projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'origin'
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / char / ipmi / ipmi_msghandler.c
CommitLineData
1da177e4
LT		 1/*
2 * ipmi_msghandler.c
3 *
4 * Incoming and outgoing message routing for an IPMI interface.
5 *
6 * Author: MontaVista Software, Inc.
7 * Corey Minyard <minyard@mvista.com>
8 * source@mvista.com
9 *
10 * Copyright 2002 MontaVista Software Inc.
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version.
16 *
17 *
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 *
29 * You should have received a copy of the GNU General Public License along
30 * with this program; if not, write to the Free Software Foundation, Inc.,
31 * 675 Mass Ave, Cambridge, MA 02139, USA.
32 */
33
34#include <linux/config.h>
35#include <linux/module.h>
36#include <linux/errno.h>
37#include <asm/system.h>
38#include <linux/sched.h>
39#include <linux/poll.h>
40#include <linux/spinlock.h>
1da177e4
LT		 41#include <linux/slab.h>
42#include <linux/ipmi.h>
43#include <linux/ipmi_smi.h>
44#include <linux/notifier.h>
45#include <linux/init.h>
46#include <linux/proc_fs.h>
393d2cc3 47#include <linux/rcupdate.h>
1da177e4
LT		 48
49#define PFX "IPMI message handler: "
1fdd75bd 50
3225e1d3 51#define IPMI_DRIVER_VERSION "38.0"
1da177e4
LT		 52
53static struct ipmi_recv_msg *ipmi_alloc_recv_msg(void);
54static int ipmi_init_msghandler(void);
55
56static int initialized = 0;
57
3b625943
CM		 58#ifdef CONFIG_PROC_FS
59struct proc_dir_entry *proc_ipmi_root = NULL;
be4f1bb2 60EXPORT_SYMBOL(proc_ipmi_root);
3b625943 61#endif /* CONFIG_PROC_FS */
1da177e4
LT		 62
63#define MAX_EVENTS_IN_QUEUE 25
64
65/* Don't let a message sit in a queue forever, always time it with at lest
66 the max message timer. This is in milliseconds. */
67#define MAX_MSG_TIMEOUT 60000
68
393d2cc3
CM		 69
70/*
71 * The main "user" data structure.
72 */
1da177e4
LT		 73struct ipmi_user
74{
75 struct list_head link;
76
393d2cc3
CM		 77 /* Set to "0" when the user is destroyed. */
78 int valid;
79
80 struct kref refcount;
81
1da177e4
LT		 82 /* The upper layer that handles receive messages. */
83 struct ipmi_user_hndl *handler;
84 void *handler_data;
85
86 /* The interface this user is bound to. */
87 ipmi_smi_t intf;
88
89 /* Does this interface receive IPMI events? */
90 int gets_events;
91};
92
93struct cmd_rcvr
94{
95 struct list_head link;
96
97 ipmi_user_t user;
98 unsigned char netfn;
99 unsigned char cmd;
393d2cc3
CM		 100
101 /*
102 * This is used to form a linked lised during mass deletion.
103 * Since this is in an RCU list, we cannot use the link above
104 * or change any data until the RCU period completes. So we
105 * use this next variable during mass deletion so we can have
106 * a list and don't have to wait and restart the search on
107 * every individual deletion of a command. */
108 struct cmd_rcvr *next;
1da177e4
LT		 109};
110
111struct seq_table
112{
113 unsigned int inuse : 1;
114 unsigned int broadcast : 1;
115
116 unsigned long timeout;
117 unsigned long orig_timeout;
118 unsigned int retries_left;
119
120 /* To verify on an incoming send message response that this is
121 the message that the response is for, we keep a sequence id
122 and increment it every time we send a message. */
123 long seqid;
124
125 /* This is held so we can properly respond to the message on a
126 timeout, and it is used to hold the temporary data for
127 retransmission, too. */
128 struct ipmi_recv_msg *recv_msg;
129};
130
131/* Store the information in a msgid (long) to allow us to find a
132 sequence table entry from the msgid. */
133#define STORE_SEQ_IN_MSGID(seq, seqid) (((seq&0xff)<<26) | (seqid&0x3ffffff))
134
135#define GET_SEQ_FROM_MSGID(msgid, seq, seqid) \
136 do { \
137 seq = ((msgid >> 26) & 0x3f); \
138 seqid = (msgid & 0x3fffff); \
e8b33617 139 } while (0)
1da177e4
LT		 140
141#define NEXT_SEQID(seqid) (((seqid) + 1) & 0x3fffff)
142
143struct ipmi_channel
144{
145 unsigned char medium;
146 unsigned char protocol;
c14979b9
CM		 147
148 /* My slave address. This is initialized to IPMI_BMC_SLAVE_ADDR,
149 but may be changed by the user. */
150 unsigned char address;
151
152 /* My LUN. This should generally stay the SMS LUN, but just in
153 case... */
154 unsigned char lun;
1da177e4
LT		 155};
156
3b625943 157#ifdef CONFIG_PROC_FS
1da177e4
LT		 158struct ipmi_proc_entry
159{
160 char *name;
161 struct ipmi_proc_entry *next;
162};
3b625943 163#endif
1da177e4
LT		 164
165#define IPMI_IPMB_NUM_SEQ 64
c14979b9 166#define IPMI_MAX_CHANNELS 16
1da177e4
LT		 167struct ipmi_smi
168{
169 /* What interface number are we? */
170 int intf_num;
171
393d2cc3
CM		 172 struct kref refcount;
173
174 /* The list of upper layers that are using me. seq_lock
175 * protects this. */
176 struct list_head users;
1da177e4
LT		 177
178 /* Used for wake ups at startup. */
179 wait_queue_head_t waitq;
180
181 /* The IPMI version of the BMC on the other end. */
182 unsigned char version_major;
183 unsigned char version_minor;
184
185 /* This is the lower-layer's sender routine. */
186 struct ipmi_smi_handlers *handlers;
187 void *send_info;
188
3b625943 189#ifdef CONFIG_PROC_FS
1da177e4
LT		 190 /* A list of proc entries for this interface. This does not
191 need a lock, only one thread creates it and only one thread
192 destroys it. */
3b625943 193 spinlock_t proc_entry_lock;
1da177e4 194 struct ipmi_proc_entry *proc_entries;
3b625943 195#endif
1da177e4
LT		 196
197 /* A table of sequence numbers for this interface. We use the
198 sequence numbers for IPMB messages that go out of the
199 interface to match them up with their responses. A routine
200 is called periodically to time the items in this list. */
201 spinlock_t seq_lock;
202 struct seq_table seq_table[IPMI_IPMB_NUM_SEQ];
203 int curr_seq;
204
205 /* Messages that were delayed for some reason (out of memory,
206 for instance), will go in here to be processed later in a
207 periodic timer interrupt. */
208 spinlock_t waiting_msgs_lock;
209 struct list_head waiting_msgs;
210
211 /* The list of command receivers that are registered for commands
212 on this interface. */
e61fb5b6 213 struct semaphore cmd_rcvrs_lock;
1da177e4
LT		 214 struct list_head cmd_rcvrs;
215
216 /* Events that were queues because no one was there to receive
217 them. */
218 spinlock_t events_lock; /* For dealing with event stuff. */
219 struct list_head waiting_events;
220 unsigned int waiting_events_count; /* How many events in queue? */
221
1da177e4
LT		 222 /* The event receiver for my BMC, only really used at panic
223 shutdown as a place to store this. */
224 unsigned char event_receiver;
225 unsigned char event_receiver_lun;
226 unsigned char local_sel_device;
227 unsigned char local_event_generator;
228
229 /* A cheap hack, if this is non-null and a message to an
230 interface comes in with a NULL user, call this routine with
231 it. Note that the message will still be freed by the
232 caller. This only works on the system interface. */
56a55ec6 233 void (*null_user_handler)(ipmi_smi_t intf, struct ipmi_recv_msg *msg);
1da177e4
LT		 234
235 /* When we are scanning the channels for an SMI, this will
236 tell which channel we are scanning. */
237 int curr_channel;
238
239 /* Channel information */
240 struct ipmi_channel channels[IPMI_MAX_CHANNELS];
241
242 /* Proc FS stuff. */
243 struct proc_dir_entry *proc_dir;
244 char proc_dir_name[10];
245
246 spinlock_t counter_lock; /* For making counters atomic. */
247
248 /* Commands we got that were invalid. */
249 unsigned int sent_invalid_commands;
250
251 /* Commands we sent to the MC. */
252 unsigned int sent_local_commands;
253 /* Responses from the MC that were delivered to a user. */
254 unsigned int handled_local_responses;
255 /* Responses from the MC that were not delivered to a user. */
256 unsigned int unhandled_local_responses;
257
258 /* Commands we sent out to the IPMB bus. */
259 unsigned int sent_ipmb_commands;
260 /* Commands sent on the IPMB that had errors on the SEND CMD */
261 unsigned int sent_ipmb_command_errs;
262 /* Each retransmit increments this count. */
263 unsigned int retransmitted_ipmb_commands;
264 /* When a message times out (runs out of retransmits) this is
265 incremented. */
266 unsigned int timed_out_ipmb_commands;
267
268 /* This is like above, but for broadcasts. Broadcasts are
269 *not* included in the above count (they are expected to
270 time out). */
271 unsigned int timed_out_ipmb_broadcasts;
272
273 /* Responses I have sent to the IPMB bus. */
274 unsigned int sent_ipmb_responses;
275
276 /* The response was delivered to the user. */
277 unsigned int handled_ipmb_responses;
278 /* The response had invalid data in it. */
279 unsigned int invalid_ipmb_responses;
280 /* The response didn't have anyone waiting for it. */
281 unsigned int unhandled_ipmb_responses;
282
283 /* Commands we sent out to the IPMB bus. */
284 unsigned int sent_lan_commands;
285 /* Commands sent on the IPMB that had errors on the SEND CMD */
286 unsigned int sent_lan_command_errs;
287 /* Each retransmit increments this count. */
288 unsigned int retransmitted_lan_commands;
289 /* When a message times out (runs out of retransmits) this is
290 incremented. */
291 unsigned int timed_out_lan_commands;
292
293 /* Responses I have sent to the IPMB bus. */
294 unsigned int sent_lan_responses;
295
296 /* The response was delivered to the user. */
297 unsigned int handled_lan_responses;
298 /* The response had invalid data in it. */
299 unsigned int invalid_lan_responses;
300 /* The response didn't have anyone waiting for it. */
301 unsigned int unhandled_lan_responses;
302
303 /* The command was delivered to the user. */
304 unsigned int handled_commands;
305 /* The command had invalid data in it. */
306 unsigned int invalid_commands;
307 /* The command didn't have anyone waiting for it. */
308 unsigned int unhandled_commands;
309
310 /* Invalid data in an event. */
311 unsigned int invalid_events;
312 /* Events that were received with the proper format. */
313 unsigned int events;
314};
315
393d2cc3
CM		 316/* Used to mark an interface entry that cannot be used but is not a
317 * free entry, either, primarily used at creation and deletion time so
318 * a slot doesn't get reused too quickly. */
319#define IPMI_INVALID_INTERFACE_ENTRY ((ipmi_smi_t) ((long) 1))
320#define IPMI_INVALID_INTERFACE(i) (((i) == NULL) \
321 || (i == IPMI_INVALID_INTERFACE_ENTRY))
322
1da177e4
LT		 323#define MAX_IPMI_INTERFACES 4
324static ipmi_smi_t ipmi_interfaces[MAX_IPMI_INTERFACES];
325
393d2cc3 326/* Directly protects the ipmi_interfaces data structure. */
1da177e4
LT		 327static DEFINE_SPINLOCK(interfaces_lock);
328
329/* List of watchers that want to know when smi's are added and
330 deleted. */
331static struct list_head smi_watchers = LIST_HEAD_INIT(smi_watchers);
332static DECLARE_RWSEM(smi_watchers_sem);
333
393d2cc3
CM		 334
335static void free_recv_msg_list(struct list_head *q)
336{
337 struct ipmi_recv_msg *msg, *msg2;
338
339 list_for_each_entry_safe(msg, msg2, q, link) {
340 list_del(&msg->link);
341 ipmi_free_recv_msg(msg);
342 }
343}
344
345static void clean_up_interface_data(ipmi_smi_t intf)
346{
347 int i;
348 struct cmd_rcvr *rcvr, *rcvr2;
393d2cc3
CM		 349 struct list_head list;
350
351 free_recv_msg_list(&intf->waiting_msgs);
352 free_recv_msg_list(&intf->waiting_events);
353
354 /* Wholesale remove all the entries from the list in the
355 * interface and wait for RCU to know that none are in use. */
e61fb5b6 356 down(&intf->cmd_rcvrs_lock);
393d2cc3
CM		 357 list_add_rcu(&list, &intf->cmd_rcvrs);
358 list_del_rcu(&intf->cmd_rcvrs);
e61fb5b6 359 up(&intf->cmd_rcvrs_lock);
393d2cc3
CM		 360 synchronize_rcu();
361
362 list_for_each_entry_safe(rcvr, rcvr2, &list, link)
363 kfree(rcvr);
364
365 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
366 if ((intf->seq_table[i].inuse)
367 && (intf->seq_table[i].recv_msg))
368 {
369 ipmi_free_recv_msg(intf->seq_table[i].recv_msg);
370 }
371 }
372}
373
374static void intf_free(struct kref *ref)
375{
376 ipmi_smi_t intf = container_of(ref, struct ipmi_smi, refcount);
377
378 clean_up_interface_data(intf);
379 kfree(intf);
380}
381
1da177e4
LT		 382int ipmi_smi_watcher_register(struct ipmi_smi_watcher *watcher)
383{
393d2cc3
CM		 384 int i;
385 unsigned long flags;
1da177e4 386
1da177e4
