1 /*
2 * ipmi_msghandler.c
3 *
4 * Incoming and outgoing message routing for an IPMI interface.
5 *
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
8 * source@mvista.com
9 *
10 * Copyright 2002 MontaVista Software Inc.
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
16 *
17 *
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 *
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
32 */
33
34 #include <linux/module.h>
35 #include <linux/errno.h>
36 #include <asm/system.h>
37 #include <linux/poll.h>
38 #include <linux/sched.h>
39 #include <linux/spinlock.h>
40 #include <linux/mutex.h>
41 #include <linux/slab.h>
42 #include <linux/ipmi.h>
43 #include <linux/ipmi_smi.h>
44 #include <linux/notifier.h>
45 #include <linux/init.h>
46 #include <linux/proc_fs.h>
47 #include <linux/rcupdate.h>
48
49 #define PFX "IPMI message handler: "
50
51 #define IPMI_DRIVER_VERSION "39.2"
52
53 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
54 static int ipmi_init_msghandler(void);
55
56 static int initialized;
57
58 #ifdef CONFIG_PROC_FS
59 static struct proc_dir_entry *proc_ipmi_root;
60 #endif /* CONFIG_PROC_FS */
61
62 /* Remain in auto-maintenance mode for this amount of time (in ms). */
63 #define IPMI_MAINTENANCE_MODE_TIMEOUT 30000
64
65 #define MAX_EVENTS_IN_QUEUE 25
66
67 /*
68 * Don't let a message sit in a queue forever, always time it with at lest
69 * the max message timer. This is in milliseconds.
70 */
71 #define MAX_MSG_TIMEOUT 60000
72
73 /*
74 * The main "user" data structure.
75 */
76 struct ipmi_user {
77 struct list_head link;
78
79 /* Set to "0" when the user is destroyed. */
80 int valid;
81
82 struct kref refcount;
83
84 /* The upper layer that handles receive messages. */
85 struct ipmi_user_hndl *handler;
86 void *handler_data;
87
88 /* The interface this user is bound to. */
89 ipmi_smi_t intf;
90
91 /* Does this interface receive IPMI events? */
92 int gets_events;
93 };
94
95 struct cmd_rcvr {
96 struct list_head link;
97
98 ipmi_user_t user;
99 unsigned char netfn;
100 unsigned char cmd;
101 unsigned int chans;
102
103 /*
104 * This is used to form a linked lised during mass deletion.
105 * Since this is in an RCU list, we cannot use the link above
106 * or change any data until the RCU period completes. So we
107 * use this next variable during mass deletion so we can have
108 * a list and don't have to wait and restart the search on
109 * every individual deletion of a command.
110 */
111 struct cmd_rcvr *next;
112 };
113
114 struct seq_table {
115 unsigned int inuse : 1;
116 unsigned int broadcast : 1;
117
118 unsigned long timeout;
119 unsigned long orig_timeout;
120 unsigned int retries_left;
121
122 /*
123 * To verify on an incoming send message response that this is
124 * the message that the response is for, we keep a sequence id
125 * and increment it every time we send a message.
126 */
127 long seqid;
128
129 /*
130 * This is held so we can properly respond to the message on a
131 * timeout, and it is used to hold the temporary data for
132 * retransmission, too.
133 */
134 struct ipmi_recv_msg *recv_msg;
135 };
136
137 /*
138 * Store the information in a msgid (long) to allow us to find a
139 * sequence table entry from the msgid.
140 */
141 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
142
143 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
144 do { \
145 seq = ((msgid >> 26) & 0x3f); \
146 seqid = (msgid & 0x3fffff); \
147 } while (0)
148
149 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
150
151 struct ipmi_channel {
152 unsigned char medium;
153 unsigned char protocol;
154
155 /*
156 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
157 * but may be changed by the user.
158 */
159 unsigned char address;
160
161 /*
162 * My LUN. This should generally stay the SMS LUN, but just in
163 * case...
164 */
165 unsigned char lun;
166 };
167
168 #ifdef CONFIG_PROC_FS
169 struct ipmi_proc_entry {
170 char *name;
171 struct ipmi_proc_entry *next;
172 };
173 #endif
174
175 struct bmc_device {
176 struct platform_device *dev;
177 struct ipmi_device_id id;
178 unsigned char guid[16];
179 int guid_set;
180
181 struct kref refcount;
182
183 /* bmc device attributes */
184 struct device_attribute device_id_attr;
185 struct device_attribute provides_dev_sdrs_attr;
186 struct device_attribute revision_attr;
187 struct device_attribute firmware_rev_attr;
188 struct device_attribute version_attr;
189 struct device_attribute add_dev_support_attr;
190 struct device_attribute manufacturer_id_attr;
191 struct device_attribute product_id_attr;
192 struct device_attribute guid_attr;
193 struct device_attribute aux_firmware_rev_attr;
194 };
195
196 /*
197 * Various statistics for IPMI, these index stats[] in the ipmi_smi
198 * structure.
199 */
200 enum ipmi_stat_indexes {
201 /* Commands we got from the user that were invalid. */
202 IPMI_STAT_sent_invalid_commands = 0,
203
204 /* Commands we sent to the MC. */
205 IPMI_STAT_sent_local_commands,
206
207 /* Responses from the MC that were delivered to a user. */
208 IPMI_STAT_handled_local_responses,
209
210 /* Responses from the MC that were not delivered to a user. */
211 IPMI_STAT_unhandled_local_responses,
212
213 /* Commands we sent out to the IPMB bus. */
214 IPMI_STAT_sent_ipmb_commands,
215
216 /* Commands sent on the IPMB that had errors on the SEND CMD */
217 IPMI_STAT_sent_ipmb_command_errs,
218
219 /* Each retransmit increments this count. */
220 IPMI_STAT_retransmitted_ipmb_commands,
221
222 /*
223 * When a message times out (runs out of retransmits) this is
224 * incremented.
225 */
226 IPMI_STAT_timed_out_ipmb_commands,
227
228 /*
229 * This is like above, but for broadcasts. Broadcasts are
230 * *not* included in the above count (they are expected to
231 * time out).
232 */
233 IPMI_STAT_timed_out_ipmb_broadcasts,
234
235 /* Responses I have sent to the IPMB bus. */
236 IPMI_STAT_sent_ipmb_responses,
237
238 /* The response was delivered to the user. */
239 IPMI_STAT_handled_ipmb_responses,
240
241 /* The response had invalid data in it. */
242 IPMI_STAT_invalid_ipmb_responses,
243
244 /* The response didn't have anyone waiting for it. */
245 IPMI_STAT_unhandled_ipmb_responses,
246
247 /* Commands we sent out to the IPMB bus. */
248 IPMI_STAT_sent_lan_commands,
249
250 /* Commands sent on the IPMB that had errors on the SEND CMD */
251 IPMI_STAT_sent_lan_command_errs,
252
253 /* Each retransmit increments this count. */
254 IPMI_STAT_retransmitted_lan_commands,
255
256 /*
257 * When a message times out (runs out of retransmits) this is
258 * incremented.
259 */
260 IPMI_STAT_timed_out_lan_commands,
261
262 /* Responses I have sent to the IPMB bus. */
263 IPMI_STAT_sent_lan_responses,
264
265 /* The response was delivered to the user. */
266 IPMI_STAT_handled_lan_responses,
267
268 /* The response had invalid data in it. */
269 IPMI_STAT_invalid_lan_responses,
270
271 /* The response didn't have anyone waiting for it. */
272 IPMI_STAT_unhandled_lan_responses,
273
274 /* The command was delivered to the user. */
275 IPMI_STAT_handled_commands,
276
277 /* The command had invalid data in it. */
278 IPMI_STAT_invalid_commands,
279
280 /* The command didn't have anyone waiting for it. */
281 IPMI_STAT_unhandled_commands,
282
283 /* Invalid data in an event. */
284 IPMI_STAT_invalid_events,
285
286 /* Events that were received with the proper format. */
287 IPMI_STAT_events,
288
289 /* Retransmissions on IPMB that failed. */
290 IPMI_STAT_dropped_rexmit_ipmb_commands,
291
292 /* Retransmissions on LAN that failed. */
293 IPMI_STAT_dropped_rexmit_lan_commands,
294
295 /* This *must* remain last, add new values above this. */
296 IPMI_NUM_STATS
297 };
298
299
300 #define IPMI_IPMB_NUM_SEQ 64
301 #define IPMI_MAX_CHANNELS 16
302 struct ipmi_smi {
303 /* What interface number are we? */
304 int intf_num;
305
306 struct kref refcount;
307
308 /* Used for a list of interfaces. */
309 struct list_head link;
310
311 /*
312 * The list of upper layers that are using me. seq_lock
313 * protects this.
314 */
315 struct list_head users;
316
317 /* Information to supply to users. */
318 unsigned char ipmi_version_major;
319 unsigned char ipmi_version_minor;
320
321 /* Used for wake ups at startup. */
322 wait_queue_head_t waitq;
323
324 struct bmc_device *bmc;
325 char *my_dev_name;
326 char *sysfs_name;
327
328 /*
329 * This is the lower-layer's sender routine. Note that you
330 * must either be holding the ipmi_interfaces_mutex or be in
331 * an umpreemptible region to use this. You must fetch the
332 * value into a local variable and make sure it is not NULL.
333 */
334 struct ipmi_smi_handlers *handlers;
335 void *send_info;
336
337 #ifdef CONFIG_PROC_FS
338 /* A list of proc entries for this interface. */
339 struct mutex proc_entry_lock;
340 struct ipmi_proc_entry *proc_entries;
341 #endif
342
343 /* Driver-model device for the system interface. */
344 struct device *si_dev;
345
346 /*
347 * A table of sequence numbers for this interface. We use the
348 * sequence numbers for IPMB messages that go out of the
349 * interface to match them up with their responses. A routine
350 * is called periodically to time the items in this list.
351 */
352 spinlock_t seq_lock;
353 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
354 int curr_seq;
355
356 /*
357 * Messages that were delayed for some reason (out of memory,
358 * for instance), will go in here to be processed later in a
359 * periodic timer interrupt.
360 */
361 spinlock_t waiting_msgs_lock;
362 struct list_head waiting_msgs;
363
364 /*
365 * The list of command receivers that are registered for commands
366 * on this interface.
367 */
368 struct mutex cmd_rcvrs_mutex;
369 struct list_head cmd_rcvrs;
370
371 /*
372 * Events that were queues because no one was there to receive
373 * them.
374 */
375 spinlock_t events_lock; /* For dealing with event stuff. */
376 struct list_head waiting_events;
377 unsigned int waiting_events_count; /* How many events in queue? */
378 char delivering_events;
379 char event_msg_printed;
380
381 /*
382 * The event receiver for my BMC, only really used at panic
383 * shutdown as a place to store this.
384 */
385 unsigned char event_receiver;
386 unsigned char event_receiver_lun;
387 unsigned char local_sel_device;
388 unsigned char local_event_generator;
389
390 /* For handling of maintenance mode. */
391 int maintenance_mode;
392 int maintenance_mode_enable;
393 int auto_maintenance_timeout;
394 spinlock_t maintenance_mode_lock; /* Used in a timer... */
395
396 /*
397 * A cheap hack, if this is non-null and a message to an
398 * interface comes in with a NULL user, call this routine with
399 * it. Note that the message will still be freed by the
400 * caller. This only works on the system interface.
401 */
402 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg);
403
404 /*
405 * When we are scanning the channels for an SMI, this will
406 * tell which channel we are scanning.
407 */
408 int curr_channel;
409
410 /* Channel information */
411 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
412
413 /* Proc FS stuff. */
414 struct proc_dir_entry *proc_dir;
415 char proc_dir_name[10];
416
417 atomic_t stats[IPMI_NUM_STATS];
418
419 /*
420 * run_to_completion duplicate of smb_info, smi_info
421 * and ipmi_serial_info structures. Used to decrease numbers of
422 * parameters passed by "low" level IPMI code.
423 */
424 int run_to_completion;
425 };
426 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev)
427
428 /**
429 * The driver model view of the IPMI messaging driver.
430 */
431 static struct platform_driver ipmidriver = {
432 .driver = {
433 .name = "ipmi",
434 .bus = &platform_bus_type
435 }
436 };
437 static DEFINE_MUTEX(ipmidriver_mutex);
438
439 static LIST_HEAD(ipmi_interfaces);
440 static DEFINE_MUTEX(ipmi_interfaces_mutex);
441
442 /*
443 * List of watchers that want to know when smi's are added and deleted.
444 */
445 static LIST_HEAD(smi_watchers);
446 static DEFINE_MUTEX(smi_watchers_mutex);
447
448
449 #define ipmi_inc_stat(intf, stat) \
450 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat])
451 #define ipmi_get_stat(intf, stat) \
452 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat]))
453
is_lan_addr(struct ipmi_addr * addr)454 static int is_lan_addr(struct ipmi_addr *addr)
455 {
456 return addr->addr_type == IPMI_LAN_ADDR_TYPE;
457 }
458
is_ipmb_addr(struct ipmi_addr * addr)459 static int is_ipmb_addr(struct ipmi_addr *addr)
460 {
461 return addr->addr_type == IPMI_IPMB_ADDR_TYPE;
462 }
463
is_ipmb_bcast_addr(struct ipmi_addr * addr)464 static int is_ipmb_bcast_addr(struct ipmi_addr *addr)
465 {
466 return addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE;
467 }
468
free_recv_msg_list(struct list_head * q)469 static void free_recv_msg_list(struct list_head *q)
470 {
471 struct ipmi_recv_msg *msg, *msg2;
472
473 list_for_each_entry_safe(msg, msg2, q, link) {
474 list_del(&msg->link);
475 ipmi_free_recv_msg(msg);
476 }
477 }
478
free_smi_msg_list(struct list_head * q)479 static void free_smi_msg_list(struct list_head *q)
480 {
481 struct ipmi_smi_msg *msg, *msg2;
482
483 list_for_each_entry_safe(msg, msg2, q, link) {
484 list_del(&msg->link);
485 ipmi_free_smi_msg(msg);
486 }
487 }
488
clean_up_interface_data(ipmi_smi_t intf)489 static void clean_up_interface_data(ipmi_smi_t intf)
490 {
491 int i;
492 struct cmd_rcvr *rcvr, *rcvr2;
493 struct list_head list;
494
495 free_smi_msg_list(&intf->waiting_msgs);
496 free_recv_msg_list(&intf->waiting_events);
497
498 /*
499 * Wholesale remove all the entries from the list in the
500 * interface and wait for RCU to know that none are in use.
501 */
502 mutex_lock(&intf->cmd_rcvrs_mutex);
503 INIT_LIST_HEAD(&list);
504 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu);
505 mutex_unlock(&intf->cmd_rcvrs_mutex);
506
507 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
508 kfree(rcvr);
509
510 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
511 if ((intf->seq_table[i].inuse)
512 && (intf->seq_table[i].recv_msg))
513 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
514 }
515 }
516
intf_free(struct kref * ref)517 static void intf_free(struct kref *ref)
518 {
519 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount);
520
521 clean_up_interface_data(intf);
522 kfree(intf);
523 }
524
525 struct watcher_entry {
526 int intf_num;
527 ipmi_smi_t intf;
528 struct list_head link;
529 };
530
ipmi_smi_watcher_register(struct ipmi_smi_watcher * watcher)531 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
532 {
533 ipmi_smi_t intf;
534 LIST_HEAD(to_deliver);
535 struct watcher_entry *e, *e2;
536
537 mutex_lock(&smi_watchers_mutex);
538
539 mutex_lock(&ipmi_interfaces_mutex);
540
541 /* Build a list of things to deliver. */
542 list_for_each_entry(intf, &ipmi_interfaces, link) {
543 if (intf->intf_num == -1)
544 continue;
545 e = kmalloc(sizeof(*e), GFP_KERNEL);
546 if (!e)
547 goto out_err;
548 kref_get(&intf->refcount);
549 e->intf = intf;
550 e->intf_num = intf->intf_num;
551 list_add_tail(&e->link, &to_deliver);
552 }
553
554 /* We will succeed, so add it to the list. */
555 list_add(&watcher->link, &smi_watchers);
556
557 mutex_unlock(&ipmi_interfaces_mutex);
558
559 list_for_each_entry_safe(e, e2, &to_deliver, link) {
560 list_del(&e->link);
561 watcher->new_smi(e->intf_num, e->intf->si_dev);
562 kref_put(&e->intf->refcount, intf_free);
563 kfree(e);
564 }
565
566 mutex_unlock(&smi_watchers_mutex);
567
568 return 0;
569
570 out_err:
571 mutex_unlock(&ipmi_interfaces_mutex);
572 mutex_unlock(&smi_watchers_mutex);
573 list_for_each_entry_safe(e, e2, &to_deliver, link) {
574 list_del(&e->link);
575 kref_put(&e->intf->refcount, intf_free);
576 kfree(e);
577 }
578 return -ENOMEM;
579 }
580 EXPORT_SYMBOL(ipmi_smi_watcher_register);
581
ipmi_smi_watcher_unregister(struct ipmi_smi_watcher * watcher)582 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
583 {
584 mutex_lock(&smi_watchers_mutex);
585 list_del(&(watcher->link));
586 mutex_unlock(&smi_watchers_mutex);
587 return 0;
588 }
589 EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
590
591 /*
592 * Must be called with smi_watchers_mutex held.
