1 /* 2 * ipmi_msghandler.c 3 * 4 * Incoming and outgoing message routing for an IPMI interface. 5 * 6 * Author: MontaVista Software, Inc. 7 * Corey Minyard <minyard@mvista.com> 8 * source@mvista.com 9 * 10 * Copyright 2002 MontaVista Software Inc. 11 * 12 * This program is free software; you can redistribute it and/or modify it 13 * under the terms of the GNU General Public License as published by the 14 * Free Software Foundation; either version 2 of the License, or (at your 15 * option) any later version. 16 * 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * 29 * You should have received a copy of the GNU General Public License along 30 * with this program; if not, write to the Free Software Foundation, Inc., 31 * 675 Mass Ave, Cambridge, MA 02139, USA. 32 */ 33 34 #include <linux/module.h> 35 #include <linux/errno.h> 36 #include <asm/system.h> 37 #include <linux/poll.h> 38 #include <linux/spinlock.h> 39 #include <linux/mutex.h> 40 #include <linux/slab.h> 41 #include <linux/ipmi.h> 42 #include <linux/ipmi_smi.h> 43 #include <linux/notifier.h> 44 #include <linux/init.h> 45 #include <linux/proc_fs.h> 46 #include <linux/rcupdate.h> 47 48 #define PFX "IPMI message handler: " 49 50 #define IPMI_DRIVER_VERSION "39.1" 51 52 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void); 53 static int ipmi_init_msghandler(void); 54 55 static int initialized; 56 57 #ifdef CONFIG_PROC_FS 58 static struct proc_dir_entry *proc_ipmi_root; 59 #endif /* CONFIG_PROC_FS */ 60 61 /* Remain in auto-maintenance mode for this amount of time (in ms). */ 62 #define IPMI_MAINTENANCE_MODE_TIMEOUT 30000 63 64 #define MAX_EVENTS_IN_QUEUE 25 65 66 /* Don't let a message sit in a queue forever, always time it with at lest 67 the max message timer. This is in milliseconds. */ 68 #define MAX_MSG_TIMEOUT 60000 69 70 71 /* 72 * The main "user" data structure. 73 */ 74 struct ipmi_user 75 { 76 struct list_head link; 77 78 /* Set to "0" when the user is destroyed. */ 79 int valid; 80 81 struct kref refcount; 82 83 /* The upper layer that handles receive messages. */ 84 struct ipmi_user_hndl *handler; 85 void *handler_data; 86 87 /* The interface this user is bound to. */ 88 ipmi_smi_t intf; 89 90 /* Does this interface receive IPMI events? */ 91 int gets_events; 92 }; 93 94 struct cmd_rcvr 95 { 96 struct list_head link; 97 98 ipmi_user_t user; 99 unsigned char netfn; 100 unsigned char cmd; 101 unsigned int chans; 102 103 /* 104 * This is used to form a linked lised during mass deletion. 105 * Since this is in an RCU list, we cannot use the link above 106 * or change any data until the RCU period completes. So we 107 * use this next variable during mass deletion so we can have 108 * a list and don't have to wait and restart the search on 109 * every individual deletion of a command. */ 110 struct cmd_rcvr *next; 111 }; 112 113 struct seq_table 114 { 115 unsigned int inuse : 1; 116 unsigned int broadcast : 1; 117 118 unsigned long timeout; 119 unsigned long orig_timeout; 120 unsigned int retries_left; 121 122 /* To verify on an incoming send message response that this is 123 the message that the response is for, we keep a sequence id 124 and increment it every time we send a message. */ 125 long seqid; 126 127 /* This is held so we can properly respond to the message on a 128 timeout, and it is used to hold the temporary data for 129 retransmission, too. */ 130 struct ipmi_recv_msg *recv_msg; 131 }; 132 133 /* Store the information in a msgid (long) to allow us to find a 134 sequence table entry from the msgid. */ 135 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff)) 136 137 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \ 138 do { \ 139 seq = ((msgid >> 26) & 0x3f); \ 140 seqid = (msgid & 0x3fffff); \ 141 } while (0) 142 143 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff) 144 145 struct ipmi_channel 146 { 147 unsigned char medium; 148 unsigned char protocol; 149 150 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR, 151 but may be changed by the user. */ 152 unsigned char address; 153 154 /* My LUN. This should generally stay the SMS LUN, but just in 155 case... */ 156 unsigned char lun; 157 }; 158 159 #ifdef CONFIG_PROC_FS 160 struct ipmi_proc_entry 161 { 162 char *name; 163 struct ipmi_proc_entry *next; 164 }; 165 #endif 166 167 struct bmc_device 168 { 169 struct platform_device *dev; 170 struct ipmi_device_id id; 171 unsigned char guid[16]; 172 int guid_set; 173 174 struct kref refcount; 175 176 /* bmc device attributes */ 177 struct device_attribute device_id_attr; 178 struct device_attribute provides_dev_sdrs_attr; 179 struct device_attribute revision_attr; 180 struct device_attribute firmware_rev_attr; 181 struct device_attribute version_attr; 182 struct device_attribute add_dev_support_attr; 183 struct device_attribute manufacturer_id_attr; 184 struct device_attribute product_id_attr; 185 struct device_attribute guid_attr; 186 struct device_attribute aux_firmware_rev_attr; 187 }; 188 189 #define IPMI_IPMB_NUM_SEQ 64 190 #define IPMI_MAX_CHANNELS 16 191 struct ipmi_smi 192 { 193 /* What interface number are we? */ 194 int intf_num; 195 196 struct kref refcount; 197 198 /* Used for a list of interfaces. */ 199 struct list_head link; 200 201 /* The list of upper layers that are using me. seq_lock 202 * protects this. */ 203 struct list_head users; 204 205 /* Information to supply to users. */ 206 unsigned char ipmi_version_major; 207 unsigned char ipmi_version_minor; 208 209 /* Used for wake ups at startup. */ 210 wait_queue_head_t waitq; 211 212 struct bmc_device *bmc; 213 char *my_dev_name; 214 char *sysfs_name; 215 216 /* This is the lower-layer's sender routine. Note that you 217 * must either be holding the ipmi_interfaces_mutex or be in 218 * an umpreemptible region to use this. You must fetch the 219 * value into a local variable and make sure it is not NULL. */ 220 struct ipmi_smi_handlers *handlers; 221 void *send_info; 222 223 #ifdef CONFIG_PROC_FS 224 /* A list of proc entries for this interface. This does not 225 need a lock, only one thread creates it and only one thread 226 destroys it. */ 227 spinlock_t proc_entry_lock; 228 struct ipmi_proc_entry *proc_entries; 229 #endif 230 231 /* Driver-model device for the system interface. */ 232 struct device *si_dev; 233 234 /* A table of sequence numbers for this interface. We use the 235 sequence numbers for IPMB messages that go out of the 236 interface to match them up with their responses. A routine 237 is called periodically to time the items in this list. */ 238 spinlock_t seq_lock; 239 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ]; 240 int curr_seq; 241 242 /* Messages that were delayed for some reason (out of memory, 243 for instance), will go in here to be processed later in a 244 periodic timer interrupt. */ 245 spinlock_t waiting_msgs_lock; 246 struct list_head waiting_msgs; 247 248 /* The list of command receivers that are registered for commands 249 on this interface. */ 250 struct mutex cmd_rcvrs_mutex; 251 struct list_head cmd_rcvrs; 252 253 /* Events that were queues because no one was there to receive 254 them. */ 255 spinlock_t events_lock; /* For dealing with event stuff. */ 256 struct list_head waiting_events; 257 unsigned int waiting_events_count; /* How many events in queue? */ 258 int delivering_events; 259 260 /* The event receiver for my BMC, only really used at panic 261 shutdown as a place to store this. */ 262 unsigned char event_receiver; 263 unsigned char event_receiver_lun; 264 unsigned char local_sel_device; 265 unsigned char local_event_generator; 266 267 /* For handling of maintenance mode. */ 268 int maintenance_mode; 269 int maintenance_mode_enable; 270 int auto_maintenance_timeout; 271 spinlock_t maintenance_mode_lock; /* Used in a timer... */ 272 273 /* A cheap hack, if this is non-null and a message to an 274 interface comes in with a NULL user, call this routine with 275 it. Note that the message will still be freed by the 276 caller. This only works on the system interface. */ 277 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg); 278 279 /* When we are scanning the channels for an SMI, this will 280 tell which channel we are scanning. */ 281 int curr_channel; 282 283 /* Channel information */ 284 struct ipmi_channel channels[IPMI_MAX_CHANNELS]; 285 286 /* Proc FS stuff. */ 287 struct proc_dir_entry *proc_dir; 288 char proc_dir_name[10]; 289 290 spinlock_t counter_lock; /* For making counters atomic. */ 291 292 /* Commands we got that were invalid. */ 293 unsigned int sent_invalid_commands; 294 295 /* Commands we sent to the MC. */ 296 unsigned int sent_local_commands; 297 /* Responses from the MC that were delivered to a user. */ 298 unsigned int handled_local_responses; 299 /* Responses from the MC that were not delivered to a user. */ 300 unsigned int unhandled_local_responses; 301 302 /* Commands we sent out to the IPMB bus. */ 303 unsigned int sent_ipmb_commands; 304 /* Commands sent on the IPMB that had errors on the SEND CMD */ 305 unsigned int sent_ipmb_command_errs; 306 /* Each retransmit increments this count. */ 307 unsigned int retransmitted_ipmb_commands; 308 /* When a message times out (runs out of retransmits) this is 309 incremented. */ 310 unsigned int timed_out_ipmb_commands; 311 312 /* This is like above, but for broadcasts. Broadcasts are 313 *not* included in the above count (they are expected to 314 time out). */ 315 unsigned int timed_out_ipmb_broadcasts; 316 317 /* Responses I have sent to the IPMB bus. */ 318 unsigned int sent_ipmb_responses; 319 320 /* The response was delivered to the user. */ 321 unsigned int handled_ipmb_responses; 322 /* The response had invalid data in it. */ 323 unsigned int invalid_ipmb_responses; 324 /* The response didn't have anyone waiting for it. */ 325 unsigned int unhandled_ipmb_responses; 326 327 /* Commands we sent out to the IPMB bus. */ 328 unsigned int sent_lan_commands; 329 /* Commands sent on the IPMB that had errors on the SEND CMD */ 330 unsigned int sent_lan_command_errs; 331 /* Each retransmit increments this count. */ 332 unsigned int retransmitted_lan_commands; 333 /* When a message times out (runs out of retransmits) this is 334 incremented. */ 335 unsigned int timed_out_lan_commands; 336 337 /* Responses I have sent to the IPMB bus. */ 338 unsigned int sent_lan_responses; 339 340 /* The response was delivered to the user. */ 341 unsigned int handled_lan_responses; 342 /* The response had invalid data in it. */ 343 unsigned int invalid_lan_responses; 344 /* The response didn't have anyone waiting for it. */ 345 unsigned int unhandled_lan_responses; 346 347 /* The command was delivered to the user. */ 348 unsigned int handled_commands; 349 /* The command had invalid data in it. */ 350 unsigned int invalid_commands; 351 /* The command didn't have anyone waiting for it. */ 352 unsigned int unhandled_commands; 353 354 /* Invalid data in an event. */ 355 unsigned int invalid_events; 356 /* Events that were received with the proper format. */ 357 unsigned int events; 358 }; 359 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev) 360 361 /** 362 * The driver model view of the IPMI messaging driver. 363 */ 364 static struct device_driver ipmidriver = { 365 .name = "ipmi", 366 .bus = &platform_bus_type 367 }; 368 static DEFINE_MUTEX(ipmidriver_mutex); 369 370 static struct list_head ipmi_interfaces = LIST_HEAD_INIT(ipmi_interfaces); 371 static DEFINE_MUTEX(ipmi_interfaces_mutex); 372 373 /* List of watchers that want to know when smi's are added and 374 deleted. */ 375 static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers); 376 static DEFINE_MUTEX(smi_watchers_mutex); 377 378 379 static void free_recv_msg_list(struct list_head *q) 380 { 381 struct ipmi_recv_msg *msg, *msg2; 382 383 list_for_each_entry_safe(msg, msg2, q, link) { 384 list_del(&msg->link); 385 ipmi_free_recv_msg(msg); 386 } 387 } 388 389 static void free_smi_msg_list(struct list_head *q) 390 { 391 struct ipmi_smi_msg *msg, *msg2; 392 393 list_for_each_entry_safe(msg, msg2, q, link) { 394 list_del(&msg->link); 395 ipmi_free_smi_msg(msg); 396 } 397 } 398 399 static void clean_up_interface_data(ipmi_smi_t intf) 400 { 401 int i; 402 struct cmd_rcvr *rcvr, *rcvr2; 403 struct list_head list; 404 405 free_smi_msg_list(&intf->waiting_msgs); 406 free_recv_msg_list(&intf->waiting_events); 407 408 /* 409 * Wholesale remove all the entries from the list in the 410 * interface and wait for RCU to know that none are in use. 411 */ 412 mutex_lock(&intf->cmd_rcvrs_mutex); 413 INIT_LIST_HEAD(&list); 414 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu); 415 mutex_unlock(&intf->cmd_rcvrs_mutex); 416 417 list_for_each_entry_safe(rcvr, rcvr2, &list, link) 418 kfree(rcvr); 419 420 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 421 if ((intf->seq_table[i].inuse) 422 && (intf->seq_table[i].recv_msg)) 423 { 424 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 425 } 426 } 427 } 428 429 static void intf_free(struct kref *ref) 430 { 431 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount); 432 433 clean_up_interface_data(intf); 434 kfree(intf); 435 } 436 437 struct watcher_entry { 438 int intf_num; 439 ipmi_smi_t intf; 440 struct list_head link; 441 }; 442 443 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher) 444 { 445 ipmi_smi_t intf; 446 struct list_head to_deliver = LIST_HEAD_INIT(to_deliver); 447 struct watcher_entry *e, *e2; 448 449 mutex_lock(&smi_watchers_mutex); 450 451 mutex_lock(&ipmi_interfaces_mutex); 452 453 /* Build a list of things to deliver. */ 454 list_for_each_entry(intf, &ipmi_interfaces, link) { 455 if (intf->intf_num == -1) 456 continue; 457 e = kmalloc(sizeof(*e), GFP_KERNEL); 458 if (!e) 459 goto out_err; 460 kref_get(&intf->refcount); 461 e->intf = intf; 462 e->intf_num = intf->intf_num; 463 list_add_tail(&e->link, &to_deliver); 464 } 465 466 /* We will succeed, so add it to the list. */ 467 list_add(&watcher->link, &smi_watchers); 468 469 mutex_unlock(&ipmi_interfaces_mutex); 470 471 list_for_each_entry_safe(e, e2, &to_deliver, link) { 472 list_del(&e->link); 473 watcher->new_smi(e->intf_num, e->intf->si_dev); 474 kref_put(&e->intf->refcount, intf_free); 475 kfree(e); 476 } 477 478 mutex_unlock(&smi_watchers_mutex); 479 480 return 0; 481 482 out_err: 483 mutex_unlock(&ipmi_interfaces_mutex); 484 mutex_unlock(&smi_watchers_mutex); 485 list_for_each_entry_safe(e, e2, &to_deliver, link) { 486 list_del(&e->link); 487 kref_put(&e->intf->refcount, intf_free); 488 kfree(e); 489 } 490 return -ENOMEM; 491 } 492 493 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher) 494 { 495 mutex_lock(&smi_watchers_mutex); 496 list_del(&(watcher->link)); 497 mutex_unlock(&smi_watchers_mutex); 498 return 0; 499 } 500 501 /* 502 * Must be called with smi_watchers_mutex held. 503 */ 504 static void 505 call_smi_watchers(int i, struct device *dev) 506 { 507 struct ipmi_smi_watcher *w; 508 509 list_for_each_entry(w, &smi_watchers, link) { 510 if (try_module_get(w->owner)) { 511 w->new_smi(i, dev); 512 module_put(w->owner); 513 } 514 } 515 } 516 517 static int 518 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2) 519 { 520 if (addr1->addr_type != addr2->addr_type) 521 return 0; 522 523 if (addr1->channel != addr2->channel) 524 return 0; 525 526 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 527 struct ipmi_system_interface_addr *smi_addr1 528 = (struct ipmi_system_interface_addr *) addr1; 529 struct ipmi_system_interface_addr *smi_addr2 530 = (struct ipmi_system_interface_addr *) addr2; 531 return (smi_addr1->lun == smi_addr2->lun); 532 } 533 534 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE) 535 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 536 { 537 struct ipmi_ipmb_addr *ipmb_addr1 538 = (struct ipmi_ipmb_addr *) addr1; 539 struct ipmi_ipmb_addr *ipmb_addr2 540 = (struct ipmi_ipmb_addr *) addr2; 541 542 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr) 543 && (ipmb_addr1->lun == ipmb_addr2->lun)); 544 } 545 546 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) { 547 struct ipmi_lan_addr *lan_addr1 548 = (struct ipmi_lan_addr *) addr1; 549 struct ipmi_lan_addr *lan_addr2 550 = (struct ipmi_lan_addr *) addr2; 551 552 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID) 553 && (lan_addr1->local_SWID == lan_addr2->local_SWID) 554 && (lan_addr1->session_handle 555 == lan_addr2->session_handle) 556 && (lan_addr1->lun == lan_addr2->lun)); 557 } 558 559 return 1; 560 } 561 562 int ipmi_validate_addr(struct ipmi_addr *addr, int len) 563 { 564 if (len < sizeof(struct ipmi_system_interface_addr)) { 565 return -EINVAL; 566 } 567 568 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 569 if (addr->channel != IPMI_BMC_CHANNEL) 570 return -EINVAL; 571 return 0; 572 } 573 574 if ((addr->channel == IPMI_BMC_CHANNEL) 575 || (addr->channel >= IPMI_MAX_CHANNELS) 576 || (addr->channel < 0)) 577 return -EINVAL; 578 579 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE) 580 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 581 { 582 if (len < sizeof(struct ipmi_ipmb_addr)) { 583 return -EINVAL; 584 } 585 return 0; 586 } 587 588 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) { 589 if (len < sizeof(struct ipmi_lan_addr)) { 590 return -EINVAL; 591 } 592 return 0; 593 } 594 595 return -EINVAL; 596 } 597 598 unsigned int ipmi_addr_length(int addr_type) 599 { 600 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 601 return sizeof(struct ipmi_system_interface_addr); 602 603 if ((addr_type == IPMI_IPMB_ADDR_TYPE) 604 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 605 { 606 return sizeof(struct ipmi_ipmb_addr); 607 } 608 609 if (addr_type == IPMI_LAN_ADDR_TYPE) 610 return sizeof(struct ipmi_lan_addr); 611 612 return 0; 613 } 614 615 static void deliver_response(struct ipmi_recv_msg *msg) 616 { 617 if (!msg->user) { 618 ipmi_smi_t intf = msg->user_msg_data; 619 unsigned long flags; 620 621 /* Special handling for NULL users. */ 622 if (intf->null_user_handler) { 623 intf->null_user_handler(intf, msg); 624 spin_lock_irqsave(&intf->counter_lock, flags); 625 intf->handled_local_responses++; 626 spin_unlock_irqrestore(&intf->counter_lock, flags); 627 } else { 628 /* No handler, so give up. */ 629 spin_lock_irqsave(&intf->counter_lock, flags); 630 intf->unhandled_local_responses++; 631 spin_unlock_irqrestore(&intf->counter_lock, flags); 632 } 633 ipmi_free_recv_msg(msg); 634 } else { 635 ipmi_user_t user = msg->user; 636 user->handler->ipmi_recv_hndl(msg, user->handler_data); 637 } 638 } 639 640 static void 641 deliver_err_response(struct ipmi_recv_msg *msg, int err) 642 { 643 msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 644 msg->msg_data[0] = err; 645 msg->msg.netfn |= 1; /* Convert to a response. */ 646 msg->msg.data_len = 1; 647 msg->msg.data = msg->msg_data; 648 deliver_response(msg); 649 } 650 651 /* Find the next sequence number not being used and add the given 652 message with the given timeout to the sequence table. This must be 653 called with the interface's seq_lock held. */ 654 static int intf_next_seq(ipmi_smi_t intf, 655 struct ipmi_recv_msg *recv_msg, 656 unsigned long timeout, 657 int retries, 658 int broadcast, 659 unsigned char *seq, 660 long *seqid) 661 { 662 int rv = 0; 663 unsigned int i; 664 665 for (i = intf->curr_seq; 666 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq; 667 i = (i+1)%IPMI_IPMB_NUM_SEQ) 668 { 669 if (!intf->seq_table[i].inuse) 670 break; 671 } 672 673 if (!intf->seq_table[i].inuse) { 674 intf->seq_table[i].recv_msg = recv_msg; 675 676 /* Start with the maximum timeout, when the send response 677 comes in we will start the real timer. */ 678 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT; 679 intf->seq_table[i].orig_timeout = timeout; 680 intf->seq_table[i].retries_left = retries; 681 intf->seq_table[i].broadcast = broadcast; 682 intf->seq_table[i].inuse = 1; 683 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid); 684 *seq = i; 685 *seqid = intf->seq_table[i].seqid; 686 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ; 687 } else { 688 rv = -EAGAIN; 689 } 690 691 return rv; 692 } 693 694 /* Return the receive message for the given sequence number and 695 release the sequence number so it can be reused. Some other data 696 is passed in to be sure the message matches up correctly (to help 697 guard against message coming in after their timeout and the 698 sequence number being reused). */ 699 static int intf_find_seq(ipmi_smi_t intf, 700 unsigned char seq, 701 short channel, 702 unsigned char cmd, 703 unsigned char netfn, 704 struct ipmi_addr *addr, 705 struct ipmi_recv_msg **recv_msg) 706 { 707 int rv = -ENODEV; 708 unsigned long flags; 709 710 if (seq >= IPMI_IPMB_NUM_SEQ) 711 return -EINVAL; 712 713 spin_lock_irqsave(&(intf->seq_lock), flags); 714 if (intf->seq_table[seq].inuse) { 715 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg; 716 717 if ((msg->addr.channel == channel) 718 && (msg->msg.cmd == cmd) 719 && (msg->msg.netfn == netfn) 720 && (ipmi_addr_equal(addr, &(msg->addr)))) 721 { 722 *recv_msg = msg; 723 intf->seq_table[seq].inuse = 0; 724 rv = 0; 725 } 726 } 727 spin_unlock_irqrestore(&(intf->seq_lock), flags); 728 729 return rv; 730 } 731 732 733 /* Start the timer for a specific sequence table entry. */ 734 static int intf_start_seq_timer(ipmi_smi_t intf, 735 long msgid) 736 { 737 int rv = -ENODEV; 738 unsigned long flags; 739 unsigned char seq; 740 unsigned long seqid; 741 742 743 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 744 745 spin_lock_irqsave(&(intf->seq_lock), flags); 746 /* We do this verification because the user can be deleted 747 while a message is outstanding. */ 748 if ((intf->seq_table[seq].inuse) 749 && (intf->seq_table[seq].seqid == seqid)) 750 { 751 struct seq_table *ent = &(intf->seq_table[seq]); 752 ent->timeout = ent->orig_timeout; 753 rv = 0; 754 } 755 spin_unlock_irqrestore(&(intf->seq_lock), flags); 756 757 return rv; 758 } 759 760 /* Got an error for the send message for a specific sequence number. */ 761 static int intf_err_seq(ipmi_smi_t intf, 762 long msgid, 763 unsigned int err) 764 { 765 int rv = -ENODEV; 766 unsigned long flags; 767 unsigned char seq; 768 unsigned long seqid; 769 struct ipmi_recv_msg *msg = NULL; 770 771 772 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 773 774 spin_lock_irqsave(&(intf->seq_lock), flags); 775 /* We do this verification because the user can be deleted 776 while a message is outstanding. */ 777 if ((intf->seq_table[seq].inuse) 778 && (intf->seq_table[seq].seqid == seqid)) 779 { 780 struct seq_table *ent = &(intf->seq_table[seq]); 781 782 ent->inuse = 0; 783 msg = ent->recv_msg; 784 rv = 0; 785 } 786 spin_unlock_irqrestore(&(intf->seq_lock), flags); 787 788 if (msg) 789 deliver_err_response(msg, err); 790 791 return rv; 792 } 793 794 795 int ipmi_create_user(unsigned int if_num, 796 struct ipmi_user_hndl *handler, 797 void *handler_data, 798 ipmi_user_t *user) 799 { 800 unsigned long flags; 801 ipmi_user_t new_user; 802 int rv = 0; 803 ipmi_smi_t intf; 804 805 /* There is no module usecount here, because it's not 806 required. Since this can only be used by and called from 807 other modules, they will implicitly use this module, and 808 thus this can't be removed unless the other modules are 809 removed. */ 810 811 if (handler == NULL) 812 return -EINVAL; 813 814 /* Make sure the driver is actually initialized, this handles 815 problems with initialization order. */ 816 if (!initialized) { 817 rv = ipmi_init_msghandler(); 818 if (rv) 819 return rv; 820 821 /* The init code doesn't return an error if it was turned 822 off, but it won't initialize. Check that. */ 823 if (!initialized) 824 return -ENODEV; 825 } 826 827 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL); 828 if (!new_user) 829 return -ENOMEM; 830 831 mutex_lock(&ipmi_interfaces_mutex); 832 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 833 if (intf->intf_num == if_num) 834 goto found; 835 } 836 /* Not found, return an error */ 837 rv = -EINVAL; 838 goto out_kfree; 839 840 found: 841 /* Note that each existing user holds a refcount to the interface. */ 842 kref_get(&intf->refcount); 843 844 kref_init(&new_user->refcount); 845 new_user->handler = handler; 846 new_user->handler_data = handler_data; 847 new_user->intf = intf; 848 new_user->gets_events = 0; 849 850 if (!try_module_get(intf->handlers->owner)) { 851 rv = -ENODEV; 852 goto out_kref; 853 } 854 855 if (intf->handlers->inc_usecount) { 856 rv = intf->handlers->inc_usecount(intf->send_info); 857 if (rv) { 858 module_put(intf->handlers->owner); 859 goto out_kref; 860 } 861 } 862 863 /* Hold the lock so intf->handlers is guaranteed to be good 864 * until now */ 865 mutex_unlock(&ipmi_interfaces_mutex); 866 867 new_user->valid = 1; 868 spin_lock_irqsave(&intf->seq_lock, flags); 869 list_add_rcu(&new_user->link, &intf->users); 870 spin_unlock_irqrestore(&intf->seq_lock, flags); 871 *user = new_user; 872 return 0; 873 874 out_kref: 875 kref_put(&intf->refcount, intf_free); 876 out_kfree: 877 mutex_unlock(&ipmi_interfaces_mutex); 878 kfree(new_user); 879 return rv; 880 } 881 882 static void free_user(struct kref *ref) 883 { 884 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount); 885 kfree(user); 886 } 887 888 int ipmi_destroy_user(ipmi_user_t user) 889 { 890 ipmi_smi_t intf = user->intf; 891 int i; 892 unsigned long flags; 893 struct cmd_rcvr *rcvr; 894 struct cmd_rcvr *rcvrs = NULL; 895 896 user->valid = 0; 897 898 /* Remove the user from the interface's sequence table. */ 899 spin_lock_irqsave(&intf->seq_lock, flags); 900 list_del_rcu(&user->link); 901 902 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 903 if (intf->seq_table[i].inuse 904 && (intf->seq_table[i].recv_msg->user == user)) 905 { 906 intf->seq_table[i].inuse = 0; 907 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 908 } 909 } 910 spin_unlock_irqrestore(&intf->seq_lock, flags); 911 912 /* 913 * Remove the user from the command receiver's table. First 914 * we build a list of everything (not using the standard link, 915 * since other things may be using it till we do 916 * synchronize_rcu()) then free everything in that list. 917 */ 918 mutex_lock(&intf->cmd_rcvrs_mutex); 919 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 920 if (rcvr->user == user) { 921 list_del_rcu(&rcvr->link); 922 rcvr->next = rcvrs; 923 rcvrs = rcvr; 924 } 925 } 926 mutex_unlock(&intf->cmd_rcvrs_mutex); 927 synchronize_rcu(); 928 while (rcvrs) { 929 rcvr = rcvrs; 930 rcvrs = rcvr->next; 931 kfree(rcvr); 932 } 933 934 mutex_lock(&ipmi_interfaces_mutex); 935 if (intf->handlers) { 936 module_put(intf->handlers->owner); 937 if (intf->handlers->dec_usecount) 938 intf->handlers->dec_usecount(intf->send_info); 939 } 940 mutex_unlock(&ipmi_interfaces_mutex); 941 942 kref_put(&intf->refcount, intf_free); 943 944 kref_put(&user->refcount, free_user); 945 946 return 0; 947 } 948 949 void ipmi_get_version(ipmi_user_t user, 950 unsigned char *major, 951 unsigned char *minor) 952 { 953 *major = user->intf->ipmi_version_major; 954 *minor = user->intf->ipmi_version_minor; 955 } 956 957 int ipmi_set_my_address(ipmi_user_t user, 958 unsigned int channel, 959 unsigned char address) 960 { 961 if (channel >= IPMI_MAX_CHANNELS) 962 return -EINVAL; 963 user->intf->channels[channel].address = address; 964 return 0; 965 } 966 967 int ipmi_get_my_address(ipmi_user_t user, 968 unsigned int channel, 969 unsigned char *address) 970 { 971 if (channel >= IPMI_MAX_CHANNELS) 972 return -EINVAL; 973 *address = user->intf->channels[channel].address; 974 return 0; 975 } 976 977 int ipmi_set_my_LUN(ipmi_user_t user, 978 unsigned int channel, 979 unsigned char LUN) 980 { 981 if (channel >= IPMI_MAX_CHANNELS) 982 return -EINVAL; 983 user->intf->channels[channel].lun = LUN & 0x3; 984 return 0; 985 } 986 987 int ipmi_get_my_LUN(ipmi_user_t user, 988 unsigned int channel, 989 unsigned char *address) 990 { 991 if (channel >= IPMI_MAX_CHANNELS) 992 return -EINVAL; 993 *address = user->intf->channels[channel].lun; 994 return 0; 995 } 996 997 int ipmi_get_maintenance_mode(ipmi_user_t user) 998 { 999 int mode; 1000 unsigned long flags; 1001 1002 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags); 1003 mode = user->intf->maintenance_mode; 1004 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags); 1005 1006 return mode; 1007 } 1008 EXPORT_SYMBOL(ipmi_get_maintenance_mode); 1009 1010 static void maintenance_mode_update(ipmi_smi_t intf) 1011 { 1012 if (intf->handlers->set_maintenance_mode) 1013 intf->handlers->set_maintenance_mode( 1014 intf->send_info, intf->maintenance_mode_enable); 1015 } 1016 1017 int ipmi_set_maintenance_mode(ipmi_user_t user, int mode) 1018 { 1019 int rv = 0; 1020 unsigned long flags; 1021 ipmi_smi_t intf = user->intf; 1022 1023 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1024 if (intf->maintenance_mode != mode) { 1025 switch (mode) { 1026 case IPMI_MAINTENANCE_MODE_AUTO: 1027 intf->maintenance_mode = mode; 1028 intf->maintenance_mode_enable 1029 = (intf->auto_maintenance_timeout > 0); 1030 break; 1031 1032 case IPMI_MAINTENANCE_MODE_OFF: 1033 intf->maintenance_mode = mode; 1034 intf->maintenance_mode_enable = 0; 1035 break; 1036 1037 case IPMI_MAINTENANCE_MODE_ON: 1038 intf->maintenance_mode = mode; 1039 intf->maintenance_mode_enable = 1; 1040 break; 1041 1042 default: 1043 rv = -EINVAL; 1044 goto out_unlock; 1045 } 1046 1047 maintenance_mode_update(intf); 1048 } 1049 out_unlock: 1050 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags); 1051 1052 return rv; 1053 } 1054 EXPORT_SYMBOL(ipmi_set_maintenance_mode); 1055 1056 int ipmi_set_gets_events(ipmi_user_t user, int val) 1057 { 1058 unsigned long flags; 1059 ipmi_smi_t intf = user->intf; 1060 struct ipmi_recv_msg *msg, *msg2; 1061 struct list_head msgs; 1062 1063 INIT_LIST_HEAD(&msgs); 1064 1065 spin_lock_irqsave(&intf->events_lock, flags); 1066 user->gets_events = val; 1067 1068 if (intf->delivering_events) 1069 /* 1070 * Another thread is delivering events for this, so 1071 * let it handle any new events. 