1 /* 2 * Copyright (C) 2001 Dave Engebretsen IBM Corporation 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation; either version 2 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 17 */ 18 19 #include <linux/sched.h> 20 #include <linux/interrupt.h> 21 #include <linux/irq.h> 22 #include <linux/of.h> 23 #include <linux/fs.h> 24 #include <linux/reboot.h> 25 26 #include <asm/machdep.h> 27 #include <asm/rtas.h> 28 #include <asm/firmware.h> 29 30 #include "pseries.h" 31 32 static unsigned char ras_log_buf[RTAS_ERROR_LOG_MAX]; 33 static DEFINE_SPINLOCK(ras_log_buf_lock); 34 35 static char global_mce_data_buf[RTAS_ERROR_LOG_MAX]; 36 static DEFINE_PER_CPU(__u64, mce_data_buf); 37 38 static int ras_check_exception_token; 39 40 #define EPOW_SENSOR_TOKEN 9 41 #define EPOW_SENSOR_INDEX 0 42 43 static irqreturn_t ras_epow_interrupt(int irq, void *dev_id); 44 static irqreturn_t ras_error_interrupt(int irq, void *dev_id); 45 46 47 /* 48 * Initialize handlers for the set of interrupts caused by hardware errors 49 * and power system events. 50 */ 51 static int __init init_ras_IRQ(void) 52 { 53 struct device_node *np; 54 55 ras_check_exception_token = rtas_token("check-exception"); 56 57 /* Internal Errors */ 58 np = of_find_node_by_path("/event-sources/internal-errors"); 59 if (np != NULL) { 60 request_event_sources_irqs(np, ras_error_interrupt, 61 "RAS_ERROR"); 62 of_node_put(np); 63 } 64 65 /* EPOW Events */ 66 np = of_find_node_by_path("/event-sources/epow-events"); 67 if (np != NULL) { 68 request_event_sources_irqs(np, ras_epow_interrupt, "RAS_EPOW"); 69 of_node_put(np); 70 } 71 72 return 0; 73 } 74 machine_subsys_initcall(pseries, init_ras_IRQ); 75 76 #define EPOW_SHUTDOWN_NORMAL 1 77 #define EPOW_SHUTDOWN_ON_UPS 2 78 #define EPOW_SHUTDOWN_LOSS_OF_CRITICAL_FUNCTIONS 3 79 #define EPOW_SHUTDOWN_AMBIENT_TEMPERATURE_TOO_HIGH 4 80 81 static void handle_system_shutdown(char event_modifier) 82 { 83 switch (event_modifier) { 84 case EPOW_SHUTDOWN_NORMAL: 85 pr_emerg("Firmware initiated power off"); 86 orderly_poweroff(true); 87 break; 88 89 case EPOW_SHUTDOWN_ON_UPS: 90 pr_emerg("Loss of power reported by firmware, system is " 91 "running on UPS/battery"); 92 pr_emerg("Check RTAS error log for details"); 93 orderly_poweroff(true); 94 break; 95 96 case EPOW_SHUTDOWN_LOSS_OF_CRITICAL_FUNCTIONS: 97 pr_emerg("Loss of system critical functions reported by " 98 "firmware"); 99 pr_emerg("Check RTAS error log for details"); 100 orderly_poweroff(true); 101 break; 102 103 case EPOW_SHUTDOWN_AMBIENT_TEMPERATURE_TOO_HIGH: 104 pr_emerg("Ambient temperature too high reported by firmware"); 105 pr_emerg("Check RTAS error log for details"); 106 orderly_poweroff(true); 107 break; 108 109 default: 110 pr_err("Unknown power/cooling shutdown event (modifier %d)", 111 event_modifier); 112 } 113 } 114 115 struct epow_errorlog { 116 unsigned char sensor_value; 117 unsigned char event_modifier; 118 unsigned char extended_modifier; 119 unsigned char reserved; 120 unsigned char platform_reason; 121 }; 122 123 #define EPOW_RESET 0 124 #define EPOW_WARN_COOLING 1 125 #define EPOW_WARN_POWER 2 126 #define EPOW_SYSTEM_SHUTDOWN 3 127 #define EPOW_SYSTEM_HALT 4 128 #define EPOW_MAIN_ENCLOSURE 5 129 #define EPOW_POWER_OFF 7 130 131 static void rtas_parse_epow_errlog(struct rtas_error_log *log) 132 { 133 struct pseries_errorlog *pseries_log; 134 struct epow_errorlog *epow_log; 135 char action_code; 136 char modifier; 137 138 pseries_log = get_pseries_errorlog(log, PSERIES_ELOG_SECT_ID_EPOW); 139 if (pseries_log == NULL) 140 return; 141 142 epow_log = (struct epow_errorlog *)pseries_log->data; 143 action_code = epow_log->sensor_value & 0xF; /* bottom 4 bits */ 144 modifier = epow_log->event_modifier & 0xF; /* bottom 4 bits */ 145 146 switch (action_code) { 147 case EPOW_RESET: 148 pr_err("Non critical power or cooling issue cleared"); 149 break; 150 151 case EPOW_WARN_COOLING: 152 pr_err("Non critical cooling issue reported by firmware"); 153 pr_err("Check RTAS error log for details"); 154 break; 155 156 case EPOW_WARN_POWER: 157 pr_err("Non