Desc: How to make a new driver to support another UPS File: new-drivers.txt Date: 14 March 2004 Auth: Russell Kroll <rkroll@exploits.org> Arnaud Quette <arnaud.quette@gmail.com> Smart vs. Contact-closure ========================= If your UPS only does contact closure readings, then go straight to the contact-closure.txt document for information on adding support. It's a lot easier to add a few lines to a header file than it is to create a whole new driver. Serial vs. USB vs. SNMP and more ================================ If your UPS connects to your computer via a USB port, then go straight to the document hid-subdrivers.txt. You can probably add support for your device by writing a new subdriver to the existing usbhid-ups driver, which is easier than writing an entire new driver. Similarly, if your UPS connects to your computer via an SNMP network card, you can probably add support for your device by writing a new subdriver to the existing snmp-ups driver, which is easier than writing an entire new driver. Overall concept =============== The basic design of drivers is simple. main.c handles most of the work for you. You don't have to worry about arguments, config files, or anything else like that. Your only concern is talking to the hardware and providing data to the outside world. Skeleton driver =============== Familiarize yourself with the design of skel.c in the drivers directory. It shows a few examples of the functions that main will call to obtain updated information from the hardware. Essential structure =================== upsdrv_info_t ------------- This structure tracks several description information about the driver: * name: the driver full name, for banner printing. * version: the driver's own version. For sub driver information, refer below to sub_upsdrv_info. This value has the form "X.YZ", and is published by main as "driver.version.internal". * authors: the driver's author(s) name. If multiple authors are listed, separate them with '\n' so that it can be broken up by author if needed. * status: the driver development status. The following values are allowed: - DRV_BROKEN: setting this value will cause main to print an error and exit. This is only used during conversions of the driver core to keep users from using drivers which have not been converted. Drivers in this state will be removed from the tree after some period if they are not fixed. - DRV_EXPERIMENTAL: set this value if your driver is potentially broken. This will trigger a warning when it starts so the user doesn't take it for granted. - DRV_BETA: this value means that the driver is more stable and complete. But it is still not recommended for production systems. - DRV_STABLE: the driver is suitable for production systems, but not 100 % feature complete. - DRV_COMPLETE: this is the gold level! It implies that 100 % of the protocol is implemented, and a full QA pass. * subdrv_info: array of upsdrv_info_t for sub driver(s) information. This is used for example by usbhid-ups and megatec. These information are currently used for the startup banner printing and tests. Essential functions =================== upsdrv_initups -------------- Open the port (device_path) and do any low-level things that it may need to start using that port. If you have to set DTR or RTS on a serial port, do it here. Don't do any sort of hardware detection here, since you may be going into upsdrv_shutdown next. upsdrv_initinfo --------------- Try to detect what kind of UPS is out there, if any, assuming that's possible for your hardware. If there is a way to detect that hardware and it doesn't appear to be connected, display an error and exit. This is the last time your driver is allowed to bail out. This is usually a good place to create variables like ups.mfr, ups.model, ups.serial, and other "one time only" items. upsdrv_updateinfo ----------------- Poll the hardware, and update any variables that you care about monitoring. Use dstate_setinfo() to store the new values. Do at most one pass of the variables. You MUST return from this function or upsd will be unable to read data from your driver. main will call this function at regular intervals. Don't spent more than a couple of seconds in this function. Typically five (5) seconds is the maximum time allowed before you risk that the server declares the driver stale. If your UPS hardware requires a timeout period of several seconds before it answers, consider returning from this function after sending a command immediately and read the answer the next time it is called. You must never abort from upsdrv_updateinfo(), even when the UPS doesn't seem to be attached anymore. If the connection with the UPS is lost, the driver should retry to re-establish communication for as long as it is running. Calling exit() or any of the fatal*() functions is specifically not allowed anymore. upsdrv_shutdown --------------- Do whatever you can to make the UPS power off the load but also return after the power comes back on. You may use a different command that keeps the UPS off if the user has requested that with a configuration setting. You should attempt the UPS shutdown command even if the UPS detection fails. If the UPS does not shut down the load, then the user is vulnerable to a race if the power comes back on during the shutdown process. Data types ========== To be of any use, you must supply data in ups.status. That is the minimum needed to let upsmon do its job. Whenever possible, you should also provide anything else that can be monitored by the driver. Some obvious things are the manufacturer