FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-31 22:15:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'acpi-ipmi'

Browse Source 
* acpi-ipmi:
  ACPI / IPMI: Cleanup coding styles
  ACPI / IPMI: Cleanup some Kconfig codes
  ACPI / IPMI: Cleanup some inclusion codes
  ACPI / IPMI: Cleanup some initialization codes
  ACPI / IPMI: Cleanup several acpi_ipmi_device members
  ACPI / IPMI: Add reference counting for ACPI IPMI transfers
  ACPI / IPMI: Use global IPMI operation region handler
  ACPI / IPMI: Fix race caused by the unprotected ACPI IPMI user
  ACPI / IPMI: Fix race caused by the timed out ACPI IPMI transfers
  ACPI / IPMI: Fix race caused by the unprotected ACPI IPMI transfers
  ACPI / IPMI: Fix potential response buffer overflow
This commit is contained in:
Rafael J. Wysocki 2013-10-28 01:15:55 +01:00
commit c0ced86d38
2 changed files with 366 additions and 233 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
drivers/acpi/Kconfig
View File

@ -158,9 +158,10 @@ config ACPI_PROCESSOR
To compile this driver as a module, choose M here: To compile this driver as a module, choose M here:
the module will be called processor. the module will be called processor.
config ACPI_IPMI config ACPI_IPMI
tristate "IPMI" tristate "IPMI"
depends on IPMI_SI && IPMI_HANDLER depends on IPMI_SI
default n default n
help help
This driver enables the ACPI to access the BMC controller. And it This driver enables the ACPI to access the BMC controller. And it

596
drivers/acpi/acpi_ipmi.c
View File

@ -1,8 +1,9 @@
/* /*
* acpi_ipmi.c - ACPI IPMI opregion * acpi_ipmi.c - ACPI IPMI opregion
* *
* Copyright (C) 2010 Intel Corporation * Copyright (C) 2010, 2013 Intel Corporation
* Copyright (C) 2010 Zhao Yakui <yakui.zhao@intel.com> * Author: Zhao Yakui <yakui.zhao@intel.com>
* Lv Zheng <lv.zheng@intel.com>
* *
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* *
@ -23,60 +24,58 @@
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*/ */
#include <linux/kernel.h>
#include <linux/module.h> #include <linux/module.h>
#include <linux/init.h> #include <linux/acpi.h>
#include <linux/types.h>
#include <linux/delay.h>
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
#include <linux/interrupt.h>
#include <linux/list.h>
#include <linux/spinlock.h>
#include <linux/io.h>
#include <acpi/acpi_bus.h>
#include <acpi/acpi_drivers.h>
#include <linux/ipmi.h> #include <linux/ipmi.h>
#include <linux/device.h>
#include <linux/pnp.h>
#include <linux/spinlock.h> #include <linux/spinlock.h>
MODULE_AUTHOR("Zhao Yakui"); MODULE_AUTHOR("Zhao Yakui");
MODULE_DESCRIPTION("ACPI IPMI Opregion driver"); MODULE_DESCRIPTION("ACPI IPMI Opregion driver");
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
#define IPMI_FLAGS_HANDLER_INSTALL 0
#define ACPI_IPMI_OK 0 #define ACPI_IPMI_OK 0
#define ACPI_IPMI_TIMEOUT 0x10 #define ACPI_IPMI_TIMEOUT 0x10
#define ACPI_IPMI_UNKNOWN 0x07 #define ACPI_IPMI_UNKNOWN 0x07
/* the IPMI timeout is 5s */ /* the IPMI timeout is 5s */
#define IPMI_TIMEOUT (5 * HZ) #define IPMI_TIMEOUT (5000)
#define ACPI_IPMI_MAX_MSG_LENGTH 64
struct acpi_ipmi_device { struct acpi_ipmi_device {
/* the device list attached to driver_data.ipmi_devices */ /* the device list attached to driver_data.ipmi_devices */
struct list_head head; struct list_head head;
/* the IPMI request message list */ /* the IPMI request message list */
struct list_head tx_msg_list; struct list_head tx_msg_list;
spinlock_t tx_msg_lock;
spinlock_t tx_msg_lock;
acpi_handle handle; acpi_handle handle;
struct pnp_dev *pnp_dev; struct device *dev;
ipmi_user_t user_interface; ipmi_user_t user_interface;
int ipmi_ifnum; /* IPMI interface number */ int ipmi_ifnum; /* IPMI interface number */
long curr_msgid; long curr_msgid;
unsigned long flags; bool dead;
struct ipmi_smi_info smi_data; struct kref kref;
}; };
struct ipmi_driver_data { struct ipmi_driver_data {
struct list_head ipmi_devices; struct list_head ipmi_devices;
struct ipmi_smi_watcher bmc_events; struct ipmi_smi_watcher bmc_events;
struct ipmi_user_hndl ipmi_hndlrs; struct ipmi_user_hndl ipmi_hndlrs;
struct mutex ipmi_lock; struct mutex ipmi_lock;
/*
* NOTE: IPMI System Interface Selection
* There is no system interface specified by the IPMI operation
* region access. We try to select one system interface with ACPI
* handle set. IPMI messages passed from the ACPI codes are sent
* to this selected global IPMI system interface.
