xref: /linux/drivers/char/ipmi/kcs_bmc.c (revision be2ed207e3745392478e85afa0bb02acdf44c966) 
1 // SPDX-License-Identifier: GPL-2.0
2 // Copyright (c) 2015-2018, Intel Corporation.
3 
4 #define pr_fmt(fmt) "kcs-bmc: " fmt
5 
6 #include <linux/errno.h>
7 #include <linux/io.h>
8 #include <linux/ipmi_bmc.h>
9 #include <linux/module.h>
10 #include <linux/platform_device.h>
11 #include <linux/poll.h>
12 #include <linux/sched.h>
13 #include <linux/slab.h>
14 
15 #include "kcs_bmc.h"
16 
17 #define KCS_MSG_BUFSIZ    1000
18 
19 #define KCS_ZERO_DATA     0
20 
21 
22 /* IPMI 2.0 - Table 9-1, KCS Interface Status Register Bits */
23 #define KCS_STATUS_STATE(state) (state << 6)
24 #define KCS_STATUS_STATE_MASK   GENMASK(7, 6)
25 #define KCS_STATUS_CMD_DAT      BIT(3)
26 #define KCS_STATUS_SMS_ATN      BIT(2)
27 #define KCS_STATUS_IBF          BIT(1)
28 #define KCS_STATUS_OBF          BIT(0)
29 
30 /* IPMI 2.0 - Table 9-2, KCS Interface State Bits */
31 enum kcs_states {
32 	IDLE_STATE  = 0,
33 	READ_STATE  = 1,
34 	WRITE_STATE = 2,
35 	ERROR_STATE = 3,
36 };
37 
38 /* IPMI 2.0 - Table 9-3, KCS Interface Control Codes */
39 #define KCS_CMD_GET_STATUS_ABORT  0x60
40 #define KCS_CMD_WRITE_START       0x61
41 #define KCS_CMD_WRITE_END         0x62
42 #define KCS_CMD_READ_BYTE         0x68
43 
44 static inline u8 read_data(struct kcs_bmc *kcs_bmc)
45 {
46 	return kcs_bmc->io_inputb(kcs_bmc, kcs_bmc->ioreg.idr);
47 }
48 
49 static inline void write_data(struct kcs_bmc *kcs_bmc, u8 data)
50 {
51 	kcs_bmc->io_outputb(kcs_bmc, kcs_bmc->ioreg.odr, data);
52 }
53 
54 static inline u8 read_status(struct kcs_bmc *kcs_bmc)
55 {
56 	return kcs_bmc->io_inputb(kcs_bmc, kcs_bmc->ioreg.str);
57 }
58 
59 static inline void write_status(struct kcs_bmc *kcs_bmc, u8 data)
60 {
61 	kcs_bmc->io_outputb(kcs_bmc, kcs_bmc->ioreg.str, data);
62 }
63 
64 static void update_status_bits(struct kcs_bmc *kcs_bmc, u8 mask, u8 val)
65 {
66 	u8 tmp = read_status(kcs_bmc);
67 
68 	tmp &= ~mask;
69 	tmp |= val & mask;
70 
71 	write_status(kcs_bmc, tmp);
72 }
73 
74 static inline void set_state(struct kcs_bmc *kcs_bmc, u8 state)
75 {
76 	update_status_bits(kcs_bmc, KCS_STATUS_STATE_MASK,
77 					KCS_STATUS_STATE(state));
78 }
79 
80 static void kcs_force_abort(struct kcs_bmc *kcs_bmc)
81 {
82 	set_state(kcs_bmc, ERROR_STATE);
83 	read_data(kcs_bmc);
84 	write_data(kcs_bmc, KCS_ZERO_DATA);
85 
86 	kcs_bmc->phase = KCS_PHASE_ERROR;
87 	kcs_bmc->data_in_avail = false;
88 	kcs_bmc->data_in_idx = 0;
89 }
90 
91 static void kcs_bmc_handle_data(struct kcs_bmc *kcs_bmc)
92 {
93 	u8 data;
94 
95 	switch (kcs_bmc->phase) {
96 	case KCS_PHASE_WRITE_START:
97 		kcs_bmc->phase = KCS_PHASE_WRITE_DATA;
98 
99 	case KCS_PHASE_WRITE_DATA:
100 		if (kcs_bmc->data_in_idx < KCS_MSG_BUFSIZ) {
101 			set_state(kcs_bmc, WRITE_STATE);
102 			write_data(kcs_bmc, KCS_ZERO_DATA);
103 			kcs_bmc->data_in[kcs_bmc->data_in_idx++] =
104 						read_data(kcs_bmc);
105 		} else {
106 			kcs_force_abort(kcs_bmc);
107 			kcs_bmc->error = KCS_LENGTH_ERROR;
108 		}
109 		break;
110 
