1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * ipmi_bt_sm.c
4 *
5 * The state machine for an Open IPMI BT sub-driver under ipmi_si.c, part
6 * of the driver architecture at http://sourceforge.net/projects/openipmi
7 *
8 * Author: Rocky Craig <first.last@hp.com>
9 */
10
11 #include <linux/kernel.h> /* For printk. */
12 #include <linux/string.h>
13 #include <linux/module.h>
14 #include <linux/moduleparam.h>
15 #include <linux/ipmi_msgdefs.h> /* for completion codes */
16 #include "ipmi_si_sm.h"
17
18 #define BT_DEBUG_OFF 0 /* Used in production */
19 #define BT_DEBUG_ENABLE 1 /* Generic messages */
20 #define BT_DEBUG_MSG 2 /* Prints all request/response buffers */
21 #define BT_DEBUG_STATES 4 /* Verbose look at state changes */
22 /*
23 * BT_DEBUG_OFF must be zero to correspond to the default uninitialized
24 * value
25 */
26
27 static int bt_debug; /* 0 == BT_DEBUG_OFF */
28
29 module_param(bt_debug, int, 0644);
30 MODULE_PARM_DESC(bt_debug, "debug bitmask, 1=enable, 2=messages, 4=states");
31
32 /*
33 * Typical "Get BT Capabilities" values are 2-3 retries, 5-10 seconds,
34 * and 64 byte buffers. However, one HP implementation wants 255 bytes of
35 * buffer (with a documented message of 160 bytes) so go for the max.
36 * Since the Open IPMI architecture is single-message oriented at this
37 * stage, the queue depth of BT is of no concern.
38 */
39
40 #define BT_NORMAL_TIMEOUT 5 /* seconds */
41 #define BT_NORMAL_RETRY_LIMIT 2
42 #define BT_RESET_DELAY 6 /* seconds after warm reset */
43
44 /*
45 * States are written in chronological order and usually cover
46 * multiple rows of the state table discussion in the IPMI spec.
47 */
48
49 enum bt_states {
50 BT_STATE_IDLE = 0, /* Order is critical in this list */
51 BT_STATE_XACTION_START,
52 BT_STATE_WRITE_BYTES,
53 BT_STATE_WRITE_CONSUME,
54 BT_STATE_READ_WAIT,
55 BT_STATE_CLEAR_B2H,
56 BT_STATE_READ_BYTES,
57 BT_STATE_RESET1, /* These must come last */
58 BT_STATE_RESET2,
59 BT_STATE_RESET3,
60 BT_STATE_RESTART,
61 BT_STATE_PRINTME,
62 BT_STATE_LONG_BUSY /* BT doesn't get hosed :-) */
63 };
64
65 /*
66 * Macros seen at the end of state "case" blocks. They help with legibility
67 * and debugging.
68 */
69
70 #define BT_STATE_CHANGE(X, Y) { bt->state = X; return Y; }
71
72 #define BT_SI_SM_RETURN(Y) { last_printed = BT_STATE_PRINTME; return Y; }
73
74 struct si_sm_data {
75 enum bt_states state;
76 unsigned char seq; /* BT sequence number */
77 struct si_sm_io *io;
78 unsigned char write_data[IPMI_MAX_MSG_LENGTH + 2]; /* +2 for memcpy */
79 int write_count;
80 unsigned char read_data[IPMI_MAX_MSG_LENGTH + 2]; /* +2 for memcpy */
81 int read_count;
82 int truncated;
83 long timeout; /* microseconds countdown */
84 int error_retries; /* end of "common" fields */
85 int nonzero_status; /* hung BMCs stay all 0 */
86 enum bt_states complete; /* to divert the state machine */
87 long BT_CAP_req2rsp;
88 int BT_CAP_retries; /* Recommended retries */
89 };
90
91 #define BT_CLR_WR_PTR 0x01 /* See IPMI 1.5 table 11.6.4 */
92 #define BT_CLR_RD_PTR 0x02
93 #define BT_H2B_ATN 0x04
94 #define BT_B2H_ATN 0x08
95 #define BT_SMS_ATN 0x10
96 #define BT_OEM0 0x20
97 #define BT_H_BUSY 0x40
98 #define BT_B_BUSY 0x80
99
100 /*
101 * Some bits are toggled on each write: write once to set it, once
102 * more to clear it; writing a zero does nothing. To absolutely
103 * clear it, check its state and write if set. This avoids the "get
104 * current then use as mask" scheme to modify one bit. Note that the
105 * variable "bt" is hardcoded into these macros.
