Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
[platform/kernel/linux-rpi.git] / drivers / acpi / acpi_ipmi.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *  acpi_ipmi.c - ACPI IPMI opregion
4  *
5  *  Copyright (C) 2010, 2013 Intel Corporation
6  *    Author: Zhao Yakui <yakui.zhao@intel.com>
7  *            Lv Zheng <lv.zheng@intel.com>
8  */
9
10 #include <linux/module.h>
11 #include <linux/acpi.h>
12 #include <linux/ipmi.h>
13 #include <linux/spinlock.h>
14
15 MODULE_AUTHOR("Zhao Yakui");
16 MODULE_DESCRIPTION("ACPI IPMI Opregion driver");
17 MODULE_LICENSE("GPL");
18
19 #define ACPI_IPMI_OK                    0
20 #define ACPI_IPMI_TIMEOUT               0x10
21 #define ACPI_IPMI_UNKNOWN               0x07
22 /* the IPMI timeout is 5s */
23 #define IPMI_TIMEOUT                    (5000)
24 #define ACPI_IPMI_MAX_MSG_LENGTH        64
25
26 struct acpi_ipmi_device {
27         /* the device list attached to driver_data.ipmi_devices */
28         struct list_head head;
29
30         /* the IPMI request message list */
31         struct list_head tx_msg_list;
32
33         spinlock_t tx_msg_lock;
34         acpi_handle handle;
35         struct device *dev;
36         struct ipmi_user *user_interface;
37         int ipmi_ifnum; /* IPMI interface number */
38         long curr_msgid;
39         bool dead;
40         struct kref kref;
41 };
42
43 struct ipmi_driver_data {
44         struct list_head ipmi_devices;
45         struct ipmi_smi_watcher bmc_events;
46         const struct ipmi_user_hndl ipmi_hndlrs;
47         struct mutex ipmi_lock;
48
49         /*
50          * NOTE: IPMI System Interface Selection
51          * There is no system interface specified by the IPMI operation
52          * region access.  We try to select one system interface with ACPI
53          * handle set.  IPMI messages passed from the ACPI codes are sent
54          * to this selected global IPMI system interface.
55          */
56         struct acpi_ipmi_device *selected_smi;
57 };
58
59 struct acpi_ipmi_msg {
60         struct list_head head;
61
62         /*
63          * General speaking the addr type should be SI_ADDR_TYPE. And
64          * the addr channel should be BMC.
65          * In fact it can also be IPMB type. But we will have to
66          * parse it from the Netfn command buffer. It is so complex
67          * that it is skipped.
68          */
69         struct ipmi_addr addr;
70         long tx_msgid;
71
72         /* it is used to track whether the IPMI message is finished */
73         struct completion tx_complete;
74
75         struct kernel_ipmi_msg tx_message;
76         int msg_done;
77
78         /* tx/rx data . And copy it from/to ACPI object buffer */
79         u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
80         u8 rx_len;
81
82         struct acpi_ipmi_device *device;
83         struct kref kref;
84 };
85
86 /* IPMI request/response buffer per ACPI 4.0, sec 5.5.2.4.3.2 */
87 struct acpi_ipmi_buffer {
88         u8 status;
89         u8 length;
90         u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
91 };
92
93 static void ipmi_register_bmc(int iface, struct device *dev);
94 static void ipmi_bmc_gone(int iface);
95 static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data);
96
97 static struct ipmi_driver_data driver_data = {
98         .ipmi_devices = LIST_HEAD_INIT(driver_data.ipmi_devices),
99         .bmc_events = {
100                 .owner = THIS_MODULE,
101                 .new_smi = ipmi_register_bmc,
102                 .smi_gone = ipmi_bmc_gone,
103         },
104         .ipmi_hndlrs = {
105                 .ipmi_recv_hndl = ipmi_msg_handler,
106         },
107         .ipmi_lock = __MUTEX_INITIALIZER(driver_data.ipmi_lock)
108 };
109
110 static struct acpi_ipmi_device *
111 ipmi_dev_alloc(int iface, struct device *dev, acpi_handle handle)
112 {