1072 */ 1073 goto out; 1074 1075 /* Deliver any queued events. */ 1076 while (user->gets_events && !list_empty(&intf->waiting_events)) { 1077 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link) 1078 list_move_tail(&msg->link, &msgs); 1079 intf->waiting_events_count = 0; 1080 1081 intf->delivering_events = 1; 1082 spin_unlock_irqrestore(&intf->events_lock, flags); 1083 1084 list_for_each_entry_safe(msg, msg2, &msgs, link) { 1085 msg->user = user; 1086 kref_get(&user->refcount); 1087 deliver_response(msg); 1088 } 1089 1090 spin_lock_irqsave(&intf->events_lock, flags); 1091 intf->delivering_events = 0; 1092 } 1093 1094 out: 1095 spin_unlock_irqrestore(&intf->events_lock, flags); 1096 1097 return 0; 1098 } 1099 1100 static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf, 1101 unsigned char netfn, 1102 unsigned char cmd, 1103 unsigned char chan) 1104 { 1105 struct cmd_rcvr *rcvr; 1106 1107 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1108 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1109 && (rcvr->chans & (1 << chan))) 1110 return rcvr; 1111 } 1112 return NULL; 1113 } 1114 1115 static int is_cmd_rcvr_exclusive(ipmi_smi_t intf, 1116 unsigned char netfn, 1117 unsigned char cmd, 1118 unsigned int chans) 1119 { 1120 struct cmd_rcvr *rcvr; 1121 1122 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1123 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1124 && (rcvr->chans & chans)) 1125 return 0; 1126 } 1127 return 1; 1128 } 1129 1130 int ipmi_register_for_cmd(ipmi_user_t user, 1131 unsigned char netfn, 1132 unsigned char cmd, 1133 unsigned int chans) 1134 { 1135 ipmi_smi_t intf = user->intf; 1136 struct cmd_rcvr *rcvr; 1137 int rv = 0; 1138 1139 1140 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL); 1141 if (!rcvr) 1142 return -ENOMEM; 1143 rcvr->cmd = cmd; 1144 rcvr->netfn = netfn; 1145 rcvr->chans = chans; 1146 rcvr->user = user; 1147 1148 mutex_lock(&intf->cmd_rcvrs_mutex); 1149 /* Make sure the command/netfn is not already registered. */ 1150 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) { 1151 rv = -EBUSY; 1152 goto out_unlock; 1153 } 1154 1155 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs); 1156 1157 out_unlock: 1158 mutex_unlock(&intf->cmd_rcvrs_mutex); 1159 if (rv) 1160 kfree(rcvr); 1161 1162 return rv; 1163 } 1164 1165 int ipmi_unregister_for_cmd(ipmi_user_t user, 1166 unsigned char netfn, 1167 unsigned char cmd, 1168 unsigned int chans) 1169 { 1170 ipmi_smi_t intf = user->intf; 1171 struct cmd_rcvr *rcvr; 1172 struct cmd_rcvr *rcvrs = NULL; 1173 int i, rv = -ENOENT; 1174 1175 mutex_lock(&intf->cmd_rcvrs_mutex); 1176 for (i = 0; i < IPMI_NUM_CHANNELS; i++) { 1177 if (((1 << i) & chans) == 0) 1178 continue; 1179 rcvr = find_cmd_rcvr(intf, netfn, cmd, i); 1180 if (rcvr == NULL) 1181 continue; 1182 if (rcvr->user == user) { 1183 rv = 0; 1184 rcvr->chans &= ~chans; 1185 if (rcvr->chans == 0) { 1186 list_del_rcu(&rcvr->link); 1187 rcvr->next = rcvrs; 1188 rcvrs = rcvr; 1189 } 1190 } 1191 } 1192 mutex_unlock(&intf->cmd_rcvrs_mutex); 1193 synchronize_rcu(); 1194 while (rcvrs) { 1195 rcvr = rcvrs; 1196 rcvrs = rcvr->next; 1197 kfree(rcvr); 1198 } 1199 return rv; 1200 } 1201 1202 void ipmi_user_set_run_to_completion(ipmi_user_t user, int val) 1203 { 1204 ipmi_smi_t intf = user->intf; 1205 if (intf->handlers) 1206 intf->handlers->set_run_to_completion(intf->send_info, val); 1207 } 1208 1209 static unsigned char 1210 ipmb_checksum(unsigned char *data, int size) 1211 { 1212 unsigned char csum = 0; 1213 1214 for (; size > 0; size--, data++) 1215 csum += *data; 1216 1217 return -csum; 1218 } 1219 1220 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg, 1221 struct kernel_ipmi_msg *msg, 1222 struct ipmi_ipmb_addr *ipmb_addr, 1223 long msgid, 1224 unsigned char ipmb_seq, 1225 int broadcast, 1226 unsigned char source_address, 1227 unsigned char source_lun) 1228 { 1229 int i = broadcast; 1230 1231 /* Format the IPMB header data. */ 1232 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1233 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1234 smi_msg->data[2] = ipmb_addr->channel; 1235 if (broadcast) 1236 smi_msg->data[3] = 0; 1237 smi_msg->data[i+3] = ipmb_addr->slave_addr; 1238 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3); 1239 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2); 1240 smi_msg->data[i+6] = source_address; 1241 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun; 1242 smi_msg->data[i+8] = msg->cmd; 1243 1244 /* Now tack on the data to the message. */ 1245 if (msg->data_len > 0) 1246 memcpy(&(smi_msg->data[i+9]), msg->data, 1247 msg->data_len); 1248 smi_msg->data_size = msg->data_len + 9; 1249 1250 /* Now calculate the checksum and tack it on. */ 1251 smi_msg->data[i+smi_msg->data_size] 1252 = ipmb_checksum(&(smi_msg->data[i+6]), 1253 smi_msg->data_size-6); 1254 1255 /* Add on the checksum size and the offset from the 1256 broadcast. */ 1257 smi_msg->data_size += 1 + i; 1258 1259 smi_msg->msgid = msgid; 1260 } 1261 1262 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg, 1263 struct kernel_ipmi_msg *msg, 1264 struct ipmi_lan_addr *lan_addr, 1265 long msgid, 1266 unsigned char ipmb_seq, 1267 unsigned char source_lun) 1268 { 1269 /* Format the IPMB header data. */ 1270 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1271 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1272 smi_msg->data[2] = lan_addr->channel; 1273 smi_msg->data[3] = lan_addr->session_handle; 1274 smi_msg->data[4] = lan_addr->remote_SWID; 1275 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3); 1276 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2); 1277 smi_msg->data[7] = lan_addr->local_SWID; 1278 smi_msg->data[8] = (ipmb_seq << 2) | source_lun; 1279 smi_msg->data[9] = msg->cmd; 1280 1281 /* Now tack on the data to the message. */ 1282 if (msg->data_len > 0) 1283 memcpy(&(smi_msg->data[10]), msg->data, 1284 msg->data_len); 1285 smi_msg->data_size = msg->data_len + 10; 1286 1287 /* Now calculate the checksum and tack it on. */ 1288 smi_msg->data[smi_msg->data_size] 1289 = ipmb_checksum(&(smi_msg->data[7]), 1290 smi_msg->data_size-7); 1291 1292 /* Add on the checksum size and the offset from the 1293 broadcast. */ 1294 smi_msg->data_size += 1; 1295 1296 smi_msg->msgid = msgid; 1297 } 1298 1299 /* Separate from ipmi_request so that the user does not have to be 1300 supplied in certain circumstances (mainly at panic time). If 1301 messages are supplied, they will be freed, even if an error 1302 occurs. */ 1303 static int i_ipmi_request(ipmi_user_t user, 1304 ipmi_smi_t intf, 1305 struct ipmi_addr *addr, 1306 long msgid, 1307 struct kernel_ipmi_msg *msg, 1308 void *user_msg_data, 1309 void *supplied_smi, 1310 struct ipmi_recv_msg *supplied_recv, 1311 int priority, 1312 unsigned char source_address, 1313 unsigned char source_lun, 1314 int retries, 1315 unsigned int retry_time_ms) 1316 { 1317 int rv = 0; 1318 struct ipmi_smi_msg *smi_msg; 1319 struct ipmi_recv_msg *recv_msg; 1320 unsigned long flags; 1321 struct ipmi_smi_handlers *handlers; 1322 1323 1324 if (supplied_recv) { 1325 recv_msg = supplied_recv; 1326 } else { 1327 recv_msg = ipmi_alloc_recv_msg(); 1328 if (recv_msg == NULL) { 1329 return -ENOMEM; 1330 } 1331 } 1332 recv_msg->user_msg_data = user_msg_data; 1333 1334 if (supplied_smi) { 1335 smi_msg = (struct ipmi_smi_msg *) supplied_smi; 1336 } else { 1337 smi_msg = ipmi_alloc_smi_msg(); 1338 if (smi_msg == NULL) { 1339 ipmi_free_recv_msg(recv_msg); 1340 return -ENOMEM; 1341 } 1342 } 1343 1344 rcu_read_lock(); 1345 handlers = intf->handlers; 1346 if (!handlers) { 1347 rv = -ENODEV; 1348 goto out_err; 1349 } 1350 1351 recv_msg->user = user; 1352 if (user) 1353 kref_get(&user->refcount); 1354 recv_msg->msgid = msgid; 1355 /* Store the message to send in the receive message so timeout 1356 responses can get the proper response data. */ 1357 recv_msg->msg = *msg; 1358 1359 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 1360 struct ipmi_system_interface_addr *smi_addr; 1361 1362 if (msg->netfn & 1) { 1363 /* Responses are not allowed to the SMI. */ 1364 rv = -EINVAL; 1365 goto out_err; 1366 } 1367 1368 smi_addr = (struct ipmi_system_interface_addr *) addr; 1369 if (smi_addr->lun > 3) { 1370 spin_lock_irqsave(&intf->counter_lock, flags); 1371 intf->sent_invalid_commands++; 1372 spin_unlock_irqrestore(&intf->counter_lock, flags); 1373 rv = -EINVAL; 1374 goto out_err; 1375 } 1376 1377 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr)); 1378 1379 if ((msg->netfn == IPMI_NETFN_APP_REQUEST) 1380 && ((msg->cmd == IPMI_SEND_MSG_CMD) 1381 || (msg->cmd == IPMI_GET_MSG_CMD) 1382 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) 1383 { 1384 /* We don't let the user do these, since we manage 1385 the sequence numbers. */ 1386 spin_lock_irqsave(&intf->counter_lock, flags); 1387 intf->sent_invalid_commands++; 1388 spin_unlock_irqrestore(&intf->counter_lock, flags); 1389 rv = -EINVAL; 1390 goto out_err; 1391 } 1392 1393 if (((msg->netfn == IPMI_NETFN_APP_REQUEST) 1394 && ((msg->cmd == IPMI_COLD_RESET_CMD) 1395 || (msg->cmd == IPMI_WARM_RESET_CMD))) 1396 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST)) 1397 { 1398 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1399 intf->auto_maintenance_timeout 1400 = IPMI_MAINTENANCE_MODE_TIMEOUT; 1401 if (!intf->maintenance_mode 1402 && !intf->maintenance_mode_enable) 1403 { 1404 intf->maintenance_mode_enable = 1; 1405 maintenance_mode_update(intf); 1406 } 1407 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 1408 flags); 1409 } 1410 1411 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) { 1412 spin_lock_irqsave(&intf->counter_lock, flags); 1413 intf->sent_invalid_commands++; 1414 spin_unlock_irqrestore(&intf->counter_lock, flags); 1415 rv = -EMSGSIZE; 1416 goto out_err; 1417 } 1418 1419 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3); 1420 smi_msg->data[1] = msg->cmd; 1421 smi_msg->msgid = msgid; 1422 smi_msg->user_data = recv_msg; 1423 if (msg->data_len > 0) 1424 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len); 1425 smi_msg->data_size = msg->data_len + 2; 1426 spin_lock_irqsave(&intf->counter_lock, flags); 1427 intf->sent_local_commands++; 1428 spin_unlock_irqrestore(&intf->counter_lock, flags); 1429 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE) 1430 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 1431 { 1432 struct ipmi_ipmb_addr *ipmb_addr; 1433 unsigned char ipmb_seq; 1434 long seqid; 1435 int broadcast = 0; 1436 1437 if (addr->channel >= IPMI_MAX_CHANNELS) { 1438 spin_lock_irqsave(&intf->counter_lock, flags); 1439 intf->sent_invalid_commands++; 1440 spin_unlock_irqrestore(&intf->counter_lock, flags); 1441 rv = -EINVAL; 1442 goto out_err; 1443 } 1444 1445 if (intf->channels[addr->channel].medium 1446 != IPMI_CHANNEL_MEDIUM_IPMB) 1447 { 1448 spin_lock_irqsave(&intf->counter_lock, flags); 1449 intf->sent_invalid_commands++; 1450 spin_unlock_irqrestore(&intf->counter_lock, flags); 1451 rv = -EINVAL; 1452 goto out_err; 1453 } 1454 1455 if (retries < 0) { 1456 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) 1457 retries = 0; /* Don't retry broadcasts. */ 1458 else 1459 retries = 4; 1460 } 1461 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) { 1462 /* Broadcasts add a zero at the beginning of the 1463 message, but otherwise is the same as an IPMB 1464 address. */ 1465 addr->addr_type = IPMI_IPMB_ADDR_TYPE; 1466 broadcast = 1; 1467 } 1468 1469 1470 /* Default to 1 second retries. */ 1471 if (retry_time_ms == 0) 1472 retry_time_ms = 1000; 1473 1474 /* 9 for the header and 1 for the checksum, plus 1475 possibly one for the broadcast. */ 1476 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) { 1477 spin_lock_irqsave(&intf->counter_lock, flags); 1478 intf->sent_invalid_commands++; 1479 spin_unlock_irqrestore(&intf->counter_lock, flags); 1480 rv = -EMSGSIZE; 1481 goto out_err; 1482 } 1483 1484 ipmb_addr = (struct ipmi_ipmb_addr *) addr; 1485 if (ipmb_addr->lun > 3) { 1486 spin_lock_irqsave(&intf->counter_lock, flags); 1487 intf->sent_invalid_commands++; 1488 spin_unlock_irqrestore(&intf->counter_lock, flags); 1489 rv = -EINVAL; 1490 goto out_err; 1491 } 1492 1493 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr)); 1494 1495 if (recv_msg->msg.netfn & 0x1) { 1496 /* It's a response, so use the user's sequence 1497 from msgid. */ 1498 spin_lock_irqsave(&intf->counter_lock, flags); 1499 intf->sent_ipmb_responses++; 1500 spin_unlock_irqrestore(&intf->counter_lock, flags); 1501 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid, 1502 msgid, broadcast, 1503 source_address, source_lun); 1504 1505 /* Save the receive message so we can use it 1506 to deliver the response. */ 1507 smi_msg->user_data = recv_msg; 1508 } else { 1509 /* It's a command, so get a sequence for it. */ 1510 1511 spin_lock_irqsave(&(intf->seq_lock), flags); 1512 1513 spin_lock(&intf->counter_lock); 1514 intf->sent_ipmb_commands++; 1515 spin_unlock(&intf->counter_lock); 1516 1517 /* Create a sequence number with a 1 second 1518 timeout and 4 retries. */ 1519 rv = intf_next_seq(intf, 1520 recv_msg, 1521 retry_time_ms, 1522 retries, 1523 broadcast, 1524 &ipmb_seq, 1525 &seqid); 1526 if (rv) { 1527 /* We have used up all the sequence numbers, 1528 probably, so abort. */ 1529 spin_unlock_irqrestore(&(intf->seq_lock), 1530 flags); 1531 goto out_err; 1532 } 1533 1534 /* Store the sequence number in the message, 1535 so that when the send message response 1536 comes back we can start the timer. */ 1537 format_ipmb_msg(smi_msg, msg, ipmb_addr, 1538 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1539 ipmb_seq, broadcast, 1540 source_address, source_lun); 1541 1542 /* Copy the message into the recv message data, so we 1543 can retransmit it later if necessary. */ 1544 memcpy(recv_msg->msg_data, smi_msg->data, 1545 smi_msg->data_size); 1546 recv_msg->msg.data = recv_msg->msg_data; 1547 recv_msg->msg.data_len = smi_msg->data_size; 1548 1549 /* We don't unlock until here, because we need 1550 to copy the completed message into the 1551 recv_msg before we release the lock. 1552 Otherwise, race conditions may bite us. I 1553 know that's pretty paranoid, but I prefer 1554 to be correct. */ 1555 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1556 } 1557 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) { 1558 struct ipmi_lan_addr *lan_addr; 1559 unsigned char ipmb_seq; 1560 long seqid; 1561 1562 if (addr->channel >= IPMI_MAX_CHANNELS) { 1563 spin_lock_irqsave(&intf->counter_lock, flags); 1564 intf->sent_invalid_commands++; 1565 spin_unlock_irqrestore(&intf->counter_lock, flags); 1566 rv = -EINVAL; 1567 goto out_err; 1568 } 1569 1570 if ((intf->channels[addr->channel].medium 1571 != IPMI_CHANNEL_MEDIUM_8023LAN) 1572 && (intf->channels[addr->channel].medium 1573 != IPMI_CHANNEL_MEDIUM_ASYNC)) 1574 { 1575 spin_lock_irqsave(&intf->counter_lock, flags); 1576 intf->sent_invalid_commands++; 1577 spin_unlock_irqrestore(&intf->counter_lock, flags); 1578 rv = -EINVAL; 1579 goto out_err; 1580 } 1581 1582 retries = 4; 1583 1584 /* Default to 1 second retries. */ 1585 if (retry_time_ms == 0) 1586 retry_time_ms = 1000; 1587 1588 /* 11 for the header and 1 for the checksum. */ 1589 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) { 1590 spin_lock_irqsave(&intf->counter_lock, flags); 1591 intf->sent_invalid_commands++; 1592 spin_unlock_irqrestore(&intf->counter_lock, flags); 1593 rv = -EMSGSIZE; 1594 goto out_err; 1595 } 1596 1597 lan_addr = (struct ipmi_lan_addr *) addr; 1598 if (lan_addr->lun > 3) { 1599 spin_lock_irqsave(&intf->counter_lock, flags); 1600 intf->sent_invalid_commands++; 1601 