4 * Incoming and outgoing message routing for an IPMI interface.
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
10 * Copyright 2002 MontaVista Software Inc.
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
34 #include <linux/config.h>
35 #include <linux/module.h>
36 #include <linux/errno.h>
37 #include <asm/system.h>
38 #include <linux/sched.h>
39 #include <linux/poll.h>
40 #include <linux/spinlock.h>
41 #include <linux/rwsem.h>
42 #include <linux/slab.h>
43 #include <linux/ipmi.h>
44 #include <linux/ipmi_smi.h>
45 #include <linux/notifier.h>
46 #include <linux/init.h>
47 #include <linux/proc_fs.h>
49 #define PFX "IPMI message handler: "
50 #define IPMI_MSGHANDLER_VERSION "v33"
52 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
53 static int ipmi_init_msghandler(void);
55 static int initialized = 0;
58 struct proc_dir_entry *proc_ipmi_root = NULL;
59 #endif /* CONFIG_PROC_FS */
61 #define MAX_EVENTS_IN_QUEUE 25
63 /* Don't let a message sit in a queue forever, always time it with at lest
64 the max message timer. This is in milliseconds. */
65 #define MAX_MSG_TIMEOUT 60000
69 struct list_head link;
71 /* The upper layer that handles receive messages. */
72 struct ipmi_user_hndl *handler;
75 /* The interface this user is bound to. */
78 /* Does this interface receive IPMI events? */
84 struct list_head link;
93 unsigned int inuse : 1;
94 unsigned int broadcast : 1;
96 unsigned long timeout;
97 unsigned long orig_timeout;
98 unsigned int retries_left;
100 /* To verify on an incoming send message response that this is
101 the message that the response is for, we keep a sequence id
102 and increment it every time we send a message. */
105 /* This is held so we can properly respond to the message on a
106 timeout, and it is used to hold the temporary data for
107 retransmission, too. */
108 struct ipmi_recv_msg *recv_msg;
111 /* Store the information in a msgid (long) to allow us to find a
112 sequence table entry from the msgid. */
113 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
115 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
117 seq = ((msgid >> 26) & 0x3f); \
118 seqid = (msgid & 0x3fffff); \
121 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
125 unsigned char medium;
126 unsigned char protocol;
129 #ifdef CONFIG_PROC_FS
130 struct ipmi_proc_entry
133 struct ipmi_proc_entry *next;
137 #define IPMI_IPMB_NUM_SEQ 64
138 #define IPMI_MAX_CHANNELS 8
141 /* What interface number are we? */
144 /* The list of upper layers that are using me. We read-lock
145 this when delivering messages to the upper layer to keep
146 the user from going away while we are processing the
147 message. This means that you cannot add or delete a user
148 from the receive callback. */
150 struct list_head users;
152 /* Used for wake ups at startup. */
153 wait_queue_head_t waitq;
155 /* The IPMI version of the BMC on the other end. */
156 unsigned char version_major;
157 unsigned char version_minor;
159 /* This is the lower-layer's sender routine. */
160 struct ipmi_smi_handlers *handlers;
163 #ifdef CONFIG_PROC_FS
164 /* A list of proc entries for this interface. This does not
165 need a lock, only one thread creates it and only one thread
167 spinlock_t proc_entry_lock;
168 struct ipmi_proc_entry *proc_entries;
171 /* A table of sequence numbers for this interface. We use the
172 sequence numbers for IPMB messages that go out of the
173 interface to match them up with their responses. A routine
174 is called periodically to time the items in this list. */
176 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
179 /* Messages that were delayed for some reason (out of memory,
180 for instance), will go in here to be processed later in a
181 periodic timer interrupt. */
182 spinlock_t waiting_msgs_lock;
183 struct list_head waiting_msgs;
185 /* The list of command receivers that are registered for commands
186 on this interface. */
187 rwlock_t cmd_rcvr_lock;
188 struct list_head cmd_rcvrs;
190 /* Events that were queues because no one was there to receive
192 spinlock_t events_lock; /* For dealing with event stuff. */
193 struct list_head waiting_events;
194 unsigned int waiting_events_count; /* How many events in queue? */
196 /* This will be non-null if someone registers to receive all
197 IPMI commands (this is for interface emulation). There
198 may not be any things in the cmd_rcvrs list above when
199 this is registered. */
200 ipmi_user_t all_cmd_rcvr;
202 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
203 but may be changed by the user. */
204 unsigned char my_address;
206 /* My LUN. This should generally stay the SMS LUN, but just in
208 unsigned char my_lun;
210 /* The event receiver for my BMC, only really used at panic
211 shutdown as a place to store this. */
212 unsigned char event_receiver;
213 unsigned char event_receiver_lun;
214 unsigned char local_sel_device;
215 unsigned char local_event_generator;
217 /* A cheap hack, if this is non-null and a message to an
218 interface comes in with a NULL user, call this routine with
219 it. Note that the message will still be freed by the
220 caller. This only works on the system interface. */
221 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_smi_msg *msg);
223 /* When we are scanning the channels for an SMI, this will
224 tell which channel we are scanning. */
227 /* Channel information */
228 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
231 struct proc_dir_entry *proc_dir;
232 char proc_dir_name[10];
234 spinlock_t counter_lock; /* For making counters atomic. */
236 /* Commands we got that were invalid. */
237 unsigned int sent_invalid_commands;
239 /* Commands we sent to the MC. */
240 unsigned int sent_local_commands;
241 /* Responses from the MC that were delivered to a user. */
242 unsigned int handled_local_responses;
243 /* Responses from the MC that were not delivered to a user. */
244 unsigned int unhandled_local_responses;
246 /* Commands we sent out to the IPMB bus. */
247 unsigned int sent_ipmb_commands;
248 /* Commands sent on the IPMB that had errors on the SEND CMD */
249 unsigned int sent_ipmb_command_errs;
250 /* Each retransmit increments this count. */
251 unsigned int retransmitted_ipmb_commands;
252 /* When a message times out (runs out of retransmits) this is
254 unsigned int timed_out_ipmb_commands;
256 /* This is like above, but for broadcasts. Broadcasts are
257 *not* included in the above count (they are expected to
259 unsigned int timed_out_ipmb_broadcasts;
261 /* Responses I have sent to the IPMB bus. */
262 unsigned int sent_ipmb_responses;
264 /* The response was delivered to the user. */
265 unsigned int handled_ipmb_responses;
266 /* The response had invalid data in it. */
267 unsigned int invalid_ipmb_responses;
268 /* The response didn't have anyone waiting for it. */
269 unsigned int unhandled_ipmb_responses;
271 /* Commands we sent out to the IPMB bus. */
272 unsigned int sent_lan_commands;
273 /* Commands sent on the IPMB that had errors on the SEND CMD */
274 unsigned int sent_lan_command_errs;
275 /* Each retransmit increments this count. */
276 unsigned int retransmitted_lan_commands;
277 /* When a message times out (runs out of retransmits) this is
279 unsigned int timed_out_lan_commands;
281 /* Responses I have sent to the IPMB bus. */
282 unsigned int sent_lan_responses;
284 /* The response was delivered to the user. */
285 unsigned int handled_lan_responses;
286 /* The response had invalid data in it. */
287 unsigned int invalid_lan_responses;
288 /* The response didn't have anyone waiting for it. */
289 unsigned int unhandled_lan_responses;
291 /* The command was delivered to the user. */
292 unsigned int handled_commands;
293 /* The command had invalid data in it. */
294 unsigned int invalid_commands;
295 /* The command didn't have anyone waiting for it. */
296 unsigned int unhandled_commands;
298 /* Invalid data in an event. */
299 unsigned int invalid_events;
300 /* Events that were received with the proper format. */
304 #define MAX_IPMI_INTERFACES 4
305 static ipmi_smi_t ipmi_interfaces[MAX_IPMI_INTERFACES];
307 /* Used to keep interfaces from going away while operations are
308 operating on interfaces. Grab read if you are not modifying the
309 interfaces, write if you are. */
310 static DECLARE_RWSEM(interfaces_sem);
312 /* Directly protects the ipmi_interfaces data structure. This is
313 claimed in the timer interrupt. */
314 static DEFINE_SPINLOCK(interfaces_lock);
316 /* List of watchers that want to know when smi's are added and
318 static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers);
319 static DECLARE_RWSEM(smi_watchers_sem);
321 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
325 down_read(&interfaces_sem);
326 down_write(&smi_watchers_sem);
327 list_add(&(watcher->link), &smi_watchers);
328 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
329 if (ipmi_interfaces[i] != NULL) {
333 up_write(&smi_watchers_sem);
334 up_read(&interfaces_sem);
338 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
340 down_write(&smi_watchers_sem);
341 list_del(&(watcher->link));
342 up_write(&smi_watchers_sem);
347 call_smi_watchers(int i)
349 struct ipmi_smi_watcher *w;
351 down_read(&smi_watchers_sem);
352 list_for_each_entry(w, &smi_watchers, link) {
353 if (try_module_get(w->owner)) {
355 module_put(w->owner);
358 up_read(&smi_watchers_sem);
362 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
364 if (addr1->addr_type != addr2->addr_type)
367 if (addr1->channel != addr2->channel)
370 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
371 struct ipmi_system_interface_addr *smi_addr1
372 = (struct ipmi_system_interface_addr *) addr1;
373 struct ipmi_system_interface_addr *smi_addr2
374 = (struct ipmi_system_interface_addr *) addr2;
375 return (smi_addr1->lun == smi_addr2->lun);
378 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE)
379 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
381 struct ipmi_ipmb_addr *ipmb_addr1
382 = (struct ipmi_ipmb_addr *) addr1;
383 struct ipmi_ipmb_addr *ipmb_addr2
384 = (struct ipmi_ipmb_addr *) addr2;
386 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
387 && (ipmb_addr1->lun == ipmb_addr2->lun));
390 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) {
391 struct ipmi_lan_addr *lan_addr1
392 = (struct ipmi_lan_addr *) addr1;
393 struct ipmi_lan_addr *lan_addr2
394 = (struct ipmi_lan_addr *) addr2;
