1 // SPDX-License-Identifier: Apache-2.0
2 // Copyright (C) 2018 IBM Corp.
3
4 #include "hiomap.hpp"
5
6 #include <endian.h>
7 #include <ipmid/api.h>
8 #include <signal.h>
9 #include <string.h>
10 #include <systemd/sd-bus.h>
11 #include <systemd/sd-event.h>
12
13 #include <ipmid-host/cmd-utils.hpp>
14 #include <ipmid-host/cmd.hpp>
15 #include <ipmid/api.hpp>
16 #include <phosphor-logging/log.hpp>
17 #include <sdbusplus/bus.hpp>
18 #include <sdbusplus/bus/match.hpp>
19 #include <sdbusplus/exception.hpp>
20
21 #include <cassert>
22 #include <cstring>
23 #include <fstream>
24 #include <functional>
25 #include <iostream>
26 #include <map>
27 #include <string>
28 #include <tuple>
29 #include <unordered_map>
30 #include <utility>
31
32 /*
33
34 Design and integration notes
35 ============================
36
37 The primary motivation of the Host I/O Mapping protocol (HIOMAP) is to mediate
38 host access to a BMC-controlled flash chip housing the host's boot firmware.
39
40 openpower-host-ipmi-flash facilitates the system design of transporting the
41 HIOMAP protocol[1] over IPMI. This is somewhat abusive of IPMI, basically
42 treating the BT interface as a mailbox with an interrupt each way between the
43 BMC and the host.
44
45 [1] https://github.com/openbmc/mboxbridge/blob/master/Documentation/protocol.md
46
47 Using IPMI in this way has a number of challenges, a lot of them on the host
48 side where we need to bring up the LPC and BT interfaces to enable IPMI before
49 accessing the flash, and before any interrupts are enabled. There are also
50 challenges on the BMC side with the design of the current implementation. We
51 will cover those here.
52
53 BMC-side System Design and Integration Issues
54 ---------------------------------------------
55
56 The current design is that we have the HIOMAP daemon, mboxd (to be renamed),
57 exposing a set of DBus interfaces. Whilst the spec defines the IPMI transport
58 message packing, mboxd knows nothing of IPMI itself, instead relying on the
59 DBus interface to receive messages from ipmid. ipmid in-turn knows nothing of
60 the interfaces communicating with it, also relying on DBus to receive messages
61 from interface-specific daemons, e.g. btbridged[2].
62
63 [2] https://github.com/openbmc/btbridge
64
65 For this design to function correctly we must ensure that the daemons are
66 started and shut down in a reasonable order, however defining that order is
67 somewhat tricky:
68
69 1. systemd uses Wants=/Before=/After= relationships in units to define both
70 start-up *and* shutdown order, in stack push / pop order respectively.
71 2. Clearly ipmid depends on btbridged to receive messages sent by signals and
72 replied to by method calls, so it needs a Wants=/After= relationship on
73 btbridged
74 3. mboxd depends on ipmid to receive messages sent by method call, and issues a
75 PropertiesChanged signal to notify of state changes.
76
77 Point 3. suggests mboxd should have a Wants=/Before= relationship with ipmid to
78 ensure ipmid can call into mboxd as messages arrive. However, this causes some
79 grief with shutdown of the BMC, as mboxd needs to issue a state-change
80 notification when it is shut down to inform the host that will not respond to
81 future requests and that the protocol state has been reset. If mboxd has a
82 Wants=/Before= relationship with ipmid this message will never propagate to the
83 host, as ipmid will be shut by systemd before mboxd.
84
85 The above leads to mboxd having a Wants=/After= relationship with ipmid. This
86 ensures that if mboxd is restarted on its own the correct state changes will be
87 propagated to the host. The case where ipmid attempts to call into mboxd's DBus
88 interface before mboxd is ready is mitigated by the ready bit in the protocol's
89 BMC status, which will not yet be set, preventing a conforming host from
90 attempting to contact mboxd.
91
92 While this ordering prevents mboxd from being terminated before ipmid, there is
93 no control over the *scheduling* of processes to ensure the PropertiesChanged
94 signal emitted by mboxd before mboxd is terminated is seen by ipmid before
95 *ipmid* is also terminated. This leads to our first implementation wart:
96
97 On the basis that mboxd has a Wants=/After= relationship with ipmid,
98 openpower-host-ipmi-flash will emit an HIOMAP BMC status event to the host
99 with the value BMC_EVENT_PROTOCOL_RESET upon receiving SIGTERM iff the BMC
100 state is not already set to BMC_EVENT_PROTOCOL_RESET.
