深海游弋的鱼 – 默默的点滴

SecureAngle: Improving Wireless Security Using Angle-of-Arrival Information

SecureAngle: Improving Wireless Security Using
Angle-of-Arrival Information

继续阅读SecureAngle: Improving Wireless Security Using Angle-of-Arrival Information

srsLTE使用LimeSDR代码分析PHY层流程

数据接收流向

RF处理线程

lib/src/phy/rf/rf_soapy_imp.c
int rf_soapy_recv_with_time(void *h,
void *data,
uint32_t nsamples,
bool blocking,
time_t *secs,
double *frac_secs)

lib/src/phy/rf/rf_dev.h
int (*srslte_rf_recv_with_time)(void *h, void *data, uint32_t nsamples,
bool blocking, time_t *secs,double *frac_secs)

lib/src/radio/radio_multi.cc

bool rx_now(cf_t *buffer[SRSLTE_MAX_PORTS], uint32_t nof_samples, srslte_timestamp_t* rxd_time)

srsenb/src/phy/txrx.cc
void run_thread() 接收完成后，触发信号，通知后续线程,也就是后面的发送接收线程。

eNB收发处理线程

srsenb/src/phy/phch_worker.cc
void work_imp();

srsenb/src/phy/phch_worker.cc
void srslte_enb_ul_fft(srslte_enb_ul_t *q)

填充关键的srslte_enb_ul_t->sf_symbols，这个指针在 int srslte_ofdm_rx_init(srslte_ofdm_t *q, srslte_cp_t cp_type, cf_t *in_buffer,cf_t *out_buffer,uint32_t max_prb)函数中被赋值，被共享，因此后面会不好理解何时srslte_enb_ul_t->sf_symbols被赋值

另外就是关注 int srslte_enb_ul_init(srslte_enb_ul_t *q,cf_t *in_buffer,uint32_t max_prb)中对于signal_buffer_rx的共享方式，也能解释后面的不需要拷贝内存的操作，主要就是指针被共享了。

srsenb/src/phy/phch_worker.cc
int decode_pucch()

lib/src/phy/enb/enb_ul.c
int srslte_enb_ul_get_pucch(srslte_enb_ul_t *q, uint16_t rnti,
uint32_t pdcch_n_cce, uint32_t sf_rx,
srslte_uci_data_t *uci_data)

lib/src/phy/enb/enb_ul.c
int get_pucch(srslte_enb_ul_t *q, uint16_t rnti,
uint32_t pdcch_n_cce, uint32_t sf_rx,
srslte_uci_data_t *uci_data, uint8_t bits[SRSLTE_PUCCH_MAX_BITS], uint32_t nof_bits)

lib/src/phy/phch/pusch.c
int srslte_pusch_decode(srslte_pusch_t *q,
srslte_pusch_cfg_t *cfg, srslte_softbuffer_rx_t *softbuffer,
cf_t *sf_symbols,
cf_t *ce, float noise_estimate, uint16_t rnti,
uint8_t *data, srslte_cqi_value_t *cqi_value, srslte_uci_data_t *uci_data)

解码函数在pucch.c,pusch.c中都存在
pucch主要是在上行上传送控制信息，cqi，ri，pmi和harq的应答
pusch除了传送控制信息外还要传送上行数据
两者在频域上所处的位置不同，pucch处于频带的两端，pusch处于中间，占据绝大部分资源
因此我们这里主要关注pusch

解码函数在pucch.c,pusch.c中都存在

pucch主要是在上行上传送控制信息，cqi，ri，pmi和harq的应答

pusch除了传送控制信息外还要传送上行数据

两者在频域上所处的位置不同，pucch处于频带的两端，pusch处于中间，占据绝大部分资源

因此我们这里主要关注pusch

lib/src/phy/modem/demod_soft.c
int srslte_demod_soft_demodulate_s(srslte_mod_t modulation, const cf_t* symbols, short* llr, int nsymbols)(QPSK解码）

On the Improvement of Positioning in LTE with Collaboration and Pressure Sensors

On the Improvement of Positioning in LTE with Collaboration and

Pressure Sensors

继续阅读On the Improvement of Positioning in LTE with Collaboration and Pressure Sensors

