1 // SPDX-License-Identifier: GPL-2.0+
5 * Incoming and outgoing message routing for an IPMI interface.
7 * Author: MontaVista Software, Inc.
8 * Corey Minyard <minyard@mvista.com>
11 * Copyright 2002 MontaVista Software Inc.
14 #include <linux/module.h>
15 #include <linux/errno.h>
16 #include <linux/poll.h>
17 #include <linux/sched.h>
18 #include <linux/seq_file.h>
19 #include <linux/spinlock.h>
20 #include <linux/mutex.h>
21 #include <linux/slab.h>
22 #include <linux/ipmi.h>
23 #include <linux/ipmi_smi.h>
24 #include <linux/notifier.h>
25 #include <linux/init.h>
26 #include <linux/proc_fs.h>
27 #include <linux/rcupdate.h>
28 #include <linux/interrupt.h>
29 #include <linux/moduleparam.h>
30 #include <linux/workqueue.h>
31 #include <linux/uuid.h>
32 #include <linux/nospec.h>
34 #define PFX "IPMI message handler: "
36 #define IPMI_DRIVER_VERSION "39.2"
38 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
39 static int ipmi_init_msghandler(void);
40 static void smi_recv_tasklet(unsigned long);
41 static void handle_new_recv_msgs(struct ipmi_smi *intf);
42 static void need_waiter(struct ipmi_smi *intf);
43 static int handle_one_recv_msg(struct ipmi_smi *intf,
44 struct ipmi_smi_msg *msg);
47 static void ipmi_debug_msg(const char *title, unsigned char *data,
53 pos = snprintf(buf, sizeof(buf), "%s: ", title);
54 for (i = 0; i < len; i++)
55 pos += snprintf(buf + pos, sizeof(buf) - pos,
57 pr_debug("%s\n", buf);
60 static void ipmi_debug_msg(const char *title, unsigned char *data,
65 static bool initialized;
66 static bool drvregistered;
68 enum ipmi_panic_event_op {
69 IPMI_SEND_PANIC_EVENT_NONE,
70 IPMI_SEND_PANIC_EVENT,
71 IPMI_SEND_PANIC_EVENT_STRING
73 #ifdef CONFIG_IPMI_PANIC_STRING
74 #define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT_STRING
75 #elif defined(CONFIG_IPMI_PANIC_EVENT)
76 #define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT
78 #define IPMI_PANIC_DEFAULT IPMI_SEND_PANIC_EVENT_NONE
80 static enum ipmi_panic_event_op ipmi_send_panic_event = IPMI_PANIC_DEFAULT;
82 static int panic_op_write_handler(const char *val,
83 const struct kernel_param *kp)
88 strncpy(valcp, val, 15);
93 if (strcmp(s, "none") == 0)
94 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT_NONE;
95 else if (strcmp(s, "event") == 0)
96 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT;
97 else if (strcmp(s, "string") == 0)
98 ipmi_send_panic_event = IPMI_SEND_PANIC_EVENT_STRING;
105 static int panic_op_read_handler(char *buffer, const struct kernel_param *kp)
107 switch (ipmi_send_panic_event) {
108 case IPMI_SEND_PANIC_EVENT_NONE:
109 strcpy(buffer, "none");
112 case IPMI_SEND_PANIC_EVENT:
113 strcpy(buffer, "event");
116 case IPMI_SEND_PANIC_EVENT_STRING:
117 strcpy(buffer, "string");
121 strcpy(buffer, "???");
125 return strlen(buffer);
128 static const struct kernel_param_ops panic_op_ops = {
129 .set = panic_op_write_handler,
130 .get = panic_op_read_handler
132 module_param_cb(panic_op, &panic_op_ops, NULL, 0600);
133 MODULE_PARM_DESC(panic_op, "Sets if the IPMI driver will attempt to store panic information in the event log in the event of a panic. Set to 'none' for no, 'event' for a single event, or 'string' for a generic event and the panic string in IPMI OEM events.");
136 #define MAX_EVENTS_IN_QUEUE 25
138 /* Remain in auto-maintenance mode for this amount of time (in ms). */
139 static unsigned long maintenance_mode_timeout_ms = 30000;
140 module_param(maintenance_mode_timeout_ms, ulong, 0644);
141 MODULE_PARM_DESC(maintenance_mode_timeout_ms,
142 "The time (milliseconds) after the last maintenance message that the connection stays in maintenance mode.");
145 * Don't let a message sit in a queue forever, always time it with at lest
146 * the max message timer. This is in milliseconds.
148 #define MAX_MSG_TIMEOUT 60000
151 * Timeout times below are in milliseconds, and are done off a 1
152 * second timer. So setting the value to 1000 would mean anything
153 * between 0 and 1000ms. So really the only reasonable minimum
154 * setting it 2000ms, which is between 1 and 2 seconds.
157 /* The default timeout for message retries. */
158 static unsigned long default_retry_ms = 2000;
159 module_param(default_retry_ms, ulong, 0644);
160 MODULE_PARM_DESC(default_retry_ms,
161 "The time (milliseconds) between retry sends");
163 /* The default timeout for maintenance mode message retries. */
164 static unsigned long default_maintenance_retry_ms = 3000;
165 module_param(default_maintenance_retry_ms, ulong, 0644);
166 MODULE_PARM_DESC(default_maintenance_retry_ms,
167 "The time (milliseconds) between retry sends in maintenance mode");
169 /* The default maximum number of retries */
170 static unsigned int default_max_retries = 4;
171 module_param(default_max_retries, uint, 0644);
172 MODULE_PARM_DESC(default_max_retries,
173 "The time (milliseconds) between retry sends in maintenance mode");
175 /* Call every ~1000 ms. */
176 #define IPMI_TIMEOUT_TIME 1000
178 /* How many jiffies does it take to get to the timeout time. */
179 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
182 * Request events from the queue every second (this is the number of
183 * IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
184 * future, IPMI will add a way to know immediately if an event is in
185 * the queue and this silliness can go away.
187 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
189 /* How long should we cache dynamic device IDs? */
190 #define IPMI_DYN_DEV_ID_EXPIRY (10 * HZ)
193 * The main "user" data structure.
196 struct list_head link;
199 * Set to NULL when the user is destroyed, a pointer to myself
200 * so srcu_dereference can be used on it.
202 struct ipmi_user *self;
203 struct srcu_struct release_barrier;
205 struct kref refcount;
207 /* The upper layer that handles receive messages. */
208 const struct ipmi_user_hndl *handler;
211 /* The interface this user is bound to. */
212 struct ipmi_smi *intf;
214 /* Does this interface receive IPMI events? */
217 /* Free must run in process context for RCU cleanup. */
218 struct work_struct remove_work;
221 static struct ipmi_user *acquire_ipmi_user(struct ipmi_user *user, int *index)
222 __acquires(user->release_barrier)
224 struct ipmi_user *ruser;
226 *index = srcu_read_lock(&user->release_barrier);
227 ruser = srcu_dereference(user->self, &user->release_barrier);
229 srcu_read_unlock(&user->release_barrier, *index);
233 static void release_ipmi_user(struct ipmi_user *user, int index)
235 srcu_read_unlock(&user->release_barrier, index);
239 struct list_head link;
241 struct ipmi_user *user;
247 * This is used to form a linked lised during mass deletion.
248 * Since this is in an RCU list, we cannot use the link above
249 * or change any data until the RCU period completes. So we
250 * use this next variable during mass deletion so we can have
251 * a list and don't have to wait and restart the search on
252 * every individual deletion of a command.
254 struct cmd_rcvr *next;
258 unsigned int inuse : 1;
259 unsigned int broadcast : 1;
261 unsigned long timeout;
262 unsigned long orig_timeout;
263 unsigned int retries_left;
266 * To verify on an incoming send message response that this is
267 * the message that the response is for, we keep a sequence id
268 * and increment it every time we send a message.
273 * This is held so we can properly respond to the message on a
274 * timeout, and it is used to hold the temporary data for
275 * retransmission, too.
277 struct ipmi_recv_msg *recv_msg;
281 * Store the information in a msgid (long) to allow us to find a
282 * sequence table entry from the msgid.
284 #define STORE_SEQ_IN_MSGID(seq, seqid) \
285 ((((seq) & 0x3f) << 26) | ((seqid) & 0x3ffffff))
287 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
289 seq = (((msgid) >> 26) & 0x3f); \
290 seqid = ((msgid) & 0x3ffffff); \
293 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3ffffff)
295 #define IPMI_MAX_CHANNELS 16
296 struct ipmi_channel {
297 unsigned char medium;
298 unsigned char protocol;
301 struct ipmi_channel_set {
302 struct ipmi_channel c[IPMI_MAX_CHANNELS];
305 struct ipmi_my_addrinfo {
307 * My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
308 * but may be changed by the user.
310 unsigned char address;
313 * My LUN. This should generally stay the SMS LUN, but just in
320 * Note that the product id, manufacturer id, guid, and device id are
321 * immutable in this structure, so dyn_mutex is not required for
322 * accessing those. If those change on a BMC, a new BMC is allocated.
325 struct platform_device pdev;
326 struct list_head intfs; /* Interfaces on this BMC. */
327 struct ipmi_device_id id;
328 struct ipmi_device_id fetch_id;
330 unsigned long dyn_id_expiry;
331 struct mutex dyn_mutex; /* Protects id, intfs, & dyn* */
335 struct kref usecount;
336 struct work_struct remove_work;
338 #define to_bmc_device(x) container_of((x), struct bmc_device, pdev.dev)
340 static int bmc_get_device_id(struct ipmi_smi *intf, struct bmc_device *bmc,
341 struct ipmi_device_id *id,
342 bool *guid_set, guid_t *guid);
345 * Various statistics for IPMI, these index stats[] in the ipmi_smi
348 enum ipmi_stat_indexes {
349 /* Commands we got from the user that were invalid. */
350 IPMI_STAT_sent_invalid_commands = 0,
352 /* Commands we sent to the MC. */
353 IPMI_STAT_sent_local_commands,
355 /* Responses from the MC that were delivered to a user. */
356 IPMI_STAT_handled_local_responses,
358 /* Responses from the MC that were not delivered to a user. */
359 IPMI_STAT_unhandled_local_responses,
361 /* Commands we sent out to the IPMB bus. */
362 IPMI_STAT_sent_ipmb_commands,
364 /* Commands sent on the IPMB that had errors on the SEND CMD */
365 IPMI_STAT_sent_ipmb_command_errs,
367 /* Each retransmit increments this count. */
368 IPMI_STAT_retransmitted_ipmb_commands,
371 * When a message times out (runs out of retransmits) this is
374 IPMI_STAT_timed_out_ipmb_commands,
377 * This is like above, but for broadcasts. Broadcasts are
378 * *not* included in the above count (they are expected to
381 IPMI_STAT_timed_out_ipmb_broadcasts,
383 /* Responses I have sent to the IPMB bus. */
384 IPMI_STAT_sent_ipmb_responses,
386 /* The response was delivered to the user. */
387 IPMI_STAT_handled_ipmb_responses,
389 /* The response had invalid data in it. */
390 IPMI_STAT_invalid_ipmb_responses,
392 /* The response didn't have anyone waiting for it. */
393 IPMI_STAT_unhandled_ipmb_responses,
395 /* Commands we sent out to the IPMB bus. */
396 IPMI_STAT_sent_lan_commands,
398 /* Commands sent on the IPMB that had errors on the SEND CMD */
399 IPMI_STAT_sent_lan_command_errs,
401 /* Each retransmit increments this count. */
402 IPMI_STAT_retransmitted_lan_commands,
405 * When a message times out (runs out of retransmits) this is
408 IPMI_STAT_timed_out_lan_commands,
410 /* Responses I have sent to the IPMB bus. */
411 IPMI_STAT_sent_lan_responses,
413 /* The response was delivered to the user. */
414 IPMI_STAT_handled_lan_responses,
416 /* The response had invalid data in it. */
417 IPMI_STAT_invalid_lan_responses,
419 /* The response didn't have anyone waiting for it. */
420 IPMI_STAT_unhandled_lan_responses,
422 /* The command was delivered to the user. */
423 IPMI_STAT_handled_commands,
425 /* The command had invalid data in it. */
426 IPMI_STAT_invalid_commands,
428 /* The command didn't have anyone waiting for it. */
429 IPMI_STAT_unhandled_commands,
431 /* Invalid data in an event. */
432 IPMI_STAT_invalid_events,
434 /* Events that were received with the proper format. */
437 /* Retransmissions on IPMB that failed. */
438 IPMI_STAT_dropped_rexmit_ipmb_commands,
440 /* Retransmissions on LAN that failed. */
441 IPMI_STAT_dropped_rexmit_lan_commands,
443 /* This *must* remain last, add new values above this. */
448 #define IPMI_IPMB_NUM_SEQ 64
450 struct module *owner;
452 /* What interface number are we? */
455 struct kref refcount;
457 /* Set when the interface is being unregistered. */
460 /* Used for a list of interfaces. */
461 struct list_head link;
464 * The list of upper layers that are using me. seq_lock write
465 * protects this. Read protection is with srcu.
467 struct list_head users;
468 struct srcu_struct users_srcu;
470 /* Used for wake ups at startup. */
471 wait_queue_head_t waitq;
474 * Prevents the interface from being unregistered when the
475 * interface is used by being looked up through the BMC
478 struct mutex bmc_reg_mutex;
480 struct bmc_device tmp_bmc;
481 struct bmc_device *bmc;
483 struct list_head bmc_link;
485 bool in_bmc_register; /* Handle recursive situations. Yuck. */
486 struct work_struct bmc_reg_work;
488 const struct ipmi_smi_handlers *handlers;
491 /* Driver-model device for the system interface. */
492 struct device *si_dev;
495 * A table of sequence numbers for this interface. We use the
496 * sequence numbers for IPMB messages that go out of the
497 * interface to match them up with their responses. A routine
498 * is called periodically to time the items in this list.
501 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
505 * Messages queued for delivery. If delivery fails (out of memory
506 * for instance), They will stay in here to be processed later in a
507 * periodic timer interrupt. The tasklet is for handling received
508 * messages directly from the handler.
510 spinlock_t waiting_rcv_msgs_lock;
511 struct list_head waiting_rcv_msgs;
512 atomic_t watchdog_pretimeouts_to_deliver;
513 struct tasklet_struct recv_tasklet;
515 spinlock_t xmit_msgs_lock;
516 struct list_head xmit_msgs;
517 struct ipmi_smi_msg *curr_msg;
518 struct list_head hp_xmit_msgs;
521 * The list of command receivers that are registered for commands
524 struct mutex cmd_rcvrs_mutex;
525 struct list_head cmd_rcvrs;
528 * Events that were queues because no one was there to receive
531 spinlock_t events_lock; /* For dealing with event stuff. */
532 struct list_head waiting_events;
533 unsigned int waiting_events_count; /* How many events in queue? */
534 char delivering_events;
535 char event_msg_printed;
536 atomic_t event_waiters;
537 unsigned int ticks_to_req_ev;
538 int last_needs_timer;
541 * The event receiver for my BMC, only really used at panic
542 * shutdown as a place to store this.
544 unsigned char event_receiver;
545 unsigned char event_receiver_lun;
546 unsigned char local_sel_device;
547 unsigned char local_event_generator;
549 /* For handling of maintenance mode. */
550 int maintenance_mode;
551 bool maintenance_mode_enable;
552 int auto_maintenance_timeout;
553 spinlock_t maintenance_mode_lock; /* Used in a timer... */
556 * If we are doing maintenance on something on IPMB, extend
557 * the timeout time to avoid timeouts writing firmware and
560 int ipmb_maintenance_mode_timeout;
563 * A cheap hack, if this is non-null and a message to an
564 * interface comes in with a NULL user, call this routine with
565 * it. Note that the message will still be freed by the
566 * caller. This only works on the system interface.
568 * Protected by bmc_reg_mutex.
570 void (*null_user_handler)(struct ipmi_smi *intf,
571 struct ipmi_recv_msg *msg);
574 * When we are scanning the channels for an SMI, this will
575 * tell which channel we are scanning.
579 /* Channel information */
580 struct ipmi_channel_set *channel_list;
581 unsigned int curr_working_cset; /* First index into the following. */
582 struct ipmi_channel_set wchannels[2];
583 struct ipmi_my_addrinfo addrinfo[IPMI_MAX_CHANNELS];
586 atomic_t stats[IPMI_NUM_STATS];
589 * run_to_completion duplicate of smb_info, smi_info
590 * and ipmi_serial_info structures. Used to decrease numbers of
591 * parameters passed by "low" level IPMI code.
593 int run_to_completion;
595 #define to_si_intf_from_dev(device) container_of(device, struct ipmi_smi, dev)
597 static void __get_guid(struct ipmi_smi *intf);
598 static void __ipmi_bmc_unregister(struct ipmi_smi *intf);
599 static int __ipmi_bmc_register(struct ipmi_smi *intf,
600 struct ipmi_device_id *id,
601 bool guid_set, guid_t *guid, int intf_num);
602 static int __scan_channels(struct ipmi_smi *intf, struct ipmi_device_id *id);
606 * The driver model view of the IPMI messaging driver.
