diff options
author | Jason M. Bills <jason.m.bills@linux.intel.com> | 2020-02-28 02:57:13 +0300 |
---|---|---|
committer | Jason M. Bills <jason.m.bills@linux.intel.com> | 2020-03-02 22:06:57 +0300 |
commit | 6c1caca70063aa707ba809a6b4695d0f0c5646f1 (patch) | |
tree | 84da2f29a60cb571686d3a4fb93f9d1f1189d989 /meta-openbmc-mods/meta-common/recipes-phosphor/ipmi | |
parent | 9600a7403ba2848c8751280077503a3e0f2f3481 (diff) | |
download | openbmc-6c1caca70063aa707ba809a6b4695d0f0c5646f1.tar.xz |
Update to internal 2020-02-27
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-phosphor/ipmi')
15 files changed, 97 insertions, 1606 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/ipmitool_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/ipmitool_%.bbappend new file mode 100644 index 000000000..84e250b66 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/ipmitool_%.bbappend @@ -0,0 +1,6 @@ + +# Disable the shell to remove the usage of readline lib +# to fix the license conflict issue. More information: +# https://lists.ozlabs.org/pipermail/openbmc/2019-November/019678.html + +EXTRA_OECONF_append = " --disable-ipmishell" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0001-Modify-Get-Lan-Configuration-IP-Address-Source-to-us.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0001-Modify-Get-Lan-Configuration-IP-Address-Source-to-us.patch index 1e4d3b0a9..7e3f92dbc 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0001-Modify-Get-Lan-Configuration-IP-Address-Source-to-us.patch +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0001-Modify-Get-Lan-Configuration-IP-Address-Source-to-us.patch @@ -1,4 +1,4 @@ -From 3db78afe49a662ce7e90f3f5ce40d625a54d576b Mon Sep 17 00:00:00 2001 +From 8e9fba263179ccc87be7212c7dbd87cd7a37ac30 Mon Sep 17 00:00:00 2001 From: Johnathan Mantey <johnathanx.mantey@intel.com> Date: Thu, 14 Nov 2019 11:24:19 -0800 Subject: [PATCH] Modify Get Lan Configuration IP Address Source to use correct @@ -27,24 +27,24 @@ ipmitool raw 0xc 2 3 4 0 0 # returns correct state Change-Id: Ia66f7fcf3d5ad0a383b06658b18e8ce2b282e052 Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com> --- - transporthandler.cpp | 88 ++++++++++++++++++++++++++++++++++++-------- - 1 file changed, 73 insertions(+), 15 deletions(-) + transporthandler.cpp | 97 ++++++++++++++++++++++++++++++++++++-------- + 1 file changed, 79 insertions(+), 18 deletions(-) diff --git a/transporthandler.cpp b/transporthandler.cpp -index 09df184..8dc5677 100644 +index 16ce2b2..ccc2a97 100644 --- a/transporthandler.cpp +++ b/transporthandler.cpp @@ -109,6 +109,18 @@ constexpr auto INTF_NEIGHBOR_CREATE_STATIC = constexpr auto INTF_VLAN = "xyz.openbmc_project.Network.VLAN"; constexpr auto INTF_VLAN_CREATE = "xyz.openbmc_project.Network.VLAN.Create"; -+static const char* dhcpv4v6 = ++static constexpr auto dhcpv4v6 = + "xyz.openbmc_project.Network.EthernetInterface.DHCPConf.both"; -+static const char* dhcpv6 = ++static constexpr auto dhcpv6 = + "xyz.openbmc_project.Network.EthernetInterface.DHCPConf.v6"; -+static const char* dhcpv4 = ++static constexpr auto dhcpv4 = + "xyz.openbmc_project.Network.EthernetInterface.DHCPConf.v4"; -+static const char* dhcpoff = ++static constexpr auto dhcpoff = + "xyz.openbmc_project.Network.EthernetInterface.DHCPConf.none"; + +static std::array<const char*, 4> dhcpEnumerations = {dhcpv4v6, dhcpv4, dhcpv6, @@ -134,7 +134,17 @@ index 09df184..8dc5677 100644 } /** @brief Creates a new VLAN on the specified interface -@@ -1395,7 +1445,11 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, +@@ -1401,7 +1451,8 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, + } + case LanParam::IP: + { +- if (channelCall<getDHCPProperty>(channel)) ++ std::string dhcpSetting = channelCall<getDHCPProperty>(channel); ++ if ((dhcpSetting == dhcpv4) || (dhcpSetting == dhcpv4v6)) + { + return responseCommandNotAvailable(); + } +@@ -1431,7 +1482,11 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, { case IPSrc::DHCP: { @@ -147,7 +157,7 @@ index 09df184..8dc5677 100644 return responseSuccess(); } case IPSrc::Unspecified: -@@ -1403,7 +1457,7 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, +@@ -1439,7 +1494,7 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, case IPSrc::BIOS: case IPSrc::BMC: { @@ -156,27 +166,47 @@ index 09df184..8dc5677 100644 return responseSuccess(); } } -@@ -1540,7 +1594,8 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, +@@ -1464,7 +1519,8 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, + } + case LanParam::SubnetMask: + { +- if (channelCall<getDHCPProperty>(channel)) ++ std::string dhcpSetting = channelCall<getDHCPProperty>(channel); ++ if ((dhcpSetting == dhcpv4) || (dhcpSetting == dhcpv4v6)) + { + return responseCommandNotAvailable(); + } +@@ -1481,7 +1537,8 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, + } + case LanParam::Gateway1: + { +- if (channelCall<getDHCPProperty>(channel)) ++ std::string dhcpSetting = channelCall<getDHCPProperty>(channel); ++ if ((dhcpSetting == dhcpv4) || (dhcpSetting == dhcpv4v6)) + { + return responseCommandNotAvailable(); + } +@@ -1606,7 +1663,8 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, return responseReqDataLenInvalid(); } std::bitset<8> expected; - if (channelCall<getDHCPProperty>(channel)) + std::string dhcp = channelCall<getDHCPProperty>(channel); -+ if ((dhcp == dhcpv4v6) | (dhcp == dhcpv6)) ++ if ((dhcp == dhcpv4v6) || (dhcp == dhcpv6)) { expected[IPv6RouterControlFlag::Dynamic] = 1; } -@@ -1690,7 +1745,8 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly, +@@ -1756,7 +1814,8 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly, case LanParam::IPSrc: { auto src = IPSrc::Static; - if (channelCall<getDHCPProperty>(channel)) -+ std::string dhcpSetting = channelCall<getDHCPProperty>(channel); -+ if ((dhcpSetting == dhcpv4) || (dhcpSetting == dhcpv4v6)) ++ std::string dhcp = channelCall<getDHCPProperty>(channel); ++ if ((dhcp == dhcpv4) || (dhcp == dhcpv4v6)) { src = IPSrc::DHCP; } -@@ -1811,7 +1867,8 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly, +@@ -1877,7 +1936,8 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly, case LanParam::IPv6RouterControl: { std::bitset<8> control; @@ -186,7 +216,7 @@ index 09df184..8dc5677 100644 { control[IPv6RouterControlFlag::Dynamic] = 1; } -@@ -1825,7 +1882,8 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly, +@@ -1891,7 +1951,8 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly, case LanParam::IPv6StaticRouter1IP: { in6_addr gateway{}; @@ -197,5 +227,5 @@ index 09df184..8dc5677 100644 gateway = channelCall<getGatewayProperty<AF_INET6>>(channel).value_or( -- -2.21.0 +2.24.1 diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0002-Fixed-issue-in-setLan-command-for-IP-source.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0002-Fixed-issue-in-setLan-command-for-IP-source.patch deleted file mode 100644 index 6f080a4f4..000000000 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0002-Fixed-issue-in-setLan-command-for-IP-source.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 12ebdc2d53a18d286e34abf0f1553ca423ca6ca5 Mon Sep 17 00:00:00 2001 -From: Rajashekar Gade Reddy <raja.sekhar.reddy.gade@linux.intel.com> -Date: Wed, 18 Dec 2019 12:01:36 +0530 -Subject: [PATCH] Fixed issue in setLan command for IP source. - -Issue: returns success completion code for multiple requests which -is not correct as per IPMI spec. - -Fix: Added proper conditional checks - -Tested: -//IP Address Source: 0x0 (unspecified) -ipmitool -I lanplus -U root -P 0penBmc -H <ip_addr> raw 0x0c 0x01 0x03 0x04 0x0 -0xCC// Invalid data field in request - -//IP Address Source: 0x1 (static address) -ipmitool -I lanplus -U root -P 0penBmc -H <ip_addr> raw 0x0c 0x01 0x03 0x04 0x1 -0x00 //Success - -//IP Address Source: 0x2 (address obtained by BMC running DHCP) -ipmitool -I lanplus -U root -P 0penBmc -H <ip_addr> raw 0x0c 0x01 0x03 0x04 0x2 -0x00 //Success - -//IP Address Source: 0x3 (address loaded by the BIOS or system software) -ipmitool -I lanplus -U root -P 0penBmc -H <ip_addr> raw 0x0c 0x01 0x03 0x04 0x3 -0xCC// Invalid data field in request - -//IP Address Source: 0x4 (address obtained by BMC running other address assignment protocol) -ipmitool -I lanplus -U root -P 0penBmc -H <ip_addr> raw 0x0c 0x01 0x03 0x04 0x4 -0xCC// Invalid data field in request - -ipmitool -I lanplus -U root -P 0penBmc -H <ip_addr> raw 0x0c 0x01 0x03 0x04 0x5 -0x80 // param not supported - -Signed-off-by: Rajashekar Gade Reddy <raja.sekhar.reddy.gade@linux.intel.com> - -%% original patch: 0002-Fixed-issue-in-setLan-command-for-IP-source.patch ---- - transporthandler.cpp | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/transporthandler.cpp b/transporthandler.cpp -index 7407396..2df3e45 100644 ---- a/transporthandler.cpp -+++ b/transporthandler.cpp -@@ -1453,9 +1453,12 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, - return responseSuccess(); - } - case IPSrc::Unspecified: -- case IPSrc::Static: - case IPSrc::BIOS: - case IPSrc::BMC: -+ { -+ return responseInvalidFieldRequest(); -+ } -+ case IPSrc::Static: - { - channelCall<setDHCPProperty>(channel, dhcpoff); - return responseSuccess(); --- -2.17.1 - diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0003-Fix-for-return-CC-in-setLan-command-cases.