From d095ccea8df74f9de228ab83b658d80b4fb79460 Mon Sep 17 00:00:00 2001 From: Richard Marian Thomaiyar Date: Mon, 11 Nov 2019 11:48:09 +0530 Subject: Update special mode mgr as per D-Bus interface Updated special-mode-mgr service to expose the property as per the D-Bus interface SpecialMode in the community Tested 1. Verified that manufacturing mode entered as per 15 second power buttong press during AC cycle 2. Verified that expired based on timeout or restriction mode property change 3. Verified validation unsecure features works as expected Change-Id: I87b67424f657a1a19545b4dc18a80a2fddf8ee44 Signed-off-by: Richard Marian Thomaiyar --- special-mode-mgr/CMakeLists.txt | 12 +++++++- special-mode-mgr/include/specialmodemgr.hpp | 25 ++++++++-------- special-mode-mgr/src/specialmodemgr.cpp | 46 ++++++++++++++++++++--------- 3 files changed, 55 insertions(+), 28 deletions(-) diff --git a/special-mode-mgr/CMakeLists.txt b/special-mode-mgr/CMakeLists.txt index ea54904..fa69da8 100644 --- a/special-mode-mgr/CMakeLists.txt +++ b/special-mode-mgr/CMakeLists.txt @@ -24,6 +24,15 @@ pkg_check_modules(SYSTEMD libsystemd REQUIRED) # import sdbusplus find_package(PkgConfig REQUIRED) pkg_check_modules(SDBUSPLUSPLUS sdbusplus REQUIRED) +include_directories(${SDBUSPLUSPLUS_INCLUDE_DIRS}) +link_directories(${SDBUSPLUSPLUS_LIBRARY_DIRS}) +find_program(SDBUSPLUSPLUS sdbus++) + +# phosphor-dbus-interfaces +find_package(PkgConfig REQUIRED) +pkg_check_modules(DBUSINTERFACE phosphor-dbus-interfaces REQUIRED) +include_directories(${DBUSINTERFACE_INCLUDE_DIRS}) +link_directories(${DBUSINTERFACE_LIBRARY_DIRS}) # import phosphor-logging find_package(PkgConfig REQUIRED) @@ -31,7 +40,8 @@ pkg_check_modules(LOGGING phosphor-logging REQUIRED) add_executable(${PROJECT_NAME} ${SRC_FILES}) target_link_libraries(${PROJECT_NAME} systemd) -target_link_libraries(${PROJECT_NAME} sdbusplus) +target_link_libraries(${PROJECT_NAME} ${SDBUSPLUSPLUS_LIBRARIES}) +target_link_libraries(${PROJECT_NAME} ${DBUSINTERFACE_LIBRARIES}) target_link_libraries(${PROJECT_NAME} ${Boost_LIBRARIES}) target_link_libraries(${PROJECT_NAME} phosphor_logging) diff --git a/special-mode-mgr/include/specialmodemgr.hpp b/special-mode-mgr/include/specialmodemgr.hpp index 9146b01..2e60a2c 100644 --- a/special-mode-mgr/include/specialmodemgr.hpp +++ b/special-mode-mgr/include/specialmodemgr.hpp @@ -19,18 +19,11 @@ #include #include #include +#include -static constexpr const char* strSpecialMode = "SpecialMode"; - -enum SpecialMode : uint8_t +namespace specialMode { - none = 0, - manufacturingExpired = 1, - manufacturingMode = 2, -#ifdef BMC_VALIDATION_UNSECURE_FEATURE - validationUnsecure = 3, -#endif -}; +static constexpr const char* strSpecialMode = "SpecialMode"; class SpecialModeMgr { @@ -38,7 +31,8 @@ class SpecialModeMgr sdbusplus::asio::object_server& server; std::shared_ptr conn; std::shared_ptr iface; - uint8_t specialMode = none; + sdbusplus::xyz::openbmc_project::Control::Security::server::SpecialMode:: + Modes specialMode; std::unique_ptr timer = nullptr; std::unique_ptr intfAddMatchRule = nullptr; std::unique_ptr propUpdMatchRule = nullptr; @@ -48,14 +42,19 @@ class SpecialModeMgr void updateTimer(int countInSeconds); public: - void setSpecialModeValue(uint8_t value) const + void setSpecialModeValue( + const sdbusplus::xyz::openbmc_project::Control::Security::server:: + SpecialMode::Modes value) const { if (iface != nullptr && iface->is_initialized()) { - iface->set_property(strSpecialMode, value); + iface->set_property(strSpecialMode, + sdbusplus::xyz::openbmc_project::Control:: + Security::server::convertForMessage(value)); } } SpecialModeMgr(boost::asio::io_service& io, sdbusplus::asio::object_server& srv, std::shared_ptr& conn); }; +} // namespace specialMode diff --git a/special-mode-mgr/src/specialmodemgr.cpp