Loading...
1/*
2 * acpi_ipmi.c - ACPI IPMI opregion
3 *
4 * Copyright (C) 2010 Intel Corporation
5 * Copyright (C) 2010 Zhao Yakui <yakui.zhao@intel.com>
6 *
7 * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or (at
12 * your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
22 *
23 * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
24 */
25
26#include <linux/kernel.h>
27#include <linux/module.h>
28#include <linux/init.h>
29#include <linux/types.h>
30#include <linux/delay.h>
31#include <linux/proc_fs.h>
32#include <linux/seq_file.h>
33#include <linux/interrupt.h>
34#include <linux/list.h>
35#include <linux/spinlock.h>
36#include <linux/io.h>
37#include <acpi/acpi_bus.h>
38#include <acpi/acpi_drivers.h>
39#include <linux/ipmi.h>
40#include <linux/device.h>
41#include <linux/pnp.h>
42
43MODULE_AUTHOR("Zhao Yakui");
44MODULE_DESCRIPTION("ACPI IPMI Opregion driver");
45MODULE_LICENSE("GPL");
46
47#define IPMI_FLAGS_HANDLER_INSTALL 0
48
49#define ACPI_IPMI_OK 0
50#define ACPI_IPMI_TIMEOUT 0x10
51#define ACPI_IPMI_UNKNOWN 0x07
52/* the IPMI timeout is 5s */
53#define IPMI_TIMEOUT (5 * HZ)
54
55struct acpi_ipmi_device {
56 /* the device list attached to driver_data.ipmi_devices */
57 struct list_head head;
58 /* the IPMI request message list */
59 struct list_head tx_msg_list;
60 struct mutex tx_msg_lock;
61 acpi_handle handle;
62 struct pnp_dev *pnp_dev;
63 ipmi_user_t user_interface;
64 int ipmi_ifnum; /* IPMI interface number */
65 long curr_msgid;
66 unsigned long flags;
67 struct ipmi_smi_info smi_data;
68};
69
70struct ipmi_driver_data {
71 struct list_head ipmi_devices;
72 struct ipmi_smi_watcher bmc_events;
73 struct ipmi_user_hndl ipmi_hndlrs;
74 struct mutex ipmi_lock;
75};
76
77struct acpi_ipmi_msg {
78 struct list_head head;
79 /*
80 * General speaking the addr type should be SI_ADDR_TYPE. And
81 * the addr channel should be BMC.
82 * In fact it can also be IPMB type. But we will have to
83 * parse it from the Netfn command buffer. It is so complex
84 * that it is skipped.
85 */
86 struct ipmi_addr addr;
87 long tx_msgid;
88 /* it is used to track whether the IPMI message is finished */
89 struct completion tx_complete;
90 struct kernel_ipmi_msg tx_message;
91 int msg_done;
92 /* tx data . And copy it from ACPI object buffer */
93 u8 tx_data[64];
94 int tx_len;
95 u8 rx_data[64];
96 int rx_len;
97 struct acpi_ipmi_device *device;
98};
99
100/* IPMI request/response buffer per ACPI 4.0, sec 5.5.2.4.3.2 */
101struct acpi_ipmi_buffer {
102 u8 status;
103 u8 length;
104 u8 data[64];
105};
106
107static void ipmi_register_bmc(int iface, struct device *dev);
108static void ipmi_bmc_gone(int iface);
109static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data);
110static void acpi_add_ipmi_device(struct acpi_ipmi_device *ipmi_device);
111static void acpi_remove_ipmi_device(struct acpi_ipmi_device *ipmi_device);
112
113static struct ipmi_driver_data driver_data = {
114 .ipmi_devices = LIST_HEAD_INIT(driver_data.ipmi_devices),
115 .bmc_events = {
116 .owner = THIS_MODULE,
117 .new_smi = ipmi_register_bmc,
118 .smi_gone = ipmi_bmc_gone,
119 },
120 .ipmi_hndlrs = {
121 .ipmi_recv_hndl = ipmi_msg_handler,
122 },
123};
124
125static struct acpi_ipmi_msg *acpi_alloc_ipmi_msg(struct acpi_ipmi_device *ipmi)
126{
127 struct acpi_ipmi_msg *ipmi_msg;
128 struct pnp_dev *pnp_dev = ipmi->pnp_dev;
129
130 ipmi_msg = kzalloc(sizeof(struct acpi_ipmi_msg), GFP_KERNEL);
131 if (!ipmi_msg) {
132 dev_warn(&pnp_dev->dev, "Can't allocate memory for ipmi_msg\n");
133 return NULL;
134 }
135 init_completion(&ipmi_msg->tx_complete);
136 INIT_LIST_HEAD(&ipmi_msg->head);
137 ipmi_msg->device = ipmi;
138 return ipmi_msg;
139}
140
141#define IPMI_OP_RGN_NETFN(offset) ((offset >> 8) & 0xff)
142#define IPMI_OP_RGN_CMD(offset) (offset & 0xff)
143static void acpi_format_ipmi_msg(struct acpi_ipmi_msg *tx_msg,
144 acpi_physical_address address,
145 acpi_integer *value)
146{
147 struct kernel_ipmi_msg *msg;
148 struct acpi_ipmi_buffer *buffer;
149 struct acpi_ipmi_device *device;
150
151 msg = &tx_msg->tx_message;
152 /*
153 * IPMI network function and command are encoded in the address
154 * within the IPMI OpRegion; see ACPI 4.0, sec 5.5.2.4.3.
