1 /* 2 * ipmi_msghandler.c 3 * 4 * Incoming and outgoing message routing for an IPMI interface. 5 * 6 * Author: MontaVista Software, Inc. 7 * Corey Minyard <minyard@mvista.com> 8 * source@mvista.com 9 * 10 * Copyright 2002 MontaVista Software Inc. 11 * 12 * This program is free software; you can redistribute it and/or modify it 13 * under the terms of the GNU General Public License as published by the 14 * Free Software Foundation; either version 2 of the License, or (at your 15 * option) any later version. 16 * 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * 29 * You should have received a copy of the GNU General Public License along 30 * with this program; if not, write to the Free Software Foundation, Inc., 31 * 675 Mass Ave, Cambridge, MA 02139, USA. 32 */ 33 34 #include <linux/config.h> 35 #include <linux/module.h> 36 #include <linux/errno.h> 37 #include <asm/system.h> 38 #include <linux/sched.h> 39 #include <linux/poll.h> 40 #include <linux/spinlock.h> 41 #include <linux/rwsem.h> 42 #include <linux/slab.h> 43 #include <linux/ipmi.h> 44 #include <linux/ipmi_smi.h> 45 #include <linux/notifier.h> 46 #include <linux/init.h> 47 #include <linux/proc_fs.h> 48 49 #define PFX "IPMI message handler: " 50 #define IPMI_MSGHANDLER_VERSION "v33" 51 52 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void); 53 static int ipmi_init_msghandler(void); 54 55 static int initialized = 0; 56 57 #ifdef CONFIG_PROC_FS 58 struct proc_dir_entry *proc_ipmi_root = NULL; 59 #endif /* CONFIG_PROC_FS */ 60 61 #define MAX_EVENTS_IN_QUEUE 25 62 63 /* Don't let a message sit in a queue forever, always time it with at lest 64 the max message timer. This is in milliseconds. */ 65 #define MAX_MSG_TIMEOUT 60000 66 67 struct ipmi_user 68 { 69 struct list_head link; 70 71 /* The upper layer that handles receive messages. */ 72 struct ipmi_user_hndl *handler; 73 void *handler_data; 74 75 /* The interface this user is bound to. */ 76 ipmi_smi_t intf; 77 78 /* Does this interface receive IPMI events? */ 79 int gets_events; 80 }; 81 82 struct cmd_rcvr 83 { 84 struct list_head link; 85 86 ipmi_user_t user; 87 unsigned char netfn; 88 unsigned char cmd; 89 }; 90 91 struct seq_table 92 { 93 unsigned int inuse : 1; 94 unsigned int broadcast : 1; 95 96 unsigned long timeout; 97 unsigned long orig_timeout; 98 unsigned int retries_left; 99 100 /* To verify on an incoming send message response that this is 101 the message that the response is for, we keep a sequence id 102 and increment it every time we send a message. */ 103 long seqid; 104 105 /* This is held so we can properly respond to the message on a 106 timeout, and it is used to hold the temporary data for 107 retransmission, too. */ 108 struct ipmi_recv_msg *recv_msg; 109 }; 110 111 /* Store the information in a msgid (long) to allow us to find a 112 sequence table entry from the msgid. */ 113 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff)) 114 115 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \ 116 do { \ 117 seq = ((msgid >> 26) & 0x3f); \ 118 seqid = (msgid & 0x3fffff); \ 119 } while(0) 120 121 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff) 122 123 struct ipmi_channel 124 { 125 unsigned char medium; 126 unsigned char protocol; 127 }; 128 129 #ifdef CONFIG_PROC_FS 130 struct ipmi_proc_entry 131 { 132 char *name; 133 struct ipmi_proc_entry *next; 134 }; 135 #endif 136 137 #define IPMI_IPMB_NUM_SEQ 64 138 #define IPMI_MAX_CHANNELS 8 139 struct ipmi_smi 140 { 141 /* What interface number are we? */ 142 int intf_num; 143 144 /* The list of upper layers that are using me. We read-lock 145 this when delivering messages to the upper layer to keep 146 the user from going away while we are processing the 147 message. This means that you cannot add or delete a user 148 from the receive callback. */ 149 rwlock_t users_lock; 150 struct list_head users; 151 152 /* Used for wake ups at startup. */ 153 wait_queue_head_t waitq; 154 155 /* The IPMI version of the BMC on the other end. */ 156 unsigned char version_major; 157 unsigned char version_minor; 158 159 /* This is the lower-layer's sender routine. */ 160 struct ipmi_smi_handlers *handlers; 161 void *send_info; 162 163 #ifdef CONFIG_PROC_FS 164 /* A list of proc entries for this interface. This does not 165 need a lock, only one thread creates it and only one thread 166 destroys it. */ 167 spinlock_t proc_entry_lock; 168 struct ipmi_proc_entry *proc_entries; 169 #endif 170 171 /* A table of sequence numbers for this interface. We use the 172 sequence numbers for IPMB messages that go out of the 173 interface to match them up with their responses. A routine 174 is called periodically to time the items in this list. */ 175 spinlock_t seq_lock; 176 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ]; 177 int curr_seq; 178 179 /* Messages that were delayed for some reason (out of memory, 180 for instance), will go in here to be processed later in a 181 periodic timer interrupt. */ 182 spinlock_t waiting_msgs_lock; 183 struct list_head waiting_msgs; 184 185 /* The list of command receivers that are registered for commands 186 on this interface. */ 187 rwlock_t cmd_rcvr_lock; 188 struct list_head cmd_rcvrs; 189 190 /* Events that were queues because no one was there to receive 191 them. */ 192 spinlock_t events_lock; /* For dealing with event stuff. */ 193 struct list_head waiting_events; 194 unsigned int waiting_events_count; /* How many events in queue? */ 195 196 /* This will be non-null if someone registers to receive all 197 IPMI commands (this is for interface emulation). There 198 may not be any things in the cmd_rcvrs list above when 199 this is registered. */ 200 ipmi_user_t all_cmd_rcvr; 201 202 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR, 203 but may be changed by the user. */ 204 unsigned char my_address; 205 206 /* My LUN. This should generally stay the SMS LUN, but just in 207 case... */ 208 unsigned char my_lun; 209 210 /* The event receiver for my BMC, only really used at panic 211 shutdown as a place to store this. */ 212 unsigned char event_receiver; 213 unsigned char event_receiver_lun; 214 unsigned char local_sel_device; 215 unsigned char local_event_generator; 216 217 /* A cheap hack, if this is non-null and a message to an 218 interface comes in with a NULL user, call this routine with 219 it. Note that the message will still be freed by the 220 caller. This only works on the system interface. */ 221 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_smi_msg *msg); 222 223 /* When we are scanning the channels for an SMI, this will 224 tell which channel we are scanning. */ 225 int curr_channel; 226 227 /* Channel information */ 228 struct ipmi_channel channels[IPMI_MAX_CHANNELS]; 229 230 /* Proc FS stuff. */ 231 struct proc_dir_entry *proc_dir; 232 char proc_dir_name[10]; 233 234 spinlock_t counter_lock; /* For making counters atomic. */ 235 236 /* Commands we got that were invalid. */ 237 unsigned int sent_invalid_commands; 238 239 /* Commands we sent to the MC. */ 240 unsigned int sent_local_commands; 241 /* Responses from the MC that were delivered to a user. */ 242 unsigned int handled_local_responses; 243 /* Responses from the MC that were not delivered to a user. */ 244 unsigned int unhandled_local_responses; 245 246 /* Commands we sent out to the IPMB bus. */ 247 unsigned int sent_ipmb_commands; 248 /* Commands sent on the IPMB that had errors on the SEND CMD */ 249 unsigned int sent_ipmb_command_errs; 250 /* Each retransmit increments this count. */ 251 unsigned int retransmitted_ipmb_commands; 252 /* When a message times out (runs out of retransmits) this is 253 incremented. */ 254 unsigned int timed_out_ipmb_commands; 255 256 /* This is like above, but for broadcasts. Broadcasts are 257 *not* included in the above count (they are expected to 258 time out). */ 259 unsigned int timed_out_ipmb_broadcasts; 260 261 /* Responses I have sent to the IPMB bus. */ 262 unsigned int sent_ipmb_responses; 263 264 /* The response was delivered to the user. */ 265 unsigned int handled_ipmb_responses; 266 /* The response had invalid data in it. */ 267 unsigned int invalid_ipmb_responses; 268 /* The response didn't have anyone waiting for it. */ 269 unsigned int unhandled_ipmb_responses; 270 271 /* Commands we sent out to the IPMB bus. */ 272 unsigned int sent_lan_commands; 273 /* Commands sent on the IPMB that had errors on the SEND CMD */ 274 unsigned int sent_lan_command_errs; 275 /* Each retransmit increments this count. */ 276 unsigned int retransmitted_lan_commands; 277 /* When a message times out (runs out of retransmits) this is 278 incremented. */ 279 unsigned int timed_out_lan_commands; 280 281 /* Responses I have sent to the IPMB bus. */ 282 unsigned int sent_lan_responses; 283 284 /* The response was delivered to the user. */ 285 unsigned int handled_lan_responses; 286 /* The response had invalid data in it. */ 287 unsigned int invalid_lan_responses; 288 /* The response didn't have anyone waiting for it. */ 289 unsigned int unhandled_lan_responses; 290 291 /* The command was delivered to the user. */ 292 unsigned int handled_commands; 293 /* The command had invalid data in it. */ 294 unsigned int invalid_commands; 295 /* The command didn't have anyone waiting for it. */ 296 unsigned int unhandled_commands; 297 298 /* Invalid data in an event. */ 299 unsigned int invalid_events; 300 /* Events that were received with the proper format. */ 301 unsigned int events; 302 }; 303 304 #define MAX_IPMI_INTERFACES 4 305 static ipmi_smi_t ipmi_interfaces[MAX_IPMI_INTERFACES]; 306 307 /* Used to keep interfaces from going away while operations are 308 operating on interfaces. Grab read if you are not modifying the 309 interfaces, write if you are. */ 310 static DECLARE_RWSEM(interfaces_sem); 311 312 /* Directly protects the ipmi_interfaces data structure. This is 313 claimed in the timer interrupt. */ 314 static DEFINE_SPINLOCK(interfaces_lock); 315 316 /* List of watchers that want to know when smi's are added and 317 deleted. */ 318 static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers); 319 static DECLARE_RWSEM(smi_watchers_sem); 320 321 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher) 322 { 323 int i; 324 325 down_read(&interfaces_sem); 326 down_write(&smi_watchers_sem); 327 list_add(&(watcher->link), &smi_watchers); 328 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 329 if (ipmi_interfaces[i] != NULL) { 330 watcher->new_smi(i); 331 } 332 } 333 up_write(&smi_watchers_sem); 334 up_read(&interfaces_sem); 335 return 0; 336 } 337 338 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher) 339 { 340 down_write(&smi_watchers_sem); 341 list_del(&(watcher->link)); 342 up_write(&smi_watchers_sem); 343 return 0; 344 } 345 346 static void 347 call_smi_watchers(int i) 348 { 349 struct ipmi_smi_watcher *w; 350 351 down_read(&smi_watchers_sem); 352 list_for_each_entry(w, &smi_watchers, link) { 353 if (try_module_get(w->owner)) { 354 w->new_smi(i); 355 module_put(w->owner); 356 } 357 } 358 up_read(&smi_watchers_sem); 359 } 360 361 static int 362 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2) 363 { 364 if (addr1->addr_type != addr2->addr_type) 365 return 0; 366 367 if (addr1->channel != addr2->channel) 368 return 0; 369 370 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 371 struct ipmi_system_interface_addr *smi_addr1 372 = (struct ipmi_system_interface_addr *) addr1; 373 struct ipmi_system_interface_addr *smi_addr2 374 = (struct ipmi_system_interface_addr *) addr2; 375 return (smi_addr1->lun == smi_addr2->lun); 376 } 377 378 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE) 379 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 380 { 381 struct ipmi_ipmb_addr *ipmb_addr1 382 = (struct ipmi_ipmb_addr *) addr1; 383 struct ipmi_ipmb_addr *ipmb_addr2 384 = (struct ipmi_ipmb_addr *) addr2; 385 386 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr) 387 && (ipmb_addr1->lun == ipmb_addr2->lun)); 388 } 389 390 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) { 391 struct ipmi_lan_addr *lan_addr1 392 = (struct ipmi_lan_addr *) addr1; 393 struct ipmi_lan_addr *lan_addr2 394 = (struct ipmi_lan_addr *) addr2; 395 396 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID) 397 && (lan_addr1->local_SWID == lan_addr2->local_SWID) 398 && (lan_addr1->session_handle 399 == lan_addr2->session_handle) 400 && (lan_addr1->lun == lan_addr2->lun)); 401 } 402 403 return 1; 404 } 405 406 int ipmi_validate_addr(struct ipmi_addr *addr, int len) 407 { 408 if (len < sizeof(struct ipmi_system_interface_addr)) { 409 return -EINVAL; 410 } 411 412 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 413 if (addr->channel != IPMI_BMC_CHANNEL) 414 return -EINVAL; 415 return 0; 416 } 417 418 if ((addr->channel == IPMI_BMC_CHANNEL) 419 || (addr->channel >= IPMI_NUM_CHANNELS) 420 || (addr->channel < 0)) 421 return -EINVAL; 422 423 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE) 424 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 425 { 426 if (len < sizeof(struct ipmi_ipmb_addr)) { 427 return -EINVAL; 428 } 429 return 0; 430 } 431 432 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) { 433 if (len < sizeof(struct ipmi_lan_addr)) { 434 return -EINVAL; 435 } 436 return 0; 437 } 438 439 return -EINVAL; 440 } 441 442 unsigned int ipmi_addr_length(int addr_type) 443 { 444 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 445 return sizeof(struct ipmi_system_interface_addr); 446 447 if ((addr_type == IPMI_IPMB_ADDR_TYPE) 448 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 449 { 450 return sizeof(struct ipmi_ipmb_addr); 451 } 452 453 if (addr_type == IPMI_LAN_ADDR_TYPE) 454 return sizeof(struct ipmi_lan_addr); 455 456 return 0; 457 } 458 459 static void deliver_response(struct ipmi_recv_msg *msg) 460 { 461 msg->user->handler->ipmi_recv_hndl(msg, msg->user->handler_data); 462 } 463 464 /* Find the next sequence number not being used and add the given 465 message with the given timeout to the sequence table. This must be 466 called with the interface's seq_lock held. */ 467 static int intf_next_seq(ipmi_smi_t intf, 468 struct ipmi_recv_msg *recv_msg, 469 unsigned long timeout, 470 int retries, 471 int broadcast, 472 unsigned char *seq, 473 long *seqid) 474 { 475 int rv = 0; 476 unsigned int i; 477 478 for (i=intf->curr_seq; 479 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq; 480 i=(i+1)%IPMI_IPMB_NUM_SEQ) 481 { 482 if (! intf->seq_table[i].inuse) 483 break; 484 } 485 486 if (! intf->seq_table[i].inuse) { 487 intf->seq_table[i].recv_msg = recv_msg; 488 489 /* Start with the maximum timeout, when the send response 490 comes in we will start the real timer. */ 491 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT; 492 intf->seq_table[i].orig_timeout = timeout; 493 intf->seq_table[i].retries_left = retries; 494 intf->seq_table[i].broadcast = broadcast; 495 intf->seq_table[i].inuse = 1; 496 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid); 497 *seq = i; 498 *seqid = intf->seq_table[i].seqid; 499 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ; 500 } else { 501 rv = -EAGAIN; 502 } 503 504 return rv; 505 } 506 507 /* Return the receive message for the given sequence number and 508 release the sequence number so it can be reused. Some other data 509 is passed in to be sure the message matches up correctly (to help 510 guard against message coming in after their timeout and the 511 sequence number being reused). */ 512 static int intf_find_seq(ipmi_smi_t intf, 513 unsigned char seq, 514 short channel, 515 unsigned char cmd, 516 unsigned char netfn, 517 struct ipmi_addr *addr, 518 struct ipmi_recv_msg **recv_msg) 519 { 520 int rv = -ENODEV; 521 unsigned long flags; 522 523 if (seq >= IPMI_IPMB_NUM_SEQ) 524 return -EINVAL; 525 526 spin_lock_irqsave(&(intf->seq_lock), flags); 527 if (intf->seq_table[seq].inuse) { 528 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg; 529 530 if ((msg->addr.channel == channel) 531 && (msg->msg.cmd == cmd) 532 && (msg->msg.netfn == netfn) 533 && (ipmi_addr_equal(addr, &(msg->addr)))) 534 { 535 *recv_msg = msg; 536 intf->seq_table[seq].inuse = 0; 537 rv = 0; 538 } 539 } 540 spin_unlock_irqrestore(&(intf->seq_lock), flags); 541 542 return rv; 543 } 544 545 546 /* Start the timer for a specific sequence table entry. */ 547 static int intf_start_seq_timer(ipmi_smi_t intf, 548 long msgid) 549 { 550 int rv = -ENODEV; 551 unsigned long flags; 552 unsigned char seq; 553 unsigned long seqid; 554 555 556 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 557 558 spin_lock_irqsave(&(intf->seq_lock), flags); 559 /* We do this verification because the user can be deleted 560 while a message is outstanding. */ 561 if ((intf->seq_table[seq].inuse) 562 && (intf->seq_table[seq].seqid == seqid)) 563 { 564 struct seq_table *ent = &(intf->seq_table[seq]); 565 ent->timeout = ent->orig_timeout; 566 rv = 0; 567 } 568 spin_unlock_irqrestore(&(intf->seq_lock), flags); 569 570 return rv; 571 } 572 573 /* Got an error for the send message for a specific sequence number. */ 574 static int intf_err_seq(ipmi_smi_t intf, 575 long msgid, 576 unsigned int err) 577 { 578 int rv = -ENODEV; 579 unsigned long flags; 580 unsigned char seq; 581 unsigned long seqid; 582 struct ipmi_recv_msg *msg = NULL; 583 584 585 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 586 587 spin_lock_irqsave(&(intf->seq_lock), flags); 588 /* We do this verification because the user can be deleted 589 while a message is outstanding. */ 590 if ((intf->seq_table[seq].inuse) 591 && (intf->seq_table[seq].seqid == seqid)) 592 { 593 struct seq_table *ent = &(intf->seq_table[seq]); 594 595 ent->inuse = 0; 596 msg = ent->recv_msg; 597 rv = 0; 598 } 599 spin_unlock_irqrestore(&(intf->seq_lock), flags); 600 601 if (msg) { 602 msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 603 msg->msg_data[0] = err; 604 msg->msg.netfn |= 1; /* Convert to a response. */ 605 msg->msg.data_len = 1; 606 msg->msg.data = msg->msg_data; 607 deliver_response(msg); 608 } 609 610 return rv; 611 } 612 613 614 int ipmi_create_user(unsigned int if_num, 615 struct ipmi_user_hndl *handler, 616 void *handler_data, 617 ipmi_user_t *user) 618 { 619 unsigned long flags; 620 ipmi_user_t new_user; 621 int rv = 0; 622 ipmi_smi_t intf; 623 624 /* There is no module usecount here, because it's not 625 required. Since this can only be used by and called from 626 other modules, they will implicitly use this module, and 627 thus this can't be removed unless the other modules are 628 removed. */ 629 630 if (handler == NULL) 631 return -EINVAL; 632 633 /* Make sure the driver is actually initialized, this handles 634 problems with initialization order. */ 635 if (!initialized) { 636 rv = ipmi_init_msghandler(); 637 if (rv) 638 return rv; 639 640 /* The init code doesn't return an error if it was turned 641 off, but it won't initialize. Check that. */ 642 if (!initialized) 643 return -ENODEV; 644 } 645 646 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL); 647 if (! new_user) 648 return -ENOMEM; 649 650 down_read(&interfaces_sem); 651 if ((if_num >= MAX_IPMI_INTERFACES) || ipmi_interfaces[if_num] == NULL) 652 { 653 rv = -EINVAL; 654 goto out_unlock; 655 } 656 657 intf = ipmi_interfaces[if_num]; 658 659 new_user->handler = handler; 660 new_user->handler_data = handler_data; 661 new_user->intf = intf; 662 new_user->gets_events = 0; 663 664 if (!try_module_get(intf->handlers->owner)) { 665 rv = -ENODEV; 666 goto out_unlock; 667 } 668 669 if (intf->handlers->inc_usecount) { 670 rv = intf->handlers->inc_usecount(intf->send_info); 671 if (rv) { 672 module_put(intf->handlers->owner); 673 goto out_unlock; 674 } 675 } 676 677 write_lock_irqsave(&intf->users_lock, flags); 678 list_add_tail(&new_user->link, &intf->users); 679 write_unlock_irqrestore(&intf->users_lock, flags); 680 681 out_unlock: 682 if (rv) { 683 kfree(new_user); 684 } else { 685 *user = new_user; 686 } 687 688 up_read(&interfaces_sem); 689 return rv; 690 } 691 692 static int ipmi_destroy_user_nolock(ipmi_user_t user) 693 { 694 int rv = -ENODEV; 695 ipmi_user_t t_user; 696 struct cmd_rcvr *rcvr, *rcvr2; 697 int i; 698 unsigned long flags; 699 700 /* Find the user and delete them from the list. */ 701 list_for_each_entry(t_user, &(user->intf->users), link) { 702 if (t_user == user) { 703 list_del(&t_user->link); 704 rv = 0; 705 break; 706 } 707 } 708 709 if (rv) { 710 goto out_unlock; 711 } 712 713 /* Remove the user from the interfaces sequence table. */ 714 spin_lock_irqsave(&(user->intf->seq_lock), flags); 715 for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) { 716 if (user->intf->seq_table[i].inuse 717 && (user->intf->seq_table[i].recv_msg->user == user)) 718 { 719 user->intf->seq_table[i].inuse = 0; 720 } 721 } 722 spin_unlock_irqrestore(&(user->intf->seq_lock), flags); 723 724 /* Remove the user from the command receiver's table. */ 725 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags); 726 list_for_each_entry_safe(rcvr, rcvr2, &(user->intf->cmd_rcvrs), link) { 727 if (rcvr->user == user) { 728 list_del(&rcvr->link); 729 kfree(rcvr); 730 } 731 } 732 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags); 733 734 kfree(user); 735 736 out_unlock: 737 738 return rv; 739 } 740 741 int ipmi_destroy_user(ipmi_user_t user) 742 { 743 int rv; 744 ipmi_smi_t intf = user->intf; 745 unsigned long flags; 746 747 down_read(&interfaces_sem); 748 write_lock_irqsave(&intf->users_lock, flags); 749 rv = ipmi_destroy_user_nolock(user); 750 if (!rv) { 751 module_put(intf->handlers->owner); 752 if (intf->handlers->dec_usecount) 753 intf->handlers->dec_usecount(intf->send_info); 754 } 755 756 write_unlock_irqrestore(&intf->users_lock, flags); 757 up_read(&interfaces_sem); 758 return rv; 759 } 760 761 void ipmi_get_version(ipmi_user_t user, 762 unsigned char *major, 763 unsigned char *minor) 764 { 765 *major = user->intf->version_major; 766 *minor = user->intf->version_minor; 767 } 768 769 void ipmi_set_my_address(ipmi_user_t user, 770 unsigned char address) 771 { 772 user->intf->my_address = address; 773 } 774 775 unsigned char ipmi_get_my_address(ipmi_user_t user) 776 { 777 return user->intf->my_address; 778 } 779 780 void ipmi_set_my_LUN(ipmi_user_t user, 781 unsigned char LUN) 782 { 783 user->intf->my_lun = LUN & 0x3; 784 } 785 786 unsigned char ipmi_get_my_LUN(ipmi_user_t user) 787 { 788 return user->intf->my_lun; 789 } 790 791 int ipmi_set_gets_events(ipmi_user_t user, int val) 792 { 793 unsigned long flags; 794 struct ipmi_recv_msg *msg, *msg2; 795 796 read_lock(&(user->intf->users_lock)); 797 spin_lock_irqsave(&(user->intf->events_lock), flags); 798 user->gets_events = val; 799 800 if (val) { 801 /* Deliver any queued events. */ 802 list_for_each_entry_safe(msg, msg2, &(user->intf->waiting_events), link) { 803 list_del(&msg->link); 804 msg->user = user; 805 deliver_response(msg); 806 } 807 } 808 809 spin_unlock_irqrestore(&(user->intf->events_lock), flags); 810 read_unlock(&(user->intf->users_lock)); 811 812 return 0; 813 } 814 815 int ipmi_register_for_cmd(ipmi_user_t user, 816 unsigned char netfn, 817 unsigned char cmd) 818 { 819 struct cmd_rcvr *cmp; 820 unsigned long flags; 821 struct cmd_rcvr *rcvr; 822 int rv = 0; 823 824 825 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL); 826 if (! rcvr) 827 return -ENOMEM; 828 829 read_lock(&(user->intf->users_lock)); 830 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags); 831 if (user->intf->all_cmd_rcvr != NULL) { 832 rv = -EBUSY; 833 goto out_unlock; 834 } 835 836 /* Make sure the command/netfn is not already registered. */ 837 list_for_each_entry(cmp, &(user->intf->cmd_rcvrs), link) { 838 if ((cmp->netfn == netfn) && (cmp->cmd == cmd)) { 839 rv = -EBUSY; 840 break; 841 } 842 } 843 844 if (! rv) { 845 rcvr->cmd = cmd; 846 rcvr->netfn = netfn; 847 rcvr->user = user; 848 list_add_tail(&(rcvr->link), &(user->intf->cmd_rcvrs)); 849 } 850 out_unlock: 851 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags); 852 read_unlock(&(user->intf->users_lock)); 853 854 if (rv) 855 kfree(rcvr); 856 857 return rv; 858 } 859 860 int ipmi_unregister_for_cmd(ipmi_user_t user, 861 unsigned char netfn, 862 unsigned char cmd) 863 { 864 unsigned long flags; 865 struct cmd_rcvr *rcvr; 866 int rv = -ENOENT; 867 868 read_lock(&(user->intf->users_lock)); 869 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags); 870 /* Make sure the command/netfn is not already registered. */ 871 list_for_each_entry(rcvr, &(user->intf->cmd_rcvrs), link) { 872 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) { 873 rv = 0; 874 list_del(&rcvr->link); 875 kfree(rcvr); 876 break; 877 } 878 } 879 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags); 880 read_unlock(&(user->intf->users_lock)); 881 882 return rv; 883 } 884 885 void ipmi_user_set_run_to_completion(ipmi_user_t user, int val) 886 { 887 user->intf->handlers->set_run_to_completion(user->intf->send_info, 888 val); 889 } 890 891 static unsigned char 892 ipmb_checksum(unsigned char *data, int size) 893 { 894 unsigned char csum = 0; 895 896 for (; size > 0; size--, data++) 897 csum += *data; 898 899 return -csum; 900 } 901 902 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg, 903 struct kernel_ipmi_msg *msg, 904 struct ipmi_ipmb_addr *ipmb_addr, 905 long msgid, 906 unsigned char ipmb_seq, 907 int broadcast, 908 unsigned char source_address, 909 unsigned char source_lun) 910 { 911 int i = broadcast; 912 913 /* Format the IPMB header data. */ 914 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 915 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 916 smi_msg->data[2] = ipmb_addr->channel; 917 if (broadcast) 918 smi_msg->data[3] = 0; 919 smi_msg->data[i+3] = ipmb_addr->slave_addr; 920 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3); 921 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2); 922 smi_msg->data[i+6] = source_address; 923 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun; 924 smi_msg->data[i+8] = msg->cmd; 925 926 /* Now tack on the data to the message. */ 927 if (msg->data_len > 0) 928 memcpy(&(smi_msg->data[i+9]), msg->data, 929 msg->data_len); 930 smi_msg->data_size = msg->data_len + 9; 931 932 /* Now calculate the checksum and tack it on. */ 933 smi_msg->data[i+smi_msg->data_size] 934 = ipmb_checksum(&(smi_msg->data[i+6]), 935 smi_msg->data_size-6); 936 937 /* Add on the checksum size and the offset from the 938 broadcast. */ 939 smi_msg->data_size += 1 + i; 940 941 smi_msg->msgid = msgid; 942 } 943 944 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg, 945 struct kernel_ipmi_msg *msg, 946 struct ipmi_lan_addr *lan_addr, 947 long msgid, 948 unsigned char ipmb_seq, 949 unsigned char source_lun) 950 { 951 /* Format the IPMB header data. */ 952 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 953 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 954 smi_msg->data[2] = lan_addr->channel; 955 smi_msg->data[3] = lan_addr->session_handle; 956 smi_msg->data[4] = lan_addr->remote_SWID; 957 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3); 958 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2); 959 smi_msg->data[7] = lan_addr->local_SWID; 960 smi_msg->data[8] = (ipmb_seq << 2) | source_lun; 961 smi_msg->data[9] = msg->cmd; 962 963 /* Now tack on the data to the message. */ 964 if (msg->data_len > 0) 965 memcpy(&(smi_msg->data[10]), msg->data, 966 msg->data_len); 967 smi_msg->data_size = msg->data_len + 10; 968 969 /* Now calculate the checksum and tack it on. */ 970 smi_msg->data[smi_msg->data_size] 971 = ipmb_checksum(&(smi_msg->data[7]), 972 smi_msg->data_size-7); 973 974 /* Add on the checksum size and the offset from the 975 broadcast. */ 976 smi_msg->data_size += 1; 977 978 smi_msg->msgid = msgid; 979 } 980 981 /* Separate from ipmi_request so that the user does not have to be 982 supplied in certain circumstances (mainly at panic time). If 983 messages are supplied, they will be freed, even if an error 984 occurs. */ 985 static inline int i_ipmi_request(ipmi_user_t user, 986 ipmi_smi_t intf, 987 struct ipmi_addr *addr, 988 long msgid, 989 struct kernel_ipmi_msg *msg, 990 void *user_msg_data, 991 void *supplied_smi, 992 struct ipmi_recv_msg *supplied_recv, 993 int priority, 994 unsigned char source_address, 995 unsigned char source_lun, 996 int retries, 997 unsigned int retry_time_ms) 998 { 999 int rv = 0; 1000 struct ipmi_smi_msg *smi_msg; 1001 struct ipmi_recv_msg *recv_msg; 1002 unsigned long flags; 1003 1004 1005 if (supplied_recv) { 1006 recv_msg = supplied_recv; 1007 } else { 1008 recv_msg = ipmi_alloc_recv_msg(); 1009 if (recv_msg == NULL) { 1010 return -ENOMEM; 1011 } 1012 } 1013 recv_msg->user_msg_data = user_msg_data; 1014 1015 if (supplied_smi) { 1016 smi_msg = (struct ipmi_smi_msg *) supplied_smi; 1017 } else { 1018 smi_msg = ipmi_alloc_smi_msg(); 1019 if (smi_msg == NULL) { 1020 ipmi_free_recv_msg(recv_msg); 1021 return -ENOMEM; 1022 } 1023 } 1024 1025 recv_msg->user = user; 1026 recv_msg->msgid = msgid; 1027 /* Store the message to send in the receive message so timeout 1028 responses can get the proper response data. */ 1029 recv_msg->msg = *msg; 1030 1031 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 1032 struct ipmi_system_interface_addr *smi_addr; 1033 1034 if (msg->netfn & 1) { 1035 /* Responses are not allowed to the SMI. */ 1036 rv = -EINVAL; 1037 goto out_err; 1038 } 1039 1040 smi_addr = (struct ipmi_system_interface_addr *) addr; 1041 if (smi_addr->lun > 3) { 1042 spin_lock_irqsave(&intf->counter_lock, flags); 1043 intf->sent_invalid_commands++; 1044 spin_unlock_irqrestore(&intf->counter_lock, flags); 1045 rv = -EINVAL; 1046 goto out_err; 1047 } 1048 1049 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr)); 1050 1051 if ((msg->netfn == IPMI_NETFN_APP_REQUEST) 1052 && ((msg->cmd == IPMI_SEND_MSG_CMD) 1053 || (msg->cmd == IPMI_GET_MSG_CMD) 1054 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) 1055 { 1056 /* We don't let the user do these, since we manage 1057 the sequence numbers. */ 1058 spin_lock_irqsave(&intf->counter_lock, flags); 1059 intf->sent_invalid_commands++; 1060 spin_unlock_irqrestore(&intf->counter_lock, flags); 1061 rv = -EINVAL; 1062 goto out_err; 1063 } 1064 1065 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) { 1066 spin_lock_irqsave(&intf->counter_lock, flags); 1067 intf->sent_invalid_commands++; 1068 spin_unlock_irqrestore(&intf->counter_lock, flags); 1069 rv = -EMSGSIZE; 1070 goto out_err; 1071 } 1072 1073 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3); 1074 smi_msg->data[1] = msg->cmd; 1075 smi_msg->msgid = msgid; 1076 smi_msg->user_data = recv_msg; 1077 if (msg->data_len > 0) 1078 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len); 1079 smi_msg->data_size = msg->data_len + 2; 1080 spin_lock_irqsave(&intf->counter_lock, flags); 1081 intf->sent_local_commands++; 1082 spin_unlock_irqrestore(&intf->counter_lock, flags); 1083 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE) 1084 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 1085 { 1086 struct ipmi_ipmb_addr *ipmb_addr; 1087 unsigned char ipmb_seq; 1088 long seqid; 1089 int broadcast = 0; 1090 1091 if (addr->channel >= IPMI_MAX_CHANNELS) { 1092 spin_lock_irqsave(&intf->counter_lock, flags); 1093 intf->sent_invalid_commands++; 1094 spin_unlock_irqrestore(&intf->counter_lock, flags); 1095 rv = -EINVAL; 1096 goto out_err; 1097 } 1098 1099 if (intf->channels[addr->channel].medium 1100 != IPMI_CHANNEL_MEDIUM_IPMB) 1101 { 1102 spin_lock_irqsave(&intf->counter_lock, flags); 1103 intf->sent_invalid_commands++; 1104 spin_unlock_irqrestore(&intf->counter_lock, flags); 1105 rv = -EINVAL; 1106 goto out_err; 1107 } 1108 1109 if (retries < 0) { 1110 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) 1111 retries = 0; /* Don't retry broadcasts. */ 1112 else 1113 retries = 4; 1114 } 1115 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) { 1116 /* Broadcasts add a zero at the beginning of the 1117 message, but otherwise is the same as an IPMB 1118 address. */ 1119 addr->addr_type = IPMI_IPMB_ADDR_TYPE; 1120 broadcast = 1; 1121 } 1122 1123 1124 /* Default to 1 second retries. */ 1125 if (retry_time_ms == 0) 1126 retry_time_ms = 1000; 1127 1128 /* 9 for the header and 1 for the checksum, plus 1129 possibly one for the broadcast. */ 1130 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) { 1131 spin_lock_irqsave(&intf->counter_lock, flags); 1132 intf->sent_invalid_commands++; 1133 spin_unlock_irqrestore(&intf->counter_lock, flags); 1134 rv = -EMSGSIZE; 1135 goto out_err; 1136 } 1137 1138 ipmb_addr = (struct ipmi_ipmb_addr *) addr; 1139 if (ipmb_addr->lun > 3) { 1140 spin_lock_irqsave(&intf->counter_lock, flags); 1141 intf->sent_invalid_commands++; 1142 spin_unlock_irqrestore(&intf->counter_lock, flags); 1143 rv = -EINVAL; 1144 goto out_err; 1145 } 1146 1147 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr)); 1148 1149 if (recv_msg->msg.netfn & 0x1) { 1150 /* It's a response, so use the user's sequence 1151 from msgid. */ 1152 spin_lock_irqsave(&intf->counter_lock, flags); 1153 intf->sent_ipmb_responses++; 1154 spin_unlock_irqrestore(&intf->counter_lock, flags); 1155 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid, 1156 msgid, broadcast, 1157 source_address, source_lun); 1158 1159 /* Save the receive message so we can use it 1160 to deliver the response. */ 1161 smi_msg->user_data = recv_msg; 1162 } else { 1163 /* It's a command, so get a sequence for it. */ 1164 1165 spin_lock_irqsave(&(intf->seq_lock), flags); 1166 1167 spin_lock(&intf->counter_lock); 1168 intf->sent_ipmb_commands++; 1169 spin_unlock(&intf->counter_lock); 1170 1171 /* Create a sequence number with a 1 second 1172 timeout and 4 retries. */ 1173 rv = intf_next_seq(intf, 1174 recv_msg, 1175 retry_time_ms, 1176 retries, 1177 broadcast, 1178 &ipmb_seq, 1179 &seqid); 1180 if (rv) { 1181 /* We have used up all the sequence numbers, 1182 probably, so abort. */ 1183 spin_unlock_irqrestore(&(intf->seq_lock), 1184 flags); 1185 goto out_err; 1186 } 1187 1188 /* Store the sequence number in the message, 1189 so that when the send message response 1190 comes back we can start the timer. */ 1191 format_ipmb_msg(smi_msg, msg, ipmb_addr, 1192 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1193 ipmb_seq, broadcast, 1194 source_address, source_lun); 1195 1196 /* Copy the message into the recv message data, so we 1197 can retransmit it later if necessary. */ 1198 memcpy(recv_msg->msg_data, smi_msg->data, 1199 smi_msg->data_size); 1200 recv_msg->msg.data = recv_msg->msg_data; 1201 recv_msg->msg.data_len = smi_msg->data_size; 1202 1203 /* We don't unlock until here, because we need 1204 to copy the completed message into the 1205 recv_msg before we release the lock. 1206 Otherwise, race conditions may bite us. I 1207 know that's pretty paranoid, but I prefer 1208 to be correct. */ 1209 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1210 } 1211 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) { 1212 struct ipmi_lan_addr *lan_addr; 1213 unsigned char ipmb_seq; 1214 long seqid; 1215 1216 if (addr->channel > IPMI_NUM_CHANNELS) { 1217 spin_lock_irqsave(&intf->counter_lock, flags); 1218 