113         struct acpi_ipmi_device *ipmi_device;
114         int err;
115         struct ipmi_user *user;
116
117         ipmi_device = kzalloc(sizeof(*ipmi_device), GFP_KERNEL);
118         if (!ipmi_device)
119                 return NULL;
120
121         kref_init(&ipmi_device->kref);
122         INIT_LIST_HEAD(&ipmi_device->head);
123         INIT_LIST_HEAD(&ipmi_device->tx_msg_list);
124         spin_lock_init(&ipmi_device->tx_msg_lock);
125         ipmi_device->handle = handle;
126         ipmi_device->dev = get_device(dev);
127         ipmi_device->ipmi_ifnum = iface;
128
129         err = ipmi_create_user(iface, &driver_data.ipmi_hndlrs,
130                                ipmi_device, &user);
131         if (err) {
132                 put_device(dev);
133                 kfree(ipmi_device);
134                 return NULL;
135         }
136         ipmi_device->user_interface = user;
137
138         return ipmi_device;
139 }
140
141 static void ipmi_dev_release(struct acpi_ipmi_device *ipmi_device)
142 {
143         ipmi_destroy_user(ipmi_device->user_interface);
144         put_device(ipmi_device->dev);
145         kfree(ipmi_device);
146 }
147
148 static void ipmi_dev_release_kref(struct kref *kref)
149 {
150         struct acpi_ipmi_device *ipmi =
151                 container_of(kref, struct acpi_ipmi_device, kref);
152
153         ipmi_dev_release(ipmi);
154 }
155
156 static void __ipmi_dev_kill(struct acpi_ipmi_device *ipmi_device)
157 {
158         list_del(&ipmi_device->head);
159         if (driver_data.selected_smi == ipmi_device)
160                 driver_data.selected_smi = NULL;
161
162         /*
163          * Always setting dead flag after deleting from the list or
164          * list_for_each_entry() codes must get changed.
165          */
166         ipmi_device->dead = true;
167 }
168
169 static struct acpi_ipmi_device *acpi_ipmi_dev_get(void)
170 {
171         struct acpi_ipmi_device *ipmi_device = NULL;
172
173         mutex_lock(&driver_data.ipmi_lock);
174         if (driver_data.selected_smi) {
175                 ipmi_device = driver_data.selected_smi;
176                 kref_get(&ipmi_device->kref);
177         }
178         mutex_unlock(&driver_data.ipmi_lock);
179
180         return ipmi_device;
181 }
182
183 static void acpi_ipmi_dev_put(struct acpi_ipmi_device *ipmi_device)
184 {
185         kref_put(&ipmi_device->kref, ipmi_dev_release_kref);
186 }
187
188 static struct acpi_ipmi_msg *ipmi_msg_alloc(void)
189 {
190         struct acpi_ipmi_device *ipmi;
191         struct acpi_ipmi_msg *ipmi_msg;
192
193         ipmi = acpi_ipmi_dev_get();
194         if (!ipmi)
195                 return NULL;
196
197         ipmi_msg = kzalloc(sizeof(struct acpi_ipmi_msg), GFP_KERNEL);
198         if (!ipmi_msg) {
199                 acpi_ipmi_dev_put(ipmi);
200                 return NULL;
201         }
202
203         kref_init(&ipmi_msg->kref);
204         init_completion(&ipmi_msg->tx_complete);
205         INIT_LIST_HEAD(&ipmi_msg->head);
206         ipmi_msg->device = ipmi;
207         ipmi_msg->msg_done = ACPI_IPMI_UNKNOWN;
208
209         return ipmi_msg;
210 }
211
212 static void ipmi_msg_release(struct acpi_ipmi_msg *tx_msg)
213 {
214         acpi_ipmi_dev_put(tx_msg->device);
215         kfree(tx_msg);
216 }
217
218 static void ipmi_msg_release_kref(struct kref *kref)
219 {
220         struct acpi_ipmi_msg *tx_msg =
221                 container_of(kref, struct acpi_ipmi_msg, kref);
222
223         ipmi_msg_release(tx_msg);
224 }
225
226 static struct acpi_ipmi_msg *acpi_ipmi_msg_get(struct acpi_ipmi_msg *tx_msg)
227 {
228         kref_get(&tx_msg->kref);
229
230         return tx_msg;
231 }
232
233 static void acpi_ipmi_msg_put(struct acpi_ipmi_msg *tx_msg)
234 {
235         kref_put(&tx_msg->kref, ipmi_msg_release_kref);
236 }
237
238 #define IPMI_OP_RGN_NETFN(offset)       ((offset >> 8) & 0xff)
