[mirror_ubuntu-artful-kernel.git] / drivers / acpi / acpi_ipmi.c

/*
 *  acpi_ipmi.c - ACPI IPMI opregion
 *
 *  Copyright (C) 2010 Intel Corporation
 *  Copyright (C) 2010 Zhao Yakui <yakui.zhao@intel.com>
 *
 * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or (at
 *  your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful, but
 *  WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
 *
 * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 */

#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/init.h>
#include <linux/types.h>
#include <linux/delay.h>
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
#include <linux/interrupt.h>
#include <linux/list.h>
#include <linux/spinlock.h>
#include <linux/io.h>
#include <acpi/acpi_bus.h>
#include <acpi/acpi_drivers.h>
#include <linux/ipmi.h>
#include <linux/device.h>
#include <linux/pnp.h>
#include <linux/spinlock.h>

MODULE_AUTHOR("Zhao Yakui");
MODULE_DESCRIPTION("ACPI IPMI Opregion driver");
MODULE_LICENSE("GPL");

#define IPMI_FLAGS_HANDLER_INSTALL	0

#define ACPI_IPMI_OK			0
#define ACPI_IPMI_TIMEOUT		0x10
#define ACPI_IPMI_UNKNOWN		0x07
/* the IPMI timeout is 5s */
#define IPMI_TIMEOUT			(5000)
#define ACPI_IPMI_MAX_MSG_LENGTH	64

struct acpi_ipmi_device {
	/* the device list attached to driver_data.ipmi_devices */
	struct list_head head;
	/* the IPMI request message list */
	struct list_head tx_msg_list;
	spinlock_t	tx_msg_lock;
	acpi_handle handle;
	struct pnp_dev *pnp_dev;
	ipmi_user_t	user_interface;
	int ipmi_ifnum; /* IPMI interface number */
	long curr_msgid;
	unsigned long flags;
	struct ipmi_smi_info smi_data;
};

struct ipmi_driver_data {
	struct list_head	ipmi_devices;
	struct ipmi_smi_watcher	bmc_events;
	struct ipmi_user_hndl	ipmi_hndlrs;
	struct mutex		ipmi_lock;
};

struct acpi_ipmi_msg {
	struct list_head head;
	/*
	 * General speaking the addr type should be SI_ADDR_TYPE. And
	 * the addr channel should be BMC.
	 * In fact it can also be IPMB type. But we will have to
	 * parse it from the Netfn command buffer. It is so complex
	 * that it is skipped.
	 */
	struct ipmi_addr addr;
	long tx_msgid;
	/* it is used to track whether the IPMI message is finished */
	struct completion tx_complete;
	struct kernel_ipmi_msg tx_message;
	int	msg_done;
	/* tx/rx data . And copy it from/to ACPI object buffer */
	u8	data[ACPI_IPMI_MAX_MSG_LENGTH];
	u8	rx_len;
	struct acpi_ipmi_device *device;
};

/* IPMI request/response buffer per ACPI 4.0, sec 5.5.2.4.3.2 */
struct acpi_ipmi_buffer {
	u8 status;
	u8 length;
	u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
};

static void ipmi_register_bmc(int iface, struct device *dev);
static void ipmi_bmc_gone(int iface);
static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data);
static void acpi_add_ipmi_device(struct acpi_ipmi_device *ipmi_device);
static void acpi_remove_ipmi_device(struct acpi_ipmi_device *ipmi_device);

static struct ipmi_driver_data driver_data = {
	.ipmi_devices = LIST_HEAD_INIT(driver_data.ipmi_devices),
	.bmc_events = {
		.owner = THIS_MODULE,
		.new_smi = ipmi_register_bmc,
		.smi_gone = ipmi_bmc_gone,
	},
	.ipmi_hndlrs = {
		.ipmi_recv_hndl = ipmi_msg_handler,
	},
};

static struct acpi_ipmi_msg *acpi_alloc_ipmi_msg(struct acpi_ipmi_device *ipmi)
{
	struct acpi_ipmi_msg *ipmi_msg;
	struct pnp_dev *pnp_dev = ipmi->pnp_dev;

	ipmi_msg = kzalloc(sizeof(struct acpi_ipmi_msg), GFP_KERNEL);
	if (!ipmi_msg)	{
		dev_warn(&pnp_dev->dev, "Can't allocate memory for ipmi_msg\n");
		return NULL;
	}
	init_completion(&ipmi_msg->tx_complete);
	INIT_LIST_HEAD(&ipmi_msg->head);
	ipmi_msg->device = ipmi;
	ipmi_msg->msg_done = ACPI_IPMI_UNKNOWN;
	return ipmi_msg;
}

