1 /*
2 * ipmi_msghandler.c
3 *
4 * Incoming and outgoing message routing for an IPMI interface.
5 *
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
8 * source@mvista.com
9 *
10 * Copyright 2002 MontaVista Software Inc.
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
16 *
17 *
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 *
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
32 */
33
34 #include <linux/config.h>
35 #include <linux/module.h>
36 #include <linux/errno.h>
37 #include <asm/system.h>
38 #include <linux/sched.h>
39 #include <linux/poll.h>
40 #include <linux/spinlock.h>
41 #include <linux/rwsem.h>
42 #include <linux/slab.h>
43 #include <linux/ipmi.h>
44 #include <linux/ipmi_smi.h>
45 #include <linux/notifier.h>
46 #include <linux/init.h>
47 #include <linux/proc_fs.h>
48
49 #define PFX "IPMI message handler: "
50 #define IPMI_MSGHANDLER_VERSION "v33"
51
52 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
53 static int ipmi_init_msghandler(void);
54
55 static int initialized = 0;
56
57 static struct proc_dir_entry *proc_ipmi_root = NULL;
58
59 #define MAX_EVENTS_IN_QUEUE 25
60
61 /* Don't let a message sit in a queue forever, always time it with at lest
62 the max message timer. This is in milliseconds. */
63 #define MAX_MSG_TIMEOUT 60000
64
65 struct ipmi_user
66 {
67 struct list_head link;
68
69 /* The upper layer that handles receive messages. */
70 struct ipmi_user_hndl *handler;
71 void *handler_data;
72
73 /* The interface this user is bound to. */
74 ipmi_smi_t intf;
75
76 /* Does this interface receive IPMI events? */
77 int gets_events;
78 };
79
80 struct cmd_rcvr
81 {
82 struct list_head link;
83
84 ipmi_user_t user;
85 unsigned char netfn;
86 unsigned char cmd;
87 };
88
89 struct seq_table
90 {
91 unsigned int inuse : 1;
92 unsigned int broadcast : 1;
93
94 unsigned long timeout;
95 unsigned long orig_timeout;
96 unsigned int retries_left;
97
98 /* To verify on an incoming send message response that this is
99 the message that the response is for, we keep a sequence id
100 and increment it every time we send a message. */
101 long seqid;
102
103 /* This is held so we can properly respond to the message on a
104 timeout, and it is used to hold the temporary data for
105 retransmission, too. */
106 struct ipmi_recv_msg *recv_msg;
107 };
108
109 /* Store the information in a msgid (long) to allow us to find a
110 sequence table entry from the msgid. */
111 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
112
113 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
114 do { \
115 seq = ((msgid >> 26) & 0x3f); \
116 seqid = (msgid & 0x3fffff); \
117 } while(0)
118
119 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
120
121 struct ipmi_channel
122 {
123 unsigned char medium;
124 unsigned char protocol;
125 };
126
127 struct ipmi_proc_entry
128 {
129 char *name;
130 struct ipmi_proc_entry *next;
131 };
132
133 #define IPMI_IPMB_NUM_SEQ 64
134 #define IPMI_MAX_CHANNELS 8
135 struct ipmi_smi
136 {
137 /* What interface number are we? */
138 int intf_num;
139
140 /* The list of upper layers that are using me. We read-lock
141 this when delivering messages to the upper layer to keep
142 the user from going away while we are processing the
143 message. This means that you cannot add or delete a user
144 from the receive callback. */
145 rwlock_t users_lock;
146 struct list_head users;
147
148 /* Used for wake ups at startup. */
149 wait_queue_head_t waitq;
150
151 /* The IPMI version of the BMC on the other end. */
152 unsigned char version_major;
153 unsigned char version_minor;
154
155 /* This is the lower-layer's sender routine. */
156 struct ipmi_smi_handlers *handlers;
157 void *send_info;
158
159 /* A list of proc entries for this interface. This does not
160 need a lock, only one thread creates it and only one thread
161 destroys it. */
162 struct ipmi_proc_entry *proc_entries;
163
164 /* A table of sequence numbers for this interface. We use the
165 sequence numbers for IPMB messages that go out of the
166 interface to match them up with their responses. A routine
167 is called periodically to time the items in this list. */
168 spinlock_t seq_lock;
169 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
170 int curr_seq;
171
172 /* Messages that were delayed for some reason (out of memory,
173 for instance), will go in here to be processed later in a
174 periodic timer interrupt. */
175 spinlock_t waiting_msgs_lock;
176 struct list_head waiting_msgs;
177
178 /* The list of command receivers that are registered for commands
179 on this interface. */
180 rwlock_t cmd_rcvr_lock;
181 struct list_head cmd_rcvrs;
182
183 /* Events that were queues because no one was there to receive
184 them. */
185 spinlock_t events_lock; /* For dealing with event stuff. */
186 struct list_head waiting_events;
187 unsigned int waiting_events_count; /* How many events in queue? */
188
189 /* This will be non-null if someone registers to receive all
190 IPMI commands (this is for interface emulation). There
191 may not be any things in the cmd_rcvrs list above when
192 this is registered. */
193 ipmi_user_t all_cmd_rcvr;
194
195 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
196 but may be changed by the user. */
197 unsigned char my_address;
198
199 /* My LUN. This should generally stay the SMS LUN, but just in
200 case... */
201 unsigned char my_lun;
202
203 /* The event receiver for my BMC, only really used at panic
204 shutdown as a place to store this. */
205 unsigned char event_receiver;
206 unsigned char event_receiver_lun;
207 unsigned char local_sel_device;
208 unsigned char local_event_generator;
209
210 /* A cheap hack, if this is non-null and a message to an
211 interface comes in with a NULL user, call this routine with
212 it. Note that the message will still be freed by the
213 caller. This only works on the system interface. */
214 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_smi_msg *msg);
215
216 /* When we are scanning the channels for an SMI, this will
217 tell which channel we are scanning. */
218 int curr_channel;
219
220 /* Channel information */
221 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
222
223 /* Proc FS stuff. */
224 struct proc_dir_entry *proc_dir;
225 char proc_dir_name[10];
226
227 spinlock_t counter_lock; /* For making counters atomic. */
228
229 /* Commands we got that were invalid. */
230 unsigned int sent_invalid_commands;
231
232 /* Commands we sent to the MC. */
233 unsigned int sent_local_commands;
234 /* Responses from the MC that were delivered to a user. */
235 unsigned int handled_local_responses;
236 /* Responses from the MC that were not delivered to a user. */
237 unsigned int unhandled_local_responses;
238
239 /* Commands we sent out to the IPMB bus. */
240 unsigned int sent_ipmb_commands;
241 /* Commands sent on the IPMB that had errors on the SEND CMD */
242 unsigned int sent_ipmb_command_errs;
243 /* Each retransmit increments this count. */
244 unsigned int retransmitted_ipmb_commands;
245 /* When a message times out (runs out of retransmits) this is
246 incremented. */
247 unsigned int timed_out_ipmb_commands;
248
249 /* This is like above, but for broadcasts. Broadcasts are
250 *not* included in the above count (they are expected to
251 time out). */
252 unsigned int timed_out_ipmb_broadcasts;
253
254 /* Responses I have sent to the IPMB bus. */
255 unsigned int sent_ipmb_responses;
256
257 /* The response was delivered to the user. */
258 unsigned int handled_ipmb_responses;
259 /* The response had invalid data in it. */
260 unsigned int invalid_ipmb_responses;
261 /* The response didn't have anyone waiting for it. */
262 unsigned int unhandled_ipmb_responses;
263
264 /* Commands we sent out to the IPMB bus. */
265 unsigned int sent_lan_commands;
266 /* Commands sent on the IPMB that had errors on the SEND CMD */
267 unsigned int sent_lan_command_errs;
268 /* Each retransmit increments this count. */
269 unsigned int retransmitted_lan_commands;
270 /* When a message times out (runs out of retransmits) this is
271 incremented. */
272 unsigned int timed_out_lan_commands;
273
274 /* Responses I have sent to the IPMB bus. */
275 unsigned int sent_lan_responses;
276
277 /* The response was delivered to the user. */
278 unsigned int handled_lan_responses;
279 /* The response had invalid data in it. */
280 unsigned int invalid_lan_responses;
281 /* The response didn't have anyone waiting for it. */
282 unsigned int unhandled_lan_responses;
283
284 /* The command was delivered to the user. */
285 unsigned int handled_commands;
286 /* The command had invalid data in it. */
287 unsigned int invalid_commands;
288 /* The command didn't have anyone waiting for it. */
289 unsigned int unhandled_commands;
290
291 /* Invalid data in an event. */
292 unsigned int invalid_events;
293 /* Events that were received with the proper format. */
294 unsigned int events;
295 };
296
297 #define MAX_IPMI_INTERFACES 4
298 static ipmi_smi_t ipmi_interfaces[MAX_IPMI_INTERFACES];
299
300 /* Used to keep interfaces from going away while operations are
301 operating on interfaces. Grab read if you are not modifying the
302 interfaces, write if you are. */
303 static DECLARE_RWSEM(interfaces_sem);
304
305 /* Directly protects the ipmi_interfaces data structure. This is
306 claimed in the timer interrupt. */
307 static DEFINE_SPINLOCK(interfaces_lock);
308
309 /* List of watchers that want to know when smi's are added and
310 deleted. */
311 static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers);
312 static DECLARE_RWSEM(smi_watchers_sem);
313
314 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
315 {
316 int i;
317
318 down_read(&interfaces_sem);
319 down_write(&smi_watchers_sem);
320 list_add(&(watcher->link), &smi_watchers);
321 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
322 if (ipmi_interfaces[i] != NULL) {
323 watcher->new_smi(i);
324 }
325 }
326 up_write(&smi_watchers_sem);
327 up_read(&interfaces_sem);
328 return 0;
329 }
330
331 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
332 {
333 down_write(&smi_watchers_sem);
334 list_del(&(watcher->link));
335 up_write(&smi_watchers_sem);
336 return 0;
337 }
338
339 static void
340 call_smi_watchers(int i)
341 {
342 struct ipmi_smi_watcher *w;
343
344 down_read(&smi_watchers_sem);
345 list_for_each_entry(w, &smi_watchers, link) {
346 if (try_module_get(w->owner)) {
347 w->new_smi(i);
348 module_put(w->owner);
349 }
350 }
351 up_read(&smi_watchers_sem);
352 }
353
354 static int
355 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
356 {
357 if (addr1->addr_type != addr2->addr_type)
358 return 0;
359
360 if (addr1->channel != addr2->channel)
361 return 0;
362
363 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
364 struct ipmi_system_interface_addr *smi_addr1
365 = (struct ipmi_system_interface_addr *) addr1;
366 struct ipmi_system_interface_addr *smi_addr2
367 = (struct ipmi_system_interface_addr *) addr2;
368 return (smi_addr1->lun == smi_addr2->lun);
369 }
370
371 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE)
372 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
373 {
374 struct ipmi_ipmb_addr *ipmb_addr1
375 = (struct ipmi_ipmb_addr *) addr1;
376 struct ipmi_ipmb_addr *ipmb_addr2
377 = (struct ipmi_ipmb_addr *) addr2;
378
379 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
380 && (ipmb_addr1->lun == ipmb_addr2->lun));
381 }
382
383 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) {
384 struct ipmi_lan_addr *lan_addr1
385 = (struct ipmi_lan_addr *) addr1;
386 struct ipmi_lan_addr *lan_addr2
387 = (struct ipmi_lan_addr *) addr2;
388
389 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
390 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
391 && (lan_addr1->session_handle
392 == lan_addr2->session_handle)
393 && (lan_addr1->lun == lan_addr2->lun));
394 }
395
396 return 1;
397 }
398
399 int ipmi_validate_addr(struct ipmi_addr *addr, int len)
400 {
401 if (len < sizeof(struct ipmi_system_interface_addr)) {
402 return -EINVAL;
403 }
404
405 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
406 if (addr->channel != IPMI_BMC_CHANNEL)
407 return -EINVAL;
408 return 0;
409 }
410
411 if ((addr->channel == IPMI_BMC_CHANNEL)
412 || (addr->channel >= IPMI_NUM_CHANNELS)
413 || (addr->channel < 0))
414 return -EINVAL;
415
416 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
417 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
