From 816d793003e93c1e5eec0a2e90fbd8b9dde9f7a5 Mon Sep 17 00:00:00 2001 From: Ed Tanous Date: Mon, 15 Apr 2019 13:42:44 -0700 Subject: Update 4-15-19 Signed-off-by: Ed Tanous --- ...ep-consistent-MAC-and-IP-address-inbetwee.patch | 456 ------------ ...Pv6-Network-changes-to-configuration-file.patch | 210 ------ ...ing-channel-specific-privilege-to-network.patch | 800 --------------------- .../recipes-network/network/network_%.bbappend | 9 - ...ep-consistent-MAC-and-IP-address-inbetwee.patch | 456 ++++++++++++ ...Pv6-Network-changes-to-configuration-file.patch | 210 ++++++ ...ing-channel-specific-privilege-to-network.patch | 800 +++++++++++++++++++++ .../network/phosphor-network_%.bbappend | 9 + 8 files changed, 1475 insertions(+), 1475 deletions(-) delete mode 100644 meta-openbmc-mods/meta-common/recipes-network/network/network/0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch delete mode 100644 meta-openbmc-mods/meta-common/recipes-network/network/network/0002-IPv6-Network-changes-to-configuration-file.patch delete mode 100755 meta-openbmc-mods/meta-common/recipes-network/network/network/0003-Adding-channel-specific-privilege-to-network.patch delete mode 100644 meta-openbmc-mods/meta-common/recipes-network/network/network_%.bbappend create mode 100644 meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch create mode 100644 meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0002-IPv6-Network-changes-to-configuration-file.patch create mode 100755 meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0003-Adding-channel-specific-privilege-to-network.patch create mode 100644 meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network_%.bbappend (limited to 'meta-openbmc-mods/meta-common/recipes-network') diff --git a/meta-openbmc-mods/meta-common/recipes-network/network/network/0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch b/meta-openbmc-mods/meta-common/recipes-network/network/network/0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch deleted file mode 100644 index 03460302d..000000000 --- a/meta-openbmc-mods/meta-common/recipes-network/network/network/0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch +++ /dev/null @@ -1,456 +0,0 @@ -From 15f9ba436815307c1df7ace505e6f6ee04a4762b Mon Sep 17 00:00:00 2001 -From: David Cobbley -Date: Thu, 8 Mar 2018 12:18:00 -0800 -Subject: [PATCH 1/3] Patch to keep consistent MAC and IP address inbetween - power cycles - -Currently, your mac will reset upon AC cycle unless you ask systemd use -a MAC provided in your network configuration file. This will write your -randomly generate MAC to the config file upond first boot up. - -Change-Id: Id47d24c62e459cde101add18be2f46c0b010e7fe -Signed-off-by: David Cobbley -Signed-off-by: James Feist ---- - ethernet_interface.cpp | 4 +- - ethernet_interface.hpp | 360 +++++++++++++++++++++-------------------- - network_config.cpp | 22 +-- - 3 files changed, 195 insertions(+), 191 deletions(-) - -diff --git a/ethernet_interface.cpp b/ethernet_interface.cpp -index 3fd7835..fd09b7a 100644 ---- a/ethernet_interface.cpp -+++ b/ethernet_interface.cpp -@@ -200,8 +200,8 @@ InterfaceInfo EthernetInterface::getInterfaceInfo() const - * @return macaddress on success - */ - --std::string -- EthernetInterface::getMACAddress(const std::string& interfaceName) const -+std::string EthernetInterface::getMACAddress( -+ const std::string& interfaceName) - { - ifreq ifr{}; - char macAddress[mac_address::size]{}; -diff --git a/ethernet_interface.hpp b/ethernet_interface.hpp -index bfe1d54..d62ca34 100644 ---- a/ethernet_interface.hpp -+++ b/ethernet_interface.hpp -@@ -59,185 +59,187 @@ using VlanInterfaceMap = - */ - class EthernetInterface : public Ifaces - { -- public: -- EthernetInterface() = delete; -- EthernetInterface(const EthernetInterface&) = delete; -- EthernetInterface& operator=(const EthernetInterface&) = delete; -- EthernetInterface(EthernetInterface&&) = delete; -- EthernetInterface& operator=(EthernetInterface&&) = delete; -- virtual ~EthernetInterface() = default; -- -- /** @brief Constructor to put object onto bus at a dbus path. -- * @param[in] bus - Bus to attach to. -- * @param[in] objPath - Path to attach at. -- * @param[in] dhcpEnabled - is dhcp enabled(true/false). -- * @param[in] parent - parent object. -- * @param[in] emitSignal - true if the object added signal needs to be -- * send. -- */ -- EthernetInterface(sdbusplus::bus::bus& bus, const std::string& objPath, -- bool dhcpEnabled, Manager& parent, -- bool emitSignal = true); -- -- /** @brief Function to create ipaddress dbus object. -- * @param[in] addressType - Type of ip address. -- * @param[in] ipaddress- IP address. -- * @param[in] prefixLength - Length of prefix. -- * @param[in] gateway - Gateway ip address. -- */ -- -- void iP(IP::Protocol addressType, std::string ipaddress, -- uint8_t prefixLength, std::string gateway) override; -- -- /* @brief delete the dbus object of the given ipaddress. -- * @param[in] ipaddress - IP address. -- */ -- void deleteObject(const std::string& ipaddress); -- -- /* @brief delete the vlan dbus object of the given interface. -- * Also deletes the device file and the network file. -- * @param[in] interface - VLAN Interface. -- */ -- void deleteVLANObject(const std::string& interface); -- -- /* @brief creates the dbus object(IPaddres) given in the address list. -- * @param[in] addrs - address list for which dbus objects needs -- * to create. -- */ -- void createIPAddressObjects(); -- -- /* @brief Gets all the ip addresses. -- * @returns the list of ipaddress. -- */ -- const AddressMap& getAddresses() const -- { -- return addrs; -- } -- -- /** Set value of DHCPEnabled */ -- bool dHCPEnabled(bool value) override; -- -- /** @brief sets the MAC address. -- * @param[in] value - MAC address which needs to be set on the system. -- * @returns macAddress of the interface or throws an error. -- */ -- std::string mACAddress(std::string value) override; -- -- /** @brief sets the NTP servers. -- * @param[in] value - vector of NTP servers. -- */ -- ServerList nTPServers(ServerList value) override; -- -- /** @brief sets the DNS/nameservers. -- * @param[in] value - vector of DNS servers. -- */ -- ServerList nameservers(ServerList value) override; -- -- /** @brief create Vlan interface. -- * @param[in] id- VLAN identifier. -- */ -- void createVLAN(VlanId id); -- -- /** @brief load the vlan info from the system -- * and creates the ip address dbus objects. -- * @param[in] vlanID- VLAN identifier. -- */ -- void loadVLAN(VlanId vlanID); -- -- /** @brief write the network conf file with the in-memory objects. -- */ -- void writeConfigurationFile(); -- -- /** @brief delete all dbus objects. -- */ -- void deleteAll(); -- -- using EthernetInterfaceIntf::dHCPEnabled; -- using EthernetInterfaceIntf::interfaceName; -- using MacAddressIntf::mACAddress; -- -- /** @brief Absolute path of the resolv conf file */ -- static constexpr auto resolvConfFile = "/etc/resolv.conf"; -- -- protected: -- /** @brief get the info of the ethernet interface. -- * @return tuple having the link speed,autonegotiation,duplexmode . -- */ -- InterfaceInfo getInterfaceInfo() const; -- -- /* @brief delete the vlan interface from system. -- * @param[in] interface - vlan Interface. -- */ -- void deleteVLANFromSystem(const std::string& interface); -- -- /** @brief get the mac address of the interface. -- * @param[in] interfaceName - Network interface name. -- * @return macaddress on success -- */ -- -- std::string getMACAddress(const std::string& interfaceName) const; -- -- /** @brief construct the ip address dbus object path. -- * @param[in] addressType - Type of ip address. -- * @param[in] ipaddress - IP address. -- * @param[in] prefixLength - Length of prefix. -- * @param[in] gateway - Gateway address. -- -- * @return path of the address object. -- */ -- -- std::string generateObjectPath(IP::Protocol addressType, -- const std::string& ipaddress, -- uint8_t prefixLength, -- const std::string& gateway) const; -- -- /** @brief generates the id by doing hash of ipaddress, -- * prefixlength and the gateway. -- * @param[in] ipaddress - IP address. -- * @param[in] prefixLength - Length of prefix. -- * @param[in] gateway - Gateway address. -- * @return hash string. -- */ -- -- static std::string generateId(const std::string& ipaddress, -- uint8_t prefixLength, -- const std::string& gateway); -- -- /** @brief write the dhcp section **/ -- void writeDHCPSection(std::fstream& stream); -- -- /** @brief get the NTP server list from the network conf -- * -- */ -- ServerList getNTPServersFromConf(); -- -- /** @brief write the DNS entries to resolver file. -- * @param[in] dnsList - DNS server list which needs to be written. -- * @param[in] file - File to write the name server entries to. -- */ -- void writeDNSEntries(const ServerList& dnsList, const std::string& file); -- -- /** @brief get the name server details from the network conf -- * -- */ -- ServerList getNameServerFromConf(); -- -- /** @brief Persistent sdbusplus DBus bus connection. */ -- sdbusplus::bus::bus& bus; -- -- /** @brief Network Manager object. */ -- Manager& manager; -- -- /** @brief Persistent map of IPAddress dbus objects and their names */ -- AddressMap addrs; -- -- /** @brief Persistent map of VLAN interface dbus objects and their names */ -- VlanInterfaceMap vlanInterfaces; -- -- /** @brief Dbus object path */ -- std::string objPath; -- -- friend class TestEthernetInterface; -+ public: -+ EthernetInterface() = delete; -+ EthernetInterface(const EthernetInterface&) = delete; -+ EthernetInterface& operator=(const EthernetInterface&) = delete; -+ EthernetInterface(EthernetInterface&&) = delete; -+ EthernetInterface& operator=(EthernetInterface&&) = delete; -+ virtual ~EthernetInterface() = default; -+ -+ /** @brief Constructor to put object onto bus at a dbus path. -+ * @param[in] bus - Bus to attach to. -+ * @param[in] objPath - Path to attach at. -+ * @param[in] dhcpEnabled - is dhcp enabled(true/false). -+ * @param[in] parent - parent object. -+ * @param[in] emitSignal - true if the object added signal needs to be -+ * send. -+ */ -+ EthernetInterface(sdbusplus::bus::bus& bus, -+ const std::string& objPath, -+ bool dhcpEnabled, -+ Manager& parent, -+ bool emitSignal = true); -+ -+ /** @brief Function to create ipaddress dbus object. -+ * @param[in] addressType - Type of ip address. -+ * @param[in] ipaddress- IP address. -+ * @param[in] prefixLength - Length of prefix. -+ * @param[in] gateway - Gateway ip address. -+ */ -+ -+ void iP(IP::Protocol addressType, -+ std::string ipaddress, -+ uint8_t prefixLength, -+ std::string gateway) override; -+ -+ /* @brief delete the dbus object of the given ipaddress. -+ * @param[in] ipaddress - IP address. -+ */ -+ void deleteObject(const std::string& ipaddress); -+ -+ /* @brief delete the vlan dbus object of the given interface. -+ * Also deletes the device file and the network file. -+ * @param[in] interface - VLAN Interface. -+ */ -+ void deleteVLANObject(const std::string& interface); -+ -+ /* @brief creates the dbus object(IPaddres) given in the address list. -+ * @param[in] addrs - address list for which dbus objects needs -+ * to create. -+ */ -+ void createIPAddressObjects(); -+ -+ /* @brief Gets all the ip addresses. -+ * @returns the list of ipaddress. -+ */ -+ const AddressMap& getAddresses() const { return addrs; } -+ -+ /** Set value of DHCPEnabled */ -+ bool dHCPEnabled(bool value) override; -+ -+ /** @brief sets the MAC address. -+ * @param[in] value - MAC address which needs to be set on the system. -+ * @returns macAddress of the interface or throws an error. -+ */ -+ std::string mACAddress(std::string value) override; -+ -+ /** @brief sets the NTP servers. -+ * @param[in] value - vector of NTP servers. -+ */ -+ ServerList nTPServers(ServerList value) override; -+ -+ /** @brief sets the DNS/nameservers. -+ * @param[in] value - vector of DNS servers. -+ */ -+ ServerList nameservers(ServerList value) override; -+ -+ /** @brief create Vlan interface. -+ * @param[in] id- VLAN identifier. -+ */ -+ void createVLAN(VlanId id); -+ -+ /** @brief load the vlan info from the system -+ * and creates the ip address dbus objects. -+ * @param[in] vlanID- VLAN identifier. -+ */ -+ void loadVLAN(VlanId vlanID); -+ -+ /** @brief write the network conf file with the in-memory objects. -+ */ -+ void writeConfigurationFile(); -+ -+ /** @brief delete all dbus objects. -+ */ -+ void deleteAll(); -+ -+ /** @brief get the mac address of the interface. -+ * @param[in] interfaceName - Network interface name. -+ * @return macaddress on success -+ */ -+ -+ static std::string getMACAddress(const std::string& interfaceName); -+ -+ using EthernetInterfaceIntf::dHCPEnabled; -+ using EthernetInterfaceIntf::interfaceName; -+ using MacAddressIntf::mACAddress; -+ -+ /** @brief Absolute path of the resolv conf file */ -+ static constexpr auto resolvConfFile = "/etc/resolv.conf"; -+ -+ protected: -+ /** @brief get the info of the ethernet interface. -+ * @return tuple having the link speed,autonegotiation,duplexmode . -+ */ -+ InterfaceInfo getInterfaceInfo() const; -+ -+ /* @brief delete the vlan interface from system. -+ * @param[in] interface - vlan Interface. -+ */ -+ void deleteVLANFromSystem(const std::string& interface); -+ -+ /** @brief construct the ip address dbus object path. -+ * @param[in] addressType - Type of ip address. -+ * @param[in] ipaddress - IP address. -+ * @param[in] prefixLength - Length of prefix. -+ * @param[in] gateway - Gateway address. -+ -+ * @return path of the address object. -+ */ -+ -+ std::string generateObjectPath(IP::Protocol addressType, -+ const std::string& ipaddress, -+ uint8_t prefixLength, -+ const std::string& gateway) const; -+ -+ /** @brief generates the id by doing hash of ipaddress, -+ * prefixlength and the gateway. -+ * @param[in] ipaddress - IP address. -+ * @param[in] prefixLength - Length of prefix. -+ * @param[in] gateway - Gateway address. -+ * @return hash string. -+ */ -+ -+ static std::string generateId(const std::string& ipaddress, -+ uint8_t prefixLength, -+ const std::string& gateway); -+ -+ /** @brief write the dhcp section **/ -+ void writeDHCPSection(std::fstream& stream);; -+ -+ /** @brief get the NTP server list from the network conf -+ * -+ */ -+ ServerList getNTPServersFromConf(); -+ -+ /** @brief write the DNS entries to resolver file. -+ * @param[in] dnsList - DNS server list which needs to be written. -+ * @param[in] file - File to write the name server entries to. -+ */ -+ void writeDNSEntries(const ServerList& dnsList, -+ const std::string& file); -+ -+ /** @brief get the name server details from the network conf -+ * -+ */ -+ ServerList getNameServerFromConf(); -+ -+ /** @brief Persistent sdbusplus DBus bus connection. */ -+ sdbusplus::bus::bus& bus; -+ -+ /** @brief Network Manager object. */ -+ Manager& manager; -+ -+ /** @brief Persistent map of IPAddress dbus objects and their names */ -+ AddressMap addrs; -+ -+ /** @brief Persistent map of VLAN interface dbus objects and their names */ -+ VlanInterfaceMap vlanInterfaces; -+ -+ /** @brief Dbus object path */ -+ std::string objPath; -+ -+ friend class TestEthernetInterface; - }; - - } // namespace network -diff --git a/network_config.cpp b/network_config.cpp -index e83b16c..8ebad54 100644 ---- a/network_config.cpp -+++ b/network_config.cpp -@@ -1,3 +1,5 @@ -+#include "network_config.hpp" -+#include "ethernet_interface.hpp" - #include "config.h" - - #include "network_config.hpp" -@@ -5,27 +7,27 @@ - #include - #include - --namespace phosphor --{ --namespace network --{ -+namespace phosphor { -+namespace network { - --namespace bmc --{ --void writeDHCPDefault(const std::string& filename, const std::string& interface) -+namespace bmc { -+void writeDHCPDefault(const std::string &filename, const std::string &interface) - { -+ - std::ofstream filestream; - - filestream.open(filename); - filestream << "[Match]\nName=" << interface << -- "\n[Network]\nDHCP=true\n" -+ "\n[Network]\nDHCP=true\n" - #ifdef LINK_LOCAL_AUTOCONFIGURATION - "LinkLocalAddressing=yes\n" - #else - "LinkLocalAddressing=no\n" - #endif -- "IPv6AcceptRA=false\n" -- "[DHCP]\nClientIdentifier=mac\n"; -+ "IPv6AcceptRA=false\n" -+ "[DHCP]\nClientIdentifier=mac\n" -+ "[Link]\nMACAddress=" -+ << EthernetInterface::getMACAddress(interface) << "\n"; - filestream.close(); - } - } // namespace bmc --- -2.17.1 - diff --git a/meta-openbmc-mods/meta-common/recipes-network/network/network/0002-IPv6-Network-changes-to-configuration-file.patch b/meta-openbmc-mods/meta-common/recipes-network/network/network/0002-IPv6-Network-changes-to-configuration-file.patch deleted file mode 100644 index 251f68319..000000000 --- a/meta-openbmc-mods/meta-common/recipes-network/network/network/0002-IPv6-Network-changes-to-configuration-file.patch +++ /dev/null @@ -1,210 +0,0 @@ -From ebb359773b8a5c03a25c3a48c5080bb246c07c71 Mon Sep 17 00:00:00 2001 -From: David Cobbley -Date: Wed, 6 Jun 2018 11:11:43 -0700 -Subject: [PATCH 2/3] IPv6 Network changes to configuration file - -Allow Additional parameters to be set for IPv6 - -Change-Id: If662f1ce2d265bc525073890c49231bf6f2b8a30 ---- - ethernet_interface.cpp | 109 +++++++++++++++++++++++++++++++++++++++-- - ethernet_interface.hpp | 19 ++++++- - util.cpp | 3 +- - 3 files changed, 124 insertions(+), 7 deletions(-) - -diff --git a/ethernet_interface.cpp b/ethernet_interface.cpp -index fd09b7a..63f1160 100644 ---- a/ethernet_interface.cpp -+++ b/ethernet_interface.cpp -@@ -46,6 +46,8 @@ EthernetInterface::EthernetInterface(sdbusplus::bus::bus& bus, - std::replace(intfName.begin(), intfName.end(), '_', '.'); - interfaceName(intfName); - EthernetInterfaceIntf::dHCPEnabled(dhcpEnabled); -+ EthernetInterfaceIntf::iPAddressEnables(getIPAddressEnablesFromConf()); -+ EthernetInterfaceIntf::iPv6AcceptRA(getIPv6AcceptRAFromConf()); - MacAddressIntf::mACAddress(getMACAddress(intfName)); - EthernetInterfaceIntf::nTPServers(getNTPServersFromConf()); - EthernetInterfaceIntf::nameservers(getNameServerFromConf()); -@@ -322,7 +324,16 @@ std::string EthernetInterface::generateObjectPath( - objectPath /= generateId(ipaddress, prefixLength, gateway); - return objectPath.string(); - } -- -+bool EthernetInterface::iPv6AcceptRA(bool value) -+{ -+ if (value == EthernetInterfaceIntf::iPv6AcceptRA()) -+ { -+ return value; -+ } -+ EthernetInterfaceIntf::iPv6AcceptRA(value); -+ manager.writeToConfigurationFile(); -+ return value; -+} - bool EthernetInterface::dHCPEnabled(bool value) - { - if (value == EthernetInterfaceIntf::dHCPEnabled()) -@@ -433,7 +444,80 @@ void EthernetInterface::createVLAN(VlanId id) - // write the new vlan device entry to the configuration(network) file. - manager.writeToConfigurationFile(); - } -+bool EthernetInterface::getIPv6AcceptRAFromConf() -+{ -+ fs::path confPath = manager.getConfDir(); -+ -+ std::string fileName = systemd::config::networkFilePrefix + -+ interfaceName() + systemd::config::networkFileSuffix; -+ confPath /= fileName; -+ config::ValueList values; -+ config::Parser parser(confPath.string()); -+ auto rc = config::ReturnCode::SUCCESS; -+ std::tie(rc, values) = parser.getValues("Network", "IPv6AcceptRA"); -+ if (rc != config::ReturnCode::SUCCESS) -+ { -+ log("Unable to get the value for Network[IPv6AcceptRA]", -+ entry("rc=%d", rc)); -+ return false; -+ } -+ if (values[0] == "true") -+ { -+ return true; -+ } -+ -+ return false; -+} -+EthernetInterface::IPAllowed EthernetInterface::getIPAddressEnablesFromConf() -+{ -+ fs::path confPath = manager.getConfDir(); -+ -+ std::string fileName = systemd::config::networkFilePrefix + -+ interfaceName() + systemd::config::networkFileSuffix; -+ confPath /= fileName; -+ config::ValueList values; -+ config::Parser parser(confPath.string()); -+ auto rc = config::ReturnCode::SUCCESS; -+ std::tie(rc, values) = parser.getValues("Network", "DHCP"); -+ if (rc != config::ReturnCode::SUCCESS) -+ { -+ log("Unable to get the value for Network[DHCP]", -+ entry("rc=%d", rc)); -+ return EthernetInterface::IPAllowed::IPv4AndIPv6; -+ } -+ // true, false, ipv4, ipv6 -+ if (values[0] == "ipv6") -+ { -+ return EthernetInterface::IPAllowed::IPv6Only; -+ } -+ else if (values[0] == "ipv4") -+ { -+ return EthernetInterface::IPAllowed::IPv4Only; -+ } -+ else if (values[0] == "off") -+ { -+ // This function should not get called if DHCP == off -+ log("Function not available in static mode"); -+ return EthernetInterface::IPAllowed::IPv4AndIPv6; -+ } -+ else -+ { -+ return EthernetInterface::IPAllowed::IPv4AndIPv6; -+ } -+} -+EthernetInterface::IPAllowed -+ EthernetInterface::iPAddressEnables(EthernetInterface::IPAllowed iPAllowed) -+{ -+ if (iPAllowed == EthernetInterfaceIntf::iPAddressEnables()) -+ { -+ return iPAllowed; -+ } -+ -+ EthernetInterfaceIntf::iPAddressEnables(iPAllowed); -+ writeConfigurationFile(); - -+ return iPAllowed; -+} - ServerList EthernetInterface::getNTPServersFromConf() - { - fs::path confPath = manager.getConfDir(); -@@ -515,7 +599,8 @@ void EthernetInterface::writeConfigurationFile() - #else - stream << "LinkLocalAddressing=no\n"; - #endif -- stream << "IPv6AcceptRA=false\n"; -+ stream << std::boolalpha -+ << "IPv6AcceptRA=" << EthernetInterfaceIntf::iPv6AcceptRA() << "\n"; - - // Add the VLAN entry - for (const auto& intf : vlanInterfaces) -@@ -524,8 +609,24 @@ void EthernetInterface::writeConfigurationFile() - << "\n"; - } - // Add the DHCP entry -- auto value = dHCPEnabled() ? "true"s : "false"s; -- stream << "DHCP="s + value + "\n"; -+ std::string dhcpValue = "false"; -+ if (dHCPEnabled()) -+ { -+ IPAllowed ipAllowed = EthernetInterfaceIntf::iPAddressEnables(); -+ if (ipAllowed == IPAllowed::IPv4AndIPv6) -+ { -+ dhcpValue = "true"; -+ } -+ else if (ipAllowed == IPAllowed::IPv4Only) -+ { -+ dhcpValue = "ipv4"; -+ } -+ else if (ipAllowed == IPAllowed::IPv6Only) -+ { -+ dhcpValue = "ipv6"; -+ } -+ } -+ stream << "DHCP=" << dhcpValue << "\n"; - - // When the interface configured as dhcp, we don't need below given entries - // in config file. -diff --git a/ethernet_interface.hpp b/ethernet_interface.hpp -index d62ca34..7116b47 100644 ---- a/ethernet_interface.hpp -+++ b/ethernet_interface.hpp -@@ -205,7 +205,24 @@ class EthernetInterface : public Ifaces - const std::string& gateway); - - /** @brief write the dhcp section **/ -- void writeDHCPSection(std::fstream& stream);; -+ void writeDHCPSection(std::fstream& stream); -+ -+ /** @brief get the IPv6AcceptRA flag from the network configuration file -+ * -+ */ -+ bool getIPv6AcceptRAFromConf(); -+ -+ /** @brief check conf file for Router Advertisements -+ * -+ */ -+ bool iPv6AcceptRA(bool value) override; -+ -+ /** @brief get the allowed network modes. Similar to DHCP enabled, but -+ * more specific -+ */ -+ IPAllowed getIPAddressEnablesFromConf(); -+ -+ IPAllowed iPAddressEnables(IPAllowed) override; - - /** @brief get the NTP server list from the network conf - * -diff --git a/util.cpp b/util.cpp -index b66f908..9f06e2e 100644 ---- a/util.cpp -+++ b/util.cpp -@@ -405,8 +405,7 @@ bool getDHCPValue(const std::string& confDir, const std::string& intf) - entry("RC=%d", rc)); - return dhcp; - } -- // There will be only single value for DHCP key. -- if (values[0] == "true") -+ if (values[0] != "false") - { - dhcp = true; - } --- -2.17.1 - diff --git a/meta-openbmc-mods/meta-common/recipes-network/network/network/0003-Adding-channel-specific-privilege-to-network.patch b/meta-openbmc-mods/meta-common/recipes-network/network/network/0003-Adding-channel-specific-privilege-to-network.patch deleted file mode 100755 index 4610b8b32..000000000 --- a/meta-openbmc-mods/meta-common/recipes-network/network/network/0003-Adding-channel-specific-privilege-to-network.patch +++ /dev/null @@ -1,800 +0,0 @@ -From 