4 * Incoming and outgoing message routing for an IPMI interface.
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
10 * Copyright 2002 MontaVista Software Inc.
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
34 #include <linux/config.h>
35 #include <linux/module.h>
36 #include <linux/errno.h>
37 #include <asm/system.h>
38 #include <linux/sched.h>
39 #include <linux/poll.h>
40 #include <linux/spinlock.h>
41 #include <linux/rwsem.h>
42 #include <linux/slab.h>
43 #include <linux/ipmi.h>
44 #include <linux/ipmi_smi.h>
45 #include <linux/notifier.h>
46 #include <linux/init.h>
47 #include <linux/proc_fs.h>
49 #define PFX "IPMI message handler: "
50 #define IPMI_MSGHANDLER_VERSION "v33"
52 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
53 static int ipmi_init_msghandler(void);
55 static int initialized = 0;
57 static struct proc_dir_entry *proc_ipmi_root = NULL;
59 #define MAX_EVENTS_IN_QUEUE 25
61 /* Don't let a message sit in a queue forever, always time it with at lest
62 the max message timer. This is in milliseconds. */
63 #define MAX_MSG_TIMEOUT 60000
67 struct list_head link;
69 /* The upper layer that handles receive messages. */
70 struct ipmi_user_hndl *handler;
73 /* The interface this user is bound to. */
76 /* Does this interface receive IPMI events? */
82 struct list_head link;
91 unsigned int inuse : 1;
92 unsigned int broadcast : 1;
94 unsigned long timeout;
95 unsigned long orig_timeout;
96 unsigned int retries_left;
98 /* To verify on an incoming send message response that this is
99 the message that the response is for, we keep a sequence id
100 and increment it every time we send a message. */
103 /* This is held so we can properly respond to the message on a
104 timeout, and it is used to hold the temporary data for
105 retransmission, too. */
106 struct ipmi_recv_msg *recv_msg;
109 /* Store the information in a msgid (long) to allow us to find a
110 sequence table entry from the msgid. */
111 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
113 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
115 seq = ((msgid >> 26) & 0x3f); \
116 seqid = (msgid & 0x3fffff); \
119 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
123 unsigned char medium;
124 unsigned char protocol;
127 struct ipmi_proc_entry
130 struct ipmi_proc_entry *next;
133 #define IPMI_IPMB_NUM_SEQ 64
134 #define IPMI_MAX_CHANNELS 8
137 /* What interface number are we? */
140 /* The list of upper layers that are using me. We read-lock
141 this when delivering messages to the upper layer to keep
142 the user from going away while we are processing the
143 message. This means that you cannot add or delete a user
144 from the receive callback. */
146 struct list_head users;
148 /* Used for wake ups at startup. */
149 wait_queue_head_t waitq;
151 /* The IPMI version of the BMC on the other end. */
152 unsigned char version_major;
153 unsigned char version_minor;
155 /* This is the lower-layer's sender routine. */
156 struct ipmi_smi_handlers *handlers;
159 /* A list of proc entries for this interface. This does not
160 need a lock, only one thread creates it and only one thread
162 struct ipmi_proc_entry *proc_entries;
164 /* A table of sequence numbers for this interface. We use the
165 sequence numbers for IPMB messages that go out of the
166 interface to match them up with their responses. A routine
167 is called periodically to time the items in this list. */
169 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
172 /* Messages that were delayed for some reason (out of memory,
173 for instance), will go in here to be processed later in a
174 periodic timer interrupt. */
175 spinlock_t waiting_msgs_lock;
176 struct list_head waiting_msgs;
178 /* The list of command receivers that are registered for commands
179 on this interface. */
180 rwlock_t cmd_rcvr_lock;
181 struct list_head cmd_rcvrs;
183 /* Events that were queues because no one was there to receive
185 spinlock_t events_lock; /* For dealing with event stuff. */
186 struct list_head waiting_events;
187 unsigned int waiting_events_count; /* How many events in queue? */
189 /* This will be non-null if someone registers to receive all
190 IPMI commands (this is for interface emulation). There
191 may not be any things in the cmd_rcvrs list above when
192 this is registered. */
193 ipmi_user_t all_cmd_rcvr;
195 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
196 but may be changed by the user. */
197 unsigned char my_address;
199 /* My LUN. This should generally stay the SMS LUN, but just in
201 unsigned char my_lun;
203 /* The event receiver for my BMC, only really used at panic
204 shutdown as a place to store this. */
205 unsigned char event_receiver;
206 unsigned char event_receiver_lun;
207 unsigned char local_sel_device;
208 unsigned char local_event_generator;
210 /* A cheap hack, if this is non-null and a message to an
211 interface comes in with a NULL user, call this routine with
212 it. Note that the message will still be freed by the
213 caller. This only works on the system interface. */
214 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_smi_msg *msg);
216 /* When we are scanning the channels for an SMI, this will
217 tell which channel we are scanning. */
220 /* Channel information */
221 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
224 struct proc_dir_entry *proc_dir;
225 char proc_dir_name[10];
227 spinlock_t counter_lock; /* For making counters atomic. */
229 /* Commands we got that were invalid. */
230 unsigned int sent_invalid_commands;
232 /* Commands we sent to the MC. */
233 unsigned int sent_local_commands;
234 /* Responses from the MC that were delivered to a user. */
235 unsigned int handled_local_responses;
236 /* Responses from the MC that were not delivered to a user. */
237 unsigned int unhandled_local_responses;
239 /* Commands we sent out to the IPMB bus. */
240 unsigned int sent_ipmb_commands;
241 /* Commands sent on the IPMB that had errors on the SEND CMD */
242 unsigned int sent_ipmb_command_errs;
243 /* Each retransmit increments this count. */
244 unsigned int retransmitted_ipmb_commands;
245 /* When a message times out (runs out of retransmits) this is
247 unsigned int timed_out_ipmb_commands;
249 /* This is like above, but for broadcasts. Broadcasts are
250 *not* included in the above count (they are expected to
252 unsigned int timed_out_ipmb_broadcasts;
254 /* Responses I have sent to the IPMB bus. */
255 unsigned int sent_ipmb_responses;
257 /* The response was delivered to the user. */
258 unsigned int handled_ipmb_responses;
259 /* The response had invalid data in it. */
260 unsigned int invalid_ipmb_responses;
261 /* The response didn't have anyone waiting for it. */
262 unsigned int unhandled_ipmb_responses;
264 /* Commands we sent out to the IPMB bus. */
265 unsigned int sent_lan_commands;
266 /* Commands sent on the IPMB that had errors on the SEND CMD */
267 unsigned int sent_lan_command_errs;
268 /* Each retransmit increments this count. */
269 unsigned int retransmitted_lan_commands;
270 /* When a message times out (runs out of retransmits) this is
272 unsigned int timed_out_lan_commands;
274 /* Responses I have sent to the IPMB bus. */
275 unsigned int sent_lan_responses;
277 /* The response was delivered to the user. */
278 unsigned int handled_lan_responses;
279 /* The response had invalid data in it. */
280 unsigned int invalid_lan_responses;
281 /* The response didn't have anyone waiting for it. */
282 unsigned int unhandled_lan_responses;
284 /* The command was delivered to the user. */
285 unsigned int handled_commands;
286 /* The command had invalid data in it. */
287 unsigned int invalid_commands;
288 /* The command didn't have anyone waiting for it. */
289 unsigned int unhandled_commands;
291 /* Invalid data in an event. */
292 unsigned int invalid_events;
293 /* Events that were received with the proper format. */
297 #define MAX_IPMI_INTERFACES 4
298 static ipmi_smi_t ipmi_interfaces[MAX_IPMI_INTERFACES];
300 /* Used to keep interfaces from going away while operations are
301 operating on interfaces. Grab read if you are not modifying the
302 interfaces, write if you are. */
303 static DECLARE_RWSEM(interfaces_sem);
305 /* Directly protects the ipmi_interfaces data structure. This is
306 claimed in the timer interrupt. */
307 static DEFINE_SPINLOCK(interfaces_lock);
309 /* List of watchers that want to know when smi's are added and
311 static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers);
312 static DECLARE_RWSEM(smi_watchers_sem);
314 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
318 down_read(&interfaces_sem);
319 down_write(&smi_watchers_sem);
320 list_add(&(watcher->link), &smi_watchers);
321 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
322 if (ipmi_interfaces[i] != NULL) {
326 up_write(&smi_watchers_sem);
327 up_read(&interfaces_sem);
331 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
333 down_write(&smi_watchers_sem);
334 list_del(&(watcher->link));
335 up_write(&smi_watchers_sem);
340 call_smi_watchers(int i)
342 struct ipmi_smi_watcher *w;
344 down_read(&smi_watchers_sem);
345 list_for_each_entry(w, &smi_watchers, link) {
346 if (try_module_get(w->owner)) {
348 module_put(w->owner);
351 up_read(&smi_watchers_sem);
355 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
357 if (addr1->addr_type != addr2->addr_type)
360 if (addr1->channel != addr2->channel)
363 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
364 struct ipmi_system_interface_addr *smi_addr1
365 = (struct ipmi_system_interface_addr *) addr1;
366 struct ipmi_system_interface_addr *smi_addr2
367 = (struct ipmi_system_interface_addr *) addr2;
368 return (smi_addr1->lun == smi_addr2->lun);
371 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE)
372 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
374 struct ipmi_ipmb_addr *ipmb_addr1
375 = (struct ipmi_ipmb_addr *) addr1;
376 struct ipmi_ipmb_addr *ipmb_addr2
377 = (struct ipmi_ipmb_addr *) addr2;
379 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
380 && (ipmb_addr1->lun == ipmb_addr2->lun));
383 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) {
384 struct ipmi_lan_addr *lan_addr1
385 = (struct ipmi_lan_addr *) addr1;
386 struct ipmi_lan_addr *lan_addr2
387 = (struct ipmi_lan_addr *) addr2;
