1 /* 2 * ipmi_msghandler.c 3 * 4 * Incoming and outgoing message routing for an IPMI interface. 5 * 6 * Author: MontaVista Software, Inc. 7 * Corey Minyard <minyard@mvista.com> 8 * source@mvista.com 9 * 10 * Copyright 2002 MontaVista Software Inc. 11 * 12 * This program is free software; you can redistribute it and/or modify it 13 * under the terms of the GNU General Public License as published by the 14 * Free Software Foundation; either version 2 of the License, or (at your 15 * option) any later version. 16 * 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * 29 * You should have received a copy of the GNU General Public License along 30 * with this program; if not, write to the Free Software Foundation, Inc., 31 * 675 Mass Ave, Cambridge, MA 02139, USA. 32 */ 33 34 #include <linux/module.h> 35 #include <linux/errno.h> 36 #include <asm/system.h> 37 #include <linux/poll.h> 38 #include <linux/sched.h> 39 #include <linux/seq_file.h> 40 #include <linux/spinlock.h> 41 #include <linux/mutex.h> 42 #include <linux/slab.h> 43 #include <linux/ipmi.h> 44 #include <linux/ipmi_smi.h> 45 #include <linux/notifier.h> 46 #include <linux/init.h> 47 #include <linux/proc_fs.h> 48 #include <linux/rcupdate.h> 49 50 #define PFX "IPMI message handler: " 51 52 #define IPMI_DRIVER_VERSION "39.2" 53 54 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void); 55 static int ipmi_init_msghandler(void); 56 57 static int initialized; 58 59 #ifdef CONFIG_PROC_FS 60 static struct proc_dir_entry *proc_ipmi_root; 61 #endif /* CONFIG_PROC_FS */ 62 63 /* Remain in auto-maintenance mode for this amount of time (in ms). */ 64 #define IPMI_MAINTENANCE_MODE_TIMEOUT 30000 65 66 #define MAX_EVENTS_IN_QUEUE 25 67 68 /* 69 * Don't let a message sit in a queue forever, always time it with at lest 70 * the max message timer. This is in milliseconds. 71 */ 72 #define MAX_MSG_TIMEOUT 60000 73 74 /* 75 * The main "user" data structure. 76 */ 77 struct ipmi_user { 78 struct list_head link; 79 80 /* Set to "0" when the user is destroyed. */ 81 int valid; 82 83 struct kref refcount; 84 85 /* The upper layer that handles receive messages. */ 86 struct ipmi_user_hndl *handler; 87 void *handler_data; 88 89 /* The interface this user is bound to. */ 90 ipmi_smi_t intf; 91 92 /* Does this interface receive IPMI events? */ 93 int gets_events; 94 }; 95 96 struct cmd_rcvr { 97 struct list_head link; 98 99 ipmi_user_t user; 100 unsigned char netfn; 101 unsigned char cmd; 102 unsigned int chans; 103 104 /* 105 * This is used to form a linked lised during mass deletion. 106 * Since this is in an RCU list, we cannot use the link above 107 * or change any data until the RCU period completes. So we 108 * use this next variable during mass deletion so we can have 109 * a list and don't have to wait and restart the search on 110 * every individual deletion of a command. 111 */ 112 struct cmd_rcvr *next; 113 }; 114 115 struct seq_table { 116 unsigned int inuse : 1; 117 unsigned int broadcast : 1; 118 119 unsigned long timeout; 120 unsigned long orig_timeout; 121 unsigned int retries_left; 122 123 /* 124 * To verify on an incoming send message response that this is 125 * the message that the response is for, we keep a sequence id 126 * and increment it every time we send a message. 127 */ 128 long seqid; 129 130 /* 131 * This is held so we can properly respond to the message on a 132 * timeout, and it is used to hold the temporary data for 133 * retransmission, too. 134 */ 135 struct ipmi_recv_msg *recv_msg; 136 }; 137 138 /* 139 * Store the information in a msgid (long) to allow us to find a 140 * sequence table entry from the msgid. 141 */ 142 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff)) 143 144 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \ 145 do { \ 146 seq = ((msgid >> 26) & 0x3f); \ 147 seqid = (msgid & 0x3fffff); \ 148 } while (0) 149 150 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff) 151 152 struct ipmi_channel { 153 unsigned char medium; 154 unsigned char protocol; 155 156 /* 157 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR, 158 * but may be changed by the user. 159 */ 160 unsigned char address; 161 162 /* 163 * My LUN. This should generally stay the SMS LUN, but just in 164 * case... 165 */ 166 unsigned char lun; 167 }; 168 169 #ifdef CONFIG_PROC_FS 170 struct ipmi_proc_entry { 171 char *name; 172 struct ipmi_proc_entry *next; 173 }; 174 #endif 175 176 struct bmc_device { 177 struct platform_device *dev; 178 struct ipmi_device_id id; 179 unsigned char guid[16]; 180 int guid_set; 181 182 struct kref refcount; 183 184 /* bmc device attributes */ 185 struct device_attribute device_id_attr; 186 struct device_attribute provides_dev_sdrs_attr; 187 struct device_attribute revision_attr; 188 struct device_attribute firmware_rev_attr; 189 struct device_attribute version_attr; 190 struct device_attribute add_dev_support_attr; 191 struct device_attribute manufacturer_id_attr; 192 struct device_attribute product_id_attr; 193 struct device_attribute guid_attr; 194 struct device_attribute aux_firmware_rev_attr; 195 }; 196 197 /* 198 * Various statistics for IPMI, these index stats[] in the ipmi_smi 199 * structure. 200 */ 201 enum ipmi_stat_indexes { 202 /* Commands we got from the user that were invalid. */ 203 IPMI_STAT_sent_invalid_commands = 0, 204 205 /* Commands we sent to the MC. */ 206 IPMI_STAT_sent_local_commands, 207 208 /* Responses from the MC that were delivered to a user. */ 209 IPMI_STAT_handled_local_responses, 210 211 /* Responses from the MC that were not delivered to a user. */ 212 IPMI_STAT_unhandled_local_responses, 213 214 /* Commands we sent out to the IPMB bus. */ 215 IPMI_STAT_sent_ipmb_commands, 216 217 /* Commands sent on the IPMB that had errors on the SEND CMD */ 218 IPMI_STAT_sent_ipmb_command_errs, 219 220 /* Each retransmit increments this count. */ 221 IPMI_STAT_retransmitted_ipmb_commands, 222 223 /* 224 * When a message times out (runs out of retransmits) this is 225 * incremented. 226 */ 227 IPMI_STAT_timed_out_ipmb_commands, 228 229 /* 230 * This is like above, but for broadcasts. Broadcasts are 231 * *not* included in the above count (they are expected to 232 * time out). 233 */ 234 IPMI_STAT_timed_out_ipmb_broadcasts, 235 236 /* Responses I have sent to the IPMB bus. */ 237 IPMI_STAT_sent_ipmb_responses, 238 239 /* The response was delivered to the user. */ 240 IPMI_STAT_handled_ipmb_responses, 241 242 /* The response had invalid data in it. */ 243 IPMI_STAT_invalid_ipmb_responses, 244 245 /* The response didn't have anyone waiting for it. */ 246 IPMI_STAT_unhandled_ipmb_responses, 247 248 /* Commands we sent out to the IPMB bus. */ 249 IPMI_STAT_sent_lan_commands, 250 251 /* Commands sent on the IPMB that had errors on the SEND CMD */ 252 IPMI_STAT_sent_lan_command_errs, 253 254 /* Each retransmit increments this count. */ 255 IPMI_STAT_retransmitted_lan_commands, 256 257 /* 258 * When a message times out (runs out of retransmits) this is 259 * incremented. 260 */ 261 IPMI_STAT_timed_out_lan_commands, 262 263 /* Responses I have sent to the IPMB bus. */ 264 IPMI_STAT_sent_lan_responses, 265 266 /* The response was delivered to the user. */ 267 IPMI_STAT_handled_lan_responses, 268 269 /* The response had invalid data in it. */ 270 IPMI_STAT_invalid_lan_responses, 271 272 /* The response didn't have anyone waiting for it. */ 273 IPMI_STAT_unhandled_lan_responses, 274 275 /* The command was delivered to the user. */ 276 IPMI_STAT_handled_commands, 277 278 /* The command had invalid data in it. */ 279 IPMI_STAT_invalid_commands, 280 281 /* The command didn't have anyone waiting for it. */ 282 IPMI_STAT_unhandled_commands, 283 284 /* Invalid data in an event. */ 285 IPMI_STAT_invalid_events, 286 287 /* Events that were received with the proper format. */ 288 IPMI_STAT_events, 289 290 /* Retransmissions on IPMB that failed. */ 291 IPMI_STAT_dropped_rexmit_ipmb_commands, 292 293 /* Retransmissions on LAN that failed. */ 294 IPMI_STAT_dropped_rexmit_lan_commands, 295 296 /* This *must* remain last, add new values above this. */ 297 IPMI_NUM_STATS 298 }; 299 300 301 #define IPMI_IPMB_NUM_SEQ 64 302 #define IPMI_MAX_CHANNELS 16 303 struct ipmi_smi { 304 /* What interface number are we? */ 305 int intf_num; 306 307 struct kref refcount; 308 309 /* Used for a list of interfaces. */ 310 struct list_head link; 311 312 /* 313 * The list of upper layers that are using me. seq_lock 314 * protects this. 315 */ 316 struct list_head users; 317 318 /* Information to supply to users. */ 319 unsigned char ipmi_version_major; 320 unsigned char ipmi_version_minor; 321 322 /* Used for wake ups at startup. */ 323 wait_queue_head_t waitq; 324 325 struct bmc_device *bmc; 326 char *my_dev_name; 327 char *sysfs_name; 328 329 /* 330 * This is the lower-layer's sender routine. Note that you 331 * must either be holding the ipmi_interfaces_mutex or be in 332 * an umpreemptible region to use this. You must fetch the 333 * value into a local variable and make sure it is not NULL. 334 */ 335 struct ipmi_smi_handlers *handlers; 336 void *send_info; 337 338 #ifdef CONFIG_PROC_FS 339 /* A list of proc entries for this interface. */ 340 struct mutex proc_entry_lock; 341 struct ipmi_proc_entry *proc_entries; 342 #endif 343 344 /* Driver-model device for the system interface. */ 345 struct device *si_dev; 346 347 /* 348 * A table of sequence numbers for this interface. We use the 349 * sequence numbers for IPMB messages that go out of the 350 * interface to match them up with their responses. A routine 351 * is called periodically to time the items in this list. 352 */ 353 spinlock_t seq_lock; 354 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ]; 355 int curr_seq; 356 357 /* 358 * Messages that were delayed for some reason (out of memory, 359 * for instance), will go in here to be processed later in a 360 * periodic timer interrupt. 361 */ 362 spinlock_t waiting_msgs_lock; 363 struct list_head waiting_msgs; 364 365 /* 366 * The list of command receivers that are registered for commands 367 * on this interface. 368 */ 369 struct mutex cmd_rcvrs_mutex; 370 struct list_head cmd_rcvrs; 371 372 /* 373 * Events that were queues because no one was there to receive 374 * them. 375 */ 376 spinlock_t events_lock; /* For dealing with event stuff. */ 377 struct list_head waiting_events; 378 unsigned int waiting_events_count; /* How many events in queue? */ 379 char delivering_events; 380 char event_msg_printed; 381 382 /* 383 * The event receiver for my BMC, only really used at panic 384 * shutdown as a place to store this. 385 */ 386 unsigned char event_receiver; 387 unsigned char event_receiver_lun; 388 unsigned char local_sel_device; 389 unsigned char local_event_generator; 390 391 /* For handling of maintenance mode. */ 392 int maintenance_mode; 393 int maintenance_mode_enable; 394 int auto_maintenance_timeout; 395 spinlock_t maintenance_mode_lock; /* Used in a timer... */ 396 397 /* 398 * A cheap hack, if this is non-null and a message to an 399 * interface comes in with a NULL user, call this routine with 400 * it. Note that the message will still be freed by the 401 * caller. This only works on the system interface. 402 */ 403 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg); 404 405 /* 406 * When we are scanning the channels for an SMI, this will 407 * tell which channel we are scanning. 408 */ 409 int curr_channel; 410 411 /* Channel information */ 412 struct ipmi_channel channels[IPMI_MAX_CHANNELS]; 413 414 /* Proc FS stuff. */ 415 struct proc_dir_entry *proc_dir; 416 char proc_dir_name[10]; 417 418 atomic_t stats[IPMI_NUM_STATS]; 419 420 /* 421 * run_to_completion duplicate of smb_info, smi_info 422 * and ipmi_serial_info structures. Used to decrease numbers of 423 * parameters passed by "low" level IPMI code. 424 */ 425 int run_to_completion; 426 }; 427 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev) 428 429 /** 430 * The driver model view of the IPMI messaging driver. 431 */ 432 static struct platform_driver ipmidriver = { 433 .driver = { 434 .name = "ipmi", 435 .bus = &platform_bus_type 436 } 437 }; 438 static DEFINE_MUTEX(ipmidriver_mutex); 439 440 static LIST_HEAD(ipmi_interfaces); 441 static DEFINE_MUTEX(ipmi_interfaces_mutex); 442 443 /* 444 * List of watchers that want to know when smi's are added and deleted. 445 */ 446 static LIST_HEAD(smi_watchers); 447 static DEFINE_MUTEX(smi_watchers_mutex); 448 449 450 #define ipmi_inc_stat(intf, stat) \ 451 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat]) 452 #define ipmi_get_stat(intf, stat) \ 453 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat])) 454 455 static int is_lan_addr(struct ipmi_addr *addr) 456 { 457 return addr->addr_type == IPMI_LAN_ADDR_TYPE; 458 } 459 460 static int is_ipmb_addr(struct ipmi_addr *addr) 461 { 462 return addr->addr_type == IPMI_IPMB_ADDR_TYPE; 463 } 464 465 static int is_ipmb_bcast_addr(struct ipmi_addr *addr) 466 { 467 return addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE; 468 } 469 470 static void free_recv_msg_list(struct list_head *q) 471 { 472 struct ipmi_recv_msg *msg, *msg2; 473 474 list_for_each_entry_safe(msg, msg2, q, link) { 475 list_del(&msg->link); 476 ipmi_free_recv_msg(msg); 477 } 478 } 479 480 static void free_smi_msg_list(struct list_head *q) 481 { 482 struct ipmi_smi_msg *msg, *msg2; 483 484 list_for_each_entry_safe(msg, msg2, q, link) { 485 list_del(&msg->link); 486 ipmi_free_smi_msg(msg); 487 } 488 } 489 490 static void clean_up_interface_data(ipmi_smi_t intf) 491 { 492 int i; 493 struct cmd_rcvr *rcvr, *rcvr2; 494 struct list_head list; 495 496 free_smi_msg_list(&intf->waiting_msgs); 497 free_recv_msg_list(&intf->waiting_events); 498 499 /* 500 * Wholesale remove all the entries from the list in the 501 * interface and wait for RCU to know that none are in use. 502 */ 503 mutex_lock(&intf->cmd_rcvrs_mutex); 504 INIT_LIST_HEAD(&list); 505 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu); 506 mutex_unlock(&intf->cmd_rcvrs_mutex); 507 508 list_for_each_entry_safe(rcvr, rcvr2, &list, link) 509 kfree(rcvr); 510 511 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 512 if ((intf->seq_table[i].inuse) 513 && (intf->seq_table[i].recv_msg)) 514 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 515 } 516 } 517 518 static void intf_free(struct kref *ref) 519 { 520 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount); 521 522 clean_up_interface_data(intf); 523 kfree(intf); 524 } 525 526 struct watcher_entry { 527 int intf_num; 528 ipmi_smi_t intf; 529 struct list_head link; 530 }; 531 532 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher) 533 { 534 ipmi_smi_t intf; 535 LIST_HEAD(to_deliver); 536 struct watcher_entry *e, *e2; 537 538 mutex_lock(&smi_watchers_mutex); 539 540 mutex_lock(&ipmi_interfaces_mutex); 541 542 /* Build a list of things to deliver. */ 543 list_for_each_entry(intf, &ipmi_interfaces, link) { 544 if (intf->intf_num == -1) 545 continue; 546 e = kmalloc(sizeof(*e), GFP_KERNEL); 547 if (!e) 548 goto out_err; 549 kref_get(&intf->refcount); 550 e->intf = intf; 551 e->intf_num = intf->intf_num; 552 list_add_tail(&e->link, &to_deliver); 553 } 554 555 /* We will succeed, so add it to the list. */ 556 list_add(&watcher->link, &smi_watchers); 557 558 mutex_unlock(&ipmi_interfaces_mutex); 559 560 list_for_each_entry_safe(e, e2, &to_deliver, link) { 561 list_del(&e->link); 562 watcher->new_smi(e->intf_num, e->intf->si_dev); 563 kref_put(&e->intf->refcount, intf_free); 564 kfree(e); 565 } 566 567 mutex_unlock(&smi_watchers_mutex); 568 569 return 0; 570 571 out_err: 572 mutex_unlock(&ipmi_interfaces_mutex); 573 mutex_unlock(&smi_watchers_mutex); 574 list_for_each_entry_safe(e, e2, &to_deliver, link) { 575 list_del(&e->link); 576 kref_put(&e->intf->refcount, intf_free); 577 kfree(e); 578 } 579 return -ENOMEM; 580 } 581 EXPORT_SYMBOL(ipmi_smi_watcher_register); 