prov-mode-mgr: Log events for restriction mode

Support added to log events for restriction mode change (system interface), which can be viewed using Redfish event log entries. This log will indicate the status of the system interface command execution allowed state after BIOS POST. Tested: Tested the same with up-stream message entry review https://gerrit.openbmc-project.xyz/#/c/openbmc/bmcweb/+/26601/ 1. Redfish validator - passed for this new addition 2. Log will be as below { "@data.context": "/redfish/v1/$metadata#LogEntry.LogEntry", "@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/184", "@odata.type": "#LogEntry.v1_4_0.LogEntry", "Created": "1970-01-01T00:03:04+00:00", "EntryType": "Event", "Id": "184", "Message": "System interface in unprovisioned state.", "MessageArgs": [], "MessageId": "OpenBMC.0.1.SystemInterfaceUnprovisioned", "Name": "System Event Log Entry", "Severity": "Critical" }, { "@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry", "@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/198", "@odata.type": "#LogEntry.v1_4_0.LogEntry", "Created": "1970-01-01T00:03:18+00:00", "EntryType": "Event", "Id": "198", "Message": "System interface in whitelist provisioned state.", "MessageArgs": [], "MessageId": "OpenBMC.0.1.SystemInterfaceWhitelistProvisioned", "Name": "System Event Log Entry", "Severity": "Warning" }, { "@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry", "@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/204", "@odata.type": "#LogEntry.v1_4_0.LogEntry", "Created": "1970-01-01T00:03:24+00:00", "EntryType": "Event", "Id": "204", "Message": "System interface in disabled provisioned state.", "MessageArgs": [], "MessageId": "OpenBMC.0.1.SystemInterfaceDisabledProvisioned", "Name": "System Event Log Entry", "Severity": "OK" } Change-Id: Ief9547d37bff07704caebf76e87fe8dba05e2db6 Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> 2019-10-28 11:18:29 +0300
committer: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> 2019-10-28 11:24:44 +0300
commit: d9c17f8494700cb3ae079181d417e3e123d215f8 (patch)
tree: 865291231ed3278242c40948a5fadd74e35cf185
parent: e652d91e36ca1a48215ca22cb8fde6dbf2db5400 (diff)
download: provingground-d9c17f8494700cb3ae079181d417e3e123d215f8.tar.xz
2 files changed, 32 insertions, 0 deletions
diff --git a/prov-mode-mgr/include/prov-mode-mgr.hpp b/prov-mode-mgr/include/prov-mode-mgr.hpp
index 6ca7424..9824a07 100644
--- a/prov-mode-mgr/include/prov-mode-mgr.hpp
+++ b/prov-mode-mgr/include/prov-mode-mgr.hpp
@@ -55,6 +55,8 @@ class ProvModeMgr
     void updateProvModeProperty(
         sdbusplus::xyz::openbmc_project::Control::Security::server::
             RestrictionMode::Modes mode);
+    void logEvent(sdbusplus::xyz::openbmc_project::Control::Security::server::
+                      RestrictionMode::Modes mode);
 
   public:
     ProvModeMgr(boost::asio::io_service& io,
diff --git a/prov-mode-mgr/src/prov-mode-mgr.cpp b/prov-mode-mgr/src/prov-mode-mgr.cpp
index 33d084a..a7ca4e3 100644
--- a/prov-mode-mgr/src/prov-mode-mgr.cpp
+++ b/prov-mode-mgr/src/prov-mode-mgr.cpp
@@ -74,11 +74,40 @@ void ProvModeMgr::updateProvModeProperty(
         std::to_string(static_cast<uint8_t>(mode)));
 }
 
+void ProvModeMgr::logEvent(sdbusplus::xyz::openbmc_project::Control::Security::
+                               server::RestrictionMode::Modes mode)
+{
+    namespace secCtrl =
+        sdbusplus::xyz::openbmc_project::Control::Security::server;
+
+    if (mode == secCtrl::RestrictionMode::Modes::Provisioning)
+    {
+        sd_journal_send("MESSAGE=%s", "RestrictionMode - Provisioning state",
+                        "PRIORITY=%i", LOG_INFO, "REDFISH_MESSAGE_ID=%s",
+                        "OpenBMC.0.1.SystemInterfaceUnprovisioned", NULL);
+    }
+    else if (mode == secCtrl::RestrictionMode::Modes::ProvisionedHostWhitelist)
+    {
+        sd_journal_send("MESSAGE=%s", "RestrictionMode - Whitelist state",
+                        "PRIORITY=%i", LOG_INFO, "REDFISH_MESSAGE_ID=%s",
+                        "OpenBMC.0.1.SystemInterfaceWhitelistProvisioned",
+                        NULL);
+    }
+    else if (mode == secCtrl::RestrictionMode::Modes::ProvisionedHostDisabled)
+    {
+        sd_journal_send("MESSAGE=%s", "RestrictionMode - Disabled state",
+                        "PRIORITY=%i", LOG_INFO, "REDFISH_MESSAGE_ID=%s",
+                        "OpenBMC.0.1.SystemInterfaceDisabledProvisioned", NULL);
+    }
+    // Other modes N/A for now, ignore the same.
+}
+
 void ProvModeMgr::init()
 {
     namespace secCtrl =
         sdbusplus::xyz::openbmc_project::Control::Security::server;
     iface = server.add_interface(provModePath, provModeIntf);
+    logEvent(provMode);
     iface->register_property(
         "RestrictionMode",
         sdbusplus::xyz::openbmc_project::Control::Security::server::
@@ -92,6 +121,7 @@ void ProvModeMgr::init()
                     secCtrl::RestrictionMode::Modes mode =
                         secCtrl::RestrictionMode::convertModesFromString(req);
                     provMode = mode;
+                    logEvent(mode);
                     updateProvModeProperty(mode);
                     return 1;
                 }
author	Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>	2019-10-28 11:18:29 +0300
committer	Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>	2019-10-28 11:24:44 +0300
commit	d9c17f8494700cb3ae079181d417e3e123d215f8 (patch)
tree	865291231ed3278242c40948a5fadd74e35cf185
parent	e652d91e36ca1a48215ca22cb8fde6dbf2db5400 (diff)
download	provingground-d9c17f8494700cb3ae079181d417e3e123d215f8.tar.xz