1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2006 IronPort Systems Inc. <ambrisko@ironport.com> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/cdefs.h> 30 __FBSDID("$FreeBSD$"); 31 32 #include <sys/param.h> 33 #include <sys/systm.h> 34 #include <sys/bus.h> 35 #include <sys/condvar.h> 36 #include <sys/conf.h> 37 #include <sys/kernel.h> 38 #include <sys/malloc.h> 39 #include <sys/module.h> 40 #include <sys/poll.h> 41 #include <sys/reboot.h> 42 #include <sys/rman.h> 43 #include <sys/selinfo.h> 44 #include <sys/sysctl.h> 45 #include <sys/watchdog.h> 46 47 #ifdef LOCAL_MODULE 48 #include <ipmi.h> 49 #include <ipmivars.h> 50 #else 51 #include <sys/ipmi.h> 52 #include <dev/ipmi/ipmivars.h> 53 #endif 54 55 /* 56 * Driver request structures are allocated on the stack via alloca() to 57 * avoid calling malloc(), especially for the watchdog handler. 58 * To avoid too much stack growth, a previously allocated structure can 59 * be reused via IPMI_INIT_DRIVER_REQUEST(), but the caller should ensure 60 * that there is adequate reply/request space in the original allocation. 61 */ 62 #define IPMI_INIT_DRIVER_REQUEST(req, addr, cmd, reqlen, replylen) \ 63 bzero((req), sizeof(struct ipmi_request)); \ 64 ipmi_init_request((req), NULL, 0, (addr), (cmd), (reqlen), (replylen)) 65 66 #define IPMI_ALLOC_DRIVER_REQUEST(req, addr, cmd, reqlen, replylen) \ 67 (req) = __builtin_alloca(sizeof(struct ipmi_request) + \ 68 (reqlen) + (replylen)); \ 69 IPMI_INIT_DRIVER_REQUEST((req), (addr), (cmd), (reqlen), \ 70 (replylen)) 71 72 #ifdef IPMB 73 static int ipmi_ipmb_checksum(u_char, int); 74 static int ipmi_ipmb_send_message(device_t, u_char, u_char, u_char, 75 u_char, u_char, int) 76 #endif 77 78 static d_ioctl_t ipmi_ioctl; 79 static d_poll_t ipmi_poll; 80 static d_open_t ipmi_open; 81 static void ipmi_dtor(void *arg); 82 83 int ipmi_attached = 0; 84 85 static int on = 1; 86 static bool wd_in_shutdown = false; 87 static int wd_timer_actions = IPMI_SET_WD_ACTION_POWER_CYCLE; 88 static int wd_shutdown_countdown = 0; /* sec */ 89 static int wd_startup_countdown = 0; /* sec */ 90 static int wd_pretimeout_countdown = 120; /* sec */ 91 static int cycle_wait = 10; /* sec */ 92 93 static SYSCTL_NODE(_hw, OID_AUTO, ipmi, CTLFLAG_RD, 0, 94 "IPMI driver parameters"); 95 SYSCTL_INT(_hw_ipmi, OID_AUTO, on, CTLFLAG_RWTUN, 96 &on, 0, ""); 97 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_timer_actions, CTLFLAG_RW, 98 &wd_timer_actions, 0, 99 "IPMI watchdog timer actions (including pre-timeout interrupt)"); 100 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_shutdown_countdown, CTLFLAG_RW, 101 &wd_shutdown_countdown, 0, 102 "IPMI watchdog countdown for shutdown (seconds)"); 103 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_startup_countdown, CTLFLAG_RDTUN, 104 &wd_startup_countdown, 0, 105 "IPMI watchdog countdown initialized during startup (seconds)"); 106 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_pretimeout_countdown, CTLFLAG_RW, 107 &wd_pretimeout_countdown, 0, 108 "IPMI watchdog pre-timeout countdown (seconds)"); 109 SYSCTL_INT(_hw_ipmi, OID_AUTO, cyle_wait, CTLFLAG_RWTUN, 110 &cycle_wait, 0, 111 "IPMI power cycle on reboot delay time (seconds)"); 112 113 static struct cdevsw ipmi_cdevsw = { 114 .d_version = D_VERSION, 115 .d_open = ipmi_open, 116 .d_ioctl = ipmi_ioctl, 117 .d_poll = ipmi_poll, 118 .d_name = "ipmi", 119 }; 120 121 static MALLOC_DEFINE(M_IPMI, "ipmi", "ipmi"); 122 123 static int 124 ipmi_open(struct cdev *cdev, int flags, int fmt, struct thread *td) 125 { 126 struct ipmi_device *dev; 127 struct ipmi_softc *sc; 128 int error; 129 130 if (!on) 131 return (ENOENT); 132 133 /* Initialize the per file descriptor data. */ 134 dev = malloc(sizeof(struct ipmi_device), M_IPMI, M_WAITOK | M_ZERO); 135 error = devfs_set_cdevpriv(dev, ipmi_dtor); 136 if (error) { 137 free(dev, M_IPMI); 