| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The inline comment mostly describes this patchset. As far as OpenBMC is
concerned, no platforms or distros implement a backend for this code,
therefore this is dead "unused" code. Clearly the authors intended to
use it, but haven't been able to upstream anything.
For the moment, this patchset makes the nbd proxy option unenablable.
This will have no impact to any OpenBMC platforms, as there are no
implementations of this API in OpenBMC itself, only in downstream forks.
It's not clear what the intentions are with this code, so hopefully this
disabling and comment encourages those that care about it to interact
and add some details around how this was designed, and the plans to
upstream it into OpenBMC. If not, presumably the code can be deleted
without any harm.
For timelines, this was checked in Jul 12, 2019, so we're now 20 months
past its initial entry. This seems like enough time for the dust to
have settled on getting the appropriate things upstreamed.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I217493b97d62282b8781608805bcfe319e6f7d85
|
|
The bmcweb compile is failing when Virtual Media
is enabled(BMCWEB_ENABLE_VM_NBDPROXY). This patch correct
the code which is introduced recently.
Tested:
- Builds successful with VM.
Change-Id: Ib8f65dd648d342a5f5dee5c4ead43949e08ace32
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
|
|
These aren't needed and are not in all files.
These aren't being updated. Would perfer these go away.
Tested: Not Tested.
Change-Id: I050874d58f86cae138ce2ab8c0c53831aeba5b21
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Fix KVM failed to load images issue introduced by incorrect condition
updated by commit 0260d9d6b252d5fef81a51d4797e27a6893827f4.
Tested:
KVM loaded images successfully
Signed-off-by: Arun P. Mohanan <arun.p.m@linux.intel.com>
Change-Id: Ib753ed1d56ce2e0a9228ca52e36ffab298d21cff
|
|
This commit implements change to publish LocationCode property
for Chassis on bmcweb.
Location code of Motherboard FRU is published via chassis schema.
LocationCode, a free form, implementation-defined string
to provide the location. This is needed so an implementation can
identify the FRU via system diagrams.
Validator has been executed and no new error has been found.
Sample output:
{
"@odata.id": "/redfish/v1/Chassis/chassis",
"@odata.type": "#Chassis.v1_14_0.Chassis",
"Actions": {
"#Chassis.Reset": {
"@Redfish.ActionInfo": "/redfish/v1/Chassis/chassis/ResetActionInfo",
"target": "/redfish/v1/Chassis/chassis/Actions/Chassis.Reset"
}
},
"ChassisType": "RackMount",
"Id": "chassis",
"Links": {
"ComputerSystems": [
{
"@odata.id": "/redfish/v1/Systems/system"
}
],
"ManagedBy": [
{
"@odata.id": "/redfish/v1/Managers/bmc"
}
]
},
"Location": {
"PartLocation": {
"ServiceLabel": "U78DA.ND1.1234567"
}
},
"Manufacturer": "",
"Model": "",
"Name": "chassis",
"PCIeDevices": {
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices"
},
"PartNumber": "PN12345",
"Power": {
"@odata.id": "/redfish/v1/Chassis/chassis/Power"
},
"PowerState": "Off",
"Sensors": {
"@odata.id": "/redfish/v1/Chassis/chassis/Sensors"
},
"SerialNumber": "BBBE2D010000",
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "StandbyOffline"
},
"Thermal": {
"@odata.id": "/redfish/v1/Chassis/chassis/Thermal"
}
}
Signed-off-by: Sunny Srivastava <sunnsr25@in.ibm.com>
Change-Id: Ib248b79156e8b04664e89e37bae49d4574e97086
|
|
The http client at bmcweb does not resolve the client's
hostname asynchronously
This commit implements the async_resolve by using systemd resolved.
The async dbus message to resolvd.service is sent when a subscriber
successfully subscribes for events. The method ResolveHostname is
used to resolve the subscriber's hostname
Tested by:
Subscribe for the events at BMC using DMTF event listener
Generate an event and see the same is received at the listener's console
Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: I3ab8206ac4764cfa025e94c06407524d6ba220e0
|
|
PostCode D-Bus service and object names are updated to include 0 suffix,
based on updated POST code design for single host systems (see docs
change Ibb0389c880243bf3a7c9de12bf409eee2eac9ad7).
This change does not add any support for multi-host systems.
Tested: With
phosphor-host-postd: I89ab5f2eef7eab59823df3a063414f3ca3b2949f
phosphor-post-code-manager: I59ed514f28c2bb9b159f51367c38557bf55bf226
1. Cleared POST code history by sending (HTTP)POST to
/redfish/v1/Systems/system/LogServices/PostCodes/Actions/LogService.ClearLog/,
and verify it returns 200 OK.
2. Verified the Entries collection was now empty at
/redfish/v1/Systems/system/LogServices/PostCodes/Entries.
