4 * Incoming and outgoing message routing for an IPMI interface.
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
10 * Copyright 2002 MontaVista Software Inc.
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
34 #include <linux/config.h>
35 #include <linux/module.h>
36 #include <linux/errno.h>
37 #include <asm/system.h>
38 #include <linux/sched.h>
39 #include <linux/poll.h>
40 #include <linux/spinlock.h>
41 #include <linux/mutex.h>
42 #include <linux/slab.h>
43 #include <linux/ipmi.h>
44 #include <linux/ipmi_smi.h>
45 #include <linux/notifier.h>
46 #include <linux/init.h>
47 #include <linux/proc_fs.h>
48 #include <linux/rcupdate.h>
50 #define PFX "IPMI message handler: "
52 #define IPMI_DRIVER_VERSION "39.0"
54 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
55 static int ipmi_init_msghandler(void);
57 static int initialized = 0;
60 struct proc_dir_entry *proc_ipmi_root = NULL;
61 EXPORT_SYMBOL(proc_ipmi_root);
62 #endif /* CONFIG_PROC_FS */
64 #define MAX_EVENTS_IN_QUEUE 25
66 /* Don't let a message sit in a queue forever, always time it with at lest
67 the max message timer. This is in milliseconds. */
68 #define MAX_MSG_TIMEOUT 60000
72 * The main "user" data structure.
76 struct list_head link;
78 /* Set to "0" when the user is destroyed. */
83 /* The upper layer that handles receive messages. */
84 struct ipmi_user_hndl *handler;
87 /* The interface this user is bound to. */
90 /* Does this interface receive IPMI events? */
96 struct list_head link;
103 * This is used to form a linked lised during mass deletion.
104 * Since this is in an RCU list, we cannot use the link above
105 * or change any data until the RCU period completes. So we
106 * use this next variable during mass deletion so we can have
107 * a list and don't have to wait and restart the search on
108 * every individual deletion of a command. */
109 struct cmd_rcvr *next;
114 unsigned int inuse : 1;
115 unsigned int broadcast : 1;
117 unsigned long timeout;
118 unsigned long orig_timeout;
119 unsigned int retries_left;
121 /* To verify on an incoming send message response that this is
122 the message that the response is for, we keep a sequence id
123 and increment it every time we send a message. */
126 /* This is held so we can properly respond to the message on a
127 timeout, and it is used to hold the temporary data for
128 retransmission, too. */
129 struct ipmi_recv_msg *recv_msg;
132 /* Store the information in a msgid (long) to allow us to find a
133 sequence table entry from the msgid. */
134 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
136 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
138 seq = ((msgid >> 26) & 0x3f); \
139 seqid = (msgid & 0x3fffff); \
142 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
146 unsigned char medium;
147 unsigned char protocol;
149 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
150 but may be changed by the user. */
151 unsigned char address;
153 /* My LUN. This should generally stay the SMS LUN, but just in
158 #ifdef CONFIG_PROC_FS
159 struct ipmi_proc_entry
162 struct ipmi_proc_entry *next;
168 struct platform_device *dev;
169 struct ipmi_device_id id;
170 unsigned char guid[16];
173 struct kref refcount;
175 /* bmc device attributes */
176 struct device_attribute device_id_attr;
177 struct device_attribute provides_dev_sdrs_attr;
178 struct device_attribute revision_attr;
179 struct device_attribute firmware_rev_attr;
180 struct device_attribute version_attr;
181 struct device_attribute add_dev_support_attr;
182 struct device_attribute manufacturer_id_attr;
183 struct device_attribute product_id_attr;
184 struct device_attribute guid_attr;
185 struct device_attribute aux_firmware_rev_attr;
188 #define IPMI_IPMB_NUM_SEQ 64
189 #define IPMI_MAX_CHANNELS 16
192 /* What interface number are we? */
195 struct kref refcount;
197 /* The list of upper layers that are using me. seq_lock
199 struct list_head users;
201 /* Used for wake ups at startup. */
202 wait_queue_head_t waitq;
204 struct bmc_device *bmc;
207 /* This is the lower-layer's sender routine. */
208 struct ipmi_smi_handlers *handlers;
211 #ifdef CONFIG_PROC_FS
212 /* A list of proc entries for this interface. This does not
213 need a lock, only one thread creates it and only one thread
215 spinlock_t proc_entry_lock;
216 struct ipmi_proc_entry *proc_entries;
219 /* Driver-model device for the system interface. */
220 struct device *si_dev;
222 /* A table of sequence numbers for this interface. We use the
223 sequence numbers for IPMB messages that go out of the
224 interface to match them up with their responses. A routine
225 is called periodically to time the items in this list. */
227 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
230 /* Messages that were delayed for some reason (out of memory,
231 for instance), will go in here to be processed later in a
232 periodic timer interrupt. */
233 spinlock_t waiting_msgs_lock;
234 struct list_head waiting_msgs;
236 /* The list of command receivers that are registered for commands
237 on this interface. */
238 struct mutex cmd_rcvrs_mutex;
239 struct list_head cmd_rcvrs;
241 /* Events that were queues because no one was there to receive
243 spinlock_t events_lock; /* For dealing with event stuff. */
244 struct list_head waiting_events;
245 unsigned int waiting_events_count; /* How many events in queue? */
247 /* The event receiver for my BMC, only really used at panic
248 shutdown as a place to store this. */
249 unsigned char event_receiver;
250 unsigned char event_receiver_lun;
251 unsigned char local_sel_device;
252 unsigned char local_event_generator;
254 /* A cheap hack, if this is non-null and a message to an
255 interface comes in with a NULL user, call this routine with
256 it. Note that the message will still be freed by the
257 caller. This only works on the system interface. */
258 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg);
260 /* When we are scanning the channels for an SMI, this will
261 tell which channel we are scanning. */
264 /* Channel information */
265 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
268 struct proc_dir_entry *proc_dir;
269 char proc_dir_name[10];
271 spinlock_t counter_lock; /* For making counters atomic. */
273 /* Commands we got that were invalid. */
274 unsigned int sent_invalid_commands;
276 /* Commands we sent to the MC. */
277 unsigned int sent_local_commands;
278 /* Responses from the MC that were delivered to a user. */
279 unsigned int handled_local_responses;
280 /* Responses from the MC that were not delivered to a user. */
281 unsigned int unhandled_local_responses;
283 /* Commands we sent out to the IPMB bus. */
284 unsigned int sent_ipmb_commands;
285 /* Commands sent on the IPMB that had errors on the SEND CMD */
286 unsigned int sent_ipmb_command_errs;
287 /* Each retransmit increments this count. */
288 unsigned int retransmitted_ipmb_commands;
289 /* When a message times out (runs out of retransmits) this is
291 unsigned int timed_out_ipmb_commands;
293 /* This is like above, but for broadcasts. Broadcasts are
294 *not* included in the above count (they are expected to
296 unsigned int timed_out_ipmb_broadcasts;
298 /* Responses I have sent to the IPMB bus. */
299 unsigned int sent_ipmb_responses;
301 /* The response was delivered to the user. */
302 unsigned int handled_ipmb_responses;
303 /* The response had invalid data in it. */
304 unsigned int invalid_ipmb_responses;
305 /* The response didn't have anyone waiting for it. */
306 unsigned int unhandled_ipmb_responses;
308 /* Commands we sent out to the IPMB bus. */
309 unsigned int sent_lan_commands;
310 /* Commands sent on the IPMB that had errors on the SEND CMD */
311 unsigned int sent_lan_command_errs;
312 /* Each retransmit increments this count. */
313 unsigned int retransmitted_lan_commands;
314 /* When a message times out (runs out of retransmits) this is
316 unsigned int timed_out_lan_commands;
318 /* Responses I have sent to the IPMB bus. */
319 unsigned int sent_lan_responses;
321 /* The response was delivered to the user. */
322 unsigned int handled_lan_responses;
323 /* The response had invalid data in it. */
324 unsigned int invalid_lan_responses;
325 /* The response didn't have anyone waiting for it. */
326 unsigned int unhandled_lan_responses;
328 /* The command was delivered to the user. */
329 unsigned int handled_commands;
330 /* The command had invalid data in it. */
331 unsigned int invalid_commands;
332 /* The command didn't have anyone waiting for it. */
333 unsigned int unhandled_commands;
335 /* Invalid data in an event. */
336 unsigned int invalid_events;
337 /* Events that were received with the proper format. */
340 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev)
342 /* Used to mark an interface entry that cannot be used but is not a
343 * free entry, either, primarily used at creation and deletion time so
344 * a slot doesn't get reused too quickly. */
345 #define IPMI_INVALID_INTERFACE_ENTRY ((ipmi_smi_t) ((long) 1))
346 #define IPMI_INVALID_INTERFACE(i) (((i) == NULL) \
347 || (i == IPMI_INVALID_INTERFACE_ENTRY))
350 * The driver model view of the IPMI messaging driver.
