pdr_modification_request( - smf_sess_t *sess, void *gtp_xact, ogs_pkbuf_t *gtpbuf, + smf_sess_t *sess, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf, uint64_t flags, uint8_t gtp_pti, uint8_t gtp_cause) { int rv; @@ -653,14 +704,15 @@ ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_epc_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_epc_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } xact->epc = true; /* EPC PFCP transaction */ - xact->assoc_xact = gtp_xact; + xact->assoc_xact_id = gtp_xact_id; xact->local_seid = sess->smf_n4_seid; xact->modify_flags = flags | OGS_PFCP_MODIFY_SESSION; @@ -686,7 +738,7 @@ } int smf_epc_pfcp_send_one_bearer_modification_request( - smf_bearer_t *bearer, void *gtp_xact, + smf_bearer_t *bearer, ogs_pool_id_t gtp_xact_id, uint64_t flags, uint8_t gtp_pti, uint8_t gtp_cause) { int rv; @@ -694,18 +746,19 @@ smf_sess_t *sess = NULL; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); xact = ogs_pfcp_xact_local_create( - sess->pfcp_node, bearer_epc_timeout, bearer); + sess->pfcp_node, bearer_epc_timeout, + OGS_UINT_TO_POINTER(bearer->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; } xact->epc = true; /* EPC PFCP transaction */ - xact->assoc_xact = gtp_xact; + xact->assoc_xact_id = gtp_xact_id; xact->local_seid = sess->smf_n4_seid; xact->modify_flags = flags; @@ -723,7 +776,7 @@ } int smf_epc_pfcp_send_session_deletion_request( - smf_sess_t *sess, void *gtp_xact) + smf_sess_t *sess, ogs_pool_id_t gtp_xact_id) { int rv; ogs_pkbuf_t *n4buf = NULL; @@ -732,7 +785,8 @@ ogs_assert(sess); - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_epc_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_epc_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR; @@ -761,7 +815,7 @@ * - Bearer Resource Command * - Delete Bearer Request/Response with DEDICATED BEARER. */ - xact->assoc_xact = gtp_xact; + xact->assoc_xact_id = gtp_xact_id; xact->local_seid = sess->smf_n4_seid; memset(&h, 0, sizeof(ogs_pfcp_header_t)); @@ -793,7 +847,7 @@ smf_sess_t *eutran_sess = NULL, *wlan_sess = NULL; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); switch (gtp_cause) { @@ -812,7 +866,7 @@ /* Deactivate WLAN Session */ rv = smf_epc_pfcp_send_all_pdr_modification_request( - wlan_sess, NULL, NULL, + wlan_sess, OGS_INVALID_POOL_ID, NULL, OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_DEACTIVATE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_ACCESS_CHANGED_FROM_NON_3GPP_TO_3GPP); @@ -835,7 +889,7 @@ /* Deactivate EUTRAN Session */ rv = smf_epc_pfcp_send_all_pdr_modification_request( - eutran_sess, NULL, NULL, + eutran_sess, OGS_INVALID_POOL_ID, NULL, OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_DEACTIVATE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_RAT_CHANGED_FROM_3GPP_TO_NON_3GPP);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/pfcp-path.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/pfcp-path.h
Changed
@@ -47,15 +47,15 @@ smf_sess_t *sess, ogs_sbi_stream_t *stream, int trigger); int smf_epc_pfcp_send_session_establishment_request( - smf_sess_t *sess, void *gtp_xact, uint64_t flags); + smf_sess_t *sess, ogs_pool_id_t gtp_xact_id, uint64_t flags); int smf_epc_pfcp_send_all_pdr_modification_request( - smf_sess_t *sess, void *gtp_xact, ogs_pkbuf_t *gtpbuf, + smf_sess_t *sess, ogs_pool_id_t gtp_xact_id, ogs_pkbuf_t *gtpbuf, uint64_t flags, uint8_t gtp_pti, uint8_t gtp_cause); int smf_epc_pfcp_send_one_bearer_modification_request( - smf_bearer_t *bearer, void *gtp_xact, + smf_bearer_t *bearer, ogs_pool_id_t gtp_xact_id, uint64_t flags, uint8_t gtp_pti, uint8_t gtp_cause); int smf_epc_pfcp_send_session_deletion_request( - smf_sess_t *sess, void *gtp_xact); + smf_sess_t *sess, ogs_pool_id_t gtp_xact_id); int smf_epc_pfcp_send_deactivation(smf_sess_t *sess, uint8_t gtp_cause);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/pfcp-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/pfcp-sm.c
Changed
@@ -117,7 +117,7 @@ ogs_pfcp_cp_send_association_setup_request(node, node_timeout); break; case SMF_TIMER_PFCP_NO_ESTABLISHMENT_RESPONSE: - sess = smf_sess_cycle(e->sess); + sess = smf_sess_find_by_id(e->sess_id); if (!sess) { ogs_warn("Session has already been removed"); break; @@ -125,7 +125,7 @@ ogs_fsm_dispatch(&sess->sm, e); break; case SMF_TIMER_PFCP_NO_DELETION_RESPONSE: - sess = smf_sess_cycle(e->sess); + sess = smf_sess_find_by_id(e->sess_id); if (!sess) { ogs_warn("Session has already been removed"); break; @@ -141,7 +141,7 @@ case SMF_EVT_N4_MESSAGE: message = e->pfcp_message; ogs_assert(message); - xact = e->pfcp_xact; + xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(xact); switch (message->h.type) { @@ -223,7 +223,7 @@ case SMF_EVT_N4_MESSAGE: message = e->pfcp_message; ogs_assert(message); - xact = e->pfcp_xact; + xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(xact); if (message->h.seid_presence && message->h.seid != 0) { @@ -237,7 +237,7 @@ sess = smf_sess_find_by_seid(xact->local_seid); } if (sess) - e->sess = sess; + e->sess_id = sess->id; switch (message->h.type) { case OGS_PFCP_HEARTBEAT_REQUEST_TYPE: @@ -313,7 +313,8 @@ if (!message->h.seid_presence) ogs_error("No SEID"); if (!sess) { - ogs_gtp_xact_t *gtp_xact = xact->assoc_xact; + ogs_gtp_xact_t *gtp_xact = + ogs_gtp_xact_find_by_id(xact->assoc_xact_id); ogs_error("No Session"); if (!gtp_xact) { ogs_error("No associated GTP transaction"); @@ -348,7 +349,8 @@ if (!message->h.seid_presence) ogs_error("No SEID"); if (!sess) { - ogs_gtp_xact_t *gtp_xact = xact->assoc_xact; + ogs_gtp_xact_t *gtp_xact = + ogs_gtp_xact_find_by_id(xact->assoc_xact_id); ogs_error("No Session"); if (!gtp_xact) { ogs_error("No associated GTP transaction"); @@ -397,7 +399,7 @@ ogs_pfcp_send_heartbeat_request(node, node_timeout)); break; case SMF_TIMER_PFCP_NO_ESTABLISHMENT_RESPONSE: - sess = smf_sess_cycle(e->sess); + sess = smf_sess_find_by_id(e->sess_id); if (!sess) { ogs_warn("Session has already been removed"); break; @@ -405,7 +407,7 @@ ogs_fsm_dispatch(&sess->sm, e); break; case SMF_TIMER_PFCP_NO_DELETION_RESPONSE: - sess = smf_sess_cycle(e->sess); + sess = smf_sess_find_by_id(e->sess_id); if (!sess) { ogs_warn("Session has already been removed"); break; @@ -482,7 +484,7 @@ OGS_INET6_NTOP(&sess->ipv6->addr, buf2) : ""); ogs_assert(OGS_OK == smf_epc_pfcp_send_session_establishment_request( - sess, NULL, + sess, OGS_INVALID_POOL_ID, OGS_PFCP_CREATE_RESTORATION_INDICATION)); } else { ogs_info("UE SUPI%s DNN%s IPv4%s IPv6%s",
