projects / deliverable / linux.git / blob
? search:


64c9afa50c13027d677e6df964cfa3166495a6f2
[deliverable/linux.git] / drivers / char / ipmi / ipmi_bt_sm.c
1 /*
2 * ipmi_bt_sm.c
3 *
4 * The state machine for an Open IPMI BT sub-driver under ipmi_si.c, part
5 * of the driver architecture at http://sourceforge.net/project/openipmi
6 *
7 * Author: Rocky Craig <first.last@hp.com>
8 *
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the
11 * Free Software Foundation; either version 2 of the License, or (at your
12 * option) any later version.
13 *
14 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
15 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
16 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
19 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
20 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
21 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
22 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
23 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 *
25 * You should have received a copy of the GNU General Public License along
26 * with this program; if not, write to the Free Software Foundation, Inc.,
27 * 675 Mass Ave, Cambridge, MA 02139, USA. */
28
29 #include <linux/kernel.h> /* For printk. */
30 #include <linux/string.h>
31 #include <linux/ipmi_msgdefs.h> /* for completion codes */
32 #include "ipmi_si_sm.h"
33
34 static int bt_debug = 0x00; /* Production value 0, see following flags */
35
36 #define BT_DEBUG_ENABLE 1
37 #define BT_DEBUG_MSG 2
38 #define BT_DEBUG_STATES 4
39
40 /* Typical "Get BT Capabilities" values are 2-3 retries, 5-10 seconds,
41 and 64 byte buffers. However, one HP implementation wants 255 bytes of
42 buffer (with a documented message of 160 bytes) so go for the max.
43 Since the Open IPMI architecture is single-message oriented at this
44 stage, the queue depth of BT is of no concern. */
45
46 #define BT_NORMAL_TIMEOUT 2000000 /* seconds in microseconds */
47 #define BT_RETRY_LIMIT 2
48 #define BT_RESET_DELAY 6000000 /* 6 seconds after warm reset */
49
50 enum bt_states {
51 BT_STATE_IDLE,
52 BT_STATE_XACTION_START,
53 BT_STATE_WRITE_BYTES,
54 BT_STATE_WRITE_END,
55 BT_STATE_WRITE_CONSUME,
56 BT_STATE_B2H_WAIT,
57 BT_STATE_READ_END,
58 BT_STATE_RESET1, /* These must come last */
59 BT_STATE_RESET2,
60 BT_STATE_RESET3,
61 BT_STATE_RESTART,
62 BT_STATE_HOSED
63 };
64
65 struct si_sm_data {
66 enum bt_states state;
67 enum bt_states last_state; /* assist printing and resets */
68 unsigned char seq; /* BT sequence number */
69 struct si_sm_io *io;
70 unsigned char write_data[IPMI_MAX_MSG_LENGTH];
71 int write_count;
72 unsigned char read_data[IPMI_MAX_MSG_LENGTH];
73 int read_count;
74 int truncated;
75 long timeout;
76 unsigned int error_retries; /* end of "common" fields */
77 int nonzero_status; /* hung BMCs stay all 0 */
78 };
79
80 #define BT_CLR_WR_PTR 0x01 /* See IPMI 1.5 table 11.6.4 */
81 #define BT_CLR_RD_PTR 0x02
82 #define BT_H2B_ATN 0x04
83 #define BT_B2H_ATN 0x08
84 #define BT_SMS_ATN 0x10
85 #define BT_OEM0 0x20
86 #define BT_H_BUSY 0x40
87 #define BT_B_BUSY 0x80
88
89 /* Some bits are toggled on each write: write once to set it, once
90 more to clear it; writing a zero does nothing. To absolutely
91 clear it, check its state and write if set. This avoids the "get
92 current then use as mask" scheme to modify one bit. Note that the
93 variable "bt" is hardcoded into these macros. */
94
95 #define BT_STATUS bt->io->inputb(bt->io, 0)
96 #define BT_CONTROL(x) bt->io->outputb(bt->io, 0, x)
97
98 #define BMC2HOST bt->io->inputb(bt->io, 1)
99 #define HOST2BMC(x) bt->io->outputb(bt->io, 1, x)
100
101 #define BT_INTMASK_R bt->io->inputb(bt->io, 2)
102 #define BT_INTMASK_W(x) bt->io->outputb(bt->io, 2, x)
103
104 /* Convenience routines for debugging. These are not multi-open safe!
