Age | Commit message (Collapse) | Author | Files | Lines |
|
Update the script to point at 2021.1 and run it.
Since we have an exclude list, this only brings in new versions of
schemas bmcweb already uses.
Overview of 2021.1:
https://www.dmtf.org/sites/default/files/Redfish_Release_2021.1_Overview.pdf
Features IBM plans to use:
Resource, Action, Enum, and Property Deprecated Messages
Boot Progress: Setup Entered
System: Stop Boot On Fault
Chassis: Spare Part Number
Enabled for Memory, Processor
Log Entry: AutomatedServiceNotify, Resolution
Power Modes
Enable/Disable USB
Tested: Clean run of the validator passes.
Change-Id: Ib22e5ea314c41ae354930b2c5857fe9512859507
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Make the AdditionalDataURI a child relationship of the resource to better follow Hypermedia API best practices and match the AdditionalDataURI of the coming Post Code log entries.
Changed the AdditionalDataURI for bmc dump, system dump, and log entry
A hypermedia API gives us a search form in response and tells API what URL to use, which HTTP verb is appropriate, and what parameters to supply.
URL change:-
Old:
"/redfish/v1/Systems/system/LogServices/EventLog/attachment/<str>"
New:
"/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/attachment"
openbmc/bmcweb#205
Tested: Validator passes.
- Verified the new AdditionalDataURI was correct for /redfish/v1/Systems/system/LogServices/EventLog/Entries:
$ curl -k https://w15.aus.stglabs.ibm.com/redfish/v1/Systems/system/LogServices/EventLog/Entries/1
{
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/1",
"@odata.type": "#LogEntry.v1_8_0.LogEntry",
"AdditionalDataURI": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/1/attachment",
"Created": "2021-03-15T18:47:26+00:00",
"EntryType": "Event",
"Id": "1",
"Message": "xyz.openbmc_project.Common.Error.InternalFailure",
"Modified": "2021-04-30T17:26:38+00:00",
"Name": "System Event Log Entry",
"Resolved": true,
"Severity": "Critical"
}
Change-Id: Ifb720ac2710ebd4a2df37a83c9deb8a6eefdffd5
Signed-off-by: Abhishek Patel <Abhishek.Patel@ibm.com>
|
|
Allow client to PATCH the URI pointing to the active OperatingConfig for
a given processor, in order to dynamically change the processor's
configuration. The OperatingConfig related properties are only available
if a supporting backend daemon is running - currently we have the Intel
cpuinfoapp in the smbios-mdr repo.
This change does basic validation on input data, then sets the D-Bus
property and translates any return errors into Redfish error messages.
Tested:
- PATCH non-existent Processor -> ResourceNotFound
- PATCH with string/int -> PropertyValueTypeError
- PATCH with object w/o @odata.id -> PropertyMissing+Unknown
- PATCH with config from different Processor -> PropertyValueIncorrect
- PATCH with non-existent config -> PropertyValueIncorrect
- PATCH with valid config -> OK, see new config on next GET
- Hack cpuinfoapp backend service to return all possible error codes and
verify that correct Redfish error is returned.
Change-Id: I19d8b461fac25682f1883fe769d840f18f4141a8
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
|
|
COMMON_ERRORS.md Implementation was misspelled.
Signed-off-by: Abhishek Patel <Abhishek.Patel@ibm.com>
Change-Id: I053e8ccc0aad1a900db5b385d848c12ce524643e
|
|
https://jenkins.openbmc.org/job/ci-openbmc/3949/distro=ubuntu,label=docker-builder,target=tiogapass/consoleText
This build seems to be failing with an error |
../git/http/http_response.hpp:23:10: error: 'optional' in namespace
'std' does not name a template type | 23 |
std::optional<response_type> stringResponse;
This should fix it by including the relevant headers.
Tested:
Code builds. CI error only.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ifba15559a73d823d791de1d508e136a3c44e6cd1
|
|
The latest version of gcc seems to be enforcing that these are static
and constexpr, presumably because std::random_device is now using them
in a constexpr context. It seems odd this would be required (you'd
think it would be breaking backward compatibility) but it's an easy
enough change to make.
Tested:
Only tested that code builds. Not tested functionally.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3f5e7077d56178fbc7b4e02f4e2f4a357c928c5b
|
|
Replaced std::map::at with std::map::find in lib/thermal.hpp, this
doesn't uses exceptions and return value is properly checked before
using it.