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0003-Fix-for-return-CC-in-setLan-command-cases.patch deleted file mode 100644 index bab451f32..000000000 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0003-Fix-for-return-CC-in-setLan-command-cases.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 8b3cb6842746d43c0cab3d32821dc5239768642f Mon Sep 17 00:00:00 2001 -From: "Joshi, Mansi" <mansi.joshi@linux.intel.com> -Date: Wed, 18 Dec 2019 15:10:25 +0530 -Subject: [PATCH] Fix for return CC in setLan command cases - -Issue: When DHCP is enabled, setting ip and setting subnet mask returns -completion code 0xff. Setting default gateway returns 0x00. - -Fix: Returns CC 0xd5 because this parameter is R/W. It is only unable -to be updated because the current state blocks it (i.e. 0xd5). - -Tested: -ipmitool raw 0x0c 0x01 0x03 0x03 0x00 0x00 0x00 0x00 //setting ip -0xd5 //Command, or request parameter, not supported in present state. - -ipmitool raw 0x0c 0x01 0x03 0x06 0xff 0xff 0xf0 0x00 //subnet mask -0xd5 //Command, or request parameter, not supported in present state. - -ipmitool raw 0x0c 0x01 0x03 0x0c 0x0a 0xfe 0xef 0x77 //default gateway -0xd5 //Command, or request parameter, not supported in present state. - -%% original patch: 0065-Fix-for-return-CC-in-setLan-command-cases.patch ---- - transporthandler.cpp | 15 +++++++++++++++ - 1 file changed, 15 insertions(+) - -diff --git a/transporthandler.cpp b/transporthandler.cpp -index 7407396..7b9ff3d 100644 ---- a/transporthandler.cpp -+++ b/transporthandler.cpp -@@ -1423,6 +1423,11 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, - } - case LanParam::IP: - { -+ std::string dhcp = channelCall<getDHCPProperty>(channel); -+ if ((dhcp == dhcpv4) || (dhcp == dhcpv4v6)) -+ { -+ return responseCommandNotAvailable(); -+ } - in_addr ip; - std::array<uint8_t, sizeof(ip)> bytes; - if (req.unpack(bytes) != 0 || !req.fullyUnpacked()) -@@ -1477,6 +1482,11 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, - } - case LanParam::SubnetMask: - { -+ std::string dhcp = channelCall<getDHCPProperty>(channel); -+ if ((dhcp == dhcpv4) || (dhcp == dhcpv4v6)) -+ { -+ return responseCommandNotAvailable(); -+ } - in_addr netmask; - std::array<uint8_t, sizeof(netmask)> bytes; - if (req.unpack(bytes) != 0 || !req.fullyUnpacked()) -@@ -1490,6 +1500,11 @@ RspType<> setLan(uint4_t channelBits, uint4_t, uint8_t parameter, - } - case LanParam::Gateway1: - { -+ std::string dhcp = channelCall<getDHCPProperty>(channel); -+ if ((dhcp == dhcpv4) || (dhcp == dhcpv4v6)) -+ { -+ return responseCommandNotAvailable(); -+ } - in_addr gateway; - std::array<uint8_t, sizeof(gateway)> bytes; - if (req.unpack(bytes) != 0 || !req.fullyUnpacked()) --- -2.7.4 - diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0009-IPv6-Network-changes.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0009-IPv6-Network-changes.patch deleted file mode 100644 index c862a306a..000000000 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0009-IPv6-Network-changes.patch +++ /dev/null @@ -1,877 +0,0 @@ -From c20bc8eb6a08d177d951012eb91b37398b15d81d Mon Sep 17 00:00:00 2001 -From: Vernon Mauery <vernon.mauery@linux.intel.com> -Date: Tue, 27 Nov 2018 11:01:15 -0800 -Subject: [PATCH] IPv6 Network changes - -Allow IPv6 IPMI set/get commands - -Signed-off-by: David Cobbley <david.j.cobbley@linux.intel.com> -Signed-off-by: Yong Li <yong.b.li@linux.intel.com> -Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com> - -Change-Id: If5528d3b7294c5f8c17db5919439235d0fad0446 ---- - include/ipmid/types.hpp | 9 + - include/ipmid/utils.hpp | 1 + - transporthandler.cpp | 654 +++++++++++++++++++++++++++++++++++++++- - transporthandler.hpp | 50 +++ - 4 files changed, 713 insertions(+), 1 deletion(-) - -Index: phosphor-host-ipmid.clean/include/ipmid/types.hpp -=================================================================== ---- phosphor-host-ipmid.clean.orig/include/ipmid/types.hpp -+++ phosphor-host-ipmid.clean/include/ipmid/types.hpp -@@ -224,6 +224,7 @@ constexpr auto ADDR_TYPE_FORMAT = "%hhx" - - constexpr auto IPV4_ADDRESS_SIZE_BYTE = 4; - constexpr auto IPV6_ADDRESS_SIZE_BYTE = 16; -+constexpr auto IPV6_ADDRESS_STATUS_SIZE = 22; - - constexpr auto DEFAULT_MAC_ADDRESS = "00:00:00:00:00:00"; - constexpr auto DEFAULT_ADDRESS = "0.0.0.0"; -@@ -235,6 +236,7 @@ constexpr auto BITS_32 = 32; - constexpr auto MASK_32_BIT = 0xFFFFFFFF; - constexpr auto VLAN_ID_MASK = 0x00000FFF; - constexpr auto VLAN_ENABLE_MASK = 0x8000; -+constexpr auto IPV6_DUID_SIZE = 18; - - enum class IPOrigin : uint8_t - { -@@ -243,5 +245,12 @@ enum class IPOrigin : uint8_t - DHCP = 2, - }; - -+enum class AddressingEnables : uint8_t -+{ -+ IPv4Only = 0, -+ IPv6Only = 1, -+ IPv4AndIPv6 = 2, -+}; -+ - } // namespace network - } // namespace ipmi -Index: phosphor-host-ipmid.clean/include/ipmid/utils.hpp -=================================================================== ---- phosphor-host-ipmid.clean.orig/include/ipmid/utils.hpp -+++ phosphor-host-ipmid.clean/include/ipmid/utils.hpp -@@ -256,6 +256,7 @@ namespace network - constexpr auto ROOT = "/xyz/openbmc_project/network"; - constexpr auto SERVICE = "xyz.openbmc_project.Network"; - constexpr auto IP_TYPE = "ipv4"; -+constexpr auto IPV6_TYPE = "ipv6"; - constexpr auto IPV4_PREFIX = "169.254"; - constexpr auto IPV6_PREFIX = "fe80"; - constexpr auto IP_INTERFACE = "xyz.openbmc_project.Network.IP"; -Index: phosphor-host-ipmid.clean/transporthandler.cpp -=================================================================== ---- phosphor-host-ipmid.clean.orig/transporthandler.cpp -+++ phosphor-host-ipmid.clean/transporthandler.cpp -@@ -29,6 +29,12 @@ std::unique_ptr<phosphor::Timer> network - - const int SIZE_MAC = 18; // xx:xx:xx:xx:xx:xx - constexpr auto ipv4Protocol = "xyz.openbmc_project.Network.IP.Protocol.IPv4"; -+constexpr auto ipv6Protocol = "xyz.openbmc_project.Network.IP.Protocol.IPv6"; -+ -+static const std::array<std::string, 3> ipAddressEnablesType = { -+ "xyz.openbmc_project.Network.EthernetInterface.IPAllowed.IPv4Only", -+ "xyz.openbmc_project.Network.EthernetInterface.IPAllowed.IPv6Only", -+ "xyz.openbmc_project.Network.EthernetInterface.IPAllowed.IPv4AndIPv6"}; - - std::map<int, std::unique_ptr<struct ChannelConfig_t>> channelConfig; - -@@ -445,6 +451,11 @@ ipmi_ret_t ipmi_transport_set_lan(ipmi_n - { - case LanParam::IP: - { -+ if (reqLen != lanParamIPSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ - std::snprintf(ipaddr, INET_ADDRSTRLEN, - ipmi::network::IP_ADDRESS_FORMAT, reqptr->data[0], - reqptr->data[1], reqptr->data[2], reqptr->data[3]); -@@ -455,6 +466,11 @@ ipmi_ret_t ipmi_transport_set_lan(ipmi_n - - case LanParam::IPSRC: - { -+ if (reqLen != lanParamIPSrcSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ - uint8_t ipsrc{}; - std::memcpy(&ipsrc, reqptr->data, ipmi::network::IPSRC_SIZE_BYTE); - channelConf->ipsrc = static_cast<ipmi::network::IPOrigin>(ipsrc); -@@ -463,6 +479,11 @@ ipmi_ret_t ipmi_transport_set_lan(ipmi_n - - case LanParam::MAC: - { -+ if (reqLen != lanParamMACSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ - char mac[SIZE_MAC]; - - std::snprintf(mac, SIZE_MAC, ipmi::network::MAC_ADDRESS_FORMAT, -@@ -483,6 +504,11 @@ ipmi_ret_t ipmi_transport_set_lan(ipmi_n - - case LanParam::SUBNET: - { -+ if (reqLen != lanParamSubnetSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ - std::snprintf(netmask, INET_ADDRSTRLEN, - ipmi::network::IP_ADDRESS_FORMAT, reqptr->data[0], - reqptr->data[1], reqptr->data[2], reqptr->data[3]); -@@ -492,6 +518,11 @@ ipmi_ret_t ipmi_transport_set_lan(ipmi_n - - case LanParam::GATEWAY: - { -+ if (reqLen != lanParamGatewaySize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ - std::snprintf(gateway, INET_ADDRSTRLEN, - ipmi::network::IP_ADDRESS_FORMAT, reqptr->data[0], - reqptr->data[1], reqptr->data[2], reqptr->data[3]); -@@ -522,6 +553,11 @@ ipmi_ret_t ipmi_transport_set_lan(ipmi_n - - case LanParam::INPROGRESS: - { -+ if (reqLen != lanParamInProgressSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ - if (reqptr->data[0] == SET_COMPLETE) - { - channelConf->lan_set_in_progress = SET_COMPLETE; -@@ -540,6 +576,122 @@ ipmi_ret_t ipmi_transport_set_lan(ipmi_n - } - break; - -+ case LanParam::IPV6_AND_IPV4_ENABLES: -+ { -+ if (reqLen != lanParamIPv6AndIPv4EnablesSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ channelConf->ipv6AddressingEnables = reqptr->data[0]; -+ break; -+ } -+ -+ case LanParam::IPV6_STATIC_ADDRESSES: -+ { -+ if (reqLen != lanParamIPv6StaticAddressesSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ channelConf->ipv6AddressSource = -+ reqptr->data[1] & 0x81; // Looking at bit 0 and bit 7 -+ char tmpIPV6[INET6_ADDRSTRLEN]; -+ inet_ntop(AF_INET6, &reqptr->data[2], tmpIPV6, INET6_ADDRSTRLEN); -+ channelConf->ipv6Addr.assign(tmpIPV6); -+ channelConf->ipv6Prefix = reqptr->data[19]; -+ break; -+ } -+ -+ case LanParam::IPV6_ROUTER_ADDRESS_CONF_CTRL: -+ { -+ if (reqLen != lanParamIPv6RouterAddressConfCtrlSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ channelConf->ipv6RouterAddressConfigControl = reqptr->data[0]; -+ break; -+ } -+ -+ case LanParam::IPV6_STATIC_ROUTER_1_IP_ADDR: -+ { -+ if (reqLen != lanParamIPv6StaticRouter1IPAddrSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ char tmpIPV6[INET6_ADDRSTRLEN]; -+ inet_ntop(AF_INET6, reinterpret_cast<const void*>(reqptr->data), -+ tmpIPV6, INET6_ADDRSTRLEN); -+ channelConf->ipv6GatewayAddr.assign(tmpIPV6); -+ break; -+ } -+ -+ case LanParam::IPV6_STATIC_ROUTER_1_PREFIX_LEN: -+ { -+ if (reqLen != lanParamIPv6StaticRouter1PrefixLenSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ channelConf->ipv6GatewayPrefixLength = reqptr->data[0]; -+ break; -+ } -+ -+ case LanParam::IPV6_STATIC_ROUTER_1_PREFIX_VAL: -+ { -+ if (reqLen != lanParamIPv6StaticRouter1PrefixValSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ char tmpIPV6[INET6_ADDRSTRLEN]; -+ inet_ntop(AF_INET6, reinterpret_cast<const void*>(reqptr->data), -+ tmpIPV6, INET6_ADDRSTRLEN); -+ channelConf->ipv6GatewayPrefixValue.assign(tmpIPV6); -+ break; -+ } -+ -+ case LanParam::IPV6_STATIC_ROUTER_2_IP_ADDR: -+ { -+ if (reqLen != lanParamIPv6StaticRouter2IPAddrSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ char tmpIPV6[INET6_ADDRSTRLEN]; -+ inet_ntop(AF_INET6, reinterpret_cast<const void*>(reqptr->data), -+ tmpIPV6, INET6_ADDRSTRLEN); -+ channelConf->ipv6BackupGatewayAddr.assign(tmpIPV6); -+ break; -+ } -+ -+ case LanParam::IPV6_STATIC_ROUTER_2_PREFIX_LEN: -+ { -+ if (reqLen != lanParamIPv6StaticRouter2PrefixLenSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ channelConf->ipv6BackupGatewayPrefixLength = reqptr->data[0]; -+ break; -+ } -+ -+ case LanParam::IPV6_STATIC_ROUTER_2_PREFIX_VAL: -+ { -+ if (reqLen != lanParamIPv6StaticRouter2PrefixValSize) -+ { -+ return IPMI_CC_REQ_DATA_LEN_INVALID; -+ } -+ -+ char tmpIPV6[INET6_ADDRSTRLEN]; -+ inet_ntop(AF_INET6, reinterpret_cast<const void*>(reqptr->data), -+ tmpIPV6, INET6_ADDRSTRLEN); -+ channelConf->ipv6BackupGatewayPrefixValue.assign(tmpIPV6); -+ break; -+ } -+ - default: - { - rc = IPMI_CC_PARM_NOT_SUPPORTED; -@@ -568,6 +720,7 @@ ipmi_ret_t ipmi_transport_get_lan(ipmi_n - ipmi_ret_t rc = IPMI_CC_OK; - *data_len = 0; - const uint8_t current_revision = 0x11; // Current rev per IPMI Spec 2.0 -+ sdbusplus::bus::bus bus{ipmid_get_sd_bus_connection()}; - - get_lan_t* reqptr = (get_lan_t*)request; - // channel number is the lower nibble -@@ -713,6 +866,476 @@ ipmi_ret_t ipmi_transport_get_lan(ipmi_n - static_cast<uint8_t>(cipherList.size()); - break; - } -+ case LanParam::IPV6_AND_IPV4_SUPPORTED: -+ { -+ uint8_t addressSupport = -+ 0x1; // Allow both IPv4 & IPv6 simultaneously -+ std::array<uint8_t, 2> buf = {current_revision, addressSupport}; -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_AND_IPV4_ENABLES: -+ { -+ // If DHCP, check if you have an ipv6 and ipv4 address. If static -+ // return not supported -+ -+ // 00h check if conf DHCP == ipv4 or off -+ // 01h check if conf DHCP == ipv6 -+ // 02h check if DHCP == true -+ -+ auto ethIP = ethdevice + "/" + ipmi::network::IPV6_TYPE; -+ std::string networkInterfacePath; -+ uint8_t ipVAddressEnables = 0; -+ -+ if (channelConf->lan_set_in_progress == SET_COMPLETE) -+ { -+ try -+ { -+ ipmi::ObjectTree ancestorMap; -+ // if the system has an ip object,then -+ // get the IP object. -+ auto ipObject = -+ ipmi::getDbusObject(bus, ipmi::network::IP_INTERFACE, -+ ipmi::network::ROOT, ethIP); -+ // Get the parent interface of the IP object. -+ try -+ { -+ ipmi::InterfaceList interfaces; -+ interfaces.emplace_back( -+ ipmi::network::ETHERNET_INTERFACE); -+ -+ ancestorMap = ipmi::getAllAncestors( -+ bus, ipObject.first, std::move(interfaces)); -+ } -+ catch (InternalFailure& e) -+ { -+ // if unable to get the parent interface -+ // then commit the error and return. -+ log<level::ERR>( -+ "Unable to get the parent interface", -+ entry("PATH=%s", ipObject.first.c_str()), -+ entry("INTERFACE=%s", -+ ipmi::network::ETHERNET_INTERFACE)); -+ return IPMI_CC_UNSPECIFIED_ERROR; -+ } -+ // for an ip object there would be single parent -+ // interface. -+ networkInterfacePath = ancestorMap.begin()->first; -+ } -+ catch (InternalFailure& e) -+ { -+ // if there is no ip configured on the system,then -+ // get the network interface object. -+ auto networkInterfaceObject = ipmi::getDbusObject( -+ bus, ipmi::network::ETHERNET_INTERFACE, -+ ipmi::network::ROOT, ethdevice); -+ -+ networkInterfacePath = networkInterfaceObject.first; -+ } -+ -+ ipmi::Value ipEnablesProp = ipmi::getDbusProperty( -+ bus, ipmi::network::SERVICE, networkInterfacePath, -+ ipmi::network::ETHERNET_INTERFACE, "IPAddressEnables"); -+ std::string ipEnables = std::get<std::string>(ipEnablesProp); -+ -+ // check if on off ipv4 ipv6, etc. -+ bool found = false; -+ for (uint8_t ii = 0; ii < ipAddressEnablesType.size(); ii++) -+ { -+ if (ipEnables == ipAddressEnablesType[ii]) -+ { -+ ipVAddressEnables = ii; -+ found = true; -+ break; -+ } -+ } -+ if (!found) -+ { -+ return IPMI_CC_PARM_NOT_SUPPORTED; -+ } -+ } -+ else -+ { -+ ipVAddressEnables = channelConf->ipv6AddressingEnables; -+ } -+ -+ std::array<uint8_t, 2> buf = {current_revision, ipVAddressEnables}; -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_STATUS: -+ { -+ // Number of IPV6 addresses that are supported -+ constexpr std::array<uint8_t, 3> statusData = {1, 1, 3}; -+ -+ std::array<uint8_t, 4> buf = {current_revision, statusData[0], -+ statusData[1], statusData[2]}; -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_STATIC_ADDRESSES: -+ { -+ // Only return set selector 0 -+ uint8_t ipv6SetSelector = 0; -+ std::string ipaddress; -+ auto ethIP = ethdevice + "/" + ipmi::network::IPV6_TYPE; -+ uint8_t ipv6AddressSource = 0; -+ uint8_t prefixLength = 0; -+ uint8_t status = 0; -+ if (channelConf->lan_set_in_progress == SET_COMPLETE) -+ { -+ try -+ { -+ auto ipObjectInfo = -+ ipmi::getIPObject(bus, ipmi::network::IP_INTERFACE, -+ ipmi::network::ROOT, ethIP); -+ -+ auto properties = ipmi::getAllDbusProperties( -+ bus, ipObjectInfo.second, ipObjectInfo.first, -+ ipmi::network::IP_INTERFACE); -+ -+ if (std::get<std::string>(properties["Origin"]) == -+ "xyz.openbmc_project.Network.IP.AddressOrigin.Static") -+ { -+ ipaddress = -+ std::get<std::string>(properties["Address"]); -+ ipv6AddressSource = 0x81; // Looking at bit 0 and bit 7 -+ prefixLength = -+ std::get<uint8_t>(properties["PrefixLength"]); -+ status = 0; -+ } -+ } -+ // ignore the exception, as it is a valid condition that -+ // the system is not configured with any IP. -+ catch (InternalFailure& e) -+ { -+ // nothing to do. -+ } -+ } -+ else if (channelConf->lan_set_in_progress == SET_IN_PROGRESS) -+ { -+ ipv6AddressSource = channelConf->ipv6AddressSource; -+ ipaddress = channelConf->ipv6Addr.c_str(); -+ prefixLength = channelConf->ipv6Prefix; -+ status = 1; -+ } -+ -+ std::array<uint8_t, ipmi::network::IPV6_ADDRESS_STATUS_SIZE> buf = { -+ current_revision, ipv6SetSelector, ipv6AddressSource}; -+ inet_pton(AF_INET6, ipaddress.c_str(), -+ reinterpret_cast<void*>(&buf[3])); -+ buf[20] = prefixLength; -+ buf[21] = status; -+ -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_DHCPV6_STATIC_DUID_STORAGE_LENGTH: -+ { -+ // DHCP unique identified -+ // Only 1 read-only 16-byte Block needed -+ uint8_t duidLength = 1; -+ std::array<uint8_t, 2> buf = {current_revision, duidLength}; -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_DHCPV6_STATIC_DUIDS: -+ { -+ std::string macAddress; -+ if (channelConf->lan_set_in_progress == SET_COMPLETE) -+ { -+ auto macObjectInfo = -+ ipmi::getDbusObject(bus, ipmi::network::MAC_INTERFACE, -+ ipmi::network::ROOT, ethdevice); -+ -+ auto variant = ipmi::getDbusProperty( -+ bus, macObjectInfo.second, macObjectInfo.first, -+ ipmi::network::MAC_INTERFACE, "MACAddress"); -+ -+ macAddress = std::get<std::string>(variant); -+ } -+ else if (channelConf->lan_set_in_progress == SET_IN_PROGRESS) -+ { -+ macAddress = channelConf->macAddress; -+ } -+ -+ std::array<uint8_t, -+ ipmi::network::IPV6_DUID_SIZE + sizeof(current_revision)> -+ buf; -+ buf = {current_revision, -+ reqptr->parameter_set, -+ reqptr->parameter_block, -+ DUID_LEN, -+ 0, // Filler byte -+ DUID_LL_TYPE, -+ 0, // Filler byte -+ DUIC_ETH_HW_TYPE}; -+ sscanf(macAddress.c_str(), ipmi::network::MAC_ADDRESS_FORMAT, -+ (&buf[8]), (&buf[9]), (&buf[10]), (&buf[11]), (&buf[12]), -+ (&buf[13])); -+ -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_DYNAMIC_ADDRESSES: -+ { -+ std::string ipaddress; -+ uint8_t ipv6AddressSource = 0; -+ uint8_t prefixLength = 0; -+ uint8_t status = 0; -+ auto ethIP = ethdevice + "/" + ipmi::network::IPV6_TYPE; -+ -+ if (channelConf->lan_set_in_progress == SET_COMPLETE) -+ { -+ try -+ { -+ auto ipObjectInfo = -+ ipmi::getIPObject(bus, ipmi::network::IP_INTERFACE, -+ ipmi::network::ROOT, ethIP); -+ -+ auto properties = ipmi::getAllDbusProperties( -+ bus, ipObjectInfo.second, ipObjectInfo.first, -+ ipmi::network::IP_INTERFACE); -+ -+ if (std::get<std::string>(properties["Origin"]) == -+ "xyz.openbmc_project.Network.IP.AddressOrigin.DHCP") -+ { -+ ipaddress = -+ std::get<std::string>(properties["Address"]); -+ ipv6AddressSource = 0x81; // Looking at bit 0 and bit 7 -+ prefixLength = -+ std::get<uint8_t>(properties["PrefixLength"]); -+ status = 0; -+ } -+ else -+ { -+ status = 1; -+ } -+ } -+ // ignore the exception, as it is a valid condition that -+ // the system is not configured with any IP. -+ catch (InternalFailure& e) -+ { -+ // nothing to do. -+ } -+ } -+ else if (channelConf->lan_set_in_progress == SET_IN_PROGRESS) -+ { -+ ipaddress = channelConf->ipv6Addr; -+ ipv6AddressSource = channelConf->ipv6AddressSource; -+ prefixLength = channelConf->ipv6Prefix; -+ status = channelConf->ipv6AddressStatus; -+ } -+ -+ uint8_t ipv6SetSelector = 0; -+ std::array<uint8_t, 22> buf = {current_revision, ipv6SetSelector, -+ ipv6AddressSource}; -+ inet_pton(AF_INET6, ipaddress.c_str(), -+ reinterpret_cast<void*>(&buf[3])); -+ buf[20] = prefixLength; -+ buf[21] = status; -+ -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_DHCPV6_DYNAMIC_DUID_STOR_LEN: -+ { -+ uint8_t duidLength = 0; -+ // Only 1 read-only 16-byte Block needed -+ duidLength = 1; -+ -+ std::array<uint8_t, 2> buf = {current_revision, duidLength}; -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_DHCPV6_DYNAMIC_DUIDS: -+ { -+ std::string macAddress; -+ if (channelConf->lan_set_in_progress == SET_COMPLETE) -+ { -+ auto macObjectInfo = -+ ipmi::getDbusObject(bus, ipmi::network::MAC_INTERFACE, -+ ipmi::network::ROOT, ethdevice); -+ -+ auto variant = ipmi::getDbusProperty( -+ bus, macObjectInfo.second, macObjectInfo.first, -+ ipmi::network::MAC_INTERFACE, "MACAddress"); -+ -+ macAddress = std::get<std::string>(variant); -+ } -+ else if (channelConf->lan_set_in_progress == SET_IN_PROGRESS) -+ { -+ macAddress = channelConf->macAddress; -+ } -+ -+ std::array<uint8_t, -+ ipmi::network::IPV6_DUID_SIZE + sizeof(current_revision)> -+ buf; -+ buf = {current_revision, -+ reqptr->parameter_set, -+ reqptr->parameter_block, -+ DUID_LEN, -+ 0, // Filler byte -+ DUID_LL_TYPE, -+ 0, // Filler byte -+ DUIC_ETH_HW_TYPE}; -+ -+ sscanf(macAddress.c_str(), ipmi::network::MAC_ADDRESS_FORMAT, -+ (&buf[8]), (&buf[9]), (&buf[10]), (&buf[11]), (&buf[12]), -+ (&buf[13])); -+ -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_ROUTER_ADDRESS_CONF_CTRL: -+ { -+ // Determine if automated router discovery occurs when static -+ // addresses are used for the bmc -+ -+ auto ethIP = ethdevice + "/" + ipmi::network::IPV6_TYPE; -+ std::string networkInterfacePath; -+ uint8_t dynamicRA; -+ if (channelConf->lan_set_in_progress == SET_COMPLETE) -+ { -+ -+ try -+ { -+ ipmi::ObjectTree ancestorMap; -+ // if the system is having ip object,then -+ // get the IP object. -+ auto ipObject = -+ ipmi::getDbusObject(bus, ipmi::network::IP_INTERFACE, -+ ipmi::network::ROOT, ethIP); -+ -+ // Get the parent interface of the IP object. -+ try -+ { -+ ipmi::InterfaceList interfaces; -+ interfaces.emplace_back( -+ ipmi::network::ETHERNET_INTERFACE); -+ -+ ancestorMap = ipmi::getAllAncestors( -+ bus, ipObject.first, std::move(interfaces)); -+ } -+ catch (InternalFailure& e) -+ { -+ // if unable to get the parent interface -+ // then commit the error and return. -+ log<level::ERR>( -+ "Unable to get the parent interface", -+ entry("PATH=%s", ipObject.first.c_str()), -+ entry("INTERFACE=%s", -+ ipmi::network::ETHERNET_INTERFACE)); -+ return IPMI_CC_UNSPECIFIED_ERROR; -+ } -+ // for an ip object there would be single parent -+ // interface. -+ networkInterfacePath = ancestorMap.begin()->first; -+ } -+ catch (InternalFailure& e) -+ { -+ // if there is no ip configured on the system,then -+ // get the network interface object. -+ auto networkInterfaceObject = ipmi::getDbusObject( -+ bus, ipmi::network::ETHERNET_INTERFACE, -+ ipmi::network::ROOT, ethdevice); -+ -+ networkInterfacePath = networkInterfaceObject.first; -+ } -+ -+ auto variant = ipmi::getDbusProperty( -+ bus, ipmi::network::SERVICE, networkInterfacePath, -+ ipmi::network::ETHERNET_INTERFACE, "IPv6AcceptRA"); -+ dynamicRA = std::get<bool>(variant); -+ } -+ else -+ { -+ dynamicRA = channelConf->ipv6RouterAddressConfigControl; -+ } -+ -+ std::array<uint8_t, 2> buf = {current_revision, dynamicRA}; -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_STATIC_ROUTER_1_IP_ADDR: -+ { -+ std::array<uint8_t, ipmi::network::IPV6_ADDRESS_SIZE_BYTE + -+ sizeof(current_revision)> -+ buf = {current_revision}; -+ inet_pton(AF_INET6, channelConf->ipv6GatewayAddr.c_str(), -+ reinterpret_cast<void*>(&buf[1])); -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_STATIC_ROUTER_1_PREFIX_LEN: -+ { -+ std::array<uint8_t, 2> buf = {current_revision, -+ channelConf->ipv6GatewayPrefixLength}; -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_STATIC_ROUTER_1_PREFIX_VAL: -+ { -+ constexpr uint8_t setSelector = 0; -+ std::array<uint8_t, sizeof(setSelector) + -+ ipmi::network::IPV6_ADDRESS_SIZE_BYTE + -+ sizeof(current_revision)> -+ buf = {current_revision, setSelector}; -+ -+ inet_pton(AF_INET6, channelConf->ipv6GatewayPrefixValue.c_str(), -+ reinterpret_cast<void*>(&buf[2])); -+ -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_STATIC_ROUTER_2_IP_ADDR: -+ { -+ std::array<uint8_t, ipmi::network::IPV6_ADDRESS_SIZE_BYTE + -+ sizeof(current_revision)> -+ buf = {current_revision}; -+ inet_pton(AF_INET6, channelConf->ipv6BackupGatewayAddr.c_str(), -+ reinterpret_cast<void*>(&buf[1])); -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_STATIC_ROUTER_2_PREFIX_LEN: -+ { -+ std::array<uint8_t, 2> buf = { -+ current_revision, channelConf->ipv6BackupGatewayPrefixLength}; -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } -+ case LanParam::IPV6_STATIC_ROUTER_2_PREFIX_VAL: -+ { -+ -+ constexpr uint8_t setSelector = 0; -+ std::array<uint8_t, sizeof(setSelector) + -+ ipmi::network::IPV6_ADDRESS_SIZE_BYTE + -+ sizeof(current_revision)> -+ buf = {current_revision, setSelector}; -+ inet_pton(AF_INET6, -+ channelConf->ipv6BackupGatewayPrefixValue.c_str(), -+ reinterpret_cast<void*>(&buf[2])); -+ -+ std::copy(buf.begin(), buf.end(), static_cast<uint8_t*>(response)); -+ *data_len = buf.size(); -+ break; -+ } - default: - log<level::ERR>("Unsupported parameter", - entry("PARAMETER=0x%x", reqptr->parameter)); -@@ -957,6 +1580,16 @@ void applyChanges(int channel) - ipaddress, prefix); - } - -+ if (!channelConf->ipv6Addr.empty() && -+ channelConf->ipv6AddressSource == -+ 0x80) // Check if IPv6 static addresses are enabled -+ { -+ ipmi::network::createIP(bus, ipmi::network::SERVICE, -+ networkInterfacePath, ipv6Protocol, -+ channelConf->ipv6Addr, -+ channelConf->ipv6Prefix); -+ } -+ - if (!gateway.empty()) - { - ipmi::setDbusProperty(bus, systemObject.second, -@@ -964,7 +1597,24 @@ void applyChanges(int channel) - ipmi::network::SYSTEMCONFIG_INTERFACE, - "DefaultGateway", std::string(gateway)); - } -+ else if (!channelConf->ipv6GatewayAddr.empty()) -+ { -+ ipmi::setDbusProperty( -+ bus, systemObject.second, systemObject.first, -+ ipmi::network::SYSTEMCONFIG_INTERFACE, "DefaultGateway", -+ std::string(channelConf->ipv6GatewayAddr)); -+ } - } -+ // set IPAddress Enables -+ ipmi::setDbusProperty( -+ bus, ipmi::network::SERVICE, networkInterfaceObject.first, -+ ipmi::network::ETHERNET_INTERFACE, "IPAddressEnables", -+ ipAddressEnablesType[channelConf->ipv6AddressingEnables]); -+ -+ ipmi::setDbusProperty( -+ bus, ipmi::network::SERVICE, networkInterfaceObject.first, -+ ipmi::network::ETHERNET_INTERFACE, "IPv6AcceptRA", -+ (bool)channelConf->ipv6RouterAddressConfigControl); - } - catch (sdbusplus::exception::exception& e) - { -Index: phosphor-host-ipmid.clean/transporthandler.hpp -=================================================================== ---- phosphor-host-ipmid.clean.orig/transporthandler.hpp -+++ phosphor-host-ipmid.clean/transporthandler.hpp -@@ -79,8 +79,27 @@ enum class LanParam : uint8_t - IPV6_NEIGHBOR_TIMING_CONFIGURATION = 80, - }; - -+constexpr uint8_t DUID_LEN = 10; -+constexpr uint8_t DUID_LL_TYPE = 3; -+constexpr uint8_t DUIC_ETH_HW_TYPE = 1; -+ - // Data length of parameters - constexpr size_t lanParamVLANSize = 4; -+constexpr size_t lanParamInProgressSize = 3; -+constexpr size_t lanParamIPSize = 6; -+constexpr size_t lanParamIPSrcSize = 3; -+constexpr size_t lanParamMACSize = 8; -+constexpr size_t lanParamSubnetSize = 6; -+constexpr size_t lanParamGatewaySize = 6; -+constexpr size_t lanParamIPv6AndIPv4EnablesSize = 3; -+constexpr size_t lanParamIPv6StaticAddressesSize = 23; -+constexpr size_t lanParamIPv6RouterAddressConfCtrlSize = 3; -+constexpr size_t lanParamIPv6StaticRouter1IPAddrSize = 18; -+constexpr size_t lanParamIPv6StaticRouter1PrefixLenSize = 3; -+constexpr size_t lanParamIPv6StaticRouter1PrefixValSize = 19; -+constexpr size_t lanParamIPv6StaticRouter2IPAddrSize = 18; -+constexpr size_t lanParamIPv6StaticRouter2PrefixLenSize = 3; -+constexpr size_t lanParamIPv6StaticRouter2PrefixValSize = 19; - constexpr uint8_t SET_COMPLETE = 0; - constexpr uint8_t SET_IN_PROGRESS = 1; - constexpr uint8_t SET_COMMIT_WRITE = 2; // Optional -@@ -103,6 +122,20 @@ struct ChannelConfig_t - uint8_t lan_set_in_progress = SET_COMPLETE; - bool flush = false; - -+ // IPV6 parameters -+ uint8_t ipv6AddressSource = 0x0; -+ uint8_t ipv6AddressingEnables = 0x2; -+ std::string ipv6Addr; -+ uint8_t ipv6Prefix = 32; -+ uint8_t ipv6AddressStatus = 0x0; -+ uint8_t ipv6RouterAddressConfigControl = 0x0; -+ std::string ipv6GatewayAddr; -+ std::string ipv6BackupGatewayAddr; -+ uint8_t ipv6GatewayPrefixLength; -+ std::string ipv6GatewayPrefixValue; -+ uint8_t ipv6BackupGatewayPrefixLength = 0x0; -+ std::string ipv6BackupGatewayPrefixValue; -+ - void clear() - { - ipaddr.clear(); -@@ -113,6 +146,20 @@ struct ChannelConfig_t - ipsrc = ipmi::network::IPOrigin::UNSPECIFIED; - lan_set_in_progress = SET_COMPLETE; - flush = false; -+ -+ // IPv6 -+ ipv6Addr.clear(); -+ ipv6GatewayAddr.clear(); -+ ipv6BackupGatewayAddr.clear(); -+ ipv6AddressingEnables = 0x2; -+ ipv6AddressSource = 0x0; -+ ipv6Prefix = 32; -+ ipv6AddressStatus = 0x0; -+ ipv6RouterAddressConfigControl = 0x0; -+ ipv6GatewayPrefixLength = 0x0; -+ ipv6GatewayPrefixValue.clear(); -+ ipv6BackupGatewayPrefixLength = 0x0; -+ ipv6BackupGatewayPrefixValue.clear(); - } - }; - diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0010-fix-get-system-GUID-ipmi-command.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0010-fix-get-system-GUID-ipmi-command.patch index efee7cc26..ccf326a91 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0010-fix-get-system-GUID-ipmi-command.patch +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0010-fix-get-system-GUID-ipmi-command.patch @@ -1,22 +1,24 @@ -commit 72e6573f36fd3b9ce018e71b07bc1be63275d1f8 -Author: Vernon Mauery <vernon.mauery@linux.intel.com> -Date: Fri Jun 21 12:27:20 2019 -0700 +From c1925ab965271875d4e9333be85cdfe8e1516948 Mon Sep 17 00:00:00 2001 +From: Vernon Mauery <vernon.mauery@linux.intel.com> +Date: Fri, 14 Feb 2020 13:13:06 -0800 +Subject: [PATCH] Fix 'Get System GUID' to use settings UUID - Fix 'Get System GUID' to use settings UUID - - The upstream Get System GUID command looks first for a BMC interface - and then assumes that the UUID interface is next to that. But that is - not the case on Intel systems where the system GUID is found in the - settings daemon. - - Change-Id: I924bd05e0a546f2b30288c1faf72157296ab6579 - Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com> +The upstream Get System GUID command looks first for a BMC interface +and then assumes that the UUID interface is next to that. But that is +not the case on Intel systems where the system GUID is found in the +settings daemon. + +Change-Id: I924bd05e0a546f2b30288c1faf72157296ab6579 +Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com> +--- + apphandler.cpp | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/apphandler.cpp b/apphandler.cpp -index 280d0db..25af6bb 100644 +index dcfda11..780afbc 100644 --- a/apphandler.cpp +++ b/apphandler.cpp -@@ -799,8 +799,6 @@ auto ipmiAppGetBtCapabilities() +@@ -784,8 +784,6 @@ auto ipmiAppGetBtCapabilities() auto ipmiAppGetSystemGuid() -> ipmi::RspType<std::array<uint8_t, 16>> { @@ -25,7 +27,7 @@ index 280d0db..25af6bb 100644 static constexpr auto uuidInterface = "xyz.openbmc_project.Common.UUID"; static constexpr auto uuidProperty = "UUID"; -@@ -809,7 +807,7 @@ auto ipmiAppGetSystemGuid() -> ipmi::RspType<std::array<uint8_t, 16>> +@@ -794,7 +792,7 @@ auto ipmiAppGetSystemGuid() -> ipmi::RspType<std::array<uint8_t, 16>> { // Get the Inventory object implementing BMC interface auto busPtr = getSdBus(); @@ -34,3 +36,6 @@ index 280d0db..25af6bb 100644 // Read UUID property value from bmcObject // UUID is in RFC4122 format Ex: 61a39523-78f2-11e5-9862-e6402cfc3223 +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0054-Fix-User-commands-require-channel-layer-lib.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0054-Fix-User-commands-require-channel-layer-lib.patch deleted file mode 100644 index bf6f672cf..000000000 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0054-Fix-User-commands-require-channel-layer-lib.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 5d0c9d2217dbe369daffb8a92d7b5e7d7d34d566 Mon Sep 17 00:00:00 2001 -From: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> -Date: Sat, 2 Mar 2019 20:08:32 +0530 -Subject: [PATCH] Fix: User commands require channel layer lib - -As channel layer is separated out from user layer lib, it -has to be manually included in libusercommands, as user -command handlers use channel layer API's - -Tested-by: -1. Made sure that libusercommands are loaded on it's own -without any undefined symbol error. -2. ipmitool user list 1 works on host interface - -Change-Id: I6652ad248e01afc1349e3a9612754dbdb84b96ad -Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> ---- - Makefile.am | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/Makefile.am b/Makefile.am -index bb7bdbf..4e9101e 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -120,7 +120,8 @@ libipmi20_la_CXXFLAGS = $(COMMON_CXX) - providers_LTLIBRARIES += libusercmds.la - libusercmds_la_LIBADD = \ - libipmid/libipmid.la \ -- user_channel/libuserlayer.la -+ user_channel/libuserlayer.la \ -+ user_channel/libchannellayer.la - libusercmds_la_SOURCES = \ - user_channel/usercommands.cpp - libusercmds_la_LDFLAGS = \ --- -2.7.4 - diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0062-Update-IPMI-Chassis-Control-command.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0062-Update-IPMI-Chassis-Control-command.patch index 6c61e0995..96e45cad3 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0062-Update-IPMI-Chassis-Control-command.patch +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0062-Update-IPMI-Chassis-Control-command.patch @@ -1,12 +1,14 @@ -From 959030b7ee71a7b23d1c081a0aadaa4eedbc0f63 Mon Sep 17 00:00:00 2001 +From 92bdbcd90a445e49ba2f8e483d44ec41152d32b4 Mon Sep 17 00:00:00 2001 From: "Jason M. Bills" <jason.m.bills@linux.intel.com> Date: Mon, 3 Jun 2019 17:01:47 -0700 Subject: [PATCH] Update IPMI Chassis Control command This change updates the IPMI Chassis Control command to use the new -chassis state transitions. This allows each chassis control action +host state transitions. This allows each chassis control action to more closely follow the behavior defined in the IPMI spec. +ref: https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/22358 + Tested: Ran each IPMI chassis control command to confirm the expected behavior: @@ -19,11 +21,11 @@ ipmitool power soft: soft power-off requested from system software Change-Id: Ic9fba3ca4abd9a758eb88f1e6ee09f7ca64ff80a Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com> --- - chassishandler.cpp | 205 +++++++++++++---------------------------------------- - 1 file changed, 50 insertions(+), 155 deletions(-) + chassishandler.cpp | 206 +++++++++++++---------------------------------------- + 1 file changed, 50 insertions(+), 156 deletions(-) diff --git a/chassishandler.cpp b/chassishandler.cpp -index 053f29a..53b25b8 100644 +index 0326806..8bfab88 100644 --- a/chassishandler.cpp +++ b/chassishandler.cpp @@ -31,6 +31,7 @@ @@ -34,7 +36,7 @@ index 053f29a..53b25b8 100644 #include <xyz/openbmc_project/State/Host/server.hpp> #include <xyz/openbmc_project/State/PowerOnHours/server.hpp> -@@ -712,59 +713,63 @@ ipmi::RspType<> ipmiSetChassisCap(bool intrusion, bool fpLockout, +@@ -717,59 +718,63 @@ ipmi::RspType<> ipmiSetChassisCap(bool intrusion, bool fpLockout, //------------------------------------------ // Calls into Host State Manager Dbus object //------------------------------------------ @@ -108,10 +110,11 @@ index 053f29a..53b25b8 100644 - HOST_STATE_MANAGER_IFACE, PROPERTY, "s", - request.c_str()); - if (rc < 0) -+ try - { +- { - log<level::ERR>("Failed to initiate transition", - entry("ERRNO=0x%X, REQUEST=%s", -rc, request.c_str())); ++ try ++ { + ipmi::setDbusProperty(*getSdBus(), service, chassisStatePath, + chassisStateIntf, "RequestedPowerTransition", + request); @@ -134,7 +137,7 @@ index 053f29a..53b25b8 100644 } //------------------------------------------ -@@ -1065,76 +1070,6 @@ ipmi::RspType<bool, // Power is on +@@ -1071,76 +1076,6 @@ ipmi::RspType<bool, // Power is on diagButtonDisableAllow, sleepButtonDisableAllow); } @@ -211,7 +214,7 @@ index 053f29a..53b25b8 100644 /** @brief Implementation of chassis control command * * @param - chassisControl command byte -@@ -1147,63 +1082,23 @@ ipmi::RspType<> ipmiChassisControl(uint8_t chassisControl) +@@ -1153,63 +1088,22 @@ ipmi::RspType<> ipmiChassisControl(uint8_t chassisControl) switch (chassisControl) { case CMD_POWER_ON: @@ -256,8 +259,8 @@ index 053f29a..53b25b8 100644 break; - case CMD_HARD_RESET: -+ rc = initiateChassisStateTransition( -+ State::Chassis::Transition::Reset); ++ rc = initiateHostStateTransition( ++ State::Host::Transition::ForceWarmReboot); + break; case CMD_POWER_CYCLE: - // SPEC has a section that says certain implementations can trigger @@ -271,8 +274,7 @@ index 053f29a..53b25b8 100644 - indicate_no_softoff_needed(); - - rc = initiate_state_transition(State::Host::Transition::Reboot); -+ rc = initiateChassisStateTransition( -+ State::Chassis::Transition::PowerCycle); ++ rc = initiateHostStateTransition(State::Host::Transition::Reboot); break; - case CMD_SOFT_OFF_VIA_OVER_TEMP: diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0064-Update-provisioning-mode-filter-logic.