1/* 2 * ipmi_bt_sm.c 3 * 4 * The state machine for an Open IPMI BT sub-driver under ipmi_si.c, part 5 * of the driver architecture at http://sourceforge.net/projects/openipmi 6 * 7 * Author: Rocky Craig <first.last@hp.com> 8 * 9 * This program is free software; you can redistribute it and/or modify it 10 * under the terms of the GNU General Public License as published by the 11 * Free Software Foundation; either version 2 of the License, or (at your 12 * option) any later version. 13 * 14 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 15 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 16 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 19 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 20 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 21 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 22 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 23 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 * 25 * You should have received a copy of the GNU General Public License along 26 * with this program; if not, write to the Free Software Foundation, Inc., 27 * 675 Mass Ave, Cambridge, MA 02139, USA. */ 28 29#include <linux/kernel.h> /* For printk. */ 30#include <linux/string.h> 31#include <linux/module.h> 32#include <linux/moduleparam.h> 33#include <linux/ipmi_msgdefs.h> /* for completion codes */ 34#include "ipmi_si_sm.h" 35 36#define BT_DEBUG_OFF 0 /* Used in production */ 37#define BT_DEBUG_ENABLE 1 /* Generic messages */ 38#define BT_DEBUG_MSG 2 /* Prints all request/response buffers */ 39#define BT_DEBUG_STATES 4 /* Verbose look at state changes */ 40/* 41 * BT_DEBUG_OFF must be zero to correspond to the default uninitialized 42 * value 43 */ 44 45static int bt_debug; /* 0 == BT_DEBUG_OFF */ 46 47module_param(bt_debug, int, 0644); 48MODULE_PARM_DESC(bt_debug, "debug bitmask, 1=enable, 2=messages, 4=states"); 49 50/* 51 * Typical "Get BT Capabilities" values are 2-3 retries, 5-10 seconds, 52 * and 64 byte buffers. However, one HP implementation wants 255 bytes of 53 * buffer (with a documented message of 160 bytes) so go for the max. 54 * Since the Open IPMI architecture is single-message oriented at this 55 * stage, the queue depth of BT is of no concern. 56 */ 57 58#define BT_NORMAL_TIMEOUT 5 /* seconds */ 59#define BT_NORMAL_RETRY_LIMIT 2 60#define BT_RESET_DELAY 6 /* seconds after warm reset */ 61 62/* 63 * States are written in chronological order and usually cover 64 * multiple rows of the state table discussion in the IPMI spec. 65 */ 66 67enum bt_states { 68 BT_STATE_IDLE = 0, /* Order is critical in this list */ 69 BT_STATE_XACTION_START, 70 BT_STATE_WRITE_BYTES, 71 BT_STATE_WRITE_CONSUME, 72 BT_STATE_READ_WAIT, 73 BT_STATE_CLEAR_B2H, 74 BT_STATE_READ_BYTES, 75 BT_STATE_RESET1, /* These must come last */ 76 BT_STATE_RESET2, 77 BT_STATE_RESET3, 78 BT_STATE_RESTART, 79 BT_STATE_PRINTME, 80 BT_STATE_CAPABILITIES_BEGIN, 81 BT_STATE_CAPABILITIES_END, 82 BT_STATE_LONG_BUSY /* BT doesn't get hosed :-) */ 83}; 84 85/* 86 * Macros seen at the end of state "case" blocks. They help with legibility 87 * and debugging. 