111 	case KCS_PHASE_WRITE_END_CMD:
112 		if (kcs_bmc->data_in_idx < KCS_MSG_BUFSIZ) {
113 			set_state(kcs_bmc, READ_STATE);
114 			kcs_bmc->data_in[kcs_bmc->data_in_idx++] =
115 						read_data(kcs_bmc);
116 			kcs_bmc->phase = KCS_PHASE_WRITE_DONE;
117 			kcs_bmc->data_in_avail = true;
118 			wake_up_interruptible(&kcs_bmc->queue);
119 		} else {
120 			kcs_force_abort(kcs_bmc);
121 			kcs_bmc->error = KCS_LENGTH_ERROR;
122 		}
123 		break;
124 
125 	case KCS_PHASE_READ:
126 		if (kcs_bmc->data_out_idx == kcs_bmc->data_out_len)
127 			set_state(kcs_bmc, IDLE_STATE);
128 
129 		data = read_data(kcs_bmc);
130 		if (data != KCS_CMD_READ_BYTE) {
131 			set_state(kcs_bmc, ERROR_STATE);
132 			write_data(kcs_bmc, KCS_ZERO_DATA);
133 			break;
134 		}
135 
136 		if (kcs_bmc->data_out_idx == kcs_bmc->data_out_len) {
137 			write_data(kcs_bmc, KCS_ZERO_DATA);
138 			kcs_bmc->phase = KCS_PHASE_IDLE;
139 			break;
140 		}
141 
142 		write_data(kcs_bmc,
143 			kcs_bmc->data_out[kcs_bmc->data_out_idx++]);
144 		break;
145 
146 	case KCS_PHASE_ABORT_ERROR1:
147 		set_state(kcs_bmc, READ_STATE);
148 		read_data(kcs_bmc);
149 		write_data(kcs_bmc, kcs_bmc->error);
150 		kcs_bmc->phase = KCS_PHASE_ABORT_ERROR2;
151 		break;
152 
153 	case KCS_PHASE_ABORT_ERROR2:
154 		set_state(kcs_bmc, IDLE_STATE);
155 		read_data(kcs_bmc);
156 		write_data(kcs_bmc, KCS_ZERO_DATA);
157 		kcs_bmc->phase = KCS_PHASE_IDLE;
158 		break;
159 
160 	default:
161 		kcs_force_abort(kcs_bmc);
162 		break;
163 	}
164 }
165 
166 static void kcs_bmc_handle_cmd(struct kcs_bmc *kcs_bmc)
167 {
168 	u8 cmd;
169 
170 	set_state(kcs_bmc, WRITE_STATE);
171 	write_data(kcs_bmc, KCS_ZERO_DATA);
172 
173 	cmd = read_data(kcs_bmc);
174 	switch (cmd) {
175 	case KCS_CMD_WRITE_START:
176 		kcs_bmc->phase = KCS_PHASE_WRITE_START;
177 		kcs_bmc->error = KCS_NO_ERROR;
178 		kcs_bmc->data_in_avail = false;
179 		kcs_bmc->data_in_idx = 0;
180 		break;
181 
182 	case KCS_CMD_WRITE_END:
183 		if (kcs_bmc->phase != KCS_PHASE_WRITE_DATA) {
184 			kcs_force_abort(kcs_bmc);
185 			break;
186 		}
187 
188 		kcs_bmc->phase = KCS_PHASE_WRITE_END_CMD;
189 		break;
190 
191 	case KCS_CMD_GET_STATUS_ABORT:
192 		if (kcs_bmc->error == KCS_NO_ERROR)
193 			kcs_bmc->error = KCS_ABORTED_BY_COMMAND;
194 
195 		kcs_bmc->phase = KCS_PHASE_ABORT_ERROR1;
196 		kcs_bmc->data_in_avail = false;
197 		kcs_bmc->data_in_idx = 0;
198 		break;
199 
200 	default:
201 		kcs_force_abort(kcs_bmc);
202 		kcs_bmc->error = KCS_ILLEGAL_CONTROL_CODE;
203 		break;
204 	}
205 }
206 
207 int kcs_bmc_handle_event(struct kcs_bmc *kcs_bmc)
208 {
209 	unsigned long flags;
210 	int ret = 0;
211 	u8 status;
212 
213 	spin_lock_irqsave(&kcs_bmc->lock, flags);
214 
215 	if (!kcs_bmc->running) {
216 		kcs_force_abort(kcs_bmc);
217 		ret = -ENODEV;
218 		goto out_unlock;
219 	}
220 
221 	status = read_status(kcs_bmc) & (KCS_STATUS_IBF | KCS_STATUS_CMD_DAT);
222 
223 	switch (status) {
224 	case KCS_STATUS_IBF | KCS_STATUS_CMD_DAT:
225 		kcs_bmc_handle_cmd(kcs_bmc);
226 		break;
227 
228 	case KCS_STATUS_IBF:
229 		kcs_bmc_handle_data(kcs_bmc);
