1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24#include "qemu/osdep.h"
25#include "qapi/error.h"
26#include "hw/hw.h"
27#include "hw/ipmi/ipmi.h"
28#include "hw/isa/isa.h"
29
30
31#define IPMI_BT_CLR_WR_BIT 0
32#define IPMI_BT_CLR_RD_BIT 1
33#define IPMI_BT_H2B_ATN_BIT 2
34#define IPMI_BT_B2H_ATN_BIT 3
35#define IPMI_BT_SMS_ATN_BIT 4
36#define IPMI_BT_HBUSY_BIT 6
37#define IPMI_BT_BBUSY_BIT 7
38
39#define IPMI_BT_GET_CLR_WR(d) (((d) >> IPMI_BT_CLR_WR_BIT) & 0x1)
40
41#define IPMI_BT_GET_CLR_RD(d) (((d) >> IPMI_BT_CLR_RD_BIT) & 0x1)
42
43#define IPMI_BT_GET_H2B_ATN(d) (((d) >> IPMI_BT_H2B_ATN_BIT) & 0x1)
44
45#define IPMI_BT_B2H_ATN_MASK (1 << IPMI_BT_B2H_ATN_BIT)
46#define IPMI_BT_GET_B2H_ATN(d) (((d) >> IPMI_BT_B2H_ATN_BIT) & 0x1)
47#define IPMI_BT_SET_B2H_ATN(d, v) ((d) = (((d) & ~IPMI_BT_B2H_ATN_MASK) | \
48 (!!(v) << IPMI_BT_B2H_ATN_BIT)))
49
50#define IPMI_BT_SMS_ATN_MASK (1 << IPMI_BT_SMS_ATN_BIT)
51#define IPMI_BT_GET_SMS_ATN(d) (((d) >> IPMI_BT_SMS_ATN_BIT) & 0x1)
52#define IPMI_BT_SET_SMS_ATN(d, v) ((d) = (((d) & ~IPMI_BT_SMS_ATN_MASK) | \
53 (!!(v) << IPMI_BT_SMS_ATN_BIT)))
54
55#define IPMI_BT_HBUSY_MASK (1 << IPMI_BT_HBUSY_BIT)
56#define IPMI_BT_GET_HBUSY(d) (((d) >> IPMI_BT_HBUSY_BIT) & 0x1)
57#define IPMI_BT_SET_HBUSY(d, v) ((d) = (((d) & ~IPMI_BT_HBUSY_MASK) | \
58 (!!(v) << IPMI_BT_HBUSY_BIT)))
59
60#define IPMI_BT_BBUSY_MASK (1 << IPMI_BT_BBUSY_BIT)
61#define IPMI_BT_SET_BBUSY(d, v) ((d) = (((d) & ~IPMI_BT_BBUSY_MASK) | \
62 (!!(v) << IPMI_BT_BBUSY_BIT)))
63
64
65
66#define IPMI_BT_B2H_IRQ_EN_BIT 0
67#define IPMI_BT_B2H_IRQ_BIT 1
68
69#define IPMI_BT_B2H_IRQ_EN_MASK (1 << IPMI_BT_B2H_IRQ_EN_BIT)
70#define IPMI_BT_GET_B2H_IRQ_EN(d) (((d) >> IPMI_BT_B2H_IRQ_EN_BIT) & 0x1)
71#define IPMI_BT_SET_B2H_IRQ_EN(d, v) ((d) = (((d) & ~IPMI_BT_B2H_IRQ_EN_MASK) |\
72 (!!(v) << IPMI_BT_B2H_IRQ_EN_BIT)))
73
74#define IPMI_BT_B2H_IRQ_MASK (1 << IPMI_BT_B2H_IRQ_BIT)
75#define IPMI_BT_GET_B2H_IRQ(d) (((d) >> IPMI_BT_B2H_IRQ_BIT) & 0x1)
76#define IPMI_BT_SET_B2H_IRQ(d, v) ((d) = (((d) & ~IPMI_BT_B2H_IRQ_MASK) | \
77 (!!(v) << IPMI_BT_B2H_IRQ_BIT)))
78
79typedef struct IPMIBT {
80 IPMIBmc *bmc;
81
82 bool do_wake;
83
84 qemu_irq irq;
85
86 uint32_t io_base;
87 unsigned long io_length;
88 MemoryRegion io;
89
90 bool obf_irq_set;
91 bool atn_irq_set;
92 bool use_irq;
93 bool irqs_enabled;
94
95 uint8_t outmsg[MAX_IPMI_MSG_SIZE];
96 uint32_t outpos;
97 uint32_t outlen;
98
99 uint8_t inmsg[MAX_IPMI_MSG_SIZE];
100 uint32_t inlen;
101
102 uint8_t control_reg;
103 uint8_t mask_reg;
104
105
106
107
108
109 uint8_t waiting_rsp;
110 uint8_t waiting_seq;
111} IPMIBT;
112
113#define IPMI_CMD_GET_BT_INTF_CAP 0x36
114
115static void ipmi_bt_handle_event(IPMIInterface *ii)
116{
117 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
118 IPMIBT *ib = iic->get_backend_data(ii);
