1 /* 2 * IPMI BMC external connection 3 * 4 * Copyright (c) 2015 Corey Minyard, MontaVista Software, LLC 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 /* 26 * This is designed to connect with OpenIPMI's lanserv serial interface 27 * using the "VM" connection type. See that for details. 28 */ 29 30 #include "qemu/osdep.h" 31 #include "qemu/error-report.h" 32 #include "qapi/error.h" 33 #include "qemu/timer.h" 34 #include "chardev/char-fe.h" 35 #include "sysemu/sysemu.h" 36 #include "hw/ipmi/ipmi.h" 37 38 #define VM_MSG_CHAR 0xA0 /* Marks end of message */ 39 #define VM_CMD_CHAR 0xA1 /* Marks end of a command */ 40 #define VM_ESCAPE_CHAR 0xAA /* Set bit 4 from the next byte to 0 */ 41 42 #define VM_PROTOCOL_VERSION 1 43 #define VM_CMD_VERSION 0xff /* A version number byte follows */ 44 #define VM_CMD_NOATTN 0x00 45 #define VM_CMD_ATTN 0x01 46 #define VM_CMD_ATTN_IRQ 0x02 47 #define VM_CMD_POWEROFF 0x03 48 #define VM_CMD_RESET 0x04 49 #define VM_CMD_ENABLE_IRQ 0x05 /* Enable/disable the messaging irq */ 50 #define VM_CMD_DISABLE_IRQ 0x06 51 #define VM_CMD_SEND_NMI 0x07 52 #define VM_CMD_CAPABILITIES 0x08 53 #define VM_CAPABILITIES_POWER 0x01 54 #define VM_CAPABILITIES_RESET 0x02 55 #define VM_CAPABILITIES_IRQ 0x04 56 #define VM_CAPABILITIES_NMI 0x08 57 #define VM_CAPABILITIES_ATTN 0x10 58 #define VM_CAPABILITIES_GRACEFUL_SHUTDOWN 0x20 59 #define VM_CMD_GRACEFUL_SHUTDOWN 0x09 60 61 #define TYPE_IPMI_BMC_EXTERN "ipmi-bmc-extern" 62 #define IPMI_BMC_EXTERN(obj) OBJECT_CHECK(IPMIBmcExtern, (obj), \ 63 TYPE_IPMI_BMC_EXTERN) 64 typedef struct IPMIBmcExtern { 65 IPMIBmc parent; 66 67 CharBackend chr; 68 69 bool connected; 70 71 unsigned char inbuf[MAX_IPMI_MSG_SIZE + 2]; 72 unsigned int inpos; 73 bool in_escape; 74 bool in_too_many; 75 bool waiting_rsp; 76 bool sending_cmd; 77 78 unsigned char outbuf[(MAX_IPMI_MSG_SIZE + 2) * 2 + 1]; 79 unsigned int outpos; 80 unsigned int outlen; 81 82 struct QEMUTimer *extern_timer; 83 84 /* A reset event is pending to be sent upstream. */ 85 bool send_reset; 86 } IPMIBmcExtern; 87 88 static int can_receive(void *opaque); 89 static void receive(void *opaque, const uint8_t *buf, int size); 90 static void chr_event(void *opaque, int event); 91 92 static unsigned char 93 ipmb_checksum(const unsigned char *data, int size, unsigned char start) 94 { 95 unsigned char csum = start; 96 97 for (; size > 0; size--, data++) { 98 csum += *data; 99 } 100 return csum; 101 } 102 103 static void continue_send(IPMIBmcExtern *ibe) 104 { 105 int ret; 106 if (ibe->outlen == 0) { 107 goto check_reset; 108 } 109 send: 110 ret = qemu_chr_fe_write(&ibe->chr, ibe->outbuf + ibe->outpos, 111 ibe->outlen - ibe->outpos); 112 if (ret > 0) { 113 ibe->outpos += ret; 114 } 115 if (ibe->outpos < ibe->outlen) { 116 /* Not fully transmitted, try again in a 10ms */ 117 timer_mod_ns(ibe->extern_timer, 118 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 10000000); 119 } else { 120 /* Sent */ 121 ibe->outlen = 0; 122 ibe->outpos = 0; 123 if (!ibe->sending_cmd) { 124 ibe->waiting_rsp = true; 125 } else { 126 ibe->sending_cmd = false; 127 } 128 check_reset: 129 if (ibe->connected && ibe->send_reset) { 130 /* Send the reset */ 131 ibe->outbuf[0] = VM_CMD_RESET; 132 ibe->outbuf[1] = VM_CMD_CHAR; 133 ibe->outlen = 2; 134 ibe->outpos = 0; 135 ibe->send_reset = false; 136 ibe->sending_cmd = true; 137 goto send; 138 } 139 140 if (ibe->waiting_rsp) { 141 /* Make sure we get a response