352 static struct device_driver ipmidriver = {
354 .bus = &platform_bus_type
356 static DEFINE_MUTEX(ipmidriver_mutex);
358 #define MAX_IPMI_INTERFACES 4
359 static ipmi_smi_t ipmi_interfaces[MAX_IPMI_INTERFACES];
361 /* Directly protects the ipmi_interfaces data structure. */
362 static DEFINE_SPINLOCK(interfaces_lock);
364 /* List of watchers that want to know when smi's are added and
366 static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers);
367 static DECLARE_RWSEM(smi_watchers_sem);
370 static void free_recv_msg_list(struct list_head *q)
372 struct ipmi_recv_msg *msg, *msg2;
374 list_for_each_entry_safe(msg, msg2, q, link) {
375 list_del(&msg->link);
376 ipmi_free_recv_msg(msg);
380 static void clean_up_interface_data(ipmi_smi_t intf)
383 struct cmd_rcvr *rcvr, *rcvr2;
384 struct list_head list;
386 free_recv_msg_list(&intf->waiting_msgs);
387 free_recv_msg_list(&intf->waiting_events);
389 /* Wholesale remove all the entries from the list in the
390 * interface and wait for RCU to know that none are in use. */
391 mutex_lock(&intf->cmd_rcvrs_mutex);
392 list_add_rcu(&list, &intf->cmd_rcvrs);
393 list_del_rcu(&intf->cmd_rcvrs);
394 mutex_unlock(&intf->cmd_rcvrs_mutex);
397 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
400 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
401 if ((intf->seq_table[i].inuse)
402 && (intf->seq_table[i].recv_msg))
404 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
409 static void intf_free(struct kref *ref)
411 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount);
413 clean_up_interface_data(intf);
417 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
422 down_write(&smi_watchers_sem);
423 list_add(&(watcher->link), &smi_watchers);
424 up_write(&smi_watchers_sem);
425 spin_lock_irqsave(&interfaces_lock, flags);
426 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
427 ipmi_smi_t intf = ipmi_interfaces[i];
428 if (IPMI_INVALID_INTERFACE(intf))
430 spin_unlock_irqrestore(&interfaces_lock, flags);
431 watcher->new_smi(i, intf->si_dev);
432 spin_lock_irqsave(&interfaces_lock, flags);
434 spin_unlock_irqrestore(&interfaces_lock, flags);
438 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
440 down_write(&smi_watchers_sem);
441 list_del(&(watcher->link));
442 up_write(&smi_watchers_sem);
447 call_smi_watchers(int i, struct device *dev)
449 struct ipmi_smi_watcher *w;
451 down_read(&smi_watchers_sem);
452 list_for_each_entry(w, &smi_watchers, link) {
453 if (try_module_get(w->owner)) {
455 module_put(w->owner);
458 up_read(&smi_watchers_sem);
462 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
464 if (addr1->addr_type != addr2->addr_type)
467 if (addr1->channel != addr2->channel)
470 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
471 struct ipmi_system_interface_addr *smi_addr1
472 = (struct ipmi_system_interface_addr *) addr1;
473 struct ipmi_system_interface_addr *smi_addr2
474 = (struct ipmi_system_interface_addr *) addr2;
475 return (smi_addr1->lun == smi_addr2->lun);
478 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE)
479 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
481 struct ipmi_ipmb_addr *ipmb_addr1
482 = (struct ipmi_ipmb_addr *) addr1;
483 struct ipmi_ipmb_addr *ipmb_addr2
484 = (struct ipmi_ipmb_addr *) addr2;
486 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
487 && (ipmb_addr1->lun == ipmb_addr2->lun));
490 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) {
491 struct ipmi_lan_addr *lan_addr1
492 = (struct ipmi_lan_addr *) addr1;
493 struct ipmi_lan_addr *lan_addr2
494 = (struct ipmi_lan_addr *) addr2;
496 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
497 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
498 && (lan_addr1->session_handle
499 == lan_addr2->session_handle)
500 && (lan_addr1->lun == lan_addr2->lun));
506 int ipmi_validate_addr(struct ipmi_addr *addr, int len)
508 if (len < sizeof(struct ipmi_system_interface_addr)) {
512 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
513 if (addr->channel != IPMI_BMC_CHANNEL)
518 if ((addr->channel == IPMI_BMC_CHANNEL)
519 || (addr->channel >= IPMI_MAX_CHANNELS)
520 || (addr->channel < 0))
523 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
524 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
526 if (len < sizeof(struct ipmi_ipmb_addr)) {
532 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
533 if (len < sizeof(struct ipmi_lan_addr)) {
542 unsigned int ipmi_addr_length(int addr_type)
544 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
545 return sizeof(struct ipmi_system_interface_addr);
547 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
548 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
550 return sizeof(struct ipmi_ipmb_addr);
553 if (addr_type == IPMI_LAN_ADDR_TYPE)
554 return sizeof(struct ipmi_lan_addr);
559 static void deliver_response(struct ipmi_recv_msg *msg)
562 ipmi_smi_t intf = msg->user_msg_data;
565 /* Special handling for NULL users. */
566 if (intf->null_user_handler) {
567 intf->null_user_handler(intf, msg);
568 spin_lock_irqsave(&intf->counter_lock, flags);
569 intf->handled_local_responses++;
570 spin_unlock_irqrestore(&intf->counter_lock, flags);
572 /* No handler, so give up. */
573 spin_lock_irqsave(&intf->counter_lock, flags);
574 intf->unhandled_local_responses++;
575 spin_unlock_irqrestore(&intf->counter_lock, flags);
577 ipmi_free_recv_msg(msg);
579 ipmi_user_t user = msg->user;
580 user->handler->ipmi_recv_hndl(msg, user->handler_data);
584 /* Find the next sequence number not being used and add the given
585 message with the given timeout to the sequence table. This must be
586 called with the interface's seq_lock held. */
587 static int intf_next_seq(ipmi_smi_t intf,
588 struct ipmi_recv_msg *recv_msg,
589 unsigned long timeout,
598 for (i = intf->curr_seq;
599 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
600 i = (i+1)%IPMI_IPMB_NUM_SEQ)
602 if (!intf->seq_table[i].inuse)
606 if (!intf->seq_table[i].inuse) {
607 intf->seq_table[i].recv_msg = recv_msg;
609 /* Start with the maximum timeout, when the send response
610 comes in we will start the real timer. */
611 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
612 intf->seq_table[i].orig_timeout = timeout;
613 intf->seq_table[i].retries_left = retries;
614 intf->seq_table[i].broadcast = broadcast;
615 intf->seq_table[i].inuse = 1;
616 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
618 *seqid = intf->seq_table[i].seqid;
619 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
627 /* Return the receive message for the given sequence number and
628 release the sequence number so it can be reused. Some other data
629 is passed in to be sure the message matches up correctly (to help
630 guard against message coming in after their timeout and the
631 sequence number being reused). */
632 static int intf_find_seq(ipmi_smi_t intf,
637 struct ipmi_addr *addr,
638 struct ipmi_recv_msg **recv_msg)
643 if (seq >= IPMI_IPMB_NUM_SEQ)
646 spin_lock_irqsave(&(intf->seq_lock), flags);
647 if (intf->seq_table[seq].inuse) {
648 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
650 if ((msg->addr.channel == channel)
651 && (msg->msg.cmd == cmd)
652 && (msg->msg.netfn == netfn)
653 && (ipmi_addr_equal(addr, &(msg->addr))))
656 intf->seq_table[seq].inuse = 0;
660 spin_unlock_irqrestore(&(intf->seq_lock), flags);
666 /* Start the timer for a specific sequence table entry. */
667 static int intf_start_seq_timer(ipmi_smi_t intf,
676 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
678 spin_lock_irqsave(&(intf->seq_lock), flags);
679 /* We do this verification because the user can be deleted
680 while a message is outstanding. */
681 if ((intf->seq_table[seq].inuse)
682 && (intf->seq_table[seq].seqid == seqid))
684 struct seq_table *ent = &(intf->seq_table[seq]);
685 ent->timeout = ent->orig_timeout;
688 spin_unlock_irqrestore(&(intf->seq_lock), flags);
693 /* Got an error for the send message for a specific sequence number. */
694 static int intf_err_seq(ipmi_smi_t intf,
702 struct ipmi_recv_msg *msg = NULL;
705 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
707 spin_lock_irqsave(&(intf->seq_lock), flags);
708 /* We do this verification because the user can be deleted
709 while a message is outstanding. */
710 if ((intf->seq_table[seq].inuse)
711 && (intf->seq_table[seq].seqid == seqid))
713 struct seq_table *ent = &(intf->seq_table[seq]);
719 spin_unlock_irqrestore(&(intf->seq_lock), flags);
722 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
723 msg->msg_data[0] = err;
724 msg->msg.netfn |= 1; /* Convert to a response. */
725 msg->msg.data_len = 1;
726 msg->msg.data = msg->msg_data;
727 deliver_response(msg);
734 int ipmi_create_user(unsigned int if_num,
735 struct ipmi_user_hndl *handler,
740 ipmi_user_t new_user;
744 /* There is no module usecount here, because it's not
745 required. Since this can only be used by and called from
746 other modules, they will implicitly use this module, and
747 thus this can't be removed unless the other modules are
753 /* Make sure the driver is actually initialized, this handles
754 problems with initialization order. */
756 rv = ipmi_init_msghandler();
760 /* The init code doesn't return an error if it was turned
761 off, but it won't initialize. Check that. */
766 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
770 spin_lock_irqsave(&interfaces_lock, flags);
771 intf = ipmi_interfaces[if_num];
772 if ((if_num >= MAX_IPMI_INTERFACES) || IPMI_INVALID_INTERFACE(intf)) {
773 spin_unlock_irqrestore(&interfaces_lock, flags);
778 /* Note that each existing user holds a refcount to the interface. */
779 kref_get(&intf->refcount);
780 spin_unlock_irqrestore(&interfaces_lock, flags);
782 kref_init(&new_user->refcount);
783 new_user->handler = handler;
784 new_user->handler_data = handler_data;
785 new_user->intf = intf;
786 new_user->gets_events = 0;
788 if (!try_module_get(intf->handlers->owner)) {
793 if (intf->handlers->inc_usecount) {
794 rv = intf->handlers->inc_usecount(intf->send_info);
796 module_put(intf->handlers->owner);
802 spin_lock_irqsave(&intf->seq_lock, flags);
803 list_add_rcu(&new_user->link, &intf->users);
804 spin_unlock_irqrestore(&intf->seq_lock, flags);
809 kref_put(&intf->refcount, intf_free);
815 static void free_user(struct kref *ref)
817 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount);
821 int ipmi_destroy_user(ipmi_user_t user)
823 ipmi_smi_t intf = user->intf;
826 struct cmd_rcvr *rcvr;
827 struct cmd_rcvr *rcvrs = NULL;
831 /* Remove the user from the interface's sequence table. */
832 spin_lock_irqsave(&intf->seq_lock, flags);
833 list_del_rcu(&user->link);
835 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
836 if (intf->seq_table[i].inuse
837 && (intf->seq_table[i].recv_msg->user == user))
839 intf->seq_table[i].inuse = 0;
842 spin_unlock_irqrestore(&intf->seq_lock, flags);
845 * Remove the user from the command receiver's table. First
846 * we build a list of everything (not using the standard link,
847 * since other things may be using it till we do
848 * synchronize_rcu()) then free everything in that list.
850 mutex_lock(&intf->cmd_rcvrs_mutex);
851 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
852 if (rcvr->user == user) {
853 list_del_rcu(&rcvr->link);
858 mutex_unlock(&intf->cmd_rcvrs_mutex);
866 module_put(intf->handlers->owner);
867 if (intf->handlers->dec_usecount)
868 intf->handlers->dec_usecount(intf->send_info);
870 kref_put(&intf->refcount, intf_free);
872 kref_put(&user->refcount, free_user);
877 void ipmi_get_version(ipmi_user_t user,
878 unsigned char *major,
879 unsigned char *minor)
881 *major = ipmi_version_major(&user->intf->bmc->id);
882 *minor = ipmi_version_minor(&user->intf->bmc->id);
885 int ipmi_set_my_address(ipmi_user_t user,
886 unsigned int channel,
887 unsigned char address)
889 if (channel >= IPMI_MAX_CHANNELS)
891 user->intf->channels[channel].address = address;
895 int ipmi_get_my_address(ipmi_user_t user,
896 unsigned int channel,
897 unsigned char *address)
899 if (channel >= IPMI_MAX_CHANNELS)
901 *address = user->intf->channels[channel].address;
905 int ipmi_set_my_LUN(ipmi_user_t user,
906 unsigned int channel,
909 if (channel >= IPMI_MAX_CHANNELS)
911 user->intf->channels[channel].lun = LUN & 0x3;
915 int ipmi_get_my_LUN(ipmi_user_t user,
916 unsigned int channel,
917 unsigned char *address)
919 if (channel >= IPMI_MAX_CHANNELS)
921 *address = user->intf->channels[channel].lun;
925 int ipmi_set_gets_events(ipmi_user_t user, int val)
928 ipmi_smi_t intf = user->intf;
929 struct ipmi_recv_msg *msg, *msg2;
930 struct list_head msgs;
932 INIT_LIST_HEAD(&msgs);
934 spin_lock_irqsave(&intf->events_lock, flags);
935 user->gets_events = val;
938 /* Deliver any queued events. */
939 list_for_each_entry_safe(msg, msg2, &intf->waiting_events,
941 list_del(&msg->link);
942 list_add_tail(&msg->link, &msgs);
