1 /*
2 * QEMU IPMI BT emulation
3 *
4 * Copyright (c) 2015 Corey Minyard, MontaVista Software, LLC
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24 #include "qemu/osdep.h"
25 #include "migration/vmstate.h"
26 #include "qemu/log.h"
27 #include "qapi/error.h"
28 #include "hw/ipmi/ipmi_bt.h"
29
30 /* Control register */
31 #define IPMI_BT_CLR_WR_BIT 0
32 #define IPMI_BT_CLR_RD_BIT 1
33 #define IPMI_BT_H2B_ATN_BIT 2
34 #define IPMI_BT_B2H_ATN_BIT 3
35 #define IPMI_BT_SMS_ATN_BIT 4
36 #define IPMI_BT_HBUSY_BIT 6
37 #define IPMI_BT_BBUSY_BIT 7
38
39 #define IPMI_BT_GET_CLR_WR(d) (((d) >> IPMI_BT_CLR_WR_BIT) & 0x1)
40
41 #define IPMI_BT_GET_CLR_RD(d) (((d) >> IPMI_BT_CLR_RD_BIT) & 0x1)
42
43 #define IPMI_BT_GET_H2B_ATN(d) (((d) >> IPMI_BT_H2B_ATN_BIT) & 0x1)
44
45 #define IPMI_BT_B2H_ATN_MASK (1 << IPMI_BT_B2H_ATN_BIT)
46 #define IPMI_BT_GET_B2H_ATN(d) (((d) >> IPMI_BT_B2H_ATN_BIT) & 0x1)
47 #define IPMI_BT_SET_B2H_ATN(d, v) ((d) = (((d) & ~IPMI_BT_B2H_ATN_MASK) | \
48 (!!(v) << IPMI_BT_B2H_ATN_BIT)))
49
50 #define IPMI_BT_SMS_ATN_MASK (1 << IPMI_BT_SMS_ATN_BIT)
51 #define IPMI_BT_GET_SMS_ATN(d) (((d) >> IPMI_BT_SMS_ATN_BIT) & 0x1)
52 #define IPMI_BT_SET_SMS_ATN(d, v) ((d) = (((d) & ~IPMI_BT_SMS_ATN_MASK) | \
53 (!!(v) << IPMI_BT_SMS_ATN_BIT)))
54
55 #define IPMI_BT_HBUSY_MASK (1 << IPMI_BT_HBUSY_BIT)
56 #define IPMI_BT_GET_HBUSY(d) (((d) >> IPMI_BT_HBUSY_BIT) & 0x1)
57 #define IPMI_BT_SET_HBUSY(d, v) ((d) = (((d) & ~IPMI_BT_HBUSY_MASK) | \
58 (!!(v) << IPMI_BT_HBUSY_BIT)))
59
60 #define IPMI_BT_BBUSY_MASK (1 << IPMI_BT_BBUSY_BIT)
61 #define IPMI_BT_SET_BBUSY(d, v) ((d) = (((d) & ~IPMI_BT_BBUSY_MASK) | \
62 (!!(v) << IPMI_BT_BBUSY_BIT)))
63
64
65 /* Mask register */
66 #define IPMI_BT_B2H_IRQ_EN_BIT 0
67 #define IPMI_BT_B2H_IRQ_BIT 1
68
69 #define IPMI_BT_B2H_IRQ_EN_MASK (1 << IPMI_BT_B2H_IRQ_EN_BIT)
70 #define IPMI_BT_GET_B2H_IRQ_EN(d) (((d) >> IPMI_BT_B2H_IRQ_EN_BIT) & 0x1)
71 #define IPMI_BT_SET_B2H_IRQ_EN(d, v) ((d) = (((d) & ~IPMI_BT_B2H_IRQ_EN_MASK) |\
72 (!!(v) << IPMI_BT_B2H_IRQ_EN_BIT)))
73
74 #define IPMI_BT_B2H_IRQ_MASK (1 << IPMI_BT_B2H_IRQ_BIT)
75 #define IPMI_BT_GET_B2H_IRQ(d) (((d) >> IPMI_BT_B2H_IRQ_BIT) & 0x1)
76 #define IPMI_BT_SET_B2H_IRQ(d, v) ((d) = (((d) & ~IPMI_BT_B2H_IRQ_MASK) | \
77 (!!(v) << IPMI_BT_B2H_IRQ_BIT)))
78
79 #define IPMI_CMD_GET_BT_INTF_CAP 0x36
80
ipmi_bt_raise_irq(IPMIBT * ib)81 static void ipmi_bt_raise_irq(IPMIBT *ib)
82 {
83 if (ib->use_irq && ib->irqs_enabled && ib->raise_irq) {
84 ib->raise_irq(ib);
85 }
86 }
87
ipmi_bt_lower_irq(IPMIBT * ib)88 static void ipmi_bt_lower_irq(IPMIBT *ib)
89 {
90 if (ib->lower_irq) {
91 ib->lower_irq(ib);
