1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2006 IronPort Systems Inc. <ambrisko@ironport.com>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <sys/cdefs.h>
30 #include <sys/param.h>
31 #include <sys/systm.h>
32 #include <sys/bus.h>
33 #include <sys/condvar.h>
34 #include <sys/conf.h>
35 #include <sys/eventhandler.h>
36 #include <sys/kernel.h>
37 #include <sys/lock.h>
38 #include <sys/malloc.h>
39 #include <sys/module.h>
40 #include <sys/mutex.h>
41 #include <sys/poll.h>
42 #include <sys/reboot.h>
43 #include <sys/rman.h>
44 #include <sys/selinfo.h>
45 #include <sys/sysctl.h>
46 #include <sys/watchdog.h>
47
48 #ifdef LOCAL_MODULE
49 #include <ipmi.h>
50 #include <ipmivars.h>
51 #else
52 #include <sys/ipmi.h>
53 #include <dev/ipmi/ipmivars.h>
54 #endif
55
56 #ifdef IPMICTL_SEND_COMMAND_32
57 #include <sys/abi_compat.h>
58 #endif
59
60 /*
61 * Driver request structures are allocated on the stack via alloca() to
62 * avoid calling malloc(), especially for the watchdog handler.
63 * To avoid too much stack growth, a previously allocated structure can
64 * be reused via IPMI_INIT_DRIVER_REQUEST(), but the caller should ensure
65 * that there is adequate reply/request space in the original allocation.
66 */
67 #define IPMI_INIT_DRIVER_REQUEST(req, addr, cmd, reqlen, replylen) \
68 bzero((req), sizeof(struct ipmi_request)); \
69 ipmi_init_request((req), NULL, 0, (addr), (cmd), (reqlen), (replylen))
70
71 #define IPMI_ALLOC_DRIVER_REQUEST(req, addr, cmd, reqlen, replylen) \
72 (req) = __builtin_alloca(sizeof(struct ipmi_request) + \
73 (reqlen) + (replylen)); \
74 IPMI_INIT_DRIVER_REQUEST((req), (addr), (cmd), (reqlen), \
75 (replylen))
76
77 static d_ioctl_t ipmi_ioctl;
78 static d_poll_t ipmi_poll;
79 static d_open_t ipmi_open;
80 static void ipmi_dtor(void *arg);
81
82 int ipmi_attached = 0;
83
84 static int on = 1;
85 static bool wd_in_shutdown = false;
86 static int wd_timer_actions = IPMI_SET_WD_ACTION_POWER_CYCLE;
87 static int wd_shutdown_countdown = 0; /* sec */
88 static int wd_startup_countdown = 0; /* sec */
89 static int wd_pretimeout_countdown = 120; /* sec */
90 static int cycle_wait = 10; /* sec */
91 static int wd_init_enable = 1;
92
93 static SYSCTL_NODE(_hw, OID_AUTO, ipmi, CTLFLAG_RD | CTLFLAG_MPSAFE, 0,
94 "IPMI driver parameters");
95 SYSCTL_INT(_hw_ipmi, OID_AUTO, on, CTLFLAG_RWTUN,
96 &on, 0, "");
97 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_init_enable, CTLFLAG_RWTUN,
98 &wd_init_enable, 1, "Enable watchdog initialization");
99 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_timer_actions, CTLFLAG_RWTUN,
100 &wd_timer_actions, 0,
101 "IPMI watchdog timer actions (including pre-timeout interrupt)");
102 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_shutdown_countdown, CTLFLAG_RWTUN,
103 &wd_shutdown_countdown, 0,
104 "IPMI watchdog countdown for shutdown (seconds)");
105 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_startup_countdown, CTLFLAG_RDTUN,
106 &wd_startup_countdown, 0,
107 "IPMI watchdog countdown initialized during startup (seconds)");
108 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_pretimeout_countdown, CTLFLAG_RWTUN,
109 &wd_pretimeout_countdown, 0,
110 "IPMI watchdog pre-timeout countdown (seconds)");
111 SYSCTL_INT(_hw_ipmi, OID_AUTO, cyle_wait, CTLFLAG_RWTUN,
112 &cycle_wait, 0,
113 "IPMI power cycle on reboot delay time (seconds)");
114
115 static struct cdevsw ipmi_cdevsw = {
116 .d_version = D_VERSION,
117 .d_open = ipmi_open,
118 .d_ioctl = ipmi_ioctl,
119 .d_poll = ipmi_poll,
120 .d_name = "ipmi",
121 };
122
123 static MALLOC_DEFINE(M_IPMI, "ipmi", "ipmi");
124
125 static int
ipmi_open(struct cdev * cdev,int flags,int fmt,struct thread * td)126 ipmi_open(struct cdev *cdev, int flags, int fmt, struct thread *td)
127 {
128 struct ipmi_device *dev;
129 struct ipmi_softc *sc;
130 int error;
131
132 if (!on)
133 return (ENOENT);
134
135 /* Initialize the per file descriptor data. */
