char/ipmi/ipmi_ipmb.c

0001 // SPDX-License-Identifier: GPL-2.0
0002
0003 /*
0004  * Driver to talk to a remote management controller on IPMB.
0005  */
0006
0007 #include <linux/acpi.h>
0008 #include <linux/errno.h>
0009 #include <linux/i2c.h>
0010 #include <linux/miscdevice.h>
0011 #include <linux/module.h>
0012 #include <linux/mutex.h>
0013 #include <linux/poll.h>
0014 #include <linux/slab.h>
0015 #include <linux/spinlock.h>
0016 #include <linux/semaphore.h>
0017 #include <linux/kthread.h>
0018 #include <linux/wait.h>
0019 #include <linux/ipmi_msgdefs.h>
0020 #include <linux/ipmi_smi.h>
0021
0022 #define DEVICE_NAME "ipmi-ipmb"
0023
0024 static int bmcaddr = 0x20;
0025 module_param(bmcaddr, int, 0644);
0026 MODULE_PARM_DESC(bmcaddr, "Address to use for BMC.");
0027
0028 static unsigned int retry_time_ms = 250;
0029 module_param(retry_time_ms, uint, 0644);
0030 MODULE_PARM_DESC(max_retries, "Timeout time between retries, in milliseconds.");
0031
0032 static unsigned int max_retries = 1;
0033 module_param(max_retries, uint, 0644);
0034 MODULE_PARM_DESC(max_retries, "Max resends of a command before timing out.");
0035
0036 /* Add room for the two slave addresses, two checksums, and rqSeq. */
0037 #define IPMB_MAX_MSG_LEN (IPMI_MAX_MSG_LENGTH + 5)
0038
0039 struct ipmi_ipmb_dev {
0040     struct ipmi_smi *intf;
0041     struct i2c_client *client;
0042     struct i2c_client *slave;
0043
0044     struct ipmi_smi_handlers handlers;
0045
0046     bool ready;
0047
0048     u8 curr_seq;
0049
0050     u8 bmcaddr;
0051     u32 retry_time_ms;
0052     u32 max_retries;
0053
0054     struct ipmi_smi_msg *next_msg;
0055     struct ipmi_smi_msg *working_msg;
0056
0057     /* Transmit thread. */
0058     struct task_struct *thread;
0059     struct semaphore wake_thread;
0060     struct semaphore got_rsp;
0061     spinlock_t lock;
0062     bool stopping;
0063
0064     u8 xmitmsg[IPMB_MAX_MSG_LEN];
0065     unsigned int xmitlen;
0066
0067     u8 rcvmsg[IPMB_MAX_MSG_LEN];
0068     unsigned int rcvlen;
0069     bool overrun;
0070 };
0071
0072 static bool valid_ipmb(struct ipmi_ipmb_dev *iidev)
0073 {
0074     u8 *msg = iidev->rcvmsg;
0075     u8 netfn;
0076
0077     if (iidev->overrun)
0078         return false;
0079
0080     /* Minimum message size. */
0081     if (iidev->rcvlen < 7)
0082         return false;
0083
0084     /* Is it a response? */
0085     netfn = msg[1] >> 2;
0086     if (netfn & 1) {
0087         /* Response messages have an added completion code. */
0088         if (iidev->rcvlen < 8)
0089             return false;
0090     }
0091
0092     if (ipmb_checksum(msg, 3) != 0)
0093         return false;
0094     if (ipmb_checksum(msg + 3, iidev->rcvlen - 3) != 0)
0095         return false;
0096
0097     return true;
0098 }
0099
0100 static void ipmi_ipmb_check_msg_done(struct ipmi_ipmb_dev *iidev)
0101 {
0102     struct ipmi_smi_msg *imsg = NULL;
0103     u8 *msg = iidev->rcvmsg;
0104     bool is_cmd;
0105     unsigned long flags;
0106
0107     if (iidev->rcvlen == 0)
0108         return;
0109     if (!valid_ipmb(iidev))
0110         goto done;
0111
0112     is_cmd = ((msg[1] >> 2) & 1) == 0;
0113
0114     if (is_cmd) {
0115         /* Ignore commands until we are up. */
0116         if (!iidev->ready)
0117             goto done;
0118
0119         /* It's a command, allocate a message for it. */
0120         imsg = ipmi_alloc_smi_msg();
0121         if (!imsg)
0122             goto done;
0123         imsg->type = IPMI_SMI_MSG_TYPE_IPMB_DIRECT;
0124         imsg->data_size = 0;
0125     } else {
0126         spin_lock_irqsave(&iidev->lock, flags);
0127         if (iidev->working_msg) {
0128             u8 seq = msg[4] >> 2;
0129             bool xmit_rsp = (iidev->working_msg->data[0] >> 2) & 1;
0130
0131             /*
0132              * Responses should carry the sequence we sent
0133              * them with.  If it's a transmitted response,
0134              * ignore it.  And if the message hasn't been
0135              * transmitted, ignore it.