155 */
156 msg->netfn = IPMI_OP_RGN_NETFN(address);
157 msg->cmd = IPMI_OP_RGN_CMD(address);
158 msg->data = tx_msg->tx_data;
159 /*
160 * value is the parameter passed by the IPMI opregion space handler.
161 * It points to the IPMI request message buffer
162 */
163 buffer = (struct acpi_ipmi_buffer *)value;
164 /* copy the tx message data */
165 msg->data_len = buffer->length;
166 memcpy(tx_msg->tx_data, buffer->data, msg->data_len);
167 /*
168 * now the default type is SYSTEM_INTERFACE and channel type is BMC.
169 * If the netfn is APP_REQUEST and the cmd is SEND_MESSAGE,
170 * the addr type should be changed to IPMB. Then we will have to parse
171 * the IPMI request message buffer to get the IPMB address.
172 * If so, please fix me.
173 */
174 tx_msg->addr.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
175 tx_msg->addr.channel = IPMI_BMC_CHANNEL;
176 tx_msg->addr.data[0] = 0;
177
178 /* Get the msgid */
179 device = tx_msg->device;
180 mutex_lock(&device->tx_msg_lock);
181 device->curr_msgid++;
182 tx_msg->tx_msgid = device->curr_msgid;
183 mutex_unlock(&device->tx_msg_lock);
184}
185
186static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg,
187 acpi_integer *value, int rem_time)
188{
189 struct acpi_ipmi_buffer *buffer;
190
191 /*
192 * value is also used as output parameter. It represents the response
193 * IPMI message returned by IPMI command.
194 */
195 buffer = (struct acpi_ipmi_buffer *)value;
196 if (!rem_time && !msg->msg_done) {
197 buffer->status = ACPI_IPMI_TIMEOUT;
198 return;
199 }
200 /*
201 * If the flag of msg_done is not set or the recv length is zero, it
202 * means that the IPMI command is not executed correctly.
203 * The status code will be ACPI_IPMI_UNKNOWN.
204 */
205 if (!msg->msg_done || !msg->rx_len) {
206 buffer->status = ACPI_IPMI_UNKNOWN;
207 return;
208 }
209 /*
210 * If the IPMI response message is obtained correctly, the status code
211 * will be ACPI_IPMI_OK
212 */
213 buffer->status = ACPI_IPMI_OK;
214 buffer->length = msg->rx_len;
215 memcpy(buffer->data, msg->rx_data, msg->rx_len);
216}
217
218static void ipmi_flush_tx_msg(struct acpi_ipmi_device *ipmi)
219{
220 struct acpi_ipmi_msg *tx_msg, *temp;
221 int count = HZ / 10;
222 struct pnp_dev *pnp_dev = ipmi->pnp_dev;
223
224 list_for_each_entry_safe(tx_msg, temp, &ipmi->tx_msg_list, head) {
225 /* wake up the sleep thread on the Tx msg */
226 complete(&tx_msg->tx_complete);
227 }
228
229 /* wait for about 100ms to flush the tx message list */
230 while (count--) {
231 if (list_empty(&ipmi->tx_msg_list))
232 break;
233 schedule_timeout(1);
234 }
235 if (!list_empty(&ipmi->tx_msg_list))
236 dev_warn(&pnp_dev->dev, "tx msg list is not NULL\n");
237}
238
239static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data)
240{
241 struct acpi_ipmi_device *ipmi_device = user_msg_data;
242 int msg_found = 0;
243 struct acpi_ipmi_msg *tx_msg;
244 struct pnp_dev *pnp_dev = ipmi_device->pnp_dev;
245
246 if (msg->user != ipmi_device->user_interface) {
247 dev_warn(&pnp_dev->dev, "Unexpected response is returned. "
248 "returned user %p, expected user %p\n",
249 msg->user, ipmi_device->user_interface);
250 ipmi_free_recv_msg(msg);
251 return;
252 }
253 mutex_lock(&ipmi_device->tx_msg_lock);
254 list_for_each_entry(tx_msg, &ipmi_device->tx_msg_list, head) {
255 if (msg->msgid == tx_msg->tx_msgid) {
256 msg_found = 1;
257 break;
258 }
259 }
260
261 mutex_unlock(&ipmi_device->tx_msg_lock);
262 if (!msg_found) {
263 dev_warn(&pnp_dev->dev, "Unexpected response (msg id %ld) is "
264 "returned.\n", msg->msgid);
265 ipmi_free_recv_msg(msg);
266 return;
267 }
268
269 if (msg->msg.data_len) {
270 /* copy the response data to Rx_data buffer */
271 memcpy(tx_msg->rx_data, msg->msg_data, msg->msg.data_len);
272 tx_msg->rx_len = msg->msg.data_len;
273 tx_msg->msg_done = 1;
274 }
275 complete(&tx_msg->tx_complete);
276 ipmi_free_recv_msg(msg);
277};
278
279static void ipmi_register_bmc(int iface, struct device *dev)
280{
281 struct acpi_ipmi_device *ipmi_device, *temp;
282 struct pnp_dev *pnp_dev;
283 ipmi_user_t user;
284 int err;
285 struct ipmi_smi_info smi_data;
286 acpi_handle handle;
287
288 err = ipmi_get_smi_info(iface, &smi_data);
289
290 if (err)
291 return;
292
293 if (smi_data.addr_src != SI_ACPI) {
294 put_device(smi_data.dev);
295 return;
296 }
297
298 handle = smi_data.addr_info.acpi_info.acpi_handle;
299
300 mutex_lock(&driver_data.ipmi_lock);
301 list_for_each_entry(temp, &driver_data.ipmi_devices, head) {
302 /*
303 * if the corresponding ACPI handle is already added
304 * to the device list, don't add it again.