spin_unlock_irqrestore(&intf->counter_lock, flags); 1602 rv = -EINVAL; 1603 goto out_err; 1604 } 1605 1606 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr)); 1607 1608 if (recv_msg->msg.netfn & 0x1) { 1609 /* It's a response, so use the user's sequence 1610 from msgid. */ 1611 spin_lock_irqsave(&intf->counter_lock, flags); 1612 intf->sent_lan_responses++; 1613 spin_unlock_irqrestore(&intf->counter_lock, flags); 1614 format_lan_msg(smi_msg, msg, lan_addr, msgid, 1615 msgid, source_lun); 1616 1617 /* Save the receive message so we can use it 1618 to deliver the response. */ 1619 smi_msg->user_data = recv_msg; 1620 } else { 1621 /* It's a command, so get a sequence for it. */ 1622 1623 spin_lock_irqsave(&(intf->seq_lock), flags); 1624 1625 spin_lock(&intf->counter_lock); 1626 intf->sent_lan_commands++; 1627 spin_unlock(&intf->counter_lock); 1628 1629 /* Create a sequence number with a 1 second 1630 timeout and 4 retries. */ 1631 rv = intf_next_seq(intf, 1632 recv_msg, 1633 retry_time_ms, 1634 retries, 1635 0, 1636 &ipmb_seq, 1637 &seqid); 1638 if (rv) { 1639 /* We have used up all the sequence numbers, 1640 probably, so abort. */ 1641 spin_unlock_irqrestore(&(intf->seq_lock), 1642 flags); 1643 goto out_err; 1644 } 1645 1646 /* Store the sequence number in the message, 1647 so that when the send message response 1648 comes back we can start the timer. */ 1649 format_lan_msg(smi_msg, msg, lan_addr, 1650 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1651 ipmb_seq, source_lun); 1652 1653 /* Copy the message into the recv message data, so we 1654 can retransmit it later if necessary. */ 1655 memcpy(recv_msg->msg_data, smi_msg->data, 1656 smi_msg->data_size); 1657 recv_msg->msg.data = recv_msg->msg_data; 1658 recv_msg->msg.data_len = smi_msg->data_size; 1659 1660 /* We don't unlock until here, because we need 1661 to copy the completed message into the 1662 recv_msg before we release the lock. 1663 Otherwise, race conditions may bite us. I 1664 know that's pretty paranoid, but I prefer 1665 to be correct. */ 1666 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1667 } 1668 } else { 1669 /* Unknown address type. */ 1670 spin_lock_irqsave(&intf->counter_lock, flags); 1671 intf->sent_invalid_commands++; 1672 spin_unlock_irqrestore(&intf->counter_lock, flags); 1673 rv = -EINVAL; 1674 goto out_err; 1675 } 1676 1677 #ifdef DEBUG_MSGING 1678 { 1679 int m; 1680 for (m = 0; m < smi_msg->data_size; m++) 1681 printk(" %2.2x", smi_msg->data[m]); 1682 printk("\n"); 1683 } 1684 #endif 1685 1686 handlers->sender(intf->send_info, smi_msg, priority); 1687 rcu_read_unlock(); 1688 1689 return 0; 1690 1691 out_err: 1692 rcu_read_unlock(); 1693 ipmi_free_smi_msg(smi_msg); 1694 ipmi_free_recv_msg(recv_msg); 1695 return rv; 1696 } 1697 1698 static int check_addr(ipmi_smi_t intf, 1699 struct ipmi_addr *addr, 1700 unsigned char *saddr, 1701 unsigned char *lun) 1702 { 1703 if (addr->channel >= IPMI_MAX_CHANNELS) 1704 return -EINVAL; 1705 *lun = intf->channels[addr->channel].lun; 1706 *saddr = intf->channels[addr->channel].address; 1707 return 0; 1708 } 1709 1710 int ipmi_request_settime(ipmi_user_t user, 1711 struct ipmi_addr *addr, 1712 long msgid, 1713 struct kernel_ipmi_msg *msg, 1714 void *user_msg_data, 1715 int priority, 1716 int retries, 1717 unsigned int retry_time_ms) 1718 { 1719 unsigned char saddr, lun; 1720 int rv; 1721 1722 if (!user) 1723 return -EINVAL; 1724 rv = check_addr(user->intf, addr, &saddr, &lun); 1725 if (rv) 1726 return rv; 1727 return i_ipmi_request(user, 1728 user->intf, 1729 addr, 1730 msgid, 1731 msg, 1732 user_msg_data, 1733 NULL, NULL, 1734 priority, 1735 saddr, 1736 lun, 1737 retries, 1738 retry_time_ms); 1739 } 1740 1741 int ipmi_request_supply_msgs(ipmi_user_t user, 1742 struct ipmi_addr *addr, 1743 long msgid, 1744 struct kernel_ipmi_msg *msg, 1745 void *user_msg_data, 1746 void *supplied_smi, 1747 struct ipmi_recv_msg *supplied_recv, 1748 int priority) 1749 { 1750 unsigned char saddr, lun; 1751 int rv; 1752 1753 if (!user) 1754 return -EINVAL; 1755 rv = check_addr(user->intf, addr, &saddr, &lun); 1756 if (rv) 1757 return rv; 1758 return i_ipmi_request(user, 1759 user->intf, 1760 addr, 1761 msgid, 1762 msg, 1763 user_msg_data, 1764 supplied_smi, 1765 supplied_recv, 1766 priority, 1767 saddr, 1768 lun, 1769 -1, 0); 1770 } 1771 1772 #ifdef CONFIG_PROC_FS 1773 static int ipmb_file_read_proc(char *page, char **start, off_t off, 1774 int count, int *eof, void *data) 1775 { 1776 char *out = (char *) page; 1777 ipmi_smi_t intf = data; 1778 int i; 1779 int rv = 0; 1780 1781 for (i = 0; i < IPMI_MAX_CHANNELS; i++) 1782 rv += sprintf(out+rv, "%x ", intf->channels[i].address); 1783 out[rv-1] = '\n'; /* Replace the final space with a newline */ 1784 out[rv] = '\0'; 1785 rv++; 1786 return rv; 1787 } 1788 1789 static int version_file_read_proc(char *page, char **start, off_t off, 1790 int count, int *eof, void *data) 1791 { 1792 char *out = (char *) page; 1793 ipmi_smi_t intf = data; 1794 1795 return sprintf(out, "%d.%d\n", 1796 ipmi_version_major(&intf->bmc->id), 1797 ipmi_version_minor(&intf->bmc->id)); 1798 } 1799 1800 static int stat_file_read_proc(char *page, char **start, off_t off, 1801 int count, int *eof, void *data) 1802 { 1803 char *out = (char *) page; 1804 ipmi_smi_t intf = data; 1805 1806 out += sprintf(out, "sent_invalid_commands: %d\n", 1807 intf->sent_invalid_commands); 1808 out += sprintf(out, "sent_local_commands: %d\n", 1809 intf->sent_local_commands); 1810 out += sprintf(out, "handled_local_responses: %d\n", 1811 intf->handled_local_responses); 1812 out += sprintf(out, "unhandled_local_responses: %d\n", 1813 intf->unhandled_local_responses); 1814 out += sprintf(out, "sent_ipmb_commands: %d\n", 1815 intf->sent_ipmb_commands); 1816 out += sprintf(out, "sent_ipmb_command_errs: %d\n", 1817 intf->sent_ipmb_command_errs); 1818 out += sprintf(out, "retransmitted_ipmb_commands: %d\n", 1819 intf->retransmitted_ipmb_commands); 1820 out += sprintf(out, "timed_out_ipmb_commands: %d\n", 1821 intf->timed_out_ipmb_commands); 1822 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n", 1823 intf->timed_out_ipmb_broadcasts); 1824 out += sprintf(out, "sent_ipmb_responses: %d\n", 1825 intf->sent_ipmb_responses); 1826 out += sprintf(out, "handled_ipmb_responses: %d\n", 1827 intf->handled_ipmb_responses); 1828 out += sprintf(out, "invalid_ipmb_responses: %d\n", 1829 intf->invalid_ipmb_responses); 1830 out += sprintf(out, "unhandled_ipmb_responses: %d\n", 1831 intf->unhandled_ipmb_responses); 1832 out += sprintf(out, "sent_lan_commands: %d\n", 1833 intf->sent_lan_commands); 1834 out += sprintf(out, "sent_lan_command_errs: %d\n", 1835 intf->sent_lan_command_errs); 1836 out += sprintf(out, "retransmitted_lan_commands: %d\n", 1837 intf->retransmitted_lan_commands); 1838 out += sprintf(out, "timed_out_lan_commands: %d\n", 1839 intf->timed_out_lan_commands); 1840 out += sprintf(out, "sent_lan_responses: %d\n", 1841 intf->sent_lan_responses); 1842 out += sprintf(out, "handled_lan_responses: %d\n", 1843 intf->handled_lan_responses); 1844 out += sprintf(out, "invalid_lan_responses: %d\n", 1845 intf->invalid_lan_responses); 1846 out += sprintf(out, "unhandled_lan_responses: %d\n", 1847 intf->unhandled_lan_responses); 1848 out += sprintf(out, "handled_commands: %d\n", 1849 intf->handled_commands); 1850 out += sprintf(out, "invalid_commands: %d\n", 1851 intf->invalid_commands); 1852 out += sprintf(out, "unhandled_commands: %d\n", 1853 intf->unhandled_commands); 1854 out += sprintf(out, "invalid_events: %d\n", 1855 intf->invalid_events); 1856 out += sprintf(out, "events: %d\n", 1857 intf->events); 1858 1859 return (out - ((char *) page)); 1860 } 1861 #endif /* CONFIG_PROC_FS */ 1862 1863 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name, 1864 read_proc_t *read_proc, write_proc_t *write_proc, 1865 void *data, struct module *owner) 1866 { 1867 int rv = 0; 1868 #ifdef CONFIG_PROC_FS 1869 struct proc_dir_entry *file; 1870 struct ipmi_proc_entry *entry; 1871 1872 /* Create a list element. */ 1873 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 1874 if (!entry) 1875 return -ENOMEM; 1876 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL); 1877 if (!entry->name) { 1878 kfree(entry); 1879 return -ENOMEM; 1880 } 1881 strcpy(entry->name, name); 1882 1883 file = create_proc_entry(name, 0, smi->proc_dir); 1884 if (!file) { 1885 kfree(entry->name); 1886 kfree(entry); 1887 rv = -ENOMEM; 1888 } else { 1889 file->data = data; 1890 file->read_proc = read_proc; 1891 file->write_proc = write_proc; 1892 file->owner = owner; 1893 1894 spin_lock(&smi->proc_entry_lock); 1895 /* Stick it on the list. */ 1896 entry->next = smi->proc_entries; 1897 smi->proc_entries = entry; 1898 spin_unlock(&smi->proc_entry_lock); 1899 } 1900 #endif /* CONFIG_PROC_FS */ 1901 1902 return rv; 1903 } 1904 1905 static int add_proc_entries(ipmi_smi_t smi, int num) 1906 { 1907 int rv = 0; 1908 1909 #ifdef CONFIG_PROC_FS 1910 sprintf(smi->proc_dir_name, "%d", num); 1911 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root); 1912 if (!smi->proc_dir) 1913 rv = -ENOMEM; 1914 else { 1915 smi->proc_dir->owner = THIS_MODULE; 1916 } 1917 1918 if (rv == 0) 1919 rv = ipmi_smi_add_proc_entry(smi, "stats", 1920 stat_file_read_proc, NULL, 1921 smi, THIS_MODULE); 1922 1923 if (rv == 0) 1924 rv = ipmi_smi_add_proc_entry(smi, "ipmb", 1925 ipmb_file_read_proc, NULL, 1926 smi, THIS_MODULE); 1927 1928 if (rv == 0) 1929 rv = ipmi_smi_add_proc_entry(smi, "version", 1930 version_file_read_proc, NULL, 1931 smi, THIS_MODULE); 1932 #endif /* CONFIG_PROC_FS */ 1933 1934 return rv; 1935 } 1936 1937 static void remove_proc_entries(ipmi_smi_t smi) 1938 { 1939 #ifdef CONFIG_PROC_FS 1940 struct ipmi_proc_entry *entry; 1941 1942 spin_lock(&smi->proc_entry_lock); 1943 while (smi->proc_entries) { 1944 entry = smi->proc_entries; 1945 smi->proc_entries = entry->next; 1946 1947 remove_proc_entry(entry->name, smi->proc_dir); 1948 kfree(entry->name); 1949 kfree(entry); 1950 } 1951 spin_unlock(&smi->proc_entry_lock); 1952 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root); 1953 #endif /* CONFIG_PROC_FS */ 1954 } 1955 1956 static int __find_bmc_guid(struct device *dev, void *data) 1957 { 1958 unsigned char *id = data; 1959 struct bmc_device *bmc = dev_get_drvdata(dev); 1960 return memcmp(bmc->guid, id, 16) == 0; 1961 } 1962 1963 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv, 1964 unsigned char *guid) 1965 { 1966 struct device *dev; 1967 1968 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid); 1969 if (dev) 1970 return dev_get_drvdata(dev); 1971 else 1972 return NULL; 1973 } 1974 1975 struct prod_dev_id { 1976 unsigned int product_id; 1977 unsigned char device_id; 1978 }; 1979 1980 static int __find_bmc_prod_dev_id(struct device *dev, void *data) 1981 { 1982 struct prod_dev_id *id = data; 1983 struct bmc_device *bmc = dev_get_drvdata(dev); 1984 1985 return (bmc->id.product_id == id->product_id 1986 && bmc->id.device_id == id->device_id); 1987 } 1988 1989 static struct bmc_device *ipmi_find_bmc_prod_dev_id( 1990 struct device_driver *drv, 1991 unsigned int product_id, unsigned char device_id) 1992 { 1993 struct prod_dev_id id = { 1994 .product_id = product_id, 1995 .device_id = device_id, 1996 }; 1997 struct device *dev; 1998 1999 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id); 2000 if (dev) 2001 return dev_get_drvdata(dev); 2002 else 2003 return NULL; 2004 } 2005 2006 static ssize_t device_id_show(struct device *dev, 2007 struct device_attribute *attr, 2008 char *buf) 2009 { 2010 struct bmc_device *bmc = dev_get_drvdata(dev); 2011 2012 return snprintf(buf, 10, "%u\n", bmc->id.device_id); 2013 } 2014 2015 static ssize_t provides_dev_sdrs_show(struct device *dev, 2016 struct device_attribute *attr, 2017 char *buf) 2018 { 2019 struct bmc_device *bmc = dev_get_drvdata(dev); 2020 2021 return snprintf(buf, 10, "%u\n", 2022 (bmc->id.device_revision & 0x80) >> 7); 2023 } 2024 2025 static ssize_t revision_show(struct device *dev, struct device_attribute *attr, 2026 char *buf) 2027 { 2028 struct bmc_device *bmc = dev_get_drvdata(dev); 2029 2030 return snprintf(buf, 20, "%u\n", 2031 bmc->id.device_revision & 0x0F); 2032 } 2033 2034 static ssize_t firmware_rev_show(struct device *dev, 2035 struct device_attribute *attr, 2036 char *buf) 2037 { 2038 struct bmc_device *bmc = dev_get_drvdata(dev); 2039 2040 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1, 2041 bmc->id.firmware_revision_2); 2042 } 2043 2044 static ssize_t ipmi_version_show(struct device *dev, 2045 struct device_attribute *attr, 2046 char *buf) 2047 { 2048 struct bmc_device *bmc = dev_get_drvdata(dev); 2049 2050 return snprintf(buf, 20, "%u.%u\n", 2051 ipmi_version_major(&bmc->id), 2052 ipmi_version_minor(&bmc->id)); 2053 } 2054 2055 static ssize_t add_dev_support_show(struct device *dev, 2056 struct device_attribute *attr, 2057 char *buf) 2058 { 2059 struct bmc_device *bmc = dev_get_drvdata(dev); 2060 2061 return snprintf(buf, 10, "0x%02x\n", 2062 bmc->id.additional_device_support); 2063 } 2064 2065 static ssize_t manufacturer_id_show(struct device *dev, 2066 struct device_attribute *attr, 2067 char *buf) 2068 { 2069 struct bmc_device *bmc = dev_get_drvdata(dev); 2070 2071 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id); 2072 } 2073 2074 static ssize_t product_id_show(struct device *dev, 2075 struct device_attribute *attr, 2076 char *buf) 2077 { 2078 struct bmc_device *bmc = dev_get_drvdata(dev); 2079 2080 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id); 2081 } 2082 2083 static ssize_t aux_firmware_rev_show(struct device *dev, 2084 struct device_attribute *attr, 2085 char *buf) 2086 { 2087 struct bmc_device *bmc = dev_get_drvdata(dev); 2088 2089 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n", 2090 bmc->id.aux_firmware_revision[3], 2091 bmc->id.aux_firmware_revision[2], 2092 bmc->id.aux_firmware_revision[1], 2093 bmc->id.aux_firmware_revision[0]); 2094 } 2095 2096 static ssize_t guid_show(struct device *dev, struct device_attribute *attr, 2097 char *buf) 2098 { 2099 struct bmc_device *bmc = dev_get_drvdata(dev); 2100 2101 return snprintf(buf, 100, "%Lx%Lx\n", 2102 (long long) bmc->guid[0], 2103 (long long) bmc->guid[8]); 2104 } 2105 2106 static void remove_files(struct bmc_device *bmc) 2107 { 2108 if (!bmc->dev) 2109 return; 2110 2111 device_remove_file(&bmc->dev->dev, 2112 &bmc->device_id_attr); 2113 device_remove_file(&bmc->dev->dev, 2114 &bmc->provides_dev_sdrs_attr); 2115 device_remove_file(&bmc->dev->dev, 2116 &bmc->revision_attr); 2117 device_remove_file(&bmc->dev->dev, 2118 &bmc->firmware_rev_attr); 2119 device_remove_file(&bmc->dev->dev, 2120 &bmc->version_attr); 2121 device_remove_file(&bmc->dev->dev, 2122 &bmc->add_dev_support_attr); 2123 device_remove_file(&bmc->dev->dev, 2124 &bmc->manufacturer_id_attr); 2125 device_remove_file(&bmc->dev->dev, 2126 &bmc->product_id_attr); 2127 2128 if (bmc->id.aux_firmware_revision_set) 2129 device_remove_file(&bmc->dev->dev, 2130 &bmc->aux_firmware_rev_attr); 2131 if (bmc->guid_set) 2132 device_remove_file(&bmc->dev->dev, 2133 &bmc->guid_attr); 2134 } 2135 2136 static void 2137 cleanup_bmc_device(struct kref *ref) 2138 { 2139 struct bmc_device *bmc; 2140 2141 bmc = container_of(ref, struct