1 /* 2 * ipmi_msghandler.c 3 * 4 * Incoming and outgoing message routing for an IPMI interface. 5 * 6 * Author: MontaVista Software, Inc. 7 * Corey Minyard <minyard@mvista.com> 8 * source@mvista.com 9 * 10 * Copyright 2002 MontaVista Software Inc. 11 * 12 * This program is free software; you can redistribute it and/or modify it 13 * under the terms of the GNU General Public License as published by the 14 * Free Software Foundation; either version 2 of the License, or (at your 15 * option) any later version. 16 * 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * 29 * You should have received a copy of the GNU General Public License along 30 * with this program; if not, write to the Free Software Foundation, Inc., 31 * 675 Mass Ave, Cambridge, MA 02139, USA. 32 */ 33 34 #include <linux/module.h> 35 #include <linux/errno.h> 36 #include <linux/poll.h> 37 #include <linux/sched.h> 38 #include <linux/seq_file.h> 39 #include <linux/spinlock.h> 40 #include <linux/mutex.h> 41 #include <linux/slab.h> 42 #include <linux/ipmi.h> 43 #include <linux/ipmi_smi.h> 44 #include <linux/notifier.h> 45 #include <linux/init.h> 46 #include <linux/proc_fs.h> 47 #include <linux/rcupdate.h> 48 #include <linux/interrupt.h> 49 50 #define PFX "IPMI message handler: " 51 52 #define IPMI_DRIVER_VERSION "39.2" 53 54 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void); 55 static int ipmi_init_msghandler(void); 56 static void smi_recv_tasklet(unsigned long); 57 static void handle_new_recv_msgs(ipmi_smi_t intf); 58 static void need_waiter(ipmi_smi_t intf); 59 static int handle_one_recv_msg(ipmi_smi_t intf, 60 struct ipmi_smi_msg *msg); 61 62 static int initialized; 63 64 #ifdef CONFIG_PROC_FS 65 static struct proc_dir_entry *proc_ipmi_root; 66 #endif /* CONFIG_PROC_FS */ 67 68 /* Remain in auto-maintenance mode for this amount of time (in ms). */ 69 #define IPMI_MAINTENANCE_MODE_TIMEOUT 30000 70 71 #define MAX_EVENTS_IN_QUEUE 25 72 73 /* 74 * Don't let a message sit in a queue forever, always time it with at lest 75 * the max message timer. This is in milliseconds. 76 */ 77 #define MAX_MSG_TIMEOUT 60000 78 79 /* Call every ~1000 ms. */ 80 #define IPMI_TIMEOUT_TIME 1000 81 82 /* How many jiffies does it take to get to the timeout time. */ 83 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000) 84 85 /* 86 * Request events from the queue every second (this is the number of 87 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the 88 * future, IPMI will add a way to know immediately if an event is in 89 * the queue and this silliness can go away. 90 */ 91 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME)) 92 93 /* 94 * The main "user" data structure. 95 */ 96 struct ipmi_user { 97 struct list_head link; 98 99 /* Set to false when the user is destroyed. */ 100 bool valid; 101 102 struct kref refcount; 103 104 /* The upper layer that handles receive messages. */ 105 struct ipmi_user_hndl *handler; 106 void *handler_data; 107 108 /* The interface this user is bound to. */ 109 ipmi_smi_t intf; 110 111 /* Does this interface receive IPMI events? */ 112 bool gets_events; 113 }; 114 115 struct cmd_rcvr { 116 struct list_head link; 117 118 ipmi_user_t user; 119 unsigned char netfn; 120 unsigned char cmd; 121 unsigned int chans; 122 123 /* 124 * This is used to form a linked lised during mass deletion. 125 * Since this is in an RCU list, we cannot use the link above 126 * or change any data until the RCU period completes. So we 127 * use this next variable during mass deletion so we can have 128 * a list and don't have to wait and restart the search on 129 * every individual deletion of a command. 130 */ 131 struct cmd_rcvr *next; 132 }; 133 134 struct seq_table { 135 unsigned int inuse : 1; 136 unsigned int broadcast : 1; 137 138 unsigned long timeout; 139 unsigned long orig_timeout; 140 unsigned int retries_left; 141 142 /* 143 * To verify on an incoming send message response that this is 144 * the message that the response is for, we keep a sequence id 145 * and increment it every time we send a message. 146 */ 147 long seqid; 148 149 /* 150 * This is held so we can properly respond to the message on a 151 * timeout, and it is used to hold the temporary data for 152 * retransmission, too. 153 */ 154 struct ipmi_recv_msg *recv_msg; 155 }; 156 157 /* 158 * Store the information in a msgid (long) to allow us to find a 159 * sequence table entry from the msgid. 160 */ 161 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff)) 162 163 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \ 164 do { \ 165 seq = ((msgid >> 26) & 0x3f); \ 166 seqid = (msgid & 0x3fffff); \ 167 } while (0) 168 169 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff) 170 171 struct ipmi_channel { 172 unsigned char medium; 173 unsigned char protocol; 174 175 /* 176 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR, 177 * but may be changed by the user. 178 */ 179 unsigned char address; 180 181 /* 182 * My LUN. This should generally stay the SMS LUN, but just in 183 * case... 184 */ 185 unsigned char lun; 186 }; 187 188 #ifdef CONFIG_PROC_FS 189 struct ipmi_proc_entry { 190 char *name; 191 struct ipmi_proc_entry *next; 192 }; 193 #endif 194 195 struct bmc_device { 196 struct platform_device pdev; 197 struct ipmi_device_id id; 198 unsigned char guid[16]; 199 int guid_set; 200 char name[16]; 201 struct kref usecount; 202 }; 203 #define to_bmc_device(x) container_of((x), struct bmc_device, pdev.dev) 204 205 /* 206 * Various statistics for IPMI, these index stats[] in the ipmi_smi 207 * structure. 208 */ 209 enum ipmi_stat_indexes { 210 /* Commands we got from the user that were invalid. */ 211 IPMI_STAT_sent_invalid_commands = 0, 212 213 /* Commands we sent to the MC. */ 214 IPMI_STAT_sent_local_commands, 215 216 /* Responses from the MC that were delivered to a user. */ 217 IPMI_STAT_handled_local_responses, 218 219 /* Responses from the MC that were not delivered to a user. */ 220 IPMI_STAT_unhandled_local_responses, 221 222 /* Commands we sent out to the IPMB bus. */ 223 IPMI_STAT_sent_ipmb_commands, 224 225 /* Commands sent on the IPMB that had errors on the SEND CMD */ 226 IPMI_STAT_sent_ipmb_command_errs, 227 228 /* Each retransmit increments this count. */ 229 IPMI_STAT_retransmitted_ipmb_commands, 230 231 /* 232 * When a message times out (runs out of retransmits) this is 233 * incremented. 234 */ 235 IPMI_STAT_timed_out_ipmb_commands, 236 237 /* 238 * This is like above, but for broadcasts. Broadcasts are 239 * *not* included in the above count (they are expected to 240 * time out). 241 */ 242 IPMI_STAT_timed_out_ipmb_broadcasts, 243 244 /* Responses I have sent to the IPMB bus. */ 245 IPMI_STAT_sent_ipmb_responses, 246 247 /* The response was delivered to the user. */ 248 IPMI_STAT_handled_ipmb_responses, 249 250 /* The response had invalid data in it. */ 251 IPMI_STAT_invalid_ipmb_responses, 252 253 /* The response didn't have anyone waiting for it. */ 254 IPMI_STAT_unhandled_ipmb_responses, 255 256 /* Commands we sent out to the IPMB bus. */ 257 IPMI_STAT_sent_lan_commands, 258 259 /* Commands sent on the IPMB that had errors on the SEND CMD */ 260 IPMI_STAT_sent_lan_command_errs, 261 262 /* Each retransmit increments this count. */ 263 IPMI_STAT_retransmitted_lan_commands, 264 265 /* 266 * When a message times out (runs out of retransmits) this is 267 * incremented. 268 */ 269 IPMI_STAT_timed_out_lan_commands, 270 271 /* Responses I have sent to the IPMB bus. */ 272 IPMI_STAT_sent_lan_responses, 273 274 /* The response was delivered to the user. */ 275 IPMI_STAT_handled_lan_responses, 276 277 /* The response had invalid data in it. */ 278 IPMI_STAT_invalid_lan_responses, 279 280 /* The response didn't have anyone waiting for it. */ 281 IPMI_STAT_unhandled_lan_responses, 282 283 /* The command was delivered to the user. */ 284 IPMI_STAT_handled_commands, 285 286 /* The command had invalid data in it. */ 287 IPMI_STAT_invalid_commands, 288 289 /* The command didn't have anyone waiting for it. */ 290 IPMI_STAT_unhandled_commands, 291 292 /* Invalid data in an event. */ 293 IPMI_STAT_invalid_events, 294 295 /* Events that were received with the proper format. */ 296 IPMI_STAT_events, 297 298 /* Retransmissions on IPMB that failed. */ 299 IPMI_STAT_dropped_rexmit_ipmb_commands, 300 301 /* Retransmissions on LAN that failed. */ 302 IPMI_STAT_dropped_rexmit_lan_commands, 303 304 /* This *must* remain last, add new values above this. */ 305 IPMI_NUM_STATS 306 }; 307 308 309 #define IPMI_IPMB_NUM_SEQ 64 310 #define IPMI_MAX_CHANNELS 16 311 struct ipmi_smi { 312 /* What interface number are we? */ 313 int intf_num; 314 315 struct kref refcount; 316 317 /* Set when the interface is being unregistered. */ 318 bool in_shutdown; 319 320 /* Used for a list of interfaces. */ 321 struct list_head link; 322 323 /* 324 * The list of upper layers that are using me. seq_lock 325 * protects this. 326 */ 327 struct list_head users; 328 329 /* Information to supply to users. */ 330 unsigned char ipmi_version_major; 331 unsigned char ipmi_version_minor; 332 333 /* Used for wake ups at startup. */ 334 wait_queue_head_t waitq; 335 336 struct bmc_device *bmc; 337 char *my_dev_name; 338 339 /* 340 * This is the lower-layer's sender routine. Note that you 341 * must either be holding the ipmi_interfaces_mutex or be in 342 * an umpreemptible region to use this. You must fetch the 343 * value into a local variable and make sure it is not NULL. 344 */ 345 struct ipmi_smi_handlers *handlers; 346 void *send_info; 347 348 #ifdef CONFIG_PROC_FS 349 /* A list of proc entries for this interface. */ 350 struct mutex proc_entry_lock; 351 struct ipmi_proc_entry *proc_entries; 352 #endif 353 354 /* Driver-model device for the system interface. */ 355 struct device *si_dev; 356 357 /* 358 * A table of sequence numbers for this interface. We use the 359 * sequence numbers for IPMB messages that go out of the 360 * interface to match them up with their responses. A routine 361 * is called periodically to time the items in this list. 362 */ 363 spinlock_t seq_lock; 364 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ]; 365 int curr_seq; 366 367 /* 368 * Messages queued for delivery. If delivery fails (out of memory 369 * for instance), They will stay in here to be processed later in a 370 * periodic timer interrupt. The tasklet is for handling received 371 * messages directly from the handler. 372 */ 373 spinlock_t waiting_rcv_msgs_lock; 374 struct list_head waiting_rcv_msgs; 375 atomic_t watchdog_pretimeouts_to_deliver; 376 struct tasklet_struct recv_tasklet; 377 378 spinlock_t xmit_msgs_lock; 379 struct list_head xmit_msgs; 380 struct ipmi_smi_msg *curr_msg; 381 struct list_head hp_xmit_msgs; 382 383 /* 384 * The list of command receivers that are registered for commands 385 * on this interface. 386 */ 387 struct mutex cmd_rcvrs_mutex; 388 struct list_head cmd_rcvrs; 389 390 /* 391 * Events that were queues because no one was there to receive 392 * them. 393 */ 394 spinlock_t events_lock; /* For dealing with event stuff. */ 395 struct list_head waiting_events; 396 unsigned int waiting_events_count; /* How many events in queue? */ 397 char delivering_events; 398 char event_msg_printed; 399 atomic_t event_waiters; 400 unsigned int ticks_to_req_ev; 401 int last_needs_timer; 402 403 /* 404 * The event receiver for my BMC, only really used at panic 405 * shutdown as a place to store this. 406 */ 407 unsigned char event_receiver; 408 unsigned char event_receiver_lun; 409 unsigned char local_sel_device; 410 unsigned char local_event_generator; 411 412 /* For handling of maintenance mode. */ 413 int maintenance_mode; 414 bool maintenance_mode_enable; 415 int auto_maintenance_timeout; 416 spinlock_t maintenance_mode_lock; /* Used in a timer... */ 417 418 /* 419 * A cheap hack, if this is non-null and a message to an 420 * interface comes in with a NULL user, call this routine with 421 * it. Note that the message will still be freed by the 422 * caller. This only works on the system interface. 423 */ 424 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg); 425 426 /* 427 * When we are scanning the channels for an SMI, this will 428 * tell which channel we are scanning. 429 */ 430 int curr_channel; 431 432 /* Channel information */ 433 struct ipmi_channel channels[IPMI_MAX_CHANNELS]; 434 435 /* Proc FS stuff. */ 436 struct proc_dir_entry *proc_dir; 437 char proc_dir_name[10]; 438 439 atomic_t stats[IPMI_NUM_STATS]; 440 441 /* 442 * run_to_completion duplicate of smb_info, smi_info 443 * and ipmi_serial_info structures. Used to decrease numbers of 444 * parameters passed by "low" level IPMI code. 445 */ 446 int run_to_completion; 447 }; 448 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev) 449 450 /** 451 * The driver model view of the IPMI messaging driver. 452 */ 453 static struct platform_driver ipmidriver = { 454 .driver = { 455 .name = "ipmi", 456 .bus = &platform_bus_type 457 } 458 }; 459 static DEFINE_MUTEX(ipmidriver_mutex); 460 461 static LIST_HEAD(ipmi_interfaces); 462 static DEFINE_MUTEX(ipmi_interfaces_mutex); 463 464 /* 465 * List of watchers that want to know when smi's are added and deleted. 466 */ 467 static LIST_HEAD(smi_watchers); 468 static DEFINE_MUTEX(smi_watchers_mutex); 469 470 #define ipmi_inc_stat(intf, stat) \ 471 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat]) 472 #define ipmi_get_stat(intf, stat) \ 473 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat])) 474 475 static char *addr_src_to_str[] = { "invalid", "hotmod", "hardcoded", "SPMI", 476 "ACPI", "SMBIOS", "PCI", 477 "device-tree", "default" }; 478 479 const char *ipmi_addr_src_to_str(enum ipmi_addr_src src) 480 { 481 if (src > SI_DEFAULT) 482 src = 0; /* Invalid */ 483 return addr_src_to_str[src]; 484 } 485 EXPORT_SYMBOL(ipmi_addr_src_to_str); 486 487 static int is_lan_addr(struct ipmi_addr *addr) 488 { 489 return addr->addr_type == IPMI_LAN_ADDR_TYPE; 490 } 491 492 static int is_ipmb_addr(struct ipmi_addr *addr) 493 { 494 return addr->addr_type == IPMI_IPMB_ADDR_TYPE; 495 } 496 497 static int is_ipmb_bcast_addr(struct ipmi_addr *addr) 498 { 499 return addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE; 500 } 501 502 static void free_recv_msg_list(struct list_head *q) 503 { 504 struct ipmi_recv_msg *msg, *msg2; 505 506 list_for_each_entry_safe(msg, msg2, q, link) { 507 list_del(&msg->link); 508 ipmi_free_recv_msg(msg); 509 } 510 } 511 512 static void free_smi_msg_list(struct list_head *q) 513 { 514 struct ipmi_smi_msg *msg, *msg2; 515 516 list_for_each_entry_safe(msg, msg2, q, link) { 517 list_del(&msg->link); 518 ipmi_free_smi_msg(msg); 519 } 520 } 521 522 static void clean_up_interface_data(ipmi_smi_t intf) 523 { 524 int i; 525 struct cmd_rcvr *rcvr, *rcvr2; 526 struct list_head list; 527 528 tasklet_kill(&intf->recv_tasklet); 529 530 free_smi_msg_list(&intf->waiting_rcv_msgs); 531 free_recv_msg_list(&intf->waiting_events); 532 533 /* 534 * Wholesale remove all the entries from the list in the 535 * interface and wait for RCU to know that none are in use. 536 */ 537 mutex_lock(&intf->cmd_rcvrs_mutex); 538 INIT_LIST_HEAD(&list); 539 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu); 540 mutex_unlock(&intf->cmd_rcvrs_mutex); 541 542 list_for_each_entry_safe(rcvr, rcvr2, &list, link) 543 kfree(rcvr); 544 545 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 546 if ((intf->seq_table[i].inuse) 547 && (intf->seq_table[i].recv_msg)) 548 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 549 } 550 } 551 552 static void intf_free(struct kref *ref) 553 { 554 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount); 555 556 clean_up_interface_data(intf); 557 kfree(intf); 558 } 559 560 struct watcher_entry { 561 int intf_num; 562 ipmi_smi_t intf; 563 struct list_head link; 564 }; 565 566 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher) 567 { 568 ipmi_smi_t intf; 569 LIST_HEAD(to_deliver); 570 struct watcher_entry *e, *e2; 571 572 mutex_lock(&smi_watchers_mutex); 573 574 mutex_lock(&ipmi_interfaces_mutex); 575 576 /* Build a list of things to deliver. */ 577 list_for_each_entry(intf, &ipmi_interfaces, link) { 578 if (intf->intf_num == -1) 579 continue; 580 e = kmalloc(sizeof(*e), GFP_KERNEL); 581 if (!e) 582 goto out_err; 583 