1 /* 2 * ipmi_msghandler.c 3 * 4 * Incoming and outgoing message routing for an IPMI interface. 5 * 6 * Author: MontaVista Software, Inc. 7 * Corey Minyard <minyard@mvista.com> 8 * source@mvista.com 9 * 10 * Copyright 2002 MontaVista Software Inc. 11 * 12 * This program is free software; you can redistribute it and/or modify it 13 * under the terms of the GNU General Public License as published by the 14 * Free Software Foundation; either version 2 of the License, or (at your 15 * option) any later version. 16 * 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * 29 * You should have received a copy of the GNU General Public License along 30 * with this program; if not, write to the Free Software Foundation, Inc., 31 * 675 Mass Ave, Cambridge, MA 02139, USA. 32 */ 33 34 #include <linux/module.h> 35 #include <linux/errno.h> 36 #include <asm/system.h> 37 #include <linux/poll.h> 38 #include <linux/spinlock.h> 39 #include <linux/mutex.h> 40 #include <linux/slab.h> 41 #include <linux/ipmi.h> 42 #include <linux/ipmi_smi.h> 43 #include <linux/notifier.h> 44 #include <linux/init.h> 45 #include <linux/proc_fs.h> 46 #include <linux/rcupdate.h> 47 48 #define PFX "IPMI message handler: " 49 50 #define IPMI_DRIVER_VERSION "39.2" 51 52 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void); 53 static int ipmi_init_msghandler(void); 54 55 static int initialized; 56 57 #ifdef CONFIG_PROC_FS 58 static struct proc_dir_entry *proc_ipmi_root; 59 #endif /* CONFIG_PROC_FS */ 60 61 /* Remain in auto-maintenance mode for this amount of time (in ms). */ 62 #define IPMI_MAINTENANCE_MODE_TIMEOUT 30000 63 64 #define MAX_EVENTS_IN_QUEUE 25 65 66 /* 67 * Don't let a message sit in a queue forever, always time it with at lest 68 * the max message timer. This is in milliseconds. 69 */ 70 #define MAX_MSG_TIMEOUT 60000 71 72 /* 73 * The main "user" data structure. 74 */ 75 struct ipmi_user { 76 struct list_head link; 77 78 /* Set to "0" when the user is destroyed. */ 79 int valid; 80 81 struct kref refcount; 82 83 /* The upper layer that handles receive messages. */ 84 struct ipmi_user_hndl *handler; 85 void *handler_data; 86 87 /* The interface this user is bound to. */ 88 ipmi_smi_t intf; 89 90 /* Does this interface receive IPMI events? */ 91 int gets_events; 92 }; 93 94 struct cmd_rcvr { 95 struct list_head link; 96 97 ipmi_user_t user; 98 unsigned char netfn; 99 unsigned char cmd; 100 unsigned int chans; 101 102 /* 103 * This is used to form a linked lised during mass deletion. 104 * Since this is in an RCU list, we cannot use the link above 105 * or change any data until the RCU period completes. So we 106 * use this next variable during mass deletion so we can have 107 * a list and don't have to wait and restart the search on 108 * every individual deletion of a command. 109 */ 110 struct cmd_rcvr *next; 111 }; 112 113 struct seq_table { 114 unsigned int inuse : 1; 115 unsigned int broadcast : 1; 116 117 unsigned long timeout; 118 unsigned long orig_timeout; 119 unsigned int retries_left; 120 121 /* 122 * To verify on an incoming send message response that this is 123 * the message that the response is for, we keep a sequence id 124 * and increment it every time we send a message. 125 */ 126 long seqid; 127 128 /* 129 * This is held so we can properly respond to the message on a 130 * timeout, and it is used to hold the temporary data for 131 * retransmission, too. 132 */ 133 struct ipmi_recv_msg *recv_msg; 134 }; 135 136 /* 137 * Store the information in a msgid (long) to allow us to find a 138 * sequence table entry from the msgid. 139 */ 140 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff)) 141 142 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \ 143 do { \ 144 seq = ((msgid >> 26) & 0x3f); \ 145 seqid = (msgid & 0x3fffff); \ 146 } while (0) 147 148 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff) 149 150 struct ipmi_channel { 151 unsigned char medium; 152 unsigned char protocol; 153 154 /* 155 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR, 156 * but may be changed by the user. 157 */ 158 unsigned char address; 159 160 /* 161 * My LUN. This should generally stay the SMS LUN, but just in 162 * case... 163 */ 164 unsigned char lun; 165 }; 166 167 #ifdef CONFIG_PROC_FS 168 struct ipmi_proc_entry { 169 char *name; 170 struct ipmi_proc_entry *next; 171 }; 172 #endif 173 174 struct bmc_device { 175 struct platform_device *dev; 176 struct ipmi_device_id id; 177 unsigned char guid[16]; 178 int guid_set; 179 180 struct kref refcount; 181 182 /* bmc device attributes */ 183 struct device_attribute device_id_attr; 184 struct device_attribute provides_dev_sdrs_attr; 185 struct device_attribute revision_attr; 186 struct device_attribute firmware_rev_attr; 187 struct device_attribute version_attr; 188 struct device_attribute add_dev_support_attr; 189 struct device_attribute manufacturer_id_attr; 190 struct device_attribute product_id_attr; 191 struct device_attribute guid_attr; 192 struct device_attribute aux_firmware_rev_attr; 193 }; 194 195 /* 196 * Various statistics for IPMI, these index stats[] in the ipmi_smi 197 * structure. 198 */ 199 enum ipmi_stat_indexes { 200 /* Commands we got from the user that were invalid. */ 201 IPMI_STAT_sent_invalid_commands = 0, 202 203 /* Commands we sent to the MC. */ 204 IPMI_STAT_sent_local_commands, 205 206 /* Responses from the MC that were delivered to a user. */ 207 IPMI_STAT_handled_local_responses, 208 209 /* Responses from the MC that were not delivered to a user. */ 210 IPMI_STAT_unhandled_local_responses, 211 212 /* Commands we sent out to the IPMB bus. */ 213 IPMI_STAT_sent_ipmb_commands, 214 215 /* Commands sent on the IPMB that had errors on the SEND CMD */ 216 IPMI_STAT_sent_ipmb_command_errs, 217 218 /* Each retransmit increments this count. */ 219 IPMI_STAT_retransmitted_ipmb_commands, 220 221 /* 222 * When a message times out (runs out of retransmits) this is 223 * incremented. 224 */ 225 IPMI_STAT_timed_out_ipmb_commands, 226 227 /* 228 * This is like above, but for broadcasts. Broadcasts are 229 * *not* included in the above count (they are expected to 230 * time out). 231 */ 232 IPMI_STAT_timed_out_ipmb_broadcasts, 233 234 /* Responses I have sent to the IPMB bus. */ 235 IPMI_STAT_sent_ipmb_responses, 236 237 /* The response was delivered to the user. */ 238 IPMI_STAT_handled_ipmb_responses, 239 240 /* The response had invalid data in it. */ 241 IPMI_STAT_invalid_ipmb_responses, 242 243 /* The response didn't have anyone waiting for it. */ 244 IPMI_STAT_unhandled_ipmb_responses, 245 246 /* Commands we sent out to the IPMB bus. */ 247 IPMI_STAT_sent_lan_commands, 248 249 /* Commands sent on the IPMB that had errors on the SEND CMD */ 250 IPMI_STAT_sent_lan_command_errs, 251 252 /* Each retransmit increments this count. */ 253 IPMI_STAT_retransmitted_lan_commands, 254 255 /* 256 * When a message times out (runs out of retransmits) this is 257 * incremented. 258 */ 259 IPMI_STAT_timed_out_lan_commands, 260 261 /* Responses I have sent to the IPMB bus. */ 262 IPMI_STAT_sent_lan_responses, 263 264 /* The response was delivered to the user. */ 265 IPMI_STAT_handled_lan_responses, 266 267 /* The response had invalid data in it. */ 268 IPMI_STAT_invalid_lan_responses, 269 270 /* The response didn't have anyone waiting for it. */ 271 IPMI_STAT_unhandled_lan_responses, 272 273 /* The command was delivered to the user. */ 274 IPMI_STAT_handled_commands, 275 276 /* The command had invalid data in it. */ 277 IPMI_STAT_invalid_commands, 278 279 /* The command didn't have anyone waiting for it. */ 280 IPMI_STAT_unhandled_commands, 281 282 /* Invalid data in an event. */ 283 IPMI_STAT_invalid_events, 284 285 /* Events that were received with the proper format. */ 286 IPMI_STAT_events, 287 288 289 /* This *must* remain last, add new values above this. */ 290 IPMI_NUM_STATS 291 }; 292 293 294 #define IPMI_IPMB_NUM_SEQ 64 295 #define IPMI_MAX_CHANNELS 16 296 struct ipmi_smi { 297 /* What interface number are we? */ 298 int intf_num; 299 300 struct kref refcount; 301 302 /* Used for a list of interfaces. */ 303 struct list_head link; 304 305 /* 306 * The list of upper layers that are using me. seq_lock 307 * protects this. 308 */ 309 struct list_head users; 310 311 /* Information to supply to users. */ 312 unsigned char ipmi_version_major; 313 unsigned char ipmi_version_minor; 314 315 /* Used for wake ups at startup. */ 316 wait_queue_head_t waitq; 317 318 struct bmc_device *bmc; 319 char *my_dev_name; 320 char *sysfs_name; 321 322 /* 323 * This is the lower-layer's sender routine. Note that you 324 * must either be holding the ipmi_interfaces_mutex or be in 325 * an umpreemptible region to use this. You must fetch the 326 * value into a local variable and make sure it is not NULL. 327 */ 328 struct ipmi_smi_handlers *handlers; 329 void *send_info; 330 331 #ifdef CONFIG_PROC_FS 332 /* A list of proc entries for this interface. */ 333 struct mutex proc_entry_lock; 334 struct ipmi_proc_entry *proc_entries; 335 #endif 336 337 /* Driver-model device for the system interface. */ 338 struct device *si_dev; 339 340 /* 341 * A table of sequence numbers for this interface. We use the 342 * sequence numbers for IPMB messages that go out of the 343 * interface to match them up with their responses. A routine 344 * is called periodically to time the items in this list. 345 */ 346 spinlock_t seq_lock; 347 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ]; 348 int curr_seq; 349 350 /* 351 * Messages that were delayed for some reason (out of memory, 352 * for instance), will go in here to be processed later in a 353 * periodic timer interrupt. 354 */ 355 spinlock_t waiting_msgs_lock; 356 struct list_head waiting_msgs; 357 358 /* 359 * The list of command receivers that are registered for commands 360 * on this interface. 361 */ 362 struct mutex cmd_rcvrs_mutex; 363 struct list_head cmd_rcvrs; 364 365 /* 366 * Events that were queues because no one was there to receive 367 * them. 368 */ 369 spinlock_t events_lock; /* For dealing with event stuff. */ 370 struct list_head waiting_events; 371 unsigned int waiting_events_count; /* How many events in queue? */ 372 char delivering_events; 373 char event_msg_printed; 374 375 /* 376 * The event receiver for my BMC, only really used at panic 377 * shutdown as a place to store this. 378 */ 379 unsigned char event_receiver; 380 unsigned char event_receiver_lun; 381 unsigned char local_sel_device; 382 unsigned char local_event_generator; 383 384 /* For handling of maintenance mode. */ 385 int maintenance_mode; 386 int maintenance_mode_enable; 387 int auto_maintenance_timeout; 388 spinlock_t maintenance_mode_lock; /* Used in a timer... */ 389 390 /* 391 * A cheap hack, if this is non-null and a message to an 392 * interface comes in with a NULL user, call this routine with 393 * it. Note that the message will still be freed by the 394 * caller. This only works on the system interface. 395 */ 396 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg); 397 398 /* 399 * When we are scanning the channels for an SMI, this will 400 * tell which channel we are scanning. 401 */ 402 int curr_channel; 403 404 /* Channel information */ 405 struct ipmi_channel channels[IPMI_MAX_CHANNELS]; 406 407 /* Proc FS stuff. */ 408 struct proc_dir_entry *proc_dir; 409 char proc_dir_name[10]; 410 411 atomic_t stats[IPMI_NUM_STATS]; 412 413 /* 414 * run_to_completion duplicate of smb_info, smi_info 415 * and ipmi_serial_info structures. Used to decrease numbers of 416 * parameters passed by "low" level IPMI code. 417 */ 418 int run_to_completion; 419 }; 420 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev) 421 422 /** 423 * The driver model view of the IPMI messaging driver. 424 */ 425 static struct device_driver ipmidriver = { 426 .name = "ipmi", 427 .bus = &platform_bus_type 428 }; 429 static DEFINE_MUTEX(ipmidriver_mutex); 430 431 static LIST_HEAD(ipmi_interfaces); 432 static DEFINE_MUTEX(ipmi_interfaces_mutex); 433 434 /* 435 * List of watchers that want to know when smi's are added and deleted. 436 */ 437 static LIST_HEAD(smi_watchers); 438 static DEFINE_MUTEX(smi_watchers_mutex); 439 440 441 #define ipmi_inc_stat(intf, stat) \ 442 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat]) 443 #define ipmi_get_stat(intf, stat) \ 444 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat])) 445 446 447 static void free_recv_msg_list(struct list_head *q) 448 { 449 struct ipmi_recv_msg *msg, *msg2; 450 451 list_for_each_entry_safe(msg, msg2, q, link) { 452 list_del(&msg->link); 453 ipmi_free_recv_msg(msg); 454 } 455 } 456 457 static void free_smi_msg_list(struct list_head *q) 458 { 459 struct ipmi_smi_msg *msg, *msg2; 460 461 list_for_each_entry_safe(msg, msg2, q, link) { 462 list_del(&msg->link); 463 ipmi_free_smi_msg(msg); 464 } 465 } 466 467 static void clean_up_interface_data(ipmi_smi_t intf) 468 { 469 int i; 470 struct cmd_rcvr *rcvr, *rcvr2; 471 struct list_head list; 472 473 free_smi_msg_list(&intf->waiting_msgs); 474 free_recv_msg_list(&intf->waiting_events); 475 476 /* 477 * Wholesale remove all the entries from the list in the 478 * interface and wait for RCU to know that none are in use. 479 */ 480 mutex_lock(&intf->cmd_rcvrs_mutex); 481 INIT_LIST_HEAD(&list); 482 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu); 483 mutex_unlock(&intf->cmd_rcvrs_mutex); 484 485 list_for_each_entry_safe(rcvr, rcvr2, &list, link) 486 kfree(rcvr); 487 488 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 489 if ((intf->seq_table[i].inuse) 490 && (intf->seq_table[i].recv_msg)) 491 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 492 } 493 } 494 495 static void intf_free(struct kref *ref) 496 { 497 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount); 498 499 clean_up_interface_data(intf); 500 kfree(intf); 501 } 502 503 struct watcher_entry { 504 int intf_num; 505 ipmi_smi_t intf; 506 struct list_head link; 507 }; 508 509 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher) 510 { 511 ipmi_smi_t intf; 512 LIST_HEAD(to_deliver); 513 struct watcher_entry *e, *e2; 514 515 mutex_lock(&smi_watchers_mutex); 516 517 mutex_lock(&ipmi_interfaces_mutex); 518 519 /* Build a list of things to deliver. */ 520 list_for_each_entry(intf, &ipmi_interfaces, link) { 521 if (intf->intf_num == -1) 522 continue; 523 e = kmalloc(sizeof(*e), GFP_KERNEL); 524 if (!e) 525 goto out_err; 526 kref_get(&intf->refcount); 527 e->intf = intf; 528 e->intf_num = intf->intf_num; 529 list_add_tail(&e->link, &to_deliver); 530 } 531 532 /* We will succeed, so add it to the list. */ 533 list_add(&watcher->link, &smi_watchers); 534 535 mutex_unlock(&ipmi_interfaces_mutex); 536 537 list_for_each_entry_safe(e, e2, &to_deliver, link) { 538 list_del(&e->link); 539 watcher->new_smi(e->intf_num, e->intf->si_dev); 540 kref_put(&e->intf->refcount, intf_free); 541 kfree(e); 542 } 543 544 mutex_unlock(&smi_watchers_mutex); 545 546 return 0; 547 548 out_err: 549 mutex_unlock(&ipmi_interfaces_mutex); 550 mutex_unlock(&smi_watchers_mutex); 551 list_for_each_entry_safe(e, e2, &to_deliver, link) { 552 list_del(&e->link); 553 