*/
struct acpi_ipmi_device *selected_smi;
}; };
struct acpi_ipmi_msg { struct acpi_ipmi_msg {
struct list_head head; struct list_head head;
/* /*
* General speaking the addr type should be SI_ADDR_TYPE. And * General speaking the addr type should be SI_ADDR_TYPE. And
* the addr channel should be BMC. * the addr channel should be BMC.
@ -86,30 +85,31 @@ struct acpi_ipmi_msg {
*/ */
struct ipmi_addr addr; struct ipmi_addr addr;
long tx_msgid; long tx_msgid;
/* it is used to track whether the IPMI message is finished */ /* it is used to track whether the IPMI message is finished */
struct completion tx_complete; struct completion tx_complete;
struct kernel_ipmi_msg tx_message; struct kernel_ipmi_msg tx_message;
int msg_done; int msg_done;
/* tx data . And copy it from ACPI object buffer */
u8 tx_data[64]; /* tx/rx data . And copy it from/to ACPI object buffer */
int tx_len; u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
u8 rx_data[64]; u8 rx_len;
int rx_len;
struct acpi_ipmi_device *device; struct acpi_ipmi_device *device;
struct kref kref;
}; };
/* IPMI request/response buffer per ACPI 4.0, sec 5.5.2.4.3.2 */ /* IPMI request/response buffer per ACPI 4.0, sec 5.5.2.4.3.2 */
struct acpi_ipmi_buffer { struct acpi_ipmi_buffer {
u8 status; u8 status;
u8 length; u8 length;
u8 data[64]; u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
}; };
static void ipmi_register_bmc(int iface, struct device *dev); static void ipmi_register_bmc(int iface, struct device *dev);
static void ipmi_bmc_gone(int iface); static void ipmi_bmc_gone(int iface);
static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data); static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data);
static void acpi_add_ipmi_device(struct acpi_ipmi_device *ipmi_device);
static void acpi_remove_ipmi_device(struct acpi_ipmi_device *ipmi_device);
static struct ipmi_driver_data driver_data = { static struct ipmi_driver_data driver_data = {
.ipmi_devices = LIST_HEAD_INIT(driver_data.ipmi_devices), .ipmi_devices = LIST_HEAD_INIT(driver_data.ipmi_devices),
@ -121,29 +121,142 @@ static struct ipmi_driver_data driver_data = {
.ipmi_hndlrs = { .ipmi_hndlrs = {
.ipmi_recv_hndl = ipmi_msg_handler, .ipmi_recv_hndl = ipmi_msg_handler,
}, },
.ipmi_lock = __MUTEX_INITIALIZER(driver_data.ipmi_lock)
}; };
static struct acpi_ipmi_msg *acpi_alloc_ipmi_msg(struct acpi_ipmi_device *ipmi) static struct acpi_ipmi_device *
ipmi_dev_alloc(int iface, struct device *dev, acpi_handle handle)
{ {
struct acpi_ipmi_msg *ipmi_msg; struct acpi_ipmi_device *ipmi_device;
struct pnp_dev *pnp_dev = ipmi->pnp_dev; int err;
ipmi_user_t user;
ipmi_msg = kzalloc(sizeof(struct acpi_ipmi_msg), GFP_KERNEL); ipmi_device = kzalloc(sizeof(*ipmi_device), GFP_KERNEL);
if (!ipmi_msg) { if (!ipmi_device)
dev_warn(&pnp_dev->dev, "Can't allocate memory for ipmi_msg\n"); return NULL;
kref_init(&ipmi_device->kref);
INIT_LIST_HEAD(&ipmi_device->head);
INIT_LIST_HEAD(&ipmi_device->tx_msg_list);
spin_lock_init(&ipmi_device->tx_msg_lock);
ipmi_device->handle = handle;
ipmi_device->dev = get_device(dev);
ipmi_device->ipmi_ifnum = iface;
err = ipmi_create_user(iface, &driver_data.ipmi_hndlrs,
ipmi_device, &user);
if (err) {
put_device(dev);
kfree(ipmi_device);
return NULL; return NULL;
} }
ipmi_device->user_interface = user;
return ipmi_device;
}
static void ipmi_dev_release(struct acpi_ipmi_device *ipmi_device)
{
ipmi_destroy_user(ipmi_device->user_interface);
put_device(ipmi_device->dev);
kfree(ipmi_device);
}
static void ipmi_dev_release_kref(struct kref *kref)
{
struct acpi_ipmi_device *ipmi =
container_of(kref, struct acpi_ipmi_device, kref);
ipmi_dev_release(ipmi);
}
static void __ipmi_dev_kill(struct acpi_ipmi_device *ipmi_device)
{
list_del(&ipmi_device->head);
if (driver_data.selected_smi == ipmi_device)
driver_data.selected_smi = NULL;
/*
* Always setting dead flag after deleting from the list or
* list_for_each_entry() codes must get changed.