intf->sent_invalid_commands++; 1219 spin_unlock_irqrestore(&intf->counter_lock, flags); 1220 rv = -EINVAL; 1221 goto out_err; 1222 } 1223 1224 if ((intf->channels[addr->channel].medium 1225 != IPMI_CHANNEL_MEDIUM_8023LAN) 1226 && (intf->channels[addr->channel].medium 1227 != IPMI_CHANNEL_MEDIUM_ASYNC)) 1228 { 1229 spin_lock_irqsave(&intf->counter_lock, flags); 1230 intf->sent_invalid_commands++; 1231 spin_unlock_irqrestore(&intf->counter_lock, flags); 1232 rv = -EINVAL; 1233 goto out_err; 1234 } 1235 1236 retries = 4; 1237 1238 /* Default to 1 second retries. */ 1239 if (retry_time_ms == 0) 1240 retry_time_ms = 1000; 1241 1242 /* 11 for the header and 1 for the checksum. */ 1243 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) { 1244 spin_lock_irqsave(&intf->counter_lock, flags); 1245 intf->sent_invalid_commands++; 1246 spin_unlock_irqrestore(&intf->counter_lock, flags); 1247 rv = -EMSGSIZE; 1248 goto out_err; 1249 } 1250 1251 lan_addr = (struct ipmi_lan_addr *) addr; 1252 if (lan_addr->lun > 3) { 1253 spin_lock_irqsave(&intf->counter_lock, flags); 1254 intf->sent_invalid_commands++; 1255 spin_unlock_irqrestore(&intf->counter_lock, flags); 1256 rv = -EINVAL; 1257 goto out_err; 1258 } 1259 1260 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr)); 1261 1262 if (recv_msg->msg.netfn & 0x1) { 1263 /* It's a response, so use the user's sequence 1264 from msgid. */ 1265 spin_lock_irqsave(&intf->counter_lock, flags); 1266 intf->sent_lan_responses++; 1267 spin_unlock_irqrestore(&intf->counter_lock, flags); 1268 format_lan_msg(smi_msg, msg, lan_addr, msgid, 1269 msgid, source_lun); 1270 1271 /* Save the receive message so we can use it 1272 to deliver the response. */ 1273 smi_msg->user_data = recv_msg; 1274 } else { 1275 /* It's a command, so get a sequence for it. */ 1276 1277 spin_lock_irqsave(&(intf->seq_lock), flags); 1278 1279 spin_lock(&intf->counter_lock); 1280 intf->sent_lan_commands++; 1281 spin_unlock(&intf->counter_lock); 1282 1283 /* Create a sequence number with a 1 second 1284 timeout and 4 retries. */ 1285 rv = intf_next_seq(intf, 1286 recv_msg, 1287 retry_time_ms, 1288 retries, 1289 0, 1290 &ipmb_seq, 1291 &seqid); 1292 if (rv) { 1293 /* We have used up all the sequence numbers, 1294 probably, so abort. */ 1295 spin_unlock_irqrestore(&(intf->seq_lock), 1296 flags); 1297 goto out_err; 1298 } 1299 1300 /* Store the sequence number in the message, 1301 so that when the send message response 1302 comes back we can start the timer. */ 1303 format_lan_msg(smi_msg, msg, lan_addr, 1304 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1305 ipmb_seq, source_lun); 1306 1307 /* Copy the message into the recv message data, so we 1308 can retransmit it later if necessary. */ 1309 memcpy(recv_msg->msg_data, smi_msg->data, 1310 smi_msg->data_size); 1311 recv_msg->msg.data = recv_msg->msg_data; 1312 recv_msg->msg.data_len = smi_msg->data_size; 1313 1314 /* We don't unlock until here, because we need 1315 to copy the completed message into the 1316 recv_msg before we release the lock. 1317 Otherwise, race conditions may bite us. I 1318 know that's pretty paranoid, but I prefer 1319 to be correct. */ 1320 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1321 } 1322 } else { 1323 /* Unknown address type. */ 1324 spin_lock_irqsave(&intf->counter_lock, flags); 1325 intf->sent_invalid_commands++; 1326 spin_unlock_irqrestore(&intf->counter_lock, flags); 1327 rv = -EINVAL; 1328 goto out_err; 1329 } 1330 1331 #ifdef DEBUG_MSGING 1332 { 1333 int m; 1334 for (m=0; m<smi_msg->data_size; m++) 1335 printk(" %2.2x", smi_msg->data[m]); 1336 printk("\n"); 1337 } 1338 #endif 1339 intf->handlers->sender(intf->send_info, smi_msg, priority); 1340 1341 return 0; 1342 1343 out_err: 1344 ipmi_free_smi_msg(smi_msg); 1345 ipmi_free_recv_msg(recv_msg); 1346 return rv; 1347 } 1348 1349 int ipmi_request_settime(ipmi_user_t user, 1350 struct ipmi_addr *addr, 1351 long msgid, 1352 struct kernel_ipmi_msg *msg, 1353 void *user_msg_data, 1354 int priority, 1355 int retries, 1356 unsigned int retry_time_ms) 1357 { 1358 return i_ipmi_request(user, 1359 user->intf, 1360 addr, 1361 msgid, 1362 msg, 1363 user_msg_data, 1364 NULL, NULL, 1365 priority, 1366 user->intf->my_address, 1367 user->intf->my_lun, 1368 retries, 1369 retry_time_ms); 1370 } 1371 1372 int ipmi_request_supply_msgs(ipmi_user_t user, 1373 struct ipmi_addr *addr, 1374 long msgid, 1375 struct kernel_ipmi_msg *msg, 1376 void *user_msg_data, 1377 void *supplied_smi, 1378 struct ipmi_recv_msg *supplied_recv, 1379 int priority) 1380 { 1381 return i_ipmi_request(user, 1382 user->intf, 1383 addr, 1384 msgid, 1385 msg, 1386 user_msg_data, 1387 supplied_smi, 1388 supplied_recv, 1389 priority, 1390 user->intf->my_address, 1391 user->intf->my_lun, 1392 -1, 0); 1393 } 1394 1395 static int ipmb_file_read_proc(char *page, char **start, off_t off, 1396 int count, int *eof, void *data) 1397 { 1398 char *out = (char *) page; 1399 ipmi_smi_t intf = data; 1400 1401 return sprintf(out, "%x\n", intf->my_address); 1402 } 1403 1404 static int version_file_read_proc(char *page, char **start, off_t off, 1405 int count, int *eof, void *data) 1406 { 1407 char *out = (char *) page; 1408 ipmi_smi_t intf = data; 1409 1410 return sprintf(out, "%d.%d\n", 1411 intf->version_major, intf->version_minor); 1412 } 1413 1414 static int stat_file_read_proc(char *page, char **start, off_t off, 1415 int count, int *eof, void *data) 1416 { 1417 char *out = (char *) page; 1418 ipmi_smi_t intf = data; 1419 1420 out += sprintf(out, "sent_invalid_commands: %d\n", 1421 intf->sent_invalid_commands); 1422 out += sprintf(out, "sent_local_commands: %d\n", 1423 intf->sent_local_commands); 1424 out += sprintf(out, "handled_local_responses: %d\n", 1425 intf->handled_local_responses); 1426 out += sprintf(out, "unhandled_local_responses: %d\n", 1427 intf->unhandled_local_responses); 1428 out += sprintf(out, "sent_ipmb_commands: %d\n", 1429 intf->sent_ipmb_commands); 1430 out += sprintf(out, "sent_ipmb_command_errs: %d\n", 1431 intf->sent_ipmb_command_errs); 1432 out += sprintf(out, "retransmitted_ipmb_commands: %d\n", 1433 intf->retransmitted_ipmb_commands); 1434 out += sprintf(out, "timed_out_ipmb_commands: %d\n", 1435 intf->timed_out_ipmb_commands); 1436 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n", 1437 intf->timed_out_ipmb_broadcasts); 1438 out += sprintf(out, "sent_ipmb_responses: %d\n", 1439 intf->sent_ipmb_responses); 1440 out += sprintf(out, "handled_ipmb_responses: %d\n", 1441 intf->handled_ipmb_responses); 1442 out += sprintf(out, "invalid_ipmb_responses: %d\n", 1443 intf->invalid_ipmb_responses); 1444 out += sprintf(out, "unhandled_ipmb_responses: %d\n", 1445 intf->unhandled_ipmb_responses); 1446 out += sprintf(out, "sent_lan_commands: %d\n", 1447 intf->sent_lan_commands); 1448 out += sprintf(out, "sent_lan_command_errs: %d\n", 1449 intf->sent_lan_command_errs); 1450 out += sprintf(out, "retransmitted_lan_commands: %d\n", 1451 intf->retransmitted_lan_commands); 1452 out += sprintf(out, "timed_out_lan_commands: %d\n", 1453 intf->timed_out_lan_commands); 1454 out += sprintf(out, "sent_lan_responses: %d\n", 1455 intf->sent_lan_responses); 1456 out += sprintf(out, "handled_lan_responses: %d\n", 1457 intf->handled_lan_responses); 1458 out += sprintf(out, "invalid_lan_responses: %d\n", 1459 intf->invalid_lan_responses); 1460 out += sprintf(out, "unhandled_lan_responses: %d\n", 1461 intf->unhandled_lan_responses); 1462 out += sprintf(out, "handled_commands: %d\n", 1463 intf->handled_commands); 1464 out += sprintf(out, "invalid_commands: %d\n", 1465 intf->invalid_commands); 1466 out += sprintf(out, "unhandled_commands: %d\n", 1467 intf->unhandled_commands); 1468 out += sprintf(out, "invalid_events: %d\n", 1469 intf->invalid_events); 1470 out += sprintf(out, "events: %d\n", 1471 intf->events); 1472 1473 return (out - ((char *) page)); 1474 } 1475 1476 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name, 1477 read_proc_t *read_proc, write_proc_t *write_proc, 1478 void *data, struct module *owner) 1479 { 1480 int rv = 0; 1481 #ifdef CONFIG_PROC_FS 1482 struct proc_dir_entry *file; 1483 struct ipmi_proc_entry *entry; 1484 1485 /* Create a list element. */ 1486 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 1487 if (!entry) 1488 return -ENOMEM; 1489 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL); 1490 if (!entry->name) { 1491 kfree(entry); 1492 return -ENOMEM; 1493 } 1494 strcpy(entry->name, name); 1495 1496 file = create_proc_entry(name, 0, smi->proc_dir); 1497 if (!file) { 1498 kfree(entry->name); 1499 kfree(entry); 1500 rv = -ENOMEM; 1501 } else { 1502 file->nlink = 1; 1503 file->data = data; 1504 file->read_proc = read_proc; 1505 file->write_proc = write_proc; 1506 file->owner = owner; 1507 1508 spin_lock(&smi->proc_entry_lock); 1509 /* Stick it on the list. */ 1510 entry->next = smi->proc_entries; 1511 smi->proc_entries = entry; 1512 spin_unlock(&smi->proc_entry_lock); 1513 } 1514 #endif /* CONFIG_PROC_FS */ 1515 1516 return rv; 1517 } 1518 1519 static int add_proc_entries(ipmi_smi_t smi, int num) 1520 { 1521 int rv = 0; 1522 1523 #ifdef CONFIG_PROC_FS 1524 sprintf(smi->proc_dir_name, "%d", num); 1525 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root); 1526 if (!smi->proc_dir) 1527 rv = -ENOMEM; 1528 else { 1529 smi->proc_dir->owner = THIS_MODULE; 1530 } 1531 1532 if (rv == 0) 1533 rv = ipmi_smi_add_proc_entry(smi, "stats", 1534 stat_file_read_proc, NULL, 1535 smi, THIS_MODULE); 1536 1537 if (rv == 0) 1538 rv = ipmi_smi_add_proc_entry(smi, "ipmb", 1539 ipmb_file_read_proc, NULL, 1540 smi, THIS_MODULE); 1541 1542 if (rv == 0) 1543 rv = ipmi_smi_add_proc_entry(smi, "version", 1544 version_file_read_proc, NULL, 1545 smi, THIS_MODULE); 1546 #endif /* CONFIG_PROC_FS */ 1547 1548 return rv; 1549 } 1550 1551 static void remove_proc_entries(ipmi_smi_t smi) 1552 { 1553 #ifdef CONFIG_PROC_FS 1554 struct ipmi_proc_entry *entry; 1555 1556 spin_lock(&smi->proc_entry_lock); 1557 while (smi->proc_entries) { 1558 entry = smi->proc_entries; 1559 smi->proc_entries = entry->next; 1560 1561 remove_proc_entry(entry->name, smi->proc_dir); 1562 kfree(entry->name); 1563 kfree(entry); 1564 } 1565 spin_unlock(&smi->proc_entry_lock); 1566 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root); 1567 #endif /* CONFIG_PROC_FS */ 1568 } 1569 1570 static int 1571 send_channel_info_cmd(ipmi_smi_t intf, int chan) 1572 { 1573 struct kernel_ipmi_msg msg; 1574 unsigned char data[1]; 1575 struct ipmi_system_interface_addr si; 1576 1577 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 1578 si.channel = IPMI_BMC_CHANNEL; 1579 si.lun = 0; 1580 1581 msg.netfn = IPMI_NETFN_APP_REQUEST; 1582 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD; 1583 msg.data = data; 1584 msg.data_len = 1; 1585 data[0] = chan; 1586 return i_ipmi_request(NULL, 1587 intf, 1588 (struct ipmi_addr *) &si, 1589 0, 1590 &msg, 1591 NULL, 1592 NULL, 1593 NULL, 1594 0, 1595 intf->my_address, 1596 intf->my_lun, 1597 -1, 0); 1598 } 1599 1600 static void 1601 channel_handler(ipmi_smi_t intf, struct ipmi_smi_msg *msg) 1602 { 1603 int rv = 0; 1604 int chan; 1605 1606 if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2)) 1607 && (msg->rsp[1] == IPMI_GET_CHANNEL_INFO_CMD)) 1608 { 1609 /* It's the one we want */ 1610 if (msg->rsp[2] != 0) { 1611 /* Got an error from the channel, just go on. */ 1612 1613 if (msg->rsp[2] == IPMI_INVALID_COMMAND_ERR) { 1614 /* If the MC does not support this 1615 command, that is legal. We just 1616 assume it has one IPMB at channel 1617 zero. */ 1618 intf->channels[0].medium 1619 = IPMI_CHANNEL_MEDIUM_IPMB; 1620 intf->channels[0].protocol 1621 = IPMI_CHANNEL_PROTOCOL_IPMB; 1622 rv = -ENOSYS; 1623 1624 intf->curr_channel = IPMI_MAX_CHANNELS; 1625 wake_up(&intf->waitq); 1626 goto out; 1627 } 1628 goto next_channel; 1629 } 1630 if (msg->rsp_size < 6) { 1631 /* Message not big enough, just go on. */ 1632 goto next_channel; 1633 } 1634 chan = intf->curr_channel; 1635 intf->channels[chan].medium = msg->rsp[4] & 0x7f; 1636 intf->channels[chan].protocol = msg->rsp[5] & 0x1f; 1637 1638 next_channel: 1639 intf->curr_channel++; 1640 if (intf->curr_channel >= IPMI_MAX_CHANNELS) 1641 wake_up(&intf->waitq); 1642 else 1643 rv = send_channel_info_cmd(intf, intf->curr_channel); 1644 1645 if (rv) { 1646 /* Got an error somehow, just give up. */ 1647 intf->curr_channel = IPMI_MAX_CHANNELS; 1648 wake_up(&intf->waitq); 1649 1650 printk(KERN_WARNING PFX 1651 "Error sending channel information: %d\n", 1652 rv); 1653 } 1654 } 1655 out: 1656 return; 1657 } 1658 1659 int ipmi_register_smi(struct ipmi_smi_handlers *handlers, 1660 void *send_info, 1661 unsigned char version_major, 1662 unsigned char version_minor, 1663 unsigned char slave_addr, 1664 ipmi_smi_t *intf) 1665 { 1666 int i, j; 1667 int rv; 1668 ipmi_smi_t new_intf; 1669 unsigned long flags; 1670 1671 1672 /* Make sure the driver is actually initialized, this handles 1673 problems with initialization order. */ 1674 if (!initialized) { 1675 rv = ipmi_init_msghandler(); 1676 if (rv) 1677 return rv; 1678 /* The init code doesn't return an error if it was turned 1679 off, but it won't initialize. Check that. */ 1680 if (!initialized) 1681 return -ENODEV; 1682 } 1683 1684 new_intf = kmalloc(sizeof(*new_intf), GFP_KERNEL); 1685 if (!new_intf) 1686 return -ENOMEM; 1687 memset(new_intf, 0, sizeof(*new_intf)); 1688 1689 new_intf->proc_dir = NULL; 1690 1691 rv = -ENOMEM; 1692 1693 down_write(&interfaces_sem); 1694 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 1695 if (ipmi_interfaces[i] == NULL) { 1696 new_intf->intf_num = i; 1697 new_intf->version_major = version_major; 1698 new_intf->version_minor = version_minor; 1699 if (slave_addr == 0) 1700 new_intf->my_address = IPMI_BMC_SLAVE_ADDR; 1701 else 1702 new_intf->my_address = slave_addr; 1703 new_intf->my_lun = 2; /* the SMS LUN. */ 1704 rwlock_init(&(new_intf->users_lock)); 1705 INIT_LIST_HEAD(&(new_intf->users)); 1706 new_intf->handlers = handlers; 1707 new_intf->send_info = send_info; 1708 spin_lock_init(&(new_intf->seq_lock)); 1709 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) { 1710 new_intf->seq_table[j].inuse = 0; 1711 new_intf->seq_table[j].seqid = 0; 1712 } 1713 new_intf->curr_seq = 0; 1714 #ifdef CONFIG_PROC_FS 1715 spin_lock_init(&(new_intf->proc_entry_lock)); 1716 #endif 1717 spin_lock_init(&(new_intf->waiting_msgs_lock)); 1718 INIT_LIST_HEAD(&(new_intf->waiting_msgs)); 1719 spin_lock_init(&(new_intf->events_lock)); 1720 INIT_LIST_HEAD(&(new_intf->waiting_events)); 1721 new_intf->waiting_events_count = 0; 1722 rwlock_init(&(new_intf->cmd_rcvr_lock)); 1723 init_waitqueue_head(&new_intf->waitq); 1724 INIT_LIST_HEAD(&(new_intf->cmd_rcvrs)); 1725 new_intf->all_cmd_rcvr = NULL; 1726 1727 spin_lock_init(&(new_intf->counter_lock)); 1728 1729 spin_lock_irqsave(&interfaces_lock, flags); 1730 ipmi_interfaces[i] = new_intf; 1731 spin_unlock_irqrestore(&interfaces_lock, flags); 1732 1733 rv = 0; 1734 *intf = new_intf; 1735 break; 1736 } 1737 } 1738 1739 downgrade_write(&interfaces_sem); 1740 1741 if (rv == 0) 1742 rv = add_proc_entries(*intf, i); 1743 1744 if (rv == 0) { 1745 if ((version_major > 1) 1746 || ((version_major == 1) && (version_minor >= 5))) 1747 { 1748 /* Start scanning the channels to see what is 1749 available. */ 1750 (*intf)->null_user_handler = channel_handler; 1751 (*intf)->curr_channel = 0; 1752 rv = send_channel_info_cmd(*intf, 0); 1753 if (rv) 1754 goto out; 1755 1756 /* Wait for the channel info to be read. */ 1757 up_read(&interfaces_sem); 1758 wait_event((*intf)->waitq, 1759 ((*intf)->curr_channel>=IPMI_MAX_CHANNELS)); 1760 down_read(&interfaces_sem); 1761 1762 if (ipmi_interfaces[i] != new_intf) 1763 /* Well, it went away. Just return. */ 1764 goto out; 1765 } else { 1766 /* Assume a single IPMB channel at zero. */ 1767 (*intf)->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB; 1768 (*intf)->channels[0].protocol 1769 = IPMI_CHANNEL_PROTOCOL_IPMB; 1770 } 1771 1772 /* Call all the watcher interfaces to tell 1773 them that a new interface is available. */ 1774 call_smi_watchers(i); 1775 } 1776 1777 out: 1778 up_read(&interfaces_sem); 1779 1780 if (rv) { 1781 if (new_intf->proc_dir) 1782 remove_proc_entries(new_intf); 1783 kfree(new_intf); 1784 } 1785 1786 return rv; 1787 } 1788 1789 static void free_recv_msg_list(struct list_head *q) 1790 { 1791 struct ipmi_recv_msg *msg, *msg2; 1792 1793 list_for_each_entry_safe(msg, msg2, q, link) { 1794 list_del(&msg->link); 1795 ipmi_free_recv_msg(msg); 1796 } 1797 } 1798 1799 static void free_cmd_rcvr_list(struct list_head *q) 1800 { 1801 struct cmd_rcvr *rcvr, *rcvr2; 1802 1803 list_for_each_entry_safe(rcvr, rcvr2, q, link) { 1804 list_del(&rcvr->link); 1805 kfree(rcvr); 1806 } 1807 } 1808 1809 static void clean_up_interface_data(ipmi_smi_t intf) 1810 { 1811 int i; 1812 1813 free_recv_msg_list(&(intf->waiting_msgs)); 1814 free_recv_msg_list(&(intf->waiting_events)); 1815 free_cmd_rcvr_list(&(intf->cmd_rcvrs)); 1816 1817 for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) { 1818 if ((intf->seq_table[i].inuse) 1819 && (intf->seq_table[i].recv_msg)) 1820 { 1821 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 1822 } 1823 } 1824 } 1825 1826 int ipmi_unregister_smi(ipmi_smi_t intf) 1827 { 1828 int rv = -ENODEV; 1829 int i; 1830 struct ipmi_smi_watcher *w; 1831 unsigned long flags; 1832 1833 down_write(&interfaces_sem); 1834 if (list_empty(&(intf->users))) 1835 { 1836 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 1837 if (ipmi_interfaces[i] == intf) { 1838 remove_proc_entries(intf); 1839 spin_lock_irqsave(&interfaces_lock, flags); 1840 ipmi_interfaces[i] = NULL; 1841 clean_up_interface_data(intf); 1842 spin_unlock_irqrestore(&interfaces_lock,flags); 1843 kfree(intf); 1844 rv = 0; 1845 goto out_call_watcher; 1846 } 1847 } 1848 } else { 1849 rv = -EBUSY; 1850 } 1851 up_write(&interfaces_sem); 1852 1853 return rv; 1854 1855 out_call_watcher: 1856 downgrade_write(&interfaces_sem); 1857 1858 /* Call all the watcher interfaces to tell them that 1859 an interface is gone. */ 1860 down_read(&smi_watchers_sem); 1861 list_for_each_entry(w, &smi_watchers, link) { 1862 w->smi_gone(i); 1863 } 1864 up_read(&smi_watchers_sem); 1865 up_read(&interfaces_sem); 1866 return 0; 1867 } 1868 1869 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf, 1870 struct ipmi_smi_msg *msg) 1871 { 1872 struct ipmi_ipmb_addr ipmb_addr; 1873 struct ipmi_recv_msg *recv_msg; 1874 unsigned long flags; 1875 1876 1877 /* This is 11, not 10, because the response must contain a 1878 * completion code. */ 1879 if (msg->rsp_size < 11) { 1880 /* Message not big enough, just ignore it. */ 1881 spin_lock_irqsave(&intf->counter_lock, flags); 1882 intf->invalid_ipmb_responses++; 1883 spin_unlock_irqrestore(&intf->counter_lock, flags); 1884 return 0; 1885 } 1886 1887 if (msg->rsp[2] != 0) { 1888 /* An error getting the response, just ignore it. */ 1889 return 0; 1890 } 1891 1892 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE; 1893 ipmb_addr.slave_addr = msg->rsp[6]; 1894 ipmb_addr.channel = msg->rsp[3] & 0x0f; 1895 ipmb_addr.lun = msg->rsp[7] & 3; 1896 1897 /* It's a response from a remote entity. Look up the sequence 1898 number and handle the response. */ 1899 if (intf_find_seq(intf, 1900 msg->rsp[7] >> 2, 1901 msg->rsp[3] & 0x0f, 1902 msg->rsp[8], 1903 (msg->rsp[4] >> 2) & (~1), 1904 (struct ipmi_addr *) &(ipmb_addr), 1905 &recv_msg)) 1906 { 1907 /* We were unable to find the sequence number, 1908 so just nuke the message. */ 1909 spin_lock_irqsave(&intf->counter_lock, flags); 1910 intf->unhandled_ipmb_responses++; 1911 spin_unlock_irqrestore(&intf->counter_lock, flags); 1912 return 0; 1913 } 1914 1915 memcpy(recv_msg->msg_data, 1916 &(msg->rsp[9]), 1917 msg->rsp_size - 9); 1918 /* THe other fields matched, so no need to set them, except 1919 for netfn, which needs to be the response that was 1920 returned, not the request value. */ 1921 recv_msg->msg.netfn = msg->rsp[4] >> 2; 1922 recv_msg->msg.data = recv_msg->msg_data; 1923 recv_msg->msg.data_len = msg->rsp_size - 10; 1924 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 1925 spin_lock_irqsave(&intf->counter_lock, flags); 1926 intf->handled_ipmb_responses++; 1927 spin_unlock_irqrestore(&intf->counter_lock, flags); 1928 deliver_response(recv_msg); 1929 1930 return 0; 1931 } 1932 1933 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf, 1934 struct ipmi_smi_msg *msg) 1935 { 1936 struct cmd_rcvr *rcvr; 1937 int rv = 0; 1938 unsigned char netfn; 1939 unsigned char cmd; 1940 ipmi_user_t user = NULL; 1941 struct ipmi_ipmb_addr *ipmb_addr; 1942 struct ipmi_recv_msg *recv_msg; 1943 unsigned long flags; 1944 1945 if (msg->rsp_size < 10) { 1946 /* Message not big enough, just ignore it. */ 1947 spin_lock_irqsave(&intf->counter_lock, flags); 1948 intf->invalid_commands++; 1949 spin_unlock_irqrestore(&intf->counter_lock, flags); 1950 return 0; 1951 } 1952 1953 if (msg->rsp[2] != 0) { 1954 /* An error getting the response, just ignore it. */ 1955 return 0; 1956 } 1957 1958 netfn = msg->rsp[4] >> 2; 1959 cmd = msg->rsp[8]; 1960 1961 read_lock(&(intf->cmd_rcvr_lock)); 1962 1963 if (intf->all_cmd_rcvr) { 1964 user = intf->all_cmd_rcvr; 1965 } else { 1966 /* Find the command/netfn. */ 1967 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) { 1968 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) { 1969 user = rcvr->user; 1970 break; 1971 } 1972 } 1973 } 1974 read_unlock(&(intf->cmd_rcvr_lock)); 1975 1976 if (user == NULL) { 1977 /* We didn't find a user, deliver an error response. */ 1978 spin_lock_irqsave(&intf->counter_lock, flags); 1979 intf->unhandled_commands++; 1980 spin_unlock_irqrestore(&intf->counter_lock, flags); 1981 1982 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1983 msg->data[1] = IPMI_SEND_MSG_CMD; 1984 msg->data[2] = msg->rsp[3]; 1985 msg->data[3] = msg->rsp[6]; 1986 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3); 1987 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2); 1988 msg->data[6] = intf->my_address; 1989 /* rqseq/lun */ 1990 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3); 1991 msg->data[8] = msg->rsp[8]; /* cmd */ 1992 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE; 1993 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4); 1994 msg->data_size = 11; 1995 1996 #ifdef DEBUG_MSGING 1997 { 1998 int m; 1999 printk("Invalid command:"); 2000 for (m=0; m<msg->data_size; m++) 2001 printk(" %2.2x", msg->data[m]); 2002 printk("\n"); 2003 } 2004 #endif 2005 intf->handlers->sender(intf->send_info, msg, 0); 2006 2007 rv = -1; /* We used the message, so return the value that 2008 causes it to not be freed or queued. */ 2009 } else { 2010 /* Deliver the message to the user. */ 2011 spin_lock_irqsave(&intf->counter_lock, flags); 2012 intf->handled_commands++; 2013 spin_unlock_irqrestore(&intf->counter_lock, flags); 2014 2015 recv_msg = ipmi_alloc_recv_msg(); 2016 if (! recv_msg) { 2017 /* We couldn't allocate memory for the 2018 message, so requeue it for handling 2019 later. */ 2020 rv = 1; 2021 } else { 2022 /* Extract the source address from the data. */ 2023 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr; 2024 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE; 2025 ipmb_addr->slave_addr = msg->rsp[6]; 2026 ipmb_addr->lun = msg->rsp[7] & 3; 2027 ipmb_addr->channel = msg->rsp[3] & 0xf; 2028 2029 /* Extract the rest of the message information 2030 from the IPMB header.