kref_put(&e->intf->refcount, intf_free); 554 kfree(e); 555 } 556 return -ENOMEM; 557 } 558 EXPORT_SYMBOL(ipmi_smi_watcher_register); 559 560 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher) 561 { 562 mutex_lock(&smi_watchers_mutex); 563 list_del(&(watcher->link)); 564 mutex_unlock(&smi_watchers_mutex); 565 return 0; 566 } 567 EXPORT_SYMBOL(ipmi_smi_watcher_unregister); 568 569 /* 570 * Must be called with smi_watchers_mutex held. 571 */ 572 static void 573 call_smi_watchers(int i, struct device *dev) 574 { 575 struct ipmi_smi_watcher *w; 576 577 list_for_each_entry(w, &smi_watchers, link) { 578 if (try_module_get(w->owner)) { 579 w->new_smi(i, dev); 580 module_put(w->owner); 581 } 582 } 583 } 584 585 static int 586 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2) 587 { 588 if (addr1->addr_type != addr2->addr_type) 589 return 0; 590 591 if (addr1->channel != addr2->channel) 592 return 0; 593 594 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 595 struct ipmi_system_interface_addr *smi_addr1 596 = (struct ipmi_system_interface_addr *) addr1; 597 struct ipmi_system_interface_addr *smi_addr2 598 = (struct ipmi_system_interface_addr *) addr2; 599 return (smi_addr1->lun == smi_addr2->lun); 600 } 601 602 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE) 603 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) { 604 struct ipmi_ipmb_addr *ipmb_addr1 605 = (struct ipmi_ipmb_addr *) addr1; 606 struct ipmi_ipmb_addr *ipmb_addr2 607 = (struct ipmi_ipmb_addr *) addr2; 608 609 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr) 610 && (ipmb_addr1->lun == ipmb_addr2->lun)); 611 } 612 613 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) { 614 struct ipmi_lan_addr *lan_addr1 615 = (struct ipmi_lan_addr *) addr1; 616 struct ipmi_lan_addr *lan_addr2 617 = (struct ipmi_lan_addr *) addr2; 618 619 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID) 620 && (lan_addr1->local_SWID == lan_addr2->local_SWID) 621 && (lan_addr1->session_handle 622 == lan_addr2->session_handle) 623 && (lan_addr1->lun == lan_addr2->lun)); 624 } 625 626 return 1; 627 } 628 629 int ipmi_validate_addr(struct ipmi_addr *addr, int len) 630 { 631 if (len < sizeof(struct ipmi_system_interface_addr)) 632 return -EINVAL; 633 634 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 635 if (addr->channel != IPMI_BMC_CHANNEL) 636 return -EINVAL; 637 return 0; 638 } 639 640 if ((addr->channel == IPMI_BMC_CHANNEL) 641 || (addr->channel >= IPMI_MAX_CHANNELS) 642 || (addr->channel < 0)) 643 return -EINVAL; 644 645 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE) 646 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) { 647 if (len < sizeof(struct ipmi_ipmb_addr)) 648 return -EINVAL; 649 return 0; 650 } 651 652 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) { 653 if (len < sizeof(struct ipmi_lan_addr)) 654 return -EINVAL; 655 return 0; 656 } 657 658 return -EINVAL; 659 } 660 EXPORT_SYMBOL(ipmi_validate_addr); 661 662 unsigned int ipmi_addr_length(int addr_type) 663 { 664 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 665 return sizeof(struct ipmi_system_interface_addr); 666 667 if ((addr_type == IPMI_IPMB_ADDR_TYPE) 668 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 669 return sizeof(struct ipmi_ipmb_addr); 670 671 if (addr_type == IPMI_LAN_ADDR_TYPE) 672 return sizeof(struct ipmi_lan_addr); 673 674 return 0; 675 } 676 EXPORT_SYMBOL(ipmi_addr_length); 677 678 static void deliver_response(struct ipmi_recv_msg *msg) 679 { 680 if (!msg->user) { 681 ipmi_smi_t intf = msg->user_msg_data; 682 683 /* Special handling for NULL users. */ 684 if (intf->null_user_handler) { 685 intf->null_user_handler(intf, msg); 686 ipmi_inc_stat(intf, handled_local_responses); 687 } else { 688 /* No handler, so give up. */ 689 ipmi_inc_stat(intf, unhandled_local_responses); 690 } 691 ipmi_free_recv_msg(msg); 692 } else { 693 ipmi_user_t user = msg->user; 694 user->handler->ipmi_recv_hndl(msg, user->handler_data); 695 } 696 } 697 698 static void 699 deliver_err_response(struct ipmi_recv_msg *msg, int err) 700 { 701 msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 702 msg->msg_data[0] = err; 703 msg->msg.netfn |= 1; /* Convert to a response. */ 704 msg->msg.data_len = 1; 705 msg->msg.data = msg->msg_data; 706 deliver_response(msg); 707 } 708 709 /* 710 * Find the next sequence number not being used and add the given 711 * message with the given timeout to the sequence table. This must be 712 * called with the interface's seq_lock held. 713 */ 714 static int intf_next_seq(ipmi_smi_t intf, 715 struct ipmi_recv_msg *recv_msg, 716 unsigned long timeout, 717 int retries, 718 int broadcast, 719 unsigned char *seq, 720 long *seqid) 721 { 722 int rv = 0; 723 unsigned int i; 724 725 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq; 726 i = (i+1)%IPMI_IPMB_NUM_SEQ) { 727 if (!intf->seq_table[i].inuse) 728 break; 729 } 730 731 if (!intf->seq_table[i].inuse) { 732 intf->seq_table[i].recv_msg = recv_msg; 733 734 /* 735 * Start with the maximum timeout, when the send response 736 * comes in we will start the real timer. 737 */ 738 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT; 739 intf->seq_table[i].orig_timeout = timeout; 740 intf->seq_table[i].retries_left = retries; 741 intf->seq_table[i].broadcast = broadcast; 742 intf->seq_table[i].inuse = 1; 743 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid); 744 *seq = i; 745 *seqid = intf->seq_table[i].seqid; 746 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ; 747 } else { 748 rv = -EAGAIN; 749 } 750 751 return rv; 752 } 753 754 /* 755 * Return the receive message for the given sequence number and 756 * release the sequence number so it can be reused. Some other data 757 * is passed in to be sure the message matches up correctly (to help 758 * guard against message coming in after their timeout and the 759 * sequence number being reused). 760 */ 761 static int intf_find_seq(ipmi_smi_t intf, 762 unsigned char seq, 763 short channel, 764 unsigned char cmd, 765 unsigned char netfn, 766 struct ipmi_addr *addr, 767 struct ipmi_recv_msg **recv_msg) 768 { 769 int rv = -ENODEV; 770 unsigned long flags; 771 772 if (seq >= IPMI_IPMB_NUM_SEQ) 773 return -EINVAL; 774 775 spin_lock_irqsave(&(intf->seq_lock), flags); 776 if (intf->seq_table[seq].inuse) { 777 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg; 778 779 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd) 780 && (msg->msg.netfn == netfn) 781 && (ipmi_addr_equal(addr, &(msg->addr)))) { 782 *recv_msg = msg; 783 intf->seq_table[seq].inuse = 0; 784 rv = 0; 785 } 786 } 787 spin_unlock_irqrestore(&(intf->seq_lock), flags); 788 789 return rv; 790 } 791 792 793 /* Start the timer for a specific sequence table entry. */ 794 static int intf_start_seq_timer(ipmi_smi_t intf, 795 long msgid) 796 { 797 int rv = -ENODEV; 798 unsigned long flags; 799 unsigned char seq; 800 unsigned long seqid; 801 802 803 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 804 805 spin_lock_irqsave(&(intf->seq_lock), flags); 806 /* 807 * We do this verification because the user can be deleted 808 * while a message is outstanding. 809 */ 810 if ((intf->seq_table[seq].inuse) 811 && (intf->seq_table[seq].seqid == seqid)) { 812 struct seq_table *ent = &(intf->seq_table[seq]); 813 ent->timeout = ent->orig_timeout; 814 rv = 0; 815 } 816 spin_unlock_irqrestore(&(intf->seq_lock), flags); 817 818 return rv; 819 } 820 821 /* Got an error for the send message for a specific sequence number. */ 822 static int intf_err_seq(ipmi_smi_t intf, 823 long msgid, 824 unsigned int err) 825 { 826 int rv = -ENODEV; 827 unsigned long flags; 828 unsigned char seq; 829 unsigned long seqid; 830 struct ipmi_recv_msg *msg = NULL; 831 832 833 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 834 835 spin_lock_irqsave(&(intf->seq_lock), flags); 836 /* 837 * We do this verification because the user can be deleted 838 * while a message is outstanding. 839 */ 840 if ((intf->seq_table[seq].inuse) 841 && (intf->seq_table[seq].seqid == seqid)) { 842 struct seq_table *ent = &(intf->seq_table[seq]); 843 844 ent->inuse = 0; 845 msg = ent->recv_msg; 846 rv = 0; 847 } 848 spin_unlock_irqrestore(&(intf->seq_lock), flags); 849 850 if (msg) 851 deliver_err_response(msg, err); 852 853 return rv; 854 } 855 856 857 int ipmi_create_user(unsigned int if_num, 858 struct ipmi_user_hndl *handler, 859 void *handler_data, 860 ipmi_user_t *user) 861 { 862 unsigned long flags; 863 ipmi_user_t new_user; 864 int rv = 0; 865 ipmi_smi_t intf; 866 867 /* 868 * There is no module usecount here, because it's not 869 * required. Since this can only be used by and called from 870 * other modules, they will implicitly use this module, and 871 * thus this can't be removed unless the other modules are 872 * removed. 873 */ 874 875 if (handler == NULL) 876 return -EINVAL; 877 878 /* 879 * Make sure the driver is actually initialized, this handles 880 * problems with initialization order. 881 */ 882 if (!initialized) { 883 rv = ipmi_init_msghandler(); 884 if (rv) 885 return rv; 886 887 /* 888 * The init code doesn't return an error if it was turned 889 * off, but it won't initialize. Check that. 890 */ 891 if (!initialized) 892 return -ENODEV; 893 } 894 895 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL); 896 if (!new_user) 897 return -ENOMEM; 898 899 mutex_lock(&ipmi_interfaces_mutex); 900 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 901 if (intf->intf_num == if_num) 902 goto found; 903 } 904 /* Not found, return an error */ 905 rv = -EINVAL; 906 goto out_kfree; 907 908 found: 909 /* Note that each existing user holds a refcount to the interface. */ 910 kref_get(&intf->refcount); 911 912 kref_init(&new_user->refcount); 913 new_user->handler = handler; 914 new_user->handler_data = handler_data; 915 new_user->intf = intf; 916 new_user->gets_events = 0; 917 918 if (!try_module_get(intf->handlers->owner)) { 919 rv = -ENODEV; 920 goto out_kref; 921 } 922 923 if (intf->handlers->inc_usecount) { 924 rv = intf->handlers->inc_usecount(intf->send_info); 925 if (rv) { 926 module_put(intf->handlers->owner); 927 goto out_kref; 928 } 929 } 930 931 /* 932 * Hold the lock so intf->handlers is guaranteed to be good 933 * until now 934 */ 935 mutex_unlock(&ipmi_interfaces_mutex); 936 937 new_user->valid = 1; 938 spin_lock_irqsave(&intf->seq_lock, flags); 939 list_add_rcu(&new_user->link, &intf->users); 940 spin_unlock_irqrestore(&intf->seq_lock, flags); 941 *user = new_user; 942 return 0; 943 944 out_kref: 945 kref_put(&intf->refcount, intf_free); 946 out_kfree: 947 mutex_unlock(&ipmi_interfaces_mutex); 948 kfree(new_user); 949 return rv; 950 } 951 EXPORT_SYMBOL(ipmi_create_user); 952 953 static void free_user(struct kref *ref) 954 { 955 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount); 956 kfree(user); 957 } 958 959 int ipmi_destroy_user(ipmi_user_t user) 960 { 961 ipmi_smi_t intf = user->intf; 962 int i; 963 unsigned long flags; 964 struct cmd_rcvr *rcvr; 965 struct cmd_rcvr *rcvrs = NULL; 966 967 user->valid = 0; 968 969 /* Remove the user from the interface's sequence table. */ 970 spin_lock_irqsave(&intf->seq_lock, flags); 971 list_del_rcu(&user->link); 972 973 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 974 if (intf->seq_table[i].inuse 975 && (intf->seq_table[i].recv_msg->user == user)) { 976 intf->seq_table[i].inuse = 0; 977 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 978 } 979 } 980 spin_unlock_irqrestore(&intf->seq_lock, flags); 981 982 /* 983 * Remove the user from the command receiver's table. First 984 * we build a list of everything (not using the standard link, 985 * since other things may be using it till we do 986 * synchronize_rcu()) then free everything in that list. 987 */ 988 mutex_lock(&intf->cmd_rcvrs_mutex); 989 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 990 if (rcvr->user == user) { 991 list_del_rcu(&rcvr->link); 992 rcvr->next = rcvrs; 993 rcvrs = rcvr; 994 } 995 } 996 mutex_unlock(&intf->cmd_rcvrs_mutex); 997 synchronize_rcu(); 998 while (rcvrs) { 999 rcvr = rcvrs; 1000 rcvrs = rcvr->next; 1001 kfree(rcvr); 1002 } 1003 1004 mutex_lock(&ipmi_interfaces_mutex); 1005 if (intf->handlers) { 1006 module_put(intf->handlers->owner); 1007 if (intf->handlers->dec_usecount) 1008 intf->handlers->dec_usecount(intf->send_info); 1009 } 1010 mutex_unlock(&ipmi_interfaces_mutex); 1011 1012 kref_put(&intf->refcount, intf_free); 1013 1014 kref_put(&user->refcount, free_user); 1015 1016 return 0; 1017 } 1018 EXPORT_SYMBOL(ipmi_destroy_user); 1019 1020 void ipmi_get_version(ipmi_user_t user, 1021 unsigned char *major, 1022 unsigned char *minor) 1023 { 1024 *major = user->intf->ipmi_version_major; 1025 *minor = user->intf->ipmi_version_minor; 1026 } 1027 EXPORT_SYMBOL(ipmi_get_version); 1028 1029 int ipmi_set_my_address(ipmi_user_t user, 1030 unsigned int channel, 1031 unsigned char address) 1032 { 1033 if (channel >= IPMI_MAX_CHANNELS) 1034 return -EINVAL; 1035 user->intf->channels[channel].address = address; 1036 return 0; 1037 } 1038 EXPORT_SYMBOL(ipmi_set_my_address); 1039 1040 int ipmi_get_my_address(ipmi_user_t user, 1041 unsigned int channel, 1042 unsigned char *address) 1043 { 1044 if (channel >= IPMI_MAX_CHANNELS) 1045 return -EINVAL; 1046 *address = user->intf->channels[channel].address; 1047 return 0; 1048 } 1049 EXPORT_SYMBOL(ipmi_get_my_address); 1050 1051 int ipmi_set_my_LUN(ipmi_user_t user, 1052 unsigned int channel, 1053 unsigned char LUN) 1054 { 1055 if (channel >= IPMI_MAX_CHANNELS) 1056 return -EINVAL; 1057 user->intf->channels[channel].lun = LUN & 0x3; 1058 return 0; 1059 } 1060 EXPORT_SYMBOL(ipmi_set_my_LUN); 1061 1062 int ipmi_get_my_LUN(ipmi_user_t user, 1063 unsigned int channel, 1064 unsigned char *address) 1065 { 1066 if (channel >= IPMI_MAX_CHANNELS) 1067 return -EINVAL; 1068 *address = user->intf->channels[channel].lun; 1069 return 0; 1070 } 1071 EXPORT_SYMBOL(ipmi_get_my_LUN); 1072 1073 int ipmi_get_maintenance_mode(ipmi_user_t user) 1074 { 1075 int mode; 1076 unsigned long flags; 1077 1078 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags); 1079 mode = user->intf->maintenance_mode; 1080 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags); 1081 1082 return mode; 1083 } 1084 EXPORT_SYMBOL(ipmi_get_maintenance_mode); 1085 1086 static void maintenance_mode_update(ipmi_smi_t intf) 1087 { 1088 if (intf->handlers->set_maintenance_mode) 1089 intf->handlers->set_maintenance_mode( 1090 intf->send_info, intf->maintenance_mode_enable); 1091 } 1092 1093 int ipmi_set_maintenance_mode(ipmi_user_t user, int mode) 1094 { 1095 int rv = 0; 1096 unsigned long flags; 1097 ipmi_smi_t intf = user->intf; 1098 1099 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1100 if (intf->maintenance_mode != mode) { 1101 switch (mode) { 1102 case IPMI_MAINTENANCE_MODE_AUTO: 1103 intf->maintenance_mode = mode; 1104 intf->maintenance_mode_enable 1105 = (intf->auto_maintenance_timeout > 0); 1106 break; 1107 1108 case IPMI_MAINTENANCE_MODE_OFF: 1109 intf->maintenance_mode = mode; 1110 intf->maintenance_mode_enable = 0; 1111 break; 1112 1113 case IPMI_MAINTENANCE_MODE_ON: 1114 intf->maintenance_mode = mode; 1115 intf->maintenance_mode_enable = 1; 1116 break; 1117 1118 default: 1119 rv = -EINVAL; 1120 goto out_unlock; 1121 } 1122 1123 maintenance_mode_update(intf); 1124 } 1125 out_unlock: 1126 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags); 1127 1128 return rv; 1129 } 1130 EXPORT_SYMBOL(ipmi_set_maintenance_mode); 1131 1132 int ipmi_set_gets_events(ipmi_user_t user, int val) 1133 { 1134 unsigned long flags; 1135 ipmi_smi_t intf = user->intf; 1136 struct ipmi_recv_msg *msg, *msg2; 1137 struct list_head msgs; 1138 1139 INIT_LIST_HEAD(&msgs); 1140 1141 spin_lock_irqsave(&intf->events_lock, flags); 1142 user->gets_events = val; 1143 1144 if (intf->delivering_events) 1145 /* 1146 * Another thread is delivering events for this, so 1147 * let it handle any new events. 