305 */
306 if (temp->handle == handle)
307 goto out;
308 }
309
310 ipmi_device = kzalloc(sizeof(*ipmi_device), GFP_KERNEL);
311
312 if (!ipmi_device)
313 goto out;
314
315 pnp_dev = to_pnp_dev(smi_data.dev);
316 ipmi_device->handle = handle;
317 ipmi_device->pnp_dev = pnp_dev;
318
319 err = ipmi_create_user(iface, &driver_data.ipmi_hndlrs,
320 ipmi_device, &user);
321 if (err) {
322 dev_warn(&pnp_dev->dev, "Can't create IPMI user interface\n");
323 kfree(ipmi_device);
324 goto out;
325 }
326 acpi_add_ipmi_device(ipmi_device);
327 ipmi_device->user_interface = user;
328 ipmi_device->ipmi_ifnum = iface;
329 mutex_unlock(&driver_data.ipmi_lock);
330 memcpy(&ipmi_device->smi_data, &smi_data, sizeof(struct ipmi_smi_info));
331 return;
332
333out:
334 mutex_unlock(&driver_data.ipmi_lock);
335 put_device(smi_data.dev);
336 return;
337}
338
339static void ipmi_bmc_gone(int iface)
340{
341 struct acpi_ipmi_device *ipmi_device, *temp;
342
343 mutex_lock(&driver_data.ipmi_lock);
344 list_for_each_entry_safe(ipmi_device, temp,
345 &driver_data.ipmi_devices, head) {
346 if (ipmi_device->ipmi_ifnum != iface)
347 continue;
348
349 acpi_remove_ipmi_device(ipmi_device);
350 put_device(ipmi_device->smi_data.dev);
351 kfree(ipmi_device);
352 break;
353 }
354 mutex_unlock(&driver_data.ipmi_lock);
355}
356/* --------------------------------------------------------------------------
357 * Address Space Management
358 * -------------------------------------------------------------------------- */
359/*
360 * This is the IPMI opregion space handler.
361 * @function: indicates the read/write. In fact as the IPMI message is driven
362 * by command, only write is meaningful.
363 * @address: This contains the netfn/command of IPMI request message.
364 * @bits : not used.
365 * @value : it is an in/out parameter. It points to the IPMI message buffer.
366 * Before the IPMI message is sent, it represents the actual request
367 * IPMI message. After the IPMI message is finished, it represents
368 * the response IPMI message returned by IPMI command.
369 * @handler_context: IPMI device context.
370 */
371
372static acpi_status
373acpi_ipmi_space_handler(u32 function, acpi_physical_address address,
374 u32 bits, acpi_integer *value,
375 void *handler_context, void *region_context)
376{
377 struct acpi_ipmi_msg *tx_msg;
378 struct acpi_ipmi_device *ipmi_device = handler_context;
379 int err, rem_time;
380 acpi_status status;
381 /*
382 * IPMI opregion message.
383 * IPMI message is firstly written to the BMC and system software
384 * can get the respsonse. So it is unmeaningful for the read access
385 * of IPMI opregion.
386 */
387 if ((function & ACPI_IO_MASK) == ACPI_READ)
388 return AE_TYPE;
389
390 if (!ipmi_device->user_interface)
391 return AE_NOT_EXIST;
392
393 tx_msg = acpi_alloc_ipmi_msg(ipmi_device);
394 if (!tx_msg)
395 return AE_NO_MEMORY;
396
397 acpi_format_ipmi_msg(tx_msg, address, value);
398 mutex_lock(&ipmi_device->tx_msg_lock);
399 list_add_tail(&tx_msg->head, &ipmi_device->tx_msg_list);
400 mutex_unlock(&ipmi_device->tx_msg_lock);
401 err = ipmi_request_settime(ipmi_device->user_interface,
402 &tx_msg->addr,
403 tx_msg->tx_msgid,
404 &tx_msg->tx_message,
405 NULL, 0, 0, 0);
406 if (err) {
407 status = AE_ERROR;
408 goto end_label;
409 }
410 rem_time = wait_for_completion_timeout(&tx_msg->tx_complete,
411 IPMI_TIMEOUT);
412 acpi_format_ipmi_response(tx_msg, value, rem_time);
413 status = AE_OK;
414
415end_label:
416 mutex_lock(&ipmi_device->tx_msg_lock);
417 list_del(&tx_msg->head);
418 mutex_unlock(&ipmi_device->tx_msg_lock);
419 kfree(tx_msg);
420 return status;
421}
422
423static void ipmi_remove_space_handler(struct acpi_ipmi_device *ipmi)
424{
425 if (!test_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags))
426 return;
427
428 acpi_remove_address_space_handler(ipmi->handle,
429 ACPI_ADR_SPACE_IPMI, &acpi_ipmi_space_handler);
430
431 clear_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags);
432}
433
434static int ipmi_install_space_handler(struct acpi_ipmi_device *ipmi)
435{
436 acpi_status status;
437
438 if (test_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags))
439 return 0;
440
441 status = acpi_install_address_space_handler(ipmi->handle,
442 ACPI_ADR_SPACE_IPMI,
443 &acpi_ipmi_space_handler,
444 NULL, ipmi);
445 if (ACPI_FAILURE(status)) {
446 struct pnp_dev *pnp_dev = ipmi->pnp_dev;
447 dev_warn(&pnp_dev->dev, "Can't register IPMI opregion space "
448 "handle\n");
449 return -EINVAL;
450 }
451 set_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags);
452 return 0;
453}
454
455static void acpi_add_ipmi_device(struct acpi_ipmi_device *ipmi_device)
456{
457
458 INIT_LIST_HEAD(&ipmi_device->head);
459
460 mutex_init(&ipmi_device->tx_msg_lock);
461 INIT_LIST_HEAD(&ipmi_device->tx_msg_list);
462 ipmi_install_space_handler(ipmi_device);
463
464 list_add_tail(&ipmi_device->head, &driver_data.ipmi_devices);
465}
466
467static void acpi_remove_ipmi_device(struct acpi_ipmi_device *ipmi_device)
468{
469 /*
470 * If the IPMI user interface is created, it should be
471 * destroyed.
