1 // SPDX-License-Identifier: GPL-2.0+
5 * Incoming and outgoing message routing for an IPMI interface.
7 * Author: MontaVista Software, Inc.
8 * Corey Minyard <minyard@mvista.com>
11 * Copyright 2002 MontaVista Software Inc.
14 #define pr_fmt(fmt) "IPMI message handler: " fmt
15 #define dev_fmt(fmt) pr_fmt(fmt)
17 #include <linux/module.h>
18 #include <linux/errno.h>
19 #include <linux/poll.h>
20 #include <linux/sched.h>
21 #include <linux/seq_file.h>
22 #include <linux/spinlock.h>
23 #include <linux/mutex.h>
24 #include <linux/slab.h>
25 #include <linux/ipmi.h>
26 #include <linux/ipmi_smi.h>
27 #include <linux/notifier.h>
28 #include <linux/init.h>
29 #include <linux/proc_fs.h>
30 #include <linux/rcupdate.h>
31 #include <linux/interrupt.h>
32 #include <linux/moduleparam.h>
33 #include <linux/workqueue.h>
34 #include <linux/uuid.h>
35 #include <linux/nospec.h>
36 #include <linux/vmalloc.h>
37 #include <linux/delay.h>
39 #define IPMI_DRIVER_VERSION "39.2"
41 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
42 static int ipmi_init_msghandler(void);
43 static void smi_recv_tasklet(struct tasklet_struct *t);
44 static void handle_new_recv_msgs(struct ipmi_smi *intf);
45 static void need_waiter(struct ipmi_smi *intf);
46 static int handle_one_recv_msg(struct ipmi_smi *intf,
47 struct ipmi_smi_msg *msg);
49 static bool initialized;
50 static bool drvregistered;
52 enum ipmi_panic_event_op {
53 IPMI_SEND_PANIC_EVENT_NONE,
54 IPMI_SEND_PANIC_EVENT,
55 IPMI_SEND_PANIC_EVENT_STRING
57 #ifdef CONFIG_IPMI_PANIC_STRING
58 #define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT_STRING
59 #elif defined(CONFIG_IPMI_PANIC_EVENT)
60 #define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT
62 #define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT_NONE
65 static enum ipmi_panic_event_op ipmi_send_panic_event = IPMI_PANIC_DEFAULT;
67 static int panic_op_write_handler(const char *val,
68 const struct kernel_param *kp)
73 strncpy(valcp, val, 15);
78 if (strcmp(s, "none") == 0)
79 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT_NONE;
80 else if (strcmp(s, "event") == 0)
81 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT;
82 else if (strcmp(s, "string") == 0)
83 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT_STRING;
90 static int panic_op_read_handler(char *buffer, const struct kernel_param *kp)
92 switch (ipmi_send_panic_event) {
93 case IPMI_SEND_PANIC_EVENT_NONE:
94 strcpy(buffer, "none\n");
97 case IPMI_SEND_PANIC_EVENT:
98 strcpy(buffer, "event\n");
101 case IPMI_SEND_PANIC_EVENT_STRING:
102 strcpy(buffer, "string\n");
106 strcpy(buffer, "???\n");
110 return strlen(buffer);
113 static const struct kernel_param_ops panic_op_ops = {
114 .set = panic_op_write_handler,
115 .get = panic_op_read_handler
117 module_param_cb(panic_op, &panic_op_ops, NULL, 0600);
118 MODULE_PARM_DESC(panic_op, "Sets if the IPMI driver will attempt to store panic information in the event log in the event of a panic. Set to 'none' for no, 'event' for a single event, or 'string' for a generic event and the panic string in IPMI OEM events.");
121 #define MAX_EVENTS_IN_QUEUE 25
123 /* Remain in auto-maintenance mode for this amount of time (in ms). */
124 static unsigned long maintenance_mode_timeout_ms = 30000;
125 module_param(maintenance_mode_timeout_ms, ulong, 0644);
126 MODULE_PARM_DESC(maintenance_mode_timeout_ms,
127 "The time (milliseconds) after the last maintenance message that the connection stays in maintenance mode.");
130 * Don't let a message sit in a queue forever, always time it with at lest
131 * the max message timer. This is in milliseconds.
133 #define MAX_MSG_TIMEOUT 60000
136 * Timeout times below are in milliseconds, and are done off a 1
137 * second timer. So setting the value to 1000 would mean anything
138 * between 0 and 1000ms. So really the only reasonable minimum
139 * setting it 2000ms, which is between 1 and 2 seconds.
142 /* The default timeout for message retries. */
143 static unsigned long default_retry_ms = 2000;
144 module_param(default_retry_ms, ulong, 0644);
145 MODULE_PARM_DESC(default_retry_ms,
146 "The time (milliseconds) between retry sends");
148 /* The default timeout for maintenance mode message retries. */
149 static unsigned long default_maintenance_retry_ms = 3000;
150 module_param(default_maintenance_retry_ms, ulong, 0644);
151 MODULE_PARM_DESC(default_maintenance_retry_ms,
152 "The time (milliseconds) between retry sends in maintenance mode");
154 /* The default maximum number of retries */
155 static unsigned int default_max_retries = 4;
156 module_param(default_max_retries, uint, 0644);
157 MODULE_PARM_DESC(default_max_retries,
158 "The time (milliseconds) between retry sends in maintenance mode");
160 /* Call every ~1000 ms. */
161 #define IPMI_TIMEOUT_TIME 1000
163 /* How many jiffies does it take to get to the timeout time. */
164 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
167 * Request events from the queue every second (this is the number of
168 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
169 * future, IPMI will add a way to know immediately if an event is in
170 * the queue and this silliness can go away.
172 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
174 /* How long should we cache dynamic device IDs? */
175 #define IPMI_DYN_DEV_ID_EXPIRY (10 * HZ)
178 * The main "user" data structure.
181 struct list_head link;
184 * Set to NULL when the user is destroyed, a pointer to myself
185 * so srcu_dereference can be used on it.
187 struct ipmi_user *self;
188 struct srcu_struct release_barrier;
190 struct kref refcount;
192 /* The upper layer that handles receive messages. */
193 const struct ipmi_user_hndl *handler;
196 /* The interface this user is bound to. */
197 struct ipmi_smi *intf;
199 /* Does this interface receive IPMI events? */
202 /* Free must run in process context for RCU cleanup. */
203 struct work_struct remove_work;
206 static struct workqueue_struct *remove_work_wq;
208 static struct ipmi_user *acquire_ipmi_user(struct ipmi_user *user, int *index)
209 __acquires(user->release_barrier)
211 struct ipmi_user *ruser;
213 *index = srcu_read_lock(&user->release_barrier);
214 ruser = srcu_dereference(user->self, &user->release_barrier);
216 srcu_read_unlock(&user->release_barrier, *index);
220 static void release_ipmi_user(struct ipmi_user *user, int index)
222 srcu_read_unlock(&user->release_barrier, index);
226 struct list_head link;
228 struct ipmi_user *user;
234 * This is used to form a linked lised during mass deletion.
235 * Since this is in an RCU list, we cannot use the link above
236 * or change any data until the RCU period completes. So we
237 * use this next variable during mass deletion so we can have
238 * a list and don't have to wait and restart the search on
239 * every individual deletion of a command.
241 struct cmd_rcvr *next;
245 unsigned int inuse : 1;
246 unsigned int broadcast : 1;
248 unsigned long timeout;
249 unsigned long orig_timeout;
250 unsigned int retries_left;
253 * To verify on an incoming send message response that this is
254 * the message that the response is for, we keep a sequence id
255 * and increment it every time we send a message.
260 * This is held so we can properly respond to the message on a
261 * timeout, and it is used to hold the temporary data for
262 * retransmission, too.
264 struct ipmi_recv_msg *recv_msg;
268 * Store the information in a msgid (long) to allow us to find a
269 * sequence table entry from the msgid.
271 #define STORE_SEQ_IN_MSGID(seq, seqid) \
272 ((((seq) & 0x3f) << 26) | ((seqid) & 0x3ffffff))
274 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
276 seq = (((msgid) >> 26) & 0x3f); \
277 seqid = ((msgid) & 0x3ffffff); \
280 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3ffffff)
282 #define IPMI_MAX_CHANNELS 16
283 struct ipmi_channel {
284 unsigned char medium;
285 unsigned char protocol;
288 struct ipmi_channel_set {
289 struct ipmi_channel c[IPMI_MAX_CHANNELS];
292 struct ipmi_my_addrinfo {
294 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
295 * but may be changed by the user.
297 unsigned char address;
300 * My LUN. This should generally stay the SMS LUN, but just in
307 * Note that the product id, manufacturer id, guid, and device id are
308 * immutable in this structure, so dyn_mutex is not required for
309 * accessing those. If those change on a BMC, a new BMC is allocated.
312 struct platform_device pdev;
313 struct list_head intfs; /* Interfaces on this BMC. */
314 struct ipmi_device_id id;
315 struct ipmi_device_id fetch_id;
317 unsigned long dyn_id_expiry;
318 struct mutex dyn_mutex; /* Protects id, intfs, & dyn* */
322 struct kref usecount;
323 struct work_struct remove_work;
324 unsigned char cc; /* completion code */
326 #define to_bmc_device(x) container_of((x), struct bmc_device, pdev.dev)
328 static int bmc_get_device_id(struct ipmi_smi *intf, struct bmc_device *bmc,
329 struct ipmi_device_id *id,
330 bool *guid_set, guid_t *guid);
333 * Various statistics for IPMI, these index stats[] in the ipmi_smi
336 enum ipmi_stat_indexes {
337 /* Commands we got from the user that were invalid. */
338 IPMI_STAT_sent_invalid_commands = 0,
340 /* Commands we sent to the MC. */
341 IPMI_STAT_sent_local_commands,
343 /* Responses from the MC that were delivered to a user. */
344 IPMI_STAT_handled_local_responses,
346 /* Responses from the MC that were not delivered to a user. */
347 IPMI_STAT_unhandled_local_responses,
349 /* Commands we sent out to the IPMB bus. */
350 IPMI_STAT_sent_ipmb_commands,
352 /* Commands sent on the IPMB that had errors on the SEND CMD */
353 IPMI_STAT_sent_ipmb_command_errs,
355 /* Each retransmit increments this count. */
356 IPMI_STAT_retransmitted_ipmb_commands,
359 * When a message times out (runs out of retransmits) this is
362 IPMI_STAT_timed_out_ipmb_commands,
365 * This is like above, but for broadcasts. Broadcasts are
366 * *not* included in the above count (they are expected to
369 IPMI_STAT_timed_out_ipmb_broadcasts,
371 /* Responses I have sent to the IPMB bus. */
372 IPMI_STAT_sent_ipmb_responses,
374 /* The response was delivered to the user. */
375 IPMI_STAT_handled_ipmb_responses,
377 /* The response had invalid data in it. */
378 IPMI_STAT_invalid_ipmb_responses,
380 /* The response didn't have anyone waiting for it. */
381 IPMI_STAT_unhandled_ipmb_responses,
383 /* Commands we sent out to the IPMB bus. */
384 IPMI_STAT_sent_lan_commands,
386 /* Commands sent on the IPMB that had errors on the SEND CMD */
387 IPMI_STAT_sent_lan_command_errs,
389 /* Each retransmit increments this count. */
390 IPMI_STAT_retransmitted_lan_commands,
393 * When a message times out (runs out of retransmits) this is
396 IPMI_STAT_timed_out_lan_commands,
398 /* Responses I have sent to the IPMB bus. */
399 IPMI_STAT_sent_lan_responses,
401 /* The response was delivered to the user. */
402 IPMI_STAT_handled_lan_responses,
404 /* The response had invalid data in it. */
405 IPMI_STAT_invalid_lan_responses,
407 /* The response didn't have anyone waiting for it. */
408 IPMI_STAT_unhandled_lan_responses,
410 /* The command was delivered to the user. */
411 IPMI_STAT_handled_commands,
413 /* The command had invalid data in it. */
414 IPMI_STAT_invalid_commands,
416 /* The command didn't have anyone waiting for it. */
417 IPMI_STAT_unhandled_commands,
419 /* Invalid data in an event. */
420 IPMI_STAT_invalid_events,
422 /* Events that were received with the proper format. */
425 /* Retransmissions on IPMB that failed. */
426 IPMI_STAT_dropped_rexmit_ipmb_commands,
428 /* Retransmissions on LAN that failed. */
429 IPMI_STAT_dropped_rexmit_lan_commands,
431 /* This *must* remain last, add new values above this. */
436 #define IPMI_IPMB_NUM_SEQ 64
438 struct module *owner;
440 /* What interface number are we? */
443 struct kref refcount;
445 /* Set when the interface is being unregistered. */
448 /* Used for a list of interfaces. */
449 struct list_head link;
452 * The list of upper layers that are using me. seq_lock write
453 * protects this. Read protection is with srcu.
455 struct list_head users;
456 struct srcu_struct users_srcu;
458 /* Used for wake ups at startup. */
459 wait_queue_head_t waitq;
462 * Prevents the interface from being unregistered when the
463 * interface is used by being looked up through the BMC
466 struct mutex bmc_reg_mutex;
468 struct bmc_device tmp_bmc;
469 struct bmc_device *bmc;
471 struct list_head bmc_link;
473 bool in_bmc_register; /* Handle recursive situations. Yuck. */
474 struct work_struct bmc_reg_work;
476 const struct ipmi_smi_handlers *handlers;
479 /* Driver-model device for the system interface. */
480 struct device *si_dev;
483 * A table of sequence numbers for this interface. We use the
484 * sequence numbers for IPMB messages that go out of the
485 * interface to match them up with their responses. A routine
486 * is called periodically to time the items in this list.
489 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
493 * Messages queued for delivery. If delivery fails (out of memory
494 * for instance), They will stay in here to be processed later in a
495 * periodic timer interrupt. The tasklet is for handling received
496 * messages directly from the handler.
498 spinlock_t waiting_rcv_msgs_lock;
499 struct list_head waiting_rcv_msgs;
500 atomic_t watchdog_pretimeouts_to_deliver;
501 struct tasklet_struct recv_tasklet;
503 spinlock_t xmit_msgs_lock;
504 struct list_head xmit_msgs;
505 struct ipmi_smi_msg *curr_msg;
506 struct list_head hp_xmit_msgs;
509 * The list of command receivers that are registered for commands
512 struct mutex cmd_rcvrs_mutex;
513 struct list_head cmd_rcvrs;
516 * Events that were queues because no one was there to receive
519 spinlock_t events_lock; /* For dealing with event stuff. */
520 struct list_head waiting_events;
521 unsigned int waiting_events_count; /* How many events in queue? */
522 char delivering_events;
523 char event_msg_printed;
525 /* How many users are waiting for events? */
526 atomic_t event_waiters;
527 unsigned int ticks_to_req_ev;
529 spinlock_t watch_lock; /* For dealing with watch stuff below. */
531 /* How many users are waiting for commands? */
532 unsigned int command_waiters;
534 /* How many users are waiting for watchdogs? */
535 unsigned int watchdog_waiters;
537 /* How many users are waiting for message responses? */
538 unsigned int response_waiters;
541 * Tells what the lower layer has last been asked to watch for,
542 * messages and/or watchdogs. Protected by watch_lock.
544 unsigned int last_watch_mask;
547 * The event receiver for my BMC, only really used at panic
548 * shutdown as a place to store this.
550 unsigned char event_receiver;
551 unsigned char event_receiver_lun;
552 unsigned char local_sel_device;
553 unsigned char local_event_generator;
555 /* For handling of maintenance mode. */
556 int maintenance_mode;
557 bool maintenance_mode_enable;
558 int auto_maintenance_timeout;
559 spinlock_t maintenance_mode_lock; /* Used in a timer... */
562 * If we are doing maintenance on something on IPMB, extend
563 * the timeout time to avoid timeouts writing firmware and
566 int ipmb_maintenance_mode_timeout;
569 * A cheap hack, if this is non-null and a message to an
570 * interface comes in with a NULL user, call this routine with
571 * it. Note that the message will still be freed by the
572 * caller. This only works on the system interface.
574 * Protected by bmc_reg_mutex.
576 void (*null_user_handler)(struct ipmi_smi *intf,
577 struct ipmi_recv_msg *msg);
580 * When we are scanning the channels for an SMI, this will
581 * tell which channel we are scanning.
585 /* Channel information */
586 struct ipmi_channel_set *channel_list;
587 unsigned int curr_working_cset; /* First index into the following. */
588 struct ipmi_channel_set wchannels[2];
589 struct ipmi_my_addrinfo addrinfo[IPMI_MAX_CHANNELS];
592 atomic_t stats[IPMI_NUM_STATS];
595 * run_to_completion duplicate of smb_info, smi_info
596 * and ipmi_serial_info structures. Used to decrease numbers of
597 * parameters passed by "low" level IPMI code.
599 int run_to_completion;
601 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev)
603 static void __get_guid(struct ipmi_smi *intf);
604 static void __ipmi_bmc_unregister(struct ipmi_smi *intf);
605 static int __ipmi_bmc_register(struct ipmi_smi *intf,
606 struct ipmi_device_id *id,
607 bool guid_set, guid_t *guid, int intf_num);
608 static int __scan_channels(struct ipmi_smi *intf, struct ipmi_device_id *id);
612 * The driver model view of the IPMI messaging driver.