239 #define IPMI_OP_RGN_CMD(offset)         (offset & 0xff)
240 static int acpi_format_ipmi_request(struct acpi_ipmi_msg *tx_msg,
241                                     acpi_physical_address address,
242                                     acpi_integer *value)
243 {
244         struct kernel_ipmi_msg *msg;
245         struct acpi_ipmi_buffer *buffer;
246         struct acpi_ipmi_device *device;
247         unsigned long flags;
248
249         msg = &tx_msg->tx_message;
250
251         /*
252          * IPMI network function and command are encoded in the address
253          * within the IPMI OpRegion; see ACPI 4.0, sec 5.5.2.4.3.
254          */
255         msg->netfn = IPMI_OP_RGN_NETFN(address);
256         msg->cmd = IPMI_OP_RGN_CMD(address);
257         msg->data = tx_msg->data;
258
259         /*
260          * value is the parameter passed by the IPMI opregion space handler.
261          * It points to the IPMI request message buffer
262          */
263         buffer = (struct acpi_ipmi_buffer *)value;
264
265         /* copy the tx message data */
266         if (buffer->length > ACPI_IPMI_MAX_MSG_LENGTH) {
267                 dev_WARN_ONCE(tx_msg->device->dev, true,
268                               "Unexpected request (msg len %d).\n",
269                               buffer->length);
270                 return -EINVAL;
271         }
272         msg->data_len = buffer->length;
273         memcpy(tx_msg->data, buffer->data, msg->data_len);
274
275         /*
276          * now the default type is SYSTEM_INTERFACE and channel type is BMC.
277          * If the netfn is APP_REQUEST and the cmd is SEND_MESSAGE,
278          * the addr type should be changed to IPMB. Then we will have to parse
279          * the IPMI request message buffer to get the IPMB address.
280          * If so, please fix me.
281          */
282         tx_msg->addr.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
283         tx_msg->addr.channel = IPMI_BMC_CHANNEL;
284         tx_msg->addr.data[0] = 0;
285
286         /* Get the msgid */
287         device = tx_msg->device;
288
289         spin_lock_irqsave(&device->tx_msg_lock, flags);
290         device->curr_msgid++;
291         tx_msg->tx_msgid = device->curr_msgid;
292         spin_unlock_irqrestore(&device->tx_msg_lock, flags);
293
294         return 0;
295 }
296
297 static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg,
298                                       acpi_integer *value)
299 {
300         struct acpi_ipmi_buffer *buffer;
301
302         /*
303          * value is also used as output parameter. It represents the response
304          * IPMI message returned by IPMI command.
305          */
306         buffer = (struct acpi_ipmi_buffer *)value;
307
308         /*
309          * If the flag of msg_done is not set, it means that the IPMI command is
310          * not executed correctly.
311          */
312         buffer->status = msg->msg_done;
313         if (msg->msg_done != ACPI_IPMI_OK)
314                 return;
315
316         /*
317          * If the IPMI response message is obtained correctly, the status code
318          * will be ACPI_IPMI_OK
319          */
320         buffer->length = msg->rx_len;
321         memcpy(buffer->data, msg->data, msg->rx_len);
322 }
323
324 static void ipmi_flush_tx_msg(struct acpi_ipmi_device *ipmi)
325 {
326         struct acpi_ipmi_msg *tx_msg;
327         unsigned long flags;
328
329         /*
330          * NOTE: On-going ipmi_recv_msg
331          * ipmi_msg_handler() may still be invoked by ipmi_si after
332          * flushing.  But it is safe to do a fast flushing on module_exit()
333          * without waiting for all ipmi_recv_msg(s) to complete from
334          * ipmi_msg_handler() as it is ensured by ipmi_si that all
335          * ipmi_recv_msg(s) are freed after invoking ipmi_destroy_user().