138 return (error); 139 } 140 141 sc = cdev->si_drv1; 142 TAILQ_INIT(&dev->ipmi_completed_requests); 143 dev->ipmi_address = IPMI_BMC_SLAVE_ADDR; 144 dev->ipmi_lun = IPMI_BMC_SMS_LUN; 145 dev->ipmi_softc = sc; 146 IPMI_LOCK(sc); 147 sc->ipmi_opened++; 148 IPMI_UNLOCK(sc); 149 150 return (0); 151 } 152 153 static int 154 ipmi_poll(struct cdev *cdev, int poll_events, struct thread *td) 155 { 156 struct ipmi_device *dev; 157 struct ipmi_softc *sc; 158 int revents = 0; 159 160 if (devfs_get_cdevpriv((void **)&dev)) 161 return (0); 162 163 sc = cdev->si_drv1; 164 IPMI_LOCK(sc); 165 if (poll_events & (POLLIN | POLLRDNORM)) { 166 if (!TAILQ_EMPTY(&dev->ipmi_completed_requests)) 167 revents |= poll_events & (POLLIN | POLLRDNORM); 168 if (dev->ipmi_requests == 0) 169 revents |= POLLERR; 170 } 171 172 if (revents == 0) { 173 if (poll_events & (POLLIN | POLLRDNORM)) 174 selrecord(td, &dev->ipmi_select); 175 } 176 IPMI_UNLOCK(sc); 177 178 return (revents); 179 } 180 181 static void 182 ipmi_purge_completed_requests(struct ipmi_device *dev) 183 { 184 struct ipmi_request *req; 185 186 while (!TAILQ_EMPTY(&dev->ipmi_completed_requests)) { 187 req = TAILQ_FIRST(&dev->ipmi_completed_requests); 188 TAILQ_REMOVE(&dev->ipmi_completed_requests, req, ir_link); 189 dev->ipmi_requests--; 190 ipmi_free_request(req); 191 } 192 } 193 194 static void 195 ipmi_dtor(void *arg) 196 { 197 struct ipmi_request *req, *nreq; 198 struct ipmi_device *dev; 199 struct ipmi_softc *sc; 200 201 dev = arg; 202 sc = dev->ipmi_softc; 203 204 IPMI_LOCK(sc); 205 if (dev->ipmi_requests) { 206 /* Throw away any pending requests for this device. */ 207 TAILQ_FOREACH_SAFE(req, &sc->ipmi_pending_requests, ir_link, 208 nreq) { 209 if (req->ir_owner == dev) { 210 TAILQ_REMOVE(&sc->ipmi_pending_requests, req, 211 ir_link); 212 dev->ipmi_requests--; 213 ipmi_free_request(req); 214 } 215 } 216 217 /* Throw away any pending completed requests for this device. */ 218 ipmi_purge_completed_requests(dev); 219 220 /* 221 * If we still have outstanding requests, they must be stuck 222 * in an interface driver, so wait for those to drain. 223 */ 224 dev->ipmi_closing = 1; 225 while (dev->ipmi_requests > 0) { 226 msleep(&dev->ipmi_requests, &sc->ipmi_requests_lock, 227 PWAIT, "ipmidrain", 0); 228 ipmi_purge_completed_requests(dev); 229 } 230 } 231 sc->ipmi_opened--; 232 IPMI_UNLOCK(sc); 233 234 /* Cleanup. */ 235 free(dev, M_IPMI); 236 } 237 238 #ifdef IPMB 239 static int 240 ipmi_ipmb_checksum(u_char *data, int len) 241 { 242 u_char sum = 0; 243 244 for (; len; len--) { 245 sum += *data++; 246 } 247 return (-sum); 248 } 249 250 /* XXX: Needs work */ 251 static int 252 ipmi_ipmb_send_message(device_t dev, u_char channel, u_char netfn, 253 u_char command, u_char seq, u_char *data, int data_len) 254 { 255 struct ipmi_softc *sc = device_get_softc(dev); 256 struct ipmi_request *req; 257 u_char slave_addr = 0x52; 258 int error; 259 260 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0), 261 IPMI_SEND_MSG, data_len + 8, 0); 262 req->ir_request[0] = channel; 263 req->ir_request[1] = slave_addr; 264 req->ir_request[2] = IPMI_ADDR(netfn, 0); 265 req->ir_request[3] = ipmi_ipmb_checksum(&req->ir_request[1], 2); 266 req->ir_request[4] = sc->ipmi_address; 267 req->ir_request[5] = IPMI_ADDR(seq, sc->ipmi_lun); 268 req->ir_request[6] = command; 269 270 bcopy(data, &req->ir_request[7], data_len); 271 temp[data_len + 7] = ipmi_ipmb_checksum(&req->ir_request[4], 272 data_len + 3); 273 274 ipmi_submit_driver_request(sc, req); 275 error = req->ir_error; 276 277 return (error); 278 } 279 280 static int 281 ipmi_handle_attn(struct ipmi_softc *sc) 282 { 283 struct ipmi_request *req; 284 int error; 285 286 device_printf(sc->ipmi_dev, "BMC has a message\n"); 287 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0), 288 IPMI_GET_MSG_FLAGS, 0, 1); 289 290 ipmi_submit_driver_request(sc, req); 