64fff77b31de705a42c5061e9d14946255c6aca1 Mon Sep 17 00:00:00 2001 -From: AppaRao Puli -Date: Wed, 5 Sep 2018 14:16:54 +0530 -Subject: [PATCH] Adding channel specific privilege to network - - - Adding the channel access information to the network - interface object. This privilege will be used in - channel specific authorization. - - Get supported priv from user manager service dynamically. - - Signal handling for capturing the supported priv list - changes from user managerment. - -Tested-by: -Verified channel access through ipmitool get/set channel -access command - -Change-Id: I3b592a19363eef684e31d5f7c34dad8f2f9211df -Signed-off-by: AppaRao Puli -Signed-off-by: Yong Li ---- - ethernet_interface.cpp | 119 +++++++++++++- - ethernet_interface.hpp | 433 ++++++++++++++++++++++++++----------------------- - network_manager.cpp | 104 ++++++++++++ - network_manager.hpp | 9 + - 4 files changed, 464 insertions(+), 201 deletions(-) - -diff --git a/ethernet_interface.cpp b/ethernet_interface.cpp -index 9437b4c..6d23b3d 100644 ---- a/ethernet_interface.cpp -+++ b/ethernet_interface.cpp -@@ -35,6 +35,9 @@ using namespace phosphor::logging; - using namespace sdbusplus::xyz::openbmc_project::Common::Error; - using Argument = xyz::openbmc_project::Common::InvalidArgument; - -+static constexpr const char* networkChannelCfgFile = -+ "/var/channel_intf_data.json"; -+static constexpr const char* defaultChannelPriv = "priv-admin"; - EthernetInterface::EthernetInterface(sdbusplus::bus::bus& bus, - const std::string& objPath, - bool dhcpEnabled, Manager& parent, -@@ -51,6 +54,7 @@ EthernetInterface::EthernetInterface(sdbusplus::bus::bus& bus, - MacAddressIntf::mACAddress(getMACAddress(intfName)); - EthernetInterfaceIntf::nTPServers(getNTPServersFromConf()); - EthernetInterfaceIntf::nameservers(getNameServerFromConf()); -+ getChannelPrivilege(intfName); - - // Emit deferred signal. - if (emitSignal) -@@ -208,8 +212,7 @@ InterfaceInfo EthernetInterface::getInterfaceInfo() const - * @return macaddress on success - */ - --std::string EthernetInterface::getMACAddress( -- const std::string& interfaceName) -+std::string EthernetInterface::getMACAddress(const std::string& interfaceName) - { - ifreq ifr{}; - char macAddress[mac_address::size]{}; -@@ -829,5 +832,117 @@ void EthernetInterface::deleteAll() - manager.writeToConfigurationFile(); - } - -+nlohmann::json EthernetInterface::readJsonFile(const std::string& configFile) -+{ -+ std::ifstream jsonFile(configFile); -+ if (!jsonFile.good()) -+ { -+ log("JSON file not found"); -+ return nullptr; -+ } -+ -+ nlohmann::json data = nullptr; -+ try -+ { -+ data = nlohmann::json::parse(jsonFile, nullptr, false); -+ } -+ catch (nlohmann::json::parse_error& e) -+ { -+ log("Corrupted channel config.", -+ entry("MSG: %s", e.what())); -+ throw std::runtime_error("Corrupted channel config file"); -+ } -+ -+ return data; -+} -+ -+int EthernetInterface::writeJsonFile(const std::string& configFile, -+ const nlohmann::json& jsonData) -+{ -+ std::ofstream jsonFile(configFile); -+ if (!jsonFile.good()) -+ { -+ log("JSON file open failed", -+ entry("FILE=%s", networkChannelCfgFile)); -+ return -1; -+ } -+ -+ // Write JSON to file -+ jsonFile << jsonData; -+ -+ jsonFile.flush(); -+ return 0; -+} -+ -+std::string -+ EthernetInterface::getChannelPrivilege(const std::string& interfaceName) -+{ -+ std::string priv(defaultChannelPriv); -+ std::string retPriv; -+ -+ nlohmann::json jsonData = readJsonFile(networkChannelCfgFile); -+ if (jsonData != nullptr) -+ { -+ try -+ { -+ priv = jsonData[interfaceName].get(); -+ retPriv = ChannelAccessIntf::maxPrivilege(std::move(priv)); -+ return retPriv; -+ } -+ catch (const nlohmann::json::exception& e) -+ { -+ jsonData[interfaceName] = priv; -+ } -+ } -+ else -+ { -+ jsonData[interfaceName] = priv; -+ } -+ -+ if (writeJsonFile(networkChannelCfgFile, jsonData) != 0) -+ { -+ log("Error in write JSON data to file", -+ entry("FILE=%s", networkChannelCfgFile)); -+ elog(); -+ } -+ -+ retPriv = ChannelAccessIntf::maxPrivilege(std::move(priv)); -+ -+ return retPriv; -+} -+ -+std::string EthernetInterface::maxPrivilege(std::string priv) -+{ -+ std::string intfName = interfaceName(); -+ -+ if (!priv.empty() && (std::find(manager.supportedPrivList.begin(), -+ manager.supportedPrivList.end(), -+ priv) == manager.supportedPrivList.end())) -+ { -+ log("Invalid privilege"); -+ elog(Argument::ARGUMENT_NAME("Privilege"), -+ Argument::ARGUMENT_VALUE(priv.c_str())); -+ } -+ -+ if (ChannelAccessIntf::maxPrivilege() == priv) -+ { -+ // No change in privilege so just return. -+ return priv; -+ } -+ -+ nlohmann::json jsonData = readJsonFile(networkChannelCfgFile); -+ jsonData[intfName] = priv; -+ -+ if (writeJsonFile(networkChannelCfgFile, jsonData) != 0) -+ { -+ log("Error in write JSON data to file", -+ entry("FILE=%s", networkChannelCfgFile)); -+ elog(); -+ } -+ -+ // Property change signal will be sent -+ return ChannelAccessIntf::maxPrivilege(std::move(priv)); -+} -+ - } // namespace network - } // namespace phosphor -diff --git a/ethernet_interface.hpp b/ethernet_interface.hpp -index 7116b47..7b1da9a 100644 ---- a/ethernet_interface.hpp -+++ b/ethernet_interface.hpp -@@ -2,10 +2,13 @@ - - #include "types.hpp" - #include "util.hpp" -+#include "xyz/openbmc_project/Channel/ChannelAccess/server.hpp" - #include "xyz/openbmc_project/Network/IP/Create/server.hpp" - - #include -+#include - #include -+#include - #include - #include - #include -@@ -21,7 +24,8 @@ using Ifaces = sdbusplus::server::object::object< - sdbusplus::xyz::openbmc_project::Network::server::EthernetInterface, - sdbusplus::xyz::openbmc_project::Network::server::MACAddress, - sdbusplus::xyz::openbmc_project::Network::IP::server::Create, -- sdbusplus::xyz::openbmc_project::Collection::server::DeleteAll>; -+ sdbusplus::xyz::openbmc_project::Collection::server::DeleteAll, -+ sdbusplus::xyz::openbmc_project::Channel::server::ChannelAccess>; - - using IP = sdbusplus::xyz::openbmc_project::Network::server::IP; - -@@ -29,9 +33,14 @@ using EthernetInterfaceIntf = - sdbusplus::xyz::openbmc_project::Network::server::EthernetInterface; - using MacAddressIntf = - sdbusplus::xyz::openbmc_project::Network::server::MACAddress; -+using ChannelAccessIntf = -+ sdbusplus::xyz::openbmc_project::Channel::server::ChannelAccess; - - using ServerList = std::vector; - -+using DbusVariant = -+ sdbusplus::message::variant>; -+ - namespace fs = std::experimental::filesystem; - - class Manager; // forward declaration of network manager. -@@ -59,204 +68,230 @@ using VlanInterfaceMap = - */ - class EthernetInterface : public Ifaces - { -- public: -- EthernetInterface() = delete; -- EthernetInterface(const EthernetInterface&) = delete; -- EthernetInterface& operator=(const EthernetInterface&) = delete; -- EthernetInterface(EthernetInterface&&) = delete; -- EthernetInterface& operator=(EthernetInterface&&) = delete; -- virtual ~EthernetInterface() = default; -- -- /** @brief Constructor to put object onto bus at a dbus path. -- * @param[in] bus - Bus to attach to. -- * @param[in] objPath - Path to attach at. -- * @param[in] dhcpEnabled - is dhcp enabled(true/false). -- * @param[in] parent - parent object. -- * @param[in] emitSignal - true if the object added signal needs to be -- * send. -- */ -- EthernetInterface(sdbusplus::bus::bus& bus, -- const std::string& objPath, -- bool dhcpEnabled, -- Manager& parent, -- bool emitSignal = true); -- -- /** @brief Function to create ipaddress dbus object. -- * @param[in] addressType - Type of ip address. -- * @param[in] ipaddress- IP address. -- * @param[in] prefixLength - Length of prefix. -- * @param[in] gateway - Gateway ip address. -- */ -- -- void iP(IP::Protocol addressType, -- std::string ipaddress, -- uint8_t prefixLength, -- std::string gateway) override; -- -- /* @brief delete the dbus object of the given ipaddress. -- * @param[in] ipaddress - IP address. -- */ -- void deleteObject(const std::string& ipaddress); -- -- /* @brief delete the vlan dbus object of the given interface. -- * Also deletes the device file and the network file. -- * @param[in] interface - VLAN Interface. -- */ -- void deleteVLANObject(const std::string& interface); -- -- /* @brief creates the dbus object(IPaddres) given in the address list. -- * @param[in] addrs - address list for which dbus objects needs -- * to create. -- */ -- void createIPAddressObjects(); -- -- /* @brief Gets all the ip addresses. -- * @returns the list of ipaddress. -- */ -- const AddressMap& getAddresses() const { return addrs; } -- -- /** Set value of DHCPEnabled */ -- bool dHCPEnabled(bool value) override; -- -- /** @brief sets the MAC address. -- * @param[in] value - MAC address which needs to be set on the system. -- * @returns macAddress of the interface or throws an error. -- */ -- std::string mACAddress(std::string value) override; -- -- /** @brief sets the NTP servers. -- * @param[in] value - vector of NTP servers. -- */ -- ServerList nTPServers(ServerList value) override; -- -- /** @brief sets the DNS/nameservers. -- * @param[in] value - vector of DNS servers. -- */ -- ServerList nameservers(ServerList value) override; -- -- /** @brief create Vlan interface. -- * @param[in] id- VLAN identifier. -- */ -- void createVLAN(VlanId id); -- -- /** @brief load the vlan info from the system -- * and creates the ip address dbus objects. -- * @param[in] vlanID- VLAN identifier. -- */ -- void loadVLAN(VlanId vlanID); -- -- /** @brief write the network conf file with the in-memory objects. -- */ -- void writeConfigurationFile(); -- -- /** @brief delete all dbus objects. -- */ -- void deleteAll(); -- -- /** @brief get the mac address of the interface. -- * @param[in] interfaceName - Network interface name. -- * @return macaddress on success -- */ -- -- static std::string getMACAddress(const std::string& interfaceName); -- -- using EthernetInterfaceIntf::dHCPEnabled; -- using EthernetInterfaceIntf::interfaceName; -- using MacAddressIntf::mACAddress; -- -- /** @brief Absolute path of the resolv conf file */ -- static constexpr auto resolvConfFile = "/etc/resolv.conf"; -- -- protected: -- /** @brief get the info of the ethernet interface. -- * @return tuple having the link speed,autonegotiation,duplexmode . -- */ -- InterfaceInfo getInterfaceInfo() const; -- -- /* @brief delete the vlan interface from system. -- * @param[in] interface - vlan Interface. -- */ -- void deleteVLANFromSystem(const std::string& interface); -- -- /** @brief construct the ip address dbus object path. -- * @param[in] addressType - Type of ip address. -- * @param[in] ipaddress - IP address. -- * @param[in] prefixLength - Length of prefix. -- * @param[in] gateway - Gateway address. -- -- * @return path of the address object. -- */ -- -- std::string generateObjectPath(IP::Protocol addressType, -- const std::string& ipaddress, -- uint8_t prefixLength, -- const std::string& gateway) const; -- -- /** @brief generates the id by doing hash of ipaddress, -- * prefixlength and the gateway. -- * @param[in] ipaddress - IP address. -- * @param[in] prefixLength - Length of prefix. -- * @param[in] gateway - Gateway address. -- * @return hash string. -- */ -- -- static std::string generateId(const std::string& ipaddress, -- uint8_t prefixLength, -- const std::string& gateway); -- -- /** @brief write the dhcp section **/ -- void writeDHCPSection(std::fstream& stream); -- -- /** @brief get the IPv6AcceptRA flag from the network configuration file -- * -- */ -- bool getIPv6AcceptRAFromConf(); -- -- /** @brief check conf file for Router Advertisements -- * -- */ -- bool iPv6AcceptRA(bool value) override; -- -- /** @brief get the allowed network modes. Similar to DHCP enabled, but -- * more specific -- */ -- IPAllowed getIPAddressEnablesFromConf(); -- -- IPAllowed iPAddressEnables(IPAllowed) override; -- -- /** @brief get the NTP server list from the network conf -- * -- */ -- ServerList