101
102 If ipmid has received SIGTERM the assumption is that it is systemd that is
103 sending it, and that the Wants=/After= relationship requires that mboxd has
104 been terminated before ipmid receives SIGTERM. By ensuring
105 openpower-host-ipmi-flash emits the BMC event state we close the race where the
106 host is not informed of the termination of mboxd due to scheduling ipmid (to
107 deliver SIGTERM) prior to scheduling dbus-daemon, where the PropertiesChanged
108 event would be delivered from mboxd to ipmid.
109
110 Observations on the IPMI Specification and Design Details of ipmid
111 ------------------------------------------------------------------
112
113 In addition to the system-level design problems with delivering
114 PropertiesChanged signals during shutdown, IPMI specification and ipmid design
115 issues exist that make it tedious to ensure that events will be correctly
116 delivered to the host.
117
118 The first necessary observation is that the mechanism for delivering BMC state
119 change events from mboxd to the host over IPMI uses the SMS ATN bit to indicate
120 a message is ready for delivery from the BMC to the host system. Retrieving the
121 BMC state data involves the host recognising that the SMS ATN bit is set,
122 performing Get Message Flags transaction with the BMC followed by a subsequent
123 Get Message transaction. Thus, delivery of the HIOMAP protocol's BMC status is
124 not an atomic event.
125
126 The second necessary observation is that the kernel delivers signals
127 asynchronously. This couples badly with IPMI's event delivery not being atomic:
128 ipmid can win the race against SIGTERM to receive the PropertiesChanged event
129 from mboxd, but lose the race to complete delivery to the host.
130
131 On this basis, we need to block the delivery of SIGTERM to ipmid until ipmid
132 has completed the set of `SMS ATN`/`Get Message Flags`/`Get Message`
133 transactions with the host
134
135 One approach to this would be to configure a custom SIGTERM handler that sets
136 some global application state to indicate that SIGTERM has been delivered. A
137 better approach that avoids the need for global application state is to simply
138 block the signal until we are ready to handle it, which we can do via
139 sigprocmask(2).
140
141 The existing design of ipmid makes it feasible to block and unblock
142 asynchronous SIGTERM as we require. ipmid_send_cmd_to_host() takes a CallBack
143 function as an argument, which is invoked by
144 phosphor::host::command::Manager::getNextCommand(). The documentation for
145 phosphor::host::command::Manager::getNextCommand() says:
146
147 @brief Extracts the next entry in the queue and returns
148 Command and data part of it.
149
150 @detail Also calls into the registered handlers so that they can now
151 send the CommandComplete signal since the interface contract
152 is that we emit this signal once the message has been
153 passed to the host (which is required when calling this)
154
155 Also, if the queue has more commands, then it will alert the
156 host
157
158 However, its description is not entirely accurate. The callback function is
159 invoked when ipmid *dequeues* the data to send to the host: Delivery of the
160 data to the host occurs at some *after* the callback has been invoked.
161
162 Invoking the callback before completion of delivery of the data to the host
163 nullifies the approach of unblocking asynchronous SIGTERM in the callback
164 associated with sending the HIOMAP BMC state event to the host, as the BMC
165 kernel can asynchronously terminate the process between the callback being
166 invoked and the host receiving the BMC state event data.
167
168 Overcoming this issue hinges on a significant implementation detail of ipmid:
169
170 ipmid uses an sd_event loop in the main function to pump DBus events.
171
172 This leads to a third necessary observation:
173
174 sd_event can be used to process UNIX signals as well as other events by way
175 of Linux's signalfd(2) interface.
176
177 The fact that sd_event is used to pump DBus events means that ipmid can remain
178 a single-threaded process. By remaining single-threaded we know that events
179 processing is sequential and no two events can be processed simultaneously. A
180 corollary of this is that DBus events and UNIX signals are serialised with
181 respect to each other.
182
183 The fourth necessary observation is that we do not need to pump sd_event in
184 order to complete DBus method calls; sd_bus will handle the pumping independent
185 of the main loop in order to complete the method invocation.