396 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
397 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
398 && (lan_addr1->session_handle
399 == lan_addr2->session_handle)
400 && (lan_addr1->lun == lan_addr2->lun));
406 int ipmi_validate_addr(struct ipmi_addr *addr, int len)
408 if (len < sizeof(struct ipmi_system_interface_addr)) {
412 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
413 if (addr->channel != IPMI_BMC_CHANNEL)
418 if ((addr->channel == IPMI_BMC_CHANNEL)
419 || (addr->channel >= IPMI_NUM_CHANNELS)
420 || (addr->channel < 0))
423 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
424 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
426 if (len < sizeof(struct ipmi_ipmb_addr)) {
432 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
433 if (len < sizeof(struct ipmi_lan_addr)) {
442 unsigned int ipmi_addr_length(int addr_type)
444 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
445 return sizeof(struct ipmi_system_interface_addr);
447 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
448 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
450 return sizeof(struct ipmi_ipmb_addr);
453 if (addr_type == IPMI_LAN_ADDR_TYPE)
454 return sizeof(struct ipmi_lan_addr);
459 static void deliver_response(struct ipmi_recv_msg *msg)
461 msg->user->handler->ipmi_recv_hndl(msg, msg->user->handler_data);
464 /* Find the next sequence number not being used and add the given
465 message with the given timeout to the sequence table. This must be
466 called with the interface's seq_lock held. */
467 static int intf_next_seq(ipmi_smi_t intf,
468 struct ipmi_recv_msg *recv_msg,
469 unsigned long timeout,
478 for (i=intf->curr_seq;
479 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
480 i=(i+1)%IPMI_IPMB_NUM_SEQ)
482 if (! intf->seq_table[i].inuse)
486 if (! intf->seq_table[i].inuse) {
487 intf->seq_table[i].recv_msg = recv_msg;
489 /* Start with the maximum timeout, when the send response
490 comes in we will start the real timer. */
491 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
492 intf->seq_table[i].orig_timeout = timeout;
493 intf->seq_table[i].retries_left = retries;
494 intf->seq_table[i].broadcast = broadcast;
495 intf->seq_table[i].inuse = 1;
496 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
498 *seqid = intf->seq_table[i].seqid;
499 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
507 /* Return the receive message for the given sequence number and
508 release the sequence number so it can be reused. Some other data
509 is passed in to be sure the message matches up correctly (to help
510 guard against message coming in after their timeout and the
511 sequence number being reused). */
512 static int intf_find_seq(ipmi_smi_t intf,
517 struct ipmi_addr *addr,
518 struct ipmi_recv_msg **recv_msg)
523 if (seq >= IPMI_IPMB_NUM_SEQ)
526 spin_lock_irqsave(&(intf->seq_lock), flags);
527 if (intf->seq_table[seq].inuse) {
528 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
530 if ((msg->addr.channel == channel)
531 && (msg->msg.cmd == cmd)
532 && (msg->msg.netfn == netfn)
533 && (ipmi_addr_equal(addr, &(msg->addr))))
536 intf->seq_table[seq].inuse = 0;
540 spin_unlock_irqrestore(&(intf->seq_lock), flags);
546 /* Start the timer for a specific sequence table entry. */
547 static int intf_start_seq_timer(ipmi_smi_t intf,
556 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
558 spin_lock_irqsave(&(intf->seq_lock), flags);
559 /* We do this verification because the user can be deleted
560 while a message is outstanding. */
561 if ((intf->seq_table[seq].inuse)
562 && (intf->seq_table[seq].seqid == seqid))
564 struct seq_table *ent = &(intf->seq_table[seq]);
565 ent->timeout = ent->orig_timeout;
568 spin_unlock_irqrestore(&(intf->seq_lock), flags);
573 /* Got an error for the send message for a specific sequence number. */
574 static int intf_err_seq(ipmi_smi_t intf,
582 struct ipmi_recv_msg *msg = NULL;
585 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
587 spin_lock_irqsave(&(intf->seq_lock), flags);
588 /* We do this verification because the user can be deleted
589 while a message is outstanding. */
590 if ((intf->seq_table[seq].inuse)
591 && (intf->seq_table[seq].seqid == seqid))
593 struct seq_table *ent = &(intf->seq_table[seq]);
599 spin_unlock_irqrestore(&(intf->seq_lock), flags);
602 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
603 msg->msg_data[0] = err;
604 msg->msg.netfn |= 1; /* Convert to a response. */
605 msg->msg.data_len = 1;
606 msg->msg.data = msg->msg_data;
607 deliver_response(msg);
614 int ipmi_create_user(unsigned int if_num,
615 struct ipmi_user_hndl *handler,
620 ipmi_user_t new_user;
624 /* There is no module usecount here, because it's not
625 required. Since this can only be used by and called from
626 other modules, they will implicitly use this module, and
627 thus this can't be removed unless the other modules are
633 /* Make sure the driver is actually initialized, this handles
634 problems with initialization order. */
636 rv = ipmi_init_msghandler();
640 /* The init code doesn't return an error if it was turned
641 off, but it won't initialize. Check that. */
646 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
650 down_read(&interfaces_sem);
651 if ((if_num >= MAX_IPMI_INTERFACES) || ipmi_interfaces[if_num] == NULL)
657 intf = ipmi_interfaces[if_num];
659 new_user->handler = handler;
660 new_user->handler_data = handler_data;
661 new_user->intf = intf;
662 new_user->gets_events = 0;
664 if (!try_module_get(intf->handlers->owner)) {
669 if (intf->handlers->inc_usecount) {
670 rv = intf->handlers->inc_usecount(intf->send_info);
672 module_put(intf->handlers->owner);
677 write_lock_irqsave(&intf->users_lock, flags);
678 list_add_tail(&new_user->link, &intf->users);
679 write_unlock_irqrestore(&intf->users_lock, flags);
688 up_read(&interfaces_sem);
692 static int ipmi_destroy_user_nolock(ipmi_user_t user)
696 struct cmd_rcvr *rcvr, *rcvr2;
700 /* Find the user and delete them from the list. */
701 list_for_each_entry(t_user, &(user->intf->users), link) {
702 if (t_user == user) {
703 list_del(&t_user->link);
713 /* Remove the user from the interfaces sequence table. */
714 spin_lock_irqsave(&(user->intf->seq_lock), flags);
715 for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) {
716 if (user->intf->seq_table[i].inuse
717 && (user->intf->seq_table[i].recv_msg->user == user))
719 user->intf->seq_table[i].inuse = 0;
722 spin_unlock_irqrestore(&(user->intf->seq_lock), flags);
724 /* Remove the user from the command receiver's table. */
725 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
726 list_for_each_entry_safe(rcvr, rcvr2, &(user->intf->cmd_rcvrs), link) {
727 if (rcvr->user == user) {
728 list_del(&rcvr->link);
732 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
741 int ipmi_destroy_user(ipmi_user_t user)
744 ipmi_smi_t intf = user->intf;
747 down_read(&interfaces_sem);
748 write_lock_irqsave(&intf->users_lock, flags);
749 rv = ipmi_destroy_user_nolock(user);
751 module_put(intf->handlers->owner);
752 if (intf->handlers->dec_usecount)
753 intf->handlers->dec_usecount(intf->send_info);
756 write_unlock_irqrestore(&intf->users_lock, flags);
757 up_read(&interfaces_sem);
761 void ipmi_get_version(ipmi_user_t user,
762 unsigned char *major,
763 unsigned char *minor)
765 *major = user->intf->version_major;
766 *minor = user->intf->version_minor;
769 void ipmi_set_my_address(ipmi_user_t user,
770 unsigned char address)
772 user->intf->my_address = address;
775 unsigned char ipmi_get_my_address(ipmi_user_t user)
777 return user->intf->my_address;
780 void ipmi_set_my_LUN(ipmi_user_t user,
783 user->intf->my_lun = LUN & 0x3;
786 unsigned char ipmi_get_my_LUN(ipmi_user_t user)
788 return user->intf->my_lun;
791 int ipmi_set_gets_events(ipmi_user_t user, int val)
794 struct ipmi_recv_msg *msg, *msg2;
796 read_lock(&(user->intf->users_lock));
797 spin_lock_irqsave(&(user->intf->events_lock), flags);
798 user->gets_events = val;
801 /* Deliver any queued events. */
802 list_for_each_entry_safe(msg, msg2, &(user->intf->waiting_events), link) {
803 list_del(&msg->link);
805 deliver_response(msg);
809 spin_unlock_irqrestore(&(user->intf->events_lock), flags);
810 read_unlock(&(user->intf->users_lock));
815 int ipmi_register_for_cmd(ipmi_user_t user,
819 struct cmd_rcvr *cmp;
821 struct cmd_rcvr *rcvr;
825 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
829 read_lock(&(user->intf->users_lock));
830 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
831 if (user->intf->all_cmd_rcvr != NULL) {
836 /* Make sure the command/netfn is not already registered. */
837 list_for_each_entry(cmp, &(user->intf->cmd_rcvrs), link) {
838 if ((cmp->netfn == netfn) && (cmp->cmd == cmd)) {
848 list_add_tail(&(rcvr->link), &(user->intf->cmd_rcvrs));
851 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
852 read_unlock(&(user->intf->users_lock));
860 int ipmi_unregister_for_cmd(ipmi_user_t user,
865 struct cmd_rcvr *rcvr;
868 read_lock(&(user->intf->users_lock));
869 write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
870 /* Make sure the command/netfn is not already registered. */
871 list_for_each_entry(rcvr, &(user->intf->cmd_rcvrs), link) {
872 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
874 list_del(&rcvr->link);
879 write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
880 read_unlock(&(user->intf->users_lock));
885 void ipmi_user_set_run_to_completion(ipmi_user_t user, int val)
887 user->intf->handlers->set_run_to_completion(user->intf->send_info,
892 ipmb_checksum(unsigned char *data, int size)
894 unsigned char csum = 0;
896 for (; size > 0; size--, data++)
902 static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
903 struct kernel_ipmi_msg *msg,
904 struct ipmi_ipmb_addr *ipmb_addr,
906 unsigned char ipmb_seq,
908 unsigned char source_address,
909 unsigned char source_lun)
913 /* Format the IPMB header data. */
914 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
915 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
916 smi_msg->data[2] = ipmb_addr->channel;
918 smi_msg->data[3] = 0;
919 smi_msg->data[i+3] = ipmb_addr->slave_addr;
920 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
921 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
922 smi_msg->data[i+6] = source_address;
923 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
924 smi_msg->data[i+8] = msg->cmd;