582 583 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher) 584 { 585 mutex_lock(&smi_watchers_mutex); 586 list_del(&(watcher->link)); 587 mutex_unlock(&smi_watchers_mutex); 588 return 0; 589 } 590 EXPORT_SYMBOL(ipmi_smi_watcher_unregister); 591 592 /* 593 * Must be called with smi_watchers_mutex held. 594 */ 595 static void 596 call_smi_watchers(int i, struct device *dev) 597 { 598 struct ipmi_smi_watcher *w; 599 600 list_for_each_entry(w, &smi_watchers, link) { 601 if (try_module_get(w->owner)) { 602 w->new_smi(i, dev); 603 module_put(w->owner); 604 } 605 } 606 } 607 608 static int 609 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2) 610 { 611 if (addr1->addr_type != addr2->addr_type) 612 return 0; 613 614 if (addr1->channel != addr2->channel) 615 return 0; 616 617 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 618 struct ipmi_system_interface_addr *smi_addr1 619 = (struct ipmi_system_interface_addr *) addr1; 620 struct ipmi_system_interface_addr *smi_addr2 621 = (struct ipmi_system_interface_addr *) addr2; 622 return (smi_addr1->lun == smi_addr2->lun); 623 } 624 625 if (is_ipmb_addr(addr1) || is_ipmb_bcast_addr(addr1)) { 626 struct ipmi_ipmb_addr *ipmb_addr1 627 = (struct ipmi_ipmb_addr *) addr1; 628 struct ipmi_ipmb_addr *ipmb_addr2 629 = (struct ipmi_ipmb_addr *) addr2; 630 631 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr) 632 && (ipmb_addr1->lun == ipmb_addr2->lun)); 633 } 634 635 if (is_lan_addr(addr1)) { 636 struct ipmi_lan_addr *lan_addr1 637 = (struct ipmi_lan_addr *) addr1; 638 struct ipmi_lan_addr *lan_addr2 639 = (struct ipmi_lan_addr *) addr2; 640 641 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID) 642 && (lan_addr1->local_SWID == lan_addr2->local_SWID) 643 && (lan_addr1->session_handle 644 == lan_addr2->session_handle) 645 && (lan_addr1->lun == lan_addr2->lun)); 646 } 647 648 return 1; 649 } 650 651 int ipmi_validate_addr(struct ipmi_addr *addr, int len) 652 { 653 if (len < sizeof(struct ipmi_system_interface_addr)) 654 return -EINVAL; 655 656 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 657 if (addr->channel != IPMI_BMC_CHANNEL) 658 return -EINVAL; 659 return 0; 660 } 661 662 if ((addr->channel == IPMI_BMC_CHANNEL) 663 || (addr->channel >= IPMI_MAX_CHANNELS) 664 || (addr->channel < 0)) 665 return -EINVAL; 666 667 if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) { 668 if (len < sizeof(struct ipmi_ipmb_addr)) 669 return -EINVAL; 670 return 0; 671 } 672 673 if (is_lan_addr(addr)) { 674 if (len < sizeof(struct ipmi_lan_addr)) 675 return -EINVAL; 676 return 0; 677 } 678 679 return -EINVAL; 680 } 681 EXPORT_SYMBOL(ipmi_validate_addr); 682 683 unsigned int ipmi_addr_length(int addr_type) 684 { 685 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 686 return sizeof(struct ipmi_system_interface_addr); 687 688 if ((addr_type == IPMI_IPMB_ADDR_TYPE) 689 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)) 690 return sizeof(struct ipmi_ipmb_addr); 691 692 if (addr_type == IPMI_LAN_ADDR_TYPE) 693 return sizeof(struct ipmi_lan_addr); 694 695 return 0; 696 } 697 EXPORT_SYMBOL(ipmi_addr_length); 698 699 static void deliver_response(struct ipmi_recv_msg *msg) 700 { 701 if (!msg->user) { 702 ipmi_smi_t intf = msg->user_msg_data; 703 704 /* Special handling for NULL users. */ 705 if (intf->null_user_handler) { 706 intf->null_user_handler(intf, msg); 707 ipmi_inc_stat(intf, handled_local_responses); 708 } else { 709 /* No handler, so give up. */ 710 ipmi_inc_stat(intf, unhandled_local_responses); 711 } 712 ipmi_free_recv_msg(msg); 713 } else { 714 ipmi_user_t user = msg->user; 715 user->handler->ipmi_recv_hndl(msg, user->handler_data); 716 } 717 } 718 719 static void 720 deliver_err_response(struct ipmi_recv_msg *msg, int err) 721 { 722 msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 723 msg->msg_data[0] = err; 724 msg->msg.netfn |= 1; /* Convert to a response. */ 725 msg->msg.data_len = 1; 726 msg->msg.data = msg->msg_data; 727 deliver_response(msg); 728 } 729 730 /* 731 * Find the next sequence number not being used and add the given 732 * message with the given timeout to the sequence table. This must be 733 * called with the interface's seq_lock held. 734 */ 735 static int intf_next_seq(ipmi_smi_t intf, 736 struct ipmi_recv_msg *recv_msg, 737 unsigned long timeout, 738 int retries, 739 int broadcast, 740 unsigned char *seq, 741 long *seqid) 742 { 743 int rv = 0; 744 unsigned int i; 745 746 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq; 747 i = (i+1)%IPMI_IPMB_NUM_SEQ) { 748 if (!intf->seq_table[i].inuse) 749 break; 750 } 751 752 if (!intf->seq_table[i].inuse) { 753 intf->seq_table[i].recv_msg = recv_msg; 754 755 /* 756 * Start with the maximum timeout, when the send response 757 * comes in we will start the real timer. 758 */ 759 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT; 760 intf->seq_table[i].orig_timeout = timeout; 761 intf->seq_table[i].retries_left = retries; 762 intf->seq_table[i].broadcast = broadcast; 763 intf->seq_table[i].inuse = 1; 764 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid); 765 *seq = i; 766 *seqid = intf->seq_table[i].seqid; 767 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ; 768 } else { 769 rv = -EAGAIN; 770 } 771 772 return rv; 773 } 774 775 /* 776 * Return the receive message for the given sequence number and 777 * release the sequence number so it can be reused. Some other data 778 * is passed in to be sure the message matches up correctly (to help 779 * guard against message coming in after their timeout and the 780 * sequence number being reused). 781 */ 782 static int intf_find_seq(ipmi_smi_t intf, 783 unsigned char seq, 784 short channel, 785 unsigned char cmd, 786 unsigned char netfn, 787 struct ipmi_addr *addr, 788 struct ipmi_recv_msg **recv_msg) 789 { 790 int rv = -ENODEV; 791 unsigned long flags; 792 793 if (seq >= IPMI_IPMB_NUM_SEQ) 794 return -EINVAL; 795 796 spin_lock_irqsave(&(intf->seq_lock), flags); 797 if (intf->seq_table[seq].inuse) { 798 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg; 799 800 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd) 801 && (msg->msg.netfn == netfn) 802 && (ipmi_addr_equal(addr, &(msg->addr)))) { 803 *recv_msg = msg; 804 intf->seq_table[seq].inuse = 0; 805 rv = 0; 806 } 807 } 808 spin_unlock_irqrestore(&(intf->seq_lock), flags); 809 810 return rv; 811 } 812 813 814 /* Start the timer for a specific sequence table entry. */ 815 static int intf_start_seq_timer(ipmi_smi_t intf, 816 long msgid) 817 { 818 int rv = -ENODEV; 819 unsigned long flags; 820 unsigned char seq; 821 unsigned long seqid; 822 823 824 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 825 826 spin_lock_irqsave(&(intf->seq_lock), flags); 827 /* 828 * We do this verification because the user can be deleted 829 * while a message is outstanding. 830 */ 831 if ((intf->seq_table[seq].inuse) 832 && (intf->seq_table[seq].seqid == seqid)) { 833 struct seq_table *ent = &(intf->seq_table[seq]); 834 ent->timeout = ent->orig_timeout; 835 rv = 0; 836 } 837 spin_unlock_irqrestore(&(intf->seq_lock), flags); 838 839 return rv; 840 } 841 842 /* Got an error for the send message for a specific sequence number. */ 843 static int intf_err_seq(ipmi_smi_t intf, 844 long msgid, 845 unsigned int err) 846 { 847 int rv = -ENODEV; 848 unsigned long flags; 849 unsigned char seq; 850 unsigned long seqid; 851 struct ipmi_recv_msg *msg = NULL; 852 853 854 GET_SEQ_FROM_MSGID(msgid, seq, seqid); 855 856 spin_lock_irqsave(&(intf->seq_lock), flags); 857 /* 858 * We do this verification because the user can be deleted 859 * while a message is outstanding. 860 */ 861 if ((intf->seq_table[seq].inuse) 862 && (intf->seq_table[seq].seqid == seqid)) { 863 struct seq_table *ent = &(intf->seq_table[seq]); 864 865 ent->inuse = 0; 866 msg = ent->recv_msg; 867 rv = 0; 868 } 869 spin_unlock_irqrestore(&(intf->seq_lock), flags); 870 871 if (msg) 872 deliver_err_response(msg, err); 873 874 return rv; 875 } 876 877 878 int ipmi_create_user(unsigned int if_num, 879 struct ipmi_user_hndl *handler, 880 void *handler_data, 881 ipmi_user_t *user) 882 { 883 unsigned long flags; 884 ipmi_user_t new_user; 885 int rv = 0; 886 ipmi_smi_t intf; 887 888 /* 889 * There is no module usecount here, because it's not 890 * required. Since this can only be used by and called from 891 * other modules, they will implicitly use this module, and 892 * thus this can't be removed unless the other modules are 893 * removed. 894 */ 895 896 if (handler == NULL) 897 return -EINVAL; 898 899 /* 900 * Make sure the driver is actually initialized, this handles 901 * problems with initialization order. 902 */ 903 if (!initialized) { 904 rv = ipmi_init_msghandler(); 905 if (rv) 906 return rv; 907 908 /* 909 * The init code doesn't return an error if it was turned 910 * off, but it won't initialize. Check that. 911 */ 912 if (!initialized) 913 return -ENODEV; 914 } 915 916 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL); 917 if (!new_user) 918 return -ENOMEM; 919 920 mutex_lock(&ipmi_interfaces_mutex); 921 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 922 if (intf->intf_num == if_num) 923 goto found; 924 } 925 /* Not found, return an error */ 926 rv = -EINVAL; 927 goto out_kfree; 928 929 found: 930 /* Note that each existing user holds a refcount to the interface. */ 931 kref_get(&intf->refcount); 932 933 kref_init(&new_user->refcount); 934 new_user->handler = handler; 935 new_user->handler_data = handler_data; 936 new_user->intf = intf; 937 new_user->gets_events = 0; 938 939 if (!try_module_get(intf->handlers->owner)) { 940 rv = -ENODEV; 941 goto out_kref; 942 } 943 944 if (intf->handlers->inc_usecount) { 945 rv = intf->handlers->inc_usecount(intf->send_info); 946 if (rv) { 947 module_put(intf->handlers->owner); 948 goto out_kref; 949 } 950 } 951 952 /* 953 * Hold the lock so intf->handlers is guaranteed to be good 954 * until now 955 */ 956 mutex_unlock(&ipmi_interfaces_mutex); 957 958 new_user->valid = 1; 959 spin_lock_irqsave(&intf->seq_lock, flags); 960 list_add_rcu(&new_user->link, &intf->users); 961 spin_unlock_irqrestore(&intf->seq_lock, flags); 962 *user = new_user; 963 return 0; 964 965 out_kref: 966 kref_put(&intf->refcount, intf_free); 967 out_kfree: 968 mutex_unlock(&ipmi_interfaces_mutex); 969 kfree(new_user); 970 return rv; 971 } 972 EXPORT_SYMBOL(ipmi_create_user); 973 974 int ipmi_get_smi_info(int if_num, struct ipmi_smi_info *data) 975 { 976 int rv = 0; 977 ipmi_smi_t intf; 978 struct ipmi_smi_handlers *handlers; 979 980 mutex_lock(&ipmi_interfaces_mutex); 981 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 982 if (intf->intf_num == if_num) 983 goto found; 984 } 985 /* Not found, return an error */ 986 rv = -EINVAL; 987 mutex_unlock(&ipmi_interfaces_mutex); 988 return rv; 989 990 found: 991 handlers = intf->handlers; 992 rv = -ENOSYS; 993 if (handlers->get_smi_info) 994 rv = handlers->get_smi_info(intf->send_info, data); 995 mutex_unlock(&ipmi_interfaces_mutex); 996 997 return rv; 998 } 999 EXPORT_SYMBOL(ipmi_get_smi_info); 1000 1001 static void free_user(struct kref *ref) 1002 { 1003 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount); 1004 kfree(user); 1005 } 1006 1007 int ipmi_destroy_user(ipmi_user_t user) 1008 { 1009 ipmi_smi_t intf = user->intf; 1010 int i; 1011 unsigned long flags; 1012 struct cmd_rcvr *rcvr; 1013 struct cmd_rcvr *rcvrs = NULL; 1014 1015 user->valid = 0; 1016 1017 /* Remove the user from the interface's sequence table. */ 1018 spin_lock_irqsave(&intf->seq_lock, flags); 1019 list_del_rcu(&user->link); 1020 1021 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 1022 if (intf->seq_table[i].inuse 1023 && (intf->seq_table[i].recv_msg->user == user)) { 1024 intf->seq_table[i].inuse = 0; 1025 ipmi_free_recv_msg(intf->seq_table[i].recv_msg); 1026 } 1027 } 1028 spin_unlock_irqrestore(&intf->seq_lock, flags); 1029 1030 /* 1031 * Remove the user from the command receiver's table. First 1032 * we build a list of everything (not using the standard link, 1033 * since other things may be using it till we do 1034 * synchronize_rcu()) then free everything in that list. 1035 */ 1036 mutex_lock(&intf->cmd_rcvrs_mutex); 1037 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1038 if (rcvr->user == user) { 1039 list_del_rcu(&rcvr->link); 1040 rcvr->next = rcvrs; 1041 rcvrs = rcvr; 1042 } 1043 } 1044 mutex_unlock(&intf->cmd_rcvrs_mutex); 1045 synchronize_rcu(); 1046 while (rcvrs) { 1047 rcvr = rcvrs; 1048 rcvrs = rcvr->next; 1049 kfree(rcvr); 1050 } 1051 1052 mutex_lock(&ipmi_interfaces_mutex); 1053 if (intf->handlers) { 1054 module_put(intf->handlers->owner); 1055 if (intf->handlers->dec_usecount) 1056 intf->handlers->dec_usecount(intf->send_info); 1057 } 1058 mutex_unlock(&ipmi_interfaces_mutex); 1059 1060 kref_put(&intf->refcount, intf_free); 1061 1062 kref_put(&user->refcount, free_user); 1063 1064 return 0; 1065 } 1066 EXPORT_SYMBOL(ipmi_destroy_user); 1067 1068 void ipmi_get_version(ipmi_user_t user, 1069 unsigned char *major, 1070 unsigned char *minor) 1071 { 1072 *major = user->intf->ipmi_version_major; 1073 *minor = user->intf->ipmi_version_minor; 1074 } 1075 EXPORT_SYMBOL(ipmi_get_version); 1076 1077 int ipmi_set_my_address(ipmi_user_t user, 1078 unsigned int channel, 1079 unsigned char address) 1080 { 1081 if (channel >= IPMI_MAX_CHANNELS) 1082 return -EINVAL; 1083 user->intf->channels[channel].address = address; 1084 return 0; 1085 } 1086 EXPORT_SYMBOL(ipmi_set_my_address); 1087 1088 int ipmi_get_my_address(ipmi_user_t user, 1089 unsigned int channel, 1090 unsigned char *address) 1091 { 1092 if (channel >= IPMI_MAX_CHANNELS) 1093 return -EINVAL; 1094 *address = user->intf->channels[channel].address; 1095 return 0; 1096 } 1097 EXPORT_SYMBOL(ipmi_get_my_address); 1098 1099 int ipmi_set_my_LUN(ipmi_user_t user, 1100 unsigned int channel, 1101 unsigned char LUN) 1102 { 1103 if (channel >= IPMI_MAX_CHANNELS) 1104 return -EINVAL; 1105 user->intf->channels[channel].lun = LUN & 0x3; 1106 return 0; 1107 } 1108 EXPORT_SYMBOL(ipmi_set_my_LUN); 1109 1110 int ipmi_get_my_LUN(ipmi_user_t user, 1111 unsigned int channel, 1112 unsigned char *address) 1113 { 1114 if (channel >= IPMI_MAX_CHANNELS) 1115 return -EINVAL; 1116 *address = user->intf->channels[channel].lun; 1117 return 0; 1118 } 1119 EXPORT_SYMBOL(ipmi_get_my_LUN); 1120 1121 int ipmi_get_maintenance_mode(ipmi_user_t user) 1122 { 1123 int mode; 1124 unsigned long flags; 1125 1126 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags); 1127 mode = user->intf->maintenance_mode; 1128 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags); 1129 1130 return mode; 1131 } 1132 EXPORT_SYMBOL(ipmi_get_maintenance_mode); 1133 1134 static void maintenance_mode_update(ipmi_smi_t intf) 1135 { 1136 if (intf->handlers->set_maintenance_mode) 1137 intf->handlers->set_maintenance_mode( 1138 intf->send_info, intf->maintenance_mode_enable); 1139 } 1140 1141 int ipmi_set_maintenance_mode(ipmi_user_t user, int mode) 1142 { 1143 int rv = 0; 1144 unsigned long flags; 1145 ipmi_smi_t intf = user->intf; 1146 1147 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1148 if (intf->maintenance_mode != mode) { 1149 switch (mode) { 1150 case IPMI_MAINTENANCE_MODE_AUTO: 1151 intf->maintenance_mode = mode; 1152 intf->maintenance_mode_enable 1153 = (intf->auto_maintenance_timeout > 0); 1154 break; 1155 1156 case IPMI_MAINTENANCE_MODE_OFF: 1157 intf->maintenance_mode = mode; 1158 intf->maintenance_mode_enable = 0; 1159 break; 1160 1161 case IPMI_MAINTENANCE_MODE_ON: 1162 intf->maintenance_mode = mode; 1163 intf->maintenance_mode_enable = 1; 1164 break; 1165 1166 default: 1167 rv = -EINVAL; 1168 goto out_unlock; 1169 } 1170 1171 maintenance_mode_update(intf); 1172 } 1173 out_unlock: 1174 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags); 1175 1176 return rv; 1177 } 1178 EXPORT_SYMBOL(ipmi_set_maintenance_mode); 1179 1180 int ipmi_set_gets_events(ipmi_user_t user, int val) 1181 { 1182 unsigned long flags; 1183 ipmi_smi_t intf = user->intf; 1184 struct ipmi_recv_msg *msg, *msg2; 1185 struct list_head msgs; 1186 1187 INIT_LIST_HEAD(&msgs); 1188 1189 spin_lock_irqsave(&intf->events_lock, flags); 1190 user->gets_events = val; 1191 1192 if (intf->delivering_events) 1193 /* 1194 * Another thread is delivering events for this, so 1195 * let it handle any new events. 