TIMING-BASED LOCATION ESTIMATION FOR OFDM SIGNALS WITH APPLICATIONS IN LTE, WLAN AND WIMAX

TIMING-BASED LOCATION ESTIMATION FOR OFDM SIGNALS WITH APPLICATIONS IN LTE, WLAN AND WIMAX
继续阅读TIMING-BASED LOCATION ESTIMATION FOR OFDM SIGNALS WITH APPLICATIONS IN LTE, WLAN AND WIMAX

窄带信号&模拟信号的带宽

窄带信号

A-窄带定义

关于窄带信号的定义不唯一，先从实际情况入手分析分析，例如一般谱估计需要2*π*d*sin(θ)/λ，当窄带信号入射进来（窄带也有一定带宽）：

继续阅读窄带信号&模拟信号的带宽

DOA estimation based on MUSIC algorithm

继续阅读DOA estimation based on MUSIC algorithm

ubuntu 16.04系统LimeSDR V1.4使用最新版本的OpenAirInterface5g代码搭建LTE实验环境

注意，最新开发版本的代码不稳定，存在问题，以下的仅仅是记录自己的操作过程，代码并不能正常工作。正常使用的话，请不要使用如下的版本操作。

参考ubuntu 16.04系统LimeSDR V1.4使用OpenAirInterface搭建LTE实验环境，并参考解决ubuntu 16.04系统上2017.06版本之后的LimeSDR V1.4驱动不能正常运行OpenAirInterface搭建的LTE实验环境的问题使用最新的LimeSDR驱动能正常进行LTE实验之后，我们开始尝试把OpenAirInterface的代码更新到最新版本（2018_w15),新版本的代码结构更加清晰，但是不可用。

$ cd ~

$ cd openairinterface5g

$ rm -rf *

$ git checkout develop

$ git pull

#对于国内的用户来说，国外的几个代码地址需要修改一下，否则会出现无法下载或者下载非常慢的情况
$ sed -i "s/git clone https:\/\/gist.github.com\/2190472.git \/opt\/ssh/wget https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/03\/ssh.tar.gz \&\& sudo tar -zxvf ssh.tar.gz -C \/opt/g" cmake_targets/tools/build_helper
 
$ sed -i "s/git clone https:\/\/gitlab.eurecom.fr\/oai\/asn1c.git \/tmp\/asn1c/wget https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/03\/asn1c.tar.gz \&\& tar -zxvf asn1c.tar.gz -C \/tmp/g" cmake_targets/tools/build_helper
 
$ sed -i "s/https:\/\/pypi.python.org\/packages\/18\/fa\/dd13d4910aea339c0bb87d2b3838d8fd923c11869b1f6e741dbd0ff3bc00\/netifaces-0.10.4.tar.gz/https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/03\/netifaces-0.10.4.tar.gz/g" cmake_targets/tools/build_helper
 
$ sed -i "s/https:\/\/github.com\/google\/protobuf\/releases\/download\/v3.3.0\/protobuf-cpp-3.3.0.tar.gz/https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/04\/protobuf-cpp-3.3.0.tar.gz/g" cmake_targets/tools/build_helper
 
$ sed -i "s/git clone https:\/\/github.com\/protobuf-c\/protobuf-c.git/wget https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/03\/protobuf-c.tar.gz \&\& tar -zxvf protobuf-c.tar.gz/g" cmake_targets/tools/build_helper
 
#修正兼容问题，更高版本的protobuf-c跟我们上面安装的版本不匹配，会导致编译错误
$ sed -i "s/cd protobuf-c/cd protobuf-c \&\& git checkout 2a46af42784abf86804d536f6e0122d47cfeea45/g" cmake_targets/tools/build_helper

# 如果使用最新版本的limesdr驱动已经修正了数据读取的BUG,不需要丢弃第一次的报文，我们需要
# 阻止第一个报文的丢弃，否则数据读取是错误的
$ sed -r -i "s/first_rx[ \t]*=[ \t]*1;/first_rx = 0;/g" targets/ARCH/LMSSDR/USERSPACE/LIB/lms_lib.cpp

#执行编译
$ source oaienv  
 
$ ./cmake_targets/build_oai -I       # install SW packages from internet
 
# ./cmake_targets/build_oai  -w USRP --eNB -t ETHERNET# compile eNB
# 注意如果后续重新编译过limesdr的驱动，这部分也需要重新编译
 
$ ./cmake_targets/build_oai -c -w LMSSDR --eNB -x

$ cd ~

$ cd openairinterface5g

$ rm -rf *

$ git checkout develop

$ git pull

#对于国内的用户来说，国外的几个代码地址需要修改一下，否则会出现无法下载或者下载非常慢的情况

$ sed -i "s/git clone https:\/\/gist.github.com\/2190472.git \/opt\/ssh/wget https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/03\/ssh.tar.gz \&\& sudo tar -zxvf ssh.tar.gz -C \/opt/g" cmake_targets/tools/build_helper