critical power issue reported by firmware"); 158 pr_err("Check RTAS error log for details"); 159 break; 160 161 case EPOW_SYSTEM_SHUTDOWN: 162 handle_system_shutdown(epow_log->event_modifier); 163 break; 164 165 case EPOW_SYSTEM_HALT: 166 pr_emerg("Firmware initiated power off"); 167 orderly_poweroff(true); 168 break; 169 170 case EPOW_MAIN_ENCLOSURE: 171 case EPOW_POWER_OFF: 172 pr_emerg("Critical power/cooling issue reported by firmware"); 173 pr_emerg("Check RTAS error log for details"); 174 pr_emerg("Immediate power off"); 175 emergency_sync(); 176 kernel_power_off(); 177 break; 178 179 default: 180 pr_err("Unknown power/cooling event (action code %d)", 181 action_code); 182 } 183 } 184 185 /* Handle environmental and power warning (EPOW) interrupts. */ 186 static irqreturn_t ras_epow_interrupt(int irq, void *dev_id) 187 { 188 int status; 189 int state; 190 int critical; 191 192 status = rtas_get_sensor(EPOW_SENSOR_TOKEN, EPOW_SENSOR_INDEX, &state); 193 194 if (state > 3) 195 critical = 1; /* Time Critical */ 196 else 197 critical = 0; 198 199 spin_lock(&ras_log_buf_lock); 200 201 status = rtas_call(ras_check_exception_token, 6, 1, NULL, 202 RTAS_VECTOR_EXTERNAL_INTERRUPT, 203 virq_to_hw(irq), 204 RTAS_EPOW_WARNING, 205 critical, __pa(&ras_log_buf), 206 rtas_get_error_log_max()); 207 208 log_error(ras_log_buf, ERR_TYPE_RTAS_LOG, 0); 209 210 rtas_parse_epow_errlog((struct rtas_error_log *)ras_log_buf); 211 212 spin_unlock(&ras_log_buf_lock); 213 return IRQ_HANDLED; 214 } 215 216 /* 217 * Handle hardware error interrupts. 218 * 219 * RTAS check-exception is called to collect data on the exception. If 220 * the error is deemed recoverable, we log a warning and return. 221 * For nonrecoverable errors, an error is logged and we stop all processing 222 * as quickly as possible in order to prevent propagation of the failure. 223 */ 224 static irqreturn_t ras_error_interrupt(int irq, void *dev_id) 225 { 226 struct rtas_error_log *rtas_elog; 227 int status; 228 int fatal; 229 230 spin_lock(&ras_log_buf_lock); 231 232 status = rtas_call(ras_check_exception_token, 6, 1, NULL, 233 RTAS_VECTOR_EXTERNAL_INTERRUPT, 234 virq_to_hw(irq), 235 RTAS_INTERNAL_ERROR, 1 /* Time Critical */, 236 __pa(&ras_log_buf), 237 rtas_get_error_log_max()); 238 239 rtas_elog = (struct rtas_error_log *)ras_log_buf; 240 241 if (status == 0 && 242 rtas_error_severity(rtas_elog) >= RTAS_SEVERITY_ERROR_SYNC) 243 fatal = 1; 244 else 245 fatal = 0; 246 247 /* format and print the extended information */ 248 log_error(ras_log_buf, ERR_TYPE_RTAS_LOG, fatal); 249 250 if (fatal) { 251 pr_emerg("Fatal hardware error reported by firmware"); 252 pr_emerg("Check RTAS error log for details"); 253 pr_emerg("Immediate power off"); 254 emergency_sync(); 255 kernel_power_off(); 256 } else { 257 pr_err("Recoverable hardware error reported by firmware"); 258 } 259 260 spin_unlock(&ras_log_buf_lock); 261 return IRQ_HANDLED; 262 } 263 264 /* 265 * Some versions of FWNMI place the buffer inside the 4kB page starting at 266 * 0x7000. Other versions place it inside the rtas buffer. We check both. 267 */ 268 #define VALID_FWNMI_BUFFER(A) \ 269 ((((A) >= 0x7000) && ((A) < 0x7ff0)) || \ 270 (((A) >= rtas.base) && ((A) < (rtas.base + rtas.size - 16)))) 271 272 /* 273 * Get the error information for errors coming through the 274 * FWNMI vectors. The pt_regs' r3 will be updated to reflect 275 * the actual r3 if possible, and a ptr to the error log entry 276 * will be returned if found. 