hw/ipmi/smbus_ipmi.c

   1 /*
   2  * QEMU IPMI SMBus (SSIF) emulation
   3  *
   4  * Copyright (c) 2015,2016 Corey Minyard, MontaVista Software, LLC
   5  *
   6  * Permission is hereby granted, free of charge, to any person obtaining a copy
   7  * of this software and associated documentation files (the "Software"), to deal
   8  * in the Software without restriction, including without limitation the rights
   9  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  10  * copies of the Software, and to permit persons to whom the Software is
  11  * furnished to do so, subject to the following conditions:
  12  *
  13  * The above copyright notice and this permission notice shall be included in
  14  * all copies or substantial portions of the Software.
  15  *
  16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  19  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  21  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  22  * THE SOFTWARE.
  23  */
  24 #include "qemu/osdep.h"
  25 #include "migration/vmstate.h"
  26 #include "hw/i2c/smbus_slave.h"
  27 #include "qapi/error.h"
  28 #include "qemu/error-report.h"
  29 #include "hw/ipmi/ipmi.h"
  30
  31 #define TYPE_SMBUS_IPMI "smbus-ipmi"
  32 #define SMBUS_IPMI(obj) OBJECT_CHECK(SMBusIPMIDevice, (obj), TYPE_SMBUS_IPMI)
  33
  34 #define SSIF_IPMI_REQUEST                       2
  35 #define SSIF_IPMI_MULTI_PART_REQUEST_START      6
  36 #define SSIF_IPMI_MULTI_PART_REQUEST_MIDDLE     7
  37 #define SSIF_IPMI_MULTI_PART_REQUEST_END        8
  38 #define SSIF_IPMI_RESPONSE                      3
  39 #define SSIF_IPMI_MULTI_PART_RESPONSE_MIDDLE    9
  40 #define SSIF_IPMI_MULTI_PART_RETRY              0xa
  41
  42 #define MAX_SSIF_IPMI_MSG_SIZE 255
  43 #define MAX_SSIF_IPMI_MSG_CHUNK 32
  44
  45 #define IPMI_GET_SYS_INTF_CAP_CMD 0x57
  46
  47 typedef struct SMBusIPMIDevice {
  48     SMBusDevice parent;
  49
  50     IPMIBmc *bmc;
  51
  52     uint8_t outmsg[MAX_SSIF_IPMI_MSG_SIZE];
  53     uint32_t outlen;
  54     uint32_t currblk;
  55
  56     /* Holds the SMBUS message currently being sent to the host. */
  57     uint8_t outbuf[MAX_SSIF_IPMI_MSG_CHUNK + 1]; /* len + message. */
  58     uint32_t outpos;
  59
  60     uint8_t inmsg[MAX_SSIF_IPMI_MSG_SIZE];
  61     uint32_t inlen;
  62
  63     /*
  64      * This is a response number that we send with the command to make
  65      * sure that the response matches the command.