291 292 if (req->ir_error == 0 && req->ir_compcode == 0) { 293 if (req->ir_reply[0] & IPMI_MSG_BUFFER_FULL) { 294 device_printf(sc->ipmi_dev, "message buffer full"); 295 } 296 if (req->ir_reply[0] & IPMI_WDT_PRE_TIMEOUT) { 297 device_printf(sc->ipmi_dev, 298 "watchdog about to go off"); 299 } 300 if (req->ir_reply[0] & IPMI_MSG_AVAILABLE) { 301 IPMI_ALLOC_DRIVER_REQUEST(req, 302 IPMI_ADDR(IPMI_APP_REQUEST, 0), IPMI_GET_MSG, 0, 303 16); 304 305 device_printf(sc->ipmi_dev, "throw out message "); 306 dump_buf(temp, 16); 307 } 308 } 309 error = req->ir_error; 310 311 return (error); 312 } 313 #endif 314 315 #ifdef IPMICTL_SEND_COMMAND_32 316 #define PTRIN(p) ((void *)(uintptr_t)(p)) 317 #define PTROUT(p) ((uintptr_t)(p)) 318 #endif 319 320 static int 321 ipmi_ioctl(struct cdev *cdev, u_long cmd, caddr_t data, 322 int flags, struct thread *td) 323 { 324 struct ipmi_softc *sc; 325 struct ipmi_device *dev; 326 struct ipmi_request *kreq; 327 struct ipmi_req *req = (struct ipmi_req *)data; 328 struct ipmi_recv *recv = (struct ipmi_recv *)data; 329 struct ipmi_addr addr; 330 #ifdef IPMICTL_SEND_COMMAND_32 331 struct ipmi_req32 *req32 = (struct ipmi_req32 *)data; 332 struct ipmi_recv32 *recv32 = (struct ipmi_recv32 *)data; 333 union { 334 struct ipmi_req req; 335 struct ipmi_recv recv; 336 } thunk32; 337 #endif 338 int error, len; 339 340 error = devfs_get_cdevpriv((void **)&dev); 341 if (error) 342 return (error); 343 344 sc = cdev->si_drv1; 345 346 #ifdef IPMICTL_SEND_COMMAND_32 347 /* Convert 32-bit structures to native. */ 348 switch (cmd) { 349 case IPMICTL_SEND_COMMAND_32: 350 req = &thunk32.req; 351 req->addr = PTRIN(req32->addr); 352 req->addr_len = req32->addr_len; 353 req->msgid = req32->msgid; 354 req->msg.netfn = req32->msg.netfn; 355 req->msg.cmd = req32->msg.cmd; 356 req->msg.data_len = req32->msg.data_len; 357 req->msg.data = PTRIN(req32->msg.data); 358 break; 359 case IPMICTL_RECEIVE_MSG_TRUNC_32: 360 case IPMICTL_RECEIVE_MSG_32: 361 recv = &thunk32.recv; 362 recv->addr = PTRIN(recv32->addr); 363 recv->addr_len = recv32->addr_len; 364 recv->msg.data_len = recv32->msg.data_len; 365 recv->msg.data = PTRIN(recv32->msg.data); 366 break; 367 } 368 #endif 369 370 switch (cmd) { 371 #ifdef IPMICTL_SEND_COMMAND_32 372 case IPMICTL_SEND_COMMAND_32: 373 #endif 374 case IPMICTL_SEND_COMMAND: 375 /* 376 * XXX: Need to add proper handling of this. 377 */ 378 error = copyin(req->addr, &addr, sizeof(addr)); 379 if (error) 380 return (error); 381 382 IPMI_LOCK(sc); 383 /* clear out old stuff in queue of stuff done */ 384 /* XXX: This seems odd. */ 385 while ((kreq = TAILQ_FIRST(&dev->ipmi_completed_requests))) { 386 TAILQ_REMOVE(&dev->ipmi_completed_requests, kreq, 387 ir_link); 388 dev->ipmi_requests--; 389 ipmi_free_request(kreq); 390 } 391 IPMI_UNLOCK(sc); 392 393 kreq = ipmi_alloc_request(dev, req->msgid, 394 IPMI_ADDR(req->msg.netfn, 0), req->msg.cmd, 395 req->msg.data_len, IPMI_MAX_RX); 396 error = copyin(req->msg.data, kreq->ir_request, 397 req->msg.data_len); 398 if (error) { 399 ipmi_free_request(kreq); 400 return (error); 401 } 402 IPMI_LOCK(sc); 403 dev->ipmi_requests++; 404 error = sc->ipmi_enqueue_request(sc, kreq); 405 IPMI_UNLOCK(sc); 406 if (error) 407 return (error); 408 break; 409 #ifdef IPMICTL_SEND_COMMAND_32 410 case IPMICTL_RECEIVE_MSG_TRUNC_32: 411 case IPMICTL_RECEIVE_MSG_32: 412 #endif 413 case IPMICTL_RECEIVE_MSG_TRUNC: 414 case IPMICTL_RECEIVE_MSG: 415 error = copyin(recv->addr, &addr, sizeof(addr)); 416 if (error) 417 return (error); 418 419 IPMI_LOCK(sc); 420 kreq = TAILQ_FIRST(&dev->ipmi_completed_requests); 421 if (kreq == NULL) { 422 IPMI_UNLOCK(sc); 423 return (EAGAIN); 424 } 425 addr.channel = IPMI_BMC_CHANNEL; 426 /* XXX */ 427 recv->recv_type = IPMI_RESPONSE_RECV_TYPE; 428 recv->msgid = kreq->ir_msgid; 429 recv->msg.netfn = IPMI_REPLY_ADDR(kreq->ir_addr) >> 2; 