name and model name, voltage data, and so on. If you can't figure out some value automatically, use the ups.conf options to let the user tell you. This can be useful when a driver needs to support many similar hardware models but can't probe to see what is actually attached. Manipulating the data ===================== All status data lives in structures that are managed by the dstate functions. All access and modifications must happen through those functions. Any other changes are forbidden, as they will not pushed out as updates to things like upsd. Adding variables ---------------- dstate_setinfo("ups.model", "Mega-Zapper 1500"); Many of these functions take format strings, so you can build the new values right there: dstate_setinfo("ups.model", "Mega-Zapper %d", rating); Setting flags ------------- Some variables have special properties. They can be writable, and some are strings. The ST_FLAG_* values can be used to tell upsd more about what it can do. dstate_setflags("input.transfer.high", ST_FLAG_RW); Status data =========== UPS status flags like on line (OL) and on battery (OB) live in ups.status. Don't manipulate this by hand. There are functions which will do this for you. status_init() - before doing anything else status_set(val) - add a status word (OB, OL, etc) status_commit() - push out the update Possible values for status_set: OL - On line (mains is present) OB - On battery (mains is not present) LB - Low battery RB - The battery needs to be replaced CHRG - The battery is charging DISCHRG - The battery is discharging (inverter is providing load power) BYPASS - UPS bypass circuit is active - no battery protection is available CAL - UPS is currently performing runtime calibration (on battery) OFF - UPS is offline and is not supplying power to the load OVER - UPS is overloaded TRIM - UPS is trimming incoming voltage (called "buck" in some hardware) BOOST - UPS is boosting incoming voltage Anything else will not be recognized by the usual clients. Coordinate with me before creating something new, since there will be duplication and ugliness otherwise. Note: upsd injects "FSD" by itself following that command by a master upsmon process. Drivers must not set that value. Note: the OL and OB flags are an indication of the input line status only. UPS alarms ========== These work like ups.status, and have three special functions which you must use to manage them. alarm_init() - before doing anything else alarm_set() - add an alarm word alarm_commit() - push the value into ups.alarm Note: the ALARM flag in ups.status is automatically set whenever you use alarm_set. To remove that flag from ups.status, call alarm_init and alarm_commit without calling alarm_set in the middle. You should never try to set or unset the ALARM flag manually. If you use UPS alarms, the call to status_commit() should be after alarm_commit(), otherwise there will be a delay in setting the ALARM flag in ups.status. There is no official list of alarm words as of this writing, so don't use these functions until you check with the upsdev list. Staleness control ================= If you're not talking to a polled UPS, then you must ensure that it is still out there and is alive before calling dstate_dataok(). Even if nothing is changing, you should still "ping" it or do something else to ensure that it is really available. If the attempts to contact the UPS fail, you must call dstate_datastale() to inform the server and clients. - dstate_dataok() You must call this if polls are succeeding. A good place to call this is the bottom of upsdrv_updateinfo(). - dstate_datastale() You must call this if your status is unusable. A good technique is to call this before exiting prematurely from upsdrv_updateinfo(). Don't hide calls to these functions deep inside helper functions. It is very hard to find the origin of staleness warnings, if you call these from various places in your code. Basically, don't call them from any other function than from within upsdrv_updateinfo(). There is no need to call either of these regularly as was stated in previous versions of this document (that requirement has long gone). Serial port handling ==================== Drivers which use serial port functions should include serial.h and use these functions whenever possible: - int ser_open(const char *port) This opens the port and locks it if possible, using one of fcntl, lockf, or uu_lock depending on what may be available. If something fails, it calls fatal for you. If it succeeds, it always returns the fd that was opened. - int ser_set_speed(int fd, const char *port, speed_t speed) This sets the speed of the port and also does some basic configuring with tcgetattr and tcsetattr. If you have a special serial configuration (other than 8N1), then this may not be what you want. The port name is provided again here so failures in tcgetattr() provide a useful error message. This is the only place that will generate a message if someone passes a non-serial port /dev entry to your driver, so it needs the extra detail. - int ser_set_dtr(int fd, int state) - int ser_set_rts(int fd, int state) These functions can be used to set the modem control lines to provide cable power on the RS232 interface. Use state = 0 to set the line to 0 and any other value to set it to 1. - int set_get_dsr(int fd) - int ser_get_cts(int fd) - int set_get_dcd(int fd) These functions read the state of the modem control lines. They will return 0 if the line is logic 0 and a non-zero value if the line is logic 1. - int ser_close(int fd, const char *port) This function unlocks