614 static struct platform_driver ipmidriver = {
617 .bus = &platform_bus_type
621 * This mutex keeps us from adding the same BMC twice.
623 static DEFINE_MUTEX(ipmidriver_mutex);
625 static LIST_HEAD(ipmi_interfaces);
626 static DEFINE_MUTEX(ipmi_interfaces_mutex);
627 #define ipmi_interfaces_mutex_held() \
628 lockdep_is_held(&ipmi_interfaces_mutex)
629 static struct srcu_struct ipmi_interfaces_srcu;
632 * List of watchers that want to know when smi's are added and deleted.
634 static LIST_HEAD(smi_watchers);
635 static DEFINE_MUTEX(smi_watchers_mutex);
637 #define ipmi_inc_stat(intf, stat) \
638 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat])
639 #define ipmi_get_stat(intf, stat) \
640 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat]))
642 static const char * const addr_src_to_str[] = {
643 "invalid", "hotmod", "hardcoded", "SPMI", "ACPI", "SMBIOS", "PCI",
644 "device-tree", "platform"
647 const char *ipmi_addr_src_to_str(enum ipmi_addr_src src)
650 src = 0; /* Invalid */
651 return addr_src_to_str[src];
653 EXPORT_SYMBOL(ipmi_addr_src_to_str);
655 static int is_lan_addr(struct ipmi_addr *addr)
657 return addr->addr_type == IPMI_LAN_ADDR_TYPE;
660 static int is_ipmb_addr(struct ipmi_addr *addr)
662 return addr->addr_type == IPMI_IPMB_ADDR_TYPE;
665 static int is_ipmb_bcast_addr(struct ipmi_addr *addr)
667 return addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE;
670 static void free_recv_msg_list(struct list_head *q)
672 struct ipmi_recv_msg *msg, *msg2;
674 list_for_each_entry_safe(msg, msg2, q, link) {
675 list_del(&msg->link);
676 ipmi_free_recv_msg(msg);
680 static void free_smi_msg_list(struct list_head *q)
682 struct ipmi_smi_msg *msg, *msg2;
684 list_for_each_entry_safe(msg, msg2, q, link) {
685 list_del(&msg->link);
686 ipmi_free_smi_msg(msg);
690 static void clean_up_interface_data(struct ipmi_smi *intf)
693 struct cmd_rcvr *rcvr, *rcvr2;
694 struct list_head list;
696 tasklet_kill(&intf->recv_tasklet);
698 free_smi_msg_list(&intf->waiting_rcv_msgs);
699 free_recv_msg_list(&intf->waiting_events);
702 * Wholesale remove all the entries from the list in the
703 * interface and wait for RCU to know that none are in use.
705 mutex_lock(&intf->cmd_rcvrs_mutex);
706 INIT_LIST_HEAD(&list);
707 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu);
708 mutex_unlock(&intf->cmd_rcvrs_mutex);
710 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
713 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
714 if ((intf->seq_table[i].inuse)
715 && (intf->seq_table[i].recv_msg))
716 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
720 static void intf_free(struct kref *ref)
722 struct ipmi_smi *intf = container_of(ref, struct ipmi_smi, refcount);
724 clean_up_interface_data(intf);
728 struct watcher_entry {
730 struct ipmi_smi *intf;
731 struct list_head link;
734 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
736 struct ipmi_smi *intf;
740 * Make sure the driver is actually initialized, this handles
741 * problems with initialization order.
743 rv = ipmi_init_msghandler();
747 mutex_lock(&smi_watchers_mutex);
749 list_add(&watcher->link, &smi_watchers);
751 index = srcu_read_lock(&ipmi_interfaces_srcu);
752 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
753 int intf_num = READ_ONCE(intf->intf_num);
757 watcher->new_smi(intf_num, intf->si_dev);
759 srcu_read_unlock(&ipmi_interfaces_srcu, index);
761 mutex_unlock(&smi_watchers_mutex);
765 EXPORT_SYMBOL(ipmi_smi_watcher_register);
767 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
769 mutex_lock(&smi_watchers_mutex);
770 list_del(&watcher->link);
771 mutex_unlock(&smi_watchers_mutex);
774 EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
777 * Must be called with smi_watchers_mutex held.
780 call_smi_watchers(int i, struct device *dev)
782 struct ipmi_smi_watcher *w;
784 mutex_lock(&smi_watchers_mutex);
785 list_for_each_entry(w, &smi_watchers, link) {
786 if (try_module_get(w->owner)) {
788 module_put(w->owner);
791 mutex_unlock(&smi_watchers_mutex);
795 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
797 if (addr1->addr_type != addr2->addr_type)
800 if (addr1->channel != addr2->channel)
803 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
804 struct ipmi_system_interface_addr *smi_addr1
805 = (struct ipmi_system_interface_addr *) addr1;
806 struct ipmi_system_interface_addr *smi_addr2
807 = (struct ipmi_system_interface_addr *) addr2;
808 return (smi_addr1->lun == smi_addr2->lun);
811 if (is_ipmb_addr(addr1) || is_ipmb_bcast_addr(addr1)) {
812 struct ipmi_ipmb_addr *ipmb_addr1
813 = (struct ipmi_ipmb_addr *) addr1;
814 struct ipmi_ipmb_addr *ipmb_addr2
815 = (struct ipmi_ipmb_addr *) addr2;
817 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
818 && (ipmb_addr1->lun == ipmb_addr2->lun));
821 if (is_lan_addr(addr1)) {
822 struct ipmi_lan_addr *lan_addr1
823 = (struct ipmi_lan_addr *) addr1;
824 struct ipmi_lan_addr *lan_addr2
825 = (struct ipmi_lan_addr *) addr2;
827 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
828 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
829 && (lan_addr1->session_handle
830 == lan_addr2->session_handle)
831 && (lan_addr1->lun == lan_addr2->lun));
837 int ipmi_validate_addr(struct ipmi_addr *addr, int len)
839 if (len < sizeof(struct ipmi_system_interface_addr))
842 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
843 if (addr->channel != IPMI_BMC_CHANNEL)
848 if ((addr->channel == IPMI_BMC_CHANNEL)
849 || (addr->channel >= IPMI_MAX_CHANNELS)
850 || (addr->channel < 0))
853 if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
854 if (len < sizeof(struct ipmi_ipmb_addr))
859 if (is_lan_addr(addr)) {
860 if (len < sizeof(struct ipmi_lan_addr))
867 EXPORT_SYMBOL(ipmi_validate_addr);
869 unsigned int ipmi_addr_length(int addr_type)
871 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
872 return sizeof(struct ipmi_system_interface_addr);
874 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
875 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
876 return sizeof(struct ipmi_ipmb_addr);
878 if (addr_type == IPMI_LAN_ADDR_TYPE)
879 return sizeof(struct ipmi_lan_addr);
883 EXPORT_SYMBOL(ipmi_addr_length);
885 static int deliver_response(struct ipmi_smi *intf, struct ipmi_recv_msg *msg)
890 /* Special handling for NULL users. */
891 if (intf->null_user_handler) {
892 intf->null_user_handler(intf, msg);
894 /* No handler, so give up. */
897 ipmi_free_recv_msg(msg);
898 } else if (oops_in_progress) {
900 * If we are running in the panic context, calling the
901 * receive handler doesn't much meaning and has a deadlock
902 * risk. At this moment, simply skip it in that case.
904 ipmi_free_recv_msg(msg);
907 struct ipmi_user *user = acquire_ipmi_user(msg->user, &index);
910 user->handler->ipmi_recv_hndl(msg, user->handler_data);
911 release_ipmi_user(user, index);
913 /* User went away, give up. */
914 ipmi_free_recv_msg(msg);
922 static void deliver_local_response(struct ipmi_smi *intf,
923 struct ipmi_recv_msg *msg)
925 if (deliver_response(intf, msg))
926 ipmi_inc_stat(intf, unhandled_local_responses);
928 ipmi_inc_stat(intf, handled_local_responses);
931 static void deliver_err_response(struct ipmi_smi *intf,
932 struct ipmi_recv_msg *msg, int err)
934 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
935 msg->msg_data[0] = err;
936 msg->msg.netfn |= 1; /* Convert to a response. */
937 msg->msg.data_len = 1;
938 msg->msg.data = msg->msg_data;
939 deliver_local_response(intf, msg);
942 static void smi_add_watch(struct ipmi_smi *intf, unsigned int flags)
944 unsigned long iflags;
946 if (!intf->handlers->set_need_watch)
949 spin_lock_irqsave(&intf->watch_lock, iflags);
950 if (flags & IPMI_WATCH_MASK_CHECK_MESSAGES)
951 intf->response_waiters++;
953 if (flags & IPMI_WATCH_MASK_CHECK_WATCHDOG)
954 intf->watchdog_waiters++;
956 if (flags & IPMI_WATCH_MASK_CHECK_COMMANDS)
957 intf->command_waiters++;
959 if ((intf->last_watch_mask & flags) != flags) {
960 intf->last_watch_mask |= flags;
961 intf->handlers->set_need_watch(intf->send_info,
962 intf->last_watch_mask);
964 spin_unlock_irqrestore(&intf->watch_lock, iflags);
967 static void smi_remove_watch(struct ipmi_smi *intf, unsigned int flags)
969 unsigned long iflags;
971 if (!intf->handlers->set_need_watch)
974 spin_lock_irqsave(&intf->watch_lock, iflags);
975 if (flags & IPMI_WATCH_MASK_CHECK_MESSAGES)
976 intf->response_waiters--;
978 if (flags & IPMI_WATCH_MASK_CHECK_WATCHDOG)
979 intf->watchdog_waiters--;
981 if (flags & IPMI_WATCH_MASK_CHECK_COMMANDS)
982 intf->command_waiters--;
985 if (intf->response_waiters)
986 flags |= IPMI_WATCH_MASK_CHECK_MESSAGES;
987 if (intf->watchdog_waiters)
988 flags |= IPMI_WATCH_MASK_CHECK_WATCHDOG;
989 if (intf->command_waiters)
990 flags |= IPMI_WATCH_MASK_CHECK_COMMANDS;
992 if (intf->last_watch_mask != flags) {
993 intf->last_watch_mask = flags;
994 intf->handlers->set_need_watch(intf->send_info,
995 intf->last_watch_mask);
997 spin_unlock_irqrestore(&intf->watch_lock, iflags);
1001 * Find the next sequence number not being used and add the given
1002 * message with the given timeout to the sequence table. This must be
1003 * called with the interface's seq_lock held.
1005 static int intf_next_seq(struct ipmi_smi *intf,
1006 struct ipmi_recv_msg *recv_msg,
1007 unsigned long timeout,
1017 timeout = default_retry_ms;
1019 retries = default_max_retries;
1021 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
1022 i = (i+1)%IPMI_IPMB_NUM_SEQ) {
1023 if (!intf->seq_table[i].inuse)
1027 if (!intf->seq_table[i].inuse) {
1028 intf->seq_table[i].recv_msg = recv_msg;
1031 * Start with the maximum timeout, when the send response
1032 * comes in we will start the real timer.
1034 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
1035 intf->seq_table[i].orig_timeout = timeout;
1036 intf->seq_table[i].retries_left = retries;
1037 intf->seq_table[i].broadcast = broadcast;
1038 intf->seq_table[i].inuse = 1;
1039 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
1041 *seqid = intf->seq_table[i].seqid;
1042 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
1043 smi_add_watch(intf, IPMI_WATCH_MASK_CHECK_MESSAGES);
1053 * Return the receive message for the given sequence number and
1054 * release the sequence number so it can be reused. Some other data
1055 * is passed in to be sure the message matches up correctly (to help
1056 * guard against message coming in after their timeout and the
1057 * sequence number being reused).
1059 static int intf_find_seq(struct ipmi_smi *intf,
1063 unsigned char netfn,
1064 struct ipmi_addr *addr,
1065 struct ipmi_recv_msg **recv_msg)
1068 unsigned long flags;
1070 if (seq >= IPMI_IPMB_NUM_SEQ)
1073 spin_lock_irqsave(&intf->seq_lock, flags);
1074 if (intf->seq_table[seq].inuse) {
1075 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
1077 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd)
1078 && (msg->msg.netfn == netfn)
1079 && (ipmi_addr_equal(addr, &msg->addr))) {
1081 intf->seq_table[seq].inuse = 0;
1082 smi_remove_watch(intf, IPMI_WATCH_MASK_CHECK_MESSAGES);
1086 spin_unlock_irqrestore(&intf->seq_lock, flags);
1092 /* Start the timer for a specific sequence table entry. */
1093 static int intf_start_seq_timer(struct ipmi_smi *intf,
1097 unsigned long flags;
1099 unsigned long seqid;
1102 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
1104 spin_lock_irqsave(&intf->seq_lock, flags);
1106 * We do this verification because the user can be deleted
1107 * while a message is outstanding.
1109 if ((intf->seq_table[seq].inuse)
1110 && (intf->seq_table[seq].seqid == seqid)) {
1111 struct seq_table *ent = &intf->seq_table[seq];
1112 ent->timeout = ent->orig_timeout;
1115 spin_unlock_irqrestore(&intf->seq_lock, flags);
1120 /* Got an error for the send message for a specific sequence number. */
1121 static int intf_err_seq(struct ipmi_smi *intf,
1126 unsigned long flags;
1128 unsigned long seqid;
1129 struct ipmi_recv_msg *msg = NULL;
1132 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
1134 spin_lock_irqsave(&intf->seq_lock, flags);
1136 * We do this verification because the user can be deleted
1137 * while a message is outstanding.
1139 if ((intf->seq_table[seq].inuse)
1140 && (intf->seq_table[seq].seqid == seqid)) {
1141 struct seq_table *ent = &intf->seq_table[seq];
1144 smi_remove_watch(intf, IPMI_WATCH_MASK_CHECK_MESSAGES);
1145 msg = ent->recv_msg;
1148 spin_unlock_irqrestore(&intf->seq_lock, flags);
1151 deliver_err_response(intf, msg, err);
1156 static void free_user_work(struct work_struct *work)
1158 struct ipmi_user *user = container_of(work, struct ipmi_user,
1161 cleanup_srcu_struct(&user->release_barrier);
1165 int ipmi_create_user(unsigned int if_num,
1166 const struct ipmi_user_hndl *handler,
1168 struct ipmi_user **user)
1170 unsigned long flags;
1171 struct ipmi_user *new_user;
1173 struct ipmi_smi *intf;
1176 * There is no module usecount here, because it's not
1177 * required. Since this can only be used by and called from
1178 * other modules, they will implicitly use this module, and
1179 * thus this can't be removed unless the other modules are
1183 if (handler == NULL)
1187 * Make sure the driver is actually initialized, this handles
1188 * problems with initialization order.
1190 rv = ipmi_init_msghandler();
1194 new_user = vzalloc(sizeof(*new_user));
1198 index = srcu_read_lock(&ipmi_interfaces_srcu);
1199 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1200 if (intf->intf_num == if_num)
1203 /* Not found, return an error */
1208 INIT_WORK(&new_user->remove_work, free_user_work);
1210 rv = init_srcu_struct(&new_user->release_barrier);
1214 if (!try_module_get(intf->owner)) {
1219 /* Note that each existing user holds a refcount to the interface. */
1220 kref_get(&intf->refcount);
1222 kref_init(&new_user->refcount);
1223 new_user->handler = handler;
1224 new_user->handler_data = handler_data;
1225 new_user->intf = intf;
1226 new_user->gets_events = false;
1228 rcu_assign_pointer(new_user->self, new_user);
1229 spin_lock_irqsave(&intf->seq_lock, flags);
1230 list_add_rcu(&new_user->link, &intf->users);
1231 spin_unlock_irqrestore(&intf->seq_lock, flags);
1232 if (handler->ipmi_watchdog_pretimeout)
1233 /* User wants pretimeouts, so make sure to watch for them. */
1234 smi_add_watch(intf, IPMI_WATCH_MASK_CHECK_WATCHDOG);
1235 srcu_read_unlock(&ipmi_interfaces_srcu, index);
1240 srcu_read_unlock(&ipmi_interfaces_srcu, index);
1244 EXPORT_SYMBOL(ipmi_create_user);
1246 int ipmi_get_smi_info(int if_num, struct ipmi_smi_info *data)
1249 struct ipmi_smi *intf;
1251 index = srcu_read_lock(&ipmi_interfaces_srcu);
1252 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1253 if (intf->intf_num == if_num)
1256 srcu_read_unlock(&ipmi_interfaces_srcu, index);
1258 /* Not found, return an error */
1262 if (!intf->handlers->get_smi_info)
1265 rv = intf->handlers->get_smi_info(intf->send_info, data);
1266 srcu_read_unlock(&ipmi_interfaces_srcu, index);
1270 EXPORT_SYMBOL(ipmi_get_smi_info);
1272 static void free_user(struct kref *ref)
1274 struct ipmi_user *user = container_of(ref, struct ipmi_user, refcount);
1276 /* SRCU cleanup must happen in task context. */
1277 queue_work(remove_work_wq, &user->remove_work);
1280 static void _ipmi_destroy_user(struct ipmi_user *user)
1282 struct ipmi_smi *intf = user->intf;
1284 unsigned long flags;
1285 struct cmd_rcvr *rcvr;
1286 struct cmd_rcvr *rcvrs = NULL;
1288 if (!acquire_ipmi_user(user, &i)) {
1290 * The user has already been cleaned up, just make sure
1291 * nothing is using it and return.