b/special-mode-mgr/src/specialmodemgr.cpp index 44f12cc..b685550 100644 --- a/special-mode-mgr/src/specialmodemgr.cpp +++ b/special-mode-mgr/src/specialmodemgr.cpp @@ -22,6 +22,8 @@ #include #include +namespace specialMode +{ static constexpr const char* specialModeMgrService = "xyz.openbmc_project.SpecialMode"; static constexpr const char* specialModeIntf = @@ -42,18 +44,21 @@ using VariantValue = std::variant; +namespace secCtrl = sdbusplus::xyz::openbmc_project::Control::Security::server; + SpecialModeMgr::SpecialModeMgr( boost::asio::io_service& io_, sdbusplus::asio::object_server& srv_, std::shared_ptr& conn_) : io(io_), server(srv_), conn(conn_), - timer(std::make_unique(io)) + timer(std::make_unique(io)), + specialMode(secCtrl::SpecialMode::Modes::None) { #ifdef BMC_VALIDATION_UNSECURE_FEATURE if (std::filesystem::exists(validationModeFile)) { - specialMode = validationUnsecure; + specialMode = secCtrl::SpecialMode::Modes::ValidationUnsecure; addSpecialModeProperty(); return; } @@ -131,7 +136,7 @@ SpecialModeMgr::SpecialModeMgr( { phosphor::logging::log( "Mode is not provisioning"); - setSpecialModeValue(manufacturingExpired); + setSpecialModeValue(secCtrl::SpecialMode::Modes::None); } }); @@ -182,7 +187,7 @@ void SpecialModeMgr::checkAndAddSpecialModeProperty(const std::string& provMode) int specialModeLockoutSeconds = 0; if (mtmAllowedTime > sysInfo.uptime) { - specialMode = manufacturingMode; + specialMode = secCtrl::SpecialMode::Modes::Manufacturing; specialModeLockoutSeconds = mtmAllowedTime - sysInfo.uptime; sd_journal_send("MESSAGE=%s", "Manufacturing mode - Entered", "PRIORITY=%i", LOG_INFO, "REDFISH_MESSAGE_ID=%s", @@ -201,32 +206,41 @@ void SpecialModeMgr::addSpecialModeProperty() // Add path to server object iface = server.add_interface(specialModePath, specialModeIntf); iface->register_property( - strSpecialMode, specialMode, + strSpecialMode, secCtrl::convertForMessage(specialMode), // Ignore set - [this](const uint8_t& req, uint8_t& propertyValue) { + [this](const std::string& req, std::string& propertyValue) { + secCtrl::SpecialMode::Modes mode = + secCtrl::SpecialMode::convertModesFromString(req); #ifdef BMC_VALIDATION_UNSECURE_FEATURE - if ((req == validationUnsecure) && (specialMode != req)) + if ((mode == secCtrl::SpecialMode::Modes::ValidationUnsecure) && + (specialMode != mode)) { std::ofstream output(validationModeFile); output.close(); - specialMode = req; + specialMode = mode; propertyValue = req; return 1; } #endif - if (req == manufacturingExpired && specialMode != req) + if (mode == secCtrl::SpecialMode::Modes::None && + specialMode != mode) { - specialMode = req; +#ifdef BMC_VALIDATION_UNSECURE_FEATURE + std::remove(validationModeFile.c_str()); +#endif + specialMode = mode; propertyValue = req; return 1; } return 0; }, // Override get - [this](const uint8_t& mode) { return specialMode; }); + [this](const std::string& mode) { + return secCtrl::convertForMessage(specialMode); + }); iface->register_method("ResetTimer", [this]() { - if (specialMode == manufacturingMode) + if (specialMode == secCtrl::SpecialMode::Modes::Manufacturing) { updateTimer(mtmAllowedTime); } @@ -250,16 +264,20 @@ void SpecialModeMgr::updateTimer(int countInSeconds) "Error in special mode timer"); return; } - iface->set_property(strSpecialMode, - static_cast(manufacturingExpired)); + iface->set_property( + strSpecialMode, + secCtrl::convertForMessage(secCtrl::SpecialMode::Modes::None)); sd_journal_send("MESSAGE=%s", "Manufacturing mode - Exited", "PRIORITY=%i", LOG_INFO, "REDFISH_MESSAGE_ID=%s", "OpenBMC.0.1.ManufacturingModeExited", NULL); }); } +} // namespace specialMode + int main() { + using namespace specialMode; boost::asio::io_service io; auto conn = std::make_shared(io); conn->request_name(specialModeMgrService); -- cgit v1.2.3