1148 */ 1149 goto out; 1150 1151 /* Deliver any queued events. */ 1152 while (user->gets_events && !list_empty(&intf->waiting_events)) { 1153 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link) 1154 list_move_tail(&msg->link, &msgs); 1155 intf->waiting_events_count = 0; 1156 if (intf->event_msg_printed) { 1157 printk(KERN_WARNING PFX "Event queue no longer" 1158 " full\n"); 1159 intf->event_msg_printed = 0; 1160 } 1161 1162 intf->delivering_events = 1; 1163 spin_unlock_irqrestore(&intf->events_lock, flags); 1164 1165 list_for_each_entry_safe(msg, msg2, &msgs, link) { 1166 msg->user = user; 1167 kref_get(&user->refcount); 1168 deliver_response(msg); 1169 } 1170 1171 spin_lock_irqsave(&intf->events_lock, flags); 1172 intf->delivering_events = 0; 1173 } 1174 1175 out: 1176 spin_unlock_irqrestore(&intf->events_lock, flags); 1177 1178 return 0; 1179 } 1180 EXPORT_SYMBOL(ipmi_set_gets_events); 1181 1182 static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf, 1183 unsigned char netfn, 1184 unsigned char cmd, 1185 unsigned char chan) 1186 { 1187 struct cmd_rcvr *rcvr; 1188 1189 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1190 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1191 && (rcvr->chans & (1 << chan))) 1192 return rcvr; 1193 } 1194 return NULL; 1195 } 1196 1197 static int is_cmd_rcvr_exclusive(ipmi_smi_t intf, 1198 unsigned char netfn, 1199 unsigned char cmd, 1200 unsigned int chans) 1201 { 1202 struct cmd_rcvr *rcvr; 1203 1204 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1205 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1206 && (rcvr->chans & chans)) 1207 return 0; 1208 } 1209 return 1; 1210 } 1211 1212 int ipmi_register_for_cmd(ipmi_user_t user, 1213 unsigned char netfn, 1214 unsigned char cmd, 1215 unsigned int chans) 1216 { 1217 ipmi_smi_t intf = user->intf; 1218 struct cmd_rcvr *rcvr; 1219 int rv = 0; 1220 1221 1222 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL); 1223 if (!rcvr) 1224 return -ENOMEM; 1225 rcvr->cmd = cmd; 1226 rcvr->netfn = netfn; 1227 rcvr->chans = chans; 1228 rcvr->user = user; 1229 1230 mutex_lock(&intf->cmd_rcvrs_mutex); 1231 /* Make sure the command/netfn is not already registered. */ 1232 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) { 1233 rv = -EBUSY; 1234 goto out_unlock; 1235 } 1236 1237 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs); 1238 1239 out_unlock: 1240 mutex_unlock(&intf->cmd_rcvrs_mutex); 1241 if (rv) 1242 kfree(rcvr); 1243 1244 return rv; 1245 } 1246 EXPORT_SYMBOL(ipmi_register_for_cmd); 1247 1248 int ipmi_unregister_for_cmd(ipmi_user_t user, 1249 unsigned char netfn, 1250 unsigned char cmd, 1251 unsigned int chans) 1252 { 1253 ipmi_smi_t intf = user->intf; 1254 struct cmd_rcvr *rcvr; 1255 struct cmd_rcvr *rcvrs = NULL; 1256 int i, rv = -ENOENT; 1257 1258 mutex_lock(&intf->cmd_rcvrs_mutex); 1259 for (i = 0; i < IPMI_NUM_CHANNELS; i++) { 1260 if (((1 << i) & chans) == 0) 1261 continue; 1262 rcvr = find_cmd_rcvr(intf, netfn, cmd, i); 1263 if (rcvr == NULL) 1264 continue; 1265 if (rcvr->user == user) { 1266 rv = 0; 1267 rcvr->chans &= ~chans; 1268 if (rcvr->chans == 0) { 1269 list_del_rcu(&rcvr->link); 1270 rcvr->next = rcvrs; 1271 rcvrs = rcvr; 1272 } 1273 } 1274 } 1275 mutex_unlock(&intf->cmd_rcvrs_mutex); 1276 synchronize_rcu(); 1277 while (rcvrs) { 1278 rcvr = rcvrs; 1279 rcvrs = rcvr->next; 1280 kfree(rcvr); 1281 } 1282 return rv; 1283 } 1284 EXPORT_SYMBOL(ipmi_unregister_for_cmd); 1285 1286 static unsigned char 1287 ipmb_checksum(unsigned char *data, int size) 1288 { 1289 unsigned char csum = 0; 1290 1291 for (; size > 0; size--, data++) 1292 csum += *data; 1293 1294 return -csum; 1295 } 1296 1297 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg, 1298 struct kernel_ipmi_msg *msg, 1299 struct ipmi_ipmb_addr *ipmb_addr, 1300 long msgid, 1301 unsigned char ipmb_seq, 1302 int broadcast, 1303 unsigned char source_address, 1304 unsigned char source_lun) 1305 { 1306 int i = broadcast; 1307 1308 /* Format the IPMB header data. */ 1309 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1310 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1311 smi_msg->data[2] = ipmb_addr->channel; 1312 if (broadcast) 1313 smi_msg->data[3] = 0; 1314 smi_msg->data[i+3] = ipmb_addr->slave_addr; 1315 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3); 1316 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2); 1317 smi_msg->data[i+6] = source_address; 1318 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun; 1319 smi_msg->data[i+8] = msg->cmd; 1320 1321 /* Now tack on the data to the message. */ 1322 if (msg->data_len > 0) 1323 memcpy(&(smi_msg->data[i+9]), msg->data, 1324 msg->data_len); 1325 smi_msg->data_size = msg->data_len + 9; 1326 1327 /* Now calculate the checksum and tack it on. */ 1328 smi_msg->data[i+smi_msg->data_size] 1329 = ipmb_checksum(&(smi_msg->data[i+6]), 1330 smi_msg->data_size-6); 1331 1332 /* 1333 * Add on the checksum size and the offset from the 1334 * broadcast. 1335 */ 1336 smi_msg->data_size += 1 + i; 1337 1338 smi_msg->msgid = msgid; 1339 } 1340 1341 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg, 1342 struct kernel_ipmi_msg *msg, 1343 struct ipmi_lan_addr *lan_addr, 1344 long msgid, 1345 unsigned char ipmb_seq, 1346 unsigned char source_lun) 1347 { 1348 /* Format the IPMB header data. */ 1349 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1350 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1351 smi_msg->data[2] = lan_addr->channel; 1352 smi_msg->data[3] = lan_addr->session_handle; 1353 smi_msg->data[4] = lan_addr->remote_SWID; 1354 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3); 1355 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2); 1356 smi_msg->data[7] = lan_addr->local_SWID; 1357 smi_msg->data[8] = (ipmb_seq << 2) | source_lun; 1358 smi_msg->data[9] = msg->cmd; 1359 1360 /* Now tack on the data to the message. */ 1361 if (msg->data_len > 0) 1362 memcpy(&(smi_msg->data[10]), msg->data, 1363 msg->data_len); 1364 smi_msg->data_size = msg->data_len + 10; 1365 1366 /* Now calculate the checksum and tack it on. */ 1367 smi_msg->data[smi_msg->data_size] 1368 = ipmb_checksum(&(smi_msg->data[7]), 1369 smi_msg->data_size-7); 1370 1371 /* 1372 * Add on the checksum size and the offset from the 1373 * broadcast. 1374 */ 1375 smi_msg->data_size += 1; 1376 1377 smi_msg->msgid = msgid; 1378 } 1379 1380 /* 1381 * Separate from ipmi_request so that the user does not have to be 1382 * supplied in certain circumstances (mainly at panic time). If 1383 * messages are supplied, they will be freed, even if an error 1384 * occurs. 1385 */ 1386 static int i_ipmi_request(ipmi_user_t user, 1387 ipmi_smi_t intf, 1388 struct ipmi_addr *addr, 1389 long msgid, 1390 struct kernel_ipmi_msg *msg, 1391 void *user_msg_data, 1392 void *supplied_smi, 1393 struct ipmi_recv_msg *supplied_recv, 1394 int priority, 1395 unsigned char source_address, 1396 unsigned char source_lun, 1397 int retries, 1398 unsigned int retry_time_ms) 1399 { 1400 int rv = 0; 1401 struct ipmi_smi_msg *smi_msg; 1402 struct ipmi_recv_msg *recv_msg; 1403 unsigned long flags; 1404 struct ipmi_smi_handlers *handlers; 1405 1406 1407 if (supplied_recv) 1408 recv_msg = supplied_recv; 1409 else { 1410 recv_msg = ipmi_alloc_recv_msg(); 1411 if (recv_msg == NULL) 1412 return -ENOMEM; 1413 } 1414 recv_msg->user_msg_data = user_msg_data; 1415 1416 if (supplied_smi) 1417 smi_msg = (struct ipmi_smi_msg *) supplied_smi; 1418 else { 1419 smi_msg = ipmi_alloc_smi_msg(); 1420 if (smi_msg == NULL) { 1421 ipmi_free_recv_msg(recv_msg); 1422 return -ENOMEM; 1423 } 1424 } 1425 1426 rcu_read_lock(); 1427 handlers = intf->handlers; 1428 if (!handlers) { 1429 rv = -ENODEV; 1430 goto out_err; 1431 } 1432 1433 recv_msg->user = user; 1434 if (user) 1435 kref_get(&user->refcount); 1436 recv_msg->msgid = msgid; 1437 /* 1438 * Store the message to send in the receive message so timeout 1439 * responses can get the proper response data. 1440 */ 1441 recv_msg->msg = *msg; 1442 1443 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 1444 struct ipmi_system_interface_addr *smi_addr; 1445 1446 if (msg->netfn & 1) { 1447 /* Responses are not allowed to the SMI. */ 1448 rv = -EINVAL; 1449 goto out_err; 1450 } 1451 1452 smi_addr = (struct ipmi_system_interface_addr *) addr; 1453 if (smi_addr->lun > 3) { 1454 ipmi_inc_stat(intf, sent_invalid_commands); 1455 rv = -EINVAL; 1456 goto out_err; 1457 } 1458 1459 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr)); 1460 1461 if ((msg->netfn == IPMI_NETFN_APP_REQUEST) 1462 && ((msg->cmd == IPMI_SEND_MSG_CMD) 1463 || (msg->cmd == IPMI_GET_MSG_CMD) 1464 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) { 1465 /* 1466 * We don't let the user do these, since we manage 1467 * the sequence numbers. 1468 */ 1469 ipmi_inc_stat(intf, sent_invalid_commands); 1470 rv = -EINVAL; 1471 goto out_err; 1472 } 1473 1474 if (((msg->netfn == IPMI_NETFN_APP_REQUEST) 1475 && ((msg->cmd == IPMI_COLD_RESET_CMD) 1476 || (msg->cmd == IPMI_WARM_RESET_CMD))) 1477 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST)) { 1478 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1479 intf->auto_maintenance_timeout 1480 = IPMI_MAINTENANCE_MODE_TIMEOUT; 1481 if (!intf->maintenance_mode 1482 && !intf->maintenance_mode_enable) { 1483 intf->maintenance_mode_enable = 1; 1484 maintenance_mode_update(intf); 1485 } 1486 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 1487 flags); 1488 } 1489 1490 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) { 1491 ipmi_inc_stat(intf, sent_invalid_commands); 1492 rv = -EMSGSIZE; 1493 goto out_err; 1494 } 1495 1496 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3); 1497 smi_msg->data[1] = msg->cmd; 1498 smi_msg->msgid = msgid; 1499 smi_msg->user_data = recv_msg; 1500 if (msg->data_len > 0) 1501 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len); 1502 smi_msg->data_size = msg->data_len + 2; 1503 ipmi_inc_stat(intf, sent_local_commands); 1504 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE) 1505 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) { 1506 struct ipmi_ipmb_addr *ipmb_addr; 1507 unsigned char ipmb_seq; 1508 long seqid; 1509 int broadcast = 0; 1510 1511 if (addr->channel >= IPMI_MAX_CHANNELS) { 1512 ipmi_inc_stat(intf, sent_invalid_commands); 1513 rv = -EINVAL; 1514 goto out_err; 1515 } 1516 1517 if (intf->channels[addr->channel].medium 1518 != IPMI_CHANNEL_MEDIUM_IPMB) { 1519 ipmi_inc_stat(intf, sent_invalid_commands); 1520 rv = -EINVAL; 1521 goto out_err; 1522 } 1523 1524 if (retries < 0) { 1525 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) 1526 retries = 0; /* Don't retry broadcasts. */ 1527 else 1528 retries = 4; 1529 } 1530 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) { 1531 /* 1532 * Broadcasts add a zero at the beginning of the 1533 * message, but otherwise is the same as an IPMB 1534 * address. 1535 */ 1536 addr->addr_type = IPMI_IPMB_ADDR_TYPE; 1537 broadcast = 1; 1538 } 1539 1540 1541 /* Default to 1 second retries. */ 1542 if (retry_time_ms == 0) 1543 retry_time_ms = 1000; 1544 1545 /* 1546 * 9 for the header and 1 for the checksum, plus 1547 * possibly one for the broadcast. 1548 */ 1549 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) { 1550 ipmi_inc_stat(intf, sent_invalid_commands); 1551 rv = -EMSGSIZE; 1552 goto out_err; 1553 } 1554 1555 ipmb_addr = (struct ipmi_ipmb_addr *) addr; 1556 if (ipmb_addr->lun > 3) { 1557 ipmi_inc_stat(intf, sent_invalid_commands); 1558 rv = -EINVAL; 1559 goto out_err; 1560 } 1561 1562 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr)); 1563 1564 if (recv_msg->msg.netfn & 0x1) { 1565 /* 1566 * It's a response, so use the user's sequence 1567 * from msgid. 1568 */ 1569 ipmi_inc_stat(intf, sent_ipmb_responses); 1570 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid, 1571 msgid, broadcast, 1572 source_address, source_lun); 1573 1574 /* 1575 * Save the receive message so we can use it 1576 * to deliver the response. 1577 */ 1578 smi_msg->user_data = recv_msg; 1579 } else { 1580 /* It's a command, so get a sequence for it. */ 1581 1582 spin_lock_irqsave(&(intf->seq_lock), flags); 1583 1584 ipmi_inc_stat(intf, sent_ipmb_commands); 1585 1586 /* 1587 * Create a sequence number with a 1 second 1588 * timeout and 4 retries. 1589 */ 1590 rv = intf_next_seq(intf, 1591 recv_msg, 1592 retry_time_ms, 1593 retries, 1594 broadcast, 1595 &ipmb_seq, 1596 &seqid); 1597 if (rv) { 1598 /* 1599 * We have used up all the sequence numbers, 1600 * probably, so abort. 1601 */ 1602 spin_unlock_irqrestore(&(intf->seq_lock), 1603 flags); 1604 goto out_err; 1605 } 1606 1607 /* 1608 * Store the sequence number in the message, 1609 * so that when the send message response 1610 * comes back we can start the timer. 1611 */ 1612 format_ipmb_msg(smi_msg, msg, ipmb_addr, 1613 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1614 ipmb_seq, broadcast, 1615 source_address, source_lun); 1616 1617 /* 1618 * Copy the message into the recv message data, so we 1619 * can retransmit it later if necessary. 1620 */ 1621 memcpy(recv_msg->msg_data, smi_msg->data, 1622 smi_msg->data_size); 1623 recv_msg->msg.data = recv_msg->msg_data; 1624 recv_msg->msg.data_len = smi_msg->data_size; 1625 1626 /* 1627 * We don't unlock until here, because we need 1628 * to copy the completed message into the 1629 * recv_msg before we release the lock. 1630 * Otherwise, race conditions may bite us. I 1631 * know that's pretty paranoid, but I prefer 1632 * to be correct. 1633 */ 1634 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1635 } 1636 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) { 1637 struct ipmi_lan_addr *lan_addr; 1638 unsigned char ipmb_seq; 1639 long seqid; 1640 1641 if (addr->channel >= IPMI_MAX_CHANNELS) { 1642 ipmi_inc_stat(intf, sent_invalid_commands); 1643 rv = -EINVAL; 1644 goto out_err; 1645 } 1646 1647 if ((intf->channels[addr->channel].medium 1648 != IPMI_CHANNEL_MEDIUM_8023LAN) 1649 && (intf->channels[addr->channel].medium 1650 != IPMI_CHANNEL_MEDIUM_ASYNC)) { 1651 ipmi_inc_stat(intf, sent_invalid_commands); 1652 rv = -EINVAL; 1653 goto out_err; 1654 } 1655 1656 retries = 4; 1657 1658 /* Default to 1 second retries. */ 1659 if (retry_time_ms == 0) 1660 retry_time_ms = 1000; 1661 1662 /* 11 for the header and 1 for the checksum. */ 1663 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) { 1664 ipmi_inc_stat(intf, sent_invalid_commands); 1665 rv = -EMSGSIZE; 1666 goto out_err; 1667 } 1668 1669 lan_addr = (struct ipmi_lan_addr *) addr; 1670 if (lan_addr->lun > 3) { 1671 ipmi_inc_stat(intf, sent_invalid_commands); 1672 rv = -EINVAL; 1673 goto out_err; 1674 } 1675 1676 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr)); 1677 1678 if (recv_msg->msg.netfn & 0x1) { 1679 /* 1680 * It's a response, so use the user's sequence 1681 * from msgid. 