106 */
107
108 #define BT_STATUS bt->io->inputb(bt->io, 0)
109 #define BT_CONTROL(x) bt->io->outputb(bt->io, 0, x)
110
111 #define BMC2HOST bt->io->inputb(bt->io, 1)
112 #define HOST2BMC(x) bt->io->outputb(bt->io, 1, x)
113
114 #define BT_INTMASK_R bt->io->inputb(bt->io, 2)
115 #define BT_INTMASK_W(x) bt->io->outputb(bt->io, 2, x)
116
117 /*
118 * Convenience routines for debugging. These are not multi-open safe!
119 * Note the macros have hardcoded variables in them.
120 */
121
state2txt(unsigned char state)122 static char *state2txt(unsigned char state)
123 {
124 switch (state) {
125 case BT_STATE_IDLE: return("IDLE");
126 case BT_STATE_XACTION_START: return("XACTION");
127 case BT_STATE_WRITE_BYTES: return("WR_BYTES");
128 case BT_STATE_WRITE_CONSUME: return("WR_CONSUME");
129 case BT_STATE_READ_WAIT: return("RD_WAIT");
130 case BT_STATE_CLEAR_B2H: return("CLEAR_B2H");
131 case BT_STATE_READ_BYTES: return("RD_BYTES");
132 case BT_STATE_RESET1: return("RESET1");
133 case BT_STATE_RESET2: return("RESET2");
134 case BT_STATE_RESET3: return("RESET3");
135 case BT_STATE_RESTART: return("RESTART");
136 case BT_STATE_LONG_BUSY: return("LONG_BUSY");
137 }
138 return("BAD STATE");
139 }
140 #define STATE2TXT state2txt(bt->state)
141
status2txt(unsigned char status)142 static char *status2txt(unsigned char status)
143 {
144 /*
145 * This cannot be called by two threads at the same time and
146 * the buffer is always consumed immediately, so the static is
147 * safe to use.
148 */
149 static char buf[40];
150
151 strcpy(buf, "[ ");
152 if (status & BT_B_BUSY)
153 strcat(buf, "B_BUSY ");
154 if (status & BT_H_BUSY)
155 strcat(buf, "H_BUSY ");
156 if (status & BT_OEM0)
157 strcat(buf, "OEM0 ");
158 if (status & BT_SMS_ATN)
159 strcat(buf, "SMS ");
160 if (status & BT_B2H_ATN)
161 strcat(buf, "B2H ");
162 if (status & BT_H2B_ATN)
163 strcat(buf, "H2B ");
164 strcat(buf, "]");
165 return buf;
166 }
167 #define STATUS2TXT status2txt(status)
168
169 /* called externally at insmod time, and internally on cleanup */
170
bt_init_data(struct si_sm_data * bt,struct si_sm_io * io)171 static unsigned int bt_init_data(struct si_sm_data *bt, struct si_sm_io *io)
172 {
173 memset(bt, 0, sizeof(struct si_sm_data));
174 if (bt->io != io) {
175 /* external: one-time only things */
176 bt->io = io;
177 bt->seq = 0;
178 }
179 bt->state = BT_STATE_IDLE; /* start here */
180 bt->complete = BT_STATE_IDLE; /* end here */
181 bt->BT_CAP_req2rsp = BT_NORMAL_TIMEOUT * USEC_PER_SEC;
182 bt->BT_CAP_retries = BT_NORMAL_RETRY_LIMIT;
183 return 3; /* We claim 3 bytes of space; ought to check SPMI table */
184 }
185
186 /* Jam a completion code (probably an error) into a response */
187
force_result(struct si_sm_data * bt,unsigned char completion_code)188 static void force_result(struct si_sm_data *bt, unsigned char completion_code)
189 {
190 bt->read_data[0] = 4; /* # following bytes */
191 bt->read_data[1] = bt->write_data[1] | 4; /* Odd NetFn/LUN */
192 bt->read_data[2] = bt->write_data[2]; /* seq (ignored) */