bmc_device, refcount); 2142 2143 remove_files(bmc); 2144 platform_device_unregister(bmc->dev); 2145 kfree(bmc); 2146 } 2147 2148 static void ipmi_bmc_unregister(ipmi_smi_t intf) 2149 { 2150 struct bmc_device *bmc = intf->bmc; 2151 2152 if (intf->sysfs_name) { 2153 sysfs_remove_link(&intf->si_dev->kobj, intf->sysfs_name); 2154 kfree(intf->sysfs_name); 2155 intf->sysfs_name = NULL; 2156 } 2157 if (intf->my_dev_name) { 2158 sysfs_remove_link(&bmc->dev->dev.kobj, intf->my_dev_name); 2159 kfree(intf->my_dev_name); 2160 intf->my_dev_name = NULL; 2161 } 2162 2163 mutex_lock(&ipmidriver_mutex); 2164 kref_put(&bmc->refcount, cleanup_bmc_device); 2165 intf->bmc = NULL; 2166 mutex_unlock(&ipmidriver_mutex); 2167 } 2168 2169 static int create_files(struct bmc_device *bmc) 2170 { 2171 int err; 2172 2173 bmc->device_id_attr.attr.name = "device_id"; 2174 bmc->device_id_attr.attr.mode = S_IRUGO; 2175 bmc->device_id_attr.show = device_id_show; 2176 2177 bmc->provides_dev_sdrs_attr.attr.name = "provides_device_sdrs"; 2178 bmc->provides_dev_sdrs_attr.attr.mode = S_IRUGO; 2179 bmc->provides_dev_sdrs_attr.show = provides_dev_sdrs_show; 2180 2181 bmc->revision_attr.attr.name = "revision"; 2182 bmc->revision_attr.attr.mode = S_IRUGO; 2183 bmc->revision_attr.show = revision_show; 2184 2185 bmc->firmware_rev_attr.attr.name = "firmware_revision"; 2186 bmc->firmware_rev_attr.attr.mode = S_IRUGO; 2187 bmc->firmware_rev_attr.show = firmware_rev_show; 2188 2189 bmc->version_attr.attr.name = "ipmi_version"; 2190 bmc->version_attr.attr.mode = S_IRUGO; 2191 bmc->version_attr.show = ipmi_version_show; 2192 2193 bmc->add_dev_support_attr.attr.name = "additional_device_support"; 2194 bmc->add_dev_support_attr.attr.mode = S_IRUGO; 2195 bmc->add_dev_support_attr.show = add_dev_support_show; 2196 2197 bmc->manufacturer_id_attr.attr.name = "manufacturer_id"; 2198 bmc->manufacturer_id_attr.attr.mode = S_IRUGO; 2199 bmc->manufacturer_id_attr.show = manufacturer_id_show; 2200 2201 bmc->product_id_attr.attr.name = "product_id"; 2202 bmc->product_id_attr.attr.mode = S_IRUGO; 2203 bmc->product_id_attr.show = product_id_show; 2204 2205 bmc->guid_attr.attr.name = "guid"; 2206 bmc->guid_attr.attr.mode = S_IRUGO; 2207 bmc->guid_attr.show = guid_show; 2208 2209 bmc->aux_firmware_rev_attr.attr.name = "aux_firmware_revision"; 2210 bmc->aux_firmware_rev_attr.attr.mode = S_IRUGO; 2211 bmc->aux_firmware_rev_attr.show = aux_firmware_rev_show; 2212 2213 err = device_create_file(&bmc->dev->dev, 2214 &bmc->device_id_attr); 2215 if (err) goto out; 2216 err = device_create_file(&bmc->dev->dev, 2217 &bmc->provides_dev_sdrs_attr); 2218 if (err) goto out_devid; 2219 err = device_create_file(&bmc->dev->dev, 2220 &bmc->revision_attr); 2221 if (err) goto out_sdrs; 2222 err = device_create_file(&bmc->dev->dev, 2223 &bmc->firmware_rev_attr); 2224 if (err) goto out_rev; 2225 err = device_create_file(&bmc->dev->dev, 2226 &bmc->version_attr); 2227 if (err) goto out_firm; 2228 err = device_create_file(&bmc->dev->dev, 2229 &bmc->add_dev_support_attr); 2230 if (err) goto out_version; 2231 err = device_create_file(&bmc->dev->dev, 2232 &bmc->manufacturer_id_attr); 2233 if (err) goto out_add_dev; 2234 err = device_create_file(&bmc->dev->dev, 2235 &bmc->product_id_attr); 2236 if (err) goto out_manu; 2237 if (bmc->id.aux_firmware_revision_set) { 2238 err = device_create_file(&bmc->dev->dev, 2239 &bmc->aux_firmware_rev_attr); 2240 if (err) goto out_prod_id; 2241 } 2242 if (bmc->guid_set) { 2243 err = device_create_file(&bmc->dev->dev, 2244 &bmc->guid_attr); 2245 if (err) goto out_aux_firm; 2246 } 2247 2248 return 0; 2249 2250 out_aux_firm: 2251 if (bmc->id.aux_firmware_revision_set) 2252 device_remove_file(&bmc->dev->dev, 2253 &bmc->aux_firmware_rev_attr); 2254 out_prod_id: 2255 device_remove_file(&bmc->dev->dev, 2256 &bmc->product_id_attr); 2257 out_manu: 2258 device_remove_file(&bmc->dev->dev, 2259 &bmc->manufacturer_id_attr); 2260 out_add_dev: 2261 device_remove_file(&bmc->dev->dev, 2262 &bmc->add_dev_support_attr); 2263 out_version: 2264 device_remove_file(&bmc->dev->dev, 2265 &bmc->version_attr); 2266 out_firm: 2267 device_remove_file(&bmc->dev->dev, 2268 &bmc->firmware_rev_attr); 2269 out_rev: 2270 device_remove_file(&bmc->dev->dev, 2271 &bmc->revision_attr); 2272 out_sdrs: 2273 device_remove_file(&bmc->dev->dev, 2274 &bmc->provides_dev_sdrs_attr); 2275 out_devid: 2276 device_remove_file(&bmc->dev->dev, 2277 &bmc->device_id_attr); 2278 out: 2279 return err; 2280 } 2281 2282 static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum, 2283 const char *sysfs_name) 2284 { 2285 int rv; 2286 struct bmc_device *bmc = intf->bmc; 2287 struct bmc_device *old_bmc; 2288 int size; 2289 char dummy[1]; 2290 2291 mutex_lock(&ipmidriver_mutex); 2292 2293 /* 2294 * Try to find if there is an bmc_device struct 2295 * representing the interfaced BMC already 2296 */ 2297 if (bmc->guid_set) 2298 old_bmc = ipmi_find_bmc_guid(&ipmidriver, bmc->guid); 2299 else 2300 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver, 2301 bmc->id.product_id, 2302 bmc->id.device_id); 2303 2304 /* 2305 * If there is already an bmc_device, free the new one, 2306 * otherwise register the new BMC device 2307 */ 2308 if (old_bmc) { 2309 kfree(bmc); 2310 intf->bmc = old_bmc; 2311 bmc = old_bmc; 2312 2313 kref_get(&bmc->refcount); 2314 mutex_unlock(&ipmidriver_mutex); 2315 2316 printk(KERN_INFO 2317 "ipmi: interfacing existing BMC (man_id: 0x%6.6x," 2318 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2319 bmc->id.manufacturer_id, 2320 bmc->id.product_id, 2321 bmc->id.device_id); 2322 } else { 2323 char name[14]; 2324 unsigned char orig_dev_id = bmc->id.device_id; 2325 int warn_printed = 0; 2326 2327 snprintf(name, sizeof(name), 2328 "ipmi_bmc.%4.4x", bmc->id.product_id); 2329 2330 while (ipmi_find_bmc_prod_dev_id(&ipmidriver, 2331 bmc->id.product_id, 2332 bmc->id.device_id)) { 2333 if (!warn_printed) { 2334 printk(KERN_WARNING PFX 2335 "This machine has two different BMCs" 2336 " with the same product id and device" 2337 " id. This is an error in the" 2338 " firmware, but incrementing the" 2339 " device id to work around the problem." 2340 " Prod ID = 0x%x, Dev ID = 0x%x\n", 2341 bmc->id.product_id, bmc->id.device_id); 2342 warn_printed = 1; 2343 } 2344 bmc->id.device_id++; /* Wraps at 255 */ 2345 if (bmc->id.device_id == orig_dev_id) { 2346 printk(KERN_ERR PFX 2347 "Out of device ids!\n"); 2348 break; 2349 } 2350 } 2351 2352 bmc->dev = platform_device_alloc(name, bmc->id.device_id); 2353 if (!bmc->dev) { 2354 mutex_unlock(&ipmidriver_mutex); 2355 printk(KERN_ERR 2356 "ipmi_msghandler:" 2357 " Unable to allocate platform device\n"); 2358 return -ENOMEM; 2359 } 2360 bmc->dev->dev.driver = &ipmidriver; 2361 dev_set_drvdata(&bmc->dev->dev, bmc); 2362 kref_init(&bmc->refcount); 2363 2364 rv = platform_device_add(bmc->dev); 2365 mutex_unlock(&ipmidriver_mutex); 2366 if (rv) { 2367 platform_device_put(bmc->dev); 2368 bmc->dev = NULL; 2369 printk(KERN_ERR 2370 "ipmi_msghandler:" 2371 " Unable to register bmc device: %d\n", 2372 rv); 2373 /* Don't go to out_err, you can only do that if 2374 the device is registered already. */ 2375 return rv; 2376 } 2377 2378 rv = create_files(bmc); 2379 if (rv) { 2380 mutex_lock(&ipmidriver_mutex); 2381 platform_device_unregister(bmc->dev); 2382 mutex_unlock(&ipmidriver_mutex); 2383 2384 return rv; 2385 } 2386 2387 printk(KERN_INFO 2388 "ipmi: Found new BMC (man_id: 0x%6.6x, " 2389 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2390 bmc->id.manufacturer_id, 2391 bmc->id.product_id, 2392 bmc->id.device_id); 2393 } 2394 2395 /* 2396 * create symlink from system interface device to bmc device 2397 * and back. 2398 */ 2399 intf->sysfs_name = kstrdup(sysfs_name, GFP_KERNEL); 2400 if (!intf->sysfs_name) { 2401 rv = -ENOMEM; 2402 printk(KERN_ERR 2403 "ipmi_msghandler: allocate link to BMC: %d\n", 2404 rv); 2405 goto out_err; 2406 } 2407 2408 rv = sysfs_create_link(&intf->si_dev->kobj, 2409 &bmc->dev->dev.kobj, intf->sysfs_name); 2410 if (rv) { 2411 kfree(intf->sysfs_name); 2412 intf->sysfs_name = NULL; 2413 printk(KERN_ERR 2414 "ipmi_msghandler: Unable to create bmc symlink: %d\n", 2415 rv); 2416 goto out_err; 2417 } 2418 2419 size = snprintf(dummy, 0, "ipmi%d", ifnum); 2420 intf->my_dev_name = kmalloc(size+1, GFP_KERNEL); 2421 if (!intf->my_dev_name) { 2422 kfree(intf->sysfs_name); 2423 intf->sysfs_name = NULL; 2424 rv = -ENOMEM; 2425 printk(KERN_ERR 2426 "ipmi_msghandler: allocate link from BMC: %d\n", 2427 rv); 2428 goto out_err; 2429 } 2430 snprintf(intf->my_dev_name, size+1, "ipmi%d", ifnum); 2431 2432 rv = sysfs_create_link(&bmc->dev->dev.kobj, &intf->si_dev->kobj, 2433 intf->my_dev_name); 2434 if (rv) { 2435 kfree(intf->sysfs_name); 2436 intf->sysfs_name = NULL; 2437 kfree(intf->my_dev_name); 2438 intf->my_dev_name = NULL; 2439 printk(KERN_ERR 2440 "ipmi_msghandler:" 2441 " Unable to create symlink to bmc: %d\n", 2442 rv); 2443 goto out_err; 2444 } 2445 2446 return 0; 2447 2448 out_err: 2449 ipmi_bmc_unregister(intf); 2450 return rv; 2451 } 2452 2453 static int 2454 send_guid_cmd(ipmi_smi_t intf, int chan) 2455 { 2456 struct kernel_ipmi_msg msg; 2457 struct ipmi_system_interface_addr si; 2458 2459 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2460 si.channel = IPMI_BMC_CHANNEL; 2461 si.lun = 0; 2462 2463 msg.netfn = IPMI_NETFN_APP_REQUEST; 2464 msg.cmd = IPMI_GET_DEVICE_GUID_CMD; 2465 msg.data = NULL; 2466 msg.data_len = 0; 2467 return i_ipmi_request(NULL, 2468 intf, 2469 (struct ipmi_addr *) &si, 2470 0, 2471 &msg, 2472 intf, 2473 NULL, 2474 NULL, 2475 0, 2476 intf->channels[0].address, 2477 intf->channels[0].lun, 2478 -1, 0); 2479 } 2480 2481 static void 2482 guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2483 { 2484 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2485 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE) 2486 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD)) 2487 /* Not for me */ 2488 return; 2489 2490 if (msg->msg.data[0] != 0) { 2491 /* Error from getting the GUID, the BMC doesn't have one. */ 2492 intf->bmc->guid_set = 0; 2493 goto out; 2494 } 2495 2496 if (msg->msg.data_len < 17) { 2497 intf->bmc->guid_set = 0; 2498 printk(KERN_WARNING PFX 2499 "guid_handler: The GUID response from the BMC was too" 2500 " short, it was %d but should have been 17. Assuming" 2501 " GUID is not available.\n", 2502 msg->msg.data_len); 2503 goto out; 2504 } 2505 2506 memcpy(intf->bmc->guid, msg->msg.data, 16); 2507 intf->bmc->guid_set = 1; 2508 out: 2509 wake_up(&intf->waitq); 2510 } 2511 2512 static void 2513 get_guid(ipmi_smi_t intf) 2514 { 2515 int rv; 2516 2517 intf->bmc->guid_set = 0x2; 2518 intf->null_user_handler = guid_handler; 2519 rv = send_guid_cmd(intf, 0); 2520 if (rv) 2521 /* Send failed, no GUID available. */ 2522 intf->bmc->guid_set = 0; 2523 wait_event(intf->waitq, intf->bmc->guid_set != 2); 2524 intf->null_user_handler = NULL; 2525 } 2526 2527 static int 2528 send_channel_info_cmd(ipmi_smi_t intf, int chan) 2529 { 2530 struct kernel_ipmi_msg msg; 2531 unsigned char data[1]; 2532 struct ipmi_system_interface_addr si; 2533 2534 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2535 si.channel = IPMI_BMC_CHANNEL; 2536 si.lun = 0; 2537 2538 msg.netfn = IPMI_NETFN_APP_REQUEST; 2539 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD; 2540 msg.data = data; 2541 msg.data_len = 1; 2542 data[0] = chan; 2543 return i_ipmi_request(NULL, 2544 intf, 2545 (struct ipmi_addr *) &si, 2546 0, 2547 &msg, 2548 intf, 2549 NULL, 2550 NULL, 2551 0, 2552 intf->channels[0].address, 2553 intf->channels[0].lun, 2554 -1, 0); 2555 } 2556 2557 static void 2558 channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2559 { 2560 int rv = 0; 2561 int chan; 2562 2563 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2564 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 2565 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) 2566 { 2567 /* It's the one we want */ 2568 if (msg->msg.data[0] != 0) { 2569 /* Got an error from the channel, just go on. */ 2570 2571 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) { 2572 /* If the MC does not support this 2573 command, that is legal. We just 2574 assume it has one IPMB at channel 2575 zero. */ 2576 intf->channels[0].medium 2577 = IPMI_CHANNEL_MEDIUM_IPMB; 2578 intf->channels[0].protocol 2579 = IPMI_CHANNEL_PROTOCOL_IPMB; 2580 rv = -ENOSYS; 2581 2582 intf->curr_channel = IPMI_MAX_CHANNELS; 2583 wake_up(&intf->waitq); 2584 goto out; 2585 } 2586 goto next_channel; 2587 } 2588 if (msg->msg.data_len < 4) { 2589 /* Message not big enough, just go on. */ 2590 goto next_channel; 2591 } 2592 chan = intf->curr_channel; 2593 intf->channels[chan].medium = msg->msg.data[2] & 0x7f; 2594 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f; 2595 2596 next_channel: 2597 intf->curr_channel++; 2598 if (intf->curr_channel >= IPMI_MAX_CHANNELS) 2599 wake_up(&intf->waitq); 2600 else 2601 rv = send_channel_info_cmd(intf, intf->curr_channel); 2602 2603 if (rv) { 2604 /* Got an error somehow, just give up. */ 2605 intf->curr_channel = IPMI_MAX_CHANNELS; 2606 wake_up(&intf->waitq); 2607 2608 printk(KERN_WARNING PFX 2609 "Error sending channel information: %d\n", 2610 rv); 2611 } 2612 } 2613 out: 2614 return; 2615 } 2616 2617 int ipmi_register_smi(struct ipmi_smi_handlers *handlers, 2618 void *send_info, 2619 struct ipmi_device_id *device_id, 2620 struct device *si_dev, 2621 const char *sysfs_name, 2622 unsigned char slave_addr) 2623 { 2624 int i, j; 2625 int rv; 2626 ipmi_smi_t intf; 2627 ipmi_smi_t tintf; 2628 struct list_head *link; 2629 2630 /* Make sure the driver is actually initialized, this handles 2631 problems with initialization order. */ 2632 if (!initialized) { 2633 rv = ipmi_init_msghandler(); 2634 if (rv) 2635 return rv; 2636 /* The init code doesn't return an error if it was turned 2637 off, but it won't initialize. Check that. */ 2638 if (!initialized) 2639 return -ENODEV; 2640 } 2641 2642 intf = kzalloc(sizeof(*intf), GFP_KERNEL); 2643 if (!intf) 2644 return -ENOMEM; 2645 2646 intf->ipmi_version_major = ipmi_version_major(device_id); 2647 intf->ipmi_version_minor = ipmi_version_minor(device_id); 2648 2649 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL); 2650 if (!intf->bmc) { 2651 kfree(intf); 2652 return -ENOMEM; 2653 } 2654 intf->intf_num = -1; /* Mark it invalid for now. */ 2655 kref_init(&intf->refcount); 2656 intf->bmc->id = *device_id; 2657 intf->si_dev = si_dev; 2658 for (j = 0; j < IPMI_MAX_CHANNELS; j++) { 2659 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR; 2660 intf->channels[j].lun = 2; 2661 } 2662 if (slave_addr != 0) 2663 intf->channels[0].address = slave_addr; 2664 INIT_LIST_HEAD(&intf->users); 2665 intf->handlers = handlers; 2666 intf->send_info = send_info; 2667 spin_lock_init(&intf->seq_lock); 2668 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) { 2669 intf->seq_table[j].inuse = 0; 2670 intf->seq_table[j].seqid = 0; 2671 } 2672 intf->curr_seq = 0; 2673 #ifdef CONFIG_PROC_FS 2674 spin_lock_init(&intf->proc_entry_lock); 2675 #endif 2676 spin_lock_init(&intf->waiting_msgs_lock); 2677 INIT_LIST_HEAD(&intf->waiting_msgs); 2678 spin_lock_init(&intf->events_lock); 2679 INIT_LIST_HEAD(&intf->waiting_events); 2680 intf->waiting_events_count = 0; 2681 mutex_init(&intf->cmd_rcvrs_mutex); 2682 spin_lock_init(&intf->maintenance_mode_lock); 2683 INIT_LIST_HEAD(&intf->cmd_rcvrs); 2684 init_waitqueue_head(&intf->waitq); 2685 2686 spin_lock_init(&intf->counter_lock); 2687 intf->proc_dir = NULL; 2688 2689 mutex_lock(&smi_watchers_mutex); 2690 mutex_lock(&ipmi_interfaces_mutex); 2691 /* Look for a hole in the numbers. */ 2692 i = 0; 2693 link = &ipmi_interfaces; 2694 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) { 2695 if (tintf->intf_num != i) { 2696 link = &tintf->link; 2697 break; 2698 } 2699 i++; 2700 } 2701 /* Add the new interface in numeric order. */ 2702 if (i == 0) 2703 list_add_rcu(&intf->link, &ipmi_interfaces); 2704 else 2705 list_add_tail_rcu(&intf->link, link); 2706 2707 rv = handlers->start_processing(send_info, intf); 2708 if (rv) 2709 goto out; 2710 2711 get_guid(intf); 2712 2713 if ((intf->ipmi_version_major > 1) 2714 || ((intf->ipmi_version_major == 1) 2715 && (intf->ipmi_version_minor >= 5))) 2716 { 2717 /* Start scanning the channels to see what is 2718 available. */ 2719 intf->null_user_handler = channel_handler; 2720 intf->curr_channel = 0; 2721 rv = send_channel_info_cmd(intf, 0); 2722 if (rv) 2723 goto out; 2724 2725 /* Wait for the channel info to be read. */ 2726 wait_event(intf->waitq, 2727 intf->curr_channel >= IPMI_MAX_CHANNELS); 2728 intf->null_user_handler = NULL; 2729 } else { 2730 /* Assume a single IPMB channel at zero. */ 2731 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB; 2732 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB; 2733 } 2734 2735 if (rv == 0) 2736 rv = add_proc_entries(intf, i); 2737 2738 rv = ipmi_bmc_register(intf, i, sysfs_name); 2739 2740 out: 2741 if (rv) { 2742 if (intf->proc_dir) 2743 remove_proc_entries(intf); 2744 intf->handlers = NULL; 2745 list_del_rcu(&intf->link); 2746 mutex_unlock(&ipmi_interfaces_mutex); 2747 mutex_unlock(&smi_watchers_mutex); 2748 synchronize_rcu(); 2749 kref_put(&intf->refcount, intf_free); 2750 } else { 2751 /* 2752 * Keep memory order straight for RCU readers. Make 2753 * sure everything else is committed to memory before 2754 * setting intf_num to mark the interface valid. 