*/
ipmi_device->dead = true;
}
static struct acpi_ipmi_device *acpi_ipmi_dev_get(void)
{
struct acpi_ipmi_device *ipmi_device = NULL;
mutex_lock(&driver_data.ipmi_lock);
if (driver_data.selected_smi) {
ipmi_device = driver_data.selected_smi;
kref_get(&ipmi_device->kref);
}
mutex_unlock(&driver_data.ipmi_lock);
return ipmi_device;
}
static void acpi_ipmi_dev_put(struct acpi_ipmi_device *ipmi_device)
{
kref_put(&ipmi_device->kref, ipmi_dev_release_kref);
}
static struct acpi_ipmi_msg *ipmi_msg_alloc(void)
{
struct acpi_ipmi_device *ipmi;
struct acpi_ipmi_msg *ipmi_msg;
ipmi = acpi_ipmi_dev_get();
if (!ipmi)
return NULL;
ipmi_msg = kzalloc(sizeof(struct acpi_ipmi_msg), GFP_KERNEL);
if (!ipmi_msg) {
acpi_ipmi_dev_put(ipmi);
return NULL;
}
kref_init(&ipmi_msg->kref);
init_completion(&ipmi_msg->tx_complete); init_completion(&ipmi_msg->tx_complete);
INIT_LIST_HEAD(&ipmi_msg->head); INIT_LIST_HEAD(&ipmi_msg->head);
ipmi_msg->device = ipmi; ipmi_msg->device = ipmi;
ipmi_msg->msg_done = ACPI_IPMI_UNKNOWN;
return ipmi_msg; return ipmi_msg;
} }
#define IPMI_OP_RGN_NETFN(offset) ((offset >> 8) & 0xff) static void ipmi_msg_release(struct acpi_ipmi_msg *tx_msg)
#define IPMI_OP_RGN_CMD(offset) (offset & 0xff) {
static void acpi_format_ipmi_msg(struct acpi_ipmi_msg *tx_msg, acpi_ipmi_dev_put(tx_msg->device);
acpi_physical_address address, kfree(tx_msg);
acpi_integer *value) }
static void ipmi_msg_release_kref(struct kref *kref)
{
struct acpi_ipmi_msg *tx_msg =
container_of(kref, struct acpi_ipmi_msg, kref);
ipmi_msg_release(tx_msg);
}
static struct acpi_ipmi_msg *acpi_ipmi_msg_get(struct acpi_ipmi_msg *tx_msg)
{
kref_get(&tx_msg->kref);
return tx_msg;
}
static void acpi_ipmi_msg_put(struct acpi_ipmi_msg *tx_msg)
{
kref_put(&tx_msg->kref, ipmi_msg_release_kref);
}
#define IPMI_OP_RGN_NETFN(offset) ((offset >> 8) & 0xff)
#define IPMI_OP_RGN_CMD(offset) (offset & 0xff)
static int acpi_format_ipmi_request(struct acpi_ipmi_msg *tx_msg,
acpi_physical_address address,
acpi_integer *value)
{ {
struct kernel_ipmi_msg *msg; struct kernel_ipmi_msg *msg;
struct acpi_ipmi_buffer *buffer; struct acpi_ipmi_buffer *buffer;
@ -151,21 +264,31 @@ static void acpi_format_ipmi_msg(struct acpi_ipmi_msg *tx_msg,
unsigned long flags; unsigned long flags;
msg = &tx_msg->tx_message; msg = &tx_msg->tx_message;
/* /*
* IPMI network function and command are encoded in the address * IPMI network function and command are encoded in the address
* within the IPMI OpRegion; see ACPI 4.0, sec 5.5.2.4.3. * within the IPMI OpRegion; see ACPI 4.0, sec 5.5.2.4.3.