1293 synchronize_srcu(&user->release_barrier);
1297 rcu_assign_pointer(user->self, NULL);
1298 release_ipmi_user(user, i);
1300 synchronize_srcu(&user->release_barrier);
1302 if (user->handler->shutdown)
1303 user->handler->shutdown(user->handler_data);
1305 if (user->handler->ipmi_watchdog_pretimeout)
1306 smi_remove_watch(intf, IPMI_WATCH_MASK_CHECK_WATCHDOG);
1308 if (user->gets_events)
1309 atomic_dec(&intf->event_waiters);
1311 /* Remove the user from the interface's sequence table. */
1312 spin_lock_irqsave(&intf->seq_lock, flags);
1313 list_del_rcu(&user->link);
1315 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
1316 if (intf->seq_table[i].inuse
1317 && (intf->seq_table[i].recv_msg->user == user)) {
1318 intf->seq_table[i].inuse = 0;
1319 smi_remove_watch(intf, IPMI_WATCH_MASK_CHECK_MESSAGES);
1320 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1323 spin_unlock_irqrestore(&intf->seq_lock, flags);
1326 * Remove the user from the command receiver's table. First
1327 * we build a list of everything (not using the standard link,
1328 * since other things may be using it till we do
1329 * synchronize_srcu()) then free everything in that list.
1331 mutex_lock(&intf->cmd_rcvrs_mutex);
1332 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link,
1333 lockdep_is_held(&intf->cmd_rcvrs_mutex)) {
1334 if (rcvr->user == user) {
1335 list_del_rcu(&rcvr->link);
1340 mutex_unlock(&intf->cmd_rcvrs_mutex);
1348 kref_put(&intf->refcount, intf_free);
1349 module_put(intf->owner);
1352 int ipmi_destroy_user(struct ipmi_user *user)
1354 _ipmi_destroy_user(user);
1356 kref_put(&user->refcount, free_user);
1360 EXPORT_SYMBOL(ipmi_destroy_user);
1362 int ipmi_get_version(struct ipmi_user *user,
1363 unsigned char *major,
1364 unsigned char *minor)
1366 struct ipmi_device_id id;
1369 user = acquire_ipmi_user(user, &index);
1373 rv = bmc_get_device_id(user->intf, NULL, &id, NULL, NULL);
1375 *major = ipmi_version_major(&id);
1376 *minor = ipmi_version_minor(&id);
1378 release_ipmi_user(user, index);
1382 EXPORT_SYMBOL(ipmi_get_version);
1384 int ipmi_set_my_address(struct ipmi_user *user,
1385 unsigned int channel,
1386 unsigned char address)
1390 user = acquire_ipmi_user(user, &index);
1394 if (channel >= IPMI_MAX_CHANNELS) {
1397 channel = array_index_nospec(channel, IPMI_MAX_CHANNELS);
1398 user->intf->addrinfo[channel].address = address;
1400 release_ipmi_user(user, index);
1404 EXPORT_SYMBOL(ipmi_set_my_address);
1406 int ipmi_get_my_address(struct ipmi_user *user,
1407 unsigned int channel,
1408 unsigned char *address)
1412 user = acquire_ipmi_user(user, &index);
1416 if (channel >= IPMI_MAX_CHANNELS) {
1419 channel = array_index_nospec(channel, IPMI_MAX_CHANNELS);
1420 *address = user->intf->addrinfo[channel].address;
1422 release_ipmi_user(user, index);
1426 EXPORT_SYMBOL(ipmi_get_my_address);
1428 int ipmi_set_my_LUN(struct ipmi_user *user,
1429 unsigned int channel,
1434 user = acquire_ipmi_user(user, &index);
1438 if (channel >= IPMI_MAX_CHANNELS) {
1441 channel = array_index_nospec(channel, IPMI_MAX_CHANNELS);
1442 user->intf->addrinfo[channel].lun = LUN & 0x3;
1444 release_ipmi_user(user, index);
1448 EXPORT_SYMBOL(ipmi_set_my_LUN);
1450 int ipmi_get_my_LUN(struct ipmi_user *user,
1451 unsigned int channel,
1452 unsigned char *address)
1456 user = acquire_ipmi_user(user, &index);
1460 if (channel >= IPMI_MAX_CHANNELS) {
1463 channel = array_index_nospec(channel, IPMI_MAX_CHANNELS);
1464 *address = user->intf->addrinfo[channel].lun;
1466 release_ipmi_user(user, index);
1470 EXPORT_SYMBOL(ipmi_get_my_LUN);
1472 int ipmi_get_maintenance_mode(struct ipmi_user *user)
1475 unsigned long flags;
1477 user = acquire_ipmi_user(user, &index);
1481 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags);
1482 mode = user->intf->maintenance_mode;
1483 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags);
1484 release_ipmi_user(user, index);
1488 EXPORT_SYMBOL(ipmi_get_maintenance_mode);
1490 static void maintenance_mode_update(struct ipmi_smi *intf)
1492 if (intf->handlers->set_maintenance_mode)
1493 intf->handlers->set_maintenance_mode(
1494 intf->send_info, intf->maintenance_mode_enable);
1497 int ipmi_set_maintenance_mode(struct ipmi_user *user, int mode)
1500 unsigned long flags;
1501 struct ipmi_smi *intf = user->intf;
1503 user = acquire_ipmi_user(user, &index);
1507 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1508 if (intf->maintenance_mode != mode) {
1510 case IPMI_MAINTENANCE_MODE_AUTO:
1511 intf->maintenance_mode_enable
1512 = (intf->auto_maintenance_timeout > 0);
1515 case IPMI_MAINTENANCE_MODE_OFF:
1516 intf->maintenance_mode_enable = false;
1519 case IPMI_MAINTENANCE_MODE_ON:
1520 intf->maintenance_mode_enable = true;
1527 intf->maintenance_mode = mode;
1529 maintenance_mode_update(intf);
1532 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags);
1533 release_ipmi_user(user, index);
1537 EXPORT_SYMBOL(ipmi_set_maintenance_mode);
1539 int ipmi_set_gets_events(struct ipmi_user *user, bool val)
1541 unsigned long flags;
1542 struct ipmi_smi *intf = user->intf;
1543 struct ipmi_recv_msg *msg, *msg2;
1544 struct list_head msgs;
1547 user = acquire_ipmi_user(user, &index);
1551 INIT_LIST_HEAD(&msgs);
1553 spin_lock_irqsave(&intf->events_lock, flags);
1554 if (user->gets_events == val)
1557 user->gets_events = val;
1560 if (atomic_inc_return(&intf->event_waiters) == 1)
1563 atomic_dec(&intf->event_waiters);
1566 if (intf->delivering_events)
1568 * Another thread is delivering events for this, so
1569 * let it handle any new events.
1573 /* Deliver any queued events. */
1574 while (user->gets_events && !list_empty(&intf->waiting_events)) {
1575 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link)
1576 list_move_tail(&msg->link, &msgs);
1577 intf->waiting_events_count = 0;
1578 if (intf->event_msg_printed) {
1579 dev_warn(intf->si_dev, "Event queue no longer full\n");
1580 intf->event_msg_printed = 0;
1583 intf->delivering_events = 1;
1584 spin_unlock_irqrestore(&intf->events_lock, flags);
1586 list_for_each_entry_safe(msg, msg2, &msgs, link) {
1588 kref_get(&user->refcount);
1589 deliver_local_response(intf, msg);
1592 spin_lock_irqsave(&intf->events_lock, flags);
1593 intf->delivering_events = 0;
1597 spin_unlock_irqrestore(&intf->events_lock, flags);
1598 release_ipmi_user(user, index);
1602 EXPORT_SYMBOL(ipmi_set_gets_events);
1604 static struct cmd_rcvr *find_cmd_rcvr(struct ipmi_smi *intf,
1605 unsigned char netfn,
1609 struct cmd_rcvr *rcvr;
1611 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link,
1612 lockdep_is_held(&intf->cmd_rcvrs_mutex)) {
1613 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1614 && (rcvr->chans & (1 << chan)))
1620 static int is_cmd_rcvr_exclusive(struct ipmi_smi *intf,
1621 unsigned char netfn,
1625 struct cmd_rcvr *rcvr;
1627 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link,
1628 lockdep_is_held(&intf->cmd_rcvrs_mutex)) {
1629 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1630 && (rcvr->chans & chans))
1636 int ipmi_register_for_cmd(struct ipmi_user *user,
1637 unsigned char netfn,
1641 struct ipmi_smi *intf = user->intf;
1642 struct cmd_rcvr *rcvr;
1645 user = acquire_ipmi_user(user, &index);
1649 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
1655 rcvr->netfn = netfn;
1656 rcvr->chans = chans;
1659 mutex_lock(&intf->cmd_rcvrs_mutex);
1660 /* Make sure the command/netfn is not already registered. */
1661 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) {
1666 smi_add_watch(intf, IPMI_WATCH_MASK_CHECK_COMMANDS);
1668 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
1671 mutex_unlock(&intf->cmd_rcvrs_mutex);
1675 release_ipmi_user(user, index);
1679 EXPORT_SYMBOL(ipmi_register_for_cmd);
1681 int ipmi_unregister_for_cmd(struct ipmi_user *user,
1682 unsigned char netfn,
1686 struct ipmi_smi *intf = user->intf;
1687 struct cmd_rcvr *rcvr;
1688 struct cmd_rcvr *rcvrs = NULL;
1689 int i, rv = -ENOENT, index;
1691 user = acquire_ipmi_user(user, &index);
1695 mutex_lock(&intf->cmd_rcvrs_mutex);
1696 for (i = 0; i < IPMI_NUM_CHANNELS; i++) {
1697 if (((1 << i) & chans) == 0)
1699 rcvr = find_cmd_rcvr(intf, netfn, cmd, i);
1702 if (rcvr->user == user) {
1704 rcvr->chans &= ~chans;
1705 if (rcvr->chans == 0) {
1706 list_del_rcu(&rcvr->link);
1712 mutex_unlock(&intf->cmd_rcvrs_mutex);
1714 release_ipmi_user(user, index);
1716 smi_remove_watch(intf, IPMI_WATCH_MASK_CHECK_COMMANDS);
1724 EXPORT_SYMBOL(ipmi_unregister_for_cmd);
1726 static unsigned char
1727 ipmb_checksum(unsigned char *data, int size)
1729 unsigned char csum = 0;
1731 for (; size > 0; size--, data++)
1737 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1738 struct kernel_ipmi_msg *msg,
1739 struct ipmi_ipmb_addr *ipmb_addr,
1741 unsigned char ipmb_seq,
1743 unsigned char source_address,
1744 unsigned char source_lun)
1748 /* Format the IPMB header data. */
1749 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1750 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1751 smi_msg->data[2] = ipmb_addr->channel;
1753 smi_msg->data[3] = 0;
1754 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1755 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1756 smi_msg->data[i+5] = ipmb_checksum(&smi_msg->data[i + 3], 2);
1757 smi_msg->data[i+6] = source_address;
1758 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1759 smi_msg->data[i+8] = msg->cmd;
1761 /* Now tack on the data to the message. */
1762 if (msg->data_len > 0)
1763 memcpy(&smi_msg->data[i + 9], msg->data, msg->data_len);
1764 smi_msg->data_size = msg->data_len + 9;
1766 /* Now calculate the checksum and tack it on. */
1767 smi_msg->data[i+smi_msg->data_size]
1768 = ipmb_checksum(&smi_msg->data[i + 6], smi_msg->data_size - 6);
1771 * Add on the checksum size and the offset from the
1774 smi_msg->data_size += 1 + i;
1776 smi_msg->msgid = msgid;
1779 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1780 struct kernel_ipmi_msg *msg,
1781 struct ipmi_lan_addr *lan_addr,
1783 unsigned char ipmb_seq,
1784 unsigned char source_lun)
1786 /* Format the IPMB header data. */
1787 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1788 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1789 smi_msg->data[2] = lan_addr->channel;
1790 smi_msg->data[3] = lan_addr->session_handle;
1791 smi_msg->data[4] = lan_addr->remote_SWID;
1792 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1793 smi_msg->data[6] = ipmb_checksum(&smi_msg->data[4], 2);
1794 smi_msg->data[7] = lan_addr->local_SWID;
1795 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1796 smi_msg->data[9] = msg->cmd;
1798 /* Now tack on the data to the message. */
1799 if (msg->data_len > 0)
1800 memcpy(&smi_msg->data[10], msg->data, msg->data_len);
1801 smi_msg->data_size = msg->data_len + 10;
1803 /* Now calculate the checksum and tack it on. */
1804 smi_msg->data[smi_msg->data_size]
1805 = ipmb_checksum(&smi_msg->data[7], smi_msg->data_size - 7);
1808 * Add on the checksum size and the offset from the
1811 smi_msg->data_size += 1;
1813 smi_msg->msgid = msgid;
1816 static struct ipmi_smi_msg *smi_add_send_msg(struct ipmi_smi *intf,
1817 struct ipmi_smi_msg *smi_msg,
1820 if (intf->curr_msg) {
1822 list_add_tail(&smi_msg->link, &intf->hp_xmit_msgs);
1824 list_add_tail(&smi_msg->link, &intf->xmit_msgs);
1827 intf->curr_msg = smi_msg;
1833 static void smi_send(struct ipmi_smi *intf,
1834 const struct ipmi_smi_handlers *handlers,
1835 struct ipmi_smi_msg *smi_msg, int priority)
1837 int run_to_completion = intf->run_to_completion;
1838 unsigned long flags = 0;
1840 if (!run_to_completion)
1841 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
1842 smi_msg = smi_add_send_msg(intf, smi_msg, priority);
1844 if (!run_to_completion)
1845 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
1848 handlers->sender(intf->send_info, smi_msg);
1851 static bool is_maintenance_mode_cmd(struct kernel_ipmi_msg *msg)
1853 return (((msg->netfn == IPMI_NETFN_APP_REQUEST)
1854 && ((msg->cmd == IPMI_COLD_RESET_CMD)
1855 || (msg->cmd == IPMI_WARM_RESET_CMD)))
1856 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST));
1859 static int i_ipmi_req_sysintf(struct ipmi_smi *intf,
1860 struct ipmi_addr *addr,
1862 struct kernel_ipmi_msg *msg,
1863 struct ipmi_smi_msg *smi_msg,
1864 struct ipmi_recv_msg *recv_msg,
1866 unsigned int retry_time_ms)
1868 struct ipmi_system_interface_addr *smi_addr;
1871 /* Responses are not allowed to the SMI. */
1874 smi_addr = (struct ipmi_system_interface_addr *) addr;
1875 if (smi_addr->lun > 3) {
1876 ipmi_inc_stat(intf, sent_invalid_commands);
1880 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1882 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1883 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1884 || (msg->cmd == IPMI_GET_MSG_CMD)
1885 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) {
1887 * We don't let the user do these, since we manage
1888 * the sequence numbers.
1890 ipmi_inc_stat(intf, sent_invalid_commands);
1894 if (is_maintenance_mode_cmd(msg)) {
1895 unsigned long flags;
1897 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1898 intf->auto_maintenance_timeout
1899 = maintenance_mode_timeout_ms;
1900 if (!intf->maintenance_mode
1901 && !intf->maintenance_mode_enable) {
1902 intf->maintenance_mode_enable = true;
1903 maintenance_mode_update(intf);
1905 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
1909 if (msg->data_len + 2 > IPMI_MAX_MSG_LENGTH) {
1910 ipmi_inc_stat(intf, sent_invalid_commands);
1914 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1915 smi_msg->data[1] = msg->cmd;
1916 smi_msg->msgid = msgid;
1917 smi_msg->user_data = recv_msg;
1918 if (msg->data_len > 0)
1919 memcpy(&smi_msg->data[2], msg->data, msg->data_len);
1920 smi_msg->data_size = msg->data_len + 2;
1921 ipmi_inc_stat(intf, sent_local_commands);
1926 static int i_ipmi_req_ipmb(struct ipmi_smi *intf,
1927 struct ipmi_addr *addr,
1929 struct kernel_ipmi_msg *msg,
1930 struct ipmi_smi_msg *smi_msg,
1931 struct ipmi_recv_msg *recv_msg,
1932 unsigned char source_address,
1933 unsigned char source_lun,
1935 unsigned int retry_time_ms)
1937 struct ipmi_ipmb_addr *ipmb_addr;
1938 unsigned char ipmb_seq;
1941 struct ipmi_channel *chans;
1944 if (addr->channel >= IPMI_MAX_CHANNELS) {
1945 ipmi_inc_stat(intf, sent_invalid_commands);
1949 chans = READ_ONCE(intf->channel_list)->c;
1951 if (chans[addr->channel].medium != IPMI_CHANNEL_MEDIUM_IPMB) {
1952 ipmi_inc_stat(intf, sent_invalid_commands);
1956 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1958 * Broadcasts add a zero at the beginning of the
1959 * message, but otherwise is the same as an IPMB
1962 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1964 retries = 0; /* Don't retry broadcasts. */
1968 * 9 for the header and 1 for the checksum, plus
1969 * possibly one for the broadcast.
1971 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1972 ipmi_inc_stat(intf, sent_invalid_commands);
1976 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1977 if (ipmb_addr->lun > 3) {
1978 ipmi_inc_stat(intf, sent_invalid_commands);
1982 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1984 if (recv_msg->msg.netfn & 0x1) {
1986 * It's a response, so use the user's sequence
1989 ipmi_inc_stat(intf, sent_ipmb_responses);
1990 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1992 source_address, source_lun);
1995 * Save the receive message so we can use it
1996 * to deliver the response.