608 static struct platform_driver ipmidriver = {
611 .bus = &platform_bus_type
615 * This mutex keeps us from adding the same BMC twice.
617 static DEFINE_MUTEX(ipmidriver_mutex);
619 static LIST_HEAD(ipmi_interfaces);
620 static DEFINE_MUTEX(ipmi_interfaces_mutex);
621 struct srcu_struct ipmi_interfaces_srcu;
624 * List of watchers that want to know when smi's are added and deleted.
626 static LIST_HEAD(smi_watchers);
627 static DEFINE_MUTEX(smi_watchers_mutex);
629 #define ipmi_inc_stat(intf, stat) \
630 atomic_inc(&(intf)->stats[IPMI_STAT_ ## stat])
631 #define ipmi_get_stat(intf, stat) \
632 ((unsigned int) atomic_read(&(intf)->stats[IPMI_STAT_ ## stat]))
634 static const char * const addr_src_to_str[] = {
635 "invalid", "hotmod", "hardcoded", "SPMI", "ACPI", "SMBIOS", "PCI",
636 "device-tree", "platform"
639 const char *ipmi_addr_src_to_str(enum ipmi_addr_src src)
642 src = 0; /* Invalid */
643 return addr_src_to_str[src];
645 EXPORT_SYMBOL(ipmi_addr_src_to_str);
647 static int is_lan_addr(struct ipmi_addr *addr)
649 return addr->addr_type == IPMI_LAN_ADDR_TYPE;
652 static int is_ipmb_addr(struct ipmi_addr *addr)
654 return addr->addr_type == IPMI_IPMB_ADDR_TYPE;
657 static int is_ipmb_bcast_addr(struct ipmi_addr *addr)
659 return addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE;
662 static void free_recv_msg_list(struct list_head *q)
664 struct ipmi_recv_msg *msg, *msg2;
666 list_for_each_entry_safe(msg, msg2, q, link) {
667 list_del(&msg->link);
668 ipmi_free_recv_msg(msg);
672 static void free_smi_msg_list(struct list_head *q)
674 struct ipmi_smi_msg *msg, *msg2;
676 list_for_each_entry_safe(msg, msg2, q, link) {
677 list_del(&msg->link);
678 ipmi_free_smi_msg(msg);
682 static void clean_up_interface_data(struct ipmi_smi *intf)
685 struct cmd_rcvr *rcvr, *rcvr2;
686 struct list_head list;
688 tasklet_kill(&intf->recv_tasklet);
690 free_smi_msg_list(&intf->waiting_rcv_msgs);
691 free_recv_msg_list(&intf->waiting_events);
694 * Wholesale remove all the entries from the list in the
695 * interface and wait for RCU to know that none are in use.
697 mutex_lock(&intf->cmd_rcvrs_mutex);
698 INIT_LIST_HEAD(&list);
699 list_splice_init_rcu(&intf->cmd_rcvrs, &list, synchronize_rcu);
700 mutex_unlock(&intf->cmd_rcvrs_mutex);
702 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
705 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
706 if ((intf->seq_table[i].inuse)
707 && (intf->seq_table[i].recv_msg))
708 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
712 static void intf_free(struct kref *ref)
714 struct ipmi_smi *intf = container_of(ref, struct ipmi_smi, refcount);
716 clean_up_interface_data(intf);
720 struct watcher_entry {
722 struct ipmi_smi *intf;
723 struct list_head link;
726 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
728 struct ipmi_smi *intf;
732 * Make sure the driver is actually initialized, this handles
733 * problems with initialization order.
735 rv = ipmi_init_msghandler();
739 mutex_lock(&smi_watchers_mutex);
741 list_add(&watcher->link, &smi_watchers);
743 index = srcu_read_lock(&ipmi_interfaces_srcu);
744 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
745 int intf_num = READ_ONCE(intf->intf_num);
749 watcher->new_smi(intf_num, intf->si_dev);
751 srcu_read_unlock(&ipmi_interfaces_srcu, index);
753 mutex_unlock(&smi_watchers_mutex);
757 EXPORT_SYMBOL(ipmi_smi_watcher_register);
759 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
761 mutex_lock(&smi_watchers_mutex);
762 list_del(&watcher->link);
763 mutex_unlock(&smi_watchers_mutex);
766 EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
769 * Must be called with smi_watchers_mutex held.
772 call_smi_watchers(int i, struct device *dev)
774 struct ipmi_smi_watcher *w;
776 mutex_lock(&smi_watchers_mutex);
777 list_for_each_entry(w, &smi_watchers, link) {
778 if (try_module_get(w->owner)) {
780 module_put(w->owner);
783 mutex_unlock(&smi_watchers_mutex);
787 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
789 if (addr1->addr_type != addr2->addr_type)
792 if (addr1->channel != addr2->channel)
795 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
796 struct ipmi_system_interface_addr *smi_addr1
797 = (struct ipmi_system_interface_addr *) addr1;
798 struct ipmi_system_interface_addr *smi_addr2
799 = (struct ipmi_system_interface_addr *) addr2;
800 return (smi_addr1->lun == smi_addr2->lun);
803 if (is_ipmb_addr(addr1) || is_ipmb_bcast_addr(addr1)) {
804 struct ipmi_ipmb_addr *ipmb_addr1
805 = (struct ipmi_ipmb_addr *) addr1;
806 struct ipmi_ipmb_addr *ipmb_addr2
807 = (struct ipmi_ipmb_addr *) addr2;
809 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
810 && (ipmb_addr1->lun == ipmb_addr2->lun));
813 if (is_lan_addr(addr1)) {
814 struct ipmi_lan_addr *lan_addr1
815 = (struct ipmi_lan_addr *) addr1;
816 struct ipmi_lan_addr *lan_addr2
817 = (struct ipmi_lan_addr *) addr2;
819 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
820 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
821 && (lan_addr1->session_handle
822 == lan_addr2->session_handle)
823 && (lan_addr1->lun == lan_addr2->lun));
829 int ipmi_validate_addr(struct ipmi_addr *addr, int len)
831 if (len < sizeof(struct ipmi_system_interface_addr))
834 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
835 if (addr->channel != IPMI_BMC_CHANNEL)
840 if ((addr->channel == IPMI_BMC_CHANNEL)
841 || (addr->channel >= IPMI_MAX_CHANNELS)
842 || (addr->channel < 0))
845 if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
846 if (len < sizeof(struct ipmi_ipmb_addr))
851 if (is_lan_addr(addr)) {
852 if (len < sizeof(struct ipmi_lan_addr))
859 EXPORT_SYMBOL(ipmi_validate_addr);
861 unsigned int ipmi_addr_length(int addr_type)
863 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
864 return sizeof(struct ipmi_system_interface_addr);
866 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
867 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
868 return sizeof(struct ipmi_ipmb_addr);
870 if (addr_type == IPMI_LAN_ADDR_TYPE)
871 return sizeof(struct ipmi_lan_addr);
875 EXPORT_SYMBOL(ipmi_addr_length);
877 static int deliver_response(struct ipmi_smi *intf, struct ipmi_recv_msg *msg)
882 /* Special handling for NULL users. */
883 if (intf->null_user_handler) {
884 intf->null_user_handler(intf, msg);
886 /* No handler, so give up. */
889 ipmi_free_recv_msg(msg);
890 } else if (!oops_in_progress) {
892 * If we are running in the panic context, calling the
893 * receive handler doesn't much meaning and has a deadlock
894 * risk. At this moment, simply skip it in that case.
897 struct ipmi_user *user = acquire_ipmi_user(msg->user, &index);
900 user->handler->ipmi_recv_hndl(msg, user->handler_data);
901 release_ipmi_user(user, index);
903 /* User went away, give up. */
904 ipmi_free_recv_msg(msg);
912 static void deliver_local_response(struct ipmi_smi *intf,
913 struct ipmi_recv_msg *msg)
915 if (deliver_response(intf, msg))
916 ipmi_inc_stat(intf, unhandled_local_responses);
918 ipmi_inc_stat(intf, handled_local_responses);
921 static void deliver_err_response(struct ipmi_smi *intf,
922 struct ipmi_recv_msg *msg, int err)
924 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
925 msg->msg_data[0] = err;
926 msg->msg.netfn |= 1; /* Convert to a response. */
927 msg->msg.data_len = 1;
928 msg->msg.data = msg->msg_data;
929 deliver_local_response(intf, msg);
933 * Find the next sequence number not being used and add the given
934 * message with the given timeout to the sequence table. This must be
935 * called with the interface's seq_lock held.
937 static int intf_next_seq(struct ipmi_smi *intf,
938 struct ipmi_recv_msg *recv_msg,
939 unsigned long timeout,
949 timeout = default_retry_ms;
951 retries = default_max_retries;
953 for (i = intf->curr_seq; (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
954 i = (i+1)%IPMI_IPMB_NUM_SEQ) {
955 if (!intf->seq_table[i].inuse)
959 if (!intf->seq_table[i].inuse) {
960 intf->seq_table[i].recv_msg = recv_msg;
963 * Start with the maximum timeout, when the send response
964 * comes in we will start the real timer.
966 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
967 intf->seq_table[i].orig_timeout = timeout;
968 intf->seq_table[i].retries_left = retries;
969 intf->seq_table[i].broadcast = broadcast;
970 intf->seq_table[i].inuse = 1;
971 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
973 *seqid = intf->seq_table[i].seqid;
974 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
984 * Return the receive message for the given sequence number and
985 * release the sequence number so it can be reused. Some other data
986 * is passed in to be sure the message matches up correctly (to help
987 * guard against message coming in after their timeout and the
988 * sequence number being reused).
990 static int intf_find_seq(struct ipmi_smi *intf,
995 struct ipmi_addr *addr,
996 struct ipmi_recv_msg **recv_msg)
1001 if (seq >= IPMI_IPMB_NUM_SEQ)
1004 spin_lock_irqsave(&intf->seq_lock, flags);
1005 if (intf->seq_table[seq].inuse) {
1006 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
1008 if ((msg->addr.channel == channel) && (msg->msg.cmd == cmd)
1009 && (msg->msg.netfn == netfn)
1010 && (ipmi_addr_equal(addr, &msg->addr))) {
1012 intf->seq_table[seq].inuse = 0;
1016 spin_unlock_irqrestore(&intf->seq_lock, flags);
1022 /* Start the timer for a specific sequence table entry. */
1023 static int intf_start_seq_timer(struct ipmi_smi *intf,
1027 unsigned long flags;
1029 unsigned long seqid;
1032 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
1034 spin_lock_irqsave(&intf->seq_lock, flags);
1036 * We do this verification because the user can be deleted
1037 * while a message is outstanding.
1039 if ((intf->seq_table[seq].inuse)
1040 && (intf->seq_table[seq].seqid == seqid)) {
1041 struct seq_table *ent = &intf->seq_table[seq];
1042 ent->timeout = ent->orig_timeout;
1045 spin_unlock_irqrestore(&intf->seq_lock, flags);
1050 /* Got an error for the send message for a specific sequence number. */
1051 static int intf_err_seq(struct ipmi_smi *intf,
1056 unsigned long flags;
1058 unsigned long seqid;
1059 struct ipmi_recv_msg *msg = NULL;
1062 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
1064 spin_lock_irqsave(&intf->seq_lock, flags);
1066 * We do this verification because the user can be deleted
1067 * while a message is outstanding.
1069 if ((intf->seq_table[seq].inuse)
1070 && (intf->seq_table[seq].seqid == seqid)) {
1071 struct seq_table *ent = &intf->seq_table[seq];
1074 msg = ent->recv_msg;
1077 spin_unlock_irqrestore(&intf->seq_lock, flags);
1080 deliver_err_response(intf, msg, err);
1086 static void free_user_work(struct work_struct *work)
1088 struct ipmi_user *user = container_of(work, struct ipmi_user,
1091 cleanup_srcu_struct(&user->release_barrier);
1095 int ipmi_create_user(unsigned int if_num,
1096 const struct ipmi_user_hndl *handler,
1098 struct ipmi_user **user)
1100 unsigned long flags;
1101 struct ipmi_user *new_user;
1103 struct ipmi_smi *intf;
1106 * There is no module usecount here, because it's not
1107 * required. Since this can only be used by and called from
1108 * other modules, they will implicitly use this module, and
1109 * thus this can't be removed unless the other modules are
1113 if (handler == NULL)
1117 * Make sure the driver is actually initialized, this handles
1118 * problems with initialization order.
1120 rv = ipmi_init_msghandler();
1124 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
1128 index = srcu_read_lock(&ipmi_interfaces_srcu);
1129 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1130 if (intf->intf_num == if_num)
1133 /* Not found, return an error */
1138 INIT_WORK(&new_user->remove_work, free_user_work);
1140 rv = init_srcu_struct(&new_user->release_barrier);
1144 if (!try_module_get(intf->owner)) {
1149 /* Note that each existing user holds a refcount to the interface. */
1150 kref_get(&intf->refcount);
1152 kref_init(&new_user->refcount);
1153 new_user->handler = handler;
1154 new_user->handler_data = handler_data;
1155 new_user->intf = intf;
1156 new_user->gets_events = false;
1158 rcu_assign_pointer(new_user->self, new_user);
1159 spin_lock_irqsave(&intf->seq_lock, flags);
1160 list_add_rcu(&new_user->link, &intf->users);
1161 spin_unlock_irqrestore(&intf->seq_lock, flags);
1162 if (handler->ipmi_watchdog_pretimeout) {
1163 /* User wants pretimeouts, so make sure to watch for them. */
1164 if (atomic_inc_return(&intf->event_waiters) == 1)
1167 srcu_read_unlock(&ipmi_interfaces_srcu, index);
1172 srcu_read_unlock(&ipmi_interfaces_srcu, index);
1176 EXPORT_SYMBOL(ipmi_create_user);
1178 int ipmi_get_smi_info(int if_num, struct ipmi_smi_info *data)
1181 struct ipmi_smi *intf;
1183 index = srcu_read_lock(&ipmi_interfaces_srcu);
1184 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
1185 if (intf->intf_num == if_num)
1188 srcu_read_unlock(&ipmi_interfaces_srcu, index);
1190 /* Not found, return an error */
1194 if (!intf->handlers->get_smi_info)
1197 rv = intf->handlers->get_smi_info(intf->send_info, data);
1198 srcu_read_unlock(&ipmi_interfaces_srcu, index);
1202 EXPORT_SYMBOL(ipmi_get_smi_info);
1204 static void free_user(struct kref *ref)
1206 struct ipmi_user *user = container_of(ref, struct ipmi_user, refcount);
1208 /* SRCU cleanup must happen in task context. */
1209 schedule_work(&user->remove_work);
1212 static void _ipmi_destroy_user(struct ipmi_user *user)
1214 struct ipmi_smi *intf = user->intf;
1216 unsigned long flags;
1217 struct cmd_rcvr *rcvr;
1218 struct cmd_rcvr *rcvrs = NULL;
1220 if (!acquire_ipmi_user(user, &i)) {
1222 * The user has already been cleaned up, just make sure
1223 * nothing is using it and return.
1225 synchronize_srcu(&user->release_barrier);
1229 rcu_assign_pointer(user->self, NULL);
1230 release_ipmi_user(user, i);
1232 synchronize_srcu(&user->release_barrier);
1234 if (user->handler->shutdown)
1235 user->handler->shutdown(user->handler_data);
1237 if (user->handler->ipmi_watchdog_pretimeout)
1238 atomic_dec(&intf->event_waiters);
1240 if (user->gets_events)
1241 atomic_dec(&intf->event_waiters);
1243 /* Remove the user from the interface's sequence table. */
1244 spin_lock_irqsave(&intf->seq_lock, flags);
1245 list_del_rcu(&user->link);
1247 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
1248 if (intf->seq_table[i].inuse
1249 && (intf->seq_table[i].recv_msg->user == user)) {
1250 intf->seq_table[i].inuse = 0;
1251 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1254 spin_unlock_irqrestore(&intf->seq_lock, flags);
1257 * Remove the user from the command receiver's table. First
1258 * we build a list of everything (not using the standard link,
1259 * since other things may be using it till we do
1260 * synchronize_srcu()) then free everything in that list.