472 */
473 if (ipmi_device->user_interface) {
474 ipmi_destroy_user(ipmi_device->user_interface);
475 ipmi_device->user_interface = NULL;
476 }
477 /* flush the Tx_msg list */
478 if (!list_empty(&ipmi_device->tx_msg_list))
479 ipmi_flush_tx_msg(ipmi_device);
480
481 list_del(&ipmi_device->head);
482 ipmi_remove_space_handler(ipmi_device);
483}
484
485static int __init acpi_ipmi_init(void)
486{
487 int result = 0;
488
489 if (acpi_disabled)
490 return result;
491
492 mutex_init(&driver_data.ipmi_lock);
493
494 result = ipmi_smi_watcher_register(&driver_data.bmc_events);
495
496 return result;
497}
498
499static void __exit acpi_ipmi_exit(void)
500{
501 struct acpi_ipmi_device *ipmi_device, *temp;
502
503 if (acpi_disabled)
504 return;
505
506 ipmi_smi_watcher_unregister(&driver_data.bmc_events);
507
508 /*
509 * When one smi_watcher is unregistered, it is only deleted
510 * from the smi_watcher list. But the smi_gone callback function
511 * is not called. So explicitly uninstall the ACPI IPMI oregion
512 * handler and free it.
513 */
514 mutex_lock(&driver_data.ipmi_lock);
515 list_for_each_entry_safe(ipmi_device, temp,
516 &driver_data.ipmi_devices, head) {
517 acpi_remove_ipmi_device(ipmi_device);
518 put_device(ipmi_device->smi_data.dev);
519 kfree(ipmi_device);
520 }
521 mutex_unlock(&driver_data.ipmi_lock);
522}
523
524module_init(acpi_ipmi_init);
525module_exit(acpi_ipmi_exit);
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * acpi_ipmi.c - ACPI IPMI opregion
4 *
5 * Copyright (C) 2010, 2013 Intel Corporation
6 * Author: Zhao Yakui <yakui.zhao@intel.com>
7 * Lv Zheng <lv.zheng@intel.com>
8 */
9
10#include <linux/module.h>
11#include <linux/acpi.h>
12#include <linux/ipmi.h>
13#include <linux/spinlock.h>
14
15MODULE_AUTHOR("Zhao Yakui");
16MODULE_DESCRIPTION("ACPI IPMI Opregion driver");
17MODULE_LICENSE("GPL");
18
19#define ACPI_IPMI_OK 0
20#define ACPI_IPMI_TIMEOUT 0x10
21#define ACPI_IPMI_UNKNOWN 0x07
22/* the IPMI timeout is 5s */
23#define IPMI_TIMEOUT (5000)
24#define ACPI_IPMI_MAX_MSG_LENGTH 64
25/* 2s should be suffient for SMI being selected */
26#define ACPI_IPMI_SMI_SELECTION_TIMEOUT (2 * HZ)
27
28struct acpi_ipmi_device {
29 /* the device list attached to driver_data.ipmi_devices */
30 struct list_head head;
31
32 /* the IPMI request message list */
33 struct list_head tx_msg_list;
34
35 spinlock_t tx_msg_lock;
36 acpi_handle handle;
37 struct device *dev;
38 struct ipmi_user *user_interface;
39 int ipmi_ifnum; /* IPMI interface number */
40 long curr_msgid;
41 bool dead;
42 struct kref kref;
43};
44
45struct ipmi_driver_data {
46 struct list_head ipmi_devices;
47 struct ipmi_smi_watcher bmc_events;
48 const struct ipmi_user_hndl ipmi_hndlrs;
49 struct mutex ipmi_lock;
50
51 /*
52 * NOTE: IPMI System Interface Selection
53 * There is no system interface specified by the IPMI operation
54 * region access. We try to select one system interface with ACPI
55 * handle set. IPMI messages passed from the ACPI codes are sent
56 * to this selected global IPMI system interface.
57 */
58 struct acpi_ipmi_device *selected_smi;
59 struct completion smi_selection_done;
60};
61
62struct acpi_ipmi_msg {
63 struct list_head head;
64
65 /*
66 * General speaking the addr type should be SI_ADDR_TYPE. And
67 * the addr channel should be BMC.