119
120 if (ib->inlen < 4) {
121 goto out;
122 }
123
124 if (ib->inmsg[0] != (ib->inlen - 1)) {
125
126 IPMI_BT_SET_BBUSY(ib->control_reg, 1);
127 ib->inlen = 0;
128 goto out;
129 }
130 if ((ib->inmsg[1] == (IPMI_NETFN_APP << 2)) &&
131 (ib->inmsg[3] == IPMI_CMD_GET_BT_INTF_CAP)) {
132
133 ib->outmsg[0] = 9;
134 ib->outmsg[1] = ib->inmsg[1] | 0x04;
135 ib->outmsg[2] = ib->inmsg[2];
136 ib->outmsg[3] = ib->inmsg[3];
137 ib->outmsg[4] = 0;
138 ib->outmsg[5] = 1;
139 if (sizeof(ib->inmsg) > 0xff) {
140 ib->outmsg[6] = 0xff;
141 } else {
142 ib->outmsg[6] = (unsigned char) sizeof(ib->inmsg);
143 }
144 if (sizeof(ib->outmsg) > 0xff) {
145 ib->outmsg[7] = 0xff;
146 } else {
147 ib->outmsg[7] = (unsigned char) sizeof(ib->outmsg);
148 }
149 ib->outmsg[8] = 10;
150 ib->outmsg[9] = 0;
151 ib->outlen = 10;
152 IPMI_BT_SET_BBUSY(ib->control_reg, 0);
153 IPMI_BT_SET_B2H_ATN(ib->control_reg, 1);
154 if (ib->use_irq && ib->irqs_enabled &&
155 !IPMI_BT_GET_B2H_IRQ(ib->mask_reg) &&
156 IPMI_BT_GET_B2H_IRQ_EN(ib->mask_reg)) {
157 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 1);
158 qemu_irq_raise(ib->irq);
159 }
160 goto out;
161 }
162 ib->waiting_seq = ib->inmsg[2];
163 ib->inmsg[2] = ib->inmsg[1];
164 {
165 IPMIBmcClass *bk = IPMI_BMC_GET_CLASS(ib->bmc);
166 bk->handle_command(ib->bmc, ib->inmsg + 2, ib->inlen - 2,
167 sizeof(ib->inmsg), ib->waiting_rsp);
168 }
169 out:
170 return;
171}
172
173static void ipmi_bt_handle_rsp(IPMIInterface *ii, uint8_t msg_id,
174 unsigned char *rsp, unsigned int rsp_len)
175{
176 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
177 IPMIBT *ib = iic->get_backend_data(ii);
178
179 if (ib->waiting_rsp == msg_id) {
180 ib->waiting_rsp++;
181 if (rsp_len > (sizeof(ib->outmsg) - 2)) {
182 ib->outmsg[0] = 4;
183 ib->outmsg[1] = rsp[0];
184 ib->outmsg[2] = ib->waiting_seq;
185 ib->outmsg[3] = rsp[1];
186 ib->outmsg[4] = IPMI_CC_CANNOT_RETURN_REQ_NUM_BYTES;
187 ib->outlen = 5;
188 } else {
189 ib->outmsg[0] = rsp_len + 1;
190 ib->outmsg[1] = rsp[0];
191 ib->outmsg[2] = ib->waiting_seq;
192 memcpy(ib->outmsg + 3, rsp + 1, rsp_len - 1);
193 ib->outlen = rsp_len + 2;
194 }
195 IPMI_BT_SET_BBUSY(ib->control_reg, 0);
196 IPMI_BT_SET_B2H_ATN(ib->control_reg, 1);
197 if (ib->use_irq && ib->irqs_enabled &&
198 !IPMI_BT_GET_B2H_IRQ(ib->mask_reg) &&
199 IPMI_BT_GET_B2H_IRQ_EN(ib->mask_reg)) {
200 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 1);
201 qemu_irq_raise(ib->irq);
202 }
203 }
204}
205
206
207static uint64_t ipmi_bt_ioport_read(void *opaque, hwaddr addr, unsigned size)
208{
209 IPMIInterface *ii = opaque;
210 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
211 IPMIBT *ib = iic->get_backend_data(ii);
212 uint32_t ret = 0xff;
213
214 switch (addr & 3) {
215 case 0:
216 ret = ib->control_reg;
217 break;