$ sed -i "s/git clone https:\/\/gitlab.eurecom.fr\/oai\/asn1c.git \/tmp\/asn1c/wget https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/03\/asn1c.tar.gz \&\& tar -zxvf asn1c.tar.gz -C \/tmp/g" cmake_targets/tools/build_helper

$ sed -i "s/https:\/\/pypi.python.org\/packages\/18\/fa\/dd13d4910aea339c0bb87d2b3838d8fd923c11869b1f6e741dbd0ff3bc00\/netifaces-0.10.4.tar.gz/https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/03\/netifaces-0.10.4.tar.gz/g" cmake_targets/tools/build_helper

$ sed -i "s/https:\/\/github.com\/google\/protobuf\/releases\/download\/v3.3.0\/protobuf-cpp-3.3.0.tar.gz/https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/04\/protobuf-cpp-3.3.0.tar.gz/g" cmake_targets/tools/build_helper

$ sed -i "s/git clone https:\/\/github.com\/protobuf-c\/protobuf-c.git/wget https:\/\/www.mobibrw.com\/wp-content\/uploads\/2018\/03\/protobuf-c.tar.gz \&\& tar -zxvf protobuf-c.tar.gz/g" cmake_targets/tools/build_helper

#修正兼容问题，更高版本的protobuf-c跟我们上面安装的版本不匹配，会导致编译错误

$ sed -i "s/cd protobuf-c/cd protobuf-c \&\& git checkout 2a46af42784abf86804d536f6e0122d47cfeea45/g" cmake_targets/tools/build_helper

# 如果使用最新版本的limesdr驱动已经修正了数据读取的BUG,不需要丢弃第一次的报文，我们需要

# 阻止第一个报文的丢弃，否则数据读取是错误的

$ sed -r -i "s/first_rx[ \t]*=[ \t]*1;/first_rx = 0;/g" targets/ARCH/LMSSDR/USERSPACE/LIB/lms_lib.cpp

#执行编译

$ source oaienv

$ ./cmake_targets/build_oai -I # install SW packages from internet

# ./cmake_targets/build_oai -w USRP --eNB -t ETHERNET# compile eNB

# 注意如果后续重新编译过limesdr的驱动，这部分也需要重新编译

$ ./cmake_targets/build_oai -c -w LMSSDR --eNB -x

接下来就是创建LimeSDR的启动配置文件（从enb.band7.tm1.50PRB.usrpb210.conf修改而来）：

$ vim targets/PROJECTS/GENERIC-LTE-EPC/CONF/enb.band7.tm1.25PRB.lmssdr.conf

1	$ vim targets/PROJECTS/GENERIC-LTE-EPC/CONF/enb.band7.tm1.25PRB.lmssdr.conf

里面的内容如下：

Active_eNBs = ( "eNB-Eurecom-LTEBox");
# Asn1_verbosity, choice in: none, info, annoying
Asn1_verbosity = "none";

eNBs =
(
 {
    ////////// Identification parameters:
    eNB_ID    =  0xe00;

    cell_type =  "CELL_MACRO_ENB";

    eNB_name  =  "eNB-Eurecom-LTEBox";

    // Tracking area code, 0x0000 and 0xfffe are reserved values
    tracking_area_code  =  "1";

    mobile_country_code =  "208";

    mobile_network_code =  "92";

    tr_s_preference     = "local_mac"

    ////////// Physical parameters:

