1 /* 2 * ipmi_msghandler.c 3 * 4 * Incoming and outgoing message routing for an IPMI interface. 5 * 6 * Author: MontaVista Software, Inc. 7 * Corey Minyard <minyard@mvista.com> 8 * source@mvista.com 9 * 10 * Copyright 2002 MontaVista Software Inc. 11 * 12 * This program is free software; you can redistribute it and/or modify it 13 * under the terms of the GNU General Public License as published by the 14 * Free Software Foundation; either version 2 of the License, or (at your 15 * option) any later version. 16 * 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * 29 * You should have received a copy of the GNU General Public License along 30 * with this program; if not, write to the Free Software Foundation, Inc., 31 * 675 Mass Ave, Cambridge, MA 02139, USA. 32 */ 33 34 #include <linux/module.h> 35 #include <linux/errno.h> 36 #include <linux/poll.h> 37 #include <linux/sched.h> 38 #include <linux/seq_file.h> 39 #include <linux/spinlock.h> 40 #include <linux/mutex.h> 41 #include <linux/slab.h> 42 #include <linux/ipmi.h> 43 #include <linux/ipmi_smi.h> 44 #include <linux/notifier.h> 45 #include <linux/init.h> 46 #include <linux/proc_fs.h> 47 #include <linux/rcupdate.h> 48 #include <linux/interrupt.h> 49 50 #define PFX "IPMI message handler: " 51 52 #define IPMI_DRIVER_VERSION "39.2" 53 54 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void); 55 static int ipmi_init_msghandler(void); 56 static void smi_recv_tasklet(unsigned long); 57 static void handle_new_recv_msgs(ipmi_smi_t intf); 58 59 static int initialized; 60 61 #ifdef CONFIG_PROC_FS 62 static struct proc_dir_entry *proc_ipmi_root; 63 #endif /* CONFIG_PROC_FS */ 64 65 /* Remain in auto-maintenance mode for this amount of time (in ms). */ 66 #define IPMI_MAINTENANCE_MODE_TIMEOUT 30000 67 68 #define MAX_EVENTS_IN_QUEUE 25 69 70 /* 71 * Don't let a message sit in a queue forever, always time it with at lest 72 * the max message timer. This is in milliseconds. 73 */ 74 #define MAX_MSG_TIMEOUT 60000 75 76 /* 77 * The main "user" data structure. 78 */ 79 struct ipmi_user { 80 struct list_head link; 81 82 /* Set to "0" when the user is destroyed. */ 83 int valid; 84 85 struct kref refcount; 86 87 /* The upper layer that handles receive messages. */ 88 struct ipmi_user_hndl *handler; 89 void *handler_data; 90 91 /* The interface this user is bound to. */ 92 ipmi_smi_t intf; 93 94 /* Does this interface receive IPMI events? */ 95 int gets_events; 96 }; 97 98 struct cmd_rcvr { 99 struct list_head link; 100 101 ipmi_user_t user; 102 unsigned char netfn; 103 unsigned char cmd; 104 unsigned int chans; 105 106 /* 107 * This is used to form a linked lised during mass deletion. 108 * Since this is in an RCU list, we cannot use the link above 109 * or change any data until the RCU period completes. So we 110 * use this next variable during mass deletion so we can have 111 * a list and don't have to wait and restart the search on 112 * every individual deletion of a command. 113 */ 114 struct cmd_rcvr *next; 115 }; 116 117 struct seq_table { 118 unsigned int inuse : 1; 119 unsigned int broadcast : 1; 120 121 unsigned long timeout; 122 unsigned long orig_timeout; 123 unsigned int retries_left; 124 125 /* 126 * To verify on an incoming send message response that this is 127 * the message that the response is for, we keep a sequence id 128 * and increment it every time we send a message. 129 */ 130 long seqid; 131 132 /* 133 * This is held so we can properly respond to the message on a 134 * timeout, and it is used to hold the temporary data for 135 * retransmission, too. 136 */ 137 struct ipmi_recv_msg *recv_msg; 138 }; 139 140 /* 141 * Store the information in a msgid (long) to allow us to find a 142 * sequence table entry from the msgid. 143 */ 144 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff)) 145 146 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \ 147 do { \ 148 seq = ((msgid >> 26) & 0x3f); \ 149 seqid = (msgid & 0x3fffff); \ 150 } while (0) 151 152 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff) 153 154 struct ipmi_channel { 155 unsigned char medium; 156 unsigned char protocol; 157 158 /* 159 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR, 160 * but may be changed by the user. 161 */ 162 unsigned char address; 163 164 /* 165 * My LUN. This should generally stay the SMS LUN, but just in 166 * case... 167 */ 168 unsigned char lun; 169 }; 170 171 #ifdef CONFIG_PROC_FS 172 struct ipmi_proc_entry { 173 char *name; 174 struct ipmi_proc_entry *next; 175 }; 176 #endif 177 178 struct bmc_device { 179 struct platform_device *dev; 180 struct ipmi_device_id id; 181 unsigned char guid[16]; 182 int guid_set; 183 184 struct kref refcount; 185 186 /* bmc device attributes */ 187 struct device_attribute device_id_attr; 188 struct device_attribute provides_dev_sdrs_attr; 189 struct device_attribute revision_attr; 190 struct device_attribute firmware_rev_attr; 191 struct device_attribute version_attr; 192 struct device_attribute add_dev_support_attr; 193 struct device_attribute manufacturer_id_attr; 194 struct device_attribute product_id_attr; 195 struct device_attribute guid_attr; 196 struct device_attribute aux_firmware_rev_attr; 197 }; 198 199 /* 200 * Various statistics for IPMI, these index stats[] in the ipmi_smi 201 * structure. 202 */ 203 enum ipmi_stat_indexes { 204 /* Commands we got from the user that were invalid. */ 205 IPMI_STAT_sent_invalid_commands = 0, 206 207 /* Commands we sent to the MC. */ 208 IPMI_STAT_sent_local_commands, 209 210 /* Responses from the MC that were delivered to a user. */ 211 IPMI_STAT_handled_local_responses, 212 213 /* Responses from the MC that were not delivered to a user. */ 214 IPMI_STAT_unhandled_local_responses, 215 216 /* Commands we sent out to the IPMB bus. */ 217 IPMI_STAT_sent_ipmb_commands, 218 219 /* Commands sent on the IPMB that had errors on the SEND CMD */ 220 IPMI_STAT_sent_ipmb_command_errs, 221 222 /* Each retransmit increments this count. */ 223 IPMI_STAT_retransmitted_ipmb_commands, 224 225 /* 226 * When a message times out (runs out of retransmits) this is 227 * incremented. 228 */ 229 IPMI_STAT_timed_out_ipmb_commands, 230 231 /* 232 * This is like above, but for broadcasts. Broadcasts are 233 * *not* included in the above count (they are expected to 234 * time out). 235 */ 236 IPMI_STAT_timed_out_ipmb_broadcasts, 237 238 /* Responses I have sent to the IPMB bus. */ 239 IPMI_STAT_sent_ipmb_responses, 240 241 /* The response was delivered to the user. */ 242 IPMI_STAT_handled_ipmb_responses, 243 244 /* The response had invalid data in it. */ 245 IPMI_STAT_invalid_ipmb_responses, 246 247 /* The response didn't have anyone waiting for it. */ 248 IPMI_STAT_unhandled_ipmb_responses, 249 250 /* Commands we sent out to the IPMB bus. */ 251 IPMI_STAT_sent_lan_commands, 252 253 /* Commands sent on the IPMB that had errors on the SEND CMD */ 254 IPMI_STAT_sent_lan_command_errs, 255 256 /* Each retransmit increments this count. */ 257 IPMI_STAT_retransmitted_lan_commands, 258 259 /* 260 * When a message times out (runs out of retransmits) this is 261 * incremented. 262 */ 263 IPMI_STAT_timed_out_lan_commands, 264 265 /* Responses I have sent to the IPMB bus. */ 266 IPMI_STAT_sent_lan_responses, 267 268 /* The response was delivered to the user. */ 269 IPMI_STAT_handled_lan_responses, 270 271 /* The response had invalid data in it. */ 272 IPMI_STAT_invalid_lan_responses, 273 274 /* The response didn't have anyone waiting for it. */ 275 IPMI_STAT_unhandled_lan_responses, 276 277 /* The command was delivered to the user. */ 278 IPMI_STAT_handled_commands, 279 280 /* The command had invalid data in it. */ 281 IPMI_STAT_invalid_commands, 282 283 /* The command didn't have anyone waiting for it. */ 284 IPMI_STAT_unhandled_commands, 285 286 /* Invalid data in an event. */ 287 IPMI_STAT_invalid_events, 288 289 /* Events that were received with the proper format. */ 290 IPMI_STAT_events, 291 292 /* Retransmissions on IPMB that failed. */ 293 IPMI_STAT_dropped_rexmit_ipmb_commands, 294 295 /* Retransmissions on LAN that failed. */ 296 IPMI_STAT_dropped_rexmit_lan_commands, 297 298 /* This *must* remain last, add new values above this. */ 299 IPMI_NUM_STATS 300 }; 301 302 303 #define IPMI_IPMB_NUM_SEQ 64 304 #define IPMI_MAX_CHANNELS 16 305 struct ipmi_smi { 306 /* What interface number are we? */ 307 int intf_num; 308 309 struct kref refcount; 310 311 /* Used for a list of interfaces. */ 312 struct list_head link; 313 314 /* 315 * The list of upper layers that are using me. seq_lock 316 * protects this. 317 */ 318 struct list_head users; 319 320 /* Information to supply to users. */ 321 unsigned char ipmi_version_major; 322 unsigned char ipmi_version_minor; 323 324 /* Used for wake ups at startup. */ 325 wait_queue_head_t waitq; 326 327 struct bmc_device *bmc; 328 char *my_dev_name; 329 char *sysfs_name; 330 331 /* 332 * This is the lower-layer's sender routine. Note that you 333 * must either be holding the ipmi_interfaces_mutex or be in 334 * an umpreemptible region to use this. You must fetch the 335 * value into a local variable and make sure it is not NULL. 336 */ 337 struct ipmi_smi_handlers *handlers; 338 void *send_info; 339 340 #ifdef CONFIG_PROC_FS 341 /* A list of proc entries for this interface. */ 342 struct mutex proc_entry_lock; 343 struct ipmi_proc_entry *proc_entries; 344 #endif 345 346 /* Driver-model device for the system interface. */ 347 struct device *si_dev; 348 349 /* 350 * A table of sequence numbers for this interface. We use the 351 * sequence numbers for IPMB messages that go out of the 352 * interface to match them up with their responses. A routine 353 * is called periodically to time the items in this list. 354 */ 355 spinlock_t seq_lock; 356 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ]; 357 int curr_seq; 358 359 /* 360 * Messages queued for delivery. If delivery fails (out of memory 361 * for instance), They will stay in here to be processed later in a 362 * periodic timer interrupt. The tasklet is for handling received 363 * messages directly from the handler. 364 */ 365 spinlock_t waiting_msgs_lock; 366 struct list_head waiting_msgs; 367 atomic_t watchdog_pretimeouts_to_deliver; 368 struct tasklet_struct recv_tasklet; 369 370 /* 371 * The list of command receivers that are registered for commands 372 * on this interface. 373 */ 374 struct mutex cmd_rcvrs_mutex; 375 struct list_head cmd_rcvrs; 376 377 /* 378 * Events that were queues because no one was there to receive 379 * them. 380 */ 381 spinlock_t events_lock; /* For dealing with event stuff. */ 382 struct list_head waiting_events; 383 unsigned int waiting_events_count; /* How many events in queue? */ 384 char delivering_events; 385 char event_msg_printed; 386 387 /* 388 * The event receiver for my BMC, only really used at panic 389 * shutdown as a place to store this. 390 */ 391 unsigned char event_receiver; 392 unsigned char event_receiver_lun; 393 unsigned char local_sel_device; 394 unsigned char local_event_generator; 395 396 /* For handling of maintenance mode. */ 397 int maintenance_mode; 398 int maintenance_mode_enable; 399 int auto_maintenance_timeout; 400 spinlock_t maintenance_mode_lock; /* Used in a timer... */ 401 402 /* 403 * A cheap hack, if this is non-null and a message to an 404 * interface comes in with a NULL user, call this routine with 405 * it. Note that the message will still be freed by the 406 * caller. This only works on the system interface. 407 */ 408 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg); 409 410 /* 411 * When we are scanning the channels for an SMI, this will 412 * tell which channel we are scanning. 413 */ 414 int curr_channel; 415 416 /* Channel information */ 417 struct ipmi_channel channels[IPMI_MAX_CHANNELS]; 418 419 /* Proc FS stuff. */ 420 struct proc_dir_entry *proc_dir; 421 char proc_dir_name[10]; 422 423 atomic_t stats[IPMI_NUM_STATS]; 424 425 /* 426 * run_to_completion duplicate of smb_info, smi_info 427 * and ipmi_serial_info structures. Used to decrease numbers of 428 * parameters passed by "low" level IPMI code. 429 */ 430 int run_to_completion; 431 }; 432 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev) 433 434 /** 435 * The driver model view of the IPMI messaging driver. 436 */ 437 static struct platform_driver ipmidriver = { 438 .driver = { 439 .name = "ipmi", 440 .bus = &platform_bus_type 441 } 442 }; 443 static DEFINE_MUTEX(ipmidriver_mutex); 444 445 static LIST_HEAD(ipmi_interfaces); 446 static DEFINE_MUTEX(ipmi_interfaces_mutex); 447 448 /* 449 * List of watchers that want to know when smi's are added and deleted. 450 */ 451 static LIST_HEAD(smi_watchers); 452 static DEFINE_MUTEX(smi_watchers_mutex); 453 454 455 #define ipmi_inc_stat(intf, stat) \ 456 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat]) 457 #define ipmi_get_stat(intf, stat) \ 458 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat])) 459 460 static int is_lan_addr(struct ipmi_addr *addr) 461 { 462 return addr->addr_type == IPMI_LAN_ADDR_TYPE; 463 } 464 465 static int is_ipmb_addr(struct ipmi_addr *addr) 466 { 467 return addr->addr_type == IPMI_IPMB_ADDR_TYPE; 468 } 469 470 static int is_ipmb_bcast_addr(struct ipmi_addr *addr) 471 { 472 return addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE; 473 } 474 475 static void free_recv_msg_list(struct list_head *q) 476 { 477 struct ipmi_recv_msg *msg, *msg2; 478 479 list_for_each_entry_safe(msg, msg2, q, link) { 480 list_del(&msg->link); 481 ipmi_free_recv_msg(msg); 482 } 483 } 484 485 static void free_smi_msg_list(struct list_head *q) 486 { 487 struct ipmi_smi_msg *msg, *msg2; 488 489 list_for_each_entry_safe(msg, msg2, q, link) { 490 list_del(&msg->link); 491 ipmi_free_smi_msg(msg); 492 } 493 } 494 495 static void clean_up_interface_data(ipmi_smi_t intf) 496 { 497 int i; 498 struct cmd_rcvr *rcvr, *rcvr2; 499 struct list_head list; 500 501 tasklet_kill(&intf->recv_tasklet); 502 503 free_smi_msg_list(&intf->waiting_msgs); 504 free_recv_msg_list(&intf->waiting_events); 505 506 /* 507 * Wholesale remove all the entries from the list in the 508 * interface and wait for RCU to know that none are in use. 509 */ 510 mutex_lock(&intf->cmd_rcvrs_mutex); 511 INIT_LIST_HEAD(&list); 512 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu); 513 mutex_unlock(&intf->cmd_rcvrs_mutex); 514 515 list_for_each_entry_safe(rcvr, rcvr2, &list, link) 516 kfree(rcvr); 517 518 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 519 if ((intf->seq_table[i].inuse) 520 && (intf->seq_table[i].recv_msg)) 521 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 522 } 523 } 524 525 static void intf_free(struct kref *ref) 526 { 527 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount); 528 529 clean_up_interface_data(intf); 530 kfree(intf); 531 } 532 533 struct watcher_entry { 534 int intf_num; 535 ipmi_smi_t intf; 536 struct list_head link; 537 }; 538 539 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher) 540 { 541 ipmi_smi_t intf; 542 LIST_HEAD(to_deliver); 543 struct watcher_entry *e, *e2; 544 545 mutex_lock(&smi_watchers_mutex); 546 547 mutex_lock(&ipmi_interfaces_mutex); 548 549 /* Build a list of things to deliver. */ 550 list_for_each_entry(intf, &ipmi_interfaces, link) { 551 if (intf->intf_num == -1) 552 continue; 553 e = kmalloc(sizeof(*e), GFP_KERNEL); 554 if (!e) 555 goto out_err; 556 kref_get(&intf->refcount); 557 e->intf = intf; 558 e->intf_num = intf->intf_num; 559 list_add_tail(&e->link, &to_deliver); 560 } 561 562 /* We will succeed, so add it to the list. */ 563 list_add(&watcher->link, &smi_watchers); 564 565 mutex_unlock(&ipmi_interfaces_mutex); 566 567 list_for_each_entry_safe(e, e2, &to_deliver, link) { 568 list_del(&e->link); 569 watcher->new_smi(e->intf_num, e->intf->si_dev); 570 kref_put(&e->intf->refcount, intf_free); 571 kfree(e); 572 } 573 574 mutex_unlock(&smi_watchers_mutex); 575 576 return 0; 577 578 out_err: 579 mutex_unlock(&ipmi_interfaces_mutex); 580 mutex_unlock(&smi_watchers_mutex); 581 list_for_each_entry_safe(e, e2, &to_deliver, link) { 