3. Power cycled host and repeat step 2 to verify that new entries are
added.
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
Change-Id: I2fdf97b7aaf8d6471d162f8ed1b72143491ac23f
|
|
If the customer has requested the hypervisor stop at its Standby state
vs. booting all the way to Running, then a mechanism is needed to
request the hypervisor boot to Running. A common use case for IBM is
the system user has requested the hypervisor stop at Standby so some
manual debug can be performed and then they want to move the hypervisor
into the Running state so they can boot their operating system.
Asking the hypervisor to stop at Standby is done via the
BootSourceOverrideEnabled and BootSourceOverrideTarget properties under
the redfish/v1/Systems/system.
Utilize the ComputerSystem.Reset action for this. Similar to how
redfish/v1/Systems/system/Actions/ComputerSystem.Reset is utilized for
the overall system, implement a limited subset of it for the hypervisor
object.
Tested:
- Verified when phosphor-hypervisor-state-manager package is not
installed that Redfish API returns same info it does currently
- Verified when phosphor-hypervisor-state-manager was installed that the
hypervisor state was returned correctly, the Actions field was filled
in, and a post to the Action with ResetType set to "On" was correctly
propagated to RequestedHostTransition
- Verified that an invalid ResetType (i.e. "Off") returned the
appropriate "invalid parameter" error message to the Redfish API
- Verified no new errors logged by Redfish validator on system with this
hypervisor package installed
- Verify resource not found when hypervisor not enabled
curl -k -H "X-Auth-Token: $TOKEN" -X POST https://${BMC_IP}/redfish/v1/Systems/hypervisor/Actions/ComputerSystem.Reset -d '{"ResetType": "On"}'
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type Actions named Reset was not found.",
"MessageArgs": [
"Actions",
"Reset"
],
"MessageId": "Base.1.8.1.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.8.1.ResourceNotFound",
"message": "The requested resource of type Actions named Reset was not found."
}
}
- Verify ResourceNotFound returned when hypervisor not enabled
curl -k -H "X-Auth-Token: $TOKEN" -X GET https://${BMC_IP}/redfish/v1/Systems/hypervisor/ResetActionInfo
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type hypervisor named ResetActionInfo was not found.",
"MessageArgs": [
"hypervisor",
"ResetActionInfo"
],
"MessageId": "Base.1.8.1.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.8.1.ResourceNotFound",
"message": "The requested resource of type hypervisor named ResetActionInfo was not found."
}
}
- Verify input parameters validated
curl -k -H "X-Auth-Token: $TOKEN" -X POST https://${BMC_IP}/redfish/v1/Systems/hypervisor/Actions/ComputerSystem.Reset -d '{"ResetTypeInvalid": "On"}'
{
"ResetTypeInvalid@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The property ResetTypeInvalid is not in the list of valid properties for the resource.",
"MessageArgs": [
"ResetTypeInvalid"
],
"MessageId": "Base.1.8.1.PropertyUnknown",
"MessageSeverity": "Warning",
"Resolution": "Remove the unknown property from the request body and resubmit the request if the operation failed."
}
]
}
curl -k -H "X-Auth-Token: $TOKEN" -X POST https://${BMC_IP}/redfish/v1/Systems/hypervisor/Actions/ComputerSystem.Reset -d '{"ResetType": "OnInvalid"}'
{
"ResetType@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The value OnInvalid for the property ResetType is not in the list of acceptable values.",
"MessageArgs": [
"OnInvalid",
"ResetType"
],
"MessageId": "Base.1.8.1.PropertyValueNotInList",
"MessageSeverity": "Warning",
"Resolution": "Choose a value from the enumeration list that the implementation can support and resubmit the request if the operation failed."
}
]
}
Change-Id: Ia7b4e78b7b0d907cc06eb3f20d51ff87b7dde564
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
phosphor-state-manager support a new optional package,
phosphor-state-manager-hypervisor. IBM plans to include this package on
their system to monitor and control the hypervisor firmware running on
the system.
Since this package is optional, this patch set is written to just ignore
any errors associated with the package and not report hypervior state
in these cases.
Tested:
- Verified when phosphor-hypervisor-state-manager package is not
installed that Redfish API returns same info it does currently
- Verified when phosphor-hypervisor-state-manager was installed that the
hypervisor state was returned correctly.
- The redfish validator was run on the final patch in this series
Change-Id: I3843914894ded9494f92b96714c1f88a5deb5ec3
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
The router has an old sanity check in it to verify that nodes are
simple. This is no longer the case, as we can have multiple,
overlapping routes between different handlers, so non-simple root nodes
are allowed.
The commit here broke a couple things.
0260d9d6b252d5fef81a51d4797e27a6893827f4
First, when that route gets injected, the root node is no longer simple,
as the first root in the trie can be a complex node. This should be ok,
and this commit comments out the check.
