1 /* 2 * IPMI BMC external connection 3 * 4 * Copyright (c) 2015 Corey Minyard, MontaVista Software, LLC 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 /* 26 * This is designed to connect with OpenIPMI's lanserv serial interface 27 * using the "VM" connection type. See that for details. 28 */ 29 30 #include "qemu/osdep.h" 31 #include "qemu/error-report.h" 32 #include "qemu/module.h" 33 #include "qapi/error.h" 34 #include "qemu/timer.h" 35 #include "chardev/char-fe.h" 36 #include "sysemu/sysemu.h" 37 #include "hw/ipmi/ipmi.h" 38 39 #define VM_MSG_CHAR 0xA0 /* Marks end of message */ 40 #define VM_CMD_CHAR 0xA1 /* Marks end of a command */ 41 #define VM_ESCAPE_CHAR 0xAA /* Set bit 4 from the next byte to 0 */ 42 43 #define VM_PROTOCOL_VERSION 1 44 #define VM_CMD_VERSION 0xff /* A version number byte follows */ 45 #define VM_CMD_NOATTN 0x00 46 #define VM_CMD_ATTN 0x01 47 #define VM_CMD_ATTN_IRQ 0x02 48 #define VM_CMD_POWEROFF 0x03 49 #define VM_CMD_RESET 0x04 50 #define VM_CMD_ENABLE_IRQ 0x05 /* Enable/disable the messaging irq */ 51 #define VM_CMD_DISABLE_IRQ 0x06 52 #define VM_CMD_SEND_NMI 0x07 53 #define VM_CMD_CAPABILITIES 0x08 54 #define VM_CAPABILITIES_POWER 0x01 55 #define VM_CAPABILITIES_RESET 0x02 56 #define VM_CAPABILITIES_IRQ 0x04 57 #define VM_CAPABILITIES_NMI 0x08 58 #define VM_CAPABILITIES_ATTN 0x10 59 #define VM_CAPABILITIES_GRACEFUL_SHUTDOWN 0x20 60 #define VM_CMD_GRACEFUL_SHUTDOWN 0x09 61 62 #define TYPE_IPMI_BMC_EXTERN "ipmi-bmc-extern" 63 #define IPMI_BMC_EXTERN(obj) OBJECT_CHECK(IPMIBmcExtern, (obj), \ 64 TYPE_IPMI_BMC_EXTERN) 65 typedef struct IPMIBmcExtern { 66 IPMIBmc parent; 67 68 CharBackend chr; 69 70 bool connected; 71 72 unsigned char inbuf[MAX_IPMI_MSG_SIZE + 2]; 73 unsigned int inpos; 74 bool in_escape; 75 bool in_too_many; 76 bool waiting_rsp; 77 bool sending_cmd; 78 79 unsigned char outbuf[(MAX_IPMI_MSG_SIZE + 2) * 2 + 1]; 80 unsigned int outpos; 81 unsigned int outlen; 82 83 struct QEMUTimer *extern_timer; 84 85 /* A reset event is pending to be sent upstream. */ 86 bool send_reset; 87 } IPMIBmcExtern; 88 89 static int can_receive(void *opaque); 90 static void receive(void *opaque, const uint8_t *buf, int size); 91 static void chr_event(void *opaque, int event); 92 93 static unsigned char 94 ipmb_checksum(const unsigned char *data, int size, unsigned char start) 95 { 96 unsigned char csum = start; 97 98 for (; size > 0; size--, data++) { 99 csum += *data; 100 } 101 return csum; 102 } 103 104 static void continue_send(IPMIBmcExtern *ibe) 105 { 106 int ret; 107 if (ibe->outlen == 0) { 108 goto check_reset; 109 } 110 send: 111 ret = qemu_chr_fe_write(&ibe->chr, ibe->outbuf + ibe->outpos, 112 ibe->outlen - ibe->outpos); 113 if (ret > 0) { 114 ibe->outpos += ret; 115 } 116 if (ibe->outpos < ibe->outlen) { 117 /* Not fully transmitted, try again in a 10ms */ 118 timer_mod_ns(ibe->extern_timer, 119 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 10000000); 120 } else { 121 /* Sent */ 122 ibe->outlen = 0; 123 ibe->outpos = 0; 124 if (!ibe->sending_cmd) { 125 ibe->waiting_rsp = true; 126 } else { 127 ibe->sending_cmd = false; 128 } 129 check_reset: 130 if (ibe->connected && ibe->send_reset) { 131 /* Send the reset */ 132 ibe->outbuf[0] = VM_CMD_RESET; 133 ibe->outbuf[1] = VM_CMD_CHAR; 134 ibe->outlen = 2; 135 ibe->outpos = 0; 136 ibe->send_reset = false; 137 ibe->sending_cmd = true; 138 goto send; 139 } 140 141 if (ibe->waiting_rsp) { 142 /* Make sure we get a response within 4 