]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - drivers/char/ipmi/ipmi_msghandler.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ipmi: Fix printing the BMC guid
[mirror_ubuntu-bionic-kernel.git] / drivers / char / ipmi / ipmi_msghandler.c
CommitLineData
1da177e4
LT		 1/*
2 * ipmi_msghandler.c
3 *
4 * Incoming and outgoing message routing for an IPMI interface.
5 *
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
8 * source@mvista.com
9 *
10 * Copyright 2002 MontaVista Software Inc.
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
16 *
17 *
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 *
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
32 */
33
1da177e4
LT		 34#include <linux/module.h>
35#include <linux/errno.h>
1da177e4 36#include <linux/poll.h>
a99bbaf5 37#include <linux/sched.h>
07412736 38#include <linux/seq_file.h>
1da177e4 39#include <linux/spinlock.h>
d6dfd131 40#include <linux/mutex.h>
1da177e4
LT		 41#include <linux/slab.h>
42#include <linux/ipmi.h>
43#include <linux/ipmi_smi.h>
44#include <linux/notifier.h>
45#include <linux/init.h>
46#include <linux/proc_fs.h>
393d2cc3 47#include <linux/rcupdate.h>
7adf579c 48#include <linux/interrupt.h>
1c9f98d1 49#include <linux/moduleparam.h>
1da177e4
LT		 50
51#define PFX "IPMI message handler: "
1fdd75bd 52
f7caa1b5 53#define IPMI_DRIVER_VERSION "39.2"
1da177e4
LT		 54
55static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
56static int ipmi_init_msghandler(void);
7adf579c
CM		 57static void smi_recv_tasklet(unsigned long);
58static void handle_new_recv_msgs(ipmi_smi_t intf);
89986496 59static void need_waiter(ipmi_smi_t intf);
7ea0ed2b
CM		 60static int handle_one_recv_msg(ipmi_smi_t intf,
61 struct ipmi_smi_msg *msg);
1da177e4 62
0c8204b3 63static int initialized;
1da177e4 64
1c9f98d1
CM		 65enum ipmi_panic_event_op {
66 IPMI_SEND_PANIC_EVENT_NONE,
67 IPMI_SEND_PANIC_EVENT,
68 IPMI_SEND_PANIC_EVENT_STRING
69};
70#ifdef CONFIG_IPMI_PANIC_STRING
71#define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT_STRING
72#elif defined(CONFIG_IPMI_PANIC_EVENT)
73#define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT
74#else
75#define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT_NONE
76#endif
77static enum ipmi_panic_event_op ipmi_send_panic_event = IPMI_PANIC_DEFAULT;
78
79static int panic_op_write_handler(const char *val,
80 const struct kernel_param *kp)
81{
82 char valcp[16];
83 char *s;
84
85 strncpy(valcp, val, 16);
86 valcp[15] = '\0';
87
88 s = strstrip(valcp);
89
90 if (strcmp(s, "none") == 0)
91 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT_NONE;
92 else if (strcmp(s, "event") == 0)
93 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT;
94 else if (strcmp(s, "string") == 0)
95 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT_STRING;
96 else
97 return -EINVAL;
98
99 return 0;
100}
101
102static int panic_op_read_handler(char *buffer, const struct kernel_param *kp)
103{
104 switch (ipmi_send_panic_event) {
105 case IPMI_SEND_PANIC_EVENT_NONE:
106 strcpy(buffer, "none");
107 break;
108
109 case IPMI_SEND_PANIC_EVENT:
110 strcpy(buffer, "event");
111 break;
112
113 case IPMI_SEND_PANIC_EVENT_STRING:
114 strcpy(buffer, "string");
115 break;
116
117 default:
118 strcpy(buffer, "???");
119 break;
120 }
121
122 return strlen(buffer);
123}
124
125static const struct kernel_param_ops panic_op_ops = {
126 .set = panic_op_write_handler,
127 .get = panic_op_read_handler
128};
129module_param_cb(panic_op, &panic_op_ops, NULL, 0600);
130MODULE_PARM_DESC(panic_op, "Sets if the IPMI driver will attempt to store panic information in the event log in the event of a panic. Set to 'none' for no, 'event' for a single event, or 'string' for a generic event and the panic string in IPMI OEM events.");
131
132
3b625943 133#ifdef CONFIG_PROC_FS
0c8204b3 134static struct proc_dir_entry *proc_ipmi_root;
3b625943 135#endif /* CONFIG_PROC_FS */
1da177e4 136
b9675136
CM		 137/* Remain in auto-maintenance mode for this amount of time (in ms). */
138#define IPMI_MAINTENANCE_MODE_TIMEOUT 30000
139
1da177e4
LT		 140#define MAX_EVENTS_IN_QUEUE 25
141
c70d7499
CM		 142/*
143 * Don't let a message sit in a queue forever, always time it with at lest
144 * the max message timer. This is in milliseconds.
145 */
1da177e4
LT		 146#define MAX_MSG_TIMEOUT 60000
147
89986496
CM		 148/* Call every ~1000 ms. */
149#define IPMI_TIMEOUT_TIME 1000
150
151/* How many jiffies does it take to get to the timeout time. */
152#define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
153
154/*
155 * Request events from the queue every second (this is the number of
156 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
157 * future, IPMI will add a way to know immediately if an event is in
158 * the queue and this silliness can go away.
159 */
160#define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
161
393d2cc3
CM		 162/*
163 * The main "user" data structure.
164 */
c70d7499 165struct ipmi_user {
1da177e4
LT		 166 struct list_head link;
167
7aefac26
CM		 168 /* Set to false when the user is destroyed. */
169 bool valid;
393d2cc3
CM		 170
171 struct kref refcount;
172
1da177e4 173 /* The upper layer that handles receive messages. */
210af2a5 174 const struct ipmi_user_hndl *handler;
1da177e4
LT		 175 void *handler_data;
176
177 /* The interface this user is bound to. */
178 ipmi_smi_t intf;
179
180 /* Does this interface receive IPMI events? */
89986496 181 bool gets_events;
1da177e4
LT		 182};
183
c70d7499 184struct cmd_rcvr {
1da177e4
LT		 185 struct list_head link;
186
187 ipmi_user_t user;
188 unsigned char netfn;
189 unsigned char cmd;
c69c3127 190 unsigned int chans;
393d2cc3
CM		 191
192 /*
193 * This is used to form a linked lised during mass deletion.
194 * Since this is in an RCU list, we cannot use the link above
195 * or change any data until the RCU period completes. So we
196 * use this next variable during mass deletion so we can have
197 * a list and don't have to wait and restart the search on
c70d7499
CM		 198 * every individual deletion of a command.
199 */
393d2cc3 200 struct cmd_rcvr *next;
1da177e4
LT		 201};
202
c70d7499 203struct seq_table {
1da177e4
LT		 204 unsigned int inuse : 1;
205 unsigned int broadcast : 1;
206
207 unsigned long timeout;
208 unsigned long orig_timeout;
209 unsigned int retries_left;
210
c70d7499
CM		 211 /*
212 * To verify on an incoming send message response that this is
213 * the message that the response is for, we keep a sequence id
214 * and increment it every time we send a message.
215 */
1da177e4
LT		 216 long seqid;
217
c70d7499
CM		 218 /*
219 * This is held so we can properly respond to the message on a
220 * timeout, and it is used to hold the temporary data for
221 * retransmission, too.
222 */
1da177e4
LT		 223 struct ipmi_recv_msg *recv_msg;
224};
225
c70d7499
CM		 226/*
227 * Store the information in a msgid (long) to allow us to find a
228 * sequence table entry from the msgid.
229 */
a24b5dd5
CM		 230#define STORE_SEQ_IN_MSGID(seq, seqid) \
231 ((((seq) & 0x3f) << 26) | ((seqid) & 0x3ffffff))
1da177e4
LT		 232
233#define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
234 do { \
a24b5dd5
CM		 235 seq = (((msgid) >> 26) & 0x3f); \
236 seqid = ((msgid) & 0x3ffffff); \
c70d7499 237 } while (0)
1da177e4 238
a24b5dd5 239#define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3ffffff)
1da177e4 240
c70d7499 241struct ipmi_channel {
1da177e4
LT		 242 unsigned char medium;
243 unsigned char protocol;
c14979b9 244
c70d7499
CM		 245 /*
246 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
247 * but may be changed by the user.
248 */
c14979b9
CM		 249 unsigned char address;
250
c70d7499
CM		 251 /*
252 * My LUN. This should generally stay the SMS LUN, but just in
253 * case...
254 */
c14979b9 255 unsigned char lun;
1da177e4
LT		 256};
257
3b625943 258#ifdef CONFIG_PROC_FS
c70d7499 259struct ipmi_proc_entry {
1da177e4
LT		 260 char *name;
261 struct ipmi_proc_entry *next;
262};
3b625943 263#endif
1da177e4 264
c70d7499 265struct bmc_device {
16639eb0 266 struct platform_device pdev;
50c812b2
CM		 267 struct ipmi_device_id id;
268 unsigned char guid[16];
269 int guid_set;
16639eb0
CM		 270 char name[16];
271 struct kref usecount;
50c812b2 272};
16639eb0 273#define to_bmc_device(x) container_of((x), struct bmc_device, pdev.dev)
50c812b2 274
b2655f26
KB		 275/*
276 * Various statistics for IPMI, these index stats[] in the ipmi_smi
277 * structure.
278 */
73f2bdb9
CM		 279enum ipmi_stat_indexes {
280 /* Commands we got from the user that were invalid. */
281 IPMI_STAT_sent_invalid_commands = 0,
b2655f26 282
73f2bdb9
CM		 283 /* Commands we sent to the MC. */
284 IPMI_STAT_sent_local_commands,
b2655f26 285
73f2bdb9
CM		 286 /* Responses from the MC that were delivered to a user. */
287 IPMI_STAT_handled_local_responses,
b2655f26 288
73f2bdb9
CM		 289 /* Responses from the MC that were not delivered to a user. */
290 IPMI_STAT_unhandled_local_responses,
b2655f26 291
73f2bdb9
CM		 292 /* Commands we sent out to the IPMB bus. */
293 IPMI_STAT_sent_ipmb_commands,
b2655f26 294
73f2bdb9
CM		 295 /* Commands sent on the IPMB that had errors on the SEND CMD */
296 IPMI_STAT_sent_ipmb_command_errs,
b2655f26 297
73f2bdb9
CM		 298 /* Each retransmit increments this count. */
299 IPMI_STAT_retransmitted_ipmb_commands,
b2655f26 300
73f2bdb9
CM		 301 /*
302 * When a message times out (runs out of retransmits) this is
303 * incremented.
304 */
305 IPMI_STAT_timed_out_ipmb_commands,
b2655f26 306
73f2bdb9
CM		 307 /*
308 * This is like above, but for broadcasts. Broadcasts are
309 * *not* included in the above count (they are expected to
310 * time out).
311 */
312 IPMI_STAT_timed_out_ipmb_broadcasts,
b2655f26 313
73f2bdb9
CM		 314 /* Responses I have sent to the IPMB bus. */
315 IPMI_STAT_sent_ipmb_responses,
b2655f26 316
73f2bdb9
CM		 317 /* The response was delivered to the user. */
318 IPMI_STAT_handled_ipmb_responses,
b2655f26 319
73f2bdb9
CM		 320 /* The response had invalid data in it. */
321 IPMI_STAT_invalid_ipmb_responses,
b2655f26 322
73f2bdb9
CM		 323 /* The response didn't have anyone waiting for it. */
324 IPMI_STAT_unhandled_ipmb_responses,
b2655f26 325
73f2bdb9
CM		 326 /* Commands we sent out to the IPMB bus. */
327 IPMI_STAT_sent_lan_commands,
b2655f26 328
73f2bdb9
CM		 329 /* Commands sent on the IPMB that had errors on the SEND CMD */
330 IPMI_STAT_sent_lan_command_errs,
b2655f26 331
73f2bdb9
CM		 332 /* Each retransmit increments this count. */
333 IPMI_STAT_retransmitted_lan_commands,
b2655f26 334
73f2bdb9
CM		 335 /*
336 * When a message times out (runs out of retransmits) this is
337 * incremented.
338 */
339 IPMI_STAT_timed_out_lan_commands,
340
341 /* Responses I have sent to the IPMB bus. */
342 IPMI_STAT_sent_lan_responses,
b2655f26 343
73f2bdb9
CM		 344 /* The response was delivered to the user. */
345 IPMI_STAT_handled_lan_responses,
b2655f26 346
73f2bdb9
CM		 347 /* The response had invalid data in it. */
348 IPMI_STAT_invalid_lan_responses,
b2655f26 349
73f2bdb9
CM		 350 /* The response didn't have anyone waiting for it. */
351 IPMI_STAT_unhandled_lan_responses,
b2655f26 352
73f2bdb9
CM		 353 /* The command was delivered to the user. */
354 IPMI_STAT_handled_commands,
b2655f26 355
73f2bdb9
CM		 356 /* The command had invalid data in it. */
357 IPMI_STAT_invalid_commands,
b2655f26 358
73f2bdb9
CM		 359 /* The command didn't have anyone waiting for it. */
360 IPMI_STAT_unhandled_commands,
b2655f26 361
73f2bdb9
CM		 362 /* Invalid data in an event. */
363 IPMI_STAT_invalid_events,
b2655f26 364
73f2bdb9
CM		 365 /* Events that were received with the proper format. */
366 IPMI_STAT_events,
b2655f26 367
25176ed6
CM		 368 /* Retransmissions on IPMB that failed. */
369 IPMI_STAT_dropped_rexmit_ipmb_commands,
370
371 /* Retransmissions on LAN that failed. */
372 IPMI_STAT_dropped_rexmit_lan_commands,
b2655f26 373
73f2bdb9
CM		 374 /* This *must* remain last, add new values above this. */
375 IPMI_NUM_STATS
376};
b2655f26
KB		 377
378
1da177e4 379#define IPMI_IPMB_NUM_SEQ 64
c14979b9 380#define IPMI_MAX_CHANNELS 16
c70d7499 381struct ipmi_smi {
1da177e4
LT		 382 /* What interface number are we? */
383 int intf_num;
384
393d2cc3
CM		 385 struct kref refcount;
386
7ea0ed2b
CM		 387 /* Set when the interface is being unregistered. */
388 bool in_shutdown;
389
bca0324d
CM		 390 /* Used for a list of interfaces. */
391 struct list_head link;
392
c70d7499
CM		 393 /*
394 * The list of upper layers that are using me. seq_lock
395 * protects this.
396 */
393d2cc3 397 struct list_head users;
1da177e4 398
b2c03941
CM		 399 /* Information to supply to users. */
400 unsigned char ipmi_version_major;
401 unsigned char ipmi_version_minor;
402
1da177e4
LT		 403 /* Used for wake ups at startup. */
404 wait_queue_head_t waitq;
405
50c812b2 406 struct bmc_device *bmc;
a2cb600f 407 bool bmc_registered;
50c812b2 408 char *my_dev_name;
1da177e4 409
c70d7499
CM		 410 /*
411 * This is the lower-layer's sender routine. Note that you
b2c03941
CM		 412 * must either be holding the ipmi_interfaces_mutex or be in
413 * an umpreemptible region to use this. You must fetch the
c70d7499
CM		 414 * value into a local variable and make sure it is not NULL.
415 */
81d02b7f 416 const struct ipmi_smi_handlers *handlers;
1da177e4
LT		 417 void *send_info;
418
3b625943 419#ifdef CONFIG_PROC_FS
ac019151
CM		 420 /* A list of proc entries for this interface. */
421 struct mutex proc_entry_lock;
1da177e4 422 struct ipmi_proc_entry *proc_entries;
3b625943 423#endif
1da177e4 424
50c812b2
CM		 425 /* Driver-model device for the system interface. */
426 struct device *si_dev;
427
c70d7499
CM		 428 /*
429 * A table of sequence numbers for this interface. We use the
430 * sequence numbers for IPMB messages that go out of the
431 * interface to match them up with their responses. A routine
432 * is called periodically to time the items in this list.
433 */
1da177e4
LT		 434 spinlock_t seq_lock;
435 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
436 int curr_seq;
437
c70d7499 438 /*
7adf579c
CM		 439 * Messages queued for delivery. If delivery fails (out of memory
440 * for instance), They will stay in here to be processed later in a
441 * periodic timer interrupt. The tasklet is for handling received
442 * messages directly from the handler.
c70d7499 443 */
65be7544
CM		 444 spinlock_t waiting_rcv_msgs_lock;
445 struct list_head waiting_rcv_msgs;
7adf579c
CM		 446 atomic_t watchdog_pretimeouts_to_deliver;
447 struct tasklet_struct recv_tasklet;
1da177e4 448
7ea0ed2b
CM		 449 spinlock_t xmit_msgs_lock;
450 struct list_head xmit_msgs;
451 struct ipmi_smi_msg *curr_msg;
452 struct list_head hp_xmit_msgs;
453
c70d7499
CM		 454 /*
455 * The list of command receivers that are registered for commands
456 * on this interface.
457 */
d6dfd131 458 struct mutex cmd_rcvrs_mutex;
1da177e4
LT		 459 struct list_head cmd_rcvrs;
460
c70d7499
CM		 461 /*
462 * Events that were queues because no one was there to receive
463 * them.
464 */
1da177e4
LT		 465 spinlock_t events_lock; /* For dealing with event stuff. */
466 struct list_head waiting_events;
467 unsigned int waiting_events_count; /* How many events in queue? */
87ebd06f
CM		 468 char delivering_events;
469 char event_msg_printed;
89986496
CM		 470 atomic_t event_waiters;
471 unsigned int ticks_to_req_ev;
472 int last_needs_timer;
1da177e4 473
c70d7499
CM		 474 /*
475 * The event receiver for my BMC, only really used at panic
476 * shutdown as a place to store this.
477 */
1da177e4
LT		 478 unsigned char event_receiver;
479 unsigned char event_receiver_lun;
480 unsigned char local_sel_device;
481 unsigned char local_event_generator;
482
b9675136
CM		 483 /* For handling of maintenance mode. */
484 int maintenance_mode;
7aefac26 485 bool maintenance_mode_enable;
b9675136
CM		 486 int auto_maintenance_timeout;
487 spinlock_t maintenance_mode_lock; /* Used in a timer... */
488
c70d7499
CM		 489 /*
490 * A cheap hack, if this is non-null and a message to an
491 * interface comes in with a NULL user, call this routine with
492 * it. Note that the message will still be freed by the
493 * caller. This only works on the system interface.
494 */
56a55ec6 495 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg);
1da177e4 496
c70d7499
CM		 497 /*
498 * When we are scanning the channels for an SMI, this will
499 * tell which channel we are scanning.
500 */
1da177e4
LT		 501 int curr_channel;
502
503 /* Channel information */
504 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
505
506 /* Proc FS stuff. */
507 struct proc_dir_entry *proc_dir;
508 char proc_dir_name[10];
509
b2655f26 510 atomic_t stats[IPMI_NUM_STATS];
5956dce1
KB		 511
512 /*
513 * run_to_completion duplicate of smb_info, smi_info
514 * and ipmi_serial_info structures. Used to decrease numbers of
515 * parameters passed by "low" level IPMI code.
516 */
517 int run_to_completion;
1da177e4 518};
50c812b2 519#define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev)
1da177e4 520
50c812b2
CM		 521/**
522 * The driver model view of the IPMI messaging driver.
523 */
fe2d5ffc
DW		 524static struct platform_driver ipmidriver = {
525 .driver = {
526 .name = "ipmi",
527 .bus = &platform_bus_type
528 }
50c812b2 529};
9ca15af3
CM		 530/*
531 * This mutex protects adding/removing BMCs on the ipmidriver's device
532 * list. This way we can pull items out of the driver's list and reuse
533 * them.
534 */
50c812b2
CM		 535static DEFINE_MUTEX(ipmidriver_mutex);
536
bed9759b 537static LIST_HEAD(ipmi_interfaces);
bca0324d 538static DEFINE_MUTEX(ipmi_interfaces_mutex);
1da177e4 539
c70d7499
CM		 540/*
541 * List of watchers that want to know when smi's are added and deleted.
542 */
bed9759b 543static LIST_HEAD(smi_watchers);
b2c03941 544static DEFINE_MUTEX(smi_watchers_mutex);
1da177e4 545
b2655f26
KB		 546#define ipmi_inc_stat(intf, stat) \
547 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat])
548#define ipmi_get_stat(intf, stat) \
549 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat]))
550
99ee6735
LC		 551static const char * const addr_src_to_str[] = {
552 "invalid", "hotmod", "hardcoded", "SPMI", "ACPI", "SMBIOS", "PCI",
b07b58a3 553 "device-tree"
99ee6735 554};
7e50387b
CM		 555
556const char *ipmi_addr_src_to_str(enum ipmi_addr_src src)
557{
b07b58a3 558 if (src >= SI_LAST)
7e50387b
CM		 559 src = 0; /* Invalid */
560 return addr_src_to_str[src];
561}
562EXPORT_SYMBOL(ipmi_addr_src_to_str);
563
25176ed6
CM		 564static int is_lan_addr(struct ipmi_addr *addr)
565{
566 return addr->addr_type == IPMI_LAN_ADDR_TYPE;
567}
568
569static int is_ipmb_addr(struct ipmi_addr *addr)
570{
571 return addr->addr_type == IPMI_IPMB_ADDR_TYPE;
572}
573
574static int is_ipmb_bcast_addr(struct ipmi_addr *addr)
575{
576 return addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE;
577}
b2655f26 578
393d2cc3
CM		 579static void free_recv_msg_list(struct list_head *q)
580{
581 struct ipmi_recv_msg *msg, *msg2;
582
583 list_for_each_entry_safe(msg, msg2, q, link) {
584 list_del(&msg->link);
585 ipmi_free_recv_msg(msg);
586 }
587}
588
f3ce6a0e
CM		 589static void free_smi_msg_list(struct list_head *q)
590{
591 struct ipmi_smi_msg *msg, *msg2;
592
593 list_for_each_entry_safe(msg, msg2, q, link) {
594 list_del(&msg->link);
595 ipmi_free_smi_msg(msg);
596 }
597}
598
393d2cc3
CM		 599static void clean_up_interface_data(ipmi_smi_t intf)
600{
601 int i;
602 struct cmd_rcvr *rcvr, *rcvr2;
393d2cc3
CM		 603 struct list_head list;
604
7adf579c
CM		 605 tasklet_kill(&intf->recv_tasklet);
606
65be7544 607 free_smi_msg_list(&intf->waiting_rcv_msgs);
393d2cc3
CM		 608 free_recv_msg_list(&intf->waiting_events);
609
78ba2faf
CM		 610 /*
611 * Wholesale remove all the entries from the list in the
612 * interface and wait for RCU to know that none are in use.