2755 */ 2756 smp_wmb(); 2757 intf->intf_num = i; 2758 mutex_unlock(&ipmi_interfaces_mutex); 2759 /* After this point the interface is legal to use. */ 2760 call_smi_watchers(i, intf->si_dev); 2761 mutex_unlock(&smi_watchers_mutex); 2762 } 2763 2764 return rv; 2765 } 2766 2767 static void cleanup_smi_msgs(ipmi_smi_t intf) 2768 { 2769 int i; 2770 struct seq_table *ent; 2771 2772 /* No need for locks, the interface is down. */ 2773 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 2774 ent = &(intf->seq_table[i]); 2775 if (!ent->inuse) 2776 continue; 2777 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED); 2778 } 2779 } 2780 2781 int ipmi_unregister_smi(ipmi_smi_t intf) 2782 { 2783 struct ipmi_smi_watcher *w; 2784 int intf_num = intf->intf_num; 2785 2786 ipmi_bmc_unregister(intf); 2787 2788 mutex_lock(&smi_watchers_mutex); 2789 mutex_lock(&ipmi_interfaces_mutex); 2790 intf->intf_num = -1; 2791 intf->handlers = NULL; 2792 list_del_rcu(&intf->link); 2793 mutex_unlock(&ipmi_interfaces_mutex); 2794 synchronize_rcu(); 2795 2796 cleanup_smi_msgs(intf); 2797 2798 remove_proc_entries(intf); 2799 2800 /* Call all the watcher interfaces to tell them that 2801 an interface is gone. */ 2802 list_for_each_entry(w, &smi_watchers, link) 2803 w->smi_gone(intf_num); 2804 mutex_unlock(&smi_watchers_mutex); 2805 2806 kref_put(&intf->refcount, intf_free); 2807 return 0; 2808 } 2809 2810 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf, 2811 struct ipmi_smi_msg *msg) 2812 { 2813 struct ipmi_ipmb_addr ipmb_addr; 2814 struct ipmi_recv_msg *recv_msg; 2815 unsigned long flags; 2816 2817 2818 /* This is 11, not 10, because the response must contain a 2819 * completion code. */ 2820 if (msg->rsp_size < 11) { 2821 /* Message not big enough, just ignore it. */ 2822 spin_lock_irqsave(&intf->counter_lock, flags); 2823 intf->invalid_ipmb_responses++; 2824 spin_unlock_irqrestore(&intf->counter_lock, flags); 2825 return 0; 2826 } 2827 2828 if (msg->rsp[2] != 0) { 2829 /* An error getting the response, just ignore it. */ 2830 return 0; 2831 } 2832 2833 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE; 2834 ipmb_addr.slave_addr = msg->rsp[6]; 2835 ipmb_addr.channel = msg->rsp[3] & 0x0f; 2836 ipmb_addr.lun = msg->rsp[7] & 3; 2837 2838 /* It's a response from a remote entity. Look up the sequence 2839 number and handle the response. */ 2840 if (intf_find_seq(intf, 2841 msg->rsp[7] >> 2, 2842 msg->rsp[3] & 0x0f, 2843 msg->rsp[8], 2844 (msg->rsp[4] >> 2) & (~1), 2845 (struct ipmi_addr *) &(ipmb_addr), 2846 &recv_msg)) 2847 { 2848 /* We were unable to find the sequence number, 2849 so just nuke the message. */ 2850 spin_lock_irqsave(&intf->counter_lock, flags); 2851 intf->unhandled_ipmb_responses++; 2852 spin_unlock_irqrestore(&intf->counter_lock, flags); 2853 return 0; 2854 } 2855 2856 memcpy(recv_msg->msg_data, 2857 &(msg->rsp[9]), 2858 msg->rsp_size - 9); 2859 /* THe other fields matched, so no need to set them, except 2860 for netfn, which needs to be the response that was 2861 returned, not the request value. */ 2862 recv_msg->msg.netfn = msg->rsp[4] >> 2; 2863 recv_msg->msg.data = recv_msg->msg_data; 2864 recv_msg->msg.data_len = msg->rsp_size - 10; 2865 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 2866 spin_lock_irqsave(&intf->counter_lock, flags); 2867 intf->handled_ipmb_responses++; 2868 spin_unlock_irqrestore(&intf->counter_lock, flags); 2869 deliver_response(recv_msg); 2870 2871 return 0; 2872 } 2873 2874 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf, 2875 struct ipmi_smi_msg *msg) 2876 { 2877 struct cmd_rcvr *rcvr; 2878 int rv = 0; 2879 unsigned char netfn; 2880 unsigned char cmd; 2881 unsigned char chan; 2882 ipmi_user_t user = NULL; 2883 struct ipmi_ipmb_addr *ipmb_addr; 2884 struct ipmi_recv_msg *recv_msg; 2885 unsigned long flags; 2886 struct ipmi_smi_handlers *handlers; 2887 2888 if (msg->rsp_size < 10) { 2889 /* Message not big enough, just ignore it. */ 2890 spin_lock_irqsave(&intf->counter_lock, flags); 2891 intf->invalid_commands++; 2892 spin_unlock_irqrestore(&intf->counter_lock, flags); 2893 return 0; 2894 } 2895 2896 if (msg->rsp[2] != 0) { 2897 /* An error getting the response, just ignore it. */ 2898 return 0; 2899 } 2900 2901 netfn = msg->rsp[4] >> 2; 2902 cmd = msg->rsp[8]; 2903 chan = msg->rsp[3] & 0xf; 2904 2905 rcu_read_lock(); 2906 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 2907 if (rcvr) { 2908 user = rcvr->user; 2909 kref_get(&user->refcount); 2910 } else 2911 user = NULL; 2912 rcu_read_unlock(); 2913 2914 if (user == NULL) { 2915 /* We didn't find a user, deliver an error response. */ 2916 spin_lock_irqsave(&intf->counter_lock, flags); 2917 intf->unhandled_commands++; 2918 spin_unlock_irqrestore(&intf->counter_lock, flags); 2919 2920 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 2921 msg->data[1] = IPMI_SEND_MSG_CMD; 2922 msg->data[2] = msg->rsp[3]; 2923 msg->data[3] = msg->rsp[6]; 2924 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3); 2925 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2); 2926 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address; 2927 /* rqseq/lun */ 2928 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3); 2929 msg->data[8] = msg->rsp[8]; /* cmd */ 2930 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE; 2931 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4); 2932 msg->data_size = 11; 2933 2934 #ifdef DEBUG_MSGING 2935 { 2936 int m; 2937 printk("Invalid command:"); 2938 for (m = 0; m < msg->data_size; m++) 2939 printk(" %2.2x", msg->data[m]); 2940 printk("\n"); 2941 } 2942 #endif 2943 rcu_read_lock(); 2944 handlers = intf->handlers; 2945 if (handlers) { 2946 handlers->sender(intf->send_info, msg, 0); 2947 /* We used the message, so return the value 2948 that causes it to not be freed or 2949 queued. */ 2950 rv = -1; 2951 } 2952 rcu_read_unlock(); 2953 } else { 2954 /* Deliver the message to the user. */ 2955 spin_lock_irqsave(&intf->counter_lock, flags); 2956 intf->handled_commands++; 2957 spin_unlock_irqrestore(&intf->counter_lock, flags); 2958 2959 recv_msg = ipmi_alloc_recv_msg(); 2960 if (!recv_msg) { 2961 /* We couldn't allocate memory for the 2962 message, so requeue it for handling 2963 later. */ 2964 rv = 1; 2965 kref_put(&user->refcount, free_user); 2966 } else { 2967 /* Extract the source address from the data. */ 2968 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr; 2969 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE; 2970 ipmb_addr->slave_addr = msg->rsp[6]; 2971 ipmb_addr->lun = msg->rsp[7] & 3; 2972 ipmb_addr->channel = msg->rsp[3] & 0xf; 2973 2974 /* Extract the rest of the message information 2975 from the IPMB header.*/ 2976 recv_msg->user = user; 2977 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 2978 recv_msg->msgid = msg->rsp[7] >> 2; 2979 recv_msg->msg.netfn = msg->rsp[4] >> 2; 2980 recv_msg->msg.cmd = msg->rsp[8]; 2981 recv_msg->msg.data = recv_msg->msg_data; 2982 2983 /* We chop off 10, not 9 bytes because the checksum 2984 at the end also needs to be removed. */ 2985 recv_msg->msg.data_len = msg->rsp_size - 10; 2986 memcpy(recv_msg->msg_data, 2987 &(msg->rsp[9]), 2988 msg->rsp_size - 10); 2989 deliver_response(recv_msg); 2990 } 2991 } 2992 2993 return rv; 2994 } 2995 2996 static int handle_lan_get_msg_rsp(ipmi_smi_t intf, 2997 struct ipmi_smi_msg *msg) 2998 { 2999 struct ipmi_lan_addr lan_addr; 3000 struct ipmi_recv_msg *recv_msg; 3001 unsigned long flags; 3002 3003 3004 /* This is 13, not 12, because the response must contain a 3005 * completion code. */ 3006 if (msg->rsp_size < 13) { 3007 /* Message not big enough, just ignore it. */ 3008 spin_lock_irqsave(&intf->counter_lock, flags); 3009 intf->invalid_lan_responses++; 3010 spin_unlock_irqrestore(&intf->counter_lock, flags); 3011 return 0; 3012 } 3013 3014 if (msg->rsp[2] != 0) { 3015 /* An error getting the response, just ignore it. */ 3016 return 0; 3017 } 3018 3019 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE; 3020 lan_addr.session_handle = msg->rsp[4]; 3021 lan_addr.remote_SWID = msg->rsp[8]; 3022 lan_addr.local_SWID = msg->rsp[5]; 3023 lan_addr.channel = msg->rsp[3] & 0x0f; 3024 lan_addr.privilege = msg->rsp[3] >> 4; 3025 lan_addr.lun = msg->rsp[9] & 3; 3026 3027 /* It's a response from a remote entity. Look up the sequence 3028 number and handle the response. */ 3029 if (intf_find_seq(intf, 3030 msg->rsp[9] >> 2, 3031 msg->rsp[3] & 0x0f, 3032 msg->rsp[10], 3033 (msg->rsp[6] >> 2) & (~1), 3034 (struct ipmi_addr *) &(lan_addr), 3035 &recv_msg)) 3036 { 3037 /* We were unable to find the sequence number, 3038 so just nuke the message. */ 3039 spin_lock_irqsave(&intf->counter_lock, flags); 3040 intf->unhandled_lan_responses++; 3041 spin_unlock_irqrestore(&intf->counter_lock, flags); 3042 return 0; 3043 } 3044 3045 memcpy(recv_msg->msg_data, 3046 &(msg->rsp[11]), 3047 msg->rsp_size - 11); 3048 /* The other fields matched, so no need to set them, except 3049 for netfn, which needs to be the response that was 3050 returned, not the request value. */ 3051 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3052 recv_msg->msg.data = recv_msg->msg_data; 3053 recv_msg->msg.data_len = msg->rsp_size - 12; 3054 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3055 spin_lock_irqsave(&intf->counter_lock, flags); 3056 intf->handled_lan_responses++; 3057 spin_unlock_irqrestore(&intf->counter_lock, flags); 3058 deliver_response(recv_msg); 3059 3060 return 0; 3061 } 3062 3063 static int handle_lan_get_msg_cmd(ipmi_smi_t intf, 3064 struct ipmi_smi_msg *msg) 3065 { 3066 struct cmd_rcvr *rcvr; 3067 int rv = 0; 3068 unsigned char netfn; 3069 unsigned char cmd; 3070 unsigned char chan; 3071 ipmi_user_t user = NULL; 3072 struct ipmi_lan_addr *lan_addr; 3073 struct ipmi_recv_msg *recv_msg; 3074 unsigned long flags; 3075 3076 if (msg->rsp_size < 12) { 3077 /* Message not big enough, just ignore it. */ 3078 spin_lock_irqsave(&intf->counter_lock, flags); 3079 intf->invalid_commands++; 3080 spin_unlock_irqrestore(&intf->counter_lock, flags); 3081 return 0; 3082 } 3083 3084 if (msg->rsp[2] != 0) { 3085 /* An error getting the response, just ignore it. */ 3086 return 0; 3087 } 3088 3089 netfn = msg->rsp[6] >> 2; 3090 cmd = msg->rsp[10]; 3091 chan = msg->rsp[3] & 0xf; 3092 3093 rcu_read_lock(); 3094 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3095 if (rcvr) { 3096 user = rcvr->user; 3097 kref_get(&user->refcount); 3098 } else 3099 user = NULL; 3100 rcu_read_unlock(); 3101 3102 if (user == NULL) { 3103 /* We didn't find a user, just give up. */ 3104 spin_lock_irqsave(&intf->counter_lock, flags); 3105 intf->unhandled_commands++; 3106 spin_unlock_irqrestore(&intf->counter_lock, flags); 3107 3108 rv = 0; /* Don't do anything with these messages, just 3109 allow them to be freed. */ 3110 } else { 3111 /* Deliver the message to the user. */ 3112 spin_lock_irqsave(&intf->counter_lock, flags); 3113 intf->handled_commands++; 3114 spin_unlock_irqrestore(&intf->counter_lock, flags); 3115 3116 recv_msg = ipmi_alloc_recv_msg(); 3117 if (!recv_msg) { 3118 /* We couldn't allocate memory for the 3119 message, so requeue it for handling 3120 later. */ 3121 rv = 1; 3122 kref_put(&user->refcount, free_user); 3123 } else { 3124 /* Extract the source address from the data. */ 3125 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr; 3126 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE; 3127 lan_addr->session_handle = msg->rsp[4]; 3128 lan_addr->remote_SWID = msg->rsp[8]; 3129 lan_addr->local_SWID = msg->rsp[5]; 3130 lan_addr->lun = msg->rsp[9] & 3; 3131 lan_addr->channel = msg->rsp[3] & 0xf; 3132 lan_addr->privilege = msg->rsp[3] >> 4; 3133 3134 /* Extract the rest of the message information 3135 from the IPMB header.