186
187 Implementing Reliable HIOMAP BMC Status Event Delivery
188 ------------------------------------------------------
189
190 We achieve reliable delivery of HIOMAP BMC status events in the following way:
191
192 1. During plugin initialisation, mask SIGTERM using sigprocmask(2)
193 2. Subsequent to masking SIGTERM, register
194 openpower::flash::hiomap_protocol_reset() as the SIGTERM handler using
195 sd_event_add_signal() to hook a signalfd(2) into sd_event
196 3. openpower::flash::hiomap_protocol_reset() implements the logic to send the
197 BMC_EVENT_PROTOCOL_RESET state to the host if necessary, otherwise terminate
198 the sd_event loop.
199 4. If it is necessary to send BMC_EVENT_PROTOCOL_RESET to the host in 3, assign
200 a callback handler that terminates the sd_event loop, which is only
201 processed after the current iteration is complete.
202
203 This process and its use of signalfd integration in the sd_event loop
204 eliminates the following three races:
205
206 1. The scheduler race between mboxd, dbus-daemon and ipmid, by having
207 openpower-host-ipmi-flash conditionally deliver the protocol reset event if
208 no such message has been received from mboxd
209 2. The race between delivering the BMC status event to the host and ipmid
210 receiving asynchronous SIGTERM after receiving the PropertiesChanged event
211 from mboxd
212 3. The race to deliver the BMC status data to the host after unblocking
213 asynchronous SIGTERM in the host command callback and before receiving
214 asynchronous SIGTERM.
215
216 Ultimately, ipmid could benefit from a redesign that fires the callback *after*
217 delivering the associated data to the host, but brief inspection determined
218 that this involved a non-trivial amount of effort.
219
220 */
221
222 using namespace sdbusplus;
223 using namespace phosphor::host::command;
224
225 static void register_openpower_hiomap_commands() __attribute__((constructor));
226
227 namespace openpower
228 {
229 namespace flash
230 {
231 constexpr auto BMC_EVENT_DAEMON_READY = 1 << 7;
232 constexpr auto BMC_EVENT_FLASH_CTRL_LOST = 1 << 6;
233 constexpr auto BMC_EVENT_WINDOW_RESET = 1 << 1;
234 constexpr auto BMC_EVENT_PROTOCOL_RESET = 1 << 0;
235
236 constexpr auto IPMI_CMD_HIOMAP_EVENT = 0x0f;
237
238 constexpr auto HIOMAPD_SERVICE = "xyz.openbmc_project.Hiomapd";
239 constexpr auto HIOMAPD_OBJECT = "/xyz/openbmc_project/Hiomapd";
240 constexpr auto HIOMAPD_IFACE = "xyz.openbmc_project.Hiomapd.Protocol";
241 constexpr auto HIOMAPD_IFACE_V2 = "xyz.openbmc_project.Hiomapd.Protocol.V2";
242
243 constexpr auto DBUS_IFACE_PROPERTIES = "org.freedesktop.DBus.Properties";
244
245 /* XXX: ipmid is currently single-threaded, pumping dbus events in sequence
246 * via the main event loop. Thus the code is not forced to be re-entrant. We
247 * also know that the callback and DBus event handling will not be running
248 * concurrently.
249 *
250 * ipmid_send_cmd_to_host() takes a callback that doesn't define a context
251 * pointer, so instead use a global. active_event_updates gates manipulation of
252 * process state, so its definition as a global at least aligns with its use.