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/s5c-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/s5c-build.c
Changed
@@ -337,7 +337,7 @@ smf_bearer_t *bearer = NULL; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(req); @@ -410,7 +410,7 @@ char tft_bufOGS_GTP2_MAX_TRAFFIC_FLOW_TEMPLATE; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); linked_bearer = smf_default_bearer_in_sess(sess); ogs_assert(linked_bearer); @@ -489,7 +489,7 @@ char tft_bufOGS_GTP2_MAX_TRAFFIC_FLOW_TEMPLATE; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); ogs_debug("SMF Update Bearer Request"); @@ -567,7 +567,7 @@ ogs_gtp2_cause_t cause; ogs_assert(bearer); - sess = bearer->sess; + sess = smf_sess_find_by_id(bearer->sess_id); ogs_assert(sess); linked_bearer = smf_default_bearer_in_sess(sess); ogs_assert(linked_bearer);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/s5c-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/s5c-handler.c
Changed
@@ -29,11 +29,23 @@ static void pfcp_sess_timeout(ogs_pfcp_xact_t *xact, void *data) { + smf_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; uint8_t type; ogs_assert(xact); type = xact->seq0.type; + ogs_assert(data); + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = smf_sess_find_by_id(sess_id); + if (!sess) { + ogs_error("Session has already been removed %d", type); + return; + } + switch (type) { case OGS_PFCP_SESSION_ESTABLISHMENT_REQUEST_TYPE: ogs_error("No PFCP session establishment response"); @@ -178,7 +190,7 @@ if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) return cause_value; - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); /* Set MSISDN: */ @@ -532,7 +544,7 @@ * Check ALL Context ********************/ ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); /* Control Plane(DL) : SGW-S5C */ @@ -630,7 +642,7 @@ ogs_assert(pfcp_xact); pfcp_xact->epc = true; /* EPC PFCP transaction */ - pfcp_xact->assoc_xact = gtp_xact; + pfcp_xact->assoc_xact_id = gtp_xact->id; pfcp_xact->modify_flags = flags|OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_ACTIVATE; @@ -674,6 +686,7 @@ ogs_gtp2_cause_t *cause = NULL; ogs_gtp2_f_teid_t *sgw_s5u_teid = NULL, *pgw_s5u_teid = NULL; smf_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; ogs_pfcp_far_t *dl_far = NULL; ogs_assert(sess); @@ -685,12 +698,22 @@ * Check Transaction ********************/ ogs_assert(xact); - bearer = xact->data; - ogs_assert(bearer); + + bearer_id = OGS_POINTER_TO_UINT(xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); + /******************** + * Check ALL Context + ********************/ + bearer = smf_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed"); + return; + } + /************************ * Check Session Context ************************/ @@ -699,7 +722,7 @@ if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_REMOVE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_REMOVE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); return; @@ -756,7 +779,7 @@ if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_REMOVE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_REMOVE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); return; @@ -774,7 +797,7 @@ ogs_error("GTP Bearer Cause VALUE:%d", cause_value); ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_REMOVE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_REMOVE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); return; @@ -787,7 +810,7 @@ ogs_error("GTP Cause Value:%d", cause_value); ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_REMOVE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_REMOVE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); return; @@ -834,7 +857,7 @@ ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_ACTIVATE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_ACTIVATE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); } @@ -849,6 +872,7 @@ uint64_t gtp_flags = 0; uint64_t pfcp_flags = 0; smf_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; ogs_assert(sess); ogs_assert(rsp); @@ -861,8 +885,9 @@ ogs_assert(xact); gtp_flags = xact->update_flags; ogs_assert(gtp_flags); - bearer = xact->data; - ogs_assert(bearer); + + bearer_id = OGS_POINTER_TO_UINT(xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); @@ -918,8 +943,11 @@ /******************** * Check ALL Context ********************/ - ogs_assert(sess); - ogs_assert(bearer); + bearer = smf_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed"); + return; + } ogs_debug(" SGW_S5C_TEID0x%x SMF_N4_TEID0x%x", sess->sgw_s5c_teid, sess->smf_n4_teid); @@ -940,7 +968,7 @@ if (pfcp_flags) ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, pfcp_flags, + bearer, OGS_INVALID_POOL_ID, pfcp_flags, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); } @@ -953,6 +981,7 @@ int rv; uint8_t cause_value; smf_bearer_t *bearer = NULL; + ogs_pool_id_t bearer_id = OGS_INVALID_POOL_ID; ogs_assert(sess); ogs_assert(rsp); @@ -963,16 +992,19 @@ * Check Transaction ********************/ ogs_assert(xact); - bearer = xact->data; - ogs_assert(bearer); + + bearer_id = OGS_POINTER_TO_UINT(xact->data); + ogs_assert(bearer_id >= OGS_MIN_POOL_ID && bearer_id <= OGS_MAX_POOL_ID); rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); - /******************** - * Check ALL Context - ********************/ - ogs_assert(bearer); + bearer = smf_bearer_find_by_id(bearer_id); + if (!bearer) { + ogs_error("Bearer has already been removed"); + /* Release entire session: */ + return true; + } if (rsp->linked_eps_bearer_id.presence) { /* @@ -1051,7 +1083,7 @@ ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, NULL, OGS_PFCP_MODIFY_REMOVE, + bearer, OGS_INVALID_POOL_ID, OGS_PFCP_MODIFY_REMOVE, OGS_NAS_PROCEDURE_TRANSACTION_IDENTITY_UNASSIGNED, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); return false; @@ -1260,7 +1292,7 @@ OGS_GTP2_TFT_CODE_REPLACE_PACKET_FILTERS_IN_EXISTING) { for (i = 0; i < tft.num_of_packet_filter && i < OGS_MAX_NUM_OF_FLOW_IN_GTP; i++) { - pf = smf_pf_find_by_id(bearer, tft.pfi.identifier+1); + pf = smf_pf_find_by_identifier(bearer, tft.pfi.identifier+1); if (pf) { if (reconfigure_packet_filter(pf, &tft, i) < 0) { ogs_gtp2_send_error_message( @@ -1326,7 +1358,7 @@ for (i = 0; i < tft.num_of_packet_filter && i < OGS_MAX_NUM_OF_FLOW_IN_GTP; i++) { - pf = smf_pf_find_by_id(bearer, tft.pfi.identifier+1); + pf = smf_pf_find_by_identifier(bearer, tft.pfi.identifier+1); if (!pf) pf = smf_pf_add(bearer); ogs_assert(pf); @@ -1391,7 +1423,7 @@ OGS_GTP2_TFT_CODE_DELETE_PACKET_FILTERS_FROM_EXISTING) { for (i = 0; i < tft.num_of_packet_filter && i <= OGS_MAX_NUM_OF_FLOW_IN_GTP; i++) { - pf = smf_pf_find_by_id(bearer, tft.pfi.identifier+1); + pf = smf_pf_find_by_identifier(bearer, tft.pfi.identifier+1); if (pf) smf_pf_remove(pf); } @@ -1438,7 +1470,7 @@ */ ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( - bearer, xact, + bearer, xact->id, OGS_PFCP_MODIFY_DL_ONLY|OGS_PFCP_MODIFY_DEACTIVATE, cmd->procedure_transaction_id.u8, OGS_GTP2_CAUSE_UNDEFINED_VALUE)); @@ -1483,7 +1515,7 @@ * * To do this, I saved Bearer Context in Transaction Context. */ - xact->data = bearer; + xact->data = OGS_UINT_TO_POINTER(bearer->id); rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/s6b-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/s6b-path.c
Changed
@@ -26,7 +26,7 @@ smf_sess_t *sess; os0_t s6b_sid; /* S6B Session-Id */ - ogs_gtp_xact_t *xact; + ogs_pool_id_t xact_id; struct timespec ts; /* Time of sending the message */ }; @@ -102,7 +102,7 @@ ogs_assert(xact); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("AA-Request"); @@ -165,7 +165,7 @@ /* Update session state */ sess_data->sess = sess; - sess_data->xact = xact; + sess_data->xact_id = xact ? xact->id : OGS_INVALID_POOL_ID; /* Set Origin-Host & Origin-Realm */ ret = fd_msg_add_origin(req, 0); @@ -346,7 +346,6 @@ int new; smf_sess_t *sess = NULL; - ogs_gtp_xact_t *xact = NULL; smf_event_t *e = NULL; ogs_diam_s6b_message_t *s6b_message = NULL; @@ -371,8 +370,6 @@ sess = sess_data->sess; ogs_assert(sess); - xact = sess_data->xact; - ogs_assert(xact); s6b_message = ogs_calloc(1, sizeof(ogs_diam_s6b_message_t)); ogs_assert(s6b_message); @@ -442,8 +439,8 @@ if (error && s6b_message->result_code == ER_DIAMETER_SUCCESS) s6b_message->result_code = error; - e->sess = sess; - e->gtp_xact = xact; + e->sess_id = sess->id; + e->gtp_xact_id = sess_data->xact_id; e->s6b_message = s6b_message; ret = ogs_queue_push(ogs_app()->queue, e); if (ret != OGS_OK) { @@ -516,9 +513,8 @@ smf_ue_t *smf_ue = NULL; char *user_name = NULL; - //ogs_assert(xact); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_debug("Session-Termination-Request"); @@ -557,7 +553,7 @@ /* Update session state */ sess_data->sess = sess; - sess_data->xact = xact; + sess_data->xact_id = xact ? xact->id : OGS_INVALID_POOL_ID; /* Set Origin-Host & Origin-Realm */ ret = fd_msg_add_origin(req, 0); @@ -666,6 +662,7 @@ ogs_debug(" Retrieve its data: %s", sess_data->s6b_sid); sess = sess_data->sess; + ogs_assert(sess); s6b_message = ogs_calloc(1, sizeof(ogs_diam_s6b_message_t)); ogs_assert(s6b_message); @@ -736,7 +733,7 @@ e = smf_event_new(SMF_EVT_S6B_MESSAGE); ogs_assert(e); - e->sess = sess; + e->sess_id = sess->id; e->s6b_message = s6b_message; rv = ogs_queue_push(ogs_app()->queue, e); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/sbi-path.c
Changed
@@ -106,7 +106,7 @@ target_nf_type = ogs_sbi_service_type_to_nf_type(service_type); ogs_assert(target_nf_type); ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(build); @@ -198,7 +198,7 @@ } xact = ogs_sbi_xact_add( - &sess->sbi, service_type, discovery_option, + sess->id, &sess->sbi, service_type, discovery_option, (ogs_sbi_build_f)build, sess, data); if (!xact) { ogs_error("smf_sbi_discover_and_send() failed"); @@ -211,7 +211,12 @@ } xact->state = state; - xact->assoc_stream = stream; + + if (stream) { + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); + } r = ogs_sbi_discover_and_send(xact); if (r != OGS_OK) { @@ -238,7 +243,7 @@ int r; ogs_assert(sess); - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(param); @@ -251,7 +256,8 @@ discovery_option, sess->serving_nf_id); xact = ogs_sbi_xact_add( - &sess->sbi, OGS_SBI_SERVICE_TYPE_NAMF_COMM, discovery_option, + sess->id, &sess->sbi, OGS_SBI_SERVICE_TYPE_NAMF_COMM, + discovery_option, (ogs_sbi_build_f)smf_namf_comm_build_n1_n2_message_transfer, sess, param); if (!xact) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/smf/smf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/smf/smf-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -70,6 +70,7 @@ ogs_pfcp_message_t *pfcp_message = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *sbi_request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -77,6 +78,8 @@ ogs_sbi_response_t *sbi_response = NULL; ogs_sbi_message_t sbi_message; ogs_sbi_xact_t *sbi_xact = NULL; + ogs_pool_id_t sbi_xact_id = OGS_INVALID_POOL_ID; + ogs_pool_id_t sbi_object_id = OGS_INVALID_POOL_ID; ogs_nas_5gs_message_t nas_message; ogs_pkbuf_t *pkbuf = NULL; @@ -116,7 +119,7 @@ ogs_pkbuf_free(recvbuf); break; } - e->gtp_xact = gtp_xact; + e->gtp_xact_id = gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID; if (gtp2_message.h.teid_presence && gtp2_message.h.teid != 0) { sess = smf_sess_find_by_teid(gtp2_message.h.teid); @@ -162,7 +165,7 @@ sess->sgw_s5c_teid, gtp2_sender_f_teid.teid_presence, gtp2_sender_f_teid.teid); - e->sess = sess; + e->sess_id = sess->id; ogs_fsm_dispatch(&sess->sm, e); break; case OGS_GTP2_DELETE_SESSION_REQUEST_TYPE: @@ -190,7 +193,7 @@ break; } } - e->sess = sess; + e->sess_id = sess->id; ogs_fsm_dispatch(&sess->sm, e); break; case OGS_GTP2_MODIFY_BEARER_REQUEST_TYPE: @@ -216,7 +219,7 @@ ogs_error("TODO: NACK the message"); break; } - e->sess = sess; + e->sess_id = sess->id; ogs_fsm_dispatch(&sess->sm, e); break; case OGS_GTP2_BEARER_RESOURCE_COMMAND_TYPE: @@ -258,7 +261,7 @@ ogs_pkbuf_free(recvbuf); break; } - e->gtp_xact = gtp_xact; + e->gtp_xact_id = gtp_xact ? gtp_xact->id : OGS_INVALID_POOL_ID; switch(gtp1_message.h.type) { case OGS_GTP1_ECHO_REQUEST_TYPE: @@ -282,7 +285,7 @@ OGS_GTP1_CAUSE_CONTEXT_NOT_FOUND); break; } - e->sess = sess; + e->sess_id = sess->id; ogs_fsm_dispatch(&sess->sm, e); break; case OGS_GTP1_DELETE_PDP_CONTEXT_REQUEST_TYPE: @@ -294,7 +297,7 @@ OGS_GTP1_CAUSE_NON_EXISTENT); break; } - e->sess = sess; + e->sess_id = sess->id; ogs_fsm_dispatch(&sess->sm, e); break; case OGS_GTP1_UPDATE_PDP_CONTEXT_REQUEST_TYPE: @@ -317,7 +320,7 @@ gx_message = e->gx_message; ogs_assert(gx_message); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch(gx_message->cmd_code) { @@ -352,7 +355,7 @@ gy_message = e->gy_message; ogs_assert(gy_message); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch(gy_message->cmd_code) { @@ -374,7 +377,7 @@ ogs_assert(e); s6b_message = e->s6b_message; ogs_assert(s6b_message); - sess = e->sess; + sess = smf_sess_find_by_id(e->sess_id); ogs_assert(sess); switch(s6b_message->cmd_code) { @@ -419,7 +422,7 @@ } e->pfcp_message = pfcp_message; - e->pfcp_xact = pfcp_xact; + e->pfcp_xact_id = pfcp_xact ? pfcp_xact->id : OGS_INVALID_POOL_ID; e->gtp2_message = NULL; if (pfcp_xact->gtpbuf) { @@ -448,8 +451,16 @@ case OGS_EVENT_SBI_SERVER: sbi_request = e->h.sbi.request; ogs_assert(sbi_request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&sbi_message, sbi_request); if (rv != OGS_OK) { @@ -569,11 +580,11 @@ END if (sess) { - smf_ue = sess->smf_ue; + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(OGS_FSM_STATE(&sess->sm)); - e->sess = sess; + e->sess_id = sess->id; e->h.sbi.message = &sbi_message; ogs_fsm_dispatch(&sess->sm, e); } @@ -763,8 +774,18 @@ CASE(OGS_SBI_SERVICE_NAME_NNRF_DISC) SWITCH(sbi_message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_NF_INSTANCES) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); + if (!sbi_xact) { + /* CLIENT_WAIT timer could remove SBI transaction + * before receiving SBI message */ + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); + break; + } SWITCH(sbi_message.h.method) CASE(OGS_SBI_HTTP_METHOD_GET) @@ -791,35 +812,41 @@ CASE(OGS_SBI_SERVICE_NAME_NUDM_SDM) CASE(OGS_SBI_SERVICE_NAME_NPCF_SMPOLICYCONTROL) CASE(OGS_SBI_SERVICE_NAME_NAMF_COMM) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - sess = (smf_sess_t *)sbi_xact->sbi_object; - ogs_assert(sess); + sbi_object_id = sbi_xact->sbi_object_id; + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); + + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + e->h.sbi.data = OGS_UINT_TO_POINTER(sbi_xact->assoc_stream_id); - e->h.sbi.data = sbi_xact->assoc_stream; e->h.sbi.state = sbi_xact->state; ogs_sbi_xact_remove(sbi_xact); - sess = smf_sess_cycle(sess); + sess = smf_sess_find_by_id(sbi_object_id); if (!sess) { ogs_error("Session has already been removed"); break; } - smf_ue = smf_ue_cycle(sess->smf_ue); + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); ogs_assert(OGS_FSM_STATE(&sess->sm)); - e->sess = sess; + e->sess_id = sess->id; e->h.sbi.message = &sbi_message; ogs_fsm_dispatch(&sess->sm, e); @@ -829,32 +856,38 @@ int state = 0; bool unknown_res_status = false; - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - sess = (smf_sess_t *)sbi_xact->sbi_object; - ogs_assert(sess); + sbi_object_id = sbi_xact->sbi_object_id; + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); + + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(sbi_xact->assoc_stream_id); - stream = sbi_xact->assoc_stream; state = sbi_xact->state; ogs_assert(state); ogs_sbi_xact_remove(sbi_xact); - sess = smf_sess_cycle(sess); + sess = smf_sess_find_by_id(sbi_object_id); if (!sess) { ogs_error("Session has already been removed"); break; } - smf_ue = smf_ue_cycle(sess->smf_ue); + smf_ue = smf_ue_find_by_id(sess->smf_ue_id); ogs_assert(smf_ue); if (state == SMF_UECM_STATE_REGISTERED) { @@ -988,15 +1021,22 @@ * 4. timer expiration event is processed. (double-free SBI xact) * * To avoid double-free SBI xact, - * we need to check ogs_sbi_xact_cycle() + * we need to check ogs_sbi_xact_find_by_id() */ - sbi_xact = ogs_sbi_xact_cycle(e->h.sbi.data); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - stream = sbi_xact->assoc_stream; + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(sbi_xact->assoc_stream_id); /* Here, we should not use ogs_assert(stream) * since 'namf-comm' service has no an associated stream. */ @@ -1018,10 +1058,6 @@ break; case SMF_EVT_5GSM_MESSAGE: - sess = e->sess; - ogs_assert(sess); - stream = e->h.sbi.data; - ogs_assert(stream); pkbuf = e->pkbuf; ogs_assert(pkbuf); @@ -1031,8 +1067,7 @@ return; } - ogs_assert(sess); - sess = smf_sess_cycle(sess); + sess = smf_sess_find_by_id(e->sess_id); if (!sess) { ogs_error("Session has already been removed"); ogs_pkbuf_free(pkbuf); @@ -1046,16 +1081,11 @@ break; case SMF_EVT_NGAP_MESSAGE: - sess = e->sess; - ogs_assert(sess); - stream = e->h.sbi.data; - ogs_assert(stream); pkbuf = e->pkbuf; ogs_assert(pkbuf); ogs_assert(e->ngap.type); - ogs_assert(sess); - sess = smf_sess_cycle(sess); + sess = smf_sess_find_by_id(e->sess_id); if (!sess) { ogs_error("Session has already been removed"); ogs_pkbuf_free(pkbuf);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/context.c