seconds. */ 143 timer_mod_ns(ibe->extern_timer, 144 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 4000000000ULL); 145 } 146 } 147 return; 148 } 149 150 static void extern_timeout(void *opaque) 151 { 152 IPMIBmcExtern *ibe = opaque; 153 IPMIInterface *s = ibe->parent.intf; 154 155 if (ibe->connected) { 156 if (ibe->waiting_rsp && (ibe->outlen == 0)) { 157 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 158 /* The message response timed out, return an error. */ 159 ibe->waiting_rsp = false; 160 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 161 ibe->inbuf[2] = ibe->outbuf[2]; 162 ibe->inbuf[3] = IPMI_CC_TIMEOUT; 163 k->handle_rsp(s, ibe->outbuf[0], ibe->inbuf + 1, 3); 164 } else { 165 continue_send(ibe); 166 } 167 } 168 } 169 170 static void addchar(IPMIBmcExtern *ibe, unsigned char ch) 171 { 172 switch (ch) { 173 case VM_MSG_CHAR: 174 case VM_CMD_CHAR: 175 case VM_ESCAPE_CHAR: 176 ibe->outbuf[ibe->outlen] = VM_ESCAPE_CHAR; 177 ibe->outlen++; 178 ch |= 0x10; 179 /* No break */ 180 181 default: 182 ibe->outbuf[ibe->outlen] = ch; 183 ibe->outlen++; 184 } 185 } 186 187 static void ipmi_bmc_extern_handle_command(IPMIBmc *b, 188 uint8_t *cmd, unsigned int cmd_len, 189 unsigned int max_cmd_len, 190 uint8_t msg_id) 191 { 192 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(b); 193 IPMIInterface *s = ibe->parent.intf; 194 uint8_t err = 0, csum; 195 unsigned int i; 196 197 if (ibe->outlen) { 198 /* We already have a command queued. Shouldn't ever happen. */ 199 error_report("IPMI KCS: Got command when not finished with the" 200 " previous command"); 201 abort(); 202 } 203 204 /* If it's too short or it was truncated, return an error. */ 205 if (cmd_len < 2) { 206 err = IPMI_CC_REQUEST_DATA_LENGTH_INVALID; 207 } else if ((cmd_len > max_cmd_len) || (cmd_len > MAX_IPMI_MSG_SIZE)) { 208 err = IPMI_CC_REQUEST_DATA_TRUNCATED; 209 } else if (!ibe->connected) { 210 err = IPMI_CC_BMC_INIT_IN_PROGRESS; 211 } 212 if (err) { 213 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 214 unsigned char rsp[3]; 215 rsp[0] = cmd[0] | 0x04; 216 rsp[1] = cmd[1]; 217 rsp[2] = err; 218 ibe->waiting_rsp = false; 219 k->handle_rsp(s, msg_id, rsp, 3); 220 goto out; 221 } 222 223 addchar(ibe, msg_id); 224 for (i = 0; i < cmd_len; i++) { 225 addchar(ibe, cmd[i]); 226 } 227 csum = ipmb_checksum(&msg_id, 1, 0); 228 addchar(ibe, -ipmb_checksum(cmd, cmd_len, csum)); 229 230 ibe->outbuf[ibe->outlen] = VM_MSG_CHAR; 231 ibe->outlen++; 232 233 /* Start the transmit */ 234 continue_send(ibe); 235 236 out: 237 return; 238 } 239 240 static void handle_hw_op(IPMIBmcExtern *ibe, unsigned char hw_op) 241 { 242 IPMIInterface *s = ibe->parent.intf; 243 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 244 245 switch (hw_op) { 246 case VM_CMD_VERSION: 247 /* We only support one version at this time. */ 248 break; 249 250 case VM_CMD_NOATTN: 251 k->set_atn(s, 0, 0); 252 break; 253 254 case VM_CMD_ATTN: 255 k->set_atn(s, 1, 0); 256 break; 257 258 case VM_CMD_ATTN_IRQ: 259 k->set_atn(s, 1, 1); 260 break; 261 262 case VM_CMD_POWEROFF: 263 k->do_hw_op(s, IPMI_POWEROFF_CHASSIS, 0); 264 break; 265 266 case VM_CMD_RESET: 267 k->do_hw_op(s, IPMI_RESET_CHASSIS, 0); 268 break; 269 270 case VM_CMD_ENABLE_IRQ: 271 k->set_irq_enable(s, 1); 272 break; 273 274 case VM_CMD_DISABLE_IRQ: 275 k->set_irq_enable(s, 0); 276 break; 277 278 case VM_CMD_SEND_NMI: 279 k->do_hw_op(s, IPMI_SEND_NMI, 0); 280 break; 281 282 case VM_CMD_GRACEFUL_SHUTDOWN: 283 