LT		 387 down_write(&smi_watchers_sem);
388 list_add(&(watcher->link), &smi_watchers);
393d2cc3
CM		 389 up_write(&smi_watchers_sem);
390 spin_lock_irqsave(&interfaces_lock, flags);
e8b33617 391 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
393d2cc3
CM		 392 ipmi_smi_t intf = ipmi_interfaces[i];
393 if (IPMI_INVALID_INTERFACE(intf))
394 continue;
395 spin_unlock_irqrestore(&interfaces_lock, flags);
396 watcher->new_smi(i);
397 spin_lock_irqsave(&interfaces_lock, flags);
1da177e4 398 }
393d2cc3 399 spin_unlock_irqrestore(&interfaces_lock, flags);
1da177e4
LT		 400 return 0;
401}
402
403int ipmi_smi_watcher_unregister(struct ipmi_smi_watcher *watcher)
404{
405 down_write(&smi_watchers_sem);
406 list_del(&(watcher->link));
407 up_write(&smi_watchers_sem);
408 return 0;
409}
410
411static void
412call_smi_watchers(int i)
413{
414 struct ipmi_smi_watcher *w;
415
416 down_read(&smi_watchers_sem);
417 list_for_each_entry(w, &smi_watchers, link) {
418 if (try_module_get(w->owner)) {
419 w->new_smi(i);
420 module_put(w->owner);
421 }
422 }
423 up_read(&smi_watchers_sem);
424}
425
426static int
427ipmi_addr_equal(struct ipmi_addr *addr1, struct ipmi_addr *addr2)
428{
429 if (addr1->addr_type != addr2->addr_type)
430 return 0;
431
432 if (addr1->channel != addr2->channel)
433 return 0;
434
435 if (addr1->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
436 struct ipmi_system_interface_addr *smi_addr1
437 = (struct ipmi_system_interface_addr *) addr1;
438 struct ipmi_system_interface_addr *smi_addr2
439 = (struct ipmi_system_interface_addr *) addr2;
440 return (smi_addr1->lun == smi_addr2->lun);
441 }
442
443 if ((addr1->addr_type == IPMI_IPMB_ADDR_TYPE)
444 || (addr1->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
445 {
446 struct ipmi_ipmb_addr *ipmb_addr1
447 = (struct ipmi_ipmb_addr *) addr1;
448 struct ipmi_ipmb_addr *ipmb_addr2
449 = (struct ipmi_ipmb_addr *) addr2;
450
451 return ((ipmb_addr1->slave_addr == ipmb_addr2->slave_addr)
452 && (ipmb_addr1->lun == ipmb_addr2->lun));
453 }
454
455 if (addr1->addr_type == IPMI_LAN_ADDR_TYPE) {
456 struct ipmi_lan_addr *lan_addr1
457 = (struct ipmi_lan_addr *) addr1;
458 struct ipmi_lan_addr *lan_addr2
459 = (struct ipmi_lan_addr *) addr2;
460
461 return ((lan_addr1->remote_SWID == lan_addr2->remote_SWID)
462 && (lan_addr1->local_SWID == lan_addr2->local_SWID)
463 && (lan_addr1->session_handle
464 == lan_addr2->session_handle)
465 && (lan_addr1->lun == lan_addr2->lun));
466 }
467
468 return 1;
469}
470
471int ipmi_validate_addr(struct ipmi_addr *addr, int len)
472{
473 if (len < sizeof(struct ipmi_system_interface_addr)) {
474 return -EINVAL;
475 }
476
477 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
478 if (addr->channel != IPMI_BMC_CHANNEL)
479 return -EINVAL;
480 return 0;
481 }
482
483 if ((addr->channel == IPMI_BMC_CHANNEL)
12fc1d7b 484 || (addr->channel >= IPMI_MAX_CHANNELS)
1da177e4
LT		 485 || (addr->channel < 0))
486 return -EINVAL;
487
488 if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
489 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
490 {
491 if (len < sizeof(struct ipmi_ipmb_addr)) {
492 return -EINVAL;
493 }
494 return 0;
495 }
496
497 if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
498 if (len < sizeof(struct ipmi_lan_addr)) {
499 return -EINVAL;
500 }
501 return 0;
502 }
503
504 return -EINVAL;
505}
506
507unsigned int ipmi_addr_length(int addr_type)
508{
509 if (addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
510 return sizeof(struct ipmi_system_interface_addr);
511
512 if ((addr_type == IPMI_IPMB_ADDR_TYPE)
513 || (addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
514 {
515 return sizeof(struct ipmi_ipmb_addr);
516 }
517
518 if (addr_type == IPMI_LAN_ADDR_TYPE)
519 return sizeof(struct ipmi_lan_addr);
520
521 return 0;
522}
523
524static void deliver_response(struct ipmi_recv_msg *msg)
525{
56a55ec6
CM		 526 if (! msg->user) {
527 ipmi_smi_t intf = msg->user_msg_data;
528 unsigned long flags;
529
530 /* Special handling for NULL users. */
531 if (intf->null_user_handler) {
532 intf->null_user_handler(intf, msg);
533 spin_lock_irqsave(&intf->counter_lock, flags);
534 intf->handled_local_responses++;
535 spin_unlock_irqrestore(&intf->counter_lock, flags);
536 } else {
537 /* No handler, so give up. */
538 spin_lock_irqsave(&intf->counter_lock, flags);
539 intf->unhandled_local_responses++;
540 spin_unlock_irqrestore(&intf->counter_lock, flags);
541 }
542 ipmi_free_recv_msg(msg);
543 } else {
393d2cc3
CM		 544 ipmi_user_t user = msg->user;
545 user->handler->ipmi_recv_hndl(msg, user->handler_data);
56a55ec6 546 }
1da177e4
LT		 547}
548
549/* Find the next sequence number not being used and add the given
550 message with the given timeout to the sequence table. This must be
551 called with the interface's seq_lock held. */
552static int intf_next_seq(ipmi_smi_t intf,
553 struct ipmi_recv_msg *recv_msg,
554 unsigned long timeout,
555 int retries,
556 int broadcast,
557 unsigned char *seq,
558 long *seqid)
559{
560 int rv = 0;
561 unsigned int i;
562
e8b33617 563 for (i = intf->curr_seq;
1da177e4 564 (i+1)%IPMI_IPMB_NUM_SEQ != intf->curr_seq;
e8b33617 565 i = (i+1)%IPMI_IPMB_NUM_SEQ)
1da177e4
LT		 566 {
567 if (! intf->seq_table[i].inuse)
568 break;
569 }
570
571 if (! intf->seq_table[i].inuse) {
572 intf->seq_table[i].recv_msg = recv_msg;
573
574 /* Start with the maximum timeout, when the send response
575 comes in we will start the real timer. */
576 intf->seq_table[i].timeout = MAX_MSG_TIMEOUT;
577 intf->seq_table[i].orig_timeout = timeout;
578 intf->seq_table[i].retries_left = retries;
579 intf->seq_table[i].broadcast = broadcast;
580 intf->seq_table[i].inuse = 1;
581 intf->seq_table[i].seqid = NEXT_SEQID(intf->seq_table[i].seqid);
582 *seq = i;
583 *seqid = intf->seq_table[i].seqid;
584 intf->curr_seq = (i+1)%IPMI_IPMB_NUM_SEQ;
585 } else {
586 rv = -EAGAIN;
587 }
588
589 return rv;
590}
591
592/* Return the receive message for the given sequence number and
593 release the sequence number so it can be reused. Some other data
594 is passed in to be sure the message matches up correctly (to help
595 guard against message coming in after their timeout and the
596 sequence number being reused). */
597static int intf_find_seq(ipmi_smi_t intf,
598 unsigned char seq,
599 short channel,
600 unsigned char cmd,
601 unsigned char netfn,
602 struct ipmi_addr *addr,
603 struct ipmi_recv_msg **recv_msg)
604{
605 int rv = -ENODEV;
606 unsigned long flags;
607
608 if (seq >= IPMI_IPMB_NUM_SEQ)
609 return -EINVAL;
610
611 spin_lock_irqsave(&(intf->seq_lock), flags);
612 if (intf->seq_table[seq].inuse) {
613 struct ipmi_recv_msg *msg = intf->seq_table[seq].recv_msg;
614
615 if ((msg->addr.channel == channel)
616 && (msg->msg.cmd == cmd)
617 && (msg->msg.netfn == netfn)
618 && (ipmi_addr_equal(addr, &(msg->addr))))
619 {
620 *recv_msg = msg;
621 intf->seq_table[seq].inuse = 0;
622 rv = 0;
623 }
624 }
625 spin_unlock_irqrestore(&(intf->seq_lock), flags);
626
627 return rv;
628}
629
630
631/* Start the timer for a specific sequence table entry. */
632static int intf_start_seq_timer(ipmi_smi_t intf,
633 long msgid)
634{
635 int rv = -ENODEV;
636 unsigned long flags;
637 unsigned char seq;
638 unsigned long seqid;
639
640
641 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
642
643 spin_lock_irqsave(&(intf->seq_lock), flags);
644 /* We do this verification because the user can be deleted
645 while a message is outstanding. */
646 if ((intf->seq_table[seq].inuse)
647 && (intf->seq_table[seq].seqid == seqid))
648 {
649 struct seq_table *ent = &(intf->seq_table[seq]);
650 ent->timeout = ent->orig_timeout;
651 rv = 0;
652 }
653 spin_unlock_irqrestore(&(intf->seq_lock), flags);
654
655 return rv;
656}
657
658/* Got an error for the send message for a specific sequence number. */
659static int intf_err_seq(ipmi_smi_t intf,
660 long msgid,
661 unsigned int err)
662{
663 int rv = -ENODEV;
664 unsigned long flags;
665 unsigned char seq;
666 unsigned long seqid;
667 struct ipmi_recv_msg *msg = NULL;
668
669
670 GET_SEQ_FROM_MSGID(msgid, seq, seqid);
671
672 spin_lock_irqsave(&(intf->seq_lock), flags);
673 /* We do this verification because the user can be deleted
674 while a message is outstanding. */
675 if ((intf->seq_table[seq].inuse)
676 && (intf->seq_table[seq].seqid == seqid))
677 {
678 struct seq_table *ent = &(intf->seq_table[seq]);
679
680 ent->inuse = 0;
681 msg = ent->recv_msg;
682 rv = 0;
683 }
684 spin_unlock_irqrestore(&(intf->seq_lock), flags);
685
686 if (msg) {
687 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
688 msg->msg_data[0] = err;
689 msg->msg.netfn |= 1; /* Convert to a response. */
690 msg->msg.data_len = 1;
691 msg->msg.data = msg->msg_data;
692 deliver_response(msg);
693 }
694
695 return rv;
696}
697
698
699int ipmi_create_user(unsigned int if_num,
700 struct ipmi_user_hndl *handler,
701 void *handler_data,
702 ipmi_user_t *user)
703{
704 unsigned long flags;
705 ipmi_user_t new_user;
706 int rv = 0;
707 ipmi_smi_t intf;
708
709 /* There is no module usecount here, because it's not
710 required. Since this can only be used by and called from
711 other modules, they will implicitly use this module, and
712 thus this can't be removed unless the other modules are
713 removed. */
714
715 if (handler == NULL)
716 return -EINVAL;
717
718 /* Make sure the driver is actually initialized, this handles
719 problems with initialization order. */
720 if (!initialized) {
721 rv = ipmi_init_msghandler();
722 if (rv)
723 return rv;
724
725 /* The init code doesn't return an error if it was turned
726 off, but it won't initialize. Check that. */
727 if (!initialized)
728 return -ENODEV;
729 }
730
731 new_user = kmalloc(sizeof(*new_user), GFP_KERNEL);
732 if (! new_user)
733 return -ENOMEM;
734
393d2cc3
CM		 735 spin_lock_irqsave(&interfaces_lock, flags);
736 intf = ipmi_interfaces[if_num];
737 if ((if_num >= MAX_IPMI_INTERFACES) || IPMI_INVALID_INTERFACE(intf)) {
738 spin_unlock_irqrestore(&interfaces_lock, flags);
739 return -EINVAL;
1da177e4
LT		 740 }
741
393d2cc3
CM		 742 /* Note that each existing user holds a refcount to the interface. */
743 kref_get(&intf->refcount);
744 spin_unlock_irqrestore(&interfaces_lock, flags);
1da177e4 745
393d2cc3 746 kref_init(&new_user->refcount);
1da177e4
LT		 747 new_user->handler = handler;
748 new_user->handler_data = handler_data;
749 new_user->intf = intf;
750 new_user->gets_events = 0;
751
752 if (!try_module_get(intf->handlers->owner)) {
753 rv = -ENODEV;
393d2cc3 754 goto out_err;
1da177e4
LT		 755 }
756
757 if (intf->handlers->inc_usecount) {
758 rv = intf->handlers->inc_usecount(intf->send_info);
759 if (rv) {
760 module_put(intf->handlers->owner);
393d2cc3 761 goto out_err;
1da177e4
LT		 762 }
763 }
764
393d2cc3
CM		 765 new_user->valid = 1;
766 spin_lock_irqsave(&intf->seq_lock, flags);
767 list_add_rcu(&new_user->link, &intf->users);
768 spin_unlock_irqrestore(&intf->seq_lock, flags);
769 *user = new_user;
770 return 0;
1da177e4 771
393d2cc3
CM		 772 out_err:
773 kfree(new_user);
774 kref_put(&intf->refcount, intf_free);
1da177e4
LT		 775 return rv;
776}
777
393d2cc3
CM		 778static void free_user(struct kref *ref)
779{
780 ipmi_user_t user = container_of(ref, struct ipmi_user, refcount);
781 kfree(user);
782}
783
784int ipmi_destroy_user(ipmi_user_t user)
1da177e4
LT		 785{
786 int rv = -ENODEV;
393d2cc3 787 ipmi_smi_t intf = user->intf;
1da177e4
LT		 788 int i;
789 unsigned long flags;
393d2cc3 790 struct cmd_rcvr *rcvr;
393d2cc3 791 struct cmd_rcvr *rcvrs = NULL;
1da177e4 792
393d2cc3 793 user->valid = 1;
1da177e4 794
393d2cc3
CM		 795 /* Remove the user from the interface's sequence table. */
796 spin_lock_irqsave(&intf->seq_lock, flags);
797 list_del_rcu(&user->link);
1da177e4 798
e8b33617 799 for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
393d2cc3
CM		 800 if (intf->seq_table[i].inuse
801 && (intf->seq_table[i].recv_msg->user == user))
1da177e4 802 {
393d2cc3 803 intf->seq_table[i].inuse = 0;
1da177e4
LT		 804 }
805 }
393d2cc3
CM		 806 spin_unlock_irqrestore(&intf->seq_lock, flags);
807
808 /*
809 * Remove the user from the command receiver's table. First
810 * we build a list of everything (not using the standard link,
811 * since other things may be using it till we do
812 * synchronize_rcu()) then free everything in that list.
