ipmi_ipmb.c (13929B)
1// SPDX-License-Identifier: GPL-2.0 2 3/* 4 * Driver to talk to a remote management controller on IPMB. 5 */ 6 7#include <linux/acpi.h> 8#include <linux/errno.h> 9#include <linux/i2c.h> 10#include <linux/miscdevice.h> 11#include <linux/module.h> 12#include <linux/mutex.h> 13#include <linux/poll.h> 14#include <linux/slab.h> 15#include <linux/spinlock.h> 16#include <linux/semaphore.h> 17#include <linux/kthread.h> 18#include <linux/wait.h> 19#include <linux/ipmi_msgdefs.h> 20#include <linux/ipmi_smi.h> 21 22#define DEVICE_NAME "ipmi-ipmb" 23 24static int bmcaddr = 0x20; 25module_param(bmcaddr, int, 0644); 26MODULE_PARM_DESC(bmcaddr, "Address to use for BMC."); 27 28static unsigned int retry_time_ms = 250; 29module_param(retry_time_ms, uint, 0644); 30MODULE_PARM_DESC(max_retries, "Timeout time between retries, in milliseconds."); 31 32static unsigned int max_retries = 1; 33module_param(max_retries, uint, 0644); 34MODULE_PARM_DESC(max_retries, "Max resends of a command before timing out."); 35 36/* Add room for the two slave addresses, two checksums, and rqSeq. */ 37#define IPMB_MAX_MSG_LEN (IPMI_MAX_MSG_LENGTH + 5) 38 39struct ipmi_ipmb_dev { 40 struct ipmi_smi *intf; 41 struct i2c_client *client; 42 struct i2c_client *slave; 43 44 struct ipmi_smi_handlers handlers; 45 46 bool ready; 47 48 u8 curr_seq; 49 50 u8 bmcaddr; 51 u32 retry_time_ms; 52 u32 max_retries; 53 54 struct ipmi_smi_msg *next_msg; 55 struct ipmi_smi_msg *working_msg; 56 57 /* Transmit thread. */ 58 struct task_struct *thread; 59 struct semaphore wake_thread; 60 struct semaphore got_rsp; 61 spinlock_t lock; 62 bool stopping; 63 64 u8 xmitmsg[IPMB_MAX_MSG_LEN]; 65 unsigned int xmitlen; 66 67 u8 rcvmsg[IPMB_MAX_MSG_LEN]; 68 unsigned int rcvlen; 69 bool overrun; 70}; 71 72static bool valid_ipmb(struct ipmi_ipmb_dev *iidev) 73{ 74 u8 *msg = iidev->rcvmsg; 75 u8 netfn; 76 77 if (iidev->overrun) 78 return false; 79 80 /* Minimum message size. */ 81 if (iidev->rcvlen < 7) 82 return false; 83 84 /* Is it a response? */ 85 netfn = msg[1] >> 2; 86 if (netfn & 1) { 87 /* Response messages have an added completion code. */ 88 if (iidev->rcvlen < 8) 89 return false; 90 } 91 92 if (ipmb_checksum(msg, 3) != 0) 93 return false; 94 if (ipmb_checksum(msg + 3, iidev->rcvlen - 3) != 0) 95 return false; 96 97 return true; 98} 99 100static void ipmi_ipmb_check_msg_done(struct ipmi_ipmb_dev *iidev) 101{ 102 struct ipmi_smi_msg *imsg = NULL; 103 u8 *msg = iidev->rcvmsg; 104 bool is_cmd; 105 unsigned long flags; 106 107 if (iidev->rcvlen == 0) 108 return; 109 if (!valid_ipmb(iidev)) 110 goto done; 111 112 is_cmd = ((msg[1] >> 2) & 1) == 0; 113 114 if (is_cmd) { 115 /* Ignore commands until we are up. */ 116 if (!iidev->ready) 117 goto done; 118 119 /* It's a command, allocate a message for it. */ 120 imsg = ipmi_alloc_smi_msg(); 121 if (!imsg) 122 goto done; 123 imsg->type = IPMI_SMI_MSG_TYPE_IPMB_DIRECT; 124 imsg->data_size = 0; 125 } else { 126 spin_lock_irqsave(&iidev->lock, flags); 127 if (iidev->working_msg) { 