FangSoftSoft
/
qemu
-ын хуулбар https://github.com/utmapp/qemu.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384
							/*
 * QEMU IPMI SMBus (SSIF) emulation
 *
 * Copyright (c) 2015,2016 Corey Minyard, MontaVista Software, LLC
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
#include "qemu/osdep.h"
#include "migration/vmstate.h"
#include "hw/i2c/smbus_slave.h"
#include "qapi/error.h"
#include "qemu/error-report.h"
#include "hw/ipmi/ipmi.h"

#define TYPE_SMBUS_IPMI "smbus-ipmi"
#define SMBUS_IPMI(obj) OBJECT_CHECK(SMBusIPMIDevice, (obj), TYPE_SMBUS_IPMI)

#define SSIF_IPMI_REQUEST                       2
#define SSIF_IPMI_MULTI_PART_REQUEST_START      6
#define SSIF_IPMI_MULTI_PART_REQUEST_MIDDLE     7
#define SSIF_IPMI_MULTI_PART_REQUEST_END        8
#define SSIF_IPMI_RESPONSE                      3
#define SSIF_IPMI_MULTI_PART_RESPONSE_MIDDLE    9
#define SSIF_IPMI_MULTI_PART_RETRY              0xa

#define MAX_SSIF_IPMI_MSG_SIZE 255
#define MAX_SSIF_IPMI_MSG_CHUNK 32

#define IPMI_GET_SYS_INTF_CAP_CMD 0x57

typedef struct SMBusIPMIDevice {
    SMBusDevice parent;

    IPMIBmc *bmc;

    uint8_t outmsg[MAX_SSIF_IPMI_MSG_SIZE];
    uint32_t outlen;
    uint32_t currblk;

    /* Holds the SMBUS message currently being sent to the host. */
    uint8_t outbuf[MAX_SSIF_IPMI_MSG_CHUNK + 1]; /* len + message. */
    uint32_t outpos;

    uint8_t inmsg[MAX_SSIF_IPMI_MSG_SIZE];
    uint32_t inlen;

    /*
     * This is a response number that we send with the command to make
     * sure that the response matches the command.
     */
    uint8_t waiting_rsp;

    uint32_t uuid;
} SMBusIPMIDevice;

static void smbus_ipmi_handle_event(IPMIInterface *ii)
{
    /* No interrupts, so nothing to do here. */
}

static void smbus_ipmi_handle_rsp(IPMIInterface *ii, uint8_t msg_id,
                                  unsigned char *rsp, unsigned int rsp_len)
{
    SMBusIPMIDevice *sid = SMBUS_IPMI(ii);

    if (sid->waiting_rsp == msg_id) {
        sid->waiting_rsp++;

        if (rsp_len > MAX_SSIF_IPMI_MSG_SIZE) {
            rsp[2] = IPMI_CC_REQUEST_DATA_TRUNCATED;
            rsp_len = MAX_SSIF_IPMI_MSG_SIZE;
        }
        memcpy(sid->outmsg, rsp, rsp_len);
        sid->outlen = rsp_len;
        sid->outpos = 0;
        sid->currblk = 0;
    }
}

static void smbus_ipmi_set_atn(IPMIInterface *ii, int val, int irq)
{
    /* This is where PEC would go. */
}

static void smbus_ipmi_set_irq_enable(IPMIInterface *ii, int val)
{
}

static void smbus_ipmi_send_msg(SMBusIPMIDevice *sid)
{
    uint8_t *msg = sid->inmsg;
    uint32_t len = sid->inlen;
    IPMIBmcClass *bk = IPMI_BMC_GET_CLASS(sid->bmc);

    sid->outlen = 0;
    sid->outpos = 0;
    sid->currblk = 0;

    if (msg[0] == (IPMI_NETFN_APP << 2) && msg[1] == IPMI_GET_SYS_INTF_CAP_CMD)
    {
        /* We handle this ourself. */
        sid->outmsg[0] = (IPMI_NETFN_APP + 1) << 2;
        sid->outmsg[1] = msg[1];
        if (len < 3) {
            sid->outmsg[2] = IPMI_CC_REQUEST_DATA_LENGTH_INVALID;
            sid->outlen = 3;
        } else if ((msg[2] & 0x0f) != 0) {
            sid->outmsg[2] = IPMI_CC_INVALID_DATA_FIELD;
            sid->outlen = 3;
        } else {
            sid->outmsg[2] = 0;
            sid->outmsg[3] = 0;
            sid->outmsg[4] = (2 << 6); /* Multi-part supported. */
            sid->outmsg[5] = MAX_SSIF_IPMI_MSG_SIZE;
            sid->outmsg[6] = MAX_SSIF_IPMI_MSG_SIZE;
            sid->outlen = 7;
        }
        return;
    }