105 Note the macros have hardcoded variables in them. */
106
107 static char *state2txt(unsigned char state)
108 {
109 switch (state) {
110 case BT_STATE_IDLE: return("IDLE");
111 case BT_STATE_XACTION_START: return("XACTION");
112 case BT_STATE_WRITE_BYTES: return("WR_BYTES");
113 case BT_STATE_WRITE_END: return("WR_END");
114 case BT_STATE_WRITE_CONSUME: return("WR_CONSUME");
115 case BT_STATE_B2H_WAIT: return("B2H_WAIT");
116 case BT_STATE_READ_END: return("RD_END");
117 case BT_STATE_RESET1: return("RESET1");
118 case BT_STATE_RESET2: return("RESET2");
119 case BT_STATE_RESET3: return("RESET3");
120 case BT_STATE_RESTART: return("RESTART");
121 case BT_STATE_HOSED: return("HOSED");
122 }
123 return("BAD STATE");
124 }
125 #define STATE2TXT state2txt(bt->state)
126
127 static char *status2txt(unsigned char status, char *buf)
128 {
129 strcpy(buf, "[ ");
130 if (status & BT_B_BUSY) strcat(buf, "B_BUSY ");
131 if (status & BT_H_BUSY) strcat(buf, "H_BUSY ");
132 if (status & BT_OEM0) strcat(buf, "OEM0 ");
133 if (status & BT_SMS_ATN) strcat(buf, "SMS ");
134 if (status & BT_B2H_ATN) strcat(buf, "B2H ");
135 if (status & BT_H2B_ATN) strcat(buf, "H2B ");
136 strcat(buf, "]");
137 return buf;
138 }
139 #define STATUS2TXT(buf) status2txt(status, buf)
140
141 /* This will be called from within this module on a hosed condition */
142 #define FIRST_SEQ 0
143 static unsigned int bt_init_data(struct si_sm_data *bt, struct si_sm_io *io)
144 {
145 bt->state = BT_STATE_IDLE;
146 bt->last_state = BT_STATE_IDLE;
147 bt->seq = FIRST_SEQ;
148 bt->io = io;
149 bt->write_count = 0;
150 bt->read_count = 0;
151 bt->error_retries = 0;
152 bt->nonzero_status = 0;
153 bt->truncated = 0;
154 bt->timeout = BT_NORMAL_TIMEOUT;
155 return 3; /* We claim 3 bytes of space; ought to check SPMI table */
156 }
157
158 static int bt_start_transaction(struct si_sm_data *bt,
159 unsigned char *data,
160 unsigned int size)
161 {
162 unsigned int i;
163
164 if ((size < 2) || (size > IPMI_MAX_MSG_LENGTH)) return -1;
165
166 if ((bt->state != BT_STATE_IDLE) && (bt->state != BT_STATE_HOSED))
167 return -2;
168
169 if (bt_debug & BT_DEBUG_MSG) {
170 printk(KERN_WARNING "+++++++++++++++++++++++++++++++++++++\n");
171 printk(KERN_WARNING "BT: write seq=0x%02X:", bt->seq);
172 for (i = 0; i < size; i ++) printk (" %02x", data[i]);
173 printk("\n");
174 }
175 bt->write_data[0] = size + 1; /* all data plus seq byte */
176 bt->write_data[1] = *data; /* NetFn/LUN */
177 bt->write_data[2] = bt->seq;
178 memcpy(bt->write_data + 3, data + 1, size - 1);
179 bt->write_count = size + 2;
180
181 bt->error_retries = 0;
182 bt->nonzero_status = 0;
183 bt->read_count = 0;
184 bt->truncated = 0;
185 bt->state = BT_STATE_XACTION_START;
186 bt->last_state = BT_STATE_IDLE;
187 bt->timeout = BT_NORMAL_TIMEOUT;
188 return 0;
189 }
190
191 /* After the upper state machine has been told SI_SM_TRANSACTION_COMPLETE
192 it calls this. Strip out the length and seq bytes. */
193
194 static int bt_get_result(struct si_sm_data *bt,
195 unsigned char *data,
196 unsigned int length)
197 {
198 int i, msg_len;
199
200 msg_len = bt->read_count - 2; /* account for length & seq */
201 /* Always NetFn, Cmd, cCode */
202 if (msg_len < 3 || msg_len > IPMI_MAX_MSG_LENGTH) {