    component_carriers = (
      {
      node_function             = "3GPP_eNODEB";
      node_timing               = "synch_to_ext_device";
      node_synch_ref            = 0;
      frame_type					      = "FDD";
      tdd_config 					      = 3;
      tdd_config_s            			      = 0;
      prefix_type             			      = "NORMAL";
      eutra_band              			      = 7;
      downlink_frequency      			      = 2685000000L;
      uplink_frequency_offset 			      = -120000000;
      Nid_cell					      = 0;
      N_RB_DL                 			      = 25;
      Nid_cell_mbsfn          			      = 0;
      nb_antenna_ports                                = 1;
      nb_antennas_tx          			      = 1;
      nb_antennas_rx          			      = 1;
      tx_gain                                            = 90;
      rx_gain                                            = 125;
      pbch_repetition                                 = "FALSE";
      prach_root              			      = 0;
      prach_config_index      			      = 0;
      prach_high_speed        			      = "DISABLE";
      prach_zero_correlation  			      = 1;
      prach_freq_offset       			      = 2;
      pucch_delta_shift       			      = 1;
      pucch_nRB_CQI           			      = 0;
      pucch_nCS_AN            			      = 0;
      pucch_n1_AN             			      = 32;
      pdsch_referenceSignalPower 			      = -27;
      pdsch_p_b                  			      = 0;
      pusch_n_SB                 			      = 1;
      pusch_enable64QAM          			      = "DISABLE";
      pusch_hoppingMode                                  = "interSubFrame";
      pusch_hoppingOffset                                = 0;
      pusch_groupHoppingEnabled  			      = "ENABLE";
      pusch_groupAssignment      			      = 0;
      pusch_sequenceHoppingEnabled		   	      = "DISABLE";
      pusch_nDMRS1                                       = 1;
      phich_duration                                     = "NORMAL";
      phich_resource                                     = "ONESIXTH";
      srs_enable                                         = "DISABLE";
      /*  srs_BandwidthConfig                                =;
      srs_SubframeConfig                                 =;
      srs_ackNackST                                      =;
      srs_MaxUpPts                                       =;*/

      pusch_p0_Nominal                                   = -96;
      pusch_alpha                                        = "AL1";
      pucch_p0_Nominal                                   = -104;
      msg3_delta_Preamble                                = 6;
      pucch_deltaF_Format1                               = "deltaF2";
      pucch_deltaF_Format1b                              = "deltaF3";
      pucch_deltaF_Format2                               = "deltaF0";
      pucch_deltaF_Format2a                              = "deltaF0";
      pucch_deltaF_Format2b		    	      = "deltaF0";

      rach_numberOfRA_Preambles                          = 64;
      rach_preamblesGroupAConfig                         = "DISABLE";
      /*
      rach_sizeOfRA_PreamblesGroupA                      = ;
      rach_messageSizeGroupA                             = ;
      rach_messagePowerOffsetGroupB                      = ;
      */
      rach_powerRampingStep                              = 4;
      rach_preambleInitialReceivedTargetPower            = -108;
      rach_preambleTransMax                              = 10;
      rach_raResponseWindowSize                          = 10;
      rach_macContentionResolutionTimer                  = 48;
      rach_maxHARQ_Msg3Tx                                = 4;

      pcch_default_PagingCycle                           = 128;
      pcch_nB                                            = "oneT";
      bcch_modificationPeriodCoeff			      = 2;
      ue_TimersAndConstants_t300			      = 1000;
      ue_TimersAndConstants_t301			      = 1000;
      ue_TimersAndConstants_t310			      = 1000;
      ue_TimersAndConstants_t311			      = 10000;
      ue_TimersAndConstants_n310			      = 20;
      ue_TimersAndConstants_n311			      = 1;
      ue_TransmissionMode                                    = 1;
      }
    );


    srb1_parameters :
    {
        # timer_poll_retransmit = (ms) [5, 10, 15, 20,... 250, 300, 350, ... 500]
        timer_poll_retransmit    = 80;

        # timer_reordering = (ms) [0,5, ... 100, 110, 120, ... ,200]
        timer_reordering         = 35;

        # timer_reordering = (ms) [0,5, ... 250, 300, 350, ... ,500]
        timer_status_prohibit    = 0;

        # poll_pdu = [4, 8, 16, 32 , 64, 128, 256, infinity(>10000)]
        poll_pdu                 =  4;

        # poll_byte = (kB) [25,50,75,100,125,250,375,500,750,1000,1250,1500,2000,3000,infinity(>10000)]
        poll_byte                =  99999;

        # max_retx_threshold = [1, 2, 3, 4 , 6, 8, 16, 32]
        max_retx_threshold       =  4;
    }

    # ------- SCTP definitions
    SCTP :
    {
        # Number of streams to use in input/output
        SCTP_INSTREAMS  = 2;
        SCTP_OUTSTREAMS = 2;
    };


    ////////// MME parameters:
    mme_ip_address      = ( { ipv4       = "127.0.0.20";
                              ipv6       = "192:168:30::17";
                              active     = "yes";
                              preference = "ipv4";
                            }
                          );