    bk->handle_command(sid->bmc, sid->inmsg, sid->inlen, sizeof(sid->inmsg),
                       sid->waiting_rsp);
}

static uint8_t ipmi_receive_byte(SMBusDevice *dev)
{
    SMBusIPMIDevice *sid = SMBUS_IPMI(dev);

    if (sid->outpos >= sizeof(sid->outbuf)) {
        return 0xff;
    }

    return sid->outbuf[sid->outpos++];
}

static int ipmi_load_readbuf(SMBusIPMIDevice *sid)
{
    unsigned int block = sid->currblk, pos, len;

    if (sid->outlen == 0) {
        return -1;
    }

    if (sid->outlen <= 32) {
        if (block != 0) {
            return -1;
        }
        sid->outbuf[0] = sid->outlen;
        memcpy(sid->outbuf + 1, sid->outmsg, sid->outlen);
        sid->outpos = 0;
        return 0;
    }

    if (block == 0) {
        sid->outbuf[0] = 32;
        sid->outbuf[1] = 0;
        sid->outbuf[2] = 1;
        memcpy(sid->outbuf + 3, sid->outmsg, 30);
        sid->outpos = 0;
        return 0;
    }

    /*
     * Calculate the position in outmsg.  30 for the first block, 31
     * for the rest of the blocks.
     */
    pos = 30 + (block - 1) * 31;

    if (pos >= sid->outlen) {
        return -1;
    }

    len = sid->outlen - pos;
    if (len > 31) {
        /* More chunks after this. */
        len = 31;
        /* Blocks start at 0 for the first middle transaction. */
        sid->outbuf[1] = block - 1;
    } else {
        sid->outbuf[1] = 0xff; /* End of message marker. */
    }

    sid->outbuf[0] = len + 1;
    memcpy(sid->outbuf + 2, sid->outmsg + pos, len);
    sid->outpos = 0;
    return 0;
}

static int ipmi_write_data(SMBusDevice *dev, uint8_t *buf, uint8_t len)
{
    SMBusIPMIDevice *sid = SMBUS_IPMI(dev);
    bool send = false;
    uint8_t cmd;
    int ret = 0;

    /* length is guaranteed to be >= 1. */
    cmd = *buf++;
    len--;

    /* Handle read request, which don't have any data in the write part. */
    switch (cmd) {
    case SSIF_IPMI_RESPONSE:
        sid->currblk = 0;
        ret = ipmi_load_readbuf(sid);
        break;

    case SSIF_IPMI_MULTI_PART_RESPONSE_MIDDLE:
        sid->currblk++;
        ret = ipmi_load_readbuf(sid);
        break;

    case SSIF_IPMI_MULTI_PART_RETRY:
        if (len >= 1) {
            sid->currblk = buf[0];
            ret = ipmi_load_readbuf(sid);
        } else {
            ret = -1;
        }
        break;

    default:
        break;
    }

    /* This should be a message write, make the length is there and correct. */
    if (len >= 1) {
        if (*buf != len - 1 || *buf > MAX_SSIF_IPMI_MSG_CHUNK) {
            return -1; /* Bogus message */
        }
        buf++;
        len--;
    }

    switch (cmd) {
    case SSIF_IPMI_REQUEST:
        send = true;
        /* FALLTHRU */
    case SSIF_IPMI_MULTI_PART_REQUEST_START:
        if (len < 2) {
            return -1; /* Bogus. */
        }
        memcpy(sid->inmsg, buf, len);
        sid->inlen = len;
        break;

    case SSIF_IPMI_MULTI_PART_REQUEST_END:
        send = true;
        /* FALLTHRU */
    case SSIF_IPMI_MULTI_PART_REQUEST_MIDDLE:
        if (!sid->inlen) {
            return -1; /* Bogus. */
        }
        if (sid->inlen + len > MAX_SSIF_IPMI_MSG_SIZE) {
            sid->inlen = 0; /* Discard the message. */
            return -1; /* Bogus. */
        }
        if (len < 32) {
            /*
             * Special hack, a multi-part middle that is less than 32 bytes
             * marks the end of a message.  The specification is fairly
             * confusing, so some systems to this, even sending a zero
             * length end message to mark the end.
             */
            send = true;
        }
        memcpy(sid->inmsg + sid->inlen, buf, len);
        sid->inlen += len;
        break;
    }