593 */
594 static void
call_smi_watchers(int i,struct device * dev)595 call_smi_watchers(int i, struct device *dev)
596 {
597 struct ipmi_smi_watcher *w;
598
599 list_for_each_entry(w, &smi_watchers, link) {
600 if (try_module_get(w->owner)) {
601 w->new_smi(i, dev);
602 module_put(w->owner);
603 }
604 }
605 }
606
607 static int
ipmi_addr_equal(struct ipmi_addr * addr1,struct ipmi_addr * addr2)608 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
609 {
610 if (addr1->addr_type != addr2->addr_type)
611 return 0;
612
613 if (addr1->channel != addr2->channel)
614 return 0;
615
616 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
617 struct ipmi_system_interface_addr *smi_addr1
618 = (struct ipmi_system_interface_addr *) addr1;
619 struct ipmi_system_interface_addr *smi_addr2
620 = (struct ipmi_system_interface_addr *) addr2;
621 return (smi_addr1->lun == smi_addr2->lun);
622 }
623
624 if (is_ipmb_addr(addr1) || is_ipmb_bcast_addr(addr1)) {
625 struct ipmi_ipmb_addr *ipmb_addr1
626 = (struct ipmi_ipmb_addr *) addr1;
627 struct ipmi_ipmb_addr *ipmb_addr2
628 = (struct ipmi_ipmb_addr *) addr2;
629
630 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
631 && (ipmb_addr1->lun == ipmb_addr2->lun));
632 }
633
634 if (is_lan_addr(addr1)) {
635 struct ipmi_lan_addr *lan_addr1
636 = (struct ipmi_lan_addr *) addr1;
637 struct ipmi_lan_addr *lan_addr2
638 = (struct ipmi_lan_addr *) addr2;
639
640 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
641 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
642 && (lan_addr1->session_handle
643 == lan_addr2->session_handle)
644 && (lan_addr1->lun == lan_addr2->lun));
645 }
646
647 return 1;
648 }
649
ipmi_validate_addr(struct ipmi_addr * addr,int len)650 int ipmi_validate_addr(struct ipmi_addr *addr, int len)
651 {
652 if (len < sizeof(struct ipmi_system_interface_addr))
653 return -EINVAL;
654
655 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
656 if (addr->channel != IPMI_BMC_CHANNEL)
657 return -EINVAL;
658 return 0;
659 }
660
661 if ((addr->channel == IPMI_BMC_CHANNEL)
662 || (addr->channel >= IPMI_MAX_CHANNELS)
663 || (addr->channel < 0))
664 return -EINVAL;
665
666 if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
667 if (len < sizeof(struct ipmi_ipmb_addr))
668 return -EINVAL;
669 return 0;
670 }
671
672 if (is_lan_addr(addr)) {
673 if (len < sizeof(struct ipmi_lan_addr))
674 return -EINVAL;
675 return 0;
676 }
677
678 return -EINVAL;
679 }
680 EXPORT_SYMBOL(ipmi_validate_addr);
681
ipmi_addr_length(int addr_type)682 unsigned int ipmi_addr_length(int addr_type)
683 {
684 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
685 return sizeof(struct ipmi_system_interface_addr);
686
687 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
688 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
689 return sizeof(struct ipmi_ipmb_addr);
690
691 if (addr_type == IPMI_LAN_ADDR_TYPE)
692 return sizeof(struct ipmi_lan_addr);
693
694 return 0;
695 }
696 EXPORT_SYMBOL(ipmi_addr_length);
697
deliver_response(struct ipmi_recv_msg * msg)698 static void deliver_response(struct ipmi_recv_msg *msg)
699 {
700 if (!msg->user) {
701 ipmi_smi_t intf = msg->user_msg_data;
702
703 /* Special handling for NULL users. */
704 if (intf->null_user_handler) {
705 intf->null_user_handler(intf, msg);
706 ipmi_inc_stat(intf, handled_local_responses);
707 } else {
708 /* No handler, so give up. */
709 ipmi_inc_stat(intf, unhandled_local_responses);
710 }
711 ipmi_free_recv_msg(msg);
712 } else {
713 ipmi_user_t user = msg->user;
714 user->handler->ipmi_recv_hndl(msg, user->handler_data);
715 }
716 }
717
718 static void
deliver_err_response(struct ipmi_recv_msg * msg,int err)719 deliver_err_response(struct ipmi_recv_msg *msg, int err)
720 {
721 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
722 msg->msg_data[0] = err;
723 msg->msg.netfn |= 1; /* Convert to a response. */
724 msg->msg.data_len = 1;
725 msg->msg.data = msg->msg_data;
726 deliver_response(msg);
727 }
728
729 /*
730 * Find the next sequence number not being used and add the given
731 * message with the given timeout to the sequence table. This must be
732 * called with the interface's seq_lock held.
733 */
intf_next_seq(ipmi_smi_t intf,struct ipmi_recv_msg * recv_msg,unsigned long timeout,int retries,int broadcast,unsigned char * seq,long * seqid)734 static int intf_next_seq(ipmi_smi_t intf,
735 struct ipmi_recv_msg *recv_msg,
736 unsigned long timeout,
737 int retries,
738 int broadcast,
739 unsigned char *seq,
740 long *seqid)
741 {
742 int rv = 0;
743 unsigned int i;
744
745 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
746 i = (i+1)%IPMI_IPMB_NUM_SEQ) {
747 if (!intf->seq_table[i].inuse)
748 break;
749 }
750
751 if (!intf->seq_table[i].inuse) {
752 intf->seq_table[i].recv_msg = recv_msg;
753
754 /*
755 * Start with the maximum timeout, when the send response
756 * comes in we will start the real timer.
757 */
758 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
759 intf->seq_table[i].orig_timeout = timeout;
760 intf->seq_table[i].retries_left = retries;
761 intf->seq_table[i].broadcast = broadcast;
762 intf->seq_table[i].inuse = 1;
763 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
764 *seq = i;
765 *seqid = intf->seq_table[i].seqid;
766 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
767 } else {
768 rv = -EAGAIN;
769 }
770
771 return rv;
772 }
773
774 /*
775 * Return the receive message for the given sequence number and
776 * release the sequence number so it can be reused. Some other data
777 * is passed in to be sure the message matches up correctly (to help
778 * guard against message coming in after their timeout and the
779 * sequence number being reused).
780 */
intf_find_seq(ipmi_smi_t intf,unsigned char seq,short channel,unsigned char cmd,unsigned char netfn,struct ipmi_addr * addr,struct ipmi_recv_msg ** recv_msg)781 static int intf_find_seq(ipmi_smi_t intf,
782 unsigned char seq,
783 short channel,
784 unsigned char cmd,
785 unsigned char netfn,
786 struct ipmi_addr *addr,
787 struct ipmi_recv_msg **recv_msg)
788 {
789 int rv = -ENODEV;
790 unsigned long flags;
791
792 if (seq >= IPMI_IPMB_NUM_SEQ)
793 return -EINVAL;
794
795 spin_lock_irqsave(&(intf->seq_lock), flags);
796 if (intf->seq_table[seq].inuse) {
797 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
798
799 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd)
800 && (msg->msg.netfn == netfn)
801 && (ipmi_addr_equal(addr, &(msg->addr)))) {
802 *recv_msg = msg;
803 intf->seq_table[seq].inuse = 0;
804 rv = 0;
805 }
806 }
807 spin_unlock_irqrestore(&(intf->seq_lock), flags);
808
809 return rv;
810 }
811
812
813 /* Start the timer for a specific sequence table entry. */
intf_start_seq_timer(ipmi_smi_t intf,long msgid)814 static int intf_start_seq_timer(ipmi_smi_t intf,
815 long msgid)
816 {
817 int rv = -ENODEV;
818 unsigned long flags;
819 unsigned char seq;
820 unsigned long seqid;
821
822
823 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
824
825 spin_lock_irqsave(&(intf->seq_lock), flags);
826 /*
827 * We do this verification because the user can be deleted
828 * while a message is outstanding.
829 */
830 if ((intf->seq_table[seq].inuse)
831 && (intf->seq_table[seq].seqid == seqid)) {
832 struct seq_table *ent = &(intf->seq_table[seq]);
833 ent->timeout = ent->orig_timeout;
834 rv = 0;
835 }
836 spin_unlock_irqrestore(&(intf->seq_lock), flags);
837
838 return rv;
839 }
840
841 /* Got an error for the send message for a specific sequence number. */
intf_err_seq(ipmi_smi_t intf,long msgid,unsigned int err)842 static int intf_err_seq(ipmi_smi_t intf,
843 long msgid,
844 unsigned int err)
845 {
846 int rv = -ENODEV;
847 unsigned long flags;
848 unsigned char seq;
849 unsigned long seqid;
850 struct ipmi_recv_msg *msg = NULL;
851
852
853 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
854
855 spin_lock_irqsave(&(intf->seq_lock), flags);
856 /*
857 * We do this verification because the user can be deleted
858 * while a message is outstanding.
859 */
860 if ((intf->seq_table[seq].inuse)
861 && (intf->seq_table[seq].seqid == seqid)) {
862 struct seq_table *ent = &(intf->seq_table[seq]);
863
864 ent->inuse = 0;
865 msg = ent->recv_msg;
866 rv = 0;
867 }
868 spin_unlock_irqrestore(&(intf->seq_lock), flags);
869
870 if (msg)
871 deliver_err_response(msg, err);
872
873 return rv;
874 }
875
876
ipmi_create_user(unsigned int if_num,struct ipmi_user_hndl * handler,void * handler_data,ipmi_user_t * user)877 int ipmi_create_user(unsigned int if_num,
878 struct ipmi_user_hndl *handler,
879 void *handler_data,
880 ipmi_user_t *user)
881 {
882 unsigned long flags;
883 ipmi_user_t new_user;
884 int rv = 0;
885 ipmi_smi_t intf;
886
887 /*
888 * There is no module usecount here, because it's not
889 * required. Since this can only be used by and called from
890 * other modules, they will implicitly use this module, and
891 * thus this can't be removed unless the other modules are
892 * removed.
893 */
894
895 if (handler == NULL)
896 return -EINVAL;
897
898 /*
899 * Make sure the driver is actually initialized, this handles
900 * problems with initialization order.
901 */
902 if (!initialized) {
903 rv = ipmi_init_msghandler();
904 if (rv)
905 return rv;
906
907 /*
908 * The init code doesn't return an error if it was turned
909 * off, but it won't initialize. Check that.
910 */
911 if (!initialized)
912 return -ENODEV;
913 }
914
915 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
916 if (!new_user)
917 return -ENOMEM;
918
919 mutex_lock(&ipmi_interfaces_mutex);
920 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
921 if (intf->intf_num == if_num)
922 goto found;
923 }
924 /* Not found, return an error */
925 rv = -EINVAL;
926 goto out_kfree;
927
928 found:
929 /* Note that each existing user holds a refcount to the interface. */
930 kref_get(&intf->refcount);
931
932 kref_init(&new_user->refcount);
933 new_user->handler = handler;
934 new_user->handler_data = handler_data;
935 new_user->intf = intf;
936 new_user->gets_events = 0;
937
938 if (!try_module_get(intf->handlers->owner)) {
939 rv = -ENODEV;
940 goto out_kref;
941 }
942
943 if (intf->handlers->inc_usecount) {
944 rv = intf->handlers->inc_usecount(intf->send_info);
945 if (rv) {
946 module_put(intf->handlers->owner);
947 goto out_kref;
948 }
949 }
950
951 /*
952 * Hold the lock so intf->handlers is guaranteed to be good
953 * until now
954 */
955 mutex_unlock(&ipmi_interfaces_mutex);
956
957 new_user->valid = 1;
958 spin_lock_irqsave(&intf->seq_lock, flags);
959 list_add_rcu(&new_user->link, &intf->users);
960 spin_unlock_irqrestore(&intf->seq_lock, flags);
961 *user = new_user;
962 return 0;
963
964 out_kref:
965 kref_put(&intf->refcount, intf_free);
966 out_kfree:
967 mutex_unlock(&ipmi_interfaces_mutex);
968 kfree(new_user);
969 return rv;
970 }
971 EXPORT_SYMBOL(ipmi_create_user);
972
ipmi_get_smi_info(int if_num,struct ipmi_smi_info * data)973 int ipmi_get_smi_info(int if_num, struct ipmi_smi_info *data)
974 {
975 int rv = 0;
976 ipmi_smi_t intf;
977 struct ipmi_smi_handlers *handlers;
978
979 mutex_lock(&ipmi_interfaces_mutex);
980 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
981 if (intf->intf_num == if_num)
982 goto found;
983 }
984 /* Not found, return an error */
985 rv = -EINVAL;
986 mutex_unlock(&ipmi_interfaces_mutex);
987 return rv;
988
989 found:
990 handlers = intf->handlers;
991 rv = -ENOSYS;
992 if (handlers->get_smi_info)
993 rv = handlers->get_smi_info(intf->send_info, data);
994 mutex_unlock(&ipmi_interfaces_mutex);
995
996 return rv;
997 }
998 EXPORT_SYMBOL(ipmi_get_smi_info);
999
free_user(struct kref * ref)1000 static void free_user(struct kref *ref)
1001 {
1002 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount);
1003 kfree(user);
1004 }
1005
ipmi_destroy_user(ipmi_user_t user)1006 int ipmi_destroy_user(ipmi_user_t user)
1007 {
1008 ipmi_smi_t intf = user->intf;
1009 int i;
1010 unsigned long flags;
1011 struct cmd_rcvr *rcvr;
1012 struct cmd_rcvr *rcvrs = NULL;
1013
1014 user->valid = 0;
1015
1016 /* Remove the user from the interface's sequence table. */
1017 spin_lock_irqsave(&intf->seq_lock, flags);
1018 list_del_rcu(&user->link);
1019
1020 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
1021 if (intf->seq_table[i].inuse
1022 && (intf->seq_table[i].recv_msg->user == user)) {
1023 intf->seq_table[i].inuse = 0;
1024 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1025 }
1026 }
1027 spin_unlock_irqrestore(&intf->seq_lock, flags);
1028
1029 /*
1030 * Remove the user from the command receiver's table. First
1031 * we build a list of everything (not using the standard link,
1032 * since other things may be using it till we do
1033 * synchronize_rcu()) then free everything in that list.
1034 */
1035 mutex_lock(&intf->cmd_rcvrs_mutex);
1036 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1037 if (rcvr->user == user) {
1038 list_del_rcu(&rcvr->link);
1039 rcvr->next = rcvrs;
1040 rcvrs = rcvr;
1041 }
1042 }
1043 mutex_unlock(&intf->cmd_rcvrs_mutex);
1044 synchronize_rcu();
1045 while (rcvrs) {
1046 rcvr = rcvrs;
1047 rcvrs = rcvr->next;
1048 kfree(rcvr);
1049 }
1050
1051 mutex_lock(&ipmi_interfaces_mutex);
1052 if (intf->handlers) {
1053 module_put(intf->handlers->owner);
1054 if (intf->handlers->dec_usecount)
1055 intf->handlers->dec_usecount(intf->send_info);
1056 }
1057 mutex_unlock(&ipmi_interfaces_mutex);
1058
1059 kref_put(&intf->refcount, intf_free);
1060
1061 kref_put(&user->refcount, free_user);
1062
1063 return 0;
1064 }
1065 EXPORT_SYMBOL(ipmi_destroy_user);
1066
ipmi_get_version(ipmi_user_t user,unsigned char * major,unsigned char * minor)1067 void ipmi_get_version(ipmi_user_t user,
1068 unsigned char *major,
1069 unsigned char *minor)
1070 {
1071 *major = user->intf->ipmi_version_major;
1072 *minor = user->intf->ipmi_version_minor;
1073 }
1074 EXPORT_SYMBOL(ipmi_get_version);
1075
ipmi_set_my_address(ipmi_user_t user,unsigned int channel,unsigned char address)1076 int ipmi_set_my_address(ipmi_user_t user,
1077 unsigned int channel,
1078 unsigned char address)
1079 {
1080 if (channel >= IPMI_MAX_CHANNELS)
1081 return -EINVAL;
1082 user->intf->channels[channel].address = address;
1083 return 0;
1084 }
1085 EXPORT_SYMBOL(ipmi_set_my_address);
1086
ipmi_get_my_address(ipmi_user_t user,unsigned int channel,unsigned char * address)1087 int ipmi_get_my_address(ipmi_user_t user,
1088 unsigned int channel,
1089 unsigned char *address)
1090 {
1091 if (channel >= IPMI_MAX_CHANNELS)
1092 return -EINVAL;
1093 *address = user->intf->channels[channel].address;
1094 return 0;
1095 }
1096 EXPORT_SYMBOL(ipmi_get_my_address);
1097
ipmi_set_my_LUN(ipmi_user_t user,unsigned int channel,unsigned char LUN)1098 int ipmi_set_my_LUN(ipmi_user_t user,
1099 unsigned int channel,
1100 unsigned char LUN)
1101 {
1102 if (channel >= IPMI_MAX_CHANNELS)
1103 return -EINVAL;
1104 user->intf->channels[channel].lun = LUN & 0x3;
1105 return 0;
1106 }
1107 EXPORT_SYMBOL(ipmi_set_my_LUN);
1108
ipmi_get_my_LUN(ipmi_user_t user,unsigned int channel,unsigned char * address)1109 int ipmi_get_my_LUN(ipmi_user_t user,
1110 unsigned int channel,
1111 unsigned char *address)
1112 {
1113 if (channel >= IPMI_MAX_CHANNELS)
1114 return -EINVAL;
1115 *address = user->intf->channels[channel].lun;
1116 return 0;
1117 }
1118 EXPORT_SYMBOL(ipmi_get_my_LUN);
1119
ipmi_get_maintenance_mode(ipmi_user_t user)1120 int ipmi_get_maintenance_mode(ipmi_user_t user)
1121 {
1122 int mode;
1123 unsigned long flags;
1124
1125 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags);
1126 mode = user->intf->maintenance_mode;
1127 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags);
1128
1129 return mode;
1130 }
1131 EXPORT_SYMBOL(ipmi_get_maintenance_mode);
1132
maintenance_mode_update(ipmi_smi_t intf)1133 static void maintenance_mode_update(ipmi_smi_t intf)
1134 {
1135 if (intf->handlers->set_maintenance_mode)
1136 intf->handlers->set_maintenance_mode(
1137 intf->send_info, intf->maintenance_mode_enable);
1138 }
1139
ipmi_set_maintenance_mode(ipmi_user_t user,int mode)1140 int ipmi_set_maintenance_mode(ipmi_user_t user, int mode)
1141 {
1142 int rv = 0;
1143 unsigned long flags;
1144 ipmi_smi_t intf = user->intf;
1145
1146 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1147 if (intf->maintenance_mode != mode) {
1148 switch (mode) {
1149 case IPMI_MAINTENANCE_MODE_AUTO:
1150 intf->maintenance_mode = mode;
1151 intf->maintenance_mode_enable
1152 = (intf->auto_maintenance_timeout > 0);
1153 break;
1154
1155 case IPMI_MAINTENANCE_MODE_OFF:
1156 intf->maintenance_mode = mode;
1157 intf->maintenance_mode_enable = 0;
1158 break;
1159
1160 case IPMI_MAINTENANCE_MODE_ON:
1161 intf->maintenance_mode = mode;
1162 intf->maintenance_mode_enable = 1;
1163 break;
1164
1165 default:
1166 rv = -EINVAL;
1167 goto out_unlock;
1168 }
1169
1170 maintenance_mode_update(intf);
1171 }
1172 out_unlock:
1173 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags);
1174
1175 return rv;
1176 }
1177 EXPORT_SYMBOL(ipmi_set_maintenance_mode);
1178
ipmi_set_gets_events(ipmi_user_t user,int val)1179 int ipmi_set_gets_events(ipmi_user_t user, int val)
1180 {
1181 unsigned long flags;
1182 ipmi_smi_t intf = user->intf;
1183 struct ipmi_recv_msg *msg, *msg2;
1184 struct list_head msgs;
1185
1186 INIT_LIST_HEAD(&msgs);
1187
1188 spin_lock_irqsave(&intf->events_lock, flags);
1189 user->gets_events = val;
1190
1191 if (intf->delivering_events)
1192 /*
1193 * Another thread is delivering events for this, so
1194 * let it handle any new events.