253 */
254 static int active_event_updates;
255
256 struct hiomap
257 {
258 bus_t* bus;
259
260 /* Signals */
261 bus::match_t* properties;
262
263 /* Protocol state */
264 std::map<std::string, int> event_lookup;
265 uint8_t bmc_events;
266 uint8_t seq;
267 };
268
269 SignalResponse sigtermResponse = SignalResponse::continueExecution;
270
271 /* TODO: Replace get/put with packed structs and direct assignment */
272 template <typename T>
get(void * buf)273 static inline T get(void* buf)
274 {
275 T t;
276 std::memcpy(&t, buf, sizeof(t));
277 return t;
278 }
279
280 template <typename T>
put(void * buf,T && t)281 static inline void put(void* buf, T&& t)
282 {
283 std::memcpy(buf, &t, sizeof(t));
284 }
285
286 using hiomap_command =
287 std::function<ipmi_ret_t(ipmi_request_t req, ipmi_response_t resp,
288 ipmi_data_len_t data_len, ipmi_context_t context)>;
289 struct errno_cc_entry
290 {
291 int err;
292 int cc;
293 };
294
295 static const errno_cc_entry errno_cc_map[] = {
296 {0, IPMI_CC_OK},
297 {EBUSY, IPMI_CC_BUSY},
298 {ENOTSUP, IPMI_CC_INVALID},
299 {ETIMEDOUT, 0xc3}, /* FIXME: Replace when defined in ipmid-api.h */
300 {ENOSPC, 0xc4}, /* FIXME: Replace when defined in ipmid-api.h */
301 {EINVAL, IPMI_CC_PARM_OUT_OF_RANGE},
302 {ENODEV, IPMI_CC_SENSOR_INVALID},
303 {EPERM, IPMI_CC_INSUFFICIENT_PRIVILEGE},
304 {EACCES, IPMI_CC_INSUFFICIENT_PRIVILEGE},
305 {-1, IPMI_CC_UNSPECIFIED_ERROR},
306 };
307
hiomap_xlate_errno(int err)308 static int hiomap_xlate_errno(int err)
309 {
310 const errno_cc_entry* entry = &errno_cc_map[0];
311
312 while (!(entry->err == err || entry->err == -1))
313 {
314 entry++;
315 }
316
317 return entry->cc;
318 }
319
ipmi_hiomap_event_response(IpmiCmdData cmd,bool status)320 static void ipmi_hiomap_event_response(IpmiCmdData cmd, bool status)
321 {
322 using namespace phosphor::logging;
323
324 if (!status)
325 {
326 log<level::ERR>("Failed to deliver host command",
327 entry("SEL_COMMAND=%x:%x", cmd.first, cmd.second));
328 }
329
330 assert(active_event_updates);
331 active_event_updates--;
332 if (!active_event_updates)
333 {
334 sigtermResponse = SignalResponse::continueExecution;
335 log<level::DEBUG>("Unblocked SIGTERM");
336 }
337 }
338
hiomap_handle_property_update(struct hiomap * ctx,sdbusplus::message_t & msg)339 static int hiomap_handle_property_update(struct hiomap* ctx,
340 sdbusplus::message_t& msg)
341 {
342 using namespace phosphor::logging;
343
344 std::map<std::string, std::variant<bool>> msgData;
345
346 sigtermResponse = SignalResponse::breakExecution;
347 if (!active_event_updates)
348 {
349 sigtermResponse = SignalResponse::breakExecution;
350 log<level::DEBUG>("Blocked SIGTERM");
351 }
352 active_event_updates++;
353
354 std::string iface;
355 msg.read(iface, msgData);
356
357 for (const auto& x : msgData)
358 {
359 if (!ctx->event_lookup.count(x.first))
360 {
361 /* Unsupported event? */
362 continue;
363 }
364
365 uint8_t mask = ctx->event_lookup[x.first];
366 auto value = std::get<bool>(x.second);
367
368 if (value)
369 {
370 ctx->bmc_events |= mask;
371 }
372 else
373 {
374 ctx->bmc_events &= ~mask;
375 }
376 }
377
378 auto cmd = std::make_pair(IPMI_CMD_HIOMAP_EVENT, ctx->bmc_events);
379
380 ipmid_send_cmd_to_host(std::make_tuple(cmd, ipmi_hiomap_event_response));
381
382 return 0;
383 }
384
hiomap_protocol_reset_response(IpmiCmdData cmd,bool status)385 static int hiomap_protocol_reset_response([[maybe_unused]] IpmiCmdData cmd,
386 [[maybe_unused]] bool status)
387 {
388 // If this is running in signal context, ipmid will shutdown
389 // the event queue as the last signal handler
390 sigtermResponse = SignalResponse::continueExecution;
391 return 0;
392 }
393
hiomap_protocol_reset(struct hiomap * ctx)394 static int hiomap_protocol_reset(struct hiomap* ctx)
395 {
396 if (ctx->bmc_events == BMC_EVENT_PROTOCOL_RESET)
397 {
398 // If this is running in signal context, ipmid will shutdown
399 // the event queue as the last signal handler
400 sigtermResponse = SignalResponse::continueExecution;
401 return 0;
402 }
403
404 /*
405 * Send an attention indicating the hiomapd has died
406 * (BMC_EVENT_DAEMON_READY cleared) and that the protocol has been reset
407 * (BMC_EVENT_PROTOCOL_RESET set) to indicate to the host that it needs to
408 * wait for the BMC to come back and renegotiate the protocol.