136 dev = malloc(sizeof(struct ipmi_device), M_IPMI, M_WAITOK | M_ZERO);
137 error = devfs_set_cdevpriv(dev, ipmi_dtor);
138 if (error) {
139 free(dev, M_IPMI);
140 return (error);
141 }
142
143 sc = cdev->si_drv1;
144 TAILQ_INIT(&dev->ipmi_completed_requests);
145 dev->ipmi_address = IPMI_BMC_SLAVE_ADDR;
146 dev->ipmi_lun = IPMI_BMC_SMS_LUN;
147 dev->ipmi_softc = sc;
148 IPMI_LOCK(sc);
149 sc->ipmi_opened++;
150 IPMI_UNLOCK(sc);
151
152 return (0);
153 }
154
155 static int
ipmi_poll(struct cdev * cdev,int poll_events,struct thread * td)156 ipmi_poll(struct cdev *cdev, int poll_events, struct thread *td)
157 {
158 struct ipmi_device *dev;
159 struct ipmi_softc *sc;
160 int revents = 0;
161
162 if (devfs_get_cdevpriv((void **)&dev))
163 return (0);
164
165 sc = cdev->si_drv1;
166 IPMI_LOCK(sc);
167 if (poll_events & (POLLIN | POLLRDNORM)) {
168 if (!TAILQ_EMPTY(&dev->ipmi_completed_requests))
169 revents |= poll_events & (POLLIN | POLLRDNORM);
170 if (dev->ipmi_requests == 0)
171 revents |= POLLERR;
172 }
173
174 if (revents == 0) {
175 if (poll_events & (POLLIN | POLLRDNORM))
176 selrecord(td, &dev->ipmi_select);
177 }
178 IPMI_UNLOCK(sc);
179
180 return (revents);
181 }
182
183 static void
ipmi_purge_completed_requests(struct ipmi_device * dev)184 ipmi_purge_completed_requests(struct ipmi_device *dev)
185 {
186 struct ipmi_request *req;
187
188 while (!TAILQ_EMPTY(&dev->ipmi_completed_requests)) {
189 req = TAILQ_FIRST(&dev->ipmi_completed_requests);
190 TAILQ_REMOVE(&dev->ipmi_completed_requests, req, ir_link);
191 dev->ipmi_requests--;
192 ipmi_free_request(req);
193 }
194 }
195
196 static void
ipmi_dtor(void * arg)197 ipmi_dtor(void *arg)
198 {
199 struct ipmi_request *req, *nreq;
200 struct ipmi_device *dev;
201 struct ipmi_softc *sc;
202
203 dev = arg;
204 sc = dev->ipmi_softc;
205
206 IPMI_LOCK(sc);
207 if (dev->ipmi_requests) {
208 /* Throw away any pending requests for this device. */
209 TAILQ_FOREACH_SAFE(req, &sc->ipmi_pending_requests, ir_link,
210 nreq) {
211 if (req->ir_owner == dev) {
212 TAILQ_REMOVE(&sc->ipmi_pending_requests, req,
213 ir_link);
214 dev->ipmi_requests--;
215 ipmi_free_request(req);
216 }
217 }
218
219 /* Throw away any pending completed requests for this device. */
220 ipmi_purge_completed_requests(dev);
221
222 /*
223 * If we still have outstanding requests, they must be stuck
224 * in an interface driver, so wait for those to drain.
225 */
226 dev->ipmi_closing = 1;
227 while (dev->ipmi_requests > 0) {
228 msleep(&dev->ipmi_requests, &sc->ipmi_requests_lock,
229 PWAIT, "ipmidrain", 0);
230 ipmi_purge_completed_requests(dev);
231 }
232 }
233 sc->ipmi_opened--;
234 IPMI_UNLOCK(sc);
235
236 /* Cleanup. */
237 free(dev, M_IPMI);
238 }
239
240 static u_char
ipmi_ipmb_checksum(u_char * data,int len)241 ipmi_ipmb_checksum(u_char *data, int len)
242 {
243 u_char sum = 0;
244
245 for (; len; len--)
246 sum += *data++;
247 return (-sum);
248 }
249
250 static int
ipmi_ioctl(struct cdev * cdev,u_long cmd,caddr_t data,int flags,struct thread * td)251 ipmi_ioctl(struct cdev *cdev, u_long cmd, caddr_t data,
252 int flags, struct thread *td)
253 {
254 struct ipmi_softc *sc;
255 struct ipmi_device *dev;
256 struct ipmi_request *kreq;
257 struct ipmi_req *req = (struct ipmi_req *)data;
258 struct ipmi_recv *recv = (struct ipmi_recv *)data;
259 struct ipmi_addr addr;
260 #ifdef IPMICTL_SEND_COMMAND_32
261 struct ipmi_req32 *req32 = (struct ipmi_req32 *)data;
262 struct ipmi_recv32 *recv32 = (struct ipmi_recv32 *)data;
263 union {
264 struct ipmi_req req;
265 struct ipmi_recv recv;
266 } thunk32;
267 #endif
268 int error, len;
269
270 error = devfs_get_cdevpriv((void **)&dev);
271 if (error)
272 return (error);
273
274 sc = cdev->si_drv1;
275
276 #ifdef IPMICTL_SEND_COMMAND_32
277 /* Convert 32-bit structures to native. */
278 switch (cmd) {
279 case IPMICTL_SEND_COMMAND_32:
280 req = &thunk32.req;
281 req->addr = PTRIN(req32->addr);
282 req->addr_len = req32->addr_len;
283 req->msgid = req32->msgid;
