| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Need to Log security event for enabling uart-port-debug, P2A-bridge and
BMC 2nd boot flash to redfish.
tested:
By settng the SCU registers for uart-port-debug disable bit, P2A-bridge
enable bit and BMC 2nd boot flash enable bit, trigger security events, can
see their redfish log.
Change-Id: I75a7ed679c6b20d454a831e52d96dea30eea22bd
Signed-off-by: Chen,Yugang <yugang.chen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updated the NetworkProtocol GET method code
to lookup the service names and socket paths
directly fetched from System control ListenSockets.
Tested:
- Performed GET on NetworkProtocol URI and validated
all responses.
- Stopped services(ssh) and validated Enabled status.
- Successfully ran Redfish validator without any issues.
URI: /redfish/v1/Managers/bmc/NetworkProtocol
Response:
............
"IPMI": {
"Port": 623,
"ProtocolEnabled": true
},
"HTTPS": {
.....
"Port": 443,
"ProtocolEnabled": true
},
"SSH": {
"Port": 22,
"ProtocolEnabled": true
},
..........
Change-Id: I047910d3e6430a2779b3803a0f1e836104e2bda3
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modified POST method to handle redfish user creation
error codes.
Tested:
Tested user creation with below test cases
1)Already user exists
2)Max users reached
3)Username is NULL
4)Username is not starting with alphabet
5)Username exceed more than 16 characters
6)Invalid Password
Redfish validator test results: Passed
Signed-off-by: anil kumar appana <anil.kumarx.appana@intel.com>
Change-Id: I58361ddd4dfd067802f805f9d870b2bc1692ea1d
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added Oem extension for AccountService allowing user to configure
which authentication methods should be enabled. User is now able
to turn on and off authentication methods like BasicAuth, XToken, etc.
User is not allowed to turn off all of the methods at once - at least
one method has to be active to prevent lock-out. This configuration
is persistent, will be saved on file-system and will be loaded on
bmcweb's restart.
Tested:
No regression found in manual testing. By default everything works as before,
and disabling auth method prevents user to authenticate by it. Tested that
user is not allowed to disable all the methods - either in one PATCH or by
disabling them one at a time.
ServiceValidator run with success.
This change is a fix for this request:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/23590/18
which was revert here:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/26869
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: I66b5ad423746f1992070a14f2983a07b1320190e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Redfish DHCP handling has independent control of DHCPv4 and
DHCPv6. This change combines with phosphor-network and
phosphor-dbus-interface changes to implement the independent control
capability.
Tested by:
Verified DHCP is able to be enabled for both DHCPv4 and DHCPv6
Verified DHCPv4 can be enabled, and static IPv6 addresses configured
Verified DHCPv6 can be enabled, and static IPv4 addresses configured
Verified DHCP can be disabled for both interfaces
Confirmed enable/disable of UseNTP, UseDNS, and UseHostname
Passes Redfish Service Validator
Change-Id: I449ec096a3c41231c9bc9aa1bf67824982525cec
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows logging of drive errors.
Tested:
"DriveError": {
"Description": "Indicates that a Drive Error occurred of the specified type or cause.",
"Message": "Drive Error Occurred: %1.",
"NumberOfArgs": 1,
"ParamTypes": [
"string"
],
"Resolution": "None.",
"Severity": "Warning"
}
Change-Id: Ic97611e26710f57b09a7f89e0470f1277f710d5d
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With introducing Mutual-TLS and option to add multiple certificates
there is a need to give user a possibility to remove them, for example
when they expire. This commit adds implementation of DELETE function
to TLS Certificate node, so each of them can be removed.
Beckend implementation is here:
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-certificate-manager/+/25268
Tested with uploaded multiple TLS certificates.
Other certificates remains irremovable as they were so far.
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: I9781c5c79288ec5d080e80e42c63a55e471ddb77
Depends-On: I9dd6fa998e8bd8081fbd13549831bc94a4a7aa54
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modified doPatch method to populate redfish user update error codes.
Tested:
Tested user updates with below scenarios
1)Provided username is not exist
2)Replace username already user exists
3)Replace Username is NULL/Invalid
4)Replace username is not starting with alphabet
5)Replace username exceeds more than 16 characters
6)Password is not valid for Replace/existing username
Redfish validator test results:
1 failProp errors in /redfish/v1/Systems/system/LogServices/EventLog
1 problemResource errors in /redfish/v1/Systems/system/LogServices/
EventLog/Entries
Counter({'skipOptional': 17887, 'pass': 12133, 'passGet': 1285,
'metadataNamespaces': 1047, 'serviceNamespaces': 69, 'reflink': 9,
'passAction': 7, 'warningPresent': 6, 'optionalAction': 6,
'repeat': 3, 'invalidPropertyValue': 3, 'failErrorPresent': 1,
'err.LogEntryCollection.LogEntryCollection': 1, 'failProp': 1,
'unvalidated': 1, 'problemResource': 1,
'unverifiedComplexAdditional': 1, 'warnTrailingSlashLink': 1})
Validation has failed: 3 problems found
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: Ibee448c5d5c4f38c5c4cacda757864593f6001fc
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 0ff64dc2cd3a15b4204a477ad2eb5219d66e6110.