Changed
@@ -151,12 +151,11 @@ ogs_assert(suci); - ogs_pool_alloc(&udm_ue_pool, &udm_ue); + ogs_pool_id_calloc(&udm_ue_pool, &udm_ue); if (!udm_ue) { ogs_error("No memory pool %s", suci); return NULL; } - memset(udm_ue, 0, sizeof *udm_ue); /* SBI Type */ udm_ue->sbi.type = OGS_SBI_OBJ_UE_TYPE; @@ -165,7 +164,7 @@ (int)ogs_pool_index(&udm_ue_pool, udm_ue)); if (!udm_ue->ctx_id) { ogs_error("No memory for udm_ue->ctx_id %s", suci); - ogs_pool_free(&udm_ue_pool, udm_ue); + ogs_pool_id_free(&udm_ue_pool, udm_ue); return NULL; } @@ -173,7 +172,7 @@ if (!udm_ue->suci) { ogs_error("No memory for udm_ue->suci %s", suci); ogs_free(udm_ue->ctx_id); - ogs_pool_free(&udm_ue_pool, udm_ue); + ogs_pool_id_free(&udm_ue_pool, udm_ue); return NULL; } @@ -182,7 +181,7 @@ ogs_error("No memory for udm_ue->supi %s", suci); ogs_free(udm_ue->suci); ogs_free(udm_ue->ctx_id); - ogs_pool_free(&udm_ue_pool, udm_ue); + ogs_pool_id_free(&udm_ue_pool, udm_ue); return NULL; } @@ -190,7 +189,7 @@ ogs_hash_set(self.supi_hash, udm_ue->supi, strlen(udm_ue->supi), udm_ue); memset(&e, 0, sizeof(e)); - e.udm_ue = udm_ue; + e.udm_ue_id = udm_ue->id; ogs_fsm_init(&udm_ue->sm, udm_ue_state_initial, udm_ue_state_final, &e); ogs_list_add(&self.udm_ue_list, udm_ue); @@ -207,7 +206,7 @@ ogs_list_remove(&self.udm_ue_list, udm_ue); memset(&e, 0, sizeof(e)); - e.udm_ue = udm_ue; + e.udm_ue_id = udm_ue->id; ogs_fsm_fini(&udm_ue->sm, &e); /* Free SBI object memory */ @@ -240,7 +239,7 @@ if (udm_ue->dereg_callback_uri) ogs_free(udm_ue->dereg_callback_uri); - ogs_pool_free(&udm_ue_pool, udm_ue); + ogs_pool_id_free(&udm_ue_pool, udm_ue); } void udm_ue_remove_all(void) @@ -286,18 +285,17 @@ ogs_assert(udm_ue); ogs_assert(psi != OGS_NAS_PDU_SESSION_IDENTITY_UNASSIGNED); - ogs_pool_alloc(&udm_sess_pool, &sess); + ogs_pool_id_calloc(&udm_sess_pool, &sess); ogs_assert(sess); - memset(sess, 0, sizeof *sess); /* SBI Type */ sess->sbi.type = OGS_SBI_OBJ_SESS_TYPE; - sess->udm_ue = udm_ue; + sess->udm_ue_id = udm_ue->id; sess->psi = psi; memset(&e, 0, sizeof(e)); - e.sess = sess; + e.sess_id = sess->id; ogs_fsm_init(&sess->sm, udm_sess_state_initial, udm_sess_state_final, &e); ogs_list_add(&udm_ue->sess_list, sess); @@ -308,14 +306,16 @@ void udm_sess_remove(udm_sess_t *sess) { udm_event_t e; + udm_ue_t *udm_ue = NULL; ogs_assert(sess); - ogs_assert(sess->udm_ue); + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); + ogs_assert(udm_ue); - ogs_list_remove(&sess->udm_ue->sess_list, sess); + ogs_list_remove(&udm_ue->sess_list, sess); memset(&e, 0, sizeof(e)); - e.sess = sess; + e.sess_id = sess->id; ogs_fsm_fini(&sess->sm, &e); /* Free SBI object memory */ @@ -329,7 +329,7 @@ if (sess->smf_instance_id) ogs_free(sess->smf_instance_id); - ogs_pool_free(&udm_sess_pool, sess); + ogs_pool_id_free(&udm_sess_pool, sess); } void udm_sess_remove_all(udm_ue_t *udm_ue) @@ -352,14 +352,14 @@ return NULL; } -udm_ue_t *udm_ue_cycle(udm_ue_t *udm_ue) +udm_ue_t *udm_ue_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&udm_ue_pool, udm_ue); + return ogs_pool_find_by_id(&udm_ue_pool, id); } -udm_sess_t *udm_sess_cycle(udm_sess_t *sess) +udm_sess_t *udm_sess_find_by_id(ogs_pool_id_t id) { - return ogs_pool_cycle(&udm_sess_pool, sess); + return ogs_pool_find_by_id(&udm_sess_pool, id); } udm_sdm_subscription_t *udm_sdm_subscription_add(udm_ue_t *udm_ue)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/context.h
Changed
@@ -46,6 +46,7 @@ struct udm_ue_s { ogs_sbi_object_t sbi; + ogs_pool_id_t id; ogs_fsm_t sm; OpenAPI_auth_event_t *auth_event; @@ -78,6 +79,7 @@ struct udm_sess_s { ogs_sbi_object_t sbi; + ogs_pool_id_t id; ogs_fsm_t sm; uint8_t psi; /* PDU Session Identity */ @@ -87,7 +89,7 @@ char *smf_instance_id; /* Related Context */ - udm_ue_t *udm_ue; + ogs_pool_id_t udm_ue_id; }; typedef struct udm_sdm_subscription_s { @@ -118,8 +120,8 @@ void udm_sess_remove_all(udm_ue_t *udm_ue); udm_sess_t *udm_sess_find_by_psi(udm_ue_t *udm_ue, uint8_t psi); -udm_ue_t *udm_ue_cycle(udm_ue_t *udm_ue); -udm_sess_t *udm_sess_cycle(udm_sess_t *sess); +udm_ue_t *udm_ue_find_by_id(ogs_pool_id_t id); +udm_sess_t *udm_sess_find_by_id(ogs_pool_id_t id); udm_sdm_subscription_t *udm_sdm_subscription_add(udm_ue_t *udm_ue); void udm_sdm_subscription_remove(udm_sdm_subscription_t *subscription);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/event.h
Changed
@@ -32,8 +32,8 @@ typedef struct udm_event_s { ogs_event_t h; - udm_ue_t *udm_ue; - udm_sess_t *sess; + ogs_pool_id_t udm_ue_id; + ogs_pool_id_t sess_id; } udm_event_t; OGS_STATIC_ASSERT(OGS_EVENT_SIZE >= sizeof(udm_event_t));
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/nnrf-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/nnrf-handler.c
Changed
@@ -25,6 +25,7 @@ { ogs_sbi_nf_instance_t *nf_instance = NULL; ogs_sbi_object_t *sbi_object = NULL; + ogs_pool_id_t sbi_object_id = OGS_INVALID_POOL_ID; ogs_sbi_service_type_e service_type = OGS_SBI_SERVICE_TYPE_NULL; ogs_sbi_discovery_option_t *discovery_option = NULL; @@ -46,6 +47,10 @@ requester_nf_type = xact->requester_nf_type; ogs_assert(requester_nf_type); + sbi_object_id = xact->sbi_object_id; + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); + discovery_option = xact->discovery_option; SearchResult = recvmsg->SearchResult; @@ -55,12 +60,12 @@ } if (sbi_object->type == OGS_SBI_OBJ_UE_TYPE) { - udm_ue = (udm_ue_t *)sbi_object; + udm_ue = udm_ue_find_by_id(sbi_object_id); ogs_assert(udm_ue); } else if (sbi_object->type == OGS_SBI_OBJ_SESS_TYPE) { - sess = (udm_sess_t *)sbi_object; + sess = udm_sess_find_by_id(sbi_object_id); ogs_assert(sess); - udm_ue = sess->udm_ue; + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); ogs_assert(udm_ue); } else { ogs_fatal("(NF discover) Not implemented %s:%d",