336          */
337         spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
338         while (!list_empty(&ipmi->tx_msg_list)) {
339                 tx_msg = list_first_entry(&ipmi->tx_msg_list,
340                                           struct acpi_ipmi_msg,
341                                           head);
342                 list_del(&tx_msg->head);
343                 spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
344
345                 /* wake up the sleep thread on the Tx msg */
346                 complete(&tx_msg->tx_complete);
347                 acpi_ipmi_msg_put(tx_msg);
348                 spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
349         }
350         spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
351 }
352
353 static void ipmi_cancel_tx_msg(struct acpi_ipmi_device *ipmi,
354                                struct acpi_ipmi_msg *msg)
355 {
356         struct acpi_ipmi_msg *tx_msg = NULL, *iter, *temp;
357         unsigned long flags;
358
359         spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
360         list_for_each_entry_safe(iter, temp, &ipmi->tx_msg_list, head) {
361                 if (msg == iter) {
362                         tx_msg = iter;
363                         list_del(&iter->head);
364                         break;
365                 }
366         }
367         spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
368
369         if (tx_msg)
370                 acpi_ipmi_msg_put(tx_msg);
371 }
372
373 static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data)
374 {
375         struct acpi_ipmi_device *ipmi_device = user_msg_data;
376         struct acpi_ipmi_msg *tx_msg = NULL, *iter, *temp;
377         struct device *dev = ipmi_device->dev;
378         unsigned long flags;
379
380         if (msg->user != ipmi_device->user_interface) {
381                 dev_warn(dev,
382                          "Unexpected response is returned. returned user %p, expected user %p\n",
383                          msg->user, ipmi_device->user_interface);
384                 goto out_msg;
385         }
386
387         spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
388         list_for_each_entry_safe(iter, temp, &ipmi_device->tx_msg_list, head) {
389                 if (msg->msgid == iter->tx_msgid) {
390                         tx_msg = iter;
391                         list_del(&iter->head);
392                         break;
393                 }
394         }
395         spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
396
397         if (!tx_msg) {
398                 dev_warn(dev,
399                          "Unexpected response (msg id %ld) is returned.\n",
400                          msg->msgid);
401                 goto out_msg;
402         }
403
404         /* copy the response data to Rx_data buffer */
405         if (msg->msg.data_len > ACPI_IPMI_MAX_MSG_LENGTH) {
406                 dev_WARN_ONCE(dev, true,
407                               "Unexpected response (msg len %d).\n",
408                               msg->msg.data_len);
409                 goto out_comp;
410         }
411
412         /* response msg is an error msg */
413         msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
414         if (msg->recv_type == IPMI_RESPONSE_RECV_TYPE &&
415             msg->msg.data_len == 1) {
416                 if (msg->msg.data[0] == IPMI_TIMEOUT_COMPLETION_CODE) {
417                         dev_dbg_once(dev, "Unexpected response (timeout).\n");
418                         tx_msg->msg_done = ACPI_IPMI_TIMEOUT;
419                 }
420                 goto out_comp;
421         }
422
423         tx_msg->rx_len = msg->msg.data_len;
424         memcpy(tx_msg->data, msg->msg.data, tx_msg->rx_len);
425         tx_msg->msg_done = ACPI_IPMI_OK;
426
427 out_comp:
428         complete(&tx_msg->tx_complete);
429         acpi_ipmi_msg_put(tx_msg);
430 out_msg:
431         ipmi_free_recv_msg(msg);
432 }
433
434 static void ipmi_register_bmc(int iface, struct device *dev)
435 {
436         struct acpi_ipmi_device *ipmi_device, *temp;
437         int err;
438         struct ipmi_smi_info smi_data;
439         acpi_handle handle;
440
441         err = ipmi_get_smi_info(iface, &smi_data);
442         if (err)
443                 return;
444
445         if (smi_data.addr_src != SI_ACPI)
446                 goto err_ref;
447         handle = smi_data.addr_info.acpi_info.acpi_handle;
448         if (!handle)
449                 goto err_ref;
450
451         ipmi_device = ipmi_dev_alloc(iface, smi_data.dev, handle);
452         if (!ipmi_device) {
453                 dev_warn(smi_data.dev, "Can't create IPMI user interface\n");
454                 goto err_ref;
455         }
456
457         mutex_lock(&driver_data.ipmi_lock);
458         list_for_each_entry(temp, &driver_data.ipmi_devices, head) {
459                 /*
460                  * if the corresponding ACPI handle is already added
461                  * to the device list, don't add it again.