Reason for revert: <breaks redfish validator, <edmx:Reference Uri="/redfish/v1/schema/OemAccountService_v1.xml"> but the file name unversioned static/redfish/v1/schema/OemAccountService.xml>
Change-Id: I696dd09bf519e364f5f529a674e047a8eeead578
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds health to storage based on drive inventory and
updates systems health to include drives.
This also fixes properties that are manditory in drives to
make this patch pass the validator.
Tested:
Validator Passed.
Failed a drive and saw:
{
"@odata.context": "/redfish/v1/$metadata#Storage.Storage",
"@odata.id": "/redfish/v1/Systems/system/Storage/1",
"@odata.type": "#Storage.v1_7_1.Storage",
"Drives": [
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_1"
},
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_2"
},
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_3"
},
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_4"
},
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_5"
},
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_6"
},
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_7"
},
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_8"
}
],
"Drives@odata.count": 8,
"Id": "1",
"Name": "Storage Controller",
"Status": {
"Health": "Warning",
"HealthRollup": "Warning",
"State": "Enabled"
}
}
And In systems:
"Status": {
"Health": "Warning",
"HealthRollup": "Warning",
"State": "Enabled"
},
Change-Id: I7abf042ac51b1fbe9e4ee0b72876e9be96e60b7c
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added message registry entries for logging platform firmware
error, panic events and recovery events w.r.t specific
components like BMC, BIOS, ME and CPLD ROT.
These are useful for logging error/events, when the platform
firmware components Like BMC, BIOS, ME and CPLD are compromised
and automatic recovery actions are triggered.
E.g: Can be used if BIOS/BMC or any platform firmware primary
image boot failed, and secondary image is loaded.
Tested:
Using below URI and Method, verified the registry entries.
URI: /redfish/v1/Registries/OpenBMC/OpenBMC
METHOD: GET
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: Id797dafe6b88ac69ea0fde27ae45980610e29620
|
| |
|
|
|
|
|
|
|
|
|
| |
The link was wrong, fix it.
Tested:
Navigated to a drive using new path, and it worked.
Change-Id: Ie008efef23f4a7a17bfc0c3f74a4deac87e0d94c
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added Oem extension for AccountService allowing user to configure
which authentication methods should be enabled. User is now able
to turn on and off authentication methods like BasicAuth, XToken, etc.
User is not allowed to turn off all of the methods at once - at least
one method has to be active to prevent lock-out. This configuration
is persistent, will be saved on file-system and will be loaded on
bmcweb's restart.
Tested:
No regression found in manual testing. By default everything works as before,
and disabling auth method prevents user to authenticate by it. Tested that
user is not allowed to disable all the methods - either in one PATCH or by
disabling them one at a time.
ServiceValidator run with success.
Change-Id: I3a775d783ac05998d17b8e91800962bffd8cab52
Signed-off-by: Kowalski, Kamil <kamil.kowalski@intel.com>
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
xyz.openbmc_project.LED.Controller.identify does not exist in all systems.
Checking LED group enclosure_identify is generic and is expected to
indicate the Indicator LED state.
Remove LED physical identify related code to make it generic for all systems.