88 */ 89 90#define BT_STATE_CHANGE(X, Y) { bt->state = X; return Y; } 91 92#define BT_SI_SM_RETURN(Y) { last_printed = BT_STATE_PRINTME; return Y; } 93 94struct si_sm_data { 95 enum bt_states state; 96 unsigned char seq; /* BT sequence number */ 97 struct si_sm_io *io; 98 unsigned char write_data[IPMI_MAX_MSG_LENGTH + 2]; /* +2 for memcpy */ 99 int write_count; 100 unsigned char read_data[IPMI_MAX_MSG_LENGTH + 2]; /* +2 for memcpy */ 101 int read_count; 102 int truncated; 103 long timeout; /* microseconds countdown */ 104 int error_retries; /* end of "common" fields */ 105 int nonzero_status; /* hung BMCs stay all 0 */ 106 enum bt_states complete; /* to divert the state machine */ 107 int BT_CAP_outreqs; 108 long BT_CAP_req2rsp; 109 int BT_CAP_retries; /* Recommended retries */ 110}; 111 112#define BT_CLR_WR_PTR 0x01 /* See IPMI 1.5 table 11.6.4 */ 113#define BT_CLR_RD_PTR 0x02 114#define BT_H2B_ATN 0x04 115#define BT_B2H_ATN 0x08 116#define BT_SMS_ATN 0x10 117#define BT_OEM0 0x20 118#define BT_H_BUSY 0x40 119#define BT_B_BUSY 0x80 120 121/* 122 * Some bits are toggled on each write: write once to set it, once 123 * more to clear it; writing a zero does nothing. To absolutely 124 * clear it, check its state and write if set. This avoids the "get 125 * current then use as mask" scheme to modify one bit. Note that the 126 * variable "bt" is hardcoded into these macros. 127 */ 128 129#define BT_STATUS bt->io->inputb(bt->io, 0) 130#define BT_CONTROL(x) bt->io->outputb(bt->io, 0, x) 131 132#define BMC2HOST bt->io->inputb(bt->io, 1) 133#define HOST2BMC(x) bt->io->outputb(bt->io, 1, x) 134 135#define BT_INTMASK_R bt->io->inputb(bt->io, 2) 136#define BT_INTMASK_W(x) bt->io->outputb(bt->io, 2, x) 137 138/* 139 * Convenience routines for debugging. These are not multi-open safe! 140 * Note the macros have hardcoded variables in them. 141 */ 142 143static char *state2txt(unsigned char state) 144{ 145 switch (state) { 146 case BT_STATE_IDLE: return("IDLE"); 147 case BT_STATE_XACTION_START: return("XACTION"); 148 case BT_STATE_WRITE_BYTES: return("WR_BYTES"); 149 case BT_STATE_WRITE_CONSUME: return("WR_CONSUME"); 150 case BT_STATE_READ_WAIT: return("RD_WAIT"); 151 case BT_STATE_CLEAR_B2H: return("CLEAR_B2H"); 152 case BT_STATE_READ_BYTES: return("RD_BYTES"); 153 case BT_STATE_RESET1: return("RESET1"); 154 case BT_STATE_RESET2: return("RESET2"); 155 case BT_STATE_RESET3: return("RESET3"); 156 case BT_STATE_RESTART: return("RESTART"); 157 case BT_STATE_LONG_BUSY: return("LONG_BUSY"); 158 case BT_STATE_CAPABILITIES_BEGIN: return("CAP_BEGIN"); 159 case BT_STATE_CAPABILITIES_END: return("CAP_END"); 160 } 161 return("BAD STATE"); 162} 163#define STATE2TXT state2txt(bt->state) 164 165static char *status2txt(unsigned char status) 166{ 167 /* 168 * This cannot be called by two threads at the same time and 169 * the buffer is always consumed immediately, so the static is 170 * safe to use. 171 */ 172 static char buf[40]; 173 174 strcpy(buf, "[ "); 175 if (status & BT_B_BUSY) 176 strcat(buf, "B_BUSY "); 177 if (status & BT_H_BUSY) 178 strcat(buf, "H_BUSY "); 179 if (status & BT_OEM0) 180 strcat(buf, "OEM0 "); 181 if (status & BT_SMS_ATN) 182 strcat(buf, "SMS "); 183 if (status & BT_B2H_ATN) 