]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - drivers/char/ipmi/ipmi_msghandler.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ipmi: Move bmc find routing to below bmc device type
[mirror_ubuntu-bionic-kernel.git] / drivers / char / ipmi / ipmi_msghandler.c
CommitLineData
1da177e4
LT		 1/*
2 * ipmi_msghandler.c
3 *
4 * Incoming and outgoing message routing for an IPMI interface.
5 *
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
8 * source@mvista.com
9 *
10 * Copyright 2002 MontaVista Software Inc.
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
16 *
17 *
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 *
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
32 */
33
1da177e4
LT		 34#include <linux/module.h>
35#include <linux/errno.h>
1da177e4 36#include <linux/poll.h>
a99bbaf5 37#include <linux/sched.h>
07412736 38#include <linux/seq_file.h>
1da177e4 39#include <linux/spinlock.h>
d6dfd131 40#include <linux/mutex.h>
1da177e4
LT		 41#include <linux/slab.h>
42#include <linux/ipmi.h>
43#include <linux/ipmi_smi.h>
44#include <linux/notifier.h>
45#include <linux/init.h>
46#include <linux/proc_fs.h>
393d2cc3 47#include <linux/rcupdate.h>
7adf579c 48#include <linux/interrupt.h>
1c9f98d1 49#include <linux/moduleparam.h>
1da177e4
LT		 50
51#define PFX "IPMI message handler: "
1fdd75bd 52
f7caa1b5 53#define IPMI_DRIVER_VERSION "39.2"
1da177e4
LT		 54
55static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
56static int ipmi_init_msghandler(void);
7adf579c
CM		 57static void smi_recv_tasklet(unsigned long);
58static void handle_new_recv_msgs(ipmi_smi_t intf);
89986496 59static void need_waiter(ipmi_smi_t intf);
7ea0ed2b
CM		 60static int handle_one_recv_msg(ipmi_smi_t intf,
61 struct ipmi_smi_msg *msg);
1da177e4 62
0c8204b3 63static int initialized;
1da177e4 64
1c9f98d1
CM		 65enum ipmi_panic_event_op {
66 IPMI_SEND_PANIC_EVENT_NONE,
67 IPMI_SEND_PANIC_EVENT,
68 IPMI_SEND_PANIC_EVENT_STRING
69};
70#ifdef CONFIG_IPMI_PANIC_STRING
71#define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT_STRING
72#elif defined(CONFIG_IPMI_PANIC_EVENT)
73#define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT
74#else
75#define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT_NONE
76#endif
77static enum ipmi_panic_event_op ipmi_send_panic_event = IPMI_PANIC_DEFAULT;
78
79static int panic_op_write_handler(const char *val,
80 const struct kernel_param *kp)
81{
82 char valcp[16];
83 char *s;
84
85 strncpy(valcp, val, 16);
86 valcp[15] = '\0';
87
88 s = strstrip(valcp);
89
90 if (strcmp(s, "none") == 0)
91 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT_NONE;
92 else if (strcmp(s, "event") == 0)
93 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT;
94 else if (strcmp(s, "string") == 0)
95 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT_STRING;
96 else
97 return -EINVAL;
98
99 return 0;
100}
101
102static int panic_op_read_handler(char *buffer, const struct kernel_param *kp)
103{
104 switch (ipmi_send_panic_event) {
105 case IPMI_SEND_PANIC_EVENT_NONE:
106 strcpy(buffer, "none");
107 break;
108
109 case IPMI_SEND_PANIC_EVENT:
110 strcpy(buffer, "event");
111 break;
112
113 case IPMI_SEND_PANIC_EVENT_STRING:
114 strcpy(buffer, "string");
115 break;
116
117 default:
118 strcpy(buffer, "???");
119 break;
120 }
121
122 return strlen(buffer);
123}
124
125static const struct kernel_param_ops panic_op_ops = {
126 .set = panic_op_write_handler,
127 .get = panic_op_read_handler
128};
129module_param_cb(panic_op, &panic_op_ops, NULL, 0600);
130MODULE_PARM_DESC(panic_op, "Sets if the IPMI driver will attempt to store panic information in the event log in the event of a panic. Set to 'none' for no, 'event' for a single event, or 'string' for a generic event and the panic string in IPMI OEM events.");
131
132
3b625943 133#ifdef CONFIG_PROC_FS
0c8204b3 134static struct proc_dir_entry *proc_ipmi_root;
3b625943 135#endif /* CONFIG_PROC_FS */
1da177e4 136
b9675136
CM		 137/* Remain in auto-maintenance mode for this amount of time (in ms). */
138#define IPMI_MAINTENANCE_MODE_TIMEOUT 30000
139
1da177e4
LT		 140#define MAX_EVENTS_IN_QUEUE 25
141
c70d7499
CM		 142/*
143 * Don't let a message sit in a queue forever, always time it with at lest
144 * the max message timer. This is in milliseconds.
145 */
1da177e4
LT		 146#define MAX_MSG_TIMEOUT 60000
147
89986496
CM		 148/* Call every ~1000 ms. */
149#define IPMI_TIMEOUT_TIME 1000
150
151/* How many jiffies does it take to get to the timeout time. */
152#define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
153
154/*
155 * Request events from the queue every second (this is the number of
156 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
157 * future, IPMI will add a way to know immediately if an event is in
158 * the queue and this silliness can go away.
159 */
160#define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
161
393d2cc3
CM		 162/*
163 * The main "user" data structure.
164 */
c70d7499 165struct ipmi_user {
1da177e4
LT		 166 struct list_head link;
167
7aefac26
CM		 168 /* Set to false when the user is destroyed. */
169 bool valid;
393d2cc3
CM		 170
171 struct kref refcount;
172
1da177e4 173 /* The upper layer that handles receive messages. */
210af2a5 174 const struct ipmi_user_hndl *handler;
1da177e4
LT		 175 void *handler_data;
176
177 /* The interface this user is bound to. */
178 ipmi_smi_t intf;
179
180 /* Does this interface receive IPMI events? */
89986496 181 bool gets_events;
1da177e4
LT		 182};
183
c70d7499 184struct cmd_rcvr {
1da177e4
LT		 185 struct list_head link;
186
187 ipmi_user_t user;
188 unsigned char netfn;
189 unsigned char cmd;
c69c3127 190 unsigned int chans;
393d2cc3
CM		 191
192 /*
193 * This is used to form a linked lised during mass deletion.
194 * Since this is in an RCU list, we cannot use the link above
195 * or change any data until the RCU period completes. So we
196 * use this next variable during mass deletion so we can have
197 * a list and don't have to wait and restart the search on
c70d7499
CM		 198 * every individual deletion of a command.
199 */
393d2cc3 200 struct cmd_rcvr *next;
1da177e4
LT		 201};
202
c70d7499 203struct seq_table {
1da177e4
LT		 204 unsigned int inuse : 1;
205 unsigned int broadcast : 1;
206
207 unsigned long timeout;
208 unsigned long orig_timeout;
209 unsigned int retries_left;
210
c70d7499
CM		 211 /*
212 * To verify on an incoming send message response that this is
213 * the message that the response is for, we keep a sequence id
214 * and increment it every time we send a message.
215 */
1da177e4
LT		 216 long seqid;
217
c70d7499
CM		 218 /*
219 * This is held so we can properly respond to the message on a
220 * timeout, and it is used to hold the temporary data for
221 * retransmission, too.
222 */
1da177e4
LT		 223 struct ipmi_recv_msg *recv_msg;
224};
225
c70d7499
CM		 226/*
227 * Store the information in a msgid (long) to allow us to find a
228 * sequence table entry from the msgid.
229 */
a24b5dd5
CM		 230#define STORE_SEQ_IN_MSGID(seq, seqid) \
231 ((((seq) & 0x3f) << 26) | ((seqid) & 0x3ffffff))
1da177e4
LT		 232
233#define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
234 do { \
a24b5dd5
CM		 235 seq = (((msgid) >> 26) & 0x3f); \
236 seqid = ((msgid) & 0x3ffffff); \
c70d7499 237 } while (0)
1da177e4 238
a24b5dd5 239#define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3ffffff)
1da177e4 240
c70d7499 241struct ipmi_channel {
1da177e4
LT		 242 unsigned char medium;
243 unsigned char protocol;
c14979b9 244
c70d7499
CM		 245 /*
246 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
247 * but may be changed by the user.
248 */
c14979b9
CM		 249 unsigned char address;
250
c70d7499
CM		 251 /*
252 * My LUN. This should generally stay the SMS LUN, but just in
253 * case...
254 */
c14979b9 255 unsigned char lun;
1da177e4
LT		 256};
257
3b625943 258#ifdef CONFIG_PROC_FS
c70d7499 259struct ipmi_proc_entry {
1da177e4
LT		 260 char *name;
261 struct ipmi_proc_entry *next;
262};
3b625943 263#endif
1da177e4 264
c70d7499 265struct bmc_device {
16639eb0 266 struct platform_device pdev;
50c812b2
CM		 267 struct ipmi_device_id id;
268 unsigned char guid[16];
269 int guid_set;
16639eb0
CM		 270 char name[16];
271 struct kref usecount;
50c812b2 272};
16639eb0 273#define to_bmc_device(x) container_of((x), struct bmc_device, pdev.dev)
50c812b2 274
b2655f26
KB		 275/*
276 * Various statistics for IPMI, these index stats[] in the ipmi_smi
277 * structure.
278 */
73f2bdb9
CM		 279enum ipmi_stat_indexes {
280 /* Commands we got from the user that were invalid. */
281 IPMI_STAT_sent_invalid_commands = 0,
b2655f26 282
73f2bdb9
CM		 283 /* Commands we sent to the MC. */
284 IPMI_STAT_sent_local_commands,
b2655f26 285
73f2bdb9
CM		 286 /* Responses from the MC that were delivered to a user. */
287 IPMI_STAT_handled_local_responses,
b2655f26 288
73f2bdb9
CM		 289 /* Responses from the MC that were not delivered to a user. */
290 IPMI_STAT_unhandled_local_responses,
b2655f26 291
73f2bdb9
CM		 292 /* Commands we sent out to the IPMB bus. */
293 IPMI_STAT_sent_ipmb_commands,
b2655f26 294
73f2bdb9
CM		 295 /* Commands sent on the IPMB that had errors on the SEND CMD */
296 IPMI_STAT_sent_ipmb_command_errs,
b2655f26 297
73f2bdb9
CM		 298 /* Each retransmit increments this count. */
299 IPMI_STAT_retransmitted_ipmb_commands,
b2655f26 300
73f2bdb9
CM		 301 /*
302 * When a message times out (runs out of retransmits) this is
303 * incremented.
304 */
305 IPMI_STAT_timed_out_ipmb_commands,
b2655f26 306
73f2bdb9
CM		 307 /*
308 * This is like above, but for broadcasts. Broadcasts are
309 * *not* included in the above count (they are expected to
310 * time out).
311 */
312 IPMI_STAT_timed_out_ipmb_broadcasts,
b2655f26 313
73f2bdb9
CM		 314 /* Responses I have sent to the IPMB bus. */
315 IPMI_STAT_sent_ipmb_responses,
b2655f26 316
73f2bdb9
CM		 317 /* The response was delivered to the user. */
318 IPMI_STAT_handled_ipmb_responses,
b2655f26 319
73f2bdb9
CM		 320 /* The response had invalid data in it. */
321 IPMI_STAT_invalid_ipmb_responses,
b2655f26 322
73f2bdb9
CM		 323 /* The response didn't have anyone waiting for it. */
324 IPMI_STAT_unhandled_ipmb_responses,
b2655f26 325
73f2bdb9
CM		 326 /* Commands we sent out to the IPMB bus. */
327 IPMI_STAT_sent_lan_commands,
b2655f26 328
73f2bdb9
CM		 329 /* Commands sent on the IPMB that had errors on the SEND CMD */
330 IPMI_STAT_sent_lan_command_errs,
b2655f26 331
73f2bdb9
CM		 332 /* Each retransmit increments this count. */
333 IPMI_STAT_retransmitted_lan_commands,
b2655f26 334
73f2bdb9
CM		 335 /*
336 * When a message times out (runs out of retransmits) this is
337 * incremented.
338 */
339 IPMI_STAT_timed_out_lan_commands,
340
341 /* Responses I have sent to the IPMB bus. */
342 IPMI_STAT_sent_lan_responses,
b2655f26 343
73f2bdb9
CM		 344 /* The response was delivered to the user. */
345 IPMI_STAT_handled_lan_responses,
b2655f26 346
73f2bdb9
CM		 347 /* The response had invalid data in it. */
348 IPMI_STAT_invalid_lan_responses,
b2655f26 349
73f2bdb9
CM		 350 /* The response didn't have anyone waiting for it. */
351 IPMI_STAT_unhandled_lan_responses,
b2655f26 352
73f2bdb9
CM		 353 /* The command was delivered to the user. */
354 IPMI_STAT_handled_commands,
b2655f26 355
73f2bdb9
CM		 356 /* The command had invalid data in it. */
357 IPMI_STAT_invalid_commands,
b2655f26 358
73f2bdb9
CM		 359 /* The command didn't have anyone waiting for it. */
360 IPMI_STAT_unhandled_commands,
b2655f26 361
73f2bdb9
CM		 362 /* Invalid data in an event. */
363 IPMI_STAT_invalid_events,
b2655f26 364
73f2bdb9
CM		 365 /* Events that were received with the proper format. */
366 IPMI_STAT_events,
b2655f26 367
25176ed6
CM		 368 /* Retransmissions on IPMB that failed. */
369 IPMI_STAT_dropped_rexmit_ipmb_commands,
370
371 /* Retransmissions on LAN that failed. */
372 IPMI_STAT_dropped_rexmit_lan_commands,
b2655f26 373
73f2bdb9
CM		 374 /* This *must* remain last, add new values above this. */
375 IPMI_NUM_STATS
376};
b2655f26
KB		 377
378
1da177e4 379#define IPMI_IPMB_NUM_SEQ 64
c14979b9 380#define IPMI_MAX_CHANNELS 16
c70d7499 381struct ipmi_smi {
1da177e4
LT		 382 /* What interface number are we? */
383 int intf_num;
384
393d2cc3
CM		 385 struct kref refcount;
386
7ea0ed2b
CM		 387 /* Set when the interface is being unregistered. */
388 bool in_shutdown;
389
bca0324d
CM		 390 /* Used for a list of interfaces. */
391 struct list_head link;
392
c70d7499
CM		 393 /*
394 * The list of upper layers that are using me. seq_lock
395 * protects this.
396 */
393d2cc3 397 struct list_head users;
1da177e4 398
b2c03941
CM		 399 /* Information to supply to users. */
400 unsigned char ipmi_version_major;
401 unsigned char ipmi_version_minor;
402
1da177e4
LT		 403 /* Used for wake ups at startup. */
404 wait_queue_head_t waitq;
405
50c812b2
CM		 406 struct bmc_device *bmc;
407 char *my_dev_name;
1da177e4 408
c70d7499
CM		 409 /*
410 * This is the lower-layer's sender routine. Note that you
b2c03941
CM		 411 * must either be holding the ipmi_interfaces_mutex or be in
412 * an umpreemptible region to use this. You must fetch the
c70d7499
CM		 413 * value into a local variable and make sure it is not NULL.
414 */
81d02b7f 415 const struct ipmi_smi_handlers *handlers;
1da177e4
LT		 416 void *send_info;
417
3b625943 418#ifdef CONFIG_PROC_FS
ac019151
CM		 419 /* A list of proc entries for this interface. */
420 struct mutex proc_entry_lock;
1da177e4 421 struct ipmi_proc_entry *proc_entries;
3b625943 422#endif
1da177e4 423
50c812b2
CM		 424 /* Driver-model device for the system interface. */
425 struct device *si_dev;
426
c70d7499
CM		 427 /*
428 * A table of sequence numbers for this interface. We use the
429 * sequence numbers for IPMB messages that go out of the
430 * interface to match them up with their responses. A routine
431 * is called periodically to time the items in this list.
432 */
1da177e4
LT		 433 spinlock_t seq_lock;
434 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
435 int curr_seq;
436
c70d7499 437 /*
7adf579c
CM		 438 * Messages queued for delivery. If delivery fails (out of memory
439 * for instance), They will stay in here to be processed later in a
440 * periodic timer interrupt. The tasklet is for handling received
441 * messages directly from the handler.
c70d7499 442 */
65be7544
CM		 443 spinlock_t waiting_rcv_msgs_lock;
444 struct list_head waiting_rcv_msgs;
7adf579c
CM		 445 atomic_t watchdog_pretimeouts_to_deliver;
446 struct tasklet_struct recv_tasklet;
1da177e4 447
7ea0ed2b
CM		 448 spinlock_t xmit_msgs_lock;
449 struct list_head xmit_msgs;
450 struct ipmi_smi_msg *curr_msg;
451 struct list_head hp_xmit_msgs;
452
c70d7499
CM		 453 /*
454 * The list of command receivers that are registered for commands
455 * on this interface.
456 */
d6dfd131 457 struct mutex cmd_rcvrs_mutex;
1da177e4
LT		 458 struct list_head cmd_rcvrs;
459
c70d7499
CM		 460 /*
461 * Events that were queues because no one was there to receive
462 * them.
463 */
1da177e4
LT		 464 spinlock_t events_lock; /* For dealing with event stuff. */
465 struct list_head waiting_events;
466 unsigned int waiting_events_count; /* How many events in queue? */
87ebd06f
CM		 467 char delivering_events;
468 char event_msg_printed;
89986496
CM		 469 atomic_t event_waiters;
470 unsigned int ticks_to_req_ev;
471 int last_needs_timer;
1da177e4 472
c70d7499
CM		 473 /*
474 * The event receiver for my BMC, only really used at panic
475 * shutdown as a place to store this.
476 */
1da177e4
LT		 477 unsigned char event_receiver;
478 unsigned char event_receiver_lun;
479 unsigned char local_sel_device;
480 unsigned char local_event_generator;
481
b9675136
CM		 482 /* For handling of maintenance mode. */
483 int maintenance_mode;
7aefac26 484 bool maintenance_mode_enable;
b9675136
CM		 485 int auto_maintenance_timeout;
486 spinlock_t maintenance_mode_lock; /* Used in a timer... */
487
c70d7499
CM		 488 /*
489 * A cheap hack, if this is non-null and a message to an
490 * interface comes in with a NULL user, call this routine with
491 * it. Note that the message will still be freed by the
492 * caller. This only works on the system interface.
493 */
56a55ec6 494 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg);
1da177e4 495
c70d7499
CM		 496 /*
497 * When we are scanning the channels for an SMI, this will
498 * tell which channel we are scanning.
499 */
1da177e4
LT		 500 int curr_channel;
501
502 /* Channel information */
503 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
504
505 /* Proc FS stuff. */
506 struct proc_dir_entry *proc_dir;
507 char proc_dir_name[10];
508
b2655f26 509 atomic_t stats[IPMI_NUM_STATS];
5956dce1
KB		 510
511 /*
512 * run_to_completion duplicate of smb_info, smi_info
513 * and ipmi_serial_info structures. Used to decrease numbers of
514 * parameters passed by "low" level IPMI code.
515 */
516 int run_to_completion;
1da177e4 517};
50c812b2 518#define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev)
1da177e4 519
50c812b2
CM		 520/**
521 * The driver model view of the IPMI messaging driver.
522 */
fe2d5ffc
DW		 523static struct platform_driver ipmidriver = {
524 .driver = {
525 .name = "ipmi",
526 .bus = &platform_bus_type
527 }
50c812b2
CM		 528};
529static DEFINE_MUTEX(ipmidriver_mutex);
530
bed9759b 531static LIST_HEAD(ipmi_interfaces);
bca0324d 532static DEFINE_MUTEX(ipmi_interfaces_mutex);
1da177e4 533
c70d7499
CM		 534/*
535 * List of watchers that want to know when smi's are added and deleted.
536 */
bed9759b 537static LIST_HEAD(smi_watchers);
b2c03941 538static DEFINE_MUTEX(smi_watchers_mutex);
1da177e4 539
b2655f26
KB		 540#define ipmi_inc_stat(intf, stat) \
541 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat])
542#define ipmi_get_stat(intf, stat) \
543 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat]))
544
99ee6735
LC		 545static const char * const addr_src_to_str[] = {
546 "invalid", "hotmod", "hardcoded", "SPMI", "ACPI", "SMBIOS", "PCI",
b07b58a3 547 "device-tree"
99ee6735 548};
7e50387b
CM		 549
550const char *ipmi_addr_src_to_str(enum ipmi_addr_src src)
551{
b07b58a3 552 if (src >= SI_LAST)
7e50387b
CM		 553 src = 0; /* Invalid */
554 return addr_src_to_str[src];
555}
556EXPORT_SYMBOL(ipmi_addr_src_to_str);
557
25176ed6
CM		 558static int is_lan_addr(struct ipmi_addr *addr)
559{
560 return addr->addr_type == IPMI_LAN_ADDR_TYPE;
561}
562
563static int is_ipmb_addr(struct ipmi_addr *addr)
564{
565 return addr->addr_type == IPMI_IPMB_ADDR_TYPE;
566}
567
568static int is_ipmb_bcast_addr(struct ipmi_addr *addr)
569{
570 return addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE;
571}
b2655f26 572
393d2cc3
CM		 573static void free_recv_msg_list(struct list_head *q)
574{
575 struct ipmi_recv_msg *msg, *msg2;
576
577 list_for_each_entry_safe(msg, msg2, q, link) {
578 list_del(&msg->link);
579 ipmi_free_recv_msg(msg);
580 }
581}
582
f3ce6a0e
CM		 583static void free_smi_msg_list(struct list_head *q)
584{
585 struct ipmi_smi_msg *msg, *msg2;
586
587 list_for_each_entry_safe(msg, msg2, q, link) {
588 list_del(&msg->link);
589 ipmi_free_smi_msg(msg);
590 }
591}
592
393d2cc3
CM		 593static void clean_up_interface_data(ipmi_smi_t intf)
594{
595 int i;
596 struct cmd_rcvr *rcvr, *rcvr2;
393d2cc3
CM		 597 struct list_head list;
598
7adf579c
CM		 599 tasklet_kill(&intf->recv_tasklet);
600
65be7544 601 free_smi_msg_list(&intf->waiting_rcv_msgs);
393d2cc3
CM		 602 free_recv_msg_list(&intf->waiting_events);
603
78ba2faf
CM		 604 /*
605 * Wholesale remove all the entries from the list in the
606 * interface and wait for RCU to know that none are in use.
