From b93b36fbcabae186bc7fae289ae07f1451b257ff Mon Sep 17 00:00:00 2001
From: Joseph Fu <joseph.fu@quantatw.com>
Date: Thu, 27 Jan 2022 11:31:24 +0800
Subject: meta-quanta: s6q: implement the chassis capabilities intrusion
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This settings is according to IPMI SPEC chassis capabilities to provide intrusion sensor.
Adding chassis intrusion sensor monitor to implement 'ChassisIntrusionEnabled' property functionally.

Tested:
get chassis capabilities, first 01 is meant to enable intrusion sensor
~# ipmitool raw 0x00 0x00
01 20 20 20 20 20

check the intrusion sensor Status
~# systemctl status xyz.openbmc_project.intrusionsensor.service
● xyz.openbmc_project.intrusionsensor.service - Intrusion Sensor
Loaded: loaded (/lib/systemd/system/xyz.openbmc_project.intrusionsensor.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-01-10 01:53:48 UTC; 10min ago
Main PID: 478 (intrusionsensor)
CGroup: /system.slice/xyz.openbmc_project.intrusionsensor.service
└─478 intrusionsensor

then, set no provided any chassis capabilities function.
~# ipmitool raw 0x00 0x05 0x00 0x20 0x20 0x20 0x20 0x20

check chassis capabilities status.
~# ipmitool raw 0x00 0x00
00 20 20 20 20 20

now, intrusion sensor is not provided.
~# systemctl status xyz.openbmc_project.intrusionsensor.service
○ xyz.openbmc_project.intrusionsensor.service - Intrusion Sensor
Loaded: loaded (/lib/systemd/system/xyz.openbmc_project.intrusionsensor.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Mon 2022-01-10 02:05:44 UTC; 5s ago
Process: 478 ExecStart=/usr/bin/env intrusionsensor (code=killed, signal=TERM)
Main PID: 478 (code=killed, signal=TERM)

Signed-off-by: Joseph Fu <joseph.fu@quantatw.com>
Change-Id: Ib3e3811f9ae9ab79dab52921fb0e6e065d44c444
---
 .../dbus/chassis-intrusion-monitor.bb              |  17 ++++
 .../dbus/chassis-intrusion-monitor/config.yaml     | 111 +++++++++++++++++++++
 .../dbus/phosphor-dbus-monitor-config.bbappend     |   1 +
 .../dbus/phosphor-dbus-monitor_%.bbappend          |   1 +
 4 files changed, 130 insertions(+)
 create mode 100644 meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor.bb
 create mode 100644 meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor/config.yaml
 create mode 100644 meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor-config.bbappend
 create mode 100644 meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor_%.bbappend

(limited to 'meta-quanta')

diff --git a/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor.bb b/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor.bb
new file mode 100644
index 0000000000..20f73ad623
--- /dev/null
+++ b/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor.bb
@@ -0,0 +1,17 @@
+SUMMARY = "Chassis Intrusion monitor for meta-s6q"
+PR = "r1"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10"
+
+inherit allarch
+inherit phosphor-dbus-monitor
+
+FILESEXTRAPATHS:prepend:s6q := "${THISDIR}/${BPN}:"
+
+SRC_URI += "file://config.yaml"
+
+do_install() {
+        install -D ${WORKDIR}/config.yaml ${D}${config_dir}/config.yaml
+}
+
+FILES:${PN} += "${config_dir}/config.yaml"
diff --git a/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor/config.yaml b/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor/config.yaml
new file mode 100644
index 0000000000..f52eafb1aa
--- /dev/null
+++ b/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor/config.yaml
@@ -0,0 +1,111 @@
+- name: chassis capabilities path
+  class: group
+  group: path
+  members:
+  - meta: PATH
+    path: /xyz/openbmc_project/control/chassis_capabilities
+
+- name: intrusion property
+  class: group
+  group: property
+  type: boolean
+  members:
+  - interface: xyz.openbmc_project.Control.ChassisCapabilities
+    meta: PROPERTY
+    property: ChassisIntrusionEnabled
+
+- name: watch intrusionenable
+  class: watch
+  watch: property
+  paths: chassis capabilities path
+  properties: intrusion property
+  callback: intrusion enable
+
+- name: watch intrusiondisable
+  class: watch
+  watch: property
+  paths: chassis capabilities path
+  properties: intrusion property
+  callback: intrusion disable
+
+- name: intrusion enable
+  class: condition
+  condition: count
+  paths: chassis capabilities path
+  properties: intrusion property
+  callback: enable log and event
+  countop: '=='
+  countbound: 1
+  op: '=='
+  bound: true
+
+- name: intrusion disable
+  class: condition
+  condition: count
+  paths: chassis capabilities path
+  properties: intrusion property
+  callback: disable log and event
+  countop: '=='
+  countbound: 1
+  op: '=='
+  bound: false
+
+- name: enable log and event
+  class: callback
+  callback: group
+  members:
+  - journal callback enable value
+  - start intrusion sensor
+
+- name: disable log and event
+  class: callback
+  callback: group
+  members:
+  - journal callback disable value
+  - stop intrusion sensor
+
+- name: journal callback enable value
+  class: callback
+  callback: journal
+  paths: chassis capabilities path
+  properties: intrusion property
+  severity: INFO
+  message: chassis intrusion enable
+
+- name: journal callback disable value
+  class: callback
+  callback: journal
+  paths: chassis capabilities path
+  properties: intrusion property
+  severity: INFO
+  message: chassis intrusion disable
+
+- name: stop intrusion sensor
+  description: >
+    'Stop intrusion sensor.'
+  class: callback
+  callback: method
+  service: org.freedesktop.systemd1
+  path: /org/freedesktop/systemd1
+  interface: org.freedesktop.systemd1.Manager
+  method: StopUnit
+  args:
+    - value: xyz.openbmc_project.intrusionsensor.service
+      type: string
+    - value: replace
+      type: string
+
+- name: start intrusion sensor
+  description: >
+    'Start intrusion sensor.'
+  class: callback
+  callback: method
+  service: org.freedesktop.systemd1
+  path: /org/freedesktop/systemd1
+  interface: org.freedesktop.systemd1.Manager
+  method: StartUnit
+  args:
+    - value: xyz.openbmc_project.intrusionsensor.service
+      type: string
+    - value: replace
+      type: string
diff --git a/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor-config.bbappend b/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor-config.bbappend
new file mode 100644
index 0000000000..bfe592eb88
--- /dev/null
+++ b/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor-config.bbappend
@@ -0,0 +1 @@
+PHOSPHOR_DBUS_MONITOR_CONFIGS:append:s6q = " chassis-intrusion-monitor"
diff --git a/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor_%.bbappend b/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor_%.bbappend
new file mode 100644
index 0000000000..e8df8868f2
--- /dev/null
+++ b/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor_%.bbappend
@@ -0,0 +1 @@
+FILESEXTRAPATHS:append:s6q := ":${THISDIR}/${PN}"
-- 
cgit v1.2.3