613 */
d6dfd131 614 mutex_lock(&intf->cmd_rcvrs_mutex);
78ba2faf
CM		 615 INIT_LIST_HEAD(&list);
616 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu);
d6dfd131 617 mutex_unlock(&intf->cmd_rcvrs_mutex);
393d2cc3
CM		 618
619 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
620 kfree(rcvr);
621
622 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
623 if ((intf->seq_table[i].inuse)
c70d7499 624 && (intf->seq_table[i].recv_msg))
393d2cc3 625 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
393d2cc3
CM		 626 }
627}
628
629static void intf_free(struct kref *ref)
630{
631 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount);
632
633 clean_up_interface_data(intf);
634 kfree(intf);
635}
636
bca0324d 637struct watcher_entry {
b2c03941
CM		 638 int intf_num;
639 ipmi_smi_t intf;
bca0324d 640 struct list_head link;
bca0324d
CM		 641};
642
1da177e4
LT		 643int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
644{
bca0324d 645 ipmi_smi_t intf;
e381d1c4 646 LIST_HEAD(to_deliver);
bca0324d
CM		 647 struct watcher_entry *e, *e2;
648
b2c03941
CM		 649 mutex_lock(&smi_watchers_mutex);
650
bca0324d
CM		 651 mutex_lock(&ipmi_interfaces_mutex);
652
b2c03941 653 /* Build a list of things to deliver. */
78ba2faf 654 list_for_each_entry(intf, &ipmi_interfaces, link) {
bca0324d
CM		 655 if (intf->intf_num == -1)
656 continue;
657 e = kmalloc(sizeof(*e), GFP_KERNEL);
658 if (!e)
659 goto out_err;
b2c03941
CM		 660 kref_get(&intf->refcount);
661 e->intf = intf;
bca0324d
CM		 662 e->intf_num = intf->intf_num;
663 list_add_tail(&e->link, &to_deliver);
664 }
1da177e4 665
b2c03941
CM		 666 /* We will succeed, so add it to the list. */
667 list_add(&watcher->link, &smi_watchers);
bca0324d
CM		 668
669 mutex_unlock(&ipmi_interfaces_mutex);
670
671 list_for_each_entry_safe(e, e2, &to_deliver, link) {
672 list_del(&e->link);
b2c03941
CM		 673 watcher->new_smi(e->intf_num, e->intf->si_dev);
674 kref_put(&e->intf->refcount, intf_free);
bca0324d 675 kfree(e);
1da177e4 676 }
bca0324d 677
b2c03941 678 mutex_unlock(&smi_watchers_mutex);
bca0324d 679
1da177e4 680 return 0;
bca0324d
CM		 681
682 out_err:
b2c03941
CM		 683 mutex_unlock(&ipmi_interfaces_mutex);
684 mutex_unlock(&smi_watchers_mutex);
bca0324d
CM		 685 list_for_each_entry_safe(e, e2, &to_deliver, link) {
686 list_del(&e->link);
b2c03941 687 kref_put(&e->intf->refcount, intf_free);
bca0324d
CM		 688 kfree(e);
689 }
690 return -ENOMEM;
1da177e4 691}
c70d7499 692EXPORT_SYMBOL(ipmi_smi_watcher_register);
1da177e4
LT		 693
694int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
695{
b2c03941 696 mutex_lock(&smi_watchers_mutex);
1da177e4 697 list_del(&(watcher->link));
b2c03941 698 mutex_unlock(&smi_watchers_mutex);
1da177e4
LT		 699 return 0;
700}
c70d7499 701EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
1da177e4 702
b2c03941
CM		 703/*
704 * Must be called with smi_watchers_mutex held.
705 */
1da177e4 706static void
50c812b2 707call_smi_watchers(int i, struct device *dev)
1da177e4
LT		 708{
709 struct ipmi_smi_watcher *w;
710
1da177e4
LT		 711 list_for_each_entry(w, &smi_watchers, link) {
712 if (try_module_get(w->owner)) {
50c812b2 713 w->new_smi(i, dev);
1da177e4
LT		 714 module_put(w->owner);
715 }
716 }
1da177e4
LT		 717}
718
719static int
720ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
721{
722 if (addr1->addr_type != addr2->addr_type)
723 return 0;
724
725 if (addr1->channel != addr2->channel)
726 return 0;
727
728 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
729 struct ipmi_system_interface_addr *smi_addr1
730 = (struct ipmi_system_interface_addr *) addr1;
731 struct ipmi_system_interface_addr *smi_addr2
732 = (struct ipmi_system_interface_addr *) addr2;
733 return (smi_addr1->lun == smi_addr2->lun);
734 }
735
25176ed6 736 if (is_ipmb_addr(addr1) || is_ipmb_bcast_addr(addr1)) {
1da177e4
LT		 737 struct ipmi_ipmb_addr *ipmb_addr1
738 = (struct ipmi_ipmb_addr *) addr1;
739 struct ipmi_ipmb_addr *ipmb_addr2
740 = (struct ipmi_ipmb_addr *) addr2;
741
742 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
743 && (ipmb_addr1->lun == ipmb_addr2->lun));
744 }
745
25176ed6 746 if (is_lan_addr(addr1)) {
1da177e4
LT		 747 struct ipmi_lan_addr *lan_addr1
748 = (struct ipmi_lan_addr *) addr1;
749 struct ipmi_lan_addr *lan_addr2
750 = (struct ipmi_lan_addr *) addr2;
751
752 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
753 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
754 && (lan_addr1->session_handle
755 == lan_addr2->session_handle)
756 && (lan_addr1->lun == lan_addr2->lun));
757 }
758
759 return 1;
760}
761
762int ipmi_validate_addr(struct ipmi_addr *addr, int len)
763{
c70d7499 764 if (len < sizeof(struct ipmi_system_interface_addr))
1da177e4 765 return -EINVAL;
1da177e4
LT		 766
767 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
768 if (addr->channel != IPMI_BMC_CHANNEL)
769 return -EINVAL;
770 return 0;
771 }
772
773 if ((addr->channel == IPMI_BMC_CHANNEL)
12fc1d7b 774 || (addr->channel >= IPMI_MAX_CHANNELS)
1da177e4
LT		 775 || (addr->channel < 0))
776 return -EINVAL;
777
25176ed6 778 if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
c70d7499 779 if (len < sizeof(struct ipmi_ipmb_addr))
1da177e4 780 return -EINVAL;
1da177e4
LT		 781 return 0;
782 }
783
25176ed6 784 if (is_lan_addr(addr)) {
c70d7499 785 if (len < sizeof(struct ipmi_lan_addr))
1da177e4 786 return -EINVAL;
1da177e4
LT		 787 return 0;
788 }
789
790 return -EINVAL;
791}
c70d7499 792EXPORT_SYMBOL(ipmi_validate_addr);
1da177e4
LT		 793
794unsigned int ipmi_addr_length(int addr_type)
795{
796 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
797 return sizeof(struct ipmi_system_interface_addr);
798
799 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
c70d7499 800 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1da177e4 801 return sizeof(struct ipmi_ipmb_addr);
1da177e4
LT		 802
803 if (addr_type == IPMI_LAN_ADDR_TYPE)
804 return sizeof(struct ipmi_lan_addr);
805
806 return 0;
807}
c70d7499 808EXPORT_SYMBOL(ipmi_addr_length);
1da177e4
LT		 809
810static void deliver_response(struct ipmi_recv_msg *msg)
811{
8a3628d5 812 if (!msg->user) {
56a55ec6 813 ipmi_smi_t intf = msg->user_msg_data;
56a55ec6
CM		 814
815 /* Special handling for NULL users. */
816 if (intf->null_user_handler) {
817 intf->null_user_handler(intf, msg);
b2655f26 818 ipmi_inc_stat(intf, handled_local_responses);
56a55ec6
CM		 819 } else {
820 /* No handler, so give up. */
b2655f26 821 ipmi_inc_stat(intf, unhandled_local_responses);
56a55ec6
CM		 822 }
823 ipmi_free_recv_msg(msg);
c49c0976
HK		 824 } else if (!oops_in_progress) {
825 /*
826 * If we are running in the panic context, calling the
827 * receive handler doesn't much meaning and has a deadlock
828 * risk. At this moment, simply skip it in that case.
829 */
830
393d2cc3
CM		 831 ipmi_user_t user = msg->user;
832 user->handler->ipmi_recv_hndl(msg, user->handler_data);
56a55ec6 833 }
1da177e4
LT		 834}
835
b2c03941
CM		 836static void
837deliver_err_response(struct ipmi_recv_msg *msg, int err)
838{
839 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
840 msg->msg_data[0] = err;
841 msg->msg.netfn |= 1; /* Convert to a response. */
842 msg->msg.data_len = 1;
843 msg->msg.data = msg->msg_data;
844 deliver_response(msg);
845}
846
c70d7499
CM		 847/*
848 * Find the next sequence number not being used and add the given
849 * message with the given timeout to the sequence table. This must be
850 * called with the interface's seq_lock held.
851 */
1da177e4
LT		 852static int intf_next_seq(ipmi_smi_t intf,
853 struct ipmi_recv_msg *recv_msg,
854 unsigned long timeout,
855 int retries,
856 int broadcast,
857 unsigned char *seq,
858 long *seqid)
859{
860 int rv = 0;
861 unsigned int i;
862
c70d7499
CM		 863 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
864 i = (i+1)%IPMI_IPMB_NUM_SEQ) {
8a3628d5 865 if (!intf->seq_table[i].inuse)
1da177e4
LT		 866 break;
867 }
868
8a3628d5 869 if (!intf->seq_table[i].inuse) {
1da177e4
LT		 870 intf->seq_table[i].recv_msg = recv_msg;
871
c70d7499
CM		 872 /*
873 * Start with the maximum timeout, when the send response
874 * comes in we will start the real timer.
875 */
1da177e4
LT		 876 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
877 intf->seq_table[i].orig_timeout = timeout;
878 intf->seq_table[i].retries_left = retries;
879 intf->seq_table[i].broadcast = broadcast;
880 intf->seq_table[i].inuse = 1;
881 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
882 *seq = i;
883 *seqid = intf->seq_table[i].seqid;
884 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
89986496 885 need_waiter(intf);
1da177e4
LT		 886 } else {
887 rv = -EAGAIN;
888 }
c70d7499 889
1da177e4
LT		 890 return rv;
891}
892
c70d7499
CM		 893/*
894 * Return the receive message for the given sequence number and
895 * release the sequence number so it can be reused. Some other data
896 * is passed in to be sure the message matches up correctly (to help
897 * guard against message coming in after their timeout and the
898 * sequence number being reused).
899 */
1da177e4
LT		 900static int intf_find_seq(ipmi_smi_t intf,
901 unsigned char seq,
902 short channel,
903 unsigned char cmd,
904 unsigned char netfn,
905 struct ipmi_addr *addr,
906 struct ipmi_recv_msg **recv_msg)
907{
908 int rv = -ENODEV;
909 unsigned long flags;
910
911 if (seq >= IPMI_IPMB_NUM_SEQ)
912 return -EINVAL;
913
914 spin_lock_irqsave(&(intf->seq_lock), flags);
915 if (intf->seq_table[seq].inuse) {
916 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
917
c70d7499
CM		 918 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd)
919 && (msg->msg.netfn == netfn)
920 && (ipmi_addr_equal(addr, &(msg->addr)))) {
1da177e4
LT		 921 *recv_msg = msg;
922 intf->seq_table[seq].inuse = 0;
923 rv = 0;
924 }
925 }
926 spin_unlock_irqrestore(&(intf->seq_lock), flags);
927
928 return rv;
929}
930
931
932/* Start the timer for a specific sequence table entry. */
933static int intf_start_seq_timer(ipmi_smi_t intf,
934 long msgid)
935{
936 int rv = -ENODEV;
937 unsigned long flags;
938 unsigned char seq;
939 unsigned long seqid;
940
941
942 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
943
944 spin_lock_irqsave(&(intf->seq_lock), flags);
c70d7499
CM		 945 /*
946 * We do this verification because the user can be deleted
947 * while a message is outstanding.
948 */
1da177e4 949 if ((intf->seq_table[seq].inuse)
c70d7499 950 && (intf->seq_table[seq].seqid == seqid)) {
1da177e4
LT		 951 struct seq_table *ent = &(intf->seq_table[seq]);
952 ent->timeout = ent->orig_timeout;
953 rv = 0;
954 }
955 spin_unlock_irqrestore(&(intf->seq_lock), flags);
956
957 return rv;
958}
959
960/* Got an error for the send message for a specific sequence number. */
961static int intf_err_seq(ipmi_smi_t intf,
962 long msgid,
963 unsigned int err)
964{
965 int rv = -ENODEV;
966 unsigned long flags;
967 unsigned char seq;
968 unsigned long seqid;
969 struct ipmi_recv_msg *msg = NULL;
970
971
972 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
973
974 spin_lock_irqsave(&(intf->seq_lock), flags);
c70d7499
CM		 975 /*
976 * We do this verification because the user can be deleted
977 * while a message is outstanding.
978 */
1da177e4 979 if ((intf->seq_table[seq].inuse)
c70d7499 980 && (intf->seq_table[seq].seqid == seqid)) {
1da177e4
LT		 981 struct seq_table *ent = &(intf->seq_table[seq]);
982
983 ent->inuse = 0;
984 msg = ent->recv_msg;
985 rv = 0;
986 }
987 spin_unlock_irqrestore(&(intf->seq_lock), flags);
988
b2c03941
CM		 989 if (msg)
990 deliver_err_response(msg, err);
1da177e4
LT		 991
992 return rv;
993}
994
995
996int ipmi_create_user(unsigned int if_num,
210af2a5 997 const struct ipmi_user_hndl *handler,
1da177e4
LT		 998 void *handler_data,
999 ipmi_user_t *user)
1000{
1001 unsigned long flags;
1002 ipmi_user_t new_user;
1003 int rv = 0;
1004 ipmi_smi_t intf;
1005
c70d7499
CM		 1006 /*
1007 * There is no module usecount here, because it's not
1008 * required. Since this can only be used by and called from
1009 * other modules, they will implicitly use this module, and
1010 * thus this can't be removed unless the other modules are
1011 * removed.
1012 */
1da177e4
LT		 1013
1014 if (handler == NULL)
1015 return -EINVAL;
1016
c70d7499
CM		 1017 /*
1018 * Make sure the driver is actually initialized, this handles
1019 * problems with initialization order.
1020 */
1da177e4
LT		 1021 if (!initialized) {
1022 rv = ipmi_init_msghandler();
1023 if (rv)
1024 return rv;
1025
c70d7499
CM		 1026 /*
1027 * The init code doesn't return an error if it was turned
1028 * off, but it won't initialize. Check that.
1029 */
1da177e4
LT		 1030 if (!initialized)
1031 return -ENODEV;
1032 }
1033
1034 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
8a3628d5 1035 if (!new_user)
1da177e4
LT		 1036 return -ENOMEM;
1037
b2c03941 1038 mutex_lock(&ipmi_interfaces_mutex);
bca0324d
CM		 1039 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1040 if (intf->intf_num == if_num)
1041 goto found;
1da177e4 1042 }
b2c03941 1043 /* Not found, return an error */
bca0324d
CM		 1044 rv = -EINVAL;
1045 goto out_kfree;
1da177e4 1046
bca0324d 1047 found:
393d2cc3
CM		 1048 /* Note that each existing user holds a refcount to the interface. */
1049 kref_get(&intf->refcount);
1da177e4 1050
393d2cc3 1051 kref_init(&new_user->refcount);
1da177e4
LT		 1052 new_user->handler = handler;
1053 new_user->handler_data = handler_data;
1054 new_user->intf = intf;
89986496 1055 new_user->gets_events = false;
1da177e4
LT		 1056
1057 if (!try_module_get(intf->handlers->owner)) {
1058 rv = -ENODEV;
5c98d29a 1059 goto out_kref;
1da177e4
LT		 1060 }
1061
1062 if (intf->handlers->inc_usecount) {
1063 rv = intf->handlers->inc_usecount(intf->send_info);
1064 if (rv) {
1065 module_put(intf->handlers->owner);
5c98d29a 1066 goto out_kref;
1da177e4
LT		 1067 }
1068 }
1069
c70d7499
CM		 1070 /*
1071 * Hold the lock so intf->handlers is guaranteed to be good
1072 * until now
1073 */
b2c03941
CM		 1074 mutex_unlock(&ipmi_interfaces_mutex);
1075
7aefac26 1076 new_user->valid = true;
393d2cc3
CM		 1077 spin_lock_irqsave(&intf->seq_lock, flags);
1078 list_add_rcu(&new_user->link, &intf->users);
1079 spin_unlock_irqrestore(&intf->seq_lock, flags);
89986496
CM		 1080 if (handler->ipmi_watchdog_pretimeout) {
1081 /* User wants pretimeouts, so make sure to watch for them. */
1082 if (atomic_inc_return(&intf->event_waiters) == 1)
1083 need_waiter(intf);
1084 }
393d2cc3
CM		 1085 *user = new_user;
1086 return 0;
1da177e4 1087
5c98d29a 1088out_kref:
393d2cc3 1089 kref_put(&intf->refcount, intf_free);
5c98d29a 1090out_kfree:
b2c03941 1091 mutex_unlock(&ipmi_interfaces_mutex);
5c98d29a 1092 kfree(new_user);
1da177e4
LT		 1093 return rv;
1094}
c70d7499 1095EXPORT_SYMBOL(ipmi_create_user);
1da177e4 1096
16f4232c
ZY		 1097int ipmi_get_smi_info(int if_num, struct ipmi_smi_info *data)
1098{
1099 int rv = 0;
1100 ipmi_smi_t intf;
81d02b7f 1101 const struct ipmi_smi_handlers *handlers;
16f4232c
ZY		 1102
1103 mutex_lock(&ipmi_interfaces_mutex);
1104 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1105 if (intf->intf_num == if_num)
1106 goto found;
1107 }
1108 /* Not found, return an error */
1109 rv = -EINVAL;
1110 mutex_unlock(&ipmi_interfaces_mutex);
1111 return rv;
1112
1113found:
1114 handlers = intf->handlers;
1115 rv = -ENOSYS;
1116 if (handlers->get_smi_info)
1117 rv = handlers->get_smi_info(intf->send_info, data);
1118 mutex_unlock(&ipmi_interfaces_mutex);
1119
1120 return rv;
1121}
1122EXPORT_SYMBOL(ipmi_get_smi_info);
1123
393d2cc3
CM		 1124static void free_user(struct kref *ref)
1125{
1126 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount);
1127 kfree(user);
1128}
1129
1130int ipmi_destroy_user(ipmi_user_t user)
1da177e4 1131{
393d2cc3 1132 ipmi_smi_t intf = user->intf;
1da177e4
LT		 1133 int i;
1134 unsigned long flags;
393d2cc3 1135 struct cmd_rcvr *rcvr;
393d2cc3 1136 struct cmd_rcvr *rcvrs = NULL;
1da177e4 1137
7aefac26 1138 user->valid = false;
1da177e4 1139
89986496
CM		 1140 if (user->handler->ipmi_watchdog_pretimeout)
1141 atomic_dec(&intf->event_waiters);
1142
1143 if (user->gets_events)
1144 atomic_dec(&intf->event_waiters);
1145
393d2cc3
CM		 1146 /* Remove the user from the interface's sequence table. */
1147 spin_lock_irqsave(&intf->seq_lock, flags);
1148 list_del_rcu(&user->link);
1da177e4 1149
e8b33617 1150 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
393d2cc3 1151 if (intf->seq_table[i].inuse
c70d7499 1152 && (intf->seq_table[i].recv_msg->user == user)) {
393d2cc3 1153 intf->seq_table[i].inuse = 0;
b2c03941 1154 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1da177e4
LT		 1155 }
1156 }
393d2cc3
CM		 1157 spin_unlock_irqrestore(&intf->seq_lock, flags);
1158
1159 /*
1160 * Remove the user from the command receiver's table. First
1161 * we build a list of everything (not using the standard link,
1162 * since other things may be using it till we do
1163 * synchronize_rcu()) then free everything in that list.
