1 /* 2 * IPMI BMC external connection 3 * 4 * Copyright (c) 2015 Corey Minyard, MontaVista Software, LLC 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 /* 26 * This is designed to connect with OpenIPMI's lanserv serial interface 27 * using the "VM" connection type. See that for details. 28 */ 29 30 #include "qemu/osdep.h" 31 #include "qemu/error-report.h" 32 #include "qemu/module.h" 33 #include "qapi/error.h" 34 #include "qemu/timer.h" 35 #include "chardev/char-fe.h" 36 #include "sysemu/sysemu.h" 37 #include "hw/ipmi/ipmi.h" 38 #include "hw/qdev-properties.h" 39 #include "migration/vmstate.h" 40 41 #define VM_MSG_CHAR 0xA0 /* Marks end of message */ 42 #define VM_CMD_CHAR 0xA1 /* Marks end of a command */ 43 #define VM_ESCAPE_CHAR 0xAA /* Set bit 4 from the next byte to 0 */ 44 45 #define VM_PROTOCOL_VERSION 1 46 #define VM_CMD_VERSION 0xff /* A version number byte follows */ 47 #define VM_CMD_NOATTN 0x00 48 #define VM_CMD_ATTN 0x01 49 #define VM_CMD_ATTN_IRQ 0x02 50 #define VM_CMD_POWEROFF 0x03 51 #define VM_CMD_RESET 0x04 52 #define VM_CMD_ENABLE_IRQ 0x05 /* Enable/disable the messaging irq */ 53 #define VM_CMD_DISABLE_IRQ 0x06 54 #define VM_CMD_SEND_NMI 0x07 55 #define VM_CMD_CAPABILITIES 0x08 56 #define VM_CAPABILITIES_POWER 0x01 57 #define VM_CAPABILITIES_RESET 0x02 58 #define VM_CAPABILITIES_IRQ 0x04 59 #define VM_CAPABILITIES_NMI 0x08 60 #define VM_CAPABILITIES_ATTN 0x10 61 #define VM_CAPABILITIES_GRACEFUL_SHUTDOWN 0x20 62 #define VM_CMD_GRACEFUL_SHUTDOWN 0x09 63 64 #define TYPE_IPMI_BMC_EXTERN "ipmi-bmc-extern" 65 #define IPMI_BMC_EXTERN(obj) OBJECT_CHECK(IPMIBmcExtern, (obj), \ 66 TYPE_IPMI_BMC_EXTERN) 67 typedef struct IPMIBmcExtern { 68 IPMIBmc parent; 69 70 CharBackend chr; 71 72 bool connected; 73 74 unsigned char inbuf[MAX_IPMI_MSG_SIZE + 2]; 75 unsigned int inpos; 76 bool in_escape; 77 bool in_too_many; 78 bool waiting_rsp; 79 bool sending_cmd; 80 81 unsigned char outbuf[(MAX_IPMI_MSG_SIZE + 2) * 2 + 1]; 82 unsigned int outpos; 83 unsigned int outlen; 84 85 struct QEMUTimer *extern_timer; 86 87 /* A reset event is pending to be sent upstream. */ 88 bool send_reset; 89 } IPMIBmcExtern; 90 91 static int can_receive(void *opaque); 92 static void receive(void *opaque, const uint8_t *buf, int size); 93 static void chr_event(void *opaque, int event); 94 95 static unsigned char 96 ipmb_checksum(const unsigned char *data, int size, unsigned char start) 97 { 98 unsigned char csum = start; 99 100 for (; size > 0; size--, data++) { 101 csum += *data; 102 } 103 return csum; 104 } 105 106 static void continue_send(IPMIBmcExtern *ibe) 107 { 108 int ret; 109 if (ibe->outlen == 0) { 110 goto check_reset; 111 } 112 send: 113 ret = qemu_chr_fe_write(&ibe->chr, ibe->outbuf + ibe->outpos, 114 ibe->outlen - ibe->outpos); 115 if (ret > 0) { 