184 strcat(buf, "B2H "); 185 if (status & BT_H2B_ATN) 186 strcat(buf, "H2B "); 187 strcat(buf, "]"); 188 return buf; 189} 190#define STATUS2TXT status2txt(status) 191 192/* called externally at insmod time, and internally on cleanup */ 193 194static unsigned int bt_init_data(struct si_sm_data *bt, struct si_sm_io *io) 195{ 196 memset(bt, 0, sizeof(struct si_sm_data)); 197 if (bt->io != io) { 198 /* external: one-time only things */ 199 bt->io = io; 200 bt->seq = 0; 201 } 202 bt->state = BT_STATE_IDLE; /* start here */ 203 bt->complete = BT_STATE_IDLE; /* end here */ 204 bt->BT_CAP_req2rsp = BT_NORMAL_TIMEOUT * USEC_PER_SEC; 205 bt->BT_CAP_retries = BT_NORMAL_RETRY_LIMIT; 206 /* BT_CAP_outreqs == zero is a flag to read BT Capabilities */ 207 return 3; /* We claim 3 bytes of space; ought to check SPMI table */ 208} 209 210/* Jam a completion code (probably an error) into a response */ 211 212static void force_result(struct si_sm_data *bt, unsigned char completion_code) 213{ 214 bt->read_data[0] = 4; /* # following bytes */ 215 bt->read_data[1] = bt->write_data[1] | 4; /* Odd NetFn/LUN */ 216 bt->read_data[2] = bt->write_data[2]; /* seq (ignored) */ 217 bt->read_data[3] = bt->write_data[3]; /* Command */ 218 bt->read_data[4] = completion_code; 219 bt->read_count = 5; 220} 221 222/* The upper state machine starts here */ 223 224static int bt_start_transaction(struct si_sm_data *bt, 225 unsigned char *data, 226 unsigned int size) 227{ 228 unsigned int i; 229 230 if (size < 2) 231 return IPMI_REQ_LEN_INVALID_ERR; 232 if (size > IPMI_MAX_MSG_LENGTH) 233 return IPMI_REQ_LEN_EXCEEDED_ERR; 234 235 if (bt->state == BT_STATE_LONG_BUSY) 236 return IPMI_NODE_BUSY_ERR; 237 238 if (bt->state != BT_STATE_IDLE) 239 return IPMI_NOT_IN_MY_STATE_ERR; 240 241 if (bt_debug & BT_DEBUG_MSG) { 242 printk(KERN_WARNING "BT: +++++++++++++++++ New command\n"); 243 printk(KERN_WARNING "BT: NetFn/LUN CMD [%d data]:", size - 2); 244 for (i = 0; i < size; i ++) 245 printk(" %02x", data[i]); 246 printk("\n"); 247 } 248 bt->write_data[0] = size + 1; /* all data plus seq byte */ 249 bt->write_data[1] = *data; /* NetFn/LUN */ 250 bt->write_data[2] = bt->seq++; 251 memcpy(bt->write_data + 3, data + 1, size - 1); 252 bt->write_count = size + 2; 253 bt->error_retries = 0; 254 bt->nonzero_status = 0; 255 bt->truncated = 0; 256 bt->state = BT_STATE_XACTION_START; 257 bt->timeout = bt->BT_CAP_req2rsp; 258 force_result(bt, IPMI_ERR_UNSPECIFIED); 259 return 0; 260} 261 262/* 263 * After the upper state machine has been told SI_SM_TRANSACTION_COMPLETE 264 * it calls this. Strip out the length and seq bytes. 265 */ 266 267static int bt_get_result(struct si_sm_data *bt, 268 unsigned char *data, 269 unsigned int length) 270{ 271 int i, msg_len; 272 273 msg_len = bt->read_count - 2; /* account for length & seq */ 274 if (msg_len < 3 || msg_len > IPMI_MAX_MSG_LENGTH) { 275 force_result(bt, IPMI_ERR_UNSPECIFIED); 276 msg_len = 3; 277 } 278 data[0] = bt->read_data[1]; 279 data[1] = bt->read_data[3]; 280 if (length < msg_len || bt->truncated) { 281 data[2] = IPMI_ERR_MSG_TRUNCATED; 282 msg_len = 3; 283 } else 284 memcpy(data + 2, bt->read_data + 4, msg_len - 2); 