*/ */
msg->netfn = IPMI_OP_RGN_NETFN(address); msg->netfn = IPMI_OP_RGN_NETFN(address);
msg->cmd = IPMI_OP_RGN_CMD(address); msg->cmd = IPMI_OP_RGN_CMD(address);
msg->data = tx_msg->tx_data; msg->data = tx_msg->data;
/* /*
* value is the parameter passed by the IPMI opregion space handler. * value is the parameter passed by the IPMI opregion space handler.
* It points to the IPMI request message buffer * It points to the IPMI request message buffer
*/ */
buffer = (struct acpi_ipmi_buffer *)value; buffer = (struct acpi_ipmi_buffer *)value;
/* copy the tx message data */ /* copy the tx message data */
if (buffer->length > ACPI_IPMI_MAX_MSG_LENGTH) {
dev_WARN_ONCE(tx_msg->device->dev, true,
"Unexpected request (msg len %d).\n",
buffer->length);
return -EINVAL;
}
msg->data_len = buffer->length; msg->data_len = buffer->length;
memcpy(tx_msg->tx_data, buffer->data, msg->data_len); memcpy(tx_msg->data, buffer->data, msg->data_len);
/* /*
* now the default type is SYSTEM_INTERFACE and channel type is BMC. * now the default type is SYSTEM_INTERFACE and channel type is BMC.
* If the netfn is APP_REQUEST and the cmd is SEND_MESSAGE, * If the netfn is APP_REQUEST and the cmd is SEND_MESSAGE,
@ -179,14 +302,17 @@ static void acpi_format_ipmi_msg(struct acpi_ipmi_msg *tx_msg,
/* Get the msgid */ /* Get the msgid */
device = tx_msg->device; device = tx_msg->device;
spin_lock_irqsave(&device->tx_msg_lock, flags); spin_lock_irqsave(&device->tx_msg_lock, flags);
device->curr_msgid++; device->curr_msgid++;
tx_msg->tx_msgid = device->curr_msgid; tx_msg->tx_msgid = device->curr_msgid;
spin_unlock_irqrestore(&device->tx_msg_lock, flags); spin_unlock_irqrestore(&device->tx_msg_lock, flags);
return 0;
} }
static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg, static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg,
acpi_integer *value, int rem_time) acpi_integer *value)
{ {
struct acpi_ipmi_buffer *buffer; struct acpi_ipmi_buffer *buffer;
@ -195,110 +321,158 @@ static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg,
* IPMI message returned by IPMI command. * IPMI message returned by IPMI command.
*/ */
buffer = (struct acpi_ipmi_buffer *)value; buffer = (struct acpi_ipmi_buffer *)value;
if (!rem_time && !msg->msg_done) {
buffer->status = ACPI_IPMI_TIMEOUT;
return;
}
/* /*
* If the flag of msg_done is not set or the recv length is zero, it * If the flag of msg_done is not set, it means that the IPMI command is
* means that the IPMI command is not executed correctly. * not executed correctly.
* The status code will be ACPI_IPMI_UNKNOWN.
*/ */
if (!msg->msg_done || !msg->rx_len) { buffer->status = msg->msg_done;
buffer->status = ACPI_IPMI_UNKNOWN; if (msg->msg_done != ACPI_IPMI_OK)
return; return;
}
/* /*
* If the IPMI response message is obtained correctly, the status code * If the IPMI response message is obtained correctly, the status code
* will be ACPI_IPMI_OK * will be ACPI_IPMI_OK
*/ */
buffer->status = ACPI_IPMI_OK;
buffer->length = msg->rx_len; buffer->length = msg->rx_len;
memcpy(buffer->data, msg->rx_data, msg->rx_len); memcpy(buffer->data, msg->data, msg->rx_len);
} }
static void ipmi_flush_tx_msg(struct acpi_ipmi_device *ipmi) static void ipmi_flush_tx_msg(struct acpi_ipmi_device *ipmi)
{ {
struct acpi_ipmi_msg *tx_msg, *temp; struct acpi_ipmi_msg *tx_msg;
int count = HZ / 10; unsigned long flags;
struct pnp_dev *pnp_dev = ipmi->pnp_dev;
/*
* NOTE: On-going ipmi_recv_msg
* ipmi_msg_handler() may still be invoked by ipmi_si after
* flushing. But it is safe to do a fast flushing on module_exit()
* without waiting for all ipmi_recv_msg(s) to complete from
* ipmi_msg_handler() as it is ensured by ipmi_si that all
* ipmi_recv_msg(s) are freed after invoking ipmi_destroy_user().