kref_get(&intf->refcount); 584 e->intf = intf; 585 e->intf_num = intf->intf_num; 586 list_add_tail(&e->link, &to_deliver); 587 } 588 589 /* We will succeed, so add it to the list. */ 590 list_add(&watcher->link, &smi_watchers); 591 592 mutex_unlock(&ipmi_interfaces_mutex); 593 594 list_for_each_entry_safe(e, e2, &to_deliver, link) { 595 list_del(&e->link); 596 watcher->new_smi(e->intf_num, e->intf->si_dev); 597 kref_put(&e->intf->refcount, intf_free); 598 kfree(e); 599 } 600 601 mutex_unlock(&smi_watchers_mutex); 602 603 return 0; 604 605 out_err: 606 mutex_unlock(&ipmi_interfaces_mutex); 607 mutex_unlock(&smi_watchers_mutex); 608 list_for_each_entry_safe(e, e2, &to_deliver, link) { 609 list_del(&e->link); 610 kref_put(&e->intf->refcount, intf_free); 611 kfree(e); 612 } 613 return -ENOMEM; 614 } 615 EXPORT_SYMBOL(ipmi_smi_watcher_register); 616 617 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher) 618 { 619 mutex_lock(&smi_watchers_mutex); 620 list_del(&(watcher->link)); 621 mutex_unlock(&smi_watchers_mutex); 622 return 0; 623 } 624 EXPORT_SYMBOL(ipmi_smi_watcher_unregister); 625 626 /* 627 * Must be called with smi_watchers_mutex held. 628 */ 629 static void 630 call_smi_watchers(int i, struct device *dev) 631 { 632 struct ipmi_smi_watcher *w; 633 634 list_for_each_entry(w, &smi_watchers, link) { 635 if (try_module_get(w->owner)) { 636 w->new_smi(i, dev); 637 module_put(w->owner); 638 } 639 } 640 } 641 642 static int 643 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2) 644 { 645 if (addr1->addr_type != addr2->addr_type) 646 return 0; 647 648 if (addr1->channel != addr2->channel) 649 return 0; 650 651 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 652 struct ipmi_system_interface_addr *smi_addr1 653 = (struct ipmi_system_interface_addr *) addr1; 654 struct ipmi_system_interface_addr *smi_addr2 655 = (struct ipmi_system_interface_addr *) addr2; 656 return (smi_addr1->lun == smi_addr2->lun); 657 } 658 659 if (is_ipmb_addr(addr1) || is_ipmb_bcast_addr(addr1)) { 660 struct ipmi_ipmb_addr *ipmb_addr1 661 = (struct ipmi_ipmb_addr *) addr1; 662 struct ipmi_ipmb_addr *ipmb_addr2 663 = (struct ipmi_ipmb_addr *) addr2; 664 665 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr) 666 && (ipmb_addr1->lun == ipmb_addr2->lun)); 667 } 668 669 if (is_lan_addr(addr1)) { 670 struct ipmi_lan_addr *lan_addr1 671 = (struct ipmi_lan_addr *) addr1; 672 struct ipmi_lan_addr *lan_addr2 673 = (struct ipmi_lan_addr *) addr2; 674 675 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID) 676 && (lan_addr1->local_SWID == lan_addr2->local_SWID) 677 && (lan_addr1->session_handle 678 == lan_addr2->session_handle) 679 && (lan_addr1->lun == lan_addr2->lun)); 680 } 681 682 return 1; 683 } 684 685 int ipmi_validate_addr(struct ipmi_addr *addr, int len) 686 { 687 if (len < sizeof(struct ipmi_system_interface_addr)) 688 return -EINVAL; 689 690 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 691 if (addr->channel != IPMI_BMC_CHANNEL) 692 return -EINVAL; 693 return 0; 694 } 695 696 if ((addr->channel == IPMI_BMC_CHANNEL) 697 || (addr->channel >= IPMI_MAX_CHANNELS) 698 || (addr->channel < 0)) 699 return -EINVAL; 700 701 if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) { 702 if (len < sizeof(struct ipmi_ipmb_addr)) 703 return -EINVAL; 704 return 0; 705 } 706 707 if (is_lan_addr(addr)) { 708 if (len < sizeof(struct ipmi_lan_addr)) 709 return -EINVAL; 710 return 0; 711 } 712 713 return -EINVAL; 714 } 715 EXPORT_SYMBOL(ipmi_validate_addr); 716 717 unsigned int ipmi_addr_length(int addr_type) 718 { 719 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 720 return sizeof(struct ipmi_system_interface_addr); 721 722 if ((addr_type == IPMI_IPMB_ADDR_TYPE) 723 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 724 return sizeof(struct ipmi_ipmb_addr); 725 726 if (addr_type == IPMI_LAN_ADDR_TYPE) 727 return sizeof(struct ipmi_lan_addr); 728 729 return 0; 730 } 731 EXPORT_SYMBOL(ipmi_addr_length); 732 733 static void deliver_response(struct ipmi_recv_msg *msg) 734 { 735 if (!msg->user) { 736 ipmi_smi_t intf = msg->user_msg_data; 737 738 /* Special handling for NULL users. */ 739 if (intf->null_user_handler) { 740 intf->null_user_handler(intf, msg); 741 ipmi_inc_stat(intf, handled_local_responses); 742 } else { 743 /* No handler, so give up. */ 744 ipmi_inc_stat(intf, unhandled_local_responses); 745 } 746 ipmi_free_recv_msg(msg); 747 } else { 748 ipmi_user_t user = msg->user; 749 user->handler->ipmi_recv_hndl(msg, user->handler_data); 750 } 751 } 752 753 static void 754 deliver_err_response(struct ipmi_recv_msg *msg, int err) 755 { 756 msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 757 msg->msg_data[0] = err; 758 msg->msg.netfn |= 1; /* Convert to a response. */ 759 msg->msg.data_len = 1; 760 msg->msg.data = msg->msg_data; 761 deliver_response(msg); 762 } 763 764 /* 765 * Find the next sequence number not being used and add the given 766 * message with the given timeout to the sequence table. This must be 767 * called with the interface's seq_lock held. 768 */ 769 static int intf_next_seq(ipmi_smi_t intf, 770 struct ipmi_recv_msg *recv_msg, 771 unsigned long timeout, 772 int retries, 773 int broadcast, 774 unsigned char *seq, 775 long *seqid) 776 { 777 int rv = 0; 778 unsigned int i; 779 780 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq; 781 i = (i+1)%IPMI_IPMB_NUM_SEQ) { 782 if (!intf->seq_table[i].inuse) 783 break; 784 } 785 786 if (!intf->seq_table[i].inuse) { 787 intf->seq_table[i].recv_msg = recv_msg; 788 789 /* 790 * Start with the maximum timeout, when the send response 791 * comes in we will start the real timer. 792 */ 793 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT; 794 intf->seq_table[i].orig_timeout = timeout; 795 intf->seq_table[i].retries_left = retries; 796 intf->seq_table[i].broadcast = broadcast; 797 intf->seq_table[i].inuse = 1; 798 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid); 799 *seq = i; 800 *seqid = intf->seq_table[i].seqid; 801 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ; 802 need_waiter(intf); 803 } else { 804 rv = -EAGAIN; 805 } 806 807 return rv; 808 } 809 810 /* 811 * Return the receive message for the given sequence number and 812 * release the sequence number so it can be reused. Some other data 813 * is passed in to be sure the message matches up correctly (to help 814 * guard against message coming in after their timeout and the 815 * sequence number being reused). 816 */ 817 static int intf_find_seq(ipmi_smi_t intf, 818 unsigned char seq, 819 short channel, 820 unsigned char cmd, 821 unsigned char netfn, 822 struct ipmi_addr *addr, 823 struct ipmi_recv_msg **recv_msg) 824 { 825 int rv = -ENODEV; 826 unsigned long flags; 827 828 if (seq >= IPMI_IPMB_NUM_SEQ) 829 return -EINVAL; 830 831 spin_lock_irqsave(&(intf->seq_lock), flags); 832 if (intf->seq_table[seq].inuse) { 833 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg; 834 835 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd) 836 && (msg->msg.netfn == netfn) 837 && (ipmi_addr_equal(addr, &(msg->addr)))) { 838 *recv_msg = msg; 839 intf->seq_table[seq].inuse = 0; 840 rv = 0; 841 } 842 } 843 spin_unlock_irqrestore(&(intf->seq_lock), flags); 844 845 return rv; 846 } 847 848 849 /* Start the timer for a specific sequence table entry. */ 850 static int intf_start_seq_timer(ipmi_smi_t intf, 851 long msgid) 852 { 853 int rv = -ENODEV; 854 unsigned long flags; 855 unsigned char seq; 856 unsigned long seqid; 857 858 859 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 860 861 spin_lock_irqsave(&(intf->seq_lock), flags); 862 /* 863 * We do this verification because the user can be deleted 864 * while a message is outstanding. 865 */ 866 if ((intf->seq_table[seq].inuse) 867 && (intf->seq_table[seq].seqid == seqid)) { 868 struct seq_table *ent = &(intf->seq_table[seq]); 869 ent->timeout = ent->orig_timeout; 870 rv = 0; 871 } 872 spin_unlock_irqrestore(&(intf->seq_lock), flags); 873 874 return rv; 875 } 876 877 /* Got an error for the send message for a specific sequence number. */ 878 static int intf_err_seq(ipmi_smi_t intf, 879 long msgid, 880 unsigned int err) 881 { 882 int rv = -ENODEV; 883 unsigned long flags; 884 unsigned char seq; 885 unsigned long seqid; 886 struct ipmi_recv_msg *msg = NULL; 887 888 889 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 890 891 spin_lock_irqsave(&(intf->seq_lock), flags); 892 /* 893 * We do this verification because the user can be deleted 894 * while a message is outstanding. 895 */ 896 if ((intf->seq_table[seq].inuse) 897 && (intf->seq_table[seq].seqid == seqid)) { 898 struct seq_table *ent = &(intf->seq_table[seq]); 899 900 ent->inuse = 0; 901 msg = ent->recv_msg; 902 rv = 0; 903 } 904 spin_unlock_irqrestore(&(intf->seq_lock), flags); 905 906 if (msg) 907 deliver_err_response(msg, err); 908 909 return rv; 910 } 911 912 913 int ipmi_create_user(unsigned int if_num, 914 struct ipmi_user_hndl *handler, 915 void *handler_data, 916 ipmi_user_t *user) 917 { 918 unsigned long flags; 919 ipmi_user_t new_user; 920 int rv = 0; 921 ipmi_smi_t intf; 922 923 /* 924 * There is no module usecount here, because it's not 925 * required. Since this can only be used by and called from 926 * other modules, they will implicitly use this module, and 927 * thus this can't be removed unless the other modules are 928 * removed. 929 */ 930 931 if (handler == NULL) 932 return -EINVAL; 933 934 /* 935 * Make sure the driver is actually initialized, this handles 936 * problems with initialization order. 937 */ 938 if (!initialized) { 939 rv = ipmi_init_msghandler(); 940 if (rv) 941 return rv; 942 943 /* 944 * The init code doesn't return an error if it was turned 945 * off, but it won't initialize. Check that. 946 */ 947 if (!initialized) 948 return -ENODEV; 949 } 950 951 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL); 952 if (!new_user) 953 return -ENOMEM; 954 955 mutex_lock(&ipmi_interfaces_mutex); 956 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 957 if (intf->intf_num == if_num) 958 goto found; 959 } 960 /* Not found, return an error */ 961 rv = -EINVAL; 962 goto out_kfree; 963 964 found: 965 /* Note that each existing user holds a refcount to the interface. */ 966 kref_get(&intf->refcount); 967 968 kref_init(&new_user->refcount); 969 new_user->handler = handler; 970 new_user->handler_data = handler_data; 971 new_user->intf = intf; 972 new_user->gets_events = false; 973 974 if (!try_module_get(intf->handlers->owner)) { 975 rv = -ENODEV; 976 goto out_kref; 977 } 978 979 if (intf->handlers->inc_usecount) { 980 rv = intf->handlers->inc_usecount(intf->send_info); 981 if (rv) { 982 module_put(intf->handlers->owner); 983 goto out_kref; 984 } 985 } 986 987 /* 988 * Hold the lock so intf->handlers is guaranteed to be good 989 * until now 990 */ 991 mutex_unlock(&ipmi_interfaces_mutex); 992 993 new_user->valid = true; 994 spin_lock_irqsave(&intf->seq_lock, flags); 995 list_add_rcu(&new_user->link, &intf->users); 996 spin_unlock_irqrestore(&intf->seq_lock, flags); 997 if (handler->ipmi_watchdog_pretimeout) { 998 /* User wants pretimeouts, so make sure to watch for them. */ 999 if (atomic_inc_return(&intf->event_waiters) == 1) 1000 need_waiter(intf); 1001 } 1002 *user = new_user; 1003 return 0; 1004 1005 out_kref: 1006 kref_put(&intf->refcount, intf_free); 1007 out_kfree: 1008 mutex_unlock(&ipmi_interfaces_mutex); 1009 kfree(new_user); 1010 return rv; 1011 } 1012 EXPORT_SYMBOL(ipmi_create_user); 1013 1014 int ipmi_get_smi_info(int if_num, struct ipmi_smi_info *data) 1015 { 1016 int rv = 0; 1017 ipmi_smi_t intf; 1018 struct ipmi_smi_handlers *handlers; 1019 1020 mutex_lock(&ipmi_interfaces_mutex); 1021 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 1022 if (intf->intf_num == if_num) 1023 goto found; 1024 } 1025 /* Not found, return an error */ 1026 rv = -EINVAL; 1027 mutex_unlock(&ipmi_interfaces_mutex); 1028 return rv; 1029 1030 found: 1031 handlers = intf->handlers; 1032 rv = -ENOSYS; 1033 if (handlers->get_smi_info) 1034 rv = handlers->get_smi_info(intf->send_info, data); 1035 mutex_unlock(&ipmi_interfaces_mutex); 1036 1037 return rv; 1038 } 1039 EXPORT_SYMBOL(ipmi_get_smi_info); 1040 1041 static void free_user(struct kref *ref) 1042 { 1043 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount); 1044 kfree(user); 1045 } 1046 1047 int ipmi_destroy_user(ipmi_user_t user) 1048 { 1049 ipmi_smi_t intf = user->intf; 1050 int i; 1051 unsigned long flags; 1052 struct cmd_rcvr *rcvr; 1053 struct cmd_rcvr *rcvrs = NULL; 1054 1055 user->valid = false; 1056 1057 if (user->handler->ipmi_watchdog_pretimeout) 1058 atomic_dec(&intf->event_waiters); 1059 1060 if (user->gets_events) 1061 atomic_dec(&intf->event_waiters); 1062 1063 /* Remove the user from the interface's sequence table. */ 1064 spin_lock_irqsave(&intf->seq_lock, flags); 1065 list_del_rcu(&user->link); 1066 1067 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 1068 if (intf->seq_table[i].inuse 1069 && (intf->seq_table[i].recv_msg->user == user)) { 1070 intf->seq_table[i].inuse = 0; 1071 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 1072 } 1073 } 1074 spin_unlock_irqrestore(&intf->seq_lock, flags); 1075 1076 /* 1077 * Remove the user from the command receiver's table. First 1078 * we build a list of everything (not using the standard link, 1079 * since other things may be using it till we do 1080 * synchronize_rcu()) then free everything in that list. 1081 */ 1082 mutex_lock(&intf->cmd_rcvrs_mutex); 1083 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1084 if (rcvr->user == user) { 1085 list_del_rcu(&rcvr->link); 1086 rcvr->next = rcvrs; 1087 rcvrs = rcvr; 1088 } 1089 } 1090 mutex_unlock(&intf->cmd_rcvrs_mutex); 1091 synchronize_rcu(); 1092 while (rcvrs) { 1093 rcvr = rcvrs; 1094 rcvrs = rcvr->next; 1095 kfree(rcvr); 1096 } 1097 1098 mutex_lock(&ipmi_interfaces_mutex); 1099 if (intf->handlers) { 1100 module_put(intf->handlers->owner); 1101 if (intf->handlers->dec_usecount) 1102 intf->handlers->dec_usecount(intf->send_info); 1103 } 1104 mutex_unlock(&ipmi_interfaces_mutex); 1105 1106 kref_put(&intf->refcount, intf_free); 1107 1108 kref_put(&user->refcount, free_user); 1109 1110 return 0; 1111 } 1112 EXPORT_SYMBOL(ipmi_destroy_user); 1113 1114 void ipmi_get_version(ipmi_user_t user, 1115 unsigned char *major, 1116 unsigned char *minor) 1117 { 1118 *major = user->intf->ipmi_version_major; 1119 *minor = user->intf->ipmi_version_minor; 1120 } 1121 EXPORT_SYMBOL(ipmi_get_version); 1122 1123 int ipmi_set_my_address(ipmi_user_t user, 1124 unsigned int channel, 1125 unsigned char address) 1126 { 1127 if (channel >= IPMI_MAX_CHANNELS) 1128 return -EINVAL; 1129 user->intf->channels[channel].address = address; 1130 return 0; 1131 } 1132 EXPORT_SYMBOL(ipmi_set_my_address); 1133 1134 int ipmi_get_my_address(ipmi_user_t user, 1135 unsigned int channel, 1136 unsigned char *address) 1137 { 1138 if (channel >= IPMI_MAX_CHANNELS) 1139 return -EINVAL; 1140 *address = user->intf->channels[channel].address; 1141 return 0; 1142 } 1143 EXPORT_SYMBOL(ipmi_get_my_address); 1144 1145 int ipmi_set_my_LUN(ipmi_user_t user, 1146 unsigned int channel, 1147 unsigned char LUN) 1148 { 1149 if (channel >= IPMI_MAX_CHANNELS) 1150 return -EINVAL; 1151 user->intf->channels[channel].lun = LUN & 0x3; 1152 return 0; 1153 } 1154 EXPORT_SYMBOL(ipmi_set_my_LUN); 1155 1156 int ipmi_get_my_LUN(ipmi_user_t user, 1157 unsigned int channel, 1158 unsigned char *address) 1159 { 1160 if (channel >= IPMI_MAX_CHANNELS) 1161 return -EINVAL; 1162 *address = user->intf->channels[channel].lun; 1163 return 0; 1164 } 1165 EXPORT_SYMBOL(ipmi_get_my_LUN); 1166 1167 int ipmi_get_maintenance_mode(ipmi_user_t user) 1168 { 1169 int mode; 1170 unsigned long flags; 1171 1172 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags); 1173 mode = user->intf->maintenance_mode; 1174 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags); 1175 1176 return mode; 1177 } 1178 EXPORT_SYMBOL(ipmi_get_maintenance_mode); 1179 1180 static void maintenance_mode_update(ipmi_smi_t intf) 1181 { 1182 if (intf->handlers->set_maintenance_mode) 1183 intf->handlers->set_maintenance_mode( 1184 intf->send_info, intf->maintenance_mode_enable); 1185 } 1186 1187 int ipmi_set_maintenance_mode(ipmi_user_t user, int mode) 1188 { 1189 int rv = 0; 1190 unsigned long flags; 1191 ipmi_smi_t intf = user->intf; 1192 1193 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1194 if (intf->maintenance_mode != mode) { 1195 switch (mode) { 1196 case IPMI_MAINTENANCE_MODE_AUTO: 1197 intf->maintenance_mode_enable 1198 = (intf->auto_maintenance_timeout > 0); 1199 break; 1200 1201 case IPMI_MAINTENANCE_MODE_OFF: 1202 intf->maintenance_mode_enable = false; 1203 break; 1204 1205 case IPMI_MAINTENANCE_MODE_ON: 1206 intf->maintenance_mode_enable = true; 1207 break; 1208 1209 default: 1210 rv = -EINVAL; 1211 goto out_unlock; 1212 } 1213 intf->maintenance_mode = mode; 1214 1215 maintenance_mode_update(intf); 1216 } 1217 out_unlock: 1218 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags); 1219 1220 return rv; 1221 } 1222 EXPORT_SYMBOL(ipmi_set_maintenance_mode); 1223 1224 int ipmi_set_gets_events(ipmi_user_t user, bool val) 1225 { 1226 unsigned long flags; 1227 ipmi_smi_t intf = user->intf; 1228 struct ipmi_recv_msg *msg, *msg2; 1229 struct list_head msgs; 1230 1231 INIT_LIST_HEAD(&msgs); 1232 1233 spin_lock_irqsave(&intf->events_lock, flags); 1234 if (user->gets_events == val) 1235 goto out; 1236 1237 user->gets_events = val; 1238 1239 if (val) { 1240 if (atomic_inc_return(&intf->event_waiters) == 1) 1241 need_waiter(intf); 1242 } else { 1243 atomic_dec(&intf->event_waiters); 1244 } 1245 1246 if (intf->delivering_events) 1247 /* 1248 * Another thread is delivering events for this, so 1249 * let it handle any new events. 