1682 */ 1683 ipmi_inc_stat(intf, sent_lan_responses); 1684 format_lan_msg(smi_msg, msg, lan_addr, msgid, 1685 msgid, source_lun); 1686 1687 /* 1688 * Save the receive message so we can use it 1689 * to deliver the response. 1690 */ 1691 smi_msg->user_data = recv_msg; 1692 } else { 1693 /* It's a command, so get a sequence for it. */ 1694 1695 spin_lock_irqsave(&(intf->seq_lock), flags); 1696 1697 ipmi_inc_stat(intf, sent_lan_commands); 1698 1699 /* 1700 * Create a sequence number with a 1 second 1701 * timeout and 4 retries. 1702 */ 1703 rv = intf_next_seq(intf, 1704 recv_msg, 1705 retry_time_ms, 1706 retries, 1707 0, 1708 &ipmb_seq, 1709 &seqid); 1710 if (rv) { 1711 /* 1712 * We have used up all the sequence numbers, 1713 * probably, so abort. 1714 */ 1715 spin_unlock_irqrestore(&(intf->seq_lock), 1716 flags); 1717 goto out_err; 1718 } 1719 1720 /* 1721 * Store the sequence number in the message, 1722 * so that when the send message response 1723 * comes back we can start the timer. 1724 */ 1725 format_lan_msg(smi_msg, msg, lan_addr, 1726 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1727 ipmb_seq, source_lun); 1728 1729 /* 1730 * Copy the message into the recv message data, so we 1731 * can retransmit it later if necessary. 1732 */ 1733 memcpy(recv_msg->msg_data, smi_msg->data, 1734 smi_msg->data_size); 1735 recv_msg->msg.data = recv_msg->msg_data; 1736 recv_msg->msg.data_len = smi_msg->data_size; 1737 1738 /* 1739 * We don't unlock until here, because we need 1740 * to copy the completed message into the 1741 * recv_msg before we release the lock. 1742 * Otherwise, race conditions may bite us. I 1743 * know that's pretty paranoid, but I prefer 1744 * to be correct. 1745 */ 1746 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1747 } 1748 } else { 1749 /* Unknown address type. */ 1750 ipmi_inc_stat(intf, sent_invalid_commands); 1751 rv = -EINVAL; 1752 goto out_err; 1753 } 1754 1755 #ifdef DEBUG_MSGING 1756 { 1757 int m; 1758 for (m = 0; m < smi_msg->data_size; m++) 1759 printk(" %2.2x", smi_msg->data[m]); 1760 printk("\n"); 1761 } 1762 #endif 1763 1764 handlers->sender(intf->send_info, smi_msg, priority); 1765 rcu_read_unlock(); 1766 1767 return 0; 1768 1769 out_err: 1770 rcu_read_unlock(); 1771 ipmi_free_smi_msg(smi_msg); 1772 ipmi_free_recv_msg(recv_msg); 1773 return rv; 1774 } 1775 1776 static int check_addr(ipmi_smi_t intf, 1777 struct ipmi_addr *addr, 1778 unsigned char *saddr, 1779 unsigned char *lun) 1780 { 1781 if (addr->channel >= IPMI_MAX_CHANNELS) 1782 return -EINVAL; 1783 *lun = intf->channels[addr->channel].lun; 1784 *saddr = intf->channels[addr->channel].address; 1785 return 0; 1786 } 1787 1788 int ipmi_request_settime(ipmi_user_t user, 1789 struct ipmi_addr *addr, 1790 long msgid, 1791 struct kernel_ipmi_msg *msg, 1792 void *user_msg_data, 1793 int priority, 1794 int retries, 1795 unsigned int retry_time_ms) 1796 { 1797 unsigned char saddr, lun; 1798 int rv; 1799 1800 if (!user) 1801 return -EINVAL; 1802 rv = check_addr(user->intf, addr, &saddr, &lun); 1803 if (rv) 1804 return rv; 1805 return i_ipmi_request(user, 1806 user->intf, 1807 addr, 1808 msgid, 1809 msg, 1810 user_msg_data, 1811 NULL, NULL, 1812 priority, 1813 saddr, 1814 lun, 1815 retries, 1816 retry_time_ms); 1817 } 1818 EXPORT_SYMBOL(ipmi_request_settime); 1819 1820 int ipmi_request_supply_msgs(ipmi_user_t user, 1821 struct ipmi_addr *addr, 1822 long msgid, 1823 struct kernel_ipmi_msg *msg, 1824 void *user_msg_data, 1825 void *supplied_smi, 1826 struct ipmi_recv_msg *supplied_recv, 1827 int priority) 1828 { 1829 unsigned char saddr, lun; 1830 int rv; 1831 1832 if (!user) 1833 return -EINVAL; 1834 rv = check_addr(user->intf, addr, &saddr, &lun); 1835 if (rv) 1836 return rv; 1837 return i_ipmi_request(user, 1838 user->intf, 1839 addr, 1840 msgid, 1841 msg, 1842 user_msg_data, 1843 supplied_smi, 1844 supplied_recv, 1845 priority, 1846 saddr, 1847 lun, 1848 -1, 0); 1849 } 1850 EXPORT_SYMBOL(ipmi_request_supply_msgs); 1851 1852 #ifdef CONFIG_PROC_FS 1853 static int ipmb_file_read_proc(char *page, char **start, off_t off, 1854 int count, int *eof, void *data) 1855 { 1856 char *out = (char *) page; 1857 ipmi_smi_t intf = data; 1858 int i; 1859 int rv = 0; 1860 1861 for (i = 0; i < IPMI_MAX_CHANNELS; i++) 1862 rv += sprintf(out+rv, "%x ", intf->channels[i].address); 1863 out[rv-1] = '\n'; /* Replace the final space with a newline */ 1864 out[rv] = '\0'; 1865 rv++; 1866 return rv; 1867 } 1868 1869 static int version_file_read_proc(char *page, char **start, off_t off, 1870 int count, int *eof, void *data) 1871 { 1872 char *out = (char *) page; 1873 ipmi_smi_t intf = data; 1874 1875 return sprintf(out, "%u.%u\n", 1876 ipmi_version_major(&intf->bmc->id), 1877 ipmi_version_minor(&intf->bmc->id)); 1878 } 1879 1880 static int stat_file_read_proc(char *page, char **start, off_t off, 1881 int count, int *eof, void *data) 1882 { 1883 char *out = (char *) page; 1884 ipmi_smi_t intf = data; 1885 1886 out += sprintf(out, "sent_invalid_commands: %u\n", 1887 ipmi_get_stat(intf, sent_invalid_commands)); 1888 out += sprintf(out, "sent_local_commands: %u\n", 1889 ipmi_get_stat(intf, sent_local_commands)); 1890 out += sprintf(out, "handled_local_responses: %u\n", 1891 ipmi_get_stat(intf, handled_local_responses)); 1892 out += sprintf(out, "unhandled_local_responses: %u\n", 1893 ipmi_get_stat(intf, unhandled_local_responses)); 1894 out += sprintf(out, "sent_ipmb_commands: %u\n", 1895 ipmi_get_stat(intf, sent_ipmb_commands)); 1896 out += sprintf(out, "sent_ipmb_command_errs: %u\n", 1897 ipmi_get_stat(intf, sent_ipmb_command_errs)); 1898 out += sprintf(out, "retransmitted_ipmb_commands: %u\n", 1899 ipmi_get_stat(intf, retransmitted_ipmb_commands)); 1900 out += sprintf(out, "timed_out_ipmb_commands: %u\n", 1901 ipmi_get_stat(intf, timed_out_ipmb_commands)); 1902 out += sprintf(out, "timed_out_ipmb_broadcasts: %u\n", 1903 ipmi_get_stat(intf, timed_out_ipmb_broadcasts)); 1904 out += sprintf(out, "sent_ipmb_responses: %u\n", 1905 ipmi_get_stat(intf, sent_ipmb_responses)); 1906 out += sprintf(out, "handled_ipmb_responses: %u\n", 1907 ipmi_get_stat(intf, handled_ipmb_responses)); 1908 out += sprintf(out, "invalid_ipmb_responses: %u\n", 1909 ipmi_get_stat(intf, invalid_ipmb_responses)); 1910 out += sprintf(out, "unhandled_ipmb_responses: %u\n", 1911 ipmi_get_stat(intf, unhandled_ipmb_responses)); 1912 out += sprintf(out, "sent_lan_commands: %u\n", 1913 ipmi_get_stat(intf, sent_lan_commands)); 1914 out += sprintf(out, "sent_lan_command_errs: %u\n", 1915 ipmi_get_stat(intf, sent_lan_command_errs)); 1916 out += sprintf(out, "retransmitted_lan_commands: %u\n", 1917 ipmi_get_stat(intf, retransmitted_lan_commands)); 1918 out += sprintf(out, "timed_out_lan_commands: %u\n", 1919 ipmi_get_stat(intf, timed_out_lan_commands)); 1920 out += sprintf(out, "sent_lan_responses: %u\n", 1921 ipmi_get_stat(intf, sent_lan_responses)); 1922 out += sprintf(out, "handled_lan_responses: %u\n", 1923 ipmi_get_stat(intf, handled_lan_responses)); 1924 out += sprintf(out, "invalid_lan_responses: %u\n", 1925 ipmi_get_stat(intf, invalid_lan_responses)); 1926 out += sprintf(out, "unhandled_lan_responses: %u\n", 1927 ipmi_get_stat(intf, unhandled_lan_responses)); 1928 out += sprintf(out, "handled_commands: %u\n", 1929 ipmi_get_stat(intf, handled_commands)); 1930 out += sprintf(out, "invalid_commands: %u\n", 1931 ipmi_get_stat(intf, invalid_commands)); 1932 out += sprintf(out, "unhandled_commands: %u\n", 1933 ipmi_get_stat(intf, unhandled_commands)); 1934 out += sprintf(out, "invalid_events: %u\n", 1935 ipmi_get_stat(intf, invalid_events)); 1936 out += sprintf(out, "events: %u\n", 1937 ipmi_get_stat(intf, events)); 1938 1939 return (out - ((char *) page)); 1940 } 1941 #endif /* CONFIG_PROC_FS */ 1942 1943 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name, 1944 read_proc_t *read_proc, 1945 void *data, struct module *owner) 1946 { 1947 int rv = 0; 1948 #ifdef CONFIG_PROC_FS 1949 struct proc_dir_entry *file; 1950 struct ipmi_proc_entry *entry; 1951 1952 /* Create a list element. */ 1953 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 1954 if (!entry) 1955 return -ENOMEM; 1956 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL); 1957 if (!entry->name) { 1958 kfree(entry); 1959 return -ENOMEM; 1960 } 1961 strcpy(entry->name, name); 1962 1963 file = create_proc_entry(name, 0, smi->proc_dir); 1964 if (!file) { 1965 kfree(entry->name); 1966 kfree(entry); 1967 rv = -ENOMEM; 1968 } else { 1969 file->data = data; 1970 file->read_proc = read_proc; 1971 file->owner = owner; 1972 1973 mutex_lock(&smi->proc_entry_lock); 1974 /* Stick it on the list. */ 1975 entry->next = smi->proc_entries; 1976 smi->proc_entries = entry; 1977 mutex_unlock(&smi->proc_entry_lock); 1978 } 1979 #endif /* CONFIG_PROC_FS */ 1980 1981 return rv; 1982 } 1983 EXPORT_SYMBOL(ipmi_smi_add_proc_entry); 1984 1985 static int add_proc_entries(ipmi_smi_t smi, int num) 1986 { 1987 int rv = 0; 1988 1989 #ifdef CONFIG_PROC_FS 1990 sprintf(smi->proc_dir_name, "%d", num); 1991 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root); 1992 if (!smi->proc_dir) 1993 rv = -ENOMEM; 1994 else 1995 smi->proc_dir->owner = THIS_MODULE; 1996 1997 if (rv == 0) 1998 rv = ipmi_smi_add_proc_entry(smi, "stats", 1999 stat_file_read_proc, 2000 smi, THIS_MODULE); 2001 2002 if (rv == 0) 2003 rv = ipmi_smi_add_proc_entry(smi, "ipmb", 2004 ipmb_file_read_proc, 2005 smi, THIS_MODULE); 2006 2007 if (rv == 0) 2008 rv = ipmi_smi_add_proc_entry(smi, "version", 2009 version_file_read_proc, 2010 smi, THIS_MODULE); 2011 #endif /* CONFIG_PROC_FS */ 2012 2013 return rv; 2014 } 2015 2016 static void remove_proc_entries(ipmi_smi_t smi) 2017 { 2018 #ifdef CONFIG_PROC_FS 2019 struct ipmi_proc_entry *entry; 2020 2021 mutex_lock(&smi->proc_entry_lock); 2022 while (smi->proc_entries) { 2023 entry = smi->proc_entries; 2024 smi->proc_entries = entry->next; 2025 2026 remove_proc_entry(entry->name, smi->proc_dir); 2027 kfree(entry->name); 2028 kfree(entry); 2029 } 2030 mutex_unlock(&smi->proc_entry_lock); 2031 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root); 2032 #endif /* CONFIG_PROC_FS */ 2033 } 2034 2035 static int __find_bmc_guid(struct device *dev, void *data) 2036 { 2037 unsigned char *id = data; 2038 struct bmc_device *bmc = dev_get_drvdata(dev); 2039 return memcmp(bmc->guid, id, 16) == 0; 2040 } 2041 2042 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv, 2043 unsigned char *guid) 2044 { 2045 struct device *dev; 2046 2047 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid); 2048 if (dev) 2049 return dev_get_drvdata(dev); 2050 else 2051 return NULL; 2052 } 2053 2054 struct prod_dev_id { 2055 unsigned int product_id; 2056 unsigned char device_id; 2057 }; 2058 2059 static int __find_bmc_prod_dev_id(struct device *dev, void *data) 2060 { 2061 struct prod_dev_id *id = data; 2062 struct bmc_device *bmc = dev_get_drvdata(dev); 2063 2064 return (bmc->id.product_id == id->product_id 2065 && bmc->id.device_id == id->device_id); 2066 } 2067 2068 static struct bmc_device *ipmi_find_bmc_prod_dev_id( 2069 struct device_driver *drv, 2070 unsigned int product_id, unsigned char device_id) 2071 { 2072 struct prod_dev_id id = { 2073 .product_id = product_id, 2074 .device_id = device_id, 2075 }; 2076 struct device *dev; 2077 2078 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id); 2079 if (dev) 2080 return dev_get_drvdata(dev); 2081 else 2082 return NULL; 2083 } 2084 2085 static ssize_t device_id_show(struct device *dev, 2086 struct device_attribute *attr, 2087 char *buf) 2088 { 2089 struct bmc_device *bmc = dev_get_drvdata(dev); 2090 2091 return snprintf(buf, 10, "%u\n", bmc->id.device_id); 2092 } 2093 2094 static ssize_t provides_dev_sdrs_show(struct device *dev, 2095 struct device_attribute *attr, 2096 char *buf) 2097 { 2098 struct bmc_device *bmc = dev_get_drvdata(dev); 2099 2100 return snprintf(buf, 10, "%u\n", 2101 (bmc->id.device_revision & 0x80) >> 7); 2102 } 2103 2104 static ssize_t revision_show(struct device *dev, struct device_attribute *attr, 2105 char *buf) 2106 { 2107 struct bmc_device *bmc = dev_get_drvdata(dev); 2108 2109 return snprintf(buf, 20, "%u\n", 2110 bmc->id.device_revision & 0x0F); 2111 } 2112 2113 static ssize_t firmware_rev_show(struct device *dev, 2114 struct device_attribute *attr, 2115 char *buf) 2116 { 2117 struct bmc_device *bmc = dev_get_drvdata(dev); 2118 2119 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1, 2120 bmc->id.firmware_revision_2); 2121 } 2122 2123 static ssize_t ipmi_version_show(struct device *dev, 2124 struct device_attribute *attr, 2125 char *buf) 2126 { 2127 struct bmc_device *bmc = dev_get_drvdata(dev); 2128 2129 return snprintf(buf, 20, "%u.