Merge 'acpi-2.6.12' branch into to-akpm
[linux-2.6] / drivers / char / ipmi / ipmi_msghandler.c
1 /*
2  * ipmi_msghandler.c
3  *
4  * Incoming and outgoing message routing for an IPMI interface.
5  *
6  * Author: MontaVista Software, Inc.
7  *         Corey Minyard <minyard@mvista.com>
8  *         source@mvista.com
9  *
10  * Copyright 2002 MontaVista Software Inc.
11  *
12  *  This program is free software; you can redistribute it and/or modify it
13  *  under the terms of the GNU General Public License as published by the
14  *  Free Software Foundation; either version 2 of the License, or (at your
15  *  option) any later version.
16  *
17  *
18  *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19  *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20  *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21  *  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22  *  INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23  *  BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24  *  OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25  *  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26  *  TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27  *  USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28  *
29  *  You should have received a copy of the GNU General Public License along
30  *  with this program; if not, write to the Free Software Foundation, Inc.,
31  *  675 Mass Ave, Cambridge, MA 02139, USA.
32  */
33
34 #include <linux/config.h>
35 #include <linux/module.h>
36 #include <linux/errno.h>
37 #include <asm/system.h>
38 #include <linux/sched.h>
39 #include <linux/poll.h>
40 #include <linux/spinlock.h>
41 #include <linux/rwsem.h>
42 #include <linux/slab.h>
43 #include <linux/ipmi.h>
44 #include <linux/ipmi_smi.h>
45 #include <linux/notifier.h>
46 #include <linux/init.h>
47 #include <linux/proc_fs.h>
48
49 #define PFX "IPMI message handler: "
50 #define IPMI_MSGHANDLER_VERSION "v33"
51
52 static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
53 static int ipmi_init_msghandler(void);
54
55 static int initialized = 0;
56
57 #ifdef CONFIG_PROC_FS
58 struct proc_dir_entry *proc_ipmi_root = NULL;
59 #endif /* CONFIG_PROC_FS */
60
61 #define MAX_EVENTS_IN_QUEUE     25
62
63 /* Don't let a message sit in a queue forever, always time it with at lest
64    the max message timer.  This is in milliseconds. */
65 #define MAX_MSG_TIMEOUT         60000
66
67 struct ipmi_user
68 {
69         struct list_head link;
70
71         /* The upper layer that handles receive messages. */
72         struct ipmi_user_hndl *handler;
73         void             *handler_data;
74
75         /* The interface this user is bound to. */
76         ipmi_smi_t intf;
77
78         /* Does this interface receive IPMI events? */
79         int gets_events;
80 };
81
82 struct cmd_rcvr
83 {
84         struct list_head link;
85
86         ipmi_user_t   user;
87         unsigned char netfn;
88         unsigned char cmd;
89 };
90
91 struct seq_table
92 {
93         unsigned int         inuse : 1;
94         unsigned int         broadcast : 1;
95
96         unsigned long        timeout;
97         unsigned long        orig_timeout;
98         unsigned int         retries_left;
99
100         /* To verify on an incoming send message response that this is
101            the message that the response is for, we keep a sequence id
102            and increment it every time we send a message. */
103         long                 seqid;
104
105         /* This is held so we can properly respond to the message on a
106            timeout, and it is used to hold the temporary data for
107            retransmission, too. */
108         struct ipmi_recv_msg *recv_msg;
109 };
110
111 /* Store the information in a msgid (long) to allow us to find a
112    sequence table entry from the msgid. */
113 #define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
114
115 #define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
116         do {                                                            \
117                 seq = ((msgid >> 26) & 0x3f);                           \
118                 seqid = (msgid & 0x3fffff);                             \
119         } while(0)
120
121 #define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
122
123 struct ipmi_channel
124 {
125         unsigned char medium;
126         unsigned char protocol;
127 };
128
129 #ifdef CONFIG_PROC_FS
130 struct ipmi_proc_entry
131 {
132         char                   *name;
133         struct ipmi_proc_entry *next;
134 };
135 #endif
136
137 #define IPMI_IPMB_NUM_SEQ       64
138 #define IPMI_MAX_CHANNELS       8
139 struct ipmi_smi
140 {
141         /* What interface number are we? */
142         int intf_num;
143
144         /* The list of upper layers that are using me.  We read-lock
145            this when delivering messages to the upper layer to keep
146            the user from going away while we are processing the
147            message.  This means that you cannot add or delete a user
148            from the receive callback. */
149         rwlock_t                users_lock;
150         struct list_head        users;
151
152         /* Used for wake ups at startup. */
153         wait_queue_head_t waitq;
154
155         /* The IPMI version of the BMC on the other end. */
156         unsigned char       version_major;
157         unsigned char       version_minor;
158
159         /* This is the lower-layer's sender routine. */
160         struct ipmi_smi_handlers *handlers;
161         void                     *send_info;
162
163 #ifdef CONFIG_PROC_FS
164         /* A list of proc entries for this interface.  This does not
165            need a lock, only one thread creates it and only one thread
166            destroys it. */
167         spinlock_t             proc_entry_lock;
168         struct ipmi_proc_entry *proc_entries;
169 #endif
170
171         /* A table of sequence numbers for this interface.  We use the
172            sequence numbers for IPMB messages that go out of the
173            interface to match them up with their responses.  A routine
174            is called periodically to time the items in this list. */
175         spinlock_t       seq_lock;
176         struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
177         int curr_seq;
178
179         /* Messages that were delayed for some reason (out of memory,
180            for instance), will go in here to be processed later in a
181            periodic timer interrupt. */
182         spinlock_t       waiting_msgs_lock;
183         struct list_head waiting_msgs;
184
185         /* The list of command receivers that are registered for commands
186            on this interface. */
187         rwlock_t         cmd_rcvr_lock;
188         struct list_head cmd_rcvrs;
189
190         /* Events that were queues because no one was there to receive
191            them. */
192         spinlock_t       events_lock; /* For dealing with event stuff. */
193         struct list_head waiting_events;
194         unsigned int     waiting_events_count; /* How many events in queue? */
195
196         /* This will be non-null if someone registers to receive all
197            IPMI commands (this is for interface emulation).  There
198            may not be any things in the cmd_rcvrs list above when
199            this is registered. */
200         ipmi_user_t all_cmd_rcvr;
201
202         /* My slave address.  This is initialized to IPMI_BMC_SLAVE_ADDR,
203            but may be changed by the user. */
204         unsigned char my_address;
205
206         /* My LUN.  This should generally stay the SMS LUN, but just in
207            case... */
208         unsigned char my_lun;
209
210         /* The event receiver for my BMC, only really used at panic
211            shutdown as a place to store this. */
212         unsigned char event_receiver;
213         unsigned char event_receiver_lun;
214         unsigned char local_sel_device;
215         unsigned char local_event_generator;
216
217         /* A cheap hack, if this is non-null and a message to an
218            interface comes in with a NULL user, call this routine with
219            it.  Note that the message will still be freed by the
220            caller.  This only works on the system interface. */
221         void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_smi_msg *msg);
222
223         /* When we are scanning the channels for an SMI, this will
224            tell which channel we are scanning. */
225         int curr_channel;
226
227         /* Channel information */
228         struct ipmi_channel channels[IPMI_MAX_CHANNELS];
229
230         /* Proc FS stuff. */
231         struct proc_dir_entry *proc_dir;
232         char                  proc_dir_name[10];
233
234         spinlock_t   counter_lock; /* For making counters atomic. */
235
236         /* Commands we got that were invalid. */
237         unsigned int sent_invalid_commands;
238
239         /* Commands we sent to the MC. */
240         unsigned int sent_local_commands;
241         /* Responses from the MC that were delivered to a user. */
242         unsigned int handled_local_responses;
243         /* Responses from the MC that were not delivered to a user. */
244         unsigned int unhandled_local_responses;
245
246         /* Commands we sent out to the IPMB bus. */
247         unsigned int sent_ipmb_commands;
248         /* Commands sent on the IPMB that had errors on the SEND CMD */
249         unsigned int sent_ipmb_command_errs;
250         /* Each retransmit increments this count. */
251         unsigned int retransmitted_ipmb_commands;
252         /* When a message times out (runs out of retransmits) this is
253            incremented. */
254         unsigned int timed_out_ipmb_commands;
255
256         /* This is like above, but for broadcasts.  Broadcasts are
257            *not* included in the above count (they are expected to
258            time out). */
259         unsigned int timed_out_ipmb_broadcasts;
260
261         /* Responses I have sent to the IPMB bus. */
262         unsigned int sent_ipmb_responses;
263
264         /* The response was delivered to the user. */
265         unsigned int handled_ipmb_responses;
266         /* The response had invalid data in it. */
267         unsigned int invalid_ipmb_responses;
268         /* The response didn't have anyone waiting for it. */
269         unsigned int unhandled_ipmb_responses;
270
271         /* Commands we sent out to the IPMB bus. */
272         unsigned int sent_lan_commands;
273         /* Commands sent on the IPMB that had errors on the SEND CMD */
274         unsigned int sent_lan_command_errs;
275         /* Each retransmit increments this count. */
276         unsigned int retransmitted_lan_commands;
277         /* When a message times out (runs out of retransmits) this is
278            incremented. */
279         unsigned int timed_out_lan_commands;
280
281         /* Responses I have sent to the IPMB bus. */
282         unsigned int sent_lan_responses;
283
284         /* The response was delivered to the user. */
285         unsigned int handled_lan_responses;
286         /* The response had invalid data in it. */
287         unsigned int invalid_lan_responses;
288         /* The response didn't have anyone waiting for it. */
289         unsigned int unhandled_lan_responses;
290
291         /* The command was delivered to the user. */
292         unsigned int handled_commands;
293         /* The command had invalid data in it. */
294         unsigned int invalid_commands;
295         /* The command didn't have anyone waiting for it. */
296         unsigned int unhandled_commands;
297
298         /* Invalid data in an event. */
299         unsigned int invalid_events;
300         /* Events that were received with the proper format. */
301         unsigned int events;
302 };
303
304 #define MAX_IPMI_INTERFACES 4
305 static ipmi_smi_t ipmi_interfaces[MAX_IPMI_INTERFACES];
306
307 /* Used to keep interfaces from going away while operations are
308    operating on interfaces.  Grab read if you are not modifying the
309    interfaces, write if you are. */
310 static DECLARE_RWSEM(interfaces_sem);
311
312 /* Directly protects the ipmi_interfaces data structure.  This is
313    claimed in the timer interrupt. */
314 static DEFINE_SPINLOCK(interfaces_lock);
315
316 /* List of watchers that want to know when smi's are added and
317    deleted. */
318 static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers);
319 static DECLARE_RWSEM(smi_watchers_sem);
320
321 int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
322 {
323         int i;
324
325         down_read(&interfaces_sem);
326         down_write(&smi_watchers_sem);
327         list_add(&(watcher->link), &smi_watchers);
328         for (i=0; i<MAX_IPMI_INTERFACES; i++) {
329                 if (ipmi_interfaces[i] != NULL) {
330                         watcher->new_smi(i);
331                 }
332         }
333         up_write(&smi_watchers_sem);
334         up_read(&interfaces_sem);
335         return 0;
336 }
337
338 int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
339 {
340         down_write(&smi_watchers_sem);
341         list_del(&(watcher->link));
342         up_write(&smi_watchers_sem);
343         return 0;
344 }
345
346 static void
347 call_smi_watchers(int i)
348 {
349         struct ipmi_smi_watcher *w;
350
351         down_read(&smi_watchers_sem);
352         list_for_each_entry(w, &smi_watchers, link) {
353                 if (try_module_get(w->owner)) {
354                         w->new_smi(i);
355                         module_put(w->owner);
356                 }
357         }
358         up_read(&smi_watchers_sem);
359 }
360
361 static int
362 ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
363 {
364         if (addr1->addr_type != addr2->addr_type)
365                 return 0;
366
367         if (addr1->channel != addr2->channel)
368                 return 0;
369
370         if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
371                 struct ipmi_system_interface_addr *smi_addr1
372                     = (struct ipmi_system_interface_addr *) addr1;
373                 struct ipmi_system_interface_addr *smi_addr2
374                     = (struct ipmi_system_interface_addr *) addr2;
375                 return (smi_addr1->lun == smi_addr2->lun);
376         }
377
378         if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE)
379             || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
380         {
381                 struct ipmi_ipmb_addr *ipmb_addr1
382                     = (struct ipmi_ipmb_addr *) addr1;
383                 struct ipmi_ipmb_addr *ipmb_addr2
384                     = (struct ipmi_ipmb_addr *) addr2;
385
386                 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
387                         && (ipmb_addr1->lun == ipmb_addr2->lun));
388         }
389
390         if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) {
391                 struct ipmi_lan_addr *lan_addr1
392                         = (struct ipmi_lan_addr *) addr1;
393                 struct ipmi_lan_addr *lan_addr2
394                     = (struct ipmi_lan_addr *) addr2;
395
396                 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
397                         && (lan_addr1->local_SWID == lan_addr2->local_SWID)
398                         && (lan_addr1->session_handle
399                             == lan_addr2->session_handle)
400                         && (lan_addr1->lun == lan_addr2->lun));
401         }
402
403         return 1;
404 }
405
406 int ipmi_validate_addr(struct ipmi_addr *addr, int len)
407 {
408         if (len < sizeof(struct ipmi_system_interface_addr)) {
409                 return -EINVAL;
410         }
411
412         if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
413                 if (addr->channel != IPMI_BMC_CHANNEL)
414                         return -EINVAL;
415                 return 0;
416         }
417
418         if ((addr->channel == IPMI_BMC_CHANNEL)
419             || (addr->channel >= IPMI_NUM_CHANNELS)
420             || (addr->channel < 0))
421                 return -EINVAL;
422
423         if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
424             || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
425         {
426                 if (len < sizeof(struct ipmi_ipmb_addr)) {
427                         return -EINVAL;
428                 }
429                 return 0;
430         }
431
432         if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
433                 if (len < sizeof(struct ipmi_lan_addr)) {
434                         return -EINVAL;
435                 }
436                 return 0;
437         }
438
439         return -EINVAL;
440 }
441
442 unsigned int ipmi_addr_length(int addr_type)
443 {
444         if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
445                 return sizeof(struct ipmi_system_interface_addr);
446
447         if ((addr_type == IPMI_IPMB_ADDR_TYPE)
448             || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
449         {
450                 return sizeof(struct ipmi_ipmb_addr);
451         }
452
453         if (addr_type == IPMI_LAN_ADDR_TYPE)
454                 return sizeof(struct ipmi_lan_addr);
455
456         return 0;
457 }
458
459 static void deliver_response(struct ipmi_recv_msg *msg)
460 {
461         msg->user->handler->ipmi_recv_hndl(msg, msg->user->handler_data);
462 }
463
464 /* Find the next sequence number not being used and add the given
465    message with the given timeout to the sequence table.  This must be
466    called with the interface's seq_lock held. */
467 static int intf_next_seq(ipmi_smi_t           intf,
468                          struct ipmi_recv_msg *recv_msg,
469                          unsigned long        timeout,