1164 */
d6dfd131 1165 mutex_lock(&intf->cmd_rcvrs_mutex);
066bb8d0 1166 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1da177e4 1167 if (rcvr->user == user) {
393d2cc3
CM		 1168 list_del_rcu(&rcvr->link);
1169 rcvr->next = rcvrs;
1170 rcvrs = rcvr;
1da177e4
LT		 1171 }
1172 }
d6dfd131 1173 mutex_unlock(&intf->cmd_rcvrs_mutex);
393d2cc3
CM		 1174 synchronize_rcu();
1175 while (rcvrs) {
1176 rcvr = rcvrs;
1177 rcvrs = rcvr->next;
1178 kfree(rcvr);
1179 }
1da177e4 1180
b2c03941
CM		 1181 mutex_lock(&ipmi_interfaces_mutex);
1182 if (intf->handlers) {
1183 module_put(intf->handlers->owner);
1184 if (intf->handlers->dec_usecount)
1185 intf->handlers->dec_usecount(intf->send_info);
1186 }
1187 mutex_unlock(&ipmi_interfaces_mutex);
1da177e4 1188
393d2cc3 1189 kref_put(&intf->refcount, intf_free);
1da177e4 1190
393d2cc3 1191 kref_put(&user->refcount, free_user);
1da177e4 1192
8a3628d5 1193 return 0;
1da177e4 1194}
c70d7499 1195EXPORT_SYMBOL(ipmi_destroy_user);
1da177e4
LT		 1196
1197void ipmi_get_version(ipmi_user_t user,
1198 unsigned char *major,
1199 unsigned char *minor)
1200{
b2c03941
CM		 1201 *major = user->intf->ipmi_version_major;
1202 *minor = user->intf->ipmi_version_minor;
1da177e4 1203}
c70d7499 1204EXPORT_SYMBOL(ipmi_get_version);
1da177e4 1205
c14979b9
CM		 1206int ipmi_set_my_address(ipmi_user_t user,
1207 unsigned int channel,
1208 unsigned char address)
1da177e4 1209{
c14979b9
CM		 1210 if (channel >= IPMI_MAX_CHANNELS)
1211 return -EINVAL;
1212 user->intf->channels[channel].address = address;
1213 return 0;
1da177e4 1214}
c70d7499 1215EXPORT_SYMBOL(ipmi_set_my_address);
1da177e4 1216
c14979b9
CM		 1217int ipmi_get_my_address(ipmi_user_t user,
1218 unsigned int channel,
1219 unsigned char *address)
1da177e4 1220{
c14979b9
CM		 1221 if (channel >= IPMI_MAX_CHANNELS)
1222 return -EINVAL;
1223 *address = user->intf->channels[channel].address;
1224 return 0;
1da177e4 1225}
c70d7499 1226EXPORT_SYMBOL(ipmi_get_my_address);
1da177e4 1227
c14979b9
CM		 1228int ipmi_set_my_LUN(ipmi_user_t user,
1229 unsigned int channel,
1230 unsigned char LUN)
1da177e4 1231{
c14979b9
CM		 1232 if (channel >= IPMI_MAX_CHANNELS)
1233 return -EINVAL;
1234 user->intf->channels[channel].lun = LUN & 0x3;
1235 return 0;
1da177e4 1236}
c70d7499 1237EXPORT_SYMBOL(ipmi_set_my_LUN);
1da177e4 1238
c14979b9
CM		 1239int ipmi_get_my_LUN(ipmi_user_t user,
1240 unsigned int channel,
1241 unsigned char *address)
1da177e4 1242{
c14979b9
CM		 1243 if (channel >= IPMI_MAX_CHANNELS)
1244 return -EINVAL;
1245 *address = user->intf->channels[channel].lun;
1246 return 0;
1da177e4 1247}
c70d7499 1248EXPORT_SYMBOL(ipmi_get_my_LUN);
1da177e4 1249
b9675136
CM		 1250int ipmi_get_maintenance_mode(ipmi_user_t user)
1251{
1252 int mode;
1253 unsigned long flags;
1254
1255 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags);
1256 mode = user->intf->maintenance_mode;
1257 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags);
1258
1259 return mode;
1260}
1261EXPORT_SYMBOL(ipmi_get_maintenance_mode);
1262
1263static void maintenance_mode_update(ipmi_smi_t intf)
1264{
1265 if (intf->handlers->set_maintenance_mode)
1266 intf->handlers->set_maintenance_mode(
1267 intf->send_info, intf->maintenance_mode_enable);
1268}
1269
1270int ipmi_set_maintenance_mode(ipmi_user_t user, int mode)
1271{
1272 int rv = 0;
1273 unsigned long flags;
1274 ipmi_smi_t intf = user->intf;
1275
1276 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1277 if (intf->maintenance_mode != mode) {
1278 switch (mode) {
1279 case IPMI_MAINTENANCE_MODE_AUTO:
b9675136
CM		 1280 intf->maintenance_mode_enable
1281 = (intf->auto_maintenance_timeout > 0);
1282 break;
1283
1284 case IPMI_MAINTENANCE_MODE_OFF:
7aefac26 1285 intf->maintenance_mode_enable = false;
b9675136
CM		 1286 break;
1287
1288 case IPMI_MAINTENANCE_MODE_ON:
7aefac26 1289 intf->maintenance_mode_enable = true;
b9675136
CM		 1290 break;
1291
1292 default:
1293 rv = -EINVAL;
1294 goto out_unlock;
1295 }
7aefac26 1296 intf->maintenance_mode = mode;
b9675136
CM		 1297
1298 maintenance_mode_update(intf);
1299 }
1300 out_unlock:
1301 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags);
1302
1303 return rv;
1304}
1305EXPORT_SYMBOL(ipmi_set_maintenance_mode);
1306
89986496 1307int ipmi_set_gets_events(ipmi_user_t user, bool val)
1da177e4 1308{
393d2cc3
CM		 1309 unsigned long flags;
1310 ipmi_smi_t intf = user->intf;
1311 struct ipmi_recv_msg *msg, *msg2;
1312 struct list_head msgs;
1da177e4 1313
393d2cc3
CM		 1314 INIT_LIST_HEAD(&msgs);
1315
1316 spin_lock_irqsave(&intf->events_lock, flags);
89986496
CM		 1317 if (user->gets_events == val)
1318 goto out;
1319
1da177e4
LT		 1320 user->gets_events = val;
1321
89986496
CM		 1322 if (val) {
1323 if (atomic_inc_return(&intf->event_waiters) == 1)
1324 need_waiter(intf);
1325 } else {
1326 atomic_dec(&intf->event_waiters);
1327 }
1328
b2c03941
CM		 1329 if (intf->delivering_events)
1330 /*
1331 * Another thread is delivering events for this, so
1332 * let it handle any new events.
1333 */
1334 goto out;
1335
1336 /* Deliver any queued events. */
1337 while (user->gets_events && !list_empty(&intf->waiting_events)) {
179e0917
AM		 1338 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link)
1339 list_move_tail(&msg->link, &msgs);
4791c03d 1340 intf->waiting_events_count = 0;
87ebd06f
CM		 1341 if (intf->event_msg_printed) {
1342 printk(KERN_WARNING PFX "Event queue no longer"
1343 " full\n");
1344 intf->event_msg_printed = 0;
1345 }
393d2cc3 1346
b2c03941
CM		 1347 intf->delivering_events = 1;
1348 spin_unlock_irqrestore(&intf->events_lock, flags);
1349
1350 list_for_each_entry_safe(msg, msg2, &msgs, link) {
1351 msg->user = user;
1352 kref_get(&user->refcount);
1353 deliver_response(msg);
1354 }
1355
1356 spin_lock_irqsave(&intf->events_lock, flags);
1357 intf->delivering_events = 0;
393d2cc3
CM		 1358 }
1359
b2c03941 1360 out:
393d2cc3 1361 spin_unlock_irqrestore(&intf->events_lock, flags);
1da177e4
LT		 1362
1363 return 0;
1364}
c70d7499 1365EXPORT_SYMBOL(ipmi_set_gets_events);
1da177e4 1366
393d2cc3
CM		 1367static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf,
1368 unsigned char netfn,
c69c3127
CM		 1369 unsigned char cmd,
1370 unsigned char chan)
393d2cc3
CM		 1371{
1372 struct cmd_rcvr *rcvr;
1373
1374 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
c69c3127
CM		 1375 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1376 && (rcvr->chans & (1 << chan)))
393d2cc3
CM		 1377 return rcvr;
1378 }
1379 return NULL;
1380}
1381
c69c3127
CM		 1382static int is_cmd_rcvr_exclusive(ipmi_smi_t intf,
1383 unsigned char netfn,
1384 unsigned char cmd,
1385 unsigned int chans)
1386{
1387 struct cmd_rcvr *rcvr;
1388
1389 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1390 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1391 && (rcvr->chans & chans))
1392 return 0;
1393 }
1394 return 1;
1395}
1396
1da177e4
LT		 1397int ipmi_register_for_cmd(ipmi_user_t user,
1398 unsigned char netfn,
c69c3127
CM		 1399 unsigned char cmd,
1400 unsigned int chans)
1da177e4 1401{
393d2cc3
CM		 1402 ipmi_smi_t intf = user->intf;
1403 struct cmd_rcvr *rcvr;
393d2cc3 1404 int rv = 0;
1da177e4
LT		 1405
1406
1407 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
8a3628d5 1408 if (!rcvr)
1da177e4 1409 return -ENOMEM;
393d2cc3
CM		 1410 rcvr->cmd = cmd;
1411 rcvr->netfn = netfn;
c69c3127 1412 rcvr->chans = chans;
393d2cc3 1413 rcvr->user = user;
1da177e4 1414
d6dfd131 1415 mutex_lock(&intf->cmd_rcvrs_mutex);
1da177e4 1416 /* Make sure the command/netfn is not already registered. */
c69c3127 1417 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) {
393d2cc3
CM		 1418 rv = -EBUSY;
1419 goto out_unlock;
1da177e4 1420 }
877197ef 1421
89986496
CM		 1422 if (atomic_inc_return(&intf->event_waiters) == 1)
1423 need_waiter(intf);
1424
393d2cc3 1425 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
1da177e4 1426
393d2cc3 1427 out_unlock:
d6dfd131 1428 mutex_unlock(&intf->cmd_rcvrs_mutex);
1da177e4
LT		 1429 if (rv)
1430 kfree(rcvr);
1431
1432 return rv;
1433}
c70d7499 1434EXPORT_SYMBOL(ipmi_register_for_cmd);
1da177e4
LT		 1435
1436int ipmi_unregister_for_cmd(ipmi_user_t user,
1437 unsigned char netfn,
c69c3127
CM		 1438 unsigned char cmd,
1439 unsigned int chans)
1da177e4 1440{
393d2cc3
CM		 1441 ipmi_smi_t intf = user->intf;
1442 struct cmd_rcvr *rcvr;
c69c3127
CM		 1443 struct cmd_rcvr *rcvrs = NULL;
1444 int i, rv = -ENOENT;
1da177e4 1445
d6dfd131 1446 mutex_lock(&intf->cmd_rcvrs_mutex);
c69c3127
CM		 1447 for (i = 0; i < IPMI_NUM_CHANNELS; i++) {
1448 if (((1 << i) & chans) == 0)
1449 continue;
1450 rcvr = find_cmd_rcvr(intf, netfn, cmd, i);
1451 if (rcvr == NULL)
1452 continue;
1453 if (rcvr->user == user) {
1454 rv = 0;
1455 rcvr->chans &= ~chans;
1456 if (rcvr->chans == 0) {
1457 list_del_rcu(&rcvr->link);
1458 rcvr->next = rcvrs;
1459 rcvrs = rcvr;
1460 }
1461 }
1462 }
1463 mutex_unlock(&intf->cmd_rcvrs_mutex);
1464 synchronize_rcu();
1465 while (rcvrs) {
89986496 1466 atomic_dec(&intf->event_waiters);
c69c3127
CM		 1467 rcvr = rcvrs;
1468 rcvrs = rcvr->next;
393d2cc3 1469 kfree(rcvr);
1da177e4 1470 }
c69c3127 1471 return rv;
1da177e4 1472}
c70d7499 1473EXPORT_SYMBOL(ipmi_unregister_for_cmd);
1da177e4 1474
1da177e4
LT		 1475static unsigned char
1476ipmb_checksum(unsigned char *data, int size)
1477{
1478 unsigned char csum = 0;
c70d7499 1479
1da177e4
LT		 1480 for (; size > 0; size--, data++)
1481 csum += *data;
1482
1483 return -csum;
1484}
1485
1486static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1487 struct kernel_ipmi_msg *msg,
1488 struct ipmi_ipmb_addr *ipmb_addr,
1489 long msgid,
1490 unsigned char ipmb_seq,
1491 int broadcast,
1492 unsigned char source_address,
1493 unsigned char source_lun)
1494{
1495 int i = broadcast;
1496
1497 /* Format the IPMB header data. */
1498 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1499 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1500 smi_msg->data[2] = ipmb_addr->channel;
1501 if (broadcast)
1502 smi_msg->data[3] = 0;
1503 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1504 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1505 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
1506 smi_msg->data[i+6] = source_address;
1507 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1508 smi_msg->data[i+8] = msg->cmd;
1509
1510 /* Now tack on the data to the message. */
1511 if (msg->data_len > 0)
1512 memcpy(&(smi_msg->data[i+9]), msg->data,
1513 msg->data_len);
1514 smi_msg->data_size = msg->data_len + 9;
1515
1516 /* Now calculate the checksum and tack it on. */
1517 smi_msg->data[i+smi_msg->data_size]
1518 = ipmb_checksum(&(smi_msg->data[i+6]),
1519 smi_msg->data_size-6);
1520
c70d7499
CM		 1521 /*
1522 * Add on the checksum size and the offset from the
1523 * broadcast.
1524 */
1da177e4
LT		 1525 smi_msg->data_size += 1 + i;
1526
1527 smi_msg->msgid = msgid;
1528}
1529
1530static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1531 struct kernel_ipmi_msg *msg,
1532 struct ipmi_lan_addr *lan_addr,
1533 long msgid,
1534 unsigned char ipmb_seq,
1535 unsigned char source_lun)
1536{
1537 /* Format the IPMB header data. */
1538 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1539 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1540 smi_msg->data[2] = lan_addr->channel;
1541 smi_msg->data[3] = lan_addr->session_handle;
1542 smi_msg->data[4] = lan_addr->remote_SWID;
1543 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1544 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
1545 smi_msg->data[7] = lan_addr->local_SWID;
1546 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1547 smi_msg->data[9] = msg->cmd;
1548
1549 /* Now tack on the data to the message. */
1550 if (msg->data_len > 0)
1551 memcpy(&(smi_msg->data[10]), msg->data,
1552 msg->data_len);
1553 smi_msg->data_size = msg->data_len + 10;
1554
1555 /* Now calculate the checksum and tack it on. */
1556 smi_msg->data[smi_msg->data_size]
1557 = ipmb_checksum(&(smi_msg->data[7]),
1558 smi_msg->data_size-7);
1559
c70d7499
CM		 1560 /*
1561 * Add on the checksum size and the offset from the
1562 * broadcast.
1563 */
1da177e4
LT		 1564 smi_msg->data_size += 1;
1565
1566 smi_msg->msgid = msgid;
1567}
1568
191cc414
AB		 1569static struct ipmi_smi_msg *smi_add_send_msg(ipmi_smi_t intf,
1570 struct ipmi_smi_msg *smi_msg,
1571 int priority)
7f4a1c84 1572{
7ea0ed2b
CM		 1573 if (intf->curr_msg) {
1574 if (priority > 0)
1575 list_add_tail(&smi_msg->link, &intf->hp_xmit_msgs);
1576 else
1577 list_add_tail(&smi_msg->link, &intf->xmit_msgs);
1578 smi_msg = NULL;
1579 } else {
1580 intf->curr_msg = smi_msg;
1581 }
191cc414
AB		 1582
1583 return smi_msg;
1584}
1585
1586
81d02b7f 1587static void smi_send(ipmi_smi_t intf, const struct ipmi_smi_handlers *handlers,
191cc414
AB		 1588 struct ipmi_smi_msg *smi_msg, int priority)
1589{
1590 int run_to_completion = intf->run_to_completion;
1591
1592 if (run_to_completion) {
1593 smi_msg = smi_add_send_msg(intf, smi_msg, priority);
1594 } else {
1595 unsigned long flags;
1596
1597 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
1598 smi_msg = smi_add_send_msg(intf, smi_msg, priority);
7ea0ed2b 1599 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
191cc414 1600 }
7ea0ed2b
CM		 1601
1602 if (smi_msg)
99ab32f3 1603 handlers->sender(intf->send_info, smi_msg);
7f4a1c84
CM		 1604}
1605
c70d7499
CM		 1606/*
1607 * Separate from ipmi_request so that the user does not have to be
1608 * supplied in certain circumstances (mainly at panic time). If
1609 * messages are supplied, they will be freed, even if an error
1610 * occurs.
1611 */
393d2cc3
CM		 1612static int i_ipmi_request(ipmi_user_t user,
1613 ipmi_smi_t intf,
1614 struct ipmi_addr *addr,
1615 long msgid,
1616 struct kernel_ipmi_msg *msg,
1617 void *user_msg_data,
1618 void *supplied_smi,
1619 struct ipmi_recv_msg *supplied_recv,
1620 int priority,
1621 unsigned char source_address,
1622 unsigned char source_lun,
1623 int retries,
1624 unsigned int retry_time_ms)
1da177e4 1625{
b2c03941
CM		 1626 int rv = 0;
1627 struct ipmi_smi_msg *smi_msg;
1628 struct ipmi_recv_msg *recv_msg;
1629 unsigned long flags;
1da177e4
LT		 1630
1631
c70d7499 1632 if (supplied_recv)
1da177e4 1633 recv_msg = supplied_recv;
c70d7499 1634 else {
1da177e4 1635 recv_msg = ipmi_alloc_recv_msg();
c70d7499 1636 if (recv_msg == NULL)
1da177e4 1637 return -ENOMEM;
1da177e4
LT		 1638 }
1639 recv_msg->user_msg_data = user_msg_data;
1640
c70d7499 1641 if (supplied_smi)
1da177e4 1642 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
c70d7499 1643 else {
1da177e4
LT		 1644 smi_msg = ipmi_alloc_smi_msg();
1645 if (smi_msg == NULL) {
1646 ipmi_free_recv_msg(recv_msg);
1647 return -ENOMEM;
1648 }
1649 }
1650
b2c03941 1651 rcu_read_lock();
7ea0ed2b 1652 if (intf->in_shutdown) {
b2c03941
CM		 1653 rv = -ENODEV;
1654 goto out_err;
1655 }
1656
1da177e4 1657 recv_msg->user = user;
393d2cc3
CM		 1658 if (user)
1659 kref_get(&user->refcount);
1da177e4 1660 recv_msg->msgid = msgid;
c70d7499
CM		 1661 /*
1662 * Store the message to send in the receive message so timeout
1663 * responses can get the proper response data.
1664 */
1da177e4
LT		 1665 recv_msg->msg = *msg;
1666
1667 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1668 struct ipmi_system_interface_addr *smi_addr;
1669
1670 if (msg->netfn & 1) {
1671 /* Responses are not allowed to the SMI. */
1672 rv = -EINVAL;
1673 goto out_err;
1674 }
1675
1676 smi_addr = (struct ipmi_system_interface_addr *) addr;
1677 if (smi_addr->lun > 3) {
b2655f26 1678 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1679 rv = -EINVAL;
1680 goto out_err;
1681 }
1682
1683 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1684
1685 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1686 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1687 || (msg->cmd == IPMI_GET_MSG_CMD)
c70d7499
CM		 1688 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) {
1689 /*
1690 * We don't let the user do these, since we manage
1691 * the sequence numbers.
1692 */
b2655f26 1693 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1694 rv = -EINVAL;
1695 goto out_err;
1696 }
1697
b9675136
CM		 1698 if (((msg->netfn == IPMI_NETFN_APP_REQUEST)
1699 && ((msg->cmd == IPMI_COLD_RESET_CMD)
1700 || (msg->cmd == IPMI_WARM_RESET_CMD)))
c70d7499 1701 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST)) {
b9675136
CM		 1702 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1703 intf->auto_maintenance_timeout
1704 = IPMI_MAINTENANCE_MODE_TIMEOUT;
1705 if (!intf->maintenance_mode
c70d7499 1706 && !intf->maintenance_mode_enable) {
7aefac26 1707 intf->maintenance_mode_enable = true;
b9675136
CM		 1708 maintenance_mode_update(intf);
1709 }
1710 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
1711 flags);
1712 }
1713
1da177e4 1714 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
b2655f26 1715 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1716 rv = -EMSGSIZE;
1717 goto out_err;
1718 }
1719
1720 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1721 smi_msg->data[1] = msg->cmd;
1722 smi_msg->msgid = msgid;
1723 smi_msg->user_data = recv_msg;
1724 if (msg->data_len > 0)
1725 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1726 smi_msg->data_size = msg->data_len + 2;
b2655f26 1727 ipmi_inc_stat(intf, sent_local_commands);
25176ed6 1728 } else if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
1da177e4
LT		 1729 struct ipmi_ipmb_addr *ipmb_addr;
1730 unsigned char ipmb_seq;
1731 long seqid;
1732 int broadcast = 0;
1733
9c101fd4 1734 if (addr->channel >= IPMI_MAX_CHANNELS) {
b2655f26 1735 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1736 rv = -EINVAL;
1737 goto out_err;
1738 }
1739
1740 if (intf->channels[addr->channel].medium
c70d7499 1741 != IPMI_CHANNEL_MEDIUM_IPMB) {
b2655f26 1742 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1743 rv = -EINVAL;
1744 goto out_err;
1745 }
1746
1747 if (retries < 0) {
1748 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1749 retries = 0; /* Don't retry broadcasts. */
1750 else
1751 retries = 4;
1752 }
1753 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
c70d7499
CM		 1754 /*
1755 * Broadcasts add a zero at the beginning of the
1756 * message, but otherwise is the same as an IPMB
1757 * address.
1758 */
1da177e4
LT		 1759 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1760 broadcast = 1;
1761 }
1762
1763
1764 /* Default to 1 second retries. */
1765 if (retry_time_ms == 0)
1766 retry_time_ms = 1000;
1767
c70d7499
CM		 1768 /*
1769 * 9 for the header and 1 for the checksum, plus
1770 * possibly one for the broadcast.
1771 */
1da177e4 1772 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
b2655f26 1773 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1774 rv = -EMSGSIZE;
1775 goto out_err;
1776 }
1777
1778 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1779 if (ipmb_addr->lun > 3) {
b2655f26 1780 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1781 rv = -EINVAL;
1782 goto out_err;
1783 }
1784
1785 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1786
1787 if (recv_msg->msg.netfn & 0x1) {
c70d7499
CM		 1788 /*
1789 * It's a response, so use the user's sequence
1790 * from msgid.
1791 */
b2655f26 1792 ipmi_inc_stat(intf, sent_ipmb_responses);
1da177e4
LT		 1793 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1794 msgid, broadcast,
1795 source_address, source_lun);
1796
c70d7499
CM		 1797 /*
1798 * Save the receive message so we can use it
1799 * to deliver the response.
1800 */
1da177e4
LT		 1801 smi_msg->user_data = recv_msg;
1802 } else {
1803 /* It's a command, so get a sequence for it. */
1804
1805 spin_lock_irqsave(&(intf->seq_lock), flags);
1806
c70d7499
CM		 1807 /*
1808 * Create a sequence number with a 1 second
1809 * timeout and 4 retries.
1810 */
1da177e4
LT		 1811 rv = intf_next_seq(intf,
1812 recv_msg,
1813 retry_time_ms,
1814 retries,
1815 broadcast,
1816 &ipmb_seq,
1817 &seqid);
1818 if (rv) {
c70d7499
CM		 1819 /*
1820 * We have used up all the sequence numbers,
1821 * probably, so abort.
1822 */
1da177e4
LT		 1823 spin_unlock_irqrestore(&(intf->seq_lock),
1824 flags);
1825 goto out_err;
1826 }
1827
25176ed6
CM		 1828 ipmi_inc_stat(intf, sent_ipmb_commands);
1829
c70d7499
CM		 1830 /*
1831 * Store the sequence number in the message,
1832 * so that when the send message response
1833 * comes back we can start the timer.
1834 */
1da177e4
LT		 1835 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1836 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1837 ipmb_seq, broadcast,
1838 source_address, source_lun);
1839
c70d7499
CM		 1840 /*
1841 * Copy the message into the recv message data, so we
1842 * can retransmit it later if necessary.
1843 */
1da177e4
LT		 1844 memcpy(recv_msg->msg_data, smi_msg->data,
1845 smi_msg->data_size);
1846 recv_msg->msg.data = recv_msg->msg_data;
1847 recv_msg->msg.data_len = smi_msg->data_size;
1848
c70d7499
CM		 1849 /*
1850 * We don't unlock until here, because we need
1851 * to copy the completed message into the
1852 * recv_msg before we release the lock.
1853 * Otherwise, race conditions may bite us. I
1854 * know that's pretty paranoid, but I prefer
1855 * to be correct.