607 */
d6dfd131 608 mutex_lock(&intf->cmd_rcvrs_mutex);
78ba2faf
CM		 609 INIT_LIST_HEAD(&list);
610 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu);
d6dfd131 611 mutex_unlock(&intf->cmd_rcvrs_mutex);
393d2cc3
CM		 612
613 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
614 kfree(rcvr);
615
616 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
617 if ((intf->seq_table[i].inuse)
c70d7499 618 && (intf->seq_table[i].recv_msg))
393d2cc3 619 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
393d2cc3
CM		 620 }
621}
622
623static void intf_free(struct kref *ref)
624{
625 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount);
626
627 clean_up_interface_data(intf);
628 kfree(intf);
629}
630
bca0324d 631struct watcher_entry {
b2c03941
CM		 632 int intf_num;
633 ipmi_smi_t intf;
bca0324d 634 struct list_head link;
bca0324d
CM		 635};
636
1da177e4
LT		 637int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
638{
bca0324d 639 ipmi_smi_t intf;
e381d1c4 640 LIST_HEAD(to_deliver);
bca0324d
CM		 641 struct watcher_entry *e, *e2;
642
b2c03941
CM		 643 mutex_lock(&smi_watchers_mutex);
644
bca0324d
CM		 645 mutex_lock(&ipmi_interfaces_mutex);
646
b2c03941 647 /* Build a list of things to deliver. */
78ba2faf 648 list_for_each_entry(intf, &ipmi_interfaces, link) {
bca0324d
CM		 649 if (intf->intf_num == -1)
650 continue;
651 e = kmalloc(sizeof(*e), GFP_KERNEL);
652 if (!e)
653 goto out_err;
b2c03941
CM		 654 kref_get(&intf->refcount);
655 e->intf = intf;
bca0324d
CM		 656 e->intf_num = intf->intf_num;
657 list_add_tail(&e->link, &to_deliver);
658 }
1da177e4 659
b2c03941
CM		 660 /* We will succeed, so add it to the list. */
661 list_add(&watcher->link, &smi_watchers);
bca0324d
CM		 662
663 mutex_unlock(&ipmi_interfaces_mutex);
664
665 list_for_each_entry_safe(e, e2, &to_deliver, link) {
666 list_del(&e->link);
b2c03941
CM		 667 watcher->new_smi(e->intf_num, e->intf->si_dev);
668 kref_put(&e->intf->refcount, intf_free);
bca0324d 669 kfree(e);
1da177e4 670 }
bca0324d 671
b2c03941 672 mutex_unlock(&smi_watchers_mutex);
bca0324d 673
1da177e4 674 return 0;
bca0324d
CM		 675
676 out_err:
b2c03941
CM		 677 mutex_unlock(&ipmi_interfaces_mutex);
678 mutex_unlock(&smi_watchers_mutex);
bca0324d
CM		 679 list_for_each_entry_safe(e, e2, &to_deliver, link) {
680 list_del(&e->link);
b2c03941 681 kref_put(&e->intf->refcount, intf_free);
bca0324d
CM		 682 kfree(e);
683 }
684 return -ENOMEM;
1da177e4 685}
c70d7499 686EXPORT_SYMBOL(ipmi_smi_watcher_register);
1da177e4
LT		 687
688int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
689{
b2c03941 690 mutex_lock(&smi_watchers_mutex);
1da177e4 691 list_del(&(watcher->link));
b2c03941 692 mutex_unlock(&smi_watchers_mutex);
1da177e4
LT		 693 return 0;
694}
c70d7499 695EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
1da177e4 696
b2c03941
CM		 697/*
698 * Must be called with smi_watchers_mutex held.
699 */
1da177e4 700static void
50c812b2 701call_smi_watchers(int i, struct device *dev)
1da177e4
LT		 702{
703 struct ipmi_smi_watcher *w;
704
1da177e4
LT		 705 list_for_each_entry(w, &smi_watchers, link) {
706 if (try_module_get(w->owner)) {
50c812b2 707 w->new_smi(i, dev);
1da177e4
LT		 708 module_put(w->owner);
709 }
710 }
1da177e4
LT		 711}
712
713static int
714ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
715{
716 if (addr1->addr_type != addr2->addr_type)
717 return 0;
718
719 if (addr1->channel != addr2->channel)
720 return 0;
721
722 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
723 struct ipmi_system_interface_addr *smi_addr1
724 = (struct ipmi_system_interface_addr *) addr1;
725 struct ipmi_system_interface_addr *smi_addr2
726 = (struct ipmi_system_interface_addr *) addr2;
727 return (smi_addr1->lun == smi_addr2->lun);
728 }
729
25176ed6 730 if (is_ipmb_addr(addr1) || is_ipmb_bcast_addr(addr1)) {
1da177e4
LT		 731 struct ipmi_ipmb_addr *ipmb_addr1
732 = (struct ipmi_ipmb_addr *) addr1;
733 struct ipmi_ipmb_addr *ipmb_addr2
734 = (struct ipmi_ipmb_addr *) addr2;
735
736 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
737 && (ipmb_addr1->lun == ipmb_addr2->lun));
738 }
739
25176ed6 740 if (is_lan_addr(addr1)) {
1da177e4
LT		 741 struct ipmi_lan_addr *lan_addr1
742 = (struct ipmi_lan_addr *) addr1;
743 struct ipmi_lan_addr *lan_addr2
744 = (struct ipmi_lan_addr *) addr2;
745
746 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
747 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
748 && (lan_addr1->session_handle
749 == lan_addr2->session_handle)
750 && (lan_addr1->lun == lan_addr2->lun));
751 }
752
753 return 1;
754}
755
756int ipmi_validate_addr(struct ipmi_addr *addr, int len)
757{
c70d7499 758 if (len < sizeof(struct ipmi_system_interface_addr))
1da177e4 759 return -EINVAL;
1da177e4
LT		 760
761 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
762 if (addr->channel != IPMI_BMC_CHANNEL)
763 return -EINVAL;
764 return 0;
765 }
766
767 if ((addr->channel == IPMI_BMC_CHANNEL)
12fc1d7b 768 || (addr->channel >= IPMI_MAX_CHANNELS)
1da177e4
LT		 769 || (addr->channel < 0))
770 return -EINVAL;
771
25176ed6 772 if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
c70d7499 773 if (len < sizeof(struct ipmi_ipmb_addr))
1da177e4 774 return -EINVAL;
1da177e4
LT		 775 return 0;
776 }
777
25176ed6 778 if (is_lan_addr(addr)) {
c70d7499 779 if (len < sizeof(struct ipmi_lan_addr))
1da177e4 780 return -EINVAL;
1da177e4
LT		 781 return 0;
782 }
783
784 return -EINVAL;
785}
c70d7499 786EXPORT_SYMBOL(ipmi_validate_addr);
1da177e4
LT		 787
788unsigned int ipmi_addr_length(int addr_type)
789{
790 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
791 return sizeof(struct ipmi_system_interface_addr);
792
793 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
c70d7499 794 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1da177e4 795 return sizeof(struct ipmi_ipmb_addr);
1da177e4
LT		 796
797 if (addr_type == IPMI_LAN_ADDR_TYPE)
798 return sizeof(struct ipmi_lan_addr);
799
800 return 0;
801}
c70d7499 802EXPORT_SYMBOL(ipmi_addr_length);
1da177e4
LT		 803
804static void deliver_response(struct ipmi_recv_msg *msg)
805{
8a3628d5 806 if (!msg->user) {
56a55ec6 807 ipmi_smi_t intf = msg->user_msg_data;
56a55ec6
CM		 808
809 /* Special handling for NULL users. */
810 if (intf->null_user_handler) {
811 intf->null_user_handler(intf, msg);
b2655f26 812 ipmi_inc_stat(intf, handled_local_responses);
56a55ec6
CM		 813 } else {
814 /* No handler, so give up. */
b2655f26 815 ipmi_inc_stat(intf, unhandled_local_responses);
56a55ec6
CM		 816 }
817 ipmi_free_recv_msg(msg);
c49c0976
HK		 818 } else if (!oops_in_progress) {
819 /*
820 * If we are running in the panic context, calling the
821 * receive handler doesn't much meaning and has a deadlock
822 * risk. At this moment, simply skip it in that case.
823 */
824
393d2cc3
CM		 825 ipmi_user_t user = msg->user;
826 user->handler->ipmi_recv_hndl(msg, user->handler_data);
56a55ec6 827 }
1da177e4
LT		 828}
829
b2c03941
CM		 830static void
831deliver_err_response(struct ipmi_recv_msg *msg, int err)
832{
833 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
834 msg->msg_data[0] = err;
835 msg->msg.netfn |= 1; /* Convert to a response. */
836 msg->msg.data_len = 1;
837 msg->msg.data = msg->msg_data;
838 deliver_response(msg);
839}
840
c70d7499
CM		 841/*
842 * Find the next sequence number not being used and add the given
843 * message with the given timeout to the sequence table. This must be
844 * called with the interface's seq_lock held.
845 */
1da177e4
LT		 846static int intf_next_seq(ipmi_smi_t intf,
847 struct ipmi_recv_msg *recv_msg,
848 unsigned long timeout,
849 int retries,
850 int broadcast,
851 unsigned char *seq,
852 long *seqid)
853{
854 int rv = 0;
855 unsigned int i;
856
c70d7499
CM		 857 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
858 i = (i+1)%IPMI_IPMB_NUM_SEQ) {
8a3628d5 859 if (!intf->seq_table[i].inuse)
1da177e4
LT		 860 break;
861 }
862
8a3628d5 863 if (!intf->seq_table[i].inuse) {
1da177e4
LT		 864 intf->seq_table[i].recv_msg = recv_msg;
865
c70d7499
CM		 866 /*
867 * Start with the maximum timeout, when the send response
868 * comes in we will start the real timer.
869 */
1da177e4
LT		 870 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
871 intf->seq_table[i].orig_timeout = timeout;
872 intf->seq_table[i].retries_left = retries;
873 intf->seq_table[i].broadcast = broadcast;
874 intf->seq_table[i].inuse = 1;
875 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
876 *seq = i;
877 *seqid = intf->seq_table[i].seqid;
878 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
89986496 879 need_waiter(intf);
1da177e4
LT		 880 } else {
881 rv = -EAGAIN;
882 }
c70d7499 883
1da177e4
LT		 884 return rv;
885}
886
c70d7499
CM		 887/*
888 * Return the receive message for the given sequence number and
889 * release the sequence number so it can be reused. Some other data
890 * is passed in to be sure the message matches up correctly (to help
891 * guard against message coming in after their timeout and the
892 * sequence number being reused).
893 */
1da177e4
LT		 894static int intf_find_seq(ipmi_smi_t intf,
895 unsigned char seq,
896 short channel,
897 unsigned char cmd,
898 unsigned char netfn,
899 struct ipmi_addr *addr,
900 struct ipmi_recv_msg **recv_msg)
901{
902 int rv = -ENODEV;
903 unsigned long flags;
904
905 if (seq >= IPMI_IPMB_NUM_SEQ)
906 return -EINVAL;
907
908 spin_lock_irqsave(&(intf->seq_lock), flags);
909 if (intf->seq_table[seq].inuse) {
910 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
911
c70d7499
CM		 912 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd)
913 && (msg->msg.netfn == netfn)
914 && (ipmi_addr_equal(addr, &(msg->addr)))) {
1da177e4
LT		 915 *recv_msg = msg;
916 intf->seq_table[seq].inuse = 0;
917 rv = 0;
918 }
919 }
920 spin_unlock_irqrestore(&(intf->seq_lock), flags);
921
922 return rv;
923}
924
925
926/* Start the timer for a specific sequence table entry. */
927static int intf_start_seq_timer(ipmi_smi_t intf,
928 long msgid)
929{
930 int rv = -ENODEV;
931 unsigned long flags;
932 unsigned char seq;
933 unsigned long seqid;
934
935
936 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
937
938 spin_lock_irqsave(&(intf->seq_lock), flags);
c70d7499
CM		 939 /*
940 * We do this verification because the user can be deleted
941 * while a message is outstanding.
942 */
1da177e4 943 if ((intf->seq_table[seq].inuse)
c70d7499 944 && (intf->seq_table[seq].seqid == seqid)) {
1da177e4
LT		 945 struct seq_table *ent = &(intf->seq_table[seq]);
946 ent->timeout = ent->orig_timeout;
947 rv = 0;
948 }
949 spin_unlock_irqrestore(&(intf->seq_lock), flags);
950
951 return rv;
952}
953
954/* Got an error for the send message for a specific sequence number. */
955static int intf_err_seq(ipmi_smi_t intf,
956 long msgid,
957 unsigned int err)
958{
959 int rv = -ENODEV;
960 unsigned long flags;
961 unsigned char seq;
962 unsigned long seqid;
963 struct ipmi_recv_msg *msg = NULL;
964
965
966 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
967
968 spin_lock_irqsave(&(intf->seq_lock), flags);
c70d7499
CM		 969 /*
970 * We do this verification because the user can be deleted
971 * while a message is outstanding.
972 */
1da177e4 973 if ((intf->seq_table[seq].inuse)
c70d7499 974 && (intf->seq_table[seq].seqid == seqid)) {
1da177e4
LT		 975 struct seq_table *ent = &(intf->seq_table[seq]);
976
977 ent->inuse = 0;
978 msg = ent->recv_msg;
979 rv = 0;
980 }
981 spin_unlock_irqrestore(&(intf->seq_lock), flags);
982
b2c03941
CM		 983 if (msg)
984 deliver_err_response(msg, err);
1da177e4
LT		 985
986 return rv;
987}
988
989
990int ipmi_create_user(unsigned int if_num,
210af2a5 991 const struct ipmi_user_hndl *handler,
1da177e4
LT		 992 void *handler_data,
993 ipmi_user_t *user)
994{
995 unsigned long flags;
996 ipmi_user_t new_user;
997 int rv = 0;
998 ipmi_smi_t intf;
999
c70d7499
CM		 1000 /*
1001 * There is no module usecount here, because it's not
1002 * required. Since this can only be used by and called from
1003 * other modules, they will implicitly use this module, and
1004 * thus this can't be removed unless the other modules are
1005 * removed.
1006 */
1da177e4
LT		 1007
1008 if (handler == NULL)
1009 return -EINVAL;
1010
c70d7499
CM		 1011 /*
1012 * Make sure the driver is actually initialized, this handles
1013 * problems with initialization order.
1014 */
1da177e4
LT		 1015 if (!initialized) {
1016 rv = ipmi_init_msghandler();
1017 if (rv)
1018 return rv;
1019
c70d7499
CM		 1020 /*
1021 * The init code doesn't return an error if it was turned
1022 * off, but it won't initialize. Check that.
1023 */
1da177e4
LT		 1024 if (!initialized)
1025 return -ENODEV;
1026 }
1027
1028 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
8a3628d5 1029 if (!new_user)
1da177e4
LT		 1030 return -ENOMEM;
1031
b2c03941 1032 mutex_lock(&ipmi_interfaces_mutex);
bca0324d
CM		 1033 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1034 if (intf->intf_num == if_num)
1035 goto found;
1da177e4 1036 }
b2c03941 1037 /* Not found, return an error */
bca0324d
CM		 1038 rv = -EINVAL;
1039 goto out_kfree;
1da177e4 1040
bca0324d 1041 found:
393d2cc3
CM		 1042 /* Note that each existing user holds a refcount to the interface. */
1043 kref_get(&intf->refcount);
1da177e4 1044
393d2cc3 1045 kref_init(&new_user->refcount);
1da177e4
LT		 1046 new_user->handler = handler;
1047 new_user->handler_data = handler_data;
1048 new_user->intf = intf;
89986496 1049 new_user->gets_events = false;
1da177e4
LT		 1050
1051 if (!try_module_get(intf->handlers->owner)) {
1052 rv = -ENODEV;
5c98d29a 1053 goto out_kref;
1da177e4
LT		 1054 }
1055
1056 if (intf->handlers->inc_usecount) {
1057 rv = intf->handlers->inc_usecount(intf->send_info);
1058 if (rv) {
1059 module_put(intf->handlers->owner);
5c98d29a 1060 goto out_kref;
1da177e4
LT		 1061 }
1062 }
1063
c70d7499
CM		 1064 /*
1065 * Hold the lock so intf->handlers is guaranteed to be good
1066 * until now
1067 */
b2c03941
CM		 1068 mutex_unlock(&ipmi_interfaces_mutex);
1069
7aefac26 1070 new_user->valid = true;
393d2cc3
CM		 1071 spin_lock_irqsave(&intf->seq_lock, flags);
1072 list_add_rcu(&new_user->link, &intf->users);
1073 spin_unlock_irqrestore(&intf->seq_lock, flags);
89986496
CM		 1074 if (handler->ipmi_watchdog_pretimeout) {
1075 /* User wants pretimeouts, so make sure to watch for them. */
1076 if (atomic_inc_return(&intf->event_waiters) == 1)
1077 need_waiter(intf);
1078 }
393d2cc3
CM		 1079 *user = new_user;
1080 return 0;
1da177e4 1081
5c98d29a 1082out_kref:
393d2cc3 1083 kref_put(&intf->refcount, intf_free);
5c98d29a 1084out_kfree:
b2c03941 1085 mutex_unlock(&ipmi_interfaces_mutex);
5c98d29a 1086 kfree(new_user);
1da177e4
LT		 1087 return rv;
1088}
c70d7499 1089EXPORT_SYMBOL(ipmi_create_user);
1da177e4 1090
16f4232c
ZY		 1091int ipmi_get_smi_info(int if_num, struct ipmi_smi_info *data)
1092{
1093 int rv = 0;
1094 ipmi_smi_t intf;
81d02b7f 1095 const struct ipmi_smi_handlers *handlers;
16f4232c
ZY		 1096
1097 mutex_lock(&ipmi_interfaces_mutex);
1098 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1099 if (intf->intf_num == if_num)
1100 goto found;
1101 }
1102 /* Not found, return an error */
1103 rv = -EINVAL;
1104 mutex_unlock(&ipmi_interfaces_mutex);
1105 return rv;
1106
1107found:
1108 handlers = intf->handlers;
1109 rv = -ENOSYS;
1110 if (handlers->get_smi_info)
1111 rv = handlers->get_smi_info(intf->send_info, data);
1112 mutex_unlock(&ipmi_interfaces_mutex);
1113
1114 return rv;
1115}
1116EXPORT_SYMBOL(ipmi_get_smi_info);
1117
393d2cc3
CM		 1118static void free_user(struct kref *ref)
1119{
1120 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount);
1121 kfree(user);
1122}
1123
1124int ipmi_destroy_user(ipmi_user_t user)
1da177e4 1125{
393d2cc3 1126 ipmi_smi_t intf = user->intf;
1da177e4
LT		 1127 int i;
1128 unsigned long flags;
393d2cc3 1129 struct cmd_rcvr *rcvr;
393d2cc3 1130 struct cmd_rcvr *rcvrs = NULL;
1da177e4 1131
7aefac26 1132 user->valid = false;
1da177e4 1133
89986496
CM		 1134 if (user->handler->ipmi_watchdog_pretimeout)
1135 atomic_dec(&intf->event_waiters);
1136
1137 if (user->gets_events)
1138 atomic_dec(&intf->event_waiters);
1139
393d2cc3
CM		 1140 /* Remove the user from the interface's sequence table. */
1141 spin_lock_irqsave(&intf->seq_lock, flags);
1142 list_del_rcu(&user->link);
1da177e4 1143
e8b33617 1144 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
393d2cc3 1145 if (intf->seq_table[i].inuse
c70d7499 1146 && (intf->seq_table[i].recv_msg->user == user)) {
393d2cc3 1147 intf->seq_table[i].inuse = 0;
b2c03941 1148 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1da177e4
LT		 1149 }
1150 }
393d2cc3
CM		 1151 spin_unlock_irqrestore(&intf->seq_lock, flags);
1152
1153 /*
1154 * Remove the user from the command receiver's table. First
1155 * we build a list of everything (not using the standard link,
1156 * since other things may be using it till we do
1157 * synchronize_rcu()) then free everything in that list.