470                          int                  retries,
471                          int                  broadcast,
472                          unsigned char        *seq,
473                          long                 *seqid)
474 {
475         int          rv = 0;
476         unsigned int i;
477
478         for (i=intf->curr_seq;
479              (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
480              i=(i+1)%IPMI_IPMB_NUM_SEQ)
481         {
482                 if (! intf->seq_table[i].inuse)
483                         break;
484         }
485
486         if (! intf->seq_table[i].inuse) {
487                 intf->seq_table[i].recv_msg = recv_msg;
488
489                 /* Start with the maximum timeout, when the send response
490                    comes in we will start the real timer. */
491                 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
492                 intf->seq_table[i].orig_timeout = timeout;
493                 intf->seq_table[i].retries_left = retries;
494                 intf->seq_table[i].broadcast = broadcast;
495                 intf->seq_table[i].inuse = 1;
496                 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
497                 *seq = i;
498                 *seqid = intf->seq_table[i].seqid;
499                 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
500         } else {
501                 rv = -EAGAIN;
502         }
503         
504         return rv;
505 }
506
507 /* Return the receive message for the given sequence number and
508    release the sequence number so it can be reused.  Some other data
509    is passed in to be sure the message matches up correctly (to help
510    guard against message coming in after their timeout and the
511    sequence number being reused). */
512 static int intf_find_seq(ipmi_smi_t           intf,
513                          unsigned char        seq,
514                          short                channel,
515                          unsigned char        cmd,
516                          unsigned char        netfn,
517                          struct ipmi_addr     *addr,
518                          struct ipmi_recv_msg **recv_msg)
519 {
520         int           rv = -ENODEV;
521         unsigned long flags;
522
523         if (seq >= IPMI_IPMB_NUM_SEQ)
524                 return -EINVAL;
525
526         spin_lock_irqsave(&(intf->seq_lock), flags);
527         if (intf->seq_table[seq].inuse) {
528                 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
529
530                 if ((msg->addr.channel == channel)
531                     && (msg->msg.cmd == cmd)
532                     && (msg->msg.netfn == netfn)
533                     && (ipmi_addr_equal(addr, &(msg->addr))))
534                 {
535                         *recv_msg = msg;
536                         intf->seq_table[seq].inuse = 0;
537                         rv = 0;
538                 }
539         }
540         spin_unlock_irqrestore(&(intf->seq_lock), flags);
541
542         return rv;
543 }
544
545
546 /* Start the timer for a specific sequence table entry. */
547 static int intf_start_seq_timer(ipmi_smi_t intf,
548                                 long       msgid)
549 {
550         int           rv = -ENODEV;
551         unsigned long flags;
552         unsigned char seq;
553         unsigned long seqid;
554
555
556         GET_SEQ_FROM_MSGID(msgid, seq, seqid);
557
558         spin_lock_irqsave(&(intf->seq_lock), flags);
559         /* We do this verification because the user can be deleted
560            while a message is outstanding. */
561         if ((intf->seq_table[seq].inuse)
562             && (intf->seq_table[seq].seqid == seqid))
563         {
564                 struct seq_table *ent = &(intf->seq_table[seq]);
565                 ent->timeout = ent->orig_timeout;
566                 rv = 0;
567         }
568         spin_unlock_irqrestore(&(intf->seq_lock), flags);
569
570         return rv;
571 }
572
573 /* Got an error for the send message for a specific sequence number. */
574 static int intf_err_seq(ipmi_smi_t   intf,
575                         long         msgid,
576                         unsigned int err)
577 {
578         int                  rv = -ENODEV;
579         unsigned long        flags;
580         unsigned char        seq;
581         unsigned long        seqid;
582         struct ipmi_recv_msg *msg = NULL;
583
584
585         GET_SEQ_FROM_MSGID(msgid, seq, seqid);
586
587         spin_lock_irqsave(&(intf->seq_lock), flags);
588         /* We do this verification because the user can be deleted
589            while a message is outstanding. */
590         if ((intf->seq_table[seq].inuse)
591             && (intf->seq_table[seq].seqid == seqid))
592         {
593                 struct seq_table *ent = &(intf->seq_table[seq]);
594
595                 ent->inuse = 0;
596                 msg = ent->recv_msg;
597                 rv = 0;
598         }
599         spin_unlock_irqrestore(&(intf->seq_lock), flags);
600
601         if (msg) {
602                 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
603                 msg->msg_data[0] = err;
604                 msg->msg.netfn |= 1; /* Convert to a response. */
605                 msg->msg.data_len = 1;
606                 msg->msg.data = msg->msg_data;
607                 deliver_response(msg);
608         }
609
610         return rv;
611 }
612
613
614 int ipmi_create_user(unsigned int          if_num,
615                      struct ipmi_user_hndl *handler,
616                      void                  *handler_data,
617                      ipmi_user_t           *user)
618 {
619         unsigned long flags;
620         ipmi_user_t   new_user;
621         int           rv = 0;
622         ipmi_smi_t    intf;
623
624         /* There is no module usecount here, because it's not
625            required.  Since this can only be used by and called from
626            other modules, they will implicitly use this module, and
627            thus this can't be removed unless the other modules are
628            removed. */
629
630         if (handler == NULL)
631                 return -EINVAL;
632
633         /* Make sure the driver is actually initialized, this handles
634            problems with initialization order. */
635         if (!initialized) {
636                 rv = ipmi_init_msghandler();
637                 if (rv)
638                         return rv;
639
640                 /* The init code doesn't return an error if it was turned
641                    off, but it won't initialize.  Check that. */
642                 if (!initialized)
643                         return -ENODEV;
644         }
645
646         new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
647         if (! new_user)
648                 return -ENOMEM;
649
650         down_read(&interfaces_sem);
651         if ((if_num >= MAX_IPMI_INTERFACES) || ipmi_interfaces[if_num] == NULL)
652         {
653                 rv = -EINVAL;
654                 goto out_unlock;
655         }
656
657         intf = ipmi_interfaces[if_num];
658
659         new_user->handler = handler;
660         new_user->handler_data = handler_data;
661         new_user->intf = intf;
662         new_user->gets_events = 0;
663
664         if (!try_module_get(intf->handlers->owner)) {
665                 rv = -ENODEV;
666                 goto out_unlock;
667         }
668
669         if (intf->handlers->inc_usecount) {
670                 rv = intf->handlers->inc_usecount(intf->send_info);
671                 if (rv) {
672                         module_put(intf->handlers->owner);
673                         goto out_unlock;
674                 }
675         }
676
677         write_lock_irqsave(&intf->users_lock, flags);
678         list_add_tail(&new_user->link, &intf->users);
679         write_unlock_irqrestore(&intf->users_lock, flags);
680
681  out_unlock:    
682         if (rv) {
683                 kfree(new_user);
684         } else {
685                 *user = new_user;
686         }
687
688         up_read(&interfaces_sem);
689         return rv;
690 }
691
692 static int ipmi_destroy_user_nolock(ipmi_user_t user)
693 {
694         int              rv = -ENODEV;
695         ipmi_user_t      t_user;
696         struct cmd_rcvr  *rcvr, *rcvr2;
697         int              i;
698         unsigned long    flags;
699
700         /* Find the user and delete them from the list. */
701         list_for_each_entry(t_user, &(user->intf->users), link) {
702                 if (t_user == user) {
703                         list_del(&t_user->link);
704                         rv = 0;
705                         break;
706                 }
707         }
708
709         if (rv) {
710                 goto out_unlock;
711         }
712
713         /* Remove the user from the interfaces sequence table. */
714         spin_lock_irqsave(&(user->intf->seq_lock), flags);
715         for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) {
716                 if (user->intf->seq_table[i].inuse
717                     && (user->intf->seq_table[i].recv_msg->user == user))
718                 {
719                         user->intf->seq_table[i].inuse = 0;
720                 }
721         }
722         spin_unlock_irqrestore(&(user->intf->seq_lock), flags);
723
724         /* Remove the user from the command receiver's table. */
725         write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
726         list_for_each_entry_safe(rcvr, rcvr2, &(user->intf->cmd_rcvrs), link) {
727                 if (rcvr->user == user) {
728                         list_del(&rcvr->link);
729                         kfree(rcvr);
730                 }
731         }
732         write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
733
734         kfree(user);
735
736  out_unlock:
737
738         return rv;
739 }
740
741 int ipmi_destroy_user(ipmi_user_t user)
742 {
743         int           rv;
744         ipmi_smi_t    intf = user->intf;
745         unsigned long flags;
746
747         down_read(&interfaces_sem);
748         write_lock_irqsave(&intf->users_lock, flags);
749         rv = ipmi_destroy_user_nolock(user);
750         if (!rv) {
751                 module_put(intf->handlers->owner);
752                 if (intf->handlers->dec_usecount)
753                         intf->handlers->dec_usecount(intf->send_info);
754         }
755                 
756         write_unlock_irqrestore(&intf->users_lock, flags);
757         up_read(&interfaces_sem);
758         return rv;
759 }
760
761 void ipmi_get_version(ipmi_user_t   user,
762                       unsigned char *major,
763                       unsigned char *minor)
764 {
765         *major = user->intf->version_major;
766         *minor = user->intf->version_minor;
767 }
768
769 void ipmi_set_my_address(ipmi_user_t   user,
770                          unsigned char address)
771 {
772         user->intf->my_address = address;
773 }
774
775 unsigned char ipmi_get_my_address(ipmi_user_t user)
776 {
777         return user->intf->my_address;
778 }
779
780 void ipmi_set_my_LUN(ipmi_user_t   user,
781                      unsigned char LUN)
782 {
783         user->intf->my_lun = LUN & 0x3;
784 }
785
786 unsigned char ipmi_get_my_LUN(ipmi_user_t user)
787 {
788         return user->intf->my_lun;
789 }
790
791 int ipmi_set_gets_events(ipmi_user_t user, int val)
792 {
793         unsigned long         flags;
794         struct ipmi_recv_msg  *msg, *msg2;
795
796         read_lock(&(user->intf->users_lock));
797         spin_lock_irqsave(&(user->intf->events_lock), flags);
798         user->gets_events = val;
799
800         if (val) {
801                 /* Deliver any queued events. */
802                 list_for_each_entry_safe(msg, msg2, &(user->intf->waiting_events), link) {
803                         list_del(&msg->link);
804                         msg->user = user;
805                         deliver_response(msg);
806                 }
807         }
808         
809         spin_unlock_irqrestore(&(user->intf->events_lock), flags);
810         read_unlock(&(user->intf->users_lock));
811
812         return 0;
813 }
814
815 int ipmi_register_for_cmd(ipmi_user_t   user,
816                           unsigned char netfn,
817                           unsigned char cmd)
818 {
819         struct cmd_rcvr  *cmp;
820         unsigned long    flags;
821         struct cmd_rcvr  *rcvr;
822         int              rv = 0;
823
824
825         rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
826         if (! rcvr)
827                 return -ENOMEM;
828
829         read_lock(&(user->intf->users_lock));
830         write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
831         if (user->intf->all_cmd_rcvr != NULL) {
832                 rv = -EBUSY;
833                 goto out_unlock;
834         }
835
836         /* Make sure the command/netfn is not already registered. */
837         list_for_each_entry(cmp, &(user->intf->cmd_rcvrs), link) {
838                 if ((cmp->netfn == netfn) && (cmp->cmd == cmd)) {
839                         rv = -EBUSY;
840                         break;
841                 }
842         }
843
844         if (! rv) {
845                 rcvr->cmd = cmd;
846                 rcvr->netfn = netfn;
847                 rcvr->user = user;
848                 list_add_tail(&(rcvr->link), &(user->intf->cmd_rcvrs));
849         }
850  out_unlock:
851         write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
852         read_unlock(&(user->intf->users_lock));
853
854         if (rv)
855                 kfree(rcvr);
856
857         return rv;
858 }
859
860 int ipmi_unregister_for_cmd(ipmi_user_t   user,
861                             unsigned char netfn,
862                             unsigned char cmd)
863 {
864         unsigned long    flags;
865         struct cmd_rcvr  *rcvr;
866         int              rv = -ENOENT;
867
868         read_lock(&(user->intf->users_lock));
869         write_lock_irqsave(&(user->intf->cmd_rcvr_lock), flags);
870         /* Make sure the command/netfn is not already registered. */
871         list_for_each_entry(rcvr, &(user->intf->cmd_rcvrs), link) {
872                 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
873                         rv = 0;
874                         list_del(&rcvr->link);
875                         kfree(rcvr);
876                         break;
877                 }
878         }
879         write_unlock_irqrestore(&(user->intf->cmd_rcvr_lock), flags);
880         read_unlock(&(user->intf->users_lock));
881
882         return rv;
883 }
884
885 void ipmi_user_set_run_to_completion(ipmi_user_t user, int val)
886 {
887         user->intf->handlers->set_run_to_completion(user->intf->send_info,
888                                                     val);
889 }
890
891 static unsigned char
892 ipmb_checksum(unsigned char *data, int size)
893 {
894         unsigned char csum = 0;
895         
896         for (; size > 0; size--, data++)
897                 csum += *data;
898
899         return -csum;
900 }
901
902 static inline void format_ipmb_msg(struct ipmi_smi_msg   *smi_msg,
903                                    struct kernel_ipmi_msg *msg,
904                                    struct ipmi_ipmb_addr *ipmb_addr,
905                                    long                  msgid,
906                                    unsigned char         ipmb_seq,
907                                    int                   broadcast,
908                                    unsigned char         source_address,
909                                    unsigned char         source_lun)
910 {
911         int i = broadcast;
912
913         /* Format the IPMB header data. */
914         smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
915         smi_msg->data[1] = IPMI_SEND_MSG_CMD;
916         smi_msg->data[2] = ipmb_addr->channel;
917         if (broadcast)
918                 smi_msg->data[3] = 0;
919         smi_msg->data[i+3] = ipmb_addr->slave_addr;
920         smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
921         smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
922         smi_msg->data[i+6] = source_address;
923         smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
924         smi_msg->data[i+8] = msg->cmd;
925
926         /* Now tack on the data to the message. */
927         if (msg->data_len > 0)
928                 memcpy(&(smi_msg->data[i+9]), msg->data,
929                        msg->data_len);
930         smi_msg->data_size = msg->data_len + 9;
931
932         /* Now calculate the checksum and tack it on. */
933         smi_msg->data[i+smi_msg->data_size]
934                 = ipmb_checksum(&(smi_msg->data[i+6]),
935                                 smi_msg->data_size-6);
936
937         /* Add on the checksum size and the offset from the
938            broadcast. */
939         smi_msg->data_size += 1 + i;
940
941         smi_msg->msgid = msgid;
942 }
943
944 static inline void format_lan_msg(struct ipmi_smi_msg   *smi_msg,
945                                   struct kernel_ipmi_msg *msg,
946                                   struct ipmi_lan_addr  *lan_addr,
947                                   long                  msgid,
948                                   unsigned char         ipmb_seq,
949                                   unsigned char         source_lun)
950 {
951         /* Format the IPMB header data. */
952         smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
953         smi_msg->data[1] = IPMI_SEND_MSG_CMD;
954         smi_msg->data[2] = lan_addr->channel;
955         smi_msg->data[3] = lan_addr->session_handle;
956         smi_msg->data[4] = lan_addr->remote_SWID;
957         smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
958         smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
