projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] IPMI: Allow hot system interface remove
[deliverable/linux.git] / drivers / char / ipmi / ipmi_msghandler.c
CommitLineData
1da177e4
LT		 1/*
2 * ipmi_msghandler.c
3 *
4 * Incoming and outgoing message routing for an IPMI interface.
5 *
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
8 * source@mvista.com
9 *
10 * Copyright 2002 MontaVista Software Inc.
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
16 *
17 *
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 *
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
32 */
33
1da177e4
LT		 34#include <linux/module.h>
35#include <linux/errno.h>
36#include <asm/system.h>
37#include <linux/sched.h>
38#include <linux/poll.h>
39#include <linux/spinlock.h>
d6dfd131 40#include <linux/mutex.h>
1da177e4
LT		 41#include <linux/slab.h>
42#include <linux/ipmi.h>
43#include <linux/ipmi_smi.h>
44#include <linux/notifier.h>
45#include <linux/init.h>
46#include <linux/proc_fs.h>
393d2cc3 47#include <linux/rcupdate.h>
1da177e4
LT		 48
49#define PFX "IPMI message handler: "
1fdd75bd 50
a23f9a3c 51#define IPMI_DRIVER_VERSION "39.0"
1da177e4
LT		 52
53static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
54static int ipmi_init_msghandler(void);
55
56static int initialized = 0;
57
3b625943 58#ifdef CONFIG_PROC_FS
456229a9 59static struct proc_dir_entry *proc_ipmi_root = NULL;
3b625943 60#endif /* CONFIG_PROC_FS */
1da177e4
LT		 61
62#define MAX_EVENTS_IN_QUEUE 25
63
64/* Don't let a message sit in a queue forever, always time it with at lest
65 the max message timer. This is in milliseconds. */
66#define MAX_MSG_TIMEOUT 60000
67
393d2cc3
CM		 68
69/*
70 * The main "user" data structure.
71 */
1da177e4
LT		 72struct ipmi_user
73{
74 struct list_head link;
75
393d2cc3
CM		 76 /* Set to "0" when the user is destroyed. */
77 int valid;
78
79 struct kref refcount;
80
1da177e4
LT		 81 /* The upper layer that handles receive messages. */
82 struct ipmi_user_hndl *handler;
83 void *handler_data;
84
85 /* The interface this user is bound to. */
86 ipmi_smi_t intf;
87
88 /* Does this interface receive IPMI events? */
89 int gets_events;
90};
91
92struct cmd_rcvr
93{
94 struct list_head link;
95
96 ipmi_user_t user;
97 unsigned char netfn;
98 unsigned char cmd;
c69c3127 99 unsigned int chans;
393d2cc3
CM		 100
101 /*
102 * This is used to form a linked lised during mass deletion.
103 * Since this is in an RCU list, we cannot use the link above
104 * or change any data until the RCU period completes. So we
105 * use this next variable during mass deletion so we can have
106 * a list and don't have to wait and restart the search on
107 * every individual deletion of a command. */
108 struct cmd_rcvr *next;
1da177e4
LT		 109};
110
111struct seq_table
112{
113 unsigned int inuse : 1;
114 unsigned int broadcast : 1;
115
116 unsigned long timeout;
117 unsigned long orig_timeout;
118 unsigned int retries_left;
119
120 /* To verify on an incoming send message response that this is
121 the message that the response is for, we keep a sequence id
122 and increment it every time we send a message. */
123 long seqid;
124
125 /* This is held so we can properly respond to the message on a
126 timeout, and it is used to hold the temporary data for
127 retransmission, too. */
128 struct ipmi_recv_msg *recv_msg;
129};
130
131/* Store the information in a msgid (long) to allow us to find a
132 sequence table entry from the msgid. */
133#define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
134
135#define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
136 do { \
137 seq = ((msgid >> 26) & 0x3f); \
138 seqid = (msgid & 0x3fffff); \
e8b33617 139 } while (0)
1da177e4
LT		 140
141#define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
142
143struct ipmi_channel
144{
145 unsigned char medium;
146 unsigned char protocol;
c14979b9
CM		 147
148 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
149 but may be changed by the user. */
150 unsigned char address;
151
152 /* My LUN. This should generally stay the SMS LUN, but just in
153 case... */
154 unsigned char lun;
1da177e4
LT		 155};
156
3b625943 157#ifdef CONFIG_PROC_FS
1da177e4
LT		 158struct ipmi_proc_entry
159{
160 char *name;
161 struct ipmi_proc_entry *next;
162};
3b625943 163#endif
1da177e4 164
50c812b2
CM		 165struct bmc_device
166{
167 struct platform_device *dev;
168 struct ipmi_device_id id;
169 unsigned char guid[16];
170 int guid_set;
171
172 struct kref refcount;
173
174 /* bmc device attributes */
175 struct device_attribute device_id_attr;
176 struct device_attribute provides_dev_sdrs_attr;
177 struct device_attribute revision_attr;
178 struct device_attribute firmware_rev_attr;
179 struct device_attribute version_attr;
180 struct device_attribute add_dev_support_attr;
181 struct device_attribute manufacturer_id_attr;
182 struct device_attribute product_id_attr;
183 struct device_attribute guid_attr;
184 struct device_attribute aux_firmware_rev_attr;
185};
186
1da177e4 187#define IPMI_IPMB_NUM_SEQ 64
c14979b9 188#define IPMI_MAX_CHANNELS 16
1da177e4
LT		 189struct ipmi_smi
190{
191 /* What interface number are we? */
192 int intf_num;
193
393d2cc3
CM		 194 struct kref refcount;
195
bca0324d
CM		 196 /* Used for a list of interfaces. */
197 struct list_head link;
198
393d2cc3
CM		 199 /* The list of upper layers that are using me. seq_lock
200 * protects this. */
201 struct list_head users;
1da177e4 202
b2c03941
CM		 203 /* Information to supply to users. */
204 unsigned char ipmi_version_major;
205 unsigned char ipmi_version_minor;
206
1da177e4
LT		 207 /* Used for wake ups at startup. */
208 wait_queue_head_t waitq;
209
50c812b2
CM		 210 struct bmc_device *bmc;
211 char *my_dev_name;
759643b8 212 char *sysfs_name;
1da177e4 213
b2c03941
CM		 214 /* This is the lower-layer's sender routine. Note that you
215 * must either be holding the ipmi_interfaces_mutex or be in
216 * an umpreemptible region to use this. You must fetch the
217 * value into a local variable and make sure it is not NULL. */
1da177e4
LT		 218 struct ipmi_smi_handlers *handlers;
219 void *send_info;
220
3b625943 221#ifdef CONFIG_PROC_FS
1da177e4
LT		 222 /* A list of proc entries for this interface. This does not
223 need a lock, only one thread creates it and only one thread
224 destroys it. */
3b625943 225 spinlock_t proc_entry_lock;
1da177e4 226 struct ipmi_proc_entry *proc_entries;
3b625943 227#endif
1da177e4 228
50c812b2
CM		 229 /* Driver-model device for the system interface. */
230 struct device *si_dev;
231
1da177e4
LT		 232 /* A table of sequence numbers for this interface. We use the
233 sequence numbers for IPMB messages that go out of the
234 interface to match them up with their responses. A routine
235 is called periodically to time the items in this list. */
236 spinlock_t seq_lock;
237 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
238 int curr_seq;
239
240 /* Messages that were delayed for some reason (out of memory,
241 for instance), will go in here to be processed later in a
242 periodic timer interrupt. */
243 spinlock_t waiting_msgs_lock;
244 struct list_head waiting_msgs;
245
246 /* The list of command receivers that are registered for commands
247 on this interface. */
d6dfd131 248 struct mutex cmd_rcvrs_mutex;
1da177e4
LT		 249 struct list_head cmd_rcvrs;
250
251 /* Events that were queues because no one was there to receive
252 them. */
253 spinlock_t events_lock; /* For dealing with event stuff. */
254 struct list_head waiting_events;
255 unsigned int waiting_events_count; /* How many events in queue? */
b2c03941 256 int delivering_events;
1da177e4 257
1da177e4
LT		 258 /* The event receiver for my BMC, only really used at panic
259 shutdown as a place to store this. */
260 unsigned char event_receiver;
261 unsigned char event_receiver_lun;
262 unsigned char local_sel_device;
263 unsigned char local_event_generator;
264
265 /* A cheap hack, if this is non-null and a message to an
266 interface comes in with a NULL user, call this routine with
267 it. Note that the message will still be freed by the
268 caller. This only works on the system interface. */
56a55ec6 269 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg);
1da177e4
LT		 270
271 /* When we are scanning the channels for an SMI, this will
272 tell which channel we are scanning. */
273 int curr_channel;
274
275 /* Channel information */
276 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
277
278 /* Proc FS stuff. */
279 struct proc_dir_entry *proc_dir;
280 char proc_dir_name[10];
281
282 spinlock_t counter_lock; /* For making counters atomic. */
283
284 /* Commands we got that were invalid. */
285 unsigned int sent_invalid_commands;
286
287 /* Commands we sent to the MC. */
288 unsigned int sent_local_commands;
289 /* Responses from the MC that were delivered to a user. */
290 unsigned int handled_local_responses;
291 /* Responses from the MC that were not delivered to a user. */
292 unsigned int unhandled_local_responses;
293
294 /* Commands we sent out to the IPMB bus. */
295 unsigned int sent_ipmb_commands;
296 /* Commands sent on the IPMB that had errors on the SEND CMD */
297 unsigned int sent_ipmb_command_errs;
298 /* Each retransmit increments this count. */
299 unsigned int retransmitted_ipmb_commands;
300 /* When a message times out (runs out of retransmits) this is
301 incremented. */
302 unsigned int timed_out_ipmb_commands;
303
304 /* This is like above, but for broadcasts. Broadcasts are
305 *not* included in the above count (they are expected to
306 time out). */
307 unsigned int timed_out_ipmb_broadcasts;
308
309 /* Responses I have sent to the IPMB bus. */
310 unsigned int sent_ipmb_responses;
311
312 /* The response was delivered to the user. */
313 unsigned int handled_ipmb_responses;
314 /* The response had invalid data in it. */
315 unsigned int invalid_ipmb_responses;
316 /* The response didn't have anyone waiting for it. */
317 unsigned int unhandled_ipmb_responses;
318
319 /* Commands we sent out to the IPMB bus. */
320 unsigned int sent_lan_commands;
321 /* Commands sent on the IPMB that had errors on the SEND CMD */
322 unsigned int sent_lan_command_errs;
323 /* Each retransmit increments this count. */
324 unsigned int retransmitted_lan_commands;
325 /* When a message times out (runs out of retransmits) this is
326 incremented. */
327 unsigned int timed_out_lan_commands;
328
329 /* Responses I have sent to the IPMB bus. */
330 unsigned int sent_lan_responses;
331
332 /* The response was delivered to the user. */
333 unsigned int handled_lan_responses;
334 /* The response had invalid data in it. */
335 unsigned int invalid_lan_responses;
336 /* The response didn't have anyone waiting for it. */
337 unsigned int unhandled_lan_responses;
338
339 /* The command was delivered to the user. */
340 unsigned int handled_commands;
341 /* The command had invalid data in it. */
342 unsigned int invalid_commands;
343 /* The command didn't have anyone waiting for it. */
344 unsigned int unhandled_commands;
345
346 /* Invalid data in an event. */
347 unsigned int invalid_events;
348 /* Events that were received with the proper format. */
349 unsigned int events;
350};
50c812b2 351#define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev)
1da177e4 352
50c812b2
CM		 353/**
354 * The driver model view of the IPMI messaging driver.
355 */
356static struct device_driver ipmidriver = {
357 .name = "ipmi",
358 .bus = &platform_bus_type
359};
360static DEFINE_MUTEX(ipmidriver_mutex);
361
bca0324d
CM		 362static struct list_head ipmi_interfaces = LIST_HEAD_INIT(ipmi_interfaces);
363static DEFINE_MUTEX(ipmi_interfaces_mutex);
1da177e4
LT		 364
365/* List of watchers that want to know when smi's are added and
366 deleted. */
367static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers);
b2c03941 368static DEFINE_MUTEX(smi_watchers_mutex);
1da177e4 369
393d2cc3
CM		 370
371static void free_recv_msg_list(struct list_head *q)
372{
373 struct ipmi_recv_msg *msg, *msg2;
374
375 list_for_each_entry_safe(msg, msg2, q, link) {
376 list_del(&msg->link);
377 ipmi_free_recv_msg(msg);
378 }
379}
380
f3ce6a0e
CM		 381static void free_smi_msg_list(struct list_head *q)
382{
383 struct ipmi_smi_msg *msg, *msg2;
384
385 list_for_each_entry_safe(msg, msg2, q, link) {
386 list_del(&msg->link);
387 ipmi_free_smi_msg(msg);
388 }
389}
390
393d2cc3
CM		 391static void clean_up_interface_data(ipmi_smi_t intf)
392{
393 int i;
394 struct cmd_rcvr *rcvr, *rcvr2;
393d2cc3
CM		 395 struct list_head list;
396
f3ce6a0e 397 free_smi_msg_list(&intf->waiting_msgs);
393d2cc3
CM		 398 free_recv_msg_list(&intf->waiting_events);
399
400 /* Wholesale remove all the entries from the list in the
401 * interface and wait for RCU to know that none are in use. */
d6dfd131 402 mutex_lock(&intf->cmd_rcvrs_mutex);
393d2cc3
CM		 403 list_add_rcu(&list, &intf->cmd_rcvrs);
404 list_del_rcu(&intf->cmd_rcvrs);
d6dfd131 405 mutex_unlock(&intf->cmd_rcvrs_mutex);
393d2cc3
CM		 406 synchronize_rcu();
407
408 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
409 kfree(rcvr);
410
411 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
412 if ((intf->seq_table[i].inuse)
413 && (intf->seq_table[i].recv_msg))
414 {
415 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
416 }
417 }
418}
419
420static void intf_free(struct kref *ref)
421{
422 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount);
423
424 clean_up_interface_data(intf);
425 kfree(intf);
426}
427
bca0324d 428struct watcher_entry {
b2c03941
CM		 429 int intf_num;
430 ipmi_smi_t intf;
bca0324d 431 struct list_head link;
bca0324d
CM		 432};
433
1da177e4
LT		 434int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
435{
bca0324d
CM		 436 ipmi_smi_t intf;
437 struct list_head to_deliver = LIST_HEAD_INIT(to_deliver);
438 struct watcher_entry *e, *e2;
439
b2c03941
CM		 440 mutex_lock(&smi_watchers_mutex);
441
bca0324d
CM		 442 mutex_lock(&ipmi_interfaces_mutex);
443
b2c03941 444 /* Build a list of things to deliver. */
bca0324d
CM		 445 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
446 if (intf->intf_num == -1)
447 continue;
448 e = kmalloc(sizeof(*e), GFP_KERNEL);
449 if (!e)
450 goto out_err;
b2c03941
CM		 451 kref_get(&intf->refcount);
452 e->intf = intf;
bca0324d
CM		 453 e->intf_num = intf->intf_num;
454 list_add_tail(&e->link, &to_deliver);
455 }
1da177e4 456
b2c03941
CM		 457 /* We will succeed, so add it to the list. */
458 list_add(&watcher->link, &smi_watchers);
bca0324d
CM		 459
460 mutex_unlock(&ipmi_interfaces_mutex);
461
462 list_for_each_entry_safe(e, e2, &to_deliver, link) {
463 list_del(&e->link);
b2c03941
CM		 464 watcher->new_smi(e->intf_num, e->intf->si_dev);
465 kref_put(&e->intf->refcount, intf_free);
bca0324d 466 kfree(e);
1da177e4 467 }
bca0324d 468
b2c03941 469 mutex_unlock(&smi_watchers_mutex);
bca0324d 470
1da177e4 471 return 0;
bca0324d
CM		 472
473 out_err:
b2c03941
CM		 474 mutex_unlock(&ipmi_interfaces_mutex);
475 mutex_unlock(&smi_watchers_mutex);
bca0324d
CM		 476 list_for_each_entry_safe(e, e2, &to_deliver, link) {
477 list_del(&e->link);
b2c03941 478 kref_put(&e->intf->refcount, intf_free);
bca0324d
CM		 479 kfree(e);
480 }
481 return -ENOMEM;
1da177e4
LT		 482}
483
484int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
485{
b2c03941 486 mutex_lock(&smi_watchers_mutex);
1da177e4 487 list_del(&(watcher->link));
b2c03941 488 mutex_unlock(&smi_watchers_mutex);
1da177e4
LT		 489 return 0;
490}
491
b2c03941
CM		 492/*
493 * Must be called with smi_watchers_mutex held.