#define		IPMI_OP_RGN_NETFN(offset)	((offset >> 8) & 0xff)
#define		IPMI_OP_RGN_CMD(offset)		(offset & 0xff)
static int acpi_format_ipmi_request(struct acpi_ipmi_msg *tx_msg,
				acpi_physical_address address,
				acpi_integer *value)
{
	struct kernel_ipmi_msg *msg;
	struct acpi_ipmi_buffer *buffer;
	struct acpi_ipmi_device *device;
	unsigned long flags;

	msg = &tx_msg->tx_message;
	/*
	 * IPMI network function and command are encoded in the address
	 * within the IPMI OpRegion; see ACPI 4.0, sec 5.5.2.4.3.
	 */
	msg->netfn = IPMI_OP_RGN_NETFN(address);
	msg->cmd = IPMI_OP_RGN_CMD(address);
	msg->data = tx_msg->data;
	/*
	 * value is the parameter passed by the IPMI opregion space handler.
	 * It points to the IPMI request message buffer
	 */
	buffer = (struct acpi_ipmi_buffer *)value;
	/* copy the tx message data */
	if (buffer->length > ACPI_IPMI_MAX_MSG_LENGTH) {
		dev_WARN_ONCE(&tx_msg->device->pnp_dev->dev, true,
			      "Unexpected request (msg len %d).\n",
			      buffer->length);
		return -EINVAL;
	}
	msg->data_len = buffer->length;
	memcpy(tx_msg->data, buffer->data, msg->data_len);
	/*
	 * now the default type is SYSTEM_INTERFACE and channel type is BMC.
	 * If the netfn is APP_REQUEST and the cmd is SEND_MESSAGE,
	 * the addr type should be changed to IPMB. Then we will have to parse
	 * the IPMI request message buffer to get the IPMB address.
	 * If so, please fix me.
	 */
	tx_msg->addr.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
	tx_msg->addr.channel = IPMI_BMC_CHANNEL;
	tx_msg->addr.data[0] = 0;

	/* Get the msgid */
	device = tx_msg->device;
	spin_lock_irqsave(&device->tx_msg_lock, flags);
	device->curr_msgid++;
	tx_msg->tx_msgid = device->curr_msgid;
	spin_unlock_irqrestore(&device->tx_msg_lock, flags);
	return 0;
}

static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg,
		acpi_integer *value)
{
	struct acpi_ipmi_buffer *buffer;

	/*
	 * value is also used as output parameter. It represents the response
	 * IPMI message returned by IPMI command.
	 */
	buffer = (struct acpi_ipmi_buffer *)value;
	/*
	 * If the flag of msg_done is not set, it means that the IPMI command is
	 * not executed correctly.
	 */
	buffer->status = msg->msg_done;
	if (msg->msg_done != ACPI_IPMI_OK)
		return;
	/*
	 * If the IPMI response message is obtained correctly, the status code
	 * will be ACPI_IPMI_OK
	 */
	buffer->length = msg->rx_len;
	memcpy(buffer->data, msg->data, msg->rx_len);
}

static void ipmi_flush_tx_msg(struct acpi_ipmi_device *ipmi)
{
	struct acpi_ipmi_msg *tx_msg, *temp;
	int count = HZ / 10;
	struct pnp_dev *pnp_dev = ipmi->pnp_dev;
	unsigned long flags;

	spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
	list_for_each_entry_safe(tx_msg, temp, &ipmi->tx_msg_list, head) {
		/* wake up the sleep thread on the Tx msg */
		complete(&tx_msg->tx_complete);
	}
	spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);

	/* wait for about 100ms to flush the tx message list */
	while (count--) {
		if (list_empty(&ipmi->tx_msg_list))
			break;
		schedule_timeout(1);
	}
	if (!list_empty(&ipmi->tx_msg_list))
		dev_warn(&pnp_dev->dev, "tx msg list is not NULL\n");
}

static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data)
{
	struct acpi_ipmi_device *ipmi_device = user_msg_data;
	int msg_found = 0;
	struct acpi_ipmi_msg *tx_msg;
	struct pnp_dev *pnp_dev = ipmi_device->pnp_dev;
	unsigned long flags;

	if (msg->user != ipmi_device->user_interface) {
		dev_warn(&pnp_dev->dev, "Unexpected response is returned. "
			"returned user %p, expected user %p\n",
			msg->user, ipmi_device->user_interface);
		goto out_msg;
	}
	spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
	list_for_each_entry(tx_msg, &ipmi_device->tx_msg_list, head) {
		if (msg->msgid == tx_msg->tx_msgid) {
			msg_found = 1;
			break;
		}
	}

	if (!msg_found) {
		dev_warn(&pnp_dev->dev, "Unexpected response (msg id %ld) is "
			"returned.\n", msg->msgid);
		goto out_lock;
	}

	/* copy the response data to Rx_data buffer */
	if (msg->msg.data_len > ACPI_IPMI_MAX_MSG_LENGTH) {
		dev_WARN_ONCE(&pnp_dev->dev, true,
			      "Unexpected response (msg len %d).\n",
			      msg->msg.data_len);
		goto out_comp;
	}
	/* response msg is an error msg */
	msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
	if (msg->recv_type == IPMI_RESPONSE_RECV_TYPE &&
	    msg->msg.data_len == 1) {
		if (msg->msg.data[0] == IPMI_TIMEOUT_COMPLETION_CODE) {
			dev_WARN_ONCE(&pnp_dev->dev, true,
				      "Unexpected response (timeout).\n");
			tx_msg->msg_done = ACPI_IPMI_TIMEOUT;
		}
		goto out_comp;
	}
	tx_msg->rx_len = msg->msg.data_len;
	memcpy(tx_msg->data, msg->msg.data, tx_msg->rx_len);
	tx_msg->msg_done = ACPI_IPMI_OK;
out_comp:
	complete(&tx_msg->tx_complete);
out_lock:
	spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
out_msg:
	ipmi_free_recv_msg(msg);
};