1262 mutex_lock(&intf->cmd_rcvrs_mutex);
1263 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1264 if (rcvr->user == user) {
1265 list_del_rcu(&rcvr->link);
1270 mutex_unlock(&intf->cmd_rcvrs_mutex);
1278 kref_put(&intf->refcount, intf_free);
1279 module_put(intf->owner);
1282 int ipmi_destroy_user(struct ipmi_user *user)
1284 _ipmi_destroy_user(user);
1286 kref_put(&user->refcount, free_user);
1290 EXPORT_SYMBOL(ipmi_destroy_user);
1292 int ipmi_get_version(struct ipmi_user *user,
1293 unsigned char *major,
1294 unsigned char *minor)
1296 struct ipmi_device_id id;
1299 user = acquire_ipmi_user(user, &index);
1303 rv = bmc_get_device_id(user->intf, NULL, &id, NULL, NULL);
1305 *major = ipmi_version_major(&id);
1306 *minor = ipmi_version_minor(&id);
1308 release_ipmi_user(user, index);
1312 EXPORT_SYMBOL(ipmi_get_version);
1314 int ipmi_set_my_address(struct ipmi_user *user,
1315 unsigned int channel,
1316 unsigned char address)
1320 user = acquire_ipmi_user(user, &index);
1324 if (channel >= IPMI_MAX_CHANNELS) {
1327 channel = array_index_nospec(channel, IPMI_MAX_CHANNELS);
1328 user->intf->addrinfo[channel].address = address;
1330 release_ipmi_user(user, index);
1334 EXPORT_SYMBOL(ipmi_set_my_address);
1336 int ipmi_get_my_address(struct ipmi_user *user,
1337 unsigned int channel,
1338 unsigned char *address)
1342 user = acquire_ipmi_user(user, &index);
1346 if (channel >= IPMI_MAX_CHANNELS) {
1349 channel = array_index_nospec(channel, IPMI_MAX_CHANNELS);
1350 *address = user->intf->addrinfo[channel].address;
1352 release_ipmi_user(user, index);
1356 EXPORT_SYMBOL(ipmi_get_my_address);
1358 int ipmi_set_my_LUN(struct ipmi_user *user,
1359 unsigned int channel,
1364 user = acquire_ipmi_user(user, &index);
1368 if (channel >= IPMI_MAX_CHANNELS) {
1371 channel = array_index_nospec(channel, IPMI_MAX_CHANNELS);
1372 user->intf->addrinfo[channel].lun = LUN & 0x3;
1374 release_ipmi_user(user, index);
1378 EXPORT_SYMBOL(ipmi_set_my_LUN);
1380 int ipmi_get_my_LUN(struct ipmi_user *user,
1381 unsigned int channel,
1382 unsigned char *address)
1386 user = acquire_ipmi_user(user, &index);
1390 if (channel >= IPMI_MAX_CHANNELS) {
1393 channel = array_index_nospec(channel, IPMI_MAX_CHANNELS);
1394 *address = user->intf->addrinfo[channel].lun;
1396 release_ipmi_user(user, index);
1400 EXPORT_SYMBOL(ipmi_get_my_LUN);
1402 int ipmi_get_maintenance_mode(struct ipmi_user *user)
1405 unsigned long flags;
1407 user = acquire_ipmi_user(user, &index);
1411 spin_lock_irqsave(&user->intf->maintenance_mode_lock, flags);
1412 mode = user->intf->maintenance_mode;
1413 spin_unlock_irqrestore(&user->intf->maintenance_mode_lock, flags);
1414 release_ipmi_user(user, index);
1418 EXPORT_SYMBOL(ipmi_get_maintenance_mode);
1420 static void maintenance_mode_update(struct ipmi_smi *intf)
1422 if (intf->handlers->set_maintenance_mode)
1423 intf->handlers->set_maintenance_mode(
1424 intf->send_info, intf->maintenance_mode_enable);
1427 int ipmi_set_maintenance_mode(struct ipmi_user *user, int mode)
1430 unsigned long flags;
1431 struct ipmi_smi *intf = user->intf;
1433 user = acquire_ipmi_user(user, &index);
1437 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1438 if (intf->maintenance_mode != mode) {
1440 case IPMI_MAINTENANCE_MODE_AUTO:
1441 intf->maintenance_mode_enable
1442 = (intf->auto_maintenance_timeout > 0);
1445 case IPMI_MAINTENANCE_MODE_OFF:
1446 intf->maintenance_mode_enable = false;
1449 case IPMI_MAINTENANCE_MODE_ON:
1450 intf->maintenance_mode_enable = true;
1457 intf->maintenance_mode = mode;
1459 maintenance_mode_update(intf);
1462 spin_unlock_irqrestore(&intf->maintenance_mode_lock, flags);
1463 release_ipmi_user(user, index);
1467 EXPORT_SYMBOL(ipmi_set_maintenance_mode);
1469 int ipmi_set_gets_events(struct ipmi_user *user, bool val)
1471 unsigned long flags;
1472 struct ipmi_smi *intf = user->intf;
1473 struct ipmi_recv_msg *msg, *msg2;
1474 struct list_head msgs;
1477 user = acquire_ipmi_user(user, &index);
1481 INIT_LIST_HEAD(&msgs);
1483 spin_lock_irqsave(&intf->events_lock, flags);
1484 if (user->gets_events == val)
1487 user->gets_events = val;
1490 if (atomic_inc_return(&intf->event_waiters) == 1)
1493 atomic_dec(&intf->event_waiters);
1496 if (intf->delivering_events)
1498 * Another thread is delivering events for this, so
1499 * let it handle any new events.
1503 /* Deliver any queued events. */
1504 while (user->gets_events && !list_empty(&intf->waiting_events)) {
1505 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link)
1506 list_move_tail(&msg->link, &msgs);
1507 intf->waiting_events_count = 0;
1508 if (intf->event_msg_printed) {
1509 dev_warn(intf->si_dev,
1510 PFX "Event queue no longer full\n");
1511 intf->event_msg_printed = 0;
1514 intf->delivering_events = 1;
1515 spin_unlock_irqrestore(&intf->events_lock, flags);
1517 list_for_each_entry_safe(msg, msg2, &msgs, link) {
1519 kref_get(&user->refcount);
1520 deliver_local_response(intf, msg);
1523 spin_lock_irqsave(&intf->events_lock, flags);
1524 intf->delivering_events = 0;
1528 spin_unlock_irqrestore(&intf->events_lock, flags);
1529 release_ipmi_user(user, index);
1533 EXPORT_SYMBOL(ipmi_set_gets_events);
1535 static struct cmd_rcvr *find_cmd_rcvr(struct ipmi_smi *intf,
1536 unsigned char netfn,
1540 struct cmd_rcvr *rcvr;
1542 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1543 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1544 && (rcvr->chans & (1 << chan)))
1550 static int is_cmd_rcvr_exclusive(struct ipmi_smi *intf,
1551 unsigned char netfn,
1555 struct cmd_rcvr *rcvr;
1557 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1558 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)
1559 && (rcvr->chans & chans))
1565 int ipmi_register_for_cmd(struct ipmi_user *user,
1566 unsigned char netfn,
1570 struct ipmi_smi *intf = user->intf;
1571 struct cmd_rcvr *rcvr;
1574 user = acquire_ipmi_user(user, &index);
1578 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
1584 rcvr->netfn = netfn;
1585 rcvr->chans = chans;
1588 mutex_lock(&intf->cmd_rcvrs_mutex);
1589 /* Make sure the command/netfn is not already registered. */
1590 if (!is_cmd_rcvr_exclusive(intf, netfn, cmd, chans)) {
1595 if (atomic_inc_return(&intf->event_waiters) == 1)
1598 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
1601 mutex_unlock(&intf->cmd_rcvrs_mutex);
1605 release_ipmi_user(user, index);
1609 EXPORT_SYMBOL(ipmi_register_for_cmd);
1611 int ipmi_unregister_for_cmd(struct ipmi_user *user,
1612 unsigned char netfn,
1616 struct ipmi_smi *intf = user->intf;
1617 struct cmd_rcvr *rcvr;
1618 struct cmd_rcvr *rcvrs = NULL;
1619 int i, rv = -ENOENT, index;
1621 user = acquire_ipmi_user(user, &index);
1625 mutex_lock(&intf->cmd_rcvrs_mutex);
1626 for (i = 0; i < IPMI_NUM_CHANNELS; i++) {
1627 if (((1 << i) & chans) == 0)
1629 rcvr = find_cmd_rcvr(intf, netfn, cmd, i);
1632 if (rcvr->user == user) {
1634 rcvr->chans &= ~chans;
1635 if (rcvr->chans == 0) {
1636 list_del_rcu(&rcvr->link);
1642 mutex_unlock(&intf->cmd_rcvrs_mutex);
1644 release_ipmi_user(user, index);
1646 atomic_dec(&intf->event_waiters);
1654 EXPORT_SYMBOL(ipmi_unregister_for_cmd);
1656 static unsigned char
1657 ipmb_checksum(unsigned char *data, int size)
1659 unsigned char csum = 0;
1661 for (; size > 0; size--, data++)
1667 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1668 struct kernel_ipmi_msg *msg,
1669 struct ipmi_ipmb_addr *ipmb_addr,
1671 unsigned char ipmb_seq,
1673 unsigned char source_address,
1674 unsigned char source_lun)
1678 /* Format the IPMB header data. */
1679 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1680 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1681 smi_msg->data[2] = ipmb_addr->channel;
1683 smi_msg->data[3] = 0;
1684 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1685 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1686 smi_msg->data[i+5] = ipmb_checksum(&smi_msg->data[i + 3], 2);
1687 smi_msg->data[i+6] = source_address;
1688 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1689 smi_msg->data[i+8] = msg->cmd;
1691 /* Now tack on the data to the message. */
1692 if (msg->data_len > 0)
1693 memcpy(&smi_msg->data[i + 9], msg->data, msg->data_len);
1694 smi_msg->data_size = msg->data_len + 9;
1696 /* Now calculate the checksum and tack it on. */
1697 smi_msg->data[i+smi_msg->data_size]
1698 = ipmb_checksum(&smi_msg->data[i + 6], smi_msg->data_size - 6);
1701 * Add on the checksum size and the offset from the
1704 smi_msg->data_size += 1 + i;
1706 smi_msg->msgid = msgid;
1709 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1710 struct kernel_ipmi_msg *msg,
1711 struct ipmi_lan_addr *lan_addr,
1713 unsigned char ipmb_seq,
1714 unsigned char source_lun)
1716 /* Format the IPMB header data. */
1717 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1718 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1719 smi_msg->data[2] = lan_addr->channel;
1720 smi_msg->data[3] = lan_addr->session_handle;
1721 smi_msg->data[4] = lan_addr->remote_SWID;
1722 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1723 smi_msg->data[6] = ipmb_checksum(&smi_msg->data[4], 2);
1724 smi_msg->data[7] = lan_addr->local_SWID;
1725 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1726 smi_msg->data[9] = msg->cmd;
1728 /* Now tack on the data to the message. */
1729 if (msg->data_len > 0)
1730 memcpy(&smi_msg->data[10], msg->data, msg->data_len);
1731 smi_msg->data_size = msg->data_len + 10;
1733 /* Now calculate the checksum and tack it on. */
1734 smi_msg->data[smi_msg->data_size]
1735 = ipmb_checksum(&smi_msg->data[7], smi_msg->data_size - 7);
1738 * Add on the checksum size and the offset from the
1741 smi_msg->data_size += 1;
1743 smi_msg->msgid = msgid;
1746 static struct ipmi_smi_msg *smi_add_send_msg(struct ipmi_smi *intf,
1747 struct ipmi_smi_msg *smi_msg,
1750 if (intf->curr_msg) {
1752 list_add_tail(&smi_msg->link, &intf->hp_xmit_msgs);
1754 list_add_tail(&smi_msg->link, &intf->xmit_msgs);
1757 intf->curr_msg = smi_msg;
1764 static void smi_send(struct ipmi_smi *intf,
1765 const struct ipmi_smi_handlers *handlers,
1766 struct ipmi_smi_msg *smi_msg, int priority)
1768 int run_to_completion = intf->run_to_completion;
1770 if (run_to_completion) {
1771 smi_msg = smi_add_send_msg(intf, smi_msg, priority);
1773 unsigned long flags;
1775 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
1776 smi_msg = smi_add_send_msg(intf, smi_msg, priority);
1777 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
1781 handlers->sender(intf->send_info, smi_msg);
1784 static bool is_maintenance_mode_cmd(struct kernel_ipmi_msg *msg)
1786 return (((msg->netfn == IPMI_NETFN_APP_REQUEST)
1787 && ((msg->cmd == IPMI_COLD_RESET_CMD)
1788 || (msg->cmd == IPMI_WARM_RESET_CMD)))
1789 || (msg->netfn == IPMI_NETFN_FIRMWARE_REQUEST));
1792 static int i_ipmi_req_sysintf(struct ipmi_smi *intf,
1793 struct ipmi_addr *addr,
1795 struct kernel_ipmi_msg *msg,
1796 struct ipmi_smi_msg *smi_msg,
1797 struct ipmi_recv_msg *recv_msg,
1799 unsigned int retry_time_ms)
1801 struct ipmi_system_interface_addr *smi_addr;
1804 /* Responses are not allowed to the SMI. */
1807 smi_addr = (struct ipmi_system_interface_addr *) addr;
1808 if (smi_addr->lun > 3) {
1809 ipmi_inc_stat(intf, sent_invalid_commands);
1813 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1815 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1816 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1817 || (msg->cmd == IPMI_GET_MSG_CMD)
1818 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD))) {
1820 * We don't let the user do these, since we manage
1821 * the sequence numbers.
1823 ipmi_inc_stat(intf, sent_invalid_commands);
1827 if (is_maintenance_mode_cmd(msg)) {
1828 unsigned long flags;
1830 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
1831 intf->auto_maintenance_timeout
1832 = maintenance_mode_timeout_ms;
1833 if (!intf->maintenance_mode
1834 && !intf->maintenance_mode_enable) {
1835 intf->maintenance_mode_enable = true;
1836 maintenance_mode_update(intf);
1838 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
1842 if (msg->data_len + 2 > IPMI_MAX_MSG_LENGTH) {
1843 ipmi_inc_stat(intf, sent_invalid_commands);
1847 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1848 smi_msg->data[1] = msg->cmd;
1849 smi_msg->msgid = msgid;
1850 smi_msg->user_data = recv_msg;
1851 if (msg->data_len > 0)
1852 memcpy(&smi_msg->data[2], msg->data, msg->data_len);
1853 smi_msg->data_size = msg->data_len + 2;
1854 ipmi_inc_stat(intf, sent_local_commands);
1859 static int i_ipmi_req_ipmb(struct ipmi_smi *intf,
1860 struct ipmi_addr *addr,
1862 struct kernel_ipmi_msg *msg,
1863 struct ipmi_smi_msg *smi_msg,
1864 struct ipmi_recv_msg *recv_msg,
1865 unsigned char source_address,
1866 unsigned char source_lun,
1868 unsigned int retry_time_ms)
1870 struct ipmi_ipmb_addr *ipmb_addr;
1871 unsigned char ipmb_seq;
1874 struct ipmi_channel *chans;
1877 if (addr->channel >= IPMI_MAX_CHANNELS) {
1878 ipmi_inc_stat(intf, sent_invalid_commands);
1882 chans = READ_ONCE(intf->channel_list)->c;
1884 if (chans[addr->channel].medium != IPMI_CHANNEL_MEDIUM_IPMB) {
1885 ipmi_inc_stat(intf, sent_invalid_commands);
1889 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1891 * Broadcasts add a zero at the beginning of the
1892 * message, but otherwise is the same as an IPMB
1895 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1897 retries = 0; /* Don't retry broadcasts. */
1901 * 9 for the header and 1 for the checksum, plus
1902 * possibly one for the broadcast.
1904 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1905 ipmi_inc_stat(intf, sent_invalid_commands);
1909 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1910 if (ipmb_addr->lun > 3) {
1911 ipmi_inc_stat(intf, sent_invalid_commands);
1915 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1917 if (recv_msg->msg.netfn & 0x1) {
1919 * It's a response, so use the user's sequence
1922 ipmi_inc_stat(intf, sent_ipmb_responses);
1923 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1925 source_address, source_lun);
1928 * Save the receive message so we can use it
1929 * to deliver the response.
1931 smi_msg->user_data = recv_msg;
1933 /* It's a command, so get a sequence for it. */
1934 unsigned long flags;
1936 spin_lock_irqsave(&intf->seq_lock, flags);
1938 if (is_maintenance_mode_cmd(msg))
1939 intf->ipmb_maintenance_mode_timeout =
1940 maintenance_mode_timeout_ms;
1942 if (intf->ipmb_maintenance_mode_timeout && retry_time_ms == 0)
1943 /* Different default in maintenance mode */
1944 retry_time_ms = default_maintenance_retry_ms;
1947 * Create a sequence number with a 1 second
1948 * timeout and 4 retries.
1950 rv = intf_next_seq(intf,
1959 * We have used up all the sequence numbers,
1960 * probably, so abort.
1964 ipmi_inc_stat(intf, sent_ipmb_commands);
1967 * Store the sequence number in the message,
1968 * so that when the send message response
1969 * comes back we can start the timer.
1971 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1972 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1973 ipmb_seq, broadcast,
1974 source_address, source_lun);
1977 * Copy the message into the recv message data, so we
1978 * can retransmit it later if necessary.
1980 memcpy(recv_msg->msg_data, smi_msg->data,
1981 smi_msg->data_size);
1982 recv_msg->msg.data = recv_msg->msg_data;
1983 recv_msg->msg.data_len = smi_msg->data_size;
1986 * We don't unlock until here, because we need
1987 * to copy the completed message into the
1988 * recv_msg before we release the lock.