418 {
419 if (len < sizeof(struct ipmi_ipmb_addr)) {
420 return -EINVAL;
421 }
422 return 0;
423 }
424
425 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
426 if (len < sizeof(struct ipmi_lan_addr)) {
427 return -EINVAL;
428 }
429 return 0;
430 }
431
432 return -EINVAL;
433 }
434
435 unsigned int ipmi_addr_length(int addr_type)
436 {
437 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
438 return sizeof(struct ipmi_system_interface_addr);
439
440 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
441 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
442 {
443 return sizeof(struct ipmi_ipmb_addr);
444 }
445
446 if (addr_type == IPMI_LAN_ADDR_TYPE)
447 return sizeof(struct ipmi_lan_addr);
448
449 return 0;
450 }
451
452 static void deliver_response(struct ipmi_recv_msg *msg)
453 {
454 msg->user->handler->ipmi_recv_hndl(msg, msg->user->handler_data);
455 }
456
457 /* Find the next sequence number not being used and add the given
458 message with the given timeout to the sequence table. This must be
459 called with the interface's seq_lock held. */
460 static int intf_next_seq(ipmi_smi_t intf,
461 struct ipmi_recv_msg *recv_msg,
462 unsigned long timeout,
463 int retries,
464 int broadcast,
465 unsigned char *seq,
466 long *seqid)
467 {
468 int rv = 0;
469 unsigned int i;
470
471 for (i=intf->curr_seq;
472 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
473 i=(i+1)%IPMI_IPMB_NUM_SEQ)
474 {
475 if (! intf->seq_table[i].inuse)
476 break;
477 }
478
479 if (! intf->seq_table[i].inuse) {
480 intf->seq_table[i].recv_msg = recv_msg;
481
482 /* Start with the maximum timeout, when the send response
483 comes in we will start the real timer. */
484 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
485 intf->seq_table[i].orig_timeout = timeout;
486 intf->seq_table[i].retries_left = retries;
487 intf->seq_table[i].broadcast = broadcast;
488 intf->seq_table[i].inuse = 1;
489 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
490 *seq = i;
491 *seqid = intf->seq_table[i].seqid;
492 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
493 } else {
494 rv = -EAGAIN;
495 }
496
497 return rv;
498 }
499
500 /* Return the receive message for the given sequence number and
501 release the sequence number so it can be reused. Some other data
502 is passed in to be sure the message matches up correctly (to help
503 guard against message coming in after their timeout and the
504 sequence number being reused). */
505 static int intf_find_seq(ipmi_smi_t intf,
506 unsigned char seq,
507 short channel,
508 unsigned char cmd,
509 unsigned char netfn,
510 struct ipmi_addr *addr,
511 struct ipmi_recv_msg **recv_msg)
512 {
513 int rv = -ENODEV;
514 unsigned long flags;
515
516 if (seq >= IPMI_IPMB_NUM_SEQ)
517 return -EINVAL;
518
519 spin_lock_irqsave(&(intf->seq_lock), flags);
520 if (intf->seq_table[seq].inuse) {
521 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
522
523 if ((msg->addr.channel == channel)
524 && (msg->msg.cmd == cmd)
525 && (msg->msg.netfn == netfn)
526 && (ipmi_addr_equal(addr, &(msg->addr))))
527 {
528 *recv_msg = msg;
529 intf->seq_table[seq].inuse = 0;
530 rv = 0;
531 }
532 }
533 spin_unlock_irqrestore(&(intf->seq_lock), flags);
534
535 return rv;
536 }
537
538
539 /* Start the timer for a specific sequence table entry. */
540 static int intf_start_seq_timer(ipmi_smi_t intf,
541 long msgid)
542 {
543 int rv = -ENODEV;
544 unsigned long flags;
545 unsigned char seq;
546 unsigned long seqid;
547
548
549 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
550
551 spin_lock_irqsave(&(intf->seq_lock), flags);
552 /* We do this verification because the user can be deleted
553 while a message is outstanding. */
554 if ((intf->seq_table[seq].inuse)
555 && (intf->seq_table[seq].seqid == seqid))
556 {
557 struct seq_table *ent = &(intf->seq_table[seq]);
558 ent->timeout = ent->orig_timeout;
559 rv = 0;
560 }
561 spin_unlock_irqrestore(&(intf->seq_lock), flags);
562
563 return rv;
564 }
565
566 /* Got an error for the send message for a specific sequence number. */
567 static int intf_err_seq(ipmi_smi_t intf,
568 long msgid,
569 unsigned int err)
570 {
571 int rv = -ENODEV;
572 unsigned long flags;
573 unsigned char seq;
574 unsigned long seqid;
575 struct ipmi_recv_msg *msg = NULL;
576
577
578 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
579
580 spin_lock_irqsave(&(intf->seq_lock), flags);
581 /* We do this verification because the user can be deleted
582 while a message is outstanding. */
583 if ((intf->seq_table[seq].inuse)
584 && (intf->seq_table[seq].seqid == seqid))
585 {
586 struct seq_table *ent = &(intf->seq_table[seq]);
587
588 ent->inuse = 0;
589 msg = ent->recv_msg;
590 rv = 0;
591 }
592 spin_unlock_irqrestore(&(intf->seq_lock), flags);
593
594 if (msg) {
595 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
596 msg->msg_data[0] = err;
597 msg->msg.netfn |= 1; /* Convert to a response. */
598 msg->msg.data_len = 1;
599 msg->msg.data = msg->msg_data;
600 deliver_response(msg);
601 }
602
603 return rv;
604 }
605
606
607 int ipmi_create_user(unsigned int if_num,
608 struct ipmi_user_hndl *handler,
609 void *handler_data,
610 ipmi_user_t *user)
611 {
612 unsigned long flags;
613 ipmi_user_t new_user;
614 int rv = 0;
615
616 /* There is no module usecount here, because it's not
617 required. Since this can only be used by and called from
618 other modules, they will implicitly use this module, and
619 thus this can't be removed unless the other modules are
620 removed. */
621
622 if (handler == NULL)
623 return -EINVAL;
624
625 /* Make sure the driver is actually initialized, this handles
626 problems with initialization order. */
627 if (!initialized) {
628 rv = ipmi_init_msghandler();
629 if (rv)
630 return rv;
631
632 /* The init code doesn't return an error if it was turned
633 off, but it won't initialize. Check that. */
634 if (!initialized)
635 return -ENODEV;
636 }
637
638 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
639 if (! new_user)
640 return -ENOMEM;
641
642 down_read(&interfaces_sem);
643 if ((if_num > MAX_IPMI_INTERFACES) || ipmi_interfaces[if_num] == NULL)
644 {
645 rv = -EINVAL;
646 goto out_unlock;
647 }
648
649 new_user->handler = handler;
650 new_user->handler_data = handler_data;
651 new_user->intf = ipmi_interfaces[if_num];
652 new_user->gets_events = 0;
653
654 if (!try_module_get(new_user->intf->handlers->owner)) {
655 rv = -ENODEV;
656 goto out_unlock;
657 }
658
659 write_lock_irqsave(&new_user->intf->users_lock, flags);
660 list_add_tail(&new_user->link, &new_user->intf->users);
661 write_unlock_irqrestore(&new_user->intf->users_lock, flags);
662
663 out_unlock:
664 if (rv) {
665 kfree(new_user);
666 } else {
667 *user = new_user;
668 }
669
670 up_read(&interfaces_sem);
671 return rv;
672 }
673
674 static int ipmi_destroy_user_nolock(ipmi_user_t user)
675 {
676 int rv = -ENODEV;
677 ipmi_user_t t_user;
678 struct cmd_rcvr *rcvr, *rcvr2;
679 int i;
680 unsigned long flags;
681
682 /* Find the user and delete them from the list. */
683 list_for_each_entry(t_user, &(user->intf->users), link) {
684 if (t_user == user) {
685 list_del(&t_user->link);
686 rv = 0;
687 break;
688 }
689 }
690
691 if (rv) {
692 goto out_unlock;
693 }
694
695 /* Remove the user from the interfaces sequence table. */
696 spin_lock_irqsave(&(user->intf->seq_lock), flags);
697 for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) {
698 if (user->intf->seq_table[i].inuse
699 && (user->intf->seq_table[i].recv_msg->user == user))
700 {
701 user->intf->seq_table[i].inuse = 0;
702 }
703 }
704 spin_unlock_irqrestore(&(user->intf->seq_lock), flags);
705
706 /* Remove the user from the command receiver's table. */
707 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
708 list_for_each_entry_safe(rcvr, rcvr2, &(user->intf->cmd_rcvrs), link) {
709 if (rcvr->user == user) {
710 list_del(&rcvr->link);
711 kfree(rcvr);
712 }
713 }
714 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
715
716 kfree(user);
717
718 out_unlock:
719
720 return rv;
721 }
722
723 int ipmi_destroy_user(ipmi_user_t user)
724 {
725 int rv;
726 ipmi_smi_t intf = user->intf;
727 unsigned long flags;
728
729 down_read(&interfaces_sem);
730 write_lock_irqsave(&intf->users_lock, flags);
731 rv = ipmi_destroy_user_nolock(user);
732 if (!rv)
733 module_put(intf->handlers->owner);
734
735 write_unlock_irqrestore(&intf->users_lock, flags);
736 up_read(&interfaces_sem);
737 return rv;
738 }
739
740 void ipmi_get_version(ipmi_user_t user,
741 unsigned char *major,
742 unsigned char *minor)
743 {
744 *major = user->intf->version_major;
745 *minor = user->intf->version_minor;
746 }
747
748 void ipmi_set_my_address(ipmi_user_t user,
749 unsigned char address)
750 {
751 user->intf->my_address = address;
752 }
753
754 unsigned char ipmi_get_my_address(ipmi_user_t user)
755 {
756 return user->intf->my_address;
757 }
758
759 void ipmi_set_my_LUN(ipmi_user_t user,
760 unsigned char LUN)
761 {
762 user->intf->my_lun = LUN & 0x3;
763 }
764
765 unsigned char ipmi_get_my_LUN(ipmi_user_t user)
766 {
767 return user->intf->my_lun;
768 }
769
770 int ipmi_set_gets_events(ipmi_user_t user, int val)
771 {
772 unsigned long flags;
773 struct ipmi_recv_msg *msg, *msg2;
774
775 read_lock(&(user->intf->users_lock));
776 spin_lock_irqsave(&(user->intf->events_lock), flags);
777 user->gets_events = val;
778
779 if (val) {
780 /* Deliver any queued events. */
781 list_for_each_entry_safe(msg, msg2, &(user->intf->waiting_events), link) {
782 list_del(&msg->link);
783 msg->user = user;
784 deliver_response(msg);
785 }
786 }
787
788 spin_unlock_irqrestore(&(user->intf->events_lock), flags);
789 read_unlock(&(user->intf->users_lock));
790
791 return 0;
792 }
793
794 int ipmi_register_for_cmd(ipmi_user_t user,
795 unsigned char netfn,
796 unsigned char cmd)
797 {
798 struct cmd_rcvr *cmp;
799 unsigned long flags;
800 struct cmd_rcvr *rcvr;
801 int rv = 0;
802
803
804 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
805 if (! rcvr)
806 return -ENOMEM;
807
808 read_lock(&(user->intf->users_lock));
809 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
810 if (user->intf->all_cmd_rcvr != NULL) {
811 rv = -EBUSY;
812 goto out_unlock;
813 }
814
815 /* Make sure the command/netfn is not already registered. */
816 list_for_each_entry(cmp, &(user->intf->cmd_rcvrs), link) {
817 if ((cmp->netfn == netfn) && (cmp->cmd == cmd)) {
818 rv = -EBUSY;
819 break;
820 }
821 }
822
823 if (! rv) {
824 rcvr->cmd = cmd;
825 rcvr->netfn = netfn;
826 rcvr->user = user;
827 list_add_tail(&(rcvr->link), &(user->intf->cmd_rcvrs));
828 }
829 out_unlock:
830 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
831 read_unlock(&(user->intf->users_lock));
832
833 if (rv)
834 kfree(rcvr);
835
836 return rv;
837 }
838
839 int ipmi_unregister_for_cmd(ipmi_user_t user,
840 unsigned char netfn,
841 unsigned char cmd)
842 {
843 unsigned long flags;
844 struct cmd_rcvr *rcvr;
845 int rv = -ENOENT;
846
847 read_lock(&(user->intf->users_lock));
848 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
849 /* Make sure the command/netfn is not already registered. */
850 list_for_each_entry(rcvr, &(user->intf->cmd_rcvrs), link) {
851 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
852 rv = 0;
853 list_del(&rcvr->link);
854 kfree(rcvr);
855 break;
856 }
857 }
858 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
859 read_unlock(&(user->intf->users_lock));
860
861 return rv;
862 }
863
864 void ipmi_user_set_run_to_completion(ipmi_user_t user, int val)
865 {
866 user->intf->handlers->set_run_to_completion(user->intf->send_info,
867 val);
868 }
869
870 static unsigned char
871 ipmb_checksum(unsigned char *data, int size)
872 {
873 unsigned char csum = 0;
874
875 for (; size > 0; size--, data++)
876 csum += *data;
877
878 return -csum;
879 }
880
881 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
882 struct kernel_ipmi_msg *msg,
883 struct ipmi_ipmb_addr *ipmb_addr,
884 long msgid,
885 unsigned char ipmb_seq,
886 int broadcast,
887 unsigned char source_address,
888 unsigned char source_lun)
889 {
890 int i = broadcast;
891
892 /* Format the IPMB header data. */
893 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
894 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
895 smi_msg->data[2] = ipmb_addr->channel;
896 if (broadcast)
897 smi_msg->data[3] = 0;
898 smi_msg->data[i+3] = ipmb_addr->slave_addr;
899 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