193 bt->read_data[3] = bt->write_data[3]; /* Command */
194 bt->read_data[4] = completion_code;
195 bt->read_count = 5;
196 }
197
198 /* The upper state machine starts here */
199
bt_start_transaction(struct si_sm_data * bt,unsigned char * data,unsigned int size)200 static int bt_start_transaction(struct si_sm_data *bt,
201 unsigned char *data,
202 unsigned int size)
203 {
204 unsigned int i;
205
206 if (size < 2)
207 return IPMI_REQ_LEN_INVALID_ERR;
208 if (size > IPMI_MAX_MSG_LENGTH)
209 return IPMI_REQ_LEN_EXCEEDED_ERR;
210
211 if (bt->state == BT_STATE_LONG_BUSY)
212 return IPMI_NODE_BUSY_ERR;
213
214 if (bt->state != BT_STATE_IDLE)
215 return IPMI_NOT_IN_MY_STATE_ERR;
216
217 if (bt_debug & BT_DEBUG_MSG) {
218 printk(KERN_WARNING "BT: +++++++++++++++++ New command\n");
219 printk(KERN_WARNING "BT: NetFn/LUN CMD [%d data]:", size - 2);
220 for (i = 0; i < size; i ++)
221 printk(" %02x", data[i]);
222 printk("\n");
223 }
224 bt->write_data[0] = size + 1; /* all data plus seq byte */
225 bt->write_data[1] = *data; /* NetFn/LUN */
226 bt->write_data[2] = bt->seq++;
227 memcpy(bt->write_data + 3, data + 1, size - 1);
228 bt->write_count = size + 2;
229 bt->error_retries = 0;
230 bt->nonzero_status = 0;
231 bt->truncated = 0;
232 bt->state = BT_STATE_XACTION_START;
233 bt->timeout = bt->BT_CAP_req2rsp;
234 force_result(bt, IPMI_ERR_UNSPECIFIED);
235 return 0;
236 }
237
238 /*
239 * After the upper state machine has been told SI_SM_TRANSACTION_COMPLETE
240 * it calls this. Strip out the length and seq bytes.
241 */
242
bt_get_result(struct si_sm_data * bt,unsigned char * data,unsigned int length)243 static int bt_get_result(struct si_sm_data *bt,
244 unsigned char *data,
245 unsigned int length)
246 {
247 int i, msg_len;
248
249 msg_len = bt->read_count - 2; /* account for length & seq */
250 if (msg_len < 3 || msg_len > IPMI_MAX_MSG_LENGTH) {
251 force_result(bt, IPMI_ERR_UNSPECIFIED);
252 msg_len = 3;
253 }
254 data[0] = bt->read_data[1];
255 data[1] = bt->read_data[3];
256 if (length < msg_len || bt->truncated) {
257 data[2] = IPMI_ERR_MSG_TRUNCATED;
258 msg_len = 3;
259 } else
260 memcpy(data + 2, bt->read_data + 4, msg_len - 2);
261
262 if (bt_debug & BT_DEBUG_MSG) {
263 printk(KERN_WARNING "BT: result %d bytes:", msg_len);
264 for (i = 0; i < msg_len; i++)
265 printk(" %02x", data[i]);
266 printk("\n");
267 }
268 return msg_len;
269 }
270
271 /* This bit's functionality is optional */
272 #define BT_BMC_HWRST 0x80
273
reset_flags(struct si_sm_data * bt)274 static void reset_flags(struct si_sm_data *bt)
275 {
276 if (bt_debug)
277 printk(KERN_WARNING "IPMI BT: flag reset %s\n",
278 status2txt(BT_STATUS));
279 if (BT_STATUS & BT_H_BUSY)
280 BT_CONTROL(BT_H_BUSY); /* force clear */
281 BT_CONTROL(BT_CLR_WR_PTR); /* always reset */
282 BT_CONTROL(BT_SMS_ATN); /* always clear */
283 BT_INTMASK_W(BT_BMC_HWRST);
284 }
285
286 /*
287 * Get rid of an unwanted/stale response. This should only be needed for
288 * BMCs that support multiple outstanding requests.