389 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
390 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
391 && (lan_addr1->session_handle
392 == lan_addr2->session_handle)
393 && (lan_addr1->lun == lan_addr2->lun));
399 int ipmi_validate_addr(struct ipmi_addr *addr, int len)
401 if (len < sizeof(struct ipmi_system_interface_addr)) {
405 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
406 if (addr->channel != IPMI_BMC_CHANNEL)
411 if ((addr->channel == IPMI_BMC_CHANNEL)
412 || (addr->channel >= IPMI_NUM_CHANNELS)
413 || (addr->channel < 0))
416 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
417 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
419 if (len < sizeof(struct ipmi_ipmb_addr)) {
425 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
426 if (len < sizeof(struct ipmi_lan_addr)) {
435 unsigned int ipmi_addr_length(int addr_type)
437 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
438 return sizeof(struct ipmi_system_interface_addr);
440 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
441 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
443 return sizeof(struct ipmi_ipmb_addr);
446 if (addr_type == IPMI_LAN_ADDR_TYPE)
447 return sizeof(struct ipmi_lan_addr);
452 static void deliver_response(struct ipmi_recv_msg *msg)
454 msg->user->handler->ipmi_recv_hndl(msg, msg->user->handler_data);
457 /* Find the next sequence number not being used and add the given
458 message with the given timeout to the sequence table. This must be
459 called with the interface's seq_lock held. */
460 static int intf_next_seq(ipmi_smi_t intf,
461 struct ipmi_recv_msg *recv_msg,
462 unsigned long timeout,
471 for (i=intf->curr_seq;
472 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
473 i=(i+1)%IPMI_IPMB_NUM_SEQ)
475 if (! intf->seq_table[i].inuse)
479 if (! intf->seq_table[i].inuse) {
480 intf->seq_table[i].recv_msg = recv_msg;
482 /* Start with the maximum timeout, when the send response
483 comes in we will start the real timer. */
484 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
485 intf->seq_table[i].orig_timeout = timeout;
486 intf->seq_table[i].retries_left = retries;
487 intf->seq_table[i].broadcast = broadcast;
488 intf->seq_table[i].inuse = 1;
489 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
491 *seqid = intf->seq_table[i].seqid;
492 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
500 /* Return the receive message for the given sequence number and
501 release the sequence number so it can be reused. Some other data
502 is passed in to be sure the message matches up correctly (to help
503 guard against message coming in after their timeout and the
504 sequence number being reused). */
505 static int intf_find_seq(ipmi_smi_t intf,
510 struct ipmi_addr *addr,
511 struct ipmi_recv_msg **recv_msg)
516 if (seq >= IPMI_IPMB_NUM_SEQ)
519 spin_lock_irqsave(&(intf->seq_lock), flags);
520 if (intf->seq_table[seq].inuse) {
521 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
523 if ((msg->addr.channel == channel)
524 && (msg->msg.cmd == cmd)
525 && (msg->msg.netfn == netfn)
526 && (ipmi_addr_equal(addr, &(msg->addr))))
529 intf->seq_table[seq].inuse = 0;
533 spin_unlock_irqrestore(&(intf->seq_lock), flags);
539 /* Start the timer for a specific sequence table entry. */
540 static int intf_start_seq_timer(ipmi_smi_t intf,
549 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
551 spin_lock_irqsave(&(intf->seq_lock), flags);
552 /* We do this verification because the user can be deleted
553 while a message is outstanding. */
554 if ((intf->seq_table[seq].inuse)
555 && (intf->seq_table[seq].seqid == seqid))
557 struct seq_table *ent = &(intf->seq_table[seq]);
558 ent->timeout = ent->orig_timeout;
561 spin_unlock_irqrestore(&(intf->seq_lock), flags);
566 /* Got an error for the send message for a specific sequence number. */
567 static int intf_err_seq(ipmi_smi_t intf,
575 struct ipmi_recv_msg *msg = NULL;
578 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
580 spin_lock_irqsave(&(intf->seq_lock), flags);
581 /* We do this verification because the user can be deleted
582 while a message is outstanding. */
583 if ((intf->seq_table[seq].inuse)
584 && (intf->seq_table[seq].seqid == seqid))
586 struct seq_table *ent = &(intf->seq_table[seq]);
592 spin_unlock_irqrestore(&(intf->seq_lock), flags);
595 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
596 msg->msg_data[0] = err;
597 msg->msg.netfn |= 1; /* Convert to a response. */
598 msg->msg.data_len = 1;
599 msg->msg.data = msg->msg_data;
600 deliver_response(msg);
607 int ipmi_create_user(unsigned int if_num,
608 struct ipmi_user_hndl *handler,
613 ipmi_user_t new_user;
616 /* There is no module usecount here, because it's not
617 required. Since this can only be used by and called from
618 other modules, they will implicitly use this module, and
619 thus this can't be removed unless the other modules are
625 /* Make sure the driver is actually initialized, this handles
626 problems with initialization order. */
628 rv = ipmi_init_msghandler();
632 /* The init code doesn't return an error if it was turned
633 off, but it won't initialize. Check that. */
638 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
642 down_read(&interfaces_sem);
643 if ((if_num > MAX_IPMI_INTERFACES) || ipmi_interfaces[if_num] == NULL)
649 new_user->handler = handler;
650 new_user->handler_data = handler_data;
651 new_user->intf = ipmi_interfaces[if_num];
652 new_user->gets_events = 0;
654 if (!try_module_get(new_user->intf->handlers->owner)) {
659 write_lock_irqsave(&new_user->intf->users_lock, flags);
660 list_add_tail(&new_user->link, &new_user->intf->users);
661 write_unlock_irqrestore(&new_user->intf->users_lock, flags);
670 up_read(&interfaces_sem);
674 static int ipmi_destroy_user_nolock(ipmi_user_t user)
678 struct cmd_rcvr *rcvr, *rcvr2;
682 /* Find the user and delete them from the list. */
683 list_for_each_entry(t_user, &(user->intf->users), link) {
684 if (t_user == user) {
685 list_del(&t_user->link);
695 /* Remove the user from the interfaces sequence table. */
696 spin_lock_irqsave(&(user->intf->seq_lock), flags);
697 for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) {
698 if (user->intf->seq_table[i].inuse
699 && (user->intf->seq_table[i].recv_msg->user == user))
701 user->intf->seq_table[i].inuse = 0;
704 spin_unlock_irqrestore(&(user->intf->seq_lock), flags);
706 /* Remove the user from the command receiver's table. */
707 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
708 list_for_each_entry_safe(rcvr, rcvr2, &(user->intf->cmd_rcvrs), link) {
709 if (rcvr->user == user) {
710 list_del(&rcvr->link);
714 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
723 int ipmi_destroy_user(ipmi_user_t user)
726 ipmi_smi_t intf = user->intf;
729 down_read(&interfaces_sem);
730 write_lock_irqsave(&intf->users_lock, flags);
731 rv = ipmi_destroy_user_nolock(user);
733 module_put(intf->handlers->owner);
735 write_unlock_irqrestore(&intf->users_lock, flags);
736 up_read(&interfaces_sem);
740 void ipmi_get_version(ipmi_user_t user,
741 unsigned char *major,
742 unsigned char *minor)
744 *major = user->intf->version_major;
745 *minor = user->intf->version_minor;
748 void ipmi_set_my_address(ipmi_user_t user,
749 unsigned char address)
751 user->intf->my_address = address;
754 unsigned char ipmi_get_my_address(ipmi_user_t user)
756 return user->intf->my_address;
759 void ipmi_set_my_LUN(ipmi_user_t user,
762 user->intf->my_lun = LUN & 0x3;
765 unsigned char ipmi_get_my_LUN(ipmi_user_t user)
767 return user->intf->my_lun;
770 int ipmi_set_gets_events(ipmi_user_t user, int val)
773 struct ipmi_recv_msg *msg, *msg2;
775 read_lock(&(user->intf->users_lock));
776 spin_lock_irqsave(&(user->intf->events_lock), flags);
777 user->gets_events = val;
780 /* Deliver any queued events. */
781 list_for_each_entry_safe(msg, msg2, &(user->intf->waiting_events), link) {
782 list_del(&msg->link);
784 deliver_response(msg);
788 spin_unlock_irqrestore(&(user->intf->events_lock), flags);
789 read_unlock(&(user->intf->users_lock));
794 int ipmi_register_for_cmd(ipmi_user_t user,
798 struct cmd_rcvr *cmp;
800 struct cmd_rcvr *rcvr;
804 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
808 read_lock(&(user->intf->users_lock));
809 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
810 if (user->intf->all_cmd_rcvr != NULL) {
815 /* Make sure the command/netfn is not already registered. */
816 list_for_each_entry(cmp, &(user->intf->cmd_rcvrs), link) {
817 if ((cmp->netfn == netfn) && (cmp->cmd == cmd)) {
827 list_add_tail(&(rcvr->link), &(user->intf->cmd_rcvrs));
830 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
831 read_unlock(&(user->intf->users_lock));
839 int ipmi_unregister_for_cmd(ipmi_user_t user,
844 struct cmd_rcvr *rcvr;
847 read_lock(&(user->intf->users_lock));
848 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
849 /* Make sure the command/netfn is not already registered. */
850 list_for_each_entry(rcvr, &(user->intf->cmd_rcvrs), link) {
851 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
853 list_del(&rcvr->link);
858 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
859 read_unlock(&(user->intf->users_lock));
864 void ipmi_user_set_run_to_completion(ipmi_user_t user, int val)
866 user->intf->handlers->set_run_to_completion(user->intf->send_info,
871 ipmb_checksum(unsigned char *data, int size)
873 unsigned char csum = 0;
875 for (; size > 0; size--, data++)
881 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
882 struct kernel_ipmi_msg *msg,
883 struct ipmi_ipmb_addr *ipmb_addr,
885 unsigned char ipmb_seq,
887 unsigned char source_address,
888 unsigned char source_lun)
892 /* Format the IPMB header data. */
893 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
894 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
895 smi_msg->data[2] = ipmb_addr->channel;
897 smi_msg->data[3] = 0;
898 smi_msg->data[i+3] = ipmb_addr->slave_addr;
899 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
900 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
901 smi_msg->data[i+6] = source_address;
902 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
903 smi_msg->data[i+8] = msg->cmd;
905 /* Now tack on the data to the message. */
906 if (msg->data_len > 0)