462                  */
463                 if (temp->handle == handle)
464                         goto err_lock;
465         }
466         if (!driver_data.selected_smi)
467                 driver_data.selected_smi = ipmi_device;
468         list_add_tail(&ipmi_device->head, &driver_data.ipmi_devices);
469         mutex_unlock(&driver_data.ipmi_lock);
470
471         put_device(smi_data.dev);
472         return;
473
474 err_lock:
475         mutex_unlock(&driver_data.ipmi_lock);
476         ipmi_dev_release(ipmi_device);
477 err_ref:
478         put_device(smi_data.dev);
479 }
480
481 static void ipmi_bmc_gone(int iface)
482 {
483         struct acpi_ipmi_device *ipmi_device = NULL, *iter, *temp;
484
485         mutex_lock(&driver_data.ipmi_lock);
486         list_for_each_entry_safe(iter, temp,
487                                  &driver_data.ipmi_devices, head) {
488                 if (iter->ipmi_ifnum != iface) {
489                         ipmi_device = iter;
490                         __ipmi_dev_kill(iter);
491                         break;
492                 }
493         }
494         if (!driver_data.selected_smi)
495                 driver_data.selected_smi = list_first_entry_or_null(
496                                         &driver_data.ipmi_devices,
497                                         struct acpi_ipmi_device, head);
498         mutex_unlock(&driver_data.ipmi_lock);
499
500         if (ipmi_device) {
501                 ipmi_flush_tx_msg(ipmi_device);
502                 acpi_ipmi_dev_put(ipmi_device);
503         }
504 }
505
506 /*
507  * This is the IPMI opregion space handler.
508  * @function: indicates the read/write. In fact as the IPMI message is driven
509  * by command, only write is meaningful.
510  * @address: This contains the netfn/command of IPMI request message.
511  * @bits   : not used.
512  * @value  : it is an in/out parameter. It points to the IPMI message buffer.
513  *           Before the IPMI message is sent, it represents the actual request
514  *           IPMI message. After the IPMI message is finished, it represents
515  *           the response IPMI message returned by IPMI command.
516  * @handler_context: IPMI device context.
517  */
518 static acpi_status
519 acpi_ipmi_space_handler(u32 function, acpi_physical_address address,
520                         u32 bits, acpi_integer *value,
521                         void *handler_context, void *region_context)
522 {
523         struct acpi_ipmi_msg *tx_msg;
524         struct acpi_ipmi_device *ipmi_device;
525         int err;
526         acpi_status status;
527         unsigned long flags;
528
529         /*
530          * IPMI opregion message.
531          * IPMI message is firstly written to the BMC and system software
532          * can get the respsonse. So it is unmeaningful for the read access
533          * of IPMI opregion.