%u\n", 2130 ipmi_version_major(&bmc->id), 2131 ipmi_version_minor(&bmc->id)); 2132 } 2133 2134 static ssize_t add_dev_support_show(struct device *dev, 2135 struct device_attribute *attr, 2136 char *buf) 2137 { 2138 struct bmc_device *bmc = dev_get_drvdata(dev); 2139 2140 return snprintf(buf, 10, "0x%02x\n", 2141 bmc->id.additional_device_support); 2142 } 2143 2144 static ssize_t manufacturer_id_show(struct device *dev, 2145 struct device_attribute *attr, 2146 char *buf) 2147 { 2148 struct bmc_device *bmc = dev_get_drvdata(dev); 2149 2150 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id); 2151 } 2152 2153 static ssize_t product_id_show(struct device *dev, 2154 struct device_attribute *attr, 2155 char *buf) 2156 { 2157 struct bmc_device *bmc = dev_get_drvdata(dev); 2158 2159 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id); 2160 } 2161 2162 static ssize_t aux_firmware_rev_show(struct device *dev, 2163 struct device_attribute *attr, 2164 char *buf) 2165 { 2166 struct bmc_device *bmc = dev_get_drvdata(dev); 2167 2168 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n", 2169 bmc->id.aux_firmware_revision[3], 2170 bmc->id.aux_firmware_revision[2], 2171 bmc->id.aux_firmware_revision[1], 2172 bmc->id.aux_firmware_revision[0]); 2173 } 2174 2175 static ssize_t guid_show(struct device *dev, struct device_attribute *attr, 2176 char *buf) 2177 { 2178 struct bmc_device *bmc = dev_get_drvdata(dev); 2179 2180 return snprintf(buf, 100, "%Lx%Lx\n", 2181 (long long) bmc->guid[0], 2182 (long long) bmc->guid[8]); 2183 } 2184 2185 static void remove_files(struct bmc_device *bmc) 2186 { 2187 if (!bmc->dev) 2188 return; 2189 2190 device_remove_file(&bmc->dev->dev, 2191 &bmc->device_id_attr); 2192 device_remove_file(&bmc->dev->dev, 2193 &bmc->provides_dev_sdrs_attr); 2194 device_remove_file(&bmc->dev->dev, 2195 &bmc->revision_attr); 2196 device_remove_file(&bmc->dev->dev, 2197 &bmc->firmware_rev_attr); 2198 device_remove_file(&bmc->dev->dev, 2199 &bmc->version_attr); 2200 device_remove_file(&bmc->dev->dev, 2201 &bmc->add_dev_support_attr); 2202 device_remove_file(&bmc->dev->dev, 2203 &bmc->manufacturer_id_attr); 2204 device_remove_file(&bmc->dev->dev, 2205 &bmc->product_id_attr); 2206 2207 if (bmc->id.aux_firmware_revision_set) 2208 device_remove_file(&bmc->dev->dev, 2209 &bmc->aux_firmware_rev_attr); 2210 if (bmc->guid_set) 2211 device_remove_file(&bmc->dev->dev, 2212 &bmc->guid_attr); 2213 } 2214 2215 static void 2216 cleanup_bmc_device(struct kref *ref) 2217 { 2218 struct bmc_device *bmc; 2219 2220 bmc = container_of(ref, struct bmc_device, refcount); 2221 2222 remove_files(bmc); 2223 platform_device_unregister(bmc->dev); 2224 kfree(bmc); 2225 } 2226 2227 static void ipmi_bmc_unregister(ipmi_smi_t intf) 2228 { 2229 struct bmc_device *bmc = intf->bmc; 2230 2231 if (intf->sysfs_name) { 2232 sysfs_remove_link(&intf->si_dev->kobj, intf->sysfs_name); 2233 kfree(intf->sysfs_name); 2234 intf->sysfs_name = NULL; 2235 } 2236 if (intf->my_dev_name) { 2237 sysfs_remove_link(&bmc->dev->dev.kobj, intf->my_dev_name); 2238 kfree(intf->my_dev_name); 2239 intf->my_dev_name = NULL; 2240 } 2241 2242 mutex_lock(&ipmidriver_mutex); 2243 kref_put(&bmc->refcount, cleanup_bmc_device); 2244 intf->bmc = NULL; 2245 mutex_unlock(&ipmidriver_mutex); 2246 } 2247 2248 static int create_files(struct bmc_device *bmc) 2249 { 2250 int err; 2251 2252 bmc->device_id_attr.attr.name = "device_id"; 2253 bmc->device_id_attr.attr.mode = S_IRUGO; 2254 bmc->device_id_attr.show = device_id_show; 2255 2256 bmc->provides_dev_sdrs_attr.attr.name = "provides_device_sdrs"; 2257 bmc->provides_dev_sdrs_attr.attr.mode = S_IRUGO; 2258 bmc->provides_dev_sdrs_attr.show = provides_dev_sdrs_show; 2259 2260 bmc->revision_attr.attr.name = "revision"; 2261 bmc->revision_attr.attr.mode = S_IRUGO; 2262 bmc->revision_attr.show = revision_show; 2263 2264 bmc->firmware_rev_attr.attr.name = "firmware_revision"; 2265 bmc->firmware_rev_attr.attr.mode = S_IRUGO; 2266 bmc->firmware_rev_attr.show = firmware_rev_show; 2267 2268 bmc->version_attr.attr.name = "ipmi_version"; 2269 bmc->version_attr.attr.mode = S_IRUGO; 2270 bmc->version_attr.show = ipmi_version_show; 2271 2272 bmc->add_dev_support_attr.attr.name = "additional_device_support"; 2273 bmc->add_dev_support_attr.attr.mode = S_IRUGO; 2274 bmc->add_dev_support_attr.show = add_dev_support_show; 2275 2276 bmc->manufacturer_id_attr.attr.name = "manufacturer_id"; 2277 bmc->manufacturer_id_attr.attr.mode = S_IRUGO; 2278 bmc->manufacturer_id_attr.show = manufacturer_id_show; 2279 2280 bmc->product_id_attr.attr.name = "product_id"; 2281 bmc->product_id_attr.attr.mode = S_IRUGO; 2282 bmc->product_id_attr.show = product_id_show; 2283 2284 bmc->guid_attr.attr.name = "guid"; 2285 bmc->guid_attr.attr.mode = S_IRUGO; 2286 bmc->guid_attr.show = guid_show; 2287 2288 bmc->aux_firmware_rev_attr.attr.name = "aux_firmware_revision"; 2289 bmc->aux_firmware_rev_attr.attr.mode = S_IRUGO; 2290 bmc->aux_firmware_rev_attr.show = aux_firmware_rev_show; 2291 2292 err = device_create_file(&bmc->dev->dev, 2293 &bmc->device_id_attr); 2294 if (err) 2295 goto out; 2296 err = device_create_file(&bmc->dev->dev, 2297 &bmc->provides_dev_sdrs_attr); 2298 if (err) 2299 goto out_devid; 2300 err = device_create_file(&bmc->dev->dev, 2301 &bmc->revision_attr); 2302 if (err) 2303 goto out_sdrs; 2304 err = device_create_file(&bmc->dev->dev, 2305 &bmc->firmware_rev_attr); 2306 if (err) 2307 goto out_rev; 2308 err = device_create_file(&bmc->dev->dev, 2309 &bmc->version_attr); 2310 if (err) 2311 goto out_firm; 2312 err = device_create_file(&bmc->dev->dev, 2313 &bmc->add_dev_support_attr); 2314 if (err) 2315 goto out_version; 2316 err = device_create_file(&bmc->dev->dev, 2317 &bmc->manufacturer_id_attr); 2318 if (err) 2319 goto out_add_dev; 2320 err = device_create_file(&bmc->dev->dev, 2321 &bmc->product_id_attr); 2322 if (err) 2323 goto out_manu; 2324 if (bmc->id.aux_firmware_revision_set) { 2325 err = device_create_file(&bmc->dev->dev, 2326 &bmc->aux_firmware_rev_attr); 2327 if (err) 2328 goto out_prod_id; 2329 } 2330 if (bmc->guid_set) { 2331 err = device_create_file(&bmc->dev->dev, 2332 &bmc->guid_attr); 2333 if (err) 2334 goto out_aux_firm; 2335 } 2336 2337 return 0; 2338 2339 out_aux_firm: 2340 if (bmc->id.aux_firmware_revision_set) 2341 device_remove_file(&bmc->dev->dev, 2342 &bmc->aux_firmware_rev_attr); 2343 out_prod_id: 2344 device_remove_file(&bmc->dev->dev, 2345 &bmc->product_id_attr); 2346 out_manu: 2347 device_remove_file(&bmc->dev->dev, 2348 &bmc->manufacturer_id_attr); 2349 out_add_dev: 2350 device_remove_file(&bmc->dev->dev, 2351 &bmc->add_dev_support_attr); 2352 out_version: 2353 device_remove_file(&bmc->dev->dev, 2354 &bmc->version_attr); 2355 out_firm: 2356 device_remove_file(&bmc->dev->dev, 2357 &bmc->firmware_rev_attr); 2358 out_rev: 2359 device_remove_file(&bmc->dev->dev, 2360 &bmc->revision_attr); 2361 out_sdrs: 2362 device_remove_file(&bmc->dev->dev, 2363 &bmc->provides_dev_sdrs_attr); 2364 out_devid: 2365 device_remove_file(&bmc->dev->dev, 2366 &bmc->device_id_attr); 2367 out: 2368 return err; 2369 } 2370 2371 static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum, 2372 const char *sysfs_name) 2373 { 2374 int rv; 2375 struct bmc_device *bmc = intf->bmc; 2376 struct bmc_device *old_bmc; 2377 int size; 2378 char dummy[1]; 2379 2380 mutex_lock(&ipmidriver_mutex); 2381 2382 /* 2383 * Try to find if there is an bmc_device struct 2384 * representing the interfaced BMC already 2385 */ 2386 if (bmc->guid_set) 2387 old_bmc = ipmi_find_bmc_guid(&ipmidriver, bmc->guid); 2388 else 2389 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver, 2390 bmc->id.product_id, 2391 bmc->id.device_id); 2392 2393 /* 2394 * If there is already an bmc_device, free the new one, 2395 * otherwise register the new BMC device 2396 */ 2397 if (old_bmc) { 2398 kfree(bmc); 2399 intf->bmc = old_bmc; 2400 bmc = old_bmc; 2401 2402 kref_get(&bmc->refcount); 2403 mutex_unlock(&ipmidriver_mutex); 2404 2405 printk(KERN_INFO 2406 "ipmi: interfacing existing BMC (man_id: 0x%6.6x," 2407 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2408 bmc->id.manufacturer_id, 2409 bmc->id.product_id, 2410 bmc->id.device_id); 2411 } else { 2412 char name[14]; 2413 unsigned char orig_dev_id = bmc->id.device_id; 2414 int warn_printed = 0; 2415 2416 snprintf(name, sizeof(name), 2417 "ipmi_bmc.%4.4x", bmc->id.product_id); 2418 2419 while (ipmi_find_bmc_prod_dev_id(&ipmidriver, 2420 bmc->id.product_id, 2421 bmc->id.device_id)) { 2422 if (!warn_printed) { 2423 printk(KERN_WARNING PFX 2424 "This machine has two different BMCs" 2425 " with the same product id and device" 2426 " id. This is an error in the" 2427 " firmware, but incrementing the" 2428 " device id to work around the problem." 2429 " Prod ID = 0x%x, Dev ID = 0x%x\n", 2430 bmc->id.product_id, bmc->id.device_id); 2431 warn_printed = 1; 2432 } 2433 bmc->id.device_id++; /* Wraps at 255 */ 2434 if (bmc->id.device_id == orig_dev_id) { 2435 printk(KERN_ERR PFX 2436 "Out of device ids!\n"); 2437 break; 2438 } 2439 } 2440 2441 bmc->dev = platform_device_alloc(name, bmc->id.device_id); 2442 if (!bmc->dev) { 2443 mutex_unlock(&ipmidriver_mutex); 2444 printk(KERN_ERR 2445 "ipmi_msghandler:" 2446 " Unable to allocate platform device\n"); 2447 return -ENOMEM; 2448 } 2449 bmc->dev->dev.driver = &ipmidriver; 2450 dev_set_drvdata(&bmc->dev->dev, bmc); 2451 kref_init(&bmc->refcount); 2452 2453 rv = platform_device_add(bmc->dev); 2454 mutex_unlock(&ipmidriver_mutex); 2455 if (rv) { 2456 platform_device_put(bmc->dev); 2457 bmc->dev = NULL; 2458 printk(KERN_ERR 2459 "ipmi_msghandler:" 2460 " Unable to register bmc device: %d\n", 2461 rv); 2462 /* 2463 * Don't go to out_err, you can only do that if 2464 * the device is registered already. 2465 */ 2466 return rv; 2467 } 2468 2469 rv = create_files(bmc); 2470 if (rv) { 2471 mutex_lock(&ipmidriver_mutex); 2472 platform_device_unregister(bmc->dev); 2473 mutex_unlock(&ipmidriver_mutex); 2474 2475 return rv; 2476 } 2477 2478 printk(KERN_INFO 2479 "ipmi: Found new BMC (man_id: 0x%6.6x, " 2480 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2481 bmc->id.manufacturer_id, 2482 bmc->id.product_id, 2483 bmc->id.device_id); 2484 } 2485 2486 /* 2487 * create symlink from system interface device to bmc device 2488 * and back. 2489 */ 2490 intf->sysfs_name = kstrdup(sysfs_name, GFP_KERNEL); 2491 if (!intf->sysfs_name) { 2492 rv = -ENOMEM; 2493 printk(KERN_ERR 2494 "ipmi_msghandler: allocate link to BMC: %d\n", 2495 rv); 2496 goto out_err; 2497 } 2498 2499 rv = sysfs_create_link(&intf->si_dev->kobj, 2500 &bmc->dev->dev.kobj, intf->sysfs_name); 2501 if (rv) { 2502 kfree(intf->sysfs_name); 2503 intf->sysfs_name = NULL; 2504 printk(KERN_ERR 2505 "ipmi_msghandler: Unable to create bmc symlink: %d\n", 2506 rv); 2507 goto out_err; 2508 } 2509 2510 size = snprintf(dummy, 0, "ipmi%d", ifnum); 2511 intf->my_dev_name = kmalloc(size+1, GFP_KERNEL); 2512 if (!intf->my_dev_name) { 2513 kfree(intf->sysfs_name); 2514 intf->sysfs_name = NULL; 2515 rv = -ENOMEM; 2516 printk(KERN_ERR 2517 "ipmi_msghandler: allocate link from BMC: %d\n", 2518 rv); 2519 goto out_err; 2520 } 2521 snprintf(intf->my_dev_name, size+1, "ipmi%d", ifnum); 2522 2523 rv = sysfs_create_link(&bmc->dev->dev.kobj, &intf->si_dev->kobj, 2524 intf->my_dev_name); 2525 if (rv) { 2526 kfree(intf->sysfs_name); 2527 intf->sysfs_name = NULL; 2528 kfree(intf->my_dev_name); 2529 intf->my_dev_name = NULL; 2530 printk(KERN_ERR 2531 "ipmi_msghandler:" 2532 " Unable to create symlink to bmc: %d\n", 2533 rv); 2534 goto out_err; 2535 } 2536 2537 return 0; 2538 2539 out_err: 2540 ipmi_bmc_unregister(intf); 2541 return rv; 2542 } 2543 2544 static int 2545 send_guid_cmd(ipmi_smi_t intf, int chan) 2546 { 2547 struct kernel_ipmi_msg msg; 2548 struct ipmi_system_interface_addr si; 2549 2550 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2551 si.channel = IPMI_BMC_CHANNEL; 2552 si.lun = 0; 2553 2554 msg.netfn = IPMI_NETFN_APP_REQUEST; 2555 msg.cmd = IPMI_GET_DEVICE_GUID_CMD; 2556 msg.data = NULL; 2557 msg.data_len = 0; 2558 return i_ipmi_request(NULL, 2559 intf, 2560 (struct ipmi_addr *) &si, 2561 0, 2562 &msg, 2563 intf, 2564 NULL, 2565 NULL, 2566 0, 2567 intf->channels[0].address, 2568 intf->channels[0].lun, 2569 -1, 0); 2570 } 2571 2572 static void 2573 guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2574 { 2575 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2576 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE) 2577 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD)) 2578 /* Not for me */ 2579 return; 2580 2581 if (msg->msg.data[0] != 0) { 2582 /* Error from getting the GUID, the BMC doesn't have one. */ 2583 intf->bmc->guid_set = 0; 2584 goto out; 2585 } 2586 2587 if (msg->msg.data_len < 17) { 2588 intf->bmc->guid_set = 0; 2589 printk(KERN_WARNING PFX 2590 "guid_handler: The GUID response from the BMC was too" 2591 " short, it was %d but should have been 17. Assuming" 2592 " GUID is not available.\n", 2593 msg->msg.data_len); 2594 goto out; 2595 } 2596 2597 memcpy(intf->bmc->guid, msg->msg.data, 16); 2598 intf->bmc->guid_set = 1; 2599 out: 2600 wake_up(&intf->waitq); 2601 } 2602 2603 static void 2604 get_guid(ipmi_smi_t intf) 2605 { 2606 int rv; 2607 2608 intf->bmc->guid_set = 0x2; 2609 intf->null_user_handler = guid_handler; 2610 rv = send_guid_cmd(intf, 0); 2611 if (rv) 2612 /* Send failed, no GUID available. */ 2613 intf->bmc->guid_set = 0; 2614 wait_event(intf->waitq, intf->bmc->guid_set != 2); 2615 intf->null_user_handler = NULL; 2616 } 2617 2618 static int 2619 send_channel_info_cmd(ipmi_smi_t intf, int chan) 2620 { 2621 struct kernel_ipmi_msg msg; 2622 unsigned char data[1]; 2623 struct ipmi_system_interface_addr si; 2624 2625 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2626 si.channel = IPMI_BMC_CHANNEL; 2627 si.lun = 0; 2628 2629 msg.netfn = IPMI_NETFN_APP_REQUEST; 2630 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD; 2631 msg.data = data; 2632 msg.data_len = 1; 2633 data[0] = chan; 2634 return i_ipmi_request(NULL, 2635 intf, 2636 (struct ipmi_addr *) &si, 2637 0, 2638 &msg, 2639 intf, 2640 NULL, 2641 NULL, 2642 0, 2643 intf->channels[0].address, 2644 intf->channels[0].lun, 2645 -1, 0); 2646 } 2647 2648 static void 2649 channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2650 { 2651 int rv = 0; 2652 int chan; 2653 2654 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2655 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 2656 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) { 2657 /* It's the one we want */ 2658 if (msg->msg.data[0] != 0) { 2659 /* Got an error from the channel, just go on. */ 2660 2661 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) { 2662 /* 2663 * If the MC does not support this 2664 * command, that is legal. We just 2665 * assume it has one IPMB at channel 2666 * zero. 2667 */ 2668 intf->channels[0].medium 2669 = IPMI_CHANNEL_MEDIUM_IPMB; 2670 intf->channels[0].protocol 2671 = IPMI_CHANNEL_PROTOCOL_IPMB; 2672 rv = -ENOSYS; 2673 2674 intf->curr_channel = IPMI_MAX_CHANNELS; 2675 wake_up(&intf->waitq); 2676 goto out; 2677 } 2678 goto next_channel; 2679 } 2680 if (msg->msg.data_len < 4) { 2681 /* Message not big enough, just go on. */ 2682 goto next_channel; 2683 } 2684 chan = intf->curr_channel; 2685 intf->channels[chan].medium = msg->msg.data[2] & 0x7f; 2686 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f; 2687 2688 next_channel: 2689 intf->curr_channel++; 2690 if (intf->curr_channel >= IPMI_MAX_CHANNELS) 2691 wake_up(&intf->waitq); 2692 else 2693 rv = send_channel_info_cmd(intf, intf->curr_channel); 2694 2695 if (rv) { 2696 /* Got an error somehow, just give up. */ 2697 intf->curr_channel = IPMI_MAX_CHANNELS; 2698 wake_up(&intf->waitq); 2699 2700 printk(KERN_WARNING PFX 2701 "Error sending channel information: %d\n", 2702 rv); 2703 } 2704 } 2705 out: 2706 return; 2707 } 2708 2709 void ipmi_poll_interface(ipmi_user_t user) 2710 { 2711 ipmi_smi_t intf = user->intf; 2712 2713 if (intf->handlers->poll) 2714 intf->handlers->poll(intf->send_info); 2715 } 2716 EXPORT_SYMBOL(ipmi_poll_interface); 2717 2718 int ipmi_register_smi(struct ipmi_smi_handlers *handlers, 2719 void *send_info, 2720 struct ipmi_device_id *device_id, 2721 struct device *si_dev, 2722 const char *sysfs_name, 2723 unsigned char slave_addr) 2724 { 2725 int i, j; 2726 int rv; 2727 ipmi_smi_t intf; 2728 ipmi_smi_t tintf; 2729 struct list_head *link; 2730 2731 /* 2732 * Make sure the driver is actually initialized, this handles 2733 * problems with initialization order. 