0136              */
0137             if (!xmit_rsp && seq == iidev->curr_seq) {
0138                 iidev->curr_seq = (iidev->curr_seq + 1) & 0x3f;
0139
0140                 imsg = iidev->working_msg;
0141                 iidev->working_msg = NULL;
0142             }
0143         }
0144         spin_unlock_irqrestore(&iidev->lock, flags);
0145     }
0146
0147     if (!imsg)
0148         goto done;
0149
0150     if (imsg->type == IPMI_SMI_MSG_TYPE_IPMB_DIRECT) {
0151         imsg->rsp[0] = msg[1]; /* NetFn/LUN */
0152         /*
0153          * Keep the source address, rqSeq.  Drop the trailing
0154          * checksum.
0155          */
0156         memcpy(imsg->rsp + 1, msg + 3, iidev->rcvlen - 4);
0157         imsg->rsp_size = iidev->rcvlen - 3;
0158     } else {
0159         imsg->rsp[0] = msg[1]; /* NetFn/LUN */
0160         /*
0161          * Skip the source address, rqSeq.  Drop the trailing
0162          * checksum.
0163          */
0164         memcpy(imsg->rsp + 1, msg + 5, iidev->rcvlen - 6);
0165         imsg->rsp_size = iidev->rcvlen - 5;
0166     }
0167     ipmi_smi_msg_received(iidev->intf, imsg);
0168     if (!is_cmd)
0169         up(&iidev->got_rsp);
0170
0171 done:
0172     iidev->overrun = false;
0173     iidev->rcvlen = 0;
0174 }
0175
0176 /*
0177  * The IPMB protocol only supports i2c writes so there is no need to
0178  * support I2C_SLAVE_READ* events, except to know if the other end has
0179  * issued a read without going to stop mode.
0180  */
0181 static int ipmi_ipmb_slave_cb(struct i2c_client *client,
0182                   enum i2c_slave_event event, u8 *val)
0183 {
0184     struct ipmi_ipmb_dev *iidev = i2c_get_clientdata(client);
0185
0186     switch (event) {
0187     case I2C_SLAVE_WRITE_REQUESTED:
0188         ipmi_ipmb_check_msg_done(iidev);
0189         /*
0190          * First byte is the slave address, to ease the checksum
0191          * calculation.
0192          */
0193         iidev->rcvmsg[0] = client->addr << 1;
0194         iidev->rcvlen = 1;
0195         break;
0196
0197     case I2C_SLAVE_WRITE_RECEIVED:
0198         if (iidev->rcvlen >= sizeof(iidev->rcvmsg))
0199             iidev->overrun = true;
0200         else
0201             iidev->rcvmsg[iidev->rcvlen++] = *val;
0202         break;
0203
0204     case I2C_SLAVE_READ_REQUESTED:
0205     case I2C_SLAVE_STOP:
0206         ipmi_ipmb_check_msg_done(iidev);
0207         break;
0208
0209     case I2C_SLAVE_READ_PROCESSED:
0210         break;
0211     }
0212
0213     return 0;
0214 }
0215
0216 static void ipmi_ipmb_send_response(struct ipmi_ipmb_dev *iidev,
0217                     struct ipmi_smi_msg *msg, u8 cc)
0218 {
0219     if ((msg->data[0] >> 2) & 1) {
0220         /*
0221          * It's a response being sent, we needto return a
0222          * response response.  Fake a send msg command
0223          * response with channel 0.  This will always be ipmb
0224          * direct.