Tested:
- GET redfish/v1/Chassis/chassis/Thermal displays same content as before
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Change-Id: I9123a5081cb76dcbe3620a59b46408a6b8c9cda2
|
|
A common anti pattern is using endswith or contains. This got
compounded recently because of https://github.com/openbmc/sdbusplus/issues/60
where filename now contains decoding logic.
This at least should fix the issue to make the Redfish tree walkable
again.
Tested:
Loaded up a WFP_Baseboard on qemu, and verified that
/redfish/v1/Chassis/WFP_Baseboard traversed correctly.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I55cc389a773e4b594668a4bca466efc33cc9cb7c
|
|
- The Message argument in the BIOSPOSTCode Message Entry
uses short form wording for TS (Time Stamp) & without any time unit.
- As the Message argument is directly displayed on OpenBMC GUI
as it is, word "TS" would create customer confusion due to it
not being a well known acronym. Also a field like this that
captures a physical quantity(time) should have units.
- Redfish clients should not be parsing the message argument, so
changing this wording should not break them.
- Also, this commit changes ":" to ";" in the Message argument to
makes things look consistent.
- As we changed the content of Message in the Message Entry, we had to
bump up the minor version of the Message registry.
Tested By:
1. Redfish Validator Passed.
Signed-off-by: Manojkiran Eda <manojkiran.eda@gmail.com>
Change-Id: I17924c2dfdcf34563f8f8cd325011e13cb70e476
|
|
These comments are part include/ibm/locks.hpp in isConflictRecord
Change-Id: If8a6ec3585b43fcb80d086714f16dbf4c80a8ad9
Signed-off-by: Ali Ahmed <ama213000@gmail.com>
|
|
The ip address is cleared out after req.emplace inside doWrite
function which leads to problem with ip address identification.
Fetch ip address on all handle requests instead of fetching on
connection's starts only.
Tested:
- no problems in filling of Request ip field with debug bmcweb build
Signed-off-by: Ivan Mikhaylov <i.mikhaylov@yadro.com>
Change-Id: Icc846285b987702a8db582434296d0d1b7f90b27
|
|
The processor resource needs to look at Present and Functional to determine state and health.
This is how other resources do it.
It should not look at totalCores to determine present / State.
HealthPopulate is not used. We use Functional to determine health status.
Functional is a bool that HealthPopulate cannot handle.
Signed-off-by: Chicago Duan <duanzhijia01@inspur.com>
Change-Id: Iff900061254fdd991b2dfa573b364a04decd8f98
|
|
If the HostState is TransitioningToRunning, Redfish response should
indicate Starting.
Tested:
- Changed HostState to TransitioningToRunning via busctl and
get redfish/v1/Systems/system and verified Status State as "Starting"
- Docker unit test passed
- Redfish validator passed
Signed-off-by: Noah Brewer <noah.t.brewer@gmail.com>
Change-Id: I69719fdbb32247fd31327be9ad39068e2898c2db
|
|
In the begining, bmcweb had its own webui checked in as source. Largely
conceived of clay, and built by someone that doesn't understand UI
development (me), it was eventually superceeded by phosphor-webui. When
we did that, we created a bug where bmcweb was expecting a UI to always
be installed, and when it wasn't resolved into an infinite recursive
redirect as it tried to find the login page.
This patchset fixes that, by adding a connection between the
authorization class, and the webassets class, for bmcweb to detect at
runtime whether or not the UI is installed, and change behavior in that
case.
Along the way, we got a circular #include, so some includes needed to be
rearranged slightly.
This patchset will change no behavior when the UI is installed. Login
failures will continue to redirect to /, to hit the login page.
If the UI is not installed, and there is no / route, BMCWEB will return
the plaintext UNAUTHORIZED if you attempt to open the webui from the
browser without having a webui installed and without having credentials.
Tested:
Launched in a build without webui-vue, and observed "UNAUTHORIZED" when
I connected through chrome.
Also launched in a build with webui-vue installed with:
IMAGE_INSTALL_append = "webui-vue"
And loaded the webui in chrome, and logged in successfully.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iac9b83ba9e80d434479685b082d547847cdfe309
|
|
After sdbusplus made available string path wrapper VM code has been
updated to use it. This makes legacy mode unusable as appropriate
change introduced a problem with comparison of DBus object path, which
is now fixed.