285 286 if (bt_debug & BT_DEBUG_MSG) { 287 printk(KERN_WARNING "BT: result %d bytes:", msg_len); 288 for (i = 0; i < msg_len; i++) 289 printk(" %02x", data[i]); 290 printk("\n"); 291 } 292 return msg_len; 293} 294 295/* This bit's functionality is optional */ 296#define BT_BMC_HWRST 0x80 297 298static void reset_flags(struct si_sm_data *bt) 299{ 300 if (bt_debug) 301 printk(KERN_WARNING "IPMI BT: flag reset %s\n", 302 status2txt(BT_STATUS)); 303 if (BT_STATUS & BT_H_BUSY) 304 BT_CONTROL(BT_H_BUSY); /* force clear */ 305 BT_CONTROL(BT_CLR_WR_PTR); /* always reset */ 306 BT_CONTROL(BT_SMS_ATN); /* always clear */ 307 BT_INTMASK_W(BT_BMC_HWRST); 308} 309 310/* 311 * Get rid of an unwanted/stale response. This should only be needed for 312 * BMCs that support multiple outstanding requests. 313 */ 314 315static void drain_BMC2HOST(struct si_sm_data *bt) 316{ 317 int i, size; 318 319 if (!(BT_STATUS & BT_B2H_ATN)) /* Not signalling a response */ 320 return; 321 322 BT_CONTROL(BT_H_BUSY); /* now set */ 323 BT_CONTROL(BT_B2H_ATN); /* always clear */ 324 BT_STATUS; /* pause */ 325 BT_CONTROL(BT_B2H_ATN); /* some BMCs are stubborn */ 326 BT_CONTROL(BT_CLR_RD_PTR); /* always reset */ 327 if (bt_debug) 328 printk(KERN_WARNING "IPMI BT: stale response %s; ", 329 status2txt(BT_STATUS)); 330 size = BMC2HOST; 331 for (i = 0; i < size ; i++) 332 BMC2HOST; 333 BT_CONTROL(BT_H_BUSY); /* now clear */ 334 if (bt_debug) 335 printk("drained %d bytes\n", size + 1); 336} 337 338static inline void write_all_bytes(struct si_sm_data *bt) 339{ 340 int i; 341 342 if (bt_debug & BT_DEBUG_MSG) { 343 printk(KERN_WARNING "BT: write %d bytes seq=0x%02X", 344 bt->write_count, bt->seq); 345 for (i = 0; i < bt->write_count; i++) 346 printk(" %02x", bt->write_data[i]); 347 printk("\n"); 348 } 349 for (i = 0; i < bt->write_count; i++) 350 HOST2BMC(bt->write_data[i]); 351} 352 353static inline int read_all_bytes(struct si_sm_data *bt) 354{ 355 unsigned int i; 356 357 /* 358 * length is "framing info", minimum = 4: NetFn, Seq, Cmd, cCode. 359 * Keep layout of first four bytes aligned with write_data[] 360 */ 361 362 bt->read_data[0] = BMC2HOST; 363 bt->read_count = bt->read_data[0]; 364 365 if (bt->read_count < 4 || bt->read_count >= IPMI_MAX_MSG_LENGTH) { 366 if (bt_debug & BT_DEBUG_MSG) 367 printk(KERN_WARNING "BT: bad raw rsp len=%d\n", 368 bt->read_count); 369 bt->truncated = 1; 370 return 1; /* let next XACTION START clean it up */ 371 } 372 for (i = 1; i <= bt->read_count; i++) 373 bt->read_data[i] = BMC2HOST; 374 bt->read_count++; /* Account internally for length byte */ 375 376 if (bt_debug & BT_DEBUG_MSG) { 377 int max = bt->read_count; 378 379 printk(KERN_WARNING "BT: got %d bytes seq=0x%02X", 380 max, bt->read_data[2]); 381 if (max > 16) 382 max = 16; 383 for (i = 0; i < max; i++) 384 printk(KERN_CONT " %02x", bt->read_data[i]); 385 printk(KERN_CONT "%s\n", bt->read_count == max ? "" : " ..."); 386 } 387 388 /* per the spec, the (NetFn[1], Seq[2], Cmd[3]) tuples must match */ 389 if ((bt->read_data[3] == bt->write_data[3]) && 390 (bt->read_data[2] == bt->write_data[2]) && 391 ((bt->read_data[1] & 0xF8) == (bt->write_data[1] & 0xF8))) 392 