getNTPServersFromConf(); -- -- /** @brief write the DNS entries to resolver file. -- * @param[in] dnsList - DNS server list which needs to be written. -- * @param[in] file - File to write the name server entries to. -- */ -- void writeDNSEntries(const ServerList& dnsList, -- const std::string& file); -- -- /** @brief get the name server details from the network conf -- * -- */ -- ServerList getNameServerFromConf(); -- -- /** @brief Persistent sdbusplus DBus bus connection. */ -- sdbusplus::bus::bus& bus; -- -- /** @brief Network Manager object. */ -- Manager& manager; -- -- /** @brief Persistent map of IPAddress dbus objects and their names */ -- AddressMap addrs; -- -- /** @brief Persistent map of VLAN interface dbus objects and their names */ -- VlanInterfaceMap vlanInterfaces; -- -- /** @brief Dbus object path */ -- std::string objPath; -- -- friend class TestEthernetInterface; -+ public: -+ EthernetInterface() = delete; -+ EthernetInterface(const EthernetInterface&) = delete; -+ EthernetInterface& operator=(const EthernetInterface&) = delete; -+ EthernetInterface(EthernetInterface&&) = delete; -+ EthernetInterface& operator=(EthernetInterface&&) = delete; -+ virtual ~EthernetInterface() = default; -+ -+ /** @brief Constructor to put object onto bus at a dbus path. -+ * @param[in] bus - Bus to attach to. -+ * @param[in] objPath - Path to attach at. -+ * @param[in] dhcpEnabled - is dhcp enabled(true/false). -+ * @param[in] parent - parent object. -+ * @param[in] emitSignal - true if the object added signal needs to be -+ * send. -+ */ -+ EthernetInterface(sdbusplus::bus::bus& bus, const std::string& objPath, -+ bool dhcpEnabled, Manager& parent, -+ bool emitSignal = true); -+ -+ /** @brief Function to create ipaddress dbus object. -+ * @param[in] addressType - Type of ip address. -+ * @param[in] ipaddress- IP address. -+ * @param[in] prefixLength - Length of prefix. -+ * @param[in] gateway - Gateway ip address. -+ */ -+ -+ void iP(IP::Protocol addressType, std::string ipaddress, -+ uint8_t prefixLength, std::string gateway) override; -+ -+ /* @brief delete the dbus object of the given ipaddress. -+ * @param[in] ipaddress - IP address. -+ */ -+ void deleteObject(const std::string& ipaddress); -+ -+ /* @brief delete the vlan dbus object of the given interface. -+ * Also deletes the device file and the network file. -+ * @param[in] interface - VLAN Interface. -+ */ -+ void deleteVLANObject(const std::string& interface); -+ -+ /* @brief creates the dbus object(IPaddres) given in the address list. -+ * @param[in] addrs - address list for which dbus objects needs -+ * to create. -+ */ -+ void createIPAddressObjects(); -+ -+ /* @brief Gets all the ip addresses. -+ * @returns the list of ipaddress. -+ */ -+ const AddressMap& getAddresses() const -+ { -+ return addrs; -+ } -+ -+ /** Set value of DHCPEnabled */ -+ bool dHCPEnabled(bool value) override; -+ -+ /** @brief sets the MAC address. -+ * @param[in] value - MAC address which needs to be set on the system. -+ * @returns macAddress of the interface or throws an error. -+ */ -+ std::string mACAddress(std::string value) override; -+ -+ /** @brief sets the NTP servers. -+ * @param[in] value - vector of NTP servers. -+ */ -+ ServerList nTPServers(ServerList value) override; -+ -+ /** @brief sets the DNS/nameservers. -+ * @param[in] value - vector of DNS servers. -+ */ -+ ServerList nameservers(ServerList value) override; -+ -+ /** @brief create Vlan interface. -+ * @param[in] id- VLAN identifier. -+ */ -+ void createVLAN(VlanId id); -+ -+ /** @brief load the vlan info from the system -+ * and creates the ip address dbus objects. -+ * @param[in] vlanID- VLAN identifier. -+ */ -+ void loadVLAN(VlanId vlanID); -+ -+ /** @brief write the network conf file with the in-memory objects. -+ */ -+ void writeConfigurationFile(); -+ -+ /** @brief delete all dbus objects. -+ */ -+ void deleteAll(); -+ -+ /** @brief get the mac address of the interface. -+ * @param[in] interfaceName - Network interface name. -+ * @return macaddress on success -+ */ -+ -+ static std::string getMACAddress(const std::string& interfaceName); -+ -+ /** @brief sets the channel maxium privilege. -+ * @param[in] value - Channel privilege which needs to be set on the -+ * system. -+ * @returns privilege of the interface or throws an error. -+ */ -+ std::string maxPrivilege(std::string value) override; -+ -+ using ChannelAccessIntf::maxPrivilege; -+ using EthernetInterfaceIntf::dHCPEnabled; -+ using EthernetInterfaceIntf::interfaceName; -+ using MacAddressIntf::mACAddress; -+ -+ /** @brief Absolute path of the resolv conf file */ -+ static constexpr auto resolvConfFile = "/etc/resolv.conf"; -+ -+ protected: -+ /** @brief get the info of the ethernet interface. -+ * @return tuple having the link speed,autonegotiation,duplexmode . -+ */ -+ InterfaceInfo getInterfaceInfo() const; -+ -+ /* @brief delete the vlan interface from system. -+ * @param[in] interface - vlan Interface. -+ */ -+ void deleteVLANFromSystem(const std::string& interface); -+ -+ /** @brief construct the ip address dbus object path. -+ * @param[in] addressType - Type of ip address. -+ * @param[in] ipaddress - IP address. -+ * @param[in] prefixLength - Length of prefix. -+ * @param[in] gateway - Gateway address. -+ -+ * @return path of the address object. -+ */ -+ -+ std::string generateObjectPath(IP::Protocol addressType, -+ const std::string& ipaddress, -+ uint8_t prefixLength, -+ const std::string& gateway) const; -+ -+ /** @brief generates the id by doing hash of ipaddress, -+ * prefixlength and the gateway. -+ * @param[in] ipaddress - IP address. -+ * @param[in] prefixLength - Length of prefix. -+ * @param[in] gateway - Gateway address. -+ * @return hash string. -+ */ -+ -+ static std::string generateId(const std::string& ipaddress, -+ uint8_t prefixLength, -+ const std::string& gateway); -+ -+ /** @brief write the dhcp section **/ -+ void writeDHCPSection(std::fstream& stream); -+ -+ /** @brief get the IPv6AcceptRA flag from the network configuration file -+ * -+ */ -+ bool getIPv6AcceptRAFromConf(); -+ -+ /** @brief check conf file for Router Advertisements -+ * -+ */ -+ bool iPv6AcceptRA(bool value) override; -+ -+ /** @brief get the allowed network modes. Similar to DHCP enabled, but -+ * more specific -+ */ -+ IPAllowed getIPAddressEnablesFromConf(); -+ -+ IPAllowed iPAddressEnables(IPAllowed) override; -+ -+ /** @brief get the NTP server list from the network conf -+ * -+ */ -+ ServerList getNTPServersFromConf(); -+ -+ /** @brief write the DNS entries to resolver file. -+ * @param[in] dnsList - DNS server list which needs to be written. -+ * @param[in] file - File to write the name server entries to. -+ */ -+ void writeDNSEntries(const ServerList& dnsList, const std::string& file); -+ -+ /** @brief get the name server details from the network conf -+ * -+ */ -+ ServerList getNameServerFromConf(); -+ -+ /** @brief Persistent sdbusplus DBus bus connection. */ -+ sdbusplus::bus::bus& bus; -+ -+ /** @brief Network Manager object. */ -+ Manager& manager; -+ -+ /** @brief Persistent map of IPAddress dbus objects and their names */ -+ AddressMap addrs; -+ -+ /** @brief Persistent map of VLAN interface dbus objects and their names */ -+ VlanInterfaceMap vlanInterfaces; -+ -+ /** @brief Dbus object path */ -+ std::string objPath; -+ -+ friend class TestEthernetInterface; -+ -+ /** @brief gets the channel privilege. -+ * @param[in] interfaceName - Network interface name. -+ * @returns privilege of the interface -+ */ -+ std::string getChannelPrivilege(const std::string& interfaceName); -+ -+ /** @brief reads the channel access info from file. -+ * @param[in] configFile - channel access filename -+ * @returns json file data -+ */ -+ nlohmann::json readJsonFile(const std::string& configFile); -+ -+ /** @brief writes the channel access info to file. -+ * @param[in] configFile - channel access filename -+ * @param[in] jsonData - json data to write -+ * @returns success or failure -+ */ -+ int writeJsonFile(const std::string& configFile, -+ const nlohmann::json& jsonData); - }; - - } // namespace network -diff --git a/network_manager.cpp b/network_manager.cpp -index c4ab0da..c573d01 100644 ---- a/network_manager.cpp -+++ b/network_manager.cpp -@@ -30,6 +30,13 @@ extern std::unique_ptr restartTimer; - using namespace phosphor::logging; - using namespace sdbusplus::xyz::openbmc_project::Common::Error; - -+static constexpr const char* userMgrObjBasePath = "/xyz/openbmc_project/user"; -+static constexpr const char* userMgrInterface = -+ "xyz.openbmc_project.User.Manager"; -+static constexpr const char* propNameAllPrivileges = "AllPrivileges"; -+ -+std::unique_ptr usrMgmtSignal(nullptr); -+ - Manager::Manager(sdbusplus::bus::bus& bus, const char* objPath, - const std::string& path) : - details::VLANCreateIface(bus, objPath, true), -@@ -37,6 +44,103 @@ Manager::Manager(sdbusplus::bus::bus& bus, const char* objPath, - { - fs::path confDir(path); - setConfDir(confDir); -+ initSupportedPrivilges(); -+} -+ -+std::string getUserService(sdbusplus::bus::bus& bus, const std::string& intf, -+ const std::string& path) -+{ -+ auto mapperCall = -+ bus.new_method_call("xyz.openbmc_project.ObjectMapper", -+ "/xyz/openbmc_project/object_mapper", -+ "xyz.openbmc_project.ObjectMapper", "GetObject"); -+ -+ mapperCall.append(path); -+ mapperCall.append(std::vector({intf})); -+ -+ auto mapperResponseMsg = bus.call(mapperCall); -+ -+ std::map> mapperResponse; -+ mapperResponseMsg.read(mapperResponse); -+ -+ if (mapperResponse.begin() == mapperResponse.end()) -+ { -+ throw std::runtime_error("ERROR in reading the mapper response"); -+ } -+ -+ return mapperResponse.begin()->first; -+} -+ -+std::string Manager::getUserServiceName() -+{ -+ static std::string userMgmtService; -+ if (userMgmtService.empty()) -+ { -+ try -+ { -+ userMgmtService = -+ getUserService(bus, userMgrInterface, userMgrObjBasePath); -+ } -+ catch (const std::exception& e) -+ { -+ log("Exception caught in getUserServiceName."); -+ userMgmtService.clear(); -+ } -+ } -+ return userMgmtService; -+} -+ -+void Manager::initSupportedPrivilges() -+{ -+ std::string userServiceName = getUserServiceName(); -+ if (!userServiceName.empty()) -+ { -+ auto method = bus.new_method_call( -+ getUserServiceName().c_str(), userMgrObjBasePath, -+ "org.freedesktop.DBus.Properties", "Get"); -+ method.append(userMgrInterface, propNameAllPrivileges); -+ -+ auto reply = bus.call(method); -+ if (reply.is_method_error()) -+ { -+ log("get-property AllPrivileges failed", -+ entry("OBJPATH:%s", userMgrObjBasePath), -+ entry("INTERFACE:%s", userMgrInterface)); -+ return; -+ } -+ -+ sdbusplus::message::variant> result; -+ reply.read(result); -+ -+ supportedPrivList = -+ sdbusplus::message::variant_ns::get>( -+ result); -+ } -+ -+ // Resgister the signal -+ if (usrMgmtSignal == nullptr) -+ { -+ log("Registering User.Manager propertychange signal."); -+ usrMgmtSignal = std::make_unique( -+ bus, -+ sdbusplus::bus::match::rules::propertiesChanged(userMgrObjBasePath, -+ userMgrInterface), -+ [&](sdbusplus::message::message& msg) { -+ log("UserMgr properties changed signal"); -+ std::map props; -+ std::string iface; -+ msg.read(iface, props); -+ for (const auto& t : props) -+ { -+ if (t.first == propNameAllPrivileges) -+ { -+ supportedPrivList = sdbusplus::message::variant_ns::get< -+ std::vector>(t.second); -+ } -+ } -+ }); -+ } -+ return; - } - - bool Manager::createDefaultNetworkFiles(bool force) -diff --git a/network_manager.hpp b/network_manager.hpp -index e2dfea9..22eef04 100644 ---- a/network_manager.hpp -+++ b/network_manager.hpp -@@ -137,6 +137,9 @@ class Manager : public details::VLANCreateIface - return (interfaces.find(intf) != interfaces.end()); - } - -+ /** supported privilege list **/ -+ std::vector supportedPrivList; -+ - protected: - /** @brief Persistent sdbusplus DBus