bmcweb, branch master

Add message entry for BMC kernel panic event

2020-02-11T05:00:01+00:00

Log the BMC kernel panic event into redfish. Tested: Trigger a kernel panic by "echo c > /proc/sysrq-trigger", After BMC reboot, check the below message entry in redfish/v1/Systems/system/LogServices/EventLog/Entries: { "@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry", "@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/68627", "@odata.type": "#LogEntry.v1_4_0.LogEntry", "Created": "1970-01-01T19:03:47+00:00", "EntryType": "Event", "Id": "68627", "Message": "BMC rebooted due to kernel panic.", "MessageArgs": [], "MessageId": "OpenBMC.0.1.BMCKernelPanic", "Name": "System Event Log Entry", "Severity": "OK" } Signed-off-by: Yong Li Change-Id: Ibc3075a48514b3288ba1a1b1fbe716f5e9deeb26

Add a pid controller size limit

2020-02-10T20:23:25+00:00

Right now there is no limit, so someone could attack the bmc by adding a very large number of controllers. Create a limit so this isn't possible. Tested: Add / Remove functionality still works Change-Id: Ib408293431250d93b0af71616a1668f6a3d0904a Signed-off-by: James Feist

PID: Don't attempt to delete unknown objects

2020-02-10T20:23:16+00:00

This puts a block in to return early if we are asked to delete something we can't find on D-Bus. This code path was creating a segfault, but theres no reason to continue after we can't find an object we are asked to delete, so we can just avoid it. Also clean up the end iterator dereference so it doesn't happen in any other path. Tested: Segfault goes away Change-Id: I33622e5e8ab09fba0681e4f86f4a7068f6ef0be7 Signed-off-by: James Feist

Update AccountService Privilege

2020-02-10T18:34:06+00:00

"GET" should be a "Login" Privilege for the AccountService resource. This makes sense, a "Readonly" and "Operator" user should be able to see properties like MaxPasswordLength and MinPasswordLength since they are allowed to change their own password. This was changed in Redfish 2019.3, redfish issue 1914 explains more. From Redfish_1.0.4_PrivilegeRegistry.json: "Entity": "AccountService", "OperationMap": { "GET": [ { "Privilege": [ "Login" ] } ], "HEAD": [ { "Privilege": [ "Login" ] } ], "PATCH": [ { "Privilege": [ "ConfigureUsers" ] } ], "PUT": [ { "Privilege": [ "ConfigureUsers" ] } ], "DELETE": [ { "Privilege": [ "ConfigureUsers" ] } ], "POST": [ { "Privilege": [ "ConfigureUsers" ] } ] Change-Id: Iab8acbac97a58aed865bf94f665d6c9a32de81dd Tested: Build for Witherspoon and AccountService looks good. Signed-off-by: Gunnar Mills

Move to 2019.3

2020-02-10T18:34:00+00:00

Make changes to update_schemas.py needed for the move and run update_schemas.py. old path (2019.2) DSP8010_2019.2/DSP8010_2019.2/json-schema/MemoryMetrics.v1_1_2.json DSP8010_2019.2/DSP8010_2019.2/openapi/Memory.v1_0_3.yaml DSP8010_2019.2/DSP8010_2019.2/csdl/AccelerationFunction_v1.xml new path (2019.3) DSP8010_2019.3/csdl/Memory_v1.xml DSP8010_2019.3/json-schema/UpdateService.v1_1_2.json DSP8010_2019.3/openapi/Zone.v1_3_1.yaml To see an overview of 2019.3 see https://www.dmtf.org/sites/default/files/Redfish_Release_2019.3_Overview.pdf Tested: Built bmcweb, loaded on a Witherspoon, and ran the validator. No errors. Change-Id: I0deaf88b884d65fffa31fcf66183ed61a930a073 Signed-off-by: Gunnar Mills