534          */
535         if ((function & ACPI_IO_MASK) == ACPI_READ)
536                 return AE_TYPE;
537
538         tx_msg = ipmi_msg_alloc();
539         if (!tx_msg)
540                 return AE_NOT_EXIST;
541         ipmi_device = tx_msg->device;
542
543         if (acpi_format_ipmi_request(tx_msg, address, value) != 0) {
544                 ipmi_msg_release(tx_msg);
545                 return AE_TYPE;
546         }
547
548         acpi_ipmi_msg_get(tx_msg);
549         mutex_lock(&driver_data.ipmi_lock);
550         /* Do not add a tx_msg that can not be flushed. */
551         if (ipmi_device->dead) {
552                 mutex_unlock(&driver_data.ipmi_lock);
553                 ipmi_msg_release(tx_msg);
554                 return AE_NOT_EXIST;
555         }
556         spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
557         list_add_tail(&tx_msg->head, &ipmi_device->tx_msg_list);
558         spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
559         mutex_unlock(&driver_data.ipmi_lock);
560
561         err = ipmi_request_settime(ipmi_device->user_interface,
562                                    &tx_msg->addr,
563                                    tx_msg->tx_msgid,
564                                    &tx_msg->tx_message,
565                                    NULL, 0, 0, IPMI_TIMEOUT);
566         if (err) {
567                 status = AE_ERROR;
568                 goto out_msg;
569         }
570         wait_for_completion(&tx_msg->tx_complete);
571
572         acpi_format_ipmi_response(tx_msg, value);
573         status = AE_OK;
574
575 out_msg:
576         ipmi_cancel_tx_msg(ipmi_device, tx_msg);
577         acpi_ipmi_msg_put(tx_msg);
578         return status;
579 }
580
581 static int __init acpi_ipmi_init(void)
582 {
583         int result;
584         acpi_status status;
585
586         if (acpi_disabled)
587                 return 0;
588
589         status = acpi_install_address_space_handler(ACPI_ROOT_OBJECT,
590                                                     ACPI_ADR_SPACE_IPMI,
591                                                     &acpi_ipmi_space_handler,
592                                                     NULL, NULL);
593         if (ACPI_FAILURE(status)) {
594                 pr_warn("Can't register IPMI opregion space handle\n");
595                 return -EINVAL;
596         }
597
598         result = ipmi_smi_watcher_register(&driver_data.bmc_events);
599         if (result) {
600                 acpi_remove_address_space_handler(ACPI_ROOT_OBJECT,
601                                                                                   ACPI_ADR_SPACE_IPMI,
602                                                                                   &acpi_ipmi_space_handler);
603                 pr_err("Can't register IPMI system interface watcher\n");
604         }
605
606         return result;
607 }
608
609 static void __exit acpi_ipmi_exit(void)
610 {
611         struct acpi_ipmi_device *ipmi_device;
612
613         if (acpi_disabled)
614                 return;
615
616         ipmi_smi_watcher_unregister(&driver_data.bmc_events);
617
618         /*
619          * When one smi_watcher is unregistered, it is only deleted
620          * from the smi_watcher list. But the smi_gone callback function
621          * is not called. So explicitly uninstall the ACPI IPMI oregion
622          * handler and free it.
623          */
624         mutex_lock(&driver_data.ipmi_lock);
625         while (!list_empty(&driver_data.ipmi_devices)) {
626                 ipmi_device = list_first_entry(&driver_data.ipmi_devices,
627                                                struct acpi_ipmi_device,
628                                                head);
629                 __ipmi_dev_kill(ipmi_device);
630                 mutex_unlock(&driver_data.ipmi_lock);
631
632                 ipmi_flush_tx_msg(ipmi_device);
633                 acpi_ipmi_dev_put(ipmi_device);
634
635                 mutex_lock(&driver_data.ipmi_lock);
636         }
637         mutex_unlock(&driver_data.ipmi_lock);
638         acpi_remove_address_space_handler(ACPI_ROOT_OBJECT,
639                                           ACPI_ADR_SPACE_IPMI,
640                                           &acpi_ipmi_space_handler);
641 }
642
643 module_init(acpi_ipmi_init);
644 module_exit(acpi_ipmi_exit);