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0064-Update-provisioning-mode-filter-logic.patch deleted file mode 100644 index 5cd8b3ec4..000000000 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0064-Update-provisioning-mode-filter-logic.patch +++ /dev/null @@ -1,301 +0,0 @@ -From dcfce847654bd7e2475ad74bedf569b6120701dd Mon Sep 17 00:00:00 2001 -From: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> -Date: Tue, 18 Jun 2019 19:42:30 +0530 -Subject: [PATCH 1/1] Update provisioning mode filter logic - -Updated provisioning mode filtering logic support. Based on the -RestrictionMode property, Host (system) interface commands will be -filtered as per the allowed list in ProvisionedHostWhitelist once -POST complete is achieved. No commands will be allowed in -ProvisionedHostDisabled after POST complete and in all other cases -filterning logic will not be applied. - -Tested -1. Verified the filtering logic through EFI shell and made sure -filtering logic is applied when RestrictionMode is in -ProvisionedHostWhitelist mode -2. Verified no filtering logic is applied in normal modes -3. Made sure BIOS is able to execute commands, which are not in -whitelist (Note: New whitelist conf is under review). - -Change-Id: I7a14e827d70e2d8d6975e600a0fd00e2a790bc22 -Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> -Signed-off-by: James Feist <james.feist@linux.intel.com> ---- - whitelist-filter.cpp | 191 ++++++++++++++++++++++++++++++------------- - 1 file changed, 136 insertions(+), 55 deletions(-) - -diff --git a/whitelist-filter.cpp b/whitelist-filter.cpp -index 9f1e7c8..53461b4 100644 ---- a/whitelist-filter.cpp -+++ b/whitelist-filter.cpp -@@ -25,6 +25,7 @@ namespace - */ - class WhitelistFilter - { -+ - public: - WhitelistFilter(); - ~WhitelistFilter() = default; -@@ -35,17 +36,24 @@ class WhitelistFilter - - private: - void postInit(); -- void cacheRestrictedMode(); -+ void cacheRestrictedAndPostCompleteMode(); - void handleRestrictedModeChange(sdbusplus::message::message& m); -+ void handlePostCompleteChange(sdbusplus::message::message& m); - ipmi::Cc filterMessage(ipmi::message::Request::ptr request); - -- bool restrictedMode = true; -+ sdbusplus::xyz::openbmc_project::Control::Security::server:: -+ RestrictionMode::Modes restrictionMode = -+ sdbusplus::xyz::openbmc_project::Control::Security::server:: -+ RestrictionMode::Modes::ProvisionedHostWhitelist; -+ bool postCompleted = false; - std::shared_ptr<sdbusplus::asio::connection> bus; -- std::unique_ptr<settings::Objects> objects; - std::unique_ptr<sdbusplus::bus::match::match> modeChangeMatch; -+ std::unique_ptr<sdbusplus::bus::match::match> postCompleteMatch; - - static constexpr const char restrictionModeIntf[] = - "xyz.openbmc_project.Control.Security.RestrictionMode"; -+ static constexpr const char* systemOsStatusIntf = -+ "xyz.openbmc_project.State.OperatingSystem.Status"; - }; - - WhitelistFilter::WhitelistFilter() -@@ -63,43 +71,83 @@ WhitelistFilter::WhitelistFilter() - post_work([this]() { postInit(); }); - } - --void WhitelistFilter::cacheRestrictedMode() -+void WhitelistFilter::cacheRestrictedAndPostCompleteMode() - { - using namespace sdbusplus::xyz::openbmc_project::Control::Security::server; -+ - std::string restrictionModeSetting; - std::string restrictionModeService; -+ std::string systemOsStatusPath; -+ std::string systemOsStatusService; - try - { -- restrictionModeSetting = objects->map.at(restrictionModeIntf).at(0); -+ auto objects = settings::Objects( -+ *bus, std::vector<settings::Interface>({restrictionModeIntf})); -+ auto postCompleteObj = settings::Objects( -+ *bus, std::vector<settings::Interface>({systemOsStatusIntf})); -+ -+ restrictionModeSetting = objects.map.at(restrictionModeIntf).at(0); - restrictionModeService = -- objects->service(restrictionModeSetting, restrictionModeIntf); -+ objects.service(restrictionModeSetting, restrictionModeIntf); -+ -+ systemOsStatusPath = postCompleteObj.map.at(systemOsStatusIntf).at(0); -+ systemOsStatusService = -+ postCompleteObj.service(systemOsStatusPath, systemOsStatusIntf); - } - catch (const std::out_of_range& e) - { -- log<level::ERR>( -- "Could not look up restriction mode interface from cache"); -+ log<level::INFO>( -+ "Could not initialize provisioning mode, defaulting to restricted"); -+ return; -+ } -+ catch (const std::exception&) -+ { -+ log<level::INFO>( -+ "Could not initialize provisioning mode, defaulting to restricted"); - return; - } -+ - bus->async_method_call( - [this](boost::system::error_code ec, ipmi::Value v) { - if (ec) - { -- log<level::ERR>("Error in RestrictionMode Get"); -- // Fail-safe to true. -- restrictedMode = true; -+ log<level::INFO>("Could not initialize provisioning mode, " -+ "defaulting to restricted"); - return; - } - auto mode = std::get<std::string>(v); -- auto restrictionMode = -- RestrictionMode::convertModesFromString(mode); -- restrictedMode = -- (restrictionMode == RestrictionMode::Modes::Whitelist); -- log<level::INFO>((restrictedMode ? "Set restrictedMode = true" -- : "Set restrictedMode = false")); -+ restrictionMode = RestrictionMode::convertModesFromString(mode); -+ log<level::INFO>( -+ "Read restriction mode", -+ entry("VALUE=%d", static_cast<int>(restrictionMode))); - }, - restrictionModeService, restrictionModeSetting, - "org.freedesktop.DBus.Properties", "Get", restrictionModeIntf, - "RestrictionMode"); -+ -+ bus->async_method_call( -+ [this](boost::system::error_code ec, const ipmi::Value& v) { -+ if (ec) -+ { -+ log<level::ERR>("Error in OperatingSystemState Get"); -+ postCompleted = true; -+ return; -+ } -+ auto value = std::get<std::string>(v); -+ if (value == "Standby") -+ { -+ postCompleted = true; -+ } -+ else -+ { -+ postCompleted = false; -+ } -+ log<level::INFO>("Read POST complete value", -+ entry("VALUE=%d", postCompleted)); -+ }, -+ systemOsStatusService, systemOsStatusPath, -+ "org.freedesktop.DBus.Properties", "Get", systemOsStatusIntf, -+ "OperatingSystemState"); - } - - void WhitelistFilter::handleRestrictedModeChange(sdbusplus::message::message& m) -@@ -112,61 +160,94 @@ void WhitelistFilter::handleRestrictedModeChange(sdbusplus::message::message& m) - { - if (property.first == "RestrictionMode") - { -- RestrictionMode::Modes restrictionMode = -- RestrictionMode::convertModesFromString( -- std::get<std::string>(property.second)); -- restrictedMode = -- (restrictionMode == RestrictionMode::Modes::Whitelist); -- log<level::INFO>((restrictedMode -- ? "Updated restrictedMode = true" -- : "Updated restrictedMode = false")); -+ restrictionMode = RestrictionMode::convertModesFromString( -+ std::get<std::string>(property.second)); -+ log<level::INFO>( -+ "Updated restriction mode", -+ entry("VALUE=%d", static_cast<int>(restrictionMode))); - } - } - } -- --void WhitelistFilter::postInit() -+void WhitelistFilter::handlePostCompleteChange(sdbusplus::message::message& m) - { -- objects = std::make_unique<settings::Objects>( -- *bus, std::vector<settings::Interface>({restrictionModeIntf})); -- if (!objects) -+ std::string intf; -+ std::vector<std::pair<std::string, ipmi::Value>> propertyList; -+ m.read(intf, propertyList); -+ for (const auto& property : propertyList) - { -- log<level::ERR>( -- "Failed to create settings object; defaulting to restricted mode"); -- return; -+ if (property.first == "OperatingSystemState") -+ { -+ std::string value = std::get<std::string>(property.second); -+ if (value == "Standby") -+ { -+ postCompleted = true; -+ } -+ else -+ { -+ postCompleted = false; -+ } -+ log<level::INFO>(postCompleted ? "Updated to POST Complete" -+ : "Updated to !POST Complete"); -+ } - } -- -+} -+void WhitelistFilter::postInit() -+{ - // Initialize restricted mode -- cacheRestrictedMode(); -+ cacheRestrictedAndPostCompleteMode(); - // Wait for changes on Restricted mode -- std::string filterStr; -- try -- { -- filterStr = sdbusplus::bus::match::rules::propertiesChanged( -- objects->map.at(restrictionModeIntf).at(0), restrictionModeIntf); -- } -- catch (const std::out_of_range& e) -- { -- log<level::ERR>("Failed to determine restriction mode filter string"); -- return; -- } -+ namespace rules = sdbusplus::bus::match::rules; -+ const std::string filterStrModeChange = -+ rules::type::signal() + rules::member("PropertiesChanged") + -+ rules::interface("org.freedesktop.DBus.Properties") + -+ rules::argN(0, restrictionModeIntf); -+ -+ const std::string filterStrPostComplete = -+ rules::type::signal() + rules::member("PropertiesChanged") + -+ rules::interface("org.freedesktop.DBus.Properties") + -+ rules::argN(0, systemOsStatusIntf); -+ - modeChangeMatch = std::make_unique<sdbusplus::bus::match::match>( -- *bus, filterStr, [this](sdbusplus::message::message& m) { -+ *bus, filterStrModeChange, [this](sdbusplus::message::message& m) { - handleRestrictedModeChange(m); - }); -+ postCompleteMatch = std::make_unique<sdbusplus::bus::match::match>( -+ *bus, filterStrPostComplete, [this](sdbusplus::message::message& m) { -+ handlePostCompleteChange(m); -+ }); - } - - ipmi::Cc WhitelistFilter::filterMessage(ipmi::message::Request::ptr request) - { -- if (request->ctx->channel == ipmi::channelSystemIface && restrictedMode) -+ using namespace sdbusplus::xyz::openbmc_project::Control::Security::server; -+ -+ if (request->ctx->channel == ipmi::channelSystemIface && -+ (restrictionMode != RestrictionMode::Modes::None && -+ restrictionMode != RestrictionMode::Modes::Provisioning)) - { -- if (!std::binary_search( -- whitelist.cbegin(), whitelist.cend(), -- std::make_pair(request->ctx->netFn, request->ctx->cmd))) -+ if (!postCompleted) -+ { -+ // Allow all commands, till POST is not completed -+ return ipmi::ccSuccess; -+ } -+ switch (restrictionMode) - { -- log<level::ERR>("Net function not whitelisted", -- entry("NETFN=0x%X", int(request->ctx->netFn)), -- entry("CMD=0x%X", int(request->ctx->cmd))); -- return ipmi::ccInsufficientPrivilege; -+ case RestrictionMode::Modes::ProvisionedHostWhitelist: -+ { -+ if (!std::binary_search( -+ whitelist.cbegin(), whitelist.cend(), -+ std::make_pair(request->ctx->netFn, request->ctx->cmd))) -+ { -+ log<level::ERR>( -+ "Net function not whitelisted", -+ entry("NETFN=0x%X", int(request->ctx->netFn)), -+ entry("CMD=0x%X", int(request->ctx->cmd))); -+ return ipmi::ccInsufficientPrivilege; -+ } -+ break; -+ } -+ default: // for whitelist, blacklist & HostDisabled -+ return ipmi::ccInsufficientPrivilege; - } - } - return ipmi::ccSuccess; --- -2.17.1 - diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/host-ipmid-whitelist.conf b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/host-ipmid-whitelist.conf deleted file mode 100644 index 268e12848..000000000 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/host-ipmid-whitelist.conf +++ /dev/null @@ -1,200 +0,0 @@ -#<NetFn>:<Command> -#IPMI whitelist command list version 9b -0x00:0x00 //<Chassis>:<Get Chassis Capabiliti> -0x00:0x01 //<Chassis>:<Get Chassis Status> -0x00:0x04 //<Chassis>:<Chassis Identify> -0x00:0x07 //<Chassis>:<Get System Restart Cause> -0x00:0x09 //<Chassis>:<Get System Boot Options> -0x00:0x0A //<Chassis>:<Set Front Panel Enables> -0x00:0x0F //<Chassis>:<Get POH Counter> -0x04:0x01 //<Sensor/Event>:<Get Event Receiver> -0x04:0x02 //<Sensor/Event>:<SEL Platform event> -0x04:0x10 //<Sensor/Event>:<PEF Get Capabilities> -0x04:0x13 //<Sensor/Event>:<PEF Get Configuration Parameters> -0x04:0x15 //<Sensor/Event>:<PEF Get Processed EventID> -0x04:0x20 //<Sensor/Event>:<Get Device SDR Info> -0x04:0x21 //<Sensor/Event>:<Get Device SDR> -0x04:0x23 //<Sensor/Event>:<Get Sensor Reading Factors> -0x04:0x25 //<Sensor/Event>:<Get Sensor Hysteresis> -0x04:0x27 //<Sensor/Event>:<Get Sensor Threshold> -0x04:0x29 //<Sensor/Event>:<Get SensorEvent Enable> -0x04:0x2B //<Sensor/Event>:<Get SensorEvent Status> -0x04:0x2D //<Sensor/Event>:<Get SensorReading> -0x04:0x2F //<Sensor/Event>:<Get Sensor Type> -0x06:0x01 //<App>:<Get Device ID> -0x06:0x04 //<App>:<Get Self Test> -0x06:0x06 //<App>:<Set ACPI Power State> -0x06:0x07 //<App>:<Get ACPI Power State> -0x06:0x08 //<App>:<Get Device GUID> -0x06:0x22 //<App>:<Reset Watchdog Timer> -0x06:0x24 //<App>:<Set Watchdog Timer> -0x06:0x25 //<App>:<Get Watchdog Timer> -0x06:0x2F //<App>:<Get BMC Global Enables> -0x06:0x30 //<App>:<Clear Message Flags> -0x06:0x31 //<App>:<Get Message Flags> -0x06:0x33 //<App>:<Get Message> -0x06:0x35 //<App>:<Read Event Message Buffer> -0x06:0x37 //<App>:<Get System GUID> -0x06:0x38 //<App>:<Get Channel Authentication Capability> -0x06:0x39 //<App>:<Get Session Challenge> -0x06:0x3D //<App>:<Get Channel Session Info> -0x06:0x3F //<App>:<Get Authentication Code> -0x06:0x41 //<App>:<Get Channel Access> -0x06:0x42 //<App>:<Get Channel Info> -0x06:0x44 //<App>:<Get User Access> -0x06:0x46 //<App>:<Get User Name> -0x06:0x4A //<App>:<Get Payload Activation Status> -0x06:0x4B //<App>:<Get Payload Instance Info> -0x06:0x4D //<App>:<Get User Payload Access> -0x06:0x4E //<App>:<Get Channel Payload Support> -0x06:0x4F //<App>:<Get Channel Payload Version> -0x06:0x50 //<App>:<Get Channel OEM Payload Info> -0x06:0x54 //<App>:<Get Channel Cipher Suites> -0x06:0x57 //<App>:<Get System Interface Capabilities> -0x08:0x20 //<Firmware>:<Get Version Information> -0x08:0x21 //<Firmware>:<Security Version Information> -0x08:0x22 //<Firmware>:<Firmware Update Channel Information> -0x08:0x23 //<Firmware>:<BMC Execution Context> -0x08:0x24 //<Firmware>:<Get Boot Certificate Info> -0x08:0x25 //<Firmware>:<Get Boot Certificate Data> -0x08:0x26 //<Firmware>:<Firmware Random Number Update> -0x08:0x27 //<Firmware>:<Set Firmware Update Mode> -0x08:0x28 //<Firmware>:<Exit Firmware Update Mode> -0x08:0x29 //<Firmware>:<Firmware Update Control> -0x08:0x2A //<Firmware>:<Get Firmware Update Status> -0x08:0x2B //<Firmware>:<Set Firmware Update Options> -0x08:0x2C //<Firmware>:<Write Firmware Image> -0x08:0x2D //<Firmware>:<Get Firmware Update Status Code Message> -0x08:0xE0 //<Firmware>:<Get Firmware Update Error Code Message> -0x0A:0x10 //<Storage>:<Get FRU Inventory Area Info> -0x0A:0x11 //<Storage>:<Read FRU Data> -0x0A:0x20 //<Storage>:<Get SDR Repository Info> -0x0A:0x21 //<Storage>:<Get SDR Alloc Info> -0x0A:0x23 //<Storage>:<Get SDR> -0x0A:0x28 //<Storage>:<SEL Get Time> -0x0A:0x40 //<Storage>:<Get SEL Info> -0x0A:0x41 //<Storage>:<Get SEL Alloc Info> -0x0A:0x43 //<Storage>:<Get SEL Entry> -0x0A:0x48 //<Storage>:<Get SEL Time> -0x0A:0x5A //<Storage>:<Get SEL Auxiliary Log Status> -0x0A:0x5C //<Storage>:<Get SEL Time UTC Offset> -0x0C:0x02 //<Transport>:<Get LAN Configuration Parameters> -0x0C:0x04 //<Transport>:<Get IPUDPRMCP Statistics> -0x0C:0x11 //<Transport>:<Get Serial Modem Configuration> -0x0C:0x21 //<Transport>:<Set SOL Configuration Parameters> -0x0C:0x22 //<Transport>:<Get SOL Configuration Parameters> -0x2C:0x1F //<Group Extension>:<Get CPU PECI Package Config Data> -0x2C:0x20 //<Group Extension>:<Get MDR Data Region Status> -0x2C:0x21 //<Group Extension>:<Get MDR Region Update Complete> -0x2C:0x22 //<Group Extension>:<Read MDR Region> -0x2C:0x23 //<Group Extension>:<Write MDR Region> -0x2C:0x24 //<Group Extension>:<Get MDR Region Lock> -0x2C:0x25 //<Group Extension>:<Get System Mode> -0x2C:0x29 //<Group Extension>:<Get TPM Configuration> -0x2C:0x37 //<Group Extension>:<Read PCIe Cable EEPROM Data> -0x30:0x04 //<Intel General Application>:<Get NW Switch MIB> -0x30:0x05 //<Intel General Application>:<Get PDB FW Version> -0x30:0x09 //<Intel General Application>:<Get BMC Config> -0x30:0x14 //<Intel General Application>:<Get SM Signal> -0x30:0x19 //<Intel General Application>:<Read LAN Channel Port Value> -0x30:0x1A //<Intel General Application>:<Get NIC Info> -0x30:0x1B //<Intel General Application>:<Get LAN Available> -0x30:0x1D //<Intel General Application>:<Get Master MAC> -0x30:0x1F //<Intel General Application>:<Get Secure Mode> -0x30:0x20 //<Intel General Application>:<OEM Get SEL info> -0x30:0x21 //<Intel General Application>:<OEM Get SEL Allocation Info> -0x30:0x22 //<Intel General Application>:<OEM Platform Event Message> -0x30:0x23 //<Intel General Application>:<OEM Get SEL Entry> -0x30:0x26 //<Intel General Application>:<Set BIOS ID> -0x30:0x27 //<Intel General Application>:<Get OEM Device Information> -0x30:0x2E //<Intel General Application>:<Get Cold Redundancy Configuration> -0x30:0x30 //<Intel General Application>:<Get Sensor Severity> -0x30:0x31 //<Intel General Application>:<Get AIC Slot FRU ID SLOT POS Records> -0x30:0x33 //<Intel General Application>:<Get Controller Status> -0x30:0x38 //<Intel General Application>:<Get Satellite Firmware update status> -0x30:0x39 //<Intel General Application>:<HSBP Get Owner> -0x30:0x3C //<Intel General Application>:<Get AIC MAC> -0x30:0x41 //<Intel General Application>:<Set System GUID> -0x30:0x43 //<Intel General Application>:<Get BMC Reset Disables> -0x30:0x44 //<Intel General Application>:<Send Embedded Firmware Update Status> -0x30:0x47 //<Intel General Application>:<HSBP Get Version> -0x30:0x54 //<Intel General Application>:<Set Power Restore Delay> -0x30:0x55 //<Intel General Application>:<Get Power Restore Delay> -0x30:0x55 //<Intel General Application>:<Get Power Restore Delay> -0x30:0x58 //<Intel General Application>:<Get DIMM Fault Status> -0x30:0x62 //<Intel General Application>:<Get Shutdown Policy> -0x30:0x63 //<Intel General