230 		break;
231 
232 	default:
233 		ret = -ENODATA;
234 		break;
235 	}
236 
237 out_unlock:
238 	spin_unlock_irqrestore(&kcs_bmc->lock, flags);
239 
240 	return ret;
241 }
242 EXPORT_SYMBOL(kcs_bmc_handle_event);
243 
244 static inline struct kcs_bmc *file_to_kcs_bmc(struct file *filp)
245 {
246 	return container_of(filp->private_data, struct kcs_bmc, miscdev);
247 }
248 
249 static int kcs_bmc_open(struct inode *inode, struct file *filp)
250 {
251 	struct kcs_bmc *kcs_bmc = file_to_kcs_bmc(filp);
252 	int ret = 0;
253 
254 	spin_lock_irq(&kcs_bmc->lock);
255 	if (!kcs_bmc->running)
256 		kcs_bmc->running = 1;
257 	else
258 		ret = -EBUSY;
259 	spin_unlock_irq(&kcs_bmc->lock);
260 
261 	return ret;
262 }
263 
264 static unsigned int kcs_bmc_poll(struct file *filp, poll_table *wait)
265 {
266 	struct kcs_bmc *kcs_bmc = file_to_kcs_bmc(filp);
267 	unsigned int mask = 0;
268 
269 	poll_wait(filp, &kcs_bmc->queue, wait);
270 
271 	spin_lock_irq(&kcs_bmc->lock);
272 	if (kcs_bmc->data_in_avail)
273 		mask |= POLLIN;
274 	spin_unlock_irq(&kcs_bmc->lock);
275 
276 	return mask;
277 }
278 
279 static ssize_t kcs_bmc_read(struct file *filp, char *buf,
280 			    size_t count, loff_t *offset)
281 {
282 	struct kcs_bmc *kcs_bmc = file_to_kcs_bmc(filp);
283 	bool data_avail;
284 	size_t data_len;
285 	ssize_t ret;
286 
287 	if (!(filp->f_flags & O_NONBLOCK))
288 		wait_event_interruptible(kcs_bmc->queue,
289 					 kcs_bmc->data_in_avail);
290 
291 	mutex_lock(&kcs_bmc->mutex);
292 
293 	spin_lock_irq(&kcs_bmc->lock);
294 	data_avail = kcs_bmc->data_in_avail;
295 	if (data_avail) {
296 		data_len = kcs_bmc->data_in_idx;
297 		memcpy(kcs_bmc->kbuffer, kcs_bmc->data_in, data_len);
298 	}
299 	spin_unlock_irq(&kcs_bmc->lock);
300 
301 	if (!data_avail) {
302 		ret = -EAGAIN;
303 		goto out_unlock;
304 	}
305 
306 	if (count < data_len) {
307 		pr_err("channel=%u with too large data : %zu\n",
308 			kcs_bmc->channel, data_len);
309 
310 		spin_lock_irq(&kcs_bmc->lock);
311 		kcs_force_abort(kcs_bmc);
312 		spin_unlock_irq(&kcs_bmc->lock);
313 
314 		ret = -EOVERFLOW;
315 		goto out_unlock;
316 	}
317 
318 	if (copy_to_user(buf, kcs_bmc->kbuffer, data_len)) {
319 		ret = -EFAULT;
320 		goto out_unlock;
321 	}
322 
323 	ret = data_len;
324 
325 	spin_lock_irq(&kcs_bmc->lock);
326 	if (kcs_bmc->phase == KCS_PHASE_WRITE_DONE) {
327 		kcs_bmc->phase = KCS_PHASE_WAIT_READ;
328 		kcs_bmc->data_in_avail = false;
329 		kcs_bmc->data_in_idx = 0;
330 	} else {
331 		ret = -EAGAIN;
332 	}
333 	spin_unlock_irq(&kcs_bmc->lock);
334 
335 out_unlock:
336 	mutex_unlock(&kcs_bmc->mutex);
337 
338 	return ret;
339 }
340 
341 static ssize_t kcs_bmc_write(struct file *filp, const char *buf,
342 			     size_t count, loff_t *offset)
343 {
344 	struct kcs_bmc *kcs_bmc = file_to_kcs_bmc(filp);
345 	ssize_t ret;
346 
347 	/* a minimum response size '3' : netfn + cmd + ccode */
348 	if (count < 3 || count > KCS_MSG_BUFSIZ)
349 		return -EINVAL;
350 
351 	mutex_lock(&kcs_bmc->mutex);
352 
353 	if (copy_from_user(kcs_bmc->kbuffer, buf, count)) {
