Add: http, ftp protocols to virtual-media (nfs, smb incomplete)

author: Alexandr Ilenko <AIlenko@IBS.RU> 2022-06-10 08:34:37 +0300
committer: Alexandr Ilenko <AIlenko@IBS.RU> 2022-06-10 09:45:46 +0300
commit: 355849f39bdb795a309b3e13662f2c0f49a989f1 (patch)
tree: 3cdd1be598b60bb601ca0ef51aac6bfc9965d09a
parent: 28d07ffe7d38fe33f33bfbcd006a02e4d603260c (diff)
download: openbmc-355849f39bdb795a309b3e13662f2c0f49a989f1.tar.xz
8 files changed, 423 insertions, 0 deletions
diff --git a/meta-ibs/meta-common/recipes-phosphor/interfaces/bmcweb/0002-Add-http-ftp-nfs-protocols-to-un-filter-them-FT-58-T.patch b/meta-ibs/meta-common/recipes-phosphor/interfaces/bmcweb/0002-Add-http-ftp-nfs-protocols-to-un-filter-them-FT-58-T.patch
new file mode 100644
index 0000000000..43951f221e
--- /dev/null
+++ b/meta-ibs/meta-common/recipes-phosphor/interfaces/bmcweb/0002-Add-http-ftp-nfs-protocols-to-un-filter-them-FT-58-T.patch
@@ -0,0 +1,71 @@
+From c0aa20aa2be501eb6b063a8e48b79d49bd5f230c Mon Sep 17 00:00:00 2001
+From: Alexandr Ilenko <AIlenko@IBS.RU>
+Date: Mon, 6 Jun 2022 06:35:59 +0300
+Subject: [PATCH 2/2] Add: http, ftp, nfs protocols, to un-filter them (FT-58,
+ TZ-5.1.2.3)
+
+---
+ redfish-core/lib/virtual_media.hpp | 33 ++++++++++++++++++++++++++++++
+ 1 file changed, 33 insertions(+)
+
+diff --git a/redfish-core/lib/virtual_media.hpp b/redfish-core/lib/virtual_media.hpp
+index e94e233..1cce8fe 100644
+--- a/redfish-core/lib/virtual_media.hpp
++++ b/redfish-core/lib/virtual_media.hpp
+@@ -296,6 +296,12 @@ enum class TransferProtocol
+ {
+     https,
+     smb,
++    // 5.1.2.3.	(ФТ-58) Работа с образами виртуальных носителей на внешних серверах
++    // •	Обеспечить настройку через web-интерфейс параметров для загрузки образов виртуальных носителей через USB2 и USB1 и с внешних ресурсов HTTP, FTP, SMB, NFS.
++    http,
++    ftp,
++    nfs,
++    //
+     invalid
+ };
+ 
+@@ -315,6 +321,18 @@ inline std::optional<TransferProtocol>
+     {
+         return TransferProtocol::https;
+     }
++    if (scheme == "http")
++    {
++        return TransferProtocol::http;
++    }
++    if (scheme == "ftp")
++    {
++        return TransferProtocol::ftp;
++    }
++    if (scheme == "nfs")
++    {
++        return TransferProtocol::nfs;
++    }
+     if (!scheme.empty())
+     {
+         return TransferProtocol::invalid;
+@@ -345,6 +363,21 @@ inline std::optional<TransferProtocol> getTransferProtocolFromParam(
+         return TransferProtocol::https;
+     }
+ 
++    if (*transferProtocolType == "HTTP")
++    {
++        return TransferProtocol::http;
++    }
++
++    if (*transferProtocolType == "FTP")
++    {
++        return TransferProtocol::ftp;
++    }
++
++    if (*transferProtocolType == "NFS")
++    {
++        return TransferProtocol::nfs;
++    }
++
+     return TransferProtocol::invalid;
+ }
+ 
+-- 
+2.35.1
+
diff --git a/meta-ibs/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend b/meta-ibs/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend
index 683f52eec9..e349ee7674 100644
--- a/meta-ibs/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend
+++ b/meta-ibs/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend
@@ -4,6 +4,7 @@ SRCREV = "550a6bf85f81c1725b6c320a5ee419335cff2cf6"
 
 SRC_URI += "\
     file://0001-Enable-vm-nbdproxy-option.patch \
+    file://0002-Add-http-ftp-nfs-protocols-to-un-filter-them-FT-58-T.patch \
     "
 
 EXTRA_OEMESON += "\
diff --git a/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media.bbappend b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media.bbappend
index 5925b776aa..f3a0bd1e7e 100644
--- a/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media.bbappend
+++ b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media.bbappend
@@ -2,6 +2,11 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
 
 SRC_URI += "\
     file://0001-VM-include-fstream-header.patch \
