hwrng: core - Don't use a stack buffer in add_early_randomness()
[linux/fpc-iii.git] / drivers / acpi / acpi_ipmi.c
blobf77956c3fd45f2756694f16afd688bba77346ceb
1 /*
2 * acpi_ipmi.c - ACPI IPMI opregion
4 * Copyright (C) 2010, 2013 Intel Corporation
5 * Author: Zhao Yakui <yakui.zhao@intel.com>
6 * Lv Zheng <lv.zheng@intel.com>
8 * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or (at
13 * your option) any later version.
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * General Public License for more details.
20 * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
23 #include <linux/module.h>
24 #include <linux/acpi.h>
25 #include <linux/ipmi.h>
26 #include <linux/spinlock.h>
28 MODULE_AUTHOR("Zhao Yakui");
29 MODULE_DESCRIPTION("ACPI IPMI Opregion driver");
30 MODULE_LICENSE("GPL");
32 #define ACPI_IPMI_OK 0
33 #define ACPI_IPMI_TIMEOUT 0x10
34 #define ACPI_IPMI_UNKNOWN 0x07
35 /* the IPMI timeout is 5s */
36 #define IPMI_TIMEOUT (5000)
37 #define ACPI_IPMI_MAX_MSG_LENGTH 64
39 struct acpi_ipmi_device {
40 /* the device list attached to driver_data.ipmi_devices */
41 struct list_head head;
43 /* the IPMI request message list */
44 struct list_head tx_msg_list;
46 spinlock_t tx_msg_lock;
47 acpi_handle handle;
48 struct device *dev;
49 ipmi_user_t user_interface;
50 int ipmi_ifnum; /* IPMI interface number */
51 long curr_msgid;
52 bool dead;
53 struct kref kref;
56 struct ipmi_driver_data {
57 struct list_head ipmi_devices;
58 struct ipmi_smi_watcher bmc_events;
59 struct ipmi_user_hndl ipmi_hndlrs;
60 struct mutex ipmi_lock;
63 * NOTE: IPMI System Interface Selection
64 * There is no system interface specified by the IPMI operation
65 * region access. We try to select one system interface with ACPI
66 * handle set. IPMI messages passed from the ACPI codes are sent
67 * to this selected global IPMI system interface.
69 struct acpi_ipmi_device *selected_smi;
72 struct acpi_ipmi_msg {
73 struct list_head head;
76 * General speaking the addr type should be SI_ADDR_TYPE. And
77 * the addr channel should be BMC.
78 * In fact it can also be IPMB type. But we will have to
79 * parse it from the Netfn command buffer. It is so complex
80 * that it is skipped.
82 struct ipmi_addr addr;
83 long tx_msgid;
85 /* it is used to track whether the IPMI message is finished */
86 struct completion tx_complete;
88 struct kernel_ipmi_msg tx_message;
89 int msg_done;
91 /* tx/rx data . And copy it from/to ACPI object buffer */
92 u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
93 u8 rx_len;
95 struct acpi_ipmi_device *device;
96 struct kref kref;
99 /* IPMI request/response buffer per ACPI 4.0, sec 5.5.2.4.3.2 */
100 struct acpi_ipmi_buffer {
101 u8 status;
102 u8 length;
103 u8 data[ACPI_IPMI_MAX_MSG_LENGTH];
106 static void ipmi_register_bmc(int iface, struct device *dev);
107 static void ipmi_bmc_gone(int iface);
108 static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data);
110 static struct ipmi_driver_data driver_data = {
111 .ipmi_devices = LIST_HEAD_INIT(driver_data.ipmi_devices),
112 .bmc_events = {
113 .owner = THIS_MODULE,
114 .new_smi = ipmi_register_bmc,
115 .smi_gone = ipmi_bmc_gone,
117 .ipmi_hndlrs = {
118 .ipmi_recv_hndl = ipmi_msg_handler,
120 .ipmi_lock = __MUTEX_INITIALIZER(driver_data.ipmi_lock)
123 static struct acpi_ipmi_device *
124 ipmi_dev_alloc(int iface, struct device *dev, acpi_handle handle)
126 struct acpi_ipmi_device *ipmi_device;
127 int err;
128 ipmi_user_t user;
130 ipmi_device = kzalloc(sizeof(*ipmi_device), GFP_KERNEL);
131 if (!ipmi_device)
132 return NULL;
134 kref_init(&ipmi_device->kref);
135 INIT_LIST_HEAD(&ipmi_device->head);
136 INIT_LIST_HEAD(&ipmi_device->tx_msg_list);
137 spin_lock_init(&ipmi_device->tx_msg_lock);
138 ipmi_device->handle = handle;
139 ipmi_device->dev = get_device(dev);
140 ipmi_device->ipmi_ifnum = iface;
142 err = ipmi_create_user(iface, &driver_data.ipmi_hndlrs,
143 ipmi_device, &user);
144 if (err) {
145 put_device(dev);
146 kfree(ipmi_device);
147 return NULL;
149 ipmi_device->user_interface = user;
151 return ipmi_device;
154 static void ipmi_dev_release(struct acpi_ipmi_device *ipmi_device)
156 ipmi_destroy_user(ipmi_device->user_interface);
157 put_device(ipmi_device->dev);
158 kfree(ipmi_device);
161 static void ipmi_dev_release_kref(struct kref *kref)
163 struct acpi_ipmi_device *ipmi =
164 container_of(kref, struct acpi_ipmi_device, kref);
166 ipmi_dev_release(ipmi);
169 static void __ipmi_dev_kill(struct acpi_ipmi_device *ipmi_device)
171 list_del(&ipmi_device->head);
172 if (driver_data.selected_smi == ipmi_device)
173 driver_data.selected_smi = NULL;
176 * Always setting dead flag after deleting from the list or
177 * list_for_each_entry() codes must get changed.