813 */
e61fb5b6 814 down(&intf->cmd_rcvrs_lock);
066bb8d0 815 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
1da177e4 816 if (rcvr->user == user) {
393d2cc3
CM		 817 list_del_rcu(&rcvr->link);
818 rcvr->next = rcvrs;
819 rcvrs = rcvr;
1da177e4
LT		 820 }
821 }
e61fb5b6 822 up(&intf->cmd_rcvrs_lock);
393d2cc3
CM		 823 synchronize_rcu();
824 while (rcvrs) {
825 rcvr = rcvrs;
826 rcvrs = rcvr->next;
827 kfree(rcvr);
828 }
1da177e4 829
393d2cc3
CM		 830 module_put(intf->handlers->owner);
831 if (intf->handlers->dec_usecount)
832 intf->handlers->dec_usecount(intf->send_info);
1da177e4 833
393d2cc3 834 kref_put(&intf->refcount, intf_free);
1da177e4 835
393d2cc3 836 kref_put(&user->refcount, free_user);
1da177e4 837
1da177e4
LT		 838 return rv;
839}
840
841void ipmi_get_version(ipmi_user_t user,
842 unsigned char *major,
843 unsigned char *minor)
844{
845 *major = user->intf->version_major;
846 *minor = user->intf->version_minor;
847}
848
c14979b9
CM		 849int ipmi_set_my_address(ipmi_user_t user,
850 unsigned int channel,
851 unsigned char address)
1da177e4 852{
c14979b9
CM		 853 if (channel >= IPMI_MAX_CHANNELS)
854 return -EINVAL;
855 user->intf->channels[channel].address = address;
856 return 0;
1da177e4
LT		 857}
858
c14979b9
CM		 859int ipmi_get_my_address(ipmi_user_t user,
860 unsigned int channel,
861 unsigned char *address)
1da177e4 862{
c14979b9
CM		 863 if (channel >= IPMI_MAX_CHANNELS)
864 return -EINVAL;
865 *address = user->intf->channels[channel].address;
866 return 0;
1da177e4
LT		 867}
868
c14979b9
CM		 869int ipmi_set_my_LUN(ipmi_user_t user,
870 unsigned int channel,
871 unsigned char LUN)
1da177e4 872{
c14979b9
CM		 873 if (channel >= IPMI_MAX_CHANNELS)
874 return -EINVAL;
875 user->intf->channels[channel].lun = LUN & 0x3;
876 return 0;
1da177e4
LT		 877}
878
c14979b9
CM		 879int ipmi_get_my_LUN(ipmi_user_t user,
880 unsigned int channel,
881 unsigned char *address)
1da177e4 882{
c14979b9
CM		 883 if (channel >= IPMI_MAX_CHANNELS)
884 return -EINVAL;
885 *address = user->intf->channels[channel].lun;
886 return 0;
1da177e4
LT		 887}
888
889int ipmi_set_gets_events(ipmi_user_t user, int val)
890{
393d2cc3
CM		 891 unsigned long flags;
892 ipmi_smi_t intf = user->intf;
893 struct ipmi_recv_msg *msg, *msg2;
894 struct list_head msgs;
1da177e4 895
393d2cc3
CM		 896 INIT_LIST_HEAD(&msgs);
897
898 spin_lock_irqsave(&intf->events_lock, flags);
1da177e4
LT		 899 user->gets_events = val;
900
901 if (val) {
902 /* Deliver any queued events. */
393d2cc3 903 list_for_each_entry_safe(msg, msg2, &intf->waiting_events, link) {
1da177e4 904 list_del(&msg->link);
393d2cc3 905 list_add_tail(&msg->link, &msgs);
1da177e4
LT		 906 }
907 }
393d2cc3
CM		 908
909 /* Hold the events lock while doing this to preserve order. */
910 list_for_each_entry_safe(msg, msg2, &msgs, link) {
911 msg->user = user;
912 kref_get(&user->refcount);
913 deliver_response(msg);
914 }
915
916 spin_unlock_irqrestore(&intf->events_lock, flags);
1da177e4
LT		 917
918 return 0;
919}
920
393d2cc3
CM		 921static struct cmd_rcvr *find_cmd_rcvr(ipmi_smi_t intf,
922 unsigned char netfn,
923 unsigned char cmd)
924{
925 struct cmd_rcvr *rcvr;
926
927 list_for_each_entry_rcu(rcvr, &intf->cmd_rcvrs, link) {
928 if ((rcvr->netfn == netfn) && (rcvr->cmd == cmd))
929 return rcvr;
930 }
931 return NULL;
932}
933
1da177e4
LT		 934int ipmi_register_for_cmd(ipmi_user_t user,
935 unsigned char netfn,
936 unsigned char cmd)
937{
393d2cc3
CM		 938 ipmi_smi_t intf = user->intf;
939 struct cmd_rcvr *rcvr;
940 struct cmd_rcvr *entry;
941 int rv = 0;
1da177e4
LT		 942
943
944 rcvr = kmalloc(sizeof(*rcvr), GFP_KERNEL);
945 if (! rcvr)
946 return -ENOMEM;
393d2cc3
CM		 947 rcvr->cmd = cmd;
948 rcvr->netfn = netfn;
949 rcvr->user = user;
1da177e4 950
e61fb5b6 951 down(&intf->cmd_rcvrs_lock);
1da177e4 952 /* Make sure the command/netfn is not already registered. */
393d2cc3
CM		 953 entry = find_cmd_rcvr(intf, netfn, cmd);
954 if (entry) {
955 rv = -EBUSY;
956 goto out_unlock;
1da177e4 957 }
877197ef 958
393d2cc3 959 list_add_rcu(&rcvr->link, &intf->cmd_rcvrs);
1da177e4 960
393d2cc3 961 out_unlock:
e61fb5b6 962 up(&intf->cmd_rcvrs_lock);
1da177e4
LT		 963 if (rv)
964 kfree(rcvr);
965
966 return rv;
967}
968
969int ipmi_unregister_for_cmd(ipmi_user_t user,
970 unsigned char netfn,
971 unsigned char cmd)
972{
393d2cc3
CM		 973 ipmi_smi_t intf = user->intf;
974 struct cmd_rcvr *rcvr;
1da177e4 975
e61fb5b6 976 down(&intf->cmd_rcvrs_lock);
1da177e4 977 /* Make sure the command/netfn is not already registered. */
393d2cc3
CM		 978 rcvr = find_cmd_rcvr(intf, netfn, cmd);
979 if ((rcvr) && (rcvr->user == user)) {
980 list_del_rcu(&rcvr->link);
e61fb5b6 981 up(&intf->cmd_rcvrs_lock);
393d2cc3
CM		 982 synchronize_rcu();
983 kfree(rcvr);
984 return 0;
985 } else {
e61fb5b6 986 up(&intf->cmd_rcvrs_lock);
393d2cc3 987 return -ENOENT;
1da177e4 988 }
1da177e4
LT		 989}
990
991void ipmi_user_set_run_to_completion(ipmi_user_t user, int val)
992{
393d2cc3
CM		 993 ipmi_smi_t intf = user->intf;
994 intf->handlers->set_run_to_completion(intf->send_info, val);
1da177e4
LT		 995}
996
997static unsigned char
998ipmb_checksum(unsigned char *data, int size)
999{
1000 unsigned char csum = 0;
1001
1002 for (; size > 0; size--, data++)
1003 csum += *data;
1004
1005 return -csum;
1006}
1007
1008static inline void format_ipmb_msg(struct ipmi_smi_msg *smi_msg,
1009 struct kernel_ipmi_msg *msg,
1010 struct ipmi_ipmb_addr *ipmb_addr,
1011 long msgid,
1012 unsigned char ipmb_seq,
1013 int broadcast,
1014 unsigned char source_address,
1015 unsigned char source_lun)
1016{
1017 int i = broadcast;
1018
1019 /* Format the IPMB header data. */
1020 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1021 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1022 smi_msg->data[2] = ipmb_addr->channel;
1023 if (broadcast)
1024 smi_msg->data[3] = 0;
1025 smi_msg->data[i+3] = ipmb_addr->slave_addr;
1026 smi_msg->data[i+4] = (msg->netfn << 2) | (ipmb_addr->lun & 0x3);
1027 smi_msg->data[i+5] = ipmb_checksum(&(smi_msg->data[i+3]), 2);
1028 smi_msg->data[i+6] = source_address;
1029 smi_msg->data[i+7] = (ipmb_seq << 2) | source_lun;
1030 smi_msg->data[i+8] = msg->cmd;
1031
1032 /* Now tack on the data to the message. */
1033 if (msg->data_len > 0)
1034 memcpy(&(smi_msg->data[i+9]), msg->data,
1035 msg->data_len);
1036 smi_msg->data_size = msg->data_len + 9;
1037
1038 /* Now calculate the checksum and tack it on. */
1039 smi_msg->data[i+smi_msg->data_size]
1040 = ipmb_checksum(&(smi_msg->data[i+6]),
1041 smi_msg->data_size-6);
1042
1043 /* Add on the checksum size and the offset from the
1044 broadcast. */
1045 smi_msg->data_size += 1 + i;
1046
1047 smi_msg->msgid = msgid;
1048}
1049
1050static inline void format_lan_msg(struct ipmi_smi_msg *smi_msg,
1051 struct kernel_ipmi_msg *msg,
1052 struct ipmi_lan_addr *lan_addr,
1053 long msgid,
1054 unsigned char ipmb_seq,
1055 unsigned char source_lun)
1056{
1057 /* Format the IPMB header data. */
1058 smi_msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
1059 smi_msg->data[1] = IPMI_SEND_MSG_CMD;
1060 smi_msg->data[2] = lan_addr->channel;
1061 smi_msg->data[3] = lan_addr->session_handle;
1062 smi_msg->data[4] = lan_addr->remote_SWID;
1063 smi_msg->data[5] = (msg->netfn << 2) | (lan_addr->lun & 0x3);
1064 smi_msg->data[6] = ipmb_checksum(&(smi_msg->data[4]), 2);
1065 smi_msg->data[7] = lan_addr->local_SWID;
1066 smi_msg->data[8] = (ipmb_seq << 2) | source_lun;
1067 smi_msg->data[9] = msg->cmd;
1068
1069 /* Now tack on the data to the message. */
1070 if (msg->data_len > 0)
1071 memcpy(&(smi_msg->data[10]), msg->data,
1072 msg->data_len);
1073 smi_msg->data_size = msg->data_len + 10;
1074
1075 /* Now calculate the checksum and tack it on. */
1076 smi_msg->data[smi_msg->data_size]
1077 = ipmb_checksum(&(smi_msg->data[7]),
1078 smi_msg->data_size-7);
1079
1080 /* Add on the checksum size and the offset from the
1081 broadcast. */
1082 smi_msg->data_size += 1;
1083
1084 smi_msg->msgid = msgid;
1085}
1086
1087/* Separate from ipmi_request so that the user does not have to be
1088 supplied in certain circumstances (mainly at panic time). If
1089 messages are supplied, they will be freed, even if an error
1090 occurs. */
393d2cc3
CM		 1091static int i_ipmi_request(ipmi_user_t user,
1092 ipmi_smi_t intf,
1093 struct ipmi_addr *addr,
1094 long msgid,
1095 struct kernel_ipmi_msg *msg,
1096 void *user_msg_data,
1097 void *supplied_smi,
1098 struct ipmi_recv_msg *supplied_recv,
1099 int priority,
1100 unsigned char source_address,
1101 unsigned char source_lun,
1102 int retries,
1103 unsigned int retry_time_ms)
1da177e4
LT		 1104{
1105 int rv = 0;
1106 struct ipmi_smi_msg *smi_msg;
1107 struct ipmi_recv_msg *recv_msg;
1108 unsigned long flags;
1109
1110
1111 if (supplied_recv) {
1112 recv_msg = supplied_recv;
1113 } else {
1114 recv_msg = ipmi_alloc_recv_msg();
1115 if (recv_msg == NULL) {
1116 return -ENOMEM;
1117 }
1118 }
1119 recv_msg->user_msg_data = user_msg_data;
1120
1121 if (supplied_smi) {
1122 smi_msg = (struct ipmi_smi_msg *) supplied_smi;
1123 } else {
1124 smi_msg = ipmi_alloc_smi_msg();
1125 if (smi_msg == NULL) {
1126 ipmi_free_recv_msg(recv_msg);
1127 return -ENOMEM;
1128 }
1129 }
1130
1131 recv_msg->user = user;
393d2cc3
CM		 1132 if (user)
1133 kref_get(&user->refcount);
1da177e4
LT		 1134 recv_msg->msgid = msgid;
1135 /* Store the message to send in the receive message so timeout
1136 responses can get the proper response data. */
1137 recv_msg->msg = *msg;
1138
1139 if (addr->addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
1140 struct ipmi_system_interface_addr *smi_addr;
1141
1142 if (msg->netfn & 1) {
1143 /* Responses are not allowed to the SMI. */
1144 rv = -EINVAL;
1145 goto out_err;
1146 }
1147
1148 smi_addr = (struct ipmi_system_interface_addr *) addr;
1149 if (smi_addr->lun > 3) {
1150 spin_lock_irqsave(&intf->counter_lock, flags);
1151 intf->sent_invalid_commands++;
1152 spin_unlock_irqrestore(&intf->counter_lock, flags);
1153 rv = -EINVAL;
1154 goto out_err;
1155 }
1156
1157 memcpy(&recv_msg->addr, smi_addr, sizeof(*smi_addr));
1158
1159 if ((msg->netfn == IPMI_NETFN_APP_REQUEST)
1160 && ((msg->cmd == IPMI_SEND_MSG_CMD)
1161 || (msg->cmd == IPMI_GET_MSG_CMD)
1162 || (msg->cmd == IPMI_READ_EVENT_MSG_BUFFER_CMD)))
1163 {
1164 /* We don't let the user do these, since we manage
1165 the sequence numbers. */
1166 spin_lock_irqsave(&intf->counter_lock, flags);
1167 intf->sent_invalid_commands++;
1168 spin_unlock_irqrestore(&intf->counter_lock, flags);
1169 rv = -EINVAL;
1170 goto out_err;
1171 }
1172
1173 if ((msg->data_len + 2) > IPMI_MAX_MSG_LENGTH) {
1174 spin_lock_irqsave(&intf->counter_lock, flags);
1175 intf->sent_invalid_commands++;
1176 spin_unlock_irqrestore(&intf->counter_lock, flags);
1177 rv = -EMSGSIZE;
1178 goto out_err;
1179 }
1180
1181 smi_msg->data[0] = (msg->netfn << 2) | (smi_addr->lun & 0x3);
1182 smi_msg->data[1] = msg->cmd;
1183 smi_msg->msgid = msgid;
1184 smi_msg->user_data = recv_msg;
1185 if (msg->data_len > 0)
1186 memcpy(&(smi_msg->data[2]), msg->data, msg->data_len);
1187 smi_msg->data_size = msg->data_len + 2;
1188 spin_lock_irqsave(&intf->counter_lock, flags);
1189 intf->sent_local_commands++;
1190 spin_unlock_irqrestore(&intf->counter_lock, flags);
1191 } else if ((addr->addr_type == IPMI_IPMB_ADDR_TYPE)
1192 || (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE))
1193 {
1194 struct ipmi_ipmb_addr *ipmb_addr;
1195 unsigned char ipmb_seq;
1196 long seqid;
1197 int broadcast = 0;
1198
9c101fd4
KZ		 1199 if (addr->channel >= IPMI_MAX_CHANNELS) {
1200 spin_lock_irqsave(&intf->counter_lock, flags);
1da177e4
LT		 1201 intf->sent_invalid_commands++;
1202 spin_unlock_irqrestore(&intf->counter_lock, flags);
1203 rv = -EINVAL;
1204 goto out_err;
1205 }
1206
1207 if (intf->channels[addr->channel].medium
1208 != IPMI_CHANNEL_MEDIUM_IPMB)
1209 {
1210 spin_lock_irqsave(&intf->counter_lock, flags);
1211 intf->sent_invalid_commands++;
1212 spin_unlock_irqrestore(&intf->counter_lock, flags);
1213 rv = -EINVAL;
1214 goto out_err;
1215 }
1216
1217 if (retries < 0) {
1218 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE)
1219 retries = 0; /* Don't retry broadcasts. */
1220 else
1221 retries = 4;
1222 }
1223 if (addr->addr_type == IPMI_IPMB_BROADCAST_ADDR_TYPE) {
1224 /* Broadcasts add a zero at the beginning of the
1225 message, but otherwise is the same as an IPMB
1226 address. */
1227 addr->addr_type = IPMI_IPMB_ADDR_TYPE;
1228 broadcast = 1;
1229 }
1230
1231
1232 /* Default to 1 second retries. */
1233 if (retry_time_ms == 0)
1234 retry_time_ms = 1000;
1235
1236 /* 9 for the header and 1 for the checksum, plus
1237 possibly one for the broadcast. */
1238 if ((msg->data_len + 10 + broadcast) > IPMI_MAX_MSG_LENGTH) {
1239 spin_lock_irqsave(&intf->counter_lock, flags);
1240 intf->sent_invalid_commands++;
1241 spin_unlock_irqrestore(&intf->counter_lock, flags);
1242 rv = -EMSGSIZE;
1243 goto out_err;
1244 }
1245
1246 ipmb_addr = (struct ipmi_ipmb_addr *) addr;
1247 if (ipmb_addr->lun > 3) {
1248 spin_lock_irqsave(&intf->counter_lock, flags);
1249 intf->sent_invalid_commands++;
1250 spin_unlock_irqrestore(&intf->counter_lock, flags);
1251 rv = -EINVAL;
1252 goto out_err;
1253 }
1254
1255 memcpy(&recv_msg->addr, ipmb_addr, sizeof(*ipmb_addr));
1256
1257 if (recv_msg->msg.netfn & 0x1) {
1258 /* It's a response, so use the user's sequence
1259 from msgid. */
1260 spin_lock_irqsave(&intf->counter_lock, flags);
1261 intf->sent_ipmb_responses++;
1262 spin_unlock_irqrestore(&intf->counter_lock, flags);
1263 format_ipmb_msg(smi_msg, msg, ipmb_addr, msgid,
1264 msgid, broadcast,
1265 source_address, source_lun);
1266
1267 /* Save the receive message so we can use it
1268 to deliver the response. */
1269 smi_msg->user_data = recv_msg;
1270 } else {
1271 /* It's a command, so get a sequence for it. */
1272
1273 spin_lock_irqsave(&(intf->seq_lock), flags);
1274
1275 spin_lock(&intf->counter_lock);
1276 intf->sent_ipmb_commands++;
1277 spin_unlock(&intf->counter_lock);
1278
1279 /* Create a sequence number with a 1 second
1280 timeout and 4 retries. */
1281 rv = intf_next_seq(intf,
1282 recv_msg,
1283 retry_time_ms,
1284 retries,
1285 broadcast,
1286 &ipmb_seq,
1287 &seqid);
1288 if (rv) {
1289 /* We have used up all the sequence numbers,
1290 probably, so abort. */
1291 spin_unlock_irqrestore(&(intf->seq_lock),
1292 flags);
1293 goto out_err;
1294 }
1295
1296 /* Store the sequence number in the message,
1297 so that when the send message response
1298 comes back we can start the timer. */
1299 format_ipmb_msg(smi_msg, msg, ipmb_addr,
1300 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1301 ipmb_seq, broadcast,
1302 source_address, source_lun);
1303
1304 /* Copy the message into the recv message data, so we
1305 can retransmit it later if necessary. */
1306 memcpy(recv_msg->msg_data, smi_msg->data,
1307 smi_msg->data_size);
1308 recv_msg->msg.data = recv_msg->msg_data;
1309 recv_msg->msg.data_len = smi_msg->data_size;
1310
1311 /* We don't unlock until here, because we need
1312 to copy the completed message into the
1313 recv_msg before we release the lock.