*/
spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
while (!list_empty(&ipmi->tx_msg_list)) {
tx_msg = list_first_entry(&ipmi->tx_msg_list,
struct acpi_ipmi_msg,
head);
list_del(&tx_msg->head);
spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
list_for_each_entry_safe(tx_msg, temp, &ipmi->tx_msg_list, head) {
/* wake up the sleep thread on the Tx msg */ /* wake up the sleep thread on the Tx msg */
complete(&tx_msg->tx_complete); complete(&tx_msg->tx_complete);
acpi_ipmi_msg_put(tx_msg);
spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
} }
spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
}
/* wait for about 100ms to flush the tx message list */ static void ipmi_cancel_tx_msg(struct acpi_ipmi_device *ipmi,
while (count--) { struct acpi_ipmi_msg *msg)
if (list_empty(&ipmi->tx_msg_list)) {
struct acpi_ipmi_msg *tx_msg, *temp;
bool msg_found = false;
unsigned long flags;
spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
list_for_each_entry_safe(tx_msg, temp, &ipmi->tx_msg_list, head) {
if (msg == tx_msg) {
msg_found = true;
list_del(&tx_msg->head);
break; break;
schedule_timeout(1); }
} }
if (!list_empty(&ipmi->tx_msg_list)) spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
dev_warn(&pnp_dev->dev, "tx msg list is not NULL\n");
if (msg_found)
acpi_ipmi_msg_put(tx_msg);
} }
static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data) static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data)
{ {
struct acpi_ipmi_device *ipmi_device = user_msg_data; struct acpi_ipmi_device *ipmi_device = user_msg_data;
int msg_found = 0; bool msg_found = false;
struct acpi_ipmi_msg *tx_msg; struct acpi_ipmi_msg *tx_msg, *temp;
struct pnp_dev *pnp_dev = ipmi_device->pnp_dev; struct device *dev = ipmi_device->dev;
unsigned long flags; unsigned long flags;
if (msg->user != ipmi_device->user_interface) { if (msg->user != ipmi_device->user_interface) {
dev_warn(&pnp_dev->dev, "Unexpected response is returned. " dev_warn(dev,
"returned user %p, expected user %p\n", "Unexpected response is returned. returned user %p, expected user %p\n",
msg->user, ipmi_device->user_interface); msg->user, ipmi_device->user_interface);
ipmi_free_recv_msg(msg); goto out_msg;
return;
} }
spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags); spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
list_for_each_entry(tx_msg, &ipmi_device->tx_msg_list, head) { list_for_each_entry_safe(tx_msg, temp, &ipmi_device->tx_msg_list, head) {
if (msg->msgid == tx_msg->tx_msgid) { if (msg->msgid == tx_msg->tx_msgid) {
msg_found = 1; msg_found = true;
list_del(&tx_msg->head);
break; break;
} }
} }
spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags); spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
if (!msg_found) { if (!msg_found) {
dev_warn(&pnp_dev->dev, "Unexpected response (msg id %ld) is " dev_warn(dev,
"returned.\n", msg->msgid); "Unexpected response (msg id %ld) is returned.\n",
ipmi_free_recv_msg(msg); msg->msgid);
return; goto out_msg;
} }
if (msg->msg.data_len) { /* copy the response data to Rx_data buffer */
/* copy the response data to Rx_data buffer */ if (msg->msg.data_len > ACPI_IPMI_MAX_MSG_LENGTH) {
memcpy(tx_msg->rx_data, msg->msg_data, msg->msg.data_len); dev_WARN_ONCE(dev, true,
tx_msg->rx_len = msg->msg.data_len; "Unexpected response (msg len %d).\n",
tx_msg->msg_done = 1; msg->msg.data_len);
goto out_comp;
} }
/* response msg is an error msg */
msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
if (msg->recv_type == IPMI_RESPONSE_RECV_TYPE &&
msg->msg.data_len == 1) {
if (msg->msg.data[0] == IPMI_TIMEOUT_COMPLETION_CODE) {
dev_WARN_ONCE(dev, true,
"Unexpected response (timeout).\n");
tx_msg->msg_done = ACPI_IPMI_TIMEOUT;
}
goto out_comp;
}
tx_msg->rx_len = msg->msg.data_len;
memcpy(tx_msg->data, msg->msg.data, tx_msg->rx_len);