92 }
93 }
94
ipmi_bt_handle_event(IPMIInterface * ii)95 static void ipmi_bt_handle_event(IPMIInterface *ii)
96 {
97 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
98 IPMIBT *ib = iic->get_backend_data(ii);
99
100 if (ib->inlen < 4) {
101 return;
102 }
103 /* Note that overruns are handled by handle_command */
104 if (ib->inmsg[0] != (ib->inlen - 1)) {
105 /* Length mismatch, just ignore. */
106 IPMI_BT_SET_BBUSY(ib->control_reg, 1);
107 ib->inlen = 0;
108 return;
109 }
110 if ((ib->inmsg[1] == (IPMI_NETFN_APP << 2)) &&
111 (ib->inmsg[3] == IPMI_CMD_GET_BT_INTF_CAP)) {
112 /* We handle this one ourselves. */
113 ib->outmsg[0] = 9;
114 ib->outmsg[1] = ib->inmsg[1] | 0x04;
115 ib->outmsg[2] = ib->inmsg[2];
116 ib->outmsg[3] = ib->inmsg[3];
117 ib->outmsg[4] = 0;
118 ib->outmsg[5] = 1; /* Only support 1 outstanding request. */
119 if (sizeof(ib->inmsg) > 0xff) { /* Input buffer size */
120 ib->outmsg[6] = 0xff;
121 } else {
122 ib->outmsg[6] = (unsigned char) sizeof(ib->inmsg);
123 }
124 if (sizeof(ib->outmsg) > 0xff) { /* Output buffer size */
125 ib->outmsg[7] = 0xff;
126 } else {
127 ib->outmsg[7] = (unsigned char) sizeof(ib->outmsg);
128 }
129 ib->outmsg[8] = 10; /* Max request to response time */
130 ib->outmsg[9] = 0; /* Don't recommend retries */
131 ib->outlen = 10;
132 IPMI_BT_SET_BBUSY(ib->control_reg, 0);
133 IPMI_BT_SET_B2H_ATN(ib->control_reg, 1);
134 if (!IPMI_BT_GET_B2H_IRQ(ib->mask_reg) &&
135 IPMI_BT_GET_B2H_IRQ_EN(ib->mask_reg)) {
136 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 1);
137 ipmi_bt_raise_irq(ib);
138 }
139 return;
140 }
141 ib->waiting_seq = ib->inmsg[2];
142 ib->inmsg[2] = ib->inmsg[1];
143 {
144 IPMIBmcClass *bk = IPMI_BMC_GET_CLASS(ib->bmc);
145 bk->handle_command(ib->bmc, ib->inmsg + 2, ib->inlen - 2,
146 sizeof(ib->inmsg), ib->waiting_rsp);
147 }
148 }
149
ipmi_bt_handle_rsp(IPMIInterface * ii,uint8_t msg_id,unsigned char * rsp,unsigned int rsp_len)150 static void ipmi_bt_handle_rsp(IPMIInterface *ii, uint8_t msg_id,
151 unsigned char *rsp, unsigned int rsp_len)
152 {
153 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
154 IPMIBT *ib = iic->get_backend_data(ii);
155
156 if (ib->waiting_rsp == msg_id) {
157 ib->waiting_rsp++;
158 if (rsp_len > (sizeof(ib->outmsg) - 2)) {
159 ib->outmsg[0] = 4;
160 ib->outmsg[1] = rsp[0];
161 ib->outmsg[2] = ib->waiting_seq;
162 ib->outmsg[3] = rsp[1];
163 ib->outmsg[4] = IPMI_CC_CANNOT_RETURN_REQ_NUM_BYTES;
164 ib->outlen = 5;
165 } else {
166 ib->outmsg[0] = rsp_len + 1;
167 ib->outmsg[1] = rsp[0];
168 ib->outmsg[2] = ib->waiting_seq;
169 memcpy(ib->outmsg + 3, rsp + 1, rsp_len - 1);