1250 */ 1251 goto out; 1252 1253 /* Deliver any queued events. */ 1254 while (user->gets_events && !list_empty(&intf->waiting_events)) { 1255 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link) 1256 list_move_tail(&msg->link, &msgs); 1257 intf->waiting_events_count = 0; 1258 if (intf->event_msg_printed) { 1259 printk(KERN_WARNING PFX "Event queue no longer" 1260 " full\n"); 1261 intf->event_msg_printed = 0; 1262 } 1263 1264 intf->delivering_events = 1; 1265 spin_unlock_irqrestore(&intf->events_lock, flags); 1266 1267 list_for_each_entry_safe(msg, msg2, &msgs, link) { 1268 msg->user = user; 1269 kref_get(&user->refcount); 1270 deliver_response(msg); 1271 } 1272 1273 spin_lock_irqsave(&intf->events_lock, flags); 1274 intf->delivering_events = 0; 1275 } 1276 1277 out: 1278 spin_unlock_irqrestore(&intf->events_lock, flags); 1279 1280 return 0; 1281 } 1282 EXPORT_SYMBOL(ipmi_set_gets_events); 1283 1284 static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf, 1285 unsigned char netfn, 1286 unsigned char cmd, 1287 unsigned char chan) 1288 { 1289 struct cmd_rcvr *rcvr; 1290 1291 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1292 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1293 && (rcvr->chans & (1 << chan))) 1294 return rcvr; 1295 } 1296 return NULL; 1297 } 1298 1299 static int is_cmd_rcvr_exclusive(ipmi_smi_t intf, 1300 unsigned char netfn, 1301 unsigned char cmd, 1302 unsigned int chans) 1303 { 1304 struct cmd_rcvr *rcvr; 1305 1306 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1307 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1308 && (rcvr->chans & chans)) 1309 return 0; 1310 } 1311 return 1; 1312 } 1313 1314 int ipmi_register_for_cmd(ipmi_user_t user, 1315 unsigned char netfn, 1316 unsigned char cmd, 1317 unsigned int chans) 1318 { 1319 ipmi_smi_t intf = user->intf; 1320 struct cmd_rcvr *rcvr; 1321 int rv = 0; 1322 1323 1324 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL); 1325 if (!rcvr) 1326 return -ENOMEM; 1327 rcvr->cmd = cmd; 1328 rcvr->netfn = netfn; 1329 rcvr->chans = chans; 1330 rcvr->user = user; 1331 1332 mutex_lock(&intf->cmd_rcvrs_mutex); 1333 /* Make sure the command/netfn is not already registered. */ 1334 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) { 1335 rv = -EBUSY; 1336 goto out_unlock; 1337 } 1338 1339 if (atomic_inc_return(&intf->event_waiters) == 1) 1340 need_waiter(intf); 1341 1342 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs); 1343 1344 out_unlock: 1345 mutex_unlock(&intf->cmd_rcvrs_mutex); 1346 if (rv) 1347 kfree(rcvr); 1348 1349 return rv; 1350 } 1351 EXPORT_SYMBOL(ipmi_register_for_cmd); 1352 1353 int ipmi_unregister_for_cmd(ipmi_user_t user, 1354 unsigned char netfn, 1355 unsigned char cmd, 1356 unsigned int chans) 1357 { 1358 ipmi_smi_t intf = user->intf; 1359 struct cmd_rcvr *rcvr; 1360 struct cmd_rcvr *rcvrs = NULL; 1361 int i, rv = -ENOENT; 1362 1363 mutex_lock(&intf->cmd_rcvrs_mutex); 1364 for (i = 0; i < IPMI_NUM_CHANNELS; i++) { 1365 if (((1 << i) & chans) == 0) 1366 continue; 1367 rcvr = find_cmd_rcvr(intf, netfn, cmd, i); 1368 if (rcvr == NULL) 1369 continue; 1370 if (rcvr->user == user) { 1371 rv = 0; 1372 rcvr->chans &= ~chans; 1373 if (rcvr->chans == 0) { 1374 list_del_rcu(&rcvr->link); 1375 rcvr->next = rcvrs; 1376 rcvrs = rcvr; 1377 } 1378 } 1379 } 1380 mutex_unlock(&intf->cmd_rcvrs_mutex); 1381 synchronize_rcu(); 1382 while (rcvrs) { 1383 atomic_dec(&intf->event_waiters); 1384 rcvr = rcvrs; 1385 rcvrs = rcvr->next; 1386 kfree(rcvr); 1387 } 1388 return rv; 1389 } 1390 EXPORT_SYMBOL(ipmi_unregister_for_cmd); 1391 1392 static unsigned char 1393 ipmb_checksum(unsigned char *data, int size) 1394 { 1395 unsigned char csum = 0; 1396 1397 for (; size > 0; size--, data++) 1398 csum += *data; 1399 1400 return -csum; 1401 } 1402 1403 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg, 1404 struct kernel_ipmi_msg *msg, 1405 struct ipmi_ipmb_addr *ipmb_addr, 1406 long msgid, 1407 unsigned char ipmb_seq, 1408 int broadcast, 1409 unsigned char source_address, 1410 unsigned char source_lun) 1411 { 1412 int i = broadcast; 1413 1414 /* Format the IPMB header data. */ 1415 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1416 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1417 smi_msg->data[2] = ipmb_addr->channel; 1418 if (broadcast) 1419 smi_msg->data[3] = 0; 1420 smi_msg->data[i+3] = ipmb_addr->slave_addr; 1421 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3); 1422 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2); 1423 smi_msg->data[i+6] = source_address; 1424 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun; 1425 smi_msg->data[i+8] = msg->cmd; 1426 1427 /* Now tack on the data to the message. */ 1428 if (msg->data_len > 0) 1429 memcpy(&(smi_msg->data[i+9]), msg->data, 1430 msg->data_len); 1431 smi_msg->data_size = msg->data_len + 9; 1432 1433 /* Now calculate the checksum and tack it on. */ 1434 smi_msg->data[i+smi_msg->data_size] 1435 = ipmb_checksum(&(smi_msg->data[i+6]), 1436 smi_msg->data_size-6); 1437 1438 /* 1439 * Add on the checksum size and the offset from the 1440 * broadcast. 1441 */ 1442 smi_msg->data_size += 1 + i; 1443 1444 smi_msg->msgid = msgid; 1445 } 1446 1447 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg, 1448 struct kernel_ipmi_msg *msg, 1449 struct ipmi_lan_addr *lan_addr, 1450 long msgid, 1451 unsigned char ipmb_seq, 1452 unsigned char source_lun) 1453 { 1454 /* Format the IPMB header data. */ 1455 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1456 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1457 smi_msg->data[2] = lan_addr->channel; 1458 smi_msg->data[3] = lan_addr->session_handle; 1459 smi_msg->data[4] = lan_addr->remote_SWID; 1460 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3); 1461 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2); 1462 smi_msg->data[7] = lan_addr->local_SWID; 1463 smi_msg->data[8] = (ipmb_seq << 2) | source_lun; 1464 smi_msg->data[9] = msg->cmd; 1465 1466 /* Now tack on the data to the message. */ 1467 if (msg->data_len > 0) 1468 memcpy(&(smi_msg->data[10]), msg->data, 1469 msg->data_len); 1470 smi_msg->data_size = msg->data_len + 10; 1471 1472 /* Now calculate the checksum and tack it on. */ 1473 smi_msg->data[smi_msg->data_size] 1474 = ipmb_checksum(&(smi_msg->data[7]), 1475 smi_msg->data_size-7); 1476 1477 /* 1478 * Add on the checksum size and the offset from the 1479 * broadcast. 1480 */ 1481 smi_msg->data_size += 1; 1482 1483 smi_msg->msgid = msgid; 1484 } 1485 1486 static void smi_send(ipmi_smi_t intf, struct ipmi_smi_handlers *handlers, 1487 struct ipmi_smi_msg *smi_msg, int priority) 1488 { 1489 int run_to_completion = intf->run_to_completion; 1490 unsigned long flags; 1491 1492 if (!run_to_completion) 1493 spin_lock_irqsave(&intf->xmit_msgs_lock, flags); 1494 if (intf->curr_msg) { 1495 if (priority > 0) 1496 list_add_tail(&smi_msg->link, &intf->hp_xmit_msgs); 1497 else 1498 list_add_tail(&smi_msg->link, &intf->xmit_msgs); 1499 smi_msg = NULL; 1500 } else { 1501 intf->curr_msg = smi_msg; 1502 } 1503 if (!run_to_completion) 1504 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags); 1505 1506 if (smi_msg) 1507 handlers->sender(intf->send_info, smi_msg); 1508 } 1509 1510 /* 1511 * Separate from ipmi_request so that the user does not have to be 1512 * supplied in certain circumstances (mainly at panic time). If 1513 * messages are supplied, they will be freed, even if an error 1514 * occurs. 1515 */ 1516 static int i_ipmi_request(ipmi_user_t user, 1517 ipmi_smi_t intf, 1518 struct ipmi_addr *addr, 1519 long msgid, 1520 struct kernel_ipmi_msg *msg, 1521 void *user_msg_data, 1522 void *supplied_smi, 1523 struct ipmi_recv_msg *supplied_recv, 1524 int priority, 1525 unsigned char source_address, 1526 unsigned char source_lun, 1527 int retries, 1528 unsigned int retry_time_ms) 1529 { 1530 int rv = 0; 1531 struct ipmi_smi_msg *smi_msg; 1532 struct ipmi_recv_msg *recv_msg; 1533 unsigned long flags; 1534 1535 1536 if (supplied_recv) 1537 recv_msg = supplied_recv; 1538 else { 1539 recv_msg = ipmi_alloc_recv_msg(); 1540 if (recv_msg == NULL) 1541 return -ENOMEM; 1542 } 1543 recv_msg->user_msg_data = user_msg_data; 1544 1545 if (supplied_smi) 1546 smi_msg = (struct ipmi_smi_msg *) supplied_smi; 1547 else { 1548 smi_msg = ipmi_alloc_smi_msg(); 1549 if (smi_msg == NULL) { 1550 ipmi_free_recv_msg(recv_msg); 1551 return -ENOMEM; 1552 } 1553 } 1554 1555 rcu_read_lock(); 1556 if (intf->in_shutdown) { 1557 rv = -ENODEV; 1558 goto out_err; 1559 } 1560 1561 recv_msg->user = user; 1562 if (user) 1563 kref_get(&user->refcount); 1564 recv_msg->msgid = msgid; 1565 /* 1566 * Store the message to send in the receive message so timeout 1567 * responses can get the proper response data. 1568 */ 1569 recv_msg->msg = *msg; 1570 1571 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 1572 struct ipmi_system_interface_addr *smi_addr; 1573 1574 if (msg->netfn & 1) { 1575 /* Responses are not allowed to the SMI. */ 1576 rv = -EINVAL; 1577 goto out_err; 1578 } 1579 1580 smi_addr = (struct ipmi_system_interface_addr *) addr; 1581 if (smi_addr->lun > 3) { 1582 ipmi_inc_stat(intf, sent_invalid_commands); 1583 rv = -EINVAL; 1584 goto out_err; 1585 } 1586 1587 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr)); 1588 1589 if ((msg->netfn == IPMI_NETFN_APP_REQUEST) 1590 && ((msg->cmd == IPMI_SEND_MSG_CMD) 1591 || (msg->cmd == IPMI_GET_MSG_CMD) 1592 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) { 1593 /* 1594 * We don't let the user do these, since we manage 1595 * the sequence numbers. 1596 */ 1597 ipmi_inc_stat(intf, sent_invalid_commands); 1598 rv = -EINVAL; 1599 goto out_err; 1600 } 1601 1602 if (((msg->netfn == IPMI_NETFN_APP_REQUEST) 1603 && ((msg->cmd == IPMI_COLD_RESET_CMD) 1604 || (msg->cmd == IPMI_WARM_RESET_CMD))) 1605 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST)) { 1606 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1607 intf->auto_maintenance_timeout 1608 = IPMI_MAINTENANCE_MODE_TIMEOUT; 1609 if (!intf->maintenance_mode 1610 && !intf->maintenance_mode_enable) { 1611 intf->maintenance_mode_enable = true; 1612 maintenance_mode_update(intf); 1613 } 1614 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 1615 flags); 1616 } 1617 1618 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) { 1619 ipmi_inc_stat(intf, sent_invalid_commands); 1620 rv = -EMSGSIZE; 1621 goto out_err; 1622 } 1623 1624 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3); 1625 smi_msg->data[1] = msg->cmd; 1626 smi_msg->msgid = msgid; 1627 smi_msg->user_data = recv_msg; 1628 if (msg->data_len > 0) 1629 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len); 1630 smi_msg->data_size = msg->data_len + 2; 1631 ipmi_inc_stat(intf, sent_local_commands); 1632 } else if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) { 1633 struct ipmi_ipmb_addr *ipmb_addr; 1634 unsigned char ipmb_seq; 1635 long seqid; 1636 int broadcast = 0; 1637 1638 if (addr->channel >= IPMI_MAX_CHANNELS) { 1639 ipmi_inc_stat(intf, sent_invalid_commands); 1640 rv = -EINVAL; 1641 goto out_err; 1642 } 1643 1644 if (intf->channels[addr->channel].medium 1645 != IPMI_CHANNEL_MEDIUM_IPMB) { 1646 ipmi_inc_stat(intf, sent_invalid_commands); 1647 rv = -EINVAL; 1648 goto out_err; 1649 } 1650 1651 if (retries < 0) { 1652 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) 1653 retries = 0; /* Don't retry broadcasts. */ 1654 else 1655 retries = 4; 1656 } 1657 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) { 1658 /* 1659 * Broadcasts add a zero at the beginning of the 1660 * message, but otherwise is the same as an IPMB 1661 * address. 1662 */ 1663 addr->addr_type = IPMI_IPMB_ADDR_TYPE; 1664 broadcast = 1; 1665 } 1666 1667 1668 /* Default to 1 second retries. */ 1669 if (retry_time_ms == 0) 1670 retry_time_ms = 1000; 1671 1672 /* 1673 * 9 for the header and 1 for the checksum, plus 1674 * possibly one for the broadcast. 1675 */ 1676 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) { 1677 ipmi_inc_stat(intf, sent_invalid_commands); 1678 rv = -EMSGSIZE; 1679 goto out_err; 1680 } 1681 1682 ipmb_addr = (struct ipmi_ipmb_addr *) addr; 1683 if (ipmb_addr->lun > 3) { 1684 ipmi_inc_stat(intf, sent_invalid_commands); 1685 rv = -EINVAL; 1686 goto out_err; 1687 } 1688 1689 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr)); 1690 1691 if (recv_msg->msg.netfn & 0x1) { 1692 /* 1693 * It's a response, so use the user's sequence 1694 * from msgid. 1695 */ 1696 ipmi_inc_stat(intf, sent_ipmb_responses); 1697 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid, 1698 msgid, broadcast, 1699 source_address, source_lun); 1700 1701 /* 1702 * Save the receive message so we can use it 1703 * to deliver the response. 1704 */ 1705 smi_msg->user_data = recv_msg; 1706 } else { 1707 /* It's a command, so get a sequence for it. */ 1708 1709 spin_lock_irqsave(&(intf->seq_lock), flags); 1710 1711 /* 1712 * Create a sequence number with a 1 second 1713 * timeout and 4 retries. 1714 */ 1715 rv = intf_next_seq(intf, 1716 recv_msg, 1717 retry_time_ms, 1718 retries, 1719 broadcast, 1720 &ipmb_seq, 1721 &seqid); 1722 if (rv) { 1723 /* 1724 * We have used up all the sequence numbers, 1725 * probably, so abort. 1726 */ 1727 spin_unlock_irqrestore(&(intf->seq_lock), 1728 flags); 1729 goto out_err; 1730 } 1731 1732 ipmi_inc_stat(intf, sent_ipmb_commands); 1733 1734 /* 1735 * Store the sequence number in the message, 1736 * so that when the send message response 1737 * comes back we can start the timer. 1738 */ 1739 format_ipmb_msg(smi_msg, msg, ipmb_addr, 1740 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1741 ipmb_seq, broadcast, 1742 source_address, source_lun); 1743 1744 /* 1745 * Copy the message into the recv message data, so we 1746 * can retransmit it later if necessary. 1747 */ 1748 memcpy(recv_msg->msg_data, smi_msg->data, 1749 smi_msg->data_size); 1750 recv_msg->msg.data = recv_msg->msg_data; 1751 recv_msg->msg.data_len = smi_msg->data_size; 1752 1753 /* 1754 * We don't unlock until here, because we need 1755 * to copy the completed message into the 1756 * recv_msg before we release the lock. 1757 * Otherwise, race conditions may bite us. I 1758 * know that's pretty paranoid, but I prefer 1759 * to be correct. 