Age | Commit message (Collapse) | Author | Files | Lines |
|
This drop adds support for multiple consoles. The following changes are
made to achieve this.
- Kept the "/console0" route for backward compatibility
- Added a new route "/console/<str>" to support multiple consoles. All
new consoles must use this route string.
Testing:
- Make sure that old console path /console0 is working.
[INFO "http_connection.hpp":209] Request: 0x1bc2e60 HTTP/1.1
GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bdb67c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":198] Console web socket path: /console0
Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[DEBUG "obmc_console.hpp":162] Remove connection 0x1bdb67c from
obmc console
- Make sure that new path for default console working
[INFO "http_connection.hpp":209] Request: 0x1bd76a8 HTTP/1.1
GET /console/default ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1baf82c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request
target = /console/default
[DEBUG "obmc_console.hpp":198] Console web socket path:
/console/default Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[INFO "obmc_console.hpp":154] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":162] Remove connection 0x1baf82c from
obmc console
- Make sure that path for hypervisor console is working.
[INFO "http_connection.hpp":209] Request: 0x1bc2e60 HTTP/1.1
GET /console/hypervisor ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bc5234 opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/hypervisor service =
xyz.openbmc_project.Console.hypervisor Request
target = /console/hypervisor
[DEBUG "obmc_console.hpp":198] Console web socket path:
/console/hypervisor Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[INFO "obmc_console.hpp":154] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":162] Remove connection 0x1bc5234 from
obmc console
- Make sure that bad console path is failing properly due to DBUS error.
[INFO "http_connection.hpp":209] Request: 0x1bd76a8 HTTP/1.1
GET /console/badconsoleid ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bdb67c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/badconsoleid service =
xyz.openbmc_project.Console.badconsoleid Request
target = /console/badconsoleid
[ERROR "obmc_console.hpp":174] Failed to call console Connect()
method DBUS error: No route to host
Change-Id: I9b617bc51e3ddc605dd7f4d213c805d05d2cfead
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Backpressure on incoming bytes helps both to simplify the layering of
the console, as well as prevent some cases of OOM crashes.
Similar to what we did with nbd_proxy, move obmc console over to the new
sendEx interface, allowing for backpressure, and fixed size std::array
buffers.
Tested:
Made sure single console can see the data.
Made sure two consoles can see the data.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I63d142fc5e8f8a734f3a7b8d0aa3f0d8c263d5ba
|
|
Added new ConsoleHandler class to prepare for the multiple consoles
support. All global fields are moved to the ConsoleHandler class and a
new global map added to remember the ConsoleHandler for each console
path. There is single ConsoleHandler per connection so we don't need
session map per route. There is a limit added for max number of
connection allowed to avoid any service attacks.
Testing:
- Make sure that single console works fine and data is seen on the
console.
- Make sure that multiple consoles of type host console are created
and data is seen on all consoles. Also using traces made sure
that new handlers are destroyed.
Traces: Traces shows that multiple consoles active and later destroyed.
[INFO "http_connection.hpp":209] Request: 0x24bb790 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x24eb424 opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x24c18fc added 1 for path
0x24eb424
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 13 duped FD: 14
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "http_connection.hpp":209] Request: 0x265d740 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x2661de4 opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x25e69ac added 1 for path
0x2661de4
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 19 duped FD: 20
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "http_connection.hpp":209] Request: 0x265d740 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x25f1fdc opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x26ff22c added 1 for path
0x25f1fdc
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 19 duped FD: 21
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x25f1fdc from obmc
handler 0x26ff22c for path /console0
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x2661de4 from obmc
handler 0x25e69ac for path /console0
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x24eb424 from obmc
handler 0x24c18fc for path /console0
Change-Id: I77a58a3a186e87611219aed90b221f9b8be7fa2f
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
|
|
System includes should be included with <>, in-tree includes should be
included with "". This was found manually, with the help of the
following grep statement[1].
git grep -o -h "#include .*" | sort | uniq
Tested:
Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I1a6b2a5ba35ccbbb61c67b7c4b036a2d7b3a36a3
|
|
This drop is a preparation of supporting multiple consoles in bmcweb.