494 */
1da177e4 495static void
50c812b2 496call_smi_watchers(int i, struct device *dev)
1da177e4
LT		 497{
498 struct ipmi_smi_watcher *w;
499
1da177e4
LT		 500 list_for_each_entry(w, &smi_watchers, link) {
501 if (try_module_get(w->owner)) {
50c812b2 502 w->new_smi(i, dev);
1da177e4
LT		 503 module_put(w->owner);
504 }
505 }
1da177e4
LT		 506}
507
508static int
509ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
510{
511 if (addr1->addr_type != addr2->addr_type)
512 return 0;
513
514 if (addr1->channel != addr2->channel)
515 return 0;
516
517 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
518 struct ipmi_system_interface_addr *smi_addr1
519 = (struct ipmi_system_interface_addr *) addr1;
520 struct ipmi_system_interface_addr *smi_addr2
521 = (struct ipmi_system_interface_addr *) addr2;
522 return (smi_addr1->lun == smi_addr2->lun);
523 }
524
525 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE)
526 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
527 {
528 struct ipmi_ipmb_addr *ipmb_addr1
529 = (struct ipmi_ipmb_addr *) addr1;
530 struct ipmi_ipmb_addr *ipmb_addr2
531 = (struct ipmi_ipmb_addr *) addr2;
532
533 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
534 && (ipmb_addr1->lun == ipmb_addr2->lun));
535 }
536
537 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) {
538 struct ipmi_lan_addr *lan_addr1
539 = (struct ipmi_lan_addr *) addr1;
540 struct ipmi_lan_addr *lan_addr2
541 = (struct ipmi_lan_addr *) addr2;
542
543 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
544 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
545 && (lan_addr1->session_handle
546 == lan_addr2->session_handle)
547 && (lan_addr1->lun == lan_addr2->lun));
548 }
549
550 return 1;
551}
552
553int ipmi_validate_addr(struct ipmi_addr *addr, int len)
554{
555 if (len < sizeof(struct ipmi_system_interface_addr)) {
556 return -EINVAL;
557 }
558
559 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
560 if (addr->channel != IPMI_BMC_CHANNEL)
561 return -EINVAL;
562 return 0;
563 }
564
565 if ((addr->channel == IPMI_BMC_CHANNEL)
12fc1d7b 566 || (addr->channel >= IPMI_MAX_CHANNELS)
1da177e4
LT		 567 || (addr->channel < 0))
568 return -EINVAL;
569
570 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
571 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
572 {
573 if (len < sizeof(struct ipmi_ipmb_addr)) {
574 return -EINVAL;
575 }
576 return 0;
577 }
578
579 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
580 if (len < sizeof(struct ipmi_lan_addr)) {
581 return -EINVAL;
582 }
583 return 0;
584 }
585
586 return -EINVAL;
587}
588
589unsigned int ipmi_addr_length(int addr_type)
590{
591 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
592 return sizeof(struct ipmi_system_interface_addr);
593
594 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
595 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
596 {
597 return sizeof(struct ipmi_ipmb_addr);
598 }
599
600 if (addr_type == IPMI_LAN_ADDR_TYPE)
601 return sizeof(struct ipmi_lan_addr);
602
603 return 0;
604}
605
606static void deliver_response(struct ipmi_recv_msg *msg)
607{
8a3628d5 608 if (!msg->user) {
56a55ec6
CM		 609 ipmi_smi_t intf = msg->user_msg_data;
610 unsigned long flags;
611
612 /* Special handling for NULL users. */
613 if (intf->null_user_handler) {
614 intf->null_user_handler(intf, msg);
615 spin_lock_irqsave(&intf->counter_lock, flags);
616 intf->handled_local_responses++;
617 spin_unlock_irqrestore(&intf->counter_lock, flags);
618 } else {
619 /* No handler, so give up. */
620 spin_lock_irqsave(&intf->counter_lock, flags);
621 intf->unhandled_local_responses++;
622 spin_unlock_irqrestore(&intf->counter_lock, flags);
623 }
624 ipmi_free_recv_msg(msg);
625 } else {
393d2cc3
CM		 626 ipmi_user_t user = msg->user;
627 user->handler->ipmi_recv_hndl(msg, user->handler_data);
56a55ec6 628 }
1da177e4
LT		 629}
630
b2c03941
CM		 631static void
632deliver_err_response(struct ipmi_recv_msg *msg, int err)
633{
634 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
635 msg->msg_data[0] = err;
636 msg->msg.netfn |= 1; /* Convert to a response. */
637 msg->msg.data_len = 1;
638 msg->msg.data = msg->msg_data;
639 deliver_response(msg);
640}
641
1da177e4
LT		 642/* Find the next sequence number not being used and add the given
643 message with the given timeout to the sequence table. This must be
644 called with the interface's seq_lock held. */
645static int intf_next_seq(ipmi_smi_t intf,
646 struct ipmi_recv_msg *recv_msg,
647 unsigned long timeout,
648 int retries,
649 int broadcast,
650 unsigned char *seq,
651 long *seqid)
652{
653 int rv = 0;
654 unsigned int i;
655
e8b33617 656 for (i = intf->curr_seq;
1da177e4 657 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
e8b33617 658 i = (i+1)%IPMI_IPMB_NUM_SEQ)
1da177e4 659 {
8a3628d5 660 if (!intf->seq_table[i].inuse)
1da177e4
LT		 661 break;
662 }
663
8a3628d5 664 if (!intf->seq_table[i].inuse) {
1da177e4
LT		 665 intf->seq_table[i].recv_msg = recv_msg;
666
667 /* Start with the maximum timeout, when the send response
668 comes in we will start the real timer. */
669 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
670 intf->seq_table[i].orig_timeout = timeout;
671 intf->seq_table[i].retries_left = retries;
672 intf->seq_table[i].broadcast = broadcast;
673 intf->seq_table[i].inuse = 1;
674 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
675 *seq = i;
676 *seqid = intf->seq_table[i].seqid;
677 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
678 } else {
679 rv = -EAGAIN;
680 }
681
682 return rv;
683}
684
685/* Return the receive message for the given sequence number and
686 release the sequence number so it can be reused. Some other data
687 is passed in to be sure the message matches up correctly (to help
688 guard against message coming in after their timeout and the
689 sequence number being reused). */
690static int intf_find_seq(ipmi_smi_t intf,
691 unsigned char seq,
692 short channel,
693 unsigned char cmd,
694 unsigned char netfn,
695 struct ipmi_addr *addr,
696 struct ipmi_recv_msg **recv_msg)
697{
698 int rv = -ENODEV;
699 unsigned long flags;
700
701 if (seq >= IPMI_IPMB_NUM_SEQ)
702 return -EINVAL;
703
704 spin_lock_irqsave(&(intf->seq_lock), flags);
705 if (intf->seq_table[seq].inuse) {
706 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
707
708 if ((msg->addr.channel == channel)
709 && (msg->msg.cmd == cmd)
710 && (msg->msg.netfn == netfn)
711 && (ipmi_addr_equal(addr, &(msg->addr))))
712 {
713 *recv_msg = msg;
714 intf->seq_table[seq].inuse = 0;
715 rv = 0;
716 }
717 }
718 spin_unlock_irqrestore(&(intf->seq_lock), flags);
719
720 return rv;
721}
722
723
724/* Start the timer for a specific sequence table entry. */
725static int intf_start_seq_timer(ipmi_smi_t intf,
726 long msgid)
727{
728 int rv = -ENODEV;
729 unsigned long flags;
730 unsigned char seq;
731 unsigned long seqid;
732
733
734 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
735
736 spin_lock_irqsave(&(intf->seq_lock), flags);
737 /* We do this verification because the user can be deleted
738 while a message is outstanding. */
739 if ((intf->seq_table[seq].inuse)
740 && (intf->seq_table[seq].seqid == seqid))
741 {
742 struct seq_table *ent = &(intf->seq_table[seq]);
743 ent->timeout = ent->orig_timeout;
744 rv = 0;
745 }
746 spin_unlock_irqrestore(&(intf->seq_lock), flags);
747
748 return rv;
749}
750
751/* Got an error for the send message for a specific sequence number. */
752static int intf_err_seq(ipmi_smi_t intf,
753 long msgid,
754 unsigned int err)
755{
756 int rv = -ENODEV;
757 unsigned long flags;
758 unsigned char seq;
759 unsigned long seqid;
760 struct ipmi_recv_msg *msg = NULL;
761
762
763 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
764
765 spin_lock_irqsave(&(intf->seq_lock), flags);
766 /* We do this verification because the user can be deleted
767 while a message is outstanding. */
768 if ((intf->seq_table[seq].inuse)
769 && (intf->seq_table[seq].seqid == seqid))
770 {
771 struct seq_table *ent = &(intf->seq_table[seq]);
772
773 ent->inuse = 0;
774 msg = ent->recv_msg;
775 rv = 0;
776 }
777 spin_unlock_irqrestore(&(intf->seq_lock), flags);
778
b2c03941
CM		 779 if (msg)
780 deliver_err_response(msg, err);
1da177e4
LT		 781
782 return rv;
783}
784
785
786int ipmi_create_user(unsigned int if_num,
787 struct ipmi_user_hndl *handler,
788 void *handler_data,
789 ipmi_user_t *user)
790{
791 unsigned long flags;
792 ipmi_user_t new_user;
793 int rv = 0;
794 ipmi_smi_t intf;
795
796 /* There is no module usecount here, because it's not
797 required. Since this can only be used by and called from
798 other modules, they will implicitly use this module, and
799 thus this can't be removed unless the other modules are
800 removed. */
801
802 if (handler == NULL)
803 return -EINVAL;
804
805 /* Make sure the driver is actually initialized, this handles
806 problems with initialization order. */
807 if (!initialized) {
808 rv = ipmi_init_msghandler();
809 if (rv)
810 return rv;
811
812 /* The init code doesn't return an error if it was turned
813 off, but it won't initialize. Check that. */
814 if (!initialized)
815 return -ENODEV;
816 }
817
818 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
8a3628d5 819 if (!new_user)
1da177e4
LT		 820 return -ENOMEM;
821
b2c03941 822 mutex_lock(&ipmi_interfaces_mutex);
bca0324d
CM		 823 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
824 if (intf->intf_num == if_num)
825 goto found;
1da177e4 826 }
b2c03941 827 /* Not found, return an error */
bca0324d
CM		 828 rv = -EINVAL;
829 goto out_kfree;
1da177e4 830
bca0324d 831 found:
393d2cc3
CM		 832 /* Note that each existing user holds a refcount to the interface. */
833 kref_get(&intf->refcount);
1da177e4 834
393d2cc3 835 kref_init(&new_user->refcount);
1da177e4
LT		 836 new_user->handler = handler;
837 new_user->handler_data = handler_data;
838 new_user->intf = intf;
839 new_user->gets_events = 0;
840
841 if (!try_module_get(intf->handlers->owner)) {
842 rv = -ENODEV;
5c98d29a 843 goto out_kref;
1da177e4
LT		 844 }
845
846 if (intf->handlers->inc_usecount) {
847 rv = intf->handlers->inc_usecount(intf->send_info);
848 if (rv) {
849 module_put(intf->handlers->owner);
5c98d29a 850 goto out_kref;
1da177e4
LT		 851 }
852 }
853
b2c03941
CM		 854 /* Hold the lock so intf->handlers is guaranteed to be good
855 * until now */
856 mutex_unlock(&ipmi_interfaces_mutex);
857
393d2cc3
CM		 858 new_user->valid = 1;
859 spin_lock_irqsave(&intf->seq_lock, flags);
860 list_add_rcu(&new_user->link, &intf->users);
861 spin_unlock_irqrestore(&intf->seq_lock, flags);
862 *user = new_user;
863 return 0;
1da177e4 864
5c98d29a 865out_kref:
393d2cc3 866 kref_put(&intf->refcount, intf_free);
5c98d29a 867out_kfree:
b2c03941 868 mutex_unlock(&ipmi_interfaces_mutex);
5c98d29a 869 kfree(new_user);
1da177e4
LT		 870 return rv;
871}
872
393d2cc3
CM		 873static void free_user(struct kref *ref)
874{
875 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount);
876 kfree(user);
877}
878
879int ipmi_destroy_user(ipmi_user_t user)
1da177e4 880{
393d2cc3 881 ipmi_smi_t intf = user->intf;
1da177e4
LT		 882 int i;
883 unsigned long flags;
393d2cc3 884 struct cmd_rcvr *rcvr;
393d2cc3 885 struct cmd_rcvr *rcvrs = NULL;
1da177e4 886
8a3628d5 887 user->valid = 0;
1da177e4 888
393d2cc3
CM		 889 /* Remove the user from the interface's sequence table. */
890 spin_lock_irqsave(&intf->seq_lock, flags);
891 list_del_rcu(&user->link);
1da177e4 892
e8b33617 893 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
393d2cc3
CM		 894 if (intf->seq_table[i].inuse
895 && (intf->seq_table[i].recv_msg->user == user))
1da177e4 896 {
393d2cc3 897 intf->seq_table[i].inuse = 0;
b2c03941 898 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1da177e4
LT		 899 }
900 }
393d2cc3
CM		 901 spin_unlock_irqrestore(&intf->seq_lock, flags);
902
903 /*
904 * Remove the user from the command receiver's table. First
905 * we build a list of everything (not using the standard link,
906 * since other things may be using it till we do
907 * synchronize_rcu()) then free everything in that list.
908 */
d6dfd131 909 mutex_lock(&intf->cmd_rcvrs_mutex);
066bb8d0 910 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1da177e4 911 if (rcvr->user == user) {
393d2cc3
CM		 912 list_del_rcu(&rcvr->link);
913 rcvr->next = rcvrs;
914 rcvrs = rcvr;
1da177e4
LT		 915 }
916 }
d6dfd131 917 mutex_unlock(&intf->cmd_rcvrs_mutex);
393d2cc3
CM		 918 synchronize_rcu();
919 while (rcvrs) {
920 rcvr = rcvrs;
921 rcvrs = rcvr->next;
922 kfree(rcvr);
923 }
1da177e4 924
b2c03941
CM		 925 mutex_lock(&ipmi_interfaces_mutex);
926 if (intf->handlers) {
927 module_put(intf->handlers->owner);
928 if (intf->handlers->dec_usecount)
929 intf->handlers->dec_usecount(intf->send_info);
930 }
931 mutex_unlock(&ipmi_interfaces_mutex);
1da177e4 932
393d2cc3 933 kref_put(&intf->refcount, intf_free);
1da177e4 934
393d2cc3 935 kref_put(&user->refcount, free_user);
1da177e4 936
8a3628d5 937 return 0;
1da177e4
LT		 938}
939
940void ipmi_get_version(ipmi_user_t user,
941 unsigned char *major,
942 unsigned char *minor)
943{
b2c03941
CM		 944 *major = user->intf->ipmi_version_major;
945 *minor = user->intf->ipmi_version_minor;
1da177e4
LT		 946}
947
c14979b9
CM		 948int ipmi_set_my_address(ipmi_user_t user,
949 unsigned int channel,
950 unsigned char address)
1da177e4 951{
c14979b9
CM		 952 if (channel >= IPMI_MAX_CHANNELS)
953 return -EINVAL;
954 user->intf->channels[channel].address = address;
955 return 0;
1da177e4
LT		 956}
957
c14979b9
CM		 958int ipmi_get_my_address(ipmi_user_t user,
959 unsigned int channel,
960 unsigned char *address)
1da177e4 961{
c14979b9
CM		 962 if (channel >= IPMI_MAX_CHANNELS)
963 return -EINVAL;
964 *address = user->intf->channels[channel].address;
965 return 0;
1da177e4
LT		 966}
967
c14979b9
CM		 968int ipmi_set_my_LUN(ipmi_user_t user,
969 unsigned int channel,
970 unsigned char LUN)
1da177e4 971{
c14979b9
CM		 972 if (channel >= IPMI_MAX_CHANNELS)
973 return -EINVAL;
974 user->intf->channels[channel].lun = LUN & 0x3;
975 return 0;
1da177e4
LT		 976}
977
c14979b9
CM		 978int ipmi_get_my_LUN(ipmi_user_t user,
979 unsigned int channel,
980 unsigned char *address)
1da177e4 981{
c14979b9
CM		 982 if (channel >= IPMI_MAX_CHANNELS)
983 return -EINVAL;
984 *address = user->intf->channels[channel].lun;
985 return 0;
1da177e4
LT		 986}
987
988int ipmi_set_gets_events(ipmi_user_t user, int val)
989{
393d2cc3
CM		 990 unsigned long flags;
991 ipmi_smi_t intf = user->intf;
992 struct ipmi_recv_msg *msg, *msg2;
993 struct list_head msgs;
1da177e4 994
393d2cc3
CM		 995 INIT_LIST_HEAD(&msgs);
996
997 spin_lock_irqsave(&intf->events_lock, flags);
1da177e4
LT		 998 user->gets_events = val;
999
b2c03941
CM		 1000 if (intf->delivering_events)
1001 /*
1002 * Another thread is delivering events for this, so
1003 * let it handle any new events.
