diff options
| -rw-r--r-- | apphandler.cpp | 15 | ||||
| -rw-r--r-- | configure.ac | 11 |
2 files changed, 25 insertions, 1 deletions
diff --git a/apphandler.cpp b/apphandler.cpp index 09b1c2f..392d68a 100644 --- a/apphandler.cpp +++ b/apphandler.cpp @@ -60,6 +60,7 @@ using Activation = using BMC = sdbusplus::xyz::openbmc_project::State::server::BMC; namespace fs = std::filesystem; +#ifdef ENABLE_I2C_WHITELIST_CHECK typedef struct { uint8_t busId; @@ -78,7 +79,6 @@ static std::vector<i2cMasterWRWhitelist>& getWRWhitelist() static constexpr const char* i2cMasterWRWhitelistFile = "/usr/share/ipmi-providers/master_write_read_white_list.json"; -static constexpr uint8_t maxIPMIWriteReadSize = 144; static constexpr const char* filtersStr = "filters"; static constexpr const char* busIdStr = "busId"; static constexpr const char* slaveAddrStr = "slaveAddr"; @@ -86,6 +86,8 @@ static constexpr const char* slaveAddrMaskStr = "slaveAddrMask"; static constexpr const char* cmdStr = "command"; static constexpr const char* cmdMaskStr = "commandMask"; static constexpr int base_16 = 16; +#endif // ENABLE_I2C_WHITELIST_CHECK +static constexpr uint8_t maxIPMIWriteReadSize = 144; /** * @brief Returns the Version info from primary s/w object @@ -1013,6 +1015,7 @@ writeResponse: return IPMI_CC_OK; } +#ifdef ENABLE_I2C_WHITELIST_CHECK inline std::vector<uint8_t> convertStringToData(const std::string& command) { std::istringstream iss(command); @@ -1161,6 +1164,14 @@ static bool isCmdWhitelisted(uint8_t busId, uint8_t slaveAddr, } return false; } +#else +static bool populateI2CMasterWRWhitelist() +{ + log<level::INFO>( + "I2C_WHITELIST_CHECK is disabled, do not populate whitelist"); + return true; +} +#endif // ENABLE_I2C_WHITELIST_CHECK /** @brief implements master write read IPMI command which can be used for * low-level I2C/SMBus write, read or write-read access @@ -1194,6 +1205,7 @@ ipmi::RspType<std::vector<uint8_t>> log<level::ERR>("Master write read command: Read & write count are 0"); return ipmi::responseInvalidFieldRequest(); } +#ifdef ENABLE_I2C_WHITELIST_CHECK if (!isCmdWhitelisted(static_cast<uint8_t>(busId), static_cast<uint8_t>(slaveAddr), writeData)) { @@ -1202,6 +1214,7 @@ ipmi::RspType<std::vector<uint8_t>> entry("ADDR=0x%x", static_cast<uint8_t>(slaveAddr))); return ipmi::responseInvalidFieldRequest(); } +#endif // ENABLE_I2C_WHITELIST_CHECK std::vector<uint8_t> readBuf(readCount); std::string i2cBus = "/dev/i2c-" + std::to_string(static_cast<uint8_t>(busId)); diff --git a/configure.ac b/configure.ac index 5ed0506..b759320 100644 --- a/configure.ac +++ b/configure.ac @@ -25,6 +25,17 @@ AM_PROG_AR AC_PROG_INSTALL AC_PROG_MAKE_SET +# Add an option to enable/disable i2c master write read command white list checking +AC_ARG_ENABLE([i2c-whitelist-check], + AS_HELP_STRING([--disable-i2c-whitelist-check], [Disable I2C master write read command white list check. [default=enable]]) +) +AS_IF([test "x$enable_i2c_whitelist_check" != "xno"], + AC_MSG_NOTICE([Enabling I2C master write read command white list check]) + [cpp_flags="-DENABLE_I2C_WHITELIST_CHECK"] + AC_SUBST([CPPFLAGS], [$cpp_flags]), + AC_MSG_WARN([Disabling I2C master write read command white list check]) +) + # softoff dir specific ones AC_ARG_ENABLE([softoff], AS_HELP_STRING([--enable-softoff], [Builds soft power off]) |