284 req->msg.netfn = req32->msg.netfn;
285 req->msg.cmd = req32->msg.cmd;
286 req->msg.data_len = req32->msg.data_len;
287 req->msg.data = PTRIN(req32->msg.data);
288 break;
289 case IPMICTL_RECEIVE_MSG_TRUNC_32:
290 case IPMICTL_RECEIVE_MSG_32:
291 recv = &thunk32.recv;
292 recv->addr = PTRIN(recv32->addr);
293 recv->addr_len = recv32->addr_len;
294 recv->msg.data_len = recv32->msg.data_len;
295 recv->msg.data = PTRIN(recv32->msg.data);
296 break;
297 }
298 #endif
299
300 switch (cmd) {
301 #ifdef IPMICTL_SEND_COMMAND_32
302 case IPMICTL_SEND_COMMAND_32:
303 #endif
304 case IPMICTL_SEND_COMMAND:
305 error = copyin(req->addr, &addr, sizeof(addr));
306 if (error)
307 return (error);
308
309 if (addr.addr_type == IPMI_SYSTEM_INTERFACE_ADDR_TYPE) {
310 struct ipmi_system_interface_addr *saddr =
311 (struct ipmi_system_interface_addr *)&addr;
312
313 kreq = ipmi_alloc_request(dev, req->msgid,
314 IPMI_ADDR(req->msg.netfn, saddr->lun & 0x3),
315 req->msg.cmd, req->msg.data_len, IPMI_MAX_RX);
316 error = copyin(req->msg.data, kreq->ir_request,
317 req->msg.data_len);
318 if (error) {
319 ipmi_free_request(kreq);
320 return (error);
321 }
322 IPMI_LOCK(sc);
323 dev->ipmi_requests++;
324 error = sc->ipmi_enqueue_request(sc, kreq);
325 IPMI_UNLOCK(sc);
326 if (error)
327 return (error);
328 break;
329 }
330
331 /* Special processing for IPMB commands */
332 struct ipmi_ipmb_addr *iaddr = (struct ipmi_ipmb_addr *)&addr;
333
334 IPMI_ALLOC_DRIVER_REQUEST(kreq, IPMI_ADDR(IPMI_APP_REQUEST, 0),
335 IPMI_SEND_MSG, req->msg.data_len + 8, IPMI_MAX_RX);
336 /* Construct the SEND MSG header */
337 kreq->ir_request[0] = iaddr->channel;
338 kreq->ir_request[1] = iaddr->slave_addr;
339 kreq->ir_request[2] = IPMI_ADDR(req->msg.netfn, iaddr->lun);
340 kreq->ir_request[3] =
341 ipmi_ipmb_checksum(&kreq->ir_request[1], 2);
342 kreq->ir_request[4] = dev->ipmi_address;
343 kreq->ir_request[5] = IPMI_ADDR(0, dev->ipmi_lun);
344 kreq->ir_request[6] = req->msg.cmd;
345 /* Copy the message data */
346 if (req->msg.data_len > 0) {
347 error = copyin(req->msg.data, &kreq->ir_request[7],
348 req->msg.data_len);
349 if (error != 0)
350 return (error);
351 }
352 kreq->ir_request[req->msg.data_len + 7] =
353 ipmi_ipmb_checksum(&kreq->ir_request[4],
354 req->msg.data_len + 3);
355 error = ipmi_submit_driver_request(sc, kreq, MAX_TIMEOUT);
356 if (error != 0)
357 return (error);
358
359 kreq = ipmi_alloc_request(dev, req->msgid,
360 IPMI_ADDR(IPMI_APP_REQUEST, 0), IPMI_GET_MSG,
361 0, IPMI_MAX_RX);
362 kreq->ir_ipmb = true;
363 kreq->ir_ipmb_addr = IPMI_ADDR(req->msg.netfn, 0);
364 kreq->ir_ipmb_command = req->msg.cmd;
365 IPMI_LOCK(sc);
366 dev->ipmi_requests++;
367 error = sc->ipmi_enqueue_request(sc, kreq);
368 IPMI_UNLOCK(sc);
369 if (error != 0)
370 return (error);
371 break;
372 #ifdef IPMICTL_SEND_COMMAND_32
373 case IPMICTL_RECEIVE_MSG_TRUNC_32:
374 case IPMICTL_RECEIVE_MSG_32:
375 #endif
376 case IPMICTL_RECEIVE_MSG_TRUNC:
377 case IPMICTL_RECEIVE_MSG:
378 error = copyin(recv->addr, &addr, sizeof(addr));
379 if (error)
380 return (error);
381
382 IPMI_LOCK(sc);
383 kreq = TAILQ_FIRST(&dev->ipmi_completed_requests);
384 if (kreq == NULL) {
385 IPMI_UNLOCK(sc);
386 return (EAGAIN);
387 }
388 if (kreq->ir_error != 0) {
389 error = kreq->ir_error;
390 TAILQ_REMOVE(&dev->ipmi_completed_requests, kreq,
391 ir_link);
392 dev->ipmi_requests--;
393 IPMI_UNLOCK(sc);
394 ipmi_free_request(kreq);
395 return (error);
396 }
397
398 recv->recv_type = IPMI_RESPONSE_RECV_TYPE;
399 recv->msgid = kreq->ir_msgid;
400 if (kreq->ir_ipmb) {
401 addr.channel = IPMI_IPMB_CHANNEL;
402 recv->msg.netfn =
403 IPMI_REPLY_ADDR(kreq->ir_ipmb_addr) >> 2;
404 recv->msg.cmd = kreq->ir_ipmb_command;
405 /* Get the compcode of response */
406 kreq->ir_compcode = kreq->ir_reply[6];
407 /* Move the reply head past response header */
408 kreq->ir_reply += 7;
409 len = kreq->ir_replylen - 7;
410 } else {
411 addr.channel = IPMI_BMC_CHANNEL;