1856 */
1da177e4
LT		 1857 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1858 }
25176ed6 1859 } else if (is_lan_addr(addr)) {
1da177e4
LT		 1860 struct ipmi_lan_addr *lan_addr;
1861 unsigned char ipmb_seq;
1862 long seqid;
1863
12fc1d7b 1864 if (addr->channel >= IPMI_MAX_CHANNELS) {
b2655f26 1865 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1866 rv = -EINVAL;
1867 goto out_err;
1868 }
1869
1870 if ((intf->channels[addr->channel].medium
c70d7499 1871 != IPMI_CHANNEL_MEDIUM_8023LAN)
1da177e4 1872 && (intf->channels[addr->channel].medium
c70d7499 1873 != IPMI_CHANNEL_MEDIUM_ASYNC)) {
b2655f26 1874 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1875 rv = -EINVAL;
1876 goto out_err;
1877 }
1878
1879 retries = 4;
1880
1881 /* Default to 1 second retries. */
1882 if (retry_time_ms == 0)
1883 retry_time_ms = 1000;
1884
1885 /* 11 for the header and 1 for the checksum. */
1886 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
b2655f26 1887 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1888 rv = -EMSGSIZE;
1889 goto out_err;
1890 }
1891
1892 lan_addr = (struct ipmi_lan_addr *) addr;
1893 if (lan_addr->lun > 3) {
b2655f26 1894 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1895 rv = -EINVAL;
1896 goto out_err;
1897 }
1898
1899 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1900
1901 if (recv_msg->msg.netfn & 0x1) {
c70d7499
CM		 1902 /*
1903 * It's a response, so use the user's sequence
1904 * from msgid.
1905 */
b2655f26 1906 ipmi_inc_stat(intf, sent_lan_responses);
1da177e4
LT		 1907 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1908 msgid, source_lun);
1909
c70d7499
CM		 1910 /*
1911 * Save the receive message so we can use it
1912 * to deliver the response.
1913 */
1da177e4
LT		 1914 smi_msg->user_data = recv_msg;
1915 } else {
1916 /* It's a command, so get a sequence for it. */
1917
1918 spin_lock_irqsave(&(intf->seq_lock), flags);
1919
c70d7499
CM		 1920 /*
1921 * Create a sequence number with a 1 second
1922 * timeout and 4 retries.
1923 */
1da177e4
LT		 1924 rv = intf_next_seq(intf,
1925 recv_msg,
1926 retry_time_ms,
1927 retries,
1928 0,
1929 &ipmb_seq,
1930 &seqid);
1931 if (rv) {
c70d7499
CM		 1932 /*
1933 * We have used up all the sequence numbers,
1934 * probably, so abort.
1935 */
1da177e4
LT		 1936 spin_unlock_irqrestore(&(intf->seq_lock),
1937 flags);
1938 goto out_err;
1939 }
1940
25176ed6
CM		 1941 ipmi_inc_stat(intf, sent_lan_commands);
1942
c70d7499
CM		 1943 /*
1944 * Store the sequence number in the message,
1945 * so that when the send message response
1946 * comes back we can start the timer.
1947 */
1da177e4
LT		 1948 format_lan_msg(smi_msg, msg, lan_addr,
1949 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1950 ipmb_seq, source_lun);
1951
c70d7499
CM		 1952 /*
1953 * Copy the message into the recv message data, so we
1954 * can retransmit it later if necessary.
1955 */
1da177e4
LT		 1956 memcpy(recv_msg->msg_data, smi_msg->data,
1957 smi_msg->data_size);
1958 recv_msg->msg.data = recv_msg->msg_data;
1959 recv_msg->msg.data_len = smi_msg->data_size;
1960
c70d7499
CM		 1961 /*
1962 * We don't unlock until here, because we need
1963 * to copy the completed message into the
1964 * recv_msg before we release the lock.
1965 * Otherwise, race conditions may bite us. I
1966 * know that's pretty paranoid, but I prefer
1967 * to be correct.
1968 */
1da177e4
LT		 1969 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1970 }
1971 } else {
1972 /* Unknown address type. */
b2655f26 1973 ipmi_inc_stat(intf, sent_invalid_commands);
1da177e4
LT		 1974 rv = -EINVAL;
1975 goto out_err;
1976 }
1977
1978#ifdef DEBUG_MSGING
1979 {
1980 int m;
e8b33617 1981 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 1982 printk(" %2.2x", smi_msg->data[m]);
1983 printk("\n");
1984 }
1985#endif
b2c03941 1986
7ea0ed2b 1987 smi_send(intf, intf->handlers, smi_msg, priority);
b2c03941 1988 rcu_read_unlock();
1da177e4
LT		 1989
1990 return 0;
1991
1992 out_err:
b2c03941 1993 rcu_read_unlock();
1da177e4
LT		 1994 ipmi_free_smi_msg(smi_msg);
1995 ipmi_free_recv_msg(recv_msg);
1996 return rv;
1997}
1998
c14979b9
CM		 1999static int check_addr(ipmi_smi_t intf,
2000 struct ipmi_addr *addr,
2001 unsigned char *saddr,
2002 unsigned char *lun)
2003{
2004 if (addr->channel >= IPMI_MAX_CHANNELS)
2005 return -EINVAL;
2006 *lun = intf->channels[addr->channel].lun;
2007 *saddr = intf->channels[addr->channel].address;
2008 return 0;
2009}
2010
1da177e4
LT		 2011int ipmi_request_settime(ipmi_user_t user,
2012 struct ipmi_addr *addr,
2013 long msgid,
2014 struct kernel_ipmi_msg *msg,
2015 void *user_msg_data,
2016 int priority,
2017 int retries,
2018 unsigned int retry_time_ms)
2019{
f0ba9390 2020 unsigned char saddr = 0, lun = 0;
c14979b9
CM		 2021 int rv;
2022
8a3628d5 2023 if (!user)
56a55ec6 2024 return -EINVAL;
c14979b9
CM		 2025 rv = check_addr(user->intf, addr, &saddr, &lun);
2026 if (rv)
2027 return rv;
1da177e4
LT		 2028 return i_ipmi_request(user,
2029 user->intf,
2030 addr,
2031 msgid,
2032 msg,
2033 user_msg_data,
2034 NULL, NULL,
2035 priority,
c14979b9
CM		 2036 saddr,
2037 lun,
1da177e4
LT		 2038 retries,
2039 retry_time_ms);
2040}
c70d7499 2041EXPORT_SYMBOL(ipmi_request_settime);
1da177e4
LT		 2042
2043int ipmi_request_supply_msgs(ipmi_user_t user,
2044 struct ipmi_addr *addr,
2045 long msgid,
2046 struct kernel_ipmi_msg *msg,
2047 void *user_msg_data,
2048 void *supplied_smi,
2049 struct ipmi_recv_msg *supplied_recv,
2050 int priority)
2051{
9ebca93b 2052 unsigned char saddr = 0, lun = 0;
c14979b9
CM		 2053 int rv;
2054
8a3628d5 2055 if (!user)
56a55ec6 2056 return -EINVAL;
c14979b9
CM		 2057 rv = check_addr(user->intf, addr, &saddr, &lun);
2058 if (rv)
2059 return rv;
1da177e4
LT		 2060 return i_ipmi_request(user,
2061 user->intf,
2062 addr,
2063 msgid,
2064 msg,
2065 user_msg_data,
2066 supplied_smi,
2067 supplied_recv,
2068 priority,
c14979b9
CM		 2069 saddr,
2070 lun,
1da177e4
LT		 2071 -1, 0);
2072}
c70d7499 2073EXPORT_SYMBOL(ipmi_request_supply_msgs);
1da177e4 2074
1aa16eea 2075#ifdef CONFIG_PROC_FS
07412736 2076static int smi_ipmb_proc_show(struct seq_file *m, void *v)
1da177e4 2077{
07412736 2078 ipmi_smi_t intf = m->private;
c14979b9 2079 int i;
1da177e4 2080
07412736
AD		 2081 seq_printf(m, "%x", intf->channels[0].address);
2082 for (i = 1; i < IPMI_MAX_CHANNELS; i++)
2083 seq_printf(m, " %x", intf->channels[i].address);
d6c5dc18
JP		 2084 seq_putc(m, '\n');
2085
5e33cd0c 2086 return 0;
1da177e4
LT		 2087}
2088
07412736 2089static int smi_ipmb_proc_open(struct inode *inode, struct file *file)
1da177e4 2090{
d9dda78b 2091 return single_open(file, smi_ipmb_proc_show, PDE_DATA(inode));
07412736 2092}
1da177e4 2093
07412736
AD		 2094static const struct file_operations smi_ipmb_proc_ops = {
2095 .open = smi_ipmb_proc_open,
2096 .read = seq_read,
2097 .llseek = seq_lseek,
2098 .release = single_release,
2099};
2100
2101static int smi_version_proc_show(struct seq_file *m, void *v)
2102{
2103 ipmi_smi_t intf = m->private;
2104
d6c5dc18
JP		 2105 seq_printf(m, "%u.%u\n",
2106 ipmi_version_major(&intf->bmc->id),
2107 ipmi_version_minor(&intf->bmc->id));
2108
5e33cd0c 2109 return 0;
1da177e4
LT		 2110}
2111
07412736 2112static int smi_version_proc_open(struct inode *inode, struct file *file)
1da177e4 2113{
d9dda78b 2114 return single_open(file, smi_version_proc_show, PDE_DATA(inode));
07412736
AD		 2115}
2116
2117static const struct file_operations smi_version_proc_ops = {
2118 .open = smi_version_proc_open,
2119 .read = seq_read,
2120 .llseek = seq_lseek,
2121 .release = single_release,
2122};
1da177e4 2123
07412736
AD		 2124static int smi_stats_proc_show(struct seq_file *m, void *v)
2125{
2126 ipmi_smi_t intf = m->private;
2127
2128 seq_printf(m, "sent_invalid_commands: %u\n",
b2655f26 2129 ipmi_get_stat(intf, sent_invalid_commands));
07412736 2130 seq_printf(m, "sent_local_commands: %u\n",
b2655f26 2131 ipmi_get_stat(intf, sent_local_commands));
07412736 2132 seq_printf(m, "handled_local_responses: %u\n",
b2655f26 2133 ipmi_get_stat(intf, handled_local_responses));
07412736 2134 seq_printf(m, "unhandled_local_responses: %u\n",
b2655f26 2135 ipmi_get_stat(intf, unhandled_local_responses));
07412736 2136 seq_printf(m, "sent_ipmb_commands: %u\n",
b2655f26 2137 ipmi_get_stat(intf, sent_ipmb_commands));
07412736 2138 seq_printf(m, "sent_ipmb_command_errs: %u\n",
b2655f26 2139 ipmi_get_stat(intf, sent_ipmb_command_errs));
07412736 2140 seq_printf(m, "retransmitted_ipmb_commands: %u\n",
b2655f26 2141 ipmi_get_stat(intf, retransmitted_ipmb_commands));
07412736 2142 seq_printf(m, "timed_out_ipmb_commands: %u\n",
b2655f26 2143 ipmi_get_stat(intf, timed_out_ipmb_commands));
07412736 2144 seq_printf(m, "timed_out_ipmb_broadcasts: %u\n",
b2655f26 2145 ipmi_get_stat(intf, timed_out_ipmb_broadcasts));
07412736 2146 seq_printf(m, "sent_ipmb_responses: %u\n",
b2655f26 2147 ipmi_get_stat(intf, sent_ipmb_responses));
07412736 2148 seq_printf(m, "handled_ipmb_responses: %u\n",
b2655f26 2149 ipmi_get_stat(intf, handled_ipmb_responses));
07412736 2150 seq_printf(m, "invalid_ipmb_responses: %u\n",
b2655f26 2151 ipmi_get_stat(intf, invalid_ipmb_responses));
07412736 2152 seq_printf(m, "unhandled_ipmb_responses: %u\n",
b2655f26 2153 ipmi_get_stat(intf, unhandled_ipmb_responses));
07412736 2154 seq_printf(m, "sent_lan_commands: %u\n",
b2655f26 2155 ipmi_get_stat(intf, sent_lan_commands));
07412736 2156 seq_printf(m, "sent_lan_command_errs: %u\n",
b2655f26 2157 ipmi_get_stat(intf, sent_lan_command_errs));
07412736 2158 seq_printf(m, "retransmitted_lan_commands: %u\n",
b2655f26 2159 ipmi_get_stat(intf, retransmitted_lan_commands));
07412736 2160 seq_printf(m, "timed_out_lan_commands: %u\n",
b2655f26 2161 ipmi_get_stat(intf, timed_out_lan_commands));
07412736 2162 seq_printf(m, "sent_lan_responses: %u\n",
b2655f26 2163 ipmi_get_stat(intf, sent_lan_responses));
07412736 2164 seq_printf(m, "handled_lan_responses: %u\n",
b2655f26 2165 ipmi_get_stat(intf, handled_lan_responses));
07412736 2166 seq_printf(m, "invalid_lan_responses: %u\n",
b2655f26 2167 ipmi_get_stat(intf, invalid_lan_responses));
07412736 2168 seq_printf(m, "unhandled_lan_responses: %u\n",
b2655f26 2169 ipmi_get_stat(intf, unhandled_lan_responses));
07412736 2170 seq_printf(m, "handled_commands: %u\n",
b2655f26 2171 ipmi_get_stat(intf, handled_commands));
07412736 2172 seq_printf(m, "invalid_commands: %u\n",
b2655f26 2173 ipmi_get_stat(intf, invalid_commands));
07412736 2174 seq_printf(m, "unhandled_commands: %u\n",
b2655f26 2175 ipmi_get_stat(intf, unhandled_commands));
07412736 2176 seq_printf(m, "invalid_events: %u\n",
b2655f26 2177 ipmi_get_stat(intf, invalid_events));
07412736 2178 seq_printf(m, "events: %u\n",
b2655f26 2179 ipmi_get_stat(intf, events));
07412736 2180 seq_printf(m, "failed rexmit LAN msgs: %u\n",
25176ed6 2181 ipmi_get_stat(intf, dropped_rexmit_lan_commands));
07412736 2182 seq_printf(m, "failed rexmit IPMB msgs: %u\n",
25176ed6 2183 ipmi_get_stat(intf, dropped_rexmit_ipmb_commands));
07412736
AD		 2184 return 0;
2185}
1da177e4 2186
07412736
AD		 2187static int smi_stats_proc_open(struct inode *inode, struct file *file)
2188{
d9dda78b 2189 return single_open(file, smi_stats_proc_show, PDE_DATA(inode));
1da177e4 2190}
07412736
AD		 2191
2192static const struct file_operations smi_stats_proc_ops = {
2193 .open = smi_stats_proc_open,
2194 .read = seq_read,
2195 .llseek = seq_lseek,
2196 .release = single_release,
2197};
1aa16eea 2198#endif /* CONFIG_PROC_FS */
1da177e4
LT		 2199
2200int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
07412736 2201 const struct file_operations *proc_ops,
99b76233 2202 void *data)
1da177e4 2203{
1da177e4 2204 int rv = 0;
3b625943
CM		 2205#ifdef CONFIG_PROC_FS
2206 struct proc_dir_entry *file;
1da177e4
LT		 2207 struct ipmi_proc_entry *entry;
2208
2209 /* Create a list element. */
2210 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
2211 if (!entry)
2212 return -ENOMEM;
1b6b698f 2213 entry->name = kstrdup(name, GFP_KERNEL);
1da177e4
LT		 2214 if (!entry->name) {
2215 kfree(entry);
2216 return -ENOMEM;
2217 }
1da177e4 2218
07412736 2219 file = proc_create_data(name, 0, smi->proc_dir, proc_ops, data);
1da177e4
LT		 2220 if (!file) {
2221 kfree(entry->name);
2222 kfree(entry);
2223 rv = -ENOMEM;
2224 } else {
ac019151 2225 mutex_lock(&smi->proc_entry_lock);
1da177e4
LT		 2226 /* Stick it on the list. */
2227 entry->next = smi->proc_entries;
2228 smi->proc_entries = entry;
ac019151 2229 mutex_unlock(&smi->proc_entry_lock);
1da177e4 2230 }
3b625943 2231#endif /* CONFIG_PROC_FS */
1da177e4
LT		 2232
2233 return rv;
2234}
c70d7499 2235EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
1da177e4
LT		 2236
2237static int add_proc_entries(ipmi_smi_t smi, int num)
2238{
2239 int rv = 0;
2240
3b625943 2241#ifdef CONFIG_PROC_FS
1da177e4
LT		 2242 sprintf(smi->proc_dir_name, "%d", num);
2243 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
2244 if (!smi->proc_dir)
2245 rv = -ENOMEM;
1da177e4
LT		 2246
2247 if (rv == 0)
2248 rv = ipmi_smi_add_proc_entry(smi, "stats",
07412736 2249 &smi_stats_proc_ops,
99b76233 2250 smi);
1da177e4
LT		 2251
2252 if (rv == 0)
2253 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
07412736 2254 &smi_ipmb_proc_ops,
99b76233 2255 smi);
1da177e4
LT		 2256
2257 if (rv == 0)
2258 rv = ipmi_smi_add_proc_entry(smi, "version",
07412736 2259 &smi_version_proc_ops,
99b76233 2260 smi);
3b625943 2261#endif /* CONFIG_PROC_FS */
1da177e4
LT		 2262
2263 return rv;
2264}
2265
2266static void remove_proc_entries(ipmi_smi_t smi)
2267{
3b625943 2268#ifdef CONFIG_PROC_FS
1da177e4
LT		 2269 struct ipmi_proc_entry *entry;
2270
ac019151 2271 mutex_lock(&smi->proc_entry_lock);
1da177e4
LT		 2272 while (smi->proc_entries) {
2273 entry = smi->proc_entries;
2274 smi->proc_entries = entry->next;
2275
2276 remove_proc_entry(entry->name, smi->proc_dir);
2277 kfree(entry->name);
2278 kfree(entry);
2279 }
ac019151 2280 mutex_unlock(&smi->proc_entry_lock);
1da177e4 2281 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
3b625943 2282#endif /* CONFIG_PROC_FS */
1da177e4
LT		 2283}
2284
50c812b2
CM		 2285static ssize_t device_id_show(struct device *dev,
2286 struct device_attribute *attr,
2287 char *buf)
2288{
16639eb0 2289 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2290
2291 return snprintf(buf, 10, "%u\n", bmc->id.device_id);
2292}
9c633317 2293static DEVICE_ATTR(device_id, S_IRUGO, device_id_show, NULL);
50c812b2 2294
16639eb0
CM		 2295static ssize_t provides_device_sdrs_show(struct device *dev,
2296 struct device_attribute *attr,
2297 char *buf)
50c812b2 2298{
16639eb0 2299 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2300
2301 return snprintf(buf, 10, "%u\n",
7947d2cc 2302 (bmc->id.device_revision & 0x80) >> 7);
50c812b2 2303}
9c633317
CM		 2304static DEVICE_ATTR(provides_device_sdrs, S_IRUGO, provides_device_sdrs_show,
2305 NULL);
50c812b2
CM		 2306
2307static ssize_t revision_show(struct device *dev, struct device_attribute *attr,
2308 char *buf)
2309{
16639eb0 2310 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2311
2312 return snprintf(buf, 20, "%u\n",
7947d2cc 2313 bmc->id.device_revision & 0x0F);
50c812b2 2314}
9c633317 2315static DEVICE_ATTR(revision, S_IRUGO, revision_show, NULL);
50c812b2 2316
16639eb0
CM		 2317static ssize_t firmware_revision_show(struct device *dev,
2318 struct device_attribute *attr,
2319 char *buf)
50c812b2 2320{
16639eb0 2321 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2322
2323 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1,
2324 bmc->id.firmware_revision_2);
2325}
9c633317 2326static DEVICE_ATTR(firmware_revision, S_IRUGO, firmware_revision_show, NULL);
50c812b2
CM		 2327
2328static ssize_t ipmi_version_show(struct device *dev,
2329 struct device_attribute *attr,
2330 char *buf)
2331{
16639eb0 2332 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2333
2334 return snprintf(buf, 20, "%u.%u\n",
2335 ipmi_version_major(&bmc->id),
2336 ipmi_version_minor(&bmc->id));
2337}
9c633317 2338static DEVICE_ATTR(ipmi_version, S_IRUGO, ipmi_version_show, NULL);
50c812b2
CM		 2339
2340static ssize_t add_dev_support_show(struct device *dev,
2341 struct device_attribute *attr,
2342 char *buf)
2343{
16639eb0 2344 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2345
2346 return snprintf(buf, 10, "0x%02x\n",
2347 bmc->id.additional_device_support);
2348}
9c633317
CM		 2349static DEVICE_ATTR(additional_device_support, S_IRUGO, add_dev_support_show,
2350 NULL);
50c812b2
CM		 2351
2352static ssize_t manufacturer_id_show(struct device *dev,
2353 struct device_attribute *attr,
2354 char *buf)
2355{
16639eb0 2356 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2357
2358 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id);
2359}
9c633317 2360static DEVICE_ATTR(manufacturer_id, S_IRUGO, manufacturer_id_show, NULL);
50c812b2
CM		 2361
2362static ssize_t product_id_show(struct device *dev,
2363 struct device_attribute *attr,
2364 char *buf)
2365{
16639eb0 2366 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2367
2368 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id);
2369}
9c633317 2370static DEVICE_ATTR(product_id, S_IRUGO, product_id_show, NULL);
50c812b2
CM		 2371
2372static ssize_t aux_firmware_rev_show(struct device *dev,
2373 struct device_attribute *attr,
2374 char *buf)
2375{
16639eb0 2376 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2
CM		 2377
2378 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n",
2379 bmc->id.aux_firmware_revision[3],
2380 bmc->id.aux_firmware_revision[2],
2381 bmc->id.aux_firmware_revision[1],
2382 bmc->id.aux_firmware_revision[0]);
2383}
9c633317 2384static DEVICE_ATTR(aux_firmware_revision, S_IRUGO, aux_firmware_rev_show, NULL);
50c812b2
CM		 2385
2386static ssize_t guid_show(struct device *dev, struct device_attribute *attr,
2387 char *buf)
2388{
16639eb0 2389 struct bmc_device *bmc = to_bmc_device(dev);
50c812b2 2390
9b64a8ba
CM		 2391 return snprintf(buf, 100,
2392 "%2.2x%2.2x%2.2x%2.2x-%2.2x%2.2x-%2.2x%2.2x-%2.2x%2.2x-%2.2x%2.2x%2.2x%2.2x%2.2x%2.2x\n",
2393 bmc->guid[3], bmc->guid[2], bmc->guid[1], bmc->guid[0],
2394 bmc->guid[5], bmc->guid[4], bmc->guid[7], bmc->guid[6],
2395 bmc->guid[8], bmc->guid[9], bmc->guid[10], bmc->guid[11],
2396 bmc->guid[12], bmc->guid[13], bmc->guid[14], bmc->guid[15]);
50c812b2 2397}
9c633317 2398static DEVICE_ATTR(guid, S_IRUGO, guid_show, NULL);
16639eb0
CM		 2399
2400static struct attribute *bmc_dev_attrs[] = {
2401 &dev_attr_device_id.attr,
2402 &dev_attr_provides_device_sdrs.attr,
2403 &dev_attr_revision.attr,
2404 &dev_attr_firmware_revision.attr,
2405 &dev_attr_ipmi_version.attr,
2406 &dev_attr_additional_device_support.attr,
2407 &dev_attr_manufacturer_id.attr,
2408 &dev_attr_product_id.attr,
2d06a0c9
TI		 2409 &dev_attr_aux_firmware_revision.attr,
2410 &dev_attr_guid.attr,
16639eb0
CM		 2411 NULL
2412};
50c812b2 2413
2d06a0c9
TI		 2414static umode_t bmc_dev_attr_is_visible(struct kobject *kobj,
2415 struct attribute *attr, int idx)
2416{
2417 struct device *dev = kobj_to_dev(kobj);
2418 struct bmc_device *bmc = to_bmc_device(dev);
2419 umode_t mode = attr->mode;
2420
2421 if (attr == &dev_attr_aux_firmware_revision.attr)
2422 return bmc->id.aux_firmware_revision_set ? mode : 0;
2423 if (attr == &dev_attr_guid.attr)
2424 return bmc->guid_set ? mode : 0;
2425 return mode;
2426}
2427
1e7a75f7 2428static const struct attribute_group bmc_dev_attr_group = {
16639eb0 2429 .attrs = bmc_dev_attrs,
2d06a0c9 2430 .is_visible = bmc_dev_attr_is_visible,
16639eb0 2431};
5e59393e 2432
16639eb0
CM		 2433static const struct attribute_group *bmc_dev_attr_groups[] = {
2434 &bmc_dev_attr_group,
2435 NULL
2436};
2437
1e7a75f7 2438static const struct device_type bmc_device_type = {
16639eb0
CM		 2439 .groups = bmc_dev_attr_groups,
2440};
2441
f33e4df8
CM		 2442static int __find_bmc_guid(struct device *dev, void *data)
2443{
2444 unsigned char *id = data;
f33e4df8 2445
eae4a36a
CM		 2446 if (dev->type != &bmc_device_type)
2447 return 0;
2448
2449 return memcmp(to_bmc_device(dev)->guid, id, 16) == 0;
f33e4df8
CM		 2450}
2451
9ca15af3
CM		 2452/*
2453 * Must be called with ipmidriver_mutex held. Returns with the
2454 * bmc's usecount incremented, if it is non-NULL.