1998 smi_msg->user_data = recv_msg;
2000 /* It's a command, so get a sequence for it. */
2001 unsigned long flags;
2003 spin_lock_irqsave(&intf->seq_lock, flags);
2005 if (is_maintenance_mode_cmd(msg))
2006 intf->ipmb_maintenance_mode_timeout =
2007 maintenance_mode_timeout_ms;
2009 if (intf->ipmb_maintenance_mode_timeout && retry_time_ms == 0)
2010 /* Different default in maintenance mode */
2011 retry_time_ms = default_maintenance_retry_ms;
2014 * Create a sequence number with a 1 second
2015 * timeout and 4 retries.
2017 rv = intf_next_seq(intf,
2026 * We have used up all the sequence numbers,
2027 * probably, so abort.
2031 ipmi_inc_stat(intf, sent_ipmb_commands);
2034 * Store the sequence number in the message,
2035 * so that when the send message response
2036 * comes back we can start the timer.
2038 format_ipmb_msg(smi_msg, msg, ipmb_addr,
2039 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
2040 ipmb_seq, broadcast,
2041 source_address, source_lun);
2044 * Copy the message into the recv message data, so we
2045 * can retransmit it later if necessary.
2047 memcpy(recv_msg->msg_data, smi_msg->data,
2048 smi_msg->data_size);
2049 recv_msg->msg.data = recv_msg->msg_data;
2050 recv_msg->msg.data_len = smi_msg->data_size;
2053 * We don't unlock until here, because we need
2054 * to copy the completed message into the
2055 * recv_msg before we release the lock.
2056 * Otherwise, race conditions may bite us. I
2057 * know that's pretty paranoid, but I prefer
2061 spin_unlock_irqrestore(&intf->seq_lock, flags);
2067 static int i_ipmi_req_lan(struct ipmi_smi *intf,
2068 struct ipmi_addr *addr,
2070 struct kernel_ipmi_msg *msg,
2071 struct ipmi_smi_msg *smi_msg,
2072 struct ipmi_recv_msg *recv_msg,
2073 unsigned char source_lun,
2075 unsigned int retry_time_ms)
2077 struct ipmi_lan_addr *lan_addr;
2078 unsigned char ipmb_seq;
2080 struct ipmi_channel *chans;
2083 if (addr->channel >= IPMI_MAX_CHANNELS) {
2084 ipmi_inc_stat(intf, sent_invalid_commands);
2088 chans = READ_ONCE(intf->channel_list)->c;
2090 if ((chans[addr->channel].medium
2091 != IPMI_CHANNEL_MEDIUM_8023LAN)
2092 && (chans[addr->channel].medium
2093 != IPMI_CHANNEL_MEDIUM_ASYNC)) {
2094 ipmi_inc_stat(intf, sent_invalid_commands);
2098 /* 11 for the header and 1 for the checksum. */
2099 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
2100 ipmi_inc_stat(intf, sent_invalid_commands);
2104 lan_addr = (struct ipmi_lan_addr *) addr;
2105 if (lan_addr->lun > 3) {
2106 ipmi_inc_stat(intf, sent_invalid_commands);
2110 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
2112 if (recv_msg->msg.netfn & 0x1) {
2114 * It's a response, so use the user's sequence
2117 ipmi_inc_stat(intf, sent_lan_responses);
2118 format_lan_msg(smi_msg, msg, lan_addr, msgid,
2122 * Save the receive message so we can use it
2123 * to deliver the response.
2125 smi_msg->user_data = recv_msg;
2127 /* It's a command, so get a sequence for it. */
2128 unsigned long flags;
2130 spin_lock_irqsave(&intf->seq_lock, flags);
2133 * Create a sequence number with a 1 second
2134 * timeout and 4 retries.
2136 rv = intf_next_seq(intf,
2145 * We have used up all the sequence numbers,
2146 * probably, so abort.
2150 ipmi_inc_stat(intf, sent_lan_commands);
2153 * Store the sequence number in the message,
2154 * so that when the send message response
2155 * comes back we can start the timer.
2157 format_lan_msg(smi_msg, msg, lan_addr,
2158 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
2159 ipmb_seq, source_lun);
2162 * Copy the message into the recv message data, so we
2163 * can retransmit it later if necessary.
2165 memcpy(recv_msg->msg_data, smi_msg->data,
2166 smi_msg->data_size);
2167 recv_msg->msg.data = recv_msg->msg_data;
2168 recv_msg->msg.data_len = smi_msg->data_size;
2171 * We don't unlock until here, because we need
2172 * to copy the completed message into the
2173 * recv_msg before we release the lock.
2174 * Otherwise, race conditions may bite us. I
2175 * know that's pretty paranoid, but I prefer
2179 spin_unlock_irqrestore(&intf->seq_lock, flags);
2186 * Separate from ipmi_request so that the user does not have to be
2187 * supplied in certain circumstances (mainly at panic time). If
2188 * messages are supplied, they will be freed, even if an error
2191 static int i_ipmi_request(struct ipmi_user *user,
2192 struct ipmi_smi *intf,
2193 struct ipmi_addr *addr,
2195 struct kernel_ipmi_msg *msg,
2196 void *user_msg_data,
2198 struct ipmi_recv_msg *supplied_recv,
2200 unsigned char source_address,
2201 unsigned char source_lun,
2203 unsigned int retry_time_ms)
2205 struct ipmi_smi_msg *smi_msg;
2206 struct ipmi_recv_msg *recv_msg;
2210 recv_msg = supplied_recv;
2212 recv_msg = ipmi_alloc_recv_msg();
2213 if (recv_msg == NULL) {
2218 recv_msg->user_msg_data = user_msg_data;
2221 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
2223 smi_msg = ipmi_alloc_smi_msg();
2224 if (smi_msg == NULL) {
2226 ipmi_free_recv_msg(recv_msg);
2233 if (intf->in_shutdown) {
2238 recv_msg->user = user;
2240 /* The put happens when the message is freed. */
2241 kref_get(&user->refcount);
2242 recv_msg->msgid = msgid;
2244 * Store the message to send in the receive message so timeout
2245 * responses can get the proper response data.
2247 recv_msg->msg = *msg;
2249 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
2250 rv = i_ipmi_req_sysintf(intf, addr, msgid, msg, smi_msg,
2251 recv_msg, retries, retry_time_ms);
2252 } else if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
2253 rv = i_ipmi_req_ipmb(intf, addr, msgid, msg, smi_msg, recv_msg,
2254 source_address, source_lun,
2255 retries, retry_time_ms);
2256 } else if (is_lan_addr(addr)) {
2257 rv = i_ipmi_req_lan(intf, addr, msgid, msg, smi_msg, recv_msg,
2258 source_lun, retries, retry_time_ms);
2260 /* Unknown address type. */
2261 ipmi_inc_stat(intf, sent_invalid_commands);
2267 ipmi_free_smi_msg(smi_msg);
2268 ipmi_free_recv_msg(recv_msg);
2270 pr_debug("Send: %*ph\n", smi_msg->data_size, smi_msg->data);
2272 smi_send(intf, intf->handlers, smi_msg, priority);
2280 static int check_addr(struct ipmi_smi *intf,
2281 struct ipmi_addr *addr,
2282 unsigned char *saddr,
2285 if (addr->channel >= IPMI_MAX_CHANNELS)
2287 addr->channel = array_index_nospec(addr->channel, IPMI_MAX_CHANNELS);
2288 *lun = intf->addrinfo[addr->channel].lun;
2289 *saddr = intf->addrinfo[addr->channel].address;
2293 int ipmi_request_settime(struct ipmi_user *user,
2294 struct ipmi_addr *addr,
2296 struct kernel_ipmi_msg *msg,
2297 void *user_msg_data,
2300 unsigned int retry_time_ms)
2302 unsigned char saddr = 0, lun = 0;
2308 user = acquire_ipmi_user(user, &index);
2312 rv = check_addr(user->intf, addr, &saddr, &lun);
2314 rv = i_ipmi_request(user,
2327 release_ipmi_user(user, index);
2330 EXPORT_SYMBOL(ipmi_request_settime);
2332 int ipmi_request_supply_msgs(struct ipmi_user *user,
2333 struct ipmi_addr *addr,
2335 struct kernel_ipmi_msg *msg,
2336 void *user_msg_data,
2338 struct ipmi_recv_msg *supplied_recv,
2341 unsigned char saddr = 0, lun = 0;
2347 user = acquire_ipmi_user(user, &index);
2351 rv = check_addr(user->intf, addr, &saddr, &lun);
2353 rv = i_ipmi_request(user,
2366 release_ipmi_user(user, index);
2369 EXPORT_SYMBOL(ipmi_request_supply_msgs);
2371 static void bmc_device_id_handler(struct ipmi_smi *intf,
2372 struct ipmi_recv_msg *msg)
2376 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2377 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
2378 || (msg->msg.cmd != IPMI_GET_DEVICE_ID_CMD)) {
2379 dev_warn(intf->si_dev,
2380 "invalid device_id msg: addr_type=%d netfn=%x cmd=%x\n",
2381 msg->addr.addr_type, msg->msg.netfn, msg->msg.cmd);
2385 rv = ipmi_demangle_device_id(msg->msg.netfn, msg->msg.cmd,
2386 msg->msg.data, msg->msg.data_len, &intf->bmc->fetch_id);
2388 dev_warn(intf->si_dev, "device id demangle failed: %d\n", rv);
2389 /* record completion code when error */
2390 intf->bmc->cc = msg->msg.data[0];
2391 intf->bmc->dyn_id_set = 0;
2394 * Make sure the id data is available before setting
2398 intf->bmc->dyn_id_set = 1;
2401 wake_up(&intf->waitq);
2405 send_get_device_id_cmd(struct ipmi_smi *intf)
2407 struct ipmi_system_interface_addr si;
2408 struct kernel_ipmi_msg msg;
2410 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2411 si.channel = IPMI_BMC_CHANNEL;
2414 msg.netfn = IPMI_NETFN_APP_REQUEST;
2415 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
2419 return i_ipmi_request(NULL,
2421 (struct ipmi_addr *) &si,
2428 intf->addrinfo[0].address,
2429 intf->addrinfo[0].lun,
2433 static int __get_device_id(struct ipmi_smi *intf, struct bmc_device *bmc)
2436 unsigned int retry_count = 0;
2438 intf->null_user_handler = bmc_device_id_handler;
2442 bmc->dyn_id_set = 2;
2444 rv = send_get_device_id_cmd(intf);
2446 goto out_reset_handler;
2448 wait_event(intf->waitq, bmc->dyn_id_set != 2);
2450 if (!bmc->dyn_id_set) {
2451 if ((bmc->cc == IPMI_DEVICE_IN_FW_UPDATE_ERR
2452 || bmc->cc == IPMI_DEVICE_IN_INIT_ERR
2453 || bmc->cc == IPMI_NOT_IN_MY_STATE_ERR)
2454 && ++retry_count <= GET_DEVICE_ID_MAX_RETRY) {
2456 dev_warn(intf->si_dev,
2457 "BMC returned 0x%2.2x, retry get bmc device id\n",
2462 rv = -EIO; /* Something went wrong in the fetch. */
2465 /* dyn_id_set makes the id data available. */
2469 intf->null_user_handler = NULL;
2475 * Fetch the device id for the bmc/interface. You must pass in either
2476 * bmc or intf, this code will get the other one. If the data has
2477 * been recently fetched, this will just use the cached data. Otherwise
2478 * it will run a new fetch.
2480 * Except for the first time this is called (in ipmi_add_smi()),
2481 * this will always return good data;
2483 static int __bmc_get_device_id(struct ipmi_smi *intf, struct bmc_device *bmc,
2484 struct ipmi_device_id *id,
2485 bool *guid_set, guid_t *guid, int intf_num)
2488 int prev_dyn_id_set, prev_guid_set;
2489 bool intf_set = intf != NULL;
2492 mutex_lock(&bmc->dyn_mutex);
2494 if (list_empty(&bmc->intfs)) {
2495 mutex_unlock(&bmc->dyn_mutex);
2498 intf = list_first_entry(&bmc->intfs, struct ipmi_smi,
2500 kref_get(&intf->refcount);
2501 mutex_unlock(&bmc->dyn_mutex);
2502 mutex_lock(&intf->bmc_reg_mutex);
2503 mutex_lock(&bmc->dyn_mutex);
2504 if (intf != list_first_entry(&bmc->intfs, struct ipmi_smi,
2506 mutex_unlock(&intf->bmc_reg_mutex);
2507 kref_put(&intf->refcount, intf_free);
2508 goto retry_bmc_lock;
2511 mutex_lock(&intf->bmc_reg_mutex);
2513 mutex_lock(&bmc->dyn_mutex);
2514 kref_get(&intf->refcount);
2517 /* If we have a valid and current ID, just return that. */
2518 if (intf->in_bmc_register ||
2519 (bmc->dyn_id_set && time_is_after_jiffies(bmc->dyn_id_expiry)))
2520 goto out_noprocessing;
2522 prev_guid_set = bmc->dyn_guid_set;
2525 prev_dyn_id_set = bmc->dyn_id_set;
2526 rv = __get_device_id(intf, bmc);
2531 * The guid, device id, manufacturer id, and product id should
2532 * not change on a BMC. If it does we have to do some dancing.
2534 if (!intf->bmc_registered
2535 || (!prev_guid_set && bmc->dyn_guid_set)
2536 || (!prev_dyn_id_set && bmc->dyn_id_set)
2537 || (prev_guid_set && bmc->dyn_guid_set
2538 && !guid_equal(&bmc->guid, &bmc->fetch_guid))
2539 || bmc->id.device_id != bmc->fetch_id.device_id
2540 || bmc->id.manufacturer_id != bmc->fetch_id.manufacturer_id
2541 || bmc->id.product_id != bmc->fetch_id.product_id) {
2542 struct ipmi_device_id id = bmc->fetch_id;
2543 int guid_set = bmc->dyn_guid_set;
2546 guid = bmc->fetch_guid;
2547 mutex_unlock(&bmc->dyn_mutex);
2549 __ipmi_bmc_unregister(intf);
2550 /* Fill in the temporary BMC for good measure. */
2552 intf->bmc->dyn_guid_set = guid_set;
2553 intf->bmc->guid = guid;
2554 if (__ipmi_bmc_register(intf, &id, guid_set, &guid, intf_num))
2555 need_waiter(intf); /* Retry later on an error. */
2557 __scan_channels(intf, &id);
2562 * We weren't given the interface on the
2563 * command line, so restart the operation on
2564 * the next interface for the BMC.
2566 mutex_unlock(&intf->bmc_reg_mutex);
2567 mutex_lock(&bmc->dyn_mutex);
2568 goto retry_bmc_lock;
2571 /* We have a new BMC, set it up. */
2573 mutex_lock(&bmc->dyn_mutex);
2574 goto out_noprocessing;
2575 } else if (memcmp(&bmc->fetch_id, &bmc->id, sizeof(bmc->id)))
2576 /* Version info changes, scan the channels again. */
2577 __scan_channels(intf, &bmc->fetch_id);
2579 bmc->dyn_id_expiry = jiffies + IPMI_DYN_DEV_ID_EXPIRY;
2582 if (rv && prev_dyn_id_set) {
2583 rv = 0; /* Ignore failures if we have previous data. */
2584 bmc->dyn_id_set = prev_dyn_id_set;
2587 bmc->id = bmc->fetch_id;
2588 if (bmc->dyn_guid_set)
2589 bmc->guid = bmc->fetch_guid;
2590 else if (prev_guid_set)
2592 * The guid used to be valid and it failed to fetch,
2593 * just use the cached value.