582 list_del(&e->link); 583 kref_put(&e->intf->refcount, intf_free); 584 kfree(e); 585 } 586 return -ENOMEM; 587 } 588 EXPORT_SYMBOL(ipmi_smi_watcher_register); 589 590 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher) 591 { 592 mutex_lock(&smi_watchers_mutex); 593 list_del(&(watcher->link)); 594 mutex_unlock(&smi_watchers_mutex); 595 return 0; 596 } 597 EXPORT_SYMBOL(ipmi_smi_watcher_unregister); 598 599 /* 600 * Must be called with smi_watchers_mutex held. 601 */ 602 static void 603 call_smi_watchers(int i, struct device *dev) 604 { 605 struct ipmi_smi_watcher *w; 606 607 list_for_each_entry(w, &smi_watchers, link) { 608 if (try_module_get(w->owner)) { 609 w->new_smi(i, dev); 610 module_put(w->owner); 611 } 612 } 613 } 614 615 static int 616 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2) 617 { 618 if (addr1->addr_type != addr2->addr_type) 619 return 0; 620 621 if (addr1->channel != addr2->channel) 622 return 0; 623 624 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 625 struct ipmi_system_interface_addr *smi_addr1 626 = (struct ipmi_system_interface_addr *) addr1; 627 struct ipmi_system_interface_addr *smi_addr2 628 = (struct ipmi_system_interface_addr *) addr2; 629 return (smi_addr1->lun == smi_addr2->lun); 630 } 631 632 if (is_ipmb_addr(addr1) || is_ipmb_bcast_addr(addr1)) { 633 struct ipmi_ipmb_addr *ipmb_addr1 634 = (struct ipmi_ipmb_addr *) addr1; 635 struct ipmi_ipmb_addr *ipmb_addr2 636 = (struct ipmi_ipmb_addr *) addr2; 637 638 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr) 639 && (ipmb_addr1->lun == ipmb_addr2->lun)); 640 } 641 642 if (is_lan_addr(addr1)) { 643 struct ipmi_lan_addr *lan_addr1 644 = (struct ipmi_lan_addr *) addr1; 645 struct ipmi_lan_addr *lan_addr2 646 = (struct ipmi_lan_addr *) addr2; 647 648 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID) 649 && (lan_addr1->local_SWID == lan_addr2->local_SWID) 650 && (lan_addr1->session_handle 651 == lan_addr2->session_handle) 652 && (lan_addr1->lun == lan_addr2->lun)); 653 } 654 655 return 1; 656 } 657 658 int ipmi_validate_addr(struct ipmi_addr *addr, int len) 659 { 660 if (len < sizeof(struct ipmi_system_interface_addr)) 661 return -EINVAL; 662 663 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 664 if (addr->channel != IPMI_BMC_CHANNEL) 665 return -EINVAL; 666 return 0; 667 } 668 669 if ((addr->channel == IPMI_BMC_CHANNEL) 670 || (addr->channel >= IPMI_MAX_CHANNELS) 671 || (addr->channel < 0)) 672 return -EINVAL; 673 674 if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) { 675 if (len < sizeof(struct ipmi_ipmb_addr)) 676 return -EINVAL; 677 return 0; 678 } 679 680 if (is_lan_addr(addr)) { 681 if (len < sizeof(struct ipmi_lan_addr)) 682 return -EINVAL; 683 return 0; 684 } 685 686 return -EINVAL; 687 } 688 EXPORT_SYMBOL(ipmi_validate_addr); 689 690 unsigned int ipmi_addr_length(int addr_type) 691 { 692 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 693 return sizeof(struct ipmi_system_interface_addr); 694 695 if ((addr_type == IPMI_IPMB_ADDR_TYPE) 696 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 697 return sizeof(struct ipmi_ipmb_addr); 698 699 if (addr_type == IPMI_LAN_ADDR_TYPE) 700 return sizeof(struct ipmi_lan_addr); 701 702 return 0; 703 } 704 EXPORT_SYMBOL(ipmi_addr_length); 705 706 static void deliver_response(struct ipmi_recv_msg *msg) 707 { 708 if (!msg->user) { 709 ipmi_smi_t intf = msg->user_msg_data; 710 711 /* Special handling for NULL users. */ 712 if (intf->null_user_handler) { 713 intf->null_user_handler(intf, msg); 714 ipmi_inc_stat(intf, handled_local_responses); 715 } else { 716 /* No handler, so give up. */ 717 ipmi_inc_stat(intf, unhandled_local_responses); 718 } 719 ipmi_free_recv_msg(msg); 720 } else { 721 ipmi_user_t user = msg->user; 722 user->handler->ipmi_recv_hndl(msg, user->handler_data); 723 } 724 } 725 726 static void 727 deliver_err_response(struct ipmi_recv_msg *msg, int err) 728 { 729 msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 730 msg->msg_data[0] = err; 731 msg->msg.netfn |= 1; /* Convert to a response. */ 732 msg->msg.data_len = 1; 733 msg->msg.data = msg->msg_data; 734 deliver_response(msg); 735 } 736 737 /* 738 * Find the next sequence number not being used and add the given 739 * message with the given timeout to the sequence table. This must be 740 * called with the interface's seq_lock held. 741 */ 742 static int intf_next_seq(ipmi_smi_t intf, 743 struct ipmi_recv_msg *recv_msg, 744 unsigned long timeout, 745 int retries, 746 int broadcast, 747 unsigned char *seq, 748 long *seqid) 749 { 750 int rv = 0; 751 unsigned int i; 752 753 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq; 754 i = (i+1)%IPMI_IPMB_NUM_SEQ) { 755 if (!intf->seq_table[i].inuse) 756 break; 757 } 758 759 if (!intf->seq_table[i].inuse) { 760 intf->seq_table[i].recv_msg = recv_msg; 761 762 /* 763 * Start with the maximum timeout, when the send response 764 * comes in we will start the real timer. 765 */ 766 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT; 767 intf->seq_table[i].orig_timeout = timeout; 768 intf->seq_table[i].retries_left = retries; 769 intf->seq_table[i].broadcast = broadcast; 770 intf->seq_table[i].inuse = 1; 771 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid); 772 *seq = i; 773 *seqid = intf->seq_table[i].seqid; 774 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ; 775 } else { 776 rv = -EAGAIN; 777 } 778 779 return rv; 780 } 781 782 /* 783 * Return the receive message for the given sequence number and 784 * release the sequence number so it can be reused. Some other data 785 * is passed in to be sure the message matches up correctly (to help 786 * guard against message coming in after their timeout and the 787 * sequence number being reused). 788 */ 789 static int intf_find_seq(ipmi_smi_t intf, 790 unsigned char seq, 791 short channel, 792 unsigned char cmd, 793 unsigned char netfn, 794 struct ipmi_addr *addr, 795 struct ipmi_recv_msg **recv_msg) 796 { 797 int rv = -ENODEV; 798 unsigned long flags; 799 800 if (seq >= IPMI_IPMB_NUM_SEQ) 801 return -EINVAL; 802 803 spin_lock_irqsave(&(intf->seq_lock), flags); 804 if (intf->seq_table[seq].inuse) { 805 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg; 806 807 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd) 808 && (msg->msg.netfn == netfn) 809 && (ipmi_addr_equal(addr, &(msg->addr)))) { 810 *recv_msg = msg; 811 intf->seq_table[seq].inuse = 0; 812 rv = 0; 813 } 814 } 815 spin_unlock_irqrestore(&(intf->seq_lock), flags); 816 817 return rv; 818 } 819 820 821 /* Start the timer for a specific sequence table entry. */ 822 static int intf_start_seq_timer(ipmi_smi_t intf, 823 long msgid) 824 { 825 int rv = -ENODEV; 826 unsigned long flags; 827 unsigned char seq; 828 unsigned long seqid; 829 830 831 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 832 833 spin_lock_irqsave(&(intf->seq_lock), flags); 834 /* 835 * We do this verification because the user can be deleted 836 * while a message is outstanding. 837 */ 838 if ((intf->seq_table[seq].inuse) 839 && (intf->seq_table[seq].seqid == seqid)) { 840 struct seq_table *ent = &(intf->seq_table[seq]); 841 ent->timeout = ent->orig_timeout; 842 rv = 0; 843 } 844 spin_unlock_irqrestore(&(intf->seq_lock), flags); 845 846 return rv; 847 } 848 849 /* Got an error for the send message for a specific sequence number. */ 850 static int intf_err_seq(ipmi_smi_t intf, 851 long msgid, 852 unsigned int err) 853 { 854 int rv = -ENODEV; 855 unsigned long flags; 856 unsigned char seq; 857 unsigned long seqid; 858 struct ipmi_recv_msg *msg = NULL; 859 860 861 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 862 863 spin_lock_irqsave(&(intf->seq_lock), flags); 864 /* 865 * We do this verification because the user can be deleted 866 * while a message is outstanding. 867 */ 868 if ((intf->seq_table[seq].inuse) 869 && (intf->seq_table[seq].seqid == seqid)) { 870 struct seq_table *ent = &(intf->seq_table[seq]); 871 872 ent->inuse = 0; 873 msg = ent->recv_msg; 874 rv = 0; 875 } 876 spin_unlock_irqrestore(&(intf->seq_lock), flags); 877 878 if (msg) 879 deliver_err_response(msg, err); 880 881 return rv; 882 } 883 884 885 int ipmi_create_user(unsigned int if_num, 886 struct ipmi_user_hndl *handler, 887 void *handler_data, 888 ipmi_user_t *user) 889 { 890 unsigned long flags; 891 ipmi_user_t new_user; 892 int rv = 0; 893 ipmi_smi_t intf; 894 895 /* 896 * There is no module usecount here, because it's not 897 * required. Since this can only be used by and called from 898 * other modules, they will implicitly use this module, and 899 * thus this can't be removed unless the other modules are 900 * removed. 901 */ 902 903 if (handler == NULL) 904 return -EINVAL; 905 906 /* 907 * Make sure the driver is actually initialized, this handles 908 * problems with initialization order. 909 */ 910 if (!initialized) { 911 rv = ipmi_init_msghandler(); 912 if (rv) 913 return rv; 914 915 /* 916 * The init code doesn't return an error if it was turned 917 * off, but it won't initialize. Check that. 918 */ 919 if (!initialized) 920 return -ENODEV; 921 } 922 923 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL); 924 if (!new_user) 925 return -ENOMEM; 926 927 mutex_lock(&ipmi_interfaces_mutex); 928 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 929 if (intf->intf_num == if_num) 930 goto found; 931 } 932 /* Not found, return an error */ 933 rv = -EINVAL; 934 goto out_kfree; 935 936 found: 937 /* Note that each existing user holds a refcount to the interface. */ 938 kref_get(&intf->refcount); 939 940 kref_init(&new_user->refcount); 941 new_user->handler = handler; 942 new_user->handler_data = handler_data; 943 new_user->intf = intf; 944 new_user->gets_events = 0; 945 946 if (!try_module_get(intf->handlers->owner)) { 947 rv = -ENODEV; 948 goto out_kref; 949 } 950 951 if (intf->handlers->inc_usecount) { 952 rv = intf->handlers->inc_usecount(intf->send_info); 953 if (rv) { 954 module_put(intf->handlers->owner); 955 goto out_kref; 956 } 957 } 958 959 /* 960 * Hold the lock so intf->handlers is guaranteed to be good 961 * until now 962 */ 963 mutex_unlock(&ipmi_interfaces_mutex); 964 965 new_user->valid = 1; 966 spin_lock_irqsave(&intf->seq_lock, flags); 967 list_add_rcu(&new_user->link, &intf->users); 968 spin_unlock_irqrestore(&intf->seq_lock, flags); 969 *user = new_user; 970 return 0; 971 972 out_kref: 973 kref_put(&intf->refcount, intf_free); 974 out_kfree: 975 mutex_unlock(&ipmi_interfaces_mutex); 976 kfree(new_user); 977 return rv; 978 } 979 EXPORT_SYMBOL(ipmi_create_user); 980 981 int ipmi_get_smi_info(int if_num, struct ipmi_smi_info *data) 982 { 983 int rv = 0; 984 ipmi_smi_t intf; 985 struct ipmi_smi_handlers *handlers; 986 987 mutex_lock(&ipmi_interfaces_mutex); 988 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 989 if (intf->intf_num == if_num) 990 goto found; 991 } 992 /* Not found, return an error */ 993 rv = -EINVAL; 994 mutex_unlock(&ipmi_interfaces_mutex); 995 return rv; 996 997 found: 998 handlers = intf->handlers; 999 rv = -ENOSYS; 1000 if (handlers->get_smi_info) 1001 rv = handlers->get_smi_info(intf->send_info, data); 1002 mutex_unlock(&ipmi_interfaces_mutex); 1003 1004 return rv; 1005 } 1006 EXPORT_SYMBOL(ipmi_get_smi_info); 1007 1008 static void free_user(struct kref *ref) 1009 { 1010 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount); 1011 kfree(user); 1012 } 1013 1014 int ipmi_destroy_user(ipmi_user_t user) 1015 { 1016 ipmi_smi_t intf = user->intf; 1017 int i; 1018 unsigned long flags; 1019 struct cmd_rcvr *rcvr; 1020 struct cmd_rcvr *rcvrs = NULL; 1021 1022 user->valid = 0; 1023 1024 /* Remove the user from the interface's sequence table. */ 1025 spin_lock_irqsave(&intf->seq_lock, flags); 1026 list_del_rcu(&user->link); 1027 1028 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 1029 if (intf->seq_table[i].inuse 1030 && (intf->seq_table[i].recv_msg->user == user)) { 1031 intf->seq_table[i].inuse = 0; 1032 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 1033 } 1034 } 1035 spin_unlock_irqrestore(&intf->seq_lock, flags); 1036 1037 /* 1038 * Remove the user from the command receiver's table. First 1039 * we build a list of everything (not using the standard link, 1040 * since other things may be using it till we do 1041 * synchronize_rcu()) then free everything in that list. 1042 */ 1043 mutex_lock(&intf->cmd_rcvrs_mutex); 1044 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1045 if (rcvr->user == user) { 1046 list_del_rcu(&rcvr->link); 1047 rcvr->next = rcvrs; 1048 rcvrs = rcvr; 1049 } 1050 } 1051 mutex_unlock(&intf->cmd_rcvrs_mutex); 1052 synchronize_rcu(); 1053 while (rcvrs) { 1054 rcvr = rcvrs; 1055 rcvrs = rcvr->next; 1056 kfree(rcvr); 1057 } 1058 1059 mutex_lock(&ipmi_interfaces_mutex); 1060 if (intf->handlers) { 1061 module_put(intf->handlers->owner); 1062 if (intf->handlers->dec_usecount) 1063 intf->handlers->dec_usecount(intf->send_info); 1064 } 1065 mutex_unlock(&ipmi_interfaces_mutex); 1066 1067 kref_put(&intf->refcount, intf_free); 1068 1069 kref_put(&user->refcount, free_user); 1070 1071 return 0; 1072 } 1073 EXPORT_SYMBOL(ipmi_destroy_user); 1074 1075 void ipmi_get_version(ipmi_user_t user, 1076 unsigned char *major, 1077 unsigned char *minor) 1078 { 1079 *major = user->intf->ipmi_version_major; 1080 *minor = user->intf->ipmi_version_minor; 1081 } 1082 EXPORT_SYMBOL(ipmi_get_version); 1083 1084 int ipmi_set_my_address(ipmi_user_t user, 1085 unsigned int channel, 1086 unsigned char address) 1087 { 1088 if (channel >= IPMI_MAX_CHANNELS) 1089 return -EINVAL; 1090 user->intf->channels[channel].address = address; 1091 return 0; 1092 } 1093 EXPORT_SYMBOL(ipmi_set_my_address); 1094 1095 int ipmi_get_my_address(ipmi_user_t user, 1096 unsigned int channel, 1097 unsigned char *address) 1098 { 1099 if (channel >= IPMI_MAX_CHANNELS) 1100 return -EINVAL; 1101 *address = user->intf->channels[channel].address; 1102 return 0; 1103 } 1104 EXPORT_SYMBOL(ipmi_get_my_address); 1105 1106 int ipmi_set_my_LUN(ipmi_user_t user, 1107 unsigned int channel, 1108 unsigned char LUN) 1109 { 1110 if (channel >= IPMI_MAX_CHANNELS) 1111 return -EINVAL; 1112 user->intf->channels[channel].lun = LUN & 0x3; 1113 return 0; 1114 } 1115 EXPORT_SYMBOL(ipmi_set_my_LUN); 1116 1117 int ipmi_get_my_LUN(ipmi_user_t user, 1118 unsigned int channel, 1119 unsigned char *address) 1120 { 1121 if (channel >= IPMI_MAX_CHANNELS) 1122 return -EINVAL; 1123 *address = user->intf->channels[channel].lun; 1124 return 0; 1125 } 1126 EXPORT_SYMBOL(ipmi_get_my_LUN); 1127 1128 int ipmi_get_maintenance_mode(ipmi_user_t user) 1129 { 1130 int mode; 1131 unsigned long flags; 1132 1133 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags); 1134 mode = user->intf->maintenance_mode; 1135 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags); 1136 1137 return mode; 1138 } 1139 EXPORT_SYMBOL(ipmi_get_maintenance_mode); 1140 1141 static void maintenance_mode_update(ipmi_smi_t intf) 1142 { 1143 if (intf->handlers->set_maintenance_mode) 1144 intf->handlers->set_maintenance_mode( 1145 intf->send_info, intf->maintenance_mode_enable); 1146 } 1147 1148 int ipmi_set_maintenance_mode(ipmi_user_t user, int mode) 1149 { 1150 int rv = 0; 1151 unsigned long flags; 1152 ipmi_smi_t intf = user->intf; 1153 1154 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1155 if (intf->maintenance_mode != mode) { 1156 switch (mode) { 1157 case IPMI_MAINTENANCE_MODE_AUTO: 1158 intf->maintenance_mode = mode; 1159 intf->maintenance_mode_enable 1160 = (intf->auto_maintenance_timeout > 0); 1161 break; 1162 1163 case IPMI_MAINTENANCE_MODE_OFF: 1164 intf->maintenance_mode = mode; 1165 intf->maintenance_mode_enable = 0; 1166 break; 1167 1168 case IPMI_MAINTENANCE_MODE_ON: 1169 intf->maintenance_mode = mode; 1170 intf->maintenance_mode_enable = 1; 1171 break; 1172 1173 default: 1174 rv = -EINVAL; 1175 goto out_unlock; 1176 } 1177 1178 maintenance_mode_update(intf); 1179 } 1180 out_unlock: 1181 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags); 1182 1183 return rv; 1184 } 1185 EXPORT_SYMBOL(ipmi_set_maintenance_mode); 1186 1187 int ipmi_set_gets_events(ipmi_user_t user, int val) 1188 { 1189 unsigned long flags; 1190 ipmi_smi_t intf = user->intf; 1191 struct ipmi_recv_msg *msg, *msg2; 1192 struct list_head msgs; 1193 1194 INIT_LIST_HEAD(&msgs); 1195 1196 spin_lock_irqsave(&intf->events_lock, flags); 1197 user->gets_events = val; 1198 1199 if (intf->delivering_events) 1200 /* 1201 * Another thread is delivering events for this, so 1202 * let it handle any new events. 