within 4 seconds. */ 142 timer_mod_ns(ibe->extern_timer, 143 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 4000000000ULL); 144 } 145 } 146 return; 147 } 148 149 static void extern_timeout(void *opaque) 150 { 151 IPMIBmcExtern *ibe = opaque; 152 IPMIInterface *s = ibe->parent.intf; 153 154 if (ibe->connected) { 155 if (ibe->waiting_rsp && (ibe->outlen == 0)) { 156 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 157 /* The message response timed out, return an error. */ 158 ibe->waiting_rsp = false; 159 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 160 ibe->inbuf[2] = ibe->outbuf[2]; 161 ibe->inbuf[3] = IPMI_CC_TIMEOUT; 162 k->handle_rsp(s, ibe->outbuf[0], ibe->inbuf + 1, 3); 163 } else { 164 continue_send(ibe); 165 } 166 } 167 } 168 169 static void addchar(IPMIBmcExtern *ibe, unsigned char ch) 170 { 171 switch (ch) { 172 case VM_MSG_CHAR: 173 case VM_CMD_CHAR: 174 case VM_ESCAPE_CHAR: 175 ibe->outbuf[ibe->outlen] = VM_ESCAPE_CHAR; 176 ibe->outlen++; 177 ch |= 0x10; 178 /* No break */ 179 180 default: 181 ibe->outbuf[ibe->outlen] = ch; 182 ibe->outlen++; 183 } 184 } 185 186 static void ipmi_bmc_extern_handle_command(IPMIBmc *b, 187 uint8_t *cmd, unsigned int cmd_len, 188 unsigned int max_cmd_len, 189 uint8_t msg_id) 190 { 191 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(b); 192 IPMIInterface *s = ibe->parent.intf; 193 uint8_t err = 0, csum; 194 unsigned int i; 195 196 if (ibe->outlen) { 197 /* We already have a command queued. Shouldn't ever happen. */ 198 error_report("IPMI KCS: Got command when not finished with the" 199 " previous command"); 200 abort(); 201 } 202 203 /* If it's too short or it was truncated, return an error. */ 204 if (cmd_len < 2) { 205 err = IPMI_CC_REQUEST_DATA_LENGTH_INVALID; 206 } else if ((cmd_len > max_cmd_len) || (cmd_len > MAX_IPMI_MSG_SIZE)) { 207 err = IPMI_CC_REQUEST_DATA_TRUNCATED; 208 } else if (!ibe->connected) { 209 err = IPMI_CC_BMC_INIT_IN_PROGRESS; 210 } 211 if (err) { 212 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 213 unsigned char rsp[3]; 214 rsp[0] = cmd[0] | 0x04; 215 rsp[1] = cmd[1]; 216 rsp[2] = err; 217 ibe->waiting_rsp = false; 218 k->handle_rsp(s, msg_id, rsp, 3); 219 goto out; 220 } 221 222 addchar(ibe, msg_id); 223 for (i = 0; i < cmd_len; i++) { 224 addchar(ibe, cmd[i]); 225 } 226 csum = ipmb_checksum(&msg_id, 1, 0); 227 addchar(ibe, -ipmb_checksum(cmd, cmd_len, csum)); 228 229 ibe->outbuf[ibe->outlen] = VM_MSG_CHAR; 230 ibe->outlen++; 231 232 /* Start the transmit */ 233 continue_send(ibe); 234 235 out: 236 return; 237 } 238 239 static void handle_hw_op(IPMIBmcExtern *ibe, unsigned char hw_op) 240 { 241 IPMIInterface *s = ibe->parent.intf; 242 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 243 244 switch (hw_op) { 245 case VM_CMD_VERSION: 246 /* We only support one version at this time. */ 247 break; 248 249 case VM_CMD_NOATTN: 250 k->set_atn(s, 0, 0); 251 break; 252 253 case VM_CMD_ATTN: 254 k->set_atn(s, 1, 0); 255 break; 256 257 case VM_CMD_ATTN_IRQ: 258 k->set_atn(s, 1, 1); 259 break; 260 261 case VM_CMD_POWEROFF: 262 k->do_hw_op(s, IPMI_POWEROFF_CHASSIS, 0); 263 break; 264 265 case VM_CMD_RESET: 266 k->do_hw_op(s, IPMI_RESET_CHASSIS, 0); 267 break; 268 269 case VM_CMD_ENABLE_IRQ: 270 k->set_irq_enable(s, 1); 271 break; 272 273 case VM_CMD_DISABLE_IRQ: 274 k->set_irq_enable(s, 0); 275 break; 276 277 case VM_CMD_SEND_NMI: 278 k->do_hw_op(s, IPMI_SEND_NMI, 0); 279 break; 