| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Filters are executed first and the actual ipmi command handler will not
execute if the filter rejects it for any reason.
However, if a filter returns a value for a command that is not even
implemented, the old logic would return that value instead of command
not implemented (C1h). This is incorrect behavior.
This fix will run the filter and then check to see if the command is
registered. If the command is registered AND the filter has returned
some error, only then will the filter error get returned. If the command
is registered and the filter returns no error, the command is executed.
If the command is not registered, C1h is returned, as per the spec.
Tested:
1) Add some bogus command definitions to the whitelist filter
2) Run the bogus command
3) See that C1h is returned, not insufficient privilege
Change-Id: I069df8f47a169d6b2961460a561bf9cae6ae285c
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
The original implementation of the oem routing is not needed anymore. It
was rewritten via the legacy oem routing mechanism as part of the ipmi
architecture rewrite.
Change-Id: I815e5d116cc02092887ce0342d499aff26988aac
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
The default action is to return Command Not Found, which is exactly what
the wildcard handlers are doing. This just removes that extra code that
is not needed.
Change-Id: I0a25153395858efcdf56384ececaabc7eaf4e1af
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not all users of ipmid want to use the whitelist. Or they want to have
their own that behaves differently. This change makes it so one can
disable the built-in whitelist so that OEMs can substitute their own
custom filtering or use none at all.
To disable the whitelist, pass --disable-ipmi-whitelist to configure.
This can be done in Yocto via a bbappend for phosphor-ipmi-host:
EXTRA_OECONF_append = " --disable-ipmi-whitelist"
Tested: Built with and without the whitelist enabled to ensure that the
whitelist is present when expected to be.
Change-Id: I63f317b6c29ca73cc3296bb2fe38f836004ec35d
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Assigning static IP addresses, subnet masks, and gateway values to a
DHCP enabled NIC should be flagged with an error response to indicate
the operation was not completed successfully.
Tested:
Used some raw commands to witness the return code directly
-- Enable DHCP for NIC 3
ipmitool lan set 3 ipsrc dhcp
-- Assign a static IPv4 Address, expect a failure
ipmitool raw 0xc 1 3 3 192 168 20 12 # returns 0xd5 error message
-- Assign a static IPv4 Subnet mask, expect a failure
ipmitool raw 0xc 1 3 6 255 255 255 0 # returns 0xd5 error message
-- Assign a static IPv4 Gateway, expect a failure
ipmitool raw 0xc 1 3 12 192 168 20 1 # returns 0xd5 error message
-- Enable Static address assignment for NIC 3
ipmitool lan set 3 ipsrc static
-- Assign a static IPv4 Address, expect success
ipmitool raw 0xc 1 3 3 192 168 20 12 # returns successfully
-- Assign a static IPv4 Subnet mask, expect success
ipmitool raw 0xc 1 3 6 255 255 255 0 # returns successfully
-- Assign a static IPv4 Gateway, expect success
ipmitool raw 0xc 1 3 12 192 168 20 1 # returns successfully
IPv4 settings have been updated.
Change-Id: I807ec45a0c86b33dd46bfeb64724b91d5afad408
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
| |
|
|
|
|
|
| |
See https://lists.ozlabs.org/pipermail/openbmc/2020-January/020345.html
Signed-off-by: Emily Shaffer <emilyshaffer@google.com>
Change-Id: Idbb3ffeb3041acacbdcdb0ce40e02c9059929fa5
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Function must assume that object path without any network name
may be advertised, and must handle the condition accordingly.
Tested:
1. Verified that ipmi user is properly enabled with channel
based permission and it works fine.
Change-Id: Id51f09bb7c19a9750cb06c2c55f7271afc6b1d2a
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Function must assume that object path without user name may exist,
and must handle the condition accordingly.
Tested:
1. Verified when InterfacesAdded signal sent out from Phosphor-user-manager
under base user object for global attributes, ipmid is not crashed.
Resolves openbmc/phosphor-net-ipmid#10
Change-Id: Ib19af7ca8f05fd9f4553010caf347c677d9897e2
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
Fixed wrong log entry tags to list the entries properly.
Tested: Verified it is comming in journalctl logs
Change-Id: I5352f9f87eb43414b4b04335ba43219e452785c6
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When phosphor-user-manager is started later than ipmid,
then ipmid misses to get the AvailableGroups list from
phosphor-user-manager. Further creation of user through ipmi
will end up creating user which doesn't belong to any group
at all. This fixes, by making sure, ipmi creates user only
if ipmi group is in available groups lists, and will do
re-query if it is empty.
Tested:
1. Verified the user creation behaviour with having dependency to
phosphor-user-manager and without.
2. Manually tested the following.
a. Stopped phosphor-user-manager & all ipmi
b. Started phosphor-host-ipmid
c. started phosphor-user-manager
d. using ipmitool user set name created user and verified that it
belongs to proper group as expected.