907 memcpy(&(smi_msg->data[i+9]), msg->data,
909 smi_msg->data_size = msg->data_len + 9;
911 /* Now calculate the checksum and tack it on. */
912 smi_msg->data[i+smi_msg->data_size]
913 = ipmb_checksum(&(smi_msg->data[i+6]),
914 smi_msg->data_size-6);
916 /* Add on the checksum size and the offset from the
918 smi_msg->data_size += 1 + i;
920 smi_msg->msgid = msgid;
923 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
924 struct kernel_ipmi_msg *msg,
925 struct ipmi_lan_addr *lan_addr,
927 unsigned char ipmb_seq,
928 unsigned char source_lun)
930 /* Format the IPMB header data. */
931 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
932 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
933 smi_msg->data[2] = lan_addr->channel;
934 smi_msg->data[3] = lan_addr->session_handle;
935 smi_msg->data[4] = lan_addr->remote_SWID;
936 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
937 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
938 smi_msg->data[7] = lan_addr->local_SWID;
939 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
940 smi_msg->data[9] = msg->cmd;
942 /* Now tack on the data to the message. */
943 if (msg->data_len > 0)
944 memcpy(&(smi_msg->data[10]), msg->data,
946 smi_msg->data_size = msg->data_len + 10;
948 /* Now calculate the checksum and tack it on. */
949 smi_msg->data[smi_msg->data_size]
950 = ipmb_checksum(&(smi_msg->data[7]),
951 smi_msg->data_size-7);
953 /* Add on the checksum size and the offset from the
955 smi_msg->data_size += 1;
957 smi_msg->msgid = msgid;
960 /* Separate from ipmi_request so that the user does not have to be
961 supplied in certain circumstances (mainly at panic time). If
962 messages are supplied, they will be freed, even if an error
964 static inline int i_ipmi_request(ipmi_user_t user,
966 struct ipmi_addr *addr,
968 struct kernel_ipmi_msg *msg,
971 struct ipmi_recv_msg *supplied_recv,
973 unsigned char source_address,
974 unsigned char source_lun,
976 unsigned int retry_time_ms)
979 struct ipmi_smi_msg *smi_msg;
980 struct ipmi_recv_msg *recv_msg;
985 recv_msg = supplied_recv;
987 recv_msg = ipmi_alloc_recv_msg();
988 if (recv_msg == NULL) {
992 recv_msg->user_msg_data = user_msg_data;
995 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
997 smi_msg = ipmi_alloc_smi_msg();
998 if (smi_msg == NULL) {
999 ipmi_free_recv_msg(recv_msg);
1004 recv_msg->user = user;
1005 recv_msg->msgid = msgid;
1006 /* Store the message to send in the receive message so timeout
1007 responses can get the proper response data. */
1008 recv_msg->msg = *msg;
1010 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1011 struct ipmi_system_interface_addr *smi_addr;
1013 if (msg->netfn & 1) {
1014 /* Responses are not allowed to the SMI. */
1019 smi_addr = (struct ipmi_system_interface_addr *) addr;
1020 if (smi_addr->lun > 3) {
1021 spin_lock_irqsave(&intf->counter_lock, flags);
1022 intf->sent_invalid_commands++;
1023 spin_unlock_irqrestore(&intf->counter_lock, flags);
1028 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1030 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1031 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1032 || (msg->cmd == IPMI_GET_MSG_CMD)
1033 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD)))
1035 /* We don't let the user do these, since we manage
1036 the sequence numbers. */
1037 spin_lock_irqsave(&intf->counter_lock, flags);
1038 intf->sent_invalid_commands++;
1039 spin_unlock_irqrestore(&intf->counter_lock, flags);
1044 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1045 spin_lock_irqsave(&intf->counter_lock, flags);
1046 intf->sent_invalid_commands++;
1047 spin_unlock_irqrestore(&intf->counter_lock, flags);
1052 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1053 smi_msg->data[1] = msg->cmd;
1054 smi_msg->msgid = msgid;
1055 smi_msg->user_data = recv_msg;
1056 if (msg->data_len > 0)
1057 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1058 smi_msg->data_size = msg->data_len + 2;
1059 spin_lock_irqsave(&intf->counter_lock, flags);
1060 intf->sent_local_commands++;
1061 spin_unlock_irqrestore(&intf->counter_lock, flags);
1062 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
1063 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1065 struct ipmi_ipmb_addr *ipmb_addr;
1066 unsigned char ipmb_seq;
1070 if (addr->channel > IPMI_NUM_CHANNELS) {
1071 spin_lock_irqsave(&intf->counter_lock, flags);
1072 intf->sent_invalid_commands++;
1073 spin_unlock_irqrestore(&intf->counter_lock, flags);
1078 if (intf->channels[addr->channel].medium
1079 != IPMI_CHANNEL_MEDIUM_IPMB)
1081 spin_lock_irqsave(&intf->counter_lock, flags);
1082 intf->sent_invalid_commands++;
1083 spin_unlock_irqrestore(&intf->counter_lock, flags);
1089 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1090 retries = 0; /* Don't retry broadcasts. */
1094 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1095 /* Broadcasts add a zero at the beginning of the
1096 message, but otherwise is the same as an IPMB
1098 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1103 /* Default to 1 second retries. */
1104 if (retry_time_ms == 0)
1105 retry_time_ms = 1000;
1107 /* 9 for the header and 1 for the checksum, plus
1108 possibly one for the broadcast. */
1109 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1110 spin_lock_irqsave(&intf->counter_lock, flags);
1111 intf->sent_invalid_commands++;
1112 spin_unlock_irqrestore(&intf->counter_lock, flags);
1117 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1118 if (ipmb_addr->lun > 3) {
1119 spin_lock_irqsave(&intf->counter_lock, flags);
1120 intf->sent_invalid_commands++;
1121 spin_unlock_irqrestore(&intf->counter_lock, flags);
1126 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1128 if (recv_msg->msg.netfn & 0x1) {
1129 /* It's a response, so use the user's sequence
1131 spin_lock_irqsave(&intf->counter_lock, flags);
1132 intf->sent_ipmb_responses++;
1133 spin_unlock_irqrestore(&intf->counter_lock, flags);
1134 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1136 source_address, source_lun);
1138 /* Save the receive message so we can use it
1139 to deliver the response. */
1140 smi_msg->user_data = recv_msg;
1142 /* It's a command, so get a sequence for it. */
1144 spin_lock_irqsave(&(intf->seq_lock), flags);
1146 spin_lock(&intf->counter_lock);
1147 intf->sent_ipmb_commands++;
1148 spin_unlock(&intf->counter_lock);
1150 /* Create a sequence number with a 1 second
1151 timeout and 4 retries. */
1152 rv = intf_next_seq(intf,
1160 /* We have used up all the sequence numbers,
1161 probably, so abort. */
1162 spin_unlock_irqrestore(&(intf->seq_lock),
1167 /* Store the sequence number in the message,
1168 so that when the send message response
1169 comes back we can start the timer. */
1170 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1171 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1172 ipmb_seq, broadcast,
1173 source_address, source_lun);
1175 /* Copy the message into the recv message data, so we
1176 can retransmit it later if necessary. */
1177 memcpy(recv_msg->msg_data, smi_msg->data,
1178 smi_msg->data_size);
1179 recv_msg->msg.data = recv_msg->msg_data;
1180 recv_msg->msg.data_len = smi_msg->data_size;
1182 /* We don't unlock until here, because we need
1183 to copy the completed message into the
1184 recv_msg before we release the lock.
1185 Otherwise, race conditions may bite us. I
1186 know that's pretty paranoid, but I prefer
1188 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1190 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
1191 struct ipmi_lan_addr *lan_addr;
1192 unsigned char ipmb_seq;
1195 if (addr->channel > IPMI_NUM_CHANNELS) {
1196 spin_lock_irqsave(&intf->counter_lock, flags);
1197 intf->sent_invalid_commands++;
1198 spin_unlock_irqrestore(&intf->counter_lock, flags);
1203 if ((intf->channels[addr->channel].medium
1204 != IPMI_CHANNEL_MEDIUM_8023LAN)
1205 && (intf->channels[addr->channel].medium
1206 != IPMI_CHANNEL_MEDIUM_ASYNC))
1208 spin_lock_irqsave(&intf->counter_lock, flags);
1209 intf->sent_invalid_commands++;
1210 spin_unlock_irqrestore(&intf->counter_lock, flags);
1217 /* Default to 1 second retries. */
1218 if (retry_time_ms == 0)
1219 retry_time_ms = 1000;
1221 /* 11 for the header and 1 for the checksum. */
1222 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1223 spin_lock_irqsave(&intf->counter_lock, flags);
1224 intf->sent_invalid_commands++;
1225 spin_unlock_irqrestore(&intf->counter_lock, flags);
1230 lan_addr = (struct ipmi_lan_addr *) addr;
1231 if (lan_addr->lun > 3) {
1232 spin_lock_irqsave(&intf->counter_lock, flags);
1233 intf->sent_invalid_commands++;
1234 spin_unlock_irqrestore(&intf->counter_lock, flags);
1239 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1241 if (recv_msg->msg.netfn & 0x1) {
1242 /* It's a response, so use the user's sequence
1244 spin_lock_irqsave(&intf->counter_lock, flags);
1245 intf->sent_lan_responses++;
1246 spin_unlock_irqrestore(&intf->counter_lock, flags);
1247 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1250 /* Save the receive message so we can use it
1251 to deliver the response. */
1252 smi_msg->user_data = recv_msg;
1254 /* It's a command, so get a sequence for it. */
1256 spin_lock_irqsave(&(intf->seq_lock), flags);
1258 spin_lock(&intf->counter_lock);
1259 intf->sent_lan_commands++;
1260 spin_unlock(&intf->counter_lock);
1262 /* Create a sequence number with a 1 second
1263 timeout and 4 retries. */
1264 rv = intf_next_seq(intf,
1272 /* We have used up all the sequence numbers,
1273 probably, so abort. */
1274 spin_unlock_irqrestore(&(intf->seq_lock),
1279 /* Store the sequence number in the message,
1280 so that when the send message response
1281 comes back we can start the timer. */
1282 format_lan_msg(smi_msg, msg, lan_addr,
1283 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1284 ipmb_seq, source_lun);
1286 /* Copy the message into the recv message data, so we
1287 can retransmit it later if necessary. */
1288 memcpy(recv_msg->msg_data, smi_msg->data,
1289 smi_msg->data_size);
1290 recv_msg->msg.data = recv_msg->msg_data;
1291 recv_msg->msg.data_len = smi_msg->data_size;
1293 /* We don't unlock until here, because we need
1294 to copy the completed message into the
1295 recv_msg before we release the lock.