1203 */ 1204 goto out; 1205 1206 /* Deliver any queued events. */ 1207 while (user->gets_events && !list_empty(&intf->waiting_events)) { 1208 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link) 1209 list_move_tail(&msg->link, &msgs); 1210 intf->waiting_events_count = 0; 1211 if (intf->event_msg_printed) { 1212 printk(KERN_WARNING PFX "Event queue no longer" 1213 " full\n"); 1214 intf->event_msg_printed = 0; 1215 } 1216 1217 intf->delivering_events = 1; 1218 spin_unlock_irqrestore(&intf->events_lock, flags); 1219 1220 list_for_each_entry_safe(msg, msg2, &msgs, link) { 1221 msg->user = user; 1222 kref_get(&user->refcount); 1223 deliver_response(msg); 1224 } 1225 1226 spin_lock_irqsave(&intf->events_lock, flags); 1227 intf->delivering_events = 0; 1228 } 1229 1230 out: 1231 spin_unlock_irqrestore(&intf->events_lock, flags); 1232 1233 return 0; 1234 } 1235 EXPORT_SYMBOL(ipmi_set_gets_events); 1236 1237 static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf, 1238 unsigned char netfn, 1239 unsigned char cmd, 1240 unsigned char chan) 1241 { 1242 struct cmd_rcvr *rcvr; 1243 1244 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1245 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1246 && (rcvr->chans & (1 << chan))) 1247 return rcvr; 1248 } 1249 return NULL; 1250 } 1251 1252 static int is_cmd_rcvr_exclusive(ipmi_smi_t intf, 1253 unsigned char netfn, 1254 unsigned char cmd, 1255 unsigned int chans) 1256 { 1257 struct cmd_rcvr *rcvr; 1258 1259 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1260 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1261 && (rcvr->chans & chans)) 1262 return 0; 1263 } 1264 return 1; 1265 } 1266 1267 int ipmi_register_for_cmd(ipmi_user_t user, 1268 unsigned char netfn, 1269 unsigned char cmd, 1270 unsigned int chans) 1271 { 1272 ipmi_smi_t intf = user->intf; 1273 struct cmd_rcvr *rcvr; 1274 int rv = 0; 1275 1276 1277 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL); 1278 if (!rcvr) 1279 return -ENOMEM; 1280 rcvr->cmd = cmd; 1281 rcvr->netfn = netfn; 1282 rcvr->chans = chans; 1283 rcvr->user = user; 1284 1285 mutex_lock(&intf->cmd_rcvrs_mutex); 1286 /* Make sure the command/netfn is not already registered. */ 1287 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) { 1288 rv = -EBUSY; 1289 goto out_unlock; 1290 } 1291 1292 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs); 1293 1294 out_unlock: 1295 mutex_unlock(&intf->cmd_rcvrs_mutex); 1296 if (rv) 1297 kfree(rcvr); 1298 1299 return rv; 1300 } 1301 EXPORT_SYMBOL(ipmi_register_for_cmd); 1302 1303 int ipmi_unregister_for_cmd(ipmi_user_t user, 1304 unsigned char netfn, 1305 unsigned char cmd, 1306 unsigned int chans) 1307 { 1308 ipmi_smi_t intf = user->intf; 1309 struct cmd_rcvr *rcvr; 1310 struct cmd_rcvr *rcvrs = NULL; 1311 int i, rv = -ENOENT; 1312 1313 mutex_lock(&intf->cmd_rcvrs_mutex); 1314 for (i = 0; i < IPMI_NUM_CHANNELS; i++) { 1315 if (((1 << i) & chans) == 0) 1316 continue; 1317 rcvr = find_cmd_rcvr(intf, netfn, cmd, i); 1318 if (rcvr == NULL) 1319 continue; 1320 if (rcvr->user == user) { 1321 rv = 0; 1322 rcvr->chans &= ~chans; 1323 if (rcvr->chans == 0) { 1324 list_del_rcu(&rcvr->link); 1325 rcvr->next = rcvrs; 1326 rcvrs = rcvr; 1327 } 1328 } 1329 } 1330 mutex_unlock(&intf->cmd_rcvrs_mutex); 1331 synchronize_rcu(); 1332 while (rcvrs) { 1333 rcvr = rcvrs; 1334 rcvrs = rcvr->next; 1335 kfree(rcvr); 1336 } 1337 return rv; 1338 } 1339 EXPORT_SYMBOL(ipmi_unregister_for_cmd); 1340 1341 static unsigned char 1342 ipmb_checksum(unsigned char *data, int size) 1343 { 1344 unsigned char csum = 0; 1345 1346 for (; size > 0; size--, data++) 1347 csum += *data; 1348 1349 return -csum; 1350 } 1351 1352 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg, 1353 struct kernel_ipmi_msg *msg, 1354 struct ipmi_ipmb_addr *ipmb_addr, 1355 long msgid, 1356 unsigned char ipmb_seq, 1357 int broadcast, 1358 unsigned char source_address, 1359 unsigned char source_lun) 1360 { 1361 int i = broadcast; 1362 1363 /* Format the IPMB header data. */ 1364 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1365 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1366 smi_msg->data[2] = ipmb_addr->channel; 1367 if (broadcast) 1368 smi_msg->data[3] = 0; 1369 smi_msg->data[i+3] = ipmb_addr->slave_addr; 1370 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3); 1371 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2); 1372 smi_msg->data[i+6] = source_address; 1373 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun; 1374 smi_msg->data[i+8] = msg->cmd; 1375 1376 /* Now tack on the data to the message. */ 1377 if (msg->data_len > 0) 1378 memcpy(&(smi_msg->data[i+9]), msg->data, 1379 msg->data_len); 1380 smi_msg->data_size = msg->data_len + 9; 1381 1382 /* Now calculate the checksum and tack it on. */ 1383 smi_msg->data[i+smi_msg->data_size] 1384 = ipmb_checksum(&(smi_msg->data[i+6]), 1385 smi_msg->data_size-6); 1386 1387 /* 1388 * Add on the checksum size and the offset from the 1389 * broadcast. 1390 */ 1391 smi_msg->data_size += 1 + i; 1392 1393 smi_msg->msgid = msgid; 1394 } 1395 1396 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg, 1397 struct kernel_ipmi_msg *msg, 1398 struct ipmi_lan_addr *lan_addr, 1399 long msgid, 1400 unsigned char ipmb_seq, 1401 unsigned char source_lun) 1402 { 1403 /* Format the IPMB header data. */ 1404 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1405 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1406 smi_msg->data[2] = lan_addr->channel; 1407 smi_msg->data[3] = lan_addr->session_handle; 1408 smi_msg->data[4] = lan_addr->remote_SWID; 1409 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3); 1410 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2); 1411 smi_msg->data[7] = lan_addr->local_SWID; 1412 smi_msg->data[8] = (ipmb_seq << 2) | source_lun; 1413 smi_msg->data[9] = msg->cmd; 1414 1415 /* Now tack on the data to the message. */ 1416 if (msg->data_len > 0) 1417 memcpy(&(smi_msg->data[10]), msg->data, 1418 msg->data_len); 1419 smi_msg->data_size = msg->data_len + 10; 1420 1421 /* Now calculate the checksum and tack it on. */ 1422 smi_msg->data[smi_msg->data_size] 1423 = ipmb_checksum(&(smi_msg->data[7]), 1424 smi_msg->data_size-7); 1425 1426 /* 1427 * Add on the checksum size and the offset from the 1428 * broadcast. 1429 */ 1430 smi_msg->data_size += 1; 1431 1432 smi_msg->msgid = msgid; 1433 } 1434 1435 /* 1436 * Separate from ipmi_request so that the user does not have to be 1437 * supplied in certain circumstances (mainly at panic time). If 1438 * messages are supplied, they will be freed, even if an error 1439 * occurs. 1440 */ 1441 static int i_ipmi_request(ipmi_user_t user, 1442 ipmi_smi_t intf, 1443 struct ipmi_addr *addr, 1444 long msgid, 1445 struct kernel_ipmi_msg *msg, 1446 void *user_msg_data, 1447 void *supplied_smi, 1448 struct ipmi_recv_msg *supplied_recv, 1449 int priority, 1450 unsigned char source_address, 1451 unsigned char source_lun, 1452 int retries, 1453 unsigned int retry_time_ms) 1454 { 1455 int rv = 0; 1456 struct ipmi_smi_msg *smi_msg; 1457 struct ipmi_recv_msg *recv_msg; 1458 unsigned long flags; 1459 struct ipmi_smi_handlers *handlers; 1460 1461 1462 if (supplied_recv) 1463 recv_msg = supplied_recv; 1464 else { 1465 recv_msg = ipmi_alloc_recv_msg(); 1466 if (recv_msg == NULL) 1467 return -ENOMEM; 1468 } 1469 recv_msg->user_msg_data = user_msg_data; 1470 1471 if (supplied_smi) 1472 smi_msg = (struct ipmi_smi_msg *) supplied_smi; 1473 else { 1474 smi_msg = ipmi_alloc_smi_msg(); 1475 if (smi_msg == NULL) { 1476 ipmi_free_recv_msg(recv_msg); 1477 return -ENOMEM; 1478 } 1479 } 1480 1481 rcu_read_lock(); 1482 handlers = intf->handlers; 1483 if (!handlers) { 1484 rv = -ENODEV; 1485 goto out_err; 1486 } 1487 1488 recv_msg->user = user; 1489 if (user) 1490 kref_get(&user->refcount); 1491 recv_msg->msgid = msgid; 1492 /* 1493 * Store the message to send in the receive message so timeout 1494 * responses can get the proper response data. 1495 */ 1496 recv_msg->msg = *msg; 1497 1498 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 1499 struct ipmi_system_interface_addr *smi_addr; 1500 1501 if (msg->netfn & 1) { 1502 /* Responses are not allowed to the SMI. */ 1503 rv = -EINVAL; 1504 goto out_err; 1505 } 1506 1507 smi_addr = (struct ipmi_system_interface_addr *) addr; 1508 if (smi_addr->lun > 3) { 1509 ipmi_inc_stat(intf, sent_invalid_commands); 1510 rv = -EINVAL; 1511 goto out_err; 1512 } 1513 1514 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr)); 1515 1516 if ((msg->netfn == IPMI_NETFN_APP_REQUEST) 1517 && ((msg->cmd == IPMI_SEND_MSG_CMD) 1518 || (msg->cmd == IPMI_GET_MSG_CMD) 1519 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) { 1520 /* 1521 * We don't let the user do these, since we manage 1522 * the sequence numbers. 1523 */ 1524 ipmi_inc_stat(intf, sent_invalid_commands); 1525 rv = -EINVAL; 1526 goto out_err; 1527 } 1528 1529 if (((msg->netfn == IPMI_NETFN_APP_REQUEST) 1530 && ((msg->cmd == IPMI_COLD_RESET_CMD) 1531 || (msg->cmd == IPMI_WARM_RESET_CMD))) 1532 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST)) { 1533 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1534 intf->auto_maintenance_timeout 1535 = IPMI_MAINTENANCE_MODE_TIMEOUT; 1536 if (!intf->maintenance_mode 1537 && !intf->maintenance_mode_enable) { 1538 intf->maintenance_mode_enable = 1; 1539 maintenance_mode_update(intf); 1540 } 1541 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 1542 flags); 1543 } 1544 1545 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) { 1546 ipmi_inc_stat(intf, sent_invalid_commands); 1547 rv = -EMSGSIZE; 1548 goto out_err; 1549 } 1550 1551 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3); 1552 smi_msg->data[1] = msg->cmd; 1553 smi_msg->msgid = msgid; 1554 smi_msg->user_data = recv_msg; 1555 if (msg->data_len > 0) 1556 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len); 1557 smi_msg->data_size = msg->data_len + 2; 1558 ipmi_inc_stat(intf, sent_local_commands); 1559 } else if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) { 1560 struct ipmi_ipmb_addr *ipmb_addr; 1561 unsigned char ipmb_seq; 1562 long seqid; 1563 int broadcast = 0; 1564 1565 if (addr->channel >= IPMI_MAX_CHANNELS) { 1566 ipmi_inc_stat(intf, sent_invalid_commands); 1567 rv = -EINVAL; 1568 goto out_err; 1569 } 1570 1571 if (intf->channels[addr->channel].medium 1572 != IPMI_CHANNEL_MEDIUM_IPMB) { 1573 ipmi_inc_stat(intf, sent_invalid_commands); 1574 rv = -EINVAL; 1575 goto out_err; 1576 } 1577 1578 if (retries < 0) { 1579 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) 1580 retries = 0; /* Don't retry broadcasts. */ 1581 else 1582 retries = 4; 1583 } 1584 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) { 1585 /* 1586 * Broadcasts add a zero at the beginning of the 1587 * message, but otherwise is the same as an IPMB 1588 * address. 1589 */ 1590 addr->addr_type = IPMI_IPMB_ADDR_TYPE; 1591 broadcast = 1; 1592 } 1593 1594 1595 /* Default to 1 second retries. */ 1596 if (retry_time_ms == 0) 1597 retry_time_ms = 1000; 1598 1599 /* 1600 * 9 for the header and 1 for the checksum, plus 1601 * possibly one for the broadcast. 1602 */ 1603 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) { 1604 ipmi_inc_stat(intf, sent_invalid_commands); 1605 rv = -EMSGSIZE; 1606 goto out_err; 1607 } 1608 1609 ipmb_addr = (struct ipmi_ipmb_addr *) addr; 1610 if (ipmb_addr->lun > 3) { 1611 ipmi_inc_stat(intf, sent_invalid_commands); 1612 rv = -EINVAL; 1613 goto out_err; 1614 } 1615 1616 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr)); 1617 1618 if (recv_msg->msg.netfn & 0x1) { 1619 /* 1620 * It's a response, so use the user's sequence 1621 * from msgid. 1622 */ 1623 ipmi_inc_stat(intf, sent_ipmb_responses); 1624 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid, 1625 msgid, broadcast, 1626 source_address, source_lun); 1627 1628 /* 1629 * Save the receive message so we can use it 1630 * to deliver the response. 1631 */ 1632 smi_msg->user_data = recv_msg; 1633 } else { 1634 /* It's a command, so get a sequence for it. */ 1635 1636 spin_lock_irqsave(&(intf->seq_lock), flags); 1637 1638 /* 1639 * Create a sequence number with a 1 second 1640 * timeout and 4 retries. 1641 */ 1642 rv = intf_next_seq(intf, 1643 recv_msg, 1644 retry_time_ms, 1645 retries, 1646 broadcast, 1647 &ipmb_seq, 1648 &seqid); 1649 if (rv) { 1650 /* 1651 * We have used up all the sequence numbers, 1652 * probably, so abort. 1653 */ 1654 spin_unlock_irqrestore(&(intf->seq_lock), 1655 flags); 1656 goto out_err; 1657 } 1658 1659 ipmi_inc_stat(intf, sent_ipmb_commands); 1660 1661 /* 1662 * Store the sequence number in the message, 1663 * so that when the send message response 1664 * comes back we can start the timer. 1665 */ 1666 format_ipmb_msg(smi_msg, msg, ipmb_addr, 1667 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1668 ipmb_seq, broadcast, 1669 source_address, source_lun); 1670 1671 /* 1672 * Copy the message into the recv message data, so we 1673 * can retransmit it later if necessary. 1674 */ 1675 memcpy(recv_msg->msg_data, smi_msg->data, 1676 smi_msg->data_size); 1677 recv_msg->msg.data = recv_msg->msg_data; 1678 recv_msg->msg.data_len = smi_msg->data_size; 1679 1680 /* 1681 * We don't unlock until here, because we need 1682 * to copy the completed message into the 1683 * recv_msg before we release the lock. 1684 * Otherwise, race conditions may bite us. I 1685 * know that's pretty paranoid, but I prefer 1686 * to be correct. 1687 */ 1688 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1689 } 1690 } else if (is_lan_addr(addr)) { 1691 struct ipmi_lan_addr *lan_addr; 1692 unsigned char ipmb_seq; 1693 long seqid; 1694 1695 if (addr->channel >= IPMI_MAX_CHANNELS) { 1696 ipmi_inc_stat(intf, sent_invalid_commands); 1697 rv = -EINVAL; 1698 goto out_err; 1699 } 1700 1701 if ((intf->channels[addr->channel].medium 1702 != IPMI_CHANNEL_MEDIUM_8023LAN) 1703 && (intf->channels[addr->channel].medium 1704 != IPMI_CHANNEL_MEDIUM_ASYNC)) { 1705 ipmi_inc_stat(intf, sent_invalid_commands); 1706 rv = -EINVAL; 1707 goto out_err; 1708 } 1709 1710 retries = 4; 1711 1712 /* Default to 1 second retries. */ 1713 if (retry_time_ms == 0) 1714 retry_time_ms = 1000; 1715 1716 /* 11 for the header and 1 for the checksum. */ 1717 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) { 1718 ipmi_inc_stat(intf, sent_invalid_commands); 1719 rv = -EMSGSIZE; 1720 goto out_err; 1721 } 1722 1723 lan_addr = (struct ipmi_lan_addr *) addr; 1724 if (lan_addr->lun > 3) { 1725 ipmi_inc_stat(intf, sent_invalid_commands); 1726 rv = -EINVAL; 1727 goto out_err; 1728 } 1729 1730 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr)); 1731 1732 if (recv_msg->msg.netfn & 0x1) { 1733 /* 1734 * It's a response, so use the user's sequence 1735 * from msgid. 1736 */ 1737 ipmi_inc_stat(intf, sent_lan_responses); 1738 format_lan_msg(smi_msg, msg, lan_addr, msgid, 1739 msgid, source_lun); 1740 1741 /* 1742 * Save the receive message so we can use it 1743 * to deliver the response. 1744 */ 1745 smi_msg->user_data = recv_msg; 1746 } else { 1747 /* It's a command, so get a sequence for it. */ 1748 1749 spin_lock_irqsave(&(intf->seq_lock), flags); 1750 1751 /* 1752 * Create a sequence number with a 1 second 1753 * timeout and 4 retries. 1754 */ 1755 rv = intf_next_seq(intf, 1756 recv_msg, 1757 retry_time_ms, 1758 retries, 1759 0, 1760 &ipmb_seq, 1761 &seqid); 1762 if (rv) { 1763 /* 1764 * We have used up all the sequence numbers, 1765 * probably, so abort. 