1 /* 2 * IPMI BMC external connection 3 * 4 * Copyright (c) 2015 Corey Minyard, MontaVista Software, LLC 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 /* 26 * This is designed to connect with OpenIPMI's lanserv serial interface 27 * using the "VM" connection type. See that for details. 28 */ 29 30 #include "qemu/osdep.h" 31 #include "qemu/error-report.h" 32 #include "qemu/module.h" 33 #include "qapi/error.h" 34 #include "qemu/timer.h" 35 #include "chardev/char-fe.h" 36 #include "hw/ipmi/ipmi.h" 37 #include "hw/qdev-properties.h" 38 #include "migration/vmstate.h" 39 40 #define VM_MSG_CHAR 0xA0 /* Marks end of message */ 41 #define VM_CMD_CHAR 0xA1 /* Marks end of a command */ 42 #define VM_ESCAPE_CHAR 0xAA /* Set bit 4 from the next byte to 0 */ 43 44 #define VM_PROTOCOL_VERSION 1 45 #define VM_CMD_VERSION 0xff /* A version number byte follows */ 46 #define VM_CMD_NOATTN 0x00 47 #define VM_CMD_ATTN 0x01 48 #define VM_CMD_ATTN_IRQ 0x02 49 #define VM_CMD_POWEROFF 0x03 50 #define VM_CMD_RESET 0x04 51 #define VM_CMD_ENABLE_IRQ 0x05 /* Enable/disable the messaging irq */ 52 #define VM_CMD_DISABLE_IRQ 0x06 53 #define VM_CMD_SEND_NMI 0x07 54 #define VM_CMD_CAPABILITIES 0x08 55 #define VM_CAPABILITIES_POWER 0x01 56 #define VM_CAPABILITIES_RESET 0x02 57 #define VM_CAPABILITIES_IRQ 0x04 58 #define VM_CAPABILITIES_NMI 0x08 59 #define VM_CAPABILITIES_ATTN 0x10 60 #define VM_CAPABILITIES_GRACEFUL_SHUTDOWN 0x20 61 #define VM_CMD_GRACEFUL_SHUTDOWN 0x09 62 63 #define TYPE_IPMI_BMC_EXTERN "ipmi-bmc-extern" 64 #define IPMI_BMC_EXTERN(obj) OBJECT_CHECK(IPMIBmcExtern, (obj), \ 65 TYPE_IPMI_BMC_EXTERN) 66 typedef struct IPMIBmcExtern { 67 IPMIBmc parent; 68 69 CharBackend chr; 70 71 bool connected; 72 73 unsigned char inbuf[MAX_IPMI_MSG_SIZE + 2]; 74 unsigned int inpos; 75 bool in_escape; 76 bool in_too_many; 77 bool waiting_rsp; 78 bool sending_cmd; 79 80 unsigned char outbuf[(MAX_IPMI_MSG_SIZE + 2) * 2 + 1]; 81 unsigned int outpos; 82 unsigned int outlen; 83 84 struct QEMUTimer *extern_timer; 85 86 /* A reset event is pending to be sent upstream. */ 87 bool send_reset; 88 } IPMIBmcExtern; 89 90 static int can_receive(void *opaque); 91 static void receive(void *opaque, const uint8_t *buf, int size); 92 static void chr_event(void *opaque, int event); 93 94 static unsigned char 95 ipmb_checksum(const unsigned char *data, int size, unsigned char start) 96 { 97 unsigned char csum = start; 98 99 for (; size > 0; size--, data++) { 100 csum += *data; 101 } 102 return csum; 103 } 104 105 static void continue_send(IPMIBmcExtern *ibe) 106 { 107 int ret; 108 if (ibe->outlen == 0) { 109 goto check_reset; 110 } 111 send: 112 ret = qemu_chr_fe_write(&ibe->chr, ibe->outbuf + ibe->outpos, 113 ibe->outlen - ibe->outpos); 114 if (ret > 0) { 115 ibe->outpos += ret; 116 } 117 if (ibe->outpos < ibe->outlen) { 118 /* Not fully transmitted, try again in a 10ms */ 119 timer_mod_ns(ibe->extern_timer, 120 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 10000000); 121 } else { 122 /* Sent */ 123 ibe->outlen = 0; 124 ibe->outpos = 0; 125 if (!ibe->sending_cmd) { 126 ibe->waiting_rsp = true; 127 } else { 128 ibe->sending_cmd = false; 129 } 130 check_reset: 131 if (ibe->connected && ibe->send_reset) { 132 /* Send the reset */ 133 ibe->outbuf[0] = VM_CMD_RESET; 134 ibe->outbuf[1] = VM_CMD_CHAR; 135 ibe->outlen = 2; 136 ibe->outpos = 0; 137 ibe->send_reset = false; 138 ibe->sending_cmd = true; 139 goto send; 140 } 141 142 if (ibe->waiting_rsp) { 143 /* Make sure