409 *
410 * We know this to be the case in systems that integrate
411 * openpower-host-ipmi-flash, as hiomapd's unit depends on
412 * phosphor-ipmi-host, and thus hiomapd has been terminated before ipmid
413 * receives SIGTERM.
414 */
415 auto cmd = std::make_pair(IPMI_CMD_HIOMAP_EVENT, BMC_EVENT_PROTOCOL_RESET);
416
417 auto cmdHandler = std::make_tuple(cmd, hiomap_protocol_reset_response);
418 ipmid_send_cmd_to_host(cmdHandler);
419
420 return 0;
421 }
422
hiomap_match_properties(struct hiomap * ctx)423 static bus::match_t hiomap_match_properties(struct hiomap* ctx)
424 {
425 auto properties =
426 bus::match::rules::propertiesChanged(HIOMAPD_OBJECT, HIOMAPD_IFACE_V2);
427
428 bus::match_t match(
429 *ctx->bus, properties,
430 std::bind(hiomap_handle_property_update, ctx, std::placeholders::_1));
431
432 return match;
433 }
434
hiomap_reset(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)435 static ipmi_ret_t hiomap_reset([[maybe_unused]] ipmi_request_t request,
436 [[maybe_unused]] ipmi_response_t response,
437 ipmi_data_len_t data_len, ipmi_context_t context)
438 {
439 struct hiomap* ctx = static_cast<struct hiomap*>(context);
440
441 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
442 HIOMAPD_IFACE, "Reset");
443 try
444 {
445 ctx->bus->call(m);
446
447 *data_len = 0;
448 }
449 catch (const exception_t& e)
450 {
451 return hiomap_xlate_errno(e.get_errno());
452 }
453
454 return IPMI_CC_OK;
455 }
456
457 static ipmi_ret_t
hiomap_get_info(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)458 hiomap_get_info(ipmi_request_t request, ipmi_response_t response,
459 ipmi_data_len_t data_len, ipmi_context_t context)
460 {
461 struct hiomap* ctx = static_cast<struct hiomap*>(context);
462
463 if (*data_len < 1)
464 {
465 return IPMI_CC_REQ_DATA_LEN_INVALID;
466 }
467
468 uint8_t* reqdata = (uint8_t*)request;
469 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
470 HIOMAPD_IFACE, "GetInfo");
471 m.append(reqdata[0]);
472
473 try
474 {
475 auto reply = ctx->bus->call(m);
476
477 uint8_t version;
478 uint8_t blockSizeShift;
479 uint16_t timeout;
480 reply.read(version, blockSizeShift, timeout);
481
482 uint8_t* respdata = (uint8_t*)response;
483
484 /* FIXME: Assumes v2! */
485 put(&respdata[0], version);
486 put(&respdata[1], blockSizeShift);
487 put(&respdata[2], htole16(timeout));
488
489 *data_len = 4;
490 }
491 catch (const exception_t& e)
492 {
493 return hiomap_xlate_errno(e.get_errno());
494 }
495
496 return IPMI_CC_OK;
497 }
498
hiomap_get_flash_info(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)499 static ipmi_ret_t hiomap_get_flash_info(
500 [[maybe_unused]] ipmi_request_t request, ipmi_response_t response,
501 ipmi_data_len_t data_len, ipmi_context_t context)
502 {
503 struct hiomap* ctx = static_cast<struct hiomap*>(context);
504
505 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
506 HIOMAPD_IFACE_V2, "GetFlashInfo");
507 try
508 {
509 auto reply = ctx->bus->call(m);
510
511 uint16_t flashSize, eraseSize;
512 reply.read(flashSize, eraseSize);
513
514 uint8_t* respdata = (uint8_t*)response;
515 put(&respdata[0], htole16(flashSize));
516 put(&respdata[2], htole16(eraseSize));
517
518 *data_len = 4;
519 }
520 catch (const exception_t& e)
521 {
522 return hiomap_xlate_errno(e.get_errno());
523 }
524
525 return IPMI_CC_OK;
526 }
527
528 static ipmi_ret_t