the port if possible and closes the fd. You should call this in your upsdrv_cleanup handler. - int ser_send_char(int fd, char ch) This attempts to write one character and returns the return value from write. You could call write directly, but using this function allows for future error handling in one place. - int ser_send_pace(int fd, unsigned long d_usec, const char *fmt, ...) If you need to send a formatted buffer with an intercharacter delay, use this function. There are a number of UPS controllers which can't take commands at the full speed that would normally be possible at a given bit rate. Adding a small delay usually turns a flaky UPS into a solid one. The return value is the number of characters that was sent to the port, or -1 if something failed. - int ser_send(int fd, const char *fmt, ...) Like ser_send_pace, but without a delay. Only use this if you're sure that your UPS can handle characters at the full line rate. - int ser_send_buf(int fd, const char *buf, size_t buflen) This sends a raw buffer to the fd. It is typically used for binary transmissions. It returns the results of the call to write. - int ser_send_buf_pace(int fd, unsigned long d_usec, const char *buf, size_t buflen) This is just ser_send_buf with an intercharacter delay. - int ser_get_char(int fd, char *ch, long d_sec, long d_usec) This will wait up to d_sec seconds + d_usec microseconds for one character to arrive, storing it at ch. It returns 1 on success, -1 if something fails and 0 on a timeout. Note: the delay value must not be too large, or your driver will not get back to the usual idle loop in main in time to answer the PINGs from upsd. That will cause an oscillation between staleness and normal behavior. - int ser_get_buf(int fd, char *buf, size_t buflen, long d_sec, long d_usec) Like ser_get_char, but this one reads up to buflen bytes storing all of them in buf. The buffer is zeroed regardless of success or failure. It returns the number of bytes read, -1 on failure and 0 on a timeout. This is essentially a single read() function with a timeout. - int ser_get_buf_len(int fd, char *buf, size_t buflen, long d_sec, long d_usec) Like ser_get_buf, but this one waits for buflen bytes to arrive, storing all of them in buf. The buffer is zeroed regardless of success or failure. It returns the number of bytes read, -1 on failure and 0 on a timeout. This should only be used for binary reads. See ser_get_line for protocols that are terminated by characters like CR or LF. - int ser_get_line(int fd, char *buf, size_t buflen, char endchar, const char *ignset, long d_sec, long d_usec) This is the reading function you should use if your UPS tends to send responses like "OK\r" or "1234\n". It reads up to buflen bytes and stores them in buf, but it will return immediately if it encounters endchar. The endchar will not be stored in the buffer. It will also return if it manages to collect a full buffer before reaching the endchar. It returns the number of bytes stored in the buffer, -1 on failure and 0 on a timeout. If the character matches the ignset with strchr(), it will not be added to the buffer. If you don't need to ignore any characters, just pass it an empty string - "". The buffer is always cleared and is always null-terminated. It does this by reading at most (buflen - 1) bytes. Note: any other data which is read after the endchar in the serial buffer will be lost forever. As a result, you should not use this unless your UPS uses a polled protocol. Let's say your endchar is \n and your UPS sends "OK\n1234\nabcd\n". This function will read() all of that, find the first \n, and stop there. Your driver will get "OK", and the rest is gone forever. This also means that you should not "pipeline" commands to the UPS. Send a query, then read the response, then send the next query. - int ser_get_line_alert(int fd, char *buf, size_t buflen, char endchar, const char *ignset, const char *alertset, void handler(char ch), long d_sec, long d_usec) This is just like ser_get_line, but it allows you to specify a set of alert characters which may be received at any time. They are not added to the buffer, and this function will call your handler function, passing the character as an argument. Implementation note: this function actually does all of the work, and ser_get_line is just a wrapper that sets an empty alertset and a NULL handler. - int ser_flush_in(int fd, const char *ignset, int verbose) This function will drain the input buffer. If verbose is set to a positive number, then it will announce the characters which have been read in the syslog. You should not set verbose unless debugging is enabled, since it could be very noisy. This function returns the number of characters which were read, so you can check for extra bytes by looking for a nonzero return value. Zero will also be returned if the read fails for some reason. - int set_flush_io(int fd) This function drains both the in- and output buffers. Return zero on success. - void ser_comm_fail(const char *fmt, ...) Call this whenever your serial communications fail for some reason. It takes a format string, so you can use variables and other things to clarify the error. This function does built-in rate-limiting so you can't spam the syslog. By default, it will write 10 messages, then it will stop and only write 1 in 100. This allows the driver to keep calling this function while the problem persists without filling the logs too quickly. In the old days, drivers would report a failure once, and then would be silent until things were fixed again. Users had to figure