ISDN: Jan's patch for 2.0.21 please

Herbert Rosmanith (herp@wildsau.idv.uni-linz.ac.at)
Thu, 19 Sep 1996 04:26:08 +0200 (MET DST)


(attn: patch included below)

hi,

I think I've found the cause for the ascotel PBX crashing linux. It is not,
as I wrote before, an huge "FACILITY" frame, but a frame of unknown
protocol (0x44, while EDSS1=0x08 and DIS_N0=0x40, DIS_N1=0x41).

below you see the FACILITY frame, which is followed by the chernobyl-frame.
I have no idea why I didn't always get this frame displayed, maybe because
the machine crashed immediatly upon receipt, I have no idea.

Jan den Ouden already made a patch for this, which just disregards frames
of unknown types. Yes, I *have* tried his patch.... either I screwed up
somewhere quite badly (e.g. loading wrong modules?) or there was another
source for the crash. Again I don't know :-( I just tried 2.0.18 with
simply hexdumping the unknown frame instead of trying to interpret it,
and now the machine does not crash anymore. And, just right now, I tried
2.0.20 and it didn't crash either. *shrug* Confusing ...

Anyway, if that really is not the reason for the crash, I still think Jan's
patch still should be included into the standard isdn driver. It is not a good
idea to interpret frames which are not of type 1TR6 by default as type EDSS1.

/herp

Q.931 frame network->user with tei 76 (not for us)
hex: 08 01 83 62 9f 54 03 91 e4 80 9f 54 03 91 e5 80 9f 54 03 91 eb 80 9f 54 03 91 02 00 9f 54 03 91 03 00 9f 54 03 81 24 00 9f 54 04 81 fe 88 00 9f 54 03 91 01 08 9f 54 03 81 30 00 9f 54 03 81 30 80 9f 54 03 81 5f 9f 54 03 81 30 40 9f 54 03 91 e3 ff 9f 08 81 30 2c 30 30 41 54 03 54 53 9f 1b 08 91 30 2c 30 30 41 54 53 9f 54 04 81 fe 81 80
call reference 131 size 112 message type FACILITY
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 4
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
attribute 54 attribute size 3
Shift f
attribute 54 attribute size 3
Shift f
Cause
coding 01 location 0000
cause value 1b : Destination out of order
diag attribute 8 rej 17

Q.931 frame network->user broadcast
hex: 44 00 80 70 02 c0 31 68 f6 05 32 30 ff ff ff 32 31 ff ff ff 32 32 ff ff ff 32 33 ff ff ff 32 34 ff ff ff 32 35 ff ff ff 32 36 ff ff ff 32 37 ff ff ff ff ff ff ff ff ff ff ff ff ff 33 30 ff ff ff 33 31 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
Unknown message type 70!
attribute 2 attribute size 192
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff
Reserved ff

*crash*

now, with Jan's patch below, you'd get:

root@ferkel # cat /dev/isdnctrl
debugging flags set to ff
Q.931 frame network->user broadcast
hex: 44 00 80 70 02 c0 31 68 f6 05 32 30 ff ff ff 32 31 ff ff ff 32 32 ff ff ff
32 33 ff ff ff 32 34 ff ff ff 32 35 ff ff ff 32 36 ff ff ff 32 37 ff ff ff 32 38 ff ff ff 32 39 ff ff ff 33 30 ff ff ff 33 31 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30 ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
Unnown frame type 44, ignored

Q.931 frame network->user broadcast
hex: 45 00 02 b0
Unnown frame type 45, ignored

Q.931 frame network->user broadcast
hex: 45 00 03 c0 6c 03 80 32 30 c0 6c 03 80 32 31 c0 6c 03 80 32 32 c0 6c 03 80
32 33 c0 6c 03 80 32 34
Unnown frame type 45, ignored

unfortunately, I have lost Jan's patch, but I vaguely remember what he did.
I hope I remember right :-)
patch goes here. please include into 2.0.21 !