1004 */
1005 goto out;
1006
1007 /* Deliver any queued events. */
1008 while (user->gets_events && !list_empty(&intf->waiting_events)) {
179e0917
AM		 1009 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link)
1010 list_move_tail(&msg->link, &msgs);
4791c03d 1011 intf->waiting_events_count = 0;
393d2cc3 1012
b2c03941
CM		 1013 intf->delivering_events = 1;
1014 spin_unlock_irqrestore(&intf->events_lock, flags);
1015
1016 list_for_each_entry_safe(msg, msg2, &msgs, link) {
1017 msg->user = user;
1018 kref_get(&user->refcount);
1019 deliver_response(msg);
1020 }
1021
1022 spin_lock_irqsave(&intf->events_lock, flags);
1023 intf->delivering_events = 0;
393d2cc3
CM		 1024 }
1025
b2c03941 1026 out:
393d2cc3 1027 spin_unlock_irqrestore(&intf->events_lock, flags);
1da177e4
LT		 1028
1029 return 0;
1030}
1031
393d2cc3
CM		 1032static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf,
1033 unsigned char netfn,
c69c3127
CM		 1034 unsigned char cmd,
1035 unsigned char chan)
393d2cc3
CM		 1036{
1037 struct cmd_rcvr *rcvr;
1038
1039 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
c69c3127
CM		 1040 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1041 && (rcvr->chans & (1 << chan)))
393d2cc3
CM		 1042 return rcvr;
1043 }
1044 return NULL;
1045}
1046
c69c3127
CM		 1047static int is_cmd_rcvr_exclusive(ipmi_smi_t intf,
1048 unsigned char netfn,
1049 unsigned char cmd,
1050 unsigned int chans)
1051{
1052 struct cmd_rcvr *rcvr;
1053
1054 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1055 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1056 && (rcvr->chans & chans))
1057 return 0;
1058 }
1059 return 1;
1060}
1061
1da177e4
LT		 1062int ipmi_register_for_cmd(ipmi_user_t user,
1063 unsigned char netfn,
c69c3127
CM		 1064 unsigned char cmd,
1065 unsigned int chans)
1da177e4 1066{
393d2cc3
CM		 1067 ipmi_smi_t intf = user->intf;
1068 struct cmd_rcvr *rcvr;
393d2cc3 1069 int rv = 0;
1da177e4
LT		 1070
1071
1072 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
8a3628d5 1073 if (!rcvr)
1da177e4 1074 return -ENOMEM;
393d2cc3
CM		 1075 rcvr->cmd = cmd;
1076 rcvr->netfn = netfn;
c69c3127 1077 rcvr->chans = chans;
393d2cc3 1078 rcvr->user = user;
1da177e4 1079
d6dfd131 1080 mutex_lock(&intf->cmd_rcvrs_mutex);
1da177e4 1081 /* Make sure the command/netfn is not already registered. */
c69c3127 1082 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) {
393d2cc3
CM		 1083 rv = -EBUSY;
1084 goto out_unlock;
1da177e4 1085 }
877197ef 1086
393d2cc3 1087 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
1da177e4 1088
393d2cc3 1089 out_unlock:
d6dfd131 1090 mutex_unlock(&intf->cmd_rcvrs_mutex);
1da177e4
LT		 1091 if (rv)
1092 kfree(rcvr);
1093
1094 return rv;
1095}
1096
1097int ipmi_unregister_for_cmd(ipmi_user_t user,
1098 unsigned char netfn,
c69c3127
CM		 1099 unsigned char cmd,
1100 unsigned int chans)
1da177e4 1101{
393d2cc3
CM		 1102 ipmi_smi_t intf = user->intf;
1103 struct cmd_rcvr *rcvr;
c69c3127
CM		 1104 struct cmd_rcvr *rcvrs = NULL;
1105 int i, rv = -ENOENT;
1da177e4 1106
d6dfd131 1107 mutex_lock(&intf->cmd_rcvrs_mutex);
c69c3127
CM		 1108 for (i = 0; i < IPMI_NUM_CHANNELS; i++) {
1109 if (((1 << i) & chans) == 0)
1110 continue;
1111 rcvr = find_cmd_rcvr(intf, netfn, cmd, i);
1112 if (rcvr == NULL)
1113 continue;
1114 if (rcvr->user == user) {
1115 rv = 0;
1116 rcvr->chans &= ~chans;
1117 if (rcvr->chans == 0) {
1118 list_del_rcu(&rcvr->link);
1119 rcvr->next = rcvrs;
1120 rcvrs = rcvr;
1121 }
1122 }
1123 }
1124 mutex_unlock(&intf->cmd_rcvrs_mutex);
1125 synchronize_rcu();
1126 while (rcvrs) {
1127 rcvr = rcvrs;
1128 rcvrs = rcvr->next;
393d2cc3 1129 kfree(rcvr);
1da177e4 1130 }
c69c3127 1131 return rv;
1da177e4
LT		 1132}
1133
1134void ipmi_user_set_run_to_completion(ipmi_user_t user, int val)
1135{
393d2cc3 1136 ipmi_smi_t intf = user->intf;
b2c03941
CM		 1137 if (intf->handlers)
1138 intf->handlers->set_run_to_completion(intf->send_info, val);
1da177e4
LT		 1139}
1140
1141static unsigned char
1142ipmb_checksum(unsigned char *data, int size)
1143{
1144 unsigned char csum = 0;
1145
1146 for (; size > 0; size--, data++)
1147 csum += *data;
1148
1149 return -csum;
1150}
1151
1152static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1153 struct kernel_ipmi_msg *msg,
1154 struct ipmi_ipmb_addr *ipmb_addr,
1155 long msgid,
1156 unsigned char ipmb_seq,
1157 int broadcast,
1158 unsigned char source_address,
1159 unsigned char source_lun)
1160{
1161 int i = broadcast;
1162
1163 /* Format the IPMB header data. */
1164 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1165 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1166 smi_msg->data[2] = ipmb_addr->channel;
1167 if (broadcast)
1168 smi_msg->data[3] = 0;
1169 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1170 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1171 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
1172 smi_msg->data[i+6] = source_address;
1173 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1174 smi_msg->data[i+8] = msg->cmd;
1175
1176 /* Now tack on the data to the message. */
1177 if (msg->data_len > 0)
1178 memcpy(&(smi_msg->data[i+9]), msg->data,
1179 msg->data_len);
1180 smi_msg->data_size = msg->data_len + 9;
1181
1182 /* Now calculate the checksum and tack it on. */
1183 smi_msg->data[i+smi_msg->data_size]
1184 = ipmb_checksum(&(smi_msg->data[i+6]),
1185 smi_msg->data_size-6);
1186
1187 /* Add on the checksum size and the offset from the
1188 broadcast. */
1189 smi_msg->data_size += 1 + i;
1190
1191 smi_msg->msgid = msgid;
1192}
1193
1194static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1195 struct kernel_ipmi_msg *msg,
1196 struct ipmi_lan_addr *lan_addr,
1197 long msgid,
1198 unsigned char ipmb_seq,
1199 unsigned char source_lun)
1200{
1201 /* Format the IPMB header data. */
1202 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1203 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1204 smi_msg->data[2] = lan_addr->channel;
1205 smi_msg->data[3] = lan_addr->session_handle;
1206 smi_msg->data[4] = lan_addr->remote_SWID;
1207 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1208 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
1209 smi_msg->data[7] = lan_addr->local_SWID;
1210 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1211 smi_msg->data[9] = msg->cmd;
1212
1213 /* Now tack on the data to the message. */
1214 if (msg->data_len > 0)
1215 memcpy(&(smi_msg->data[10]), msg->data,
1216 msg->data_len);
1217 smi_msg->data_size = msg->data_len + 10;
1218
1219 /* Now calculate the checksum and tack it on. */
1220 smi_msg->data[smi_msg->data_size]
1221 = ipmb_checksum(&(smi_msg->data[7]),
1222 smi_msg->data_size-7);
1223
1224 /* Add on the checksum size and the offset from the
1225 broadcast. */
1226 smi_msg->data_size += 1;
1227
1228 smi_msg->msgid = msgid;
1229}
1230
1231/* Separate from ipmi_request so that the user does not have to be
1232 supplied in certain circumstances (mainly at panic time). If
1233 messages are supplied, they will be freed, even if an error
1234 occurs. */
393d2cc3
CM		 1235static int i_ipmi_request(ipmi_user_t user,
1236 ipmi_smi_t intf,
1237 struct ipmi_addr *addr,
1238 long msgid,
1239 struct kernel_ipmi_msg *msg,
1240 void *user_msg_data,
1241 void *supplied_smi,
1242 struct ipmi_recv_msg *supplied_recv,
1243 int priority,
1244 unsigned char source_address,
1245 unsigned char source_lun,
1246 int retries,
1247 unsigned int retry_time_ms)
1da177e4 1248{
b2c03941
CM		 1249 int rv = 0;
1250 struct ipmi_smi_msg *smi_msg;
1251 struct ipmi_recv_msg *recv_msg;
1252 unsigned long flags;
1253 struct ipmi_smi_handlers *handlers;
1da177e4
LT		 1254
1255
1256 if (supplied_recv) {
1257 recv_msg = supplied_recv;
1258 } else {
1259 recv_msg = ipmi_alloc_recv_msg();
1260 if (recv_msg == NULL) {
1261 return -ENOMEM;
1262 }
1263 }
1264 recv_msg->user_msg_data = user_msg_data;
1265
1266 if (supplied_smi) {
1267 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
1268 } else {
1269 smi_msg = ipmi_alloc_smi_msg();
1270 if (smi_msg == NULL) {
1271 ipmi_free_recv_msg(recv_msg);
1272 return -ENOMEM;
1273 }
1274 }
1275
b2c03941
CM		 1276 rcu_read_lock();
1277 handlers = intf->handlers;
1278 if (!handlers) {
1279 rv = -ENODEV;
1280 goto out_err;
1281 }
1282
1da177e4 1283 recv_msg->user = user;
393d2cc3
CM		 1284 if (user)
1285 kref_get(&user->refcount);
1da177e4
LT		 1286 recv_msg->msgid = msgid;
1287 /* Store the message to send in the receive message so timeout
1288 responses can get the proper response data. */
1289 recv_msg->msg = *msg;
1290
1291 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1292 struct ipmi_system_interface_addr *smi_addr;
1293
1294 if (msg->netfn & 1) {
1295 /* Responses are not allowed to the SMI. */
1296 rv = -EINVAL;
1297 goto out_err;
1298 }
1299
1300 smi_addr = (struct ipmi_system_interface_addr *) addr;
1301 if (smi_addr->lun > 3) {
1302 spin_lock_irqsave(&intf->counter_lock, flags);
1303 intf->sent_invalid_commands++;
1304 spin_unlock_irqrestore(&intf->counter_lock, flags);
1305 rv = -EINVAL;
1306 goto out_err;
1307 }
1308
1309 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1310
1311 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1312 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1313 || (msg->cmd == IPMI_GET_MSG_CMD)
1314 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD)))
1315 {
1316 /* We don't let the user do these, since we manage
1317 the sequence numbers. */
1318 spin_lock_irqsave(&intf->counter_lock, flags);
1319 intf->sent_invalid_commands++;
1320 spin_unlock_irqrestore(&intf->counter_lock, flags);
1321 rv = -EINVAL;
1322 goto out_err;
1323 }
1324
1325 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1326 spin_lock_irqsave(&intf->counter_lock, flags);
1327 intf->sent_invalid_commands++;
1328 spin_unlock_irqrestore(&intf->counter_lock, flags);
1329 rv = -EMSGSIZE;
1330 goto out_err;
1331 }
1332
1333 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1334 smi_msg->data[1] = msg->cmd;
1335 smi_msg->msgid = msgid;
1336 smi_msg->user_data = recv_msg;
1337 if (msg->data_len > 0)
1338 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1339 smi_msg->data_size = msg->data_len + 2;
1340 spin_lock_irqsave(&intf->counter_lock, flags);
1341 intf->sent_local_commands++;
1342 spin_unlock_irqrestore(&intf->counter_lock, flags);
1343 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
1344 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1345 {
1346 struct ipmi_ipmb_addr *ipmb_addr;
1347 unsigned char ipmb_seq;
1348 long seqid;
1349 int broadcast = 0;
1350
9c101fd4
KZ		 1351 if (addr->channel >= IPMI_MAX_CHANNELS) {
1352 spin_lock_irqsave(&intf->counter_lock, flags);
1da177e4
LT		 1353 intf->sent_invalid_commands++;
1354 spin_unlock_irqrestore(&intf->counter_lock, flags);
1355 rv = -EINVAL;
1356 goto out_err;
1357 }
1358
1359 if (intf->channels[addr->channel].medium
1360 != IPMI_CHANNEL_MEDIUM_IPMB)
1361 {
1362 spin_lock_irqsave(&intf->counter_lock, flags);
1363 intf->sent_invalid_commands++;
1364 spin_unlock_irqrestore(&intf->counter_lock, flags);
1365 rv = -EINVAL;
1366 goto out_err;
1367 }
1368
1369 if (retries < 0) {
1370 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1371 retries = 0; /* Don't retry broadcasts. */
1372 else
1373 retries = 4;
1374 }
1375 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1376 /* Broadcasts add a zero at the beginning of the
1377 message, but otherwise is the same as an IPMB
1378 address. */
1379 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1380 broadcast = 1;
1381 }
1382
1383
1384 /* Default to 1 second retries. */
1385 if (retry_time_ms == 0)
1386 retry_time_ms = 1000;
1387
1388 /* 9 for the header and 1 for the checksum, plus
1389 possibly one for the broadcast. */
1390 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1391 spin_lock_irqsave(&intf->counter_lock, flags);
1392 intf->sent_invalid_commands++;
1393 spin_unlock_irqrestore(&intf->counter_lock, flags);
1394 rv = -EMSGSIZE;
1395 goto out_err;
1396 }
1397
1398 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1399 if (ipmb_addr->lun > 3) {
1400 spin_lock_irqsave(&intf->counter_lock, flags);
1401 intf->sent_invalid_commands++;
1402 spin_unlock_irqrestore(&intf->counter_lock, flags);
1403 rv = -EINVAL;
1404 goto out_err;
1405 }
1406
1407 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1408
1409 if (recv_msg->msg.netfn & 0x1) {
1410 /* It's a response, so use the user's sequence
1411 from msgid. */
1412 spin_lock_irqsave(&intf->counter_lock, flags);
1413 intf->sent_ipmb_responses++;
1414 spin_unlock_irqrestore(&intf->counter_lock, flags);
1415 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1416 msgid, broadcast,
1417 source_address, source_lun);
1418
1419 /* Save the receive message so we can use it
1420 to deliver the response. */
1421 smi_msg->user_data = recv_msg;
1422 } else {
1423 /* It's a command, so get a sequence for it. */
1424
1425 spin_lock_irqsave(&(intf->seq_lock), flags);
1426
1427 spin_lock(&intf->counter_lock);
1428 intf->sent_ipmb_commands++;
1429 spin_unlock(&intf->counter_lock);
1430
1431 /* Create a sequence number with a 1 second
1432 timeout and 4 retries. */
1433 rv = intf_next_seq(intf,
1434 recv_msg,
1435 retry_time_ms,
1436 retries,
1437 broadcast,
1438 &ipmb_seq,
1439 &seqid);
1440 if (rv) {
1441 /* We have used up all the sequence numbers,
1442 probably, so abort. */
1443 spin_unlock_irqrestore(&(intf->seq_lock),
1444 flags);
1445 goto out_err;
1446 }
1447
1448 /* Store the sequence number in the message,
1449 so that when the send message response
1450 comes back we can start the timer. */
1451 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1452 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1453 ipmb_seq, broadcast,
1454 source_address, source_lun);
1455
1456 /* Copy the message into the recv message data, so we
1457 can retransmit it later if necessary. */
1458 memcpy(recv_msg->msg_data, smi_msg->data,
1459 smi_msg->data_size);
1460 recv_msg->msg.data = recv_msg->msg_data;
1461 recv_msg->msg.data_len = smi_msg->data_size;
1462
1463 /* We don't unlock until here, because we need
1464 to copy the completed message into the
1465 recv_msg before we release the lock.
1466 Otherwise, race conditions may bite us. I
1467 know that's pretty paranoid, but I prefer
1468 to be correct. */
1469 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1470 }
1471 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
1472 struct ipmi_lan_addr *lan_addr;
1473 unsigned char ipmb_seq;
1474 long seqid;
1475
12fc1d7b 1476 if (addr->channel >= IPMI_MAX_CHANNELS) {
1da177e4
LT		 1477 spin_lock_irqsave(&intf->counter_lock, flags);
1478 intf->sent_invalid_commands++;
1479 spin_unlock_irqrestore(&intf->counter_lock, flags);
1480 rv = -EINVAL;
1481 goto out_err;
1482 }
1483
1484 if ((intf->channels[addr->channel].medium
1485 != IPMI_CHANNEL_MEDIUM_8023LAN)
1486 && (intf->channels[addr->channel].medium
1487 != IPMI_CHANNEL_MEDIUM_ASYNC))
1488 {
1489 spin_lock_irqsave(&intf->counter_lock, flags);
1490 intf->sent_invalid_commands++;
1491 spin_unlock_irqrestore(&intf->counter_lock, flags);
1492 rv = -EINVAL;
1493 goto out_err;
1494 }
1495
1496 retries = 4;
1497
1498 /* Default to 1 second retries. */
1499 if (retry_time_ms == 0)
1500 retry_time_ms = 1000;
1501
1502 /* 11 for the header and 1 for the checksum. */
1503 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1504 spin_lock_irqsave(&intf->counter_lock, flags);
1505 intf->sent_invalid_commands++;
1506 spin_unlock_irqrestore(&intf->counter_lock, flags);
1507 rv = -EMSGSIZE;
1508 goto out_err;
1509 }
1510
1511 lan_addr = (struct ipmi_lan_addr *) addr;
1512 if (lan_addr->lun > 3) {
1513 spin_lock_irqsave(&intf->counter_lock, flags);
1514 intf->sent_invalid_commands++;
1515 spin_unlock_irqrestore(&intf->counter_lock, flags);
1516 rv = -EINVAL;
1517 goto out_err;
1518 }
1519
1520 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1521
1522 if (recv_msg->msg.netfn & 0x1) {
1523 /* It's a response, so use the user's sequence
1524 from msgid. */
1525 spin_lock_irqsave(&intf->counter_lock, flags);
1526 intf->sent_lan_responses++;
1527 spin_unlock_irqrestore(&intf->counter_lock, flags);
1528 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1529 msgid, source_lun);
1530
1531 /* Save the receive message so we can use it
1532 to deliver the response. */
1533 smi_msg->user_data = recv_msg;
1534 } else {
1535 /* It's a command, so get a sequence for it. */
1536
1537 spin_lock_irqsave(&(intf->seq_lock), flags);
1538
1539 spin_lock(&intf->counter_lock);
1540 intf->sent_lan_commands++;
1541 spin_unlock(&intf->counter_lock);
1542
1543 /* Create a sequence number with a 1 second
1544 timeout and 4 retries. */
1545 rv = intf_next_seq(intf,
1546 recv_msg,
1547 retry_time_ms,
1548 retries,
1549 0,
1550 &ipmb_seq,
1551 &seqid);
1552 if (rv) {
1553 /* We have used up all the sequence numbers,
1554 probably, so abort. */
1555 spin_unlock_irqrestore(&(intf->seq_lock),
1556 flags);
1557 goto out_err;
1558 }
1559
1560 /* Store the sequence number in the message,
1561 so that when the send message response
1562 comes back we can start the timer. */
1563 format_lan_msg(smi_msg, msg, lan_addr,
1564 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1565 ipmb_seq, source_lun);
1566
1567 /* Copy the message into the recv message data, so we
1568 can retransmit it later if necessary. */
1569 memcpy(recv_msg->msg_data, smi_msg->data,
1570 smi_msg->data_size);
1571 recv_msg->msg.data = recv_msg->msg_data;
1572 recv_msg->msg.data_len = smi_msg->data_size;
1573
1574 /* We don't unlock until here, because we need
1575 to copy the completed message into the
1576 recv_msg before we release the lock.