218 case 1:
219 if (ib->outpos < ib->outlen) {
220 ret = ib->outmsg[ib->outpos];
221 ib->outpos++;
222 if (ib->outpos == ib->outlen) {
223 ib->outpos = 0;
224 ib->outlen = 0;
225 }
226 } else {
227 ret = 0xff;
228 }
229 break;
230 case 2:
231 ret = ib->mask_reg;
232 break;
233 }
234 return ret;
235}
236
237static void ipmi_bt_signal(IPMIBT *ib, IPMIInterface *ii)
238{
239 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
240
241 ib->do_wake = 1;
242 while (ib->do_wake) {
243 ib->do_wake = 0;
244 iic->handle_if_event(ii);
245 }
246}
247
248static void ipmi_bt_ioport_write(void *opaque, hwaddr addr, uint64_t val,
249 unsigned size)
250{
251 IPMIInterface *ii = opaque;
252 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
253 IPMIBT *ib = iic->get_backend_data(ii);
254
255 switch (addr & 3) {
256 case 0:
257 if (IPMI_BT_GET_CLR_WR(val)) {
258 ib->inlen = 0;
259 }
260 if (IPMI_BT_GET_CLR_RD(val)) {
261 ib->outpos = 0;
262 }
263 if (IPMI_BT_GET_B2H_ATN(val)) {
264 IPMI_BT_SET_B2H_ATN(ib->control_reg, 0);
265 }
266 if (IPMI_BT_GET_SMS_ATN(val)) {
267 IPMI_BT_SET_SMS_ATN(ib->control_reg, 0);
268 }
269 if (IPMI_BT_GET_HBUSY(val)) {
270
271 IPMI_BT_SET_HBUSY(ib->control_reg,
272 !IPMI_BT_GET_HBUSY(ib->control_reg));
273 }
274 if (IPMI_BT_GET_H2B_ATN(val)) {
275 IPMI_BT_SET_BBUSY(ib->control_reg, 1);
276 ipmi_bt_signal(ib, ii);
277 }
278 break;
279
280 case 1:
281 if (ib->inlen < sizeof(ib->inmsg)) {
282 ib->inmsg[ib->inlen] = val;
283 }
284 ib->inlen++;
285 break;
286
287 case 2:
288 if (IPMI_BT_GET_B2H_IRQ_EN(val) !=
289 IPMI_BT_GET_B2H_IRQ_EN(ib->mask_reg)) {
290 if (IPMI_BT_GET_B2H_IRQ_EN(val)) {
291 if (IPMI_BT_GET_B2H_ATN(ib->control_reg) ||
292 IPMI_BT_GET_SMS_ATN(ib->control_reg)) {
293 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 1);
294 qemu_irq_raise(ib->irq);
295 }
296 IPMI_BT_SET_B2H_IRQ_EN(ib->mask_reg, 1);
297 } else {
298 if (IPMI_BT_GET_B2H_IRQ(ib->mask_reg)) {
299 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 0);
300 qemu_irq_lower(ib->irq);
301 }
302 IPMI_BT_SET_B2H_IRQ_EN(ib->mask_reg, 0);
303 }
304 }
305 if (IPMI_BT_GET_B2H_IRQ(val) && IPMI_BT_GET_B2H_IRQ(ib->mask_reg)) {
306 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 0);
307 qemu_irq_lower(ib->irq);
308 }
309 break;
310 }
311}
312
313static const MemoryRegionOps ipmi_bt_io_ops = {
314 .read = ipmi_bt_ioport_read,
315 .write = ipmi_bt_ioport_write,
316 .impl = {
317 .min_access_size = 1,
318 .max_access_size = 1,
319 },
320 .endianness = DEVICE_LITTLE_ENDIAN,
321};
322
323static void ipmi_bt_set_atn(IPMIInterface *ii, int val, int irq)
324{
325 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
326 IPMIBT *ib = iic->get_backend_data(ii);
327
328 if (!!val == IPMI_BT_GET_SMS_ATN(ib->control_reg)) {
329 return;
330 }
331
332 IPMI_BT_SET_SMS_ATN(ib->control_reg, val);