412 recv->msg.netfn = IPMI_REPLY_ADDR(kreq->ir_addr) >> 2;
413 recv->msg.cmd = kreq->ir_command;
414 len = kreq->ir_replylen + 1;
415 }
416
417 if (recv->msg.data_len < len &&
418 (cmd == IPMICTL_RECEIVE_MSG
419 #ifdef IPMICTL_RECEIVE_MSG_32
420 || cmd == IPMICTL_RECEIVE_MSG_32
421 #endif
422 )) {
423 IPMI_UNLOCK(sc);
424 return (EMSGSIZE);
425 }
426 TAILQ_REMOVE(&dev->ipmi_completed_requests, kreq, ir_link);
427 dev->ipmi_requests--;
428 IPMI_UNLOCK(sc);
429 len = min(recv->msg.data_len, len);
430 recv->msg.data_len = len;
431 error = copyout(&addr, recv->addr,sizeof(addr));
432 if (error == 0)
433 error = copyout(&kreq->ir_compcode, recv->msg.data, 1);
434 if (error == 0)
435 error = copyout(kreq->ir_reply, recv->msg.data + 1,
436 len - 1);
437 ipmi_free_request(kreq);
438 if (error)
439 return (error);
440 break;
441 case IPMICTL_SET_MY_ADDRESS_CMD:
442 IPMI_LOCK(sc);
443 dev->ipmi_address = *(int*)data;
444 IPMI_UNLOCK(sc);
445 break;
446 case IPMICTL_GET_MY_ADDRESS_CMD:
447 IPMI_LOCK(sc);
448 *(int*)data = dev->ipmi_address;
449 IPMI_UNLOCK(sc);
450 break;
451 case IPMICTL_SET_MY_LUN_CMD:
452 IPMI_LOCK(sc);
453 dev->ipmi_lun = *(int*)data & 0x3;
454 IPMI_UNLOCK(sc);
455 break;
456 case IPMICTL_GET_MY_LUN_CMD:
457 IPMI_LOCK(sc);
458 *(int*)data = dev->ipmi_lun;
459 IPMI_UNLOCK(sc);
460 break;
461 case IPMICTL_SET_GETS_EVENTS_CMD:
462 /*
463 device_printf(sc->ipmi_dev,
464 "IPMICTL_SET_GETS_EVENTS_CMD NA\n");
465 */
466 break;
467 case IPMICTL_REGISTER_FOR_CMD:
468 case IPMICTL_UNREGISTER_FOR_CMD:
469 return (EOPNOTSUPP);
470 default:
471 device_printf(sc->ipmi_dev, "Unknown IOCTL %lX\n", cmd);
472 return (ENOIOCTL);
473 }
474
475 #ifdef IPMICTL_SEND_COMMAND_32
476 /* Update changed fields in 32-bit structures. */
477 switch (cmd) {
478 case IPMICTL_RECEIVE_MSG_TRUNC_32:
479 case IPMICTL_RECEIVE_MSG_32:
480 recv32->recv_type = recv->recv_type;
481 recv32->msgid = recv->msgid;
482 recv32->msg.netfn = recv->msg.netfn;
483 recv32->msg.cmd = recv->msg.cmd;
484 recv32->msg.data_len = recv->msg.data_len;
485 break;
486 }
487 #endif
488 return (0);
489 }
490
491 /*
492 * Request management.
493 */
494
495 __inline void
ipmi_init_request(struct ipmi_request * req,struct ipmi_device * dev,long msgid,uint8_t addr,uint8_t command,size_t requestlen,size_t replylen)496 ipmi_init_request(struct ipmi_request *req, struct ipmi_device *dev, long msgid,
497 uint8_t addr, uint8_t command, size_t requestlen, size_t replylen)
498 {
499
500 req->ir_owner = dev;
501 req->ir_msgid = msgid;
502 req->ir_addr = addr;
503 req->ir_command = command;
504 if (requestlen) {
505 req->ir_request = (char *)&req[1];
506 req->ir_requestlen = requestlen;
507 }
508 if (replylen) {
509 req->ir_reply = (char *)&req[1] + requestlen;
510 req->ir_replybuflen = replylen;
511 }
512 }
513
514 /* Allocate a new request with request and reply buffers. */
515 struct ipmi_request *
ipmi_alloc_request(struct ipmi_device * dev,long msgid,uint8_t addr,uint8_t command,size_t requestlen,size_t replylen)516 ipmi_alloc_request(struct ipmi_device *dev, long msgid, uint8_t addr,
517 uint8_t command, size_t requestlen, size_t replylen)
518 {
519 struct ipmi_request *req;
520
521 req = malloc(sizeof(struct ipmi_request) + requestlen + replylen,
522 M_IPMI, M_WAITOK | M_ZERO);
523 ipmi_init_request(req, dev, msgid, addr, command, requestlen, replylen);
524 return (req);
525 }
526
527 /* Free a request no longer in use. */
528 void
ipmi_free_request(struct ipmi_request * req)529 ipmi_free_request(struct ipmi_request *req)
530 {
531
532 free(req, M_IPMI);
533 }
534
535 /* Store a processed request on the appropriate completion queue. */
536 void
ipmi_complete_request(struct ipmi_softc * sc,struct ipmi_request * req)537 ipmi_complete_request(struct ipmi_softc *sc, struct ipmi_request *req)
538 {
539 struct ipmi_device *dev;
540
541 IPMI_LOCK_ASSERT(sc);
542
543 /*
544 * Anonymous requests (from inside the driver) always have a
545 * waiter that we awaken.