In this drop we will hook up the new DBUS interface to get the unix
socket file descriptor for existing host console. At this time bmcweb
only allows host console.
This drop includes following bmcweb changes:
- The default console leaf node is set to "default" by the obmc-console
- Currently the URL is still maintained to /console0 for GUI
compatibility. In future, it will be changed to /console/<str>
where <str> could be any string which represents the console id.
- In the obmc routing function, query the console DBUS interface for
all available consoles. If the object leaf matches with the target
string, then create socket and assign the file descriptor returned
by the DBUS console.
[INFO "http_connection.hpp":209] Request: 0x1b8c608 HTTP/1.1 GET /console0
::ffff:x.xxx.xx.xxx
|
[DEBUG "routing.hpp":1440] Matched rule (upgrade) '/console0' 1 / 2
|
[DEBUG "obmc_console.hpp":247] Connection 0x13e3c8c opened
[DEBUG "obmc_console.hpp":268] Console Object path = \
/xyz/openbmc_project/console/default Request target = /console0
[DEBUG "obmc_console.hpp":230] Looking up unixFD for Service \
xyz.openbmc_project.Console.default Path /xyz/openbmc_project/console/default
[DEBUG "obmc_console.hpp":157] Console web socket path: /console0 Console\
unix FD: 12 duped FD: 13
Testing:
Make sure that console open is working for /console0 on rainier machine
Related commits:
1) phosphor-dbus-interface: https://gerrit.openbmc.org/c/openbmc/phosphor-dbus-interfaces/+/61486
2) obmc-console: https://gerrit.openbmc.org/c/openbmc/obmc-console/+/62496
3) bmcweb: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/62525
Change-Id: I476f1bb3e3be384ab09802340a59ffa036ca0278
Signed-off-by: Ninad Palsule <ninadpalsule@us.ibm.com>
|
|
The new pre-defined usergroup named "hostconsole" is added to
differentiate access between host console and manager console.
The only users allowed to interact with host console are part of the
"hostconsole" group and they are in an administrator role.
Note: The changes are spread across multiple repositories listed under
"Related commits:"
The bmcweb changes to incorporate new group are as follows:
- The new user is added in the hostconsole group only if it has an
administrative role.
- The ssh usergroup is only translated to ManagerConsole redfish group
and hostconsole usergroup is translated to HostConsole redfish group.
- The following changes are made to check the privileges for host console
access
- The new OEM privilege "OpenBMCHostConsole" added for host console
access. This privilege is not shared externally hence it is not
documented.
- Updated obmc_console BMCWEB_ROUTE to use the new privilege.
- Router functions now save user role and user groups in the session
- getUserPrivileges() function now takes session reference instead
of user role. This function now also checks for the user group
"hostconsole" and add the new privilege if user is member of this
group.
- Updated all callers of the getUserPrivileges to pass session
reference.
- Added test to validate that new privilege is set correctly.
Tested:
Loaded code on the system and validated that;
- New user gets added in hostconsole group. NOTE: Prior to this commit
all groups are assigned to new user. This drop does not change that
behavior.
- Access from the web gui is only available for users in hostconsole
group. Used IBM internal simulator called simics to test this. This
simulator allows accessing openbmc from GUI.
- Checked the role collection and there is no change.