bus connection. */ - sdbusplus::bus::bus& bus; -@@ -159,6 +162,12 @@ class Manager : public details::VLANCreateIface - - /** @brief Network Configuration directory. */ - fs::path confDir; -+ -+ /** Get the user management service name dynamically **/ -+ std::string getUserServiceName(); -+ -+ /** @brief initializes the supportedPrivilege List */ -+ void initSupportedPrivilges(); - }; - - } // namespace network --- -2.7.4 - diff --git a/meta-openbmc-mods/meta-common/recipes-network/network/network_%.bbappend b/meta-openbmc-mods/meta-common/recipes-network/network/network_%.bbappend deleted file mode 100644 index 275051e19..000000000 --- a/meta-openbmc-mods/meta-common/recipes-network/network/network_%.bbappend +++ /dev/null @@ -1,9 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -DEPENDS += "nlohmann-json" - -SRC_URI += "file://0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch \ - file://0002-IPv6-Network-changes-to-configuration-file.patch \ - file://0003-Adding-channel-specific-privilege-to-network.patch \ - " - diff --git a/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch b/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch new file mode 100644 index 000000000..03460302d --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch @@ -0,0 +1,456 @@ +From 15f9ba436815307c1df7ace505e6f6ee04a4762b Mon Sep 17 00:00:00 2001 +From: David Cobbley +Date: Thu, 8 Mar 2018 12:18:00 -0800 +Subject: [PATCH 1/3] Patch to keep consistent MAC and IP address inbetween + power cycles + +Currently, your mac will reset upon AC cycle unless you ask systemd use +a MAC provided in your network configuration file. This will write your +randomly generate MAC to the config file upond first boot up. + +Change-Id: Id47d24c62e459cde101add18be2f46c0b010e7fe +Signed-off-by: David Cobbley +Signed-off-by: James Feist +--- + ethernet_interface.cpp | 4 +- + ethernet_interface.hpp | 360 +++++++++++++++++++++-------------------- + network_config.cpp | 22 +-- + 3 files changed, 195 insertions(+), 191 deletions(-) + +diff --git a/ethernet_interface.cpp b/ethernet_interface.cpp +index 3fd7835..fd09b7a 100644 +--- a/ethernet_interface.cpp ++++ b/ethernet_interface.cpp +@@ -200,8 +200,8 @@ InterfaceInfo EthernetInterface::getInterfaceInfo() const + * @return macaddress on success + */ + +-std::string +- EthernetInterface::getMACAddress(const std::string& interfaceName) const ++std::string EthernetInterface::getMACAddress( ++ const std::string& interfaceName) + { + ifreq ifr{}; + char macAddress[mac_address::size]{}; +diff --git a/ethernet_interface.hpp b/ethernet_interface.hpp +index bfe1d54..d62ca34 100644 +--- a/ethernet_interface.hpp ++++ b/ethernet_interface.hpp +@@ -59,185 +59,187 @@ using VlanInterfaceMap = + */ + class EthernetInterface : public Ifaces + { +- public: +- EthernetInterface() = delete; +- EthernetInterface(const EthernetInterface&) = delete; +- EthernetInterface& operator=(const EthernetInterface&) = delete; +- EthernetInterface(EthernetInterface&&) = delete; +- EthernetInterface& operator=(EthernetInterface&&) = delete; +- virtual ~EthernetInterface() = default; +- +- /** @brief Constructor to put object onto bus at a dbus path. +- * @param[in] bus - Bus to attach to. +- * @param[in] objPath - Path to attach at. +- * @param[in] dhcpEnabled - is dhcp enabled(true/false). +- * @param[in] parent - parent object. +- * @param[in] emitSignal - true if the object added signal needs to be +- * send. +- */ +- EthernetInterface(sdbusplus::bus::bus& bus, const std::string& objPath, +- bool dhcpEnabled, Manager& parent, +- bool emitSignal = true); +- +- /** @brief Function to create ipaddress dbus object. +- * @param[in] addressType - Type of ip address. +- * @param[in] ipaddress- IP address. +- * @param[in] prefixLength - Length of prefix. +- * @param[in] gateway - Gateway ip address. +- */ +- +- void iP(IP::Protocol addressType, std::string ipaddress, +- uint8_t prefixLength, std::string gateway) override; +- +- /* @brief delete the dbus object of the given ipaddress. +- * @param[in] ipaddress - IP address. +- */ +- void deleteObject(const std::string& ipaddress); +- +- /* @brief delete the vlan dbus object of the given interface. +- * Also deletes the device file and the network file. +- * @param[in] interface - VLAN Interface. +- */ +- void deleteVLANObject(const std::string& interface); +- +- /* @brief creates the dbus object(IPaddres) given in the address list. +- * @param[in] addrs - address list for which dbus objects needs +- * to create. +- */ +- void createIPAddressObjects(); +- +- /* @brief Gets all the ip addresses. +- * @returns the list of ipaddress. +- */ +- const AddressMap& getAddresses() const +- { +- return addrs; +- } +- +- /** Set value of DHCPEnabled */ +- bool dHCPEnabled(bool value) override; +- +- /** @brief sets the MAC address. +- * @param[in] value - MAC address which needs to be set on the system. +- * @returns macAddress of the interface or throws an error. +- */ +- std::string mACAddress(std::string value) override; +- +- /** @brief sets the NTP servers. +- * @param[in] value - vector of NTP servers. +- */ +- ServerList nTPServers(ServerList value) override; +- +- /** @brief sets the DNS/nameservers. +- * @param[in] value - vector of DNS servers. +- */ +- ServerList nameservers(ServerList value) override; +- +- /** @brief create Vlan interface. +- * @param[in] id- VLAN identifier. +- */ +- void createVLAN(VlanId id); +- +- /** @brief load the vlan info from the system +- * and creates the ip address dbus objects. +- * @param[in] vlanID- VLAN identifier. +- */ +- void loadVLAN(VlanId vlanID); +- +- /** @brief write the network conf file with the in-memory objects. +- */ +- void writeConfigurationFile(); +- +- /** @brief delete all dbus objects. +- */ +- void deleteAll(); +- +- using EthernetInterfaceIntf::dHCPEnabled; +- using EthernetInterfaceIntf::interfaceName; +- using MacAddressIntf::mACAddress; +- +- /** @brief Absolute path of the resolv conf file */ +- static constexpr auto resolvConfFile = "/etc/resolv.conf"; +- +- protected: +- /** @brief get the info of the ethernet interface. +- * @return tuple having the link speed,autonegotiation,duplexmode . +- */ +- InterfaceInfo getInterfaceInfo() const; +- +- /* @brief delete the vlan interface from system. +- * @param[in] interface - vlan Interface. +- */ +- void deleteVLANFromSystem(const std::string& interface); +- +- /** @brief get the mac address of the interface. +- * @param[in] interfaceName - Network interface name. +- * @return macaddress on success +- */ +- +- std::string getMACAddress(const std::string& interfaceName) const; +- +- /** @brief construct the ip address dbus object path. +- * @param[in] addressType - Type of ip address. +- * @param[in] ipaddress - IP address. +- * @param[in] prefixLength - Length of prefix. +- * @param[in] gateway - Gateway address. +- +- * @return path of the address object. +- */ +- +- std::string generateObjectPath(IP::Protocol addressType, +- const std::string& ipaddress, +- uint8_t prefixLength, +- const std::string& gateway) const; +- +- /** @brief generates the id by doing hash of ipaddress, +- * prefixlength and the gateway. +- * @param[in] ipaddress - IP address. +- * @param[in] prefixLength - Length of prefix. +- * @param[in] gateway - Gateway address. +- * @return hash string. +- */ +- +- static std::string generateId(const std::string& ipaddress, +- uint8_t prefixLength, +- const std::string& gateway); +- +- /** @brief write the dhcp section **/ +- void writeDHCPSection(std::fstream& stream); +- +- /** @brief get the NTP server list from the network conf +- * +- */ +- ServerList getNTPServersFromConf(); +- +- /** @brief write the DNS entries to resolver file. +- * @param[in] dnsList - DNS server list which needs to be written. +- * @param[in] file - File to write the name server entries to. +- */ +- void writeDNSEntries(const ServerList& dnsList, const std::string& file); +- +- /** @brief get the name server details from the network conf +- * +- */ +- ServerList getNameServerFromConf(); +- +- /** @brief Persistent sdbusplus DBus bus connection. */ +- sdbusplus::bus::bus& bus; +- +- /** @brief Network Manager object. */ +- Manager& manager; +- +- /** @brief Persistent map of IPAddress dbus objects and their names */ +- AddressMap addrs; +- +- /** @brief Persistent map of VLAN interface dbus objects and their names */ +- VlanInterfaceMap vlanInterfaces; +- +- /** @brief Dbus object path */ +- std::string objPath; +- +- friend class TestEthernetInterface; ++ public: ++ EthernetInterface() = delete; ++ EthernetInterface(const EthernetInterface&) = delete; ++ EthernetInterface& operator=(const EthernetInterface&) = delete; ++ EthernetInterface(EthernetInterface&&) = delete; ++ EthernetInterface& operator=(EthernetInterface&&) = delete; ++ virtual ~EthernetInterface() = default; ++ ++ /** @brief Constructor to put object onto bus at a dbus path. ++ * @param[in] bus - Bus to attach to. ++ * @param[in] objPath - Path to attach at. ++ * @param[in] dhcpEnabled - is dhcp enabled(true/false). ++ * @param[in] parent - parent object. ++ * @param[in] emitSignal - true if the object added signal needs to be ++ * send. ++ */ ++ EthernetInterface(sdbusplus::bus::bus& bus, ++ const std::string& objPath, ++ bool dhcpEnabled, ++ Manager& parent, ++ bool emitSignal = true); ++ ++ /** @brief Function to create ipaddress dbus object. ++ * @param[in] addressType - Type of ip address. ++ * @param[in] ipaddress- IP address. ++ * @param[in] prefixLength - Length of prefix. ++ * @param[in] gateway - Gateway ip address. ++ */ ++ ++ void iP(IP::Protocol addressType, ++ std::string ipaddress, ++ uint8_t prefixLength, ++ std::string gateway) override; ++ ++ /* @brief delete the dbus object of the given ipaddress. ++ * @param[in] ipaddress - IP address. ++ */ ++ void deleteObject(const std::string& ipaddress); ++ ++ /* @brief delete the vlan dbus object of the given interface. ++ * Also deletes the device file and the network file. ++ * @param[in] interface - VLAN Interface. ++ */ ++ void deleteVLANObject(const std::string& interface); ++ ++ /* @brief creates the dbus object(IPaddres) given in the address list. ++ * @param[in] addrs - address list for which dbus objects needs ++ * to create. ++ */ ++ void createIPAddressObjects(); ++ ++ /* @brief Gets all the ip addresses. ++ * @returns the list of ipaddress. ++ */ ++ const AddressMap& getAddresses() const { return addrs; } ++ ++ /** Set value of DHCPEnabled */ ++ bool dHCPEnabled(bool value) override; ++ ++ /** @brief sets the MAC address. ++ * @param[in] value - MAC address which needs to be set on the system. ++ * @returns macAddress of the interface or throws an error. ++ */ ++ std::string mACAddress(std::string value) override; ++ ++ /** @brief sets the NTP servers. ++ * @param[in] value - vector of NTP servers. ++ */ ++ ServerList nTPServers(ServerList value) override; ++ ++ /** @brief sets the DNS/nameservers. ++ * @param[in] value - vector of DNS servers. ++ */ ++ ServerList nameservers(ServerList value) override; ++ ++ /** @brief create Vlan interface. ++ * @param[in] id- VLAN identifier. ++ */ ++ void createVLAN(VlanId id); ++ ++ /** @brief load the vlan info from the system ++ * and creates the ip address dbus objects. ++ * @param[in] vlanID- VLAN identifier. ++ */ ++ void loadVLAN(VlanId vlanID); ++ ++ /** @brief write the network conf file with the in-memory objects. ++ */ ++ void writeConfigurationFile(); ++ ++ /** @brief delete all dbus objects. ++ */ ++ void deleteAll(); ++ ++ /** @brief get the mac address of the interface. ++ * @param[in] interfaceName - Network interface name. ++ * @return macaddress on success ++ */ ++ ++ static std::string getMACAddress(const std::string& interfaceName); ++ ++ using EthernetInterfaceIntf::dHCPEnabled; ++ using EthernetInterfaceIntf::interfaceName; ++ using