  66      */
  67     uint8_t waiting_rsp;
  68
  69     uint32_t uuid;
  70 } SMBusIPMIDevice;
  71
  72 static void smbus_ipmi_handle_event(IPMIInterface *ii)
  73 {
  74     /* No interrupts, so nothing to do here. */
  75 }
  76
  77 static void smbus_ipmi_handle_rsp(IPMIInterface *ii, uint8_t msg_id,
  78                                   unsigned char *rsp, unsigned int rsp_len)
  79 {
  80     SMBusIPMIDevice *sid = SMBUS_IPMI(ii);
  81
  82     if (sid->waiting_rsp == msg_id) {
  83         sid->waiting_rsp++;
  84
  85         if (rsp_len > MAX_SSIF_IPMI_MSG_SIZE) {
  86             rsp[2] = IPMI_CC_REQUEST_DATA_TRUNCATED;
  87             rsp_len = MAX_SSIF_IPMI_MSG_SIZE;
  88         }
  89         memcpy(sid->outmsg, rsp, rsp_len);
  90         sid->outlen = rsp_len;
  91         sid->outpos = 0;
  92         sid->currblk = 0;
  93     }
  94 }
  95
  96 static void smbus_ipmi_set_atn(IPMIInterface *ii, int val, int irq)
  97 {
  98     /* This is where PEC would go. */
  99 }
 100
 101 static void smbus_ipmi_set_irq_enable(IPMIInterface *ii, int val)
 102 {
 103 }
 104
 105 static void smbus_ipmi_send_msg(SMBusIPMIDevice *sid)
 106 {
 107     uint8_t *msg = sid->inmsg;
 108     uint32_t len = sid->inlen;
 109     IPMIBmcClass *bk = IPMI_BMC_GET_CLASS(sid->bmc);
 110
 111     sid->outlen = 0;
 112     sid->outpos = 0;
 113     sid->currblk = 0;
 114
 115     if (msg[0] == (IPMI_NETFN_APP << 2) && msg[1] == IPMI_GET_SYS_INTF_CAP_CMD)
 116     {
 117         /* We handle this ourself. */
 118         sid->outmsg[0] = (IPMI_NETFN_APP + 1) << 2;
 119         sid->outmsg[1] = msg[1];
 120         if (len < 3) {
 121             sid->outmsg[2] = IPMI_CC_REQUEST_DATA_LENGTH_INVALID;
 122             sid->outlen = 3;
 123         } else if ((msg[2] & 0x0f) != 0) {
 124             sid->outmsg[2] = IPMI_CC_INVALID_DATA_FIELD;
 125             sid->outlen = 3;
 126         } else {
 127             sid->outmsg[2] = 0;
 128             sid->outmsg[3] = 0;
 129             sid->outmsg[4] = (2 << 6); /* Multi-part supported. */
 130             sid->outmsg[5] = MAX_SSIF_IPMI_MSG_SIZE;
 131             sid->outmsg[6] = MAX_SSIF_IPMI_MSG_SIZE;
 132             sid->outlen = 7;
 133         }
 134         return;
 135     }
 136
 137     bk->handle_command(sid->bmc, sid->inmsg, sid->inlen, sizeof(sid->inmsg),
 138                        sid->waiting_rsp);
 139 }
 140
 141 static uint8_t ipmi_receive_byte(SMBusDevice *dev)
 142 {
 143     SMBusIPMIDevice *sid = SMBUS_IPMI(dev);
 144
 145     if (sid->outpos >= sizeof(sid->outbuf)) {
 146         return 0xff;
 147     }
 148
 149     return sid->outbuf[sid->outpos++];
 150 }
 151
 152 static int ipmi_load_readbuf(SMBusIPMIDevice *sid)
 153 {
 154     unsigned int block = sid->currblk, pos, len;
 155
 156     if (sid->outlen == 0) {
 157         return -1;
 158     }
 159
 160     if (sid->outlen <= 32) {
 161         if (block != 0) {
 162             return -1;
 163         }
 164         sid->outbuf[0] = sid->outlen;
 165         memcpy(sid->outbuf + 1, sid->outmsg, sid->outlen);
 166         sid->outpos = 0;
 167         return 0;
 168     }
 169
 170     if (block == 0) {
 171         sid->outbuf[0] = 32;
 172         sid->outbuf[1] = 0;
 173         sid->outbuf[2] = 1;
 174         memcpy(sid->outbuf + 3, sid->outmsg, 30);
 175         sid->outpos = 0;
 176         return 0;
 177     }
 178
 179     /*
 180      * Calculate the position in outmsg.  30 for the first block, 31
 181      * for the rest of the blocks.