out what was happening by finding that single error message, or by looking at the repeated complaints from upsd or the clients. If your UPS frequently fails to acknowledge polls and this is a known situation, you should make a couple of attempts before calling this function. Note: this does not call dstate_datastale. You still need to do that. - void ser_comm_good(void) This will clear the error counter and write a "re-established" message to the syslog after communications have been lost. Your driver should call this whenever it has successfully contacted the UPS. A good place for most drivers is where it calls dstate_dataok. USB port handling ================= Drivers which use USB functions should include usb-common.h and use these: * structure and macro: You should us the usb_device_id structure, and the USB_DEVICE macro to declare the supported devices. This allows the automatic extraction of USB information, to generate the HAL, Hotplug and udev support files. For example: /* SomeVendor name */ #define SOMEVENDOR_VENDORID 0xXXXX /* USB IDs device table */ static usb_device_id sv_usb_device_table [] = { /* some models 1 */ { USB_DEVICE(SOMEVENDOR_VENDORID, 0xYYYY), NULL }, /* various models */ { USB_DEVICE(SOMEVENDOR_VENDORID, 0xZZZZ), NULL }, { USB_DEVICE(SOMEVENDOR_VENDORID, 0xAAAA), NULL }, /* Terminating entry */ { -1, -1, NULL } }; * function: - is_usb_device_supported(usb_device_id **usb_device_id_list, int dev_VendorID, int dev_ProductID) Call this in your device opening / matching function. Pass your usb_device_id structure, and a set of VendorID / DeviceID. This function returns one of the following value: NOT_SUPPORTED (0), POSSIBLY_SUPPORTED (1) or SUPPORTED (2) POSSIBLY_SUPPORTED is returned when the VendorID is matched, but the DeviceID is unknown. For implementation examples, refer to the various USB drivers, and search for the above patterns. This set of USB helpers is due to expand is the near future... Variable names ============== PLEASE don't make up new variables and commands just because you can. The new dstate functions give us the power to create just about anything, but that is a privilege and not a right. Imagine the mess that would happen if every developer decided on their own way to represent a common status element. Check new-names.txt first to find the closest fit. If nothing matches, contact the upsdev list or mail me directly, and we'll figure it out. Patches which introduce unlisted names may be modified or dropped. Message passing support ======================= See commands.txt. Enumerated types ================ If you have a variable that can have several specific values, it is enumerated. You should add each one to make it available to the client: dstate_addenum("input.transfer.low", "92"); dstate_addenum("input.transfer.low", "95"); dstate_addenum("input.transfer.low", "99"); dstate_addenum("input.transfer.low", "105"); Writable strings ================ Strings that may be changed by the client should have the ST_FLAG_STRING flag set, and a maximum length byte set in the auxdata. dstate_setinfo("ups.id", "Big UPS"); dstate_setflags("ups.id", ST_FLAG_STRING | ST_FLAG_RW); dstate_setaux("ups.id", 8); If the variable is not writable, don't bother with the flags or the auxiliary data. It won't be used. Instant commands ================ If your hardware and driver can support a command, register it. dstate_addcmd("load.on"); Delays and ser_* functions ========================== The new ser_* functions may perform reads faster than the UPS is able to respond in some cases. This means that your driver will call select() and read() numerous times if your UPS responds in bursts. This also depends on how fast your system is. You should check your driver with strace or its equivalent on your system. If the driver is calling read() multiple times, consider adding a call to usleep before going into the ser_read_* call. That will give it a chance to accumulate so you get the whole thing with one call to read without looping back for more. This is not a request to save CPU time, even though it may do that. The important part here is making the strace/ktrace output easier to read. write(4, "Q1\r", 3) = 3 nanosleep({0, 300000000}, NULL) = 0 select(5, [4], NULL, NULL, {3, 0}) = 1 (in [4], left {3, 0}) read(4, "(120.0 084.0 120.0 0 60.0 22.6"..., 64) = 47 Without that delay, that turns into a mess of selects and reads. The select returns almost instantly, and read gets a tiny chunk of the data. Add the delay and you get a nice four-line status poll. Canonical input mode processing =============================== If your UPS uses '\n' and/or '\r' as endchar, consider the use of Canonical Input Mode Processing instead of the ser_get_line* functions. Using a serial port in this mode means that select() will wait until a full line is received (or times out). This relieves you from waiting between sending a command and reading the reply. Another benefit is, that you no longer have to worry about the case that your UPS sends "OK\n1234\nabcd\n". This will be broken up cleanly in "OK\n", "1234\n" and "abcd\n" on consecutive reads, without risk of losing data (which is an often forgotten side effect of the ser_get_line* functions). Currently an example how this works can be found in the safenet and upscode2 drivers. The first uses a single '\r' as endchar, while the latter accepts either '\n', "\n\r" or "\r\n" as line termination. You can define other termination characters as well, but can't undefine '\r' and '\n' (so if you need these as data, this is not for you).