xref: /openbmc/linux/arch/powerpc/platforms/pseries/ras.c (revision bd329f028f1cd51c7623c326147af07c6d832193)
1 /*
2  * Copyright (C) 2001 Dave Engebretsen IBM Corporation
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 2 of the License, or
7  * (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
17  */
18 
19 #include <linux/sched.h>
20 #include <linux/interrupt.h>
21 #include <linux/irq.h>
22 #include <linux/of.h>
23 #include <linux/fs.h>
24 #include <linux/reboot.h>
25 
26 #include <asm/machdep.h>
27 #include <asm/rtas.h>
28 #include <asm/firmware.h>
29 
30 #include "pseries.h"
31 
32 static unsigned char ras_log_buf[RTAS_ERROR_LOG_MAX];
33 static DEFINE_SPINLOCK(ras_log_buf_lock);
34 
35 static char global_mce_data_buf[RTAS_ERROR_LOG_MAX];
36 static DEFINE_PER_CPU(__u64, mce_data_buf);
37 
38 static int ras_check_exception_token;
39 
40 #define EPOW_SENSOR_TOKEN	9
41 #define EPOW_SENSOR_INDEX	0
42 
43 /* EPOW events counter variable */
44 static int num_epow_events;
45 
46 static irqreturn_t ras_hotplug_interrupt(int irq, void *dev_id);
47 static irqreturn_t ras_epow_interrupt(int irq, void *dev_id);
48 static irqreturn_t ras_error_interrupt(int irq, void *dev_id);
49 
50 
51 /*
52  * Enable the hotplug interrupt late because processing them may touch other
53  * devices or systems (e.g. hugepages) that have not been initialized at the
54  * subsys stage.
55  */
56 int __init init_ras_hotplug_IRQ(void)
57 {
58 	struct device_node *np;
59 
60 	/* Hotplug Events */
61 	np = of_find_node_by_path("/event-sources/hot-plug-events");
62 	if (np != NULL) {
63 		if (dlpar_workqueue_init() == 0)
64 			request_event_sources_irqs(np, ras_hotplug_interrupt,
65 						   "RAS_HOTPLUG");
66 		of_node_put(np);
67 	}
68 
69 	return 0;
70 }
71 machine_late_initcall(pseries, init_ras_hotplug_IRQ);
72 
73 /*
74  * Initialize handlers for the set of interrupts caused by hardware errors
75  * and power system events.
76  */
77 static int __init init_ras_IRQ(void)
78 {
79 	struct device_node *np;
80 
81 	ras_check_exception_token = rtas_token("check-exception");
82 
83 	/* Internal Errors */
84 	np = of_find_node_by_path("/event-sources/internal-errors");
85 	if (np != NULL) {
86 		request_event_sources_irqs(np, ras_error_interrupt,
87 					   "RAS_ERROR");
88 		of_node_put(np);
89 	}
90 
91 	/* EPOW Events */
92 	np = of_find_node_by_path("/event-sources/epow-events");
93 	if (np != NULL) {
94 		request_event_sources_irqs(np, ras_epow_interrupt, "RAS_EPOW");
95 		of_node_put(np);
96 	}
97 
98 	return 0;
99 }
100 machine_subsys_initcall(pseries, init_ras_IRQ);
101 
102 #define EPOW_SHUTDOWN_NORMAL				1
103 #define EPOW_SHUTDOWN_ON_UPS				2
104 #define EPOW_SHUTDOWN_LOSS_OF_CRITICAL_FUNCTIONS	3
105 #define EPOW_SHUTDOWN_AMBIENT_TEMPERATURE_TOO_HIGH	4
106 
107 static void handle_system_shutdown(char event_modifier)
108 {
109 	switch (event_modifier) {
110 	case EPOW_SHUTDOWN_NORMAL:
111 		pr_emerg("Power off requested\n");
112 		orderly_poweroff(true);
113 		break;
114 
115 	case EPOW_SHUTDOWN_ON_UPS:
116 		pr_emerg("Loss of system power detected. System is running on"
117 			 " UPS/battery. Check RTAS error log for details\n");
118 		orderly_poweroff(true);
119 		break;
120 
121 	case EPOW_SHUTDOWN_LOSS_OF_CRITICAL_FUNCTIONS:
122 		pr_emerg("Loss of system critical functions detected. Check"
123 			 " RTAS error log for details\n");