2734 */ 2735 if (!initialized) { 2736 rv = ipmi_init_msghandler(); 2737 if (rv) 2738 return rv; 2739 /* 2740 * The init code doesn't return an error if it was turned 2741 * off, but it won't initialize. Check that. 2742 */ 2743 if (!initialized) 2744 return -ENODEV; 2745 } 2746 2747 intf = kzalloc(sizeof(*intf), GFP_KERNEL); 2748 if (!intf) 2749 return -ENOMEM; 2750 2751 intf->ipmi_version_major = ipmi_version_major(device_id); 2752 intf->ipmi_version_minor = ipmi_version_minor(device_id); 2753 2754 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL); 2755 if (!intf->bmc) { 2756 kfree(intf); 2757 return -ENOMEM; 2758 } 2759 intf->intf_num = -1; /* Mark it invalid for now. */ 2760 kref_init(&intf->refcount); 2761 intf->bmc->id = *device_id; 2762 intf->si_dev = si_dev; 2763 for (j = 0; j < IPMI_MAX_CHANNELS; j++) { 2764 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR; 2765 intf->channels[j].lun = 2; 2766 } 2767 if (slave_addr != 0) 2768 intf->channels[0].address = slave_addr; 2769 INIT_LIST_HEAD(&intf->users); 2770 intf->handlers = handlers; 2771 intf->send_info = send_info; 2772 spin_lock_init(&intf->seq_lock); 2773 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) { 2774 intf->seq_table[j].inuse = 0; 2775 intf->seq_table[j].seqid = 0; 2776 } 2777 intf->curr_seq = 0; 2778 #ifdef CONFIG_PROC_FS 2779 mutex_init(&intf->proc_entry_lock); 2780 #endif 2781 spin_lock_init(&intf->waiting_msgs_lock); 2782 INIT_LIST_HEAD(&intf->waiting_msgs); 2783 spin_lock_init(&intf->events_lock); 2784 INIT_LIST_HEAD(&intf->waiting_events); 2785 intf->waiting_events_count = 0; 2786 mutex_init(&intf->cmd_rcvrs_mutex); 2787 spin_lock_init(&intf->maintenance_mode_lock); 2788 INIT_LIST_HEAD(&intf->cmd_rcvrs); 2789 init_waitqueue_head(&intf->waitq); 2790 for (i = 0; i < IPMI_NUM_STATS; i++) 2791 atomic_set(&intf->stats[i], 0); 2792 2793 intf->proc_dir = NULL; 2794 2795 mutex_lock(&smi_watchers_mutex); 2796 mutex_lock(&ipmi_interfaces_mutex); 2797 /* Look for a hole in the numbers. */ 2798 i = 0; 2799 link = &ipmi_interfaces; 2800 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) { 2801 if (tintf->intf_num != i) { 2802 link = &tintf->link; 2803 break; 2804 } 2805 i++; 2806 } 2807 /* Add the new interface in numeric order. */ 2808 if (i == 0) 2809 list_add_rcu(&intf->link, &ipmi_interfaces); 2810 else 2811 list_add_tail_rcu(&intf->link, link); 2812 2813 rv = handlers->start_processing(send_info, intf); 2814 if (rv) 2815 goto out; 2816 2817 get_guid(intf); 2818 2819 if ((intf->ipmi_version_major > 1) 2820 || ((intf->ipmi_version_major == 1) 2821 && (intf->ipmi_version_minor >= 5))) { 2822 /* 2823 * Start scanning the channels to see what is 2824 * available. 2825 */ 2826 intf->null_user_handler = channel_handler; 2827 intf->curr_channel = 0; 2828 rv = send_channel_info_cmd(intf, 0); 2829 if (rv) 2830 goto out; 2831 2832 /* Wait for the channel info to be read. */ 2833 wait_event(intf->waitq, 2834 intf->curr_channel >= IPMI_MAX_CHANNELS); 2835 intf->null_user_handler = NULL; 2836 } else { 2837 /* Assume a single IPMB channel at zero. */ 2838 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB; 2839 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB; 2840 } 2841 2842 if (rv == 0) 2843 rv = add_proc_entries(intf, i); 2844 2845 rv = ipmi_bmc_register(intf, i, sysfs_name); 2846 2847 out: 2848 if (rv) { 2849 if (intf->proc_dir) 2850 remove_proc_entries(intf); 2851 intf->handlers = NULL; 2852 list_del_rcu(&intf->link); 2853 mutex_unlock(&ipmi_interfaces_mutex); 2854 mutex_unlock(&smi_watchers_mutex); 2855 synchronize_rcu(); 2856 kref_put(&intf->refcount, intf_free); 2857 } else { 2858 /* 2859 * Keep memory order straight for RCU readers. Make 2860 * sure everything else is committed to memory before 2861 * setting intf_num to mark the interface valid. 2862 */ 2863 smp_wmb(); 2864 intf->intf_num = i; 2865 mutex_unlock(&ipmi_interfaces_mutex); 2866 /* After this point the interface is legal to use. */ 2867 call_smi_watchers(i, intf->si_dev); 2868 mutex_unlock(&smi_watchers_mutex); 2869 } 2870 2871 return rv; 2872 } 2873 EXPORT_SYMBOL(ipmi_register_smi); 2874 2875 static void cleanup_smi_msgs(ipmi_smi_t intf) 2876 { 2877 int i; 2878 struct seq_table *ent; 2879 2880 /* No need for locks, the interface is down. */ 2881 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 2882 ent = &(intf->seq_table[i]); 2883 if (!ent->inuse) 2884 continue; 2885 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED); 2886 } 2887 } 2888 2889 int ipmi_unregister_smi(ipmi_smi_t intf) 2890 { 2891 struct ipmi_smi_watcher *w; 2892 int intf_num = intf->intf_num; 2893 2894 ipmi_bmc_unregister(intf); 2895 2896 mutex_lock(&smi_watchers_mutex); 2897 mutex_lock(&ipmi_interfaces_mutex); 2898 intf->intf_num = -1; 2899 intf->handlers = NULL; 2900 list_del_rcu(&intf->link); 2901 mutex_unlock(&ipmi_interfaces_mutex); 2902 synchronize_rcu(); 2903 2904 cleanup_smi_msgs(intf); 2905 2906 remove_proc_entries(intf); 2907 2908 /* 2909 * Call all the watcher interfaces to tell them that 2910 * an interface is gone. 2911 */ 2912 list_for_each_entry(w, &smi_watchers, link) 2913 w->smi_gone(intf_num); 2914 mutex_unlock(&smi_watchers_mutex); 2915 2916 kref_put(&intf->refcount, intf_free); 2917 return 0; 2918 } 2919 EXPORT_SYMBOL(ipmi_unregister_smi); 2920 2921 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf, 2922 struct ipmi_smi_msg *msg) 2923 { 2924 struct ipmi_ipmb_addr ipmb_addr; 2925 struct ipmi_recv_msg *recv_msg; 2926 2927 /* 2928 * This is 11, not 10, because the response must contain a 2929 * completion code. 2930 */ 2931 if (msg->rsp_size < 11) { 2932 /* Message not big enough, just ignore it. */ 2933 ipmi_inc_stat(intf, invalid_ipmb_responses); 2934 return 0; 2935 } 2936 2937 if (msg->rsp[2] != 0) { 2938 /* An error getting the response, just ignore it. */ 2939 return 0; 2940 } 2941 2942 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE; 2943 ipmb_addr.slave_addr = msg->rsp[6]; 2944 ipmb_addr.channel = msg->rsp[3] & 0x0f; 2945 ipmb_addr.lun = msg->rsp[7] & 3; 2946 2947 /* 2948 * It's a response from a remote entity. Look up the sequence 2949 * number and handle the response. 2950 */ 2951 if (intf_find_seq(intf, 2952 msg->rsp[7] >> 2, 2953 msg->rsp[3] & 0x0f, 2954 msg->rsp[8], 2955 (msg->rsp[4] >> 2) & (~1), 2956 (struct ipmi_addr *) &(ipmb_addr), 2957 &recv_msg)) { 2958 /* 2959 * We were unable to find the sequence number, 2960 * so just nuke the message. 2961 */ 2962 ipmi_inc_stat(intf, unhandled_ipmb_responses); 2963 return 0; 2964 } 2965 2966 memcpy(recv_msg->msg_data, 2967 &(msg->rsp[9]), 2968 msg->rsp_size - 9); 2969 /* 2970 * The other fields matched, so no need to set them, except 2971 * for netfn, which needs to be the response that was 2972 * returned, not the request value. 2973 */ 2974 recv_msg->msg.netfn = msg->rsp[4] >> 2; 2975 recv_msg->msg.data = recv_msg->msg_data; 2976 recv_msg->msg.data_len = msg->rsp_size - 10; 2977 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 2978 ipmi_inc_stat(intf, handled_ipmb_responses); 2979 deliver_response(recv_msg); 2980 2981 return 0; 2982 } 2983 2984 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf, 2985 struct ipmi_smi_msg *msg) 2986 { 2987 struct cmd_rcvr *rcvr; 2988 int rv = 0; 2989 unsigned char netfn; 2990 unsigned char cmd; 2991 unsigned char chan; 2992 ipmi_user_t user = NULL; 2993 struct ipmi_ipmb_addr *ipmb_addr; 2994 struct ipmi_recv_msg *recv_msg; 2995 struct ipmi_smi_handlers *handlers; 2996 2997 if (msg->rsp_size < 10) { 2998 /* Message not big enough, just ignore it. */ 2999 ipmi_inc_stat(intf, invalid_commands); 3000 return 0; 3001 } 3002 3003 if (msg->rsp[2] != 0) { 3004 /* An error getting the response, just ignore it. */ 3005 return 0; 3006 } 3007 3008 netfn = msg->rsp[4] >> 2; 3009 cmd = msg->rsp[8]; 3010 chan = msg->rsp[3] & 0xf; 3011 3012 rcu_read_lock(); 3013 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3014 if (rcvr) { 3015 user = rcvr->user; 3016 kref_get(&user->refcount); 3017 } else 3018 user = NULL; 3019 rcu_read_unlock(); 3020 3021 if (user == NULL) { 3022 /* We didn't find a user, deliver an error response. */ 3023 ipmi_inc_stat(intf, unhandled_commands); 3024 3025 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 3026 msg->data[1] = IPMI_SEND_MSG_CMD; 3027 msg->data[2] = msg->rsp[3]; 3028 msg->data[3] = msg->rsp[6]; 3029 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3); 3030 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2); 3031 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address; 3032 /* rqseq/lun */ 3033 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3); 3034 msg->data[8] = msg->rsp[8]; /* cmd */ 3035 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE; 3036 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4); 3037 msg->data_size = 11; 3038 3039 #ifdef DEBUG_MSGING 3040 { 3041 int m; 3042 printk("Invalid command:"); 3043 for (m = 0; m < msg->data_size; m++) 3044 printk(" %2.2x", msg->data[m]); 3045 printk("\n"); 3046 } 3047 #endif 3048 rcu_read_lock(); 3049 handlers = intf->handlers; 3050 if (handlers) { 3051 handlers->sender(intf->send_info, msg, 0); 3052 /* 3053 * We used the message, so return the value 3054 * that causes it to not be freed or 3055 * queued. 3056 */ 3057 rv = -1; 3058 } 3059 rcu_read_unlock(); 3060 } else { 3061 /* Deliver the message to the user. */ 3062 ipmi_inc_stat(intf, handled_commands); 3063 3064 recv_msg = ipmi_alloc_recv_msg(); 3065 if (!recv_msg) { 3066 /* 3067 * We couldn't allocate memory for the 3068 * message, so requeue it for handling 3069 * later. 3070 */ 3071 rv = 1; 3072 kref_put(&user->refcount, free_user); 3073 } else { 3074 /* Extract the source address from the data. */ 3075 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr; 3076 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE; 3077 ipmb_addr->slave_addr = msg->rsp[6]; 3078 ipmb_addr->lun = msg->rsp[7] & 3; 3079 ipmb_addr->channel = msg->rsp[3] & 0xf; 3080 3081 /* 3082 * Extract the rest of the message information 3083 * from the IPMB header. 3084 */ 3085 recv_msg->user = user; 3086 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3087 recv_msg->msgid = msg->rsp[7] >> 2; 3088 recv_msg->msg.netfn = msg->rsp[4] >> 2; 3089 recv_msg->msg.cmd = msg->rsp[8]; 3090 recv_msg->msg.data = recv_msg->msg_data; 3091 3092 /* 3093 * We chop off 10, not 9 bytes because the checksum 3094 * at the end also needs to be removed. 3095 */ 3096 recv_msg->msg.data_len = msg->rsp_size - 10; 3097 memcpy(recv_msg->msg_data, 3098 &(msg->rsp[9]), 3099 msg->rsp_size - 10); 3100 deliver_response(recv_msg); 3101 } 3102 } 3103 3104 return rv; 3105 } 3106 3107 static int handle_lan_get_msg_rsp(ipmi_smi_t intf, 3108 struct ipmi_smi_msg *msg) 3109 { 3110 struct ipmi_lan_addr lan_addr; 3111 struct ipmi_recv_msg *recv_msg; 3112 3113 3114 /* 3115 * This is 13, not 12, because the response must contain a 3116 * completion code. 3117 */ 3118 if (msg->rsp_size < 13) { 3119 /* Message not big enough, just ignore it. */ 3120 ipmi_inc_stat(intf, invalid_lan_responses); 3121 return 0; 3122 } 3123 3124 if (msg->rsp[2] != 0) { 3125 /* An error getting the response, just ignore it. */ 3126 return 0; 3127 } 3128 3129 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE; 3130 lan_addr.session_handle = msg->rsp[4]; 3131 lan_addr.remote_SWID = msg->rsp[8]; 3132 lan_addr.local_SWID = msg->rsp[5]; 3133 lan_addr.channel = msg->rsp[3] & 0x0f; 3134 lan_addr.privilege = msg->rsp[3] >> 4; 3135 lan_addr.lun = msg->rsp[9] & 3; 3136 3137 /* 3138 * It's a response from a remote entity. Look up the sequence 3139 * number and handle the response. 3140 */ 3141 if (intf_find_seq(intf, 3142 msg->rsp[9] >> 2, 3143 msg->rsp[3] & 0x0f, 3144 msg->rsp[10], 3145 (msg->rsp[6] >> 2) & (~1), 3146 (struct ipmi_addr *) &(lan_addr), 3147 &recv_msg)) { 3148 /* 3149 * We were unable to find the sequence number, 3150 * so just nuke the message. 3151 */ 3152 ipmi_inc_stat(intf, unhandled_lan_responses); 3153 return 0; 3154 } 3155 3156 memcpy(recv_msg->msg_data, 3157 &(msg->rsp[11]), 3158 msg->rsp_size - 11); 3159 /* 3160 * The other fields matched, so no need to set them, except 3161 * for netfn, which needs to be the response that was 3162 * returned, not the request value. 3163 */ 3164 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3165 recv_msg->msg.data = recv_msg->msg_data; 3166 recv_msg->msg.data_len = msg->rsp_size - 12; 3167 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3168 ipmi_inc_stat(intf, handled_lan_responses); 3169 deliver_response(recv_msg); 3170 3171 return 0; 3172 } 3173 3174 static int handle_lan_get_msg_cmd(ipmi_smi_t intf, 3175 struct ipmi_smi_msg *msg) 3176 { 3177 struct cmd_rcvr *rcvr; 3178 int rv = 0; 3179 unsigned char netfn; 3180 unsigned char cmd; 3181 unsigned char chan; 3182 ipmi_user_t user = NULL; 3183 struct ipmi_lan_addr *lan_addr; 3184 struct ipmi_recv_msg *recv_msg; 3185 3186 if (msg->rsp_size < 12) { 3187 /* Message not big enough, just ignore it. */ 3188 ipmi_inc_stat(intf, invalid_commands); 3189 return 0; 3190 } 3191 3192 if (msg->rsp[2] != 0) { 3193 /* An error getting the response, just ignore it. */ 3194 return 0; 3195 } 3196 3197 netfn = msg->rsp[6] >> 2; 3198 cmd = msg->rsp[10]; 3199 chan = msg->rsp[3] & 0xf; 3200 3201 rcu_read_lock(); 3202 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3203 if (rcvr) { 3204 user = rcvr->user; 3205 kref_get(&user->refcount); 3206 } else 3207 user = NULL; 3208 rcu_read_unlock(); 3209 3210 if (user == NULL) { 3211 /* We didn't find a user, just give up. */ 3212 ipmi_inc_stat(intf, unhandled_commands); 3213 3214 /* 3215 * Don't do anything with these messages, just allow 3216 * them to be freed. 3217 */ 3218 rv = 0; 3219 } else { 3220 /* Deliver the message to the user. */ 3221 ipmi_inc_stat(intf, handled_commands); 3222 3223 recv_msg = ipmi_alloc_recv_msg(); 3224 if (!recv_msg) { 3225 /* 3226 * We couldn't allocate memory for the 3227 * message, so requeue it for handling later. 3228 */ 3229 rv = 1; 3230 kref_put(&user->refcount, free_user); 3231 } else { 3232 /* Extract the source address from the data. */ 3233 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr; 3234 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE; 3235 lan_addr->session_handle = msg->rsp[4]; 3236 lan_addr->remote_SWID = msg->rsp[8]; 3237 lan_addr->local_SWID = msg->rsp[5]; 3238 lan_addr->lun = msg->rsp[9] & 3; 3239 lan_addr->channel = msg->rsp[3] & 0xf; 3240 lan_addr->privilege = msg->rsp[3] >> 4; 3241 3242 /* 3243 * Extract the rest of the message information 3244 * from the IPMB header. 3245 */ 3246 recv_msg->user = user; 3247 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3248 recv_msg->msgid = msg->rsp[9] >> 2; 3249 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3250 recv_msg->msg.cmd = msg->rsp[10]; 3251 recv_msg->msg.data = recv_msg->msg_data; 3252 3253 /* 3254 * We chop off 12, not 11 bytes because the checksum 3255 * at the end also needs to be removed. 