430 recv->msg.cmd = kreq->ir_command; 431 error = kreq->ir_error; 432 if (error) { 433 TAILQ_REMOVE(&dev->ipmi_completed_requests, kreq, 434 ir_link); 435 dev->ipmi_requests--; 436 IPMI_UNLOCK(sc); 437 ipmi_free_request(kreq); 438 return (error); 439 } 440 len = kreq->ir_replylen + 1; 441 if (recv->msg.data_len < len && 442 (cmd == IPMICTL_RECEIVE_MSG 443 #ifdef IPMICTL_RECEIVE_MSG_32 444 || cmd == IPMICTL_RECEIVE_MSG_32 445 #endif 446 )) { 447 IPMI_UNLOCK(sc); 448 return (EMSGSIZE); 449 } 450 TAILQ_REMOVE(&dev->ipmi_completed_requests, kreq, ir_link); 451 dev->ipmi_requests--; 452 IPMI_UNLOCK(sc); 453 len = min(recv->msg.data_len, len); 454 recv->msg.data_len = len; 455 error = copyout(&addr, recv->addr,sizeof(addr)); 456 if (error == 0) 457 error = copyout(&kreq->ir_compcode, recv->msg.data, 1); 458 if (error == 0) 459 error = copyout(kreq->ir_reply, recv->msg.data + 1, 460 len - 1); 461 ipmi_free_request(kreq); 462 if (error) 463 return (error); 464 break; 465 case IPMICTL_SET_MY_ADDRESS_CMD: 466 IPMI_LOCK(sc); 467 dev->ipmi_address = *(int*)data; 468 IPMI_UNLOCK(sc); 469 break; 470 case IPMICTL_GET_MY_ADDRESS_CMD: 471 IPMI_LOCK(sc); 472 *(int*)data = dev->ipmi_address; 473 IPMI_UNLOCK(sc); 474 break; 475 case IPMICTL_SET_MY_LUN_CMD: 476 IPMI_LOCK(sc); 477 dev->ipmi_lun = *(int*)data & 0x3; 478 IPMI_UNLOCK(sc); 479 break; 480 case IPMICTL_GET_MY_LUN_CMD: 481 IPMI_LOCK(sc); 482 *(int*)data = dev->ipmi_lun; 483 IPMI_UNLOCK(sc); 484 break; 485 case IPMICTL_SET_GETS_EVENTS_CMD: 486 /* 487 device_printf(sc->ipmi_dev, 488 "IPMICTL_SET_GETS_EVENTS_CMD NA\n"); 489 */ 490 break; 491 case IPMICTL_REGISTER_FOR_CMD: 492 case IPMICTL_UNREGISTER_FOR_CMD: 493 return (EOPNOTSUPP); 494 default: 495 device_printf(sc->ipmi_dev, "Unknown IOCTL %lX\n", cmd); 496 return (ENOIOCTL); 497 } 498 499 #ifdef IPMICTL_SEND_COMMAND_32 500 /* Update changed fields in 32-bit structures. */ 501 switch (cmd) { 502 case IPMICTL_RECEIVE_MSG_TRUNC_32: 503 case IPMICTL_RECEIVE_MSG_32: 504 recv32->recv_type = recv->recv_type; 505 recv32->msgid = recv->msgid; 506 recv32->msg.netfn = recv->msg.netfn; 507 recv32->msg.cmd = recv->msg.cmd; 508 recv32->msg.data_len = recv->msg.data_len; 509 break; 510 } 511 #endif 512 return (0); 513 } 514 515 /* 516 * Request management. 517 */ 518 519 static __inline void 520 ipmi_init_request(struct ipmi_request *req, struct ipmi_device *dev, long msgid, 521 uint8_t addr, uint8_t command, size_t requestlen, size_t replylen) 522 { 523 524 req->ir_owner = dev; 525 req->ir_msgid = msgid; 526 req->ir_addr = addr; 527 req->ir_command = command; 528 if (requestlen) { 529 req->ir_request = (char *)&req[1]; 530 req->ir_requestlen = requestlen; 531 } 532 if (replylen) { 533 req->ir_reply = (char *)&req[1] + requestlen; 534 req->ir_replybuflen = replylen; 535 } 536 } 537 538 /* Allocate a new request with request and reply buffers. */ 539 struct ipmi_request * 540 ipmi_alloc_request(struct ipmi_device *dev, long msgid, uint8_t addr, 541 uint8_t command, size_t requestlen, size_t replylen) 542 { 543 struct ipmi_request *req; 544 545 req = malloc(sizeof(struct ipmi_request) + requestlen + replylen, 546 M_IPMI, M_WAITOK | M_ZERO); 547 ipmi_init_request(req, dev, msgid, addr, command, requestlen, replylen); 548 return (req); 549 } 550 551 /* Free a request no longer in use. */ 552 void 553 ipmi_free_request(struct ipmi_request *req) 554 { 555 556 free(req, M_IPMI); 557 } 558 559 /* Store a processed request on the appropriate completion queue. */ 560 void 561 ipmi_complete_request(struct ipmi_softc *sc, struct ipmi_request *req) 562 { 563 struct ipmi_device *dev; 564 565 IPMI_LOCK_ASSERT(sc); 566 567 /* 568 * Anonymous requests (from inside the driver) always have a 569 * waiter that we awaken. 