124 		orderly_poweroff(true);
125 		break;
126 
127 	case EPOW_SHUTDOWN_AMBIENT_TEMPERATURE_TOO_HIGH:
128 		pr_emerg("High ambient temperature detected. Check RTAS"
129 			 " error log for details\n");
130 		orderly_poweroff(true);
131 		break;
132 
133 	default:
134 		pr_err("Unknown power/cooling shutdown event (modifier = %d)\n",
135 			event_modifier);
136 	}
137 }
138 
139 struct epow_errorlog {
140 	unsigned char sensor_value;
141 	unsigned char event_modifier;
142 	unsigned char extended_modifier;
143 	unsigned char reserved;
144 	unsigned char platform_reason;
145 };
146 
147 #define EPOW_RESET			0
148 #define EPOW_WARN_COOLING		1
149 #define EPOW_WARN_POWER			2
150 #define EPOW_SYSTEM_SHUTDOWN		3
151 #define EPOW_SYSTEM_HALT		4
152 #define EPOW_MAIN_ENCLOSURE		5
153 #define EPOW_POWER_OFF			7
154 
155 static void rtas_parse_epow_errlog(struct rtas_error_log *log)
156 {
157 	struct pseries_errorlog *pseries_log;
158 	struct epow_errorlog *epow_log;
159 	char action_code;
160 	char modifier;
161 
162 	pseries_log = get_pseries_errorlog(log, PSERIES_ELOG_SECT_ID_EPOW);
163 	if (pseries_log == NULL)
164 		return;
165 
166 	epow_log = (struct epow_errorlog *)pseries_log->data;
167 	action_code = epow_log->sensor_value & 0xF;	/* bottom 4 bits */
168 	modifier = epow_log->event_modifier & 0xF;	/* bottom 4 bits */
169 
170 	switch (action_code) {
171 	case EPOW_RESET:
172 		if (num_epow_events) {
173 			pr_info("Non critical power/cooling issue cleared\n");
174 			num_epow_events--;
175 		}
176 		break;
177 
178 	case EPOW_WARN_COOLING:
179 		pr_info("Non-critical cooling issue detected. Check RTAS error"
180 			" log for details\n");
181 		break;
182 
183 	case EPOW_WARN_POWER:
184 		pr_info("Non-critical power issue detected. Check RTAS error"
185 			" log for details\n");
186 		break;
187 
188 	case EPOW_SYSTEM_SHUTDOWN:
189 		handle_system_shutdown(epow_log->event_modifier);
190 		break;
191 
192 	case EPOW_SYSTEM_HALT:
193 		pr_emerg("Critical power/cooling issue detected. Check RTAS"
194 			 " error log for details. Powering off.\n");
195 		orderly_poweroff(true);
196 		break;
197 
198 	case EPOW_MAIN_ENCLOSURE:
199 	case EPOW_POWER_OFF:
200 		pr_emerg("System about to lose power. Check RTAS error log "
201 			 " for details. Powering off immediately.\n");
202 		emergency_sync();
203 		kernel_power_off();
204 		break;
205 
206 	default:
207 		pr_err("Unknown power/cooling event (action code  = %d)\n",
208 			action_code);
209 	}
210 
211 	/* Increment epow events counter variable */
212 	if (action_code != EPOW_RESET)
213 		num_epow_events++;
214 }
215 
216 static irqreturn_t ras_hotplug_interrupt(int irq, void *dev_id)
217 {
218 	struct pseries_errorlog *pseries_log;
219 	struct pseries_hp_errorlog *hp_elog;
220 
221 	spin_lock(&ras_log_buf_lock);
222 
223 	rtas_call(ras_check_exception_token, 6, 1, NULL,
224 		  RTAS_VECTOR_EXTERNAL_INTERRUPT, virq_to_hw(irq),
225 		  RTAS_HOTPLUG_EVENTS, 0, __pa(&ras_log_buf),
226 		  rtas_get_error_log_max());
227 
228 	pseries_log = get_pseries_errorlog((struct rtas_error_log *)ras_log_buf,
229 					   PSERIES_ELOG_SECT_ID_HOTPLUG);
230 	hp_elog = (struct pseries_hp_errorlog *)pseries_log->data;
231 
232 	/*
233 	 * Since PCI hotplug is not currently supported on pseries, put PCI
234 	 * hotplug events on the ras_log_buf to be handled by rtas_errd.