546 */
547 if (req->ir_owner == NULL)
548 wakeup(req);
549 else {
550 dev = req->ir_owner;
551 TAILQ_INSERT_TAIL(&dev->ipmi_completed_requests, req, ir_link);
552 selwakeup(&dev->ipmi_select);
553 if (dev->ipmi_closing)
554 wakeup(&dev->ipmi_requests);
555 }
556 }
557
558 /* Perform an internal driver request. */
559 int
ipmi_submit_driver_request(struct ipmi_softc * sc,struct ipmi_request * req,int timo)560 ipmi_submit_driver_request(struct ipmi_softc *sc, struct ipmi_request *req,
561 int timo)
562 {
563
564 return (sc->ipmi_driver_request(sc, req, timo));
565 }
566
567 /*
568 * Helper routine for polled system interfaces that use
569 * ipmi_polled_enqueue_request() to queue requests. This request
570 * waits until there is a pending request and then returns the first
571 * request. If the driver is shutting down, it returns NULL.
572 */
573 struct ipmi_request *
ipmi_dequeue_request(struct ipmi_softc * sc)574 ipmi_dequeue_request(struct ipmi_softc *sc)
575 {
576 struct ipmi_request *req;
577
578 IPMI_LOCK_ASSERT(sc);
579
580 while (!sc->ipmi_detaching && TAILQ_EMPTY(&sc->ipmi_pending_requests))
581 cv_wait(&sc->ipmi_request_added, &sc->ipmi_requests_lock);
582 if (sc->ipmi_detaching)
583 return (NULL);
584
585 req = TAILQ_FIRST(&sc->ipmi_pending_requests);
586 TAILQ_REMOVE(&sc->ipmi_pending_requests, req, ir_link);
587 return (req);
588 }
589
590 /* Default implementation of ipmi_enqueue_request() for polled interfaces. */
591 int
ipmi_polled_enqueue_request(struct ipmi_softc * sc,struct ipmi_request * req)592 ipmi_polled_enqueue_request(struct ipmi_softc *sc, struct ipmi_request *req)
593 {
594
595 IPMI_LOCK_ASSERT(sc);
596
597 TAILQ_INSERT_TAIL(&sc->ipmi_pending_requests, req, ir_link);
598 cv_signal(&sc->ipmi_request_added);
599 return (0);
600 }
601
602 /*
603 * Watchdog event handler.
604 */
605
606 static int
ipmi_reset_watchdog(struct ipmi_softc * sc)607 ipmi_reset_watchdog(struct ipmi_softc *sc)
608 {
609 struct ipmi_request *req;
610 int error;
611
612 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0),
613 IPMI_RESET_WDOG, 0, 0);
614 error = ipmi_submit_driver_request(sc, req, 0);
615 if (error) {
616 device_printf(sc->ipmi_dev, "Failed to reset watchdog\n");
617 } else if (req->ir_compcode == 0x80) {
618 error = ENOENT;
619 } else if (req->ir_compcode != 0) {
620 device_printf(sc->ipmi_dev, "Watchdog reset returned 0x%x\n",
621 req->ir_compcode);
622 error = EINVAL;
623 }
624 return (error);
625 }
626
627 static int
ipmi_set_watchdog(struct ipmi_softc * sc,unsigned int sec)628 ipmi_set_watchdog(struct ipmi_softc *sc, unsigned int sec)
629 {
630 struct ipmi_request *req;
631 int error;
632
633 if (sec > 0xffff / 10)
634 return (EINVAL);
635
636 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0),
637 IPMI_SET_WDOG, 6, 0);
638 if (sec) {
639 req->ir_request[0] = IPMI_SET_WD_TIMER_DONT_STOP
640 | IPMI_SET_WD_TIMER_SMS_OS;
641 req->ir_request[1] = (wd_timer_actions & 0xff);
642 req->ir_request[2] = min(0xff,
643 min(wd_pretimeout_countdown, (sec + 2) / 4));
644 req->ir_request[3] = 0; /* Timer use */
645 req->ir_request[4] = (sec * 10) & 0xff;
646 req->ir_request[5] = (sec * 10) >> 8;
647 } else {
648 req->ir_request[0] = IPMI_SET_WD_TIMER_SMS_OS;
649 req->ir_request[1] = 0;
650 req->ir_request[2] = 0;
651 req->ir_request[3] = 0; /* Timer use */
652 req->ir_request[4] = 0;
653 req->ir_request[5] = 0;
654 }
655 error = ipmi_submit_driver_request(sc, req, 0);
656 if (error) {
657 device_printf(sc->ipmi_dev, "Failed to set watchdog\n");
658 } else if (req->ir_compcode != 0) {
659 device_printf(sc->ipmi_dev, "Watchdog set returned 0x%x\n",
660 req->ir_compcode);
661 error = EINVAL;
662 }
663 return (error);
664 }
665
666 static void
ipmi_wd_event(void * arg,unsigned int cmd,int * error)667 ipmi_wd_event(void *arg, unsigned int cmd, int *error)
668 {
669 struct ipmi_softc *sc = arg;
670 unsigned int timeout;
671 int e;
672
673 /* Ignore requests while disabled. */
674 if (!on)
675 return;
676
677 /*
678 * To prevent infinite hangs, we don't let anyone pat or change
679 * the watchdog when we're shutting down. (See ipmi_shutdown_event().)
680 * However, we do want to keep patting the watchdog while we are doing
681 * a coredump.