68 * In fact it can also be IPMB type. But we will have to
69 * parse it from the Netfn command buffer. It is so complex
70 * that it is skipped.
71 */
72 struct ipmi_addr addr;
73 long tx_msgid;
74
75 /* it is used to track whether the IPMI message is finished */
76 struct completion tx_complete;
77
78 struct kernel_ipmi_msg tx_message;
79 int msg_done;
80
81 /* tx/rx data . And copy it from/to ACPI object buffer */
82 u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
83 u8 rx_len;
84
85 struct acpi_ipmi_device *device;
86 struct kref kref;
87};
88
89/* IPMI request/response buffer per ACPI 4.0, sec 5.5.2.4.3.2 */
90struct acpi_ipmi_buffer {
91 u8 status;
92 u8 length;
93 u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
94};
95
96static void ipmi_register_bmc(int iface, struct device *dev);
97static void ipmi_bmc_gone(int iface);
98static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data);
99
100static struct ipmi_driver_data driver_data = {
101 .ipmi_devices = LIST_HEAD_INIT(driver_data.ipmi_devices),
102 .bmc_events = {
103 .owner = THIS_MODULE,
104 .new_smi = ipmi_register_bmc,
105 .smi_gone = ipmi_bmc_gone,
106 },
107 .ipmi_hndlrs = {
108 .ipmi_recv_hndl = ipmi_msg_handler,
109 },
110 .ipmi_lock = __MUTEX_INITIALIZER(driver_data.ipmi_lock)
111};
112
113static struct acpi_ipmi_device *
114ipmi_dev_alloc(int iface, struct device *dev, acpi_handle handle)
115{
116 struct acpi_ipmi_device *ipmi_device;
117 int err;
118 struct ipmi_user *user;
119
120 ipmi_device = kzalloc(sizeof(*ipmi_device), GFP_KERNEL);
121 if (!ipmi_device)
122 return NULL;
123
124 kref_init(&ipmi_device->kref);
125 INIT_LIST_HEAD(&ipmi_device->head);
126 INIT_LIST_HEAD(&ipmi_device->tx_msg_list);
127 spin_lock_init(&ipmi_device->tx_msg_lock);
128 ipmi_device->handle = handle;
129 ipmi_device->dev = get_device(dev);
130 ipmi_device->ipmi_ifnum = iface;
131
132 err = ipmi_create_user(iface, &driver_data.ipmi_hndlrs,
133 ipmi_device, &user);
134 if (err) {
135 put_device(dev);
136 kfree(ipmi_device);
137 return NULL;
138 }
139 ipmi_device->user_interface = user;
140
141 return ipmi_device;
142}
143
144static void ipmi_dev_release(struct acpi_ipmi_device *ipmi_device)
145{
146 ipmi_destroy_user(ipmi_device->user_interface);
147 put_device(ipmi_device->dev);
148 kfree(ipmi_device);
149}
150
151static void ipmi_dev_release_kref(struct kref *kref)
152{
153 struct acpi_ipmi_device *ipmi =
154 container_of(kref, struct acpi_ipmi_device, kref);
155
156 ipmi_dev_release(ipmi);
157}
158
159static void __ipmi_dev_kill(struct acpi_ipmi_device *ipmi_device)
160{
161 list_del(&ipmi_device->head);
162 if (driver_data.selected_smi == ipmi_device)
163 driver_data.selected_smi = NULL;
164
165 /*
166 * Always setting dead flag after deleting from the list or
167 * list_for_each_entry() codes must get changed.
168 */
169 ipmi_device->dead = true;
170}
171
172static struct acpi_ipmi_device *acpi_ipmi_dev_get(void)
173{
174 struct acpi_ipmi_device *ipmi_device = NULL;
175
176 mutex_lock(&driver_data.ipmi_lock);
177 if (driver_data.selected_smi) {
178 ipmi_device = driver_data.selected_smi;
179 kref_get(&ipmi_device->kref);
180 }
181 mutex_unlock(&driver_data.ipmi_lock);
182
183 return ipmi_device;
184}
185
186static void acpi_ipmi_dev_put(struct acpi_ipmi_device *ipmi_device)
187{
188 kref_put(&ipmi_device->kref, ipmi_dev_release_kref);
189}
190
191static struct acpi_ipmi_msg *ipmi_msg_alloc(void)
192{
193 struct acpi_ipmi_device *ipmi;
194 struct acpi_ipmi_msg *ipmi_msg;
195
196 ipmi = acpi_ipmi_dev_get();
197 if (!ipmi)
198 return NULL;
199
200 ipmi_msg = kzalloc(sizeof(struct acpi_ipmi_msg), GFP_KERNEL);
201 if (!ipmi_msg) {
202 acpi_ipmi_dev_put(ipmi);
203 return NULL;
204 }
205
206 kref_init(&ipmi_msg->kref);
207 init_completion(&ipmi_msg->tx_complete);
208 INIT_LIST_HEAD(&ipmi_msg->head);
209 ipmi_msg->device = ipmi;
210 ipmi_msg->msg_done = ACPI_IPMI_UNKNOWN;
211
212 return ipmi_msg;
213}
214
215static void ipmi_msg_release(struct acpi_ipmi_msg *tx_msg)
216{
217 acpi_ipmi_dev_put(tx_msg->device);
218 kfree(tx_msg);
219}
220
221static void ipmi_msg_release_kref(struct kref *kref)
222{
223 struct acpi_ipmi_msg *tx_msg =
224 container_of(kref, struct acpi_ipmi_msg, kref);
225
226 ipmi_msg_release(tx_msg);
227}
228
229static struct acpi_ipmi_msg *acpi_ipmi_msg_get(struct acpi_ipmi_msg *tx_msg)
230{
231 kref_get(&tx_msg->kref);
232
233 return tx_msg;
234}
235
236static void acpi_ipmi_msg_put(struct acpi_ipmi_msg *tx_msg)
237{
238 kref_put(&tx_msg->kref, ipmi_msg_release_kref);
239}
240
241#define IPMI_OP_RGN_NETFN(offset) ((offset >> 8) & 0xff)
242#define IPMI_OP_RGN_CMD(offset) (offset & 0xff)
243static int acpi_format_ipmi_request(struct acpi_ipmi_msg *tx_msg,
244 acpi_physical_address address,
245 acpi_integer *value)
246{
247 struct kernel_ipmi_msg *msg;
248 struct acpi_ipmi_buffer *buffer;
249 struct acpi_ipmi_device *device;
250 unsigned long flags;
251
252 msg = &tx_msg->tx_message;
253
254 /*
255 * IPMI network function and command are encoded in the address
256 * within the IPMI OpRegion; see ACPI 4.0, sec 5.5.2.4.3.