1196 */ 1197 goto out; 1198 1199 /* Deliver any queued events. */ 1200 while (user->gets_events && !list_empty(&intf->waiting_events)) { 1201 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link) 1202 list_move_tail(&msg->link, &msgs); 1203 intf->waiting_events_count = 0; 1204 if (intf->event_msg_printed) { 1205 printk(KERN_WARNING PFX "Event queue no longer" 1206 " full\n"); 1207 intf->event_msg_printed = 0; 1208 } 1209 1210 intf->delivering_events = 1; 1211 spin_unlock_irqrestore(&intf->events_lock, flags); 1212 1213 list_for_each_entry_safe(msg, msg2, &msgs, link) { 1214 msg->user = user; 1215 kref_get(&user->refcount); 1216 deliver_response(msg); 1217 } 1218 1219 spin_lock_irqsave(&intf->events_lock, flags); 1220 intf->delivering_events = 0; 1221 } 1222 1223 out: 1224 spin_unlock_irqrestore(&intf->events_lock, flags); 1225 1226 return 0; 1227 } 1228 EXPORT_SYMBOL(ipmi_set_gets_events); 1229 1230 static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf, 1231 unsigned char netfn, 1232 unsigned char cmd, 1233 unsigned char chan) 1234 { 1235 struct cmd_rcvr *rcvr; 1236 1237 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1238 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1239 && (rcvr->chans & (1 << chan))) 1240 return rcvr; 1241 } 1242 return NULL; 1243 } 1244 1245 static int is_cmd_rcvr_exclusive(ipmi_smi_t intf, 1246 unsigned char netfn, 1247 unsigned char cmd, 1248 unsigned int chans) 1249 { 1250 struct cmd_rcvr *rcvr; 1251 1252 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) { 1253 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd) 1254 && (rcvr->chans & chans)) 1255 return 0; 1256 } 1257 return 1; 1258 } 1259 1260 int ipmi_register_for_cmd(ipmi_user_t user, 1261 unsigned char netfn, 1262 unsigned char cmd, 1263 unsigned int chans) 1264 { 1265 ipmi_smi_t intf = user->intf; 1266 struct cmd_rcvr *rcvr; 1267 int rv = 0; 1268 1269 1270 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL); 1271 if (!rcvr) 1272 return -ENOMEM; 1273 rcvr->cmd = cmd; 1274 rcvr->netfn = netfn; 1275 rcvr->chans = chans; 1276 rcvr->user = user; 1277 1278 mutex_lock(&intf->cmd_rcvrs_mutex); 1279 /* Make sure the command/netfn is not already registered. */ 1280 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) { 1281 rv = -EBUSY; 1282 goto out_unlock; 1283 } 1284 1285 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs); 1286 1287 out_unlock: 1288 mutex_unlock(&intf->cmd_rcvrs_mutex); 1289 if (rv) 1290 kfree(rcvr); 1291 1292 return rv; 1293 } 1294 EXPORT_SYMBOL(ipmi_register_for_cmd); 1295 1296 int ipmi_unregister_for_cmd(ipmi_user_t user, 1297 unsigned char netfn, 1298 unsigned char cmd, 1299 unsigned int chans) 1300 { 1301 ipmi_smi_t intf = user->intf; 1302 struct cmd_rcvr *rcvr; 1303 struct cmd_rcvr *rcvrs = NULL; 1304 int i, rv = -ENOENT; 1305 1306 mutex_lock(&intf->cmd_rcvrs_mutex); 1307 for (i = 0; i < IPMI_NUM_CHANNELS; i++) { 1308 if (((1 << i) & chans) == 0) 1309 continue; 1310 rcvr = find_cmd_rcvr(intf, netfn, cmd, i); 1311 if (rcvr == NULL) 1312 continue; 1313 if (rcvr->user == user) { 1314 rv = 0; 1315 rcvr->chans &= ~chans; 1316 if (rcvr->chans == 0) { 1317 list_del_rcu(&rcvr->link); 1318 rcvr->next = rcvrs; 1319 rcvrs = rcvr; 1320 } 1321 } 1322 } 1323 mutex_unlock(&intf->cmd_rcvrs_mutex); 1324 synchronize_rcu(); 1325 while (rcvrs) { 1326 rcvr = rcvrs; 1327 rcvrs = rcvr->next; 1328 kfree(rcvr); 1329 } 1330 return rv; 1331 } 1332 EXPORT_SYMBOL(ipmi_unregister_for_cmd); 1333 1334 static unsigned char 1335 ipmb_checksum(unsigned char *data, int size) 1336 { 1337 unsigned char csum = 0; 1338 1339 for (; size > 0; size--, data++) 1340 csum += *data; 1341 1342 return -csum; 1343 } 1344 1345 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg, 1346 struct kernel_ipmi_msg *msg, 1347 struct ipmi_ipmb_addr *ipmb_addr, 1348 long msgid, 1349 unsigned char ipmb_seq, 1350 int broadcast, 1351 unsigned char source_address, 1352 unsigned char source_lun) 1353 { 1354 int i = broadcast; 1355 1356 /* Format the IPMB header data. */ 1357 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1358 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1359 smi_msg->data[2] = ipmb_addr->channel; 1360 if (broadcast) 1361 smi_msg->data[3] = 0; 1362 smi_msg->data[i+3] = ipmb_addr->slave_addr; 1363 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3); 1364 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2); 1365 smi_msg->data[i+6] = source_address; 1366 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun; 1367 smi_msg->data[i+8] = msg->cmd; 1368 1369 /* Now tack on the data to the message. */ 1370 if (msg->data_len > 0) 1371 memcpy(&(smi_msg->data[i+9]), msg->data, 1372 msg->data_len); 1373 smi_msg->data_size = msg->data_len + 9; 1374 1375 /* Now calculate the checksum and tack it on. */ 1376 smi_msg->data[i+smi_msg->data_size] 1377 = ipmb_checksum(&(smi_msg->data[i+6]), 1378 smi_msg->data_size-6); 1379 1380 /* 1381 * Add on the checksum size and the offset from the 1382 * broadcast. 1383 */ 1384 smi_msg->data_size += 1 + i; 1385 1386 smi_msg->msgid = msgid; 1387 } 1388 1389 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg, 1390 struct kernel_ipmi_msg *msg, 1391 struct ipmi_lan_addr *lan_addr, 1392 long msgid, 1393 unsigned char ipmb_seq, 1394 unsigned char source_lun) 1395 { 1396 /* Format the IPMB header data. */ 1397 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 1398 smi_msg->data[1] = IPMI_SEND_MSG_CMD; 1399 smi_msg->data[2] = lan_addr->channel; 1400 smi_msg->data[3] = lan_addr->session_handle; 1401 smi_msg->data[4] = lan_addr->remote_SWID; 1402 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3); 1403 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2); 1404 smi_msg->data[7] = lan_addr->local_SWID; 1405 smi_msg->data[8] = (ipmb_seq << 2) | source_lun; 1406 smi_msg->data[9] = msg->cmd; 1407 1408 /* Now tack on the data to the message. */ 1409 if (msg->data_len > 0) 1410 memcpy(&(smi_msg->data[10]), msg->data, 1411 msg->data_len); 1412 smi_msg->data_size = msg->data_len + 10; 1413 1414 /* Now calculate the checksum and tack it on. */ 1415 smi_msg->data[smi_msg->data_size] 1416 = ipmb_checksum(&(smi_msg->data[7]), 1417 smi_msg->data_size-7); 1418 1419 /* 1420 * Add on the checksum size and the offset from the 1421 * broadcast. 1422 */ 1423 smi_msg->data_size += 1; 1424 1425 smi_msg->msgid = msgid; 1426 } 1427 1428 /* 1429 * Separate from ipmi_request so that the user does not have to be 1430 * supplied in certain circumstances (mainly at panic time). If 1431 * messages are supplied, they will be freed, even if an error 1432 * occurs. 1433 */ 1434 static int i_ipmi_request(ipmi_user_t user, 1435 ipmi_smi_t intf, 1436 struct ipmi_addr *addr, 1437 long msgid, 1438 struct kernel_ipmi_msg *msg, 1439 void *user_msg_data, 1440 void *supplied_smi, 1441 struct ipmi_recv_msg *supplied_recv, 1442 int priority, 1443 unsigned char source_address, 1444 unsigned char source_lun, 1445 int retries, 1446 unsigned int retry_time_ms) 1447 { 1448 int rv = 0; 1449 struct ipmi_smi_msg *smi_msg; 1450 struct ipmi_recv_msg *recv_msg; 1451 unsigned long flags; 1452 struct ipmi_smi_handlers *handlers; 1453 1454 1455 if (supplied_recv) 1456 recv_msg = supplied_recv; 1457 else { 1458 recv_msg = ipmi_alloc_recv_msg(); 1459 if (recv_msg == NULL) 1460 return -ENOMEM; 1461 } 1462 recv_msg->user_msg_data = user_msg_data; 1463 1464 if (supplied_smi) 1465 smi_msg = (struct ipmi_smi_msg *) supplied_smi; 1466 else { 1467 smi_msg = ipmi_alloc_smi_msg(); 1468 if (smi_msg == NULL) { 1469 ipmi_free_recv_msg(recv_msg); 1470 return -ENOMEM; 1471 } 1472 } 1473 1474 rcu_read_lock(); 1475 handlers = intf->handlers; 1476 if (!handlers) { 1477 rv = -ENODEV; 1478 goto out_err; 1479 } 1480 1481 recv_msg->user = user; 1482 if (user) 1483 kref_get(&user->refcount); 1484 recv_msg->msgid = msgid; 1485 /* 1486 * Store the message to send in the receive message so timeout 1487 * responses can get the proper response data. 1488 */ 1489 recv_msg->msg = *msg; 1490 1491 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) { 1492 struct ipmi_system_interface_addr *smi_addr; 1493 1494 if (msg->netfn & 1) { 1495 /* Responses are not allowed to the SMI. */ 1496 rv = -EINVAL; 1497 goto out_err; 1498 } 1499 1500 smi_addr = (struct ipmi_system_interface_addr *) addr; 1501 if (smi_addr->lun > 3) { 1502 ipmi_inc_stat(intf, sent_invalid_commands); 1503 rv = -EINVAL; 1504 goto out_err; 1505 } 1506 1507 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr)); 1508 1509 if ((msg->netfn == IPMI_NETFN_APP_REQUEST) 1510 && ((msg->cmd == IPMI_SEND_MSG_CMD) 1511 || (msg->cmd == IPMI_GET_MSG_CMD) 1512 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) { 1513 /* 1514 * We don't let the user do these, since we manage 1515 * the sequence numbers. 1516 */ 1517 ipmi_inc_stat(intf, sent_invalid_commands); 1518 rv = -EINVAL; 1519 goto out_err; 1520 } 1521 1522 if (((msg->netfn == IPMI_NETFN_APP_REQUEST) 1523 && ((msg->cmd == IPMI_COLD_RESET_CMD) 1524 || (msg->cmd == IPMI_WARM_RESET_CMD))) 1525 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST)) { 1526 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 1527 intf->auto_maintenance_timeout 1528 = IPMI_MAINTENANCE_MODE_TIMEOUT; 1529 if (!intf->maintenance_mode 1530 && !intf->maintenance_mode_enable) { 1531 intf->maintenance_mode_enable = 1; 1532 maintenance_mode_update(intf); 1533 } 1534 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 1535 flags); 1536 } 1537 1538 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) { 1539 ipmi_inc_stat(intf, sent_invalid_commands); 1540 rv = -EMSGSIZE; 1541 goto out_err; 1542 } 1543 1544 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3); 1545 smi_msg->data[1] = msg->cmd; 1546 smi_msg->msgid = msgid; 1547 smi_msg->user_data = recv_msg; 1548 if (msg->data_len > 0) 1549 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len); 1550 smi_msg->data_size = msg->data_len + 2; 1551 ipmi_inc_stat(intf, sent_local_commands); 1552 } else if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) { 1553 struct ipmi_ipmb_addr *ipmb_addr; 1554 unsigned char ipmb_seq; 1555 long seqid; 1556 int broadcast = 0; 1557 1558 if (addr->channel >= IPMI_MAX_CHANNELS) { 1559 ipmi_inc_stat(intf, sent_invalid_commands); 1560 rv = -EINVAL; 1561 goto out_err; 1562 } 1563 1564 if (intf->channels[addr->channel].medium 1565 != IPMI_CHANNEL_MEDIUM_IPMB) { 1566 ipmi_inc_stat(intf, sent_invalid_commands); 1567 rv = -EINVAL; 1568 goto out_err; 1569 } 1570 1571 if (retries < 0) { 1572 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) 1573 retries = 0; /* Don't retry broadcasts. */ 1574 else 1575 retries = 4; 1576 } 1577 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) { 1578 /* 1579 * Broadcasts add a zero at the beginning of the 1580 * message, but otherwise is the same as an IPMB 1581 * address. 1582 */ 1583 addr->addr_type = IPMI_IPMB_ADDR_TYPE; 1584 broadcast = 1; 1585 } 1586 1587 1588 /* Default to 1 second retries. */ 1589 if (retry_time_ms == 0) 1590 retry_time_ms = 1000; 1591 1592 /* 1593 * 9 for the header and 1 for the checksum, plus 1594 * possibly one for the broadcast. 1595 */ 1596 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) { 1597 ipmi_inc_stat(intf, sent_invalid_commands); 1598 rv = -EMSGSIZE; 1599 goto out_err; 1600 } 1601 1602 ipmb_addr = (struct ipmi_ipmb_addr *) addr; 1603 if (ipmb_addr->lun > 3) { 1604 ipmi_inc_stat(intf, sent_invalid_commands); 1605 rv = -EINVAL; 1606 goto out_err; 1607 } 1608 1609 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr)); 1610 1611 if (recv_msg->msg.netfn & 0x1) { 1612 /* 1613 * It's a response, so use the user's sequence 1614 * from msgid. 1615 */ 1616 ipmi_inc_stat(intf, sent_ipmb_responses); 1617 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid, 1618 msgid, broadcast, 1619 source_address, source_lun); 1620 1621 /* 1622 * Save the receive message so we can use it 1623 * to deliver the response. 1624 */ 1625 smi_msg->user_data = recv_msg; 1626 } else { 1627 /* It's a command, so get a sequence for it. */ 1628 1629 spin_lock_irqsave(&(intf->seq_lock), flags); 1630 1631 /* 1632 * Create a sequence number with a 1 second 1633 * timeout and 4 retries. 1634 */ 1635 rv = intf_next_seq(intf, 1636 recv_msg, 1637 retry_time_ms, 1638 retries, 1639 broadcast, 1640 &ipmb_seq, 1641 &seqid); 1642 if (rv) { 1643 /* 1644 * We have used up all the sequence numbers, 1645 * probably, so abort. 1646 */ 1647 spin_unlock_irqrestore(&(intf->seq_lock), 1648 flags); 1649 goto out_err; 1650 } 1651 1652 ipmi_inc_stat(intf, sent_ipmb_commands); 1653 1654 /* 1655 * Store the sequence number in the message, 1656 * so that when the send message response 1657 * comes back we can start the timer. 1658 */ 1659 format_ipmb_msg(smi_msg, msg, ipmb_addr, 1660 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1661 ipmb_seq, broadcast, 1662 source_address, source_lun); 1663 1664 /* 1665 * Copy the message into the recv message data, so we 1666 * can retransmit it later if necessary. 1667 */ 1668 memcpy(recv_msg->msg_data, smi_msg->data, 1669 smi_msg->data_size); 1670 recv_msg->msg.data = recv_msg->msg_data; 1671 recv_msg->msg.data_len = smi_msg->data_size; 1672 1673 /* 1674 * We don't unlock until here, because we need 1675 * to copy the completed message into the 1676 * recv_msg before we release the lock. 1677 * Otherwise, race conditions may bite us. I 1678 * know that's pretty paranoid, but I prefer 1679 * to be correct. 1680 */ 1681 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1682 } 1683 } else if (is_lan_addr(addr)) { 1684 struct ipmi_lan_addr *lan_addr; 1685 unsigned char ipmb_seq; 1686 long seqid; 1687 1688 if (addr->channel >= IPMI_MAX_CHANNELS) { 1689 ipmi_inc_stat(intf, sent_invalid_commands); 1690 rv = -EINVAL; 1691 goto out_err; 1692 } 1693 1694 if ((intf->channels[addr->channel].medium 1695 != IPMI_CHANNEL_MEDIUM_8023LAN) 1696 && (intf->channels[addr->channel].medium 1697 != IPMI_CHANNEL_MEDIUM_ASYNC)) { 1698 ipmi_inc_stat(intf, sent_invalid_commands); 1699 rv = -EINVAL; 1700 goto out_err; 1701 } 1702 1703 retries = 4; 1704 1705 /* Default to 1 second retries. */ 1706 if (retry_time_ms == 0) 1707 retry_time_ms = 1000; 1708 1709 /* 11 for the header and 1 for the checksum. */ 1710 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) { 1711 ipmi_inc_stat(intf, sent_invalid_commands); 1712 rv = -EMSGSIZE; 1713 goto out_err; 1714 } 1715 1716 lan_addr = (struct ipmi_lan_addr *) addr; 1717 if (lan_addr->lun > 3) { 1718 ipmi_inc_stat(intf, sent_invalid_commands); 1719 rv = -EINVAL; 1720 goto out_err; 1721 } 1722 1723 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr)); 1724 1725 if (recv_msg->msg.netfn & 0x1) { 1726 /* 1727 * It's a response, so use the user's sequence 1728 * from msgid. 1729 */ 1730 ipmi_inc_stat(intf, sent_lan_responses); 1731 format_lan_msg(smi_msg, msg, lan_addr, msgid, 1732 msgid, source_lun); 1733 1734 /* 1735 * Save the receive message so we can use it 1736 * to deliver the response. 1737 */ 1738 smi_msg->user_data = recv_msg; 1739 } else { 1740 /* It's a command, so get a sequence for it. */ 1741 1742 spin_lock_irqsave(&(intf->seq_lock), flags); 1743 1744 /* 1745 * Create a sequence number with a 1 second 1746 * timeout and 4 retries. 1747 */ 1748 rv = intf_next_seq(intf, 1749 recv_msg, 1750 retry_time_ms, 1751 retries, 1752 0, 1753 &ipmb_seq, 1754 &seqid); 1755 if (rv) { 1756 /* 1757 * We have used up all the sequence numbers, 1758 * probably, so abort. 