682 */
683 if (wd_in_shutdown) {
684 if (dumping && sc->ipmi_watchdog_active)
685 ipmi_reset_watchdog(sc);
686 return;
687 }
688
689 cmd &= WD_INTERVAL;
690 if (cmd > 0 && cmd <= 63) {
691 timeout = ((uint64_t)1 << cmd) / 1000000000;
692 if (timeout == 0)
693 timeout = 1;
694 if (timeout != sc->ipmi_watchdog_active ||
695 wd_timer_actions != sc->ipmi_watchdog_actions ||
696 wd_pretimeout_countdown != sc->ipmi_watchdog_pretimeout) {
697 e = ipmi_set_watchdog(sc, timeout);
698 if (e == 0) {
699 sc->ipmi_watchdog_active = timeout;
700 sc->ipmi_watchdog_actions = wd_timer_actions;
701 sc->ipmi_watchdog_pretimeout = wd_pretimeout_countdown;
702 } else {
703 (void)ipmi_set_watchdog(sc, 0);
704 sc->ipmi_watchdog_active = 0;
705 sc->ipmi_watchdog_actions = 0;
706 sc->ipmi_watchdog_pretimeout = 0;
707 }
708 }
709 if (sc->ipmi_watchdog_active != 0) {
710 e = ipmi_reset_watchdog(sc);
711 if (e == 0) {
712 *error = 0;
713 } else {
714 (void)ipmi_set_watchdog(sc, 0);
715 sc->ipmi_watchdog_active = 0;
716 sc->ipmi_watchdog_actions = 0;
717 sc->ipmi_watchdog_pretimeout = 0;
718 }
719 }
720 } else if (atomic_readandclear_int(&sc->ipmi_watchdog_active) != 0) {
721 sc->ipmi_watchdog_actions = 0;
722 sc->ipmi_watchdog_pretimeout = 0;
723
724 e = ipmi_set_watchdog(sc, 0);
725 if (e != 0 && cmd == 0)
726 *error = EOPNOTSUPP;
727 }
728 }
729
730 static void
ipmi_shutdown_event(void * arg,int howto)731 ipmi_shutdown_event(void *arg, int howto)
732 {
733 struct ipmi_softc *sc = arg;
734
735 /* Ignore event if disabled. */
736 if (!on)
737 return;
738
739 /*
740 * Positive wd_shutdown_countdown value will re-arm watchdog;
741 * Zero value in wd_shutdown_countdown will disable watchdog;
742 * Negative value in wd_shutdown_countdown will keep existing state;
743 *
744 * System halt is a special case of shutdown where wd_shutdown_countdown
745 * is ignored and watchdog is disabled to ensure that the system remains
746 * halted as requested.
747 *
748 * Revert to using a power cycle to ensure that the watchdog will
749 * do something useful here. Having the watchdog send an NMI
750 * instead is useless during shutdown, and might be ignored if an
751 * NMI already triggered.
752 */
753
754 wd_in_shutdown = true;
755 if (wd_shutdown_countdown == 0 || (howto & RB_HALT) != 0) {
756 /* disable watchdog */
757 ipmi_set_watchdog(sc, 0);
758 sc->ipmi_watchdog_active = 0;
759 } else if (wd_shutdown_countdown > 0) {
760 /* set desired action and time, and, reset watchdog */
761 wd_timer_actions = IPMI_SET_WD_ACTION_POWER_CYCLE;
762 ipmi_set_watchdog(sc, wd_shutdown_countdown);
763 sc->ipmi_watchdog_active = wd_shutdown_countdown;
764 ipmi_reset_watchdog(sc);
765 }
766 }
767
768 static void
ipmi_power_cycle(void * arg,int howto)769 ipmi_power_cycle(void *arg, int howto)
770 {
771 struct ipmi_softc *sc = arg;
772 struct ipmi_request *req;
773
774 /*
775 * Ignore everything except power cycling requests
776 */
777 if ((howto & RB_POWERCYCLE) == 0)
778 return;
779
780 device_printf(sc->ipmi_dev, "Power cycling using IPMI\n");
781
782 /*
783 * Send a CHASSIS_CONTROL command to the CHASSIS device, subcommand 2
784 * as described in IPMI v2.0 spec section 28.3.
785 */
786 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_CHASSIS_REQUEST, 0),
787 IPMI_CHASSIS_CONTROL, 1, 0);
788 req->ir_request[0] = IPMI_CC_POWER_CYCLE;
789
790 ipmi_submit_driver_request(sc, req, MAX_TIMEOUT);
791
792 if (req->ir_error != 0 || req->ir_compcode != 0) {
793 device_printf(sc->ipmi_dev, "Power cycling via IPMI failed code %#x %#x\n",
794 req->ir_error, req->ir_compcode);
795 return;
796 }
797
798 /*
799 * BMCs are notoriously slow, give it cyle_wait seconds for the power
800 * down leg of the power cycle. If that fails, fallback to the next
801 * hanlder in the shutdown_final chain and/or the platform failsafe.