333 if (val) {
334 if (irq && ib->use_irq && ib->irqs_enabled &&
335 !IPMI_BT_GET_B2H_ATN(ib->control_reg) &&
336 IPMI_BT_GET_B2H_IRQ_EN(ib->mask_reg)) {
337 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 1);
338 qemu_irq_raise(ib->irq);
339 }
340 } else {
341 if (!IPMI_BT_GET_B2H_ATN(ib->control_reg) &&
342 IPMI_BT_GET_B2H_IRQ(ib->mask_reg)) {
343 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 0);
344 qemu_irq_lower(ib->irq);
345 }
346 }
347}
348
349static void ipmi_bt_handle_reset(IPMIInterface *ii, bool is_cold)
350{
351 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
352 IPMIBT *ib = iic->get_backend_data(ii);
353
354 if (is_cold) {
355
356 if (IPMI_BT_GET_B2H_IRQ(ib->mask_reg)) {
357 IPMI_BT_SET_B2H_IRQ(ib->mask_reg, 0);
358 qemu_irq_lower(ib->irq);
359 }
360 IPMI_BT_SET_B2H_IRQ_EN(ib->mask_reg, 0);
361 }
362}
363
364static void ipmi_bt_set_irq_enable(IPMIInterface *ii, int val)
365{
366 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
367 IPMIBT *ib = iic->get_backend_data(ii);
368
369 ib->irqs_enabled = val;
370}
371
372static void ipmi_bt_init(IPMIInterface *ii, Error **errp)
373{
374 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
375 IPMIBT *ib = iic->get_backend_data(ii);
376
377 ib->io_length = 3;
378
379 memory_region_init_io(&ib->io, NULL, &ipmi_bt_io_ops, ii, "ipmi-bt", 3);
380}
381
382
383#define TYPE_ISA_IPMI_BT "isa-ipmi-bt"
384#define ISA_IPMI_BT(obj) OBJECT_CHECK(ISAIPMIBTDevice, (obj), \
385 TYPE_ISA_IPMI_BT)
386
387typedef struct ISAIPMIBTDevice {
388 ISADevice dev;
389 int32_t isairq;
390 IPMIBT bt;
391 uint32_t uuid;
392} ISAIPMIBTDevice;
393
394static void ipmi_bt_get_fwinfo(struct IPMIInterface *ii, IPMIFwInfo *info)
395{
396 ISAIPMIBTDevice *iib = ISA_IPMI_BT(ii);
397
398 info->interface_name = "bt";
399 info->interface_type = IPMI_SMBIOS_BT;
400 info->ipmi_spec_major_revision = 2;
401 info->ipmi_spec_minor_revision = 0;
402 info->base_address = iib->bt.io_base;
403 info->register_length = iib->bt.io_length;
404 info->register_spacing = 1;
405 info->memspace = IPMI_MEMSPACE_IO;
406 info->irq_type = IPMI_LEVEL_IRQ;
407 info->interrupt_number = iib->isairq;
408 info->i2c_slave_address = iib->bt.bmc->slave_addr;
409 info->uuid = iib->uuid;
410}
411
412static void ipmi_bt_class_init(IPMIInterfaceClass *iic)
413{
414 iic->init = ipmi_bt_init;
415 iic->set_atn = ipmi_bt_set_atn;
416 iic->handle_rsp = ipmi_bt_handle_rsp;
417 iic->handle_if_event = ipmi_bt_handle_event;
418 iic->set_irq_enable = ipmi_bt_set_irq_enable;
419 iic->reset = ipmi_bt_handle_reset;
420 iic->get_fwinfo = ipmi_bt_get_fwinfo;
421}
422
423static void isa_ipmi_bt_realize(DeviceState *dev, Error **errp)
424{
425 ISADevice *isadev = ISA_DEVICE(dev);
426 ISAIPMIBTDevice *iib = ISA_IPMI_BT(dev);
427 IPMIInterface *ii = IPMI_INTERFACE(dev);