2455 */
f33e4df8
CM		 2456static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv,
2457 unsigned char *guid)
2458{
2459 struct device *dev;
9ca15af3 2460 struct bmc_device *bmc = NULL;
f33e4df8
CM		 2461
2462 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid);
9ca15af3
CM		 2463 if (dev) {
2464 bmc = to_bmc_device(dev);
2465 kref_get(&bmc->usecount);
2466 put_device(dev);
2467 }
2468 return bmc;
f33e4df8
CM		 2469}
2470
2471struct prod_dev_id {
2472 unsigned int product_id;
2473 unsigned char device_id;
2474};
2475
2476static int __find_bmc_prod_dev_id(struct device *dev, void *data)
2477{
2478 struct prod_dev_id *id = data;
eae4a36a
CM		 2479 struct bmc_device *bmc;
2480
2481 if (dev->type != &bmc_device_type)
2482 return 0;
f33e4df8 2483
eae4a36a 2484 bmc = to_bmc_device(dev);
f33e4df8
CM		 2485 return (bmc->id.product_id == id->product_id
2486 && bmc->id.device_id == id->device_id);
2487}
2488
9ca15af3
CM		 2489/*
2490 * Must be called with ipmidriver_mutex held. Returns with the
2491 * bmc's usecount incremented, if it is non-NULL.
2492 */
f33e4df8
CM		 2493static struct bmc_device *ipmi_find_bmc_prod_dev_id(
2494 struct device_driver *drv,
2495 unsigned int product_id, unsigned char device_id)
2496{
2497 struct prod_dev_id id = {
2498 .product_id = product_id,
2499 .device_id = device_id,
2500 };
2501 struct device *dev;
9ca15af3 2502 struct bmc_device *bmc = NULL;
f33e4df8
CM		 2503
2504 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id);
9ca15af3
CM		 2505 if (dev) {
2506 bmc = to_bmc_device(dev);
2507 kref_get(&bmc->usecount);
2508 put_device(dev);
2509 }
2510 return bmc;
f33e4df8
CM		 2511}
2512
16639eb0
CM		 2513static void
2514release_bmc_device(struct device *dev)
2515{
2516 kfree(to_bmc_device(dev));
5e59393e
JG		 2517}
2518
2519static void
2520cleanup_bmc_device(struct kref *ref)
2521{
16639eb0 2522 struct bmc_device *bmc = container_of(ref, struct bmc_device, usecount);
5e59393e 2523
16639eb0 2524 platform_device_unregister(&bmc->pdev);
50c812b2
CM		 2525}
2526
2527static void ipmi_bmc_unregister(ipmi_smi_t intf)
2528{
2529 struct bmc_device *bmc = intf->bmc;
2530
a2cb600f
CM		 2531 if (!intf->bmc_registered)
2532 return;
2533
5a0e10ec 2534 sysfs_remove_link(&intf->si_dev->kobj, "bmc");
a2cb600f
CM		 2535 sysfs_remove_link(&bmc->pdev.dev.kobj, intf->my_dev_name);
2536 kfree(intf->my_dev_name);
2537 intf->my_dev_name = NULL;
50c812b2
CM		 2538
2539 mutex_lock(&ipmidriver_mutex);
16639eb0 2540 kref_put(&bmc->usecount, cleanup_bmc_device);
50c812b2 2541 mutex_unlock(&ipmidriver_mutex);
a2cb600f 2542 intf->bmc_registered = false;
50c812b2
CM		 2543}
2544
5a0e10ec 2545static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum)
50c812b2
CM		 2546{
2547 int rv;
2548 struct bmc_device *bmc = intf->bmc;
2549 struct bmc_device *old_bmc;
50c812b2 2550
50c812b2
CM		 2551 /*
2552 * Try to find if there is an bmc_device struct
2553 * representing the interfaced BMC already
2554 */
9ca15af3 2555 mutex_lock(&ipmidriver_mutex);
50c812b2 2556 if (bmc->guid_set)
fe2d5ffc 2557 old_bmc = ipmi_find_bmc_guid(&ipmidriver.driver, bmc->guid);
50c812b2 2558 else
fe2d5ffc 2559 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver,
50c812b2
CM		 2560 bmc->id.product_id,
2561 bmc->id.device_id);
9ca15af3 2562 mutex_unlock(&ipmidriver_mutex);
50c812b2
CM		 2563
2564 /*
2565 * If there is already an bmc_device, free the new one,
2566 * otherwise register the new BMC device
2567 */
2568 if (old_bmc) {
2569 kfree(bmc);
2570 intf->bmc = old_bmc;
2571 bmc = old_bmc;
2572
50c812b2
CM		 2573 printk(KERN_INFO
2574 "ipmi: interfacing existing BMC (man_id: 0x%6.6x,"
2575 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2576 bmc->id.manufacturer_id,
2577 bmc->id.product_id,
2578 bmc->id.device_id);
2579 } else {
f0b55da0
CM		 2580 unsigned char orig_dev_id = bmc->id.device_id;
2581 int warn_printed = 0;
9ca15af3 2582 struct bmc_device *tmp_bmc;
f0b55da0 2583
16639eb0 2584 snprintf(bmc->name, sizeof(bmc->name),
f0b55da0 2585 "ipmi_bmc.%4.4x", bmc->id.product_id);
16639eb0 2586 bmc->pdev.name = bmc->name;
f0b55da0 2587
9ca15af3
CM		 2588 mutex_lock(&ipmidriver_mutex);
2589 while ((tmp_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver,
f0b55da0 2590 bmc->id.product_id,
9ca15af3
CM		 2591 bmc->id.device_id))) {
2592 kref_put(&tmp_bmc->usecount, cleanup_bmc_device);
f0b55da0
CM		 2593 if (!warn_printed) {
2594 printk(KERN_WARNING PFX
2595 "This machine has two different BMCs"
2596 " with the same product id and device"
2597 " id. This is an error in the"
2598 " firmware, but incrementing the"
2599 " device id to work around the problem."
2600 " Prod ID = 0x%x, Dev ID = 0x%x\n",
2601 bmc->id.product_id, bmc->id.device_id);
2602 warn_printed = 1;
2603 }
2604 bmc->id.device_id++; /* Wraps at 255 */
2605 if (bmc->id.device_id == orig_dev_id) {
2606 printk(KERN_ERR PFX
2607 "Out of device ids!\n");
a2cb600f
CM		 2608 mutex_unlock(&ipmidriver_mutex);
2609 rv = -EAGAIN;
2610 goto out;
f0b55da0
CM		 2611 }
2612 }
2613
16639eb0
CM		 2614 bmc->pdev.dev.driver = &ipmidriver.driver;
2615 bmc->pdev.id = bmc->id.device_id;
2616 bmc->pdev.dev.release = release_bmc_device;
2617 bmc->pdev.dev.type = &bmc_device_type;
5a0e10ec 2618 kref_init(&bmc->usecount);
50c812b2 2619
16639eb0 2620 rv = platform_device_register(&bmc->pdev);
50c812b2
CM		 2621 mutex_unlock(&ipmidriver_mutex);
2622 if (rv) {
2623 printk(KERN_ERR
2624 "ipmi_msghandler:"
2625 " Unable to register bmc device: %d\n",
2626 rv);
a2cb600f 2627 goto out_list_del;
50c812b2
CM		 2628 }
2629
279fbd0c
MS		 2630 dev_info(intf->si_dev, "Found new BMC (man_id: 0x%6.6x, "
2631 "prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2632 bmc->id.manufacturer_id,
2633 bmc->id.product_id,
2634 bmc->id.device_id);
50c812b2
CM		 2635 }
2636
2637 /*
2638 * create symlink from system interface device to bmc device
2639 * and back.
2640 */
5a0e10ec 2641 rv = sysfs_create_link(&intf->si_dev->kobj, &bmc->pdev.dev.kobj, "bmc");
50c812b2
CM		 2642 if (rv) {
2643 printk(KERN_ERR
2644 "ipmi_msghandler: Unable to create bmc symlink: %d\n",
2645 rv);
a2cb600f 2646 goto out_put_bmc;
50c812b2
CM		 2647 }
2648
16639eb0 2649 intf->my_dev_name = kasprintf(GFP_KERNEL, "ipmi%d", ifnum);
50c812b2
CM		 2650 if (!intf->my_dev_name) {
2651 rv = -ENOMEM;
2652 printk(KERN_ERR
2653 "ipmi_msghandler: allocate link from BMC: %d\n",
2654 rv);
a2cb600f 2655 goto out_unlink1;
50c812b2 2656 }
50c812b2 2657
16639eb0 2658 rv = sysfs_create_link(&bmc->pdev.dev.kobj, &intf->si_dev->kobj,
50c812b2
CM		 2659 intf->my_dev_name);
2660 if (rv) {
2661 kfree(intf->my_dev_name);
2662 intf->my_dev_name = NULL;
2663 printk(KERN_ERR
2664 "ipmi_msghandler:"
2665 " Unable to create symlink to bmc: %d\n",
2666 rv);
a2cb600f 2667 goto out_free_my_dev_name;
50c812b2
CM		 2668 }
2669
a2cb600f 2670 intf->bmc_registered = true;
50c812b2 2671
a2cb600f 2672out:
50c812b2 2673 return rv;
a2cb600f
CM		 2674
2675
2676out_free_my_dev_name:
2677 kfree(intf->my_dev_name);
2678 intf->my_dev_name = NULL;
2679
2680out_unlink1:
2681 sysfs_remove_link(&intf->si_dev->kobj, "bmc");
2682
2683out_put_bmc:
2684 mutex_lock(&ipmidriver_mutex);
2685 intf->bmc = NULL;
2686 kref_put(&bmc->usecount, cleanup_bmc_device);
2687 mutex_unlock(&ipmidriver_mutex);
2688 goto out;
2689
2690out_list_del:
2691 mutex_lock(&ipmidriver_mutex);
2692 intf->bmc = NULL;
2693 mutex_unlock(&ipmidriver_mutex);
2694 put_device(&bmc->pdev.dev);
2695 goto out;
50c812b2
CM		 2696}
2697
2698static int
2699send_guid_cmd(ipmi_smi_t intf, int chan)
2700{
2701 struct kernel_ipmi_msg msg;
2702 struct ipmi_system_interface_addr si;
2703
2704 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2705 si.channel = IPMI_BMC_CHANNEL;
2706 si.lun = 0;
2707
2708 msg.netfn = IPMI_NETFN_APP_REQUEST;
2709 msg.cmd = IPMI_GET_DEVICE_GUID_CMD;
2710 msg.data = NULL;
2711 msg.data_len = 0;
2712 return i_ipmi_request(NULL,
2713 intf,
2714 (struct ipmi_addr *) &si,
2715 0,
2716 &msg,
2717 intf,
2718 NULL,
2719 NULL,
2720 0,
2721 intf->channels[0].address,
2722 intf->channels[0].lun,
2723 -1, 0);
2724}
2725
2726static void
2727guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
2728{
2729 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2730 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
2731 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD))
2732 /* Not for me */
2733 return;
2734
2735 if (msg->msg.data[0] != 0) {
2736 /* Error from getting the GUID, the BMC doesn't have one. */
2737 intf->bmc->guid_set = 0;
2738 goto out;
2739 }
2740
2741 if (msg->msg.data_len < 17) {
2742 intf->bmc->guid_set = 0;
2743 printk(KERN_WARNING PFX
2744 "guid_handler: The GUID response from the BMC was too"
2745 " short, it was %d but should have been 17. Assuming"
2746 " GUID is not available.\n",
2747 msg->msg.data_len);
2748 goto out;
2749 }
2750
72630d9a 2751 memcpy(intf->bmc->guid, msg->msg.data + 1, 16);
50c812b2
CM		 2752 intf->bmc->guid_set = 1;
2753 out:
2754 wake_up(&intf->waitq);
2755}
2756
2757static void
2758get_guid(ipmi_smi_t intf)
2759{
2760 int rv;
2761
2762 intf->bmc->guid_set = 0x2;
2763 intf->null_user_handler = guid_handler;
2764 rv = send_guid_cmd(intf, 0);
2765 if (rv)
2766 /* Send failed, no GUID available. */
2767 intf->bmc->guid_set = 0;
2768 wait_event(intf->waitq, intf->bmc->guid_set != 2);
2769 intf->null_user_handler = NULL;
2770}
2771
1da177e4
LT		 2772static int
2773send_channel_info_cmd(ipmi_smi_t intf, int chan)
2774{
2775 struct kernel_ipmi_msg msg;
2776 unsigned char data[1];
2777 struct ipmi_system_interface_addr si;
2778
2779 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2780 si.channel = IPMI_BMC_CHANNEL;
2781 si.lun = 0;
2782
2783 msg.netfn = IPMI_NETFN_APP_REQUEST;
2784 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
2785 msg.data = data;
2786 msg.data_len = 1;
2787 data[0] = chan;
2788 return i_ipmi_request(NULL,
2789 intf,
2790 (struct ipmi_addr *) &si,
2791 0,
2792 &msg,
56a55ec6 2793 intf,
1da177e4
LT		 2794 NULL,
2795 NULL,
2796 0,
c14979b9
CM		 2797 intf->channels[0].address,
2798 intf->channels[0].lun,
1da177e4
LT		 2799 -1, 0);
2800}
2801
2802static void
56a55ec6 2803channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4
LT		 2804{
2805 int rv = 0;
2806 int chan;
2807
56a55ec6
CM		 2808 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2809 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
c70d7499 2810 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) {
1da177e4 2811 /* It's the one we want */
56a55ec6 2812 if (msg->msg.data[0] != 0) {
1da177e4
LT		 2813 /* Got an error from the channel, just go on. */
2814
56a55ec6 2815 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
c70d7499
CM		 2816 /*
2817 * If the MC does not support this
2818 * command, that is legal. We just
2819 * assume it has one IPMB at channel
2820 * zero.
2821 */
1da177e4
LT		 2822 intf->channels[0].medium
2823 = IPMI_CHANNEL_MEDIUM_IPMB;
2824 intf->channels[0].protocol
2825 = IPMI_CHANNEL_PROTOCOL_IPMB;
1da177e4
LT		 2826
2827 intf->curr_channel = IPMI_MAX_CHANNELS;
2828 wake_up(&intf->waitq);
2829 goto out;
2830 }
2831 goto next_channel;
2832 }
56a55ec6 2833 if (msg->msg.data_len < 4) {
1da177e4
LT		 2834 /* Message not big enough, just go on. */
2835 goto next_channel;
2836 }
2837 chan = intf->curr_channel;
56a55ec6
CM		 2838 intf->channels[chan].medium = msg->msg.data[2] & 0x7f;
2839 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f;
1da177e4 2840
c70d7499 2841 next_channel:
1da177e4
LT		 2842 intf->curr_channel++;
2843 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
2844 wake_up(&intf->waitq);
2845 else
2846 rv = send_channel_info_cmd(intf, intf->curr_channel);
2847
2848 if (rv) {
2849 /* Got an error somehow, just give up. */
1f668423
CM		 2850 printk(KERN_WARNING PFX
2851 "Error sending channel information for channel"
2852 " %d: %d\n", intf->curr_channel, rv);
2853
1da177e4
LT		 2854 intf->curr_channel = IPMI_MAX_CHANNELS;
2855 wake_up(&intf->waitq);
1da177e4
LT		 2856 }
2857 }
2858 out:
2859 return;
2860}
2861
895dcfd1 2862static void ipmi_poll(ipmi_smi_t intf)
fcfa4724 2863{
fcfa4724
CM		 2864 if (intf->handlers->poll)
2865 intf->handlers->poll(intf->send_info);
7adf579c
CM		 2866 /* In case something came in */
2867 handle_new_recv_msgs(intf);
fcfa4724 2868}
895dcfd1
CM		 2869
2870void ipmi_poll_interface(ipmi_user_t user)
2871{
2872 ipmi_poll(user->intf);
fcfa4724 2873}
c70d7499 2874EXPORT_SYMBOL(ipmi_poll_interface);
fcfa4724 2875
81d02b7f 2876int ipmi_register_smi(const struct ipmi_smi_handlers *handlers,
1da177e4 2877 void *send_info,
50c812b2
CM		 2878 struct ipmi_device_id *device_id,
2879 struct device *si_dev,
453823ba 2880 unsigned char slave_addr)
1da177e4
LT		 2881{
2882 int i, j;
2883 int rv;
393d2cc3 2884 ipmi_smi_t intf;
bca0324d 2885 ipmi_smi_t tintf;
bca0324d 2886 struct list_head *link;
1da177e4 2887
c70d7499
CM		 2888 /*
2889 * Make sure the driver is actually initialized, this handles
2890 * problems with initialization order.
2891 */
1da177e4
LT		 2892 if (!initialized) {
2893 rv = ipmi_init_msghandler();
2894 if (rv)
2895 return rv;
c70d7499
CM		 2896 /*
2897 * The init code doesn't return an error if it was turned
2898 * off, but it won't initialize. Check that.
2899 */
1da177e4
LT		 2900 if (!initialized)
2901 return -ENODEV;
2902 }
2903
dd00cc48 2904 intf = kzalloc(sizeof(*intf), GFP_KERNEL);
393d2cc3 2905 if (!intf)
1da177e4 2906 return -ENOMEM;
b2c03941
CM		 2907
2908 intf->ipmi_version_major = ipmi_version_major(device_id);
2909 intf->ipmi_version_minor = ipmi_version_minor(device_id);
2910
50c812b2
CM		 2911 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL);
2912 if (!intf->bmc) {
2913 kfree(intf);
2914 return -ENOMEM;
2915 }
bca0324d 2916 intf->intf_num = -1; /* Mark it invalid for now. */
393d2cc3 2917 kref_init(&intf->refcount);
50c812b2
CM		 2918 intf->bmc->id = *device_id;
2919 intf->si_dev = si_dev;
393d2cc3
CM		 2920 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
2921 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR;
2922 intf->channels[j].lun = 2;
2923 }
2924 if (slave_addr != 0)
2925 intf->channels[0].address = slave_addr;
2926 INIT_LIST_HEAD(&intf->users);
2927 intf->handlers = handlers;
2928 intf->send_info = send_info;
2929 spin_lock_init(&intf->seq_lock);
2930 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
2931 intf->seq_table[j].inuse = 0;
2932 intf->seq_table[j].seqid = 0;
2933 }
2934 intf->curr_seq = 0;
2935#ifdef CONFIG_PROC_FS
ac019151 2936 mutex_init(&intf->proc_entry_lock);
393d2cc3 2937#endif
65be7544
CM		 2938 spin_lock_init(&intf->waiting_rcv_msgs_lock);
2939 INIT_LIST_HEAD(&intf->waiting_rcv_msgs);
7adf579c
CM		 2940 tasklet_init(&intf->recv_tasklet,
2941 smi_recv_tasklet,
2942 (unsigned long) intf);
2943 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 0);
7ea0ed2b
CM		 2944 spin_lock_init(&intf->xmit_msgs_lock);
2945 INIT_LIST_HEAD(&intf->xmit_msgs);
2946 INIT_LIST_HEAD(&intf->hp_xmit_msgs);
393d2cc3 2947 spin_lock_init(&intf->events_lock);
89986496
CM		 2948 atomic_set(&intf->event_waiters, 0);
2949 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
393d2cc3
CM		 2950 INIT_LIST_HEAD(&intf->waiting_events);
2951 intf->waiting_events_count = 0;
d6dfd131 2952 mutex_init(&intf->cmd_rcvrs_mutex);
b9675136 2953 spin_lock_init(&intf->maintenance_mode_lock);
393d2cc3
CM		 2954 INIT_LIST_HEAD(&intf->cmd_rcvrs);
2955 init_waitqueue_head(&intf->waitq);
b2655f26
KB		 2956 for (i = 0; i < IPMI_NUM_STATS; i++)
2957 atomic_set(&intf->stats[i], 0);
393d2cc3 2958
393d2cc3 2959 intf->proc_dir = NULL;
1da177e4 2960
b2c03941 2961 mutex_lock(&smi_watchers_mutex);
bca0324d
CM		 2962 mutex_lock(&ipmi_interfaces_mutex);
2963 /* Look for a hole in the numbers. */
2964 i = 0;
2965 link = &ipmi_interfaces;
2966 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) {
2967 if (tintf->intf_num != i) {
2968 link = &tintf->link;
1da177e4
LT		 2969 break;
2970 }
bca0324d 2971 i++;
1da177e4 2972 }
bca0324d
CM		 2973 /* Add the new interface in numeric order. */
2974 if (i == 0)
2975 list_add_rcu(&intf->link, &ipmi_interfaces);
2976 else
2977 list_add_tail_rcu(&intf->link, link);
1da177e4 2978
453823ba
CM		 2979 rv = handlers->start_processing(send_info, intf);
2980 if (rv)
2981 goto out;
1da177e4 2982
50c812b2
CM		 2983 get_guid(intf);
2984
a2cb600f
CM		 2985 rv = ipmi_bmc_register(intf, i);
2986 if (rv)
2987 goto out;
2988
b2c03941 2989 if ((intf->ipmi_version_major > 1)
c70d7499
CM		 2990 || ((intf->ipmi_version_major == 1)
2991 && (intf->ipmi_version_minor >= 5))) {
2992 /*
2993 * Start scanning the channels to see what is
2994 * available.