203 printk(KERN_WARNING "BT results: bad msg_len = %d\n", msg_len);
204 data[0] = bt->write_data[1] | 0x4; /* Kludge a response */
205 data[1] = bt->write_data[3];
206 data[2] = IPMI_ERR_UNSPECIFIED;
207 msg_len = 3;
208 } else {
209 data[0] = bt->read_data[1];
210 data[1] = bt->read_data[3];
211 if (length < msg_len) bt->truncated = 1;
212 if (bt->truncated) { /* can be set in read_all_bytes() */
213 data[2] = IPMI_ERR_MSG_TRUNCATED;
214 msg_len = 3;
215 } else memcpy(data + 2, bt->read_data + 4, msg_len - 2);
216
217 if (bt_debug & BT_DEBUG_MSG) {
218 printk (KERN_WARNING "BT: res (raw)");
219 for (i = 0; i < msg_len; i++) printk(" %02x", data[i]);
220 printk ("\n");
221 }
222 }
223 bt->read_count = 0; /* paranoia */
224 return msg_len;
225 }
226
227 /* This bit's functionality is optional */
228 #define BT_BMC_HWRST 0x80
229
230 static void reset_flags(struct si_sm_data *bt)
231 {
232 if (BT_STATUS & BT_H_BUSY) BT_CONTROL(BT_H_BUSY);
233 if (BT_STATUS & BT_B_BUSY) BT_CONTROL(BT_B_BUSY);
234 BT_CONTROL(BT_CLR_WR_PTR);
235 BT_CONTROL(BT_SMS_ATN);
236 #ifdef DEVELOPMENT_ONLY_NOT_FOR_PRODUCTION
237 if (BT_STATUS & BT_B2H_ATN) {
238 int i;
239 BT_CONTROL(BT_H_BUSY);
240 BT_CONTROL(BT_B2H_ATN);
241 BT_CONTROL(BT_CLR_RD_PTR);
242 for (i = 0; i < IPMI_MAX_MSG_LENGTH + 2; i++) BMC2HOST;
243 BT_CONTROL(BT_H_BUSY);
244 }
245 #endif
246 }
247
248 static inline void write_all_bytes(struct si_sm_data *bt)
249 {
250 int i;
251
252 if (bt_debug & BT_DEBUG_MSG) {
253 printk(KERN_WARNING "BT: write %d bytes seq=0x%02X",
254 bt->write_count, bt->seq);
255 for (i = 0; i < bt->write_count; i++)
256 printk (" %02x", bt->write_data[i]);
257 printk ("\n");
258 }
259 for (i = 0; i < bt->write_count; i++) HOST2BMC(bt->write_data[i]);
260 }
261
262 static inline int read_all_bytes(struct si_sm_data *bt)
263 {
264 unsigned char i;
265
266 bt->read_data[0] = BMC2HOST;
267 bt->read_count = bt->read_data[0];
268 if (bt_debug & BT_DEBUG_MSG)
269 printk(KERN_WARNING "BT: read %d bytes:", bt->read_count);
270
271 /* minimum: length, NetFn, Seq, Cmd, cCode == 5 total, or 4 more
272 following the length byte. */
273 if (bt->read_count < 4 || bt->read_count >= IPMI_MAX_MSG_LENGTH) {
274 if (bt_debug & BT_DEBUG_MSG)
275 printk("bad length %d\n", bt->read_count);
276 bt->truncated = 1;
277 return 1; /* let next XACTION START clean it up */
278 }
279 for (i = 1; i <= bt->read_count; i++) bt->read_data[i] = BMC2HOST;
280 bt->read_count++; /* account for the length byte */
281
282 if (bt_debug & BT_DEBUG_MSG) {
283 for (i = 0; i < bt->read_count; i++)
284 printk (" %02x", bt->read_data[i]);
285 printk ("\n");
286 }
287 if (bt->seq != bt->write_data[2]) /* idiot check */
288 printk(KERN_WARNING "BT: internal error: sequence mismatch\n");
289
290 /* per the spec, the (NetFn, Seq, Cmd) tuples should match */
291 if ((bt->read_data[3] == bt->write_data[3]) && /* Cmd */
292 (bt->read_data[2] == bt->write_data[2]) && /* Sequence */
293 ((bt->read_data[1] & 0xF8) == (bt->write_data[1] & 0xF8)))
294 return 1;
295
296 if (bt_debug & BT_DEBUG_MSG) printk(KERN_WARNING "BT: bad packet: "
297 "want 0x(%02X, %02X, %02X) got (%02X, %02X, %02X)\n",
298 bt->write_data[1], bt->write_data[2], bt->write_data[3],
299 bt->read_data[1], bt->read_data[2], bt->read_data[3]);
300 return 0;
301 }
302