tx_msg->msg_done = ACPI_IPMI_OK;
out_comp:
complete(&tx_msg->tx_complete); complete(&tx_msg->tx_complete);
acpi_ipmi_msg_put(tx_msg);
out_msg:
ipmi_free_recv_msg(msg); ipmi_free_recv_msg(msg);
}; }
static void ipmi_register_bmc(int iface, struct device *dev) static void ipmi_register_bmc(int iface, struct device *dev)
{ {
struct acpi_ipmi_device *ipmi_device, *temp; struct acpi_ipmi_device *ipmi_device, *temp;
struct pnp_dev *pnp_dev;
ipmi_user_t user;
int err; int err;
struct ipmi_smi_info smi_data; struct ipmi_smi_info smi_data;
acpi_handle handle; acpi_handle handle;
err = ipmi_get_smi_info(iface, &smi_data); err = ipmi_get_smi_info(iface, &smi_data);
if (err) if (err)
return; return;
if (smi_data.addr_src != SI_ACPI) { if (smi_data.addr_src != SI_ACPI)
put_device(smi_data.dev); goto err_ref;
return;
}
handle = smi_data.addr_info.acpi_info.acpi_handle; handle = smi_data.addr_info.acpi_info.acpi_handle;
if (!handle)
goto err_ref;
ipmi_device = ipmi_dev_alloc(iface, smi_data.dev, handle);
if (!ipmi_device) {
dev_warn(smi_data.dev, "Can't create IPMI user interface\n");
goto err_ref;
}
mutex_lock(&driver_data.ipmi_lock); mutex_lock(&driver_data.ipmi_lock);
list_for_each_entry(temp, &driver_data.ipmi_devices, head) { list_for_each_entry(temp, &driver_data.ipmi_devices, head) {
@ -307,34 +481,20 @@ static void ipmi_register_bmc(int iface, struct device *dev)
* to the device list, don't add it again. * to the device list, don't add it again.
*/ */
if (temp->handle == handle) if (temp->handle == handle)
goto out; goto err_lock;
} }
if (!driver_data.selected_smi)
ipmi_device = kzalloc(sizeof(*ipmi_device), GFP_KERNEL); driver_data.selected_smi = ipmi_device;
list_add_tail(&ipmi_device->head, &driver_data.ipmi_devices);
if (!ipmi_device)
goto out;
pnp_dev = to_pnp_dev(smi_data.dev);
ipmi_device->handle = handle;
ipmi_device->pnp_dev = pnp_dev;
err = ipmi_create_user(iface, &driver_data.ipmi_hndlrs,
ipmi_device, &user);
if (err) {
dev_warn(&pnp_dev->dev, "Can't create IPMI user interface\n");
kfree(ipmi_device);
goto out;
}
acpi_add_ipmi_device(ipmi_device);
ipmi_device->user_interface = user;
ipmi_device->ipmi_ifnum = iface;
mutex_unlock(&driver_data.ipmi_lock); mutex_unlock(&driver_data.ipmi_lock);
memcpy(&ipmi_device->smi_data, &smi_data, sizeof(struct ipmi_smi_info));
put_device(smi_data.dev);
return; return;
out: err_lock:
mutex_unlock(&driver_data.ipmi_lock); mutex_unlock(&driver_data.ipmi_lock);
ipmi_dev_release(ipmi_device);
err_ref:
put_device(smi_data.dev); put_device(smi_data.dev);
return; return;
} }
@ -342,23 +502,29 @@ out:
static void ipmi_bmc_gone(int iface) static void ipmi_bmc_gone(int iface)
{ {
struct acpi_ipmi_device *ipmi_device, *temp; struct acpi_ipmi_device *ipmi_device, *temp;
bool dev_found = false;
mutex_lock(&driver_data.ipmi_lock); mutex_lock(&driver_data.ipmi_lock);
list_for_each_entry_safe(ipmi_device, temp, list_for_each_entry_safe(ipmi_device, temp,
&driver_data.ipmi_devices, head) { &driver_data.ipmi_devices, head) {
if (ipmi_device->ipmi_ifnum != iface) if (ipmi_device->ipmi_ifnum != iface) {
continue; dev_found = true;
__ipmi_dev_kill(ipmi_device);
acpi_remove_ipmi_device(ipmi_device); break;
put_device(ipmi_device->smi_data.dev); }
kfree(ipmi_device);
break;
} }
if (!driver_data.selected_smi)
driver_data.selected_smi = list_first_entry_or_null(
&driver_data.ipmi_devices,
struct acpi_ipmi_device, head);
mutex_unlock(&driver_data.ipmi_lock); mutex_unlock(&driver_data.ipmi_lock);
if (dev_found) {
ipmi_flush_tx_msg(ipmi_device);
acpi_ipmi_dev_put(ipmi_device);
}
} }
/* --------------------------------------------------------------------------
* Address Space Management
* -------------------------------------------------------------------------- */
/* /*
* This is the IPMI opregion space handler. * This is the IPMI opregion space handler.