Tested:
$curl -k -H "X-Auth-Token: $token" -d "{\"data\": true}" -X PUT https://${bmc}/xyz/openbmc_project/led/groups/enclosure_identify/attr/Asserted
{
"data": null,
"message": "200 OK",
"status": "ok"
}
$ curl -k -H "X-Auth-Token: $token" X GET https://${bmc}/redfish/v1/Systems/system
{
"@odata.context": "/redfish/v1/$metadata#ComputerSystem.ComputerSystem",
"@odata.id": "/redfish/v1/Systems/system",
"@odata.type": "#ComputerSystem.v1_6_0.ComputerSystem",
"Actions": {
"#ComputerSystem.Reset": {
"ResetType@Redfish.AllowableValues": [
"On",
"ForceOff",
"ForceOn",
"ForceRestart",
"GracefulRestart",
"GracefulShutdown",
"PowerCycle",
"Nmi"
],
"target": "/redfish/v1/Systems/system/Actions/ComputerSystem.Reset"
}
},
"AssetTag": "",
"BiosVersion": "open-power-witherspoon-v2.3-rc2-390-g8db7a9e",
"Boot": {
"BootSourceOverrideEnabled": "Disabled",
"BootSourceOverrideMode": "Legacy",
"BootSourceOverrideTarget": "None",
"BootSourceOverrideTarget@Redfish.AllowableValues": [
"None",
"Pxe",
"Hdd",
"Cd",
"Diags",
"BiosSetup",
"Usb"
]
},
"Description": "Computer System",
"Id": "1069A8T ",
"IndicatorLED": "On",
"Links": {
"Chassis": [
{
"@odata.id": "/redfish/v1/Chassis/chassis"
}
],
"ManagedBy": [
{
"@odata.id": "/redfish/v1/Managers/bmc"
}
]
},
"LogServices": {
"@odata.id": "/redfish/v1/Systems/system/LogServices"
},
"Manufacturer": "",
"Memory": {
"@odata.id": "/redfish/v1/Systems/system/Memory"
},
"MemorySummary": {
"Status": {
"State": "Enabled"
},
"TotalSystemMemoryGiB": 0
},
"Model": "8286-42B ",
"Name": "system",
"PartNumber": "",
"PowerState": "Off",
"ProcessorSummary": {
"Count": 2,
"Status": {
"State": "Enabled"
}
},
"Processors": {
"@odata.id": "/redfish/v1/Systems/system/Processors"
},
"SerialNumber": "1069A8T ",
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Disabled"
},
"SystemType": "Physical"
}
The result of redfish Validator tool:
Counter Optional': 2480, 'metadataNamespaces': 1602, 'passGet': 191, 'serviceNamespaces': 69, 'invalidPropertyValue': 10, 'warningPresent': 6, 'passAction': 6, 'optionalAction': 5, 'warnDeprecated': 2, 'unverifiedComplexAdditional': 1})
Validation has succeeded.
Change-Id: Ie4b7931404fd072df4c6f215656436f07d3e4cde
Signed-off-by: Carol Wang <wangkair@cn.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Added OemComputerSystems Schema for provisioning properties
- Added "ProvisioningStatus" Oem property with EnumType
1) NotProvisioned
2) ProvisionedButNotLocked
3) ProvisionedAndLocked
Intel secures platform firmware components using Intel PFR mechanism.
This may differ for other Oem's(non-intel platforms) but the properties
like Provisioned, Locked states should be of generic as per NIST SP
800-193. Added build time flag to enable/disable PFR supported platforms.
Tested:
- By default provisioning feature is OFF, using GET method on below URI
verified Oem Property and observed no such property. This is default
behaviour on upstream.
URI: /redfish/v1/Systems/system
Response: No "Oem" property.
- Enabled provisioning feature in Intel platforms and Verified using Systems
URI. Ran the redfish validator tool and no new issues found due to this
change.
URI: /redfish/v1/Systems/system
RESPONSE:
.....
"Oem": {
"OpenBmc": {
"FirmwareProvisioning": {
"ProvisioningStatus": "NotProvisioned"
}
}
}
.....
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: I674e6075263f4fa2962637d3add47393a1ff0c0b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Message entry added for system interface mode (restriction mode),
which is part of
xyz/openbmc_project/Control/Security/RestrictionMode.interface.yaml.
These message entries are used to indicate system interface
restricted command excecution after BIOS POST.
Tested:
1. Redfish validator - passed for this new addition
2. Log will be as below
{
"@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry",
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/184",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "1970-01-01T00:03:04+00:00",
"EntryType": "Event",
"Id": "184",
"Message": "The system interface is in the unprovisioned state.",
"MessageArgs": [],
"MessageId": "OpenBMC.0.1.SystemInterfaceUnprovisioned",
"Name": "System Event Log Entry",
"Severity": "Critical"
},
{
"@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry",
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/198",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "1970-01-01T00:03:18+00:00",
"EntryType": "Event",
"Id": "198",
"Message": "The system interface is in the whitelist provisioned state.",
"MessageArgs": [],
"MessageId": "OpenBMC.0.1.SystemInterfaceWhitelistProvisioned",
"Name": "System Event Log Entry",
"Severity": "Warning"
},
{
"@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry",
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/204",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "1970-01-01T00:03:24+00:00",
"EntryType": "Event",
"Id": "204",
"Message": "The system interface is in the disabled provisioned state.",
"MessageArgs": [],
"MessageId": "OpenBMC.0.1.SystemInterfaceDisabledProvisioned",
"Name": "System Event Log Entry",
"Severity": "OK"
}
Change-Id: I0e5496c50280f4614d08182b7b13136d254e1d40
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
We had a couple uses of push_back in the code that could be made more
efficient with emplace(). Use them instead.