static void ipmi_register_bmc(int iface, struct device *dev)
{
	struct acpi_ipmi_device *ipmi_device, *temp;
	struct pnp_dev *pnp_dev;
	ipmi_user_t		user;
	int err;
	struct ipmi_smi_info smi_data;
	acpi_handle handle;

	err = ipmi_get_smi_info(iface, &smi_data);

	if (err)
		return;

	if (smi_data.addr_src != SI_ACPI) {
		put_device(smi_data.dev);
		return;
	}

	handle = smi_data.addr_info.acpi_info.acpi_handle;

	mutex_lock(&driver_data.ipmi_lock);
	list_for_each_entry(temp, &driver_data.ipmi_devices, head) {
		/*
		 * if the corresponding ACPI handle is already added
		 * to the device list, don't add it again.
		 */
		if (temp->handle == handle)
			goto out;
	}

	ipmi_device = kzalloc(sizeof(*ipmi_device), GFP_KERNEL);

	if (!ipmi_device)
		goto out;

	pnp_dev = to_pnp_dev(smi_data.dev);
	ipmi_device->handle = handle;
	ipmi_device->pnp_dev = pnp_dev;

	err = ipmi_create_user(iface, &driver_data.ipmi_hndlrs,
					ipmi_device, &user);
	if (err) {
		dev_warn(&pnp_dev->dev, "Can't create IPMI user interface\n");
		kfree(ipmi_device);
		goto out;
	}
	acpi_add_ipmi_device(ipmi_device);
	ipmi_device->user_interface = user;
	ipmi_device->ipmi_ifnum = iface;
	mutex_unlock(&driver_data.ipmi_lock);
	memcpy(&ipmi_device->smi_data, &smi_data, sizeof(struct ipmi_smi_info));
	return;

out:
	mutex_unlock(&driver_data.ipmi_lock);
	put_device(smi_data.dev);
	return;
}

static void ipmi_bmc_gone(int iface)
{
	struct acpi_ipmi_device *ipmi_device, *temp;

	mutex_lock(&driver_data.ipmi_lock);
	list_for_each_entry_safe(ipmi_device, temp,
				&driver_data.ipmi_devices, head) {
		if (ipmi_device->ipmi_ifnum != iface)
			continue;

		acpi_remove_ipmi_device(ipmi_device);
		put_device(ipmi_device->smi_data.dev);
		kfree(ipmi_device);
		break;
	}
	mutex_unlock(&driver_data.ipmi_lock);
}
/* --------------------------------------------------------------------------
 *			Address Space Management
 * -------------------------------------------------------------------------- */
/*
 * This is the IPMI opregion space handler.
 * @function: indicates the read/write. In fact as the IPMI message is driven
 * by command, only write is meaningful.
 * @address: This contains the netfn/command of IPMI request message.
 * @bits   : not used.
 * @value  : it is an in/out parameter. It points to the IPMI message buffer.
 *	     Before the IPMI message is sent, it represents the actual request
 *	     IPMI message. After the IPMI message is finished, it represents
 *	     the response IPMI message returned by IPMI command.
 * @handler_context: IPMI device context.
 */

static acpi_status
acpi_ipmi_space_handler(u32 function, acpi_physical_address address,
		      u32 bits, acpi_integer *value,
		      void *handler_context, void *region_context)
{
	struct acpi_ipmi_msg *tx_msg;
	struct acpi_ipmi_device *ipmi_device = handler_context;
	int err;
	acpi_status status;
	unsigned long flags;
	/*
	 * IPMI opregion message.
	 * IPMI message is firstly written to the BMC and system software
	 * can get the respsonse. So it is unmeaningful for the read access
	 * of IPMI opregion.
	 */
	if ((function & ACPI_IO_MASK) == ACPI_READ)
		return AE_TYPE;

	if (!ipmi_device->user_interface)
		return AE_NOT_EXIST;

	tx_msg = acpi_alloc_ipmi_msg(ipmi_device);
	if (!tx_msg)
		return AE_NO_MEMORY;

	if (acpi_format_ipmi_request(tx_msg, address, value) != 0) {
		status = AE_TYPE;
		goto out_msg;
	}
	spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
	list_add_tail(&tx_msg->head, &ipmi_device->tx_msg_list);
	spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
	err = ipmi_request_settime(ipmi_device->user_interface,
					&tx_msg->addr,
					tx_msg->tx_msgid,
					&tx_msg->tx_message,
					NULL, 0, 0, IPMI_TIMEOUT);
	if (err) {
		status = AE_ERROR;
		goto out_list;
	}
	wait_for_completion(&tx_msg->tx_complete);
	acpi_format_ipmi_response(tx_msg, value);
	status = AE_OK;

out_list:
	spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
	list_del(&tx_msg->head);
	spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
out_msg:
	kfree(tx_msg);
	return status;
}

static void ipmi_remove_space_handler(struct acpi_ipmi_device *ipmi)
{
	if (!test_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags))
		return;

	acpi_remove_address_space_handler(ipmi->handle,
				ACPI_ADR_SPACE_IPMI, &acpi_ipmi_space_handler);

	clear_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags);
}

static int ipmi_install_space_handler(struct acpi_ipmi_device *ipmi)
{
	acpi_status status;