1195 */
1196 goto out;
1197
1198 /* Deliver any queued events. */
1199 while (user->gets_events && !list_empty(&intf->waiting_events)) {
1200 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link)
1201 list_move_tail(&msg->link, &msgs);
1202 intf->waiting_events_count = 0;
1203 if (intf->event_msg_printed) {
1204 printk(KERN_WARNING PFX "Event queue no longer"
1205 " full\n");
1206 intf->event_msg_printed = 0;
1207 }
1208
1209 intf->delivering_events = 1;
1210 spin_unlock_irqrestore(&intf->events_lock, flags);
1211
1212 list_for_each_entry_safe(msg, msg2, &msgs, link) {
1213 msg->user = user;
1214 kref_get(&user->refcount);
1215 deliver_response(msg);
1216 }
1217
1218 spin_lock_irqsave(&intf->events_lock, flags);
1219 intf->delivering_events = 0;
1220 }
1221
1222 out:
1223 spin_unlock_irqrestore(&intf->events_lock, flags);
1224
1225 return 0;
1226 }
1227 EXPORT_SYMBOL(ipmi_set_gets_events);
1228
find_cmd_rcvr(ipmi_smi_t intf,unsigned char netfn,unsigned char cmd,unsigned char chan)1229 static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf,
1230 unsigned char netfn,
1231 unsigned char cmd,
1232 unsigned char chan)
1233 {
1234 struct cmd_rcvr *rcvr;
1235
1236 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1237 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1238 && (rcvr->chans & (1 << chan)))
1239 return rcvr;
1240 }
1241 return NULL;
1242 }
1243
is_cmd_rcvr_exclusive(ipmi_smi_t intf,unsigned char netfn,unsigned char cmd,unsigned int chans)1244 static int is_cmd_rcvr_exclusive(ipmi_smi_t intf,
1245 unsigned char netfn,
1246 unsigned char cmd,
1247 unsigned int chans)
1248 {
1249 struct cmd_rcvr *rcvr;
1250
1251 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1252 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1253 && (rcvr->chans & chans))
1254 return 0;
1255 }
1256 return 1;
1257 }
1258
ipmi_register_for_cmd(ipmi_user_t user,unsigned char netfn,unsigned char cmd,unsigned int chans)1259 int ipmi_register_for_cmd(ipmi_user_t user,
1260 unsigned char netfn,
1261 unsigned char cmd,
1262 unsigned int chans)
1263 {
1264 ipmi_smi_t intf = user->intf;
1265 struct cmd_rcvr *rcvr;
1266 int rv = 0;
1267
1268
1269 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
1270 if (!rcvr)
1271 return -ENOMEM;
1272 rcvr->cmd = cmd;
1273 rcvr->netfn = netfn;
1274 rcvr->chans = chans;
1275 rcvr->user = user;
1276
1277 mutex_lock(&intf->cmd_rcvrs_mutex);
1278 /* Make sure the command/netfn is not already registered. */
1279 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) {
1280 rv = -EBUSY;
1281 goto out_unlock;
1282 }
1283
1284 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
1285
1286 out_unlock:
1287 mutex_unlock(&intf->cmd_rcvrs_mutex);
1288 if (rv)
1289 kfree(rcvr);
1290
1291 return rv;
1292 }
1293 EXPORT_SYMBOL(ipmi_register_for_cmd);
1294
ipmi_unregister_for_cmd(ipmi_user_t user,unsigned char netfn,unsigned char cmd,unsigned int chans)1295 int ipmi_unregister_for_cmd(ipmi_user_t user,
1296 unsigned char netfn,
1297 unsigned char cmd,
1298 unsigned int chans)
1299 {
1300 ipmi_smi_t intf = user->intf;
1301 struct cmd_rcvr *rcvr;
1302 struct cmd_rcvr *rcvrs = NULL;
1303 int i, rv = -ENOENT;
1304
1305 mutex_lock(&intf->cmd_rcvrs_mutex);
1306 for (i = 0; i < IPMI_NUM_CHANNELS; i++) {
1307 if (((1 << i) & chans) == 0)
1308 continue;
1309 rcvr = find_cmd_rcvr(intf, netfn, cmd, i);
1310 if (rcvr == NULL)
1311 continue;
1312 if (rcvr->user == user) {
1313 rv = 0;
1314 rcvr->chans &= ~chans;
1315 if (rcvr->chans == 0) {
1316 list_del_rcu(&rcvr->link);
1317 rcvr->next = rcvrs;
1318 rcvrs = rcvr;
1319 }
1320 }
1321 }
1322 mutex_unlock(&intf->cmd_rcvrs_mutex);
1323 synchronize_rcu();
1324 while (rcvrs) {
1325 rcvr = rcvrs;
1326 rcvrs = rcvr->next;
1327 kfree(rcvr);
1328 }
1329 return rv;
1330 }
1331 EXPORT_SYMBOL(ipmi_unregister_for_cmd);
1332
1333 static unsigned char
ipmb_checksum(unsigned char * data,int size)1334 ipmb_checksum(unsigned char *data, int size)
1335 {
1336 unsigned char csum = 0;
1337
1338 for (; size > 0; size--, data++)
1339 csum += *data;
1340
1341 return -csum;
1342 }
1343
format_ipmb_msg(struct ipmi_smi_msg * smi_msg,struct kernel_ipmi_msg * msg,struct ipmi_ipmb_addr * ipmb_addr,long msgid,unsigned char ipmb_seq,int broadcast,unsigned char source_address,unsigned char source_lun)1344 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1345 struct kernel_ipmi_msg *msg,
1346 struct ipmi_ipmb_addr *ipmb_addr,
1347 long msgid,
1348 unsigned char ipmb_seq,
1349 int broadcast,
1350 unsigned char source_address,
1351 unsigned char source_lun)
1352 {
1353 int i = broadcast;
1354
1355 /* Format the IPMB header data. */
1356 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1357 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1358 smi_msg->data[2] = ipmb_addr->channel;
1359 if (broadcast)
1360 smi_msg->data[3] = 0;
1361 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1362 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1363 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
1364 smi_msg->data[i+6] = source_address;
1365 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1366 smi_msg->data[i+8] = msg->cmd;
1367
1368 /* Now tack on the data to the message. */
1369 if (msg->data_len > 0)
1370 memcpy(&(smi_msg->data[i+9]), msg->data,
1371 msg->data_len);
1372 smi_msg->data_size = msg->data_len + 9;
1373
1374 /* Now calculate the checksum and tack it on. */
1375 smi_msg->data[i+smi_msg->data_size]
1376 = ipmb_checksum(&(smi_msg->data[i+6]),
1377 smi_msg->data_size-6);
1378
1379 /*
1380 * Add on the checksum size and the offset from the
1381 * broadcast.
1382 */
1383 smi_msg->data_size += 1 + i;
1384
1385 smi_msg->msgid = msgid;
1386 }
1387
format_lan_msg(struct ipmi_smi_msg * smi_msg,struct kernel_ipmi_msg * msg,struct ipmi_lan_addr * lan_addr,long msgid,unsigned char ipmb_seq,unsigned char source_lun)1388 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1389 struct kernel_ipmi_msg *msg,
1390 struct ipmi_lan_addr *lan_addr,
1391 long msgid,
1392 unsigned char ipmb_seq,
1393 unsigned char source_lun)
1394 {
1395 /* Format the IPMB header data. */
1396 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1397 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1398 smi_msg->data[2] = lan_addr->channel;
1399 smi_msg->data[3] = lan_addr->session_handle;
1400 smi_msg->data[4] = lan_addr->remote_SWID;
1401 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1402 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
1403 smi_msg->data[7] = lan_addr->local_SWID;
1404 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1405 smi_msg->data[9] = msg->cmd;
1406
1407 /* Now tack on the data to the message. */
1408 if (msg->data_len > 0)
1409 memcpy(&(smi_msg->data[10]), msg->data,
1410 msg->data_len);
1411 smi_msg->data_size = msg->data_len + 10;
1412
1413 /* Now calculate the checksum and tack it on. */
1414 smi_msg->data[smi_msg->data_size]
1415 = ipmb_checksum(&(smi_msg->data[7]),
1416 smi_msg->data_size-7);
1417
1418 /*
1419 * Add on the checksum size and the offset from the
1420 * broadcast.
1421 */
1422 smi_msg->data_size += 1;
1423
1424 smi_msg->msgid = msgid;
1425 }
1426
1427 /*
1428 * Separate from ipmi_request so that the user does not have to be
1429 * supplied in certain circumstances (mainly at panic time). If
1430 * messages are supplied, they will be freed, even if an error
1431 * occurs.
1432 */
i_ipmi_request(ipmi_user_t user,ipmi_smi_t intf,struct ipmi_addr * addr,long msgid,struct kernel_ipmi_msg * msg,void * user_msg_data,void * supplied_smi,struct ipmi_recv_msg * supplied_recv,int priority,unsigned char source_address,unsigned char source_lun,int retries,unsigned int retry_time_ms)1433 static int i_ipmi_request(ipmi_user_t user,
1434 ipmi_smi_t intf,
1435 struct ipmi_addr *addr,
1436 long msgid,
1437 struct kernel_ipmi_msg *msg,
1438 void *user_msg_data,
1439 void *supplied_smi,
1440 struct ipmi_recv_msg *supplied_recv,
1441 int priority,
1442 unsigned char source_address,
1443 unsigned char source_lun,
1444 int retries,
1445 unsigned int retry_time_ms)
1446 {
1447 int rv = 0;
1448 struct ipmi_smi_msg *smi_msg;
1449 struct ipmi_recv_msg *recv_msg;
1450 unsigned long flags;
1451 struct ipmi_smi_handlers *handlers;
1452
1453
1454 if (supplied_recv)
1455 recv_msg = supplied_recv;
1456 else {
1457 recv_msg = ipmi_alloc_recv_msg();
1458 if (recv_msg == NULL)
1459 return -ENOMEM;
1460 }
1461 recv_msg->user_msg_data = user_msg_data;
1462
1463 if (supplied_smi)
1464 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
1465 else {
1466 smi_msg = ipmi_alloc_smi_msg();
1467 if (smi_msg == NULL) {
1468 ipmi_free_recv_msg(recv_msg);
1469 return -ENOMEM;
1470 }
1471 }
1472
1473 rcu_read_lock();
1474 handlers = intf->handlers;
1475 if (!handlers) {
1476 rv = -ENODEV;
1477 goto out_err;
1478 }
1479
1480 recv_msg->user = user;
1481 if (user)
1482 kref_get(&user->refcount);
1483 recv_msg->msgid = msgid;
1484 /*
1485 * Store the message to send in the receive message so timeout
1486 * responses can get the proper response data.
1487 */
1488 recv_msg->msg = *msg;
1489
1490 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1491 struct ipmi_system_interface_addr *smi_addr;
1492
1493 if (msg->netfn & 1) {
1494 /* Responses are not allowed to the SMI. */
1495 rv = -EINVAL;
1496 goto out_err;
1497 }
1498
1499 smi_addr = (struct ipmi_system_interface_addr *) addr;
1500 if (smi_addr->lun > 3) {
1501 ipmi_inc_stat(intf, sent_invalid_commands);
1502 rv = -EINVAL;
1503 goto out_err;
1504 }
1505
1506 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1507
1508 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1509 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1510 || (msg->cmd == IPMI_GET_MSG_CMD)
1511 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) {
1512 /*
1513 * We don't let the user do these, since we manage
1514 * the sequence numbers.
1515 */
1516 ipmi_inc_stat(intf, sent_invalid_commands);
1517 rv = -EINVAL;
1518 goto out_err;
1519 }
1520
1521 if (((msg->netfn == IPMI_NETFN_APP_REQUEST)
1522 && ((msg->cmd == IPMI_COLD_RESET_CMD)
1523 || (msg->cmd == IPMI_WARM_RESET_CMD)))
1524 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST)) {
1525 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1526 intf->auto_maintenance_timeout
1527 = IPMI_MAINTENANCE_MODE_TIMEOUT;
1528 if (!intf->maintenance_mode
1529 && !intf->maintenance_mode_enable) {
1530 intf->maintenance_mode_enable = 1;
1531 maintenance_mode_update(intf);
1532 }
1533 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
1534 flags);
1535 }
1536
1537 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1538 ipmi_inc_stat(intf, sent_invalid_commands);
1539 rv = -EMSGSIZE;
1540 goto out_err;
1541 }
1542
1543 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1544 smi_msg->data[1] = msg->cmd;
1545 smi_msg->msgid = msgid;
1546 smi_msg->user_data = recv_msg;
1547 if (msg->data_len > 0)
1548 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1549 smi_msg->data_size = msg->data_len + 2;
1550 ipmi_inc_stat(intf, sent_local_commands);
1551 } else if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
1552 struct ipmi_ipmb_addr *ipmb_addr;
1553 unsigned char ipmb_seq;
1554 long seqid;
1555 int broadcast = 0;
1556
1557 if (addr->channel >= IPMI_MAX_CHANNELS) {
1558 ipmi_inc_stat(intf, sent_invalid_commands);
1559 rv = -EINVAL;
1560 goto out_err;
1561 }
1562
1563 if (intf->channels[addr->channel].medium
1564 != IPMI_CHANNEL_MEDIUM_IPMB) {
1565 ipmi_inc_stat(intf, sent_invalid_commands);
1566 rv = -EINVAL;
1567 goto out_err;
1568 }
1569
1570 if (retries < 0) {
1571 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1572 retries = 0; /* Don't retry broadcasts. */
1573 else
1574 retries = 4;
1575 }
1576 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1577 /*
1578 * Broadcasts add a zero at the beginning of the
1579 * message, but otherwise is the same as an IPMB
1580 * address.
1581 */
1582 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1583 broadcast = 1;
1584 }
1585
1586
1587 /* Default to 1 second retries. */
1588 if (retry_time_ms == 0)
1589 retry_time_ms = 1000;
1590
1591 /*
1592 * 9 for the header and 1 for the checksum, plus
1593 * possibly one for the broadcast.
1594 */
1595 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1596 ipmi_inc_stat(intf, sent_invalid_commands);
1597 rv = -EMSGSIZE;
1598 goto out_err;
1599 }
1600
1601 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1602 if (ipmb_addr->lun > 3) {
1603 ipmi_inc_stat(intf, sent_invalid_commands);
1604 rv = -EINVAL;
1605 goto out_err;
1606 }
1607
1608 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1609
1610 if (recv_msg->msg.netfn & 0x1) {
1611 /*
1612 * It's a response, so use the user's sequence
1613 * from msgid.
1614 */
1615 ipmi_inc_stat(intf, sent_ipmb_responses);
1616 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1617 msgid, broadcast,
1618 source_address, source_lun);
1619
1620 /*
1621 * Save the receive message so we can use it
1622 * to deliver the response.
1623 */
1624 smi_msg->user_data = recv_msg;
1625 } else {
1626 /* It's a command, so get a sequence for it. */
1627
1628 spin_lock_irqsave(&(intf->seq_lock), flags);
1629
1630 /*
1631 * Create a sequence number with a 1 second
1632 * timeout and 4 retries.
1633 */
1634 rv = intf_next_seq(intf,
1635 recv_msg,
1636 retry_time_ms,
1637 retries,
1638 broadcast,
1639 &ipmb_seq,
1640 &seqid);
1641 if (rv) {
1642 /*
1643 * We have used up all the sequence numbers,
1644 * probably, so abort.
1645 */
1646 spin_unlock_irqrestore(&(intf->seq_lock),
1647 flags);
1648 goto out_err;
1649 }
1650
1651 ipmi_inc_stat(intf, sent_ipmb_commands);
1652
1653 /*
1654 * Store the sequence number in the message,
1655 * so that when the send message response
1656 * comes back we can start the timer.
1657 */
1658 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1659 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1660 ipmb_seq, broadcast,
1661 source_address, source_lun);
1662
1663 /*
1664 * Copy the message into the recv message data, so we
1665 * can retransmit it later if necessary.
1666 */
1667 memcpy(recv_msg->msg_data, smi_msg->data,
1668 smi_msg->data_size);
1669 recv_msg->msg.data = recv_msg->msg_data;
1670 recv_msg->msg.data_len = smi_msg->data_size;
1671
1672 /*
1673 * We don't unlock until here, because we need
1674 * to copy the completed message into the
1675 * recv_msg before we release the lock.
1676 * Otherwise, race conditions may bite us. I
1677 * know that's pretty paranoid, but I prefer
1678 * to be correct.
1679 */
1680 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1681 }
1682 } else if (is_lan_addr(addr)) {
1683 struct ipmi_lan_addr *lan_addr;
1684 unsigned char ipmb_seq;
1685 long seqid;
1686
1687 if (addr->channel >= IPMI_MAX_CHANNELS) {
1688 ipmi_inc_stat(intf, sent_invalid_commands);
1689 rv = -EINVAL;
1690 goto out_err;
1691 }
1692
1693 if ((intf->channels[addr->channel].medium
1694 != IPMI_CHANNEL_MEDIUM_8023LAN)
1695 && (intf->channels[addr->channel].medium
1696 != IPMI_CHANNEL_MEDIUM_ASYNC)) {
1697 ipmi_inc_stat(intf, sent_invalid_commands);
1698 rv = -EINVAL;
1699 goto out_err;
1700 }
1701
1702 retries = 4;
1703
1704 /* Default to 1 second retries. */
1705 if (retry_time_ms == 0)
1706 retry_time_ms = 1000;
1707
1708 /* 11 for the header and 1 for the checksum. */
1709 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1710 ipmi_inc_stat(intf, sent_invalid_commands);
1711 rv = -EMSGSIZE;
1712 goto out_err;
1713 }
1714
1715 lan_addr = (struct ipmi_lan_addr *) addr;
1716 if (lan_addr->lun > 3) {
1717 ipmi_inc_stat(intf, sent_invalid_commands);
1718 rv = -EINVAL;
1719 goto out_err;
1720 }
1721
1722 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1723
1724 if (recv_msg->msg.netfn & 0x1) {
1725 /*
1726 * It's a response, so use the user's sequence
1727 * from msgid.
1728 */
1729 ipmi_inc_stat(intf, sent_lan_responses);
1730 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1731 msgid, source_lun);
1732
1733 /*
1734 * Save the receive message so we can use it
1735 * to deliver the response.
1736 */
1737 smi_msg->user_data = recv_msg;
1738 } else {
1739 /* It's a command, so get a sequence for it. */
1740
1741 spin_lock_irqsave(&(intf->seq_lock), flags);
1742
1743 /*
1744 * Create a sequence number with a 1 second
1745 * timeout and 4 retries.
1746 */
1747 rv = intf_next_seq(intf,
1748 recv_msg,
1749 retry_time_ms,
1750 retries,
1751 0,
1752 &ipmb_seq,
1753 &seqid);
1754 if (rv) {
1755 /*
1756 * We have used up all the sequence numbers,
1757 * probably, so abort.
1758 */
1759 spin_unlock_irqrestore(&(intf->seq_lock),
1760 flags);
1761 goto out_err;
1762 }
1763
1764 ipmi_inc_stat(intf, sent_lan_commands);
1765
1766 /*
1767 * Store the sequence number in the message,
1768 * so that when the send message response
1769 * comes back we can start the timer.
1770 */
1771 format_lan_msg(smi_msg, msg, lan_addr,
1772 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1773 ipmb_seq, source_lun);
1774
1775 /*
1776 * Copy the message into the recv message data, so we
1777 * can retransmit it later if necessary.
1778 */
1779 memcpy(recv_msg->msg_data, smi_msg->data,
1780 smi_msg->data_size);
1781 recv_msg->msg.data = recv_msg->msg_data;
1782 recv_msg->msg.data_len = smi_msg->data_size;
1783
1784 /*
1785 * We don't unlock until here, because we need
1786 * to copy the completed message into the
1787 * recv_msg before we release the lock.
1788 * Otherwise, race conditions may bite us. I
1789 * know that's pretty paranoid, but I prefer
1790 * to be correct.