k->do_hw_op(s, IPMI_SHUTDOWN_VIA_ACPI_OVERTEMP, 0); 284 break; 285 } 286 } 287 288 static void handle_msg(IPMIBmcExtern *ibe) 289 { 290 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(ibe->parent.intf); 291 292 if (ibe->in_escape) { 293 ipmi_debug("msg escape not ended\n"); 294 return; 295 } 296 if (ibe->inpos < 5) { 297 ipmi_debug("msg too short\n"); 298 return; 299 } 300 if (ibe->in_too_many) { 301 ibe->inbuf[3] = IPMI_CC_REQUEST_DATA_TRUNCATED; 302 ibe->inpos = 4; 303 } else if (ipmb_checksum(ibe->inbuf, ibe->inpos, 0) != 0) { 304 ipmi_debug("msg checksum failure\n"); 305 return; 306 } else { 307 ibe->inpos--; /* Remove checkum */ 308 } 309 310 timer_del(ibe->extern_timer); 311 ibe->waiting_rsp = false; 312 k->handle_rsp(ibe->parent.intf, ibe->inbuf[0], ibe->inbuf + 1, ibe->inpos - 1); 313 } 314 315 static int can_receive(void *opaque) 316 { 317 return 1; 318 } 319 320 static void receive(void *opaque, const uint8_t *buf, int size) 321 { 322 IPMIBmcExtern *ibe = opaque; 323 int i; 324 unsigned char hw_op; 325 326 for (i = 0; i < size; i++) { 327 unsigned char ch = buf[i]; 328 329 switch (ch) { 330 case VM_MSG_CHAR: 331 handle_msg(ibe); 332 ibe->in_too_many = false; 333 ibe->inpos = 0; 334 break; 335 336 case VM_CMD_CHAR: 337 if (ibe->in_too_many) { 338 ipmi_debug("cmd in too many\n"); 339 ibe->in_too_many = false; 340 ibe->inpos = 0; 341 break; 342 } 343 if (ibe->in_escape) { 344 ipmi_debug("cmd in escape\n"); 345 ibe->in_too_many = false; 346 ibe->inpos = 0; 347 ibe->in_escape = false; 348 break; 349 } 350 ibe->in_too_many = false; 351 if (ibe->inpos < 1) { 352 break; 353 } 354 hw_op = ibe->inbuf[0]; 355 ibe->inpos = 0; 356 goto out_hw_op; 357 break; 358 359 case VM_ESCAPE_CHAR: 360 ibe->in_escape = true; 361 break; 362 363 default: 364 if (ibe->in_escape) { 365 ch &= ~0x10; 366 ibe->in_escape = false; 367 } 368 if (ibe->in_too_many) { 369 break; 370 } 371 if (ibe->inpos >= sizeof(ibe->inbuf)) { 372 ibe->in_too_many = true; 373 break; 374 } 375 ibe->inbuf[ibe->inpos] = ch; 376 ibe->inpos++; 377 break; 378 } 379 } 380 return; 381 382 out_hw_op: 383 handle_hw_op(ibe, hw_op); 384 } 385 386 static void chr_event(void *opaque, int event) 387 { 388 IPMIBmcExtern *ibe = opaque; 389 IPMIInterface *s = ibe->parent.intf; 390 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 391 unsigned char v; 392 393 switch (event) { 394 case CHR_EVENT_OPENED: 395 ibe->connected = true; 396 ibe->outpos = 0; 397 ibe->outlen = 0; 398 addchar(ibe, VM_CMD_VERSION); 399 addchar(ibe, VM_PROTOCOL_VERSION); 400 ibe->outbuf[ibe->outlen] = VM_CMD_CHAR; 401 ibe->outlen++; 402 addchar(ibe, VM_CMD_CAPABILITIES); 403 v = VM_CAPABILITIES_IRQ | VM_CAPABILITIES_ATTN; 404 if (k->do_hw_op(ibe->parent.intf, IPMI_POWEROFF_CHASSIS, 1) == 0) { 405 v |= VM_CAPABILITIES_POWER; 406 } 407 if (k->do_hw_op(ibe->parent.intf, IPMI_SHUTDOWN_VIA_ACPI_OVERTEMP, 1) 408 == 0) { 409 v |= VM_CAPABILITIES_GRACEFUL_SHUTDOWN; 410 } 411 if (k->do_hw_op(ibe->parent.intf, IPMI_RESET_CHASSIS, 1) == 0) { 412 v |= VM_CAPABILITIES_RESET; 413 } 414 if (k->do_hw_op(ibe->parent.intf, IPMI_SEND_NMI, 1) == 0) { 415 v |= VM_CAPABILITIES_NMI; 416 } 417 addchar(ibe, v); 418 ibe->outbuf[ibe->outlen] = VM_CMD_CHAR; 419 ibe->outlen++; 420 ibe->sending_cmd = false; 421 continue_send(ibe); 422 break; 423 424 case CHR_EVENT_CLOSED: 425 if (!ibe->connected) { 426 return; 427 } 428 ibe->connected = false; 429 /* 430 * Don't hang the OS trying to handle the ATN bit, other end will 431 * resend on a reconnect. 