1760 */ 1761 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1762 } 1763 } else if (is_lan_addr(addr)) { 1764 struct ipmi_lan_addr *lan_addr; 1765 unsigned char ipmb_seq; 1766 long seqid; 1767 1768 if (addr->channel >= IPMI_MAX_CHANNELS) { 1769 ipmi_inc_stat(intf, sent_invalid_commands); 1770 rv = -EINVAL; 1771 goto out_err; 1772 } 1773 1774 if ((intf->channels[addr->channel].medium 1775 != IPMI_CHANNEL_MEDIUM_8023LAN) 1776 && (intf->channels[addr->channel].medium 1777 != IPMI_CHANNEL_MEDIUM_ASYNC)) { 1778 ipmi_inc_stat(intf, sent_invalid_commands); 1779 rv = -EINVAL; 1780 goto out_err; 1781 } 1782 1783 retries = 4; 1784 1785 /* Default to 1 second retries. */ 1786 if (retry_time_ms == 0) 1787 retry_time_ms = 1000; 1788 1789 /* 11 for the header and 1 for the checksum. */ 1790 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) { 1791 ipmi_inc_stat(intf, sent_invalid_commands); 1792 rv = -EMSGSIZE; 1793 goto out_err; 1794 } 1795 1796 lan_addr = (struct ipmi_lan_addr *) addr; 1797 if (lan_addr->lun > 3) { 1798 ipmi_inc_stat(intf, sent_invalid_commands); 1799 rv = -EINVAL; 1800 goto out_err; 1801 } 1802 1803 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr)); 1804 1805 if (recv_msg->msg.netfn & 0x1) { 1806 /* 1807 * It's a response, so use the user's sequence 1808 * from msgid. 1809 */ 1810 ipmi_inc_stat(intf, sent_lan_responses); 1811 format_lan_msg(smi_msg, msg, lan_addr, msgid, 1812 msgid, source_lun); 1813 1814 /* 1815 * Save the receive message so we can use it 1816 * to deliver the response. 1817 */ 1818 smi_msg->user_data = recv_msg; 1819 } else { 1820 /* It's a command, so get a sequence for it. */ 1821 1822 spin_lock_irqsave(&(intf->seq_lock), flags); 1823 1824 /* 1825 * Create a sequence number with a 1 second 1826 * timeout and 4 retries. 1827 */ 1828 rv = intf_next_seq(intf, 1829 recv_msg, 1830 retry_time_ms, 1831 retries, 1832 0, 1833 &ipmb_seq, 1834 &seqid); 1835 if (rv) { 1836 /* 1837 * We have used up all the sequence numbers, 1838 * probably, so abort. 1839 */ 1840 spin_unlock_irqrestore(&(intf->seq_lock), 1841 flags); 1842 goto out_err; 1843 } 1844 1845 ipmi_inc_stat(intf, sent_lan_commands); 1846 1847 /* 1848 * Store the sequence number in the message, 1849 * so that when the send message response 1850 * comes back we can start the timer. 1851 */ 1852 format_lan_msg(smi_msg, msg, lan_addr, 1853 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1854 ipmb_seq, source_lun); 1855 1856 /* 1857 * Copy the message into the recv message data, so we 1858 * can retransmit it later if necessary. 1859 */ 1860 memcpy(recv_msg->msg_data, smi_msg->data, 1861 smi_msg->data_size); 1862 recv_msg->msg.data = recv_msg->msg_data; 1863 recv_msg->msg.data_len = smi_msg->data_size; 1864 1865 /* 1866 * We don't unlock until here, because we need 1867 * to copy the completed message into the 1868 * recv_msg before we release the lock. 1869 * Otherwise, race conditions may bite us. I 1870 * know that's pretty paranoid, but I prefer 1871 * to be correct. 1872 */ 1873 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1874 } 1875 } else { 1876 /* Unknown address type. */ 1877 ipmi_inc_stat(intf, sent_invalid_commands); 1878 rv = -EINVAL; 1879 goto out_err; 1880 } 1881 1882 #ifdef DEBUG_MSGING 1883 { 1884 int m; 1885 for (m = 0; m < smi_msg->data_size; m++) 1886 printk(" %2.2x", smi_msg->data[m]); 1887 printk("\n"); 1888 } 1889 #endif 1890 1891 smi_send(intf, intf->handlers, smi_msg, priority); 1892 rcu_read_unlock(); 1893 1894 return 0; 1895 1896 out_err: 1897 rcu_read_unlock(); 1898 ipmi_free_smi_msg(smi_msg); 1899 ipmi_free_recv_msg(recv_msg); 1900 return rv; 1901 } 1902 1903 static int check_addr(ipmi_smi_t intf, 1904 struct ipmi_addr *addr, 1905 unsigned char *saddr, 1906 unsigned char *lun) 1907 { 1908 if (addr->channel >= IPMI_MAX_CHANNELS) 1909 return -EINVAL; 1910 *lun = intf->channels[addr->channel].lun; 1911 *saddr = intf->channels[addr->channel].address; 1912 return 0; 1913 } 1914 1915 int ipmi_request_settime(ipmi_user_t user, 1916 struct ipmi_addr *addr, 1917 long msgid, 1918 struct kernel_ipmi_msg *msg, 1919 void *user_msg_data, 1920 int priority, 1921 int retries, 1922 unsigned int retry_time_ms) 1923 { 1924 unsigned char saddr = 0, lun = 0; 1925 int rv; 1926 1927 if (!user) 1928 return -EINVAL; 1929 rv = check_addr(user->intf, addr, &saddr, &lun); 1930 if (rv) 1931 return rv; 1932 return i_ipmi_request(user, 1933 user->intf, 1934 addr, 1935 msgid, 1936 msg, 1937 user_msg_data, 1938 NULL, NULL, 1939 priority, 1940 saddr, 1941 lun, 1942 retries, 1943 retry_time_ms); 1944 } 1945 EXPORT_SYMBOL(ipmi_request_settime); 1946 1947 int ipmi_request_supply_msgs(ipmi_user_t user, 1948 struct ipmi_addr *addr, 1949 long msgid, 1950 struct kernel_ipmi_msg *msg, 1951 void *user_msg_data, 1952 void *supplied_smi, 1953 struct ipmi_recv_msg *supplied_recv, 1954 int priority) 1955 { 1956 unsigned char saddr = 0, lun = 0; 1957 int rv; 1958 1959 if (!user) 1960 return -EINVAL; 1961 rv = check_addr(user->intf, addr, &saddr, &lun); 1962 if (rv) 1963 return rv; 1964 return i_ipmi_request(user, 1965 user->intf, 1966 addr, 1967 msgid, 1968 msg, 1969 user_msg_data, 1970 supplied_smi, 1971 supplied_recv, 1972 priority, 1973 saddr, 1974 lun, 1975 -1, 0); 1976 } 1977 EXPORT_SYMBOL(ipmi_request_supply_msgs); 1978 1979 #ifdef CONFIG_PROC_FS 1980 static int smi_ipmb_proc_show(struct seq_file *m, void *v) 1981 { 1982 ipmi_smi_t intf = m->private; 1983 int i; 1984 1985 seq_printf(m, "%x", intf->channels[0].address); 1986 for (i = 1; i < IPMI_MAX_CHANNELS; i++) 1987 seq_printf(m, " %x", intf->channels[i].address); 1988 return seq_putc(m, '\n'); 1989 } 1990 1991 static int smi_ipmb_proc_open(struct inode *inode, struct file *file) 1992 { 1993 return single_open(file, smi_ipmb_proc_show, PDE_DATA(inode)); 1994 } 1995 1996 static const struct file_operations smi_ipmb_proc_ops = { 1997 .open = smi_ipmb_proc_open, 1998 .read = seq_read, 1999 .llseek = seq_lseek, 2000 .release = single_release, 2001 }; 2002 2003 static int smi_version_proc_show(struct seq_file *m, void *v) 2004 { 2005 ipmi_smi_t intf = m->private; 2006 2007 return seq_printf(m, "%u.%u\n", 2008 ipmi_version_major(&intf->bmc->id), 2009 ipmi_version_minor(&intf->bmc->id)); 2010 } 2011 2012 static int smi_version_proc_open(struct inode *inode, struct file *file) 2013 { 2014 return single_open(file, smi_version_proc_show, PDE_DATA(inode)); 2015 } 2016 2017 static const struct file_operations smi_version_proc_ops = { 2018 .open = smi_version_proc_open, 2019 .read = seq_read, 2020 .llseek = seq_lseek, 2021 .release = single_release, 2022 }; 2023 2024 static int smi_stats_proc_show(struct seq_file *m, void *v) 2025 { 2026 ipmi_smi_t intf = m->private; 2027 2028 seq_printf(m, "sent_invalid_commands: %u\n", 2029 ipmi_get_stat(intf, sent_invalid_commands)); 2030 seq_printf(m, "sent_local_commands: %u\n", 2031 ipmi_get_stat(intf, sent_local_commands)); 2032 seq_printf(m, "handled_local_responses: %u\n", 2033 ipmi_get_stat(intf, handled_local_responses)); 2034 seq_printf(m, "unhandled_local_responses: %u\n", 2035 ipmi_get_stat(intf, unhandled_local_responses)); 2036 seq_printf(m, "sent_ipmb_commands: %u\n", 2037 ipmi_get_stat(intf, sent_ipmb_commands)); 2038 seq_printf(m, "sent_ipmb_command_errs: %u\n", 2039 ipmi_get_stat(intf, sent_ipmb_command_errs)); 2040 seq_printf(m, "retransmitted_ipmb_commands: %u\n", 2041 ipmi_get_stat(intf, retransmitted_ipmb_commands)); 2042 seq_printf(m, "timed_out_ipmb_commands: %u\n", 2043 ipmi_get_stat(intf, timed_out_ipmb_commands)); 2044 seq_printf(m, "timed_out_ipmb_broadcasts: %u\n", 2045 ipmi_get_stat(intf, timed_out_ipmb_broadcasts)); 2046 seq_printf(m, "sent_ipmb_responses: %u\n", 2047 ipmi_get_stat(intf, sent_ipmb_responses)); 2048 seq_printf(m, "handled_ipmb_responses: %u\n", 2049 ipmi_get_stat(intf, handled_ipmb_responses)); 2050 seq_printf(m, "invalid_ipmb_responses: %u\n", 2051 ipmi_get_stat(intf, invalid_ipmb_responses)); 2052 seq_printf(m, "unhandled_ipmb_responses: %u\n", 2053 ipmi_get_stat(intf, unhandled_ipmb_responses)); 2054 seq_printf(m, "sent_lan_commands: %u\n", 2055 ipmi_get_stat(intf, sent_lan_commands)); 2056 seq_printf(m, "sent_lan_command_errs: %u\n", 2057 ipmi_get_stat(intf, sent_lan_command_errs)); 2058 seq_printf(m, "retransmitted_lan_commands: %u\n", 2059 ipmi_get_stat(intf, retransmitted_lan_commands)); 2060 seq_printf(m, "timed_out_lan_commands: %u\n", 2061 ipmi_get_stat(intf, timed_out_lan_commands)); 2062 seq_printf(m, "sent_lan_responses: %u\n", 2063 ipmi_get_stat(intf, sent_lan_responses)); 2064 seq_printf(m, "handled_lan_responses: %u\n", 2065 ipmi_get_stat(intf, handled_lan_responses)); 2066 seq_printf(m, "invalid_lan_responses: %u\n", 2067 ipmi_get_stat(intf, invalid_lan_responses)); 2068 seq_printf(m, "unhandled_lan_responses: %u\n", 2069 ipmi_get_stat(intf, unhandled_lan_responses)); 2070 seq_printf(m, "handled_commands: %u\n", 2071 ipmi_get_stat(intf, handled_commands)); 2072 seq_printf(m, "invalid_commands: %u\n", 2073 ipmi_get_stat(intf, invalid_commands)); 2074 seq_printf(m, "unhandled_commands: %u\n", 2075 ipmi_get_stat(intf, unhandled_commands)); 2076 seq_printf(m, "invalid_events: %u\n", 2077 ipmi_get_stat(intf, invalid_events)); 2078 seq_printf(m, "events: %u\n", 2079 ipmi_get_stat(intf, events)); 2080 seq_printf(m, "failed rexmit LAN msgs: %u\n", 2081 ipmi_get_stat(intf, dropped_rexmit_lan_commands)); 2082 seq_printf(m, "failed rexmit IPMB msgs: %u\n", 2083 ipmi_get_stat(intf, dropped_rexmit_ipmb_commands)); 2084 return 0; 2085 } 2086 2087 static int smi_stats_proc_open(struct inode *inode, struct file *file) 2088 { 2089 return single_open(file, smi_stats_proc_show, PDE_DATA(inode)); 2090 } 2091 2092 static const struct file_operations smi_stats_proc_ops = { 2093 .open = smi_stats_proc_open, 2094 .read = seq_read, 2095 .llseek = seq_lseek, 2096 .release = single_release, 2097 }; 2098 #endif /* CONFIG_PROC_FS */ 2099 2100 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name, 2101 const struct file_operations *proc_ops, 2102 void *data) 2103 { 2104 int rv = 0; 2105 #ifdef CONFIG_PROC_FS 2106 struct proc_dir_entry *file; 2107 struct ipmi_proc_entry *entry; 2108 2109 /* Create a list element. */ 2110 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 2111 if (!entry) 2112 return -ENOMEM; 2113 entry->name = kstrdup(name, GFP_KERNEL); 2114 if (!entry->name) { 2115 kfree(entry); 2116 return -ENOMEM; 2117 } 2118 2119 file = proc_create_data(name, 0, smi->proc_dir, proc_ops, data); 2120 if (!file) { 2121 kfree(entry->name); 2122 kfree(entry); 2123 rv = -ENOMEM; 2124 } else { 2125 mutex_lock(&smi->proc_entry_lock); 2126 /* Stick it on the list. */ 2127 entry->next = smi->proc_entries; 2128 smi->proc_entries = entry; 2129 mutex_unlock(&smi->proc_entry_lock); 2130 } 2131 #endif /* CONFIG_PROC_FS */ 2132 2133 return rv; 2134 } 2135 EXPORT_SYMBOL(ipmi_smi_add_proc_entry); 2136 2137 static int add_proc_entries(ipmi_smi_t smi, int num) 2138 { 2139 int rv = 0; 2140 2141 #ifdef CONFIG_PROC_FS 2142 sprintf(smi->proc_dir_name, "%d", num); 2143 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root); 2144 if (!smi->proc_dir) 2145 rv = -ENOMEM; 2146 2147 if (rv == 0) 2148 rv = ipmi_smi_add_proc_entry(smi, "stats", 2149 &smi_stats_proc_ops, 2150 smi); 2151 2152 if (rv == 0) 2153 rv = ipmi_smi_add_proc_entry(smi, "ipmb", 2154 &smi_ipmb_proc_ops, 2155 smi); 2156 2157 if (rv == 0) 2158 rv = ipmi_smi_add_proc_entry(smi, "version", 2159 &smi_version_proc_ops, 2160 smi); 2161 #endif /* CONFIG_PROC_FS */ 2162 2163 return rv; 2164 } 2165 2166 static void remove_proc_entries(ipmi_smi_t smi) 2167 { 2168 #ifdef CONFIG_PROC_FS 2169 struct ipmi_proc_entry *entry; 2170 2171 mutex_lock(&smi->proc_entry_lock); 2172 while (smi->proc_entries) { 2173 entry = smi->proc_entries; 2174 smi->proc_entries = entry->next; 2175 2176 remove_proc_entry(entry->name, smi->proc_dir); 2177 kfree(entry->name); 2178 kfree(entry); 2179 } 2180 mutex_unlock(&smi->proc_entry_lock); 2181 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root); 2182 #endif /* CONFIG_PROC_FS */ 2183 } 2184 2185 static int __find_bmc_guid(struct device *dev, void *data) 2186 { 2187 unsigned char *id = data; 2188 struct bmc_device *bmc = to_bmc_device(dev); 2189 return memcmp(bmc->guid, id, 16) == 0; 2190 } 2191 2192 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv, 2193 unsigned char *guid) 2194 { 2195 struct device *dev; 2196 2197 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid); 2198 if (dev) 2199 return to_bmc_device(dev); 2200 else 2201 return NULL; 2202 } 2203 2204 struct prod_dev_id { 2205 unsigned int product_id; 2206 unsigned char device_id; 2207 }; 2208 2209 static int __find_bmc_prod_dev_id(struct device *dev, void *data) 2210 { 2211 struct prod_dev_id *id = data; 2212 struct bmc_device *bmc = to_bmc_device(dev); 2213 2214 return (bmc->id.product_id == id->product_id 2215 && bmc->id.device_id == id->device_id); 2216 } 2217 2218 static struct bmc_device *ipmi_find_bmc_prod_dev_id( 2219 struct device_driver *drv, 2220 unsigned int product_id, unsigned char device_id) 2221 { 2222 struct prod_dev_id id = { 2223 .product_id = product_id, 2224 .device_id = device_id, 2225 }; 2226 struct device *dev; 2227 2228 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id); 2229 if (dev) 2230 return to_bmc_device(dev); 2231 else 2232 return NULL; 2233 } 2234 2235 static ssize_t device_id_show(struct device *dev, 2236 struct device_attribute *attr, 2237 char *buf) 2238 { 2239 struct bmc_device *bmc = to_bmc_device(dev); 2240 2241 return snprintf(buf, 10, "%u\n", bmc->id.device_id); 2242 } 2243 static DEVICE_ATTR(device_id, S_IRUGO, device_id_show, NULL); 2244 2245 static ssize_t provides_device_sdrs_show(struct device *dev, 2246 struct device_attribute *attr, 2247 char *buf) 2248 { 2249 struct bmc_device *bmc = to_bmc_device(dev); 2250 2251 return snprintf(buf, 10, "%u\n", 2252 (bmc->id.device_revision & 0x80) >> 7); 2253 } 2254 static DEVICE_ATTR(provides_device_sdrs, S_IRUGO, provides_device_sdrs_show, 2255 NULL); 2256 2257 static ssize_t revision_show(struct device *dev, struct device_attribute *attr, 2258 char *buf) 2259 { 2260 struct bmc_device *bmc = to_bmc_device(dev); 2261 2262 return snprintf(buf, 20, "%u\n", 2263 bmc->id.device_revision & 0x0F); 2264 } 2265 static DEVICE_ATTR(revision, S_IRUGO, revision_show, NULL); 2266 2267 static ssize_t firmware_revision_show(struct device *dev, 2268 struct device_attribute *attr, 2269 char *buf) 2270 { 2271 struct bmc_device *bmc = to_bmc_device(dev); 2272 2273 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1, 2274 bmc->id.firmware_revision_2); 2275 } 2276 static DEVICE_ATTR(firmware_revision, S_IRUGO, firmware_revision_show, NULL); 2277 2278 static ssize_t ipmi_version_show(struct device *dev, 2279 struct device_attribute *attr, 2280 char *buf) 2281 { 2282 struct bmc_device *bmc = to_bmc_device(dev); 2283 2284 return snprintf(buf, 20, "%u.