900 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
901 smi_msg->data[i+6] = source_address;
902 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
903 smi_msg->data[i+8] = msg->cmd;
904
905 /* Now tack on the data to the message. */
906 if (msg->data_len > 0)
907 memcpy(&(smi_msg->data[i+9]), msg->data,
908 msg->data_len);
909 smi_msg->data_size = msg->data_len + 9;
910
911 /* Now calculate the checksum and tack it on. */
912 smi_msg->data[i+smi_msg->data_size]
913 = ipmb_checksum(&(smi_msg->data[i+6]),
914 smi_msg->data_size-6);
915
916 /* Add on the checksum size and the offset from the
917 broadcast. */
918 smi_msg->data_size += 1 + i;
919
920 smi_msg->msgid = msgid;
921 }
922
923 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
924 struct kernel_ipmi_msg *msg,
925 struct ipmi_lan_addr *lan_addr,
926 long msgid,
927 unsigned char ipmb_seq,
928 unsigned char source_lun)
929 {
930 /* Format the IPMB header data. */
931 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
932 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
933 smi_msg->data[2] = lan_addr->channel;
934 smi_msg->data[3] = lan_addr->session_handle;
935 smi_msg->data[4] = lan_addr->remote_SWID;
936 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
937 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
938 smi_msg->data[7] = lan_addr->local_SWID;
939 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
940 smi_msg->data[9] = msg->cmd;
941
942 /* Now tack on the data to the message. */
943 if (msg->data_len > 0)
944 memcpy(&(smi_msg->data[10]), msg->data,
945 msg->data_len);
946 smi_msg->data_size = msg->data_len + 10;
947
948 /* Now calculate the checksum and tack it on. */
949 smi_msg->data[smi_msg->data_size]
950 = ipmb_checksum(&(smi_msg->data[7]),
951 smi_msg->data_size-7);
952
953 /* Add on the checksum size and the offset from the
954 broadcast. */
955 smi_msg->data_size += 1;
956
957 smi_msg->msgid = msgid;
958 }
959
960 /* Separate from ipmi_request so that the user does not have to be
961 supplied in certain circumstances (mainly at panic time). If
962 messages are supplied, they will be freed, even if an error
963 occurs. */
964 static inline int i_ipmi_request(ipmi_user_t user,
965 ipmi_smi_t intf,
966 struct ipmi_addr *addr,
967 long msgid,
968 struct kernel_ipmi_msg *msg,
969 void *user_msg_data,
970 void *supplied_smi,
971 struct ipmi_recv_msg *supplied_recv,
972 int priority,
973 unsigned char source_address,
974 unsigned char source_lun,
975 int retries,
976 unsigned int retry_time_ms)
977 {
978 int rv = 0;
979 struct ipmi_smi_msg *smi_msg;
980 struct ipmi_recv_msg *recv_msg;
981 unsigned long flags;
982
983
984 if (supplied_recv) {
985 recv_msg = supplied_recv;
986 } else {
987 recv_msg = ipmi_alloc_recv_msg();
988 if (recv_msg == NULL) {
989 return -ENOMEM;
990 }
991 }
992 recv_msg->user_msg_data = user_msg_data;
993
994 if (supplied_smi) {
995 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
996 } else {
997 smi_msg = ipmi_alloc_smi_msg();
998 if (smi_msg == NULL) {
999 ipmi_free_recv_msg(recv_msg);
1000 return -ENOMEM;
1001 }
1002 }
1003
1004 recv_msg->user = user;
1005 recv_msg->msgid = msgid;
1006 /* Store the message to send in the receive message so timeout
1007 responses can get the proper response data. */
1008 recv_msg->msg = *msg;
1009
1010 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1011 struct ipmi_system_interface_addr *smi_addr;
1012
1013 if (msg->netfn & 1) {
1014 /* Responses are not allowed to the SMI. */
1015 rv = -EINVAL;
1016 goto out_err;
1017 }
1018
1019 smi_addr = (struct ipmi_system_interface_addr *) addr;
1020 if (smi_addr->lun > 3) {
1021 spin_lock_irqsave(&intf->counter_lock, flags);
1022 intf->sent_invalid_commands++;
1023 spin_unlock_irqrestore(&intf->counter_lock, flags);
1024 rv = -EINVAL;
1025 goto out_err;
1026 }
1027
1028 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1029
1030 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1031 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1032 || (msg->cmd == IPMI_GET_MSG_CMD)
1033 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD)))
1034 {
1035 /* We don't let the user do these, since we manage
1036 the sequence numbers. */
1037 spin_lock_irqsave(&intf->counter_lock, flags);
1038 intf->sent_invalid_commands++;
1039 spin_unlock_irqrestore(&intf->counter_lock, flags);
1040 rv = -EINVAL;
1041 goto out_err;
1042 }
1043
1044 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1045 spin_lock_irqsave(&intf->counter_lock, flags);
1046 intf->sent_invalid_commands++;
1047 spin_unlock_irqrestore(&intf->counter_lock, flags);
1048 rv = -EMSGSIZE;
1049 goto out_err;
1050 }
1051
1052 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1053 smi_msg->data[1] = msg->cmd;
1054 smi_msg->msgid = msgid;
1055 smi_msg->user_data = recv_msg;
1056 if (msg->data_len > 0)
1057 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1058 smi_msg->data_size = msg->data_len + 2;
1059 spin_lock_irqsave(&intf->counter_lock, flags);
1060 intf->sent_local_commands++;
1061 spin_unlock_irqrestore(&intf->counter_lock, flags);
1062 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
1063 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1064 {
1065 struct ipmi_ipmb_addr *ipmb_addr;
1066 unsigned char ipmb_seq;
1067 long seqid;
1068 int broadcast = 0;
1069
1070 if (addr->channel > IPMI_NUM_CHANNELS) {
1071 spin_lock_irqsave(&intf->counter_lock, flags);
1072 intf->sent_invalid_commands++;
1073 spin_unlock_irqrestore(&intf->counter_lock, flags);
1074 rv = -EINVAL;
1075 goto out_err;
1076 }
1077
1078 if (intf->channels[addr->channel].medium
1079 != IPMI_CHANNEL_MEDIUM_IPMB)
1080 {
1081 spin_lock_irqsave(&intf->counter_lock, flags);
1082 intf->sent_invalid_commands++;
1083 spin_unlock_irqrestore(&intf->counter_lock, flags);
1084 rv = -EINVAL;
1085 goto out_err;
1086 }
1087
1088 if (retries < 0) {
1089 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1090 retries = 0; /* Don't retry broadcasts. */
1091 else
1092 retries = 4;
1093 }
1094 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1095 /* Broadcasts add a zero at the beginning of the
1096 message, but otherwise is the same as an IPMB
1097 address. */
1098 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1099 broadcast = 1;
1100 }
1101
1102
1103 /* Default to 1 second retries. */
1104 if (retry_time_ms == 0)
1105 retry_time_ms = 1000;
1106
1107 /* 9 for the header and 1 for the checksum, plus
1108 possibly one for the broadcast. */
1109 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1110 spin_lock_irqsave(&intf->counter_lock, flags);
1111 intf->sent_invalid_commands++;
1112 spin_unlock_irqrestore(&intf->counter_lock, flags);
1113 rv = -EMSGSIZE;
1114 goto out_err;
1115 }
1116
1117 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1118 if (ipmb_addr->lun > 3) {
1119 spin_lock_irqsave(&intf->counter_lock, flags);
1120 intf->sent_invalid_commands++;
1121 spin_unlock_irqrestore(&intf->counter_lock, flags);
1122 rv = -EINVAL;
1123 goto out_err;
1124 }
1125
1126 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1127
1128 if (recv_msg->msg.netfn & 0x1) {
1129 /* It's a response, so use the user's sequence
1130 from msgid. */
1131 spin_lock_irqsave(&intf->counter_lock, flags);
1132 intf->sent_ipmb_responses++;
1133 spin_unlock_irqrestore(&intf->counter_lock, flags);
1134 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1135 msgid, broadcast,
1136 source_address, source_lun);
1137
1138 /* Save the receive message so we can use it
1139 to deliver the response. */
1140 smi_msg->user_data = recv_msg;
1141 } else {
1142 /* It's a command, so get a sequence for it. */
1143
1144 spin_lock_irqsave(&(intf->seq_lock), flags);
1145
1146 spin_lock(&intf->counter_lock);
1147 intf->sent_ipmb_commands++;
1148 spin_unlock(&intf->counter_lock);
1149
1150 /* Create a sequence number with a 1 second
1151 timeout and 4 retries. */
1152 rv = intf_next_seq(intf,
1153 recv_msg,
1154 retry_time_ms,
1155 retries,
1156 broadcast,
1157 &ipmb_seq,
1158 &seqid);
1159 if (rv) {
1160 /* We have used up all the sequence numbers,
1161 probably, so abort. */
1162 spin_unlock_irqrestore(&(intf->seq_lock),
1163 flags);
1164 goto out_err;
1165 }
1166
1167 /* Store the sequence number in the message,
1168 so that when the send message response
1169 comes back we can start the timer. */
1170 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1171 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1172 ipmb_seq, broadcast,
1173 source_address, source_lun);
1174
1175 /* Copy the message into the recv message data, so we
1176 can retransmit it later if necessary. */
1177 memcpy(recv_msg->msg_data, smi_msg->data,
1178 smi_msg->data_size);
1179 recv_msg->msg.data = recv_msg->msg_data;
1180 recv_msg->msg.data_len = smi_msg->data_size;
1181
1182 /* We don't unlock until here, because we need
1183 to copy the completed message into the
1184 recv_msg before we release the lock.
1185 Otherwise, race conditions may bite us. I
1186 know that's pretty paranoid, but I prefer
1187 to be correct. */
1188 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1189 }
1190 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
1191 struct ipmi_lan_addr *lan_addr;
1192 unsigned char ipmb_seq;
1193 long seqid;
1194
1195 if (addr->channel > IPMI_NUM_CHANNELS) {
1196 spin_lock_irqsave(&intf->counter_lock, flags);
1197 intf->sent_invalid_commands++;
1198 spin_unlock_irqrestore(&intf->counter_lock, flags);
1199 rv = -EINVAL;
1200 goto out_err;
1201 }
1202
1203 if ((intf->channels[addr->channel].medium
1204 != IPMI_CHANNEL_MEDIUM_8023LAN)
1205 && (intf->channels[addr->channel].medium
1206 != IPMI_CHANNEL_MEDIUM_ASYNC))
1207 {
1208 spin_lock_irqsave(&intf->counter_lock, flags);
1209 intf->sent_invalid_commands++;
1210 spin_unlock_irqrestore(&intf->counter_lock, flags);
1211 rv = -EINVAL;
1212 goto out_err;
1213 }
1214
1215 retries = 4;
1216
1217 /* Default to 1 second retries. */
1218 if (retry_time_ms == 0)
1219 retry_time_ms = 1000;
1220
1221 /* 11 for the header and 1 for the checksum. */
1222 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1223 spin_lock_irqsave(&intf->counter_lock, flags);
1224 intf->sent_invalid_commands++;
1225 spin_unlock_irqrestore(&intf->counter_lock, flags);
1226 rv = -EMSGSIZE;
1227 goto out_err;
1228 }
1229
1230 lan_addr = (struct ipmi_lan_addr *) addr;
1231 if (lan_addr->lun > 3) {
1232 spin_lock_irqsave(&intf->counter_lock, flags);
1233 intf->sent_invalid_commands++;
1234 spin_unlock_irqrestore(&intf->counter_lock, flags);
1235 rv = -EINVAL;
1236 goto out_err;
1237 }
1238
1239 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1240
1241 if (recv_msg->msg.netfn & 0x1) {
1242 /* It's a response, so use the user's sequence
1243 from msgid. */
1244 spin_lock_irqsave(&intf->counter_lock, flags);
1245 intf->sent_lan_responses++;
1246 spin_unlock_irqrestore(&intf->counter_lock, flags);
1247 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1248 msgid, source_lun);
1249
1250 /* Save the receive message so we can use it
1251 to deliver the response. */
1252 smi_msg->user_data = recv_msg;
1253 } else {
1254 /* It's a command, so get a sequence for it. */
1255
1256 spin_lock_irqsave(&(intf->seq_lock), flags);
1257
1258 spin_lock(&intf->counter_lock);
1259 intf->sent_lan_commands++;
1260 spin_unlock(&intf->counter_lock);
1261
1262 /* Create a sequence number with a 1 second
1263 timeout and 4 retries. */
1264 rv = intf_next_seq(intf,
1265 recv_msg,
1266 retry_time_ms,
1267 retries,
1268 0,
1269 &ipmb_seq,
1270 &seqid);
1271 if (rv) {
1272 /* We have used up all the sequence numbers,
1273 probably, so abort. */
1274 spin_unlock_irqrestore(&(intf->seq_lock),
1275 flags);
1276 goto out_err;
1277 }
1278
1279 /* Store the sequence number in the message,
1280 so that when the send message response
1281 comes back we can start the timer. */
1282 format_lan_msg(smi_msg, msg, lan_addr,
1283 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1284 ipmb_seq, source_lun);
1285
1286 /* Copy the message into the recv message data, so we
1287 can retransmit it later if necessary. */
1288 memcpy(recv_msg->msg_data, smi_msg->data,
1289 smi_msg->data_size);
1290 recv_msg->msg.data = recv_msg->msg_data;
1291 recv_msg->msg.data_len = smi_msg->data_size;
1292
1293 /* We don't unlock until here, because we need
1294 to copy the completed message into the
1295 recv_msg before we release the lock.