1759 */ 1760 spin_unlock_irqrestore(&(intf->seq_lock), 1761 flags); 1762 goto out_err; 1763 } 1764 1765 ipmi_inc_stat(intf, sent_lan_commands); 1766 1767 /* 1768 * Store the sequence number in the message, 1769 * so that when the send message response 1770 * comes back we can start the timer. 1771 */ 1772 format_lan_msg(smi_msg, msg, lan_addr, 1773 STORE_SEQ_IN_MSGID(ipmb_seq, seqid), 1774 ipmb_seq, source_lun); 1775 1776 /* 1777 * Copy the message into the recv message data, so we 1778 * can retransmit it later if necessary. 1779 */ 1780 memcpy(recv_msg->msg_data, smi_msg->data, 1781 smi_msg->data_size); 1782 recv_msg->msg.data = recv_msg->msg_data; 1783 recv_msg->msg.data_len = smi_msg->data_size; 1784 1785 /* 1786 * We don't unlock until here, because we need 1787 * to copy the completed message into the 1788 * recv_msg before we release the lock. 1789 * Otherwise, race conditions may bite us. I 1790 * know that's pretty paranoid, but I prefer 1791 * to be correct. 1792 */ 1793 spin_unlock_irqrestore(&(intf->seq_lock), flags); 1794 } 1795 } else { 1796 /* Unknown address type. */ 1797 ipmi_inc_stat(intf, sent_invalid_commands); 1798 rv = -EINVAL; 1799 goto out_err; 1800 } 1801 1802 #ifdef DEBUG_MSGING 1803 { 1804 int m; 1805 for (m = 0; m < smi_msg->data_size; m++) 1806 printk(" %2.2x", smi_msg->data[m]); 1807 printk("\n"); 1808 } 1809 #endif 1810 1811 handlers->sender(intf->send_info, smi_msg, priority); 1812 rcu_read_unlock(); 1813 1814 return 0; 1815 1816 out_err: 1817 rcu_read_unlock(); 1818 ipmi_free_smi_msg(smi_msg); 1819 ipmi_free_recv_msg(recv_msg); 1820 return rv; 1821 } 1822 1823 static int check_addr(ipmi_smi_t intf, 1824 struct ipmi_addr *addr, 1825 unsigned char *saddr, 1826 unsigned char *lun) 1827 { 1828 if (addr->channel >= IPMI_MAX_CHANNELS) 1829 return -EINVAL; 1830 *lun = intf->channels[addr->channel].lun; 1831 *saddr = intf->channels[addr->channel].address; 1832 return 0; 1833 } 1834 1835 int ipmi_request_settime(ipmi_user_t user, 1836 struct ipmi_addr *addr, 1837 long msgid, 1838 struct kernel_ipmi_msg *msg, 1839 void *user_msg_data, 1840 int priority, 1841 int retries, 1842 unsigned int retry_time_ms) 1843 { 1844 unsigned char saddr, lun; 1845 int rv; 1846 1847 if (!user) 1848 return -EINVAL; 1849 rv = check_addr(user->intf, addr, &saddr, &lun); 1850 if (rv) 1851 return rv; 1852 return i_ipmi_request(user, 1853 user->intf, 1854 addr, 1855 msgid, 1856 msg, 1857 user_msg_data, 1858 NULL, NULL, 1859 priority, 1860 saddr, 1861 lun, 1862 retries, 1863 retry_time_ms); 1864 } 1865 EXPORT_SYMBOL(ipmi_request_settime); 1866 1867 int ipmi_request_supply_msgs(ipmi_user_t user, 1868 struct ipmi_addr *addr, 1869 long msgid, 1870 struct kernel_ipmi_msg *msg, 1871 void *user_msg_data, 1872 void *supplied_smi, 1873 struct ipmi_recv_msg *supplied_recv, 1874 int priority) 1875 { 1876 unsigned char saddr, lun; 1877 int rv; 1878 1879 if (!user) 1880 return -EINVAL; 1881 rv = check_addr(user->intf, addr, &saddr, &lun); 1882 if (rv) 1883 return rv; 1884 return i_ipmi_request(user, 1885 user->intf, 1886 addr, 1887 msgid, 1888 msg, 1889 user_msg_data, 1890 supplied_smi, 1891 supplied_recv, 1892 priority, 1893 saddr, 1894 lun, 1895 -1, 0); 1896 } 1897 EXPORT_SYMBOL(ipmi_request_supply_msgs); 1898 1899 #ifdef CONFIG_PROC_FS 1900 static int smi_ipmb_proc_show(struct seq_file *m, void *v) 1901 { 1902 ipmi_smi_t intf = m->private; 1903 int i; 1904 1905 seq_printf(m, "%x", intf->channels[0].address); 1906 for (i = 1; i < IPMI_MAX_CHANNELS; i++) 1907 seq_printf(m, " %x", intf->channels[i].address); 1908 return seq_putc(m, '\n'); 1909 } 1910 1911 static int smi_ipmb_proc_open(struct inode *inode, struct file *file) 1912 { 1913 return single_open(file, smi_ipmb_proc_show, PDE(inode)->data); 1914 } 1915 1916 static const struct file_operations smi_ipmb_proc_ops = { 1917 .open = smi_ipmb_proc_open, 1918 .read = seq_read, 1919 .llseek = seq_lseek, 1920 .release = single_release, 1921 }; 1922 1923 static int smi_version_proc_show(struct seq_file *m, void *v) 1924 { 1925 ipmi_smi_t intf = m->private; 1926 1927 return seq_printf(m, "%u.%u\n", 1928 ipmi_version_major(&intf->bmc->id), 1929 ipmi_version_minor(&intf->bmc->id)); 1930 } 1931 1932 static int smi_version_proc_open(struct inode *inode, struct file *file) 1933 { 1934 return single_open(file, smi_version_proc_show, PDE(inode)->data); 1935 } 1936 1937 static const struct file_operations smi_version_proc_ops = { 1938 .open = smi_version_proc_open, 1939 .read = seq_read, 1940 .llseek = seq_lseek, 1941 .release = single_release, 1942 }; 1943 1944 static int smi_stats_proc_show(struct seq_file *m, void *v) 1945 { 1946 ipmi_smi_t intf = m->private; 1947 1948 seq_printf(m, "sent_invalid_commands: %u\n", 1949 ipmi_get_stat(intf, sent_invalid_commands)); 1950 seq_printf(m, "sent_local_commands: %u\n", 1951 ipmi_get_stat(intf, sent_local_commands)); 1952 seq_printf(m, "handled_local_responses: %u\n", 1953 ipmi_get_stat(intf, handled_local_responses)); 1954 seq_printf(m, "unhandled_local_responses: %u\n", 1955 ipmi_get_stat(intf, unhandled_local_responses)); 1956 seq_printf(m, "sent_ipmb_commands: %u\n", 1957 ipmi_get_stat(intf, sent_ipmb_commands)); 1958 seq_printf(m, "sent_ipmb_command_errs: %u\n", 1959 ipmi_get_stat(intf, sent_ipmb_command_errs)); 1960 seq_printf(m, "retransmitted_ipmb_commands: %u\n", 1961 ipmi_get_stat(intf, retransmitted_ipmb_commands)); 1962 seq_printf(m, "timed_out_ipmb_commands: %u\n", 1963 ipmi_get_stat(intf, timed_out_ipmb_commands)); 1964 seq_printf(m, "timed_out_ipmb_broadcasts: %u\n", 1965 ipmi_get_stat(intf, timed_out_ipmb_broadcasts)); 1966 seq_printf(m, "sent_ipmb_responses: %u\n", 1967 ipmi_get_stat(intf, sent_ipmb_responses)); 1968 seq_printf(m, "handled_ipmb_responses: %u\n", 1969 ipmi_get_stat(intf, handled_ipmb_responses)); 1970 seq_printf(m, "invalid_ipmb_responses: %u\n", 1971 ipmi_get_stat(intf, invalid_ipmb_responses)); 1972 seq_printf(m, "unhandled_ipmb_responses: %u\n", 1973 ipmi_get_stat(intf, unhandled_ipmb_responses)); 1974 seq_printf(m, "sent_lan_commands: %u\n", 1975 ipmi_get_stat(intf, sent_lan_commands)); 1976 seq_printf(m, "sent_lan_command_errs: %u\n", 1977 ipmi_get_stat(intf, sent_lan_command_errs)); 1978 seq_printf(m, "retransmitted_lan_commands: %u\n", 1979 ipmi_get_stat(intf, retransmitted_lan_commands)); 1980 seq_printf(m, "timed_out_lan_commands: %u\n", 1981 ipmi_get_stat(intf, timed_out_lan_commands)); 1982 seq_printf(m, "sent_lan_responses: %u\n", 1983 ipmi_get_stat(intf, sent_lan_responses)); 1984 seq_printf(m, "handled_lan_responses: %u\n", 1985 ipmi_get_stat(intf, handled_lan_responses)); 1986 seq_printf(m, "invalid_lan_responses: %u\n", 1987 ipmi_get_stat(intf, invalid_lan_responses)); 1988 seq_printf(m, "unhandled_lan_responses: %u\n", 1989 ipmi_get_stat(intf, unhandled_lan_responses)); 1990 seq_printf(m, "handled_commands: %u\n", 1991 ipmi_get_stat(intf, handled_commands)); 1992 seq_printf(m, "invalid_commands: %u\n", 1993 ipmi_get_stat(intf, invalid_commands)); 1994 seq_printf(m, "unhandled_commands: %u\n", 1995 ipmi_get_stat(intf, unhandled_commands)); 1996 seq_printf(m, "invalid_events: %u\n", 1997 ipmi_get_stat(intf, invalid_events)); 1998 seq_printf(m, "events: %u\n", 1999 ipmi_get_stat(intf, events)); 2000 seq_printf(m, "failed rexmit LAN msgs: %u\n", 2001 ipmi_get_stat(intf, dropped_rexmit_lan_commands)); 2002 seq_printf(m, "failed rexmit IPMB msgs: %u\n", 2003 ipmi_get_stat(intf, dropped_rexmit_ipmb_commands)); 2004 return 0; 2005 } 2006 2007 static int smi_stats_proc_open(struct inode *inode, struct file *file) 2008 { 2009 return single_open(file, smi_stats_proc_show, PDE(inode)->data); 2010 } 2011 2012 static const struct file_operations smi_stats_proc_ops = { 2013 .open = smi_stats_proc_open, 2014 .read = seq_read, 2015 .llseek = seq_lseek, 2016 .release = single_release, 2017 }; 2018 #endif /* CONFIG_PROC_FS */ 2019 2020 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name, 2021 const struct file_operations *proc_ops, 2022 void *data) 2023 { 2024 int rv = 0; 2025 #ifdef CONFIG_PROC_FS 2026 struct proc_dir_entry *file; 2027 struct ipmi_proc_entry *entry; 2028 2029 /* Create a list element. */ 2030 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 2031 if (!entry) 2032 return -ENOMEM; 2033 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL); 2034 if (!entry->name) { 2035 kfree(entry); 2036 return -ENOMEM; 2037 } 2038 strcpy(entry->name, name); 2039 2040 file = proc_create_data(name, 0, smi->proc_dir, proc_ops, data); 2041 if (!file) { 2042 kfree(entry->name); 2043 kfree(entry); 2044 rv = -ENOMEM; 2045 } else { 2046 mutex_lock(&smi->proc_entry_lock); 2047 /* Stick it on the list. */ 2048 entry->next = smi->proc_entries; 2049 smi->proc_entries = entry; 2050 mutex_unlock(&smi->proc_entry_lock); 2051 } 2052 #endif /* CONFIG_PROC_FS */ 2053 2054 return rv; 2055 } 2056 EXPORT_SYMBOL(ipmi_smi_add_proc_entry); 2057 2058 static int add_proc_entries(ipmi_smi_t smi, int num) 2059 { 2060 int rv = 0; 2061 2062 #ifdef CONFIG_PROC_FS 2063 sprintf(smi->proc_dir_name, "%d", num); 2064 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root); 2065 if (!smi->proc_dir) 2066 rv = -ENOMEM; 2067 2068 if (rv == 0) 2069 rv = ipmi_smi_add_proc_entry(smi, "stats", 2070 &smi_stats_proc_ops, 2071 smi); 2072 2073 if (rv == 0) 2074 rv = ipmi_smi_add_proc_entry(smi, "ipmb", 2075 &smi_ipmb_proc_ops, 2076 smi); 2077 2078 if (rv == 0) 2079 rv = ipmi_smi_add_proc_entry(smi, "version", 2080 &smi_version_proc_ops, 2081 smi); 2082 #endif /* CONFIG_PROC_FS */ 2083 2084 return rv; 2085 } 2086 2087 static void remove_proc_entries(ipmi_smi_t smi) 2088 { 2089 #ifdef CONFIG_PROC_FS 2090 struct ipmi_proc_entry *entry; 2091 2092 mutex_lock(&smi->proc_entry_lock); 2093 while (smi->proc_entries) { 2094 entry = smi->proc_entries; 2095 smi->proc_entries = entry->next; 2096 2097 remove_proc_entry(entry->name, smi->proc_dir); 2098 kfree(entry->name); 2099 kfree(entry); 2100 } 2101 mutex_unlock(&smi->proc_entry_lock); 2102 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root); 2103 #endif /* CONFIG_PROC_FS */ 2104 } 2105 2106 static int __find_bmc_guid(struct device *dev, void *data) 2107 { 2108 unsigned char *id = data; 2109 struct bmc_device *bmc = dev_get_drvdata(dev); 2110 return memcmp(bmc->guid, id, 16) == 0; 2111 } 2112 2113 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv, 2114 unsigned char *guid) 2115 { 2116 struct device *dev; 2117 2118 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid); 2119 if (dev) 2120 return dev_get_drvdata(dev); 2121 else 2122 return NULL; 2123 } 2124 2125 struct prod_dev_id { 2126 unsigned int product_id; 2127 unsigned char device_id; 2128 }; 2129 2130 static int __find_bmc_prod_dev_id(struct device *dev, void *data) 2131 { 2132 struct prod_dev_id *id = data; 2133 struct bmc_device *bmc = dev_get_drvdata(dev); 2134 2135 return (bmc->id.product_id == id->product_id 2136 && bmc->id.device_id == id->device_id); 2137 } 2138 2139 static struct bmc_device *ipmi_find_bmc_prod_dev_id( 2140 struct device_driver *drv, 2141 unsigned int product_id, unsigned char device_id) 2142 { 2143 struct prod_dev_id id = { 2144 .product_id = product_id, 2145 .device_id = device_id, 2146 }; 2147 struct device *dev; 2148 2149 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id); 2150 if (dev) 2151 return dev_get_drvdata(dev); 2152 else 2153 return NULL; 2154 } 2155 2156 static ssize_t device_id_show(struct device *dev, 2157 struct device_attribute *attr, 2158 char *buf) 2159 { 2160 struct bmc_device *bmc = dev_get_drvdata(dev); 2161 2162 return snprintf(buf, 10, "%u\n", bmc->id.device_id); 2163 } 2164 2165 static ssize_t provides_dev_sdrs_show(struct device *dev, 2166 struct device_attribute *attr, 2167 char *buf) 2168 { 2169 struct bmc_device *bmc = dev_get_drvdata(dev); 2170 2171 return snprintf(buf, 10, "%u\n", 2172 (bmc->id.device_revision & 0x80) >> 7); 2173 } 2174 2175 static ssize_t revision_show(struct device *dev, struct device_attribute *attr, 2176 char *buf) 2177 { 2178 struct bmc_device *bmc = dev_get_drvdata(dev); 2179 2180 return snprintf(buf, 20, "%u\n", 2181 bmc->id.device_revision & 0x0F); 2182 } 2183 2184 static ssize_t firmware_rev_show(struct device *dev, 2185 struct device_attribute *attr, 2186 char *buf) 2187 { 2188 struct bmc_device *bmc = dev_get_drvdata(dev); 2189 2190 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1, 2191 bmc->id.firmware_revision_2); 2192 } 2193 2194 static ssize_t ipmi_version_show(struct device *dev, 2195 struct device_attribute *attr, 2196 char *buf) 2197 { 2198 struct bmc_device *bmc = dev_get_drvdata(dev); 2199 2200 return snprintf(buf, 20, "%u.%u\n", 2201 ipmi_version_major(&bmc->id), 2202 ipmi_version_minor(&bmc->id)); 2203 } 2204 2205 static ssize_t add_dev_support_show(struct device *dev, 2206 struct device_attribute *attr, 2207 char *buf) 2208 { 2209 struct bmc_device *bmc = dev_get_drvdata(dev); 2210 2211 return snprintf(buf, 10, "0x%02x\n", 2212 bmc->id.additional_device_support); 2213 } 2214 2215 static ssize_t manufacturer_id_show(struct device *dev, 2216 struct device_attribute *attr, 2217 char *buf) 2218 { 2219 struct bmc_device *bmc = dev_get_drvdata(dev); 2220 2221 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id); 2222 } 2223 2224 static ssize_t product_id_show(struct device *dev, 2225 struct device_attribute *attr, 2226 char *buf) 2227 { 2228 struct bmc_device *bmc = dev_get_drvdata(dev); 2229 2230 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id); 2231 } 2232 2233 static ssize_t aux_firmware_rev_show(struct device *dev, 2234 struct device_attribute *attr, 2235 char *buf) 2236 { 2237 struct bmc_device *bmc = dev_get_drvdata(dev); 2238 2239 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n", 2240 bmc->id.aux_firmware_revision[3], 2241 bmc->id.aux_firmware_revision[2], 2242 bmc->id.aux_firmware_revision[1], 2243 bmc->id.aux_firmware_revision[0]); 2244 } 2245 2246 static ssize_t guid_show(struct device *dev, struct device_attribute *attr, 2247 char *buf) 2248 { 2249 struct bmc_device *bmc = dev_get_drvdata(dev); 2250 2251 return snprintf(buf, 100, "%Lx%Lx\n", 2252 (long long) bmc->guid[0], 2253 (long long) bmc->guid[8]); 2254 } 2255 2256 static void remove_files(struct bmc_device *bmc) 2257 { 2258 if (!bmc->dev) 2259 return; 2260 2261 device_remove_file(&bmc->dev->dev, 2262 &bmc->device_id_attr); 2263 device_remove_file(&bmc->dev->dev, 2264 &bmc->provides_dev_sdrs_attr); 2265 device_remove_file(&bmc->dev->dev, 2266 &bmc->revision_attr); 2267 device_remove_file(&bmc->dev->dev, 2268 &bmc->firmware_rev_attr); 2269 device_remove_file(&bmc->dev->dev, 2270 &bmc->version_attr); 2271 device_remove_file(&bmc->dev->dev, 2272 &bmc->add_dev_support_attr); 2273 device_remove_file(&bmc->dev->dev, 2274 &bmc->manufacturer_id_attr); 2275 device_remove_file(&bmc->dev->dev, 2276 &bmc->product_id_attr); 2277 2278 if (bmc->id.aux_firmware_revision_set) 2279 device_remove_file(&bmc->dev->dev, 2280 &bmc->aux_firmware_rev_attr); 2281 if (bmc->guid_set) 2282 device_remove_file(&bmc->dev->dev, 2283 &bmc->guid_attr); 2284 } 2285 2286 static void 2287 cleanup_bmc_device(struct kref *ref) 2288 { 2289 struct bmc_device *bmc; 2290 2291 bmc = container_of(ref, struct bmc_device, refcount); 2292 2293 remove_files(bmc); 2294 platform_device_unregister(bmc->dev); 2295 kfree(bmc); 2296 } 2297 2298 static void ipmi_bmc_unregister(ipmi_smi_t intf) 2299 { 2300 struct bmc_device *bmc = intf->bmc; 2301 2302 if (intf->sysfs_name) { 2303 sysfs_remove_link(&intf->si_dev->kobj, intf->sysfs_name); 2304 kfree(intf->sysfs_name); 2305 intf->sysfs_name = NULL; 2306 } 2307 if (intf->my_dev_name) { 2308 sysfs_remove_link(&bmc->dev->dev.kobj, intf->my_dev_name); 2309 kfree(intf->my_dev_name); 2310 intf->my_dev_name = NULL; 2311 } 2312 2313 mutex_lock(&ipmidriver_mutex); 2314 kref_put(&bmc->refcount, cleanup_bmc_device); 2315 intf->bmc = NULL; 2316 mutex_unlock(&ipmidriver_mutex); 