1791 */
1792 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1793 }
1794 } else {
1795 /* Unknown address type. */
1796 ipmi_inc_stat(intf, sent_invalid_commands);
1797 rv = -EINVAL;
1798 goto out_err;
1799 }
1800
1801 #ifdef DEBUG_MSGING
1802 {
1803 int m;
1804 for (m = 0; m < smi_msg->data_size; m++)
1805 printk(" %2.2x", smi_msg->data[m]);
1806 printk("\n");
1807 }
1808 #endif
1809
1810 handlers->sender(intf->send_info, smi_msg, priority);
1811 rcu_read_unlock();
1812
1813 return 0;
1814
1815 out_err:
1816 rcu_read_unlock();
1817 ipmi_free_smi_msg(smi_msg);
1818 ipmi_free_recv_msg(recv_msg);
1819 return rv;
1820 }
1821
check_addr(ipmi_smi_t intf,struct ipmi_addr * addr,unsigned char * saddr,unsigned char * lun)1822 static int check_addr(ipmi_smi_t intf,
1823 struct ipmi_addr *addr,
1824 unsigned char *saddr,
1825 unsigned char *lun)
1826 {
1827 if (addr->channel >= IPMI_MAX_CHANNELS)
1828 return -EINVAL;
1829 *lun = intf->channels[addr->channel].lun;
1830 *saddr = intf->channels[addr->channel].address;
1831 return 0;
1832 }
1833
ipmi_request_settime(ipmi_user_t user,struct ipmi_addr * addr,long msgid,struct kernel_ipmi_msg * msg,void * user_msg_data,int priority,int retries,unsigned int retry_time_ms)1834 int ipmi_request_settime(ipmi_user_t user,
1835 struct ipmi_addr *addr,
1836 long msgid,
1837 struct kernel_ipmi_msg *msg,
1838 void *user_msg_data,
1839 int priority,
1840 int retries,
1841 unsigned int retry_time_ms)
1842 {
1843 unsigned char saddr, lun;
1844 int rv;
1845
1846 if (!user)
1847 return -EINVAL;
1848 rv = check_addr(user->intf, addr, &saddr, &lun);
1849 if (rv)
1850 return rv;
1851 return i_ipmi_request(user,
1852 user->intf,
1853 addr,
1854 msgid,
1855 msg,
1856 user_msg_data,
1857 NULL, NULL,
1858 priority,
1859 saddr,
1860 lun,
1861 retries,
1862 retry_time_ms);
1863 }
1864 EXPORT_SYMBOL(ipmi_request_settime);
1865
ipmi_request_supply_msgs(ipmi_user_t user,struct ipmi_addr * addr,long msgid,struct kernel_ipmi_msg * msg,void * user_msg_data,void * supplied_smi,struct ipmi_recv_msg * supplied_recv,int priority)1866 int ipmi_request_supply_msgs(ipmi_user_t user,
1867 struct ipmi_addr *addr,
1868 long msgid,
1869 struct kernel_ipmi_msg *msg,
1870 void *user_msg_data,
1871 void *supplied_smi,
1872 struct ipmi_recv_msg *supplied_recv,
1873 int priority)
1874 {
1875 unsigned char saddr, lun;
1876 int rv;
1877
1878 if (!user)
1879 return -EINVAL;
1880 rv = check_addr(user->intf, addr, &saddr, &lun);
1881 if (rv)
1882 return rv;
1883 return i_ipmi_request(user,
1884 user->intf,
1885 addr,
1886 msgid,
1887 msg,
1888 user_msg_data,
1889 supplied_smi,
1890 supplied_recv,
1891 priority,
1892 saddr,
1893 lun,
1894 -1, 0);
1895 }
1896 EXPORT_SYMBOL(ipmi_request_supply_msgs);
1897
1898 #ifdef CONFIG_PROC_FS
ipmb_file_read_proc(char * page,char ** start,off_t off,int count,int * eof,void * data)1899 static int ipmb_file_read_proc(char *page, char **start, off_t off,
1900 int count, int *eof, void *data)
1901 {
1902 char *out = (char *) page;
1903 ipmi_smi_t intf = data;
1904 int i;
1905 int rv = 0;
1906
1907 for (i = 0; i < IPMI_MAX_CHANNELS; i++)
1908 rv += sprintf(out+rv, "%x ", intf->channels[i].address);
1909 out[rv-1] = '\n'; /* Replace the final space with a newline */
1910 out[rv] = '\0';
1911 rv++;
1912 return rv;
1913 }
1914
version_file_read_proc(char * page,char ** start,off_t off,int count,int * eof,void * data)1915 static int version_file_read_proc(char *page, char **start, off_t off,
1916 int count, int *eof, void *data)
1917 {
1918 char *out = (char *) page;
1919 ipmi_smi_t intf = data;
1920
1921 return sprintf(out, "%u.%u\n",
1922 ipmi_version_major(&intf->bmc->id),
1923 ipmi_version_minor(&intf->bmc->id));
1924 }
1925
stat_file_read_proc(char * page,char ** start,off_t off,int count,int * eof,void * data)1926 static int stat_file_read_proc(char *page, char **start, off_t off,
1927 int count, int *eof, void *data)
1928 {
1929 char *out = (char *) page;
1930 ipmi_smi_t intf = data;
1931
1932 out += sprintf(out, "sent_invalid_commands: %u\n",
1933 ipmi_get_stat(intf, sent_invalid_commands));
1934 out += sprintf(out, "sent_local_commands: %u\n",
1935 ipmi_get_stat(intf, sent_local_commands));
1936 out += sprintf(out, "handled_local_responses: %u\n",
1937 ipmi_get_stat(intf, handled_local_responses));
1938 out += sprintf(out, "unhandled_local_responses: %u\n",
1939 ipmi_get_stat(intf, unhandled_local_responses));
1940 out += sprintf(out, "sent_ipmb_commands: %u\n",
1941 ipmi_get_stat(intf, sent_ipmb_commands));
1942 out += sprintf(out, "sent_ipmb_command_errs: %u\n",
1943 ipmi_get_stat(intf, sent_ipmb_command_errs));
1944 out += sprintf(out, "retransmitted_ipmb_commands: %u\n",
1945 ipmi_get_stat(intf, retransmitted_ipmb_commands));
1946 out += sprintf(out, "timed_out_ipmb_commands: %u\n",
1947 ipmi_get_stat(intf, timed_out_ipmb_commands));
1948 out += sprintf(out, "timed_out_ipmb_broadcasts: %u\n",
1949 ipmi_get_stat(intf, timed_out_ipmb_broadcasts));
1950 out += sprintf(out, "sent_ipmb_responses: %u\n",
1951 ipmi_get_stat(intf, sent_ipmb_responses));
1952 out += sprintf(out, "handled_ipmb_responses: %u\n",
1953 ipmi_get_stat(intf, handled_ipmb_responses));
1954 out += sprintf(out, "invalid_ipmb_responses: %u\n",
1955 ipmi_get_stat(intf, invalid_ipmb_responses));
1956 out += sprintf(out, "unhandled_ipmb_responses: %u\n",
1957 ipmi_get_stat(intf, unhandled_ipmb_responses));
1958 out += sprintf(out, "sent_lan_commands: %u\n",
1959 ipmi_get_stat(intf, sent_lan_commands));
1960 out += sprintf(out, "sent_lan_command_errs: %u\n",
1961 ipmi_get_stat(intf, sent_lan_command_errs));
1962 out += sprintf(out, "retransmitted_lan_commands: %u\n",
1963 ipmi_get_stat(intf, retransmitted_lan_commands));
1964 out += sprintf(out, "timed_out_lan_commands: %u\n",
1965 ipmi_get_stat(intf, timed_out_lan_commands));
1966 out += sprintf(out, "sent_lan_responses: %u\n",
1967 ipmi_get_stat(intf, sent_lan_responses));
1968 out += sprintf(out, "handled_lan_responses: %u\n",
1969 ipmi_get_stat(intf, handled_lan_responses));
1970 out += sprintf(out, "invalid_lan_responses: %u\n",
1971 ipmi_get_stat(intf, invalid_lan_responses));
1972 out += sprintf(out, "unhandled_lan_responses: %u\n",
1973 ipmi_get_stat(intf, unhandled_lan_responses));
1974 out += sprintf(out, "handled_commands: %u\n",
1975 ipmi_get_stat(intf, handled_commands));
1976 out += sprintf(out, "invalid_commands: %u\n",
1977 ipmi_get_stat(intf, invalid_commands));
1978 out += sprintf(out, "unhandled_commands: %u\n",
1979 ipmi_get_stat(intf, unhandled_commands));
1980 out += sprintf(out, "invalid_events: %u\n",
1981 ipmi_get_stat(intf, invalid_events));
1982 out += sprintf(out, "events: %u\n",
1983 ipmi_get_stat(intf, events));
1984 out += sprintf(out, "failed rexmit LAN msgs: %u\n",
1985 ipmi_get_stat(intf, dropped_rexmit_lan_commands));
1986 out += sprintf(out, "failed rexmit IPMB msgs: %u\n",
1987 ipmi_get_stat(intf, dropped_rexmit_ipmb_commands));
1988
1989 return (out - ((char *) page));
1990 }
1991 #endif /* CONFIG_PROC_FS */
1992
ipmi_smi_add_proc_entry(ipmi_smi_t smi,char * name,read_proc_t * read_proc,void * data)1993 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1994 read_proc_t *read_proc,
1995 void *data)
1996 {
1997 int rv = 0;
1998 #ifdef CONFIG_PROC_FS
1999 struct proc_dir_entry *file;
2000 struct ipmi_proc_entry *entry;
2001
2002 /* Create a list element. */
2003 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
2004 if (!entry)
2005 return -ENOMEM;
2006 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
2007 if (!entry->name) {
2008 kfree(entry);
2009 return -ENOMEM;
2010 }
2011 strcpy(entry->name, name);
2012
2013 file = create_proc_entry(name, 0, smi->proc_dir);
2014 if (!file) {
2015 kfree(entry->name);
2016 kfree(entry);
2017 rv = -ENOMEM;
2018 } else {
2019 file->data = data;
2020 file->read_proc = read_proc;
2021
2022 mutex_lock(&smi->proc_entry_lock);
2023 /* Stick it on the list. */
2024 entry->next = smi->proc_entries;
2025 smi->proc_entries = entry;
2026 mutex_unlock(&smi->proc_entry_lock);
2027 }
2028 #endif /* CONFIG_PROC_FS */
2029
2030 return rv;
2031 }
2032 EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
2033
add_proc_entries(ipmi_smi_t smi,int num)2034 static int add_proc_entries(ipmi_smi_t smi, int num)
2035 {
2036 int rv = 0;
2037
2038 #ifdef CONFIG_PROC_FS
2039 sprintf(smi->proc_dir_name, "%d", num);
2040 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
2041 if (!smi->proc_dir)
2042 rv = -ENOMEM;
2043
2044 if (rv == 0)
2045 rv = ipmi_smi_add_proc_entry(smi, "stats",
2046 stat_file_read_proc,
2047 smi);
2048
2049 if (rv == 0)
2050 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
2051 ipmb_file_read_proc,
2052 smi);
2053
2054 if (rv == 0)
2055 rv = ipmi_smi_add_proc_entry(smi, "version",
2056 version_file_read_proc,
2057 smi);
2058 #endif /* CONFIG_PROC_FS */
2059
2060 return rv;
2061 }
2062
remove_proc_entries(ipmi_smi_t smi)2063 static void remove_proc_entries(ipmi_smi_t smi)
2064 {
2065 #ifdef CONFIG_PROC_FS
2066 struct ipmi_proc_entry *entry;
2067
2068 mutex_lock(&smi->proc_entry_lock);
2069 while (smi->proc_entries) {
2070 entry = smi->proc_entries;
2071 smi->proc_entries = entry->next;
2072
2073 remove_proc_entry(entry->name, smi->proc_dir);
2074 kfree(entry->name);
2075 kfree(entry);
2076 }
2077 mutex_unlock(&smi->proc_entry_lock);
2078 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
2079 #endif /* CONFIG_PROC_FS */
2080 }
2081
__find_bmc_guid(struct device * dev,void * data)2082 static int __find_bmc_guid(struct device *dev, void *data)
2083 {
2084 unsigned char *id = data;
2085 struct bmc_device *bmc = dev_get_drvdata(dev);
2086 return memcmp(bmc->guid, id, 16) == 0;
2087 }
2088
ipmi_find_bmc_guid(struct device_driver * drv,unsigned char * guid)2089 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv,
2090 unsigned char *guid)
2091 {
2092 struct device *dev;
2093
2094 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid);
2095 if (dev)
2096 return dev_get_drvdata(dev);
2097 else
2098 return NULL;
2099 }
2100
2101 struct prod_dev_id {
2102 unsigned int product_id;
2103 unsigned char device_id;
2104 };
2105
__find_bmc_prod_dev_id(struct device * dev,void * data)2106 static int __find_bmc_prod_dev_id(struct device *dev, void *data)
2107 {
2108 struct prod_dev_id *id = data;
2109 struct bmc_device *bmc = dev_get_drvdata(dev);
2110
2111 return (bmc->id.product_id == id->product_id
2112 && bmc->id.device_id == id->device_id);
2113 }
2114
ipmi_find_bmc_prod_dev_id(struct device_driver * drv,unsigned int product_id,unsigned char device_id)2115 static struct bmc_device *ipmi_find_bmc_prod_dev_id(
2116 struct device_driver *drv,
2117 unsigned int product_id, unsigned char device_id)
2118 {
2119 struct prod_dev_id id = {
2120 .product_id = product_id,
2121 .device_id = device_id,
2122 };
2123 struct device *dev;
2124
2125 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id);
2126 if (dev)
2127 return dev_get_drvdata(dev);
2128 else
2129 return NULL;
2130 }
2131
device_id_show(struct device * dev,struct device_attribute * attr,char * buf)2132 static ssize_t device_id_show(struct device *dev,
2133 struct device_attribute *attr,
2134 char *buf)
2135 {
2136 struct bmc_device *bmc = dev_get_drvdata(dev);
2137
2138 return snprintf(buf, 10, "%u\n", bmc->id.device_id);
2139 }
2140
provides_dev_sdrs_show(struct device * dev,struct device_attribute * attr,char * buf)2141 static ssize_t provides_dev_sdrs_show(struct device *dev,
2142 struct device_attribute *attr,
2143 char *buf)
2144 {
2145 struct bmc_device *bmc = dev_get_drvdata(dev);
2146
2147 return snprintf(buf, 10, "%u\n",
2148 (bmc->id.device_revision & 0x80) >> 7);
2149 }
2150
revision_show(struct device * dev,struct device_attribute * attr,char * buf)2151 static ssize_t revision_show(struct device *dev, struct device_attribute *attr,
2152 char *buf)
2153 {
2154 struct bmc_device *bmc = dev_get_drvdata(dev);
2155
2156 return snprintf(buf, 20, "%u\n",
2157 bmc->id.device_revision & 0x0F);
2158 }
2159
firmware_rev_show(struct device * dev,struct device_attribute * attr,char * buf)2160 static ssize_t firmware_rev_show(struct device *dev,
2161 struct device_attribute *attr,
2162 char *buf)
2163 {
2164 struct bmc_device *bmc = dev_get_drvdata(dev);
2165
2166 return snprintf(buf, 20, "%u.%x\n", bmc->id.firmware_revision_1,
2167 bmc->id.firmware_revision_2);
2168 }
2169
ipmi_version_show(struct device * dev,struct device_attribute * attr,char * buf)2170 static ssize_t ipmi_version_show(struct device *dev,
2171 struct device_attribute *attr,
2172 char *buf)
2173 {
2174 struct bmc_device *bmc = dev_get_drvdata(dev);
2175
2176 return snprintf(buf, 20, "%u.%u\n",
2177 ipmi_version_major(&bmc->id),
2178 ipmi_version_minor(&bmc->id));
2179 }
2180
add_dev_support_show(struct device * dev,struct device_attribute * attr,char * buf)2181 static ssize_t add_dev_support_show(struct device *dev,
2182 struct device_attribute *attr,
2183 char *buf)
2184 {
2185 struct bmc_device *bmc = dev_get_drvdata(dev);
2186
2187 return snprintf(buf, 10, "0x%02x\n",
2188 bmc->id.additional_device_support);
2189 }
2190
manufacturer_id_show(struct device * dev,struct device_attribute * attr,char * buf)2191 static ssize_t manufacturer_id_show(struct device *dev,
2192 struct device_attribute *attr,
2193 char *buf)
2194 {
2195 struct bmc_device *bmc = dev_get_drvdata(dev);
2196
2197 return snprintf(buf, 20, "0x%6.6x\n", bmc->id.manufacturer_id);
2198 }
2199
product_id_show(struct device * dev,struct device_attribute * attr,char * buf)2200 static ssize_t product_id_show(struct device *dev,
2201 struct device_attribute *attr,
2202 char *buf)
2203 {
2204 struct bmc_device *bmc = dev_get_drvdata(dev);
2205
2206 return snprintf(buf, 10, "0x%4.4x\n", bmc->id.product_id);
2207 }
2208
aux_firmware_rev_show(struct device * dev,struct device_attribute * attr,char * buf)2209 static ssize_t aux_firmware_rev_show(struct device *dev,
2210 struct device_attribute *attr,
2211 char *buf)
2212 {
2213 struct bmc_device *bmc = dev_get_drvdata(dev);
2214
2215 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n",
2216 bmc->id.aux_firmware_revision[3],
2217 bmc->id.aux_firmware_revision[2],
2218 bmc->id.aux_firmware_revision[1],
2219 bmc->id.aux_firmware_revision[0]);
2220 }
2221
guid_show(struct device * dev,struct device_attribute * attr,char * buf)2222 static ssize_t guid_show(struct device *dev, struct device_attribute *attr,
2223 char *buf)
2224 {
2225 struct bmc_device *bmc = dev_get_drvdata(dev);
2226
2227 return snprintf(buf, 100, "%Lx%Lx\n",
2228 (long long) bmc->guid[0],
2229 (long long) bmc->guid[8]);
2230 }
2231
remove_files(struct bmc_device * bmc)2232 static void remove_files(struct bmc_device *bmc)
2233 {
2234 if (!bmc->dev)
2235 return;
2236
2237 device_remove_file(&bmc->dev->dev,
2238 &bmc->device_id_attr);
2239 device_remove_file(&bmc->dev->dev,
2240 &bmc->provides_dev_sdrs_attr);
2241 device_remove_file(&bmc->dev->dev,
2242 &bmc->revision_attr);
2243 device_remove_file(&bmc->dev->dev,
2244 &bmc->firmware_rev_attr);
2245 device_remove_file(&bmc->dev->dev,
2246 &bmc->version_attr);
2247 device_remove_file(&bmc->dev->dev,
2248 &bmc->add_dev_support_attr);
2249 device_remove_file(&bmc->dev->dev,
2250 &bmc->manufacturer_id_attr);
2251 device_remove_file(&bmc->dev->dev,
2252 &bmc->product_id_attr);
2253
2254 if (bmc->id.aux_firmware_revision_set)
2255 device_remove_file(&bmc->dev->dev,