0225          */
0226         msg->data[0] = (IPMI_NETFN_APP_REQUEST | 1) << 2;
0227         msg->data[3] = IPMI_SEND_MSG_CMD;
0228         msg->data[4] = cc;
0229         msg->data_size = 5;
0230     }
0231     msg->rsp[0] = msg->data[0] | (1 << 2);
0232     if (msg->type == IPMI_SMI_MSG_TYPE_IPMB_DIRECT) {
0233         msg->rsp[1] = msg->data[1];
0234         msg->rsp[2] = msg->data[2];
0235         msg->rsp[3] = msg->data[3];
0236         msg->rsp[4] = cc;
0237         msg->rsp_size = 5;
0238     } else {
0239         msg->rsp[1] = msg->data[1];
0240         msg->rsp[2] = cc;
0241         msg->rsp_size = 3;
0242     }
0243     ipmi_smi_msg_received(iidev->intf, msg);
0244 }
0245
0246 static void ipmi_ipmb_format_for_xmit(struct ipmi_ipmb_dev *iidev,
0247                       struct ipmi_smi_msg *msg)
0248 {
0249     if (msg->type == IPMI_SMI_MSG_TYPE_IPMB_DIRECT) {
0250         iidev->xmitmsg[0] = msg->data[1];
0251         iidev->xmitmsg[1] = msg->data[0];
0252         memcpy(iidev->xmitmsg + 4, msg->data + 2, msg->data_size - 2);
0253         iidev->xmitlen = msg->data_size + 2;
0254     } else {
0255         iidev->xmitmsg[0] = iidev->bmcaddr;
0256         iidev->xmitmsg[1] = msg->data[0];
0257         iidev->xmitmsg[4] = 0;
0258         memcpy(iidev->xmitmsg + 5, msg->data + 1, msg->data_size - 1);
0259         iidev->xmitlen = msg->data_size + 4;
0260     }
0261     iidev->xmitmsg[3] = iidev->slave->addr << 1;
0262     if (((msg->data[0] >> 2) & 1) == 0)
0263         /* If it's a command, put in our own sequence number. */
0264         iidev->xmitmsg[4] = ((iidev->xmitmsg[4] & 0x03) |
0265                      (iidev->curr_seq << 2));
0266
0267     /* Now add on the final checksums. */
0268     iidev->xmitmsg[2] = ipmb_checksum(iidev->xmitmsg, 2);
0269     iidev->xmitmsg[iidev->xmitlen] =
0270         ipmb_checksum(iidev->xmitmsg + 3, iidev->xmitlen - 3);
0271     iidev->xmitlen++;
0272 }
0273
0274 static int ipmi_ipmb_thread(void *data)
0275 {
0276     struct ipmi_ipmb_dev *iidev = data;
0277
0278     while (!kthread_should_stop()) {
0279         long ret;
0280         struct i2c_msg i2c_msg;
0281         struct ipmi_smi_msg *msg = NULL;
0282         unsigned long flags;
0283         unsigned int retries = 0;
0284
0285         /* Wait for a message to send */
0286         ret = down_interruptible(&iidev->wake_thread);
0287         if (iidev->stopping)
0288             break;
0289         if (ret)
0290             continue;
0291
0292         spin_lock_irqsave(&iidev->lock, flags);
0293         if (iidev->next_msg) {
0294             msg = iidev->next_msg;
0295             iidev->next_msg = NULL;
0296         }
0297         spin_unlock_irqrestore(&iidev->lock, flags);
0298         if (!msg)
0299             continue;
0300
0301         ipmi_ipmb_format_for_xmit(iidev, msg);
0302
0303 retry:
0304         i2c_msg.len = iidev->xmitlen - 1;
0305         if (i2c_msg.len > 32) {
0306             ipmi_ipmb_send_response(iidev, msg,
0307                         IPMI_REQ_LEN_EXCEEDED_ERR);
0308             continue;
0309         }
0310
0311         i2c_msg.addr = iidev->xmitmsg[0] >> 1;
0312         i2c_msg.flags = 0;
0313         i2c_msg.buf = iidev->xmitmsg + 1;
0314
0315         /* Rely on i2c_transfer for a barrier. */
0316         iidev->working_msg = msg;
0317
0318         ret = i2c_transfer(iidev->client->adapter, &i2c_msg, 1);
0319
0320         if ((msg->data[0] >> 2) & 1) {
0321             /*
0322              * It's a response, nothing will be returned
0323              * by the other end.
0324              */
0325
0326             iidev->working_msg = NULL;
0327             ipmi_ipmb_send_response(iidev, msg,
0328                         ret < 0 ? IPMI_BUS_ERR : 0);
0329             continue;
0330         }
0331         if (ret < 0) {
0332             iidev->working_msg = NULL;
0333             ipmi_ipmb_send_response(iidev, msg, IPMI_BUS_ERR);
0334             continue;
0335         }
0336
0337         /* A command was sent, wait for its response. */
0338         ret = down_timeout(&iidev->got_rsp,
0339                    msecs_to_jiffies(iidev->retry_time_ms));
0340
0341         /*
0342          * Grab the message if we can.  If the handler hasn't
0343          * already handled it, the message will still be there.