170 ib->outlen = rsp_len + 2;
171 }
172 IPMI_BT_SET_BBUSY(ib->control_reg, 0);
173 IPMI_BT_SET_B2H_ATN(ib->control_reg, 1);
174 if (!IPMI_BT_GET_B2H_IRQ(ib->mask_reg) &&
175 IPMI_BT_GET_B2H_IRQ_EN(ib->mask_reg)) {
176 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 1);
177 ipmi_bt_raise_irq(ib);
178 }
179 }
180 }
181
182
ipmi_bt_ioport_read(void * opaque,hwaddr addr,unsigned size)183 static uint64_t ipmi_bt_ioport_read(void *opaque, hwaddr addr, unsigned size)
184 {
185 IPMIInterface *ii = opaque;
186 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
187 IPMIBT *ib = iic->get_backend_data(ii);
188 uint32_t ret = 0xff;
189
190 switch (addr & ib->size_mask) {
191 case 0:
192 ret = ib->control_reg;
193 break;
194 case 1:
195 if (ib->outpos < ib->outlen) {
196 ret = ib->outmsg[ib->outpos];
197 ib->outpos++;
198 if (ib->outpos == ib->outlen) {
199 ib->outpos = 0;
200 ib->outlen = 0;
201 }
202 } else {
203 ret = 0xff;
204 }
205 break;
206 case 2:
207 ret = ib->mask_reg;
208 break;
209 default:
210 ret = 0xff;
211 break;
212 }
213 return ret;
214 }
215
ipmi_bt_signal(IPMIBT * ib,IPMIInterface * ii)216 static void ipmi_bt_signal(IPMIBT *ib, IPMIInterface *ii)
217 {
218 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
219
220 ib->do_wake = 1;
221 while (ib->do_wake) {
222 ib->do_wake = 0;
223 iic->handle_if_event(ii);
224 }
225 }
226
ipmi_bt_ioport_write(void * opaque,hwaddr addr,uint64_t val,unsigned size)227 static void ipmi_bt_ioport_write(void *opaque, hwaddr addr, uint64_t val,
228 unsigned size)
229 {
230 IPMIInterface *ii = opaque;
231 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
232 IPMIBT *ib = iic->get_backend_data(ii);
233
234 switch (addr & ib->size_mask) {
235 case 0:
236 if (IPMI_BT_GET_CLR_WR(val)) {
237 ib->inlen = 0;
238 }
239 if (IPMI_BT_GET_CLR_RD(val)) {
240 ib->outpos = 0;
241 }
242 if (IPMI_BT_GET_B2H_ATN(val)) {
243 IPMI_BT_SET_B2H_ATN(ib->control_reg, 0);
244 }
245 if (IPMI_BT_GET_SMS_ATN(val)) {
246 IPMI_BT_SET_SMS_ATN(ib->control_reg, 0);
247 }
248 if (IPMI_BT_GET_HBUSY(val)) {
249 /* Toggle */
250 IPMI_BT_SET_HBUSY(ib->control_reg,
251 !IPMI_BT_GET_HBUSY(ib->control_reg));
252 }
253 if (IPMI_BT_GET_H2B_ATN(val)) {
254 IPMI_BT_SET_BBUSY(ib->control_reg, 1);
255 ipmi_bt_signal(ib, ii);
256 }
257 break;
258
259 case 1:
260 if (ib->inlen < sizeof(ib->inmsg)) {
261 ib->inmsg[ib->inlen] = val;
262 }
263 ib->inlen++;
264 break;
265
266 case 2:
267 if (IPMI_BT_GET_B2H_IRQ_EN(val) !=
268 IPMI_BT_GET_B2H_IRQ_EN(ib->mask_reg)) {
269 if (IPMI_BT_GET_B2H_IRQ_EN(val)) {
270 if (IPMI_BT_GET_B2H_ATN(ib->control_reg) ||
271 IPMI_BT_GET_SMS_ATN(ib->control_reg)) {