1158 */
d6dfd131 1159 mutex_lock(&intf->cmd_rcvrs_mutex);
066bb8d0 1160 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1da177e4 1161 if (rcvr->user == user) {
393d2cc3
CM		 1162 list_del_rcu(&rcvr->link);
1163 rcvr->next = rcvrs;
1164 rcvrs = rcvr;
1da177e4
LT		 1165 }
1166 }
d6dfd131 1167 mutex_unlock(&intf->cmd_rcvrs_mutex);
393d2cc3
CM		 1168 synchronize_rcu();
1169 while (rcvrs) {
1170 rcvr = rcvrs;
1171 rcvrs = rcvr->next;
1172 kfree(rcvr);
1173 }
1da177e4 1174
b2c03941
CM		 1175 mutex_lock(&ipmi_interfaces_mutex);
1176 if (intf->handlers) {
1177 module_put(intf->handlers->owner);
1178 if (intf->handlers->dec_usecount)
1179 intf->handlers->dec_usecount(intf->send_info);
1180 }
1181 mutex_unlock(&ipmi_interfaces_mutex);
1da177e4 1182
393d2cc3 1183 kref_put(&intf->refcount, intf_free);
1da177e4 1184
393d2cc3 1185 kref_put(&user->refcount, free_user);
1da177e4 1186
8a3628d5 1187 return 0;
1da177e4 1188}
c70d7499 1189EXPORT_SYMBOL(ipmi_destroy_user);
1da177e4
LT		 1190
1191void ipmi_get_version(ipmi_user_t user,
1192 unsigned char *major,
1193 unsigned char *minor)
1194{
b2c03941
CM		 1195 *major = user->intf->ipmi_version_major;
1196 *minor = user->intf->ipmi_version_minor;
1da177e4 1197}
c70d7499 1198EXPORT_SYMBOL(ipmi_get_version);
1da177e4 1199
c14979b9
CM		 1200int ipmi_set_my_address(ipmi_user_t user,
1201 unsigned int channel,
1202 unsigned char address)
1da177e4 1203{
c14979b9
CM		 1204 if (channel >= IPMI_MAX_CHANNELS)
1205 return -EINVAL;
1206 user->intf->channels[channel].address = address;
1207 return 0;
1da177e4 1208}
c70d7499 1209EXPORT_SYMBOL(ipmi_set_my_address);
1da177e4 1210
c14979b9
CM		 1211int ipmi_get_my_address(ipmi_user_t user,
1212 unsigned int channel,
1213 unsigned char *address)
1da177e4 1214{
c14979b9
CM		 1215 if (channel >= IPMI_MAX_CHANNELS)
1216 return -EINVAL;
1217 *address = user->intf->channels[channel].address;
1218 return 0;
1da177e4 1219}
c70d7499 1220EXPORT_SYMBOL(ipmi_get_my_address);
1da177e4 1221
c14979b9
CM		 1222int ipmi_set_my_LUN(ipmi_user_t user,
1223 unsigned int channel,
1224 unsigned char LUN)
1da177e4 1225{
c14979b9
CM		 1226 if (channel >= IPMI_MAX_CHANNELS)
1227 return -EINVAL;
1228 user->intf->channels[channel].lun = LUN & 0x3;
1229 return 0;
1da177e4 1230}
c70d7499 1231EXPORT_SYMBOL(ipmi_set_my_LUN);
1da177e4 1232
c14979b9
CM		 1233int ipmi_get_my_LUN(ipmi_user_t user,
1234 unsigned int channel,
1235 unsigned char *address)
1da177e4 1236{
c14979b9
CM		 1237 if (channel >= IPMI_MAX_CHANNELS)
1238 return -EINVAL;
1239 *address = user->intf->channels[channel].lun;
1240 return 0;
1da177e4 1241}
c70d7499 1242EXPORT_SYMBOL(ipmi_get_my_LUN);
1da177e4 1243
b9675136
CM		 1244int ipmi_get_maintenance_mode(ipmi_user_t user)
1245{
1246 int mode;
1247 unsigned long flags;
1248
1249 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags);
1250 mode = user->intf->maintenance_mode;
1251 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags);
1252
1253 return mode;
1254}
1255EXPORT_SYMBOL(ipmi_get_maintenance_mode);
1256
1257static void maintenance_mode_update(ipmi_smi_t intf)
1258{
1259 if (intf->handlers->set_maintenance_mode)
1260 intf->handlers->set_maintenance_mode(
1261 intf->send_info, intf->maintenance_mode_enable);
1262}
1263
1264int ipmi_set_maintenance_mode(ipmi_user_t user, int mode)
1265{
1266 int rv = 0;
1267 unsigned long flags;
1268 ipmi_smi_t intf = user->intf;
1269
1270 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1271 if (intf->maintenance_mode != mode) {
1272 switch (mode) {
1273 case IPMI_MAINTENANCE_MODE_AUTO:
b9675136
CM		 1274 intf->maintenance_mode_enable
1275 = (intf->auto_maintenance_timeout > 0);
1276 break;
1277
1278 case IPMI_MAINTENANCE_MODE_OFF:
7aefac26 1279 intf->maintenance_mode_enable = false;
b9675136
CM		 1280 break;
1281
1282 case IPMI_MAINTENANCE_MODE_ON:
7aefac26 1283 intf->maintenance_mode_enable = true;
b9675136
CM		 1284 break;
1285
1286 default:
1287 rv = -EINVAL;
1288 goto out_unlock;
1289 }
7aefac26 1290 intf->maintenance_mode = mode;
b9675136
CM		 1291
1292 maintenance_mode_update(intf);
1293 }
1294 out_unlock:
1295 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags);
1296
1297 return rv;
1298}
1299EXPORT_SYMBOL(ipmi_set_maintenance_mode);
1300
89986496 1301int ipmi_set_gets_events(ipmi_user_t user, bool val)
1da177e4 1302{
393d2cc3
CM		 1303 unsigned long flags;
1304 ipmi_smi_t intf = user->intf;
1305 struct ipmi_recv_msg *msg, *msg2;
1306 struct list_head msgs;
1da177e4 1307
393d2cc3
CM		 1308 INIT_LIST_HEAD(&msgs);
1309
1310 spin_lock_irqsave(&intf->events_lock, flags);
89986496
CM		 1311 if (user->gets_events == val)
1312 goto out;
1313
1da177e4
LT		 1314 user->gets_events = val;
1315
89986496
CM		 1316 if (val) {
1317 if (atomic_inc_return(&intf->event_waiters) == 1)
1318 need_waiter(intf);
1319 } else {
1320 atomic_dec(&intf->event_waiters);
1321 }
1322
b2c03941
CM		 1323 if (intf->delivering_events)
1324 /*
1325 * Another thread is delivering events for this, so
1326 * let it handle any new events.
1327 */
1328 goto out;
1329
1330 /* Deliver any queued events. */
1331 while (user->gets_events && !list_empty(&intf->waiting_events)) {
179e0917
AM		 1332 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link)
1333 list_move_tail(&msg->link, &msgs);
4791c03d 1334 intf->waiting_events_count = 0;
87ebd06f
CM		 1335 if (intf->event_msg_printed) {
1336 printk(KERN_WARNING PFX "Event queue no longer"
1337 " full\n");
1338 intf->event_msg_printed = 0;
1339 }
393d2cc3 1340
b2c03941
CM		 1341 intf->delivering_events = 1;
1342 spin_unlock_irqrestore(&intf->events_lock, flags);
1343
1344 list_for_each_entry_safe(msg, msg2, &msgs, link) {
1345 msg->user = user;
1346 kref_get(&user->refcount);
1347 deliver_response(msg);
1348 }
1349
1350 spin_lock_irqsave(&intf->events_lock, flags);
1351 intf->delivering_events = 0;
393d2cc3
CM		 1352 }
1353
b2c03941 1354 out:
393d2cc3 1355 spin_unlock_irqrestore(&intf->events_lock, flags);
1da177e4
LT		 1356
1357 return 0;
1358}
c70d7499 1359EXPORT_SYMBOL(ipmi_set_gets_events);
1da177e4 1360
393d2cc3
CM		 1361static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf,
1362 unsigned char netfn,
c69c3127
CM		 1363 unsigned char cmd,
1364 unsigned char chan)
393d2cc3
CM		 1365{
1366 struct cmd_rcvr *rcvr;
1367
1368 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
c69c3127
CM		 1369 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1370 && (rcvr->chans & (1 << chan)))
393d2cc3
CM		 1371 return rcvr;
1372 }
1373 return NULL;
1374}
1375
c69c3127
CM		 1376static int is_cmd_rcvr_exclusive(ipmi_smi_t intf,
1377 unsigned char netfn,
1378 unsigned char cmd,
1379 unsigned int chans)
1380{
1381 struct cmd_rcvr *rcvr;
1382
1383 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1384 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1385 && (rcvr->chans & chans))
1386 return 0;
1387 }
1388 return 1;
1389}
1390
1da177e4
LT		 1391int ipmi_register_for_cmd(ipmi_user_t user,
1392 unsigned char netfn,
c69c3127
CM		 1393 unsigned char cmd,
1394 unsigned int chans)
1da177e4 1395{
393d2cc3
CM		 1396 ipmi_smi_t intf = user->intf;
1397 struct cmd_rcvr *rcvr;
393d2cc3 1398 int rv = 0;
1da177e4
LT		 1399
1400
1401 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
8a3628d5 1402 if (!rcvr)
1da177e4 1403 return -ENOMEM;
393d2cc3
CM		 1404 rcvr->cmd = cmd;
1405 rcvr->netfn = netfn;
c69c3127 1406 rcvr->chans = chans;
393d2cc3 1407 rcvr->user = user;
1da177e4 1408
d6dfd131 1409 mutex_lock(&intf->cmd_rcvrs_mutex);
1da177e4 1410 /* Make sure the command/netfn is not already registered. */
c69c3127 1411 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) {
393d2cc3
CM		 1412 rv = -EBUSY;
1413 goto out_unlock;
1da177e4 1414 }
877197ef 1415
89986496
CM		 1416 if (atomic_inc_return(&intf->event_waiters) == 1)
1417 need_waiter(intf);
1418
393d2cc3 1419 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
1da177e4 1420
393d2cc3 1421 out_unlock:
d6dfd131 1422 mutex_unlock(&intf->cmd_rcvrs_mutex);
1da177e4
LT		 1423 if (rv)
1424 kfree(rcvr);
1425
1426 return rv;
1427}
c70d7499 1428EXPORT_SYMBOL(ipmi_register_for_cmd);
1da177e4
LT		 1429
1430int ipmi_unregister_for_cmd(ipmi_user_t user,
1431 unsigned char netfn,
c69c3127
CM		 1432 unsigned char cmd,
1433 unsigned int chans)
1da177e4 1434{
393d2cc3
CM		 1435 ipmi_smi_t intf = user->intf;
1436 struct cmd_rcvr *rcvr;
c69c3127
CM		 1437 struct cmd_rcvr *rcvrs = NULL;
1438 int i, rv = -ENOENT;
1da177e4 1439
d6dfd131 1440 mutex_lock(&intf->cmd_rcvrs_mutex);
c69c3127
CM		 1441 for (i = 0; i < IPMI_NUM_CHANNELS; i++) {
1442 if (((1 << i) & chans) == 0)
1443 continue;
1444 rcvr = find_cmd_rcvr(intf, netfn, cmd, i);
1445 if (rcvr == NULL)
1446 continue;
1447 if (rcvr->user == user) {
1448 rv = 0;
1449 rcvr->chans &= ~chans;
1450 if (rcvr->chans == 0) {
1451 list_del_rcu(&rcvr->link);
1452 rcvr->next = rcvrs;
1453 rcvrs = rcvr;
1454 }
1455 }
1456 }
1457 mutex_unlock(&intf->cmd_rcvrs_mutex);
1458 synchronize_rcu();
1459 while (rcvrs) {
89986496 1460 atomic_dec(&intf->event_waiters);
c69c3127
CM		 1461 rcvr = rcvrs;
1462 rcvrs = rcvr->next;
393d2cc3 1463 kfree(rcvr);
1da177e4 1464 }
c69c3127 1465 return rv;
1da177e4 1466}
c70d7499 1467EXPORT_SYMBOL(ipmi_unregister_for_cmd);
1da177e4 1468
1da177e4
LT		 1469static unsigned char
1470ipmb_checksum(unsigned char *data, int size)
1471{
1472 unsigned char csum = 0;
c70d7499 1473
1da177e4
LT		 1474 for (; size > 0; size--, data++)
1475 csum += *data;
1476
1477 return -csum;
1478}
1479
1480static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1481 struct kernel_ipmi_msg *msg,
1482 struct ipmi_ipmb_addr *ipmb_addr,
1483 long msgid,
1484 unsigned char ipmb_seq,
1485 int broadcast,
1486 unsigned char source_address,
1487 unsigned char source_lun)
1488{
1489 int i = broadcast;
1490
1491 /* Format the IPMB header data. */
1492 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1493 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1494 smi_msg->data[2] = ipmb_addr->channel;
1495 if (broadcast)
1496 smi_msg->data[3] = 0;
1497 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1498 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1499 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
1500 smi_msg->data[i+6] = source_address;
1501 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1502 smi_msg->data[i+8] = msg->cmd;
1503
1504 /* Now tack on the data to the message. */
1505 if (msg->data_len > 0)
1506 memcpy(&(smi_msg->data[i+9]), msg->data,
1507 msg->data_len);
1508 smi_msg->data_size = msg->data_len + 9;
1509
1510 /* Now calculate the checksum and tack it on. */
1511 smi_msg->data[i+smi_msg->data_size]
1512 = ipmb_checksum(&(smi_msg->data[i+6]),
1513 smi_msg->data_size-6);
1514
c70d7499
CM		 1515 /*
1516 * Add on the checksum size and the offset from the
1517 * broadcast.
1518 */
1da177e4
LT		 1519 smi_msg->data_size += 1 + i;
1520
1521 smi_msg->msgid = msgid;
1522}
1523
1524static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1525 struct kernel_ipmi_msg *msg,
1526 struct ipmi_lan_addr *lan_addr,
1527 long msgid,
1528 unsigned char ipmb_seq,
1529 unsigned char source_lun)
1530{
1531 /* Format the IPMB header data. */
1532 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1533 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1534 smi_msg->data[2] = lan_addr->channel;
1535 smi_msg->data[3] = lan_addr->session_handle;
1536 smi_msg->data[4] = lan_addr->remote_SWID;
1537 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1538 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
1539 smi_msg->data[7] = lan_addr->local_SWID;
1540 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1541 smi_msg->data[9] = msg->cmd;
1542
1543 /* Now tack on the data to the message. */
1544 if (msg->data_len > 0)
1545 memcpy(&(smi_msg->data[10]), msg->data,
1546 msg->data_len);
1547 smi_msg->data_size = msg->data_len + 10;
1548
1549 /* Now calculate the checksum and tack it on. */
1550 smi_msg->data[smi_msg->data_size]
1551 = ipmb_checksum(&(smi_msg->data[7]),
1552 smi_msg->data_size-7);
1553
c70d7499
CM		 1554 /*
1555 * Add on the checksum size and the offset from the
1556 * broadcast.
1557 */
1da177e4
LT		 1558 smi_msg->data_size += 1;
1559
1560 smi_msg->msgid = msgid;
1561}
1562
191cc414
AB		 1563static struct ipmi_smi_msg *smi_add_send_msg(ipmi_smi_t intf,
1564 struct ipmi_smi_msg *smi_msg,
1565 int priority)
7f4a1c84 1566{
7ea0ed2b
CM		 1567 if (intf->curr_msg) {
1568 if (priority > 0)
1569 list_add_tail(&smi_msg->link, &intf->hp_xmit_msgs);
1570 else
1571 list_add_tail(&smi_msg->link, &intf->xmit_msgs);
1572 smi_msg = NULL;
1573 } else {
1574 intf->curr_msg = smi_msg;
1575 }
191cc414
AB		 1576
1577 return smi_msg;
1578}
1579
1580
81d02b7f 1581static void smi_send(ipmi_smi_t intf, const struct ipmi_smi_handlers *handlers,
191cc414
AB		 1582 struct ipmi_smi_msg *smi_msg, int priority)
1583{
1584 int run_to_completion = intf->run_to_completion;
1585
1586 if (run_to_completion) {
1587 smi_msg = smi_add_send_msg(intf, smi_msg, priority);
1588 } else {
1589 unsigned long flags;
1590
1591 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
1592 smi_msg = smi_add_send_msg(intf, smi_msg, priority);
7ea0ed2b 1593 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
191cc414 1594 }
7ea0ed2b
CM		 1595
1596 if (smi_msg)
99ab32f3 1597 handlers->sender(intf->send_info, smi_msg);
7f4a1c84
CM		 1598}
1599
c70d7499
CM		 1600/*
1601 * Separate from ipmi_request so that the user does not have to be
1602 * supplied in certain circumstances (mainly at panic time). If
1603 * messages are supplied, they will be freed, even if an error
1604 * occurs.
1605 */
393d2cc3
CM		 1606static int i_ipmi_request(ipmi_user_t user,
1607 ipmi_smi_t intf,
1608 struct ipmi_addr *addr,
1609 long msgid,
1610 struct kernel_ipmi_msg *msg,
1611 void *user_msg_data,
1612 void *supplied_smi,
1613 struct ipmi_recv_msg *supplied_recv,
1614 int priority,
1615 unsigned char source_address,
1616 unsigned char source_lun,
1617 int retries,
1618 unsigned int retry_time_ms)
1da177e4 1619{
b2c03941
CM		 1620 int rv = 0;
1621 struct ipmi_smi_msg *smi_msg;
1622 struct ipmi_recv_msg *recv_msg;
1623 unsigned long flags;
1da177e4
LT		 1624
1625
c70d7499 1626 if (supplied_recv)
1da177e4 1627 recv_msg = supplied_recv;
c70d7499 1628 else {
1da177e4 1629 recv_msg = ipmi_alloc_recv_msg();
c70d7499 1630 if (recv_msg == NULL)
1da177e4 1631 return -ENOMEM;
1da177e4
LT		 1632 }
1633 recv_msg->user_msg_data = user_msg_data;
1634
c70d7499 1635 if (supplied_smi)
1da177e4 1636 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
c70d7499 1637 else {
1da177e4
LT		 1638 smi_msg = ipmi_alloc_smi_msg();
1639 if (smi_msg == NULL) {
1640 ipmi_free_recv_msg(recv_msg);
1641 return -ENOMEM;
1642 }
1643 }
1644
b2c03941 1645 rcu_read_lock();
7ea0ed2b 1646 if (intf->in_shutdown) {
b2c03941
CM		 1647 rv = -ENODEV;
1648 goto out_err;
1649 }
1650
1da177e4 1651 recv_msg->user = user;
393d2cc3
CM		 1652 if (user)
1653 kref_get(&user->refcount);
1da177e4 1654 recv_msg->msgid = msgid;
c70d7499
CM		 1655 /*
1656 * Store the message to send in the receive message so timeout
1657 * responses can get the proper response data.
1658 */
1da177e4
LT		 1659 recv_msg->msg = *msg;
1660
1661 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1662 struct ipmi_system_interface_addr *smi_addr;
1663
1664 if (msg->netfn & 1) {
1665 /* Responses are not allowed to the SMI. */
1666 rv = -EINVAL;
1667 goto out_err;
1668 }
1669
1670 smi_addr = (struct ipmi_system_interface_addr *) addr;
1671 if (smi_addr->lun > 3) {
b2655f26 1672 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1673 rv = -EINVAL;
1674 goto out_err;
1675 }
1676
1677 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1678
1679 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1680 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1681 || (msg->cmd == IPMI_GET_MSG_CMD)
c70d7499
CM		 1682 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) {
1683 /*
1684 * We don't let the user do these, since we manage
1685 * the sequence numbers.
1686 */
b2655f26 1687 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1688 rv = -EINVAL;
1689 goto out_err;
1690 }
1691
b9675136
CM		 1692 if (((msg->netfn == IPMI_NETFN_APP_REQUEST)
1693 && ((msg->cmd == IPMI_COLD_RESET_CMD)
1694 || (msg->cmd == IPMI_WARM_RESET_CMD)))
c70d7499 1695 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST)) {
b9675136
CM		 1696 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1697 intf->auto_maintenance_timeout
1698 = IPMI_MAINTENANCE_MODE_TIMEOUT;
1699 if (!intf->maintenance_mode
c70d7499 1700 && !intf->maintenance_mode_enable) {
7aefac26 1701 intf->maintenance_mode_enable = true;
b9675136
CM		 1702 maintenance_mode_update(intf);
1703 }
1704 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
1705 flags);
1706 }
1707
1da177e4 1708 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
b2655f26 1709 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1710 rv = -EMSGSIZE;
1711 goto out_err;
1712 }
1713
1714 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1715 smi_msg->data[1] = msg->cmd;
1716 smi_msg->msgid = msgid;
1717 smi_msg->user_data = recv_msg;
1718 if (msg->data_len > 0)
1719 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1720 smi_msg->data_size = msg->data_len + 2;
b2655f26 1721 ipmi_inc_stat(intf, sent_local_commands);
25176ed6 1722 } else if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
1da177e4
LT		 1723 struct ipmi_ipmb_addr *ipmb_addr;
1724 unsigned char ipmb_seq;
1725 long seqid;
1726 int broadcast = 0;
1727
9c101fd4 1728 if (addr->channel >= IPMI_MAX_CHANNELS) {
b2655f26 1729 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1730 rv = -EINVAL;
1731 goto out_err;
1732 }
1733
1734 if (intf->channels[addr->channel].medium
c70d7499 1735 != IPMI_CHANNEL_MEDIUM_IPMB) {
b2655f26 1736 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1737 rv = -EINVAL;
1738 goto out_err;
1739 }
1740
1741 if (retries < 0) {
1742 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1743 retries = 0; /* Don't retry broadcasts. */
1744 else
1745 retries = 4;
1746 }
1747 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
c70d7499
CM		 1748 /*
1749 * Broadcasts add a zero at the beginning of the
1750 * message, but otherwise is the same as an IPMB
1751 * address.
1752 */
1da177e4
LT		 1753 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1754 broadcast = 1;
1755 }
1756
1757
1758 /* Default to 1 second retries. */
1759 if (retry_time_ms == 0)
1760 retry_time_ms = 1000;
1761
c70d7499
CM		 1762 /*
1763 * 9 for the header and 1 for the checksum, plus
1764 * possibly one for the broadcast.
1765 */
1da177e4 1766 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
b2655f26 1767 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1768 rv = -EMSGSIZE;
1769 goto out_err;
1770 }
1771
1772 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1773 if (ipmb_addr->lun > 3) {
b2655f26 1774 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1775 rv = -EINVAL;
1776 goto out_err;
1777 }
1778
1779 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1780
1781 if (recv_msg->msg.netfn & 0x1) {
c70d7499
CM		 1782 /*
1783 * It's a response, so use the user's sequence
1784 * from msgid.
1785 */
b2655f26 1786 ipmi_inc_stat(intf, sent_ipmb_responses);
1da177e4
LT		 1787 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1788 msgid, broadcast,
1789 source_address, source_lun);
1790
c70d7499
CM		 1791 /*
1792 * Save the receive message so we can use it
1793 * to deliver the response.
1794 */
1da177e4
LT		 1795 smi_msg->user_data = recv_msg;
1796 } else {
1797 /* It's a command, so get a sequence for it. */
1798
1799 spin_lock_irqsave(&(intf->seq_lock), flags);
1800
c70d7499
CM		 1801 /*
1802 * Create a sequence number with a 1 second
1803 * timeout and 4 retries.
1804 */
1da177e4
LT		 1805 rv = intf_next_seq(intf,
1806 recv_msg,
1807 retry_time_ms,
1808 retries,
1809 broadcast,
1810 &ipmb_seq,
1811 &seqid);
1812 if (rv) {
c70d7499
CM		 1813 /*
1814 * We have used up all the sequence numbers,
1815 * probably, so abort.
1816 */
1da177e4
LT		 1817 spin_unlock_irqrestore(&(intf->seq_lock),
1818 flags);
1819 goto out_err;
1820 }
1821
25176ed6
CM		 1822 ipmi_inc_stat(intf, sent_ipmb_commands);
1823
c70d7499
CM		 1824 /*
1825 * Store the sequence number in the message,
1826 * so that when the send message response
1827 * comes back we can start the timer.