Tested:
After applying this fix, legacy mode has InsertMedia action enabled
again.
Change-Id: I6339ae2977faacf50ce708199aaf3b13b4314398
Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski@intel.com>
|
|
The state attribute was showing Enabled even if dimm was not present.
Added Present property under Inventory Item interface to read the dimm
presence and accordingly populate jsonValue["Status"]["State"]
to Enabled or Absent.
Tested:
-Get of redfish/v1/Systems/system/Memory/dimm shows correct
State values in both the cases.
-Redfish validator passed.
Signed-off-by: Joshi-Mansi <mansi.joshi@linux.intel.com>
Change-Id: I0629fffcc8ca5abf09dd645af6640341d37e446e
|
|
"After setting response to internal error you should stop adding more content to response. Try to return instead of continuing a loop"
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/39970/9/redfish-core/lib/pcie_slots.hpp#169
Signed-off-by: Chicago Duan <duanzhijia01@inspur.com>
Change-Id: Iadd3062ba7fef31ba61eea1e79eb3a903716b9e9
|
|
crow::Response was create on stack and passed to async function
which was called after crow::Response was deleted
Tested:
- mentioned issue doesn't produce errors anymore
- no additional errors detected
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Change-Id: I16b338e0f6a4102415b5dca5defc307495db0c8e
|
|
The ConfigFile upload fails when the /var/lib/obmc directory is not
available at BMC
This commit changes the base directory to /var/lib/bmcweb
The subdirectories for the configfiles and locks
are created under this new path
Migration strategy of this directory and files:
This is IBM only feature, compiled under the IBM_MANAGEMENT_CONSOLE flag
There is no system out yet which is running this code
Internal IBM stake holders are in agreement with the changes
Tested by :
1. Tested configfile upload on a BMC where the base directory is not
available
2. Tested the configfile upload on a factory BMC. Verified it creates
the base directories and the upload is successful
3. Tested the configfile usecases for delete and delete-all
4. Tested the acquire-lock functionality
5. Ran lock unit test successfully
Signed-off-by: Sunitha Harish <sunharis@in.ibm.com>
Change-Id: Ic3f5f5d0ba0b37950fd397ec835b4fa7babdaa9b
|
|
Fix memory leak issue when opening the certificate file
Refer to details: https://github.com/openbmc/bmcweb/issues/195
Tested:
Check the number of open files in bmcweb via lsof command
$lsof -p {the pid of bmcweb} | grep REG |grep pem | wc -l
0
Signed-off-by: Alan Kuo <Alan_Kuo@quantatw.com>
Change-Id: Id05fc4f3e653f51c5f02212ad8f361c7e8091808
|
|
8401529 removed OemCrashdump.json but didn't from $metadata/index.xml
and the update_schemas.py.
This is causing the following validator fail and holding up the bump:
ERROR - The following schema URIs referenced from $metadata could not
be retrieved:
/redfish/v1/schema/OemCrashdump_v1.xml
See https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/42245
Tested: None.
Change-Id: I6106bb19c725c088b7343722c1001f4e188e216d
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Content Security Policy Level2 directives as below,
form-action set to 'none'-No form-submissions to external websites.
frame-ancestors set to 'none' -Preventing framing attacks
(clickjacking, cross-site leaks)
plugin-types set to 'none' -Plugins are not allowed
base-uri set to 'none' -protect against classical stored,reflected,
and some of the DOM XSS attacks.
More Information
<https://cheatsheetseries.owasp.org/cheatsheets/
Content_Security_Policy_Cheat_Sheet.html>
Tested :
Checked the CSP level directives in Chrome/Firefox/Safari Browsers,
webui and webui-vue.
Change-Id: Id823958469fdbb02259fcc24c4e91789c65eec33
Signed-off-by: Basheer Ahmed Muddebihal <basheerx.muddebihal@intel.com>
|
|
- Base on the b304bd7965 commit, there is a potential bug here.
- Currently, the registry is only published when
`BMCWEB_ENABLE_REDFISH_DBUS_LOG_ENTRIES` is disabled. In fact,
regardless of whether `BMCWEB_ENABLE_REDFISH_DBUS_LOG_ENTRIES` is
enabled or disabled, the registry needs to be published.
Tested: built bmcweb repo successfully and validator passes.
Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I2e9d96c3b3eef0606e35c146b3d77b5aa2bb066c
|
|
8d1b46d7 moves bmcweb to using AsyncResp everywhere, and not have
each individual handler creating its own object.