946 /* Hold the events lock while doing this to preserve order. */
947 list_for_each_entry_safe(msg, msg2, &msgs, link) {
949 kref_get(&user->refcount);
950 deliver_response(msg);
953 spin_unlock_irqrestore(&intf->events_lock, flags);
958 static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf,
962 struct cmd_rcvr *rcvr;
964 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
965 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd))
971 int ipmi_register_for_cmd(ipmi_user_t user,
975 ipmi_smi_t intf = user->intf;
976 struct cmd_rcvr *rcvr;
977 struct cmd_rcvr *entry;
981 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
988 mutex_lock(&intf->cmd_rcvrs_mutex);
989 /* Make sure the command/netfn is not already registered. */
990 entry = find_cmd_rcvr(intf, netfn, cmd);
996 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
999 mutex_unlock(&intf->cmd_rcvrs_mutex);
1006 int ipmi_unregister_for_cmd(ipmi_user_t user,
1007 unsigned char netfn,
1010 ipmi_smi_t intf = user->intf;
1011 struct cmd_rcvr *rcvr;
1013 mutex_lock(&intf->cmd_rcvrs_mutex);
1014 /* Make sure the command/netfn is not already registered. */
1015 rcvr = find_cmd_rcvr(intf, netfn, cmd);
1016 if ((rcvr) && (rcvr->user == user)) {
1017 list_del_rcu(&rcvr->link);
1018 mutex_unlock(&intf->cmd_rcvrs_mutex);
1023 mutex_unlock(&intf->cmd_rcvrs_mutex);
1028 void ipmi_user_set_run_to_completion(ipmi_user_t user, int val)
1030 ipmi_smi_t intf = user->intf;
1031 intf->handlers->set_run_to_completion(intf->send_info, val);
1034 static unsigned char
1035 ipmb_checksum(unsigned char *data, int size)
1037 unsigned char csum = 0;
1039 for (; size > 0; size--, data++)
1045 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1046 struct kernel_ipmi_msg *msg,
1047 struct ipmi_ipmb_addr *ipmb_addr,
1049 unsigned char ipmb_seq,
1051 unsigned char source_address,
1052 unsigned char source_lun)
1056 /* Format the IPMB header data. */
1057 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1058 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1059 smi_msg->data[2] = ipmb_addr->channel;
1061 smi_msg->data[3] = 0;
1062 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1063 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1064 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
1065 smi_msg->data[i+6] = source_address;
1066 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1067 smi_msg->data[i+8] = msg->cmd;
1069 /* Now tack on the data to the message. */
1070 if (msg->data_len > 0)
1071 memcpy(&(smi_msg->data[i+9]), msg->data,
1073 smi_msg->data_size = msg->data_len + 9;
1075 /* Now calculate the checksum and tack it on. */
1076 smi_msg->data[i+smi_msg->data_size]
1077 = ipmb_checksum(&(smi_msg->data[i+6]),
1078 smi_msg->data_size-6);
1080 /* Add on the checksum size and the offset from the
1082 smi_msg->data_size += 1 + i;
1084 smi_msg->msgid = msgid;
1087 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1088 struct kernel_ipmi_msg *msg,
1089 struct ipmi_lan_addr *lan_addr,
1091 unsigned char ipmb_seq,
1092 unsigned char source_lun)
1094 /* Format the IPMB header data. */
1095 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1096 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1097 smi_msg->data[2] = lan_addr->channel;
1098 smi_msg->data[3] = lan_addr->session_handle;
1099 smi_msg->data[4] = lan_addr->remote_SWID;
1100 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1101 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
1102 smi_msg->data[7] = lan_addr->local_SWID;
1103 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1104 smi_msg->data[9] = msg->cmd;
1106 /* Now tack on the data to the message. */
1107 if (msg->data_len > 0)
1108 memcpy(&(smi_msg->data[10]), msg->data,
1110 smi_msg->data_size = msg->data_len + 10;
1112 /* Now calculate the checksum and tack it on. */
1113 smi_msg->data[smi_msg->data_size]
1114 = ipmb_checksum(&(smi_msg->data[7]),
1115 smi_msg->data_size-7);
1117 /* Add on the checksum size and the offset from the
1119 smi_msg->data_size += 1;
1121 smi_msg->msgid = msgid;
1124 /* Separate from ipmi_request so that the user does not have to be
1125 supplied in certain circumstances (mainly at panic time). If
1126 messages are supplied, they will be freed, even if an error
1128 static int i_ipmi_request(ipmi_user_t user,
1130 struct ipmi_addr *addr,
1132 struct kernel_ipmi_msg *msg,
1133 void *user_msg_data,
1135 struct ipmi_recv_msg *supplied_recv,
1137 unsigned char source_address,
1138 unsigned char source_lun,
1140 unsigned int retry_time_ms)
1143 struct ipmi_smi_msg *smi_msg;
1144 struct ipmi_recv_msg *recv_msg;
1145 unsigned long flags;
1148 if (supplied_recv) {
1149 recv_msg = supplied_recv;
1151 recv_msg = ipmi_alloc_recv_msg();
1152 if (recv_msg == NULL) {
1156 recv_msg->user_msg_data = user_msg_data;
1159 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
1161 smi_msg = ipmi_alloc_smi_msg();
1162 if (smi_msg == NULL) {
1163 ipmi_free_recv_msg(recv_msg);
1168 recv_msg->user = user;
1170 kref_get(&user->refcount);
1171 recv_msg->msgid = msgid;
1172 /* Store the message to send in the receive message so timeout
1173 responses can get the proper response data. */
1174 recv_msg->msg = *msg;
1176 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1177 struct ipmi_system_interface_addr *smi_addr;
1179 if (msg->netfn & 1) {
1180 /* Responses are not allowed to the SMI. */
1185 smi_addr = (struct ipmi_system_interface_addr *) addr;
1186 if (smi_addr->lun > 3) {
1187 spin_lock_irqsave(&intf->counter_lock, flags);
1188 intf->sent_invalid_commands++;
1189 spin_unlock_irqrestore(&intf->counter_lock, flags);
1194 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1196 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1197 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1198 || (msg->cmd == IPMI_GET_MSG_CMD)
1199 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD)))
1201 /* We don't let the user do these, since we manage
1202 the sequence numbers. */
1203 spin_lock_irqsave(&intf->counter_lock, flags);
1204 intf->sent_invalid_commands++;
1205 spin_unlock_irqrestore(&intf->counter_lock, flags);
1210 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1211 spin_lock_irqsave(&intf->counter_lock, flags);
1212 intf->sent_invalid_commands++;
1213 spin_unlock_irqrestore(&intf->counter_lock, flags);
1218 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1219 smi_msg->data[1] = msg->cmd;
1220 smi_msg->msgid = msgid;
1221 smi_msg->user_data = recv_msg;
1222 if (msg->data_len > 0)
1223 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1224 smi_msg->data_size = msg->data_len + 2;
1225 spin_lock_irqsave(&intf->counter_lock, flags);
1226 intf->sent_local_commands++;
1227 spin_unlock_irqrestore(&intf->counter_lock, flags);
1228 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
1229 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1231 struct ipmi_ipmb_addr *ipmb_addr;
1232 unsigned char ipmb_seq;
1236 if (addr->channel >= IPMI_MAX_CHANNELS) {
1237 spin_lock_irqsave(&intf->counter_lock, flags);
1238 intf->sent_invalid_commands++;
1239 spin_unlock_irqrestore(&intf->counter_lock, flags);
1244 if (intf->channels[addr->channel].medium
1245 != IPMI_CHANNEL_MEDIUM_IPMB)
1247 spin_lock_irqsave(&intf->counter_lock, flags);
1248 intf->sent_invalid_commands++;
1249 spin_unlock_irqrestore(&intf->counter_lock, flags);
1255 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1256 retries = 0; /* Don't retry broadcasts. */
1260 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1261 /* Broadcasts add a zero at the beginning of the
1262 message, but otherwise is the same as an IPMB
1264 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1269 /* Default to 1 second retries. */
1270 if (retry_time_ms == 0)
1271 retry_time_ms = 1000;
1273 /* 9 for the header and 1 for the checksum, plus
1274 possibly one for the broadcast. */
1275 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1276 spin_lock_irqsave(&intf->counter_lock, flags);
1277 intf->sent_invalid_commands++;
1278 spin_unlock_irqrestore(&intf->counter_lock, flags);
1283 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1284 if (ipmb_addr->lun > 3) {
1285 spin_lock_irqsave(&intf->counter_lock, flags);
1286 intf->sent_invalid_commands++;
1287 spin_unlock_irqrestore(&intf->counter_lock, flags);
1292 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1294 if (recv_msg->msg.netfn & 0x1) {
1295 /* It's a response, so use the user's sequence
1297 spin_lock_irqsave(&intf->counter_lock, flags);
1298 intf->sent_ipmb_responses++;
1299 spin_unlock_irqrestore(&intf->counter_lock, flags);
1300 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1302 source_address, source_lun);
1304 /* Save the receive message so we can use it
1305 to deliver the response. */
1306 smi_msg->user_data = recv_msg;
1308 /* It's a command, so get a sequence for it. */
1310 spin_lock_irqsave(&(intf->seq_lock), flags);
1312 spin_lock(&intf->counter_lock);
1313 intf->sent_ipmb_commands++;
1314 spin_unlock(&intf->counter_lock);
1316 /* Create a sequence number with a 1 second
1317 timeout and 4 retries. */
1318 rv = intf_next_seq(intf,
1326 /* We have used up all the sequence numbers,
1327 probably, so abort. */
1328 spin_unlock_irqrestore(&(intf->seq_lock),
1333 /* Store the sequence number in the message,
1334 so that when the send message response
1335 comes back we can start the timer. */
1336 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1337 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1338 ipmb_seq, broadcast,
1339 source_address, source_lun);
1341 /* Copy the message into the recv message data, so we
1342 can retransmit it later if necessary. */
1343 memcpy(recv_msg->msg_data, smi_msg->data,
1344 smi_msg->data_size);
1345 recv_msg->msg.data = recv_msg->msg_data;
1346 recv_msg->msg.data_len = smi_msg->data_size;
1348 /* We don't unlock until here, because we need
1349 to copy the completed message into the
1350 recv_msg before we release the lock.
1351 Otherwise, race conditions may bite us. I
1352 know that's pretty paranoid, but I prefer
1354 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1356 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
1357 struct ipmi_lan_addr *lan_addr;
1358 unsigned char ipmb_seq;
1361 if (addr->channel >= IPMI_MAX_CHANNELS) {
1362 spin_lock_irqsave(&intf->counter_lock, flags);
1363 intf->sent_invalid_commands++;
1364 spin_unlock_irqrestore(&intf->counter_lock, flags);
1369 if ((intf->channels[addr->channel].medium
1370 != IPMI_CHANNEL_MEDIUM_8023LAN)
1371 && (intf->channels[addr->channel].medium
1372 != IPMI_CHANNEL_MEDIUM_ASYNC))
1374 spin_lock_irqsave(&intf->counter_lock, flags);
1375 intf->sent_invalid_commands++;
1376 spin_unlock_irqrestore(&intf->counter_lock, flags);
1383 /* Default to 1 second retries. */
1384 if (retry_time_ms == 0)
1385 retry_time_ms = 1000;
1387 /* 11 for the header and 1 for the checksum. */
1388 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1389 spin_lock_irqsave(&intf->counter_lock, flags);
1390 intf->sent_invalid_commands++;
1391 spin_unlock_irqrestore(&intf->counter_lock, flags);
1396 lan_addr = (struct ipmi_lan_addr *) addr;
1397 if (lan_addr->lun > 3) {
1398 spin_lock_irqsave(&intf->counter_lock, flags);
1399 intf->sent_invalid_commands++;
1400 spin_unlock_irqrestore(&intf->counter_lock, flags);
1405 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1407 if (recv_msg->msg.netfn & 0x1) {
1408 /* It's a response, so use the user's sequence
1410 spin_lock_irqsave(&intf->counter_lock, flags);
1411 intf->sent_lan_responses++;
1412 spin_unlock_irqrestore(&intf->counter_lock, flags);
1413 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1416 /* Save the receive message so we can use it
1417 to deliver the response. */
1418 smi_msg->user_data = recv_msg;
1420 /* It's a command, so get a sequence for it. */
1422 spin_lock_irqsave(&(intf->seq_lock), flags);
1424 spin_lock(&intf->counter_lock);
1425 intf->sent_lan_commands++;
1426 spin_unlock(&intf->counter_lock);
1428 /* Create a sequence number with a 1 second
1429 timeout and 4 retries. */
1430 rv = intf_next_seq(intf,
1438 /* We have used up all the sequence numbers,
1439 probably, so abort. */
1440 spin_unlock_irqrestore(&(intf->seq_lock),
1445 /* Store the sequence number in the message,
1446 so that when the send message response
1447 comes back we can start the timer. */
1448 format_lan_msg(smi_msg, msg, lan_addr,
1449 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1450 ipmb_seq, source_lun);
1452 /* Copy the message into the recv message data, so we
1453 can retransmit it later if necessary. */
1454 memcpy(recv_msg->msg_data, smi_msg->data,
1455 smi_msg->data_size);
1456 recv_msg->msg.data = recv_msg->msg_data;
1457 recv_msg->msg.data_len = smi_msg->data_size;
1459 /* We don't unlock until here, because we need
1460 to copy the completed message into the
1461 recv_msg before we release the lock.