we get a response within 4 seconds. */ 144 timer_mod_ns(ibe->extern_timer, 145 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 4000000000ULL); 146 } 147 } 148 return; 149 } 150 151 static void extern_timeout(void *opaque) 152 { 153 IPMIBmcExtern *ibe = opaque; 154 IPMIInterface *s = ibe->parent.intf; 155 156 if (ibe->connected) { 157 if (ibe->waiting_rsp && (ibe->outlen == 0)) { 158 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 159 /* The message response timed out, return an error. */ 160 ibe->waiting_rsp = false; 161 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 162 ibe->inbuf[2] = ibe->outbuf[2]; 163 ibe->inbuf[3] = IPMI_CC_TIMEOUT; 164 k->handle_rsp(s, ibe->outbuf[0], ibe->inbuf + 1, 3); 165 } else { 166 continue_send(ibe); 167 } 168 } 169 } 170 171 static void addchar(IPMIBmcExtern *ibe, unsigned char ch) 172 { 173 switch (ch) { 174 case VM_MSG_CHAR: 175 case VM_CMD_CHAR: 176 case VM_ESCAPE_CHAR: 177 ibe->outbuf[ibe->outlen] = VM_ESCAPE_CHAR; 178 ibe->outlen++; 179 ch |= 0x10; 180 /* No break */ 181 182 default: 183 ibe->outbuf[ibe->outlen] = ch; 184 ibe->outlen++; 185 } 186 } 187 188 static void ipmi_bmc_extern_handle_command(IPMIBmc *b, 189 uint8_t *cmd, unsigned int cmd_len, 190 unsigned int max_cmd_len, 191 uint8_t msg_id) 192 { 193 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(b); 194 IPMIInterface *s = ibe->parent.intf; 195 uint8_t err = 0, csum; 196 unsigned int i; 197 198 if (ibe->outlen) { 199 /* We already have a command queued. Shouldn't ever happen. */ 200 error_report("IPMI KCS: Got command when not finished with the" 201 " previous command"); 202 abort(); 203 } 204 205 /* If it's too short or it was truncated, return an error. */ 206 if (cmd_len < 2) { 207 err = IPMI_CC_REQUEST_DATA_LENGTH_INVALID; 208 } else if ((cmd_len > max_cmd_len) || (cmd_len > MAX_IPMI_MSG_SIZE)) { 209 err = IPMI_CC_REQUEST_DATA_TRUNCATED; 210 } else if (!ibe->connected) { 211 err = IPMI_CC_BMC_INIT_IN_PROGRESS; 212 } 213 if (err) { 214 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 215 unsigned char rsp[3]; 216 rsp[0] = cmd[0] | 0x04; 217 rsp[1] = cmd[1]; 218 rsp[2] = err; 219 ibe->waiting_rsp = false; 220 k->handle_rsp(s, msg_id, rsp, 3); 221 goto out; 222 } 223 224 addchar(ibe, msg_id); 225 for (i = 0; i < cmd_len; i++) { 226 addchar(ibe, cmd[i]); 227 } 228 csum = ipmb_checksum(&msg_id, 1, 0); 229 addchar(ibe, -ipmb_checksum(cmd, cmd_len, csum)); 230 231 ibe->outbuf[ibe->outlen] = VM_MSG_CHAR; 232 ibe->outlen++; 233 234 /* Start the transmit */ 235 continue_send(ibe); 236 237 out: 238 return; 239 } 240 241 static void handle_hw_op(IPMIBmcExtern *ibe, unsigned char hw_op) 242 { 243 IPMIInterface *s = ibe->parent.intf; 244 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 245 246 switch (hw_op) { 247 case VM_CMD_VERSION: 248 /* We only support one version at this time. */ 249 break; 250 251 case VM_CMD_NOATTN: 252 k->set_atn(s, 0, 0); 253 break; 254 255 case VM_CMD_ATTN: 256 k->set_atn(s, 1, 0); 257 break; 258 259 case VM_CMD_ATTN_IRQ: 260 k->set_atn(s, 1, 1); 261 break; 262 263 case VM_CMD_POWEROFF: 264 k->do_hw_op(s, IPMI_POWEROFF_CHASSIS, 0); 265 break; 266 267 case VM_CMD_RESET: 268 k->do_hw_op(s, IPMI_RESET_CHASSIS, 0); 269 break; 270 271 case VM_CMD_ENABLE_IRQ: 272 k->set_irq_enable(s, 1); 273 break; 274 275 case VM_CMD_DISABLE_IRQ: 276 k->set_irq_enable(s, 0); 277 break; 278 279 case VM_CMD_SEND_NMI: 280 k->do_hw_op(s, IPMI_SEND_NMI, 0); 281 break; 282 283 case VM_CMD_GRACEFUL_SHUTDOWN: 