1989 * Otherwise, race conditions may bite us. I
1990 * know that's pretty paranoid, but I prefer
1994 spin_unlock_irqrestore(&intf->seq_lock, flags);
2000 static int i_ipmi_req_lan(struct ipmi_smi *intf,
2001 struct ipmi_addr *addr,
2003 struct kernel_ipmi_msg *msg,
2004 struct ipmi_smi_msg *smi_msg,
2005 struct ipmi_recv_msg *recv_msg,
2006 unsigned char source_lun,
2008 unsigned int retry_time_ms)
2010 struct ipmi_lan_addr *lan_addr;
2011 unsigned char ipmb_seq;
2013 struct ipmi_channel *chans;
2016 if (addr->channel >= IPMI_MAX_CHANNELS) {
2017 ipmi_inc_stat(intf, sent_invalid_commands);
2021 chans = READ_ONCE(intf->channel_list)->c;
2023 if ((chans[addr->channel].medium
2024 != IPMI_CHANNEL_MEDIUM_8023LAN)
2025 && (chans[addr->channel].medium
2026 != IPMI_CHANNEL_MEDIUM_ASYNC)) {
2027 ipmi_inc_stat(intf, sent_invalid_commands);
2031 /* 11 for the header and 1 for the checksum. */
2032 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
2033 ipmi_inc_stat(intf, sent_invalid_commands);
2037 lan_addr = (struct ipmi_lan_addr *) addr;
2038 if (lan_addr->lun > 3) {
2039 ipmi_inc_stat(intf, sent_invalid_commands);
2043 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
2045 if (recv_msg->msg.netfn & 0x1) {
2047 * It's a response, so use the user's sequence
2050 ipmi_inc_stat(intf, sent_lan_responses);
2051 format_lan_msg(smi_msg, msg, lan_addr, msgid,
2055 * Save the receive message so we can use it
2056 * to deliver the response.
2058 smi_msg->user_data = recv_msg;
2060 /* It's a command, so get a sequence for it. */
2061 unsigned long flags;
2063 spin_lock_irqsave(&intf->seq_lock, flags);
2066 * Create a sequence number with a 1 second
2067 * timeout and 4 retries.
2069 rv = intf_next_seq(intf,
2078 * We have used up all the sequence numbers,
2079 * probably, so abort.
2083 ipmi_inc_stat(intf, sent_lan_commands);
2086 * Store the sequence number in the message,
2087 * so that when the send message response
2088 * comes back we can start the timer.
2090 format_lan_msg(smi_msg, msg, lan_addr,
2091 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
2092 ipmb_seq, source_lun);
2095 * Copy the message into the recv message data, so we
2096 * can retransmit it later if necessary.
2098 memcpy(recv_msg->msg_data, smi_msg->data,
2099 smi_msg->data_size);
2100 recv_msg->msg.data = recv_msg->msg_data;
2101 recv_msg->msg.data_len = smi_msg->data_size;
2104 * We don't unlock until here, because we need
2105 * to copy the completed message into the
2106 * recv_msg before we release the lock.
2107 * Otherwise, race conditions may bite us. I
2108 * know that's pretty paranoid, but I prefer
2112 spin_unlock_irqrestore(&intf->seq_lock, flags);
2119 * Separate from ipmi_request so that the user does not have to be
2120 * supplied in certain circumstances (mainly at panic time). If
2121 * messages are supplied, they will be freed, even if an error
2124 static int i_ipmi_request(struct ipmi_user *user,
2125 struct ipmi_smi *intf,
2126 struct ipmi_addr *addr,
2128 struct kernel_ipmi_msg *msg,
2129 void *user_msg_data,
2131 struct ipmi_recv_msg *supplied_recv,
2133 unsigned char source_address,
2134 unsigned char source_lun,
2136 unsigned int retry_time_ms)
2138 struct ipmi_smi_msg *smi_msg;
2139 struct ipmi_recv_msg *recv_msg;
2143 recv_msg = supplied_recv;
2145 recv_msg = ipmi_alloc_recv_msg();
2146 if (recv_msg == NULL) {
2151 recv_msg->user_msg_data = user_msg_data;
2154 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
2156 smi_msg = ipmi_alloc_smi_msg();
2157 if (smi_msg == NULL) {
2158 ipmi_free_recv_msg(recv_msg);
2165 if (intf->in_shutdown) {
2170 recv_msg->user = user;
2172 /* The put happens when the message is freed. */
2173 kref_get(&user->refcount);
2174 recv_msg->msgid = msgid;
2176 * Store the message to send in the receive message so timeout
2177 * responses can get the proper response data.
2179 recv_msg->msg = *msg;
2181 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
2182 rv = i_ipmi_req_sysintf(intf, addr, msgid, msg, smi_msg,
2183 recv_msg, retries, retry_time_ms);
2184 } else if (is_ipmb_addr(addr) || is_ipmb_bcast_addr(addr)) {
2185 rv = i_ipmi_req_ipmb(intf, addr, msgid, msg, smi_msg, recv_msg,
2186 source_address, source_lun,
2187 retries, retry_time_ms);
2188 } else if (is_lan_addr(addr)) {
2189 rv = i_ipmi_req_lan(intf, addr, msgid, msg, smi_msg, recv_msg,
2190 source_lun, retries, retry_time_ms);
2192 /* Unknown address type. */
2193 ipmi_inc_stat(intf, sent_invalid_commands);
2199 ipmi_free_smi_msg(smi_msg);
2200 ipmi_free_recv_msg(recv_msg);
2202 ipmi_debug_msg("Send", smi_msg->data, smi_msg->data_size);
2204 smi_send(intf, intf->handlers, smi_msg, priority);
2212 static int check_addr(struct ipmi_smi *intf,
2213 struct ipmi_addr *addr,
2214 unsigned char *saddr,
2217 if (addr->channel >= IPMI_MAX_CHANNELS)
2219 addr->channel = array_index_nospec(addr->channel, IPMI_MAX_CHANNELS);
2220 *lun = intf->addrinfo[addr->channel].lun;
2221 *saddr = intf->addrinfo[addr->channel].address;
2225 int ipmi_request_settime(struct ipmi_user *user,
2226 struct ipmi_addr *addr,
2228 struct kernel_ipmi_msg *msg,
2229 void *user_msg_data,
2232 unsigned int retry_time_ms)
2234 unsigned char saddr = 0, lun = 0;
2240 user = acquire_ipmi_user(user, &index);
2244 rv = check_addr(user->intf, addr, &saddr, &lun);
2246 rv = i_ipmi_request(user,
2259 release_ipmi_user(user, index);
2262 EXPORT_SYMBOL(ipmi_request_settime);
2264 int ipmi_request_supply_msgs(struct ipmi_user *user,
2265 struct ipmi_addr *addr,
2267 struct kernel_ipmi_msg *msg,
2268 void *user_msg_data,
2270 struct ipmi_recv_msg *supplied_recv,
2273 unsigned char saddr = 0, lun = 0;
2279 user = acquire_ipmi_user(user, &index);
2283 rv = check_addr(user->intf, addr, &saddr, &lun);
2285 rv = i_ipmi_request(user,
2298 release_ipmi_user(user, index);
2301 EXPORT_SYMBOL(ipmi_request_supply_msgs);
2303 static void bmc_device_id_handler(struct ipmi_smi *intf,
2304 struct ipmi_recv_msg *msg)
2308 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2309 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
2310 || (msg->msg.cmd != IPMI_GET_DEVICE_ID_CMD)) {
2311 dev_warn(intf->si_dev,
2312 PFX "invalid device_id msg: addr_type=%d netfn=%x cmd=%x\n",
2313 msg->addr.addr_type, msg->msg.netfn, msg->msg.cmd);
2317 rv = ipmi_demangle_device_id(msg->msg.netfn, msg->msg.cmd,
2318 msg->msg.data, msg->msg.data_len, &intf->bmc->fetch_id);
2320 dev_warn(intf->si_dev,
2321 PFX "device id demangle failed: %d\n", rv);
2322 intf->bmc->dyn_id_set = 0;
2325 * Make sure the id data is available before setting
2329 intf->bmc->dyn_id_set = 1;
2332 wake_up(&intf->waitq);
2336 send_get_device_id_cmd(struct ipmi_smi *intf)
2338 struct ipmi_system_interface_addr si;
2339 struct kernel_ipmi_msg msg;
2341 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2342 si.channel = IPMI_BMC_CHANNEL;
2345 msg.netfn = IPMI_NETFN_APP_REQUEST;
2346 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
2350 return i_ipmi_request(NULL,
2352 (struct ipmi_addr *) &si,
2359 intf->addrinfo[0].address,
2360 intf->addrinfo[0].lun,
2364 static int __get_device_id(struct ipmi_smi *intf, struct bmc_device *bmc)
2368 bmc->dyn_id_set = 2;
2370 intf->null_user_handler = bmc_device_id_handler;
2372 rv = send_get_device_id_cmd(intf);
2376 wait_event(intf->waitq, bmc->dyn_id_set != 2);
2378 if (!bmc->dyn_id_set)
2379 rv = -EIO; /* Something went wrong in the fetch. */
2381 /* dyn_id_set makes the id data available. */
2384 intf->null_user_handler = NULL;
2390 * Fetch the device id for the bmc/interface. You must pass in either
2391 * bmc or intf, this code will get the other one. If the data has
2392 * been recently fetched, this will just use the cached data. Otherwise
2393 * it will run a new fetch.
2395 * Except for the first time this is called (in ipmi_add_smi()),
2396 * this will always return good data;
2398 static int __bmc_get_device_id(struct ipmi_smi *intf, struct bmc_device *bmc,
2399 struct ipmi_device_id *id,
2400 bool *guid_set, guid_t *guid, int intf_num)
2403 int prev_dyn_id_set, prev_guid_set;
2404 bool intf_set = intf != NULL;
2407 mutex_lock(&bmc->dyn_mutex);
2409 if (list_empty(&bmc->intfs)) {
2410 mutex_unlock(&bmc->dyn_mutex);
2413 intf = list_first_entry(&bmc->intfs, struct ipmi_smi,
2415 kref_get(&intf->refcount);
2416 mutex_unlock(&bmc->dyn_mutex);
2417 mutex_lock(&intf->bmc_reg_mutex);
2418 mutex_lock(&bmc->dyn_mutex);
2419 if (intf != list_first_entry(&bmc->intfs, struct ipmi_smi,
2421 mutex_unlock(&intf->bmc_reg_mutex);
2422 kref_put(&intf->refcount, intf_free);
2423 goto retry_bmc_lock;
2426 mutex_lock(&intf->bmc_reg_mutex);
2428 mutex_lock(&bmc->dyn_mutex);
2429 kref_get(&intf->refcount);
2432 /* If we have a valid and current ID, just return that. */
2433 if (intf->in_bmc_register ||
2434 (bmc->dyn_id_set && time_is_after_jiffies(bmc->dyn_id_expiry)))
2435 goto out_noprocessing;
2437 prev_guid_set = bmc->dyn_guid_set;
2440 prev_dyn_id_set = bmc->dyn_id_set;
2441 rv = __get_device_id(intf, bmc);
2446 * The guid, device id, manufacturer id, and product id should
2447 * not change on a BMC. If it does we have to do some dancing.
2449 if (!intf->bmc_registered
2450 || (!prev_guid_set && bmc->dyn_guid_set)
2451 || (!prev_dyn_id_set && bmc->dyn_id_set)
2452 || (prev_guid_set && bmc->dyn_guid_set
2453 && !guid_equal(&bmc->guid, &bmc->fetch_guid))
2454 || bmc->id.device_id != bmc->fetch_id.device_id
2455 || bmc->id.manufacturer_id != bmc->fetch_id.manufacturer_id
2456 || bmc->id.product_id != bmc->fetch_id.product_id) {
2457 struct ipmi_device_id id = bmc->fetch_id;
2458 int guid_set = bmc->dyn_guid_set;
2461 guid = bmc->fetch_guid;
2462 mutex_unlock(&bmc->dyn_mutex);
2464 __ipmi_bmc_unregister(intf);
2465 /* Fill in the temporary BMC for good measure. */
2467 intf->bmc->dyn_guid_set = guid_set;
2468 intf->bmc->guid = guid;
2469 if (__ipmi_bmc_register(intf, &id, guid_set, &guid, intf_num))
2470 need_waiter(intf); /* Retry later on an error. */
2472 __scan_channels(intf, &id);
2477 * We weren't given the interface on the
2478 * command line, so restart the operation on
2479 * the next interface for the BMC.
2481 mutex_unlock(&intf->bmc_reg_mutex);
2482 mutex_lock(&bmc->dyn_mutex);
2483 goto retry_bmc_lock;
2486 /* We have a new BMC, set it up. */
2488 mutex_lock(&bmc->dyn_mutex);
2489 goto out_noprocessing;
2490 } else if (memcmp(&bmc->fetch_id, &bmc->id, sizeof(bmc->id)))
2491 /* Version info changes, scan the channels again. */
2492 __scan_channels(intf, &bmc->fetch_id);
2494 bmc->dyn_id_expiry = jiffies + IPMI_DYN_DEV_ID_EXPIRY;
2497 if (rv && prev_dyn_id_set) {
2498 rv = 0; /* Ignore failures if we have previous data. */
2499 bmc->dyn_id_set = prev_dyn_id_set;
2502 bmc->id = bmc->fetch_id;
2503 if (bmc->dyn_guid_set)
2504 bmc->guid = bmc->fetch_guid;
2505 else if (prev_guid_set)
2507 * The guid used to be valid and it failed to fetch,
2508 * just use the cached value.
2510 bmc->dyn_guid_set = prev_guid_set;
2518 *guid_set = bmc->dyn_guid_set;
2520 if (guid && bmc->dyn_guid_set)
2524 mutex_unlock(&bmc->dyn_mutex);
2525 mutex_unlock(&intf->bmc_reg_mutex);
2527 kref_put(&intf->refcount, intf_free);
2531 static int bmc_get_device_id(struct ipmi_smi *intf, struct bmc_device *bmc,
2532 struct ipmi_device_id *id,
2533 bool *guid_set, guid_t *guid)
2535 return __bmc_get_device_id(intf, bmc, id, guid_set, guid, -1);
2538 static ssize_t device_id_show(struct device *dev,
2539 struct device_attribute *attr,
2542 struct bmc_device *bmc = to_bmc_device(dev);
2543 struct ipmi_device_id id;
2546 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2550 return snprintf(buf, 10, "%u\n", id.device_id);
2552 static DEVICE_ATTR_RO(device_id);
2554 static ssize_t provides_device_sdrs_show(struct device *dev,
2555 struct device_attribute *attr,
2558 struct bmc_device *bmc = to_bmc_device(dev);
2559 struct ipmi_device_id id;
2562 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2566 return snprintf(buf, 10, "%u\n", (id.device_revision & 0x80) >> 7);
2568 static DEVICE_ATTR_RO(provides_device_sdrs);
2570 static ssize_t revision_show(struct device *dev, struct device_attribute *attr,
2573 struct bmc_device *bmc = to_bmc_device(dev);
2574 struct ipmi_device_id id;
2577 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2581 return snprintf(buf, 20, "%u\n", id.device_revision & 0x0F);
2583 static DEVICE_ATTR_RO(revision);
2585 static ssize_t firmware_revision_show(struct device *dev,
2586 struct device_attribute *attr,
2589 struct bmc_device *bmc = to_bmc_device(dev);
2590 struct ipmi_device_id id;
2593 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2597 return snprintf(buf, 20, "%u.%x\n", id.firmware_revision_1,
2598 id.firmware_revision_2);
2600 static DEVICE_ATTR_RO(firmware_revision);
2602 static ssize_t ipmi_version_show(struct device *dev,
2603 struct device_attribute *attr,
2606 struct bmc_device *bmc = to_bmc_device(dev);
2607 struct ipmi_device_id id;
2610 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2614 return snprintf(buf, 20, "%u.%u\n",
2615 ipmi_version_major(&id),
2616 ipmi_version_minor(&id));
2618 static DEVICE_ATTR_RO(ipmi_version);
2620 static ssize_t add_dev_support_show(struct device *dev,
2621 struct device_attribute *attr,
2624 struct bmc_device *bmc = to_bmc_device(dev);
2625 struct ipmi_device_id id;
2628 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2632 return snprintf(buf, 10, "0x%02x\n", id.additional_device_support);
2634 static DEVICE_ATTR(additional_device_support, S_IRUGO, add_dev_support_show,
2637 static ssize_t manufacturer_id_show(struct device *dev,
2638 struct device_attribute *attr,
2641 struct bmc_device *bmc = to_bmc_device(dev);
2642 struct ipmi_device_id id;
2645 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2649 return snprintf(buf, 20, "0x%6.6x\n", id.manufacturer_id);
2651 static DEVICE_ATTR_RO(manufacturer_id);
2653 static ssize_t product_id_show(struct device *dev,
2654 struct device_attribute *attr,
2657 struct bmc_device *bmc = to_bmc_device(dev);
2658 struct ipmi_device_id id;
2661 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2665 return snprintf(buf, 10, "0x%4.4x\n", id.product_id);
2667 static DEVICE_ATTR_RO(product_id);
2669 static ssize_t aux_firmware_rev_show(struct device *dev,
2670 struct device_attribute *attr,
2673 struct bmc_device *bmc = to_bmc_device(dev);
2674 struct ipmi_device_id id;
2677 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2681 return snprintf(buf, 21, "0x%02x 0x%02x 0x%02x 0x%02x\n",
2682 id.aux_firmware_revision[3],
2683 id.aux_firmware_revision[2],
2684 id.aux_firmware_revision[1],
2685 id.aux_firmware_revision[0]);
2687 static DEVICE_ATTR(aux_firmware_revision, S_IRUGO, aux_firmware_rev_show, NULL);
2689 static ssize_t guid_show(struct device *dev, struct device_attribute *attr,
2692 struct bmc_device *bmc = to_bmc_device(dev);
2697 rv = bmc_get_device_id(NULL, bmc, NULL, &guid_set, &guid);
2703 return snprintf(buf, 38, "%pUl\n", guid.b);
2705 static DEVICE_ATTR_RO(guid);
2707 static struct attribute *bmc_dev_attrs[] = {
2708 &dev_attr_device_id.attr,
2709 &dev_attr_provides_device_sdrs.attr,
2710 &dev_attr_revision.attr,
2711 &dev_attr_firmware_revision.attr,
2712 &dev_attr_ipmi_version.attr,
2713 &dev_attr_additional_device_support.attr,
2714 &dev_attr_manufacturer_id.attr,
2715 &dev_attr_product_id.attr,
2716 &dev_attr_aux_firmware_revision.attr,
2717 &dev_attr_guid.attr,
2721 static umode_t bmc_dev_attr_is_visible(struct kobject *kobj,
2722 struct attribute *attr, int idx)
2724 struct device *dev = kobj_to_dev(kobj);
2725 struct bmc_device *bmc = to_bmc_device(dev);
2726 umode_t mode = attr->mode;
2729 if (attr == &dev_attr_aux_firmware_revision.attr) {
2730 struct ipmi_device_id id;
2732 rv = bmc_get_device_id(NULL, bmc, &id, NULL, NULL);
2733 return (!rv && id.aux_firmware_revision_set) ? mode : 0;
2735 if (attr == &dev_attr_guid.attr) {
2738 rv = bmc_get_device_id(NULL, bmc, NULL, &guid_set, NULL);
2739 return (!rv && guid_set) ? mode : 0;
2744 static const struct attribute_group bmc_dev_attr_group = {
2745 .attrs = bmc_dev_attrs,
2746 .is_visible = bmc_dev_attr_is_visible,
2749 static const struct attribute_group *bmc_dev_attr_groups[] = {
2750 &bmc_dev_attr_group,
2754 static const struct device_type bmc_device_type = {
2755 .groups = bmc_dev_attr_groups,
2758 static int __find_bmc_guid(struct device *dev, void *data)
2760 guid_t *guid = data;
2761 struct bmc_device *bmc;
2764 if (dev->type != &bmc_device_type)
2767 bmc = to_bmc_device(dev);
2768 rv = bmc->dyn_guid_set && guid_equal(&bmc->guid, guid);
2770 rv = kref_get_unless_zero(&bmc->usecount);
2775 * Returns with the bmc's usecount incremented, if it is non-NULL.