926 /* Now tack on the data to the message. */
927 if (msg->data_len > 0)
928 memcpy(&(smi_msg->data[i+9]), msg->data,
930 smi_msg->data_size = msg->data_len + 9;
932 /* Now calculate the checksum and tack it on. */
933 smi_msg->data[i+smi_msg->data_size]
934 = ipmb_checksum(&(smi_msg->data[i+6]),
935 smi_msg->data_size-6);
937 /* Add on the checksum size and the offset from the
939 smi_msg->data_size += 1 + i;
941 smi_msg->msgid = msgid;
944 static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
945 struct kernel_ipmi_msg *msg,
946 struct ipmi_lan_addr *lan_addr,
948 unsigned char ipmb_seq,
949 unsigned char source_lun)
951 /* Format the IPMB header data. */
952 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
953 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
954 smi_msg->data[2] = lan_addr->channel;
955 smi_msg->data[3] = lan_addr->session_handle;
956 smi_msg->data[4] = lan_addr->remote_SWID;
957 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
958 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
959 smi_msg->data[7] = lan_addr->local_SWID;
960 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
961 smi_msg->data[9] = msg->cmd;
963 /* Now tack on the data to the message. */
964 if (msg->data_len > 0)
965 memcpy(&(smi_msg->data[10]), msg->data,
967 smi_msg->data_size = msg->data_len + 10;
969 /* Now calculate the checksum and tack it on. */
970 smi_msg->data[smi_msg->data_size]
971 = ipmb_checksum(&(smi_msg->data[7]),
972 smi_msg->data_size-7);
974 /* Add on the checksum size and the offset from the
976 smi_msg->data_size += 1;
978 smi_msg->msgid = msgid;
981 /* Separate from ipmi_request so that the user does not have to be
982 supplied in certain circumstances (mainly at panic time). If
983 messages are supplied, they will be freed, even if an error
985 static inline int i_ipmi_request(ipmi_user_t user,
987 struct ipmi_addr *addr,
989 struct kernel_ipmi_msg *msg,
992 struct ipmi_recv_msg *supplied_recv,
994 unsigned char source_address,
995 unsigned char source_lun,
997 unsigned int retry_time_ms)
1000 struct ipmi_smi_msg *smi_msg;
1001 struct ipmi_recv_msg *recv_msg;
1002 unsigned long flags;
1005 if (supplied_recv) {
1006 recv_msg = supplied_recv;
1008 recv_msg = ipmi_alloc_recv_msg();
1009 if (recv_msg == NULL) {
1013 recv_msg->user_msg_data = user_msg_data;
1016 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
1018 smi_msg = ipmi_alloc_smi_msg();
1019 if (smi_msg == NULL) {
1020 ipmi_free_recv_msg(recv_msg);
1025 recv_msg->user = user;
1026 recv_msg->msgid = msgid;
1027 /* Store the message to send in the receive message so timeout
1028 responses can get the proper response data. */
1029 recv_msg->msg = *msg;
1031 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1032 struct ipmi_system_interface_addr *smi_addr;
1034 if (msg->netfn & 1) {
1035 /* Responses are not allowed to the SMI. */
1040 smi_addr = (struct ipmi_system_interface_addr *) addr;
1041 if (smi_addr->lun > 3) {
1042 spin_lock_irqsave(&intf->counter_lock, flags);
1043 intf->sent_invalid_commands++;
1044 spin_unlock_irqrestore(&intf->counter_lock, flags);
1049 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1051 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1052 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1053 || (msg->cmd == IPMI_GET_MSG_CMD)
1054 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD)))
1056 /* We don't let the user do these, since we manage
1057 the sequence numbers. */
1058 spin_lock_irqsave(&intf->counter_lock, flags);
1059 intf->sent_invalid_commands++;
1060 spin_unlock_irqrestore(&intf->counter_lock, flags);
1065 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1066 spin_lock_irqsave(&intf->counter_lock, flags);
1067 intf->sent_invalid_commands++;
1068 spin_unlock_irqrestore(&intf->counter_lock, flags);
1073 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1074 smi_msg->data[1] = msg->cmd;
1075 smi_msg->msgid = msgid;
1076 smi_msg->user_data = recv_msg;
1077 if (msg->data_len > 0)
1078 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1079 smi_msg->data_size = msg->data_len + 2;
1080 spin_lock_irqsave(&intf->counter_lock, flags);
1081 intf->sent_local_commands++;
1082 spin_unlock_irqrestore(&intf->counter_lock, flags);
1083 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
1084 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1086 struct ipmi_ipmb_addr *ipmb_addr;
1087 unsigned char ipmb_seq;
1091 if (addr->channel >= IPMI_MAX_CHANNELS) {
1092 spin_lock_irqsave(&intf->counter_lock, flags);
1093 intf->sent_invalid_commands++;
1094 spin_unlock_irqrestore(&intf->counter_lock, flags);
1099 if (intf->channels[addr->channel].medium
1100 != IPMI_CHANNEL_MEDIUM_IPMB)
1102 spin_lock_irqsave(&intf->counter_lock, flags);
1103 intf->sent_invalid_commands++;
1104 spin_unlock_irqrestore(&intf->counter_lock, flags);
1110 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1111 retries = 0; /* Don't retry broadcasts. */
1115 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1116 /* Broadcasts add a zero at the beginning of the
1117 message, but otherwise is the same as an IPMB
1119 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1124 /* Default to 1 second retries. */
1125 if (retry_time_ms == 0)
1126 retry_time_ms = 1000;
1128 /* 9 for the header and 1 for the checksum, plus
1129 possibly one for the broadcast. */
1130 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1131 spin_lock_irqsave(&intf->counter_lock, flags);
1132 intf->sent_invalid_commands++;
1133 spin_unlock_irqrestore(&intf->counter_lock, flags);
1138 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1139 if (ipmb_addr->lun > 3) {
1140 spin_lock_irqsave(&intf->counter_lock, flags);
1141 intf->sent_invalid_commands++;
1142 spin_unlock_irqrestore(&intf->counter_lock, flags);
1147 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1149 if (recv_msg->msg.netfn & 0x1) {
1150 /* It's a response, so use the user's sequence
1152 spin_lock_irqsave(&intf->counter_lock, flags);
1153 intf->sent_ipmb_responses++;
1154 spin_unlock_irqrestore(&intf->counter_lock, flags);
1155 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1157 source_address, source_lun);
1159 /* Save the receive message so we can use it
1160 to deliver the response. */
1161 smi_msg->user_data = recv_msg;
1163 /* It's a command, so get a sequence for it. */
1165 spin_lock_irqsave(&(intf->seq_lock), flags);
1167 spin_lock(&intf->counter_lock);
1168 intf->sent_ipmb_commands++;
1169 spin_unlock(&intf->counter_lock);
1171 /* Create a sequence number with a 1 second
1172 timeout and 4 retries. */
1173 rv = intf_next_seq(intf,
1181 /* We have used up all the sequence numbers,
1182 probably, so abort. */
1183 spin_unlock_irqrestore(&(intf->seq_lock),
1188 /* Store the sequence number in the message,
1189 so that when the send message response
1190 comes back we can start the timer. */
1191 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1192 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1193 ipmb_seq, broadcast,
1194 source_address, source_lun);
1196 /* Copy the message into the recv message data, so we
1197 can retransmit it later if necessary. */
1198 memcpy(recv_msg->msg_data, smi_msg->data,
1199 smi_msg->data_size);
1200 recv_msg->msg.data = recv_msg->msg_data;
1201 recv_msg->msg.data_len = smi_msg->data_size;
1203 /* We don't unlock until here, because we need
1204 to copy the completed message into the
1205 recv_msg before we release the lock.
1206 Otherwise, race conditions may bite us. I
1207 know that's pretty paranoid, but I prefer
1209 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1211 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
1212 struct ipmi_lan_addr *lan_addr;
1213 unsigned char ipmb_seq;
1216 if (addr->channel > IPMI_NUM_CHANNELS) {
1217 spin_lock_irqsave(&intf->counter_lock, flags);
1218 intf->sent_invalid_commands++;
1219 spin_unlock_irqrestore(&intf->counter_lock, flags);
1224 if ((intf->channels[addr->channel].medium
1225 != IPMI_CHANNEL_MEDIUM_8023LAN)
1226 && (intf->channels[addr->channel].medium
1227 != IPMI_CHANNEL_MEDIUM_ASYNC))
1229 spin_lock_irqsave(&intf->counter_lock, flags);
1230 intf->sent_invalid_commands++;
1231 spin_unlock_irqrestore(&intf->counter_lock, flags);
1238 /* Default to 1 second retries. */
1239 if (retry_time_ms == 0)
1240 retry_time_ms = 1000;
1242 /* 11 for the header and 1 for the checksum. */
1243 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1244 spin_lock_irqsave(&intf->counter_lock, flags);
1245 intf->sent_invalid_commands++;
1246 spin_unlock_irqrestore(&intf->counter_lock, flags);
1251 lan_addr = (struct ipmi_lan_addr *) addr;
1252 if (lan_addr->lun > 3) {
1253 spin_lock_irqsave(&intf->counter_lock, flags);
1254 intf->sent_invalid_commands++;
1255 spin_unlock_irqrestore(&intf->counter_lock, flags);
1260 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1262 if (recv_msg->msg.netfn & 0x1) {
1263 /* It's a response, so use the user's sequence
1265 spin_lock_irqsave(&intf->counter_lock, flags);
1266 intf->sent_lan_responses++;
1267 spin_unlock_irqrestore(&intf->counter_lock, flags);
1268 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1271 /* Save the receive message so we can use it
1272 to deliver the response. */
1273 smi_msg->user_data = recv_msg;
1275 /* It's a command, so get a sequence for it. */
1277 spin_lock_irqsave(&(intf->seq_lock), flags);
1279 spin_lock(&intf->counter_lock);
1280 intf->sent_lan_commands++;
1281 spin_unlock(&intf->counter_lock);
1283 /* Create a sequence number with a 1 second
1284 timeout and 4 retries. */
1285 rv = intf_next_seq(intf,
1293 /* We have used up all the sequence numbers,
1294 probably, so abort. */
1295 spin_unlock_irqrestore(&(intf->seq_lock),
1300 /* Store the sequence number in the message,
1301 so that when the send message response
1302 comes back we can start the timer. */
1303 format_lan_msg(smi_msg, msg, lan_addr,
1304 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1305 ipmb_seq, source_lun);
1307 /* Copy the message into the recv message data, so we
1308 can retransmit it later if necessary. */
1309 memcpy(recv_msg->msg_data, smi_msg->data,
1310 smi_msg->data_size);
1311 recv_msg->msg.data = recv_msg->msg_data;
1312 recv_msg->msg.data_len = smi_msg->data_size;
1314 /* We don't unlock until here, because we need
1315 to copy the completed message into the
1316 recv_msg before we release the lock.