hiomap_create_window(struct hiomap * ctx,bool ro,ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len)529 hiomap_create_window(struct hiomap* ctx, bool ro, ipmi_request_t request,
530 ipmi_response_t response, ipmi_data_len_t data_len)
531 {
532 if (*data_len < 4)
533 {
534 return IPMI_CC_REQ_DATA_LEN_INVALID;
535 }
536
537 uint8_t* reqdata = (uint8_t*)request;
538 auto windowType = ro ? "CreateReadWindow" : "CreateWriteWindow";
539
540 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
541 HIOMAPD_IFACE_V2, windowType);
542 m.append(le16toh(get<uint16_t>(&reqdata[0])));
543 m.append(le16toh(get<uint16_t>(&reqdata[2])));
544
545 try
546 {
547 auto reply = ctx->bus->call(m);
548
549 uint16_t lpcAddress, size, offset;
550 reply.read(lpcAddress, size, offset);
551
552 uint8_t* respdata = (uint8_t*)response;
553
554 /* FIXME: Assumes v2! */
555 put(&respdata[0], htole16(lpcAddress));
556 put(&respdata[2], htole16(size));
557 put(&respdata[4], htole16(offset));
558
559 *data_len = 6;
560 }
561 catch (const exception_t& e)
562 {
563 return hiomap_xlate_errno(e.get_errno());
564 }
565
566 return IPMI_CC_OK;
567 }
568
569 static ipmi_ret_t
hiomap_create_read_window(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)570 hiomap_create_read_window(ipmi_request_t request, ipmi_response_t response,
571 ipmi_data_len_t data_len, ipmi_context_t context)
572 {
573 struct hiomap* ctx = static_cast<struct hiomap*>(context);
574
575 return hiomap_create_window(ctx, true, request, response, data_len);
576 }
577
578 static ipmi_ret_t
hiomap_create_write_window(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)579 hiomap_create_write_window(ipmi_request_t request, ipmi_response_t response,
580 ipmi_data_len_t data_len, ipmi_context_t context)
581 {
582 struct hiomap* ctx = static_cast<struct hiomap*>(context);
583
584 return hiomap_create_window(ctx, false, request, response, data_len);
585 }
586
hiomap_close_window(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)587 static ipmi_ret_t hiomap_close_window(
588 ipmi_request_t request, [[maybe_unused]] ipmi_response_t response,
589 ipmi_data_len_t data_len, ipmi_context_t context)
590 {
591 struct hiomap* ctx = static_cast<struct hiomap*>(context);
592
593 if (*data_len < 1)
594 {
595 return IPMI_CC_REQ_DATA_LEN_INVALID;
596 }
597
598 uint8_t* reqdata = (uint8_t*)request;
599 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
600 HIOMAPD_IFACE_V2, "CloseWindow");
601 m.append(reqdata[0]);
602
603 try
604 {
605 auto reply = ctx->bus->call(m);
606
607 *data_len = 0;
608 }
609 catch (const exception_t& e)
610 {
611 return hiomap_xlate_errno(e.get_errno());
612 }
613
614 return IPMI_CC_OK;
615 }
616
hiomap_mark_dirty(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)617 static ipmi_ret_t hiomap_mark_dirty(
618 ipmi_request_t request, [[maybe_unused]] ipmi_response_t response,
619 ipmi_data_len_t data_len, ipmi_context_t context)
620 {
621 struct hiomap* ctx = static_cast<struct hiomap*>(context);
622
623 if (*data_len < 4)
624 {
625 return IPMI_CC_REQ_DATA_LEN_INVALID;
626 }
627
628 uint8_t* reqdata = (uint8_t*)request;
629 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
630 HIOMAPD_IFACE_V2, "MarkDirty");
631 /* FIXME: Assumes v2 */
632 m.append(le16toh(get<uint16_t>(&reqdata[0]))); /* offset */
633 m.append(le16toh(get<uint16_t>(&reqdata[2]))); /* size */