1462 Otherwise, race conditions may bite us. I
1463 know that's pretty paranoid, but I prefer
1465 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1468 /* Unknown address type. */
1469 spin_lock_irqsave(&intf->counter_lock, flags);
1470 intf->sent_invalid_commands++;
1471 spin_unlock_irqrestore(&intf->counter_lock, flags);
1479 for (m = 0; m < smi_msg->data_size; m++)
1480 printk(" %2.2x", smi_msg->data[m]);
1484 intf->handlers->sender(intf->send_info, smi_msg, priority);
1489 ipmi_free_smi_msg(smi_msg);
1490 ipmi_free_recv_msg(recv_msg);
1494 static int check_addr(ipmi_smi_t intf,
1495 struct ipmi_addr *addr,
1496 unsigned char *saddr,
1499 if (addr->channel >= IPMI_MAX_CHANNELS)
1501 *lun = intf->channels[addr->channel].lun;
1502 *saddr = intf->channels[addr->channel].address;
1506 int ipmi_request_settime(ipmi_user_t user,
1507 struct ipmi_addr *addr,
1509 struct kernel_ipmi_msg *msg,
1510 void *user_msg_data,
1513 unsigned int retry_time_ms)
1515 unsigned char saddr, lun;
1520 rv = check_addr(user->intf, addr, &saddr, &lun);
1523 return i_ipmi_request(user,
1537 int ipmi_request_supply_msgs(ipmi_user_t user,
1538 struct ipmi_addr *addr,
1540 struct kernel_ipmi_msg *msg,
1541 void *user_msg_data,
1543 struct ipmi_recv_msg *supplied_recv,
1546 unsigned char saddr, lun;
1551 rv = check_addr(user->intf, addr, &saddr, &lun);
1554 return i_ipmi_request(user,
1568 static int ipmb_file_read_proc(char *page, char **start, off_t off,
1569 int count, int *eof, void *data)
1571 char *out = (char *) page;
1572 ipmi_smi_t intf = data;
1576 for (i = 0; i < IPMI_MAX_CHANNELS; i++)
1577 rv += sprintf(out+rv, "%x ", intf->channels[i].address);
1578 out[rv-1] = '\n'; /* Replace the final space with a newline */
1584 static int version_file_read_proc(char *page, char **start, off_t off,
1585 int count, int *eof, void *data)
1587 char *out = (char *) page;
1588 ipmi_smi_t intf = data;
1590 return sprintf(out, "%d.%d\n",
1591 ipmi_version_major(&intf->bmc->id),
1592 ipmi_version_minor(&intf->bmc->id));
1595 static int stat_file_read_proc(char *page, char **start, off_t off,
1596 int count, int *eof, void *data)
1598 char *out = (char *) page;
1599 ipmi_smi_t intf = data;
1601 out += sprintf(out, "sent_invalid_commands: %d\n",
1602 intf->sent_invalid_commands);
1603 out += sprintf(out, "sent_local_commands: %d\n",
1604 intf->sent_local_commands);
1605 out += sprintf(out, "handled_local_responses: %d\n",
1606 intf->handled_local_responses);
1607 out += sprintf(out, "unhandled_local_responses: %d\n",
1608 intf->unhandled_local_responses);
1609 out += sprintf(out, "sent_ipmb_commands: %d\n",
1610 intf->sent_ipmb_commands);
1611 out += sprintf(out, "sent_ipmb_command_errs: %d\n",
1612 intf->sent_ipmb_command_errs);
1613 out += sprintf(out, "retransmitted_ipmb_commands: %d\n",
1614 intf->retransmitted_ipmb_commands);
1615 out += sprintf(out, "timed_out_ipmb_commands: %d\n",
1616 intf->timed_out_ipmb_commands);
1617 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n",
1618 intf->timed_out_ipmb_broadcasts);
1619 out += sprintf(out, "sent_ipmb_responses: %d\n",
1620 intf->sent_ipmb_responses);
1621 out += sprintf(out, "handled_ipmb_responses: %d\n",
1622 intf->handled_ipmb_responses);
1623 out += sprintf(out, "invalid_ipmb_responses: %d\n",
1624 intf->invalid_ipmb_responses);
1625 out += sprintf(out, "unhandled_ipmb_responses: %d\n",
1626 intf->unhandled_ipmb_responses);
1627 out += sprintf(out, "sent_lan_commands: %d\n",
1628 intf->sent_lan_commands);
1629 out += sprintf(out, "sent_lan_command_errs: %d\n",
1630 intf->sent_lan_command_errs);
1631 out += sprintf(out, "retransmitted_lan_commands: %d\n",
1632 intf->retransmitted_lan_commands);
1633 out += sprintf(out, "timed_out_lan_commands: %d\n",
1634 intf->timed_out_lan_commands);
1635 out += sprintf(out, "sent_lan_responses: %d\n",
1636 intf->sent_lan_responses);
1637 out += sprintf(out, "handled_lan_responses: %d\n",
1638 intf->handled_lan_responses);
1639 out += sprintf(out, "invalid_lan_responses: %d\n",
1640 intf->invalid_lan_responses);
1641 out += sprintf(out, "unhandled_lan_responses: %d\n",
1642 intf->unhandled_lan_responses);
1643 out += sprintf(out, "handled_commands: %d\n",
1644 intf->handled_commands);
1645 out += sprintf(out, "invalid_commands: %d\n",
1646 intf->invalid_commands);
1647 out += sprintf(out, "unhandled_commands: %d\n",
1648 intf->unhandled_commands);
1649 out += sprintf(out, "invalid_events: %d\n",
1650 intf->invalid_events);
1651 out += sprintf(out, "events: %d\n",
1654 return (out - ((char *) page));
1657 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1658 read_proc_t *read_proc, write_proc_t *write_proc,
1659 void *data, struct module *owner)
1662 #ifdef CONFIG_PROC_FS
1663 struct proc_dir_entry *file;
1664 struct ipmi_proc_entry *entry;
1666 /* Create a list element. */
1667 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
1670 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
1675 strcpy(entry->name, name);
1677 file = create_proc_entry(name, 0, smi->proc_dir);
1685 file->read_proc = read_proc;
1686 file->write_proc = write_proc;
1687 file->owner = owner;
1689 spin_lock(&smi->proc_entry_lock);
1690 /* Stick it on the list. */
1691 entry->next = smi->proc_entries;
1692 smi->proc_entries = entry;
1693 spin_unlock(&smi->proc_entry_lock);
1695 #endif /* CONFIG_PROC_FS */
1700 static int add_proc_entries(ipmi_smi_t smi, int num)
1704 #ifdef CONFIG_PROC_FS
1705 sprintf(smi->proc_dir_name, "%d", num);
1706 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
1710 smi->proc_dir->owner = THIS_MODULE;
1714 rv = ipmi_smi_add_proc_entry(smi, "stats",
1715 stat_file_read_proc, NULL,
1719 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
1720 ipmb_file_read_proc, NULL,
1724 rv = ipmi_smi_add_proc_entry(smi, "version",
1725 version_file_read_proc, NULL,
1727 #endif /* CONFIG_PROC_FS */
1732 static void remove_proc_entries(ipmi_smi_t smi)
1734 #ifdef CONFIG_PROC_FS
1735 struct ipmi_proc_entry *entry;
1737 spin_lock(&smi->proc_entry_lock);
1738 while (smi->proc_entries) {
1739 entry = smi->proc_entries;
1740 smi->proc_entries = entry->next;
1742 remove_proc_entry(entry->name, smi->proc_dir);
1746 spin_unlock(&smi->proc_entry_lock);
1747 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
1748 #endif /* CONFIG_PROC_FS */
1751 static int __find_bmc_guid(struct device *dev, void *data)
1753 unsigned char *id = data;
1754 struct bmc_device *bmc = dev_get_drvdata(dev);
1755 return memcmp(bmc->guid, id, 16) == 0;
1758 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv,
1759 unsigned char *guid)
1763 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid);
1765 return dev_get_drvdata(dev);
1770 struct prod_dev_id {
1771 unsigned int product_id;
1772 unsigned char device_id;
1775 static int __find_bmc_prod_dev_id(struct device *dev, void *data)
1777 struct prod_dev_id *id = data;
1778 struct bmc_device *bmc = dev_get_drvdata(dev);
1780 return (bmc->id.product_id == id->product_id
1781 && bmc->id.product_id == id->product_id
1782 && bmc->id.device_id == id->device_id);
1785 static struct bmc_device *ipmi_find_bmc_prod_dev_id(
1786 struct device_driver *drv,
1787 unsigned char product_id, unsigned char device_id)
1789 struct prod_dev_id id = {
1790 .product_id = product_id,
1791 .device_id = device_id,
1795 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id);
1797 return dev_get_drvdata(dev);
1802 static ssize_t device_id_show(struct device *dev,
1803 struct device_attribute *attr,
1806 struct bmc_device *bmc = dev_get_drvdata(dev);
1808 return snprintf(buf, 10, "%u\n", bmc->id.device_id);
1811 static ssize_t provides_dev_sdrs_show(struct device *dev,
1812 struct device_attribute *attr,
1815 struct bmc_device *bmc = dev_get_drvdata(dev);
1817 return snprintf(buf, 10, "%u\n",
1818 bmc->id.device_revision && 0x80 >> 7);
1821 static ssize_t revision_show(struct device *dev, struct device_attribute *attr,
1824 struct bmc_device *bmc = dev_get_drvdata(dev);
1826 return snprintf(buf, 20, "%u\n",
1827 bmc->id.device_revision && 0x0F);
1830 static ssize_t firmware_rev_show(struct device *dev,
1831 struct device_attribute *attr,
1834 struct bmc_device *bmc = dev_get_drvdata(dev);
1836 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1,
1837 bmc->id.firmware_revision_2);
1840 static ssize_t ipmi_version_show(struct device *dev,
1841 struct device_attribute *attr,
1844 struct bmc_device *bmc = dev_get_drvdata(dev);
1846 return snprintf(buf, 20, "%u.%u\n",
1847 ipmi_version_major(&bmc->id),
1848 ipmi_version_minor(&bmc->id));
1851 static ssize_t add_dev_support_show(struct device *dev,
1852 struct device_attribute *attr,
1855 struct bmc_device *bmc = dev_get_drvdata(dev);
1857 return snprintf(buf, 10, "0x%02x\n",
1858 bmc->id.additional_device_support);
1861 static ssize_t manufacturer_id_show(struct device *dev,
1862 struct device_attribute *attr,
1865 struct bmc_device *bmc = dev_get_drvdata(dev);
1867 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id);
1870 static ssize_t product_id_show(struct device *dev,
1871 struct device_attribute *attr,
1874 struct bmc_device *bmc = dev_get_drvdata(dev);
1876 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id);
1879 static ssize_t aux_firmware_rev_show(struct device *dev,
1880 struct device_attribute *attr,
1883 struct bmc_device *bmc = dev_get_drvdata(dev);
1885 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n",
1886 bmc->id.aux_firmware_revision[3],
1887 bmc->id.aux_firmware_revision[2],
1888 bmc->id.aux_firmware_revision[1],
1889 bmc->id.aux_firmware_revision[0]);
1892 static ssize_t guid_show(struct device *dev, struct device_attribute *attr,
1895 struct bmc_device *bmc = dev_get_drvdata(dev);
1897 return snprintf(buf, 100, "%Lx%Lx\n",
1898 (long long) bmc->guid[0],
1899 (long long) bmc->guid[8]);
1903 cleanup_bmc_device(struct kref *ref)
1905 struct bmc_device *bmc;
1907 bmc = container_of(ref, struct bmc_device, refcount);
1909 device_remove_file(&bmc->dev->dev,
1910 &bmc->device_id_attr);
1911 device_remove_file(&bmc->dev->dev,
1912 &bmc->provides_dev_sdrs_attr);
1913 device_remove_file(&bmc->dev->dev,
1914 &bmc->revision_attr);
1915 device_remove_file(&bmc->dev->dev,
1916 &bmc->firmware_rev_attr);
1917 device_remove_file(&bmc->dev->dev,
1918 &bmc->version_attr);
1919 device_remove_file(&bmc->dev->dev,
1920 &bmc->add_dev_support_attr);
1921 device_remove_file(&bmc->dev->dev,
1922 &bmc->manufacturer_id_attr);
1923 device_remove_file(&bmc->dev->dev,
1924 &bmc->product_id_attr);
1925 if (bmc->id.aux_firmware_revision_set)
1926 device_remove_file(&bmc->dev->dev,
1927 &bmc->aux_firmware_rev_attr);
1929 device_remove_file(&bmc->dev->dev,
1931 platform_device_unregister(bmc->dev);
1935 static void ipmi_bmc_unregister(ipmi_smi_t intf)
1937 struct bmc_device *bmc = intf->bmc;
1939 sysfs_remove_link(&intf->si_dev->kobj, "bmc");
1940 if (intf->my_dev_name) {
1941 sysfs_remove_link(&bmc->dev->dev.kobj, intf->my_dev_name);
1942 kfree(intf->my_dev_name);
1943 intf->my_dev_name = NULL;
1946 mutex_lock(&ipmidriver_mutex);
1947 kref_put(&bmc->refcount, cleanup_bmc_device);
1948 mutex_unlock(&ipmidriver_mutex);
1951 static int ipmi_bmc_register(ipmi_smi_t intf)
1954 struct bmc_device *bmc = intf->bmc;
1955 struct bmc_device *old_bmc;
1959 mutex_lock(&ipmidriver_mutex);
1962 * Try to find if there is an bmc_device struct
1963 * representing the interfaced BMC already
1966 old_bmc = ipmi_find_bmc_guid(&ipmidriver, bmc->guid);
1968 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver,
1973 * If there is already an bmc_device, free the new one,
1974 * otherwise register the new BMC device
