]> bbs.cooldavid.org Git - net-next-2.6.git/blame - drivers/char/ipmi/ipmi_msghandler.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] ipmi: use refcount in message handler
[net-next-2.6.git] / drivers / char / ipmi / ipmi_msghandler.c
CommitLineData
1da177e4
LT		 1/*
2 * ipmi_msghandler.c
3 *
4 * Incoming and outgoing message routing for an IPMI interface.
5 *
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
8 * source@mvista.com
9 *
10 * Copyright 2002 MontaVista Software Inc.
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
16 *
17 *
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 *
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
32 */
33
34#include <linux/config.h>
35#include <linux/module.h>
36#include <linux/errno.h>
37#include <asm/system.h>
38#include <linux/sched.h>
39#include <linux/poll.h>
40#include <linux/spinlock.h>
1da177e4
LT		 41#include <linux/slab.h>
42#include <linux/ipmi.h>
43#include <linux/ipmi_smi.h>
44#include <linux/notifier.h>
45#include <linux/init.h>
46#include <linux/proc_fs.h>
393d2cc3 47#include <linux/rcupdate.h>
1da177e4
LT		 48
49#define PFX "IPMI message handler: "
1fdd75bd
CM		 50
51#define IPMI_DRIVER_VERSION "36.0"
1da177e4
LT		 52
53static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
54static int ipmi_init_msghandler(void);
55
56static int initialized = 0;
57
3b625943
CM		 58#ifdef CONFIG_PROC_FS
59struct proc_dir_entry *proc_ipmi_root = NULL;
60#endif /* CONFIG_PROC_FS */
1da177e4
LT		 61
62#define MAX_EVENTS_IN_QUEUE 25
63
64/* Don't let a message sit in a queue forever, always time it with at lest
65 the max message timer. This is in milliseconds. */
66#define MAX_MSG_TIMEOUT 60000
67
393d2cc3
CM		 68
69/*
70 * The main "user" data structure.
71 */
1da177e4
LT		 72struct ipmi_user
73{
74 struct list_head link;
75
393d2cc3
CM		 76 /* Set to "0" when the user is destroyed. */
77 int valid;
78
79 struct kref refcount;
80
1da177e4
LT		 81 /* The upper layer that handles receive messages. */
82 struct ipmi_user_hndl *handler;
83 void *handler_data;
84
85 /* The interface this user is bound to. */
86 ipmi_smi_t intf;
87
88 /* Does this interface receive IPMI events? */
89 int gets_events;
90};
91
92struct cmd_rcvr
93{
94 struct list_head link;
95
96 ipmi_user_t user;
97 unsigned char netfn;
98 unsigned char cmd;
393d2cc3
CM		 99
100 /*
101 * This is used to form a linked lised during mass deletion.
102 * Since this is in an RCU list, we cannot use the link above
103 * or change any data until the RCU period completes. So we
104 * use this next variable during mass deletion so we can have
105 * a list and don't have to wait and restart the search on
106 * every individual deletion of a command. */
107 struct cmd_rcvr *next;
1da177e4
LT		 108};
109
110struct seq_table
111{
112 unsigned int inuse : 1;
113 unsigned int broadcast : 1;
114
115 unsigned long timeout;
116 unsigned long orig_timeout;
117 unsigned int retries_left;
118
119 /* To verify on an incoming send message response that this is
120 the message that the response is for, we keep a sequence id
121 and increment it every time we send a message. */
122 long seqid;
123
124 /* This is held so we can properly respond to the message on a
125 timeout, and it is used to hold the temporary data for
126 retransmission, too. */
127 struct ipmi_recv_msg *recv_msg;
128};
129
130/* Store the information in a msgid (long) to allow us to find a
131 sequence table entry from the msgid. */
132#define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
133
134#define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
135 do { \
136 seq = ((msgid >> 26) & 0x3f); \
137 seqid = (msgid & 0x3fffff); \
e8b33617 138 } while (0)
1da177e4
LT		 139
140#define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
141
142struct ipmi_channel
143{
144 unsigned char medium;
145 unsigned char protocol;
c14979b9
CM		 146
147 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
148 but may be changed by the user. */
149 unsigned char address;
150
151 /* My LUN. This should generally stay the SMS LUN, but just in
152 case... */
153 unsigned char lun;
1da177e4
LT		 154};
155
3b625943 156#ifdef CONFIG_PROC_FS
1da177e4
LT		 157struct ipmi_proc_entry
158{
159 char *name;
160 struct ipmi_proc_entry *next;
161};
3b625943 162#endif
1da177e4
LT		 163
164#define IPMI_IPMB_NUM_SEQ 64
c14979b9 165#define IPMI_MAX_CHANNELS 16
1da177e4
LT		 166struct ipmi_smi
167{
168 /* What interface number are we? */
169 int intf_num;
170
393d2cc3
CM		 171 struct kref refcount;
172
173 /* The list of upper layers that are using me. seq_lock
174 * protects this. */
175 struct list_head users;
1da177e4
LT		 176
177 /* Used for wake ups at startup. */
178 wait_queue_head_t waitq;
179
180 /* The IPMI version of the BMC on the other end. */
181 unsigned char version_major;
182 unsigned char version_minor;
183
184 /* This is the lower-layer's sender routine. */
185 struct ipmi_smi_handlers *handlers;
186 void *send_info;
187
3b625943 188#ifdef CONFIG_PROC_FS
1da177e4
LT		 189 /* A list of proc entries for this interface. This does not
190 need a lock, only one thread creates it and only one thread
191 destroys it. */
3b625943 192 spinlock_t proc_entry_lock;
1da177e4 193 struct ipmi_proc_entry *proc_entries;
3b625943 194#endif
1da177e4
LT		 195
196 /* A table of sequence numbers for this interface. We use the
197 sequence numbers for IPMB messages that go out of the
198 interface to match them up with their responses. A routine
199 is called periodically to time the items in this list. */
200 spinlock_t seq_lock;
201 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
202 int curr_seq;
203
204 /* Messages that were delayed for some reason (out of memory,
205 for instance), will go in here to be processed later in a
206 periodic timer interrupt. */
207 spinlock_t waiting_msgs_lock;
208 struct list_head waiting_msgs;
209
210 /* The list of command receivers that are registered for commands
211 on this interface. */
393d2cc3 212 spinlock_t cmd_rcvrs_lock;
1da177e4
LT		 213 struct list_head cmd_rcvrs;
214
215 /* Events that were queues because no one was there to receive
216 them. */
217 spinlock_t events_lock; /* For dealing with event stuff. */
218 struct list_head waiting_events;
219 unsigned int waiting_events_count; /* How many events in queue? */
220
1da177e4
LT		 221 /* The event receiver for my BMC, only really used at panic
222 shutdown as a place to store this. */
223 unsigned char event_receiver;
224 unsigned char event_receiver_lun;
225 unsigned char local_sel_device;
226 unsigned char local_event_generator;
227
228 /* A cheap hack, if this is non-null and a message to an
229 interface comes in with a NULL user, call this routine with
230 it. Note that the message will still be freed by the
231 caller. This only works on the system interface. */
56a55ec6 232 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg);
1da177e4
LT		 233
234 /* When we are scanning the channels for an SMI, this will
235 tell which channel we are scanning. */
236 int curr_channel;
237
238 /* Channel information */
239 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
240
241 /* Proc FS stuff. */
242 struct proc_dir_entry *proc_dir;
243 char proc_dir_name[10];
244
245 spinlock_t counter_lock; /* For making counters atomic. */
246
247 /* Commands we got that were invalid. */
248 unsigned int sent_invalid_commands;
249
250 /* Commands we sent to the MC. */
251 unsigned int sent_local_commands;
252 /* Responses from the MC that were delivered to a user. */
253 unsigned int handled_local_responses;
254 /* Responses from the MC that were not delivered to a user. */
255 unsigned int unhandled_local_responses;
256
257 /* Commands we sent out to the IPMB bus. */
258 unsigned int sent_ipmb_commands;
259 /* Commands sent on the IPMB that had errors on the SEND CMD */
260 unsigned int sent_ipmb_command_errs;
261 /* Each retransmit increments this count. */
262 unsigned int retransmitted_ipmb_commands;
263 /* When a message times out (runs out of retransmits) this is
264 incremented. */
265 unsigned int timed_out_ipmb_commands;
266
267 /* This is like above, but for broadcasts. Broadcasts are
268 *not* included in the above count (they are expected to
269 time out). */
270 unsigned int timed_out_ipmb_broadcasts;
271
272 /* Responses I have sent to the IPMB bus. */
273 unsigned int sent_ipmb_responses;
274
275 /* The response was delivered to the user. */
276 unsigned int handled_ipmb_responses;
277 /* The response had invalid data in it. */
278 unsigned int invalid_ipmb_responses;
279 /* The response didn't have anyone waiting for it. */
280 unsigned int unhandled_ipmb_responses;
281
282 /* Commands we sent out to the IPMB bus. */
283 unsigned int sent_lan_commands;
284 /* Commands sent on the IPMB that had errors on the SEND CMD */
285 unsigned int sent_lan_command_errs;
286 /* Each retransmit increments this count. */
287 unsigned int retransmitted_lan_commands;
288 /* When a message times out (runs out of retransmits) this is
289 incremented. */
290 unsigned int timed_out_lan_commands;
291
292 /* Responses I have sent to the IPMB bus. */
293 unsigned int sent_lan_responses;
294
295 /* The response was delivered to the user. */
296 unsigned int handled_lan_responses;
297 /* The response had invalid data in it. */
298 unsigned int invalid_lan_responses;
299 /* The response didn't have anyone waiting for it. */
300 unsigned int unhandled_lan_responses;
301
302 /* The command was delivered to the user. */
303 unsigned int handled_commands;
304 /* The command had invalid data in it. */
305 unsigned int invalid_commands;
306 /* The command didn't have anyone waiting for it. */
307 unsigned int unhandled_commands;
308
309 /* Invalid data in an event. */
310 unsigned int invalid_events;
311 /* Events that were received with the proper format. */
312 unsigned int events;
313};
314
393d2cc3
CM		 315/* Used to mark an interface entry that cannot be used but is not a
316 * free entry, either, primarily used at creation and deletion time so
317 * a slot doesn't get reused too quickly. */
318#define IPMI_INVALID_INTERFACE_ENTRY ((ipmi_smi_t) ((long) 1))
319#define IPMI_INVALID_INTERFACE(i) (((i) == NULL) \
320 || (i == IPMI_INVALID_INTERFACE_ENTRY))
321
1da177e4
LT		 322#define MAX_IPMI_INTERFACES 4
323static ipmi_smi_t ipmi_interfaces[MAX_IPMI_INTERFACES];
324
393d2cc3 325/* Directly protects the ipmi_interfaces data structure. */
1da177e4
LT		 326static DEFINE_SPINLOCK(interfaces_lock);
327
328/* List of watchers that want to know when smi's are added and
329 deleted. */
330static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers);
331static DECLARE_RWSEM(smi_watchers_sem);
332
393d2cc3
CM		 333
334static void free_recv_msg_list(struct list_head *q)
335{
336 struct ipmi_recv_msg *msg, *msg2;
337
338 list_for_each_entry_safe(msg, msg2, q, link) {
339 list_del(&msg->link);
340 ipmi_free_recv_msg(msg);
341 }
342}
343
344static void clean_up_interface_data(ipmi_smi_t intf)
345{
346 int i;
347 struct cmd_rcvr *rcvr, *rcvr2;
348 unsigned long flags;
349 struct list_head list;
350
351 free_recv_msg_list(&intf->waiting_msgs);
352 free_recv_msg_list(&intf->waiting_events);
353
354 /* Wholesale remove all the entries from the list in the
355 * interface and wait for RCU to know that none are in use. */
356 spin_lock_irqsave(&intf->cmd_rcvrs_lock, flags);
357 list_add_rcu(&list, &intf->cmd_rcvrs);
358 list_del_rcu(&intf->cmd_rcvrs);
359 spin_unlock_irqrestore(&intf->cmd_rcvrs_lock, flags);
360 synchronize_rcu();
361
362 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
363 kfree(rcvr);
364
365 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
366 if ((intf->seq_table[i].inuse)
367 && (intf->seq_table[i].recv_msg))
368 {
369 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
370 }
371 }
372}
373
374static void intf_free(struct kref *ref)
375{
376 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount);
377
378 clean_up_interface_data(intf);
379 kfree(intf);
380}
381
1da177e4
LT		 382int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
383{
393d2cc3
CM		 384 int i;
385 unsigned long flags;
1da177e4 386
1da177e4
LT		 387 down_write(&smi_watchers_sem);
388 list_add(&(watcher->link), &smi_watchers);