289 */
290
drain_BMC2HOST(struct si_sm_data * bt)291 static void drain_BMC2HOST(struct si_sm_data *bt)
292 {
293 int i, size;
294
295 if (!(BT_STATUS & BT_B2H_ATN)) /* Not signalling a response */
296 return;
297
298 BT_CONTROL(BT_H_BUSY); /* now set */
299 BT_CONTROL(BT_B2H_ATN); /* always clear */
300 BT_STATUS; /* pause */
301 BT_CONTROL(BT_B2H_ATN); /* some BMCs are stubborn */
302 BT_CONTROL(BT_CLR_RD_PTR); /* always reset */
303 if (bt_debug)
304 printk(KERN_WARNING "IPMI BT: stale response %s; ",
305 status2txt(BT_STATUS));
306 size = BMC2HOST;
307 for (i = 0; i < size ; i++)
308 BMC2HOST;
309 BT_CONTROL(BT_H_BUSY); /* now clear */
310 if (bt_debug)
311 printk("drained %d bytes\n", size + 1);
312 }
313
write_all_bytes(struct si_sm_data * bt)314 static inline void write_all_bytes(struct si_sm_data *bt)
315 {
316 int i;
317
318 if (bt_debug & BT_DEBUG_MSG) {
319 printk(KERN_WARNING "BT: write %d bytes seq=0x%02X",
320 bt->write_count, bt->seq);
321 for (i = 0; i < bt->write_count; i++)
322 printk(" %02x", bt->write_data[i]);
323 printk("\n");
324 }
325 for (i = 0; i < bt->write_count; i++)
326 HOST2BMC(bt->write_data[i]);
327 }
328
read_all_bytes(struct si_sm_data * bt)329 static inline int read_all_bytes(struct si_sm_data *bt)
330 {
331 unsigned int i;
332
333 /*
334 * length is "framing info", minimum = 4: NetFn, Seq, Cmd, cCode.
335 * Keep layout of first four bytes aligned with write_data[]
336 */
337
338 bt->read_data[0] = BMC2HOST;
339 bt->read_count = bt->read_data[0];
340
341 if (bt->read_count < 4 || bt->read_count >= IPMI_MAX_MSG_LENGTH) {
342 if (bt_debug & BT_DEBUG_MSG)
343 printk(KERN_WARNING "BT: bad raw rsp len=%d\n",
344 bt->read_count);
345 bt->truncated = 1;
346 return 1; /* let next XACTION START clean it up */
347 }
348 for (i = 1; i <= bt->read_count; i++)
349 bt->read_data[i] = BMC2HOST;
350 bt->read_count++; /* Account internally for length byte */
351
352 if (bt_debug & BT_DEBUG_MSG) {
353 int max = bt->read_count;
354
355 printk(KERN_WARNING "BT: got %d bytes seq=0x%02X",
356 max, bt->read_data[2]);
357 if (max > 16)
358 max = 16;
359 for (i = 0; i < max; i++)
360 printk(KERN_CONT " %02x", bt->read_data[i]);
361 printk(KERN_CONT "%s\n", bt->read_count == max ? "" : " ...");
362 }
363
364 /* per the spec, the (NetFn[1], Seq[2], Cmd[3]) tuples must match */
365 if ((bt->read_data[3] == bt->write_data[3]) &&
366 (bt->read_data[2] == bt->write_data[2]) &&
367 ((bt->read_data[1] & 0xF8) == (bt->write_data[1] & 0xF8)))
368 return 1;
369
370 if (bt_debug & BT_DEBUG_MSG)
371 printk(KERN_WARNING "IPMI BT: bad packet: "
372 "want 0x(%02X, %02X, %02X) got (%02X, %02X, %02X)\n",
373 bt->write_data[1] | 0x04, bt->write_data[2], bt->write_data[3],
374 bt->read_data[1], bt->read_data[2], bt->read_data[3]);
375 return 0;
376 }
377
378 /* Restart if retries are left, or return an error completion code */
379
error_recovery(struct si_sm_data * bt,unsigned char status,unsigned char cCode)380 static enum si_sm_result error_recovery(struct si_sm_data *bt,
381 unsigned char status,
382 unsigned char cCode)
383 {
384 char *reason;
385
386 bt->timeout = bt->BT_CAP_req2rsp;
387
388 switch (cCode) {
389 case IPMI_TIMEOUT_ERR:
390 reason = "timeout";
391 break;
392 default:
393 reason = "internal error";
394 break;
395 }
396
397 printk(KERN_WARNING "IPMI BT: %s in %s %s ", /* open-ended line */
398 reason, STATE2TXT, STATUS2TXT);
399
400 /*
401 * Per the IPMI spec, retries are based on the sequence number
402 * known only to this module, so manage a restart here.
