1 /* 2 * Copyright (C) 2001 Dave Engebretsen IBM Corporation 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation; either version 2 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 17 */ 18 19 /* Change Activity: 20 * 2001/09/21 : engebret : Created with minimal EPOW and HW exception support. 21 * End Change Activity 22 */ 23 24 #include <linux/errno.h> 25 #include <linux/threads.h> 26 #include <linux/kernel_stat.h> 27 #include <linux/signal.h> 28 #include <linux/sched.h> 29 #include <linux/ioport.h> 30 #include <linux/interrupt.h> 31 #include <linux/timex.h> 32 #include <linux/init.h> 33 #include <linux/delay.h> 34 #include <linux/irq.h> 35 #include <linux/random.h> 36 #include <linux/sysrq.h> 37 #include <linux/bitops.h> 38 #include <linux/fs.h> 39 #include <linux/reboot.h> 40 41 #include <asm/uaccess.h> 42 #include <asm/system.h> 43 #include <asm/io.h> 44 #include <asm/pgtable.h> 45 #include <asm/irq.h> 46 #include <asm/cache.h> 47 #include <asm/prom.h> 48 #include <asm/ptrace.h> 49 #include <asm/machdep.h> 50 #include <asm/rtas.h> 51 #include <asm/udbg.h> 52 #include <asm/firmware.h> 53 54 #include "pseries.h" 55 56 static unsigned char ras_log_buf[RTAS_ERROR_LOG_MAX]; 57 static DEFINE_SPINLOCK(ras_log_buf_lock); 58 59 static char global_mce_data_buf[RTAS_ERROR_LOG_MAX]; 60 static DEFINE_PER_CPU(__u64, mce_data_buf); 61 62 static int ras_get_sensor_state_token; 63 static int ras_check_exception_token; 64 65 #define EPOW_SENSOR_TOKEN 9 66 #define EPOW_SENSOR_INDEX 0 67 68 static irqreturn_t ras_epow_interrupt(int irq, void *dev_id); 69 static irqreturn_t ras_error_interrupt(int irq, void *dev_id); 70 71 72 /* 73 * Initialize handlers for the set of interrupts caused by hardware errors 74 * and power system events. 75 */ 76 static int __init init_ras_IRQ(void) 77 { 78 struct device_node *np; 79 80 ras_get_sensor_state_token = rtas_token("get-sensor-state"); 81 ras_check_exception_token = rtas_token("check-exception"); 82 83 /* Internal Errors */ 84 np = of_find_node_by_path("/event-sources/internal-errors"); 85 if (np != NULL) { 86 request_event_sources_irqs(np, ras_error_interrupt, 87 "RAS_ERROR"); 88 of_node_put(np); 89 } 90 91 /* EPOW Events */ 92 np = of_find_node_by_path("/event-sources/epow-events"); 93 if (np != NULL) { 94 request_event_sources_irqs(np, ras_epow_interrupt, "RAS_EPOW"); 95 of_node_put(np); 96 } 97 98 return 0; 99 } 100 subsys_initcall(init_ras_IRQ); 101 102 #define EPOW_SHUTDOWN_NORMAL 1 103 #define EPOW_SHUTDOWN_ON_UPS 2 104 #define EPOW_SHUTDOWN_LOSS_OF_CRITICAL_FUNCTIONS 3 105 #define EPOW_SHUTDOWN_AMBIENT_TEMPERATURE_TOO_HIGH 4 106 107 static void handle_system_shutdown(char event_modifier) 108 { 109 switch (event_modifier) { 110 case EPOW_SHUTDOWN_NORMAL: 111 pr_emerg("Firmware initiated power off"); 112 orderly_poweroff(1); 113 break; 114 115 case EPOW_SHUTDOWN_ON_UPS: 116 pr_emerg("Loss of power reported by firmware, system is " 117 "running on UPS/battery"); 118 break; 119 120 case EPOW_SHUTDOWN_LOSS_OF_CRITICAL_FUNCTIONS: 121 pr_emerg("Loss of system critical functions reported by " 122 "firmware"); 123 pr_emerg("Check RTAS error log for details"); 124 orderly_poweroff(1); 125 break; 126 127 case EPOW_SHUTDOWN_AMBIENT_TEMPERATURE_TOO_HIGH: 128 pr_emerg("Ambient temperature too high reported