1978 intf->bmc = old_bmc;
1981 kref_get(&bmc->refcount);
1982 mutex_unlock(&ipmidriver_mutex);
1985 "ipmi: interfacing existing BMC (man_id: 0x%6.6x,"
1986 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
1987 bmc->id.manufacturer_id,
1991 bmc->dev = platform_device_alloc("ipmi_bmc",
1996 " Unable to allocate platform device\n");
1999 bmc->dev->dev.driver = &ipmidriver;
2000 dev_set_drvdata(&bmc->dev->dev, bmc);
2001 kref_init(&bmc->refcount);
2003 rv = platform_device_register(bmc->dev);
2004 mutex_unlock(&ipmidriver_mutex);
2008 " Unable to register bmc device: %d\n",
2010 /* Don't go to out_err, you can only do that if
2011 the device is registered already. */
2015 bmc->device_id_attr.attr.name = "device_id";
2016 bmc->device_id_attr.attr.owner = THIS_MODULE;
2017 bmc->device_id_attr.attr.mode = S_IRUGO;
2018 bmc->device_id_attr.show = device_id_show;
2020 bmc->provides_dev_sdrs_attr.attr.name = "provides_device_sdrs";
2021 bmc->provides_dev_sdrs_attr.attr.owner = THIS_MODULE;
2022 bmc->provides_dev_sdrs_attr.attr.mode = S_IRUGO;
2023 bmc->provides_dev_sdrs_attr.show = provides_dev_sdrs_show;
2026 bmc->revision_attr.attr.name = "revision";
2027 bmc->revision_attr.attr.owner = THIS_MODULE;
2028 bmc->revision_attr.attr.mode = S_IRUGO;
2029 bmc->revision_attr.show = revision_show;
2031 bmc->firmware_rev_attr.attr.name = "firmware_revision";
2032 bmc->firmware_rev_attr.attr.owner = THIS_MODULE;
2033 bmc->firmware_rev_attr.attr.mode = S_IRUGO;
2034 bmc->firmware_rev_attr.show = firmware_rev_show;
2036 bmc->version_attr.attr.name = "ipmi_version";
2037 bmc->version_attr.attr.owner = THIS_MODULE;
2038 bmc->version_attr.attr.mode = S_IRUGO;
2039 bmc->version_attr.show = ipmi_version_show;
2041 bmc->add_dev_support_attr.attr.name
2042 = "additional_device_support";
2043 bmc->add_dev_support_attr.attr.owner = THIS_MODULE;
2044 bmc->add_dev_support_attr.attr.mode = S_IRUGO;
2045 bmc->add_dev_support_attr.show = add_dev_support_show;
2047 bmc->manufacturer_id_attr.attr.name = "manufacturer_id";
2048 bmc->manufacturer_id_attr.attr.owner = THIS_MODULE;
2049 bmc->manufacturer_id_attr.attr.mode = S_IRUGO;
2050 bmc->manufacturer_id_attr.show = manufacturer_id_show;
2052 bmc->product_id_attr.attr.name = "product_id";
2053 bmc->product_id_attr.attr.owner = THIS_MODULE;
2054 bmc->product_id_attr.attr.mode = S_IRUGO;
2055 bmc->product_id_attr.show = product_id_show;
2057 bmc->guid_attr.attr.name = "guid";
2058 bmc->guid_attr.attr.owner = THIS_MODULE;
2059 bmc->guid_attr.attr.mode = S_IRUGO;
2060 bmc->guid_attr.show = guid_show;
2062 bmc->aux_firmware_rev_attr.attr.name = "aux_firmware_revision";
2063 bmc->aux_firmware_rev_attr.attr.owner = THIS_MODULE;
2064 bmc->aux_firmware_rev_attr.attr.mode = S_IRUGO;
2065 bmc->aux_firmware_rev_attr.show = aux_firmware_rev_show;
2067 device_create_file(&bmc->dev->dev,
2068 &bmc->device_id_attr);
2069 device_create_file(&bmc->dev->dev,
2070 &bmc->provides_dev_sdrs_attr);
2071 device_create_file(&bmc->dev->dev,
2072 &bmc->revision_attr);
2073 device_create_file(&bmc->dev->dev,
2074 &bmc->firmware_rev_attr);
2075 device_create_file(&bmc->dev->dev,
2076 &bmc->version_attr);
2077 device_create_file(&bmc->dev->dev,
2078 &bmc->add_dev_support_attr);
2079 device_create_file(&bmc->dev->dev,
2080 &bmc->manufacturer_id_attr);
2081 device_create_file(&bmc->dev->dev,
2082 &bmc->product_id_attr);
2083 if (bmc->id.aux_firmware_revision_set)
2084 device_create_file(&bmc->dev->dev,
2085 &bmc->aux_firmware_rev_attr);
2087 device_create_file(&bmc->dev->dev,
2091 "ipmi: Found new BMC (man_id: 0x%6.6x, "
2092 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2093 bmc->id.manufacturer_id,
2099 * create symlink from system interface device to bmc device
2102 rv = sysfs_create_link(&intf->si_dev->kobj,
2103 &bmc->dev->dev.kobj, "bmc");
2106 "ipmi_msghandler: Unable to create bmc symlink: %d\n",
2111 size = snprintf(dummy, 0, "ipmi%d", intf->intf_num);
2112 intf->my_dev_name = kmalloc(size+1, GFP_KERNEL);
2113 if (!intf->my_dev_name) {
2116 "ipmi_msghandler: allocate link from BMC: %d\n",
2120 snprintf(intf->my_dev_name, size+1, "ipmi%d", intf->intf_num);
2122 rv = sysfs_create_link(&bmc->dev->dev.kobj, &intf->si_dev->kobj,
2125 kfree(intf->my_dev_name);
2126 intf->my_dev_name = NULL;
2129 " Unable to create symlink to bmc: %d\n",
2137 ipmi_bmc_unregister(intf);
2142 send_guid_cmd(ipmi_smi_t intf, int chan)
2144 struct kernel_ipmi_msg msg;
2145 struct ipmi_system_interface_addr si;
2147 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2148 si.channel = IPMI_BMC_CHANNEL;
2151 msg.netfn = IPMI_NETFN_APP_REQUEST;
2152 msg.cmd = IPMI_GET_DEVICE_GUID_CMD;
2155 return i_ipmi_request(NULL,
2157 (struct ipmi_addr *) &si,
2164 intf->channels[0].address,
2165 intf->channels[0].lun,
2170 guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
2172 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2173 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
2174 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD))
2178 if (msg->msg.data[0] != 0) {
2179 /* Error from getting the GUID, the BMC doesn't have one. */
2180 intf->bmc->guid_set = 0;
2184 if (msg->msg.data_len < 17) {
2185 intf->bmc->guid_set = 0;
2186 printk(KERN_WARNING PFX
2187 "guid_handler: The GUID response from the BMC was too"
2188 " short, it was %d but should have been 17. Assuming"
2189 " GUID is not available.\n",
2194 memcpy(intf->bmc->guid, msg->msg.data, 16);
2195 intf->bmc->guid_set = 1;
2197 wake_up(&intf->waitq);
2201 get_guid(ipmi_smi_t intf)
2205 intf->bmc->guid_set = 0x2;
2206 intf->null_user_handler = guid_handler;
2207 rv = send_guid_cmd(intf, 0);
2209 /* Send failed, no GUID available. */
2210 intf->bmc->guid_set = 0;
2211 wait_event(intf->waitq, intf->bmc->guid_set != 2);
2212 intf->null_user_handler = NULL;
2216 send_channel_info_cmd(ipmi_smi_t intf, int chan)
2218 struct kernel_ipmi_msg msg;
2219 unsigned char data[1];
2220 struct ipmi_system_interface_addr si;
2222 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2223 si.channel = IPMI_BMC_CHANNEL;
2226 msg.netfn = IPMI_NETFN_APP_REQUEST;
2227 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
2231 return i_ipmi_request(NULL,
2233 (struct ipmi_addr *) &si,
2240 intf->channels[0].address,
2241 intf->channels[0].lun,
2246 channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
2251 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2252 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
2253 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD))
2255 /* It's the one we want */
2256 if (msg->msg.data[0] != 0) {
2257 /* Got an error from the channel, just go on. */
2259 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
2260 /* If the MC does not support this
2261 command, that is legal. We just
2262 assume it has one IPMB at channel
2264 intf->channels[0].medium
2265 = IPMI_CHANNEL_MEDIUM_IPMB;
2266 intf->channels[0].protocol
2267 = IPMI_CHANNEL_PROTOCOL_IPMB;
2270 intf->curr_channel = IPMI_MAX_CHANNELS;
2271 wake_up(&intf->waitq);
2276 if (msg->msg.data_len < 4) {
2277 /* Message not big enough, just go on. */
2280 chan = intf->curr_channel;
2281 intf->channels[chan].medium = msg->msg.data[2] & 0x7f;
2282 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f;
2285 intf->curr_channel++;
2286 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
2287 wake_up(&intf->waitq);
2289 rv = send_channel_info_cmd(intf, intf->curr_channel);
2292 /* Got an error somehow, just give up. */
2293 intf->curr_channel = IPMI_MAX_CHANNELS;
2294 wake_up(&intf->waitq);
2296 printk(KERN_WARNING PFX
2297 "Error sending channel information: %d\n",
2305 int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
2307 struct ipmi_device_id *device_id,
2308 struct device *si_dev,
2309 unsigned char slave_addr)
2314 unsigned long flags;
2318 version_major = ipmi_version_major(device_id);
2319 version_minor = ipmi_version_minor(device_id);
2321 /* Make sure the driver is actually initialized, this handles
2322 problems with initialization order. */
2324 rv = ipmi_init_msghandler();
2327 /* The init code doesn't return an error if it was turned
2328 off, but it won't initialize. Check that. */
2333 intf = kmalloc(sizeof(*intf), GFP_KERNEL);
2336 memset(intf, 0, sizeof(*intf));
2337 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL);
2342 intf->intf_num = -1;
2343 kref_init(&intf->refcount);
2344 intf->bmc->id = *device_id;
2345 intf->si_dev = si_dev;
2346 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
2347 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR;
2348 intf->channels[j].lun = 2;
2350 if (slave_addr != 0)
2351 intf->channels[0].address = slave_addr;
2352 INIT_LIST_HEAD(&intf->users);
2353 intf->handlers = handlers;
2354 intf->send_info = send_info;
2355 spin_lock_init(&intf->seq_lock);
2356 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
2357 intf->seq_table[j].inuse = 0;
2358 intf->seq_table[j].seqid = 0;
2361 #ifdef CONFIG_PROC_FS
2362 spin_lock_init(&intf->proc_entry_lock);
2364 spin_lock_init(&intf->waiting_msgs_lock);
2365 INIT_LIST_HEAD(&intf->waiting_msgs);
2366 spin_lock_init(&intf->events_lock);
2367 INIT_LIST_HEAD(&intf->waiting_events);
2368 intf->waiting_events_count = 0;
2369 mutex_init(&intf->cmd_rcvrs_mutex);
2370 INIT_LIST_HEAD(&intf->cmd_rcvrs);
2371 init_waitqueue_head(&intf->waitq);
2373 spin_lock_init(&intf->counter_lock);
2374 intf->proc_dir = NULL;
2377 spin_lock_irqsave(&interfaces_lock, flags);
2378 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
2379 if (ipmi_interfaces[i] == NULL) {
2381 /* Reserve the entry till we are done. */
2382 ipmi_interfaces[i] = IPMI_INVALID_INTERFACE_ENTRY;
2387 spin_unlock_irqrestore(&interfaces_lock, flags);
2391 rv = handlers->start_processing(send_info, intf);
2397 if ((version_major > 1)
2398 || ((version_major == 1) && (version_minor >= 5)))
2400 /* Start scanning the channels to see what is
2402 intf->null_user_handler = channel_handler;
2403 intf->curr_channel = 0;
2404 rv = send_channel_info_cmd(intf, 0);
2408 /* Wait for the channel info to be read. */
2409 wait_event(intf->waitq,
2410 intf->curr_channel >= IPMI_MAX_CHANNELS);
2411 intf->null_user_handler = NULL;
2413 /* Assume a single IPMB channel at zero. */
2414 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
2415 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
2419 rv = add_proc_entries(intf, i);
2421 rv = ipmi_bmc_register(intf);
2426 remove_proc_entries(intf);
2427 kref_put(&intf->refcount, intf_free);
2428 if (i < MAX_IPMI_INTERFACES) {
2429 spin_lock_irqsave(&interfaces_lock, flags);
2430 ipmi_interfaces[i] = NULL;
2431 spin_unlock_irqrestore(&interfaces_lock, flags);
2434 spin_lock_irqsave(&interfaces_lock, flags);
2435 ipmi_interfaces[i] = intf;
2436 spin_unlock_irqrestore(&interfaces_lock, flags);
2437 call_smi_watchers(i, intf->si_dev);
2443 int ipmi_unregister_smi(ipmi_smi_t intf)
2446 struct ipmi_smi_watcher *w;
2447 unsigned long flags;
2449 ipmi_bmc_unregister(intf);
2451 spin_lock_irqsave(&interfaces_lock, flags);
2452 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
2453 if (ipmi_interfaces[i] == intf) {
2454 /* Set the interface number reserved until we
2456 ipmi_interfaces[i] = IPMI_INVALID_INTERFACE_ENTRY;
2457 intf->intf_num = -1;
2461 spin_unlock_irqrestore(&interfaces_lock,flags);
2463 if (i == MAX_IPMI_INTERFACES)
2466 remove_proc_entries(intf);
2468 /* Call all the watcher interfaces to tell them that
2469 an interface is gone. */
2470 down_read(&smi_watchers_sem);
2471 list_for_each_entry(w, &smi_watchers, link)
2473 up_read(&smi_watchers_sem);
2475 /* Allow the entry to be reused now. */