179 ipmi_device->dead = true;
182 static struct acpi_ipmi_device *acpi_ipmi_dev_get(void)
184 struct acpi_ipmi_device *ipmi_device = NULL;
186 mutex_lock(&driver_data.ipmi_lock);
187 if (driver_data.selected_smi) {
188 ipmi_device = driver_data.selected_smi;
189 kref_get(&ipmi_device->kref);
191 mutex_unlock(&driver_data.ipmi_lock);
193 return ipmi_device;
196 static void acpi_ipmi_dev_put(struct acpi_ipmi_device *ipmi_device)
198 kref_put(&ipmi_device->kref, ipmi_dev_release_kref);
201 static struct acpi_ipmi_msg *ipmi_msg_alloc(void)
203 struct acpi_ipmi_device *ipmi;
204 struct acpi_ipmi_msg *ipmi_msg;
206 ipmi = acpi_ipmi_dev_get();
207 if (!ipmi)
208 return NULL;
210 ipmi_msg = kzalloc(sizeof(struct acpi_ipmi_msg), GFP_KERNEL);
211 if (!ipmi_msg) {
212 acpi_ipmi_dev_put(ipmi);
213 return NULL;
216 kref_init(&ipmi_msg->kref);
217 init_completion(&ipmi_msg->tx_complete);
218 INIT_LIST_HEAD(&ipmi_msg->head);
219 ipmi_msg->device = ipmi;
220 ipmi_msg->msg_done = ACPI_IPMI_UNKNOWN;
222 return ipmi_msg;
225 static void ipmi_msg_release(struct acpi_ipmi_msg *tx_msg)
227 acpi_ipmi_dev_put(tx_msg->device);
228 kfree(tx_msg);
231 static void ipmi_msg_release_kref(struct kref *kref)
233 struct acpi_ipmi_msg *tx_msg =
234 container_of(kref, struct acpi_ipmi_msg, kref);
236 ipmi_msg_release(tx_msg);
239 static struct acpi_ipmi_msg *acpi_ipmi_msg_get(struct acpi_ipmi_msg *tx_msg)
241 kref_get(&tx_msg->kref);
243 return tx_msg;
246 static void acpi_ipmi_msg_put(struct acpi_ipmi_msg *tx_msg)
248 kref_put(&tx_msg->kref, ipmi_msg_release_kref);
251 #define IPMI_OP_RGN_NETFN(offset) ((offset >> 8) & 0xff)
252 #define IPMI_OP_RGN_CMD(offset) (offset & 0xff)
253 static int acpi_format_ipmi_request(struct acpi_ipmi_msg *tx_msg,
254 acpi_physical_address address,
255 acpi_integer *value)
257 struct kernel_ipmi_msg *msg;
258 struct acpi_ipmi_buffer *buffer;
259 struct acpi_ipmi_device *device;
260 unsigned long flags;
262 msg = &tx_msg->tx_message;
265 * IPMI network function and command are encoded in the address
266 * within the IPMI OpRegion; see ACPI 4.0, sec 5.5.2.4.3.
268 msg->netfn = IPMI_OP_RGN_NETFN(address);
269 msg->cmd = IPMI_OP_RGN_CMD(address);
270 msg->data = tx_msg->data;
273 * value is the parameter passed by the IPMI opregion space handler.