1577 Otherwise, race conditions may bite us. I
1578 know that's pretty paranoid, but I prefer
1579 to be correct. */
1580 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1581 }
1582 } else {
1583 /* Unknown address type. */
1584 spin_lock_irqsave(&intf->counter_lock, flags);
1585 intf->sent_invalid_commands++;
1586 spin_unlock_irqrestore(&intf->counter_lock, flags);
1587 rv = -EINVAL;
1588 goto out_err;
1589 }
1590
1591#ifdef DEBUG_MSGING
1592 {
1593 int m;
e8b33617 1594 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 1595 printk(" %2.2x", smi_msg->data[m]);
1596 printk("\n");
1597 }
1598#endif
b2c03941
CM		 1599
1600 handlers->sender(intf->send_info, smi_msg, priority);
1601 rcu_read_unlock();
1da177e4
LT		 1602
1603 return 0;
1604
1605 out_err:
b2c03941 1606 rcu_read_unlock();
1da177e4
LT		 1607 ipmi_free_smi_msg(smi_msg);
1608 ipmi_free_recv_msg(recv_msg);
1609 return rv;
1610}
1611
c14979b9
CM		 1612static int check_addr(ipmi_smi_t intf,
1613 struct ipmi_addr *addr,
1614 unsigned char *saddr,
1615 unsigned char *lun)
1616{
1617 if (addr->channel >= IPMI_MAX_CHANNELS)
1618 return -EINVAL;
1619 *lun = intf->channels[addr->channel].lun;
1620 *saddr = intf->channels[addr->channel].address;
1621 return 0;
1622}
1623
1da177e4
LT		 1624int ipmi_request_settime(ipmi_user_t user,
1625 struct ipmi_addr *addr,
1626 long msgid,
1627 struct kernel_ipmi_msg *msg,
1628 void *user_msg_data,
1629 int priority,
1630 int retries,
1631 unsigned int retry_time_ms)
1632{
c14979b9
CM		 1633 unsigned char saddr, lun;
1634 int rv;
1635
8a3628d5 1636 if (!user)
56a55ec6 1637 return -EINVAL;
c14979b9
CM		 1638 rv = check_addr(user->intf, addr, &saddr, &lun);
1639 if (rv)
1640 return rv;
1da177e4
LT		 1641 return i_ipmi_request(user,
1642 user->intf,
1643 addr,
1644 msgid,
1645 msg,
1646 user_msg_data,
1647 NULL, NULL,
1648 priority,
c14979b9
CM		 1649 saddr,
1650 lun,
1da177e4
LT		 1651 retries,
1652 retry_time_ms);
1653}
1654
1655int ipmi_request_supply_msgs(ipmi_user_t user,
1656 struct ipmi_addr *addr,
1657 long msgid,
1658 struct kernel_ipmi_msg *msg,
1659 void *user_msg_data,
1660 void *supplied_smi,
1661 struct ipmi_recv_msg *supplied_recv,
1662 int priority)
1663{
c14979b9
CM		 1664 unsigned char saddr, lun;
1665 int rv;
1666
8a3628d5 1667 if (!user)
56a55ec6 1668 return -EINVAL;
c14979b9
CM		 1669 rv = check_addr(user->intf, addr, &saddr, &lun);
1670 if (rv)
1671 return rv;
1da177e4
LT		 1672 return i_ipmi_request(user,
1673 user->intf,
1674 addr,
1675 msgid,
1676 msg,
1677 user_msg_data,
1678 supplied_smi,
1679 supplied_recv,
1680 priority,
c14979b9
CM		 1681 saddr,
1682 lun,
1da177e4
LT		 1683 -1, 0);
1684}
1685
1686static int ipmb_file_read_proc(char *page, char **start, off_t off,
1687 int count, int *eof, void *data)
1688{
1689 char *out = (char *) page;
1690 ipmi_smi_t intf = data;
c14979b9 1691 int i;
8a3628d5 1692 int rv = 0;
1da177e4 1693
e8b33617 1694 for (i = 0; i < IPMI_MAX_CHANNELS; i++)
c14979b9
CM		 1695 rv += sprintf(out+rv, "%x ", intf->channels[i].address);
1696 out[rv-1] = '\n'; /* Replace the final space with a newline */
1697 out[rv] = '\0';
1698 rv++;
1699 return rv;
1da177e4
LT		 1700}
1701
1702static int version_file_read_proc(char *page, char **start, off_t off,
1703 int count, int *eof, void *data)
1704{
1705 char *out = (char *) page;
1706 ipmi_smi_t intf = data;
1707
1708 return sprintf(out, "%d.%d\n",
50c812b2
CM		 1709 ipmi_version_major(&intf->bmc->id),
1710 ipmi_version_minor(&intf->bmc->id));
1da177e4
LT		 1711}
1712
1713static int stat_file_read_proc(char *page, char **start, off_t off,
1714 int count, int *eof, void *data)
1715{
1716 char *out = (char *) page;
1717 ipmi_smi_t intf = data;
1718
1719 out += sprintf(out, "sent_invalid_commands: %d\n",
1720 intf->sent_invalid_commands);
1721 out += sprintf(out, "sent_local_commands: %d\n",
1722 intf->sent_local_commands);
1723 out += sprintf(out, "handled_local_responses: %d\n",
1724 intf->handled_local_responses);
1725 out += sprintf(out, "unhandled_local_responses: %d\n",
1726 intf->unhandled_local_responses);
1727 out += sprintf(out, "sent_ipmb_commands: %d\n",
1728 intf->sent_ipmb_commands);
1729 out += sprintf(out, "sent_ipmb_command_errs: %d\n",
1730 intf->sent_ipmb_command_errs);
1731 out += sprintf(out, "retransmitted_ipmb_commands: %d\n",
1732 intf->retransmitted_ipmb_commands);
1733 out += sprintf(out, "timed_out_ipmb_commands: %d\n",
1734 intf->timed_out_ipmb_commands);
1735 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n",
1736 intf->timed_out_ipmb_broadcasts);
1737 out += sprintf(out, "sent_ipmb_responses: %d\n",
1738 intf->sent_ipmb_responses);
1739 out += sprintf(out, "handled_ipmb_responses: %d\n",
1740 intf->handled_ipmb_responses);
1741 out += sprintf(out, "invalid_ipmb_responses: %d\n",
1742 intf->invalid_ipmb_responses);
1743 out += sprintf(out, "unhandled_ipmb_responses: %d\n",
1744 intf->unhandled_ipmb_responses);
1745 out += sprintf(out, "sent_lan_commands: %d\n",
1746 intf->sent_lan_commands);
1747 out += sprintf(out, "sent_lan_command_errs: %d\n",
1748 intf->sent_lan_command_errs);
1749 out += sprintf(out, "retransmitted_lan_commands: %d\n",
1750 intf->retransmitted_lan_commands);
1751 out += sprintf(out, "timed_out_lan_commands: %d\n",
1752 intf->timed_out_lan_commands);
1753 out += sprintf(out, "sent_lan_responses: %d\n",
1754 intf->sent_lan_responses);
1755 out += sprintf(out, "handled_lan_responses: %d\n",
1756 intf->handled_lan_responses);
1757 out += sprintf(out, "invalid_lan_responses: %d\n",
1758 intf->invalid_lan_responses);
1759 out += sprintf(out, "unhandled_lan_responses: %d\n",
1760 intf->unhandled_lan_responses);
1761 out += sprintf(out, "handled_commands: %d\n",
1762 intf->handled_commands);
1763 out += sprintf(out, "invalid_commands: %d\n",
1764 intf->invalid_commands);
1765 out += sprintf(out, "unhandled_commands: %d\n",
1766 intf->unhandled_commands);
1767 out += sprintf(out, "invalid_events: %d\n",
1768 intf->invalid_events);
1769 out += sprintf(out, "events: %d\n",
1770 intf->events);
1771
1772 return (out - ((char *) page));
1773}
1774
1775int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1776 read_proc_t *read_proc, write_proc_t *write_proc,
1777 void *data, struct module *owner)
1778{
1da177e4 1779 int rv = 0;
3b625943
CM		 1780#ifdef CONFIG_PROC_FS
1781 struct proc_dir_entry *file;
1da177e4
LT		 1782 struct ipmi_proc_entry *entry;
1783
1784 /* Create a list element. */
1785 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
1786 if (!entry)
1787 return -ENOMEM;
1788 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
1789 if (!entry->name) {
1790 kfree(entry);
1791 return -ENOMEM;
1792 }
1793 strcpy(entry->name, name);
1794
1795 file = create_proc_entry(name, 0, smi->proc_dir);
1796 if (!file) {
1797 kfree(entry->name);
1798 kfree(entry);
1799 rv = -ENOMEM;
1800 } else {
1801 file->nlink = 1;
1802 file->data = data;
1803 file->read_proc = read_proc;
1804 file->write_proc = write_proc;
1805 file->owner = owner;
1806
3b625943 1807 spin_lock(&smi->proc_entry_lock);
1da177e4
LT		 1808 /* Stick it on the list. */
1809 entry->next = smi->proc_entries;
1810 smi->proc_entries = entry;
3b625943 1811 spin_unlock(&smi->proc_entry_lock);
1da177e4 1812 }
3b625943 1813#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1814
1815 return rv;
1816}
1817
1818static int add_proc_entries(ipmi_smi_t smi, int num)
1819{
1820 int rv = 0;
1821
3b625943 1822#ifdef CONFIG_PROC_FS
1da177e4
LT		 1823 sprintf(smi->proc_dir_name, "%d", num);
1824 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
1825 if (!smi->proc_dir)
1826 rv = -ENOMEM;
1827 else {
1828 smi->proc_dir->owner = THIS_MODULE;
1829 }
1830
1831 if (rv == 0)
1832 rv = ipmi_smi_add_proc_entry(smi, "stats",
1833 stat_file_read_proc, NULL,
1834 smi, THIS_MODULE);
1835
1836 if (rv == 0)
1837 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
1838 ipmb_file_read_proc, NULL,
1839 smi, THIS_MODULE);
1840
1841 if (rv == 0)
1842 rv = ipmi_smi_add_proc_entry(smi, "version",
1843 version_file_read_proc, NULL,
1844 smi, THIS_MODULE);
3b625943 1845#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1846
1847 return rv;
1848}
1849
1850static void remove_proc_entries(ipmi_smi_t smi)
1851{
3b625943 1852#ifdef CONFIG_PROC_FS
1da177e4
LT		 1853 struct ipmi_proc_entry *entry;
1854
3b625943 1855 spin_lock(&smi->proc_entry_lock);
1da177e4
LT		 1856 while (smi->proc_entries) {
1857 entry = smi->proc_entries;
1858 smi->proc_entries = entry->next;
1859
1860 remove_proc_entry(entry->name, smi->proc_dir);
1861 kfree(entry->name);
1862 kfree(entry);
1863 }
3b625943 1864 spin_unlock(&smi->proc_entry_lock);
1da177e4 1865 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
3b625943 1866#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1867}
1868
50c812b2
CM		 1869static int __find_bmc_guid(struct device *dev, void *data)
1870{
1871 unsigned char *id = data;
1872 struct bmc_device *bmc = dev_get_drvdata(dev);
1873 return memcmp(bmc->guid, id, 16) == 0;
1874}
1875
1876static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv,
1877 unsigned char *guid)
1878{
1879 struct device *dev;
1880
1881 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid);
1882 if (dev)
1883 return dev_get_drvdata(dev);
1884 else
1885 return NULL;
1886}
1887
1888struct prod_dev_id {
1889 unsigned int product_id;
1890 unsigned char device_id;
1891};
1892
1893static int __find_bmc_prod_dev_id(struct device *dev, void *data)
1894{
1895 struct prod_dev_id *id = data;
1896 struct bmc_device *bmc = dev_get_drvdata(dev);
1897
1898 return (bmc->id.product_id == id->product_id
50c812b2
CM		 1899 && bmc->id.device_id == id->device_id);
1900}
1901
1902static struct bmc_device *ipmi_find_bmc_prod_dev_id(
1903 struct device_driver *drv,
f0b55da0 1904 unsigned int product_id, unsigned char device_id)
50c812b2
CM		 1905{
1906 struct prod_dev_id id = {
1907 .product_id = product_id,
1908 .device_id = device_id,
1909 };
1910 struct device *dev;
1911
1912 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id);
1913 if (dev)
1914 return dev_get_drvdata(dev);
1915 else
1916 return NULL;
1917}
1918
1919static ssize_t device_id_show(struct device *dev,
1920 struct device_attribute *attr,
1921 char *buf)
1922{
1923 struct bmc_device *bmc = dev_get_drvdata(dev);
1924
1925 return snprintf(buf, 10, "%u\n", bmc->id.device_id);
1926}
1927
1928static ssize_t provides_dev_sdrs_show(struct device *dev,
1929 struct device_attribute *attr,
1930 char *buf)
1931{
1932 struct bmc_device *bmc = dev_get_drvdata(dev);
1933
1934 return snprintf(buf, 10, "%u\n",
7947d2cc 1935 (bmc->id.device_revision & 0x80) >> 7);
50c812b2
CM		 1936}
1937
1938static ssize_t revision_show(struct device *dev, struct device_attribute *attr,
1939 char *buf)
1940{
1941 struct bmc_device *bmc = dev_get_drvdata(dev);
1942
1943 return snprintf(buf, 20, "%u\n",
7947d2cc 1944 bmc->id.device_revision & 0x0F);
50c812b2
CM		 1945}
1946
1947static ssize_t firmware_rev_show(struct device *dev,
1948 struct device_attribute *attr,
1949 char *buf)
1950{
1951 struct bmc_device *bmc = dev_get_drvdata(dev);
1952
1953 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1,
1954 bmc->id.firmware_revision_2);
1955}
1956
1957static ssize_t ipmi_version_show(struct device *dev,
1958 struct device_attribute *attr,
1959 char *buf)
1960{
1961 struct bmc_device *bmc = dev_get_drvdata(dev);
1962
1963 return snprintf(buf, 20, "%u.%u\n",
1964 ipmi_version_major(&bmc->id),
1965 ipmi_version_minor(&bmc->id));
1966}
1967
1968static ssize_t add_dev_support_show(struct device *dev,
1969 struct device_attribute *attr,
1970 char *buf)
1971{
1972 struct bmc_device *bmc = dev_get_drvdata(dev);
1973
1974 return snprintf(buf, 10, "0x%02x\n",
1975 bmc->id.additional_device_support);
1976}
1977
1978static ssize_t manufacturer_id_show(struct device *dev,
1979 struct device_attribute *attr,
1980 char *buf)
1981{
1982 struct bmc_device *bmc = dev_get_drvdata(dev);
1983
1984 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id);
1985}
1986
1987static ssize_t product_id_show(struct device *dev,
1988 struct device_attribute *attr,
1989 char *buf)
1990{
1991 struct bmc_device *bmc = dev_get_drvdata(dev);
1992
1993 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id);
1994}
1995
1996static ssize_t aux_firmware_rev_show(struct device *dev,
1997 struct device_attribute *attr,
1998 char *buf)
1999{
2000 struct bmc_device *bmc = dev_get_drvdata(dev);
2001
2002 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n",
2003 bmc->id.aux_firmware_revision[3],
2004 bmc->id.aux_firmware_revision[2],
2005 bmc->id.aux_firmware_revision[1],
2006 bmc->id.aux_firmware_revision[0]);
2007}
2008
2009static ssize_t guid_show(struct device *dev, struct device_attribute *attr,
2010 char *buf)
2011{
2012 struct bmc_device *bmc = dev_get_drvdata(dev);
2013
2014 return snprintf(buf, 100, "%Lx%Lx\n",
2015 (long long) bmc->guid[0],
2016 (long long) bmc->guid[8]);
2017}
2018
5e59393e 2019static void remove_files(struct bmc_device *bmc)
50c812b2 2020{
f0b55da0
CM		 2021 if (!bmc->dev)
2022 return;
2023
50c812b2
CM		 2024 device_remove_file(&bmc->dev->dev,
2025 &bmc->device_id_attr);
2026 device_remove_file(&bmc->dev->dev,
2027 &bmc->provides_dev_sdrs_attr);
2028 device_remove_file(&bmc->dev->dev,
2029 &bmc->revision_attr);
2030 device_remove_file(&bmc->dev->dev,
2031 &bmc->firmware_rev_attr);
2032 device_remove_file(&bmc->dev->dev,
2033 &bmc->version_attr);
2034 device_remove_file(&bmc->dev->dev,
2035 &bmc->add_dev_support_attr);
2036 device_remove_file(&bmc->dev->dev,
2037 &bmc->manufacturer_id_attr);
2038 device_remove_file(&bmc->dev->dev,
2039 &bmc->product_id_attr);
5e59393e 2040
50c812b2
CM		 2041 if (bmc->id.aux_firmware_revision_set)
2042 device_remove_file(&bmc->dev->dev,
2043 &bmc->aux_firmware_rev_attr);
2044 if (bmc->guid_set)
2045 device_remove_file(&bmc->dev->dev,
2046 &bmc->guid_attr);
5e59393e
JG		 2047}
2048
2049static void
2050cleanup_bmc_device(struct kref *ref)
2051{
2052 struct bmc_device *bmc;
2053
2054 bmc = container_of(ref, struct bmc_device, refcount);
2055
2056 remove_files(bmc);
f0b55da0
CM		 2057 if (bmc->dev)
2058 platform_device_unregister(bmc->dev);
50c812b2
CM		 2059 kfree(bmc);
2060}
2061
2062static void ipmi_bmc_unregister(ipmi_smi_t intf)
2063{
2064 struct bmc_device *bmc = intf->bmc;
2065
759643b8
CM		 2066 if (intf->sysfs_name) {
2067 sysfs_remove_link(&intf->si_dev->kobj, intf->sysfs_name);
2068 kfree(intf->sysfs_name);
2069 intf->sysfs_name = NULL;
2070 }
50c812b2
CM		 2071 if (intf->my_dev_name) {
2072 sysfs_remove_link(&bmc->dev->dev.kobj, intf->my_dev_name);
2073 kfree(intf->my_dev_name);
2074 intf->my_dev_name = NULL;
2075 }
2076
2077 mutex_lock(&ipmidriver_mutex);
2078 kref_put(&bmc->refcount, cleanup_bmc_device);
f0b55da0 2079 intf->bmc = NULL;
50c812b2
CM		 2080 mutex_unlock(&ipmidriver_mutex);
2081}
2082
5e59393e
JG		 2083static int create_files(struct bmc_device *bmc)
2084{
2085 int err;
2086
f0b55da0
CM		 2087 bmc->device_id_attr.attr.name = "device_id";
2088 bmc->device_id_attr.attr.owner = THIS_MODULE;
2089 bmc->device_id_attr.attr.mode = S_IRUGO;
2090 bmc->device_id_attr.show = device_id_show;
2091
2092 bmc->provides_dev_sdrs_attr.attr.name = "provides_device_sdrs";
2093 bmc->provides_dev_sdrs_attr.attr.owner = THIS_MODULE;
2094 bmc->provides_dev_sdrs_attr.attr.mode = S_IRUGO;
2095 bmc->provides_dev_sdrs_attr.show = provides_dev_sdrs_show;
2096
2097 bmc->revision_attr.attr.name = "revision";
2098 bmc->revision_attr.attr.owner = THIS_MODULE;
2099 bmc->revision_attr.attr.mode = S_IRUGO;
2100 bmc->revision_attr.show = revision_show;
2101
2102 bmc->firmware_rev_attr.attr.name = "firmware_revision";