*/ 3136 recv_msg->user = user; 3137 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3138 recv_msg->msgid = msg->rsp[9] >> 2; 3139 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3140 recv_msg->msg.cmd = msg->rsp[10]; 3141 recv_msg->msg.data = recv_msg->msg_data; 3142 3143 /* We chop off 12, not 11 bytes because the checksum 3144 at the end also needs to be removed. */ 3145 recv_msg->msg.data_len = msg->rsp_size - 12; 3146 memcpy(recv_msg->msg_data, 3147 &(msg->rsp[11]), 3148 msg->rsp_size - 12); 3149 deliver_response(recv_msg); 3150 } 3151 } 3152 3153 return rv; 3154 } 3155 3156 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg, 3157 struct ipmi_smi_msg *msg) 3158 { 3159 struct ipmi_system_interface_addr *smi_addr; 3160 3161 recv_msg->msgid = 0; 3162 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr); 3163 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3164 smi_addr->channel = IPMI_BMC_CHANNEL; 3165 smi_addr->lun = msg->rsp[0] & 3; 3166 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE; 3167 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3168 recv_msg->msg.cmd = msg->rsp[1]; 3169 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3); 3170 recv_msg->msg.data = recv_msg->msg_data; 3171 recv_msg->msg.data_len = msg->rsp_size - 3; 3172 } 3173 3174 static int handle_read_event_rsp(ipmi_smi_t intf, 3175 struct ipmi_smi_msg *msg) 3176 { 3177 struct ipmi_recv_msg *recv_msg, *recv_msg2; 3178 struct list_head msgs; 3179 ipmi_user_t user; 3180 int rv = 0; 3181 int deliver_count = 0; 3182 unsigned long flags; 3183 3184 if (msg->rsp_size < 19) { 3185 /* Message is too small to be an IPMB event. */ 3186 spin_lock_irqsave(&intf->counter_lock, flags); 3187 intf->invalid_events++; 3188 spin_unlock_irqrestore(&intf->counter_lock, flags); 3189 return 0; 3190 } 3191 3192 if (msg->rsp[2] != 0) { 3193 /* An error getting the event, just ignore it. */ 3194 return 0; 3195 } 3196 3197 INIT_LIST_HEAD(&msgs); 3198 3199 spin_lock_irqsave(&intf->events_lock, flags); 3200 3201 spin_lock(&intf->counter_lock); 3202 intf->events++; 3203 spin_unlock(&intf->counter_lock); 3204 3205 /* Allocate and fill in one message for every user that is getting 3206 events. */ 3207 rcu_read_lock(); 3208 list_for_each_entry_rcu(user, &intf->users, link) { 3209 if (!user->gets_events) 3210 continue; 3211 3212 recv_msg = ipmi_alloc_recv_msg(); 3213 if (!recv_msg) { 3214 rcu_read_unlock(); 3215 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, 3216 link) { 3217 list_del(&recv_msg->link); 3218 ipmi_free_recv_msg(recv_msg); 3219 } 3220 /* We couldn't allocate memory for the 3221 message, so requeue it for handling 3222 later. */ 3223 rv = 1; 3224 goto out; 3225 } 3226 3227 deliver_count++; 3228 3229 copy_event_into_recv_msg(recv_msg, msg); 3230 recv_msg->user = user; 3231 kref_get(&user->refcount); 3232 list_add_tail(&(recv_msg->link), &msgs); 3233 } 3234 rcu_read_unlock(); 3235 3236 if (deliver_count) { 3237 /* Now deliver all the messages. */ 3238 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) { 3239 list_del(&recv_msg->link); 3240 deliver_response(recv_msg); 3241 } 3242 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) { 3243 /* No one to receive the message, put it in queue if there's 3244 not already too many things in the queue. */ 3245 recv_msg = ipmi_alloc_recv_msg(); 3246 if (!recv_msg) { 3247 /* We couldn't allocate memory for the 3248 message, so requeue it for handling 3249 later. */ 3250 rv = 1; 3251 goto out; 3252 } 3253 3254 copy_event_into_recv_msg(recv_msg, msg); 3255 list_add_tail(&(recv_msg->link), &(intf->waiting_events)); 3256 intf->waiting_events_count++; 3257 } else { 3258 /* There's too many things in the queue, discard this 3259 message. */ 3260 printk(KERN_WARNING PFX "Event queue full, discarding an" 3261 " incoming event\n"); 3262 } 3263 3264 out: 3265 spin_unlock_irqrestore(&(intf->events_lock), flags); 3266 3267 return rv; 3268 } 3269 3270 static int handle_bmc_rsp(ipmi_smi_t intf, 3271 struct ipmi_smi_msg *msg) 3272 { 3273 struct ipmi_recv_msg *recv_msg; 3274 unsigned long flags; 3275 struct ipmi_user *user; 3276 3277 recv_msg = (struct ipmi_recv_msg *) msg->user_data; 3278 if (recv_msg == NULL) 3279 { 3280 printk(KERN_WARNING"IPMI message received with no owner. This\n" 3281 "could be because of a malformed message, or\n" 3282 "because of a hardware error. Contact your\n" 3283 "hardware vender for assistance\n"); 3284 return 0; 3285 } 3286 3287 user = recv_msg->user; 3288 /* Make sure the user still exists. */ 3289 if (user && !user->valid) { 3290 /* The user for the message went away, so give up. */ 3291 spin_lock_irqsave(&intf->counter_lock, flags); 3292 intf->unhandled_local_responses++; 3293 spin_unlock_irqrestore(&intf->counter_lock, flags); 3294 ipmi_free_recv_msg(recv_msg); 3295 } else { 3296 struct ipmi_system_interface_addr *smi_addr; 3297 3298 spin_lock_irqsave(&intf->counter_lock, flags); 3299 intf->handled_local_responses++; 3300 spin_unlock_irqrestore(&intf->counter_lock, flags); 3301 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3302 recv_msg->msgid = msg->msgid; 3303 smi_addr = ((struct ipmi_system_interface_addr *) 3304 &(recv_msg->addr)); 3305 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3306 smi_addr->channel = IPMI_BMC_CHANNEL; 3307 smi_addr->lun = msg->rsp[0] & 3; 3308 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3309 recv_msg->msg.cmd = msg->rsp[1]; 3310 memcpy(recv_msg->msg_data, 3311 &(msg->rsp[2]), 3312 msg->rsp_size - 2); 3313 recv_msg->msg.data = recv_msg->msg_data; 3314 recv_msg->msg.data_len = msg->rsp_size - 2; 3315 deliver_response(recv_msg); 3316 } 3317 3318 return 0; 3319 } 3320 3321 /* Handle a new message. Return 1 if the message should be requeued, 3322 0 if the message should be freed, or -1 if the message should not 3323 be freed or requeued. */ 3324 static int handle_new_recv_msg(ipmi_smi_t intf, 3325 struct ipmi_smi_msg *msg) 3326 { 3327 int requeue; 3328 int chan; 3329 3330 #ifdef DEBUG_MSGING 3331 int m; 3332 printk("Recv:"); 3333 for (m = 0; m < msg->rsp_size; m++) 3334 printk(" %2.2x", msg->rsp[m]); 3335 printk("\n"); 3336 #endif 3337 if (msg->rsp_size < 2) { 3338 /* Message is too small to be correct. */ 3339 printk(KERN_WARNING PFX "BMC returned to small a message" 3340 " for netfn %x cmd %x, got %d bytes\n", 3341 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size); 3342 3343 /* Generate an error response for the message. */ 3344 msg->rsp[0] = msg->data[0] | (1 << 2); 3345 msg->rsp[1] = msg->data[1]; 3346 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3347 msg->rsp_size = 3; 3348 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */ 3349 || (msg->rsp[1] != msg->data[1])) /* Command */ 3350 { 3351 /* The response is not even marginally correct. */ 3352 printk(KERN_WARNING PFX "BMC returned incorrect response," 3353 " expected netfn %x cmd %x, got netfn %x cmd %x\n", 3354 (msg->data[0] >> 2) | 1, msg->data[1], 3355 msg->rsp[0] >> 2, msg->rsp[1]); 3356 3357 /* Generate an error response for the message. */ 3358 msg->rsp[0] = msg->data[0] | (1 << 2); 3359 msg->rsp[1] = msg->data[1]; 3360 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3361 msg->rsp_size = 3; 3362 } 3363 3364 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3365 && (msg->rsp[1] == IPMI_SEND_MSG_CMD) 3366 && (msg->user_data != NULL)) 3367 { 3368 /* It's a response to a response we sent. For this we 3369 deliver a send message response to the user. */ 3370 struct ipmi_recv_msg *recv_msg = msg->user_data; 3371 3372 requeue = 0; 3373 if (msg->rsp_size < 2) 3374 /* Message is too small to be correct. */ 3375 goto out; 3376 3377 chan = msg->data[2] & 0x0f; 3378 if (chan >= IPMI_MAX_CHANNELS) 3379 /* Invalid channel number */ 3380 goto out; 3381 3382 if (!recv_msg) 3383 goto out; 3384 3385 /* Make sure the user still exists. */ 3386 if (!recv_msg->user || !recv_msg->user->valid) 3387 goto out; 3388 3389 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE; 3390 recv_msg->msg.data = recv_msg->msg_data; 3391 recv_msg->msg.data_len = 1; 3392 recv_msg->msg_data[0] = msg->rsp[2]; 3393 deliver_response(recv_msg); 3394 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3395 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) 3396 { 3397 /* It's from the receive queue. */ 3398 chan = msg->rsp[3] & 0xf; 3399 if (chan >= IPMI_MAX_CHANNELS) { 3400 /* Invalid channel number */ 3401 requeue = 0; 3402 goto out; 3403 } 3404 3405 switch (intf->channels[chan].medium) { 3406 case IPMI_CHANNEL_MEDIUM_IPMB: 3407 if (msg->rsp[4] & 0x04) { 3408 /* It's a response, so find the 3409 requesting message and send it up. */ 3410 requeue = handle_ipmb_get_msg_rsp(intf, msg); 3411 } else { 3412 /* It's a command to the SMS from some other 3413 entity. Handle that. */ 3414 requeue = handle_ipmb_get_msg_cmd(intf, msg); 3415 } 3416 break; 3417 3418 case IPMI_CHANNEL_MEDIUM_8023LAN: 3419 case IPMI_CHANNEL_MEDIUM_ASYNC: 3420 if (msg->rsp[6] & 0x04) { 3421 /* It's a response, so find the 3422 requesting message and send it up. */ 3423 requeue = handle_lan_get_msg_rsp(intf, msg); 3424 } else { 3425 /* It's a command to the SMS from some other 3426 entity. Handle that. */ 3427 requeue = handle_lan_get_msg_cmd(intf, msg); 3428 } 3429 break; 3430 3431 default: 3432 /* We don't handle the channel type, so just 3433 * free the message. */ 3434 requeue = 0; 3435 } 3436 3437 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3438 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) 3439 { 3440 /* It's an asyncronous event. */ 3441 requeue = handle_read_event_rsp(intf, msg); 3442 } else { 3443 /* It's a response from the local BMC. */ 3444 requeue = handle_bmc_rsp(intf, msg); 3445 } 3446 3447 out: 3448 return requeue; 3449 } 3450 3451 /* Handle a new message from the lower layer. */ 3452 void ipmi_smi_msg_received(ipmi_smi_t intf, 3453 struct ipmi_smi_msg *msg) 3454 { 3455 unsigned long flags; 3456 int rv; 3457 3458 3459 if ((msg->data_size >= 2) 3460 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2)) 3461 && (msg->data[1] == IPMI_SEND_MSG_CMD) 3462 && (msg->user_data == NULL)) 3463 { 3464 /* This is the local response to a command send, start 3465 the timer for these. The user_data will not be 3466 NULL if this is a response send, and we will let 3467 response sends just go through. */ 3468 3469 /* Check for errors, if we get certain errors (ones 3470 that mean basically we can try again later), we 3471 ignore them and start the timer. Otherwise we 3472 report the error immediately. */ 3473 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0) 3474 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR) 3475 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR) 3476 && (msg->rsp[2] != IPMI_BUS_ERR) 3477 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) 3478 { 3479 int chan = msg->rsp[3] & 0xf; 3480 3481 /* Got an error sending the message, handle it. */ 3482 spin_lock_irqsave(&intf->counter_lock, flags); 3483 if (chan >= IPMI_MAX_CHANNELS) 3484 ; /* This shouldn't happen */ 3485 else if ((intf->channels[chan].medium 3486 == IPMI_CHANNEL_MEDIUM_8023LAN) 3487 || (intf->channels[chan].medium 3488 == IPMI_CHANNEL_MEDIUM_ASYNC)) 3489 intf->sent_lan_command_errs++; 3490 else 3491 intf->sent_ipmb_command_errs++; 3492 spin_unlock_irqrestore(&intf->counter_lock, flags); 3493 intf_err_seq(intf, msg->msgid, msg->rsp[2]); 3494 } else { 3495 /* The message was sent, start the timer. */ 3496 intf_start_seq_timer(intf, msg->msgid); 3497 } 3498 3499 ipmi_free_smi_msg(msg); 3500 goto out; 3501 } 3502 3503 /* To preserve message order, if the list is not empty, we 3504 tack this message onto the end of the list. */ 3505 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3506 if (!list_empty(&intf->waiting_msgs)) { 3507 list_add_tail(&msg->link, &intf->waiting_msgs); 3508 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3509 goto out; 3510 } 3511 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3512 3513 rv = handle_new_recv_msg(intf, msg); 3514 if (rv > 0) { 3515 /* Could not handle the message now, just add it to a 3516 list to handle later. */ 3517 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3518 list_add_tail(&msg->link, &intf->waiting_msgs); 3519 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3520 } else if (rv == 0) { 3521 ipmi_free_smi_msg(msg); 3522 } 3523 3524 out: 3525 return; 3526 } 3527 3528 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf) 3529 { 3530 ipmi_user_t user; 3531 3532 rcu_read_lock(); 3533 list_for_each_entry_rcu(user, &intf->users, link) { 3534 if (!user->handler->ipmi_watchdog_pretimeout) 3535 continue; 3536 3537 user->handler->ipmi_watchdog_pretimeout(user->handler_data); 3538 } 3539 rcu_read_unlock(); 3540 } 3541 3542 3543 static struct ipmi_smi_msg * 3544 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg, 3545 unsigned char seq, long seqid) 3546 { 3547 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg(); 3548 if (!smi_msg) 3549 /* If we can't allocate the message, then just return, we 3550 get 4 retries, so this should be ok. */ 3551 return NULL; 3552 3553 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len); 3554 smi_msg->data_size = recv_msg->msg.data_len; 3555 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid); 3556 3557 #ifdef DEBUG_MSGING 3558 { 3559 int m; 3560 printk("Resend: "); 3561 for (m = 0; m < smi_msg->data_size; m++) 3562 printk(" %2.2x", smi_msg->data[m]); 3563 printk("\n"); 3564 } 3565 #endif 3566 return smi_msg; 3567 } 3568 3569 static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, 3570 struct list_head *timeouts, long timeout_period, 3571 int slot, unsigned long *flags) 3572 { 3573 struct ipmi_recv_msg *msg; 3574 struct ipmi_smi_handlers *handlers; 3575 3576 if (intf->intf_num == -1) 3577 return; 3578 3579 if (!ent->inuse) 3580 return; 3581 3582 ent->timeout -= timeout_period; 3583 if (ent->timeout > 0) 3584 return; 3585 3586 if (ent->retries_left == 0) { 3587 /* The message has used all its retries. */ 3588 ent->inuse = 0; 3589 msg = ent->recv_msg; 3590 list_add_tail(&msg->link, timeouts); 3591 spin_lock(&intf->counter_lock); 3592 if (ent->broadcast) 3593 intf->timed_out_ipmb_broadcasts++; 3594 else if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE) 3595 intf->timed_out_lan_commands++; 3596 else 3597 intf->timed_out_ipmb_commands++; 3598 spin_unlock(&intf->counter_lock); 3599 } else { 3600 struct ipmi_smi_msg *smi_msg; 3601 /* More retries, send again. */ 3602 3603 /* Start with the max timer, set to normal 3604 timer after the message is sent. */ 3605 ent->timeout = MAX_MSG_TIMEOUT; 3606 ent->retries_left--; 3607 spin_lock(&intf->counter_lock); 3608 if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE) 3609 intf->retransmitted_lan_commands++; 3610 else 3611 intf->retransmitted_ipmb_commands++; 3612 spin_unlock(&intf->counter_lock); 3613 3614 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot, 3615 ent->seqid); 3616 if (!smi_msg) 3617 return; 3618 3619 spin_unlock_irqrestore(&intf->seq_lock, *flags); 3620 3621 /* Send the new message. We send with a zero 3622 * priority. It timed out, I doubt time is 3623 * that critical now, and high priority 3624 * messages are really only for messages to the 3625 * local MC, which don't get resent. */ 3626 handlers = intf->handlers; 3627 if (handlers) 3628 intf->handlers->sender(intf->send_info, 3629 smi_msg, 0); 3630 else 3631 ipmi_free_smi_msg(smi_msg); 3632 3633 spin_lock_irqsave(&intf->seq_lock, *flags); 3634 } 3635 } 3636 3637 static void ipmi_timeout_handler(long timeout_period) 3638 { 3639 ipmi_smi_t intf; 3640 struct list_head timeouts; 3641 struct ipmi_recv_msg *msg, *msg2; 3642 struct ipmi_smi_msg *smi_msg, *smi_msg2; 3643 unsigned long flags; 3644 int i; 3645 3646 rcu_read_lock(); 3647 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 3648 /* See if any waiting messages need to be processed. */ 3649 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3650 list_for_each_entry_safe(smi_msg, smi_msg2, 3651 &intf->waiting_msgs, link) { 3652 if (!handle_new_recv_msg(intf, smi_msg)) { 3653 list_del(&smi_msg->link); 3654 ipmi_free_smi_msg(smi_msg); 3655 } else { 3656 /* To preserve message order, quit if we 3657 can't handle a message. */ 3658 break; 3659 } 3660 } 3661 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3662 3663 /* Go through the seq table and find any messages that 3664 have timed out, putting them in the timeouts 3665 list. */ 3666 INIT_LIST_HEAD(&timeouts); 3667 spin_lock_irqsave(&intf->seq_lock, flags); 3668 