959         smi_msg->data[7] = lan_addr->local_SWID;
960         smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
961         smi_msg->data[9] = msg->cmd;
962
963         /* Now tack on the data to the message. */
964         if (msg->data_len > 0)
965                 memcpy(&(smi_msg->data[10]), msg->data,
966                        msg->data_len);
967         smi_msg->data_size = msg->data_len + 10;
968
969         /* Now calculate the checksum and tack it on. */
970         smi_msg->data[smi_msg->data_size]
971                 = ipmb_checksum(&(smi_msg->data[7]),
972                                 smi_msg->data_size-7);
973
974         /* Add on the checksum size and the offset from the
975            broadcast. */
976         smi_msg->data_size += 1;
977
978         smi_msg->msgid = msgid;
979 }
980
981 /* Separate from ipmi_request so that the user does not have to be
982    supplied in certain circumstances (mainly at panic time).  If
983    messages are supplied, they will be freed, even if an error
984    occurs. */
985 static inline int i_ipmi_request(ipmi_user_t          user,
986                                  ipmi_smi_t           intf,
987                                  struct ipmi_addr     *addr,
988                                  long                 msgid,
989                                  struct kernel_ipmi_msg *msg,
990                                  void                 *user_msg_data,
991                                  void                 *supplied_smi,
992                                  struct ipmi_recv_msg *supplied_recv,
993                                  int                  priority,
994                                  unsigned char        source_address,
995                                  unsigned char        source_lun,
996                                  int                  retries,
997                                  unsigned int         retry_time_ms)
998 {
999         int                  rv = 0;
1000         struct ipmi_smi_msg  *smi_msg;
1001         struct ipmi_recv_msg *recv_msg;
1002         unsigned long        flags;
1003
1004
1005         if (supplied_recv) {
1006                 recv_msg = supplied_recv;
1007         } else {
1008                 recv_msg = ipmi_alloc_recv_msg();
1009                 if (recv_msg == NULL) {
1010                         return -ENOMEM;
1011                 }
1012         }
1013         recv_msg->user_msg_data = user_msg_data;
1014
1015         if (supplied_smi) {
1016                 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
1017         } else {
1018                 smi_msg = ipmi_alloc_smi_msg();
1019                 if (smi_msg == NULL) {
1020                         ipmi_free_recv_msg(recv_msg);
1021                         return -ENOMEM;
1022                 }
1023         }
1024
1025         recv_msg->user = user;
1026         recv_msg->msgid = msgid;
1027         /* Store the message to send in the receive message so timeout
1028            responses can get the proper response data. */
1029         recv_msg->msg = *msg;
1030
1031         if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1032                 struct ipmi_system_interface_addr *smi_addr;
1033
1034                 if (msg->netfn & 1) {
1035                         /* Responses are not allowed to the SMI. */
1036                         rv = -EINVAL;
1037                         goto out_err;
1038                 }
1039
1040                 smi_addr = (struct ipmi_system_interface_addr *) addr;
1041                 if (smi_addr->lun > 3) {
1042                         spin_lock_irqsave(&intf->counter_lock, flags);
1043                         intf->sent_invalid_commands++;
1044                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1045                         rv = -EINVAL;
1046                         goto out_err;
1047                 }
1048
1049                 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1050
1051                 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1052                     && ((msg->cmd == IPMI_SEND_MSG_CMD)
1053                         || (msg->cmd == IPMI_GET_MSG_CMD)
1054                         || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD)))
1055                 {
1056                         /* We don't let the user do these, since we manage
1057                            the sequence numbers. */
1058                         spin_lock_irqsave(&intf->counter_lock, flags);
1059                         intf->sent_invalid_commands++;
1060                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1061                         rv = -EINVAL;
1062                         goto out_err;
1063                 }
1064
1065                 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1066                         spin_lock_irqsave(&intf->counter_lock, flags);
1067                         intf->sent_invalid_commands++;
1068                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1069                         rv = -EMSGSIZE;
1070                         goto out_err;
1071                 }
1072
1073                 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1074                 smi_msg->data[1] = msg->cmd;
1075                 smi_msg->msgid = msgid;
1076                 smi_msg->user_data = recv_msg;
1077                 if (msg->data_len > 0)
1078                         memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1079                 smi_msg->data_size = msg->data_len + 2;
1080                 spin_lock_irqsave(&intf->counter_lock, flags);
1081                 intf->sent_local_commands++;
1082                 spin_unlock_irqrestore(&intf->counter_lock, flags);
1083         } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
1084                    || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1085         {
1086                 struct ipmi_ipmb_addr *ipmb_addr;
1087                 unsigned char         ipmb_seq;
1088                 long                  seqid;
1089                 int                   broadcast = 0;
1090
1091                 if (addr->channel >= IPMI_MAX_CHANNELS) {
1092                         spin_lock_irqsave(&intf->counter_lock, flags);
1093                         intf->sent_invalid_commands++;
1094                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1095                         rv = -EINVAL;
1096                         goto out_err;
1097                 }
1098
1099                 if (intf->channels[addr->channel].medium
1100                     != IPMI_CHANNEL_MEDIUM_IPMB)
1101                 {
1102                         spin_lock_irqsave(&intf->counter_lock, flags);
1103                         intf->sent_invalid_commands++;
1104                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1105                         rv = -EINVAL;
1106                         goto out_err;
1107                 }
1108
1109                 if (retries < 0) {
1110                     if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1111                         retries = 0; /* Don't retry broadcasts. */
1112                     else
1113                         retries = 4;
1114                 }
1115                 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1116                     /* Broadcasts add a zero at the beginning of the
1117                        message, but otherwise is the same as an IPMB
1118                        address. */
1119                     addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1120                     broadcast = 1;
1121                 }
1122
1123
1124                 /* Default to 1 second retries. */
1125                 if (retry_time_ms == 0)
1126                     retry_time_ms = 1000;
1127
1128                 /* 9 for the header and 1 for the checksum, plus
1129                    possibly one for the broadcast. */
1130                 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1131                         spin_lock_irqsave(&intf->counter_lock, flags);
1132                         intf->sent_invalid_commands++;
1133                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1134                         rv = -EMSGSIZE;
1135                         goto out_err;
1136                 }
1137
1138                 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1139                 if (ipmb_addr->lun > 3) {
1140                         spin_lock_irqsave(&intf->counter_lock, flags);
1141                         intf->sent_invalid_commands++;
1142                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1143                         rv = -EINVAL;
1144                         goto out_err;
1145                 }
1146
1147                 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1148
1149                 if (recv_msg->msg.netfn & 0x1) {
1150                         /* It's a response, so use the user's sequence
1151                            from msgid. */
1152                         spin_lock_irqsave(&intf->counter_lock, flags);
1153                         intf->sent_ipmb_responses++;
1154                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1155                         format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1156                                         msgid, broadcast,
1157                                         source_address, source_lun);
1158
1159                         /* Save the receive message so we can use it
1160                            to deliver the response. */
1161                         smi_msg->user_data = recv_msg;
1162                 } else {
1163                         /* It's a command, so get a sequence for it. */
1164
1165                         spin_lock_irqsave(&(intf->seq_lock), flags);
1166
1167                         spin_lock(&intf->counter_lock);
1168                         intf->sent_ipmb_commands++;
1169                         spin_unlock(&intf->counter_lock);
1170
1171                         /* Create a sequence number with a 1 second
1172                            timeout and 4 retries. */
1173                         rv = intf_next_seq(intf,
1174                                            recv_msg,
1175                                            retry_time_ms,
1176                                            retries,
1177                                            broadcast,
1178                                            &ipmb_seq,
1179                                            &seqid);
1180                         if (rv) {
1181                                 /* We have used up all the sequence numbers,
1182                                    probably, so abort. */
1183                                 spin_unlock_irqrestore(&(intf->seq_lock),
1184                                                        flags);
1185                                 goto out_err;
1186                         }
1187
1188                         /* Store the sequence number in the message,
1189                            so that when the send message response
1190                            comes back we can start the timer. */
1191                         format_ipmb_msg(smi_msg, msg, ipmb_addr,
1192                                         STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1193                                         ipmb_seq, broadcast,
1194                                         source_address, source_lun);
1195
1196                         /* Copy the message into the recv message data, so we
1197                            can retransmit it later if necessary. */
1198                         memcpy(recv_msg->msg_data, smi_msg->data,
1199                                smi_msg->data_size);
1200                         recv_msg->msg.data = recv_msg->msg_data;
1201                         recv_msg->msg.data_len = smi_msg->data_size;
1202
1203                         /* We don't unlock until here, because we need
1204                            to copy the completed message into the
1205                            recv_msg before we release the lock.
1206                            Otherwise, race conditions may bite us.  I
1207                            know that's pretty paranoid, but I prefer
1208                            to be correct. */
1209                         spin_unlock_irqrestore(&(intf->seq_lock), flags);
1210                 }
1211         } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
1212                 struct ipmi_lan_addr  *lan_addr;
1213                 unsigned char         ipmb_seq;
1214                 long                  seqid;
1215
1216                 if (addr->channel > IPMI_NUM_CHANNELS) {
1217                         spin_lock_irqsave(&intf->counter_lock, flags);
1218                         intf->sent_invalid_commands++;
1219                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1220                         rv = -EINVAL;
1221                         goto out_err;
1222                 }
1223
1224                 if ((intf->channels[addr->channel].medium
1225                     != IPMI_CHANNEL_MEDIUM_8023LAN)
1226                     && (intf->channels[addr->channel].medium
1227                         != IPMI_CHANNEL_MEDIUM_ASYNC))
1228                 {
1229                         spin_lock_irqsave(&intf->counter_lock, flags);
1230                         intf->sent_invalid_commands++;
1231                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1232                         rv = -EINVAL;
1233                         goto out_err;
1234                 }
1235
1236                 retries = 4;
1237
1238                 /* Default to 1 second retries. */
1239                 if (retry_time_ms == 0)
1240                     retry_time_ms = 1000;
1241
1242                 /* 11 for the header and 1 for the checksum. */
1243                 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1244                         spin_lock_irqsave(&intf->counter_lock, flags);
1245                         intf->sent_invalid_commands++;
1246                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1247                         rv = -EMSGSIZE;
1248                         goto out_err;
1249                 }
1250
1251                 lan_addr = (struct ipmi_lan_addr *) addr;
1252                 if (lan_addr->lun > 3) {
1253                         spin_lock_irqsave(&intf->counter_lock, flags);
1254                         intf->sent_invalid_commands++;
1255                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1256                         rv = -EINVAL;
1257                         goto out_err;
1258                 }
1259
1260                 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1261
1262                 if (recv_msg->msg.netfn & 0x1) {
1263                         /* It's a response, so use the user's sequence
1264                            from msgid. */
1265                         spin_lock_irqsave(&intf->counter_lock, flags);
1266                         intf->sent_lan_responses++;
1267                         spin_unlock_irqrestore(&intf->counter_lock, flags);
1268                         format_lan_msg(smi_msg, msg, lan_addr, msgid,
1269                                        msgid, source_lun);
1270
1271                         /* Save the receive message so we can use it
1272                            to deliver the response. */
1273                         smi_msg->user_data = recv_msg;
1274                 } else {
1275                         /* It's a command, so get a sequence for it. */
1276
1277                         spin_lock_irqsave(&(intf->seq_lock), flags);
1278
1279                         spin_lock(&intf->counter_lock);
1280                         intf->sent_lan_commands++;
1281                         spin_unlock(&intf->counter_lock);
1282
1283                         /* Create a sequence number with a 1 second
1284                            timeout and 4 retries. */
1285                         rv = intf_next_seq(intf,
1286                                            recv_msg,
1287                                            retry_time_ms,
1288                                            retries,
1289                                            0,
1290                                            &ipmb_seq,
1291                                            &seqid);
1292                         if (rv) {
1293                                 /* We have used up all the sequence numbers,
1294                                    probably, so abort. */
1295                                 spin_unlock_irqrestore(&(intf->seq_lock),
1296                                                        flags);
1297                                 goto out_err;
1298                         }
1299
1300                         /* Store the sequence number in the message,
1301                            so that when the send message response
1302                            comes back we can start the timer. */
1303                         format_lan_msg(smi_msg, msg, lan_addr,
1304                                        STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1305                                        ipmb_seq, source_lun);
1306
1307                         /* Copy the message into the recv message data, so we
1308                            can retransmit it later if necessary. */
1309                         memcpy(recv_msg->msg_data, smi_msg->data,
1310                                smi_msg->data_size);
1311                         recv_msg->msg.data = recv_msg->msg_data;
1312                         recv_msg->msg.data_len = smi_msg->data_size;
1313
1314                         /* We don't unlock until here, because we need
1315                            to copy the completed message into the
1316                            recv_msg before we release the lock.