393d2cc3
CM		 389 up_write(&smi_watchers_sem);
390 spin_lock_irqsave(&interfaces_lock, flags);
e8b33617 391 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
393d2cc3
CM		 392 ipmi_smi_t intf = ipmi_interfaces[i];
393 if (IPMI_INVALID_INTERFACE(intf))
394 continue;
395 spin_unlock_irqrestore(&interfaces_lock, flags);
396 watcher->new_smi(i);
397 spin_lock_irqsave(&interfaces_lock, flags);
1da177e4 398 }
393d2cc3 399 spin_unlock_irqrestore(&interfaces_lock, flags);
1da177e4
LT		 400 return 0;
401}
402
403int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
404{
405 down_write(&smi_watchers_sem);
406 list_del(&(watcher->link));
407 up_write(&smi_watchers_sem);
408 return 0;
409}
410
411static void
412call_smi_watchers(int i)
413{
414 struct ipmi_smi_watcher *w;
415
416 down_read(&smi_watchers_sem);
417 list_for_each_entry(w, &smi_watchers, link) {
418 if (try_module_get(w->owner)) {
419 w->new_smi(i);
420 module_put(w->owner);
421 }
422 }
423 up_read(&smi_watchers_sem);
424}
425
426static int
427ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
428{
429 if (addr1->addr_type != addr2->addr_type)
430 return 0;
431
432 if (addr1->channel != addr2->channel)
433 return 0;
434
435 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
436 struct ipmi_system_interface_addr *smi_addr1
437 = (struct ipmi_system_interface_addr *) addr1;
438 struct ipmi_system_interface_addr *smi_addr2
439 = (struct ipmi_system_interface_addr *) addr2;
440 return (smi_addr1->lun == smi_addr2->lun);
441 }
442
443 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE)
444 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
445 {
446 struct ipmi_ipmb_addr *ipmb_addr1
447 = (struct ipmi_ipmb_addr *) addr1;
448 struct ipmi_ipmb_addr *ipmb_addr2
449 = (struct ipmi_ipmb_addr *) addr2;
450
451 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
452 && (ipmb_addr1->lun == ipmb_addr2->lun));
453 }
454
455 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) {
456 struct ipmi_lan_addr *lan_addr1
457 = (struct ipmi_lan_addr *) addr1;
458 struct ipmi_lan_addr *lan_addr2
459 = (struct ipmi_lan_addr *) addr2;
460
461 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
462 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
463 && (lan_addr1->session_handle
464 == lan_addr2->session_handle)
465 && (lan_addr1->lun == lan_addr2->lun));
466 }
467
468 return 1;
469}
470
471int ipmi_validate_addr(struct ipmi_addr *addr, int len)
472{
473 if (len < sizeof(struct ipmi_system_interface_addr)) {
474 return -EINVAL;
475 }
476
477 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
478 if (addr->channel != IPMI_BMC_CHANNEL)
479 return -EINVAL;
480 return 0;
481 }
482
483 if ((addr->channel == IPMI_BMC_CHANNEL)
484 || (addr->channel >= IPMI_NUM_CHANNELS)
485 || (addr->channel < 0))
486 return -EINVAL;
487
488 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
489 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
490 {
491 if (len < sizeof(struct ipmi_ipmb_addr)) {
492 return -EINVAL;
493 }
494 return 0;
495 }
496
497 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
498 if (len < sizeof(struct ipmi_lan_addr)) {
499 return -EINVAL;
500 }
501 return 0;
502 }
503
504 return -EINVAL;
505}
506
507unsigned int ipmi_addr_length(int addr_type)
508{
509 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
510 return sizeof(struct ipmi_system_interface_addr);
511
512 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
513 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
514 {
515 return sizeof(struct ipmi_ipmb_addr);
516 }
517
518 if (addr_type == IPMI_LAN_ADDR_TYPE)
519 return sizeof(struct ipmi_lan_addr);
520
521 return 0;
522}
523
524static void deliver_response(struct ipmi_recv_msg *msg)
525{
56a55ec6
CM		 526 if (! msg->user) {
527 ipmi_smi_t intf = msg->user_msg_data;
528 unsigned long flags;
529
530 /* Special handling for NULL users. */
531 if (intf->null_user_handler) {
532 intf->null_user_handler(intf, msg);
533 spin_lock_irqsave(&intf->counter_lock, flags);
534 intf->handled_local_responses++;
535 spin_unlock_irqrestore(&intf->counter_lock, flags);
536 } else {
537 /* No handler, so give up. */
538 spin_lock_irqsave(&intf->counter_lock, flags);
539 intf->unhandled_local_responses++;
540 spin_unlock_irqrestore(&intf->counter_lock, flags);
541 }
542 ipmi_free_recv_msg(msg);
543 } else {
393d2cc3
CM		 544 ipmi_user_t user = msg->user;
545 user->handler->ipmi_recv_hndl(msg, user->handler_data);
56a55ec6 546 }
1da177e4
LT		 547}
548
549/* Find the next sequence number not being used and add the given
550 message with the given timeout to the sequence table. This must be
551 called with the interface's seq_lock held. */
552static int intf_next_seq(ipmi_smi_t intf,
553 struct ipmi_recv_msg *recv_msg,
554 unsigned long timeout,
555 int retries,
556 int broadcast,
557 unsigned char *seq,
558 long *seqid)
559{
560 int rv = 0;
561 unsigned int i;
562
e8b33617 563 for (i = intf->curr_seq;
1da177e4 564 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
e8b33617 565 i = (i+1)%IPMI_IPMB_NUM_SEQ)
1da177e4
LT		 566 {
567 if (! intf->seq_table[i].inuse)
568 break;
569 }
570
571 if (! intf->seq_table[i].inuse) {
572 intf->seq_table[i].recv_msg = recv_msg;
573
574 /* Start with the maximum timeout, when the send response
575 comes in we will start the real timer. */
576 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
577 intf->seq_table[i].orig_timeout = timeout;
578 intf->seq_table[i].retries_left = retries;
579 intf->seq_table[i].broadcast = broadcast;
580 intf->seq_table[i].inuse = 1;
581 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
582 *seq = i;
583 *seqid = intf->seq_table[i].seqid;
584 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
585 } else {
586 rv = -EAGAIN;
587 }
588
589 return rv;
590}
591
592/* Return the receive message for the given sequence number and
593 release the sequence number so it can be reused. Some other data
594 is passed in to be sure the message matches up correctly (to help
595 guard against message coming in after their timeout and the
596 sequence number being reused). */
597static int intf_find_seq(ipmi_smi_t intf,
598 unsigned char seq,
599 short channel,
600 unsigned char cmd,
601 unsigned char netfn,
602 struct ipmi_addr *addr,
603 struct ipmi_recv_msg **recv_msg)
604{
605 int rv = -ENODEV;
606 unsigned long flags;
607
608 if (seq >= IPMI_IPMB_NUM_SEQ)
609 return -EINVAL;
610
611 spin_lock_irqsave(&(intf->seq_lock), flags);
612 if (intf->seq_table[seq].inuse) {
613 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
614
615 if ((msg->addr.channel == channel)
616 && (msg->msg.cmd == cmd)
617 && (msg->msg.netfn == netfn)
618 && (ipmi_addr_equal(addr, &(msg->addr))))
619 {
620 *recv_msg = msg;
621 intf->seq_table[seq].inuse = 0;
622 rv = 0;
623 }
624 }
625 spin_unlock_irqrestore(&(intf->seq_lock), flags);
626
627 return rv;
628}
629
630
631/* Start the timer for a specific sequence table entry. */
632static int intf_start_seq_timer(ipmi_smi_t intf,
633 long msgid)
634{
635 int rv = -ENODEV;
636 unsigned long flags;
637 unsigned char seq;
638 unsigned long seqid;
639
640
641 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
642
643 spin_lock_irqsave(&(intf->seq_lock), flags);
644 /* We do this verification because the user can be deleted
645 while a message is outstanding. */
646 if ((intf->seq_table[seq].inuse)
647 && (intf->seq_table[seq].seqid == seqid))
648 {
649 struct seq_table *ent = &(intf->seq_table[seq]);
650 ent->timeout = ent->orig_timeout;
651 rv = 0;
652 }
653 spin_unlock_irqrestore(&(intf->seq_lock), flags);
654
655 return rv;
656}
657
658/* Got an error for the send message for a specific sequence number. */
659static int intf_err_seq(ipmi_smi_t intf,
660 long msgid,
661 unsigned int err)
662{
663 int rv = -ENODEV;
664 unsigned long flags;
665 unsigned char seq;
666 unsigned long seqid;
667 struct ipmi_recv_msg *msg = NULL;
668
669
670 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
671
672 spin_lock_irqsave(&(intf->seq_lock), flags);
673 /* We do this verification because the user can be deleted
674 while a message is outstanding. */
675 if ((intf->seq_table[seq].inuse)
676 && (intf->seq_table[seq].seqid == seqid))
677 {
678 struct seq_table *ent = &(intf->seq_table[seq]);
679
680 ent->inuse = 0;
681 msg = ent->recv_msg;
682 rv = 0;
683 }
684 spin_unlock_irqrestore(&(intf->seq_lock), flags);
685
686 if (msg) {
687 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
688 msg->msg_data[0] = err;
689 msg->msg.netfn |= 1; /* Convert to a response. */
690 msg->msg.data_len = 1;
691 msg->msg.data = msg->msg_data;
692 deliver_response(msg);
693 }
694
695 return rv;
696}
697
698
699int ipmi_create_user(unsigned int if_num,
700 struct ipmi_user_hndl *handler,
701 void *handler_data,
702 ipmi_user_t *user)
703{
704 unsigned long flags;
705 ipmi_user_t new_user;
706 int rv = 0;
707 ipmi_smi_t intf;
708
709 /* There is no module usecount here, because it's not
710 required. Since this can only be used by and called from
711 other modules, they will implicitly use this module, and
712 thus this can't be removed unless the other modules are
713 removed. */
714
715 if (handler == NULL)
716 return -EINVAL;
717
718 /* Make sure the driver is actually initialized, this handles
719 problems with initialization order. */
720 if (!initialized) {
721 rv = ipmi_init_msghandler();
722 if (rv)
723 return rv;
724
725 /* The init code doesn't return an error if it was turned
726 off, but it won't initialize. Check that. */
727 if (!initialized)
728 return -ENODEV;
729 }
730
731 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
732 if (! new_user)
733 return -ENOMEM;
734
393d2cc3
CM		 735 spin_lock_irqsave(&interfaces_lock, flags);
736 intf = ipmi_interfaces[if_num];
737 if ((if_num >= MAX_IPMI_INTERFACES) || IPMI_INVALID_INTERFACE(intf)) {
738 spin_unlock_irqrestore(&interfaces_lock, flags);
739 return -EINVAL;
1da177e4
LT		 740 }
741
393d2cc3
CM		 742 /* Note that each existing user holds a refcount to the interface. */
743 kref_get(&intf->refcount);
744 spin_unlock_irqrestore(&interfaces_lock, flags);
1da177e4 745
393d2cc3 746 kref_init(&new_user->refcount);
1da177e4
LT		 747 new_user->handler = handler;
748 new_user->handler_data = handler_data;
749 new_user->intf = intf;
750 new_user->gets_events = 0;
751
752 if (!try_module_get(intf->handlers->owner)) {
753 rv = -ENODEV;
393d2cc3 754 goto out_err;
1da177e4
LT		 755 }
756
757 if (intf->handlers->inc_usecount) {
758 rv = intf->handlers->inc_usecount(intf->send_info);
759 if (rv) {
760 module_put(intf->handlers->owner);
393d2cc3 761 goto out_err;
1da177e4
LT		 762 }
763 }
764
393d2cc3
CM		 765 new_user->valid = 1;
766 spin_lock_irqsave(&intf->seq_lock, flags);
767 list_add_rcu(&new_user->link, &intf->users);
768 spin_unlock_irqrestore(&intf->seq_lock, flags);
769 *user = new_user;
770 return 0;
1da177e4 771
393d2cc3
CM		 772 out_err:
773 kfree(new_user);
774 kref_put(&intf->refcount, intf_free);
1da177e4
LT		 775 return rv;
776}
777
393d2cc3
CM		 778static void free_user(struct kref *ref)
779{
780 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount);
781 kfree(user);
782}
783
784int ipmi_destroy_user(ipmi_user_t user)
1da177e4
LT		 785{
786 int rv = -ENODEV;
393d2cc3 787 ipmi_smi_t intf = user->intf;
1da177e4
LT		 788 int i;
789 unsigned long flags;
393d2cc3
CM		 790 struct cmd_rcvr *rcvr;
791 struct list_head *entry1, *entry2;
792 struct cmd_rcvr *rcvrs = NULL;
1da177e4 793
393d2cc3 794 user->valid = 1;
1da177e4 795
393d2cc3
CM		 796 /* Remove the user from the interface's sequence table. */
797 spin_lock_irqsave(&intf->seq_lock, flags);
798 list_del_rcu(&user->link);
1da177e4 799
e8b33617 800 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
393d2cc3
CM		 801 if (intf->seq_table[i].inuse
802 && (intf->seq_table[i].recv_msg->user == user))
1da177e4 803 {
393d2cc3 804 intf->seq_table[i].inuse = 0;
1da177e4
LT		 805 }
806 }
393d2cc3
CM		 807 spin_unlock_irqrestore(&intf->seq_lock, flags);
808
809 /*
810 * Remove the user from the command receiver's table. First
811 * we build a list of everything (not using the standard link,
812 * since other things may be using it till we do
813 * synchronize_rcu()) then free everything in that list.