2777 static struct bmc_device *ipmi_find_bmc_guid(struct device_driver *drv,
2781 struct bmc_device *bmc = NULL;
2783 dev = driver_find_device(drv, NULL, guid, __find_bmc_guid);
2785 bmc = to_bmc_device(dev);
2791 struct prod_dev_id {
2792 unsigned int product_id;
2793 unsigned char device_id;
2796 static int __find_bmc_prod_dev_id(struct device *dev, void *data)
2798 struct prod_dev_id *cid = data;
2799 struct bmc_device *bmc;
2802 if (dev->type != &bmc_device_type)
2805 bmc = to_bmc_device(dev);
2806 rv = (bmc->id.product_id == cid->product_id
2807 && bmc->id.device_id == cid->device_id);
2809 rv = kref_get_unless_zero(&bmc->usecount);
2814 * Returns with the bmc's usecount incremented, if it is non-NULL.
2816 static struct bmc_device *ipmi_find_bmc_prod_dev_id(
2817 struct device_driver *drv,
2818 unsigned int product_id, unsigned char device_id)
2820 struct prod_dev_id id = {
2821 .product_id = product_id,
2822 .device_id = device_id,
2825 struct bmc_device *bmc = NULL;
2827 dev = driver_find_device(drv, NULL, &id, __find_bmc_prod_dev_id);
2829 bmc = to_bmc_device(dev);
2835 static DEFINE_IDA(ipmi_bmc_ida);
2838 release_bmc_device(struct device *dev)
2840 kfree(to_bmc_device(dev));
2843 static void cleanup_bmc_work(struct work_struct *work)
2845 struct bmc_device *bmc = container_of(work, struct bmc_device,
2847 int id = bmc->pdev.id; /* Unregister overwrites id */
2849 platform_device_unregister(&bmc->pdev);
2850 ida_simple_remove(&ipmi_bmc_ida, id);
2854 cleanup_bmc_device(struct kref *ref)
2856 struct bmc_device *bmc = container_of(ref, struct bmc_device, usecount);
2859 * Remove the platform device in a work queue to avoid issues
2860 * with removing the device attributes while reading a device
2863 schedule_work(&bmc->remove_work);
2867 * Must be called with intf->bmc_reg_mutex held.
2869 static void __ipmi_bmc_unregister(struct ipmi_smi *intf)
2871 struct bmc_device *bmc = intf->bmc;
2873 if (!intf->bmc_registered)
2876 sysfs_remove_link(&intf->si_dev->kobj, "bmc");
2877 sysfs_remove_link(&bmc->pdev.dev.kobj, intf->my_dev_name);
2878 kfree(intf->my_dev_name);
2879 intf->my_dev_name = NULL;
2881 mutex_lock(&bmc->dyn_mutex);
2882 list_del(&intf->bmc_link);
2883 mutex_unlock(&bmc->dyn_mutex);
2884 intf->bmc = &intf->tmp_bmc;
2885 kref_put(&bmc->usecount, cleanup_bmc_device);
2886 intf->bmc_registered = false;
2889 static void ipmi_bmc_unregister(struct ipmi_smi *intf)
2891 mutex_lock(&intf->bmc_reg_mutex);
2892 __ipmi_bmc_unregister(intf);
2893 mutex_unlock(&intf->bmc_reg_mutex);
2897 * Must be called with intf->bmc_reg_mutex held.
2899 static int __ipmi_bmc_register(struct ipmi_smi *intf,
2900 struct ipmi_device_id *id,
2901 bool guid_set, guid_t *guid, int intf_num)
2904 struct bmc_device *bmc;
2905 struct bmc_device *old_bmc;
2908 * platform_device_register() can cause bmc_reg_mutex to
2909 * be claimed because of the is_visible functions of
2910 * the attributes. Eliminate possible recursion and
2913 intf->in_bmc_register = true;
2914 mutex_unlock(&intf->bmc_reg_mutex);
2917 * Try to find if there is an bmc_device struct
2918 * representing the interfaced BMC already
2920 mutex_lock(&ipmidriver_mutex);
2922 old_bmc = ipmi_find_bmc_guid(&ipmidriver.driver, guid);
2924 old_bmc = ipmi_find_bmc_prod_dev_id(&ipmidriver.driver,
2929 * If there is already an bmc_device, free the new one,
2930 * otherwise register the new BMC device
2935 * Note: old_bmc already has usecount incremented by
2936 * the BMC find functions.
2938 intf->bmc = old_bmc;
2939 mutex_lock(&bmc->dyn_mutex);
2940 list_add_tail(&intf->bmc_link, &bmc->intfs);
2941 mutex_unlock(&bmc->dyn_mutex);
2943 dev_info(intf->si_dev,
2944 "ipmi: interfacing existing BMC (man_id: 0x%6.6x,"
2945 " prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2946 bmc->id.manufacturer_id,
2950 bmc = kzalloc(sizeof(*bmc), GFP_KERNEL);
2955 INIT_LIST_HEAD(&bmc->intfs);
2956 mutex_init(&bmc->dyn_mutex);
2957 INIT_WORK(&bmc->remove_work, cleanup_bmc_work);
2960 bmc->dyn_id_set = 1;
2961 bmc->dyn_guid_set = guid_set;
2963 bmc->dyn_id_expiry = jiffies + IPMI_DYN_DEV_ID_EXPIRY;
2965 bmc->pdev.name = "ipmi_bmc";
2967 rv = ida_simple_get(&ipmi_bmc_ida, 0, 0, GFP_KERNEL);
2970 bmc->pdev.dev.driver = &ipmidriver.driver;
2972 bmc->pdev.dev.release = release_bmc_device;
2973 bmc->pdev.dev.type = &bmc_device_type;
2974 kref_init(&bmc->usecount);
2977 mutex_lock(&bmc->dyn_mutex);
2978 list_add_tail(&intf->bmc_link, &bmc->intfs);
2979 mutex_unlock(&bmc->dyn_mutex);
2981 rv = platform_device_register(&bmc->pdev);
2983 dev_err(intf->si_dev,
2984 PFX " Unable to register bmc device: %d\n",
2989 dev_info(intf->si_dev,
2990 "Found new BMC (man_id: 0x%6.6x, prod_id: 0x%4.4x, dev_id: 0x%2.2x)\n",
2991 bmc->id.manufacturer_id,
2997 * create symlink from system interface device to bmc device
3000 rv = sysfs_create_link(&intf->si_dev->kobj, &bmc->pdev.dev.kobj, "bmc");
3002 dev_err(intf->si_dev,
3003 PFX "Unable to create bmc symlink: %d\n", rv);
3008 intf_num = intf->intf_num;
3009 intf->my_dev_name = kasprintf(GFP_KERNEL, "ipmi%d", intf_num);
3010 if (!intf->my_dev_name) {
3012 dev_err(intf->si_dev,
3013 PFX "Unable to allocate link from BMC: %d\n", rv);
3017 rv = sysfs_create_link(&bmc->pdev.dev.kobj, &intf->si_dev->kobj,
3020 kfree(intf->my_dev_name);
3021 intf->my_dev_name = NULL;
3022 dev_err(intf->si_dev,
3023 PFX "Unable to create symlink to bmc: %d\n", rv);
3024 goto out_free_my_dev_name;
3027 intf->bmc_registered = true;
3030 mutex_unlock(&ipmidriver_mutex);
3031 mutex_lock(&intf->bmc_reg_mutex);
3032 intf->in_bmc_register = false;
3036 out_free_my_dev_name:
3037 kfree(intf->my_dev_name);
3038 intf->my_dev_name = NULL;
3041 sysfs_remove_link(&intf->si_dev->kobj, "bmc");
3044 mutex_lock(&bmc->dyn_mutex);
3045 list_del(&intf->bmc_link);
3046 mutex_unlock(&bmc->dyn_mutex);
3047 intf->bmc = &intf->tmp_bmc;
3048 kref_put(&bmc->usecount, cleanup_bmc_device);
3052 mutex_lock(&bmc->dyn_mutex);
3053 list_del(&intf->bmc_link);
3054 mutex_unlock(&bmc->dyn_mutex);
3055 intf->bmc = &intf->tmp_bmc;
3056 put_device(&bmc->pdev.dev);
3061 send_guid_cmd(struct ipmi_smi *intf, int chan)
3063 struct kernel_ipmi_msg msg;
3064 struct ipmi_system_interface_addr si;
3066 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3067 si.channel = IPMI_BMC_CHANNEL;
3070 msg.netfn = IPMI_NETFN_APP_REQUEST;
3071 msg.cmd = IPMI_GET_DEVICE_GUID_CMD;
3074 return i_ipmi_request(NULL,
3076 (struct ipmi_addr *) &si,
3083 intf->addrinfo[0].address,
3084 intf->addrinfo[0].lun,
3088 static void guid_handler(struct ipmi_smi *intf, struct ipmi_recv_msg *msg)
3090 struct bmc_device *bmc = intf->bmc;
3092 if ((msg->addr.addr_type != IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
3093 || (msg->msg.netfn != IPMI_NETFN_APP_RESPONSE)
3094 || (msg->msg.cmd != IPMI_GET_DEVICE_GUID_CMD))
3098 if (msg->msg.data[0] != 0) {
3099 /* Error from getting the GUID, the BMC doesn't have one. */
3100 bmc->dyn_guid_set = 0;
3104 if (msg->msg.data_len < 17) {
3105 bmc->dyn_guid_set = 0;
3106 dev_warn(intf->si_dev,
3107 PFX "The GUID response from the BMC was too short, it was %d but should have been 17. Assuming GUID is not available.\n",
3112 memcpy(bmc->fetch_guid.b, msg->msg.data + 1, 16);
3114 * Make sure the guid data is available before setting
3118 bmc->dyn_guid_set = 1;
3120 wake_up(&intf->waitq);
3123 static void __get_guid(struct ipmi_smi *intf)
3126 struct bmc_device *bmc = intf->bmc;
3128 bmc->dyn_guid_set = 2;
3129 intf->null_user_handler = guid_handler;
3130 rv = send_guid_cmd(intf, 0);
3132 /* Send failed, no GUID available. */
3133 bmc->dyn_guid_set = 0;
3135 wait_event(intf->waitq, bmc->dyn_guid_set != 2);
3137 /* dyn_guid_set makes the guid data available. */
3140 intf->null_user_handler = NULL;
3144 send_channel_info_cmd(struct ipmi_smi *intf, int chan)
3146 struct kernel_ipmi_msg msg;
3147 unsigned char data[1];
3148 struct ipmi_system_interface_addr si;
3150 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3151 si.channel = IPMI_BMC_CHANNEL;
3154 msg.netfn = IPMI_NETFN_APP_REQUEST;
3155 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
3159 return i_ipmi_request(NULL,
3161 (struct ipmi_addr *) &si,
3168 intf->addrinfo[0].address,
3169 intf->addrinfo[0].lun,
3174 channel_handler(struct ipmi_smi *intf, struct ipmi_recv_msg *msg)
3178 unsigned int set = intf->curr_working_cset;
3179 struct ipmi_channel *chans;
3181 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
3182 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
3183 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD)) {
3184 /* It's the one we want */
3185 if (msg->msg.data[0] != 0) {
3186 /* Got an error from the channel, just go on. */
3188 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
3190 * If the MC does not support this
3191 * command, that is legal. We just
3192 * assume it has one IPMB at channel
3195 intf->wchannels[set].c[0].medium
3196 = IPMI_CHANNEL_MEDIUM_IPMB;
3197 intf->wchannels[set].c[0].protocol
3198 = IPMI_CHANNEL_PROTOCOL_IPMB;
3200 intf->channel_list = intf->wchannels + set;
3201 intf->channels_ready = true;
3202 wake_up(&intf->waitq);
3207 if (msg->msg.data_len < 4) {
3208 /* Message not big enough, just go on. */
3211 ch = intf->curr_channel;
3212 chans = intf->wchannels[set].c;
3213 chans[ch].medium = msg->msg.data[2] & 0x7f;
3214 chans[ch].protocol = msg->msg.data[3] & 0x1f;
3217 intf->curr_channel++;
3218 if (intf->curr_channel >= IPMI_MAX_CHANNELS) {
3219 intf->channel_list = intf->wchannels + set;
3220 intf->channels_ready = true;
3221 wake_up(&intf->waitq);
3223 intf->channel_list = intf->wchannels + set;
3224 intf->channels_ready = true;
3225 rv = send_channel_info_cmd(intf, intf->curr_channel);
3229 /* Got an error somehow, just give up. */
3230 dev_warn(intf->si_dev,
3231 PFX "Error sending channel information for channel %d: %d\n",
3232 intf->curr_channel, rv);
3234 intf->channel_list = intf->wchannels + set;
3235 intf->channels_ready = true;
3236 wake_up(&intf->waitq);
3244 * Must be holding intf->bmc_reg_mutex to call this.
3246 static int __scan_channels(struct ipmi_smi *intf, struct ipmi_device_id *id)
3250 if (ipmi_version_major(id) > 1
3251 || (ipmi_version_major(id) == 1
3252 && ipmi_version_minor(id) >= 5)) {
3256 * Start scanning the channels to see what is
3259 set = !intf->curr_working_cset;
3260 intf->curr_working_cset = set;
3261 memset(&intf->wchannels[set], 0,
3262 sizeof(struct ipmi_channel_set));
3264 intf->null_user_handler = channel_handler;
3265 intf->curr_channel = 0;
3266 rv = send_channel_info_cmd(intf, 0);
3268 dev_warn(intf->si_dev,
3269 "Error sending channel information for channel 0, %d\n",
3274 /* Wait for the channel info to be read. */
3275 wait_event(intf->waitq, intf->channels_ready);
3276 intf->null_user_handler = NULL;
3278 unsigned int set = intf->curr_working_cset;
3280 /* Assume a single IPMB channel at zero. */
3281 intf->wchannels[set].c[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
3282 intf->wchannels[set].c[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
3283 intf->channel_list = intf->wchannels + set;
3284 intf->channels_ready = true;
3290 static void ipmi_poll(struct ipmi_smi *intf)
3292 if (intf->handlers->poll)
3293 intf->handlers->poll(intf->send_info);
3294 /* In case something came in */
3295 handle_new_recv_msgs(intf);
3298 void ipmi_poll_interface(struct ipmi_user *user)
3300 ipmi_poll(user->intf);
3302 EXPORT_SYMBOL(ipmi_poll_interface);
3304 static void redo_bmc_reg(struct work_struct *work)
3306 struct ipmi_smi *intf = container_of(work, struct ipmi_smi,
3309 if (!intf->in_shutdown)
3310 bmc_get_device_id(intf, NULL, NULL, NULL, NULL);
3312 kref_put(&intf->refcount, intf_free);
3315 int ipmi_add_smi(struct module *owner,
3316 const struct ipmi_smi_handlers *handlers,
3318 struct device *si_dev,
3319 unsigned char slave_addr)
3323 struct ipmi_smi *intf, *tintf;
3324 struct list_head *link;
3325 struct ipmi_device_id id;
3328 * Make sure the driver is actually initialized, this handles
3329 * problems with initialization order.