Change-Id: I5810babda0e70eb7b6bca577af2031da90dbb068
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When dependency with phosphor-user-manager is removed from host-ipmid,
both the daemons can start on it's own pace, causing host-ipmid to
miss both GetManagedObjects query and signal capture, as host-ipmid
is busy in doing the initialization. Updated code, such that user
initialization is posted and executed as part of io schedule.
Tested:
1. Verified that user list are properly listed after this change.
Note: Also, performed following tests to determine the order didn't cause any
problem. Verified with both ipmi_user.json deleted and preserved.
2. Started phosphor-user-manager after host-ipmid
3. Re-started phosphor-user-manager.
4. Started phosphor-host-ipmid after phosphor-user-manager.
5. Restarted phosphor-host-ipmid.
6. Added sleep code to force the scenario of GetManagedObjects fails, and
signals are captured. and GetManagedObject passes (when both are started).
Change-Id: Id5cc6ada6dd3472ddfd8803c49cd4a2a7fb6c58b
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, signal handler are registered after the GetManagedObjects
query. This may miss any signals generated in-between this time. Correct
flow must be to register for the signal first, followed by
GetManagedObjects query.
Tested:
1. Verified that user list are properly listed after this change.
Note: Also, performed following tests to determine the order didn't cause any
problem. Verified with both ipmi_user.json deleted and preserved.
2. Started phosphor-user-manager after host-ipmid.
3. Re-started phosphor-user-manager.
4. Started phosphor-host-ipmid after phosphor-user-manager.
5. Restarted phosphor-host-ipmid.
Change-Id: I124b5e96672e0456289bca7a2b889e4b897c0545
Signed-off-by: arun-pm <arun.p.m@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Requesting the bus name & sending out InterfacesAdded signal earlier
causes phosphor-mapper introspect to fail, as ipmi command handler
registration & initialization was in progress before hitting io->run().
Hence moved the code to advertise about D-Bus signal, once ipmid is done
with init & registration. This fixes phosphor-mapper timeout.
Tested:
1. Verified that phosphor-mapper timeout doesn't happen, even when
there is delay in cmd handler registrations etc.
Change-Id: I3bb565c0e39f2604dde30e21b9539ce88b73cb0e
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rewrite "get chassis capabilities" command to use newly introduced
IPMI provider API.
Tested:
verified using ipmitool raw command.
Command: ipmitool raw 0x00 0x00 // get chassis capabilities command
Response: 06 20 20 20 20 20
Change-Id: I16f7efec58f438f1f04392b246b27ab665a65ed5
Signed-off-by: anil kumar appana <anil.kumarx.appana@intel.com>
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Issue: In Set LAN configuration, able to set VLAN ID out its range.
Fix: Added proper conditions to validate the request.
Tested:
//Setting the VLAN with invalid VLAN ID (4096)
ipmitool -I lanplus -U root -P 0penBmc -H <ip> raw 0x0c 0x01 0x01 0x14 0x00 0x90
0xCC //Invalid data field in request
//Setting the VLAN ID reserved bits with VLAN ID disable
ipmitool -I lanplus -U root -P 0penBmc -H <ip> raw 0x0c 0x01 0x01 0x14 0x00 0x70
0xCC //Invalid data field in request
//Setting the VLAN ID reserved bits with VLAN ID enabled
ipmitool -I lanplus -U root -P 0penBmc -H <ip> raw 0x0c 0x01 0x01 0x14 0x00 0xf0
0xCC //Invalid data field in request
Signed-off-by: Rajashekar Gade Reddy <raja.sekhar.reddy.gade@linux.intel.com>
Change-Id: I03987cff13845bdfb7156367fedee3d78b957651
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Rewrite "Read FRU Data" command to new IPMI provider API.
Tested:
1. verified Read FRU data is same both before and after the changes
ipmitool raw 0x0a 0x11 0x74 58 00 3 //request
03 32 36 31 //response
Signed-off-by: anil kumar appana <anil.kumarx.appana@intel.com>
Change-Id: I3bd497068462ee97a7b3fe648c3b0727f998bb0b
|
| |
|
|
|
|
|
|
|
|
|
|
| |
There were a few cases where a service action was reported because the
watchdog service was not present. It was because of a race condition where
the power down operation is trigerred and the watchdog service is shutdown
but if was followed by a watchdog reset. Since the watchdog service is absent
it resulted in an error log which calls for serviceable action. The IPMI error
response code will report the failure to the host platform software.
Change-Id: Iaf0a860b53fbd85dc451fc4d4a337406ba74e0d6
Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Issue: set lan command for MAC address parameter returns invalid
completion code for invalid MAC address.
Fix: added proper conditional check.
Tested:
Note:
While setting the mac addr using "ipmitool lan set 1 macaddr <mac_addr>"
internaly tool valiadtes the completion code and shows generic error.
Previouly the completion code is 0XFF(unspecified error) and now it
returns 0xCC(Invalid data field in request).