814 */
815 spin_lock_irqsave(&intf->cmd_rcvrs_lock, flags);
816 list_for_each_safe_rcu(entry1, entry2, &intf->cmd_rcvrs) {
817 rcvr = list_entry(entry1, struct cmd_rcvr, link);
1da177e4 818 if (rcvr->user == user) {
393d2cc3
CM		 819 list_del_rcu(&rcvr->link);
820 rcvr->next = rcvrs;
821 rcvrs = rcvr;
1da177e4
LT		 822 }
823 }
393d2cc3
CM		 824 spin_unlock_irqrestore(&intf->cmd_rcvrs_lock, flags);
825 synchronize_rcu();
826 while (rcvrs) {
827 rcvr = rcvrs;
828 rcvrs = rcvr->next;
829 kfree(rcvr);
830 }
1da177e4 831
393d2cc3
CM		 832 module_put(intf->handlers->owner);
833 if (intf->handlers->dec_usecount)
834 intf->handlers->dec_usecount(intf->send_info);
1da177e4 835
393d2cc3 836 kref_put(&intf->refcount, intf_free);
1da177e4 837
393d2cc3 838 kref_put(&user->refcount, free_user);
1da177e4 839
1da177e4
LT		 840 return rv;
841}
842
843void ipmi_get_version(ipmi_user_t user,
844 unsigned char *major,
845 unsigned char *minor)
846{
847 *major = user->intf->version_major;
848 *minor = user->intf->version_minor;
849}
850
c14979b9
CM		 851int ipmi_set_my_address(ipmi_user_t user,
852 unsigned int channel,
853 unsigned char address)
1da177e4 854{
c14979b9
CM		 855 if (channel >= IPMI_MAX_CHANNELS)
856 return -EINVAL;
857 user->intf->channels[channel].address = address;
858 return 0;
1da177e4
LT		 859}
860
c14979b9
CM		 861int ipmi_get_my_address(ipmi_user_t user,
862 unsigned int channel,
863 unsigned char *address)
1da177e4 864{
c14979b9
CM		 865 if (channel >= IPMI_MAX_CHANNELS)
866 return -EINVAL;
867 *address = user->intf->channels[channel].address;
868 return 0;
1da177e4
LT		 869}
870
c14979b9
CM		 871int ipmi_set_my_LUN(ipmi_user_t user,
872 unsigned int channel,
873 unsigned char LUN)
1da177e4 874{
c14979b9
CM		 875 if (channel >= IPMI_MAX_CHANNELS)
876 return -EINVAL;
877 user->intf->channels[channel].lun = LUN & 0x3;
878 return 0;
1da177e4
LT		 879}
880
c14979b9
CM		 881int ipmi_get_my_LUN(ipmi_user_t user,
882 unsigned int channel,
883 unsigned char *address)
1da177e4 884{
c14979b9
CM		 885 if (channel >= IPMI_MAX_CHANNELS)
886 return -EINVAL;
887 *address = user->intf->channels[channel].lun;
888 return 0;
1da177e4
LT		 889}
890
891int ipmi_set_gets_events(ipmi_user_t user, int val)
892{
393d2cc3
CM		 893 unsigned long flags;
894 ipmi_smi_t intf = user->intf;
895 struct ipmi_recv_msg *msg, *msg2;
896 struct list_head msgs;
1da177e4 897
393d2cc3
CM		 898 INIT_LIST_HEAD(&msgs);
899
900 spin_lock_irqsave(&intf->events_lock, flags);
1da177e4
LT		 901 user->gets_events = val;
902
903 if (val) {
904 /* Deliver any queued events. */
393d2cc3 905 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link) {
1da177e4 906 list_del(&msg->link);
393d2cc3 907 list_add_tail(&msg->link, &msgs);
1da177e4
LT		 908 }
909 }
393d2cc3
CM		 910
911 /* Hold the events lock while doing this to preserve order. */
912 list_for_each_entry_safe(msg, msg2, &msgs, link) {
913 msg->user = user;
914 kref_get(&user->refcount);
915 deliver_response(msg);
916 }
917
918 spin_unlock_irqrestore(&intf->events_lock, flags);
1da177e4
LT		 919
920 return 0;
921}
922
393d2cc3
CM		 923static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf,
924 unsigned char netfn,
925 unsigned char cmd)
926{
927 struct cmd_rcvr *rcvr;
928
929 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
930 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd))
931 return rcvr;
932 }
933 return NULL;
934}
935
1da177e4
LT		 936int ipmi_register_for_cmd(ipmi_user_t user,
937 unsigned char netfn,
938 unsigned char cmd)
939{
393d2cc3
CM		 940 ipmi_smi_t intf = user->intf;
941 struct cmd_rcvr *rcvr;
942 struct cmd_rcvr *entry;
943 int rv = 0;
1da177e4
LT		 944
945
946 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
947 if (! rcvr)
948 return -ENOMEM;
393d2cc3
CM		 949 rcvr->cmd = cmd;
950 rcvr->netfn = netfn;
951 rcvr->user = user;
1da177e4 952
393d2cc3 953 spin_lock_irq(&intf->cmd_rcvrs_lock);
1da177e4 954 /* Make sure the command/netfn is not already registered. */
393d2cc3
CM		 955 entry = find_cmd_rcvr(intf, netfn, cmd);
956 if (entry) {
957 rv = -EBUSY;
958 goto out_unlock;
1da177e4 959 }
877197ef 960
393d2cc3 961 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
1da177e4 962
393d2cc3
CM		 963 out_unlock:
964 spin_unlock_irq(&intf->cmd_rcvrs_lock);
1da177e4
LT		 965 if (rv)
966 kfree(rcvr);
967
968 return rv;
969}
970
971int ipmi_unregister_for_cmd(ipmi_user_t user,
972 unsigned char netfn,
973 unsigned char cmd)
974{
393d2cc3
CM		 975 ipmi_smi_t intf = user->intf;
976 struct cmd_rcvr *rcvr;
1da177e4 977
393d2cc3 978 spin_lock_irq(&intf->cmd_rcvrs_lock);
1da177e4 979 /* Make sure the command/netfn is not already registered. */
393d2cc3
CM		 980 rcvr = find_cmd_rcvr(intf, netfn, cmd);
981 if ((rcvr) && (rcvr->user == user)) {
982 list_del_rcu(&rcvr->link);
983 spin_unlock_irq(&intf->cmd_rcvrs_lock);
984 synchronize_rcu();
985 kfree(rcvr);
986 return 0;
987 } else {
988 spin_unlock_irq(&intf->cmd_rcvrs_lock);
989 return -ENOENT;
1da177e4 990 }
1da177e4
LT		 991}
992
993void ipmi_user_set_run_to_completion(ipmi_user_t user, int val)
994{
393d2cc3
CM		 995 ipmi_smi_t intf = user->intf;
996 intf->handlers->set_run_to_completion(intf->send_info, val);
1da177e4
LT		 997}
998
999static unsigned char
1000ipmb_checksum(unsigned char *data, int size)
1001{
1002 unsigned char csum = 0;
1003
1004 for (; size > 0; size--, data++)
1005 csum += *data;
1006
1007 return -csum;
1008}
1009
1010static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1011 struct kernel_ipmi_msg *msg,
1012 struct ipmi_ipmb_addr *ipmb_addr,
1013 long msgid,
1014 unsigned char ipmb_seq,
1015 int broadcast,
1016 unsigned char source_address,
1017 unsigned char source_lun)
1018{
1019 int i = broadcast;
1020
1021 /* Format the IPMB header data. */
1022 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1023 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1024 smi_msg->data[2] = ipmb_addr->channel;
1025 if (broadcast)
1026 smi_msg->data[3] = 0;
1027 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1028 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1029 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
1030 smi_msg->data[i+6] = source_address;
1031 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1032 smi_msg->data[i+8] = msg->cmd;
1033
1034 /* Now tack on the data to the message. */
1035 if (msg->data_len > 0)
1036 memcpy(&(smi_msg->data[i+9]), msg->data,
1037 msg->data_len);
1038 smi_msg->data_size = msg->data_len + 9;
1039
1040 /* Now calculate the checksum and tack it on. */
1041 smi_msg->data[i+smi_msg->data_size]
1042 = ipmb_checksum(&(smi_msg->data[i+6]),
1043 smi_msg->data_size-6);
1044
1045 /* Add on the checksum size and the offset from the
1046 broadcast. */
1047 smi_msg->data_size += 1 + i;
1048
1049 smi_msg->msgid = msgid;
1050}
1051
1052static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1053 struct kernel_ipmi_msg *msg,
1054 struct ipmi_lan_addr *lan_addr,
1055 long msgid,
1056 unsigned char ipmb_seq,
1057 unsigned char source_lun)
1058{
1059 /* Format the IPMB header data. */
1060 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1061 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1062 smi_msg->data[2] = lan_addr->channel;
1063 smi_msg->data[3] = lan_addr->session_handle;
1064 smi_msg->data[4] = lan_addr->remote_SWID;
1065 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1066 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
1067 smi_msg->data[7] = lan_addr->local_SWID;
1068 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1069 smi_msg->data[9] = msg->cmd;
1070
1071 /* Now tack on the data to the message. */
1072 if (msg->data_len > 0)
1073 memcpy(&(smi_msg->data[10]), msg->data,
1074 msg->data_len);
1075 smi_msg->data_size = msg->data_len + 10;
1076
1077 /* Now calculate the checksum and tack it on. */
1078 smi_msg->data[smi_msg->data_size]
1079 = ipmb_checksum(&(smi_msg->data[7]),
1080 smi_msg->data_size-7);
1081
1082 /* Add on the checksum size and the offset from the
1083 broadcast. */
1084 smi_msg->data_size += 1;
1085
1086 smi_msg->msgid = msgid;
1087}
1088
1089/* Separate from ipmi_request so that the user does not have to be
1090 supplied in certain circumstances (mainly at panic time). If
1091 messages are supplied, they will be freed, even if an error
1092 occurs. */
393d2cc3
CM		 1093static int i_ipmi_request(ipmi_user_t user,
1094 ipmi_smi_t intf,
1095 struct ipmi_addr *addr,
1096 long msgid,
1097 struct kernel_ipmi_msg *msg,
1098 void *user_msg_data,
1099 void *supplied_smi,
1100 struct ipmi_recv_msg *supplied_recv,
1101 int priority,
1102 unsigned char source_address,
1103 unsigned char source_lun,
1104 int retries,
1105 unsigned int retry_time_ms)
1da177e4
LT		 1106{
1107 int rv = 0;
1108 struct ipmi_smi_msg *smi_msg;
1109 struct ipmi_recv_msg *recv_msg;
1110 unsigned long flags;
1111
1112
1113 if (supplied_recv) {
1114 recv_msg = supplied_recv;
1115 } else {
1116 recv_msg = ipmi_alloc_recv_msg();
1117 if (recv_msg == NULL) {
1118 return -ENOMEM;
1119 }
1120 }
1121 recv_msg->user_msg_data = user_msg_data;
1122
1123 if (supplied_smi) {
1124 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
1125 } else {
1126 smi_msg = ipmi_alloc_smi_msg();
1127 if (smi_msg == NULL) {
1128 ipmi_free_recv_msg(recv_msg);
1129 return -ENOMEM;
1130 }
1131 }
1132
1133 recv_msg->user = user;
393d2cc3
CM		 1134 if (user)
1135 kref_get(&user->refcount);
1da177e4
LT		 1136 recv_msg->msgid = msgid;
1137 /* Store the message to send in the receive message so timeout
1138 responses can get the proper response data. */
1139 recv_msg->msg = *msg;
1140
1141 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1142 struct ipmi_system_interface_addr *smi_addr;
1143
1144 if (msg->netfn & 1) {
1145 /* Responses are not allowed to the SMI. */
1146 rv = -EINVAL;
1147 goto out_err;
1148 }
1149
1150 smi_addr = (struct ipmi_system_interface_addr *) addr;
1151 if (smi_addr->lun > 3) {
1152 spin_lock_irqsave(&intf->counter_lock, flags);
1153 intf->sent_invalid_commands++;
1154 spin_unlock_irqrestore(&intf->counter_lock, flags);
1155 rv = -EINVAL;
1156 goto out_err;
1157 }
1158
1159 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1160
1161 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1162 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1163 || (msg->cmd == IPMI_GET_MSG_CMD)
1164 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD)))
1165 {
1166 /* We don't let the user do these, since we manage
1167 the sequence numbers. */
1168 spin_lock_irqsave(&intf->counter_lock, flags);
1169 intf->sent_invalid_commands++;
1170 spin_unlock_irqrestore(&intf->counter_lock, flags);
1171 rv = -EINVAL;
1172 goto out_err;
1173 }
1174
1175 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1176 spin_lock_irqsave(&intf->counter_lock, flags);
1177 intf->sent_invalid_commands++;
1178 spin_unlock_irqrestore(&intf->counter_lock, flags);
1179 rv = -EMSGSIZE;
1180 goto out_err;
1181 }
1182
1183 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1184 smi_msg->data[1] = msg->cmd;
1185 smi_msg->msgid = msgid;
1186 smi_msg->user_data = recv_msg;
1187 if (msg->data_len > 0)
1188 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1189 smi_msg->data_size = msg->data_len + 2;
1190 spin_lock_irqsave(&intf->counter_lock, flags);
1191 intf->sent_local_commands++;
1192 spin_unlock_irqrestore(&intf->counter_lock, flags);
1193 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
1194 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1195 {
1196 struct ipmi_ipmb_addr *ipmb_addr;
1197 unsigned char ipmb_seq;
1198 long seqid;
1199 int broadcast = 0;
1200
9c101fd4
KZ		 1201 if (addr->channel >= IPMI_MAX_CHANNELS) {
1202 spin_lock_irqsave(&intf->counter_lock, flags);
1da177e4
LT		 1203 intf->sent_invalid_commands++;
1204 spin_unlock_irqrestore(&intf->counter_lock, flags);
1205 rv = -EINVAL;
1206 goto out_err;
1207 }
1208
1209 if (intf->channels[addr->channel].medium
1210 != IPMI_CHANNEL_MEDIUM_IPMB)
1211 {
1212 spin_lock_irqsave(&intf->counter_lock, flags);
1213 intf->sent_invalid_commands++;
1214 spin_unlock_irqrestore(&intf->counter_lock, flags);
1215 rv = -EINVAL;
1216 goto out_err;
1217 }
1218
1219 if (retries < 0) {
1220 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1221 retries = 0; /* Don't retry broadcasts. */
1222 else
1223 retries = 4;
1224 }
1225 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1226 /* Broadcasts add a zero at the beginning of the
1227 message, but otherwise is the same as an IPMB
1228 address. */
1229 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1230 broadcast = 1;
1231 }
1232
1233
1234 /* Default to 1 second retries. */
1235 if (retry_time_ms == 0)
1236 retry_time_ms = 1000;
1237
1238 /* 9 for the header and 1 for the checksum, plus
1239 possibly one for the broadcast. */
1240 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1241 spin_lock_irqsave(&intf->counter_lock, flags);
1242 intf->sent_invalid_commands++;
1243 spin_unlock_irqrestore(&intf->counter_lock, flags);
1244 rv = -EMSGSIZE;
1245 goto out_err;
1246 }
1247
1248 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1249 if (ipmb_addr->lun > 3) {
1250 spin_lock_irqsave(&intf->counter_lock, flags);
1251 intf->sent_invalid_commands++;
1252 spin_unlock_irqrestore(&intf->counter_lock, flags);
1253 rv = -EINVAL;
1254 goto out_err;
1255 }
1256
1257 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1258
1259 if (recv_msg->msg.netfn & 0x1) {
1260 /* It's a response, so use the user's sequence
1261 from msgid. */
1262 spin_lock_irqsave(&intf->counter_lock, flags);
1263 intf->sent_ipmb_responses++;
1264 spin_unlock_irqrestore(&intf->counter_lock, flags);
1265 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1266 msgid, broadcast,
1267 source_address, source_lun);
1268
1269 /* Save the receive message so we can use it
1270 to deliver the response. */
1271 smi_msg->user_data = recv_msg;
1272 } else {
1273 /* It's a command, so get a sequence for it. */
1274
1275 spin_lock_irqsave(&(intf->seq_lock), flags);
1276
1277 spin_lock(&intf->counter_lock);
1278 intf->sent_ipmb_commands++;
1279 spin_unlock(&intf->counter_lock);
1280
1281 /* Create a sequence number with a 1 second
1282 timeout and 4 retries. */
1283 rv = intf_next_seq(intf,
1284 recv_msg,
1285 retry_time_ms,
1286 retries,
1287 broadcast,
1288 &ipmb_seq,
1289 &seqid);
1290 if (rv) {
1291 /* We have used up all the sequence numbers,
1292 probably, so abort. */
1293 spin_unlock_irqrestore(&(intf->seq_lock),
1294 flags);
1295 goto out_err;
1296 }
1297
1298 /* Store the sequence number in the message,
1299 so that when the send message response
1300 comes back we can start the timer. */
1301 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1302 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1303 ipmb_seq, broadcast,
1304 source_address, source_lun);
1305
1306 /* Copy the message into the recv message data, so we
1307 can retransmit it later if necessary. */
1308 memcpy(recv_msg->msg_data, smi_msg->data,
1309 smi_msg->data_size);
1310 recv_msg->msg.data = recv_msg->msg_data;
1311 recv_msg->msg.data_len = smi_msg->data_size;
1312
1313 /* We don't unlock until here, because we need
1314 to copy the completed message into the
1315 recv_msg before we release the lock.