 182      */
 183     pos = 30 + (block - 1) * 31;
 184
 185     if (pos >= sid->outlen) {
 186         return -1;
 187     }
 188
 189     len = sid->outlen - pos;
 190     if (len > 31) {
 191         /* More chunks after this. */
 192         len = 31;
 193         /* Blocks start at 0 for the first middle transaction. */
 194         sid->outbuf[1] = block - 1;
 195     } else {
 196         sid->outbuf[1] = 0xff; /* End of message marker. */
 197     }
 198
 199     sid->outbuf[0] = len + 1;
 200     memcpy(sid->outbuf + 2, sid->outmsg + pos, len);
 201     sid->outpos = 0;
 202     return 0;
 203 }
 204
 205 static int ipmi_write_data(SMBusDevice *dev, uint8_t *buf, uint8_t len)
 206 {
 207     SMBusIPMIDevice *sid = SMBUS_IPMI(dev);
 208     bool send = false;
 209     uint8_t cmd;
 210     int ret = 0;
 211
 212     /* length is guaranteed to be >= 1. */
 213     cmd = *buf++;
 214     len--;
 215
 216     /* Handle read request, which don't have any data in the write part. */
 217     switch (cmd) {
 218     case SSIF_IPMI_RESPONSE:
 219         sid->currblk = 0;
 220         ret = ipmi_load_readbuf(sid);
 221         break;
 222
 223     case SSIF_IPMI_MULTI_PART_RESPONSE_MIDDLE:
 224         sid->currblk++;
 225         ret = ipmi_load_readbuf(sid);
 226         break;
 227
 228     case SSIF_IPMI_MULTI_PART_RETRY:
 229         if (len >= 1) {
 230             sid->currblk = buf[0];
 231             ret = ipmi_load_readbuf(sid);
 232         } else {
 233             ret = -1;
 234         }
 235         break;
 236
 237     default:
 238         break;
 239     }
 240
 241     /* This should be a message write, make the length is there and correct. */
 242     if (len >= 1) {
 243         if (*buf != len - 1 || *buf > MAX_SSIF_IPMI_MSG_CHUNK) {
 244             return -1; /* Bogus message */
 245         }
 246         buf++;
 247         len--;
 248     }
 249
 250     switch (cmd) {
 251     case SSIF_IPMI_REQUEST:
 252         send = true;
 253         /* FALLTHRU */
 254     case SSIF_IPMI_MULTI_PART_REQUEST_START:
 255         if (len < 2) {
 256             return -1; /* Bogus. */
 257         }
 258         memcpy(sid->inmsg, buf, len);
 259         sid->inlen = len;
 260         break;
 261
 262     case SSIF_IPMI_MULTI_PART_REQUEST_END:
 263         send = true;
 264         /* FALLTHRU */
 265     case SSIF_IPMI_MULTI_PART_REQUEST_MIDDLE:
 266         if (!sid->inlen) {
 267             return -1; /* Bogus. */
 268         }
 269         if (sid->inlen + len > MAX_SSIF_IPMI_MSG_SIZE) {
 270             sid->inlen = 0; /* Discard the message. */
 271             return -1; /* Bogus. */
 272         }
 273         if (len < 32) {
 274             /*
 275              * Special hack, a multi-part middle that is less than 32 bytes
 276              * marks the end of a message.  The specification is fairly
 277              * confusing, so some systems to this, even sending a zero
 278              * length end message to mark the end.