+    file://0002-Add-http-ftp-nfs-protocols-nbdkit-curl-plugin-suppor.patch \
+    file://0003-virtual-media.1-Add-MountPointStateMachine-forceDisc.patch \
+    file://0004-virtual-media.1-Fix-MountPointStateMachine-forceDisc.patch \
+    file://0005-virtual-media.1-Fix-Use-machine.forceDisconnectNbd.patch \
+    file://0006-Upd-disable-tls13-ciphers-for-http-protocol.patch \
     "
 
 RDEPENDS:${PN}:append = " nfs-utils-mount"
diff --git a/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0002-Add-http-ftp-nfs-protocols-nbdkit-curl-plugin-suppor.patch b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0002-Add-http-ftp-nfs-protocols-nbdkit-curl-plugin-suppor.patch
new file mode 100644
index 0000000000..c41a5e37a9
--- /dev/null
+++ b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0002-Add-http-ftp-nfs-protocols-nbdkit-curl-plugin-suppor.patch
@@ -0,0 +1,171 @@
+From a907de416f0fa41a27af562a9b31fa5224da3899 Mon Sep 17 00:00:00 2001
+From: Alexandr Ilenko <AIlenko@IBS.RU>
+Date: Mon, 6 Jun 2022 15:36:08 +0300
+Subject: [PATCH 2/8] Add: http, ftp, nfs protocols (nbdkit-curl-plugin
+ supports) (FT-58, TZ-5.1.2.3)
+
+---
+ src/state/activating_state.cpp | 80 +++++++++++++++++++++++++++++++++-
+ src/state/activating_state.hpp | 13 ++++++
+ 2 files changed, 92 insertions(+), 1 deletion(-)
+
+diff --git a/src/state/activating_state.cpp b/src/state/activating_state.cpp
+index 1098192..c28310e 100644
+--- a/src/state/activating_state.cpp
++++ b/src/state/activating_state.cpp
+@@ -125,6 +125,18 @@ std::unique_ptr<BasicState> ActivatingState::activateLegacyMode()
+     {
+         return mountHttpsShare();
+     }
++    if (isHttpUrl(machine.getTarget()->imgUrl))
++    {
++        return mountHttpShare();
++    }
++    if (isFtpUrl(machine.getTarget()->imgUrl))
++    {
++        return mountFtpShare();
++    }
++    if (isNfsUrl(machine.getTarget()->imgUrl))
++    {
++        return mountNfsShare();
++    }
+ 
+     return std::make_unique<ReadyState>(machine, std::errc::invalid_argument,
+                                         "URL not recognized");
+@@ -167,13 +179,34 @@ std::unique_ptr<BasicState> ActivatingState::mountSmbShare()
+ }
+ 
+ std::unique_ptr<BasicState> ActivatingState::mountHttpsShare()
++{
++	return mountXxxShare("HTTPS");
++}
++
++std::unique_ptr<BasicState> ActivatingState::mountHttpShare()
++{
++	return mountXxxShare("HTTP");
++}
++
++std::unique_ptr<BasicState> ActivatingState::mountFtpShare()
++{
++	return mountXxxShare("FTP");
++}
++
++std::unique_ptr<BasicState> ActivatingState::mountNfsShare()
++{
++	return mountXxxShare("NFS");
++}
++
++std::unique_ptr<BasicState> ActivatingState::mountXxxShare(const char* pMountType)
+ {
+     process = spawnNbdKit(machine, machine.getTarget()->imgUrl);
+     if (!process)
+     {
+         return std::make_unique<ReadyState>(machine,
+                                             std::errc::invalid_argument,
+-                                            "Failed to mount HTTPS share");
++                                            (std::stringstream("Failed to mount ")
++                                            << pMountType << " share").str());
+     }
+ 
+     return nullptr;
+@@ -330,12 +363,45 @@ bool ActivatingState::isHttpsUrl(const std::string& imageUrl)
+     return checkUrl("https://", imageUrl);
+ }
+ 
++bool ActivatingState::isHttpUrl(const std::string& imageUrl)
++{
++    return checkUrl("http://", imageUrl);
++}
++
++bool ActivatingState::isFtpUrl(const std::string& imageUrl)
++{
++    return checkUrl("ftp://", imageUrl);
++}
++
++bool ActivatingState::isNfsUrl(const std::string& imageUrl)
++{
++    return checkUrl("nfs://", imageUrl);
++}
++
+ bool ActivatingState::getImagePathFromHttpsUrl(const std::string& imageUrl,
+                                                std::string* imagePath)
+ {