2476 spin_lock_irqsave(&interfaces_lock, flags);
2477 ipmi_interfaces[i] = NULL;
2478 spin_unlock_irqrestore(&interfaces_lock,flags);
2480 kref_put(&intf->refcount, intf_free);
2484 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
2485 struct ipmi_smi_msg *msg)
2487 struct ipmi_ipmb_addr ipmb_addr;
2488 struct ipmi_recv_msg *recv_msg;
2489 unsigned long flags;
2492 /* This is 11, not 10, because the response must contain a
2493 * completion code. */
2494 if (msg->rsp_size < 11) {
2495 /* Message not big enough, just ignore it. */
2496 spin_lock_irqsave(&intf->counter_lock, flags);
2497 intf->invalid_ipmb_responses++;
2498 spin_unlock_irqrestore(&intf->counter_lock, flags);
2502 if (msg->rsp[2] != 0) {
2503 /* An error getting the response, just ignore it. */
2507 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
2508 ipmb_addr.slave_addr = msg->rsp[6];
2509 ipmb_addr.channel = msg->rsp[3] & 0x0f;
2510 ipmb_addr.lun = msg->rsp[7] & 3;
2512 /* It's a response from a remote entity. Look up the sequence
2513 number and handle the response. */
2514 if (intf_find_seq(intf,
2518 (msg->rsp[4] >> 2) & (~1),
2519 (struct ipmi_addr *) &(ipmb_addr),
2522 /* We were unable to find the sequence number,
2523 so just nuke the message. */
2524 spin_lock_irqsave(&intf->counter_lock, flags);
2525 intf->unhandled_ipmb_responses++;
2526 spin_unlock_irqrestore(&intf->counter_lock, flags);
2530 memcpy(recv_msg->msg_data,
2533 /* THe other fields matched, so no need to set them, except
2534 for netfn, which needs to be the response that was
2535 returned, not the request value. */
2536 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2537 recv_msg->msg.data = recv_msg->msg_data;
2538 recv_msg->msg.data_len = msg->rsp_size - 10;
2539 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2540 spin_lock_irqsave(&intf->counter_lock, flags);
2541 intf->handled_ipmb_responses++;
2542 spin_unlock_irqrestore(&intf->counter_lock, flags);
2543 deliver_response(recv_msg);
2548 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
2549 struct ipmi_smi_msg *msg)
2551 struct cmd_rcvr *rcvr;
2553 unsigned char netfn;
2555 ipmi_user_t user = NULL;
2556 struct ipmi_ipmb_addr *ipmb_addr;
2557 struct ipmi_recv_msg *recv_msg;
2558 unsigned long flags;
2560 if (msg->rsp_size < 10) {
2561 /* Message not big enough, just ignore it. */
2562 spin_lock_irqsave(&intf->counter_lock, flags);
2563 intf->invalid_commands++;
2564 spin_unlock_irqrestore(&intf->counter_lock, flags);
2568 if (msg->rsp[2] != 0) {
2569 /* An error getting the response, just ignore it. */
2573 netfn = msg->rsp[4] >> 2;
2577 rcvr = find_cmd_rcvr(intf, netfn, cmd);
2580 kref_get(&user->refcount);
2586 /* We didn't find a user, deliver an error response. */
2587 spin_lock_irqsave(&intf->counter_lock, flags);
2588 intf->unhandled_commands++;
2589 spin_unlock_irqrestore(&intf->counter_lock, flags);
2591 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
2592 msg->data[1] = IPMI_SEND_MSG_CMD;
2593 msg->data[2] = msg->rsp[3];
2594 msg->data[3] = msg->rsp[6];
2595 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
2596 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
2597 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address;
2599 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
2600 msg->data[8] = msg->rsp[8]; /* cmd */
2601 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
2602 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
2603 msg->data_size = 11;
2608 printk("Invalid command:");
2609 for (m = 0; m < msg->data_size; m++)
2610 printk(" %2.2x", msg->data[m]);
2614 intf->handlers->sender(intf->send_info, msg, 0);
2616 rv = -1; /* We used the message, so return the value that
2617 causes it to not be freed or queued. */
2619 /* Deliver the message to the user. */
2620 spin_lock_irqsave(&intf->counter_lock, flags);
2621 intf->handled_commands++;
2622 spin_unlock_irqrestore(&intf->counter_lock, flags);
2624 recv_msg = ipmi_alloc_recv_msg();
2626 /* We couldn't allocate memory for the
2627 message, so requeue it for handling
2630 kref_put(&user->refcount, free_user);
2632 /* Extract the source address from the data. */
2633 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
2634 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
2635 ipmb_addr->slave_addr = msg->rsp[6];
2636 ipmb_addr->lun = msg->rsp[7] & 3;
2637 ipmb_addr->channel = msg->rsp[3] & 0xf;
2639 /* Extract the rest of the message information
2640 from the IPMB header.*/
2641 recv_msg->user = user;
2642 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2643 recv_msg->msgid = msg->rsp[7] >> 2;
2644 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2645 recv_msg->msg.cmd = msg->rsp[8];
2646 recv_msg->msg.data = recv_msg->msg_data;
2648 /* We chop off 10, not 9 bytes because the checksum
2649 at the end also needs to be removed. */
2650 recv_msg->msg.data_len = msg->rsp_size - 10;
2651 memcpy(recv_msg->msg_data,
2653 msg->rsp_size - 10);
2654 deliver_response(recv_msg);
2661 static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
2662 struct ipmi_smi_msg *msg)
2664 struct ipmi_lan_addr lan_addr;
2665 struct ipmi_recv_msg *recv_msg;
2666 unsigned long flags;
2669 /* This is 13, not 12, because the response must contain a
2670 * completion code. */
2671 if (msg->rsp_size < 13) {
2672 /* Message not big enough, just ignore it. */
2673 spin_lock_irqsave(&intf->counter_lock, flags);
2674 intf->invalid_lan_responses++;
2675 spin_unlock_irqrestore(&intf->counter_lock, flags);
2679 if (msg->rsp[2] != 0) {
2680 /* An error getting the response, just ignore it. */
2684 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
2685 lan_addr.session_handle = msg->rsp[4];
2686 lan_addr.remote_SWID = msg->rsp[8];
2687 lan_addr.local_SWID = msg->rsp[5];
2688 lan_addr.channel = msg->rsp[3] & 0x0f;
2689 lan_addr.privilege = msg->rsp[3] >> 4;
2690 lan_addr.lun = msg->rsp[9] & 3;
2692 /* It's a response from a remote entity. Look up the sequence
2693 number and handle the response. */
2694 if (intf_find_seq(intf,
2698 (msg->rsp[6] >> 2) & (~1),
2699 (struct ipmi_addr *) &(lan_addr),
2702 /* We were unable to find the sequence number,
2703 so just nuke the message. */
2704 spin_lock_irqsave(&intf->counter_lock, flags);
2705 intf->unhandled_lan_responses++;
2706 spin_unlock_irqrestore(&intf->counter_lock, flags);
2710 memcpy(recv_msg->msg_data,
2712 msg->rsp_size - 11);
2713 /* The other fields matched, so no need to set them, except
2714 for netfn, which needs to be the response that was
2715 returned, not the request value. */
2716 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2717 recv_msg->msg.data = recv_msg->msg_data;
2718 recv_msg->msg.data_len = msg->rsp_size - 12;
2719 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2720 spin_lock_irqsave(&intf->counter_lock, flags);
2721 intf->handled_lan_responses++;
2722 spin_unlock_irqrestore(&intf->counter_lock, flags);
2723 deliver_response(recv_msg);
2728 static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
2729 struct ipmi_smi_msg *msg)
2731 struct cmd_rcvr *rcvr;
2733 unsigned char netfn;
2735 ipmi_user_t user = NULL;
2736 struct ipmi_lan_addr *lan_addr;
2737 struct ipmi_recv_msg *recv_msg;
2738 unsigned long flags;
2740 if (msg->rsp_size < 12) {
2741 /* Message not big enough, just ignore it. */
2742 spin_lock_irqsave(&intf->counter_lock, flags);
2743 intf->invalid_commands++;
2744 spin_unlock_irqrestore(&intf->counter_lock, flags);
2748 if (msg->rsp[2] != 0) {
2749 /* An error getting the response, just ignore it. */
2753 netfn = msg->rsp[6] >> 2;
2757 rcvr = find_cmd_rcvr(intf, netfn, cmd);
2760 kref_get(&user->refcount);
2766 /* We didn't find a user, just give up. */
2767 spin_lock_irqsave(&intf->counter_lock, flags);
2768 intf->unhandled_commands++;
2769 spin_unlock_irqrestore(&intf->counter_lock, flags);
2771 rv = 0; /* Don't do anything with these messages, just
2772 allow them to be freed. */
2774 /* Deliver the message to the user. */
2775 spin_lock_irqsave(&intf->counter_lock, flags);
2776 intf->handled_commands++;
2777 spin_unlock_irqrestore(&intf->counter_lock, flags);
2779 recv_msg = ipmi_alloc_recv_msg();
2781 /* We couldn't allocate memory for the
2782 message, so requeue it for handling
2785 kref_put(&user->refcount, free_user);
2787 /* Extract the source address from the data. */
2788 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
2789 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
2790 lan_addr->session_handle = msg->rsp[4];
2791 lan_addr->remote_SWID = msg->rsp[8];
2792 lan_addr->local_SWID = msg->rsp[5];
2793 lan_addr->lun = msg->rsp[9] & 3;
2794 lan_addr->channel = msg->rsp[3] & 0xf;
2795 lan_addr->privilege = msg->rsp[3] >> 4;
2797 /* Extract the rest of the message information
2798 from the IPMB header.*/
2799 recv_msg->user = user;
2800 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2801 recv_msg->msgid = msg->rsp[9] >> 2;
2802 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2803 recv_msg->msg.cmd = msg->rsp[10];
2804 recv_msg->msg.data = recv_msg->msg_data;
2806 /* We chop off 12, not 11 bytes because the checksum
2807 at the end also needs to be removed. */
2808 recv_msg->msg.data_len = msg->rsp_size - 12;
2809 memcpy(recv_msg->msg_data,
2811 msg->rsp_size - 12);
2812 deliver_response(recv_msg);
2819 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
2820 struct ipmi_smi_msg *msg)
2822 struct ipmi_system_interface_addr *smi_addr;
2824 recv_msg->msgid = 0;
2825 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
2826 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2827 smi_addr->channel = IPMI_BMC_CHANNEL;
2828 smi_addr->lun = msg->rsp[0] & 3;
2829 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
2830 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2831 recv_msg->msg.cmd = msg->rsp[1];
2832 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
2833 recv_msg->msg.data = recv_msg->msg_data;
2834 recv_msg->msg.data_len = msg->rsp_size - 3;
2837 static int handle_read_event_rsp(ipmi_smi_t intf,
2838 struct ipmi_smi_msg *msg)
2840 struct ipmi_recv_msg *recv_msg, *recv_msg2;
2841 struct list_head msgs;
2844 int deliver_count = 0;
2845 unsigned long flags;
2847 if (msg->rsp_size < 19) {
2848 /* Message is too small to be an IPMB event. */
2849 spin_lock_irqsave(&intf->counter_lock, flags);
2850 intf->invalid_events++;
2851 spin_unlock_irqrestore(&intf->counter_lock, flags);
2855 if (msg->rsp[2] != 0) {
2856 /* An error getting the event, just ignore it. */
2860 INIT_LIST_HEAD(&msgs);
2862 spin_lock_irqsave(&intf->events_lock, flags);
2864 spin_lock(&intf->counter_lock);
2866 spin_unlock(&intf->counter_lock);
2868 /* Allocate and fill in one message for every user that is getting
2871 list_for_each_entry_rcu(user, &intf->users, link) {
2872 if (!user->gets_events)
2875 recv_msg = ipmi_alloc_recv_msg();
2878 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs,
2880 list_del(&recv_msg->link);
2881 ipmi_free_recv_msg(recv_msg);
2883 /* We couldn't allocate memory for the
2884 message, so requeue it for handling
2892 copy_event_into_recv_msg(recv_msg, msg);
2893 recv_msg->user = user;
2894 kref_get(&user->refcount);
2895 list_add_tail(&(recv_msg->link), &msgs);
2899 if (deliver_count) {
2900 /* Now deliver all the messages. */
2901 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2902 list_del(&recv_msg->link);
2903 deliver_response(recv_msg);
2905 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
2906 /* No one to receive the message, put it in queue if there's
2907 not already too many things in the queue. */
2908 recv_msg = ipmi_alloc_recv_msg();
2910 /* We couldn't allocate memory for the