403 */
404 (bt->error_retries)++;
405 if (bt->error_retries < bt->BT_CAP_retries) {
406 printk("%d retries left\n",
407 bt->BT_CAP_retries - bt->error_retries);
408 bt->state = BT_STATE_RESTART;
409 return SI_SM_CALL_WITHOUT_DELAY;
410 }
411
412 printk(KERN_WARNING "failed %d retries, sending error response\n",
413 bt->BT_CAP_retries);
414 if (!bt->nonzero_status)
415 printk(KERN_ERR "IPMI BT: stuck, try power cycle\n");
416
417 /* this is most likely during insmod */
418 else if (bt->seq <= (unsigned char)(bt->BT_CAP_retries & 0xFF)) {
419 printk(KERN_WARNING "IPMI: BT reset (takes 5 secs)\n");
420 bt->state = BT_STATE_RESET1;
421 return SI_SM_CALL_WITHOUT_DELAY;
422 }
423
424 /*
425 * Concoct a useful error message, set up the next state, and
426 * be done with this sequence.
427 */
428
429 bt->state = BT_STATE_IDLE;
430 switch (cCode) {
431 case IPMI_TIMEOUT_ERR:
432 if (status & BT_B_BUSY) {
433 cCode = IPMI_NODE_BUSY_ERR;
434 bt->state = BT_STATE_LONG_BUSY;
435 }
436 break;
437 default:
438 break;
439 }
440 force_result(bt, cCode);
441 return SI_SM_TRANSACTION_COMPLETE;
442 }
443
444 /* Check status and (usually) take action and change this state machine. */
445
bt_event(struct si_sm_data * bt,long time)446 static enum si_sm_result bt_event(struct si_sm_data *bt, long time)
447 {
448 unsigned char status;
449 static enum bt_states last_printed = BT_STATE_PRINTME;
450 int i;
451
452 status = BT_STATUS;
453 bt->nonzero_status |= status;
454 if ((bt_debug & BT_DEBUG_STATES) && (bt->state != last_printed)) {
455 printk(KERN_WARNING "BT: %s %s TO=%ld - %ld \n",
456 STATE2TXT,
457 STATUS2TXT,
458 bt->timeout,
459 time);
460 last_printed = bt->state;
461 }
462
463 /*
464 * Commands that time out may still (eventually) provide a response.
465 * This stale response will get in the way of a new response so remove
466 * it if possible (hopefully during IDLE). Even if it comes up later
467 * it will be rejected by its (now-forgotten) seq number.
468 */
469
470 if ((bt->state < BT_STATE_WRITE_BYTES) && (status & BT_B2H_ATN)) {
471 drain_BMC2HOST(bt);
472 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY);
473 }
474
475 if ((bt->state != BT_STATE_IDLE) &&
476 (bt->state < BT_STATE_PRINTME)) {
477 /* check timeout */
478 bt->timeout -= time;
479 if ((bt->timeout < 0) && (bt->state < BT_STATE_RESET1))
480 return error_recovery(bt,
481 status,
482 IPMI_TIMEOUT_ERR);
483 }
484
485 switch (bt->state) {
486
487 /*
488 * Idle state first checks for asynchronous messages from another
489 * channel, then does some opportunistic housekeeping.