1828 */
1da177e4
LT		 1829 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1830 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1831 ipmb_seq, broadcast,
1832 source_address, source_lun);
1833
c70d7499
CM		 1834 /*
1835 * Copy the message into the recv message data, so we
1836 * can retransmit it later if necessary.
1837 */
1da177e4
LT		 1838 memcpy(recv_msg->msg_data, smi_msg->data,
1839 smi_msg->data_size);
1840 recv_msg->msg.data = recv_msg->msg_data;
1841 recv_msg->msg.data_len = smi_msg->data_size;
1842
c70d7499
CM		 1843 /*
1844 * We don't unlock until here, because we need
1845 * to copy the completed message into the
1846 * recv_msg before we release the lock.
1847 * Otherwise, race conditions may bite us. I
1848 * know that's pretty paranoid, but I prefer
1849 * to be correct.
1850 */
1da177e4
LT		 1851 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1852 }
25176ed6 1853 } else if (is_lan_addr(addr)) {
1da177e4
LT		 1854 struct ipmi_lan_addr *lan_addr;
1855 unsigned char ipmb_seq;
1856 long seqid;
1857
12fc1d7b 1858 if (addr->channel >= IPMI_MAX_CHANNELS) {
b2655f26 1859 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1860 rv = -EINVAL;
1861 goto out_err;
1862 }
1863
1864 if ((intf->channels[addr->channel].medium
c70d7499 1865 != IPMI_CHANNEL_MEDIUM_8023LAN)
1da177e4 1866 && (intf->channels[addr->channel].medium
c70d7499 1867 != IPMI_CHANNEL_MEDIUM_ASYNC)) {
b2655f26 1868 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1869 rv = -EINVAL;
1870 goto out_err;
1871 }
1872
1873 retries = 4;
1874
1875 /* Default to 1 second retries. */
1876 if (retry_time_ms == 0)
1877 retry_time_ms = 1000;
1878
1879 /* 11 for the header and 1 for the checksum. */
1880 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
b2655f26 1881 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1882 rv = -EMSGSIZE;
1883 goto out_err;
1884 }
1885
1886 lan_addr = (struct ipmi_lan_addr *) addr;
1887 if (lan_addr->lun > 3) {
b2655f26 1888 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1889 rv = -EINVAL;
1890 goto out_err;
1891 }
1892
1893 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1894
1895 if (recv_msg->msg.netfn & 0x1) {
c70d7499
CM		 1896 /*
1897 * It's a response, so use the user's sequence
1898 * from msgid.
1899 */
b2655f26 1900 ipmi_inc_stat(intf, sent_lan_responses);
1da177e4
LT		 1901 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1902 msgid, source_lun);
1903
c70d7499
CM		 1904 /*
1905 * Save the receive message so we can use it
1906 * to deliver the response.
1907 */
1da177e4
LT		 1908 smi_msg->user_data = recv_msg;
1909 } else {
1910 /* It's a command, so get a sequence for it. */
1911
1912 spin_lock_irqsave(&(intf->seq_lock), flags);
1913
c70d7499
CM		 1914 /*
1915 * Create a sequence number with a 1 second
1916 * timeout and 4 retries.
1917 */
1da177e4
LT		 1918 rv = intf_next_seq(intf,
1919 recv_msg,
1920 retry_time_ms,
1921 retries,
1922 0,
1923 &ipmb_seq,
1924 &seqid);
1925 if (rv) {
c70d7499
CM		 1926 /*
1927 * We have used up all the sequence numbers,
1928 * probably, so abort.
1929 */
1da177e4
LT		 1930 spin_unlock_irqrestore(&(intf->seq_lock),
1931 flags);
1932 goto out_err;
1933 }
1934
25176ed6
CM		 1935 ipmi_inc_stat(intf, sent_lan_commands);
1936
c70d7499
CM		 1937 /*
1938 * Store the sequence number in the message,
1939 * so that when the send message response
1940 * comes back we can start the timer.
1941 */
1da177e4
LT		 1942 format_lan_msg(smi_msg, msg, lan_addr,
1943 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1944 ipmb_seq, source_lun);
1945
c70d7499
CM		 1946 /*
1947 * Copy the message into the recv message data, so we
1948 * can retransmit it later if necessary.
1949 */
1da177e4
LT		 1950 memcpy(recv_msg->msg_data, smi_msg->data,
1951 smi_msg->data_size);
1952 recv_msg->msg.data = recv_msg->msg_data;
1953 recv_msg->msg.data_len = smi_msg->data_size;
1954
c70d7499
CM		 1955 /*
1956 * We don't unlock until here, because we need
1957 * to copy the completed message into the
1958 * recv_msg before we release the lock.
1959 * Otherwise, race conditions may bite us. I
1960 * know that's pretty paranoid, but I prefer
1961 * to be correct.
1962 */
1da177e4
LT		 1963 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1964 }
1965 } else {
1966 /* Unknown address type. */
b2655f26 1967 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1968 rv = -EINVAL;
1969 goto out_err;
1970 }
1971
1972#ifdef DEBUG_MSGING
1973 {
1974 int m;
e8b33617 1975 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 1976 printk(" %2.2x", smi_msg->data[m]);
1977 printk("\n");
1978 }
1979#endif
b2c03941 1980
7ea0ed2b 1981 smi_send(intf, intf->handlers, smi_msg, priority);
b2c03941 1982 rcu_read_unlock();
1da177e4
LT		 1983
1984 return 0;
1985
1986 out_err:
b2c03941 1987 rcu_read_unlock();
1da177e4
LT		 1988 ipmi_free_smi_msg(smi_msg);
1989 ipmi_free_recv_msg(recv_msg);
1990 return rv;
1991}
1992
c14979b9
CM		 1993static int check_addr(ipmi_smi_t intf,
1994 struct ipmi_addr *addr,
1995 unsigned char *saddr,
1996 unsigned char *lun)
1997{
1998 if (addr->channel >= IPMI_MAX_CHANNELS)
1999 return -EINVAL;
2000 *lun = intf->channels[addr->channel].lun;
2001 *saddr = intf->channels[addr->channel].address;
2002 return 0;
2003}
2004
1da177e4
LT		 2005int ipmi_request_settime(ipmi_user_t user,
2006 struct ipmi_addr *addr,
2007 long msgid,
2008 struct kernel_ipmi_msg *msg,
2009 void *user_msg_data,
2010 int priority,
2011 int retries,
2012 unsigned int retry_time_ms)
2013{
f0ba9390 2014 unsigned char saddr = 0, lun = 0;
c14979b9
CM		 2015 int rv;
2016
8a3628d5 2017 if (!user)
56a55ec6 2018 return -EINVAL;
c14979b9
CM		 2019 rv = check_addr(user->intf, addr, &saddr, &lun);
2020 if (rv)
2021 return rv;
1da177e4
LT		 2022 return i_ipmi_request(user,
2023 user->intf,
2024 addr,
2025 msgid,
2026 msg,
2027 user_msg_data,
2028 NULL, NULL,
2029 priority,
c14979b9
CM		 2030 saddr,
2031 lun,
1da177e4
LT		 2032 retries,
2033 retry_time_ms);
2034}
c70d7499 2035EXPORT_SYMBOL(ipmi_request_settime);
1da177e4
LT		 2036
2037int ipmi_request_supply_msgs(ipmi_user_t user,
2038 struct ipmi_addr *addr,
2039 long msgid,
2040 struct kernel_ipmi_msg *msg,
2041 void *user_msg_data,
2042 void *supplied_smi,
2043 struct ipmi_recv_msg *supplied_recv,
2044 int priority)
2045{
9ebca93b 2046 unsigned char saddr = 0, lun = 0;
c14979b9
CM		 2047 int rv;
2048
8a3628d5 2049 if (!user)
56a55ec6 2050 return -EINVAL;
c14979b9
CM		 2051 rv = check_addr(user->intf, addr, &saddr, &lun);
2052 if (rv)
2053 return rv;
1da177e4
LT		 2054 return i_ipmi_request(user,
2055 user->intf,
2056 addr,
2057 msgid,
2058 msg,
2059 user_msg_data,
2060 supplied_smi,
2061 supplied_recv,
2062 priority,
c14979b9
CM		 2063 saddr,
2064 lun,
1da177e4
LT		 2065 -1, 0);
2066}
c70d7499 2067EXPORT_SYMBOL(ipmi_request_supply_msgs);
1da177e4 2068
1aa16eea 2069#ifdef CONFIG_PROC_FS
07412736 2070static int smi_ipmb_proc_show(struct seq_file *m, void *v)
1da177e4 2071{
07412736 2072 ipmi_smi_t intf = m->private;
c14979b9 2073 int i;
1da177e4 2074
07412736
AD		 2075 seq_printf(m, "%x", intf->channels[0].address);
2076 for (i = 1; i < IPMI_MAX_CHANNELS; i++)
2077 seq_printf(m, " %x", intf->channels[i].address);
d6c5dc18
JP		 2078 seq_putc(m, '\n');
2079
5e33cd0c 2080 return 0;
1da177e4
LT		 2081}
2082
07412736 2083static int smi_ipmb_proc_open(struct inode *inode, struct file *file)
1da177e4 2084{
d9dda78b 2085 return single_open(file, smi_ipmb_proc_show, PDE_DATA(inode));
07412736 2086}
1da177e4 2087
07412736
AD		 2088static const struct file_operations smi_ipmb_proc_ops = {
2089 .open = smi_ipmb_proc_open,
2090 .read = seq_read,
2091 .llseek = seq_lseek,
2092 .release = single_release,
2093};
2094
2095static int smi_version_proc_show(struct seq_file *m, void *v)
2096{
2097 ipmi_smi_t intf = m->private;
2098
d6c5dc18
JP		 2099 seq_printf(m, "%u.%u\n",
2100 ipmi_version_major(&intf->bmc->id),
2101 ipmi_version_minor(&intf->bmc->id));
2102
5e33cd0c 2103 return 0;
1da177e4
LT		 2104}
2105
07412736 2106static int smi_version_proc_open(struct inode *inode, struct file *file)
1da177e4 2107{
d9dda78b 2108 return single_open(file, smi_version_proc_show, PDE_DATA(inode));
07412736
AD		 2109}
2110
2111static const struct file_operations smi_version_proc_ops = {
2112 .open = smi_version_proc_open,
2113 .read = seq_read,
2114 .llseek = seq_lseek,
2115 .release = single_release,
2116};
1da177e4 2117
07412736
AD		 2118static int smi_stats_proc_show(struct seq_file *m, void *v)
2119{
2120 ipmi_smi_t intf = m->private;
2121
2122 seq_printf(m, "sent_invalid_commands: %u\n",
b2655f26 2123 ipmi_get_stat(intf, sent_invalid_commands));
07412736 2124 seq_printf(m, "sent_local_commands: %u\n",
b2655f26 2125 ipmi_get_stat(intf, sent_local_commands));
07412736 2126 seq_printf(m, "handled_local_responses: %u\n",
b2655f26 2127 ipmi_get_stat(intf, handled_local_responses));
07412736 2128 seq_printf(m, "unhandled_local_responses: %u\n",
b2655f26 2129 ipmi_get_stat(intf, unhandled_local_responses));
07412736 2130 seq_printf(m, "sent_ipmb_commands: %u\n",
b2655f26 2131 ipmi_get_stat(intf, sent_ipmb_commands));
07412736 2132 seq_printf(m, "sent_ipmb_command_errs: %u\n",
b2655f26 2133 ipmi_get_stat(intf, sent_ipmb_command_errs));
07412736 2134 seq_printf(m, "retransmitted_ipmb_commands: %u\n",
b2655f26 2135 ipmi_get_stat(intf, retransmitted_ipmb_commands));
07412736 2136 seq_printf(m, "timed_out_ipmb_commands: %u\n",
b2655f26 2137 ipmi_get_stat(intf, timed_out_ipmb_commands));
07412736 2138 seq_printf(m, "timed_out_ipmb_broadcasts: %u\n",
b2655f26 2139 ipmi_get_stat(intf, timed_out_ipmb_broadcasts));
07412736 2140 seq_printf(m, "sent_ipmb_responses: %u\n",
b2655f26 2141 ipmi_get_stat(intf, sent_ipmb_responses));
07412736 2142 seq_printf(m, "handled_ipmb_responses: %u\n",
b2655f26 2143 ipmi_get_stat(intf, handled_ipmb_responses));
07412736 2144 seq_printf(m, "invalid_ipmb_responses: %u\n",
b2655f26 2145 ipmi_get_stat(intf, invalid_ipmb_responses));
07412736 2146 seq_printf(m, "unhandled_ipmb_responses: %u\n",
b2655f26 2147 ipmi_get_stat(intf, unhandled_ipmb_responses));
07412736 2148 seq_printf(m, "sent_lan_commands: %u\n",
b2655f26 2149 ipmi_get_stat(intf, sent_lan_commands));
07412736 2150 seq_printf(m, "sent_lan_command_errs: %u\n",
b2655f26 2151 ipmi_get_stat(intf, sent_lan_command_errs));
07412736 2152 seq_printf(m, "retransmitted_lan_commands: %u\n",
b2655f26 2153 ipmi_get_stat(intf, retransmitted_lan_commands));
07412736 2154 seq_printf(m, "timed_out_lan_commands: %u\n",
b2655f26 2155 ipmi_get_stat(intf, timed_out_lan_commands));
07412736 2156 seq_printf(m, "sent_lan_responses: %u\n",
b2655f26 2157 ipmi_get_stat(intf, sent_lan_responses));
07412736 2158 seq_printf(m, "handled_lan_responses: %u\n",
b2655f26 2159 ipmi_get_stat(intf, handled_lan_responses));
07412736 2160 seq_printf(m, "invalid_lan_responses: %u\n",
b2655f26 2161 ipmi_get_stat(intf, invalid_lan_responses));
07412736 2162 seq_printf(m, "unhandled_lan_responses: %u\n",
b2655f26 2163 ipmi_get_stat(intf, unhandled_lan_responses));
07412736 2164 seq_printf(m, "handled_commands: %u\n",
b2655f26 2165 ipmi_get_stat(intf, handled_commands));
07412736 2166 seq_printf(m, "invalid_commands: %u\n",
b2655f26 2167 ipmi_get_stat(intf, invalid_commands));
07412736 2168 seq_printf(m, "unhandled_commands: %u\n",
b2655f26 2169 ipmi_get_stat(intf, unhandled_commands));
07412736 2170 seq_printf(m, "invalid_events: %u\n",
b2655f26 2171 ipmi_get_stat(intf, invalid_events));
07412736 2172 seq_printf(m, "events: %u\n",
b2655f26 2173 ipmi_get_stat(intf, events));
07412736 2174 seq_printf(m, "failed rexmit LAN msgs: %u\n",
25176ed6 2175 ipmi_get_stat(intf, dropped_rexmit_lan_commands));
07412736 2176 seq_printf(m, "failed rexmit IPMB msgs: %u\n",
25176ed6 2177 ipmi_get_stat(intf, dropped_rexmit_ipmb_commands));
07412736
AD		 2178 return 0;
2179}
1da177e4 2180
07412736
AD		 2181static int smi_stats_proc_open(struct inode *inode, struct file *file)
2182{
d9dda78b 2183 return single_open(file, smi_stats_proc_show, PDE_DATA(inode));
1da177e4 2184}
07412736
AD		 2185
2186static const struct file_operations smi_stats_proc_ops = {
2187 .open = smi_stats_proc_open,
2188 .read = seq_read,
2189 .llseek = seq_lseek,
2190 .release = single_release,
2191};
1aa16eea 2192#endif /* CONFIG_PROC_FS */
1da177e4
LT		 2193
2194int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
07412736 2195 const struct file_operations *proc_ops,
99b76233 2196 void *data)
1da177e4 2197{
1da177e4 2198 int rv = 0;
3b625943
CM		 2199#ifdef CONFIG_PROC_FS
2200 struct proc_dir_entry *file;
1da177e4
LT		 2201 struct ipmi_proc_entry *entry;
2202
2203 /* Create a list element. */
2204 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
2205 if (!entry)
2206 return -ENOMEM;
1b6b698f 2207 entry->name = kstrdup(name, GFP_KERNEL);
1da177e4
LT		 2208 if (!entry->name) {
2209 kfree(entry);
2210 return -ENOMEM;
2211 }
1da177e4 2212
07412736 2213 file = proc_create_data(name, 0, smi->proc_dir, proc_ops, data);
1da177e4
LT		 2214 if (!file) {
2215 kfree(entry->name);
2216 kfree(entry);
2217 rv = -ENOMEM;
2218 } else {
ac019151 2219 mutex_lock(&smi->proc_entry_lock);
1da177e4
LT		 2220 /* Stick it on the list. */
2221 entry->next = smi->proc_entries;
2222 smi->proc_entries = entry;
ac019151 2223 mutex_unlock(&smi->proc_entry_lock);
1da177e4 2224 }
3b625943 2225#endif /* CONFIG_PROC_FS */
1da177e4
LT		 2226
2227 return rv;
2228}
c70d7499 2229EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
1da177e4
LT		 2230
2231static int add_proc_entries(ipmi_smi_t smi, int num)
2232{
2233 int rv = 0;
2234
3b625943 2235#ifdef CONFIG_PROC_FS
1da177e4
LT		 2236 sprintf(smi->proc_dir_name, "%d", num);
2237 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
2238 if (!smi->proc_dir)
2239 rv = -ENOMEM;
1da177e4
LT		 2240
2241 if (rv == 0)
2242 rv = ipmi_smi_add_proc_entry(smi, "stats",
07412736 2243 &smi_stats_proc_ops,
99b76233 2244 smi);
1da177e4
LT		 2245
2246 if (rv == 0)
2247 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
07412736 2248 &smi_ipmb_proc_ops,
99b76233 2249 smi);
1da177e4
LT		 2250
2251 if (rv == 0)
2252 rv = ipmi_smi_add_proc_entry(smi, "version",
07412736 2253 &smi_version_proc_ops,
99b76233 2254 smi);
3b625943 2255#endif /* CONFIG_PROC_FS */
1da177e4
LT		 2256
2257 return rv;
2258}
2259
2260static void remove_proc_entries(ipmi_smi_t smi)
2261{
3b625943 2262#ifdef CONFIG_PROC_FS
1da177e4
LT		 2263 struct ipmi_proc_entry *entry;
2264
ac019151 2265 mutex_lock(&smi->proc_entry_lock);
1da177e4
LT		 2266 while (smi->proc_entries) {
2267 entry = smi->proc_entries;
2268 smi->proc_entries = entry->next;
2269
2270 remove_proc_entry(entry->name, smi->proc_dir);
2271 kfree(entry->name);
2272 kfree(entry);
2273 }
ac019151 2274 mutex_unlock(&smi->proc_entry_lock);
1da177e4 2275 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
3b625943 2276#endif /* CONFIG_PROC_FS */
1da177e4
LT		 2277}
2278
50c812b2
CM		 2279static ssize_t device_id_show(struct device *dev,
2280 struct device_attribute *attr,
2281 char *buf)
2282{
16639eb0 2283 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2284
2285 return snprintf(buf, 10, "%u\n", bmc->id.device_id);
2286}
9c633317 2287static DEVICE_ATTR(device_id, S_IRUGO, device_id_show, NULL);
50c812b2 2288
16639eb0
CM		 2289static ssize_t provides_device_sdrs_show(struct device *dev,
2290 struct device_attribute *attr,
2291 char *buf)
50c812b2 2292{
16639eb0 2293 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2294
2295 return snprintf(buf, 10, "%u\n",
7947d2cc 2296 (bmc->id.device_revision & 0x80) >> 7);
50c812b2 2297}
9c633317
CM		 2298static DEVICE_ATTR(provides_device_sdrs, S_IRUGO, provides_device_sdrs_show,
2299 NULL);
50c812b2
CM		 2300
2301static ssize_t revision_show(struct device *dev, struct device_attribute *attr,
2302 char *buf)
2303{
16639eb0 2304 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2305
2306 return snprintf(buf, 20, "%u\n",
7947d2cc 2307 bmc->id.device_revision & 0x0F);
50c812b2 2308}
9c633317 2309static DEVICE_ATTR(revision, S_IRUGO, revision_show, NULL);
50c812b2 2310
16639eb0
CM		 2311static ssize_t firmware_revision_show(struct device *dev,
2312 struct device_attribute *attr,
2313 char *buf)
50c812b2 2314{
16639eb0 2315 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2316
2317 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1,
2318 bmc->id.firmware_revision_2);
2319}
9c633317 2320static DEVICE_ATTR(firmware_revision, S_IRUGO, firmware_revision_show, NULL);
50c812b2
CM		 2321
2322static ssize_t ipmi_version_show(struct device *dev,
2323 struct device_attribute *attr,
2324 char *buf)
2325{
16639eb0 2326 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2327
2328 return snprintf(buf, 20, "%u.%u\n",
2329 ipmi_version_major(&bmc->id),
2330 ipmi_version_minor(&bmc->id));
2331}
9c633317 2332static DEVICE_ATTR(ipmi_version, S_IRUGO, ipmi_version_show, NULL);
50c812b2
CM		 2333
2334static ssize_t add_dev_support_show(struct device *dev,
2335 struct device_attribute *attr,
2336 char *buf)
2337{
16639eb0 2338 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2339
2340 return snprintf(buf, 10, "0x%02x\n",
2341 bmc->id.additional_device_support);
2342}
9c633317
CM		 2343static DEVICE_ATTR(additional_device_support, S_IRUGO, add_dev_support_show,
2344 NULL);
50c812b2
CM		 2345
2346static ssize_t manufacturer_id_show(struct device *dev,
2347 struct device_attribute *attr,
2348 char *buf)
2349{
16639eb0 2350 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2351
2352 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id);
2353}
9c633317 2354static DEVICE_ATTR(manufacturer_id, S_IRUGO, manufacturer_id_show, NULL);
50c812b2
CM		 2355
2356static ssize_t product_id_show(struct device *dev,
2357 struct device_attribute *attr,
2358 char *buf)
2359{
16639eb0 2360 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2361