1316 Otherwise, race conditions may bite us. I
1317 know that's pretty paranoid, but I prefer
1318 to be correct. */
1319 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1320 }
1321 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
1322 struct ipmi_lan_addr *lan_addr;
1323 unsigned char ipmb_seq;
1324 long seqid;
1325
c14979b9 1326 if (addr->channel >= IPMI_NUM_CHANNELS) {
1da177e4
LT		 1327 spin_lock_irqsave(&intf->counter_lock, flags);
1328 intf->sent_invalid_commands++;
1329 spin_unlock_irqrestore(&intf->counter_lock, flags);
1330 rv = -EINVAL;
1331 goto out_err;
1332 }
1333
1334 if ((intf->channels[addr->channel].medium
1335 != IPMI_CHANNEL_MEDIUM_8023LAN)
1336 && (intf->channels[addr->channel].medium
1337 != IPMI_CHANNEL_MEDIUM_ASYNC))
1338 {
1339 spin_lock_irqsave(&intf->counter_lock, flags);
1340 intf->sent_invalid_commands++;
1341 spin_unlock_irqrestore(&intf->counter_lock, flags);
1342 rv = -EINVAL;
1343 goto out_err;
1344 }
1345
1346 retries = 4;
1347
1348 /* Default to 1 second retries. */
1349 if (retry_time_ms == 0)
1350 retry_time_ms = 1000;
1351
1352 /* 11 for the header and 1 for the checksum. */
1353 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1354 spin_lock_irqsave(&intf->counter_lock, flags);
1355 intf->sent_invalid_commands++;
1356 spin_unlock_irqrestore(&intf->counter_lock, flags);
1357 rv = -EMSGSIZE;
1358 goto out_err;
1359 }
1360
1361 lan_addr = (struct ipmi_lan_addr *) addr;
1362 if (lan_addr->lun > 3) {
1363 spin_lock_irqsave(&intf->counter_lock, flags);
1364 intf->sent_invalid_commands++;
1365 spin_unlock_irqrestore(&intf->counter_lock, flags);
1366 rv = -EINVAL;
1367 goto out_err;
1368 }
1369
1370 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1371
1372 if (recv_msg->msg.netfn & 0x1) {
1373 /* It's a response, so use the user's sequence
1374 from msgid. */
1375 spin_lock_irqsave(&intf->counter_lock, flags);
1376 intf->sent_lan_responses++;
1377 spin_unlock_irqrestore(&intf->counter_lock, flags);
1378 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1379 msgid, source_lun);
1380
1381 /* Save the receive message so we can use it
1382 to deliver the response. */
1383 smi_msg->user_data = recv_msg;
1384 } else {
1385 /* It's a command, so get a sequence for it. */
1386
1387 spin_lock_irqsave(&(intf->seq_lock), flags);
1388
1389 spin_lock(&intf->counter_lock);
1390 intf->sent_lan_commands++;
1391 spin_unlock(&intf->counter_lock);
1392
1393 /* Create a sequence number with a 1 second
1394 timeout and 4 retries. */
1395 rv = intf_next_seq(intf,
1396 recv_msg,
1397 retry_time_ms,
1398 retries,
1399 0,
1400 &ipmb_seq,
1401 &seqid);
1402 if (rv) {
1403 /* We have used up all the sequence numbers,
1404 probably, so abort. */
1405 spin_unlock_irqrestore(&(intf->seq_lock),
1406 flags);
1407 goto out_err;
1408 }
1409
1410 /* Store the sequence number in the message,
1411 so that when the send message response
1412 comes back we can start the timer. */
1413 format_lan_msg(smi_msg, msg, lan_addr,
1414 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1415 ipmb_seq, source_lun);
1416
1417 /* Copy the message into the recv message data, so we
1418 can retransmit it later if necessary. */
1419 memcpy(recv_msg->msg_data, smi_msg->data,
1420 smi_msg->data_size);
1421 recv_msg->msg.data = recv_msg->msg_data;
1422 recv_msg->msg.data_len = smi_msg->data_size;
1423
1424 /* We don't unlock until here, because we need
1425 to copy the completed message into the
1426 recv_msg before we release the lock.
1427 Otherwise, race conditions may bite us. I
1428 know that's pretty paranoid, but I prefer
1429 to be correct. */
1430 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1431 }
1432 } else {
1433 /* Unknown address type. */
1434 spin_lock_irqsave(&intf->counter_lock, flags);
1435 intf->sent_invalid_commands++;
1436 spin_unlock_irqrestore(&intf->counter_lock, flags);
1437 rv = -EINVAL;
1438 goto out_err;
1439 }
1440
1441#ifdef DEBUG_MSGING
1442 {
1443 int m;
e8b33617 1444 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 1445 printk(" %2.2x", smi_msg->data[m]);
1446 printk("\n");
1447 }
1448#endif
1449 intf->handlers->sender(intf->send_info, smi_msg, priority);
1450
1451 return 0;
1452
1453 out_err:
1454 ipmi_free_smi_msg(smi_msg);
1455 ipmi_free_recv_msg(recv_msg);
1456 return rv;
1457}
1458
c14979b9
CM		 1459static int check_addr(ipmi_smi_t intf,
1460 struct ipmi_addr *addr,
1461 unsigned char *saddr,
1462 unsigned char *lun)
1463{
1464 if (addr->channel >= IPMI_MAX_CHANNELS)
1465 return -EINVAL;
1466 *lun = intf->channels[addr->channel].lun;
1467 *saddr = intf->channels[addr->channel].address;
1468 return 0;
1469}
1470
1da177e4
LT		 1471int ipmi_request_settime(ipmi_user_t user,
1472 struct ipmi_addr *addr,
1473 long msgid,
1474 struct kernel_ipmi_msg *msg,
1475 void *user_msg_data,
1476 int priority,
1477 int retries,
1478 unsigned int retry_time_ms)
1479{
c14979b9
CM		 1480 unsigned char saddr, lun;
1481 int rv;
1482
56a55ec6
CM		 1483 if (! user)
1484 return -EINVAL;
c14979b9
CM		 1485 rv = check_addr(user->intf, addr, &saddr, &lun);
1486 if (rv)
1487 return rv;
1da177e4
LT		 1488 return i_ipmi_request(user,
1489 user->intf,
1490 addr,
1491 msgid,
1492 msg,
1493 user_msg_data,
1494 NULL, NULL,
1495 priority,
c14979b9
CM		 1496 saddr,
1497 lun,
1da177e4
LT		 1498 retries,
1499 retry_time_ms);
1500}
1501
1502int ipmi_request_supply_msgs(ipmi_user_t user,
1503 struct ipmi_addr *addr,
1504 long msgid,
1505 struct kernel_ipmi_msg *msg,
1506 void *user_msg_data,
1507 void *supplied_smi,
1508 struct ipmi_recv_msg *supplied_recv,
1509 int priority)
1510{
c14979b9
CM		 1511 unsigned char saddr, lun;
1512 int rv;
1513
56a55ec6
CM		 1514 if (! user)
1515 return -EINVAL;
c14979b9
CM		 1516 rv = check_addr(user->intf, addr, &saddr, &lun);
1517 if (rv)
1518 return rv;
1da177e4
LT		 1519 return i_ipmi_request(user,
1520 user->intf,
1521 addr,
1522 msgid,
1523 msg,
1524 user_msg_data,
1525 supplied_smi,
1526 supplied_recv,
1527 priority,
c14979b9
CM		 1528 saddr,
1529 lun,
1da177e4
LT		 1530 -1, 0);
1531}
1532
1533static int ipmb_file_read_proc(char *page, char **start, off_t off,
1534 int count, int *eof, void *data)
1535{
1536 char *out = (char *) page;
1537 ipmi_smi_t intf = data;
c14979b9
CM		 1538 int i;
1539 int rv= 0;
1da177e4 1540
e8b33617 1541 for (i = 0; i < IPMI_MAX_CHANNELS; i++)
c14979b9
CM		 1542 rv += sprintf(out+rv, "%x ", intf->channels[i].address);
1543 out[rv-1] = '\n'; /* Replace the final space with a newline */
1544 out[rv] = '\0';
1545 rv++;
1546 return rv;
1da177e4
LT		 1547}
1548
1549static int version_file_read_proc(char *page, char **start, off_t off,
1550 int count, int *eof, void *data)
1551{
1552 char *out = (char *) page;
1553 ipmi_smi_t intf = data;
1554
1555 return sprintf(out, "%d.%d\n",
1556 intf->version_major, intf->version_minor);
1557}
1558
1559static int stat_file_read_proc(char *page, char **start, off_t off,
1560 int count, int *eof, void *data)
1561{
1562 char *out = (char *) page;
1563 ipmi_smi_t intf = data;
1564
1565 out += sprintf(out, "sent_invalid_commands: %d\n",
1566 intf->sent_invalid_commands);
1567 out += sprintf(out, "sent_local_commands: %d\n",
1568 intf->sent_local_commands);
1569 out += sprintf(out, "handled_local_responses: %d\n",
1570 intf->handled_local_responses);
1571 out += sprintf(out, "unhandled_local_responses: %d\n",
1572 intf->unhandled_local_responses);
1573 out += sprintf(out, "sent_ipmb_commands: %d\n",
1574 intf->sent_ipmb_commands);
1575 out += sprintf(out, "sent_ipmb_command_errs: %d\n",
1576 intf->sent_ipmb_command_errs);
1577 out += sprintf(out, "retransmitted_ipmb_commands: %d\n",
1578 intf->retransmitted_ipmb_commands);
1579 out += sprintf(out, "timed_out_ipmb_commands: %d\n",
1580 intf->timed_out_ipmb_commands);
1581 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n",
1582 intf->timed_out_ipmb_broadcasts);
1583 out += sprintf(out, "sent_ipmb_responses: %d\n",
1584 intf->sent_ipmb_responses);
1585 out += sprintf(out, "handled_ipmb_responses: %d\n",
1586 intf->handled_ipmb_responses);
1587 out += sprintf(out, "invalid_ipmb_responses: %d\n",
1588 intf->invalid_ipmb_responses);
1589 out += sprintf(out, "unhandled_ipmb_responses: %d\n",
1590 intf->unhandled_ipmb_responses);
1591 out += sprintf(out, "sent_lan_commands: %d\n",
1592 intf->sent_lan_commands);
1593 out += sprintf(out, "sent_lan_command_errs: %d\n",
1594 intf->sent_lan_command_errs);
1595 out += sprintf(out, "retransmitted_lan_commands: %d\n",
1596 intf->retransmitted_lan_commands);
1597 out += sprintf(out, "timed_out_lan_commands: %d\n",
1598 intf->timed_out_lan_commands);
1599 out += sprintf(out, "sent_lan_responses: %d\n",
1600 intf->sent_lan_responses);
1601 out += sprintf(out, "handled_lan_responses: %d\n",
1602 intf->handled_lan_responses);
1603 out += sprintf(out, "invalid_lan_responses: %d\n",
1604 intf->invalid_lan_responses);
1605 out += sprintf(out, "unhandled_lan_responses: %d\n",
1606 intf->unhandled_lan_responses);
1607 out += sprintf(out, "handled_commands: %d\n",
1608 intf->handled_commands);
1609 out += sprintf(out, "invalid_commands: %d\n",
1610 intf->invalid_commands);
1611 out += sprintf(out, "unhandled_commands: %d\n",
1612 intf->unhandled_commands);
1613 out += sprintf(out, "invalid_events: %d\n",
1614 intf->invalid_events);
1615 out += sprintf(out, "events: %d\n",
1616 intf->events);
1617
1618 return (out - ((char *) page));
1619}
1620
1621int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1622 read_proc_t *read_proc, write_proc_t *write_proc,
1623 void *data, struct module *owner)
1624{
1da177e4 1625 int rv = 0;
3b625943
CM		 1626#ifdef CONFIG_PROC_FS
1627 struct proc_dir_entry *file;
1da177e4
LT		 1628 struct ipmi_proc_entry *entry;
1629
1630 /* Create a list element. */
1631 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
1632 if (!entry)
1633 return -ENOMEM;
1634 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
1635 if (!entry->name) {
1636 kfree(entry);
1637 return -ENOMEM;
1638 }
1639 strcpy(entry->name, name);
1640
1641 file = create_proc_entry(name, 0, smi->proc_dir);
1642 if (!file) {
1643 kfree(entry->name);
1644 kfree(entry);
1645 rv = -ENOMEM;
1646 } else {
1647 file->nlink = 1;
1648 file->data = data;
1649 file->read_proc = read_proc;
1650 file->write_proc = write_proc;
1651 file->owner = owner;
1652
3b625943 1653 spin_lock(&smi->proc_entry_lock);
1da177e4
LT		 1654 /* Stick it on the list. */
1655 entry->next = smi->proc_entries;
1656 smi->proc_entries = entry;
3b625943 1657 spin_unlock(&smi->proc_entry_lock);
1da177e4 1658 }
3b625943 1659#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1660
1661 return rv;
1662}
1663
1664static int add_proc_entries(ipmi_smi_t smi, int num)
1665{
1666 int rv = 0;
1667
3b625943 1668#ifdef CONFIG_PROC_FS
1da177e4
LT		 1669 sprintf(smi->proc_dir_name, "%d", num);
1670 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
1671 if (!smi->proc_dir)
1672 rv = -ENOMEM;
1673 else {
1674 smi->proc_dir->owner = THIS_MODULE;
1675 }
1676
1677 if (rv == 0)
1678 rv = ipmi_smi_add_proc_entry(smi, "stats",
1679 stat_file_read_proc, NULL,
1680 smi, THIS_MODULE);
1681
1682 if (rv == 0)
1683 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
1684 ipmb_file_read_proc, NULL,
1685 smi, THIS_MODULE);
1686
1687 if (rv == 0)
1688 rv = ipmi_smi_add_proc_entry(smi, "version",
1689 version_file_read_proc, NULL,
1690 smi, THIS_MODULE);
3b625943 1691#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1692
1693 return rv;
1694}
1695
1696static void remove_proc_entries(ipmi_smi_t smi)
1697{
3b625943 1698#ifdef CONFIG_PROC_FS
1da177e4
LT		 1699 struct ipmi_proc_entry *entry;
1700
3b625943 1701 spin_lock(&smi->proc_entry_lock);
1da177e4
LT		 1702 while (smi->proc_entries) {
1703 entry = smi->proc_entries;
1704 smi->proc_entries = entry->next;
1705
1706 remove_proc_entry(entry->name, smi->proc_dir);
1707 kfree(entry->name);
1708 kfree(entry);
1709 }
3b625943 1710 spin_unlock(&smi->proc_entry_lock);
1da177e4 1711 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
3b625943 1712#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1713}
1714
1715static int
1716send_channel_info_cmd(ipmi_smi_t intf, int chan)
1717{
1718 struct kernel_ipmi_msg msg;
1719 unsigned char data[1];
1720 struct ipmi_system_interface_addr si;
1721
1722 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
1723 si.channel = IPMI_BMC_CHANNEL;
1724 si.lun = 0;
1725
1726 msg.netfn = IPMI_NETFN_APP_REQUEST;
1727 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
1728 msg.data = data;
1729 msg.data_len = 1;
1730 data[0] = chan;