1317 Otherwise, race conditions may bite us. I
1318 know that's pretty paranoid, but I prefer
1320 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1323 /* Unknown address type. */
1324 spin_lock_irqsave(&intf->counter_lock, flags);
1325 intf->sent_invalid_commands++;
1326 spin_unlock_irqrestore(&intf->counter_lock, flags);
1334 for (m=0; m<smi_msg->data_size; m++)
1335 printk(" %2.2x", smi_msg->data[m]);
1339 intf->handlers->sender(intf->send_info, smi_msg, priority);
1344 ipmi_free_smi_msg(smi_msg);
1345 ipmi_free_recv_msg(recv_msg);
1349 int ipmi_request_settime(ipmi_user_t user,
1350 struct ipmi_addr *addr,
1352 struct kernel_ipmi_msg *msg,
1353 void *user_msg_data,
1356 unsigned int retry_time_ms)
1358 return i_ipmi_request(user,
1366 user->intf->my_address,
1372 int ipmi_request_supply_msgs(ipmi_user_t user,
1373 struct ipmi_addr *addr,
1375 struct kernel_ipmi_msg *msg,
1376 void *user_msg_data,
1378 struct ipmi_recv_msg *supplied_recv,
1381 return i_ipmi_request(user,
1390 user->intf->my_address,
1395 static int ipmb_file_read_proc(char *page, char **start, off_t off,
1396 int count, int *eof, void *data)
1398 char *out = (char *) page;
1399 ipmi_smi_t intf = data;
1401 return sprintf(out, "%x\n", intf->my_address);
1404 static int version_file_read_proc(char *page, char **start, off_t off,
1405 int count, int *eof, void *data)
1407 char *out = (char *) page;
1408 ipmi_smi_t intf = data;
1410 return sprintf(out, "%d.%d\n",
1411 intf->version_major, intf->version_minor);
1414 static int stat_file_read_proc(char *page, char **start, off_t off,
1415 int count, int *eof, void *data)
1417 char *out = (char *) page;
1418 ipmi_smi_t intf = data;
1420 out += sprintf(out, "sent_invalid_commands: %d\n",
1421 intf->sent_invalid_commands);
1422 out += sprintf(out, "sent_local_commands: %d\n",
1423 intf->sent_local_commands);
1424 out += sprintf(out, "handled_local_responses: %d\n",
1425 intf->handled_local_responses);
1426 out += sprintf(out, "unhandled_local_responses: %d\n",
1427 intf->unhandled_local_responses);
1428 out += sprintf(out, "sent_ipmb_commands: %d\n",
1429 intf->sent_ipmb_commands);
1430 out += sprintf(out, "sent_ipmb_command_errs: %d\n",
1431 intf->sent_ipmb_command_errs);
1432 out += sprintf(out, "retransmitted_ipmb_commands: %d\n",
1433 intf->retransmitted_ipmb_commands);
1434 out += sprintf(out, "timed_out_ipmb_commands: %d\n",
1435 intf->timed_out_ipmb_commands);
1436 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n",
1437 intf->timed_out_ipmb_broadcasts);
1438 out += sprintf(out, "sent_ipmb_responses: %d\n",
1439 intf->sent_ipmb_responses);
1440 out += sprintf(out, "handled_ipmb_responses: %d\n",
1441 intf->handled_ipmb_responses);
1442 out += sprintf(out, "invalid_ipmb_responses: %d\n",
1443 intf->invalid_ipmb_responses);
1444 out += sprintf(out, "unhandled_ipmb_responses: %d\n",
1445 intf->unhandled_ipmb_responses);
1446 out += sprintf(out, "sent_lan_commands: %d\n",
1447 intf->sent_lan_commands);
1448 out += sprintf(out, "sent_lan_command_errs: %d\n",
1449 intf->sent_lan_command_errs);
1450 out += sprintf(out, "retransmitted_lan_commands: %d\n",
1451 intf->retransmitted_lan_commands);
1452 out += sprintf(out, "timed_out_lan_commands: %d\n",
1453 intf->timed_out_lan_commands);
1454 out += sprintf(out, "sent_lan_responses: %d\n",
1455 intf->sent_lan_responses);
1456 out += sprintf(out, "handled_lan_responses: %d\n",
1457 intf->handled_lan_responses);
1458 out += sprintf(out, "invalid_lan_responses: %d\n",
1459 intf->invalid_lan_responses);
1460 out += sprintf(out, "unhandled_lan_responses: %d\n",
1461 intf->unhandled_lan_responses);
1462 out += sprintf(out, "handled_commands: %d\n",
1463 intf->handled_commands);
1464 out += sprintf(out, "invalid_commands: %d\n",
1465 intf->invalid_commands);
1466 out += sprintf(out, "unhandled_commands: %d\n",
1467 intf->unhandled_commands);
1468 out += sprintf(out, "invalid_events: %d\n",
1469 intf->invalid_events);
1470 out += sprintf(out, "events: %d\n",
1473 return (out - ((char *) page));
1476 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1477 read_proc_t *read_proc, write_proc_t *write_proc,
1478 void *data, struct module *owner)
1481 #ifdef CONFIG_PROC_FS
1482 struct proc_dir_entry *file;
1483 struct ipmi_proc_entry *entry;
1485 /* Create a list element. */
1486 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
1489 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
1494 strcpy(entry->name, name);
1496 file = create_proc_entry(name, 0, smi->proc_dir);
1504 file->read_proc = read_proc;
1505 file->write_proc = write_proc;
1506 file->owner = owner;
1508 spin_lock(&smi->proc_entry_lock);
1509 /* Stick it on the list. */
1510 entry->next = smi->proc_entries;
1511 smi->proc_entries = entry;
1512 spin_unlock(&smi->proc_entry_lock);
1514 #endif /* CONFIG_PROC_FS */
1519 static int add_proc_entries(ipmi_smi_t smi, int num)
1523 #ifdef CONFIG_PROC_FS
1524 sprintf(smi->proc_dir_name, "%d", num);
1525 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
1529 smi->proc_dir->owner = THIS_MODULE;
1533 rv = ipmi_smi_add_proc_entry(smi, "stats",
1534 stat_file_read_proc, NULL,
1538 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
1539 ipmb_file_read_proc, NULL,
1543 rv = ipmi_smi_add_proc_entry(smi, "version",
1544 version_file_read_proc, NULL,
1546 #endif /* CONFIG_PROC_FS */
1551 static void remove_proc_entries(ipmi_smi_t smi)
1553 #ifdef CONFIG_PROC_FS
1554 struct ipmi_proc_entry *entry;
1556 spin_lock(&smi->proc_entry_lock);
1557 while (smi->proc_entries) {
1558 entry = smi->proc_entries;
1559 smi->proc_entries = entry->next;
1561 remove_proc_entry(entry->name, smi->proc_dir);
1565 spin_unlock(&smi->proc_entry_lock);
1566 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
1567 #endif /* CONFIG_PROC_FS */
1571 send_channel_info_cmd(ipmi_smi_t intf, int chan)
1573 struct kernel_ipmi_msg msg;
1574 unsigned char data[1];
1575 struct ipmi_system_interface_addr si;
1577 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
1578 si.channel = IPMI_BMC_CHANNEL;
1581 msg.netfn = IPMI_NETFN_APP_REQUEST;
1582 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
1586 return i_ipmi_request(NULL,
1588 (struct ipmi_addr *) &si,
1601 channel_handler(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
1606 if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2))
1607 && (msg->rsp[1] == IPMI_GET_CHANNEL_INFO_CMD))
1609 /* It's the one we want */
1610 if (msg->rsp[2] != 0) {
1611 /* Got an error from the channel, just go on. */
1613 if (msg->rsp[2] == IPMI_INVALID_COMMAND_ERR) {
1614 /* If the MC does not support this
1615 command, that is legal. We just
1616 assume it has one IPMB at channel
1618 intf->channels[0].medium
1619 = IPMI_CHANNEL_MEDIUM_IPMB;
1620 intf->channels[0].protocol
1621 = IPMI_CHANNEL_PROTOCOL_IPMB;
1624 intf->curr_channel = IPMI_MAX_CHANNELS;
1625 wake_up(&intf->waitq);
1630 if (msg->rsp_size < 6) {
1631 /* Message not big enough, just go on. */
1634 chan = intf->curr_channel;
1635 intf->channels[chan].medium = msg->rsp[4] & 0x7f;
1636 intf->channels[chan].protocol = msg->rsp[5] & 0x1f;
1639 intf->curr_channel++;
1640 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
1641 wake_up(&intf->waitq);
1643 rv = send_channel_info_cmd(intf, intf->curr_channel);
1646 /* Got an error somehow, just give up. */
1647 intf->curr_channel = IPMI_MAX_CHANNELS;
1648 wake_up(&intf->waitq);
1650 printk(KERN_WARNING PFX
1651 "Error sending channel information: %d\n",
1659 int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
1661 unsigned char version_major,
1662 unsigned char version_minor,
1663 unsigned char slave_addr,
1668 ipmi_smi_t new_intf;
1669 unsigned long flags;
1672 /* Make sure the driver is actually initialized, this handles
1673 problems with initialization order. */
1675 rv = ipmi_init_msghandler();
1678 /* The init code doesn't return an error if it was turned
1679 off, but it won't initialize. Check that. */
1684 new_intf = kmalloc(sizeof(*new_intf), GFP_KERNEL);
1687 memset(new_intf, 0, sizeof(*new_intf));
1689 new_intf->proc_dir = NULL;
1693 down_write(&interfaces_sem);
1694 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
1695 if (ipmi_interfaces[i] == NULL) {
1696 new_intf->intf_num = i;
1697 new_intf->version_major = version_major;
1698 new_intf->version_minor = version_minor;
1699 if (slave_addr == 0)
1700 new_intf->my_address = IPMI_BMC_SLAVE_ADDR;
1702 new_intf->my_address = slave_addr;
1703 new_intf->my_lun = 2; /* the SMS LUN. */
1704 rwlock_init(&(new_intf->users_lock));
1705 INIT_LIST_HEAD(&(new_intf->users));
1706 new_intf->handlers = handlers;
1707 new_intf->send_info = send_info;
1708 spin_lock_init(&(new_intf->seq_lock));
1709 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) {
1710 new_intf->seq_table[j].inuse = 0;
1711 new_intf->seq_table[j].seqid = 0;
1713 new_intf->curr_seq = 0;
1714 #ifdef CONFIG_PROC_FS
1715 spin_lock_init(&(new_intf->proc_entry_lock));
1717 spin_lock_init(&(new_intf->waiting_msgs_lock));
1718 INIT_LIST_HEAD(&(new_intf->waiting_msgs));
1719 spin_lock_init(&(new_intf->events_lock));
1720 INIT_LIST_HEAD(&(new_intf->waiting_events));
1721 new_intf->waiting_events_count = 0;
1722 rwlock_init(&(new_intf->cmd_rcvr_lock));