634
635 try
636 {
637 auto reply = ctx->bus->call(m);
638
639 *data_len = 0;
640 }
641 catch (const exception_t& e)
642 {
643 return hiomap_xlate_errno(e.get_errno());
644 }
645
646 return IPMI_CC_OK;
647 }
648
hiomap_flush(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)649 static ipmi_ret_t hiomap_flush([[maybe_unused]] ipmi_request_t request,
650 [[maybe_unused]] ipmi_response_t response,
651 ipmi_data_len_t data_len, ipmi_context_t context)
652 {
653 struct hiomap* ctx = static_cast<struct hiomap*>(context);
654
655 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
656 HIOMAPD_IFACE_V2, "Flush");
657
658 try
659 {
660 /* FIXME: No argument call assumes v2 */
661 auto reply = ctx->bus->call(m);
662
663 *data_len = 0;
664 }
665 catch (const exception_t& e)
666 {
667 return hiomap_xlate_errno(e.get_errno());
668 }
669
670 return IPMI_CC_OK;
671 }
672
hiomap_ack(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)673 static ipmi_ret_t hiomap_ack(ipmi_request_t request,
674 [[maybe_unused]] ipmi_response_t response,
675 ipmi_data_len_t data_len, ipmi_context_t context)
676 {
677 struct hiomap* ctx = static_cast<struct hiomap*>(context);
678
679 if (*data_len < 1)
680 {
681 return IPMI_CC_REQ_DATA_LEN_INVALID;
682 }
683
684 uint8_t* reqdata = (uint8_t*)request;
685 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
686 HIOMAPD_IFACE_V2, "Ack");
687 auto acked = reqdata[0];
688 m.append(acked);
689
690 try
691 {
692 auto reply = ctx->bus->call(m);
693
694 *data_len = 0;
695 }
696 catch (const exception_t& e)
697 {
698 return hiomap_xlate_errno(e.get_errno());
699 }
700
701 return IPMI_CC_OK;
702 }
703
hiomap_erase(ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)704 static ipmi_ret_t hiomap_erase(ipmi_request_t request,
705 [[maybe_unused]] ipmi_response_t response,
706 ipmi_data_len_t data_len, ipmi_context_t context)
707 {
708 struct hiomap* ctx = static_cast<struct hiomap*>(context);
709
710 if (*data_len < 4)
711 {
712 return IPMI_CC_REQ_DATA_LEN_INVALID;
713 }
714
715 uint8_t* reqdata = (uint8_t*)request;
716 auto m = ctx->bus->new_method_call(HIOMAPD_SERVICE, HIOMAPD_OBJECT,
717 HIOMAPD_IFACE_V2, "Erase");
718 /* FIXME: Assumes v2 */
719 m.append(le16toh(get<uint16_t>(&reqdata[0]))); /* offset */
720 m.append(le16toh(get<uint16_t>(&reqdata[2]))); /* size */
721
722 try
723 {
724 auto reply = ctx->bus->call(m);
725
726 *data_len = 0;
727 }
728 catch (const exception_t& e)
729 {
730 return hiomap_xlate_errno(e.get_errno());
731 }
732
733 return IPMI_CC_OK;
734 }
735
736 #define HIOMAP_C_RESET 1
737 #define HIOMAP_C_GET_INFO 2
738 #define HIOMAP_C_GET_FLASH_INFO 3
739 #define HIOMAP_C_CREATE_READ_WINDOW 4
740 #define HIOMAP_C_CLOSE_WINDOW 5
741 #define HIOMAP_C_CREATE_WRITE_WINDOW 6
742 #define HIOMAP_C_MARK_DIRTY 7
743 #define HIOMAP_C_FLUSH 8
744 #define HIOMAP_C_ACK 9
745 #define HIOMAP_C_ERASE 10
746
747 static const std::unordered_map<uint8_t, hiomap_command> hiomap_commands = {
748 {0, nullptr}, /* Invalid command ID */
749 {HIOMAP_C_RESET, hiomap_reset},
750 {HIOMAP_C_GET_INFO, hiomap_get_info},
751 {HIOMAP_C_GET_FLASH_INFO, hiomap_get_flash_info},
752 {HIOMAP_C_CREATE_READ_WINDOW, hiomap_create_read_window},
753 {HIOMAP_C_CLOSE_WINDOW, hiomap_close_window},
754 {HIOMAP_C_CREATE_WRITE_WINDOW, hiomap_create_write_window},