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/Administrator
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/ReadOnly
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/Operator
- HostConsole is in AccountType when hostconsole group is present in
UserGroups D-Bus property
$ id user99
uid=1006(user99) gid=100(users) groups=1000(priv-admin),1005(web),\
1006(redfish),1013(hostconsole),100(users)
$ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"HostConsole",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "Administrator",
"UserName": "user99"
- The hostconsole group is not present for readonly or operator users
and also made sure that console access is not provided. This testing
is done one the system and console access was tried by modifying the
https://github.com/openbmc/bmcweb/blob/master/scripts/websocket_test.py
+ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"IPMI",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/ReadOnly"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "ReadOnly",
"UserName": "user99"
[INFO "http_connection.hpp":209] Request: 0x150ac38 HTTP/1.1 GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1265] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "routing.hpp":1084] userName = user99 userRole = priv-user
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ipmi
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=redfish
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ssh
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=web
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: Login
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureSelf
[DEBUG "routing.hpp":113] checkPrivileges: OEM REQUIRED: OpenBMCHostConsole
[ERROR "routing.hpp":1192] Insufficient Privilege
+ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"IPMI",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/Operator"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "Operator",
"UserName": "user99"
[INFO "http_connection.hpp":209] Request: 0x21c7c38 HTTP/1.1 GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1265] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "routing.hpp":1084] userName = user99 userRole = priv-operator
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ipmi
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=redfish
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ssh
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=web
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: Login
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureComponents
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureSelf
[DEBUG "routing.hpp":113] checkPrivileges: OEM REQUIRED: OpenBMCHostConsole
[ERROR "routing.hpp":1192] Insufficient Privilege
Related commits:
NOTE: docs, openbmc, obmc-console changes are already merged. bmcweb
and phosphor-user-manager will be merged together.
docs: https://gerrit.openbmc.org/c/openbmc/docs/+/60968
phosphor-user-manager: https://gerrit.openbmc.org/c/openbmc/phosphor-user-manager/+/61583
openbmc: https://gerrit.openbmc.org/c/openbmc/openbmc/+/61582
obmc-console: https://gerrit.openbmc.org/c/openbmc/obmc-console/+/61581
bmcweb: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/61580
Change-Id: Ia5a33dafc9a76444e6a8e74e752f0f90cb0a31c8
Signed-off-by: Ninad Palsule <ninadpalsule@us.ibm.com>
|
|
Capturing these possibly overloaded values by reference can avoid a copy
in some cases, and it's good to be consistent.
This change was made automatically by grep/sed.
Tested: Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iafeaca2a5dc52f39753b5a3880419d6bc943f81b
|
|
Most of these missing includes were found by running clang-tidy on all
files, including headers. The existing scripts just run clang-tidy on
source files, which doesn't catch most of these.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic741fbb2cc9e5e92955fd5a1b778a482830e80e8
|
|
We don't follow this cpp core guidelines rule well. This is something
that we should aspire to cleaning up in the future, but for the moment,
lets turn the rule on in clang-tidy to stop the bleeding, add ignores
for the things that we know need some better abstractions, and work on
these over time.
Most of this commit is just adding NOLINTNEXTLINE exceptions for all of
our globals. There was one case in the sensor code where clang
correctly noted that those globals weren't actually const, which got
missed because of the use of auto.
Tested: CI should be good enough for this. Passes clang-tidy.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ieda08fee69a3b209d4b3e9771809a6c41524f066
|
|
clang-tidy has a setting, LambdaBodyIndentation, which it says:
"For callback-heavy code, it may improve readability to have the
signature indented two levels and to use OuterScope."
bmcweb is very callback heavy code. Try to enable it and see if that
improves things. There are many cases where the length of a lambda call
will change, and reindent the entire lambda function. This is really
bad for code reviews, as it's difficult to see the lines changed. This
commit should resolve it. This does have the downside of reindenting a
lot of functions, which is unfortunate, but probably worth it in the
long run.
All changes except for the .clang-format file were made by the robot.
Tested: Code compiles, whitespace changes only.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib4aa2f1391fada981febd25b67dcdb9143827f43
|
|
This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.
Tested:
(from previous commit) Opened KVM in webui-vue and it works.
Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I793f05836aeccdc275b7aaaeede41b3a2c276595
|
|
This saves about 4k on the binary size
Tested: Redfish service validator passes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9546227a19c691b1aecb80e80307889548c0293f
|
|
This reverts commit 0f3d3a01aed4040ef73a977a958ecdf4f68111f6.