2995 */
393d2cc3
CM		 2996 intf->null_user_handler = channel_handler;
2997 intf->curr_channel = 0;
2998 rv = send_channel_info_cmd(intf, 0);
1f668423
CM		 2999 if (rv) {
3000 printk(KERN_WARNING PFX
3001 "Error sending channel information for channel"
3002 " 0, %d\n", rv);
393d2cc3 3003 goto out;
1f668423 3004 }
1da177e4 3005
393d2cc3
CM		 3006 /* Wait for the channel info to be read. */
3007 wait_event(intf->waitq,
3008 intf->curr_channel >= IPMI_MAX_CHANNELS);
50c812b2 3009 intf->null_user_handler = NULL;
393d2cc3
CM		 3010 } else {
3011 /* Assume a single IPMB channel at zero. */
3012 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
3013 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
9a2845c4 3014 intf->curr_channel = IPMI_MAX_CHANNELS;
1da177e4
LT		 3015 }
3016
a2cb600f 3017 rv = add_proc_entries(intf, i);
1da177e4 3018
393d2cc3 3019 out:
1da177e4 3020 if (rv) {
a2cb600f 3021 ipmi_bmc_unregister(intf);
393d2cc3
CM		 3022 if (intf->proc_dir)
3023 remove_proc_entries(intf);
b2c03941 3024 intf->handlers = NULL;
bca0324d
CM		 3025 list_del_rcu(&intf->link);
3026 mutex_unlock(&ipmi_interfaces_mutex);
b2c03941 3027 mutex_unlock(&smi_watchers_mutex);
bca0324d 3028 synchronize_rcu();
393d2cc3 3029 kref_put(&intf->refcount, intf_free);
393d2cc3 3030 } else {
78ba2faf
CM		 3031 /*
3032 * Keep memory order straight for RCU readers. Make
3033 * sure everything else is committed to memory before
3034 * setting intf_num to mark the interface valid.
3035 */
3036 smp_wmb();
bca0324d
CM		 3037 intf->intf_num = i;
3038 mutex_unlock(&ipmi_interfaces_mutex);
78ba2faf 3039 /* After this point the interface is legal to use. */
50c812b2 3040 call_smi_watchers(i, intf->si_dev);
b2c03941 3041 mutex_unlock(&smi_watchers_mutex);
1da177e4
LT		 3042 }
3043
3044 return rv;
3045}
c70d7499 3046EXPORT_SYMBOL(ipmi_register_smi);
1da177e4 3047
7ea0ed2b
CM		 3048static void deliver_smi_err_response(ipmi_smi_t intf,
3049 struct ipmi_smi_msg *msg,
3050 unsigned char err)
3051{
3052 msg->rsp[0] = msg->data[0] | 4;
3053 msg->rsp[1] = msg->data[1];
3054 msg->rsp[2] = err;
3055 msg->rsp_size = 3;
3056 /* It's an error, so it will never requeue, no need to check return. */
3057 handle_one_recv_msg(intf, msg);
3058}
3059
b2c03941
CM		 3060static void cleanup_smi_msgs(ipmi_smi_t intf)
3061{
3062 int i;
3063 struct seq_table *ent;
7ea0ed2b
CM		 3064 struct ipmi_smi_msg *msg;
3065 struct list_head *entry;
3066 struct list_head tmplist;
3067
3068 /* Clear out our transmit queues and hold the messages. */
3069 INIT_LIST_HEAD(&tmplist);
3070 list_splice_tail(&intf->hp_xmit_msgs, &tmplist);
3071 list_splice_tail(&intf->xmit_msgs, &tmplist);
3072
3073 /* Current message first, to preserve order */
3074 while (intf->curr_msg && !list_empty(&intf->waiting_rcv_msgs)) {
3075 /* Wait for the message to clear out. */
3076 schedule_timeout(1);
3077 }
b2c03941
CM		 3078
3079 /* No need for locks, the interface is down. */
7ea0ed2b
CM		 3080
3081 /*
3082 * Return errors for all pending messages in queue and in the
3083 * tables waiting for remote responses.
3084 */
3085 while (!list_empty(&tmplist)) {
3086 entry = tmplist.next;
3087 list_del(entry);
3088 msg = list_entry(entry, struct ipmi_smi_msg, link);
3089 deliver_smi_err_response(intf, msg, IPMI_ERR_UNSPECIFIED);
3090 }
3091
b2c03941
CM		 3092 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
3093 ent = &(intf->seq_table[i]);
3094 if (!ent->inuse)
3095 continue;
3096 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED);
3097 }
3098}
3099
1da177e4
LT		 3100int ipmi_unregister_smi(ipmi_smi_t intf)
3101{
1da177e4 3102 struct ipmi_smi_watcher *w;
7ea0ed2b
CM		 3103 int intf_num = intf->intf_num;
3104 ipmi_user_t user;
1da177e4 3105
b2c03941 3106 mutex_lock(&smi_watchers_mutex);
bca0324d 3107 mutex_lock(&ipmi_interfaces_mutex);
b2c03941 3108 intf->intf_num = -1;
7ea0ed2b 3109 intf->in_shutdown = true;
bca0324d
CM		 3110 list_del_rcu(&intf->link);
3111 mutex_unlock(&ipmi_interfaces_mutex);
3112 synchronize_rcu();
1da177e4 3113
b2c03941
CM		 3114 cleanup_smi_msgs(intf);
3115
7ea0ed2b
CM		 3116 /* Clean up the effects of users on the lower-level software. */
3117 mutex_lock(&ipmi_interfaces_mutex);
3118 rcu_read_lock();
3119 list_for_each_entry_rcu(user, &intf->users, link) {
3120 module_put(intf->handlers->owner);
3121 if (intf->handlers->dec_usecount)
3122 intf->handlers->dec_usecount(intf->send_info);
3123 }
3124 rcu_read_unlock();
3125 intf->handlers = NULL;
3126 mutex_unlock(&ipmi_interfaces_mutex);
3127
393d2cc3 3128 remove_proc_entries(intf);
bd85f4b3 3129 ipmi_bmc_unregister(intf);
1da177e4 3130
c70d7499
CM		 3131 /*
3132 * Call all the watcher interfaces to tell them that
3133 * an interface is gone.
3134 */
393d2cc3 3135 list_for_each_entry(w, &smi_watchers, link)
b2c03941
CM		 3136 w->smi_gone(intf_num);
3137 mutex_unlock(&smi_watchers_mutex);
393d2cc3 3138
393d2cc3 3139 kref_put(&intf->refcount, intf_free);
1da177e4
LT		 3140 return 0;
3141}
c70d7499 3142EXPORT_SYMBOL(ipmi_unregister_smi);
1da177e4
LT		 3143
3144static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
3145 struct ipmi_smi_msg *msg)
3146{
3147 struct ipmi_ipmb_addr ipmb_addr;
3148 struct ipmi_recv_msg *recv_msg;
1da177e4 3149
c70d7499
CM		 3150 /*
3151 * This is 11, not 10, because the response must contain a
3152 * completion code.
3153 */
1da177e4
LT		 3154 if (msg->rsp_size < 11) {
3155 /* Message not big enough, just ignore it. */
b2655f26 3156 ipmi_inc_stat(intf, invalid_ipmb_responses);
1da177e4
LT		 3157 return 0;
3158 }
3159
3160 if (msg->rsp[2] != 0) {
3161 /* An error getting the response, just ignore it. */
3162 return 0;
3163 }
3164
3165 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
3166 ipmb_addr.slave_addr = msg->rsp[6];
3167 ipmb_addr.channel = msg->rsp[3] & 0x0f;
3168 ipmb_addr.lun = msg->rsp[7] & 3;
3169
c70d7499
CM		 3170 /*
3171 * It's a response from a remote entity. Look up the sequence
3172 * number and handle the response.
3173 */
1da177e4
LT		 3174 if (intf_find_seq(intf,
3175 msg->rsp[7] >> 2,
3176 msg->rsp[3] & 0x0f,
3177 msg->rsp[8],
3178 (msg->rsp[4] >> 2) & (~1),
3179 (struct ipmi_addr *) &(ipmb_addr),
c70d7499
CM		 3180 &recv_msg)) {
3181 /*
3182 * We were unable to find the sequence number,
3183 * so just nuke the message.
3184 */
b2655f26 3185 ipmi_inc_stat(intf, unhandled_ipmb_responses);
1da177e4
LT		 3186 return 0;
3187 }
3188
3189 memcpy(recv_msg->msg_data,
3190 &(msg->rsp[9]),
3191 msg->rsp_size - 9);
c70d7499
CM		 3192 /*
3193 * The other fields matched, so no need to set them, except
3194 * for netfn, which needs to be the response that was
3195 * returned, not the request value.
3196 */
1da177e4
LT		 3197 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3198 recv_msg->msg.data = recv_msg->msg_data;
3199 recv_msg->msg.data_len = msg->rsp_size - 10;
3200 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
b2655f26 3201 ipmi_inc_stat(intf, handled_ipmb_responses);
1da177e4
LT		 3202 deliver_response(recv_msg);
3203
3204 return 0;
3205}
3206
3207static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
3208 struct ipmi_smi_msg *msg)
3209{
393d2cc3
CM		 3210 struct cmd_rcvr *rcvr;
3211 int rv = 0;
3212 unsigned char netfn;
3213 unsigned char cmd;
c69c3127 3214 unsigned char chan;
393d2cc3
CM		 3215 ipmi_user_t user = NULL;
3216 struct ipmi_ipmb_addr *ipmb_addr;
3217 struct ipmi_recv_msg *recv_msg;
1da177e4
LT		 3218
3219 if (msg->rsp_size < 10) {
3220 /* Message not big enough, just ignore it. */
b2655f26 3221 ipmi_inc_stat(intf, invalid_commands);
1da177e4
LT		 3222 return 0;
3223 }
3224
3225 if (msg->rsp[2] != 0) {
3226 /* An error getting the response, just ignore it. */
3227 return 0;
3228 }
3229
3230 netfn = msg->rsp[4] >> 2;
3231 cmd = msg->rsp[8];
c69c3127 3232 chan = msg->rsp[3] & 0xf;
1da177e4 3233
e61fb5b6 3234 rcu_read_lock();
c69c3127 3235 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
393d2cc3
CM		 3236 if (rcvr) {
3237 user = rcvr->user;
3238 kref_get(&user->refcount);
3239 } else
3240 user = NULL;
e61fb5b6 3241 rcu_read_unlock();
1da177e4
LT		 3242
3243 if (user == NULL) {
3244 /* We didn't find a user, deliver an error response. */
b2655f26 3245 ipmi_inc_stat(intf, unhandled_commands);
1da177e4
LT		 3246
3247 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
3248 msg->data[1] = IPMI_SEND_MSG_CMD;
3249 msg->data[2] = msg->rsp[3];
3250 msg->data[3] = msg->rsp[6];
c70d7499 3251 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
1da177e4 3252 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
c14979b9 3253 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address;
c70d7499
CM		 3254 /* rqseq/lun */
3255 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
1da177e4
LT		 3256 msg->data[8] = msg->rsp[8]; /* cmd */
3257 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
3258 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
3259 msg->data_size = 11;
3260
3261#ifdef DEBUG_MSGING
3262 {
3263 int m;
3264 printk("Invalid command:");
e8b33617 3265 for (m = 0; m < msg->data_size; m++)
1da177e4
LT		 3266 printk(" %2.2x", msg->data[m]);
3267 printk("\n");
3268 }
3269#endif
b2c03941 3270 rcu_read_lock();
7ea0ed2b
CM		 3271 if (!intf->in_shutdown) {
3272 smi_send(intf, intf->handlers, msg, 0);
c70d7499
CM		 3273 /*
3274 * We used the message, so return the value
3275 * that causes it to not be freed or
3276 * queued.
3277 */
b2c03941
CM		 3278 rv = -1;
3279 }
3280 rcu_read_unlock();
1da177e4
LT		 3281 } else {
3282 /* Deliver the message to the user. */
b2655f26 3283 ipmi_inc_stat(intf, handled_commands);
1da177e4
LT		 3284
3285 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3286 if (!recv_msg) {
c70d7499
CM		 3287 /*
3288 * We couldn't allocate memory for the
3289 * message, so requeue it for handling
3290 * later.
3291 */
1da177e4 3292 rv = 1;
393d2cc3 3293 kref_put(&user->refcount, free_user);
1da177e4
LT		 3294 } else {
3295 /* Extract the source address from the data. */
3296 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
3297 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
3298 ipmb_addr->slave_addr = msg->rsp[6];
3299 ipmb_addr->lun = msg->rsp[7] & 3;
3300 ipmb_addr->channel = msg->rsp[3] & 0xf;
3301
c70d7499
CM		 3302 /*
3303 * Extract the rest of the message information
3304 * from the IPMB header.
3305 */
1da177e4
LT		 3306 recv_msg->user = user;
3307 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3308 recv_msg->msgid = msg->rsp[7] >> 2;
3309 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3310 recv_msg->msg.cmd = msg->rsp[8];
3311 recv_msg->msg.data = recv_msg->msg_data;
3312
c70d7499
CM		 3313 /*
3314 * We chop off 10, not 9 bytes because the checksum
3315 * at the end also needs to be removed.
3316 */
1da177e4
LT		 3317 recv_msg->msg.data_len = msg->rsp_size - 10;
3318 memcpy(recv_msg->msg_data,
3319 &(msg->rsp[9]),
3320 msg->rsp_size - 10);
3321 deliver_response(recv_msg);
3322 }
3323 }
3324
3325 return rv;
3326}
3327
3328static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
3329 struct ipmi_smi_msg *msg)
3330{
3331 struct ipmi_lan_addr lan_addr;
3332 struct ipmi_recv_msg *recv_msg;
1da177e4
LT		 3333
3334
c70d7499
CM		 3335 /*
3336 * This is 13, not 12, because the response must contain a
3337 * completion code.
3338 */
1da177e4
LT		 3339 if (msg->rsp_size < 13) {
3340 /* Message not big enough, just ignore it. */
b2655f26 3341 ipmi_inc_stat(intf, invalid_lan_responses);
1da177e4
LT		 3342 return 0;
3343 }
3344
3345 if (msg->rsp[2] != 0) {
3346 /* An error getting the response, just ignore it. */
3347 return 0;
3348 }
3349
3350 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
3351 lan_addr.session_handle = msg->rsp[4];
3352 lan_addr.remote_SWID = msg->rsp[8];
3353 lan_addr.local_SWID = msg->rsp[5];
3354 lan_addr.channel = msg->rsp[3] & 0x0f;
3355 lan_addr.privilege = msg->rsp[3] >> 4;
3356 lan_addr.lun = msg->rsp[9] & 3;
3357
c70d7499
CM		 3358 /*
3359 * It's a response from a remote entity. Look up the sequence
3360 * number and handle the response.
3361 */
1da177e4
LT		 3362 if (intf_find_seq(intf,
3363 msg->rsp[9] >> 2,
3364 msg->rsp[3] & 0x0f,
3365 msg->rsp[10],
3366 (msg->rsp[6] >> 2) & (~1),
3367 (struct ipmi_addr *) &(lan_addr),
c70d7499
CM		 3368 &recv_msg)) {
3369 /*
3370 * We were unable to find the sequence number,
3371 * so just nuke the message.
3372 */
b2655f26 3373 ipmi_inc_stat(intf, unhandled_lan_responses);
1da177e4
LT		 3374 return 0;
3375 }
3376
3377 memcpy(recv_msg->msg_data,
3378 &(msg->rsp[11]),
3379 msg->rsp_size - 11);
c70d7499
CM		 3380 /*
3381 * The other fields matched, so no need to set them, except
3382 * for netfn, which needs to be the response that was
3383 * returned, not the request value.
3384 */
1da177e4
LT		 3385 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3386 recv_msg->msg.data = recv_msg->msg_data;
3387 recv_msg->msg.data_len = msg->rsp_size - 12;
3388 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
b2655f26 3389 ipmi_inc_stat(intf, handled_lan_responses);
1da177e4
LT		 3390 deliver_response(recv_msg);
3391
3392 return 0;
3393}
3394
3395static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
3396 struct ipmi_smi_msg *msg)
3397{
393d2cc3
CM		 3398 struct cmd_rcvr *rcvr;
3399 int rv = 0;
3400 unsigned char netfn;
3401 unsigned char cmd;
c69c3127 3402 unsigned char chan;
393d2cc3
CM		 3403 ipmi_user_t user = NULL;
3404 struct ipmi_lan_addr *lan_addr;
3405 struct ipmi_recv_msg *recv_msg;
1da177e4
LT		 3406
3407 if (msg->rsp_size < 12) {
3408 /* Message not big enough, just ignore it. */
b2655f26 3409 ipmi_inc_stat(intf, invalid_commands);
1da177e4
LT		 3410 return 0;
3411 }
3412
3413 if (msg->rsp[2] != 0) {
3414 /* An error getting the response, just ignore it. */
3415 return 0;
3416 }
3417
3418 netfn = msg->rsp[6] >> 2;
3419 cmd = msg->rsp[10];
c69c3127 3420 chan = msg->rsp[3] & 0xf;
1da177e4 3421
e61fb5b6 3422 rcu_read_lock();
c69c3127 3423 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
393d2cc3
CM		 3424 if (rcvr) {
3425 user = rcvr->user;
3426 kref_get(&user->refcount);
3427 } else
3428 user = NULL;
e61fb5b6 3429 rcu_read_unlock();
1da177e4
LT		 3430
3431 if (user == NULL) {
393d2cc3 3432 /* We didn't find a user, just give up. */
b2655f26 3433 ipmi_inc_stat(intf, unhandled_commands);
1da177e4 3434
c70d7499
CM		 3435 /*
3436 * Don't do anything with these messages, just allow
3437 * them to be freed.
3438 */
3439 rv = 0;
1da177e4
LT		 3440 } else {
3441 /* Deliver the message to the user. */
b2655f26 3442 ipmi_inc_stat(intf, handled_commands);
1da177e4
LT		 3443
3444 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3445 if (!recv_msg) {
c70d7499
CM		 3446 /*
3447 * We couldn't allocate memory for the
3448 * message, so requeue it for handling later.
3449 */
1da177e4 3450 rv = 1;
393d2cc3 3451 kref_put(&user->refcount, free_user);
1da177e4
LT		 3452 } else {
3453 /* Extract the source address from the data. */
3454 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
3455 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
3456 lan_addr->session_handle = msg->rsp[4];
3457 lan_addr->remote_SWID = msg->rsp[8];
3458 lan_addr->local_SWID = msg->rsp[5];
3459 lan_addr->lun = msg->rsp[9] & 3;
3460 lan_addr->channel = msg->rsp[3] & 0xf;
3461 lan_addr->privilege = msg->rsp[3] >> 4;
3462
c70d7499
CM		 3463 /*
3464 * Extract the rest of the message information
3465 * from the IPMB header.
3466 */
1da177e4
LT		 3467 recv_msg->user = user;
3468 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3469 recv_msg->msgid = msg->rsp[9] >> 2;
3470 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3471 recv_msg->msg.cmd = msg->rsp[10];
3472 recv_msg->msg.data = recv_msg->msg_data;
3473
c70d7499
CM		 3474 /*
3475 * We chop off 12, not 11 bytes because the checksum
3476 * at the end also needs to be removed.
3477 */
1da177e4
LT		 3478 recv_msg->msg.data_len = msg->rsp_size - 12;
3479 memcpy(recv_msg->msg_data,
3480 &(msg->rsp[11]),
3481 msg->rsp_size - 12);
3482 deliver_response(recv_msg);
3483 }
3484 }
3485
3486 return rv;
3487}
3488
4dec302f 3489/*
3490 * This routine will handle "Get Message" command responses with
3491 * channels that use an OEM Medium. The message format belongs to
3492 * the OEM. See IPMI 2.0 specification, Chapter 6 and
3493 * Chapter 22, sections 22.6 and 22.24 for more details.
3494 */
3495static int handle_oem_get_msg_cmd(ipmi_smi_t intf,
3496 struct ipmi_smi_msg *msg)
3497{
3498 struct cmd_rcvr *rcvr;
3499 int rv = 0;
3500 unsigned char netfn;
3501 unsigned char cmd;
3502 unsigned char chan;
3503 ipmi_user_t user = NULL;
3504 struct ipmi_system_interface_addr *smi_addr;
3505 struct ipmi_recv_msg *recv_msg;
3506
3507 /*
3508 * We expect the OEM SW to perform error checking
3509 * so we just do some basic sanity checks
3510 */
3511 if (msg->rsp_size < 4) {
3512 /* Message not big enough, just ignore it. */
3513 ipmi_inc_stat(intf, invalid_commands);
3514 return 0;
3515 }
3516
3517 if (msg->rsp[2] != 0) {
3518 /* An error getting the response, just ignore it. */
3519 return 0;
3520 }
3521
3522 /*
3523 * This is an OEM Message so the OEM needs to know how
3524 * handle the message. We do no interpretation.
3525 */
3526 netfn = msg->rsp[0] >> 2;
3527 cmd = msg->rsp[1];
3528 chan = msg->rsp[3] & 0xf;
3529
3530 rcu_read_lock();
3531 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3532 if (rcvr) {
3533 user = rcvr->user;
3534 kref_get(&user->refcount);
3535 } else
3536 user = NULL;
3537 rcu_read_unlock();
3538
3539 if (user == NULL) {
3540 /* We didn't find a user, just give up. */
3541 ipmi_inc_stat(intf, unhandled_commands);
3542
3543 /*
3544 * Don't do anything with these messages, just allow
3545 * them to be freed.
3546 */
3547
3548 rv = 0;
3549 } else {
3550 /* Deliver the message to the user. */
3551 ipmi_inc_stat(intf, handled_commands);
3552
3553 recv_msg = ipmi_alloc_recv_msg();
3554 if (!recv_msg) {
3555 /*
3556 * We couldn't allocate memory for the
3557 * message, so requeue it for handling
3558 * later.