274 * It points to the IPMI request message buffer
276 buffer = (struct acpi_ipmi_buffer *)value;
278 /* copy the tx message data */
279 if (buffer->length > ACPI_IPMI_MAX_MSG_LENGTH) {
280 dev_WARN_ONCE(tx_msg->device->dev, true,
281 "Unexpected request (msg len %d).\n",
282 buffer->length);
283 return -EINVAL;
285 msg->data_len = buffer->length;
286 memcpy(tx_msg->data, buffer->data, msg->data_len);
289 * now the default type is SYSTEM_INTERFACE and channel type is BMC.
290 * If the netfn is APP_REQUEST and the cmd is SEND_MESSAGE,
291 * the addr type should be changed to IPMB. Then we will have to parse
292 * the IPMI request message buffer to get the IPMB address.
293 * If so, please fix me.
295 tx_msg->addr.addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
296 tx_msg->addr.channel = IPMI_BMC_CHANNEL;
297 tx_msg->addr.data[0] = 0;
299 /* Get the msgid */
300 device = tx_msg->device;
302 spin_lock_irqsave(&device->tx_msg_lock, flags);
303 device->curr_msgid++;
304 tx_msg->tx_msgid = device->curr_msgid;
305 spin_unlock_irqrestore(&device->tx_msg_lock, flags);
307 return 0;
310 static void acpi_format_ipmi_response(struct acpi_ipmi_msg *msg,
311 acpi_integer *value)
313 struct acpi_ipmi_buffer *buffer;
316 * value is also used as output parameter. It represents the response
317 * IPMI message returned by IPMI command.
319 buffer = (struct acpi_ipmi_buffer *)value;
322 * If the flag of msg_done is not set, it means that the IPMI command is
323 * not executed correctly.
325 buffer->status = msg->msg_done;
326 if (msg->msg_done != ACPI_IPMI_OK)
327 return;
330 * If the IPMI response message is obtained correctly, the status code
331 * will be ACPI_IPMI_OK
333 buffer->length = msg->rx_len;
334 memcpy(buffer->data, msg->data, msg->rx_len);
337 static void ipmi_flush_tx_msg(struct acpi_ipmi_device *ipmi)
339 struct acpi_ipmi_msg *tx_msg;
340 unsigned long flags;
343 * NOTE: On-going ipmi_recv_msg
344 * ipmi_msg_handler() may still be invoked by ipmi_si after
345 * flushing. But it is safe to do a fast flushing on module_exit()
346 * without waiting for all ipmi_recv_msg(s) to complete from
347 * ipmi_msg_handler() as it is ensured by ipmi_si that all
348 * ipmi_recv_msg(s) are freed after invoking ipmi_destroy_user().
350 spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
351 while (!list_empty(&ipmi->tx_msg_list)) {
352 tx_msg = list_first_entry(&ipmi->tx_msg_list,
353 struct acpi_ipmi_msg,
354 head);
355 list_del(&tx_msg->head);
356 spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
358 /* wake up the sleep thread on the Tx msg */
359 complete(&tx_msg->tx_complete);
360 acpi_ipmi_msg_put(tx_msg);
361 spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
363 spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
366 static void ipmi_cancel_tx_msg(struct acpi_ipmi_device *ipmi,
367 struct acpi_ipmi_msg *msg)
369 struct acpi_ipmi_msg *tx_msg, *temp;
370 bool msg_found = false;
371 unsigned long flags;
373 spin_lock_irqsave(&ipmi->tx_msg_lock, flags);
374 list_for_each_entry_safe(tx_msg, temp, &ipmi->tx_msg_list, head) {
375 if (msg == tx_msg) {
376 msg_found = true;
377 list_del(&tx_msg->head);
378 break;
381 spin_unlock_irqrestore(&ipmi->tx_msg_lock, flags);
383 if (msg_found)
384 acpi_ipmi_msg_put(tx_msg);
387 static void ipmi_msg_handler(struct ipmi_recv_msg *msg, void *user_msg_data)
389 struct acpi_ipmi_device *ipmi_device = user_msg_data;
390 bool msg_found = false;
391 struct acpi_ipmi_msg *tx_msg, *temp;
392 struct device *dev = ipmi_device->dev;
393 unsigned long flags;
395 if (msg->user != ipmi_device->user_interface) {
396 dev_warn(dev,