	if (test_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags))
		return 0;

	status = acpi_install_address_space_handler(ipmi->handle,
						    ACPI_ADR_SPACE_IPMI,
						    &acpi_ipmi_space_handler,
						    NULL, ipmi);
	if (ACPI_FAILURE(status)) {
		struct pnp_dev *pnp_dev = ipmi->pnp_dev;
		dev_warn(&pnp_dev->dev, "Can't register IPMI opregion space "
			"handle\n");
		return -EINVAL;
	}
	set_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags);
	return 0;
}

static void acpi_add_ipmi_device(struct acpi_ipmi_device *ipmi_device)
{

	INIT_LIST_HEAD(&ipmi_device->head);

	spin_lock_init(&ipmi_device->tx_msg_lock);
	INIT_LIST_HEAD(&ipmi_device->tx_msg_list);
	ipmi_install_space_handler(ipmi_device);

	list_add_tail(&ipmi_device->head, &driver_data.ipmi_devices);
}

static void acpi_remove_ipmi_device(struct acpi_ipmi_device *ipmi_device)
{
	/*
	 * If the IPMI user interface is created, it should be
	 * destroyed.
	 */
	if (ipmi_device->user_interface) {
		ipmi_destroy_user(ipmi_device->user_interface);
		ipmi_device->user_interface = NULL;
	}
	/* flush the Tx_msg list */
	if (!list_empty(&ipmi_device->tx_msg_list))
		ipmi_flush_tx_msg(ipmi_device);

	list_del(&ipmi_device->head);
	ipmi_remove_space_handler(ipmi_device);
}

static int __init acpi_ipmi_init(void)
{
	int result = 0;

	if (acpi_disabled)
		return result;

	mutex_init(&driver_data.ipmi_lock);

	result = ipmi_smi_watcher_register(&driver_data.bmc_events);

	return result;
}

static void __exit acpi_ipmi_exit(void)
{
	struct acpi_ipmi_device *ipmi_device, *temp;

	if (acpi_disabled)
		return;

	ipmi_smi_watcher_unregister(&driver_data.bmc_events);

	/*
	 * When one smi_watcher is unregistered, it is only deleted
	 * from the smi_watcher list. But the smi_gone callback function
	 * is not called. So explicitly uninstall the ACPI IPMI oregion
	 * handler and free it.
	 */
	mutex_lock(&driver_data.ipmi_lock);
	list_for_each_entry_safe(ipmi_device, temp,
				&driver_data.ipmi_devices, head) {
		acpi_remove_ipmi_device(ipmi_device);
		put_device(ipmi_device->smi_data.dev);
		kfree(ipmi_device);
	}
	mutex_unlock(&driver_data.ipmi_lock);
}