2362 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id);
2363}
9c633317 2364static DEVICE_ATTR(product_id, S_IRUGO, product_id_show, NULL);
50c812b2
CM		 2365
2366static ssize_t aux_firmware_rev_show(struct device *dev,
2367 struct device_attribute *attr,
2368 char *buf)
2369{
16639eb0 2370 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2371
2372 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n",
2373 bmc->id.aux_firmware_revision[3],
2374 bmc->id.aux_firmware_revision[2],
2375 bmc->id.aux_firmware_revision[1],
2376 bmc->id.aux_firmware_revision[0]);
2377}
9c633317 2378static DEVICE_ATTR(aux_firmware_revision, S_IRUGO, aux_firmware_rev_show, NULL);
50c812b2
CM		 2379
2380static ssize_t guid_show(struct device *dev, struct device_attribute *attr,
2381 char *buf)
2382{
16639eb0 2383 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2384
2385 return snprintf(buf, 100, "%Lx%Lx\n",
2386 (long long) bmc->guid[0],
2387 (long long) bmc->guid[8]);
2388}
9c633317 2389static DEVICE_ATTR(guid, S_IRUGO, guid_show, NULL);
16639eb0
CM		 2390
2391static struct attribute *bmc_dev_attrs[] = {
2392 &dev_attr_device_id.attr,
2393 &dev_attr_provides_device_sdrs.attr,
2394 &dev_attr_revision.attr,
2395 &dev_attr_firmware_revision.attr,
2396 &dev_attr_ipmi_version.attr,
2397 &dev_attr_additional_device_support.attr,
2398 &dev_attr_manufacturer_id.attr,
2399 &dev_attr_product_id.attr,
2d06a0c9
TI		 2400 &dev_attr_aux_firmware_revision.attr,
2401 &dev_attr_guid.attr,
16639eb0
CM		 2402 NULL
2403};
50c812b2 2404
2d06a0c9
TI		 2405static umode_t bmc_dev_attr_is_visible(struct kobject *kobj,
2406 struct attribute *attr, int idx)
2407{
2408 struct device *dev = kobj_to_dev(kobj);
2409 struct bmc_device *bmc = to_bmc_device(dev);
2410 umode_t mode = attr->mode;
2411
2412 if (attr == &dev_attr_aux_firmware_revision.attr)
2413 return bmc->id.aux_firmware_revision_set ? mode : 0;
2414 if (attr == &dev_attr_guid.attr)
2415 return bmc->guid_set ? mode : 0;
2416 return mode;
2417}
2418
1e7a75f7 2419static const struct attribute_group bmc_dev_attr_group = {
16639eb0 2420 .attrs = bmc_dev_attrs,
2d06a0c9 2421 .is_visible = bmc_dev_attr_is_visible,
16639eb0 2422};
5e59393e 2423
16639eb0
CM		 2424static const struct attribute_group *bmc_dev_attr_groups[] = {
2425 &bmc_dev_attr_group,
2426 NULL
2427};
2428
1e7a75f7 2429static const struct device_type bmc_device_type = {
16639eb0
CM		 2430 .groups = bmc_dev_attr_groups,
2431};
2432
f33e4df8
CM		 2433static int __find_bmc_guid(struct device *dev, void *data)
2434{
2435 unsigned char *id = data;
2436 struct bmc_device *bmc = to_bmc_device(dev);
2437
2438 return memcmp(bmc->guid, id, 16) == 0;
2439}
2440
2441static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv,
2442 unsigned char *guid)
2443{
2444 struct device *dev;
2445
2446 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid);
2447 if (dev)
2448 return to_bmc_device(dev);
2449 else
2450 return NULL;
2451}
2452
2453struct prod_dev_id {
2454 unsigned int product_id;
2455 unsigned char device_id;
2456};
2457
2458static int __find_bmc_prod_dev_id(struct device *dev, void *data)
2459{
2460 struct prod_dev_id *id = data;
2461 struct bmc_device *bmc = to_bmc_device(dev);
2462
2463 return (bmc->id.product_id == id->product_id
2464 && bmc->id.device_id == id->device_id);
2465}
2466
2467static struct bmc_device *ipmi_find_bmc_prod_dev_id(
2468 struct device_driver *drv,
2469 unsigned int product_id, unsigned char device_id)
2470{
2471 struct prod_dev_id id = {
2472 .product_id = product_id,
2473 .device_id = device_id,
2474 };
2475 struct device *dev;
2476
2477 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id);
2478 if (dev)
2479 return to_bmc_device(dev);
2480 else
2481 return NULL;
2482}
2483
16639eb0
CM		 2484static void
2485release_bmc_device(struct device *dev)
2486{
2487 kfree(to_bmc_device(dev));
5e59393e
JG		 2488}
2489
2490static void
2491cleanup_bmc_device(struct kref *ref)
2492{
16639eb0 2493 struct bmc_device *bmc = container_of(ref, struct bmc_device, usecount);
5e59393e 2494
16639eb0 2495 platform_device_unregister(&bmc->pdev);
50c812b2
CM		 2496}
2497
2498static void ipmi_bmc_unregister(ipmi_smi_t intf)
2499{
2500 struct bmc_device *bmc = intf->bmc;
2501
5a0e10ec 2502 sysfs_remove_link(&intf->si_dev->kobj, "bmc");
50c812b2 2503 if (intf->my_dev_name) {
16639eb0 2504 sysfs_remove_link(&bmc->pdev.dev.kobj, intf->my_dev_name);
50c812b2
CM		 2505 kfree(intf->my_dev_name);
2506 intf->my_dev_name = NULL;
2507 }
2508
2509 mutex_lock(&ipmidriver_mutex);
16639eb0 2510 kref_put(&bmc->usecount, cleanup_bmc_device);
f0b55da0 2511 intf->bmc = NULL;
50c812b2
CM		 2512 mutex_unlock(&ipmidriver_mutex);
2513}
2514
5a0e10ec 2515static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum)
50c812b2
CM		 2516{
2517 int rv;
2518 struct bmc_device *bmc = intf->bmc;
2519 struct bmc_device *old_bmc;
50c812b2
CM		 2520
2521 mutex_lock(&ipmidriver_mutex);
2522
2523 /*
2524 * Try to find if there is an bmc_device struct
2525 * representing the interfaced BMC already
2526 */
2527 if (bmc->guid_set)
fe2d5ffc 2528 old_bmc = ipmi_find_bmc_guid(&ipmidriver.driver, bmc->guid);
50c812b2 2529 else
fe2d5ffc 2530 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver,
50c812b2
CM		 2531 bmc->id.product_id,
2532 bmc->id.device_id);
2533
2534 /*
2535 * If there is already an bmc_device, free the new one,
2536 * otherwise register the new BMC device
2537 */
2538 if (old_bmc) {
2539 kfree(bmc);
2540 intf->bmc = old_bmc;
2541 bmc = old_bmc;
2542
16639eb0 2543 kref_get(&bmc->usecount);
50c812b2
CM		 2544 mutex_unlock(&ipmidriver_mutex);
2545
2546 printk(KERN_INFO
2547 "ipmi: interfacing existing BMC (man_id: 0x%6.6x,"
2548 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2549 bmc->id.manufacturer_id,
2550 bmc->id.product_id,
2551 bmc->id.device_id);
2552 } else {
f0b55da0
CM		 2553 unsigned char orig_dev_id = bmc->id.device_id;
2554 int warn_printed = 0;
2555
16639eb0 2556 snprintf(bmc->name, sizeof(bmc->name),
f0b55da0 2557 "ipmi_bmc.%4.4x", bmc->id.product_id);
16639eb0 2558 bmc->pdev.name = bmc->name;
f0b55da0 2559
fe2d5ffc 2560 while (ipmi_find_bmc_prod_dev_id(&ipmidriver.driver,
f0b55da0 2561 bmc->id.product_id,
1d5636cc 2562 bmc->id.device_id)) {
f0b55da0
CM		 2563 if (!warn_printed) {
2564 printk(KERN_WARNING PFX
2565 "This machine has two different BMCs"
2566 " with the same product id and device"
2567 " id. This is an error in the"
2568 " firmware, but incrementing the"
2569 " device id to work around the problem."
2570 " Prod ID = 0x%x, Dev ID = 0x%x\n",
2571 bmc->id.product_id, bmc->id.device_id);
2572 warn_printed = 1;
2573 }
2574 bmc->id.device_id++; /* Wraps at 255 */
2575 if (bmc->id.device_id == orig_dev_id) {
2576 printk(KERN_ERR PFX
2577 "Out of device ids!\n");
2578 break;
2579 }
2580 }
2581
16639eb0
CM		 2582 bmc->pdev.dev.driver = &ipmidriver.driver;
2583 bmc->pdev.id = bmc->id.device_id;
2584 bmc->pdev.dev.release = release_bmc_device;
2585 bmc->pdev.dev.type = &bmc_device_type;
5a0e10ec 2586 kref_init(&bmc->usecount);
50c812b2 2587
16639eb0 2588 rv = platform_device_register(&bmc->pdev);
50c812b2
CM		 2589 mutex_unlock(&ipmidriver_mutex);
2590 if (rv) {
16639eb0 2591 put_device(&bmc->pdev.dev);
50c812b2
CM		 2592 printk(KERN_ERR
2593 "ipmi_msghandler:"
2594 " Unable to register bmc device: %d\n",
2595 rv);
c70d7499
CM		 2596 /*
2597 * Don't go to out_err, you can only do that if
2598 * the device is registered already.
2599 */
50c812b2
CM		 2600 return rv;
2601 }
2602
279fbd0c
MS		 2603 dev_info(intf->si_dev, "Found new BMC (man_id: 0x%6.6x, "
2604 "prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2605 bmc->id.manufacturer_id,
2606 bmc->id.product_id,
2607 bmc->id.device_id);
50c812b2
CM		 2608 }
2609
2610 /*
2611 * create symlink from system interface device to bmc device
2612 * and back.
2613 */
5a0e10ec 2614 rv = sysfs_create_link(&intf->si_dev->kobj, &bmc->pdev.dev.kobj, "bmc");
50c812b2
CM		 2615 if (rv) {
2616 printk(KERN_ERR
2617 "ipmi_msghandler: Unable to create bmc symlink: %d\n",
2618 rv);
2619 goto out_err;
2620 }
2621
16639eb0 2622 intf->my_dev_name = kasprintf(GFP_KERNEL, "ipmi%d", ifnum);
50c812b2
CM		 2623 if (!intf->my_dev_name) {
2624 rv = -ENOMEM;
2625 printk(KERN_ERR
2626 "ipmi_msghandler: allocate link from BMC: %d\n",
2627 rv);
2628 goto out_err;
2629 }
50c812b2 2630
16639eb0 2631 rv = sysfs_create_link(&bmc->pdev.dev.kobj, &intf->si_dev->kobj,
50c812b2
CM		 2632 intf->my_dev_name);
2633 if (rv) {
2634 kfree(intf->my_dev_name);
2635 intf->my_dev_name = NULL;
2636 printk(KERN_ERR
2637 "ipmi_msghandler:"
2638 " Unable to create symlink to bmc: %d\n",
2639 rv);
2640 goto out_err;
2641 }
2642
2643 return 0;
2644
2645out_err:
2646 ipmi_bmc_unregister(intf);
2647 return rv;
2648}
2649
2650static int
2651send_guid_cmd(ipmi_smi_t intf, int chan)
2652{
2653 struct kernel_ipmi_msg msg;
2654 struct ipmi_system_interface_addr si;
2655
2656 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2657 si.channel = IPMI_BMC_CHANNEL;
2658 si.lun = 0;
2659
2660 msg.netfn = IPMI_NETFN_APP_REQUEST;
2661 msg.cmd = IPMI_GET_DEVICE_GUID_CMD;
2662 msg.data = NULL;
2663 msg.data_len = 0;
2664 return i_ipmi_request(NULL,
2665 intf,
2666 (struct ipmi_addr *) &si,
2667 0,
2668 &msg,
2669 intf,
2670 NULL,
2671 NULL,
2672 0,
2673 intf->channels[0].address,
2674 intf->channels[0].lun,
2675 -1, 0);
2676}
2677
2678static void
2679guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
2680{
2681 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2682 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
2683 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD))
2684 /* Not for me */
2685 return;
2686
2687 if (msg->msg.data[0] != 0) {
2688 /* Error from getting the GUID, the BMC doesn't have one. */
2689 intf->bmc->guid_set = 0;
2690 goto out;
2691 }
2692
2693 if (msg->msg.data_len < 17) {
2694 intf->bmc->guid_set = 0;
2695 printk(KERN_WARNING PFX
2696 "guid_handler: The GUID response from the BMC was too"
2697 " short, it was %d but should have been 17. Assuming"
2698 " GUID is not available.\n",
2699 msg->msg.data_len);
2700 goto out;
2701 }
2702
72630d9a 2703 memcpy(intf->bmc->guid, msg->msg.data + 1, 16);
50c812b2
CM		 2704 intf->bmc->guid_set = 1;
2705 out:
2706 wake_up(&intf->waitq);
2707}
2708
2709static void
2710get_guid(ipmi_smi_t intf)
2711{
2712 int rv;
2713
2714 intf->bmc->guid_set = 0x2;
2715 intf->null_user_handler = guid_handler;
2716 rv = send_guid_cmd(intf, 0);
2717 if (rv)
2718 /* Send failed, no GUID available. */
2719 intf->bmc->guid_set = 0;
2720 wait_event(intf->waitq, intf->bmc->guid_set != 2);
2721 intf->null_user_handler = NULL;
2722}
2723
1da177e4
LT		 2724static int
2725send_channel_info_cmd(ipmi_smi_t intf, int chan)
2726{
2727 struct kernel_ipmi_msg msg;
2728 unsigned char data[1];
2729 struct ipmi_system_interface_addr si;
2730
2731 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2732 si.channel = IPMI_BMC_CHANNEL;
2733 si.lun = 0;
2734
2735 msg.netfn = IPMI_NETFN_APP_REQUEST;
2736 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
2737 msg.data = data;
2738 msg.data_len = 1;
2739 data[0] = chan;
2740 return i_ipmi_request(NULL,
2741 intf,
2742 (struct ipmi_addr *) &si,
2743 0,
2744 &msg,
56a55ec6 2745 intf,
1da177e4
LT		 2746 NULL,
2747 NULL,
2748 0,
c14979b9
CM		 2749 intf->channels[0].address,
2750 intf->channels[0].lun,
1da177e4
LT		 2751 -1, 0);
2752}
2753
2754static void
56a55ec6 2755channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4
LT		 2756{
2757 int rv = 0;
2758 int chan;
2759
56a55ec6
CM		 2760 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2761 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
c70d7499 2762 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) {
1da177e4 2763 /* It's the one we want */
56a55ec6 2764 if (msg->msg.data[0] != 0) {
1da177e4
LT		 2765 /* Got an error from the channel, just go on. */
2766
56a55ec6 2767 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
c70d7499
CM		 2768 /*
2769 * If the MC does not support this
2770 * command, that is legal. We just
2771 * assume it has one IPMB at channel
2772 * zero.
2773 */
1da177e4
LT		 2774 intf->channels[0].medium
2775 = IPMI_CHANNEL_MEDIUM_IPMB;
2776 intf->channels[0].protocol
2777 = IPMI_CHANNEL_PROTOCOL_IPMB;
1da177e4
LT		 2778
2779 intf->curr_channel = IPMI_MAX_CHANNELS;
2780 wake_up(&intf->waitq);
2781 goto out;
2782 }
2783 goto next_channel;
2784 }
56a55ec6 2785 if (msg->msg.data_len < 4) {
1da177e4
LT		 2786 /* Message not big enough, just go on. */
2787 goto next_channel;
2788 }
2789 chan = intf->curr_channel;
56a55ec6
CM		 2790 intf->channels[chan].medium = msg->msg.data[2] & 0x7f;
2791 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f;
1da177e4 2792
c70d7499 2793 next_channel:
1da177e4
LT		 2794 intf->curr_channel++;
2795 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
2796 wake_up(&intf->waitq);
2797 else
2798 rv = send_channel_info_cmd(intf, intf->curr_channel);
2799
2800 if (rv) {
2801 /* Got an error somehow, just give up. */
1f668423
CM		 2802 printk(KERN_WARNING PFX
2803 "Error sending channel information for channel"
2804 " %d: %d\n", intf->curr_channel, rv);
2805
1da177e4
LT		 2806 intf->curr_channel = IPMI_MAX_CHANNELS;
2807 wake_up(&intf->waitq);
1da177e4
LT		 2808 }
2809 }
2810 out:
2811 return;
2812}
2813
895dcfd1 2814static void ipmi_poll(ipmi_smi_t intf)
fcfa4724 2815{
fcfa4724
CM		 2816 if (intf->handlers->poll)
2817 intf->handlers->poll(intf->send_info);
7adf579c
CM		 2818 /* In case something came in */
2819 handle_new_recv_msgs(intf);
fcfa4724 2820}
895dcfd1
CM		 2821
2822void ipmi_poll_interface(ipmi_user_t user)
2823{
2824 ipmi_poll(user->intf);
fcfa4724 2825}
c70d7499 2826EXPORT_SYMBOL(ipmi_poll_interface);
fcfa4724 2827
81d02b7f 2828int ipmi_register_smi(const struct ipmi_smi_handlers *handlers,
1da177e4 2829 void *send_info,
50c812b2
CM		 2830 struct ipmi_device_id *device_id,
2831 struct device *si_dev,
453823ba 2832 unsigned char slave_addr)
1da177e4
LT		 2833{
2834 int i, j;
2835 int rv;
393d2cc3 2836 ipmi_smi_t intf;
bca0324d 2837 ipmi_smi_t tintf;
bca0324d 2838 struct list_head *link;
1da177e4 2839
c70d7499
CM		 2840 /*
2841 * Make sure the driver is actually initialized, this handles
2842 * problems with initialization order.
2843 */
1da177e4
LT		 2844 if (!initialized) {
2845 rv = ipmi_init_msghandler();
2846 if (rv)
2847 return rv;
c70d7499
CM		 2848 /*
2849 * The init code doesn't return an error if it was turned
2850 * off, but it won't initialize. Check that.
2851 */
1da177e4
LT		 2852 if (!initialized)
2853 return -ENODEV;
2854 }
2855
dd00cc48 2856 intf = kzalloc(sizeof(*intf), GFP_KERNEL);
393d2cc3 2857 if (!intf)
1da177e4 2858 return -ENOMEM;
b2c03941
CM		 2859
2860 intf->ipmi_version_major = ipmi_version_major(device_id);
2861 intf->ipmi_version_minor = ipmi_version_minor(device_id);
2862
50c812b2
CM		 2863 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL);
2864 if (!intf->bmc) {
2865 kfree(intf);
2866 return -ENOMEM;
2867 }
bca0324d 2868 intf->intf_num = -1; /* Mark it invalid for now. */
393d2cc3 2869 kref_init(&intf->refcount);
50c812b2
CM		 2870 intf->bmc->id = *device_id;
2871 intf->si_dev = si_dev;
393d2cc3
CM		 2872 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
2873 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR;
2874 intf->channels[j].lun = 2;
2875 }
2876 if (slave_addr != 0)
2877 intf->channels[0].address = slave_addr;
2878 INIT_LIST_HEAD(&intf->users);
2879 intf->handlers = handlers;
2880 intf->send_info = send_info;
2881 spin_lock_init(&intf->seq_lock);
2882 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
2883 intf->seq_table[j].inuse = 0;
2884 intf->seq_table[j].seqid = 0;
2885 }
2886 intf->curr_seq = 0;
2887#ifdef CONFIG_PROC_FS
ac019151 2888 mutex_init(&intf->proc_entry_lock);
393d2cc3 2889#endif
65be7544
CM		 2890 spin_lock_init(&intf->waiting_rcv_msgs_lock);
2891 INIT_LIST_HEAD(&intf->waiting_rcv_msgs);
7adf579c
CM		 2892 tasklet_init(&intf->recv_tasklet,
2893 smi_recv_tasklet,
2894 (unsigned long) intf);
2895 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 0);
7ea0ed2b
CM		 2896 spin_lock_init(&intf->xmit_msgs_lock);
2897 INIT_LIST_HEAD(&intf->xmit_msgs);
2898 INIT_LIST_HEAD(&intf->hp_xmit_msgs);
393d2cc3 2899 spin_lock_init(&intf->events_lock);
89986496
CM		 2900 atomic_set(&intf->event_waiters, 0);
2901 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
393d2cc3
CM		 2902 INIT_LIST_HEAD(&intf->waiting_events);
2903 intf->waiting_events_count = 0;
d6dfd131 2904 mutex_init(&intf->cmd_rcvrs_mutex);
b9675136 2905 spin_lock_init(&intf->maintenance_mode_lock);
393d2cc3
CM		 2906 INIT_LIST_HEAD(&intf->cmd_rcvrs);
2907 init_waitqueue_head(&intf->waitq);
b2655f26
KB		 2908 for (i = 0; i < IPMI_NUM_STATS; i++)
2909 atomic_set(&intf->stats[i], 0);
393d2cc3 2910
393d2cc3 2911 intf->proc_dir = NULL;
1da177e4 2912
b2c03941 2913 mutex_lock(&smi_watchers_mutex);
bca0324d
CM		 2914 mutex_lock(&ipmi_interfaces_mutex);
2915 /* Look for a hole in the numbers. */
2916 i = 0;
2917 link = &ipmi_interfaces;
2918 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) {
2919 if (tintf->intf_num != i) {
2920 link = &tintf->link;
1da177e4
LT		 2921 break;
2922 }
bca0324d 2923 i++;
1da177e4 2924 }
bca0324d
CM		 2925 /* Add the new interface in numeric order. */
2926 if (i == 0)
2927 list_add_rcu(&intf->link, &ipmi_interfaces);
2928 else
2929 list_add_tail_rcu(&intf->link, link);
1da177e4 2930
453823ba
CM		 2931 rv = handlers->start_processing(send_info, intf);
2932 if (rv)
2933 goto out;
1da177e4 2934
50c812b2
CM		 2935 get_guid(intf);
2936
b2c03941 2937 if ((intf->ipmi_version_major > 1)
c70d7499
CM		 2938 || ((intf->ipmi_version_major == 1)
2939 && (intf->ipmi_version_minor >= 5))) {
2940 /*
2941 * Start scanning the channels to see what is
2942 * available.