280 281 case VM_CMD_GRACEFUL_SHUTDOWN: 282 k->do_hw_op(s, IPMI_SHUTDOWN_VIA_ACPI_OVERTEMP, 0); 283 break; 284 } 285 } 286 287 static void handle_msg(IPMIBmcExtern *ibe) 288 { 289 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(ibe->parent.intf); 290 291 if (ibe->in_escape) { 292 ipmi_debug("msg escape not ended\n"); 293 return; 294 } 295 if (ibe->inpos < 5) { 296 ipmi_debug("msg too short\n"); 297 return; 298 } 299 if (ibe->in_too_many) { 300 ibe->inbuf[3] = IPMI_CC_REQUEST_DATA_TRUNCATED; 301 ibe->inpos = 4; 302 } else if (ipmb_checksum(ibe->inbuf, ibe->inpos, 0) != 0) { 303 ipmi_debug("msg checksum failure\n"); 304 return; 305 } else { 306 ibe->inpos--; /* Remove checkum */ 307 } 308 309 timer_del(ibe->extern_timer); 310 ibe->waiting_rsp = false; 311 k->handle_rsp(ibe->parent.intf, ibe->inbuf[0], ibe->inbuf + 1, ibe->inpos - 1); 312 } 313 314 static int can_receive(void *opaque) 315 { 316 return 1; 317 } 318 319 static void receive(void *opaque, const uint8_t *buf, int size) 320 { 321 IPMIBmcExtern *ibe = opaque; 322 int i; 323 unsigned char hw_op; 324 325 for (i = 0; i < size; i++) { 326 unsigned char ch = buf[i]; 327 328 switch (ch) { 329 case VM_MSG_CHAR: 330 handle_msg(ibe); 331 ibe->in_too_many = false; 332 ibe->inpos = 0; 333 break; 334 335 case VM_CMD_CHAR: 336 if (ibe->in_too_many) { 337 ipmi_debug("cmd in too many\n"); 338 ibe->in_too_many = false; 339 ibe->inpos = 0; 340 break; 341 } 342 if (ibe->in_escape) { 343 ipmi_debug("cmd in escape\n"); 344 ibe->in_too_many = false; 345 ibe->inpos = 0; 346 ibe->in_escape = false; 347 break; 348 } 349 ibe->in_too_many = false; 350 if (ibe->inpos < 1) { 351 break; 352 } 353 hw_op = ibe->inbuf[0]; 354 ibe->inpos = 0; 355 goto out_hw_op; 356 break; 357 358 case VM_ESCAPE_CHAR: 359 ibe->in_escape = true; 360 break; 361 362 default: 363 if (ibe->in_escape) { 364 ch &= ~0x10; 365 ibe->in_escape = false; 366 } 367 if (ibe->in_too_many) { 368 break; 369 } 370 if (ibe->inpos >= sizeof(ibe->inbuf)) { 371 ibe->in_too_many = true; 372 break; 373 } 374 ibe->inbuf[ibe->inpos] = ch; 375 ibe->inpos++; 376 break; 377 } 378 } 379 return; 380 381 out_hw_op: 382 handle_hw_op(ibe, hw_op); 383 } 384 385 static void chr_event(void *opaque, int event) 386 { 387 IPMIBmcExtern *ibe = opaque; 388 IPMIInterface *s = ibe->parent.intf; 389 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 390 unsigned char v; 391 392 switch (event) { 393 case CHR_EVENT_OPENED: 394 ibe->connected = true; 395 ibe->outpos = 0; 396 ibe->outlen = 0; 397 addchar(ibe, VM_CMD_VERSION); 398 addchar(ibe, VM_PROTOCOL_VERSION); 399 ibe->outbuf[ibe->outlen] = VM_CMD_CHAR; 400 ibe->outlen++; 401 addchar(ibe, VM_CMD_CAPABILITIES); 402 v = VM_CAPABILITIES_IRQ | VM_CAPABILITIES_ATTN; 403 if (k->do_hw_op(ibe->parent.intf, IPMI_POWEROFF_CHASSIS, 1) == 0) { 404 v |= VM_CAPABILITIES_POWER; 405 } 406 if (k->do_hw_op(ibe->parent.intf, IPMI_SHUTDOWN_VIA_ACPI_OVERTEMP, 1) 407 == 0) { 408 v |= VM_CAPABILITIES_GRACEFUL_SHUTDOWN; 409 } 410 if (k->do_hw_op(ibe->parent.intf, IPMI_RESET_CHASSIS, 1) == 0) { 411 v |= VM_CAPABILITIES_RESET; 412 } 413 if (k->do_hw_op(ibe->parent.intf, IPMI_SEND_NMI, 1) == 0) { 414 v |= VM_CAPABILITIES_NMI; 415 } 416 addchar(ibe, v); 417 ibe->outbuf[ibe->outlen] = VM_CMD_CHAR; 418 ibe->outlen++; 419 ibe->sending_cmd = false; 420 continue_send(ibe); 421 break; 422 423 case CHR_EVENT_CLOSED: 424 if (!ibe->connected) { 425 return; 426 } 427 ibe->connected = false; 