755 {HIOMAP_C_MARK_DIRTY, hiomap_mark_dirty},
756 {HIOMAP_C_FLUSH, hiomap_flush},
757 {HIOMAP_C_ACK, hiomap_ack},
758 {HIOMAP_C_ERASE, hiomap_erase},
759 };
760
761 /* FIXME: Define this in the "right" place, wherever that is */
762 /* FIXME: Double evaluation */
763 #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
764
hiomap_dispatch(ipmi_netfn_t netfn,ipmi_cmd_t cmd,ipmi_request_t request,ipmi_response_t response,ipmi_data_len_t data_len,ipmi_context_t context)765 static ipmi_ret_t hiomap_dispatch(
766 [[maybe_unused]] ipmi_netfn_t netfn, [[maybe_unused]] ipmi_cmd_t cmd,
767 ipmi_request_t request, ipmi_response_t response, ipmi_data_len_t data_len,
768 ipmi_context_t context)
769 {
770 struct hiomap* ctx = static_cast<struct hiomap*>(context);
771
772 if (*data_len < 2)
773 {
774 *data_len = 0;
775 return IPMI_CC_REQ_DATA_LEN_INVALID;
776 }
777
778 uint8_t* ipmi_req = (uint8_t*)request;
779 uint8_t* ipmi_resp = (uint8_t*)response;
780 uint8_t hiomap_cmd = ipmi_req[0];
781
782 if (hiomap_cmd == 0 || hiomap_cmd > hiomap_commands.size() - 1)
783 {
784 *data_len = 0;
785 return IPMI_CC_PARM_OUT_OF_RANGE;
786 }
787
788 bool is_unversioned =
789 (hiomap_cmd == HIOMAP_C_RESET || hiomap_cmd == HIOMAP_C_GET_INFO ||
790 hiomap_cmd == HIOMAP_C_ACK);
791 if (!is_unversioned && ctx->seq == ipmi_req[1])
792 {
793 *data_len = 0;
794 return IPMI_CC_INVALID_FIELD_REQUEST;
795 }
796
797 ctx->seq = ipmi_req[1];
798
799 uint8_t* flash_req = ipmi_req + 2;
800 size_t flash_len = *data_len - 2;
801 uint8_t* flash_resp = ipmi_resp + 2;
802
803 auto command = hiomap_commands.find(hiomap_cmd);
804 if (command == hiomap_commands.end())
805 {
806 *data_len = 0;
807 return IPMI_CC_INVALID;
808 }
809 ipmi_ret_t cc = command->second(flash_req, flash_resp, &flash_len, context);
810 if (cc != IPMI_CC_OK)
811 {
812 *data_len = 0;
813 return cc;
814 }
815
816 /* Populate the response command and sequence */
817 ipmi_resp[0] = hiomap_cmd;
818 ipmi_resp[1] = ctx->seq;
819
820 *data_len = flash_len + 2;
821
822 return cc;
823 }
824 } // namespace flash
825 } // namespace openpower
826
register_openpower_hiomap_commands()827 static void register_openpower_hiomap_commands()
828 {
829 using namespace phosphor::logging;
830 using namespace openpower::flash;
831
832 struct hiomap* ctx = new hiomap();
833
834 /* Initialise mapping from signal and property names to status bit */
835 ctx->event_lookup["DaemonReady"] = BMC_EVENT_DAEMON_READY;
836 ctx->event_lookup["FlashControlLost"] = BMC_EVENT_FLASH_CTRL_LOST;
837 ctx->event_lookup["WindowReset"] = BMC_EVENT_WINDOW_RESET;
838 ctx->event_lookup["ProtocolReset"] = BMC_EVENT_PROTOCOL_RESET;
839
840 ctx->bus = new bus_t(ipmid_get_sd_bus_connection());
841
842 /* Initialise signal handling */
843
844 /*
845 * Can't use temporaries here because that causes SEGFAULTs due to slot
846 * destruction (!?), so enjoy the weird wrapping.
847 */
848 ctx->properties = new bus::match_t(std::move(hiomap_match_properties(ctx)));
849
850 std::function<SignalResponse(int)> shutdownHandler =
851 [ctx]([[maybe_unused]] int signalNumber) {
852 hiomap_protocol_reset(ctx);
853 return sigtermResponse;
854 };
855 registerSignalHandler(ipmi::prioMax, SIGTERM, shutdownHandler);
856
857 ipmi_register_callback(NETFUN_IBM_OEM, IPMI_CMD_HIOMAP, ctx,
858 openpower::flash::hiomap_dispatch, SYSTEM_INTERFACE);
859 }
860