%u\n", 2285 ipmi_version_major(&bmc->id), 2286 ipmi_version_minor(&bmc->id)); 2287 } 2288 static DEVICE_ATTR(ipmi_version, S_IRUGO, ipmi_version_show, NULL); 2289 2290 static ssize_t add_dev_support_show(struct device *dev, 2291 struct device_attribute *attr, 2292 char *buf) 2293 { 2294 struct bmc_device *bmc = to_bmc_device(dev); 2295 2296 return snprintf(buf, 10, "0x%02x\n", 2297 bmc->id.additional_device_support); 2298 } 2299 static DEVICE_ATTR(additional_device_support, S_IRUGO, add_dev_support_show, 2300 NULL); 2301 2302 static ssize_t manufacturer_id_show(struct device *dev, 2303 struct device_attribute *attr, 2304 char *buf) 2305 { 2306 struct bmc_device *bmc = to_bmc_device(dev); 2307 2308 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id); 2309 } 2310 static DEVICE_ATTR(manufacturer_id, S_IRUGO, manufacturer_id_show, NULL); 2311 2312 static ssize_t product_id_show(struct device *dev, 2313 struct device_attribute *attr, 2314 char *buf) 2315 { 2316 struct bmc_device *bmc = to_bmc_device(dev); 2317 2318 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id); 2319 } 2320 static DEVICE_ATTR(product_id, S_IRUGO, product_id_show, NULL); 2321 2322 static ssize_t aux_firmware_rev_show(struct device *dev, 2323 struct device_attribute *attr, 2324 char *buf) 2325 { 2326 struct bmc_device *bmc = to_bmc_device(dev); 2327 2328 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n", 2329 bmc->id.aux_firmware_revision[3], 2330 bmc->id.aux_firmware_revision[2], 2331 bmc->id.aux_firmware_revision[1], 2332 bmc->id.aux_firmware_revision[0]); 2333 } 2334 static DEVICE_ATTR(aux_firmware_revision, S_IRUGO, aux_firmware_rev_show, NULL); 2335 2336 static ssize_t guid_show(struct device *dev, struct device_attribute *attr, 2337 char *buf) 2338 { 2339 struct bmc_device *bmc = to_bmc_device(dev); 2340 2341 return snprintf(buf, 100, "%Lx%Lx\n", 2342 (long long) bmc->guid[0], 2343 (long long) bmc->guid[8]); 2344 } 2345 static DEVICE_ATTR(guid, S_IRUGO, guid_show, NULL); 2346 2347 static struct attribute *bmc_dev_attrs[] = { 2348 &dev_attr_device_id.attr, 2349 &dev_attr_provides_device_sdrs.attr, 2350 &dev_attr_revision.attr, 2351 &dev_attr_firmware_revision.attr, 2352 &dev_attr_ipmi_version.attr, 2353 &dev_attr_additional_device_support.attr, 2354 &dev_attr_manufacturer_id.attr, 2355 &dev_attr_product_id.attr, 2356 NULL 2357 }; 2358 2359 static struct attribute_group bmc_dev_attr_group = { 2360 .attrs = bmc_dev_attrs, 2361 }; 2362 2363 static const struct attribute_group *bmc_dev_attr_groups[] = { 2364 &bmc_dev_attr_group, 2365 NULL 2366 }; 2367 2368 static struct device_type bmc_device_type = { 2369 .groups = bmc_dev_attr_groups, 2370 }; 2371 2372 static void 2373 release_bmc_device(struct device *dev) 2374 { 2375 kfree(to_bmc_device(dev)); 2376 } 2377 2378 static void 2379 cleanup_bmc_device(struct kref *ref) 2380 { 2381 struct bmc_device *bmc = container_of(ref, struct bmc_device, usecount); 2382 2383 if (bmc->id.aux_firmware_revision_set) 2384 device_remove_file(&bmc->pdev.dev, 2385 &dev_attr_aux_firmware_revision); 2386 if (bmc->guid_set) 2387 device_remove_file(&bmc->pdev.dev, 2388 &dev_attr_guid); 2389 2390 platform_device_unregister(&bmc->pdev); 2391 } 2392 2393 static void ipmi_bmc_unregister(ipmi_smi_t intf) 2394 { 2395 struct bmc_device *bmc = intf->bmc; 2396 2397 sysfs_remove_link(&intf->si_dev->kobj, "bmc"); 2398 if (intf->my_dev_name) { 2399 sysfs_remove_link(&bmc->pdev.dev.kobj, intf->my_dev_name); 2400 kfree(intf->my_dev_name); 2401 intf->my_dev_name = NULL; 2402 } 2403 2404 mutex_lock(&ipmidriver_mutex); 2405 kref_put(&bmc->usecount, cleanup_bmc_device); 2406 intf->bmc = NULL; 2407 mutex_unlock(&ipmidriver_mutex); 2408 } 2409 2410 static int create_bmc_files(struct bmc_device *bmc) 2411 { 2412 int err; 2413 2414 if (bmc->id.aux_firmware_revision_set) { 2415 err = device_create_file(&bmc->pdev.dev, 2416 &dev_attr_aux_firmware_revision); 2417 if (err) 2418 goto out; 2419 } 2420 if (bmc->guid_set) { 2421 err = device_create_file(&bmc->pdev.dev, 2422 &dev_attr_guid); 2423 if (err) 2424 goto out_aux_firm; 2425 } 2426 2427 return 0; 2428 2429 out_aux_firm: 2430 if (bmc->id.aux_firmware_revision_set) 2431 device_remove_file(&bmc->pdev.dev, 2432 &dev_attr_aux_firmware_revision); 2433 out: 2434 return err; 2435 } 2436 2437 static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum) 2438 { 2439 int rv; 2440 struct bmc_device *bmc = intf->bmc; 2441 struct bmc_device *old_bmc; 2442 2443 mutex_lock(&ipmidriver_mutex); 2444 2445 /* 2446 * Try to find if there is an bmc_device struct 2447 * representing the interfaced BMC already 2448 */ 2449 if (bmc->guid_set) 2450 old_bmc = ipmi_find_bmc_guid(&ipmidriver.driver, bmc->guid); 2451 else 2452 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver, 2453 bmc->id.product_id, 2454 bmc->id.device_id); 2455 2456 /* 2457 * If there is already an bmc_device, free the new one, 2458 * otherwise register the new BMC device 2459 */ 2460 if (old_bmc) { 2461 kfree(bmc); 2462 intf->bmc = old_bmc; 2463 bmc = old_bmc; 2464 2465 kref_get(&bmc->usecount); 2466 mutex_unlock(&ipmidriver_mutex); 2467 2468 printk(KERN_INFO 2469 "ipmi: interfacing existing BMC (man_id: 0x%6.6x," 2470 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2471 bmc->id.manufacturer_id, 2472 bmc->id.product_id, 2473 bmc->id.device_id); 2474 } else { 2475 unsigned char orig_dev_id = bmc->id.device_id; 2476 int warn_printed = 0; 2477 2478 snprintf(bmc->name, sizeof(bmc->name), 2479 "ipmi_bmc.%4.4x", bmc->id.product_id); 2480 bmc->pdev.name = bmc->name; 2481 2482 while (ipmi_find_bmc_prod_dev_id(&ipmidriver.driver, 2483 bmc->id.product_id, 2484 bmc->id.device_id)) { 2485 if (!warn_printed) { 2486 printk(KERN_WARNING PFX 2487 "This machine has two different BMCs" 2488 " with the same product id and device" 2489 " id. This is an error in the" 2490 " firmware, but incrementing the" 2491 " device id to work around the problem." 2492 " Prod ID = 0x%x, Dev ID = 0x%x\n", 2493 bmc->id.product_id, bmc->id.device_id); 2494 warn_printed = 1; 2495 } 2496 bmc->id.device_id++; /* Wraps at 255 */ 2497 if (bmc->id.device_id == orig_dev_id) { 2498 printk(KERN_ERR PFX 2499 "Out of device ids!\n"); 2500 break; 2501 } 2502 } 2503 2504 bmc->pdev.dev.driver = &ipmidriver.driver; 2505 bmc->pdev.id = bmc->id.device_id; 2506 bmc->pdev.dev.release = release_bmc_device; 2507 bmc->pdev.dev.type = &bmc_device_type; 2508 kref_init(&bmc->usecount); 2509 2510 rv = platform_device_register(&bmc->pdev); 2511 mutex_unlock(&ipmidriver_mutex); 2512 if (rv) { 2513 put_device(&bmc->pdev.dev); 2514 printk(KERN_ERR 2515 "ipmi_msghandler:" 2516 " Unable to register bmc device: %d\n", 2517 rv); 2518 /* 2519 * Don't go to out_err, you can only do that if 2520 * the device is registered already. 2521 */ 2522 return rv; 2523 } 2524 2525 rv = create_bmc_files(bmc); 2526 if (rv) { 2527 mutex_lock(&ipmidriver_mutex); 2528 platform_device_unregister(&bmc->pdev); 2529 mutex_unlock(&ipmidriver_mutex); 2530 2531 return rv; 2532 } 2533 2534 dev_info(intf->si_dev, "Found new BMC (man_id: 0x%6.6x, " 2535 "prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2536 bmc->id.manufacturer_id, 2537 bmc->id.product_id, 2538 bmc->id.device_id); 2539 } 2540 2541 /* 2542 * create symlink from system interface device to bmc device 2543 * and back. 2544 */ 2545 rv = sysfs_create_link(&intf->si_dev->kobj, &bmc->pdev.dev.kobj, "bmc"); 2546 if (rv) { 2547 printk(KERN_ERR 2548 "ipmi_msghandler: Unable to create bmc symlink: %d\n", 2549 rv); 2550 goto out_err; 2551 } 2552 2553 intf->my_dev_name = kasprintf(GFP_KERNEL, "ipmi%d", ifnum); 2554 if (!intf->my_dev_name) { 2555 rv = -ENOMEM; 2556 printk(KERN_ERR 2557 "ipmi_msghandler: allocate link from BMC: %d\n", 2558 rv); 2559 goto out_err; 2560 } 2561 2562 rv = sysfs_create_link(&bmc->pdev.dev.kobj, &intf->si_dev->kobj, 2563 intf->my_dev_name); 2564 if (rv) { 2565 kfree(intf->my_dev_name); 2566 intf->my_dev_name = NULL; 2567 printk(KERN_ERR 2568 "ipmi_msghandler:" 2569 " Unable to create symlink to bmc: %d\n", 2570 rv); 2571 goto out_err; 2572 } 2573 2574 return 0; 2575 2576 out_err: 2577 ipmi_bmc_unregister(intf); 2578 return rv; 2579 } 2580 2581 static int 2582 send_guid_cmd(ipmi_smi_t intf, int chan) 2583 { 2584 struct kernel_ipmi_msg msg; 2585 struct ipmi_system_interface_addr si; 2586 2587 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2588 si.channel = IPMI_BMC_CHANNEL; 2589 si.lun = 0; 2590 2591 msg.netfn = IPMI_NETFN_APP_REQUEST; 2592 msg.cmd = IPMI_GET_DEVICE_GUID_CMD; 2593 msg.data = NULL; 2594 msg.data_len = 0; 2595 return i_ipmi_request(NULL, 2596 intf, 2597 (struct ipmi_addr *) &si, 2598 0, 2599 &msg, 2600 intf, 2601 NULL, 2602 NULL, 2603 0, 2604 intf->channels[0].address, 2605 intf->channels[0].lun, 2606 -1, 0); 2607 } 2608 2609 static void 2610 guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2611 { 2612 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2613 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE) 2614 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD)) 2615 /* Not for me */ 2616 return; 2617 2618 if (msg->msg.data[0] != 0) { 2619 /* Error from getting the GUID, the BMC doesn't have one. */ 2620 intf->bmc->guid_set = 0; 2621 goto out; 2622 } 2623 2624 if (msg->msg.data_len < 17) { 2625 intf->bmc->guid_set = 0; 2626 printk(KERN_WARNING PFX 2627 "guid_handler: The GUID response from the BMC was too" 2628 " short, it was %d but should have been 17. Assuming" 2629 " GUID is not available.\n", 2630 msg->msg.data_len); 2631 goto out; 2632 } 2633 2634 memcpy(intf->bmc->guid, msg->msg.data, 16); 2635 intf->bmc->guid_set = 1; 2636 out: 2637 wake_up(&intf->waitq); 2638 } 2639 2640 static void 2641 get_guid(ipmi_smi_t intf) 2642 { 2643 int rv; 2644 2645 intf->bmc->guid_set = 0x2; 2646 intf->null_user_handler = guid_handler; 2647 rv = send_guid_cmd(intf, 0); 2648 if (rv) 2649 /* Send failed, no GUID available. */ 2650 intf->bmc->guid_set = 0; 2651 wait_event(intf->waitq, intf->bmc->guid_set != 2); 2652 intf->null_user_handler = NULL; 2653 } 2654 2655 static int 2656 send_channel_info_cmd(ipmi_smi_t intf, int chan) 2657 { 2658 struct kernel_ipmi_msg msg; 2659 unsigned char data[1]; 2660 struct ipmi_system_interface_addr si; 2661 2662 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2663 si.channel = IPMI_BMC_CHANNEL; 2664 si.lun = 0; 2665 2666 msg.netfn = IPMI_NETFN_APP_REQUEST; 2667 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD; 2668 msg.data = data; 2669 msg.data_len = 1; 2670 data[0] = chan; 2671 return i_ipmi_request(NULL, 2672 intf, 2673 (struct ipmi_addr *) &si, 2674 0, 2675 &msg, 2676 intf, 2677 NULL, 2678 NULL, 2679 0, 2680 intf->channels[0].address, 2681 intf->channels[0].lun, 2682 -1, 0); 2683 } 2684 2685 static void 2686 channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2687 { 2688 int rv = 0; 2689 int chan; 2690 2691 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2692 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 2693 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) { 2694 /* It's the one we want */ 2695 if (msg->msg.data[0] != 0) { 2696 /* Got an error from the channel, just go on. */ 2697 2698 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) { 2699 /* 2700 * If the MC does not support this 2701 * command, that is legal. We just 2702 * assume it has one IPMB at channel 2703 * zero. 2704 */ 2705 intf->channels[0].medium 2706 = IPMI_CHANNEL_MEDIUM_IPMB; 2707 intf->channels[0].protocol 2708 = IPMI_CHANNEL_PROTOCOL_IPMB; 2709 2710 intf->curr_channel = IPMI_MAX_CHANNELS; 2711 wake_up(&intf->waitq); 2712 goto out; 2713 } 2714 goto next_channel; 2715 } 2716 if (msg->msg.data_len < 4) { 2717 /* Message not big enough, just go on. */ 2718 goto next_channel; 2719 } 2720 chan = intf->curr_channel; 2721 intf->channels[chan].medium = msg->msg.data[2] & 0x7f; 2722 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f; 2723 2724 next_channel: 2725 intf->curr_channel++; 2726 if (intf->curr_channel >= IPMI_MAX_CHANNELS) 2727 wake_up(&intf->waitq); 2728 else 2729 rv = send_channel_info_cmd(intf, intf->curr_channel); 2730 2731 if (rv) { 2732 /* Got an error somehow, just give up. */ 2733 printk(KERN_WARNING PFX 2734 "Error sending channel information for channel" 2735 " %d: %d\n", intf->curr_channel, rv); 2736 2737 intf->curr_channel = IPMI_MAX_CHANNELS; 2738 wake_up(&intf->waitq); 2739 } 2740 } 2741 out: 2742 return; 2743 } 2744 2745 static void ipmi_poll(ipmi_smi_t intf) 2746 { 2747 if (intf->handlers->poll) 2748 intf->handlers->poll(intf->send_info); 2749 /* In case something came in */ 2750 handle_new_recv_msgs(intf); 2751 } 2752 2753 void ipmi_poll_interface(ipmi_user_t user) 2754 { 2755 ipmi_poll(user->intf); 2756 } 2757 EXPORT_SYMBOL(ipmi_poll_interface); 2758 2759 int ipmi_register_smi(struct ipmi_smi_handlers *handlers, 2760 void *send_info, 2761 struct ipmi_device_id *device_id, 2762 struct device *si_dev, 2763 unsigned char slave_addr) 2764 { 2765 int i, j; 2766 int rv; 2767 ipmi_smi_t intf; 2768 ipmi_smi_t tintf; 2769 struct list_head *link; 2770 2771 /* 2772 * Make sure the driver is actually initialized, this handles 2773 * problems with initialization order. 2774 */ 2775 if (!initialized) { 2776 rv = ipmi_init_msghandler(); 2777 if (rv) 2778 return rv; 2779 /* 2780 * The init code doesn't return an error if it was turned 2781 * off, but it won't initialize. Check that. 2782 */ 2783 if (!initialized) 2784 return -ENODEV; 2785 } 2786 2787 intf = kzalloc(sizeof(*intf), GFP_KERNEL); 2788 if (!intf) 2789 return -ENOMEM; 2790 2791 intf->ipmi_version_major = ipmi_version_major(device_id); 2792 intf->ipmi_version_minor = ipmi_version_minor(device_id); 2793 2794 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL); 2795 if (!intf->bmc) { 2796 kfree(intf); 2797 return -ENOMEM; 2798 } 2799 intf->intf_num = -1; /* Mark it invalid for now. */ 2800 kref_init(&intf->refcount); 2801 intf->bmc->id = *device_id; 2802 intf->si_dev = si_dev; 2803 for (j = 0; j < IPMI_MAX_CHANNELS; j++) { 2804 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR; 2805 intf->channels[j].lun = 2; 2806 } 2807 if (slave_addr != 0) 2808 intf->channels[0].address = slave_addr; 2809 INIT_LIST_HEAD(&intf->users); 2810 intf->handlers = handlers; 2811 intf->send_info = send_info; 2812 spin_lock_init(&intf->seq_lock); 2813 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) { 2814 intf->seq_table[j].inuse = 0; 2815 intf->seq_table[j].seqid = 0; 2816 } 2817 intf->curr_seq = 0; 2818 #ifdef CONFIG_PROC_FS 2819 mutex_init(&intf->proc_entry_lock); 2820 #endif 2821 spin_lock_init(&intf->waiting_rcv_msgs_lock); 2822 INIT_LIST_HEAD(&intf->waiting_rcv_msgs); 2823 tasklet_init(&intf->recv_tasklet, 2824 smi_recv_tasklet, 2825 (unsigned long) intf); 2826 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 0); 2827 spin_lock_init(&intf->xmit_msgs_lock); 2828 INIT_LIST_HEAD(&intf->xmit_msgs); 2829 INIT_LIST_HEAD(&intf->hp_xmit_msgs); 2830 spin_lock_init(&intf->events_lock); 2831 atomic_set(&intf->event_waiters, 0); 2832 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 2833 INIT_LIST_HEAD(&intf->waiting_events); 2834 intf->waiting_events_count = 0; 2835 mutex_init(&intf->cmd_rcvrs_mutex); 2836 spin_lock_init(&intf->maintenance_mode_lock); 2837 INIT_LIST_HEAD(&intf->cmd_rcvrs); 2838 init_waitqueue_head(&intf->waitq); 2839 for (i = 0; i < IPMI_NUM_STATS; i++) 2840 atomic_set(&intf->stats[i], 0); 2841 2842 intf->proc_dir = NULL; 2843 2844 mutex_lock(&smi_watchers_mutex); 2845 mutex_lock(&ipmi_interfaces_mutex); 2846 /* Look for a hole in the numbers. */ 2847 i = 0; 2848 link = &ipmi_interfaces; 2849 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) { 2850 if (tintf->intf_num != i) { 2851 link = &tintf->link; 2852 break; 2853 } 2854 i++; 2855 } 2856 /* Add the new interface in numeric order. */ 2857 if (i == 0) 2858 list_add_rcu(&intf->link, &ipmi_interfaces); 2859 else 2860 list_add_tail_rcu(&intf->link, link); 2861 2862 rv = handlers->start_processing(send_info, intf); 2863 if (rv) 2864 goto out; 2865 2866 get_guid(intf); 2867 2868 if ((intf->ipmi_version_major > 1) 2869 || ((intf->ipmi_version_major == 1) 2870 && (intf->ipmi_version_minor >= 5))) { 2871 /* 2872 * Start scanning the channels to see what is 2873 * available. 2874 */ 2875 intf->null_user_handler = channel_handler; 2876 intf->curr_channel = 0; 2877 rv = send_channel_info_cmd(intf, 0); 2878 if (rv) { 2879 printk(KERN_WARNING PFX 2880 "Error sending channel information for channel" 2881 " 0, %d\n", rv); 2882 goto out; 2883 } 2884 2885 /* Wait for the channel info to be read. */ 2886 wait_event(intf->waitq, 2887 intf->curr_channel >= IPMI_MAX_CHANNELS); 2888 intf->null_user_handler = NULL; 2889 } else { 2890 /* Assume a single IPMB channel at zero. */ 2891 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB; 2892 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB; 2893 intf->curr_channel = IPMI_MAX_CHANNELS; 2894 } 2895 2896 if (rv == 0) 2897 rv = add_proc_entries(intf, i); 2898 2899 rv = ipmi_bmc_register(intf, i); 2900 2901 out: 2902 if (rv) { 2903 if (intf->proc_dir) 2904 remove_proc_entries(intf); 2905 intf->handlers = NULL; 2906 list_del_rcu(&intf->link); 2907 mutex_unlock(&ipmi_interfaces_mutex); 2908 mutex_unlock(&smi_watchers_mutex); 2909 synchronize_rcu(); 2910 kref_put(&intf->refcount, intf_free); 2911 } else { 2912 /* 2913 * Keep memory order straight for RCU readers. Make 2914 * sure everything else is committed to memory before 2915 * setting intf_num to mark the interface valid. 