1317                            Otherwise, race conditions may bite us.  I
1318                            know that's pretty paranoid, but I prefer
1319                            to be correct. */
1320                         spin_unlock_irqrestore(&(intf->seq_lock), flags);
1321                 }
1322         } else {
1323             /* Unknown address type. */
1324                 spin_lock_irqsave(&intf->counter_lock, flags);
1325                 intf->sent_invalid_commands++;
1326                 spin_unlock_irqrestore(&intf->counter_lock, flags);
1327                 rv = -EINVAL;
1328                 goto out_err;
1329         }
1330
1331 #ifdef DEBUG_MSGING
1332         {
1333                 int m;
1334                 for (m=0; m<smi_msg->data_size; m++)
1335                         printk(" %2.2x", smi_msg->data[m]);
1336                 printk("\n");
1337         }
1338 #endif
1339         intf->handlers->sender(intf->send_info, smi_msg, priority);
1340
1341         return 0;
1342
1343  out_err:
1344         ipmi_free_smi_msg(smi_msg);
1345         ipmi_free_recv_msg(recv_msg);
1346         return rv;
1347 }
1348
1349 int ipmi_request_settime(ipmi_user_t      user,
1350                          struct ipmi_addr *addr,
1351                          long             msgid,
1352                          struct kernel_ipmi_msg  *msg,
1353                          void             *user_msg_data,
1354                          int              priority,
1355                          int              retries,
1356                          unsigned int     retry_time_ms)
1357 {
1358         return i_ipmi_request(user,
1359                               user->intf,
1360                               addr,
1361                               msgid,
1362                               msg,
1363                               user_msg_data,
1364                               NULL, NULL,
1365                               priority,
1366                               user->intf->my_address,
1367                               user->intf->my_lun,
1368                               retries,
1369                               retry_time_ms);
1370 }
1371
1372 int ipmi_request_supply_msgs(ipmi_user_t          user,
1373                              struct ipmi_addr     *addr,
1374                              long                 msgid,
1375                              struct kernel_ipmi_msg *msg,
1376                              void                 *user_msg_data,
1377                              void                 *supplied_smi,
1378                              struct ipmi_recv_msg *supplied_recv,
1379                              int                  priority)
1380 {
1381         return i_ipmi_request(user,
1382                               user->intf,
1383                               addr,
1384                               msgid,
1385                               msg,
1386                               user_msg_data,
1387                               supplied_smi,
1388                               supplied_recv,
1389                               priority,
1390                               user->intf->my_address,
1391                               user->intf->my_lun,
1392                               -1, 0);
1393 }
1394
1395 static int ipmb_file_read_proc(char *page, char **start, off_t off,
1396                                int count, int *eof, void *data)
1397 {
1398         char       *out = (char *) page;
1399         ipmi_smi_t intf = data;
1400
1401         return sprintf(out, "%x\n", intf->my_address);
1402 }
1403
1404 static int version_file_read_proc(char *page, char **start, off_t off,
1405                                   int count, int *eof, void *data)
1406 {
1407         char       *out = (char *) page;
1408         ipmi_smi_t intf = data;
1409
1410         return sprintf(out, "%d.%d\n",
1411                        intf->version_major, intf->version_minor);
1412 }
1413
1414 static int stat_file_read_proc(char *page, char **start, off_t off,
1415                                int count, int *eof, void *data)
1416 {
1417         char       *out = (char *) page;
1418         ipmi_smi_t intf = data;
1419
1420         out += sprintf(out, "sent_invalid_commands:       %d\n",
1421                        intf->sent_invalid_commands);
1422         out += sprintf(out, "sent_local_commands:         %d\n",
1423                        intf->sent_local_commands);
1424         out += sprintf(out, "handled_local_responses:     %d\n",
1425                        intf->handled_local_responses);
1426         out += sprintf(out, "unhandled_local_responses:   %d\n",
1427                        intf->unhandled_local_responses);
1428         out += sprintf(out, "sent_ipmb_commands:          %d\n",
1429                        intf->sent_ipmb_commands);
1430         out += sprintf(out, "sent_ipmb_command_errs:      %d\n",
1431                        intf->sent_ipmb_command_errs);
1432         out += sprintf(out, "retransmitted_ipmb_commands: %d\n",
1433                        intf->retransmitted_ipmb_commands);
1434         out += sprintf(out, "timed_out_ipmb_commands:     %d\n",
1435                        intf->timed_out_ipmb_commands);
1436         out += sprintf(out, "timed_out_ipmb_broadcasts:   %d\n",
1437                        intf->timed_out_ipmb_broadcasts);
1438         out += sprintf(out, "sent_ipmb_responses:         %d\n",
1439                        intf->sent_ipmb_responses);
1440         out += sprintf(out, "handled_ipmb_responses:      %d\n",
1441                        intf->handled_ipmb_responses);
1442         out += sprintf(out, "invalid_ipmb_responses:      %d\n",
1443                        intf->invalid_ipmb_responses);
1444         out += sprintf(out, "unhandled_ipmb_responses:    %d\n",
1445                        intf->unhandled_ipmb_responses);
1446         out += sprintf(out, "sent_lan_commands:           %d\n",
1447                        intf->sent_lan_commands);
1448         out += sprintf(out, "sent_lan_command_errs:       %d\n",
1449                        intf->sent_lan_command_errs);
1450         out += sprintf(out, "retransmitted_lan_commands:  %d\n",
1451                        intf->retransmitted_lan_commands);
1452         out += sprintf(out, "timed_out_lan_commands:      %d\n",
1453                        intf->timed_out_lan_commands);
1454         out += sprintf(out, "sent_lan_responses:          %d\n",
1455                        intf->sent_lan_responses);
1456         out += sprintf(out, "handled_lan_responses:       %d\n",
1457                        intf->handled_lan_responses);
1458         out += sprintf(out, "invalid_lan_responses:       %d\n",
1459                        intf->invalid_lan_responses);
1460         out += sprintf(out, "unhandled_lan_responses:     %d\n",
1461                        intf->unhandled_lan_responses);
1462         out += sprintf(out, "handled_commands:            %d\n",
1463                        intf->handled_commands);
1464         out += sprintf(out, "invalid_commands:            %d\n",
1465                        intf->invalid_commands);
1466         out += sprintf(out, "unhandled_commands:          %d\n",
1467                        intf->unhandled_commands);
1468         out += sprintf(out, "invalid_events:              %d\n",
1469                        intf->invalid_events);
1470         out += sprintf(out, "events:                      %d\n",
1471                        intf->events);
1472
1473         return (out - ((char *) page));
1474 }
1475
1476 int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1477                             read_proc_t *read_proc, write_proc_t *write_proc,
1478                             void *data, struct module *owner)
1479 {
1480         int                    rv = 0;
1481 #ifdef CONFIG_PROC_FS
1482         struct proc_dir_entry  *file;
1483         struct ipmi_proc_entry *entry;
1484
1485         /* Create a list element. */
1486         entry = kmalloc(sizeof(*entry), GFP_KERNEL);
1487         if (!entry)
1488                 return -ENOMEM;
1489         entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
1490         if (!entry->name) {
1491                 kfree(entry);
1492                 return -ENOMEM;
1493         }
1494         strcpy(entry->name, name);
1495
1496         file = create_proc_entry(name, 0, smi->proc_dir);
1497         if (!file) {
1498                 kfree(entry->name);
1499                 kfree(entry);
1500                 rv = -ENOMEM;
1501         } else {
1502                 file->nlink = 1;
1503                 file->data = data;
1504                 file->read_proc = read_proc;
1505                 file->write_proc = write_proc;
1506                 file->owner = owner;
1507
1508                 spin_lock(&smi->proc_entry_lock);
1509                 /* Stick it on the list. */
1510                 entry->next = smi->proc_entries;
1511                 smi->proc_entries = entry;
1512                 spin_unlock(&smi->proc_entry_lock);
1513         }
1514 #endif /* CONFIG_PROC_FS */
1515
1516         return rv;
1517 }
1518
1519 static int add_proc_entries(ipmi_smi_t smi, int num)
1520 {
1521         int rv = 0;
1522
1523 #ifdef CONFIG_PROC_FS
1524         sprintf(smi->proc_dir_name, "%d", num);
1525         smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
1526         if (!smi->proc_dir)
1527                 rv = -ENOMEM;
1528         else {
1529                 smi->proc_dir->owner = THIS_MODULE;
1530         }
1531
1532         if (rv == 0)
1533                 rv = ipmi_smi_add_proc_entry(smi, "stats",
1534                                              stat_file_read_proc, NULL,
1535                                              smi, THIS_MODULE);
1536
1537         if (rv == 0)
1538                 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
1539                                              ipmb_file_read_proc, NULL,
1540                                              smi, THIS_MODULE);
1541
1542         if (rv == 0)
1543                 rv = ipmi_smi_add_proc_entry(smi, "version",
1544                                              version_file_read_proc, NULL,
1545                                              smi, THIS_MODULE);
1546 #endif /* CONFIG_PROC_FS */
1547
1548         return rv;
1549 }
1550
1551 static void remove_proc_entries(ipmi_smi_t smi)
1552 {
1553 #ifdef CONFIG_PROC_FS
1554         struct ipmi_proc_entry *entry;
1555
1556         spin_lock(&smi->proc_entry_lock);
1557         while (smi->proc_entries) {
1558                 entry = smi->proc_entries;
1559                 smi->proc_entries = entry->next;
1560
1561                 remove_proc_entry(entry->name, smi->proc_dir);
1562                 kfree(entry->name);
1563                 kfree(entry);
1564         }
1565         spin_unlock(&smi->proc_entry_lock);
1566         remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
1567 #endif /* CONFIG_PROC_FS */
1568 }
1569
1570 static int
1571 send_channel_info_cmd(ipmi_smi_t intf, int chan)
1572 {
1573         struct kernel_ipmi_msg            msg;
1574         unsigned char                     data[1];
1575         struct ipmi_system_interface_addr si;
1576
1577         si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
1578         si.channel = IPMI_BMC_CHANNEL;
1579         si.lun = 0;
1580
1581         msg.netfn = IPMI_NETFN_APP_REQUEST;
1582         msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
1583         msg.data = data;
1584         msg.data_len = 1;
1585         data[0] = chan;
1586         return i_ipmi_request(NULL,
1587                               intf,
1588                               (struct ipmi_addr *) &si,
1589                               0,
1590                               &msg,
1591                               NULL,
1592                               NULL,
1593                               NULL,
1594                               0,
1595                               intf->my_address,
1596                               intf->my_lun,
1597                               -1, 0);
1598 }
1599
1600 static void
1601 channel_handler(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
1602 {
1603         int rv = 0;
1604         int chan;
1605
1606         if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2))
1607             && (msg->rsp[1] == IPMI_GET_CHANNEL_INFO_CMD))
1608         {
1609                 /* It's the one we want */
1610                 if (msg->rsp[2] != 0) {
1611                         /* Got an error from the channel, just go on. */
1612
1613                         if (msg->rsp[2] == IPMI_INVALID_COMMAND_ERR) {
1614                                 /* If the MC does not support this
1615                                    command, that is legal.  We just
1616                                    assume it has one IPMB at channel
1617                                    zero. */
1618                                 intf->channels[0].medium
1619                                         = IPMI_CHANNEL_MEDIUM_IPMB;
1620                                 intf->channels[0].protocol
1621                                         = IPMI_CHANNEL_PROTOCOL_IPMB;
1622                                 rv = -ENOSYS;
1623
1624                                 intf->curr_channel = IPMI_MAX_CHANNELS;
1625                                 wake_up(&intf->waitq);
1626                                 goto out;
1627                         }
1628                         goto next_channel;
1629                 }
1630                 if (msg->rsp_size < 6) {
1631                         /* Message not big enough, just go on. */
1632                         goto next_channel;
1633                 }
1634                 chan = intf->curr_channel;
1635                 intf->channels[chan].medium = msg->rsp[4] & 0x7f;
1636                 intf->channels[chan].protocol = msg->rsp[5] & 0x1f;
1637
1638         next_channel:
1639                 intf->curr_channel++;
1640                 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
1641                         wake_up(&intf->waitq);
1642                 else
1643                         rv = send_channel_info_cmd(intf, intf->curr_channel);
1644
1645                 if (rv) {
1646                         /* Got an error somehow, just give up. */
1647                         intf->curr_channel = IPMI_MAX_CHANNELS;
1648                         wake_up(&intf->waitq);
1649
1650                         printk(KERN_WARNING PFX
1651                                "Error sending channel information: %d\n",
1652                                rv);
1653                 }
1654         }
1655  out:
1656         return;
1657 }
1658
1659 int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
1660                       void                     *send_info,
1661                       unsigned char            version_major,
1662                       unsigned char            version_minor,
1663                       unsigned char            slave_addr,
1664                       ipmi_smi_t               *intf)
1665 {
1666         int              i, j;
1667         int              rv;
1668         ipmi_smi_t       new_intf;
1669         unsigned long    flags;
1670
1671
1672         /* Make sure the driver is actually initialized, this handles
1673            problems with initialization order. */
1674         if (!initialized) {
1675                 rv = ipmi_init_msghandler();
1676                 if (rv)
1677                         return rv;
1678                 /* The init code doesn't return an error if it was turned
1679                    off, but it won't initialize.  Check that. */
1680                 if (!initialized)
1681                         return -ENODEV;
1682         }
1683
1684         new_intf = kmalloc(sizeof(*new_intf), GFP_KERNEL);
1685         if (!new_intf)
1686                 return -ENOMEM;
1687         memset(new_intf, 0, sizeof(*new_intf));
1688
1689         new_intf->proc_dir = NULL;
1690
1691         rv = -ENOMEM;
1692
1693         down_write(&interfaces_sem);
1694         for (i=0; i<MAX_IPMI_INTERFACES; i++) {
1695                 if (ipmi_interfaces[i] == NULL) {
1696                         new_intf->intf_num = i;