2943 */
393d2cc3
CM		 2944 intf->null_user_handler = channel_handler;
2945 intf->curr_channel = 0;
2946 rv = send_channel_info_cmd(intf, 0);
1f668423
CM		 2947 if (rv) {
2948 printk(KERN_WARNING PFX
2949 "Error sending channel information for channel"
2950 " 0, %d\n", rv);
393d2cc3 2951 goto out;
1f668423 2952 }
1da177e4 2953
393d2cc3
CM		 2954 /* Wait for the channel info to be read. */
2955 wait_event(intf->waitq,
2956 intf->curr_channel >= IPMI_MAX_CHANNELS);
50c812b2 2957 intf->null_user_handler = NULL;
393d2cc3
CM		 2958 } else {
2959 /* Assume a single IPMB channel at zero. */
2960 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
2961 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
9a2845c4 2962 intf->curr_channel = IPMI_MAX_CHANNELS;
1da177e4
LT		 2963 }
2964
bd85f4b3
XX		 2965 rv = ipmi_bmc_register(intf, i);
2966
393d2cc3
CM		 2967 if (rv == 0)
2968 rv = add_proc_entries(intf, i);
1da177e4 2969
393d2cc3 2970 out:
1da177e4 2971 if (rv) {
393d2cc3
CM		 2972 if (intf->proc_dir)
2973 remove_proc_entries(intf);
b2c03941 2974 intf->handlers = NULL;
bca0324d
CM		 2975 list_del_rcu(&intf->link);
2976 mutex_unlock(&ipmi_interfaces_mutex);
b2c03941 2977 mutex_unlock(&smi_watchers_mutex);
bca0324d 2978 synchronize_rcu();
393d2cc3 2979 kref_put(&intf->refcount, intf_free);
393d2cc3 2980 } else {
78ba2faf
CM		 2981 /*
2982 * Keep memory order straight for RCU readers. Make
2983 * sure everything else is committed to memory before
2984 * setting intf_num to mark the interface valid.
2985 */
2986 smp_wmb();
bca0324d
CM		 2987 intf->intf_num = i;
2988 mutex_unlock(&ipmi_interfaces_mutex);
78ba2faf 2989 /* After this point the interface is legal to use. */
50c812b2 2990 call_smi_watchers(i, intf->si_dev);
b2c03941 2991 mutex_unlock(&smi_watchers_mutex);
1da177e4
LT		 2992 }
2993
2994 return rv;
2995}
c70d7499 2996EXPORT_SYMBOL(ipmi_register_smi);
1da177e4 2997
7ea0ed2b
CM		 2998static void deliver_smi_err_response(ipmi_smi_t intf,
2999 struct ipmi_smi_msg *msg,
3000 unsigned char err)
3001{
3002 msg->rsp[0] = msg->data[0] | 4;
3003 msg->rsp[1] = msg->data[1];
3004 msg->rsp[2] = err;
3005 msg->rsp_size = 3;
3006 /* It's an error, so it will never requeue, no need to check return. */
3007 handle_one_recv_msg(intf, msg);
3008}
3009
b2c03941
CM		 3010static void cleanup_smi_msgs(ipmi_smi_t intf)
3011{
3012 int i;
3013 struct seq_table *ent;
7ea0ed2b
CM		 3014 struct ipmi_smi_msg *msg;
3015 struct list_head *entry;
3016 struct list_head tmplist;
3017
3018 /* Clear out our transmit queues and hold the messages. */
3019 INIT_LIST_HEAD(&tmplist);
3020 list_splice_tail(&intf->hp_xmit_msgs, &tmplist);
3021 list_splice_tail(&intf->xmit_msgs, &tmplist);
3022
3023 /* Current message first, to preserve order */
3024 while (intf->curr_msg && !list_empty(&intf->waiting_rcv_msgs)) {
3025 /* Wait for the message to clear out. */
3026 schedule_timeout(1);
3027 }
b2c03941
CM		 3028
3029 /* No need for locks, the interface is down. */
7ea0ed2b
CM		 3030
3031 /*
3032 * Return errors for all pending messages in queue and in the
3033 * tables waiting for remote responses.
3034 */
3035 while (!list_empty(&tmplist)) {
3036 entry = tmplist.next;
3037 list_del(entry);
3038 msg = list_entry(entry, struct ipmi_smi_msg, link);
3039 deliver_smi_err_response(intf, msg, IPMI_ERR_UNSPECIFIED);
3040 }
3041
b2c03941
CM		 3042 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
3043 ent = &(intf->seq_table[i]);
3044 if (!ent->inuse)
3045 continue;
3046 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED);
3047 }
3048}
3049
1da177e4
LT		 3050int ipmi_unregister_smi(ipmi_smi_t intf)
3051{
1da177e4 3052 struct ipmi_smi_watcher *w;
7ea0ed2b
CM		 3053 int intf_num = intf->intf_num;
3054 ipmi_user_t user;
1da177e4 3055
b2c03941 3056 mutex_lock(&smi_watchers_mutex);
bca0324d 3057 mutex_lock(&ipmi_interfaces_mutex);
b2c03941 3058 intf->intf_num = -1;
7ea0ed2b 3059 intf->in_shutdown = true;
bca0324d
CM		 3060 list_del_rcu(&intf->link);
3061 mutex_unlock(&ipmi_interfaces_mutex);
3062 synchronize_rcu();
1da177e4 3063
b2c03941
CM		 3064 cleanup_smi_msgs(intf);
3065
7ea0ed2b
CM		 3066 /* Clean up the effects of users on the lower-level software. */
3067 mutex_lock(&ipmi_interfaces_mutex);
3068 rcu_read_lock();
3069 list_for_each_entry_rcu(user, &intf->users, link) {
3070 module_put(intf->handlers->owner);
3071 if (intf->handlers->dec_usecount)
3072 intf->handlers->dec_usecount(intf->send_info);
3073 }
3074 rcu_read_unlock();
3075 intf->handlers = NULL;
3076 mutex_unlock(&ipmi_interfaces_mutex);
3077
393d2cc3 3078 remove_proc_entries(intf);
bd85f4b3 3079 ipmi_bmc_unregister(intf);
1da177e4 3080
c70d7499
CM		 3081 /*
3082 * Call all the watcher interfaces to tell them that
3083 * an interface is gone.
3084 */
393d2cc3 3085 list_for_each_entry(w, &smi_watchers, link)
b2c03941
CM		 3086 w->smi_gone(intf_num);
3087 mutex_unlock(&smi_watchers_mutex);
393d2cc3 3088
393d2cc3 3089 kref_put(&intf->refcount, intf_free);
1da177e4
LT		 3090 return 0;
3091}
c70d7499 3092EXPORT_SYMBOL(ipmi_unregister_smi);
1da177e4
LT		 3093
3094static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
3095 struct ipmi_smi_msg *msg)
3096{
3097 struct ipmi_ipmb_addr ipmb_addr;
3098 struct ipmi_recv_msg *recv_msg;
1da177e4 3099
c70d7499
CM		 3100 /*
3101 * This is 11, not 10, because the response must contain a
3102 * completion code.
3103 */
1da177e4
LT		 3104 if (msg->rsp_size < 11) {
3105 /* Message not big enough, just ignore it. */
b2655f26 3106 ipmi_inc_stat(intf, invalid_ipmb_responses);
1da177e4
LT		 3107 return 0;
3108 }
3109
3110 if (msg->rsp[2] != 0) {
3111 /* An error getting the response, just ignore it. */
3112 return 0;
3113 }
3114
3115 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
3116 ipmb_addr.slave_addr = msg->rsp[6];
3117 ipmb_addr.channel = msg->rsp[3] & 0x0f;
3118 ipmb_addr.lun = msg->rsp[7] & 3;
3119
c70d7499
CM		 3120 /*
3121 * It's a response from a remote entity. Look up the sequence
3122 * number and handle the response.
3123 */
1da177e4
LT		 3124 if (intf_find_seq(intf,
3125 msg->rsp[7] >> 2,
3126 msg->rsp[3] & 0x0f,
3127 msg->rsp[8],
3128 (msg->rsp[4] >> 2) & (~1),
3129 (struct ipmi_addr *) &(ipmb_addr),
c70d7499
CM		 3130 &recv_msg)) {
3131 /*
3132 * We were unable to find the sequence number,
3133 * so just nuke the message.
3134 */
b2655f26 3135 ipmi_inc_stat(intf, unhandled_ipmb_responses);
1da177e4
LT		 3136 return 0;
3137 }
3138
3139 memcpy(recv_msg->msg_data,
3140 &(msg->rsp[9]),
3141 msg->rsp_size - 9);
c70d7499
CM		 3142 /*
3143 * The other fields matched, so no need to set them, except
3144 * for netfn, which needs to be the response that was
3145 * returned, not the request value.
3146 */
1da177e4
LT		 3147 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3148 recv_msg->msg.data = recv_msg->msg_data;
3149 recv_msg->msg.data_len = msg->rsp_size - 10;
3150 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
b2655f26 3151 ipmi_inc_stat(intf, handled_ipmb_responses);
1da177e4
LT		 3152 deliver_response(recv_msg);
3153
3154 return 0;
3155}
3156
3157static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
3158 struct ipmi_smi_msg *msg)
3159{
393d2cc3
CM		 3160 struct cmd_rcvr *rcvr;
3161 int rv = 0;
3162 unsigned char netfn;
3163 unsigned char cmd;
c69c3127 3164 unsigned char chan;
393d2cc3
CM		 3165 ipmi_user_t user = NULL;
3166 struct ipmi_ipmb_addr *ipmb_addr;
3167 struct ipmi_recv_msg *recv_msg;
1da177e4
LT		 3168
3169 if (msg->rsp_size < 10) {
3170 /* Message not big enough, just ignore it. */
b2655f26 3171 ipmi_inc_stat(intf, invalid_commands);
1da177e4
LT		 3172 return 0;
3173 }
3174
3175 if (msg->rsp[2] != 0) {
3176 /* An error getting the response, just ignore it. */
3177 return 0;
3178 }
3179
3180 netfn = msg->rsp[4] >> 2;
3181 cmd = msg->rsp[8];
c69c3127 3182 chan = msg->rsp[3] & 0xf;
1da177e4 3183
e61fb5b6 3184 rcu_read_lock();
c69c3127 3185 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
393d2cc3
CM		 3186 if (rcvr) {
3187 user = rcvr->user;
3188 kref_get(&user->refcount);
3189 } else
3190 user = NULL;
e61fb5b6 3191 rcu_read_unlock();
1da177e4
LT		 3192
3193 if (user == NULL) {
3194 /* We didn't find a user, deliver an error response. */
b2655f26 3195 ipmi_inc_stat(intf, unhandled_commands);
1da177e4
LT		 3196
3197 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
3198 msg->data[1] = IPMI_SEND_MSG_CMD;
3199 msg->data[2] = msg->rsp[3];
3200 msg->data[3] = msg->rsp[6];
c70d7499 3201 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
1da177e4 3202 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
c14979b9 3203 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address;
c70d7499
CM		 3204 /* rqseq/lun */
3205 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
1da177e4
LT		 3206 msg->data[8] = msg->rsp[8]; /* cmd */
3207 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
3208 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
3209 msg->data_size = 11;
3210
3211#ifdef DEBUG_MSGING
3212 {
3213 int m;
3214 printk("Invalid command:");
e8b33617 3215 for (m = 0; m < msg->data_size; m++)
1da177e4
LT		 3216 printk(" %2.2x", msg->data[m]);
3217 printk("\n");
3218 }
3219#endif
b2c03941 3220 rcu_read_lock();
7ea0ed2b
CM		 3221 if (!intf->in_shutdown) {
3222 smi_send(intf, intf->handlers, msg, 0);
c70d7499
CM		 3223 /*
3224 * We used the message, so return the value
3225 * that causes it to not be freed or
3226 * queued.
3227 */
b2c03941
CM		 3228 rv = -1;
3229 }
3230 rcu_read_unlock();
1da177e4
LT		 3231 } else {
3232 /* Deliver the message to the user. */
b2655f26 3233 ipmi_inc_stat(intf, handled_commands);
1da177e4
LT		 3234
3235 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3236 if (!recv_msg) {
c70d7499
CM		 3237 /*
3238 * We couldn't allocate memory for the
3239 * message, so requeue it for handling
3240 * later.
3241 */
1da177e4 3242 rv = 1;
393d2cc3 3243 kref_put(&user->refcount, free_user);
1da177e4
LT		 3244 } else {
3245 /* Extract the source address from the data. */
3246 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
3247 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
3248 ipmb_addr->slave_addr = msg->rsp[6];
3249 ipmb_addr->lun = msg->rsp[7] & 3;
3250 ipmb_addr->channel = msg->rsp[3] & 0xf;
3251
c70d7499
CM		 3252 /*
3253 * Extract the rest of the message information
3254 * from the IPMB header.
3255 */
1da177e4
LT		 3256 recv_msg->user = user;
3257 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3258 recv_msg->msgid = msg->rsp[7] >> 2;
3259 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3260 recv_msg->msg.cmd = msg->rsp[8];
3261 recv_msg->msg.data = recv_msg->msg_data;
3262
c70d7499
CM		 3263 /*
3264 * We chop off 10, not 9 bytes because the checksum
3265 * at the end also needs to be removed.
3266 */
1da177e4
LT		 3267 recv_msg->msg.data_len = msg->rsp_size - 10;
3268 memcpy(recv_msg->msg_data,
3269 &(msg->rsp[9]),
3270 msg->rsp_size - 10);
3271 deliver_response(recv_msg);
3272 }
3273 }
3274
3275 return rv;
3276}
3277
3278static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
3279 struct ipmi_smi_msg *msg)
3280{
3281 struct ipmi_lan_addr lan_addr;
3282 struct ipmi_recv_msg *recv_msg;
1da177e4
LT		 3283
3284
c70d7499
CM		 3285 /*
3286 * This is 13, not 12, because the response must contain a
3287 * completion code.
3288 */
1da177e4
LT		 3289 if (msg->rsp_size < 13) {
3290 /* Message not big enough, just ignore it. */
b2655f26 3291 ipmi_inc_stat(intf, invalid_lan_responses);
1da177e4
LT		 3292 return 0;
3293 }
3294
3295 if (msg->rsp[2] != 0) {
3296 /* An error getting the response, just ignore it. */
3297 return 0;
3298 }
3299
3300 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
3301 lan_addr.session_handle = msg->rsp[4];
3302 lan_addr.remote_SWID = msg->rsp[8];
3303 lan_addr.local_SWID = msg->rsp[5];
3304 lan_addr.channel = msg->rsp[3] & 0x0f;
3305 lan_addr.privilege = msg->rsp[3] >> 4;
3306 lan_addr.lun = msg->rsp[9] & 3;
3307
c70d7499
CM		 3308 /*
3309 * It's a response from a remote entity. Look up the sequence
3310 * number and handle the response.
3311 */
1da177e4
LT		 3312 if (intf_find_seq(intf,
3313 msg->rsp[9] >> 2,
3314 msg->rsp[3] & 0x0f,
3315 msg->rsp[10],
3316 (msg->rsp[6] >> 2) & (~1),
3317 (struct ipmi_addr *) &(lan_addr),
c70d7499
CM		 3318 &recv_msg)) {
3319 /*
3320 * We were unable to find the sequence number,
3321 * so just nuke the message.
3322 */
b2655f26 3323 ipmi_inc_stat(intf, unhandled_lan_responses);
1da177e4
LT		 3324 return 0;
3325 }
3326
3327 memcpy(recv_msg->msg_data,
3328 &(msg->rsp[11]),
3329 msg->rsp_size - 11);
c70d7499
CM		 3330 /*
3331 * The other fields matched, so no need to set them, except
3332 * for netfn, which needs to be the response that was
3333 * returned, not the request value.
3334 */
1da177e4
LT		 3335 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3336 recv_msg->msg.data = recv_msg->msg_data;
3337 recv_msg->msg.data_len = msg->rsp_size - 12;
3338 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
b2655f26 3339 ipmi_inc_stat(intf, handled_lan_responses);
1da177e4
LT		 3340 deliver_response(recv_msg);
3341
3342 return 0;
3343}
3344
3345static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
3346 struct ipmi_smi_msg *msg)
3347{
393d2cc3
CM		 3348 struct cmd_rcvr *rcvr;
3349 int rv = 0;
3350 unsigned char netfn;
3351 unsigned char cmd;
c69c3127 3352 unsigned char chan;
393d2cc3
CM		 3353 ipmi_user_t user = NULL;
3354 struct ipmi_lan_addr *lan_addr;
3355 struct ipmi_recv_msg *recv_msg;
1da177e4
LT		 3356
3357 if (msg->rsp_size < 12) {
3358 /* Message not big enough, just ignore it. */
b2655f26 3359 ipmi_inc_stat(intf, invalid_commands);
1da177e4
LT		 3360 return 0;
3361 }
3362
3363 if (msg->rsp[2] != 0) {
3364 /* An error getting the response, just ignore it. */
3365 return 0;
3366 }
3367
3368 netfn = msg->rsp[6] >> 2;
3369 cmd = msg->rsp[10];
c69c3127 3370 chan = msg->rsp[3] & 0xf;
1da177e4 3371
e61fb5b6 3372 rcu_read_lock();
c69c3127 3373 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
393d2cc3
CM		 3374 if (rcvr) {
3375 user = rcvr->user;
3376 kref_get(&user->refcount);
3377 } else
3378 user = NULL;
e61fb5b6 3379 rcu_read_unlock();
1da177e4
LT		 3380
3381 if (user == NULL) {
393d2cc3 3382 /* We didn't find a user, just give up. */
b2655f26 3383 ipmi_inc_stat(intf, unhandled_commands);
1da177e4 3384
c70d7499
CM		 3385 /*
3386 * Don't do anything with these messages, just allow
3387 * them to be freed.
3388 */
3389 rv = 0;
1da177e4
LT		 3390 } else {
3391 /* Deliver the message to the user. */
b2655f26 3392 ipmi_inc_stat(intf, handled_commands);
1da177e4
LT		 3393
3394 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3395 if (!recv_msg) {
c70d7499
CM		 3396 /*
3397 * We couldn't allocate memory for the
3398 * message, so requeue it for handling later.
3399 */
1da177e4 3400 rv = 1;
393d2cc3 3401 kref_put(&user->refcount, free_user);
1da177e4
LT		 3402 } else {
3403 /* Extract the source address from the data. */
3404 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
3405 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
3406 lan_addr->session_handle = msg->rsp[4];
3407 lan_addr->remote_SWID = msg->rsp[8];
3408 lan_addr->local_SWID = msg->rsp[5];
3409 lan_addr->lun = msg->rsp[9] & 3;
3410 lan_addr->channel = msg->rsp[3] & 0xf;
3411 lan_addr->privilege = msg->rsp[3] >> 4;
3412
c70d7499
CM		 3413 /*
3414 * Extract the rest of the message information
3415 * from the IPMB header.
3416 */
1da177e4
LT		 3417 recv_msg->user = user;
3418 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3419 recv_msg->msgid = msg->rsp[9] >> 2;
3420 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3421 recv_msg->msg.cmd = msg->rsp[10];
3422 recv_msg->msg.data = recv_msg->msg_data;
3423
c70d7499
CM		 3424 /*
3425 * We chop off 12, not 11 bytes because the checksum
3426 * at the end also needs to be removed.
3427 */
1da177e4
LT		 3428 recv_msg->msg.data_len = msg->rsp_size - 12;
3429 memcpy(recv_msg->msg_data,
3430 &(msg->rsp[11]),
3431 msg->rsp_size - 12);
3432 deliver_response(recv_msg);
3433 }
3434 }
3435
3436 return rv;
3437}
3438
4dec302f 3439/*
3440 * This routine will handle "Get Message" command responses with
3441 * channels that use an OEM Medium. The message format belongs to
3442 * the OEM. See IPMI 2.0 specification, Chapter 6 and
3443 * Chapter 22, sections 22.6 and 22.24 for more details.
3444 */
3445static int handle_oem_get_msg_cmd(ipmi_smi_t intf,
3446 struct ipmi_smi_msg *msg)
3447{
3448 struct cmd_rcvr *rcvr;
3449 int rv = 0;
3450 unsigned char netfn;
3451 unsigned char cmd;
3452 unsigned char chan;
3453 ipmi_user_t user = NULL;
3454 struct ipmi_system_interface_addr *smi_addr;
3455 struct ipmi_recv_msg *recv_msg;
3456
3457 /*
3458 * We expect the OEM SW to perform error checking
3459 * so we just do some basic sanity checks
3460 */
3461 if (msg->rsp_size < 4) {
3462 /* Message not big enough, just ignore it. */
3463 ipmi_inc_stat(intf, invalid_commands);
3464 return 0;
3465 }
3466
3467 if (msg->rsp[2] != 0) {
3468 /* An error getting the response, just ignore it. */
3469 return 0;
3470 }
3471
3472 /*
3473 * This is an OEM Message so the OEM needs to know how
3474 * handle the message. We do no interpretation.
3475 */
3476 netfn = msg->rsp[0] >> 2;
3477 cmd = msg->rsp[1];
3478 chan = msg->rsp[3] & 0xf;
3479
3480 rcu_read_lock();
3481 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3482 if (rcvr) {
3483 user = rcvr->user;
3484 kref_get(&user->refcount);
3485 } else
3486 user = NULL;
3487 rcu_read_unlock();
3488
3489 if (user == NULL) {
3490 /* We didn't find a user, just give up. */
3491 ipmi_inc_stat(intf, unhandled_commands);
3492
3493 /*
3494 * Don't do anything with these messages, just allow
3495 * them to be freed.
3496 */
3497
3498 rv = 0;
3499 } else {
3500 /* Deliver the message to the user. */
3501 ipmi_inc_stat(intf, handled_commands);
3502
3503 recv_msg = ipmi_alloc_recv_msg();
3504 if (!recv_msg) {
3505 /*
3506 * We couldn't allocate memory for the
3507 * message, so requeue it for handling
3508 * later.