    if (send && sid->inlen) {
        smbus_ipmi_send_msg(sid);
    }

    return ret;
}

static const VMStateDescription vmstate_smbus_ipmi = {
    .name = TYPE_SMBUS_IPMI,
    .version_id = 1,
    .minimum_version_id = 1,
    .fields      = (VMStateField[]) {
        VMSTATE_SMBUS_DEVICE(parent, SMBusIPMIDevice),
        VMSTATE_UINT8(waiting_rsp, SMBusIPMIDevice),
        VMSTATE_UINT32(outlen, SMBusIPMIDevice),
        VMSTATE_UINT32(currblk, SMBusIPMIDevice),
        VMSTATE_UINT8_ARRAY(outmsg, SMBusIPMIDevice, MAX_SSIF_IPMI_MSG_SIZE),
        VMSTATE_UINT32(outpos, SMBusIPMIDevice),
        VMSTATE_UINT8_ARRAY(outbuf, SMBusIPMIDevice,
                            MAX_SSIF_IPMI_MSG_CHUNK + 1),
        VMSTATE_UINT32(inlen, SMBusIPMIDevice),
        VMSTATE_UINT8_ARRAY(inmsg, SMBusIPMIDevice, MAX_SSIF_IPMI_MSG_SIZE),
        VMSTATE_END_OF_LIST()
    }
};

static void smbus_ipmi_realize(DeviceState *dev, Error **errp)
{
    SMBusIPMIDevice *sid = SMBUS_IPMI(dev);
    IPMIInterface *ii = IPMI_INTERFACE(dev);

    if (!sid->bmc) {
        error_setg(errp, "IPMI device requires a bmc attribute to be set");
        return;
    }

    sid->uuid = ipmi_next_uuid();

    sid->bmc->intf = ii;
}

static void smbus_ipmi_init(Object *obj)
{
    SMBusIPMIDevice *sid = SMBUS_IPMI(obj);

    ipmi_bmc_find_and_link(OBJECT(obj), (Object **) &sid->bmc);
}

static void smbus_ipmi_get_fwinfo(struct IPMIInterface *ii, IPMIFwInfo *info)
{
    SMBusIPMIDevice *sid = SMBUS_IPMI(ii);

    info->interface_name = "smbus";
    info->interface_type = IPMI_SMBIOS_SSIF;
    info->ipmi_spec_major_revision = 2;
    info->ipmi_spec_minor_revision = 0;
    info->i2c_slave_address = sid->bmc->slave_addr;
    info->base_address = sid->parent.i2c.address;
    info->memspace = IPMI_MEMSPACE_SMBUS;
    info->register_spacing = 1;
    info->uuid = sid->uuid;
}

static void smbus_ipmi_class_init(ObjectClass *oc, void *data)
{
    DeviceClass *dc = DEVICE_CLASS(oc);
    IPMIInterfaceClass *iic = IPMI_INTERFACE_CLASS(oc);
    SMBusDeviceClass *sc = SMBUS_DEVICE_CLASS(oc);

    sc->receive_byte = ipmi_receive_byte;
    sc->write_data = ipmi_write_data;
    dc->vmsd = &vmstate_smbus_ipmi;
    dc->realize = smbus_ipmi_realize;
    iic->set_atn = smbus_ipmi_set_atn;
    iic->handle_rsp = smbus_ipmi_handle_rsp;
    iic->handle_if_event = smbus_ipmi_handle_event;
    iic->set_irq_enable = smbus_ipmi_set_irq_enable;
    iic->get_fwinfo = smbus_ipmi_get_fwinfo;
}

static const TypeInfo smbus_ipmi_info = {
    .name          = TYPE_SMBUS_IPMI,
    .parent        = TYPE_SMBUS_DEVICE,
    .instance_size = sizeof(SMBusIPMIDevice),
    .instance_init = smbus_ipmi_init,
    .class_init    = smbus_ipmi_class_init,
    .interfaces = (InterfaceInfo[]) {
        { TYPE_IPMI_INTERFACE },
        { }
    }
};

static void smbus_ipmi_register_types(void)
{
    type_register_static(&smbus_ipmi_info);
}

type_init(smbus_ipmi_register_types)