1697                         new_intf->version_major = version_major;
1698                         new_intf->version_minor = version_minor;
1699                         if (slave_addr == 0)
1700                                 new_intf->my_address = IPMI_BMC_SLAVE_ADDR;
1701                         else
1702                                 new_intf->my_address = slave_addr;
1703                         new_intf->my_lun = 2;  /* the SMS LUN. */
1704                         rwlock_init(&(new_intf->users_lock));
1705                         INIT_LIST_HEAD(&(new_intf->users));
1706                         new_intf->handlers = handlers;
1707                         new_intf->send_info = send_info;
1708                         spin_lock_init(&(new_intf->seq_lock));
1709                         for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) {
1710                                 new_intf->seq_table[j].inuse = 0;
1711                                 new_intf->seq_table[j].seqid = 0;
1712                         }
1713                         new_intf->curr_seq = 0;
1714 #ifdef CONFIG_PROC_FS
1715                         spin_lock_init(&(new_intf->proc_entry_lock));
1716 #endif
1717                         spin_lock_init(&(new_intf->waiting_msgs_lock));
1718                         INIT_LIST_HEAD(&(new_intf->waiting_msgs));
1719                         spin_lock_init(&(new_intf->events_lock));
1720                         INIT_LIST_HEAD(&(new_intf->waiting_events));
1721                         new_intf->waiting_events_count = 0;
1722                         rwlock_init(&(new_intf->cmd_rcvr_lock));
1723                         init_waitqueue_head(&new_intf->waitq);
1724                         INIT_LIST_HEAD(&(new_intf->cmd_rcvrs));
1725                         new_intf->all_cmd_rcvr = NULL;
1726
1727                         spin_lock_init(&(new_intf->counter_lock));
1728
1729                         spin_lock_irqsave(&interfaces_lock, flags);
1730                         ipmi_interfaces[i] = new_intf;
1731                         spin_unlock_irqrestore(&interfaces_lock, flags);
1732
1733                         rv = 0;
1734                         *intf = new_intf;
1735                         break;
1736                 }
1737         }
1738
1739         downgrade_write(&interfaces_sem);
1740
1741         if (rv == 0)
1742                 rv = add_proc_entries(*intf, i);
1743
1744         if (rv == 0) {
1745                 if ((version_major > 1)
1746                     || ((version_major == 1) && (version_minor >= 5)))
1747                 {
1748                         /* Start scanning the channels to see what is
1749                            available. */
1750                         (*intf)->null_user_handler = channel_handler;
1751                         (*intf)->curr_channel = 0;
1752                         rv = send_channel_info_cmd(*intf, 0);
1753                         if (rv)
1754                                 goto out;
1755
1756                         /* Wait for the channel info to be read. */
1757                         up_read(&interfaces_sem);
1758                         wait_event((*intf)->waitq,
1759                                    ((*intf)->curr_channel>=IPMI_MAX_CHANNELS));
1760                         down_read(&interfaces_sem);
1761
1762                         if (ipmi_interfaces[i] != new_intf)
1763                                 /* Well, it went away.  Just return. */
1764                                 goto out;
1765                 } else {
1766                         /* Assume a single IPMB channel at zero. */
1767                         (*intf)->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
1768                         (*intf)->channels[0].protocol
1769                                 = IPMI_CHANNEL_PROTOCOL_IPMB;
1770                 }
1771
1772                 /* Call all the watcher interfaces to tell
1773                    them that a new interface is available. */
1774                 call_smi_watchers(i);
1775         }
1776
1777  out:
1778         up_read(&interfaces_sem);
1779
1780         if (rv) {
1781                 if (new_intf->proc_dir)
1782                         remove_proc_entries(new_intf);
1783                 kfree(new_intf);
1784         }
1785
1786         return rv;
1787 }
1788
1789 static void free_recv_msg_list(struct list_head *q)
1790 {
1791         struct ipmi_recv_msg *msg, *msg2;
1792
1793         list_for_each_entry_safe(msg, msg2, q, link) {
1794                 list_del(&msg->link);
1795                 ipmi_free_recv_msg(msg);
1796         }
1797 }
1798
1799 static void free_cmd_rcvr_list(struct list_head *q)
1800 {
1801         struct cmd_rcvr  *rcvr, *rcvr2;
1802
1803         list_for_each_entry_safe(rcvr, rcvr2, q, link) {
1804                 list_del(&rcvr->link);
1805                 kfree(rcvr);
1806         }
1807 }
1808
1809 static void clean_up_interface_data(ipmi_smi_t intf)
1810 {
1811         int i;
1812
1813         free_recv_msg_list(&(intf->waiting_msgs));
1814         free_recv_msg_list(&(intf->waiting_events));
1815         free_cmd_rcvr_list(&(intf->cmd_rcvrs));
1816
1817         for (i=0; i<IPMI_IPMB_NUM_SEQ; i++) {
1818                 if ((intf->seq_table[i].inuse)
1819                     && (intf->seq_table[i].recv_msg))
1820                 {
1821                         ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
1822                 }       
1823         }
1824 }
1825
1826 int ipmi_unregister_smi(ipmi_smi_t intf)
1827 {
1828         int                     rv = -ENODEV;
1829         int                     i;
1830         struct ipmi_smi_watcher *w;
1831         unsigned long           flags;
1832
1833         down_write(&interfaces_sem);
1834         if (list_empty(&(intf->users)))
1835         {
1836                 for (i=0; i<MAX_IPMI_INTERFACES; i++) {
1837                         if (ipmi_interfaces[i] == intf) {
1838                                 remove_proc_entries(intf);
1839                                 spin_lock_irqsave(&interfaces_lock, flags);
1840                                 ipmi_interfaces[i] = NULL;
1841                                 clean_up_interface_data(intf);
1842                                 spin_unlock_irqrestore(&interfaces_lock,flags);
1843                                 kfree(intf);
1844                                 rv = 0;
1845                                 goto out_call_watcher;
1846                         }
1847                 }
1848         } else {
1849                 rv = -EBUSY;
1850         }
1851         up_write(&interfaces_sem);
1852
1853         return rv;
1854
1855  out_call_watcher:
1856         downgrade_write(&interfaces_sem);
1857
1858         /* Call all the watcher interfaces to tell them that
1859            an interface is gone. */
1860         down_read(&smi_watchers_sem);
1861         list_for_each_entry(w, &smi_watchers, link) {
1862                 w->smi_gone(i);
1863         }
1864         up_read(&smi_watchers_sem);
1865         up_read(&interfaces_sem);
1866         return 0;
1867 }
1868
1869 static int handle_ipmb_get_msg_rsp(ipmi_smi_t          intf,
1870                                    struct ipmi_smi_msg *msg)
1871 {
1872         struct ipmi_ipmb_addr ipmb_addr;
1873         struct ipmi_recv_msg  *recv_msg;
1874         unsigned long         flags;
1875
1876         
1877         /* This is 11, not 10, because the response must contain a
1878          * completion code. */
1879         if (msg->rsp_size < 11) {
1880                 /* Message not big enough, just ignore it. */
1881                 spin_lock_irqsave(&intf->counter_lock, flags);
1882                 intf->invalid_ipmb_responses++;
1883                 spin_unlock_irqrestore(&intf->counter_lock, flags);
1884                 return 0;
1885         }
1886
1887         if (msg->rsp[2] != 0) {
1888                 /* An error getting the response, just ignore it. */
1889                 return 0;
1890         }
1891
1892         ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
1893         ipmb_addr.slave_addr = msg->rsp[6];
1894         ipmb_addr.channel = msg->rsp[3] & 0x0f;
1895         ipmb_addr.lun = msg->rsp[7] & 3;
1896
1897         /* It's a response from a remote entity.  Look up the sequence
1898            number and handle the response. */
1899         if (intf_find_seq(intf,
1900                           msg->rsp[7] >> 2,
1901                           msg->rsp[3] & 0x0f,
1902                           msg->rsp[8],
1903                           (msg->rsp[4] >> 2) & (~1),
1904                           (struct ipmi_addr *) &(ipmb_addr),
1905                           &recv_msg))
1906         {
1907                 /* We were unable to find the sequence number,
1908                    so just nuke the message. */
1909                 spin_lock_irqsave(&intf->counter_lock, flags);
1910                 intf->unhandled_ipmb_responses++;
1911                 spin_unlock_irqrestore(&intf->counter_lock, flags);
1912                 return 0;
1913         }
1914
1915         memcpy(recv_msg->msg_data,
1916                &(msg->rsp[9]),
1917                msg->rsp_size - 9);
1918         /* THe other fields matched, so no need to set them, except
1919            for netfn, which needs to be the response that was
1920            returned, not the request value. */
1921         recv_msg->msg.netfn = msg->rsp[4] >> 2;
1922         recv_msg->msg.data = recv_msg->msg_data;
1923         recv_msg->msg.data_len = msg->rsp_size - 10;
1924         recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
1925         spin_lock_irqsave(&intf->counter_lock, flags);
1926         intf->handled_ipmb_responses++;
1927         spin_unlock_irqrestore(&intf->counter_lock, flags);
1928         deliver_response(recv_msg);
1929
1930         return 0;
1931 }
1932
1933 static int handle_ipmb_get_msg_cmd(ipmi_smi_t          intf,
1934                                    struct ipmi_smi_msg *msg)
1935 {
1936         struct cmd_rcvr       *rcvr;
1937         int                   rv = 0;
1938         unsigned char         netfn;
1939         unsigned char         cmd;
1940         ipmi_user_t           user = NULL;
1941         struct ipmi_ipmb_addr *ipmb_addr;
1942         struct ipmi_recv_msg  *recv_msg;
1943         unsigned long         flags;
1944
1945         if (msg->rsp_size < 10) {
1946                 /* Message not big enough, just ignore it. */
1947                 spin_lock_irqsave(&intf->counter_lock, flags);
1948                 intf->invalid_commands++;
1949                 spin_unlock_irqrestore(&intf->counter_lock, flags);
1950                 return 0;
1951         }
1952
1953         if (msg->rsp[2] != 0) {
1954                 /* An error getting the response, just ignore it. */
1955                 return 0;
1956         }
1957
1958         netfn = msg->rsp[4] >> 2;
1959         cmd = msg->rsp[8];
1960
1961         read_lock(&(intf->cmd_rcvr_lock));
1962         
1963         if (intf->all_cmd_rcvr) {
1964                 user = intf->all_cmd_rcvr;
1965         } else {
1966                 /* Find the command/netfn. */
1967                 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) {
1968                         if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
1969                                 user = rcvr->user;
1970                                 break;
1971                         }
1972                 }
1973         }
1974         read_unlock(&(intf->cmd_rcvr_lock));
1975
1976         if (user == NULL) {
1977                 /* We didn't find a user, deliver an error response. */
1978                 spin_lock_irqsave(&intf->counter_lock, flags);
1979                 intf->unhandled_commands++;
1980                 spin_unlock_irqrestore(&intf->counter_lock, flags);
1981
1982                 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1983                 msg->data[1] = IPMI_SEND_MSG_CMD;
1984                 msg->data[2] = msg->rsp[3];
1985                 msg->data[3] = msg->rsp[6];
1986                 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
1987                 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
1988                 msg->data[6] = intf->my_address;
1989                 /* rqseq/lun */
1990                 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
1991                 msg->data[8] = msg->rsp[8]; /* cmd */
1992                 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
1993                 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
1994                 msg->data_size = 11;
1995
1996 #ifdef DEBUG_MSGING
1997         {
1998                 int m;
1999                 printk("Invalid command:");
2000                 for (m=0; m<msg->data_size; m++)
2001                         printk(" %2.2x", msg->data[m]);
2002                 printk("\n");
2003         }
2004 #endif
2005                 intf->handlers->sender(intf->send_info, msg, 0);
2006
2007                 rv = -1; /* We used the message, so return the value that
2008                             causes it to not be freed or queued. */
2009         } else {
2010                 /* Deliver the message to the user. */
2011                 spin_lock_irqsave(&intf->counter_lock, flags);
2012                 intf->handled_commands++;
2013                 spin_unlock_irqrestore(&intf->counter_lock, flags);
2014
2015                 recv_msg = ipmi_alloc_recv_msg();
2016                 if (! recv_msg) {
2017                         /* We couldn't allocate memory for the
2018                            message, so requeue it for handling
2019                            later. */
2020                         rv = 1;
2021                 } else {
2022                         /* Extract the source address from the data. */
2023                         ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
2024                         ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
2025                         ipmb_addr->slave_addr = msg->rsp[6];
2026                         ipmb_addr->lun = msg->rsp[7] & 3;
2027                         ipmb_addr->channel = msg->rsp[3] & 0xf;
2028
2029                         /* Extract the rest of the message information
2030                            from the IPMB header.*/
2031                         recv_msg->user = user;
2032                         recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2033                         recv_msg->msgid = msg->rsp[7] >> 2;
2034                         recv_msg->msg.netfn = msg->rsp[4] >> 2;
2035                         recv_msg->msg.cmd = msg->rsp[8];
2036                         recv_msg->msg.data = recv_msg->msg_data;
2037
2038                         /* We chop off 10, not 9 bytes because the checksum
2039                            at the end also needs to be removed. */
2040                         recv_msg->msg.data_len = msg->rsp_size - 10;
2041                         memcpy(recv_msg->msg_data,
2042                                &(msg->rsp[9]),
2043                                msg->rsp_size - 10);
2044                         deliver_response(recv_msg);
2045                 }
2046         }
2047
2048         return rv;
2049 }
2050
2051 static int handle_lan_get_msg_rsp(ipmi_smi_t          intf,
2052                                   struct ipmi_smi_msg *msg)
2053 {
2054         struct ipmi_lan_addr  lan_addr;
2055         struct ipmi_recv_msg  *recv_msg;
2056         unsigned long         flags;
2057
2058
2059         /* This is 13, not 12, because the response must contain a
2060          * completion code. */
2061         if (msg->rsp_size < 13) {
2062                 /* Message not big enough, just ignore it. */
2063                 spin_lock_irqsave(&intf->counter_lock, flags);
2064                 intf->invalid_lan_responses++;
2065                 spin_unlock_irqrestore(&intf->counter_lock, flags);
2066                 return 0;
2067         }
2068
2069         if (msg->rsp[2] != 0) {
2070                 /* An error getting the response, just ignore it. */
2071                 return 0;
2072         }
2073
2074         lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
2075         lan_addr.session_handle = msg->rsp[4];