2256 &bmc->aux_firmware_rev_attr);
2257 if (bmc->guid_set)
2258 device_remove_file(&bmc->dev->dev,
2259 &bmc->guid_attr);
2260 }
2261
2262 static void
cleanup_bmc_device(struct kref * ref)2263 cleanup_bmc_device(struct kref *ref)
2264 {
2265 struct bmc_device *bmc;
2266
2267 bmc = container_of(ref, struct bmc_device, refcount);
2268
2269 remove_files(bmc);
2270 platform_device_unregister(bmc->dev);
2271 kfree(bmc);
2272 }
2273
ipmi_bmc_unregister(ipmi_smi_t intf)2274 static void ipmi_bmc_unregister(ipmi_smi_t intf)
2275 {
2276 struct bmc_device *bmc = intf->bmc;
2277
2278 if (intf->sysfs_name) {
2279 sysfs_remove_link(&intf->si_dev->kobj, intf->sysfs_name);
2280 kfree(intf->sysfs_name);
2281 intf->sysfs_name = NULL;
2282 }
2283 if (intf->my_dev_name) {
2284 sysfs_remove_link(&bmc->dev->dev.kobj, intf->my_dev_name);
2285 kfree(intf->my_dev_name);
2286 intf->my_dev_name = NULL;
2287 }
2288
2289 mutex_lock(&ipmidriver_mutex);
2290 kref_put(&bmc->refcount, cleanup_bmc_device);
2291 intf->bmc = NULL;
2292 mutex_unlock(&ipmidriver_mutex);
2293 }
2294
create_files(struct bmc_device * bmc)2295 static int create_files(struct bmc_device *bmc)
2296 {
2297 int err;
2298
2299 bmc->device_id_attr.attr.name = "device_id";
2300 bmc->device_id_attr.attr.mode = S_IRUGO;
2301 bmc->device_id_attr.show = device_id_show;
2302 sysfs_attr_init(&bmc->device_id_attr.attr);
2303
2304 bmc->provides_dev_sdrs_attr.attr.name = "provides_device_sdrs";
2305 bmc->provides_dev_sdrs_attr.attr.mode = S_IRUGO;
2306 bmc->provides_dev_sdrs_attr.show = provides_dev_sdrs_show;
2307 sysfs_attr_init(&bmc->provides_dev_sdrs_attr.attr);
2308
2309 bmc->revision_attr.attr.name = "revision";
2310 bmc->revision_attr.attr.mode = S_IRUGO;
2311 bmc->revision_attr.show = revision_show;
2312 sysfs_attr_init(&bmc->revision_attr.attr);
2313
2314 bmc->firmware_rev_attr.attr.name = "firmware_revision";
2315 bmc->firmware_rev_attr.attr.mode = S_IRUGO;
2316 bmc->firmware_rev_attr.show = firmware_rev_show;
2317 sysfs_attr_init(&bmc->firmware_rev_attr.attr);
2318
2319 bmc->version_attr.attr.name = "ipmi_version";
2320 bmc->version_attr.attr.mode = S_IRUGO;
2321 bmc->version_attr.show = ipmi_version_show;
2322 sysfs_attr_init(&bmc->version_attr.attr);
2323
2324 bmc->add_dev_support_attr.attr.name = "additional_device_support";
2325 bmc->add_dev_support_attr.attr.mode = S_IRUGO;
2326 bmc->add_dev_support_attr.show = add_dev_support_show;
2327 sysfs_attr_init(&bmc->add_dev_support_attr.attr);
2328
2329 bmc->manufacturer_id_attr.attr.name = "manufacturer_id";
2330 bmc->manufacturer_id_attr.attr.mode = S_IRUGO;
2331 bmc->manufacturer_id_attr.show = manufacturer_id_show;
2332 sysfs_attr_init(&bmc->manufacturer_id_attr.attr);
2333
2334 bmc->product_id_attr.attr.name = "product_id";
2335 bmc->product_id_attr.attr.mode = S_IRUGO;
2336 bmc->product_id_attr.show = product_id_show;
2337 sysfs_attr_init(&bmc->product_id_attr.attr);
2338
2339 bmc->guid_attr.attr.name = "guid";
2340 bmc->guid_attr.attr.mode = S_IRUGO;
2341 bmc->guid_attr.show = guid_show;
2342 sysfs_attr_init(&bmc->guid_attr.attr);
2343
2344 bmc->aux_firmware_rev_attr.attr.name = "aux_firmware_revision";
2345 bmc->aux_firmware_rev_attr.attr.mode = S_IRUGO;
2346 bmc->aux_firmware_rev_attr.show = aux_firmware_rev_show;
2347 sysfs_attr_init(&bmc->aux_firmware_rev_attr.attr);
2348
2349 err = device_create_file(&bmc->dev->dev,
2350 &bmc->device_id_attr);
2351 if (err)
2352 goto out;
2353 err = device_create_file(&bmc->dev->dev,
2354 &bmc->provides_dev_sdrs_attr);
2355 if (err)
2356 goto out_devid;
2357 err = device_create_file(&bmc->dev->dev,
2358 &bmc->revision_attr);
2359 if (err)
2360 goto out_sdrs;
2361 err = device_create_file(&bmc->dev->dev,
2362 &bmc->firmware_rev_attr);
2363 if (err)
2364 goto out_rev;
2365 err = device_create_file(&bmc->dev->dev,
2366 &bmc->version_attr);
2367 if (err)
2368 goto out_firm;
2369 err = device_create_file(&bmc->dev->dev,
2370 &bmc->add_dev_support_attr);
2371 if (err)
2372 goto out_version;
2373 err = device_create_file(&bmc->dev->dev,
2374 &bmc->manufacturer_id_attr);
2375 if (err)
2376 goto out_add_dev;
2377 err = device_create_file(&bmc->dev->dev,
2378 &bmc->product_id_attr);
2379 if (err)
2380 goto out_manu;
2381 if (bmc->id.aux_firmware_revision_set) {
2382 err = device_create_file(&bmc->dev->dev,
2383 &bmc->aux_firmware_rev_attr);
2384 if (err)
2385 goto out_prod_id;
2386 }
2387 if (bmc->guid_set) {
2388 err = device_create_file(&bmc->dev->dev,
2389 &bmc->guid_attr);
2390 if (err)
2391 goto out_aux_firm;
2392 }
2393
2394 return 0;
2395
2396 out_aux_firm:
2397 if (bmc->id.aux_firmware_revision_set)
2398 device_remove_file(&bmc->dev->dev,
2399 &bmc->aux_firmware_rev_attr);
2400 out_prod_id:
2401 device_remove_file(&bmc->dev->dev,
2402 &bmc->product_id_attr);
2403 out_manu:
2404 device_remove_file(&bmc->dev->dev,
2405 &bmc->manufacturer_id_attr);
2406 out_add_dev:
2407 device_remove_file(&bmc->dev->dev,
2408 &bmc->add_dev_support_attr);
2409 out_version:
2410 device_remove_file(&bmc->dev->dev,
2411 &bmc->version_attr);
2412 out_firm:
2413 device_remove_file(&bmc->dev->dev,
2414 &bmc->firmware_rev_attr);
2415 out_rev:
2416 device_remove_file(&bmc->dev->dev,
2417 &bmc->revision_attr);
2418 out_sdrs:
2419 device_remove_file(&bmc->dev->dev,
2420 &bmc->provides_dev_sdrs_attr);
2421 out_devid:
2422 device_remove_file(&bmc->dev->dev,
2423 &bmc->device_id_attr);
2424 out:
2425 return err;
2426 }
2427
ipmi_bmc_register(ipmi_smi_t intf,int ifnum,const char * sysfs_name)2428 static int ipmi_bmc_register(ipmi_smi_t intf, int ifnum,
2429 const char *sysfs_name)
2430 {
2431 int rv;
2432 struct bmc_device *bmc = intf->bmc;
2433 struct bmc_device *old_bmc;
2434 int size;
2435 char dummy[1];
2436
2437 mutex_lock(&ipmidriver_mutex);
2438
2439 /*
2440 * Try to find if there is an bmc_device struct
2441 * representing the interfaced BMC already
2442 */
2443 if (bmc->guid_set)
2444 old_bmc = ipmi_find_bmc_guid(&ipmidriver.driver, bmc->guid);
2445 else
2446 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver,
2447 bmc->id.product_id,
2448 bmc->id.device_id);
2449
2450 /*
2451 * If there is already an bmc_device, free the new one,
2452 * otherwise register the new BMC device
2453 */
2454 if (old_bmc) {
2455 kfree(bmc);
2456 intf->bmc = old_bmc;
2457 bmc = old_bmc;
2458
2459 kref_get(&bmc->refcount);
2460 mutex_unlock(&ipmidriver_mutex);
2461
2462 printk(KERN_INFO
2463 "ipmi: interfacing existing BMC (man_id: 0x%6.6x,"
2464 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2465 bmc->id.manufacturer_id,
2466 bmc->id.product_id,
2467 bmc->id.device_id);
2468 } else {
2469 char name[14];
2470 unsigned char orig_dev_id = bmc->id.device_id;
2471 int warn_printed = 0;
2472
2473 snprintf(name, sizeof(name),
2474 "ipmi_bmc.%4.4x", bmc->id.product_id);
2475
2476 while (ipmi_find_bmc_prod_dev_id(&ipmidriver.driver,
2477 bmc->id.product_id,
2478 bmc->id.device_id)) {
2479 if (!warn_printed) {
2480 printk(KERN_WARNING PFX
2481 "This machine has two different BMCs"
2482 " with the same product id and device"
2483 " id. This is an error in the"
2484 " firmware, but incrementing the"
2485 " device id to work around the problem."
2486 " Prod ID = 0x%x, Dev ID = 0x%x\n",
2487 bmc->id.product_id, bmc->id.device_id);
2488 warn_printed = 1;
2489 }
2490 bmc->id.device_id++; /* Wraps at 255 */
2491 if (bmc->id.device_id == orig_dev_id) {
2492 printk(KERN_ERR PFX
2493 "Out of device ids!\n");
2494 break;
2495 }
2496 }
2497
2498 bmc->dev = platform_device_alloc(name, bmc->id.device_id);
2499 if (!bmc->dev) {
2500 mutex_unlock(&ipmidriver_mutex);
2501 printk(KERN_ERR
2502 "ipmi_msghandler:"
2503 " Unable to allocate platform device\n");
2504 return -ENOMEM;
2505 }
2506 bmc->dev->dev.driver = &ipmidriver.driver;
2507 dev_set_drvdata(&bmc->dev->dev, bmc);
2508 kref_init(&bmc->refcount);
2509
2510 rv = platform_device_add(bmc->dev);
2511 mutex_unlock(&ipmidriver_mutex);
2512 if (rv) {
2513 platform_device_put(bmc->dev);
2514 bmc->dev = NULL;
2515 printk(KERN_ERR
2516 "ipmi_msghandler:"
2517 " Unable to register bmc device: %d\n",
2518 rv);
2519 /*
2520 * Don't go to out_err, you can only do that if
2521 * the device is registered already.
2522 */
2523 return rv;
2524 }
2525
2526 rv = create_files(bmc);
2527 if (rv) {
2528 mutex_lock(&ipmidriver_mutex);
2529 platform_device_unregister(bmc->dev);
2530 mutex_unlock(&ipmidriver_mutex);
2531
2532 return rv;
2533 }
2534
2535 dev_info(intf->si_dev, "Found new BMC (man_id: 0x%6.6x, "
2536 "prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2537 bmc->id.manufacturer_id,
2538 bmc->id.product_id,
2539 bmc->id.device_id);
2540 }
2541
2542 /*
2543 * create symlink from system interface device to bmc device
2544 * and back.
2545 */
2546 intf->sysfs_name = kstrdup(sysfs_name, GFP_KERNEL);
2547 if (!intf->sysfs_name) {
2548 rv = -ENOMEM;
2549 printk(KERN_ERR
2550 "ipmi_msghandler: allocate link to BMC: %d\n",
2551 rv);
2552 goto out_err;
2553 }
2554
2555 rv = sysfs_create_link(&intf->si_dev->kobj,
2556 &bmc->dev->dev.kobj, intf->sysfs_name);
2557 if (rv) {
2558 kfree(intf->sysfs_name);
2559 intf->sysfs_name = NULL;
2560 printk(KERN_ERR
2561 "ipmi_msghandler: Unable to create bmc symlink: %d\n",
2562 rv);
2563 goto out_err;
2564 }
2565
2566 size = snprintf(dummy, 0, "ipmi%d", ifnum);
2567 intf->my_dev_name = kmalloc(size+1, GFP_KERNEL);
2568 if (!intf->my_dev_name) {
2569 kfree(intf->sysfs_name);
2570 intf->sysfs_name = NULL;
2571 rv = -ENOMEM;
2572 printk(KERN_ERR
2573 "ipmi_msghandler: allocate link from BMC: %d\n",
2574 rv);
2575 goto out_err;
2576 }
2577 snprintf(intf->my_dev_name, size+1, "ipmi%d", ifnum);
2578
2579 rv = sysfs_create_link(&bmc->dev->dev.kobj, &intf->si_dev->kobj,
2580 intf->my_dev_name);
2581 if (rv) {
2582 kfree(intf->sysfs_name);
2583 intf->sysfs_name = NULL;
2584 kfree(intf->my_dev_name);
2585 intf->my_dev_name = NULL;
2586 printk(KERN_ERR
2587 "ipmi_msghandler:"
2588 " Unable to create symlink to bmc: %d\n",
2589 rv);
2590 goto out_err;
2591 }
2592
2593 return 0;
2594
2595 out_err:
2596 ipmi_bmc_unregister(intf);
2597 return rv;
2598 }
2599
2600 static int
send_guid_cmd(ipmi_smi_t intf,int chan)2601 send_guid_cmd(ipmi_smi_t intf, int chan)
2602 {
2603 struct kernel_ipmi_msg msg;
2604 struct ipmi_system_interface_addr si;
2605
2606 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2607 si.channel = IPMI_BMC_CHANNEL;
2608 si.lun = 0;
2609
2610 msg.netfn = IPMI_NETFN_APP_REQUEST;
2611 msg.cmd = IPMI_GET_DEVICE_GUID_CMD;
2612 msg.data = NULL;
2613 msg.data_len = 0;
2614 return i_ipmi_request(NULL,
2615 intf,
2616 (struct ipmi_addr *) &si,
2617 0,
2618 &msg,
2619 intf,
2620 NULL,
2621 NULL,
2622 0,
2623 intf->channels[0].address,
2624 intf->channels[0].lun,
2625 -1, 0);
2626 }
2627
2628 static void
guid_handler(ipmi_smi_t intf,struct ipmi_recv_msg * msg)2629 guid_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
2630 {
2631 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2632 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
2633 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD))
2634 /* Not for me */
2635 return;
2636
2637 if (msg->msg.data[0] != 0) {
2638 /* Error from getting the GUID, the BMC doesn't have one. */
2639 intf->bmc->guid_set = 0;
2640 goto out;
2641 }
2642
2643 if (msg->msg.data_len < 17) {
2644 intf->bmc->guid_set = 0;
2645 printk(KERN_WARNING PFX
2646 "guid_handler: The GUID response from the BMC was too"
2647 " short, it was %d but should have been 17. Assuming"
2648 " GUID is not available.\n",
2649 msg->msg.data_len);
2650 goto out;
2651 }
2652
2653 memcpy(intf->bmc->guid, msg->msg.data, 16);
2654 intf->bmc->guid_set = 1;
2655 out:
2656 wake_up(&intf->waitq);
2657 }
2658
2659 static void
get_guid(ipmi_smi_t intf)2660 get_guid(ipmi_smi_t intf)
2661 {
2662 int rv;
2663
2664 intf->bmc->guid_set = 0x2;
2665 intf->null_user_handler = guid_handler;
2666 rv = send_guid_cmd(intf, 0);
2667 if (rv)
2668 /* Send failed, no GUID available. */
2669 intf->bmc->guid_set = 0;
2670 wait_event(intf->waitq, intf->bmc->guid_set != 2);
2671 intf->null_user_handler = NULL;
2672 }
2673
2674 static int
send_channel_info_cmd(ipmi_smi_t intf,int chan)2675 send_channel_info_cmd(ipmi_smi_t intf, int chan)
2676 {
2677 struct kernel_ipmi_msg msg;
2678 unsigned char data[1];
2679 struct ipmi_system_interface_addr si;
2680
2681 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2682 si.channel = IPMI_BMC_CHANNEL;
2683 si.lun = 0;
2684
2685 msg.netfn = IPMI_NETFN_APP_REQUEST;
2686 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
2687 msg.data = data;
2688 msg.data_len = 1;
2689 data[0] = chan;
2690 return i_ipmi_request(NULL,
2691 intf,
2692 (struct ipmi_addr *) &si,
2693 0,
2694 &msg,
2695 intf,
2696 NULL,
2697 NULL,
2698 0,
2699 intf->channels[0].address,
2700 intf->channels[0].lun,
2701 -1, 0);
2702 }
2703
2704 static void
channel_handler(ipmi_smi_t intf,struct ipmi_recv_msg * msg)2705 channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
2706 {
2707 int rv = 0;
2708 int chan;
2709
2710 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2711 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
2712 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) {
2713 /* It's the one we want */
2714 if (msg->msg.data[0] != 0) {
2715 /* Got an error from the channel, just go on. */
2716
2717 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
2718 /*
2719 * If the MC does not support this
2720 * command, that is legal. We just
2721 * assume it has one IPMB at channel
2722 * zero.
2723 */
2724 intf->channels[0].medium
2725 = IPMI_CHANNEL_MEDIUM_IPMB;
2726 intf->channels[0].protocol
2727 = IPMI_CHANNEL_PROTOCOL_IPMB;
2728 rv = -ENOSYS;
2729
2730 intf->curr_channel = IPMI_MAX_CHANNELS;
2731 wake_up(&intf->waitq);
2732 goto out;
2733 }
2734 goto next_channel;
2735 }
2736 if (msg->msg.data_len < 4) {
2737 /* Message not big enough, just go on. */
2738 goto next_channel;
2739 }
2740 chan = intf->curr_channel;
2741 intf->channels[chan].medium = msg->msg.data[2] & 0x7f;
2742 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f;
2743
2744 next_channel:
2745 intf->curr_channel++;
2746 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
2747 wake_up(&intf->waitq);
2748 else
2749 rv = send_channel_info_cmd(intf, intf->curr_channel);
2750
2751 if (rv) {
2752 /* Got an error somehow, just give up. */
2753 intf->curr_channel = IPMI_MAX_CHANNELS;
2754 wake_up(&intf->waitq);
2755
2756 printk(KERN_WARNING PFX
2757 "Error sending channel information: %d\n",
2758 rv);
2759 }
2760 }
2761 out:
2762 return;
2763 }
2764
ipmi_poll_interface(ipmi_user_t user)2765 void ipmi_poll_interface(ipmi_user_t user)
2766 {
2767 ipmi_smi_t intf = user->intf;
2768
2769 if (intf->handlers->poll)
2770 intf->handlers->poll(intf->send_info);
2771 }
2772 EXPORT_SYMBOL(ipmi_poll_interface);
2773
ipmi_register_smi(struct ipmi_smi_handlers * handlers,void * send_info,struct ipmi_device_id * device_id,struct device * si_dev,const char * sysfs_name,unsigned char slave_addr)2774 int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
2775 void *send_info,
2776 struct ipmi_device_id *device_id,
2777 struct device *si_dev,
2778 const char *sysfs_name,
2779 unsigned char slave_addr)
2780 {
2781 int i, j;
2782 int rv;
2783 ipmi_smi_t intf;
2784 ipmi_smi_t tintf;
2785 struct list_head *link;
2786
2787 /*
2788 * Make sure the driver is actually initialized, this handles
2789 * problems with initialization order.