 279              */
 280             send = true;
 281         }
 282         memcpy(sid->inmsg + sid->inlen, buf, len);
 283         sid->inlen += len;
 284         break;
 285     }
 286
 287     if (send && sid->inlen) {
 288         smbus_ipmi_send_msg(sid);
 289     }
 290
 291     return ret;
 292 }
 293
 294 static const VMStateDescription vmstate_smbus_ipmi = {
 295     .name = TYPE_SMBUS_IPMI,
 296     .version_id = 1,
 297     .minimum_version_id = 1,
 298     .fields      = (VMStateField[]) {
 299         VMSTATE_SMBUS_DEVICE(parent, SMBusIPMIDevice),
 300         VMSTATE_UINT8(waiting_rsp, SMBusIPMIDevice),
 301         VMSTATE_UINT32(outlen, SMBusIPMIDevice),
 302         VMSTATE_UINT32(currblk, SMBusIPMIDevice),
 303         VMSTATE_UINT8_ARRAY(outmsg, SMBusIPMIDevice, MAX_SSIF_IPMI_MSG_SIZE),
 304         VMSTATE_UINT32(outpos, SMBusIPMIDevice),
 305         VMSTATE_UINT8_ARRAY(outbuf, SMBusIPMIDevice,
 306                             MAX_SSIF_IPMI_MSG_CHUNK + 1),
 307         VMSTATE_UINT32(inlen, SMBusIPMIDevice),
 308         VMSTATE_UINT8_ARRAY(inmsg, SMBusIPMIDevice, MAX_SSIF_IPMI_MSG_SIZE),
 309         VMSTATE_END_OF_LIST()
 310     }
 311 };
 312
 313 static void smbus_ipmi_realize(DeviceState *dev, Error **errp)
 314 {
 315     SMBusIPMIDevice *sid = SMBUS_IPMI(dev);
 316     IPMIInterface *ii = IPMI_INTERFACE(dev);
 317
 318     if (!sid->bmc) {
 319         error_setg(errp, "IPMI device requires a bmc attribute to be set");
 320         return;
 321     }
 322
 323     sid->uuid = ipmi_next_uuid();
 324
 325     sid->bmc->intf = ii;
 326 }
 327
 328 static void smbus_ipmi_init(Object *obj)
 329 {
 330     SMBusIPMIDevice *sid = SMBUS_IPMI(obj);
 331
 332     ipmi_bmc_find_and_link(obj, (Object **) &sid->bmc);
 333 }
 334
 335 static void smbus_ipmi_get_fwinfo(struct IPMIInterface *ii, IPMIFwInfo *info)
 336 {
 337     SMBusIPMIDevice *sid = SMBUS_IPMI(ii);
 338
 339     info->interface_name = "smbus";
 340     info->interface_type = IPMI_SMBIOS_SSIF;
 341     info->ipmi_spec_major_revision = 2;
 342     info->ipmi_spec_minor_revision = 0;
 343     info->i2c_slave_address = sid->bmc->slave_addr;
 344     info->base_address = sid->parent.i2c.address;
 345     info->memspace = IPMI_MEMSPACE_SMBUS;
 346     info->register_spacing = 1;
 347     info->uuid = sid->uuid;
 348 }
 349
 350 static void smbus_ipmi_class_init(ObjectClass *oc, void *data)
 351 {
 352     DeviceClass *dc = DEVICE_CLASS(oc);
 353     IPMIInterfaceClass *iic = IPMI_INTERFACE_CLASS(oc);
 354     SMBusDeviceClass *sc = SMBUS_DEVICE_CLASS(oc);
 355
 356     sc->receive_byte = ipmi_receive_byte;
 357     sc->write_data = ipmi_write_data;
 358     dc->vmsd = &vmstate_smbus_ipmi;
 359     dc->realize = smbus_ipmi_realize;
 360     iic->set_atn = smbus_ipmi_set_atn;
 361     iic->handle_rsp = smbus_ipmi_handle_rsp;
 362     iic->handle_if_event = smbus_ipmi_handle_event;
 363     iic->set_irq_enable = smbus_ipmi_set_irq_enable;
 364     iic->get_fwinfo = smbus_ipmi_get_fwinfo;
 365 }
 366
 367 static const TypeInfo smbus_ipmi_info = {
 368     .name          = TYPE_SMBUS_IPMI,
 369     .parent        = TYPE_SMBUS_DEVICE,
 370     .instance_size = sizeof(SMBusIPMIDevice),
 371     .instance_init = smbus_ipmi_init,
 372     .class_init    = smbus_ipmi_class_init,
 373     .interfaces = (InterfaceInfo[]) {
 374         { TYPE_IPMI_INTERFACE },
 375         { }
 376     }
 377 };
 378
 379 static void smbus_ipmi_register_types(void)
 380 {
 381     type_register_static(&smbus_ipmi_info);
 382 }
 383
 384 type_init(smbus_ipmi_register_types)