128 u8 seq = msg[4] >> 2; 129 bool xmit_rsp = (iidev->working_msg->data[0] >> 2) & 1; 130 131 /* 132 * Responses should carry the sequence we sent 133 * them with. If it's a transmitted response, 134 * ignore it. And if the message hasn't been 135 * transmitted, ignore it. 136 */ 137 if (!xmit_rsp && seq == iidev->curr_seq) { 138 iidev->curr_seq = (iidev->curr_seq + 1) & 0x3f; 139 140 imsg = iidev->working_msg; 141 iidev->working_msg = NULL; 142 } 143 } 144 spin_unlock_irqrestore(&iidev->lock, flags); 145 } 146 147 if (!imsg) 148 goto done; 149 150 if (imsg->type == IPMI_SMI_MSG_TYPE_IPMB_DIRECT) { 151 imsg->rsp[0] = msg[1]; /* NetFn/LUN */ 152 /* 153 * Keep the source address, rqSeq. Drop the trailing 154 * checksum. 155 */ 156 memcpy(imsg->rsp + 1, msg + 3, iidev->rcvlen - 4); 157 imsg->rsp_size = iidev->rcvlen - 3; 158 } else { 159 imsg->rsp[0] = msg[1]; /* NetFn/LUN */ 160 /* 161 * Skip the source address, rqSeq. Drop the trailing 162 * checksum. 163 */ 164 memcpy(imsg->rsp + 1, msg + 5, iidev->rcvlen - 6); 165 imsg->rsp_size = iidev->rcvlen - 5; 166 } 167 ipmi_smi_msg_received(iidev->intf, imsg); 168 if (!is_cmd) 169 up(&iidev->got_rsp); 170 171done: 172 iidev->overrun = false; 173 iidev->rcvlen = 0; 174} 175 176/* 177 * The IPMB protocol only supports i2c writes so there is no need to 178 * support I2C_SLAVE_READ* events, except to know if the other end has 179 * issued a read without going to stop mode. 180 */ 181static int ipmi_ipmb_slave_cb(struct i2c_client *client, 182 enum i2c_slave_event event, u8 *val) 183{ 184 struct ipmi_ipmb_dev *iidev = i2c_get_clientdata(client); 185 186 switch (event) { 187 case I2C_SLAVE_WRITE_REQUESTED: 188 ipmi_ipmb_check_msg_done(iidev); 189 /* 190 * First byte is the slave address, to ease the checksum 191 * calculation. 192 */ 193 iidev->rcvmsg[0] = client->addr << 1; 194 iidev->rcvlen = 1; 195 break; 196 197 case I2C_SLAVE_WRITE_RECEIVED: 198 if (iidev->rcvlen >= sizeof(iidev->rcvmsg)) 199 iidev->overrun = true; 200 else 201 iidev->rcvmsg[iidev->rcvlen++] = *val; 202 break; 203 204 case I2C_SLAVE_READ_REQUESTED: 205 case I2C_SLAVE_STOP: 206 ipmi_ipmb_check_msg_done(iidev); 207 break; 208 209 case I2C_SLAVE_READ_PROCESSED: 210 break; 211 } 212 213 return 0; 214} 215 216static void ipmi_ipmb_send_response(struct ipmi_ipmb_dev *iidev, 217 struct ipmi_smi_msg *msg, u8 cc) 218{ 219 if ((msg->data[0] >> 2) & 1) { 220 /* 221 * It's a response being sent, we needto return a 222 * response response. Fake a send msg command 223 * response with channel 0. This will always be ipmb 224 * direct. 225 */ 226 msg->data[0] = (IPMI_NETFN_APP_REQUEST | 1) << 2; 227 msg->data[3] = IPMI_SEND_MSG_CMD; 228 msg->data[4] = cc; 229 msg->data_size = 5; 230 } 231 msg->rsp[0] = msg->data[0] | (1 << 2); 232 if (msg->type == IPMI_SMI_MSG_TYPE_IPMB_DIRECT) { 233 msg->rsp[1] = msg->data[1]; 234 msg->rsp[2] = msg->data[2]; 235 msg->rsp[3] = msg->data[3]; 236 msg->rsp[4] = cc; 237 msg->rsp_size = 5; 238 } else { 239 msg->rsp[1] = msg->data[1]; 240 msg->rsp[2] = cc; 