*/ 2031 recv_msg->user = user; 2032 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 2033 recv_msg->msgid = msg->rsp[7] >> 2; 2034 recv_msg->msg.netfn = msg->rsp[4] >> 2; 2035 recv_msg->msg.cmd = msg->rsp[8]; 2036 recv_msg->msg.data = recv_msg->msg_data; 2037 2038 /* We chop off 10, not 9 bytes because the checksum 2039 at the end also needs to be removed. */ 2040 recv_msg->msg.data_len = msg->rsp_size - 10; 2041 memcpy(recv_msg->msg_data, 2042 &(msg->rsp[9]), 2043 msg->rsp_size - 10); 2044 deliver_response(recv_msg); 2045 } 2046 } 2047 2048 return rv; 2049 } 2050 2051 static int handle_lan_get_msg_rsp(ipmi_smi_t intf, 2052 struct ipmi_smi_msg *msg) 2053 { 2054 struct ipmi_lan_addr lan_addr; 2055 struct ipmi_recv_msg *recv_msg; 2056 unsigned long flags; 2057 2058 2059 /* This is 13, not 12, because the response must contain a 2060 * completion code. */ 2061 if (msg->rsp_size < 13) { 2062 /* Message not big enough, just ignore it. */ 2063 spin_lock_irqsave(&intf->counter_lock, flags); 2064 intf->invalid_lan_responses++; 2065 spin_unlock_irqrestore(&intf->counter_lock, flags); 2066 return 0; 2067 } 2068 2069 if (msg->rsp[2] != 0) { 2070 /* An error getting the response, just ignore it. */ 2071 return 0; 2072 } 2073 2074 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE; 2075 lan_addr.session_handle = msg->rsp[4]; 2076 lan_addr.remote_SWID = msg->rsp[8]; 2077 lan_addr.local_SWID = msg->rsp[5]; 2078 lan_addr.channel = msg->rsp[3] & 0x0f; 2079 lan_addr.privilege = msg->rsp[3] >> 4; 2080 lan_addr.lun = msg->rsp[9] & 3; 2081 2082 /* It's a response from a remote entity. Look up the sequence 2083 number and handle the response. */ 2084 if (intf_find_seq(intf, 2085 msg->rsp[9] >> 2, 2086 msg->rsp[3] & 0x0f, 2087 msg->rsp[10], 2088 (msg->rsp[6] >> 2) & (~1), 2089 (struct ipmi_addr *) &(lan_addr), 2090 &recv_msg)) 2091 { 2092 /* We were unable to find the sequence number, 2093 so just nuke the message. */ 2094 spin_lock_irqsave(&intf->counter_lock, flags); 2095 intf->unhandled_lan_responses++; 2096 spin_unlock_irqrestore(&intf->counter_lock, flags); 2097 return 0; 2098 } 2099 2100 memcpy(recv_msg->msg_data, 2101 &(msg->rsp[11]), 2102 msg->rsp_size - 11); 2103 /* The other fields matched, so no need to set them, except 2104 for netfn, which needs to be the response that was 2105 returned, not the request value. */ 2106 recv_msg->msg.netfn = msg->rsp[6] >> 2; 2107 recv_msg->msg.data = recv_msg->msg_data; 2108 recv_msg->msg.data_len = msg->rsp_size - 12; 2109 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 2110 spin_lock_irqsave(&intf->counter_lock, flags); 2111 intf->handled_lan_responses++; 2112 spin_unlock_irqrestore(&intf->counter_lock, flags); 2113 deliver_response(recv_msg); 2114 2115 return 0; 2116 } 2117 2118 static int handle_lan_get_msg_cmd(ipmi_smi_t intf, 2119 struct ipmi_smi_msg *msg) 2120 { 2121 struct cmd_rcvr *rcvr; 2122 int rv = 0; 2123 unsigned char netfn; 2124 unsigned char cmd; 2125 ipmi_user_t user = NULL; 2126 struct ipmi_lan_addr *lan_addr; 2127 struct ipmi_recv_msg *recv_msg; 2128 unsigned long flags; 2129 2130 if (msg->rsp_size < 12) { 2131 /* Message not big enough, just ignore it. */ 2132 spin_lock_irqsave(&intf->counter_lock, flags); 2133 intf->invalid_commands++; 2134 spin_unlock_irqrestore(&intf->counter_lock, flags); 2135 return 0; 2136 } 2137 2138 if (msg->rsp[2] != 0) { 2139 /* An error getting the response, just ignore it. */ 2140 return 0; 2141 } 2142 2143 netfn = msg->rsp[6] >> 2; 2144 cmd = msg->rsp[10]; 2145 2146 read_lock(&(intf->cmd_rcvr_lock)); 2147 2148 if (intf->all_cmd_rcvr) { 2149 user = intf->all_cmd_rcvr; 2150 } else { 2151 /* Find the command/netfn. */ 2152 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) { 2153 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) { 2154 user = rcvr->user; 2155 break; 2156 } 2157 } 2158 } 2159 read_unlock(&(intf->cmd_rcvr_lock)); 2160 2161 if (user == NULL) { 2162 /* We didn't find a user, deliver an error response. */ 2163 spin_lock_irqsave(&intf->counter_lock, flags); 2164 intf->unhandled_commands++; 2165 spin_unlock_irqrestore(&intf->counter_lock, flags); 2166 2167 rv = 0; /* Don't do anything with these messages, just 2168 allow them to be freed. */ 2169 } else { 2170 /* Deliver the message to the user. */ 2171 spin_lock_irqsave(&intf->counter_lock, flags); 2172 intf->handled_commands++; 2173 spin_unlock_irqrestore(&intf->counter_lock, flags); 2174 2175 recv_msg = ipmi_alloc_recv_msg(); 2176 if (! recv_msg) { 2177 /* We couldn't allocate memory for the 2178 message, so requeue it for handling 2179 later. */ 2180 rv = 1; 2181 } else { 2182 /* Extract the source address from the data. */ 2183 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr; 2184 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE; 2185 lan_addr->session_handle = msg->rsp[4]; 2186 lan_addr->remote_SWID = msg->rsp[8]; 2187 lan_addr->local_SWID = msg->rsp[5]; 2188 lan_addr->lun = msg->rsp[9] & 3; 2189 lan_addr->channel = msg->rsp[3] & 0xf; 2190 lan_addr->privilege = msg->rsp[3] >> 4; 2191 2192 /* Extract the rest of the message information 2193 from the IPMB header.*/ 2194 recv_msg->user = user; 2195 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 2196 recv_msg->msgid = msg->rsp[9] >> 2; 2197 recv_msg->msg.netfn = msg->rsp[6] >> 2; 2198 recv_msg->msg.cmd = msg->rsp[10]; 2199 recv_msg->msg.data = recv_msg->msg_data; 2200 2201 /* We chop off 12, not 11 bytes because the checksum 2202 at the end also needs to be removed. */ 2203 recv_msg->msg.data_len = msg->rsp_size - 12; 2204 memcpy(recv_msg->msg_data, 2205 &(msg->rsp[11]), 2206 msg->rsp_size - 12); 2207 deliver_response(recv_msg); 2208 } 2209 } 2210 2211 return rv; 2212 } 2213 2214 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg, 2215 struct ipmi_smi_msg *msg) 2216 { 2217 struct ipmi_system_interface_addr *smi_addr; 2218 2219 recv_msg->msgid = 0; 2220 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr); 2221 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2222 smi_addr->channel = IPMI_BMC_CHANNEL; 2223 smi_addr->lun = msg->rsp[0] & 3; 2224 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE; 2225 recv_msg->msg.netfn = msg->rsp[0] >> 2; 2226 recv_msg->msg.cmd = msg->rsp[1]; 2227 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3); 2228 recv_msg->msg.data = recv_msg->msg_data; 2229 recv_msg->msg.data_len = msg->rsp_size - 3; 2230 } 2231 2232 /* This will be called with the intf->users_lock read-locked, so no need 2233 to do that here. */ 2234 static int handle_read_event_rsp(ipmi_smi_t intf, 2235 struct ipmi_smi_msg *msg) 2236 { 2237 struct ipmi_recv_msg *recv_msg, *recv_msg2; 2238 struct list_head msgs; 2239 ipmi_user_t user; 2240 int rv = 0; 2241 int deliver_count = 0; 2242 unsigned long flags; 2243 2244 if (msg->rsp_size < 19) { 2245 /* Message is too small to be an IPMB event. */ 2246 spin_lock_irqsave(&intf->counter_lock, flags); 2247 intf->invalid_events++; 2248 spin_unlock_irqrestore(&intf->counter_lock, flags); 2249 return 0; 2250 } 2251 2252 if (msg->rsp[2] != 0) { 2253 /* An error getting the event, just ignore it. */ 2254 return 0; 2255 } 2256 2257 INIT_LIST_HEAD(&msgs); 2258 2259 spin_lock_irqsave(&(intf->events_lock), flags); 2260 2261 spin_lock(&intf->counter_lock); 2262 intf->events++; 2263 spin_unlock(&intf->counter_lock); 2264 2265 /* Allocate and fill in one message for every user that is getting 2266 events. */ 2267 list_for_each_entry(user, &(intf->users), link) { 2268 if (! user->gets_events) 2269 continue; 2270 2271 recv_msg = ipmi_alloc_recv_msg(); 2272 if (! recv_msg) { 2273 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) { 2274 list_del(&recv_msg->link); 2275 ipmi_free_recv_msg(recv_msg); 2276 } 2277 /* We couldn't allocate memory for the 2278 message, so requeue it for handling 2279 later. */ 2280 rv = 1; 2281 goto out; 2282 } 2283 2284 deliver_count++; 2285 2286 copy_event_into_recv_msg(recv_msg, msg); 2287 recv_msg->user = user; 2288 list_add_tail(&(recv_msg->link), &msgs); 2289 } 2290 2291 if (deliver_count) { 2292 /* Now deliver all the messages. */ 2293 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) { 2294 list_del(&recv_msg->link); 2295 deliver_response(recv_msg); 2296 } 2297 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) { 2298 /* No one to receive the message, put it in queue if there's 2299 not already too many things in the queue. */ 2300 recv_msg = ipmi_alloc_recv_msg(); 2301 if (! recv_msg) { 2302 /* We couldn't allocate memory for the 2303 message, so requeue it for handling 2304 later. */ 2305 rv = 1; 2306 goto out; 2307 } 2308 2309 copy_event_into_recv_msg(recv_msg, msg); 2310 list_add_tail(&(recv_msg->link), &(intf->waiting_events)); 2311 } else { 2312 /* There's too many things in the queue, discard this 2313 message. */ 2314 printk(KERN_WARNING PFX "Event queue full, discarding an" 2315 " incoming event\n"); 2316 } 2317 2318 out: 2319 spin_unlock_irqrestore(&(intf->events_lock), flags); 2320 2321 return rv; 2322 } 2323 2324 static int handle_bmc_rsp(ipmi_smi_t intf, 2325 struct ipmi_smi_msg *msg) 2326 { 2327 struct ipmi_recv_msg *recv_msg; 2328 int found = 0; 2329 struct ipmi_user *user; 2330 unsigned long flags; 2331 2332 recv_msg = (struct ipmi_recv_msg *) msg->user_data; 2333 2334 /* Make sure the user still exists. */ 2335 list_for_each_entry(user, &(intf->users), link) { 2336 if (user == recv_msg->user) { 2337 /* Found it, so we can deliver it */ 2338 found = 1; 2339 break; 2340 } 2341 } 2342 2343 if (!found) { 2344 /* Special handling for NULL users. */ 2345 if (!recv_msg->user && intf->null_user_handler){ 2346 intf->null_user_handler(intf, msg); 2347 spin_lock_irqsave(&intf->counter_lock, flags); 2348 intf->handled_local_responses++; 2349 spin_unlock_irqrestore(&intf->counter_lock, flags); 2350 }else{ 2351 /* The user for the message went away, so give up. */ 2352 spin_lock_irqsave(&intf->counter_lock, flags); 2353 intf->unhandled_local_responses++; 2354 spin_unlock_irqrestore(&intf->counter_lock, flags); 2355 } 2356 ipmi_free_recv_msg(recv_msg); 2357 } else { 2358 struct ipmi_system_interface_addr *smi_addr; 2359 2360 spin_lock_irqsave(&intf->counter_lock, flags); 2361 intf->handled_local_responses++; 2362 spin_unlock_irqrestore(&intf->counter_lock, flags); 2363 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 2364 recv_msg->msgid = msg->msgid; 2365 smi_addr = ((struct ipmi_system_interface_addr *) 2366 &(recv_msg->addr)); 2367 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2368 smi_addr->channel = IPMI_BMC_CHANNEL; 2369 smi_addr->lun = msg->rsp[0] & 3; 2370 recv_msg->msg.netfn = msg->rsp[0] >> 2; 2371 recv_msg->msg.cmd = msg->rsp[1]; 2372 memcpy(recv_msg->msg_data, 2373 &(msg->rsp[2]), 2374 msg->rsp_size - 2); 2375 recv_msg->msg.data = recv_msg->msg_data; 2376 recv_msg->msg.data_len = msg->rsp_size - 2; 2377 deliver_response(recv_msg); 2378 } 2379 2380 return 0; 2381 } 2382 2383 /* Handle a new message. Return 1 if the message should be requeued, 2384 0 if the message should be freed, or -1 if the message should not 2385 be freed or requeued. */ 2386 static int handle_new_recv_msg(ipmi_smi_t intf, 2387 struct ipmi_smi_msg *msg) 2388 { 2389 int requeue; 2390 int chan; 2391 2392 #ifdef DEBUG_MSGING 2393 int m; 2394 printk("Recv:"); 2395 for (m=0; m<msg->rsp_size; m++) 2396 printk(" %2.2x", msg->rsp[m]); 2397 printk("\n"); 2398 #endif 2399 if (msg->rsp_size < 2) { 2400 /* Message is too small to be correct. */ 2401 printk(KERN_WARNING PFX "BMC returned to small a message" 2402 " for netfn %x cmd %x, got %d bytes\n", 2403 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size); 2404 2405 /* Generate an error response for the message. */ 2406 msg->rsp[0] = msg->data[0] | (1 << 2); 2407 