2103 bmc->firmware_rev_attr.attr.owner = THIS_MODULE;
2104 bmc->firmware_rev_attr.attr.mode = S_IRUGO;
2105 bmc->firmware_rev_attr.show = firmware_rev_show;
2106
2107 bmc->version_attr.attr.name = "ipmi_version";
2108 bmc->version_attr.attr.owner = THIS_MODULE;
2109 bmc->version_attr.attr.mode = S_IRUGO;
2110 bmc->version_attr.show = ipmi_version_show;
2111
2112 bmc->add_dev_support_attr.attr.name = "additional_device_support";
2113 bmc->add_dev_support_attr.attr.owner = THIS_MODULE;
2114 bmc->add_dev_support_attr.attr.mode = S_IRUGO;
2115 bmc->add_dev_support_attr.show = add_dev_support_show;
2116
2117 bmc->manufacturer_id_attr.attr.name = "manufacturer_id";
2118 bmc->manufacturer_id_attr.attr.owner = THIS_MODULE;
2119 bmc->manufacturer_id_attr.attr.mode = S_IRUGO;
2120 bmc->manufacturer_id_attr.show = manufacturer_id_show;
2121
2122 bmc->product_id_attr.attr.name = "product_id";
2123 bmc->product_id_attr.attr.owner = THIS_MODULE;
2124 bmc->product_id_attr.attr.mode = S_IRUGO;
2125 bmc->product_id_attr.show = product_id_show;
2126
2127 bmc->guid_attr.attr.name = "guid";
2128 bmc->guid_attr.attr.owner = THIS_MODULE;
2129 bmc->guid_attr.attr.mode = S_IRUGO;
2130 bmc->guid_attr.show = guid_show;
2131
2132 bmc->aux_firmware_rev_attr.attr.name = "aux_firmware_revision";
2133 bmc->aux_firmware_rev_attr.attr.owner = THIS_MODULE;
2134 bmc->aux_firmware_rev_attr.attr.mode = S_IRUGO;
2135 bmc->aux_firmware_rev_attr.show = aux_firmware_rev_show;
2136
5e59393e
JG		 2137 err = device_create_file(&bmc->dev->dev,
2138 &bmc->device_id_attr);
2139 if (err) goto out;
2140 err = device_create_file(&bmc->dev->dev,
2141 &bmc->provides_dev_sdrs_attr);
2142 if (err) goto out_devid;
2143 err = device_create_file(&bmc->dev->dev,
2144 &bmc->revision_attr);
2145 if (err) goto out_sdrs;
2146 err = device_create_file(&bmc->dev->dev,
2147 &bmc->firmware_rev_attr);
2148 if (err) goto out_rev;
2149 err = device_create_file(&bmc->dev->dev,
2150 &bmc->version_attr);
2151 if (err) goto out_firm;
2152 err = device_create_file(&bmc->dev->dev,
2153 &bmc->add_dev_support_attr);
2154 if (err) goto out_version;
2155 err = device_create_file(&bmc->dev->dev,
2156 &bmc->manufacturer_id_attr);
2157 if (err) goto out_add_dev;
2158 err = device_create_file(&bmc->dev->dev,
2159 &bmc->product_id_attr);
2160 if (err) goto out_manu;
2161 if (bmc->id.aux_firmware_revision_set) {
2162 err = device_create_file(&bmc->dev->dev,
2163 &bmc->aux_firmware_rev_attr);
2164 if (err) goto out_prod_id;
2165 }
2166 if (bmc->guid_set) {
2167 err = device_create_file(&bmc->dev->dev,
2168 &bmc->guid_attr);
2169 if (err) goto out_aux_firm;
2170 }
2171
2172 return 0;
2173
2174out_aux_firm:
2175 if (bmc->id.aux_firmware_revision_set)
2176 device_remove_file(&bmc->dev->dev,
2177 &bmc->aux_firmware_rev_attr);
2178out_prod_id:
2179 device_remove_file(&bmc->dev->dev,
2180 &bmc->product_id_attr);
2181out_manu:
2182 device_remove_file(&bmc->dev->dev,
2183 &bmc->manufacturer_id_attr);
2184out_add_dev:
2185 device_remove_file(&bmc->dev->dev,
2186 &bmc->add_dev_support_attr);
2187out_version:
2188 device_remove_file(&bmc->dev->dev,
2189 &bmc->version_attr);
2190out_firm:
2191 device_remove_file(&bmc->dev->dev,
2192 &bmc->firmware_rev_attr);
2193out_rev:
2194 device_remove_file(&bmc->dev->dev,
2195 &bmc->revision_attr);
2196out_sdrs:
2197 device_remove_file(&bmc->dev->dev,
2198 &bmc->provides_dev_sdrs_attr);
2199out_devid:
2200 device_remove_file(&bmc->dev->dev,
2201 &bmc->device_id_attr);
2202out:
2203 return err;
2204}
2205
759643b8
CM		 2206static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum,
2207 const char *sysfs_name)
50c812b2
CM		 2208{
2209 int rv;
2210 struct bmc_device *bmc = intf->bmc;
2211 struct bmc_device *old_bmc;
2212 int size;
2213 char dummy[1];
2214
2215 mutex_lock(&ipmidriver_mutex);
2216
2217 /*
2218 * Try to find if there is an bmc_device struct
2219 * representing the interfaced BMC already
2220 */
2221 if (bmc->guid_set)
2222 old_bmc = ipmi_find_bmc_guid(&ipmidriver, bmc->guid);
2223 else
2224 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver,
2225 bmc->id.product_id,
2226 bmc->id.device_id);
2227
2228 /*
2229 * If there is already an bmc_device, free the new one,
2230 * otherwise register the new BMC device
2231 */
2232 if (old_bmc) {
2233 kfree(bmc);
2234 intf->bmc = old_bmc;
2235 bmc = old_bmc;
2236
2237 kref_get(&bmc->refcount);
2238 mutex_unlock(&ipmidriver_mutex);
2239
2240 printk(KERN_INFO
2241 "ipmi: interfacing existing BMC (man_id: 0x%6.6x,"
2242 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2243 bmc->id.manufacturer_id,
2244 bmc->id.product_id,
2245 bmc->id.device_id);
2246 } else {
f0b55da0
CM		 2247 char name[14];
2248 unsigned char orig_dev_id = bmc->id.device_id;
2249 int warn_printed = 0;
2250
2251 snprintf(name, sizeof(name),
2252 "ipmi_bmc.%4.4x", bmc->id.product_id);
2253
2254 while (ipmi_find_bmc_prod_dev_id(&ipmidriver,
2255 bmc->id.product_id,
2256 bmc->id.device_id))
2257 {
2258 if (!warn_printed) {
2259 printk(KERN_WARNING PFX
2260 "This machine has two different BMCs"
2261 " with the same product id and device"
2262 " id. This is an error in the"
2263 " firmware, but incrementing the"
2264 " device id to work around the problem."
2265 " Prod ID = 0x%x, Dev ID = 0x%x\n",
2266 bmc->id.product_id, bmc->id.device_id);
2267 warn_printed = 1;
2268 }
2269 bmc->id.device_id++; /* Wraps at 255 */
2270 if (bmc->id.device_id == orig_dev_id) {
2271 printk(KERN_ERR PFX
2272 "Out of device ids!\n");
2273 break;
2274 }
2275 }
2276
2277 bmc->dev = platform_device_alloc(name, bmc->id.device_id);
8a3628d5 2278 if (!bmc->dev) {
f0b55da0 2279 mutex_unlock(&ipmidriver_mutex);
50c812b2
CM		 2280 printk(KERN_ERR
2281 "ipmi_msghandler:"
2282 " Unable to allocate platform device\n");
2283 return -ENOMEM;
2284 }
2285 bmc->dev->dev.driver = &ipmidriver;
2286 dev_set_drvdata(&bmc->dev->dev, bmc);
2287 kref_init(&bmc->refcount);
2288
b48f5457 2289 rv = platform_device_add(bmc->dev);
50c812b2
CM		 2290 mutex_unlock(&ipmidriver_mutex);
2291 if (rv) {
f0b55da0
CM		 2292 platform_device_put(bmc->dev);
2293 bmc->dev = NULL;
50c812b2
CM		 2294 printk(KERN_ERR
2295 "ipmi_msghandler:"
2296 " Unable to register bmc device: %d\n",
2297 rv);
2298 /* Don't go to out_err, you can only do that if
2299 the device is registered already. */
2300 return rv;
2301 }
2302
5e59393e
JG		 2303 rv = create_files(bmc);
2304 if (rv) {
2305 mutex_lock(&ipmidriver_mutex);
2306 platform_device_unregister(bmc->dev);
2307 mutex_unlock(&ipmidriver_mutex);
2308
2309 return rv;
2310 }
50c812b2
CM		 2311
2312 printk(KERN_INFO
2313 "ipmi: Found new BMC (man_id: 0x%6.6x, "
2314 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2315 bmc->id.manufacturer_id,
2316 bmc->id.product_id,
2317 bmc->id.device_id);
2318 }
2319
2320 /*
2321 * create symlink from system interface device to bmc device
2322 * and back.
2323 */
759643b8
CM		 2324 intf->sysfs_name = kstrdup(sysfs_name, GFP_KERNEL);
2325 if (!intf->sysfs_name) {
2326 rv = -ENOMEM;
2327 printk(KERN_ERR
2328 "ipmi_msghandler: allocate link to BMC: %d\n",
2329 rv);
2330 goto out_err;
2331 }
2332
50c812b2 2333 rv = sysfs_create_link(&intf->si_dev->kobj,
759643b8 2334 &bmc->dev->dev.kobj, intf->sysfs_name);
50c812b2 2335 if (rv) {
759643b8
CM		 2336 kfree(intf->sysfs_name);
2337 intf->sysfs_name = NULL;
50c812b2
CM		 2338 printk(KERN_ERR
2339 "ipmi_msghandler: Unable to create bmc symlink: %d\n",
2340 rv);
2341 goto out_err;
2342 }
2343
759643b8 2344 size = snprintf(dummy, 0, "ipmi%d", ifnum);
50c812b2
CM		 2345 intf->my_dev_name = kmalloc(size+1, GFP_KERNEL);
2346 if (!intf->my_dev_name) {
759643b8
CM		 2347 kfree(intf->sysfs_name);
2348 intf->sysfs_name = NULL;
50c812b2
CM		 2349 rv = -ENOMEM;
2350 printk(KERN_ERR
2351 "ipmi_msghandler: allocate link from BMC: %d\n",
2352 rv);
2353 goto out_err;
2354 }
759643b8 2355 snprintf(intf->my_dev_name, size+1, "ipmi%d", ifnum);
50c812b2
CM		 2356
2357 rv = sysfs_create_link(&bmc->dev->dev.kobj, &intf->si_dev->kobj,
2358 intf->my_dev_name);
2359 if (rv) {
759643b8
CM		 2360 kfree(intf->sysfs_name);
2361 intf->sysfs_name = NULL;
50c812b2
CM		 2362 kfree(intf->my_dev_name);
2363 intf->my_dev_name = NULL;
2364 printk(KERN_ERR
2365 "ipmi_msghandler:"
2366 " Unable to create symlink to bmc: %d\n",
2367 rv);
2368 goto out_err;
2369 }
2370
2371 return 0;
2372
2373out_err:
2374 ipmi_bmc_unregister(intf);
2375 return rv;
2376}
2377
2378static int
2379send_guid_cmd(ipmi_smi_t intf, int chan)
2380{
2381 struct kernel_ipmi_msg msg;
2382 struct ipmi_system_interface_addr si;
2383
2384 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2385 si.channel = IPMI_BMC_CHANNEL;
2386 si.lun = 0;
2387
2388 msg.netfn = IPMI_NETFN_APP_REQUEST;
2389 msg.cmd = IPMI_GET_DEVICE_GUID_CMD;
2390 msg.data = NULL;
2391 msg.data_len = 0;
2392 return i_ipmi_request(NULL,
2393 intf,
2394 (struct ipmi_addr *) &si,
2395 0,
2396 &msg,
2397 intf,
2398 NULL,
2399 NULL,
2400 0,
2401 intf->channels[0].address,
2402 intf->channels[0].lun,
2403 -1, 0);
2404}
2405
2406static void
2407guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
2408{
2409 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2410 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
2411 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD))
2412 /* Not for me */
2413 return;
2414
2415 if (msg->msg.data[0] != 0) {
2416 /* Error from getting the GUID, the BMC doesn't have one. */
2417 intf->bmc->guid_set = 0;
2418 goto out;
2419 }
2420
2421 if (msg->msg.data_len < 17) {
2422 intf->bmc->guid_set = 0;
2423 printk(KERN_WARNING PFX
2424 "guid_handler: The GUID response from the BMC was too"
2425 " short, it was %d but should have been 17. Assuming"
2426 " GUID is not available.\n",
2427 msg->msg.data_len);
2428 goto out;
2429 }
2430
2431 memcpy(intf->bmc->guid, msg->msg.data, 16);
2432 intf->bmc->guid_set = 1;
2433 out:
2434 wake_up(&intf->waitq);
2435}
2436
2437static void
2438get_guid(ipmi_smi_t intf)
2439{
2440 int rv;
2441
2442 intf->bmc->guid_set = 0x2;
2443 intf->null_user_handler = guid_handler;
2444 rv = send_guid_cmd(intf, 0);
2445 if (rv)
2446 /* Send failed, no GUID available. */
2447 intf->bmc->guid_set = 0;
2448 wait_event(intf->waitq, intf->bmc->guid_set != 2);
2449 intf->null_user_handler = NULL;
2450}
2451
1da177e4
LT		 2452static int
2453send_channel_info_cmd(ipmi_smi_t intf, int chan)
2454{
2455 struct kernel_ipmi_msg msg;
2456 unsigned char data[1];
2457 struct ipmi_system_interface_addr si;
2458
2459 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2460 si.channel = IPMI_BMC_CHANNEL;
2461 si.lun = 0;
2462
2463 msg.netfn = IPMI_NETFN_APP_REQUEST;
2464 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
2465 msg.data = data;
2466 msg.data_len = 1;
2467 data[0] = chan;
2468 return i_ipmi_request(NULL,
2469 intf,
2470 (struct ipmi_addr *) &si,
2471 0,
2472 &msg,
56a55ec6 2473 intf,
1da177e4
LT		 2474 NULL,
2475 NULL,
2476 0,
c14979b9
CM		 2477 intf->channels[0].address,
2478 intf->channels[0].lun,
1da177e4
LT		 2479 -1, 0);
2480}
2481
2482static void
56a55ec6 2483channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4
LT		 2484{
2485 int rv = 0;
2486 int chan;
2487
56a55ec6
CM		 2488 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2489 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
2490 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD))
1da177e4
LT		 2491 {
2492 /* It's the one we want */
56a55ec6 2493 if (msg->msg.data[0] != 0) {
1da177e4
LT		 2494 /* Got an error from the channel, just go on. */
2495
56a55ec6 2496 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
1da177e4
LT		 2497 /* If the MC does not support this
2498 command, that is legal. We just
2499 assume it has one IPMB at channel
2500 zero. */
2501 intf->channels[0].medium
2502 = IPMI_CHANNEL_MEDIUM_IPMB;
2503 intf->channels[0].protocol
2504 = IPMI_CHANNEL_PROTOCOL_IPMB;
2505 rv = -ENOSYS;
2506
2507 intf->curr_channel = IPMI_MAX_CHANNELS;
2508 wake_up(&intf->waitq);
2509 goto out;
2510 }
2511 goto next_channel;
2512 }
56a55ec6 2513 if (msg->msg.data_len < 4) {
1da177e4
LT		 2514 /* Message not big enough, just go on. */
2515 goto next_channel;
2516 }
2517 chan = intf->curr_channel;
56a55ec6
CM		 2518 intf->channels[chan].medium = msg->msg.data[2] & 0x7f;
2519 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f;
1da177e4
LT		 2520
2521 next_channel:
2522 intf->curr_channel++;
2523 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
2524 wake_up(&intf->waitq);
2525 else
2526 rv = send_channel_info_cmd(intf, intf->curr_channel);
2527
2528 if (rv) {
2529 /* Got an error somehow, just give up. */
2530 intf->curr_channel = IPMI_MAX_CHANNELS;
2531 wake_up(&intf->waitq);
2532
2533 printk(KERN_WARNING PFX
2534 "Error sending channel information: %d\n",
2535 rv);
2536 }
2537 }
2538 out:
2539 return;
2540}
2541
2542int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
2543 void *send_info,
50c812b2
CM		 2544 struct ipmi_device_id *device_id,
2545 struct device *si_dev,
759643b8 2546 const char *sysfs_name,
453823ba 2547 unsigned char slave_addr)
1da177e4
LT		 2548{
2549 int i, j;
2550 int rv;
393d2cc3 2551 ipmi_smi_t intf;
bca0324d 2552 ipmi_smi_t tintf;
bca0324d 2553 struct list_head *link;
1da177e4 2554
1da177e4
LT		 2555 /* Make sure the driver is actually initialized, this handles
2556 problems with initialization order. */
2557 if (!initialized) {
2558 rv = ipmi_init_msghandler();
2559 if (rv)
2560 return rv;
2561 /* The init code doesn't return an error if it was turned
2562 off, but it won't initialize. Check that. */
2563 if (!initialized)
2564 return -ENODEV;
2565 }
2566
393d2cc3
CM		 2567 intf = kmalloc(sizeof(*intf), GFP_KERNEL);
2568 if (!intf)
1da177e4 2569 return -ENOMEM;
393d2cc3 2570 memset(intf, 0, sizeof(*intf));
b2c03941
CM		 2571
2572 intf->ipmi_version_major = ipmi_version_major(device_id);
2573 intf->ipmi_version_minor = ipmi_version_minor(device_id);
2574
50c812b2
CM		 2575 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL);
2576 if (!intf->bmc) {
2577 kfree(intf);
2578 return -ENOMEM;
2579 }
bca0324d 2580 intf->intf_num = -1; /* Mark it invalid for now. */
393d2cc3 2581 kref_init(&intf->refcount);
50c812b2
CM		 2582 intf->bmc->id = *device_id;
2583 intf->si_dev = si_dev;
393d2cc3
CM		 2584 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
2585 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR;
2586 intf->channels[j].lun = 2;
2587 }
2588 if (slave_addr != 0)
2589 intf->channels[0].address = slave_addr;
2590 INIT_LIST_HEAD(&intf->users);
2591 intf->handlers = handlers;
2592 intf->send_info = send_info;
2593 spin_lock_init(&intf->seq_lock);
2594 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
2595 intf->seq_table[j].inuse = 0;
2596 intf->seq_table[j].seqid = 0;
2597 }
2598 intf->curr_seq = 0;
2599#ifdef CONFIG_PROC_FS
2600 spin_lock_init(&intf->proc_entry_lock);
2601#endif
2602 spin_lock_init(&intf->waiting_msgs_lock);
2603 INIT_LIST_HEAD(&intf->waiting_msgs);
2604 spin_lock_init(&intf->events_lock);
2605 INIT_LIST_HEAD(&intf->waiting_events);
2606 intf->waiting_events_count = 0;
d6dfd131 2607 mutex_init(&intf->cmd_rcvrs_mutex);
393d2cc3
CM		 2608 INIT_LIST_HEAD(&intf->cmd_rcvrs);
2609 init_waitqueue_head(&intf->waitq);
2610
2611 spin_lock_init(&intf->counter_lock);
2612 intf->proc_dir = NULL;
1da177e4 2613
b2c03941 2614 mutex_lock(&smi_watchers_mutex);
bca0324d
CM		 2615 mutex_lock(&ipmi_interfaces_mutex);
2616 /* Look for a hole in the numbers. */
2617 i = 0;
2618 link = &ipmi_interfaces;
2619 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) {
2620 if (tintf->intf_num != i) {
2621 link = &tintf->link;
1da177e4
LT		 2622 break;
2623 }
bca0324d 2624 i++;
1da177e4 2625 }
bca0324d