2317 } 2318 2319 static int create_files(struct bmc_device *bmc) 2320 { 2321 int err; 2322 2323 bmc->device_id_attr.attr.name = "device_id"; 2324 bmc->device_id_attr.attr.mode = S_IRUGO; 2325 bmc->device_id_attr.show = device_id_show; 2326 sysfs_attr_init(&bmc->device_id_attr.attr); 2327 2328 bmc->provides_dev_sdrs_attr.attr.name = "provides_device_sdrs"; 2329 bmc->provides_dev_sdrs_attr.attr.mode = S_IRUGO; 2330 bmc->provides_dev_sdrs_attr.show = provides_dev_sdrs_show; 2331 sysfs_attr_init(&bmc->provides_dev_sdrs_attr.attr); 2332 2333 bmc->revision_attr.attr.name = "revision"; 2334 bmc->revision_attr.attr.mode = S_IRUGO; 2335 bmc->revision_attr.show = revision_show; 2336 sysfs_attr_init(&bmc->revision_attr.attr); 2337 2338 bmc->firmware_rev_attr.attr.name = "firmware_revision"; 2339 bmc->firmware_rev_attr.attr.mode = S_IRUGO; 2340 bmc->firmware_rev_attr.show = firmware_rev_show; 2341 sysfs_attr_init(&bmc->firmware_rev_attr.attr); 2342 2343 bmc->version_attr.attr.name = "ipmi_version"; 2344 bmc->version_attr.attr.mode = S_IRUGO; 2345 bmc->version_attr.show = ipmi_version_show; 2346 sysfs_attr_init(&bmc->version_attr.attr); 2347 2348 bmc->add_dev_support_attr.attr.name = "additional_device_support"; 2349 bmc->add_dev_support_attr.attr.mode = S_IRUGO; 2350 bmc->add_dev_support_attr.show = add_dev_support_show; 2351 sysfs_attr_init(&bmc->add_dev_support_attr.attr); 2352 2353 bmc->manufacturer_id_attr.attr.name = "manufacturer_id"; 2354 bmc->manufacturer_id_attr.attr.mode = S_IRUGO; 2355 bmc->manufacturer_id_attr.show = manufacturer_id_show; 2356 sysfs_attr_init(&bmc->manufacturer_id_attr.attr); 2357 2358 bmc->product_id_attr.attr.name = "product_id"; 2359 bmc->product_id_attr.attr.mode = S_IRUGO; 2360 bmc->product_id_attr.show = product_id_show; 2361 sysfs_attr_init(&bmc->product_id_attr.attr); 2362 2363 bmc->guid_attr.attr.name = "guid"; 2364 bmc->guid_attr.attr.mode = S_IRUGO; 2365 bmc->guid_attr.show = guid_show; 2366 sysfs_attr_init(&bmc->guid_attr.attr); 2367 2368 bmc->aux_firmware_rev_attr.attr.name = "aux_firmware_revision"; 2369 bmc->aux_firmware_rev_attr.attr.mode = S_IRUGO; 2370 bmc->aux_firmware_rev_attr.show = aux_firmware_rev_show; 2371 sysfs_attr_init(&bmc->aux_firmware_rev_attr.attr); 2372 2373 err = device_create_file(&bmc->dev->dev, 2374 &bmc->device_id_attr); 2375 if (err) 2376 goto out; 2377 err = device_create_file(&bmc->dev->dev, 2378 &bmc->provides_dev_sdrs_attr); 2379 if (err) 2380 goto out_devid; 2381 err = device_create_file(&bmc->dev->dev, 2382 &bmc->revision_attr); 2383 if (err) 2384 goto out_sdrs; 2385 err = device_create_file(&bmc->dev->dev, 2386 &bmc->firmware_rev_attr); 2387 if (err) 2388 goto out_rev; 2389 err = device_create_file(&bmc->dev->dev, 2390 &bmc->version_attr); 2391 if (err) 2392 goto out_firm; 2393 err = device_create_file(&bmc->dev->dev, 2394 &bmc->add_dev_support_attr); 2395 if (err) 2396 goto out_version; 2397 err = device_create_file(&bmc->dev->dev, 2398 &bmc->manufacturer_id_attr); 2399 if (err) 2400 goto out_add_dev; 2401 err = device_create_file(&bmc->dev->dev, 2402 &bmc->product_id_attr); 2403 if (err) 2404 goto out_manu; 2405 if (bmc->id.aux_firmware_revision_set) { 2406 err = device_create_file(&bmc->dev->dev, 2407 &bmc->aux_firmware_rev_attr); 2408 if (err) 2409 goto out_prod_id; 2410 } 2411 if (bmc->guid_set) { 2412 err = device_create_file(&bmc->dev->dev, 2413 &bmc->guid_attr); 2414 if (err) 2415 goto out_aux_firm; 2416 } 2417 2418 return 0; 2419 2420 out_aux_firm: 2421 if (bmc->id.aux_firmware_revision_set) 2422 device_remove_file(&bmc->dev->dev, 2423 &bmc->aux_firmware_rev_attr); 2424 out_prod_id: 2425 device_remove_file(&bmc->dev->dev, 2426 &bmc->product_id_attr); 2427 out_manu: 2428 device_remove_file(&bmc->dev->dev, 2429 &bmc->manufacturer_id_attr); 2430 out_add_dev: 2431 device_remove_file(&bmc->dev->dev, 2432 &bmc->add_dev_support_attr); 2433 out_version: 2434 device_remove_file(&bmc->dev->dev, 2435 &bmc->version_attr); 2436 out_firm: 2437 device_remove_file(&bmc->dev->dev, 2438 &bmc->firmware_rev_attr); 2439 out_rev: 2440 device_remove_file(&bmc->dev->dev, 2441 &bmc->revision_attr); 2442 out_sdrs: 2443 device_remove_file(&bmc->dev->dev, 2444 &bmc->provides_dev_sdrs_attr); 2445 out_devid: 2446 device_remove_file(&bmc->dev->dev, 2447 &bmc->device_id_attr); 2448 out: 2449 return err; 2450 } 2451 2452 static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum, 2453 const char *sysfs_name) 2454 { 2455 int rv; 2456 struct bmc_device *bmc = intf->bmc; 2457 struct bmc_device *old_bmc; 2458 int size; 2459 char dummy[1]; 2460 2461 mutex_lock(&ipmidriver_mutex); 2462 2463 /* 2464 * Try to find if there is an bmc_device struct 2465 * representing the interfaced BMC already 2466 */ 2467 if (bmc->guid_set) 2468 old_bmc = ipmi_find_bmc_guid(&ipmidriver.driver, bmc->guid); 2469 else 2470 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver, 2471 bmc->id.product_id, 2472 bmc->id.device_id); 2473 2474 /* 2475 * If there is already an bmc_device, free the new one, 2476 * otherwise register the new BMC device 2477 */ 2478 if (old_bmc) { 2479 kfree(bmc); 2480 intf->bmc = old_bmc; 2481 bmc = old_bmc; 2482 2483 kref_get(&bmc->refcount); 2484 mutex_unlock(&ipmidriver_mutex); 2485 2486 printk(KERN_INFO 2487 "ipmi: interfacing existing BMC (man_id: 0x%6.6x," 2488 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2489 bmc->id.manufacturer_id, 2490 bmc->id.product_id, 2491 bmc->id.device_id); 2492 } else { 2493 char name[14]; 2494 unsigned char orig_dev_id = bmc->id.device_id; 2495 int warn_printed = 0; 2496 2497 snprintf(name, sizeof(name), 2498 "ipmi_bmc.%4.4x", bmc->id.product_id); 2499 2500 while (ipmi_find_bmc_prod_dev_id(&ipmidriver.driver, 2501 bmc->id.product_id, 2502 bmc->id.device_id)) { 2503 if (!warn_printed) { 2504 printk(KERN_WARNING PFX 2505 "This machine has two different BMCs" 2506 " with the same product id and device" 2507 " id. This is an error in the" 2508 " firmware, but incrementing the" 2509 " device id to work around the problem." 2510 " Prod ID = 0x%x, Dev ID = 0x%x\n", 2511 bmc->id.product_id, bmc->id.device_id); 2512 warn_printed = 1; 2513 } 2514 bmc->id.device_id++; /* Wraps at 255 */ 2515 if (bmc->id.device_id == orig_dev_id) { 2516 printk(KERN_ERR PFX 2517 "Out of device ids!\n"); 2518 break; 2519 } 2520 } 2521 2522 bmc->dev = platform_device_alloc(name, bmc->id.device_id); 2523 if (!bmc->dev) { 2524 mutex_unlock(&ipmidriver_mutex); 2525 printk(KERN_ERR 2526 "ipmi_msghandler:" 2527 " Unable to allocate platform device\n"); 2528 return -ENOMEM; 2529 } 2530 bmc->dev->dev.driver = &ipmidriver.driver; 2531 dev_set_drvdata(&bmc->dev->dev, bmc); 2532 kref_init(&bmc->refcount); 2533 2534 rv = platform_device_add(bmc->dev); 2535 mutex_unlock(&ipmidriver_mutex); 2536 if (rv) { 2537 platform_device_put(bmc->dev); 2538 bmc->dev = NULL; 2539 printk(KERN_ERR 2540 "ipmi_msghandler:" 2541 " Unable to register bmc device: %d\n", 2542 rv); 2543 /* 2544 * Don't go to out_err, you can only do that if 2545 * the device is registered already. 2546 */ 2547 return rv; 2548 } 2549 2550 rv = create_files(bmc); 2551 if (rv) { 2552 mutex_lock(&ipmidriver_mutex); 2553 platform_device_unregister(bmc->dev); 2554 mutex_unlock(&ipmidriver_mutex); 2555 2556 return rv; 2557 } 2558 2559 dev_info(intf->si_dev, "Found new BMC (man_id: 0x%6.6x, " 2560 "prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n", 2561 bmc->id.manufacturer_id, 2562 bmc->id.product_id, 2563 bmc->id.device_id); 2564 } 2565 2566 /* 2567 * create symlink from system interface device to bmc device 2568 * and back. 2569 */ 2570 intf->sysfs_name = kstrdup(sysfs_name, GFP_KERNEL); 2571 if (!intf->sysfs_name) { 2572 rv = -ENOMEM; 2573 printk(KERN_ERR 2574 "ipmi_msghandler: allocate link to BMC: %d\n", 2575 rv); 2576 goto out_err; 2577 } 2578 2579 rv = sysfs_create_link(&intf->si_dev->kobj, 2580 &bmc->dev->dev.kobj, intf->sysfs_name); 2581 if (rv) { 2582 kfree(intf->sysfs_name); 2583 intf->sysfs_name = NULL; 2584 printk(KERN_ERR 2585 "ipmi_msghandler: Unable to create bmc symlink: %d\n", 2586 rv); 2587 goto out_err; 2588 } 2589 2590 size = snprintf(dummy, 0, "ipmi%d", ifnum); 2591 intf->my_dev_name = kmalloc(size+1, GFP_KERNEL); 2592 if (!intf->my_dev_name) { 2593 kfree(intf->sysfs_name); 2594 intf->sysfs_name = NULL; 2595 rv = -ENOMEM; 2596 printk(KERN_ERR 2597 "ipmi_msghandler: allocate link from BMC: %d\n", 2598 rv); 2599 goto out_err; 2600 } 2601 snprintf(intf->my_dev_name, size+1, "ipmi%d", ifnum); 2602 2603 rv = sysfs_create_link(&bmc->dev->dev.kobj, &intf->si_dev->kobj, 2604 intf->my_dev_name); 2605 if (rv) { 2606 kfree(intf->sysfs_name); 2607 intf->sysfs_name = NULL; 2608 kfree(intf->my_dev_name); 2609 intf->my_dev_name = NULL; 2610 printk(KERN_ERR 2611 "ipmi_msghandler:" 2612 " Unable to create symlink to bmc: %d\n", 2613 rv); 2614 goto out_err; 2615 } 2616 2617 return 0; 2618 2619 out_err: 2620 ipmi_bmc_unregister(intf); 2621 return rv; 2622 } 2623 2624 static int 2625 send_guid_cmd(ipmi_smi_t intf, int chan) 2626 { 2627 struct kernel_ipmi_msg msg; 2628 struct ipmi_system_interface_addr si; 2629 2630 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2631 si.channel = IPMI_BMC_CHANNEL; 2632 si.lun = 0; 2633 2634 msg.netfn = IPMI_NETFN_APP_REQUEST; 2635 msg.cmd = IPMI_GET_DEVICE_GUID_CMD; 2636 msg.data = NULL; 2637 msg.data_len = 0; 2638 return i_ipmi_request(NULL, 2639 intf, 2640 (struct ipmi_addr *) &si, 2641 0, 2642 &msg, 2643 intf, 2644 NULL, 2645 NULL, 2646 0, 2647 intf->channels[0].address, 2648 intf->channels[0].lun, 2649 -1, 0); 2650 } 2651 2652 static void 2653 guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2654 { 2655 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2656 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE) 2657 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD)) 2658 /* Not for me */ 2659 return; 2660 2661 if (msg->msg.data[0] != 0) { 2662 /* Error from getting the GUID, the BMC doesn't have one. */ 2663 intf->bmc->guid_set = 0; 2664 goto out; 2665 } 2666 2667 if (msg->msg.data_len < 17) { 2668 intf->bmc->guid_set = 0; 2669 printk(KERN_WARNING PFX 2670 "guid_handler: The GUID response from the BMC was too" 2671 " short, it was %d but should have been 17. Assuming" 2672 " GUID is not available.\n", 2673 msg->msg.data_len); 2674 goto out; 2675 } 2676 2677 memcpy(intf->bmc->guid, msg->msg.data, 16); 2678 intf->bmc->guid_set = 1; 2679 out: 2680 wake_up(&intf->waitq); 2681 } 2682 2683 static void 2684 get_guid(ipmi_smi_t intf) 2685 { 2686 int rv; 2687 2688 intf->bmc->guid_set = 0x2; 2689 intf->null_user_handler = guid_handler; 2690 rv = send_guid_cmd(intf, 0); 2691 if (rv) 2692 /* Send failed, no GUID available. */ 2693 intf->bmc->guid_set = 0; 2694 wait_event(intf->waitq, intf->bmc->guid_set != 2); 2695 intf->null_user_handler = NULL; 2696 } 2697 2698 static int 2699 send_channel_info_cmd(ipmi_smi_t intf, int chan) 2700 { 2701 struct kernel_ipmi_msg msg; 2702 unsigned char data[1]; 2703 struct ipmi_system_interface_addr si; 2704 2705 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 2706 si.channel = IPMI_BMC_CHANNEL; 2707 si.lun = 0; 2708 2709 msg.netfn = IPMI_NETFN_APP_REQUEST; 2710 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD; 2711 msg.data = data; 2712 msg.data_len = 1; 2713 data[0] = chan; 2714 return i_ipmi_request(NULL, 2715 intf, 2716 (struct ipmi_addr *) &si, 2717 0, 2718 &msg, 2719 intf, 2720 NULL, 2721 NULL, 2722 0, 2723 intf->channels[0].address, 2724 intf->channels[0].lun, 2725 -1, 0); 2726 } 2727 2728 static void 2729 channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 2730 { 2731 int rv = 0; 2732 int chan; 2733 2734 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 2735 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 2736 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) { 2737 /* It's the one we want */ 2738 if (msg->msg.data[0] != 0) { 2739 /* Got an error from the channel, just go on. */ 2740 2741 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) { 2742 /* 2743 * If the MC does not support this 2744 * command, that is legal. We just 2745 * assume it has one IPMB at channel 2746 * zero. 2747 */ 2748 intf->channels[0].medium 2749 = IPMI_CHANNEL_MEDIUM_IPMB; 2750 intf->channels[0].protocol 2751 = IPMI_CHANNEL_PROTOCOL_IPMB; 2752 rv = -ENOSYS; 2753 2754 intf->curr_channel = IPMI_MAX_CHANNELS; 2755 wake_up(&intf->waitq); 2756 goto out; 2757 } 2758 goto next_channel; 2759 } 2760 if (msg->msg.data_len < 4) { 2761 /* Message not big enough, just go on. */ 2762 goto next_channel; 2763 } 2764 chan = intf->curr_channel; 2765 intf->channels[chan].medium = msg->msg.data[2] & 0x7f; 2766 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f; 2767 2768 next_channel: 2769 intf->curr_channel++; 2770 if (intf->curr_channel >= IPMI_MAX_CHANNELS) 2771 wake_up(&intf->waitq); 2772 else 2773 rv = send_channel_info_cmd(intf, intf->curr_channel); 2774 2775 if (rv) { 2776 /* Got an error somehow, just give up. */ 2777 intf->curr_channel = IPMI_MAX_CHANNELS; 2778 wake_up(&intf->waitq); 2779 2780 printk(KERN_WARNING PFX 2781 "Error sending channel information: %d\n", 2782 rv); 2783 } 2784 } 2785 out: 2786 return; 2787 } 2788 2789 void ipmi_poll_interface(ipmi_user_t user) 2790 { 2791 ipmi_smi_t intf = user->intf; 2792 2793 if (intf->handlers->poll) 2794 intf->handlers->poll(intf->send_info); 2795 } 2796 EXPORT_SYMBOL(ipmi_poll_interface); 2797 2798 int ipmi_register_smi(struct ipmi_smi_handlers *handlers, 2799 void *send_info, 2800 struct ipmi_device_id *device_id, 2801 struct device *si_dev, 2802 const char *sysfs_name, 2803 unsigned char slave_addr) 2804 { 2805 int i, j; 2806 int rv; 2807 ipmi_smi_t intf; 2808 ipmi_smi_t tintf; 2809 struct list_head *link; 2810 2811 /* 2812 * Make sure the driver is actually initialized, this handles 2813 * problems with initialization order. 2814 */ 2815 if (!initialized) { 2816 rv = ipmi_init_msghandler(); 2817 if (rv) 2818 return rv; 2819 /* 2820 * The init code doesn't return an error if it was turned 2821 * off, but it won't initialize. Check that. 2822 */ 2823 if (!initialized) 2824 return -ENODEV; 2825 } 2826 2827 intf = kzalloc(sizeof(*intf), GFP_KERNEL); 2828 if (!intf) 2829 return -ENOMEM; 2830 2831 intf->ipmi_version_major = ipmi_version_major(device_id); 2832 intf->ipmi_version_minor = ipmi_version_minor(device_id); 2833 2834 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL); 2835 if (!intf->bmc) { 2836 kfree(intf); 2837 return -ENOMEM; 2838 } 2839 intf->intf_num = -1; /* Mark it invalid for now. */ 2840 kref_init(&intf->refcount); 2841 intf->bmc->id = *device_id; 2842 intf->si_dev = si_dev; 2843 for (j = 0; j < IPMI_MAX_CHANNELS; j++) { 2844 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR; 2845 intf->channels[j].lun = 2; 2846 } 2847 if (slave_addr != 0) 2848 intf->channels[0].address = slave_addr; 2849 INIT_LIST_HEAD(&intf->users); 2850 intf->handlers = handlers; 2851 intf->send_info = send_info; 2852 spin_lock_init(&intf->seq_lock); 2853 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) { 2854 intf->seq_table[j].inuse = 0; 2855 intf->seq_table[j].seqid = 0; 2856 } 2857 intf->curr_seq = 0; 2858 #ifdef CONFIG_PROC_FS 2859 mutex_init(&intf->proc_entry_lock); 2860 #endif 2861 spin_lock_init(&intf->waiting_msgs_lock); 2862 INIT_LIST_HEAD(&intf->waiting_msgs); 2863 spin_lock_init(&intf->events_lock); 2864 INIT_LIST_HEAD(&intf->waiting_events); 2865 intf->waiting_events_count = 0; 2866 mutex_init(&intf->cmd_rcvrs_mutex); 2867 spin_lock_init(&intf->maintenance_mode_lock); 2868 INIT_LIST_HEAD(&intf->cmd_rcvrs); 2869 init_waitqueue_head(&intf->waitq); 2870 for (i = 0; i < IPMI_NUM_STATS; i++) 2871 atomic_set(&intf->stats[i], 0); 2872 2873 intf->proc_dir = NULL; 2874 2875 mutex_lock(&smi_watchers_mutex); 2876 mutex_lock(&ipmi_interfaces_mutex); 2877 /* Look for a hole in the numbers. */ 2878 i = 0; 2879 link = &ipmi_interfaces; 2880 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) { 2881 if (tintf->intf_num != i) { 2882 link = &tintf->link; 2883 break; 2884 } 2885 i++; 2886 } 2887 /* Add the new interface in numeric order. */ 2888 if (i == 0) 2889 list_add_rcu(&intf->link, &ipmi_interfaces); 2890 else 2891 list_add_tail_rcu(&intf->link, link); 2892 2893 rv = handlers->start_processing(send_info, intf); 2894 if (rv) 2895 goto out; 2896 2897 get_guid(intf); 2898 2899 if ((intf->ipmi_version_major > 1) 2900 || ((intf->ipmi_version_major == 1) 2901 && (intf->ipmi_version_minor >= 5))) { 2902 /* 2903 * Start scanning the channels to see what is 2904 * available. 