by firmware"); 129 pr_emerg("Check RTAS error log for details"); 130 orderly_poweroff(1); 131 break; 132 133 default: 134 pr_err("Unknown power/cooling shutdown event (modifier %d)", 135 event_modifier); 136 } 137 } 138 139 struct epow_errorlog { 140 unsigned char sensor_value; 141 unsigned char event_modifier; 142 unsigned char extended_modifier; 143 unsigned char reserved; 144 unsigned char platform_reason; 145 }; 146 147 #define EPOW_RESET 0 148 #define EPOW_WARN_COOLING 1 149 #define EPOW_WARN_POWER 2 150 #define EPOW_SYSTEM_SHUTDOWN 3 151 #define EPOW_SYSTEM_HALT 4 152 #define EPOW_MAIN_ENCLOSURE 5 153 #define EPOW_POWER_OFF 7 154 155 void rtas_parse_epow_errlog(struct rtas_error_log *log) 156 { 157 struct pseries_errorlog *pseries_log; 158 struct epow_errorlog *epow_log; 159 char action_code; 160 char modifier; 161 162 pseries_log = get_pseries_errorlog(log, PSERIES_ELOG_SECT_ID_EPOW); 163 if (pseries_log == NULL) 164 return; 165 166 epow_log = (struct epow_errorlog *)pseries_log->data; 167 action_code = epow_log->sensor_value & 0xF; /* bottom 4 bits */ 168 modifier = epow_log->event_modifier & 0xF; /* bottom 4 bits */ 169 170 switch (action_code) { 171 case EPOW_RESET: 172 pr_err("Non critical power or cooling issue cleared"); 173 break; 174 175 case EPOW_WARN_COOLING: 176 pr_err("Non critical cooling issue reported by firmware"); 177 pr_err("Check RTAS error log for details"); 178 break; 179 180 case EPOW_WARN_POWER: 181 pr_err("Non critical power issue reported by firmware"); 182 pr_err("Check RTAS error log for details"); 183 break; 184 185 case EPOW_SYSTEM_SHUTDOWN: 186 handle_system_shutdown(epow_log->event_modifier); 187 break; 188 189 case EPOW_SYSTEM_HALT: 190 pr_emerg("Firmware initiated power off"); 191 orderly_poweroff(1); 192 break; 193 194 case EPOW_MAIN_ENCLOSURE: 195 case EPOW_POWER_OFF: 196 pr_emerg("Critical power/cooling issue reported by firmware"); 197 pr_emerg("Check RTAS error log for details"); 198 pr_emerg("Immediate power off"); 199 emergency_sync(); 200 kernel_power_off(); 201 break; 202 203 default: 204 pr_err("Unknown power/cooling event (action code %d)", 205 action_code); 206 } 207 } 208 209 /* Handle environmental and power warning (EPOW) interrupts. */ 210 static irqreturn_t ras_epow_interrupt(int irq, void *dev_id) 211 { 212 int status; 213 int state; 214 int critical; 215 216 status = rtas_call(ras_get_sensor_state_token, 2, 2, &state, 217 EPOW_SENSOR_TOKEN, EPOW_SENSOR_INDEX); 218 219 if (state > 3) 220 critical = 1; /* Time Critical */ 221 else 222 critical = 0; 223 224 spin_lock(&ras_log_buf_lock); 225 226 status = rtas_call(ras_check_exception_token, 6, 1, NULL, 227 RTAS_VECTOR_EXTERNAL_INTERRUPT, 228 virq_to_hw(irq), 229 RTAS_EPOW_WARNING | RTAS_POWERMGM_EVENTS, 230 critical, __pa(&ras_log_buf), 231 rtas_get_error_log_max()); 232 233 log_error(ras_log_buf, ERR_TYPE_RTAS_LOG, 0); 234 235 rtas_parse_epow_errlog((struct rtas_error_log *)ras_log_buf); 236 237 spin_unlock(&ras_log_buf_lock); 238 return IRQ_HANDLED; 239 } 240 241 /* 242 * Handle hardware error interrupts. 243 * 244 * RTAS check-exception is called to collect data on the exception. If 245 * the error is deemed recoverable, we log a warning and return. 246 * For nonrecoverable errors, an error is logged and we stop all processing 247 * as quickly as possible in order to prevent propagation of the failure. 