Seeing bumps fail.
Change-Id: Ida7b1bae48abbed2e00a5259e8f94b64168d4788
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.
Tested:
Opened KVM in webui-vue and it works.
Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Change-Id: I90811f4ab91ad41cb298877f76252dce80932b2b
|
|
There are a number of endpoints that assume that a given routes
privileges are governed by a single set of privileges, instead of
multiple sets ORed together. To handle this, there were two overloads
of the privileges() method, one that took a vector of Privileges, and
one that took an initializer_list of const char*. Unfortunately, this
leads some code in AccountService to pick the wrong overload when it's
called like this
.privileges( {{"ConfigureUsers"}, {"ConfigureManager"},
{"ConfigureSelf"}})
This is supposed to be "User must have ConfigureUsers, or
ConfigureManager, or ConfigureSelf". Currently, because it selects the
wrong overload, it computes to "User must have ConfigureUsers AND
ConfigureManager AND ConfigureSelf.
The double braces are supposed to cause this to form a vector of
Privileges, but it appears that the initializer list gets consumed, and
the single invocation of initializer list is called. Interestingly,
trying to put in a privileges overload of
intializer_list<initializer_list<const char*>> causes the compilation to
fail with an ambiguous call error, which is what I would've expected to
see previously in this case, but alas, I'm only a novice when it comes
to how the C++ standard works in these edge cases. This is likely due
in part to the fact that they were templates of an unused template param
(seemingly copied from the previous method) and SFINAE rules around
templates.
This commit functionally removes one of the privileges overloads, and
adds a second set of braces to every privileges call that previously had
a single set of braces. Previous code will not compile now, which is
IMO a good thing.
This likely popped up in the Node class removal, because the Node class
explicitly constructs a vector of Privilege objects, ensuing it can hit
the right overload
Tested:
Ran Redfish service validator
Tested the specific use case outlined on discord with:
Creating a new user with operator privilege:
```
redfishtool -S Always -u root -p 0penBmc -vvvvvvvvv -r 192.168.7.2
AccountService adduser foo mysuperPass1 Operator
```
Then attempting to list accounts:
```
curl -vvvv --insecure --user foo:mysuperPass1
https://192.168.7.2/redfish/v1/AccountService/Accounts/foo
```
Which succeeded and returned the account in question.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I83e62b70e97f56dc57d43b9081f333a02fe85495
|
|
camelLower is not a type, camelBack is.
Changes were made automatically with clang-tidy --fix-errors
To be able to apply changes automatically, the only way I've found that
works was to build the version of clang/clang-tidy that yocto has, and
run the fix script within bitbake -c devshell bmcweb. Unfortunately,
yocto has clang-tidy 11, which can apparently find a couple extra errors
in tests we already had enabled. As such, a couple of those are also
included.
Tested:
Ran clang-tidy-11 and got a clean result.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I9d1080b67f0342229c2f267160849445c065ca51
|
|
After establishing the obmc_console socket
communication, If client closes the connection
abruptly, async read/write operation fails with
asio.ssl.stream error. To handle the error, it calls
closeHandler call back function and cleans the session
and socket. Any ongoing async read operation should
be discarded by checking socket handle. Read/Write the
message from stream via async_read_some()/async_write
without checking socket handle, causes the crash.
Added socket handle validation before performing any
read/write operation to avoid crash.
Tested:
- Without fix, when sol connection closes abruptly, at times
saw the crash with below logs.
Nov 13 11:32:51 intel-obmc bmcweb[20169]: doRead error asio.ssl.stream:1
Nov 13 11:32:51 intel-obmc systemd[1]: bmcweb.service: Main process exited, code=dumped, status=11/SEGV
Nov 13 11:32:51 intel-obmc systemd[1]: bmcweb.service: Failed with result 'core-dump'.