+     return getImagePathFromUrl("https://", imageUrl, imagePath);
+ }
+ 
++bool ActivatingState::getImagePathFromHttpUrl(const std::string& imageUrl,
++                                               std::string* imagePath)
++{
++    return getImagePathFromUrl("http://", imageUrl, imagePath);
++}
++
++bool ActivatingState::getImagePathFromFtpUrl(const std::string& imageUrl,
++                                               std::string* imagePath)
++{
++    return getImagePathFromUrl("ftp://", imageUrl, imagePath);
++}
++
++bool ActivatingState::getImagePathFromNfsUrl(const std::string& imageUrl,
++                                               std::string* imagePath)
++{
++    return getImagePathFromUrl("nfs://", imageUrl, imagePath);
++}
++
+ bool ActivatingState::isCifsUrl(const std::string& imageUrl)
+ {
+     return checkUrl("smb://", imageUrl);
+@@ -355,6 +421,18 @@ fs::path ActivatingState::getImagePath(const std::string& imageUrl)
+     {
+         return {imagePath};
+     }
++    if (isHttpUrl(imageUrl) && getImagePathFromHttpUrl(imageUrl, &imagePath))
++    {
++        return {imagePath};
++    }
++    if (isFtpUrl(imageUrl) && getImagePathFromFtpUrl(imageUrl, &imagePath))
++    {
++        return {imagePath};
++    }
++    if (isNfsUrl(imageUrl) && getImagePathFromNfsUrl(imageUrl, &imagePath))
++    {
++        return {imagePath};
++    }
+     if (isCifsUrl(imageUrl) && getImagePathFromCifsUrl(imageUrl, &imagePath))
+     {
+         return {imagePath};
+diff --git a/src/state/activating_state.hpp b/src/state/activating_state.hpp
+index 295d185..affca24 100644
+--- a/src/state/activating_state.hpp
++++ b/src/state/activating_state.hpp
+@@ -26,6 +26,10 @@ struct ActivatingState : public BasicStateT<ActivatingState>
+     std::unique_ptr<BasicState> activateLegacyMode();
+     std::unique_ptr<BasicState> mountSmbShare();
+     std::unique_ptr<BasicState> mountHttpsShare();
++    std::unique_ptr<BasicState> mountHttpShare();
++    std::unique_ptr<BasicState> mountFtpShare();
++    std::unique_ptr<BasicState> mountNfsShare();
++    std::unique_ptr<BasicState> mountXxxShare(const char* pMountType);
+ 
+     static std::unique_ptr<resource::Process>
+         spawnNbdKit(interfaces::MountPointStateMachine& machine,
+@@ -44,8 +48,17 @@ struct ActivatingState : public BasicStateT<ActivatingState>
+                                     const std::string& imageUrl,
+                                     std::string* imagePath);
+     static bool isHttpsUrl(const std::string& imageUrl);
++    static bool isHttpUrl(const std::string& imageUrl);
++    static bool isFtpUrl(const std::string& imageUrl);
++    static bool isNfsUrl(const std::string& imageUrl);
+     static bool getImagePathFromHttpsUrl(const std::string& imageUrl,
+                                          std::string* imagePath);
++    static bool getImagePathFromHttpUrl(const std::string& imageUrl,
++                                         std::string* imagePath);
++    static bool getImagePathFromFtpUrl(const std::string& imageUrl,
++                                         std::string* imagePath);
++    static bool getImagePathFromNfsUrl(const std::string& imageUrl,
++                                         std::string* imagePath);
+ 
+     static bool isCifsUrl(const std::string& imageUrl);
+     static bool getImagePathFromCifsUrl(const std::string& imageUrl,
+-- 
+2.35.1
+
diff --git a/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0003-virtual-media.1-Add-MountPointStateMachine-forceDisc.patch b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0003-virtual-media.1-Add-MountPointStateMachine-forceDisc.patch
new file mode 100644
index 0000000000..5e36d338b5
--- /dev/null
+++ b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0003-virtual-media.1-Add-MountPointStateMachine-forceDisc.patch
@@ -0,0 +1,51 @@
+From 0576a3aca97da91cdd74fc5b11766723cd720785 Mon Sep 17 00:00:00 2001