1766 */ 1767 spin_unlock_irqrestore(&(intf->seq_lock), 1768 flags); 1769 goto out_err; 1770 } 1771 1772 ipmi_inc_stat(intf, sent_lan_commands); 1773 1774 /* 1775 * Store the sequence number in the message, 1776 * so that when the send message response 1777 * comes back we can start the timer. 1778 */ 1779 format_lan_msg(smi_msg, msg, lan_addr, 1780 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1781 ipmb_seq, source_lun); 1782 1783 /* 1784 * Copy the message into the recv message data, so we 1785 * can retransmit it later if necessary. 1786 */ 1787 memcpy(recv_msg->msg_data, smi_msg->data, 1788 smi_msg->data_size); 1789 recv_msg->msg.data = recv_msg->msg_data; 1790 recv_msg->msg.data_len = smi_msg->data_size; 1791 1792 /* 1793 * We don't unlock until here, because we need 1794 * to copy the completed message into the 1795 * recv_msg before we release the lock. 1796 * Otherwise, race conditions may bite us. I 1797 * know that's pretty paranoid, but I prefer 1798 * to be correct. 1799 */ 1800 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1801 } 1802 } else { 1803 /* Unknown address type. */ 1804 ipmi_inc_stat(intf, sent_invalid_commands); 1805 rv = -EINVAL; 1806 goto out_err; 1807 } 1808 1809 #ifdef DEBUG_MSGING 1810 { 1811 int m; 1812 for (m = 0; m < smi_msg->data_size; m++) 1813 printk(" %2.2x", smi_msg->data[m]); 1814 printk("\n"); 1815 } 1816 #endif 1817 1818 handlers->sender(intf->send_info, smi_msg, priority); 1819 rcu_read_unlock(); 1820 1821 return 0; 1822 1823 out_err: 1824 rcu_read_unlock(); 1825 ipmi_free_smi_msg(smi_msg); 1826 ipmi_free_recv_msg(recv_msg); 1827 return rv; 1828 } 1829 1830 static int check_addr(ipmi_smi_t intf, 1831 struct ipmi_addr *addr, 1832 unsigned char *saddr, 1833 unsigned char *lun) 1834 { 1835 if (addr->channel >= IPMI_MAX_CHANNELS) 1836 return -EINVAL; 1837 *lun = intf->channels[addr->channel].lun; 1838 *saddr = intf->channels[addr->channel].address; 1839 return 0; 1840 } 1841 1842 int ipmi_request_settime(ipmi_user_t user, 1843 struct ipmi_addr *addr, 1844 long msgid, 1845 struct kernel_ipmi_msg *msg, 1846 void *user_msg_data, 1847 int priority, 1848 int retries, 1849 unsigned int retry_time_ms) 1850 { 1851 unsigned char saddr = 0, lun = 0; 1852 int rv; 1853 1854 if (!user) 1855 return -EINVAL; 1856 rv = check_addr(user->intf, addr, &saddr, &lun); 1857 if (rv) 1858 return rv; 1859 return i_ipmi_request(user, 1860 user->intf, 1861 addr, 1862 msgid, 1863 msg, 1864 user_msg_data, 1865 NULL, NULL, 1866 priority, 1867 saddr, 1868 lun, 1869 retries, 1870 retry_time_ms); 1871 } 1872 EXPORT_SYMBOL(ipmi_request_settime); 1873 1874 int ipmi_request_supply_msgs(ipmi_user_t user, 1875 struct ipmi_addr *addr, 1876 long msgid, 1877 struct kernel_ipmi_msg *msg, 1878 void *user_msg_data, 1879 void *supplied_smi, 1880 struct ipmi_recv_msg *supplied_recv, 1881 int priority) 1882 { 1883 unsigned char saddr = 0, lun = 0; 1884 int rv; 1885 1886 if (!user) 1887 return -EINVAL; 1888 rv = check_addr(user->intf, addr, &saddr, &lun); 1889 if (rv) 1890 return rv; 1891 return i_ipmi_request(user, 1892 user->intf, 1893 addr, 1894 msgid, 1895 msg, 1896 user_msg_data, 1897 supplied_smi, 1898 supplied_recv, 1899 priority, 1900 saddr, 1901 lun, 1902 -1, 0); 1903 } 1904 EXPORT_SYMBOL(ipmi_request_supply_msgs); 1905 1906 #ifdef CONFIG_PROC_FS 1907 static int smi_ipmb_proc_show(struct seq_file *m, void *v) 1908 { 1909 ipmi_smi_t intf = m->private; 1910 int i; 1911 1912 seq_printf(m, "%x", intf->channels[0].address); 1913 for (i = 1; i < IPMI_MAX_CHANNELS; i++) 1914 seq_printf(m, " %x", intf->channels[i].address); 1915 return seq_putc(m, '\n'); 1916 } 1917 1918 static int smi_ipmb_proc_open(struct inode *inode, struct file *file) 1919 { 1920 return single_open(file, smi_ipmb_proc_show, PDE_DATA(inode)); 1921 } 1922 1923 static const struct file_operations smi_ipmb_proc_ops = { 1924 .open = smi_ipmb_proc_open, 1925 .read = seq_read, 1926 .llseek = seq_lseek, 1927 .release = single_release, 1928 }; 1929 1930 static int smi_version_proc_show(struct seq_file *m, void *v) 1931 { 1932 ipmi_smi_t intf = m->private; 1933 1934 return seq_printf(m, "%u.%u\n", 1935 ipmi_version_major(&intf->bmc->id), 1936 ipmi_version_minor(&intf->bmc->id)); 1937 } 1938 1939 static int smi_version_proc_open(struct inode *inode, struct file *file) 1940 { 1941 return single_open(file, smi_version_proc_show, PDE_DATA(inode)); 1942 } 1943 1944 static const struct file_operations smi_version_proc_ops = { 1945 .open = smi_version_proc_open, 1946 .read = seq_read, 1947 .llseek = seq_lseek, 1948 .release = single_release, 1949 }; 1950 1951 static int smi_stats_proc_show(struct seq_file *m, void *v) 1952 { 1953 ipmi_smi_t intf = m->private; 1954 1955 seq_printf(m, "sent_invalid_commands: %u\n", 1956 ipmi_get_stat(intf, sent_invalid_commands)); 1957 seq_printf(m, "sent_local_commands: %u\n", 1958 ipmi_get_stat(intf, sent_local_commands)); 1959 seq_printf(m, "handled_local_responses: %u\n", 1960 ipmi_get_stat(intf, handled_local_responses)); 1961 seq_printf(m, "unhandled_local_responses: %u\n", 1962 ipmi_get_stat(intf, unhandled_local_responses)); 1963 seq_printf(m, "sent_ipmb_commands: %u\n", 1964 ipmi_get_stat(intf, sent_ipmb_commands)); 1965 seq_printf(m, "sent_ipmb_command_errs: %u\n", 1966 ipmi_get_stat(intf, sent_ipmb_command_errs)); 1967 seq_printf(m, "retransmitted_ipmb_commands: %u\n", 1968 ipmi_get_stat(intf, retransmitted_ipmb_commands)); 1969 seq_printf(m, "timed_out_ipmb_commands: %u\n", 1970 ipmi_get_stat(intf, timed_out_ipmb_commands)); 1971 seq_printf(m, "timed_out_ipmb_broadcasts: %u\n", 1972 ipmi_get_stat(intf, timed_out_ipmb_broadcasts)); 1973 seq_printf(m, "sent_ipmb_responses: %u\n", 1974 ipmi_get_stat(intf, sent_ipmb_responses)); 1975 seq_printf(m, "handled_ipmb_responses: %u\n", 1976 ipmi_get_stat(intf, handled_ipmb_responses)); 1977 seq_printf(m, "invalid_ipmb_responses: %u\n", 1978 ipmi_get_stat(intf, invalid_ipmb_responses)); 1979 seq_printf(m, "unhandled_ipmb_responses: %u\n", 1980 ipmi_get_stat(intf, unhandled_ipmb_responses)); 1981 seq_printf(m, "sent_lan_commands: %u\n", 1982 ipmi_get_stat(intf, sent_lan_commands)); 1983 seq_printf(m, "sent_lan_command_errs: %u\n", 1984 ipmi_get_stat(intf, sent_lan_command_errs)); 1985 seq_printf(m, "retransmitted_lan_commands: %u\n", 1986 ipmi_get_stat(intf, retransmitted_lan_commands)); 1987 seq_printf(m, "timed_out_lan_commands: %u\n", 1988 ipmi_get_stat(intf, timed_out_lan_commands)); 1989 seq_printf(m, "sent_lan_responses: %u\n", 1990 ipmi_get_stat(intf, sent_lan_responses)); 1991 seq_printf(m, "handled_lan_responses: %u\n", 1992 ipmi_get_stat(intf, handled_lan_responses)); 1993 seq_printf(m, "invalid_lan_responses: %u\n", 1994 ipmi_get_stat(intf, invalid_lan_responses)); 1995 seq_printf(m, "unhandled_lan_responses: %u\n", 1996 ipmi_get_stat(intf, unhandled_lan_responses)); 1997 seq_printf(m, "handled_commands: %u\n", 1998 ipmi_get_stat(intf, handled_commands)); 1999 seq_printf(m, "invalid_commands: %u\n", 2000 ipmi_get_stat(intf, invalid_commands)); 2001 seq_printf(m, "unhandled_commands: %u\n", 2002 ipmi_get_stat(intf, unhandled_commands)); 2003 seq_printf(m, "invalid_events: %u\n", 2004 ipmi_get_stat(intf, invalid_events)); 2005 seq_printf(m, "events: %u\n", 2006 ipmi_get_stat(intf, events)); 2007 seq_printf(m, "failed rexmit LAN msgs: %u\n", 2008 ipmi_get_stat(intf, dropped_rexmit_lan_commands)); 2009 seq_printf(m, "failed rexmit IPMB msgs: %u\n", 2010 ipmi_get_stat(intf, dropped_rexmit_ipmb_commands)); 2011 return 0; 2012 } 2013 2014 static int smi_stats_proc_open(struct inode *inode, struct file *file) 2015 { 2016 return single_open(file, smi_stats_proc_show, PDE_DATA(inode)); 2017 } 2018 2019 static const struct file_operations smi_stats_proc_ops = { 2020 .open = smi_stats_proc_open, 2021 .read = seq_read, 2022 .llseek = seq_lseek, 2023 .release = single_release, 2024 }; 2025 #endif /* CONFIG_PROC_FS */ 2026 2027 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name, 2028 const struct file_operations *proc_ops, 2029 void *data) 2030 { 2031 int rv = 0; 2032 #ifdef CONFIG_PROC_FS 2033 struct proc_dir_entry *file; 2034 struct ipmi_proc_entry *entry; 2035 2036 /* Create a list element. */ 2037 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 2038 if (!entry) 2039 return -ENOMEM; 2040 entry->name = kstrdup(name, GFP_KERNEL); 2041 if (!entry->name) { 2042 kfree(entry); 2043 return -ENOMEM; 2044 } 2045 2046 file = proc_create_data(name, 0, smi->proc_dir, proc_ops, data); 2047 if (!file) { 2048 kfree(entry->name); 2049 kfree(entry); 2050 rv = -ENOMEM; 2051 } else { 2052 mutex_lock(&smi->proc_entry_lock); 2053 /* Stick it on the list. */ 2054 entry->next = smi->proc_entries; 2055 smi->proc_entries = entry; 2056 mutex_unlock(&smi->proc_entry_lock); 2057 } 2058 #endif /* CONFIG_PROC_FS */ 2059 2060 return rv; 2061 } 2062 EXPORT_SYMBOL(ipmi_smi_add_proc_entry); 2063 2064 static int add_proc_entries(ipmi_smi_t smi, int num) 2065 { 2066 int rv = 0; 2067 2068 #ifdef CONFIG_PROC_FS 2069 sprintf(smi->proc_dir_name, "%d", num); 2070 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root); 2071 if (!smi->proc_dir) 2072 rv = -ENOMEM; 2073 2074 if (rv == 0) 2075 rv = ipmi_smi_add_proc_entry(smi, "stats", 2076 &smi_stats_proc_ops, 2077 smi); 2078 2079 if (rv == 0) 2080 rv = ipmi_smi_add_proc_entry(smi, "ipmb", 2081 &smi_ipmb_proc_ops, 2082 smi); 2083 2084 if (rv == 0) 2085 rv = ipmi_smi_add_proc_entry(smi, "version", 2086 &smi_version_proc_ops, 2087 smi); 2088 #endif /* CONFIG_PROC_FS */ 2089 2090 return rv; 2091 } 2092 2093 static void remove_proc_entries(ipmi_smi_t smi) 2094 { 2095 #ifdef CONFIG_PROC_FS 2096 struct ipmi_proc_entry *entry; 2097 2098 mutex_lock(&smi->proc_entry_lock); 2099 while (smi->proc_entries) { 2100 entry = smi->proc_entries; 2101 smi->proc_entries = entry->next; 2102 2103 remove_proc_entry(entry->name, smi->proc_dir); 2104 kfree(entry->name); 2105 kfree(entry); 2106 } 2107 mutex_unlock(&smi->proc_entry_lock); 2108 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root); 2109 #endif /* CONFIG_PROC_FS */ 2110 } 2111 2112 static int __find_bmc_guid(struct device *dev, void *data) 2113 { 2114 unsigned char *id = data; 2115 struct bmc_device *bmc = dev_get_drvdata(dev); 2116 return memcmp(bmc->guid, id, 16) == 0; 2117 } 2118 2119 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv, 2120 unsigned char *guid) 2121 { 2122 struct device *dev; 2123 2124 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid); 2125 if (dev) 2126 return dev_get_drvdata(dev); 2127 else 2128 return NULL; 2129 } 2130 2131 struct prod_dev_id { 2132 unsigned int product_id; 2133 unsigned char device_id; 2134 }; 2135 2136 static int __find_bmc_prod_dev_id(struct device *dev, void *data) 2137 { 2138 struct prod_dev_id *id = data; 2139 struct bmc_device *bmc = dev_get_drvdata(dev); 2140 2141 return (bmc->id.product_id == id->product_id 2142 && bmc->id.device_id == id->device_id); 2143 } 2144 2145 static struct bmc_device *ipmi_find_bmc_prod_dev_id( 2146 struct device_driver *drv, 2147 unsigned int product_id, unsigned char device_id) 2148 { 2149 struct prod_dev_id id = { 2150 .product_id = product_id, 2151 .device_id = device_id, 2152 }; 2153 struct device *dev; 2154 2155 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id); 2156 if (dev) 2157 return dev_get_drvdata(dev); 2158 else 2159 return NULL; 2160 } 2161 2162 static ssize_t device_id_show(struct device *dev, 2163 struct device_attribute *attr, 2164 char *buf) 2165 { 2166 struct bmc_device *bmc = dev_get_drvdata(dev); 2167 2168 return snprintf(buf, 10, "%u\n", bmc->id.device_id); 2169 } 2170 2171 static ssize_t provides_dev_sdrs_show(struct device *dev, 2172 struct device_attribute *attr, 2173 char *buf) 2174 { 2175 struct bmc_device *bmc = dev_get_drvdata(dev); 2176 2177 return snprintf(buf, 10, "%u\n", 2178 (bmc->id.device_revision & 0x80) >> 7); 2179 } 2180 2181 static ssize_t revision_show(struct device *dev, struct device_attribute *attr, 2182 char *buf) 2183 { 2184 struct bmc_device *bmc = dev_get_drvdata(dev); 2185 2186 return snprintf(buf, 20, "%u\n", 2187 bmc->id.device_revision & 0x0F); 2188 } 2189 2190 static ssize_t firmware_rev_show(struct device *dev, 2191 struct device_attribute *attr, 2192 char *buf) 2193 { 2194 struct bmc_device *bmc = dev_get_drvdata(dev); 2195 2196 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1, 2197 bmc->id.firmware_revision_2); 2198 } 2199 2200 static ssize_t ipmi_version_show(struct device *dev, 2201 struct device_attribute *attr, 2202 char *buf) 2203 { 2204 struct bmc_device *bmc = dev_get_drvdata(dev); 2205 2206 return snprintf(buf, 20, "%u.%u\n", 2207 ipmi_version_major(&bmc->id), 2208 ipmi_version_minor(&bmc->id)); 2209 } 2210 2211 static ssize_t add_dev_support_show(struct device *dev, 2212 struct device_attribute *attr, 2213 char *buf) 2214 { 2215 struct bmc_device *bmc = dev_get_drvdata(dev); 2216 2217 return snprintf(buf, 10, "0x%02x\n", 2218 bmc->id.additional_device_support); 2219 } 2220 2221 static ssize_t manufacturer_id_show(struct device *dev, 2222 struct device_attribute *attr, 2223 char *buf) 2224 { 2225 struct bmc_device *bmc = dev_get_drvdata(dev); 2226 2227 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id); 2228 } 2229 2230 static ssize_t product_id_show(struct device *dev, 2231 struct device_attribute *attr, 2232 char *buf) 2233 { 2234 struct bmc_device *bmc = dev_get_drvdata(dev); 2235 2236 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id); 2237 } 2238 2239 static ssize_t aux_firmware_rev_show(struct device *dev, 2240 struct device_attribute *attr, 2241 char *buf) 2242 { 2243 struct bmc_device *bmc = dev_get_drvdata(dev); 2244 2245 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n", 2246 bmc->id.aux_firmware_revision[3], 2247 bmc->id.aux_firmware_revision[2], 2248 bmc->id.aux_firmware_revision[1], 2249 bmc->id.aux_firmware_revision[0]); 2250 } 2251 2252 static ssize_t guid_show(struct device *dev, struct device_attribute *attr, 2253 char *buf) 2254 { 2255 struct bmc_device *bmc = dev_get_drvdata(dev); 2256 2257 return snprintf(buf, 100, "%Lx%Lx\n", 2258 (long long) bmc->guid[0], 2259 (long long) bmc->guid[8]); 2260 } 2261 2262 static void remove_files(struct bmc_device *bmc) 2263 { 2264 if (!bmc->dev) 2265 return; 2266 2267 device_remove_file(&bmc->dev->dev, 2268 &bmc->device_id_attr); 2269 device_remove_file(&bmc->dev->dev, 2270 &bmc->provides_dev_sdrs_attr); 2271 device_remove_file(&bmc->dev->dev, 2272 &bmc->revision_attr); 2273 device_remove_file(&bmc->dev->dev, 2274 &bmc->firmware_rev_attr); 2275 device_remove_file(&bmc->dev->dev, 2276 &bmc->version_attr); 2277 device_remove_file(&bmc->dev->dev, 2278 &bmc->add_dev_support_attr); 2279 device_remove_file(&bmc->dev->dev, 2280 &bmc->manufacturer_id_attr); 2281 device_remove_file(&bmc->dev->dev, 2282 &bmc->product_id_attr); 2283 2284 if (bmc->id.aux_firmware_revision_set) 2285 device_remove_file(&bmc->dev->dev, 2286 &bmc->aux_firmware_rev_attr); 2287 if (bmc->guid_set) 2288 device_remove_file(&bmc->dev->dev, 2289 &bmc->guid_attr); 2290 } 2291 2292 static void 2293 cleanup_bmc_device(struct kref *ref) 2294 { 2295 struct bmc_device *bmc; 2296 2297 bmc = container_of(ref, struct bmc_device, refcount); 2298 2299 remove_files(bmc); 2300 platform_device_unregister(bmc->dev); 2301 kfree(bmc); 2302 } 2303 2304 static void ipmi_bmc_unregister(ipmi_smi_t intf) 2305 { 2306 struct bmc_device *bmc = intf->bmc; 2307 2308 if (intf->sysfs_name) { 2309 sysfs_remove_link(&intf->si_dev->kobj, intf->sysfs_name); 2310 kfree(intf->sysfs_name); 2311 intf->sysfs_name = NULL; 2312 } 2313 if (intf->my_dev_name) { 2314 sysfs_remove_link(&bmc->dev->dev.kobj, intf->my_dev_name); 2315 kfree(intf->my_dev_name); 2316 intf->my_dev_name = NULL; 2317 } 2318 2319 mutex_lock(&ipmidriver_mutex); 2320 kref_put(&bmc->refcount, cleanup_bmc_device); 2321 intf->bmc = NULL; 2322 mutex_unlock(&ipmidriver_mutex); 2323 } 2324 2325 static int create_files(struct bmc_device *bmc) 2326 { 2327 int err; 2328 2329 bmc->device_id_attr.attr.name = "device_id"; 2330 bmc->device_id_attr.attr.mode = S_IRUGO; 2331 bmc->device_id_attr.show = device_id_show; 2332 sysfs_attr_init(&bmc->device_id_attr.attr); 2333 