257 */
258 msg->netfn = IPMI_OP_RGN_NETFN(address);
259 msg->cmd = IPMI_OP_RGN_CMD(address);
260 msg->data = tx_msg->data;
261
262 /*
263 * value is the parameter passed by the IPMI opregion space handler.
264 * It points to the IPMI request message buffer
265 */
266 buffer = (struct acpi_ipmi_buffer *)value;
267
268 /* copy the tx message data */
269 if (buffer->length > ACPI_IPMI_MAX_MSG_LENGTH) {
270 dev_WARN_ONCE(tx_msg->device->dev, true,
271 "Unexpected request (msg len %d).\n",
272 buffer->length);
273 return -EINVAL;
274 }
275 msg->data_len = buffer->length;
276 memcpy(tx_msg->data, buffer->data, msg->data_len);
277
278 /*
279 * now the default type is SYSTEM_INTERFACE and channel type is BMC.
280 * If the netfn is APP_REQUEST and the cmd is SEND_MESSAGE,
281 * the addr type should be changed to IPMB. Then we will have to parse
282 * the IPMI request message buffer to get the IPMB address.
283 * If so, please fix me.
284 */
285 tx_msg->addr.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
286 tx_msg->addr.channel = IPMI_BMC_CHANNEL;
287 tx_msg->addr.data[0] = 0;
288
289 /* Get the msgid */
290 device = tx_msg->device;
291
292 spin_lock_irqsave(&device->tx_msg_lock, flags);
293 device->curr_msgid++;
294 tx_msg->tx_msgid = device->curr_msgid;
295 spin_unlock_irqrestore(&device->tx_msg_lock, flags);
296
297 return 0;
298}
299
300static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg,
301 acpi_integer *value)
302{
303 struct acpi_ipmi_buffer *buffer;
304
305 /*
306 * value is also used as output parameter. It represents the response
307 * IPMI message returned by IPMI command.
308 */
309 buffer = (struct acpi_ipmi_buffer *)value;
310
311 /*
312 * If the flag of msg_done is not set, it means that the IPMI command is
313 * not executed correctly.
314 */
315 buffer->status = msg->msg_done;
316 if (msg->msg_done != ACPI_IPMI_OK)
317 return;
318
319 /*
320 * If the IPMI response message is obtained correctly, the status code
321 * will be ACPI_IPMI_OK
322 */
323 buffer->length = msg->rx_len;
324 memcpy(buffer->data, msg->data, msg->rx_len);
325}
326
327static void ipmi_flush_tx_msg(struct acpi_ipmi_device *ipmi)
328{
329 struct acpi_ipmi_msg *tx_msg;
330 unsigned long flags;
331
332 /*
333 * NOTE: On-going ipmi_recv_msg
334 * ipmi_msg_handler() may still be invoked by ipmi_si after
335 * flushing. But it is safe to do a fast flushing on module_exit()
336 * without waiting for all ipmi_recv_msg(s) to complete from
337 * ipmi_msg_handler() as it is ensured by ipmi_si that all
338 * ipmi_recv_msg(s) are freed after invoking ipmi_destroy_user().