428 IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
429
430 if (!iib->bt.bmc) {
431 error_setg(errp, "IPMI device requires a bmc attribute to be set");
432 return;
433 }
434
435 iib->uuid = ipmi_next_uuid();
436
437 iib->bt.bmc->intf = ii;
438
439 iic->init(ii, errp);
440 if (*errp)
441 return;
442
443 if (iib->isairq > 0) {
444 isa_init_irq(isadev, &iib->bt.irq, iib->isairq);
445 iib->bt.use_irq = 1;
446 }
447
448 qdev_set_legacy_instance_id(dev, iib->bt.io_base, iib->bt.io_length);
449
450 isa_register_ioport(isadev, &iib->bt.io, iib->bt.io_base);
451}
452
453static const VMStateDescription vmstate_ISAIPMIBTDevice = {
454 .name = TYPE_IPMI_INTERFACE,
455 .version_id = 1,
456 .minimum_version_id = 1,
457 .fields = (VMStateField[]) {
458 VMSTATE_BOOL(bt.obf_irq_set, ISAIPMIBTDevice),
459 VMSTATE_BOOL(bt.atn_irq_set, ISAIPMIBTDevice),
460 VMSTATE_BOOL(bt.use_irq, ISAIPMIBTDevice),
461 VMSTATE_BOOL(bt.irqs_enabled, ISAIPMIBTDevice),
462 VMSTATE_UINT32(bt.outpos, ISAIPMIBTDevice),
463 VMSTATE_VBUFFER_UINT32(bt.outmsg, ISAIPMIBTDevice, 1, NULL, bt.outlen),
464 VMSTATE_VBUFFER_UINT32(bt.inmsg, ISAIPMIBTDevice, 1, NULL, bt.inlen),
465 VMSTATE_UINT8(bt.control_reg, ISAIPMIBTDevice),
466 VMSTATE_UINT8(bt.mask_reg, ISAIPMIBTDevice),
467 VMSTATE_UINT8(bt.waiting_rsp, ISAIPMIBTDevice),
468 VMSTATE_UINT8(bt.waiting_seq, ISAIPMIBTDevice),
469 VMSTATE_END_OF_LIST()
470 }
471};
472
473static void isa_ipmi_bt_init(Object *obj)
474{
475 ISAIPMIBTDevice *iib = ISA_IPMI_BT(obj);
476
477 ipmi_bmc_find_and_link(obj, (Object **) &iib->bt.bmc);
478
479 vmstate_register(NULL, 0, &vmstate_ISAIPMIBTDevice, iib);
480}
481
482static void *isa_ipmi_bt_get_backend_data(IPMIInterface *ii)
483{
484 ISAIPMIBTDevice *iib = ISA_IPMI_BT(ii);
485
486 return &iib->bt;
487}
488
489static Property ipmi_isa_properties[] = {
490 DEFINE_PROP_UINT32("ioport", ISAIPMIBTDevice, bt.io_base, 0xe4),
491 DEFINE_PROP_INT32("irq", ISAIPMIBTDevice, isairq, 5),
492 DEFINE_PROP_END_OF_LIST(),
493};
494
495static void isa_ipmi_bt_class_init(ObjectClass *oc, void *data)
496{
497 DeviceClass *dc = DEVICE_CLASS(oc);
498 IPMIInterfaceClass *iic = IPMI_INTERFACE_CLASS(oc);
499
500 dc->realize = isa_ipmi_bt_realize;
501 dc->props = ipmi_isa_properties;
502
503 iic->get_backend_data = isa_ipmi_bt_get_backend_data;
504 ipmi_bt_class_init(iic);
505}
506
507static const TypeInfo isa_ipmi_bt_info = {
508 .name = TYPE_ISA_IPMI_BT,
509 .parent = TYPE_ISA_DEVICE,
510 .instance_size = sizeof(ISAIPMIBTDevice),
511 .instance_init = isa_ipmi_bt_init,
512 .class_init = isa_ipmi_bt_class_init,
513 .interfaces = (InterfaceInfo[]) {
514 { TYPE_IPMI_INTERFACE },
515 { }
516 }
517};
518
519static void ipmi_register_types(void)
520{
521 type_register_static(&isa_ipmi_bt_info);
522}
523
524type_init(ipmi_register_types)
525