3509 */
3510 rv = 1;
3511 kref_put(&user->refcount, free_user);
3512 } else {
3513 /*
3514 * OEM Messages are expected to be delivered via
3515 * the system interface to SMS software. We might
3516 * need to visit this again depending on OEM
3517 * requirements
3518 */
3519 smi_addr = ((struct ipmi_system_interface_addr *)
3520 &(recv_msg->addr));
3521 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3522 smi_addr->channel = IPMI_BMC_CHANNEL;
3523 smi_addr->lun = msg->rsp[0] & 3;
3524
3525 recv_msg->user = user;
3526 recv_msg->user_msg_data = NULL;
3527 recv_msg->recv_type = IPMI_OEM_RECV_TYPE;
3528 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3529 recv_msg->msg.cmd = msg->rsp[1];
3530 recv_msg->msg.data = recv_msg->msg_data;
3531
3532 /*
3533 * The message starts at byte 4 which follows the
3534 * the Channel Byte in the "GET MESSAGE" command
3535 */
3536 recv_msg->msg.data_len = msg->rsp_size - 4;
3537 memcpy(recv_msg->msg_data,
3538 &(msg->rsp[4]),
3539 msg->rsp_size - 4);
3540 deliver_response(recv_msg);
3541 }
3542 }
3543
3544 return rv;
3545}
3546
1da177e4
LT		 3547static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
3548 struct ipmi_smi_msg *msg)
3549{
3550 struct ipmi_system_interface_addr *smi_addr;
c70d7499 3551
1da177e4
LT		 3552 recv_msg->msgid = 0;
3553 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
3554 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3555 smi_addr->channel = IPMI_BMC_CHANNEL;
3556 smi_addr->lun = msg->rsp[0] & 3;
3557 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
3558 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3559 recv_msg->msg.cmd = msg->rsp[1];
3560 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
3561 recv_msg->msg.data = recv_msg->msg_data;
3562 recv_msg->msg.data_len = msg->rsp_size - 3;
3563}
3564
1da177e4
LT		 3565static int handle_read_event_rsp(ipmi_smi_t intf,
3566 struct ipmi_smi_msg *msg)
3567{
3568 struct ipmi_recv_msg *recv_msg, *recv_msg2;
3569 struct list_head msgs;
3570 ipmi_user_t user;
3571 int rv = 0;
3572 int deliver_count = 0;
3573 unsigned long flags;
3574
3575 if (msg->rsp_size < 19) {
3576 /* Message is too small to be an IPMB event. */
b2655f26 3577 ipmi_inc_stat(intf, invalid_events);
1da177e4
LT		 3578 return 0;
3579 }
3580
3581 if (msg->rsp[2] != 0) {
3582 /* An error getting the event, just ignore it. */
3583 return 0;
3584 }
3585
3586 INIT_LIST_HEAD(&msgs);
3587
393d2cc3 3588 spin_lock_irqsave(&intf->events_lock, flags);
1da177e4 3589
b2655f26 3590 ipmi_inc_stat(intf, events);
1da177e4 3591
c70d7499
CM		 3592 /*
3593 * Allocate and fill in one message for every user that is
3594 * getting events.
3595 */
393d2cc3
CM		 3596 rcu_read_lock();
3597 list_for_each_entry_rcu(user, &intf->users, link) {
8a3628d5 3598 if (!user->gets_events)
1da177e4
LT		 3599 continue;
3600
3601 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3602 if (!recv_msg) {
393d2cc3 3603 rcu_read_unlock();
8a3628d5
CM		 3604 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs,
3605 link) {
1da177e4
LT		 3606 list_del(&recv_msg->link);
3607 ipmi_free_recv_msg(recv_msg);
3608 }
c70d7499
CM		 3609 /*
3610 * We couldn't allocate memory for the
3611 * message, so requeue it for handling
3612 * later.
3613 */
1da177e4
LT		 3614 rv = 1;
3615 goto out;
3616 }
3617
3618 deliver_count++;
3619
3620 copy_event_into_recv_msg(recv_msg, msg);
3621 recv_msg->user = user;
393d2cc3 3622 kref_get(&user->refcount);
1da177e4
LT		 3623 list_add_tail(&(recv_msg->link), &msgs);
3624 }
393d2cc3 3625 rcu_read_unlock();
1da177e4
LT		 3626
3627 if (deliver_count) {
3628 /* Now deliver all the messages. */
3629 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
3630 list_del(&recv_msg->link);
3631 deliver_response(recv_msg);
3632 }
3633 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
c70d7499
CM		 3634 /*
3635 * No one to receive the message, put it in queue if there's
3636 * not already too many things in the queue.
3637 */
1da177e4 3638 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3639 if (!recv_msg) {
c70d7499
CM		 3640 /*
3641 * We couldn't allocate memory for the
3642 * message, so requeue it for handling
3643 * later.
3644 */
1da177e4
LT		 3645 rv = 1;
3646 goto out;
3647 }
3648
3649 copy_event_into_recv_msg(recv_msg, msg);
3650 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
4791c03d 3651 intf->waiting_events_count++;
87ebd06f 3652 } else if (!intf->event_msg_printed) {
c70d7499
CM		 3653 /*
3654 * There's too many things in the queue, discard this
3655 * message.
3656 */
87ebd06f
CM		 3657 printk(KERN_WARNING PFX "Event queue full, discarding"
3658 " incoming events\n");
3659 intf->event_msg_printed = 1;
1da177e4
LT		 3660 }
3661
3662 out:
3663 spin_unlock_irqrestore(&(intf->events_lock), flags);
3664
3665 return rv;
3666}
3667
3668static int handle_bmc_rsp(ipmi_smi_t intf,
3669 struct ipmi_smi_msg *msg)
3670{
3671 struct ipmi_recv_msg *recv_msg;
393d2cc3 3672 struct ipmi_user *user;
1da177e4
LT		 3673
3674 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
c70d7499
CM		 3675 if (recv_msg == NULL) {
3676 printk(KERN_WARNING
3677 "IPMI message received with no owner. This\n"
3678 "could be because of a malformed message, or\n"
3679 "because of a hardware error. Contact your\n"
3680 "hardware vender for assistance\n");
56a55ec6
CM		 3681 return 0;
3682 }
1da177e4 3683
393d2cc3 3684 user = recv_msg->user;
1da177e4 3685 /* Make sure the user still exists. */
393d2cc3 3686 if (user && !user->valid) {
56a55ec6 3687 /* The user for the message went away, so give up. */
b2655f26 3688 ipmi_inc_stat(intf, unhandled_local_responses);
1da177e4
LT		 3689 ipmi_free_recv_msg(recv_msg);
3690 } else {
3691 struct ipmi_system_interface_addr *smi_addr;
3692
b2655f26 3693 ipmi_inc_stat(intf, handled_local_responses);
1da177e4
LT		 3694 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3695 recv_msg->msgid = msg->msgid;
3696 smi_addr = ((struct ipmi_system_interface_addr *)
3697 &(recv_msg->addr));
3698 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3699 smi_addr->channel = IPMI_BMC_CHANNEL;
3700 smi_addr->lun = msg->rsp[0] & 3;
3701 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3702 recv_msg->msg.cmd = msg->rsp[1];
3703 memcpy(recv_msg->msg_data,
3704 &(msg->rsp[2]),
3705 msg->rsp_size - 2);
3706 recv_msg->msg.data = recv_msg->msg_data;
3707 recv_msg->msg.data_len = msg->rsp_size - 2;
3708 deliver_response(recv_msg);
3709 }
3710
3711 return 0;
3712}
3713
c70d7499 3714/*
7adf579c 3715 * Handle a received message. Return 1 if the message should be requeued,
c70d7499
CM		 3716 * 0 if the message should be freed, or -1 if the message should not
3717 * be freed or requeued.
3718 */
7adf579c 3719static int handle_one_recv_msg(ipmi_smi_t intf,
1da177e4
LT		 3720 struct ipmi_smi_msg *msg)
3721{
3722 int requeue;
3723 int chan;
3724
3725#ifdef DEBUG_MSGING
3726 int m;
3727 printk("Recv:");
e8b33617 3728 for (m = 0; m < msg->rsp_size; m++)
1da177e4
LT		 3729 printk(" %2.2x", msg->rsp[m]);
3730 printk("\n");
3731#endif
3732 if (msg->rsp_size < 2) {
3733 /* Message is too small to be correct. */
3734 printk(KERN_WARNING PFX "BMC returned to small a message"
3735 " for netfn %x cmd %x, got %d bytes\n",
3736 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
3737
3738 /* Generate an error response for the message. */
3739 msg->rsp[0] = msg->data[0] | (1 << 2);
3740 msg->rsp[1] = msg->data[1];
3741 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3742 msg->rsp_size = 3;
c70d7499
CM		 3743 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))
3744 || (msg->rsp[1] != msg->data[1])) {
3745 /*
3746 * The NetFN and Command in the response is not even
3747 * marginally correct.
3748 */
1da177e4
LT		 3749 printk(KERN_WARNING PFX "BMC returned incorrect response,"
3750 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
3751 (msg->data[0] >> 2) | 1, msg->data[1],
3752 msg->rsp[0] >> 2, msg->rsp[1]);
3753
3754 /* Generate an error response for the message. */
3755 msg->rsp[0] = msg->data[0] | (1 << 2);
3756 msg->rsp[1] = msg->data[1];
3757 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3758 msg->rsp_size = 3;
3759 }
3760
3761 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3762 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
c70d7499
CM		 3763 && (msg->user_data != NULL)) {
3764 /*
3765 * It's a response to a response we sent. For this we
3766 * deliver a send message response to the user.
3767 */
393d2cc3 3768 struct ipmi_recv_msg *recv_msg = msg->user_data;
1da177e4
LT		 3769
3770 requeue = 0;
3771 if (msg->rsp_size < 2)
3772 /* Message is too small to be correct. */
3773 goto out;
3774
3775 chan = msg->data[2] & 0x0f;
3776 if (chan >= IPMI_MAX_CHANNELS)
3777 /* Invalid channel number */
3778 goto out;
3779
393d2cc3
CM		 3780 if (!recv_msg)
3781 goto out;
3782
3783 /* Make sure the user still exists. */
3784 if (!recv_msg->user || !recv_msg->user->valid)
3785 goto out;
3786
3787 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
3788 recv_msg->msg.data = recv_msg->msg_data;
3789 recv_msg->msg.data_len = 1;
3790 recv_msg->msg_data[0] = msg->rsp[2];
3791 deliver_response(recv_msg);
1da177e4 3792 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
c70d7499 3793 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) {
1da177e4
LT		 3794 /* It's from the receive queue. */
3795 chan = msg->rsp[3] & 0xf;
3796 if (chan >= IPMI_MAX_CHANNELS) {
3797 /* Invalid channel number */
3798 requeue = 0;
3799 goto out;
3800 }
3801
4dec302f 3802 /*
9a2845c4
CM		 3803 * We need to make sure the channels have been initialized.
3804 * The channel_handler routine will set the "curr_channel"
3805 * equal to or greater than IPMI_MAX_CHANNELS when all the
3806 * channels for this interface have been initialized.
3807 */
4dec302f 3808 if (intf->curr_channel < IPMI_MAX_CHANNELS) {
9a2845c4 3809 requeue = 0; /* Throw the message away */
4dec302f 3810 goto out;
3811 }
3812
1da177e4
LT		 3813 switch (intf->channels[chan].medium) {
3814 case IPMI_CHANNEL_MEDIUM_IPMB:
3815 if (msg->rsp[4] & 0x04) {
c70d7499
CM		 3816 /*
3817 * It's a response, so find the
3818 * requesting message and send it up.
3819 */
1da177e4
LT		 3820 requeue = handle_ipmb_get_msg_rsp(intf, msg);
3821 } else {
c70d7499
CM		 3822 /*
3823 * It's a command to the SMS from some other
3824 * entity. Handle that.
3825 */
1da177e4
LT		 3826 requeue = handle_ipmb_get_msg_cmd(intf, msg);
3827 }
3828 break;
3829
3830 case IPMI_CHANNEL_MEDIUM_8023LAN:
3831 case IPMI_CHANNEL_MEDIUM_ASYNC:
3832 if (msg->rsp[6] & 0x04) {
c70d7499
CM		 3833 /*
3834 * It's a response, so find the
3835 * requesting message and send it up.
3836 */
1da177e4
LT		 3837 requeue = handle_lan_get_msg_rsp(intf, msg);
3838 } else {
c70d7499
CM		 3839 /*
3840 * It's a command to the SMS from some other
3841 * entity. Handle that.
3842 */
1da177e4
LT		 3843 requeue = handle_lan_get_msg_cmd(intf, msg);
3844 }
3845 break;
3846
3847 default:
4dec302f 3848 /* Check for OEM Channels. Clients had better
3849 register for these commands. */
3850 if ((intf->channels[chan].medium
3851 >= IPMI_CHANNEL_MEDIUM_OEM_MIN)
3852 && (intf->channels[chan].medium
3853 <= IPMI_CHANNEL_MEDIUM_OEM_MAX)) {
3854 requeue = handle_oem_get_msg_cmd(intf, msg);
3855 } else {
3856 /*
3857 * We don't handle the channel type, so just
3858 * free the message.
3859 */
3860 requeue = 0;
3861 }
1da177e4
LT		 3862 }
3863
3864 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
c70d7499 3865 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) {
b3834be5 3866 /* It's an asynchronous event. */
1da177e4
LT		 3867 requeue = handle_read_event_rsp(intf, msg);
3868 } else {
3869 /* It's a response from the local BMC. */
3870 requeue = handle_bmc_rsp(intf, msg);
3871 }
3872
3873 out:
3874 return requeue;
3875}
3876
7adf579c
CM		 3877/*
3878 * If there are messages in the queue or pretimeouts, handle them.
3879 */
3880static void handle_new_recv_msgs(ipmi_smi_t intf)
3881{
3882 struct ipmi_smi_msg *smi_msg;
3883 unsigned long flags = 0;
3884 int rv;
3885 int run_to_completion = intf->run_to_completion;
3886
3887 /* See if any waiting messages need to be processed. */
3888 if (!run_to_completion)
65be7544
CM		 3889 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
3890 while (!list_empty(&intf->waiting_rcv_msgs)) {
3891 smi_msg = list_entry(intf->waiting_rcv_msgs.next,
7adf579c 3892 struct ipmi_smi_msg, link);
ae4ea9a2 3893 list_del(&smi_msg->link);
7adf579c 3894 if (!run_to_completion)
65be7544
CM		 3895 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock,
3896 flags);
7adf579c
CM		 3897 rv = handle_one_recv_msg(intf, smi_msg);
3898 if (!run_to_completion)
65be7544 3899 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
7ea0ed2b 3900 if (rv > 0) {
7adf579c
CM		 3901 /*
3902 * To preserve message order, quit if we
ae4ea9a2
JN		 3903 * can't handle a message. Add the message
3904 * back at the head, this is safe because this
3905 * tasklet is the only thing that pulls the
3906 * messages.
7adf579c 3907 */
ae4ea9a2 3908 list_add(&smi_msg->link, &intf->waiting_rcv_msgs);
7adf579c 3909 break;
7ea0ed2b 3910 } else {
7ea0ed2b
CM		 3911 if (rv == 0)
3912 /* Message handled */
3913 ipmi_free_smi_msg(smi_msg);
3914 /* If rv < 0, fatal error, del but don't free. */
7adf579c
CM		 3915 }
3916 }
3917 if (!run_to_completion)
65be7544 3918 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock, flags);
7adf579c
CM		 3919
3920 /*
3921 * If the pretimout count is non-zero, decrement one from it and
3922 * deliver pretimeouts to all the users.
3923 */
3924 if (atomic_add_unless(&intf->watchdog_pretimeouts_to_deliver, -1, 0)) {
3925 ipmi_user_t user;
3926
3927 rcu_read_lock();
3928 list_for_each_entry_rcu(user, &intf->users, link) {
3929 if (user->handler->ipmi_watchdog_pretimeout)
3930 user->handler->ipmi_watchdog_pretimeout(
3931 user->handler_data);
3932 }
3933 rcu_read_unlock();
3934 }
3935}
3936
3937static void smi_recv_tasklet(unsigned long val)
3938{
7ea0ed2b
CM		 3939 unsigned long flags = 0; /* keep us warning-free. */
3940 ipmi_smi_t intf = (ipmi_smi_t) val;
3941 int run_to_completion = intf->run_to_completion;
3942 struct ipmi_smi_msg *newmsg = NULL;
3943
3944 /*
3945 * Start the next message if available.
3946 *
3947 * Do this here, not in the actual receiver, because we may deadlock
3948 * because the lower layer is allowed to hold locks while calling
3949 * message delivery.
3950 */
cdea4656
TC		 3951
3952 rcu_read_lock();
3953
7ea0ed2b
CM		 3954 if (!run_to_completion)
3955 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
3956 if (intf->curr_msg == NULL && !intf->in_shutdown) {
3957 struct list_head *entry = NULL;
3958
3959 /* Pick the high priority queue first. */
3960 if (!list_empty(&intf->hp_xmit_msgs))
3961 entry = intf->hp_xmit_msgs.next;
3962 else if (!list_empty(&intf->xmit_msgs))
3963 entry = intf->xmit_msgs.next;
3964
3965 if (entry) {
3966 list_del(entry);
3967 newmsg = list_entry(entry, struct ipmi_smi_msg, link);
3968 intf->curr_msg = newmsg;
3969 }
3970 }
3971 if (!run_to_completion)
3972 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
3973 if (newmsg)
99ab32f3 3974 intf->handlers->sender(intf->send_info, newmsg);
7ea0ed2b 3975
cdea4656
TC		 3976 rcu_read_unlock();
3977
7ea0ed2b 3978 handle_new_recv_msgs(intf);
7adf579c
CM		 3979}
3980
1da177e4
LT		 3981/* Handle a new message from the lower layer. */
3982void ipmi_smi_msg_received(ipmi_smi_t intf,
3983 struct ipmi_smi_msg *msg)
3984{
5956dce1 3985 unsigned long flags = 0; /* keep us warning-free. */
7ea0ed2b 3986 int run_to_completion = intf->run_to_completion;
1da177e4 3987
1da177e4
LT		 3988 if ((msg->data_size >= 2)
3989 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
3990 && (msg->data[1] == IPMI_SEND_MSG_CMD)
c70d7499 3991 && (msg->user_data == NULL)) {
7ea0ed2b
CM		 3992
3993 if (intf->in_shutdown)
3994 goto free_msg;
3995
c70d7499
CM		 3996 /*
3997 * This is the local response to a command send, start
3998 * the timer for these. The user_data will not be
3999 * NULL if this is a response send, and we will let
4000 * response sends just go through.
4001 */
4002
4003 /*
4004 * Check for errors, if we get certain errors (ones
4005 * that mean basically we can try again later), we
4006 * ignore them and start the timer. Otherwise we
4007 * report the error immediately.
4008 */
1da177e4
LT		 4009 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
4010 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
46d52b09
CM		 4011 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR)
4012 && (msg->rsp[2] != IPMI_BUS_ERR)
c70d7499 4013 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) {
1da177e4
LT		 4014 int chan = msg->rsp[3] & 0xf;
4015
4016 /* Got an error sending the message, handle it. */
1da177e4
LT		 4017 if (chan >= IPMI_MAX_CHANNELS)
4018 ; /* This shouldn't happen */
4019 else if ((intf->channels[chan].medium
4020 == IPMI_CHANNEL_MEDIUM_8023LAN)
4021 || (intf->channels[chan].medium
4022 == IPMI_CHANNEL_MEDIUM_ASYNC))
b2655f26 4023 ipmi_inc_stat(intf, sent_lan_command_errs);
1da177e4 4024 else
b2655f26 4025 ipmi_inc_stat(intf, sent_ipmb_command_errs);
1da177e4 4026 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
c70d7499 4027 } else
1da177e4
LT		 4028 /* The message was sent, start the timer. */
4029 intf_start_seq_timer(intf, msg->msgid);
1da177e4 4030
7ea0ed2b 4031free_msg:
1da177e4 4032 ipmi_free_smi_msg(msg);
7ea0ed2b
CM		 4033 } else {
4034 /*
4035 * To preserve message order, we keep a queue and deliver from
4036 * a tasklet.
4037 */
4038 if (!run_to_completion)
4039 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
4040 list_add_tail(&msg->link, &intf->waiting_rcv_msgs);
4041 if (!run_to_completion)
4042 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock,
4043 flags);
1da177e4
LT		 4044 }
4045
5956dce1 4046 if (!run_to_completion)
7ea0ed2b 4047 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
b2234ee9
CM		 4048 /*
4049 * We can get an asynchronous event or receive message in addition
4050 * to commands we send.
4051 */
7ea0ed2b
CM		 4052 if (msg == intf->curr_msg)
4053 intf->curr_msg = NULL;
5956dce1 4054 if (!run_to_completion)
7ea0ed2b 4055 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
c70d7499 4056
7ea0ed2b
CM		 4057 if (run_to_completion)
4058 smi_recv_tasklet((unsigned long) intf);
4059 else
4060 tasklet_schedule(&intf->recv_tasklet);
1da177e4 4061}
c70d7499 4062EXPORT_SYMBOL(ipmi_smi_msg_received);
1da177e4
LT		 4063
4064void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
4065{
7ea0ed2b
CM		 4066 if (intf->in_shutdown)
4067 return;
4068
7adf579c
CM		 4069 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 1);
4070 tasklet_schedule(&intf->recv_tasklet);
1da177e4 4071}
c70d7499 4072EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
1da177e4 4073
882fe011
CM		 4074static struct ipmi_smi_msg *
4075smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
4076 unsigned char seq, long seqid)
1da177e4 4077{
882fe011 4078 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
1da177e4 4079 if (!smi_msg)
c70d7499
CM		 4080 /*
4081 * If we can't allocate the message, then just return, we
4082 * get 4 retries, so this should be ok.
4083 */
882fe011 4084 return NULL;
1da177e4
LT		 4085
4086 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
4087 smi_msg->data_size = recv_msg->msg.data_len;
4088 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
c70d7499 4089
1da177e4
LT		 4090#ifdef DEBUG_MSGING
4091 {
4092 int m;
4093 printk("Resend: ");
e8b33617 4094 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 4095 printk(" %2.2x", smi_msg->data[m]);
4096 printk("\n");
4097 }
4098#endif
882fe011 4099 return smi_msg;
1da177e4
LT		 4100}
4101
393d2cc3 4102static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent,
392a17b1
CM		 4103 struct list_head *timeouts,
4104 unsigned long timeout_period,
89986496
CM		 4105 int slot, unsigned long *flags,
4106 unsigned int *waiting_msgs)
393d2cc3 4107{
b2c03941 4108 struct ipmi_recv_msg *msg;
81d02b7f 4109 const struct ipmi_smi_handlers *handlers;
b2c03941 4110
7ea0ed2b 4111 if (intf->in_shutdown)
b2c03941 4112 return;
393d2cc3
CM		 4113
4114 if (!ent->inuse)
4115 return;
4116
392a17b1
CM		 4117 if (timeout_period < ent->timeout) {
4118 ent->timeout -= timeout_period;
89986496 4119 (*waiting_msgs)++;
393d2cc3 4120 return;
89986496 4121 }
393d2cc3
CM		 4122
4123 if (ent->retries_left == 0) {
4124 /* The message has used all its retries. */
4125 ent->inuse = 0;
4126 msg = ent->recv_msg;
4127 list_add_tail(&msg->link, timeouts);
393d2cc3 4128 if (ent->broadcast)
b2655f26 4129 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts);
25176ed6 4130 else if (is_lan_addr(&ent->recv_msg->addr))
b2655f26 4131 ipmi_inc_stat(intf, timed_out_lan_commands);
393d2cc3 4132 else
b2655f26 4133 ipmi_inc_stat(intf, timed_out_ipmb_commands);
393d2cc3
CM		 4134 } else {
4135 struct ipmi_smi_msg *smi_msg;
4136 /* More retries, send again. */
4137
89986496
CM		 4138 (*waiting_msgs)++;
4139
c70d7499
CM		 4140 /*
4141 * Start with the max timer, set to normal timer after
4142 * the message is sent.