2334 bmc->provides_dev_sdrs_attr.attr.name = "provides_device_sdrs"; 2335 bmc->provides_dev_sdrs_attr.attr.mode = S_IRUGO; 2336 bmc->provides_dev_sdrs_attr.show = provides_dev_sdrs_show; 2337 sysfs_attr_init(&bmc->provides_dev_sdrs_attr.attr); 2338 2339 bmc->revision_attr.attr.name = "revision"; 2340 bmc->revision_attr.attr.mode = S_IRUGO; 2341 bmc->revision_attr.show = revision_show; 2342 sysfs_attr_init(&bmc->revision_attr.attr); 2343 2344 bmc->firmware_rev_attr.attr.name = "firmware_revision"; 2345 bmc->firmware_rev_attr.attr.mode = S_IRUGO; 2346 bmc->firmware_rev_attr.show = firmware_rev_show; 2347 sysfs_attr_init(&bmc->firmware_rev_attr.attr); 2348 2349 bmc->version_attr.attr.name = "ipmi_version"; 2350 bmc->version_attr.attr.mode = S_IRUGO; 2351 bmc->version_attr.show = ipmi_version_show; 2352 sysfs_attr_init(&bmc->version_attr.attr); 2353 2354 bmc->add_dev_support_attr.attr.name = "additional_device_support"; 2355 bmc->add_dev_support_attr.attr.mode = S_IRUGO; 2356 bmc->add_dev_support_attr.show = add_dev_support_show; 2357 sysfs_attr_init(&bmc->add_dev_support_attr.attr); 2358 2359 bmc->manufacturer_id_attr.attr.name = "manufacturer_id"; 2360 bmc->manufacturer_id_attr.attr.mode = S_IRUGO; 2361 bmc->manufacturer_id_attr.show = manufacturer_id_show; 2362 sysfs_attr_init(&bmc->manufacturer_id_attr.attr); 2363 2364 bmc->product_id_attr.attr.name = "product_id"; 2365 bmc->product_id_attr.attr.mode = S_IRUGO; 2366 bmc->product_id_attr.show = product_id_show; 2367 sysfs_attr_init(&bmc->product_id_attr.attr); 2368 2369 bmc->guid_attr.attr.name = "guid"; 2370 bmc->guid_attr.attr.mode = S_IRUGO; 2371 bmc->guid_attr.show = guid_show; 2372 sysfs_attr_init(&bmc->guid_attr.attr); 2373 2374 bmc->aux_firmware_rev_attr.attr.name = "aux_firmware_revision"; 2375 bmc->aux_firmware_rev_attr.attr.mode = S_IRUGO; 2376 bmc->aux_firmware_rev_attr.show = aux_firmware_rev_show; 2377 sysfs_attr_init(&bmc->aux_firmware_rev_attr.attr); 2378 2379 err = device_create_file(&bmc->dev->dev, 2380 &bmc->device_id_attr); 2381 if (err) 2382 goto out; 2383 err = device_create_file(&bmc->dev->dev, 2384 &bmc->provides_dev_sdrs_attr); 2385 if (err) 2386 goto out_devid; 2387 err = device_create_file(&bmc->dev->dev, 2388 &bmc->revision_attr); 2389 if (err) 2390 goto out_sdrs; 2391 err = device_create_file(&bmc->dev->dev, 2392 &bmc->firmware_rev_attr); 2393 if (err) 2394 goto out_rev; 2395 err = device_create_file(&bmc->dev->dev, 2396 &bmc->version_attr); 2397 if (err) 2398 goto out_firm; 2399 err = device_create_file(&bmc->dev->dev, 2400 &bmc->add_dev_support_attr); 2401 if (err) 2402 goto out_version; 2403 err = device_create_file(&bmc->dev->dev, 2404 &bmc->manufacturer_id_attr); 2405 if (err) 2406 goto out_add_dev; 2407 err = device_create_file(&bmc->dev->dev, 2408 &bmc->product_id_attr); 2409 if (err) 2410 goto out_manu; 2411 if (bmc->id.aux_firmware_revision_set) { 2412 err = device_create_file(&bmc->dev->dev, 2413 &bmc->aux_firmware_rev_attr); 2414 if (err) 2415 goto out_prod_id; 2416 } 2417 if (bmc->guid_set) { 2418 err = device_create_file(&bmc->dev->dev, 2419 &bmc->guid_attr); 2420 if (err) 2421 goto out_aux_firm; 2422 } 2423 2424 return 0; 2425 2426 out_aux_firm: 2427 if (bmc->id.aux_firmware_revision_set) 2428 device_remove_file(&bmc->dev->dev, 2429 &bmc->aux_firmware_rev_attr); 2430 out_prod_id: 2431 device_remove_file(&bmc->dev->dev, 2432 &bmc->product_id_attr); 2433 out_manu: 2434 device_remove_file(&bmc->dev->dev, 2435 &bmc->manufacturer_id_attr); 2436 out_add_dev: 2437 device_remove_file(&bmc->dev->dev, 2438 &bmc->add_dev_support_attr); 2439 out_version: 2440 device_remove_file(&bmc->dev->dev, 2441 &bmc->version_attr); 2442 out_firm: 2443 device_remove_file(&bmc->dev->dev, 2444 &bmc->firmware_rev_attr); 2445 out_rev: 2446 device_remove_file(&bmc->dev->dev, 2447 &bmc->revision_attr); 2448 out_sdrs: 2449 device_remove_file(&bmc->dev->dev, 2450 &bmc->provides_dev_sdrs_attr); 2451 out_devid: 2452 device_remove_file(&bmc->dev->dev, 2453 &bmc->device_id_attr); 2454 out: 2455 return err; 2456 } 2457 2458 static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum, 2459 const char *sysfs_name) 2460 { 2461 int rv; 2462 struct bmc_device *bmc = intf->bmc; 2463 struct bmc_device *old_bmc; 2464 int size; 2465 char dummy[1]; 2466 2467 mutex_lock(&ipmidriver_mutex); 2468 2469 /* 2470 * Try to find if there is an bmc_device struct 2471 * representing the interfaced BMC already 2472 */ 2473 if (bmc->guid_set) 2474 old_bmc = ipmi_find_bmc_guid(&ipmidriver.driver, bmc->guid); 2475 else 2476 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver, 2477 bmc->id.product_id, 2478 bmc->id.device_id); 2479 2480 /* 2481 * If there is already an bmc_device, free the new one, 2482 * otherwise register the new BMC device 2483 */ 2484 if (old_bmc) { 2485 kfree(bmc); 2486 intf->bmc = old_bmc; 2487 bmc = old_bmc; 2488 2489 kref_get(&bmc->refcount); 2490 mutex_unlock(&ipmidriver_mutex); 2491 2492 printk(KERN_INFO 2493 "ipmi: interfacing existing BMC (man_id: 0x%6.6x," 2494 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2495 bmc->id.manufacturer_id, 2496 bmc->id.product_id, 2497 bmc->id.device_id); 2498 } else { 2499 char name[14]; 2500 unsigned char orig_dev_id = bmc->id.device_id; 2501 int warn_printed = 0; 2502 2503 snprintf(name, sizeof(name), 2504 "ipmi_bmc.%4.4x", bmc->id.product_id); 2505 2506 while (ipmi_find_bmc_prod_dev_id(&ipmidriver.driver, 2507 bmc->id.product_id, 2508 bmc->id.device_id)) { 2509 if (!warn_printed) { 2510 printk(KERN_WARNING PFX 2511 "This machine has two different BMCs" 2512 " with the same product id and device" 2513 " id. This is an error in the" 2514 " firmware, but incrementing the" 2515 " device id to work around the problem." 2516 " Prod ID = 0x%x, Dev ID = 0x%x\n", 2517 bmc->id.product_id, bmc->id.device_id); 2518 warn_printed = 1; 2519 } 2520 bmc->id.device_id++; /* Wraps at 255 */ 2521 if (bmc->id.device_id == orig_dev_id) { 2522 printk(KERN_ERR PFX 2523 "Out of device ids!\n"); 2524 break; 2525 } 2526 } 2527 2528 bmc->dev = platform_device_alloc(name, bmc->id.device_id); 2529 if (!bmc->dev) { 2530 mutex_unlock(&ipmidriver_mutex); 2531 printk(KERN_ERR 2532 "ipmi_msghandler:" 2533 " Unable to allocate platform device\n"); 2534 return -ENOMEM; 2535 } 2536 bmc->dev->dev.driver = &ipmidriver.driver; 2537 dev_set_drvdata(&bmc->dev->dev, bmc); 2538 kref_init(&bmc->refcount); 2539 2540 rv = platform_device_add(bmc->dev); 2541 mutex_unlock(&ipmidriver_mutex); 2542 if (rv) { 2543 platform_device_put(bmc->dev); 2544 bmc->dev = NULL; 2545 printk(KERN_ERR 2546 "ipmi_msghandler:" 2547 " Unable to register bmc device: %d\n", 2548 rv); 2549 /* 2550 * Don't go to out_err, you can only do that if 2551 * the device is registered already. 2552 */ 2553 return rv; 2554 } 2555 2556 rv = create_files(bmc); 2557 if (rv) { 2558 mutex_lock(&ipmidriver_mutex); 2559 platform_device_unregister(bmc->dev); 2560 mutex_unlock(&ipmidriver_mutex); 2561 2562 return rv; 2563 } 2564 2565 dev_info(intf->si_dev, "Found new BMC (man_id: 0x%6.6x, " 2566 "prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2567 bmc->id.manufacturer_id, 2568 bmc->id.product_id, 2569 bmc->id.device_id); 2570 } 2571 2572 /* 2573 * create symlink from system interface device to bmc device 2574 * and back. 2575 */ 2576 intf->sysfs_name = kstrdup(sysfs_name, GFP_KERNEL); 2577 if (!intf->sysfs_name) { 2578 rv = -ENOMEM; 2579 printk(KERN_ERR 2580 "ipmi_msghandler: allocate link to BMC: %d\n", 2581 rv); 2582 goto out_err; 2583 } 2584 2585 rv = sysfs_create_link(&intf->si_dev->kobj, 2586 &bmc->dev->dev.kobj, intf->sysfs_name); 2587 if (rv) { 2588 kfree(intf->sysfs_name); 2589 intf->sysfs_name = NULL; 2590 printk(KERN_ERR 2591 "ipmi_msghandler: Unable to create bmc symlink: %d\n", 2592 rv); 2593 goto out_err; 2594 } 2595 2596 size = snprintf(dummy, 0, "ipmi%d", ifnum); 2597 intf->my_dev_name = kmalloc(size+1, GFP_KERNEL); 2598 if (!intf->my_dev_name) { 2599 kfree(intf->sysfs_name); 2600 intf->sysfs_name = NULL; 2601 rv = -ENOMEM; 2602 printk(KERN_ERR 2603 "ipmi_msghandler: allocate link from BMC: %d\n", 2604 rv); 2605 goto out_err; 2606 } 2607 snprintf(intf->my_dev_name, size+1, "ipmi%d", ifnum); 2608 2609 rv = sysfs_create_link(&bmc->dev->dev.kobj, &intf->si_dev->kobj, 2610 intf->my_dev_name); 2611 if (rv) { 2612 kfree(intf->sysfs_name); 2613 intf->sysfs_name = NULL; 2614 kfree(intf->my_dev_name); 2615 intf->my_dev_name = NULL; 2616 printk(KERN_ERR 2617 "ipmi_msghandler:" 2618 " Unable to create symlink to bmc: %d\n", 2619 rv); 2620 goto out_err; 2621 } 2622 2623 return 0; 2624 2625 out_err: 2626 ipmi_bmc_unregister(intf); 2627 return rv; 2628 } 2629 2630 static int 2631 send_guid_cmd(ipmi_smi_t intf, int chan) 2632 { 2633 struct kernel_ipmi_msg msg; 2634 struct ipmi_system_interface_addr si; 2635 2636 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2637 si.channel = IPMI_BMC_CHANNEL; 2638 si.lun = 0; 2639 2640 msg.netfn = IPMI_NETFN_APP_REQUEST; 2641 msg.cmd = IPMI_GET_DEVICE_GUID_CMD; 2642 msg.data = NULL; 2643 msg.data_len = 0; 2644 return i_ipmi_request(NULL, 2645 intf, 2646 (struct ipmi_addr *) &si, 2647 0, 2648 &msg, 2649 intf, 2650 NULL, 2651 NULL, 2652 0, 2653 intf->channels[0].address, 2654 intf->channels[0].lun, 2655 -1, 0); 2656 } 2657 2658 static void 2659 guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2660 { 2661 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2662 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE) 2663 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD)) 2664 /* Not for me */ 2665 return; 2666 2667 if (msg->msg.data[0] != 0) { 2668 /* Error from getting the GUID, the BMC doesn't have one. */ 2669 intf->bmc->guid_set = 0; 2670 goto out; 2671 } 2672 2673 if (msg->msg.data_len < 17) { 2674 intf->bmc->guid_set = 0; 2675 printk(KERN_WARNING PFX 2676 "guid_handler: The GUID response from the BMC was too" 2677 " short, it was %d but should have been 17. Assuming" 2678 " GUID is not available.\n", 2679 msg->msg.data_len); 2680 goto out; 2681 } 2682 2683 memcpy(intf->bmc->guid, msg->msg.data, 16); 2684 intf->bmc->guid_set = 1; 2685 out: 2686 wake_up(&intf->waitq); 2687 } 2688 2689 static void 2690 get_guid(ipmi_smi_t intf) 2691 { 2692 int rv; 2693 2694 intf->bmc->guid_set = 0x2; 2695 intf->null_user_handler = guid_handler; 2696 rv = send_guid_cmd(intf, 0); 2697 if (rv) 2698 /* Send failed, no GUID available. */ 2699 intf->bmc->guid_set = 0; 2700 wait_event(intf->waitq, intf->bmc->guid_set != 2); 2701 intf->null_user_handler = NULL; 2702 } 2703 2704 static int 2705 send_channel_info_cmd(ipmi_smi_t intf, int chan) 2706 { 2707 struct kernel_ipmi_msg msg; 2708 unsigned char data[1]; 2709 struct ipmi_system_interface_addr si; 2710 2711 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2712 si.channel = IPMI_BMC_CHANNEL; 2713 si.lun = 0; 2714 2715 msg.netfn = IPMI_NETFN_APP_REQUEST; 2716 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD; 2717 msg.data = data; 2718 msg.data_len = 1; 2719 data[0] = chan; 2720 return i_ipmi_request(NULL, 2721 intf, 2722 (struct ipmi_addr *) &si, 2723 0, 2724 &msg, 2725 intf, 2726 NULL, 2727 NULL, 2728 0, 2729 intf->channels[0].address, 2730 intf->channels[0].lun, 2731 -1, 0); 2732 } 2733 2734 static void 2735 channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2736 { 2737 int rv = 0; 2738 int chan; 2739 2740 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2741 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 2742 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) { 2743 /* It's the one we want */ 2744 if (msg->msg.data[0] != 0) { 2745 /* Got an error from the channel, just go on. */ 2746 2747 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) { 2748 /* 2749 * If the MC does not support this 2750 * command, that is legal. We just 2751 * assume it has one IPMB at channel 2752 * zero. 2753 */ 2754 intf->channels[0].medium 2755 = IPMI_CHANNEL_MEDIUM_IPMB; 2756 intf->channels[0].protocol 2757 = IPMI_CHANNEL_PROTOCOL_IPMB; 2758 rv = -ENOSYS; 2759 2760 intf->curr_channel = IPMI_MAX_CHANNELS; 2761 wake_up(&intf->waitq); 2762 goto out; 2763 } 2764 goto next_channel; 2765 } 2766 if (msg->msg.data_len < 4) { 2767 /* Message not big enough, just go on. */ 2768 goto next_channel; 2769 } 2770 chan = intf->curr_channel; 2771 intf->channels[chan].medium = msg->msg.data[2] & 0x7f; 2772 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f; 2773 2774 next_channel: 2775 intf->curr_channel++; 2776 if (intf->curr_channel >= IPMI_MAX_CHANNELS) 2777 wake_up(&intf->waitq); 2778 else 2779 rv = send_channel_info_cmd(intf, intf->curr_channel); 2780 2781 if (rv) { 2782 /* Got an error somehow, just give up. */ 2783 intf->curr_channel = IPMI_MAX_CHANNELS; 2784 wake_up(&intf->waitq); 2785 2786 printk(KERN_WARNING PFX 2787 "Error sending channel information: %d\n", 2788 rv); 2789 } 2790 } 2791 out: 2792 return; 2793 } 2794 2795 static void ipmi_poll(ipmi_smi_t intf) 2796 { 2797 if (intf->handlers->poll) 2798 intf->handlers->poll(intf->send_info); 2799 /* In case something came in */ 2800 handle_new_recv_msgs(intf); 2801 } 2802 2803 void ipmi_poll_interface(ipmi_user_t user) 2804 { 2805 ipmi_poll(user->intf); 2806 } 2807 EXPORT_SYMBOL(ipmi_poll_interface); 2808 2809 int ipmi_register_smi(struct ipmi_smi_handlers *handlers, 2810 void *send_info, 2811 struct ipmi_device_id *device_id, 2812 struct device *si_dev, 2813 const char *sysfs_name, 2814 unsigned char slave_addr) 2815 { 2816 int i, j; 2817 int rv; 2818 ipmi_smi_t intf; 2819 ipmi_smi_t tintf; 2820 struct list_head *link; 2821 2822 /* 2823 * Make sure the driver is actually initialized, this handles 2824 * problems with initialization order. 2825 */ 2826 if (!initialized) { 2827 rv = ipmi_init_msghandler(); 2828 if (rv) 2829 return rv; 2830 /* 2831 * The init code doesn't return an error if it was turned 2832 * off, but it won't initialize. Check that. 2833 */ 2834 if (!initialized) 2835 return -ENODEV; 2836 } 2837 2838 intf = kzalloc(sizeof(*intf), GFP_KERNEL); 2839 if (!intf) 2840 return -ENOMEM; 2841 2842 intf->ipmi_version_major = ipmi_version_major(device_id); 2843 intf->ipmi_version_minor = ipmi_version_minor(device_id); 2844 2845 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL); 2846 if (!intf->bmc) { 2847 kfree(intf); 2848 return -ENOMEM; 2849 } 2850 intf->intf_num = -1; /* Mark it invalid for now. */ 2851 kref_init(&intf->refcount); 2852 intf->bmc->id = *device_id; 2853 intf->si_dev = si_dev; 2854 for (j = 0; j < IPMI_MAX_CHANNELS; j++) { 2855 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR; 2856 intf->channels[j].lun = 2; 2857 } 2858 if (slave_addr != 0) 2859 intf->channels[0].address = slave_addr; 2860 INIT_LIST_HEAD(&intf->users); 2861 intf->handlers = handlers; 2862 intf->send_info = send_info; 2863 spin_lock_init(&intf->seq_lock); 2864 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) { 2865 intf->seq_table[j].inuse = 0; 2866 intf->seq_table[j].seqid = 0; 2867 } 2868 intf->curr_seq = 0; 2869 #ifdef CONFIG_PROC_FS 2870 mutex_init(&intf->proc_entry_lock); 2871 #endif 2872 spin_lock_init(&intf->waiting_msgs_lock); 2873 INIT_LIST_HEAD(&intf->waiting_msgs); 2874 tasklet_init(&intf->recv_tasklet, 2875 smi_recv_tasklet, 2876 (unsigned long) intf); 2877 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 0); 2878 spin_lock_init(&intf->events_lock); 2879 INIT_LIST_HEAD(&intf->waiting_events); 2880 intf->waiting_events_count = 0; 2881 mutex_init(&intf->cmd_rcvrs_mutex); 2882 spin_lock_init(&intf->maintenance_mode_lock); 2883 INIT_LIST_HEAD(&intf->cmd_rcvrs); 2884 init_waitqueue_head(&intf->waitq); 2885 for (i = 0; i < IPMI_NUM_STATS; i++) 2886 atomic_set(&intf->stats[i], 0); 2887 2888 intf->proc_dir = NULL; 2889 2890 mutex_lock(&smi_watchers_mutex); 2891 mutex_lock(&ipmi_interfaces_mutex); 2892 /* Look for a hole in the numbers. */ 2893 i = 0; 2894 link = &ipmi_interfaces; 2895 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) { 2896 if (tintf->intf_num != i) { 2897 link = &tintf->link; 2898 break; 2899 } 2900 i++; 2901 } 2902 /* Add the new interface in numeric order. */ 2903 if (i == 0) 2904 list_add_rcu(&intf->link, &ipmi_interfaces); 2905 else 2906 list_add_tail_rcu(&intf->link, link); 2907 2908 rv = handlers->start_processing(send_info, intf); 2909 if (rv) 2910 goto out; 2911 2912 get_guid(intf); 2913 2914 if ((intf->ipmi_version_major > 1) 2915 || ((intf->ipmi_version_major == 1) 2916 && (intf->ipmi_version_minor >= 5))) { 2917 /* 2918 * Start scanning the channels to see what is 2919 * available. 