1296 Otherwise, race conditions may bite us. I
1297 know that's pretty paranoid, but I prefer
1299 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1302 /* Unknown address type. */
1303 spin_lock_irqsave(&intf->counter_lock, flags);
1304 intf->sent_invalid_commands++;
1305 spin_unlock_irqrestore(&intf->counter_lock, flags);
1313 for (m=0; m<smi_msg->data_size; m++)
1314 printk(" %2.2x", smi_msg->data[m]);
1318 intf->handlers->sender(intf->send_info, smi_msg, priority);
1323 ipmi_free_smi_msg(smi_msg);
1324 ipmi_free_recv_msg(recv_msg);
1328 int ipmi_request_settime(ipmi_user_t user,
1329 struct ipmi_addr *addr,
1331 struct kernel_ipmi_msg *msg,
1332 void *user_msg_data,
1335 unsigned int retry_time_ms)
1337 return i_ipmi_request(user,
1345 user->intf->my_address,
1351 int ipmi_request_supply_msgs(ipmi_user_t user,
1352 struct ipmi_addr *addr,
1354 struct kernel_ipmi_msg *msg,
1355 void *user_msg_data,
1357 struct ipmi_recv_msg *supplied_recv,
1360 return i_ipmi_request(user,
1369 user->intf->my_address,
1374 static int ipmb_file_read_proc(char *page, char **start, off_t off,
1375 int count, int *eof, void *data)
1377 char *out = (char *) page;
1378 ipmi_smi_t intf = data;
1380 return sprintf(out, "%x\n", intf->my_address);
1383 static int version_file_read_proc(char *page, char **start, off_t off,
1384 int count, int *eof, void *data)
1386 char *out = (char *) page;
1387 ipmi_smi_t intf = data;
1389 return sprintf(out, "%d.%d\n",
1390 intf->version_major, intf->version_minor);
1393 static int stat_file_read_proc(char *page, char **start, off_t off,
1394 int count, int *eof, void *data)
1396 char *out = (char *) page;
1397 ipmi_smi_t intf = data;
1399 out += sprintf(out, "sent_invalid_commands: %d\n",
1400 intf->sent_invalid_commands);
1401 out += sprintf(out, "sent_local_commands: %d\n",
1402 intf->sent_local_commands);
1403 out += sprintf(out, "handled_local_responses: %d\n",
1404 intf->handled_local_responses);
1405 out += sprintf(out, "unhandled_local_responses: %d\n",
1406 intf->unhandled_local_responses);
1407 out += sprintf(out, "sent_ipmb_commands: %d\n",
1408 intf->sent_ipmb_commands);
1409 out += sprintf(out, "sent_ipmb_command_errs: %d\n",
1410 intf->sent_ipmb_command_errs);
1411 out += sprintf(out, "retransmitted_ipmb_commands: %d\n",
1412 intf->retransmitted_ipmb_commands);
1413 out += sprintf(out, "timed_out_ipmb_commands: %d\n",
1414 intf->timed_out_ipmb_commands);
1415 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n",
1416 intf->timed_out_ipmb_broadcasts);
1417 out += sprintf(out, "sent_ipmb_responses: %d\n",
1418 intf->sent_ipmb_responses);
1419 out += sprintf(out, "handled_ipmb_responses: %d\n",
1420 intf->handled_ipmb_responses);
1421 out += sprintf(out, "invalid_ipmb_responses: %d\n",
1422 intf->invalid_ipmb_responses);
1423 out += sprintf(out, "unhandled_ipmb_responses: %d\n",
1424 intf->unhandled_ipmb_responses);
1425 out += sprintf(out, "sent_lan_commands: %d\n",
1426 intf->sent_lan_commands);
1427 out += sprintf(out, "sent_lan_command_errs: %d\n",
1428 intf->sent_lan_command_errs);
1429 out += sprintf(out, "retransmitted_lan_commands: %d\n",
1430 intf->retransmitted_lan_commands);
1431 out += sprintf(out, "timed_out_lan_commands: %d\n",
1432 intf->timed_out_lan_commands);
1433 out += sprintf(out, "sent_lan_responses: %d\n",
1434 intf->sent_lan_responses);
1435 out += sprintf(out, "handled_lan_responses: %d\n",
1436 intf->handled_lan_responses);
1437 out += sprintf(out, "invalid_lan_responses: %d\n",
1438 intf->invalid_lan_responses);
1439 out += sprintf(out, "unhandled_lan_responses: %d\n",
1440 intf->unhandled_lan_responses);
1441 out += sprintf(out, "handled_commands: %d\n",
1442 intf->handled_commands);
1443 out += sprintf(out, "invalid_commands: %d\n",
1444 intf->invalid_commands);
1445 out += sprintf(out, "unhandled_commands: %d\n",
1446 intf->unhandled_commands);
1447 out += sprintf(out, "invalid_events: %d\n",
1448 intf->invalid_events);
1449 out += sprintf(out, "events: %d\n",
1452 return (out - ((char *) page));
1455 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1456 read_proc_t *read_proc, write_proc_t *write_proc,
1457 void *data, struct module *owner)
1459 struct proc_dir_entry *file;
1461 struct ipmi_proc_entry *entry;
1463 /* Create a list element. */
1464 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
1467 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
1472 strcpy(entry->name, name);
1474 file = create_proc_entry(name, 0, smi->proc_dir);
1482 file->read_proc = read_proc;
1483 file->write_proc = write_proc;
1484 file->owner = owner;
1486 /* Stick it on the list. */
1487 entry->next = smi->proc_entries;
1488 smi->proc_entries = entry;
1494 static int add_proc_entries(ipmi_smi_t smi, int num)
1498 sprintf(smi->proc_dir_name, "%d", num);
1499 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
1503 smi->proc_dir->owner = THIS_MODULE;
1507 rv = ipmi_smi_add_proc_entry(smi, "stats",
1508 stat_file_read_proc, NULL,
1512 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
1513 ipmb_file_read_proc, NULL,
1517 rv = ipmi_smi_add_proc_entry(smi, "version",
1518 version_file_read_proc, NULL,
1524 static void remove_proc_entries(ipmi_smi_t smi)
1526 struct ipmi_proc_entry *entry;
1528 while (smi->proc_entries) {
1529 entry = smi->proc_entries;
1530 smi->proc_entries = entry->next;
1532 remove_proc_entry(entry->name, smi->proc_dir);
1536 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
1540 send_channel_info_cmd(ipmi_smi_t intf, int chan)
1542 struct kernel_ipmi_msg msg;
1543 unsigned char data[1];
1544 struct ipmi_system_interface_addr si;
1546 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
1547 si.channel = IPMI_BMC_CHANNEL;
1550 msg.netfn = IPMI_NETFN_APP_REQUEST;
1551 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
1555 return i_ipmi_request(NULL,
1557 (struct ipmi_addr *) &si,
1570 channel_handler(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
1575 if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2))
1576 && (msg->rsp[1] == IPMI_GET_CHANNEL_INFO_CMD))
1578 /* It's the one we want */
1579 if (msg->rsp[2] != 0) {
1580 /* Got an error from the channel, just go on. */
1582 if (msg->rsp[2] == IPMI_INVALID_COMMAND_ERR) {
1583 /* If the MC does not support this
1584 command, that is legal. We just
1585 assume it has one IPMB at channel
1587 intf->channels[0].medium
1588 = IPMI_CHANNEL_MEDIUM_IPMB;
1589 intf->channels[0].protocol
1590 = IPMI_CHANNEL_PROTOCOL_IPMB;
1593 intf->curr_channel = IPMI_MAX_CHANNELS;
1594 wake_up(&intf->waitq);
1599 if (msg->rsp_size < 6) {
1600 /* Message not big enough, just go on. */
1603 chan = intf->curr_channel;
1604 intf->channels[chan].medium = msg->rsp[4] & 0x7f;
1605 intf->channels[chan].protocol = msg->rsp[5] & 0x1f;
1608 intf->curr_channel++;
1609 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
1610 wake_up(&intf->waitq);
1612 rv = send_channel_info_cmd(intf, intf->curr_channel);
1615 /* Got an error somehow, just give up. */
1616 intf->curr_channel = IPMI_MAX_CHANNELS;
1617 wake_up(&intf->waitq);
1619 printk(KERN_WARNING PFX
1620 "Error sending channel information: %d\n",
1628 int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
1630 unsigned char version_major,
1631 unsigned char version_minor,
1636 ipmi_smi_t new_intf;
1637 unsigned long flags;
1640 /* Make sure the driver is actually initialized, this handles
1641 problems with initialization order. */
1643 rv = ipmi_init_msghandler();
1646 /* The init code doesn't return an error if it was turned
1647 off, but it won't initialize. Check that. */
1652 new_intf = kmalloc(sizeof(*new_intf), GFP_KERNEL);
1655 memset(new_intf, 0, sizeof(*new_intf));
1657 new_intf->proc_dir = NULL;
1661 down_write(&interfaces_sem);
1662 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
1663 if (ipmi_interfaces[i] == NULL) {
1664 new_intf->intf_num = i;
1665 new_intf->version_major = version_major;
1666 new_intf->version_minor = version_minor;
1667 new_intf->my_address = IPMI_BMC_SLAVE_ADDR;
1668 new_intf->my_lun = 2; /* the SMS LUN. */
1669 rwlock_init(&(new_intf->users_lock));
1670 INIT_LIST_HEAD(&(new_intf->users));
1671 new_intf->handlers = handlers;
1672 new_intf->send_info = send_info;
1673 spin_lock_init(&(new_intf->seq_lock));
1674 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) {
1675 new_intf->seq_table[j].inuse = 0;
1676 new_intf->seq_table[j].seqid = 0;
1678 new_intf->curr_seq = 0;
1679 spin_lock_init(&(new_intf->waiting_msgs_lock));
1680 INIT_LIST_HEAD(&(new_intf->waiting_msgs));
1681 spin_lock_init(&(new_intf->events_lock));
1682 INIT_LIST_HEAD(&(new_intf->waiting_events));
1683 new_intf->waiting_events_count = 0;
1684 rwlock_init(&(new_intf->cmd_rcvr_lock));
1685 init_waitqueue_head(&new_intf->waitq);
1686 INIT_LIST_HEAD(&(new_intf->cmd_rcvrs));
1687 new_intf->all_cmd_rcvr = NULL;
1689 spin_lock_init(&(new_intf->counter_lock));
1691 spin_lock_irqsave(&interfaces_lock, flags);
1692 ipmi_interfaces[i] = new_intf;
1693 spin_unlock_irqrestore(&interfaces_lock, flags);
1701 downgrade_write(&interfaces_sem);