277 * 278 * If the RTAS error is not of the extended type, then we put it in a per 279 * cpu 64bit buffer. If it is the extended type we use global_mce_data_buf. 280 * 281 * The global_mce_data_buf does not have any locks or protection around it, 282 * if a second machine check comes in, or a system reset is done 283 * before we have logged the error, then we will get corruption in the 284 * error log. This is preferable over holding off on calling 285 * ibm,nmi-interlock which would result in us checkstopping if a 286 * second machine check did come in. 287 */ 288 static struct rtas_error_log *fwnmi_get_errinfo(struct pt_regs *regs) 289 { 290 unsigned long *savep; 291 struct rtas_error_log *h, *errhdr = NULL; 292 293 /* Mask top two bits */ 294 regs->gpr[3] &= ~(0x3UL << 62); 295 296 if (!VALID_FWNMI_BUFFER(regs->gpr[3])) { 297 printk(KERN_ERR "FWNMI: corrupt r3 0x%016lx\n", regs->gpr[3]); 298 return NULL; 299 } 300 301 savep = __va(regs->gpr[3]); 302 regs->gpr[3] = savep[0]; /* restore original r3 */ 303 304 /* If it isn't an extended log we can use the per cpu 64bit buffer */ 305 h = (struct rtas_error_log *)&savep[1]; 306 if (!rtas_error_extended(h)) { 307 memcpy(this_cpu_ptr(&mce_data_buf), h, sizeof(__u64)); 308 errhdr = (struct rtas_error_log *)this_cpu_ptr(&mce_data_buf); 309 } else { 310 int len, error_log_length; 311 312 error_log_length = 8 + rtas_error_extended_log_length(h); 313 len = max_t(int, error_log_length, RTAS_ERROR_LOG_MAX); 314 memset(global_mce_data_buf, 0, RTAS_ERROR_LOG_MAX); 315 memcpy(global_mce_data_buf, h, len); 316 errhdr = (struct rtas_error_log *)global_mce_data_buf; 317 } 318 319 return errhdr; 320 } 321 322 /* Call this when done with the data returned by FWNMI_get_errinfo. 323 * It will release the saved data area for other CPUs in the 324 * partition to receive FWNMI errors. 325 */ 326 static void fwnmi_release_errinfo(void) 327 { 328 int ret = rtas_call(rtas_token("ibm,nmi-interlock"), 0, 1, NULL); 329 if (ret != 0) 330 printk(KERN_ERR "FWNMI: nmi-interlock failed: %d\n", ret); 331 } 332 333 int pSeries_system_reset_exception(struct pt_regs *regs) 334 { 335 if (fwnmi_active) { 336 struct rtas_error_log *errhdr = fwnmi_get_errinfo(regs); 337 if (errhdr) { 338 /* XXX Should look at FWNMI information */ 339 } 340 fwnmi_release_errinfo(); 341 } 342 return 0; /* need to perform reset */ 343 } 344 345 /* 346 * See if we can recover from a machine check exception. 347 * This is only called on power4 (or above) and only via 348 * the Firmware Non-Maskable Interrupts (fwnmi) handler 349 * which provides the error analysis for us. 350 * 351 * Return 1 if corrected (or delivered a signal). 352 * Return 0 if there is nothing we can do. 353 */ 354 static int recover_mce(struct pt_regs *regs, struct rtas_error_log *err) 355 { 356 int recovered = 0; 357 int disposition = rtas_error_disposition(err); 358 359 if (!(regs->msr & MSR_RI)) { 360 /* If MSR_RI isn't set, we cannot recover */ 361 recovered = 0; 362 363 } else if (disposition == RTAS_DISP_FULLY_RECOVERED) { 364 /* Platform corrected itself */ 365 recovered = 1; 366 367 } else if (disposition == RTAS_DISP_LIMITED_RECOVERY) { 368 /* Platform corrected itself but could be degraded */ 369 printk(KERN_ERR "MCE: limited recovery, system may " 370 "be degraded\n"); 371 recovered = 1; 372 373 } else if (user_mode(regs) && !is_global_init(current) && 374 rtas_error_severity(err) == RTAS_SEVERITY_ERROR_SYNC) { 375 376 /* 377 * If we received a synchronous error when in userspace 378 * kill the task. Firmware may report details of the fail 379 * asynchronously, so we can't rely on the target and type 380 * fields being valid here. 381 */ 382 printk(KERN_ERR "MCE: uncorrectable error, killing task " 383 "%s:%d\n", current->comm, current->pid); 384 385 _exception(SIGBUS, regs, BUS_MCEERR_AR, regs->nip); 386 recovered = 1; 387 } 388 389 log_error((char *)err, ERR_TYPE_RTAS_LOG, 0); 390 391 return recovered; 392 } 393 394 /* 395 * Handle a machine check. 396 * 397 * Note that on Power 4 and beyond Firmware Non-Maskable Interrupts (fwnmi) 398 * should be present. If so the handler which called us tells us if the 399 * error was recovered (never true if RI=0). 400 * 401 * On hardware prior to Power 4 these exceptions were asynchronous which 402 * means we can't tell exactly where it occurred and so we can't recover. 403 */ 404 int pSeries_machine_check_exception(struct pt_regs *regs) 405 { 406 struct rtas_error_log *errp; 407 408 if (fwnmi_active) { 409 errp = fwnmi_get_errinfo(regs); 410 fwnmi_release_errinfo(); 411 if (errp && recover_mce(regs, errp)) 412 return 1; 413 } 414 415 return 0; 416 } 417