2790 */
2791 if (!initialized) {
2792 rv = ipmi_init_msghandler();
2793 if (rv)
2794 return rv;
2795 /*
2796 * The init code doesn't return an error if it was turned
2797 * off, but it won't initialize. Check that.
2798 */
2799 if (!initialized)
2800 return -ENODEV;
2801 }
2802
2803 intf = kzalloc(sizeof(*intf), GFP_KERNEL);
2804 if (!intf)
2805 return -ENOMEM;
2806
2807 intf->ipmi_version_major = ipmi_version_major(device_id);
2808 intf->ipmi_version_minor = ipmi_version_minor(device_id);
2809
2810 intf->bmc = kzalloc(sizeof(*intf->bmc), GFP_KERNEL);
2811 if (!intf->bmc) {
2812 kfree(intf);
2813 return -ENOMEM;
2814 }
2815 intf->intf_num = -1; /* Mark it invalid for now. */
2816 kref_init(&intf->refcount);
2817 intf->bmc->id = *device_id;
2818 intf->si_dev = si_dev;
2819 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
2820 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR;
2821 intf->channels[j].lun = 2;
2822 }
2823 if (slave_addr != 0)
2824 intf->channels[0].address = slave_addr;
2825 INIT_LIST_HEAD(&intf->users);
2826 intf->handlers = handlers;
2827 intf->send_info = send_info;
2828 spin_lock_init(&intf->seq_lock);
2829 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
2830 intf->seq_table[j].inuse = 0;
2831 intf->seq_table[j].seqid = 0;
2832 }
2833 intf->curr_seq = 0;
2834 #ifdef CONFIG_PROC_FS
2835 mutex_init(&intf->proc_entry_lock);
2836 #endif
2837 spin_lock_init(&intf->waiting_msgs_lock);
2838 INIT_LIST_HEAD(&intf->waiting_msgs);
2839 spin_lock_init(&intf->events_lock);
2840 INIT_LIST_HEAD(&intf->waiting_events);
2841 intf->waiting_events_count = 0;
2842 mutex_init(&intf->cmd_rcvrs_mutex);
2843 spin_lock_init(&intf->maintenance_mode_lock);
2844 INIT_LIST_HEAD(&intf->cmd_rcvrs);
2845 init_waitqueue_head(&intf->waitq);
2846 for (i = 0; i < IPMI_NUM_STATS; i++)
2847 atomic_set(&intf->stats[i], 0);
2848
2849 intf->proc_dir = NULL;
2850
2851 mutex_lock(&smi_watchers_mutex);
2852 mutex_lock(&ipmi_interfaces_mutex);
2853 /* Look for a hole in the numbers. */
2854 i = 0;
2855 link = &ipmi_interfaces;
2856 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) {
2857 if (tintf->intf_num != i) {
2858 link = &tintf->link;
2859 break;
2860 }
2861 i++;
2862 }
2863 /* Add the new interface in numeric order. */
2864 if (i == 0)
2865 list_add_rcu(&intf->link, &ipmi_interfaces);
2866 else
2867 list_add_tail_rcu(&intf->link, link);
2868
2869 rv = handlers->start_processing(send_info, intf);
2870 if (rv)
2871 goto out;
2872
2873 get_guid(intf);
2874
2875 if ((intf->ipmi_version_major > 1)
2876 || ((intf->ipmi_version_major == 1)
2877 && (intf->ipmi_version_minor >= 5))) {
2878 /*
2879 * Start scanning the channels to see what is
2880 * available.
2881 */
2882 intf->null_user_handler = channel_handler;
2883 intf->curr_channel = 0;
2884 rv = send_channel_info_cmd(intf, 0);
2885 if (rv)
2886 goto out;
2887
2888 /* Wait for the channel info to be read. */
2889 wait_event(intf->waitq,
2890 intf->curr_channel >= IPMI_MAX_CHANNELS);
2891 intf->null_user_handler = NULL;
2892 } else {
2893 /* Assume a single IPMB channel at zero. */
2894 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
2895 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
2896 intf->curr_channel = IPMI_MAX_CHANNELS;
2897 }
2898
2899 if (rv == 0)
2900 rv = add_proc_entries(intf, i);
2901
2902 rv = ipmi_bmc_register(intf, i, sysfs_name);
2903
2904 out:
2905 if (rv) {
2906 if (intf->proc_dir)
2907 remove_proc_entries(intf);
2908 intf->handlers = NULL;
2909 list_del_rcu(&intf->link);
2910 mutex_unlock(&ipmi_interfaces_mutex);
2911 mutex_unlock(&smi_watchers_mutex);
2912 synchronize_rcu();
2913 kref_put(&intf->refcount, intf_free);
2914 } else {
2915 /*
2916 * Keep memory order straight for RCU readers. Make
2917 * sure everything else is committed to memory before
2918 * setting intf_num to mark the interface valid.
2919 */
2920 smp_wmb();
2921 intf->intf_num = i;
2922 mutex_unlock(&ipmi_interfaces_mutex);
2923 /* After this point the interface is legal to use. */
2924 call_smi_watchers(i, intf->si_dev);
2925 mutex_unlock(&smi_watchers_mutex);
2926 }
2927
2928 return rv;
2929 }
2930 EXPORT_SYMBOL(ipmi_register_smi);
2931
cleanup_smi_msgs(ipmi_smi_t intf)2932 static void cleanup_smi_msgs(ipmi_smi_t intf)
2933 {
2934 int i;
2935 struct seq_table *ent;
2936
2937 /* No need for locks, the interface is down. */
2938 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
2939 ent = &(intf->seq_table[i]);
2940 if (!ent->inuse)
2941 continue;
2942 deliver_err_response(ent->recv_msg, IPMI_ERR_UNSPECIFIED);
2943 }
2944 }
2945
ipmi_unregister_smi(ipmi_smi_t intf)2946 int ipmi_unregister_smi(ipmi_smi_t intf)
2947 {
2948 struct ipmi_smi_watcher *w;
2949 int intf_num = intf->intf_num;
2950
2951 ipmi_bmc_unregister(intf);
2952
2953 mutex_lock(&smi_watchers_mutex);
2954 mutex_lock(&ipmi_interfaces_mutex);
2955 intf->intf_num = -1;
2956 intf->handlers = NULL;
2957 list_del_rcu(&intf->link);
2958 mutex_unlock(&ipmi_interfaces_mutex);
2959 synchronize_rcu();
2960
2961 cleanup_smi_msgs(intf);
2962
2963 remove_proc_entries(intf);
2964
2965 /*
2966 * Call all the watcher interfaces to tell them that
2967 * an interface is gone.
2968 */
2969 list_for_each_entry(w, &smi_watchers, link)
2970 w->smi_gone(intf_num);
2971 mutex_unlock(&smi_watchers_mutex);
2972
2973 kref_put(&intf->refcount, intf_free);
2974 return 0;
2975 }
2976 EXPORT_SYMBOL(ipmi_unregister_smi);
2977
handle_ipmb_get_msg_rsp(ipmi_smi_t intf,struct ipmi_smi_msg * msg)2978 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
2979 struct ipmi_smi_msg *msg)
2980 {
2981 struct ipmi_ipmb_addr ipmb_addr;
2982 struct ipmi_recv_msg *recv_msg;
2983
2984 /*
2985 * This is 11, not 10, because the response must contain a
2986 * completion code.
2987 */
2988 if (msg->rsp_size < 11) {
2989 /* Message not big enough, just ignore it. */
2990 ipmi_inc_stat(intf, invalid_ipmb_responses);
2991 return 0;
2992 }
2993
2994 if (msg->rsp[2] != 0) {
2995 /* An error getting the response, just ignore it. */
2996 return 0;
2997 }
2998
2999 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
3000 ipmb_addr.slave_addr = msg->rsp[6];
3001 ipmb_addr.channel = msg->rsp[3] & 0x0f;
3002 ipmb_addr.lun = msg->rsp[7] & 3;
3003
3004 /*
3005 * It's a response from a remote entity. Look up the sequence
3006 * number and handle the response.
3007 */
3008 if (intf_find_seq(intf,
3009 msg->rsp[7] >> 2,
3010 msg->rsp[3] & 0x0f,
3011 msg->rsp[8],
3012 (msg->rsp[4] >> 2) & (~1),
3013 (struct ipmi_addr *) &(ipmb_addr),
3014 &recv_msg)) {
3015 /*
3016 * We were unable to find the sequence number,
3017 * so just nuke the message.
3018 */
3019 ipmi_inc_stat(intf, unhandled_ipmb_responses);
3020 return 0;
3021 }
3022
3023 memcpy(recv_msg->msg_data,
3024 &(msg->rsp[9]),
3025 msg->rsp_size - 9);
3026 /*
3027 * The other fields matched, so no need to set them, except
3028 * for netfn, which needs to be the response that was
3029 * returned, not the request value.
3030 */
3031 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3032 recv_msg->msg.data = recv_msg->msg_data;
3033 recv_msg->msg.data_len = msg->rsp_size - 10;
3034 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3035 ipmi_inc_stat(intf, handled_ipmb_responses);
3036 deliver_response(recv_msg);
3037
3038 return 0;
3039 }
3040
handle_ipmb_get_msg_cmd(ipmi_smi_t intf,struct ipmi_smi_msg * msg)3041 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
3042 struct ipmi_smi_msg *msg)
3043 {
3044 struct cmd_rcvr *rcvr;
3045 int rv = 0;
3046 unsigned char netfn;
3047 unsigned char cmd;
3048 unsigned char chan;
3049 ipmi_user_t user = NULL;
3050 struct ipmi_ipmb_addr *ipmb_addr;
3051 struct ipmi_recv_msg *recv_msg;
3052 struct ipmi_smi_handlers *handlers;
3053
3054 if (msg->rsp_size < 10) {
3055 /* Message not big enough, just ignore it. */
3056 ipmi_inc_stat(intf, invalid_commands);
3057 return 0;
3058 }
3059
3060 if (msg->rsp[2] != 0) {
3061 /* An error getting the response, just ignore it. */
3062 return 0;
3063 }
3064
3065 netfn = msg->rsp[4] >> 2;
3066 cmd = msg->rsp[8];
3067 chan = msg->rsp[3] & 0xf;
3068
3069 rcu_read_lock();
3070 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3071 if (rcvr) {
3072 user = rcvr->user;
3073 kref_get(&user->refcount);
3074 } else
3075 user = NULL;
3076 rcu_read_unlock();
3077
3078 if (user == NULL) {
3079 /* We didn't find a user, deliver an error response. */
3080 ipmi_inc_stat(intf, unhandled_commands);
3081
3082 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
3083 msg->data[1] = IPMI_SEND_MSG_CMD;
3084 msg->data[2] = msg->rsp[3];
3085 msg->data[3] = msg->rsp[6];
3086 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
3087 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
3088 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address;
3089 /* rqseq/lun */
3090 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
3091 msg->data[8] = msg->rsp[8]; /* cmd */
3092 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
3093 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
3094 msg->data_size = 11;
3095
3096 #ifdef DEBUG_MSGING
3097 {
3098 int m;
3099 printk("Invalid command:");
3100 for (m = 0; m < msg->data_size; m++)
3101 printk(" %2.2x", msg->data[m]);
3102 printk("\n");
3103 }
3104 #endif
3105 rcu_read_lock();
3106 handlers = intf->handlers;
3107 if (handlers) {
3108 handlers->sender(intf->send_info, msg, 0);
3109 /*
3110 * We used the message, so return the value
3111 * that causes it to not be freed or
3112 * queued.
3113 */
3114 rv = -1;
3115 }
3116 rcu_read_unlock();
3117 } else {
3118 /* Deliver the message to the user. */
3119 ipmi_inc_stat(intf, handled_commands);
3120
3121 recv_msg = ipmi_alloc_recv_msg();
3122 if (!recv_msg) {
3123 /*
3124 * We couldn't allocate memory for the
3125 * message, so requeue it for handling
3126 * later.
3127 */
3128 rv = 1;
3129 kref_put(&user->refcount, free_user);
3130 } else {
3131 /* Extract the source address from the data. */
3132 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
3133 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
3134 ipmb_addr->slave_addr = msg->rsp[6];
3135 ipmb_addr->lun = msg->rsp[7] & 3;
3136 ipmb_addr->channel = msg->rsp[3] & 0xf;
3137
3138 /*
3139 * Extract the rest of the message information
3140 * from the IPMB header.
3141 */
3142 recv_msg->user = user;
3143 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3144 recv_msg->msgid = msg->rsp[7] >> 2;
3145 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3146 recv_msg->msg.cmd = msg->rsp[8];
3147 recv_msg->msg.data = recv_msg->msg_data;
3148
3149 /*
3150 * We chop off 10, not 9 bytes because the checksum
3151 * at the end also needs to be removed.
3152 */
3153 recv_msg->msg.data_len = msg->rsp_size - 10;
3154 memcpy(recv_msg->msg_data,
3155 &(msg->rsp[9]),
3156 msg->rsp_size - 10);
3157 deliver_response(recv_msg);
3158 }
3159 }
3160
3161 return rv;
3162 }
3163
handle_lan_get_msg_rsp(ipmi_smi_t intf,struct ipmi_smi_msg * msg)3164 static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
3165 struct ipmi_smi_msg *msg)
3166 {
3167 struct ipmi_lan_addr lan_addr;
3168 struct ipmi_recv_msg *recv_msg;
3169
3170
3171 /*
3172 * This is 13, not 12, because the response must contain a
3173 * completion code.
3174 */
3175 if (msg->rsp_size < 13) {
3176 /* Message not big enough, just ignore it. */
3177 ipmi_inc_stat(intf, invalid_lan_responses);
3178 return 0;
3179 }
3180
3181 if (msg->rsp[2] != 0) {
3182 /* An error getting the response, just ignore it. */
3183 return 0;
3184 }
3185
3186 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
3187 lan_addr.session_handle = msg->rsp[4];
3188 lan_addr.remote_SWID = msg->rsp[8];
3189 lan_addr.local_SWID = msg->rsp[5];
3190 lan_addr.channel = msg->rsp[3] & 0x0f;
3191 lan_addr.privilege = msg->rsp[3] >> 4;
3192 lan_addr.lun = msg->rsp[9] & 3;
3193
3194 /*
3195 * It's a response from a remote entity. Look up the sequence
3196 * number and handle the response.
3197 */
3198 if (intf_find_seq(intf,
3199 msg->rsp[9] >> 2,
3200 msg->rsp[3] & 0x0f,
3201 msg->rsp[10],
3202 (msg->rsp[6] >> 2) & (~1),
3203 (struct ipmi_addr *) &(lan_addr),
3204 &recv_msg)) {
3205 /*
3206 * We were unable to find the sequence number,
3207 * so just nuke the message.
3208 */
3209 ipmi_inc_stat(intf, unhandled_lan_responses);
3210 return 0;
3211 }
3212
3213 memcpy(recv_msg->msg_data,
3214 &(msg->rsp[11]),
3215 msg->rsp_size - 11);
3216 /*
3217 * The other fields matched, so no need to set them, except
3218 * for netfn, which needs to be the response that was
3219 * returned, not the request value.
3220 */
3221 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3222 recv_msg->msg.data = recv_msg->msg_data;
3223 recv_msg->msg.data_len = msg->rsp_size - 12;
3224 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3225 ipmi_inc_stat(intf, handled_lan_responses);
3226 deliver_response(recv_msg);
3227
3228 return 0;
3229 }
3230
handle_lan_get_msg_cmd(ipmi_smi_t intf,struct ipmi_smi_msg * msg)3231 static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
3232 struct ipmi_smi_msg *msg)
3233 {
3234 struct cmd_rcvr *rcvr;
3235 int rv = 0;
3236 unsigned char netfn;
3237 unsigned char cmd;
3238 unsigned char chan;
3239 ipmi_user_t user = NULL;
3240 struct ipmi_lan_addr *lan_addr;
3241 struct ipmi_recv_msg *recv_msg;
3242
3243 if (msg->rsp_size < 12) {
3244 /* Message not big enough, just ignore it. */
3245 ipmi_inc_stat(intf, invalid_commands);
3246 return 0;
3247 }
3248
3249 if (msg->rsp[2] != 0) {
3250 /* An error getting the response, just ignore it. */
3251 return 0;
3252 }
3253
3254 netfn = msg->rsp[6] >> 2;
3255 cmd = msg->rsp[10];
3256 chan = msg->rsp[3] & 0xf;
3257
3258 rcu_read_lock();
3259 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3260 if (rcvr) {
3261 user = rcvr->user;
3262 kref_get(&user->refcount);
3263 } else
3264 user = NULL;
3265 rcu_read_unlock();
3266
3267 if (user == NULL) {
3268 /* We didn't find a user, just give up. */
3269 ipmi_inc_stat(intf, unhandled_commands);
3270
3271 /*
3272 * Don't do anything with these messages, just allow
3273 * them to be freed.
3274 */
3275 rv = 0;
3276 } else {
3277 /* Deliver the message to the user. */
3278 ipmi_inc_stat(intf, handled_commands);
3279
3280 recv_msg = ipmi_alloc_recv_msg();
3281 if (!recv_msg) {
3282 /*
3283 * We couldn't allocate memory for the
3284 * message, so requeue it for handling later.
3285 */
3286 rv = 1;
3287 kref_put(&user->refcount, free_user);
3288 } else {
3289 /* Extract the source address from the data. */
3290 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
3291 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
3292 lan_addr->session_handle = msg->rsp[4];
3293 lan_addr->remote_SWID = msg->rsp[8];
3294 lan_addr->local_SWID = msg->rsp[5];
3295 lan_addr->lun = msg->rsp[9] & 3;
3296 lan_addr->channel = msg->rsp[3] & 0xf;
3297 lan_addr->privilege = msg->rsp[3] >> 4;
3298
3299 /*
3300 * Extract the rest of the message information
3301 * from the IPMB header.
3302 */
3303 recv_msg->user = user;
3304 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3305 recv_msg->msgid = msg->rsp[9] >> 2;
3306 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3307 recv_msg->msg.cmd = msg->rsp[10];
3308 recv_msg->msg.data = recv_msg->msg_data;
3309
3310 /*
3311 * We chop off 12, not 11 bytes because the checksum
3312 * at the end also needs to be removed.
3313 */
3314 recv_msg->msg.data_len = msg->rsp_size - 12;
3315 memcpy(recv_msg->msg_data,
3316 &(msg->rsp[11]),
3317 msg->rsp_size - 12);
3318 deliver_response(recv_msg);
3319 }
3320 }
3321
3322 return rv;
3323 }
3324
3325 /*
3326 * This routine will handle "Get Message" command responses with
3327 * channels that use an OEM Medium. The message format belongs to
3328 * the OEM. See IPMI 2.0 specification, Chapter 6 and
3329 * Chapter 22, sections 22.6 and 22.24 for more details.