570 */ 571 if (req->ir_owner == NULL) 572 wakeup(req); 573 else { 574 dev = req->ir_owner; 575 TAILQ_INSERT_TAIL(&dev->ipmi_completed_requests, req, ir_link); 576 selwakeup(&dev->ipmi_select); 577 if (dev->ipmi_closing) 578 wakeup(&dev->ipmi_requests); 579 } 580 } 581 582 /* Perform an internal driver request. */ 583 int 584 ipmi_submit_driver_request(struct ipmi_softc *sc, struct ipmi_request *req, 585 int timo) 586 { 587 588 return (sc->ipmi_driver_request(sc, req, timo)); 589 } 590 591 /* 592 * Helper routine for polled system interfaces that use 593 * ipmi_polled_enqueue_request() to queue requests. This request 594 * waits until there is a pending request and then returns the first 595 * request. If the driver is shutting down, it returns NULL. 596 */ 597 struct ipmi_request * 598 ipmi_dequeue_request(struct ipmi_softc *sc) 599 { 600 struct ipmi_request *req; 601 602 IPMI_LOCK_ASSERT(sc); 603 604 while (!sc->ipmi_detaching && TAILQ_EMPTY(&sc->ipmi_pending_requests)) 605 cv_wait(&sc->ipmi_request_added, &sc->ipmi_requests_lock); 606 if (sc->ipmi_detaching) 607 return (NULL); 608 609 req = TAILQ_FIRST(&sc->ipmi_pending_requests); 610 TAILQ_REMOVE(&sc->ipmi_pending_requests, req, ir_link); 611 return (req); 612 } 613 614 /* Default implementation of ipmi_enqueue_request() for polled interfaces. */ 615 int 616 ipmi_polled_enqueue_request(struct ipmi_softc *sc, struct ipmi_request *req) 617 { 618 619 IPMI_LOCK_ASSERT(sc); 620 621 TAILQ_INSERT_TAIL(&sc->ipmi_pending_requests, req, ir_link); 622 cv_signal(&sc->ipmi_request_added); 623 return (0); 624 } 625 626 /* 627 * Watchdog event handler. 628 */ 629 630 static int 631 ipmi_reset_watchdog(struct ipmi_softc *sc) 632 { 633 struct ipmi_request *req; 634 int error; 635 636 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0), 637 IPMI_RESET_WDOG, 0, 0); 638 error = ipmi_submit_driver_request(sc, req, 0); 639 if (error) 640 device_printf(sc->ipmi_dev, "Failed to reset watchdog\n"); 641 return (error); 642 } 643 644 static int 645 ipmi_set_watchdog(struct ipmi_softc *sc, unsigned int sec) 646 { 647 struct ipmi_request *req; 648 int error; 649 650 if (sec > 0xffff / 10) 651 return (EINVAL); 652 653 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0), 654 IPMI_SET_WDOG, 6, 0); 655 if (sec) { 656 req->ir_request[0] = IPMI_SET_WD_TIMER_DONT_STOP 657 | IPMI_SET_WD_TIMER_SMS_OS; 658 req->ir_request[1] = (wd_timer_actions & 0xff); 659 req->ir_request[2] = (wd_pretimeout_countdown & 0xff); 660 req->ir_request[3] = 0; /* Timer use */ 661 req->ir_request[4] = (sec * 10) & 0xff; 662 req->ir_request[5] = (sec * 10) >> 8; 663 } else { 664 req->ir_request[0] = IPMI_SET_WD_TIMER_SMS_OS; 665 req->ir_request[1] = 0; 666 req->ir_request[2] = 0; 667 req->ir_request[3] = 0; /* Timer use */ 668 req->ir_request[4] = 0; 669 req->ir_request[5] = 0; 670 } 671 error = ipmi_submit_driver_request(sc, req, 0); 672 if (error) 673 device_printf(sc->ipmi_dev, "Failed to set watchdog\n"); 674 return (error); 675 } 676 677 static void 678 ipmi_wd_event(void *arg, unsigned int cmd, int *error) 679 { 680 struct ipmi_softc *sc = arg; 681 unsigned int timeout; 682 int e; 683 684 /* Ignore requests while disabled. */ 685 if (!on) 686 return; 687 688 /* 689 * To prevent infinite hangs, we don't let anyone pat or change 690 * the watchdog when we're shutting down. (See ipmi_shutdown_event().) 691 * However, we do want to keep patting the watchdog while we are doing 692 * a coredump. 