1296 Otherwise, race conditions may bite us. I
1297 know that's pretty paranoid, but I prefer
1298 to be correct. */
1299 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1300 }
1301 } else {
1302 /* Unknown address type. */
1303 spin_lock_irqsave(&intf->counter_lock, flags);
1304 intf->sent_invalid_commands++;
1305 spin_unlock_irqrestore(&intf->counter_lock, flags);
1306 rv = -EINVAL;
1307 goto out_err;
1308 }
1309
1310 #ifdef DEBUG_MSGING
1311 {
1312 int m;
1313 for (m=0; m<smi_msg->data_size; m++)
1314 printk(" %2.2x", smi_msg->data[m]);
1315 printk("\n");
1316 }
1317 #endif
1318 intf->handlers->sender(intf->send_info, smi_msg, priority);
1319
1320 return 0;
1321
1322 out_err:
1323 ipmi_free_smi_msg(smi_msg);
1324 ipmi_free_recv_msg(recv_msg);
1325 return rv;
1326 }
1327
1328 int ipmi_request_settime(ipmi_user_t user,
1329 struct ipmi_addr *addr,
1330 long msgid,
1331 struct kernel_ipmi_msg *msg,
1332 void *user_msg_data,
1333 int priority,
1334 int retries,
1335 unsigned int retry_time_ms)
1336 {
1337 return i_ipmi_request(user,
1338 user->intf,
1339 addr,
1340 msgid,
1341 msg,
1342 user_msg_data,
1343 NULL, NULL,
1344 priority,
1345 user->intf->my_address,
1346 user->intf->my_lun,
1347 retries,
1348 retry_time_ms);
1349 }
1350
1351 int ipmi_request_supply_msgs(ipmi_user_t user,
1352 struct ipmi_addr *addr,
1353 long msgid,
1354 struct kernel_ipmi_msg *msg,
1355 void *user_msg_data,
1356 void *supplied_smi,
1357 struct ipmi_recv_msg *supplied_recv,
1358 int priority)
1359 {
1360 return i_ipmi_request(user,
1361 user->intf,
1362 addr,
1363 msgid,
1364 msg,
1365 user_msg_data,
1366 supplied_smi,
1367 supplied_recv,
1368 priority,
1369 user->intf->my_address,
1370 user->intf->my_lun,
1371 -1, 0);
1372 }
1373
1374 static int ipmb_file_read_proc(char *page, char **start, off_t off,
1375 int count, int *eof, void *data)
1376 {
1377 char *out = (char *) page;
1378 ipmi_smi_t intf = data;
1379
1380 return sprintf(out, "%x\n", intf->my_address);
1381 }
1382
1383 static int version_file_read_proc(char *page, char **start, off_t off,
1384 int count, int *eof, void *data)
1385 {
1386 char *out = (char *) page;
1387 ipmi_smi_t intf = data;
1388
1389 return sprintf(out, "%d.%d\n",
1390 intf->version_major, intf->version_minor);
1391 }
1392
1393 static int stat_file_read_proc(char *page, char **start, off_t off,
1394 int count, int *eof, void *data)
1395 {
1396 char *out = (char *) page;
1397 ipmi_smi_t intf = data;
1398
1399 out += sprintf(out, "sent_invalid_commands: %d\n",
1400 intf->sent_invalid_commands);
1401 out += sprintf(out, "sent_local_commands: %d\n",
1402 intf->sent_local_commands);
1403 out += sprintf(out, "handled_local_responses: %d\n",
1404 intf->handled_local_responses);
1405 out += sprintf(out, "unhandled_local_responses: %d\n",
1406 intf->unhandled_local_responses);
1407 out += sprintf(out, "sent_ipmb_commands: %d\n",
1408 intf->sent_ipmb_commands);
1409 out += sprintf(out, "sent_ipmb_command_errs: %d\n",
1410 intf->sent_ipmb_command_errs);
1411 out += sprintf(out, "retransmitted_ipmb_commands: %d\n",
1412 intf->retransmitted_ipmb_commands);
1413 out += sprintf(out, "timed_out_ipmb_commands: %d\n",
1414 intf->timed_out_ipmb_commands);
1415 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n",
1416 intf->timed_out_ipmb_broadcasts);
1417 out += sprintf(out, "sent_ipmb_responses: %d\n",
1418 intf->sent_ipmb_responses);
1419 out += sprintf(out, "handled_ipmb_responses: %d\n",
1420 intf->handled_ipmb_responses);
1421 out += sprintf(out, "invalid_ipmb_responses: %d\n",
1422 intf->invalid_ipmb_responses);
1423 out += sprintf(out, "unhandled_ipmb_responses: %d\n",
1424 intf->unhandled_ipmb_responses);
1425 out += sprintf(out, "sent_lan_commands: %d\n",
1426 intf->sent_lan_commands);
1427 out += sprintf(out, "sent_lan_command_errs: %d\n",
1428 intf->sent_lan_command_errs);
1429 out += sprintf(out, "retransmitted_lan_commands: %d\n",
1430 intf->retransmitted_lan_commands);
1431 out += sprintf(out, "timed_out_lan_commands: %d\n",
1432 intf->timed_out_lan_commands);
1433 out += sprintf(out, "sent_lan_responses: %d\n",
1434 intf->sent_lan_responses);
1435 out += sprintf(out, "handled_lan_responses: %d\n",
1436 intf->handled_lan_responses);
1437 out += sprintf(out, "invalid_lan_responses: %d\n",
1438 intf->invalid_lan_responses);
1439 out += sprintf(out, "unhandled_lan_responses: %d\n",
1440 intf->unhandled_lan_responses);
1441 out += sprintf(out, "handled_commands: %d\n",
1442 intf->handled_commands);
1443 out += sprintf(out, "invalid_commands: %d\n",
1444 intf->invalid_commands);
1445 out += sprintf(out, "unhandled_commands: %d\n",
1446 intf->unhandled_commands);
1447 out += sprintf(out, "invalid_events: %d\n",
1448 intf->invalid_events);
1449 out += sprintf(out, "events: %d\n",
1450 intf->events);
1451
1452 return (out - ((char *) page));
1453 }
1454
1455 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1456 read_proc_t *read_proc, write_proc_t *write_proc,
1457 void *data, struct module *owner)
1458 {
1459 struct proc_dir_entry *file;
1460 int rv = 0;
1461 struct ipmi_proc_entry *entry;
1462
1463 /* Create a list element. */
1464 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
1465 if (!entry)
1466 return -ENOMEM;
1467 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
1468 if (!entry->name) {
1469 kfree(entry);
1470 return -ENOMEM;
1471 }
1472 strcpy(entry->name, name);
1473
1474 file = create_proc_entry(name, 0, smi->proc_dir);
1475 if (!file) {
1476 kfree(entry->name);
1477 kfree(entry);
1478 rv = -ENOMEM;
1479 } else {
1480 file->nlink = 1;
1481 file->data = data;
1482 file->read_proc = read_proc;
1483 file->write_proc = write_proc;
1484 file->owner = owner;
1485
1486 /* Stick it on the list. */
1487 entry->next = smi->proc_entries;
1488 smi->proc_entries = entry;
1489 }
1490
1491 return rv;
1492 }
1493
1494 static int add_proc_entries(ipmi_smi_t smi, int num)
1495 {
1496 int rv = 0;
1497
1498 sprintf(smi->proc_dir_name, "%d", num);
1499 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
1500 if (!smi->proc_dir)
1501 rv = -ENOMEM;
1502 else {
1503 smi->proc_dir->owner = THIS_MODULE;
1504 }
1505
1506 if (rv == 0)
1507 rv = ipmi_smi_add_proc_entry(smi, "stats",
1508 stat_file_read_proc, NULL,
1509 smi, THIS_MODULE);
1510
1511 if (rv == 0)
1512 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
1513 ipmb_file_read_proc, NULL,
1514 smi, THIS_MODULE);
1515
1516 if (rv == 0)
1517 rv = ipmi_smi_add_proc_entry(smi, "version",
1518 version_file_read_proc, NULL,
1519 smi, THIS_MODULE);
1520
1521 return rv;
1522 }
1523
1524 static void remove_proc_entries(ipmi_smi_t smi)
1525 {
1526 struct ipmi_proc_entry *entry;
1527
1528 while (smi->proc_entries) {
1529 entry = smi->proc_entries;
1530 smi->proc_entries = entry->next;
1531
1532 remove_proc_entry(entry->name, smi->proc_dir);
1533 kfree(entry->name);
1534 kfree(entry);
1535 }
1536 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
1537 }
1538
1539 static int
1540 send_channel_info_cmd(ipmi_smi_t intf, int chan)
1541 {
1542 struct kernel_ipmi_msg msg;
1543 unsigned char data[1];
1544 struct ipmi_system_interface_addr si;
1545
1546 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
1547 si.channel = IPMI_BMC_CHANNEL;
1548 si.lun = 0;
1549
1550 msg.netfn = IPMI_NETFN_APP_REQUEST;
1551 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
1552 msg.data = data;
1553 msg.data_len = 1;
1554 data[0] = chan;
1555 return i_ipmi_request(NULL,
1556 intf,
1557 (struct ipmi_addr *) &si,
1558 0,
1559 &msg,
1560 NULL,
1561 NULL,
1562 NULL,
1563 0,
1564 intf->my_address,
1565 intf->my_lun,
1566 -1, 0);
1567 }
1568
1569 static void
1570 channel_handler(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
1571 {
1572 int rv = 0;
1573 int chan;
1574
1575 if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2))
1576 && (msg->rsp[1] == IPMI_GET_CHANNEL_INFO_CMD))
1577 {
1578 /* It's the one we want */
1579 if (msg->rsp[2] != 0) {
1580 /* Got an error from the channel, just go on. */
1581
1582 if (msg->rsp[2] == IPMI_INVALID_COMMAND_ERR) {
1583 /* If the MC does not support this
1584 command, that is legal. We just
1585 assume it has one IPMB at channel
1586 zero. */
1587 intf->channels[0].medium
1588 = IPMI_CHANNEL_MEDIUM_IPMB;
1589 intf->channels[0].protocol
1590 = IPMI_CHANNEL_PROTOCOL_IPMB;
1591 rv = -ENOSYS;
1592
1593 intf->curr_channel = IPMI_MAX_CHANNELS;
1594 wake_up(&intf->waitq);
1595 goto out;
1596 }
1597 goto next_channel;
1598 }
1599 if (msg->rsp_size < 6) {
1600 /* Message not big enough, just go on. */
1601 goto next_channel;
1602 }
1603 chan = intf->curr_channel;
1604 intf->channels[chan].medium = msg->rsp[4] & 0x7f;
1605 intf->channels[chan].protocol = msg->rsp[5] & 0x1f;
1606
1607 next_channel:
1608 intf->curr_channel++;
1609 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
1610 wake_up(&intf->waitq);
1611 else
1612 rv = send_channel_info_cmd(intf, intf->curr_channel);
1613
1614 if (rv) {
1615 /* Got an error somehow, just give up. */
1616 intf->curr_channel = IPMI_MAX_CHANNELS;
1617 wake_up(&intf->waitq);
1618
1619 printk(KERN_WARNING PFX
1620 "Error sending channel information: %d\n",
1621 rv);
1622 }
1623 }
1624 out:
1625 return;
1626 }
1627
1628 int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
1629 void *send_info,
1630 unsigned char version_major,
1631 unsigned char version_minor,
1632 ipmi_smi_t *intf)
1633 {
1634 int i, j;
1635 int rv;
1636 ipmi_smi_t new_intf;
1637 unsigned long flags;
1638
1639
1640 /* Make sure the driver is actually initialized, this handles
1641 problems with initialization order. */
1642 if (!initialized) {
1643 rv = ipmi_init_msghandler();
1644 if (rv)
1645 return rv;
1646 /* The init code doesn't return an error if it was turned
1647 off, but it won't initialize. Check that. */
1648 if (!initialized)
1649 return -ENODEV;
1650 }
1651
1652 new_intf = kmalloc(sizeof(*new_intf), GFP_KERNEL);
1653 if (!new_intf)
1654 return -ENOMEM;
1655 memset(new_intf, 0, sizeof(*new_intf));
1656
1657 new_intf->proc_dir = NULL;
1658
1659 rv = -ENOMEM;
1660
1661 down_write(&interfaces_sem);
1662 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
1663 if (ipmi_interfaces[i] == NULL) {
1664 new_intf->intf_num = i;
1665 new_intf->version_major = version_major;
1666 new_intf->version_minor = version_minor;
1667 new_intf->my_address = IPMI_BMC_SLAVE_ADDR;
1668 new_intf->my_lun = 2; /* the SMS LUN. */
1669 rwlock_init(&(new_intf->users_lock));
1670 INIT_LIST_HEAD(&(new_intf->users));
1671 new_intf->handlers = handlers;
1672 new_intf->send_info = send_info;
1673 spin_lock_init(&(new_intf->seq_lock));
1674 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) {
1675 new_intf->seq_table[j].inuse = 0;
1676 new_intf->seq_table[j].seqid = 0;
1677 }
1678 new_intf->curr_seq = 0;
1679 spin_lock_init(&(new_intf->waiting_msgs_lock));
1680 INIT_LIST_HEAD(&(new_intf->waiting_msgs));
1681 spin_lock_init(&(new_intf->events_lock));
1682 INIT_LIST_HEAD(&(new_intf->waiting_events));