3331 rv = ipmi_init_msghandler();
3335 intf = kzalloc(sizeof(*intf), GFP_KERNEL);
3339 rv = init_srcu_struct(&intf->users_srcu);
3345 intf->owner = owner;
3346 intf->bmc = &intf->tmp_bmc;
3347 INIT_LIST_HEAD(&intf->bmc->intfs);
3348 mutex_init(&intf->bmc->dyn_mutex);
3349 INIT_LIST_HEAD(&intf->bmc_link);
3350 mutex_init(&intf->bmc_reg_mutex);
3351 intf->intf_num = -1; /* Mark it invalid for now. */
3352 kref_init(&intf->refcount);
3353 INIT_WORK(&intf->bmc_reg_work, redo_bmc_reg);
3354 intf->si_dev = si_dev;
3355 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
3356 intf->addrinfo[j].address = IPMI_BMC_SLAVE_ADDR;
3357 intf->addrinfo[j].lun = 2;
3359 if (slave_addr != 0)
3360 intf->addrinfo[0].address = slave_addr;
3361 INIT_LIST_HEAD(&intf->users);
3362 intf->handlers = handlers;
3363 intf->send_info = send_info;
3364 spin_lock_init(&intf->seq_lock);
3365 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
3366 intf->seq_table[j].inuse = 0;
3367 intf->seq_table[j].seqid = 0;
3370 spin_lock_init(&intf->waiting_rcv_msgs_lock);
3371 INIT_LIST_HEAD(&intf->waiting_rcv_msgs);
3372 tasklet_init(&intf->recv_tasklet,
3374 (unsigned long) intf);
3375 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 0);
3376 spin_lock_init(&intf->xmit_msgs_lock);
3377 INIT_LIST_HEAD(&intf->xmit_msgs);
3378 INIT_LIST_HEAD(&intf->hp_xmit_msgs);
3379 spin_lock_init(&intf->events_lock);
3380 atomic_set(&intf->event_waiters, 0);
3381 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
3382 INIT_LIST_HEAD(&intf->waiting_events);
3383 intf->waiting_events_count = 0;
3384 mutex_init(&intf->cmd_rcvrs_mutex);
3385 spin_lock_init(&intf->maintenance_mode_lock);
3386 INIT_LIST_HEAD(&intf->cmd_rcvrs);
3387 init_waitqueue_head(&intf->waitq);
3388 for (i = 0; i < IPMI_NUM_STATS; i++)
3389 atomic_set(&intf->stats[i], 0);
3391 mutex_lock(&ipmi_interfaces_mutex);
3392 /* Look for a hole in the numbers. */
3394 link = &ipmi_interfaces;
3395 list_for_each_entry_rcu(tintf, &ipmi_interfaces, link) {
3396 if (tintf->intf_num != i) {
3397 link = &tintf->link;
3402 /* Add the new interface in numeric order. */
3404 list_add_rcu(&intf->link, &ipmi_interfaces);
3406 list_add_tail_rcu(&intf->link, link);
3408 rv = handlers->start_processing(send_info, intf);
3412 rv = __bmc_get_device_id(intf, NULL, &id, NULL, NULL, i);
3414 dev_err(si_dev, "Unable to get the device id: %d\n", rv);
3415 goto out_err_started;
3418 mutex_lock(&intf->bmc_reg_mutex);
3419 rv = __scan_channels(intf, &id);
3420 mutex_unlock(&intf->bmc_reg_mutex);
3422 goto out_err_bmc_reg;
3425 * Keep memory order straight for RCU readers. Make
3426 * sure everything else is committed to memory before
3427 * setting intf_num to mark the interface valid.
3431 mutex_unlock(&ipmi_interfaces_mutex);
3433 /* After this point the interface is legal to use. */
3434 call_smi_watchers(i, intf->si_dev);
3439 ipmi_bmc_unregister(intf);
3441 if (intf->handlers->shutdown)
3442 intf->handlers->shutdown(intf->send_info);
3444 list_del_rcu(&intf->link);
3445 mutex_unlock(&ipmi_interfaces_mutex);
3446 synchronize_srcu(&ipmi_interfaces_srcu);
3447 cleanup_srcu_struct(&intf->users_srcu);
3448 kref_put(&intf->refcount, intf_free);
3452 EXPORT_SYMBOL(ipmi_add_smi);
3454 static void deliver_smi_err_response(struct ipmi_smi *intf,
3455 struct ipmi_smi_msg *msg,
3458 msg->rsp[0] = msg->data[0] | 4;
3459 msg->rsp[1] = msg->data[1];
3462 /* It's an error, so it will never requeue, no need to check return. */
3463 handle_one_recv_msg(intf, msg);
3466 static void cleanup_smi_msgs(struct ipmi_smi *intf)
3469 struct seq_table *ent;
3470 struct ipmi_smi_msg *msg;
3471 struct list_head *entry;
3472 struct list_head tmplist;
3474 /* Clear out our transmit queues and hold the messages. */
3475 INIT_LIST_HEAD(&tmplist);
3476 list_splice_tail(&intf->hp_xmit_msgs, &tmplist);
3477 list_splice_tail(&intf->xmit_msgs, &tmplist);
3479 /* Current message first, to preserve order */
3480 while (intf->curr_msg && !list_empty(&intf->waiting_rcv_msgs)) {
3481 /* Wait for the message to clear out. */
3482 schedule_timeout(1);
3485 /* No need for locks, the interface is down. */
3488 * Return errors for all pending messages in queue and in the
3489 * tables waiting for remote responses.
3491 while (!list_empty(&tmplist)) {
3492 entry = tmplist.next;
3494 msg = list_entry(entry, struct ipmi_smi_msg, link);
3495 deliver_smi_err_response(intf, msg, IPMI_ERR_UNSPECIFIED);
3498 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
3499 ent = &intf->seq_table[i];
3502 deliver_err_response(intf, ent->recv_msg, IPMI_ERR_UNSPECIFIED);
3506 void ipmi_unregister_smi(struct ipmi_smi *intf)
3508 struct ipmi_smi_watcher *w;
3509 int intf_num = intf->intf_num, index;
3511 mutex_lock(&ipmi_interfaces_mutex);
3512 intf->intf_num = -1;
3513 intf->in_shutdown = true;
3514 list_del_rcu(&intf->link);
3515 mutex_unlock(&ipmi_interfaces_mutex);
3516 synchronize_srcu(&ipmi_interfaces_srcu);
3518 /* At this point no users can be added to the interface. */
3521 * Call all the watcher interfaces to tell them that
3522 * an interface is going away.
3524 mutex_lock(&smi_watchers_mutex);
3525 list_for_each_entry(w, &smi_watchers, link)
3526 w->smi_gone(intf_num);
3527 mutex_unlock(&smi_watchers_mutex);
3529 index = srcu_read_lock(&intf->users_srcu);
3530 while (!list_empty(&intf->users)) {
3531 struct ipmi_user *user =
3532 container_of(list_next_rcu(&intf->users),
3533 struct ipmi_user, link);
3535 _ipmi_destroy_user(user);
3537 srcu_read_unlock(&intf->users_srcu, index);
3539 if (intf->handlers->shutdown)
3540 intf->handlers->shutdown(intf->send_info);
3542 cleanup_smi_msgs(intf);
3544 ipmi_bmc_unregister(intf);
3546 cleanup_srcu_struct(&intf->users_srcu);
3547 kref_put(&intf->refcount, intf_free);
3549 EXPORT_SYMBOL(ipmi_unregister_smi);
3551 static int handle_ipmb_get_msg_rsp(struct ipmi_smi *intf,
3552 struct ipmi_smi_msg *msg)
3554 struct ipmi_ipmb_addr ipmb_addr;
3555 struct ipmi_recv_msg *recv_msg;
3558 * This is 11, not 10, because the response must contain a
3561 if (msg->rsp_size < 11) {
3562 /* Message not big enough, just ignore it. */
3563 ipmi_inc_stat(intf, invalid_ipmb_responses);
3567 if (msg->rsp[2] != 0) {
3568 /* An error getting the response, just ignore it. */
3572 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
3573 ipmb_addr.slave_addr = msg->rsp[6];
3574 ipmb_addr.channel = msg->rsp[3] & 0x0f;
3575 ipmb_addr.lun = msg->rsp[7] & 3;
3578 * It's a response from a remote entity. Look up the sequence
3579 * number and handle the response.
3581 if (intf_find_seq(intf,
3585 (msg->rsp[4] >> 2) & (~1),
3586 (struct ipmi_addr *) &ipmb_addr,
3589 * We were unable to find the sequence number,
3590 * so just nuke the message.
3592 ipmi_inc_stat(intf, unhandled_ipmb_responses);
3596 memcpy(recv_msg->msg_data, &msg->rsp[9], msg->rsp_size - 9);
3598 * The other fields matched, so no need to set them, except
3599 * for netfn, which needs to be the response that was
3600 * returned, not the request value.
3602 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3603 recv_msg->msg.data = recv_msg->msg_data;
3604 recv_msg->msg.data_len = msg->rsp_size - 10;
3605 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3606 if (deliver_response(intf, recv_msg))
3607 ipmi_inc_stat(intf, unhandled_ipmb_responses);
3609 ipmi_inc_stat(intf, handled_ipmb_responses);
3614 static int handle_ipmb_get_msg_cmd(struct ipmi_smi *intf,
3615 struct ipmi_smi_msg *msg)
3617 struct cmd_rcvr *rcvr;
3619 unsigned char netfn;
3622 struct ipmi_user *user = NULL;
3623 struct ipmi_ipmb_addr *ipmb_addr;
3624 struct ipmi_recv_msg *recv_msg;
3626 if (msg->rsp_size < 10) {
3627 /* Message not big enough, just ignore it. */
3628 ipmi_inc_stat(intf, invalid_commands);
3632 if (msg->rsp[2] != 0) {
3633 /* An error getting the response, just ignore it. */
3637 netfn = msg->rsp[4] >> 2;
3639 chan = msg->rsp[3] & 0xf;
3642 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3645 kref_get(&user->refcount);
3651 /* We didn't find a user, deliver an error response. */
3652 ipmi_inc_stat(intf, unhandled_commands);
3654 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
3655 msg->data[1] = IPMI_SEND_MSG_CMD;
3656 msg->data[2] = msg->rsp[3];
3657 msg->data[3] = msg->rsp[6];
3658 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
3659 msg->data[5] = ipmb_checksum(&msg->data[3], 2);
3660 msg->data[6] = intf->addrinfo[msg->rsp[3] & 0xf].address;
3662 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
3663 msg->data[8] = msg->rsp[8]; /* cmd */
3664 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
3665 msg->data[10] = ipmb_checksum(&msg->data[6], 4);
3666 msg->data_size = 11;
3668 ipmi_debug_msg("Invalid command:", msg->data, msg->data_size);
3671 if (!intf->in_shutdown) {
3672 smi_send(intf, intf->handlers, msg, 0);
3674 * We used the message, so return the value
3675 * that causes it to not be freed or
3682 recv_msg = ipmi_alloc_recv_msg();
3685 * We couldn't allocate memory for the
3686 * message, so requeue it for handling
3690 kref_put(&user->refcount, free_user);
3692 /* Extract the source address from the data. */
3693 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
3694 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
3695 ipmb_addr->slave_addr = msg->rsp[6];
3696 ipmb_addr->lun = msg->rsp[7] & 3;
3697 ipmb_addr->channel = msg->rsp[3] & 0xf;
3700 * Extract the rest of the message information
3701 * from the IPMB header.
3703 recv_msg->user = user;
3704 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3705 recv_msg->msgid = msg->rsp[7] >> 2;
3706 recv_msg->msg.netfn = msg->rsp[4] >> 2;
3707 recv_msg->msg.cmd = msg->rsp[8];
3708 recv_msg->msg.data = recv_msg->msg_data;
3711 * We chop off 10, not 9 bytes because the checksum
3712 * at the end also needs to be removed.
3714 recv_msg->msg.data_len = msg->rsp_size - 10;
3715 memcpy(recv_msg->msg_data, &msg->rsp[9],
3716 msg->rsp_size - 10);
3717 if (deliver_response(intf, recv_msg))
3718 ipmi_inc_stat(intf, unhandled_commands);
3720 ipmi_inc_stat(intf, handled_commands);
3727 static int handle_lan_get_msg_rsp(struct ipmi_smi *intf,
3728 struct ipmi_smi_msg *msg)
3730 struct ipmi_lan_addr lan_addr;
3731 struct ipmi_recv_msg *recv_msg;
3735 * This is 13, not 12, because the response must contain a
3738 if (msg->rsp_size < 13) {
3739 /* Message not big enough, just ignore it. */
3740 ipmi_inc_stat(intf, invalid_lan_responses);
3744 if (msg->rsp[2] != 0) {
3745 /* An error getting the response, just ignore it. */
3749 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
3750 lan_addr.session_handle = msg->rsp[4];
3751 lan_addr.remote_SWID = msg->rsp[8];
3752 lan_addr.local_SWID = msg->rsp[5];
3753 lan_addr.channel = msg->rsp[3] & 0x0f;
3754 lan_addr.privilege = msg->rsp[3] >> 4;
3755 lan_addr.lun = msg->rsp[9] & 3;
3758 * It's a response from a remote entity. Look up the sequence
3759 * number and handle the response.
3761 if (intf_find_seq(intf,
3765 (msg->rsp[6] >> 2) & (~1),
3766 (struct ipmi_addr *) &lan_addr,
3769 * We were unable to find the sequence number,
3770 * so just nuke the message.
3772 ipmi_inc_stat(intf, unhandled_lan_responses);
3776 memcpy(recv_msg->msg_data, &msg->rsp[11], msg->rsp_size - 11);
3778 * The other fields matched, so no need to set them, except
3779 * for netfn, which needs to be the response that was
3780 * returned, not the request value.
3782 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3783 recv_msg->msg.data = recv_msg->msg_data;
3784 recv_msg->msg.data_len = msg->rsp_size - 12;
3785 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
3786 if (deliver_response(intf, recv_msg))
3787 ipmi_inc_stat(intf, unhandled_lan_responses);
3789 ipmi_inc_stat(intf, handled_lan_responses);
3794 static int handle_lan_get_msg_cmd(struct ipmi_smi *intf,
3795 struct ipmi_smi_msg *msg)
3797 struct cmd_rcvr *rcvr;
3799 unsigned char netfn;
3802 struct ipmi_user *user = NULL;
3803 struct ipmi_lan_addr *lan_addr;
3804 struct ipmi_recv_msg *recv_msg;
3806 if (msg->rsp_size < 12) {
3807 /* Message not big enough, just ignore it. */
3808 ipmi_inc_stat(intf, invalid_commands);
3812 if (msg->rsp[2] != 0) {
3813 /* An error getting the response, just ignore it. */
3817 netfn = msg->rsp[6] >> 2;
3819 chan = msg->rsp[3] & 0xf;
3822 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3825 kref_get(&user->refcount);
3831 /* We didn't find a user, just give up. */
3832 ipmi_inc_stat(intf, unhandled_commands);
3835 * Don't do anything with these messages, just allow
3840 recv_msg = ipmi_alloc_recv_msg();
3843 * We couldn't allocate memory for the
3844 * message, so requeue it for handling later.
3847 kref_put(&user->refcount, free_user);
3849 /* Extract the source address from the data. */
3850 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
3851 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
3852 lan_addr->session_handle = msg->rsp[4];
3853 lan_addr->remote_SWID = msg->rsp[8];
3854 lan_addr->local_SWID = msg->rsp[5];
3855 lan_addr->lun = msg->rsp[9] & 3;
3856 lan_addr->channel = msg->rsp[3] & 0xf;
3857 lan_addr->privilege = msg->rsp[3] >> 4;
3860 * Extract the rest of the message information
3861 * from the IPMB header.
3863 recv_msg->user = user;
3864 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
3865 recv_msg->msgid = msg->rsp[9] >> 2;
3866 recv_msg->msg.netfn = msg->rsp[6] >> 2;
3867 recv_msg->msg.cmd = msg->rsp[10];
3868 recv_msg->msg.data = recv_msg->msg_data;
3871 * We chop off 12, not 11 bytes because the checksum
3872 * at the end also needs to be removed.