2911 message, so requeue it for handling
2917 copy_event_into_recv_msg(recv_msg, msg);
2918 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
2920 /* There's too many things in the queue, discard this
2922 printk(KERN_WARNING PFX "Event queue full, discarding an"
2923 " incoming event\n");
2927 spin_unlock_irqrestore(&(intf->events_lock), flags);
2932 static int handle_bmc_rsp(ipmi_smi_t intf,
2933 struct ipmi_smi_msg *msg)
2935 struct ipmi_recv_msg *recv_msg;
2936 unsigned long flags;
2937 struct ipmi_user *user;
2939 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
2940 if (recv_msg == NULL)
2942 printk(KERN_WARNING"IPMI message received with no owner. This\n"
2943 "could be because of a malformed message, or\n"
2944 "because of a hardware error. Contact your\n"
2945 "hardware vender for assistance\n");
2949 user = recv_msg->user;
2950 /* Make sure the user still exists. */
2951 if (user && !user->valid) {
2952 /* The user for the message went away, so give up. */
2953 spin_lock_irqsave(&intf->counter_lock, flags);
2954 intf->unhandled_local_responses++;
2955 spin_unlock_irqrestore(&intf->counter_lock, flags);
2956 ipmi_free_recv_msg(recv_msg);
2958 struct ipmi_system_interface_addr *smi_addr;
2960 spin_lock_irqsave(&intf->counter_lock, flags);
2961 intf->handled_local_responses++;
2962 spin_unlock_irqrestore(&intf->counter_lock, flags);
2963 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2964 recv_msg->msgid = msg->msgid;
2965 smi_addr = ((struct ipmi_system_interface_addr *)
2967 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2968 smi_addr->channel = IPMI_BMC_CHANNEL;
2969 smi_addr->lun = msg->rsp[0] & 3;
2970 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2971 recv_msg->msg.cmd = msg->rsp[1];
2972 memcpy(recv_msg->msg_data,
2975 recv_msg->msg.data = recv_msg->msg_data;
2976 recv_msg->msg.data_len = msg->rsp_size - 2;
2977 deliver_response(recv_msg);
2983 /* Handle a new message. Return 1 if the message should be requeued,
2984 0 if the message should be freed, or -1 if the message should not
2985 be freed or requeued. */
2986 static int handle_new_recv_msg(ipmi_smi_t intf,
2987 struct ipmi_smi_msg *msg)
2995 for (m = 0; m < msg->rsp_size; m++)
2996 printk(" %2.2x", msg->rsp[m]);
2999 if (msg->rsp_size < 2) {
3000 /* Message is too small to be correct. */
3001 printk(KERN_WARNING PFX "BMC returned to small a message"
3002 " for netfn %x cmd %x, got %d bytes\n",
3003 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
3005 /* Generate an error response for the message. */
3006 msg->rsp[0] = msg->data[0] | (1 << 2);
3007 msg->rsp[1] = msg->data[1];
3008 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3010 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */
3011 || (msg->rsp[1] != msg->data[1])) /* Command */
3013 /* The response is not even marginally correct. */
3014 printk(KERN_WARNING PFX "BMC returned incorrect response,"
3015 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
3016 (msg->data[0] >> 2) | 1, msg->data[1],
3017 msg->rsp[0] >> 2, msg->rsp[1]);
3019 /* Generate an error response for the message. */
3020 msg->rsp[0] = msg->data[0] | (1 << 2);
3021 msg->rsp[1] = msg->data[1];
3022 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3026 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3027 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
3028 && (msg->user_data != NULL))
3030 /* It's a response to a response we sent. For this we
3031 deliver a send message response to the user. */
3032 struct ipmi_recv_msg *recv_msg = msg->user_data;
3035 if (msg->rsp_size < 2)
3036 /* Message is too small to be correct. */
3039 chan = msg->data[2] & 0x0f;
3040 if (chan >= IPMI_MAX_CHANNELS)
3041 /* Invalid channel number */
3047 /* Make sure the user still exists. */
3048 if (!recv_msg->user || !recv_msg->user->valid)
3051 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
3052 recv_msg->msg.data = recv_msg->msg_data;
3053 recv_msg->msg.data_len = 1;
3054 recv_msg->msg_data[0] = msg->rsp[2];
3055 deliver_response(recv_msg);
3056 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3057 && (msg->rsp[1] == IPMI_GET_MSG_CMD))
3059 /* It's from the receive queue. */
3060 chan = msg->rsp[3] & 0xf;
3061 if (chan >= IPMI_MAX_CHANNELS) {
3062 /* Invalid channel number */
3067 switch (intf->channels[chan].medium) {
3068 case IPMI_CHANNEL_MEDIUM_IPMB:
3069 if (msg->rsp[4] & 0x04) {
3070 /* It's a response, so find the
3071 requesting message and send it up. */
3072 requeue = handle_ipmb_get_msg_rsp(intf, msg);
3074 /* It's a command to the SMS from some other
3075 entity. Handle that. */
3076 requeue = handle_ipmb_get_msg_cmd(intf, msg);
3080 case IPMI_CHANNEL_MEDIUM_8023LAN:
3081 case IPMI_CHANNEL_MEDIUM_ASYNC:
3082 if (msg->rsp[6] & 0x04) {
3083 /* It's a response, so find the
3084 requesting message and send it up. */
3085 requeue = handle_lan_get_msg_rsp(intf, msg);
3087 /* It's a command to the SMS from some other
3088 entity. Handle that. */
3089 requeue = handle_lan_get_msg_cmd(intf, msg);
3094 /* We don't handle the channel type, so just
3095 * free the message. */
3099 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3100 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD))
3102 /* It's an asyncronous event. */
3103 requeue = handle_read_event_rsp(intf, msg);
3105 /* It's a response from the local BMC. */
3106 requeue = handle_bmc_rsp(intf, msg);
3113 /* Handle a new message from the lower layer. */
3114 void ipmi_smi_msg_received(ipmi_smi_t intf,
3115 struct ipmi_smi_msg *msg)
3117 unsigned long flags;
3121 if ((msg->data_size >= 2)
3122 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
3123 && (msg->data[1] == IPMI_SEND_MSG_CMD)
3124 && (msg->user_data == NULL))
3126 /* This is the local response to a command send, start
3127 the timer for these. The user_data will not be
3128 NULL if this is a response send, and we will let
3129 response sends just go through. */
3131 /* Check for errors, if we get certain errors (ones
3132 that mean basically we can try again later), we
3133 ignore them and start the timer. Otherwise we
3134 report the error immediately. */
3135 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
3136 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
3137 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR))
3139 int chan = msg->rsp[3] & 0xf;
3141 /* Got an error sending the message, handle it. */
3142 spin_lock_irqsave(&intf->counter_lock, flags);
3143 if (chan >= IPMI_MAX_CHANNELS)
3144 ; /* This shouldn't happen */
3145 else if ((intf->channels[chan].medium
3146 == IPMI_CHANNEL_MEDIUM_8023LAN)
3147 || (intf->channels[chan].medium
3148 == IPMI_CHANNEL_MEDIUM_ASYNC))
3149 intf->sent_lan_command_errs++;
3151 intf->sent_ipmb_command_errs++;
3152 spin_unlock_irqrestore(&intf->counter_lock, flags);
3153 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
3155 /* The message was sent, start the timer. */
3156 intf_start_seq_timer(intf, msg->msgid);
3159 ipmi_free_smi_msg(msg);
3163 /* To preserve message order, if the list is not empty, we
3164 tack this message onto the end of the list. */
3165 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
3166 if (!list_empty(&intf->waiting_msgs)) {
3167 list_add_tail(&msg->link, &intf->waiting_msgs);
3168 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
3171 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
3173 rv = handle_new_recv_msg(intf, msg);
3175 /* Could not handle the message now, just add it to a
3176 list to handle later. */
3177 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
3178 list_add_tail(&msg->link, &intf->waiting_msgs);
3179 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
3180 } else if (rv == 0) {
3181 ipmi_free_smi_msg(msg);
3188 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
3193 list_for_each_entry_rcu(user, &intf->users, link) {
3194 if (!user->handler->ipmi_watchdog_pretimeout)
3197 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
3203 handle_msg_timeout(struct ipmi_recv_msg *msg)
3205 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3206 msg->msg_data[0] = IPMI_TIMEOUT_COMPLETION_CODE;
3207 msg->msg.netfn |= 1; /* Convert to a response. */
3208 msg->msg.data_len = 1;
3209 msg->msg.data = msg->msg_data;
3210 deliver_response(msg);
3213 static struct ipmi_smi_msg *
3214 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
3215 unsigned char seq, long seqid)
3217 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
3219 /* If we can't allocate the message, then just return, we
3220 get 4 retries, so this should be ok. */
3223 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
3224 smi_msg->data_size = recv_msg->msg.data_len;
3225 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
3231 for (m = 0; m < smi_msg->data_size; m++)
3232 printk(" %2.2x", smi_msg->data[m]);
3239 static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent,
3240 struct list_head *timeouts, long timeout_period,
3241 int slot, unsigned long *flags)
3243 struct ipmi_recv_msg *msg;
3248 ent->timeout -= timeout_period;
3249 if (ent->timeout > 0)
3252 if (ent->retries_left == 0) {
3253 /* The message has used all its retries. */
3255 msg = ent->recv_msg;
3256 list_add_tail(&msg->link, timeouts);
3257 spin_lock(&intf->counter_lock);
3259 intf->timed_out_ipmb_broadcasts++;
3260 else if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE)
3261 intf->timed_out_lan_commands++;
3263 intf->timed_out_ipmb_commands++;
3264 spin_unlock(&intf->counter_lock);
3266 struct ipmi_smi_msg *smi_msg;
3267 /* More retries, send again. */
3269 /* Start with the max timer, set to normal
3270 timer after the message is sent. */
3271 ent->timeout = MAX_MSG_TIMEOUT;
3272 ent->retries_left--;
3273 spin_lock(&intf->counter_lock);
3274 if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE)
3275 intf->retransmitted_lan_commands++;
3277 intf->retransmitted_ipmb_commands++;
3278 spin_unlock(&intf->counter_lock);
3280 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
3285 spin_unlock_irqrestore(&intf->seq_lock, *flags);
3286 /* Send the new message. We send with a zero
3287 * priority. It timed out, I doubt time is
3288 * that critical now, and high priority
3289 * messages are really only for messages to the
3290 * local MC, which don't get resent. */
3291 intf->handlers->sender(intf->send_info,
3293 spin_lock_irqsave(&intf->seq_lock, *flags);
3297 static void ipmi_timeout_handler(long timeout_period)
3300 struct list_head timeouts;
3301 struct ipmi_recv_msg *msg, *msg2;
3302 struct ipmi_smi_msg *smi_msg, *smi_msg2;
3303 unsigned long flags;
3306 INIT_LIST_HEAD(&timeouts);
3308 spin_lock(&interfaces_lock);
3309 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
3310 intf = ipmi_interfaces[i];
3311 if (IPMI_INVALID_INTERFACE(intf))
3313 kref_get(&intf->refcount);
3314 spin_unlock(&interfaces_lock);
3316 /* See if any waiting messages need to be processed. */
3317 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
3318 list_for_each_entry_safe(smi_msg, smi_msg2,
3319 &intf->waiting_msgs, link) {
3320 if (!handle_new_recv_msg(intf, smi_msg)) {
3321 list_del(&smi_msg->link);
3322 ipmi_free_smi_msg(smi_msg);
3324 /* To preserve message order, quit if we
3325 can't handle a message. */
3329 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
3331 /* Go through the seq table and find any messages that
3332 have timed out, putting them in the timeouts
3334 spin_lock_irqsave(&intf->seq_lock, flags);
3335 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++)
3336 check_msg_timeout(intf, &(intf->seq_table[j]),
3337 &timeouts, timeout_period, j,