1683 new_intf->waiting_events_count = 0;
1684 rwlock_init(&(new_intf->cmd_rcvr_lock));
1685 init_waitqueue_head(&new_intf->waitq);
1686 INIT_LIST_HEAD(&(new_intf->cmd_rcvrs));
1687 new_intf->all_cmd_rcvr = NULL;
1688
1689 spin_lock_init(&(new_intf->counter_lock));
1690
1691 spin_lock_irqsave(&interfaces_lock, flags);
1692 ipmi_interfaces[i] = new_intf;
1693 spin_unlock_irqrestore(&interfaces_lock, flags);
1694
1695 rv = 0;
1696 *intf = new_intf;
1697 break;
1698 }
1699 }
1700
1701 downgrade_write(&interfaces_sem);
1702
1703 if (rv == 0)
1704 rv = add_proc_entries(*intf, i);
1705
1706 if (rv == 0) {
1707 if ((version_major > 1)
1708 || ((version_major == 1) && (version_minor >= 5)))
1709 {
1710 /* Start scanning the channels to see what is
1711 available. */
1712 (*intf)->null_user_handler = channel_handler;
1713 (*intf)->curr_channel = 0;
1714 rv = send_channel_info_cmd(*intf, 0);
1715 if (rv)
1716 goto out;
1717
1718 /* Wait for the channel info to be read. */
1719 up_read(&interfaces_sem);
1720 wait_event((*intf)->waitq,
1721 ((*intf)->curr_channel>=IPMI_MAX_CHANNELS));
1722 down_read(&interfaces_sem);
1723
1724 if (ipmi_interfaces[i] != new_intf)
1725 /* Well, it went away. Just return. */
1726 goto out;
1727 } else {
1728 /* Assume a single IPMB channel at zero. */
1729 (*intf)->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
1730 (*intf)->channels[0].protocol
1731 = IPMI_CHANNEL_PROTOCOL_IPMB;
1732 }
1733
1734 /* Call all the watcher interfaces to tell
1735 them that a new interface is available. */
1736 call_smi_watchers(i);
1737 }
1738
1739 out:
1740 up_read(&interfaces_sem);
1741
1742 if (rv) {
1743 if (new_intf->proc_dir)
1744 remove_proc_entries(new_intf);
1745 kfree(new_intf);
1746 }
1747
1748 return rv;
1749 }
1750
1751 static void free_recv_msg_list(struct list_head *q)
1752 {
1753 struct ipmi_recv_msg *msg, *msg2;
1754
1755 list_for_each_entry_safe(msg, msg2, q, link) {
1756 list_del(&msg->link);
1757 ipmi_free_recv_msg(msg);
1758 }
1759 }
1760
1761 static void free_cmd_rcvr_list(struct list_head *q)
1762 {
1763 struct cmd_rcvr *rcvr, *rcvr2;
1764
1765 list_for_each_entry_safe(rcvr, rcvr2, q, link) {
1766 list_del(&rcvr->link);
1767 kfree(rcvr);
1768 }
1769 }
1770
1771 static void clean_up_interface_data(ipmi_smi_t intf)
1772 {
1773 int i;
1774
1775 free_recv_msg_list(&(intf->waiting_msgs));
1776 free_recv_msg_list(&(intf->waiting_events));
1777 free_cmd_rcvr_list(&(intf->cmd_rcvrs));
1778
1779 for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) {
1780 if ((intf->seq_table[i].inuse)
1781 && (intf->seq_table[i].recv_msg))
1782 {
1783 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1784 }
1785 }
1786 }
1787
1788 int ipmi_unregister_smi(ipmi_smi_t intf)
1789 {
1790 int rv = -ENODEV;
1791 int i;
1792 struct ipmi_smi_watcher *w;
1793 unsigned long flags;
1794
1795 down_write(&interfaces_sem);
1796 if (list_empty(&(intf->users)))
1797 {
1798 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
1799 if (ipmi_interfaces[i] == intf) {
1800 remove_proc_entries(intf);
1801 spin_lock_irqsave(&interfaces_lock, flags);
1802 ipmi_interfaces[i] = NULL;
1803 clean_up_interface_data(intf);
1804 spin_unlock_irqrestore(&interfaces_lock,flags);
1805 kfree(intf);
1806 rv = 0;
1807 goto out_call_watcher;
1808 }
1809 }
1810 } else {
1811 rv = -EBUSY;
1812 }
1813 up_write(&interfaces_sem);
1814
1815 return rv;
1816
1817 out_call_watcher:
1818 downgrade_write(&interfaces_sem);
1819
1820 /* Call all the watcher interfaces to tell them that
1821 an interface is gone. */
1822 down_read(&smi_watchers_sem);
1823 list_for_each_entry(w, &smi_watchers, link) {
1824 w->smi_gone(i);
1825 }
1826 up_read(&smi_watchers_sem);
1827 up_read(&interfaces_sem);
1828 return 0;
1829 }
1830
1831 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
1832 struct ipmi_smi_msg *msg)
1833 {
1834 struct ipmi_ipmb_addr ipmb_addr;
1835 struct ipmi_recv_msg *recv_msg;
1836 unsigned long flags;
1837
1838
1839 /* This is 11, not 10, because the response must contain a
1840 * completion code. */
1841 if (msg->rsp_size < 11) {
1842 /* Message not big enough, just ignore it. */
1843 spin_lock_irqsave(&intf->counter_lock, flags);
1844 intf->invalid_ipmb_responses++;
1845 spin_unlock_irqrestore(&intf->counter_lock, flags);
1846 return 0;
1847 }
1848
1849 if (msg->rsp[2] != 0) {
1850 /* An error getting the response, just ignore it. */
1851 return 0;
1852 }
1853
1854 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
1855 ipmb_addr.slave_addr = msg->rsp[6];
1856 ipmb_addr.channel = msg->rsp[3] & 0x0f;
1857 ipmb_addr.lun = msg->rsp[7] & 3;
1858
1859 /* It's a response from a remote entity. Look up the sequence
1860 number and handle the response. */
1861 if (intf_find_seq(intf,
1862 msg->rsp[7] >> 2,
1863 msg->rsp[3] & 0x0f,
1864 msg->rsp[8],
1865 (msg->rsp[4] >> 2) & (~1),
1866 (struct ipmi_addr *) &(ipmb_addr),
1867 &recv_msg))
1868 {
1869 /* We were unable to find the sequence number,
1870 so just nuke the message. */
1871 spin_lock_irqsave(&intf->counter_lock, flags);
1872 intf->unhandled_ipmb_responses++;
1873 spin_unlock_irqrestore(&intf->counter_lock, flags);
1874 return 0;
1875 }
1876
1877 memcpy(recv_msg->msg_data,
1878 &(msg->rsp[9]),
1879 msg->rsp_size - 9);
1880 /* THe other fields matched, so no need to set them, except
1881 for netfn, which needs to be the response that was
1882 returned, not the request value. */
1883 recv_msg->msg.netfn = msg->rsp[4] >> 2;
1884 recv_msg->msg.data = recv_msg->msg_data;
1885 recv_msg->msg.data_len = msg->rsp_size - 10;
1886 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
1887 spin_lock_irqsave(&intf->counter_lock, flags);
1888 intf->handled_ipmb_responses++;
1889 spin_unlock_irqrestore(&intf->counter_lock, flags);
1890 deliver_response(recv_msg);
1891
1892 return 0;
1893 }
1894
1895 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
1896 struct ipmi_smi_msg *msg)
1897 {
1898 struct cmd_rcvr *rcvr;
1899 int rv = 0;
1900 unsigned char netfn;
1901 unsigned char cmd;
1902 ipmi_user_t user = NULL;
1903 struct ipmi_ipmb_addr *ipmb_addr;
1904 struct ipmi_recv_msg *recv_msg;
1905 unsigned long flags;
1906
1907 if (msg->rsp_size < 10) {
1908 /* Message not big enough, just ignore it. */
1909 spin_lock_irqsave(&intf->counter_lock, flags);
1910 intf->invalid_commands++;
1911 spin_unlock_irqrestore(&intf->counter_lock, flags);
1912 return 0;
1913 }
1914
1915 if (msg->rsp[2] != 0) {
1916 /* An error getting the response, just ignore it. */
1917 return 0;
1918 }
1919
1920 netfn = msg->rsp[4] >> 2;
1921 cmd = msg->rsp[8];
1922
1923 read_lock(&(intf->cmd_rcvr_lock));
1924
1925 if (intf->all_cmd_rcvr) {
1926 user = intf->all_cmd_rcvr;
1927 } else {
1928 /* Find the command/netfn. */
1929 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) {
1930 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
1931 user = rcvr->user;
1932 break;
1933 }
1934 }
1935 }
1936 read_unlock(&(intf->cmd_rcvr_lock));
1937
1938 if (user == NULL) {
1939 /* We didn't find a user, deliver an error response. */
1940 spin_lock_irqsave(&intf->counter_lock, flags);
1941 intf->unhandled_commands++;
1942 spin_unlock_irqrestore(&intf->counter_lock, flags);
1943
1944 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1945 msg->data[1] = IPMI_SEND_MSG_CMD;
1946 msg->data[2] = msg->rsp[3];
1947 msg->data[3] = msg->rsp[6];
1948 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
1949 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
1950 msg->data[6] = intf->my_address;
1951 /* rqseq/lun */
1952 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
1953 msg->data[8] = msg->rsp[8]; /* cmd */
1954 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
1955 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
1956 msg->data_size = 11;
1957
1958 #ifdef DEBUG_MSGING
1959 {
1960 int m;
1961 printk("Invalid command:");
1962 for (m=0; m<msg->data_size; m++)
1963 printk(" %2.2x", msg->data[m]);
1964 printk("\n");
1965 }
1966 #endif
1967 intf->handlers->sender(intf->send_info, msg, 0);
1968
1969 rv = -1; /* We used the message, so return the value that
1970 causes it to not be freed or queued. */
1971 } else {
1972 /* Deliver the message to the user. */
1973 spin_lock_irqsave(&intf->counter_lock, flags);
1974 intf->handled_commands++;
1975 spin_unlock_irqrestore(&intf->counter_lock, flags);
1976
1977 recv_msg = ipmi_alloc_recv_msg();
1978 if (! recv_msg) {
1979 /* We couldn't allocate memory for the
1980 message, so requeue it for handling
1981 later. */
1982 rv = 1;
1983 } else {
1984 /* Extract the source address from the data. */
1985 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
1986 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1987 ipmb_addr->slave_addr = msg->rsp[6];
1988 ipmb_addr->lun = msg->rsp[7] & 3;
1989 ipmb_addr->channel = msg->rsp[3] & 0xf;
1990
1991 /* Extract the rest of the message information
1992 from the IPMB header.*/
1993 recv_msg->user = user;
1994 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
1995 recv_msg->msgid = msg->rsp[7] >> 2;
1996 recv_msg->msg.netfn = msg->rsp[4] >> 2;
1997 recv_msg->msg.cmd = msg->rsp[8];
1998 recv_msg->msg.data = recv_msg->msg_data;
1999
2000 /* We chop off 10, not 9 bytes because the checksum
2001 at the end also needs to be removed. */
2002 recv_msg->msg.data_len = msg->rsp_size - 10;
2003 memcpy(recv_msg->msg_data,
2004 &(msg->rsp[9]),
2005 msg->rsp_size - 10);
2006 deliver_response(recv_msg);
2007 }
2008 }
2009
2010 return rv;
2011 }
2012
2013 static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
2014 struct ipmi_smi_msg *msg)
2015 {
2016 struct ipmi_lan_addr lan_addr;
2017 struct ipmi_recv_msg *recv_msg;
2018 unsigned long flags;
2019
2020
2021 /* This is 13, not 12, because the response must contain a
2022 * completion code. */
2023 if (msg->rsp_size < 13) {
2024 /* Message not big enough, just ignore it. */
2025 spin_lock_irqsave(&intf->counter_lock, flags);
2026 intf->invalid_lan_responses++;
2027 spin_unlock_irqrestore(&intf->counter_lock, flags);
2028 return 0;
2029 }
2030
2031 if (msg->rsp[2] != 0) {
2032 /* An error getting the response, just ignore it. */
2033 return 0;
2034 }
2035
2036 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
2037 lan_addr.session_handle = msg->rsp[4];
2038 lan_addr.remote_SWID = msg->rsp[8];
2039 lan_addr.local_SWID = msg->rsp[5];
2040 lan_addr.channel = msg->rsp[3] & 0x0f;
2041 lan_addr.privilege = msg->rsp[3] >> 4;
2042 lan_addr.lun = msg->rsp[9] & 3;
2043
2044 /* It's a response from a remote entity. Look up the sequence
2045 number and handle the response. */
2046 if (intf_find_seq(intf,
2047 msg->rsp[9] >> 2,
2048 msg->rsp[3] & 0x0f,
2049 msg->rsp[10],
2050 (msg->rsp[6] >> 2) & (~1),
2051 (struct ipmi_addr *) &(lan_addr),
2052 &recv_msg))
2053 {
2054 /* We were unable to find the sequence number,
2055 so just nuke the message. */
2056 spin_lock_irqsave(&intf->counter_lock, flags);
2057 intf->unhandled_lan_responses++;
2058 spin_unlock_irqrestore(&intf->counter_lock, flags);
2059 return 0;
2060 }