241 msg->rsp_size = 3; 242 } 243 ipmi_smi_msg_received(iidev->intf, msg); 244} 245 246static void ipmi_ipmb_format_for_xmit(struct ipmi_ipmb_dev *iidev, 247 struct ipmi_smi_msg *msg) 248{ 249 if (msg->type == IPMI_SMI_MSG_TYPE_IPMB_DIRECT) { 250 iidev->xmitmsg[0] = msg->data[1]; 251 iidev->xmitmsg[1] = msg->data[0]; 252 memcpy(iidev->xmitmsg + 4, msg->data + 2, msg->data_size - 2); 253 iidev->xmitlen = msg->data_size + 2; 254 } else { 255 iidev->xmitmsg[0] = iidev->bmcaddr; 256 iidev->xmitmsg[1] = msg->data[0]; 257 iidev->xmitmsg[4] = 0; 258 memcpy(iidev->xmitmsg + 5, msg->data + 1, msg->data_size - 1); 259 iidev->xmitlen = msg->data_size + 4; 260 } 261 iidev->xmitmsg[3] = iidev->slave->addr << 1; 262 if (((msg->data[0] >> 2) & 1) == 0) 263 /* If it's a command, put in our own sequence number. */ 264 iidev->xmitmsg[4] = ((iidev->xmitmsg[4] & 0x03) | 265 (iidev->curr_seq << 2)); 266 267 /* Now add on the final checksums. */ 268 iidev->xmitmsg[2] = ipmb_checksum(iidev->xmitmsg, 2); 269 iidev->xmitmsg[iidev->xmitlen] = 270 ipmb_checksum(iidev->xmitmsg + 3, iidev->xmitlen - 3); 271 iidev->xmitlen++; 272} 273 274static int ipmi_ipmb_thread(void *data) 275{ 276 struct ipmi_ipmb_dev *iidev = data; 277 278 while (!kthread_should_stop()) { 279 long ret; 280 struct i2c_msg i2c_msg; 281 struct ipmi_smi_msg *msg = NULL; 282 unsigned long flags; 283 unsigned int retries = 0; 284 285 /* Wait for a message to send */ 286 ret = down_interruptible(&iidev->wake_thread); 287 if (iidev->stopping) 288 break; 289 if (ret) 290 continue; 291 292 spin_lock_irqsave(&iidev->lock, flags); 293 if (iidev->next_msg) { 294 msg = iidev->next_msg; 295 iidev->next_msg = NULL; 296 } 297 spin_unlock_irqrestore(&iidev->lock, flags); 298 if (!msg) 299 continue; 300 301 ipmi_ipmb_format_for_xmit(iidev, msg); 302 303retry: 304 i2c_msg.len = iidev->xmitlen - 1; 305 if (i2c_msg.len > 32) { 306 ipmi_ipmb_send_response(iidev, msg, 307 IPMI_REQ_LEN_EXCEEDED_ERR); 308 continue; 309 } 310 311 i2c_msg.addr = iidev->xmitmsg[0] >> 1; 312 i2c_msg.flags = 0; 313 i2c_msg.buf = iidev->xmitmsg + 1; 314 315 /* Rely on i2c_transfer for a barrier. */ 316 iidev->working_msg = msg; 317 318 ret = i2c_transfer(iidev->client->adapter, &i2c_msg, 1); 319 320 if ((msg->data[0] >> 2) & 1) { 321 /* 322 * It's a response, nothing will be returned 323 * by the other end. 324 */ 325 326 iidev->working_msg = NULL; 327 ipmi_ipmb_send_response(iidev, msg, 328 ret < 0 ? IPMI_BUS_ERR : 0); 329 continue; 330 } 331 if (ret < 0) { 332 iidev->working_msg = NULL; 333 ipmi_ipmb_send_response(iidev, msg, IPMI_BUS_ERR); 334 continue; 335 } 336 337 /* A command was sent, wait for its response. */ 338 ret = down_timeout(&iidev->got_rsp, 339 msecs_to_jiffies(iidev->retry_time_ms)); 340 341 /* 342 * Grab the message if we can. If the handler hasn't 343 * already handled it, the message will still be there. 