2905 */ 2906 intf->null_user_handler = channel_handler; 2907 intf->curr_channel = 0; 2908 rv = send_channel_info_cmd(intf, 0); 2909 if (rv) 2910 goto out; 2911 2912 /* Wait for the channel info to be read. */ 2913 wait_event(intf->waitq, 2914 intf->curr_channel >= IPMI_MAX_CHANNELS); 2915 intf->null_user_handler = NULL; 2916 } else { 2917 /* Assume a single IPMB channel at zero. */ 2918 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB; 2919 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB; 2920 intf->curr_channel = IPMI_MAX_CHANNELS; 2921 } 2922 2923 if (rv == 0) 2924 rv = add_proc_entries(intf, i); 2925 2926 rv = ipmi_bmc_register(intf, i, sysfs_name); 2927 2928 out: 2929 if (rv) { 2930 if (intf->proc_dir) 2931 remove_proc_entries(intf); 2932 intf->handlers = NULL; 2933 list_del_rcu(&intf->link); 2934 mutex_unlock(&ipmi_interfaces_mutex); 2935 mutex_unlock(&smi_watchers_mutex); 2936 synchronize_rcu(); 2937 kref_put(&intf->refcount, intf_free); 2938 } else { 2939 /* 2940 * Keep memory order straight for RCU readers. Make 2941 * sure everything else is committed to memory before 2942 * setting intf_num to mark the interface valid. 2943 */ 2944 smp_wmb(); 2945 intf->intf_num = i; 2946 mutex_unlock(&ipmi_interfaces_mutex); 2947 /* After this point the interface is legal to use. */ 2948 call_smi_watchers(i, intf->si_dev); 2949 mutex_unlock(&smi_watchers_mutex); 2950 } 2951 2952 return rv; 2953 } 2954 EXPORT_SYMBOL(ipmi_register_smi); 2955 2956 static void cleanup_smi_msgs(ipmi_smi_t intf) 2957 { 2958 int i; 2959 struct seq_table *ent; 2960 2961 /* No need for locks, the interface is down. */ 2962 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { 2963 ent = &(intf->seq_table[i]); 2964 if (!ent->inuse) 2965 continue; 2966 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED); 2967 } 2968 } 2969 2970 int ipmi_unregister_smi(ipmi_smi_t intf) 2971 { 2972 struct ipmi_smi_watcher *w; 2973 int intf_num = intf->intf_num; 2974 2975 ipmi_bmc_unregister(intf); 2976 2977 mutex_lock(&smi_watchers_mutex); 2978 mutex_lock(&ipmi_interfaces_mutex); 2979 intf->intf_num = -1; 2980 intf->handlers = NULL; 2981 list_del_rcu(&intf->link); 2982 mutex_unlock(&ipmi_interfaces_mutex); 2983 synchronize_rcu(); 2984 2985 cleanup_smi_msgs(intf); 2986 2987 remove_proc_entries(intf); 2988 2989 /* 2990 * Call all the watcher interfaces to tell them that 2991 * an interface is gone. 2992 */ 2993 list_for_each_entry(w, &smi_watchers, link) 2994 w->smi_gone(intf_num); 2995 mutex_unlock(&smi_watchers_mutex); 2996 2997 kref_put(&intf->refcount, intf_free); 2998 return 0; 2999 } 3000 EXPORT_SYMBOL(ipmi_unregister_smi); 3001 3002 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf, 3003 struct ipmi_smi_msg *msg) 3004 { 3005 struct ipmi_ipmb_addr ipmb_addr; 3006 struct ipmi_recv_msg *recv_msg; 3007 3008 /* 3009 * This is 11, not 10, because the response must contain a 3010 * completion code. 3011 */ 3012 if (msg->rsp_size < 11) { 3013 /* Message not big enough, just ignore it. */ 3014 ipmi_inc_stat(intf, invalid_ipmb_responses); 3015 return 0; 3016 } 3017 3018 if (msg->rsp[2] != 0) { 3019 /* An error getting the response, just ignore it. */ 3020 return 0; 3021 } 3022 3023 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE; 3024 ipmb_addr.slave_addr = msg->rsp[6]; 3025 ipmb_addr.channel = msg->rsp[3] & 0x0f; 3026 ipmb_addr.lun = msg->rsp[7] & 3; 3027 3028 /* 3029 * It's a response from a remote entity. Look up the sequence 3030 * number and handle the response. 3031 */ 3032 if (intf_find_seq(intf, 3033 msg->rsp[7] >> 2, 3034 msg->rsp[3] & 0x0f, 3035 msg->rsp[8], 3036 (msg->rsp[4] >> 2) & (~1), 3037 (struct ipmi_addr *) &(ipmb_addr), 3038 &recv_msg)) { 3039 /* 3040 * We were unable to find the sequence number, 3041 * so just nuke the message. 3042 */ 3043 ipmi_inc_stat(intf, unhandled_ipmb_responses); 3044 return 0; 3045 } 3046 3047 memcpy(recv_msg->msg_data, 3048 &(msg->rsp[9]), 3049 msg->rsp_size - 9); 3050 /* 3051 * The other fields matched, so no need to set them, except 3052 * for netfn, which needs to be the response that was 3053 * returned, not the request value. 3054 */ 3055 recv_msg->msg.netfn = msg->rsp[4] >> 2; 3056 recv_msg->msg.data = recv_msg->msg_data; 3057 recv_msg->msg.data_len = msg->rsp_size - 10; 3058 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3059 ipmi_inc_stat(intf, handled_ipmb_responses); 3060 deliver_response(recv_msg); 3061 3062 return 0; 3063 } 3064 3065 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf, 3066 struct ipmi_smi_msg *msg) 3067 { 3068 struct cmd_rcvr *rcvr; 3069 int rv = 0; 3070 unsigned char netfn; 3071 unsigned char cmd; 3072 unsigned char chan; 3073 ipmi_user_t user = NULL; 3074 struct ipmi_ipmb_addr *ipmb_addr; 3075 struct ipmi_recv_msg *recv_msg; 3076 struct ipmi_smi_handlers *handlers; 3077 3078 if (msg->rsp_size < 10) { 3079 /* Message not big enough, just ignore it. */ 3080 ipmi_inc_stat(intf, invalid_commands); 3081 return 0; 3082 } 3083 3084 if (msg->rsp[2] != 0) { 3085 /* An error getting the response, just ignore it. */ 3086 return 0; 3087 } 3088 3089 netfn = msg->rsp[4] >> 2; 3090 cmd = msg->rsp[8]; 3091 chan = msg->rsp[3] & 0xf; 3092 3093 rcu_read_lock(); 3094 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3095 if (rcvr) { 3096 user = rcvr->user; 3097 kref_get(&user->refcount); 3098 } else 3099 user = NULL; 3100 rcu_read_unlock(); 3101 3102 if (user == NULL) { 3103 /* We didn't find a user, deliver an error response. */ 3104 ipmi_inc_stat(intf, unhandled_commands); 3105 3106 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2); 3107 msg->data[1] = IPMI_SEND_MSG_CMD; 3108 msg->data[2] = msg->rsp[3]; 3109 msg->data[3] = msg->rsp[6]; 3110 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3); 3111 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2); 3112 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address; 3113 /* rqseq/lun */ 3114 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3); 3115 msg->data[8] = msg->rsp[8]; /* cmd */ 3116 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE; 3117 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4); 3118 msg->data_size = 11; 3119 3120 #ifdef DEBUG_MSGING 3121 { 3122 int m; 3123 printk("Invalid command:"); 3124 for (m = 0; m < msg->data_size; m++) 3125 printk(" %2.2x", msg->data[m]); 3126 printk("\n"); 3127 } 3128 #endif 3129 rcu_read_lock(); 3130 handlers = intf->handlers; 3131 if (handlers) { 3132 handlers->sender(intf->send_info, msg, 0); 3133 /* 3134 * We used the message, so return the value 3135 * that causes it to not be freed or 3136 * queued. 3137 */ 3138 rv = -1; 3139 } 3140 rcu_read_unlock(); 3141 } else { 3142 /* Deliver the message to the user. */ 3143 ipmi_inc_stat(intf, handled_commands); 3144 3145 recv_msg = ipmi_alloc_recv_msg(); 3146 if (!recv_msg) { 3147 /* 3148 * We couldn't allocate memory for the 3149 * message, so requeue it for handling 3150 * later. 3151 */ 3152 rv = 1; 3153 kref_put(&user->refcount, free_user); 3154 } else { 3155 /* Extract the source address from the data. */ 3156 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr; 3157 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE; 3158 ipmb_addr->slave_addr = msg->rsp[6]; 3159 ipmb_addr->lun = msg->rsp[7] & 3; 3160 ipmb_addr->channel = msg->rsp[3] & 0xf; 3161 3162 /* 3163 * Extract the rest of the message information 3164 * from the IPMB header. 3165 */ 3166 recv_msg->user = user; 3167 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3168 recv_msg->msgid = msg->rsp[7] >> 2; 3169 recv_msg->msg.netfn = msg->rsp[4] >> 2; 3170 recv_msg->msg.cmd = msg->rsp[8]; 3171 recv_msg->msg.data = recv_msg->msg_data; 3172 3173 /* 3174 * We chop off 10, not 9 bytes because the checksum 3175 * at the end also needs to be removed. 3176 */ 3177 recv_msg->msg.data_len = msg->rsp_size - 10; 3178 memcpy(recv_msg->msg_data, 3179 &(msg->rsp[9]), 3180 msg->rsp_size - 10); 3181 deliver_response(recv_msg); 3182 } 3183 } 3184 3185 return rv; 3186 } 3187 3188 static int handle_lan_get_msg_rsp(ipmi_smi_t intf, 3189 struct ipmi_smi_msg *msg) 3190 { 3191 struct ipmi_lan_addr lan_addr; 3192 struct ipmi_recv_msg *recv_msg; 3193 3194 3195 /* 3196 * This is 13, not 12, because the response must contain a 3197 * completion code. 3198 */ 3199 if (msg->rsp_size < 13) { 3200 /* Message not big enough, just ignore it. */ 3201 ipmi_inc_stat(intf, invalid_lan_responses); 3202 return 0; 3203 } 3204 3205 if (msg->rsp[2] != 0) { 3206 /* An error getting the response, just ignore it. */ 3207 return 0; 3208 } 3209 3210 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE; 3211 lan_addr.session_handle = msg->rsp[4]; 3212 lan_addr.remote_SWID = msg->rsp[8]; 3213 lan_addr.local_SWID = msg->rsp[5]; 3214 lan_addr.channel = msg->rsp[3] & 0x0f; 3215 lan_addr.privilege = msg->rsp[3] >> 4; 3216 lan_addr.lun = msg->rsp[9] & 3; 3217 3218 /* 3219 * It's a response from a remote entity. Look up the sequence 3220 * number and handle the response. 3221 */ 3222 if (intf_find_seq(intf, 3223 msg->rsp[9] >> 2, 3224 msg->rsp[3] & 0x0f, 3225 msg->rsp[10], 3226 (msg->rsp[6] >> 2) & (~1), 3227 (struct ipmi_addr *) &(lan_addr), 3228 &recv_msg)) { 3229 /* 3230 * We were unable to find the sequence number, 3231 * so just nuke the message. 3232 */ 3233 ipmi_inc_stat(intf, unhandled_lan_responses); 3234 return 0; 3235 } 3236 3237 memcpy(recv_msg->msg_data, 3238 &(msg->rsp[11]), 3239 msg->rsp_size - 11); 3240 /* 3241 * The other fields matched, so no need to set them, except 3242 * for netfn, which needs to be the response that was 3243 * returned, not the request value. 3244 */ 3245 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3246 recv_msg->msg.data = recv_msg->msg_data; 3247 recv_msg->msg.data_len = msg->rsp_size - 12; 3248 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3249 ipmi_inc_stat(intf, handled_lan_responses); 3250 deliver_response(recv_msg); 3251 3252 return 0; 3253 } 3254 3255 static int handle_lan_get_msg_cmd(ipmi_smi_t intf, 3256 struct ipmi_smi_msg *msg) 3257 { 3258 struct cmd_rcvr *rcvr; 3259 int rv = 0; 3260 unsigned char netfn; 3261 unsigned char cmd; 3262 unsigned char chan; 3263 ipmi_user_t user = NULL; 3264 struct ipmi_lan_addr *lan_addr; 3265 struct ipmi_recv_msg *recv_msg; 3266 3267 if (msg->rsp_size < 12) { 3268 /* Message not big enough, just ignore it. */ 3269 ipmi_inc_stat(intf, invalid_commands); 3270 return 0; 3271 } 3272 3273 if (msg->rsp[2] != 0) { 3274 /* An error getting the response, just ignore it. */ 3275 return 0; 3276 } 3277 3278 netfn = msg->rsp[6] >> 2; 3279 cmd = msg->rsp[10]; 3280 chan = msg->rsp[3] & 0xf; 3281 3282 rcu_read_lock(); 3283 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3284 if (rcvr) { 3285 user = rcvr->user; 3286 kref_get(&user->refcount); 3287 } else 3288 user = NULL; 3289 rcu_read_unlock(); 3290 3291 if (user == NULL) { 3292 /* We didn't find a user, just give up. */ 3293 ipmi_inc_stat(intf, unhandled_commands); 3294 3295 /* 3296 * Don't do anything with these messages, just allow 3297 * them to be freed. 3298 */ 3299 rv = 0; 3300 } else { 3301 /* Deliver the message to the user. */ 3302 ipmi_inc_stat(intf, handled_commands); 3303 3304 recv_msg = ipmi_alloc_recv_msg(); 3305 if (!recv_msg) { 3306 /* 3307 * We couldn't allocate memory for the 3308 * message, so requeue it for handling later. 3309 */ 3310 rv = 1; 3311 kref_put(&user->refcount, free_user); 3312 } else { 3313 /* Extract the source address from the data. */ 3314 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr; 3315 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE; 3316 lan_addr->session_handle = msg->rsp[4]; 3317 lan_addr->remote_SWID = msg->rsp[8]; 3318 lan_addr->local_SWID = msg->rsp[5]; 3319 lan_addr->lun = msg->rsp[9] & 3; 3320 lan_addr->channel = msg->rsp[3] & 0xf; 3321 lan_addr->privilege = msg->rsp[3] >> 4; 3322 3323 /* 3324 * Extract the rest of the message information 3325 * from the IPMB header. 3326 */ 3327 recv_msg->user = user; 3328 recv_msg->recv_type = IPMI_CMD_RECV_TYPE; 3329 recv_msg->msgid = msg->rsp[9] >> 2; 3330 recv_msg->msg.netfn = msg->rsp[6] >> 2; 3331 recv_msg->msg.cmd = msg->rsp[10]; 3332 recv_msg->msg.data = recv_msg->msg_data; 3333 3334 /* 3335 * We chop off 12, not 11 bytes because the checksum 3336 * at the end also needs to be removed. 3337 */ 3338 recv_msg->msg.data_len = msg->rsp_size - 12; 3339 memcpy(recv_msg->msg_data, 3340 &(msg->rsp[11]), 3341 msg->rsp_size - 12); 3342 deliver_response(recv_msg); 3343 } 3344 } 3345 3346 return rv; 3347 } 3348 3349 /* 3350 * This routine will handle "Get Message" command responses with 3351 * channels that use an OEM Medium. The message format belongs to 3352 * the OEM. See IPMI 2.0 specification, Chapter 6 and 3353 * Chapter 22, sections 22.6 and 22.24 for more details. 3354 */ 3355 static int handle_oem_get_msg_cmd(ipmi_smi_t intf, 3356 struct ipmi_smi_msg *msg) 3357 { 3358 struct cmd_rcvr *rcvr; 3359 int rv = 0; 3360 unsigned char netfn; 3361 unsigned char cmd; 3362 unsigned char chan; 3363 ipmi_user_t user = NULL; 3364 struct ipmi_system_interface_addr *smi_addr; 3365 struct ipmi_recv_msg *recv_msg; 3366 3367 /* 3368 * We expect the OEM SW to perform error checking 3369 * so we just do some basic sanity checks 3370 */ 3371 if (msg->rsp_size < 4) { 3372 /* Message not big enough, just ignore it. */ 3373 ipmi_inc_stat(intf, invalid_commands); 3374 return 0; 3375 } 3376 3377 if (msg->rsp[2] != 0) { 3378 /* An error getting the response, just ignore it. */ 3379 return 0; 3380 } 3381 3382 /* 3383 * This is an OEM Message so the OEM needs to know how 3384 * handle the message. We do no interpretation. 3385 */ 3386 netfn = msg->rsp[0] >> 2; 3387 cmd = msg->rsp[1]; 3388 chan = msg->rsp[3] & 0xf; 3389 3390 rcu_read_lock(); 3391 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan); 3392 if (rcvr) { 3393 user = rcvr->user; 3394 kref_get(&user->refcount); 3395 } else 3396 user = NULL; 3397 rcu_read_unlock(); 3398 3399 if (user == NULL) { 3400 /* We didn't find a user, just give up. */ 3401 ipmi_inc_stat(intf, unhandled_commands); 3402 3403 /* 3404 * Don't do anything with these messages, just allow 3405 * them to be freed. 3406 */ 3407 3408 rv = 0; 3409 } else { 3410 /* Deliver the message to the user. */ 3411 ipmi_inc_stat(intf, handled_commands); 3412 3413 recv_msg = ipmi_alloc_recv_msg(); 3414 if (!recv_msg) { 3415 /* 3416 * We couldn't allocate memory for the 3417 * message, so requeue it for handling 3418 * later. 