From 4d7d9957b693f14b4753fdf39cf8836ced619276 Mon Sep 17 00:00:00 2001
From: "P.K.Lee"
Date: Wed, 3 Jul 2019 16:42:24 +0800
Subject: meta-quanta: gsj: modify whitelist and enable whitelist by default
- Modify gsj-ipmid-whitelist.conf for the gsj project.
- Enable whitelist by default.
(From meta-quanta rev: 7f62bc2c5a71b9275b8b636dd6daad000288b2f4)
Change-Id: I52363809de53fabb0c6609e0bc564bdcd69c2e75
Signed-off-by: P.K.Lee
Signed-off-by: Brad Bishop
---
.../phosphor-ipmi-host/gsj-ipmid-whitelist.conf | 40 +++++++++++++++-------
.../restrictionmode-default-whitelist.override.yml | 6 ++++
.../settings/phosphor-settings-manager_%.bbappend | 1 +
3 files changed, 34 insertions(+), 13 deletions(-)
create mode 100644 meta-quanta/meta-gsj/recipes-phosphor/settings/phosphor-settings-manager/restrictionmode-default-whitelist.override.yml
(limited to 'meta-quanta/meta-gsj')
diff --git a/meta-quanta/meta-gsj/recipes-phosphor/ipmi/phosphor-ipmi-host/gsj-ipmid-whitelist.conf b/meta-quanta/meta-gsj/recipes-phosphor/ipmi/phosphor-ipmi-host/gsj-ipmid-whitelist.conf
index a0d18b480..5eabef339 100644
--- a/meta-quanta/meta-gsj/recipes-phosphor/ipmi/phosphor-ipmi-host/gsj-ipmid-whitelist.conf
+++ b/meta-quanta/meta-gsj/recipes-phosphor/ipmi/phosphor-ipmi-host/gsj-ipmid-whitelist.conf
@@ -6,26 +6,33 @@
0x00:0x06 //:
0x00:0x08 //:
0x00:0x09 //:
-0x00:0x0F //:
-0x04:0x02 //:
+0x04:0x20 //:
+0x04:0x21 //:
+0x04:0x22 //:
+0x04:0x27 //:
+0x04:0x29 //:
+0x04:0x2B //:
0x04:0x2D //:
0x04:0x2F //:
0x04:0x30 //:
0x06:0x01 //:
+0x06:0x02 //:
+0x06:0x03 //:
0x06:0x04 //:
-0x06:0x06 //:
-0x06:0x07 //:
0x06:0x08 //:
-0x06:0x22 //:
-0x06:0x24 //:
-0x06:0x25 //:
-0x06:0x2E //:
-0x06:0x2F //:
-0x06:0x31 //:
0x06:0x35 //:
-0x06:0x36 //:
-0x06:0x37 //:
-0x06:0x42 //:
+0x06:0x40 //:
+0x06:0x41 //:
+0x06:0x42 //:
+0x06:0x43 //:
+0x06:0x44 //:
+0x06:0x45 //:
+0x06:0x46 //:
+0x06:0x47 //:
+0x06:0x48 //:
+0x06:0x49 //:
+0x06:0x4A //:
+0x06:0x4B //:
0x06:0x54 //:
0x0A:0x10 //:
0x0A:0x11 //:
@@ -34,9 +41,12 @@
0x0A:0x23 //:
0x0A:0x40 //:
0x0A:0x42 //:
+0x0A:0x43 //:
0x0A:0x44 //:
+0x0A:0x47 //:
0x0A:0x48 //:
0x0A:0x49 //:
+0x0C:0x01 //:
0x0C:0x02 //:
0x2C:0x00 //:
0x2C:0x01 //:
@@ -45,3 +55,7 @@
0x2C:0x06 //:
0x2C:0x07 //:
0x2C:0x10 //:
+0x2C:0x3E //:
+0x2E:0x02 //:
+0x2E:0x30 //:
+0x2E:0x32 //:
diff --git a/meta-quanta/meta-gsj/recipes-phosphor/settings/phosphor-settings-manager/restrictionmode-default-whitelist.override.yml b/meta-quanta/meta-gsj/recipes-phosphor/settings/phosphor-settings-manager/restrictionmode-default-whitelist.override.yml
new file mode 100644
index 000000000..b0de5dd1a
--- /dev/null
+++ b/meta-quanta/meta-gsj/recipes-phosphor/settings/phosphor-settings-manager/restrictionmode-default-whitelist.override.yml
@@ -0,0 +1,6 @@
+---
+/xyz/openbmc_project/control/host0/restriction_mode:
+ - Interface: xyz.openbmc_project.Control.Security.RestrictionMode
+ Properties:
+ RestrictionMode:
+ Default: RestrictionMode::Modes::Whitelist
diff --git a/meta-quanta/meta-gsj/recipes-phosphor/settings/phosphor-settings-manager_%.bbappend b/meta-quanta/meta-gsj/recipes-phosphor/settings/phosphor-settings-manager_%.bbappend
index da834423f..53db04d03 100644
--- a/meta-quanta/meta-gsj/recipes-phosphor/settings/phosphor-settings-manager_%.bbappend
+++ b/meta-quanta/meta-gsj/recipes-phosphor/settings/phosphor-settings-manager_%.bbappend
@@ -1,2 +1,3 @@
FILESEXTRAPATHS_prepend_gsj := "${THISDIR}/${BPN}:"
SRC_URI_append_gsj = " file://time-default.override.yml"
+SRC_URI_append_gsj = " file://restrictionmode-default-whitelist.override.yml"
--
cgit v1.2.3