1731 return i_ipmi_request(NULL,
1732 intf,
1733 (struct ipmi_addr *) &si,
1734 0,
1735 &msg,
56a55ec6 1736 intf,
1da177e4
LT		 1737 NULL,
1738 NULL,
1739 0,
c14979b9
CM		 1740 intf->channels[0].address,
1741 intf->channels[0].lun,
1da177e4
LT		 1742 -1, 0);
1743}
1744
1745static void
56a55ec6 1746channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4
LT		 1747{
1748 int rv = 0;
1749 int chan;
1750
56a55ec6
CM		 1751 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
1752 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
1753 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD))
1da177e4
LT		 1754 {
1755 /* It's the one we want */
56a55ec6 1756 if (msg->msg.data[0] != 0) {
1da177e4
LT		 1757 /* Got an error from the channel, just go on. */
1758
56a55ec6 1759 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
1da177e4
LT		 1760 /* If the MC does not support this
1761 command, that is legal. We just
1762 assume it has one IPMB at channel
1763 zero. */
1764 intf->channels[0].medium
1765 = IPMI_CHANNEL_MEDIUM_IPMB;
1766 intf->channels[0].protocol
1767 = IPMI_CHANNEL_PROTOCOL_IPMB;
1768 rv = -ENOSYS;
1769
1770 intf->curr_channel = IPMI_MAX_CHANNELS;
1771 wake_up(&intf->waitq);
1772 goto out;
1773 }
1774 goto next_channel;
1775 }
56a55ec6 1776 if (msg->msg.data_len < 4) {
1da177e4
LT		 1777 /* Message not big enough, just go on. */
1778 goto next_channel;
1779 }
1780 chan = intf->curr_channel;
56a55ec6
CM		 1781 intf->channels[chan].medium = msg->msg.data[2] & 0x7f;
1782 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f;
1da177e4
LT		 1783
1784 next_channel:
1785 intf->curr_channel++;
1786 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
1787 wake_up(&intf->waitq);
1788 else
1789 rv = send_channel_info_cmd(intf, intf->curr_channel);
1790
1791 if (rv) {
1792 /* Got an error somehow, just give up. */
1793 intf->curr_channel = IPMI_MAX_CHANNELS;
1794 wake_up(&intf->waitq);
1795
1796 printk(KERN_WARNING PFX
1797 "Error sending channel information: %d\n",
1798 rv);
1799 }
1800 }
1801 out:
1802 return;
1803}
1804
1805int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
1806 void *send_info,
1807 unsigned char version_major,
1808 unsigned char version_minor,
1809 unsigned char slave_addr,
393d2cc3 1810 ipmi_smi_t *new_intf)
1da177e4
LT		 1811{
1812 int i, j;
1813 int rv;
393d2cc3 1814 ipmi_smi_t intf;
1da177e4
LT		 1815 unsigned long flags;
1816
1817
1818 /* Make sure the driver is actually initialized, this handles
1819 problems with initialization order. */
1820 if (!initialized) {
1821 rv = ipmi_init_msghandler();
1822 if (rv)
1823 return rv;
1824 /* The init code doesn't return an error if it was turned
1825 off, but it won't initialize. Check that. */
1826 if (!initialized)
1827 return -ENODEV;
1828 }
1829
393d2cc3
CM		 1830 intf = kmalloc(sizeof(*intf), GFP_KERNEL);
1831 if (!intf)
1da177e4 1832 return -ENOMEM;
393d2cc3
CM		 1833 memset(intf, 0, sizeof(*intf));
1834 intf->intf_num = -1;
1835 kref_init(&intf->refcount);
1836 intf->version_major = version_major;
1837 intf->version_minor = version_minor;
1838 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
1839 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR;
1840 intf->channels[j].lun = 2;
1841 }
1842 if (slave_addr != 0)
1843 intf->channels[0].address = slave_addr;
1844 INIT_LIST_HEAD(&intf->users);
1845 intf->handlers = handlers;
1846 intf->send_info = send_info;
1847 spin_lock_init(&intf->seq_lock);
1848 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
1849 intf->seq_table[j].inuse = 0;
1850 intf->seq_table[j].seqid = 0;
1851 }
1852 intf->curr_seq = 0;
1853#ifdef CONFIG_PROC_FS
1854 spin_lock_init(&intf->proc_entry_lock);
1855#endif
1856 spin_lock_init(&intf->waiting_msgs_lock);
1857 INIT_LIST_HEAD(&intf->waiting_msgs);
1858 spin_lock_init(&intf->events_lock);
1859 INIT_LIST_HEAD(&intf->waiting_events);
1860 intf->waiting_events_count = 0;
1861 spin_lock_init(&intf->cmd_rcvrs_lock);
1862 INIT_LIST_HEAD(&intf->cmd_rcvrs);
1863 init_waitqueue_head(&intf->waitq);
1864
1865 spin_lock_init(&intf->counter_lock);
1866 intf->proc_dir = NULL;
1da177e4
LT		 1867
1868 rv = -ENOMEM;
393d2cc3 1869 spin_lock_irqsave(&interfaces_lock, flags);
e8b33617 1870 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 1871 if (ipmi_interfaces[i] == NULL) {
393d2cc3
CM		 1872 intf->intf_num = i;
1873 /* Reserve the entry till we are done. */
1874 ipmi_interfaces[i] = IPMI_INVALID_INTERFACE_ENTRY;
1da177e4 1875 rv = 0;
1da177e4
LT		 1876 break;
1877 }
1878 }
393d2cc3
CM		 1879 spin_unlock_irqrestore(&interfaces_lock, flags);
1880 if (rv)
1881 goto out;
1da177e4 1882
393d2cc3
CM		 1883 /* FIXME - this is an ugly kludge, this sets the intf for the
1884 caller before sending any messages with it. */
1885 *new_intf = intf;
1da177e4 1886
393d2cc3
CM		 1887 if ((version_major > 1)
1888 || ((version_major == 1) && (version_minor >= 5)))
1889 {
1890 /* Start scanning the channels to see what is
1891 available. */
1892 intf->null_user_handler = channel_handler;
1893 intf->curr_channel = 0;
1894 rv = send_channel_info_cmd(intf, 0);
1895 if (rv)
1896 goto out;
1da177e4 1897
393d2cc3
CM		 1898 /* Wait for the channel info to be read. */
1899 wait_event(intf->waitq,
1900 intf->curr_channel >= IPMI_MAX_CHANNELS);
1901 } else {
1902 /* Assume a single IPMB channel at zero. */
1903 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
1904 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
1da177e4
LT		 1905 }
1906
393d2cc3
CM		 1907 if (rv == 0)
1908 rv = add_proc_entries(intf, i);
1da177e4 1909
393d2cc3 1910 out:
1da177e4 1911 if (rv) {
393d2cc3
CM		 1912 if (intf->proc_dir)
1913 remove_proc_entries(intf);
1914 kref_put(&intf->refcount, intf_free);
1915 if (i < MAX_IPMI_INTERFACES) {
1916 spin_lock_irqsave(&interfaces_lock, flags);
1917 ipmi_interfaces[i] = NULL;
1918 spin_unlock_irqrestore(&interfaces_lock, flags);
1919 }
1920 } else {
1921 spin_lock_irqsave(&interfaces_lock, flags);
1922 ipmi_interfaces[i] = intf;
1923 spin_unlock_irqrestore(&interfaces_lock, flags);
1924 call_smi_watchers(i);
1da177e4
LT		 1925 }
1926
1927 return rv;
1928}
1929
1da177e4
LT		 1930int ipmi_unregister_smi(ipmi_smi_t intf)
1931{
1da177e4
LT		 1932 int i;
1933 struct ipmi_smi_watcher *w;
1934 unsigned long flags;
1935
393d2cc3
CM		 1936 spin_lock_irqsave(&interfaces_lock, flags);
1937 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1938 if (ipmi_interfaces[i] == intf) {
1939 /* Set the interface number reserved until we
1940 * are done. */
1941 ipmi_interfaces[i] = IPMI_INVALID_INTERFACE_ENTRY;
1942 intf->intf_num = -1;
1943 break;
1da177e4 1944 }
1da177e4 1945 }
393d2cc3 1946 spin_unlock_irqrestore(&interfaces_lock,flags);
1da177e4 1947
393d2cc3
CM		 1948 if (i == MAX_IPMI_INTERFACES)
1949 return -ENODEV;
1da177e4 1950
393d2cc3 1951 remove_proc_entries(intf);
1da177e4
LT		 1952
1953 /* Call all the watcher interfaces to tell them that
1954 an interface is gone. */
1955 down_read(&smi_watchers_sem);
393d2cc3 1956 list_for_each_entry(w, &smi_watchers, link)
1da177e4 1957 w->smi_gone(i);
1da177e4 1958 up_read(&smi_watchers_sem);
393d2cc3
CM		 1959
1960 /* Allow the entry to be reused now. */
1961 spin_lock_irqsave(&interfaces_lock, flags);
1962 ipmi_interfaces[i] = NULL;
1963 spin_unlock_irqrestore(&interfaces_lock,flags);
1964
1965 kref_put(&intf->refcount, intf_free);
1da177e4
LT		 1966 return 0;
1967}
1968
1969static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
1970 struct ipmi_smi_msg *msg)
1971{
1972 struct ipmi_ipmb_addr ipmb_addr;
1973 struct ipmi_recv_msg *recv_msg;
1974 unsigned long flags;
1975
1976
1977 /* This is 11, not 10, because the response must contain a
1978 * completion code. */
1979 if (msg->rsp_size < 11) {
1980 /* Message not big enough, just ignore it. */
1981 spin_lock_irqsave(&intf->counter_lock, flags);
1982 intf->invalid_ipmb_responses++;
1983 spin_unlock_irqrestore(&intf->counter_lock, flags);
1984 return 0;
1985 }
1986
1987 if (msg->rsp[2] != 0) {
1988 /* An error getting the response, just ignore it. */
1989 return 0;
1990 }
1991
1992 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
1993 ipmb_addr.slave_addr = msg->rsp[6];
1994 ipmb_addr.channel = msg->rsp[3] & 0x0f;
1995 ipmb_addr.lun = msg->rsp[7] & 3;
1996
1997 /* It's a response from a remote entity. Look up the sequence
1998 number and handle the response. */
1999 if (intf_find_seq(intf,
2000 msg->rsp[7] >> 2,
2001 msg->rsp[3] & 0x0f,
2002 msg->rsp[8],
2003 (msg->rsp[4] >> 2) & (~1),
2004 (struct ipmi_addr *) &(ipmb_addr),
2005 &recv_msg))
2006 {
2007 /* We were unable to find the sequence number,
2008 so just nuke the message. */
2009 spin_lock_irqsave(&intf->counter_lock, flags);
2010 intf->unhandled_ipmb_responses++;
2011 spin_unlock_irqrestore(&intf->counter_lock, flags);
2012 return 0;
2013 }
2014
2015 memcpy(recv_msg->msg_data,
2016 &(msg->rsp[9]),
2017 msg->rsp_size - 9);
2018 /* THe other fields matched, so no need to set them, except
2019 for netfn, which needs to be the response that was
2020 returned, not the request value. */
2021 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2022 recv_msg->msg.data = recv_msg->msg_data;
2023 recv_msg->msg.data_len = msg->rsp_size - 10;
2024 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2025 spin_lock_irqsave(&intf->counter_lock, flags);
2026 intf->handled_ipmb_responses++;
2027 spin_unlock_irqrestore(&intf->counter_lock, flags);
2028 deliver_response(recv_msg);
2029
2030 return 0;
2031}
2032
2033static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
2034 struct ipmi_smi_msg *msg)
2035{
393d2cc3
CM		 2036 struct cmd_rcvr *rcvr;
2037 int rv = 0;
2038 unsigned char netfn;
2039 unsigned char cmd;
2040 ipmi_user_t user = NULL;
2041 struct ipmi_ipmb_addr *ipmb_addr;
2042 struct ipmi_recv_msg *recv_msg;
2043 unsigned long flags;
1da177e4
LT		 2044
2045 if (msg->rsp_size < 10) {
2046 /* Message not big enough, just ignore it. */
2047 spin_lock_irqsave(&intf->counter_lock, flags);
2048 intf->invalid_commands++;
2049 spin_unlock_irqrestore(&intf->counter_lock, flags);
2050 return 0;
2051 }
2052
2053 if (msg->rsp[2] != 0) {
2054 /* An error getting the response, just ignore it. */
2055 return 0;
2056 }
2057
2058 netfn = msg->rsp[4] >> 2;
2059 cmd = msg->rsp[8];
2060
393d2cc3
CM		 2061 spin_lock_irqsave(&intf->cmd_rcvrs_lock, flags);
2062 rcvr = find_cmd_rcvr(intf, netfn, cmd);
2063 if (rcvr) {
2064 user = rcvr->user;
2065 kref_get(&user->refcount);
2066 } else
2067 user = NULL;
2068 spin_unlock_irqrestore(&intf->cmd_rcvrs_lock, flags);
1da177e4
LT		 2069
2070 if (user == NULL) {
2071 /* We didn't find a user, deliver an error response. */
2072 spin_lock_irqsave(&intf->counter_lock, flags);
2073 intf->unhandled_commands++;
2074 spin_unlock_irqrestore(&intf->counter_lock, flags);
2075
2076 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
2077 msg->data[1] = IPMI_SEND_MSG_CMD;
2078 msg->data[2] = msg->rsp[3];
2079 msg->data[3] = msg->rsp[6];
2080 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
2081 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
c14979b9 2082 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address;
1da177e4
LT		 2083 /* rqseq/lun */
2084 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
2085 msg->data[8] = msg->rsp[8]; /* cmd */
2086 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
2087 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
2088 msg->data_size = 11;
2089
2090#ifdef DEBUG_MSGING
2091 {
2092 int m;
2093 printk("Invalid command:");
e8b33617 2094 for (m = 0; m < msg->data_size; m++)
1da177e4
LT		 2095 printk(" %2.2x", msg->data[m]);
2096 printk("\n");
2097 }
2098#endif
2099 intf->handlers->sender(intf->send_info, msg, 0);
2100
2101 rv = -1; /* We used the message, so return the value that
2102 causes it to not be freed or queued. */
2103 } else {
2104 /* Deliver the message to the user. */
2105 spin_lock_irqsave(&intf->counter_lock, flags);
2106 intf->handled_commands++;
2107 spin_unlock_irqrestore(&intf->counter_lock, flags);
2108
2109 recv_msg = ipmi_alloc_recv_msg();
2110 if (! recv_msg) {
2111 /* We couldn't allocate memory for the
2112 message, so requeue it for handling
2113 later. */
2114 rv = 1;
393d2cc3 2115 kref_put(&user->refcount, free_user);
1da177e4
LT		 2116 } else {
2117 /* Extract the source address from the data. */
2118 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
2119 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
2120 ipmb_addr->slave_addr = msg->rsp[6];
2121 ipmb_addr->lun = msg->rsp[7] & 3;
2122 ipmb_addr->channel = msg->rsp[3] & 0xf;