2061
2062 memcpy(recv_msg->msg_data,
2063 &(msg->rsp[11]),
2064 msg->rsp_size - 11);
2065 /* The other fields matched, so no need to set them, except
2066 for netfn, which needs to be the response that was
2067 returned, not the request value. */
2068 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2069 recv_msg->msg.data = recv_msg->msg_data;
2070 recv_msg->msg.data_len = msg->rsp_size - 12;
2071 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2072 spin_lock_irqsave(&intf->counter_lock, flags);
2073 intf->handled_lan_responses++;
2074 spin_unlock_irqrestore(&intf->counter_lock, flags);
2075 deliver_response(recv_msg);
2076
2077 return 0;
2078 }
2079
2080 static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
2081 struct ipmi_smi_msg *msg)
2082 {
2083 struct cmd_rcvr *rcvr;
2084 int rv = 0;
2085 unsigned char netfn;
2086 unsigned char cmd;
2087 ipmi_user_t user = NULL;
2088 struct ipmi_lan_addr *lan_addr;
2089 struct ipmi_recv_msg *recv_msg;
2090 unsigned long flags;
2091
2092 if (msg->rsp_size < 12) {
2093 /* Message not big enough, just ignore it. */
2094 spin_lock_irqsave(&intf->counter_lock, flags);
2095 intf->invalid_commands++;
2096 spin_unlock_irqrestore(&intf->counter_lock, flags);
2097 return 0;
2098 }
2099
2100 if (msg->rsp[2] != 0) {
2101 /* An error getting the response, just ignore it. */
2102 return 0;
2103 }
2104
2105 netfn = msg->rsp[6] >> 2;
2106 cmd = msg->rsp[10];
2107
2108 read_lock(&(intf->cmd_rcvr_lock));
2109
2110 if (intf->all_cmd_rcvr) {
2111 user = intf->all_cmd_rcvr;
2112 } else {
2113 /* Find the command/netfn. */
2114 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) {
2115 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
2116 user = rcvr->user;
2117 break;
2118 }
2119 }
2120 }
2121 read_unlock(&(intf->cmd_rcvr_lock));
2122
2123 if (user == NULL) {
2124 /* We didn't find a user, deliver an error response. */
2125 spin_lock_irqsave(&intf->counter_lock, flags);
2126 intf->unhandled_commands++;
2127 spin_unlock_irqrestore(&intf->counter_lock, flags);
2128
2129 rv = 0; /* Don't do anything with these messages, just
2130 allow them to be freed. */
2131 } else {
2132 /* Deliver the message to the user. */
2133 spin_lock_irqsave(&intf->counter_lock, flags);
2134 intf->handled_commands++;
2135 spin_unlock_irqrestore(&intf->counter_lock, flags);
2136
2137 recv_msg = ipmi_alloc_recv_msg();
2138 if (! recv_msg) {
2139 /* We couldn't allocate memory for the
2140 message, so requeue it for handling
2141 later. */
2142 rv = 1;
2143 } else {
2144 /* Extract the source address from the data. */
2145 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
2146 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
2147 lan_addr->session_handle = msg->rsp[4];
2148 lan_addr->remote_SWID = msg->rsp[8];
2149 lan_addr->local_SWID = msg->rsp[5];
2150 lan_addr->lun = msg->rsp[9] & 3;
2151 lan_addr->channel = msg->rsp[3] & 0xf;
2152 lan_addr->privilege = msg->rsp[3] >> 4;
2153
2154 /* Extract the rest of the message information
2155 from the IPMB header.*/
2156 recv_msg->user = user;
2157 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2158 recv_msg->msgid = msg->rsp[9] >> 2;
2159 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2160 recv_msg->msg.cmd = msg->rsp[10];
2161 recv_msg->msg.data = recv_msg->msg_data;
2162
2163 /* We chop off 12, not 11 bytes because the checksum
2164 at the end also needs to be removed. */
2165 recv_msg->msg.data_len = msg->rsp_size - 12;
2166 memcpy(recv_msg->msg_data,
2167 &(msg->rsp[11]),
2168 msg->rsp_size - 12);
2169 deliver_response(recv_msg);
2170 }
2171 }
2172
2173 return rv;
2174 }
2175
2176 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
2177 struct ipmi_smi_msg *msg)
2178 {
2179 struct ipmi_system_interface_addr *smi_addr;
2180
2181 recv_msg->msgid = 0;
2182 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
2183 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2184 smi_addr->channel = IPMI_BMC_CHANNEL;
2185 smi_addr->lun = msg->rsp[0] & 3;
2186 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
2187 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2188 recv_msg->msg.cmd = msg->rsp[1];
2189 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
2190 recv_msg->msg.data = recv_msg->msg_data;
2191 recv_msg->msg.data_len = msg->rsp_size - 3;
2192 }
2193
2194 /* This will be called with the intf->users_lock read-locked, so no need
2195 to do that here. */
2196 static int handle_read_event_rsp(ipmi_smi_t intf,
2197 struct ipmi_smi_msg *msg)
2198 {
2199 struct ipmi_recv_msg *recv_msg, *recv_msg2;
2200 struct list_head msgs;
2201 ipmi_user_t user;
2202 int rv = 0;
2203 int deliver_count = 0;
2204 unsigned long flags;
2205
2206 if (msg->rsp_size < 19) {
2207 /* Message is too small to be an IPMB event. */
2208 spin_lock_irqsave(&intf->counter_lock, flags);
2209 intf->invalid_events++;
2210 spin_unlock_irqrestore(&intf->counter_lock, flags);
2211 return 0;
2212 }
2213
2214 if (msg->rsp[2] != 0) {
2215 /* An error getting the event, just ignore it. */
2216 return 0;
2217 }
2218
2219 INIT_LIST_HEAD(&msgs);
2220
2221 spin_lock_irqsave(&(intf->events_lock), flags);
2222
2223 spin_lock(&intf->counter_lock);
2224 intf->events++;
2225 spin_unlock(&intf->counter_lock);
2226
2227 /* Allocate and fill in one message for every user that is getting
2228 events. */
2229 list_for_each_entry(user, &(intf->users), link) {
2230 if (! user->gets_events)
2231 continue;
2232
2233 recv_msg = ipmi_alloc_recv_msg();
2234 if (! recv_msg) {
2235 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2236 list_del(&recv_msg->link);
2237 ipmi_free_recv_msg(recv_msg);
2238 }
2239 /* We couldn't allocate memory for the
2240 message, so requeue it for handling
2241 later. */
2242 rv = 1;
2243 goto out;
2244 }
2245
2246 deliver_count++;
2247
2248 copy_event_into_recv_msg(recv_msg, msg);
2249 recv_msg->user = user;
2250 list_add_tail(&(recv_msg->link), &msgs);
2251 }
2252
2253 if (deliver_count) {
2254 /* Now deliver all the messages. */
2255 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2256 list_del(&recv_msg->link);
2257 deliver_response(recv_msg);
2258 }
2259 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
2260 /* No one to receive the message, put it in queue if there's
2261 not already too many things in the queue. */
2262 recv_msg = ipmi_alloc_recv_msg();
2263 if (! recv_msg) {
2264 /* We couldn't allocate memory for the
2265 message, so requeue it for handling
2266 later. */
2267 rv = 1;
2268 goto out;
2269 }
2270
2271 copy_event_into_recv_msg(recv_msg, msg);
2272 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
2273 } else {
2274 /* There's too many things in the queue, discard this
2275 message. */
2276 printk(KERN_WARNING PFX "Event queue full, discarding an"
2277 " incoming event\n");
2278 }
2279
2280 out:
2281 spin_unlock_irqrestore(&(intf->events_lock), flags);
2282
2283 return rv;
2284 }
2285
2286 static int handle_bmc_rsp(ipmi_smi_t intf,
2287 struct ipmi_smi_msg *msg)
2288 {
2289 struct ipmi_recv_msg *recv_msg;
2290 int found = 0;
2291 struct ipmi_user *user;
2292 unsigned long flags;
2293
2294 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
2295
2296 /* Make sure the user still exists. */
2297 list_for_each_entry(user, &(intf->users), link) {
2298 if (user == recv_msg->user) {
2299 /* Found it, so we can deliver it */
2300 found = 1;
2301 break;
2302 }
2303 }
2304
2305 if (!found) {
2306 /* Special handling for NULL users. */
2307 if (!recv_msg->user && intf->null_user_handler){
2308 intf->null_user_handler(intf, msg);
2309 spin_lock_irqsave(&intf->counter_lock, flags);
2310 intf->handled_local_responses++;
2311 spin_unlock_irqrestore(&intf->counter_lock, flags);
2312 }else{
2313 /* The user for the message went away, so give up. */
2314 spin_lock_irqsave(&intf->counter_lock, flags);
2315 intf->unhandled_local_responses++;
2316 spin_unlock_irqrestore(&intf->counter_lock, flags);
2317 }
2318 ipmi_free_recv_msg(recv_msg);
2319 } else {
2320 struct ipmi_system_interface_addr *smi_addr;
2321
2322 spin_lock_irqsave(&intf->counter_lock, flags);
2323 intf->handled_local_responses++;
2324 spin_unlock_irqrestore(&intf->counter_lock, flags);
2325 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2326 recv_msg->msgid = msg->msgid;
2327 smi_addr = ((struct ipmi_system_interface_addr *)
2328 &(recv_msg->addr));
2329 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2330 smi_addr->channel = IPMI_BMC_CHANNEL;
2331 smi_addr->lun = msg->rsp[0] & 3;
2332 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2333 recv_msg->msg.cmd = msg->rsp[1];
2334 memcpy(recv_msg->msg_data,
2335 &(msg->rsp[2]),
2336 msg->rsp_size - 2);
2337 recv_msg->msg.data = recv_msg->msg_data;
2338 recv_msg->msg.data_len = msg->rsp_size - 2;
2339 deliver_response(recv_msg);
2340 }
2341
2342 return 0;
2343 }
2344
2345 /* Handle a new message. Return 1 if the message should be requeued,
2346 0 if the message should be freed, or -1 if the message should not
2347 be freed or requeued. */
2348 static int handle_new_recv_msg(ipmi_smi_t intf,
2349 struct ipmi_smi_msg *msg)
2350 {
2351 int requeue;
2352 int chan;
2353
2354 #ifdef DEBUG_MSGING
2355 int m;
2356 printk("Recv:");
2357 for (m=0; m<msg->rsp_size; m++)
2358 printk(" %2.2x", msg->rsp[m]);
2359 printk("\n");
2360 #endif
2361 if (msg->rsp_size < 2) {
2362 /* Message is too small to be correct. */
2363 printk(KERN_WARNING PFX "BMC returned to small a message"
2364 " for netfn %x cmd %x, got %d bytes\n",
2365 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
2366
2367 /* Generate an error response for the message. */
2368 msg->rsp[0] = msg->data[0] | (1 << 2);
2369 msg->rsp[1] = msg->data[1];
2370 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2371 msg->rsp_size = 3;
2372 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */
2373 || (msg->rsp[1] != msg->data[1])) /* Command */
2374 {
2375 /* The response is not even marginally correct. */
2376 printk(KERN_WARNING PFX "BMC returned incorrect response,"
2377 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
2378 (msg->data[0] >> 2) | 1, msg->data[1],
2379 msg->rsp[0] >> 2, msg->rsp[1]);
2380
2381 /* Generate an error response for the message. */
2382 msg->rsp[0] = msg->data[0] | (1 << 2);
2383 msg->rsp[1] = msg->data[1];
2384 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2385 msg->rsp_size = 3;
2386 }
2387
2388 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2389 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
2390 && (msg->user_data != NULL))
2391 {
2392 /* It's a response to a response we sent. For this we
2393 deliver a send message response to the user. */
2394 struct ipmi_recv_msg *recv_msg = msg->user_data;
2395
2396 requeue = 0;
2397 if (msg->rsp_size < 2)
2398 /* Message is too small to be correct. */
2399 goto out;
2400
2401 chan = msg->data[2] & 0x0f;
2402 if (chan >= IPMI_MAX_CHANNELS)
2403 /* Invalid channel number */
2404 goto out;
2405
2406 if (recv_msg) {