Add Power Supply Attributes

2020-02-07T21:15:21+00:00

Map DeratingFactor from PowerSupplyAttributes.interface.yaml to the Redfish property PowerSupply "EfficiencyPercent". Only do this call when the "Power" schema is called. Use the InventoryItem class introduced in adc4f0db57568c5e5d2a3398fce00dbb050a3b72 Tested: Power, Thermal, all look good. Passed the Redfish Validator. "PowerSupplies": [ { "@odata.id": "/redfish/v1/Chassis/chassis/Power#/PowerSupplies/0", "EfficiencyPercent": 90, "IndicatorLED": "Off", "Manufacturer": "", "MemberId": "powersupply0", "Model": "2B1D", "Name": "powersupply0", "PartNumber": "01KL471", "PowerInputWatts": 12.0, "SerialNumber": "71G370", "Status": { "Health": "OK", "State": "Enabled" } }, Change-Id: I344577a7a3d72cd37d5f6bab03edbdce13b9f764 Signed-off-by: Gunnar Mills

Update update_schemas.py with new Oem

2020-02-07T19:07:33+00:00

Several Oem schemas have been added but the update_schemas.py has not been updated. Added them to the update_schemas.py so the static/redfish/v1/$metadata/index.xml is correctly built by update_schemas.py. This is needed to move us to 2019.3 and eventually 2019.4. Ideally, we would not just have a bunch of metadata_index.write to write the Oem schemas to $metadata/index.xml but this will do for now. https://github.com/openbmc/bmcweb/issues/32 is to improve this. Tested: Ran update_schemas.py and loaded that image on a Witherspoon and ran the validator. No errors. Change-Id: Iade028e690c31e25a72503d9352bc75eb7ee58dc Signed-off-by: Gunnar Mills

Move Crashdump to OemCrashdump

2020-02-07T19:07:33+00:00

All other Oem Schemas start with Oem. This is used by the update_schemas.py to determine an Oem schema and is a reasonable requirement for Oem schemas. https://github.com/openbmc/bmcweb/blob/a3268f98f308ca7c8660b1ace44d5b9a40be204b/scripts/update_schemas.py#L43 Tested: Ran the validator against this change on a Witherspoon with BMCWEB_ENABLE_REDFISH_CPU_LOG enabled and OemCheck true. Validator passed. Might be worth running on a system that actually uses BMCWEB_ENABLE_REDFISH_CPU_LOG. curl -k https://${bmc}/redfish/v1/Systems/system/LogServices/Crashdump { "@odata.context": "/redfish/v1/$metadata#LogService.LogService", "@odata.id": "/redfish/v1/Systems/system/LogServices/Crashdump", "@odata.type": "#LogService.v1_1_0.LogService", "Actions": { "#LogService.ClearLog": { "target": "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/LogService.ClearLog" }, "Oem": { "#Crashdump.OnDemand": { "target": "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/Oem/Crashdump.OnDemand" } } }, "Description": "Oem Crashdump Service", "Entries": { "@odata.id": "/redfish/v1/Systems/system/LogServices/Crashdump/Entries" }, "Id": "Oem Crashdump", "MaxNumberOfRecords": 3, "Name": "Open BMC Oem Crashdump Service", "OverWritePolicy": "WrapsWhenFull" } Change-Id: Iacc11be1284b99c2ed9a6c2ca0a936bd97855afb Signed-off-by: Gunnar Mills

[pam]: Restrict user authentication to redfish grp

2020-02-07T09:58:13+00:00

Restrict bmcweb authentication to redfish group only. This change makes sure that user without having redfish group user is not authenticated to query the details, and login will fail. Tested: 1.Verified by removing the redfish group role for a valid user and confirmed redfish session establishment fails using postman. Change-Id: Ie0c1c94a7ac4d218a502faba1d80c7b9fc2a7ca0 Signed-off-by: Richard Marian Thomaiyar

Add support to fetch the 'Updateable' components

2020-02-03T17:57:27+00:00

Currently 'Updateable' property value in SoftwareInventory schema is hardcoded. Added support to look through the updateable software associations objects and use it for 'Updateable' Redfish property in SoftwareInventory. Tested: - Checked 'Updateable' Property value for both programmable and non-programmable firmware inventory components and it works as expected. - Ran the Redfish validator and no new issues found. Signed-off-by: AppaRao Puli Change-Id: Ia24f942f3afe49674ec3628cac0356a5496ef337