693 */ 694 if (wd_in_shutdown) { 695 if (dumping && sc->ipmi_watchdog_active) 696 ipmi_reset_watchdog(sc); 697 return; 698 } 699 700 cmd &= WD_INTERVAL; 701 if (cmd > 0 && cmd <= 63) { 702 timeout = ((uint64_t)1 << cmd) / 1000000000; 703 if (timeout == 0) 704 timeout = 1; 705 if (timeout != sc->ipmi_watchdog_active || 706 wd_timer_actions != sc->ipmi_watchdog_actions || 707 wd_pretimeout_countdown != sc->ipmi_watchdog_pretimeout) { 708 e = ipmi_set_watchdog(sc, timeout); 709 if (e == 0) { 710 sc->ipmi_watchdog_active = timeout; 711 sc->ipmi_watchdog_actions = wd_timer_actions; 712 sc->ipmi_watchdog_pretimeout = wd_pretimeout_countdown; 713 } else { 714 (void)ipmi_set_watchdog(sc, 0); 715 sc->ipmi_watchdog_active = 0; 716 sc->ipmi_watchdog_actions = 0; 717 sc->ipmi_watchdog_pretimeout = 0; 718 } 719 } 720 if (sc->ipmi_watchdog_active != 0) { 721 e = ipmi_reset_watchdog(sc); 722 if (e == 0) { 723 *error = 0; 724 } else { 725 (void)ipmi_set_watchdog(sc, 0); 726 sc->ipmi_watchdog_active = 0; 727 sc->ipmi_watchdog_actions = 0; 728 sc->ipmi_watchdog_pretimeout = 0; 729 } 730 } 731 } else if (atomic_readandclear_int(&sc->ipmi_watchdog_active) != 0) { 732 sc->ipmi_watchdog_actions = 0; 733 sc->ipmi_watchdog_pretimeout = 0; 734 735 e = ipmi_set_watchdog(sc, 0); 736 if (e != 0 && cmd == 0) 737 *error = EOPNOTSUPP; 738 } 739 } 740 741 static void 742 ipmi_shutdown_event(void *arg, unsigned int cmd, int *error) 743 { 744 struct ipmi_softc *sc = arg; 745 746 /* Ignore event if disabled. */ 747 if (!on) 748 return; 749 750 /* 751 * Positive wd_shutdown_countdown value will re-arm watchdog; 752 * Zero value in wd_shutdown_countdown will disable watchdog; 753 * Negative value in wd_shutdown_countdown will keep existing state; 754 * 755 * Revert to using a power cycle to ensure that the watchdog will 756 * do something useful here. Having the watchdog send an NMI 757 * instead is useless during shutdown, and might be ignored if an 758 * NMI already triggered. 759 */ 760 761 wd_in_shutdown = true; 762 if (wd_shutdown_countdown == 0) { 763 /* disable watchdog */ 764 ipmi_set_watchdog(sc, 0); 765 sc->ipmi_watchdog_active = 0; 766 } else if (wd_shutdown_countdown > 0) { 767 /* set desired action and time, and, reset watchdog */ 768 wd_timer_actions = IPMI_SET_WD_ACTION_POWER_CYCLE; 769 ipmi_set_watchdog(sc, wd_shutdown_countdown); 770 sc->ipmi_watchdog_active = wd_shutdown_countdown; 771 ipmi_reset_watchdog(sc); 772 } 773 } 774 775 static void 776 ipmi_power_cycle(void *arg, int howto) 777 { 778 struct ipmi_softc *sc = arg; 779 struct ipmi_request *req; 780 781 /* 782 * Ignore everything except power cycling requests 783 */ 784 if ((howto & RB_POWERCYCLE) == 0) 785 return; 786 787 device_printf(sc->ipmi_dev, "Power cycling using IPMI\n"); 788 789 /* 790 * Send a CHASSIS_CONTROL command to the CHASSIS device, subcommand 2 791 * as described in IPMI v2.0 spec section 28.3. 792 */ 793 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_CHASSIS_REQUEST, 0), 794 IPMI_CHASSIS_CONTROL, 1, 0); 795 req->ir_request[0] = IPMI_CC_POWER_CYCLE; 796 797 ipmi_submit_driver_request(sc, req, MAX_TIMEOUT); 798 799 if (req->ir_error != 0 || req->ir_compcode != 0) { 800 device_printf(sc->ipmi_dev, "Power cycling via IPMI failed code %#x %#x\n", 801 req->ir_error, req->ir_compcode); 802 return; 803 } 804 805 /* 806 * BMCs are notoriously slow, give it cyle_wait seconds for the power 807 * down leg of the power cycle. If that fails, fallback to the next 808 * hanlder in the shutdown_final chain and/or the platform failsafe. 809 */ 810 DELAY(cycle_wait * 1000 * 1000); 811 device_printf(sc->ipmi_dev, "Power cycling via IPMI timed out\n"); 812 } 813 814 static void 815 ipmi_startup(void *arg) 816 { 817 struct ipmi_softc *sc = arg; 818 struct ipmi_request *req; 819 device_t dev; 820 int error, i; 821 822 config_intrhook_disestablish(&sc->ipmi_ich); 823 dev = sc->ipmi_dev; 824 825 /* Initialize interface-independent state. */ 826 mtx_init(&sc->ipmi_requests_lock, "ipmi requests", NULL, MTX_DEF); 827 mtx_init(&sc->ipmi_io_lock, "ipmi io", NULL, MTX_DEF); 828 cv_init(&sc->ipmi_request_added, "ipmireq"); 829 TAILQ_INIT(&sc->ipmi_pending_requests); 830 831 /* Initialize interface-dependent state. */ 832 error = sc->ipmi_startup(sc); 833 if (error) { 834 device_printf(dev, "Failed to initialize interface: %d\n", 835 error); 836 return; 837 } 838 839 /* Send a GET_DEVICE_ID