msg->rsp[1] = msg->data[1]; 2408 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 2409 msg->rsp_size = 3; 2410 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */ 2411 || (msg->rsp[1] != msg->data[1])) /* Command */ 2412 { 2413 /* The response is not even marginally correct. */ 2414 printk(KERN_WARNING PFX "BMC returned incorrect response," 2415 " expected netfn %x cmd %x, got netfn %x cmd %x\n", 2416 (msg->data[0] >> 2) | 1, msg->data[1], 2417 msg->rsp[0] >> 2, msg->rsp[1]); 2418 2419 /* Generate an error response for the message. */ 2420 msg->rsp[0] = msg->data[0] | (1 << 2); 2421 msg->rsp[1] = msg->data[1]; 2422 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 2423 msg->rsp_size = 3; 2424 } 2425 2426 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 2427 && (msg->rsp[1] == IPMI_SEND_MSG_CMD) 2428 && (msg->user_data != NULL)) 2429 { 2430 /* It's a response to a response we sent. For this we 2431 deliver a send message response to the user. */ 2432 struct ipmi_recv_msg *recv_msg = msg->user_data; 2433 2434 requeue = 0; 2435 if (msg->rsp_size < 2) 2436 /* Message is too small to be correct. */ 2437 goto out; 2438 2439 chan = msg->data[2] & 0x0f; 2440 if (chan >= IPMI_MAX_CHANNELS) 2441 /* Invalid channel number */ 2442 goto out; 2443 2444 if (recv_msg) { 2445 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE; 2446 recv_msg->msg.data = recv_msg->msg_data; 2447 recv_msg->msg.data_len = 1; 2448 recv_msg->msg_data[0] = msg->rsp[2]; 2449 deliver_response(recv_msg); 2450 } 2451 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 2452 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) 2453 { 2454 /* It's from the receive queue. */ 2455 chan = msg->rsp[3] & 0xf; 2456 if (chan >= IPMI_MAX_CHANNELS) { 2457 /* Invalid channel number */ 2458 requeue = 0; 2459 goto out; 2460 } 2461 2462 switch (intf->channels[chan].medium) { 2463 case IPMI_CHANNEL_MEDIUM_IPMB: 2464 if (msg->rsp[4] & 0x04) { 2465 /* It's a response, so find the 2466 requesting message and send it up. */ 2467 requeue = handle_ipmb_get_msg_rsp(intf, msg); 2468 } else { 2469 /* It's a command to the SMS from some other 2470 entity. Handle that. */ 2471 requeue = handle_ipmb_get_msg_cmd(intf, msg); 2472 } 2473 break; 2474 2475 case IPMI_CHANNEL_MEDIUM_8023LAN: 2476 case IPMI_CHANNEL_MEDIUM_ASYNC: 2477 if (msg->rsp[6] & 0x04) { 2478 /* It's a response, so find the 2479 requesting message and send it up. */ 2480 requeue = handle_lan_get_msg_rsp(intf, msg); 2481 } else { 2482 /* It's a command to the SMS from some other 2483 entity. Handle that. */ 2484 requeue = handle_lan_get_msg_cmd(intf, msg); 2485 } 2486 break; 2487 2488 default: 2489 /* We don't handle the channel type, so just 2490 * free the message. */ 2491 requeue = 0; 2492 } 2493 2494 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 2495 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) 2496 { 2497 /* It's an asyncronous event. */ 2498 requeue = handle_read_event_rsp(intf, msg); 2499 } else { 2500 /* It's a response from the local BMC. */ 2501 requeue = handle_bmc_rsp(intf, msg); 2502 } 2503 2504 out: 2505 return requeue; 2506 } 2507 2508 /* Handle a new message from the lower layer. */ 2509 void ipmi_smi_msg_received(ipmi_smi_t intf, 2510 struct ipmi_smi_msg *msg) 2511 { 2512 unsigned long flags; 2513 int rv; 2514 2515 2516 /* Lock the user lock so the user can't go away while we are 2517 working on it. */ 2518 read_lock(&(intf->users_lock)); 2519 2520 if ((msg->data_size >= 2) 2521 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2)) 2522 && (msg->data[1] == IPMI_SEND_MSG_CMD) 2523 && (msg->user_data == NULL)) { 2524 /* This is the local response to a command send, start 2525 the timer for these. The user_data will not be 2526 NULL if this is a response send, and we will let 2527 response sends just go through. */ 2528 2529 /* Check for errors, if we get certain errors (ones 2530 that mean basically we can try again later), we 2531 ignore them and start the timer. Otherwise we 2532 report the error immediately. */ 2533 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0) 2534 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR) 2535 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR)) 2536 { 2537 int chan = msg->rsp[3] & 0xf; 2538 2539 /* Got an error sending the message, handle it. */ 2540 spin_lock_irqsave(&intf->counter_lock, flags); 2541 if (chan >= IPMI_MAX_CHANNELS) 2542 ; /* This shouldn't happen */ 2543 else if ((intf->channels[chan].medium 2544 == IPMI_CHANNEL_MEDIUM_8023LAN) 2545 || (intf->channels[chan].medium 2546 == IPMI_CHANNEL_MEDIUM_ASYNC)) 2547 intf->sent_lan_command_errs++; 2548 else 2549 intf->sent_ipmb_command_errs++; 2550 spin_unlock_irqrestore(&intf->counter_lock, flags); 2551 intf_err_seq(intf, msg->msgid, msg->rsp[2]); 2552 } else { 2553 /* The message was sent, start the timer. */ 2554 intf_start_seq_timer(intf, msg->msgid); 2555 } 2556 2557 ipmi_free_smi_msg(msg); 2558 goto out_unlock; 2559 } 2560 2561 /* To preserve message order, if the list is not empty, we 2562 tack this message onto the end of the list. */ 2563 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags); 2564 if (!list_empty(&(intf->waiting_msgs))) { 2565 list_add_tail(&(msg->link), &(intf->waiting_msgs)); 2566 spin_unlock(&(intf->waiting_msgs_lock)); 2567 goto out_unlock; 2568 } 2569 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags); 2570 2571 rv = handle_new_recv_msg(intf, msg); 2572 if (rv > 0) { 2573 /* Could not handle the message now, just add it to a 2574 list to handle later. */ 2575 spin_lock(&(intf->waiting_msgs_lock)); 2576 list_add_tail(&(msg->link), &(intf->waiting_msgs)); 2577 spin_unlock(&(intf->waiting_msgs_lock)); 2578 } else if (rv == 0) { 2579 ipmi_free_smi_msg(msg); 2580 } 2581 2582 out_unlock: 2583 read_unlock(&(intf->users_lock)); 2584 } 2585 2586 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf) 2587 { 2588 ipmi_user_t user; 2589 2590 read_lock(&(intf->users_lock)); 2591 list_for_each_entry(user, &(intf->users), link) { 2592 if (! user->handler->ipmi_watchdog_pretimeout) 2593 continue; 2594 2595 user->handler->ipmi_watchdog_pretimeout(user->handler_data); 2596 } 2597 read_unlock(&(intf->users_lock)); 2598 } 2599 2600 static void 2601 handle_msg_timeout(struct ipmi_recv_msg *msg) 2602 { 2603 msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 2604 msg->msg_data[0] = IPMI_TIMEOUT_COMPLETION_CODE; 2605 msg->msg.netfn |= 1; /* Convert to a response. */ 2606 msg->msg.data_len = 1; 2607 msg->msg.data = msg->msg_data; 2608 deliver_response(msg); 2609 } 2610 2611 static struct ipmi_smi_msg * 2612 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg, 2613 unsigned char seq, long seqid) 2614 { 2615 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg(); 2616 if (!smi_msg) 2617 /* If we can't allocate the message, then just return, we 2618 get 4 retries, so this should be ok. */ 2619 return NULL; 2620 2621 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len); 2622 smi_msg->data_size = recv_msg->msg.data_len; 2623 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid); 2624 2625 #ifdef DEBUG_MSGING 2626 { 2627 int m; 2628 printk("Resend: "); 2629 for (m=0; m<smi_msg->data_size; m++) 2630 printk(" %2.2x", smi_msg->data[m]); 2631 printk("\n"); 2632 } 2633 #endif 2634 return smi_msg; 2635 } 2636 2637 static void 2638 ipmi_timeout_handler(long timeout_period) 2639 { 2640 ipmi_smi_t intf; 2641 struct list_head timeouts; 2642 struct ipmi_recv_msg *msg, *msg2; 2643 struct ipmi_smi_msg *smi_msg, *smi_msg2; 2644 unsigned long flags; 2645 int i, j; 2646 2647 INIT_LIST_HEAD(&timeouts); 2648 2649 spin_lock(&interfaces_lock); 2650 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 2651 intf = ipmi_interfaces[i]; 2652 if (intf == NULL) 2653 continue; 2654 2655 read_lock(&(intf->users_lock)); 2656 2657 /* See if any waiting messages need to be processed. */ 2658 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags); 2659 list_for_each_entry_safe(smi_msg, smi_msg2, &(intf->waiting_msgs), link) { 2660 if (! handle_new_recv_msg(intf, smi_msg)) { 2661 list_del(&smi_msg->link); 2662 ipmi_free_smi_msg(smi_msg); 2663 } else { 2664 /* To preserve message order, quit if we 2665 can't handle a message. */ 2666 break; 2667 } 2668 } 2669 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags); 2670 2671 /* Go through the seq table and find any messages that 2672 have timed out, putting them in the timeouts 2673 list. */ 2674 spin_lock_irqsave(&(intf->seq_lock), flags); 2675 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) { 2676 struct seq_table *ent = &(intf->seq_table[j]); 2677 if (!ent->inuse) 2678 continue; 2679 2680 ent->timeout -= timeout_period; 2681 if (ent->timeout > 0) 2682 continue; 2683 2684 if (ent->retries_left == 0) { 2685 /* The message has used all its retries. */ 2686 ent->inuse = 0; 2687 msg = ent->recv_msg; 2688 list_add_tail(&(msg->link), &timeouts); 2689 spin_lock(&intf->counter_lock); 2690 if (ent->broadcast) 2691 intf->timed_out_ipmb_broadcasts++; 2692 else if (ent->recv_msg->addr.addr_type 2693 == IPMI_LAN_ADDR_TYPE) 2694 intf->timed_out_lan_commands++; 2695 else 2696 intf->timed_out_ipmb_commands++; 2697 spin_unlock(&intf->counter_lock); 2698 } else { 2699 struct ipmi_smi_msg *smi_msg; 2700 /* More retries, send again. */ 2701 2702 /* Start with the max timer, set to normal 2703 timer after the message is sent. */ 2704 ent->timeout = MAX_MSG_TIMEOUT; 2705 ent->retries_left--; 2706 spin_lock(&intf->counter_lock); 2707 if (ent->recv_msg->addr.addr_type 2708 == IPMI_LAN_ADDR_TYPE) 2709 intf->retransmitted_lan_commands++; 2710 else 2711 intf->retransmitted_ipmb_commands++; 2712 spin_unlock(&intf->counter_lock); 2713 smi_msg = smi_from_recv_msg(intf, 2714 ent->recv_msg, j, ent->seqid); 2715 if(!smi_msg) 2716 continue; 2717 2718 spin_unlock_irqrestore(&(intf->seq_lock),flags); 2719 /* Send the new message. We send with a zero 2720 * priority. It timed out, I doubt time is 2721 * that critical now, and high priority 2722 * messages are really only for messages to the 2723 * local MC, which don't get resent. */ 2724 intf->handlers->sender(intf->send_info, 2725 smi_msg, 0); 2726 spin_lock_irqsave(&(intf->seq_lock), flags); 2727 } 2728 } 2729 spin_unlock_irqrestore(&(intf->seq_lock), flags); 2730 2731 list_for_each_entry_safe(msg, msg2, &timeouts, link) { 2732 handle_msg_timeout(msg); 2733 } 2734 2735 read_unlock(&(intf->users_lock)); 2736 } 2737 spin_unlock(&interfaces_lock); 2738 } 2739 2740 static void ipmi_request_event(void) 2741 { 2742 ipmi_smi_t intf; 2743 int i; 2744 2745 spin_lock(&interfaces_lock); 2746 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 2747 intf = ipmi_interfaces[i]; 2748 if (intf == NULL) 2749 continue; 2750 2751 intf->handlers->request_events(intf->send_info); 2752 } 2753 spin_unlock(&interfaces_lock); 2754 } 2755 2756 static struct timer_list ipmi_timer; 2757 2758 /* Call every ~100 ms. */ 2759 #define IPMI_TIMEOUT_TIME 100 2760 2761 /* How many jiffies does it take to get to the timeout time. */ 2762 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000) 2763 2764 /* Request events from the queue every second (this is the number of 2765 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the 2766 future, IPMI will add a way to know immediately if an event is in 2767 the queue and this silliness can go away. */ 2768 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME)) 2769 2770 static atomic_t stop_operation; 2771 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 2772 2773 static void ipmi_timeout(unsigned long data) 2774 { 2775 if (atomic_read(&stop_operation)) 2776 return; 2777 2778 ticks_to_req_ev--; 2779 if (ticks_to_req_ev == 0) { 2780 ipmi_request_event(); 