Tested: No functional change. Needs tested.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I417601e416b1d0be989617a372978d52670135d8
|
| |
|
|
|
|
|
|
|
|
|
|
| |
v1.10 of Chassis adds a PCIeDeviceCollection. This change adds
support for the PCIeDeviceCollection and references it from
Chassis.
Tested:
Passed the Redfish Service Validator.
Change-Id: If3bb75f4fa90a9df4a2a94a7c7e0bcaf37673723
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Tested:
Used Postman to send the LogService.ClearLog action on Crashdump
and verified that the existing logs were cleared and the next new
log started at ID 0.
Passed the Redfish Service Validator.
Change-Id: I9b895b3d2e1865add42e4c35c77f55c8832385da
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current Crashdump LogEntry contains non-standard properties
and could be very large causing problems for autoexpand.
This change uses a LogEntry OEM type to specify a URI where the
full log can be retrieved and enables autoexpand on the
LogEntryCollection.
Tested:
Passed the Redfish Service Validator.
Change-Id: I6a402d216e6d8228ea2825ab4c6d02b9c8023fc5
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
Tested:
Ran an on-demand crashdump and confirmed that the output is
correct.
Change-Id: I993a36d3a6966433cbc6ede9e2d0702b319e3fd0
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Message entry added for manufacturing mode entry and exit,
which is part of special mode property as defined in
xyz/openbmc_project/Control/Security/SpecialMode.interface.yaml.
These message entries are used to indicate whenever
SpecialMode state of the BMC is updated from normal value
and manufacturing mode and vice versa
Tested:
1. Redfish validator - passed for this new addition
2. Log will be as below
{
"@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry",
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/317",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "1970-01-01T00:05:17+00:00",
"EntryType": "Event",
"Id": "317",
"Message": "Entered Manufacturing Mode.",
"MessageArgs": [],
"MessageId": "OpenBMC.0.1.ManufacturingModeEntered",
"Name": "System Event Log Entry",
"Severity": "Critical"
},
{
"@odata.context": "/redfish/v1/$metadata#LogEntry.LogEntry",
"@odata.id": "/redfish/v1/Systems/system/LogServices/EventLog/Entries/899",
"@odata.type": "#LogEntry.v1_4_0.LogEntry",
"Created": "1970-01-01T00:14:59+00:00",
"EntryType": "Event",
"Id": "899",
"Message": "Exited Manufacturing Mode.",
"MessageArgs": [],
"MessageId": "OpenBMC.0.1.ManufacturingModeExited",
"Name": "System Event Log Entry",
"Severity": "OK"
}
Change-Id: I182eeedb6860a3abcd4054caa431150ed073fbad
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
We had a couple places where the c style headers got checked in for
Tested: Code builds.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Iebfbd846033618ff972825a0a9f89e8d05395ce8
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds support for SET DBUS properties "Enabled"
and "ExpireAction" for WatchDogTimer in the Redfish ComputerSystems schema.
FunctionEnabled values can be false/true .
TimeoutAction values can be "None","PowerCycle","PowerDown","ResetSystem".
Tested:
Modify the watchdog properties:
curl --noproxy $BMCIP -k -H "Content-Type: application/json" -X PATCH \
https://root:0penBmc@$BMCIP/redfish/v1/Systems/system -d \
'{"WatchdogTimer":{"FunctionEnabled": false,"TimeoutAction": "PowerCycle"}}'
Check them:
curl --noproxy $BMCIP -k -H "Content-Type: application/json" -X GET \
https://root:0penBmc@$BMCIP/redfish/v1/Systems/system
ipmitool mc watchdog get
Signed-off-by: Yong Li <yong.b.li@linux.intel.com>
Change-Id: Ie41232a56b3d0a62be76ae27d6ded8920f7b9407
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add HostWatchdogTimer attribute in redfish
Based on redfish spec, add HostWatchdogTimer property in
redfish/v1/Systems/system.