2595 bmc->dyn_guid_set = prev_guid_set;
2603 *guid_set = bmc->dyn_guid_set;
2605 if (guid && bmc->dyn_guid_set)
2609 mutex_unlock(&bmc->dyn_mutex);
2610 mutex_unlock(&intf->bmc_reg_mutex);
2612 kref_put(&intf->refcount, intf_free);
2616 static int bmc_get_device_id(struct ipmi_smi *intf, struct bmc_device *bmc,
2617 struct ipmi_device_id *id,
2618 bool *guid_set, guid_t *guid)
2620 return __bmc_get_device_id(intf, bmc, id, guid_set, guid, -1);
2623 static ssize_t device_id_show(struct device *dev,
2624 struct device_attribute *attr,
2627 struct bmc_device *bmc = to_bmc_device(dev);
2628 struct ipmi_device_id id;
2631 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2635 return snprintf(buf, 10, "%u\n", id.device_id);
2637 static DEVICE_ATTR_RO(device_id);
2639 static ssize_t provides_device_sdrs_show(struct device *dev,
2640 struct device_attribute *attr,
2643 struct bmc_device *bmc = to_bmc_device(dev);
2644 struct ipmi_device_id id;
2647 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2651 return snprintf(buf, 10, "%u\n", (id.device_revision & 0x80) >> 7);
2653 static DEVICE_ATTR_RO(provides_device_sdrs);
2655 static ssize_t revision_show(struct device *dev, struct device_attribute *attr,
2658 struct bmc_device *bmc = to_bmc_device(dev);
2659 struct ipmi_device_id id;
2662 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2666 return snprintf(buf, 20, "%u\n", id.device_revision & 0x0F);
2668 static DEVICE_ATTR_RO(revision);
2670 static ssize_t firmware_revision_show(struct device *dev,
2671 struct device_attribute *attr,
2674 struct bmc_device *bmc = to_bmc_device(dev);
2675 struct ipmi_device_id id;
2678 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2682 return snprintf(buf, 20, "%u.%x\n", id.firmware_revision_1,
2683 id.firmware_revision_2);
2685 static DEVICE_ATTR_RO(firmware_revision);
2687 static ssize_t ipmi_version_show(struct device *dev,
2688 struct device_attribute *attr,
2691 struct bmc_device *bmc = to_bmc_device(dev);
2692 struct ipmi_device_id id;
2695 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2699 return snprintf(buf, 20, "%u.%u\n",
2700 ipmi_version_major(&id),
2701 ipmi_version_minor(&id));
2703 static DEVICE_ATTR_RO(ipmi_version);
2705 static ssize_t add_dev_support_show(struct device *dev,
2706 struct device_attribute *attr,
2709 struct bmc_device *bmc = to_bmc_device(dev);
2710 struct ipmi_device_id id;
2713 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2717 return snprintf(buf, 10, "0x%02x\n", id.additional_device_support);
2719 static DEVICE_ATTR(additional_device_support, S_IRUGO, add_dev_support_show,
2722 static ssize_t manufacturer_id_show(struct device *dev,
2723 struct device_attribute *attr,
2726 struct bmc_device *bmc = to_bmc_device(dev);
2727 struct ipmi_device_id id;
2730 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2734 return snprintf(buf, 20, "0x%6.6x\n", id.manufacturer_id);
2736 static DEVICE_ATTR_RO(manufacturer_id);
2738 static ssize_t product_id_show(struct device *dev,
2739 struct device_attribute *attr,
2742 struct bmc_device *bmc = to_bmc_device(dev);
2743 struct ipmi_device_id id;
2746 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2750 return snprintf(buf, 10, "0x%4.4x\n", id.product_id);
2752 static DEVICE_ATTR_RO(product_id);
2754 static ssize_t aux_firmware_rev_show(struct device *dev,
2755 struct device_attribute *attr,
2758 struct bmc_device *bmc = to_bmc_device(dev);
2759 struct ipmi_device_id id;
2762 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2766 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n",
2767 id.aux_firmware_revision[3],
2768 id.aux_firmware_revision[2],
2769 id.aux_firmware_revision[1],
2770 id.aux_firmware_revision[0]);
2772 static DEVICE_ATTR(aux_firmware_revision, S_IRUGO, aux_firmware_rev_show, NULL);
2774 static ssize_t guid_show(struct device *dev, struct device_attribute *attr,
2777 struct bmc_device *bmc = to_bmc_device(dev);
2782 rv = bmc_get_device_id(NULL, bmc, NULL, &guid_set, &guid);
2788 return snprintf(buf, UUID_STRING_LEN + 1 + 1, "%pUl\n", &guid);
2790 static DEVICE_ATTR_RO(guid);
2792 static struct attribute *bmc_dev_attrs[] = {
2793 &dev_attr_device_id.attr,
2794 &dev_attr_provides_device_sdrs.attr,
2795 &dev_attr_revision.attr,
2796 &dev_attr_firmware_revision.attr,
2797 &dev_attr_ipmi_version.attr,
2798 &dev_attr_additional_device_support.attr,
2799 &dev_attr_manufacturer_id.attr,
2800 &dev_attr_product_id.attr,
2801 &dev_attr_aux_firmware_revision.attr,
2802 &dev_attr_guid.attr,
2806 static umode_t bmc_dev_attr_is_visible(struct kobject *kobj,
2807 struct attribute *attr, int idx)
2809 struct device *dev = kobj_to_dev(kobj);
2810 struct bmc_device *bmc = to_bmc_device(dev);
2811 umode_t mode = attr->mode;
2814 if (attr == &dev_attr_aux_firmware_revision.attr) {
2815 struct ipmi_device_id id;
2817 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2818 return (!rv && id.aux_firmware_revision_set) ? mode : 0;
2820 if (attr == &dev_attr_guid.attr) {
2823 rv = bmc_get_device_id(NULL, bmc, NULL, &guid_set, NULL);
2824 return (!rv && guid_set) ? mode : 0;
2829 static const struct attribute_group bmc_dev_attr_group = {
2830 .attrs = bmc_dev_attrs,
2831 .is_visible = bmc_dev_attr_is_visible,
2834 static const struct attribute_group *bmc_dev_attr_groups[] = {
2835 &bmc_dev_attr_group,
2839 static const struct device_type bmc_device_type = {
2840 .groups = bmc_dev_attr_groups,
2843 static int __find_bmc_guid(struct device *dev, const void *data)
2845 const guid_t *guid = data;
2846 struct bmc_device *bmc;
2849 if (dev->type != &bmc_device_type)
2852 bmc = to_bmc_device(dev);
2853 rv = bmc->dyn_guid_set && guid_equal(&bmc->guid, guid);
2855 rv = kref_get_unless_zero(&bmc->usecount);
2860 * Returns with the bmc's usecount incremented, if it is non-NULL.
2862 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv,
2866 struct bmc_device *bmc = NULL;
2868 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid);
2870 bmc = to_bmc_device(dev);
2876 struct prod_dev_id {
2877 unsigned int product_id;
2878 unsigned char device_id;
2881 static int __find_bmc_prod_dev_id(struct device *dev, const void *data)
2883 const struct prod_dev_id *cid = data;
2884 struct bmc_device *bmc;
2887 if (dev->type != &bmc_device_type)
2890 bmc = to_bmc_device(dev);
2891 rv = (bmc->id.product_id == cid->product_id
2892 && bmc->id.device_id == cid->device_id);
2894 rv = kref_get_unless_zero(&bmc->usecount);
2899 * Returns with the bmc's usecount incremented, if it is non-NULL.
2901 static struct bmc_device *ipmi_find_bmc_prod_dev_id(
2902 struct device_driver *drv,
2903 unsigned int product_id, unsigned char device_id)
2905 struct prod_dev_id id = {
2906 .product_id = product_id,
2907 .device_id = device_id,
2910 struct bmc_device *bmc = NULL;
2912 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id);
2914 bmc = to_bmc_device(dev);
2920 static DEFINE_IDA(ipmi_bmc_ida);
2923 release_bmc_device(struct device *dev)
2925 kfree(to_bmc_device(dev));
2928 static void cleanup_bmc_work(struct work_struct *work)
2930 struct bmc_device *bmc = container_of(work, struct bmc_device,
2932 int id = bmc->pdev.id; /* Unregister overwrites id */
2934 platform_device_unregister(&bmc->pdev);
2935 ida_simple_remove(&ipmi_bmc_ida, id);
2939 cleanup_bmc_device(struct kref *ref)
2941 struct bmc_device *bmc = container_of(ref, struct bmc_device, usecount);
2944 * Remove the platform device in a work queue to avoid issues
2945 * with removing the device attributes while reading a device
2948 queue_work(remove_work_wq, &bmc->remove_work);
2952 * Must be called with intf->bmc_reg_mutex held.
2954 static void __ipmi_bmc_unregister(struct ipmi_smi *intf)
2956 struct bmc_device *bmc = intf->bmc;
2958 if (!intf->bmc_registered)
2961 sysfs_remove_link(&intf->si_dev->kobj, "bmc");
2962 sysfs_remove_link(&bmc->pdev.dev.kobj, intf->my_dev_name);
2963 kfree(intf->my_dev_name);
2964 intf->my_dev_name = NULL;
2966 mutex_lock(&bmc->dyn_mutex);
2967 list_del(&intf->bmc_link);
2968 mutex_unlock(&bmc->dyn_mutex);
2969 intf->bmc = &intf->tmp_bmc;
2970 kref_put(&bmc->usecount, cleanup_bmc_device);
2971 intf->bmc_registered = false;
2974 static void ipmi_bmc_unregister(struct ipmi_smi *intf)
2976 mutex_lock(&intf->bmc_reg_mutex);
2977 __ipmi_bmc_unregister(intf);
2978 mutex_unlock(&intf->bmc_reg_mutex);
2982 * Must be called with intf->bmc_reg_mutex held.
2984 static int __ipmi_bmc_register(struct ipmi_smi *intf,
2985 struct ipmi_device_id *id,
2986 bool guid_set, guid_t *guid, int intf_num)
2989 struct bmc_device *bmc;
2990 struct bmc_device *old_bmc;
2993 * platform_device_register() can cause bmc_reg_mutex to
2994 * be claimed because of the is_visible functions of
2995 * the attributes. Eliminate possible recursion and
2998 intf->in_bmc_register = true;
2999 mutex_unlock(&intf->bmc_reg_mutex);
3002 * Try to find if there is an bmc_device struct
3003 * representing the interfaced BMC already
3005 mutex_lock(&ipmidriver_mutex);
3007 old_bmc = ipmi_find_bmc_guid(&ipmidriver.driver, guid);
3009 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver,
3014 * If there is already an bmc_device, free the new one,
3015 * otherwise register the new BMC device
3020 * Note: old_bmc already has usecount incremented by
3021 * the BMC find functions.
3023 intf->bmc = old_bmc;
3024 mutex_lock(&bmc->dyn_mutex);
3025 list_add_tail(&intf->bmc_link, &bmc->intfs);
3026 mutex_unlock(&bmc->dyn_mutex);
3028 dev_info(intf->si_dev,
3029 "interfacing existing BMC (man_id: 0x%6.6x, prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
3030 bmc->id.manufacturer_id,
3034 bmc = kzalloc(sizeof(*bmc), GFP_KERNEL);
3039 INIT_LIST_HEAD(&bmc->intfs);
3040 mutex_init(&bmc->dyn_mutex);
3041 INIT_WORK(&bmc->remove_work, cleanup_bmc_work);
3044 bmc->dyn_id_set = 1;
3045 bmc->dyn_guid_set = guid_set;
3047 bmc->dyn_id_expiry = jiffies + IPMI_DYN_DEV_ID_EXPIRY;
3049 bmc->pdev.name = "ipmi_bmc";
3051 rv = ida_simple_get(&ipmi_bmc_ida, 0, 0, GFP_KERNEL);
3057 bmc->pdev.dev.driver = &ipmidriver.driver;
3059 bmc->pdev.dev.release = release_bmc_device;
3060 bmc->pdev.dev.type = &bmc_device_type;
3061 kref_init(&bmc->usecount);
3064 mutex_lock(&bmc->dyn_mutex);
3065 list_add_tail(&intf->bmc_link, &bmc->intfs);
3066 mutex_unlock(&bmc->dyn_mutex);
3068 rv = platform_device_register(&bmc->pdev);
3070 dev_err(intf->si_dev,
3071 "Unable to register bmc device: %d\n",
3076 dev_info(intf->si_dev,
3077 "Found new BMC (man_id: 0x%6.6x, prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
3078 bmc->id.manufacturer_id,
3084 * create symlink from system interface device to bmc device
3087 rv = sysfs_create_link(&intf->si_dev->kobj, &bmc->pdev.dev.kobj, "bmc");
3089 dev_err(intf->si_dev, "Unable to create bmc symlink: %d\n", rv);
3094 intf_num = intf->intf_num;
3095 intf->my_dev_name = kasprintf(GFP_KERNEL, "ipmi%d", intf_num);
3096 if (!intf->my_dev_name) {
3098 dev_err(intf->si_dev, "Unable to allocate link from BMC: %d\n",
3103 rv = sysfs_create_link(&bmc->pdev.dev.kobj, &intf->si_dev->kobj,
3106 dev_err(intf->si_dev, "Unable to create symlink to bmc: %d\n",
3108 goto out_free_my_dev_name;
3111 intf->bmc_registered = true;
3114 mutex_unlock(&ipmidriver_mutex);
3115 mutex_lock(&intf->bmc_reg_mutex);
3116 intf->in_bmc_register = false;
3120 out_free_my_dev_name:
3121 kfree(intf->my_dev_name);
3122 intf->my_dev_name = NULL;
3125 sysfs_remove_link(&intf->si_dev->kobj, "bmc");
3128 mutex_lock(&bmc->dyn_mutex);
3129 list_del(&intf->bmc_link);
3130 mutex_unlock(&bmc->dyn_mutex);
3131 intf->bmc = &intf->tmp_bmc;
3132 kref_put(&bmc->usecount, cleanup_bmc_device);
3136 mutex_lock(&bmc->dyn_mutex);
3137 list_del(&intf->bmc_link);
3138 mutex_unlock(&bmc->dyn_mutex);
3139 intf->bmc = &intf->tmp_bmc;
3140 put_device(&bmc->pdev.dev);
3145 send_guid_cmd(struct ipmi_smi *intf, int chan)
3147 struct kernel_ipmi_msg msg;
3148 struct ipmi_system_interface_addr si;
3150 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3151 si.channel = IPMI_BMC_CHANNEL;
3154 msg.netfn = IPMI_NETFN_APP_REQUEST;
3155 msg.cmd = IPMI_GET_DEVICE_GUID_CMD;
3158 return i_ipmi_request(NULL,
3160 (struct ipmi_addr *) &si,
3167 intf->addrinfo[0].address,
3168 intf->addrinfo[0].lun,
3172 static void guid_handler(struct ipmi_smi *intf, struct ipmi_recv_msg *msg)
3174 struct bmc_device *bmc = intf->bmc;
3176 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
3177 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
3178 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD))
3182 if (msg->msg.data[0] != 0) {
3183 /* Error from getting the GUID, the BMC doesn't have one. */
3184 bmc->dyn_guid_set = 0;
3188 if (msg->msg.data_len < UUID_SIZE + 1) {
3189 bmc->dyn_guid_set = 0;
3190 dev_warn(intf->si_dev,
3191 "The GUID response from the BMC was too short, it was %d but should have been %d. Assuming GUID is not available.\n",
3192 msg->msg.data_len, UUID_SIZE + 1);
3196 import_guid(&bmc->fetch_guid, msg->msg.data + 1);
3198 * Make sure the guid data is available before setting
3202 bmc->dyn_guid_set = 1;
3204 wake_up(&intf->waitq);
3207 static void __get_guid(struct ipmi_smi *intf)
3210 struct bmc_device *bmc = intf->bmc;
3212 bmc->dyn_guid_set = 2;
3213 intf->null_user_handler = guid_handler;
3214 rv = send_guid_cmd(intf, 0);
3216 /* Send failed, no GUID available. */
3217 bmc->dyn_guid_set = 0;
3219 wait_event(intf->waitq, bmc->dyn_guid_set != 2);
3221 /* dyn_guid_set makes the guid data available. */
3224 intf->null_user_handler = NULL;
3228 send_channel_info_cmd(struct ipmi_smi *intf, int chan)
3230 struct kernel_ipmi_msg msg;
3231 unsigned char data[1];
3232 struct ipmi_system_interface_addr si;
3234 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3235 si.channel = IPMI_BMC_CHANNEL;
3238 msg.netfn = IPMI_NETFN_APP_REQUEST;
3239 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
3243 return i_ipmi_request(NULL,
3245 (struct ipmi_addr *) &si,
3252 intf->addrinfo[0].address,
3253 intf->addrinfo[0].lun,
3258 channel_handler(struct ipmi_smi *intf, struct ipmi_recv_msg *msg)
3262 unsigned int set = intf->curr_working_cset;
3263 struct ipmi_channel *chans;
3265 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
3266 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
3267 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) {
3268 /* It's the one we want */
3269 if (msg->msg.data[0] != 0) {
3270 /* Got an error from the channel, just go on. */
3271 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
3273 * If the MC does not support this
3274 * command, that is legal. We just
3275 * assume it has one IPMB at channel
3278 intf->wchannels[set].c[0].medium
3279 = IPMI_CHANNEL_MEDIUM_IPMB;
3280 intf->wchannels[set].c[0].protocol
3281 = IPMI_CHANNEL_PROTOCOL_IPMB;
3283 intf->channel_list = intf->wchannels + set;
3284 intf->channels_ready = true;
3285 wake_up(&intf->waitq);
3290 if (msg->msg.data_len < 4) {
3291 /* Message not big enough, just go on. */
3294 ch = intf->curr_channel;
3295 chans = intf->wchannels[set].c;
3296 chans[ch].medium = msg->msg.data[2] & 0x7f;
3297 chans[ch].protocol = msg->msg.data[3] & 0x1f;
3300 intf->curr_channel++;
3301 if (intf->curr_channel >= IPMI_MAX_CHANNELS) {
3302 intf->channel_list = intf->wchannels + set;
3303 intf->channels_ready = true;
3304 wake_up(&intf->waitq);
3306 intf->channel_list = intf->wchannels + set;
3307 intf->channels_ready = true;
3308 rv = send_channel_info_cmd(intf, intf->curr_channel);
3312 /* Got an error somehow, just give up. */
3313 dev_warn(intf->si_dev,
3314 "Error sending channel information for channel %d: %d\n",
3315 intf->curr_channel, rv);
3317 intf->channel_list = intf->wchannels + set;
3318 intf->channels_ready = true;
3319 wake_up(&intf->waitq);
3327 * Must be holding intf->bmc_reg_mutex to call this.