return 1; 393 394 if (bt_debug & BT_DEBUG_MSG) 395 printk(KERN_WARNING "IPMI BT: bad packet: " 396 "want 0x(%02X, %02X, %02X) got (%02X, %02X, %02X)\n", 397 bt->write_data[1] | 0x04, bt->write_data[2], bt->write_data[3], 398 bt->read_data[1], bt->read_data[2], bt->read_data[3]); 399 return 0; 400} 401 402/* Restart if retries are left, or return an error completion code */ 403 404static enum si_sm_result error_recovery(struct si_sm_data *bt, 405 unsigned char status, 406 unsigned char cCode) 407{ 408 char *reason; 409 410 bt->timeout = bt->BT_CAP_req2rsp; 411 412 switch (cCode) { 413 case IPMI_TIMEOUT_ERR: 414 reason = "timeout"; 415 break; 416 default: 417 reason = "internal error"; 418 break; 419 } 420 421 printk(KERN_WARNING "IPMI BT: %s in %s %s ", /* open-ended line */ 422 reason, STATE2TXT, STATUS2TXT); 423 424 /* 425 * Per the IPMI spec, retries are based on the sequence number 426 * known only to this module, so manage a restart here. 427 */ 428 (bt->error_retries)++; 429 if (bt->error_retries < bt->BT_CAP_retries) { 430 printk("%d retries left\n", 431 bt->BT_CAP_retries - bt->error_retries); 432 bt->state = BT_STATE_RESTART; 433 return SI_SM_CALL_WITHOUT_DELAY; 434 } 435 436 printk(KERN_WARNING "failed %d retries, sending error response\n", 437 bt->BT_CAP_retries); 438 if (!bt->nonzero_status) 439 printk(KERN_ERR "IPMI BT: stuck, try power cycle\n"); 440 441 /* this is most likely during insmod */ 442 else if (bt->seq <= (unsigned char)(bt->BT_CAP_retries & 0xFF)) { 443 printk(KERN_WARNING "IPMI: BT reset (takes 5 secs)\n"); 444 bt->state = BT_STATE_RESET1; 445 return SI_SM_CALL_WITHOUT_DELAY; 446 } 447 448 /* 449 * Concoct a useful error message, set up the next state, and 450 * be done with this sequence. 451 */ 452 453 bt->state = BT_STATE_IDLE; 454 switch (cCode) { 455 case IPMI_TIMEOUT_ERR: 456 if (status & BT_B_BUSY) { 457 cCode = IPMI_NODE_BUSY_ERR; 458 bt->state = BT_STATE_LONG_BUSY; 459 } 460 break; 461 default: 462 break; 463 } 464 force_result(bt, cCode); 465 return SI_SM_TRANSACTION_COMPLETE; 466} 467 468/* Check status and (usually) take action and change this state machine. */ 469 470static enum si_sm_result bt_event(struct si_sm_data *bt, long time) 471{ 472 unsigned char status, BT_CAP[8]; 473 static enum bt_states last_printed = BT_STATE_PRINTME; 474 int i; 475 476 status = BT_STATUS; 477 bt->nonzero_status |= status; 478 if ((bt_debug & BT_DEBUG_STATES) && (bt->state != last_printed)) { 479 printk(KERN_WARNING "BT: %s %s TO=%ld - %ld \n", 480 STATE2TXT, 481 STATUS2TXT, 482 bt->timeout, 483 time); 484 last_printed = bt->state; 485 } 486 487 /* 488 * Commands that time out may still (eventually) provide a response. 489 * This stale response will get in the way of a new response so remove 490 * it if possible (hopefully during IDLE). Even if it comes up later 491 * it will be rejected by its (now-forgotten) seq number. 