2920 */ 2921 intf->null_user_handler = channel_handler; 2922 intf->curr_channel = 0; 2923 rv = send_channel_info_cmd(intf, 0); 2924 if (rv) 2925 goto out; 2926 2927 /* Wait for the channel info to be read. */ 2928 wait_event(intf->waitq, 2929 intf->curr_channel >= IPMI_MAX_CHANNELS); 2930 intf->null_user_handler = NULL; 2931 } else { 2932 /* Assume a single IPMB channel at zero. */ 2933 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB; 2934 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB; 2935 intf->curr_channel = IPMI_MAX_CHANNELS; 2936 } 2937 2938 if (rv == 0) 2939 rv = add_proc_entries(intf, i); 2940 2941 rv = ipmi_bmc_register(intf, i, sysfs_name); 2942 2943 out: 2944 if (rv) { 2945 if (intf->proc_dir) 2946 remove_proc_entries(intf); 2947 intf->handlers = NULL; 2948 list_del_rcu(&intf->link); 2949 mutex_unlock(&ipmi_interfaces_mutex); 2950 mutex_unlock(&smi_watchers_mutex); 2951 synchronize_rcu(); 2952 kref_put(&intf->refcount, intf_free); 2953 } else { 2954 /* 2955 * Keep memory order straight for RCU readers. Make 2956 * sure everything else is committed to memory before 2957 * setting intf_num to mark the interface valid. 2958 */ 2959 smp_wmb(); 2960 intf->intf_num = i; 2961 mutex_unlock(&ipmi_interfaces_mutex); 2962 /* After this point the interface is legal to use. */ 2963 call_smi_watchers(i, intf->si_dev); 2964 mutex_unlock(&smi_watchers_mutex); 2965 } 2966 2967 return rv; 2968 } 2969 EXPORT_SYMBOL(ipmi_register_smi); 2970 2971 static void cleanup_smi_msgs(ipmi_smi_t intf) 2972 { 2973 int i; 2974 struct seq_table *ent; 2975 2976 /* No need for locks, the interface is down. */ 2977 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 2978 ent = &(intf->seq_table[i]); 2979 if (!ent->inuse) 2980 continue; 2981 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED); 2982 } 2983 } 2984 2985 int ipmi_unregister_smi(ipmi_smi_t intf) 2986 { 2987 struct ipmi_smi_watcher *w; 2988 int intf_num = intf->intf_num; 2989 2990 ipmi_bmc_unregister(intf); 2991 2992 mutex_lock(&smi_watchers_mutex); 2993 mutex_lock(&ipmi_interfaces_mutex); 2994 intf->intf_num = -1; 2995 intf->handlers = NULL; 2996 list_del_rcu(&intf->link); 2997 mutex_unlock(&ipmi_interfaces_mutex); 2998 synchronize_rcu(); 2999 3000 cleanup_smi_msgs(intf); 3001 3002 remove_proc_entries(intf); 3003 3004 /* 3005 * Call all the watcher interfaces to tell them that 3006 * an interface is gone. 3007 */ 3008 list_for_each_entry(w, &smi_watchers, link) 3009 w->smi_gone(intf_num); 3010 mutex_unlock(&smi_watchers_mutex); 3011 3012 kref_put(&intf->refcount, intf_free); 3013 return 0; 3014 } 3015 EXPORT_SYMBOL(ipmi_unregister_smi); 3016 3017 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf, 3018 struct ipmi_smi_msg *msg) 3019 { 3020 struct ipmi_ipmb_addr ipmb_addr; 3021 struct ipmi_recv_msg *recv_msg; 3022 3023 /* 3024 * This is 11, not 10, because the response must contain a 3025 * completion code. 3026 */ 3027 if (msg->rsp_size < 11) { 3028 /* Message not big enough, just ignore it. */ 3029 ipmi_inc_stat(intf, invalid_ipmb_responses); 3030 return 0; 3031 } 3032 3033 if (msg->rsp[2] != 0) { 3034 /* An error getting the response, just ignore it. */ 3035 return 0; 3036 } 3037 3038 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE; 3039 ipmb_addr.slave_addr = msg->rsp[6]; 3040 ipmb_addr.channel = msg->rsp[3] & 0x0f; 3041 ipmb_addr.lun = msg->rsp[7] & 3; 3042 3043 /* 3044 * It's a response from a remote entity. Look up the sequence 3045 * number and handle the response. 3046 */ 3047 if (intf_find_seq(intf, 3048 msg->rsp[7] >> 2, 3049 msg->rsp[3] & 0x0f, 3050 msg->rsp[8], 3051 (msg->rsp[4] >> 2) & (~1), 3052 (struct ipmi_addr *) &(ipmb_addr), 3053 &recv_msg)) { 3054 /* 3055 * We were unable to find the sequence number, 3056 * so just nuke the message. 3057 */ 3058 ipmi_inc_stat(intf, unhandled_ipmb_responses); 3059 return 0; 3060 } 3061 3062 memcpy(recv_msg->msg_data, 3063 &(msg->rsp[9]), 3064 msg->rsp_size - 9); 3065 /* 3066 * The other fields matched, so no need to set them, except 3067 * for netfn, which needs to be the response that was 3068 * returned, not the request value. 3069 */ 3070 recv_msg->msg.netfn = msg->rsp[4] >> 2; 3071 recv_msg->msg.data = recv_msg->msg_data; 3072 recv_msg->msg.data_len = msg->rsp_size - 10; 3073 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3074 ipmi_inc_stat(intf, handled_ipmb_responses); 3075 deliver_response(recv_msg); 3076 3077 return 0; 3078 } 3079 3080 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf, 3081 struct ipmi_smi_msg *msg) 3082 { 3083 struct cmd_rcvr *rcvr; 3084 int rv = 0; 3085 unsigned char netfn; 3086 unsigned char cmd; 3087 unsigned char chan; 3088 ipmi_user_t user = NULL; 3089 struct ipmi_ipmb_addr *ipmb_addr; 3090 struct ipmi_recv_msg *recv_msg; 3091 struct ipmi_smi_handlers *handlers; 3092 3093 if (msg->rsp_size < 10) { 3094 /* Message not big enough, just ignore it. */ 3095 ipmi_inc_stat(intf, invalid_commands); 3096 return 0; 3097 } 3098 3099 if (msg->rsp[2] != 0) { 3100 /* An error getting the response, just ignore it. */ 3101 return 0; 3102 } 3103 3104 netfn = msg->rsp[4] >> 2; 3105 cmd = msg->rsp[8]; 3106 chan = msg->rsp[3] & 0xf; 3107 3108 rcu_read_lock(); 3109 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3110 if (rcvr) { 3111 user = rcvr->user; 3112 kref_get(&user->refcount); 3113 } else 3114 user = NULL; 3115 rcu_read_unlock(); 3116 3117 if (user == NULL) { 3118 /* We didn't find a user, deliver an error response. */ 3119 ipmi_inc_stat(intf, unhandled_commands); 3120 3121 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 3122 msg->data[1] = IPMI_SEND_MSG_CMD; 3123 msg->data[2] = msg->rsp[3]; 3124 msg->data[3] = msg->rsp[6]; 3125 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3); 3126 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2); 3127 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address; 3128 /* rqseq/lun */ 3129 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3); 3130 msg->data[8] = msg->rsp[8]; /* cmd */ 3131 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE; 3132 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4); 3133 msg->data_size = 11; 3134 3135 #ifdef DEBUG_MSGING 3136 { 3137 int m; 3138 printk("Invalid command:"); 3139 for (m = 0; m < msg->data_size; m++) 3140 printk(" %2.2x", msg->data[m]); 3141 printk("\n"); 3142 } 3143 #endif 3144 rcu_read_lock(); 3145 handlers = intf->handlers; 3146 if (handlers) { 3147 handlers->sender(intf->send_info, msg, 0); 3148 /* 3149 * We used the message, so return the value 3150 * that causes it to not be freed or 3151 * queued. 3152 */ 3153 rv = -1; 3154 } 3155 rcu_read_unlock(); 3156 } else { 3157 /* Deliver the message to the user. */ 3158 ipmi_inc_stat(intf, handled_commands); 3159 3160 recv_msg = ipmi_alloc_recv_msg(); 3161 if (!recv_msg) { 3162 /* 3163 * We couldn't allocate memory for the 3164 * message, so requeue it for handling 3165 * later. 3166 */ 3167 rv = 1; 3168 kref_put(&user->refcount, free_user); 3169 } else { 3170 /* Extract the source address from the data. */ 3171 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr; 3172 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE; 3173 ipmb_addr->slave_addr = msg->rsp[6]; 3174 ipmb_addr->lun = msg->rsp[7] & 3; 3175 ipmb_addr->channel = msg->rsp[3] & 0xf; 3176 3177 /* 3178 * Extract the rest of the message information 3179 * from the IPMB header. 3180 */ 3181 recv_msg->user = user; 3182 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3183 recv_msg->msgid = msg->rsp[7] >> 2; 3184 recv_msg->msg.netfn = msg->rsp[4] >> 2; 3185 recv_msg->msg.cmd = msg->rsp[8]; 3186 recv_msg->msg.data = recv_msg->msg_data; 3187 3188 /* 3189 * We chop off 10, not 9 bytes because the checksum 3190 * at the end also needs to be removed. 3191 */ 3192 recv_msg->msg.data_len = msg->rsp_size - 10; 3193 memcpy(recv_msg->msg_data, 3194 &(msg->rsp[9]), 3195 msg->rsp_size - 10); 3196 deliver_response(recv_msg); 3197 } 3198 } 3199 3200 return rv; 3201 } 3202 3203 static int handle_lan_get_msg_rsp(ipmi_smi_t intf, 3204 struct ipmi_smi_msg *msg) 3205 { 3206 struct ipmi_lan_addr lan_addr; 3207 struct ipmi_recv_msg *recv_msg; 3208 3209 3210 /* 3211 * This is 13, not 12, because the response must contain a 3212 * completion code. 3213 */ 3214 if (msg->rsp_size < 13) { 3215 /* Message not big enough, just ignore it. */ 3216 ipmi_inc_stat(intf, invalid_lan_responses); 3217 return 0; 3218 } 3219 3220 if (msg->rsp[2] != 0) { 3221 /* An error getting the response, just ignore it. */ 3222 return 0; 3223 } 3224 3225 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE; 3226 lan_addr.session_handle = msg->rsp[4]; 3227 lan_addr.remote_SWID = msg->rsp[8]; 3228 lan_addr.local_SWID = msg->rsp[5]; 3229 lan_addr.channel = msg->rsp[3] & 0x0f; 3230 lan_addr.privilege = msg->rsp[3] >> 4; 3231 lan_addr.lun = msg->rsp[9] & 3; 3232 3233 /* 3234 * It's a response from a remote entity. Look up the sequence 3235 * number and handle the response. 3236 */ 3237 if (intf_find_seq(intf, 3238 msg->rsp[9] >> 2, 3239 msg->rsp[3] & 0x0f, 3240 msg->rsp[10], 3241 (msg->rsp[6] >> 2) & (~1), 3242 (struct ipmi_addr *) &(lan_addr), 3243 &recv_msg)) { 3244 /* 3245 * We were unable to find the sequence number, 3246 * so just nuke the message. 3247 */ 3248 ipmi_inc_stat(intf, unhandled_lan_responses); 3249 return 0; 3250 } 3251 3252 memcpy(recv_msg->msg_data, 3253 &(msg->rsp[11]), 3254 msg->rsp_size - 11); 3255 /* 3256 * The other fields matched, so no need to set them, except 3257 * for netfn, which needs to be the response that was 3258 * returned, not the request value. 3259 */ 3260 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3261 recv_msg->msg.data = recv_msg->msg_data; 3262 recv_msg->msg.data_len = msg->rsp_size - 12; 3263 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3264 ipmi_inc_stat(intf, handled_lan_responses); 3265 deliver_response(recv_msg); 3266 3267 return 0; 3268 } 3269 3270 static int handle_lan_get_msg_cmd(ipmi_smi_t intf, 3271 struct ipmi_smi_msg *msg) 3272 { 3273 struct cmd_rcvr *rcvr; 3274 int rv = 0; 3275 unsigned char netfn; 3276 unsigned char cmd; 3277 unsigned char chan; 3278 ipmi_user_t user = NULL; 3279 struct ipmi_lan_addr *lan_addr; 3280 struct ipmi_recv_msg *recv_msg; 3281 3282 if (msg->rsp_size < 12) { 3283 /* Message not big enough, just ignore it. */ 3284 ipmi_inc_stat(intf, invalid_commands); 3285 return 0; 3286 } 3287 3288 if (msg->rsp[2] != 0) { 3289 /* An error getting the response, just ignore it. */ 3290 return 0; 3291 } 3292 3293 netfn = msg->rsp[6] >> 2; 3294 cmd = msg->rsp[10]; 3295 chan = msg->rsp[3] & 0xf; 3296 3297 rcu_read_lock(); 3298 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3299 if (rcvr) { 3300 user = rcvr->user; 3301 kref_get(&user->refcount); 3302 } else 3303 user = NULL; 3304 rcu_read_unlock(); 3305 3306 if (user == NULL) { 3307 /* We didn't find a user, just give up. */ 3308 ipmi_inc_stat(intf, unhandled_commands); 3309 3310 /* 3311 * Don't do anything with these messages, just allow 3312 * them to be freed. 3313 */ 3314 rv = 0; 3315 } else { 3316 /* Deliver the message to the user. */ 3317 ipmi_inc_stat(intf, handled_commands); 3318 3319 recv_msg = ipmi_alloc_recv_msg(); 3320 if (!recv_msg) { 3321 /* 3322 * We couldn't allocate memory for the 3323 * message, so requeue it for handling later. 3324 */ 3325 rv = 1; 3326 kref_put(&user->refcount, free_user); 3327 } else { 3328 /* Extract the source address from the data. */ 3329 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr; 3330 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE; 3331 lan_addr->session_handle = msg->rsp[4]; 3332 lan_addr->remote_SWID = msg->rsp[8]; 3333 lan_addr->local_SWID = msg->rsp[5]; 3334 lan_addr->lun = msg->rsp[9] & 3; 3335 lan_addr->channel = msg->rsp[3] & 0xf; 3336 lan_addr->privilege = msg->rsp[3] >> 4; 3337 3338 /* 3339 * Extract the rest of the message information 3340 * from the IPMB header. 3341 */ 3342 recv_msg->user = user; 3343 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3344 recv_msg->msgid = msg->rsp[9] >> 2; 3345 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3346 recv_msg->msg.cmd = msg->rsp[10]; 3347 recv_msg->msg.data = recv_msg->msg_data; 3348 3349 /* 3350 * We chop off 12, not 11 bytes because the checksum 3351 * at the end also needs to be removed. 3352 */ 3353 recv_msg->msg.data_len = msg->rsp_size - 12; 3354 memcpy(recv_msg->msg_data, 3355 &(msg->rsp[11]), 3356 msg->rsp_size - 12); 3357 deliver_response(recv_msg); 3358 } 3359 } 3360 3361 return rv; 3362 } 3363 3364 /* 3365 * This routine will handle "Get Message" command responses with 3366 * channels that use an OEM Medium. The message format belongs to 3367 * the OEM. See IPMI 2.0 specification, Chapter 6 and 3368 * Chapter 22, sections 22.6 and 22.24 for more details. 3369 */ 3370 static int handle_oem_get_msg_cmd(ipmi_smi_t intf, 3371 struct ipmi_smi_msg *msg) 3372 { 3373 struct cmd_rcvr *rcvr; 3374 int rv = 0; 3375 unsigned char netfn; 3376 unsigned char cmd; 3377 unsigned char chan; 3378 ipmi_user_t user = NULL; 3379 struct ipmi_system_interface_addr *smi_addr; 3380 struct ipmi_recv_msg *recv_msg; 3381 3382 /* 3383 * We expect the OEM SW to perform error checking 3384 * so we just do some basic sanity checks 3385 */ 3386 if (msg->rsp_size < 4) { 3387 /* Message not big enough, just ignore it. */ 3388 ipmi_inc_stat(intf, invalid_commands); 3389 return 0; 3390 } 3391 3392 if (msg->rsp[2] != 0) { 3393 /* An error getting the response, just ignore it. */ 3394 return 0; 3395 } 3396 3397 /* 3398 * This is an OEM Message so the OEM needs to know how 3399 * handle the message. We do no interpretation. 3400 */ 3401 netfn = msg->rsp[0] >> 2; 3402 cmd = msg->rsp[1]; 3403 chan = msg->rsp[3] & 0xf; 3404 3405 rcu_read_lock(); 3406 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3407 if (rcvr) { 3408 user = rcvr->user; 3409 kref_get(&user->refcount); 3410 } else 3411 user = NULL; 3412 rcu_read_unlock(); 3413 3414 if (user == NULL) { 3415 /* We didn't find a user, just give up. */ 3416 ipmi_inc_stat(intf, unhandled_commands); 3417 3418 /* 3419 * Don't do anything with these messages, just allow 3420 * them to be freed. 3421 */ 3422 3423 rv = 0; 3424 } else { 3425 /* Deliver the message to the user. */ 3426 ipmi_inc_stat(intf, handled_commands); 3427 3428 recv_msg = ipmi_alloc_recv_msg(); 3429 if (!recv_msg) { 3430 /* 3431 * We couldn't allocate memory for the 3432 * message, so requeue it for handling 3433 * later. 