Also, because the meson node for the option was loaded directly into
set10, instead of the boolean equivalent, the XSS feature always gets
enabled, regardless of whether or not that's what the user wanted. The
fix to this was to simply include a .enabled(), which correctly calls
the bool.
Tested:
Built with insecure-disable-xss set, and observed crash was removed.
Tried several routes including /redfish/v1 and observed them working.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib9fb55a61796ddbda65b7ee5d2803a5cbd2ae75f
|
|
Clang tidy 11 got some really neat checks that do a much better job.
Unfortunately, this, combined with the change in how std::executors has
defined how callbacks should work differently in the past, which we
picked up in 1.73, and now in theory we have recursion in a bunch of our
IO loops that we have to break manually. In practice, this is unlikely
to matter, as there's almost a 0% chance that we go through N thousand
requests without ever starving the IO buffer.
Other changes to make this build include:
1. Adding inline on the appropriate places where declared in a header.
2. Removing an Openssl call that did nothing, as the result was
immediately overwritten.
3. Declaring the subproject dependencies as system dependencies, which
silences the clang-tidy checks for those projects.
Tested:
Code builds again, clang-tidy passes
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic11b1002408e8ac19a17a955e9477cac6e0d7504
|
|
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I0f662e2e6d594567cc10eee34e1df2ca89614870
|
|
This commit adds the following properties to the memory
schema on bmcweb.
a) LocationCode, a free form, implementation-defined string
to provide the location of the DIMM. This is needed so an
implementation can identify the DIMM via system diagrams and such.
b) Model, maps to a CCIN/Card ID for IBM's implementation,
is a string for the manufacturer's part model. For IBM's
implementation, it is a four-digit value assigned for each
possible FRU.
c) SparePartNumber, also field-replaceable unit (FRU) Part Number,
is a part number that identifies the FRU for replacement
specifically ordering of a new part.
Redfish validator has been executed on this change and no new
error was found.
Signed-off-by: Sunny Srivastava <sunnsr25@in.ibm.com>
Change-Id: I419a9cd8e956de3fbf7093903129389ad5e0e577
|
|
config.h is a generic filename, unprefixed by any sort of name, that
other dependencies could use. Namely, nghttp2 uses an identical
filename, which can cause issues with getting the right one. This
commit renames that file to bmcweb_config.h to disambiguate it from
generic config.h files.
Tested:
Compiled bmcweb and observed compile time params get applied. There are
no defaults on any of this stuff, so there's no way to silently miss the
config file.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9a3e73c37161fa438c5612344dfb01f1f19aff2c
|
|
New versions of beast allow completely removing the per-message deflate
functionality from the binary, thus saving space. Considering we never
used it, it seems worthwhile to remove from the build entirely.
This should have no impact on any external interface.
https://www.boost.org/doc/libs/1_75_0/libs/beast/doc/html/beast/using_websocket.html
Tested:
Build before and after, ~31k of pre-compression binary space saved when
this patchset is included.
Also ran scripts/websocket_test.py
python3 websocket_test.py --host 192.168.7.2
CPU 67.56
Memory 5.95
and saw sensor values stream correctly.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3d8e5febea2446eb4894a840f7fe7ef9cdf6995b
|
|
Fixes #178
Every few months, this option breaks because of some combination of
compiler options. I'm hoping that this is a more permenant fix, and
will keep it working forever.
Functionally, this commit changes a couple things.
1. It fixes the regression that snuck into this option, by making the
req variable optional using the c++17 [[maybe_unused]] syntax.
2. It promotes the BMCWEB_INSECURE_DISABLE_XSS_PREVENTION into the
config.h file, and a constexpr variable rather than a #define. This has
the benefit that both the code paths in question will compiled
regardless of whether or not they're used, thus ensuring they stay
buildable forever. The optimization path will still delete the code
later, but we won't have so many one-off build options breaking. We
should move all the other feature driven #ifdefs to this pattern in the
future.
3. As a mechnaical change to #2, this adds a config.h.in, which delcares
the various variables as their respective constexpr types. This allows
the constants to be used in a cleaner way.
As an aside, at some point, DISABLE_XSS_PREVENTION should really move to
a non-persistent runtime option rather than a compile time option. Too
many people get hung up on having to recompile their BMC, and moving it
to runtime under admin credentials is no more a security risk.
As another aside, we should move all the other #ifdef style options to
this pattern. It seems like it would help with keeping all options
buildable, and is definitely more modern than #ifdefs for features,
especially if they don't require #include changes or linker changes.
Tested:
enabled meson option insecure-disable-xss, and verified code builds and
works again.