397 "Unexpected response is returned. returned user %p, expected user %p\n",
398 msg->user, ipmi_device->user_interface);
399 goto out_msg;
402 spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
403 list_for_each_entry_safe(tx_msg, temp, &ipmi_device->tx_msg_list, head) {
404 if (msg->msgid == tx_msg->tx_msgid) {
405 msg_found = true;
406 list_del(&tx_msg->head);
407 break;
410 spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
412 if (!msg_found) {
413 dev_warn(dev,
414 "Unexpected response (msg id %ld) is returned.\n",
415 msg->msgid);
416 goto out_msg;
419 /* copy the response data to Rx_data buffer */
420 if (msg->msg.data_len > ACPI_IPMI_MAX_MSG_LENGTH) {
421 dev_WARN_ONCE(dev, true,
422 "Unexpected response (msg len %d).\n",
423 msg->msg.data_len);
424 goto out_comp;
427 /* response msg is an error msg */
428 msg->recv_type = IPMI_RESPONSE_RECV_TYPE;
429 if (msg->recv_type == IPMI_RESPONSE_RECV_TYPE &&
430 msg->msg.data_len == 1) {
431 if (msg->msg.data[0] == IPMI_TIMEOUT_COMPLETION_CODE) {
432 dev_WARN_ONCE(dev, true,
433 "Unexpected response (timeout).\n");
434 tx_msg->msg_done = ACPI_IPMI_TIMEOUT;
436 goto out_comp;
439 tx_msg->rx_len = msg->msg.data_len;
440 memcpy(tx_msg->data, msg->msg.data, tx_msg->rx_len);
441 tx_msg->msg_done = ACPI_IPMI_OK;
443 out_comp:
444 complete(&tx_msg->tx_complete);
445 acpi_ipmi_msg_put(tx_msg);
446 out_msg:
447 ipmi_free_recv_msg(msg);
450 static void ipmi_register_bmc(int iface, struct device *dev)
452 struct acpi_ipmi_device *ipmi_device, *temp;
453 int err;
454 struct ipmi_smi_info smi_data;
455 acpi_handle handle;
457 err = ipmi_get_smi_info(iface, &smi_data);
458 if (err)
459 return;
461 if (smi_data.addr_src != SI_ACPI)
462 goto err_ref;
463 handle = smi_data.addr_info.acpi_info.acpi_handle;
464 if (!handle)
465 goto err_ref;
467 ipmi_device = ipmi_dev_alloc(iface, smi_data.dev, handle);
468 if (!ipmi_device) {
469 dev_warn(smi_data.dev, "Can't create IPMI user interface\n");
470 goto err_ref;
473 mutex_lock(&driver_data.ipmi_lock);
474 list_for_each_entry(temp, &driver_data.ipmi_devices, head) {
476 * if the corresponding ACPI handle is already added
477 * to the device list, don't add it again.
479 if (temp->handle == handle)
480 goto err_lock;
482 if (!driver_data.selected_smi)
483 driver_data.selected_smi = ipmi_device;
484 list_add_tail(&ipmi_device->head, &driver_data.ipmi_devices);
485 mutex_unlock(&driver_data.ipmi_lock);
487 put_device(smi_data.dev);
488 return;
490 err_lock:
491 mutex_unlock(&driver_data.ipmi_lock);
492 ipmi_dev_release(ipmi_device);
493 err_ref:
494 put_device(smi_data.dev);
495 return;
498 static void ipmi_bmc_gone(int iface)
500 struct acpi_ipmi_device *ipmi_device, *temp;
501 bool dev_found = false;
503 mutex_lock(&driver_data.ipmi_lock);
504 list_for_each_entry_safe(ipmi_device, temp,
505 &driver_data.ipmi_devices, head) {
506 if (ipmi_device->ipmi_ifnum != iface) {
507 dev_found = true;
508 __ipmi_dev_kill(ipmi_device);
509 break;
512 if (!driver_data.selected_smi)
513 driver_data.selected_smi = list_first_entry_or_null(
514 &driver_data.ipmi_devices,
515 struct acpi_ipmi_device, head);
516 mutex_unlock(&driver_data.ipmi_lock);
518 if (dev_found) {
519 ipmi_flush_tx_msg(ipmi_device);
520 acpi_ipmi_dev_put(ipmi_device);
525 * This is the IPMI opregion space handler.
526 * @function: indicates the read/write. In fact as the IPMI message is driven
527 * by command, only write is meaningful.
528 * @address: This contains the netfn/command of IPMI request message.
529 * @bits : not used.
530 * @value : it is an in/out parameter. It points to the IPMI message buffer.