MacAddressIntf::mACAddress; ++ ++ /** @brief Absolute path of the resolv conf file */ ++ static constexpr auto resolvConfFile = "/etc/resolv.conf"; ++ ++ protected: ++ /** @brief get the info of the ethernet interface. ++ * @return tuple having the link speed,autonegotiation,duplexmode . ++ */ ++ InterfaceInfo getInterfaceInfo() const; ++ ++ /* @brief delete the vlan interface from system. ++ * @param[in] interface - vlan Interface. ++ */ ++ void deleteVLANFromSystem(const std::string& interface); ++ ++ /** @brief construct the ip address dbus object path. ++ * @param[in] addressType - Type of ip address. ++ * @param[in] ipaddress - IP address. ++ * @param[in] prefixLength - Length of prefix. ++ * @param[in] gateway - Gateway address. ++ ++ * @return path of the address object. ++ */ ++ ++ std::string generateObjectPath(IP::Protocol addressType, ++ const std::string& ipaddress, ++ uint8_t prefixLength, ++ const std::string& gateway) const; ++ ++ /** @brief generates the id by doing hash of ipaddress, ++ * prefixlength and the gateway. ++ * @param[in] ipaddress - IP address. ++ * @param[in] prefixLength - Length of prefix. ++ * @param[in] gateway - Gateway address. ++ * @return hash string. ++ */ ++ ++ static std::string generateId(const std::string& ipaddress, ++ uint8_t prefixLength, ++ const std::string& gateway); ++ ++ /** @brief write the dhcp section **/ ++ void writeDHCPSection(std::fstream& stream);; ++ ++ /** @brief get the NTP server list from the network conf ++ * ++ */ ++ ServerList getNTPServersFromConf(); ++ ++ /** @brief write the DNS entries to resolver file. ++ * @param[in] dnsList - DNS server list which needs to be written. ++ * @param[in] file - File to write the name server entries to. ++ */ ++ void writeDNSEntries(const ServerList& dnsList, ++ const std::string& file); ++ ++ /** @brief get the name server details from the network conf ++ * ++ */ ++ ServerList getNameServerFromConf(); ++ ++ /** @brief Persistent sdbusplus DBus bus connection. */ ++ sdbusplus::bus::bus& bus; ++ ++ /** @brief Network Manager object. */ ++ Manager& manager; ++ ++ /** @brief Persistent map of IPAddress dbus objects and their names */ ++ AddressMap addrs; ++ ++ /** @brief Persistent map of VLAN interface dbus objects and their names */ ++ VlanInterfaceMap vlanInterfaces; ++ ++ /** @brief Dbus object path */ ++ std::string objPath; ++ ++ friend class TestEthernetInterface; + }; + + } // namespace network +diff --git a/network_config.cpp b/network_config.cpp +index e83b16c..8ebad54 100644 +--- a/network_config.cpp ++++ b/network_config.cpp +@@ -1,3 +1,5 @@ ++#include "network_config.hpp" ++#include "ethernet_interface.hpp" + #include "config.h" + + #include "network_config.hpp" +@@ -5,27 +7,27 @@ + #include + #include + +-namespace phosphor +-{ +-namespace network +-{ ++namespace phosphor { ++namespace network { + +-namespace bmc +-{ +-void writeDHCPDefault(const std::string& filename, const std::string& interface) ++namespace bmc { ++void writeDHCPDefault(const std::string &filename, const std::string &interface) + { ++ + std::ofstream filestream; + + filestream.open(filename); + filestream << "[Match]\nName=" << interface << +- "\n[Network]\nDHCP=true\n" ++ "\n[Network]\nDHCP=true\n" + #ifdef LINK_LOCAL_AUTOCONFIGURATION + "LinkLocalAddressing=yes\n" + #else + "LinkLocalAddressing=no\n" + #endif +- "IPv6AcceptRA=false\n" +- "[DHCP]\nClientIdentifier=mac\n"; ++ "IPv6AcceptRA=false\n" ++ "[DHCP]\nClientIdentifier=mac\n" ++ "[Link]\nMACAddress=" ++ << EthernetInterface::getMACAddress(interface) << "\n"; + filestream.close(); + } + } // namespace bmc +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0002-IPv6-Network-changes-to-configuration-file.patch b/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0002-IPv6-Network-changes-to-configuration-file.patch new file mode 100644 index 000000000..251f68319 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0002-IPv6-Network-changes-to-configuration-file.patch @@ -0,0 +1,210 @@ +From ebb359773b8a5c03a25c3a48c5080bb246c07c71 Mon Sep 17 00:00:00 2001 +From: David Cobbley +Date: Wed, 6 Jun 2018 11:11:43 -0700 +Subject: [PATCH 2/3] IPv6 Network changes to configuration file + +Allow Additional parameters to be set for IPv6 + +Change-Id: If662f1ce2d265bc525073890c49231bf6f2b8a30 +--- + ethernet_interface.cpp | 109 +++++++++++++++++++++++++++++++++++++++-- + ethernet_interface.hpp | 19 ++++++- + util.cpp | 3 +- + 3 files changed, 124 insertions(+), 7 deletions(-) + +diff --git a/ethernet_interface.cpp b/ethernet_interface.cpp +index fd09b7a..63f1160 100644 +--- a/ethernet_interface.cpp ++++ b/ethernet_interface.cpp +@@ -46,6 +46,8 @@ EthernetInterface::EthernetInterface(sdbusplus::bus::bus& bus, + std::replace(intfName.begin(), intfName.end(), '_', '.'); + interfaceName(intfName); + EthernetInterfaceIntf::dHCPEnabled(dhcpEnabled); ++ EthernetInterfaceIntf::iPAddressEnables(getIPAddressEnablesFromConf()); ++ EthernetInterfaceIntf::iPv6AcceptRA(getIPv6AcceptRAFromConf()); + MacAddressIntf::mACAddress(getMACAddress(intfName)); + EthernetInterfaceIntf::nTPServers(getNTPServersFromConf()); + EthernetInterfaceIntf::nameservers(getNameServerFromConf()); +@@ -322,7 +324,16 @@ std::string EthernetInterface::generateObjectPath( + objectPath /= generateId(ipaddress, prefixLength, gateway); + return objectPath.string(); + } +- ++bool EthernetInterface::iPv6AcceptRA(bool value) ++{ ++ if (value == EthernetInterfaceIntf::iPv6AcceptRA()) ++ { ++ return value; ++ } ++ EthernetInterfaceIntf::iPv6AcceptRA(value); ++ manager.writeToConfigurationFile(); ++ return value; ++} + bool EthernetInterface::dHCPEnabled(bool value) + { + if (value == EthernetInterfaceIntf::dHCPEnabled()) +@@ -433,7 +444,80 @@ void EthernetInterface::createVLAN(VlanId id) + // write the new vlan device entry to the configuration(network) file. + manager.writeToConfigurationFile(); + } ++bool EthernetInterface::getIPv6AcceptRAFromConf() ++{ ++ fs::path confPath = manager.getConfDir(); ++ ++ std::string fileName = systemd::config::networkFilePrefix + ++ interfaceName() + systemd::config::networkFileSuffix; ++ confPath /= fileName; ++ config::ValueList values; ++ config::Parser parser(confPath.string()); ++ auto rc = config::ReturnCode::SUCCESS; ++ std::tie(rc, values) = parser.getValues("Network", "IPv6AcceptRA"); ++ if (rc != config::ReturnCode::SUCCESS) ++ { ++ log("Unable to get the value for Network[IPv6AcceptRA]", ++ entry("rc=%d", rc)); ++ return false; ++ } ++ if (values[0] == "true") ++ { ++ return true; ++ } ++ ++ return false; ++} ++EthernetInterface::IPAllowed EthernetInterface::getIPAddressEnablesFromConf() ++{ ++ fs::path confPath = manager.getConfDir(); ++ ++ std::string fileName = systemd::config::networkFilePrefix + ++ interfaceName() + systemd::config::networkFileSuffix; ++ confPath /= fileName; ++ config::ValueList values; ++ config::Parser parser(confPath.string()); ++ auto rc = config::ReturnCode::SUCCESS; ++ std::tie(rc, values) = parser.getValues("Network", "DHCP"); ++ if (rc != config::ReturnCode::SUCCESS) ++ { ++ log("Unable to get the value for Network[DHCP]", ++ entry("rc=%d", rc)); ++ return EthernetInterface::IPAllowed::IPv4AndIPv6; ++ } ++ // true, false, ipv4, ipv6 ++ if (values[0] == "ipv6") ++ { ++ return EthernetInterface::IPAllowed::IPv6Only; ++ } ++ else if (values[0] == "ipv4") ++ { ++ return EthernetInterface::IPAllowed::IPv4Only; ++ } ++ else if (values[0] == "off") ++ { ++ // This function should not get called if DHCP == off ++ log("Function not available in static mode"); ++ return EthernetInterface::IPAllowed::IPv4AndIPv6; ++ } ++ else ++ { ++ return EthernetInterface::IPAllowed::IPv4AndIPv6; ++ } ++} ++EthernetInterface::IPAllowed ++ EthernetInterface::iPAddressEnables(EthernetInterface::IPAllowed iPAllowed) ++{ ++ if (iPAllowed == EthernetInterfaceIntf::iPAddressEnables()) ++ { ++ return iPAllowed; ++ } ++ ++ EthernetInterfaceIntf::iPAddressEnables(iPAllowed); ++ writeConfigurationFile(); + ++ return iPAllowed; ++} + ServerList EthernetInterface::getNTPServersFromConf() + { + fs::path confPath = manager.getConfDir(); +@@ -515,7 +599,8 @@ void EthernetInterface::writeConfigurationFile() + #else + stream << "LinkLocalAddressing=no\n"; + #endif +- stream << "IPv6AcceptRA=false\n"; ++ stream << std::boolalpha ++ << "IPv6AcceptRA=" << EthernetInterfaceIntf::iPv6AcceptRA() << "\n"; + + // Add the VLAN entry + for (const auto& intf : vlanInterfaces) +@@ -524,8 +609,24 @@ void EthernetInterface::writeConfigurationFile() + << "\n"; + } + // Add the DHCP entry +- auto value = dHCPEnabled() ? "true"s : "false"s; +- stream << "DHCP="s + value + "\n"; ++ std::string dhcpValue = "false"; ++ if (dHCPEnabled()) ++ { ++ IPAllowed ipAllowed = EthernetInterfaceIntf::iPAddressEnables(); ++ if (ipAllowed == IPAllowed::IPv4AndIPv6) ++ { ++ dhcpValue = "true"; ++ } ++ else if (ipAllowed == IPAllowed::IPv4Only) ++ { ++ dhcpValue = "ipv4"; ++ } ++ else if (ipAllowed == IPAllowed::IPv6Only) ++ { ++ dhcpValue = "ipv6"; ++ } ++ } ++ stream << "DHCP=" << dhcpValue << "\n"; + + // When the interface configured as dhcp, we don't need below given entries + // in config file. +diff --git a/ethernet_interface.hpp b/ethernet_interface.hpp +index d62ca34..7116b47 100644 +--- a/ethernet_interface.hpp ++++ b/ethernet_interface.hpp +@@ -205,7 +205,24 @@ class EthernetInterface : public Ifaces + const std::string& gateway); + + /** @brief write the dhcp section **/ +- void writeDHCPSection(std::fstream& stream);; ++ void writeDHCPSection(std::fstream& stream); ++ ++ /** @brief get the IPv6AcceptRA flag from the network configuration file ++ * ++ */ ++ bool getIPv6AcceptRAFromConf(); ++ ++ /** @brief check conf file for Router Advertisements ++ * ++ */ ++ bool iPv6AcceptRA(bool value) override; ++ ++ /** @brief get the allowed network modes. Similar to DHCP enabled, but ++ * more specific ++ */ ++ IPAllowed getIPAddressEnablesFromConf(); ++ ++ IPAllowed iPAddressEnables(IPAllowed) override; + + /** @brief get the NTP server list from the network conf + * +diff --git a/util.cpp b/util.cpp +index b66f908..9f06e2e 100644 +--- a/util.cpp ++++ b/util.cpp +@@ -405,8 +405,7 @@ bool getDHCPValue(const std::string& confDir, const std::string& intf) + entry("RC=%d", rc)); + return dhcp; + } +- // There will be only single value for DHCP key. +- if (values[0] == "true") ++ if (values[0] != "false") + { + dhcp = true; + } +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0003-Adding-channel-specific-privilege-to-network.patch b/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0003-Adding-channel-specific-privilege-to-network.patch new file mode 100755 index 000000000..4610b8b32 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network/0003-Adding-channel-specific-privilege-to-network.patch @@ -0,0 +1,800 @@ +From 64fff77b31de705a42c5061e9d14946255c6aca1 Mon Sep 17 00:00:00 2001 +From: AppaRao Puli +Date: Wed, 5 Sep 2018 14:16:54 +0530 +Subject: [PATCH] Adding channel specific privilege to network + + - Adding the channel access information to the network + interface object. This privilege will be used in + channel specific authorization. + - Get supported priv from user manager service dynamically. + - Signal handling for capturing the supported priv list + changes from user managerment. + +Tested-by: +Verified channel access through ipmitool get/set channel +access command + +Change-Id: I3b592a19363eef684e31d5f7c34dad8f2f9211df +Signed-off-by: AppaRao Puli +Signed-off-by: Yong Li +--- + ethernet_interface.cpp | 119 +++++++++++++- + ethernet_interface.hpp | 433 ++++++++++++++++++++++++++----------------------- + network_manager.cpp | 104 ++++++++++++ + network_manager.hpp | 9 + + 4 files changed, 464 insertions(+), 201 deletions(-) + +diff --git a/ethernet_interface.cpp b/ethernet_interface.cpp +index 9437b4c..6d23b3d 100644 +--- a/ethernet_interface.cpp ++++ b/ethernet_interface.cpp +@@ -35,6 +35,9 @@ using namespace phosphor::logging; + using namespace sdbusplus::xyz::openbmc_project::Common::Error; + using Argument = xyz::openbmc_project::Common::InvalidArgument; + ++static constexpr const char* networkChannelCfgFile = ++ "/var/channel_intf_data.json"; ++static constexpr const char* defaultChannelPriv = "priv-admin"; + EthernetInterface::EthernetInterface(sdbusplus::bus::bus& bus, + const std::string& objPath, + bool dhcpEnabled, Manager& parent, +@@ -51,6 +54,7 @@ EthernetInterface::EthernetInterface(sdbusplus::bus::bus& bus, + MacAddressIntf::mACAddress(getMACAddress(intfName)); + EthernetInterfaceIntf::nTPServers(getNTPServersFromConf()); + EthernetInterfaceIntf::nameservers(getNameServerFromConf()); ++ getChannelPrivilege(intfName); + + // Emit deferred signal. + if (emitSignal) +@@ -208,8 +212,7 @@ InterfaceInfo EthernetInterface::getInterfaceInfo() const + * @return macaddress on success + */ + +-std::string EthernetInterface::getMACAddress( +- const std::string& interfaceName) ++std::string EthernetInterface::getMACAddress(const std::string& interfaceName) + { + ifreq ifr{}; + char macAddress[mac_address::size]{}; +@@ -829,5 +832,117 @@ void EthernetInterface::deleteAll() + manager.writeToConfigurationFile(); + } + ++nlohmann::json EthernetInterface::readJsonFile(const std::string& configFile) ++{ ++ std::ifstream jsonFile(configFile); ++ if (!jsonFile.good()) ++ { ++ log("JSON file not found"); ++ return nullptr; ++ } ++ ++ nlohmann::json data = nullptr; ++ try ++ { ++ data = nlohmann::json::parse(jsonFile, nullptr, false); ++ } ++ catch (nlohmann::json::parse_error& e) ++ { ++ log("Corrupted channel config.", ++ entry("MSG: %s", e.what())); ++ throw std::runtime_error("Corrupted channel config file"); ++ } ++ ++ return data; ++} ++ ++int EthernetInterface::writeJsonFile(const std::string& configFile, ++ const nlohmann::json& jsonData) ++{ ++ std::ofstream jsonFile(configFile); ++ if (!jsonFile.good()) ++ { ++ log("JSON file open failed", ++ entry("FILE=%s", networkChannelCfgFile)); ++ return -1; ++ } ++ ++ // Write JSON to file ++ jsonFile << jsonData; ++ ++ jsonFile.flush(); ++ return 0; ++} ++ ++std::string ++ EthernetInterface::getChannelPrivilege(const std::string& interfaceName) ++{ ++ std::string priv(defaultChannelPriv); ++ std::string retPriv; ++ ++ nlohmann::json jsonData = readJsonFile(networkChannelCfgFile); ++ if (jsonData != nullptr) ++ { ++ try ++ { ++ priv = jsonData[interfaceName].get(); ++ retPriv = ChannelAccessIntf::maxPrivilege(std::move(priv)); ++ return retPriv; ++ } ++ catch (const nlohmann::json::exception& e) ++ { ++ jsonData[interfaceName] = priv; ++ } ++ } ++ else ++ { ++ jsonData[interfaceName] = priv; ++ } ++ ++ if (writeJsonFile(networkChannelCfgFile, jsonData) != 0) ++ { ++ log("Error in write JSON data to file", ++ entry("FILE=%s", networkChannelCfgFile)); ++ elog(); ++ } ++ ++ retPriv = ChannelAccessIntf::maxPrivilege(std::move(priv)); ++ ++ return retPriv; ++} ++ ++std::string EthernetInterface::maxPrivilege(std::string priv) ++{ ++ std::string intfName = interfaceName(); ++ ++ if (!priv.empty() && (std::find(manager.supportedPrivList.begin(), ++ manager.supportedPrivList.end(), ++ priv) == manager.supportedPrivList.end())) ++ { ++ log("Invalid privilege"); ++ elog(Argument::ARGUMENT_NAME("Privilege"), ++ Argument::ARGUMENT_VALUE(priv.c_str())); ++ } ++ ++ if (ChannelAccessIntf::maxPrivilege() == priv) ++ { ++ // No change in privilege so just return. ++ return priv; ++ } ++ ++ nlohmann::json jsonData = readJsonFile(networkChannelCfgFile); ++ jsonData[intfName] = priv; ++ ++ if (writeJsonFile(networkChannelCfgFile, jsonData) != 0) ++ { ++ log("Error in write JSON data to file", ++ entry("FILE=%s", networkChannelCfgFile)); ++ elog(); ++ } ++ ++ // Property change signal will be sent ++ return ChannelAccessIntf::maxPrivilege(std::move(priv)); ++} ++ + } // namespace network + } // namespace phosphor +diff --git a/ethernet_interface.hpp b/ethernet_interface.hpp +index 7116b47..7b1da9a 100644 +--- a/ethernet_interface.hpp ++++ b/ethernet_interface.hpp +@@ -2,10 +2,13 @@ + + #include "types.hpp" + #include "util.hpp" ++#include "xyz/openbmc_project/Channel/ChannelAccess/server.hpp" + #include "xyz/openbmc_project/Network/IP/Create/server.hpp" + + #include ++#include + #include ++#include + #include + #include + #include +@@ -21,7 +24,8 @@ using Ifaces = sdbusplus::server::object::object< + sdbusplus::xyz::openbmc_project::Network::server::EthernetInterface, + sdbusplus::xyz::openbmc_project::Network::server::MACAddress, + sdbusplus::xyz::openbmc_project::Network::IP::server::Create, +- sdbusplus::xyz::openbmc_project::Collection::server::DeleteAll>; ++ sdbusplus::xyz::openbmc_project::Collection::server::DeleteAll, ++ sdbusplus::xyz::openbmc_project::Channel::server::ChannelAccess>; + + using IP = sdbusplus::xyz::openbmc_project::Network::server::IP; + +@@ -29,9 +33,14 @@ using EthernetInterfaceIntf = + sdbusplus::xyz::openbmc_project::Network::server::EthernetInterface; + using MacAddressIntf = + sdbusplus::xyz::openbmc_project::Network::server::MACAddress; ++using ChannelAccessIntf = ++ sdbusplus::xyz::openbmc_project::Channel::server::ChannelAccess; + + using ServerList = std::vector; + ++using DbusVariant = ++ sdbusplus::message::variant>; ++ + namespace fs = std::experimental::filesystem; + + class Manager; // forward declaration of network manager. +@@ -59,204 +68,230 @@ using VlanInterfaceMap = + */ + class EthernetInterface : public Ifaces + { +- public: +- EthernetInterface() = delete; +- EthernetInterface(const EthernetInterface&) = delete; +- EthernetInterface& operator=(const EthernetInterface&) = delete; +- EthernetInterface(EthernetInterface&&) = delete; +- EthernetInterface& operator=(EthernetInterface&&) = delete; +- virtual ~EthernetInterface() = default; +- +- /** @brief Constructor to put object onto bus at a dbus path. +- * @param[in] bus - Bus to attach to. +- * @param[in] objPath - Path to attach at. +- * @param[in] dhcpEnabled - is dhcp enabled(true/false). +- * @param[in] parent - parent object. +- * @param[in] emitSignal - true if the object added signal needs to be +- * send. +- */ +- EthernetInterface(sdbusplus::bus::bus& bus, +- const std::string& objPath, +- bool dhcpEnabled, +- Manager& parent, +- bool emitSignal = true); +- +- /** @brief Function to create ipaddress dbus object. +- * @param[in] addressType - Type of ip address. +- * @param[in] ipaddress- IP address. +- * @param[in] prefixLength - Length of prefix. +- * @param[in] gateway - Gateway ip address. +- */ +- +- void iP(IP::Protocol addressType, +- std::string ipaddress, +- uint8_t prefixLength, +- std::string gateway) override; +- +- /* @brief delete the dbus object of the given ipaddress. +- * @param[in] ipaddress - IP address. +- */ +- void deleteObject(const std::string& ipaddress); +- +- /* @brief delete the vlan dbus object of the given interface. +- * Also deletes the device file and the network file. +- * @param[in] interface - VLAN Interface. +- */ +- void deleteVLANObject(const std::string& interface); +- +- /* @brief creates the dbus object(IPaddres) given in the address list. +- * @param[in] addrs - address list for which dbus objects needs +- * to create. +- */ +- void createIPAddressObjects(); +- +- /* @brief Gets all the ip addresses. +- * @returns the list of ipaddress. +- */ +- const AddressMap& getAddresses() const { return addrs; } +- +- /** Set value of DHCPEnabled */ +- bool dHCPEnabled(bool value) override; +- +- /** @brief sets the MAC address. +- * @param[in] value - MAC address which needs to be set on the system. +- * @returns macAddress of the interface or throws an error. +- */ +- std::string mACAddress(std::string value) override; +- +- /** @brief sets the NTP servers. +- * @param[in] value - vector of NTP servers. +- */ +- ServerList nTPServers(ServerList value) override; +- +- /** @brief sets the DNS/nameservers. +- * @param[in] value - vector of DNS servers. +- */ +- ServerList nameservers(ServerList value) override; +- +- /** @brief create Vlan interface. +- * @param[in] id- VLAN identifier. +- */ +- void createVLAN(VlanId id); +- +- /** @brief load the vlan info from the system +- * and creates the ip address dbus objects. +- * @param[in] vlanID- VLAN identifier. +- */ +- void loadVLAN(VlanId vlanID); +- +- /** @brief write the network conf file with the in-memory objects. +- */ +- void writeConfigurationFile(); +- +- /** @brief delete all dbus objects. +- */ +- void deleteAll(); +- +- /** @brief get the mac address of the interface. +- * @param[in] interfaceName - Network interface name. +- * @return macaddress on success +- */ +- +- static std::string getMACAddress(const std::string& interfaceName); +- +- using EthernetInterfaceIntf::dHCPEnabled; +- using EthernetInterfaceIntf::interfaceName; +- using MacAddressIntf::mACAddress; +- +- /** @brief Absolute path of the resolv conf file */ +- static constexpr auto resolvConfFile = "/etc/resolv.conf"; +- +- protected: +- /** @brief get the info of the ethernet interface. +- * @return tuple having the link speed,autonegotiation,duplexmode . +- */ +- InterfaceInfo getInterfaceInfo() const; +- +- /* @brief delete the vlan interface from system. +- * @param[in] interface - vlan Interface. +- */ +- void deleteVLANFromSystem(const std::string& interface); +- +- /** @brief construct the ip address dbus object path. +- * @param[in] addressType - Type of ip address. +- * @param[in] ipaddress - IP address. +- * @param[in] prefixLength - Length of prefix. +- * @param[in] gateway - Gateway address. +- +- * @return path of the address object. +- */ +- +- std::string generateObjectPath(IP::Protocol addressType, +- const std::string& ipaddress, +- uint8_t prefixLength, +- const std::string& gateway) const; +- +- /** @brief generates the id by doing hash of ipaddress, +- * prefixlength and the gateway. +- * @param[in] ipaddress - IP address. +- * @param[in] prefixLength - Length of prefix. +- * @param[in] gateway - Gateway address. +- * @return hash string. +- */ +- +- static std::string generateId(const std::string& ipaddress, +- uint8_t prefixLength, +- const std::string& gateway); +- +- /** @brief write the dhcp section **/ +- void writeDHCPSection(std::fstream& stream); +- +- /** @brief get the IPv6AcceptRA flag from the network configuration file +- * +- */ +- bool getIPv6AcceptRAFromConf(); +- +- /** @brief check conf file for Router Advertisements +- * +- */ +- bool iPv6AcceptRA(bool value) override; +- +- /** @brief get the allowed network modes. Similar to DHCP enabled, but +- * more specific +- */ +- IPAllowed getIPAddressEnablesFromConf(); +- +- IPAllowed iPAddressEnables(IPAllowed) override; +- +- /** @brief get the NTP server list from the network conf +- * +- */ +- ServerList getNTPServersFromConf(); +- +- /** @brief write the DNS entries to resolver file. +- * @param[in] dnsList - DNS server list which needs to be written. +- * @param[in] file - File to write the name server entries to. +- */ +- void writeDNSEntries(const ServerList& dnsList, +- const std::string& file); +- +- /** @brief get the name server details from the network conf +- * +- */ +- ServerList getNameServerFromConf(); +- +- /** @brief Persistent sdbusplus DBus bus connection. */ +- sdbusplus::bus::bus& bus; +- +- /** @brief Network Manager object. */ +- Manager& manager; +- +- /** @brief Persistent map of IPAddress dbus objects and their names */ +- AddressMap addrs; +- +- /** @brief Persistent map of VLAN interface dbus objects and their names */ +- VlanInterfaceMap vlanInterfaces; +- +- /** @brief Dbus object path */ +- std::string objPath; +- +- friend class TestEthernetInterface; ++ public: ++ EthernetInterface() = delete; ++ EthernetInterface(const EthernetInterface&) = delete; ++ EthernetInterface& operator=(const EthernetInterface&) = delete; ++ EthernetInterface(EthernetInterface&&) = delete; ++ EthernetInterface& operator=(EthernetInterface&&) = delete; ++ virtual ~EthernetInterface() = default; ++ ++ /** @brief Constructor to put object onto bus at a dbus path. ++ * @param[in] bus - Bus to attach to. ++ * @param[in] objPath - Path to attach at. ++ * @param[in] dhcpEnabled - is dhcp enabled(true/false). ++ * @param[in] parent - parent object. ++ * @param[in] emitSignal - true if the object added signal needs to be ++ * send. ++ */ ++ EthernetInterface(sdbusplus::bus::bus& bus, const std::string& objPath, ++ bool dhcpEnabled, Manager& parent, ++ bool emitSignal = true); ++ ++ /** @brief Function to create ipaddress dbus object. ++ * @param[in] addressType - Type of ip address. ++ * @param[in] ipaddress- IP address. ++ * @param[in] prefixLength - Length of prefix. ++ * @param[in] gateway - Gateway ip address. ++ */ ++ ++ void iP(IP::Protocol addressType, std::string ipaddress, ++ uint8_t prefixLength, std::string gateway) override; ++ ++ /* @brief delete the dbus object of the given ipaddress. ++ * @param[in] ipaddress - IP address. ++ */ ++ void deleteObject(const std::string& ipaddress); ++ ++ /* @brief delete the vlan dbus object of the given interface. ++ * Also deletes the device file and the network file. ++ * @param[in] interface - VLAN Interface. ++ */ ++ void deleteVLANObject(const std::string& interface); ++ ++ /* @brief creates the dbus object(IPaddres) given in the address list. ++ * @param[in] addrs - address list for which dbus objects needs ++ * to create. ++ */ ++ void createIPAddressObjects(); ++ ++ /* @brief Gets all the ip addresses. ++ * @returns the list of ipaddress. ++ */ ++ const AddressMap& getAddresses() const ++ { ++ return addrs; ++ } ++ ++ /** Set value of DHCPEnabled */ ++ bool dHCPEnabled(bool value) override; ++ ++ /** @brief sets the MAC address. ++ * @param[in] value - MAC address which needs to be set on the system. ++ * @returns macAddress of the interface or throws an error. ++ */ ++ std::string mACAddress(std::string value) override; ++ ++ /** @brief sets the NTP servers. ++ * @param[in] value - vector of NTP servers. ++ */ ++ ServerList nTPServers(ServerList value) override; ++ ++ /** @brief sets the DNS/nameservers. ++ * @param[in] value - vector of DNS servers. ++ */ ++ ServerList nameservers(ServerList value) override; ++ ++ /** @brief create Vlan interface. ++ * @param[in] id- VLAN identifier. ++ */ ++ void createVLAN(VlanId id); ++ ++ /** @brief load the vlan info from the system ++ * and creates the ip address dbus objects. ++ * @param[in] vlanID- VLAN identifier. ++ */ ++ void loadVLAN(VlanId vlanID); ++ ++ /** @brief write the network conf file with the in-memory objects. ++ */ ++ void writeConfigurationFile(); ++ ++ /** @brief delete all dbus objects. ++ */ ++ void deleteAll(); ++ ++ /** @brief get the mac address of the interface. ++ * @param[in] interfaceName - Network interface name. ++ * @return macaddress on success ++ */ ++ ++ static std::string getMACAddress(const std::string& interfaceName); ++ ++ /** @brief sets the channel maxium privilege. ++ * @param[in] value - Channel privilege which needs to be set on the ++ * system. ++ * @returns privilege of the interface or throws an error. ++ */ ++ std::string maxPrivilege(std::string value) override; ++ ++ using ChannelAccessIntf::maxPrivilege; ++ using EthernetInterfaceIntf::dHCPEnabled; ++ using EthernetInterfaceIntf::interfaceName; ++ using MacAddressIntf::mACAddress; ++ ++ /** @brief Absolute path of the resolv conf file */ ++ static constexpr auto resolvConfFile = "/etc/resolv.conf"; ++ ++ protected: ++ /** @brief get the info of the ethernet interface. ++ * @return tuple having the link speed,autonegotiation,duplexmode . ++ */ ++ InterfaceInfo getInterfaceInfo() const; ++ ++ /* @brief delete the vlan interface from system. ++ * @param[in] interface - vlan Interface. ++ */ ++ void deleteVLANFromSystem(const std::string& interface); ++ ++ /** @brief construct the ip address dbus object path. ++ * @param[in] addressType - Type of ip address. ++ * @param[in] ipaddress - IP address. ++ * @param[in] prefixLength - Length of prefix. ++ * @param[in] gateway - Gateway address. ++ ++ * @return path of the address object. ++ */ ++ ++ std::string generateObjectPath(IP::Protocol addressType, ++ const std::string& ipaddress, ++ uint8_t prefixLength, ++ const std::string& gateway) const; ++ ++ /** @brief generates the id by doing hash of ipaddress, ++ * prefixlength and the gateway. ++ * @param[in] ipaddress - IP address. ++ * @param[in] prefixLength - Length of prefix. ++ * @param[in] gateway - Gateway address. ++ * @return hash string. ++ */ ++ ++ static std::string generateId(const std::string& ipaddress, ++ uint8_t prefixLength, ++ const std::string& gateway); ++ ++ /** @brief write the dhcp section **/ ++ void writeDHCPSection(std::fstream& stream); ++ ++ /** @brief get the IPv6AcceptRA flag from the network configuration file ++ * ++ */ ++ bool getIPv6AcceptRAFromConf(); ++ ++ /** @brief check conf file for Router Advertisements ++ * ++ */ ++ bool iPv6AcceptRA(bool value) override; ++ ++ /** @brief get the allowed network modes. Similar to DHCP enabled, but ++ * more specific ++ */ ++ IPAllowed getIPAddressEnablesFromConf(); ++ ++ IPAllowed iPAddressEnables(IPAllowed) override; ++ ++ /** @brief get the NTP server list from the network conf ++ * ++ */ ++ ServerList getNTPServersFromConf(); ++ ++ /** @brief write the DNS entries to resolver file. ++ * @param[in] dnsList - DNS server list which needs to be written. ++ * @param[in] file - File to write the name server entries to. ++ */ ++ void writeDNSEntries(const ServerList& dnsList, const std::string& file); ++ ++ /** @brief get the name server details from the network conf ++ * ++ */ ++ ServerList getNameServerFromConf(); ++ ++ /** @brief Persistent sdbusplus DBus bus connection. */ ++ sdbusplus::bus::bus& bus; ++ ++ /** @brief Network Manager object. */ ++ Manager& manager; ++ ++ /** @brief Persistent map of IPAddress dbus objects and their names */ ++ AddressMap addrs; ++ ++ /** @brief Persistent map of VLAN interface dbus objects and their names */ ++ VlanInterfaceMap vlanInterfaces; ++ ++ /** @brief Dbus object path */ ++ std::string objPath; ++ ++ friend class TestEthernetInterface; ++ ++ /** @brief gets the channel privilege. ++ * @param[in] interfaceName - Network interface name. ++ * @returns privilege of the interface ++ */ ++ std::string getChannelPrivilege(const std::string& interfaceName); ++ ++ /** @brief reads the channel access info from file. ++ * @param[in] configFile - channel access filename ++ * @returns json file data ++ */ ++ nlohmann::json readJsonFile(const std::string& configFile); ++ ++ /** @brief writes the channel access info to file. ++ * @param[in] configFile - channel access filename ++ * @param[in] jsonData - json data to write ++ * @returns success or failure ++ */ ++ int writeJsonFile(const std::string& configFile, ++ const nlohmann::json& jsonData); + }; + + } // namespace network +diff --git a/network_manager.cpp b/network_manager.cpp +index c4ab0da..c573d01 100644 +--- a/network_manager.cpp ++++ b/network_manager.cpp +@@ -30,6 +30,13 @@ extern std::unique_ptr restartTimer; + using namespace phosphor::logging; + using namespace sdbusplus::xyz::openbmc_project::Common::Error; + ++static constexpr const char* userMgrObjBasePath = "/xyz/openbmc_project/user"; ++static constexpr const char* userMgrInterface = ++ "xyz.openbmc_project.User.Manager"; ++static constexpr const char* propNameAllPrivileges = "AllPrivileges"; ++ ++std::unique_ptr usrMgmtSignal(nullptr); ++ + Manager::Manager(sdbusplus::bus::bus& bus, const char* objPath, + const std::string& path) : + details::VLANCreateIface(bus, objPath, true), +@@ -37,6 +44,103 @@ Manager::Manager(sdbusplus::bus::bus& bus, const char* objPath, + { + fs::path confDir(path); + setConfDir(confDir); ++ initSupportedPrivilges(); ++} ++ ++std::string getUserService(sdbusplus::bus::bus& bus, const std::string& intf, ++ const std::string& path) ++{ ++ auto mapperCall = ++ bus.new_method_call("xyz.openbmc_project.ObjectMapper", ++ "/xyz/openbmc_project/object_mapper", ++ "xyz.openbmc_project.ObjectMapper", "GetObject"); ++ ++ mapperCall.append(path); ++ mapperCall.append(std::vector({intf})); ++ ++ auto mapperResponseMsg = bus.call(mapperCall); ++ ++ std::map> mapperResponse; ++ mapperResponseMsg.read(mapperResponse); ++ ++ if (mapperResponse.begin() == mapperResponse.end()) ++ { ++ throw std::runtime_error("ERROR in reading the mapper response"); ++ } ++ ++ return mapperResponse.begin()->first; ++} ++ ++std::string Manager::getUserServiceName() ++{ ++ static std::string userMgmtService; ++ if (userMgmtService.empty()) ++ { ++ try ++ { ++ userMgmtService = ++ getUserService(bus, userMgrInterface, userMgrObjBasePath); ++ } ++ catch (const std::exception& e) ++ { ++ log("Exception caught in getUserServiceName."); ++ userMgmtService.clear(); ++ } ++ } ++ return userMgmtService; ++} ++ ++void Manager::initSupportedPrivilges() ++{ ++ std::string userServiceName = getUserServiceName(); ++ if (!userServiceName.empty()) ++ { ++ auto method = bus.new_method_call( ++ getUserServiceName().c_str(), userMgrObjBasePath, ++ "org.freedesktop.DBus.Properties", "Get"); ++ method.append(userMgrInterface, propNameAllPrivileges); ++ ++ auto reply = bus.call(method); ++ if (reply.is_method_error()) ++ { ++ log("get-property AllPrivileges failed", ++ entry("OBJPATH:%s", userMgrObjBasePath), ++ entry("INTERFACE:%s", userMgrInterface)); ++ return; ++ } ++ ++ sdbusplus::message::variant> result; ++ reply.read(result); ++ ++ supportedPrivList = ++ sdbusplus::message::variant_ns::get>( ++ result); ++ } ++ ++ // Resgister the signal ++ if (usrMgmtSignal == nullptr) ++ { ++ log("Registering User.Manager propertychange signal."); ++ usrMgmtSignal = std::make_unique( ++ bus, ++ sdbusplus::bus::match::rules::propertiesChanged(userMgrObjBasePath, ++ userMgrInterface), ++ [&](sdbusplus::message::message& msg) { ++ log("UserMgr properties changed signal"); ++ std::map props; ++ std::string iface; ++ msg.read(iface, props); ++ for (const auto& t : props) ++ { ++ if (t.first == propNameAllPrivileges) ++ { ++ supportedPrivList = sdbusplus::message::variant_ns::get< ++ std::vector>(t.second); ++ } ++ } ++ }); ++ } ++ return; + } + + bool Manager::createDefaultNetworkFiles(bool force) +diff --git a/network_manager.hpp b/network_manager.hpp +index e2dfea9..22eef04 100644 +--- a/network_manager.hpp ++++ b/network_manager.hpp +@@ -137,6 +137,9 @@ class Manager : public details::VLANCreateIface + return (interfaces.find(intf) != interfaces.end()); + } + ++ /** supported privilege list **/ ++ std::vector supportedPrivList; ++ + protected: + /** @brief Persistent sdbusplus DBus bus connection. */ + sdbusplus::bus::bus& bus; +@@ -159,6 +162,12 @@ class Manager : public details::VLANCreateIface + + /** @brief Network Configuration directory. */ + fs::path confDir; ++ ++ /** Get the user management service name dynamically **/ ++ std::string getUserServiceName(); ++ ++ /** @brief initializes the supportedPrivilege List */ ++ void initSupportedPrivilges(); + }; + + } // namespace network +-- +2.7.4 + diff --git a/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network_%.bbappend b/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network_%.bbappend new file mode 100644 index 000000000..275051e19 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-network/network/phosphor-network_%.bbappend @@ -0,0 +1,9 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +DEPENDS += "nlohmann-json" + +SRC_URI += "file://0001-Patch-to-keep-consistent-MAC-and-IP-address-inbetwee.patch \ + file://0002-IPv6-Network-changes-to-configuration-file.patch \ + file://0003-Adding-channel-specific-privilege-to-network.patch \ + " + -- cgit v1.2.3