- With fix, verified the case and no crashes seen.
Nov 13 12:55:04 intel-obmc bmcweb[24426]: (2020-11-13 12:55:04) [ERROR "websocket.h":207] doRead error asio.ssl.stream:1
Nov 13 12:55:04 intel-obmc bmcweb[24426]: (2020-11-13 12:55:04) [ERROR "obmc_console.hpp":67] doread() - Socket closed
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: I2afda509ca77a561651a8682e042c45ca7366642
|
|
cppcheck isn't smart enough to recognize these are c++ headers, not c
headers. Considering we're already inconsistent about our naming, it's
easier to just be consistent, and move the last few files to use .hpp
instead of .h.
Tested:
Code builds, no changes.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Ic348d695f8527fa4a0ded53f433e1558c319db40
|
|
(In the voice of the kid from sixth sense) I see string copies...
Apparently there are a lot of places we make unnecessary copies. This
fixes all of them.
Not sure how to split this up into smaller patches, or if it even needs
split up. It seems pretty easy to review to me, because basically every
diff is identical.
Change-Id: I22b4ae4f96f7e4082d2bc701098a04f7bed95369
Signed-off-by: Ed Tanous <ed@tanous.net>
Signed-off-by: Wludzik, Jozef <jozef.wludzik@intel.com>
|
|
Lots of code has been checked in that doesn't match the naming
conventions. Lets fix that.
Tested:
Code compiles. Variable/function renames only.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I6bd107811d0b724f1fad990016113cdf035b604b
|
|
Boost 1.74.0 got released the yesterday and deprecated some more stuff
that we use. This patchset prepares us so we will build for it when
meta-oe picks it up.
Tested:
Code builds under boost 1.74.0
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Icc6c54da6705098fc76e3ee6dbdc6c3b5c57fbda
|
|
This commit enables the "unused variables" warning in clang. Throughout
this, it did point out several issues that would've been functional
bugs, so I think it was worthwhile. It also cleaned up several unused
variable from old constructs that no longer exist.
Tested:
Built with clang. Code no longer emits warnings.
Downloaded bmcweb to system and pulled up the webui, observed webui
loads and logs in properly.
Change-Id: I51505f4222cc147d6f2b87b14d7e2ac4a74cafa8
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
This commit enables clang warnings, and fixes all warnings that were
found. Most of these fall into a couple categories:
Variable shadow issues were fixed by renaming variables
unused parameter warnings were resolved by either checking error codes
that had been ignored, or removing the name of the variable from the
scope.
Other various warnings were fixed in the best way I was able to come up
with.
Note, the redfish Node class is especially insidious, as it causes all
imlementers to have variables for parameters, regardless of whether or
not they are used. Deprecating the Node class is on my list of things
to do, as it adds extra overhead, and in general isn't a useful
abstraction. For now, I have simply fixed all the handlers.
Tested:
Added the current meta-clang meta layer into bblayers.conf, and added
TOOLCHAIN_pn-bmcweb = "clang" to my local.conf
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Ia75b94010359170159c703e535d1c1af182fe700
|
|
Middlewares, while kinda cool from an academic standpoint, make our
build times even worse than they already are. Given that we only really
use 1 real middleware today (token auth) and it needs to move into the
parser mode anyway (for security limiting buffer sizes), we might as well
use this as an opportunity to delete some code.
Some other things that happen:
1. Persistent data now moves out of the crow namespace
2. App is no longer a template
3. All request_routes implementations no longer become templates. This
should be a decent (unmeasured) win on compile times.
This commit was part of a commit previously called "various cleanups".
This separates ONLY the middleware deletion part of that.
Note, this also deletes about 400 lines of hard to understand code.
Change-Id: I4c19e25491a153a2aa2e4ef46fc797bcb5b3581a
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Nbd-proxy is responsible for exposing websocket endpoint in bmcweb.
It matches WS endpoints with unix socket paths using configuration
exposed on D-Bus by Virtual-Media.