3329 static int __scan_channels(struct ipmi_smi *intf, struct ipmi_device_id *id)
3333 if (ipmi_version_major(id) > 1
3334 || (ipmi_version_major(id) == 1
3335 && ipmi_version_minor(id) >= 5)) {
3339 * Start scanning the channels to see what is
3342 set = !intf->curr_working_cset;
3343 intf->curr_working_cset = set;
3344 memset(&intf->wchannels[set], 0,
3345 sizeof(struct ipmi_channel_set));
3347 intf->null_user_handler = channel_handler;
3348 intf->curr_channel = 0;
3349 rv = send_channel_info_cmd(intf, 0);
3351 dev_warn(intf->si_dev,
3352 "Error sending channel information for channel 0, %d\n",
3354 intf->null_user_handler = NULL;
3358 /* Wait for the channel info to be read. */
3359 wait_event(intf->waitq, intf->channels_ready);
3360 intf->null_user_handler = NULL;
3362 unsigned int set = intf->curr_working_cset;
3364 /* Assume a single IPMB channel at zero. */
3365 intf->wchannels[set].c[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
3366 intf->wchannels[set].c[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
3367 intf->channel_list = intf->wchannels + set;
3368 intf->channels_ready = true;
3374 static void ipmi_poll(struct ipmi_smi *intf)
3376 if (intf->handlers->poll)
3377 intf->handlers->poll(intf->send_info);
3378 /* In case something came in */
3379 handle_new_recv_msgs(intf);
3382 void ipmi_poll_interface(struct ipmi_user *user)
3384 ipmi_poll(user->intf);
3386 EXPORT_SYMBOL(ipmi_poll_interface);
3388 static void redo_bmc_reg(struct work_struct *work)
3390 struct ipmi_smi *intf = container_of(work, struct ipmi_smi,
3393 if (!intf->in_shutdown)
3394 bmc_get_device_id(intf, NULL, NULL, NULL, NULL);
3396 kref_put(&intf->refcount, intf_free);
3399 int ipmi_add_smi(struct module *owner,
3400 const struct ipmi_smi_handlers *handlers,
3402 struct device *si_dev,
3403 unsigned char slave_addr)
3407 struct ipmi_smi *intf, *tintf;
3408 struct list_head *link;
3409 struct ipmi_device_id id;
3412 * Make sure the driver is actually initialized, this handles
3413 * problems with initialization order.
3415 rv = ipmi_init_msghandler();
3419 intf = kzalloc(sizeof(*intf), GFP_KERNEL);
3423 rv = init_srcu_struct(&intf->users_srcu);
3429 intf->owner = owner;
3430 intf->bmc = &intf->tmp_bmc;
3431 INIT_LIST_HEAD(&intf->bmc->intfs);
3432 mutex_init(&intf->bmc->dyn_mutex);
3433 INIT_LIST_HEAD(&intf->bmc_link);
3434 mutex_init(&intf->bmc_reg_mutex);
3435 intf->intf_num = -1; /* Mark it invalid for now. */
3436 kref_init(&intf->refcount);
3437 INIT_WORK(&intf->bmc_reg_work, redo_bmc_reg);
3438 intf->si_dev = si_dev;
3439 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
3440 intf->addrinfo[j].address = IPMI_BMC_SLAVE_ADDR;
3441 intf->addrinfo[j].lun = 2;
3443 if (slave_addr != 0)
3444 intf->addrinfo[0].address = slave_addr;
3445 INIT_LIST_HEAD(&intf->users);
3446 intf->handlers = handlers;
3447 intf->send_info = send_info;
3448 spin_lock_init(&intf->seq_lock);
3449 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
3450 intf->seq_table[j].inuse = 0;
3451 intf->seq_table[j].seqid = 0;
3454 spin_lock_init(&intf->waiting_rcv_msgs_lock);
3455 INIT_LIST_HEAD(&intf->waiting_rcv_msgs);
3456 tasklet_setup(&intf->recv_tasklet,
3458 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 0);
3459 spin_lock_init(&intf->xmit_msgs_lock);
3460 INIT_LIST_HEAD(&intf->xmit_msgs);
3461 INIT_LIST_HEAD(&intf->hp_xmit_msgs);
3462 spin_lock_init(&intf->events_lock);
3463 spin_lock_init(&intf->watch_lock);
3464 atomic_set(&intf->event_waiters, 0);
3465 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
3466 INIT_LIST_HEAD(&intf->waiting_events);
3467 intf->waiting_events_count = 0;
3468 mutex_init(&intf->cmd_rcvrs_mutex);
3469 spin_lock_init(&intf->maintenance_mode_lock);
3470 INIT_LIST_HEAD(&intf->cmd_rcvrs);
3471 init_waitqueue_head(&intf->waitq);
3472 for (i = 0; i < IPMI_NUM_STATS; i++)
3473 atomic_set(&intf->stats[i], 0);
3475 mutex_lock(&ipmi_interfaces_mutex);
3476 /* Look for a hole in the numbers. */
3478 link = &ipmi_interfaces;
3479 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link,
3480 ipmi_interfaces_mutex_held()) {
3481 if (tintf->intf_num != i) {
3482 link = &tintf->link;
3487 /* Add the new interface in numeric order. */
3489 list_add_rcu(&intf->link, &ipmi_interfaces);
3491 list_add_tail_rcu(&intf->link, link);
3493 rv = handlers->start_processing(send_info, intf);
3497 rv = __bmc_get_device_id(intf, NULL, &id, NULL, NULL, i);
3499 dev_err(si_dev, "Unable to get the device id: %d\n", rv);
3500 goto out_err_started;
3503 mutex_lock(&intf->bmc_reg_mutex);
3504 rv = __scan_channels(intf, &id);
3505 mutex_unlock(&intf->bmc_reg_mutex);
3507 goto out_err_bmc_reg;
3510 * Keep memory order straight for RCU readers. Make
3511 * sure everything else is committed to memory before
3512 * setting intf_num to mark the interface valid.
3516 mutex_unlock(&ipmi_interfaces_mutex);
3518 /* After this point the interface is legal to use. */
3519 call_smi_watchers(i, intf->si_dev);
3524 ipmi_bmc_unregister(intf);
3526 if (intf->handlers->shutdown)
3527 intf->handlers->shutdown(intf->send_info);
3529 list_del_rcu(&intf->link);
3530 mutex_unlock(&ipmi_interfaces_mutex);
3531 synchronize_srcu(&ipmi_interfaces_srcu);
3532 cleanup_srcu_struct(&intf->users_srcu);
3533 kref_put(&intf->refcount, intf_free);
3537 EXPORT_SYMBOL(ipmi_add_smi);
3539 static void deliver_smi_err_response(struct ipmi_smi *intf,
3540 struct ipmi_smi_msg *msg,
3543 msg->rsp[0] = msg->data[0] | 4;
3544 msg->rsp[1] = msg->data[1];
3547 /* It's an error, so it will never requeue, no need to check return. */
3548 handle_one_recv_msg(intf, msg);
3551 static void cleanup_smi_msgs(struct ipmi_smi *intf)
3554 struct seq_table *ent;
3555 struct ipmi_smi_msg *msg;
3556 struct list_head *entry;
3557 struct list_head tmplist;
3559 /* Clear out our transmit queues and hold the messages. */
3560 INIT_LIST_HEAD(&tmplist);
3561 list_splice_tail(&intf->hp_xmit_msgs, &tmplist);
3562 list_splice_tail(&intf->xmit_msgs, &tmplist);
3564 /* Current message first, to preserve order */
3565 while (intf->curr_msg && !list_empty(&intf->waiting_rcv_msgs)) {
3566 /* Wait for the message to clear out. */
3567 schedule_timeout(1);
3570 /* No need for locks, the interface is down. */
3573 * Return errors for all pending messages in queue and in the
3574 * tables waiting for remote responses.
3576 while (!list_empty(&tmplist)) {
3577 entry = tmplist.next;
3579 msg = list_entry(entry, struct ipmi_smi_msg, link);
3580 deliver_smi_err_response(intf, msg, IPMI_ERR_UNSPECIFIED);
3583 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
3584 ent = &intf->seq_table[i];
3587 deliver_err_response(intf, ent->recv_msg, IPMI_ERR_UNSPECIFIED);
3591 void ipmi_unregister_smi(struct ipmi_smi *intf)
3593 struct ipmi_smi_watcher *w;
3594 int intf_num = intf->intf_num, index;
3596 mutex_lock(&ipmi_interfaces_mutex);
3597 intf->intf_num = -1;
3598 intf->in_shutdown = true;
3599 list_del_rcu(&intf->link);
3600 mutex_unlock(&ipmi_interfaces_mutex);
3601 synchronize_srcu(&ipmi_interfaces_srcu);
3603 /* At this point no users can be added to the interface. */
3606 * Call all the watcher interfaces to tell them that
3607 * an interface is going away.
3609 mutex_lock(&smi_watchers_mutex);
3610 list_for_each_entry(w, &smi_watchers, link)
3611 w->smi_gone(intf_num);
3612 mutex_unlock(&smi_watchers_mutex);
3614 index = srcu_read_lock(&intf->users_srcu);
3615 while (!list_empty(&intf->users)) {
3616 struct ipmi_user *user =
3617 container_of(list_next_rcu(&intf->users),
3618 struct ipmi_user, link);
3620 _ipmi_destroy_user(user);
3622 srcu_read_unlock(&intf->users_srcu, index);
3624 if (intf->handlers->shutdown)
3625 intf->handlers->shutdown(intf->send_info);
3627 cleanup_smi_msgs(intf);
3629 ipmi_bmc_unregister(intf);
3631 cleanup_srcu_struct(&intf->users_srcu);
3632 kref_put(&intf->refcount, intf_free);
3634 EXPORT_SYMBOL(ipmi_unregister_smi);
3636 static int handle_ipmb_get_msg_rsp(struct ipmi_smi *intf,
3637 struct ipmi_smi_msg *msg)
3639 struct ipmi_ipmb_addr ipmb_addr;
3640 struct ipmi_recv_msg *recv_msg;
3643 * This is 11, not 10, because the response must contain a
3646 if (msg->rsp_size < 11) {
3647 /* Message not big enough, just ignore it. */
3648 ipmi_inc_stat(intf, invalid_ipmb_responses);
3652 if (msg->rsp[2] != 0) {
3653 /* An error getting the response, just ignore it. */
3657 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
3658 ipmb_addr.slave_addr = msg->rsp[6];
3659 ipmb_addr.channel = msg->rsp[3] & 0x0f;
3660 ipmb_addr.lun = msg->rsp[7] & 3;
3663 * It's a response from a remote entity. Look up the sequence
3664 * number and handle the response.
3666 if (intf_find_seq(intf,
3670 (msg->rsp[4] >> 2) & (~1),
3671 (struct ipmi_addr *) &ipmb_addr,
3674 * We were unable to find the sequence number,
3675 * so just nuke the message.
3677 ipmi_inc_stat(intf, unhandled_ipmb_responses);
3681 memcpy(recv_msg->msg_data, &msg->rsp[9], msg->rsp_size - 9);
3683 * The other fields matched, so no need to set them, except
3684 * for netfn, which needs to be the response that was
3685 * returned, not the request value.
3687 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3688 recv_msg->msg.data = recv_msg->msg_data;
3689 recv_msg->msg.data_len = msg->rsp_size - 10;
3690 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3691 if (deliver_response(intf, recv_msg))
3692 ipmi_inc_stat(intf, unhandled_ipmb_responses);
3694 ipmi_inc_stat(intf, handled_ipmb_responses);
3699 static int handle_ipmb_get_msg_cmd(struct ipmi_smi *intf,
3700 struct ipmi_smi_msg *msg)
3702 struct cmd_rcvr *rcvr;
3704 unsigned char netfn;
3707 struct ipmi_user *user = NULL;
3708 struct ipmi_ipmb_addr *ipmb_addr;
3709 struct ipmi_recv_msg *recv_msg;
3711 if (msg->rsp_size < 10) {
3712 /* Message not big enough, just ignore it. */
3713 ipmi_inc_stat(intf, invalid_commands);
3717 if (msg->rsp[2] != 0) {
3718 /* An error getting the response, just ignore it. */
3722 netfn = msg->rsp[4] >> 2;
3724 chan = msg->rsp[3] & 0xf;
3727 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3730 kref_get(&user->refcount);
3736 /* We didn't find a user, deliver an error response. */
3737 ipmi_inc_stat(intf, unhandled_commands);
3739 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
3740 msg->data[1] = IPMI_SEND_MSG_CMD;
3741 msg->data[2] = msg->rsp[3];
3742 msg->data[3] = msg->rsp[6];
3743 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
3744 msg->data[5] = ipmb_checksum(&msg->data[3], 2);
3745 msg->data[6] = intf->addrinfo[msg->rsp[3] & 0xf].address;
3747 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
3748 msg->data[8] = msg->rsp[8]; /* cmd */
3749 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
3750 msg->data[10] = ipmb_checksum(&msg->data[6], 4);
3751 msg->data_size = 11;
3753 pr_debug("Invalid command: %*ph\n", msg->data_size, msg->data);
3756 if (!intf->in_shutdown) {
3757 smi_send(intf, intf->handlers, msg, 0);
3759 * We used the message, so return the value
3760 * that causes it to not be freed or
3767 recv_msg = ipmi_alloc_recv_msg();
3770 * We couldn't allocate memory for the
3771 * message, so requeue it for handling
3775 kref_put(&user->refcount, free_user);
3777 /* Extract the source address from the data. */
3778 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
3779 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
3780 ipmb_addr->slave_addr = msg->rsp[6];
3781 ipmb_addr->lun = msg->rsp[7] & 3;
3782 ipmb_addr->channel = msg->rsp[3] & 0xf;
3785 * Extract the rest of the message information
3786 * from the IPMB header.
3788 recv_msg->user = user;
3789 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3790 recv_msg->msgid = msg->rsp[7] >> 2;
3791 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3792 recv_msg->msg.cmd = msg->rsp[8];
3793 recv_msg->msg.data = recv_msg->msg_data;
3796 * We chop off 10, not 9 bytes because the checksum
3797 * at the end also needs to be removed.
3799 recv_msg->msg.data_len = msg->rsp_size - 10;
3800 memcpy(recv_msg->msg_data, &msg->rsp[9],
3801 msg->rsp_size - 10);
3802 if (deliver_response(intf, recv_msg))
3803 ipmi_inc_stat(intf, unhandled_commands);
3805 ipmi_inc_stat(intf, handled_commands);
3812 static int handle_lan_get_msg_rsp(struct ipmi_smi *intf,
3813 struct ipmi_smi_msg *msg)
3815 struct ipmi_lan_addr lan_addr;
3816 struct ipmi_recv_msg *recv_msg;
3820 * This is 13, not 12, because the response must contain a
3823 if (msg->rsp_size < 13) {
3824 /* Message not big enough, just ignore it. */
3825 ipmi_inc_stat(intf, invalid_lan_responses);
3829 if (msg->rsp[2] != 0) {
3830 /* An error getting the response, just ignore it. */
3834 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
3835 lan_addr.session_handle = msg->rsp[4];
3836 lan_addr.remote_SWID = msg->rsp[8];
3837 lan_addr.local_SWID = msg->rsp[5];
3838 lan_addr.channel = msg->rsp[3] & 0x0f;
3839 lan_addr.privilege = msg->rsp[3] >> 4;
3840 lan_addr.lun = msg->rsp[9] & 3;
3843 * It's a response from a remote entity. Look up the sequence
3844 * number and handle the response.
3846 if (intf_find_seq(intf,
3850 (msg->rsp[6] >> 2) & (~1),
3851 (struct ipmi_addr *) &lan_addr,
3854 * We were unable to find the sequence number,
3855 * so just nuke the message.
3857 ipmi_inc_stat(intf, unhandled_lan_responses);
3861 memcpy(recv_msg->msg_data, &msg->rsp[11], msg->rsp_size - 11);
3863 * The other fields matched, so no need to set them, except
3864 * for netfn, which needs to be the response that was
3865 * returned, not the request value.
3867 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3868 recv_msg->msg.data = recv_msg->msg_data;
3869 recv_msg->msg.data_len = msg->rsp_size - 12;
3870 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3871 if (deliver_response(intf, recv_msg))
3872 ipmi_inc_stat(intf, unhandled_lan_responses);
3874 ipmi_inc_stat(intf, handled_lan_responses);
3879 static int handle_lan_get_msg_cmd(struct ipmi_smi *intf,
3880 struct ipmi_smi_msg *msg)
3882 struct cmd_rcvr *rcvr;
3884 unsigned char netfn;
3887 struct ipmi_user *user = NULL;
3888 struct ipmi_lan_addr *lan_addr;
3889 struct ipmi_recv_msg *recv_msg;
3891 if (msg->rsp_size < 12) {
3892 /* Message not big enough, just ignore it. */
3893 ipmi_inc_stat(intf, invalid_commands);
3897 if (msg->rsp[2] != 0) {
3898 /* An error getting the response, just ignore it. */
3902 netfn = msg->rsp[6] >> 2;
3904 chan = msg->rsp[3] & 0xf;
3907 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3910 kref_get(&user->refcount);
3916 /* We didn't find a user, just give up. */
3917 ipmi_inc_stat(intf, unhandled_commands);
3920 * Don't do anything with these messages, just allow
3925 recv_msg = ipmi_alloc_recv_msg();
3928 * We couldn't allocate memory for the
3929 * message, so requeue it for handling later.