3256 */ 3257 recv_msg->msg.data_len = msg->rsp_size - 12; 3258 memcpy(recv_msg->msg_data, 3259 &(msg->rsp[11]), 3260 msg->rsp_size - 12); 3261 deliver_response(recv_msg); 3262 } 3263 } 3264 3265 return rv; 3266 } 3267 3268 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg, 3269 struct ipmi_smi_msg *msg) 3270 { 3271 struct ipmi_system_interface_addr *smi_addr; 3272 3273 recv_msg->msgid = 0; 3274 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr); 3275 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3276 smi_addr->channel = IPMI_BMC_CHANNEL; 3277 smi_addr->lun = msg->rsp[0] & 3; 3278 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE; 3279 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3280 recv_msg->msg.cmd = msg->rsp[1]; 3281 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3); 3282 recv_msg->msg.data = recv_msg->msg_data; 3283 recv_msg->msg.data_len = msg->rsp_size - 3; 3284 } 3285 3286 static int handle_read_event_rsp(ipmi_smi_t intf, 3287 struct ipmi_smi_msg *msg) 3288 { 3289 struct ipmi_recv_msg *recv_msg, *recv_msg2; 3290 struct list_head msgs; 3291 ipmi_user_t user; 3292 int rv = 0; 3293 int deliver_count = 0; 3294 unsigned long flags; 3295 3296 if (msg->rsp_size < 19) { 3297 /* Message is too small to be an IPMB event. */ 3298 ipmi_inc_stat(intf, invalid_events); 3299 return 0; 3300 } 3301 3302 if (msg->rsp[2] != 0) { 3303 /* An error getting the event, just ignore it. */ 3304 return 0; 3305 } 3306 3307 INIT_LIST_HEAD(&msgs); 3308 3309 spin_lock_irqsave(&intf->events_lock, flags); 3310 3311 ipmi_inc_stat(intf, events); 3312 3313 /* 3314 * Allocate and fill in one message for every user that is 3315 * getting events. 3316 */ 3317 rcu_read_lock(); 3318 list_for_each_entry_rcu(user, &intf->users, link) { 3319 if (!user->gets_events) 3320 continue; 3321 3322 recv_msg = ipmi_alloc_recv_msg(); 3323 if (!recv_msg) { 3324 rcu_read_unlock(); 3325 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, 3326 link) { 3327 list_del(&recv_msg->link); 3328 ipmi_free_recv_msg(recv_msg); 3329 } 3330 /* 3331 * We couldn't allocate memory for the 3332 * message, so requeue it for handling 3333 * later. 3334 */ 3335 rv = 1; 3336 goto out; 3337 } 3338 3339 deliver_count++; 3340 3341 copy_event_into_recv_msg(recv_msg, msg); 3342 recv_msg->user = user; 3343 kref_get(&user->refcount); 3344 list_add_tail(&(recv_msg->link), &msgs); 3345 } 3346 rcu_read_unlock(); 3347 3348 if (deliver_count) { 3349 /* Now deliver all the messages. */ 3350 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) { 3351 list_del(&recv_msg->link); 3352 deliver_response(recv_msg); 3353 } 3354 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) { 3355 /* 3356 * No one to receive the message, put it in queue if there's 3357 * not already too many things in the queue. 3358 */ 3359 recv_msg = ipmi_alloc_recv_msg(); 3360 if (!recv_msg) { 3361 /* 3362 * We couldn't allocate memory for the 3363 * message, so requeue it for handling 3364 * later. 3365 */ 3366 rv = 1; 3367 goto out; 3368 } 3369 3370 copy_event_into_recv_msg(recv_msg, msg); 3371 list_add_tail(&(recv_msg->link), &(intf->waiting_events)); 3372 intf->waiting_events_count++; 3373 } else if (!intf->event_msg_printed) { 3374 /* 3375 * There's too many things in the queue, discard this 3376 * message. 3377 */ 3378 printk(KERN_WARNING PFX "Event queue full, discarding" 3379 " incoming events\n"); 3380 intf->event_msg_printed = 1; 3381 } 3382 3383 out: 3384 spin_unlock_irqrestore(&(intf->events_lock), flags); 3385 3386 return rv; 3387 } 3388 3389 static int handle_bmc_rsp(ipmi_smi_t intf, 3390 struct ipmi_smi_msg *msg) 3391 { 3392 struct ipmi_recv_msg *recv_msg; 3393 struct ipmi_user *user; 3394 3395 recv_msg = (struct ipmi_recv_msg *) msg->user_data; 3396 if (recv_msg == NULL) { 3397 printk(KERN_WARNING 3398 "IPMI message received with no owner. This\n" 3399 "could be because of a malformed message, or\n" 3400 "because of a hardware error. Contact your\n" 3401 "hardware vender for assistance\n"); 3402 return 0; 3403 } 3404 3405 user = recv_msg->user; 3406 /* Make sure the user still exists. */ 3407 if (user && !user->valid) { 3408 /* The user for the message went away, so give up. */ 3409 ipmi_inc_stat(intf, unhandled_local_responses); 3410 ipmi_free_recv_msg(recv_msg); 3411 } else { 3412 struct ipmi_system_interface_addr *smi_addr; 3413 3414 ipmi_inc_stat(intf, handled_local_responses); 3415 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3416 recv_msg->msgid = msg->msgid; 3417 smi_addr = ((struct ipmi_system_interface_addr *) 3418 &(recv_msg->addr)); 3419 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3420 smi_addr->channel = IPMI_BMC_CHANNEL; 3421 smi_addr->lun = msg->rsp[0] & 3; 3422 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3423 recv_msg->msg.cmd = msg->rsp[1]; 3424 memcpy(recv_msg->msg_data, 3425 &(msg->rsp[2]), 3426 msg->rsp_size - 2); 3427 recv_msg->msg.data = recv_msg->msg_data; 3428 recv_msg->msg.data_len = msg->rsp_size - 2; 3429 deliver_response(recv_msg); 3430 } 3431 3432 return 0; 3433 } 3434 3435 /* 3436 * Handle a new message. Return 1 if the message should be requeued, 3437 * 0 if the message should be freed, or -1 if the message should not 3438 * be freed or requeued. 3439 */ 3440 static int handle_new_recv_msg(ipmi_smi_t intf, 3441 struct ipmi_smi_msg *msg) 3442 { 3443 int requeue; 3444 int chan; 3445 3446 #ifdef DEBUG_MSGING 3447 int m; 3448 printk("Recv:"); 3449 for (m = 0; m < msg->rsp_size; m++) 3450 printk(" %2.2x", msg->rsp[m]); 3451 printk("\n"); 3452 #endif 3453 if (msg->rsp_size < 2) { 3454 /* Message is too small to be correct. */ 3455 printk(KERN_WARNING PFX "BMC returned to small a message" 3456 " for netfn %x cmd %x, got %d bytes\n", 3457 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size); 3458 3459 /* Generate an error response for the message. */ 3460 msg->rsp[0] = msg->data[0] | (1 << 2); 3461 msg->rsp[1] = msg->data[1]; 3462 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3463 msg->rsp_size = 3; 3464 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1)) 3465 || (msg->rsp[1] != msg->data[1])) { 3466 /* 3467 * The NetFN and Command in the response is not even 3468 * marginally correct. 3469 */ 3470 printk(KERN_WARNING PFX "BMC returned incorrect response," 3471 " expected netfn %x cmd %x, got netfn %x cmd %x\n", 3472 (msg->data[0] >> 2) | 1, msg->data[1], 3473 msg->rsp[0] >> 2, msg->rsp[1]); 3474 3475 /* Generate an error response for the message. */ 3476 msg->rsp[0] = msg->data[0] | (1 << 2); 3477 msg->rsp[1] = msg->data[1]; 3478 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3479 msg->rsp_size = 3; 3480 } 3481 3482 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3483 && (msg->rsp[1] == IPMI_SEND_MSG_CMD) 3484 && (msg->user_data != NULL)) { 3485 /* 3486 * It's a response to a response we sent. For this we 3487 * deliver a send message response to the user. 3488 */ 3489 struct ipmi_recv_msg *recv_msg = msg->user_data; 3490 3491 requeue = 0; 3492 if (msg->rsp_size < 2) 3493 /* Message is too small to be correct. */ 3494 goto out; 3495 3496 chan = msg->data[2] & 0x0f; 3497 if (chan >= IPMI_MAX_CHANNELS) 3498 /* Invalid channel number */ 3499 goto out; 3500 3501 if (!recv_msg) 3502 goto out; 3503 3504 /* Make sure the user still exists. */ 3505 if (!recv_msg->user || !recv_msg->user->valid) 3506 goto out; 3507 3508 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE; 3509 recv_msg->msg.data = recv_msg->msg_data; 3510 recv_msg->msg.data_len = 1; 3511 recv_msg->msg_data[0] = msg->rsp[2]; 3512 deliver_response(recv_msg); 3513 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3514 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) { 3515 /* It's from the receive queue. */ 3516 chan = msg->rsp[3] & 0xf; 3517 if (chan >= IPMI_MAX_CHANNELS) { 3518 /* Invalid channel number */ 3519 requeue = 0; 3520 goto out; 3521 } 3522 3523 switch (intf->channels[chan].medium) { 3524 case IPMI_CHANNEL_MEDIUM_IPMB: 3525 if (msg->rsp[4] & 0x04) { 3526 /* 3527 * It's a response, so find the 3528 * requesting message and send it up. 3529 */ 3530 requeue = handle_ipmb_get_msg_rsp(intf, msg); 3531 } else { 3532 /* 3533 * It's a command to the SMS from some other 3534 * entity. Handle that. 3535 */ 3536 requeue = handle_ipmb_get_msg_cmd(intf, msg); 3537 } 3538 break; 3539 3540 case IPMI_CHANNEL_MEDIUM_8023LAN: 3541 case IPMI_CHANNEL_MEDIUM_ASYNC: 3542 if (msg->rsp[6] & 0x04) { 3543 /* 3544 * It's a response, so find the 3545 * requesting message and send it up. 3546 */ 3547 requeue = handle_lan_get_msg_rsp(intf, msg); 3548 } else { 3549 /* 3550 * It's a command to the SMS from some other 3551 * entity. Handle that. 3552 */ 3553 requeue = handle_lan_get_msg_cmd(intf, msg); 3554 } 3555 break; 3556 3557 default: 3558 /* 3559 * We don't handle the channel type, so just 3560 * free the message. 3561 */ 3562 requeue = 0; 3563 } 3564 3565 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3566 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) { 3567 /* It's an asyncronous event. */ 3568 requeue = handle_read_event_rsp(intf, msg); 3569 } else { 3570 /* It's a response from the local BMC. */ 3571 requeue = handle_bmc_rsp(intf, msg); 3572 } 3573 3574 out: 3575 return requeue; 3576 } 3577 3578 /* Handle a new message from the lower layer. */ 3579 void ipmi_smi_msg_received(ipmi_smi_t intf, 3580 struct ipmi_smi_msg *msg) 3581 { 3582 unsigned long flags = 0; /* keep us warning-free. */ 3583 int rv; 3584 int run_to_completion; 3585 3586 3587 if ((msg->data_size >= 2) 3588 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2)) 3589 && (msg->data[1] == IPMI_SEND_MSG_CMD) 3590 && (msg->user_data == NULL)) { 3591 /* 3592 * This is the local response to a command send, start 3593 * the timer for these. The user_data will not be 3594 * NULL if this is a response send, and we will let 3595 * response sends just go through. 3596 */ 3597 3598 /* 3599 * Check for errors, if we get certain errors (ones 3600 * that mean basically we can try again later), we 3601 * ignore them and start the timer. Otherwise we 3602 * report the error immediately. 3603 */ 3604 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0) 3605 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR) 3606 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR) 3607 && (msg->rsp[2] != IPMI_BUS_ERR) 3608 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) { 3609 int chan = msg->rsp[3] & 0xf; 3610 3611 /* Got an error sending the message, handle it. */ 3612 if (chan >= IPMI_MAX_CHANNELS) 3613 ; /* This shouldn't happen */ 3614 else if ((intf->channels[chan].medium 3615 == IPMI_CHANNEL_MEDIUM_8023LAN) 3616 || (intf->channels[chan].medium 3617 == IPMI_CHANNEL_MEDIUM_ASYNC)) 3618 ipmi_inc_stat(intf, sent_lan_command_errs); 3619 else 3620 ipmi_inc_stat(intf, sent_ipmb_command_errs); 3621 intf_err_seq(intf, msg->msgid, msg->rsp[2]); 3622 } else 3623 /* The message was sent, start the timer. */ 3624 intf_start_seq_timer(intf, msg->msgid); 3625 3626 ipmi_free_smi_msg(msg); 3627 goto out; 3628 } 3629 3630 /* 3631 * To preserve message order, if the list is not empty, we 3632 * tack this message onto the end of the list. 3633 */ 3634 run_to_completion = intf->run_to_completion; 3635 if (!run_to_completion) 3636 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3637 if (!list_empty(&intf->waiting_msgs)) { 3638 list_add_tail(&msg->link, &intf->waiting_msgs); 3639 if (!run_to_completion) 3640 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3641 goto out; 3642 } 3643 if (!run_to_completion) 3644 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3645 3646 rv = handle_new_recv_msg(intf, msg); 3647 if (rv > 0) { 3648 /* 3649 * Could not handle the message now, just add it to a 3650 * list to handle later. 3651 */ 3652 run_to_completion = intf->run_to_completion; 3653 if (!run_to_completion) 3654 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3655 list_add_tail(&msg->link, &intf->waiting_msgs); 3656 if (!run_to_completion) 3657 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3658 } else if (rv == 0) { 3659 ipmi_free_smi_msg(msg); 3660 } 3661 3662 out: 3663 return; 3664 } 3665 EXPORT_SYMBOL(ipmi_smi_msg_received); 3666 3667 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf) 3668 { 3669 ipmi_user_t user; 3670 3671 rcu_read_lock(); 3672 list_for_each_entry_rcu(user, &intf->users, link) { 3673 if (!user->handler->ipmi_watchdog_pretimeout) 3674 continue; 3675 3676 user->handler->ipmi_watchdog_pretimeout(user->handler_data); 3677 } 3678 rcu_read_unlock(); 3679 } 3680 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout); 3681 3682 static struct ipmi_smi_msg * 3683 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg, 3684 unsigned char seq, long seqid) 3685 { 3686 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg(); 3687 if (!smi_msg) 3688 /* 3689 * If we can't allocate the message, then just return, we 3690 * get 4 retries, so this should be ok. 3691 */ 3692 return NULL; 3693 3694 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len); 3695 smi_msg->data_size = recv_msg->msg.data_len; 3696 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid); 3697 3698 #ifdef DEBUG_MSGING 3699 { 3700 int m; 3701 printk("Resend: "); 3702 for (m = 0; m < smi_msg->data_size; m++) 3703 printk(" %2.2x", smi_msg->data[m]); 3704 printk("\n"); 3705 } 3706 #endif 3707 return smi_msg; 3708 } 3709 3710 static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, 3711 struct list_head *timeouts, long timeout_period, 3712 int slot, unsigned long *flags) 3713 { 3714 struct ipmi_recv_msg *msg; 3715 struct ipmi_smi_handlers *handlers; 3716 3717 if (intf->intf_num == -1) 3718 return; 3719 3720 if (!ent->inuse) 3721 return; 3722 3723 ent->timeout -= timeout_period; 3724 if (ent->timeout > 0) 3725 return; 3726 3727 if (ent->retries_left == 0) { 3728 /* The message has used all its retries. */ 3729 ent->inuse = 0; 3730 msg = ent->recv_msg; 3731 list_add_tail(&msg->link, timeouts); 3732 if (ent->broadcast) 3733 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts); 3734 else if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE) 3735 ipmi_inc_stat(intf, timed_out_lan_commands); 3736 else 3737 ipmi_inc_stat(intf, timed_out_ipmb_commands); 3738 } else { 3739 struct ipmi_smi_msg *smi_msg; 3740 /* More retries, send again. */ 3741 3742 /* 3743 * Start with the max timer, set to normal timer after 3744 * the message is sent. 3745 */ 3746 ent->timeout = MAX_MSG_TIMEOUT; 3747 ent->retries_left--; 3748 if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE) 3749 ipmi_inc_stat(intf, retransmitted_lan_commands); 3750 else 3751 ipmi_inc_stat(intf, retransmitted_ipmb_commands); 3752 3753 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot, 3754 ent->seqid); 3755 if (!smi_msg) 3756 return; 3757 3758 spin_unlock_irqrestore(&intf->seq_lock, *flags); 3759 3760 /* 3761 * Send the new message. We send with a zero 3762 * priority. It timed out, I doubt time is that 3763 * critical now, and high priority messages are really 3764 * only for messages to the local MC, which don't get 3765 * resent. 3766 */ 3767 handlers = intf->handlers; 3768 if (handlers) 3769 intf->handlers->sender(intf->send_info, 3770 smi_msg, 0); 3771 else 3772 ipmi_free_smi_msg(smi_msg); 3773 3774 spin_lock_irqsave(&intf->seq_lock, *flags); 3775 } 3776 } 3777 3778 static void ipmi_timeout_handler(long timeout_period) 3779 { 3780 ipmi_smi_t intf; 3781 struct list_head timeouts; 3782 struct ipmi_recv_msg *msg, *msg2; 3783 struct ipmi_smi_msg *smi_msg, *smi_msg2; 3784 unsigned long flags; 3785 int i; 3786 3787 rcu_read_lock(); 3788 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 3789 /* See if any waiting messages need to be processed. */ 3790 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3791 list_for_each_entry_safe(smi_msg, smi_msg2, 3792 &intf->waiting_msgs, link) { 3793 if (!handle_new_recv_msg(intf, smi_msg)) { 3794 list_del(&smi_msg->link); 3795 ipmi_free_smi_msg(smi_msg); 3796 } else { 3797 /* 3798 * To preserve message order, quit if we 3799 * can't handle a message. 