2407 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
2408 recv_msg->msg.data = recv_msg->msg_data;
2409 recv_msg->msg.data_len = 1;
2410 recv_msg->msg_data[0] = msg->rsp[2];
2411 deliver_response(recv_msg);
2412 }
2413 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2414 && (msg->rsp[1] == IPMI_GET_MSG_CMD))
2415 {
2416 /* It's from the receive queue. */
2417 chan = msg->rsp[3] & 0xf;
2418 if (chan >= IPMI_MAX_CHANNELS) {
2419 /* Invalid channel number */
2420 requeue = 0;
2421 goto out;
2422 }
2423
2424 switch (intf->channels[chan].medium) {
2425 case IPMI_CHANNEL_MEDIUM_IPMB:
2426 if (msg->rsp[4] & 0x04) {
2427 /* It's a response, so find the
2428 requesting message and send it up. */
2429 requeue = handle_ipmb_get_msg_rsp(intf, msg);
2430 } else {
2431 /* It's a command to the SMS from some other
2432 entity. Handle that. */
2433 requeue = handle_ipmb_get_msg_cmd(intf, msg);
2434 }
2435 break;
2436
2437 case IPMI_CHANNEL_MEDIUM_8023LAN:
2438 case IPMI_CHANNEL_MEDIUM_ASYNC:
2439 if (msg->rsp[6] & 0x04) {
2440 /* It's a response, so find the
2441 requesting message and send it up. */
2442 requeue = handle_lan_get_msg_rsp(intf, msg);
2443 } else {
2444 /* It's a command to the SMS from some other
2445 entity. Handle that. */
2446 requeue = handle_lan_get_msg_cmd(intf, msg);
2447 }
2448 break;
2449
2450 default:
2451 /* We don't handle the channel type, so just
2452 * free the message. */
2453 requeue = 0;
2454 }
2455
2456 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2457 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD))
2458 {
2459 /* It's an asyncronous event. */
2460 requeue = handle_read_event_rsp(intf, msg);
2461 } else {
2462 /* It's a response from the local BMC. */
2463 requeue = handle_bmc_rsp(intf, msg);
2464 }
2465
2466 out:
2467 return requeue;
2468 }
2469
2470 /* Handle a new message from the lower layer. */
2471 void ipmi_smi_msg_received(ipmi_smi_t intf,
2472 struct ipmi_smi_msg *msg)
2473 {
2474 unsigned long flags;
2475 int rv;
2476
2477
2478 /* Lock the user lock so the user can't go away while we are
2479 working on it. */
2480 read_lock(&(intf->users_lock));
2481
2482 if ((msg->data_size >= 2)
2483 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
2484 && (msg->data[1] == IPMI_SEND_MSG_CMD)
2485 && (msg->user_data == NULL)) {
2486 /* This is the local response to a command send, start
2487 the timer for these. The user_data will not be
2488 NULL if this is a response send, and we will let
2489 response sends just go through. */
2490
2491 /* Check for errors, if we get certain errors (ones
2492 that mean basically we can try again later), we
2493 ignore them and start the timer. Otherwise we
2494 report the error immediately. */
2495 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
2496 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
2497 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR))
2498 {
2499 int chan = msg->rsp[3] & 0xf;
2500
2501 /* Got an error sending the message, handle it. */
2502 spin_lock_irqsave(&intf->counter_lock, flags);
2503 if (chan >= IPMI_MAX_CHANNELS)
2504 ; /* This shouldn't happen */
2505 else if ((intf->channels[chan].medium
2506 == IPMI_CHANNEL_MEDIUM_8023LAN)
2507 || (intf->channels[chan].medium
2508 == IPMI_CHANNEL_MEDIUM_ASYNC))
2509 intf->sent_lan_command_errs++;
2510 else
2511 intf->sent_ipmb_command_errs++;
2512 spin_unlock_irqrestore(&intf->counter_lock, flags);
2513 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
2514 } else {
2515 /* The message was sent, start the timer. */
2516 intf_start_seq_timer(intf, msg->msgid);
2517 }
2518
2519 ipmi_free_smi_msg(msg);
2520 goto out_unlock;
2521 }
2522
2523 /* To preserve message order, if the list is not empty, we
2524 tack this message onto the end of the list. */
2525 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags);
2526 if (!list_empty(&(intf->waiting_msgs))) {
2527 list_add_tail(&(msg->link), &(intf->waiting_msgs));
2528 spin_unlock(&(intf->waiting_msgs_lock));
2529 goto out_unlock;
2530 }
2531 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags);
2532
2533 rv = handle_new_recv_msg(intf, msg);
2534 if (rv > 0) {
2535 /* Could not handle the message now, just add it to a
2536 list to handle later. */
2537 spin_lock(&(intf->waiting_msgs_lock));
2538 list_add_tail(&(msg->link), &(intf->waiting_msgs));
2539 spin_unlock(&(intf->waiting_msgs_lock));
2540 } else if (rv == 0) {
2541 ipmi_free_smi_msg(msg);
2542 }
2543
2544 out_unlock:
2545 read_unlock(&(intf->users_lock));
2546 }
2547
2548 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
2549 {
2550 ipmi_user_t user;
2551
2552 read_lock(&(intf->users_lock));
2553 list_for_each_entry(user, &(intf->users), link) {
2554 if (! user->handler->ipmi_watchdog_pretimeout)
2555 continue;
2556
2557 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
2558 }
2559 read_unlock(&(intf->users_lock));
2560 }
2561
2562 static void
2563 handle_msg_timeout(struct ipmi_recv_msg *msg)
2564 {
2565 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2566 msg->msg_data[0] = IPMI_TIMEOUT_COMPLETION_CODE;
2567 msg->msg.netfn |= 1; /* Convert to a response. */
2568 msg->msg.data_len = 1;
2569 msg->msg.data = msg->msg_data;
2570 deliver_response(msg);
2571 }
2572
2573 static void
2574 send_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
2575 struct ipmi_smi_msg *smi_msg,
2576 unsigned char seq, long seqid)
2577 {
2578 if (!smi_msg)
2579 smi_msg = ipmi_alloc_smi_msg();
2580 if (!smi_msg)
2581 /* If we can't allocate the message, then just return, we
2582 get 4 retries, so this should be ok. */
2583 return;
2584
2585 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
2586 smi_msg->data_size = recv_msg->msg.data_len;
2587 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
2588
2589 /* Send the new message. We send with a zero priority. It
2590 timed out, I doubt time is that critical now, and high
2591 priority messages are really only for messages to the local
2592 MC, which don't get resent. */
2593 intf->handlers->sender(intf->send_info, smi_msg, 0);
2594
2595 #ifdef DEBUG_MSGING
2596 {
2597 int m;
2598 printk("Resend: ");
2599 for (m=0; m<smi_msg->data_size; m++)
2600 printk(" %2.2x", smi_msg->data[m]);
2601 printk("\n");
2602 }
2603 #endif
2604 }
2605
2606 static void
2607 ipmi_timeout_handler(long timeout_period)
2608 {
2609 ipmi_smi_t intf;
2610 struct list_head timeouts;
2611 struct ipmi_recv_msg *msg, *msg2;
2612 struct ipmi_smi_msg *smi_msg, *smi_msg2;
2613 unsigned long flags;
2614 int i, j;
2615
2616 INIT_LIST_HEAD(&timeouts);
2617
2618 spin_lock(&interfaces_lock);
2619 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2620 intf = ipmi_interfaces[i];
2621 if (intf == NULL)
2622 continue;
2623
2624 read_lock(&(intf->users_lock));
2625
2626 /* See if any waiting messages need to be processed. */
2627 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags);
2628 list_for_each_entry_safe(smi_msg, smi_msg2, &(intf->waiting_msgs), link) {
2629 if (! handle_new_recv_msg(intf, smi_msg)) {
2630 list_del(&smi_msg->link);
2631 ipmi_free_smi_msg(smi_msg);
2632 } else {
2633 /* To preserve message order, quit if we
2634 can't handle a message. */
2635 break;
2636 }
2637 }
2638 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags);
2639
2640 /* Go through the seq table and find any messages that
2641 have timed out, putting them in the timeouts
2642 list. */
2643 spin_lock_irqsave(&(intf->seq_lock), flags);
2644 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) {
2645 struct seq_table *ent = &(intf->seq_table[j]);
2646 if (!ent->inuse)
2647 continue;
2648
2649 ent->timeout -= timeout_period;
2650 if (ent->timeout > 0)
2651 continue;
2652
2653 if (ent->retries_left == 0) {
2654 /* The message has used all its retries. */
2655 ent->inuse = 0;
2656 msg = ent->recv_msg;
2657 list_add_tail(&(msg->link), &timeouts);
2658 spin_lock(&intf->counter_lock);
2659 if (ent->broadcast)
2660 intf->timed_out_ipmb_broadcasts++;
2661 else if (ent->recv_msg->addr.addr_type
2662 == IPMI_LAN_ADDR_TYPE)
2663 intf->timed_out_lan_commands++;
2664 else
2665 intf->timed_out_ipmb_commands++;
2666 spin_unlock(&intf->counter_lock);
2667 } else {
2668 /* More retries, send again. */
2669
2670 /* Start with the max timer, set to normal
2671 timer after the message is sent. */
2672 ent->timeout = MAX_MSG_TIMEOUT;
2673 ent->retries_left--;
2674 send_from_recv_msg(intf, ent->recv_msg, NULL,
2675 j, ent->seqid);
2676 spin_lock(&intf->counter_lock);
2677 if (ent->recv_msg->addr.addr_type
2678 == IPMI_LAN_ADDR_TYPE)
2679 intf->retransmitted_lan_commands++;
2680 else
2681 intf->retransmitted_ipmb_commands++;
2682 spin_unlock(&intf->counter_lock);
2683 }
2684 }
2685 spin_unlock_irqrestore(&(intf->seq_lock), flags);
2686
2687 list_for_each_entry_safe(msg, msg2, &timeouts, link) {
2688 handle_msg_timeout(msg);
2689 }
2690
2691 read_unlock(&(intf->users_lock));
2692 }
2693 spin_unlock(&interfaces_lock);
2694 }
2695
2696 static void ipmi_request_event(void)
2697 {
2698 ipmi_smi_t intf;
2699 int i;
2700
2701 spin_lock(&interfaces_lock);
2702 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2703 intf = ipmi_interfaces[i];
2704 if (intf == NULL)
2705 continue;
2706
2707 intf->handlers->request_events(intf->send_info);
2708 }
2709 spin_unlock(&interfaces_lock);
2710 }
2711
2712 static struct timer_list ipmi_timer;
2713
2714 /* Call every ~100 ms. */
2715 #define IPMI_TIMEOUT_TIME 100
2716
2717 /* How many jiffies does it take to get to the timeout time. */
2718 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
2719
2720 /* Request events from the queue every second (this is the number of
2721 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
2722 future, IPMI will add a way to know immediately if an event is in
2723 the queue and this silliness can go away. */
2724 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
2725
2726 static volatile int stop_operation = 0;
2727 static volatile int timer_stopped = 0;
2728 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2729
2730 static void ipmi_timeout(unsigned long data)
2731 {
2732 if (stop_operation) {
2733 timer_stopped = 1;
2734 return;
2735 }
2736
2737 ticks_to_req_ev--;
2738 if (ticks_to_req_ev == 0) {
2739 ipmi_request_event();
2740 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2741 }
2742
2743 ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
2744
2745 ipmi_timer.expires += IPMI_TIMEOUT_JIFFIES;
2746 add_timer(&ipmi_timer);
2747 }
2748
2749
2750 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
2751 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
2752
2753 /* FIXME - convert these to slabs. */
2754 static void free_smi_msg(struct ipmi_smi_msg *msg)
2755 {
2756 atomic_dec(&smi_msg_inuse_count);
2757 kfree(msg);
2758 }
2759
2760 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
2761 {
2762 struct ipmi_smi_msg *rv;
2763 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
2764 if (rv) {
2765 rv->done = free_smi_msg;
2766 rv->user_data = NULL;