492 */ 493 494 if ((bt->state < BT_STATE_WRITE_BYTES) && (status & BT_B2H_ATN)) { 495 drain_BMC2HOST(bt); 496 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY); 497 } 498 499 if ((bt->state != BT_STATE_IDLE) && 500 (bt->state < BT_STATE_PRINTME)) { 501 /* check timeout */ 502 bt->timeout -= time; 503 if ((bt->timeout < 0) && (bt->state < BT_STATE_RESET1)) 504 return error_recovery(bt, 505 status, 506 IPMI_TIMEOUT_ERR); 507 } 508 509 switch (bt->state) { 510 511 /* 512 * Idle state first checks for asynchronous messages from another 513 * channel, then does some opportunistic housekeeping. 514 */ 515 516 case BT_STATE_IDLE: 517 if (status & BT_SMS_ATN) { 518 BT_CONTROL(BT_SMS_ATN); /* clear it */ 519 return SI_SM_ATTN; 520 } 521 522 if (status & BT_H_BUSY) /* clear a leftover H_BUSY */ 523 BT_CONTROL(BT_H_BUSY); 524 525 /* Read BT capabilities if it hasn't been done yet */ 526 if (!bt->BT_CAP_outreqs) 527 BT_STATE_CHANGE(BT_STATE_CAPABILITIES_BEGIN, 528 SI_SM_CALL_WITHOUT_DELAY); 529 bt->timeout = bt->BT_CAP_req2rsp; 530 BT_SI_SM_RETURN(SI_SM_IDLE); 531 532 case BT_STATE_XACTION_START: 533 if (status & (BT_B_BUSY | BT_H2B_ATN)) 534 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY); 535 if (BT_STATUS & BT_H_BUSY) 536 BT_CONTROL(BT_H_BUSY); /* force clear */ 537 BT_STATE_CHANGE(BT_STATE_WRITE_BYTES, 538 SI_SM_CALL_WITHOUT_DELAY); 539 540 case BT_STATE_WRITE_BYTES: 541 if (status & BT_H_BUSY) 542 BT_CONTROL(BT_H_BUSY); /* clear */ 543 BT_CONTROL(BT_CLR_WR_PTR); 544 write_all_bytes(bt); 545 BT_CONTROL(BT_H2B_ATN); /* can clear too fast to catch */ 546 BT_STATE_CHANGE(BT_STATE_WRITE_CONSUME, 547 SI_SM_CALL_WITHOUT_DELAY); 548 549 case BT_STATE_WRITE_CONSUME: 550 if (status & (BT_B_BUSY | BT_H2B_ATN)) 551 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY); 552 BT_STATE_CHANGE(BT_STATE_READ_WAIT, 553 SI_SM_CALL_WITHOUT_DELAY); 554 555 /* Spinning hard can suppress B2H_ATN and force a timeout */ 556 557 case BT_STATE_READ_WAIT: 558 if (!(status & BT_B2H_ATN)) 559 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY); 560 BT_CONTROL(BT_H_BUSY); /* set */ 561 562 /* 563 * Uncached, ordered writes should just proceed serially but 564 * some BMCs don't clear B2H_ATN with one hit. Fast-path a 565 * workaround without too much penalty to the general case. 566 */ 567 568 BT_CONTROL(BT_B2H_ATN); /* clear it to ACK the BMC */ 569 BT_STATE_CHANGE(BT_STATE_CLEAR_B2H, 570 SI_SM_CALL_WITHOUT_DELAY); 571 572 case BT_STATE_CLEAR_B2H: 573 if (status & BT_B2H_ATN) { 574 /* keep hitting it */ 575 BT_CONTROL(BT_B2H_ATN); 576 BT_SI_SM_RETURN(SI_SM_CALL_WITH_DELAY); 577 } 578 BT_STATE_CHANGE(BT_STATE_READ_BYTES, 579 SI_SM_CALL_WITHOUT_DELAY); 580 581 case BT_STATE_READ_BYTES: 582 if (!(status & BT_H_BUSY)) 583 /* check in case of retry */ 584 BT_CONTROL(BT_H_BUSY); 585 BT_CONTROL(BT_CLR_RD_PTR); /* start of BMC2HOST buffer */ 586 i = read_all_bytes(bt); /* true == packet seq match */ 587 BT_CONTROL(BT_H_BUSY); /* NOW clear */ 588 if (!i) /* Not my message */ 589 BT_STATE_CHANGE(BT_STATE_READ_WAIT, 590 SI_SM_CALL_WITHOUT_DELAY); 591 bt->state = bt->complete; 592 return bt->state == BT_STATE_IDLE ? /* where to next? */ 593 SI_SM_TRANSACTION_COMPLETE : /* normal */ 594 SI_SM_CALL_WITHOUT_DELAY; /* Startup magic */ 595 596 case BT_STATE_LONG_BUSY: /* For example: after FW update */ 597 if (!