3434 */ 3435 rv = 1; 3436 kref_put(&user->refcount, free_user); 3437 } else { 3438 /* 3439 * OEM Messages are expected to be delivered via 3440 * the system interface to SMS software. We might 3441 * need to visit this again depending on OEM 3442 * requirements 3443 */ 3444 smi_addr = ((struct ipmi_system_interface_addr *) 3445 &(recv_msg->addr)); 3446 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3447 smi_addr->channel = IPMI_BMC_CHANNEL; 3448 smi_addr->lun = msg->rsp[0] & 3; 3449 3450 recv_msg->user = user; 3451 recv_msg->user_msg_data = NULL; 3452 recv_msg->recv_type = IPMI_OEM_RECV_TYPE; 3453 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3454 recv_msg->msg.cmd = msg->rsp[1]; 3455 recv_msg->msg.data = recv_msg->msg_data; 3456 3457 /* 3458 * The message starts at byte 4 which follows the 3459 * the Channel Byte in the "GET MESSAGE" command 3460 */ 3461 recv_msg->msg.data_len = msg->rsp_size - 4; 3462 memcpy(recv_msg->msg_data, 3463 &(msg->rsp[4]), 3464 msg->rsp_size - 4); 3465 deliver_response(recv_msg); 3466 } 3467 } 3468 3469 return rv; 3470 } 3471 3472 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg, 3473 struct ipmi_smi_msg *msg) 3474 { 3475 struct ipmi_system_interface_addr *smi_addr; 3476 3477 recv_msg->msgid = 0; 3478 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr); 3479 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3480 smi_addr->channel = IPMI_BMC_CHANNEL; 3481 smi_addr->lun = msg->rsp[0] & 3; 3482 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE; 3483 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3484 recv_msg->msg.cmd = msg->rsp[1]; 3485 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3); 3486 recv_msg->msg.data = recv_msg->msg_data; 3487 recv_msg->msg.data_len = msg->rsp_size - 3; 3488 } 3489 3490 static int handle_read_event_rsp(ipmi_smi_t intf, 3491 struct ipmi_smi_msg *msg) 3492 { 3493 struct ipmi_recv_msg *recv_msg, *recv_msg2; 3494 struct list_head msgs; 3495 ipmi_user_t user; 3496 int rv = 0; 3497 int deliver_count = 0; 3498 unsigned long flags; 3499 3500 if (msg->rsp_size < 19) { 3501 /* Message is too small to be an IPMB event. */ 3502 ipmi_inc_stat(intf, invalid_events); 3503 return 0; 3504 } 3505 3506 if (msg->rsp[2] != 0) { 3507 /* An error getting the event, just ignore it. */ 3508 return 0; 3509 } 3510 3511 INIT_LIST_HEAD(&msgs); 3512 3513 spin_lock_irqsave(&intf->events_lock, flags); 3514 3515 ipmi_inc_stat(intf, events); 3516 3517 /* 3518 * Allocate and fill in one message for every user that is 3519 * getting events. 3520 */ 3521 rcu_read_lock(); 3522 list_for_each_entry_rcu(user, &intf->users, link) { 3523 if (!user->gets_events) 3524 continue; 3525 3526 recv_msg = ipmi_alloc_recv_msg(); 3527 if (!recv_msg) { 3528 rcu_read_unlock(); 3529 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, 3530 link) { 3531 list_del(&recv_msg->link); 3532 ipmi_free_recv_msg(recv_msg); 3533 } 3534 /* 3535 * We couldn't allocate memory for the 3536 * message, so requeue it for handling 3537 * later. 3538 */ 3539 rv = 1; 3540 goto out; 3541 } 3542 3543 deliver_count++; 3544 3545 copy_event_into_recv_msg(recv_msg, msg); 3546 recv_msg->user = user; 3547 kref_get(&user->refcount); 3548 list_add_tail(&(recv_msg->link), &msgs); 3549 } 3550 rcu_read_unlock(); 3551 3552 if (deliver_count) { 3553 /* Now deliver all the messages. */ 3554 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) { 3555 list_del(&recv_msg->link); 3556 deliver_response(recv_msg); 3557 } 3558 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) { 3559 /* 3560 * No one to receive the message, put it in queue if there's 3561 * not already too many things in the queue. 3562 */ 3563 recv_msg = ipmi_alloc_recv_msg(); 3564 if (!recv_msg) { 3565 /* 3566 * We couldn't allocate memory for the 3567 * message, so requeue it for handling 3568 * later. 3569 */ 3570 rv = 1; 3571 goto out; 3572 } 3573 3574 copy_event_into_recv_msg(recv_msg, msg); 3575 list_add_tail(&(recv_msg->link), &(intf->waiting_events)); 3576 intf->waiting_events_count++; 3577 } else if (!intf->event_msg_printed) { 3578 /* 3579 * There's too many things in the queue, discard this 3580 * message. 3581 */ 3582 printk(KERN_WARNING PFX "Event queue full, discarding" 3583 " incoming events\n"); 3584 intf->event_msg_printed = 1; 3585 } 3586 3587 out: 3588 spin_unlock_irqrestore(&(intf->events_lock), flags); 3589 3590 return rv; 3591 } 3592 3593 static int handle_bmc_rsp(ipmi_smi_t intf, 3594 struct ipmi_smi_msg *msg) 3595 { 3596 struct ipmi_recv_msg *recv_msg; 3597 struct ipmi_user *user; 3598 3599 recv_msg = (struct ipmi_recv_msg *) msg->user_data; 3600 if (recv_msg == NULL) { 3601 printk(KERN_WARNING 3602 "IPMI message received with no owner. This\n" 3603 "could be because of a malformed message, or\n" 3604 "because of a hardware error. Contact your\n" 3605 "hardware vender for assistance\n"); 3606 return 0; 3607 } 3608 3609 user = recv_msg->user; 3610 /* Make sure the user still exists. */ 3611 if (user && !user->valid) { 3612 /* The user for the message went away, so give up. */ 3613 ipmi_inc_stat(intf, unhandled_local_responses); 3614 ipmi_free_recv_msg(recv_msg); 3615 } else { 3616 struct ipmi_system_interface_addr *smi_addr; 3617 3618 ipmi_inc_stat(intf, handled_local_responses); 3619 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3620 recv_msg->msgid = msg->msgid; 3621 smi_addr = ((struct ipmi_system_interface_addr *) 3622 &(recv_msg->addr)); 3623 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3624 smi_addr->channel = IPMI_BMC_CHANNEL; 3625 smi_addr->lun = msg->rsp[0] & 3; 3626 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3627 recv_msg->msg.cmd = msg->rsp[1]; 3628 memcpy(recv_msg->msg_data, 3629 &(msg->rsp[2]), 3630 msg->rsp_size - 2); 3631 recv_msg->msg.data = recv_msg->msg_data; 3632 recv_msg->msg.data_len = msg->rsp_size - 2; 3633 deliver_response(recv_msg); 3634 } 3635 3636 return 0; 3637 } 3638 3639 /* 3640 * Handle a received message. Return 1 if the message should be requeued, 3641 * 0 if the message should be freed, or -1 if the message should not 3642 * be freed or requeued. 3643 */ 3644 static int handle_one_recv_msg(ipmi_smi_t intf, 3645 struct ipmi_smi_msg *msg) 3646 { 3647 int requeue; 3648 int chan; 3649 3650 #ifdef DEBUG_MSGING 3651 int m; 3652 printk("Recv:"); 3653 for (m = 0; m < msg->rsp_size; m++) 3654 printk(" %2.2x", msg->rsp[m]); 3655 printk("\n"); 3656 #endif 3657 if (msg->rsp_size < 2) { 3658 /* Message is too small to be correct. */ 3659 printk(KERN_WARNING PFX "BMC returned to small a message" 3660 " for netfn %x cmd %x, got %d bytes\n", 3661 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size); 3662 3663 /* Generate an error response for the message. */ 3664 msg->rsp[0] = msg->data[0] | (1 << 2); 3665 msg->rsp[1] = msg->data[1]; 3666 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3667 msg->rsp_size = 3; 3668 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1)) 3669 || (msg->rsp[1] != msg->data[1])) { 3670 /* 3671 * The NetFN and Command in the response is not even 3672 * marginally correct. 3673 */ 3674 printk(KERN_WARNING PFX "BMC returned incorrect response," 3675 " expected netfn %x cmd %x, got netfn %x cmd %x\n", 3676 (msg->data[0] >> 2) | 1, msg->data[1], 3677 msg->rsp[0] >> 2, msg->rsp[1]); 3678 3679 /* Generate an error response for the message. */ 3680 msg->rsp[0] = msg->data[0] | (1 << 2); 3681 msg->rsp[1] = msg->data[1]; 3682 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3683 msg->rsp_size = 3; 3684 } 3685 3686 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3687 && (msg->rsp[1] == IPMI_SEND_MSG_CMD) 3688 && (msg->user_data != NULL)) { 3689 /* 3690 * It's a response to a response we sent. For this we 3691 * deliver a send message response to the user. 3692 */ 3693 struct ipmi_recv_msg *recv_msg = msg->user_data; 3694 3695 requeue = 0; 3696 if (msg->rsp_size < 2) 3697 /* Message is too small to be correct. */ 3698 goto out; 3699 3700 chan = msg->data[2] & 0x0f; 3701 if (chan >= IPMI_MAX_CHANNELS) 3702 /* Invalid channel number */ 3703 goto out; 3704 3705 if (!recv_msg) 3706 goto out; 3707 3708 /* Make sure the user still exists. */ 3709 if (!recv_msg->user || !recv_msg->user->valid) 3710 goto out; 3711 3712 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE; 3713 recv_msg->msg.data = recv_msg->msg_data; 3714 recv_msg->msg.data_len = 1; 3715 recv_msg->msg_data[0] = msg->rsp[2]; 3716 deliver_response(recv_msg); 3717 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3718 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) { 3719 /* It's from the receive queue. */ 3720 chan = msg->rsp[3] & 0xf; 3721 if (chan >= IPMI_MAX_CHANNELS) { 3722 /* Invalid channel number */ 3723 requeue = 0; 3724 goto out; 3725 } 3726 3727 /* 3728 * We need to make sure the channels have been initialized. 3729 * The channel_handler routine will set the "curr_channel" 3730 * equal to or greater than IPMI_MAX_CHANNELS when all the 3731 * channels for this interface have been initialized. 3732 */ 3733 if (intf->curr_channel < IPMI_MAX_CHANNELS) { 3734 requeue = 0; /* Throw the message away */ 3735 goto out; 3736 } 3737 3738 switch (intf->channels[chan].medium) { 3739 case IPMI_CHANNEL_MEDIUM_IPMB: 3740 if (msg->rsp[4] & 0x04) { 3741 /* 3742 * It's a response, so find the 3743 * requesting message and send it up. 3744 */ 3745 requeue = handle_ipmb_get_msg_rsp(intf, msg); 3746 } else { 3747 /* 3748 * It's a command to the SMS from some other 3749 * entity. Handle that. 3750 */ 3751 requeue = handle_ipmb_get_msg_cmd(intf, msg); 3752 } 3753 break; 3754 3755 case IPMI_CHANNEL_MEDIUM_8023LAN: 3756 case IPMI_CHANNEL_MEDIUM_ASYNC: 3757 if (msg->rsp[6] & 0x04) { 3758 /* 3759 * It's a response, so find the 3760 * requesting message and send it up. 3761 */ 3762 requeue = handle_lan_get_msg_rsp(intf, msg); 3763 } else { 3764 /* 3765 * It's a command to the SMS from some other 3766 * entity. Handle that. 3767 */ 3768 requeue = handle_lan_get_msg_cmd(intf, msg); 3769 } 3770 break; 3771 3772 default: 3773 /* Check for OEM Channels. Clients had better 3774 register for these commands. */ 3775 if ((intf->channels[chan].medium 3776 >= IPMI_CHANNEL_MEDIUM_OEM_MIN) 3777 && (intf->channels[chan].medium 3778 <= IPMI_CHANNEL_MEDIUM_OEM_MAX)) { 3779 requeue = handle_oem_get_msg_cmd(intf, msg); 3780 } else { 3781 /* 3782 * We don't handle the channel type, so just 3783 * free the message. 3784 */ 3785 requeue = 0; 3786 } 3787 } 3788 3789 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3790 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) { 3791 /* It's an asynchronous event. */ 3792 requeue = handle_read_event_rsp(intf, msg); 3793 } else { 3794 /* It's a response from the local BMC. */ 3795 requeue = handle_bmc_rsp(intf, msg); 3796 } 3797 3798 out: 3799 return requeue; 3800 } 3801 3802 /* 3803 * If there are messages in the queue or pretimeouts, handle them. 3804 */ 3805 static void handle_new_recv_msgs(ipmi_smi_t intf) 3806 { 3807 struct ipmi_smi_msg *smi_msg; 3808 unsigned long flags = 0; 3809 int rv; 3810 int run_to_completion = intf->run_to_completion; 3811 3812 /* See if any waiting messages need to be processed. */ 3813 if (!run_to_completion) 3814 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3815 while (!list_empty(&intf->waiting_msgs)) { 3816 smi_msg = list_entry(intf->waiting_msgs.next, 3817 struct ipmi_smi_msg, link); 3818 list_del(&smi_msg->link); 3819 if (!run_to_completion) 3820 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3821 rv = handle_one_recv_msg(intf, smi_msg); 3822 if (!run_to_completion) 3823 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3824 if (rv == 0) { 3825 /* Message handled */ 3826 ipmi_free_smi_msg(smi_msg); 3827 } else if (rv < 0) { 3828 /* Fatal error on the message, del but don't free. */ 3829 } else { 3830 /* 3831 * To preserve message order, quit if we 3832 * can't handle a message. 3833 */ 3834 list_add(&smi_msg->link, &intf->waiting_msgs); 3835 break; 3836 } 3837 } 3838 if (!run_to_completion) 3839 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3840 3841 /* 3842 * If the pretimout count is non-zero, decrement one from it and 3843 * deliver pretimeouts to all the users. 3844 */ 3845 if (atomic_add_unless(&intf->watchdog_pretimeouts_to_deliver, -1, 0)) { 3846 ipmi_user_t user; 3847 3848 rcu_read_lock(); 3849 list_for_each_entry_rcu(user, &intf->users, link) { 3850 if (user->handler->ipmi_watchdog_pretimeout) 3851 user->handler->ipmi_watchdog_pretimeout( 3852 user->handler_data); 3853 } 3854 rcu_read_unlock(); 3855 } 3856 } 3857 3858 static void smi_recv_tasklet(unsigned long val) 3859 { 3860 handle_new_recv_msgs((ipmi_smi_t) val); 3861 } 3862 3863 /* Handle a new message from the lower layer. */ 3864 void ipmi_smi_msg_received(ipmi_smi_t intf, 3865 struct ipmi_smi_msg *msg) 3866 { 3867 unsigned long flags = 0; /* keep us warning-free. */ 3868 int run_to_completion; 3869 3870 3871 if ((msg->data_size >= 2) 3872 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2)) 3873 && (msg->data[1] == IPMI_SEND_MSG_CMD) 3874 && (msg->user_data == NULL)) { 3875 /* 3876 * This is the local response to a command send, start 3877 * the timer for these. The user_data will not be 3878 * NULL if this is a response send, and we will let 3879 * response sends just go through. 3880 */ 3881 3882 /* 3883 * Check for errors, if we get certain errors (ones 3884 * that mean basically we can try again later), we 3885 * ignore them and start the timer. Otherwise we 3886 * report the error immediately. 3887 */ 3888 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0) 3889 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR) 3890 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR) 3891 && (msg->rsp[2] != IPMI_BUS_ERR) 3892 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) { 3893 int chan = msg->rsp[3] & 0xf; 3894 3895 /* Got an error sending the message, handle it. */ 3896 if (chan >= IPMI_MAX_CHANNELS) 3897 ; /* This shouldn't happen */ 3898 else if ((intf->channels[chan].medium 3899 == IPMI_CHANNEL_MEDIUM_8023LAN) 3900 || (intf->channels[chan].medium 3901 == IPMI_CHANNEL_MEDIUM_ASYNC)) 3902 ipmi_inc_stat(intf, sent_lan_command_errs); 3903 else 3904 ipmi_inc_stat(intf, sent_ipmb_command_errs); 3905 intf_err_seq(intf, msg->msgid, msg->rsp[2]); 3906 } else 3907 /* The message was sent, start the timer. */ 3908 intf_start_seq_timer(intf, msg->msgid); 3909 3910 ipmi_free_smi_msg(msg); 3911 goto out; 3912 } 3913 3914 /* 3915 * To preserve message order, if the list is not empty, we 3916 * tack this message onto the end of the list. 3917 */ 3918 run_to_completion = intf->run_to_completion; 3919 if (!run_to_completion) 3920 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3921 list_add_tail(&msg->link, &intf->waiting_msgs); 3922 if (!run_to_completion) 3923 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3924 3925 tasklet_schedule(&intf->recv_tasklet); 3926 out: 3927 return; 3928 } 3929 EXPORT_SYMBOL(ipmi_smi_msg_received); 3930 3931 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf) 3932 { 3933 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 1); 3934 tasklet_schedule(&intf->recv_tasklet); 3935 } 3936 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout); 3937 3938 static struct ipmi_smi_msg * 3939 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg, 3940 unsigned char seq, long seqid) 3941 { 3942 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg(); 3943 if (!smi_msg) 3944 /* 3945 * If we can't allocate the message, then just return, we 3946 * get 4 retries, so this should be ok. 3947 */ 3948 return NULL; 3949 3950 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len); 3951 smi_msg->data_size = recv_msg->msg.data_len; 3952 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid); 3953 3954 #ifdef DEBUG_MSGING 3955 { 3956 int m; 3957 printk("Resend: "); 3958 for (m = 0; m < smi_msg->data_size; m++) 3959 printk(" %2.2x", smi_msg->data[m]); 3960 printk("\n"); 3961 } 3962 #endif 3963 return smi_msg; 3964 } 3965 3966 static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, 3967 struct list_head *timeouts, long timeout_period, 3968 int slot, unsigned long *flags) 3969 { 3970 struct ipmi_recv_msg *msg; 3971 struct ipmi_smi_handlers *handlers; 3972 3973 if (intf->intf_num == -1) 3974 return; 3975 3976 if (!ent->inuse) 3977 return; 3978 3979 ent->timeout -= timeout_period; 3980 if (ent->timeout > 0) 3981 return; 3982 3983 if (ent->retries_left == 0) { 3984 /* The message has used all its retries. */ 3985 ent->inuse = 0; 3986 msg = ent->recv_msg; 3987 list_add_tail(&msg->link, timeouts); 3988 if (ent->broadcast) 3989 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts); 3990 else if (is_lan_addr(&ent->recv_msg->addr)) 3991 ipmi_inc_stat(intf, timed_out_lan_commands); 3992 else 3993 ipmi_inc_stat(intf, timed_out_ipmb_commands); 3994 } else { 3995 struct ipmi_smi_msg *smi_msg; 3996 /* More retries, send again. */ 3997 3998 /* 3999 * Start with the max timer, set to normal timer after 4000 * the message is sent. 4001 */ 4002 ent->timeout = MAX_MSG_TIMEOUT; 4003 ent->retries_left--; 4004 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot, 4005 ent->seqid); 4006 if (!smi_msg) { 4007 if (is_lan_addr(&ent->recv_msg->addr)) 4008 ipmi_inc_stat(intf, 4009 dropped_rexmit_lan_commands); 4010 else 4011 ipmi_inc_stat(intf, 4012 dropped_rexmit_ipmb_commands); 4013 return; 4014 } 4015 4016 spin_unlock_irqrestore(&intf->seq_lock, *flags); 4017 4018 /* 4019 * Send the new message. We send with a zero 4020 * priority. It timed out, I doubt time is that 4021 * critical now, and high priority messages are really 4022 * only for messages to the local MC, which don't get 4023 * resent. 