2767 atomic_inc(&smi_msg_inuse_count);
2768 }
2769 return rv;
2770 }
2771
2772 static void free_recv_msg(struct ipmi_recv_msg *msg)
2773 {
2774 atomic_dec(&recv_msg_inuse_count);
2775 kfree(msg);
2776 }
2777
2778 struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
2779 {
2780 struct ipmi_recv_msg *rv;
2781
2782 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
2783 if (rv) {
2784 rv->done = free_recv_msg;
2785 atomic_inc(&recv_msg_inuse_count);
2786 }
2787 return rv;
2788 }
2789
2790 #ifdef CONFIG_IPMI_PANIC_EVENT
2791
2792 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
2793 {
2794 }
2795
2796 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
2797 {
2798 }
2799
2800 #ifdef CONFIG_IPMI_PANIC_STRING
2801 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
2802 {
2803 if ((msg->rsp[0] == (IPMI_NETFN_SENSOR_EVENT_RESPONSE << 2))
2804 && (msg->rsp[1] == IPMI_GET_EVENT_RECEIVER_CMD)
2805 && (msg->rsp[2] == IPMI_CC_NO_ERROR))
2806 {
2807 /* A get event receiver command, save it. */
2808 intf->event_receiver = msg->rsp[3];
2809 intf->event_receiver_lun = msg->rsp[4] & 0x3;
2810 }
2811 }
2812
2813 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
2814 {
2815 if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2))
2816 && (msg->rsp[1] == IPMI_GET_DEVICE_ID_CMD)
2817 && (msg->rsp[2] == IPMI_CC_NO_ERROR))
2818 {
2819 /* A get device id command, save if we are an event
2820 receiver or generator. */
2821 intf->local_sel_device = (msg->rsp[8] >> 2) & 1;
2822 intf->local_event_generator = (msg->rsp[8] >> 5) & 1;
2823 }
2824 }
2825 #endif
2826
2827 static void send_panic_events(char *str)
2828 {
2829 struct kernel_ipmi_msg msg;
2830 ipmi_smi_t intf;
2831 unsigned char data[16];
2832 int i;
2833 struct ipmi_system_interface_addr *si;
2834 struct ipmi_addr addr;
2835 struct ipmi_smi_msg smi_msg;
2836 struct ipmi_recv_msg recv_msg;
2837
2838 si = (struct ipmi_system_interface_addr *) &addr;
2839 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2840 si->channel = IPMI_BMC_CHANNEL;
2841 si->lun = 0;
2842
2843 /* Fill in an event telling that we have failed. */
2844 msg.netfn = 0x04; /* Sensor or Event. */
2845 msg.cmd = 2; /* Platform event command. */
2846 msg.data = data;
2847 msg.data_len = 8;
2848 data[0] = 0x21; /* Kernel generator ID, IPMI table 5-4 */
2849 data[1] = 0x03; /* This is for IPMI 1.0. */
2850 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
2851 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
2852 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
2853
2854 /* Put a few breadcrumbs in. Hopefully later we can add more things
2855 to make the panic events more useful. */
2856 if (str) {
2857 data[3] = str[0];
2858 data[6] = str[1];
2859 data[7] = str[2];
2860 }
2861
2862 smi_msg.done = dummy_smi_done_handler;
2863 recv_msg.done = dummy_recv_done_handler;
2864
2865 /* For every registered interface, send the event. */
2866 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2867 intf = ipmi_interfaces[i];
2868 if (intf == NULL)
2869 continue;
2870
2871 /* Send the event announcing the panic. */
2872 intf->handlers->set_run_to_completion(intf->send_info, 1);
2873 i_ipmi_request(NULL,
2874 intf,
2875 &addr,
2876 0,
2877 &msg,
2878 NULL,
2879 &smi_msg,
2880 &recv_msg,
2881 0,
2882 intf->my_address,
2883 intf->my_lun,
2884 0, 1); /* Don't retry, and don't wait. */
2885 }
2886
2887 #ifdef CONFIG_IPMI_PANIC_STRING
2888 /* On every interface, dump a bunch of OEM event holding the
2889 string. */
2890 if (!str)
2891 return;
2892
2893 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2894 char *p = str;
2895 struct ipmi_ipmb_addr *ipmb;
2896 int j;
2897
2898 intf = ipmi_interfaces[i];
2899 if (intf == NULL)
2900 continue;
2901
2902 /* First job here is to figure out where to send the
2903 OEM events. There's no way in IPMI to send OEM
2904 events using an event send command, so we have to
2905 find the SEL to put them in and stick them in
2906 there. */
2907
2908 /* Get capabilities from the get device id. */
2909 intf->local_sel_device = 0;
2910 intf->local_event_generator = 0;
2911 intf->event_receiver = 0;
2912
2913 /* Request the device info from the local MC. */
2914 msg.netfn = IPMI_NETFN_APP_REQUEST;
2915 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
2916 msg.data = NULL;
2917 msg.data_len = 0;
2918 intf->null_user_handler = device_id_fetcher;
2919 i_ipmi_request(NULL,
2920 intf,
2921 &addr,
2922 0,
2923 &msg,
2924 NULL,
2925 &smi_msg,
2926 &recv_msg,
2927 0,
2928 intf->my_address,
2929 intf->my_lun,
2930 0, 1); /* Don't retry, and don't wait. */
2931
2932 if (intf->local_event_generator) {
2933 /* Request the event receiver from the local MC. */
2934 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
2935 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
2936 msg.data = NULL;
2937 msg.data_len = 0;
2938 intf->null_user_handler = event_receiver_fetcher;
2939 i_ipmi_request(NULL,
2940 intf,
2941 &addr,
2942 0,
2943 &msg,
2944 NULL,
2945 &smi_msg,
2946 &recv_msg,
2947 0,
2948 intf->my_address,
2949 intf->my_lun,
2950 0, 1); /* no retry, and no wait. */
2951 }
2952 intf->null_user_handler = NULL;
2953
2954 /* Validate the event receiver. The low bit must not
2955 be 1 (it must be a valid IPMB address), it cannot
2956 be zero, and it must not be my address. */
2957 if (((intf->event_receiver & 1) == 0)
2958 && (intf->event_receiver != 0)
2959 && (intf->event_receiver != intf->my_address))
2960 {
2961 /* The event receiver is valid, send an IPMB
2962 message. */
2963 ipmb = (struct ipmi_ipmb_addr *) &addr;
2964 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
2965 ipmb->channel = 0; /* FIXME - is this right? */
2966 ipmb->lun = intf->event_receiver_lun;
2967 ipmb->slave_addr = intf->event_receiver;
2968 } else if (intf->local_sel_device) {
2969 /* The event receiver was not valid (or was
2970 me), but I am an SEL device, just dump it
2971 in my SEL. */
2972 si = (struct ipmi_system_interface_addr *) &addr;
2973 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2974 si->channel = IPMI_BMC_CHANNEL;
2975 si->lun = 0;
2976 } else
2977 continue; /* No where to send the event. */
2978
2979
2980 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
2981 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
2982 msg.data = data;
2983 msg.data_len = 16;
2984
2985 j = 0;
2986 while (*p) {
2987 int size = strlen(p);
2988
2989 if (size > 11)
2990 size = 11;
2991 data[0] = 0;
2992 data[1] = 0;
2993 data[2] = 0xf0; /* OEM event without timestamp. */
2994 data[3] = intf->my_address;
2995 data[4] = j++; /* sequence # */
2996 /* Always give 11 bytes, so strncpy will fill
2997 it with zeroes for me. */
2998 strncpy(data+5, p, 11);
2999 p += size;
3000
3001 i_ipmi_request(NULL,
3002 intf,
3003 &addr,
3004 0,
3005 &msg,
3006 NULL,
3007 &smi_msg,
3008 &recv_msg,
3009 0,
3010 intf->my_address,
3011 intf->my_lun,
3012 0, 1); /* no retry, and no wait. */
3013 }
3014 }
3015 #endif /* CONFIG_IPMI_PANIC_STRING */
3016 }
3017 #endif /* CONFIG_IPMI_PANIC_EVENT */
3018
3019 static int has_paniced = 0;
3020
3021 static int panic_event(struct notifier_block *this,
3022 unsigned long event,
3023 void *ptr)
3024 {
3025 int i;
3026 ipmi_smi_t intf;
3027
3028 if (has_paniced)
3029 return NOTIFY_DONE;
3030 has_paniced = 1;
3031
3032 /* For every registered interface, set it to run to completion. */
3033 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
3034 intf = ipmi_interfaces[i];
3035 if (intf == NULL)
3036 continue;
3037
3038 intf->handlers->set_run_to_completion(intf->send_info, 1);
3039 }
3040
3041 #ifdef CONFIG_IPMI_PANIC_EVENT
3042 send_panic_events(ptr);
3043 #endif
3044
3045 return NOTIFY_DONE;
3046 }
3047
3048 static struct notifier_block panic_block = {
3049 .notifier_call = panic_event,
3050 .next = NULL,
3051 .priority = 200 /* priority: INT_MAX >= x >= 0 */
3052 };
3053
3054 static int ipmi_init_msghandler(void)
3055 {
3056 int i;
3057
3058 if (initialized)
3059 return 0;
3060
3061 printk(KERN_INFO "ipmi message handler version "
3062 IPMI_MSGHANDLER_VERSION "\n");
3063
3064 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
3065 ipmi_interfaces[i] = NULL;
3066 }
3067
3068 proc_ipmi_root = proc_mkdir("ipmi", NULL);
3069 if (!proc_ipmi_root) {
3070 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
3071 return -ENOMEM;
3072 }
3073
3074 proc_ipmi_root->owner = THIS_MODULE;
3075
3076 init_timer(&ipmi_timer);
3077 ipmi_timer.data = 0;
3078 ipmi_timer.function = ipmi_timeout;
3079 ipmi_timer.expires = jiffies + IPMI_TIMEOUT_JIFFIES;
3080 add_timer(&ipmi_timer);
3081
3082 notifier_chain_register(&panic_notifier_list, &panic_block);
3083
3084 initialized = 1;
3085
3086 return 0;
3087 }
3088
3089 static __init int ipmi_init_msghandler_mod(void)
3090 {
3091 ipmi_init_msghandler();
3092 return 0;
3093 }
3094
3095 static __exit void cleanup_ipmi(void)
3096 {
3097 int count;
3098
3099 if (!initialized)
3100 return;
3101
3102 notifier_chain_unregister(&panic_notifier_list, &panic_block);
3103
3104 /* This can't be called if any interfaces exist, so no worry about
3105 shutting down the interfaces. */
3106
3107 /* Tell the timer to stop, then wait for it to stop. This avoids
3108 problems with race conditions removing the timer here. */
3109 stop_operation = 1;
3110 while (!timer_stopped) {
3111 set_current_state(TASK_UNINTERRUPTIBLE);
3112 schedule_timeout(1);
3113 }
3114
3115 remove_proc_entry(proc_ipmi_root->name, &proc_root);
3116
3117 initialized = 0;
3118
3119 /* Check for buffer leaks. */
3120 count = atomic_read(&smi_msg_inuse_count);
3121 if (count != 0)
3122 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
3123 count);
3124 count = atomic_read(&recv_msg_inuse_count);
3125 if (count != 0)
3126 printk(KERN_WARNING PFX "recv message count %d at exit\n",
3127 count);
3128 }
3129 module_exit(cleanup_ipmi);
3130
3131 module_init(ipmi_init_msghandler_mod);
3132 MODULE_LICENSE("GPL");
3133
3134 EXPORT_SYMBOL(ipmi_create_user);
3135 EXPORT_SYMBOL(ipmi_destroy_user);
3136 EXPORT_SYMBOL(ipmi_get_version);
3137 EXPORT_SYMBOL(ipmi_request_settime);
3138 EXPORT_SYMBOL(ipmi_request_supply_msgs);
3139 EXPORT_SYMBOL(ipmi_register_smi);
3140 EXPORT_SYMBOL(ipmi_unregister_smi);
3141 EXPORT_SYMBOL(ipmi_register_for_cmd);
3142 EXPORT_SYMBOL(ipmi_unregister_for_cmd);
3143 EXPORT_SYMBOL(ipmi_smi_msg_received);
3144 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
3145 EXPORT_SYMBOL(ipmi_alloc_smi_msg);
3146 EXPORT_SYMBOL(ipmi_addr_length);
3147 EXPORT_SYMBOL(ipmi_validate_addr);
3148 EXPORT_SYMBOL(ipmi_set_gets_events);
3149 EXPORT_SYMBOL(ipmi_smi_watcher_register);
3150 EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
3151 EXPORT_SYMBOL(ipmi_set_my_address);
3152 EXPORT_SYMBOL(ipmi_get_my_address);
3153 EXPORT_SYMBOL(ipmi_set_my_LUN);
3154 EXPORT_SYMBOL(ipmi_get_my_LUN);
3155 EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
3156 EXPORT_SYMBOL(ipmi_user_set_run_to_completion);
3157
|
This page was automatically generated by the
LXR engine.
|