3419 */ 3420 rv = 1; 3421 kref_put(&user->refcount, free_user); 3422 } else { 3423 /* 3424 * OEM Messages are expected to be delivered via 3425 * the system interface to SMS software. We might 3426 * need to visit this again depending on OEM 3427 * requirements 3428 */ 3429 smi_addr = ((struct ipmi_system_interface_addr *) 3430 &(recv_msg->addr)); 3431 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3432 smi_addr->channel = IPMI_BMC_CHANNEL; 3433 smi_addr->lun = msg->rsp[0] & 3; 3434 3435 recv_msg->user = user; 3436 recv_msg->user_msg_data = NULL; 3437 recv_msg->recv_type = IPMI_OEM_RECV_TYPE; 3438 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3439 recv_msg->msg.cmd = msg->rsp[1]; 3440 recv_msg->msg.data = recv_msg->msg_data; 3441 3442 /* 3443 * The message starts at byte 4 which follows the 3444 * the Channel Byte in the "GET MESSAGE" command 3445 */ 3446 recv_msg->msg.data_len = msg->rsp_size - 4; 3447 memcpy(recv_msg->msg_data, 3448 &(msg->rsp[4]), 3449 msg->rsp_size - 4); 3450 deliver_response(recv_msg); 3451 } 3452 } 3453 3454 return rv; 3455 } 3456 3457 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg, 3458 struct ipmi_smi_msg *msg) 3459 { 3460 struct ipmi_system_interface_addr *smi_addr; 3461 3462 recv_msg->msgid = 0; 3463 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr); 3464 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3465 smi_addr->channel = IPMI_BMC_CHANNEL; 3466 smi_addr->lun = msg->rsp[0] & 3; 3467 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE; 3468 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3469 recv_msg->msg.cmd = msg->rsp[1]; 3470 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3); 3471 recv_msg->msg.data = recv_msg->msg_data; 3472 recv_msg->msg.data_len = msg->rsp_size - 3; 3473 } 3474 3475 static int handle_read_event_rsp(ipmi_smi_t intf, 3476 struct ipmi_smi_msg *msg) 3477 { 3478 struct ipmi_recv_msg *recv_msg, *recv_msg2; 3479 struct list_head msgs; 3480 ipmi_user_t user; 3481 int rv = 0; 3482 int deliver_count = 0; 3483 unsigned long flags; 3484 3485 if (msg->rsp_size < 19) { 3486 /* Message is too small to be an IPMB event. */ 3487 ipmi_inc_stat(intf, invalid_events); 3488 return 0; 3489 } 3490 3491 if (msg->rsp[2] != 0) { 3492 /* An error getting the event, just ignore it. */ 3493 return 0; 3494 } 3495 3496 INIT_LIST_HEAD(&msgs); 3497 3498 spin_lock_irqsave(&intf->events_lock, flags); 3499 3500 ipmi_inc_stat(intf, events); 3501 3502 /* 3503 * Allocate and fill in one message for every user that is 3504 * getting events. 3505 */ 3506 rcu_read_lock(); 3507 list_for_each_entry_rcu(user, &intf->users, link) { 3508 if (!user->gets_events) 3509 continue; 3510 3511 recv_msg = ipmi_alloc_recv_msg(); 3512 if (!recv_msg) { 3513 rcu_read_unlock(); 3514 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, 3515 link) { 3516 list_del(&recv_msg->link); 3517 ipmi_free_recv_msg(recv_msg); 3518 } 3519 /* 3520 * We couldn't allocate memory for the 3521 * message, so requeue it for handling 3522 * later. 3523 */ 3524 rv = 1; 3525 goto out; 3526 } 3527 3528 deliver_count++; 3529 3530 copy_event_into_recv_msg(recv_msg, msg); 3531 recv_msg->user = user; 3532 kref_get(&user->refcount); 3533 list_add_tail(&(recv_msg->link), &msgs); 3534 } 3535 rcu_read_unlock(); 3536 3537 if (deliver_count) { 3538 /* Now deliver all the messages. */ 3539 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) { 3540 list_del(&recv_msg->link); 3541 deliver_response(recv_msg); 3542 } 3543 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) { 3544 /* 3545 * No one to receive the message, put it in queue if there's 3546 * not already too many things in the queue. 3547 */ 3548 recv_msg = ipmi_alloc_recv_msg(); 3549 if (!recv_msg) { 3550 /* 3551 * We couldn't allocate memory for the 3552 * message, so requeue it for handling 3553 * later. 3554 */ 3555 rv = 1; 3556 goto out; 3557 } 3558 3559 copy_event_into_recv_msg(recv_msg, msg); 3560 list_add_tail(&(recv_msg->link), &(intf->waiting_events)); 3561 intf->waiting_events_count++; 3562 } else if (!intf->event_msg_printed) { 3563 /* 3564 * There's too many things in the queue, discard this 3565 * message. 3566 */ 3567 printk(KERN_WARNING PFX "Event queue full, discarding" 3568 " incoming events\n"); 3569 intf->event_msg_printed = 1; 3570 } 3571 3572 out: 3573 spin_unlock_irqrestore(&(intf->events_lock), flags); 3574 3575 return rv; 3576 } 3577 3578 static int handle_bmc_rsp(ipmi_smi_t intf, 3579 struct ipmi_smi_msg *msg) 3580 { 3581 struct ipmi_recv_msg *recv_msg; 3582 struct ipmi_user *user; 3583 3584 recv_msg = (struct ipmi_recv_msg *) msg->user_data; 3585 if (recv_msg == NULL) { 3586 printk(KERN_WARNING 3587 "IPMI message received with no owner. This\n" 3588 "could be because of a malformed message, or\n" 3589 "because of a hardware error. Contact your\n" 3590 "hardware vender for assistance\n"); 3591 return 0; 3592 } 3593 3594 user = recv_msg->user; 3595 /* Make sure the user still exists. */ 3596 if (user && !user->valid) { 3597 /* The user for the message went away, so give up. */ 3598 ipmi_inc_stat(intf, unhandled_local_responses); 3599 ipmi_free_recv_msg(recv_msg); 3600 } else { 3601 struct ipmi_system_interface_addr *smi_addr; 3602 3603 ipmi_inc_stat(intf, handled_local_responses); 3604 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE; 3605 recv_msg->msgid = msg->msgid; 3606 smi_addr = ((struct ipmi_system_interface_addr *) 3607 &(recv_msg->addr)); 3608 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 3609 smi_addr->channel = IPMI_BMC_CHANNEL; 3610 smi_addr->lun = msg->rsp[0] & 3; 3611 recv_msg->msg.netfn = msg->rsp[0] >> 2; 3612 recv_msg->msg.cmd = msg->rsp[1]; 3613 memcpy(recv_msg->msg_data, 3614 &(msg->rsp[2]), 3615 msg->rsp_size - 2); 3616 recv_msg->msg.data = recv_msg->msg_data; 3617 recv_msg->msg.data_len = msg->rsp_size - 2; 3618 deliver_response(recv_msg); 3619 } 3620 3621 return 0; 3622 } 3623 3624 /* 3625 * Handle a new message. Return 1 if the message should be requeued, 3626 * 0 if the message should be freed, or -1 if the message should not 3627 * be freed or requeued. 3628 */ 3629 static int handle_new_recv_msg(ipmi_smi_t intf, 3630 struct ipmi_smi_msg *msg) 3631 { 3632 int requeue; 3633 int chan; 3634 3635 #ifdef DEBUG_MSGING 3636 int m; 3637 printk("Recv:"); 3638 for (m = 0; m < msg->rsp_size; m++) 3639 printk(" %2.2x", msg->rsp[m]); 3640 printk("\n"); 3641 #endif 3642 if (msg->rsp_size < 2) { 3643 /* Message is too small to be correct. */ 3644 printk(KERN_WARNING PFX "BMC returned to small a message" 3645 " for netfn %x cmd %x, got %d bytes\n", 3646 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size); 3647 3648 /* Generate an error response for the message. */ 3649 msg->rsp[0] = msg->data[0] | (1 << 2); 3650 msg->rsp[1] = msg->data[1]; 3651 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3652 msg->rsp_size = 3; 3653 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1)) 3654 || (msg->rsp[1] != msg->data[1])) { 3655 /* 3656 * The NetFN and Command in the response is not even 3657 * marginally correct. 3658 */ 3659 printk(KERN_WARNING PFX "BMC returned incorrect response," 3660 " expected netfn %x cmd %x, got netfn %x cmd %x\n", 3661 (msg->data[0] >> 2) | 1, msg->data[1], 3662 msg->rsp[0] >> 2, msg->rsp[1]); 3663 3664 /* Generate an error response for the message. */ 3665 msg->rsp[0] = msg->data[0] | (1 << 2); 3666 msg->rsp[1] = msg->data[1]; 3667 msg->rsp[2] = IPMI_ERR_UNSPECIFIED; 3668 msg->rsp_size = 3; 3669 } 3670 3671 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3672 && (msg->rsp[1] == IPMI_SEND_MSG_CMD) 3673 && (msg->user_data != NULL)) { 3674 /* 3675 * It's a response to a response we sent. For this we 3676 * deliver a send message response to the user. 3677 */ 3678 struct ipmi_recv_msg *recv_msg = msg->user_data; 3679 3680 requeue = 0; 3681 if (msg->rsp_size < 2) 3682 /* Message is too small to be correct. */ 3683 goto out; 3684 3685 chan = msg->data[2] & 0x0f; 3686 if (chan >= IPMI_MAX_CHANNELS) 3687 /* Invalid channel number */ 3688 goto out; 3689 3690 if (!recv_msg) 3691 goto out; 3692 3693 /* Make sure the user still exists. */ 3694 if (!recv_msg->user || !recv_msg->user->valid) 3695 goto out; 3696 3697 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE; 3698 recv_msg->msg.data = recv_msg->msg_data; 3699 recv_msg->msg.data_len = 1; 3700 recv_msg->msg_data[0] = msg->rsp[2]; 3701 deliver_response(recv_msg); 3702 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3703 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) { 3704 /* It's from the receive queue. */ 3705 chan = msg->rsp[3] & 0xf; 3706 if (chan >= IPMI_MAX_CHANNELS) { 3707 /* Invalid channel number */ 3708 requeue = 0; 3709 goto out; 3710 } 3711 3712 /* 3713 * We need to make sure the channels have been initialized. 3714 * The channel_handler routine will set the "curr_channel" 3715 * equal to or greater than IPMI_MAX_CHANNELS when all the 3716 * channels for this interface have been initialized. 3717 */ 3718 if (intf->curr_channel < IPMI_MAX_CHANNELS) { 3719 requeue = 0; /* Throw the message away */ 3720 goto out; 3721 } 3722 3723 switch (intf->channels[chan].medium) { 3724 case IPMI_CHANNEL_MEDIUM_IPMB: 3725 if (msg->rsp[4] & 0x04) { 3726 /* 3727 * It's a response, so find the 3728 * requesting message and send it up. 3729 */ 3730 requeue = handle_ipmb_get_msg_rsp(intf, msg); 3731 } else { 3732 /* 3733 * It's a command to the SMS from some other 3734 * entity. Handle that. 3735 */ 3736 requeue = handle_ipmb_get_msg_cmd(intf, msg); 3737 } 3738 break; 3739 3740 case IPMI_CHANNEL_MEDIUM_8023LAN: 3741 case IPMI_CHANNEL_MEDIUM_ASYNC: 3742 if (msg->rsp[6] & 0x04) { 3743 /* 3744 * It's a response, so find the 3745 * requesting message and send it up. 3746 */ 3747 requeue = handle_lan_get_msg_rsp(intf, msg); 3748 } else { 3749 /* 3750 * It's a command to the SMS from some other 3751 * entity. Handle that. 3752 */ 3753 requeue = handle_lan_get_msg_cmd(intf, msg); 3754 } 3755 break; 3756 3757 default: 3758 /* Check for OEM Channels. Clients had better 3759 register for these commands. */ 3760 if ((intf->channels[chan].medium 3761 >= IPMI_CHANNEL_MEDIUM_OEM_MIN) 3762 && (intf->channels[chan].medium 3763 <= IPMI_CHANNEL_MEDIUM_OEM_MAX)) { 3764 requeue = handle_oem_get_msg_cmd(intf, msg); 3765 } else { 3766 /* 3767 * We don't handle the channel type, so just 3768 * free the message. 3769 */ 3770 requeue = 0; 3771 } 3772 } 3773 3774 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2)) 3775 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) { 3776 /* It's an asyncronous event. */ 3777 requeue = handle_read_event_rsp(intf, msg); 3778 } else { 3779 /* It's a response from the local BMC. */ 3780 requeue = handle_bmc_rsp(intf, msg); 3781 } 3782 3783 out: 3784 return requeue; 3785 } 3786 3787 /* Handle a new message from the lower layer. */ 3788 void ipmi_smi_msg_received(ipmi_smi_t intf, 3789 struct ipmi_smi_msg *msg) 3790 { 3791 unsigned long flags = 0; /* keep us warning-free. */ 3792 int rv; 3793 int run_to_completion; 3794 3795 3796 if ((msg->data_size >= 2) 3797 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2)) 3798 && (msg->data[1] == IPMI_SEND_MSG_CMD) 3799 && (msg->user_data == NULL)) { 3800 /* 3801 * This is the local response to a command send, start 3802 * the timer for these. The user_data will not be 3803 * NULL if this is a response send, and we will let 3804 * response sends just go through. 3805 */ 3806 3807 /* 3808 * Check for errors, if we get certain errors (ones 3809 * that mean basically we can try again later), we 3810 * ignore them and start the timer. Otherwise we 3811 * report the error immediately. 3812 */ 3813 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0) 3814 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR) 3815 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR) 3816 && (msg->rsp[2] != IPMI_BUS_ERR) 3817 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) { 3818 int chan = msg->rsp[3] & 0xf; 3819 3820 /* Got an error sending the message, handle it. */ 3821 if (chan >= IPMI_MAX_CHANNELS) 3822 ; /* This shouldn't happen */ 3823 else if ((intf->channels[chan].medium 3824 == IPMI_CHANNEL_MEDIUM_8023LAN) 3825 || (intf->channels[chan].medium 3826 == IPMI_CHANNEL_MEDIUM_ASYNC)) 3827 ipmi_inc_stat(intf, sent_lan_command_errs); 3828 else 3829 ipmi_inc_stat(intf, sent_ipmb_command_errs); 3830 intf_err_seq(intf, msg->msgid, msg->rsp[2]); 3831 } else 3832 /* The message was sent, start the timer. */ 3833 intf_start_seq_timer(intf, msg->msgid); 3834 3835 ipmi_free_smi_msg(msg); 3836 goto out; 3837 } 3838 3839 /* 3840 * To preserve message order, if the list is not empty, we 3841 * tack this message onto the end of the list. 3842 */ 3843 run_to_completion = intf->run_to_completion; 3844 if (!run_to_completion) 3845 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3846 if (!list_empty(&intf->waiting_msgs)) { 3847 list_add_tail(&msg->link, &intf->waiting_msgs); 3848 if (!run_to_completion) 3849 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3850 goto out; 3851 } 3852 if (!run_to_completion) 3853 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3854 3855 rv = handle_new_recv_msg(intf, msg); 3856 if (rv > 0) { 3857 /* 3858 * Could not handle the message now, just add it to a 3859 * list to handle later. 3860 */ 3861 run_to_completion = intf->run_to_completion; 3862 if (!run_to_completion) 3863 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 3864 list_add_tail(&msg->link, &intf->waiting_msgs); 3865 if (!run_to_completion) 3866 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 3867 } else if (rv == 0) { 3868 ipmi_free_smi_msg(msg); 3869 } 3870 3871 out: 3872 return; 3873 } 3874 EXPORT_SYMBOL(ipmi_smi_msg_received); 3875 3876 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf) 3877 { 3878 ipmi_user_t user; 3879 3880 rcu_read_lock(); 3881 list_for_each_entry_rcu(user, &intf->users, link) { 3882 if (!user->handler->ipmi_watchdog_pretimeout) 3883 continue; 3884 3885 user->handler->ipmi_watchdog_pretimeout(user->handler_data); 3886 } 3887 rcu_read_unlock(); 3888 } 3889 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout); 3890 3891 static struct ipmi_smi_msg * 3892 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg, 3893 unsigned char seq, long seqid) 3894 { 3895 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg(); 3896 if (!smi_msg) 3897 /* 3898 * If we can't allocate the message, then just return, we 3899 * get 4 retries, so this should be ok. 3900 */ 3901 return NULL; 3902 3903 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len); 3904 smi_msg->data_size = recv_msg->msg.data_len; 3905 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid); 3906 3907 #ifdef DEBUG_MSGING 3908 { 3909 int m; 3910 printk("Resend: "); 3911 for (m = 0; m < smi_msg->data_size; m++) 3912 printk(" %2.2x", smi_msg->data[m]); 3913 printk("\n"); 3914 } 3915 #endif 3916 return smi_msg; 3917 } 3918 3919 static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, 3920 struct list_head *timeouts, long timeout_period, 3921 int slot, unsigned long *flags) 3922 { 3923 struct ipmi_recv_msg *msg; 3924 struct ipmi_smi_handlers *handlers; 3925 3926 if (intf->intf_num == -1) 3927 return; 3928 3929 if (!ent->inuse) 3930 return; 3931 3932 ent->timeout -= timeout_period; 3933 if (ent->timeout > 0) 3934 return; 3935 3936 if (ent->retries_left == 0) { 3937 /* The message has used all its retries. */ 3938 ent->inuse = 0; 3939 msg = ent->recv_msg; 3940 list_add_tail(&msg->link, timeouts); 3941 if (ent->broadcast) 3942 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts); 3943 else if (is_lan_addr(&ent->recv_msg->addr)) 3944 ipmi_inc_stat(intf, timed_out_lan_commands); 3945 else 3946 ipmi_inc_stat(intf, timed_out_ipmb_commands); 3947 } else { 3948 struct ipmi_smi_msg *smi_msg; 3949 /* More retries, send again. */ 3950 3951 /* 3952 * Start with the max timer, set to normal timer after 3953 * the message is sent. 3954 */ 3955 ent->timeout = MAX_MSG_TIMEOUT; 3956 ent->retries_left--; 3957 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot, 3958 ent->seqid); 3959 if (!smi_msg) { 3960 if (is_lan_addr(&ent->recv_msg->addr)) 3961 ipmi_inc_stat(intf, 3962 dropped_rexmit_lan_commands); 3963 else 3964 ipmi_inc_stat(intf, 3965 dropped_rexmit_ipmb_commands); 3966 return; 3967 } 3968 3969 spin_unlock_irqrestore(&intf->seq_lock, *flags); 3970 3971 /* 3972 * Send the new message. We send with a zero 3973 * priority. It timed out, I doubt time is that 3974 * critical now, and high priority messages are really 3975 * only for messages to the local MC, which don't get 3976 * resent. 