9010ec2e should not have been merged yet. This fixes a miss in the
review.
Tested: Built and validator passes.
From webui-vue, changed the IP Address.
Change-Id: I04b070ed61b788fa87e9d6fddede502701e9742d
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Earlier we have the gateway at system level, Now with the change
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-networkd/+/34852/
Gateway has been associated with interface level.
This commit fixes this behaviour.
Tested by:
GET https://${BMC_IP}/redfish/v1/Managers/bmc/EthernetInterfaces/eth0/
PATCH -D '{"IPv4StaticAddresses": [{},{"Address": "10.7.8.7","SubnetMask": "255.255.0.0","Gateway":"10.7.8.1"}]}' https://${BMC_IP}/redfish/v1/Managers/bmc/EthernetInterfaces/eth0
Ran Redfish validator
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Change-Id: I39e76b9552dacfe249c459590b1986d6eba8bb89
|
|
Message ID's and Registry prefixes used to subscribe to an event
will be checked against allowed values.
Corrected "Task" registry prefix to "TaskEvent".
Tested:
- Validated POST action with different combinations of
Message id's and Registry Prefix.
- Redfish validator passed.
Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
Change-Id: I921cafeca8b2a1813f4aa4c41ecd01c831e3465b
|
|
Get the core using AsyncResp everywhere, and not have each individual handler
creating its own object.We can call app.handle() without fear of the response
getting ended after the first tree is done populating.
Don't use res.end() anymore.
Tested:
1. Validator passed.
Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Change-Id: I867367ce4a0caf8c4b3f4e07e06c11feed0782e8
|
|
Tested:
- Bmcweb compiles
Change-Id: I233eaa787f73a82a7dbdd1ef569acd5d655f734d
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
|
|
The raw PECI command is recommended not to include in a standard
build, so removing it from the bmcweb to avoid accidental
inclusion.
Tested:
Confirmed that the raw PECI command is gone.
Change-Id: I2b52e0ede089da6df6ca3ad304194de8af27b709
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
|
Add a GET function for endpoint
/redfish/v1/Systems/system/LogServices/EventLog/attachment/<str>
which would read the File Path property of the specified entry,
encode it as base64, and send it off. This allows the user to
offload error logs for analysis and further parsing if needed.
An http header of "Accept: application/octet-stream" or the default "*/*"
is expected.
Tested:
- Ran Redfish validator.
- Verified the contents of the offloaded file were the same as
the file in the BMC, after decoding it with a base64 decoder.
curl -k -H "X-Auth-Token: $token" \
https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/attachment/2
- Verified the supported Accept header values, ex:
"Accept: application/octet-stream;q=1"
"Accept: text/plain;q=0,application/octet-stream;q=1,multipart/form-data;q=2"
- Verified an unsupported Accept header returned "Bad Request", ex:
curl -k -H "X-Auth-Token: $token" -H "Accept: application/*"
curl -k -H "X-Auth-Token: $token" -H "Accept: foo, not/supported"
- Verified 404 was returned for a not found endpoint:
$ curl -k -H "X-Auth-Token: $token" https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/attachment/foo
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type EventLogAttachment named foo was not found.",
"MessageArgs": [
"EventLogAttachment",
"foo"
],
"MessageId": "Base.1.8.1.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.8.1.ResourceNotFound",
"message": "The requested resource of type EventLogAttachment named foo was not found."
}
}
Change-Id: Id9e2308ebedc70852a2ed62def107648f7e6fb7a
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
|
|
The File Path property was added to the DBus Event Log Entries with
https://github.com/openbmc/phosphor-logging/commit/1ff95efecaf24bf296b291ed85798b6e22189d0f
The Path was added to indicate the path to the Entry file and that the
file could be offloaded out of the BMC. Check if the Path property
exists, and if so add an AdditionalDataURI field to the EventLog
redfish output and populate it with string
"LogServices/EventLog/attachment/id" in the same fashion as
the dump URI entry. An implementation of GET on that path is done in a
subsequent commit.
The new Path property is located under the
xyz.openbmc_project.Common.FilePath interface. The rest of the current
properties are under the xyz.openbmc_project.Logging.Entry interface.
In order to read the Path property for an individual entry
(endpoint Entries/<str>/), need to remove the Entry interface from the
GetAll call so that all properties from all interfaces are returned.