Virtual-Media is then notified about unix socket availability through
mount/unmount D-Bus methods.
Currently, this feature is disabled by default.
Tested: Integrated with initial version of Virtual-Media.
Change-Id: I9c572e9841b16785727e5676fea1bb63b0311c63
Signed-off-by: Iwona Klimaszewska <iwona.klimaszewska@intel.com>
Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski@intel.com>
|
|
This commit is the result of an audit to add user levels to the various
components that need them. As written:
KVM requires admin privilege
Virtual media requires admin privilege
image upload requires admin privilege
/subscribe API requies Login privilege
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I6384f23769a5ac23f653519656721da7373f088f
|
|
Recently, a number of people in the community have made the (admittedly
easy) mistake that we use a significant portion of crow.
Today, we use crow for the router, and the "app" structure, and even
those have been significantly modified to meet the bmc needs. All other
components have been replaced with Boost beast. This commit removes the
crow mentions from the Readme, and moves the crow folder to "http" to
camouflage it a little. No code content has changed.
Tested:
Code compiles. No functional change made to any executable code.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Iceb57b26306cc8bdcfc77f3874246338864fd118
|
|
using the list of warnings from here:
https://github.com/lefticus/cppbestpractices/blob/e73393f25a85f83fed7399d8b65cb117d00b2231/02-Use_the_Tools_Available.md#L100
Seems like a good place to start, and would improve things a bit
type-wise. This patchset attempts to correct all the issues in one
shot.
Tested:
It builds. Will test various subsystems that have been touched
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I588c26440e5a97f718a0f0ea74cc84107d53aa1e
|
|
Follow-on to https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/18891
Tested: Checked that the host console and virtual media endpoints
still worked as expected.
Change-Id: Ifdc5f21f3668bdf9bd24189504aaeb17b232c921
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
|
|
Boost beast, ASIO, and networking TS already have mechanisms for
injecting unit tests, using template parameters. We already use this to
some extent, although we pass through socket_adapters. Now that we have
constexpr if, we have the ability to simplify this code quite a bit.
Tested by:
Pulled down phosphor-webui, ran redfish service validator. Observed no
errors.
Change-Id: Ib8734aeb4c9139b56705060f6196e8ae16458fe9
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
When using Legacy Boot Mode in Intel platforms, HTML5 SOL console will
be disconnected when host start.
When host start, BIOS will send some non UTF-8 data to SOL console,
then SOL console will be disconnected. Changing to binary format can
make WSS protocol work correctly with non UTF-8 data.
Change-Id: I9a440220f16eb07d800dc291897ab3106cd40c32
Signed-off-by: Cheng C Yang <cheng.c.yang@linux.intel.com>
|
|
With the obmc-console-server binding to the correct socket, this is not
needed.
Abstract unix sockets start with the nul-charater, but are not nul
terminated. In fact, the nul-character has no meaning in the path.
According to the man page unix(7),
abstract: an abstract socket address is distinguished (from a pathname
socket) by the fact that sun_path[0] is a null byte ('\0').
The socket's address in this namespace is given by the
additional bytes in sun_path that are covered by the
specified length of the address structure. (Null bytes in
the name have no special significance.)
This means that when calling bind/connect, the size of the sockaddr
structure is not sizeof(sockaddr_un), it is sizeof(sockaddr_un) -
sizeof(sun_path) + (path_len)
Change-Id: I2b19d0b9aa8e8ded9162890503c46cad95a6c7b6
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
|
|
This commit ipmlements the serial console websocket in a way that is
compatible with phosphor-rest. This allows the webui serial console to
function. Latency doesn't appear improved, but I suspect that the
obmc-console server has issues.
Tested By:
Booted phosphor-webui serial console. Serial console works as
expected. Also implemented a serial console in python using python
websocket, and it appears to send and receive data correctly.
Change-Id: I0e571beb70a51923d6d7d148779a1154432c45c9
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|