Application>:<Get Node Slot Presence> -0x30:0x65 //<Intel General Application>:<Get HDD Drive Fault LED State> -0x30:0x66 //<Intel General Application>:<Get Buffer Size> -0x30:0x71 //<Intel General Application>:<Get Advanced Support> -0x30:0x73 //<Intel General Application>:<Get EFI Payload> -0x30:0x74 //<Intel General Application>:<Get RMM Status> -0x30:0x75 //<Intel General Application>:<Get Voltage Name> -0x30:0x80 //<Intel General Application>:<HSBP Get Register From Memory> -0x30:0x81 //<Intel General Application>:<Get Power State> -0x30:0x82 //<Intel General Application>:<Get ACPI Config> -0x30:0x85 //<Intel General Application>:<Get SF PWM> -0x30:0x8A //<Intel General Application>:<Get Fan Control Configuration> -0x30:0x8B //<Intel General Application>:<Auto Fan Detect> -0x30:0x8D //<Intel General Application>:<Get fan speed offset> -0x30:0x8F //<Intel General Application>:<Get DIMM offset> -0x30:0x91 //<Intel General Application>:<Get FSC Parameter> -0x30:0x92 //<Intel General Application>:<Get Chassis Identifier> -0x30:0x93 //<Intel General Application>:<Read Base Board Product ID> -0x30:0x94 //<Intel General Application>:<Get BMC Revision ID> -0x30:0x95 //<Intel General Application>:<Get Is AP CPU> -0x30:0x9A //<Intel General Application>:<Get Processor Error Configuration and Status> -0x30:0x9B //<Intel General Application>:<Set Processor Error Config> -0x30:0x9D //<Intel General Application>:<Get Fan PWM Limit> -0x30:0xB0 //<Intel General Application>:<Get LED Status> -0x30:0xB2 //<Intel General Application>:<Get BMC Service Status> -0x30:0xB3 //<Intel General Application>:<Get BMC Security Control Mode> -0x30:0xBB //<Intel General Application>:<Get CPLD Revision ID> -0x30:0xC2 //<Intel General Application>:<Get OEM Extended Sys Info> -0x30:0xC6 //<Intel General Application>:<Get Partition Config> -0x30:0xC7 //<Intel General Application>:<Get Zone Information> -0x30:0xC9 //<Intel General Application>:<Get Configuration Status> -0x30:0xCA //<Intel General Application>:<Get Fabric Information> -0x30:0xCB //<Intel General Application>:<Get EndPoints Information> -0x30:0xCC //<Intel General Application>:<Get Switches Information> -0x30:0xCD //<Intel General Application>:<Get Switch Collection Information> -0x30:0xD0 //<Intel General Application>:<Get NVMe Drive Data> -0x30:0xD1 //<Intel General Application>:<HSBP Statistics> -0x30:0xD4 //<Intel General Application>:<Get BIOS Capsule (OOB Update)> -0x30:0xE2 //<Intel General Application>:<OEM Get Reading> -0x30:0xE5 //<Intel General Application>:<Get NMI Source> -0x30:0xE8 //<Intel General Application>:<Get PCIe SMBus Slot Card Info> -0x30:0xE9 //<Intel General Application>:<Get BIOS POST CODE> -0x30:0xF9 //<Intel General Application>:<Get POST Progress Codes> -0x30:0xFD //<Intel General Application>:<Get Riser Presence> -0x32:0x60 //<Intel OEM Platform>:<Get PM Bus Information> -0x32:0x63 //<Intel OEM Platform>:<Get Tach Information> -0x32:0x8D //<Intel OEM Platform>:<Get SSD Power> -0x3E:0x02 //<Intel Managed Data Region>:<BMC Data Region Update Event Message> -0x3E:0x20 //<Intel Managed Data Region>:<BMC Region Status> -0x3E:0x21 //<Intel Managed Data Region>:<BMC Region Update Complete> -0x3E:0x22 //<Intel Managed Data Region>:<MDR Event> -0x3E:0x23 //<Intel Managed Data Region>:<BMC Region Read> -0x3E:0x24 //<Intel Managed Data Region>:<BMC Region Write> -0x3E:0x25 //<Intel Managed Data Region>:<BMC Region Lock> -0x3E:0x28 //<Intel Managed Data Region>:<Get DIMM information> -0x3E:0x30 //<Intel Managed Data Region>:<MDR2 Status> -0x3E:0x31 //<Intel Managed Data Region>:<MDR2 GET Direction> -0x3E:0x32 //<Intel Managed Data Region>:<MDR2 Get Data Set Info> -0x3E:0x33 //<Intel Managed Data Region>:<MDR2 Lock Data> -0x3E:0x34 //<Intel Managed Data Region>:<MDR2 Unlock Data> -0x3E:0x35 //<Intel Managed Data Region>:<MDR2 Dget Data Block> -0x3E:0x38 //<Intel Managed Data Region>:<MDR2 Send Direction> -0x3E:0x39 //<Intel Managed Data Region>:<MDR2 Data Info Offer> -0x3E:0x3A //<Intel Managed Data Region>:<MDR2 Data Info> -0x3E:0x3B //<Intel Managed Data Region>:<MDR2 Data Start> -0x3E:0x3C //<Intel Managed Data Region>:<MDR2 Data Done> -0x3E:0x3D //<Intel Managed Data Region>:<MDR2 Data Block> -0x3E:0x41 //<Intel Managed Data Region>:<Enter Platform Debug Log file transfer mode> -0x3E:0x42 //<Intel Managed Data Region>:<Read Platform Debug Log file> -0x3E:0x43 //<Intel Managed Data Region>:<Status of the Platform Debug Log file transfer mode> -0x3E:0x44 //<Intel Managed Data Region>:<Exit Platform Debug Log file transfer mode> -0x3E:0x50 //<Intel Managed Data Region>:<Node IPMB slave address> -0x3E:0x51 //<Intel Managed Data Region>:<Slot IPMB> -0x3E:0x52 //<Intel Managed Data Region>:<Slot I2C Master Write Read> -0x3E:0x75 //<Intel Managed Data Region>:<Get Remote Log IP> diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/transporthandler_oem.cpp b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/transporthandler_oem.cpp index 3cb79dc3f..856a80fbc 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/transporthandler_oem.cpp +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/transporthandler_oem.cpp @@ -59,7 +59,8 @@ RspType<> setLanOem(uint8_t channel, uint8_t parameter, message::Payload& req) } size_t numDataBytes = req.size() - 4; - if (numDataBytes > IpmiHostnameLen) + if ((numDataBytes > IpmiHostnameLen) || + (!complete && (numDataBytes < IpmiHostnameLen))) { return responseReqDataLenInvalid(); } diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host_%.bbappend index ba148779f..e1311a70d 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host_%.bbappend @@ -2,10 +2,9 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" PROJECT_SRC_DIR := "${THISDIR}/${PN}" SRC_URI = "git://github.com/openbmc/phosphor-host-ipmid" -SRCREV = "ebc53cb165ea26aa48f0bbf01d9bce0e4abb0b7d" +SRCREV = "86d8bd793968e9251f41dbb8eaea482490e68eb1" SRC_URI += "file://phosphor-ipmi-host.service \ - file://host-ipmid-whitelist.conf \ file://0010-fix-get-system-GUID-ipmi-command.patch \ file://0053-Fix-keep-looping-issue-when-entering-OS.patch \ file://0056-add-SetInProgress-to-get-set-boot-option-cmd.patch \ @@ -13,15 +12,13 @@ SRC_URI += "file://phosphor-ipmi-host.service \ file://0060-Move-Get-SOL-config-parameter-to-host-ipmid.patch \ file://0062-Update-IPMI-Chassis-Control-command.patch \ file://0063-Save-the-pre-timeout-interrupt-in-dbus-property.patch \ - file://0064-Update-provisioning-mode-filter-logic.patch \ file://0001-Modify-Get-Lan-Configuration-IP-Address-Source-to-us.patch \ - file://0002-Fixed-issue-in-setLan-command-for-IP-source.patch \ - file://0003-Fix-for-return-CC-in-setLan-command-cases.patch \ " EXTRA_OECONF_append = " --disable-i2c-whitelist-check" EXTRA_OECONF_append = " --enable-transport-oem=yes" EXTRA_OECONF_append = " --disable-boot-flag-safe-mode-support" +EXTRA_OECONF_append = " --disable-ipmi-whitelist" RDEPENDS_${PN}_remove = "clear-once" @@ -37,10 +34,6 @@ FILES_${PN}_remove = " \ ${systemd_unitdir}/system/obmc-host-shutdown@0.target.requires/xyz.openbmc_project.Ipmi.Internal.SoftPowerOff.service \ " -do_configure_append(){ - cp -f ${WORKDIR}/host-ipmid-whitelist.conf ${S} -} - do_compile_prepend(){ cp -f ${PROJECT_SRC_DIR}/transporthandler_oem.cpp ${S} } diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-ipmb_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-ipmb_%.bbappend index 016dd0002..69b730221 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-ipmb_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-ipmb_%.bbappend @@ -1,2 +1,2 @@ SRC_URI = "git://github.com/openbmc/ipmbbridge.git" -SRCREV = "43c89138ea759b4e47f6cef481f677b9f421d148" +SRCREV = "a86059348fe133725f4616f3e46ff0d555db4039" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-net_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-net_%.bbappend index 614133645..c82736781 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-net_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-net_%.bbappend @@ -3,7 +3,7 @@ inherit useradd # TODO: This should be removed, once up-stream bump up # issue is resolved SRC_URI += "git://github.com/openbmc/phosphor-net-ipmid" -SRCREV = "46bec0f60a201a644c1f3af4cec2f31da58a0595" +SRCREV = "2555e2ec1c5bd6636eb67a1a2cdf6b8b567772c9" USERADD_PACKAGES = "${PN}" # add a group called ipmi diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-node-manager-proxy_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-node-manager-proxy_git.bb index 9f657e39b..36d65fd72 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-node-manager-proxy_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-node-manager-proxy_git.bb @@ -3,7 +3,7 @@ DESCRIPTION = "The Node Manager Proxy provides a simple interface for communicat with Management Engine via IPMB" SRC_URI = "git://github.com/Intel-BMC/node-manager;protocol=ssh" -SRCREV = "ddba32d5ac94cdd8db19e18215535d7fe86675e6" +SRCREV = "de212d839bb515939bd089c66072e4fcf33b8653" PV = "0.1+git${SRCPV}" LICENSE = "Apache-2.0" |