303 /* Modifies bt->state appropriately, need to get into the bt_event() switch */
304
305 static void error_recovery(struct si_sm_data *bt, char *reason)
306 {
307 unsigned char status;
308 char buf[40]; /* For getting status */
309
310 bt->timeout = BT_NORMAL_TIMEOUT; /* various places want to retry */
311
312 status = BT_STATUS;
313 printk(KERN_WARNING "BT: %s in %s %s ", reason, STATE2TXT,
314 STATUS2TXT(buf));
315
316 (bt->error_retries)++;
317 if (bt->error_retries > BT_RETRY_LIMIT) {
318 printk("retry limit (%d) exceeded\n", BT_RETRY_LIMIT);
319 bt->state = BT_STATE_HOSED;
320 if (!bt->nonzero_status)
321 printk(KERN_ERR "IPMI: BT stuck, try power cycle\n");
322 else if (bt->seq == FIRST_SEQ + BT_RETRY_LIMIT) {
323 /* most likely during insmod */
324 printk(KERN_WARNING "IPMI: BT reset (takes 5 secs)\n");
325 bt->state = BT_STATE_RESET1;
326 }
327 return;
328 }
329
330 /* Sometimes the BMC queues get in an "off-by-one" state...*/
331 if ((bt->state == BT_STATE_B2H_WAIT) && (status & BT_B2H_ATN)) {
332 printk("retry B2H_WAIT\n");
333 return;
334 }
335
336 printk("restart command\n");
337 bt->state = BT_STATE_RESTART;
338 }
339
340 /* Check the status and (possibly) advance the BT state machine. The
341 default return is SI_SM_CALL_WITH_DELAY. */
342
343 static enum si_sm_result bt_event(struct si_sm_data *bt, long time)
344 {
345 unsigned char status;
346 char buf[40]; /* For getting status */
347 int i;
348
349 status = BT_STATUS;
350 bt->nonzero_status |= status;
351
352 if ((bt_debug & BT_DEBUG_STATES) && (bt->state != bt->last_state))
353 printk(KERN_WARNING "BT: %s %s TO=%ld - %ld \n",
354 STATE2TXT,
355 STATUS2TXT(buf),
356 bt->timeout,
357 time);
358 bt->last_state = bt->state;
359
360 if (bt->state == BT_STATE_HOSED) return SI_SM_HOSED;
361
362 if (bt->state != BT_STATE_IDLE) { /* do timeout test */
363
364 /* Certain states, on error conditions, can lock up a CPU
365 because they are effectively in an infinite loop with
366 CALL_WITHOUT_DELAY (right back here with time == 0).
367 Prevent infinite lockup by ALWAYS decrementing timeout. */
368
369 /* FIXME: bt_event is sometimes called with time > BT_NORMAL_TIMEOUT
370 (noticed in ipmi_smic_sm.c January 2004) */
371
372 if ((time <= 0) || (time >= BT_NORMAL_TIMEOUT)) time = 100;
373 bt->timeout -= time;
374 if ((bt->timeout < 0) && (bt->state < BT_STATE_RESET1)) {
375 error_recovery(bt, "timed out");
376 return SI_SM_CALL_WITHOUT_DELAY;
377 }
378 }
379
380 switch (bt->state) {
381
382 case BT_STATE_IDLE: /* check for asynchronous messages */
383 if (status & BT_SMS_ATN) {
384 BT_CONTROL(BT_SMS_ATN); /* clear it */
385 return SI_SM_ATTN;
386 }
387 return SI_SM_IDLE;
388
389 case BT_STATE_XACTION_START:
390 if (status & BT_H_BUSY) {
391 BT_CONTROL(BT_H_BUSY);
392 break;
393 }
394 if (status & BT_B2H_ATN) break;
395 bt->state = BT_STATE_WRITE_BYTES;
396 return SI_SM_CALL_WITHOUT_DELAY; /* for logging */
397
398 case BT_STATE_WRITE_BYTES:
399 if (status & (BT_B_BUSY | BT_H2B_ATN)) break;
400 BT_CONTROL(BT_CLR_WR_PTR);
401 write_all_bytes(bt);
402 BT_CONTROL(BT_H2B_ATN); /* clears too fast to catch? */
403 bt->state = BT_STATE_WRITE_CONSUME;
404 return SI_SM_CALL_WITHOUT_DELAY; /* it MIGHT sail through */
405
406 case BT_STATE_WRITE_CONSUME: /* BMCs usually blow right thru here */