0344          */
0345         spin_lock_irqsave(&iidev->lock, flags);
0346         msg = iidev->working_msg;
0347         iidev->working_msg = NULL;
0348         spin_unlock_irqrestore(&iidev->lock, flags);
0349
0350         if (!msg && ret) {
0351             /*
0352              * If working_msg is not set and we timed out,
0353              * that means the message grabbed by
0354              * check_msg_done before we could grab it
0355              * here.  Wait again for check_msg_done to up
0356              * the semaphore.
0357              */
0358             down(&iidev->got_rsp);
0359         } else if (msg && ++retries <= iidev->max_retries) {
0360             spin_lock_irqsave(&iidev->lock, flags);
0361             iidev->working_msg = msg;
0362             spin_unlock_irqrestore(&iidev->lock, flags);
0363             goto retry;
0364         }
0365
0366         if (msg)
0367             ipmi_ipmb_send_response(iidev, msg, IPMI_TIMEOUT_ERR);
0368     }
0369
0370     if (iidev->next_msg)
0371         /* Return an unspecified error. */
0372         ipmi_ipmb_send_response(iidev, iidev->next_msg, 0xff);
0373
0374     return 0;
0375 }
0376
0377 static int ipmi_ipmb_start_processing(void *send_info,
0378                       struct ipmi_smi *new_intf)
0379 {
0380     struct ipmi_ipmb_dev *iidev = send_info;
0381
0382     iidev->intf = new_intf;
0383     iidev->ready = true;
0384     return 0;
0385 }
0386
0387 static void ipmi_ipmb_stop_thread(struct ipmi_ipmb_dev *iidev)
0388 {
0389     if (iidev->thread) {
0390         struct task_struct *t = iidev->thread;
0391
0392         iidev->thread = NULL;
0393         iidev->stopping = true;
0394         up(&iidev->wake_thread);
0395         up(&iidev->got_rsp);
0396         kthread_stop(t);
0397     }
0398 }
0399
0400 static void ipmi_ipmb_shutdown(void *send_info)
0401 {
0402     struct ipmi_ipmb_dev *iidev = send_info;
0403
0404     ipmi_ipmb_stop_thread(iidev);
0405 }
0406
0407 static void ipmi_ipmb_sender(void *send_info,
0408                  struct ipmi_smi_msg *msg)
0409 {
0410     struct ipmi_ipmb_dev *iidev = send_info;
0411     unsigned long flags;
0412
0413     spin_lock_irqsave(&iidev->lock, flags);
0414     BUG_ON(iidev->next_msg);
0415
0416     iidev->next_msg = msg;
0417     spin_unlock_irqrestore(&iidev->lock, flags);
0418
0419     up(&iidev->wake_thread);
0420 }
0421
0422 static void ipmi_ipmb_request_events(void *send_info)
0423 {
0424     /* We don't fetch events here. */
0425 }
0426
0427 static int ipmi_ipmb_remove(struct i2c_client *client)
0428 {
0429     struct ipmi_ipmb_dev *iidev = i2c_get_clientdata(client);
0430
0431     if (iidev->slave) {
0432         i2c_slave_unregister(iidev->slave);
0433         if (iidev->slave != iidev->client)
0434             i2c_unregister_device(iidev->slave);
0435     }
0436     iidev->slave = NULL;
0437     iidev->client = NULL;
0438     ipmi_ipmb_stop_thread(iidev);
0439
0440     ipmi_unregister_smi(iidev->intf);
0441
0442     return 0;
0443 }
0444
0445 static int ipmi_ipmb_probe(struct i2c_client *client)
0446 {
0447     struct device *dev = &client->dev;
0448     struct ipmi_ipmb_dev *iidev;
0449     struct device_node *slave_np;
0450     struct i2c_adapter *slave_adap = NULL;
0451     struct i2c_client *slave = NULL;
0452     int rv;
0453
0454     iidev = devm_kzalloc(&client->dev, sizeof(*iidev), GFP_KERNEL);
0455     if (!iidev)
0456         return -ENOMEM;
0457
0458     if (of_property_read_u8(dev->of_node, "bmcaddr", &iidev->bmcaddr) != 0)
0459         iidev->bmcaddr = bmcaddr;
0460     if (iidev->bmcaddr == 0 || iidev->bmcaddr & 1) {
0461         /* Can't have the write bit set. */
0462         dev_notice(&client->dev,
0463                "Invalid bmc address value %2.2x\n", iidev->bmcaddr);
0464         return -EINVAL;
0465     }
0466
