gnb,ue,rrc: enable using integrity on DRBs

2022-05-12 16:08:47 +01:00 · 2022-05-12 16:08:47 +01:00 · a148dff0cd
parent aa9f844630
commit a148dff0cd
6 changed files with 37 additions and 12 deletions
--- a/lib/src/pdcp/pdcp_entity_lte.cc
+++ b/lib/src/pdcp/pdcp_entity_lte.cc
@ -334,6 +334,8 @@ void pdcp_entity_lte::handle_srb_pdu(srsran::unique_byte_buffer_t pdu)
      logger.error(pdu->msg, pdu->N_bytes, "%s Dropping PDU", rb_name.c_str());
      rrc->notify_pdcp_integrity_error(lcid);
      return; // Discard
+    } else {
+      logger.debug(pdu->msg, pdu->N_bytes, "%s: Integrity verification successful", rb_name.c_str());
    }
  }

--- a/lib/src/pdcp/pdcp_entity_nr.cc
+++ b/lib/src/pdcp/pdcp_entity_nr.cc
@ -202,7 +202,11 @@ void pdcp_entity_nr::write_pdu(unique_byte_buffer_t pdu)
  if (is_drb() && (integrity_direction == DIRECTION_TX || integrity_direction == DIRECTION_TXRX)) {
    bool is_valid = integrity_verify(pdu->msg, pdu->N_bytes, rcvd_count, mac);
    if (!is_valid) {
+      logger.error(pdu->msg, pdu->N_bytes, "%s Dropping PDU", rb_name.c_str());
+      rrc->notify_pdcp_integrity_error(lcid);
      return; // Invalid packet, drop.
+    } else {
+      logger.debug(pdu->msg, pdu->N_bytes, "%s: Integrity verification successful", rb_name.c_str());
    }
  }

--- a/srsenb/rb.conf.example
+++ b/srsenb/rb.conf.example
@ -134,9 +134,11 @@ five_qi_config = (
  five_qi = 7;
  pdcp_nr_config = {
    drb = {
-      discard_timer = 50;
      pdcp_sn_size_ul = 18;
      pdcp_sn_size_dl = 18;
+      discard_timer = 50;
+      integrity_protection = false;
+      status_report = false;
    };
    t_reordering = 50;
  };
@ -156,9 +158,11 @@ five_qi_config = (
  five_qi = 9;
  pdcp_nr_config = {
    drb = {
-      discard_timer = 50;
      pdcp_sn_size_ul = 18;
      pdcp_sn_size_dl = 18;
+      discard_timer = 50;
+      integrity_protection = false;
+      status_report = false;
    };
    t_reordering = 50;
  };
--- a/srsenb/src/enb_cfg_parser.cc
+++ b/srsenb/src/enb_cfg_parser.cc
@ -743,15 +743,6 @@ int field_five_qi::parse(libconfig::Setting& root)
    asn1::rrc_nr::pdcp_cfg_s::drb_s_* drb_cfg = &pdcp_cfg->drb;
    pdcp_cfg->drb_present                     = true;

-    // Discard timer
-    field_asn1_enum_number<asn1::rrc_nr::pdcp_cfg_s::drb_s_::discard_timer_e_> discard_timer("discard_timer",
-                                                                                             &drb_cfg->discard_timer);
-    if (discard_timer.parse(drb) == -1) {
-      drb_cfg->discard_timer_present = false;
-    } else {
-      drb_cfg->discard_timer_present = true;
-    }
-
    // PDCP SN size UL
    field_asn1_enum_number<asn1::rrc_nr::pdcp_cfg_s::drb_s_::pdcp_sn_size_ul_e_> pdcp_sn_size_ul(
        "pdcp_sn_size_ul", &drb_cfg->pdcp_sn_size_ul);
@ -770,6 +761,15 @@ int field_five_qi::parse(libconfig::Setting& root)
      drb_cfg->pdcp_sn_size_dl_present = true;
    }