module_init(acpi_ipmi_init);
module_exit(acpi_ipmi_exit);
Commit	Line	Data
e92b297c ZY	1	/*
	2	* acpi_ipmi.c - ACPI IPMI opregion
	3	*
	4	* Copyright (C) 2010 Intel Corporation
	5	* Copyright (C) 2010 Zhao Yakui <yakui.zhao@intel.com>
	6	*
	7	* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	8	*
	9	* This program is free software; you can redistribute it and/or modify
	10	* it under the terms of the GNU General Public License as published by
	11	* the Free Software Foundation; either version 2 of the License, or (at
	12	* your option) any later version.
	13	*
	14	* This program is distributed in the hope that it will be useful, but
	15	* WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU General Public License along
	20	* with this program; if not, write to the Free Software Foundation, Inc.,
	21	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
	22	*
	23	* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	24	*/
	25
	26	#include <linux/kernel.h>
	27	#include <linux/module.h>
	28	#include <linux/init.h>
	29	#include <linux/types.h>
	30	#include <linux/delay.h>
	31	#include <linux/proc_fs.h>
	32	#include <linux/seq_file.h>
	33	#include <linux/interrupt.h>
	34	#include <linux/list.h>
	35	#include <linux/spinlock.h>
	36	#include <linux/io.h>
	37	#include <acpi/acpi_bus.h>
	38	#include <acpi/acpi_drivers.h>
	39	#include <linux/ipmi.h>
	40	#include <linux/device.h>
	41	#include <linux/pnp.h>
06a8566b	42	#include <linux/spinlock.h>
e92b297c ZY	43
	44	MODULE_AUTHOR("Zhao Yakui");
	45	MODULE_DESCRIPTION("ACPI IPMI Opregion driver");
	46	MODULE_LICENSE("GPL");
	47
	48	#define IPMI_FLAGS_HANDLER_INSTALL 0
	49
	50	#define ACPI_IPMI_OK 0
	51	#define ACPI_IPMI_TIMEOUT 0x10
	52	#define ACPI_IPMI_UNKNOWN 0x07
	53	/* the IPMI timeout is 5s */
8584ec6a	54	#define IPMI_TIMEOUT (5000)
6b68f03f	55	#define ACPI_IPMI_MAX_MSG_LENGTH 64
e92b297c ZY	56
	57	struct acpi_ipmi_device {
	58	/* the device list attached to driver_data.ipmi_devices */
	59	struct list_head head;
	60	/* the IPMI request message list */
	61	struct list_head tx_msg_list;
06a8566b	62	spinlock_t tx_msg_lock;
e92b297c ZY	63	acpi_handle handle;
	64	struct pnp_dev *pnp_dev;
	65	ipmi_user_t user_interface;
	66	int ipmi_ifnum; /* IPMI interface number */
	67	long curr_msgid;
	68	unsigned long flags;
	69	struct ipmi_smi_info smi_data;
	70	};
	71
	72	struct ipmi_driver_data {
	73	struct list_head ipmi_devices;
	74	struct ipmi_smi_watcher bmc_events;
	75	struct ipmi_user_hndl ipmi_hndlrs;
	76	struct mutex ipmi_lock;
	77	};
	78
	79	struct acpi_ipmi_msg {
	80	struct list_head head;
	81	/*
	82	* General speaking the addr type should be SI_ADDR_TYPE. And
	83	* the addr channel should be BMC.
	84	* In fact it can also be IPMB type. But we will have to
	85	* parse it from the Netfn command buffer. It is so complex
	86	* that it is skipped.
	87	*/
	88	struct ipmi_addr addr;
	89	long tx_msgid;
	90	/* it is used to track whether the IPMI message is finished */
	91	struct completion tx_complete;
	92	struct kernel_ipmi_msg tx_message;
	93	int msg_done;
6b68f03f LZ	94	/* tx/rx data . And copy it from/to ACPI object buffer */
	95	u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
	96	u8 rx_len;
e92b297c ZY	97	struct acpi_ipmi_device *device;
	98	};
	99
	100	/* IPMI request/response buffer per ACPI 4.0, sec 5.5.2.4.3.2 */
	101	struct acpi_ipmi_buffer {
	102	u8 status;
	103	u8 length;
6b68f03f	104	u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
e92b297c ZY	105	};
	106
	107	static void ipmi_register_bmc(int iface, struct device *dev);
	108	static void ipmi_bmc_gone(int iface);
	109	static void ipmi_msg_handler(struct ipmi_recv_msg msg, void user_msg_data);
	110	static void acpi_add_ipmi_device(struct acpi_ipmi_device *ipmi_device);
	111	static void acpi_remove_ipmi_device(struct acpi_ipmi_device *ipmi_device);
	112
	113	static struct ipmi_driver_data driver_data = {
	114	.ipmi_devices = LIST_HEAD_INIT(driver_data.ipmi_devices),
	115	.bmc_events = {
	116	.owner = THIS_MODULE,
	117	.new_smi = ipmi_register_bmc,
	118	.smi_gone = ipmi_bmc_gone,
	119	},
	120	.ipmi_hndlrs = {
	121	.ipmi_recv_hndl = ipmi_msg_handler,
	122	},
	123	};
	124
	125	static struct acpi_ipmi_msg acpi_alloc_ipmi_msg(struct acpi_ipmi_device ipmi)
	126	{
	127	struct acpi_ipmi_msg *ipmi_msg;
	128	struct pnp_dev *pnp_dev = ipmi->pnp_dev;
	129
	130	ipmi_msg = kzalloc(sizeof(struct acpi_ipmi_msg), GFP_KERNEL);
	131	if (!ipmi_msg) {
	132	dev_warn(&pnp_dev->dev, "Can't allocate memory for ipmi_msg\n");
	133	return NULL;
	134	}
	135	init_completion(&ipmi_msg->tx_complete);
	136	INIT_LIST_HEAD(&ipmi_msg->head);