2076         lan_addr.remote_SWID = msg->rsp[8];
2077         lan_addr.local_SWID = msg->rsp[5];
2078         lan_addr.channel = msg->rsp[3] & 0x0f;
2079         lan_addr.privilege = msg->rsp[3] >> 4;
2080         lan_addr.lun = msg->rsp[9] & 3;
2081
2082         /* It's a response from a remote entity.  Look up the sequence
2083            number and handle the response. */
2084         if (intf_find_seq(intf,
2085                           msg->rsp[9] >> 2,
2086                           msg->rsp[3] & 0x0f,
2087                           msg->rsp[10],
2088                           (msg->rsp[6] >> 2) & (~1),
2089                           (struct ipmi_addr *) &(lan_addr),
2090                           &recv_msg))
2091         {
2092                 /* We were unable to find the sequence number,
2093                    so just nuke the message. */
2094                 spin_lock_irqsave(&intf->counter_lock, flags);
2095                 intf->unhandled_lan_responses++;
2096                 spin_unlock_irqrestore(&intf->counter_lock, flags);
2097                 return 0;
2098         }
2099
2100         memcpy(recv_msg->msg_data,
2101                &(msg->rsp[11]),
2102                msg->rsp_size - 11);
2103         /* The other fields matched, so no need to set them, except
2104            for netfn, which needs to be the response that was
2105            returned, not the request value. */
2106         recv_msg->msg.netfn = msg->rsp[6] >> 2;
2107         recv_msg->msg.data = recv_msg->msg_data;
2108         recv_msg->msg.data_len = msg->rsp_size - 12;
2109         recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2110         spin_lock_irqsave(&intf->counter_lock, flags);
2111         intf->handled_lan_responses++;
2112         spin_unlock_irqrestore(&intf->counter_lock, flags);
2113         deliver_response(recv_msg);
2114
2115         return 0;
2116 }
2117
2118 static int handle_lan_get_msg_cmd(ipmi_smi_t          intf,
2119                                   struct ipmi_smi_msg *msg)
2120 {
2121         struct cmd_rcvr       *rcvr;
2122         int                   rv = 0;
2123         unsigned char         netfn;
2124         unsigned char         cmd;
2125         ipmi_user_t           user = NULL;
2126         struct ipmi_lan_addr  *lan_addr;
2127         struct ipmi_recv_msg  *recv_msg;
2128         unsigned long         flags;
2129
2130         if (msg->rsp_size < 12) {
2131                 /* Message not big enough, just ignore it. */
2132                 spin_lock_irqsave(&intf->counter_lock, flags);
2133                 intf->invalid_commands++;
2134                 spin_unlock_irqrestore(&intf->counter_lock, flags);
2135                 return 0;
2136         }
2137
2138         if (msg->rsp[2] != 0) {
2139                 /* An error getting the response, just ignore it. */
2140                 return 0;
2141         }
2142
2143         netfn = msg->rsp[6] >> 2;
2144         cmd = msg->rsp[10];
2145
2146         read_lock(&(intf->cmd_rcvr_lock));
2147
2148         if (intf->all_cmd_rcvr) {
2149                 user = intf->all_cmd_rcvr;
2150         } else {
2151                 /* Find the command/netfn. */
2152                 list_for_each_entry(rcvr, &(intf->cmd_rcvrs), link) {
2153                         if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd)) {
2154                                 user = rcvr->user;
2155                                 break;
2156                         }
2157                 }
2158         }
2159         read_unlock(&(intf->cmd_rcvr_lock));
2160
2161         if (user == NULL) {
2162                 /* We didn't find a user, deliver an error response. */
2163                 spin_lock_irqsave(&intf->counter_lock, flags);
2164                 intf->unhandled_commands++;
2165                 spin_unlock_irqrestore(&intf->counter_lock, flags);
2166
2167                 rv = 0; /* Don't do anything with these messages, just
2168                            allow them to be freed. */
2169         } else {
2170                 /* Deliver the message to the user. */
2171                 spin_lock_irqsave(&intf->counter_lock, flags);
2172                 intf->handled_commands++;
2173                 spin_unlock_irqrestore(&intf->counter_lock, flags);
2174
2175                 recv_msg = ipmi_alloc_recv_msg();
2176                 if (! recv_msg) {
2177                         /* We couldn't allocate memory for the
2178                            message, so requeue it for handling
2179                            later. */
2180                         rv = 1;
2181                 } else {
2182                         /* Extract the source address from the data. */
2183                         lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
2184                         lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
2185                         lan_addr->session_handle = msg->rsp[4];
2186                         lan_addr->remote_SWID = msg->rsp[8];
2187                         lan_addr->local_SWID = msg->rsp[5];
2188                         lan_addr->lun = msg->rsp[9] & 3;
2189                         lan_addr->channel = msg->rsp[3] & 0xf;
2190                         lan_addr->privilege = msg->rsp[3] >> 4;
2191
2192                         /* Extract the rest of the message information
2193                            from the IPMB header.*/
2194                         recv_msg->user = user;
2195                         recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2196                         recv_msg->msgid = msg->rsp[9] >> 2;
2197                         recv_msg->msg.netfn = msg->rsp[6] >> 2;
2198                         recv_msg->msg.cmd = msg->rsp[10];
2199                         recv_msg->msg.data = recv_msg->msg_data;
2200
2201                         /* We chop off 12, not 11 bytes because the checksum
2202                            at the end also needs to be removed. */
2203                         recv_msg->msg.data_len = msg->rsp_size - 12;
2204                         memcpy(recv_msg->msg_data,
2205                                &(msg->rsp[11]),
2206                                msg->rsp_size - 12);
2207                         deliver_response(recv_msg);
2208                 }
2209         }
2210
2211         return rv;
2212 }
2213
2214 static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
2215                                      struct ipmi_smi_msg  *msg)
2216 {
2217         struct ipmi_system_interface_addr *smi_addr;
2218         
2219         recv_msg->msgid = 0;
2220         smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
2221         smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2222         smi_addr->channel = IPMI_BMC_CHANNEL;
2223         smi_addr->lun = msg->rsp[0] & 3;
2224         recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
2225         recv_msg->msg.netfn = msg->rsp[0] >> 2;
2226         recv_msg->msg.cmd = msg->rsp[1];
2227         memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
2228         recv_msg->msg.data = recv_msg->msg_data;
2229         recv_msg->msg.data_len = msg->rsp_size - 3;
2230 }
2231
2232 /* This will be called with the intf->users_lock read-locked, so no need
2233    to do that here. */
2234 static int handle_read_event_rsp(ipmi_smi_t          intf,
2235                                  struct ipmi_smi_msg *msg)
2236 {
2237         struct ipmi_recv_msg *recv_msg, *recv_msg2;
2238         struct list_head     msgs;
2239         ipmi_user_t          user;
2240         int                  rv = 0;
2241         int                  deliver_count = 0;
2242         unsigned long        flags;
2243
2244         if (msg->rsp_size < 19) {
2245                 /* Message is too small to be an IPMB event. */
2246                 spin_lock_irqsave(&intf->counter_lock, flags);
2247                 intf->invalid_events++;
2248                 spin_unlock_irqrestore(&intf->counter_lock, flags);
2249                 return 0;
2250         }
2251
2252         if (msg->rsp[2] != 0) {
2253                 /* An error getting the event, just ignore it. */
2254                 return 0;
2255         }
2256
2257         INIT_LIST_HEAD(&msgs);
2258
2259         spin_lock_irqsave(&(intf->events_lock), flags);
2260
2261         spin_lock(&intf->counter_lock);
2262         intf->events++;
2263         spin_unlock(&intf->counter_lock);
2264
2265         /* Allocate and fill in one message for every user that is getting
2266            events. */
2267         list_for_each_entry(user, &(intf->users), link) {
2268                 if (! user->gets_events)
2269                         continue;
2270
2271                 recv_msg = ipmi_alloc_recv_msg();
2272                 if (! recv_msg) {
2273                         list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2274                                 list_del(&recv_msg->link);
2275                                 ipmi_free_recv_msg(recv_msg);
2276                         }
2277                         /* We couldn't allocate memory for the
2278                            message, so requeue it for handling
2279                            later. */
2280                         rv = 1;
2281                         goto out;
2282                 }
2283
2284                 deliver_count++;
2285
2286                 copy_event_into_recv_msg(recv_msg, msg);
2287                 recv_msg->user = user;
2288                 list_add_tail(&(recv_msg->link), &msgs);
2289         }
2290
2291         if (deliver_count) {
2292                 /* Now deliver all the messages. */
2293                 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2294                         list_del(&recv_msg->link);
2295                         deliver_response(recv_msg);
2296                 }
2297         } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
2298                 /* No one to receive the message, put it in queue if there's
2299                    not already too many things in the queue. */
2300                 recv_msg = ipmi_alloc_recv_msg();
2301                 if (! recv_msg) {
2302                         /* We couldn't allocate memory for the
2303                            message, so requeue it for handling
2304                            later. */
2305                         rv = 1;
2306                         goto out;
2307                 }
2308
2309                 copy_event_into_recv_msg(recv_msg, msg);
2310                 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
2311         } else {
2312                 /* There's too many things in the queue, discard this
2313                    message. */
2314                 printk(KERN_WARNING PFX "Event queue full, discarding an"
2315                        " incoming event\n");
2316         }
2317
2318  out:
2319         spin_unlock_irqrestore(&(intf->events_lock), flags);
2320
2321         return rv;
2322 }
2323
2324 static int handle_bmc_rsp(ipmi_smi_t          intf,
2325                           struct ipmi_smi_msg *msg)
2326 {
2327         struct ipmi_recv_msg *recv_msg;
2328         int                  found = 0;
2329         struct ipmi_user     *user;
2330         unsigned long        flags;
2331
2332         recv_msg = (struct ipmi_recv_msg *) msg->user_data;
2333
2334         /* Make sure the user still exists. */
2335         list_for_each_entry(user, &(intf->users), link) {
2336                 if (user == recv_msg->user) {
2337                         /* Found it, so we can deliver it */
2338                         found = 1;
2339                         break;
2340                 }
2341         }
2342
2343         if (!found) {
2344                 /* Special handling for NULL users. */
2345                 if (!recv_msg->user && intf->null_user_handler){
2346                         intf->null_user_handler(intf, msg);
2347                         spin_lock_irqsave(&intf->counter_lock, flags);
2348                         intf->handled_local_responses++;
2349                         spin_unlock_irqrestore(&intf->counter_lock, flags);
2350                 }else{
2351                         /* The user for the message went away, so give up. */
2352                         spin_lock_irqsave(&intf->counter_lock, flags);
2353                         intf->unhandled_local_responses++;
2354                         spin_unlock_irqrestore(&intf->counter_lock, flags);
2355                 }
2356                 ipmi_free_recv_msg(recv_msg);
2357         } else {
2358                 struct ipmi_system_interface_addr *smi_addr;
2359
2360                 spin_lock_irqsave(&intf->counter_lock, flags);
2361                 intf->handled_local_responses++;
2362                 spin_unlock_irqrestore(&intf->counter_lock, flags);
2363                 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2364                 recv_msg->msgid = msg->msgid;
2365                 smi_addr = ((struct ipmi_system_interface_addr *)
2366                             &(recv_msg->addr));
2367                 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2368                 smi_addr->channel = IPMI_BMC_CHANNEL;
2369                 smi_addr->lun = msg->rsp[0] & 3;
2370                 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2371                 recv_msg->msg.cmd = msg->rsp[1];
2372                 memcpy(recv_msg->msg_data,
2373                        &(msg->rsp[2]),
2374                        msg->rsp_size - 2);
2375                 recv_msg->msg.data = recv_msg->msg_data;
2376                 recv_msg->msg.data_len = msg->rsp_size - 2;
2377                 deliver_response(recv_msg);
2378         }
2379
2380         return 0;
2381 }
2382
2383 /* Handle a new message.  Return 1 if the message should be requeued,
2384    0 if the message should be freed, or -1 if the message should not
2385    be freed or requeued. */
2386 static int handle_new_recv_msg(ipmi_smi_t          intf,
2387                                struct ipmi_smi_msg *msg)
2388 {
2389         int requeue;
2390         int chan;
2391
2392 #ifdef DEBUG_MSGING
2393         int m;
2394         printk("Recv:");
2395         for (m=0; m<msg->rsp_size; m++)
2396                 printk(" %2.2x", msg->rsp[m]);
2397         printk("\n");
2398 #endif
2399         if (msg->rsp_size < 2) {
2400                 /* Message is too small to be correct. */
2401                 printk(KERN_WARNING PFX "BMC returned to small a message"
2402                        " for netfn %x cmd %x, got %d bytes\n",
2403                        (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
2404
2405                 /* Generate an error response for the message. */
2406                 msg->rsp[0] = msg->data[0] | (1 << 2);
2407                 msg->rsp[1] = msg->data[1];
2408                 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2409                 msg->rsp_size = 3;
2410         } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */
2411                    || (msg->rsp[1] != msg->data[1]))              /* Command */
2412         {
2413                 /* The response is not even marginally correct. */
2414                 printk(KERN_WARNING PFX "BMC returned incorrect response,"
2415                        " expected netfn %x cmd %x, got netfn %x cmd %x\n",
2416                        (msg->data[0] >> 2) | 1, msg->data[1],
2417                        msg->rsp[0] >> 2, msg->rsp[1]);
2418
2419                 /* Generate an error response for the message. */
2420                 msg->rsp[0] = msg->data[0] | (1 << 2);
2421                 msg->rsp[1] = msg->data[1];
2422                 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2423                 msg->rsp_size = 3;
2424         }
2425
2426         if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2427             && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
2428             && (msg->user_data != NULL))
2429         {
2430                 /* It's a response to a response we sent.  For this we
2431                    deliver a send message response to the user. */
2432                 struct ipmi_recv_msg *recv_msg = msg->user_data;
2433
2434                 requeue = 0;
2435                 if (msg->rsp_size < 2)