235 	 */
236 	if (hp_elog->resource == PSERIES_HP_ELOG_RESOURCE_MEM ||
237 	    hp_elog->resource == PSERIES_HP_ELOG_RESOURCE_CPU)
238 		queue_hotplug_event(hp_elog, NULL, NULL);
239 	else
240 		log_error(ras_log_buf, ERR_TYPE_RTAS_LOG, 0);
241 
242 	spin_unlock(&ras_log_buf_lock);
243 	return IRQ_HANDLED;
244 }
245 
246 /* Handle environmental and power warning (EPOW) interrupts. */
247 static irqreturn_t ras_epow_interrupt(int irq, void *dev_id)
248 {
249 	int status;
250 	int state;
251 	int critical;
252 
253 	status = rtas_get_sensor_fast(EPOW_SENSOR_TOKEN, EPOW_SENSOR_INDEX,
254 				      &state);
255 
256 	if (state > 3)
257 		critical = 1;		/* Time Critical */
258 	else
259 		critical = 0;
260 
261 	spin_lock(&ras_log_buf_lock);
262 
263 	status = rtas_call(ras_check_exception_token, 6, 1, NULL,
264 			   RTAS_VECTOR_EXTERNAL_INTERRUPT,
265 			   virq_to_hw(irq),
266 			   RTAS_EPOW_WARNING,
267 			   critical, __pa(&ras_log_buf),
268 				rtas_get_error_log_max());
269 
270 	log_error(ras_log_buf, ERR_TYPE_RTAS_LOG, 0);
271 
272 	rtas_parse_epow_errlog((struct rtas_error_log *)ras_log_buf);
273 
274 	spin_unlock(&ras_log_buf_lock);
275 	return IRQ_HANDLED;
276 }
277 
278 /*
279  * Handle hardware error interrupts.
280  *
281  * RTAS check-exception is called to collect data on the exception.  If
282  * the error is deemed recoverable, we log a warning and return.
283  * For nonrecoverable errors, an error is logged and we stop all processing
284  * as quickly as possible in order to prevent propagation of the failure.
285  */
286 static irqreturn_t ras_error_interrupt(int irq, void *dev_id)
287 {
288 	struct rtas_error_log *rtas_elog;
289 	int status;
290 	int fatal;
291 
292 	spin_lock(&ras_log_buf_lock);
293 
294 	status = rtas_call(ras_check_exception_token, 6, 1, NULL,
295 			   RTAS_VECTOR_EXTERNAL_INTERRUPT,
296 			   virq_to_hw(irq),
297 			   RTAS_INTERNAL_ERROR, 1 /* Time Critical */,
298 			   __pa(&ras_log_buf),
299 				rtas_get_error_log_max());
300 
301 	rtas_elog = (struct rtas_error_log *)ras_log_buf;
302 
303 	if (status == 0 &&
304 	    rtas_error_severity(rtas_elog) >= RTAS_SEVERITY_ERROR_SYNC)
305 		fatal = 1;
306 	else
307 		fatal = 0;
308 
309 	/* format and print the extended information */
310 	log_error(ras_log_buf, ERR_TYPE_RTAS_LOG, fatal);
311 
312 	if (fatal) {
313 		pr_emerg("Fatal hardware error detected. Check RTAS error"
314 			 " log for details. Powering off immediately\n");
315 		emergency_sync();
316 		kernel_power_off();
317 	} else {
318 		pr_err("Recoverable hardware error detected\n");
319 	}
320 
321 	spin_unlock(&ras_log_buf_lock);
322 	return IRQ_HANDLED;
323 }
324 
325 /*
326  * Some versions of FWNMI place the buffer inside the 4kB page starting at
327  * 0x7000. Other versions place it inside the rtas buffer. We check both.