* @function: indicates the read/write. In fact as the IPMI message is driven * @function: indicates the read/write. In fact as the IPMI message is driven
@ -371,17 +537,17 @@ static void ipmi_bmc_gone(int iface)
* the response IPMI message returned by IPMI command. * the response IPMI message returned by IPMI command.
* @handler_context: IPMI device context. * @handler_context: IPMI device context.
*/ */
static acpi_status static acpi_status
acpi_ipmi_space_handler(u32 function, acpi_physical_address address, acpi_ipmi_space_handler(u32 function, acpi_physical_address address,
u32 bits, acpi_integer *value, u32 bits, acpi_integer *value,
void *handler_context, void *region_context) void *handler_context, void *region_context)
{ {
struct acpi_ipmi_msg *tx_msg; struct acpi_ipmi_msg *tx_msg;
struct acpi_ipmi_device *ipmi_device = handler_context; struct acpi_ipmi_device *ipmi_device;
int err, rem_time; int err;
acpi_status status; acpi_status status;
unsigned long flags; unsigned long flags;
/* /*
* IPMI opregion message. * IPMI opregion message.
* IPMI message is firstly written to the BMC and system software * IPMI message is firstly written to the BMC and system software
@ -391,118 +557,75 @@ acpi_ipmi_space_handler(u32 function, acpi_physical_address address,
if ((function & ACPI_IO_MASK) == ACPI_READ) if ((function & ACPI_IO_MASK) == ACPI_READ)
return AE_TYPE; return AE_TYPE;
if (!ipmi_device->user_interface) tx_msg = ipmi_msg_alloc();
return AE_NOT_EXIST;
tx_msg = acpi_alloc_ipmi_msg(ipmi_device);
if (!tx_msg) if (!tx_msg)
return AE_NO_MEMORY; return AE_NOT_EXIST;
ipmi_device = tx_msg->device;
acpi_format_ipmi_msg(tx_msg, address, value); if (acpi_format_ipmi_request(tx_msg, address, value) != 0) {
ipmi_msg_release(tx_msg);
return AE_TYPE;
}
acpi_ipmi_msg_get(tx_msg);
mutex_lock(&driver_data.ipmi_lock);
/* Do not add a tx_msg that can not be flushed. */
if (ipmi_device->dead) {
mutex_unlock(&driver_data.ipmi_lock);
ipmi_msg_release(tx_msg);
return AE_NOT_EXIST;
}
spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags); spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
list_add_tail(&tx_msg->head, &ipmi_device->tx_msg_list); list_add_tail(&tx_msg->head, &ipmi_device->tx_msg_list);
spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags); spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
mutex_unlock(&driver_data.ipmi_lock);
err = ipmi_request_settime(ipmi_device->user_interface, err = ipmi_request_settime(ipmi_device->user_interface,
&tx_msg->addr, &tx_msg->addr,
tx_msg->tx_msgid, tx_msg->tx_msgid,
&tx_msg->tx_message, &tx_msg->tx_message,
NULL, 0, 0, 0); NULL, 0, 0, IPMI_TIMEOUT);
if (err) { if (err) {
status = AE_ERROR; status = AE_ERROR;
goto end_label; goto out_msg;
} }
rem_time = wait_for_completion_timeout(&tx_msg->tx_complete, wait_for_completion(&tx_msg->tx_complete);
IPMI_TIMEOUT);
acpi_format_ipmi_response(tx_msg, value, rem_time); acpi_format_ipmi_response(tx_msg, value);
status = AE_OK; status = AE_OK;
end_label: out_msg:
spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags); ipmi_cancel_tx_msg(ipmi_device, tx_msg);
list_del(&tx_msg->head); acpi_ipmi_msg_put(tx_msg);
spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
kfree(tx_msg);
return status; return status;
} }
static void ipmi_remove_space_handler(struct acpi_ipmi_device *ipmi)