Change-Id: Id03faa17cffdbabaf4e5b0d46b24bb58b7f44669
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
The nlohmann::json::dump call needs to be called with specific arguments
to avoid throwing in failure cases. http connection already does this
properly, but a bunch of code has snuck in (mostly in redfish) that
ignores this, and calls it incorrectly. This can potentially lead to a
crash if the wrong thing throws on invalid UTF8 characters.
This audits the whole codebase, and replaces every dump() call with the
correct dump(2, ' ', true, nlohmann::json::error_handler_t::replace)
call. For correct output, the callers should expect no change, and in
practice, this would require injecting non-utf8 characters into the
BMC.
Tested:
Ran several of the endpoints/error conditions in question, including
some of the error cases. Observed correct responses. I don't know of a
security issue that would allow injecting invalid utf8 into the BMC, but
in theory if it were possible, this would prevent a crash.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I4a15b8e260e3db129bc20484ade4ed5449f75ad0
|
|
Issue templates are something github uses to allow pushing custom
elements into bug reports. Many questions and feature requests are sent
in as bugs, instead of going to the mailing list as they should.
These were created through the github UI, and pulled over to gerrit
manually.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id2c77e26e5fe648d5344d5db5cfbd100c451c7c4
|
|
Lots of code gets checked in that does this path checking incorrectly.
So much so, that we have it documented in COMMON_ERRORS.md, yet, we
persist. This patchset starts using the new object_path::filename()
method that was added recently to sdbusplus. Overall, it deletes code,
and makes for a much better developer experience.
Tested:
Pulled down several endpoints and verified that filename() method works
properly, and the collections are returned as expected.
curl -vvvv --insecure --user root:0penBmc https://192.168.7.2/redfish/v1/AccountService/Accounts
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ief1e0584394fb139678d3453265f7011bc931f3c
|
|
- With meson 0.57.0 released yesterday, we now have meson
support to automatically deduce the number of threads that
can be used for link time optimization.This would add flto=[n],
where n is the number of threads to be used while linking.
- For more details, check the below meson issue:
https://github.com/mesonbuild/meson/issues/7820
Tested By:
- Downladed meson 0.57.0, and compiled bmcweb using that and
observed the improvement in compilation time.
Signed-off-by: Manojkiran Eda <manojkiran.eda@gmail.com>
Change-Id: Ifcbc2f56d4a1ad9d30e59c8ac008d658fefefdfe
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
The bug mentioned in the comment has been resolved in boost 1.75.
Reenable this to drop our binary size again. As a consequence of this,
this commit also upgrades the subproject dependencies to 1.75 from 1.73.
They technically weren't updated to 1.74, so I'm not sure if anyone
really uses these anymore.
Tested:
Code builds with this enabled.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id86a6358dc5a73a8b5e386661f9317f24cdbe21c
|
|
Remove the rfind method and use the filename method of
sdbusplus::message::Object_path.
Tested: Built successfully and validator passes.
Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I762360474b18092987feb64b13f78371db144baa
|
|
This commit adds the following inventory properties for the
Processor resource in bmcweb:
a) LocationCode, a free form, implementation-defined string
to provide the location of the processor. This is needed so an
implementation can identify the processor via system diagrams.
b) SparePartNumber, also field-replaceable unit (FRU) Part
Number, is a part number that identifies the FRU for replacement
specifically ordering of a new part.
c) PartNumber, also called a Marketing Number, describes a
specific part within a specific system among a manufactures various
product lines. These numbers tell IT infrastructure technicians
exactly which parts are included in their servers, storage and
networking equipment.
These properties are essential to locate and replace the FRU.
Validator has been executed and no new error has been found.
Sample Output:
{
"@odata.id": "/redfish/v1/Systems/system/Processors/cpu0",
"@odata.type": "#Processor.v1_11_0.Processor",
"Id": "cpu0",
"Location": {
"PartLocation": {
"ServiceLabel": "Ufcs-P0-C15"
}
},
"Manufacturer": "",
"Model": "AB41",
"Name": "Processor",
"PartNumber": "2345678",
"ProcessorType": "CPU",
"SerialNumber": "YLAB41010000",
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Absent"
}
}
Signed-off-by: Sunny Srivastava <sunnsr25@in.ibm.com>
Change-Id: Ifc0e13fd7eb94e86eade223608a1ecad2487ed37
|
|
This commit adds the following inventory properties for the
BMC resource:
a) LocationCode, a free form, implementation-defined string
to provide the location of the BMC. This is needed so an
implementation can identify the BMC via system diagrams and such.
b) Model, maps to a CCIN/Card ID for IBM's implementation,
is a string for the manufacturer's part model. For IBM's
implementation, it is a four-digit value assigned for each
possible FRU.
c) SparePartNumber, also field-replaceable unit (FRU) Part Number,
is a part number that identifies the FRU for replacement
specifically ordering of a new part.