CM		 2626 /* Add the new interface in numeric order. */
2627 if (i == 0)
2628 list_add_rcu(&intf->link, &ipmi_interfaces);
2629 else
2630 list_add_tail_rcu(&intf->link, link);
1da177e4 2631
453823ba
CM		 2632 rv = handlers->start_processing(send_info, intf);
2633 if (rv)
2634 goto out;
1da177e4 2635
50c812b2
CM		 2636 get_guid(intf);
2637
b2c03941
CM		 2638 if ((intf->ipmi_version_major > 1)
2639 || ((intf->ipmi_version_major == 1)
2640 && (intf->ipmi_version_minor >= 5)))
393d2cc3
CM		 2641 {
2642 /* Start scanning the channels to see what is
2643 available. */
2644 intf->null_user_handler = channel_handler;
2645 intf->curr_channel = 0;
2646 rv = send_channel_info_cmd(intf, 0);
2647 if (rv)
2648 goto out;
1da177e4 2649
393d2cc3
CM		 2650 /* Wait for the channel info to be read. */
2651 wait_event(intf->waitq,
2652 intf->curr_channel >= IPMI_MAX_CHANNELS);
50c812b2 2653 intf->null_user_handler = NULL;
393d2cc3
CM		 2654 } else {
2655 /* Assume a single IPMB channel at zero. */
2656 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
2657 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
1da177e4
LT		 2658 }
2659
393d2cc3
CM		 2660 if (rv == 0)
2661 rv = add_proc_entries(intf, i);
1da177e4 2662
759643b8 2663 rv = ipmi_bmc_register(intf, i, sysfs_name);
50c812b2 2664
393d2cc3 2665 out:
1da177e4 2666 if (rv) {
393d2cc3
CM		 2667 if (intf->proc_dir)
2668 remove_proc_entries(intf);
b2c03941 2669 intf->handlers = NULL;
bca0324d
CM		 2670 list_del_rcu(&intf->link);
2671 mutex_unlock(&ipmi_interfaces_mutex);
b2c03941 2672 mutex_unlock(&smi_watchers_mutex);
bca0324d 2673 synchronize_rcu();
393d2cc3 2674 kref_put(&intf->refcount, intf_free);
393d2cc3 2675 } else {
bca0324d
CM		 2676 /* After this point the interface is legal to use. */
2677 intf->intf_num = i;
2678 mutex_unlock(&ipmi_interfaces_mutex);
50c812b2 2679 call_smi_watchers(i, intf->si_dev);
b2c03941 2680 mutex_unlock(&smi_watchers_mutex);
1da177e4
LT		 2681 }
2682
2683 return rv;
2684}
2685
b2c03941
CM		 2686static void cleanup_smi_msgs(ipmi_smi_t intf)
2687{
2688 int i;
2689 struct seq_table *ent;
2690
2691 /* No need for locks, the interface is down. */
2692 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
2693 ent = &(intf->seq_table[i]);
2694 if (!ent->inuse)
2695 continue;
2696 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED);
2697 }
2698}
2699
1da177e4
LT		 2700int ipmi_unregister_smi(ipmi_smi_t intf)
2701{
1da177e4 2702 struct ipmi_smi_watcher *w;
b2c03941 2703 int intf_num = intf->intf_num;
1da177e4 2704
50c812b2
CM		 2705 ipmi_bmc_unregister(intf);
2706
b2c03941 2707 mutex_lock(&smi_watchers_mutex);
bca0324d 2708 mutex_lock(&ipmi_interfaces_mutex);
b2c03941
CM		 2709 intf->intf_num = -1;
2710 intf->handlers = NULL;
bca0324d
CM		 2711 list_del_rcu(&intf->link);
2712 mutex_unlock(&ipmi_interfaces_mutex);
2713 synchronize_rcu();
1da177e4 2714
b2c03941
CM		 2715 cleanup_smi_msgs(intf);
2716
393d2cc3 2717 remove_proc_entries(intf);
1da177e4
LT		 2718
2719 /* Call all the watcher interfaces to tell them that
2720 an interface is gone. */
393d2cc3 2721 list_for_each_entry(w, &smi_watchers, link)
b2c03941
CM		 2722 w->smi_gone(intf_num);
2723 mutex_unlock(&smi_watchers_mutex);
393d2cc3 2724
393d2cc3 2725 kref_put(&intf->refcount, intf_free);
1da177e4
LT		 2726 return 0;
2727}
2728
2729static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
2730 struct ipmi_smi_msg *msg)
2731{
2732 struct ipmi_ipmb_addr ipmb_addr;
2733 struct ipmi_recv_msg *recv_msg;
2734 unsigned long flags;
2735
2736
2737 /* This is 11, not 10, because the response must contain a
2738 * completion code. */
2739 if (msg->rsp_size < 11) {
2740 /* Message not big enough, just ignore it. */
2741 spin_lock_irqsave(&intf->counter_lock, flags);
2742 intf->invalid_ipmb_responses++;
2743 spin_unlock_irqrestore(&intf->counter_lock, flags);
2744 return 0;
2745 }
2746
2747 if (msg->rsp[2] != 0) {
2748 /* An error getting the response, just ignore it. */
2749 return 0;
2750 }
2751
2752 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
2753 ipmb_addr.slave_addr = msg->rsp[6];
2754 ipmb_addr.channel = msg->rsp[3] & 0x0f;
2755 ipmb_addr.lun = msg->rsp[7] & 3;
2756
2757 /* It's a response from a remote entity. Look up the sequence
2758 number and handle the response. */
2759 if (intf_find_seq(intf,
2760 msg->rsp[7] >> 2,
2761 msg->rsp[3] & 0x0f,
2762 msg->rsp[8],
2763 (msg->rsp[4] >> 2) & (~1),
2764 (struct ipmi_addr *) &(ipmb_addr),
2765 &recv_msg))
2766 {
2767 /* We were unable to find the sequence number,
2768 so just nuke the message. */
2769 spin_lock_irqsave(&intf->counter_lock, flags);
2770 intf->unhandled_ipmb_responses++;
2771 spin_unlock_irqrestore(&intf->counter_lock, flags);
2772 return 0;
2773 }
2774
2775 memcpy(recv_msg->msg_data,
2776 &(msg->rsp[9]),
2777 msg->rsp_size - 9);
2778 /* THe other fields matched, so no need to set them, except
2779 for netfn, which needs to be the response that was
2780 returned, not the request value. */
2781 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2782 recv_msg->msg.data = recv_msg->msg_data;
2783 recv_msg->msg.data_len = msg->rsp_size - 10;
2784 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2785 spin_lock_irqsave(&intf->counter_lock, flags);
2786 intf->handled_ipmb_responses++;
2787 spin_unlock_irqrestore(&intf->counter_lock, flags);
2788 deliver_response(recv_msg);
2789
2790 return 0;
2791}
2792
2793static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
2794 struct ipmi_smi_msg *msg)
2795{
393d2cc3
CM		 2796 struct cmd_rcvr *rcvr;
2797 int rv = 0;
2798 unsigned char netfn;
2799 unsigned char cmd;
c69c3127 2800 unsigned char chan;
393d2cc3
CM		 2801 ipmi_user_t user = NULL;
2802 struct ipmi_ipmb_addr *ipmb_addr;
2803 struct ipmi_recv_msg *recv_msg;
2804 unsigned long flags;
b2c03941 2805 struct ipmi_smi_handlers *handlers;
1da177e4
LT		 2806
2807 if (msg->rsp_size < 10) {
2808 /* Message not big enough, just ignore it. */
2809 spin_lock_irqsave(&intf->counter_lock, flags);
2810 intf->invalid_commands++;
2811 spin_unlock_irqrestore(&intf->counter_lock, flags);
2812 return 0;
2813 }
2814
2815 if (msg->rsp[2] != 0) {
2816 /* An error getting the response, just ignore it. */
2817 return 0;
2818 }
2819
2820 netfn = msg->rsp[4] >> 2;
2821 cmd = msg->rsp[8];
c69c3127 2822 chan = msg->rsp[3] & 0xf;
1da177e4 2823
e61fb5b6 2824 rcu_read_lock();
c69c3127 2825 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
393d2cc3
CM		 2826 if (rcvr) {
2827 user = rcvr->user;
2828 kref_get(&user->refcount);
2829 } else
2830 user = NULL;
e61fb5b6 2831 rcu_read_unlock();
1da177e4
LT		 2832
2833 if (user == NULL) {
2834 /* We didn't find a user, deliver an error response. */
2835 spin_lock_irqsave(&intf->counter_lock, flags);
2836 intf->unhandled_commands++;
2837 spin_unlock_irqrestore(&intf->counter_lock, flags);
2838
2839 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
2840 msg->data[1] = IPMI_SEND_MSG_CMD;
2841 msg->data[2] = msg->rsp[3];
2842 msg->data[3] = msg->rsp[6];
2843 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
2844 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
c14979b9 2845 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address;
1da177e4
LT		 2846 /* rqseq/lun */
2847 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
2848 msg->data[8] = msg->rsp[8]; /* cmd */
2849 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
2850 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
2851 msg->data_size = 11;
2852
2853#ifdef DEBUG_MSGING
2854 {
2855 int m;
2856 printk("Invalid command:");
e8b33617 2857 for (m = 0; m < msg->data_size; m++)
1da177e4
LT		 2858 printk(" %2.2x", msg->data[m]);
2859 printk("\n");
2860 }
2861#endif
b2c03941
CM		 2862 rcu_read_lock();
2863 handlers = intf->handlers;
2864 if (handlers) {
2865 handlers->sender(intf->send_info, msg, 0);
2866 /* We used the message, so return the value
2867 that causes it to not be freed or
2868 queued. */
2869 rv = -1;
2870 }
2871 rcu_read_unlock();
1da177e4
LT		 2872 } else {
2873 /* Deliver the message to the user. */
2874 spin_lock_irqsave(&intf->counter_lock, flags);
2875 intf->handled_commands++;
2876 spin_unlock_irqrestore(&intf->counter_lock, flags);
2877
2878 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 2879 if (!recv_msg) {
1da177e4
LT		 2880 /* We couldn't allocate memory for the
2881 message, so requeue it for handling
2882 later. */
2883 rv = 1;
393d2cc3 2884 kref_put(&user->refcount, free_user);
1da177e4
LT		 2885 } else {
2886 /* Extract the source address from the data. */
2887 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
2888 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
2889 ipmb_addr->slave_addr = msg->rsp[6];
2890 ipmb_addr->lun = msg->rsp[7] & 3;
2891 ipmb_addr->channel = msg->rsp[3] & 0xf;
2892
2893 /* Extract the rest of the message information
2894 from the IPMB header.*/
2895 recv_msg->user = user;
2896 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2897 recv_msg->msgid = msg->rsp[7] >> 2;
2898 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2899 recv_msg->msg.cmd = msg->rsp[8];
2900 recv_msg->msg.data = recv_msg->msg_data;
2901
2902 /* We chop off 10, not 9 bytes because the checksum
2903 at the end also needs to be removed. */
2904 recv_msg->msg.data_len = msg->rsp_size - 10;
2905 memcpy(recv_msg->msg_data,
2906 &(msg->rsp[9]),
2907 msg->rsp_size - 10);
2908 deliver_response(recv_msg);
2909 }
2910 }
2911
2912 return rv;
2913}
2914
2915static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
2916 struct ipmi_smi_msg *msg)
2917{
2918 struct ipmi_lan_addr lan_addr;
2919 struct ipmi_recv_msg *recv_msg;
2920 unsigned long flags;
2921
2922
2923 /* This is 13, not 12, because the response must contain a
2924 * completion code. */
2925 if (msg->rsp_size < 13) {
2926 /* Message not big enough, just ignore it. */
2927 spin_lock_irqsave(&intf->counter_lock, flags);
2928 intf->invalid_lan_responses++;
2929 spin_unlock_irqrestore(&intf->counter_lock, flags);
2930 return 0;
2931 }
2932
2933 if (msg->rsp[2] != 0) {
2934 /* An error getting the response, just ignore it. */
2935 return 0;
2936 }
2937
2938 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
2939 lan_addr.session_handle = msg->rsp[4];
2940 lan_addr.remote_SWID = msg->rsp[8];
2941 lan_addr.local_SWID = msg->rsp[5];
2942 lan_addr.channel = msg->rsp[3] & 0x0f;
2943 lan_addr.privilege = msg->rsp[3] >> 4;
2944 lan_addr.lun = msg->rsp[9] & 3;
2945
2946 /* It's a response from a remote entity. Look up the sequence
2947 number and handle the response. */
2948 if (intf_find_seq(intf,
2949 msg->rsp[9] >> 2,
2950 msg->rsp[3] & 0x0f,
2951 msg->rsp[10],
2952 (msg->rsp[6] >> 2) & (~1),
2953 (struct ipmi_addr *) &(lan_addr),
2954 &recv_msg))
2955 {
2956 /* We were unable to find the sequence number,
2957 so just nuke the message. */
2958 spin_lock_irqsave(&intf->counter_lock, flags);
2959 intf->unhandled_lan_responses++;
2960 spin_unlock_irqrestore(&intf->counter_lock, flags);
2961 return 0;
2962 }
2963
2964 memcpy(recv_msg->msg_data,
2965 &(msg->rsp[11]),
2966 msg->rsp_size - 11);
2967 /* The other fields matched, so no need to set them, except
2968 for netfn, which needs to be the response that was
2969 returned, not the request value. */
2970 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2971 recv_msg->msg.data = recv_msg->msg_data;
2972 recv_msg->msg.data_len = msg->rsp_size - 12;
2973 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2974 spin_lock_irqsave(&intf->counter_lock, flags);
2975 intf->handled_lan_responses++;
2976 spin_unlock_irqrestore(&intf->counter_lock, flags);
2977 deliver_response(recv_msg);
2978
2979 return 0;
2980}
2981
2982static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
2983 struct ipmi_smi_msg *msg)
2984{
393d2cc3
CM		 2985 struct cmd_rcvr *rcvr;
2986 int rv = 0;
2987 unsigned char netfn;
2988 unsigned char cmd;
c69c3127 2989 unsigned char chan;
393d2cc3
CM		 2990 ipmi_user_t user = NULL;
2991 struct ipmi_lan_addr *lan_addr;
2992 struct ipmi_recv_msg *recv_msg;
2993 unsigned long flags;
1da177e4
LT		 2994
2995 if (msg->rsp_size < 12) {
2996 /* Message not big enough, just ignore it. */
2997 spin_lock_irqsave(&intf->counter_lock, flags);
2998 intf->invalid_commands++;
2999 spin_unlock_irqrestore(&intf->counter_lock, flags);
3000 return 0;
3001 }
3002
3003 if (msg->rsp[2] != 0) {
3004 /* An error getting the response, just ignore it. */
3005 return 0;
3006 }
3007
3008 netfn = msg->rsp[6] >> 2;
3009 cmd = msg->rsp[10];
c69c3127 3010 chan = msg->rsp[3] & 0xf;
1da177e4 3011
e61fb5b6 3012 rcu_read_lock();
c69c3127 3013 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
393d2cc3
CM		 3014 if (rcvr) {
3015 user = rcvr->user;
3016 kref_get(&user->refcount);
3017 } else
3018 user = NULL;
e61fb5b6 3019 rcu_read_unlock();
1da177e4
LT		 3020
3021 if (user == NULL) {
393d2cc3 3022 /* We didn't find a user, just give up. */
1da177e4
LT		 3023 spin_lock_irqsave(&intf->counter_lock, flags);
3024 intf->unhandled_commands++;
3025 spin_unlock_irqrestore(&intf->counter_lock, flags);
3026
3027 rv = 0; /* Don't do anything with these messages, just
3028 allow them to be freed. */
3029 } else {
3030 /* Deliver the message to the user. */
3031 spin_lock_irqsave(&intf->counter_lock, flags);
3032 intf->handled_commands++;
3033 spin_unlock_irqrestore(&intf->counter_lock, flags);
3034
3035 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3036 if (!recv_msg) {
1da177e4
LT		 3037 /* We couldn't allocate memory for the
3038 message, so requeue it for handling
3039 later. */
3040 rv = 1;
393d2cc3 3041 kref_put(&user->refcount, free_user);
1da177e4
LT		 3042 } else {
3043 /* Extract the source address from the data. */
3044 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
3045 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
3046 lan_addr->session_handle = msg->rsp[4];
3047 lan_addr->remote_SWID = msg->rsp[8];
3048 lan_addr->local_SWID = msg->rsp[5];
3049 lan_addr->lun = msg->rsp[9] & 3;
3050 lan_addr->channel = msg->rsp[3] & 0xf;
3051 lan_addr->privilege = msg->rsp[3] >> 4;
3052
3053 /* Extract the rest of the message information
3054 from the IPMB header.*/
3055 recv_msg->user = user;
3056 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3057 recv_msg->msgid = msg->rsp[9] >> 2;
3058 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3059 recv_msg->msg.cmd = msg->rsp[10];
3060 recv_msg->msg.data = recv_msg->msg_data;
3061
3062 /* We chop off 12, not 11 bytes because the checksum
3063 at the end also needs to be removed. */
3064 recv_msg->msg.data_len = msg->rsp_size - 12;
3065 memcpy(recv_msg->msg_data,
3066 &(msg->rsp[11]),
3067 msg->rsp_size - 12);
3068 deliver_response(recv_msg);
3069 }
3070 }
3071
3072 return rv;
3073}
3074
3075static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
3076 struct ipmi_smi_msg *msg)
3077{
3078 struct ipmi_system_interface_addr *smi_addr;
3079
3080 recv_msg->msgid = 0;
3081 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
3082 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3083 smi_addr->channel = IPMI_BMC_CHANNEL;
3084 smi_addr->lun = msg->rsp[0] & 3;
3085 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
3086 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3087 recv_msg->msg.cmd = msg->rsp[1];
3088 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
3089 recv_msg->msg.data = recv_msg->msg_data;
3090 recv_msg->msg.data_len = msg->rsp_size - 3;
3091}
3092
1da177e4
LT		 3093static int handle_read_event_rsp(ipmi_smi_t intf,
3094 struct ipmi_smi_msg *msg)
3095{
3096 struct ipmi_recv_msg *recv_msg, *recv_msg2;
3097 struct list_head msgs;
3098 ipmi_user_t user;
3099 int rv = 0;
3100 int deliver_count = 0;
3101 unsigned long flags;
3102