3977 */ 3978 handlers = intf->handlers; 3979 if (handlers) { 3980 if (is_lan_addr(&ent->recv_msg->addr)) 3981 ipmi_inc_stat(intf, 3982 retransmitted_lan_commands); 3983 else 3984 ipmi_inc_stat(intf, 3985 retransmitted_ipmb_commands); 3986 3987 intf->handlers->sender(intf->send_info, 3988 smi_msg, 0); 3989 } else 3990 ipmi_free_smi_msg(smi_msg); 3991 3992 spin_lock_irqsave(&intf->seq_lock, *flags); 3993 } 3994 } 3995 3996 static void ipmi_timeout_handler(long timeout_period) 3997 { 3998 ipmi_smi_t intf; 3999 struct list_head timeouts; 4000 struct ipmi_recv_msg *msg, *msg2; 4001 struct ipmi_smi_msg *smi_msg, *smi_msg2; 4002 unsigned long flags; 4003 int i; 4004 4005 rcu_read_lock(); 4006 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4007 /* See if any waiting messages need to be processed. */ 4008 spin_lock_irqsave(&intf->waiting_msgs_lock, flags); 4009 list_for_each_entry_safe(smi_msg, smi_msg2, 4010 &intf->waiting_msgs, link) { 4011 if (!handle_new_recv_msg(intf, smi_msg)) { 4012 list_del(&smi_msg->link); 4013 ipmi_free_smi_msg(smi_msg); 4014 } else { 4015 /* 4016 * To preserve message order, quit if we 4017 * can't handle a message. 4018 */ 4019 break; 4020 } 4021 } 4022 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags); 4023 4024 /* 4025 * Go through the seq table and find any messages that 4026 * have timed out, putting them in the timeouts 4027 * list. 4028 */ 4029 INIT_LIST_HEAD(&timeouts); 4030 spin_lock_irqsave(&intf->seq_lock, flags); 4031 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) 4032 check_msg_timeout(intf, &(intf->seq_table[i]), 4033 &timeouts, timeout_period, i, 4034 &flags); 4035 spin_unlock_irqrestore(&intf->seq_lock, flags); 4036 4037 list_for_each_entry_safe(msg, msg2, &timeouts, link) 4038 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE); 4039 4040 /* 4041 * Maintenance mode handling. Check the timeout 4042 * optimistically before we claim the lock. It may 4043 * mean a timeout gets missed occasionally, but that 4044 * only means the timeout gets extended by one period 4045 * in that case. No big deal, and it avoids the lock 4046 * most of the time. 4047 */ 4048 if (intf->auto_maintenance_timeout > 0) { 4049 spin_lock_irqsave(&intf->maintenance_mode_lock, flags); 4050 if (intf->auto_maintenance_timeout > 0) { 4051 intf->auto_maintenance_timeout 4052 -= timeout_period; 4053 if (!intf->maintenance_mode 4054 && (intf->auto_maintenance_timeout <= 0)) { 4055 intf->maintenance_mode_enable = 0; 4056 maintenance_mode_update(intf); 4057 } 4058 } 4059 spin_unlock_irqrestore(&intf->maintenance_mode_lock, 4060 flags); 4061 } 4062 } 4063 rcu_read_unlock(); 4064 } 4065 4066 static void ipmi_request_event(void) 4067 { 4068 ipmi_smi_t intf; 4069 struct ipmi_smi_handlers *handlers; 4070 4071 rcu_read_lock(); 4072 /* 4073 * Called from the timer, no need to check if handlers is 4074 * valid. 4075 */ 4076 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4077 /* No event requests when in maintenance mode. */ 4078 if (intf->maintenance_mode_enable) 4079 continue; 4080 4081 handlers = intf->handlers; 4082 if (handlers) 4083 handlers->request_events(intf->send_info); 4084 } 4085 rcu_read_unlock(); 4086 } 4087 4088 static struct timer_list ipmi_timer; 4089 4090 /* Call every ~1000 ms. */ 4091 #define IPMI_TIMEOUT_TIME 1000 4092 4093 /* How many jiffies does it take to get to the timeout time. */ 4094 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000) 4095 4096 /* 4097 * Request events from the queue every second (this is the number of 4098 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the 4099 * future, IPMI will add a way to know immediately if an event is in 4100 * the queue and this silliness can go away. 4101 */ 4102 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME)) 4103 4104 static atomic_t stop_operation; 4105 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 4106 4107 static void ipmi_timeout(unsigned long data) 4108 { 4109 if (atomic_read(&stop_operation)) 4110 return; 4111 4112 ticks_to_req_ev--; 4113 if (ticks_to_req_ev == 0) { 4114 ipmi_request_event(); 4115 ticks_to_req_ev = IPMI_REQUEST_EV_TIME; 4116 } 4117 4118 ipmi_timeout_handler(IPMI_TIMEOUT_TIME); 4119 4120 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4121 } 4122 4123 4124 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0); 4125 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0); 4126 4127 /* FIXME - convert these to slabs. */ 4128 static void free_smi_msg(struct ipmi_smi_msg *msg) 4129 { 4130 atomic_dec(&smi_msg_inuse_count); 4131 kfree(msg); 4132 } 4133 4134 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void) 4135 { 4136 struct ipmi_smi_msg *rv; 4137 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC); 4138 if (rv) { 4139 rv->done = free_smi_msg; 4140 rv->user_data = NULL; 4141 atomic_inc(&smi_msg_inuse_count); 4142 } 4143 return rv; 4144 } 4145 EXPORT_SYMBOL(ipmi_alloc_smi_msg); 4146 4147 static void free_recv_msg(struct ipmi_recv_msg *msg) 4148 { 4149 atomic_dec(&recv_msg_inuse_count); 4150 kfree(msg); 4151 } 4152 4153 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void) 4154 { 4155 struct ipmi_recv_msg *rv; 4156 4157 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC); 4158 if (rv) { 4159 rv->user = NULL; 4160 rv->done = free_recv_msg; 4161 atomic_inc(&recv_msg_inuse_count); 4162 } 4163 return rv; 4164 } 4165 4166 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg) 4167 { 4168 if (msg->user) 4169 kref_put(&msg->user->refcount, free_user); 4170 msg->done(msg); 4171 } 4172 EXPORT_SYMBOL(ipmi_free_recv_msg); 4173 4174 #ifdef CONFIG_IPMI_PANIC_EVENT 4175 4176 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg) 4177 { 4178 } 4179 4180 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg) 4181 { 4182 } 4183 4184 #ifdef CONFIG_IPMI_PANIC_STRING 4185 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 4186 { 4187 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 4188 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE) 4189 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD) 4190 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) { 4191 /* A get event receiver command, save it. */ 4192 intf->event_receiver = msg->msg.data[1]; 4193 intf->event_receiver_lun = msg->msg.data[2] & 0x3; 4194 } 4195 } 4196 4197 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg) 4198 { 4199 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) 4200 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE) 4201 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD) 4202 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) { 4203 /* 4204 * A get device id command, save if we are an event 4205 * receiver or generator. 4206 */ 4207 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1; 4208 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1; 4209 } 4210 } 4211 #endif 4212 4213 static void send_panic_events(char *str) 4214 { 4215 struct kernel_ipmi_msg msg; 4216 ipmi_smi_t intf; 4217 unsigned char data[16]; 4218 struct ipmi_system_interface_addr *si; 4219 struct ipmi_addr addr; 4220 struct ipmi_smi_msg smi_msg; 4221 struct ipmi_recv_msg recv_msg; 4222 4223 si = (struct ipmi_system_interface_addr *) &addr; 4224 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4225 si->channel = IPMI_BMC_CHANNEL; 4226 si->lun = 0; 4227 4228 /* Fill in an event telling that we have failed. */ 4229 msg.netfn = 0x04; /* Sensor or Event. */ 4230 msg.cmd = 2; /* Platform event command. */ 4231 msg.data = data; 4232 msg.data_len = 8; 4233 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */ 4234 data[1] = 0x03; /* This is for IPMI 1.0. */ 4235 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */ 4236 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */ 4237 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */ 4238 4239 /* 4240 * Put a few breadcrumbs in. Hopefully later we can add more things 4241 * to make the panic events more useful. 4242 */ 4243 if (str) { 4244 data[3] = str[0]; 4245 data[6] = str[1]; 4246 data[7] = str[2]; 4247 } 4248 4249 smi_msg.done = dummy_smi_done_handler; 4250 recv_msg.done = dummy_recv_done_handler; 4251 4252 /* For every registered interface, send the event. */ 4253 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4254 if (!intf->handlers) 4255 /* Interface is not ready. */ 4256 continue; 4257 4258 intf->run_to_completion = 1; 4259 /* Send the event announcing the panic. */ 4260 intf->handlers->set_run_to_completion(intf->send_info, 1); 4261 i_ipmi_request(NULL, 4262 intf, 4263 &addr, 4264 0, 4265 &msg, 4266 intf, 4267 &smi_msg, 4268 &recv_msg, 4269 0, 4270 intf->channels[0].address, 4271 intf->channels[0].lun, 4272 0, 1); /* Don't retry, and don't wait. */ 4273 } 4274 4275 #ifdef CONFIG_IPMI_PANIC_STRING 4276 /* 4277 * On every interface, dump a bunch of OEM event holding the 4278 * string. 4279 */ 4280 if (!str) 4281 return; 4282 4283 /* For every registered interface, send the event. */ 4284 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4285 char *p = str; 4286 struct ipmi_ipmb_addr *ipmb; 4287 int j; 4288 4289 if (intf->intf_num == -1) 4290 /* Interface was not ready yet. */ 4291 continue; 4292 4293 /* 4294 * intf_num is used as an marker to tell if the 4295 * interface is valid. Thus we need a read barrier to 4296 * make sure data fetched before checking intf_num 4297 * won't be used. 4298 */ 4299 smp_rmb(); 4300 4301 /* 4302 * First job here is to figure out where to send the 4303 * OEM events. There's no way in IPMI to send OEM 4304 * events using an event send command, so we have to 4305 * find the SEL to put them in and stick them in 4306 * there. 4307 */ 4308 4309 /* Get capabilities from the get device id. */ 4310 intf->local_sel_device = 0; 4311 intf->local_event_generator = 0; 4312 intf->event_receiver = 0; 4313 4314 /* Request the device info from the local MC. */ 4315 msg.netfn = IPMI_NETFN_APP_REQUEST; 4316 msg.cmd = IPMI_GET_DEVICE_ID_CMD; 4317 msg.data = NULL; 4318 msg.data_len = 0; 4319 intf->null_user_handler = device_id_fetcher; 4320 i_ipmi_request(NULL, 4321 intf, 4322 &addr, 4323 0, 4324 &msg, 4325 intf, 4326 &smi_msg, 4327 &recv_msg, 4328 0, 4329 intf->channels[0].address, 4330 intf->channels[0].lun, 4331 0, 1); /* Don't retry, and don't wait. */ 4332 4333 if (intf->local_event_generator) { 4334 /* Request the event receiver from the local MC. */ 4335 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST; 4336 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD; 4337 msg.data = NULL; 4338 msg.data_len = 0; 4339 intf->null_user_handler = event_receiver_fetcher; 4340 i_ipmi_request(NULL, 4341 intf, 4342 &addr, 4343 0, 4344 &msg, 4345 intf, 4346 &smi_msg, 4347 &recv_msg, 4348 0, 4349 intf->channels[0].address, 4350 intf->channels[0].lun, 4351 0, 1); /* no retry, and no wait. */ 4352 } 4353 intf->null_user_handler = NULL; 4354 4355 /* 4356 * Validate the event receiver. The low bit must not 4357 * be 1 (it must be a valid IPMB address), it cannot 4358 * be zero, and it must not be my address. 4359 */ 4360 if (((intf->event_receiver & 1) == 0) 4361 && (intf->event_receiver != 0) 4362 && (intf->event_receiver != intf->channels[0].address)) { 4363 /* 4364 * The event receiver is valid, send an IPMB 4365 * message. 4366 */ 4367 ipmb = (struct ipmi_ipmb_addr *) &addr; 4368 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE; 4369 ipmb->channel = 0; /* FIXME - is this right? */ 4370 ipmb->lun = intf->event_receiver_lun; 4371 ipmb->slave_addr = intf->event_receiver; 4372 } else if (intf->local_sel_device) { 4373 /* 4374 * The event receiver was not valid (or was 4375 * me), but I am an SEL device, just dump it 4376 * in my SEL. 4377 */ 4378 si = (struct ipmi_system_interface_addr *) &addr; 4379 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE; 4380 si->channel = IPMI_BMC_CHANNEL; 4381 si->lun = 0; 4382 } else 4383 continue; /* No where to send the event. */ 4384 4385 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */ 4386 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD; 4387 msg.data = data; 4388 msg.data_len = 16; 4389 4390 j = 0; 4391 while (*p) { 4392 int size = strlen(p); 4393 4394 if (size > 11) 4395 size = 11; 4396 data[0] = 0; 4397 data[1] = 0; 4398 data[2] = 0xf0; /* OEM event without timestamp. */ 4399 data[3] = intf->channels[0].address; 4400 data[4] = j++; /* sequence # */ 4401 /* 4402 * Always give 11 bytes, so strncpy will fill 4403 * it with zeroes for me. 4404 */ 4405 strncpy(data+5, p, 11); 4406 p += size; 4407 4408 i_ipmi_request(NULL, 4409 intf, 4410 &addr, 4411 0, 4412 &msg, 4413 intf, 4414 &smi_msg, 4415 &recv_msg, 4416 0, 4417 intf->channels[0].address, 4418 intf->channels[0].lun, 4419 0, 1); /* no retry, and no wait. */ 4420 } 4421 } 4422 #endif /* CONFIG_IPMI_PANIC_STRING */ 4423 } 4424 #endif /* CONFIG_IPMI_PANIC_EVENT */ 4425 4426 static int has_panicked; 4427 4428 static int panic_event(struct notifier_block *this, 4429 unsigned long event, 4430 void *ptr) 4431 { 4432 ipmi_smi_t intf; 4433 4434 if (has_panicked) 4435 return NOTIFY_DONE; 4436 has_panicked = 1; 4437 4438 /* For every registered interface, set it to run to completion. */ 4439 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) { 4440 if (!intf->handlers) 4441 /* Interface is not ready. */ 4442 continue; 4443 4444 intf->run_to_completion = 1; 4445 intf->handlers->set_run_to_completion(intf->send_info, 1); 4446 } 4447 4448 #ifdef CONFIG_IPMI_PANIC_EVENT 4449 send_panic_events(ptr); 4450 #endif 4451 4452 return NOTIFY_DONE; 4453 } 4454 4455 static struct notifier_block panic_block = { 4456 .notifier_call = panic_event, 4457 .next = NULL, 4458 .priority = 200 /* priority: INT_MAX >= x >= 0 */ 4459 }; 4460 4461 static int ipmi_init_msghandler(void) 4462 { 4463 int rv; 4464 4465 if (initialized) 4466 return 0; 4467 4468 rv = driver_register(&ipmidriver.driver); 4469 if (rv) { 4470 printk(KERN_ERR PFX "Could not register IPMI driver\n"); 4471 return rv; 4472 } 4473 4474 printk(KERN_INFO "ipmi message handler version " 4475 IPMI_DRIVER_VERSION "\n"); 4476 4477 #ifdef CONFIG_PROC_FS 4478 proc_ipmi_root = proc_mkdir("ipmi", NULL); 4479 if (!proc_ipmi_root) { 4480 printk(KERN_ERR PFX "Unable to create IPMI proc dir"); 4481 return -ENOMEM; 4482 } 4483 4484 #endif /* CONFIG_PROC_FS */ 4485 4486 setup_timer(&ipmi_timer, ipmi_timeout, 0); 4487 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES); 4488 4489 atomic_notifier_chain_register(&panic_notifier_list, &panic_block); 4490 4491 initialized = 1; 4492 4493 return 0; 4494 } 4495 4496 static int __init ipmi_init_msghandler_mod(void) 4497 { 4498 ipmi_init_msghandler(); 4499 return 0; 4500 } 4501 4502 static void __exit cleanup_ipmi(void) 4503 { 4504 int count; 4505 4506 if (!initialized) 4507 return; 4508 4509 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block); 4510 4511 /* 4512 * This can't be called if any interfaces exist, so no worry 4513 * about shutting down the interfaces. 4514 */ 4515 4516 /* 4517 * Tell the timer to stop, then wait for it to stop. This 4518 * avoids problems with race conditions removing the timer 4519 * here. 4520 */ 4521 atomic_inc(&stop_operation); 4522 del_timer_sync(&ipmi_timer); 4523 4524 #ifdef CONFIG_PROC_FS 4525 remove_proc_entry(proc_ipmi_root->name, NULL); 4526 #endif /* CONFIG_PROC_FS */ 4527 4528 driver_unregister(&ipmidriver.driver); 4529 4530 initialized = 0; 4531 4532 /* Check for buffer leaks. */ 4533 count = atomic_read(&smi_msg_inuse_count); 4534 if (count != 0) 4535 printk(KERN_WARNING PFX "SMI message count %d at exit\n", 4536 count); 4537 count = atomic_read(&recv_msg_inuse_count); 4538 if (count != 0) 4539 printk(KERN_WARNING PFX "recv message count %d at exit\n", 4540 count); 4541 } 4542 module_exit(cleanup_ipmi); 4543 4544 module_init(ipmi_init_msghandler_mod); 4545 MODULE_LICENSE("GPL"); 4546 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>"); 4547 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI" 4548 " interface."); 4549 MODULE_VERSION(IPMI_DRIVER_VERSION); 4550