In order to get the Path property when querying all entries
(endpoint Entries/), need to query the properties under the Entry and
FilePath interface, then build the json response for that entry.
Tested:
- Ran Redfish validator
- Verified the new AdditionalDataURI was correct for both
LogServices/EventLog/Entries and LogServices/EventLog/Entries/<str>:
$ curl -k -H "X-Auth-Token: $token" \
https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/Entries/7
{
"@odata.id":
"/redfish/v1/Systems/system/LogServices/EventLog/Entries/7",
"@odata.type": "#LogEntry.v1_8_0.LogEntry",
"AdditionalDataURI":
"/redfish/v1/Systems/system/LogServices/EventLog/attachment/7",
- Verified that AdditionalDataURI is not added if the Path property
doesn't exist.
Change-Id: Ib82361bae19a99e74d53f4ab5c4b446d277f0937
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
|
|
res.end() should be avoided where possible; This commit changes
requestRoutes to remove the res.end() that's been present there for a
long time.
Tested:
curl -vvvv --insecure --user root:0penBmc https://192.168.7.2/redfish/v1
returns 200
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I798783d320cfb7bc7973a8d2c02c4a25906a3859
|
|
Lots of commits recently seem to make this error. Having this
documented should hopefully reduce the likelihood people make these
mistakes.
Tested:
Documentation only.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I72cfc06aee9d687c26aa095353c414193d5d9ce7
|
|
The bmcweb crash issue seen when there is eventservice
config with subscriptions in persistent file.
During EventService instantiation, it uses the "get_io_context()"
from systemBus, so it should be called after systemBus init. So
moved systemBus initialization to early stage of main process to
avoid ordering issue.
Tested:
- bmcweb crash issue resolved.
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: Iab52f0e89478e306af475066fb5691153a05677d
|
|
Added POST action in MetricReportDefinitions node to allow user
to add new MetricReportDefinition. Using minimal set of
MetricReportDefinition parameters from user bmcweb converts it to
DBus call "AddReport" to Telemetry that serves as a backend
for Redfish TelemetryService.
Added DELETE request in MetricReportDefinitions node to allow user
to remove report from Telemetry.
Added conversion from string that represents duration format into
its numeric equivalent.
Added unit tests for conversion from and to Duration format.
Tested:
- Tested using witherspoon image on QEMU
- Verified POST action in different cases:
- all parameters are provided, new report is added to collection
- some parameters are missing or invalid, user gets response with
description of the issue
- Verified that reports are removed on DELETE request
- Verified that on invalid DELETE request user receives response
with error
- Verified time_utils::fromDurationString()
- Succesfully passed RedfishServiceValidator.py
Signed-off-by: Wludzik, Jozef <jozef.wludzik@intel.com>
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Change-Id: I2fed96848594451e22fde686f8c066d7770cc65a
|
|
From the redfish specification:
Redfish Services shall process the OData-Version header in the
following table as defined by the HTTP 1.1 specification.
<Table omitted, but shows "yes" for service requirements>
Services shall reject requests that specify an unsupported OData
version.
This code implements compliance with those two statements.
Tested:
curl -vvvv --insecure --user root:0penBmc -H "OData-Version: 4.1" https://<ip>/redfish/v1
Returns 412 Precondition Failed
curl -vvvv --insecure --user root:0penBmc -H "OData-Version: 4.0" https://<ip>/redfish/v1
returns 200
curl -vvvv --insecure --user root:0penBmc https://<ip>/redfish/v1
returns 200
The equivalent Redfish-Protocol-Validator tests now pass
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I50350b913f17ae35588e2f0606c56164f00dc2a9
|
|
The requestRoutes somehow got put into the crow namespace, despite
everything else being put into redfish. This commit makes the
namespacing consistent, which is a good thing overall for complexity.
Tested:
curl -vvvv --insecure --user root:0penBmc https://192.168.7.2/redfish/v1
returns 200
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I954e1a34893b1b5918eeee25d201c938ef4b55b6
|
|
Actual attribute "ReadingUnits" does not match with Redfish Sensor
Schema. This change match "ReadingUnits" with Redfish Sensor Scheme
1.0.0 and add missing "ReadingType" attribute. This change affect all
users that depends on old units that does not match with Redfish
standard. Added toReadingType and toReadingUnit function that uses
values taken from Redfish Sensor Scheme 1.0.0. Latest version 1.2.0 of
Sensor scheme defines same units.