4024 */ 4025 handlers = intf->handlers; 4026 if (handlers) { 4027 if (is_lan_addr(&ent->recv_msg->addr)) 4028 ipmi_inc_stat(intf, 4029 retransmitted_lan_commands); 4030 else 4031 ipmi_inc_stat(intf, 4032 retransmitted_ipmb_commands); 4033 4034 intf->handlers->sender(intf->send_info, 4035 smi_msg, 0); 4036 } else 4037 ipmi_free_smi_msg(smi_msg); 4038 4039 spin_lock_irqsave(&intf->seq_lock, *flags); 4040 } 4041 } 4042 4043 static void ipmi_timeout_handler(long timeout_period) 4044 { 4045 ipmi_smi_t intf; 4046 struct list_head timeouts; 4047 struct ipmi_recv_msg *msg, *msg2; 4048 unsigned long flags; 4049 int i; 4050 4051 rcu_read_lock(); 4052 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4053 tasklet_schedule(&intf->recv_tasklet); 4054 4055 /* 4056 * Go through the seq table and find any messages that 4057 * have timed out, putting them in the timeouts 4058 * list. 4059 */ 4060 INIT_LIST_HEAD(&timeouts); 4061 spin_lock_irqsave(&intf->seq_lock, flags); 4062 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) 4063 check_msg_timeout(intf, &(intf->seq_table[i]), 4064 &timeouts, timeout_period, i, 4065 &flags); 4066 spin_unlock_irqrestore(&intf->seq_lock, flags); 4067 4068 list_for_each_entry_safe(msg, msg2, &timeouts, link) 4069 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE); 4070 4071 /* 4072 * Maintenance mode handling. Check the timeout 4073 * optimistically before we claim the lock. It may 4074 * mean a timeout gets missed occasionally, but that 4075 * only means the timeout gets extended by one period 4076 * in that case. No big deal, and it avoids the lock 4077 * most of the time. 4078 */ 4079 if (intf->auto_maintenance_timeout > 0) { 4080 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 4081 if (intf->auto_maintenance_timeout > 0) { 4082 intf->auto_maintenance_timeout 4083 -= timeout_period; 4084 if (!intf->maintenance_mode 4085 && (intf->auto_maintenance_timeout <= 0)) { 4086 intf->maintenance_mode_enable = 0; 4087 maintenance_mode_update(intf); 4088 } 4089 } 4090 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 4091 flags); 4092 } 4093 } 4094 rcu_read_unlock(); 4095 } 4096 4097 static void ipmi_request_event(void) 4098 { 4099 ipmi_smi_t intf; 4100 struct ipmi_smi_handlers *handlers; 4101 4102 rcu_read_lock(); 4103 /* 4104 * Called from the timer, no need to check if handlers is 4105 * valid. 4106 */ 4107 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4108 /* No event requests when in maintenance mode. */ 4109 if (intf->maintenance_mode_enable) 4110 continue; 4111 4112 handlers = intf->handlers; 4113 if (handlers) 4114 handlers->request_events(intf->send_info); 4115 } 4116 rcu_read_unlock(); 4117 } 4118 4119 static struct timer_list ipmi_timer; 4120 4121 /* Call every ~1000 ms. */ 4122 #define IPMI_TIMEOUT_TIME 1000 4123 4124 /* How many jiffies does it take to get to the timeout time. */ 4125 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000) 4126 4127 /* 4128 * Request events from the queue every second (this is the number of 4129 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the 4130 * future, IPMI will add a way to know immediately if an event is in 4131 * the queue and this silliness can go away. 4132 */ 4133 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME)) 4134 4135 static atomic_t stop_operation; 4136 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 4137 4138 static void ipmi_timeout(unsigned long data) 4139 { 4140 if (atomic_read(&stop_operation)) 4141 return; 4142 4143 ticks_to_req_ev--; 4144 if (ticks_to_req_ev == 0) { 4145 ipmi_request_event(); 4146 ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 4147 } 4148 4149 ipmi_timeout_handler(IPMI_TIMEOUT_TIME); 4150 4151 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4152 } 4153 4154 4155 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0); 4156 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0); 4157 4158 /* FIXME - convert these to slabs. */ 4159 static void free_smi_msg(struct ipmi_smi_msg *msg) 4160 { 4161 atomic_dec(&smi_msg_inuse_count); 4162 kfree(msg); 4163 } 4164 4165 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void) 4166 { 4167 struct ipmi_smi_msg *rv; 4168 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC); 4169 if (rv) { 4170 rv->done = free_smi_msg; 4171 rv->user_data = NULL; 4172 atomic_inc(&smi_msg_inuse_count); 4173 } 4174 return rv; 4175 } 4176 EXPORT_SYMBOL(ipmi_alloc_smi_msg); 4177 4178 static void free_recv_msg(struct ipmi_recv_msg *msg) 4179 { 4180 atomic_dec(&recv_msg_inuse_count); 4181 kfree(msg); 4182 } 4183 4184 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void) 4185 { 4186 struct ipmi_recv_msg *rv; 4187 4188 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC); 4189 if (rv) { 4190 rv->user = NULL; 4191 rv->done = free_recv_msg; 4192 atomic_inc(&recv_msg_inuse_count); 4193 } 4194 return rv; 4195 } 4196 4197 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg) 4198 { 4199 if (msg->user) 4200 kref_put(&msg->user->refcount, free_user); 4201 msg->done(msg); 4202 } 4203 EXPORT_SYMBOL(ipmi_free_recv_msg); 4204 4205 #ifdef CONFIG_IPMI_PANIC_EVENT 4206 4207 static atomic_t panic_done_count = ATOMIC_INIT(0); 4208 4209 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg) 4210 { 4211 atomic_dec(&panic_done_count); 4212 } 4213 4214 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg) 4215 { 4216 atomic_dec(&panic_done_count); 4217 } 4218 4219 /* 4220 * Inside a panic, send a message and wait for a response. 4221 */ 4222 static void ipmi_panic_request_and_wait(ipmi_smi_t intf, 4223 struct ipmi_addr *addr, 4224 struct kernel_ipmi_msg *msg) 4225 { 4226 struct ipmi_smi_msg smi_msg; 4227 struct ipmi_recv_msg recv_msg; 4228 int rv; 4229 4230 smi_msg.done = dummy_smi_done_handler; 4231 recv_msg.done = dummy_recv_done_handler; 4232 atomic_add(2, &panic_done_count); 4233 rv = i_ipmi_request(NULL, 4234 intf, 4235 addr, 4236 0, 4237 msg, 4238 intf, 4239 &smi_msg, 4240 &recv_msg, 4241 0, 4242 intf->channels[0].address, 4243 intf->channels[0].lun, 4244 0, 1); /* Don't retry, and don't wait. */ 4245 if (rv) 4246 atomic_sub(2, &panic_done_count); 4247 while (atomic_read(&panic_done_count) != 0) 4248 ipmi_poll(intf); 4249 } 4250 4251 #ifdef CONFIG_IPMI_PANIC_STRING 4252 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 4253 { 4254 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 4255 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE) 4256 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD) 4257 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) { 4258 /* A get event receiver command, save it. */ 4259 intf->event_receiver = msg->msg.data[1]; 4260 intf->event_receiver_lun = msg->msg.data[2] & 0x3; 4261 } 4262 } 4263 4264 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 4265 { 4266 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 4267 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 4268 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD) 4269 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) { 4270 /* 4271 * A get device id command, save if we are an event 4272 * receiver or generator. 4273 */ 4274 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1; 4275 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1; 4276 } 4277 } 4278 #endif 4279 4280 static void send_panic_events(char *str) 4281 { 4282 struct kernel_ipmi_msg msg; 4283 ipmi_smi_t intf; 4284 unsigned char data[16]; 4285 struct ipmi_system_interface_addr *si; 4286 struct ipmi_addr addr; 4287 4288 si = (struct ipmi_system_interface_addr *) &addr; 4289 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4290 si->channel = IPMI_BMC_CHANNEL; 4291 si->lun = 0; 4292 4293 /* Fill in an event telling that we have failed. */ 4294 msg.netfn = 0x04; /* Sensor or Event. */ 4295 msg.cmd = 2; /* Platform event command. */ 4296 msg.data = data; 4297 msg.data_len = 8; 4298 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */ 4299 data[1] = 0x03; /* This is for IPMI 1.0. */ 4300 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */ 4301 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */ 4302 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */ 4303 4304 /* 4305 * Put a few breadcrumbs in. Hopefully later we can add more things 4306 * to make the panic events more useful. 4307 */ 4308 if (str) { 4309 data[3] = str[0]; 4310 data[6] = str[1]; 4311 data[7] = str[2]; 4312 } 4313 4314 /* For every registered interface, send the event. */ 4315 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4316 if (!intf->handlers) 4317 /* Interface is not ready. */ 4318 continue; 4319 4320 intf->run_to_completion = 1; 4321 /* Send the event announcing the panic. */ 4322 intf->handlers->set_run_to_completion(intf->send_info, 1); 4323 ipmi_panic_request_and_wait(intf, &addr, &msg); 4324 } 4325 4326 #ifdef CONFIG_IPMI_PANIC_STRING 4327 /* 4328 * On every interface, dump a bunch of OEM event holding the 4329 * string. 4330 */ 4331 if (!str) 4332 return; 4333 4334 /* For every registered interface, send the event. */ 4335 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4336 char *p = str; 4337 struct ipmi_ipmb_addr *ipmb; 4338 int j; 4339 4340 if (intf->intf_num == -1) 4341 /* Interface was not ready yet. */ 4342 continue; 4343 4344 /* 4345 * intf_num is used as an marker to tell if the 4346 * interface is valid. Thus we need a read barrier to 4347 * make sure data fetched before checking intf_num 4348 * won't be used. 4349 */ 4350 smp_rmb(); 4351 4352 /* 4353 * First job here is to figure out where to send the 4354 * OEM events. There's no way in IPMI to send OEM 4355 * events using an event send command, so we have to 4356 * find the SEL to put them in and stick them in 4357 * there. 4358 */ 4359 4360 /* Get capabilities from the get device id. */ 4361 intf->local_sel_device = 0; 4362 intf->local_event_generator = 0; 4363 intf->event_receiver = 0; 4364 4365 /* Request the device info from the local MC. */ 4366 msg.netfn = IPMI_NETFN_APP_REQUEST; 4367 msg.cmd = IPMI_GET_DEVICE_ID_CMD; 4368 msg.data = NULL; 4369 msg.data_len = 0; 4370 intf->null_user_handler = device_id_fetcher; 4371 ipmi_panic_request_and_wait(intf, &addr, &msg); 4372 4373 if (intf->local_event_generator) { 4374 /* Request the event receiver from the local MC. */ 4375 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST; 4376 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD; 4377 msg.data = NULL; 4378 msg.data_len = 0; 4379 intf->null_user_handler = event_receiver_fetcher; 4380 ipmi_panic_request_and_wait(intf, &addr, &msg); 4381 } 4382 intf->null_user_handler = NULL; 4383 4384 /* 4385 * Validate the event receiver. The low bit must not 4386 * be 1 (it must be a valid IPMB address), it cannot 4387 * be zero, and it must not be my address. 4388 */ 4389 if (((intf->event_receiver & 1) == 0) 4390 && (intf->event_receiver != 0) 4391 && (intf->event_receiver != intf->channels[0].address)) { 4392 /* 4393 * The event receiver is valid, send an IPMB 4394 * message. 4395 */ 4396 ipmb = (struct ipmi_ipmb_addr *) &addr; 4397 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE; 4398 ipmb->channel = 0; /* FIXME - is this right? */ 4399 ipmb->lun = intf->event_receiver_lun; 4400 ipmb->slave_addr = intf->event_receiver; 4401 } else if (intf->local_sel_device) { 4402 /* 4403 * The event receiver was not valid (or was 4404 * me), but I am an SEL device, just dump it 4405 * in my SEL. 4406 */ 4407 si = (struct ipmi_system_interface_addr *) &addr; 4408 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4409 si->channel = IPMI_BMC_CHANNEL; 4410 si->lun = 0; 4411 } else 4412 continue; /* No where to send the event. */ 4413 4414 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */ 4415 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD; 4416 msg.data = data; 4417 msg.data_len = 16; 4418 4419 j = 0; 4420 while (*p) { 4421 int size = strlen(p); 4422 4423 if (size > 11) 4424 size = 11; 4425 data[0] = 0; 4426 data[1] = 0; 4427 data[2] = 0xf0; /* OEM event without timestamp. */ 4428 data[3] = intf->channels[0].address; 4429 data[4] = j++; /* sequence # */ 4430 /* 4431 * Always give 11 bytes, so strncpy will fill 4432 * it with zeroes for me. 4433 */ 4434 strncpy(data+5, p, 11); 4435 p += size; 4436 4437 ipmi_panic_request_and_wait(intf, &addr, &msg); 4438 } 4439 } 4440 #endif /* CONFIG_IPMI_PANIC_STRING */ 4441 } 4442 #endif /* CONFIG_IPMI_PANIC_EVENT */ 4443 4444 static int has_panicked; 4445 4446 static int panic_event(struct notifier_block *this, 4447 unsigned long event, 4448 void *ptr) 4449 { 4450 ipmi_smi_t intf; 4451 4452 if (has_panicked) 4453 return NOTIFY_DONE; 4454 has_panicked = 1; 4455 4456 /* For every registered interface, set it to run to completion. */ 4457 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4458 if (!intf->handlers) 4459 /* Interface is not ready. */ 4460 continue; 4461 4462 intf->run_to_completion = 1; 4463 intf->handlers->set_run_to_completion(intf->send_info, 1); 4464 } 4465 4466 #ifdef CONFIG_IPMI_PANIC_EVENT 4467 send_panic_events(ptr); 4468 #endif 4469 4470 return NOTIFY_DONE; 4471 } 4472 4473 static struct notifier_block panic_block = { 4474 .notifier_call = panic_event, 4475 .next = NULL, 4476 .priority = 200 /* priority: INT_MAX >= x >= 0 */ 4477 }; 4478 4479 static int ipmi_init_msghandler(void) 4480 { 4481 int rv; 4482 4483 if (initialized) 4484 return 0; 4485 4486 rv = driver_register(&ipmidriver.driver); 4487 if (rv) { 4488 printk(KERN_ERR PFX "Could not register IPMI driver\n"); 4489 return rv; 4490 } 4491 4492 printk(KERN_INFO "ipmi message handler version " 4493 IPMI_DRIVER_VERSION "\n"); 4494 4495 #ifdef CONFIG_PROC_FS 4496 proc_ipmi_root = proc_mkdir("ipmi", NULL); 4497 if (!proc_ipmi_root) { 4498 printk(KERN_ERR PFX "Unable to create IPMI proc dir"); 4499 return -ENOMEM; 4500 } 4501 4502 #endif /* CONFIG_PROC_FS */ 4503 4504 setup_timer(&ipmi_timer, ipmi_timeout, 0); 4505 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4506 4507 atomic_notifier_chain_register(&panic_notifier_list, &panic_block); 4508 4509 initialized = 1; 4510 4511 return 0; 4512 } 4513 4514 static int __init ipmi_init_msghandler_mod(void) 4515 { 4516 ipmi_init_msghandler(); 4517 return 0; 4518 } 4519 4520 static void __exit cleanup_ipmi(void) 4521 { 4522 int count; 4523 4524 if (!initialized) 4525 return; 4526 4527 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block); 4528 4529 /* 4530 * This can't be called if any interfaces exist, so no worry 4531 * about shutting down the interfaces. 4532 */ 4533 4534 /* 4535 * Tell the timer to stop, then wait for it to stop. This 4536 * avoids problems with race conditions removing the timer 4537 * here. 4538 */ 4539 atomic_inc(&stop_operation); 4540 del_timer_sync(&ipmi_timer); 4541 4542 #ifdef CONFIG_PROC_FS 4543 proc_remove(proc_ipmi_root); 4544 #endif /* CONFIG_PROC_FS */ 4545 4546 driver_unregister(&ipmidriver.driver); 4547 4548 initialized = 0; 4549 4550 /* Check for buffer leaks. */ 4551 count = atomic_read(&smi_msg_inuse_count); 4552 if (count != 0) 4553 printk(KERN_WARNING PFX "SMI message count %d at exit\n", 4554 count); 4555 count = atomic_read(&recv_msg_inuse_count); 4556 if (count != 0) 4557 printk(KERN_WARNING PFX "recv message count %d at exit\n", 4558 count); 4559 } 4560 module_exit(cleanup_ipmi); 4561 4562 module_init(ipmi_init_msghandler_mod); 4563 MODULE_LICENSE("GPL"); 4564 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>"); 4565 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI" 4566 " interface."); 4567 MODULE_VERSION(IPMI_DRIVER_VERSION); 4568