428 if (ibe->waiting_rsp) { 429 ibe->waiting_rsp = false; 430 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 431 ibe->inbuf[2] = ibe->outbuf[2]; 432 ibe->inbuf[3] = IPMI_CC_BMC_INIT_IN_PROGRESS; 433 k->handle_rsp(s, ibe->outbuf[0], ibe->inbuf + 1, 3); 434 } 435 break; 436 } 437 } 438 439 static void ipmi_bmc_extern_handle_reset(IPMIBmc *b) 440 { 441 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(b); 442 443 ibe->send_reset = true; 444 continue_send(ibe); 445 } 446 447 static void ipmi_bmc_extern_realize(DeviceState *dev, Error **errp) 448 { 449 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(dev); 450 451 if (!qemu_chr_fe_backend_connected(&ibe->chr)) { 452 error_setg(errp, "IPMI external bmc requires chardev attribute"); 453 return; 454 } 455 456 qemu_chr_fe_set_handlers(&ibe->chr, can_receive, receive, 457 chr_event, NULL, ibe, NULL, true); 458 } 459 460 static int ipmi_bmc_extern_post_migrate(void *opaque, int version_id) 461 { 462 IPMIBmcExtern *ibe = opaque; 463 464 /* 465 * We don't directly restore waiting_rsp, Instead, we return an 466 * error on the interface if a response was being waited for. 467 */ 468 if (ibe->waiting_rsp) { 469 IPMIInterface *ii = ibe->parent.intf; 470 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii); 471 472 ibe->waiting_rsp = false; 473 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 474 ibe->inbuf[2] = ibe->outbuf[2]; 475 ibe->inbuf[3] = IPMI_CC_BMC_INIT_IN_PROGRESS; 476 iic->handle_rsp(ii, ibe->outbuf[0], ibe->inbuf + 1, 3); 477 } 478 return 0; 479 } 480 481 static const VMStateDescription vmstate_ipmi_bmc_extern = { 482 .name = TYPE_IPMI_BMC_EXTERN, 483 .version_id = 1, 484 .minimum_version_id = 1, 485 .post_load = ipmi_bmc_extern_post_migrate, 486 .fields = (VMStateField[]) { 487 VMSTATE_BOOL(send_reset, IPMIBmcExtern), 488 VMSTATE_BOOL(waiting_rsp, IPMIBmcExtern), 489 VMSTATE_END_OF_LIST() 490 } 491 }; 492 493 static void ipmi_bmc_extern_init(Object *obj) 494 { 495 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(obj); 496 497 ibe->extern_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, extern_timeout, ibe); 498 vmstate_register(NULL, 0, &vmstate_ipmi_bmc_extern, ibe); 499 } 500 501 static void ipmi_bmc_extern_finalize(Object *obj) 502 { 503 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(obj); 504 505 timer_del(ibe->extern_timer); 506 timer_free(ibe->extern_timer); 507 } 508 509 static Property ipmi_bmc_extern_properties[] = { 510 DEFINE_PROP_CHR("chardev", IPMIBmcExtern, chr), 511 DEFINE_PROP_END_OF_LIST(), 512 }; 513 514 static void ipmi_bmc_extern_class_init(ObjectClass *oc, void *data) 515 { 516 DeviceClass *dc = DEVICE_CLASS(oc); 517 IPMIBmcClass *bk = IPMI_BMC_CLASS(oc); 518 519 bk->handle_command = ipmi_bmc_extern_handle_command; 520 bk->handle_reset = ipmi_bmc_extern_handle_reset; 521 dc->hotpluggable = false; 522 dc->realize = ipmi_bmc_extern_realize; 523 dc->props = ipmi_bmc_extern_properties; 524 } 525 526 static const TypeInfo ipmi_bmc_extern_type = { 527 .name = TYPE_IPMI_BMC_EXTERN, 528 .parent = TYPE_IPMI_BMC, 529 .instance_size = sizeof(IPMIBmcExtern), 530 .instance_init = ipmi_bmc_extern_init, 531 .instance_finalize = ipmi_bmc_extern_finalize, 532 .class_init = ipmi_bmc_extern_class_init, 533 }; 534 535 static void ipmi_bmc_extern_register_types(void) 536 { 537 type_register_static(&ipmi_bmc_extern_type); 538 } 539 540 type_init(ipmi_bmc_extern_register_types) 541