490 */
491
492 case BT_STATE_IDLE:
493 if (status & BT_SMS_ATN) {
494 BT_CONTROL(BT_SMS_ATN); /* clear it */
495 return SI_SM_ATTN;
496 }
497
498 if (status & BT_H_BUSY) /* clear a leftover H_BUSY */
499 BT_CONTROL(BT_H_BUSY);
500
501 BT_SI_SM_RETURN(SI_SM_IDLE);
502
503 case BT_STATE_XACTION_START:
504 if (status & (BT_B_BUSY | BT_H2B_ATN))
505 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY);
506 if (BT_STATUS & BT_H_BUSY)
507 BT_CONTROL(BT_H_BUSY); /* force clear */
508 BT_STATE_CHANGE(BT_STATE_WRITE_BYTES,
509 SI_SM_CALL_WITHOUT_DELAY);
510
511 case BT_STATE_WRITE_BYTES:
512 if (status & BT_H_BUSY)
513 BT_CONTROL(BT_H_BUSY); /* clear */
514 BT_CONTROL(BT_CLR_WR_PTR);
515 write_all_bytes(bt);
516 BT_CONTROL(BT_H2B_ATN); /* can clear too fast to catch */
517 BT_STATE_CHANGE(BT_STATE_WRITE_CONSUME,
518 SI_SM_CALL_WITHOUT_DELAY);
519
520 case BT_STATE_WRITE_CONSUME:
521 if (status & (BT_B_BUSY | BT_H2B_ATN))
522 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY);
523 BT_STATE_CHANGE(BT_STATE_READ_WAIT,
524 SI_SM_CALL_WITHOUT_DELAY);
525
526 /* Spinning hard can suppress B2H_ATN and force a timeout */
527
528 case BT_STATE_READ_WAIT:
529 if (!(status & BT_B2H_ATN))
530 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY);
531 BT_CONTROL(BT_H_BUSY); /* set */
532
533 /*
534 * Uncached, ordered writes should just proceed serially but
535 * some BMCs don't clear B2H_ATN with one hit. Fast-path a
536 * workaround without too much penalty to the general case.
537 */
538
539 BT_CONTROL(BT_B2H_ATN); /* clear it to ACK the BMC */
540 BT_STATE_CHANGE(BT_STATE_CLEAR_B2H,
541 SI_SM_CALL_WITHOUT_DELAY);
542
543 case BT_STATE_CLEAR_B2H:
544 if (status & BT_B2H_ATN) {
545 /* keep hitting it */
546 BT_CONTROL(BT_B2H_ATN);
547 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY);
548 }
549 BT_STATE_CHANGE(BT_STATE_READ_BYTES,
550 SI_SM_CALL_WITHOUT_DELAY);
551
552 case BT_STATE_READ_BYTES:
553 if (!(status & BT_H_BUSY))
554 /* check in case of retry */
555 BT_CONTROL(BT_H_BUSY);
556 BT_CONTROL(BT_CLR_RD_PTR); /* start of BMC2HOST buffer */
557 i = read_all_bytes(bt); /* true == packet seq match */
558 BT_CONTROL(BT_H_BUSY); /* NOW clear */
559 if (!i) /* Not my message */
560 BT_STATE_CHANGE(BT_STATE_READ_WAIT,
561 SI_SM_CALL_WITHOUT_DELAY);
562 bt->state = bt->complete;
563 return bt->state == BT_STATE_IDLE ? /* where to next? */
564 SI_SM_TRANSACTION_COMPLETE : /* normal */
565 SI_SM_CALL_WITHOUT_DELAY; /* Startup magic */
566
567 case BT_STATE_LONG_BUSY: /* For example: after FW update */
568 if (!(status & BT_B_BUSY)) {
569 reset_flags(bt); /* next state is now IDLE */
570 bt_init_data(bt, bt->io);
571 }
572 return SI_SM_CALL_WITH_DELAY; /* No repeat printing */
573
574 case BT_STATE_RESET1:
575 reset_flags(bt);
576 drain_BMC2HOST(bt);
577 BT_STATE_CHANGE(BT_STATE_RESET2,
578 SI_SM_CALL_WITH_DELAY);
579
580 case BT_STATE_RESET2: /* Send a soft reset */
581 BT_CONTROL(BT_CLR_WR_PTR);
582 HOST2BMC(3); /* number of bytes following */
583 HOST2BMC(0x18); /* NetFn/LUN == Application, LUN 0 */
584 HOST2BMC(42); /* Sequence number */