3103 if (msg->rsp_size < 19) {
3104 /* Message is too small to be an IPMB event. */
3105 spin_lock_irqsave(&intf->counter_lock, flags);
3106 intf->invalid_events++;
3107 spin_unlock_irqrestore(&intf->counter_lock, flags);
3108 return 0;
3109 }
3110
3111 if (msg->rsp[2] != 0) {
3112 /* An error getting the event, just ignore it. */
3113 return 0;
3114 }
3115
3116 INIT_LIST_HEAD(&msgs);
3117
393d2cc3 3118 spin_lock_irqsave(&intf->events_lock, flags);
1da177e4
LT		 3119
3120 spin_lock(&intf->counter_lock);
3121 intf->events++;
3122 spin_unlock(&intf->counter_lock);
3123
3124 /* Allocate and fill in one message for every user that is getting
3125 events. */
393d2cc3
CM		 3126 rcu_read_lock();
3127 list_for_each_entry_rcu(user, &intf->users, link) {
8a3628d5 3128 if (!user->gets_events)
1da177e4
LT		 3129 continue;
3130
3131 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3132 if (!recv_msg) {
393d2cc3 3133 rcu_read_unlock();
8a3628d5
CM		 3134 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs,
3135 link) {
1da177e4
LT		 3136 list_del(&recv_msg->link);
3137 ipmi_free_recv_msg(recv_msg);
3138 }
3139 /* We couldn't allocate memory for the
3140 message, so requeue it for handling
3141 later. */
3142 rv = 1;
3143 goto out;
3144 }
3145
3146 deliver_count++;
3147
3148 copy_event_into_recv_msg(recv_msg, msg);
3149 recv_msg->user = user;
393d2cc3 3150 kref_get(&user->refcount);
1da177e4
LT		 3151 list_add_tail(&(recv_msg->link), &msgs);
3152 }
393d2cc3 3153 rcu_read_unlock();
1da177e4
LT		 3154
3155 if (deliver_count) {
3156 /* Now deliver all the messages. */
3157 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
3158 list_del(&recv_msg->link);
3159 deliver_response(recv_msg);
3160 }
3161 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
3162 /* No one to receive the message, put it in queue if there's
3163 not already too many things in the queue. */
3164 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3165 if (!recv_msg) {
1da177e4
LT		 3166 /* We couldn't allocate memory for the
3167 message, so requeue it for handling
3168 later. */
3169 rv = 1;
3170 goto out;
3171 }
3172
3173 copy_event_into_recv_msg(recv_msg, msg);
3174 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
4791c03d 3175 intf->waiting_events_count++;
1da177e4
LT		 3176 } else {
3177 /* There's too many things in the queue, discard this
3178 message. */
3179 printk(KERN_WARNING PFX "Event queue full, discarding an"
3180 " incoming event\n");
3181 }
3182
3183 out:
3184 spin_unlock_irqrestore(&(intf->events_lock), flags);
3185
3186 return rv;
3187}
3188
3189static int handle_bmc_rsp(ipmi_smi_t intf,
3190 struct ipmi_smi_msg *msg)
3191{
3192 struct ipmi_recv_msg *recv_msg;
1da177e4 3193 unsigned long flags;
393d2cc3 3194 struct ipmi_user *user;
1da177e4
LT		 3195
3196 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
56a55ec6
CM		 3197 if (recv_msg == NULL)
3198 {
3199 printk(KERN_WARNING"IPMI message received with no owner. This\n"
3200 "could be because of a malformed message, or\n"
3201 "because of a hardware error. Contact your\n"
3202 "hardware vender for assistance\n");
3203 return 0;
3204 }
1da177e4 3205
393d2cc3 3206 user = recv_msg->user;
1da177e4 3207 /* Make sure the user still exists. */
393d2cc3 3208 if (user && !user->valid) {
56a55ec6
CM		 3209 /* The user for the message went away, so give up. */
3210 spin_lock_irqsave(&intf->counter_lock, flags);
3211 intf->unhandled_local_responses++;
3212 spin_unlock_irqrestore(&intf->counter_lock, flags);
1da177e4
LT		 3213 ipmi_free_recv_msg(recv_msg);
3214 } else {
3215 struct ipmi_system_interface_addr *smi_addr;
3216
3217 spin_lock_irqsave(&intf->counter_lock, flags);
3218 intf->handled_local_responses++;
3219 spin_unlock_irqrestore(&intf->counter_lock, flags);
3220 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3221 recv_msg->msgid = msg->msgid;
3222 smi_addr = ((struct ipmi_system_interface_addr *)
3223 &(recv_msg->addr));
3224 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3225 smi_addr->channel = IPMI_BMC_CHANNEL;
3226 smi_addr->lun = msg->rsp[0] & 3;
3227 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3228 recv_msg->msg.cmd = msg->rsp[1];
3229 memcpy(recv_msg->msg_data,
3230 &(msg->rsp[2]),
3231 msg->rsp_size - 2);
3232 recv_msg->msg.data = recv_msg->msg_data;
3233 recv_msg->msg.data_len = msg->rsp_size - 2;
3234 deliver_response(recv_msg);
3235 }
3236
3237 return 0;
3238}
3239
3240/* Handle a new message. Return 1 if the message should be requeued,
3241 0 if the message should be freed, or -1 if the message should not
3242 be freed or requeued. */
3243static int handle_new_recv_msg(ipmi_smi_t intf,
3244 struct ipmi_smi_msg *msg)
3245{
3246 int requeue;
3247 int chan;
3248
3249#ifdef DEBUG_MSGING
3250 int m;
3251 printk("Recv:");
e8b33617 3252 for (m = 0; m < msg->rsp_size; m++)
1da177e4
LT		 3253 printk(" %2.2x", msg->rsp[m]);
3254 printk("\n");
3255#endif
3256 if (msg->rsp_size < 2) {
3257 /* Message is too small to be correct. */
3258 printk(KERN_WARNING PFX "BMC returned to small a message"
3259 " for netfn %x cmd %x, got %d bytes\n",
3260 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
3261
3262 /* Generate an error response for the message. */
3263 msg->rsp[0] = msg->data[0] | (1 << 2);
3264 msg->rsp[1] = msg->data[1];
3265 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3266 msg->rsp_size = 3;
3267 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */
3268 || (msg->rsp[1] != msg->data[1])) /* Command */
3269 {
3270 /* The response is not even marginally correct. */
3271 printk(KERN_WARNING PFX "BMC returned incorrect response,"
3272 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
3273 (msg->data[0] >> 2) | 1, msg->data[1],
3274 msg->rsp[0] >> 2, msg->rsp[1]);
3275
3276 /* Generate an error response for the message. */
3277 msg->rsp[0] = msg->data[0] | (1 << 2);
3278 msg->rsp[1] = msg->data[1];
3279 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3280 msg->rsp_size = 3;
3281 }
3282
3283 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3284 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
3285 && (msg->user_data != NULL))
3286 {
3287 /* It's a response to a response we sent. For this we
3288 deliver a send message response to the user. */
393d2cc3 3289 struct ipmi_recv_msg *recv_msg = msg->user_data;
1da177e4
LT		 3290
3291 requeue = 0;
3292 if (msg->rsp_size < 2)
3293 /* Message is too small to be correct. */
3294 goto out;
3295
3296 chan = msg->data[2] & 0x0f;
3297 if (chan >= IPMI_MAX_CHANNELS)
3298 /* Invalid channel number */
3299 goto out;
3300
393d2cc3
CM		 3301 if (!recv_msg)
3302 goto out;
3303
3304 /* Make sure the user still exists. */
3305 if (!recv_msg->user || !recv_msg->user->valid)
3306 goto out;
3307
3308 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
3309 recv_msg->msg.data = recv_msg->msg_data;
3310 recv_msg->msg.data_len = 1;
3311 recv_msg->msg_data[0] = msg->rsp[2];
3312 deliver_response(recv_msg);
1da177e4
LT		 3313 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3314 && (msg->rsp[1] == IPMI_GET_MSG_CMD))
3315 {
3316 /* It's from the receive queue. */
3317 chan = msg->rsp[3] & 0xf;
3318 if (chan >= IPMI_MAX_CHANNELS) {
3319 /* Invalid channel number */
3320 requeue = 0;
3321 goto out;
3322 }
3323
3324 switch (intf->channels[chan].medium) {
3325 case IPMI_CHANNEL_MEDIUM_IPMB:
3326 if (msg->rsp[4] & 0x04) {
3327 /* It's a response, so find the
3328 requesting message and send it up. */
3329 requeue = handle_ipmb_get_msg_rsp(intf, msg);
3330 } else {
3331 /* It's a command to the SMS from some other
3332 entity. Handle that. */
3333 requeue = handle_ipmb_get_msg_cmd(intf, msg);
3334 }
3335 break;
3336
3337 case IPMI_CHANNEL_MEDIUM_8023LAN:
3338 case IPMI_CHANNEL_MEDIUM_ASYNC:
3339 if (msg->rsp[6] & 0x04) {
3340 /* It's a response, so find the
3341 requesting message and send it up. */
3342 requeue = handle_lan_get_msg_rsp(intf, msg);
3343 } else {
3344 /* It's a command to the SMS from some other
3345 entity. Handle that. */
3346 requeue = handle_lan_get_msg_cmd(intf, msg);
3347 }
3348 break;
3349
3350 default:
3351 /* We don't handle the channel type, so just
3352 * free the message. */
3353 requeue = 0;
3354 }
3355
3356 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3357 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD))
3358 {
3359 /* It's an asyncronous event. */
3360 requeue = handle_read_event_rsp(intf, msg);
3361 } else {
3362 /* It's a response from the local BMC. */
3363 requeue = handle_bmc_rsp(intf, msg);
3364 }
3365
3366 out:
3367 return requeue;
3368}
3369
3370/* Handle a new message from the lower layer. */
3371void ipmi_smi_msg_received(ipmi_smi_t intf,
3372 struct ipmi_smi_msg *msg)
3373{
3374 unsigned long flags;
3375 int rv;
3376
3377
1da177e4
LT		 3378 if ((msg->data_size >= 2)
3379 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
3380 && (msg->data[1] == IPMI_SEND_MSG_CMD)
393d2cc3
CM		 3381 && (msg->user_data == NULL))
3382 {
1da177e4
LT		 3383 /* This is the local response to a command send, start
3384 the timer for these. The user_data will not be
3385 NULL if this is a response send, and we will let
3386 response sends just go through. */
3387
3388 /* Check for errors, if we get certain errors (ones
3389 that mean basically we can try again later), we
3390 ignore them and start the timer. Otherwise we
3391 report the error immediately. */
3392 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
3393 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
46d52b09
CM		 3394 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR)
3395 && (msg->rsp[2] != IPMI_BUS_ERR)
3396 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR))
1da177e4
LT		 3397 {
3398 int chan = msg->rsp[3] & 0xf;
3399
3400 /* Got an error sending the message, handle it. */
3401 spin_lock_irqsave(&intf->counter_lock, flags);
3402 if (chan >= IPMI_MAX_CHANNELS)
3403 ; /* This shouldn't happen */
3404 else if ((intf->channels[chan].medium
3405 == IPMI_CHANNEL_MEDIUM_8023LAN)
3406 || (intf->channels[chan].medium
3407 == IPMI_CHANNEL_MEDIUM_ASYNC))
3408 intf->sent_lan_command_errs++;
3409 else
3410 intf->sent_ipmb_command_errs++;
3411 spin_unlock_irqrestore(&intf->counter_lock, flags);
3412 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
3413 } else {
3414 /* The message was sent, start the timer. */
3415 intf_start_seq_timer(intf, msg->msgid);
3416 }
3417
3418 ipmi_free_smi_msg(msg);
393d2cc3 3419 goto out;
1da177e4
LT		 3420 }
3421
3422 /* To preserve message order, if the list is not empty, we
3423 tack this message onto the end of the list. */
393d2cc3
CM		 3424 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
3425 if (!list_empty(&intf->waiting_msgs)) {
3426 list_add_tail(&msg->link, &intf->waiting_msgs);
177294d1 3427 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
393d2cc3 3428 goto out;
1da177e4 3429 }
393d2cc3 3430 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
1da177e4
LT		 3431
3432 rv = handle_new_recv_msg(intf, msg);
3433 if (rv > 0) {
3434 /* Could not handle the message now, just add it to a
3435 list to handle later. */
177294d1 3436 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
393d2cc3 3437 list_add_tail(&msg->link, &intf->waiting_msgs);
177294d1 3438 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
1da177e4
LT		 3439 } else if (rv == 0) {
3440 ipmi_free_smi_msg(msg);
3441 }
3442
393d2cc3
CM		 3443 out:
3444 return;
1da177e4
LT		 3445}
3446
3447void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
3448{
3449 ipmi_user_t user;
3450
393d2cc3
CM		 3451 rcu_read_lock();
3452 list_for_each_entry_rcu(user, &intf->users, link) {
8a3628d5 3453 if (!user->handler->ipmi_watchdog_pretimeout)
1da177e4
LT		 3454 continue;
3455
3456 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
3457 }
393d2cc3 3458 rcu_read_unlock();
1da177e4
LT		 3459}
3460
1da177e4 3461
882fe011
CM		 3462static struct ipmi_smi_msg *
3463smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
3464 unsigned char seq, long seqid)
1da177e4 3465{
882fe011 3466 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
1da177e4
LT		 3467 if (!smi_msg)
3468 /* If we can't allocate the message, then just return, we
3469 get 4 retries, so this should be ok. */
882fe011 3470 return NULL;
1da177e4
LT		 3471
3472 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
3473 smi_msg->data_size = recv_msg->msg.data_len;
3474 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
3475
1da177e4
LT		 3476#ifdef DEBUG_MSGING
3477 {
3478 int m;
3479 printk("Resend: ");
e8b33617 3480 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 3481 printk(" %2.2x", smi_msg->data[m]);
3482 printk("\n");
3483 }
3484#endif
882fe011 3485 return smi_msg;
1da177e4
LT		 3486}
3487
393d2cc3
CM		 3488static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent,
3489 struct list_head *timeouts, long timeout_period,
3490 int slot, unsigned long *flags)
3491{
b2c03941
CM		 3492 struct ipmi_recv_msg *msg;
3493 struct ipmi_smi_handlers *handlers;
3494
3495 if (intf->intf_num == -1)
3496 return;
393d2cc3
CM		 3497
3498 if (!ent->inuse)
3499 return;
3500
3501 ent->timeout -= timeout_period;
3502 if (ent->timeout > 0)
3503 return;
3504
3505 if (ent->retries_left == 0) {
3506 /* The message has used all its retries. */
3507 ent->inuse = 0;
3508 msg = ent->recv_msg;
3509 list_add_tail(&msg->link, timeouts);
3510 spin_lock(&intf->counter_lock);
3511 if (ent->broadcast)
3512 intf->timed_out_ipmb_broadcasts++;
3513 else if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE)
3514 intf->timed_out_lan_commands++;
3515 else
3516 intf->timed_out_ipmb_commands++;
3517 spin_unlock(&intf->counter_lock);
3518 } else {
3519 struct ipmi_smi_msg *smi_msg;
3520 /* More retries, send again. */
3521
3522 /* Start with the max timer, set to normal
3523 timer after the message is sent. */
3524 ent->timeout = MAX_MSG_TIMEOUT;
3525 ent->retries_left--;
3526 spin_lock(&intf->counter_lock);
3527 if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE)
3528 intf->retransmitted_lan_commands++;
3529 else
3530 intf->retransmitted_ipmb_commands++;
3531 spin_unlock(&intf->counter_lock);
3532
3533 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
3534 ent->seqid);
8a3628d5 3535 if (!smi_msg)
393d2cc3
CM		 3536 return;
3537
3538 spin_unlock_irqrestore(&intf->seq_lock, *flags);
b2c03941 3539
393d2cc3
CM		 3540 /* Send the new message. We send with a zero
3541 * priority. It timed out, I doubt time is
3542 * that critical now, and high priority
3543 * messages are really only for messages to the
3544 * local MC, which don't get resent. */
b2c03941
CM		 3545 handlers = intf->handlers;
3546 if (handlers)
3547 intf->handlers->sender(intf->send_info,
3548 smi_msg, 0);
3549 else
3550 ipmi_free_smi_msg(smi_msg);
3551
393d2cc3
CM		 3552 spin_lock_irqsave(&intf->seq_lock, *flags);
3553 }
3554}
3555
3556static void ipmi_timeout_handler(long timeout_period)
1da177e4
LT		 3557{
3558 ipmi_smi_t intf;
3559 struct list_head timeouts;
3560 struct ipmi_recv_msg *msg, *msg2;
3561 struct ipmi_smi_msg *smi_msg, *smi_msg2;
3562 unsigned long flags;
bca0324d 3563 int i;
1da177e4
LT		 3564
3565 INIT_LIST_HEAD(&timeouts);
3566
bca0324d
CM		 3567 rcu_read_lock();
3568 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1da177e4 3569 /* See if any waiting messages need to be processed. */
393d2cc3 3570 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
8a3628d5
CM		 3571 list_for_each_entry_safe(smi_msg, smi_msg2,
3572 &intf->waiting_msgs, link) {
3573 if (!handle_new_recv_msg(intf, smi_msg)) {
1da177e4
LT		 3574 list_del(&smi_msg->link);
3575 ipmi_free_smi_msg(smi_msg);
3576 } else {
3577 /* To preserve message order, quit if we