272 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 1);
273 ipmi_bt_raise_irq(ib);
274 }
275 IPMI_BT_SET_B2H_IRQ_EN(ib->mask_reg, 1);
276 } else {
277 if (IPMI_BT_GET_B2H_IRQ(ib->mask_reg)) {
278 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 0);
279 ipmi_bt_lower_irq(ib);
280 }
281 IPMI_BT_SET_B2H_IRQ_EN(ib->mask_reg, 0);
282 }
283 }
284 if (IPMI_BT_GET_B2H_IRQ(val) && IPMI_BT_GET_B2H_IRQ(ib->mask_reg)) {
285 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 0);
286 ipmi_bt_lower_irq(ib);
287 }
288 break;
289 default:
290 /* Ignore. */
291 break;
292 }
293 }
294
295 static const MemoryRegionOps ipmi_bt_io_ops = {
296 .read = ipmi_bt_ioport_read,
297 .write = ipmi_bt_ioport_write,
298 .impl = {
299 .min_access_size = 1,
300 .max_access_size = 1,
301 },
302 .endianness = DEVICE_LITTLE_ENDIAN,
303 };
304
ipmi_bt_set_atn(IPMIInterface * ii,int val,int irq)305 static void ipmi_bt_set_atn(IPMIInterface *ii, int val, int irq)
306 {
307 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
308 IPMIBT *ib = iic->get_backend_data(ii);
309
310 if (!!val == IPMI_BT_GET_SMS_ATN(ib->control_reg)) {
311 return;
312 }
313
314 IPMI_BT_SET_SMS_ATN(ib->control_reg, val);
315 if (val) {
316 if (irq && !IPMI_BT_GET_B2H_ATN(ib->control_reg) &&
317 IPMI_BT_GET_B2H_IRQ_EN(ib->mask_reg)) {
318 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 1);
319 ipmi_bt_raise_irq(ib);
320 }
321 } else {
322 if (!IPMI_BT_GET_B2H_ATN(ib->control_reg) &&
323 IPMI_BT_GET_B2H_IRQ(ib->mask_reg)) {
324 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 0);
325 ipmi_bt_lower_irq(ib);
326 }
327 }
328 }
329
ipmi_bt_handle_reset(IPMIInterface * ii,bool is_cold)330 static void ipmi_bt_handle_reset(IPMIInterface *ii, bool is_cold)
331 {
332 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
333 IPMIBT *ib = iic->get_backend_data(ii);
334
335 if (is_cold) {
336 /* Disable the BT interrupt on reset */
337 if (IPMI_BT_GET_B2H_IRQ(ib->mask_reg)) {
338 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 0);
339 ipmi_bt_lower_irq(ib);
340 }
341 IPMI_BT_SET_B2H_IRQ_EN(ib->mask_reg, 0);
342 }
343 }
344
ipmi_bt_set_irq_enable(IPMIInterface * ii,int val)345 static void ipmi_bt_set_irq_enable(IPMIInterface *ii, int val)
346 {
347 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
348 IPMIBT *ib = iic->get_backend_data(ii);
349
350 ib->irqs_enabled = val;
351 }
352
ipmi_bt_init(IPMIInterface * ii,unsigned int min_size,Error ** errp)353 static void ipmi_bt_init(IPMIInterface *ii, unsigned int min_size, Error **errp)
354 {
355 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
356 IPMIBT *ib = iic->get_backend_data(ii);