2916 */ 2917 smp_wmb(); 2918 intf->intf_num = i; 2919 mutex_unlock(&ipmi_interfaces_mutex); 2920 /* After this point the interface is legal to use. */ 2921 call_smi_watchers(i, intf->si_dev); 2922 mutex_unlock(&smi_watchers_mutex); 2923 } 2924 2925 return rv; 2926 } 2927 EXPORT_SYMBOL(ipmi_register_smi); 2928 2929 static void deliver_smi_err_response(ipmi_smi_t intf, 2930 struct ipmi_smi_msg *msg, 2931 unsigned char err) 2932 { 2933 msg->rsp[0] = msg->data[0] | 4; 2934 msg->rsp[1] = msg->data[1]; 2935 msg->rsp[2] = err; 2936 msg->rsp_size = 3; 2937 /* It's an error, so it will never requeue, no need to check return. */ 2938 handle_one_recv_msg(intf, msg); 2939 } 2940 2941 static void cleanup_smi_msgs(ipmi_smi_t intf) 2942 { 2943 int i; 2944 struct seq_table *ent; 2945 struct ipmi_smi_msg *msg; 2946 struct list_head *entry; 2947 struct list_head tmplist; 2948 2949 /* Clear out our transmit queues and hold the messages. */ 2950 INIT_LIST_HEAD(&tmplist); 2951 list_splice_tail(&intf->hp_xmit_msgs, &tmplist); 2952 list_splice_tail(&intf->xmit_msgs, &tmplist); 2953 2954 /* Current message first, to preserve order */ 2955 while (intf->curr_msg && !list_empty(&intf->waiting_rcv_msgs)) { 2956 /* Wait for the message to clear out. */ 2957 schedule_timeout(1); 2958 } 2959 2960 /* No need for locks, the interface is down. */ 2961 2962 /* 2963 * Return errors for all pending messages in queue and in the 2964 * tables waiting for remote responses. 2965 */ 2966 while (!list_empty(&tmplist)) { 2967 entry = tmplist.next; 2968 list_del(entry); 2969 msg = list_entry(entry, struct ipmi_smi_msg, link); 2970 deliver_smi_err_response(intf, msg, IPMI_ERR_UNSPECIFIED); 2971 } 2972 2973 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 2974 ent = &(intf->seq_table[i]); 2975 if (!ent->inuse) 2976 continue; 2977 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED); 2978 } 2979 } 2980 2981 int ipmi_unregister_smi(ipmi_smi_t intf) 2982 { 2983 struct ipmi_smi_watcher *w; 2984 int intf_num = intf->intf_num; 2985 ipmi_user_t user; 2986 2987 ipmi_bmc_unregister(intf); 2988 2989 mutex_lock(&smi_watchers_mutex); 2990 mutex_lock(&ipmi_interfaces_mutex); 2991 intf->intf_num = -1; 2992 intf->in_shutdown = true; 2993 list_del_rcu(&intf->link); 2994 mutex_unlock(&ipmi_interfaces_mutex); 2995 synchronize_rcu(); 2996 2997 cleanup_smi_msgs(intf); 2998 2999 /* Clean up the effects of users on the lower-level software. */ 3000 mutex_lock(&ipmi_interfaces_mutex); 3001 rcu_read_lock(); 3002 list_for_each_entry_rcu(user, &intf->users, link) { 3003 module_put(intf->handlers->owner); 3004 if (intf->handlers->dec_usecount) 3005 intf->handlers->dec_usecount(intf->send_info); 3006 } 3007 rcu_read_unlock(); 3008 intf->handlers = NULL; 3009 mutex_unlock(&ipmi_interfaces_mutex); 3010 3011 remove_proc_entries(intf); 3012 3013 /* 3014 * Call all the watcher interfaces to tell them that 3015 * an interface is gone. 3016 */ 3017 list_for_each_entry(w, &smi_watchers, link) 3018 w->smi_gone(intf_num); 3019 mutex_unlock(&smi_watchers_mutex); 3020 3021 kref_put(&intf->refcount, intf_free); 3022 return 0; 3023 } 3024 EXPORT_SYMBOL(ipmi_unregister_smi); 3025 3026 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf, 3027 struct ipmi_smi_msg *msg) 3028 { 3029 struct ipmi_ipmb_addr ipmb_addr; 3030 struct ipmi_recv_msg *recv_msg; 3031 3032 /* 3033 * This is 11, not 10, because the response must contain a 3034 * completion code. 3035 */ 3036 if (msg->rsp_size < 11) { 3037 /* Message not big enough, just ignore it. */ 3038 ipmi_inc_stat(intf, invalid_ipmb_responses); 3039 return 0; 3040 } 3041 3042 if (msg->rsp[2] != 0) { 3043 /* An error getting the response, just ignore it. */ 3044 return 0; 3045 } 3046 3047 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE; 3048 ipmb_addr.slave_addr = msg->rsp[6]; 3049 ipmb_addr.channel = msg->rsp[3] & 0x0f; 3050 ipmb_addr.lun = msg->rsp[7] & 3; 3051 3052 /* 3053 * It's a response from a remote entity. Look up the sequence 3054 * number and handle the response. 3055 */ 3056 if (intf_find_seq(intf, 3057 msg->rsp[7] >> 2, 3058 msg->rsp[3] & 0x0f, 3059 msg->rsp[8], 3060 (msg->rsp[4] >> 2) & (~1), 3061 (struct ipmi_addr *) &(ipmb_addr), 3062 &recv_msg)) { 3063 /* 3064 * We were unable to find the sequence number, 3065 * so just nuke the message. 3066 */ 3067 ipmi_inc_stat(intf, unhandled_ipmb_responses); 3068 return 0; 3069 } 3070 3071 memcpy(recv_msg->msg_data, 3072 &(msg->rsp[9]), 3073 msg->rsp_size - 9); 3074 /* 3075 * The other fields matched, so no need to set them, except 3076 * for netfn, which needs to be the response that was 3077 * returned, not the request value. 3078 */ 3079 recv_msg->msg.netfn = msg->rsp[4] >> 2; 3080 recv_msg->msg.data = recv_msg->msg_data; 3081 recv_msg->msg.data_len = msg->rsp_size - 10; 3082 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3083 ipmi_inc_stat(intf, handled_ipmb_responses); 3084 deliver_response(recv_msg); 3085 3086 return 0; 3087 } 3088 3089 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf, 3090 struct ipmi_smi_msg *msg) 3091 { 3092 struct cmd_rcvr *rcvr; 3093 int rv = 0; 3094 unsigned char netfn; 3095 unsigned char cmd; 3096 unsigned char chan; 3097 ipmi_user_t user = NULL; 3098 struct ipmi_ipmb_addr *ipmb_addr; 3099 struct ipmi_recv_msg *recv_msg; 3100 3101 if (msg->rsp_size < 10) { 3102 /* Message not big enough, just ignore it. */ 3103 ipmi_inc_stat(intf, invalid_commands); 3104 return 0; 3105 } 3106 3107 if (msg->rsp[2] != 0) { 3108 /* An error getting the response, just ignore it. */ 3109 return 0; 3110 } 3111 3112 netfn = msg->rsp[4] >> 2; 3113 cmd = msg->rsp[8]; 3114 chan = msg->rsp[3] & 0xf; 3115 3116 rcu_read_lock(); 3117 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3118 if (rcvr) { 3119 user = rcvr->user; 3120 kref_get(&user->refcount); 3121 } else 3122 user = NULL; 3123 rcu_read_unlock(); 3124 3125 if (user == NULL) { 3126 /* We didn't find a user, deliver an error response. */ 3127 ipmi_inc_stat(intf, unhandled_commands); 3128 3129 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 3130 msg->data[1] = IPMI_SEND_MSG_CMD; 3131 msg->data[2] = msg->rsp[3]; 3132 msg->data[3] = msg->rsp[6]; 3133 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3); 3134 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2); 3135 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address; 3136 /* rqseq/lun */ 3137 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3); 3138 msg->data[8] = msg->rsp[8]; /* cmd */ 3139 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE; 3140 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4); 3141 msg->data_size = 11; 3142 3143 #ifdef DEBUG_MSGING 3144 { 3145 int m; 3146 printk("Invalid command:"); 3147 for (m = 0; m < msg->data_size; m++) 3148 printk(" %2.2x", msg->data[m]); 3149 printk("\n"); 3150 } 3151 #endif 3152 rcu_read_lock(); 3153 if (!intf->in_shutdown) { 3154 smi_send(intf, intf->handlers, msg, 0); 3155 /* 3156 * We used the message, so return the value 3157 * that causes it to not be freed or 3158 * queued. 3159 */ 3160 rv = -1; 3161 } 3162 rcu_read_unlock(); 3163 } else { 3164 /* Deliver the message to the user. */ 3165 ipmi_inc_stat(intf, handled_commands); 3166 3167 recv_msg = ipmi_alloc_recv_msg(); 3168 if (!recv_msg) { 3169 /* 3170 * We couldn't allocate memory for the 3171 * message, so requeue it for handling 3172 * later. 3173 */ 3174 rv = 1; 3175 kref_put(&user->refcount, free_user); 3176 } else { 3177 /* Extract the source address from the data. */ 3178 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr; 3179 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE; 3180 ipmb_addr->slave_addr = msg->rsp[6]; 3181 ipmb_addr->lun = msg->rsp[7] & 3; 3182 ipmb_addr->channel = msg->rsp[3] & 0xf; 3183 3184 /* 3185 * Extract the rest of the message information 3186 * from the IPMB header. 3187 */ 3188 recv_msg->user = user; 3189 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3190 recv_msg->msgid = msg->rsp[7] >> 2; 3191 recv_msg->msg.netfn = msg->rsp[4] >> 2; 3192 recv_msg->msg.cmd = msg->rsp[8]; 3193 recv_msg->msg.data = recv_msg->msg_data; 3194 3195 /* 3196 * We chop off 10, not 9 bytes because the checksum 3197 * at the end also needs to be removed. 3198 */ 3199 recv_msg->msg.data_len = msg->rsp_size - 10; 3200 memcpy(recv_msg->msg_data, 3201 &(msg->rsp[9]), 3202 msg->rsp_size - 10); 3203 deliver_response(recv_msg); 3204 } 3205 } 3206 3207 return rv; 3208 } 3209 3210 static int handle_lan_get_msg_rsp(ipmi_smi_t intf, 3211 struct ipmi_smi_msg *msg) 3212 { 3213 struct ipmi_lan_addr lan_addr; 3214 struct ipmi_recv_msg *recv_msg; 3215 3216 3217 /* 3218 * This is 13, not 12, because the response must contain a 3219 * completion code. 3220 */ 3221 if (msg->rsp_size < 13) { 3222 /* Message not big enough, just ignore it. */ 3223 ipmi_inc_stat(intf, invalid_lan_responses); 3224 return 0; 3225 } 3226 3227 if (msg->rsp[2] != 0) { 3228 /* An error getting the response, just ignore it. */ 3229 return 0; 3230 } 3231 3232 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE; 3233 lan_addr.session_handle = msg->rsp[4]; 3234 lan_addr.remote_SWID = msg->rsp[8]; 3235 lan_addr.local_SWID = msg->rsp[5]; 3236 lan_addr.channel = msg->rsp[3] & 0x0f; 3237 lan_addr.privilege = msg->rsp[3] >> 4; 3238 lan_addr.lun = msg->rsp[9] & 3; 3239 3240 /* 3241 * It's a response from a remote entity. Look up the sequence 3242 * number and handle the response. 3243 */ 3244 if (intf_find_seq(intf, 3245 msg->rsp[9] >> 2, 3246 msg->rsp[3] & 0x0f, 3247 msg->rsp[10], 3248 (msg->rsp[6] >> 2) & (~1), 3249 (struct ipmi_addr *) &(lan_addr), 3250 &recv_msg)) { 3251 /* 3252 * We were unable to find the sequence number, 3253 * so just nuke the message. 3254 */ 3255 ipmi_inc_stat(intf, unhandled_lan_responses); 3256 return 0; 3257 } 3258 3259 memcpy(recv_msg->msg_data, 3260 &(msg->rsp[11]), 3261 msg->rsp_size - 11); 3262 /* 3263 * The other fields matched, so no need to set them, except 3264 * for netfn, which needs to be the response that was 3265 * returned, not the request value. 3266 */ 3267 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3268 recv_msg->msg.data = recv_msg->msg_data; 3269 recv_msg->msg.data_len = msg->rsp_size - 12; 3270 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3271 ipmi_inc_stat(intf, handled_lan_responses); 3272 deliver_response(recv_msg); 3273 3274 return 0; 3275 } 3276 3277 static int handle_lan_get_msg_cmd(ipmi_smi_t intf, 3278 struct ipmi_smi_msg *msg) 3279 { 3280 struct cmd_rcvr *rcvr; 3281 int rv = 0; 3282 unsigned char netfn; 3283 unsigned char cmd; 3284 unsigned char chan; 3285 ipmi_user_t user = NULL; 3286 struct ipmi_lan_addr *lan_addr; 3287 struct ipmi_recv_msg *recv_msg; 3288 3289 if (msg->rsp_size < 12) { 3290 /* Message not big enough, just ignore it. */ 3291 ipmi_inc_stat(intf, invalid_commands); 3292 return 0; 3293 } 3294 3295 if (msg->rsp[2] != 0) { 3296 /* An error getting the response, just ignore it. */ 3297 return 0; 3298 } 3299 3300 netfn = msg->rsp[6] >> 2; 3301 cmd = msg->rsp[10]; 3302 chan = msg->rsp[3] & 0xf; 3303 3304 rcu_read_lock(); 3305 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3306 if (rcvr) { 3307 user = rcvr->user; 3308 kref_get(&user->refcount); 3309 } else 3310 user = NULL; 3311 rcu_read_unlock(); 3312 3313 if (user == NULL) { 3314 /* We didn't find a user, just give up. */ 3315 ipmi_inc_stat(intf, unhandled_commands); 3316 3317 /* 3318 * Don't do anything with these messages, just allow 3319 * them to be freed. 3320 */ 3321 rv = 0; 3322 } else { 3323 /* Deliver the message to the user. */ 3324 ipmi_inc_stat(intf, handled_commands); 3325 3326 recv_msg = ipmi_alloc_recv_msg(); 3327 if (!recv_msg) { 3328 /* 3329 * We couldn't allocate memory for the 3330 * message, so requeue it for handling later. 3331 */ 3332 rv = 1; 3333 kref_put(&user->refcount, free_user); 3334 } else { 3335 /* Extract the source address from the data. */ 3336 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr; 3337 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE; 3338 lan_addr->session_handle = msg->rsp[4]; 3339 lan_addr->remote_SWID = msg->rsp[8]; 3340 lan_addr->local_SWID = msg->rsp[5]; 3341 lan_addr->lun = msg->rsp[9] & 3; 3342 lan_addr->channel = msg->rsp[3] & 0xf; 3343 lan_addr->privilege = msg->rsp[3] >> 4; 3344 3345 /* 3346 * Extract the rest of the message information 3347 * from the IPMB header. 3348 */ 3349 recv_msg->user = user; 3350 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3351 recv_msg->msgid = msg->rsp[9] >> 2; 3352 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3353 recv_msg->msg.cmd = msg->rsp[10]; 3354 recv_msg->msg.data = recv_msg->msg_data; 3355 3356 /* 3357 * We chop off 12, not 11 bytes because the checksum 3358 * at the end also needs to be removed. 3359 */ 3360 recv_msg->msg.data_len = msg->rsp_size - 12; 3361 memcpy(recv_msg->msg_data, 3362 &(msg->rsp[11]), 3363 msg->rsp_size - 12); 3364 deliver_response(recv_msg); 3365 } 3366 } 3367 3368 return rv; 3369 } 3370 3371 /* 3372 * This routine will handle "Get Message" command responses with 3373 * channels that use an OEM Medium. The message format belongs to 3374 * the OEM. See IPMI 2.0 specification, Chapter 6 and 3375 * Chapter 22, sections 22.6 and 22.24 for more details. 3376 */ 3377 static int handle_oem_get_msg_cmd(ipmi_smi_t intf, 3378 struct ipmi_smi_msg *msg) 3379 { 3380 struct cmd_rcvr *rcvr; 3381 int rv = 0; 3382 unsigned char netfn; 3383 unsigned char cmd; 3384 unsigned char chan; 3385 ipmi_user_t user = NULL; 3386 struct ipmi_system_interface_addr *smi_addr; 3387 struct ipmi_recv_msg *recv_msg; 3388 3389 /* 3390 * We expect the OEM SW to perform error checking 3391 * so we just do some basic sanity checks 3392 */ 3393 if (msg->rsp_size < 4) { 3394 /* Message not big enough, just ignore it. */ 3395 ipmi_inc_stat(intf, invalid_commands); 3396 return 0; 3397 } 3398 3399 if (msg->rsp[2] != 0) { 3400 /* An error getting the response, just ignore it. */ 3401 return 0; 3402 } 3403 3404 /* 3405 * This is an OEM Message so the OEM needs to know how 3406 * handle the message. We do no interpretation. 3407 */ 3408 netfn = msg->rsp[0] >> 2; 3409 cmd = msg->rsp[1]; 3410 chan = msg->rsp[3] & 0xf; 3411 3412 rcu_read_lock(); 3413 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3414 if (rcvr) { 3415 user = rcvr->user; 3416 kref_get(&user->refcount); 3417 } else 3418 user = NULL; 3419 rcu_read_unlock(); 3420 3421 if (user == NULL) { 3422 /* We didn't find a user, just give up. */ 3423 ipmi_inc_stat(intf, unhandled_commands); 3424 3425 /* 3426 * Don't do anything with these messages, just allow 3427 * them to be freed. 3428 */ 3429 3430 rv = 0; 3431 } else { 3432 /* Deliver the message to the user. */ 3433 ipmi_inc_stat(intf, handled_commands); 3434 3435 recv_msg = ipmi_alloc_recv_msg(); 3436 if (!recv_msg) { 3437 /* 3438 * We couldn't allocate memory for the 3439 * message, so requeue it for handling 3440 * later. 3441 */ 3442 rv = 1; 3443 kref_put(&user->refcount, free_user); 3444 } else { 3445 /* 3446 * OEM Messages are expected to be delivered via 3447 * the system interface to SMS software. We might 3448 * need to visit this again depending on OEM 3449 * requirements 3450 */ 3451 smi_addr = ((struct ipmi_system_interface_addr *) 3452 &(recv_msg->addr)); 3453 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3454 smi_addr->channel = IPMI_BMC_CHANNEL; 3455 smi_addr->lun = msg->rsp[0] & 3; 3456 3457 recv_msg->user = user; 3458 recv_msg->user_msg_data = NULL; 3459 recv_msg->recv_type = IPMI_OEM_RECV_TYPE; 3460 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3461 recv_msg->msg.cmd = msg->rsp[1]; 3462 recv_msg->msg.data = recv_msg->msg_data; 3463 3464 /* 3465 * The message starts at byte 4 which follows the 3466 * the Channel Byte in the "GET MESSAGE" command 3467 */ 3468 recv_msg->msg.data_len = msg->rsp_size - 4; 3469 memcpy(recv_msg->msg_data, 3470 &(msg->rsp[4]), 3471 msg->rsp_size - 4); 3472 deliver_response(recv_msg); 3473 } 3474 } 3475 3476 return rv; 3477 } 3478 3479 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg, 3480 struct ipmi_smi_msg *msg) 3481 { 3482 struct ipmi_system_interface_addr *smi_addr; 3483 3484 recv_msg->msgid = 0; 3485 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr); 3486 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3487 smi_addr->channel = IPMI_BMC_CHANNEL; 3488 smi_addr->lun = msg->rsp[0] & 3; 3489 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE; 3490 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3491 recv_msg->msg.cmd = msg->rsp[1]; 3492 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3); 3493 recv_msg->msg.data = recv_msg->msg_data; 3494 recv_msg->msg.data_len = msg->rsp_size - 3; 3495 } 3496 3497 static int handle_read_event_rsp(ipmi_smi_t intf, 3498 struct ipmi_smi_msg *msg) 3499 { 3500 struct ipmi_recv_msg *recv_msg, *recv_msg2; 3501 struct list_head msgs; 3502 ipmi_user_t user; 3503 int rv = 0; 3504 int deliver_count = 0; 3505 unsigned long flags; 3506 3507 if (msg->rsp_size < 19) { 3508 /* Message is too small to be an IPMB event. */ 3509 ipmi_inc_stat(intf, invalid_events); 3510 return 0; 3511 } 3512 3513 if (msg->rsp[2] != 0) { 3514 /* An error getting the event, just ignore it. */ 3515 return 0; 3516 } 3517 3518 INIT_LIST_HEAD(&msgs); 3519 3520 spin_lock_irqsave(&intf->events_lock, flags); 3521 3522 ipmi_inc_stat(intf, events); 3523 3524 /* 3525 * Allocate and fill in one message for every user that is 3526 * getting events. 