3874 recv_msg->msg.data_len = msg->rsp_size - 12;
3875 memcpy(recv_msg->msg_data, &msg->rsp[11],
3876 msg->rsp_size - 12);
3877 if (deliver_response(intf, recv_msg))
3878 ipmi_inc_stat(intf, unhandled_commands);
3880 ipmi_inc_stat(intf, handled_commands);
3888 * This routine will handle "Get Message" command responses with
3889 * channels that use an OEM Medium. The message format belongs to
3890 * the OEM. See IPMI 2.0 specification, Chapter 6 and
3891 * Chapter 22, sections 22.6 and 22.24 for more details.
3893 static int handle_oem_get_msg_cmd(struct ipmi_smi *intf,
3894 struct ipmi_smi_msg *msg)
3896 struct cmd_rcvr *rcvr;
3898 unsigned char netfn;
3901 struct ipmi_user *user = NULL;
3902 struct ipmi_system_interface_addr *smi_addr;
3903 struct ipmi_recv_msg *recv_msg;
3906 * We expect the OEM SW to perform error checking
3907 * so we just do some basic sanity checks
3909 if (msg->rsp_size < 4) {
3910 /* Message not big enough, just ignore it. */
3911 ipmi_inc_stat(intf, invalid_commands);
3915 if (msg->rsp[2] != 0) {
3916 /* An error getting the response, just ignore it. */
3921 * This is an OEM Message so the OEM needs to know how
3922 * handle the message. We do no interpretation.
3924 netfn = msg->rsp[0] >> 2;
3926 chan = msg->rsp[3] & 0xf;
3929 rcvr = find_cmd_rcvr(intf, netfn, cmd, chan);
3932 kref_get(&user->refcount);
3938 /* We didn't find a user, just give up. */
3939 ipmi_inc_stat(intf, unhandled_commands);
3942 * Don't do anything with these messages, just allow
3948 recv_msg = ipmi_alloc_recv_msg();
3951 * We couldn't allocate memory for the
3952 * message, so requeue it for handling
3956 kref_put(&user->refcount, free_user);
3959 * OEM Messages are expected to be delivered via
3960 * the system interface to SMS software. We might
3961 * need to visit this again depending on OEM
3964 smi_addr = ((struct ipmi_system_interface_addr *)
3966 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3967 smi_addr->channel = IPMI_BMC_CHANNEL;
3968 smi_addr->lun = msg->rsp[0] & 3;
3970 recv_msg->user = user;
3971 recv_msg->user_msg_data = NULL;
3972 recv_msg->recv_type = IPMI_OEM_RECV_TYPE;
3973 recv_msg->msg.netfn = msg->rsp[0] >> 2;
3974 recv_msg->msg.cmd = msg->rsp[1];
3975 recv_msg->msg.data = recv_msg->msg_data;
3978 * The message starts at byte 4 which follows the
3979 * the Channel Byte in the "GET MESSAGE" command
3981 recv_msg->msg.data_len = msg->rsp_size - 4;
3982 memcpy(recv_msg->msg_data, &msg->rsp[4],
3984 if (deliver_response(intf, recv_msg))
3985 ipmi_inc_stat(intf, unhandled_commands);
3987 ipmi_inc_stat(intf, handled_commands);
3994 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
3995 struct ipmi_smi_msg *msg)
3997 struct ipmi_system_interface_addr *smi_addr;
3999 recv_msg->msgid = 0;
4000 smi_addr = (struct ipmi_system_interface_addr *) &recv_msg->addr;
4001 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4002 smi_addr->channel = IPMI_BMC_CHANNEL;
4003 smi_addr->lun = msg->rsp[0] & 3;
4004 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
4005 recv_msg->msg.netfn = msg->rsp[0] >> 2;
4006 recv_msg->msg.cmd = msg->rsp[1];
4007 memcpy(recv_msg->msg_data, &msg->rsp[3], msg->rsp_size - 3);
4008 recv_msg->msg.data = recv_msg->msg_data;
4009 recv_msg->msg.data_len = msg->rsp_size - 3;
4012 static int handle_read_event_rsp(struct ipmi_smi *intf,
4013 struct ipmi_smi_msg *msg)
4015 struct ipmi_recv_msg *recv_msg, *recv_msg2;
4016 struct list_head msgs;
4017 struct ipmi_user *user;
4018 int rv = 0, deliver_count = 0, index;
4019 unsigned long flags;
4021 if (msg->rsp_size < 19) {
4022 /* Message is too small to be an IPMB event. */
4023 ipmi_inc_stat(intf, invalid_events);
4027 if (msg->rsp[2] != 0) {
4028 /* An error getting the event, just ignore it. */
4032 INIT_LIST_HEAD(&msgs);
4034 spin_lock_irqsave(&intf->events_lock, flags);
4036 ipmi_inc_stat(intf, events);
4039 * Allocate and fill in one message for every user that is
4042 index = srcu_read_lock(&intf->users_srcu);
4043 list_for_each_entry_rcu(user, &intf->users, link) {
4044 if (!user->gets_events)
4047 recv_msg = ipmi_alloc_recv_msg();
4050 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs,
4052 list_del(&recv_msg->link);
4053 ipmi_free_recv_msg(recv_msg);
4056 * We couldn't allocate memory for the
4057 * message, so requeue it for handling
4066 copy_event_into_recv_msg(recv_msg, msg);
4067 recv_msg->user = user;
4068 kref_get(&user->refcount);
4069 list_add_tail(&recv_msg->link, &msgs);
4071 srcu_read_unlock(&intf->users_srcu, index);
4073 if (deliver_count) {
4074 /* Now deliver all the messages. */
4075 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
4076 list_del(&recv_msg->link);
4077 deliver_local_response(intf, recv_msg);
4079 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
4081 * No one to receive the message, put it in queue if there's
4082 * not already too many things in the queue.
4084 recv_msg = ipmi_alloc_recv_msg();
4087 * We couldn't allocate memory for the
4088 * message, so requeue it for handling
4095 copy_event_into_recv_msg(recv_msg, msg);
4096 list_add_tail(&recv_msg->link, &intf->waiting_events);
4097 intf->waiting_events_count++;
4098 } else if (!intf->event_msg_printed) {
4100 * There's too many things in the queue, discard this
4103 dev_warn(intf->si_dev,
4104 PFX "Event queue full, discarding incoming events\n");
4105 intf->event_msg_printed = 1;
4109 spin_unlock_irqrestore(&intf->events_lock, flags);
4114 static int handle_bmc_rsp(struct ipmi_smi *intf,
4115 struct ipmi_smi_msg *msg)
4117 struct ipmi_recv_msg *recv_msg;
4118 struct ipmi_system_interface_addr *smi_addr;
4120 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
4121 if (recv_msg == NULL) {
4122 dev_warn(intf->si_dev,
4123 "IPMI message received with no owner. This could be because of a malformed message, or because of a hardware error. Contact your hardware vender for assistance\n");
4127 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
4128 recv_msg->msgid = msg->msgid;
4129 smi_addr = ((struct ipmi_system_interface_addr *)
4131 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4132 smi_addr->channel = IPMI_BMC_CHANNEL;
4133 smi_addr->lun = msg->rsp[0] & 3;
4134 recv_msg->msg.netfn = msg->rsp[0] >> 2;
4135 recv_msg->msg.cmd = msg->rsp[1];
4136 memcpy(recv_msg->msg_data, &msg->rsp[2], msg->rsp_size - 2);
4137 recv_msg->msg.data = recv_msg->msg_data;
4138 recv_msg->msg.data_len = msg->rsp_size - 2;
4139 deliver_local_response(intf, recv_msg);
4145 * Handle a received message. Return 1 if the message should be requeued,
4146 * 0 if the message should be freed, or -1 if the message should not
4147 * be freed or requeued.
4149 static int handle_one_recv_msg(struct ipmi_smi *intf,
4150 struct ipmi_smi_msg *msg)
4155 ipmi_debug_msg("Recv:", msg->rsp, msg->rsp_size);
4156 if (msg->rsp_size < 2) {
4157 /* Message is too small to be correct. */
4158 dev_warn(intf->si_dev,
4159 PFX "BMC returned to small a message for netfn %x cmd %x, got %d bytes\n",
4160 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
4162 /* Generate an error response for the message. */
4163 msg->rsp[0] = msg->data[0] | (1 << 2);
4164 msg->rsp[1] = msg->data[1];
4165 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
4167 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))
4168 || (msg->rsp[1] != msg->data[1])) {
4170 * The NetFN and Command in the response is not even
4171 * marginally correct.
4173 dev_warn(intf->si_dev,
4174 PFX "BMC returned incorrect response, expected netfn %x cmd %x, got netfn %x cmd %x\n",
4175 (msg->data[0] >> 2) | 1, msg->data[1],
4176 msg->rsp[0] >> 2, msg->rsp[1]);
4178 /* Generate an error response for the message. */
4179 msg->rsp[0] = msg->data[0] | (1 << 2);
4180 msg->rsp[1] = msg->data[1];
4181 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
4185 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
4186 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
4187 && (msg->user_data != NULL)) {
4189 * It's a response to a response we sent. For this we
4190 * deliver a send message response to the user.
4192 struct ipmi_recv_msg *recv_msg = msg->user_data;
4195 if (msg->rsp_size < 2)
4196 /* Message is too small to be correct. */
4199 chan = msg->data[2] & 0x0f;
4200 if (chan >= IPMI_MAX_CHANNELS)
4201 /* Invalid channel number */
4207 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
4208 recv_msg->msg.data = recv_msg->msg_data;
4209 recv_msg->msg.data_len = 1;
4210 recv_msg->msg_data[0] = msg->rsp[2];
4211 deliver_local_response(intf, recv_msg);
4212 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
4213 && (msg->rsp[1] == IPMI_GET_MSG_CMD)) {
4214 struct ipmi_channel *chans;
4216 /* It's from the receive queue. */
4217 chan = msg->rsp[3] & 0xf;
4218 if (chan >= IPMI_MAX_CHANNELS) {
4219 /* Invalid channel number */
4225 * We need to make sure the channels have been initialized.
4226 * The channel_handler routine will set the "curr_channel"
4227 * equal to or greater than IPMI_MAX_CHANNELS when all the
4228 * channels for this interface have been initialized.
4230 if (!intf->channels_ready) {
4231 requeue = 0; /* Throw the message away */
4235 chans = READ_ONCE(intf->channel_list)->c;
4237 switch (chans[chan].medium) {
4238 case IPMI_CHANNEL_MEDIUM_IPMB:
4239 if (msg->rsp[4] & 0x04) {
4241 * It's a response, so find the
4242 * requesting message and send it up.
4244 requeue = handle_ipmb_get_msg_rsp(intf, msg);
4247 * It's a command to the SMS from some other
4248 * entity. Handle that.
4250 requeue = handle_ipmb_get_msg_cmd(intf, msg);
4254 case IPMI_CHANNEL_MEDIUM_8023LAN:
4255 case IPMI_CHANNEL_MEDIUM_ASYNC:
4256 if (msg->rsp[6] & 0x04) {
4258 * It's a response, so find the
4259 * requesting message and send it up.
4261 requeue = handle_lan_get_msg_rsp(intf, msg);
4264 * It's a command to the SMS from some other
4265 * entity. Handle that.
4267 requeue = handle_lan_get_msg_cmd(intf, msg);
4272 /* Check for OEM Channels. Clients had better
4273 register for these commands. */
4274 if ((chans[chan].medium >= IPMI_CHANNEL_MEDIUM_OEM_MIN)
4275 && (chans[chan].medium
4276 <= IPMI_CHANNEL_MEDIUM_OEM_MAX)) {
4277 requeue = handle_oem_get_msg_cmd(intf, msg);
4280 * We don't handle the channel type, so just
4287 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
4288 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD)) {
4289 /* It's an asynchronous event. */
4290 requeue = handle_read_event_rsp(intf, msg);
4292 /* It's a response from the local BMC. */
4293 requeue = handle_bmc_rsp(intf, msg);
4301 * If there are messages in the queue or pretimeouts, handle them.
4303 static void handle_new_recv_msgs(struct ipmi_smi *intf)
4305 struct ipmi_smi_msg *smi_msg;
4306 unsigned long flags = 0;
4308 int run_to_completion = intf->run_to_completion;
4310 /* See if any waiting messages need to be processed. */
4311 if (!run_to_completion)
4312 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
4313 while (!list_empty(&intf->waiting_rcv_msgs)) {
4314 smi_msg = list_entry(intf->waiting_rcv_msgs.next,
4315 struct ipmi_smi_msg, link);
4316 list_del(&smi_msg->link);
4317 if (!run_to_completion)
4318 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock,
4320 rv = handle_one_recv_msg(intf, smi_msg);
4321 if (!run_to_completion)
4322 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
4325 * To preserve message order, quit if we
4326 * can't handle a message. Add the message
4327 * back at the head, this is safe because this
4328 * tasklet is the only thing that pulls the
4331 list_add(&smi_msg->link, &intf->waiting_rcv_msgs);
4335 /* Message handled */
4336 ipmi_free_smi_msg(smi_msg);
4337 /* If rv < 0, fatal error, del but don't free. */
4340 if (!run_to_completion)
4341 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock, flags);
4344 * If the pretimout count is non-zero, decrement one from it and
4345 * deliver pretimeouts to all the users.
4347 if (atomic_add_unless(&intf->watchdog_pretimeouts_to_deliver, -1, 0)) {
4348 struct ipmi_user *user;
4351 index = srcu_read_lock(&intf->users_srcu);
4352 list_for_each_entry_rcu(user, &intf->users, link) {
4353 if (user->handler->ipmi_watchdog_pretimeout)
4354 user->handler->ipmi_watchdog_pretimeout(
4355 user->handler_data);
4357 srcu_read_unlock(&intf->users_srcu, index);
4361 static void smi_recv_tasklet(unsigned long val)
4363 unsigned long flags = 0; /* keep us warning-free. */
4364 struct ipmi_smi *intf = (struct ipmi_smi *) val;
4365 int run_to_completion = intf->run_to_completion;
4366 struct ipmi_smi_msg *newmsg = NULL;
4369 * Start the next message if available.
4371 * Do this here, not in the actual receiver, because we may deadlock
4372 * because the lower layer is allowed to hold locks while calling
4378 if (!run_to_completion)
4379 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
4380 if (intf->curr_msg == NULL && !intf->in_shutdown) {
4381 struct list_head *entry = NULL;
4383 /* Pick the high priority queue first. */
4384 if (!list_empty(&intf->hp_xmit_msgs))
4385 entry = intf->hp_xmit_msgs.next;
4386 else if (!list_empty(&intf->xmit_msgs))
4387 entry = intf->xmit_msgs.next;
4391 newmsg = list_entry(entry, struct ipmi_smi_msg, link);
4392 intf->curr_msg = newmsg;
4395 if (!run_to_completion)
4396 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
4398 intf->handlers->sender(intf->send_info, newmsg);
4402 handle_new_recv_msgs(intf);
4405 /* Handle a new message from the lower layer. */
4406 void ipmi_smi_msg_received(struct ipmi_smi *intf,
4407 struct ipmi_smi_msg *msg)
4409 unsigned long flags = 0; /* keep us warning-free. */
4410 int run_to_completion = intf->run_to_completion;
4412 if ((msg->data_size >= 2)
4413 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
4414 && (msg->data[1] == IPMI_SEND_MSG_CMD)
4415 && (msg->user_data == NULL)) {
4417 if (intf->in_shutdown)
4421 * This is the local response to a command send, start
4422 * the timer for these. The user_data will not be
4423 * NULL if this is a response send, and we will let
4424 * response sends just go through.
4428 * Check for errors, if we get certain errors (ones
4429 * that mean basically we can try again later), we
4430 * ignore them and start the timer. Otherwise we
4431 * report the error immediately.
4433 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
4434 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
4435 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR)
4436 && (msg->rsp[2] != IPMI_BUS_ERR)
4437 && (msg->rsp[2] != IPMI_NAK_ON_WRITE_ERR)) {
4438 int ch = msg->rsp[3] & 0xf;
4439 struct ipmi_channel *chans;
4441 /* Got an error sending the message, handle it. */
4443 chans = READ_ONCE(intf->channel_list)->c;
4444 if ((chans[ch].medium == IPMI_CHANNEL_MEDIUM_8023LAN)
4445 || (chans[ch].medium == IPMI_CHANNEL_MEDIUM_ASYNC))
4446 ipmi_inc_stat(intf, sent_lan_command_errs);
4448 ipmi_inc_stat(intf, sent_ipmb_command_errs);
4449 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
4451 /* The message was sent, start the timer. */
4452 intf_start_seq_timer(intf, msg->msgid);
4455 ipmi_free_smi_msg(msg);
4458 * To preserve message order, we keep a queue and deliver from
4461 if (!run_to_completion)
4462 spin_lock_irqsave(&intf->waiting_rcv_msgs_lock, flags);
4463 list_add_tail(&msg->link, &intf->waiting_rcv_msgs);
4464 if (!run_to_completion)
4465 spin_unlock_irqrestore(&intf->waiting_rcv_msgs_lock,
4469 if (!run_to_completion)
4470 spin_lock_irqsave(&intf->xmit_msgs_lock, flags);
4472 * We can get an asynchronous event or receive message in addition
4473 * to commands we send.