328  */
329 #define VALID_FWNMI_BUFFER(A) \
330 	((((A) >= 0x7000) && ((A) < 0x7ff0)) || \
331 	(((A) >= rtas.base) && ((A) < (rtas.base + rtas.size - 16))))
332 
333 /*
334  * Get the error information for errors coming through the
335  * FWNMI vectors.  The pt_regs' r3 will be updated to reflect
336  * the actual r3 if possible, and a ptr to the error log entry
337  * will be returned if found.
338  *
339  * If the RTAS error is not of the extended type, then we put it in a per
340  * cpu 64bit buffer. If it is the extended type we use global_mce_data_buf.
341  *
342  * The global_mce_data_buf does not have any locks or protection around it,
343  * if a second machine check comes in, or a system reset is done
344  * before we have logged the error, then we will get corruption in the
345  * error log.  This is preferable over holding off on calling
346  * ibm,nmi-interlock which would result in us checkstopping if a
347  * second machine check did come in.
348  */
349 static struct rtas_error_log *fwnmi_get_errinfo(struct pt_regs *regs)
350 {
351 	unsigned long *savep;
352 	struct rtas_error_log *h, *errhdr = NULL;
353 
354 	/* Mask top two bits */
355 	regs->gpr[3] &= ~(0x3UL << 62);
356 
357 	if (!VALID_FWNMI_BUFFER(regs->gpr[3])) {
358 		printk(KERN_ERR "FWNMI: corrupt r3 0x%016lx\n", regs->gpr[3]);
359 		return NULL;
360 	}
361 
362 	savep = __va(regs->gpr[3]);
363 	regs->gpr[3] = savep[0];	/* restore original r3 */
364 
365 	/* If it isn't an extended log we can use the per cpu 64bit buffer */
366 	h = (struct rtas_error_log *)&savep[1];
367 	if (!rtas_error_extended(h)) {
368 		memcpy(this_cpu_ptr(&mce_data_buf), h, sizeof(__u64));
369 		errhdr = (struct rtas_error_log *)this_cpu_ptr(&mce_data_buf);
370 	} else {
371 		int len, error_log_length;
372 
373 		error_log_length = 8 + rtas_error_extended_log_length(h);
374 		len = max_t(int, error_log_length, RTAS_ERROR_LOG_MAX);
375 		memset(global_mce_data_buf, 0, RTAS_ERROR_LOG_MAX);
376 		memcpy(global_mce_data_buf, h, len);
377 		errhdr = (struct rtas_error_log *)global_mce_data_buf;
378 	}
379 
380 	return errhdr;
381 }
382 
383 /* Call this when done with the data returned by FWNMI_get_errinfo.
384  * It will release the saved data area for other CPUs in the
385  * partition to receive FWNMI errors.
386  */
387 static void fwnmi_release_errinfo(void)
388 {
389 	int ret = rtas_call(rtas_token("ibm,nmi-interlock"), 0, 1, NULL);
390 	if (ret != 0)
391 		printk(KERN_ERR "FWNMI: nmi-interlock failed: %d\n", ret);
392 }
393 
394 int pSeries_system_reset_exception(struct pt_regs *regs)
395 {
396 #ifdef __LITTLE_ENDIAN__
397 	/*
398 	 * Some firmware byteswaps SRR registers and gives incorrect SRR1. Try
399 	 * to detect the bad SRR1 pattern here. Flip the NIP back to correct
400 	 * endian for reporting purposes. Unfortunately the MSR can't be fixed,
401 	 * so clear it. It will be missing MSR_RI so we won't try to recover.