1704 rv = add_proc_entries(*intf, i);
1707 if ((version_major > 1)
1708 || ((version_major == 1) && (version_minor >= 5)))
1710 /* Start scanning the channels to see what is
1712 (*intf)->null_user_handler = channel_handler;
1713 (*intf)->curr_channel = 0;
1714 rv = send_channel_info_cmd(*intf, 0);
1718 /* Wait for the channel info to be read. */
1719 up_read(&interfaces_sem);
1720 wait_event((*intf)->waitq,
1721 ((*intf)->curr_channel>=IPMI_MAX_CHANNELS));
1722 down_read(&interfaces_sem);
1724 if (ipmi_interfaces[i] != new_intf)
1725 /* Well, it went away. Just return. */
1728 /* Assume a single IPMB channel at zero. */
1729 (*intf)->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
1730 (*intf)->channels[0].protocol
1731 = IPMI_CHANNEL_PROTOCOL_IPMB;
1734 /* Call all the watcher interfaces to tell
1735 them that a new interface is available. */
1736 call_smi_watchers(i);
1740 up_read(&interfaces_sem);
1743 if (new_intf->proc_dir)
1744 remove_proc_entries(new_intf);
1751 static void free_recv_msg_list(struct list_head *q)
1753 struct ipmi_recv_msg *msg, *msg2;
1755 list_for_each_entry_safe(msg, msg2, q, link) {
1756 list_del(&msg->link);
1757 ipmi_free_recv_msg(msg);
1761 static void free_cmd_rcvr_list(struct list_head *q)
1763 struct cmd_rcvr *rcvr, *rcvr2;
1765 list_for_each_entry_safe(rcvr, rcvr2, q, link) {
1766 list_del(&rcvr->link);
1771 static void clean_up_interface_data(ipmi_smi_t intf)
1775 free_recv_msg_list(&(intf->waiting_msgs));
1776 free_recv_msg_list(&(intf->waiting_events));
1777 free_cmd_rcvr_list(&(intf->cmd_rcvrs));
1779 for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) {
1780 if ((intf->seq_table[i].inuse)
1781 && (intf->seq_table[i].recv_msg))
1783 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1788 int ipmi_unregister_smi(ipmi_smi_t intf)
1792 struct ipmi_smi_watcher *w;
1793 unsigned long flags;
1795 down_write(&interfaces_sem);
1796 if (list_empty(&(intf->users)))
1798 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
1799 if (ipmi_interfaces[i] == intf) {
1800 remove_proc_entries(intf);
1801 spin_lock_irqsave(&interfaces_lock, flags);
1802 ipmi_interfaces[i] = NULL;
1803 clean_up_interface_data(intf);
1804 spin_unlock_irqrestore(&interfaces_lock,flags);
1807 goto out_call_watcher;
1813 up_write(&interfaces_sem);
1818 downgrade_write(&interfaces_sem);
1820 /* Call all the watcher interfaces to tell them that
1821 an interface is gone. */
1822 down_read(&smi_watchers_sem);
1823 list_for_each_entry(w, &smi_watchers, link) {
1826 up_read(&smi_watchers_sem);
1827 up_read(&interfaces_sem);
1831 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
1832 struct ipmi_smi_msg *msg)
1834 struct ipmi_ipmb_addr ipmb_addr;
1835 struct ipmi_recv_msg *recv_msg;
1836 unsigned long flags;
1839 /* This is 11, not 10, because the response must contain a
1840 * completion code. */
1841 if (msg->rsp_size < 11) {
1842 /* Message not big enough, just ignore it. */
1843 spin_lock_irqsave(&intf->counter_lock, flags);
1844 intf->invalid_ipmb_responses++;
1845 spin_unlock_irqrestore(&intf->counter_lock, flags);
1849 if (msg->rsp[2] != 0) {
1850 /* An error getting the response, just ignore it. */
1854 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
1855 ipmb_addr.slave_addr = msg->rsp[6];
1856 ipmb_addr.channel = msg->rsp[3] & 0x0f;
1857 ipmb_addr.lun = msg->rsp[7] & 3;
1859 /* It's a response from a remote entity. Look up the sequence
1860 number and handle the response. */
1861 if (intf_find_seq(intf,
1865 (msg->rsp[4] >> 2) & (~1),
1866 (struct ipmi_addr *) &(ipmb_addr),
1869 /* We were unable to find the sequence number,
1870 so just nuke the message. */
1871 spin_lock_irqsave(&intf->counter_lock, flags);
1872 intf->unhandled_ipmb_responses++;
1873 spin_unlock_irqrestore(&intf->counter_lock, flags);
1877 memcpy(recv_msg->msg_data,
1880 /* THe other fields matched, so no need to set them, except
1881 for netfn, which needs to be the response that was
1882 returned, not the request value. */
1883 recv_msg->msg.netfn = msg->rsp[4] >> 2;
1884 recv_msg->msg.data = recv_msg->msg_data;
1885 recv_msg->msg.data_len = msg->rsp_size - 10;
1886 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
1887 spin_lock_irqsave(&intf->counter_lock, flags);
1888 intf->handled_ipmb_responses++;
1889 spin_unlock_irqrestore(&intf->counter_lock, flags);
1890 deliver_response(recv_msg);
1895 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
1896 struct ipmi_smi_msg *msg)
1898 struct cmd_rcvr *rcvr;
1900 unsigned char netfn;
1902 ipmi_user_t user = NULL;
1903 struct ipmi_ipmb_addr *ipmb_addr;
1904 struct ipmi_recv_msg *recv_msg;
1905 unsigned long flags;
1907 if (msg->rsp_size < 10) {
1908 /* Message not big enough, just ignore it. */
1909 spin_lock_irqsave(&intf->counter_lock, flags);
1910 intf->invalid_commands++;
1911 spin_unlock_irqrestore(&intf->counter_lock, flags);
1915 if (msg->rsp[2] != 0) {
1916 /* An error getting the response, just ignore it. */
1920 netfn = msg->rsp[4] >> 2;
1923 read_lock(&(intf->cmd_rcvr_lock));
1925 if (intf->all_cmd_rcvr) {
1926 user = intf->all_cmd_rcvr;
1928 /* Find the command/netfn. */
1929 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) {
1930 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
1936 read_unlock(&(intf->cmd_rcvr_lock));
1939 /* We didn't find a user, deliver an error response. */
1940 spin_lock_irqsave(&intf->counter_lock, flags);
1941 intf->unhandled_commands++;
1942 spin_unlock_irqrestore(&intf->counter_lock, flags);
1944 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1945 msg->data[1] = IPMI_SEND_MSG_CMD;
1946 msg->data[2] = msg->rsp[3];
1947 msg->data[3] = msg->rsp[6];
1948 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
1949 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
1950 msg->data[6] = intf->my_address;
1952 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
1953 msg->data[8] = msg->rsp[8]; /* cmd */
1954 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
1955 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
1956 msg->data_size = 11;
1961 printk("Invalid command:");
1962 for (m=0; m<msg->data_size; m++)
1963 printk(" %2.2x", msg->data[m]);
1967 intf->handlers->sender(intf->send_info, msg, 0);
1969 rv = -1; /* We used the message, so return the value that
1970 causes it to not be freed or queued. */
1972 /* Deliver the message to the user. */
1973 spin_lock_irqsave(&intf->counter_lock, flags);
1974 intf->handled_commands++;
1975 spin_unlock_irqrestore(&intf->counter_lock, flags);
1977 recv_msg = ipmi_alloc_recv_msg();
1979 /* We couldn't allocate memory for the
1980 message, so requeue it for handling
1984 /* Extract the source address from the data. */
1985 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
1986 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1987 ipmb_addr->slave_addr = msg->rsp[6];
1988 ipmb_addr->lun = msg->rsp[7] & 3;
1989 ipmb_addr->channel = msg->rsp[3] & 0xf;
1991 /* Extract the rest of the message information
1992 from the IPMB header.*/
1993 recv_msg->user = user;
1994 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
1995 recv_msg->msgid = msg->rsp[7] >> 2;
1996 recv_msg->msg.netfn = msg->rsp[4] >> 2;
1997 recv_msg->msg.cmd = msg->rsp[8];
1998 recv_msg->msg.data = recv_msg->msg_data;
2000 /* We chop off 10, not 9 bytes because the checksum
2001 at the end also needs to be removed. */
2002 recv_msg->msg.data_len = msg->rsp_size - 10;
2003 memcpy(recv_msg->msg_data,
2005 msg->rsp_size - 10);
2006 deliver_response(recv_msg);
2013 static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
2014 struct ipmi_smi_msg *msg)
2016 struct ipmi_lan_addr lan_addr;
2017 struct ipmi_recv_msg *recv_msg;
2018 unsigned long flags;
2021 /* This is 13, not 12, because the response must contain a
2022 * completion code. */
2023 if (msg->rsp_size < 13) {
2024 /* Message not big enough, just ignore it. */
2025 spin_lock_irqsave(&intf->counter_lock, flags);
2026 intf->invalid_lan_responses++;
2027 spin_unlock_irqrestore(&intf->counter_lock, flags);
2031 if (msg->rsp[2] != 0) {
2032 /* An error getting the response, just ignore it. */
2036 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
2037 lan_addr.session_handle = msg->rsp[4];
2038 lan_addr.remote_SWID = msg->rsp[8];
2039 lan_addr.local_SWID = msg->rsp[5];
2040 lan_addr.channel = msg->rsp[3] & 0x0f;
2041 lan_addr.privilege = msg->rsp[3] >> 4;
2042 lan_addr.lun = msg->rsp[9] & 3;
2044 /* It's a response from a remote entity. Look up the sequence
2045 number and handle the response. */
2046 if (intf_find_seq(intf,
2050 (msg->rsp[6] >> 2) & (~1),
2051 (struct ipmi_addr *) &(lan_addr),
2054 /* We were unable to find the sequence number,
2055 so just nuke the message. */
2056 spin_lock_irqsave(&intf->counter_lock, flags);
2057 intf->unhandled_lan_responses++;
2058 spin_unlock_irqrestore(&intf->counter_lock, flags);
2062 memcpy(recv_msg->msg_data,
2064 msg->rsp_size - 11);
2065 /* The other fields matched, so no need to set them, except
2066 for netfn, which needs to be the response that was
2067 returned, not the request value. */