2436                         /* Message is too small to be correct. */
2437                         goto out;
2438
2439                 chan = msg->data[2] & 0x0f;
2440                 if (chan >= IPMI_MAX_CHANNELS)
2441                         /* Invalid channel number */
2442                         goto out;
2443
2444                 if (recv_msg) {
2445                         recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
2446                         recv_msg->msg.data = recv_msg->msg_data;
2447                         recv_msg->msg.data_len = 1;
2448                         recv_msg->msg_data[0] = msg->rsp[2];
2449                         deliver_response(recv_msg);
2450                 }
2451         } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2452                    && (msg->rsp[1] == IPMI_GET_MSG_CMD))
2453         {
2454                 /* It's from the receive queue. */
2455                 chan = msg->rsp[3] & 0xf;
2456                 if (chan >= IPMI_MAX_CHANNELS) {
2457                         /* Invalid channel number */
2458                         requeue = 0;
2459                         goto out;
2460                 }
2461
2462                 switch (intf->channels[chan].medium) {
2463                 case IPMI_CHANNEL_MEDIUM_IPMB:
2464                         if (msg->rsp[4] & 0x04) {
2465                                 /* It's a response, so find the
2466                                    requesting message and send it up. */
2467                                 requeue = handle_ipmb_get_msg_rsp(intf, msg);
2468                         } else {
2469                                 /* It's a command to the SMS from some other
2470                                    entity.  Handle that. */
2471                                 requeue = handle_ipmb_get_msg_cmd(intf, msg);
2472                         }
2473                         break;
2474
2475                 case IPMI_CHANNEL_MEDIUM_8023LAN:
2476                 case IPMI_CHANNEL_MEDIUM_ASYNC:
2477                         if (msg->rsp[6] & 0x04) {
2478                                 /* It's a response, so find the
2479                                    requesting message and send it up. */
2480                                 requeue = handle_lan_get_msg_rsp(intf, msg);
2481                         } else {
2482                                 /* It's a command to the SMS from some other
2483                                    entity.  Handle that. */
2484                                 requeue = handle_lan_get_msg_cmd(intf, msg);
2485                         }
2486                         break;
2487
2488                 default:
2489                         /* We don't handle the channel type, so just
2490                          * free the message. */
2491                         requeue = 0;
2492                 }
2493
2494         } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2495                    && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD))
2496         {
2497                 /* It's an asyncronous event. */
2498                 requeue = handle_read_event_rsp(intf, msg);
2499         } else {
2500                 /* It's a response from the local BMC. */
2501                 requeue = handle_bmc_rsp(intf, msg);
2502         }
2503
2504  out:
2505         return requeue;
2506 }
2507
2508 /* Handle a new message from the lower layer. */
2509 void ipmi_smi_msg_received(ipmi_smi_t          intf,
2510                            struct ipmi_smi_msg *msg)
2511 {
2512         unsigned long flags;
2513         int           rv;
2514
2515
2516         /* Lock the user lock so the user can't go away while we are
2517            working on it. */
2518         read_lock(&(intf->users_lock));
2519
2520         if ((msg->data_size >= 2)
2521             && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
2522             && (msg->data[1] == IPMI_SEND_MSG_CMD)
2523             && (msg->user_data == NULL)) {
2524                 /* This is the local response to a command send, start
2525                    the timer for these.  The user_data will not be
2526                    NULL if this is a response send, and we will let
2527                    response sends just go through. */
2528
2529                 /* Check for errors, if we get certain errors (ones
2530                    that mean basically we can try again later), we
2531                    ignore them and start the timer.  Otherwise we
2532                    report the error immediately. */
2533                 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
2534                     && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
2535                     && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR))
2536                 {
2537                         int chan = msg->rsp[3] & 0xf;
2538
2539                         /* Got an error sending the message, handle it. */
2540                         spin_lock_irqsave(&intf->counter_lock, flags);
2541                         if (chan >= IPMI_MAX_CHANNELS)
2542                                 ; /* This shouldn't happen */
2543                         else if ((intf->channels[chan].medium
2544                                   == IPMI_CHANNEL_MEDIUM_8023LAN)
2545                                  || (intf->channels[chan].medium
2546                                      == IPMI_CHANNEL_MEDIUM_ASYNC))
2547                                 intf->sent_lan_command_errs++;
2548                         else
2549                                 intf->sent_ipmb_command_errs++;
2550                         spin_unlock_irqrestore(&intf->counter_lock, flags);
2551                         intf_err_seq(intf, msg->msgid, msg->rsp[2]);
2552                 } else {
2553                         /* The message was sent, start the timer. */
2554                         intf_start_seq_timer(intf, msg->msgid);
2555                 }
2556
2557                 ipmi_free_smi_msg(msg);
2558                 goto out_unlock;
2559         }
2560
2561         /* To preserve message order, if the list is not empty, we
2562            tack this message onto the end of the list. */
2563         spin_lock_irqsave(&(intf->waiting_msgs_lock), flags);
2564         if (!list_empty(&(intf->waiting_msgs))) {
2565                 list_add_tail(&(msg->link), &(intf->waiting_msgs));
2566                 spin_unlock(&(intf->waiting_msgs_lock));
2567                 goto out_unlock;
2568         }
2569         spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags);
2570                 
2571         rv = handle_new_recv_msg(intf, msg);
2572         if (rv > 0) {
2573                 /* Could not handle the message now, just add it to a
2574                    list to handle later. */
2575                 spin_lock(&(intf->waiting_msgs_lock));
2576                 list_add_tail(&(msg->link), &(intf->waiting_msgs));
2577                 spin_unlock(&(intf->waiting_msgs_lock));
2578         } else if (rv == 0) {
2579                 ipmi_free_smi_msg(msg);
2580         }
2581
2582  out_unlock:
2583         read_unlock(&(intf->users_lock));
2584 }
2585
2586 void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
2587 {
2588         ipmi_user_t user;
2589
2590         read_lock(&(intf->users_lock));
2591         list_for_each_entry(user, &(intf->users), link) {
2592                 if (! user->handler->ipmi_watchdog_pretimeout)
2593                         continue;
2594
2595                 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
2596         }
2597         read_unlock(&(intf->users_lock));
2598 }
2599
2600 static void
2601 handle_msg_timeout(struct ipmi_recv_msg *msg)
2602 {
2603         msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2604         msg->msg_data[0] = IPMI_TIMEOUT_COMPLETION_CODE;
2605         msg->msg.netfn |= 1; /* Convert to a response. */
2606         msg->msg.data_len = 1;
2607         msg->msg.data = msg->msg_data;
2608         deliver_response(msg);
2609 }
2610
2611 static struct ipmi_smi_msg *
2612 smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
2613                   unsigned char seq, long seqid)
2614 {
2615         struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
2616         if (!smi_msg)
2617                 /* If we can't allocate the message, then just return, we
2618                    get 4 retries, so this should be ok. */
2619                 return NULL;
2620
2621         memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
2622         smi_msg->data_size = recv_msg->msg.data_len;
2623         smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
2624                 
2625 #ifdef DEBUG_MSGING
2626         {
2627                 int m;
2628                 printk("Resend: ");
2629                 for (m=0; m<smi_msg->data_size; m++)
2630                         printk(" %2.2x", smi_msg->data[m]);
2631                 printk("\n");
2632         }
2633 #endif
2634         return smi_msg;
2635 }
2636
2637 static void
2638 ipmi_timeout_handler(long timeout_period)
2639 {
2640         ipmi_smi_t           intf;
2641         struct list_head     timeouts;
2642         struct ipmi_recv_msg *msg, *msg2;
2643         struct ipmi_smi_msg  *smi_msg, *smi_msg2;
2644         unsigned long        flags;
2645         int                  i, j;
2646
2647         INIT_LIST_HEAD(&timeouts);
2648
2649         spin_lock(&interfaces_lock);
2650         for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2651                 intf = ipmi_interfaces[i];
2652                 if (intf == NULL)
2653                         continue;
2654
2655                 read_lock(&(intf->users_lock));
2656
2657                 /* See if any waiting messages need to be processed. */
2658                 spin_lock_irqsave(&(intf->waiting_msgs_lock), flags);
2659                 list_for_each_entry_safe(smi_msg, smi_msg2, &(intf->waiting_msgs), link) {
2660                         if (! handle_new_recv_msg(intf, smi_msg)) {
2661                                 list_del(&smi_msg->link);
2662                                 ipmi_free_smi_msg(smi_msg);
2663                         } else {
2664                                 /* To preserve message order, quit if we
2665                                    can't handle a message. */
2666                                 break;
2667                         }
2668                 }
2669                 spin_unlock_irqrestore(&(intf->waiting_msgs_lock), flags);
2670
2671                 /* Go through the seq table and find any messages that
2672                    have timed out, putting them in the timeouts
2673                    list. */
2674                 spin_lock_irqsave(&(intf->seq_lock), flags);
2675                 for (j=0; j<IPMI_IPMB_NUM_SEQ; j++) {
2676                         struct seq_table *ent = &(intf->seq_table[j]);
2677                         if (!ent->inuse)
2678                                 continue;
2679
2680                         ent->timeout -= timeout_period;
2681                         if (ent->timeout > 0)
2682                                 continue;
2683
2684                         if (ent->retries_left == 0) {
2685                                 /* The message has used all its retries. */
2686                                 ent->inuse = 0;
2687                                 msg = ent->recv_msg;
2688                                 list_add_tail(&(msg->link), &timeouts);
2689                                 spin_lock(&intf->counter_lock);
2690                                 if (ent->broadcast)
2691                                         intf->timed_out_ipmb_broadcasts++;
2692                                 else if (ent->recv_msg->addr.addr_type
2693                                          == IPMI_LAN_ADDR_TYPE)
2694                                         intf->timed_out_lan_commands++;
2695                                 else
2696                                         intf->timed_out_ipmb_commands++;
2697                                 spin_unlock(&intf->counter_lock);
2698                         } else {
2699                                 struct ipmi_smi_msg *smi_msg;
2700                                 /* More retries, send again. */
2701
2702                                 /* Start with the max timer, set to normal
2703                                    timer after the message is sent. */
2704                                 ent->timeout = MAX_MSG_TIMEOUT;
2705                                 ent->retries_left--;
2706                                 spin_lock(&intf->counter_lock);
2707                                 if (ent->recv_msg->addr.addr_type
2708                                     == IPMI_LAN_ADDR_TYPE)
2709                                         intf->retransmitted_lan_commands++;
2710                                 else
2711                                         intf->retransmitted_ipmb_commands++;
2712                                 spin_unlock(&intf->counter_lock);
2713                                 smi_msg = smi_from_recv_msg(intf,
2714                                                 ent->recv_msg, j, ent->seqid);
2715                                 if(!smi_msg)
2716                                         continue;
2717
2718                                 spin_unlock_irqrestore(&(intf->seq_lock),flags);
2719                                 /* Send the new message.  We send with a zero
2720                                  * priority.  It timed out, I doubt time is
2721                                  * that critical now, and high priority
2722                                  * messages are really only for messages to the
2723                                  * local MC, which don't get resent. */
2724                                 intf->handlers->sender(intf->send_info,
2725                                                         smi_msg, 0);
2726                                 spin_lock_irqsave(&(intf->seq_lock), flags);
2727                         }
2728                 }
2729                 spin_unlock_irqrestore(&(intf->seq_lock), flags);
2730
2731                 list_for_each_entry_safe(msg, msg2, &timeouts, link) {
2732                         handle_msg_timeout(msg);
2733                 }
2734
2735                 read_unlock(&(intf->users_lock));
2736         }
2737         spin_unlock(&interfaces_lock);
2738 }
2739
2740 static void ipmi_request_event(void)
2741 {
2742         ipmi_smi_t intf;
2743         int        i;
2744
2745         spin_lock(&interfaces_lock);
2746         for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2747                 intf = ipmi_interfaces[i];
2748                 if (intf == NULL)
2749                         continue;
2750
2751                 intf->handlers->request_events(intf->send_info);
2752         }
2753         spin_unlock(&interfaces_lock);
2754 }
2755
2756 static struct timer_list ipmi_timer;
2757
2758 /* Call every ~100 ms. */
2759 #define IPMI_TIMEOUT_TIME       100
2760
2761 /* How many jiffies does it take to get to the timeout time. */
2762 #define IPMI_TIMEOUT_JIFFIES    ((IPMI_TIMEOUT_TIME * HZ) / 1000)
2763
2764 /* Request events from the queue every second (this is the number of
2765    IPMI_TIMEOUT_TIMES between event requests).  Hopefully, in the
2766    future, IPMI will add a way to know immediately if an event is in
2767    the queue and this silliness can go away. */
2768 #define IPMI_REQUEST_EV_TIME    (1000 / (IPMI_TIMEOUT_TIME))
2769
2770 static atomic_t stop_operation;
2771 static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2772
2773 static void ipmi_timeout(unsigned long data)
2774 {
2775         if (atomic_read(&stop_operation))
2776                 return;
2777
2778         ticks_to_req_ev--;
2779         if (ticks_to_req_ev == 0) {
2780                 ipmi_request_event();
2781                 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2782         }
2783
2784         ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
2785
2786         mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
2787 }
2788
2789
2790 static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
2791 static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