1314 Otherwise, race conditions may bite us. I
1315 know that's pretty paranoid, but I prefer
1316 to be correct. */
1317 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1318 }
1319 } else if (addr->addr_type == IPMI_LAN_ADDR_TYPE) {
1320 struct ipmi_lan_addr *lan_addr;
1321 unsigned char ipmb_seq;
1322 long seqid;
1323
12fc1d7b 1324 if (addr->channel >= IPMI_MAX_CHANNELS) {
1da177e4
LT		 1325 spin_lock_irqsave(&intf->counter_lock, flags);
1326 intf->sent_invalid_commands++;
1327 spin_unlock_irqrestore(&intf->counter_lock, flags);
1328 rv = -EINVAL;
1329 goto out_err;
1330 }
1331
1332 if ((intf->channels[addr->channel].medium
1333 != IPMI_CHANNEL_MEDIUM_8023LAN)
1334 && (intf->channels[addr->channel].medium
1335 != IPMI_CHANNEL_MEDIUM_ASYNC))
1336 {
1337 spin_lock_irqsave(&intf->counter_lock, flags);
1338 intf->sent_invalid_commands++;
1339 spin_unlock_irqrestore(&intf->counter_lock, flags);
1340 rv = -EINVAL;
1341 goto out_err;
1342 }
1343
1344 retries = 4;
1345
1346 /* Default to 1 second retries. */
1347 if (retry_time_ms == 0)
1348 retry_time_ms = 1000;
1349
1350 /* 11 for the header and 1 for the checksum. */
1351 if ((msg->data_len + 12) > IPMI_MAX_MSG_LENGTH) {
1352 spin_lock_irqsave(&intf->counter_lock, flags);
1353 intf->sent_invalid_commands++;
1354 spin_unlock_irqrestore(&intf->counter_lock, flags);
1355 rv = -EMSGSIZE;
1356 goto out_err;
1357 }
1358
1359 lan_addr = (struct ipmi_lan_addr *) addr;
1360 if (lan_addr->lun > 3) {
1361 spin_lock_irqsave(&intf->counter_lock, flags);
1362 intf->sent_invalid_commands++;
1363 spin_unlock_irqrestore(&intf->counter_lock, flags);
1364 rv = -EINVAL;
1365 goto out_err;
1366 }
1367
1368 memcpy(&recv_msg->addr, lan_addr, sizeof(*lan_addr));
1369
1370 if (recv_msg->msg.netfn & 0x1) {
1371 /* It's a response, so use the user's sequence
1372 from msgid. */
1373 spin_lock_irqsave(&intf->counter_lock, flags);
1374 intf->sent_lan_responses++;
1375 spin_unlock_irqrestore(&intf->counter_lock, flags);
1376 format_lan_msg(smi_msg, msg, lan_addr, msgid,
1377 msgid, source_lun);
1378
1379 /* Save the receive message so we can use it
1380 to deliver the response. */
1381 smi_msg->user_data = recv_msg;
1382 } else {
1383 /* It's a command, so get a sequence for it. */
1384
1385 spin_lock_irqsave(&(intf->seq_lock), flags);
1386
1387 spin_lock(&intf->counter_lock);
1388 intf->sent_lan_commands++;
1389 spin_unlock(&intf->counter_lock);
1390
1391 /* Create a sequence number with a 1 second
1392 timeout and 4 retries. */
1393 rv = intf_next_seq(intf,
1394 recv_msg,
1395 retry_time_ms,
1396 retries,
1397 0,
1398 &ipmb_seq,
1399 &seqid);
1400 if (rv) {
1401 /* We have used up all the sequence numbers,
1402 probably, so abort. */
1403 spin_unlock_irqrestore(&(intf->seq_lock),
1404 flags);
1405 goto out_err;
1406 }
1407
1408 /* Store the sequence number in the message,
1409 so that when the send message response
1410 comes back we can start the timer. */
1411 format_lan_msg(smi_msg, msg, lan_addr,
1412 STORE_SEQ_IN_MSGID(ipmb_seq, seqid),
1413 ipmb_seq, source_lun);
1414
1415 /* Copy the message into the recv message data, so we
1416 can retransmit it later if necessary. */
1417 memcpy(recv_msg->msg_data, smi_msg->data,
1418 smi_msg->data_size);
1419 recv_msg->msg.data = recv_msg->msg_data;
1420 recv_msg->msg.data_len = smi_msg->data_size;
1421
1422 /* We don't unlock until here, because we need
1423 to copy the completed message into the
1424 recv_msg before we release the lock.
1425 Otherwise, race conditions may bite us. I
1426 know that's pretty paranoid, but I prefer
1427 to be correct. */
1428 spin_unlock_irqrestore(&(intf->seq_lock), flags);
1429 }
1430 } else {
1431 /* Unknown address type. */
1432 spin_lock_irqsave(&intf->counter_lock, flags);
1433 intf->sent_invalid_commands++;
1434 spin_unlock_irqrestore(&intf->counter_lock, flags);
1435 rv = -EINVAL;
1436 goto out_err;
1437 }
1438
1439#ifdef DEBUG_MSGING
1440 {
1441 int m;
e8b33617 1442 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 1443 printk(" %2.2x", smi_msg->data[m]);
1444 printk("\n");
1445 }
1446#endif
1447 intf->handlers->sender(intf->send_info, smi_msg, priority);
1448
1449 return 0;
1450
1451 out_err:
1452 ipmi_free_smi_msg(smi_msg);
1453 ipmi_free_recv_msg(recv_msg);
1454 return rv;
1455}
1456
c14979b9
CM		 1457static int check_addr(ipmi_smi_t intf,
1458 struct ipmi_addr *addr,
1459 unsigned char *saddr,
1460 unsigned char *lun)
1461{
1462 if (addr->channel >= IPMI_MAX_CHANNELS)
1463 return -EINVAL;
1464 *lun = intf->channels[addr->channel].lun;
1465 *saddr = intf->channels[addr->channel].address;
1466 return 0;
1467}
1468
1da177e4
LT		 1469int ipmi_request_settime(ipmi_user_t user,
1470 struct ipmi_addr *addr,
1471 long msgid,
1472 struct kernel_ipmi_msg *msg,
1473 void *user_msg_data,
1474 int priority,
1475 int retries,
1476 unsigned int retry_time_ms)
1477{
c14979b9
CM		 1478 unsigned char saddr, lun;
1479 int rv;
1480
56a55ec6
CM		 1481 if (! user)
1482 return -EINVAL;
c14979b9
CM		 1483 rv = check_addr(user->intf, addr, &saddr, &lun);
1484 if (rv)
1485 return rv;
1da177e4
LT		 1486 return i_ipmi_request(user,
1487 user->intf,
1488 addr,
1489 msgid,
1490 msg,
1491 user_msg_data,
1492 NULL, NULL,
1493 priority,
c14979b9
CM		 1494 saddr,
1495 lun,
1da177e4
LT		 1496 retries,
1497 retry_time_ms);
1498}
1499
1500int ipmi_request_supply_msgs(ipmi_user_t user,
1501 struct ipmi_addr *addr,
1502 long msgid,
1503 struct kernel_ipmi_msg *msg,
1504 void *user_msg_data,
1505 void *supplied_smi,
1506 struct ipmi_recv_msg *supplied_recv,
1507 int priority)
1508{
c14979b9
CM		 1509 unsigned char saddr, lun;
1510 int rv;
1511
56a55ec6
CM		 1512 if (! user)
1513 return -EINVAL;
c14979b9
CM		 1514 rv = check_addr(user->intf, addr, &saddr, &lun);
1515 if (rv)
1516 return rv;
1da177e4
LT		 1517 return i_ipmi_request(user,
1518 user->intf,
1519 addr,
1520 msgid,
1521 msg,
1522 user_msg_data,
1523 supplied_smi,
1524 supplied_recv,
1525 priority,
c14979b9
CM		 1526 saddr,
1527 lun,
1da177e4
LT		 1528 -1, 0);
1529}
1530
1531static int ipmb_file_read_proc(char *page, char **start, off_t off,
1532 int count, int *eof, void *data)
1533{
1534 char *out = (char *) page;
1535 ipmi_smi_t intf = data;
c14979b9
CM		 1536 int i;
1537 int rv= 0;
1da177e4 1538
e8b33617 1539 for (i = 0; i < IPMI_MAX_CHANNELS; i++)
c14979b9
CM		 1540 rv += sprintf(out+rv, "%x ", intf->channels[i].address);
1541 out[rv-1] = '\n'; /* Replace the final space with a newline */
1542 out[rv] = '\0';
1543 rv++;
1544 return rv;
1da177e4
LT		 1545}
1546
1547static int version_file_read_proc(char *page, char **start, off_t off,
1548 int count, int *eof, void *data)
1549{
1550 char *out = (char *) page;
1551 ipmi_smi_t intf = data;
1552
1553 return sprintf(out, "%d.%d\n",
1554 intf->version_major, intf->version_minor);
1555}
1556
1557static int stat_file_read_proc(char *page, char **start, off_t off,
1558 int count, int *eof, void *data)
1559{
1560 char *out = (char *) page;
1561 ipmi_smi_t intf = data;
1562
1563 out += sprintf(out, "sent_invalid_commands: %d\n",
1564 intf->sent_invalid_commands);
1565 out += sprintf(out, "sent_local_commands: %d\n",
1566 intf->sent_local_commands);
1567 out += sprintf(out, "handled_local_responses: %d\n",
1568 intf->handled_local_responses);
1569 out += sprintf(out, "unhandled_local_responses: %d\n",
1570 intf->unhandled_local_responses);
1571 out += sprintf(out, "sent_ipmb_commands: %d\n",
1572 intf->sent_ipmb_commands);
1573 out += sprintf(out, "sent_ipmb_command_errs: %d\n",
1574 intf->sent_ipmb_command_errs);
1575 out += sprintf(out, "retransmitted_ipmb_commands: %d\n",
1576 intf->retransmitted_ipmb_commands);
1577 out += sprintf(out, "timed_out_ipmb_commands: %d\n",
1578 intf->timed_out_ipmb_commands);
1579 out += sprintf(out, "timed_out_ipmb_broadcasts: %d\n",
1580 intf->timed_out_ipmb_broadcasts);
1581 out += sprintf(out, "sent_ipmb_responses: %d\n",
1582 intf->sent_ipmb_responses);
1583 out += sprintf(out, "handled_ipmb_responses: %d\n",
1584 intf->handled_ipmb_responses);
1585 out += sprintf(out, "invalid_ipmb_responses: %d\n",
1586 intf->invalid_ipmb_responses);
1587 out += sprintf(out, "unhandled_ipmb_responses: %d\n",
1588 intf->unhandled_ipmb_responses);
1589 out += sprintf(out, "sent_lan_commands: %d\n",
1590 intf->sent_lan_commands);
1591 out += sprintf(out, "sent_lan_command_errs: %d\n",
1592 intf->sent_lan_command_errs);
1593 out += sprintf(out, "retransmitted_lan_commands: %d\n",
1594 intf->retransmitted_lan_commands);
1595 out += sprintf(out, "timed_out_lan_commands: %d\n",
1596 intf->timed_out_lan_commands);
1597 out += sprintf(out, "sent_lan_responses: %d\n",
1598 intf->sent_lan_responses);
1599 out += sprintf(out, "handled_lan_responses: %d\n",
1600 intf->handled_lan_responses);
1601 out += sprintf(out, "invalid_lan_responses: %d\n",
1602 intf->invalid_lan_responses);
1603 out += sprintf(out, "unhandled_lan_responses: %d\n",
1604 intf->unhandled_lan_responses);
1605 out += sprintf(out, "handled_commands: %d\n",
1606 intf->handled_commands);
1607 out += sprintf(out, "invalid_commands: %d\n",
1608 intf->invalid_commands);
1609 out += sprintf(out, "unhandled_commands: %d\n",
1610 intf->unhandled_commands);
1611 out += sprintf(out, "invalid_events: %d\n",
1612 intf->invalid_events);
1613 out += sprintf(out, "events: %d\n",
1614 intf->events);
1615
1616 return (out - ((char *) page));
1617}
1618
1619int ipmi_smi_add_proc_entry(ipmi_smi_t smi, char *name,
1620 read_proc_t *read_proc, write_proc_t *write_proc,
1621 void *data, struct module *owner)
1622{
1da177e4 1623 int rv = 0;
3b625943
CM		 1624#ifdef CONFIG_PROC_FS
1625 struct proc_dir_entry *file;
1da177e4
LT		 1626 struct ipmi_proc_entry *entry;
1627
1628 /* Create a list element. */
1629 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
1630 if (!entry)
1631 return -ENOMEM;
1632 entry->name = kmalloc(strlen(name)+1, GFP_KERNEL);
1633 if (!entry->name) {
1634 kfree(entry);
1635 return -ENOMEM;
1636 }
1637 strcpy(entry->name, name);
1638
1639 file = create_proc_entry(name, 0, smi->proc_dir);
1640 if (!file) {
1641 kfree(entry->name);
1642 kfree(entry);
1643 rv = -ENOMEM;
1644 } else {
1645 file->nlink = 1;
1646 file->data = data;
1647 file->read_proc = read_proc;
1648 file->write_proc = write_proc;
1649 file->owner = owner;
1650
3b625943 1651 spin_lock(&smi->proc_entry_lock);
1da177e4
LT		 1652 /* Stick it on the list. */
1653 entry->next = smi->proc_entries;
1654 smi->proc_entries = entry;
3b625943 1655 spin_unlock(&smi->proc_entry_lock);
1da177e4 1656 }
3b625943 1657#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1658
1659 return rv;
1660}
1661
1662static int add_proc_entries(ipmi_smi_t smi, int num)
1663{
1664 int rv = 0;
1665
3b625943 1666#ifdef CONFIG_PROC_FS
1da177e4
LT		 1667 sprintf(smi->proc_dir_name, "%d", num);
1668 smi->proc_dir = proc_mkdir(smi->proc_dir_name, proc_ipmi_root);
1669 if (!smi->proc_dir)
1670 rv = -ENOMEM;
1671 else {
1672 smi->proc_dir->owner = THIS_MODULE;
1673 }
1674
1675 if (rv == 0)
1676 rv = ipmi_smi_add_proc_entry(smi, "stats",
1677 stat_file_read_proc, NULL,
1678 smi, THIS_MODULE);
1679
1680 if (rv == 0)
1681 rv = ipmi_smi_add_proc_entry(smi, "ipmb",
1682 ipmb_file_read_proc, NULL,
1683 smi, THIS_MODULE);
1684
1685 if (rv == 0)
1686 rv = ipmi_smi_add_proc_entry(smi, "version",
1687 version_file_read_proc, NULL,
1688 smi, THIS_MODULE);
3b625943 1689#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1690
1691 return rv;
1692}
1693
1694static void remove_proc_entries(ipmi_smi_t smi)
1695{
3b625943 1696#ifdef CONFIG_PROC_FS
1da177e4
LT		 1697 struct ipmi_proc_entry *entry;
1698
3b625943 1699 spin_lock(&smi->proc_entry_lock);
1da177e4
LT		 1700 while (smi->proc_entries) {
1701 entry = smi->proc_entries;
1702 smi->proc_entries = entry->next;
1703
1704 remove_proc_entry(entry->name, smi->proc_dir);
1705 kfree(entry->name);
1706 kfree(entry);
1707 }
3b625943 1708 spin_unlock(&smi->proc_entry_lock);
1da177e4 1709 remove_proc_entry(smi->proc_dir_name, proc_ipmi_root);
3b625943 1710#endif /* CONFIG_PROC_FS */
1da177e4
LT		 1711}
1712
1713static int
1714send_channel_info_cmd(ipmi_smi_t intf, int chan)
1715{
1716 struct kernel_ipmi_msg msg;
1717 unsigned char data[1];
1718 struct ipmi_system_interface_addr si;
1719
1720 si.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
1721 si.channel = IPMI_BMC_CHANNEL;
1722 si.lun = 0;
1723
1724 msg.netfn = IPMI_NETFN_APP_REQUEST;
1725 msg.cmd = IPMI_GET_CHANNEL_INFO_CMD;
1726 msg.data = data;
1727 msg.data_len = 1;