248 */ 249 static irqreturn_t ras_error_interrupt(int irq, void *dev_id) 250 { 251 struct rtas_error_log *rtas_elog; 252 int status = 0xdeadbeef; 253 int fatal; 254 255 spin_lock(&ras_log_buf_lock); 256 257 status = rtas_call(ras_check_exception_token, 6, 1, NULL, 258 RTAS_VECTOR_EXTERNAL_INTERRUPT, 259 virq_to_hw(irq), 260 RTAS_INTERNAL_ERROR, 1 /*Time Critical */, 261 __pa(&ras_log_buf), 262 rtas_get_error_log_max()); 263 264 rtas_elog = (struct rtas_error_log *)ras_log_buf; 265 266 if ((status == 0) && (rtas_elog->severity >= RTAS_SEVERITY_ERROR_SYNC)) 267 fatal = 1; 268 else 269 fatal = 0; 270 271 /* format and print the extended information */ 272 log_error(ras_log_buf, ERR_TYPE_RTAS_LOG, fatal); 273 274 if (fatal) { 275 udbg_printf("Fatal HW Error <0x%lx 0x%x>\n", 276 *((unsigned long *)&ras_log_buf), status); 277 printk(KERN_EMERG "Error: Fatal hardware error <0x%lx 0x%x>\n", 278 *((unsigned long *)&ras_log_buf), status); 279 280 #ifndef DEBUG_RTAS_POWER_OFF 281 /* Don't actually power off when debugging so we can test 282 * without actually failing while injecting errors. 283 * Error data will not be logged to syslog. 284 */ 285 ppc_md.power_off(); 286 #endif 287 } else { 288 udbg_printf("Recoverable HW Error <0x%lx 0x%x>\n", 289 *((unsigned long *)&ras_log_buf), status); 290 printk(KERN_WARNING 291 "Warning: Recoverable hardware error <0x%lx 0x%x>\n", 292 *((unsigned long *)&ras_log_buf), status); 293 } 294 295 spin_unlock(&ras_log_buf_lock); 296 return IRQ_HANDLED; 297 } 298 299 /* 300 * Some versions of FWNMI place the buffer inside the 4kB page starting at 301 * 0x7000. Other versions place it inside the rtas buffer. We check both. 302 */ 303 #define VALID_FWNMI_BUFFER(A) \ 304 ((((A) >= 0x7000) && ((A) < 0x7ff0)) || \ 305 (((A) >= rtas.base) && ((A) < (rtas.base + rtas.size - 16)))) 306 307 /* 308 * Get the error information for errors coming through the 309 * FWNMI vectors. The pt_regs' r3 will be updated to reflect 310 * the actual r3 if possible, and a ptr to the error log entry 311 * will be returned if found. 312 * 313 * If the RTAS error is not of the extended type, then we put it in a per 314 * cpu 64bit buffer. If it is the extended type we use global_mce_data_buf. 315 * 316 * The global_mce_data_buf does not have any locks or protection around it, 317 * if a second machine check comes in, or a system reset is done 318 * before we have logged the error, then we will get corruption in the 319 * error log. This is preferable over holding off on calling 320 * ibm,nmi-interlock which would result in us checkstopping if a 321 * second machine check did come in. 322 */ 323 static struct rtas_error_log *fwnmi_get_errinfo(struct pt_regs *regs) 324 { 325 unsigned long *savep; 326 struct rtas_error_log *h, *errhdr = NULL; 327 328 if (!VALID_FWNMI_BUFFER(regs->gpr[3])) { 329 printk(KERN_ERR "FWNMI: corrupt r3 0x%016lx\n", regs->gpr[3]); 330 return NULL; 331 } 332 333 savep = __va(regs->gpr[3]); 334 regs->gpr[3] = savep[0]; /* restore original r3 */ 335 336 /* If it isn't an extended log we can use the per cpu 64bit buffer */ 337 h = (struct rtas_error_log *)&savep[1]; 338 if (!h->extended) { 339 memcpy(&__get_cpu_var(mce_data_buf), h, sizeof(__u64)); 340 errhdr = (struct rtas_error_log *)&__get_cpu_var(mce_data_buf); 341 } else { 342 int len; 343 344 len = max_t(int, 8+h->extended_log_length, RTAS_ERROR_LOG_MAX); 345 memset(global_mce_data_buf, 0, RTAS_ERROR_LOG_MAX); 346 memcpy(global_mce_data_buf, h, len); 347 errhdr = (struct rtas_error_log *)global_mce_data_buf; 348 } 349 350 return errhdr; 351 } 352 353 /* Call this when done with the data returned by FWNMI_get_errinfo. 