116 ibe->outpos += ret; 117 } 118 if (ibe->outpos < ibe->outlen) { 119 /* Not fully transmitted, try again in a 10ms */ 120 timer_mod_ns(ibe->extern_timer, 121 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 10000000); 122 } else { 123 /* Sent */ 124 ibe->outlen = 0; 125 ibe->outpos = 0; 126 if (!ibe->sending_cmd) { 127 ibe->waiting_rsp = true; 128 } else { 129 ibe->sending_cmd = false; 130 } 131 check_reset: 132 if (ibe->connected && ibe->send_reset) { 133 /* Send the reset */ 134 ibe->outbuf[0] = VM_CMD_RESET; 135 ibe->outbuf[1] = VM_CMD_CHAR; 136 ibe->outlen = 2; 137 ibe->outpos = 0; 138 ibe->send_reset = false; 139 ibe->sending_cmd = true; 140 goto send; 141 } 142 143 if (ibe->waiting_rsp) { 144 /* Make sure we get a response within 4 seconds. */ 145 timer_mod_ns(ibe->extern_timer, 146 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 4000000000ULL); 147 } 148 } 149 return; 150 } 151 152 static void extern_timeout(void *opaque) 153 { 154 IPMIBmcExtern *ibe = opaque; 155 IPMIInterface *s = ibe->parent.intf; 156 157 if (ibe->connected) { 158 if (ibe->waiting_rsp && (ibe->outlen == 0)) { 159 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 160 /* The message response timed out, return an error. */ 161 ibe->waiting_rsp = false; 162 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 163 ibe->inbuf[2] = ibe->outbuf[2]; 164 ibe->inbuf[3] = IPMI_CC_TIMEOUT; 165 k->handle_rsp(s, ibe->outbuf[0], ibe->inbuf + 1, 3); 166 } else { 167 continue_send(ibe); 168 } 169 } 170 } 171 172 static void addchar(IPMIBmcExtern *ibe, unsigned char ch) 173 { 174 switch (ch) { 175 case VM_MSG_CHAR: 176 case VM_CMD_CHAR: 177 case VM_ESCAPE_CHAR: 178 ibe->outbuf[ibe->outlen] = VM_ESCAPE_CHAR; 179 ibe->outlen++; 180 ch |= 0x10; 181 /* No break */ 182 183 default: 184 ibe->outbuf[ibe->outlen] = ch; 185 ibe->outlen++; 186 } 187 } 188 189 static void ipmi_bmc_extern_handle_command(IPMIBmc *b, 190 uint8_t *cmd, unsigned int cmd_len, 191 unsigned int max_cmd_len, 192 uint8_t msg_id) 193 { 194 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(b); 195 IPMIInterface *s = ibe->parent.intf; 196 uint8_t err = 0, csum; 197 unsigned int i; 198 199 if (ibe->outlen) { 200 /* We already have a command queued. Shouldn't ever happen. */ 201 error_report("IPMI KCS: Got command when not finished with the" 202 " previous command"); 203 abort(); 204 } 205 206 /* If it's too short or it was truncated, return an error. */ 207 if (cmd_len < 2) { 208 err = IPMI_CC_REQUEST_DATA_LENGTH_INVALID; 209 } else if ((cmd_len > max_cmd_len) || (cmd_len > MAX_IPMI_MSG_SIZE)) { 210 err = IPMI_CC_REQUEST_DATA_TRUNCATED; 211 } else if (!ibe->connected) { 212 err = IPMI_CC_BMC_INIT_IN_PROGRESS; 213 } 214 if (err) { 215 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 216 unsigned