    NETWORK_INTERFACES :
    {

        ENB_INTERFACE_NAME_FOR_S1_MME            = "lo";
        ENB_IPV4_ADDRESS_FOR_S1_MME              = "127.0.0.10/8";
        ENB_INTERFACE_NAME_FOR_S1U               = "lo";
        ENB_IPV4_ADDRESS_FOR_S1U                 = "127.0.0.10/8";
        ENB_PORT_FOR_S1U                         = 2152; # Spec 2152
    };
  }
);

MACRLCs = (
	{
	num_cc = 1;
	tr_s_preference = "local_L1";
	tr_n_preference = "local_RRC";
	phy_test_mode = 1;
        }  
);

L1s = (
    	{
	num_cc = 1;
	tr_n_preference = "local_mac";
        }  
);

RUs = (
    {		  
       local_rf       = "yes"
         nb_tx          = 1
         nb_rx          = 1
         att_tx         = 0
         att_rx         = 0;
         bands          = [7];
         max_pdschReferenceSignalPower = -27;
         max_rxgain                    = 125;
         eNB_instances  = [0];

    }
);  

NETWORK_CONTROLLER :
{
    FLEXRAN_ENABLED        = "no";
    FLEXRAN_INTERFACE_NAME = "lo";
    FLEXRAN_IPV4_ADDRESS   = "127.0.0.1";
    FLEXRAN_PORT           = 2210;
    FLEXRAN_CACHE          = "/mnt/oai_agent_cache";
    FLEXRAN_AWAIT_RECONF   = "no";
};

     log_config :
     {
       global_log_level                      ="info";
       global_log_verbosity                  ="medium";
       hw_log_level                          ="info";
       hw_log_verbosity                      ="medium";
       phy_log_level                         ="info";
       phy_log_verbosity                     ="medium";
       mac_log_level                         ="info";
       mac_log_verbosity                     ="high";
       rlc_log_level                         ="info";
       rlc_log_verbosity                     ="medium";
       pdcp_log_level                        ="info";
       pdcp_log_verbosity                    ="medium";
       rrc_log_level                         ="info";
       rrc_log_verbosity                     ="medium";
    };

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

Active_eNBs = ( "eNB-Eurecom-LTEBox");

# Asn1_verbosity, choice in: none, info, annoying

Asn1_verbosity = "none";

eNBs =

(

{

////////// Identification parameters:

eNB_ID = 0xe00;

cell_type = "CELL_MACRO_ENB";

eNB_name = "eNB-Eurecom-LTEBox";

// Tracking area code, 0x0000 and 0xfffe are reserved values

tracking_area_code = "1";

mobile_country_code = "208";

mobile_network_code = "92";

tr_s_preference = "local_mac"

////////// Physical parameters:

component_carriers = (

{

node_function = "3GPP_eNODEB";

node_timing = "synch_to_ext_device";

node_synch_ref = 0;

frame_type = "FDD";

tdd_config = 3;

tdd_config_s = 0;

prefix_type = "NORMAL";

eutra_band = 7;

downlink_frequency = 2685000000L;

uplink_frequency_offset = -120000000;

Nid_cell = 0;

N_RB_DL = 25;

Nid_cell_mbsfn = 0;

nb_antenna_ports = 1;

nb_antennas_tx = 1;

nb_antennas_rx = 1;

tx_gain = 90;

rx_gain = 125;

pbch_repetition = "FALSE";

prach_root = 0;

prach_config_index = 0;

prach_high_speed = "DISABLE";

prach_zero_correlation = 1;

prach_freq_offset = 2;

pucch_delta_shift = 1;

pucch_nRB_CQI = 0;

pucch_nCS_AN = 0;

pucch_n1_AN = 32;

pdsch_referenceSignalPower = -27;

pdsch_p_b = 0;

pusch_n_SB = 1;

pusch_enable64QAM = "DISABLE";

pusch_hoppingMode = "interSubFrame";

pusch_hoppingOffset = 0;

pusch_groupHoppingEnabled = "ENABLE";

pusch_groupAssignment = 0;

pusch_sequenceHoppingEnabled = "DISABLE";

pusch_nDMRS1 = 1;

phich_duration = "NORMAL";

phich_resource = "ONESIXTH";

srs_enable = "DISABLE";