1723 init_waitqueue_head(&new_intf->waitq);
1724 INIT_LIST_HEAD(&(new_intf->cmd_rcvrs));
1725 new_intf->all_cmd_rcvr = NULL;
1727 spin_lock_init(&(new_intf->counter_lock));
1729 spin_lock_irqsave(&interfaces_lock, flags);
1730 ipmi_interfaces[i] = new_intf;
1731 spin_unlock_irqrestore(&interfaces_lock, flags);
1739 downgrade_write(&interfaces_sem);
1742 rv = add_proc_entries(*intf, i);
1745 if ((version_major > 1)
1746 || ((version_major == 1) && (version_minor >= 5)))
1748 /* Start scanning the channels to see what is
1750 (*intf)->null_user_handler = channel_handler;
1751 (*intf)->curr_channel = 0;
1752 rv = send_channel_info_cmd(*intf, 0);
1756 /* Wait for the channel info to be read. */
1757 up_read(&interfaces_sem);
1758 wait_event((*intf)->waitq,
1759 ((*intf)->curr_channel>=IPMI_MAX_CHANNELS));
1760 down_read(&interfaces_sem);
1762 if (ipmi_interfaces[i] != new_intf)
1763 /* Well, it went away. Just return. */
1766 /* Assume a single IPMB channel at zero. */
1767 (*intf)->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
1768 (*intf)->channels[0].protocol
1769 = IPMI_CHANNEL_PROTOCOL_IPMB;
1772 /* Call all the watcher interfaces to tell
1773 them that a new interface is available. */
1774 call_smi_watchers(i);
1778 up_read(&interfaces_sem);
1781 if (new_intf->proc_dir)
1782 remove_proc_entries(new_intf);
1789 static void free_recv_msg_list(struct list_head *q)
1791 struct ipmi_recv_msg *msg, *msg2;
1793 list_for_each_entry_safe(msg, msg2, q, link) {
1794 list_del(&msg->link);
1795 ipmi_free_recv_msg(msg);
1799 static void free_cmd_rcvr_list(struct list_head *q)
1801 struct cmd_rcvr *rcvr, *rcvr2;
1803 list_for_each_entry_safe(rcvr, rcvr2, q, link) {
1804 list_del(&rcvr->link);
1809 static void clean_up_interface_data(ipmi_smi_t intf)
1813 free_recv_msg_list(&(intf->waiting_msgs));
1814 free_recv_msg_list(&(intf->waiting_events));
1815 free_cmd_rcvr_list(&(intf->cmd_rcvrs));
1817 for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) {
1818 if ((intf->seq_table[i].inuse)
1819 && (intf->seq_table[i].recv_msg))
1821 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1826 int ipmi_unregister_smi(ipmi_smi_t intf)
1830 struct ipmi_smi_watcher *w;
1831 unsigned long flags;
1833 down_write(&interfaces_sem);
1834 if (list_empty(&(intf->users)))
1836 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
1837 if (ipmi_interfaces[i] == intf) {
1838 remove_proc_entries(intf);
1839 spin_lock_irqsave(&interfaces_lock, flags);
1840 ipmi_interfaces[i] = NULL;
1841 clean_up_interface_data(intf);
1842 spin_unlock_irqrestore(&interfaces_lock,flags);
1845 goto out_call_watcher;
1851 up_write(&interfaces_sem);
1856 downgrade_write(&interfaces_sem);
1858 /* Call all the watcher interfaces to tell them that
1859 an interface is gone. */
1860 down_read(&smi_watchers_sem);
1861 list_for_each_entry(w, &smi_watchers, link) {
1864 up_read(&smi_watchers_sem);
1865 up_read(&interfaces_sem);
1869 static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
1870 struct ipmi_smi_msg *msg)
1872 struct ipmi_ipmb_addr ipmb_addr;
1873 struct ipmi_recv_msg *recv_msg;
1874 unsigned long flags;
1877 /* This is 11, not 10, because the response must contain a
1878 * completion code. */
1879 if (msg->rsp_size < 11) {
1880 /* Message not big enough, just ignore it. */
1881 spin_lock_irqsave(&intf->counter_lock, flags);
1882 intf->invalid_ipmb_responses++;
1883 spin_unlock_irqrestore(&intf->counter_lock, flags);
1887 if (msg->rsp[2] != 0) {
1888 /* An error getting the response, just ignore it. */
1892 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
1893 ipmb_addr.slave_addr = msg->rsp[6];
1894 ipmb_addr.channel = msg->rsp[3] & 0x0f;
1895 ipmb_addr.lun = msg->rsp[7] & 3;
1897 /* It's a response from a remote entity. Look up the sequence
1898 number and handle the response. */
1899 if (intf_find_seq(intf,
1903 (msg->rsp[4] >> 2) & (~1),
1904 (struct ipmi_addr *) &(ipmb_addr),
1907 /* We were unable to find the sequence number,
1908 so just nuke the message. */
1909 spin_lock_irqsave(&intf->counter_lock, flags);
1910 intf->unhandled_ipmb_responses++;
1911 spin_unlock_irqrestore(&intf->counter_lock, flags);
1915 memcpy(recv_msg->msg_data,
1918 /* THe other fields matched, so no need to set them, except
1919 for netfn, which needs to be the response that was
1920 returned, not the request value. */
1921 recv_msg->msg.netfn = msg->rsp[4] >> 2;
1922 recv_msg->msg.data = recv_msg->msg_data;
1923 recv_msg->msg.data_len = msg->rsp_size - 10;
1924 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
1925 spin_lock_irqsave(&intf->counter_lock, flags);
1926 intf->handled_ipmb_responses++;
1927 spin_unlock_irqrestore(&intf->counter_lock, flags);
1928 deliver_response(recv_msg);
1933 static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
1934 struct ipmi_smi_msg *msg)
1936 struct cmd_rcvr *rcvr;
1938 unsigned char netfn;
1940 ipmi_user_t user = NULL;
1941 struct ipmi_ipmb_addr *ipmb_addr;
1942 struct ipmi_recv_msg *recv_msg;
1943 unsigned long flags;
1945 if (msg->rsp_size < 10) {
1946 /* Message not big enough, just ignore it. */
1947 spin_lock_irqsave(&intf->counter_lock, flags);
1948 intf->invalid_commands++;
1949 spin_unlock_irqrestore(&intf->counter_lock, flags);
1953 if (msg->rsp[2] != 0) {
1954 /* An error getting the response, just ignore it. */
1958 netfn = msg->rsp[4] >> 2;
1961 read_lock(&(intf->cmd_rcvr_lock));
1963 if (intf->all_cmd_rcvr) {
1964 user = intf->all_cmd_rcvr;
1966 /* Find the command/netfn. */
1967 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) {
1968 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
1974 read_unlock(&(intf->cmd_rcvr_lock));
1977 /* We didn't find a user, deliver an error response. */
1978 spin_lock_irqsave(&intf->counter_lock, flags);
1979 intf->unhandled_commands++;
1980 spin_unlock_irqrestore(&intf->counter_lock, flags);
1982 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1983 msg->data[1] = IPMI_SEND_MSG_CMD;
1984 msg->data[2] = msg->rsp[3];
1985 msg->data[3] = msg->rsp[6];
1986 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
1987 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
1988 msg->data[6] = intf->my_address;
1990 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
1991 msg->data[8] = msg->rsp[8]; /* cmd */
1992 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
1993 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
1994 msg->data_size = 11;
1999 printk("Invalid command:");
2000 for (m=0; m<msg->data_size; m++)
2001 printk(" %2.2x", msg->data[m]);
2005 intf->handlers->sender(intf->send_info, msg, 0);
2007 rv = -1; /* We used the message, so return the value that
2008 causes it to not be freed or queued. */
2010 /* Deliver the message to the user. */
2011 spin_lock_irqsave(&intf->counter_lock, flags);
2012 intf->handled_commands++;
2013 spin_unlock_irqrestore(&intf->counter_lock, flags);
2015 recv_msg = ipmi_alloc_recv_msg();
2017 /* We couldn't allocate memory for the
2018 message, so requeue it for handling
2022 /* Extract the source address from the data. */
2023 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
2024 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
2025 ipmb_addr->slave_addr = msg->rsp[6];
2026 ipmb_addr->lun = msg->rsp[7] & 3;
2027 ipmb_addr->channel = msg->rsp[3] & 0xf;
2029 /* Extract the rest of the message information
2030 from the IPMB header.*/
2031 recv_msg->user = user;
2032 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2033 recv_msg->msgid = msg->rsp[7] >> 2;
2034 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2035 recv_msg->msg.cmd = msg->rsp[8];
2036 recv_msg->msg.data = recv_msg->msg_data;
2038 /* We chop off 10, not 9 bytes because the checksum
2039 at the end also needs to be removed. */
2040 recv_msg->msg.data_len = msg->rsp_size - 10;
2041 memcpy(recv_msg->msg_data,
2043 msg->rsp_size - 10);
2044 deliver_response(recv_msg);
2051 static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
2052 struct ipmi_smi_msg *msg)
2054 struct ipmi_lan_addr lan_addr;
2055 struct ipmi_recv_msg *recv_msg;
2056 unsigned long flags;
2059 /* This is 13, not 12, because the response must contain a
2060 * completion code. */
2061 if (msg->rsp_size < 13) {
2062 /* Message not big enough, just ignore it. */
2063 spin_lock_irqsave(&intf->counter_lock, flags);
2064 intf->invalid_lan_responses++;
2065 spin_unlock_irqrestore(&intf->counter_lock, flags);
2069 if (msg->rsp[2] != 0) {
2070 /* An error getting the response, just ignore it. */
2074 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
2075 lan_addr.session_handle = msg->rsp[4];
2076 lan_addr.remote_SWID = msg->rsp[8];
2077 lan_addr.local_SWID = msg->rsp[5];
2078 lan_addr.channel = msg->rsp[3] & 0x0f;
2079 lan_addr.privilege = msg->rsp[3] >> 4;
2080 lan_addr.lun = msg->rsp[9] & 3;
2082 /* It's a response from a remote entity. Look up the sequence
2083 number and handle the response. */
2084 if (intf_find_seq(intf,
2088 (msg->rsp[6] >> 2) & (~1),
2089 (struct ipmi_addr *) &(lan_addr),
2092 /* We were unable to find the sequence number,
2093 so just nuke the message. */
2094 spin_lock_irqsave(&intf->counter_lock, flags);
2095 intf->unhandled_lan_responses++;
2096 spin_unlock_irqrestore(&intf->counter_lock, flags);
2100 memcpy(recv_msg->msg_data,