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/nudm-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/nudm-handler.c
Changed
@@ -530,7 +530,7 @@ ogs_assert(message); ogs_assert(sess); - udm_ue = sess->udm_ue; + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); ogs_assert(udm_ue); SmfRegistration = message->SmfRegistration; @@ -604,7 +604,7 @@ ogs_assert(message); ogs_assert(sess); - udm_ue = sess->udm_ue; + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); ogs_assert(udm_ue); r = udm_sess_sbi_discover_and_send(OGS_SBI_SERVICE_TYPE_NUDR_DR, NULL,
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/nudr-build.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/nudr-build.c
Changed
@@ -256,7 +256,7 @@ ogs_sbi_request_t *request = NULL; ogs_assert(sess); - udm_ue = sess->udm_ue; + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); ogs_assert(udm_ue); memset(&message, 0, sizeof(message)); @@ -301,7 +301,7 @@ ogs_sbi_request_t *request = NULL; ogs_assert(sess); - udm_ue = sess->udm_ue; + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); ogs_assert(udm_ue); memset(&message, 0, sizeof(message));
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/nudr-handler.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/nudr-handler.c
Changed
@@ -754,7 +754,7 @@ int status; ogs_assert(sess); - udm_ue = sess->udm_ue; + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); ogs_assert(udm_ue); ogs_assert(stream); server = ogs_sbi_server_from_stream(stream);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/sbi-path.c
Changed
@@ -97,6 +97,7 @@ } static int udm_sbi_discover_and_send( + ogs_pool_id_t sbi_object_id, ogs_sbi_object_t *sbi_object, ogs_sbi_service_type_e service_type, ogs_sbi_discovery_option_t *discovery_option, @@ -111,15 +112,22 @@ ogs_assert(stream); ogs_assert(build); + ogs_assert(sbi_object_id >= OGS_MIN_POOL_ID && + sbi_object_id <= OGS_MAX_POOL_ID); + xact = ogs_sbi_xact_add( - sbi_object, service_type, discovery_option, + sbi_object_id, sbi_object, service_type, discovery_option, (ogs_sbi_build_f)build, context, data); if (!xact) { ogs_error("udm_sbi_discover_and_send() failed"); return OGS_ERROR; } - xact->assoc_stream = stream; + if (stream) { + xact->assoc_stream_id = ogs_sbi_id_from_stream(stream); + ogs_assert(xact->assoc_stream_id >= OGS_MIN_POOL_ID && + xact->assoc_stream_id <= OGS_MAX_POOL_ID); + } r = ogs_sbi_discover_and_send(xact); if (r != OGS_OK) { @@ -139,9 +147,11 @@ { int r; + ogs_assert(udm_ue->id >= OGS_MIN_POOL_ID && udm_ue->id <= OGS_MAX_POOL_ID); + r = udm_sbi_discover_and_send( - &udm_ue->sbi, service_type, discovery_option, - (ogs_sbi_build_f)build, udm_ue, stream, data); + udm_ue->id, &udm_ue->sbi, service_type, discovery_option, + (ogs_sbi_build_f)build, udm_ue, stream, data); if (r != OGS_OK) { ogs_error("udm_ue_sbi_discover_and_send() failed"); ogs_assert(true == @@ -162,9 +172,11 @@ { int r; + ogs_assert(sess->id >= OGS_MIN_POOL_ID && sess->id <= OGS_MAX_POOL_ID); + r = udm_sbi_discover_and_send( - &sess->sbi, service_type, discovery_option, - (ogs_sbi_build_f)build, sess, stream, data); + sess->id, &sess->sbi, service_type, discovery_option, + (ogs_sbi_build_f)build, sess, stream, data); if (r != OGS_OK) { ogs_error("udm_sess_sbi_discover_and_send() failed"); ogs_assert(true ==
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/sess-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/sess-sm.c
Changed
@@ -40,6 +40,7 @@ udm_sess_t *sess = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *message = NULL; ogs_assert(s); @@ -47,9 +48,9 @@ udm_sm_debug(e); - sess = e->sess; + sess = udm_sess_find_by_id(e->sess_id); ogs_assert(sess); - udm_ue = sess->udm_ue; + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); ogs_assert(udm_ue); switch (e->h.id) { @@ -62,8 +63,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NUDM_UECM) @@ -112,8 +121,16 @@ case OGS_EVENT_SBI_CLIENT: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NUDR_DR) @@ -162,9 +179,9 @@ udm_sm_debug(e); - sess = e->sess; + sess = udm_sess_find_by_id(e->sess_id); ogs_assert(sess); - udm_ue = sess->udm_ue; + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); ogs_assert(udm_ue); switch (e->h.id) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/udm-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/udm-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -40,6 +40,7 @@ const char *api_version = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -47,9 +48,12 @@ ogs_sbi_response_t *response = NULL; ogs_sbi_message_t message; ogs_sbi_xact_t *sbi_xact = NULL; + ogs_pool_id_t sbi_xact_id = OGS_INVALID_POOL_ID; udm_ue_t *udm_ue = NULL; + ogs_pool_id_t udm_ue_id = OGS_INVALID_POOL_ID; udm_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; udm_sm_debug(e); @@ -65,8 +69,16 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) { @@ -203,7 +215,7 @@ ogs_assert(sess); ogs_assert(OGS_FSM_STATE(&sess->sm)); - e->sess = sess; + e->sess_id = sess->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&sess->sm, e); if (OGS_FSM_CHECK(&sess->sm, udm_sess_state_exception)) { @@ -216,7 +228,7 @@ DEFAULT ogs_assert(OGS_FSM_STATE(&udm_ue->sm)); - e->udm_ue = udm_ue; + e->udm_ue_id = udm_ue->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&udm_ue->sm, e); if (OGS_FSM_CHECK(&udm_ue->sm, udm_ue_state_exception)) { @@ -337,8 +349,18 @@ CASE(OGS_SBI_SERVICE_NAME_NNRF_DISC) SWITCH(message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_NF_INSTANCES) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); + if (!sbi_xact) { + /* CLIENT_WAIT timer could remove SBI transaction + * before receiving SBI message */ + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); + break; + } SWITCH(message.h.method) CASE(OGS_SBI_HTTP_METHOD_GET) @@ -367,37 +389,44 @@ CASE(OGS_SBI_RESOURCE_NAME_SUBSCRIPTION_DATA) SWITCH(message.h.resource.component3) CASE(OGS_SBI_RESOURCE_NAME_SMF_REGISTRATIONS) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error( + "SBI