/* srs_BandwidthConfig =;

srs_SubframeConfig =;

srs_ackNackST =;

srs_MaxUpPts =;*/

pusch_p0_Nominal = -96;

pusch_alpha = "AL1";

pucch_p0_Nominal = -104;

msg3_delta_Preamble = 6;

pucch_deltaF_Format1 = "deltaF2";

pucch_deltaF_Format1b = "deltaF3";

pucch_deltaF_Format2 = "deltaF0";

pucch_deltaF_Format2a = "deltaF0";

pucch_deltaF_Format2b = "deltaF0";

rach_numberOfRA_Preambles = 64;

rach_preamblesGroupAConfig = "DISABLE";

rach_sizeOfRA_PreamblesGroupA = ;

rach_messageSizeGroupA = ;

rach_messagePowerOffsetGroupB = ;

rach_powerRampingStep = 4;

rach_preambleInitialReceivedTargetPower = -108;

rach_preambleTransMax = 10;

rach_raResponseWindowSize = 10;

rach_macContentionResolutionTimer = 48;

rach_maxHARQ_Msg3Tx = 4;

pcch_default_PagingCycle = 128;

pcch_nB = "oneT";

bcch_modificationPeriodCoeff = 2;

ue_TimersAndConstants_t300 = 1000;

ue_TimersAndConstants_t301 = 1000;

ue_TimersAndConstants_t310 = 1000;

ue_TimersAndConstants_t311 = 10000;

ue_TimersAndConstants_n310 = 20;

ue_TimersAndConstants_n311 = 1;

ue_TransmissionMode = 1;

}

);

srb1_parameters :

{

# timer_poll_retransmit = (ms) [5, 10, 15, 20,... 250, 300, 350, ... 500]

timer_poll_retransmit = 80;

# timer_reordering = (ms) [0,5, ... 100, 110, 120, ... ,200]

timer_reordering = 35;

# timer_reordering = (ms) [0,5, ... 250, 300, 350, ... ,500]

timer_status_prohibit = 0;

# poll_pdu = [4, 8, 16, 32 , 64, 128, 256, infinity(>10000)]

poll_pdu = 4;

# poll_byte = (kB) [25,50,75,100,125,250,375,500,750,1000,1250,1500,2000,3000,infinity(>10000)]

poll_byte = 99999;

# max_retx_threshold = [1, 2, 3, 4 , 6, 8, 16, 32]

max_retx_threshold = 4;

}

# ------- SCTP definitions

SCTP :

{

# Number of streams to use in input/output

SCTP_INSTREAMS = 2;

SCTP_OUTSTREAMS = 2;

};

////////// MME parameters:

mme_ip_address = ( { ipv4 = "127.0.0.20";

ipv6 = "192:168:30::17";

active = "yes";

preference = "ipv4";

}

);

NETWORK_INTERFACES :

{

ENB_INTERFACE_NAME_FOR_S1_MME = "lo";

ENB_IPV4_ADDRESS_FOR_S1_MME = "127.0.0.10/8";

ENB_INTERFACE_NAME_FOR_S1U = "lo";

ENB_IPV4_ADDRESS_FOR_S1U = "127.0.0.10/8";

ENB_PORT_FOR_S1U = 2152; # Spec 2152

};

}

);

MACRLCs = (

{

num_cc = 1;

tr_s_preference = "local_L1";

tr_n_preference = "local_RRC";

phy_test_mode = 1;

}

);

L1s = (

{

num_cc = 1;

tr_n_preference = "local_mac";

}

);

RUs = (

{

local_rf = "yes"

nb_tx = 1

nb_rx = 1

att_tx = 0

att_rx = 0;

bands = [7];

max_pdschReferenceSignalPower = -27;

max_rxgain = 125;

eNB_instances = [0];

}

);

NETWORK_CONTROLLER :

{

FLEXRAN_ENABLED = "no";

FLEXRAN_INTERFACE_NAME = "lo";

FLEXRAN_IPV4_ADDRESS = "127.0.0.1";

FLEXRAN_PORT = 2210;

FLEXRAN_CACHE = "/mnt/oai_agent_cache";

FLEXRAN_AWAIT_RECONF = "no";

};

log_config :

{

global_log_level ="info";

global_log_verbosity ="medium";

hw_log_level ="info";

hw_log_verbosity ="medium";

phy_log_level ="info";

phy_log_verbosity ="medium";

mac_log_level ="info";

mac_log_verbosity ="high";

rlc_log_level ="info";

rlc_log_verbosity ="medium";

pdcp_log_level ="info";

pdcp_log_verbosity ="medium";

rrc_log_level ="info";

rrc_log_verbosity ="medium";