3932 kref_put(&user->refcount, free_user);
3934 /* Extract the source address from the data. */
3935 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
3936 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
3937 lan_addr->session_handle = msg->rsp[4];
3938 lan_addr->remote_SWID = msg->rsp[8];
3939 lan_addr->local_SWID = msg->rsp[5];
3940 lan_addr->lun = msg->rsp[9] & 3;
3941 lan_addr->channel = msg->rsp[3] & 0xf;
3942 lan_addr->privilege = msg->rsp[3] >> 4;
3945 * Extract the rest of the message information
3946 * from the IPMB header.
3948 recv_msg->user = user;
3949 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3950 recv_msg->msgid = msg->rsp[9] >> 2;
3951 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3952 recv_msg->msg.cmd = msg->rsp[10];
3953 recv_msg->msg.data = recv_msg->msg_data;
3956 * We chop off 12, not 11 bytes because the checksum
3957 * at the end also needs to be removed.
3959 recv_msg->msg.data_len = msg->rsp_size - 12;
3960 memcpy(recv_msg->msg_data, &msg->rsp[11],
3961 msg->rsp_size - 12);
3962 if (deliver_response(intf, recv_msg))
3963 ipmi_inc_stat(intf, unhandled_commands);
3965 ipmi_inc_stat(intf, handled_commands);
3973 * This routine will handle "Get Message" command responses with
3974 * channels that use an OEM Medium. The message format belongs to
3975 * the OEM. See IPMI 2.0 specification, Chapter 6 and
3976 * Chapter 22, sections 22.6 and 22.24 for more details.
3978 static int handle_oem_get_msg_cmd(struct ipmi_smi *intf,
3979 struct ipmi_smi_msg *msg)
3981 struct cmd_rcvr *rcvr;
3983 unsigned char netfn;
3986 struct ipmi_user *user = NULL;
3987 struct ipmi_system_interface_addr *smi_addr;
3988 struct ipmi_recv_msg *recv_msg;
3991 * We expect the OEM SW to perform error checking
3992 * so we just do some basic sanity checks
3994 if (msg->rsp_size < 4) {
3995 /* Message not big enough, just ignore it. */
3996 ipmi_inc_stat(intf, invalid_commands);
4000 if (msg->rsp[2] != 0) {
4001 /* An error getting the response, just ignore it. */
4006 * This is an OEM Message so the OEM needs to know how
4007 * handle the message. We do no interpretation.
4009 netfn = msg->rsp[0] >> 2;
4011 chan = msg->rsp[3] & 0xf;
4014 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
4017 kref_get(&user->refcount);
4023 /* We didn't find a user, just give up. */
4024 ipmi_inc_stat(intf, unhandled_commands);
4027 * Don't do anything with these messages, just allow
4033 recv_msg = ipmi_alloc_recv_msg();
4036 * We couldn't allocate memory for the
4037 * message, so requeue it for handling
4041 kref_put(&user->refcount, free_user);
4044 * OEM Messages are expected to be delivered via
4045 * the system interface to SMS software. We might
4046 * need to visit this again depending on OEM
4049 smi_addr = ((struct ipmi_system_interface_addr *)
4051 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4052 smi_addr->channel = IPMI_BMC_CHANNEL;
4053 smi_addr->lun = msg->rsp[0] & 3;
4055 recv_msg->user = user;
4056 recv_msg->user_msg_data = NULL;
4057 recv_msg->recv_type = IPMI_OEM_RECV_TYPE;
4058 recv_msg->msg.netfn = msg->rsp[0] >> 2;
4059 recv_msg->msg.cmd = msg->rsp[1];
4060 recv_msg->msg.data = recv_msg->msg_data;
4063 * The message starts at byte 4 which follows the
4064 * the Channel Byte in the "GET MESSAGE" command
4066 recv_msg->msg.data_len = msg->rsp_size - 4;
4067 memcpy(recv_msg->msg_data, &msg->rsp[4],
4069 if (deliver_response(intf, recv_msg))
4070 ipmi_inc_stat(intf, unhandled_commands);
4072 ipmi_inc_stat(intf, handled_commands);
4079 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
4080 struct ipmi_smi_msg *msg)
4082 struct ipmi_system_interface_addr *smi_addr;
4084 recv_msg->msgid = 0;
4085 smi_addr = (struct ipmi_system_interface_addr *) &recv_msg->addr;
4086 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4087 smi_addr->channel = IPMI_BMC_CHANNEL;
4088 smi_addr->lun = msg->rsp[0] & 3;
4089 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
4090 recv_msg->msg.netfn = msg->rsp[0] >> 2;
4091 recv_msg->msg.cmd = msg->rsp[1];
4092 memcpy(recv_msg->msg_data, &msg->rsp[3], msg->rsp_size - 3);
4093 recv_msg->msg.data = recv_msg->msg_data;
4094 recv_msg->msg.data_len = msg->rsp_size - 3;
4097 static int handle_read_event_rsp(struct ipmi_smi *intf,
4098 struct ipmi_smi_msg *msg)
4100 struct ipmi_recv_msg *recv_msg, *recv_msg2;
4101 struct list_head msgs;
4102 struct ipmi_user *user;
4103 int rv = 0, deliver_count = 0, index;
4104 unsigned long flags;
4106 if (msg->rsp_size < 19) {
4107 /* Message is too small to be an IPMB event. */
4108 ipmi_inc_stat(intf, invalid_events);
4112 if (msg->rsp[2] != 0) {
4113 /* An error getting the event, just ignore it. */
4117 INIT_LIST_HEAD(&msgs);
4119 spin_lock_irqsave(&intf->events_lock, flags);
4121 ipmi_inc_stat(intf, events);
4124 * Allocate and fill in one message for every user that is
4127 index = srcu_read_lock(&intf->users_srcu);
4128 list_for_each_entry_rcu(user, &intf->users, link) {
4129 if (!user->gets_events)
4132 recv_msg = ipmi_alloc_recv_msg();
4135 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs,
4137 list_del(&recv_msg->link);
4138 ipmi_free_recv_msg(recv_msg);
4141 * We couldn't allocate memory for the
4142 * message, so requeue it for handling
4151 copy_event_into_recv_msg(recv_msg, msg);
4152 recv_msg->user = user;
4153 kref_get(&user->refcount);
4154 list_add_tail(&recv_msg->link, &msgs);
4156 srcu_read_unlock(&intf->users_srcu, index);
4158 if (deliver_count) {
4159 /* Now deliver all the messages. */
4160 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
4161 list_del(&recv_msg->link);
4162 deliver_local_response(intf, recv_msg);
4164 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
4166 * No one to receive the message, put it in queue if there's
4167 * not already too many things in the queue.
4169 recv_msg = ipmi_alloc_recv_msg();
4172 * We couldn't allocate memory for the
4173 * message, so requeue it for handling
4180 copy_event_into_recv_msg(recv_msg, msg);
4181 list_add_tail(&recv_msg->link, &intf->waiting_events);
4182 intf->waiting_events_count++;
4183 } else if (!intf->event_msg_printed) {
4185 * There's too many things in the queue, discard this
4188 dev_warn(intf->si_dev,
4189 "Event queue full, discarding incoming events\n");
4190 intf->event_msg_printed = 1;
4194 spin_unlock_irqrestore(&intf->events_lock, flags);
4199 static int handle_bmc_rsp(struct ipmi_smi *intf,
4200 struct ipmi_smi_msg *msg)
4202 struct ipmi_recv_msg *recv_msg;
4203 struct ipmi_system_interface_addr *smi_addr;
4205 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
4206 if (recv_msg == NULL) {
4207 dev_warn(intf->si_dev,
4208 "IPMI message received with no owner. This could be because of a malformed message, or because of a hardware error. Contact your hardware vendor for assistance.\n");
4212 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
4213 recv_msg->msgid = msg->msgid;
4214 smi_addr = ((struct ipmi_system_interface_addr *)
4216 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4217 smi_addr->channel = IPMI_BMC_CHANNEL;
4218 smi_addr->lun = msg->rsp[0] & 3;
4219 recv_msg->msg.netfn = msg->rsp[0] >> 2;
4220 recv_msg->msg.cmd = msg->rsp[1];
4221 memcpy(recv_msg->msg_data, &msg->rsp[2], msg->rsp_size - 2);
4222 recv_msg->msg.data = recv_msg->msg_data;
4223 recv_msg->msg.data_len = msg->rsp_size - 2;
4224 deliver_local_response(intf, recv_msg);
4230 * Handle a received message. Return 1 if the message should be requeued,
4231 * 0 if the message should be freed, or -1 if the message should not
4232 * be freed or requeued.
4234 static int handle_one_recv_msg(struct ipmi_smi *intf,
4235 struct ipmi_smi_msg *msg)
4240 pr_debug("Recv: %*ph\n", msg->rsp_size, msg->rsp);
4242 if ((msg->data_size >= 2)
4243 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
4244 && (msg->data[1] == IPMI_SEND_MSG_CMD)
4245 && (msg->user_data == NULL)) {
4247 if (intf->in_shutdown)
4251 * This is the local response to a command send, start
4252 * the timer for these. The user_data will not be
4253 * NULL if this is a response send, and we will let
4254 * response sends just go through.
4258 * Check for errors, if we get certain errors (ones
4259 * that mean basically we can try again later), we
4260 * ignore them and start the timer. Otherwise we
4261 * report the error immediately.
4263 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
4264 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
4265 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR)
4266 && (msg->rsp[2] != IPMI_BUS_ERR)
4267 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) {
4268 int ch = msg->rsp[3] & 0xf;
4269 struct ipmi_channel *chans;
4271 /* Got an error sending the message, handle it. */
4273 chans = READ_ONCE(intf->channel_list)->c;
4274 if ((chans[ch].medium == IPMI_CHANNEL_MEDIUM_8023LAN)
4275 || (chans[ch].medium == IPMI_CHANNEL_MEDIUM_ASYNC))
4276 ipmi_inc_stat(intf, sent_lan_command_errs);
4278 ipmi_inc_stat(intf, sent_ipmb_command_errs);
4279 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
4281 /* The message was sent, start the timer. */
4282 intf_start_seq_timer(intf, msg->msgid);
4287 } else if (msg->rsp_size < 2) {
4288 /* Message is too small to be correct. */
4289 dev_warn(intf->si_dev,
4290 "BMC returned too small a message for netfn %x cmd %x, got %d bytes\n",
4291 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
4293 /* Generate an error response for the message. */
4294 msg->rsp[0] = msg->data[0] | (1 << 2);
4295 msg->rsp[1] = msg->data[1];
4296 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
4298 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))
4299 || (msg->rsp[1] != msg->data[1])) {
4301 * The NetFN and Command in the response is not even
4302 * marginally correct.
4304 dev_warn(intf->si_dev,
4305 "BMC returned incorrect response, expected netfn %x cmd %x, got netfn %x cmd %x\n",
4306 (msg->data[0] >> 2) | 1, msg->data[1],
4307 msg->rsp[0] >> 2, msg->rsp[1]);
4309 /* Generate an error response for the message. */
4310 msg->rsp[0] = msg->data[0] | (1 << 2);
4311 msg->rsp[1] = msg->data[1];
4312 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
4316 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
4317 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
4318 && (msg->user_data != NULL)) {
4320 * It's a response to a response we sent. For this we
4321 * deliver a send message response to the user.
4323 struct ipmi_recv_msg *recv_msg = msg->user_data;
4326 if (msg->rsp_size < 2)
4327 /* Message is too small to be correct. */
4330 chan = msg->data[2] & 0x0f;
4331 if (chan >= IPMI_MAX_CHANNELS)
4332 /* Invalid channel number */
4338 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
4339 recv_msg->msg.data = recv_msg->msg_data;
4340 recv_msg->msg.data_len = 1;
4341 recv_msg->msg_data[0] = msg->rsp[2];
4342 deliver_local_response(intf, recv_msg);
4343 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
4344 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) {
4345 struct ipmi_channel *chans;
4347 /* It's from the receive queue. */
4348 chan = msg->rsp[3] & 0xf;
4349 if (chan >= IPMI_MAX_CHANNELS) {
4350 /* Invalid channel number */
4356 * We need to make sure the channels have been initialized.
4357 * The channel_handler routine will set the "curr_channel"
4358 * equal to or greater than IPMI_MAX_CHANNELS when all the
4359 * channels for this interface have been initialized.
4361 if (!intf->channels_ready) {
4362 requeue = 0; /* Throw the message away */
4366 chans = READ_ONCE(intf->channel_list)->c;
4368 switch (chans[chan].medium) {
4369 case IPMI_CHANNEL_MEDIUM_IPMB:
4370 if (msg->rsp[4] & 0x04) {
4372 * It's a response, so find the
4373 * requesting message and send it up.
4375 requeue = handle_ipmb_get_msg_rsp(intf, msg);
4378 * It's a command to the SMS from some other
4379 * entity. Handle that.
4381 requeue = handle_ipmb_get_msg_cmd(intf, msg);
4385 case IPMI_CHANNEL_MEDIUM_8023LAN:
4386 case IPMI_CHANNEL_MEDIUM_ASYNC:
4387 if (msg->rsp[6] & 0x04) {
4389 * It's a response, so find the
4390 * requesting message and send it up.
4392 requeue = handle_lan_get_msg_rsp(intf, msg);
4395 * It's a command to the SMS from some other
4396 * entity. Handle that.
4398 requeue = handle_lan_get_msg_cmd(intf, msg);
4403 /* Check for OEM Channels. Clients had better
4404 register for these commands. */
4405 if ((chans[chan].medium >= IPMI_CHANNEL_MEDIUM_OEM_MIN)
4406 && (chans[chan].medium
4407 <= IPMI_CHANNEL_MEDIUM_OEM_MAX)) {
4408 requeue = handle_oem_get_msg_cmd(intf, msg);
4411 * We don't handle the channel type, so just
4418 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
4419 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) {
4420 /* It's an asynchronous event. */
4421 requeue = handle_read_event_rsp(intf, msg);
4423 /* It's a response from the local BMC. */
4424 requeue = handle_bmc_rsp(intf, msg);
4432 * If there are messages in the queue or pretimeouts, handle them.
4434 static void handle_new_recv_msgs(struct ipmi_smi *intf)
4436 struct ipmi_smi_msg *smi_msg;
4437 unsigned long flags = 0;
4439 int run_to_completion = intf->run_to_completion;
4441 /* See if any waiting messages need to be processed. */
4442 if (!run_to_completion)
4443 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
4444 while (!list_empty(&intf->waiting_rcv_msgs)) {
4445 smi_msg = list_entry(intf->waiting_rcv_msgs.next,
4446 struct ipmi_smi_msg, link);
4447 list_del(&smi_msg->link);
4448 if (!run_to_completion)
4449 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock,
4451 rv = handle_one_recv_msg(intf, smi_msg);
4452 if (!run_to_completion)
4453 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
4456 * To preserve message order, quit if we
4457 * can't handle a message. Add the message
4458 * back at the head, this is safe because this
4459 * tasklet is the only thing that pulls the
4462 list_add(&smi_msg->link, &intf->waiting_rcv_msgs);
4466 /* Message handled */
4467 ipmi_free_smi_msg(smi_msg);
4468 /* If rv < 0, fatal error, del but don't free. */
4471 if (!run_to_completion)
4472 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock, flags);
4475 * If the pretimout count is non-zero, decrement one from it and
4476 * deliver pretimeouts to all the users.
4478 if (atomic_add_unless(&intf->watchdog_pretimeouts_to_deliver, -1, 0)) {
4479 struct ipmi_user *user;
4482 index = srcu_read_lock(&intf->users_srcu);
4483 list_for_each_entry_rcu(user, &intf->users, link) {
4484 if (user->handler->ipmi_watchdog_pretimeout)
4485 user->handler->ipmi_watchdog_pretimeout(
4486 user->handler_data);
4488 srcu_read_unlock(&intf->users_srcu, index);
4492 static void smi_recv_tasklet(struct tasklet_struct *t)
4494 unsigned long flags = 0; /* keep us warning-free. */
4495 struct ipmi_smi *intf = from_tasklet(intf, t, recv_tasklet);
4496 int run_to_completion = intf->run_to_completion;
4497 struct ipmi_smi_msg *newmsg = NULL;
4500 * Start the next message if available.
4502 * Do this here, not in the actual receiver, because we may deadlock
4503 * because the lower layer is allowed to hold locks while calling
4509 if (!run_to_completion)
4510 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
4511 if (intf->curr_msg == NULL && !intf->in_shutdown) {
4512 struct list_head *entry = NULL;
4514 /* Pick the high priority queue first. */
4515 if (!list_empty(&intf->hp_xmit_msgs))
4516 entry = intf->hp_xmit_msgs.next;
4517 else if (!list_empty(&intf->xmit_msgs))
4518 entry = intf->xmit_msgs.next;
4522 newmsg = list_entry(entry, struct ipmi_smi_msg, link);
4523 intf->curr_msg = newmsg;
4527 if (!run_to_completion)
4528 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
4530 intf->handlers->sender(intf->send_info, newmsg);
4534 handle_new_recv_msgs(intf);
4537 /* Handle a new message from the lower layer. */
4538 void ipmi_smi_msg_received(struct ipmi_smi *intf,
4539 struct ipmi_smi_msg *msg)
4541 unsigned long flags = 0; /* keep us warning-free. */
4542 int run_to_completion = intf->run_to_completion;
4545 * To preserve message order, we keep a queue and deliver from
4548 if (!run_to_completion)
4549 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
4550 list_add_tail(&msg->link, &intf->waiting_rcv_msgs);
4551 if (!run_to_completion)
4552 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock,
4555 if (!run_to_completion)
4556 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
4558 * We can get an asynchronous event or receive message in addition
4559 * to commands we send.