344 */ 345 spin_lock_irqsave(&iidev->lock, flags); 346 msg = iidev->working_msg; 347 iidev->working_msg = NULL; 348 spin_unlock_irqrestore(&iidev->lock, flags); 349 350 if (!msg && ret) { 351 /* 352 * If working_msg is not set and we timed out, 353 * that means the message grabbed by 354 * check_msg_done before we could grab it 355 * here. Wait again for check_msg_done to up 356 * the semaphore. 357 */ 358 down(&iidev->got_rsp); 359 } else if (msg && ++retries <= iidev->max_retries) { 360 spin_lock_irqsave(&iidev->lock, flags); 361 iidev->working_msg = msg; 362 spin_unlock_irqrestore(&iidev->lock, flags); 363 goto retry; 364 } 365 366 if (msg) 367 ipmi_ipmb_send_response(iidev, msg, IPMI_TIMEOUT_ERR); 368 } 369 370 if (iidev->next_msg) 371 /* Return an unspecified error. */ 372 ipmi_ipmb_send_response(iidev, iidev->next_msg, 0xff); 373 374 return 0; 375} 376 377static int ipmi_ipmb_start_processing(void *send_info, 378 struct ipmi_smi *new_intf) 379{ 380 struct ipmi_ipmb_dev *iidev = send_info; 381 382 iidev->intf = new_intf; 383 iidev->ready = true; 384 return 0; 385} 386 387static void ipmi_ipmb_stop_thread(struct ipmi_ipmb_dev *iidev) 388{ 389 if (iidev->thread) { 390 struct task_struct *t = iidev->thread; 391 392 iidev->thread = NULL; 393 iidev->stopping = true; 394 up(&iidev->wake_thread); 395 up(&iidev->got_rsp); 396 kthread_stop(t); 397 } 398} 399 400static void ipmi_ipmb_shutdown(void *send_info) 401{ 402 struct ipmi_ipmb_dev *iidev = send_info; 403 404 ipmi_ipmb_stop_thread(iidev); 405} 406 407static void ipmi_ipmb_sender(void *send_info, 408 struct ipmi_smi_msg *msg) 409{ 410 struct ipmi_ipmb_dev *iidev = send_info; 411 unsigned long flags; 412 413 spin_lock_irqsave(&iidev->lock, flags); 414 BUG_ON(iidev->next_msg); 415 416 iidev->next_msg = msg; 417 spin_unlock_irqrestore(&iidev->lock, flags); 418 419 up(&iidev->wake_thread); 420} 421 422static void ipmi_ipmb_request_events(void *send_info) 423{ 424 /* We don't fetch events here. */ 425} 426 427static int ipmi_ipmb_remove(struct i2c_client *client) 428{ 429 struct ipmi_ipmb_dev *iidev = i2c_get_clientdata(client); 430 431 if (iidev->slave) { 432 i2c_slave_unregister(iidev->slave); 433 if (iidev->slave != iidev->client) 434 i2c_unregister_device(iidev->slave); 435 } 436 iidev->slave = NULL; 437 iidev->client = NULL; 438 ipmi_ipmb_stop_thread(iidev); 439 440 ipmi_unregister_smi(iidev->intf); 441 442 return 0; 443} 444 445static int ipmi_ipmb_probe(struct i2c_client *client) 446{ 447 struct device *dev = &client->dev; 448 struct ipmi_ipmb_dev *iidev; 449 struct device_node *slave_np; 450 struct i2c_adapter *slave_adap = NULL; 451 struct i2c_client *slave = NULL; 452 int rv; 453 454 iidev = devm_kzalloc(&client->dev, sizeof(*iidev), GFP_KERNEL); 455 if (!iidev) 456 return -ENOMEM; 457 458 if (of_property_read_u8(dev->of_node, "bmcaddr", &iidev->bmcaddr) != 0) 459 iidev->bmcaddr = bmcaddr; 460 if (iidev->bmcaddr == 0 || iidev->bmcaddr & 1) { 461 /* Can't have the write bit set. */ 462 dev_notice(&client->dev, 463 "Invalid bmc address value %2.2x\n", iidev->bmcaddr); 464 return -EINVAL; 465 } 466 467 if (of_property_read_u32(dev->of_node, "retry-time", 468 &iidev->retry_time_ms) != 