2123
2124 /* Extract the rest of the message information
2125 from the IPMB header.*/
2126 recv_msg->user = user;
2127 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2128 recv_msg->msgid = msg->rsp[7] >> 2;
2129 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2130 recv_msg->msg.cmd = msg->rsp[8];
2131 recv_msg->msg.data = recv_msg->msg_data;
2132
2133 /* We chop off 10, not 9 bytes because the checksum
2134 at the end also needs to be removed. */
2135 recv_msg->msg.data_len = msg->rsp_size - 10;
2136 memcpy(recv_msg->msg_data,
2137 &(msg->rsp[9]),
2138 msg->rsp_size - 10);
2139 deliver_response(recv_msg);
2140 }
2141 }
2142
2143 return rv;
2144}
2145
2146static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
2147 struct ipmi_smi_msg *msg)
2148{
2149 struct ipmi_lan_addr lan_addr;
2150 struct ipmi_recv_msg *recv_msg;
2151 unsigned long flags;
2152
2153
2154 /* This is 13, not 12, because the response must contain a
2155 * completion code. */
2156 if (msg->rsp_size < 13) {
2157 /* Message not big enough, just ignore it. */
2158 spin_lock_irqsave(&intf->counter_lock, flags);
2159 intf->invalid_lan_responses++;
2160 spin_unlock_irqrestore(&intf->counter_lock, flags);
2161 return 0;
2162 }
2163
2164 if (msg->rsp[2] != 0) {
2165 /* An error getting the response, just ignore it. */
2166 return 0;
2167 }
2168
2169 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
2170 lan_addr.session_handle = msg->rsp[4];
2171 lan_addr.remote_SWID = msg->rsp[8];
2172 lan_addr.local_SWID = msg->rsp[5];
2173 lan_addr.channel = msg->rsp[3] & 0x0f;
2174 lan_addr.privilege = msg->rsp[3] >> 4;
2175 lan_addr.lun = msg->rsp[9] & 3;
2176
2177 /* It's a response from a remote entity. Look up the sequence
2178 number and handle the response. */
2179 if (intf_find_seq(intf,
2180 msg->rsp[9] >> 2,
2181 msg->rsp[3] & 0x0f,
2182 msg->rsp[10],
2183 (msg->rsp[6] >> 2) & (~1),
2184 (struct ipmi_addr *) &(lan_addr),
2185 &recv_msg))
2186 {
2187 /* We were unable to find the sequence number,
2188 so just nuke the message. */
2189 spin_lock_irqsave(&intf->counter_lock, flags);
2190 intf->unhandled_lan_responses++;
2191 spin_unlock_irqrestore(&intf->counter_lock, flags);
2192 return 0;
2193 }
2194
2195 memcpy(recv_msg->msg_data,
2196 &(msg->rsp[11]),
2197 msg->rsp_size - 11);
2198 /* The other fields matched, so no need to set them, except
2199 for netfn, which needs to be the response that was
2200 returned, not the request value. */
2201 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2202 recv_msg->msg.data = recv_msg->msg_data;
2203 recv_msg->msg.data_len = msg->rsp_size - 12;
2204 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2205 spin_lock_irqsave(&intf->counter_lock, flags);
2206 intf->handled_lan_responses++;
2207 spin_unlock_irqrestore(&intf->counter_lock, flags);
2208 deliver_response(recv_msg);
2209
2210 return 0;
2211}
2212
2213static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
2214 struct ipmi_smi_msg *msg)
2215{
393d2cc3
CM		 2216 struct cmd_rcvr *rcvr;
2217 int rv = 0;
2218 unsigned char netfn;
2219 unsigned char cmd;
2220 ipmi_user_t user = NULL;
2221 struct ipmi_lan_addr *lan_addr;
2222 struct ipmi_recv_msg *recv_msg;
2223 unsigned long flags;
1da177e4
LT		 2224
2225 if (msg->rsp_size < 12) {
2226 /* Message not big enough, just ignore it. */
2227 spin_lock_irqsave(&intf->counter_lock, flags);
2228 intf->invalid_commands++;
2229 spin_unlock_irqrestore(&intf->counter_lock, flags);
2230 return 0;
2231 }
2232
2233 if (msg->rsp[2] != 0) {
2234 /* An error getting the response, just ignore it. */
2235 return 0;
2236 }
2237
2238 netfn = msg->rsp[6] >> 2;
2239 cmd = msg->rsp[10];
2240
393d2cc3
CM		 2241 spin_lock_irqsave(&intf->cmd_rcvrs_lock, flags);
2242 rcvr = find_cmd_rcvr(intf, netfn, cmd);
2243 if (rcvr) {
2244 user = rcvr->user;
2245 kref_get(&user->refcount);
2246 } else
2247 user = NULL;
2248 spin_unlock_irqrestore(&intf->cmd_rcvrs_lock, flags);
1da177e4
LT		 2249
2250 if (user == NULL) {
393d2cc3 2251 /* We didn't find a user, just give up. */
1da177e4
LT		 2252 spin_lock_irqsave(&intf->counter_lock, flags);
2253 intf->unhandled_commands++;
2254 spin_unlock_irqrestore(&intf->counter_lock, flags);
2255
2256 rv = 0; /* Don't do anything with these messages, just
2257 allow them to be freed. */
2258 } else {
2259 /* Deliver the message to the user. */
2260 spin_lock_irqsave(&intf->counter_lock, flags);
2261 intf->handled_commands++;
2262 spin_unlock_irqrestore(&intf->counter_lock, flags);
2263
2264 recv_msg = ipmi_alloc_recv_msg();
2265 if (! recv_msg) {
2266 /* We couldn't allocate memory for the
2267 message, so requeue it for handling
2268 later. */
2269 rv = 1;
393d2cc3 2270 kref_put(&user->refcount, free_user);
1da177e4
LT		 2271 } else {
2272 /* Extract the source address from the data. */
2273 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
2274 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
2275 lan_addr->session_handle = msg->rsp[4];
2276 lan_addr->remote_SWID = msg->rsp[8];
2277 lan_addr->local_SWID = msg->rsp[5];
2278 lan_addr->lun = msg->rsp[9] & 3;
2279 lan_addr->channel = msg->rsp[3] & 0xf;
2280 lan_addr->privilege = msg->rsp[3] >> 4;
2281
2282 /* Extract the rest of the message information
2283 from the IPMB header.*/
2284 recv_msg->user = user;
2285 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2286 recv_msg->msgid = msg->rsp[9] >> 2;
2287 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2288 recv_msg->msg.cmd = msg->rsp[10];
2289 recv_msg->msg.data = recv_msg->msg_data;
2290
2291 /* We chop off 12, not 11 bytes because the checksum
2292 at the end also needs to be removed. */
2293 recv_msg->msg.data_len = msg->rsp_size - 12;
2294 memcpy(recv_msg->msg_data,
2295 &(msg->rsp[11]),
2296 msg->rsp_size - 12);
2297 deliver_response(recv_msg);
2298 }
2299 }
2300
2301 return rv;
2302}
2303
2304static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
2305 struct ipmi_smi_msg *msg)
2306{
2307 struct ipmi_system_interface_addr *smi_addr;
2308
2309 recv_msg->msgid = 0;
2310 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
2311 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2312 smi_addr->channel = IPMI_BMC_CHANNEL;
2313 smi_addr->lun = msg->rsp[0] & 3;
2314 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
2315 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2316 recv_msg->msg.cmd = msg->rsp[1];
2317 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
2318 recv_msg->msg.data = recv_msg->msg_data;
2319 recv_msg->msg.data_len = msg->rsp_size - 3;
2320}
2321
1da177e4
LT		 2322static int handle_read_event_rsp(ipmi_smi_t intf,
2323 struct ipmi_smi_msg *msg)
2324{
2325 struct ipmi_recv_msg *recv_msg, *recv_msg2;
2326 struct list_head msgs;
2327 ipmi_user_t user;
2328 int rv = 0;
2329 int deliver_count = 0;
2330 unsigned long flags;
2331
2332 if (msg->rsp_size < 19) {
2333 /* Message is too small to be an IPMB event. */
2334 spin_lock_irqsave(&intf->counter_lock, flags);
2335 intf->invalid_events++;
2336 spin_unlock_irqrestore(&intf->counter_lock, flags);
2337 return 0;
2338 }
2339
2340 if (msg->rsp[2] != 0) {
2341 /* An error getting the event, just ignore it. */
2342 return 0;
2343 }
2344
2345 INIT_LIST_HEAD(&msgs);
2346
393d2cc3 2347 spin_lock_irqsave(&intf->events_lock, flags);
1da177e4
LT		 2348
2349 spin_lock(&intf->counter_lock);
2350 intf->events++;
2351 spin_unlock(&intf->counter_lock);
2352
2353 /* Allocate and fill in one message for every user that is getting
2354 events. */
393d2cc3
CM		 2355 rcu_read_lock();
2356 list_for_each_entry_rcu(user, &intf->users, link) {
1da177e4
LT		 2357 if (! user->gets_events)
2358 continue;
2359
2360 recv_msg = ipmi_alloc_recv_msg();
2361 if (! recv_msg) {
393d2cc3 2362 rcu_read_unlock();
1da177e4
LT		 2363 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2364 list_del(&recv_msg->link);
2365 ipmi_free_recv_msg(recv_msg);
2366 }
2367 /* We couldn't allocate memory for the
2368 message, so requeue it for handling
2369 later. */
2370 rv = 1;
2371 goto out;
2372 }
2373
2374 deliver_count++;
2375
2376 copy_event_into_recv_msg(recv_msg, msg);
2377 recv_msg->user = user;
393d2cc3 2378 kref_get(&user->refcount);
1da177e4
LT		 2379 list_add_tail(&(recv_msg->link), &msgs);
2380 }
393d2cc3 2381 rcu_read_unlock();
1da177e4
LT		 2382
2383 if (deliver_count) {
2384 /* Now deliver all the messages. */
2385 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2386 list_del(&recv_msg->link);
2387 deliver_response(recv_msg);
2388 }
2389 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
2390 /* No one to receive the message, put it in queue if there's
2391 not already too many things in the queue. */
2392 recv_msg = ipmi_alloc_recv_msg();
2393 if (! recv_msg) {
2394 /* We couldn't allocate memory for the
2395 message, so requeue it for handling
2396 later. */
2397 rv = 1;
2398 goto out;
2399 }
2400
2401 copy_event_into_recv_msg(recv_msg, msg);
2402 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
2403 } else {
2404 /* There's too many things in the queue, discard this
2405 message. */
2406 printk(KERN_WARNING PFX "Event queue full, discarding an"
2407 " incoming event\n");
2408 }
2409
2410 out:
2411 spin_unlock_irqrestore(&(intf->events_lock), flags);
2412
2413 return rv;
2414}
2415
2416static int handle_bmc_rsp(ipmi_smi_t intf,
2417 struct ipmi_smi_msg *msg)
2418{
2419 struct ipmi_recv_msg *recv_msg;
1da177e4 2420 unsigned long flags;
393d2cc3 2421 struct ipmi_user *user;
1da177e4
LT		 2422
2423 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
56a55ec6
CM		 2424 if (recv_msg == NULL)
2425 {
2426 printk(KERN_WARNING"IPMI message received with no owner. This\n"
2427 "could be because of a malformed message, or\n"
2428 "because of a hardware error. Contact your\n"
2429 "hardware vender for assistance\n");
2430 return 0;
2431 }
1da177e4 2432
393d2cc3 2433 user = recv_msg->user;
1da177e4 2434 /* Make sure the user still exists. */
393d2cc3 2435 if (user && !user->valid) {
56a55ec6
CM		 2436 /* The user for the message went away, so give up. */
2437 spin_lock_irqsave(&intf->counter_lock, flags);
2438 intf->unhandled_local_responses++;
2439 spin_unlock_irqrestore(&intf->counter_lock, flags);
1da177e4
LT		 2440 ipmi_free_recv_msg(recv_msg);
2441 } else {
2442 struct ipmi_system_interface_addr *smi_addr;
2443
2444 spin_lock_irqsave(&intf->counter_lock, flags);
2445 intf->handled_local_responses++;
2446 spin_unlock_irqrestore(&intf->counter_lock, flags);
2447 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2448 recv_msg->msgid = msg->msgid;
2449 smi_addr = ((struct ipmi_system_interface_addr *)
2450 &(recv_msg->addr));
2451 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2452 smi_addr->channel = IPMI_BMC_CHANNEL;
2453 smi_addr->lun = msg->rsp[0] & 3;
2454 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2455 recv_msg->msg.cmd = msg->rsp[1];
2456 memcpy(recv_msg->msg_data,
2457 &(msg->rsp[2]),
2458 msg->rsp_size - 2);
2459 recv_msg->msg.data = recv_msg->msg_data;
2460 recv_msg->msg.data_len = msg->rsp_size - 2;
2461 deliver_response(recv_msg);
2462 }
2463
2464 return 0;
2465}
2466
2467/* Handle a new message. Return 1 if the message should be requeued,
2468 0 if the message should be freed, or -1 if the message should not
2469 be freed or requeued. */
2470static int handle_new_recv_msg(ipmi_smi_t intf,
2471 struct ipmi_smi_msg *msg)
2472{
2473 int requeue;
2474 int chan;
2475
2476#ifdef DEBUG_MSGING
2477 int m;
2478 printk("Recv:");
e8b33617 2479 for (m = 0; m < msg->rsp_size; m++)
1da177e4
LT		 2480 printk(" %2.2x", msg->rsp[m]);
2481 printk("\n");
2482#endif
2483 if (msg->rsp_size < 2) {
2484 /* Message is too small to be correct. */
2485 printk(KERN_WARNING PFX "BMC returned to small a message"
2486 " for netfn %x cmd %x, got %d bytes\n",
2487 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
2488
2489 /* Generate an error response for the message. */
2490 msg->rsp[0] = msg->data[0] | (1 << 2);
2491 msg->rsp[1] = msg->data[1];
2492 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2493 msg->rsp_size = 3;
2494 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */
2495 || (msg->rsp[1] != msg->data[1])) /* Command */
2496 {
2497 /* The response is not even marginally correct. */
2498 printk(KERN_WARNING PFX "BMC returned incorrect response,"
2499 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
2500 (msg->data[0] >> 2) | 1, msg->data[1],
2501 msg->rsp[0] >> 2, msg->rsp[1]);
2502
2503 /* Generate an error response for the message. */
2504 msg->rsp[0] = msg->data[0] | (1 << 2);