2102 msg->rsp_size - 11);
2103 /* The other fields matched, so no need to set them, except
2104 for netfn, which needs to be the response that was
2105 returned, not the request value. */
2106 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2107 recv_msg->msg.data = recv_msg->msg_data;
2108 recv_msg->msg.data_len = msg->rsp_size - 12;
2109 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2110 spin_lock_irqsave(&intf->counter_lock, flags);
2111 intf->handled_lan_responses++;
2112 spin_unlock_irqrestore(&intf->counter_lock, flags);
2113 deliver_response(recv_msg);
2118 static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
2119 struct ipmi_smi_msg *msg)
2121 struct cmd_rcvr *rcvr;
2123 unsigned char netfn;
2125 ipmi_user_t user = NULL;
2126 struct ipmi_lan_addr *lan_addr;
2127 struct ipmi_recv_msg *recv_msg;
2128 unsigned long flags;
2130 if (msg->rsp_size < 12) {
2131 /* Message not big enough, just ignore it. */
2132 spin_lock_irqsave(&intf->counter_lock, flags);
2133 intf->invalid_commands++;
2134 spin_unlock_irqrestore(&intf->counter_lock, flags);
2138 if (msg->rsp[2] != 0) {
2139 /* An error getting the response, just ignore it. */
2143 netfn = msg->rsp[6] >> 2;
2146 read_lock(&(intf->cmd_rcvr_lock));
2148 if (intf->all_cmd_rcvr) {
2149 user = intf->all_cmd_rcvr;
2151 /* Find the command/netfn. */
2152 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) {
2153 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
2159 read_unlock(&(intf->cmd_rcvr_lock));
2162 /* We didn't find a user, deliver an error response. */
2163 spin_lock_irqsave(&intf->counter_lock, flags);
2164 intf->unhandled_commands++;
2165 spin_unlock_irqrestore(&intf->counter_lock, flags);
2167 rv = 0; /* Don't do anything with these messages, just
2168 allow them to be freed. */
2170 /* Deliver the message to the user. */
2171 spin_lock_irqsave(&intf->counter_lock, flags);
2172 intf->handled_commands++;
2173 spin_unlock_irqrestore(&intf->counter_lock, flags);
2175 recv_msg = ipmi_alloc_recv_msg();
2177 /* We couldn't allocate memory for the
2178 message, so requeue it for handling
2182 /* Extract the source address from the data. */
2183 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
2184 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
2185 lan_addr->session_handle = msg->rsp[4];
2186 lan_addr->remote_SWID = msg->rsp[8];
2187 lan_addr->local_SWID = msg->rsp[5];
2188 lan_addr->lun = msg->rsp[9] & 3;
2189 lan_addr->channel = msg->rsp[3] & 0xf;
2190 lan_addr->privilege = msg->rsp[3] >> 4;
2192 /* Extract the rest of the message information
2193 from the IPMB header.*/
2194 recv_msg->user = user;
2195 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2196 recv_msg->msgid = msg->rsp[9] >> 2;
2197 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2198 recv_msg->msg.cmd = msg->rsp[10];
2199 recv_msg->msg.data = recv_msg->msg_data;
2201 /* We chop off 12, not 11 bytes because the checksum
2202 at the end also needs to be removed. */
2203 recv_msg->msg.data_len = msg->rsp_size - 12;
2204 memcpy(recv_msg->msg_data,
2206 msg->rsp_size - 12);
2207 deliver_response(recv_msg);
2214 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
2215 struct ipmi_smi_msg *msg)
2217 struct ipmi_system_interface_addr *smi_addr;
2219 recv_msg->msgid = 0;
2220 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
2221 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2222 smi_addr->channel = IPMI_BMC_CHANNEL;
2223 smi_addr->lun = msg->rsp[0] & 3;
2224 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
2225 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2226 recv_msg->msg.cmd = msg->rsp[1];
2227 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
2228 recv_msg->msg.data = recv_msg->msg_data;
2229 recv_msg->msg.data_len = msg->rsp_size - 3;
2232 /* This will be called with the intf->users_lock read-locked, so no need
2234 static int handle_read_event_rsp(ipmi_smi_t intf,
2235 struct ipmi_smi_msg *msg)
2237 struct ipmi_recv_msg *recv_msg, *recv_msg2;
2238 struct list_head msgs;
2241 int deliver_count = 0;
2242 unsigned long flags;
2244 if (msg->rsp_size < 19) {
2245 /* Message is too small to be an IPMB event. */
2246 spin_lock_irqsave(&intf->counter_lock, flags);
2247 intf->invalid_events++;
2248 spin_unlock_irqrestore(&intf->counter_lock, flags);
2252 if (msg->rsp[2] != 0) {
2253 /* An error getting the event, just ignore it. */
2257 INIT_LIST_HEAD(&msgs);
2259 spin_lock_irqsave(&(intf->events_lock), flags);
2261 spin_lock(&intf->counter_lock);
2263 spin_unlock(&intf->counter_lock);
2265 /* Allocate and fill in one message for every user that is getting
2267 list_for_each_entry(user, &(intf->users), link) {
2268 if (! user->gets_events)
2271 recv_msg = ipmi_alloc_recv_msg();
2273 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2274 list_del(&recv_msg->link);
2275 ipmi_free_recv_msg(recv_msg);
2277 /* We couldn't allocate memory for the
2278 message, so requeue it for handling
2286 copy_event_into_recv_msg(recv_msg, msg);
2287 recv_msg->user = user;
2288 list_add_tail(&(recv_msg->link), &msgs);
2291 if (deliver_count) {
2292 /* Now deliver all the messages. */
2293 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2294 list_del(&recv_msg->link);
2295 deliver_response(recv_msg);
2297 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
2298 /* No one to receive the message, put it in queue if there's
2299 not already too many things in the queue. */
2300 recv_msg = ipmi_alloc_recv_msg();
2302 /* We couldn't allocate memory for the
2303 message, so requeue it for handling
2309 copy_event_into_recv_msg(recv_msg, msg);
2310 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
2312 /* There's too many things in the queue, discard this
2314 printk(KERN_WARNING PFX "Event queue full, discarding an"
2315 " incoming event\n");
2319 spin_unlock_irqrestore(&(intf->events_lock), flags);
2324 static int handle_bmc_rsp(ipmi_smi_t intf,
2325 struct ipmi_smi_msg *msg)
2327 struct ipmi_recv_msg *recv_msg;
2329 struct ipmi_user *user;
2330 unsigned long flags;
2332 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
2334 /* Make sure the user still exists. */
2335 list_for_each_entry(user, &(intf->users), link) {
2336 if (user == recv_msg->user) {
2337 /* Found it, so we can deliver it */
2344 /* Special handling for NULL users. */
2345 if (!recv_msg->user && intf->null_user_handler){
2346 intf->null_user_handler(intf, msg);
2347 spin_lock_irqsave(&intf->counter_lock, flags);
2348 intf->handled_local_responses++;
2349 spin_unlock_irqrestore(&intf->counter_lock, flags);
2351 /* The user for the message went away, so give up. */
2352 spin_lock_irqsave(&intf->counter_lock, flags);
2353 intf->unhandled_local_responses++;
2354 spin_unlock_irqrestore(&intf->counter_lock, flags);
2356 ipmi_free_recv_msg(recv_msg);
2358 struct ipmi_system_interface_addr *smi_addr;
2360 spin_lock_irqsave(&intf->counter_lock, flags);
2361 intf->handled_local_responses++;
2362 spin_unlock_irqrestore(&intf->counter_lock, flags);
2363 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2364 recv_msg->msgid = msg->msgid;
2365 smi_addr = ((struct ipmi_system_interface_addr *)
2367 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2368 smi_addr->channel = IPMI_BMC_CHANNEL;
2369 smi_addr->lun = msg->rsp[0] & 3;
2370 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2371 recv_msg->msg.cmd = msg->rsp[1];
2372 memcpy(recv_msg->msg_data,
2375 recv_msg->msg.data = recv_msg->msg_data;
2376 recv_msg->msg.data_len = msg->rsp_size - 2;
2377 deliver_response(recv_msg);
2383 /* Handle a new message. Return 1 if the message should be requeued,
2384 0 if the message should be freed, or -1 if the message should not
2385 be freed or requeued. */
2386 static int handle_new_recv_msg(ipmi_smi_t intf,
2387 struct ipmi_smi_msg *msg)
2395 for (m=0; m<msg->rsp_size; m++)
2396 printk(" %2.2x", msg->rsp[m]);
2399 if (msg->rsp_size < 2) {
2400 /* Message is too small to be correct. */
2401 printk(KERN_WARNING PFX "BMC returned to small a message"
2402 " for netfn %x cmd %x, got %d bytes\n",
2403 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
2405 /* Generate an error response for the message. */
2406 msg->rsp[0] = msg->data[0] | (1 << 2);
2407 msg->rsp[1] = msg->data[1];
2408 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2410 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */
2411 || (msg->rsp[1] != msg->data[1])) /* Command */
2413 /* The response is not even marginally correct. */
2414 printk(KERN_WARNING PFX "BMC returned incorrect response,"
2415 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
2416 (msg->data[0] >> 2) | 1, msg->data[1],
2417 msg->rsp[0] >> 2, msg->rsp[1]);
2419 /* Generate an error response for the message. */
2420 msg->rsp[0] = msg->data[0] | (1 << 2);
2421 msg->rsp[1] = msg->data[1];
2422 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2426 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2427 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
2428 && (msg->user_data != NULL))
2430 /* It's a response to a response we sent. For this we
2431 deliver a send message response to the user. */
2432 struct ipmi_recv_msg *recv_msg = msg->user_data;
2435 if (msg->rsp_size < 2)