2068 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2069 recv_msg->msg.data = recv_msg->msg_data;
2070 recv_msg->msg.data_len = msg->rsp_size - 12;
2071 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2072 spin_lock_irqsave(&intf->counter_lock, flags);
2073 intf->handled_lan_responses++;
2074 spin_unlock_irqrestore(&intf->counter_lock, flags);
2075 deliver_response(recv_msg);
2080 static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
2081 struct ipmi_smi_msg *msg)
2083 struct cmd_rcvr *rcvr;
2085 unsigned char netfn;
2087 ipmi_user_t user = NULL;
2088 struct ipmi_lan_addr *lan_addr;
2089 struct ipmi_recv_msg *recv_msg;
2090 unsigned long flags;
2092 if (msg->rsp_size < 12) {
2093 /* Message not big enough, just ignore it. */
2094 spin_lock_irqsave(&intf->counter_lock, flags);
2095 intf->invalid_commands++;
2096 spin_unlock_irqrestore(&intf->counter_lock, flags);
2100 if (msg->rsp[2] != 0) {
2101 /* An error getting the response, just ignore it. */
2105 netfn = msg->rsp[6] >> 2;
2108 read_lock(&(intf->cmd_rcvr_lock));
2110 if (intf->all_cmd_rcvr) {
2111 user = intf->all_cmd_rcvr;
2113 /* Find the command/netfn. */
2114 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) {
2115 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
2121 read_unlock(&(intf->cmd_rcvr_lock));
2124 /* We didn't find a user, deliver an error response. */
2125 spin_lock_irqsave(&intf->counter_lock, flags);
2126 intf->unhandled_commands++;
2127 spin_unlock_irqrestore(&intf->counter_lock, flags);
2129 rv = 0; /* Don't do anything with these messages, just
2130 allow them to be freed. */
2132 /* Deliver the message to the user. */
2133 spin_lock_irqsave(&intf->counter_lock, flags);
2134 intf->handled_commands++;
2135 spin_unlock_irqrestore(&intf->counter_lock, flags);
2137 recv_msg = ipmi_alloc_recv_msg();
2139 /* We couldn't allocate memory for the
2140 message, so requeue it for handling
2144 /* Extract the source address from the data. */
2145 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
2146 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
2147 lan_addr->session_handle = msg->rsp[4];
2148 lan_addr->remote_SWID = msg->rsp[8];
2149 lan_addr->local_SWID = msg->rsp[5];
2150 lan_addr->lun = msg->rsp[9] & 3;
2151 lan_addr->channel = msg->rsp[3] & 0xf;
2152 lan_addr->privilege = msg->rsp[3] >> 4;
2154 /* Extract the rest of the message information
2155 from the IPMB header.*/
2156 recv_msg->user = user;
2157 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2158 recv_msg->msgid = msg->rsp[9] >> 2;
2159 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2160 recv_msg->msg.cmd = msg->rsp[10];
2161 recv_msg->msg.data = recv_msg->msg_data;
2163 /* We chop off 12, not 11 bytes because the checksum
2164 at the end also needs to be removed. */
2165 recv_msg->msg.data_len = msg->rsp_size - 12;
2166 memcpy(recv_msg->msg_data,
2168 msg->rsp_size - 12);
2169 deliver_response(recv_msg);
2176 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
2177 struct ipmi_smi_msg *msg)
2179 struct ipmi_system_interface_addr *smi_addr;
2181 recv_msg->msgid = 0;
2182 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
2183 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2184 smi_addr->channel = IPMI_BMC_CHANNEL;
2185 smi_addr->lun = msg->rsp[0] & 3;
2186 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
2187 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2188 recv_msg->msg.cmd = msg->rsp[1];
2189 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
2190 recv_msg->msg.data = recv_msg->msg_data;
2191 recv_msg->msg.data_len = msg->rsp_size - 3;
2194 /* This will be called with the intf->users_lock read-locked, so no need
2196 static int handle_read_event_rsp(ipmi_smi_t intf,
2197 struct ipmi_smi_msg *msg)
2199 struct ipmi_recv_msg *recv_msg, *recv_msg2;
2200 struct list_head msgs;
2203 int deliver_count = 0;
2204 unsigned long flags;
2206 if (msg->rsp_size < 19) {
2207 /* Message is too small to be an IPMB event. */
2208 spin_lock_irqsave(&intf->counter_lock, flags);
2209 intf->invalid_events++;
2210 spin_unlock_irqrestore(&intf->counter_lock, flags);
2214 if (msg->rsp[2] != 0) {
2215 /* An error getting the event, just ignore it. */
2219 INIT_LIST_HEAD(&msgs);
2221 spin_lock_irqsave(&(intf->events_lock), flags);
2223 spin_lock(&intf->counter_lock);
2225 spin_unlock(&intf->counter_lock);
2227 /* Allocate and fill in one message for every user that is getting
2229 list_for_each_entry(user, &(intf->users), link) {
2230 if (! user->gets_events)
2233 recv_msg = ipmi_alloc_recv_msg();
2235 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2236 list_del(&recv_msg->link);
2237 ipmi_free_recv_msg(recv_msg);
2239 /* We couldn't allocate memory for the
2240 message, so requeue it for handling
2248 copy_event_into_recv_msg(recv_msg, msg);
2249 recv_msg->user = user;
2250 list_add_tail(&(recv_msg->link), &msgs);
2253 if (deliver_count) {
2254 /* Now deliver all the messages. */
2255 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2256 list_del(&recv_msg->link);
2257 deliver_response(recv_msg);
2259 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
2260 /* No one to receive the message, put it in queue if there's
2261 not already too many things in the queue. */
2262 recv_msg = ipmi_alloc_recv_msg();
2264 /* We couldn't allocate memory for the
2265 message, so requeue it for handling
2271 copy_event_into_recv_msg(recv_msg, msg);
2272 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
2274 /* There's too many things in the queue, discard this
2276 printk(KERN_WARNING PFX "Event queue full, discarding an"
2277 " incoming event\n");
2281 spin_unlock_irqrestore(&(intf->events_lock), flags);
2286 static int handle_bmc_rsp(ipmi_smi_t intf,
2287 struct ipmi_smi_msg *msg)
2289 struct ipmi_recv_msg *recv_msg;
2291 struct ipmi_user *user;
2292 unsigned long flags;
2294 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
2296 /* Make sure the user still exists. */
2297 list_for_each_entry(user, &(intf->users), link) {
2298 if (user == recv_msg->user) {
2299 /* Found it, so we can deliver it */
2306 /* Special handling for NULL users. */
2307 if (!recv_msg->user && intf->null_user_handler){
2308 intf->null_user_handler(intf, msg);
2309 spin_lock_irqsave(&intf->counter_lock, flags);
2310 intf->handled_local_responses++;
2311 spin_unlock_irqrestore(&intf->counter_lock, flags);
2313 /* The user for the message went away, so give up. */
2314 spin_lock_irqsave(&intf->counter_lock, flags);
2315 intf->unhandled_local_responses++;
2316 spin_unlock_irqrestore(&intf->counter_lock, flags);
2318 ipmi_free_recv_msg(recv_msg);
2320 struct ipmi_system_interface_addr *smi_addr;
2322 spin_lock_irqsave(&intf->counter_lock, flags);
2323 intf->handled_local_responses++;
2324 spin_unlock_irqrestore(&intf->counter_lock, flags);
2325 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2326 recv_msg->msgid = msg->msgid;
2327 smi_addr = ((struct ipmi_system_interface_addr *)
2329 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2330 smi_addr->channel = IPMI_BMC_CHANNEL;
2331 smi_addr->lun = msg->rsp[0] & 3;
2332 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2333 recv_msg->msg.cmd = msg->rsp[1];
2334 memcpy(recv_msg->msg_data,
2337 recv_msg->msg.data = recv_msg->msg_data;
2338 recv_msg->msg.data_len = msg->rsp_size - 2;
2339 deliver_response(recv_msg);
2345 /* Handle a new message. Return 1 if the message should be requeued,
2346 0 if the message should be freed, or -1 if the message should not
2347 be freed or requeued. */
2348 static int handle_new_recv_msg(ipmi_smi_t intf,
2349 struct ipmi_smi_msg *msg)
2357 for (m=0; m<msg->rsp_size; m++)
2358 printk(" %2.2x", msg->rsp[m]);
2361 if (msg->rsp_size < 2) {
2362 /* Message is too small to be correct. */
2363 printk(KERN_WARNING PFX "BMC returned to small a message"
2364 " for netfn %x cmd %x, got %d bytes\n",
2365 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
2367 /* Generate an error response for the message. */
2368 msg->rsp[0] = msg->data[0] | (1 << 2);
2369 msg->rsp[1] = msg->data[1];
2370 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2372 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */
2373 || (msg->rsp[1] != msg->data[1])) /* Command */
2375 /* The response is not even marginally correct. */
2376 printk(KERN_WARNING PFX "BMC returned incorrect response,"
2377 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
2378 (msg->data[0] >> 2) | 1, msg->data[1],
2379 msg->rsp[0] >> 2, msg->rsp[1]);
2381 /* Generate an error response for the message. */
2382 msg->rsp[0] = msg->data[0] | (1 << 2);
2383 msg->rsp[1] = msg->data[1];
2384 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2388 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2389 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
2390 && (msg->user_data != NULL))
2392 /* It's a response to a response we sent. For this we
2393 deliver a send message response to the user. */
2394 struct ipmi_recv_msg *recv_msg = msg->user_data;
2397 if (msg->rsp_size < 2)
2398 /* Message is too small to be correct. */