char rsp[3]; 217 rsp[0] = cmd[0] | 0x04; 218 rsp[1] = cmd[1]; 219 rsp[2] = err; 220 ibe->waiting_rsp = false; 221 k->handle_rsp(s, msg_id, rsp, 3); 222 goto out; 223 } 224 225 addchar(ibe, msg_id); 226 for (i = 0; i < cmd_len; i++) { 227 addchar(ibe, cmd[i]); 228 } 229 csum = ipmb_checksum(&msg_id, 1, 0); 230 addchar(ibe, -ipmb_checksum(cmd, cmd_len, csum)); 231 232 ibe->outbuf[ibe->outlen] = VM_MSG_CHAR; 233 ibe->outlen++; 234 235 /* Start the transmit */ 236 continue_send(ibe); 237 238 out: 239 return; 240 } 241 242 static void handle_hw_op(IPMIBmcExtern *ibe, unsigned char hw_op) 243 { 244 IPMIInterface *s = ibe->parent.intf; 245 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 246 247 switch (hw_op) { 248 case VM_CMD_VERSION: 249 /* We only support one version at this time. */ 250 break; 251 252 case VM_CMD_NOATTN: 253 k->set_atn(s, 0, 0); 254 break; 255 256 case VM_CMD_ATTN: 257 k->set_atn(s, 1, 0); 258 break; 259 260 case VM_CMD_ATTN_IRQ: 261 k->set_atn(s, 1, 1); 262 break; 263 264 case VM_CMD_POWEROFF: 265 k->do_hw_op(s, IPMI_POWEROFF_CHASSIS, 0); 266 break; 267 268 case VM_CMD_RESET: 269 k->do_hw_op(s, IPMI_RESET_CHASSIS, 0); 270 break; 271 272 case VM_CMD_ENABLE_IRQ: 273 k->set_irq_enable(s, 1); 274 break; 275 276 case VM_CMD_DISABLE_IRQ: 277 k->set_irq_enable(s, 0); 278 break; 279 280 case VM_CMD_SEND_NMI: 281 k->do_hw_op(s, IPMI_SEND_NMI, 0); 282 break; 283 284 case VM_CMD_GRACEFUL_SHUTDOWN: 285 k->do_hw_op(s, IPMI_SHUTDOWN_VIA_ACPI_OVERTEMP, 0); 286 break; 287 } 288 } 289 290 static void handle_msg(IPMIBmcExtern *ibe) 291 { 292 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(ibe->parent.intf); 293 294 if (ibe->in_escape) { 295 ipmi_debug("msg escape not ended\n"); 296 return; 297 } 298 if (ibe->inpos < 5) { 299 ipmi_debug("msg too short\n"); 300 return; 301 } 302 if (ibe->in_too_many) { 303 ibe->inbuf[3] = IPMI_CC_REQUEST_DATA_TRUNCATED; 304 ibe->inpos = 4; 305 } else if (ipmb_checksum(ibe->inbuf, ibe->inpos, 0) != 0) { 306 ipmi_debug("msg checksum failure\n"); 307 return; 308 } else { 309 ibe->inpos--; /* Remove checkum */ 310 } 311 312 timer_del(ibe->extern_timer); 313 ibe->waiting_rsp = false; 314 k->handle_rsp(ibe->parent.intf, ibe->inbuf[0], ibe->inbuf + 1, ibe->inpos - 1); 315 } 316 317 static int can_receive(void *opaque) 318 { 319 return 1; 320 } 321 322 static void receive(void *opaque, const uint8_t *buf, int size) 323 { 324 IPMIBmcExtern *ibe = opaque; 325 int i; 326 unsigned char hw_op; 327 328 for (i = 0; i < size; i++) { 329 unsigned char ch = buf[i]; 330 331 switch (ch) { 332 case VM_MSG_CHAR: 333 handle_msg(ibe); 334 ibe->in_too_many = false; 335 ibe->inpos = 0; 336 break; 337 338 case VM_CMD_CHAR: 339 if (ibe->in_too_many) { 340 ipmi_debug("cmd in too many\n"); 341 ibe->in_too_many = false; 342 