------------------------------ cut here ---------------------------------

diff -urN linux-2.0.20.orig/drivers/isdn/teles/card.c linux/drivers/isdn/teles/card.c
--- linux-2.0.20.orig/drivers/isdn/teles/card.c Sat Aug 31 18:01:49 1996
+++ linux/drivers/isdn/teles/card.c Thu Sep 19 04:00:46 1996
@@ -59,6 +59,7 @@

#define __NO_VERSION__
#include "teles.h"
+#include "proto.h"

#define INCLUDE_INLINE_FUNCS
#include <linux/tqueue.h>
@@ -936,6 +937,12 @@
if (broadc && sp->dlogflag && (!(ptr[0] >> 2)))
dlogframe(sp, ptr + 3, ibh->datasize - 3,
"Q.931 frame network->user broadcast");
+
+ /* throw away unknwon frame types */
+ if (!(ptr[3]==PROTO_EURO || ((ptr[3]&0xfe)==PROTO_DIS_N0))) {
+ BufPoolRelease(ibh);
+ continue;
+ }

if (broadc) {
while (stptr != NULL) {
diff -urN linux-2.0.20.orig/drivers/isdn/teles/l3_1TR6.c linux/drivers/isdn/teles/l3_1TR6.c
--- linux-2.0.20.orig/drivers/isdn/teles/l3_1TR6.c Fri Jun 7 15:02:42 1996
+++ linux/drivers/isdn/teles/l3_1TR6.c Thu Sep 19 04:01:30 1996
@@ -19,6 +19,8 @@
*
*/

+#include "proto.h"
+
static void
l3_1TR6_message(struct PStack *st, int mt, int pd)
{
diff -urN linux-2.0.20.orig/drivers/isdn/teles/l3_1TR6.h linux/drivers/isdn/teles/l3_1TR6.h
--- linux-2.0.20.orig/drivers/isdn/teles/l3_1TR6.h Sun May 19 14:29:31 1996
+++ linux/drivers/isdn/teles/l3_1TR6.h Thu Sep 19 03:49:39 1996
@@ -12,9 +12,6 @@
#ifndef l3_1TR6
#define l3_1TR6

-#define PROTO_DIS_N0 0x40
-#define PROTO_DIS_N1 0x41
-
/*
* MsgType N0
*/
diff -urN linux-2.0.20.orig/drivers/isdn/teles/proto.h linux/drivers/isdn/teles/proto.h
--- linux-2.0.20.orig/drivers/isdn/teles/proto.h Thu Jan 1 01:00:00 1970
+++ linux/drivers/isdn/teles/proto.h Thu Sep 19 03:49:06 1996
@@ -0,0 +1,13 @@
+/*
+ * not much now - just the l3 proto discriminator
+ *
+ */
+
+#ifndef PROTO_H
+#define PROTO_H
+
+#define PROTO_EURO 0x08
+#define PROTO_DIS_N0 0x40
+#define PROTO_DIS_N1 0x41
+
+#endif
diff -urN linux-2.0.20.orig/drivers/isdn/teles/q931.c linux/drivers/isdn/teles/q931.c
--- linux-2.0.20.orig/drivers/isdn/teles/q931.c Fri Jun 7 15:02:42 1996
+++ linux/drivers/isdn/teles/q931.c Thu Sep 19 03:50:57 1996
@@ -35,6 +35,7 @@

#define __NO_VERSION__
#include "teles.h"
+#include "proto.h"
#include "l3_1TR6.h"

byte *
@@ -1083,7 +1084,7 @@
}
buf += buf[1] + 2;
}
- } else { /* EURO */
+ } else if (buf[0]==PROTO_EURO) { /* EURO */
/* locate message type */
for (i = 0; i < MTSIZE; i++)
if (mtlist[i].nr == buf[3])
@@ -1144,6 +1145,8 @@
buf += buf[1] + 2;
}
}
+ else dp += sprintf(dp,"Unnown frame type %.2x, ignored\n",buf[0]);
+
dp += sprintf(dp, "\n");
teles_putstatus(sp->dlogspace);
}