4561 if (msg == intf->curr_msg)
4562 intf->curr_msg = NULL;
4563 if (!run_to_completion)
4564 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
4566 if (run_to_completion)
4567 smi_recv_tasklet(&intf->recv_tasklet);
4569 tasklet_schedule(&intf->recv_tasklet);
4571 EXPORT_SYMBOL(ipmi_smi_msg_received);
4573 void ipmi_smi_watchdog_pretimeout(struct ipmi_smi *intf)
4575 if (intf->in_shutdown)
4578 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 1);
4579 tasklet_schedule(&intf->recv_tasklet);
4581 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
4583 static struct ipmi_smi_msg *
4584 smi_from_recv_msg(struct ipmi_smi *intf, struct ipmi_recv_msg *recv_msg,
4585 unsigned char seq, long seqid)
4587 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
4590 * If we can't allocate the message, then just return, we
4591 * get 4 retries, so this should be ok.
4595 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
4596 smi_msg->data_size = recv_msg->msg.data_len;
4597 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
4599 pr_debug("Resend: %*ph\n", smi_msg->data_size, smi_msg->data);
4604 static void check_msg_timeout(struct ipmi_smi *intf, struct seq_table *ent,
4605 struct list_head *timeouts,
4606 unsigned long timeout_period,
4607 int slot, unsigned long *flags,
4610 struct ipmi_recv_msg *msg;
4612 if (intf->in_shutdown)
4618 if (timeout_period < ent->timeout) {
4619 ent->timeout -= timeout_period;
4624 if (ent->retries_left == 0) {
4625 /* The message has used all its retries. */
4627 smi_remove_watch(intf, IPMI_WATCH_MASK_CHECK_MESSAGES);
4628 msg = ent->recv_msg;
4629 list_add_tail(&msg->link, timeouts);
4631 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts);
4632 else if (is_lan_addr(&ent->recv_msg->addr))
4633 ipmi_inc_stat(intf, timed_out_lan_commands);
4635 ipmi_inc_stat(intf, timed_out_ipmb_commands);
4637 struct ipmi_smi_msg *smi_msg;
4638 /* More retries, send again. */
4643 * Start with the max timer, set to normal timer after
4644 * the message is sent.
4646 ent->timeout = MAX_MSG_TIMEOUT;
4647 ent->retries_left--;
4648 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
4651 if (is_lan_addr(&ent->recv_msg->addr))
4653 dropped_rexmit_lan_commands);
4656 dropped_rexmit_ipmb_commands);
4660 spin_unlock_irqrestore(&intf->seq_lock, *flags);
4663 * Send the new message. We send with a zero
4664 * priority. It timed out, I doubt time is that
4665 * critical now, and high priority messages are really
4666 * only for messages to the local MC, which don't get
4669 if (intf->handlers) {
4670 if (is_lan_addr(&ent->recv_msg->addr))
4672 retransmitted_lan_commands);
4675 retransmitted_ipmb_commands);
4677 smi_send(intf, intf->handlers, smi_msg, 0);
4679 ipmi_free_smi_msg(smi_msg);
4681 spin_lock_irqsave(&intf->seq_lock, *flags);
4685 static bool ipmi_timeout_handler(struct ipmi_smi *intf,
4686 unsigned long timeout_period)
4688 struct list_head timeouts;
4689 struct ipmi_recv_msg *msg, *msg2;
4690 unsigned long flags;
4692 bool need_timer = false;
4694 if (!intf->bmc_registered) {
4695 kref_get(&intf->refcount);
4696 if (!schedule_work(&intf->bmc_reg_work)) {
4697 kref_put(&intf->refcount, intf_free);
4703 * Go through the seq table and find any messages that
4704 * have timed out, putting them in the timeouts
4707 INIT_LIST_HEAD(&timeouts);
4708 spin_lock_irqsave(&intf->seq_lock, flags);
4709 if (intf->ipmb_maintenance_mode_timeout) {
4710 if (intf->ipmb_maintenance_mode_timeout <= timeout_period)
4711 intf->ipmb_maintenance_mode_timeout = 0;
4713 intf->ipmb_maintenance_mode_timeout -= timeout_period;
4715 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++)
4716 check_msg_timeout(intf, &intf->seq_table[i],
4717 &timeouts, timeout_period, i,
4718 &flags, &need_timer);
4719 spin_unlock_irqrestore(&intf->seq_lock, flags);
4721 list_for_each_entry_safe(msg, msg2, &timeouts, link)
4722 deliver_err_response(intf, msg, IPMI_TIMEOUT_COMPLETION_CODE);
4725 * Maintenance mode handling. Check the timeout
4726 * optimistically before we claim the lock. It may
4727 * mean a timeout gets missed occasionally, but that
4728 * only means the timeout gets extended by one period
4729 * in that case. No big deal, and it avoids the lock
4732 if (intf->auto_maintenance_timeout > 0) {
4733 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
4734 if (intf->auto_maintenance_timeout > 0) {
4735 intf->auto_maintenance_timeout
4737 if (!intf->maintenance_mode
4738 && (intf->auto_maintenance_timeout <= 0)) {
4739 intf->maintenance_mode_enable = false;
4740 maintenance_mode_update(intf);
4743 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
4747 tasklet_schedule(&intf->recv_tasklet);
4752 static void ipmi_request_event(struct ipmi_smi *intf)
4754 /* No event requests when in maintenance mode. */
4755 if (intf->maintenance_mode_enable)
4758 if (!intf->in_shutdown)
4759 intf->handlers->request_events(intf->send_info);
4762 static struct timer_list ipmi_timer;
4764 static atomic_t stop_operation;
4766 static void ipmi_timeout(struct timer_list *unused)
4768 struct ipmi_smi *intf;
4769 bool need_timer = false;
4772 if (atomic_read(&stop_operation))
4775 index = srcu_read_lock(&ipmi_interfaces_srcu);
4776 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
4777 if (atomic_read(&intf->event_waiters)) {
4778 intf->ticks_to_req_ev--;
4779 if (intf->ticks_to_req_ev == 0) {
4780 ipmi_request_event(intf);
4781 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
4786 need_timer |= ipmi_timeout_handler(intf, IPMI_TIMEOUT_TIME);
4788 srcu_read_unlock(&ipmi_interfaces_srcu, index);
4791 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
4794 static void need_waiter(struct ipmi_smi *intf)
4796 /* Racy, but worst case we start the timer twice. */
4797 if (!timer_pending(&ipmi_timer))
4798 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
4801 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
4802 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
4804 static void free_smi_msg(struct ipmi_smi_msg *msg)
4806 atomic_dec(&smi_msg_inuse_count);
4807 /* Try to keep as much stuff out of the panic path as possible. */
4808 if (!oops_in_progress)
4812 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
4814 struct ipmi_smi_msg *rv;
4815 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
4817 rv->done = free_smi_msg;
4818 rv->user_data = NULL;
4819 atomic_inc(&smi_msg_inuse_count);
4823 EXPORT_SYMBOL(ipmi_alloc_smi_msg);
4825 static void free_recv_msg(struct ipmi_recv_msg *msg)
4827 atomic_dec(&recv_msg_inuse_count);
4828 /* Try to keep as much stuff out of the panic path as possible. */
4829 if (!oops_in_progress)
4833 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
4835 struct ipmi_recv_msg *rv;
4837 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
4840 rv->done = free_recv_msg;
4841 atomic_inc(&recv_msg_inuse_count);
4846 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
4848 if (msg->user && !oops_in_progress)
4849 kref_put(&msg->user->refcount, free_user);
4852 EXPORT_SYMBOL(ipmi_free_recv_msg);
4854 static atomic_t panic_done_count = ATOMIC_INIT(0);
4856 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
4858 atomic_dec(&panic_done_count);
4861 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
4863 atomic_dec(&panic_done_count);
4867 * Inside a panic, send a message and wait for a response.
4869 static void ipmi_panic_request_and_wait(struct ipmi_smi *intf,
4870 struct ipmi_addr *addr,
4871 struct kernel_ipmi_msg *msg)
4873 struct ipmi_smi_msg smi_msg;
4874 struct ipmi_recv_msg recv_msg;
4877 smi_msg.done = dummy_smi_done_handler;
4878 recv_msg.done = dummy_recv_done_handler;
4879 atomic_add(2, &panic_done_count);
4880 rv = i_ipmi_request(NULL,
4889 intf->addrinfo[0].address,
4890 intf->addrinfo[0].lun,
4891 0, 1); /* Don't retry, and don't wait. */
4893 atomic_sub(2, &panic_done_count);
4894 else if (intf->handlers->flush_messages)
4895 intf->handlers->flush_messages(intf->send_info);
4897 while (atomic_read(&panic_done_count) != 0)
4901 static void event_receiver_fetcher(struct ipmi_smi *intf,
4902 struct ipmi_recv_msg *msg)
4904 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4905 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
4906 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
4907 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
4908 /* A get event receiver command, save it. */
4909 intf->event_receiver = msg->msg.data[1];
4910 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
4914 static void device_id_fetcher(struct ipmi_smi *intf, struct ipmi_recv_msg *msg)
4916 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4917 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
4918 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
4919 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
4921 * A get device id command, save if we are an event
4922 * receiver or generator.
4924 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
4925 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
4929 static void send_panic_events(struct ipmi_smi *intf, char *str)
4931 struct kernel_ipmi_msg msg;
4932 unsigned char data[16];
4933 struct ipmi_system_interface_addr *si;
4934 struct ipmi_addr addr;
4936 struct ipmi_ipmb_addr *ipmb;
4939 if (ipmi_send_panic_event == IPMI_SEND_PANIC_EVENT_NONE)
4942 si = (struct ipmi_system_interface_addr *) &addr;
4943 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4944 si->channel = IPMI_BMC_CHANNEL;
4947 /* Fill in an event telling that we have failed. */
4948 msg.netfn = 0x04; /* Sensor or Event. */
4949 msg.cmd = 2; /* Platform event command. */
4952 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */
4953 data[1] = 0x03; /* This is for IPMI 1.0. */
4954 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
4955 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
4956 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
4959 * Put a few breadcrumbs in. Hopefully later we can add more things
4960 * to make the panic events more useful.
4968 /* Send the event announcing the panic. */
4969 ipmi_panic_request_and_wait(intf, &addr, &msg);
4972 * On every interface, dump a bunch of OEM event holding the
4975 if (ipmi_send_panic_event != IPMI_SEND_PANIC_EVENT_STRING || !str)
4979 * intf_num is used as an marker to tell if the
4980 * interface is valid. Thus we need a read barrier to
4981 * make sure data fetched before checking intf_num
4987 * First job here is to figure out where to send the
4988 * OEM events. There's no way in IPMI to send OEM
4989 * events using an event send command, so we have to
4990 * find the SEL to put them in and stick them in
4994 /* Get capabilities from the get device id. */
4995 intf->local_sel_device = 0;
4996 intf->local_event_generator = 0;
4997 intf->event_receiver = 0;
4999 /* Request the device info from the local MC. */
5000 msg.netfn = IPMI_NETFN_APP_REQUEST;
5001 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
5004 intf->null_user_handler = device_id_fetcher;
5005 ipmi_panic_request_and_wait(intf, &addr, &msg);
5007 if (intf->local_event_generator) {
5008 /* Request the event receiver from the local MC. */
5009 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
5010 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
5013 intf->null_user_handler = event_receiver_fetcher;
5014 ipmi_panic_request_and_wait(intf, &addr, &msg);
5016 intf->null_user_handler = NULL;
5019 * Validate the event receiver. The low bit must not
5020 * be 1 (it must be a valid IPMB address), it cannot
5021 * be zero, and it must not be my address.
5023 if (((intf->event_receiver & 1) == 0)
5024 && (intf->event_receiver != 0)
5025 && (intf->event_receiver != intf->addrinfo[0].address)) {
5027 * The event receiver is valid, send an IPMB
5030 ipmb = (struct ipmi_ipmb_addr *) &addr;
5031 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
5032 ipmb->channel = 0; /* FIXME - is this right? */
5033 ipmb->lun = intf->event_receiver_lun;
5034 ipmb->slave_addr = intf->event_receiver;
5035 } else if (intf->local_sel_device) {
5037 * The event receiver was not valid (or was
5038 * me), but I am an SEL device, just dump it
5041 si = (struct ipmi_system_interface_addr *) &addr;
5042 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
5043 si->channel = IPMI_BMC_CHANNEL;
5046 return; /* No where to send the event. */
5048 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
5049 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
5055 int size = strlen(p);
5061 data[2] = 0xf0; /* OEM event without timestamp. */
5062 data[3] = intf->addrinfo[0].address;
5063 data[4] = j++; /* sequence # */
5065 * Always give 11 bytes, so strncpy will fill
5066 * it with zeroes for me.
5068 strncpy(data+5, p, 11);
5071 ipmi_panic_request_and_wait(intf, &addr, &msg);
5075 static int has_panicked;
5077 static int panic_event(struct notifier_block *this,
5078 unsigned long event,
5081 struct ipmi_smi *intf;
5082 struct ipmi_user *user;
5088 /* For every registered interface, set it to run to completion. */
5089 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
5090 if (!intf->handlers || intf->intf_num == -1)
5091 /* Interface is not ready. */
5094 if (!intf->handlers->poll)
5098 * If we were interrupted while locking xmit_msgs_lock or
5099 * waiting_rcv_msgs_lock, the corresponding list may be
5100 * corrupted. In this case, drop items on the list for
5103 if (!spin_trylock(&intf->xmit_msgs_lock)) {
5104 INIT_LIST_HEAD(&intf->xmit_msgs);
5105 INIT_LIST_HEAD(&intf->hp_xmit_msgs);
5107 spin_unlock(&intf->xmit_msgs_lock);
5109 if (!spin_trylock(&intf->waiting_rcv_msgs_lock))
5110 INIT_LIST_HEAD(&intf->waiting_rcv_msgs);
5112 spin_unlock(&intf->waiting_rcv_msgs_lock);
5114 intf->run_to_completion = 1;
5115 if (intf->handlers->set_run_to_completion)
5116 intf->handlers->set_run_to_completion(intf->send_info,
5119 list_for_each_entry_rcu(user, &intf->users, link) {
5120 if (user->handler->ipmi_panic_handler)
5121 user->handler->ipmi_panic_handler(
5122 user->handler_data);
5125 send_panic_events(intf, ptr);
5131 /* Must be called with ipmi_interfaces_mutex held. */
5132 static int ipmi_register_driver(void)
5139 rv = driver_register(&ipmidriver.driver);
5141 pr_err("Could not register IPMI driver\n");
5143 drvregistered = true;
5147 static struct notifier_block panic_block = {
5148 .notifier_call = panic_event,
5150 .priority = 200 /* priority: INT_MAX >= x >= 0 */
5153 static int ipmi_init_msghandler(void)
5157 mutex_lock(&ipmi_interfaces_mutex);
5158 rv = ipmi_register_driver();
5164 rv = init_srcu_struct(&ipmi_interfaces_srcu);
5168 remove_work_wq = create_singlethread_workqueue("ipmi-msghandler-remove-wq");
5169 if (!remove_work_wq) {
5170 pr_err("unable to create ipmi-msghandler-remove-wq workqueue");
5175 timer_setup(&ipmi_timer, ipmi_timeout, 0);
5176 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
5178 atomic_notifier_chain_register(&panic_notifier_list, &panic_block);
5184 cleanup_srcu_struct(&ipmi_interfaces_srcu);
5186 mutex_unlock(&ipmi_interfaces_mutex);
5190 static int __init ipmi_init_msghandler_mod(void)
5194 pr_info("version " IPMI_DRIVER_VERSION "\n");
5196 mutex_lock(&ipmi_interfaces_mutex);
5197 rv = ipmi_register_driver();
5198 mutex_unlock(&ipmi_interfaces_mutex);
5203 static void __exit cleanup_ipmi(void)
5208 destroy_workqueue(remove_work_wq);
5210 atomic_notifier_chain_unregister(&panic_notifier_list,
5214 * This can't be called if any interfaces exist, so no worry
5215 * about shutting down the interfaces.
5219 * Tell the timer to stop, then wait for it to stop. This
5220 * avoids problems with race conditions removing the timer
5223 atomic_set(&stop_operation, 1);
5224 del_timer_sync(&ipmi_timer);
5226 initialized = false;
5228 /* Check for buffer leaks. */
5229 count = atomic_read(&smi_msg_inuse_count);
5231 pr_warn("SMI message count %d at exit\n", count);
5232 count = atomic_read(&recv_msg_inuse_count);
5234 pr_warn("recv message count %d at exit\n", count);
5236 cleanup_srcu_struct(&ipmi_interfaces_srcu);
5239 driver_unregister(&ipmidriver.driver);
5241 module_exit(cleanup_ipmi);
5243 module_init(ipmi_init_msghandler_mod);
5244 MODULE_LICENSE("GPL");
5245 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
5246 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI"
5248 MODULE_VERSION(IPMI_DRIVER_VERSION);
5249 MODULE_SOFTDEP("post: ipmi_devintf");
projects / releases.git / blob