ibe->inpos = 0; 343 break; 344 } 345 if (ibe->in_escape) { 346 ipmi_debug("cmd in escape\n"); 347 ibe->in_too_many = false; 348 ibe->inpos = 0; 349 ibe->in_escape = false; 350 break; 351 } 352 ibe->in_too_many = false; 353 if (ibe->inpos < 1) { 354 break; 355 } 356 hw_op = ibe->inbuf[0]; 357 ibe->inpos = 0; 358 goto out_hw_op; 359 break; 360 361 case VM_ESCAPE_CHAR: 362 ibe->in_escape = true; 363 break; 364 365 default: 366 if (ibe->in_escape) { 367 ch &= ~0x10; 368 ibe->in_escape = false; 369 } 370 if (ibe->in_too_many) { 371 break; 372 } 373 if (ibe->inpos >= sizeof(ibe->inbuf)) { 374 ibe->in_too_many = true; 375 break; 376 } 377 ibe->inbuf[ibe->inpos] = ch; 378 ibe->inpos++; 379 break; 380 } 381 } 382 return; 383 384 out_hw_op: 385 handle_hw_op(ibe, hw_op); 386 } 387 388 static void chr_event(void *opaque, int event) 389 { 390 IPMIBmcExtern *ibe = opaque; 391 IPMIInterface *s = ibe->parent.intf; 392 IPMIInterfaceClass *k = IPMI_INTERFACE_GET_CLASS(s); 393 unsigned char v; 394 395 switch (event) { 396 case CHR_EVENT_OPENED: 397 ibe->connected = true; 398 ibe->outpos = 0; 399 ibe->outlen = 0; 400 addchar(ibe, VM_CMD_VERSION); 401 addchar(ibe, VM_PROTOCOL_VERSION); 402 ibe->outbuf[ibe->outlen] = VM_CMD_CHAR; 403 ibe->outlen++; 404 addchar(ibe, VM_CMD_CAPABILITIES); 405 v = VM_CAPABILITIES_IRQ | VM_CAPABILITIES_ATTN; 406 if (k->do_hw_op(ibe->parent.intf, IPMI_POWEROFF_CHASSIS, 1) == 0) { 407 v |= VM_CAPABILITIES_POWER; 408 } 409 if (k->do_hw_op(ibe->parent.intf, IPMI_SHUTDOWN_VIA_ACPI_OVERTEMP, 1) 410 == 0) { 411 v |= VM_CAPABILITIES_GRACEFUL_SHUTDOWN; 412 } 413 if (k->do_hw_op(ibe->parent.intf, IPMI_RESET_CHASSIS, 1) == 0) { 414 v |= VM_CAPABILITIES_RESET; 415 } 416 if (k->do_hw_op(ibe->parent.intf, IPMI_SEND_NMI, 1) == 0) { 417 v |= VM_CAPABILITIES_NMI; 418 } 419 addchar(ibe, v); 420 ibe->outbuf[ibe->outlen] = VM_CMD_CHAR; 421 ibe->outlen++; 422 ibe->sending_cmd = false; 423 continue_send(ibe); 424 break; 425 426 case CHR_EVENT_CLOSED: 427 if (!ibe->connected) { 428 return; 429 } 430 ibe->connected = false; 431 /* 432 * Don't hang the OS trying to handle the ATN bit, other end will 433 * resend on a reconnect. 434 */ 435 k->set_atn(s, 0, 0); 436 if (ibe->waiting_rsp) { 437 ibe->waiting_rsp = false; 438 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 439 ibe->inbuf[2] = ibe->outbuf[2]; 440 ibe->inbuf[3] = IPMI_CC_BMC_INIT_IN_PROGRESS; 441 k->handle_rsp(s, ibe->outbuf[0], ibe->inbuf + 1, 3); 442 } 443 break; 444 } 445 } 446 447 static void ipmi_bmc_extern_handle_reset(IPMIBmc *b) 448 { 449 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(b); 450 451 ibe->send_reset = true; 452 continue_send(ibe); 453 } 454 455 static void ipmi_bmc_extern_realize(DeviceState *dev, Error **errp) 456 { 457 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(dev); 