This object describes the Host Watchdog Timer functionality,
including FunctionEnabled, Status and TimeoutActionproperties:
"HostWatchdogTimer": {
"FunctionEnabled": false,
"Status": {
"State": "Enabled"
},
"TimeoutAction": "None"
}
Tested:
Validator checking for HostWatchdogTimer in below test cases:
Set different timeout actions reset|poweroff|cycle|none:
ipmitool mc watchdog set action=reset timeout=1000 int=msg use=oem
Start watchdog: ipmitool mc watchdog reset
ComputerSystem.v1_5_0.ComputerSystem:HostWatchdogTimer
value: OrderedDict([('FunctionEnabled', False),
('Status', OrderedDict([('State', 'Enabled')])),
('TimeoutAction', 'None')]) <class 'collections.OrderedDict'>
has Type: ComputerSystem.v1_5_0.WatchdogTimer complex
is Optional
***going into Complex
ComputerSystem.v1_5_0.WatchdogTimer:FunctionEnabled
value: False <class 'bool'>
has Type: Edm.Boolean Edm.Boolean
Mandatory Test: OK
permission OData.Permission/ReadWrite
Success
ComputerSystem.v1_5_0.WatchdogTimer:WarningAction
value: n/a <class 'str'>
has Type: ComputerSystem.v1_5_0.WatchdogWarningActions enum
is Optional
prop Does not exist, skip...
ComputerSystem.v1_5_0.WatchdogTimer:TimeoutAction
value: None <class 'str'>
has Type: ComputerSystem.v1_5_0.WatchdogTimeoutActions enum
Mandatory Test: OK
permission OData.Permission/ReadWrite
Success
ComputerSystem.v1_5_0.WatchdogTimer:Status
value: OrderedDict([('State', 'Enabled')])
<class 'collections.OrderedDict'>
has Type: Resource.Status complex
is Optional
***going into Complex
Resource.Status:State
value: Enabled <class 'str'>
has Type: Resource.State enum
is Optional
permission OData.Permission/Read
Success
HostWatchdogTimer.FunctionEnabled PASS
HostWatchdogTimer.WarningAction Optional
HostWatchdogTimer.TimeoutAction PASS
HostWatchdogTimer.Status complex
HostWatchdogTimer.Status.State PASS
Watchdog service is stopped, no such property in redfish
Change-Id: I883e4b739a3fe525080ed486d2ca8e461fddf212
Signed-off-by: Yong Li <yong.b.li@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These fields were missing Health. Add health objects
to get the health associated with these items. Also update
the health object to be able to add more than the 'main'
health for a url, by allowing passing a json reference.
Also, add a 'children' vector of more shared_ptr<HealthPopulate>
so we don't double up on d-bus calls.
Tested:
"MemorySummary": {
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Disabled"
},
"TotalSystemMemoryGiB": 0
},
"Model": "S2600WFT",
"Name": "system",
"PartNumber": "..........",
"PowerState": "On",
"ProcessorSummary": {
"Count": 2,
"Model": "Intel Xeon processor",
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Enabled"
}
},
Change-Id: I06f802da93a44cfbac40b63d507e3b9faf0c999a
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the xyz.openbmc_project.Drive.State has rebuilding
set true, make the state Updating.
Tested:
{
"@odata.context": "/redfish/v1/$metadata#Drive.Drive",
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_1",
"@odata.type": "#Drive.v1_2_0.Drive",
"Id": "Drive_1",
"Manufacturer": "INTEL",
"Model": "P4800X",
"Name": "Drive_1",
"PartNumber": "INTEL SSDPE21K375GA",
"SerialNumber": "PHKE722600NL375AGN",
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Updating"
}
}
Change-Id: I401e5a8c416d969831cebde8b5b0723f41c3e1c7
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This takes the original commit below and updates it so that it
passes the validatior, and provides the Status attribute in
redfish when appropriate.
Tested: Passed the validator
{
"@odata.context": "/redfish/v1/$metadata#Drive.Drive",
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Drive/Drive_2",
"@odata.type": "#Drive.v1_2_0.Drive",
"Id": "Drive_2",
"Manufacturer": "INTEL",
"Model": "P4800X",
"Name": "Drive_2",
"PartNumber": "INTEL SSDPE21K375GA",
"SerialNumber": "PHKE722600NL375AGN",
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Enabled"
}
}
Original Commit Message:
-------------------------------------------------------------------
Add Storage Schema for NVMe on Redfish
This provides an implementation for the Get methods for the Storage
schemas using following classes :
- StorageCollection
- Storage
Tested:
- Ran Redfish Service Validator to verify no issues are reported.
- Tested that the NVMe drives in the system show up and proper fields
are populated with appropriate data.
- Tested with no drives present. Made sure the Storage interface shows
no drives and Drive interface returns error message.
Change-Id: Id0306ea413ac16a993110bb1a36cd95d939cff71
Signed-off-by: Nikhil Potade <nikhil.potade@linux.intel.com>
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
Typo correction: 'refish' to "redfish"
Tested:
Checked chassis URI and observed correct spelling.
Change-Id: Ic09ab11acd47fdf45fadc485df9c1fd03c0ee4fb
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
v1.4 of PCIe Devices changed from an array of Links to PCIeFunctions
to a PCIeFunctionCollection. This change adds support for the
PCIeFunctionCollection and references it from the PCIeDevices.