3330 */
handle_oem_get_msg_cmd(ipmi_smi_t intf,struct ipmi_smi_msg * msg)3331 static int handle_oem_get_msg_cmd(ipmi_smi_t intf,
3332 struct ipmi_smi_msg *msg)
3333 {
3334 struct cmd_rcvr *rcvr;
3335 int rv = 0;
3336 unsigned char netfn;
3337 unsigned char cmd;
3338 unsigned char chan;
3339 ipmi_user_t user = NULL;
3340 struct ipmi_system_interface_addr *smi_addr;
3341 struct ipmi_recv_msg *recv_msg;
3342
3343 /*
3344 * We expect the OEM SW to perform error checking
3345 * so we just do some basic sanity checks
3346 */
3347 if (msg->rsp_size < 4) {
3348 /* Message not big enough, just ignore it. */
3349 ipmi_inc_stat(intf, invalid_commands);
3350 return 0;
3351 }
3352
3353 if (msg->rsp[2] != 0) {
3354 /* An error getting the response, just ignore it. */
3355 return 0;
3356 }
3357
3358 /*
3359 * This is an OEM Message so the OEM needs to know how
3360 * handle the message. We do no interpretation.
3361 */
3362 netfn = msg->rsp[0] >> 2;
3363 cmd = msg->rsp[1];
3364 chan = msg->rsp[3] & 0xf;
3365
3366 rcu_read_lock();
3367 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3368 if (rcvr) {
3369 user = rcvr->user;
3370 kref_get(&user->refcount);
3371 } else
3372 user = NULL;
3373 rcu_read_unlock();
3374
3375 if (user == NULL) {
3376 /* We didn't find a user, just give up. */
3377 ipmi_inc_stat(intf, unhandled_commands);
3378
3379 /*
3380 * Don't do anything with these messages, just allow
3381 * them to be freed.
3382 */
3383
3384 rv = 0;
3385 } else {
3386 /* Deliver the message to the user. */
3387 ipmi_inc_stat(intf, handled_commands);
3388
3389 recv_msg = ipmi_alloc_recv_msg();
3390 if (!recv_msg) {
3391 /*
3392 * We couldn't allocate memory for the
3393 * message, so requeue it for handling
3394 * later.
3395 */
3396 rv = 1;
3397 kref_put(&user->refcount, free_user);
3398 } else {
3399 /*
3400 * OEM Messages are expected to be delivered via
3401 * the system interface to SMS software. We might
3402 * need to visit this again depending on OEM
3403 * requirements
3404 */
3405 smi_addr = ((struct ipmi_system_interface_addr *)
3406 &(recv_msg->addr));
3407 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3408 smi_addr->channel = IPMI_BMC_CHANNEL;
3409 smi_addr->lun = msg->rsp[0] & 3;
3410
3411 recv_msg->user = user;
3412 recv_msg->user_msg_data = NULL;
3413 recv_msg->recv_type = IPMI_OEM_RECV_TYPE;
3414 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3415 recv_msg->msg.cmd = msg->rsp[1];
3416 recv_msg->msg.data = recv_msg->msg_data;
3417
3418 /*
3419 * The message starts at byte 4 which follows the
3420 * the Channel Byte in the "GET MESSAGE" command
3421 */
3422 recv_msg->msg.data_len = msg->rsp_size - 4;
3423 memcpy(recv_msg->msg_data,
3424 &(msg->rsp[4]),
3425 msg->rsp_size - 4);
3426 deliver_response(recv_msg);
3427 }
3428 }
3429
3430 return rv;
3431 }
3432
copy_event_into_recv_msg(struct ipmi_recv_msg * recv_msg,struct ipmi_smi_msg * msg)3433 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
3434 struct ipmi_smi_msg *msg)
3435 {
3436 struct ipmi_system_interface_addr *smi_addr;
3437
3438 recv_msg->msgid = 0;
3439 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
3440 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3441 smi_addr->channel = IPMI_BMC_CHANNEL;
3442 smi_addr->lun = msg->rsp[0] & 3;
3443 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
3444 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3445 recv_msg->msg.cmd = msg->rsp[1];
3446 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
3447 recv_msg->msg.data = recv_msg->msg_data;
3448 recv_msg->msg.data_len = msg->rsp_size - 3;
3449 }
3450
handle_read_event_rsp(ipmi_smi_t intf,struct ipmi_smi_msg * msg)3451 static int handle_read_event_rsp(ipmi_smi_t intf,
3452 struct ipmi_smi_msg *msg)
3453 {
3454 struct ipmi_recv_msg *recv_msg, *recv_msg2;
3455 struct list_head msgs;
3456 ipmi_user_t user;
3457 int rv = 0;
3458 int deliver_count = 0;
3459 unsigned long flags;
3460
3461 if (msg->rsp_size < 19) {
3462 /* Message is too small to be an IPMB event. */
3463 ipmi_inc_stat(intf, invalid_events);
3464 return 0;
3465 }
3466
3467 if (msg->rsp[2] != 0) {
3468 /* An error getting the event, just ignore it. */
3469 return 0;
3470 }
3471
3472 INIT_LIST_HEAD(&msgs);
3473
3474 spin_lock_irqsave(&intf->events_lock, flags);
3475
3476 ipmi_inc_stat(intf, events);
3477
3478 /*
3479 * Allocate and fill in one message for every user that is
3480 * getting events.
3481 */
3482 rcu_read_lock();
3483 list_for_each_entry_rcu(user, &intf->users, link) {
3484 if (!user->gets_events)
3485 continue;
3486
3487 recv_msg = ipmi_alloc_recv_msg();
3488 if (!recv_msg) {
3489 rcu_read_unlock();
3490 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs,
3491 link) {
3492 list_del(&recv_msg->link);
3493 ipmi_free_recv_msg(recv_msg);
3494 }
3495 /*
3496 * We couldn't allocate memory for the
3497 * message, so requeue it for handling
3498 * later.
3499 */
3500 rv = 1;
3501 goto out;
3502 }
3503
3504 deliver_count++;
3505
3506 copy_event_into_recv_msg(recv_msg, msg);
3507 recv_msg->user = user;
3508 kref_get(&user->refcount);
3509 list_add_tail(&(recv_msg->link), &msgs);
3510 }
3511 rcu_read_unlock();
3512
3513 if (deliver_count) {
3514 /* Now deliver all the messages. */
3515 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
3516 list_del(&recv_msg->link);
3517 deliver_response(recv_msg);
3518 }
3519 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
3520 /*
3521 * No one to receive the message, put it in queue if there's
3522 * not already too many things in the queue.
3523 */
3524 recv_msg = ipmi_alloc_recv_msg();
3525 if (!recv_msg) {
3526 /*
3527 * We couldn't allocate memory for the
3528 * message, so requeue it for handling
3529 * later.
3530 */
3531 rv = 1;
3532 goto out;
3533 }
3534
3535 copy_event_into_recv_msg(recv_msg, msg);
3536 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
3537 intf->waiting_events_count++;
3538 } else if (!intf->event_msg_printed) {
3539 /*
3540 * There's too many things in the queue, discard this
3541 * message.
3542 */
3543 printk(KERN_WARNING PFX "Event queue full, discarding"
3544 " incoming events\n");
3545 intf->event_msg_printed = 1;
3546 }
3547
3548 out:
3549 spin_unlock_irqrestore(&(intf->events_lock), flags);
3550
3551 return rv;
3552 }
3553
handle_bmc_rsp(ipmi_smi_t intf,struct ipmi_smi_msg * msg)3554 static int handle_bmc_rsp(ipmi_smi_t intf,
3555 struct ipmi_smi_msg *msg)
3556 {
3557 struct ipmi_recv_msg *recv_msg;
3558 struct ipmi_user *user;
3559
3560 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
3561 if (recv_msg == NULL) {
3562 printk(KERN_WARNING
3563 "IPMI message received with no owner. This\n"
3564 "could be because of a malformed message, or\n"
3565 "because of a hardware error. Contact your\n"
3566 "hardware vender for assistance\n");
3567 return 0;
3568 }
3569
3570 user = recv_msg->user;
3571 /* Make sure the user still exists. */
3572 if (user && !user->valid) {
3573 /* The user for the message went away, so give up. */
3574 ipmi_inc_stat(intf, unhandled_local_responses);
3575 ipmi_free_recv_msg(recv_msg);
3576 } else {
3577 struct ipmi_system_interface_addr *smi_addr;
3578
3579 ipmi_inc_stat(intf, handled_local_responses);
3580 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3581 recv_msg->msgid = msg->msgid;
3582 smi_addr = ((struct ipmi_system_interface_addr *)
3583 &(recv_msg->addr));
3584 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3585 smi_addr->channel = IPMI_BMC_CHANNEL;
3586 smi_addr->lun = msg->rsp[0] & 3;
3587 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3588 recv_msg->msg.cmd = msg->rsp[1];
3589 memcpy(recv_msg->msg_data,
3590 &(msg->rsp[2]),
3591 msg->rsp_size - 2);
3592 recv_msg->msg.data = recv_msg->msg_data;
3593 recv_msg->msg.data_len = msg->rsp_size - 2;
3594 deliver_response(recv_msg);
3595 }
3596
3597 return 0;
3598 }
3599
3600 /*
3601 * Handle a new message. Return 1 if the message should be requeued,
3602 * 0 if the message should be freed, or -1 if the message should not
3603 * be freed or requeued.
3604 */
handle_new_recv_msg(ipmi_smi_t intf,struct ipmi_smi_msg * msg)3605 static int handle_new_recv_msg(ipmi_smi_t intf,
3606 struct ipmi_smi_msg *msg)
3607 {
3608 int requeue;
3609 int chan;
3610
3611 #ifdef DEBUG_MSGING
3612 int m;
3613 printk("Recv:");
3614 for (m = 0; m < msg->rsp_size; m++)
3615 printk(" %2.2x", msg->rsp[m]);
3616 printk("\n");
3617 #endif
3618 if (msg->rsp_size < 2) {
3619 /* Message is too small to be correct. */
3620 printk(KERN_WARNING PFX "BMC returned to small a message"
3621 " for netfn %x cmd %x, got %d bytes\n",
3622 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
3623
3624 /* Generate an error response for the message. */
3625 msg->rsp[0] = msg->data[0] | (1 << 2);
3626 msg->rsp[1] = msg->data[1];
3627 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3628 msg->rsp_size = 3;
3629 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))
3630 || (msg->rsp[1] != msg->data[1])) {
3631 /*
3632 * The NetFN and Command in the response is not even
3633 * marginally correct.
3634 */
3635 printk(KERN_WARNING PFX "BMC returned incorrect response,"
3636 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
3637 (msg->data[0] >> 2) | 1, msg->data[1],
3638 msg->rsp[0] >> 2, msg->rsp[1]);
3639
3640 /* Generate an error response for the message. */
3641 msg->rsp[0] = msg->data[0] | (1 << 2);
3642 msg->rsp[1] = msg->data[1];
3643 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
3644 msg->rsp_size = 3;
3645 }
3646
3647 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3648 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
3649 && (msg->user_data != NULL)) {
3650 /*
3651 * It's a response to a response we sent. For this we
3652 * deliver a send message response to the user.
3653 */
3654 struct ipmi_recv_msg *recv_msg = msg->user_data;
3655
3656 requeue = 0;
3657 if (msg->rsp_size < 2)
3658 /* Message is too small to be correct. */
3659 goto out;
3660
3661 chan = msg->data[2] & 0x0f;
3662 if (chan >= IPMI_MAX_CHANNELS)
3663 /* Invalid channel number */
3664 goto out;
3665
3666 if (!recv_msg)
3667 goto out;
3668
3669 /* Make sure the user still exists. */
3670 if (!recv_msg->user || !recv_msg->user->valid)
3671 goto out;
3672
3673 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
3674 recv_msg->msg.data = recv_msg->msg_data;
3675 recv_msg->msg.data_len = 1;
3676 recv_msg->msg_data[0] = msg->rsp[2];
3677 deliver_response(recv_msg);
3678 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3679 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) {
3680 /* It's from the receive queue. */
3681 chan = msg->rsp[3] & 0xf;
3682 if (chan >= IPMI_MAX_CHANNELS) {
3683 /* Invalid channel number */
3684 requeue = 0;
3685 goto out;
3686 }
3687
3688 /*
3689 * We need to make sure the channels have been initialized.
3690 * The channel_handler routine will set the "curr_channel"
3691 * equal to or greater than IPMI_MAX_CHANNELS when all the
3692 * channels for this interface have been initialized.
3693 */
3694 if (intf->curr_channel < IPMI_MAX_CHANNELS) {
3695 requeue = 0; /* Throw the message away */
3696 goto out;
3697 }
3698
3699 switch (intf->channels[chan].medium) {
3700 case IPMI_CHANNEL_MEDIUM_IPMB:
3701 if (msg->rsp[4] & 0x04) {
3702 /*
3703 * It's a response, so find the
3704 * requesting message and send it up.
3705 */
3706 requeue = handle_ipmb_get_msg_rsp(intf, msg);
3707 } else {
3708 /*
3709 * It's a command to the SMS from some other
3710 * entity. Handle that.
3711 */
3712 requeue = handle_ipmb_get_msg_cmd(intf, msg);
3713 }
3714 break;
3715
3716 case IPMI_CHANNEL_MEDIUM_8023LAN:
3717 case IPMI_CHANNEL_MEDIUM_ASYNC:
3718 if (msg->rsp[6] & 0x04) {
3719 /*
3720 * It's a response, so find the
3721 * requesting message and send it up.
3722 */
3723 requeue = handle_lan_get_msg_rsp(intf, msg);
3724 } else {
3725 /*
3726 * It's a command to the SMS from some other
3727 * entity. Handle that.
3728 */
3729 requeue = handle_lan_get_msg_cmd(intf, msg);
3730 }
3731 break;
3732
3733 default:
3734 /* Check for OEM Channels. Clients had better
3735 register for these commands. */
3736 if ((intf->channels[chan].medium
3737 >= IPMI_CHANNEL_MEDIUM_OEM_MIN)
3738 && (intf->channels[chan].medium
3739 <= IPMI_CHANNEL_MEDIUM_OEM_MAX)) {
3740 requeue = handle_oem_get_msg_cmd(intf, msg);
3741 } else {
3742 /*
3743 * We don't handle the channel type, so just
3744 * free the message.
3745 */
3746 requeue = 0;
3747 }
3748 }
3749
3750 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
3751 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) {
3752 /* It's an asyncronous event. */
3753 requeue = handle_read_event_rsp(intf, msg);
3754 } else {
3755 /* It's a response from the local BMC. */
3756 requeue = handle_bmc_rsp(intf, msg);
3757 }
3758
3759 out:
3760 return requeue;
3761 }
3762
3763 /* Handle a new message from the lower layer. */
ipmi_smi_msg_received(ipmi_smi_t intf,struct ipmi_smi_msg * msg)3764 void ipmi_smi_msg_received(ipmi_smi_t intf,
3765 struct ipmi_smi_msg *msg)
3766 {
3767 unsigned long flags = 0; /* keep us warning-free. */
3768 int rv;
3769 int run_to_completion;
3770
3771
3772 if ((msg->data_size >= 2)
3773 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
3774 && (msg->data[1] == IPMI_SEND_MSG_CMD)
3775 && (msg->user_data == NULL)) {
3776 /*
3777 * This is the local response to a command send, start
3778 * the timer for these. The user_data will not be
3779 * NULL if this is a response send, and we will let
3780 * response sends just go through.
3781 */
3782
3783 /*
3784 * Check for errors, if we get certain errors (ones
3785 * that mean basically we can try again later), we
3786 * ignore them and start the timer. Otherwise we
3787 * report the error immediately.
3788 */
3789 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
3790 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
3791 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR)
3792 && (msg->rsp[2] != IPMI_BUS_ERR)
3793 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) {
3794 int chan = msg->rsp[3] & 0xf;
3795
3796 /* Got an error sending the message, handle it. */
3797 if (chan >= IPMI_MAX_CHANNELS)
3798 ; /* This shouldn't happen */
3799 else if ((intf->channels[chan].medium
3800 == IPMI_CHANNEL_MEDIUM_8023LAN)
3801 || (intf->channels[chan].medium
3802 == IPMI_CHANNEL_MEDIUM_ASYNC))
3803 ipmi_inc_stat(intf, sent_lan_command_errs);
3804 else
3805 ipmi_inc_stat(intf, sent_ipmb_command_errs);
3806 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
3807 } else
3808 /* The message was sent, start the timer. */
3809 intf_start_seq_timer(intf, msg->msgid);
3810
3811 ipmi_free_smi_msg(msg);
3812 goto out;
3813 }
3814
3815 /*
3816 * To preserve message order, if the list is not empty, we
3817 * tack this message onto the end of the list.
3818 */
3819 run_to_completion = intf->run_to_completion;
3820 if (!run_to_completion)
3821 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
3822 if (!list_empty(&intf->waiting_msgs)) {
3823 list_add_tail(&msg->link, &intf->waiting_msgs);
3824 if (!run_to_completion)
3825 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
3826 goto out;
3827 }
3828 if (!run_to_completion)
3829 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
3830
3831 rv = handle_new_recv_msg(intf, msg);
3832 if (rv > 0) {
3833 /*
3834 * Could not handle the message now, just add it to a
3835 * list to handle later.
3836 */
3837 run_to_completion = intf->run_to_completion;
3838 if (!run_to_completion)
3839 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
3840 list_add_tail(&msg->link, &intf->waiting_msgs);
3841 if (!run_to_completion)
3842 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
3843 } else if (rv == 0) {
3844 ipmi_free_smi_msg(msg);
3845 }
3846
3847 out:
3848 return;
3849 }
3850 EXPORT_SYMBOL(ipmi_smi_msg_received);
3851
ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)3852 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
3853 {
3854 ipmi_user_t user;
3855
3856 rcu_read_lock();
3857 list_for_each_entry_rcu(user, &intf->users, link) {
3858 if (!user->handler->ipmi_watchdog_pretimeout)
3859 continue;
3860
3861 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
3862 }
3863 rcu_read_unlock();
3864 }
3865 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
3866
3867 static struct ipmi_smi_msg *
smi_from_recv_msg(ipmi_smi_t intf,struct ipmi_recv_msg * recv_msg,unsigned char seq,long seqid)3868 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
3869 unsigned char seq, long seqid)
3870 {
3871 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
3872 if (!smi_msg)
3873 /*
3874 * If we can't allocate the message, then just return, we
3875 * get 4 retries, so this should be ok.
3876 */
3877 return NULL;
3878
3879 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
3880 smi_msg->data_size = recv_msg->msg.data_len;
3881 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
3882
3883 #ifdef DEBUG_MSGING
3884 {
3885 int m;
3886 printk("Resend: ");
3887 for (m = 0; m < smi_msg->data_size; m++)
3888 printk(" %2.2x", smi_msg->data[m]);
3889 printk("\n");
3890 }
3891 #endif
3892 return smi_msg;
3893 }
3894
check_msg_timeout(ipmi_smi_t intf,struct seq_table * ent,struct list_head * timeouts,long timeout_period,int slot,unsigned long * flags)3895 static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent,
3896 struct list_head *timeouts, long timeout_period,
3897 int slot, unsigned long *flags)
3898 {
3899 struct ipmi_recv_msg *msg;
3900 struct ipmi_smi_handlers *handlers;
3901
3902 if (intf->intf_num == -1)
3903 return;
3904
3905 if (!ent->inuse)
3906 return;
3907
3908 ent->timeout -= timeout_period;
3909 if (ent->timeout > 0)
3910 return;
3911
3912 if (ent->retries_left == 0) {
3913 /* The message has used all its retries. */
3914 ent->inuse = 0;
3915 msg = ent->recv_msg;
3916 list_add_tail(&msg->link, timeouts);
3917 if (ent->broadcast)
3918 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts);
3919 else if (is_lan_addr(&ent->recv_msg->addr))
3920 ipmi_inc_stat(intf, timed_out_lan_commands);
3921 else
3922 ipmi_inc_stat(intf, timed_out_ipmb_commands);
3923 } else {
3924 struct ipmi_smi_msg *smi_msg;
3925 /* More retries, send again. */
3926
3927 /*
3928 * Start with the max timer, set to normal timer after
3929 * the message is sent.