1728 data[0] = chan;
1729 return i_ipmi_request(NULL,
1730 intf,
1731 (struct ipmi_addr *) &si,
1732 0,
1733 &msg,
56a55ec6 1734 intf,
1da177e4
LT		 1735 NULL,
1736 NULL,
1737 0,
c14979b9
CM		 1738 intf->channels[0].address,
1739 intf->channels[0].lun,
1da177e4
LT		 1740 -1, 0);
1741}
1742
1743static void
56a55ec6 1744channel_handler(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4
LT		 1745{
1746 int rv = 0;
1747 int chan;
1748
56a55ec6
CM		 1749 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
1750 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
1751 && (msg->msg.cmd == IPMI_GET_CHANNEL_INFO_CMD))
1da177e4
LT		 1752 {
1753 /* It's the one we want */
56a55ec6 1754 if (msg->msg.data[0] != 0) {
1da177e4
LT		 1755 /* Got an error from the channel, just go on. */
1756
56a55ec6 1757 if (msg->msg.data[0] == IPMI_INVALID_COMMAND_ERR) {
1da177e4
LT		 1758 /* If the MC does not support this
1759 command, that is legal. We just
1760 assume it has one IPMB at channel
1761 zero. */
1762 intf->channels[0].medium
1763 = IPMI_CHANNEL_MEDIUM_IPMB;
1764 intf->channels[0].protocol
1765 = IPMI_CHANNEL_PROTOCOL_IPMB;
1766 rv = -ENOSYS;
1767
1768 intf->curr_channel = IPMI_MAX_CHANNELS;
1769 wake_up(&intf->waitq);
1770 goto out;
1771 }
1772 goto next_channel;
1773 }
56a55ec6 1774 if (msg->msg.data_len < 4) {
1da177e4
LT		 1775 /* Message not big enough, just go on. */
1776 goto next_channel;
1777 }
1778 chan = intf->curr_channel;
56a55ec6
CM		 1779 intf->channels[chan].medium = msg->msg.data[2] & 0x7f;
1780 intf->channels[chan].protocol = msg->msg.data[3] & 0x1f;
1da177e4
LT		 1781
1782 next_channel:
1783 intf->curr_channel++;
1784 if (intf->curr_channel >= IPMI_MAX_CHANNELS)
1785 wake_up(&intf->waitq);
1786 else
1787 rv = send_channel_info_cmd(intf, intf->curr_channel);
1788
1789 if (rv) {
1790 /* Got an error somehow, just give up. */
1791 intf->curr_channel = IPMI_MAX_CHANNELS;
1792 wake_up(&intf->waitq);
1793
1794 printk(KERN_WARNING PFX
1795 "Error sending channel information: %d\n",
1796 rv);
1797 }
1798 }
1799 out:
1800 return;
1801}
1802
1803int ipmi_register_smi(struct ipmi_smi_handlers *handlers,
1804 void *send_info,
1805 unsigned char version_major,
1806 unsigned char version_minor,
1807 unsigned char slave_addr,
393d2cc3 1808 ipmi_smi_t *new_intf)
1da177e4
LT		 1809{
1810 int i, j;
1811 int rv;
393d2cc3 1812 ipmi_smi_t intf;
1da177e4
LT		 1813 unsigned long flags;
1814
1815
1816 /* Make sure the driver is actually initialized, this handles
1817 problems with initialization order. */
1818 if (!initialized) {
1819 rv = ipmi_init_msghandler();
1820 if (rv)
1821 return rv;
1822 /* The init code doesn't return an error if it was turned
1823 off, but it won't initialize. Check that. */
1824 if (!initialized)
1825 return -ENODEV;
1826 }
1827
393d2cc3
CM		 1828 intf = kmalloc(sizeof(*intf), GFP_KERNEL);
1829 if (!intf)
1da177e4 1830 return -ENOMEM;
393d2cc3
CM		 1831 memset(intf, 0, sizeof(*intf));
1832 intf->intf_num = -1;
1833 kref_init(&intf->refcount);
1834 intf->version_major = version_major;
1835 intf->version_minor = version_minor;
1836 for (j = 0; j < IPMI_MAX_CHANNELS; j++) {
1837 intf->channels[j].address = IPMI_BMC_SLAVE_ADDR;
1838 intf->channels[j].lun = 2;
1839 }
1840 if (slave_addr != 0)
1841 intf->channels[0].address = slave_addr;
1842 INIT_LIST_HEAD(&intf->users);
1843 intf->handlers = handlers;
1844 intf->send_info = send_info;
1845 spin_lock_init(&intf->seq_lock);
1846 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++) {
1847 intf->seq_table[j].inuse = 0;
1848 intf->seq_table[j].seqid = 0;
1849 }
1850 intf->curr_seq = 0;
1851#ifdef CONFIG_PROC_FS
1852 spin_lock_init(&intf->proc_entry_lock);
1853#endif
1854 spin_lock_init(&intf->waiting_msgs_lock);
1855 INIT_LIST_HEAD(&intf->waiting_msgs);
1856 spin_lock_init(&intf->events_lock);
1857 INIT_LIST_HEAD(&intf->waiting_events);
1858 intf->waiting_events_count = 0;
e61fb5b6 1859 init_MUTEX(&intf->cmd_rcvrs_lock);
393d2cc3
CM		 1860 INIT_LIST_HEAD(&intf->cmd_rcvrs);
1861 init_waitqueue_head(&intf->waitq);
1862
1863 spin_lock_init(&intf->counter_lock);
1864 intf->proc_dir = NULL;
1da177e4
LT		 1865
1866 rv = -ENOMEM;
393d2cc3 1867 spin_lock_irqsave(&interfaces_lock, flags);
e8b33617 1868 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 1869 if (ipmi_interfaces[i] == NULL) {
393d2cc3
CM		 1870 intf->intf_num = i;
1871 /* Reserve the entry till we are done. */
1872 ipmi_interfaces[i] = IPMI_INVALID_INTERFACE_ENTRY;
1da177e4 1873 rv = 0;
1da177e4
LT		 1874 break;
1875 }
1876 }
393d2cc3
CM		 1877 spin_unlock_irqrestore(&interfaces_lock, flags);
1878 if (rv)
1879 goto out;
1da177e4 1880
393d2cc3
CM		 1881 /* FIXME - this is an ugly kludge, this sets the intf for the
1882 caller before sending any messages with it. */
1883 *new_intf = intf;
1da177e4 1884
393d2cc3
CM		 1885 if ((version_major > 1)
1886 || ((version_major == 1) && (version_minor >= 5)))
1887 {
1888 /* Start scanning the channels to see what is
1889 available. */
1890 intf->null_user_handler = channel_handler;
1891 intf->curr_channel = 0;
1892 rv = send_channel_info_cmd(intf, 0);
1893 if (rv)
1894 goto out;
1da177e4 1895
393d2cc3
CM		 1896 /* Wait for the channel info to be read. */
1897 wait_event(intf->waitq,
1898 intf->curr_channel >= IPMI_MAX_CHANNELS);
1899 } else {
1900 /* Assume a single IPMB channel at zero. */
1901 intf->channels[0].medium = IPMI_CHANNEL_MEDIUM_IPMB;
1902 intf->channels[0].protocol = IPMI_CHANNEL_PROTOCOL_IPMB;
1da177e4
LT		 1903 }
1904
393d2cc3
CM		 1905 if (rv == 0)
1906 rv = add_proc_entries(intf, i);
1da177e4 1907
393d2cc3 1908 out:
1da177e4 1909 if (rv) {
393d2cc3
CM		 1910 if (intf->proc_dir)
1911 remove_proc_entries(intf);
1912 kref_put(&intf->refcount, intf_free);
1913 if (i < MAX_IPMI_INTERFACES) {
1914 spin_lock_irqsave(&interfaces_lock, flags);
1915 ipmi_interfaces[i] = NULL;
1916 spin_unlock_irqrestore(&interfaces_lock, flags);
1917 }
1918 } else {
1919 spin_lock_irqsave(&interfaces_lock, flags);
1920 ipmi_interfaces[i] = intf;
1921 spin_unlock_irqrestore(&interfaces_lock, flags);
1922 call_smi_watchers(i);
1da177e4
LT		 1923 }
1924
1925 return rv;
1926}
1927
1da177e4
LT		 1928int ipmi_unregister_smi(ipmi_smi_t intf)
1929{
1da177e4
LT		 1930 int i;
1931 struct ipmi_smi_watcher *w;
1932 unsigned long flags;
1933
393d2cc3
CM		 1934 spin_lock_irqsave(&interfaces_lock, flags);
1935 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1936 if (ipmi_interfaces[i] == intf) {
1937 /* Set the interface number reserved until we
1938 * are done. */
1939 ipmi_interfaces[i] = IPMI_INVALID_INTERFACE_ENTRY;
1940 intf->intf_num = -1;
1941 break;
1da177e4 1942 }
1da177e4 1943 }
393d2cc3 1944 spin_unlock_irqrestore(&interfaces_lock,flags);
1da177e4 1945
393d2cc3
CM		 1946 if (i == MAX_IPMI_INTERFACES)
1947 return -ENODEV;
1da177e4 1948
393d2cc3 1949 remove_proc_entries(intf);
1da177e4
LT		 1950
1951 /* Call all the watcher interfaces to tell them that
1952 an interface is gone. */
1953 down_read(&smi_watchers_sem);
393d2cc3 1954 list_for_each_entry(w, &smi_watchers, link)
1da177e4 1955 w->smi_gone(i);
1da177e4 1956 up_read(&smi_watchers_sem);
393d2cc3
CM		 1957
1958 /* Allow the entry to be reused now. */
1959 spin_lock_irqsave(&interfaces_lock, flags);
1960 ipmi_interfaces[i] = NULL;
1961 spin_unlock_irqrestore(&interfaces_lock,flags);
1962
1963 kref_put(&intf->refcount, intf_free);
1da177e4
LT		 1964 return 0;
1965}
1966
1967static int handle_ipmb_get_msg_rsp(ipmi_smi_t intf,
1968 struct ipmi_smi_msg *msg)
1969{
1970 struct ipmi_ipmb_addr ipmb_addr;
1971 struct ipmi_recv_msg *recv_msg;
1972 unsigned long flags;
1973
1974
1975 /* This is 11, not 10, because the response must contain a
1976 * completion code. */
1977 if (msg->rsp_size < 11) {
1978 /* Message not big enough, just ignore it. */
1979 spin_lock_irqsave(&intf->counter_lock, flags);
1980 intf->invalid_ipmb_responses++;
1981 spin_unlock_irqrestore(&intf->counter_lock, flags);
1982 return 0;
1983 }
1984
1985 if (msg->rsp[2] != 0) {
1986 /* An error getting the response, just ignore it. */
1987 return 0;
1988 }
1989
1990 ipmb_addr.addr_type = IPMI_IPMB_ADDR_TYPE;
1991 ipmb_addr.slave_addr = msg->rsp[6];
1992 ipmb_addr.channel = msg->rsp[3] & 0x0f;
1993 ipmb_addr.lun = msg->rsp[7] & 3;
1994
1995 /* It's a response from a remote entity. Look up the sequence
1996 number and handle the response. */
1997 if (intf_find_seq(intf,
1998 msg->rsp[7] >> 2,
1999 msg->rsp[3] & 0x0f,
2000 msg->rsp[8],
2001 (msg->rsp[4] >> 2) & (~1),
2002 (struct ipmi_addr *) &(ipmb_addr),
2003 &recv_msg))
2004 {
2005 /* We were unable to find the sequence number,
2006 so just nuke the message. */
2007 spin_lock_irqsave(&intf->counter_lock, flags);
2008 intf->unhandled_ipmb_responses++;
2009 spin_unlock_irqrestore(&intf->counter_lock, flags);
2010 return 0;
2011 }
2012
2013 memcpy(recv_msg->msg_data,
2014 &(msg->rsp[9]),
2015 msg->rsp_size - 9);
2016 /* THe other fields matched, so no need to set them, except
2017 for netfn, which needs to be the response that was
2018 returned, not the request value. */
2019 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2020 recv_msg->msg.data = recv_msg->msg_data;
2021 recv_msg->msg.data_len = msg->rsp_size - 10;
2022 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2023 spin_lock_irqsave(&intf->counter_lock, flags);
2024 intf->handled_ipmb_responses++;
2025 spin_unlock_irqrestore(&intf->counter_lock, flags);
2026 deliver_response(recv_msg);
2027
2028 return 0;
2029}
2030
2031static int handle_ipmb_get_msg_cmd(ipmi_smi_t intf,
2032 struct ipmi_smi_msg *msg)
2033{
393d2cc3
CM		 2034 struct cmd_rcvr *rcvr;
2035 int rv = 0;
2036 unsigned char netfn;
2037 unsigned char cmd;
2038 ipmi_user_t user = NULL;
2039 struct ipmi_ipmb_addr *ipmb_addr;
2040 struct ipmi_recv_msg *recv_msg;
2041 unsigned long flags;
1da177e4
LT		 2042
2043 if (msg->rsp_size < 10) {
2044 /* Message not big enough, just ignore it. */
2045 spin_lock_irqsave(&intf->counter_lock, flags);
2046 intf->invalid_commands++;
2047 spin_unlock_irqrestore(&intf->counter_lock, flags);
2048 return 0;
2049 }
2050
2051 if (msg->rsp[2] != 0) {
2052 /* An error getting the response, just ignore it. */
2053 return 0;
2054 }
2055
2056 netfn = msg->rsp[4] >> 2;
2057 cmd = msg->rsp[8];
2058
e61fb5b6 2059 rcu_read_lock();
393d2cc3
CM		 2060 rcvr = find_cmd_rcvr(intf, netfn, cmd);
2061 if (rcvr) {
2062 user = rcvr->user;
2063 kref_get(&user->refcount);
2064 } else
2065 user = NULL;
e61fb5b6 2066 rcu_read_unlock();
1da177e4
LT		 2067
2068 if (user == NULL) {
2069 /* We didn't find a user, deliver an error response. */
2070 spin_lock_irqsave(&intf->counter_lock, flags);
2071 intf->unhandled_commands++;
2072 spin_unlock_irqrestore(&intf->counter_lock, flags);
2073
2074 msg->data[0] = (IPMI_NETFN_APP_REQUEST << 2);
2075 msg->data[1] = IPMI_SEND_MSG_CMD;
2076 msg->data[2] = msg->rsp[3];
2077 msg->data[3] = msg->rsp[6];
2078 msg->data[4] = ((netfn + 1) << 2) | (msg->rsp[7] & 0x3);
2079 msg->data[5] = ipmb_checksum(&(msg->data[3]), 2);
c14979b9 2080 msg->data[6] = intf->channels[msg->rsp[3] & 0xf].address;
1da177e4
LT		 2081 /* rqseq/lun */
2082 msg->data[7] = (msg->rsp[7] & 0xfc) | (msg->rsp[4] & 0x3);
2083 msg->data[8] = msg->rsp[8]; /* cmd */
2084 msg->data[9] = IPMI_INVALID_CMD_COMPLETION_CODE;
2085 msg->data[10] = ipmb_checksum(&(msg->data[6]), 4);
2086 msg->data_size = 11;
2087
2088#ifdef DEBUG_MSGING
2089 {
2090 int m;
2091 printk("Invalid command:");
e8b33617 2092 for (m = 0; m < msg->data_size; m++)
1da177e4
LT		 2093 printk(" %2.2x", msg->data[m]);
2094 printk("\n");
2095 }
2096#endif
2097 intf->handlers->sender(intf->send_info, msg, 0);
2098
2099 rv = -1; /* We used the message, so return the value that
2100 causes it to not be freed or queued. */
2101 } else {
2102 /* Deliver the message to the user. */
2103 spin_lock_irqsave(&intf->counter_lock, flags);
2104 intf->handled_commands++;
2105 spin_unlock_irqrestore(&intf->counter_lock, flags);
2106
2107 recv_msg = ipmi_alloc_recv_msg();
2108 if (! recv_msg) {
2109 /* We couldn't allocate memory for the
2110 message, so requeue it for handling
2111 later. */
2112 rv = 1;
393d2cc3 2113 kref_put(&user->refcount, free_user);
1da177e4
LT		 2114 } else {
2115 /* Extract the source address from the data. */
2116 ipmb_addr = (struct ipmi_ipmb_addr *) &recv_msg->addr;
2117 ipmb_addr->addr_type = IPMI_IPMB_ADDR_TYPE;
2118 ipmb_addr->slave_addr = msg->rsp[6];
2119 ipmb_addr->lun = msg->rsp[7] & 3;
2120 ipmb_addr->channel = msg->rsp[3] & 0xf;
2121