432 */ 433 k->set_atn(s, 0, 0); 434 if (ibe->waiting_rsp) { 435 ibe->waiting_rsp = false; 436 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 437 ibe->inbuf[2] = ibe->outbuf[2]; 438 ibe->inbuf[3] = IPMI_CC_BMC_INIT_IN_PROGRESS; 439 k->handle_rsp(s, ibe->outbuf[0], ibe->inbuf + 1, 3); 440 } 441 break; 442 } 443 } 444 445 static void ipmi_bmc_extern_handle_reset(IPMIBmc *b) 446 { 447 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(b); 448 449 ibe->send_reset = true; 450 continue_send(ibe); 451 } 452 453 static void ipmi_bmc_extern_realize(DeviceState *dev, Error **errp) 454 { 455 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(dev); 456 457 if (!qemu_chr_fe_backend_connected(&ibe->chr)) { 458 error_setg(errp, "IPMI external bmc requires chardev attribute"); 459 return; 460 } 461 462 qemu_chr_fe_set_handlers(&ibe->chr, can_receive, receive, 463 chr_event, NULL, ibe, NULL, true); 464 } 465 466 static int ipmi_bmc_extern_post_migrate(void *opaque, int version_id) 467 { 468 IPMIBmcExtern *ibe = opaque; 469 470 /* 471 * We don't directly restore waiting_rsp, Instead, we return an 472 * error on the interface if a response was being waited for. 473 */ 474 if (ibe->waiting_rsp) { 475 IPMIInterface *ii = ibe->parent.intf; 476 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii); 477 478 ibe->waiting_rsp = false; 479 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 480 ibe->inbuf[2] = ibe->outbuf[2]; 481 ibe->inbuf[3] = IPMI_CC_BMC_INIT_IN_PROGRESS; 482 iic->handle_rsp(ii, ibe->outbuf[0], ibe->inbuf + 1, 3); 483 } 484 return 0; 485 } 486 487 static const VMStateDescription vmstate_ipmi_bmc_extern = { 488 .name = TYPE_IPMI_BMC_EXTERN, 489 .version_id = 1, 490 .minimum_version_id = 1, 491 .post_load = ipmi_bmc_extern_post_migrate, 492 .fields = (VMStateField[]) { 493 VMSTATE_BOOL(send_reset, IPMIBmcExtern), 494 VMSTATE_BOOL(waiting_rsp, IPMIBmcExtern), 495 VMSTATE_END_OF_LIST() 496 } 497 }; 498 499 static void ipmi_bmc_extern_init(Object *obj) 500 { 501 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(obj); 502 503 ibe->extern_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, extern_timeout, ibe); 504 vmstate_register(NULL, 0, &vmstate_ipmi_bmc_extern, ibe); 505 } 506 507 static void ipmi_bmc_extern_finalize(Object *obj) 508 { 509 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(obj); 510 511 timer_del(ibe->extern_timer); 512 timer_free(ibe->extern_timer); 513 } 514 515 static Property ipmi_bmc_extern_properties[] = { 516 DEFINE_PROP_CHR("chardev", IPMIBmcExtern, chr), 517 DEFINE_PROP_END_OF_LIST(), 518 }; 519 520 static void ipmi_bmc_extern_class_init(ObjectClass *oc, void *data) 521 { 522 DeviceClass *dc = DEVICE_CLASS(oc); 523 IPMIBmcClass *bk = IPMI_BMC_CLASS(oc); 524 525 bk->handle_command = ipmi_bmc_extern_handle_command; 526 bk->handle_reset = ipmi_bmc_extern_handle_reset; 527 dc->hotpluggable = false; 528 dc->realize = ipmi_bmc_extern_realize; 529 dc->props = ipmi_bmc_extern_properties; 530 } 531 532 static const TypeInfo ipmi_bmc_extern_type = { 533 .name = TYPE_IPMI_BMC_EXTERN, 534 .parent = TYPE_IPMI_BMC, 535 .instance_size = sizeof(IPMIBmcExtern), 536 .instance_init = ipmi_bmc_extern_init, 537 .instance_finalize = ipmi_bmc_extern_finalize, 538 .class_init = ipmi_bmc_extern_class_init, 539 }; 540 541 static void ipmi_bmc_extern_register_types(void) 542 { 543 type_register_static(&ipmi_bmc_extern_type); 544 } 545 546 type_init(ipmi_bmc_extern_register_types) 547