284 k->do_hw_op(s, IPMI_SHUTDOWN_VIA_ACPI_OVERTEMP, 0); 285 break; 286 } 287 } 288 289 static void handle_msg(IPMIBmcExtern *ibe) 290 { 291 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(ibe->parent.intf); 292 293 if (ibe->in_escape) { 294 ipmi_debug("msg escape not ended\n"); 295 return; 296 } 297 if (ibe->inpos < 5) { 298 ipmi_debug("msg too short\n"); 299 return; 300 } 301 if (ibe->in_too_many) { 302 ibe->inbuf[3] = IPMI_CC_REQUEST_DATA_TRUNCATED; 303 ibe->inpos = 4; 304 } else if (ipmb_checksum(ibe->inbuf, ibe->inpos, 0) != 0) { 305 ipmi_debug("msg checksum failure\n"); 306 return; 307 } else { 308 ibe->inpos--; /* Remove checkum */ 309 } 310 311 timer_del(ibe->extern_timer); 312 ibe->waiting_rsp = false; 313 k->handle_rsp(ibe->parent.intf, ibe->inbuf[0], ibe->inbuf + 1, ibe->inpos - 1); 314 } 315 316 static int can_receive(void *opaque) 317 { 318 return 1; 319 } 320 321 static void receive(void *opaque, const uint8_t *buf, int size) 322 { 323 IPMIBmcExtern *ibe = opaque; 324 int i; 325 unsigned char hw_op; 326 327 for (i = 0; i < size; i++) { 328 unsigned char ch = buf[i]; 329 330 switch (ch) { 331 case VM_MSG_CHAR: 332 handle_msg(ibe); 333 ibe->in_too_many = false; 334 ibe->inpos = 0; 335 break; 336 337 case VM_CMD_CHAR: 338 if (ibe->in_too_many) { 339 ipmi_debug("cmd in too many\n"); 340 ibe->in_too_many = false; 341 ibe->inpos = 0; 342 break; 343 } 344 if (ibe->in_escape) { 345 ipmi_debug("cmd in escape\n"); 346 ibe->in_too_many = false; 347 ibe->inpos = 0; 348 ibe->in_escape = false; 349 break; 350 } 351 ibe->in_too_many = false; 352 if (ibe->inpos < 1) { 353 break; 354 } 355 hw_op = ibe->inbuf[0]; 356 ibe->inpos = 0; 357 goto out_hw_op; 358 break; 359 360 case VM_ESCAPE_CHAR: 361 ibe->in_escape = true; 362 break; 363 364 default: 365 if (ibe->in_escape) { 366 ch &= ~0x10; 367 ibe->in_escape = false; 368 } 369 if (ibe->in_too_many) { 370 break; 371 } 372 if (ibe->inpos >= sizeof(ibe->inbuf)) { 373 ibe->in_too_many = true; 374 break; 375 } 376 ibe->inbuf[ibe->inpos] = ch; 377 ibe->inpos++; 378 break; 379 } 380 } 381 return; 382 383 out_hw_op: 384 handle_hw_op(ibe, hw_op); 385 } 386 387 static void chr_event(void *opaque, int event) 388 { 389 IPMIBmcExtern *ibe = opaque; 390 IPMIInterface *s = ibe->parent.intf; 391 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 392 unsigned char v; 393 394 switch (event) { 395 case CHR_EVENT_OPENED: 396 ibe->connected = true; 397 ibe->outpos = 0; 398 ibe->outlen = 0; 399 addchar(ibe, VM_CMD_VERSION); 400 addchar(ibe, VM_PROTOCOL_VERSION); 401 ibe->outbuf[ibe->outlen] = VM_CMD_CHAR; 402 ibe->outlen++; 403 addchar(ibe, VM_CMD_CAPABILITIES); 404 v = VM_CAPABILITIES_IRQ | VM_CAPABILITIES_ATTN; 405 if (k->do_hw_op(ibe->parent.intf, IPMI_POWEROFF_CHASSIS, 1) == 0) { 406 v |= VM_CAPABILITIES_POWER; 407 } 408 if (k->do_hw_op(ibe->parent.intf, IPMI_SHUTDOWN_VIA_ACPI_OVERTEMP, 1) 409 == 0) { 410 v |= VM_CAPABILITIES_GRACEFUL_SHUTDOWN; 411 } 412 if (k->do_hw_op(ibe->parent.intf, IPMI_RESET_CHASSIS, 1) == 0) { 413 v |= VM_CAPABILITIES_RESET; 414 } 415 if (k->do_hw_op(ibe->parent.intf, IPMI_SEND_NMI, 1) == 0) { 416 v |= VM_CAPABILITIES_NMI; 417 } 418 addchar(ibe, v); 419 ibe->outbuf[ibe->outlen] = VM_CMD_CHAR; 420 ibe->outlen++; 421 ibe->sending_cmd = false; 422 continue_send(ibe); 423 break; 424 425 case CHR_EVENT_CLOSED: 426 if (!ibe->connected) { 427 return; 428 } 429 ibe->connected = false; 430 /* 431 * Don't hang the OS trying to handle the ATN bit, other end will 432 * resend on a reconnect. 