+From: Alexandr Ilenko <AIlenko@IBS.RU>
+Date: Tue, 7 Jun 2022 07:11:25 +0300
+Subject: [PATCH 3/8] virtual-media.1: Add:
+ "MountPointStateMachine::forceDisconnectNbd()"
+
+---
+ src/state_machine.hpp | 27 +++++++++++++++++++++++++++
+ 1 file changed, 27 insertions(+)
+
+diff --git a/src/state_machine.hpp b/src/state_machine.hpp
+index d5f3265..ed67252 100644
+--- a/src/state_machine.hpp
++++ b/src/state_machine.hpp
+@@ -62,6 +62,33 @@ struct MountPointStateMachine : public interfaces::MountPointStateMachine
+         }
+     }
+ 
++    void forceDisconnectNbd()
++    {
++        auto process = std::make_shared<Process>(
++            ioc.get(), this->name, "/usr/sbin/nbd-client",
++            config.nbdDevice);
++        if (!process)
++        {
++            LogMsg(Logger::Error, this->name,
++                    " Failed to create Process for: ", this->name);
++            return;
++        }
++
++        static const std::vector<std::string> args = {
++            "-d",
++            config.nbdDevice.to_path(),
++        };
++
++        if (!process->spawn(args, [](int exitCode, bool) {
++                LogMsg(Logger::Info, "Cleanup NBD device connection: ",
++                        std::strerror(exitCode));
++            }))
++        {
++            LogMsg(Logger::Error, "Faild to start the NBD connection "
++                                    "cleanup process.");
++        }
++    }
++
+     template <class EventT>
+     void emitEvent(EventT&& event)
+     {
+-- 
+2.35.1
+
diff --git a/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0004-virtual-media.1-Fix-MountPointStateMachine-forceDisc.patch b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0004-virtual-media.1-Fix-MountPointStateMachine-forceDisc.patch
new file mode 100644
index 0000000000..2fdee639ea
--- /dev/null
+++ b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0004-virtual-media.1-Fix-MountPointStateMachine-forceDisc.patch
@@ -0,0 +1,52 @@
+From d28d2cbc3938ad55b0e0f61048646855eb5811de Mon Sep 17 00:00:00 2001
+From: Alexandr Ilenko <AIlenko@IBS.RU>
+Date: Tue, 7 Jun 2022 07:18:59 +0300
+Subject: [PATCH 4/8] virtual-media.1: Fix:
+ "MountPointStateMachine::forceDisconnectNbd()"
+
+---
+ src/interfaces/mount_point_state_machine.hpp | 1 +
+ src/state_machine.hpp                        | 6 +++---
+ 2 files changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/interfaces/mount_point_state_machine.hpp b/src/interfaces/mount_point_state_machine.hpp
+index e6b175c..c4b4391 100644
+--- a/src/interfaces/mount_point_state_machine.hpp
++++ b/src/interfaces/mount_point_state_machine.hpp
+@@ -36,6 +36,7 @@ struct MountPointStateMachine
+     virtual int& getExitCode() = 0;
+     virtual boost::asio::io_context& getIoc() = 0;
+ 
++    virtual void forceDisconnectNbd() = 0;
+     virtual void emitRegisterDBusEvent(
+         std::shared_ptr<sdbusplus::asio::connection> bus,
+         std::shared_ptr<sdbusplus::asio::object_server> objServer) = 0;
+diff --git a/src/state_machine.hpp b/src/state_machine.hpp
+index ed67252..0a9cf20 100644
+--- a/src/state_machine.hpp
++++ b/src/state_machine.hpp
+@@ -62,10 +62,10 @@ struct MountPointStateMachine : public interfaces::MountPointStateMachine
+         }
+     }
+ 
+-    void forceDisconnectNbd()
++    void forceDisconnectNbd() override
+     {
+         auto process = std::make_shared<Process>(
+-            ioc.get(), this->name, "/usr/sbin/nbd-client",
++            ioc, this->name, "/usr/sbin/nbd-client",
+             config.nbdDevice);
+         if (!process)
+         {
+@@ -79,7 +79,7 @@ struct MountPointStateMachine : public interfaces::MountPointStateMachine
+             config.nbdDevice.to_path(),
+         };
+ 
+-        if (!process->spawn(args, [](int exitCode, bool) {
++        if (!process->spawn(args, [](int exitCode) {
+                 LogMsg(Logger::Info, "Cleanup NBD device connection: ",