2122 /* Extract the rest of the message information
2123 from the IPMB header.*/
2124 recv_msg->user = user;
2125 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2126 recv_msg->msgid = msg->rsp[7] >> 2;
2127 recv_msg->msg.netfn = msg->rsp[4] >> 2;
2128 recv_msg->msg.cmd = msg->rsp[8];
2129 recv_msg->msg.data = recv_msg->msg_data;
2130
2131 /* We chop off 10, not 9 bytes because the checksum
2132 at the end also needs to be removed. */
2133 recv_msg->msg.data_len = msg->rsp_size - 10;
2134 memcpy(recv_msg->msg_data,
2135 &(msg->rsp[9]),
2136 msg->rsp_size - 10);
2137 deliver_response(recv_msg);
2138 }
2139 }
2140
2141 return rv;
2142}
2143
2144static int handle_lan_get_msg_rsp(ipmi_smi_t intf,
2145 struct ipmi_smi_msg *msg)
2146{
2147 struct ipmi_lan_addr lan_addr;
2148 struct ipmi_recv_msg *recv_msg;
2149 unsigned long flags;
2150
2151
2152 /* This is 13, not 12, because the response must contain a
2153 * completion code. */
2154 if (msg->rsp_size < 13) {
2155 /* Message not big enough, just ignore it. */
2156 spin_lock_irqsave(&intf->counter_lock, flags);
2157 intf->invalid_lan_responses++;
2158 spin_unlock_irqrestore(&intf->counter_lock, flags);
2159 return 0;
2160 }
2161
2162 if (msg->rsp[2] != 0) {
2163 /* An error getting the response, just ignore it. */
2164 return 0;
2165 }
2166
2167 lan_addr.addr_type = IPMI_LAN_ADDR_TYPE;
2168 lan_addr.session_handle = msg->rsp[4];
2169 lan_addr.remote_SWID = msg->rsp[8];
2170 lan_addr.local_SWID = msg->rsp[5];
2171 lan_addr.channel = msg->rsp[3] & 0x0f;
2172 lan_addr.privilege = msg->rsp[3] >> 4;
2173 lan_addr.lun = msg->rsp[9] & 3;
2174
2175 /* It's a response from a remote entity. Look up the sequence
2176 number and handle the response. */
2177 if (intf_find_seq(intf,
2178 msg->rsp[9] >> 2,
2179 msg->rsp[3] & 0x0f,
2180 msg->rsp[10],
2181 (msg->rsp[6] >> 2) & (~1),
2182 (struct ipmi_addr *) &(lan_addr),
2183 &recv_msg))
2184 {
2185 /* We were unable to find the sequence number,
2186 so just nuke the message. */
2187 spin_lock_irqsave(&intf->counter_lock, flags);
2188 intf->unhandled_lan_responses++;
2189 spin_unlock_irqrestore(&intf->counter_lock, flags);
2190 return 0;
2191 }
2192
2193 memcpy(recv_msg->msg_data,
2194 &(msg->rsp[11]),
2195 msg->rsp_size - 11);
2196 /* The other fields matched, so no need to set them, except
2197 for netfn, which needs to be the response that was
2198 returned, not the request value. */
2199 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2200 recv_msg->msg.data = recv_msg->msg_data;
2201 recv_msg->msg.data_len = msg->rsp_size - 12;
2202 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2203 spin_lock_irqsave(&intf->counter_lock, flags);
2204 intf->handled_lan_responses++;
2205 spin_unlock_irqrestore(&intf->counter_lock, flags);
2206 deliver_response(recv_msg);
2207
2208 return 0;
2209}
2210
2211static int handle_lan_get_msg_cmd(ipmi_smi_t intf,
2212 struct ipmi_smi_msg *msg)
2213{
393d2cc3
CM		 2214 struct cmd_rcvr *rcvr;
2215 int rv = 0;
2216 unsigned char netfn;
2217 unsigned char cmd;
2218 ipmi_user_t user = NULL;
2219 struct ipmi_lan_addr *lan_addr;
2220 struct ipmi_recv_msg *recv_msg;
2221 unsigned long flags;
1da177e4
LT		 2222
2223 if (msg->rsp_size < 12) {
2224 /* Message not big enough, just ignore it. */
2225 spin_lock_irqsave(&intf->counter_lock, flags);
2226 intf->invalid_commands++;
2227 spin_unlock_irqrestore(&intf->counter_lock, flags);
2228 return 0;
2229 }
2230
2231 if (msg->rsp[2] != 0) {
2232 /* An error getting the response, just ignore it. */
2233 return 0;
2234 }
2235
2236 netfn = msg->rsp[6] >> 2;
2237 cmd = msg->rsp[10];
2238
e61fb5b6 2239 rcu_read_lock();
393d2cc3
CM		 2240 rcvr = find_cmd_rcvr(intf, netfn, cmd);
2241 if (rcvr) {
2242 user = rcvr->user;
2243 kref_get(&user->refcount);
2244 } else
2245 user = NULL;
e61fb5b6 2246 rcu_read_unlock();
1da177e4
LT		 2247
2248 if (user == NULL) {
393d2cc3 2249 /* We didn't find a user, just give up. */
1da177e4
LT		 2250 spin_lock_irqsave(&intf->counter_lock, flags);
2251 intf->unhandled_commands++;
2252 spin_unlock_irqrestore(&intf->counter_lock, flags);
2253
2254 rv = 0; /* Don't do anything with these messages, just
2255 allow them to be freed. */
2256 } else {
2257 /* Deliver the message to the user. */
2258 spin_lock_irqsave(&intf->counter_lock, flags);
2259 intf->handled_commands++;
2260 spin_unlock_irqrestore(&intf->counter_lock, flags);
2261
2262 recv_msg = ipmi_alloc_recv_msg();
2263 if (! recv_msg) {
2264 /* We couldn't allocate memory for the
2265 message, so requeue it for handling
2266 later. */
2267 rv = 1;
393d2cc3 2268 kref_put(&user->refcount, free_user);
1da177e4
LT		 2269 } else {
2270 /* Extract the source address from the data. */
2271 lan_addr = (struct ipmi_lan_addr *) &recv_msg->addr;
2272 lan_addr->addr_type = IPMI_LAN_ADDR_TYPE;
2273 lan_addr->session_handle = msg->rsp[4];
2274 lan_addr->remote_SWID = msg->rsp[8];
2275 lan_addr->local_SWID = msg->rsp[5];
2276 lan_addr->lun = msg->rsp[9] & 3;
2277 lan_addr->channel = msg->rsp[3] & 0xf;
2278 lan_addr->privilege = msg->rsp[3] >> 4;
2279
2280 /* Extract the rest of the message information
2281 from the IPMB header.*/
2282 recv_msg->user = user;
2283 recv_msg->recv_type = IPMI_CMD_RECV_TYPE;
2284 recv_msg->msgid = msg->rsp[9] >> 2;
2285 recv_msg->msg.netfn = msg->rsp[6] >> 2;
2286 recv_msg->msg.cmd = msg->rsp[10];
2287 recv_msg->msg.data = recv_msg->msg_data;
2288
2289 /* We chop off 12, not 11 bytes because the checksum
2290 at the end also needs to be removed. */
2291 recv_msg->msg.data_len = msg->rsp_size - 12;
2292 memcpy(recv_msg->msg_data,
2293 &(msg->rsp[11]),
2294 msg->rsp_size - 12);
2295 deliver_response(recv_msg);
2296 }
2297 }
2298
2299 return rv;
2300}
2301
2302static void copy_event_into_recv_msg(struct ipmi_recv_msg *recv_msg,
2303 struct ipmi_smi_msg *msg)
2304{
2305 struct ipmi_system_interface_addr *smi_addr;
2306
2307 recv_msg->msgid = 0;
2308 smi_addr = (struct ipmi_system_interface_addr *) &(recv_msg->addr);
2309 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2310 smi_addr->channel = IPMI_BMC_CHANNEL;
2311 smi_addr->lun = msg->rsp[0] & 3;
2312 recv_msg->recv_type = IPMI_ASYNC_EVENT_RECV_TYPE;
2313 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2314 recv_msg->msg.cmd = msg->rsp[1];
2315 memcpy(recv_msg->msg_data, &(msg->rsp[3]), msg->rsp_size - 3);
2316 recv_msg->msg.data = recv_msg->msg_data;
2317 recv_msg->msg.data_len = msg->rsp_size - 3;
2318}
2319
1da177e4
LT		 2320static int handle_read_event_rsp(ipmi_smi_t intf,
2321 struct ipmi_smi_msg *msg)
2322{
2323 struct ipmi_recv_msg *recv_msg, *recv_msg2;
2324 struct list_head msgs;
2325 ipmi_user_t user;
2326 int rv = 0;
2327 int deliver_count = 0;
2328 unsigned long flags;
2329
2330 if (msg->rsp_size < 19) {
2331 /* Message is too small to be an IPMB event. */
2332 spin_lock_irqsave(&intf->counter_lock, flags);
2333 intf->invalid_events++;
2334 spin_unlock_irqrestore(&intf->counter_lock, flags);
2335 return 0;
2336 }
2337
2338 if (msg->rsp[2] != 0) {
2339 /* An error getting the event, just ignore it. */
2340 return 0;
2341 }
2342
2343 INIT_LIST_HEAD(&msgs);
2344
393d2cc3 2345 spin_lock_irqsave(&intf->events_lock, flags);
1da177e4
LT		 2346
2347 spin_lock(&intf->counter_lock);
2348 intf->events++;
2349 spin_unlock(&intf->counter_lock);
2350
2351 /* Allocate and fill in one message for every user that is getting
2352 events. */
393d2cc3
CM		 2353 rcu_read_lock();
2354 list_for_each_entry_rcu(user, &intf->users, link) {
1da177e4
LT		 2355 if (! user->gets_events)
2356 continue;
2357
2358 recv_msg = ipmi_alloc_recv_msg();
2359 if (! recv_msg) {
393d2cc3 2360 rcu_read_unlock();
1da177e4
LT		 2361 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2362 list_del(&recv_msg->link);
2363 ipmi_free_recv_msg(recv_msg);
2364 }
2365 /* We couldn't allocate memory for the
2366 message, so requeue it for handling
2367 later. */
2368 rv = 1;
2369 goto out;
2370 }
2371
2372 deliver_count++;
2373
2374 copy_event_into_recv_msg(recv_msg, msg);
2375 recv_msg->user = user;
393d2cc3 2376 kref_get(&user->refcount);
1da177e4
LT		 2377 list_add_tail(&(recv_msg->link), &msgs);
2378 }
393d2cc3 2379 rcu_read_unlock();
1da177e4
LT		 2380
2381 if (deliver_count) {
2382 /* Now deliver all the messages. */
2383 list_for_each_entry_safe(recv_msg, recv_msg2, &msgs, link) {
2384 list_del(&recv_msg->link);
2385 deliver_response(recv_msg);
2386 }
2387 } else if (intf->waiting_events_count < MAX_EVENTS_IN_QUEUE) {
2388 /* No one to receive the message, put it in queue if there's
2389 not already too many things in the queue. */
2390 recv_msg = ipmi_alloc_recv_msg();
2391 if (! recv_msg) {
2392 /* We couldn't allocate memory for the
2393 message, so requeue it for handling
2394 later. */
2395 rv = 1;
2396 goto out;
2397 }
2398
2399 copy_event_into_recv_msg(recv_msg, msg);
2400 list_add_tail(&(recv_msg->link), &(intf->waiting_events));
2401 } else {
2402 /* There's too many things in the queue, discard this
2403 message. */
2404 printk(KERN_WARNING PFX "Event queue full, discarding an"
2405 " incoming event\n");
2406 }
2407
2408 out:
2409 spin_unlock_irqrestore(&(intf->events_lock), flags);
2410
2411 return rv;
2412}
2413
2414static int handle_bmc_rsp(ipmi_smi_t intf,
2415 struct ipmi_smi_msg *msg)
2416{
2417 struct ipmi_recv_msg *recv_msg;
1da177e4 2418 unsigned long flags;
393d2cc3 2419 struct ipmi_user *user;
1da177e4
LT		 2420
2421 recv_msg = (struct ipmi_recv_msg *) msg->user_data;
56a55ec6
CM		 2422 if (recv_msg == NULL)
2423 {
2424 printk(KERN_WARNING"IPMI message received with no owner. This\n"
2425 "could be because of a malformed message, or\n"
2426 "because of a hardware error. Contact your\n"
2427 "hardware vender for assistance\n");
2428 return 0;
2429 }
1da177e4 2430
393d2cc3 2431 user = recv_msg->user;
1da177e4 2432 /* Make sure the user still exists. */
393d2cc3 2433 if (user && !user->valid) {
56a55ec6
CM		 2434 /* The user for the message went away, so give up. */
2435 spin_lock_irqsave(&intf->counter_lock, flags);
2436 intf->unhandled_local_responses++;
2437 spin_unlock_irqrestore(&intf->counter_lock, flags);
1da177e4
LT		 2438 ipmi_free_recv_msg(recv_msg);
2439 } else {
2440 struct ipmi_system_interface_addr *smi_addr;
2441
2442 spin_lock_irqsave(&intf->counter_lock, flags);
2443 intf->handled_local_responses++;
2444 spin_unlock_irqrestore(&intf->counter_lock, flags);
2445 recv_msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2446 recv_msg->msgid = msg->msgid;
2447 smi_addr = ((struct ipmi_system_interface_addr *)
2448 &(recv_msg->addr));
2449 smi_addr->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2450 smi_addr->channel = IPMI_BMC_CHANNEL;
2451 smi_addr->lun = msg->rsp[0] & 3;
2452 recv_msg->msg.netfn = msg->rsp[0] >> 2;
2453 recv_msg->msg.cmd = msg->rsp[1];
2454 memcpy(recv_msg->msg_data,
2455 &(msg->rsp[2]),
2456 msg->rsp_size - 2);
2457 recv_msg->msg.data = recv_msg->msg_data;
2458 recv_msg->msg.data_len = msg->rsp_size - 2;
2459 deliver_response(recv_msg);
2460 }
2461
2462 return 0;
2463}
2464
2465/* Handle a new message. Return 1 if the message should be requeued,
2466 0 if the message should be freed, or -1 if the message should not
2467 be freed or requeued. */
2468static int handle_new_recv_msg(ipmi_smi_t intf,
2469 struct ipmi_smi_msg *msg)
2470{
2471 int requeue;
2472 int chan;
2473
2474#ifdef DEBUG_MSGING
2475 int m;
2476 printk("Recv:");
e8b33617 2477 for (m = 0; m < msg->rsp_size; m++)
1da177e4
LT		 2478 printk(" %2.2x", msg->rsp[m]);
2479 printk("\n");
2480#endif
2481 if (msg->rsp_size < 2) {
2482 /* Message is too small to be correct. */
2483 printk(KERN_WARNING PFX "BMC returned to small a message"
2484 " for netfn %x cmd %x, got %d bytes\n",
2485 (msg->data[0] >> 2) | 1, msg->data[1], msg->rsp_size);
2486
2487 /* Generate an error response for the message. */
2488 msg->rsp[0] = msg->data[0] | (1 << 2);
2489 msg->rsp[1] = msg->data[1];
2490 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2491 msg->rsp_size = 3;
2492 } else if (((msg->rsp[0] >> 2) != ((msg->data[0] >> 2) | 1))/* Netfn */
2493 || (msg->rsp[1] != msg->data[1])) /* Command */
2494 {
2495 /* The response is not even marginally correct. */
2496 printk(KERN_WARNING PFX "BMC returned incorrect response,"
2497 " expected netfn %x cmd %x, got netfn %x cmd %x\n",
2498 (msg->data[0] >> 2) | 1, msg->data[1],
2499 msg->rsp[0] >> 2, msg->rsp[1]);
2500
2501 /* Generate an error response for the message. */
2502 msg->rsp[0] = msg->data[0] | (1 << 2);
2503 msg->rsp[1] = msg->data[1];