request. */ 840 IPMI_ALLOC_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0), 841 IPMI_GET_DEVICE_ID, 0, 15); 842 843 error = ipmi_submit_driver_request(sc, req, MAX_TIMEOUT); 844 if (error == EWOULDBLOCK) { 845 device_printf(dev, "Timed out waiting for GET_DEVICE_ID\n"); 846 return; 847 } else if (error) { 848 device_printf(dev, "Failed GET_DEVICE_ID: %d\n", error); 849 return; 850 } else if (req->ir_compcode != 0) { 851 device_printf(dev, 852 "Bad completion code for GET_DEVICE_ID: %d\n", 853 req->ir_compcode); 854 return; 855 } else if (req->ir_replylen < 5) { 856 device_printf(dev, "Short reply for GET_DEVICE_ID: %d\n", 857 req->ir_replylen); 858 return; 859 } 860 861 device_printf(dev, "IPMI device rev. %d, firmware rev. %d.%d%d, " 862 "version %d.%d, device support mask %#x\n", 863 req->ir_reply[1] & 0x0f, 864 req->ir_reply[2] & 0x7f, req->ir_reply[3] >> 4, req->ir_reply[3] & 0x0f, 865 req->ir_reply[4] & 0x0f, req->ir_reply[4] >> 4, req->ir_reply[5]); 866 867 sc->ipmi_dev_support = req->ir_reply[5]; 868 869 IPMI_INIT_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0), 870 IPMI_CLEAR_FLAGS, 1, 0); 871 872 ipmi_submit_driver_request(sc, req, 0); 873 874 /* XXX: Magic numbers */ 875 if (req->ir_compcode == 0xc0) { 876 device_printf(dev, "Clear flags is busy\n"); 877 } 878 if (req->ir_compcode == 0xc1) { 879 device_printf(dev, "Clear flags illegal\n"); 880 } 881 882 for (i = 0; i < 8; i++) { 883 IPMI_INIT_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0), 884 IPMI_GET_CHANNEL_INFO, 1, 0); 885 req->ir_request[0] = i; 886 887 ipmi_submit_driver_request(sc, req, 0); 888 889 if (req->ir_compcode != 0) 890 break; 891 } 892 device_printf(dev, "Number of channels %d\n", i); 893 894 /* 895 * Probe for watchdog, but only for backends which support 896 * polled driver requests. 897 */ 898 if (sc->ipmi_driver_requests_polled) { 899 IPMI_INIT_DRIVER_REQUEST(req, IPMI_ADDR(IPMI_APP_REQUEST, 0), 900 IPMI_GET_WDOG, 0, 0); 901 902 ipmi_submit_driver_request(sc, req, 0); 903 904 if (req->ir_compcode == 0x00) { 905 device_printf(dev, "Attached watchdog\n"); 906 /* register the watchdog event handler */ 907 sc->ipmi_watchdog_tag = EVENTHANDLER_REGISTER( 908 watchdog_list, ipmi_wd_event, sc, 0); 909 sc->ipmi_shutdown_tag = EVENTHANDLER_REGISTER( 910 shutdown_pre_sync, ipmi_shutdown_event, 911 sc, 0); 912 } 913 } 914 915 sc->ipmi_cdev = make_dev(&ipmi_cdevsw, device_get_unit(dev), 916 UID_ROOT, GID_OPERATOR, 0660, "ipmi%d", device_get_unit(dev)); 917 if (sc->ipmi_cdev == NULL) { 918 device_printf(dev, "Failed to create cdev\n"); 919 return; 920 } 921 sc->ipmi_cdev->si_drv1 = sc; 922 923 /* 924 * Set initial watchdog state. If desired, set an initial 925 * watchdog on startup. Or, if the watchdog device is 926 * disabled, clear any existing watchdog. 927 */ 928 if (on && wd_startup_countdown > 0) { 929 wd_timer_actions = IPMI_SET_WD_ACTION_POWER_CYCLE; 930 if (ipmi_set_watchdog(sc, wd_startup_countdown) == 0 && 931 ipmi_reset_watchdog(sc) == 0) { 932 sc->ipmi_watchdog_active = wd_startup_countdown; 933 sc->ipmi_watchdog_actions = wd_timer_actions; 934 sc->ipmi_watchdog_pretimeout = wd_pretimeout_countdown; 935 } else 936 (void)ipmi_set_watchdog(sc, 0); 937 ipmi_reset_watchdog(sc); 938 } else if (!on) 939 (void)ipmi_set_watchdog(sc, 0); 940 /* 941 * Power cycle the system off using IPMI. We use last - 1 since we don't 942 * handle all the other kinds of reboots. We'll let others handle them. 943 * We only try to do this if the BMC supports the Chassis device. 