0467     if (of_property_read_u32(dev->of_node, "retry-time",
0468                  &iidev->retry_time_ms) != 0)
0469         iidev->retry_time_ms = retry_time_ms;
0470
0471     if (of_property_read_u32(dev->of_node, "max-retries",
0472                  &iidev->max_retries) != 0)
0473         iidev->max_retries = max_retries;
0474
0475     slave_np = of_parse_phandle(dev->of_node, "slave-dev", 0);
0476     if (slave_np) {
0477         slave_adap = of_get_i2c_adapter_by_node(slave_np);
0478         of_node_put(slave_np);
0479         if (!slave_adap) {
0480             dev_notice(&client->dev,
0481                    "Could not find slave adapter\n");
0482             return -EINVAL;
0483         }
0484     }
0485
0486     iidev->client = client;
0487
0488     if (slave_adap) {
0489         struct i2c_board_info binfo;
0490
0491         memset(&binfo, 0, sizeof(binfo));
0492         strscpy(binfo.type, "ipmb-slave", I2C_NAME_SIZE);
0493         binfo.addr = client->addr;
0494         binfo.flags = I2C_CLIENT_SLAVE;
0495         slave = i2c_new_client_device(slave_adap, &binfo);
0496         i2c_put_adapter(slave_adap);
0497         if (IS_ERR(slave)) {
0498             rv = PTR_ERR(slave);
0499             dev_notice(&client->dev,
0500                    "Could not allocate slave device: %d\n", rv);
0501             return rv;
0502         }
0503         i2c_set_clientdata(slave, iidev);
0504     } else {
0505         slave = client;
0506     }
0507     i2c_set_clientdata(client, iidev);
0508     slave->flags |= I2C_CLIENT_SLAVE;
0509
0510     rv = i2c_slave_register(slave, ipmi_ipmb_slave_cb);
0511     if (rv)
0512         goto out_err;
0513     iidev->slave = slave;
0514     slave = NULL;
0515
0516     iidev->handlers.flags = IPMI_SMI_CAN_HANDLE_IPMB_DIRECT;
0517     iidev->handlers.start_processing = ipmi_ipmb_start_processing;
0518     iidev->handlers.shutdown = ipmi_ipmb_shutdown;
0519     iidev->handlers.sender = ipmi_ipmb_sender;
0520     iidev->handlers.request_events = ipmi_ipmb_request_events;
0521
0522     spin_lock_init(&iidev->lock);
0523     sema_init(&iidev->wake_thread, 0);
0524     sema_init(&iidev->got_rsp, 0);
0525
0526     iidev->thread = kthread_run(ipmi_ipmb_thread, iidev,
0527                     "kipmb%4.4x", client->addr);
0528     if (IS_ERR(iidev->thread)) {
0529         rv = PTR_ERR(iidev->thread);
0530         dev_notice(&client->dev,
0531                "Could not start kernel thread: error %d\n", rv);
0532         goto out_err;
0533     }
0534
0535     rv = ipmi_register_smi(&iidev->handlers,
0536                    iidev,
0537                    &client->dev,
0538                    iidev->bmcaddr);
0539     if (rv)
0540         goto out_err;
0541
0542     return 0;
0543
0544 out_err:
0545     if (slave && slave != client)
0546         i2c_unregister_device(slave);
0547     ipmi_ipmb_remove(client);
0548     return rv;
0549 }
0550
0551 #ifdef CONFIG_OF
0552 static const struct of_device_id of_ipmi_ipmb_match[] = {
0553     { .type = "ipmi", .compatible = DEVICE_NAME },
0554     {},
0555 };
0556 MODULE_DEVICE_TABLE(of, of_ipmi_ipmb_match);
0557 #else
0558 #define of_ipmi_ipmb_match NULL
0559 #endif
0560
0561 static const struct i2c_device_id ipmi_ipmb_id[] = {
0562     { DEVICE_NAME, 0 },
0563     {},
0564 };
0565 MODULE_DEVICE_TABLE(i2c, ipmi_ipmb_id);
0566
0567 static struct i2c_driver ipmi_ipmb_driver = {
0568     .class      = I2C_CLASS_HWMON,
0569     .driver = {
0570         .name = DEVICE_NAME,
0571         .of_match_table = of_ipmi_ipmb_match,
0572     },
0573     .probe_new  = ipmi_ipmb_probe,
0574     .remove     = ipmi_ipmb_remove,
0575     .id_table   = ipmi_ipmb_id,
0576 };
0577 module_i2c_driver(ipmi_ipmb_driver);
0578
0579 MODULE_AUTHOR("Corey Minyard");
0580 MODULE_DESCRIPTION("IPMI IPMB driver");
0581 MODULE_LICENSE("GPL v2");