2436 /* Message is too small to be correct. */
2439 chan = msg->data[2] & 0x0f;
2440 if (chan >= IPMI_MAX_CHANNELS)
2441 /* Invalid channel number */
2445 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
2446 recv_msg->msg.data = recv_msg->msg_data;
2447 recv_msg->msg.data_len = 1;
2448 recv_msg->msg_data[0] = msg->rsp[2];
2449 deliver_response(recv_msg);
2451 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2452 && (msg->rsp[1] == IPMI_GET_MSG_CMD))
2454 /* It's from the receive queue. */
2455 chan = msg->rsp[3] & 0xf;
2456 if (chan >= IPMI_MAX_CHANNELS) {
2457 /* Invalid channel number */
2462 switch (intf->channels[chan].medium) {
2463 case IPMI_CHANNEL_MEDIUM_IPMB:
2464 if (msg->rsp[4] & 0x04) {
2465 /* It's a response, so find the
2466 requesting message and send it up. */
2467 requeue = handle_ipmb_get_msg_rsp(intf, msg);
2469 /* It's a command to the SMS from some other
2470 entity. Handle that. */
2471 requeue = handle_ipmb_get_msg_cmd(intf, msg);
2475 case IPMI_CHANNEL_MEDIUM_8023LAN:
2476 case IPMI_CHANNEL_MEDIUM_ASYNC:
2477 if (msg->rsp[6] & 0x04) {
2478 /* It's a response, so find the
2479 requesting message and send it up. */
2480 requeue = handle_lan_get_msg_rsp(intf, msg);
2482 /* It's a command to the SMS from some other
2483 entity. Handle that. */
2484 requeue = handle_lan_get_msg_cmd(intf, msg);
2489 /* We don't handle the channel type, so just
2490 * free the message. */
2494 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2495 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD))
2497 /* It's an asyncronous event. */
2498 requeue = handle_read_event_rsp(intf, msg);
2500 /* It's a response from the local BMC. */
2501 requeue = handle_bmc_rsp(intf, msg);
2508 /* Handle a new message from the lower layer. */
2509 void ipmi_smi_msg_received(ipmi_smi_t intf,
2510 struct ipmi_smi_msg *msg)
2512 unsigned long flags;
2516 /* Lock the user lock so the user can't go away while we are
2518 read_lock(&(intf->users_lock));
2520 if ((msg->data_size >= 2)
2521 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
2522 && (msg->data[1] == IPMI_SEND_MSG_CMD)
2523 && (msg->user_data == NULL)) {
2524 /* This is the local response to a command send, start
2525 the timer for these. The user_data will not be
2526 NULL if this is a response send, and we will let
2527 response sends just go through. */
2529 /* Check for errors, if we get certain errors (ones
2530 that mean basically we can try again later), we
2531 ignore them and start the timer. Otherwise we
2532 report the error immediately. */
2533 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
2534 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
2535 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR))
2537 int chan = msg->rsp[3] & 0xf;
2539 /* Got an error sending the message, handle it. */
2540 spin_lock_irqsave(&intf->counter_lock, flags);
2541 if (chan >= IPMI_MAX_CHANNELS)
2542 ; /* This shouldn't happen */
2543 else if ((intf->channels[chan].medium
2544 == IPMI_CHANNEL_MEDIUM_8023LAN)
2545 || (intf->channels[chan].medium
2546 == IPMI_CHANNEL_MEDIUM_ASYNC))
2547 intf->sent_lan_command_errs++;
2549 intf->sent_ipmb_command_errs++;
2550 spin_unlock_irqrestore(&intf->counter_lock, flags);
2551 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
2553 /* The message was sent, start the timer. */
2554 intf_start_seq_timer(intf, msg->msgid);
2557 ipmi_free_smi_msg(msg);
2561 /* To preserve message order, if the list is not empty, we
2562 tack this message onto the end of the list. */
2563 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags);
2564 if (!list_empty(&(intf->waiting_msgs))) {
2565 list_add_tail(&(msg->link), &(intf->waiting_msgs));
2566 spin_unlock(&(intf->waiting_msgs_lock));
2569 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags);
2571 rv = handle_new_recv_msg(intf, msg);
2573 /* Could not handle the message now, just add it to a
2574 list to handle later. */
2575 spin_lock(&(intf->waiting_msgs_lock));
2576 list_add_tail(&(msg->link), &(intf->waiting_msgs));
2577 spin_unlock(&(intf->waiting_msgs_lock));
2578 } else if (rv == 0) {
2579 ipmi_free_smi_msg(msg);
2583 read_unlock(&(intf->users_lock));
2586 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
2590 read_lock(&(intf->users_lock));
2591 list_for_each_entry(user, &(intf->users), link) {
2592 if (! user->handler->ipmi_watchdog_pretimeout)
2595 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
2597 read_unlock(&(intf->users_lock));
2601 handle_msg_timeout(struct ipmi_recv_msg *msg)
2603 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2604 msg->msg_data[0] = IPMI_TIMEOUT_COMPLETION_CODE;
2605 msg->msg.netfn |= 1; /* Convert to a response. */
2606 msg->msg.data_len = 1;
2607 msg->msg.data = msg->msg_data;
2608 deliver_response(msg);
2611 static struct ipmi_smi_msg *
2612 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
2613 unsigned char seq, long seqid)
2615 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
2617 /* If we can't allocate the message, then just return, we
2618 get 4 retries, so this should be ok. */
2621 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
2622 smi_msg->data_size = recv_msg->msg.data_len;
2623 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
2629 for (m=0; m<smi_msg->data_size; m++)
2630 printk(" %2.2x", smi_msg->data[m]);
2638 ipmi_timeout_handler(long timeout_period)
2641 struct list_head timeouts;
2642 struct ipmi_recv_msg *msg, *msg2;
2643 struct ipmi_smi_msg *smi_msg, *smi_msg2;
2644 unsigned long flags;
2647 INIT_LIST_HEAD(&timeouts);
2649 spin_lock(&interfaces_lock);
2650 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2651 intf = ipmi_interfaces[i];
2655 read_lock(&(intf->users_lock));
2657 /* See if any waiting messages need to be processed. */
2658 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags);
2659 list_for_each_entry_safe(smi_msg, smi_msg2, &(intf->waiting_msgs), link) {
2660 if (! handle_new_recv_msg(intf, smi_msg)) {
2661 list_del(&smi_msg->link);
2662 ipmi_free_smi_msg(smi_msg);
2664 /* To preserve message order, quit if we
2665 can't handle a message. */
2669 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags);
2671 /* Go through the seq table and find any messages that
2672 have timed out, putting them in the timeouts
2674 spin_lock_irqsave(&(intf->seq_lock), flags);
2675 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) {
2676 struct seq_table *ent = &(intf->seq_table[j]);
2680 ent->timeout -= timeout_period;
2681 if (ent->timeout > 0)
2684 if (ent->retries_left == 0) {
2685 /* The message has used all its retries. */
2687 msg = ent->recv_msg;
2688 list_add_tail(&(msg->link), &timeouts);
2689 spin_lock(&intf->counter_lock);
2691 intf->timed_out_ipmb_broadcasts++;
2692 else if (ent->recv_msg->addr.addr_type
2693 == IPMI_LAN_ADDR_TYPE)
2694 intf->timed_out_lan_commands++;
2696 intf->timed_out_ipmb_commands++;
2697 spin_unlock(&intf->counter_lock);
2699 struct ipmi_smi_msg *smi_msg;
2700 /* More retries, send again. */
2702 /* Start with the max timer, set to normal
2703 timer after the message is sent. */
2704 ent->timeout = MAX_MSG_TIMEOUT;
2705 ent->retries_left--;
2706 spin_lock(&intf->counter_lock);
2707 if (ent->recv_msg->addr.addr_type
2708 == IPMI_LAN_ADDR_TYPE)
2709 intf->retransmitted_lan_commands++;
2711 intf->retransmitted_ipmb_commands++;
2712 spin_unlock(&intf->counter_lock);
2713 smi_msg = smi_from_recv_msg(intf,
2714 ent->recv_msg, j, ent->seqid);
2718 spin_unlock_irqrestore(&(intf->seq_lock),flags);
2719 /* Send the new message. We send with a zero
2720 * priority. It timed out, I doubt time is
2721 * that critical now, and high priority
2722 * messages are really only for messages to the
2723 * local MC, which don't get resent. */
2724 intf->handlers->sender(intf->send_info,
2726 spin_lock_irqsave(&(intf->seq_lock), flags);
2729 spin_unlock_irqrestore(&(intf->seq_lock), flags);
2731 list_for_each_entry_safe(msg, msg2, &timeouts, link) {
2732 handle_msg_timeout(msg);
2735 read_unlock(&(intf->users_lock));
2737 spin_unlock(&interfaces_lock);
2740 static void ipmi_request_event(void)
2745 spin_lock(&interfaces_lock);
2746 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2747 intf = ipmi_interfaces[i];
2751 intf->handlers->request_events(intf->send_info);
2753 spin_unlock(&interfaces_lock);
2756 static struct timer_list ipmi_timer;
2758 /* Call every ~100 ms. */
2759 #define IPMI_TIMEOUT_TIME 100
2761 /* How many jiffies does it take to get to the timeout time. */
2762 #define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
2764 /* Request events from the queue every second (this is the number of
2765 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
2766 future, IPMI will add a way to know immediately if an event is in
2767 the queue and this silliness can go away. */
2768 #define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
2770 static atomic_t stop_operation;
2771 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2773 static void ipmi_timeout(unsigned long data)
2775 if (atomic_read(&stop_operation))
2779 if (ticks_to_req_ev == 0) {
2780 ipmi_request_event();
2781 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2784 ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