+    // Discard timer
+    field_asn1_enum_number<asn1::rrc_nr::pdcp_cfg_s::drb_s_::discard_timer_e_> discard_timer("discard_timer",
+                                                                                             &drb_cfg->discard_timer);
+    if (discard_timer.parse(drb) == -1) {
+      drb_cfg->discard_timer_present = false;
+    } else {
+      drb_cfg->discard_timer_present = true;
+    }
+
    parser::field<bool> status_report_required("status_report_required", &drb_cfg->status_report_required_present);
    status_report_required.parse(drb);

--- a/srsgnb/src/stack/rrc/rrc_nr_ue.cc
+++ b/srsgnb/src/stack/rrc/rrc_nr_ue.cc
@ -1392,7 +1392,7 @@ int rrc_nr::ue::update_pdcp_bearers(const asn1::rrc_nr::radio_bearer_cfg_s& radi
    parent->pdcp->add_bearer(rnti, rlc_bearer->lc_ch_id, pdcp_cnfg);

    if (sec_ctx.is_as_sec_cfg_valid()) {
-      update_as_security(rlc_bearer->lc_ch_id, false, false);
+      update_as_security(rlc_bearer->lc_ch_id, drb.pdcp_cfg.drb.integrity_protection_present, true);
    }
  }

--- a/srsue/src/stack/rrc_nr/rrc_nr.cc
+++ b/srsue/src/stack/rrc_nr/rrc_nr.cc
@ -1995,6 +1995,7 @@ bool rrc_nr::apply_drb_release(const uint8_t drb)

 bool rrc_nr::apply_srb_add_mod(const srb_to_add_mod_s& srb_cfg)
 {
+  logger.debug("Applying SRB Add/Mod to SRB%d", srb_cfg.srb_id);
  if (srb_cfg.pdcp_cfg_present) {
    logger.error("Cannot add SRB - only default configuration supported.");
    return false;
@ -2008,6 +2009,7 @@ bool rrc_nr::apply_srb_add_mod(const srb_to_add_mod_s& srb_cfg)

 bool rrc_nr::apply_drb_add_mod(const drb_to_add_mod_s& drb_cfg)
 {
+  logger.debug("Applying DRB Add/Mod to DRB%d", drb_cfg.drb_id);
  if (!drb_cfg.pdcp_cfg_present) {
    logger.error("Cannot add DRB - incomplete configuration");
    return false;
@ -2071,14 +2073,25 @@ bool rrc_nr::apply_drb_add_mod(const drb_to_add_mod_s& drb_cfg)
                   drb_cfg.pdcp_cfg.drb.pdcp_sn_size_dl.to_number());
  }

+  if (not security_is_activated) {
+    logger.error("Trying to setup DRB%d, but security is not activated", drb_cfg.drb_id);
+    return false;
+  }
  srsran::pdcp_config_t pdcp_cfg = make_drb_pdcp_config_t(drb_cfg.drb_id, true, drb_cfg.pdcp_cfg);
  pdcp->add_bearer(lcid, pdcp_cfg);

+  // Use already configured sec config, if no other sec config present in the RadioBearerConfig
+  pdcp->config_security(lcid, sec_cfg);
+  pdcp->enable_encryption(lcid, DIRECTION_TXRX);
+  if (drb_cfg.pdcp_cfg.drb.integrity_protection_present) {
+    pdcp->enable_integrity(lcid, DIRECTION_TXRX);
+  }
  return true;
 }

 bool rrc_nr::apply_security_cfg(const security_cfg_s& security_cfg)
 {
+  logger.debug("Applying Security config");
  if (security_cfg.key_to_use_present) {
    if (security_cfg.key_to_use.value != security_cfg_s::key_to_use_opts::options::secondary) {
      logger.warning("Only secondary key supported yet");
@ -2149,6 +2162,8 @@ bool rrc_nr::apply_radio_bearer_cfg(const radio_bearer_cfg_s& radio_bearer_cfg)
    if (apply_security_cfg(radio_bearer_cfg.security_cfg) == false) {
      return false;
    }
+  } else {
+    logger.debug("No Security Config Present");
  }
  return true;
 }