3800 */ 3801 break; 3802 } 3803 } 3804 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3805 3806 /* 3807 * Go through the seq table and find any messages that 3808 * have timed out, putting them in the timeouts 3809 * list. 3810 */ 3811 INIT_LIST_HEAD(&timeouts); 3812 spin_lock_irqsave(&intf->seq_lock, flags); 3813 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) 3814 check_msg_timeout(intf, &(intf->seq_table[i]), 3815 &timeouts, timeout_period, i, 3816 &flags); 3817 spin_unlock_irqrestore(&intf->seq_lock, flags); 3818 3819 list_for_each_entry_safe(msg, msg2, &timeouts, link) 3820 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE); 3821 3822 /* 3823 * Maintenance mode handling. Check the timeout 3824 * optimistically before we claim the lock. It may 3825 * mean a timeout gets missed occasionally, but that 3826 * only means the timeout gets extended by one period 3827 * in that case. No big deal, and it avoids the lock 3828 * most of the time. 3829 */ 3830 if (intf->auto_maintenance_timeout > 0) { 3831 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 3832 if (intf->auto_maintenance_timeout > 0) { 3833 intf->auto_maintenance_timeout 3834 -= timeout_period; 3835 if (!intf->maintenance_mode 3836 && (intf->auto_maintenance_timeout <= 0)) { 3837 intf->maintenance_mode_enable = 0; 3838 maintenance_mode_update(intf); 3839 } 3840 } 3841 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 3842 flags); 3843 } 3844 } 3845 rcu_read_unlock(); 3846 } 3847 3848 static void ipmi_request_event(void) 3849 { 3850 ipmi_smi_t intf; 3851 struct ipmi_smi_handlers *handlers; 3852 3853 rcu_read_lock(); 3854 /* 3855 * Called from the timer, no need to check if handlers is 3856 * valid. 3857 */ 3858 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 3859 /* No event requests when in maintenance mode. */ 3860 if (intf->maintenance_mode_enable) 3861 continue; 3862 3863 handlers = intf->handlers; 3864 if (handlers) 3865 handlers->request_events(intf->send_info); 3866 } 3867 rcu_read_unlock(); 3868 } 3869 3870 static struct timer_list ipmi_timer; 3871 3872 /* Call every ~100 ms. */ 3873 #define IPMI_TIMEOUT_TIME 100 3874 3875 /* How many jiffies does it take to get to the timeout time. */ 3876 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000) 3877 3878 /* 3879 * Request events from the queue every second (this is the number of 3880 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the 3881 * future, IPMI will add a way to know immediately if an event is in 3882 * the queue and this silliness can go away. 3883 */ 3884 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME)) 3885 3886 static atomic_t stop_operation; 3887 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 3888 3889 static void ipmi_timeout(unsigned long data) 3890 { 3891 if (atomic_read(&stop_operation)) 3892 return; 3893 3894 ticks_to_req_ev--; 3895 if (ticks_to_req_ev == 0) { 3896 ipmi_request_event(); 3897 ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 3898 } 3899 3900 ipmi_timeout_handler(IPMI_TIMEOUT_TIME); 3901 3902 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 3903 } 3904 3905 3906 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0); 3907 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0); 3908 3909 /* FIXME - convert these to slabs. */ 3910 static void free_smi_msg(struct ipmi_smi_msg *msg) 3911 { 3912 atomic_dec(&smi_msg_inuse_count); 3913 kfree(msg); 3914 } 3915 3916 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void) 3917 { 3918 struct ipmi_smi_msg *rv; 3919 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC); 3920 if (rv) { 3921 rv->done = free_smi_msg; 3922 rv->user_data = NULL; 3923 atomic_inc(&smi_msg_inuse_count); 3924 } 3925 return rv; 3926 } 3927 EXPORT_SYMBOL(ipmi_alloc_smi_msg); 3928 3929 static void free_recv_msg(struct ipmi_recv_msg *msg) 3930 { 3931 atomic_dec(&recv_msg_inuse_count); 3932 kfree(msg); 3933 } 3934 3935 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void) 3936 { 3937 struct ipmi_recv_msg *rv; 3938 3939 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC); 3940 if (rv) { 3941 rv->user = NULL; 3942 rv->done = free_recv_msg; 3943 atomic_inc(&recv_msg_inuse_count); 3944 } 3945 return rv; 3946 } 3947 3948 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg) 3949 { 3950 if (msg->user) 3951 kref_put(&msg->user->refcount, free_user); 3952 msg->done(msg); 3953 } 3954 EXPORT_SYMBOL(ipmi_free_recv_msg); 3955 3956 #ifdef CONFIG_IPMI_PANIC_EVENT 3957 3958 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg) 3959 { 3960 } 3961 3962 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg) 3963 { 3964 } 3965 3966 #ifdef CONFIG_IPMI_PANIC_STRING 3967 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 3968 { 3969 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 3970 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE) 3971 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD) 3972 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) { 3973 /* A get event receiver command, save it. */ 3974 intf->event_receiver = msg->msg.data[1]; 3975 intf->event_receiver_lun = msg->msg.data[2] & 0x3; 3976 } 3977 } 3978 3979 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 3980 { 3981 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 3982 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 3983 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD) 3984 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) { 3985 /* 3986 * A get device id command, save if we are an event 3987 * receiver or generator. 3988 */ 3989 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1; 3990 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1; 3991 } 3992 } 3993 #endif 3994 3995 static void send_panic_events(char *str) 3996 { 3997 struct kernel_ipmi_msg msg; 3998 ipmi_smi_t intf; 3999 unsigned char data[16]; 4000 struct ipmi_system_interface_addr *si; 4001 struct ipmi_addr addr; 4002 struct ipmi_smi_msg smi_msg; 4003 struct ipmi_recv_msg recv_msg; 4004 4005 si = (struct ipmi_system_interface_addr *) &addr; 4006 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4007 si->channel = IPMI_BMC_CHANNEL; 4008 si->lun = 0; 4009 4010 /* Fill in an event telling that we have failed. */ 4011 msg.netfn = 0x04; /* Sensor or Event. */ 4012 msg.cmd = 2; /* Platform event command. */ 4013 msg.data = data; 4014 msg.data_len = 8; 4015 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */ 4016 data[1] = 0x03; /* This is for IPMI 1.0. */ 4017 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */ 4018 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */ 4019 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */ 4020 4021 /* 4022 * Put a few breadcrumbs in. Hopefully later we can add more things 4023 * to make the panic events more useful. 4024 */ 4025 if (str) { 4026 data[3] = str[0]; 4027 data[6] = str[1]; 4028 data[7] = str[2]; 4029 } 4030 4031 smi_msg.done = dummy_smi_done_handler; 4032 recv_msg.done = dummy_recv_done_handler; 4033 4034 /* For every registered interface, send the event. */ 4035 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4036 if (!intf->handlers) 4037 /* Interface is not ready. */ 4038 continue; 4039 4040 intf->run_to_completion = 1; 4041 /* Send the event announcing the panic. */ 4042 intf->handlers->set_run_to_completion(intf->send_info, 1); 4043 i_ipmi_request(NULL, 4044 intf, 4045 &addr, 4046 0, 4047 &msg, 4048 intf, 4049 &smi_msg, 4050 &recv_msg, 4051 0, 4052 intf->channels[0].address, 4053 intf->channels[0].lun, 4054 0, 1); /* Don't retry, and don't wait. */ 4055 } 4056 4057 #ifdef CONFIG_IPMI_PANIC_STRING 4058 /* 4059 * On every interface, dump a bunch of OEM event holding the 4060 * string. 4061 */ 4062 if (!str) 4063 return; 4064 4065 /* For every registered interface, send the event. */ 4066 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4067 char *p = str; 4068 struct ipmi_ipmb_addr *ipmb; 4069 int j; 4070 4071 if (intf->intf_num == -1) 4072 /* Interface was not ready yet. */ 4073 continue; 4074 4075 /* 4076 * intf_num is used as an marker to tell if the 4077 * interface is valid. Thus we need a read barrier to 4078 * make sure data fetched before checking intf_num 4079 * won't be used. 4080 */ 4081 smp_rmb(); 4082 4083 /* 4084 * First job here is to figure out where to send the 4085 * OEM events. There's no way in IPMI to send OEM 4086 * events using an event send command, so we have to 4087 * find the SEL to put them in and stick them in 4088 * there. 4089 */ 4090 4091 /* Get capabilities from the get device id. */ 4092 intf->local_sel_device = 0; 4093 intf->local_event_generator = 0; 4094 intf->event_receiver = 0; 4095 4096 /* Request the device info from the local MC. */ 4097 msg.netfn = IPMI_NETFN_APP_REQUEST; 4098 msg.cmd = IPMI_GET_DEVICE_ID_CMD; 4099 msg.data = NULL; 4100 msg.data_len = 0; 4101 intf->null_user_handler = device_id_fetcher; 4102 i_ipmi_request(NULL, 4103 intf, 4104 &addr, 4105 0, 4106 &msg, 4107 intf, 4108 &smi_msg, 4109 &recv_msg, 4110 0, 4111 intf->channels[0].address, 4112 intf->channels[0].lun, 4113 0, 1); /* Don't retry, and don't wait. */ 4114 4115 if (intf->local_event_generator) { 4116 /* Request the event receiver from the local MC. */ 4117 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST; 4118 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD; 4119 msg.data = NULL; 4120 msg.data_len = 0; 4121 intf->null_user_handler = event_receiver_fetcher; 4122 i_ipmi_request(NULL, 4123 intf, 4124 &addr, 4125 0, 4126 &msg, 4127 intf, 4128 &smi_msg, 4129 &recv_msg, 4130 0, 4131 intf->channels[0].address, 4132 intf->channels[0].lun, 4133 0, 1); /* no retry, and no wait. */ 4134 } 4135 intf->null_user_handler = NULL; 4136 4137 /* 4138 * Validate the event receiver. The low bit must not 4139 * be 1 (it must be a valid IPMB address), it cannot 4140 * be zero, and it must not be my address. 4141 */ 4142 if (((intf->event_receiver & 1) == 0) 4143 && (intf->event_receiver != 0) 4144 && (intf->event_receiver != intf->channels[0].address)) { 4145 /* 4146 * The event receiver is valid, send an IPMB 4147 * message. 4148 */ 4149 ipmb = (struct ipmi_ipmb_addr *) &addr; 4150 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE; 4151 ipmb->channel = 0; /* FIXME - is this right? */ 4152 ipmb->lun = intf->event_receiver_lun; 4153 ipmb->slave_addr = intf->event_receiver; 4154 } else if (intf->local_sel_device) { 4155 /* 4156 * The event receiver was not valid (or was 4157 * me), but I am an SEL device, just dump it 4158 * in my SEL. 4159 */ 4160 si = (struct ipmi_system_interface_addr *) &addr; 4161 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4162 si->channel = IPMI_BMC_CHANNEL; 4163 si->lun = 0; 4164 } else 4165 continue; /* No where to send the event. */ 4166 4167 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */ 4168 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD; 4169 msg.data = data; 4170 msg.data_len = 16; 4171 4172 j = 0; 4173 while (*p) { 4174 int size = strlen(p); 4175 4176 if (size > 11) 4177 size = 11; 4178 data[0] = 0; 4179 data[1] = 0; 4180 data[2] = 0xf0; /* OEM event without timestamp. */ 4181 data[3] = intf->channels[0].address; 4182 data[4] = j++; /* sequence # */ 4183 /* 4184 * Always give 11 bytes, so strncpy will fill 4185 * it with zeroes for me. 4186 */ 4187 strncpy(data+5, p, 11); 4188 p += size; 4189 4190 i_ipmi_request(NULL, 4191 intf, 4192 &addr, 4193 0, 4194 &msg, 4195 intf, 4196 &smi_msg, 4197 &recv_msg, 4198 0, 4199 intf->channels[0].address, 4200 intf->channels[0].lun, 4201 0, 1); /* no retry, and no wait. */ 4202 } 4203 } 4204 #endif /* CONFIG_IPMI_PANIC_STRING */ 4205 } 4206 #endif /* CONFIG_IPMI_PANIC_EVENT */ 4207 4208 static int has_panicked; 4209 4210 static int panic_event(struct notifier_block *this, 4211 unsigned long event, 4212 void *ptr) 4213 { 4214 ipmi_smi_t intf; 4215 4216 if (has_panicked) 4217 return NOTIFY_DONE; 4218 has_panicked = 1; 4219 4220 /* For every registered interface, set it to run to completion. */ 4221 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4222 if (!intf->handlers) 4223 /* Interface is not ready. */ 4224 continue; 4225 4226 intf->run_to_completion = 1; 4227 intf->handlers->set_run_to_completion(intf->send_info, 1); 4228 } 4229 4230 #ifdef CONFIG_IPMI_PANIC_EVENT 4231 send_panic_events(ptr); 4232 #endif 4233 4234 return NOTIFY_DONE; 4235 } 4236 4237 static struct notifier_block panic_block = { 4238 .notifier_call = panic_event, 4239 .next = NULL, 4240 .priority = 200 /* priority: INT_MAX >= x >= 0 */ 4241 }; 4242 4243 static int ipmi_init_msghandler(void) 4244 { 4245 int rv; 4246 4247 if (initialized) 4248 return 0; 4249 4250 rv = driver_register(&ipmidriver); 4251 if (rv) { 4252 printk(KERN_ERR PFX "Could not register IPMI driver\n"); 4253 return rv; 4254 } 4255 4256 printk(KERN_INFO "ipmi message handler version " 4257 IPMI_DRIVER_VERSION "\n"); 4258 4259 #ifdef CONFIG_PROC_FS 4260 proc_ipmi_root = proc_mkdir("ipmi", NULL); 4261 if (!proc_ipmi_root) { 4262 printk(KERN_ERR PFX "Unable to create IPMI proc dir"); 4263 return -ENOMEM; 4264 } 4265 4266 proc_ipmi_root->owner = THIS_MODULE; 4267 #endif /* CONFIG_PROC_FS */ 4268 4269 setup_timer(&ipmi_timer, ipmi_timeout, 0); 4270 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4271 4272 atomic_notifier_chain_register(&panic_notifier_list, &panic_block); 4273 4274 initialized = 1; 4275 4276 return 0; 4277 } 4278 4279 static __init int ipmi_init_msghandler_mod(void) 4280 { 4281 ipmi_init_msghandler(); 4282 return 0; 4283 } 4284 4285 static __exit void cleanup_ipmi(void) 4286 { 4287 int count; 4288 4289 if (!initialized) 4290 return; 4291 4292 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block); 4293 4294 /* 4295 * This can't be called if any interfaces exist, so no worry 4296 * about shutting down the interfaces. 4297 */ 4298 4299 /* 4300 * Tell the timer to stop, then wait for it to stop. This 4301 * avoids problems with race conditions removing the timer 4302 * here. 4303 */ 4304 atomic_inc(&stop_operation); 4305 del_timer_sync(&ipmi_timer); 4306 4307 #ifdef CONFIG_PROC_FS 4308 remove_proc_entry(proc_ipmi_root->name, NULL); 4309 #endif /* CONFIG_PROC_FS */ 4310 4311 driver_unregister(&ipmidriver); 4312 4313 initialized = 0; 4314 4315 /* Check for buffer leaks. */ 4316 count = atomic_read(&smi_msg_inuse_count); 4317 if (count != 0) 4318 printk(KERN_WARNING PFX "SMI message count %d at exit\n", 4319 count); 4320 count = atomic_read(&recv_msg_inuse_count); 4321 if (count != 0) 4322 printk(KERN_WARNING PFX "recv message count %d at exit\n", 4323 count); 4324 } 4325 module_exit(cleanup_ipmi); 4326 4327 module_init(ipmi_init_msghandler_mod); 4328 MODULE_LICENSE("GPL"); 4329 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>"); 4330 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI" 4331 " interface."); 4332 MODULE_VERSION(IPMI_DRIVER_VERSION); 4333