3339 spin_unlock_irqrestore(&intf->seq_lock, flags);
3341 list_for_each_entry_safe(msg, msg2, &timeouts, link)
3342 handle_msg_timeout(msg);
3344 kref_put(&intf->refcount, intf_free);
3345 spin_lock(&interfaces_lock);
3347 spin_unlock(&interfaces_lock);
3350 static void ipmi_request_event(void)
3355 spin_lock(&interfaces_lock);
3356 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
3357 intf = ipmi_interfaces[i];
3358 if (IPMI_INVALID_INTERFACE(intf))
3361 intf->handlers->request_events(intf->send_info);
3363 spin_unlock(&interfaces_lock);
3366 static struct timer_list ipmi_timer;
3368 /* Call every ~100 ms. */
3369 #define IPMI_TIMEOUT_TIME 100
3371 /* How many jiffies does it take to get to the timeout time. */
3372 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
3374 /* Request events from the queue every second (this is the number of
3375 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
3376 future, IPMI will add a way to know immediately if an event is in
3377 the queue and this silliness can go away. */
3378 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
3380 static atomic_t stop_operation;
3381 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
3383 static void ipmi_timeout(unsigned long data)
3385 if (atomic_read(&stop_operation))
3389 if (ticks_to_req_ev == 0) {
3390 ipmi_request_event();
3391 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
3394 ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
3396 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
3400 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
3401 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
3403 /* FIXME - convert these to slabs. */
3404 static void free_smi_msg(struct ipmi_smi_msg *msg)
3406 atomic_dec(&smi_msg_inuse_count);
3410 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
3412 struct ipmi_smi_msg *rv;
3413 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
3415 rv->done = free_smi_msg;
3416 rv->user_data = NULL;
3417 atomic_inc(&smi_msg_inuse_count);
3422 static void free_recv_msg(struct ipmi_recv_msg *msg)
3424 atomic_dec(&recv_msg_inuse_count);
3428 struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
3430 struct ipmi_recv_msg *rv;
3432 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
3434 rv->done = free_recv_msg;
3435 atomic_inc(&recv_msg_inuse_count);
3440 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
3443 kref_put(&msg->user->refcount, free_user);
3447 #ifdef CONFIG_IPMI_PANIC_EVENT
3449 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
3453 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
3457 #ifdef CONFIG_IPMI_PANIC_STRING
3458 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
3460 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
3461 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
3462 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
3463 && (msg->msg.data[0] == IPMI_CC_NO_ERROR))
3465 /* A get event receiver command, save it. */
3466 intf->event_receiver = msg->msg.data[1];
3467 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
3471 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
3473 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
3474 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
3475 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
3476 && (msg->msg.data[0] == IPMI_CC_NO_ERROR))
3478 /* A get device id command, save if we are an event
3479 receiver or generator. */
3480 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
3481 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
3486 static void send_panic_events(char *str)
3488 struct kernel_ipmi_msg msg;
3490 unsigned char data[16];
3492 struct ipmi_system_interface_addr *si;
3493 struct ipmi_addr addr;
3494 struct ipmi_smi_msg smi_msg;
3495 struct ipmi_recv_msg recv_msg;
3497 si = (struct ipmi_system_interface_addr *) &addr;
3498 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3499 si->channel = IPMI_BMC_CHANNEL;
3502 /* Fill in an event telling that we have failed. */
3503 msg.netfn = 0x04; /* Sensor or Event. */
3504 msg.cmd = 2; /* Platform event command. */
3507 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */
3508 data[1] = 0x03; /* This is for IPMI 1.0. */
3509 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
3510 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
3511 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
3513 /* Put a few breadcrumbs in. Hopefully later we can add more things
3514 to make the panic events more useful. */
3521 smi_msg.done = dummy_smi_done_handler;
3522 recv_msg.done = dummy_recv_done_handler;
3524 /* For every registered interface, send the event. */
3525 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
3526 intf = ipmi_interfaces[i];
3527 if (IPMI_INVALID_INTERFACE(intf))
3530 /* Send the event announcing the panic. */
3531 intf->handlers->set_run_to_completion(intf->send_info, 1);
3532 i_ipmi_request(NULL,
3541 intf->channels[0].address,
3542 intf->channels[0].lun,
3543 0, 1); /* Don't retry, and don't wait. */
3546 #ifdef CONFIG_IPMI_PANIC_STRING
3547 /* On every interface, dump a bunch of OEM event holding the
3552 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
3554 struct ipmi_ipmb_addr *ipmb;
3557 intf = ipmi_interfaces[i];
3558 if (IPMI_INVALID_INTERFACE(intf))
3561 /* First job here is to figure out where to send the
3562 OEM events. There's no way in IPMI to send OEM
3563 events using an event send command, so we have to
3564 find the SEL to put them in and stick them in
3567 /* Get capabilities from the get device id. */
3568 intf->local_sel_device = 0;
3569 intf->local_event_generator = 0;
3570 intf->event_receiver = 0;
3572 /* Request the device info from the local MC. */
3573 msg.netfn = IPMI_NETFN_APP_REQUEST;
3574 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
3577 intf->null_user_handler = device_id_fetcher;
3578 i_ipmi_request(NULL,
3587 intf->channels[0].address,
3588 intf->channels[0].lun,
3589 0, 1); /* Don't retry, and don't wait. */
3591 if (intf->local_event_generator) {
3592 /* Request the event receiver from the local MC. */
3593 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
3594 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
3597 intf->null_user_handler = event_receiver_fetcher;
3598 i_ipmi_request(NULL,
3607 intf->channels[0].address,
3608 intf->channels[0].lun,
3609 0, 1); /* no retry, and no wait. */
3611 intf->null_user_handler = NULL;
3613 /* Validate the event receiver. The low bit must not
3614 be 1 (it must be a valid IPMB address), it cannot
3615 be zero, and it must not be my address. */
3616 if (((intf->event_receiver & 1) == 0)
3617 && (intf->event_receiver != 0)
3618 && (intf->event_receiver != intf->channels[0].address))
3620 /* The event receiver is valid, send an IPMB
3622 ipmb = (struct ipmi_ipmb_addr *) &addr;
3623 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
3624 ipmb->channel = 0; /* FIXME - is this right? */
3625 ipmb->lun = intf->event_receiver_lun;
3626 ipmb->slave_addr = intf->event_receiver;
3627 } else if (intf->local_sel_device) {
3628 /* The event receiver was not valid (or was
3629 me), but I am an SEL device, just dump it
3631 si = (struct ipmi_system_interface_addr *) &addr;
3632 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3633 si->channel = IPMI_BMC_CHANNEL;
3636 continue; /* No where to send the event. */
3639 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
3640 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
3646 int size = strlen(p);
3652 data[2] = 0xf0; /* OEM event without timestamp. */
3653 data[3] = intf->channels[0].address;
3654 data[4] = j++; /* sequence # */
3655 /* Always give 11 bytes, so strncpy will fill
3656 it with zeroes for me. */
3657 strncpy(data+5, p, 11);
3660 i_ipmi_request(NULL,
3669 intf->channels[0].address,
3670 intf->channels[0].lun,
3671 0, 1); /* no retry, and no wait. */
3674 #endif /* CONFIG_IPMI_PANIC_STRING */
3676 #endif /* CONFIG_IPMI_PANIC_EVENT */
3678 static int has_paniced = 0;
3680 static int panic_event(struct notifier_block *this,
3681 unsigned long event,
3691 /* For every registered interface, set it to run to completion. */
3692 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
3693 intf = ipmi_interfaces[i];
3694 if (IPMI_INVALID_INTERFACE(intf))
3697 intf->handlers->set_run_to_completion(intf->send_info, 1);
3700 #ifdef CONFIG_IPMI_PANIC_EVENT
3701 send_panic_events(ptr);
3707 static struct notifier_block panic_block = {
3708 .notifier_call = panic_event,
3710 .priority = 200 /* priority: INT_MAX >= x >= 0 */
3713 static int ipmi_init_msghandler(void)
3721 rv = driver_register(&ipmidriver);
3723 printk(KERN_ERR PFX "Could not register IPMI driver\n");
3727 printk(KERN_INFO "ipmi message handler version "
3728 IPMI_DRIVER_VERSION "\n");
3730 for (i = 0; i < MAX_IPMI_INTERFACES; i++)
3731 ipmi_interfaces[i] = NULL;
3733 #ifdef CONFIG_PROC_FS
3734 proc_ipmi_root = proc_mkdir("ipmi", NULL);
3735 if (!proc_ipmi_root) {
3736 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
3740 proc_ipmi_root->owner = THIS_MODULE;
3741 #endif /* CONFIG_PROC_FS */
3743 init_timer(&ipmi_timer);
3744 ipmi_timer.data = 0;
3745 ipmi_timer.function = ipmi_timeout;
3746 ipmi_timer.expires = jiffies + IPMI_TIMEOUT_JIFFIES;
3747 add_timer(&ipmi_timer);
3749 atomic_notifier_chain_register(&panic_notifier_list, &panic_block);
3756 static __init int ipmi_init_msghandler_mod(void)
3758 ipmi_init_msghandler();
3762 static __exit void cleanup_ipmi(void)
3769 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block);
3771 /* This can't be called if any interfaces exist, so no worry about
3772 shutting down the interfaces. */
3774 /* Tell the timer to stop, then wait for it to stop. This avoids
3775 problems with race conditions removing the timer here. */
3776 atomic_inc(&stop_operation);
3777 del_timer_sync(&ipmi_timer);
3779 #ifdef CONFIG_PROC_FS
3780 remove_proc_entry(proc_ipmi_root->name, &proc_root);
3781 #endif /* CONFIG_PROC_FS */
3783 driver_unregister(&ipmidriver);
3787 /* Check for buffer leaks. */
3788 count = atomic_read(&smi_msg_inuse_count);
3790 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
3792 count = atomic_read(&recv_msg_inuse_count);
3794 printk(KERN_WARNING PFX "recv message count %d at exit\n",
3797 module_exit(cleanup_ipmi);
3799 module_init(ipmi_init_msghandler_mod);
3800 MODULE_LICENSE("GPL");
3801 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
3802 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI interface.");
3803 MODULE_VERSION(IPMI_DRIVER_VERSION);
3805 EXPORT_SYMBOL(ipmi_create_user);
3806 EXPORT_SYMBOL(ipmi_destroy_user);
3807 EXPORT_SYMBOL(ipmi_get_version);
3808 EXPORT_SYMBOL(ipmi_request_settime);
3809 EXPORT_SYMBOL(ipmi_request_supply_msgs);
3810 EXPORT_SYMBOL(ipmi_register_smi);
3811 EXPORT_SYMBOL(ipmi_unregister_smi);
3812 EXPORT_SYMBOL(ipmi_register_for_cmd);
3813 EXPORT_SYMBOL(ipmi_unregister_for_cmd);
3814 EXPORT_SYMBOL(ipmi_smi_msg_received);
3815 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
3816 EXPORT_SYMBOL(ipmi_alloc_smi_msg);
3817 EXPORT_SYMBOL(ipmi_addr_length);
3818 EXPORT_SYMBOL(ipmi_validate_addr);
3819 EXPORT_SYMBOL(ipmi_set_gets_events);
3820 EXPORT_SYMBOL(ipmi_smi_watcher_register);
3821 EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
3822 EXPORT_SYMBOL(ipmi_set_my_address);
3823 EXPORT_SYMBOL(ipmi_get_my_address);
3824 EXPORT_SYMBOL(ipmi_set_my_LUN);
3825 EXPORT_SYMBOL(ipmi_get_my_LUN);
3826 EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
3827 EXPORT_SYMBOL(ipmi_user_set_run_to_completion);
3828 EXPORT_SYMBOL(ipmi_free_recv_msg);