354 		ret = -EFAULT;
355 		goto out_unlock;
356 	}
357 
358 	spin_lock_irq(&kcs_bmc->lock);
359 	if (kcs_bmc->phase == KCS_PHASE_WAIT_READ) {
360 		kcs_bmc->phase = KCS_PHASE_READ;
361 		kcs_bmc->data_out_idx = 1;
362 		kcs_bmc->data_out_len = count;
363 		memcpy(kcs_bmc->data_out, kcs_bmc->kbuffer, count);
364 		write_data(kcs_bmc, kcs_bmc->data_out[0]);
365 		ret = count;
366 	} else {
367 		ret = -EINVAL;
368 	}
369 	spin_unlock_irq(&kcs_bmc->lock);
370 
371 out_unlock:
372 	mutex_unlock(&kcs_bmc->mutex);
373 
374 	return ret;
375 }
376 
377 static long kcs_bmc_ioctl(struct file *filp, unsigned int cmd,
378 			  unsigned long arg)
379 {
380 	struct kcs_bmc *kcs_bmc = file_to_kcs_bmc(filp);
381 	long ret = 0;
382 
383 	spin_lock_irq(&kcs_bmc->lock);
384 
385 	switch (cmd) {
386 	case IPMI_BMC_IOCTL_SET_SMS_ATN:
387 		update_status_bits(kcs_bmc, KCS_STATUS_SMS_ATN,
388 				   KCS_STATUS_SMS_ATN);
389 		break;
390 
391 	case IPMI_BMC_IOCTL_CLEAR_SMS_ATN:
392 		update_status_bits(kcs_bmc, KCS_STATUS_SMS_ATN,
393 				   0);
394 		break;
395 
396 	case IPMI_BMC_IOCTL_FORCE_ABORT:
397 		kcs_force_abort(kcs_bmc);
398 		break;
399 
400 	default:
401 		ret = -EINVAL;
402 		break;
403 	}
404 
405 	spin_unlock_irq(&kcs_bmc->lock);
406 
407 	return ret;
408 }
409 
410 static int kcs_bmc_release(struct inode *inode, struct file *filp)
411 {
412 	struct kcs_bmc *kcs_bmc = file_to_kcs_bmc(filp);
413 
414 	spin_lock_irq(&kcs_bmc->lock);
415 	kcs_bmc->running = 0;
416 	kcs_force_abort(kcs_bmc);
417 	spin_unlock_irq(&kcs_bmc->lock);
418 
419 	return 0;
420 }
421 
422 static const struct file_operations kcs_bmc_fops = {
423 	.owner          = THIS_MODULE,
424 	.open           = kcs_bmc_open,
425 	.read           = kcs_bmc_read,
426 	.write          = kcs_bmc_write,
427 	.release        = kcs_bmc_release,
428 	.poll           = kcs_bmc_poll,
429 	.unlocked_ioctl = kcs_bmc_ioctl,
430 };
431 
432 struct kcs_bmc *kcs_bmc_alloc(struct device *dev, int sizeof_priv, u32 channel)
433 {
434 	struct kcs_bmc *kcs_bmc;
435 
436 	kcs_bmc = devm_kzalloc(dev, sizeof(*kcs_bmc) + sizeof_priv, GFP_KERNEL);
437 	if (!kcs_bmc)
438 		return NULL;
439 
440 	dev_set_name(dev, "ipmi-kcs%u", channel);
441 
442 	spin_lock_init(&kcs_bmc->lock);
443 	kcs_bmc->channel = channel;
444 
445 	mutex_init(&kcs_bmc->mutex);
446 	init_waitqueue_head(&kcs_bmc->queue);
447 
448 	kcs_bmc->data_in = devm_kmalloc(dev, KCS_MSG_BUFSIZ, GFP_KERNEL);
449 	kcs_bmc->data_out = devm_kmalloc(dev, KCS_MSG_BUFSIZ, GFP_KERNEL);
450 	kcs_bmc->kbuffer = devm_kmalloc(dev, KCS_MSG_BUFSIZ, GFP_KERNEL);
451 	if (!kcs_bmc->data_in || !kcs_bmc->data_out || !kcs_bmc->kbuffer)
452 		return NULL;
453 
454 	kcs_bmc->miscdev.minor = MISC_DYNAMIC_MINOR;
455 	kcs_bmc->miscdev.name = dev_name(dev);
456 	kcs_bmc->miscdev.fops = &kcs_bmc_fops;
457 
458 	return kcs_bmc;
459 }
460 EXPORT_SYMBOL(kcs_bmc_alloc);
461 
462 MODULE_LICENSE("GPL v2");
463 MODULE_AUTHOR("Haiyue Wang <haiyue.wang@linux.intel.com>");
464 MODULE_DESCRIPTION("KCS BMC to handle the IPMI request from system software");
465