2504 msg->rsp[2] = IPMI_ERR_UNSPECIFIED;
2505 msg->rsp_size = 3;
2506 }
2507
2508 if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2509 && (msg->rsp[1] == IPMI_SEND_MSG_CMD)
2510 && (msg->user_data != NULL))
2511 {
2512 /* It's a response to a response we sent. For this we
2513 deliver a send message response to the user. */
393d2cc3 2514 struct ipmi_recv_msg *recv_msg = msg->user_data;
1da177e4
LT		 2515
2516 requeue = 0;
2517 if (msg->rsp_size < 2)
2518 /* Message is too small to be correct. */
2519 goto out;
2520
2521 chan = msg->data[2] & 0x0f;
2522 if (chan >= IPMI_MAX_CHANNELS)
2523 /* Invalid channel number */
2524 goto out;
2525
393d2cc3
CM		 2526 if (!recv_msg)
2527 goto out;
2528
2529 /* Make sure the user still exists. */
2530 if (!recv_msg->user || !recv_msg->user->valid)
2531 goto out;
2532
2533 recv_msg->recv_type = IPMI_RESPONSE_RESPONSE_TYPE;
2534 recv_msg->msg.data = recv_msg->msg_data;
2535 recv_msg->msg.data_len = 1;
2536 recv_msg->msg_data[0] = msg->rsp[2];
2537 deliver_response(recv_msg);
1da177e4
LT		 2538 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2539 && (msg->rsp[1] == IPMI_GET_MSG_CMD))
2540 {
2541 /* It's from the receive queue. */
2542 chan = msg->rsp[3] & 0xf;
2543 if (chan >= IPMI_MAX_CHANNELS) {
2544 /* Invalid channel number */
2545 requeue = 0;
2546 goto out;
2547 }
2548
2549 switch (intf->channels[chan].medium) {
2550 case IPMI_CHANNEL_MEDIUM_IPMB:
2551 if (msg->rsp[4] & 0x04) {
2552 /* It's a response, so find the
2553 requesting message and send it up. */
2554 requeue = handle_ipmb_get_msg_rsp(intf, msg);
2555 } else {
2556 /* It's a command to the SMS from some other
2557 entity. Handle that. */
2558 requeue = handle_ipmb_get_msg_cmd(intf, msg);
2559 }
2560 break;
2561
2562 case IPMI_CHANNEL_MEDIUM_8023LAN:
2563 case IPMI_CHANNEL_MEDIUM_ASYNC:
2564 if (msg->rsp[6] & 0x04) {
2565 /* It's a response, so find the
2566 requesting message and send it up. */
2567 requeue = handle_lan_get_msg_rsp(intf, msg);
2568 } else {
2569 /* It's a command to the SMS from some other
2570 entity. Handle that. */
2571 requeue = handle_lan_get_msg_cmd(intf, msg);
2572 }
2573 break;
2574
2575 default:
2576 /* We don't handle the channel type, so just
2577 * free the message. */
2578 requeue = 0;
2579 }
2580
2581 } else if ((msg->rsp[0] == ((IPMI_NETFN_APP_REQUEST|1) << 2))
2582 && (msg->rsp[1] == IPMI_READ_EVENT_MSG_BUFFER_CMD))
2583 {
2584 /* It's an asyncronous event. */
2585 requeue = handle_read_event_rsp(intf, msg);
2586 } else {
2587 /* It's a response from the local BMC. */
2588 requeue = handle_bmc_rsp(intf, msg);
2589 }
2590
2591 out:
2592 return requeue;
2593}
2594
2595/* Handle a new message from the lower layer. */
2596void ipmi_smi_msg_received(ipmi_smi_t intf,
2597 struct ipmi_smi_msg *msg)
2598{
2599 unsigned long flags;
2600 int rv;
2601
2602
1da177e4
LT		 2603 if ((msg->data_size >= 2)
2604 && (msg->data[0] == (IPMI_NETFN_APP_REQUEST << 2))
2605 && (msg->data[1] == IPMI_SEND_MSG_CMD)
393d2cc3
CM		 2606 && (msg->user_data == NULL))
2607 {
1da177e4
LT		 2608 /* This is the local response to a command send, start
2609 the timer for these. The user_data will not be
2610 NULL if this is a response send, and we will let
2611 response sends just go through. */
2612
2613 /* Check for errors, if we get certain errors (ones
2614 that mean basically we can try again later), we
2615 ignore them and start the timer. Otherwise we
2616 report the error immediately. */
2617 if ((msg->rsp_size >= 3) && (msg->rsp[2] != 0)
2618 && (msg->rsp[2] != IPMI_NODE_BUSY_ERR)
2619 && (msg->rsp[2] != IPMI_LOST_ARBITRATION_ERR))
2620 {
2621 int chan = msg->rsp[3] & 0xf;
2622
2623 /* Got an error sending the message, handle it. */
2624 spin_lock_irqsave(&intf->counter_lock, flags);
2625 if (chan >= IPMI_MAX_CHANNELS)
2626 ; /* This shouldn't happen */
2627 else if ((intf->channels[chan].medium
2628 == IPMI_CHANNEL_MEDIUM_8023LAN)
2629 || (intf->channels[chan].medium
2630 == IPMI_CHANNEL_MEDIUM_ASYNC))
2631 intf->sent_lan_command_errs++;
2632 else
2633 intf->sent_ipmb_command_errs++;
2634 spin_unlock_irqrestore(&intf->counter_lock, flags);
2635 intf_err_seq(intf, msg->msgid, msg->rsp[2]);
2636 } else {
2637 /* The message was sent, start the timer. */
2638 intf_start_seq_timer(intf, msg->msgid);
2639 }
2640
2641 ipmi_free_smi_msg(msg);
393d2cc3 2642 goto out;
1da177e4
LT		 2643 }
2644
2645 /* To preserve message order, if the list is not empty, we
2646 tack this message onto the end of the list. */
393d2cc3
CM		 2647 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
2648 if (!list_empty(&intf->waiting_msgs)) {
2649 list_add_tail(&msg->link, &intf->waiting_msgs);
177294d1 2650 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
393d2cc3 2651 goto out;
1da177e4 2652 }
393d2cc3 2653 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
1da177e4
LT		 2654
2655 rv = handle_new_recv_msg(intf, msg);
2656 if (rv > 0) {
2657 /* Could not handle the message now, just add it to a
2658 list to handle later. */
177294d1 2659 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
393d2cc3 2660 list_add_tail(&msg->link, &intf->waiting_msgs);
177294d1 2661 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
1da177e4
LT		 2662 } else if (rv == 0) {
2663 ipmi_free_smi_msg(msg);
2664 }
2665
393d2cc3
CM		 2666 out:
2667 return;
1da177e4
LT		 2668}
2669
2670void ipmi_smi_watchdog_pretimeout(ipmi_smi_t intf)
2671{
2672 ipmi_user_t user;
2673
393d2cc3
CM		 2674 rcu_read_lock();
2675 list_for_each_entry_rcu(user, &intf->users, link) {
1da177e4
LT		 2676 if (! user->handler->ipmi_watchdog_pretimeout)
2677 continue;
2678
2679 user->handler->ipmi_watchdog_pretimeout(user->handler_data);
2680 }
393d2cc3 2681 rcu_read_unlock();
1da177e4
LT		 2682}
2683
2684static void
2685handle_msg_timeout(struct ipmi_recv_msg *msg)
2686{
2687 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
2688 msg->msg_data[0] = IPMI_TIMEOUT_COMPLETION_CODE;
2689 msg->msg.netfn |= 1; /* Convert to a response. */
2690 msg->msg.data_len = 1;
2691 msg->msg.data = msg->msg_data;
2692 deliver_response(msg);
2693}
2694
882fe011
CM		 2695static struct ipmi_smi_msg *
2696smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg,
2697 unsigned char seq, long seqid)
1da177e4 2698{
882fe011 2699 struct ipmi_smi_msg *smi_msg = ipmi_alloc_smi_msg();
1da177e4
LT		 2700 if (!smi_msg)
2701 /* If we can't allocate the message, then just return, we
2702 get 4 retries, so this should be ok. */
882fe011 2703 return NULL;
1da177e4
LT		 2704
2705 memcpy(smi_msg->data, recv_msg->msg.data, recv_msg->msg.data_len);
2706 smi_msg->data_size = recv_msg->msg.data_len;
2707 smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);
2708
1da177e4
LT		 2709#ifdef DEBUG_MSGING
2710 {
2711 int m;
2712 printk("Resend: ");
e8b33617 2713 for (m = 0; m < smi_msg->data_size; m++)
1da177e4
LT		 2714 printk(" %2.2x", smi_msg->data[m]);
2715 printk("\n");
2716 }
2717#endif
882fe011 2718 return smi_msg;
1da177e4
LT		 2719}
2720
393d2cc3
CM		 2721static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent,
2722 struct list_head *timeouts, long timeout_period,
2723 int slot, unsigned long *flags)
2724{
2725 struct ipmi_recv_msg *msg;
2726
2727 if (!ent->inuse)
2728 return;
2729
2730 ent->timeout -= timeout_period;
2731 if (ent->timeout > 0)
2732 return;
2733
2734 if (ent->retries_left == 0) {
2735 /* The message has used all its retries. */
2736 ent->inuse = 0;
2737 msg = ent->recv_msg;
2738 list_add_tail(&msg->link, timeouts);
2739 spin_lock(&intf->counter_lock);
2740 if (ent->broadcast)
2741 intf->timed_out_ipmb_broadcasts++;
2742 else if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE)
2743 intf->timed_out_lan_commands++;
2744 else
2745 intf->timed_out_ipmb_commands++;
2746 spin_unlock(&intf->counter_lock);
2747 } else {
2748 struct ipmi_smi_msg *smi_msg;
2749 /* More retries, send again. */
2750
2751 /* Start with the max timer, set to normal
2752 timer after the message is sent. */
2753 ent->timeout = MAX_MSG_TIMEOUT;
2754 ent->retries_left--;
2755 spin_lock(&intf->counter_lock);
2756 if (ent->recv_msg->addr.addr_type == IPMI_LAN_ADDR_TYPE)
2757 intf->retransmitted_lan_commands++;
2758 else
2759 intf->retransmitted_ipmb_commands++;
2760 spin_unlock(&intf->counter_lock);
2761
2762 smi_msg = smi_from_recv_msg(intf, ent->recv_msg, slot,
2763 ent->seqid);
2764 if (! smi_msg)
2765 return;
2766
2767 spin_unlock_irqrestore(&intf->seq_lock, *flags);
2768 /* Send the new message. We send with a zero
2769 * priority. It timed out, I doubt time is
2770 * that critical now, and high priority
2771 * messages are really only for messages to the
2772 * local MC, which don't get resent. */
2773 intf->handlers->sender(intf->send_info,
2774 smi_msg, 0);
2775 spin_lock_irqsave(&intf->seq_lock, *flags);
2776 }
2777}
2778
2779static void ipmi_timeout_handler(long timeout_period)
1da177e4
LT		 2780{
2781 ipmi_smi_t intf;
2782 struct list_head timeouts;
2783 struct ipmi_recv_msg *msg, *msg2;
2784 struct ipmi_smi_msg *smi_msg, *smi_msg2;
2785 unsigned long flags;
2786 int i, j;
2787
2788 INIT_LIST_HEAD(&timeouts);
2789
2790 spin_lock(&interfaces_lock);
e8b33617 2791 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 2792 intf = ipmi_interfaces[i];
393d2cc3 2793 if (IPMI_INVALID_INTERFACE(intf))
1da177e4 2794 continue;
393d2cc3
CM		 2795 kref_get(&intf->refcount);
2796 spin_unlock(&interfaces_lock);
1da177e4
LT		 2797
2798 /* See if any waiting messages need to be processed. */
393d2cc3
CM		 2799 spin_lock_irqsave(&intf->waiting_msgs_lock, flags);
2800 list_for_each_entry_safe(smi_msg, smi_msg2, &intf->waiting_msgs, link) {
1da177e4
LT		 2801 if (! handle_new_recv_msg(intf, smi_msg)) {
2802 list_del(&smi_msg->link);
2803 ipmi_free_smi_msg(smi_msg);
2804 } else {
2805 /* To preserve message order, quit if we
2806 can't handle a message. */
2807 break;
2808 }
2809 }
393d2cc3 2810 spin_unlock_irqrestore(&intf->waiting_msgs_lock, flags);
1da177e4
LT		 2811
2812 /* Go through the seq table and find any messages that
2813 have timed out, putting them in the timeouts
2814 list. */
393d2cc3
CM		 2815 spin_lock_irqsave(&intf->seq_lock, flags);
2816 for (j = 0; j < IPMI_IPMB_NUM_SEQ; j++)
2817 check_msg_timeout(intf, &(intf->seq_table[j]),
2818 &timeouts, timeout_period, j,
2819 &flags);
2820 spin_unlock_irqrestore(&intf->seq_lock, flags);
2821
2822 list_for_each_entry_safe(msg, msg2, &timeouts, link)
1da177e4 2823 handle_msg_timeout(msg);
1da177e4 2824
393d2cc3
CM		 2825 kref_put(&intf->refcount, intf_free);
2826 spin_lock(&interfaces_lock);
1da177e4
LT		 2827 }
2828 spin_unlock(&interfaces_lock);
2829}
2830
2831static void ipmi_request_event(void)
2832{
2833 ipmi_smi_t intf;
2834 int i;
2835
2836 spin_lock(&interfaces_lock);
e8b33617 2837 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 2838 intf = ipmi_interfaces[i];
393d2cc3 2839 if (IPMI_INVALID_INTERFACE(intf))
1da177e4
LT		 2840 continue;
2841
2842 intf->handlers->request_events(intf->send_info);
2843 }
2844 spin_unlock(&interfaces_lock);
2845}
2846
2847static struct timer_list ipmi_timer;
2848
2849/* Call every ~100 ms. */
2850#define IPMI_TIMEOUT_TIME 100
2851
2852/* How many jiffies does it take to get to the timeout time. */
2853#define IPMI_TIMEOUT_JIFFIES ((IPMI_TIMEOUT_TIME * HZ) / 1000)
2854
2855/* Request events from the queue every second (this is the number of
2856 IPMI_TIMEOUT_TIMES between event requests). Hopefully, in the
2857 future, IPMI will add a way to know immediately if an event is in
2858 the queue and this silliness can go away. */
2859#define IPMI_REQUEST_EV_TIME (1000 / (IPMI_TIMEOUT_TIME))
2860
8f43f84f 2861static atomic_t stop_operation;
1da177e4
LT		 2862static unsigned int ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2863
2864static void ipmi_timeout(unsigned long data)
2865{
8f43f84f 2866 if (atomic_read(&stop_operation))
1da177e4 2867 return;
1da177e4
LT		 2868
2869 ticks_to_req_ev--;
2870 if (ticks_to_req_ev == 0) {
2871 ipmi_request_event();
2872 ticks_to_req_ev = IPMI_REQUEST_EV_TIME;
2873 }
2874
2875 ipmi_timeout_handler(IPMI_TIMEOUT_TIME);
2876
8f43f84f 2877 mod_timer(&ipmi_timer, jiffies + IPMI_TIMEOUT_JIFFIES);
1da177e4
LT		 2878}
2879
2880
2881static atomic_t smi_msg_inuse_count = ATOMIC_INIT(0);
2882static atomic_t recv_msg_inuse_count = ATOMIC_INIT(0);
2883
2884/* FIXME - convert these to slabs. */
2885static void free_smi_msg(struct ipmi_smi_msg *msg)
2886{
2887 atomic_dec(&smi_msg_inuse_count);
2888 kfree(msg);
2889}
2890