+                         std::strerror(exitCode));
+             }))
+-- 
+2.35.1
+
diff --git a/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0005-virtual-media.1-Fix-Use-machine.forceDisconnectNbd.patch b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0005-virtual-media.1-Fix-Use-machine.forceDisconnectNbd.patch
new file mode 100644
index 0000000000..cec49a5bfd
--- /dev/null
+++ b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0005-virtual-media.1-Fix-Use-machine.forceDisconnectNbd.patch
@@ -0,0 +1,44 @@
+From 7b163421a714221833e586190cc358f9c6a77f9c Mon Sep 17 00:00:00 2001
+From: Alexandr Ilenko <AIlenko@IBS.RU>
+Date: Tue, 7 Jun 2022 07:13:37 +0300
+Subject: [PATCH 5/8] virtual-media.1: Fix: Use "machine.forceDisconnectNbd()"
+
+---
+ src/state/activating_state.cpp | 1 +
+ src/state/initial_state.hpp    | 8 +++++++-
+ 2 files changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/src/state/activating_state.cpp b/src/state/activating_state.cpp
+index c28310e..6ae7932 100644
+--- a/src/state/activating_state.cpp
++++ b/src/state/activating_state.cpp
+@@ -269,6 +269,7 @@ std::unique_ptr<resource::Process>
+                                secret = std::move(secret)](int exitCode) {
+             LogMsg(Logger::Info, machine.getName(), " process ended.");
+             machine.getExitCode() = exitCode;
++            machine.forceDisconnectNbd();
+             machine.emitSubprocessStoppedEvent();
+         }))
+     {
+diff --git a/src/state/initial_state.hpp b/src/state/initial_state.hpp
+index f9255b0..0e8876a 100644
+--- a/src/state/initial_state.hpp
++++ b/src/state/initial_state.hpp
+@@ -18,7 +18,13 @@ struct InitialState : public BasicStateT<InitialState>
+     }
+ 
+     InitialState(interfaces::MountPointStateMachine& machine) :
+-        BasicStateT(machine){};
++        BasicStateT(machine)
++    {
++        // force dissconnect stuck NBD Devices
++        machine.forceDisconnectNbd();
++        // force remove stuck USB Gadgets
++        // machine.removeUsbGadget(machine);
++    };
+ 
+     std::unique_ptr<BasicState> handleEvent(RegisterDbusEvent event)
+     {
+-- 
+2.35.1
+
diff --git a/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0006-Upd-disable-tls13-ciphers-for-http-protocol.patch b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0006-Upd-disable-tls13-ciphers-for-http-protocol.patch
new file mode 100644
index 0000000000..a902b463fb
--- /dev/null
+++ b/meta-ibs/meta-cp2-5422/recipes-phosphor/virtual-media/virtual-media/0006-Upd-disable-tls13-ciphers-for-http-protocol.patch
@@ -0,0 +1,28 @@
+From ec722934ab52b372ef03b2f53c92961d040d078e Mon Sep 17 00:00:00 2001
+From: Alexandr Ilenko <AIlenko@IBS.RU>
+Date: Mon, 6 Jun 2022 21:53:02 +0300
+Subject: [PATCH 6/8] Upd: disable "tls13-ciphers" for http protocol
+
+---
+ src/state/activating_state.cpp | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/state/activating_state.cpp b/src/state/activating_state.cpp
+index 6ae7932..f926547 100644
+--- a/src/state/activating_state.cpp
++++ b/src/state/activating_state.cpp
+@@ -307,9 +307,10 @@ std::unique_ptr<resource::Process>
+         "followlocation=false",
+         "ssl-cipher-list="
+         "ECDHE-RSA-AES256-GCM-SHA384:"
+-        "ECDHE-ECDSA-AES256-GCM-SHA384",
++        "ECDHE-ECDSA-AES256-GCM-SHA384"}; /*,
+         "tls13-ciphers="
+         "TLS_AES_256_GCM_SHA384"};
++        */
+ 
+     // Authenticate if needed
+     if (machine.getTarget()->credentials)
+-- 
+2.35.1
+
author	Alexandr Ilenko <AIlenko@IBS.RU>	2022-06-10 08:34:37 +0300
committer	Alexandr Ilenko <AIlenko@IBS.RU>	2022-06-10 09:45:46 +0300
commit	355849f39bdb795a309b3e13662f2c0f49a989f1 (patch)
tree	3cdd1be598b60bb601ca0ef51aac6bfc9965d09a
parent	28d07ffe7d38fe33f33bfbcd006a02e4d603260c (diff)
download	openbmc-355849f39bdb795a309b3e13662f2c0f49a989f1.tar.xz