2505 msg->rsp[1] = msg->data[1];
2506 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2507 msg->rsp_size = 3;
2508 }
2509
2510 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2511 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
2512 && (msg->user_data != NULL))
2513 {
2514 /* It's a response to a response we sent. For this we
2515 deliver a send message response to the user. */
393d2cc3 2516 struct ipmi_recv_msg *recv_msg = msg->user_data;
1da177e4
LT		 2517
2518 requeue = 0;
2519 if (msg->rsp_size < 2)
2520 /* Message is too small to be correct. */
2521 goto out;
2522
2523 chan = msg->data[2] & 0x0f;
2524 if (chan >= IPMI_MAX_CHANNELS)
2525 /* Invalid channel number */
2526 goto out;
2527
393d2cc3
CM		 2528 if (!recv_msg)
2529 goto out;
2530
2531 /* Make sure the user still exists. */
2532 if (!recv_msg->user || !recv_msg->user->valid)
2533 goto out;
2534
2535 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
2536 recv_msg->msg.data = recv_msg->msg_data;
2537 recv_msg->msg.data_len = 1;
2538 recv_msg->msg_data[0] = msg->rsp[2];
2539 deliver_response(recv_msg);
1da177e4
LT		 2540 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2541 && (msg->rsp[1] == IPMI_GET_MSG_CMD))
2542 {
2543 /* It's from the receive queue. */
2544 chan = msg->rsp[3] & 0xf;
2545 if (chan >= IPMI_MAX_CHANNELS) {
2546 /* Invalid channel number */
2547 requeue = 0;
2548 goto out;
2549 }
2550
2551 switch (intf->channels[chan].medium) {
2552 case IPMI_CHANNEL_MEDIUM_IPMB:
2553 if (msg->rsp[4] & 0x04) {
2554 /* It's a response, so find the
2555 requesting message and send it up. */
2556 requeue = handle_ipmb_get_msg_rsp(intf, msg);
2557 } else {
2558 /* It's a command to the SMS from some other
2559 entity. Handle that. */
2560 requeue = handle_ipmb_get_msg_cmd(intf, msg);
2561 }
2562 break;
2563
2564 case IPMI_CHANNEL_MEDIUM_8023LAN:
2565 case IPMI_CHANNEL_MEDIUM_ASYNC:
2566 if (msg->rsp[6] & 0x04) {
2567 /* It's a response, so find the
2568 requesting message and send it up. */
2569 requeue = handle_lan_get_msg_rsp(intf, msg);
2570 } else {
2571 /* It's a command to the SMS from some other
2572 entity. Handle that. */
2573 requeue = handle_lan_get_msg_cmd(intf, msg);
2574 }
2575 break;
2576
2577 default:
2578 /* We don't handle the channel type, so just
2579 * free the message. */
2580 requeue = 0;
2581 }
2582
2583 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2584 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD))
2585 {
2586 /* It's an asyncronous event. */
2587 requeue = handle_read_event_rsp(intf, msg);
2588 } else {
2589 /* It's a response from the local BMC. */
2590 requeue = handle_bmc_rsp(intf, msg);
2591 }
2592
2593 out:
2594 return requeue;
2595}
2596
2597/* Handle a new message from the lower layer. */
2598void ipmi_smi_msg_received(ipmi_smi_t intf,
2599 struct ipmi_smi_msg *msg)
2600{
2601 unsigned long flags;
2602 int rv;
2603
2604
1da177e4
LT		 2605 if ((msg->data_size >= 2)
2606 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
2607 && (msg->data[1] == IPMI_SEND_MSG_CMD)
393d2cc3
CM		 2608 && (msg->user_data == NULL))
2609 {
1da177e4
LT		 2610 /* This is the local response to a command send, start
2611 the timer for these. The user_data will not be
2612 NULL if this is a response send, and we will let
2613 response sends just go through. */
2614
2615 /* Check for errors, if we get certain errors (ones
2616 that mean basically we can try again later), we
2617 ignore them and start the timer. Otherwise we
2618 report the error immediately. */
2619 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
2620 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
2621 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR))
2622 {
2623 int chan = msg->rsp[3] & 0xf;
2624
2625 /* Got an error sending the message, handle it. */
2626 spin_lock_irqsave(&intf->counter_lock, flags);
2627 if (chan >= IPMI_MAX_CHANNELS)
2628 ; /* This shouldn't happen */
2629 else if ((intf->channels[chan].medium
2630 == IPMI_CHANNEL_MEDIUM_8023LAN)
2631 || (intf->channels[chan].medium
2632 == IPMI_CHANNEL_MEDIUM_ASYNC))
2633 intf->sent_lan_command_errs++;
2634 else
2635 intf->sent_ipmb_command_errs++;
2636 spin_unlock_irqrestore(&intf->counter_lock, flags);
2637 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
2638 } else {
2639 /* The message was sent, start the timer. */
2640 intf_start_seq_timer(intf, msg->msgid);
2641 }
2642
2643 ipmi_free_smi_msg(msg);
393d2cc3 2644 goto out;
1da177e4
LT		 2645 }
2646
2647 /* To preserve message order, if the list is not empty, we
2648 tack this message onto the end of the list. */
393d2cc3
CM		 2649 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
2650 if (!list_empty(&intf->waiting_msgs)) {
2651 list_add_tail(&msg->link, &intf->waiting_msgs);
2652 spin_unlock(&intf->waiting_msgs_lock);
2653 goto out;
1da177e4 2654 }
393d2cc3 2655 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
1da177e4
LT		 2656
2657 rv = handle_new_recv_msg(intf, msg);
2658 if (rv > 0) {
2659 /* Could not handle the message now, just add it to a
2660 list to handle later. */
393d2cc3
CM		 2661 spin_lock(&intf->waiting_msgs_lock);
2662 list_add_tail(&msg->link, &intf->waiting_msgs);
2663 spin_unlock(&intf->waiting_msgs_lock);
1da177e4
LT		 2664 } else if (rv == 0) {
2665 ipmi_free_smi_msg(msg);
2666 }
2667
393d2cc3
CM		 2668 out:
2669 return;
1da177e4
LT		 2670}
2671
2672void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
2673{
2674 ipmi_user_t user;
2675
393d2cc3
CM		 2676 rcu_read_lock();
2677 list_for_each_entry_rcu(user, &intf->users, link) {
1da177e4
LT		 2678 if (! user->handler->ipmi_watchdog_pretimeout)
2679 continue;
2680
2681 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
2682 }
393d2cc3 2683 rcu_read_unlock();
1da177e4
LT		 2684}
2685
2686static void
2687handle_msg_timeout(struct ipmi_recv_msg *msg)
2688{
2689 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2690 msg->msg_data[0] = IPMI_TIMEOUT_COMPLETION_CODE;
2691 msg->msg.netfn |= 1; /* Convert to a response. */
2692 msg->msg.data_len = 1;
2693 msg->msg.data = msg->msg_data;
2694 deliver_response(msg);
2695}
2696
882fe011
CM		 2697static struct ipmi_smi_msg *
2698smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
2699 unsigned char seq, long seqid)
1da177e4 2700{
882fe011 2701 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
1da177e4
LT		 2702 if (!smi_msg)
2703 /* If we can't allocate the message, then just return, we
2704 get 4 retries, so this should be ok. */
882fe011 2705 return NULL;
1da177e4
LT		 2706
2707 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
2708 smi_msg->data_size = recv_msg->msg.data_len;
2709 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
2710
1da177e4
LT		 2711#ifdef DEBUG_MSGING
2712 {
2713 int m;
2714 printk("Resend: ");
e8b33617 2715 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 2716 printk(" %2.2x", smi_msg->data[m]);
2717 printk("\n");
2718 }
2719#endif
882fe011 2720 return smi_msg;
1da177e4
LT		 2721}
2722
393d2cc3
CM		 2723static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent,
2724 struct list_head *timeouts, long timeout_period,
2725 int slot, unsigned long *flags)
2726{
2727 struct ipmi_recv_msg *msg;
2728
2729 if (!ent->inuse)
2730 return;
2731
2732 ent->timeout -= timeout_period;
2733 if (ent->timeout > 0)
2734 return;
2735
2736 if (ent->retries_left == 0) {
2737 /* The message has used all its retries. */
2738 ent->inuse = 0;
2739 msg = ent->recv_msg;
2740 list_add_tail(&msg->link, timeouts);
2741 spin_lock(&intf->counter_lock);
2742 if (ent->broadcast)
2743 intf->timed_out_ipmb_broadcasts++;
2744 else if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE)
2745 intf->timed_out_lan_commands++;
2746 else
2747 intf->timed_out_ipmb_commands++;
2748 spin_unlock(&intf->counter_lock);
2749 } else {
2750 struct ipmi_smi_msg *smi_msg;
2751 /* More retries, send again. */
2752
2753 /* Start with the max timer, set to normal
2754 timer after the message is sent. */
2755 ent->timeout = MAX_MSG_TIMEOUT;
2756 ent->retries_left--;
2757 spin_lock(&intf->counter_lock);
2758 if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE)
2759 intf->retransmitted_lan_commands++;
2760 else
2761 intf->retransmitted_ipmb_commands++;
2762 spin_unlock(&intf->counter_lock);
2763
2764 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
2765 ent->seqid);
2766 if (! smi_msg)
2767 return;
2768
2769 spin_unlock_irqrestore(&intf->seq_lock, *flags);
2770 /* Send the new message. We send with a zero
2771 * priority. It timed out, I doubt time is
2772 * that critical now, and high priority
2773 * messages are really only for messages to the
2774 * local MC, which don't get resent. */
2775 intf->handlers->sender(intf->send_info,
2776 smi_msg, 0);
2777 spin_lock_irqsave(&intf->seq_lock, *flags);
2778 }
2779}
2780
2781static void ipmi_timeout_handler(long timeout_period)
1da177e4
LT		 2782{
2783 ipmi_smi_t intf;
2784 struct list_head timeouts;
2785 struct ipmi_recv_msg *msg, *msg2;
2786 struct ipmi_smi_msg *smi_msg, *smi_msg2;
2787 unsigned long flags;
2788 int i, j;
2789
2790 INIT_LIST_HEAD(&timeouts);
2791
2792 spin_lock(&interfaces_lock);
e8b33617 2793 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 2794 intf = ipmi_interfaces[i];
393d2cc3 2795 if (IPMI_INVALID_INTERFACE(intf))
1da177e4 2796 continue;
393d2cc3
CM		 2797 kref_get(&intf->refcount);
2798 spin_unlock(&interfaces_lock);
1da177e4
LT		 2799
2800 /* See if any waiting messages need to be processed. */
393d2cc3
CM		 2801 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
2802 list_for_each_entry_safe(smi_msg, smi_msg2, &intf->waiting_msgs, link) {
1da177e4
LT		 2803 if (! handle_new_recv_msg(intf, smi_msg)) {
2804 list_del(&smi_msg->link);
2805 ipmi_free_smi_msg(smi_msg);
2806 } else {
2807 /* To preserve message order, quit if we
2808 can't handle a message. */
2809 break;
2810 }
2811 }
393d2cc3 2812 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
1da177e4
LT		 2813
2814 /* Go through the seq table and find any messages that
2815 have timed out, putting them in the timeouts
2816 list. */
393d2cc3
CM		 2817 spin_lock_irqsave(&intf->seq_lock, flags);
2818 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++)
2819 check_msg_timeout(intf, &(intf->seq_table[j]),
2820 &timeouts, timeout_period, j,
2821 &flags);
2822 spin_unlock_irqrestore(&intf->seq_lock, flags);
2823
2824 list_for_each_entry_safe(msg, msg2, &timeouts, link)
1da177e4 2825 handle_msg_timeout(msg);
1da177e4 2826
393d2cc3
CM		 2827 kref_put(&intf->refcount, intf_free);
2828 spin_lock(&interfaces_lock);
1da177e4
LT		 2829 }
2830 spin_unlock(&interfaces_lock);
2831}
2832
2833static void ipmi_request_event(void)
2834{
2835 ipmi_smi_t intf;
2836 int i;
2837
2838 spin_lock(&interfaces_lock);
e8b33617 2839 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 2840 intf = ipmi_interfaces[i];
393d2cc3 2841 if (IPMI_INVALID_INTERFACE(intf))
1da177e4
LT		 2842 continue;
2843
2844 intf->handlers->request_events(intf->send_info);
2845 }
2846 spin_unlock(&interfaces_lock);
2847}
2848
2849static struct timer_list ipmi_timer;
2850
2851/* Call every ~100 ms. */
2852#define IPMI_TIMEOUT_TIME 100
2853
2854/* How many jiffies does it take to get to the timeout time. */
2855#define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
2856
2857/* Request events from the queue every second (this is the number of
2858 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
2859 future, IPMI will add a way to know immediately if an event is in
2860 the queue and this silliness can go away. */
2861#define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
2862
8f43f84f 2863static atomic_t stop_operation;
1da177e4
LT		 2864static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2865
2866static void ipmi_timeout(unsigned long data)
2867{
8f43f84f 2868 if (atomic_read(&stop_operation))
1da177e4 2869 return;
1da177e4
LT		 2870
2871 ticks_to_req_ev--;
2872 if (ticks_to_req_ev == 0) {
2873 ipmi_request_event();
2874 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2875 }
2876
2877 ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
2878
8f43f84f 2879 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
1da177e4
LT		 2880}
2881
2882
2883static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
2884static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
2885
2886/* FIXME - convert these to slabs. */
2887static void free_smi_msg(struct ipmi_smi_msg *msg)
2888{
2889 atomic_dec(&smi_msg_inuse_count);
2890 kfree(msg);
2891}
2892
2893struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