3527 */ 3528 rcu_read_lock(); 3529 list_for_each_entry_rcu(user, &intf->users, link) { 3530 if (!user->gets_events) 3531 continue; 3532 3533 recv_msg = ipmi_alloc_recv_msg(); 3534 if (!recv_msg) { 3535 rcu_read_unlock(); 3536 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, 3537 link) { 3538 list_del(&recv_msg->link); 3539 ipmi_free_recv_msg(recv_msg); 3540 } 3541 /* 3542 * We couldn't allocate memory for the 3543 * message, so requeue it for handling 3544 * later. 3545 */ 3546 rv = 1; 3547 goto out; 3548 } 3549 3550 deliver_count++; 3551 3552 copy_event_into_recv_msg(recv_msg, msg); 3553 recv_msg->user = user; 3554 kref_get(&user->refcount); 3555 list_add_tail(&(recv_msg->link), &msgs); 3556 } 3557 rcu_read_unlock(); 3558 3559 if (deliver_count) { 3560 /* Now deliver all the messages. */ 3561 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) { 3562 list_del(&recv_msg->link); 3563 deliver_response(recv_msg); 3564 } 3565 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) { 3566 /* 3567 * No one to receive the message, put it in queue if there's 3568 * not already too many things in the queue. 3569 */ 3570 recv_msg = ipmi_alloc_recv_msg(); 3571 if (!recv_msg) { 3572 /* 3573 * We couldn't allocate memory for the 3574 * message, so requeue it for handling 3575 * later. 3576 */ 3577 rv = 1; 3578 goto out; 3579 } 3580 3581 copy_event_into_recv_msg(recv_msg, msg); 3582 list_add_tail(&(recv_msg->link), &(intf->waiting_events)); 3583 intf->waiting_events_count++; 3584 } else if (!intf->event_msg_printed) { 3585 /* 3586 * There's too many things in the queue, discard this 3587 * message. 3588 */ 3589 printk(KERN_WARNING PFX "Event queue full, discarding" 3590 " incoming events\n"); 3591 intf->event_msg_printed = 1; 3592 } 3593 3594 out: 3595 spin_unlock_irqrestore(&(intf->events_lock), flags); 3596 3597 return rv; 3598 } 3599 3600 static int handle_bmc_rsp(ipmi_smi_t intf, 3601 struct ipmi_smi_msg *msg) 3602 { 3603 struct ipmi_recv_msg *recv_msg; 3604 struct ipmi_user *user; 3605 3606 recv_msg = (struct ipmi_recv_msg *) msg->user_data; 3607 if (recv_msg == NULL) { 3608 printk(KERN_WARNING 3609 "IPMI message received with no owner. This\n" 3610 "could be because of a malformed message, or\n" 3611 "because of a hardware error. Contact your\n" 3612 "hardware vender for assistance\n"); 3613 return 0; 3614 } 3615 3616 user = recv_msg->user; 3617 /* Make sure the user still exists. */ 3618 if (user && !user->valid) { 3619 /* The user for the message went away, so give up. */ 3620 ipmi_inc_stat(intf, unhandled_local_responses); 3621 ipmi_free_recv_msg(recv_msg); 3622 } else { 3623 struct ipmi_system_interface_addr *smi_addr; 3624 3625 ipmi_inc_stat(intf, handled_local_responses); 3626 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3627 recv_msg->msgid = msg->msgid; 3628 smi_addr = ((struct ipmi_system_interface_addr *) 3629 &(recv_msg->addr)); 3630 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3631 smi_addr->channel = IPMI_BMC_CHANNEL; 3632 smi_addr->lun = msg->rsp[0] & 3; 3633 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3634 recv_msg->msg.cmd = msg->rsp[1]; 3635 memcpy(recv_msg->msg_data, 3636 &(msg->rsp[2]), 3637 msg->rsp_size - 2); 3638 recv_msg->msg.data = recv_msg->msg_data; 3639 recv_msg->msg.data_len = msg->rsp_size - 2; 3640 deliver_response(recv_msg); 3641 } 3642 3643 return 0; 3644 } 3645 3646 /* 3647 * Handle a received message. Return 1 if the message should be requeued, 3648 * 0 if the message should be freed, or -1 if the message should not 3649 * be freed or requeued. 3650 */ 3651 static int handle_one_recv_msg(ipmi_smi_t intf, 3652 struct ipmi_smi_msg *msg) 3653 { 3654 int requeue; 3655 int chan; 3656 3657 #ifdef DEBUG_MSGING 3658 int m; 3659 printk("Recv:"); 3660 for (m = 0; m < msg->rsp_size; m++) 3661 printk(" %2.2x", msg->rsp[m]); 3662 printk("\n"); 3663 #endif 3664 if (msg->rsp_size < 2) { 3665 /* Message is too small to be correct. */ 3666 printk(KERN_WARNING PFX "BMC returned to small a message" 3667 " for netfn %x cmd %x, got %d bytes\n", 3668 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size); 3669 3670 /* Generate an error response for the message. */ 3671 msg->rsp[0] = msg->data[0] | (1 << 2); 3672 msg->rsp[1] = msg->data[1]; 3673 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3674 msg->rsp_size = 3; 3675 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1)) 3676 || (msg->rsp[1] != msg->data[1])) { 3677 /* 3678 * The NetFN and Command in the response is not even 3679 * marginally correct. 3680 */ 3681 printk(KERN_WARNING PFX "BMC returned incorrect response," 3682 " expected netfn %x cmd %x, got netfn %x cmd %x\n", 3683 (msg->data[0] >> 2) | 1, msg->data[1], 3684 msg->rsp[0] >> 2, msg->rsp[1]); 3685 3686 /* Generate an error response for the message. */ 3687 msg->rsp[0] = msg->data[0] | (1 << 2); 3688 msg->rsp[1] = msg->data[1]; 3689 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3690 msg->rsp_size = 3; 3691 } 3692 3693 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3694 && (msg->rsp[1] == IPMI_SEND_MSG_CMD) 3695 && (msg->user_data != NULL)) { 3696 /* 3697 * It's a response to a response we sent. For this we 3698 * deliver a send message response to the user. 3699 */ 3700 struct ipmi_recv_msg *recv_msg = msg->user_data; 3701 3702 requeue = 0; 3703 if (msg->rsp_size < 2) 3704 /* Message is too small to be correct. */ 3705 goto out; 3706 3707 chan = msg->data[2] & 0x0f; 3708 if (chan >= IPMI_MAX_CHANNELS) 3709 /* Invalid channel number */ 3710 goto out; 3711 3712 if (!recv_msg) 3713 goto out; 3714 3715 /* Make sure the user still exists. */ 3716 if (!recv_msg->user || !recv_msg->user->valid) 3717 goto out; 3718 3719 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE; 3720 recv_msg->msg.data = recv_msg->msg_data; 3721 recv_msg->msg.data_len = 1; 3722 recv_msg->msg_data[0] = msg->rsp[2]; 3723 deliver_response(recv_msg); 3724 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3725 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) { 3726 /* It's from the receive queue. */ 3727 chan = msg->rsp[3] & 0xf; 3728 if (chan >= IPMI_MAX_CHANNELS) { 3729 /* Invalid channel number */ 3730 requeue = 0; 3731 goto out; 3732 } 3733 3734 /* 3735 * We need to make sure the channels have been initialized. 3736 * The channel_handler routine will set the "curr_channel" 3737 * equal to or greater than IPMI_MAX_CHANNELS when all the 3738 * channels for this interface have been initialized. 3739 */ 3740 if (intf->curr_channel < IPMI_MAX_CHANNELS) { 3741 requeue = 0; /* Throw the message away */ 3742 goto out; 3743 } 3744 3745 switch (intf->channels[chan].medium) { 3746 case IPMI_CHANNEL_MEDIUM_IPMB: 3747 if (msg->rsp[4] & 0x04) { 3748 /* 3749 * It's a response, so find the 3750 * requesting message and send it up. 3751 */ 3752 requeue = handle_ipmb_get_msg_rsp(intf, msg); 3753 } else { 3754 /* 3755 * It's a command to the SMS from some other 3756 * entity. Handle that. 3757 */ 3758 requeue = handle_ipmb_get_msg_cmd(intf, msg); 3759 } 3760 break; 3761 3762 case IPMI_CHANNEL_MEDIUM_8023LAN: 3763 case IPMI_CHANNEL_MEDIUM_ASYNC: 3764 if (msg->rsp[6] & 0x04) { 3765 /* 3766 * It's a response, so find the 3767 * requesting message and send it up. 3768 */ 3769 requeue = handle_lan_get_msg_rsp(intf, msg); 3770 } else { 3771 /* 3772 * It's a command to the SMS from some other 3773 * entity. Handle that. 3774 */ 3775 requeue = handle_lan_get_msg_cmd(intf, msg); 3776 } 3777 break; 3778 3779 default: 3780 /* Check for OEM Channels. Clients had better 3781 register for these commands. */ 3782 if ((intf->channels[chan].medium 3783 >= IPMI_CHANNEL_MEDIUM_OEM_MIN) 3784 && (intf->channels[chan].medium 3785 <= IPMI_CHANNEL_MEDIUM_OEM_MAX)) { 3786 requeue = handle_oem_get_msg_cmd(intf, msg); 3787 } else { 3788 /* 3789 * We don't handle the channel type, so just 3790 * free the message. 3791 */ 3792 requeue = 0; 3793 } 3794 } 3795 3796 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3797 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) { 3798 /* It's an asynchronous event. */ 3799 requeue = handle_read_event_rsp(intf, msg); 3800 } else { 3801 /* It's a response from the local BMC. */ 3802 requeue = handle_bmc_rsp(intf, msg); 3803 } 3804 3805 out: 3806 return requeue; 3807 } 3808 3809 /* 3810 * If there are messages in the queue or pretimeouts, handle them. 3811 */ 3812 static void handle_new_recv_msgs(ipmi_smi_t intf) 3813 { 3814 struct ipmi_smi_msg *smi_msg; 3815 unsigned long flags = 0; 3816 int rv; 3817 int run_to_completion = intf->run_to_completion; 3818 3819 /* See if any waiting messages need to be processed. */ 3820 if (!run_to_completion) 3821 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags); 3822 while (!list_empty(&intf->waiting_rcv_msgs)) { 3823 smi_msg = list_entry(intf->waiting_rcv_msgs.next, 3824 struct ipmi_smi_msg, link); 3825 if (!run_to_completion) 3826 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock, 3827 flags); 3828 rv = handle_one_recv_msg(intf, smi_msg); 3829 if (!run_to_completion) 3830 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags); 3831 if (rv > 0) { 3832 /* 3833 * To preserve message order, quit if we 3834 * can't handle a message. 3835 */ 3836 break; 3837 } else { 3838 list_del(&smi_msg->link); 3839 if (rv == 0) 3840 /* Message handled */ 3841 ipmi_free_smi_msg(smi_msg); 3842 /* If rv < 0, fatal error, del but don't free. */ 3843 } 3844 } 3845 if (!run_to_completion) 3846 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock, flags); 3847 3848 /* 3849 * If the pretimout count is non-zero, decrement one from it and 3850 * deliver pretimeouts to all the users. 3851 */ 3852 if (atomic_add_unless(&intf->watchdog_pretimeouts_to_deliver, -1, 0)) { 3853 ipmi_user_t user; 3854 3855 rcu_read_lock(); 3856 list_for_each_entry_rcu(user, &intf->users, link) { 3857 if (user->handler->ipmi_watchdog_pretimeout) 3858 user->handler->ipmi_watchdog_pretimeout( 3859 user->handler_data); 3860 } 3861 rcu_read_unlock(); 3862 } 3863 } 3864 3865 static void smi_recv_tasklet(unsigned long val) 3866 { 3867 unsigned long flags = 0; /* keep us warning-free. */ 3868 ipmi_smi_t intf = (ipmi_smi_t) val; 3869 int run_to_completion = intf->run_to_completion; 3870 struct ipmi_smi_msg *newmsg = NULL; 3871 3872 /* 3873 * Start the next message if available. 3874 * 3875 * Do this here, not in the actual receiver, because we may deadlock 3876 * because the lower layer is allowed to hold locks while calling 3877 * message delivery. 3878 */ 3879 if (!run_to_completion) 3880 spin_lock_irqsave(&intf->xmit_msgs_lock, flags); 3881 if (intf->curr_msg == NULL && !intf->in_shutdown) { 3882 struct list_head *entry = NULL; 3883 3884 /* Pick the high priority queue first. */ 3885 if (!list_empty(&intf->hp_xmit_msgs)) 3886 entry = intf->hp_xmit_msgs.next; 3887 else if (!list_empty(&intf->xmit_msgs)) 3888 entry = intf->xmit_msgs.next; 3889 3890 if (entry) { 3891 list_del(entry); 3892 newmsg = list_entry(entry, struct ipmi_smi_msg, link); 3893 intf->curr_msg = newmsg; 3894 } 3895 } 3896 if (!run_to_completion) 3897 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags); 3898 if (newmsg) 3899 intf->handlers->sender(intf->send_info, newmsg); 3900 3901 handle_new_recv_msgs(intf); 3902 } 3903 3904 /* Handle a new message from the lower layer. */ 3905 void ipmi_smi_msg_received(ipmi_smi_t intf, 3906 struct ipmi_smi_msg *msg) 3907 { 3908 unsigned long flags = 0; /* keep us warning-free. */ 3909 int run_to_completion = intf->run_to_completion; 3910 3911 if ((msg->data_size >= 2) 3912 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2)) 3913 && (msg->data[1] == IPMI_SEND_MSG_CMD) 3914 && (msg->user_data == NULL)) { 3915 3916 if (intf->in_shutdown) 3917 goto free_msg; 3918 3919 /* 3920 * This is the local response to a command send, start 3921 * the timer for these. The user_data will not be 3922 * NULL if this is a response send, and we will let 3923 * response sends just go through. 3924 */ 3925 3926 /* 3927 * Check for errors, if we get certain errors (ones 3928 * that mean basically we can try again later), we 3929 * ignore them and start the timer. Otherwise we 3930 * report the error immediately. 3931 */ 3932 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0) 3933 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR) 3934 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR) 3935 && (msg->rsp[2] != IPMI_BUS_ERR) 3936 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) { 3937 int chan = msg->rsp[3] & 0xf; 3938 3939 /* Got an error sending the message, handle it. */ 3940 if (chan >= IPMI_MAX_CHANNELS) 3941 ; /* This shouldn't happen */ 3942 else if ((intf->channels[chan].medium 3943 == IPMI_CHANNEL_MEDIUM_8023LAN) 3944 || (intf->channels[chan].medium 3945 == IPMI_CHANNEL_MEDIUM_ASYNC)) 3946 ipmi_inc_stat(intf, sent_lan_command_errs); 3947 else 3948 ipmi_inc_stat(intf, sent_ipmb_command_errs); 3949 intf_err_seq(intf, msg->msgid, msg->rsp[2]); 3950 } else 3951 /* The message was sent, start the timer. */ 3952 intf_start_seq_timer(intf, msg->msgid); 3953 3954 free_msg: 3955 ipmi_free_smi_msg(msg); 3956 } else { 3957 /* 3958 * To preserve message order, we keep a queue and deliver from 3959 * a tasklet. 3960 */ 3961 if (!run_to_completion) 3962 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags); 3963 list_add_tail(&msg->link, &intf->waiting_rcv_msgs); 3964 if (!run_to_completion) 3965 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock, 3966 flags); 3967 } 3968 3969 if (!run_to_completion) 3970 spin_lock_irqsave(&intf->xmit_msgs_lock, flags); 3971 if (msg == intf->curr_msg) 3972 intf->curr_msg = NULL; 3973 if (!run_to_completion) 3974 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags); 3975 3976 if (run_to_completion) 3977 smi_recv_tasklet((unsigned long) intf); 3978 else 3979 tasklet_schedule(&intf->recv_tasklet); 3980 } 3981 EXPORT_SYMBOL(ipmi_smi_msg_received); 3982 3983 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf) 3984 { 3985 if (intf->in_shutdown) 3986 return; 3987 3988 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 1); 3989 tasklet_schedule(&intf->recv_tasklet); 3990 } 3991 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout); 3992 3993 static struct ipmi_smi_msg * 3994 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg, 3995 unsigned char seq, long seqid) 3996 { 3997 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg(); 3998 if (!smi_msg) 3999 /* 4000 * If we can't allocate the message, then just return, we 4001 * get 4 retries, so this should be ok. 4002 */ 4003 return NULL; 4004 4005 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len); 4006 smi_msg->data_size = recv_msg->msg.data_len; 4007 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid); 4008 4009 #ifdef DEBUG_MSGING 4010 { 4011 int m; 4012 printk("Resend: "); 4013 for (m = 0; m < smi_msg->data_size; m++) 4014 printk(" %2.2x", smi_msg->data[m]); 4015 printk("\n"); 4016 } 4017 #endif 4018 return smi_msg; 4019 } 4020 4021 static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, 4022 struct list_head *timeouts, long timeout_period, 4023 int slot, unsigned long *flags, 4024 unsigned int *waiting_msgs) 4025 { 4026 struct ipmi_recv_msg *msg; 4027 struct ipmi_smi_handlers *handlers; 4028 4029 if (intf->in_shutdown) 4030 return; 4031 4032 if (!ent->inuse) 4033 return; 4034 4035 ent->timeout -= timeout_period; 4036 if (ent->timeout > 0) { 4037 (*waiting_msgs)++; 4038 return; 4039 } 4040 4041 if (ent->retries_left == 0) { 4042 /* The message has used all its retries. */ 4043 ent->inuse = 0; 4044 msg = ent->recv_msg; 4045 list_add_tail(&msg->link, timeouts); 4046 if (ent->broadcast) 4047 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts); 4048 else if (is_lan_addr(&ent->recv_msg->addr)) 4049 ipmi_inc_stat(intf, timed_out_lan_commands); 4050 else 4051 ipmi_inc_stat(intf, timed_out_ipmb_commands); 4052 } else { 4053 struct ipmi_smi_msg *smi_msg; 4054 /* More retries, send again. */ 4055 4056 (*waiting_msgs)++; 4057 4058 /* 4059 * Start with the max timer, set to normal timer after 4060 * the message is sent. 4061 */ 4062 ent->timeout = MAX_MSG_TIMEOUT; 4063 ent->retries_left--; 4064 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot, 4065 ent->seqid); 4066 if (!smi_msg) { 4067 if (is_lan_addr(&ent->recv_msg->addr)) 4068 ipmi_inc_stat(intf, 4069 dropped_rexmit_lan_commands); 4070 else 4071 ipmi_inc_stat(intf, 4072 dropped_rexmit_ipmb_commands); 4073 return; 4074 } 4075 4076 spin_unlock_irqrestore(&intf->seq_lock, *flags); 4077 4078 /* 4079 * Send the new message. We send with a zero 4080 * priority. It timed out, I doubt time is that 4081 * critical now, and high priority messages are really 4082 * only for messages to the local MC, which don't get 4083 * resent. 