402 	 */
403 	if ((be64_to_cpu(regs->msr) &
404 			(MSR_LE|MSR_RI|MSR_DR|MSR_IR|MSR_ME|MSR_PR|
405 			 MSR_ILE|MSR_HV|MSR_SF)) == (MSR_DR|MSR_SF)) {
406 		regs->nip = be64_to_cpu((__be64)regs->nip);
407 		regs->msr = 0;
408 	}
409 #endif
410 
411 	if (fwnmi_active) {
412 		struct rtas_error_log *errhdr = fwnmi_get_errinfo(regs);
413 		if (errhdr) {
414 			/* XXX Should look at FWNMI information */
415 		}
416 		fwnmi_release_errinfo();
417 	}
418 
419 	if (smp_handle_nmi_ipi(regs))
420 		return 1;
421 
422 	return 0; /* need to perform reset */
423 }
424 
425 /*
426  * See if we can recover from a machine check exception.
427  * This is only called on power4 (or above) and only via
428  * the Firmware Non-Maskable Interrupts (fwnmi) handler
429  * which provides the error analysis for us.
430  *
431  * Return 1 if corrected (or delivered a signal).
432  * Return 0 if there is nothing we can do.
433  */
434 static int recover_mce(struct pt_regs *regs, struct rtas_error_log *err)
435 {
436 	int recovered = 0;
437 	int disposition = rtas_error_disposition(err);
438 
439 	if (!(regs->msr & MSR_RI)) {
440 		/* If MSR_RI isn't set, we cannot recover */
441 		recovered = 0;
442 
443 	} else if (disposition == RTAS_DISP_FULLY_RECOVERED) {
444 		/* Platform corrected itself */
445 		recovered = 1;
446 
447 	} else if (disposition == RTAS_DISP_LIMITED_RECOVERY) {
448 		/* Platform corrected itself but could be degraded */
449 		printk(KERN_ERR "MCE: limited recovery, system may "
450 		       "be degraded\n");
451 		recovered = 1;
452 
453 	} else if (user_mode(regs) && !is_global_init(current) &&
454 		   rtas_error_severity(err) == RTAS_SEVERITY_ERROR_SYNC) {
455 
456 		/*
457 		 * If we received a synchronous error when in userspace
458 		 * kill the task. Firmware may report details of the fail
459 		 * asynchronously, so we can't rely on the target and type
460 		 * fields being valid here.
461 		 */
462 		printk(KERN_ERR "MCE: uncorrectable error, killing task "
463 		       "%s:%d\n", current->comm, current->pid);
464 
465 		_exception(SIGBUS, regs, BUS_MCEERR_AR, regs->nip);
466 		recovered = 1;
467 	}
468 
469 	log_error((char *)err, ERR_TYPE_RTAS_LOG, 0);
470 
471 	return recovered;
472 }
473 
474 /*
475  * Handle a machine check.
476  *
477  * Note that on Power 4 and beyond Firmware Non-Maskable Interrupts (fwnmi)
478  * should be present.  If so the handler which called us tells us if the
479  * error was recovered (never true if RI=0).
480  *
481  * On hardware prior to Power 4 these exceptions were asynchronous which
482  * means we can't tell exactly where it occurred and so we can't recover.
483  */
484 int pSeries_machine_check_exception(struct pt_regs *regs)
485 {
486 	struct rtas_error_log *errp;
487 
488 	if (fwnmi_active) {
489 		errp = fwnmi_get_errinfo(regs);
490 		fwnmi_release_errinfo();
491 		if (errp && recover_mce(regs, errp))
492 			return 1;
493 	}
494 
495 	return 0;
496 }
497