	137	ipmi_msg->device = ipmi;
8584ec6a	138	ipmi_msg->msg_done = ACPI_IPMI_UNKNOWN;
e92b297c ZY	139	return ipmi_msg;
	140	}
	141
	142	#define IPMI_OP_RGN_NETFN(offset) ((offset >> 8) & 0xff)
	143	#define IPMI_OP_RGN_CMD(offset) (offset & 0xff)
6b68f03f	144	static int acpi_format_ipmi_request(struct acpi_ipmi_msg *tx_msg,
e92b297c ZY	145	acpi_physical_address address,
	146	acpi_integer *value)
	147	{
	148	struct kernel_ipmi_msg *msg;
	149	struct acpi_ipmi_buffer *buffer;
	150	struct acpi_ipmi_device *device;
06a8566b	151	unsigned long flags;
e92b297c ZY	152
	153	msg = &tx_msg->tx_message;
	154	/*
	155	* IPMI network function and command are encoded in the address
	156	* within the IPMI OpRegion; see ACPI 4.0, sec 5.5.2.4.3.
	157	*/
	158	msg->netfn = IPMI_OP_RGN_NETFN(address);
	159	msg->cmd = IPMI_OP_RGN_CMD(address);
6b68f03f	160	msg->data = tx_msg->data;
e92b297c ZY	161	/*
	162	* value is the parameter passed by the IPMI opregion space handler.
	163	* It points to the IPMI request message buffer
	164	*/
	165	buffer = (struct acpi_ipmi_buffer *)value;
	166	/* copy the tx message data */
6b68f03f LZ	167	if (buffer->length > ACPI_IPMI_MAX_MSG_LENGTH) {
	168	dev_WARN_ONCE(&tx_msg->device->pnp_dev->dev, true,
	169	"Unexpected request (msg len %d).\n",
	170	buffer->length);
	171	return -EINVAL;
	172	}
e92b297c	173	msg->data_len = buffer->length;
6b68f03f	174	memcpy(tx_msg->data, buffer->data, msg->data_len);
e92b297c ZY	175	/*
	176	* now the default type is SYSTEM_INTERFACE and channel type is BMC.
	177	* If the netfn is APP_REQUEST and the cmd is SEND_MESSAGE,
	178	* the addr type should be changed to IPMB. Then we will have to parse
	179	* the IPMI request message buffer to get the IPMB address.
	180	* If so, please fix me.
	181	*/
	182	tx_msg->addr.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
	183	tx_msg->addr.channel = IPMI_BMC_CHANNEL;
	184	tx_msg->addr.data[0] = 0;
	185
	186	/* Get the msgid */
	187	device = tx_msg->device;
06a8566b	188	spin_lock_irqsave(&device->tx_msg_lock, flags);
e92b297c ZY	189	device->curr_msgid++;
e92b297c ZY	190	tx_msg->tx_msgid = device->curr_msgid;
06a8566b	191	spin_unlock_irqrestore(&device->tx_msg_lock, flags);
6b68f03f	192	return 0;
e92b297c ZY	193	}
	194
	195	static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg,
8584ec6a	196	acpi_integer *value)
e92b297c ZY	197	{
	198	struct acpi_ipmi_buffer *buffer;
	199
	200	/*
	201	* value is also used as output parameter. It represents the response
	202	* IPMI message returned by IPMI command.
	203	*/
	204	buffer = (struct acpi_ipmi_buffer *)value;
e92b297c	205	/*
8584ec6a LZ	206	* If the flag of msg_done is not set, it means that the IPMI command is
8584ec6a LZ	207	* not executed correctly.
e92b297c	208	*/
8584ec6a LZ	209	buffer->status = msg->msg_done;
8584ec6a LZ	210	if (msg->msg_done != ACPI_IPMI_OK)
e92b297c	211	return;
e92b297c ZY	212	/*
	213	* If the IPMI response message is obtained correctly, the status code
	214	* will be ACPI_IPMI_OK
	215	*/
e92b297c	216	buffer->length = msg->rx_len;
6b68f03f	217	memcpy(buffer->data, msg->data, msg->rx_len);
e92b297c ZY	218	}
	219
	220	static void ipmi_flush_tx_msg(struct acpi_ipmi_device *ipmi)
	221	{
	222	struct acpi_ipmi_msg tx_msg, temp;
	223	int count = HZ / 10;
	224	struct pnp_dev *pnp_dev = ipmi->pnp_dev;
5ac557ef	225	unsigned long flags;
e92b297c	226
5ac557ef	227	spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
e92b297c ZY	228	list_for_each_entry_safe(tx_msg, temp, &ipmi->tx_msg_list, head) {
	229	/* wake up the sleep thread on the Tx msg */
	230	complete(&tx_msg->tx_complete);
	231	}
5ac557ef	232	spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
e92b297c ZY	233
	234	/* wait for about 100ms to flush the tx message list */
	235	while (count--) {
	236	if (list_empty(&ipmi->tx_msg_list))
	237	break;
	238	schedule_timeout(1);
	239	}
	240	if (!list_empty(&ipmi->tx_msg_list))
	241	dev_warn(&pnp_dev->dev, "tx msg list is not NULL\n");
	242	}
	243
	244	static void ipmi_msg_handler(struct ipmi_recv_msg msg, void user_msg_data)
	245	{
	246	struct acpi_ipmi_device *ipmi_device = user_msg_data;
	247	int msg_found = 0;
	248	struct acpi_ipmi_msg *tx_msg;
	249	struct pnp_dev *pnp_dev = ipmi_device->pnp_dev;
06a8566b	250	unsigned long flags;
e92b297c ZY	251
	252	if (msg->user != ipmi_device->user_interface) {
	253	dev_warn(&pnp_dev->dev, "Unexpected response is returned. "
	254	"returned user %p, expected user %p\n",
	255	msg->user, ipmi_device->user_interface);
6b68f03f	256	goto out_msg;
e92b297c	257	}
06a8566b	258	spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