4084 */ 4085 handlers = intf->handlers; 4086 if (handlers) { 4087 if (is_lan_addr(&ent->recv_msg->addr)) 4088 ipmi_inc_stat(intf, 4089 retransmitted_lan_commands); 4090 else 4091 ipmi_inc_stat(intf, 4092 retransmitted_ipmb_commands); 4093 4094 smi_send(intf, intf->handlers, smi_msg, 0); 4095 } else 4096 ipmi_free_smi_msg(smi_msg); 4097 4098 spin_lock_irqsave(&intf->seq_lock, *flags); 4099 } 4100 } 4101 4102 static unsigned int ipmi_timeout_handler(ipmi_smi_t intf, long timeout_period) 4103 { 4104 struct list_head timeouts; 4105 struct ipmi_recv_msg *msg, *msg2; 4106 unsigned long flags; 4107 int i; 4108 unsigned int waiting_msgs = 0; 4109 4110 /* 4111 * Go through the seq table and find any messages that 4112 * have timed out, putting them in the timeouts 4113 * list. 4114 */ 4115 INIT_LIST_HEAD(&timeouts); 4116 spin_lock_irqsave(&intf->seq_lock, flags); 4117 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) 4118 check_msg_timeout(intf, &(intf->seq_table[i]), 4119 &timeouts, timeout_period, i, 4120 &flags, &waiting_msgs); 4121 spin_unlock_irqrestore(&intf->seq_lock, flags); 4122 4123 list_for_each_entry_safe(msg, msg2, &timeouts, link) 4124 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE); 4125 4126 /* 4127 * Maintenance mode handling. Check the timeout 4128 * optimistically before we claim the lock. It may 4129 * mean a timeout gets missed occasionally, but that 4130 * only means the timeout gets extended by one period 4131 * in that case. No big deal, and it avoids the lock 4132 * most of the time. 4133 */ 4134 if (intf->auto_maintenance_timeout > 0) { 4135 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 4136 if (intf->auto_maintenance_timeout > 0) { 4137 intf->auto_maintenance_timeout 4138 -= timeout_period; 4139 if (!intf->maintenance_mode 4140 && (intf->auto_maintenance_timeout <= 0)) { 4141 intf->maintenance_mode_enable = false; 4142 maintenance_mode_update(intf); 4143 } 4144 } 4145 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 4146 flags); 4147 } 4148 4149 tasklet_schedule(&intf->recv_tasklet); 4150 4151 return waiting_msgs; 4152 } 4153 4154 static void ipmi_request_event(ipmi_smi_t intf) 4155 { 4156 /* No event requests when in maintenance mode. */ 4157 if (intf->maintenance_mode_enable) 4158 return; 4159 4160 if (!intf->in_shutdown) 4161 intf->handlers->request_events(intf->send_info); 4162 } 4163 4164 static struct timer_list ipmi_timer; 4165 4166 static atomic_t stop_operation; 4167 4168 static void ipmi_timeout(unsigned long data) 4169 { 4170 ipmi_smi_t intf; 4171 int nt = 0; 4172 4173 if (atomic_read(&stop_operation)) 4174 return; 4175 4176 rcu_read_lock(); 4177 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4178 int lnt = 0; 4179 4180 if (atomic_read(&intf->event_waiters)) { 4181 intf->ticks_to_req_ev--; 4182 if (intf->ticks_to_req_ev == 0) { 4183 ipmi_request_event(intf); 4184 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 4185 } 4186 lnt++; 4187 } 4188 4189 lnt += ipmi_timeout_handler(intf, IPMI_TIMEOUT_TIME); 4190 4191 lnt = !!lnt; 4192 if (lnt != intf->last_needs_timer && 4193 intf->handlers->set_need_watch) 4194 intf->handlers->set_need_watch(intf->send_info, lnt); 4195 intf->last_needs_timer = lnt; 4196 4197 nt += lnt; 4198 } 4199 rcu_read_unlock(); 4200 4201 if (nt) 4202 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4203 } 4204 4205 static void need_waiter(ipmi_smi_t intf) 4206 { 4207 /* Racy, but worst case we start the timer twice. */ 4208 if (!timer_pending(&ipmi_timer)) 4209 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4210 } 4211 4212 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0); 4213 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0); 4214 4215 /* FIXME - convert these to slabs. */ 4216 static void free_smi_msg(struct ipmi_smi_msg *msg) 4217 { 4218 atomic_dec(&smi_msg_inuse_count); 4219 kfree(msg); 4220 } 4221 4222 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void) 4223 { 4224 struct ipmi_smi_msg *rv; 4225 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC); 4226 if (rv) { 4227 rv->done = free_smi_msg; 4228 rv->user_data = NULL; 4229 atomic_inc(&smi_msg_inuse_count); 4230 } 4231 return rv; 4232 } 4233 EXPORT_SYMBOL(ipmi_alloc_smi_msg); 4234 4235 static void free_recv_msg(struct ipmi_recv_msg *msg) 4236 { 4237 atomic_dec(&recv_msg_inuse_count); 4238 kfree(msg); 4239 } 4240 4241 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void) 4242 { 4243 struct ipmi_recv_msg *rv; 4244 4245 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC); 4246 if (rv) { 4247 rv->user = NULL; 4248 rv->done = free_recv_msg; 4249 atomic_inc(&recv_msg_inuse_count); 4250 } 4251 return rv; 4252 } 4253 4254 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg) 4255 { 4256 if (msg->user) 4257 kref_put(&msg->user->refcount, free_user); 4258 msg->done(msg); 4259 } 4260 EXPORT_SYMBOL(ipmi_free_recv_msg); 4261 4262 #ifdef CONFIG_IPMI_PANIC_EVENT 4263 4264 static atomic_t panic_done_count = ATOMIC_INIT(0); 4265 4266 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg) 4267 { 4268 atomic_dec(&panic_done_count); 4269 } 4270 4271 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg) 4272 { 4273 atomic_dec(&panic_done_count); 4274 } 4275 4276 /* 4277 * Inside a panic, send a message and wait for a response. 4278 */ 4279 static void ipmi_panic_request_and_wait(ipmi_smi_t intf, 4280 struct ipmi_addr *addr, 4281 struct kernel_ipmi_msg *msg) 4282 { 4283 struct ipmi_smi_msg smi_msg; 4284 struct ipmi_recv_msg recv_msg; 4285 int rv; 4286 4287 smi_msg.done = dummy_smi_done_handler; 4288 recv_msg.done = dummy_recv_done_handler; 4289 atomic_add(2, &panic_done_count); 4290 rv = i_ipmi_request(NULL, 4291 intf, 4292 addr, 4293 0, 4294 msg, 4295 intf, 4296 &smi_msg, 4297 &recv_msg, 4298 0, 4299 intf->channels[0].address, 4300 intf->channels[0].lun, 4301 0, 1); /* Don't retry, and don't wait. */ 4302 if (rv) 4303 atomic_sub(2, &panic_done_count); 4304 while (atomic_read(&panic_done_count) != 0) 4305 ipmi_poll(intf); 4306 } 4307 4308 #ifdef CONFIG_IPMI_PANIC_STRING 4309 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 4310 { 4311 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 4312 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE) 4313 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD) 4314 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) { 4315 /* A get event receiver command, save it. */ 4316 intf->event_receiver = msg->msg.data[1]; 4317 intf->event_receiver_lun = msg->msg.data[2] & 0x3; 4318 } 4319 } 4320 4321 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 4322 { 4323 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 4324 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 4325 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD) 4326 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) { 4327 /* 4328 * A get device id command, save if we are an event 4329 * receiver or generator. 4330 */ 4331 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1; 4332 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1; 4333 } 4334 } 4335 #endif 4336 4337 static void send_panic_events(char *str) 4338 { 4339 struct kernel_ipmi_msg msg; 4340 ipmi_smi_t intf; 4341 unsigned char data[16]; 4342 struct ipmi_system_interface_addr *si; 4343 struct ipmi_addr addr; 4344 4345 si = (struct ipmi_system_interface_addr *) &addr; 4346 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4347 si->channel = IPMI_BMC_CHANNEL; 4348 si->lun = 0; 4349 4350 /* Fill in an event telling that we have failed. */ 4351 msg.netfn = 0x04; /* Sensor or Event. */ 4352 msg.cmd = 2; /* Platform event command. */ 4353 msg.data = data; 4354 msg.data_len = 8; 4355 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */ 4356 data[1] = 0x03; /* This is for IPMI 1.0. */ 4357 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */ 4358 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */ 4359 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */ 4360 4361 /* 4362 * Put a few breadcrumbs in. Hopefully later we can add more things 4363 * to make the panic events more useful. 4364 */ 4365 if (str) { 4366 data[3] = str[0]; 4367 data[6] = str[1]; 4368 data[7] = str[2]; 4369 } 4370 4371 /* For every registered interface, send the event. */ 4372 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4373 if (!intf->handlers) 4374 /* Interface is not ready. */ 4375 continue; 4376 4377 intf->run_to_completion = 1; 4378 /* Send the event announcing the panic. */ 4379 intf->handlers->set_run_to_completion(intf->send_info, 1); 4380 ipmi_panic_request_and_wait(intf, &addr, &msg); 4381 } 4382 4383 #ifdef CONFIG_IPMI_PANIC_STRING 4384 /* 4385 * On every interface, dump a bunch of OEM event holding the 4386 * string. 4387 */ 4388 if (!str) 4389 return; 4390 4391 /* For every registered interface, send the event. */ 4392 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4393 char *p = str; 4394 struct ipmi_ipmb_addr *ipmb; 4395 int j; 4396 4397 if (intf->intf_num == -1) 4398 /* Interface was not ready yet. */ 4399 continue; 4400 4401 /* 4402 * intf_num is used as an marker to tell if the 4403 * interface is valid. Thus we need a read barrier to 4404 * make sure data fetched before checking intf_num 4405 * won't be used. 4406 */ 4407 smp_rmb(); 4408 4409 /* 4410 * First job here is to figure out where to send the 4411 * OEM events. There's no way in IPMI to send OEM 4412 * events using an event send command, so we have to 4413 * find the SEL to put them in and stick them in 4414 * there. 4415 */ 4416 4417 /* Get capabilities from the get device id. */ 4418 intf->local_sel_device = 0; 4419 intf->local_event_generator = 0; 4420 intf->event_receiver = 0; 4421 4422 /* Request the device info from the local MC. */ 4423 msg.netfn = IPMI_NETFN_APP_REQUEST; 4424 msg.cmd = IPMI_GET_DEVICE_ID_CMD; 4425 msg.data = NULL; 4426 msg.data_len = 0; 4427 intf->null_user_handler = device_id_fetcher; 4428 ipmi_panic_request_and_wait(intf, &addr, &msg); 4429 4430 if (intf->local_event_generator) { 4431 /* Request the event receiver from the local MC. */ 4432 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST; 4433 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD; 4434 msg.data = NULL; 4435 msg.data_len = 0; 4436 intf->null_user_handler = event_receiver_fetcher; 4437 ipmi_panic_request_and_wait(intf, &addr, &msg); 4438 } 4439 intf->null_user_handler = NULL; 4440 4441 /* 4442 * Validate the event receiver. The low bit must not 4443 * be 1 (it must be a valid IPMB address), it cannot 4444 * be zero, and it must not be my address. 4445 */ 4446 if (((intf->event_receiver & 1) == 0) 4447 && (intf->event_receiver != 0) 4448 && (intf->event_receiver != intf->channels[0].address)) { 4449 /* 4450 * The event receiver is valid, send an IPMB 4451 * message. 4452 */ 4453 ipmb = (struct ipmi_ipmb_addr *) &addr; 4454 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE; 4455 ipmb->channel = 0; /* FIXME - is this right? */ 4456 ipmb->lun = intf->event_receiver_lun; 4457 ipmb->slave_addr = intf->event_receiver; 4458 } else if (intf->local_sel_device) { 4459 /* 4460 * The event receiver was not valid (or was 4461 * me), but I am an SEL device, just dump it 4462 * in my SEL. 4463 */ 4464 si = (struct ipmi_system_interface_addr *) &addr; 4465 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4466 si->channel = IPMI_BMC_CHANNEL; 4467 si->lun = 0; 4468 } else 4469 continue; /* No where to send the event. */ 4470 4471 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */ 4472 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD; 4473 msg.data = data; 4474 msg.data_len = 16; 4475 4476 j = 0; 4477 while (*p) { 4478 int size = strlen(p); 4479 4480 if (size > 11) 4481 size = 11; 4482 data[0] = 0; 4483 data[1] = 0; 4484 data[2] = 0xf0; /* OEM event without timestamp. */ 4485 data[3] = intf->channels[0].address; 4486 data[4] = j++; /* sequence # */ 4487 /* 4488 * Always give 11 bytes, so strncpy will fill 4489 * it with zeroes for me. 4490 */ 4491 strncpy(data+5, p, 11); 4492 p += size; 4493 4494 ipmi_panic_request_and_wait(intf, &addr, &msg); 4495 } 4496 } 4497 #endif /* CONFIG_IPMI_PANIC_STRING */ 4498 } 4499 #endif /* CONFIG_IPMI_PANIC_EVENT */ 4500 4501 static int has_panicked; 4502 4503 static int panic_event(struct notifier_block *this, 4504 unsigned long event, 4505 void *ptr) 4506 { 4507 ipmi_smi_t intf; 4508 4509 if (has_panicked) 4510 return NOTIFY_DONE; 4511 has_panicked = 1; 4512 4513 /* For every registered interface, set it to run to completion. */ 4514 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4515 if (!intf->handlers) 4516 /* Interface is not ready. */ 4517 continue; 4518 4519 intf->run_to_completion = 1; 4520 intf->handlers->set_run_to_completion(intf->send_info, 1); 4521 } 4522 4523 #ifdef CONFIG_IPMI_PANIC_EVENT 4524 send_panic_events(ptr); 4525 #endif 4526 4527 return NOTIFY_DONE; 4528 } 4529 4530 static struct notifier_block panic_block = { 4531 .notifier_call = panic_event, 4532 .next = NULL, 4533 .priority = 200 /* priority: INT_MAX >= x >= 0 */ 4534 }; 4535 4536 static int ipmi_init_msghandler(void) 4537 { 4538 int rv; 4539 4540 if (initialized) 4541 return 0; 4542 4543 rv = driver_register(&ipmidriver.driver); 4544 if (rv) { 4545 printk(KERN_ERR PFX "Could not register IPMI driver\n"); 4546 return rv; 4547 } 4548 4549 printk(KERN_INFO "ipmi message handler version " 4550 IPMI_DRIVER_VERSION "\n"); 4551 4552 #ifdef CONFIG_PROC_FS 4553 proc_ipmi_root = proc_mkdir("ipmi", NULL); 4554 if (!proc_ipmi_root) { 4555 printk(KERN_ERR PFX "Unable to create IPMI proc dir"); 4556 driver_unregister(&ipmidriver.driver); 4557 return -ENOMEM; 4558 } 4559 4560 #endif /* CONFIG_PROC_FS */ 4561 4562 setup_timer(&ipmi_timer, ipmi_timeout, 0); 4563 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4564 4565 atomic_notifier_chain_register(&panic_notifier_list, &panic_block); 4566 4567 initialized = 1; 4568 4569 return 0; 4570 } 4571 4572 static int __init ipmi_init_msghandler_mod(void) 4573 { 4574 ipmi_init_msghandler(); 4575 return 0; 4576 } 4577 4578 static void __exit cleanup_ipmi(void) 4579 { 4580 int count; 4581 4582 if (!initialized) 4583 return; 4584 4585 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block); 4586 4587 /* 4588 * This can't be called if any interfaces exist, so no worry 4589 * about shutting down the interfaces. 4590 */ 4591 4592 /* 4593 * Tell the timer to stop, then wait for it to stop. This 4594 * avoids problems with race conditions removing the timer 4595 * here. 4596 */ 4597 atomic_inc(&stop_operation); 4598 del_timer_sync(&ipmi_timer); 4599 4600 #ifdef CONFIG_PROC_FS 4601 proc_remove(proc_ipmi_root); 4602 #endif /* CONFIG_PROC_FS */ 4603 4604 driver_unregister(&ipmidriver.driver); 4605 4606 initialized = 0; 4607 4608 /* Check for buffer leaks. */ 4609 count = atomic_read(&smi_msg_inuse_count); 4610 if (count != 0) 4611 printk(KERN_WARNING PFX "SMI message count %d at exit\n", 4612 count); 4613 count = atomic_read(&recv_msg_inuse_count); 4614 if (count != 0) 4615 printk(KERN_WARNING PFX "recv message count %d at exit\n", 4616 count); 4617 } 4618 module_exit(cleanup_ipmi); 4619 4620 module_init(ipmi_init_msghandler_mod); 4621 MODULE_LICENSE("GPL"); 4622 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>"); 4623 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI" 4624 " interface."); 4625 MODULE_VERSION(IPMI_DRIVER_VERSION); 4626