802 */
803 DELAY(cycle_wait * 1000 * 1000);
804 device_printf(sc->ipmi_dev, "Power cycling via IPMI timed out\n");
805 }
806
807 static void
ipmi_startup(void * arg)808 ipmi_startup(void *arg)
809 {
810 struct ipmi_softc *sc = arg;
811 struct ipmi_request *req;
812 device_t dev;
813 int error, i;
814
815 config_intrhook_disestablish(&sc->ipmi_ich);
816 dev = sc->ipmi_dev;
817
818 /* Initialize interface-independent state. */
819 mtx_init(&sc->ipmi_requests_lock, "ipmi requests", NULL, MTX_DEF);
820 mtx_init(&sc->ipmi_io_lock, "ipmi io", NULL, MTX_DEF);
821 cv_init(&sc->ipmi_request_added, "ipmireq");
822 TAILQ_INIT(&sc->ipmi_pending_requests);
823
824 /* Initialize interface-dependent state. */
825 error = sc->ipmi_startup(sc);
826 if (error) {
827 device_printf(dev, "Failed to initialize interface: %d\n",
828 error);
829 return;
830 }
831
832 /* Send a GET_DEVICE_ID request. */
833 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0),
834 IPMI_GET_DEVICE_ID, 0, 15);
835
836 error = ipmi_submit_driver_request(sc, req, MAX_TIMEOUT);
837 if (error == EWOULDBLOCK) {
838 device_printf(dev, "Timed out waiting for GET_DEVICE_ID\n");
839 return;
840 } else if (error) {
841 device_printf(dev, "Failed GET_DEVICE_ID: %d\n", error);
842 return;
843 } else if (req->ir_compcode != 0) {
844 device_printf(dev,
845 "Bad completion code for GET_DEVICE_ID: %d\n",
846 req->ir_compcode);
847 return;
848 } else if (req->ir_replylen < 5) {
849 device_printf(dev, "Short reply for GET_DEVICE_ID: %d\n",
850 req->ir_replylen);
851 return;
852 }
853
854 device_printf(dev, "IPMI device rev. %d, firmware rev. %d.%d%d, "
855 "version %d.%d, device support mask %#x\n",
856 req->ir_reply[1] & 0x0f,
857 req->ir_reply[2] & 0x7f, req->ir_reply[3] >> 4, req->ir_reply[3] & 0x0f,
858 req->ir_reply[4] & 0x0f, req->ir_reply[4] >> 4, req->ir_reply[5]);
859
860 sc->ipmi_dev_support = req->ir_reply[5];
861
862 IPMI_INIT_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0),
863 IPMI_CLEAR_FLAGS, 1, 0);
864
865 ipmi_submit_driver_request(sc, req, 0);
866
867 /* XXX: Magic numbers */
868 if (req->ir_compcode == 0xc0) {
869 device_printf(dev, "Clear flags is busy\n");
870 }
871 if (req->ir_compcode == 0xc1) {
872 device_printf(dev, "Clear flags illegal\n");
873 }
874
875 for (i = 0; i < 8; i++) {
876 IPMI_INIT_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0),
877 IPMI_GET_CHANNEL_INFO, 1, 0);
878 req->ir_request[0] = i;
879
880 error = ipmi_submit_driver_request(sc, req, 0);
881
882 if (error != 0 || req->ir_compcode != 0)
883 break;
884 }
885 device_printf(dev, "Number of channels %d\n", i);
886
887 /*
888 * Probe for watchdog, but only for backends which support
889 * polled driver requests.
890 */
891 if (wd_init_enable && sc->ipmi_driver_requests_polled) {
892 IPMI_INIT_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0),
893 IPMI_GET_WDOG, 0, 0);
894
895 error = ipmi_submit_driver_request(sc, req, 0);
896
897 if (error == 0 && req->ir_compcode == 0x00) {
898 device_printf(dev, "Attached watchdog\n");
899 /* register the watchdog event handler */
900 sc->ipmi_watchdog_tag = EVENTHANDLER_REGISTER(
901 watchdog_list, ipmi_wd_event, sc, 0);
902 sc->ipmi_shutdown_tag = EVENTHANDLER_REGISTER(
903 shutdown_pre_sync, ipmi_shutdown_event,
904 sc, 0);
905 }
906 }
907
908 sc->ipmi_cdev = make_dev(&ipmi_cdevsw, device_get_unit(dev),
909 UID_ROOT, GID_OPERATOR, 0660, "ipmi%d", device_get_unit(dev));
910 if (sc->ipmi_cdev == NULL) {
911 device_printf(dev, "Failed to create cdev\n");
912 return;
913 }
914 sc->ipmi_cdev->si_drv1 = sc;
915
916 /*
917 * Set initial watchdog state. If desired, set an initial
918 * watchdog on startup. Or, if the watchdog device is
919 * disabled, clear any existing watchdog.
920 */
921 if (on && wd_startup_countdown > 0) {
922 if (ipmi_set_watchdog(sc, wd_startup_countdown) == 0 &&
923 ipmi_reset_watchdog(sc) == 0) {
924 sc->ipmi_watchdog_active = wd_startup_countdown;
925 sc->ipmi_watchdog_actions = wd_timer_actions;
926 sc->ipmi_watchdog_pretimeout = wd_pretimeout_countdown;
927 } else
928 (void)ipmi_set_watchdog(sc, 0);
929 ipmi_reset_watchdog(sc);
930 } else if (!on)
931 (void)ipmi_set_watchdog(sc, 0);
932 /*
933 * Power cycle the system off using IPMI. We use last - 2 since we don't
934 * handle all the other kinds of reboots. We'll let others handle them.
935 * We only try to do this if the BMC supports the Chassis device.