};

另外，最新版本运行的时候如果增加-d参数，启动图形界面，程序会崩溃。目前这个版本可以运行，但是貌似会导致LimeSDR驱动数据发送异常，目前已知，这个版本的驱动没有正确的读取配置文件，导致给硬件的配置信息是错误的，暂时这个版本还不可用。

LTE物理层总结

继续阅读LTE物理层总结

OpenAirInterface使用LimeSDR代码分析PHY层流程

参考ubuntu 16.04系统LimeSDR V1.4使用OpenAirInterface搭建LTE实验环境建立完成的环境。

代码为当时的代码，不是最新的代码。

数据接收流向

RF处理线程

targets/ARCH/LMSSDR/USERSPACE/LIB/lms_lib.cpp
int trx_lms_read(openair0_device *device, openair0_timestamp *ptimestamp, void **buff, int nsamps, int antenna_id)-> targets/RT/USER/lte-enb.c
void rx_rf(PHY_VARS_eNB *eNB,int *frame,int *subframe) （eNB->rfdevice.trx_read_func）

targets/RT/USER/lte-enb.c
static void* eNB_thread_FH( void* param ) （eNB->rx_fh）

接收完成后，触发信号，通知后续线程,也就是后面的发送接收线程。

eNB收发处理线程

targets/RT/USER/lte-enb.c
static void* eNB_thread_rxtx( void* param )

targets/RT/USER/lte-enb.c
static inline int rxtx(PHY_VARS_eNB *eNB,eNB_rxtx_proc_t *proc, char *thread_name) (eNB->proc_uespec_rx(eNB, proc, no_relay ))

openair1/SCHED/phy_procedures_lte_eNb.c
void phy_procedures_eNB_uespec_RX(PHY_VARS_eNB *phy_vars_eNB,eNB_rxtx_proc_t *proc,relaying_type_t r_type)

openair1/SCHED/phy_procedures_lte_eNb.c
void pucch_procedures(PHY_VARS_eNB *eNB,eNB_rxtx_proc_t *proc,int UE_id,int harq_pid,uint8_t do_srs)

此处实际的解码，涉及到相位信息,这部分是PUCCH部分的数据，主要是通信控制数据，比如信噪比等，不包含实际的通信数据，比如TCP，UDP协议等等

openair1/PHY/LTE_TRANSPORT/pucch.c
uint32_t rx_pucch(PHY_VARS_eNB *phy_vars_eNB,
PUCCH_FMT_t fmt,
uint8_t UE_id,
uint16_t n1_pucch,
uint16_t n2_pucch,
uint8_t shortened_format,
uint8_t *payload,
int frame,
uint8_t subframe,
uint8_t pucch1_thres)

->
此处实际的解码，涉及到相位信息,实际的通信数据，比如TCP，UDP协议等等

openair1/PHY/LTE_TRANSPORT/ulsch_decoding.c
unsigned int ulsch_decoding(PHY_VARS_eNB *eNB,eNB_rxtx_proc_t *proc,
uint8_t UE_id,
uint8_t control_only_flag,
uint8_t Nbundled,
uint8_t llr8_flag) （ eNB->td）

此处解析数据段，TCP,IP相关部分了

openair1/PHY/LTE_TRANSPORT/ulsch_decoding.c
int ulsch_decoding_data(PHY_VARS_eNB *eNB,int UE_id,int harq_pid,int llr8_flag)

解码后的数据通过rx_sdu函数上报到MAC层。

IQ信号

当前的数字射频芯片，无一例外的用到了I/Q信号，就算是RFID芯片，内部也用到了I/Q信号，然而绝大部分射频人员，对于IQ的了解除了名字之外，基本上一无所知。I/Q信号一般是模拟的。也有数字的比如方波。基带内处理的一般是数字信号，在出口处都要进行D/A（数—>模）转换，每个基带的结构图里都有，可以仔细看。

网上有大量关于IQ信号的资料，但都是公式一大堆，什么四相图，八相图之类的，最后还是不明白，除了知道这两个名次解释：

I：in-phase 表示同相
Q：quadrature 表示正交，与I相位差90度。

继续阅读IQ信号

2025 年 3 月
一	二	三	四	五	六	日
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31