339 */
340 spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
341 while (!list_empty(&ipmi->tx_msg_list)) {
342 tx_msg = list_first_entry(&ipmi->tx_msg_list,
343 struct acpi_ipmi_msg,
344 head);
345 list_del(&tx_msg->head);
346 spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
347
348 /* wake up the sleep thread on the Tx msg */
349 complete(&tx_msg->tx_complete);
350 acpi_ipmi_msg_put(tx_msg);
351 spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
352 }
353 spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
354}
355
356static void ipmi_cancel_tx_msg(struct acpi_ipmi_device *ipmi,
357 struct acpi_ipmi_msg *msg)
358{
359 struct acpi_ipmi_msg *tx_msg = NULL, *iter, *temp;
360 unsigned long flags;
361
362 spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
363 list_for_each_entry_safe(iter, temp, &ipmi->tx_msg_list, head) {
364 if (msg == iter) {
365 tx_msg = iter;
366 list_del(&iter->head);
367 break;
368 }
369 }
370 spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
371
372 if (tx_msg)
373 acpi_ipmi_msg_put(tx_msg);
374}
375
376static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data)
377{
378 struct acpi_ipmi_device *ipmi_device = user_msg_data;
379 struct acpi_ipmi_msg *tx_msg = NULL, *iter, *temp;
380 struct device *dev = ipmi_device->dev;
381 unsigned long flags;
382
383 if (msg->user != ipmi_device->user_interface) {
384 dev_warn(dev,
385 "Unexpected response is returned. returned user %p, expected user %p\n",
386 msg->user, ipmi_device->user_interface);
387 goto out_msg;
388 }
389
390 spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
391 list_for_each_entry_safe(iter, temp, &ipmi_device->tx_msg_list, head) {
392 if (msg->msgid == iter->tx_msgid) {
393 tx_msg = iter;
394 list_del(&iter->head);
395 break;
396 }
397 }
398 spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
399
400 if (!tx_msg) {
401 dev_warn(dev,
402 "Unexpected response (msg id %ld) is returned.\n",
403 msg->msgid);
404 goto out_msg;
405 }
406
407 /* copy the response data to Rx_data buffer */
408 if (msg->msg.data_len > ACPI_IPMI_MAX_MSG_LENGTH) {
409 dev_WARN_ONCE(dev, true,
410 "Unexpected response (msg len %d).\n",
411 msg->msg.data_len);
412 goto out_comp;
413 }
414
415 /* response msg is an error msg */
416 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
417 if (msg->recv_type == IPMI_RESPONSE_RECV_TYPE &&
418 msg->msg.data_len == 1) {
419 if (msg->msg.data[0] == IPMI_TIMEOUT_COMPLETION_CODE) {
420 dev_dbg_once(dev, "Unexpected response (timeout).\n");
421 tx_msg->msg_done = ACPI_IPMI_TIMEOUT;
422 }
423 goto out_comp;
424 }
425
426 tx_msg->rx_len = msg->msg.data_len;
427 memcpy(tx_msg->data, msg->msg.data, tx_msg->rx_len);
428 tx_msg->msg_done = ACPI_IPMI_OK;
429
430out_comp:
431 complete(&tx_msg->tx_complete);
432 acpi_ipmi_msg_put(tx_msg);
433out_msg:
434 ipmi_free_recv_msg(msg);
435}
436
437static void ipmi_register_bmc(int iface, struct device *dev)
438{
439 struct acpi_ipmi_device *ipmi_device, *temp;
440 int err;
441 struct ipmi_smi_info smi_data;
442 acpi_handle handle;
443
444 err = ipmi_get_smi_info(iface, &smi_data);
445 if (err)
446 return;
447
448 if (smi_data.addr_src != SI_ACPI)
449 goto err_ref;
450 handle = smi_data.addr_info.acpi_info.acpi_handle;
451 if (!handle)
452 goto err_ref;
453
454 ipmi_device = ipmi_dev_alloc(iface, smi_data.dev, handle);
455 if (!ipmi_device) {
456 dev_warn(smi_data.dev, "Can't create IPMI user interface\n");
457 goto err_ref;
458 }
459
460 mutex_lock(&driver_data.ipmi_lock);
461 list_for_each_entry(temp, &driver_data.ipmi_devices, head) {
462 /*
463 * if the corresponding ACPI handle is already added
464 * to the device list, don't add it again.
465 */
466 if (temp->handle == handle)
467 goto err_lock;
468 }
469 if (!driver_data.selected_smi) {
470 driver_data.selected_smi = ipmi_device;
471 complete(&driver_data.smi_selection_done);
472 }
473 list_add_tail(&ipmi_device->head, &driver_data.ipmi_devices);
474 mutex_unlock(&driver_data.ipmi_lock);
475
476 put_device(smi_data.dev);
477 return;
478
479err_lock:
480 mutex_unlock(&driver_data.ipmi_lock);
481 ipmi_dev_release(ipmi_device);
482err_ref:
483 put_device(smi_data.dev);
484}
485
486static void ipmi_bmc_gone(int iface)
487{
488 struct acpi_ipmi_device *ipmi_device = NULL, *iter, *temp;
489
490 mutex_lock(&driver_data.ipmi_lock);
491 list_for_each_entry_safe(iter, temp,
492 &driver_data.ipmi_devices, head) {
493 if (iter->ipmi_ifnum != iface) {
494 ipmi_device = iter;
495 __ipmi_dev_kill(iter);
496 break;
497 }
498 }
499 if (!driver_data.selected_smi)
500 driver_data.selected_smi = list_first_entry_or_null(
501 &driver_data.ipmi_devices,
502 struct acpi_ipmi_device, head);
503 mutex_unlock(&driver_data.ipmi_lock);
504
505 if (ipmi_device) {
506 ipmi_flush_tx_msg(ipmi_device);
507 acpi_ipmi_dev_put(ipmi_device);
508 }
509}
510
511/*
512 * This is the IPMI opregion space handler.
513 * @function: indicates the read/write. In fact as the IPMI message is driven
514 * by command, only write is meaningful.
515 * @address: This contains the netfn/command of IPMI request message.
516 * @bits : not used.