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) 3669 check_msg_timeout(intf, &(intf->seq_table[i]), 3670 &timeouts, timeout_period, i, 3671 &flags); 3672 spin_unlock_irqrestore(&intf->seq_lock, flags); 3673 3674 list_for_each_entry_safe(msg, msg2, &timeouts, link) 3675 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE); 3676 3677 /* 3678 * Maintenance mode handling. Check the timeout 3679 * optimistically before we claim the lock. It may 3680 * mean a timeout gets missed occasionally, but that 3681 * only means the timeout gets extended by one period 3682 * in that case. No big deal, and it avoids the lock 3683 * most of the time. 3684 */ 3685 if (intf->auto_maintenance_timeout > 0) { 3686 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 3687 if (intf->auto_maintenance_timeout > 0) { 3688 intf->auto_maintenance_timeout 3689 -= timeout_period; 3690 if (!intf->maintenance_mode 3691 && (intf->auto_maintenance_timeout <= 0)) 3692 { 3693 intf->maintenance_mode_enable = 0; 3694 maintenance_mode_update(intf); 3695 } 3696 } 3697 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 3698 flags); 3699 } 3700 } 3701 rcu_read_unlock(); 3702 } 3703 3704 static void ipmi_request_event(void) 3705 { 3706 ipmi_smi_t intf; 3707 struct ipmi_smi_handlers *handlers; 3708 3709 rcu_read_lock(); 3710 /* Called from the timer, no need to check if handlers is 3711 * valid. */ 3712 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 3713 /* No event requests when in maintenance mode. */ 3714 if (intf->maintenance_mode_enable) 3715 continue; 3716 3717 handlers = intf->handlers; 3718 if (handlers) 3719 handlers->request_events(intf->send_info); 3720 } 3721 rcu_read_unlock(); 3722 } 3723 3724 static struct timer_list ipmi_timer; 3725 3726 /* Call every ~100 ms. */ 3727 #define IPMI_TIMEOUT_TIME 100 3728 3729 /* How many jiffies does it take to get to the timeout time. */ 3730 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000) 3731 3732 /* Request events from the queue every second (this is the number of 3733 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the 3734 future, IPMI will add a way to know immediately if an event is in 3735 the queue and this silliness can go away. */ 3736 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME)) 3737 3738 static atomic_t stop_operation; 3739 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 3740 3741 static void ipmi_timeout(unsigned long data) 3742 { 3743 if (atomic_read(&stop_operation)) 3744 return; 3745 3746 ticks_to_req_ev--; 3747 if (ticks_to_req_ev == 0) { 3748 ipmi_request_event(); 3749 ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 3750 } 3751 3752 ipmi_timeout_handler(IPMI_TIMEOUT_TIME); 3753 3754 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 3755 } 3756 3757 3758 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0); 3759 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0); 3760 3761 /* FIXME - convert these to slabs. */ 3762 static void free_smi_msg(struct ipmi_smi_msg *msg) 3763 { 3764 atomic_dec(&smi_msg_inuse_count); 3765 kfree(msg); 3766 } 3767 3768 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void) 3769 { 3770 struct ipmi_smi_msg *rv; 3771 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC); 3772 if (rv) { 3773 rv->done = free_smi_msg; 3774 rv->user_data = NULL; 3775 atomic_inc(&smi_msg_inuse_count); 3776 } 3777 return rv; 3778 } 3779 3780 static void free_recv_msg(struct ipmi_recv_msg *msg) 3781 { 3782 atomic_dec(&recv_msg_inuse_count); 3783 kfree(msg); 3784 } 3785 3786 struct ipmi_recv_msg *ipmi_alloc_recv_msg(void) 3787 { 3788 struct ipmi_recv_msg *rv; 3789 3790 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC); 3791 if (rv) { 3792 rv->user = NULL; 3793 rv->done = free_recv_msg; 3794 atomic_inc(&recv_msg_inuse_count); 3795 } 3796 return rv; 3797 } 3798 3799 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg) 3800 { 3801 if (msg->user) 3802 kref_put(&msg->user->refcount, free_user); 3803 msg->done(msg); 3804 } 3805 3806 #ifdef CONFIG_IPMI_PANIC_EVENT 3807 3808 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg) 3809 { 3810 } 3811 3812 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg) 3813 { 3814 } 3815 3816 #ifdef CONFIG_IPMI_PANIC_STRING 3817 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 3818 { 3819 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 3820 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE) 3821 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD) 3822 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) 3823 { 3824 /* A get event receiver command, save it. */ 3825 intf->event_receiver = msg->msg.data[1]; 3826 intf->event_receiver_lun = msg->msg.data[2] & 0x3; 3827 } 3828 } 3829 3830 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 3831 { 3832 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 3833 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 3834 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD) 3835 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) 3836 { 3837 /* A get device id command, save if we are an event 3838 receiver or generator. */ 3839 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1; 3840 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1; 3841 } 3842 } 3843 #endif 3844 3845 static void send_panic_events(char *str) 3846 { 3847 struct kernel_ipmi_msg msg; 3848 ipmi_smi_t intf; 3849 unsigned char data[16]; 3850 struct ipmi_system_interface_addr *si; 3851 struct ipmi_addr addr; 3852 struct ipmi_smi_msg smi_msg; 3853 struct ipmi_recv_msg recv_msg; 3854 3855 si = (struct ipmi_system_interface_addr *) &addr; 3856 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3857 si->channel = IPMI_BMC_CHANNEL; 3858 si->lun = 0; 3859 3860 /* Fill in an event telling that we have failed. */ 3861 msg.netfn = 0x04; /* Sensor or Event. */ 3862 msg.cmd = 2; /* Platform event command. */ 3863 msg.data = data; 3864 msg.data_len = 8; 3865 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */ 3866 data[1] = 0x03; /* This is for IPMI 1.0. */ 3867 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */ 3868 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */ 3869 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */ 3870 3871 /* Put a few breadcrumbs in. Hopefully later we can add more things 3872 to make the panic events more useful. */ 3873 if (str) { 3874 data[3] = str[0]; 3875 data[6] = str[1]; 3876 data[7] = str[2]; 3877 } 3878 3879 smi_msg.done = dummy_smi_done_handler; 3880 recv_msg.done = dummy_recv_done_handler; 3881 3882 /* For every registered interface, send the event. */ 3883 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 3884 if (!intf->handlers) 3885 /* Interface is not ready. */ 3886 continue; 3887 3888 /* Send the event announcing the panic. */ 3889 intf->handlers->set_run_to_completion(intf->send_info, 1); 3890 i_ipmi_request(NULL, 3891 intf, 3892 &addr, 3893 0, 3894 &msg, 3895 intf, 3896 &smi_msg, 3897 &recv_msg, 3898 0, 3899 intf->channels[0].address, 3900 intf->channels[0].lun, 3901 0, 1); /* Don't retry, and don't wait. */ 3902 } 3903 3904 #ifdef CONFIG_IPMI_PANIC_STRING 3905 /* On every interface, dump a bunch of OEM event holding the 3906 string. */ 3907 if (!str) 3908 return; 3909 3910 /* For every registered interface, send the event. */ 3911 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 3912 char *p = str; 3913 struct ipmi_ipmb_addr *ipmb; 3914 int j; 3915 3916 if (intf->intf_num == -1) 3917 /* Interface was not ready yet. */ 3918 continue; 3919 3920 /* 3921 * intf_num is used as an marker to tell if the 3922 * interface is valid. Thus we need a read barrier to 3923 * make sure data fetched before checking intf_num 3924 * won't be used. 3925 */ 3926 smp_rmb(); 3927 3928 /* First job here is to figure out where to send the 3929 OEM events. There's no way in IPMI to send OEM 3930 events using an event send command, so we have to 3931 find the SEL to put them in and stick them in 3932 there. */ 3933 3934 /* Get capabilities from the get device id. */ 3935 intf->local_sel_device = 0; 3936 intf->local_event_generator = 0; 3937 intf->event_receiver = 0; 3938 3939 /* Request the device info from the local MC. */ 3940 msg.netfn = IPMI_NETFN_APP_REQUEST; 3941 msg.cmd = IPMI_GET_DEVICE_ID_CMD; 3942 msg.data = NULL; 3943 msg.data_len = 0; 3944 intf->null_user_handler = device_id_fetcher; 3945 i_ipmi_request(NULL, 3946 intf, 3947 &addr, 3948 0, 3949 &msg, 3950 intf, 3951 &smi_msg, 3952 &recv_msg, 3953 0, 3954 intf->channels[0].address, 3955 intf->channels[0].lun, 3956 0, 1); /* Don't retry, and don't wait. */ 3957 3958 if (intf->local_event_generator) { 3959 /* Request the event receiver from the local MC. */ 3960 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST; 3961 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD; 3962 msg.data = NULL; 3963 msg.data_len = 0; 3964 intf->null_user_handler = event_receiver_fetcher; 3965 i_ipmi_request(NULL, 3966 intf, 3967 &addr, 3968 0, 3969 &msg, 3970 intf, 3971 &smi_msg, 3972 &recv_msg, 3973 0, 3974 intf->channels[0].address, 3975 intf->channels[0].lun, 3976 0, 1); /* no retry, and no wait. */ 3977 } 3978 intf->null_user_handler = NULL; 3979 3980 /* Validate the event receiver. The low bit must not 3981 be 1 (it must be a valid IPMB address), it cannot 3982 be zero, and it must not be my address. */ 3983 if (((intf->event_receiver & 1) == 0) 3984 && (intf->event_receiver != 0) 3985 && (intf->event_receiver != intf->channels[0].address)) 3986 { 3987 /* The event receiver is valid, send an IPMB 3988 message. */ 3989 ipmb = (struct ipmi_ipmb_addr *) &addr; 3990 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE; 3991 ipmb->channel = 0; /* FIXME - is this right? */ 3992 ipmb->lun = intf->event_receiver_lun; 3993 ipmb->slave_addr = intf->event_receiver; 3994 } else if (intf->local_sel_device) { 3995 /* The event receiver was not valid (or was 3996 me), but I am an SEL device, just dump it 3997 in my SEL. */ 3998 si = (struct ipmi_system_interface_addr *) &addr; 3999 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4000 si->channel = IPMI_BMC_CHANNEL; 4001 si->lun = 0; 4002 } else 4003 continue; /* No where to send the event. */ 4004 4005 4006 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */ 4007 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD; 4008 msg.data = data; 4009 msg.data_len = 16; 4010 4011 j = 0; 4012 while (*p) { 4013 int size = strlen(p); 4014 4015 if (size > 11) 4016 size = 11; 4017 data[0] = 0; 4018 data[1] = 0; 4019 data[2] = 0xf0; /* OEM event without timestamp. */ 4020 data[3] = intf->channels[0].address; 4021 data[4] = j++; /* sequence # */ 4022 /* Always give 11 bytes, so strncpy will fill 4023 it with zeroes for me. */ 4024 strncpy(data+5, p, 11); 4025 p += size; 4026 4027 i_ipmi_request(NULL, 4028 intf, 4029 &addr, 4030 0, 4031 &msg, 4032 intf, 4033 &smi_msg, 4034 &recv_msg, 4035 0, 4036 intf->channels[0].address, 4037 intf->channels[0].lun, 4038 0, 1); /* no retry, and no wait. */ 4039 } 4040 } 4041 #endif /* CONFIG_IPMI_PANIC_STRING */ 4042 } 4043 #endif /* CONFIG_IPMI_PANIC_EVENT */ 4044 4045 static int has_panicked; 4046 4047 static int panic_event(struct notifier_block *this, 4048 unsigned long event, 4049 void *ptr) 4050 { 4051 ipmi_smi_t intf; 4052 4053 if (has_panicked) 4054 return NOTIFY_DONE; 4055 has_panicked = 1; 4056 4057 /* For every registered interface, set it to run to completion. */ 4058 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4059 if (!intf->handlers) 4060 /* Interface is not ready. */ 4061 continue; 4062 4063 intf->handlers->set_run_to_completion(intf->send_info, 1); 4064 } 4065 4066 #ifdef CONFIG_IPMI_PANIC_EVENT 4067 send_panic_events(ptr); 4068 #endif 4069 4070 return NOTIFY_DONE; 4071 } 4072 4073 static struct notifier_block panic_block = { 4074 .notifier_call = panic_event, 4075 .next = NULL, 4076 .priority = 200 /* priority: INT_MAX >= x >= 0 */ 4077 }; 4078 4079 static int ipmi_init_msghandler(void) 4080 { 4081 int rv; 4082 4083 if (initialized) 4084 return 0; 4085 4086 rv = driver_register(&ipmidriver); 4087 if (rv) { 4088 printk(KERN_ERR PFX "Could not register IPMI driver\n"); 4089 return rv; 4090 } 4091 4092 printk(KERN_INFO "ipmi message handler version " 4093 IPMI_DRIVER_VERSION "\n"); 4094 4095 #ifdef CONFIG_PROC_FS 4096 proc_ipmi_root = proc_mkdir("ipmi", NULL); 4097 if (!proc_ipmi_root) { 4098 printk(KERN_ERR PFX "Unable to create IPMI proc dir"); 4099 return -ENOMEM; 4100 } 4101 4102 proc_ipmi_root->owner = THIS_MODULE; 4103 #endif /* CONFIG_PROC_FS */ 4104 4105 setup_timer(&ipmi_timer, ipmi_timeout, 0); 4106 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4107 4108 atomic_notifier_chain_register(&panic_notifier_list, &panic_block); 4109 4110 initialized = 1; 4111 4112 return 0; 4113 } 4114 4115 static __init int ipmi_init_msghandler_mod(void) 4116 { 4117 ipmi_init_msghandler(); 4118 return 0; 4119 } 4120 4121 static __exit void cleanup_ipmi(void) 4122 { 4123 int count; 4124 4125 if (!initialized) 4126 return; 4127 4128 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block); 4129 4130 /* This can't be called if any interfaces exist, so no worry about 4131 shutting down the interfaces. */ 4132 4133 /* Tell the timer to stop, then wait for it to stop. This avoids 4134 problems with race conditions removing the timer here. */ 4135 atomic_inc(&stop_operation); 4136 del_timer_sync(&ipmi_timer); 4137 4138 #ifdef CONFIG_PROC_FS 4139 remove_proc_entry(proc_ipmi_root->name, &proc_root); 4140 #endif /* CONFIG_PROC_FS */ 4141 4142 driver_unregister(&ipmidriver); 4143 4144 initialized = 0; 4145 4146 /* Check for buffer leaks. */ 4147 count = atomic_read(&smi_msg_inuse_count); 4148 if (count != 0) 4149 printk(KERN_WARNING PFX "SMI message count %d at exit\n", 4150 count); 4151 count = atomic_read(&recv_msg_inuse_count); 4152 if (count != 0) 4153 printk(KERN_WARNING PFX "recv message count %d at exit\n", 4154 count); 4155 } 4156 module_exit(cleanup_ipmi); 4157 4158 module_init(ipmi_init_msghandler_mod); 4159 MODULE_LICENSE("GPL"); 4160 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>"); 4161 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI interface."); 4162 MODULE_VERSION(IPMI_DRIVER_VERSION); 4163 4164 EXPORT_SYMBOL(ipmi_create_user); 4165 EXPORT_SYMBOL(ipmi_destroy_user); 4166 EXPORT_SYMBOL(ipmi_get_version); 4167 EXPORT_SYMBOL(ipmi_request_settime); 4168 EXPORT_SYMBOL(ipmi_request_supply_msgs); 4169 EXPORT_SYMBOL(ipmi_register_smi); 4170 EXPORT_SYMBOL(ipmi_unregister_smi); 4171 EXPORT_SYMBOL(ipmi_register_for_cmd); 4172 EXPORT_SYMBOL(ipmi_unregister_for_cmd); 4173 EXPORT_SYMBOL(ipmi_smi_msg_received); 4174 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout); 4175 EXPORT_SYMBOL(ipmi_alloc_smi_msg); 4176 EXPORT_SYMBOL(ipmi_addr_length); 4177 EXPORT_SYMBOL(ipmi_validate_addr); 4178 EXPORT_SYMBOL(ipmi_set_gets_events); 4179 EXPORT_SYMBOL(ipmi_smi_watcher_register); 4180 EXPORT_SYMBOL(ipmi_smi_watcher_unregister); 4181 EXPORT_SYMBOL(ipmi_set_my_address); 4182 EXPORT_SYMBOL(ipmi_get_my_address); 4183 EXPORT_SYMBOL(ipmi_set_my_LUN); 4184 EXPORT_SYMBOL(ipmi_get_my_LUN); 4185 EXPORT_SYMBOL(ipmi_smi_add_proc_entry); 4186 EXPORT_SYMBOL(ipmi_user_set_run_to_completion); 4187 EXPORT_SYMBOL(ipmi_free_recv_msg); 4188