Changed value stored in ReadingUnits for Sensor resource:
- "Watts" -> "W"
- "Amperes" -> "A"
- "Percent" -> "%"
Tested:
- RedfishServiceValidator pass
- Verified that Sensors contain proper ReadingUnits
- Webui-Vue displays ReadingUnits properly in Health tab
Change-Id: I0c8820eba7271022c427cd25dec321db36aa0176
Signed-off-by: Wludzik, Jozef <jozef.wludzik@intel.com>
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
|
|
This updates Crashdump to the latest LogService schema which now
has a "CollectDiagnosticData" Action that replaces the OEM actions.
It also updates to the latest LogEntry to use the new
"AdditionalDataURI" property to provide the Crashdump file URI.
Tested:
Confirmed that the Crashdump LogEntries are displayed and can
be collected correctly.
Confirmed that the schema changes pass the Redfish Service Validator.
Change-Id: I34f533b78441269a66201a13e990dba18745c7ba
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
|
- If the server returns 500(internal error) to any of these requests,
the security scanner logs it as an error for followup.
- Sometimes, it is not a real 500(internal error), may be is a 404
(not found) error, and we think that the 404(not found) error is a
benign error, and not actually a real security threat.
- We should handle the 404(not found) error correctly and return it
where appropriate.
- Refer to: https://github.com/openbmc/bmcweb/blob/master/COMMON_ERRORS.md#11-not-responding-to-404
Tested:
curl -k -X DELETE -v https://$bmc/redfish/v1/Systems/system/LogServices/Dump/Entries/198274391874
- Before:
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The request failed due to an internal service error. The service is still operational.",
"MessageArgs": [],
"MessageId": "Base.1.8.1.InternalError",
"MessageSeverity": "Critical",
"Resolution": "Resubmit the request. If the problem persists, consider resetting the service."
}
],
"code": "Base.1.8.1.InternalError",
"message": "The request failed due to an internal service error. The service is still operational."
}
}
- After:
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type systemDumpEntry named 198274391874 was not found.",
"MessageArgs": [
"LogEntry",
"198274391874"
],
"MessageId": "Base.1.8.1.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.8.1.ResourceNotFound",
"message": "The requested resource of type systemDumpEntry named 198274391874 was not found."
}
}
Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I84c14f0294cf84606c9850dc4bacbda16e8cfa8e
|
|
While Patching MAC address from Redfish, response is showing
as empty but HTTPS status code is "200 OK" on successful case.
So provided fix for Proper response on Success.
Tested:
1. Verified RedFish validator passed
2. Verified the response on Redfish by updating MAC address.
PATCH: https://<bmc_ip>/redfish/v1/Managers/bmc/EthernetInterfaces/eth0
Body:
{
"MACAddress": "xx:xx:xx:xx:xx:xx"
}
Response:
{
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "Successfully Completed Request",
"MessageArgs": [],
"MessageId": "Base.1.8.1.Success",
"MessageSeverity": "OK",
"Resolution": "None"
}
]
}
Signed-off-by: Sunita Kumari <sunitax.kumari@intel.com>
Signed-off-by: Jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I91a34f414b854593b4873e4ed923734030d6562d
|
|
This commit fixes bmcweb crash while patching
"IPv4StaticAddresses" property with below values
'{"IPv4StaticAddresses": null}'
'{"IPv4StaticAddresses": []}'
Tested By:
GET
PATCH
'{"IPv4StaticAddresses": null}' returned a 400
'{"IPv4StaticAddresses": []}' returned a 400
'{"IPv4StaticAddresses": [null]}' returned a 200 and deleted the entry
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Change-Id: Ia310818c87fc1a425d32dd3648c2cbdd6fe5f526
|
|
In order to reuse the D-Bus lookup logic for both GET and PATCH
requests, separate the GetSubTree call from the processing loop.
This way, we can have one common place to determine if 404 Not Found
should be returned for any type of Processor request.
This also improves 404 handling by filtering out those objects which
don't implement Item.Cpu or Item.Accelerator. Previously it was possible
to request e.g. /redfish/v1/Systems/system/Processors/dimm0 and get back
some information about that DIMM. This change will ensure non-CPU items
return a 404.
Tested:
- All links in the ProcessorCollection return the same data that they
did before this change.