Tested:
Passed the Redfish Service Validator.
Change-Id: I76f0265c588b52bd02a35bf669ae6edacfb6c2a4
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per redfish specification (DSP0266), there are
set of predefined privilege roles. In OpenBMC code
has "User" as role name instead of "ReadOnly".
So corrected the same. Updated Redfish.md accordingly.
Spec says:
Role Name = "ReadOnly"
▪ AssignedPrivileges = Login, ConfigureSelf
Tested:
- Role collection shows new role.
- GET on /redfish/v1/AccountService/Roles/ReadOnly
URI shows correct AssignedPrivileges.
- Ran negative test with /redfish/v1/AccountService/Roles/User
and observed error(404 - Not Found).
- Ran Redfish validator and no new issues observed.
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: I7b0132c628fb4950b6ec095269cd1a12e92aea9a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
WebUI
When BMCWEB_ENABLE_REDFISH_DBUS_LOG_ENTRIES option set to ON that means bmcweb will look to phosphor-logging for any D-Bus log entries.
These will then be translated to Redfish EventLog Entries. Thus, we can see those Redfish Eventlog Entries when select "Event" system log type in System logs page.
However, when this option set to ON, the "Clear Event Logs" functionality still clear /var/log/redfish file instead of
clear log through xyz.openbmc_project.Collection.DeleteAll interface by DeleteAll action.
It should to clear D-Bus log entries when BMCWEB_ENABLE_REDFISH_DBUS_LOG_ENTRIES option is ON.
Thus, we provide our modification for correct this functionality behavior.
Tested by: Nuvoton NPCM750 EVB and RunBMC Olympus platforms in WebUI.
when BMCWEB_ENABLE_REDFISH_DBUS_LOG_ENTRIES option is ON to clear D-Bus log entries,
and when option is OFF to clear /var/log/redfish log entries.
Signed-off-by: Tim Lee <timlee660101@gmail.com>
Change-Id: I71445806ae5a79c2c0622908f7ac60daaa2119b8
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recently, a number of people in the community have made the (admittedly
easy) mistake that we use a significant portion of crow.
Today, we use crow for the router, and the "app" structure, and even
those have been significantly modified to meet the bmc needs. All other
components have been replaced with Boost beast. This commit removes the
crow mentions from the Readme, and moves the crow folder to "http" to
camouflage it a little. No code content has changed.
Tested:
Code compiles. No functional change made to any executable code.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Iceb57b26306cc8bdcfc77f3874246338864fd118
|
| |
|
|
|
|
|
|
|
|
|
| |
All messages are ordered in alphabetical with MessageID.
Correct message of physical security to right place.
Tested:
The LAN lost message is correct when unplug network cable of dedicate NIC
Change-Id: If1e2c6aca45f393690de743acbe927957ecedee3
Signed-off-by: Qiang XU <qiang.xu@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
Before:
"Got 71led group objects"
Tested: Built bmcweb with DCMAKE_BUILD_TYPE=Debug.
Change-Id: I80f7613c338e9fd16b2335ca0adc935dfa142a51
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Trailing slash warnings now show up in the validator report, so
fix this one.
Tested:
Passed the Redfish Service Validator.
Change-Id: I8db7eb488b44eba9510ae4e1071b2da15eaa22c1
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added handling for POSTing certificates the Redfish way (as proper JSON).
Currently it was only possible to add certificate as a RAW certificate in
request body. Now user is able to add it as
{
"CertificateType": "PEM",
"CertificateString": "..."
}
as well as previously in RAW form.
Tested:
- Uploading certificates in RAW form
- Uploading certificates in JSON form
- In case of malformend reqeust a propser error message is returnd.
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: Iab563964102b0a1a351cb0bb1ea181643da33480
|
| |
|
|
|
|
|
|
|
|
|
| |
-werror on the newest version of GCC finds even more stuff than was
found before. Fix all of them.
Tested: No functional change. In theory these cases can't occur unless
a dbus interface is broken.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Id11e29e4851075b511e69cbc006aa8d7e1e229f0
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In the case of non-updatable firmware entities, the State variable was
not getting populated due to a poorly handled error condition.
This resolves it, and assumes non-updatable entities are just "Enabled"
Tested: Need help here. I'm not able to reproduce the original issue
on my system, so need someone else to test that this resolves it.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Ibd5db741cb8b0b2451a04fe14157dc1d3cbbcc03
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This review is a fix for changes in Install API.
See review:
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-certificate-manager/+/25634
Tested: Tested manaually, the POST method on certificate collection returns ID
of created certificate.