transaction has already been removed %d", + sbi_xact_id); break; } - sess = (udm_sess_t *)sbi_xact->sbi_object; - ogs_assert(sess); - - e->h.sbi.data = sbi_xact->assoc_stream; + sess_id = sbi_xact->sbi_object_id; + ogs_assert(sess_id >= OGS_MIN_POOL_ID && + sess_id <= OGS_MAX_POOL_ID); + + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + e->h.sbi.data = + OGS_UINT_TO_POINTER(sbi_xact->assoc_stream_id); ogs_sbi_xact_remove(sbi_xact); - sess = udm_sess_cycle(sess); + sess = udm_sess_find_by_id(sess_id); if (!sess) { ogs_error("SESS Context has already been removed"); break; } - udm_ue = udm_ue_cycle(sess->udm_ue); + udm_ue = udm_ue_find_by_id(sess->udm_ue_id); if (!udm_ue) { ogs_error("UE Context has already been removed"); break; } - e->sess = sess; + e->sess_id = sess->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&sess->sm, e); @@ -409,31 +438,38 @@ break; DEFAULT - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ - ogs_error("SBI transaction has already been removed"); + ogs_error( + "SBI transaction has already been removed %d", + sbi_xact_id); break; } - udm_ue = (udm_ue_t *)sbi_xact->sbi_object; - ogs_assert(udm_ue); - - e->h.sbi.data = sbi_xact->assoc_stream; + udm_ue_id = sbi_xact->sbi_object_id; + ogs_assert(udm_ue_id >= OGS_MIN_POOL_ID && + udm_ue_id <= OGS_MAX_POOL_ID); + + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + e->h.sbi.data = + OGS_UINT_TO_POINTER(sbi_xact->assoc_stream_id); ogs_sbi_xact_remove(sbi_xact); - udm_ue = udm_ue_cycle(udm_ue); + udm_ue = udm_ue_find_by_id(udm_ue_id); if (!udm_ue) { ogs_error("UE Context has already been removed"); break; } - e->udm_ue = udm_ue; + e->udm_ue_id = udm_ue->id; e->h.sbi.message = &message; ogs_fsm_dispatch(&udm_ue->sm, e); @@ -534,20 +570,32 @@ * 4. timer expiration event is processed. (double-free SBI xact) * * To avoid double-free SBI xact, - * we need to check ogs_sbi_xact_cycle() + * we need to check ogs_sbi_xact_find_by_id() */ - sbi_xact = ogs_sbi_xact_cycle(e->h.sbi.data); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { - ogs_error("SBI transaction has already been removed"); + ogs_error("SBI transaction has already been removed %d", + sbi_xact_id); break; } - stream = sbi_xact->assoc_stream; - ogs_assert(stream); + ogs_assert(sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID); + stream = ogs_sbi_stream_find_by_id(sbi_xact->assoc_stream_id); ogs_sbi_xact_remove(sbi_xact); ogs_error("Cannot receive SBI message"); + + if (!stream) { + ogs_error("STREAM has alreadt been removed %d", + sbi_xact->assoc_stream_id); + break; + } ogs_assert(true == ogs_sbi_server_send_error(stream, OGS_SBI_HTTP_STATUS_GATEWAY_TIMEOUT, NULL,
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udm/ue-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udm/ue-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019,2020 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -38,6 +38,7 @@ udm_ue_t *udm_ue = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_message_t *message = NULL; int r; @@ -46,7 +47,7 @@ udm_sm_debug(e); - udm_ue = e->udm_ue; + udm_ue = udm_ue_find_by_id(e->udm_ue_id); ogs_assert(udm_ue); switch (e->h.id) { @@ -59,8 +60,16 @@ case OGS_EVENT_SBI_SERVER: message = e->h.sbi.message; ogs_assert(message); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NUDM_UEAU) @@ -264,10 +273,18 @@ message = e->h.sbi.message; ogs_assert(message); - udm_ue = e->udm_ue; + udm_ue = udm_ue_find_by_id(e->udm_ue_id); ogs_assert(udm_ue); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } SWITCH(message->h.service.name) CASE(OGS_SBI_SERVICE_NAME_NUDR_DR) @@ -329,7 +346,7 @@ udm_sm_debug(e); - udm_ue = e->udm_ue; + udm_ue = udm_ue_find_by_id(e->udm_ue_id); ogs_assert(udm_ue); switch (e->h.id) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/udr/udr-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/udr/udr-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -41,6 +41,7 @@ int rv; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = OGS_INVALID_POOL_ID; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -62,8 +63,16 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) {
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/upf/context.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/upf/context.c
Changed
@@ -175,9 +175,8 @@ ogs_assert(cp_f_seid); - ogs_pool_alloc(&upf_sess_pool, &sess); + ogs_pool_id_calloc(&upf_sess_pool, &sess); ogs_assert(sess); - memset(sess, 0, sizeof *sess); ogs_pfcp_pool_init(&sess->pfcp); @@ -244,7 +243,7 @@ ogs_pfcp_pool_final(&sess->pfcp); ogs_pool_free(&upf_n4_seid_pool, sess->upf_n4_seid_node); - ogs_pool_free(&upf_sess_pool, sess); + ogs_pool_id_free(&upf_sess_pool, sess); if (sess->apn_dnn) ogs_free(sess->apn_dnn); upf_metrics_inst_global_dec(UPF_METR_GLOB_GAUGE_UPF_SESSIONNBR); @@ -352,6 +351,11 @@ return ret; } +upf_sess_t *upf_sess_find_by_id(ogs_pool_id_t id) +{ + return ogs_pool_find_by_id(&upf_sess_pool, id); +} + upf_sess_t *upf_sess_add_by_message(ogs_pfcp_message_t *message) { upf_sess_t *sess = NULL;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/upf/context.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/upf/context.h
Changed
@@ -100,6 +100,7 @@ #define UPF_SESS(pfcp_sess) ogs_container_of(pfcp_sess, upf_sess_t, pfcp) typedef struct upf_sess_s { ogs_lnode_t lnode; + ogs_pool_id_t id; ogs_pool_id_t *upf_n4_seid_node; /* A node of UPF-N4-SEID */ ogs_pfcp_sess_t pfcp; @@ -141,6 +142,7 @@ upf_sess_t *upf_sess_find_by_upf_n4_seid(uint64_t seid); upf_sess_t *upf_sess_find_by_ipv4(uint32_t addr); upf_sess_t *upf_sess_find_by_ipv6(uint32_t *addr6); +upf_sess_t *upf_sess_find_by_id(ogs_pool_id_t id); uint8_t upf_sess_set_ue_ip(upf_sess_t *sess, uint8_t session_type, ogs_pfcp_pdr_t *pdr);
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/upf/event.h -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/upf/event.h