3930 */
3931 ent->timeout = MAX_MSG_TIMEOUT;
3932 ent->retries_left--;
3933 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
3934 ent->seqid);
3935 if (!smi_msg) {
3936 if (is_lan_addr(&ent->recv_msg->addr))
3937 ipmi_inc_stat(intf,
3938 dropped_rexmit_lan_commands);
3939 else
3940 ipmi_inc_stat(intf,
3941 dropped_rexmit_ipmb_commands);
3942 return;
3943 }
3944
3945 spin_unlock_irqrestore(&intf->seq_lock, *flags);
3946
3947 /*
3948 * Send the new message. We send with a zero
3949 * priority. It timed out, I doubt time is that
3950 * critical now, and high priority messages are really
3951 * only for messages to the local MC, which don't get
3952 * resent.
3953 */
3954 handlers = intf->handlers;
3955 if (handlers) {
3956 if (is_lan_addr(&ent->recv_msg->addr))
3957 ipmi_inc_stat(intf,
3958 retransmitted_lan_commands);
3959 else
3960 ipmi_inc_stat(intf,
3961 retransmitted_ipmb_commands);
3962
3963 intf->handlers->sender(intf->send_info,
3964 smi_msg, 0);
3965 } else
3966 ipmi_free_smi_msg(smi_msg);
3967
3968 spin_lock_irqsave(&intf->seq_lock, *flags);
3969 }
3970 }
3971
ipmi_timeout_handler(long timeout_period)3972 static void ipmi_timeout_handler(long timeout_period)
3973 {
3974 ipmi_smi_t intf;
3975 struct list_head timeouts;
3976 struct ipmi_recv_msg *msg, *msg2;
3977 struct ipmi_smi_msg *smi_msg, *smi_msg2;
3978 unsigned long flags;
3979 int i;
3980
3981 rcu_read_lock();
3982 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
3983 /* See if any waiting messages need to be processed. */
3984 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
3985 list_for_each_entry_safe(smi_msg, smi_msg2,
3986 &intf->waiting_msgs, link) {
3987 if (!handle_new_recv_msg(intf, smi_msg)) {
3988 list_del(&smi_msg->link);
3989 ipmi_free_smi_msg(smi_msg);
3990 } else {
3991 /*
3992 * To preserve message order, quit if we
3993 * can't handle a message.
3994 */
3995 break;
3996 }
3997 }
3998 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
3999
4000 /*
4001 * Go through the seq table and find any messages that
4002 * have timed out, putting them in the timeouts
4003 * list.
4004 */
4005 INIT_LIST_HEAD(&timeouts);
4006 spin_lock_irqsave(&intf->seq_lock, flags);
4007 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++)
4008 check_msg_timeout(intf, &(intf->seq_table[i]),
4009 &timeouts, timeout_period, i,
4010 &flags);
4011 spin_unlock_irqrestore(&intf->seq_lock, flags);
4012
4013 list_for_each_entry_safe(msg, msg2, &timeouts, link)
4014 deliver_err_response(msg, IPMI_TIMEOUT_COMPLETION_CODE);
4015
4016 /*
4017 * Maintenance mode handling. Check the timeout
4018 * optimistically before we claim the lock. It may
4019 * mean a timeout gets missed occasionally, but that
4020 * only means the timeout gets extended by one period
4021 * in that case. No big deal, and it avoids the lock
4022 * most of the time.
4023 */
4024 if (intf->auto_maintenance_timeout > 0) {
4025 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
4026 if (intf->auto_maintenance_timeout > 0) {
4027 intf->auto_maintenance_timeout
4028 -= timeout_period;
4029 if (!intf->maintenance_mode
4030 && (intf->auto_maintenance_timeout <= 0)) {
4031 intf->maintenance_mode_enable = 0;
4032 maintenance_mode_update(intf);
4033 }
4034 }
4035 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
4036 flags);
4037 }
4038 }
4039 rcu_read_unlock();
4040 }
4041
ipmi_request_event(void)4042 static void ipmi_request_event(void)
4043 {
4044 ipmi_smi_t intf;
4045 struct ipmi_smi_handlers *handlers;
4046
4047 rcu_read_lock();
4048 /*
4049 * Called from the timer, no need to check if handlers is
4050 * valid.
4051 */
4052 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
4053 /* No event requests when in maintenance mode. */
4054 if (intf->maintenance_mode_enable)
4055 continue;
4056
4057 handlers = intf->handlers;
4058 if (handlers)
4059 handlers->request_events(intf->send_info);
4060 }
4061 rcu_read_unlock();
4062 }
4063
4064 static struct timer_list ipmi_timer;
4065
4066 /* Call every ~1000 ms. */
4067 #define IPMI_TIMEOUT_TIME 1000
4068
4069 /* How many jiffies does it take to get to the timeout time. */
4070 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
4071
4072 /*
4073 * Request events from the queue every second (this is the number of
4074 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
4075 * future, IPMI will add a way to know immediately if an event is in
4076 * the queue and this silliness can go away.
4077 */
4078 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
4079
4080 static atomic_t stop_operation;
4081 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
4082
ipmi_timeout(unsigned long data)4083 static void ipmi_timeout(unsigned long data)
4084 {
4085 if (atomic_read(&stop_operation))
4086 return;
4087
4088 ticks_to_req_ev--;
4089 if (ticks_to_req_ev == 0) {
4090 ipmi_request_event();
4091 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
4092 }
4093
4094 ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
4095
4096 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
4097 }
4098
4099
4100 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
4101 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
4102
4103 /* FIXME - convert these to slabs. */
free_smi_msg(struct ipmi_smi_msg * msg)4104 static void free_smi_msg(struct ipmi_smi_msg *msg)
4105 {
4106 atomic_dec(&smi_msg_inuse_count);
4107 kfree(msg);
4108 }
4109
ipmi_alloc_smi_msg(void)4110 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
4111 {
4112 struct ipmi_smi_msg *rv;
4113 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
4114 if (rv) {
4115 rv->done = free_smi_msg;
4116 rv->user_data = NULL;
4117 atomic_inc(&smi_msg_inuse_count);
4118 }
4119 return rv;
4120 }
4121 EXPORT_SYMBOL(ipmi_alloc_smi_msg);
4122
free_recv_msg(struct ipmi_recv_msg * msg)4123 static void free_recv_msg(struct ipmi_recv_msg *msg)
4124 {
4125 atomic_dec(&recv_msg_inuse_count);
4126 kfree(msg);
4127 }
4128
ipmi_alloc_recv_msg(void)4129 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
4130 {
4131 struct ipmi_recv_msg *rv;
4132
4133 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
4134 if (rv) {
4135 rv->user = NULL;
4136 rv->done = free_recv_msg;
4137 atomic_inc(&recv_msg_inuse_count);
4138 }
4139 return rv;
4140 }
4141
ipmi_free_recv_msg(struct ipmi_recv_msg * msg)4142 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
4143 {
4144 if (msg->user)
4145 kref_put(&msg->user->refcount, free_user);
4146 msg->done(msg);
4147 }
4148 EXPORT_SYMBOL(ipmi_free_recv_msg);
4149
4150 #ifdef CONFIG_IPMI_PANIC_EVENT
4151
dummy_smi_done_handler(struct ipmi_smi_msg * msg)4152 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
4153 {
4154 }
4155
dummy_recv_done_handler(struct ipmi_recv_msg * msg)4156 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
4157 {
4158 }
4159
4160 #ifdef CONFIG_IPMI_PANIC_STRING
event_receiver_fetcher(ipmi_smi_t intf,struct ipmi_recv_msg * msg)4161 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
4162 {
4163 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4164 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
4165 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
4166 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
4167 /* A get event receiver command, save it. */
4168 intf->event_receiver = msg->msg.data[1];
4169 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
4170 }
4171 }
4172
device_id_fetcher(ipmi_smi_t intf,struct ipmi_recv_msg * msg)4173 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
4174 {
4175 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4176 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
4177 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
4178 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
4179 /*
4180 * A get device id command, save if we are an event
4181 * receiver or generator.
4182 */
4183 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
4184 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
4185 }
4186 }
4187 #endif
4188
send_panic_events(char * str)4189 static void send_panic_events(char *str)
4190 {
4191 struct kernel_ipmi_msg msg;
4192 ipmi_smi_t intf;
4193 unsigned char data[16];
4194 struct ipmi_system_interface_addr *si;
4195 struct ipmi_addr addr;
4196 struct ipmi_smi_msg smi_msg;
4197 struct ipmi_recv_msg recv_msg;
4198
4199 si = (struct ipmi_system_interface_addr *) &addr;
4200 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4201 si->channel = IPMI_BMC_CHANNEL;
4202 si->lun = 0;
4203
4204 /* Fill in an event telling that we have failed. */
4205 msg.netfn = 0x04; /* Sensor or Event. */
4206 msg.cmd = 2; /* Platform event command. */
4207 msg.data = data;
4208 msg.data_len = 8;
4209 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */
4210 data[1] = 0x03; /* This is for IPMI 1.0. */
4211 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
4212 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
4213 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
4214
4215 /*
4216 * Put a few breadcrumbs in. Hopefully later we can add more things
4217 * to make the panic events more useful.
4218 */
4219 if (str) {
4220 data[3] = str[0];
4221 data[6] = str[1];
4222 data[7] = str[2];
4223 }
4224
4225 smi_msg.done = dummy_smi_done_handler;
4226 recv_msg.done = dummy_recv_done_handler;
4227
4228 /* For every registered interface, send the event. */
4229 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
4230 if (!intf->handlers)
4231 /* Interface is not ready. */
4232 continue;
4233
4234 intf->run_to_completion = 1;
4235 /* Send the event announcing the panic. */
4236 intf->handlers->set_run_to_completion(intf->send_info, 1);
4237 i_ipmi_request(NULL,
4238 intf,
4239 &addr,
4240 0,
4241 &msg,
4242 intf,
4243 &smi_msg,
4244 &recv_msg,
4245 0,
4246 intf->channels[0].address,
4247 intf->channels[0].lun,
4248 0, 1); /* Don't retry, and don't wait. */
4249 }
4250
4251 #ifdef CONFIG_IPMI_PANIC_STRING
4252 /*
4253 * On every interface, dump a bunch of OEM event holding the
4254 * string.
4255 */
4256 if (!str)
4257 return;
4258
4259 /* For every registered interface, send the event. */
4260 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
4261 char *p = str;
4262 struct ipmi_ipmb_addr *ipmb;
4263 int j;
4264
4265 if (intf->intf_num == -1)
4266 /* Interface was not ready yet. */
4267 continue;
4268
4269 /*
4270 * intf_num is used as an marker to tell if the
4271 * interface is valid. Thus we need a read barrier to
4272 * make sure data fetched before checking intf_num
4273 * won't be used.
4274 */
4275 smp_rmb();
4276
4277 /*
4278 * First job here is to figure out where to send the
4279 * OEM events. There's no way in IPMI to send OEM
4280 * events using an event send command, so we have to
4281 * find the SEL to put them in and stick them in
4282 * there.
4283 */
4284
4285 /* Get capabilities from the get device id. */
4286 intf->local_sel_device = 0;
4287 intf->local_event_generator = 0;
4288 intf->event_receiver = 0;
4289
4290 /* Request the device info from the local MC. */
4291 msg.netfn = IPMI_NETFN_APP_REQUEST;
4292 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
4293 msg.data = NULL;
4294 msg.data_len = 0;
4295 intf->null_user_handler = device_id_fetcher;
4296 i_ipmi_request(NULL,
4297 intf,
4298 &addr,
4299 0,
4300 &msg,
4301 intf,
4302 &smi_msg,
4303 &recv_msg,
4304 0,
4305 intf->channels[0].address,
4306 intf->channels[0].lun,
4307 0, 1); /* Don't retry, and don't wait. */
4308
4309 if (intf->local_event_generator) {
4310 /* Request the event receiver from the local MC. */
4311 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
4312 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
4313 msg.data = NULL;
4314 msg.data_len = 0;
4315 intf->null_user_handler = event_receiver_fetcher;
4316 i_ipmi_request(NULL,
4317 intf,
4318 &addr,
4319 0,
4320 &msg,
4321 intf,
4322 &smi_msg,
4323 &recv_msg,
4324 0,
4325 intf->channels[0].address,
4326 intf->channels[0].lun,
4327 0, 1); /* no retry, and no wait. */
4328 }
4329 intf->null_user_handler = NULL;
4330
4331 /*
4332 * Validate the event receiver. The low bit must not
4333 * be 1 (it must be a valid IPMB address), it cannot
4334 * be zero, and it must not be my address.
4335 */
4336 if (((intf->event_receiver & 1) == 0)
4337 && (intf->event_receiver != 0)
4338 && (intf->event_receiver != intf->channels[0].address)) {
4339 /*
4340 * The event receiver is valid, send an IPMB
4341 * message.
4342 */
4343 ipmb = (struct ipmi_ipmb_addr *) &addr;
4344 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
4345 ipmb->channel = 0; /* FIXME - is this right? */
4346 ipmb->lun = intf->event_receiver_lun;
4347 ipmb->slave_addr = intf->event_receiver;
4348 } else if (intf->local_sel_device) {
4349 /*
4350 * The event receiver was not valid (or was
4351 * me), but I am an SEL device, just dump it
4352 * in my SEL.
4353 */
4354 si = (struct ipmi_system_interface_addr *) &addr;
4355 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4356 si->channel = IPMI_BMC_CHANNEL;
4357 si->lun = 0;
4358 } else
4359 continue; /* No where to send the event. */
4360
4361 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
4362 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
4363 msg.data = data;
4364 msg.data_len = 16;
4365
4366 j = 0;
4367 while (*p) {
4368 int size = strlen(p);
4369
4370 if (size > 11)
4371 size = 11;
4372 data[0] = 0;
4373 data[1] = 0;
4374 data[2] = 0xf0; /* OEM event without timestamp. */
4375 data[3] = intf->channels[0].address;
4376 data[4] = j++; /* sequence # */
4377 /*
4378 * Always give 11 bytes, so strncpy will fill
4379 * it with zeroes for me.
4380 */
4381 strncpy(data+5, p, 11);
4382 p += size;
4383
4384 i_ipmi_request(NULL,
4385 intf,
4386 &addr,
4387 0,
4388 &msg,
4389 intf,
4390 &smi_msg,
4391 &recv_msg,
4392 0,
4393 intf->channels[0].address,
4394 intf->channels[0].lun,
4395 0, 1); /* no retry, and no wait. */
4396 }
4397 }
4398 #endif /* CONFIG_IPMI_PANIC_STRING */
4399 }
4400 #endif /* CONFIG_IPMI_PANIC_EVENT */
4401
4402 static int has_panicked;
4403
panic_event(struct notifier_block * this,unsigned long event,void * ptr)4404 static int panic_event(struct notifier_block *this,
4405 unsigned long event,
4406 void *ptr)
4407 {
4408 ipmi_smi_t intf;
4409
4410 if (has_panicked)
4411 return NOTIFY_DONE;
4412 has_panicked = 1;
4413
4414 /* For every registered interface, set it to run to completion. */
4415 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
4416 if (!intf->handlers)
4417 /* Interface is not ready. */
4418 continue;
4419
4420 intf->run_to_completion = 1;
4421 intf->handlers->set_run_to_completion(intf->send_info, 1);
4422 }
4423
4424 #ifdef CONFIG_IPMI_PANIC_EVENT
4425 send_panic_events(ptr);
4426 #endif
4427
4428 return NOTIFY_DONE;
4429 }
4430
4431 static struct notifier_block panic_block = {
4432 .notifier_call = panic_event,
4433 .next = NULL,
4434 .priority = 200 /* priority: INT_MAX >= x >= 0 */
4435 };
4436
ipmi_init_msghandler(void)4437 static int ipmi_init_msghandler(void)
4438 {
4439 int rv;
4440
4441 if (initialized)
4442 return 0;
4443
4444 rv = driver_register(&ipmidriver.driver);
4445 if (rv) {
4446 printk(KERN_ERR PFX "Could not register IPMI driver\n");
4447 return rv;
4448 }
4449
4450 printk(KERN_INFO "ipmi message handler version "
4451 IPMI_DRIVER_VERSION "\n");
4452
4453 #ifdef CONFIG_PROC_FS
4454 proc_ipmi_root = proc_mkdir("ipmi", NULL);
4455 if (!proc_ipmi_root) {
4456 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
4457 return -ENOMEM;
4458 }
4459
4460 #endif /* CONFIG_PROC_FS */
4461
4462 setup_timer(&ipmi_timer, ipmi_timeout, 0);
4463 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
4464
4465 atomic_notifier_chain_register(&panic_notifier_list, &panic_block);
4466
4467 initialized = 1;
4468
4469 return 0;
4470 }
4471
ipmi_init_msghandler_mod(void)4472 static int __init ipmi_init_msghandler_mod(void)
4473 {
4474 ipmi_init_msghandler();
4475 return 0;
4476 }
4477
cleanup_ipmi(void)4478 static void __exit cleanup_ipmi(void)
4479 {
4480 int count;
4481
4482 if (!initialized)
4483 return;
4484
4485 atomic_notifier_chain_unregister(&panic_notifier_list, &panic_block);
4486
4487 /*
4488 * This can't be called if any interfaces exist, so no worry
4489 * about shutting down the interfaces.
4490 */
4491
4492 /*
4493 * Tell the timer to stop, then wait for it to stop. This
4494 * avoids problems with race conditions removing the timer
4495 * here.
4496 */
4497 atomic_inc(&stop_operation);
4498 del_timer_sync(&ipmi_timer);
4499
4500 #ifdef CONFIG_PROC_FS
4501 remove_proc_entry(proc_ipmi_root->name, NULL);
4502 #endif /* CONFIG_PROC_FS */
4503
4504 driver_unregister(&ipmidriver.driver);
4505
4506 initialized = 0;
4507
4508 /* Check for buffer leaks. */
4509 count = atomic_read(&smi_msg_inuse_count);
4510 if (count != 0)
4511 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
4512 count);
4513 count = atomic_read(&recv_msg_inuse_count);
4514 if (count != 0)
4515 printk(KERN_WARNING PFX "recv message count %d at exit\n",
4516 count);
4517 }
4518 module_exit(cleanup_ipmi);
4519
4520 module_init(ipmi_init_msghandler_mod);
4521 MODULE_LICENSE("GPL");
4522 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
4523 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI"
4524 " interface.");
4525 MODULE_VERSION(IPMI_DRIVER_VERSION);
4526