(status & BT_B_BUSY)) { 598 reset_flags(bt); /* next state is now IDLE */ 599 bt_init_data(bt, bt->io); 600 } 601 return SI_SM_CALL_WITH_DELAY; /* No repeat printing */ 602 603 case BT_STATE_RESET1: 604 reset_flags(bt); 605 drain_BMC2HOST(bt); 606 BT_STATE_CHANGE(BT_STATE_RESET2, 607 SI_SM_CALL_WITH_DELAY); 608 609 case BT_STATE_RESET2: /* Send a soft reset */ 610 BT_CONTROL(BT_CLR_WR_PTR); 611 HOST2BMC(3); /* number of bytes following */ 612 HOST2BMC(0x18); /* NetFn/LUN == Application, LUN 0 */ 613 HOST2BMC(42); /* Sequence number */ 614 HOST2BMC(3); /* Cmd == Soft reset */ 615 BT_CONTROL(BT_H2B_ATN); 616 bt->timeout = BT_RESET_DELAY * USEC_PER_SEC; 617 BT_STATE_CHANGE(BT_STATE_RESET3, 618 SI_SM_CALL_WITH_DELAY); 619 620 case BT_STATE_RESET3: /* Hold off everything for a bit */ 621 if (bt->timeout > 0) 622 return SI_SM_CALL_WITH_DELAY; 623 drain_BMC2HOST(bt); 624 BT_STATE_CHANGE(BT_STATE_RESTART, 625 SI_SM_CALL_WITH_DELAY); 626 627 case BT_STATE_RESTART: /* don't reset retries or seq! */ 628 bt->read_count = 0; 629 bt->nonzero_status = 0; 630 bt->timeout = bt->BT_CAP_req2rsp; 631 BT_STATE_CHANGE(BT_STATE_XACTION_START, 632 SI_SM_CALL_WITH_DELAY); 633 634 /* 635 * Get BT Capabilities, using timing of upper level state machine. 636 * Set outreqs to prevent infinite loop on timeout. 637 */ 638 case BT_STATE_CAPABILITIES_BEGIN: 639 bt->BT_CAP_outreqs = 1; 640 { 641 unsigned char GetBT_CAP[] = { 0x18, 0x36 }; 642 bt->state = BT_STATE_IDLE; 643 bt_start_transaction(bt, GetBT_CAP, sizeof(GetBT_CAP)); 644 } 645 bt->complete = BT_STATE_CAPABILITIES_END; 646 BT_STATE_CHANGE(BT_STATE_XACTION_START, 647 SI_SM_CALL_WITH_DELAY); 648 649 case BT_STATE_CAPABILITIES_END: 650 i = bt_get_result(bt, BT_CAP, sizeof(BT_CAP)); 651 bt_init_data(bt, bt->io); 652 if ((i == 8) && !BT_CAP[2]) { 653 bt->BT_CAP_outreqs = BT_CAP[3]; 654 bt->BT_CAP_req2rsp = BT_CAP[6] * USEC_PER_SEC; 655 bt->BT_CAP_retries = BT_CAP[7]; 656 } else 657 printk(KERN_WARNING "IPMI BT: using default values\n"); 658 if (!bt->BT_CAP_outreqs) 659 bt->BT_CAP_outreqs = 1; 660 printk(KERN_WARNING "IPMI BT: req2rsp=%ld secs retries=%d\n", 661 bt->BT_CAP_req2rsp / USEC_PER_SEC, bt->BT_CAP_retries); 662 bt->timeout = bt->BT_CAP_req2rsp; 663 return SI_SM_CALL_WITHOUT_DELAY; 664 665 default: /* should never occur */ 666 return error_recovery(bt, 667 status, 668 IPMI_ERR_UNSPECIFIED); 669 } 670 return SI_SM_CALL_WITH_DELAY; 671} 672 673static int bt_detect(struct si_sm_data *bt) 674{ 675 /* 676 * It's impossible for the BT status and interrupt registers to be 677 * all 1's, (assuming a properly functioning, self-initialized BMC) 678 * but that's what you get from reading a bogus address, so we 679 * test that first. The calling routine uses negative logic. 680 */ 681 682 if ((BT_STATUS == 0xFF) && (BT_INTMASK_R == 0xFF)) 683 return 1; 684 reset_flags(bt); 685 return 0; 686} 687 688static void bt_cleanup(struct si_sm_data *bt) 689{ 690} 691 692static int bt_size(void) 693{ 694 return sizeof(struct si_sm_data); 695} 696 697struct si_sm_handlers bt_smi_handlers = { 698 .init_data = bt_init_data, 699 .start_transaction = bt_start_transaction, 700 .get_result = bt_get_result, 701 .event = bt_event, 702 .detect = bt_detect, 703 .cleanup = bt_cleanup, 704 .size = bt_size, 705}; 706