2792
2793 /* FIXME - convert these to slabs. */
2794 static void free_smi_msg(struct ipmi_smi_msg *msg)
2795 {
2796         atomic_dec(&smi_msg_inuse_count);
2797         kfree(msg);
2798 }
2799
2800 struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
2801 {
2802         struct ipmi_smi_msg *rv;
2803         rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
2804         if (rv) {
2805                 rv->done = free_smi_msg;
2806                 rv->user_data = NULL;
2807                 atomic_inc(&smi_msg_inuse_count);
2808         }
2809         return rv;
2810 }
2811
2812 static void free_recv_msg(struct ipmi_recv_msg *msg)
2813 {
2814         atomic_dec(&recv_msg_inuse_count);
2815         kfree(msg);
2816 }
2817
2818 struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
2819 {
2820         struct ipmi_recv_msg *rv;
2821
2822         rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
2823         if (rv) {
2824                 rv->done = free_recv_msg;
2825                 atomic_inc(&recv_msg_inuse_count);
2826         }
2827         return rv;
2828 }
2829
2830 #ifdef CONFIG_IPMI_PANIC_EVENT
2831
2832 static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
2833 {
2834 }
2835
2836 static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
2837 {
2838 }
2839
2840 #ifdef CONFIG_IPMI_PANIC_STRING
2841 static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
2842 {
2843         if ((msg->rsp[0] == (IPMI_NETFN_SENSOR_EVENT_RESPONSE << 2))
2844             && (msg->rsp[1] == IPMI_GET_EVENT_RECEIVER_CMD)
2845             && (msg->rsp[2] == IPMI_CC_NO_ERROR))
2846         {
2847                 /* A get event receiver command, save it. */
2848                 intf->event_receiver = msg->rsp[3];
2849                 intf->event_receiver_lun = msg->rsp[4] & 0x3;
2850         }
2851 }
2852
2853 static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_smi_msg *msg)
2854 {
2855         if ((msg->rsp[0] == (IPMI_NETFN_APP_RESPONSE << 2))
2856             && (msg->rsp[1] == IPMI_GET_DEVICE_ID_CMD)
2857             && (msg->rsp[2] == IPMI_CC_NO_ERROR))
2858         {
2859                 /* A get device id command, save if we are an event
2860                    receiver or generator. */
2861                 intf->local_sel_device = (msg->rsp[8] >> 2) & 1;
2862                 intf->local_event_generator = (msg->rsp[8] >> 5) & 1;
2863         }
2864 }
2865 #endif
2866
2867 static void send_panic_events(char *str)
2868 {
2869         struct kernel_ipmi_msg            msg;
2870         ipmi_smi_t                        intf;
2871         unsigned char                     data[16];
2872         int                               i;
2873         struct ipmi_system_interface_addr *si;
2874         struct ipmi_addr                  addr;
2875         struct ipmi_smi_msg               smi_msg;
2876         struct ipmi_recv_msg              recv_msg;
2877
2878         si = (struct ipmi_system_interface_addr *) &addr;
2879         si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2880         si->channel = IPMI_BMC_CHANNEL;
2881         si->lun = 0;
2882
2883         /* Fill in an event telling that we have failed. */
2884         msg.netfn = 0x04; /* Sensor or Event. */
2885         msg.cmd = 2; /* Platform event command. */
2886         msg.data = data;
2887         msg.data_len = 8;
2888         data[0] = 0x21; /* Kernel generator ID, IPMI table 5-4 */
2889         data[1] = 0x03; /* This is for IPMI 1.0. */
2890         data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
2891         data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
2892         data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
2893
2894         /* Put a few breadcrumbs in.  Hopefully later we can add more things
2895            to make the panic events more useful. */
2896         if (str) {
2897                 data[3] = str[0];
2898                 data[6] = str[1];
2899                 data[7] = str[2];
2900         }
2901
2902         smi_msg.done = dummy_smi_done_handler;
2903         recv_msg.done = dummy_recv_done_handler;
2904
2905         /* For every registered interface, send the event. */
2906         for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2907                 intf = ipmi_interfaces[i];
2908                 if (intf == NULL)
2909                         continue;
2910
2911                 /* Send the event announcing the panic. */
2912                 intf->handlers->set_run_to_completion(intf->send_info, 1);
2913                 i_ipmi_request(NULL,
2914                                intf,
2915                                &addr,
2916                                0,
2917                                &msg,
2918                                NULL,
2919                                &smi_msg,
2920                                &recv_msg,
2921                                0,
2922                                intf->my_address,
2923                                intf->my_lun,
2924                                0, 1); /* Don't retry, and don't wait. */
2925         }
2926
2927 #ifdef CONFIG_IPMI_PANIC_STRING
2928         /* On every interface, dump a bunch of OEM event holding the
2929            string. */
2930         if (!str) 
2931                 return;
2932
2933         for (i=0; i<MAX_IPMI_INTERFACES; i++) {
2934                 char                  *p = str;
2935                 struct ipmi_ipmb_addr *ipmb;
2936                 int                   j;
2937
2938                 intf = ipmi_interfaces[i];
2939                 if (intf == NULL)
2940                         continue;
2941
2942                 /* First job here is to figure out where to send the
2943                    OEM events.  There's no way in IPMI to send OEM
2944                    events using an event send command, so we have to
2945                    find the SEL to put them in and stick them in
2946                    there. */
2947
2948                 /* Get capabilities from the get device id. */
2949                 intf->local_sel_device = 0;
2950                 intf->local_event_generator = 0;
2951                 intf->event_receiver = 0;
2952
2953                 /* Request the device info from the local MC. */
2954                 msg.netfn = IPMI_NETFN_APP_REQUEST;
2955                 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
2956                 msg.data = NULL;
2957                 msg.data_len = 0;
2958                 intf->null_user_handler = device_id_fetcher;
2959                 i_ipmi_request(NULL,
2960                                intf,
2961                                &addr,
2962                                0,
2963                                &msg,
2964                                NULL,
2965                                &smi_msg,
2966                                &recv_msg,
2967                                0,
2968                                intf->my_address,
2969                                intf->my_lun,
2970                                0, 1); /* Don't retry, and don't wait. */
2971
2972                 if (intf->local_event_generator) {
2973                         /* Request the event receiver from the local MC. */
2974                         msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
2975                         msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
2976                         msg.data = NULL;
2977                         msg.data_len = 0;
2978                         intf->null_user_handler = event_receiver_fetcher;
2979                         i_ipmi_request(NULL,
2980                                        intf,
2981                                        &addr,
2982                                        0,
2983                                        &msg,
2984                                        NULL,
2985                                        &smi_msg,
2986                                        &recv_msg,
2987                                        0,
2988                                        intf->my_address,
2989                                        intf->my_lun,
2990                                        0, 1); /* no retry, and no wait. */
2991                 }
2992                 intf->null_user_handler = NULL;
2993
2994                 /* Validate the event receiver.  The low bit must not
2995                    be 1 (it must be a valid IPMB address), it cannot
2996                    be zero, and it must not be my address. */
2997                 if (((intf->event_receiver & 1) == 0)
2998                     && (intf->event_receiver != 0)
2999                     && (intf->event_receiver != intf->my_address))
3000                 {
3001                         /* The event receiver is valid, send an IPMB
3002                            message. */
3003                         ipmb = (struct ipmi_ipmb_addr *) &addr;
3004                         ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
3005                         ipmb->channel = 0; /* FIXME - is this right? */
3006                         ipmb->lun = intf->event_receiver_lun;
3007                         ipmb->slave_addr = intf->event_receiver;
3008                 } else if (intf->local_sel_device) {
3009                         /* The event receiver was not valid (or was
3010                            me), but I am an SEL device, just dump it
3011                            in my SEL. */
3012                         si = (struct ipmi_system_interface_addr *) &addr;
3013                         si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3014                         si->channel = IPMI_BMC_CHANNEL;
3015                         si->lun = 0;
3016                 } else
3017                         continue; /* No where to send the event. */
3018
3019                 
3020                 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
3021                 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
3022                 msg.data = data;
3023                 msg.data_len = 16;
3024
3025                 j = 0;
3026                 while (*p) {
3027                         int size = strlen(p);
3028
3029                         if (size > 11)
3030                                 size = 11;
3031                         data[0] = 0;
3032                         data[1] = 0;
3033                         data[2] = 0xf0; /* OEM event without timestamp. */
3034                         data[3] = intf->my_address;
3035                         data[4] = j++; /* sequence # */
3036                         /* Always give 11 bytes, so strncpy will fill
3037                            it with zeroes for me. */
3038                         strncpy(data+5, p, 11);
3039                         p += size;
3040
3041                         i_ipmi_request(NULL,
3042                                        intf,
3043                                        &addr,
3044                                        0,
3045                                        &msg,
3046                                        NULL,
3047                                        &smi_msg,
3048                                        &recv_msg,
3049                                        0,
3050                                        intf->my_address,
3051                                        intf->my_lun,
3052                                        0, 1); /* no retry, and no wait. */
3053                 }
3054         }       
3055 #endif /* CONFIG_IPMI_PANIC_STRING */
3056 }
3057 #endif /* CONFIG_IPMI_PANIC_EVENT */
3058
3059 static int has_paniced = 0;
3060
3061 static int panic_event(struct notifier_block *this,
3062                        unsigned long         event,
3063                        void                  *ptr)
3064 {
3065         int        i;
3066         ipmi_smi_t intf;
3067
3068         if (has_paniced)
3069                 return NOTIFY_DONE;
3070         has_paniced = 1;
3071
3072         /* For every registered interface, set it to run to completion. */
3073         for (i=0; i<MAX_IPMI_INTERFACES; i++) {
3074                 intf = ipmi_interfaces[i];
3075                 if (intf == NULL)
3076                         continue;
3077
3078                 intf->handlers->set_run_to_completion(intf->send_info, 1);
3079         }
3080
3081 #ifdef CONFIG_IPMI_PANIC_EVENT
3082         send_panic_events(ptr);
3083 #endif
3084
3085         return NOTIFY_DONE;
3086 }
3087
3088 static struct notifier_block panic_block = {
3089         .notifier_call  = panic_event,
3090         .next           = NULL,
3091         .priority       = 200   /* priority: INT_MAX >= x >= 0 */
3092 };
3093
3094 static int ipmi_init_msghandler(void)
3095 {
3096         int i;
3097
3098         if (initialized)
3099                 return 0;
3100
3101         printk(KERN_INFO "ipmi message handler version "
3102                IPMI_MSGHANDLER_VERSION "\n");
3103
3104         for (i=0; i<MAX_IPMI_INTERFACES; i++) {
3105                 ipmi_interfaces[i] = NULL;
3106         }
3107
3108 #ifdef CONFIG_PROC_FS
3109         proc_ipmi_root = proc_mkdir("ipmi", NULL);
3110         if (!proc_ipmi_root) {
3111             printk(KERN_ERR PFX "Unable to create IPMI proc dir");
3112             return -ENOMEM;
3113         }
3114
3115         proc_ipmi_root->owner = THIS_MODULE;
3116 #endif /* CONFIG_PROC_FS */
3117
3118         init_timer(&ipmi_timer);
3119         ipmi_timer.data = 0;
3120         ipmi_timer.function = ipmi_timeout;
3121         ipmi_timer.expires = jiffies + IPMI_TIMEOUT_JIFFIES;
3122         add_timer(&ipmi_timer);
3123
3124         notifier_chain_register(&panic_notifier_list, &panic_block);
3125
3126         initialized = 1;
3127
3128         return 0;
3129 }
3130
3131 static __init int ipmi_init_msghandler_mod(void)
3132 {
3133         ipmi_init_msghandler();
3134         return 0;
3135 }
3136
3137 static __exit void cleanup_ipmi(void)
3138 {
3139         int count;
3140
3141         if (!initialized)
3142                 return;
3143
3144         notifier_chain_unregister(&panic_notifier_list, &panic_block);
3145
3146         /* This can't be called if any interfaces exist, so no worry about
3147            shutting down the interfaces. */
3148
3149         /* Tell the timer to stop, then wait for it to stop.  This avoids
3150            problems with race conditions removing the timer here. */
3151         atomic_inc(&stop_operation);
3152         del_timer_sync(&ipmi_timer);
3153
3154 #ifdef CONFIG_PROC_FS
3155         remove_proc_entry(proc_ipmi_root->name, &proc_root);
3156 #endif /* CONFIG_PROC_FS */
3157
3158         initialized = 0;
3159
3160         /* Check for buffer leaks. */
3161         count = atomic_read(&smi_msg_inuse_count);
3162         if (count != 0)
3163                 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
3164                        count);
3165         count = atomic_read(&recv_msg_inuse_count);
3166         if (count != 0)
3167                 printk(KERN_WARNING PFX "recv message count %d at exit\n",
3168                        count);
3169 }
3170 module_exit(cleanup_ipmi);
3171
3172 module_init(ipmi_init_msghandler_mod);
3173 MODULE_LICENSE("GPL");
3174
3175 EXPORT_SYMBOL(ipmi_create_user);
3176 EXPORT_SYMBOL(ipmi_destroy_user);
3177 EXPORT_SYMBOL(ipmi_get_version);
3178 EXPORT_SYMBOL(ipmi_request_settime);
3179 EXPORT_SYMBOL(ipmi_request_supply_msgs);
3180 EXPORT_SYMBOL(ipmi_register_smi);
3181 EXPORT_SYMBOL(ipmi_unregister_smi);
3182 EXPORT_SYMBOL(ipmi_register_for_cmd);
3183 EXPORT_SYMBOL(ipmi_unregister_for_cmd);
3184 EXPORT_SYMBOL(ipmi_smi_msg_received);
3185 EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
3186 EXPORT_SYMBOL(ipmi_alloc_smi_msg);
3187 EXPORT_SYMBOL(ipmi_addr_length);
3188 EXPORT_SYMBOL(ipmi_validate_addr);
3189 EXPORT_SYMBOL(ipmi_set_gets_events);
3190 EXPORT_SYMBOL(ipmi_smi_watcher_register);
3191 EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
3192 EXPORT_SYMBOL(ipmi_set_my_address);
3193 EXPORT_SYMBOL(ipmi_get_my_address);
3194 EXPORT_SYMBOL(ipmi_set_my_LUN);
3195 EXPORT_SYMBOL(ipmi_get_my_LUN);
3196 EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
3197 EXPORT_SYMBOL(proc_ipmi_root);
3198 EXPORT_SYMBOL(ipmi_user_set_run_to_completion);