2401 chan = msg->data[2] & 0x0f;
2402 if (chan >= IPMI_MAX_CHANNELS)
2403 /* Invalid channel number */
2407 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
2408 recv_msg->msg.data = recv_msg->msg_data;
2409 recv_msg->msg.data_len = 1;
2410 recv_msg->msg_data[0] = msg->rsp[2];
2411 deliver_response(recv_msg);
2413 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2414 && (msg->rsp[1] == IPMI_GET_MSG_CMD))
2416 /* It's from the receive queue. */
2417 chan = msg->rsp[3] & 0xf;
2418 if (chan >= IPMI_MAX_CHANNELS) {
2419 /* Invalid channel number */
2424 switch (intf->channels[chan].medium) {
2425 case IPMI_CHANNEL_MEDIUM_IPMB:
2426 if (msg->rsp[4] & 0x04) {
2427 /* It's a response, so find the
2428 requesting message and send it up. */
2429 requeue = handle_ipmb_get_msg_rsp(intf, msg);
2431 /* It's a command to the SMS from some other
2432 entity. Handle that. */
2433 requeue = handle_ipmb_get_msg_cmd(intf, msg);
2437 case IPMI_CHANNEL_MEDIUM_8023LAN:
2438 case IPMI_CHANNEL_MEDIUM_ASYNC:
2439 if (msg->rsp[6] & 0x04) {
2440 /* It's a response, so find the
2441 requesting message and send it up. */
2442 requeue = handle_lan_get_msg_rsp(intf, msg);
2444 /* It's a command to the SMS from some other
2445 entity. Handle that. */
2446 requeue = handle_lan_get_msg_cmd(intf, msg);
2451 /* We don't handle the channel type, so just
2452 * free the message. */
2456 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2457 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD))
2459 /* It's an asyncronous event. */
2460 requeue = handle_read_event_rsp(intf, msg);
2462 /* It's a response from the local BMC. */
2463 requeue = handle_bmc_rsp(intf, msg);
2470 /* Handle a new message from the lower layer. */
2471 void ipmi_smi_msg_received(ipmi_smi_t intf,
2472 struct ipmi_smi_msg *msg)
2474 unsigned long flags;
2478 /* Lock the user lock so the user can't go away while we are
2480 read_lock(&(intf->users_lock));
2482 if ((msg->data_size >= 2)
2483 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
2484 && (msg->data[1] == IPMI_SEND_MSG_CMD)
2485 && (msg->user_data == NULL)) {
2486 /* This is the local response to a command send, start
2487 the timer for these. The user_data will not be
2488 NULL if this is a response send, and we will let
2489 response sends just go through. */
2491 /* Check for errors, if we get certain errors (ones
2492 that mean basically we can try again later), we
2493 ignore them and start the timer. Otherwise we
2494 report the error immediately. */
2495 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
2496 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
2497 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR))
2499 int chan = msg->rsp[3] & 0xf;
2501 /* Got an error sending the message, handle it. */
2502 spin_lock_irqsave(&intf->counter_lock, flags);
2503 if (chan >= IPMI_MAX_CHANNELS)
2504 ; /* This shouldn't happen */
2505 else if ((intf->channels[chan].medium
2506 == IPMI_CHANNEL_MEDIUM_8023LAN)
2507 || (intf->channels[chan].medium
2508 == IPMI_CHANNEL_MEDIUM_ASYNC))
2509 intf->sent_lan_command_errs++;
2511 intf->sent_ipmb_command_errs++;
2512 spin_unlock_irqrestore(&intf->counter_lock, flags);
2513 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
2515 /* The message was sent, start the timer. */
2516 intf_start_seq_timer(intf, msg->msgid);
2519 ipmi_free_smi_msg(msg);
2523 /* To preserve message order, if the list is not empty, we
2524 tack this message onto the end of the list. */
2525 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags);
2526 if (!list_empty(&(intf->waiting_msgs))) {
2527 list_add_tail(&(msg->link), &(intf->waiting_msgs));
2528 spin_unlock(&(intf->waiting_msgs_lock));
2531 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags);
2533 rv = handle_new_recv_msg(intf, msg);
2535 /* Could not handle the message now, just add it to a
2536 list to handle later. */
2537 spin_lock(&(intf->waiting_msgs_lock));
2538 list_add_tail(&(msg->link), &(intf->waiting_msgs));
2539 spin_unlock(&(intf->waiting_msgs_lock));
2540 } else if (rv == 0) {
2541 ipmi_free_smi_msg(msg);
2545 read_unlock(&(intf->users_lock));
2548 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
2552 read_lock(&(intf->users_lock));
2553 list_for_each_entry(user, &(intf->users), link) {
2554 if (! user->handler->ipmi_watchdog_pretimeout)
2557 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
2559 read_unlock(&(intf->users_lock));
2563 handle_msg_timeout(struct ipmi_recv_msg *msg)
2565 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2566 msg->msg_data[0] = IPMI_TIMEOUT_COMPLETION_CODE;
2567 msg->msg.netfn |= 1; /* Convert to a response. */
2568 msg->msg.data_len = 1;
2569 msg->msg.data = msg->msg_data;
2570 deliver_response(msg);
2574 send_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
2575 struct ipmi_smi_msg *smi_msg,
2576 unsigned char seq, long seqid)
2579 smi_msg = ipmi_alloc_smi_msg();
2581 /* If we can't allocate the message, then just return, we
2582 get 4 retries, so this should be ok. */
2585 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
2586 smi_msg->data_size = recv_msg->msg.data_len;
2587 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
2589 /* Send the new message. We send with a zero priority. It
2590 timed out, I doubt time is that critical now, and high
2591 priority messages are really only for messages to the local
2592 MC, which don't get resent. */
2593 intf->handlers->sender(intf->send_info, smi_msg, 0);
2599 for (m=0; m<smi_msg->data_size; m++)
2600 printk(" %2.2x", smi_msg->data[m]);
2607 ipmi_timeout_handler(long timeout_period)
2610 struct list_head timeouts;
2611 struct ipmi_recv_msg *msg, *msg2;
2612 struct ipmi_smi_msg *smi_msg, *smi_msg2;
2613 unsigned long flags;
2616 INIT_LIST_HEAD(&timeouts);
2618 spin_lock(&interfaces_lock);
2619 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2620 intf = ipmi_interfaces[i];
2624 read_lock(&(intf->users_lock));
2626 /* See if any waiting messages need to be processed. */
2627 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags);
2628 list_for_each_entry_safe(smi_msg, smi_msg2, &(intf->waiting_msgs), link) {
2629 if (! handle_new_recv_msg(intf, smi_msg)) {
2630 list_del(&smi_msg->link);
2631 ipmi_free_smi_msg(smi_msg);
2633 /* To preserve message order, quit if we
2634 can't handle a message. */
2638 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags);
2640 /* Go through the seq table and find any messages that
2641 have timed out, putting them in the timeouts
2643 spin_lock_irqsave(&(intf->seq_lock), flags);
2644 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) {
2645 struct seq_table *ent = &(intf->seq_table[j]);
2649 ent->timeout -= timeout_period;
2650 if (ent->timeout > 0)
2653 if (ent->retries_left == 0) {
2654 /* The message has used all its retries. */
2656 msg = ent->recv_msg;
2657 list_add_tail(&(msg->link), &timeouts);
2658 spin_lock(&intf->counter_lock);
2660 intf->timed_out_ipmb_broadcasts++;
2661 else if (ent->recv_msg->addr.addr_type
2662 == IPMI_LAN_ADDR_TYPE)
2663 intf->timed_out_lan_commands++;
2665 intf->timed_out_ipmb_commands++;
2666 spin_unlock(&intf->counter_lock);
2668 /* More retries, send again. */
2670 /* Start with the max timer, set to normal
2671 timer after the message is sent. */
2672 ent->timeout = MAX_MSG_TIMEOUT;
2673 ent->retries_left--;
2674 send_from_recv_msg(intf, ent->recv_msg, NULL,
2676 spin_lock(&intf->counter_lock);
2677 if (ent->recv_msg->addr.addr_type
2678 == IPMI_LAN_ADDR_TYPE)
2679 intf->retransmitted_lan_commands++;
2681 intf->retransmitted_ipmb_commands++;
2682 spin_unlock(&intf->counter_lock);
2685 spin_unlock_irqrestore(&(intf->seq_lock), flags);
2687 list_for_each_entry_safe(msg, msg2, &timeouts, link) {
2688 handle_msg_timeout(msg);
2691 read_unlock(&(intf->users_lock));
2693 spin_unlock(&interfaces_lock);
2696 static void ipmi_request_event(void)
2701 spin_lock(&interfaces_lock);
2702 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2703 intf = ipmi_interfaces[i];
2707 intf->handlers->request_events(intf->send_info);
2709 spin_unlock(&interfaces_lock);
2712 static struct timer_list ipmi_timer;
2714 /* Call every ~100 ms. */
2715 #define IPMI_TIMEOUT_TIME 100
2717 /* How many jiffies does it take to get to the timeout time. */
2718 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
2720 /* Request events from the queue every second (this is the number of
2721 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
2722 future, IPMI will add a way to know immediately if an event is in
2723 the queue and this silliness can go away. */
2724 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
2726 static volatile int stop_operation = 0;
2727 static volatile int timer_stopped = 0;
2728 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2730 static void ipmi_timeout(unsigned long data)
2732 if (stop_operation) {
2738 if (ticks_to_req_ev == 0) {
2739 ipmi_request_event();
2740 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2743 ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
2745 ipmi_timer.expires += IPMI_TIMEOUT_JIFFIES;