- Invalid Processor IDs (e.g. dimm0 from above) now return 404 error
message.
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
Change-Id: I0f09ba1189b7a068c8c0ffe136d19e9587765d18
|
|
- This commit would change the backend signature of the
PostCode Raw Value property.
- IBM progress codes are typically around 72 bytes including a
primary code (typically 8 bytes) & a secondary code that
contains hex words that would provide additional details on the
core problem during boot hangs.
- The intent behind this commit is to change the signature of the
backend Post Code Raw Value Property as per the proposed PDI
change.
- This commit has various dependencies across mutiple repos like
phosphor-host-postd, phosphor-post-code-manager, all the dependent
commit can be found in gerrit with topic name : progress codes
Tested By :
1. PATCHED a witherspoon system with the new PDI library with both
changes(40927,40936).
2. PACTHED the new snoopd daemon, post code manager, bmcweb & pldm with
the progress code support.
3. Trigger a progress code(ASCII Value : STANDBY) using the pldm tool as shown below:
./pldmtool raw --data 0x80 0x3F 0xC 0x0A 0x00 0x00 0x00 0x00 0x00 0x07
0x00 0x00 0x00 0x48 0x00 0x00 0x00 0x02 0x00 0x00 0x01 0x00 0x00 0x00
0x48 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x53 0x54 0x41 0x4e 0x44 0x42 0x59 0x20 0x20
0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20
0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20
4. Now check the Raw Property :
busctl call xyz.openbmc_project.State.Boot.Raw /xyz/openbmc_project/state/boot/raw0
org.freedesktop.DBus.Properties Get ss xyz.openbmc_project.State.Boot.Raw Value
v (tay) 6004496007600167200 72 2 0 0 1 0 0 0 72 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 83 84 65 78 68 66 89 32 32 32 32 32 32 32 32 32 32 32 32
32 32 32 32 32 32 32 32 32 32 32 32 32
5. Check the Redfish GET on Post Code Log Service Entry
{
"@odata.id": "/redfish/v1/Systems/system/LogServices/PostCodes/Entries",
"@odata.type": "#LogEntryCollection.LogEntryCollection",
"Description": "Collection of POST Code Log Entries",
"Members": [
{
"@odata.id": "/redfish/v1/Systems/system/LogServices/PostCodes/Entries/B1-1",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "2021-02-27T08:38:31+00:00",
"EntryType": "Event",
"Id": "B1-1",
"Message": "Boot Count: 1: TS Offset: 0.0000; POST Code: 0x5354414e44425920",
"MessageArgs": [
"1",
"0.0000",
"0x5354414e44425920"
],
"MessageId": "OpenBMC.0.1.BIOSPOSTCode",
"Name": "POST Code Log Entry",
"Severity": "OK"
}
],
"Members@odata.count": 1,
"Members@odata.nextLink": "/redfish/v1/Systems/system/LogServices/PostCodes/Entries?$skip=1000",
"Name": "BIOS POST Code Log Entries"
}
The post code Field shows 0x5354414e44425920 in Hex(In Ascii it would be
STANDBY)
Signed-off-by: Manojkiran Eda <manojkiran.eda@gmail.com>
Change-Id: I960a9a4f35ac8d7af03e9547d1f609b6adda0caa
|
|
When the client passes a value that is not in list of accepted values
use propertyValueNotInList.
Tested:
curl -k -X PATCH -d '{"PowerRestorePolicy":"badvalue"}'\
https://${bmc}/redfish/v1/Systems/system
{
"PowerRestorePolicy@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The value badvalue for the property PowerRestorePolicy is not in the list of acceptable values.",
"MessageArgs": [
"badvalue",
"PowerRestorePolicy"
],
"MessageId": "Base.1.8.1.PropertyValueNotInList",
Change-Id: Icfa910c9f79aa6ff0a87f748b55ad52d8ad411d8
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Set SameSite to Strict since OpenBMC does not have functionality
that requires Lax or None.
SameSite Strict provides a little protection against CSRF attacks
by ensuring the cookie is only sent to requests originating from
the same site that set the cookie.
This came from some discussion on discord.
From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie
SameSite=<samesite-value> Optional
Controls whether a cookie is sent with cross-origin requests,
providing some protection against cross-site request forgery attacks
Inline options are:
Strict: The browser sends the cookie only for same-site requests
(that is, requests originating from the same site that set the
cookie). If the request originated from a different URL than the
current one, no cookies with the SameSite=Strict attribute are sent.
