BMC/Intel-BMC/virtual-media.git - Adds possibility to inject virtual installation media to the platform via browser, HTTPS or CIFS. (mirror)

Age	Commit message (Collapse)	Author	Files	Lines
2020-07-23	Assure rigth permissions for files	Czarnowski, Przemyslaw	1	-0/+18
	According to security guidelines, files created by service must be limited to the narrowest set of permissions required. This must be also true for 3rd party files used by Virtual Media. - For all regular files and directories created by service umask is used. - For sockets, permissions are limited by permissions of parent directory. For full reference see man unix(7). Below the most important fragment: "In the Linux implementation, sockets which are visible in the filesystem honor the permissions of the directory they are in. Their owner, group and their permissions can be changed. Creation of a new socket will fail if the process does not have write and search (execute) permission on the directory the socket is created in. Connecting to the socket object requires read/write permission. This behavior differs from many BSD-derived systems which ignore permissions for UNIX domain sockets. Portable programs should not rely on this feature for security." Change-Id: I22ff531c96c8a6903fecb5d8cc71caf33150a713 Signed-off-by: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>
2020-01-29	Gadget inactivity timeout	Agata Olender	1	-0/+2
	MountPoints being inactive for time defined by InactivityTimeout will be unmounted. Inacitivity is measured based on USB gadget R/W statitics. InactivityTimeout must be set in json configuration and is common for all MountPoints. Remaining time to unmount inactive media is exposed per MountPoint on dbus using RemainingInactivityTimeout property. Change-Id: Ieb80e67dae6c3b4cb0482d801b5b4208884b0809 Signed-off-by: Agata Olender <agata.olender@intel.com>
2020-01-29	Manage remote media state transitions	Czarnowski, Przemyslaw	1	-2/+16
	This is a first part of bigger functionality which provides host to use virtual media. First part provides skeleton and definitions of states and events defining state machine, also brings working implementation of proxy mode and some starting point to implement legacy mode. There are at least three additional patchsets implementing legacy mode with https and cifs support and secure passing of secrets. Specifically this change adds StateMachine class used to keep track state of each mount point: - StateMachine is made as std::variant of object derived from BasicState. - Each state has its own possible transitions defined (events). - Transitions defines appropriate behavior. - Specific event triggers transition from one to other specific state (1:1 relation). Tested: Manual tests on WilsonCity platform: - mounting and unmounting using redfish and webui - check state on dbus interfaces Change-Id: I4b13085e1f8884fcedd7d97e76910c21e87ab7f8 Signed-off-by: Rapkiewicz, Pawel <pawel.rapkiewicz@intel.com> Signed-off-by: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>
2020-01-17	Add configuration class	Czarnowski, Przemyslaw	1	-3/+11
	Configuration class is used to read configration from file and validate entries. Also exposes API to serve stored data. Change-Id: Id4989ff45ff4a5cf7af7acf76a89b1c5838862f4 Signed-off-by: Rapkiewicz, Pawel <pawel.rapkiewicz@intel.com> Signed-off-by: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>
2020-01-17	Add Process and DeviceMonitor class with dependencies	Czarnowski, Przemyslaw	1	-1/+8
	Added DeviceMonitor which watches for ndb device changes. Contains: - Udev library wrappers. - NBDevice object to manage nbd devices in errorless manner. - Process library, which manages process spawning. Change-Id: Iaf3caec56cd6084f1c17ccc5657b9b14c8e82d33 Signed-off-by: Rapkiewicz, Pawel <pawel.rapkiewicz@intel.com> Signed-off-by: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>
2020-01-10	Entry commit for new VM code	Czarnowski, Przemyslaw	1	-1026/+6
	Introducing Virtual Media based on State Machine. - Logging class added - Stub for Main application Change-Id: I05ef576c170e2f9acf90800708f4447452f4050f Signed-off-by: Rapkiewicz, Pawel <pawel.rapkiewicz@intel.com> Signed-off-by: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>
2019-09-16	Support for Legacy mode.	Zbigniew Lukwinski	1	-19/+384
	Support for Legacy mode added but only for CIFS resources. DBus "xyz.openbmc_project.VirtualMedia.MountPoint" interface was extended to support 'ImageUrl'. This property will be used to expose on DBus HTTPS/CIFS url already mounted in Legacy mode. Changes does not cover passing credential needed for CIFS authentication. Tested: - CIFS/SMB resource succesfully mounted with DBus call to the xyz.openbmc_project.VirtualMedia.Legacy:Mount - CIFS/SMB resource succesfully unmounted with DBus call to the xyz.openbmc_project.VirtualMedia.Legacy:Unmount - checked double mount and unmount DBus calls return an error and put an appropriate trace in logs. Change-Id: I25b3d11dad6b273e88325beb35580e0baa8568f8 Signed-off-by: Zbigniew Lukwinski <zbigniew.lukwinski@linux.intel.com>
2019-08-27	Initial version of Virtual-Media	Rapkiewicz, Pawel	1	-0/+722
	This is initial version of virtual media support this covers: * udev monitoring * configuration reading * exposing appropriate interfaces on dbus * allows mount/umount images from existing unix socket Does not cover: * configuration of usb gadget Integration with bmcweb will be delivered to bmcweb Change-Id: I358ab80fe32a7ed933007143bfa00da847a95316 Signed-off-by: Rapkiewicz, Pawel <pawel.rapkiewicz@intel.com> Signed-off-by: Kowalski, Kamil <kamil.kowalski@intel.com>