4475 if (msg == intf->curr_msg)
4476 intf->curr_msg = NULL;
4477 if (!run_to_completion)
4478 spin_unlock_irqrestore(&intf->xmit_msgs_lock, flags);
4480 if (run_to_completion)
4481 smi_recv_tasklet((unsigned long) intf);
4483 tasklet_schedule(&intf->recv_tasklet);
4485 EXPORT_SYMBOL(ipmi_smi_msg_received);
4487 void ipmi_smi_watchdog_pretimeout(struct ipmi_smi *intf)
4489 if (intf->in_shutdown)
4492 atomic_set(&intf->watchdog_pretimeouts_to_deliver, 1);
4493 tasklet_schedule(&intf->recv_tasklet);
4495 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
4497 static struct ipmi_smi_msg *
4498 smi_from_recv_msg(struct ipmi_smi *intf, struct ipmi_recv_msg *recv_msg,
4499 unsigned char seq, long seqid)
4501 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
4504 * If we can't allocate the message, then just return, we
4505 * get 4 retries, so this should be ok.
4509 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
4510 smi_msg->data_size = recv_msg->msg.data_len;
4511 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
4513 ipmi_debug_msg("Resend: ", smi_msg->data, smi_msg->data_size);
4518 static void check_msg_timeout(struct ipmi_smi *intf, struct seq_table *ent,
4519 struct list_head *timeouts,
4520 unsigned long timeout_period,
4521 int slot, unsigned long *flags,
4522 unsigned int *waiting_msgs)
4524 struct ipmi_recv_msg *msg;
4526 if (intf->in_shutdown)
4532 if (timeout_period < ent->timeout) {
4533 ent->timeout -= timeout_period;
4538 if (ent->retries_left == 0) {
4539 /* The message has used all its retries. */
4541 msg = ent->recv_msg;
4542 list_add_tail(&msg->link, timeouts);
4544 ipmi_inc_stat(intf, timed_out_ipmb_broadcasts);
4545 else if (is_lan_addr(&ent->recv_msg->addr))
4546 ipmi_inc_stat(intf, timed_out_lan_commands);
4548 ipmi_inc_stat(intf, timed_out_ipmb_commands);
4550 struct ipmi_smi_msg *smi_msg;
4551 /* More retries, send again. */
4556 * Start with the max timer, set to normal timer after
4557 * the message is sent.
4559 ent->timeout = MAX_MSG_TIMEOUT;
4560 ent->retries_left--;
4561 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
4564 if (is_lan_addr(&ent->recv_msg->addr))
4566 dropped_rexmit_lan_commands);
4569 dropped_rexmit_ipmb_commands);
4573 spin_unlock_irqrestore(&intf->seq_lock, *flags);
4576 * Send the new message. We send with a zero
4577 * priority. It timed out, I doubt time is that
4578 * critical now, and high priority messages are really
4579 * only for messages to the local MC, which don't get
4582 if (intf->handlers) {
4583 if (is_lan_addr(&ent->recv_msg->addr))
4585 retransmitted_lan_commands);
4588 retransmitted_ipmb_commands);
4590 smi_send(intf, intf->handlers, smi_msg, 0);
4592 ipmi_free_smi_msg(smi_msg);
4594 spin_lock_irqsave(&intf->seq_lock, *flags);
4598 static unsigned int ipmi_timeout_handler(struct ipmi_smi *intf,
4599 unsigned long timeout_period)
4601 struct list_head timeouts;
4602 struct ipmi_recv_msg *msg, *msg2;
4603 unsigned long flags;
4605 unsigned int waiting_msgs = 0;
4607 if (!intf->bmc_registered) {
4608 kref_get(&intf->refcount);
4609 if (!schedule_work(&intf->bmc_reg_work)) {
4610 kref_put(&intf->refcount, intf_free);
4616 * Go through the seq table and find any messages that
4617 * have timed out, putting them in the timeouts
4620 INIT_LIST_HEAD(&timeouts);
4621 spin_lock_irqsave(&intf->seq_lock, flags);
4622 if (intf->ipmb_maintenance_mode_timeout) {
4623 if (intf->ipmb_maintenance_mode_timeout <= timeout_period)
4624 intf->ipmb_maintenance_mode_timeout = 0;
4626 intf->ipmb_maintenance_mode_timeout -= timeout_period;
4628 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++)
4629 check_msg_timeout(intf, &intf->seq_table[i],
4630 &timeouts, timeout_period, i,
4631 &flags, &waiting_msgs);
4632 spin_unlock_irqrestore(&intf->seq_lock, flags);
4634 list_for_each_entry_safe(msg, msg2, &timeouts, link)
4635 deliver_err_response(intf, msg, IPMI_TIMEOUT_COMPLETION_CODE);
4638 * Maintenance mode handling. Check the timeout
4639 * optimistically before we claim the lock. It may
4640 * mean a timeout gets missed occasionally, but that
4641 * only means the timeout gets extended by one period
4642 * in that case. No big deal, and it avoids the lock
4645 if (intf->auto_maintenance_timeout > 0) {
4646 spin_lock_irqsave(&intf->maintenance_mode_lock, flags);
4647 if (intf->auto_maintenance_timeout > 0) {
4648 intf->auto_maintenance_timeout
4650 if (!intf->maintenance_mode
4651 && (intf->auto_maintenance_timeout <= 0)) {
4652 intf->maintenance_mode_enable = false;
4653 maintenance_mode_update(intf);
4656 spin_unlock_irqrestore(&intf->maintenance_mode_lock,
4660 tasklet_schedule(&intf->recv_tasklet);
4662 return waiting_msgs;
4665 static void ipmi_request_event(struct ipmi_smi *intf)
4667 /* No event requests when in maintenance mode. */
4668 if (intf->maintenance_mode_enable)
4671 if (!intf->in_shutdown)
4672 intf->handlers->request_events(intf->send_info);
4675 static struct timer_list ipmi_timer;
4677 static atomic_t stop_operation;
4679 static void ipmi_timeout(struct timer_list *unused)
4681 struct ipmi_smi *intf;
4684 if (atomic_read(&stop_operation))
4687 index = srcu_read_lock(&ipmi_interfaces_srcu);
4688 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
4691 if (atomic_read(&intf->event_waiters)) {
4692 intf->ticks_to_req_ev--;
4693 if (intf->ticks_to_req_ev == 0) {
4694 ipmi_request_event(intf);
4695 intf->ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
4700 lnt += ipmi_timeout_handler(intf, IPMI_TIMEOUT_TIME);
4703 if (lnt != intf->last_needs_timer &&
4704 intf->handlers->set_need_watch)
4705 intf->handlers->set_need_watch(intf->send_info, lnt);
4706 intf->last_needs_timer = lnt;
4710 srcu_read_unlock(&ipmi_interfaces_srcu, index);
4713 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
4716 static void need_waiter(struct ipmi_smi *intf)
4718 /* Racy, but worst case we start the timer twice. */
4719 if (!timer_pending(&ipmi_timer))
4720 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
4723 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
4724 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
4726 static void free_smi_msg(struct ipmi_smi_msg *msg)
4728 atomic_dec(&smi_msg_inuse_count);
4732 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
4734 struct ipmi_smi_msg *rv;
4735 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
4737 rv->done = free_smi_msg;
4738 rv->user_data = NULL;
4739 atomic_inc(&smi_msg_inuse_count);
4743 EXPORT_SYMBOL(ipmi_alloc_smi_msg);
4745 static void free_recv_msg(struct ipmi_recv_msg *msg)
4747 atomic_dec(&recv_msg_inuse_count);
4751 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
4753 struct ipmi_recv_msg *rv;
4755 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
4758 rv->done = free_recv_msg;
4759 atomic_inc(&recv_msg_inuse_count);
4764 void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
4767 kref_put(&msg->user->refcount, free_user);
4770 EXPORT_SYMBOL(ipmi_free_recv_msg);
4772 static atomic_t panic_done_count = ATOMIC_INIT(0);
4774 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
4776 atomic_dec(&panic_done_count);
4779 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
4781 atomic_dec(&panic_done_count);
4785 * Inside a panic, send a message and wait for a response.
4787 static void ipmi_panic_request_and_wait(struct ipmi_smi *intf,
4788 struct ipmi_addr *addr,
4789 struct kernel_ipmi_msg *msg)
4791 struct ipmi_smi_msg smi_msg;
4792 struct ipmi_recv_msg recv_msg;
4795 smi_msg.done = dummy_smi_done_handler;
4796 recv_msg.done = dummy_recv_done_handler;
4797 atomic_add(2, &panic_done_count);
4798 rv = i_ipmi_request(NULL,
4807 intf->addrinfo[0].address,
4808 intf->addrinfo[0].lun,
4809 0, 1); /* Don't retry, and don't wait. */
4811 atomic_sub(2, &panic_done_count);
4812 else if (intf->handlers->flush_messages)
4813 intf->handlers->flush_messages(intf->send_info);
4815 while (atomic_read(&panic_done_count) != 0)
4819 static void event_receiver_fetcher(struct ipmi_smi *intf,
4820 struct ipmi_recv_msg *msg)
4822 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4823 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
4824 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
4825 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
4826 /* A get event receiver command, save it. */
4827 intf->event_receiver = msg->msg.data[1];
4828 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
4832 static void device_id_fetcher(struct ipmi_smi *intf, struct ipmi_recv_msg *msg)
4834 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
4835 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
4836 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
4837 && (msg->msg.data[0] == IPMI_CC_NO_ERROR)) {
4839 * A get device id command, save if we are an event
4840 * receiver or generator.
4842 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
4843 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
4847 static void send_panic_events(struct ipmi_smi *intf, char *str)
4849 struct kernel_ipmi_msg msg;
4850 unsigned char data[16];
4851 struct ipmi_system_interface_addr *si;
4852 struct ipmi_addr addr;
4854 struct ipmi_ipmb_addr *ipmb;
4857 if (ipmi_send_panic_event == IPMI_SEND_PANIC_EVENT_NONE)
4860 si = (struct ipmi_system_interface_addr *) &addr;
4861 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4862 si->channel = IPMI_BMC_CHANNEL;
4865 /* Fill in an event telling that we have failed. */
4866 msg.netfn = 0x04; /* Sensor or Event. */
4867 msg.cmd = 2; /* Platform event command. */
4870 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */
4871 data[1] = 0x03; /* This is for IPMI 1.0. */
4872 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
4873 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
4874 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
4877 * Put a few breadcrumbs in. Hopefully later we can add more things
4878 * to make the panic events more useful.
4886 /* Send the event announcing the panic. */
4887 ipmi_panic_request_and_wait(intf, &addr, &msg);
4890 * On every interface, dump a bunch of OEM event holding the
4893 if (ipmi_send_panic_event != IPMI_SEND_PANIC_EVENT_STRING || !str)
4897 * intf_num is used as an marker to tell if the
4898 * interface is valid. Thus we need a read barrier to
4899 * make sure data fetched before checking intf_num
4905 * First job here is to figure out where to send the
4906 * OEM events. There's no way in IPMI to send OEM
4907 * events using an event send command, so we have to
4908 * find the SEL to put them in and stick them in
4912 /* Get capabilities from the get device id. */
4913 intf->local_sel_device = 0;
4914 intf->local_event_generator = 0;
4915 intf->event_receiver = 0;
4917 /* Request the device info from the local MC. */
4918 msg.netfn = IPMI_NETFN_APP_REQUEST;
4919 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
4922 intf->null_user_handler = device_id_fetcher;
4923 ipmi_panic_request_and_wait(intf, &addr, &msg);
4925 if (intf->local_event_generator) {
4926 /* Request the event receiver from the local MC. */
4927 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
4928 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
4931 intf->null_user_handler = event_receiver_fetcher;
4932 ipmi_panic_request_and_wait(intf, &addr, &msg);
4934 intf->null_user_handler = NULL;
4937 * Validate the event receiver. The low bit must not
4938 * be 1 (it must be a valid IPMB address), it cannot
4939 * be zero, and it must not be my address.
4941 if (((intf->event_receiver & 1) == 0)
4942 && (intf->event_receiver != 0)
4943 && (intf->event_receiver != intf->addrinfo[0].address)) {
4945 * The event receiver is valid, send an IPMB
4948 ipmb = (struct ipmi_ipmb_addr *) &addr;
4949 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
4950 ipmb->channel = 0; /* FIXME - is this right? */
4951 ipmb->lun = intf->event_receiver_lun;
4952 ipmb->slave_addr = intf->event_receiver;
4953 } else if (intf->local_sel_device) {
4955 * The event receiver was not valid (or was
4956 * me), but I am an SEL device, just dump it
4959 si = (struct ipmi_system_interface_addr *) &addr;
4960 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
4961 si->channel = IPMI_BMC_CHANNEL;
4964 return; /* No where to send the event. */
4966 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
4967 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
4973 int size = strlen(p);
4979 data[2] = 0xf0; /* OEM event without timestamp. */
4980 data[3] = intf->addrinfo[0].address;
4981 data[4] = j++; /* sequence # */
4983 * Always give 11 bytes, so strncpy will fill
4984 * it with zeroes for me.
4986 strncpy(data+5, p, 11);
4989 ipmi_panic_request_and_wait(intf, &addr, &msg);
4993 static int has_panicked;
4995 static int panic_event(struct notifier_block *this,
4996 unsigned long event,
4999 struct ipmi_smi *intf;
5000 struct ipmi_user *user;
5006 /* For every registered interface, set it to run to completion. */
5007 list_for_each_entry_rcu(intf, &ipmi_interfaces, link) {
5008 if (!intf->handlers || intf->intf_num == -1)
5009 /* Interface is not ready. */
5012 if (!intf->handlers->poll)
5016 * If we were interrupted while locking xmit_msgs_lock or
5017 * waiting_rcv_msgs_lock, the corresponding list may be
5018 * corrupted. In this case, drop items on the list for
5021 if (!spin_trylock(&intf->xmit_msgs_lock)) {
5022 INIT_LIST_HEAD(&intf->xmit_msgs);
5023 INIT_LIST_HEAD(&intf->hp_xmit_msgs);
5025 spin_unlock(&intf->xmit_msgs_lock);
5027 if (!spin_trylock(&intf->waiting_rcv_msgs_lock))
5028 INIT_LIST_HEAD(&intf->waiting_rcv_msgs);
5030 spin_unlock(&intf->waiting_rcv_msgs_lock);
5032 intf->run_to_completion = 1;
5033 if (intf->handlers->set_run_to_completion)
5034 intf->handlers->set_run_to_completion(intf->send_info,
5037 list_for_each_entry_rcu(user, &intf->users, link) {
5038 if (user->handler->ipmi_panic_handler)
5039 user->handler->ipmi_panic_handler(
5040 user->handler_data);
5043 send_panic_events(intf, ptr);
5049 /* Must be called with ipmi_interfaces_mutex held. */
5050 static int ipmi_register_driver(void)
5057 rv = driver_register(&ipmidriver.driver);
5059 pr_err("Could not register IPMI driver\n");
5061 drvregistered = true;
5065 static struct notifier_block panic_block = {
5066 .notifier_call = panic_event,
5068 .priority = 200 /* priority: INT_MAX >= x >= 0 */
5071 static int ipmi_init_msghandler(void)
5075 mutex_lock(&ipmi_interfaces_mutex);
5076 rv = ipmi_register_driver();
5082 init_srcu_struct(&ipmi_interfaces_srcu);
5084 timer_setup(&ipmi_timer, ipmi_timeout, 0);
5085 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
5087 atomic_notifier_chain_register(&panic_notifier_list, &panic_block);
5092 mutex_unlock(&ipmi_interfaces_mutex);
5096 static int __init ipmi_init_msghandler_mod(void)
5100 pr_info("version " IPMI_DRIVER_VERSION "\n");
5102 mutex_lock(&ipmi_interfaces_mutex);
5103 rv = ipmi_register_driver();
5104 mutex_unlock(&ipmi_interfaces_mutex);
5109 static void __exit cleanup_ipmi(void)
5114 atomic_notifier_chain_unregister(&panic_notifier_list,
5118 * This can't be called if any interfaces exist, so no worry
5119 * about shutting down the interfaces.
5123 * Tell the timer to stop, then wait for it to stop. This
5124 * avoids problems with race conditions removing the timer
5127 atomic_inc(&stop_operation);
5128 del_timer_sync(&ipmi_timer);
5130 initialized = false;
5132 /* Check for buffer leaks. */
5133 count = atomic_read(&smi_msg_inuse_count);
5135 pr_warn(PFX "SMI message count %d at exit\n", count);
5136 count = atomic_read(&recv_msg_inuse_count);
5138 pr_warn(PFX "recv message count %d at exit\n", count);
5139 cleanup_srcu_struct(&ipmi_interfaces_srcu);
5142 driver_unregister(&ipmidriver.driver);
5144 module_exit(cleanup_ipmi);
5146 module_init(ipmi_init_msghandler_mod);
5147 MODULE_LICENSE("GPL");
5148 MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
5149 MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI"
5151 MODULE_VERSION(IPMI_DRIVER_VERSION);
5152 MODULE_SOFTDEP("post: ipmi_devintf");