For some manufacturers the BMC is soldered down, this is not the
case for all manufacturers. For our systems, the BMC can be
replaced and these properties are essential to locate and replace
the BMC.
Redfish validator has been executed on this change and no new
error was found.
Sample Output:
{
"@odata.id": "/redfish/v1/Managers/bmc",
"@odata.type": "#Manager.v1_11_0.Manager",
"Actions": {
"#Manager.Reset": {
"@Redfish.ActionInfo": "/redfish/v1/Managers/bmc/ResetActionInfo",
"target": "/redfish/v1/Managers/bmc/Actions/Manager.Reset"
},
"#Manager.ResetToDefaults": {
"ResetType@Redfish.AllowableValues": [
"ResetAll"
],
"target": "/redfish/v1/Managers/bmc/Actions/Manager.ResetToDefaults"
}
},
"DateTime": "2020-12-18T07:37:34+00:00",
"Description": "Baseboard Management Controller",
"EthernetInterfaces": {
"@odata.id": "/redfish/v1/Managers/bmc/EthernetInterfaces"
},
"FirmwareVersion": "fw1020.00-12.1-10-g60fee5936",
"GraphicalConsole": {
"ConnectTypesSupported": [
"KVMIP"
],
"MaxConcurrentSessions": 4,
"ServiceEnabled": true
},
"Id": "bmc",
"LastResetTime": "2020-12-09T17:21:20+00:00",
"Links": {
"ActiveSoftwareImage": {
"@odata.id": "/redfish/v1/UpdateService/FirmwareInventory/e7522a84"
},
"ManagerForChassis": [
{
"@odata.id": "/redfish/v1/Chassis/Nisqually_Backplane"
}
],
"ManagerForChassis@odata.count": 1,
"ManagerForServers": [
{
"@odata.id": "/redfish/v1/Systems/system"
}
],
"ManagerForServers@odata.count": 1,
"ManagerInChassis": {
"@odata.id": "/redfish/v1/Chassis/Nisqually_Backplane"
},
"SoftwareImages": [
{
"@odata.id": "/redfish/v1/UpdateService/FirmwareInventory/e7522a84"
}
],
"SoftwareImages@odata.count": 1
},
"Location": {
"PartLocation": {
"ServiceLabel": "U78DA.ND1.1234567-P0-C5"
}
},
"LogServices": {
"@odata.id": "/redfish/v1/Managers/bmc/LogServices"
},
"ManagerType": "BMC",
"Manufacturer": "",
"Model": "",
"Name": "OpenBmc Manager",
"NetworkProtocol": {
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol"
},
"Oem": {
"@odata.id": "/redfish/v1/Managers/bmc#/Oem",
"@odata.type": "#OemManager.Oem",
"OpenBmc": {
"@odata.id": "/redfish/v1/Managers/bmc#/Oem/OpenBmc",
"@odata.type": "#OemManager.OpenBmc",
"Certificates": {
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates"
}
}
},
"PartNumber": "PN12345",
"PowerState": "On",
"SerialConsole": {
"ConnectTypesSupported": [
"IPMI",
"SSH"
],
"MaxConcurrentSessions": 15,
"ServiceEnabled": true
},
"SerialNumber": "YL6B58010000",
"ServiceEntryPointUUID": "280c3750-fa95-42cd-96aa-7834853bd922",
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Enabled"
},
"UUID": "35d98d20-cf67-4575-8aaa-0c40c398efdf"
}
Signed-off-by: Sunny Srivastava <sunnsr25@in.ibm.com>
Change-Id: I53044fb0173be8fce7a13aadc2cf5c2903529486
|
|
While uploading the ConfigFiles, BMC was only checking if it is
not multipart/form-data. This commit is to change the validation
to check for only allowed content-type: application/octet-stream
Tested by:
Uploaded Configfile with below content-types
1. application/octet-stream - passed
2. application/x-www-form-urlencoded - failed
3. application/json - failed
4. multipart/form-data - failed
5. text/plain - failed
6. application/octet-streamabcd - failed
Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: Iedadacd2306f729479ee36afff52e29d8112daf6
|
|
The management_console_rest.hpp uses the crow::Response object to
return the response, which is the old way of returning the response to
the client.
This commit brings the bmcweb::AsyncResp class object for sending
the response to the client instead of the crow::Response object
Tested by :
Performed GET, PATCH, DELETE on the /ibm/v1 resources
Signed-off-by: Sunitha Harish <sunharis@in.ibm.com>
Change-Id: I5ba01bda68d1e6b4590e910bd187aeb9cd6a149b
|
|
On systems that don't support ipv6, or systems that don't have an ipv6
address, binding to all ipv6 addresses can fail. Because this is just
the dev server, it's perfectly reasonable to limit to ipv4 addresses
only.