585 HOST2BMC(3); /* Cmd == Soft reset */
586 BT_CONTROL(BT_H2B_ATN);
587 bt->timeout = BT_RESET_DELAY * USEC_PER_SEC;
588 BT_STATE_CHANGE(BT_STATE_RESET3,
589 SI_SM_CALL_WITH_DELAY);
590
591 case BT_STATE_RESET3: /* Hold off everything for a bit */
592 if (bt->timeout > 0)
593 return SI_SM_CALL_WITH_DELAY;
594 drain_BMC2HOST(bt);
595 BT_STATE_CHANGE(BT_STATE_RESTART,
596 SI_SM_CALL_WITH_DELAY);
597
598 case BT_STATE_RESTART: /* don't reset retries or seq! */
599 bt->read_count = 0;
600 bt->nonzero_status = 0;
601 bt->timeout = bt->BT_CAP_req2rsp;
602 BT_STATE_CHANGE(BT_STATE_XACTION_START,
603 SI_SM_CALL_WITH_DELAY);
604
605 default: /* should never occur */
606 return error_recovery(bt,
607 status,
608 IPMI_ERR_UNSPECIFIED);
609 }
610 return SI_SM_CALL_WITH_DELAY;
611 }
612
bt_detect(struct si_sm_data * bt)613 static int bt_detect(struct si_sm_data *bt)
614 {
615 unsigned char GetBT_CAP[] = { 0x18, 0x36 };
616 unsigned char BT_CAP[8];
617 enum si_sm_result smi_result;
618 int rv;
619
620 /*
621 * It's impossible for the BT status and interrupt registers to be
622 * all 1's, (assuming a properly functioning, self-initialized BMC)
623 * but that's what you get from reading a bogus address, so we
624 * test that first. The calling routine uses negative logic.
625 */
626
627 if ((BT_STATUS == 0xFF) && (BT_INTMASK_R == 0xFF))
628 return 1;
629 reset_flags(bt);
630
631 /*
632 * Try getting the BT capabilities here.
633 */
634 rv = bt_start_transaction(bt, GetBT_CAP, sizeof(GetBT_CAP));
635 if (rv) {
636 dev_warn(bt->io->dev,
637 "Can't start capabilities transaction: %d\n", rv);
638 goto out_no_bt_cap;
639 }
640
641 smi_result = SI_SM_CALL_WITHOUT_DELAY;
642 for (;;) {
643 if (smi_result == SI_SM_CALL_WITH_DELAY ||
644 smi_result == SI_SM_CALL_WITH_TICK_DELAY) {
645 schedule_timeout_uninterruptible(1);
646 smi_result = bt_event(bt, jiffies_to_usecs(1));
647 } else if (smi_result == SI_SM_CALL_WITHOUT_DELAY) {
648 smi_result = bt_event(bt, 0);
649 } else
650 break;
651 }
652
653 rv = bt_get_result(bt, BT_CAP, sizeof(BT_CAP));
654 bt_init_data(bt, bt->io);
655 if (rv < 8) {
656 dev_warn(bt->io->dev, "bt cap response too short: %d\n", rv);
657 goto out_no_bt_cap;
658 }
659
660 if (BT_CAP[2]) {
661 dev_warn(bt->io->dev, "Error fetching bt cap: %x\n", BT_CAP[2]);
662 out_no_bt_cap:
663 dev_warn(bt->io->dev, "using default values\n");
664 } else {
665 bt->BT_CAP_req2rsp = BT_CAP[6] * USEC_PER_SEC;
666 bt->BT_CAP_retries = BT_CAP[7];
667 }
668
669 dev_info(bt->io->dev, "req2rsp=%ld secs retries=%d\n",
670 bt->BT_CAP_req2rsp / USEC_PER_SEC, bt->BT_CAP_retries);
671
672 return 0;
673 }
674
bt_cleanup(struct si_sm_data * bt)675 static void bt_cleanup(struct si_sm_data *bt)
676 {
677 }
678
bt_size(void)679 static int bt_size(void)
680 {
681 return sizeof(struct si_sm_data);
682 }
683
684 const struct si_sm_handlers bt_smi_handlers = {
685 .init_data = bt_init_data,
686 .start_transaction = bt_start_transaction,
687 .get_result = bt_get_result,
688 .event = bt_event,
689 .detect = bt_detect,
690 .cleanup = bt_cleanup,
691 .size = bt_size,
692 };
693