357
358 if (min_size == 0) {
359 min_size = 4;
360 }
361 ib->size_mask = min_size - 1;
362 ib->io_length = 3;
363
364 memory_region_init_io(&ib->io, NULL, &ipmi_bt_io_ops, ii, "ipmi-bt",
365 min_size);
366 }
367
ipmi_bt_vmstate_post_load(void * opaque,int version)368 int ipmi_bt_vmstate_post_load(void *opaque, int version)
369 {
370 IPMIBT *ib = opaque;
371
372 /* Make sure all the values are sane. */
373 if (ib->outpos >= MAX_IPMI_MSG_SIZE || ib->outlen >= MAX_IPMI_MSG_SIZE ||
374 ib->outpos >= ib->outlen) {
375 qemu_log_mask(LOG_GUEST_ERROR,
376 "ipmi:bt: vmstate transfer received bad out values: %d %d\n",
377 ib->outpos, ib->outlen);
378 ib->outpos = 0;
379 ib->outlen = 0;
380 }
381
382 if (ib->inlen >= MAX_IPMI_MSG_SIZE) {
383 qemu_log_mask(LOG_GUEST_ERROR,
384 "ipmi:bt: vmstate transfer received bad in value: %d\n",
385 ib->inlen);
386 ib->inlen = 0;
387 }
388
389 return 0;
390 }
391
392 const VMStateDescription vmstate_IPMIBT = {
393 .name = TYPE_IPMI_INTERFACE_PREFIX "bt",
394 .version_id = 1,
395 .minimum_version_id = 1,
396 .post_load = ipmi_bt_vmstate_post_load,
397 .fields = (const VMStateField[]) {
398 VMSTATE_BOOL(obf_irq_set, IPMIBT),
399 VMSTATE_BOOL(atn_irq_set, IPMIBT),
400 VMSTATE_BOOL(irqs_enabled, IPMIBT),
401 VMSTATE_UINT32(outpos, IPMIBT),
402 VMSTATE_UINT32(outlen, IPMIBT),
403 VMSTATE_UINT8_ARRAY(outmsg, IPMIBT, MAX_IPMI_MSG_SIZE),
404 VMSTATE_UINT32(inlen, IPMIBT),
405 VMSTATE_UINT8_ARRAY(inmsg, IPMIBT, MAX_IPMI_MSG_SIZE),
406 VMSTATE_UINT8(control_reg, IPMIBT),
407 VMSTATE_UINT8(mask_reg, IPMIBT),
408 VMSTATE_UINT8(waiting_rsp, IPMIBT),
409 VMSTATE_UINT8(waiting_seq, IPMIBT),
410 VMSTATE_END_OF_LIST()
411 }
412 };
413
ipmi_bt_get_fwinfo(struct IPMIBT * ib,IPMIFwInfo * info)414 void ipmi_bt_get_fwinfo(struct IPMIBT *ib, IPMIFwInfo *info)
415 {
416 info->interface_name = "bt";
417 info->interface_type = IPMI_SMBIOS_BT;
418 info->ipmi_spec_major_revision = 2;
419 info->ipmi_spec_minor_revision = 0;
420 /* BT System Interface Format, IPMI v1.5 */
421 info->ipmi_channel_protocol = IPMI_CHANNEL_PROTOCOL_BT_15;
422 info->base_address = ib->io_base;
423 info->register_length = ib->io_length;
424 info->register_spacing = 1;
425 info->memspace = IPMI_MEMSPACE_IO;
426 info->irq_type = IPMI_LEVEL_IRQ;
427 }
428
ipmi_bt_class_init(IPMIInterfaceClass * iic)429 void ipmi_bt_class_init(IPMIInterfaceClass *iic)
430 {
431 iic->init = ipmi_bt_init;
432 iic->set_atn = ipmi_bt_set_atn;
433 iic->handle_rsp = ipmi_bt_handle_rsp;
434 iic->handle_if_event = ipmi_bt_handle_event;
435 iic->set_irq_enable = ipmi_bt_set_irq_enable;
436 iic->reset = ipmi_bt_handle_reset;
437 }
438