This failure has been reported by several people over time, but it was only
recently that I root caused this as their problem.
This should have no effect on the BMC itself, as the bmc is using socket
activation, and completely bypasses this code path.
Tested:
Launched bmcweb on a system that was previously failing because of a
bind error, and observed that I could launch bmcweb and have it work
correctly.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ife6b051aa62d62e1691c5221d8ddee0b9bd012c0
|
|
Some new features are needed within the hypervisor system schema. Rename
source file to reflect this.
Change-Id: I7fa09089a4f52610b47bbb4496064556ab93f985
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
The IBM management console usecase - ConfigFile upload was allowing
to create or modify any file at the BMC when the path url is given
as below.
PUT https://${bmc}/ibm/v1/Host/ConfigFiles/../../../../../<any file under root dir> --data-binary "junk data"
This commit adds validation to the "path" variable after the "ConfigFiles/"
in the url - so that only the ConfigFiles are created or modified.
The filename validation includes:
Restrict the maximum filename length to 20 characters
Restrict the allowed charaters to [A-Za-z0-9-]
The minimum size of the file allowed is 100 bytes
The maximum size of the file allowed is 500KB
Maximum total size of the ConfigFile directory at BMC file system allowed is 10MB
Tested by:
1. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/../../../../../etc/p2 --data-binary "some data"
Bad Request
2. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/../../../etc/p2 --data-binary "some data"
Bad Request
3. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/../etc/p2 --data-binary "some data"
Bad Request
4. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/etc/p2 --data-binary "some data"
{
"Description": "Error while creating the file"
}
5. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/mydir/p2 --data-binary "some data"
{
"Description": "Error while creating the file"
}
6. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/ --data-binary "some data"
Not Found
7. PUT https://${bmc}/ibm/v1/Host/ConfigFiles --data-binary "some data"
Method Not Allowed
8. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/p2/../p2 --data-binary "some data"
Bad Request
9. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/p2/p2 --data-binary "some data"
{
"Description": "Error while creating the file"
}
10. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/p2/../../../p2 --data-binary "some data"
Bad Request
11. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/./../../p2 --data-binary "some data"
Bad Request
12. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/. --data-binary "some data"
Bad Request
13. PUT https://${bmc}/ibm/v1/Host/../ConfigFiles/p2 --data-binary "some data"
Not Found
14. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/p2 --data-binary "some data"
{
"Description": "File Created"
}
15. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/p2 --data-binary "some data"
{
"Description": "File Updated"
}
16. PUT https://${bmc}/ibm/v1/Host/ConfigFiles/p2.ext --data-binary "some data"
{
"Description": "File Created"
}
17. Tested sending filename greater than 20 charaters
Bad Request
18. Tested sending filename with special charaters
Bad Request
19. Tested sending filesize less than 100bytes
Bad request
20. Tested sending filesize greater than 500KB
Bad request
21. Tested uploading the file when the directory size is nearly full
Bad request
22. Added unit test for isValidConfigFileName
Signed-off-by: Sunitha Harish <sunharis@in.ibm.com>
Change-Id: I838d39d5765ddc8701f7e5c533a93eebde021cbf
|
|
At least 50% of all patchsets I see adding a collection handler seem to
get this wrong, despite a small comment in the developing doc, lets add
a concrete example so that we can be sure this gets handled in the
future, and we have something to point at in code review.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I98c9e235019472d3e39a2c142b5a5aec4bca8f4e
|
|
Improve the error handling of the DBus Log Entry class:
1. Return internal error only if message, id, or severity are
not initialized.
2. Handle Not Found error (404).
3. Escape the Entry ID used for the DBus call.
Tested:
A call to entries/foo returns not found:
$ curl -k -H "X-Auth-Token: $token" https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/Entries/foo
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type EventLogEntry named foo was not found.",
"MessageArgs": [
"EventLogEntry",
"foo"
],
"MessageId": "Base.1.8.1.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.8.1.ResourceNotFound",
"message": "The requested resource of type EventLogEntry named foo was not found."
}
Change-Id: Icac06b34c9d4bc570973da369eef42fd785b4bf7
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
|
|
Removed LogService from TelemetryService because redfish bmc journal
is not an option enabled by default in OpenBMC. Telemetry backend
does not use exhaustively a journal right now so it is ok to drop
LogService attribute for now. In future LogService will be required
to support Trigger schema to let user know where Redfish messages
are stored.
Thanks to this commit RedfishServiceValidator is able to pass on
standard OpenBMC image.
Change-Id: I03ed1c9279f89c213af0ed4fc633d16c285f6f95
Signed-off-by: Wludzik, Jozef <jozef.wludzik@intel.com>
|
|
Now user is able to communicate with Telemetry service using Redfish.