2786 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
2790 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
2791 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
2793 /* FIXME - convert these to slabs. */
2794 static void free_smi_msg(struct ipmi_smi_msg *msg)
2796 atomic_dec(&smi_msg_inuse_count);
2800 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
2802 struct ipmi_smi_msg *rv;
2803 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
2805 rv->done = free_smi_msg;
2806 rv->user_data = NULL;
2807 atomic_inc(&smi_msg_inuse_count);
2812 static void free_recv_msg(struct ipmi_recv_msg *msg)
2814 atomic_dec(&recv_msg_inuse_count);
2818 struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
2820 struct ipmi_recv_msg *rv;
2822 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
2824 rv->done = free_recv_msg;
2825 atomic_inc(&recv_msg_inuse_count);
2830 #ifdef CONFIG_IPMI_PANIC_EVENT
2832 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
2836 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
2840 #ifdef CONFIG_IPMI_PANIC_STRING
2841 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
2843 if ((msg->rsp[0] == (IPMI_NETFN_SENSOR_EVENT_RESPONSE << 2))
2844 && (msg->rsp[1] == IPMI_GET_EVENT_RECEIVER_CMD)
2845 && (msg->rsp[2] == IPMI_CC_NO_ERROR))
2847 /* A get event receiver command, save it. */
2848 intf->event_receiver = msg->rsp[3];
2849 intf->event_receiver_lun = msg->rsp[4] & 0x3;
2853 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
2855 if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2))
2856 && (msg->rsp[1] == IPMI_GET_DEVICE_ID_CMD)
2857 && (msg->rsp[2] == IPMI_CC_NO_ERROR))
2859 /* A get device id command, save if we are an event
2860 receiver or generator. */
2861 intf->local_sel_device = (msg->rsp[8] >> 2) & 1;
2862 intf->local_event_generator = (msg->rsp[8] >> 5) & 1;
2867 static void send_panic_events(char *str)
2869 struct kernel_ipmi_msg msg;
2871 unsigned char data[16];
2873 struct ipmi_system_interface_addr *si;
2874 struct ipmi_addr addr;
2875 struct ipmi_smi_msg smi_msg;
2876 struct ipmi_recv_msg recv_msg;
2878 si = (struct ipmi_system_interface_addr *) &addr;
2879 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2880 si->channel = IPMI_BMC_CHANNEL;
2883 /* Fill in an event telling that we have failed. */
2884 msg.netfn = 0x04; /* Sensor or Event. */
2885 msg.cmd = 2; /* Platform event command. */
2888 data[0] = 0x21; /* Kernel generator ID, IPMI table 5-4 */
2889 data[1] = 0x03; /* This is for IPMI 1.0. */
2890 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
2891 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
2892 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
2894 /* Put a few breadcrumbs in. Hopefully later we can add more things
2895 to make the panic events more useful. */
2902 smi_msg.done = dummy_smi_done_handler;
2903 recv_msg.done = dummy_recv_done_handler;
2905 /* For every registered interface, send the event. */
2906 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2907 intf = ipmi_interfaces[i];
2911 /* Send the event announcing the panic. */
2912 intf->handlers->set_run_to_completion(intf->send_info, 1);
2913 i_ipmi_request(NULL,
2924 0, 1); /* Don't retry, and don't wait. */
2927 #ifdef CONFIG_IPMI_PANIC_STRING
2928 /* On every interface, dump a bunch of OEM event holding the
2933 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2935 struct ipmi_ipmb_addr *ipmb;
2938 intf = ipmi_interfaces[i];
2942 /* First job here is to figure out where to send the
2943 OEM events. There's no way in IPMI to send OEM
2944 events using an event send command, so we have to
2945 find the SEL to put them in and stick them in
2948 /* Get capabilities from the get device id. */
2949 intf->local_sel_device = 0;
2950 intf->local_event_generator = 0;
2951 intf->event_receiver = 0;
2953 /* Request the device info from the local MC. */
2954 msg.netfn = IPMI_NETFN_APP_REQUEST;
2955 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
2958 intf->null_user_handler = device_id_fetcher;
2959 i_ipmi_request(NULL,
2970 0, 1); /* Don't retry, and don't wait. */
2972 if (intf->local_event_generator) {
2973 /* Request the event receiver from the local MC. */
2974 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
2975 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
2978 intf->null_user_handler = event_receiver_fetcher;
2979 i_ipmi_request(NULL,
2990 0, 1); /* no retry, and no wait. */
2992 intf->null_user_handler = NULL;
2994 /* Validate the event receiver. The low bit must not
2995 be 1 (it must be a valid IPMB address), it cannot
2996 be zero, and it must not be my address. */
2997 if (((intf->event_receiver & 1) == 0)
2998 && (intf->event_receiver != 0)
2999 && (intf->event_receiver != intf->my_address))
3001 /* The event receiver is valid, send an IPMB
3003 ipmb = (struct ipmi_ipmb_addr *) &addr;
3004 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
3005 ipmb->channel = 0; /* FIXME - is this right? */
3006 ipmb->lun = intf->event_receiver_lun;
3007 ipmb->slave_addr = intf->event_receiver;
3008 } else if (intf->local_sel_device) {
3009 /* The event receiver was not valid (or was
3010 me), but I am an SEL device, just dump it
3012 si = (struct ipmi_system_interface_addr *) &addr;
3013 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3014 si->channel = IPMI_BMC_CHANNEL;
3017 continue; /* No where to send the event. */
3020 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
3021 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
3027 int size = strlen(p);
3033 data[2] = 0xf0; /* OEM event without timestamp. */
3034 data[3] = intf->my_address;
3035 data[4] = j++; /* sequence # */
3036 /* Always give 11 bytes, so strncpy will fill
3037 it with zeroes for me. */
3038 strncpy(data+5, p, 11);
3041 i_ipmi_request(NULL,
3052 0, 1); /* no retry, and no wait. */
3055 #endif /* CONFIG_IPMI_PANIC_STRING */
3057 #endif /* CONFIG_IPMI_PANIC_EVENT */
3059 static int has_paniced = 0;
3061 static int panic_event(struct notifier_block *this,
3062 unsigned long event,
3072 /* For every registered interface, set it to run to completion. */
3073 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
3074 intf = ipmi_interfaces[i];
3078 intf->handlers->set_run_to_completion(intf->send_info, 1);
3081 #ifdef CONFIG_IPMI_PANIC_EVENT
3082 send_panic_events(ptr);
3088 static struct notifier_block panic_block = {
3089 .notifier_call = panic_event,
3091 .priority = 200 /* priority: INT_MAX >= x >= 0 */
3094 static int ipmi_init_msghandler(void)
3101 printk(KERN_INFO "ipmi message handler version "
3102 IPMI_MSGHANDLER_VERSION "\n");
3104 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
3105 ipmi_interfaces[i] = NULL;
3108 #ifdef CONFIG_PROC_FS
3109 proc_ipmi_root = proc_mkdir("ipmi", NULL);
3110 if (!proc_ipmi_root) {
3111 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
3115 proc_ipmi_root->owner = THIS_MODULE;
3116 #endif /* CONFIG_PROC_FS */
3118 init_timer(&ipmi_timer);
3119 ipmi_timer.data = 0;
3120 ipmi_timer.function = ipmi_timeout;
3121 ipmi_timer.expires = jiffies + IPMI_TIMEOUT_JIFFIES;
3122 add_timer(&ipmi_timer);
3124 notifier_chain_register(&panic_notifier_list, &panic_block);
3131 static __init int ipmi_init_msghandler_mod(void)
3133 ipmi_init_msghandler();
3137 static __exit void cleanup_ipmi(void)
3144 notifier_chain_unregister(&panic_notifier_list, &panic_block);
3146 /* This can't be called if any interfaces exist, so no worry about
3147 shutting down the interfaces. */
3149 /* Tell the timer to stop, then wait for it to stop. This avoids
3150 problems with race conditions removing the timer here. */
3151 atomic_inc(&stop_operation);
3152 del_timer_sync(&ipmi_timer);
3154 #ifdef CONFIG_PROC_FS
3155 remove_proc_entry(proc_ipmi_root->name, &proc_root);
3156 #endif /* CONFIG_PROC_FS */
3160 /* Check for buffer leaks. */
3161 count = atomic_read(&smi_msg_inuse_count);
3163 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
3165 count = atomic_read(&recv_msg_inuse_count);
3167 printk(KERN_WARNING PFX "recv message count %d at exit\n",
3170 module_exit(cleanup_ipmi);
3172 module_init(ipmi_init_msghandler_mod);
3173 MODULE_LICENSE("GPL");
3175 EXPORT_SYMBOL(ipmi_create_user);
3176 EXPORT_SYMBOL(ipmi_destroy_user);
3177 EXPORT_SYMBOL(ipmi_get_version);
3178 EXPORT_SYMBOL(ipmi_request_settime);
3179 EXPORT_SYMBOL(ipmi_request_supply_msgs);
3180 EXPORT_SYMBOL(ipmi_register_smi);
3181 EXPORT_SYMBOL(ipmi_unregister_smi);
3182 EXPORT_SYMBOL(ipmi_register_for_cmd);
3183 EXPORT_SYMBOL(ipmi_unregister_for_cmd);
3184 EXPORT_SYMBOL(ipmi_smi_msg_received);
3185 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
3186 EXPORT_SYMBOL(ipmi_alloc_smi_msg);
3187 EXPORT_SYMBOL(ipmi_addr_length);
3188 EXPORT_SYMBOL(ipmi_validate_addr);
3189 EXPORT_SYMBOL(ipmi_set_gets_events);
3190 EXPORT_SYMBOL(ipmi_smi_watcher_register);
3191 EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
3192 EXPORT_SYMBOL(ipmi_set_my_address);
3193 EXPORT_SYMBOL(ipmi_get_my_address);
3194 EXPORT_SYMBOL(ipmi_set_my_LUN);
3195 EXPORT_SYMBOL(ipmi_get_my_LUN);
3196 EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
3197 EXPORT_SYMBOL(proc_ipmi_root);
3198 EXPORT_SYMBOL(ipmi_user_set_run_to_completion);