{
if (!test_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags))
return;
acpi_remove_address_space_handler(ipmi->handle,
ACPI_ADR_SPACE_IPMI, &acpi_ipmi_space_handler);
clear_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags);
}
static int ipmi_install_space_handler(struct acpi_ipmi_device *ipmi)
{
acpi_status status;
if (test_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags))
return 0;
status = acpi_install_address_space_handler(ipmi->handle,
ACPI_ADR_SPACE_IPMI,
&acpi_ipmi_space_handler,
NULL, ipmi);
if (ACPI_FAILURE(status)) {
struct pnp_dev *pnp_dev = ipmi->pnp_dev;
dev_warn(&pnp_dev->dev, "Can't register IPMI opregion space "
"handle\n");
return -EINVAL;
}
set_bit(IPMI_FLAGS_HANDLER_INSTALL, &ipmi->flags);
return 0;
}
static void acpi_add_ipmi_device(struct acpi_ipmi_device *ipmi_device)
{
INIT_LIST_HEAD(&ipmi_device->head);
spin_lock_init(&ipmi_device->tx_msg_lock);
INIT_LIST_HEAD(&ipmi_device->tx_msg_list);
ipmi_install_space_handler(ipmi_device);
list_add_tail(&ipmi_device->head, &driver_data.ipmi_devices);
}
static void acpi_remove_ipmi_device(struct acpi_ipmi_device *ipmi_device)
{
/*
* If the IPMI user interface is created, it should be
* destroyed.
*/
if (ipmi_device->user_interface) {
ipmi_destroy_user(ipmi_device->user_interface);
ipmi_device->user_interface = NULL;
}
/* flush the Tx_msg list */
if (!list_empty(&ipmi_device->tx_msg_list))
ipmi_flush_tx_msg(ipmi_device);
list_del(&ipmi_device->head);
ipmi_remove_space_handler(ipmi_device);
}
static int __init acpi_ipmi_init(void) static int __init acpi_ipmi_init(void)
{ {
int result = 0; int result;
acpi_status status;
if (acpi_disabled) if (acpi_disabled)
return result; return 0;
mutex_init(&driver_data.ipmi_lock);
status = acpi_install_address_space_handler(ACPI_ROOT_OBJECT,
ACPI_ADR_SPACE_IPMI,
&acpi_ipmi_space_handler,
NULL, NULL);
if (ACPI_FAILURE(status)) {
pr_warn("Can't register IPMI opregion space handle\n");
return -EINVAL;
}
result = ipmi_smi_watcher_register(&driver_data.bmc_events); result = ipmi_smi_watcher_register(&driver_data.bmc_events);
if (result)
pr_err("Can't register IPMI system interface watcher\n");
return result; return result;
} }
static void __exit acpi_ipmi_exit(void) static void __exit acpi_ipmi_exit(void)
{ {
struct acpi_ipmi_device *ipmi_device, *temp; struct acpi_ipmi_device *ipmi_device;
if (acpi_disabled) if (acpi_disabled)
return; return;
@ -516,13 +639,22 @@ static void __exit acpi_ipmi_exit(void)
* handler and free it. * handler and free it.
*/ */
mutex_lock(&driver_data.ipmi_lock); mutex_lock(&driver_data.ipmi_lock);
list_for_each_entry_safe(ipmi_device, temp, while (!list_empty(&driver_data.ipmi_devices)) {
&driver_data.ipmi_devices, head) { ipmi_device = list_first_entry(&driver_data.ipmi_devices,
acpi_remove_ipmi_device(ipmi_device); struct acpi_ipmi_device,
put_device(ipmi_device->smi_data.dev); head);
kfree(ipmi_device); __ipmi_dev_kill(ipmi_device);
mutex_unlock(&driver_data.ipmi_lock);
ipmi_flush_tx_msg(ipmi_device);
acpi_ipmi_dev_put(ipmi_device);
mutex_lock(&driver_data.ipmi_lock);
} }
mutex_unlock(&driver_data.ipmi_lock); mutex_unlock(&driver_data.ipmi_lock);
acpi_remove_address_space_handler(ACPI_ROOT_OBJECT,
ACPI_ADR_SPACE_IPMI,
&acpi_ipmi_space_handler);
} }
module_init(acpi_ipmi_init); module_init(acpi_ipmi_init);