354 * It will release the saved data area for other CPUs in the 355 * partition to receive FWNMI errors. 356 */ 357 static void fwnmi_release_errinfo(void) 358 { 359 int ret = rtas_call(rtas_token("ibm,nmi-interlock"), 0, 1, NULL); 360 if (ret != 0) 361 printk(KERN_ERR "FWNMI: nmi-interlock failed: %d\n", ret); 362 } 363 364 int pSeries_system_reset_exception(struct pt_regs *regs) 365 { 366 if (fwnmi_active) { 367 struct rtas_error_log *errhdr = fwnmi_get_errinfo(regs); 368 if (errhdr) { 369 /* XXX Should look at FWNMI information */ 370 } 371 fwnmi_release_errinfo(); 372 } 373 return 0; /* need to perform reset */ 374 } 375 376 /* 377 * See if we can recover from a machine check exception. 378 * This is only called on power4 (or above) and only via 379 * the Firmware Non-Maskable Interrupts (fwnmi) handler 380 * which provides the error analysis for us. 381 * 382 * Return 1 if corrected (or delivered a signal). 383 * Return 0 if there is nothing we can do. 384 */ 385 static int recover_mce(struct pt_regs *regs, struct rtas_error_log *err) 386 { 387 int recovered = 0; 388 389 if (!(regs->msr & MSR_RI)) { 390 /* If MSR_RI isn't set, we cannot recover */ 391 recovered = 0; 392 393 } else if (err->disposition == RTAS_DISP_FULLY_RECOVERED) { 394 /* Platform corrected itself */ 395 recovered = 1; 396 397 } else if (err->disposition == RTAS_DISP_LIMITED_RECOVERY) { 398 /* Platform corrected itself but could be degraded */ 399 printk(KERN_ERR "MCE: limited recovery, system may " 400 "be degraded\n"); 401 recovered = 1; 402 403 } else if (user_mode(regs) && !is_global_init(current) && 404 err->severity == RTAS_SEVERITY_ERROR_SYNC) { 405 406 /* 407 * If we received a synchronous error when in userspace 408 * kill the task. Firmware may report details of the fail 409 * asynchronously, so we can't rely on the target and type 410 * fields being valid here. 411 */ 412 printk(KERN_ERR "MCE: uncorrectable error, killing task " 413 "%s:%d\n", current->comm, current->pid); 414 415 _exception(SIGBUS, regs, BUS_MCEERR_AR, regs->nip); 416 recovered = 1; 417 } 418 419 log_error((char *)err, ERR_TYPE_RTAS_LOG, 0); 420 421 return recovered; 422 } 423 424 /* 425 * Handle a machine check. 426 * 427 * Note that on Power 4 and beyond Firmware Non-Maskable Interrupts (fwnmi) 428 * should be present. If so the handler which called us tells us if the 429 * error was recovered (never true if RI=0). 430 * 431 * On hardware prior to Power 4 these exceptions were asynchronous which 432 * means we can't tell exactly where it occurred and so we can't recover. 433 */ 434 int pSeries_machine_check_exception(struct pt_regs *regs) 435 { 436 struct rtas_error_log *errp; 437 438 if (fwnmi_active) { 439 errp = fwnmi_get_errinfo(regs); 440 fwnmi_release_errinfo(); 441 if (errp && recover_mce(regs, errp)) 442 return 1; 443 } 444 445 return 0; 446 } 447