2894{
2895 struct ipmi_smi_msg *rv;
2896 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
2897 if (rv) {
2898 rv->done = free_smi_msg;
2899 rv->user_data = NULL;
2900 atomic_inc(&smi_msg_inuse_count);
2901 }
2902 return rv;
2903}
2904
2905static void free_recv_msg(struct ipmi_recv_msg *msg)
2906{
2907 atomic_dec(&recv_msg_inuse_count);
2908 kfree(msg);
2909}
2910
2911struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
2912{
2913 struct ipmi_recv_msg *rv;
2914
2915 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
2916 if (rv) {
2917 rv->done = free_recv_msg;
2918 atomic_inc(&recv_msg_inuse_count);
2919 }
2920 return rv;
2921}
2922
393d2cc3
CM		 2923void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
2924{
2925 if (msg->user)
2926 kref_put(&msg->user->refcount, free_user);
2927 msg->done(msg);
2928}
2929
1da177e4
LT		 2930#ifdef CONFIG_IPMI_PANIC_EVENT
2931
2932static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
2933{
2934}
2935
2936static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
2937{
2938}
2939
2940#ifdef CONFIG_IPMI_PANIC_STRING
56a55ec6 2941static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 2942{
56a55ec6
CM		 2943 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2944 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
2945 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
2946 && (msg->msg.data[0] == IPMI_CC_NO_ERROR))
1da177e4
LT		 2947 {
2948 /* A get event receiver command, save it. */
56a55ec6
CM		 2949 intf->event_receiver = msg->msg.data[1];
2950 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
1da177e4
LT		 2951 }
2952}
2953
56a55ec6 2954static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 2955{
56a55ec6
CM		 2956 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2957 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
2958 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
2959 && (msg->msg.data[0] == IPMI_CC_NO_ERROR))
1da177e4
LT		 2960 {
2961 /* A get device id command, save if we are an event
2962 receiver or generator. */
56a55ec6
CM		 2963 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
2964 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
1da177e4
LT		 2965 }
2966}
2967#endif
2968
2969static void send_panic_events(char *str)
2970{
2971 struct kernel_ipmi_msg msg;
2972 ipmi_smi_t intf;
2973 unsigned char data[16];
2974 int i;
2975 struct ipmi_system_interface_addr *si;
2976 struct ipmi_addr addr;
2977 struct ipmi_smi_msg smi_msg;
2978 struct ipmi_recv_msg recv_msg;
2979
2980 si = (struct ipmi_system_interface_addr *) &addr;
2981 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2982 si->channel = IPMI_BMC_CHANNEL;
2983 si->lun = 0;
2984
2985 /* Fill in an event telling that we have failed. */
2986 msg.netfn = 0x04; /* Sensor or Event. */
2987 msg.cmd = 2; /* Platform event command. */
2988 msg.data = data;
2989 msg.data_len = 8;
2990 data[0] = 0x21; /* Kernel generator ID, IPMI table 5-4 */
2991 data[1] = 0x03; /* This is for IPMI 1.0. */
2992 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
2993 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
2994 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
2995
2996 /* Put a few breadcrumbs in. Hopefully later we can add more things
2997 to make the panic events more useful. */
2998 if (str) {
2999 data[3] = str[0];
3000 data[6] = str[1];
3001 data[7] = str[2];
3002 }
3003
3004 smi_msg.done = dummy_smi_done_handler;
3005 recv_msg.done = dummy_recv_done_handler;
3006
3007 /* For every registered interface, send the event. */
e8b33617 3008 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 3009 intf = ipmi_interfaces[i];
393d2cc3 3010 if (IPMI_INVALID_INTERFACE(intf))
1da177e4
LT		 3011 continue;
3012
3013 /* Send the event announcing the panic. */
3014 intf->handlers->set_run_to_completion(intf->send_info, 1);
3015 i_ipmi_request(NULL,
3016 intf,
3017 &addr,
3018 0,
3019 &msg,
56a55ec6 3020 intf,
1da177e4
LT		 3021 &smi_msg,
3022 &recv_msg,
3023 0,
c14979b9
CM		 3024 intf->channels[0].address,
3025 intf->channels[0].lun,
1da177e4
LT		 3026 0, 1); /* Don't retry, and don't wait. */
3027 }
3028
3029#ifdef CONFIG_IPMI_PANIC_STRING
3030 /* On every interface, dump a bunch of OEM event holding the
3031 string. */
3032 if (!str)
3033 return;
3034
e8b33617 3035 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4
LT		 3036 char *p = str;
3037 struct ipmi_ipmb_addr *ipmb;
3038 int j;
3039
3040 intf = ipmi_interfaces[i];
393d2cc3 3041 if (IPMI_INVALID_INTERFACE(intf))
1da177e4
LT		 3042 continue;
3043
3044 /* First job here is to figure out where to send the
3045 OEM events. There's no way in IPMI to send OEM
3046 events using an event send command, so we have to
3047 find the SEL to put them in and stick them in
3048 there. */
3049
3050 /* Get capabilities from the get device id. */
3051 intf->local_sel_device = 0;
3052 intf->local_event_generator = 0;
3053 intf->event_receiver = 0;
3054
3055 /* Request the device info from the local MC. */
3056 msg.netfn = IPMI_NETFN_APP_REQUEST;
3057 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
3058 msg.data = NULL;
3059 msg.data_len = 0;
3060 intf->null_user_handler = device_id_fetcher;
3061 i_ipmi_request(NULL,
3062 intf,
3063 &addr,
3064 0,
3065 &msg,
56a55ec6 3066 intf,
1da177e4
LT		 3067 &smi_msg,
3068 &recv_msg,
3069 0,
c14979b9
CM		 3070 intf->channels[0].address,
3071 intf->channels[0].lun,
1da177e4
LT		 3072 0, 1); /* Don't retry, and don't wait. */
3073
3074 if (intf->local_event_generator) {
3075 /* Request the event receiver from the local MC. */
3076 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
3077 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
3078 msg.data = NULL;
3079 msg.data_len = 0;
3080 intf->null_user_handler = event_receiver_fetcher;
3081 i_ipmi_request(NULL,
3082 intf,
3083 &addr,
3084 0,
3085 &msg,
56a55ec6 3086 intf,
1da177e4
LT		 3087 &smi_msg,
3088 &recv_msg,
3089 0,
c14979b9
CM		 3090 intf->channels[0].address,
3091 intf->channels[0].lun,
1da177e4
LT		 3092 0, 1); /* no retry, and no wait. */
3093 }
3094 intf->null_user_handler = NULL;
3095
3096 /* Validate the event receiver. The low bit must not
3097 be 1 (it must be a valid IPMB address), it cannot
3098 be zero, and it must not be my address. */
3099 if (((intf->event_receiver & 1) == 0)
3100 && (intf->event_receiver != 0)
c14979b9 3101 && (intf->event_receiver != intf->channels[0].address))
1da177e4
LT		 3102 {
3103 /* The event receiver is valid, send an IPMB
3104 message. */
3105 ipmb = (struct ipmi_ipmb_addr *) &addr;
3106 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
3107 ipmb->channel = 0; /* FIXME - is this right? */
3108 ipmb->lun = intf->event_receiver_lun;
3109 ipmb->slave_addr = intf->event_receiver;
3110 } else if (intf->local_sel_device) {
3111 /* The event receiver was not valid (or was
3112 me), but I am an SEL device, just dump it
3113 in my SEL. */
3114 si = (struct ipmi_system_interface_addr *) &addr;
3115 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3116 si->channel = IPMI_BMC_CHANNEL;
3117 si->lun = 0;
3118 } else
3119 continue; /* No where to send the event. */
3120
3121
3122 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
3123 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
3124 msg.data = data;
3125 msg.data_len = 16;
3126
3127 j = 0;
3128 while (*p) {
3129 int size = strlen(p);
3130
3131 if (size > 11)
3132 size = 11;
3133 data[0] = 0;
3134 data[1] = 0;
3135 data[2] = 0xf0; /* OEM event without timestamp. */
c14979b9 3136 data[3] = intf->channels[0].address;
1da177e4
LT		 3137 data[4] = j++; /* sequence # */
3138 /* Always give 11 bytes, so strncpy will fill
3139 it with zeroes for me. */
3140 strncpy(data+5, p, 11);
3141 p += size;
3142
3143 i_ipmi_request(NULL,
3144 intf,
3145 &addr,
3146 0,
3147 &msg,
56a55ec6 3148 intf,
1da177e4
LT		 3149 &smi_msg,
3150 &recv_msg,
3151 0,
c14979b9
CM		 3152 intf->channels[0].address,
3153 intf->channels[0].lun,
1da177e4
LT		 3154 0, 1); /* no retry, and no wait. */
3155 }
3156 }
3157#endif /* CONFIG_IPMI_PANIC_STRING */
3158}
3159#endif /* CONFIG_IPMI_PANIC_EVENT */
3160
3161static int has_paniced = 0;
3162
3163static int panic_event(struct notifier_block *this,
3164 unsigned long event,
3165 void *ptr)
3166{
3167 int i;
3168 ipmi_smi_t intf;
3169
3170 if (has_paniced)
3171 return NOTIFY_DONE;
3172 has_paniced = 1;
3173
3174 /* For every registered interface, set it to run to completion. */
e8b33617 3175 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 3176 intf = ipmi_interfaces[i];
393d2cc3 3177 if (IPMI_INVALID_INTERFACE(intf))
1da177e4
LT		 3178 continue;
3179
3180 intf->handlers->set_run_to_completion(intf->send_info, 1);
3181 }
3182
3183#ifdef CONFIG_IPMI_PANIC_EVENT
3184 send_panic_events(ptr);
3185#endif
3186
3187 return NOTIFY_DONE;
3188}
3189
3190static struct notifier_block panic_block = {
3191 .notifier_call = panic_event,
3192 .next = NULL,
3193 .priority = 200 /* priority: INT_MAX >= x >= 0 */
3194};
3195
3196static int ipmi_init_msghandler(void)
3197{
3198 int i;
3199
3200 if (initialized)
3201 return 0;
3202
3203 printk(KERN_INFO "ipmi message handler version "
1fdd75bd 3204 IPMI_DRIVER_VERSION "\n");
1da177e4 3205
393d2cc3 3206 for (i = 0; i < MAX_IPMI_INTERFACES; i++)
1da177e4 3207 ipmi_interfaces[i] = NULL;
1da177e4 3208
3b625943 3209#ifdef CONFIG_PROC_FS
1da177e4
LT		 3210 proc_ipmi_root = proc_mkdir("ipmi", NULL);
3211 if (!proc_ipmi_root) {
3212 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
3213 return -ENOMEM;
3214 }
3215
3216 proc_ipmi_root->owner = THIS_MODULE;
3b625943 3217#endif /* CONFIG_PROC_FS */
1da177e4
LT		 3218
3219 init_timer(&ipmi_timer);
3220 ipmi_timer.data = 0;
3221 ipmi_timer.function = ipmi_timeout;
3222 ipmi_timer.expires = jiffies + IPMI_TIMEOUT_JIFFIES;
3223 add_timer(&ipmi_timer);
3224
3225 notifier_chain_register(&panic_notifier_list, &panic_block);
3226
3227 initialized = 1;
3228
3229 return 0;
3230}
3231
3232static __init int ipmi_init_msghandler_mod(void)
3233{
3234 ipmi_init_msghandler();
3235 return 0;
3236}
3237
3238static __exit void cleanup_ipmi(void)
3239{
3240 int count;
3241
3242 if (!initialized)
3243 return;
3244
3245 notifier_chain_unregister(&panic_notifier_list, &panic_block);
3246
3247 /* This can't be called if any interfaces exist, so no worry about
3248 shutting down the interfaces. */
3249
3250 /* Tell the timer to stop, then wait for it to stop. This avoids
3251 problems with race conditions removing the timer here. */
8f43f84f
CM		 3252 atomic_inc(&stop_operation);
3253 del_timer_sync(&ipmi_timer);
1da177e4 3254
3b625943 3255#ifdef CONFIG_PROC_FS
1da177e4 3256 remove_proc_entry(proc_ipmi_root->name, &proc_root);
3b625943 3257#endif /* CONFIG_PROC_FS */
1da177e4
LT		 3258
3259 initialized = 0;
3260
3261 /* Check for buffer leaks. */
3262 count = atomic_read(&smi_msg_inuse_count);
3263 if (count != 0)
3264 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
3265 count);
3266 count = atomic_read(&recv_msg_inuse_count);
3267 if (count != 0)
3268 printk(KERN_WARNING PFX "recv message count %d at exit\n",
3269 count);
3270}
3271module_exit(cleanup_ipmi);
3272
3273module_init(ipmi_init_msghandler_mod);
3274MODULE_LICENSE("GPL");
1fdd75bd
CM		 3275MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
3276MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI interface.");
3277MODULE_VERSION(IPMI_DRIVER_VERSION);
1da177e4
LT		 3278
3279EXPORT_SYMBOL(ipmi_create_user);
3280EXPORT_SYMBOL(ipmi_destroy_user);
3281EXPORT_SYMBOL(ipmi_get_version);
3282EXPORT_SYMBOL(ipmi_request_settime);
3283EXPORT_SYMBOL(ipmi_request_supply_msgs);
3284EXPORT_SYMBOL(ipmi_register_smi);
3285EXPORT_SYMBOL(ipmi_unregister_smi);
3286EXPORT_SYMBOL(ipmi_register_for_cmd);
3287EXPORT_SYMBOL(ipmi_unregister_for_cmd);
3288EXPORT_SYMBOL(ipmi_smi_msg_received);
3289EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
3290EXPORT_SYMBOL(ipmi_alloc_smi_msg);
3291EXPORT_SYMBOL(ipmi_addr_length);
3292EXPORT_SYMBOL(ipmi_validate_addr);
3293EXPORT_SYMBOL(ipmi_set_gets_events);
3294EXPORT_SYMBOL(ipmi_smi_watcher_register);
3295EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
3296EXPORT_SYMBOL(ipmi_set_my_address);
3297EXPORT_SYMBOL(ipmi_get_my_address);
3298EXPORT_SYMBOL(ipmi_set_my_LUN);
3299EXPORT_SYMBOL(ipmi_get_my_LUN);
3300EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
3b625943 3301EXPORT_SYMBOL(proc_ipmi_root);
1da177e4 3302EXPORT_SYMBOL(ipmi_user_set_run_to_completion);
393d2cc3 3303EXPORT_SYMBOL(ipmi_free_recv_msg);
Clone of davem's net-next-2.6 tree