Added TelemetryService, MetricReports, MetricReportCollection,
MetricReportDefinition and MetricReportDefinitionCollection nodes
with GET method support. Added TelemetryService URI to root service.
Implemented communication with backend - Telemetry:
https://github.com/openbmc/telemetry
Added schemes attributes that are supported by Telemetry service
design, ref.:
https://github.com/openbmc/docs/blob/master/designs/telemetry.md
Change introduces function that converts decimal value into
duration format that is described by ISO 8601 and Redfish
specification.
Tested:
- Tested using romulus and s2600wf images on QEMU
- Verified DBus method calls to Telemetry service from bmcweb
- Verified bmcweb responses from new nodes in different cases:
- Report collection is empty
- Report collection is filled with artificial data
- Telemetry service is disabled
- Verified time_utils::toDurationString() output
- Passed RedfishServiceValidator.py
Signed-off-by: Wludzik, Jozef <jozef.wludzik@intel.com>
Signed-off-by: Adrian Ambrożewicz <adrian.ambrozewicz@linux.intel.com>
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Change-Id: Ie6b0b49f4ef5eeaef07d1209b6c349270c04d570
|
|
The OWNERS file allows gerrit to automatically CC the owners on a review
when it's pushed, removing the need to add maintainers manually.
This is somewhat an experiment. If it's successful, we should do this
on all OpenBMC subrepos, and is also in line with us deprecating all the
MAINTAINERS files.
Tested:
Gerrit only, can't test until it's on mainline.
Change-Id: I5d921e4b08f609784a522ecd2cd51b3e825e9d0f
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Dead code elimation gives us a way to reduce our binary size for "free"
with basically no downsides. While the wins are relatively small given
how little dead code we actually have, they're worth it for the low cost
of a single extra CXXFLAG.
Tested:
Enabled this option, and compared pre-compression binary size. Build of
current master 3399816 bytes, build with this change 3428488 bytes means
28672 bytes saved. Not a lot, but everything helps, and this option is
more or less "free".
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I78b76ed631b8ddc45c9338ac8d04a76cb7441035
|
|
In code review, despite them being documented, people still tend to make
these mistakes. Having them numbered allows responding with comments
that are much simpler for a maintainer, with quick comments like:
"Common error #2"
While this might not seem like a huge savings, for maintainers having to
review 10s of reviews per day, having an optimized workflow helps a lot
with time savings and little improvements add up over time.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I877cbbf50c1e20448f31464f820114073bba513e
|
|
In commit d139c2364bec98a5da1fe803414f3b02fdcd3092, http utility picked
up a dependency on chrono (for getting timestamps) but was relying on
another files include to function. This adds the appropriate include.
Tested:
Code builds. No functional changes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I7c2353f2b5f991d78a76dbe19a0b55850c0126b9
|
|
The management console is enabling itself in CI arbitrarily. CI should
be running on default parameters, as that's the most common config, and
the config we want tested the best.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie8748676b17df56d3cff35a4b40c9ff5561ede6d
|
|
Currently, /v1/CertificateService/CertificateLocations and
/v1/AccountService/LDAP/Certificates endpoints assume the presence of
xyz.openbmc_project.Certs.Manager.Client.Ldap service, and return an
error on D-Bus failures. But this service can be missing if LDAP support
is removed from the build, so we should just return empty responses
instead of errors.
Tested: Passed Redfish service validator.
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
Change-Id: Ib8416e850b52e8ce0f8947017d863cee19f7b2c8
|
|
Add the base64encode() function to be used to encode binary data
to offload out of the BMC. Based on crow/utility.h, reworked for
readability.
Tested: Added unit test cases. Also verified data encoded with this
function was the same as the original binary when using
a decoder.
Change-Id: I0a27ffb0090c4613e296af33d11e2e2657957167
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
|
|
Sending async event logs to event listener is
broken due to commit 23a21a1cbed23ace4174664950e595df961e9e69.
Correct the check to make EventService back to functional
state.
Tested:
- Redfish event logs are properly sent to subscribers.
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: If232846a2b0ac694205731a801e55dc4bd5e928a
|
|
Created a list of all used schemas, and a few being added for use in reviews
now. Exclude all other schemas.
Developers if they wish to use a new schema will have to add it to this
list and rerun update_schemas.py.
Size of obmc-phosphor-image-witherspoon-<date>.rootfs.squashfs-xz:
Before 2020.4: 19451904
With 2020.4, before this commit: 19492864
With this commit: 19275776
Tested: Validator passes.
Change-Id: I23272049aa38c51ac7af0d3b0f5b4641a349a487
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
2020.4 contains a lot of new schemas.
New feature include: new power and thermal schemas, conditions,
and new account types.
For more information, see:
https://www.dmtf.org/sites/default/files/Redfish_Release_2020.4_Overview.pdf
Tested: Validator passes. Able to see new schemas.