433 */ 434 k->set_atn(s, 0, 0); 435 if (ibe->waiting_rsp) { 436 ibe->waiting_rsp = false; 437 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 438 ibe->inbuf[2] = ibe->outbuf[2]; 439 ibe->inbuf[3] = IPMI_CC_BMC_INIT_IN_PROGRESS; 440 k->handle_rsp(s, ibe->outbuf[0], ibe->inbuf + 1, 3); 441 } 442 break; 443 } 444 } 445 446 static void ipmi_bmc_extern_handle_reset(IPMIBmc *b) 447 { 448 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(b); 449 450 ibe->send_reset = true; 451 continue_send(ibe); 452 } 453 454 static void ipmi_bmc_extern_realize(DeviceState *dev, Error **errp) 455 { 456 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(dev); 457 458 if (!qemu_chr_fe_backend_connected(&ibe->chr)) { 459 error_setg(errp, "IPMI external bmc requires chardev attribute"); 460 return; 461 } 462 463 qemu_chr_fe_set_handlers(&ibe->chr, can_receive, receive, 464 chr_event, NULL, ibe, NULL, true); 465 } 466 467 static int ipmi_bmc_extern_post_migrate(void *opaque, int version_id) 468 { 469 IPMIBmcExtern *ibe = opaque; 470 471 /* 472 * We don't directly restore waiting_rsp, Instead, we return an 473 * error on the interface if a response was being waited for. 474 */ 475 if (ibe->waiting_rsp) { 476 IPMIInterface *ii = ibe->parent.intf; 477 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii); 478 479 ibe->waiting_rsp = false; 480 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 481 ibe->inbuf[2] = ibe->outbuf[2]; 482 ibe->inbuf[3] = IPMI_CC_BMC_INIT_IN_PROGRESS; 483 iic->handle_rsp(ii, ibe->outbuf[0], ibe->inbuf + 1, 3); 484 } 485 return 0; 486 } 487 488 static const VMStateDescription vmstate_ipmi_bmc_extern = { 489 .name = TYPE_IPMI_BMC_EXTERN, 490 .version_id = 1, 491 .minimum_version_id = 1, 492 .post_load = ipmi_bmc_extern_post_migrate, 493 .fields = (VMStateField[]) { 494 VMSTATE_BOOL(send_reset, IPMIBmcExtern), 495 VMSTATE_BOOL(waiting_rsp, IPMIBmcExtern), 496 VMSTATE_END_OF_LIST() 497 } 498 }; 499 500 static void ipmi_bmc_extern_init(Object *obj) 501 { 502 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(obj); 503 504 ibe->extern_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, extern_timeout, ibe); 505 vmstate_register(NULL, 0, &vmstate_ipmi_bmc_extern, ibe); 506 } 507 508 static void ipmi_bmc_extern_finalize(Object *obj) 509 { 510 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(obj); 511 512 timer_del(ibe->extern_timer); 513 timer_free(ibe->extern_timer); 514 } 515 516 static Property ipmi_bmc_extern_properties[] = { 517 DEFINE_PROP_CHR("chardev", IPMIBmcExtern, chr), 518 DEFINE_PROP_END_OF_LIST(), 519 }; 520 521 static void ipmi_bmc_extern_class_init(ObjectClass *oc, void *data) 522 { 523 DeviceClass *dc = DEVICE_CLASS(oc); 524 IPMIBmcClass *bk = IPMI_BMC_CLASS(oc); 525 526 bk->handle_command = ipmi_bmc_extern_handle_command; 527 bk->handle_reset = ipmi_bmc_extern_handle_reset; 528 dc->hotpluggable = false; 529 dc->realize = ipmi_bmc_extern_realize; 530 dc->props = ipmi_bmc_extern_properties; 531 } 532 533 static const TypeInfo ipmi_bmc_extern_type = { 534 .name = TYPE_IPMI_BMC_EXTERN, 535 .parent = TYPE_IPMI_BMC, 536 .instance_size = sizeof(IPMIBmcExtern), 537 .instance_init = ipmi_bmc_extern_init, 538 .instance_finalize = ipmi_bmc_extern_finalize, 539 .class_init = ipmi_bmc_extern_class_init, 540 }; 541 542 static void ipmi_bmc_extern_register_types(void) 543 { 544 type_register_static(&ipmi_bmc_extern_type); 545 } 546 547 type_init(ipmi_bmc_extern_register_types) 548