0) 469 iidev->retry_time_ms = retry_time_ms; 470 471 if (of_property_read_u32(dev->of_node, "max-retries", 472 &iidev->max_retries) != 0) 473 iidev->max_retries = max_retries; 474 475 slave_np = of_parse_phandle(dev->of_node, "slave-dev", 0); 476 if (slave_np) { 477 slave_adap = of_get_i2c_adapter_by_node(slave_np); 478 of_node_put(slave_np); 479 if (!slave_adap) { 480 dev_notice(&client->dev, 481 "Could not find slave adapter\n"); 482 return -EINVAL; 483 } 484 } 485 486 iidev->client = client; 487 488 if (slave_adap) { 489 struct i2c_board_info binfo; 490 491 memset(&binfo, 0, sizeof(binfo)); 492 strscpy(binfo.type, "ipmb-slave", I2C_NAME_SIZE); 493 binfo.addr = client->addr; 494 binfo.flags = I2C_CLIENT_SLAVE; 495 slave = i2c_new_client_device(slave_adap, &binfo); 496 i2c_put_adapter(slave_adap); 497 if (IS_ERR(slave)) { 498 rv = PTR_ERR(slave); 499 dev_notice(&client->dev, 500 "Could not allocate slave device: %d\n", rv); 501 return rv; 502 } 503 i2c_set_clientdata(slave, iidev); 504 } else { 505 slave = client; 506 } 507 i2c_set_clientdata(client, iidev); 508 slave->flags |= I2C_CLIENT_SLAVE; 509 510 rv = i2c_slave_register(slave, ipmi_ipmb_slave_cb); 511 if (rv) 512 goto out_err; 513 iidev->slave = slave; 514 slave = NULL; 515 516 iidev->handlers.flags = IPMI_SMI_CAN_HANDLE_IPMB_DIRECT; 517 iidev->handlers.start_processing = ipmi_ipmb_start_processing; 518 iidev->handlers.shutdown = ipmi_ipmb_shutdown; 519 iidev->handlers.sender = ipmi_ipmb_sender; 520 iidev->handlers.request_events = ipmi_ipmb_request_events; 521 522 spin_lock_init(&iidev->lock); 523 sema_init(&iidev->wake_thread, 0); 524 sema_init(&iidev->got_rsp, 0); 525 526 iidev->thread = kthread_run(ipmi_ipmb_thread, iidev, 527 "kipmb%4.4x", client->addr); 528 if (IS_ERR(iidev->thread)) { 529 rv = PTR_ERR(iidev->thread); 530 dev_notice(&client->dev, 531 "Could not start kernel thread: error %d\n", rv); 532 goto out_err; 533 } 534 535 rv = ipmi_register_smi(&iidev->handlers, 536 iidev, 537 &client->dev, 538 iidev->bmcaddr); 539 if (rv) 540 goto out_err; 541 542 return 0; 543 544out_err: 545 if (slave && slave != client) 546 i2c_unregister_device(slave); 547 ipmi_ipmb_remove(client); 548 return rv; 549} 550 551#ifdef CONFIG_OF 552static const struct of_device_id of_ipmi_ipmb_match[] = { 553 { .type = "ipmi", .compatible = DEVICE_NAME }, 554 {}, 555}; 556MODULE_DEVICE_TABLE(of, of_ipmi_ipmb_match); 557#else 558#define of_ipmi_ipmb_match NULL 559#endif 560 561static const struct i2c_device_id ipmi_ipmb_id[] = { 562 { DEVICE_NAME, 0 }, 563 {}, 564}; 565MODULE_DEVICE_TABLE(i2c, ipmi_ipmb_id); 566 567static struct i2c_driver ipmi_ipmb_driver = { 568 .class = I2C_CLASS_HWMON, 569 .driver = { 570 .name = DEVICE_NAME, 571 .of_match_table = of_ipmi_ipmb_match, 572 }, 573 .probe_new = ipmi_ipmb_probe, 574 .remove = ipmi_ipmb_remove, 575 .id_table = ipmi_ipmb_id, 576}; 577module_i2c_driver(ipmi_ipmb_driver); 578 579MODULE_AUTHOR("Corey Minyard"); 580MODULE_DESCRIPTION("IPMI IPMB driver"); 581MODULE_LICENSE("GPL v2");