2746 add_timer(&ipmi_timer);
2750 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
2751 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
2753 /* FIXME - convert these to slabs. */
2754 static void free_smi_msg(struct ipmi_smi_msg *msg)
2756 atomic_dec(&smi_msg_inuse_count);
2760 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
2762 struct ipmi_smi_msg *rv;
2763 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
2765 rv->done = free_smi_msg;
2766 rv->user_data = NULL;
2767 atomic_inc(&smi_msg_inuse_count);
2772 static void free_recv_msg(struct ipmi_recv_msg *msg)
2774 atomic_dec(&recv_msg_inuse_count);
2778 struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
2780 struct ipmi_recv_msg *rv;
2782 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
2784 rv->done = free_recv_msg;
2785 atomic_inc(&recv_msg_inuse_count);
2790 #ifdef CONFIG_IPMI_PANIC_EVENT
2792 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
2796 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
2800 #ifdef CONFIG_IPMI_PANIC_STRING
2801 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
2803 if ((msg->rsp[0] == (IPMI_NETFN_SENSOR_EVENT_RESPONSE << 2))
2804 && (msg->rsp[1] == IPMI_GET_EVENT_RECEIVER_CMD)
2805 && (msg->rsp[2] == IPMI_CC_NO_ERROR))
2807 /* A get event receiver command, save it. */
2808 intf->event_receiver = msg->rsp[3];
2809 intf->event_receiver_lun = msg->rsp[4] & 0x3;
2813 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
2815 if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2))
2816 && (msg->rsp[1] == IPMI_GET_DEVICE_ID_CMD)
2817 && (msg->rsp[2] == IPMI_CC_NO_ERROR))
2819 /* A get device id command, save if we are an event
2820 receiver or generator. */
2821 intf->local_sel_device = (msg->rsp[8] >> 2) & 1;
2822 intf->local_event_generator = (msg->rsp[8] >> 5) & 1;
2827 static void send_panic_events(char *str)
2829 struct kernel_ipmi_msg msg;
2831 unsigned char data[16];
2833 struct ipmi_system_interface_addr *si;
2834 struct ipmi_addr addr;
2835 struct ipmi_smi_msg smi_msg;
2836 struct ipmi_recv_msg recv_msg;
2838 si = (struct ipmi_system_interface_addr *) &addr;
2839 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2840 si->channel = IPMI_BMC_CHANNEL;
2843 /* Fill in an event telling that we have failed. */
2844 msg.netfn = 0x04; /* Sensor or Event. */
2845 msg.cmd = 2; /* Platform event command. */
2848 data[0] = 0x21; /* Kernel generator ID, IPMI table 5-4 */
2849 data[1] = 0x03; /* This is for IPMI 1.0. */
2850 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
2851 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
2852 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
2854 /* Put a few breadcrumbs in. Hopefully later we can add more things
2855 to make the panic events more useful. */
2862 smi_msg.done = dummy_smi_done_handler;
2863 recv_msg.done = dummy_recv_done_handler;
2865 /* For every registered interface, send the event. */
2866 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2867 intf = ipmi_interfaces[i];
2871 /* Send the event announcing the panic. */
2872 intf->handlers->set_run_to_completion(intf->send_info, 1);
2873 i_ipmi_request(NULL,
2884 0, 1); /* Don't retry, and don't wait. */
2887 #ifdef CONFIG_IPMI_PANIC_STRING
2888 /* On every interface, dump a bunch of OEM event holding the
2893 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2895 struct ipmi_ipmb_addr *ipmb;
2898 intf = ipmi_interfaces[i];
2902 /* First job here is to figure out where to send the
2903 OEM events. There's no way in IPMI to send OEM
2904 events using an event send command, so we have to
2905 find the SEL to put them in and stick them in
2908 /* Get capabilities from the get device id. */
2909 intf->local_sel_device = 0;
2910 intf->local_event_generator = 0;
2911 intf->event_receiver = 0;
2913 /* Request the device info from the local MC. */
2914 msg.netfn = IPMI_NETFN_APP_REQUEST;
2915 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
2918 intf->null_user_handler = device_id_fetcher;
2919 i_ipmi_request(NULL,
2930 0, 1); /* Don't retry, and don't wait. */
2932 if (intf->local_event_generator) {
2933 /* Request the event receiver from the local MC. */
2934 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
2935 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
2938 intf->null_user_handler = event_receiver_fetcher;
2939 i_ipmi_request(NULL,
2950 0, 1); /* no retry, and no wait. */
2952 intf->null_user_handler = NULL;
2954 /* Validate the event receiver. The low bit must not
2955 be 1 (it must be a valid IPMB address), it cannot
2956 be zero, and it must not be my address. */
2957 if (((intf->event_receiver & 1) == 0)
2958 && (intf->event_receiver != 0)
2959 && (intf->event_receiver != intf->my_address))
2961 /* The event receiver is valid, send an IPMB
2963 ipmb = (struct ipmi_ipmb_addr *) &addr;
2964 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
2965 ipmb->channel = 0; /* FIXME - is this right? */
2966 ipmb->lun = intf->event_receiver_lun;
2967 ipmb->slave_addr = intf->event_receiver;
2968 } else if (intf->local_sel_device) {
2969 /* The event receiver was not valid (or was
2970 me), but I am an SEL device, just dump it
2972 si = (struct ipmi_system_interface_addr *) &addr;
2973 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2974 si->channel = IPMI_BMC_CHANNEL;
2977 continue; /* No where to send the event. */
2980 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
2981 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
2987 int size = strlen(p);
2993 data[2] = 0xf0; /* OEM event without timestamp. */
2994 data[3] = intf->my_address;
2995 data[4] = j++; /* sequence # */
2996 /* Always give 11 bytes, so strncpy will fill
2997 it with zeroes for me. */
2998 strncpy(data+5, p, 11);
3001 i_ipmi_request(NULL,
3012 0, 1); /* no retry, and no wait. */
3015 #endif /* CONFIG_IPMI_PANIC_STRING */
3017 #endif /* CONFIG_IPMI_PANIC_EVENT */
3019 static int has_paniced = 0;
3021 static int panic_event(struct notifier_block *this,
3022 unsigned long event,
3032 /* For every registered interface, set it to run to completion. */
3033 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
3034 intf = ipmi_interfaces[i];
3038 intf->handlers->set_run_to_completion(intf->send_info, 1);
3041 #ifdef CONFIG_IPMI_PANIC_EVENT
3042 send_panic_events(ptr);
3048 static struct notifier_block panic_block = {
3049 .notifier_call = panic_event,
3051 .priority = 200 /* priority: INT_MAX >= x >= 0 */
3054 static int ipmi_init_msghandler(void)
3061 printk(KERN_INFO "ipmi message handler version "
3062 IPMI_MSGHANDLER_VERSION "\n");
3064 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
3065 ipmi_interfaces[i] = NULL;
3068 proc_ipmi_root = proc_mkdir("ipmi", NULL);
3069 if (!proc_ipmi_root) {
3070 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
3074 proc_ipmi_root->owner = THIS_MODULE;
3076 init_timer(&ipmi_timer);
3077 ipmi_timer.data = 0;
3078 ipmi_timer.function = ipmi_timeout;
3079 ipmi_timer.expires = jiffies + IPMI_TIMEOUT_JIFFIES;
3080 add_timer(&ipmi_timer);
3082 notifier_chain_register(&panic_notifier_list, &panic_block);
3089 static __init int ipmi_init_msghandler_mod(void)
3091 ipmi_init_msghandler();
3095 static __exit void cleanup_ipmi(void)
3102 notifier_chain_unregister(&panic_notifier_list, &panic_block);
3104 /* This can't be called if any interfaces exist, so no worry about
3105 shutting down the interfaces. */
3107 /* Tell the timer to stop, then wait for it to stop. This avoids
3108 problems with race conditions removing the timer here. */
3110 while (!timer_stopped) {
3111 set_current_state(TASK_UNINTERRUPTIBLE);
3112 schedule_timeout(1);
3115 remove_proc_entry(proc_ipmi_root->name, &proc_root);
3119 /* Check for buffer leaks. */
3120 count = atomic_read(&smi_msg_inuse_count);
3122 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
3124 count = atomic_read(&recv_msg_inuse_count);
3126 printk(KERN_WARNING PFX "recv message count %d at exit\n",
3129 module_exit(cleanup_ipmi);
3131 module_init(ipmi_init_msghandler_mod);
3132 MODULE_LICENSE("GPL");
3134 EXPORT_SYMBOL(ipmi_create_user);
3135 EXPORT_SYMBOL(ipmi_destroy_user);
3136 EXPORT_SYMBOL(ipmi_get_version);
3137 EXPORT_SYMBOL(ipmi_request_settime);
3138 EXPORT_SYMBOL(ipmi_request_supply_msgs);
3139 EXPORT_SYMBOL(ipmi_register_smi);
3140 EXPORT_SYMBOL(ipmi_unregister_smi);
3141 EXPORT_SYMBOL(ipmi_register_for_cmd);
3142 EXPORT_SYMBOL(ipmi_unregister_for_cmd);
3143 EXPORT_SYMBOL(ipmi_smi_msg_received);
3144 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
3145 EXPORT_SYMBOL(ipmi_alloc_smi_msg);
3146 EXPORT_SYMBOL(ipmi_addr_length);
3147 EXPORT_SYMBOL(ipmi_validate_addr);
3148 EXPORT_SYMBOL(ipmi_set_gets_events);
3149 EXPORT_SYMBOL(ipmi_smi_watcher_register);
3150 EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
3151 EXPORT_SYMBOL(ipmi_set_my_address);
3152 EXPORT_SYMBOL(ipmi_get_my_address);
3153 EXPORT_SYMBOL(ipmi_set_my_LUN);
3154 EXPORT_SYMBOL(ipmi_get_my_LUN);
3155 EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
3156 EXPORT_SYMBOL(ipmi_user_set_run_to_completion);