3578 can't handle a message. */
3579 break;
3580 }
3581 }
393d2cc3 3582 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
1da177e4
LT		 3583
3584 /* Go through the seq table and find any messages that
3585 have timed out, putting them in the timeouts
3586 list. */
393d2cc3 3587 spin_lock_irqsave(&intf->seq_lock, flags);
bca0324d
CM		 3588 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++)
3589 check_msg_timeout(intf, &(intf->seq_table[i]),
3590 &timeouts, timeout_period, i,
393d2cc3
CM		 3591 &flags);
3592 spin_unlock_irqrestore(&intf->seq_lock, flags);
3593
3594 list_for_each_entry_safe(msg, msg2, &timeouts, link)
b2c03941 3595 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE);
1da177e4 3596 }
bca0324d 3597 rcu_read_unlock();
1da177e4
LT		 3598}
3599
3600static void ipmi_request_event(void)
3601{
b2c03941
CM		 3602 ipmi_smi_t intf;
3603 struct ipmi_smi_handlers *handlers;
1da177e4 3604
bca0324d 3605 rcu_read_lock();
b2c03941
CM		 3606 /* Called from the timer, no need to check if handlers is
3607 * valid. */
3608 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
3609 handlers = intf->handlers;
3610 if (handlers)
3611 handlers->request_events(intf->send_info);
3612 }
bca0324d 3613 rcu_read_unlock();
1da177e4
LT		 3614}
3615
3616static struct timer_list ipmi_timer;
3617
3618/* Call every ~100 ms. */
3619#define IPMI_TIMEOUT_TIME 100
3620
3621/* How many jiffies does it take to get to the timeout time. */
3622#define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
3623
3624/* Request events from the queue every second (this is the number of
3625 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
3626 future, IPMI will add a way to know immediately if an event is in
3627 the queue and this silliness can go away. */
3628#define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
3629
8f43f84f 3630static atomic_t stop_operation;
1da177e4
LT		 3631static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
3632
3633static void ipmi_timeout(unsigned long data)
3634{
8f43f84f 3635 if (atomic_read(&stop_operation))
1da177e4 3636 return;
1da177e4
LT		 3637
3638 ticks_to_req_ev--;
3639 if (ticks_to_req_ev == 0) {
3640 ipmi_request_event();
3641 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
3642 }
3643
3644 ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
3645
8f43f84f 3646 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
1da177e4
LT		 3647}
3648
3649
3650static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
3651static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
3652
3653/* FIXME - convert these to slabs. */
3654static void free_smi_msg(struct ipmi_smi_msg *msg)
3655{
3656 atomic_dec(&smi_msg_inuse_count);
3657 kfree(msg);
3658}
3659
3660struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
3661{
3662 struct ipmi_smi_msg *rv;
3663 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
3664 if (rv) {
3665 rv->done = free_smi_msg;
3666 rv->user_data = NULL;
3667 atomic_inc(&smi_msg_inuse_count);
3668 }
3669 return rv;
3670}
3671
3672static void free_recv_msg(struct ipmi_recv_msg *msg)
3673{
3674 atomic_dec(&recv_msg_inuse_count);
3675 kfree(msg);
3676}
3677
3678struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
3679{
3680 struct ipmi_recv_msg *rv;
3681
3682 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
3683 if (rv) {
a9eec556 3684 rv->user = NULL;
1da177e4
LT		 3685 rv->done = free_recv_msg;
3686 atomic_inc(&recv_msg_inuse_count);
3687 }
3688 return rv;
3689}
3690
393d2cc3
CM		 3691void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
3692{
3693 if (msg->user)
3694 kref_put(&msg->user->refcount, free_user);
3695 msg->done(msg);
3696}
3697
1da177e4
LT		 3698#ifdef CONFIG_IPMI_PANIC_EVENT
3699
3700static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
3701{
3702}
3703
3704static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
3705{
3706}
3707
3708#ifdef CONFIG_IPMI_PANIC_STRING
56a55ec6 3709static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 3710{
56a55ec6
CM		 3711 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
3712 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
3713 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
3714 && (msg->msg.data[0] == IPMI_CC_NO_ERROR))
1da177e4
LT		 3715 {
3716 /* A get event receiver command, save it. */
56a55ec6
CM		 3717 intf->event_receiver = msg->msg.data[1];
3718 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
1da177e4
LT		 3719 }
3720}
3721
56a55ec6 3722static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 3723{
56a55ec6
CM		 3724 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
3725 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
3726 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
3727 && (msg->msg.data[0] == IPMI_CC_NO_ERROR))
1da177e4
LT		 3728 {
3729 /* A get device id command, save if we are an event
3730 receiver or generator. */
56a55ec6
CM		 3731 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
3732 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
1da177e4
LT		 3733 }
3734}
3735#endif
3736
3737static void send_panic_events(char *str)
3738{
3739 struct kernel_ipmi_msg msg;
3740 ipmi_smi_t intf;
3741 unsigned char data[16];
1da177e4
LT		 3742 struct ipmi_system_interface_addr *si;
3743 struct ipmi_addr addr;
3744 struct ipmi_smi_msg smi_msg;
3745 struct ipmi_recv_msg recv_msg;
3746
3747 si = (struct ipmi_system_interface_addr *) &addr;
3748 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3749 si->channel = IPMI_BMC_CHANNEL;
3750 si->lun = 0;
3751
3752 /* Fill in an event telling that we have failed. */
3753 msg.netfn = 0x04; /* Sensor or Event. */
3754 msg.cmd = 2; /* Platform event command. */
3755 msg.data = data;
3756 msg.data_len = 8;
cda315ab 3757 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */
1da177e4
LT		 3758 data[1] = 0x03; /* This is for IPMI 1.0. */
3759 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
3760 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
3761 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
3762
3763 /* Put a few breadcrumbs in. Hopefully later we can add more things
3764 to make the panic events more useful. */
3765 if (str) {
3766 data[3] = str[0];
3767 data[6] = str[1];
3768 data[7] = str[2];
3769 }
3770
3771 smi_msg.done = dummy_smi_done_handler;
3772 recv_msg.done = dummy_recv_done_handler;
3773
3774 /* For every registered interface, send the event. */
bca0324d 3775 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
b2c03941
CM		 3776 if (!intf->handlers)
3777 /* Interface is not ready. */
1da177e4
LT		 3778 continue;
3779
3780 /* Send the event announcing the panic. */
3781 intf->handlers->set_run_to_completion(intf->send_info, 1);
3782 i_ipmi_request(NULL,
3783 intf,
3784 &addr,
3785 0,
3786 &msg,
56a55ec6 3787 intf,
1da177e4
LT		 3788 &smi_msg,
3789 &recv_msg,
3790 0,
c14979b9
CM		 3791 intf->channels[0].address,
3792 intf->channels[0].lun,
1da177e4
LT		 3793 0, 1); /* Don't retry, and don't wait. */
3794 }
3795
3796#ifdef CONFIG_IPMI_PANIC_STRING
3797 /* On every interface, dump a bunch of OEM event holding the
3798 string. */
3799 if (!str)
3800 return;
3801
bca0324d
CM		 3802 /* For every registered interface, send the event. */
3803 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1da177e4
LT		 3804 char *p = str;
3805 struct ipmi_ipmb_addr *ipmb;
3806 int j;
3807
bca0324d
CM		 3808 if (intf->intf_num == -1)
3809 /* Interface was not ready yet. */
1da177e4
LT		 3810 continue;
3811
3812 /* First job here is to figure out where to send the
3813 OEM events. There's no way in IPMI to send OEM
3814 events using an event send command, so we have to
3815 find the SEL to put them in and stick them in
3816 there. */
3817
3818 /* Get capabilities from the get device id. */
3819 intf->local_sel_device = 0;
3820 intf->local_event_generator = 0;
3821 intf->event_receiver = 0;
3822
3823 /* Request the device info from the local MC. */
3824 msg.netfn = IPMI_NETFN_APP_REQUEST;
3825 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
3826 msg.data = NULL;
3827 msg.data_len = 0;
3828 intf->null_user_handler = device_id_fetcher;
3829 i_ipmi_request(NULL,
3830 intf,
3831 &addr,
3832 0,
3833 &msg,
56a55ec6 3834 intf,
1da177e4
LT		 3835 &smi_msg,
3836 &recv_msg,
3837 0,
c14979b9
CM		 3838 intf->channels[0].address,
3839 intf->channels[0].lun,
1da177e4
LT		 3840 0, 1); /* Don't retry, and don't wait. */
3841
3842 if (intf->local_event_generator) {
3843 /* Request the event receiver from the local MC. */
3844 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
3845 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
3846 msg.data = NULL;
3847 msg.data_len = 0;
3848 intf->null_user_handler = event_receiver_fetcher;
3849 i_ipmi_request(NULL,
3850 intf,
3851 &addr,
3852 0,
3853 &msg,
56a55ec6 3854 intf,
1da177e4
LT		 3855 &smi_msg,
3856 &recv_msg,
3857 0,
c14979b9
CM		 3858 intf->channels[0].address,
3859 intf->channels[0].lun,
1da177e4
LT		 3860 0, 1); /* no retry, and no wait. */
3861 }
3862 intf->null_user_handler = NULL;
3863
3864 /* Validate the event receiver. The low bit must not
3865 be 1 (it must be a valid IPMB address), it cannot
3866 be zero, and it must not be my address. */
3867 if (((intf->event_receiver & 1) == 0)
3868 && (intf->event_receiver != 0)
c14979b9 3869 && (intf->event_receiver != intf->channels[0].address))
1da177e4
LT		 3870 {
3871 /* The event receiver is valid, send an IPMB
3872 message. */
3873 ipmb = (struct ipmi_ipmb_addr *) &addr;
3874 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
3875 ipmb->channel = 0; /* FIXME - is this right? */
3876 ipmb->lun = intf->event_receiver_lun;
3877 ipmb->slave_addr = intf->event_receiver;
3878 } else if (intf->local_sel_device) {
3879 /* The event receiver was not valid (or was
3880 me), but I am an SEL device, just dump it
3881 in my SEL. */
3882 si = (struct ipmi_system_interface_addr *) &addr;
3883 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3884 si->channel = IPMI_BMC_CHANNEL;
3885 si->lun = 0;
3886 } else
3887 continue; /* No where to send the event. */
3888
3889
3890 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
3891 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
3892 msg.data = data;
3893 msg.data_len = 16;
3894
3895 j = 0;
3896 while (*p) {
3897 int size = strlen(p);
3898
3899 if (size > 11)
3900 size = 11;
3901 data[0] = 0;
3902 data[1] = 0;
3903 data[2] = 0xf0; /* OEM event without timestamp. */
c14979b9 3904 data[3] = intf->channels[0].address;
1da177e4
LT		 3905 data[4] = j++; /* sequence # */
3906 /* Always give 11 bytes, so strncpy will fill
3907 it with zeroes for me. */
3908 strncpy(data+5, p, 11);
3909 p += size;
3910
3911 i_ipmi_request(NULL,
3912 intf,
3913 &addr,
3914 0,
3915 &msg,
56a55ec6 3916 intf,
1da177e4
LT		 3917 &smi_msg,
3918 &recv_msg,
3919 0,
c14979b9
CM		 3920 intf->channels[0].address,
3921 intf->channels[0].lun,
1da177e4
LT		 3922 0, 1); /* no retry, and no wait. */
3923 }
3924 }
3925#endif /* CONFIG_IPMI_PANIC_STRING */
3926}
3927#endif /* CONFIG_IPMI_PANIC_EVENT */
3928
f18190bd 3929static int has_panicked = 0;
1da177e4
LT		 3930
3931static int panic_event(struct notifier_block *this,
3932 unsigned long event,
3933 void *ptr)
3934{
1da177e4
LT		 3935 ipmi_smi_t intf;
3936
f18190bd 3937 if (has_panicked)
1da177e4 3938 return NOTIFY_DONE;
f18190bd 3939 has_panicked = 1;
1da177e4
LT		 3940
3941 /* For every registered interface, set it to run to completion. */
bca0324d 3942 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
b2c03941
CM		 3943 if (!intf->handlers)
3944 /* Interface is not ready. */
1da177e4
LT		 3945 continue;
3946
3947 intf->handlers->set_run_to_completion(intf->send_info, 1);
3948 }
3949
3950#ifdef CONFIG_IPMI_PANIC_EVENT
3951 send_panic_events(ptr);
3952#endif
3953
3954 return NOTIFY_DONE;
3955}
3956
3957static struct notifier_block panic_block = {
3958 .notifier_call = panic_event,
3959 .next = NULL,
3960 .priority = 200 /* priority: INT_MAX >= x >= 0 */
3961};
3962
3963static int ipmi_init_msghandler(void)
3964{
50c812b2 3965 int rv;
1da177e4
LT		 3966
3967 if (initialized)
3968 return 0;
3969
50c812b2
CM		 3970 rv = driver_register(&ipmidriver);
3971 if (rv) {
3972 printk(KERN_ERR PFX "Could not register IPMI driver\n");
3973 return rv;
3974 }
3975
1da177e4 3976 printk(KERN_INFO "ipmi message handler version "
1fdd75bd 3977 IPMI_DRIVER_VERSION "\n");
1da177e4 3978
3b625943 3979#ifdef CONFIG_PROC_FS
1da177e4
LT		 3980 proc_ipmi_root = proc_mkdir("ipmi", NULL);
3981 if (!proc_ipmi_root) {
3982 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
3983 return -ENOMEM;
3984 }
3985
3986 proc_ipmi_root->owner = THIS_MODULE;
3b625943 3987#endif /* CONFIG_PROC_FS */
1da177e4 3988
409035e0
CM		 3989 setup_timer(&ipmi_timer, ipmi_timeout, 0);
3990 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
1da177e4 3991
e041c683 3992 atomic_notifier_chain_register(&panic_notifier_list, &panic_block);
1da177e4
LT		 3993
3994 initialized = 1;
3995
3996 return 0;
3997}
3998
3999static __init int ipmi_init_msghandler_mod(void)
4000{
4001 ipmi_init_msghandler();
4002 return 0;
4003}
4004
4005static __exit void cleanup_ipmi(void)
4006{
4007 int count;
4008
4009 if (!initialized)
4010 return;
4011
e041c683 4012 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block);
1da177e4
LT		 4013
4014 /* This can't be called if any interfaces exist, so no worry about
4015 shutting down the interfaces. */
4016
4017 /* Tell the timer to stop, then wait for it to stop. This avoids
4018 problems with race conditions removing the timer here. */
8f43f84f
CM		 4019 atomic_inc(&stop_operation);
4020 del_timer_sync(&ipmi_timer);
1da177e4 4021
3b625943 4022#ifdef CONFIG_PROC_FS
1da177e4 4023 remove_proc_entry(proc_ipmi_root->name, &proc_root);
3b625943 4024#endif /* CONFIG_PROC_FS */
1da177e4 4025
50c812b2
CM		 4026 driver_unregister(&ipmidriver);
4027
1da177e4
LT		 4028 initialized = 0;
4029
4030 /* Check for buffer leaks. */
4031 count = atomic_read(&smi_msg_inuse_count);
4032 if (count != 0)
4033 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
4034 count);
4035 count = atomic_read(&recv_msg_inuse_count);
4036 if (count != 0)
4037 printk(KERN_WARNING PFX "recv message count %d at exit\n",
4038 count);
4039}
4040module_exit(cleanup_ipmi);
4041
4042module_init(ipmi_init_msghandler_mod);
4043MODULE_LICENSE("GPL");
1fdd75bd
CM		 4044MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
4045MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI interface.");
4046MODULE_VERSION(IPMI_DRIVER_VERSION);
1da177e4
LT		 4047
4048EXPORT_SYMBOL(ipmi_create_user);
4049EXPORT_SYMBOL(ipmi_destroy_user);
4050EXPORT_SYMBOL(ipmi_get_version);
4051EXPORT_SYMBOL(ipmi_request_settime);
4052EXPORT_SYMBOL(ipmi_request_supply_msgs);
4053EXPORT_SYMBOL(ipmi_register_smi);
4054EXPORT_SYMBOL(ipmi_unregister_smi);
4055EXPORT_SYMBOL(ipmi_register_for_cmd);
4056EXPORT_SYMBOL(ipmi_unregister_for_cmd);
4057EXPORT_SYMBOL(ipmi_smi_msg_received);
4058EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
4059EXPORT_SYMBOL(ipmi_alloc_smi_msg);
4060EXPORT_SYMBOL(ipmi_addr_length);
4061EXPORT_SYMBOL(ipmi_validate_addr);
4062EXPORT_SYMBOL(ipmi_set_gets_events);
4063EXPORT_SYMBOL(ipmi_smi_watcher_register);
4064EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
4065EXPORT_SYMBOL(ipmi_set_my_address);
4066EXPORT_SYMBOL(ipmi_get_my_address);
4067EXPORT_SYMBOL(ipmi_set_my_LUN);
4068EXPORT_SYMBOL(ipmi_get_my_LUN);
4069EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
4070EXPORT_SYMBOL(ipmi_user_set_run_to_completion);
393d2cc3 4071EXPORT_SYMBOL(ipmi_free_recv_msg);
Linux kernel - Deliverables
This page took 0.405035 seconds and 5 git commands to generate.