e92b297c ZY	259	list_for_each_entry(tx_msg, &ipmi_device->tx_msg_list, head) {
	260	if (msg->msgid == tx_msg->tx_msgid) {
	261	msg_found = 1;
	262	break;
	263	}
	264	}
	265
e92b297c ZY	266	if (!msg_found) {
	267	dev_warn(&pnp_dev->dev, "Unexpected response (msg id %ld) is "
	268	"returned.\n", msg->msgid);
5ac557ef	269	goto out_lock;
e92b297c ZY	270	}
e92b297c ZY	271
6b68f03f LZ	272	/* copy the response data to Rx_data buffer */
	273	if (msg->msg.data_len > ACPI_IPMI_MAX_MSG_LENGTH) {
	274	dev_WARN_ONCE(&pnp_dev->dev, true,
	275	"Unexpected response (msg len %d).\n",
	276	msg->msg.data_len);
8584ec6a	277	goto out_comp;
e92b297c	278	}
8584ec6a LZ	279	/* response msg is an error msg */
	280	msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
	281	if (msg->recv_type == IPMI_RESPONSE_RECV_TYPE &&
	282	msg->msg.data_len == 1) {
	283	if (msg->msg.data[0] == IPMI_TIMEOUT_COMPLETION_CODE) {
	284	dev_WARN_ONCE(&pnp_dev->dev, true,
	285	"Unexpected response (timeout).\n");
	286	tx_msg->msg_done = ACPI_IPMI_TIMEOUT;
	287	}
	288	goto out_comp;
	289	}
	290	tx_msg->rx_len = msg->msg.data_len;
	291	memcpy(tx_msg->data, msg->msg.data, tx_msg->rx_len);
	292	tx_msg->msg_done = ACPI_IPMI_OK;
	293	out_comp:
e92b297c	294	complete(&tx_msg->tx_complete);
5ac557ef LZ	295	out_lock:
5ac557ef LZ	296	spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
6b68f03f	297	out_msg:
e92b297c ZY	298	ipmi_free_recv_msg(msg);
	299	};
	300
	301	static void ipmi_register_bmc(int iface, struct device *dev)
	302	{
	303	struct acpi_ipmi_device ipmi_device, temp;
	304	struct pnp_dev *pnp_dev;
	305	ipmi_user_t user;
	306	int err;
	307	struct ipmi_smi_info smi_data;
	308	acpi_handle handle;
	309
	310	err = ipmi_get_smi_info(iface, &smi_data);
	311
	312	if (err)
	313	return;
	314
	315	if (smi_data.addr_src != SI_ACPI) {
	316	put_device(smi_data.dev);
	317	return;
	318	}
	319
	320	handle = smi_data.addr_info.acpi_info.acpi_handle;
	321
	322	mutex_lock(&driver_data.ipmi_lock);
	323	list_for_each_entry(temp, &driver_data.ipmi_devices, head) {
	324	/*
	325	* if the corresponding ACPI handle is already added
	326	* to the device list, don't add it again.
	327	*/
	328	if (temp->handle == handle)
	329	goto out;
	330	}
	331
	332	ipmi_device = kzalloc(sizeof(*ipmi_device), GFP_KERNEL);
	333
	334	if (!ipmi_device)
	335	goto out;
	336
	337	pnp_dev = to_pnp_dev(smi_data.dev);
	338	ipmi_device->handle = handle;
	339	ipmi_device->pnp_dev = pnp_dev;
	340
	341	err = ipmi_create_user(iface, &driver_data.ipmi_hndlrs,
	342	ipmi_device, &user);
	343	if (err) {
	344	dev_warn(&pnp_dev->dev, "Can't create IPMI user interface\n");
	345	kfree(ipmi_device);
	346	goto out;
	347	}
	348	acpi_add_ipmi_device(ipmi_device);
	349	ipmi_device->user_interface = user;
	350	ipmi_device->ipmi_ifnum = iface;
	351	mutex_unlock(&driver_data.ipmi_lock);
	352	memcpy(&ipmi_device->smi_data, &smi_data, sizeof(struct ipmi_smi_info));
	353	return;
	354
	355	out:
	356	mutex_unlock(&driver_data.ipmi_lock);
	357	put_device(smi_data.dev);
	358	return;
	359	}
	360
	361	static void ipmi_bmc_gone(int iface)
362	{
363	struct acpi_ipmi_device ipmi_device, temp;
364
365	mutex_lock(&driver_data.ipmi_lock);
366	list_for_each_entry_safe(ipmi_device, temp,
367	&driver_data.ipmi_devices, head) {
368	if (ipmi_device->ipmi_ifnum != iface)
369	continue;
370
371	acpi_remove_ipmi_device(ipmi_device);
372	put_device(ipmi_device->smi_data.dev);
373	kfree(ipmi_device);
374	break;
375	}
376	mutex_unlock(&driver_data.ipmi_lock);
377	}
378	/* --------------------------------------------------------------------------
379	* Address Space Management
380	* -------------------------------------------------------------------------- */
381	/*
382	* This is the IPMI opregion space handler.
383	* @function: indicates the read/write. In fact as the IPMI message is driven
384	* by command, only write is meaningful.
385	* @address: This contains the netfn/command of IPMI request message.
386	* @bits : not used.
387	* @value : it is an in/out parameter. It points to the IPMI message buffer.
388	* Before the IPMI message is sent, it represents the actual request
389	* IPMI message. After the IPMI message is finished, it represents
390	* the response IPMI message returned by IPMI command.
391	* @handler_context: IPMI device context.
392	*/
393
394	static acpi_status
395	acpi_ipmi_space_handler(u32 function, acpi_physical_address address,
396	u32 bits, acpi_integer *value,
397	void handler_context, void region_context)
398	{
399	struct acpi_ipmi_msg *tx_msg;
400	struct acpi_ipmi_device *ipmi_device = handler_context;
8584ec6a	401	int err;
