diff options
author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2019-10-28 11:18:29 +0300 |
---|---|---|
committer | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2019-10-28 11:24:44 +0300 |
commit | d9c17f8494700cb3ae079181d417e3e123d215f8 (patch) | |
tree | 865291231ed3278242c40948a5fadd74e35cf185 | |
parent | e652d91e36ca1a48215ca22cb8fde6dbf2db5400 (diff) | |
download | provingground-d9c17f8494700cb3ae079181d417e3e123d215f8.tar.xz |
prov-mode-mgr: Log events for restriction mode
Support added to log events for restriction mode change (system
interface), which can be viewed using Redfish event log entries.
This log will indicate the status of the system interface command
execution allowed state after BIOS POST.
Tested:
Tested the same with up-stream message entry review
https://gerrit.openbmc-project.xyz/#/c/openbmc/bmcweb/+/26601/
1. Redfish validator - passed for this new addition
2. Log will be as below
{
"@data.context": "/redfish/v1/$metadata#LogEntry.LogEntry",
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/184",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "1970-01-01T00:03:04+00:00",
"EntryType": "Event",
"Id": "184",
"Message": "System interface in unprovisioned state.",
"MessageArgs": [],
"MessageId": "OpenBMC.0.1.SystemInterfaceUnprovisioned",
"Name": "System Event Log Entry",
"Severity": "Critical"
},
{
"@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry",
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/198",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "1970-01-01T00:03:18+00:00",
"EntryType": "Event",
"Id": "198",
"Message": "System interface in whitelist provisioned state.",
"MessageArgs": [],
"MessageId": "OpenBMC.0.1.SystemInterfaceWhitelistProvisioned",
"Name": "System Event Log Entry",
"Severity": "Warning"
},
{
"@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry",
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/204",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "1970-01-01T00:03:24+00:00",
"EntryType": "Event",
"Id": "204",
"Message": "System interface in disabled provisioned state.",
"MessageArgs": [],
"MessageId": "OpenBMC.0.1.SystemInterfaceDisabledProvisioned",
"Name": "System Event Log Entry",
"Severity": "OK"
}
Change-Id: Ief9547d37bff07704caebf76e87fe8dba05e2db6
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
-rw-r--r-- | prov-mode-mgr/include/prov-mode-mgr.hpp | 2 | ||||
-rw-r--r-- | prov-mode-mgr/src/prov-mode-mgr.cpp | 30 |
2 files changed, 32 insertions, 0 deletions
diff --git a/prov-mode-mgr/include/prov-mode-mgr.hpp b/prov-mode-mgr/include/prov-mode-mgr.hpp index 6ca7424..9824a07 100644 --- a/prov-mode-mgr/include/prov-mode-mgr.hpp +++ b/prov-mode-mgr/include/prov-mode-mgr.hpp @@ -55,6 +55,8 @@ class ProvModeMgr void updateProvModeProperty( sdbusplus::xyz::openbmc_project::Control::Security::server:: RestrictionMode::Modes mode); + void logEvent(sdbusplus::xyz::openbmc_project::Control::Security::server:: + RestrictionMode::Modes mode); public: ProvModeMgr(boost::asio::io_service& io, diff --git a/prov-mode-mgr/src/prov-mode-mgr.cpp b/prov-mode-mgr/src/prov-mode-mgr.cpp index 33d084a..a7ca4e3 100644 --- a/prov-mode-mgr/src/prov-mode-mgr.cpp +++ b/prov-mode-mgr/src/prov-mode-mgr.cpp @@ -74,11 +74,40 @@ void ProvModeMgr::updateProvModeProperty( std::to_string(static_cast<uint8_t>(mode))); } +void ProvModeMgr::logEvent(sdbusplus::xyz::openbmc_project::Control::Security:: + server::RestrictionMode::Modes mode) +{ + namespace secCtrl = + sdbusplus::xyz::openbmc_project::Control::Security::server; + + if (mode == secCtrl::RestrictionMode::Modes::Provisioning) + { + sd_journal_send("MESSAGE=%s", "RestrictionMode - Provisioning state", + "PRIORITY=%i", LOG_INFO, "REDFISH_MESSAGE_ID=%s", + "OpenBMC.0.1.SystemInterfaceUnprovisioned", NULL); + } + else if (mode == secCtrl::RestrictionMode::Modes::ProvisionedHostWhitelist) + { + sd_journal_send("MESSAGE=%s", "RestrictionMode - Whitelist state", + "PRIORITY=%i", LOG_INFO, "REDFISH_MESSAGE_ID=%s", + "OpenBMC.0.1.SystemInterfaceWhitelistProvisioned", + NULL); + } + else if (mode == secCtrl::RestrictionMode::Modes::ProvisionedHostDisabled) + { + sd_journal_send("MESSAGE=%s", "RestrictionMode - Disabled state", + "PRIORITY=%i", LOG_INFO, "REDFISH_MESSAGE_ID=%s", + "OpenBMC.0.1.SystemInterfaceDisabledProvisioned", NULL); + } + // Other modes N/A for now, ignore the same. +} + void ProvModeMgr::init() { namespace secCtrl = sdbusplus::xyz::openbmc_project::Control::Security::server; iface = server.add_interface(provModePath, provModeIntf); + logEvent(provMode); iface->register_property( "RestrictionMode", sdbusplus::xyz::openbmc_project::Control::Security::server:: @@ -92,6 +121,7 @@ void ProvModeMgr::init() secCtrl::RestrictionMode::Modes mode = secCtrl::RestrictionMode::convertModesFromString(req); provMode = mode; + logEvent(mode); updateProvModeProperty(mode); return 1; } |