Changed
@@ -49,7 +49,7 @@ ogs_pkbuf_t *pkbuf; ogs_pfcp_node_t *pfcp_node; - ogs_pfcp_xact_t *pfcp_xact; + ogs_pool_id_t pfcp_xact_id; ogs_pfcp_message_t *pfcp_message; } upf_event_t;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/upf/pfcp-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/upf/pfcp-path.c
Changed
@@ -270,11 +270,23 @@ static void sess_timeout(ogs_pfcp_xact_t *xact, void *data) { + upf_sess_t *sess = NULL; + ogs_pool_id_t sess_id = OGS_INVALID_POOL_ID; uint8_t type; ogs_assert(xact); type = xact->seq0.type; + ogs_assert(data); + sess_id = OGS_POINTER_TO_UINT(data); + ogs_assert(sess_id >= OGS_MIN_POOL_ID && sess_id <= OGS_MAX_POOL_ID); + + sess = upf_sess_find_by_id(sess_id); + if (!sess) { + ogs_error("Session has already been removed %d", type); + return; + } + switch (type) { case OGS_PFCP_SESSION_REPORT_REQUEST_TYPE: ogs_error("No PFCP session report response"); @@ -302,7 +314,8 @@ h.type = OGS_PFCP_SESSION_REPORT_REQUEST_TYPE; h.seid = sess->smf_n4_f_seid.seid; - xact = ogs_pfcp_xact_local_create(sess->pfcp_node, sess_timeout, sess); + xact = ogs_pfcp_xact_local_create( + sess->pfcp_node, sess_timeout, OGS_UINT_TO_POINTER(sess->id)); if (!xact) { ogs_error("ogs_pfcp_xact_local_create() failed"); return OGS_ERROR;
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/upf/pfcp-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/upf/pfcp-sm.c
Changed
@@ -122,7 +122,7 @@ case UPF_EVT_N4_MESSAGE: message = e->pfcp_message; ogs_assert(message); - xact = e->pfcp_xact; + xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(xact); switch (message->h.type) { @@ -204,7 +204,7 @@ case UPF_EVT_N4_MESSAGE: message = e->pfcp_message; ogs_assert(message); - xact = e->pfcp_xact; + xact = ogs_pfcp_xact_find_by_id(e->pfcp_xact_id); ogs_assert(xact); if (message->h.seid_presence && message->h.seid != 0)
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/src/upf/upf-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/src/upf/upf-sm.c
Changed
@@ -87,7 +87,7 @@ } e->pfcp_message = pfcp_message; - e->pfcp_xact = xact; + e->pfcp_xact_id = xact ? xact->id : OGS_INVALID_POOL_ID; ogs_fsm_dispatch(&node->sm, e); if (OGS_FSM_CHECK(&node->sm, upf_pfcp_state_exception)) { ogs_error("PFCP state machine exception");
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/tests/af/af-sm.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/tests/af/af-sm.c
Changed
@@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2022 by Sukchan Lee <acetcom@gmail.com> + * Copyright (C) 2019-2024 by Sukchan Lee <acetcom@gmail.com> * * This file is part of Open5GS. * @@ -45,6 +45,7 @@ af_sess_t *sess = NULL; ogs_sbi_stream_t *stream = NULL; + ogs_pool_id_t stream_id = 0; ogs_sbi_request_t *request = NULL; ogs_sbi_nf_instance_t *nf_instance = NULL; @@ -52,6 +53,7 @@ ogs_sbi_response_t *response = NULL; ogs_sbi_message_t message; ogs_sbi_xact_t *sbi_xact = NULL; + ogs_pool_id_t sbi_xact_id = 0; af_sm_debug(e); @@ -67,8 +69,16 @@ case OGS_EVENT_SBI_SERVER: request = e->h.sbi.request; ogs_assert(request); - stream = e->h.sbi.data; - ogs_assert(stream); + + stream_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(stream_id >= OGS_MIN_POOL_ID && + stream_id <= OGS_MAX_POOL_ID); + + stream = ogs_sbi_stream_find_by_id(stream_id); + if (!stream) { + ogs_error("STREAM has already been removed %d", stream_id); + break; + } rv = ogs_sbi_parse_request(&message, request); if (rv != OGS_OK) { @@ -278,8 +288,17 @@ CASE(OGS_SBI_SERVICE_NAME_NNRF_DISC) SWITCH(message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_NF_INSTANCES) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); + if (!sbi_xact) { + /* CLIENT_WAIT timer could remove SBI transaction + * before receiving SBI message */ + ogs_error("SBI transaction has already been removed"); + break; + } SWITCH(message.h.method) CASE(OGS_SBI_HTTP_METHOD_GET) @@ -306,10 +325,11 @@ CASE(OGS_SBI_SERVICE_NAME_NBSF_MANAGEMENT) SWITCH(message.h.resource.component0) CASE(OGS_SBI_RESOURCE_NAME_PCF_BINDINGS) - sbi_xact = e->h.sbi.data; - ogs_assert(sbi_xact); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); - sbi_xact = ogs_sbi_xact_cycle(sbi_xact); + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { /* CLIENT_WAIT timer could remove SBI transaction * before receiving SBI message */ @@ -478,15 +498,21 @@ * 4. timer expiration event is processed. (double-free SBI xact) * * To avoid double-free SBI xact, - * we need to check ogs_sbi_xact_cycle() + * we need to check ogs_sbi_xact_find_by_id() */ - sbi_xact = ogs_sbi_xact_cycle(e->h.sbi.data); + sbi_xact_id = OGS_POINTER_TO_UINT(e->h.sbi.data); + ogs_assert(sbi_xact_id >= OGS_MIN_POOL_ID && + sbi_xact_id <= OGS_MAX_POOL_ID); + + sbi_xact = ogs_sbi_xact_find_by_id(sbi_xact_id); if (!sbi_xact) { ogs_error("SBI transaction has already been removed"); break; } - stream = sbi_xact->assoc_stream; + if (sbi_xact->assoc_stream_id >= OGS_MIN_POOL_ID && + sbi_xact->assoc_stream_id <= OGS_MAX_POOL_ID) + stream = ogs_sbi_stream_find_by_id(sbi_xact->assoc_stream_id); /* Here, we should not use ogs_assert(stream) * since 'namf-comm' service has no an associated stream. */
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/tests/af/sbi-path.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/tests/af/sbi-path.c
Changed
@@ -74,7 +74,7 @@ ogs_assert(build); xact = ogs_sbi_xact_add( - &sess->sbi, service_type, discovery_option, + 0, &sess->sbi, service_type, discovery_option, (ogs_sbi_build_f)build, sess, data); if (!xact) { ogs_error("af_sbi_discover_and_send() failed");
View file
open5gs_2.7.1.39.dc2e1.202406292026.tar.xz/tests/sctp/abts-main.c -> open5gs_2.7.1.48.555c2.202406302026.tar.xz/tests/sctp/abts-main.c
Changed
@@ -33,6 +33,9 @@ { ogs_sctp_final(); + ogs_app_config_final(); + ogs_app_context_final(); + ogs_pkbuf_default_destroy(); ogs_core_terminate(); }
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.