517 * @value : it is an in/out parameter. It points to the IPMI message buffer.
518 * Before the IPMI message is sent, it represents the actual request
519 * IPMI message. After the IPMI message is finished, it represents
520 * the response IPMI message returned by IPMI command.
521 * @handler_context: IPMI device context.
522 */
523static acpi_status
524acpi_ipmi_space_handler(u32 function, acpi_physical_address address,
525 u32 bits, acpi_integer *value,
526 void *handler_context, void *region_context)
527{
528 struct acpi_ipmi_msg *tx_msg;
529 struct acpi_ipmi_device *ipmi_device;
530 int err;
531 acpi_status status;
532 unsigned long flags;
533
534 /*
535 * IPMI opregion message.
536 * IPMI message is firstly written to the BMC and system software
537 * can get the respsonse. So it is unmeaningful for the read access
538 * of IPMI opregion.
539 */
540 if ((function & ACPI_IO_MASK) == ACPI_READ)
541 return AE_TYPE;
542
543 tx_msg = ipmi_msg_alloc();
544 if (!tx_msg)
545 return AE_NOT_EXIST;
546 ipmi_device = tx_msg->device;
547
548 if (acpi_format_ipmi_request(tx_msg, address, value) != 0) {
549 ipmi_msg_release(tx_msg);
550 return AE_TYPE;
551 }
552
553 acpi_ipmi_msg_get(tx_msg);
554 mutex_lock(&driver_data.ipmi_lock);
555 /* Do not add a tx_msg that can not be flushed. */
556 if (ipmi_device->dead) {
557 mutex_unlock(&driver_data.ipmi_lock);
558 ipmi_msg_release(tx_msg);
559 return AE_NOT_EXIST;
560 }
561 spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
562 list_add_tail(&tx_msg->head, &ipmi_device->tx_msg_list);
563 spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
564 mutex_unlock(&driver_data.ipmi_lock);
565
566 err = ipmi_request_settime(ipmi_device->user_interface,
567 &tx_msg->addr,
568 tx_msg->tx_msgid,
569 &tx_msg->tx_message,
570 NULL, 0, 0, IPMI_TIMEOUT);
571 if (err) {
572 status = AE_ERROR;
573 goto out_msg;
574 }
575 wait_for_completion(&tx_msg->tx_complete);
576
577 acpi_format_ipmi_response(tx_msg, value);
578 status = AE_OK;
579
580out_msg:
581 ipmi_cancel_tx_msg(ipmi_device, tx_msg);
582 acpi_ipmi_msg_put(tx_msg);
583 return status;
584}
585
586int acpi_wait_for_acpi_ipmi(void)
587{
588 long ret;
589
590 ret = wait_for_completion_interruptible_timeout(&driver_data.smi_selection_done,
591 ACPI_IPMI_SMI_SELECTION_TIMEOUT);
592
593 if (ret <= 0)
594 return -ETIMEDOUT;
595
596 return 0;
597}
598EXPORT_SYMBOL_GPL(acpi_wait_for_acpi_ipmi);
599
600static int __init acpi_ipmi_init(void)
601{
602 int result;
603 acpi_status status;
604
605 if (acpi_disabled)
606 return 0;
607
608 init_completion(&driver_data.smi_selection_done);
609
610 status = acpi_install_address_space_handler(ACPI_ROOT_OBJECT,
611 ACPI_ADR_SPACE_IPMI,
612 &acpi_ipmi_space_handler,
613 NULL, NULL);
614 if (ACPI_FAILURE(status)) {
615 pr_warn("Can't register IPMI opregion space handle\n");
616 return -EINVAL;
617 }
618
619 result = ipmi_smi_watcher_register(&driver_data.bmc_events);
620 if (result) {
621 acpi_remove_address_space_handler(ACPI_ROOT_OBJECT,
622 ACPI_ADR_SPACE_IPMI,
623 &acpi_ipmi_space_handler);
624 pr_err("Can't register IPMI system interface watcher\n");
625 }
626
627 return result;
628}
629
630static void __exit acpi_ipmi_exit(void)
631{
632 struct acpi_ipmi_device *ipmi_device;
633
634 if (acpi_disabled)
635 return;
636
637 ipmi_smi_watcher_unregister(&driver_data.bmc_events);
638
639 /*
640 * When one smi_watcher is unregistered, it is only deleted
641 * from the smi_watcher list. But the smi_gone callback function
642 * is not called. So explicitly uninstall the ACPI IPMI oregion
643 * handler and free it.
644 */
645 mutex_lock(&driver_data.ipmi_lock);
646 while (!list_empty(&driver_data.ipmi_devices)) {
647 ipmi_device = list_first_entry(&driver_data.ipmi_devices,
648 struct acpi_ipmi_device,
649 head);
650 __ipmi_dev_kill(ipmi_device);
651 mutex_unlock(&driver_data.ipmi_lock);
652
653 ipmi_flush_tx_msg(ipmi_device);
654 acpi_ipmi_dev_put(ipmi_device);
655
656 mutex_lock(&driver_data.ipmi_lock);
657 }
658 mutex_unlock(&driver_data.ipmi_lock);
659 acpi_remove_address_space_handler(ACPI_ROOT_OBJECT,
660 ACPI_ADR_SPACE_IPMI,
661 &acpi_ipmi_space_handler);
662}
663
664module_init(acpi_ipmi_init);
665module_exit(acpi_ipmi_exit);