Change-Id: I7fb860c84fa4cff80698dcb26a463b155e6faba7
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
This is to change the existing TFTP update into an asynchronous service
that uses Redfish Tasks.
Tested:
TFTP Firmware update through redfish,and get the task to create.
curl -k -H "X-Auth-Token: $token" -X POST
https://${bmc}/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate
-d '{"TransferProtocol":"TFTP","ImageURI":"xx.xx.xx.xx/obmc-phosphor-xxxxx"}'
{
"@odata.id": "/redfish/v1/TaskService/Tasks/0",
"@odata.type": "#Task.v1_4_3.Task",
"Id": "0",
"TaskState": "Running",
"TaskStatus": "OK"
}
Signed-off-by: Albert Zhang <zhanghaodi@inspur.com>
Change-Id: I5d8683f38bf3e29177d90606c5c9fe747a26a876
|
|
In theory, having a sessionless websocket isn't possible. In practice,
this did come up when an ownership issue caused UB, which is how I saw
this.
Tested:
Tested with scripts/websocket_test.py and saw sensor values streaming by
as expected.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I7cc9c9660c8207ba857e6f6f14f010eaf79b73ef
|
|
Boost itself uses deprecated headers within its own dependency tree.
This largely doesn't effect bmcweb, and rarely (if ever) has been a
problem, so enable BOOST_ALLOW_DEPRECATED_HEADERS which suppresses the
internal warnings in boost.
Tested:
Built with option enabled, and saw no deprecated header warnings.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib371084463e4b2fb661c226a81c466121cf1f2dd
|
|
We've had some unwritten guidelines around OEM resources in the past.
This commit aims to document them in a way that we can be fair to all
contributors, and make clear the guidelines surrounding OEM schemas.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I0600373f3e0d72d18d1e4c002ed6594e25c4d323
|
|
The following commit defined two new values for the host state:
https://github.com/openbmc/phosphor-dbus-interfaces/commit/9f65dfeaa5ab22cae03db45c9916868da9864f83
These new state values, TransitioningToOff and TransitioningToRunning,
map quite well to the Redfish system PowerState values of PoweringOff
and PoweringOn.
There have been requests from external users of our Redfish interfaces
to know this level of detail, especially in the PoweringOff path due to
the length of time it can take (up to 2 hours is allowed for the host to
shut itself down gracefully).
Tested:
- Put host state D-Bus property in each of new states and verified
Redfish API returned expected results.
Change-Id: I0c43dc2fa8b057beea48bc6f3dcde80d094ccfdb
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
Using operator[] as a result of expression is a common mistake in c++.
First it creates a key in container with empty value than execute an
expression and assign result from it to the key in container. The result
of it is that object is created two times.
Fixes https://github.com/openbmc/bmcweb/issues/139
Tested:
Used:
curl -vvv -X POST -d "{
\"EventType\": \"Alert\",
\"EventId\": \"TestEventId\",
\"EventTimestamp\": \"2017-08-08T08:24:00Z\",
\"Severity\": \"TestSeverity\",
\"Message\": \"TestMessage\",
\"MessageId\": \"TestMessageId\",
\"MessageArgs\": [ \"TestMessageArg\" ],
\"OriginOfCondition\": \"/redfish/v1/\"
}" --insecure --user root:0penBmc https://192.168.7.2/redfish/v1/EventService/Actions/EventService.SubmitTestEven
To send test event. Call returned 204 as expected.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Idf44829bfb25daf216003f591d354df65ccecb18
|
|
Another clang-tidy warning about global construction of things that
could throw. Considering we don't actually use this as a map anywhere,
move to a constexpr array of values.
Tested: Clang-tidy now passes cert-* check.
curl --insecure --user root:0penBmc https://192.168.7.2/redfish/v1/Managers/bmc/NetworkProtocol
{
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol",
"@odata.type": "#ManagerNetworkProtocol.v1_5_0.ManagerNetworkProtocol",
"Description": "Manager Network Service",
"FQDN": "qemux86",
"HTTP": {
"Port": 0,
"ProtocolEnabled": false
},
"HTTPS": {
"Certificates": {
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates"
},
"Port": 443,
"ProtocolEnabled": true
},
"HostName": "qemux86",
"IPMI": {
"Port": null,
"ProtocolEnabled": false
},
"Id": "NetworkProtocol",
"NTP": {
"NTPServers": [],
"ProtocolEnabled": true
},
"Name": "Manager Network Protocol",
"SSH": {
"Port": 22,
"ProtocolEnabled": true
},
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Enabled"
}
}%
Change-Id: I2bdae321fc1cbb418ed302453ec6109ee2ed32c1
Signed-off-by: Ed Tanous <ed@tanous.net>
|