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Depends-On: Ic8ab545c931d89a022acdabd5a755e3bf39e5a79
Change-Id: I70c449600623e4f1eabf63c23163683f6f513d43
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
using the list of warnings from here:
https://github.com/lefticus/cppbestpractices/blob/e73393f25a85f83fed7399d8b65cb117d00b2231/02-Use_the_Tools_Available.md#L100
Seems like a good place to start, and would improve things a bit
type-wise. This patchset attempts to correct all the issues in one
shot.
Tested:
It builds. Will test various subsystems that have been touched
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I588c26440e5a97f718a0f0ea74cc84107d53aa1e
|
| |
|
|
|
|
|
|
|
|
| |
Expand the path to a larger namespace, and allow non
updateable interfaces to not error out.
Tested: More interfaces appeared without error
Change-Id: I4a6e3092c868cb5f3fe66401269d5c99f69328c8
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Not all firmware is updateable, rename it to make sense.
Tested:
"Description": "ME image"
Change-Id: I7f78032726e9e102e9626ae1c788b7be30db2651
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
| |
Now we support up to 4 concurrent KVM sessions so this commit fixes
'MaxConcurrentSessions' property of 'GraphicalConsole'.
Change-Id: Id225247dcb2d0b884a8a41253863294385268585
Signed-off-by: Jae Hyun Yoo <jae.hyun.yoo@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the ethernet interface is having the domain
name entry then Redfish GET request on network
manager protocol was crashing the bmcweb.
This commit fixes this behaviour.
Tested By:
Configure the Domain Name and run the GET request
on the network protocol: PASS
GET request on the network protocol even the
domain name was not configured : PASS
Redfish Validator: PASS
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: I1e6cd6e3fe507ff375463ece1f6f10bae4d4fb6a
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit e56c7b7092298c609831a65bcc8c21e62d422ba7.
Reason for revert: /redfish/v1/Systems/1 returns no result. This should've been flagged in service validator, but the commit mentions that test was run, so it's not clear how this was missed.
Reverting for a moment until we can determine what happened.
Change-Id: I276d4cd239adb87b77264bc65ab4856705274ff0
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This provides an implementation for the Get methods for the Storage
schemas using following classes :
- StorageCollection
- Storage
Tested:
- Ran Redfish Service Validator to verify no issues are reported.
- Tested that the NVMe drives in the system show up and proper fields
are populated with appropriate data.
- Tested with no drives present. Made sure the Storage interface shows
no drives and Drive interface returns error message.
Signed-off-by: Nikhil Potade <nikhil.potade@linux.intel.com>
Change-Id: I9fa9f4cd69fe07cde15604c5405a6987774065fd
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added the Sensor Threshold properties:
UpperCritical
LowerCritical
UpperCaution
LowerCaution
Sample Output: curl -k -H "X-Auth-Token: $bmc_token" -X GET https://${bmc}/redfish/v1/Chassis/chassis/Sensors/p1_vdd_current
{
"@odata.context": "/redfish/v1/$metadata#Sensor.Sensor",
"@odata.id": "/redfish/v1/Chassis/chassis/Sensors/p1_vdd_current",
"@odata.type": "#Sensor.v1_0_0.Sensor",
"Id": "p1_vdd_current",
"Name": "p1 vdd current",
"Reading": 0.0,
"ReadingRangeMax": 0.0,
"ReadingRangeMin": 0.0,
"ReadingUnits": "Amperes",
"Status": {
"Health": "Critical",
"State": "Enabled"
},
"Thresholds": {
"LowerCaution": {
"Reading": 0.0
},
"LowerCritical": {
"Reading": 0.0
},
"UpperCaution": {
"Reading": 320.0
},
"UpperCritical": {
"Reading": 360.0
}
}
}
Change-Id: Ia76ff1308653ece90830a06333611960da43cb57
Signed-off-by: Anthony Wilson <wilsonan@us.ibm.com>
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added PATCH operation support for RemoteRoleMapping property under
LDAP/ActiveDirectory property in AccountService schema.
1. How to add the Role Mapping?
PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{"RemoteGroup":
"Admingroup15","LocalRole": "User"},{"RemoteGroup": "Admingroup13",
"LocalRole": "Administrator"},{"RemoteGroup": "Admingroup14",
"LocalRole": "Operator"}]}}
With the above PATCH request, all the above role mapping gets added.
2. How to delete a specific role mapping?
After adding the above roles mapping, if user want to delete the second mapping
which is ({"RemoteGroup": "Admingroup13", "LocalRole": "Administrator"})
Following PATCH request would be used.
PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{},null,{}]}}
3. How to update specific role mapping ?
Let's take a case where user want to update the second role mapping
PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{},{"RemoteGroup":"Admingroup25","LocalRole": "User"},{}]}}
or
PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{},{"RemoteGroup":"Admingroup25"},{}]}} and \
PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{},{"LocalRole": "User"},{}]}}
Tested:
1. Did a PATCH operation with below given Data:
' {"ActiveDirectory":{"RemoteRoleMapping": [{"RemoteGroup": "Admingroup215","LocalRole": "User"}, \
{"RemoteGroup": "Admingroup213","LocalRole":"Administrator"},{"RemoteGroup":"Admingroup214","LocalRole":"Operator"}]}}'
2. With GET got below given data:
"RemoteRoleMapping": [
{
"LocalRole": "Operator",
"RemoteGroup": "Admingroup214"
},
{
"LocalRole": "Administrator",
"RemoteGroup": "Admingroup213"
},
{
"LocalRole": "User",
"RemoteGroup": "Admingroup215"
}
],
3. Did a PATCH operation with below given Data:
'{"ActiveDirectory":{"RemoteRoleMapping": [{},null,{}]}}'
4. With GET got below given data:
"RemoteRoleMapping": [
{
"LocalRole": "Operator",
"RemoteGroup": "Admingroup214"
},
{
"LocalRole": "User",
"RemoteGroup": "Admingroup215"
}
],
5. Did a PATCH operation with below given Data:
'{"ActiveDirectory":{"RemoteRoleMapping": [null,null]}}'
6. With GET got below given data:
"RemoteRoleMapping": []
7. Did a PATCH operation with below given Data:
'{"ActiveDirectory":{"RemoteRoleMapping": [{"RemoteGroup": "Admingroup215","LocalRole": "User"}, \
{"RemoteGroup": "Admingroup213","LocalRole":"Administrator"},{"RemoteGroup":"Admingroup214","LocalRole":"Operator"}]}}'
8. With GET got below given data:
"RemoteRoleMapping": [
{
"LocalRole": "Administrator",
"RemoteGroup": "Admingroup213"
},
{
"LocalRole": "Operator",
"RemoteGroup": "Admingroup214"
},
{
"LocalRole": "User",
"RemoteGroup": "Admingroup215"
}
],
9. Did a PATCH operation with below given Data:
'{"ActiveDirectory":{"RemoteRoleMapping": [{"RemoteGroup": "Admingroup25"},{},{}]}}'
10.With GET got below given data:
"RemoteRoleMapping": [
{
"LocalRole": "Administrator",
"RemoteGroup": "Admingroup25"
},
{
"LocalRole": "Operator",
"RemoteGroup": "Admingroup214"
},
{
"LocalRole": "User",
"RemoteGroup": "Admingroup215"
}
],
11. Did a PATCH operation with below given Data:
'{"ActiveDirectory":{"RemoteRoleMapping": [{"LocalRole": "User"},{},{}]}}'
12.With GET got below given data:
"RemoteRoleMapping": [
{
"LocalRole": "User",
"RemoteGroup": "Admingroup25"
},
{
"LocalRole": "Operator",
"RemoteGroup": "Admingroup214"
},
{
"LocalRole": "User",
"RemoteGroup": "Admingroup215"
}
],
13. Did a PATCH operation with below given Data:
'{"ActiveDirectory":{"RemoteRoleMapping": [{},{"RemoteGroup": "Admingroup26","LocalRole": "User"},{}]}}'
14.With GET got below given data:
"RemoteRoleMapping": [
{
"LocalRole": "User",
"RemoteGroup": "Admingroup25"
},
{
"LocalRole": "User",
"RemoteGroup": "Admingroup26"
},
{
"LocalRole": "User",
"RemoteGroup": "Admingroup215"
}
],
15. Try to delete the role map when there was no role map entry and get the following error.
"RemoteRoleMapping/1@Message.ExtendedInfo": [
{
"@odata.type": "/redfish/v1/$metadata#Message.v1_0_0.Message",
"Message": "The value null for the property RemoteRoleMapping/0 is of a different type than the property can accept.",
"MessageArgs": [
"null",
"RemoteRoleMapping/0"
],
"MessageId": "Base.1.4.0.PropertyValueTypeError",
"Resolution": "Correct the value for the property in the request body and resubmit the request if the operation failed.",
"Severity": "Warning"
}
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: Iaa37221bd6fdc87dbf51755d9425ecd5b07eee6c
|
| |
|
|
|
|
|
|
|
|
|
| |
Add collection of all power and current sensors.
Testing: Verified SensorCollection and Sensor output
on a Witherspoon system.
Verified no errors from RedfishServiceValidator.
Change-Id: Icfdc14d738bf037d5d599a3c6fc0be5ea0919929
Signed-off-by: Anthony Wilson <wilsonan@us.ibm.com>
|