531 * Before the IPMI message is sent, it represents the actual request
532 * IPMI message. After the IPMI message is finished, it represents
533 * the response IPMI message returned by IPMI command.
534 * @handler_context: IPMI device context.
536 static acpi_status
537 acpi_ipmi_space_handler(u32 function, acpi_physical_address address,
538 u32 bits, acpi_integer *value,
539 void *handler_context, void *region_context)
541 struct acpi_ipmi_msg *tx_msg;
542 struct acpi_ipmi_device *ipmi_device;
543 int err;
544 acpi_status status;
545 unsigned long flags;
548 * IPMI opregion message.
549 * IPMI message is firstly written to the BMC and system software
550 * can get the respsonse. So it is unmeaningful for the read access
551 * of IPMI opregion.
553 if ((function & ACPI_IO_MASK) == ACPI_READ)
554 return AE_TYPE;
556 tx_msg = ipmi_msg_alloc();
557 if (!tx_msg)
558 return AE_NOT_EXIST;
559 ipmi_device = tx_msg->device;
561 if (acpi_format_ipmi_request(tx_msg, address, value) != 0) {
562 ipmi_msg_release(tx_msg);
563 return AE_TYPE;
566 acpi_ipmi_msg_get(tx_msg);
567 mutex_lock(&driver_data.ipmi_lock);
568 /* Do not add a tx_msg that can not be flushed. */
569 if (ipmi_device->dead) {
570 mutex_unlock(&driver_data.ipmi_lock);
571 ipmi_msg_release(tx_msg);
572 return AE_NOT_EXIST;
574 spin_lock_irqsave(&ipmi_device->tx_msg_lock, flags);
575 list_add_tail(&tx_msg->head, &ipmi_device->tx_msg_list);
576 spin_unlock_irqrestore(&ipmi_device->tx_msg_lock, flags);
577 mutex_unlock(&driver_data.ipmi_lock);
579 err = ipmi_request_settime(ipmi_device->user_interface,
580 &tx_msg->addr,
581 tx_msg->tx_msgid,
582 &tx_msg->tx_message,
583 NULL, 0, 0, IPMI_TIMEOUT);
584 if (err) {
585 status = AE_ERROR;
586 goto out_msg;
588 wait_for_completion(&tx_msg->tx_complete);
590 acpi_format_ipmi_response(tx_msg, value);
591 status = AE_OK;
593 out_msg:
594 ipmi_cancel_tx_msg(ipmi_device, tx_msg);
595 acpi_ipmi_msg_put(tx_msg);
596 return status;
599 static int __init acpi_ipmi_init(void)
601 int result;
602 acpi_status status;
604 if (acpi_disabled)
605 return 0;
607 status = acpi_install_address_space_handler(ACPI_ROOT_OBJECT,
608 ACPI_ADR_SPACE_IPMI,
609 &acpi_ipmi_space_handler,
610 NULL, NULL);
611 if (ACPI_FAILURE(status)) {
612 pr_warn("Can't register IPMI opregion space handle\n");
613 return -EINVAL;
615 result = ipmi_smi_watcher_register(&driver_data.bmc_events);
616 if (result)
617 pr_err("Can't register IPMI system interface watcher\n");
619 return result;
622 static void __exit acpi_ipmi_exit(void)
624 struct acpi_ipmi_device *ipmi_device;
626 if (acpi_disabled)
627 return;
629 ipmi_smi_watcher_unregister(&driver_data.bmc_events);
632 * When one smi_watcher is unregistered, it is only deleted
633 * from the smi_watcher list. But the smi_gone callback function
634 * is not called. So explicitly uninstall the ACPI IPMI oregion
635 * handler and free it.
637 mutex_lock(&driver_data.ipmi_lock);
638 while (!list_empty(&driver_data.ipmi_devices)) {
639 ipmi_device = list_first_entry(&driver_data.ipmi_devices,
640 struct acpi_ipmi_device,
641 head);
642 __ipmi_dev_kill(ipmi_device);
643 mutex_unlock(&driver_data.ipmi_lock);
645 ipmi_flush_tx_msg(ipmi_device);
646 acpi_ipmi_dev_put(ipmi_device);
648 mutex_lock(&driver_data.ipmi_lock);
650 mutex_unlock(&driver_data.ipmi_lock);
651 acpi_remove_address_space_handler(ACPI_ROOT_OBJECT,
652 ACPI_ADR_SPACE_IPMI,
653 &acpi_ipmi_space_handler);
656 module_init(acpi_ipmi_init);
657 module_exit(acpi_ipmi_exit);