e92b297c	402	acpi_status status;
06a8566b	403	unsigned long flags;
e92b297c ZY	404	/*
	405	* IPMI opregion message.
	406	* IPMI message is firstly written to the BMC and system software
	407	* can get the respsonse. So it is unmeaningful for the read access
	408	* of IPMI opregion.
	409	*/
	410	if ((function & ACPI_IO_MASK) == ACPI_READ)
	411	return AE_TYPE;
	412
	413	if (!ipmi_device->user_interface)
	414	return AE_NOT_EXIST;
	415
	416	tx_msg = acpi_alloc_ipmi_msg(ipmi_device);
	417	if (!tx_msg)
	418	return AE_NO_MEMORY;
	419
6b68f03f LZ	420	if (acpi_format_ipmi_request(tx_msg, address, value) != 0) {
	421	status = AE_TYPE;
	422	goto out_msg;
	423	}
06a8566b	424	spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
e92b297c	425	list_add_tail(&tx_msg->head, &ipmi_device->tx_msg_list);
06a8566b	426	spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
e92b297c ZY	427	err = ipmi_request_settime(ipmi_device->user_interface,
	428	&tx_msg->addr,
	429	tx_msg->tx_msgid,
	430	&tx_msg->tx_message,
8584ec6a	431	NULL, 0, 0, IPMI_TIMEOUT);
e92b297c ZY	432	if (err) {
e92b297c ZY	433	status = AE_ERROR;
6b68f03f	434	goto out_list;
e92b297c	435	}
8584ec6a LZ	436	wait_for_completion(&tx_msg->tx_complete);
8584ec6a LZ	437	acpi_format_ipmi_response(tx_msg, value);
e92b297c ZY	438	status = AE_OK;
e92b297c ZY	439
6b68f03f	440	out_list:
06a8566b	441	spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
e92b297c	442	list_del(&tx_msg->head);
06a8566b	443	spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
6b68f03f	444	out_msg:
e92b297c ZY	445	kfree(tx_msg);
	446	return status;
	447	}
	448
	449	static void ipmi_remove_space_handler(struct acpi_ipmi_device *ipmi)
	450	{
	451	if (!test_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags))
	452	return;
	453
	454	acpi_remove_address_space_handler(ipmi->handle,
	455	ACPI_ADR_SPACE_IPMI, &acpi_ipmi_space_handler);
	456
	457	clear_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags);
	458	}
	459
	460	static int ipmi_install_space_handler(struct acpi_ipmi_device *ipmi)
	461	{
	462	acpi_status status;
	463
	464	if (test_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags))
	465	return 0;
	466
	467	status = acpi_install_address_space_handler(ipmi->handle,
	468	ACPI_ADR_SPACE_IPMI,
	469	&acpi_ipmi_space_handler,
	470	NULL, ipmi);
	471	if (ACPI_FAILURE(status)) {
	472	struct pnp_dev *pnp_dev = ipmi->pnp_dev;
	473	dev_warn(&pnp_dev->dev, "Can't register IPMI opregion space "
	474	"handle\n");
	475	return -EINVAL;
	476	}
	477	set_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags);
	478	return 0;
	479	}
	480
	481	static void acpi_add_ipmi_device(struct acpi_ipmi_device *ipmi_device)
	482	{
	483
	484	INIT_LIST_HEAD(&ipmi_device->head);
	485
06a8566b	486	spin_lock_init(&ipmi_device->tx_msg_lock);
e92b297c ZY	487	INIT_LIST_HEAD(&ipmi_device->tx_msg_list);
	488	ipmi_install_space_handler(ipmi_device);
	489
	490	list_add_tail(&ipmi_device->head, &driver_data.ipmi_devices);
	491	}
	492
	493	static void acpi_remove_ipmi_device(struct acpi_ipmi_device *ipmi_device)
	494	{
	495	/*
	496	* If the IPMI user interface is created, it should be
	497	* destroyed.
	498	*/
	499	if (ipmi_device->user_interface) {
	500	ipmi_destroy_user(ipmi_device->user_interface);
	501	ipmi_device->user_interface = NULL;
	502	}
	503	/* flush the Tx_msg list */
	504	if (!list_empty(&ipmi_device->tx_msg_list))
	505	ipmi_flush_tx_msg(ipmi_device);
	506
	507	list_del(&ipmi_device->head);
	508	ipmi_remove_space_handler(ipmi_device);
	509	}
	510
	511	static int __init acpi_ipmi_init(void)
	512	{
	513	int result = 0;
	514
	515	if (acpi_disabled)
	516	return result;
	517
	518	mutex_init(&driver_data.ipmi_lock);
	519
	520	result = ipmi_smi_watcher_register(&driver_data.bmc_events);
	521
	522	return result;
	523	}
	524
	525	static void __exit acpi_ipmi_exit(void)
	526	{
	527	struct acpi_ipmi_device ipmi_device, temp;
	528
	529	if (acpi_disabled)
	530	return;
	531
	532	ipmi_smi_watcher_unregister(&driver_data.bmc_events);
	533
	534	/*
	535	* When one smi_watcher is unregistered, it is only deleted
	536	* from the smi_watcher list. But the smi_gone callback function
	537	* is not called. So explicitly uninstall the ACPI IPMI oregion
	538	* handler and free it.
	539	*/
	540	mutex_lock(&driver_data.ipmi_lock);
	541	list_for_each_entry_safe(ipmi_device, temp,
	542	&driver_data.ipmi_devices, head) {
	543	acpi_remove_ipmi_device(ipmi_device);
	544	put_device(ipmi_device->smi_data.dev);
	545	kfree(ipmi_device);
	546	}
	547	mutex_unlock(&driver_data.ipmi_lock);
	548	}
	549
	550	module_init(acpi_ipmi_init);
551	module_exit(acpi_ipmi_exit);