2781 ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 2782 } 2783 2784 ipmi_timeout_handler(IPMI_TIMEOUT_TIME); 2785 2786 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 2787 } 2788 2789 2790 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0); 2791 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0); 2792 2793 /* FIXME - convert these to slabs. */ 2794 static void free_smi_msg(struct ipmi_smi_msg *msg) 2795 { 2796 atomic_dec(&smi_msg_inuse_count); 2797 kfree(msg); 2798 } 2799 2800 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void) 2801 { 2802 struct ipmi_smi_msg *rv; 2803 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC); 2804 if (rv) { 2805 rv->done = free_smi_msg; 2806 rv->user_data = NULL; 2807 atomic_inc(&smi_msg_inuse_count); 2808 } 2809 return rv; 2810 } 2811 2812 static void free_recv_msg(struct ipmi_recv_msg *msg) 2813 { 2814 atomic_dec(&recv_msg_inuse_count); 2815 kfree(msg); 2816 } 2817 2818 struct ipmi_recv_msg *ipmi_alloc_recv_msg(void) 2819 { 2820 struct ipmi_recv_msg *rv; 2821 2822 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC); 2823 if (rv) { 2824 rv->done = free_recv_msg; 2825 atomic_inc(&recv_msg_inuse_count); 2826 } 2827 return rv; 2828 } 2829 2830 #ifdef CONFIG_IPMI_PANIC_EVENT 2831 2832 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg) 2833 { 2834 } 2835 2836 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg) 2837 { 2838 } 2839 2840 #ifdef CONFIG_IPMI_PANIC_STRING 2841 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg) 2842 { 2843 if ((msg->rsp[0] == (IPMI_NETFN_SENSOR_EVENT_RESPONSE << 2)) 2844 && (msg->rsp[1] == IPMI_GET_EVENT_RECEIVER_CMD) 2845 && (msg->rsp[2] == IPMI_CC_NO_ERROR)) 2846 { 2847 /* A get event receiver command, save it. */ 2848 intf->event_receiver = msg->rsp[3]; 2849 intf->event_receiver_lun = msg->rsp[4] & 0x3; 2850 } 2851 } 2852 2853 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg) 2854 { 2855 if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2)) 2856 && (msg->rsp[1] == IPMI_GET_DEVICE_ID_CMD) 2857 && (msg->rsp[2] == IPMI_CC_NO_ERROR)) 2858 { 2859 /* A get device id command, save if we are an event 2860 receiver or generator. */ 2861 intf->local_sel_device = (msg->rsp[8] >> 2) & 1; 2862 intf->local_event_generator = (msg->rsp[8] >> 5) & 1; 2863 } 2864 } 2865 #endif 2866 2867 static void send_panic_events(char *str) 2868 { 2869 struct kernel_ipmi_msg msg; 2870 ipmi_smi_t intf; 2871 unsigned char data[16]; 2872 int i; 2873 struct ipmi_system_interface_addr *si; 2874 struct ipmi_addr addr; 2875 struct ipmi_smi_msg smi_msg; 2876 struct ipmi_recv_msg recv_msg; 2877 2878 si = (struct ipmi_system_interface_addr *) &addr; 2879 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2880 si->channel = IPMI_BMC_CHANNEL; 2881 si->lun = 0; 2882 2883 /* Fill in an event telling that we have failed. */ 2884 msg.netfn = 0x04; /* Sensor or Event. */ 2885 msg.cmd = 2; /* Platform event command. */ 2886 msg.data = data; 2887 msg.data_len = 8; 2888 data[0] = 0x21; /* Kernel generator ID, IPMI table 5-4 */ 2889 data[1] = 0x03; /* This is for IPMI 1.0. */ 2890 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */ 2891 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */ 2892 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */ 2893 2894 /* Put a few breadcrumbs in. Hopefully later we can add more things 2895 to make the panic events more useful. */ 2896 if (str) { 2897 data[3] = str[0]; 2898 data[6] = str[1]; 2899 data[7] = str[2]; 2900 } 2901 2902 smi_msg.done = dummy_smi_done_handler; 2903 recv_msg.done = dummy_recv_done_handler; 2904 2905 /* For every registered interface, send the event. */ 2906 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 2907 intf = ipmi_interfaces[i]; 2908 if (intf == NULL) 2909 continue; 2910 2911 /* Send the event announcing the panic. */ 2912 intf->handlers->set_run_to_completion(intf->send_info, 1); 2913 i_ipmi_request(NULL, 2914 intf, 2915 &addr, 2916 0, 2917 &msg, 2918 NULL, 2919 &smi_msg, 2920 &recv_msg, 2921 0, 2922 intf->my_address, 2923 intf->my_lun, 2924 0, 1); /* Don't retry, and don't wait. */ 2925 } 2926 2927 #ifdef CONFIG_IPMI_PANIC_STRING 2928 /* On every interface, dump a bunch of OEM event holding the 2929 string. */ 2930 if (!str) 2931 return; 2932 2933 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 2934 char *p = str; 2935 struct ipmi_ipmb_addr *ipmb; 2936 int j; 2937 2938 intf = ipmi_interfaces[i]; 2939 if (intf == NULL) 2940 continue; 2941 2942 /* First job here is to figure out where to send the 2943 OEM events. There's no way in IPMI to send OEM 2944 events using an event send command, so we have to 2945 find the SEL to put them in and stick them in 2946 there. */ 2947 2948 /* Get capabilities from the get device id. */ 2949 intf->local_sel_device = 0; 2950 intf->local_event_generator = 0; 2951 intf->event_receiver = 0; 2952 2953 /* Request the device info from the local MC. */ 2954 msg.netfn = IPMI_NETFN_APP_REQUEST; 2955 msg.cmd = IPMI_GET_DEVICE_ID_CMD; 2956 msg.data = NULL; 2957 msg.data_len = 0; 2958 intf->null_user_handler = device_id_fetcher; 2959 i_ipmi_request(NULL, 2960 intf, 2961 &addr, 2962 0, 2963 &msg, 2964 NULL, 2965 &smi_msg, 2966 &recv_msg, 2967 0, 2968 intf->my_address, 2969 intf->my_lun, 2970 0, 1); /* Don't retry, and don't wait. */ 2971 2972 if (intf->local_event_generator) { 2973 /* Request the event receiver from the local MC. */ 2974 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST; 2975 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD; 2976 msg.data = NULL; 2977 msg.data_len = 0; 2978 intf->null_user_handler = event_receiver_fetcher; 2979 i_ipmi_request(NULL, 2980 intf, 2981 &addr, 2982 0, 2983 &msg, 2984 NULL, 2985 &smi_msg, 2986 &recv_msg, 2987 0, 2988 intf->my_address, 2989 intf->my_lun, 2990 0, 1); /* no retry, and no wait. */ 2991 } 2992 intf->null_user_handler = NULL; 2993 2994 /* Validate the event receiver. The low bit must not 2995 be 1 (it must be a valid IPMB address), it cannot 2996 be zero, and it must not be my address. */ 2997 if (((intf->event_receiver & 1) == 0) 2998 && (intf->event_receiver != 0) 2999 && (intf->event_receiver != intf->my_address)) 3000 { 3001 /* The event receiver is valid, send an IPMB 3002 message. */ 3003 ipmb = (struct ipmi_ipmb_addr *) &addr; 3004 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE; 3005 ipmb->channel = 0; /* FIXME - is this right? */ 3006 ipmb->lun = intf->event_receiver_lun; 3007 ipmb->slave_addr = intf->event_receiver; 3008 } else if (intf->local_sel_device) { 3009 /* The event receiver was not valid (or was 3010 me), but I am an SEL device, just dump it 3011 in my SEL. */ 3012 si = (struct ipmi_system_interface_addr *) &addr; 3013 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3014 si->channel = IPMI_BMC_CHANNEL; 3015 si->lun = 0; 3016 } else 3017 continue; /* No where to send the event. */ 3018 3019 3020 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */ 3021 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD; 3022 msg.data = data; 3023 msg.data_len = 16; 3024 3025 j = 0; 3026 while (*p) { 3027 int size = strlen(p); 3028 3029 if (size > 11) 3030 size = 11; 3031 data[0] = 0; 3032 data[1] = 0; 3033 data[2] = 0xf0; /* OEM event without timestamp. */ 3034 data[3] = intf->my_address; 3035 data[4] = j++; /* sequence # */ 3036 /* Always give 11 bytes, so strncpy will fill 3037 it with zeroes for me. */ 3038 strncpy(data+5, p, 11); 3039 p += size; 3040 3041 i_ipmi_request(NULL, 3042 intf, 3043 &addr, 3044 0, 3045 &msg, 3046 NULL, 3047 &smi_msg, 3048 &recv_msg, 3049 0, 3050 intf->my_address, 3051 intf->my_lun, 3052 0, 1); /* no retry, and no wait. */ 3053 } 3054 } 3055 #endif /* CONFIG_IPMI_PANIC_STRING */ 3056 } 3057 #endif /* CONFIG_IPMI_PANIC_EVENT */ 3058 3059 static int has_paniced = 0; 3060 3061 static int panic_event(struct notifier_block *this, 3062 unsigned long event, 3063 void *ptr) 3064 { 3065 int i; 3066 ipmi_smi_t intf; 3067 3068 if (has_paniced) 3069 return NOTIFY_DONE; 3070 has_paniced = 1; 3071 3072 /* For every registered interface, set it to run to completion. */ 3073 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 3074 intf = ipmi_interfaces[i]; 3075 if (intf == NULL) 3076 continue; 3077 3078 intf->handlers->set_run_to_completion(intf->send_info, 1); 3079 } 3080 3081 #ifdef CONFIG_IPMI_PANIC_EVENT 3082 send_panic_events(ptr); 3083 #endif 3084 3085 return NOTIFY_DONE; 3086 } 3087 3088 static struct notifier_block panic_block = { 3089 .notifier_call = panic_event, 3090 .next = NULL, 3091 .priority = 200 /* priority: INT_MAX >= x >= 0 */ 3092 }; 3093 3094 static int ipmi_init_msghandler(void) 3095 { 3096 int i; 3097 3098 if (initialized) 3099 return 0; 3100 3101 printk(KERN_INFO "ipmi message handler version " 3102 IPMI_MSGHANDLER_VERSION "\n"); 3103 3104 for (i=0; i<MAX_IPMI_INTERFACES; i++) { 3105 ipmi_interfaces[i] = NULL; 3106 } 3107 3108 #ifdef CONFIG_PROC_FS 3109 proc_ipmi_root = proc_mkdir("ipmi", NULL); 3110 if (!proc_ipmi_root) { 3111 printk(KERN_ERR PFX "Unable to create IPMI proc dir"); 3112 return -ENOMEM; 3113 } 3114 3115 proc_ipmi_root->owner = THIS_MODULE; 3116 #endif /* CONFIG_PROC_FS */ 3117 3118 init_timer(&ipmi_timer); 3119 ipmi_timer.data = 0; 3120 ipmi_timer.function = ipmi_timeout; 3121 ipmi_timer.expires = jiffies + IPMI_TIMEOUT_JIFFIES; 3122 add_timer(&ipmi_timer); 3123 3124 notifier_chain_register(&panic_notifier_list, &panic_block); 3125 3126 initialized = 1; 3127 3128 return 0; 3129 } 3130 3131 static __init int ipmi_init_msghandler_mod(void) 3132 { 3133 ipmi_init_msghandler(); 3134 return 0; 3135 } 3136 3137 static __exit void cleanup_ipmi(void) 3138 { 3139 int count; 3140 3141 if (!initialized) 3142 return; 3143 3144 notifier_chain_unregister(&panic_notifier_list, &panic_block); 3145 3146 /* This can't be called if any interfaces exist, so no worry about 3147 shutting down the interfaces. */ 3148 3149 /* Tell the timer to stop, then wait for it to stop. This avoids 3150 problems with race conditions removing the timer here. */ 3151 atomic_inc(&stop_operation); 3152 del_timer_sync(&ipmi_timer); 3153 3154 #ifdef CONFIG_PROC_FS 3155 remove_proc_entry(proc_ipmi_root->name, &proc_root); 3156 #endif /* CONFIG_PROC_FS */ 3157 3158 initialized = 0; 3159 3160 /* Check for buffer leaks. */ 3161 count = atomic_read(&smi_msg_inuse_count); 3162 if (count != 0) 3163 printk(KERN_WARNING PFX "SMI message count %d at exit\n", 3164 count); 3165 count = atomic_read(&recv_msg_inuse_count); 3166 if (count != 0) 3167 printk(KERN_WARNING PFX "recv message count %d at exit\n", 3168 count); 3169 } 3170 module_exit(cleanup_ipmi); 3171 3172 module_init(ipmi_init_msghandler_mod); 3173 MODULE_LICENSE("GPL"); 3174 3175 EXPORT_SYMBOL(ipmi_create_user); 3176 EXPORT_SYMBOL(ipmi_destroy_user); 3177 EXPORT_SYMBOL(ipmi_get_version); 3178 EXPORT_SYMBOL(ipmi_request_settime); 3179 EXPORT_SYMBOL(ipmi_request_supply_msgs); 3180 EXPORT_SYMBOL(ipmi_register_smi); 3181 EXPORT_SYMBOL(ipmi_unregister_smi); 3182 EXPORT_SYMBOL(ipmi_register_for_cmd); 3183 EXPORT_SYMBOL(ipmi_unregister_for_cmd); 3184 EXPORT_SYMBOL(ipmi_smi_msg_received); 3185 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout); 3186 EXPORT_SYMBOL(ipmi_alloc_smi_msg); 3187 EXPORT_SYMBOL(ipmi_addr_length); 3188 EXPORT_SYMBOL(ipmi_validate_addr); 3189 EXPORT_SYMBOL(ipmi_set_gets_events); 3190 EXPORT_SYMBOL(ipmi_smi_watcher_register); 3191 EXPORT_SYMBOL(ipmi_smi_watcher_unregister); 3192 EXPORT_SYMBOL(ipmi_set_my_address); 3193 EXPORT_SYMBOL(ipmi_get_my_address); 3194 EXPORT_SYMBOL(ipmi_set_my_LUN); 3195 EXPORT_SYMBOL(ipmi_get_my_LUN); 3196 EXPORT_SYMBOL(ipmi_smi_add_proc_entry); 3197 EXPORT_SYMBOL(proc_ipmi_root); 3198 EXPORT_SYMBOL(ipmi_user_set_run_to_completion); 3199