944 */ 945 if (sc->ipmi_dev_support & IPMI_ADS_CHASSIS) { 946 device_printf(dev, "Establishing power cycle handler\n"); 947 sc->ipmi_power_cycle_tag = EVENTHANDLER_REGISTER(shutdown_final, 948 ipmi_power_cycle, sc, SHUTDOWN_PRI_LAST - 1); 949 } 950 } 951 952 int 953 ipmi_attach(device_t dev) 954 { 955 struct ipmi_softc *sc = device_get_softc(dev); 956 int error; 957 958 if (sc->ipmi_irq_res != NULL && sc->ipmi_intr != NULL) { 959 error = bus_setup_intr(dev, sc->ipmi_irq_res, INTR_TYPE_MISC, 960 NULL, sc->ipmi_intr, sc, &sc->ipmi_irq); 961 if (error) { 962 device_printf(dev, "can't set up interrupt\n"); 963 return (error); 964 } 965 } 966 967 bzero(&sc->ipmi_ich, sizeof(struct intr_config_hook)); 968 sc->ipmi_ich.ich_func = ipmi_startup; 969 sc->ipmi_ich.ich_arg = sc; 970 if (config_intrhook_establish(&sc->ipmi_ich) != 0) { 971 device_printf(dev, "can't establish configuration hook\n"); 972 return (ENOMEM); 973 } 974 975 ipmi_attached = 1; 976 return (0); 977 } 978 979 int 980 ipmi_detach(device_t dev) 981 { 982 struct ipmi_softc *sc; 983 984 sc = device_get_softc(dev); 985 986 /* Fail if there are any open handles. */ 987 IPMI_LOCK(sc); 988 if (sc->ipmi_opened) { 989 IPMI_UNLOCK(sc); 990 return (EBUSY); 991 } 992 IPMI_UNLOCK(sc); 993 if (sc->ipmi_cdev) 994 destroy_dev(sc->ipmi_cdev); 995 996 /* Detach from watchdog handling and turn off watchdog. */ 997 if (sc->ipmi_shutdown_tag) 998 EVENTHANDLER_DEREGISTER(shutdown_pre_sync, 999 sc->ipmi_shutdown_tag); 1000 if (sc->ipmi_watchdog_tag) { 1001 EVENTHANDLER_DEREGISTER(watchdog_list, sc->ipmi_watchdog_tag); 1002 ipmi_set_watchdog(sc, 0); 1003 } 1004 1005 /* Detach from shutdown handling for power cycle reboot */ 1006 if (sc->ipmi_power_cycle_tag) 1007 EVENTHANDLER_DEREGISTER(shutdown_final, sc->ipmi_power_cycle_tag); 1008 1009 /* XXX: should use shutdown callout I think. */ 1010 /* If the backend uses a kthread, shut it down. */ 1011 IPMI_LOCK(sc); 1012 sc->ipmi_detaching = 1; 1013 if (sc->ipmi_kthread) { 1014 cv_broadcast(&sc->ipmi_request_added); 1015 msleep(sc->ipmi_kthread, &sc->ipmi_requests_lock, 0, 1016 "ipmi_wait", 0); 1017 } 1018 IPMI_UNLOCK(sc); 1019 if (sc->ipmi_irq) 1020 bus_teardown_intr(dev, sc->ipmi_irq_res, sc->ipmi_irq); 1021 1022 ipmi_release_resources(dev); 1023 mtx_destroy(&sc->ipmi_io_lock); 1024 mtx_destroy(&sc->ipmi_requests_lock); 1025 return (0); 1026 } 1027 1028 void 1029 ipmi_release_resources(device_t dev) 1030 { 1031 struct ipmi_softc *sc; 1032 int i; 1033 1034 sc = device_get_softc(dev); 1035 if (sc->ipmi_irq) 1036 bus_teardown_intr(dev, sc->ipmi_irq_res, sc->ipmi_irq); 1037 if (sc->ipmi_irq_res) 1038 bus_release_resource(dev, SYS_RES_IRQ, sc->ipmi_irq_rid, 1039 sc->ipmi_irq_res); 1040 for (i = 0; i < MAX_RES; i++) 1041 if (sc->ipmi_io_res[i]) 1042 bus_release_resource(dev, sc->ipmi_io_type, 1043 sc->ipmi_io_rid + i, sc->ipmi_io_res[i]); 1044 } 1045 1046 devclass_t ipmi_devclass; 1047 1048 /* XXX: Why? */ 1049 static void 1050 ipmi_unload(void *arg) 1051 { 1052 device_t * devs; 1053 int count; 1054 int i; 1055 1056 if (devclass_get_devices(ipmi_devclass, &devs, &count) != 0) 1057 return; 1058 for (i = 0; i < count; i++) 1059 device_delete_child(device_get_parent(devs[i]), devs[i]); 1060 free(devs, M_TEMP); 1061 } 1062 SYSUNINIT(ipmi_unload, SI_SUB_DRIVERS, SI_ORDER_FIRST, ipmi_unload, NULL); 1063 1064 #ifdef IMPI_DEBUG 1065 static void 1066 dump_buf(u_char *data, int len) 1067 { 1068 char buf[20]; 1069 char line[1024]; 1070 char temp[30]; 1071 int count = 0; 1072 int i=0; 1073 1074 printf("Address %p len %d\n", data, len); 1075 if (len > 256) 1076 len = 256; 1077 line[0] = '\000'; 1078 for (; len > 0; len--, data++) { 1079 sprintf(temp, "%02x ", *data); 1080 strcat(line, temp); 1081 if (*data >= ' ' && *data <= '~') 1082 buf[count] = *data; 1083 else if (*data >= 'A' && *data <= 'Z') 1084 buf[count] = *data; 1085 else 1086 buf[count] = '.'; 1087 if (++count == 16) { 1088 buf[count] = '\000'; 1089 count = 0; 1090 printf(" %3x %s %s\n", i, line, buf); 1091 i+=16; 1092 line[0] = '\000'; 1093 } 1094 } 1095 buf[count] = '\000'; 1096 1097 for (; count != 16; count++) { 1098 strcat(line, " "); 1099 } 1100 printf(" %3x %s %s\n", i, line, buf); 1101 } 1102 #endif 1103