3559 */
3560 rv = 1;
3561 kref_put(&user->refcount, free_user);
3562 } else {
3563 /*
3564 * OEM Messages are expected to be delivered via
3565 * the system interface to SMS software. We might
3566 * need to visit this again depending on OEM
3567 * requirements
3568 */
3569 smi_addr = ((struct ipmi_system_interface_addr *)
3570 &(recv_msg->addr));
3571 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3572 smi_addr->channel = IPMI_BMC_CHANNEL;
3573 smi_addr->lun = msg->rsp[0] & 3;
3574
3575 recv_msg->user = user;
3576 recv_msg->user_msg_data = NULL;
3577 recv_msg->recv_type = IPMI_OEM_RECV_TYPE;
3578 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3579 recv_msg->msg.cmd = msg->rsp[1];
3580 recv_msg->msg.data = recv_msg->msg_data;
3581
3582 /*
3583 * The message starts at byte 4 which follows the
3584 * the Channel Byte in the "GET MESSAGE" command
3585 */
3586 recv_msg->msg.data_len = msg->rsp_size - 4;
3587 memcpy(recv_msg->msg_data,
3588 &(msg->rsp[4]),
3589 msg->rsp_size - 4);
3590 deliver_response(recv_msg);
3591 }
3592 }
3593
3594 return rv;
3595}
3596
1da177e4
LT		 3597static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
3598 struct ipmi_smi_msg *msg)
3599{
3600 struct ipmi_system_interface_addr *smi_addr;
c70d7499 3601
1da177e4
LT		 3602 recv_msg->msgid = 0;
3603 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
3604 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3605 smi_addr->channel = IPMI_BMC_CHANNEL;
3606 smi_addr->lun = msg->rsp[0] & 3;
3607 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
3608 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3609 recv_msg->msg.cmd = msg->rsp[1];
3610 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
3611 recv_msg->msg.data = recv_msg->msg_data;
3612 recv_msg->msg.data_len = msg->rsp_size - 3;
3613}
3614
1da177e4
LT		 3615static int handle_read_event_rsp(ipmi_smi_t intf,
3616 struct ipmi_smi_msg *msg)
3617{
3618 struct ipmi_recv_msg *recv_msg, *recv_msg2;
3619 struct list_head msgs;
3620 ipmi_user_t user;
3621 int rv = 0;
3622 int deliver_count = 0;
3623 unsigned long flags;
3624
3625 if (msg->rsp_size < 19) {
3626 /* Message is too small to be an IPMB event. */
b2655f26 3627 ipmi_inc_stat(intf, invalid_events);
1da177e4
LT		 3628 return 0;
3629 }
3630
3631 if (msg->rsp[2] != 0) {
3632 /* An error getting the event, just ignore it. */
3633 return 0;
3634 }
3635
3636 INIT_LIST_HEAD(&msgs);
3637
393d2cc3 3638 spin_lock_irqsave(&intf->events_lock, flags);
1da177e4 3639
b2655f26 3640 ipmi_inc_stat(intf, events);
1da177e4 3641
c70d7499
CM		 3642 /*
3643 * Allocate and fill in one message for every user that is
3644 * getting events.
3645 */
393d2cc3
CM		 3646 rcu_read_lock();
3647 list_for_each_entry_rcu(user, &intf->users, link) {
8a3628d5 3648 if (!user->gets_events)
1da177e4
LT		 3649 continue;
3650
3651 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3652 if (!recv_msg) {
393d2cc3 3653 rcu_read_unlock();
8a3628d5
CM		 3654 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs,
3655 link) {
1da177e4
LT		 3656 list_del(&recv_msg->link);
3657 ipmi_free_recv_msg(recv_msg);
3658 }
c70d7499
CM		 3659 /*
3660 * We couldn't allocate memory for the
3661 * message, so requeue it for handling
3662 * later.
3663 */
1da177e4
LT		 3664 rv = 1;
3665 goto out;
3666 }
3667
3668 deliver_count++;
3669
3670 copy_event_into_recv_msg(recv_msg, msg);
3671 recv_msg->user = user;
393d2cc3 3672 kref_get(&user->refcount);
1da177e4
LT		 3673 list_add_tail(&(recv_msg->link), &msgs);
3674 }
393d2cc3 3675 rcu_read_unlock();
1da177e4
LT		 3676
3677 if (deliver_count) {
3678 /* Now deliver all the messages. */
3679 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
3680 list_del(&recv_msg->link);
3681 deliver_response(recv_msg);
3682 }
3683 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
c70d7499
CM		 3684 /*
3685 * No one to receive the message, put it in queue if there's
3686 * not already too many things in the queue.
3687 */
1da177e4 3688 recv_msg = ipmi_alloc_recv_msg();
8a3628d5 3689 if (!recv_msg) {
c70d7499
CM		 3690 /*
3691 * We couldn't allocate memory for the
3692 * message, so requeue it for handling
3693 * later.
3694 */
1da177e4
LT		 3695 rv = 1;
3696 goto out;
3697 }
3698
3699 copy_event_into_recv_msg(recv_msg, msg);
3700 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
4791c03d 3701 intf->waiting_events_count++;
87ebd06f 3702 } else if (!intf->event_msg_printed) {
c70d7499
CM		 3703 /*
3704 * There's too many things in the queue, discard this
3705 * message.
3706 */
87ebd06f
CM		 3707 printk(KERN_WARNING PFX "Event queue full, discarding"
3708 " incoming events\n");
3709 intf->event_msg_printed = 1;
1da177e4
LT		 3710 }
3711
3712 out:
3713 spin_unlock_irqrestore(&(intf->events_lock), flags);
3714
3715 return rv;
3716}
3717
3718static int handle_bmc_rsp(ipmi_smi_t intf,
3719 struct ipmi_smi_msg *msg)
3720{
3721 struct ipmi_recv_msg *recv_msg;
393d2cc3 3722 struct ipmi_user *user;
1da177e4
LT		 3723
3724 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
c70d7499
CM		 3725 if (recv_msg == NULL) {
3726 printk(KERN_WARNING
3727 "IPMI message received with no owner. This\n"
3728 "could be because of a malformed message, or\n"
3729 "because of a hardware error. Contact your\n"
3730 "hardware vender for assistance\n");
56a55ec6
CM		 3731 return 0;
3732 }
1da177e4 3733
393d2cc3 3734 user = recv_msg->user;
1da177e4 3735 /* Make sure the user still exists. */
393d2cc3 3736 if (user && !user->valid) {
56a55ec6 3737 /* The user for the message went away, so give up. */
b2655f26 3738 ipmi_inc_stat(intf, unhandled_local_responses);
1da177e4
LT		 3739 ipmi_free_recv_msg(recv_msg);
3740 } else {
3741 struct ipmi_system_interface_addr *smi_addr;
3742
b2655f26 3743 ipmi_inc_stat(intf, handled_local_responses);
1da177e4
LT		 3744 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3745 recv_msg->msgid = msg->msgid;
3746 smi_addr = ((struct ipmi_system_interface_addr *)
3747 &(recv_msg->addr));
3748 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3749 smi_addr->channel = IPMI_BMC_CHANNEL;
3750 smi_addr->lun = msg->rsp[0] & 3;
3751 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3752 recv_msg->msg.cmd = msg->rsp[1];
3753 memcpy(recv_msg->msg_data,
3754 &(msg->rsp[2]),
3755 msg->rsp_size - 2);
3756 recv_msg->msg.data = recv_msg->msg_data;
3757 recv_msg->msg.data_len = msg->rsp_size - 2;
3758 deliver_response(recv_msg);
3759 }
3760
3761 return 0;
3762}
3763
c70d7499 3764/*
7adf579c 3765 * Handle a received message. Return 1 if the message should be requeued,
c70d7499
CM		 3766 * 0 if the message should be freed, or -1 if the message should not
3767 * be freed or requeued.
3768 */
7adf579c 3769static int handle_one_recv_msg(ipmi_smi_t intf,
1da177e4
LT		 3770 struct ipmi_smi_msg *msg)
3771{
3772 int requeue;
3773 int chan;
3774
3775#ifdef DEBUG_MSGING
3776 int m;
3777 printk("Recv:");
e8b33617 3778 for (m = 0; m < msg->rsp_size; m++)
1da177e4
LT		 3779 printk(" %2.2x", msg->rsp[m]);
3780 printk("\n");
3781#endif
3782 if (msg->rsp_size < 2) {
3783 /* Message is too small to be correct. */
3784 printk(KERN_WARNING PFX "BMC returned to small a message"
3785 " for netfn %x cmd %x, got %d bytes\n",
3786 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
3787
3788 /* Generate an error response for the message. */
3789 msg->rsp[0] = msg->data[0] | (1 << 2);
3790 msg->rsp[1] = msg->data[1];
3791 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3792 msg->rsp_size = 3;
c70d7499
CM		 3793 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))
3794 || (msg->rsp[1] != msg->data[1])) {
3795 /*
3796 * The NetFN and Command in the response is not even
3797 * marginally correct.
3798 */
1da177e4
LT		 3799 printk(KERN_WARNING PFX "BMC returned incorrect response,"
3800 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
3801 (msg->data[0] >> 2) | 1, msg->data[1],
3802 msg->rsp[0] >> 2, msg->rsp[1]);
3803
3804 /* Generate an error response for the message. */
3805 msg->rsp[0] = msg->data[0] | (1 << 2);
3806 msg->rsp[1] = msg->data[1];
3807 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3808 msg->rsp_size = 3;
3809 }
3810
3811 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3812 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
c70d7499
CM		 3813 && (msg->user_data != NULL)) {
3814 /*
3815 * It's a response to a response we sent. For this we
3816 * deliver a send message response to the user.
3817 */
393d2cc3 3818 struct ipmi_recv_msg *recv_msg = msg->user_data;
1da177e4
LT		 3819
3820 requeue = 0;
3821 if (msg->rsp_size < 2)
3822 /* Message is too small to be correct. */
3823 goto out;
3824
3825 chan = msg->data[2] & 0x0f;
3826 if (chan >= IPMI_MAX_CHANNELS)
3827 /* Invalid channel number */
3828 goto out;
3829
393d2cc3
CM		 3830 if (!recv_msg)
3831 goto out;
3832
3833 /* Make sure the user still exists. */
3834 if (!recv_msg->user || !recv_msg->user->valid)
3835 goto out;
3836
3837 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
3838 recv_msg->msg.data = recv_msg->msg_data;
3839 recv_msg->msg.data_len = 1;
3840 recv_msg->msg_data[0] = msg->rsp[2];
3841 deliver_response(recv_msg);
1da177e4 3842 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
c70d7499 3843 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) {
1da177e4
LT		 3844 /* It's from the receive queue. */
3845 chan = msg->rsp[3] & 0xf;
3846 if (chan >= IPMI_MAX_CHANNELS) {
3847 /* Invalid channel number */
3848 requeue = 0;
3849 goto out;
3850 }
3851
4dec302f 3852 /*
9a2845c4
CM		 3853 * We need to make sure the channels have been initialized.
3854 * The channel_handler routine will set the "curr_channel"
3855 * equal to or greater than IPMI_MAX_CHANNELS when all the
3856 * channels for this interface have been initialized.
3857 */
4dec302f 3858 if (intf->curr_channel < IPMI_MAX_CHANNELS) {
9a2845c4 3859 requeue = 0; /* Throw the message away */
4dec302f 3860 goto out;
3861 }
3862
1da177e4
LT		 3863 switch (intf->channels[chan].medium) {
3864 case IPMI_CHANNEL_MEDIUM_IPMB:
3865 if (msg->rsp[4] & 0x04) {
c70d7499
CM		 3866 /*
3867 * It's a response, so find the
3868 * requesting message and send it up.
3869 */
1da177e4
LT		 3870 requeue = handle_ipmb_get_msg_rsp(intf, msg);
3871 } else {
c70d7499
CM		 3872 /*
3873 * It's a command to the SMS from some other
3874 * entity. Handle that.
3875 */
1da177e4
LT		 3876 requeue = handle_ipmb_get_msg_cmd(intf, msg);
3877 }
3878 break;
3879
3880 case IPMI_CHANNEL_MEDIUM_8023LAN:
3881 case IPMI_CHANNEL_MEDIUM_ASYNC:
3882 if (msg->rsp[6] & 0x04) {
c70d7499
CM		 3883 /*
3884 * It's a response, so find the
3885 * requesting message and send it up.
3886 */
1da177e4
LT		 3887 requeue = handle_lan_get_msg_rsp(intf, msg);
3888 } else {
c70d7499
CM		 3889 /*
3890 * It's a command to the SMS from some other
3891 * entity. Handle that.
3892 */
1da177e4
LT		 3893 requeue = handle_lan_get_msg_cmd(intf, msg);
3894 }
3895 break;
3896
3897 default:
4dec302f 3898 /* Check for OEM Channels. Clients had better
3899 register for these commands. */
3900 if ((intf->channels[chan].medium
3901 >= IPMI_CHANNEL_MEDIUM_OEM_MIN)
3902 && (intf->channels[chan].medium
3903 <= IPMI_CHANNEL_MEDIUM_OEM_MAX)) {
3904 requeue = handle_oem_get_msg_cmd(intf, msg);
3905 } else {
3906 /*
3907 * We don't handle the channel type, so just
3908 * free the message.
3909 */
3910 requeue = 0;
3911 }
1da177e4
LT		 3912 }
3913
3914 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
c70d7499 3915 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) {
b3834be5 3916 /* It's an asynchronous event. */
1da177e4
LT		 3917 requeue = handle_read_event_rsp(intf, msg);
3918 } else {
3919 /* It's a response from the local BMC. */
3920 requeue = handle_bmc_rsp(intf, msg);
3921 }
3922
3923 out:
3924 return requeue;
3925}
3926
7adf579c
CM		 3927/*
3928 * If there are messages in the queue or pretimeouts, handle them.
3929 */
3930static void handle_new_recv_msgs(ipmi_smi_t intf)
3931{
3932 struct ipmi_smi_msg *smi_msg;
3933 unsigned long flags = 0;
3934 int rv;
3935 int run_to_completion = intf->run_to_completion;
3936
3937 /* See if any waiting messages need to be processed. */
3938 if (!run_to_completion)
65be7544
CM		 3939 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
3940 while (!list_empty(&intf->waiting_rcv_msgs)) {
3941 smi_msg = list_entry(intf->waiting_rcv_msgs.next,
7adf579c 3942 struct ipmi_smi_msg, link);
ae4ea9a2 3943 list_del(&smi_msg->link);
7adf579c 3944 if (!run_to_completion)
65be7544
CM		 3945 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock,
3946 flags);
7adf579c
CM		 3947 rv = handle_one_recv_msg(intf, smi_msg);
3948 if (!run_to_completion)
65be7544 3949 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
7ea0ed2b 3950 if (rv > 0) {
7adf579c
CM		 3951 /*
3952 * To preserve message order, quit if we
ae4ea9a2
JN		 3953 * can't handle a message. Add the message
3954 * back at the head, this is safe because this
3955 * tasklet is the only thing that pulls the
3956 * messages.
7adf579c 3957 */
ae4ea9a2 3958 list_add(&smi_msg->link, &intf->waiting_rcv_msgs);
7adf579c 3959 break;
7ea0ed2b 3960 } else {
7ea0ed2b
CM		 3961 if (rv == 0)
3962 /* Message handled */
3963 ipmi_free_smi_msg(smi_msg);
3964 /* If rv < 0, fatal error, del but don't free. */
7adf579c
CM		 3965 }
3966 }
3967 if (!run_to_completion)
65be7544 3968 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock, flags);
7adf579c
CM		 3969
3970 /*
3971 * If the pretimout count is non-zero, decrement one from it and
3972 * deliver pretimeouts to all the users.
3973 */
3974 if (atomic_add_unless(&intf->watchdog_pretimeouts_to_deliver, -1, 0)) {
3975 ipmi_user_t user;
3976
3977 rcu_read_lock();
3978 list_for_each_entry_rcu(user, &intf->users, link) {
3979 if (user->handler->ipmi_watchdog_pretimeout)
3980 user->handler->ipmi_watchdog_pretimeout(
3981 user->handler_data);
3982 }
3983 rcu_read_unlock();
3984 }
3985}
3986
3987static void smi_recv_tasklet(unsigned long val)
3988{
7ea0ed2b
CM		 3989 unsigned long flags = 0; /* keep us warning-free. */
3990 ipmi_smi_t intf = (ipmi_smi_t) val;
3991 int run_to_completion = intf->run_to_completion;
3992 struct ipmi_smi_msg *newmsg = NULL;
3993
3994 /*
3995 * Start the next message if available.
3996 *
3997 * Do this here, not in the actual receiver, because we may deadlock
3998 * because the lower layer is allowed to hold locks while calling
3999 * message delivery.
4000 */
cdea4656
TC		 4001
4002 rcu_read_lock();
4003
7ea0ed2b
CM		 4004 if (!run_to_completion)
4005 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
4006 if (intf->curr_msg == NULL && !intf->in_shutdown) {
4007 struct list_head *entry = NULL;
4008
4009 /* Pick the high priority queue first. */
4010 if (!list_empty(&intf->hp_xmit_msgs))
4011 entry = intf->hp_xmit_msgs.next;
4012 else if (!list_empty(&intf->xmit_msgs))
4013 entry = intf->xmit_msgs.next;
4014
4015 if (entry) {
4016 list_del(entry);
4017 newmsg = list_entry(entry, struct ipmi_smi_msg, link);
4018 intf->curr_msg = newmsg;
4019 }
4020 }
4021 if (!run_to_completion)
4022 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
4023 if (newmsg)
99ab32f3 4024 intf->handlers->sender(intf->send_info, newmsg);
7ea0ed2b 4025
cdea4656
TC		 4026 rcu_read_unlock();
4027
7ea0ed2b 4028 handle_new_recv_msgs(intf);
7adf579c
CM		 4029}
4030
1da177e4
LT		 4031/* Handle a new message from the lower layer. */
4032void ipmi_smi_msg_received(ipmi_smi_t intf,
4033 struct ipmi_smi_msg *msg)
4034{
5956dce1 4035 unsigned long flags = 0; /* keep us warning-free. */
7ea0ed2b 4036 int run_to_completion = intf->run_to_completion;
1da177e4 4037
1da177e4
LT		 4038 if ((msg->data_size >= 2)
4039 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
4040 && (msg->data[1] == IPMI_SEND_MSG_CMD)
c70d7499 4041 && (msg->user_data == NULL)) {
7ea0ed2b
CM		 4042
4043 if (intf->in_shutdown)
4044 goto free_msg;
4045
c70d7499
CM		 4046 /*
4047 * This is the local response to a command send, start
4048 * the timer for these. The user_data will not be
4049 * NULL if this is a response send, and we will let
4050 * response sends just go through.
4051 */
4052
4053 /*
4054 * Check for errors, if we get certain errors (ones
4055 * that mean basically we can try again later), we
4056 * ignore them and start the timer. Otherwise we
4057 * report the error immediately.
4058 */
1da177e4
LT		 4059 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
4060 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
46d52b09
CM		 4061 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR)
4062 && (msg->rsp[2] != IPMI_BUS_ERR)
c70d7499 4063 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) {
1da177e4
LT		 4064 int chan = msg->rsp[3] & 0xf;
4065
4066 /* Got an error sending the message, handle it. */
1da177e4
LT		 4067 if (chan >= IPMI_MAX_CHANNELS)
4068 ; /* This shouldn't happen */
4069 else if ((intf->channels[chan].medium
4070 == IPMI_CHANNEL_MEDIUM_8023LAN)
4071 || (intf->channels[chan].medium
4072 == IPMI_CHANNEL_MEDIUM_ASYNC))
b2655f26 4073 ipmi_inc_stat(intf, sent_lan_command_errs);
1da177e4 4074 else
b2655f26 4075 ipmi_inc_stat(intf, sent_ipmb_command_errs);
1da177e4 4076 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
c70d7499 4077 } else
1da177e4
LT		 4078 /* The message was sent, start the timer. */
4079 intf_start_seq_timer(intf, msg->msgid);
1da177e4 4080
7ea0ed2b 4081free_msg:
1da177e4 4082 ipmi_free_smi_msg(msg);
7ea0ed2b
CM		 4083 } else {
4084 /*
4085 * To preserve message order, we keep a queue and deliver from
4086 * a tasklet.
4087 */
4088 if (!run_to_completion)
4089 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
4090 list_add_tail(&msg->link, &intf->waiting_rcv_msgs);
4091 if (!run_to_completion)
4092 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock,
4093 flags);
1da177e4
LT		 4094 }
4095
5956dce1 4096 if (!run_to_completion)
7ea0ed2b 4097 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
b2234ee9
CM		 4098 /*
4099 * We can get an asynchronous event or receive message in addition
4100 * to commands we send.
4101 */
7ea0ed2b
CM		 4102 if (msg == intf->curr_msg)
4103 intf->curr_msg = NULL;
5956dce1 4104 if (!run_to_completion)
7ea0ed2b 4105 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
c70d7499 4106
7ea0ed2b
CM		 4107 if (run_to_completion)
4108 smi_recv_tasklet((unsigned long) intf);
4109 else
4110 tasklet_schedule(&intf->recv_tasklet);
1da177e4 4111}
c70d7499 4112EXPORT_SYMBOL(ipmi_smi_msg_received);
1da177e4
LT		 4113
4114void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
4115{
7ea0ed2b
CM		 4116 if (intf->in_shutdown)
4117 return;
4118
7adf579c
CM		 4119 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 1);
4120 tasklet_schedule(&intf->recv_tasklet);
1da177e4 4121}
c70d7499 4122EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
1da177e4 4123
882fe011
CM		 4124static struct ipmi_smi_msg *
4125smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
4126 unsigned char seq, long seqid)
1da177e4 4127{
882fe011 4128 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
1da177e4 4129 if (!smi_msg)
c70d7499
CM		 4130 /*
4131 * If we can't allocate the message, then just return, we
4132 * get 4 retries, so this should be ok.