2891struct ipmi_smi_msg *ipmi_alloc_smi_msg(void)
2892{
2893 struct ipmi_smi_msg *rv;
2894 rv = kmalloc(sizeof(struct ipmi_smi_msg), GFP_ATOMIC);
2895 if (rv) {
2896 rv->done = free_smi_msg;
2897 rv->user_data = NULL;
2898 atomic_inc(&smi_msg_inuse_count);
2899 }
2900 return rv;
2901}
2902
2903static void free_recv_msg(struct ipmi_recv_msg *msg)
2904{
2905 atomic_dec(&recv_msg_inuse_count);
2906 kfree(msg);
2907}
2908
2909struct ipmi_recv_msg *ipmi_alloc_recv_msg(void)
2910{
2911 struct ipmi_recv_msg *rv;
2912
2913 rv = kmalloc(sizeof(struct ipmi_recv_msg), GFP_ATOMIC);
2914 if (rv) {
2915 rv->done = free_recv_msg;
2916 atomic_inc(&recv_msg_inuse_count);
2917 }
2918 return rv;
2919}
2920
393d2cc3
CM		 2921void ipmi_free_recv_msg(struct ipmi_recv_msg *msg)
2922{
2923 if (msg->user)
2924 kref_put(&msg->user->refcount, free_user);
2925 msg->done(msg);
2926}
2927
1da177e4
LT		 2928#ifdef CONFIG_IPMI_PANIC_EVENT
2929
2930static void dummy_smi_done_handler(struct ipmi_smi_msg *msg)
2931{
2932}
2933
2934static void dummy_recv_done_handler(struct ipmi_recv_msg *msg)
2935{
2936}
2937
2938#ifdef CONFIG_IPMI_PANIC_STRING
56a55ec6 2939static void event_receiver_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 2940{
56a55ec6
CM		 2941 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2942 && (msg->msg.netfn == IPMI_NETFN_SENSOR_EVENT_RESPONSE)
2943 && (msg->msg.cmd == IPMI_GET_EVENT_RECEIVER_CMD)
2944 && (msg->msg.data[0] == IPMI_CC_NO_ERROR))
1da177e4
LT		 2945 {
2946 /* A get event receiver command, save it. */
56a55ec6
CM		 2947 intf->event_receiver = msg->msg.data[1];
2948 intf->event_receiver_lun = msg->msg.data[2] & 0x3;
1da177e4
LT		 2949 }
2950}
2951
56a55ec6 2952static void device_id_fetcher(ipmi_smi_t intf, struct ipmi_recv_msg *msg)
1da177e4 2953{
56a55ec6
CM		 2954 if ((msg->addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE)
2955 && (msg->msg.netfn == IPMI_NETFN_APP_RESPONSE)
2956 && (msg->msg.cmd == IPMI_GET_DEVICE_ID_CMD)
2957 && (msg->msg.data[0] == IPMI_CC_NO_ERROR))
1da177e4
LT		 2958 {
2959 /* A get device id command, save if we are an event
2960 receiver or generator. */
56a55ec6
CM		 2961 intf->local_sel_device = (msg->msg.data[6] >> 2) & 1;
2962 intf->local_event_generator = (msg->msg.data[6] >> 5) & 1;
1da177e4
LT		 2963 }
2964}
2965#endif
2966
2967static void send_panic_events(char *str)
2968{
2969 struct kernel_ipmi_msg msg;
2970 ipmi_smi_t intf;
2971 unsigned char data[16];
2972 int i;
2973 struct ipmi_system_interface_addr *si;
2974 struct ipmi_addr addr;
2975 struct ipmi_smi_msg smi_msg;
2976 struct ipmi_recv_msg recv_msg;
2977
2978 si = (struct ipmi_system_interface_addr *) &addr;
2979 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
2980 si->channel = IPMI_BMC_CHANNEL;
2981 si->lun = 0;
2982
2983 /* Fill in an event telling that we have failed. */
2984 msg.netfn = 0x04; /* Sensor or Event. */
2985 msg.cmd = 2; /* Platform event command. */
2986 msg.data = data;
2987 msg.data_len = 8;
cda315ab 2988 data[0] = 0x41; /* Kernel generator ID, IPMI table 5-4 */
1da177e4
LT		 2989 data[1] = 0x03; /* This is for IPMI 1.0. */
2990 data[2] = 0x20; /* OS Critical Stop, IPMI table 36-3 */
2991 data[4] = 0x6f; /* Sensor specific, IPMI table 36-1 */
2992 data[5] = 0xa1; /* Runtime stop OEM bytes 2 & 3. */
2993
2994 /* Put a few breadcrumbs in. Hopefully later we can add more things
2995 to make the panic events more useful. */
2996 if (str) {
2997 data[3] = str[0];
2998 data[6] = str[1];
2999 data[7] = str[2];
3000 }
3001
3002 smi_msg.done = dummy_smi_done_handler;
3003 recv_msg.done = dummy_recv_done_handler;
3004
3005 /* For every registered interface, send the event. */
e8b33617 3006 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 3007 intf = ipmi_interfaces[i];
393d2cc3 3008 if (IPMI_INVALID_INTERFACE(intf))
1da177e4
LT		 3009 continue;
3010
3011 /* Send the event announcing the panic. */
3012 intf->handlers->set_run_to_completion(intf->send_info, 1);
3013 i_ipmi_request(NULL,
3014 intf,
3015 &addr,
3016 0,
3017 &msg,
56a55ec6 3018 intf,
1da177e4
LT		 3019 &smi_msg,
3020 &recv_msg,
3021 0,
c14979b9
CM		 3022 intf->channels[0].address,
3023 intf->channels[0].lun,
1da177e4
LT		 3024 0, 1); /* Don't retry, and don't wait. */
3025 }
3026
3027#ifdef CONFIG_IPMI_PANIC_STRING
3028 /* On every interface, dump a bunch of OEM event holding the
3029 string. */
3030 if (!str)
3031 return;
3032
e8b33617 3033 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4
LT		 3034 char *p = str;
3035 struct ipmi_ipmb_addr *ipmb;
3036 int j;
3037
3038 intf = ipmi_interfaces[i];
393d2cc3 3039 if (IPMI_INVALID_INTERFACE(intf))
1da177e4
LT		 3040 continue;
3041
3042 /* First job here is to figure out where to send the
3043 OEM events. There's no way in IPMI to send OEM
3044 events using an event send command, so we have to
3045 find the SEL to put them in and stick them in
3046 there. */
3047
3048 /* Get capabilities from the get device id. */
3049 intf->local_sel_device = 0;
3050 intf->local_event_generator = 0;
3051 intf->event_receiver = 0;
3052
3053 /* Request the device info from the local MC. */
3054 msg.netfn = IPMI_NETFN_APP_REQUEST;
3055 msg.cmd = IPMI_GET_DEVICE_ID_CMD;
3056 msg.data = NULL;
3057 msg.data_len = 0;
3058 intf->null_user_handler = device_id_fetcher;
3059 i_ipmi_request(NULL,
3060 intf,
3061 &addr,
3062 0,
3063 &msg,
56a55ec6 3064 intf,
1da177e4
LT		 3065 &smi_msg,
3066 &recv_msg,
3067 0,
c14979b9
CM		 3068 intf->channels[0].address,
3069 intf->channels[0].lun,
1da177e4
LT		 3070 0, 1); /* Don't retry, and don't wait. */
3071
3072 if (intf->local_event_generator) {
3073 /* Request the event receiver from the local MC. */
3074 msg.netfn = IPMI_NETFN_SENSOR_EVENT_REQUEST;
3075 msg.cmd = IPMI_GET_EVENT_RECEIVER_CMD;
3076 msg.data = NULL;
3077 msg.data_len = 0;
3078 intf->null_user_handler = event_receiver_fetcher;
3079 i_ipmi_request(NULL,
3080 intf,
3081 &addr,
3082 0,
3083 &msg,
56a55ec6 3084 intf,
1da177e4
LT		 3085 &smi_msg,
3086 &recv_msg,
3087 0,
c14979b9
CM		 3088 intf->channels[0].address,
3089 intf->channels[0].lun,
1da177e4
LT		 3090 0, 1); /* no retry, and no wait. */
3091 }
3092 intf->null_user_handler = NULL;
3093
3094 /* Validate the event receiver. The low bit must not
3095 be 1 (it must be a valid IPMB address), it cannot
3096 be zero, and it must not be my address. */
3097 if (((intf->event_receiver & 1) == 0)
3098 && (intf->event_receiver != 0)
c14979b9 3099 && (intf->event_receiver != intf->channels[0].address))
1da177e4
LT		 3100 {
3101 /* The event receiver is valid, send an IPMB
3102 message. */
3103 ipmb = (struct ipmi_ipmb_addr *) &addr;
3104 ipmb->addr_type = IPMI_IPMB_ADDR_TYPE;
3105 ipmb->channel = 0; /* FIXME - is this right? */
3106 ipmb->lun = intf->event_receiver_lun;
3107 ipmb->slave_addr = intf->event_receiver;
3108 } else if (intf->local_sel_device) {
3109 /* The event receiver was not valid (or was
3110 me), but I am an SEL device, just dump it
3111 in my SEL. */
3112 si = (struct ipmi_system_interface_addr *) &addr;
3113 si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
3114 si->channel = IPMI_BMC_CHANNEL;
3115 si->lun = 0;
3116 } else
3117 continue; /* No where to send the event. */
3118
3119
3120 msg.netfn = IPMI_NETFN_STORAGE_REQUEST; /* Storage. */
3121 msg.cmd = IPMI_ADD_SEL_ENTRY_CMD;
3122 msg.data = data;
3123 msg.data_len = 16;
3124
3125 j = 0;
3126 while (*p) {
3127 int size = strlen(p);
3128
3129 if (size > 11)
3130 size = 11;
3131 data[0] = 0;
3132 data[1] = 0;
3133 data[2] = 0xf0; /* OEM event without timestamp. */
c14979b9 3134 data[3] = intf->channels[0].address;
1da177e4
LT		 3135 data[4] = j++; /* sequence # */
3136 /* Always give 11 bytes, so strncpy will fill
3137 it with zeroes for me. */
3138 strncpy(data+5, p, 11);
3139 p += size;
3140
3141 i_ipmi_request(NULL,
3142 intf,
3143 &addr,
3144 0,
3145 &msg,
56a55ec6 3146 intf,
1da177e4
LT		 3147 &smi_msg,
3148 &recv_msg,
3149 0,
c14979b9
CM		 3150 intf->channels[0].address,
3151 intf->channels[0].lun,
1da177e4
LT		 3152 0, 1); /* no retry, and no wait. */
3153 }
3154 }
3155#endif /* CONFIG_IPMI_PANIC_STRING */
3156}
3157#endif /* CONFIG_IPMI_PANIC_EVENT */
3158
3159static int has_paniced = 0;
3160
3161static int panic_event(struct notifier_block *this,
3162 unsigned long event,
3163 void *ptr)
3164{
3165 int i;
3166 ipmi_smi_t intf;
3167
3168 if (has_paniced)
3169 return NOTIFY_DONE;
3170 has_paniced = 1;
3171
3172 /* For every registered interface, set it to run to completion. */
e8b33617 3173 for (i = 0; i < MAX_IPMI_INTERFACES; i++) {
1da177e4 3174 intf = ipmi_interfaces[i];
393d2cc3 3175 if (IPMI_INVALID_INTERFACE(intf))
1da177e4
LT		 3176 continue;
3177
3178 intf->handlers->set_run_to_completion(intf->send_info, 1);
3179 }
3180
3181#ifdef CONFIG_IPMI_PANIC_EVENT
3182 send_panic_events(ptr);
3183#endif
3184
3185 return NOTIFY_DONE;
3186}
3187
3188static struct notifier_block panic_block = {
3189 .notifier_call = panic_event,
3190 .next = NULL,
3191 .priority = 200 /* priority: INT_MAX >= x >= 0 */
3192};
3193
3194static int ipmi_init_msghandler(void)
3195{
3196 int i;
3197
3198 if (initialized)
3199 return 0;
3200
3201 printk(KERN_INFO "ipmi message handler version "
1fdd75bd 3202 IPMI_DRIVER_VERSION "\n");
1da177e4 3203
393d2cc3 3204 for (i = 0; i < MAX_IPMI_INTERFACES; i++)
1da177e4 3205 ipmi_interfaces[i] = NULL;
1da177e4 3206
3b625943 3207#ifdef CONFIG_PROC_FS
1da177e4
LT		 3208 proc_ipmi_root = proc_mkdir("ipmi", NULL);
3209 if (!proc_ipmi_root) {
3210 printk(KERN_ERR PFX "Unable to create IPMI proc dir");
3211 return -ENOMEM;
3212 }
3213
3214 proc_ipmi_root->owner = THIS_MODULE;
3b625943 3215#endif /* CONFIG_PROC_FS */
1da177e4
LT		 3216
3217 init_timer(&ipmi_timer);
3218 ipmi_timer.data = 0;
3219 ipmi_timer.function = ipmi_timeout;
3220 ipmi_timer.expires = jiffies + IPMI_TIMEOUT_JIFFIES;
3221 add_timer(&ipmi_timer);
3222
3223 notifier_chain_register(&panic_notifier_list, &panic_block);
3224
3225 initialized = 1;
3226
3227 return 0;
3228}
3229
3230static __init int ipmi_init_msghandler_mod(void)
3231{
3232 ipmi_init_msghandler();
3233 return 0;
3234}
3235
3236static __exit void cleanup_ipmi(void)
3237{
3238 int count;
3239
3240 if (!initialized)
3241 return;
3242
3243 notifier_chain_unregister(&panic_notifier_list, &panic_block);
3244
3245 /* This can't be called if any interfaces exist, so no worry about
3246 shutting down the interfaces. */
3247
3248 /* Tell the timer to stop, then wait for it to stop. This avoids
3249 problems with race conditions removing the timer here. */
8f43f84f
CM		 3250 atomic_inc(&stop_operation);
3251 del_timer_sync(&ipmi_timer);
1da177e4 3252
3b625943 3253#ifdef CONFIG_PROC_FS
1da177e4 3254 remove_proc_entry(proc_ipmi_root->name, &proc_root);
3b625943 3255#endif /* CONFIG_PROC_FS */
1da177e4
LT		 3256
3257 initialized = 0;
3258
3259 /* Check for buffer leaks. */
3260 count = atomic_read(&smi_msg_inuse_count);
3261 if (count != 0)
3262 printk(KERN_WARNING PFX "SMI message count %d at exit\n",
3263 count);
3264 count = atomic_read(&recv_msg_inuse_count);
3265 if (count != 0)
3266 printk(KERN_WARNING PFX "recv message count %d at exit\n",
3267 count);
3268}
3269module_exit(cleanup_ipmi);
3270
3271module_init(ipmi_init_msghandler_mod);
3272MODULE_LICENSE("GPL");
1fdd75bd
CM		 3273MODULE_AUTHOR("Corey Minyard <minyard@mvista.com>");
3274MODULE_DESCRIPTION("Incoming and outgoing message routing for an IPMI interface.");
3275MODULE_VERSION(IPMI_DRIVER_VERSION);
1da177e4
LT		 3276
3277EXPORT_SYMBOL(ipmi_create_user);
3278EXPORT_SYMBOL(ipmi_destroy_user);
3279EXPORT_SYMBOL(ipmi_get_version);
3280EXPORT_SYMBOL(ipmi_request_settime);
3281EXPORT_SYMBOL(ipmi_request_supply_msgs);
3282EXPORT_SYMBOL(ipmi_register_smi);
3283EXPORT_SYMBOL(ipmi_unregister_smi);
3284EXPORT_SYMBOL(ipmi_register_for_cmd);
3285EXPORT_SYMBOL(ipmi_unregister_for_cmd);
3286EXPORT_SYMBOL(ipmi_smi_msg_received);
3287EXPORT_SYMBOL(ipmi_smi_watchdog_pretimeout);
3288EXPORT_SYMBOL(ipmi_alloc_smi_msg);
3289EXPORT_SYMBOL(ipmi_addr_length);
3290EXPORT_SYMBOL(ipmi_validate_addr);
3291EXPORT_SYMBOL(ipmi_set_gets_events);
3292EXPORT_SYMBOL(ipmi_smi_watcher_register);
3293EXPORT_SYMBOL(ipmi_smi_watcher_unregister);
3294EXPORT_SYMBOL(ipmi_set_my_address);
3295EXPORT_SYMBOL(ipmi_get_my_address);
3296EXPORT_SYMBOL(ipmi_set_my_LUN);
3297EXPORT_SYMBOL(ipmi_get_my_LUN);
3298EXPORT_SYMBOL(ipmi_smi_add_proc_entry);
3299EXPORT_SYMBOL(ipmi_user_set_run_to_completion);
393d2cc3 3300EXPORT_SYMBOL(ipmi_free_recv_msg);
kernel source for telekom puls (alcatel/mediatek)