407 if (status & (BT_H2B_ATN | BT_B_BUSY)) break;
408 bt->state = BT_STATE_B2H_WAIT;
409 /* fall through with status */
410
411 /* Stay in BT_STATE_B2H_WAIT until a packet matches. However, spinning
412 hard here, constantly reading status, seems to hold off the
413 generation of B2H_ATN so ALWAYS return CALL_WITH_DELAY. */
414
415 case BT_STATE_B2H_WAIT:
416 if (!(status & BT_B2H_ATN)) break;
417
418 /* Assume ordered, uncached writes: no need to wait */
419 if (!(status & BT_H_BUSY)) BT_CONTROL(BT_H_BUSY); /* set */
420 BT_CONTROL(BT_B2H_ATN); /* clear it, ACK to the BMC */
421 BT_CONTROL(BT_CLR_RD_PTR); /* reset the queue */
422 i = read_all_bytes(bt);
423 BT_CONTROL(BT_H_BUSY); /* clear */
424 if (!i) break; /* Try this state again */
425 bt->state = BT_STATE_READ_END;
426 return SI_SM_CALL_WITHOUT_DELAY; /* for logging */
427
428 case BT_STATE_READ_END:
429
430 /* I could wait on BT_H_BUSY to go clear for a truly clean
431 exit. However, this is already done in XACTION_START
432 and the (possible) extra loop/status/possible wait affects
433 performance. So, as long as it works, just ignore H_BUSY */
434
435 #ifdef MAKE_THIS_TRUE_IF_NECESSARY
436
437 if (status & BT_H_BUSY) break;
438 #endif
439 bt->seq++;
440 bt->state = BT_STATE_IDLE;
441 return SI_SM_TRANSACTION_COMPLETE;
442
443 case BT_STATE_RESET1:
444 reset_flags(bt);
445 bt->timeout = BT_RESET_DELAY;
446 bt->state = BT_STATE_RESET2;
447 break;
448
449 case BT_STATE_RESET2: /* Send a soft reset */
450 BT_CONTROL(BT_CLR_WR_PTR);
451 HOST2BMC(3); /* number of bytes following */
452 HOST2BMC(0x18); /* NetFn/LUN == Application, LUN 0 */
453 HOST2BMC(42); /* Sequence number */
454 HOST2BMC(3); /* Cmd == Soft reset */
455 BT_CONTROL(BT_H2B_ATN);
456 bt->state = BT_STATE_RESET3;
457 break;
458
459 case BT_STATE_RESET3:
460 if (bt->timeout > 0) return SI_SM_CALL_WITH_DELAY;
461 bt->state = BT_STATE_RESTART; /* printk in debug modes */
462 break;
463
464 case BT_STATE_RESTART: /* don't reset retries! */
465 bt->write_data[2] = ++bt->seq;
466 bt->read_count = 0;
467 bt->nonzero_status = 0;
468 bt->timeout = BT_NORMAL_TIMEOUT;
469 bt->state = BT_STATE_XACTION_START;
470 break;
471
472 default: /* HOSED is supposed to be caught much earlier */
473 error_recovery(bt, "internal logic error");
474 break;
475 }
476 return SI_SM_CALL_WITH_DELAY;
477 }
478
479 static int bt_detect(struct si_sm_data *bt)
480 {
481 /* It's impossible for the BT status and interrupt registers to be
482 all 1's, (assuming a properly functioning, self-initialized BMC)
483 but that's what you get from reading a bogus address, so we
484 test that first. The calling routine uses negative logic. */
485
486 if ((BT_STATUS == 0xFF) && (BT_INTMASK_R == 0xFF)) return 1;
487 reset_flags(bt);
488 return 0;
489 }
490
491 static void bt_cleanup(struct si_sm_data *bt)
492 {
493 }
494
495 static int bt_size(void)
496 {
497 return sizeof(struct si_sm_data);
498 }
499
500 struct si_sm_handlers bt_smi_handlers =
501 {
502 .init_data = bt_init_data,
503 .start_transaction = bt_start_transaction,
504 .get_result = bt_get_result,
505 .event = bt_event,
506 .detect = bt_detect,
507 .cleanup = bt_cleanup,
508 .size = bt_size,
509 };
Linux kernel - Deliverables
This page took 0.041652 seconds and 4 git commands to generate.