Lax: The cookie is not sent on cross-site requests, such as calls
to load images or frames, but is sent when a user is navigating to
the origin site from an external site (e.g. if following a link).
This is the default behavior if the SameSite attribute is not
specified.
None: The browser sends the cookie with both cross-site and
same-site requests. The Secure attribute must also be set when
SameSite=None!
Note: On Firefox 85, FireFox still doesn't have the Default set
to SameSite=Lax. This can be changed via "about:config" and
"network.cookie.sameSite.laxByDefault".
Tested: Webui-vue works. Redfish GUI browser works.
Websockets work on the GUI.
Tested GUI functions that call POST and PATCH.
Can see the XSRF-TOKEN and SESSION cookies are SameSite
Strict with this build. Before were SameSite None.
Browser DevTools -> Storage on Firefox to view cookies.
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Change-Id: I4402f2930847c1d47b22696631be26d33c78b6f9
|
|
json was already in the array.
Tested: GUI worked in the top commit.
Change-Id: Iac97801489e1bd03a91a613e7b33a777867bd165
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
This commit fixes below warnings
WARNING - IPv6DefaultGateway: Empty string found
Tested By:
Ran validator
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Change-Id: Iac41feeb6cf245348f69915e0f58dd24ae46330e
|
|
The ManagerNetworkProtocol schema defines the HostName entry to be
read-only. Change the doPatch code to prevent updating the hostname
attribute.
The DMTF redfish/v1/Managers/bmc/NetworkProtocol is a read-only
location.
The DMTF approved location for changing the HostName is:
redfish/v1/Managers/bmc/EthernetInterfaces/<str>
This change does not impact phosphor-webui, as it uses D-Bus to
perform all of its work.
This change does not impact webui-vue, as it is using the DMTF
approved API.
This commit deprecates allowing Read/Write access to the Hostname in
the ManagersNetworkProtocol URI. To reduce the impact to Redfish
clients that rely upon Read/Write access a Meson compile time flag has
been added to allow Read/Write access to be restored. The Meson build
flag, redfish-allow-deprecated-hostname-patch, can be enabled to
restore Read/Write access. The Meson build flag is slated to be
removed in Q4 2021 enforcing the read-only state.
Tested:
Explicitly PATCH'd HostName to confirm it cannot be modified.
Enabled the HostName feature, and confirmed the HostName accepted a
PATCH command.
Ran Redfish_Service_Validator (deprecated, and re-enabled).
Change-Id: If7f2148d8bbb8a7b420c4abde086272c4320977a
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
|
In the new Redfish specification 2020.4,the eventlog propety "resolved"
is added.
This attribute indicates whether the log is marked as "resolved".
Tested:
Validator succeeded.
The "Modified" attribute value will also change accordingly.
This property can be changed as the "marked as resolved" is
modified on the web page, or it can be modified directly using the
redfish command.
Before marked the log as resolved:
~$ curl -i -k -H "X-Auth-Token: $token" -X GET https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/Entries/1
{
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/1",
"@odata.type": "#LogEntry.v1_8_0.LogEntry",
"Created": "1970-01-01T00:01:09+00:00",
"EntryType": "Event",
"Id": "1",
"Message": "xyz.openbmc_project.Common.Device.Error.ReadFailure",
"Modified": "1970-01-01T00:01:09+00:00",
"Name": "System Event Log Entry",
"Resolved": false,
"Severity": "Critical"
}%
after marked the log as resolved on webpage OR use the redfish commond:
~$ curl -k -H "X-Auth-Token: $token" -X PATCH -d '{"Resolved": true}' https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/Entries/1
~$ curl -i -k -H "X-Auth-Token: $token" -X GET https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/Entries/1
{
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/1",
"@odata.type": "#LogEntry.v1_8_0.LogEntry",
"Created": "1970-01-01T00:00:57+00:00",
"EntryType": "Event",
"Id": "1",
"Message": "xyz.openbmc_project.Common.Device.Error.ReadFailure",
"Modified": "1970-01-01T00:03:05+00:00",
"Name": "System Event Log Entry",
"Resolved": true,
"Severity": "Critical"
}
Signed-off-by: Xiaochao Ma <maxiaochao@inspur.com>
Change-Id: Idd0cc0ca61ad56703303f90ba2bd1a372c321d94
|