936 */
937 if (sc->ipmi_dev_support & IPMI_ADS_CHASSIS) {
938 device_printf(dev, "Establishing power cycle handler\n");
939 sc->ipmi_power_cycle_tag = EVENTHANDLER_REGISTER(shutdown_final,
940 ipmi_power_cycle, sc, SHUTDOWN_PRI_LAST - 2);
941 }
942 }
943
944 int
ipmi_attach(device_t dev)945 ipmi_attach(device_t dev)
946 {
947 struct ipmi_softc *sc = device_get_softc(dev);
948 int error;
949
950 if (sc->ipmi_irq_res != NULL && sc->ipmi_intr != NULL) {
951 error = bus_setup_intr(dev, sc->ipmi_irq_res, INTR_TYPE_MISC,
952 NULL, sc->ipmi_intr, sc, &sc->ipmi_irq);
953 if (error) {
954 device_printf(dev, "can't set up interrupt\n");
955 return (error);
956 }
957 }
958
959 bzero(&sc->ipmi_ich, sizeof(struct intr_config_hook));
960 sc->ipmi_ich.ich_func = ipmi_startup;
961 sc->ipmi_ich.ich_arg = sc;
962 if (config_intrhook_establish(&sc->ipmi_ich) != 0) {
963 device_printf(dev, "can't establish configuration hook\n");
964 return (ENOMEM);
965 }
966
967 ipmi_attached = 1;
968 return (0);
969 }
970
971 int
ipmi_detach(device_t dev)972 ipmi_detach(device_t dev)
973 {
974 struct ipmi_softc *sc;
975
976 sc = device_get_softc(dev);
977
978 /* Fail if there are any open handles. */
979 IPMI_LOCK(sc);
980 if (sc->ipmi_opened) {
981 IPMI_UNLOCK(sc);
982 return (EBUSY);
983 }
984 IPMI_UNLOCK(sc);
985 if (sc->ipmi_cdev)
986 destroy_dev(sc->ipmi_cdev);
987
988 /* Detach from watchdog handling and turn off watchdog. */
989 if (sc->ipmi_shutdown_tag)
990 EVENTHANDLER_DEREGISTER(shutdown_pre_sync,
991 sc->ipmi_shutdown_tag);
992 if (sc->ipmi_watchdog_tag) {
993 EVENTHANDLER_DEREGISTER(watchdog_list, sc->ipmi_watchdog_tag);
994 ipmi_set_watchdog(sc, 0);
995 }
996
997 /* Detach from shutdown handling for power cycle reboot */
998 if (sc->ipmi_power_cycle_tag)
999 EVENTHANDLER_DEREGISTER(shutdown_final, sc->ipmi_power_cycle_tag);
1000
1001 /* XXX: should use shutdown callout I think. */
1002 /* If the backend uses a kthread, shut it down. */
1003 IPMI_LOCK(sc);
1004 sc->ipmi_detaching = 1;
1005 if (sc->ipmi_kthread) {
1006 cv_broadcast(&sc->ipmi_request_added);
1007 msleep(sc->ipmi_kthread, &sc->ipmi_requests_lock, 0,
1008 "ipmi_wait", 0);
1009 }
1010 IPMI_UNLOCK(sc);
1011 if (sc->ipmi_irq)
1012 bus_teardown_intr(dev, sc->ipmi_irq_res, sc->ipmi_irq);
1013
1014 ipmi_release_resources(dev);
1015 mtx_destroy(&sc->ipmi_io_lock);
1016 mtx_destroy(&sc->ipmi_requests_lock);
1017 return (0);
1018 }
1019
1020 void
ipmi_release_resources(device_t dev)1021 ipmi_release_resources(device_t dev)
1022 {
1023 struct ipmi_softc *sc;
1024 int i;
1025
1026 sc = device_get_softc(dev);
1027 if (sc->ipmi_irq)
1028 bus_teardown_intr(dev, sc->ipmi_irq_res, sc->ipmi_irq);
1029 if (sc->ipmi_irq_res)
1030 bus_release_resource(dev, SYS_RES_IRQ, sc->ipmi_irq_rid,
1031 sc->ipmi_irq_res);
1032 for (i = 0; i < MAX_RES; i++)
1033 if (sc->ipmi_io_res[i])
1034 bus_release_resource(dev, sc->ipmi_io_type,
1035 sc->ipmi_io_rid + i, sc->ipmi_io_res[i]);
1036 }
1037
1038 devclass_t ipmi_devclass;
1039
1040 /* XXX: Why? */
1041 static void
ipmi_unload(void * arg)1042 ipmi_unload(void *arg)
1043 {
1044 device_t * devs;
1045 int count;
1046 int i;
1047
1048 if (ipmi_devclass == NULL)
1049 return;
1050 if (devclass_get_devices(ipmi_devclass, &devs, &count) != 0)
1051 return;
1052 for (i = 0; i < count; i++)
1053 device_delete_child(device_get_parent(devs[i]), devs[i]);
1054 free(devs, M_TEMP);
1055 }
1056 SYSUNINIT(ipmi_unload, SI_SUB_DRIVERS, SI_ORDER_FIRST, ipmi_unload, NULL);
1057
1058 #ifdef IMPI_DEBUG
1059 static void
dump_buf(u_char * data,int len)1060 dump_buf(u_char *data, int len)
1061 {
1062 char buf[20];
1063 char line[1024];
1064 char temp[30];
1065 int count = 0;
1066 int i=0;
1067
1068 printf("Address %p len %d\n", data, len);
1069 if (len > 256)
1070 len = 256;
1071 line[0] = '\000';
1072 for (; len > 0; len--, data++) {
1073 sprintf(temp, "%02x ", *data);
1074 strcat(line, temp);
1075 if (*data >= ' ' && *data <= '~')
1076 buf[count] = *data;
1077 else if (*data >= 'A' && *data <= 'Z')
1078 buf[count] = *data;
1079 else
1080 buf[count] = '.';
1081 if (++count == 16) {
1082 buf[count] = '\000';
1083 count = 0;
1084 printf(" %3x %s %s\n", i, line, buf);
1085 i+=16;
1086 line[0] = '\000';
1087 }
1088 }
1089 buf[count] = '\000';
1090
1091 for (; count != 16; count++) {
1092 strcat(line, " ");
1093 }
1094 printf(" %3x %s %s\n", i, line, buf);
1095 }
1096 #endif
1097