4143 */
393d2cc3
CM		 4144 ent->timeout = MAX_MSG_TIMEOUT;
4145 ent->retries_left--;
393d2cc3
CM		 4146 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
4147 ent->seqid);
25176ed6
CM		 4148 if (!smi_msg) {
4149 if (is_lan_addr(&ent->recv_msg->addr))
4150 ipmi_inc_stat(intf,
4151 dropped_rexmit_lan_commands);
4152 else
4153 ipmi_inc_stat(intf,
4154 dropped_rexmit_ipmb_commands);
393d2cc3 4155 return;
25176ed6 4156 }
393d2cc3
CM		 4157
4158 spin_unlock_irqrestore(&intf->seq_lock, *flags);
b2c03941 4159
c70d7499
CM		 4160 /*
4161 * Send the new message. We send with a zero
4162 * priority. It timed out, I doubt time is that
4163 * critical now, and high priority messages are really
4164 * only for messages to the local MC, which don't get
4165 * resent.
4166 */
b2c03941 4167 handlers = intf->handlers;
25176ed6
CM		 4168 if (handlers) {
4169 if (is_lan_addr(&ent->recv_msg->addr))
4170 ipmi_inc_stat(intf,
4171 retransmitted_lan_commands);
4172 else
4173 ipmi_inc_stat(intf,
4174 retransmitted_ipmb_commands);
4175
81d02b7f 4176 smi_send(intf, handlers, smi_msg, 0);
25176ed6 4177 } else
b2c03941
CM		 4178 ipmi_free_smi_msg(smi_msg);
4179
393d2cc3
CM		 4180 spin_lock_irqsave(&intf->seq_lock, *flags);
4181 }
4182}
4183
392a17b1
CM		 4184static unsigned int ipmi_timeout_handler(ipmi_smi_t intf,
4185 unsigned long timeout_period)
1da177e4 4186{
1da177e4
LT		 4187 struct list_head timeouts;
4188 struct ipmi_recv_msg *msg, *msg2;
1da177e4 4189 unsigned long flags;
bca0324d 4190 int i;
89986496 4191 unsigned int waiting_msgs = 0;
1da177e4 4192
89986496
CM		 4193 /*
4194 * Go through the seq table and find any messages that
4195 * have timed out, putting them in the timeouts
4196 * list.
4197 */
4198 INIT_LIST_HEAD(&timeouts);
4199 spin_lock_irqsave(&intf->seq_lock, flags);
4200 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++)
4201 check_msg_timeout(intf, &(intf->seq_table[i]),
4202 &timeouts, timeout_period, i,
4203 &flags, &waiting_msgs);
4204 spin_unlock_irqrestore(&intf->seq_lock, flags);
393d2cc3 4205
89986496
CM		 4206 list_for_each_entry_safe(msg, msg2, &timeouts, link)
4207 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE);
b9675136 4208
89986496
CM		 4209 /*
4210 * Maintenance mode handling. Check the timeout
4211 * optimistically before we claim the lock. It may
4212 * mean a timeout gets missed occasionally, but that
4213 * only means the timeout gets extended by one period
4214 * in that case. No big deal, and it avoids the lock
4215 * most of the time.
4216 */
4217 if (intf->auto_maintenance_timeout > 0) {
4218 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
b9675136 4219 if (intf->auto_maintenance_timeout > 0) {
89986496
CM		 4220 intf->auto_maintenance_timeout
4221 -= timeout_period;
4222 if (!intf->maintenance_mode
4223 && (intf->auto_maintenance_timeout <= 0)) {
7aefac26 4224 intf->maintenance_mode_enable = false;
89986496 4225 maintenance_mode_update(intf);
b9675136 4226 }
b9675136 4227 }
89986496
CM		 4228 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
4229 flags);
1da177e4 4230 }
89986496
CM		 4231
4232 tasklet_schedule(&intf->recv_tasklet);
4233
4234 return waiting_msgs;
1da177e4
LT		 4235}
4236
89986496 4237static void ipmi_request_event(ipmi_smi_t intf)
1da177e4 4238{
89986496
CM		 4239 /* No event requests when in maintenance mode. */
4240 if (intf->maintenance_mode_enable)
4241 return;
b9675136 4242
7ea0ed2b
CM		 4243 if (!intf->in_shutdown)
4244 intf->handlers->request_events(intf->send_info);
1da177e4
LT		 4245}
4246
4247static struct timer_list ipmi_timer;
4248
8f43f84f 4249static atomic_t stop_operation;
1da177e4
LT		 4250
4251static void ipmi_timeout(unsigned long data)
4252{
89986496
CM		 4253 ipmi_smi_t intf;
4254 int nt = 0;
4255
8f43f84f 4256 if (atomic_read(&stop_operation))
1da177e4 4257 return;
1da177e4 4258
89986496
CM		 4259 rcu_read_lock();
4260 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
4261 int lnt = 0;
4262
4263 if (atomic_read(&intf->event_waiters)) {
4264 intf->ticks_to_req_ev--;
4265 if (intf->ticks_to_req_ev == 0) {
4266 ipmi_request_event(intf);
4267 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
4268 }
4269 lnt++;
4270 }
4271
4272 lnt += ipmi_timeout_handler(intf, IPMI_TIMEOUT_TIME);
1da177e4 4273
89986496
CM		 4274 lnt = !!lnt;
4275 if (lnt != intf->last_needs_timer &&
4276 intf->handlers->set_need_watch)
4277 intf->handlers->set_need_watch(intf->send_info, lnt);
4278 intf->last_needs_timer = lnt;
1da177e4 4279
89986496
CM		 4280 nt += lnt;
4281 }
4282 rcu_read_unlock();
4283
4284 if (nt)
4285 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
1da177e4
LT		 4286}
4287
89986496
CM		 4288static void need_waiter(ipmi_smi_t intf)
4289{
4290 /* Racy, but worst case we start the timer twice. */
4291 if (!timer_pending(&ipmi_timer))
4292 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
4293}
1da177e4
LT		 4294
4295static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
4296static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
4297
1da177e4
LT		 4298static void free_smi_msg(struct ipmi_smi_msg *msg)
4299{
4300 atomic_dec(&smi_msg_inuse_count);
4301 kfree(msg);
4302}
4303
4304struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
4305{
4306 struct ipmi_smi_msg *rv;
4307 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
4308 if (rv) {
4309 rv->done = free_smi_msg;
4310 rv->user_data = NULL;
4311 atomic_inc(&smi_msg_inuse_count);
4312 }
4313 return rv;
4314}
c70d7499 4315EXPORT_SYMBOL(ipmi_alloc_smi_msg);
1da177e4
LT		 4316
4317static void free_recv_msg(struct ipmi_recv_msg *msg)
4318{
4319 atomic_dec(&recv_msg_inuse_count);
4320 kfree(msg);
4321}
4322
74006309 4323static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
1da177e4
LT		 4324{
4325 struct ipmi_recv_msg *rv;
4326
4327 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
4328 if (rv) {
a9eec556 4329 rv->user = NULL;
1da177e4
LT		 4330 rv->done = free_recv_msg;
4331 atomic_inc(&recv_msg_inuse_count);
4332 }
4333 return rv;
4334}
4335
393d2cc3
CM		 4336void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
4337{
4338 if (msg->user)
4339 kref_put(&msg->user->refcount, free_user);
4340 msg->done(msg);
4341}
c70d7499 4342EXPORT_SYMBOL(ipmi_free_recv_msg);
393d2cc3 4343
895dcfd1
CM		 4344static atomic_t panic_done_count = ATOMIC_INIT(0);
4345
1da177e4
LT		 4346static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
4347{
895dcfd1 4348 atomic_dec(&panic_done_count);
1da177e4
LT		 4349}
4350
4351static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
4352{
895dcfd1
CM		 4353 atomic_dec(&panic_done_count);
4354}
4355
4356/*
4357 * Inside a panic, send a message and wait for a response.
4358 */
4359static void ipmi_panic_request_and_wait(ipmi_smi_t intf,
4360 struct ipmi_addr *addr,
4361 struct kernel_ipmi_msg *msg)
4362{
4363 struct ipmi_smi_msg smi_msg;
4364 struct ipmi_recv_msg recv_msg;
4365 int rv;
4366
4367 smi_msg.done = dummy_smi_done_handler;
4368 recv_msg.done = dummy_recv_done_handler;
4369 atomic_add(2, &panic_done_count);
4370 rv = i_ipmi_request(NULL,
4371 intf,
4372 addr,
4373 0,
4374 msg,
4375 intf,
4376 &smi_msg,
4377 &recv_msg,
4378 0,
4379 intf->channels[0].address,
4380 intf->channels[0].lun,
4381 0, 1); /* Don't retry, and don't wait. */
4382 if (rv)
4383 atomic_sub(2, &panic_done_count);
82802f96
HK		 4384 else if (intf->handlers->flush_messages)
4385 intf->handlers->flush_messages(intf->send_info);
4386
895dcfd1
CM		 4387 while (atomic_read(&panic_done_count) != 0)
4388 ipmi_poll(intf);
1da177e4
LT		 4389}
4390
56a55ec6 4391static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 4392{
56a55ec6
CM		 4393 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4394 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
4395 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
c70d7499 4396 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
1da177e4 4397 /* A get event receiver command, save it. */
56a55ec6
CM		 4398 intf->event_receiver = msg->msg.data[1];
4399 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
1da177e4
LT		 4400 }
4401}
4402
56a55ec6 4403static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 4404{
56a55ec6
CM		 4405 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4406 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
4407 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
c70d7499
CM		 4408 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
4409 /*
4410 * A get device id command, save if we are an event
4411 * receiver or generator.
4412 */
56a55ec6
CM		 4413 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
4414 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
1da177e4
LT		 4415 }
4416}
1da177e4
LT		 4417
4418static void send_panic_events(char *str)
4419{
4420 struct kernel_ipmi_msg msg;
4421 ipmi_smi_t intf;
4422 unsigned char data[16];
1da177e4
LT		 4423 struct ipmi_system_interface_addr *si;
4424 struct ipmi_addr addr;
1da177e4 4425
1c9f98d1
CM		 4426 if (ipmi_send_panic_event == IPMI_SEND_PANIC_EVENT_NONE)
4427 return;
4428
1da177e4
LT		 4429 si = (struct ipmi_system_interface_addr *) &addr;
4430 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4431 si->channel = IPMI_BMC_CHANNEL;
4432 si->lun = 0;
4433
4434 /* Fill in an event telling that we have failed. */
4435 msg.netfn = 0x04; /* Sensor or Event. */
4436 msg.cmd = 2; /* Platform event command. */
4437 msg.data = data;
4438 msg.data_len = 8;
cda315ab 4439 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */
1da177e4
LT		 4440 data[1] = 0x03; /* This is for IPMI 1.0. */
4441 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
4442 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
4443 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
4444
c70d7499
CM		 4445 /*
4446 * Put a few breadcrumbs in. Hopefully later we can add more things
4447 * to make the panic events more useful.
4448 */
1da177e4
LT		 4449 if (str) {
4450 data[3] = str[0];
4451 data[6] = str[1];
4452 data[7] = str[2];
4453 }
4454
1da177e4 4455 /* For every registered interface, send the event. */
bca0324d 4456 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1c9f98d1
CM		 4457 if (!intf->handlers || !intf->handlers->poll)
4458 /* Interface is not ready or can't run at panic time. */
1da177e4
LT		 4459 continue;
4460
4461 /* Send the event announcing the panic. */
895dcfd1 4462 ipmi_panic_request_and_wait(intf, &addr, &msg);
1da177e4
LT		 4463 }
4464
c70d7499
CM		 4465 /*
4466 * On every interface, dump a bunch of OEM event holding the
4467 * string.
4468 */
1c9f98d1 4469 if (ipmi_send_panic_event != IPMI_SEND_PANIC_EVENT_STRING || !str)
1da177e4
LT		 4470 return;
4471
bca0324d
CM		 4472 /* For every registered interface, send the event. */
4473 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1da177e4
LT		 4474 char *p = str;
4475 struct ipmi_ipmb_addr *ipmb;
4476 int j;
4477
bca0324d
CM		 4478 if (intf->intf_num == -1)
4479 /* Interface was not ready yet. */
1da177e4
LT		 4480 continue;
4481
78ba2faf
CM		 4482 /*
4483 * intf_num is used as an marker to tell if the
4484 * interface is valid. Thus we need a read barrier to
4485 * make sure data fetched before checking intf_num
4486 * won't be used.
4487 */
4488 smp_rmb();
4489
c70d7499
CM		 4490 /*
4491 * First job here is to figure out where to send the
4492 * OEM events. There's no way in IPMI to send OEM
4493 * events using an event send command, so we have to
4494 * find the SEL to put them in and stick them in
4495 * there.
4496 */
1da177e4
LT		 4497
4498 /* Get capabilities from the get device id. */
4499 intf->local_sel_device = 0;
4500 intf->local_event_generator = 0;
4501 intf->event_receiver = 0;
4502
4503 /* Request the device info from the local MC. */
4504 msg.netfn = IPMI_NETFN_APP_REQUEST;
4505 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
4506 msg.data = NULL;
4507 msg.data_len = 0;
4508 intf->null_user_handler = device_id_fetcher;
895dcfd1 4509 ipmi_panic_request_and_wait(intf, &addr, &msg);
1da177e4
LT		 4510
4511 if (intf->local_event_generator) {
4512 /* Request the event receiver from the local MC. */
4513 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
4514 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
4515 msg.data = NULL;
4516 msg.data_len = 0;
4517 intf->null_user_handler = event_receiver_fetcher;
895dcfd1 4518 ipmi_panic_request_and_wait(intf, &addr, &msg);
1da177e4
LT		 4519 }
4520 intf->null_user_handler = NULL;
4521
c70d7499
CM		 4522 /*
4523 * Validate the event receiver. The low bit must not
4524 * be 1 (it must be a valid IPMB address), it cannot
4525 * be zero, and it must not be my address.
4526 */
4527 if (((intf->event_receiver & 1) == 0)
1da177e4 4528 && (intf->event_receiver != 0)
c70d7499
CM		 4529 && (intf->event_receiver != intf->channels[0].address)) {
4530 /*
4531 * The event receiver is valid, send an IPMB
4532 * message.
4533 */
1da177e4
LT		 4534 ipmb = (struct ipmi_ipmb_addr *) &addr;
4535 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
4536 ipmb->channel = 0; /* FIXME - is this right? */
4537 ipmb->lun = intf->event_receiver_lun;
4538 ipmb->slave_addr = intf->event_receiver;
4539 } else if (intf->local_sel_device) {
c70d7499
CM		 4540 /*
4541 * The event receiver was not valid (or was
4542 * me), but I am an SEL device, just dump it
4543 * in my SEL.
4544 */
1da177e4
LT		 4545 si = (struct ipmi_system_interface_addr *) &addr;
4546 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4547 si->channel = IPMI_BMC_CHANNEL;
4548 si->lun = 0;
4549 } else
4550 continue; /* No where to send the event. */
4551
1da177e4
LT		 4552 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
4553 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
4554 msg.data = data;
4555 msg.data_len = 16;
4556
4557 j = 0;
4558 while (*p) {
4559 int size = strlen(p);
4560
4561 if (size > 11)
4562 size = 11;
4563 data[0] = 0;
4564 data[1] = 0;
4565 data[2] = 0xf0; /* OEM event without timestamp. */
c14979b9 4566 data[3] = intf->channels[0].address;
1da177e4 4567 data[4] = j++; /* sequence # */
c70d7499
CM		 4568 /*
4569 * Always give 11 bytes, so strncpy will fill
4570 * it with zeroes for me.
4571 */
1da177e4
LT		 4572 strncpy(data+5, p, 11);
4573 p += size;
4574
895dcfd1 4575 ipmi_panic_request_and_wait(intf, &addr, &msg);
1da177e4 4576 }
c70d7499 4577 }
1da177e4 4578}
1da177e4 4579
0c8204b3 4580static int has_panicked;
1da177e4
LT		 4581
4582static int panic_event(struct notifier_block *this,
4583 unsigned long event,
c70d7499 4584 void *ptr)
1da177e4 4585{
1da177e4
LT		 4586 ipmi_smi_t intf;
4587
f18190bd 4588 if (has_panicked)
1da177e4 4589 return NOTIFY_DONE;
f18190bd 4590 has_panicked = 1;
1da177e4
LT		 4591
4592 /* For every registered interface, set it to run to completion. */
bca0324d 4593 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
b2c03941
CM		 4594 if (!intf->handlers)
4595 /* Interface is not ready. */
1da177e4
LT		 4596 continue;
4597
06e5e345
HK		 4598 /*
4599 * If we were interrupted while locking xmit_msgs_lock or
4600 * waiting_rcv_msgs_lock, the corresponding list may be
4601 * corrupted. In this case, drop items on the list for
4602 * the safety.
4603 */
4604 if (!spin_trylock(&intf->xmit_msgs_lock)) {
4605 INIT_LIST_HEAD(&intf->xmit_msgs);
4606 INIT_LIST_HEAD(&intf->hp_xmit_msgs);
4607 } else
4608 spin_unlock(&intf->xmit_msgs_lock);
4609
4610 if (!spin_trylock(&intf->waiting_rcv_msgs_lock))
4611 INIT_LIST_HEAD(&intf->waiting_rcv_msgs);
4612 else
4613 spin_unlock(&intf->waiting_rcv_msgs_lock);
4614
5956dce1 4615 intf->run_to_completion = 1;
1c9f98d1
CM		 4616 if (intf->handlers->set_run_to_completion)
4617 intf->handlers->set_run_to_completion(intf->send_info,
4618 1);
1da177e4
LT		 4619 }
4620
1da177e4 4621 send_panic_events(ptr);
1da177e4
LT		 4622
4623 return NOTIFY_DONE;
4624}
4625
4626static struct notifier_block panic_block = {
4627 .notifier_call = panic_event,
4628 .next = NULL,
4629 .priority = 200 /* priority: INT_MAX >= x >= 0 */
4630};
4631
4632static int ipmi_init_msghandler(void)
4633{
50c812b2 4634 int rv;
1da177e4
LT		 4635
4636 if (initialized)
4637 return 0;
4638
fe2d5ffc 4639 rv = driver_register(&ipmidriver.driver);
50c812b2
CM		 4640 if (rv) {
4641 printk(KERN_ERR PFX "Could not register IPMI driver\n");
4642 return rv;
4643 }
4644
1da177e4 4645 printk(KERN_INFO "ipmi message handler version "
1fdd75bd 4646 IPMI_DRIVER_VERSION "\n");
1da177e4 4647
3b625943 4648#ifdef CONFIG_PROC_FS
1da177e4
LT		 4649 proc_ipmi_root = proc_mkdir("ipmi", NULL);
4650 if (!proc_ipmi_root) {
4651 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
80fad5b9 4652 driver_unregister(&ipmidriver.driver);
1da177e4
LT		 4653 return -ENOMEM;
4654 }
4655
3b625943 4656#endif /* CONFIG_PROC_FS */
1da177e4 4657
409035e0
CM		 4658 setup_timer(&ipmi_timer, ipmi_timeout, 0);
4659 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
1da177e4 4660
e041c683 4661 atomic_notifier_chain_register(&panic_notifier_list, &panic_block);
1da177e4
LT		 4662
4663 initialized = 1;
4664
4665 return 0;
4666}
4667
60ee6d5f 4668static int __init ipmi_init_msghandler_mod(void)
1da177e4
LT		 4669{
4670 ipmi_init_msghandler();
4671 return 0;
4672}
4673
60ee6d5f 4674static void __exit cleanup_ipmi(void)
1da177e4
LT		 4675{
4676 int count;
4677
4678 if (!initialized)
4679 return;
4680
e041c683 4681 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block);
1da177e4 4682
c70d7499
CM		 4683 /*
4684 * This can't be called if any interfaces exist, so no worry
4685 * about shutting down the interfaces.
4686 */
1da177e4 4687
c70d7499
CM		 4688 /*
4689 * Tell the timer to stop, then wait for it to stop. This
4690 * avoids problems with race conditions removing the timer
4691 * here.
4692 */
8f43f84f
CM		 4693 atomic_inc(&stop_operation);
4694 del_timer_sync(&ipmi_timer);
1da177e4 4695
3b625943 4696#ifdef CONFIG_PROC_FS
a8ca16ea 4697 proc_remove(proc_ipmi_root);
3b625943 4698#endif /* CONFIG_PROC_FS */
1da177e4 4699
fe2d5ffc 4700 driver_unregister(&ipmidriver.driver);
50c812b2 4701
1da177e4
LT		 4702 initialized = 0;
4703
4704 /* Check for buffer leaks. */
4705 count = atomic_read(&smi_msg_inuse_count);
4706 if (count != 0)
4707 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
4708 count);
4709 count = atomic_read(&recv_msg_inuse_count);
4710 if (count != 0)
4711 printk(KERN_WARNING PFX "recv message count %d at exit\n",
4712 count);
4713}
4714module_exit(cleanup_ipmi);
4715
4716module_init(ipmi_init_msghandler_mod);
4717MODULE_LICENSE("GPL");
1fdd75bd 4718MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
c70d7499
CM		 4719MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI"
4720 " interface.");
1fdd75bd 4721MODULE_VERSION(IPMI_DRIVER_VERSION);
070cbd1d 4722MODULE_SOFTDEP("post: ipmi_devintf");
ubuntu-bionic-kernel mirror