458 459 if (!qemu_chr_fe_backend_connected(&ibe->chr)) { 460 error_setg(errp, "IPMI external bmc requires chardev attribute"); 461 return; 462 } 463 464 qemu_chr_fe_set_handlers(&ibe->chr, can_receive, receive, 465 chr_event, NULL, ibe, NULL, true); 466 } 467 468 static int ipmi_bmc_extern_post_migrate(void *opaque, int version_id) 469 { 470 IPMIBmcExtern *ibe = opaque; 471 472 /* 473 * We don't directly restore waiting_rsp, Instead, we return an 474 * error on the interface if a response was being waited for. 475 */ 476 if (ibe->waiting_rsp) { 477 IPMIInterface *ii = ibe->parent.intf; 478 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii); 479 480 ibe->waiting_rsp = false; 481 ibe->inbuf[1] = ibe->outbuf[1] | 0x04; 482 ibe->inbuf[2] = ibe->outbuf[2]; 483 ibe->inbuf[3] = IPMI_CC_BMC_INIT_IN_PROGRESS; 484 iic->handle_rsp(ii, ibe->outbuf[0], ibe->inbuf + 1, 3); 485 } 486 return 0; 487 } 488 489 static const VMStateDescription vmstate_ipmi_bmc_extern = { 490 .name = TYPE_IPMI_BMC_EXTERN, 491 .version_id = 1, 492 .minimum_version_id = 1, 493 .post_load = ipmi_bmc_extern_post_migrate, 494 .fields = (VMStateField[]) { 495 VMSTATE_BOOL(send_reset, IPMIBmcExtern), 496 VMSTATE_BOOL(waiting_rsp, IPMIBmcExtern), 497 VMSTATE_END_OF_LIST() 498 } 499 }; 500 501 static void ipmi_bmc_extern_init(Object *obj) 502 { 503 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(obj); 504 505 ibe->extern_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, extern_timeout, ibe); 506 vmstate_register(NULL, 0, &vmstate_ipmi_bmc_extern, ibe); 507 } 508 509 static void ipmi_bmc_extern_finalize(Object *obj) 510 { 511 IPMIBmcExtern *ibe = IPMI_BMC_EXTERN(obj); 512 513 timer_del(ibe->extern_timer); 514 timer_free(ibe->extern_timer); 515 } 516 517 static Property ipmi_bmc_extern_properties[] = { 518 DEFINE_PROP_CHR("chardev", IPMIBmcExtern, chr), 519 DEFINE_PROP_END_OF_LIST(), 520 }; 521 522 static void ipmi_bmc_extern_class_init(ObjectClass *oc, void *data) 523 { 524 DeviceClass *dc = DEVICE_CLASS(oc); 525 IPMIBmcClass *bk = IPMI_BMC_CLASS(oc); 526 527 bk->handle_command = ipmi_bmc_extern_handle_command; 528 bk->handle_reset = ipmi_bmc_extern_handle_reset; 529 dc->hotpluggable = false; 530 dc->realize = ipmi_bmc_extern_realize; 531 dc->props = ipmi_bmc_extern_properties; 532 } 533 534 static const TypeInfo ipmi_bmc_extern_type = { 535 .name = TYPE_IPMI_BMC_EXTERN, 536 .parent = TYPE_IPMI_BMC, 537 .instance_size = sizeof(IPMIBmcExtern), 538 .instance_init = ipmi_bmc_extern_init, 539 .instance_finalize = ipmi_bmc_extern_finalize, 540 .class_init = ipmi_bmc_extern_class_init, 541 }; 542 543 static void ipmi_bmc_extern_register_types(void) 544 { 545 type_register_static(&ipmi_bmc_extern_type); 546 } 547 548 type_init(ipmi_bmc_extern_register_types) 549