4133 */
882fe011 4134 return NULL;
1da177e4
LT		 4135
4136 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
4137 smi_msg->data_size = recv_msg->msg.data_len;
4138 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
c70d7499 4139
1da177e4
LT		 4140#ifdef DEBUG_MSGING
4141 {
4142 int m;
4143 printk("Resend: ");
e8b33617 4144 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 4145 printk(" %2.2x", smi_msg->data[m]);
4146 printk("\n");
4147 }
4148#endif
882fe011 4149 return smi_msg;
1da177e4
LT		 4150}
4151
393d2cc3 4152static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent,
392a17b1
CM		 4153 struct list_head *timeouts,
4154 unsigned long timeout_period,
89986496
CM		 4155 int slot, unsigned long *flags,
4156 unsigned int *waiting_msgs)
393d2cc3 4157{
b2c03941 4158 struct ipmi_recv_msg *msg;
81d02b7f 4159 const struct ipmi_smi_handlers *handlers;
b2c03941 4160
7ea0ed2b 4161 if (intf->in_shutdown)
b2c03941 4162 return;
393d2cc3
CM		 4163
4164 if (!ent->inuse)
4165 return;
4166
392a17b1
CM		 4167 if (timeout_period < ent->timeout) {
4168 ent->timeout -= timeout_period;
89986496 4169 (*waiting_msgs)++;
393d2cc3 4170 return;
89986496 4171 }
393d2cc3
CM		 4172
4173 if (ent->retries_left == 0) {
4174 /* The message has used all its retries. */
4175 ent->inuse = 0;
4176 msg = ent->recv_msg;
4177 list_add_tail(&msg->link, timeouts);
393d2cc3 4178 if (ent->broadcast)
b2655f26 4179 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts);
25176ed6 4180 else if (is_lan_addr(&ent->recv_msg->addr))
b2655f26 4181 ipmi_inc_stat(intf, timed_out_lan_commands);
393d2cc3 4182 else
b2655f26 4183 ipmi_inc_stat(intf, timed_out_ipmb_commands);
393d2cc3
CM		 4184 } else {
4185 struct ipmi_smi_msg *smi_msg;
4186 /* More retries, send again. */
4187
89986496
CM		 4188 (*waiting_msgs)++;
4189
c70d7499
CM		 4190 /*
4191 * Start with the max timer, set to normal timer after
4192 * the message is sent.
4193 */
393d2cc3
CM		 4194 ent->timeout = MAX_MSG_TIMEOUT;
4195 ent->retries_left--;
393d2cc3
CM		 4196 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
4197 ent->seqid);
25176ed6
CM		 4198 if (!smi_msg) {
4199 if (is_lan_addr(&ent->recv_msg->addr))
4200 ipmi_inc_stat(intf,
4201 dropped_rexmit_lan_commands);
4202 else
4203 ipmi_inc_stat(intf,
4204 dropped_rexmit_ipmb_commands);
393d2cc3 4205 return;
25176ed6 4206 }
393d2cc3
CM		 4207
4208 spin_unlock_irqrestore(&intf->seq_lock, *flags);
b2c03941 4209
c70d7499
CM		 4210 /*
4211 * Send the new message. We send with a zero
4212 * priority. It timed out, I doubt time is that
4213 * critical now, and high priority messages are really
4214 * only for messages to the local MC, which don't get
4215 * resent.
4216 */
b2c03941 4217 handlers = intf->handlers;
25176ed6
CM		 4218 if (handlers) {
4219 if (is_lan_addr(&ent->recv_msg->addr))
4220 ipmi_inc_stat(intf,
4221 retransmitted_lan_commands);
4222 else
4223 ipmi_inc_stat(intf,
4224 retransmitted_ipmb_commands);
4225
81d02b7f 4226 smi_send(intf, handlers, smi_msg, 0);
25176ed6 4227 } else
b2c03941
CM		 4228 ipmi_free_smi_msg(smi_msg);
4229
393d2cc3
CM		 4230 spin_lock_irqsave(&intf->seq_lock, *flags);
4231 }
4232}
4233
392a17b1
CM		 4234static unsigned int ipmi_timeout_handler(ipmi_smi_t intf,
4235 unsigned long timeout_period)
1da177e4 4236{
1da177e4
LT		 4237 struct list_head timeouts;
4238 struct ipmi_recv_msg *msg, *msg2;
1da177e4 4239 unsigned long flags;
bca0324d 4240 int i;
89986496 4241 unsigned int waiting_msgs = 0;
1da177e4 4242
89986496
CM		 4243 /*
4244 * Go through the seq table and find any messages that
4245 * have timed out, putting them in the timeouts
4246 * list.
4247 */
4248 INIT_LIST_HEAD(&timeouts);
4249 spin_lock_irqsave(&intf->seq_lock, flags);
4250 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++)
4251 check_msg_timeout(intf, &(intf->seq_table[i]),
4252 &timeouts, timeout_period, i,
4253 &flags, &waiting_msgs);
4254 spin_unlock_irqrestore(&intf->seq_lock, flags);
393d2cc3 4255
89986496
CM		 4256 list_for_each_entry_safe(msg, msg2, &timeouts, link)
4257 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE);
b9675136 4258
89986496
CM		 4259 /*
4260 * Maintenance mode handling. Check the timeout
4261 * optimistically before we claim the lock. It may
4262 * mean a timeout gets missed occasionally, but that
4263 * only means the timeout gets extended by one period
4264 * in that case. No big deal, and it avoids the lock
4265 * most of the time.
4266 */
4267 if (intf->auto_maintenance_timeout > 0) {
4268 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
b9675136 4269 if (intf->auto_maintenance_timeout > 0) {
89986496
CM		 4270 intf->auto_maintenance_timeout
4271 -= timeout_period;
4272 if (!intf->maintenance_mode
4273 && (intf->auto_maintenance_timeout <= 0)) {
7aefac26 4274 intf->maintenance_mode_enable = false;
89986496 4275 maintenance_mode_update(intf);
b9675136 4276 }
b9675136 4277 }
89986496
CM		 4278 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
4279 flags);
1da177e4 4280 }
89986496
CM		 4281
4282 tasklet_schedule(&intf->recv_tasklet);
4283
4284 return waiting_msgs;
1da177e4
LT		 4285}
4286
89986496 4287static void ipmi_request_event(ipmi_smi_t intf)
1da177e4 4288{
89986496
CM		 4289 /* No event requests when in maintenance mode. */
4290 if (intf->maintenance_mode_enable)
4291 return;
b9675136 4292
7ea0ed2b
CM		 4293 if (!intf->in_shutdown)
4294 intf->handlers->request_events(intf->send_info);
1da177e4
LT		 4295}
4296
4297static struct timer_list ipmi_timer;
4298
8f43f84f 4299static atomic_t stop_operation;
1da177e4
LT		 4300
4301static void ipmi_timeout(unsigned long data)
4302{
89986496
CM		 4303 ipmi_smi_t intf;
4304 int nt = 0;
4305
8f43f84f 4306 if (atomic_read(&stop_operation))
1da177e4 4307 return;
1da177e4 4308
89986496
CM		 4309 rcu_read_lock();
4310 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
4311 int lnt = 0;
4312
4313 if (atomic_read(&intf->event_waiters)) {
4314 intf->ticks_to_req_ev--;
4315 if (intf->ticks_to_req_ev == 0) {
4316 ipmi_request_event(intf);
4317 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
4318 }
4319 lnt++;
4320 }
4321
4322 lnt += ipmi_timeout_handler(intf, IPMI_TIMEOUT_TIME);
1da177e4 4323
89986496
CM		 4324 lnt = !!lnt;
4325 if (lnt != intf->last_needs_timer &&
4326 intf->handlers->set_need_watch)
4327 intf->handlers->set_need_watch(intf->send_info, lnt);
4328 intf->last_needs_timer = lnt;
1da177e4 4329
89986496
CM		 4330 nt += lnt;
4331 }
4332 rcu_read_unlock();
4333
4334 if (nt)
4335 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
1da177e4
LT		 4336}
4337
89986496
CM		 4338static void need_waiter(ipmi_smi_t intf)
4339{
4340 /* Racy, but worst case we start the timer twice. */
4341 if (!timer_pending(&ipmi_timer))
4342 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
4343}
1da177e4
LT		 4344
4345static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
4346static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
4347
1da177e4
LT		 4348static void free_smi_msg(struct ipmi_smi_msg *msg)
4349{
4350 atomic_dec(&smi_msg_inuse_count);
4351 kfree(msg);
4352}
4353
4354struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
4355{
4356 struct ipmi_smi_msg *rv;
4357 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
4358 if (rv) {
4359 rv->done = free_smi_msg;
4360 rv->user_data = NULL;
4361 atomic_inc(&smi_msg_inuse_count);
4362 }
4363 return rv;
4364}
c70d7499 4365EXPORT_SYMBOL(ipmi_alloc_smi_msg);
1da177e4
LT		 4366
4367static void free_recv_msg(struct ipmi_recv_msg *msg)
4368{
4369 atomic_dec(&recv_msg_inuse_count);
4370 kfree(msg);
4371}
4372
74006309 4373static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
1da177e4
LT		 4374{
4375 struct ipmi_recv_msg *rv;
4376
4377 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
4378 if (rv) {
a9eec556 4379 rv->user = NULL;
1da177e4
LT		 4380 rv->done = free_recv_msg;
4381 atomic_inc(&recv_msg_inuse_count);
4382 }
4383 return rv;
4384}
4385
393d2cc3
CM		 4386void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
4387{
4388 if (msg->user)
4389 kref_put(&msg->user->refcount, free_user);
4390 msg->done(msg);
4391}
c70d7499 4392EXPORT_SYMBOL(ipmi_free_recv_msg);
393d2cc3 4393
895dcfd1
CM		 4394static atomic_t panic_done_count = ATOMIC_INIT(0);
4395
1da177e4
LT		 4396static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
4397{
895dcfd1 4398 atomic_dec(&panic_done_count);
1da177e4
LT		 4399}
4400
4401static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
4402{
895dcfd1
CM		 4403 atomic_dec(&panic_done_count);
4404}
4405
4406/*
4407 * Inside a panic, send a message and wait for a response.
4408 */
4409static void ipmi_panic_request_and_wait(ipmi_smi_t intf,
4410 struct ipmi_addr *addr,
4411 struct kernel_ipmi_msg *msg)
4412{
4413 struct ipmi_smi_msg smi_msg;
4414 struct ipmi_recv_msg recv_msg;
4415 int rv;
4416
4417 smi_msg.done = dummy_smi_done_handler;
4418 recv_msg.done = dummy_recv_done_handler;
4419 atomic_add(2, &panic_done_count);
4420 rv = i_ipmi_request(NULL,
4421 intf,
4422 addr,
4423 0,
4424 msg,
4425 intf,
4426 &smi_msg,
4427 &recv_msg,
4428 0,
4429 intf->channels[0].address,
4430 intf->channels[0].lun,
4431 0, 1); /* Don't retry, and don't wait. */
4432 if (rv)
4433 atomic_sub(2, &panic_done_count);
82802f96
HK		 4434 else if (intf->handlers->flush_messages)
4435 intf->handlers->flush_messages(intf->send_info);
4436
895dcfd1
CM		 4437 while (atomic_read(&panic_done_count) != 0)
4438 ipmi_poll(intf);
1da177e4
LT		 4439}
4440
56a55ec6 4441static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 4442{
56a55ec6
CM		 4443 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4444 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
4445 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
c70d7499 4446 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
1da177e4 4447 /* A get event receiver command, save it. */
56a55ec6
CM		 4448 intf->event_receiver = msg->msg.data[1];
4449 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
1da177e4
LT		 4450 }
4451}
4452
56a55ec6 4453static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 4454{
56a55ec6
CM		 4455 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4456 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
4457 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
c70d7499
CM		 4458 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
4459 /*
4460 * A get device id command, save if we are an event
4461 * receiver or generator.
4462 */
56a55ec6
CM		 4463 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
4464 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
1da177e4
LT		 4465 }
4466}
1da177e4
LT		 4467
4468static void send_panic_events(char *str)
4469{
4470 struct kernel_ipmi_msg msg;
4471 ipmi_smi_t intf;
4472 unsigned char data[16];
1da177e4
LT		 4473 struct ipmi_system_interface_addr *si;
4474 struct ipmi_addr addr;
1da177e4 4475
1c9f98d1
CM		 4476 if (ipmi_send_panic_event == IPMI_SEND_PANIC_EVENT_NONE)
4477 return;
4478
1da177e4
LT		 4479 si = (struct ipmi_system_interface_addr *) &addr;
4480 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4481 si->channel = IPMI_BMC_CHANNEL;
4482 si->lun = 0;
4483
4484 /* Fill in an event telling that we have failed. */
4485 msg.netfn = 0x04; /* Sensor or Event. */
4486 msg.cmd = 2; /* Platform event command. */
4487 msg.data = data;
4488 msg.data_len = 8;
cda315ab 4489 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */
1da177e4
LT		 4490 data[1] = 0x03; /* This is for IPMI 1.0. */
4491 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
4492 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
4493 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
4494
c70d7499
CM		 4495 /*
4496 * Put a few breadcrumbs in. Hopefully later we can add more things
4497 * to make the panic events more useful.
4498 */
1da177e4
LT		 4499 if (str) {
4500 data[3] = str[0];
4501 data[6] = str[1];
4502 data[7] = str[2];
4503 }
4504
1da177e4 4505 /* For every registered interface, send the event. */
bca0324d 4506 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1c9f98d1
CM		 4507 if (!intf->handlers || !intf->handlers->poll)
4508 /* Interface is not ready or can't run at panic time. */
1da177e4
LT		 4509 continue;
4510
4511 /* Send the event announcing the panic. */
895dcfd1 4512 ipmi_panic_request_and_wait(intf, &addr, &msg);
1da177e4
LT		 4513 }
4514
c70d7499
CM		 4515 /*
4516 * On every interface, dump a bunch of OEM event holding the
4517 * string.
4518 */
1c9f98d1 4519 if (ipmi_send_panic_event != IPMI_SEND_PANIC_EVENT_STRING || !str)
1da177e4
LT		 4520 return;
4521
bca0324d
CM		 4522 /* For every registered interface, send the event. */
4523 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1da177e4
LT		 4524 char *p = str;
4525 struct ipmi_ipmb_addr *ipmb;
4526 int j;
4527
bca0324d
CM		 4528 if (intf->intf_num == -1)
4529 /* Interface was not ready yet. */
1da177e4
LT		 4530 continue;
4531
78ba2faf
CM		 4532 /*
4533 * intf_num is used as an marker to tell if the
4534 * interface is valid. Thus we need a read barrier to
4535 * make sure data fetched before checking intf_num
4536 * won't be used.
4537 */
4538 smp_rmb();
4539
c70d7499
CM		 4540 /*
4541 * First job here is to figure out where to send the
4542 * OEM events. There's no way in IPMI to send OEM
4543 * events using an event send command, so we have to
4544 * find the SEL to put them in and stick them in
4545 * there.
4546 */
1da177e4
LT		 4547
4548 /* Get capabilities from the get device id. */
4549 intf->local_sel_device = 0;
4550 intf->local_event_generator = 0;
4551 intf->event_receiver = 0;
4552
4553 /* Request the device info from the local MC. */
4554 msg.netfn = IPMI_NETFN_APP_REQUEST;
4555 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
4556 msg.data = NULL;
4557 msg.data_len = 0;
4558 intf->null_user_handler = device_id_fetcher;
895dcfd1 4559 ipmi_panic_request_and_wait(intf, &addr, &msg);
1da177e4
LT		 4560
4561 if (intf->local_event_generator) {
4562 /* Request the event receiver from the local MC. */
4563 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
4564 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
4565 msg.data = NULL;
4566 msg.data_len = 0;
4567 intf->null_user_handler = event_receiver_fetcher;
895dcfd1 4568 ipmi_panic_request_and_wait(intf, &addr, &msg);
1da177e4
LT		 4569 }
4570 intf->null_user_handler = NULL;
4571
c70d7499
CM		 4572 /*
4573 * Validate the event receiver. The low bit must not
4574 * be 1 (it must be a valid IPMB address), it cannot
4575 * be zero, and it must not be my address.
4576 */
4577 if (((intf->event_receiver & 1) == 0)
1da177e4 4578 && (intf->event_receiver != 0)
c70d7499
CM		 4579 && (intf->event_receiver != intf->channels[0].address)) {
4580 /*
4581 * The event receiver is valid, send an IPMB
4582 * message.
4583 */
1da177e4
LT		 4584 ipmb = (struct ipmi_ipmb_addr *) &addr;
4585 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
4586 ipmb->channel = 0; /* FIXME - is this right? */
4587 ipmb->lun = intf->event_receiver_lun;
4588 ipmb->slave_addr = intf->event_receiver;
4589 } else if (intf->local_sel_device) {
c70d7499
CM		 4590 /*
4591 * The event receiver was not valid (or was
4592 * me), but I am an SEL device, just dump it
4593 * in my SEL.
4594 */
1da177e4
LT		 4595 si = (struct ipmi_system_interface_addr *) &addr;
4596 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4597 si->channel = IPMI_BMC_CHANNEL;
4598 si->lun = 0;
4599 } else
4600 continue; /* No where to send the event. */
4601
1da177e4
LT		 4602 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
4603 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
4604 msg.data = data;
4605 msg.data_len = 16;
4606
4607 j = 0;
4608 while (*p) {
4609 int size = strlen(p);
4610
4611 if (size > 11)
4612 size = 11;
4613 data[0] = 0;
4614 data[1] = 0;
4615 data[2] = 0xf0; /* OEM event without timestamp. */
c14979b9 4616 data[3] = intf->channels[0].address;
1da177e4 4617 data[4] = j++; /* sequence # */
c70d7499
CM		 4618 /*
4619 * Always give 11 bytes, so strncpy will fill
4620 * it with zeroes for me.
4621 */
1da177e4
LT		 4622 strncpy(data+5, p, 11);
4623 p += size;
4624
895dcfd1 4625 ipmi_panic_request_and_wait(intf, &addr, &msg);
1da177e4 4626 }
c70d7499 4627 }
1da177e4 4628}
1da177e4 4629
0c8204b3 4630static int has_panicked;
1da177e4
LT		 4631
4632static int panic_event(struct notifier_block *this,
4633 unsigned long event,
c70d7499 4634 void *ptr)
1da177e4 4635{
1da177e4
LT		 4636 ipmi_smi_t intf;
4637
f18190bd 4638 if (has_panicked)
1da177e4 4639 return NOTIFY_DONE;
f18190bd 4640 has_panicked = 1;
1da177e4
LT		 4641
4642 /* For every registered interface, set it to run to completion. */
bca0324d 4643 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
b2c03941
CM		 4644 if (!intf->handlers)
4645 /* Interface is not ready. */
1da177e4
LT		 4646 continue;
4647
06e5e345
HK		 4648 /*
4649 * If we were interrupted while locking xmit_msgs_lock or
4650 * waiting_rcv_msgs_lock, the corresponding list may be
4651 * corrupted. In this case, drop items on the list for
4652 * the safety.
4653 */
4654 if (!spin_trylock(&intf->xmit_msgs_lock)) {
4655 INIT_LIST_HEAD(&intf->xmit_msgs);
4656 INIT_LIST_HEAD(&intf->hp_xmit_msgs);
4657 } else
4658 spin_unlock(&intf->xmit_msgs_lock);
4659
4660 if (!spin_trylock(&intf->waiting_rcv_msgs_lock))
4661 INIT_LIST_HEAD(&intf->waiting_rcv_msgs);
4662 else
4663 spin_unlock(&intf->waiting_rcv_msgs_lock);
4664
5956dce1 4665 intf->run_to_completion = 1;
1c9f98d1
CM		 4666 if (intf->handlers->set_run_to_completion)
4667 intf->handlers->set_run_to_completion(intf->send_info,
4668 1);
1da177e4
LT		 4669 }
4670
1da177e4 4671 send_panic_events(ptr);
1da177e4
LT		 4672
4673 return NOTIFY_DONE;
4674}
4675
4676static struct notifier_block panic_block = {
4677 .notifier_call = panic_event,
4678 .next = NULL,
4679 .priority = 200 /* priority: INT_MAX >= x >= 0 */
4680};
4681
4682static int ipmi_init_msghandler(void)
4683{
50c812b2 4684 int rv;
1da177e4
LT		 4685
4686 if (initialized)
4687 return 0;
4688
fe2d5ffc 4689 rv = driver_register(&ipmidriver.driver);
50c812b2
CM		 4690 if (rv) {
4691 printk(KERN_ERR PFX "Could not register IPMI driver\n");
4692 return rv;
4693 }
4694
1da177e4 4695 printk(KERN_INFO "ipmi message handler version "
1fdd75bd 4696 IPMI_DRIVER_VERSION "\n");
1da177e4 4697
3b625943 4698#ifdef CONFIG_PROC_FS
1da177e4
LT		 4699 proc_ipmi_root = proc_mkdir("ipmi", NULL);
4700 if (!proc_ipmi_root) {
4701 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
80fad5b9 4702 driver_unregister(&ipmidriver.driver);
1da177e4
LT		 4703 return -ENOMEM;
4704 }
4705
3b625943 4706#endif /* CONFIG_PROC_FS */
1da177e4 4707
409035e0
CM		 4708 setup_timer(&ipmi_timer, ipmi_timeout, 0);
4709 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
1da177e4 4710
e041c683 4711 atomic_notifier_chain_register(&panic_notifier_list, &panic_block);
1da177e4
LT		 4712
4713 initialized = 1;
4714
4715 return 0;
4716}
4717
60ee6d5f 4718static int __init ipmi_init_msghandler_mod(void)
1da177e4
LT		 4719{
4720 ipmi_init_msghandler();
4721 return 0;
4722}
4723
60ee6d5f 4724static void __exit cleanup_ipmi(void)
1da177e4
LT		 4725{
4726 int count;
4727
4728 if (!initialized)
4729 return;
4730
e041c683 4731 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block);
1da177e4 4732
c70d7499
CM		 4733 /*
4734 * This can't be called if any interfaces exist, so no worry
4735 * about shutting down the interfaces.
4736 */
1da177e4 4737
c70d7499
CM		 4738 /*
4739 * Tell the timer to stop, then wait for it to stop. This
4740 * avoids problems with race conditions removing the timer
4741 * here.
4742 */
8f43f84f
CM		 4743 atomic_inc(&stop_operation);
4744 del_timer_sync(&ipmi_timer);
1da177e4 4745
3b625943 4746#ifdef CONFIG_PROC_FS
a8ca16ea 4747 proc_remove(proc_ipmi_root);
3b625943 4748#endif /* CONFIG_PROC_FS */
1da177e4 4749
fe2d5ffc 4750 driver_unregister(&ipmidriver.driver);
50c812b2 4751
1da177e4
LT		 4752 initialized = 0;
4753
4754 /* Check for buffer leaks. */
4755 count = atomic_read(&smi_msg_inuse_count);
4756 if (count != 0)
4757 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
4758 count);
4759 count = atomic_read(&recv_msg_inuse_count);
4760 if (count != 0)
4761 printk(KERN_WARNING PFX "recv message count %d at exit\n",
4762 count);
4763}
4764module_exit(cleanup_ipmi);
4765
4766module_init(ipmi_init_msghandler_mod);
4767MODULE_LICENSE("GPL");
1fdd75bd 4768MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
c70d7499
CM		 4769MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI"
4770 " interface.");
1fdd75bd 4771MODULE_VERSION(IPMI_DRIVER_VERSION);
070cbd1d 4772MODULE_SOFTDEP("post: ipmi_devintf");
ubuntu-bionic-kernel mirror