// setting mac addr to 00:00:00:00:00:00(invalid)
ipmitool lan set 1 macaddr "00:00:00:00:00:00"
Setting LAN MAC Address to 00:00:00:00:00:00
LAN Parameter Data does not match! Write may have failed.
// setting mac addr to FF:FF:FF:FF:FF:FF(invalid)
ipmitool lan set 1 macaddr "FF:FF:FF:FF:FF:FF"
Setting LAN MAC Address to ff:ff:ff:ff:ff:ff
LAN Parameter Data does not match! Write may have failed.
// setting mac addr to "2a:6c:72:42:f3:a4"(valid)
ipmitool lan set 1 macaddr "2a:6c:72:42:f3:a4"
Setting LAN MAC Address to 2a:6c:72:42:f3:a4
Signed-off-by: Rajashekar Gade Reddy <raja.sekhar.reddy.gade@linux.intel.com>
Change-Id: I4de54e68a7bb5ff2c64f515e40d06c59535825e5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The SetWatchdog function currently sets the intervals and then the time
remaining on the watchdog. It uses the user provided interval for both
values. Recently, the watchdog was extended to allow for the interval to
be capped above a certain value to prevent the user from setting
watchdogs that are known to be too short. In order to keep the
timeRemaining in sync with the value in the watchdog, just use the
resetTimeRemaining() function which reads the current interval to set
the timeRemaining.
Change-Id: I3f15030a85c625fcb1ed8040add03496618a5ece
Signed-off-by: William A. Kennington III <wak@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Set LAN Configuration IP Source command has reserved bits. Check
to make sure none of the bits are set. Return a 0xcc code when any of
them are.
Tested:
for val in $(seq 64 16 240)
do
ipmitool raw 0xc 1 3 4 $val
done
Each iteration returned a 0xcc code.
Used the "raw" style, as the "lan set" commands will not use the
invalid values.
Change-Id: I77f007453a3bede7424b0ccad9c5cb9bad9e8fe0
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Currently, on start if services aren't avaialble ipmid
throws and crashes. This changes the lookup of settings
to when the command is actually called.
Tested: ipmi chassis status still works
Change-Id: I2106270d3f6f6bdd02ad67f7dface3bf04f98a3d
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Rewrite "Get sensor threshold" command to use the newly
introduced IPMI provider API.
Tested:
verified using ipmitool sensor commands.
Change-Id: Icdbb0e7b6964e52e9fe6d58d80694b2d3faa59d2
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
This change adds basic IPv6 support, with a focus on being able to
configure static addresses and routers. The support for dynamic
configuration is unfortunately tied to IPv4 at the dbus network
interface level, so we can't decouple those settings here.
Change-Id: I72842a374c40a1537437a597020ea898961d67d7
Signed-off-by: William A. Kennington III <wak@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rewrite "set acpi power state" command to use the newly
introduced ipmi provider API.
Tested:
verified ipmitool set/get acpi power state status is same both
before and after the changes
Command : ipmitool raw 0x06 0x07 // get acpi
Response: 05 03
Command: ipmitool raw 0x06 0x06 0x87 0x82 //set acpi
Response:
Command: ipmitool raw 0x06 0x07 // get acpi
Response: 07 02
Command: ipmitool raw 0x06 0x06 0x88 0x83 // set acpi
Response:
Command: ipmitool raw 0x06 0x07 // get acpi
Response: 08 03
Signed-off-by: Deepak Kumar Sahu <deepakx.sahu@intel.com>
Change-Id: I7dc6edf3d3fd3d0caa98d1b1604e09c6d06675b4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently ipmid only exits 0, allow it to exit based
on the signal captured.
Tested:
journalctl -u phosphor-pid-control -o json-pretty
{
"_SYSTEMD_SLICE" : "-.slice",
"_GID" : "0",
"_CAP_EFFECTIVE" : "3fffffffff",
"MESSAGE" : "phosphor-ipmi-host.service: Main process exited, code=killed, status=9/KILL",
"EXIT_STATUS" : "9",
"__CURSOR" : "s=cd10fcb9010e4cfdbcdad08709c2265d;i=399;b=2efcc2f735f74bc99588861556589a72;m=7c0ed53;t=592853b62b677;x=1ae3833ab435621e",
"__MONOTONIC_TIMESTAMP" : "130084179",
"MESSAGE_ID" : "98e322203f7a4ed290d09fe03c09fe15",
"_EXE" : "/lib/systemd/systemd",
"CODE_LINE" : "5797",
"UNIT" : "phosphor-ipmi-host.service",
"_SYSTEMD_CGROUP" : "/init.scope",
"_SYSTEMD_UNIT" : "init.scope",
"SYSLOG_IDENTIFIER" : "systemd",
"_COMM" : "systemd",
"_UID" : "0",
"PRIORITY" : "4",
"_HOSTNAME" : "intel-obmc",
"SYSLOG_FACILITY" : "3",
"CODE_FILE" : "src/core/unit.c",
"CODE_FUNC" : "unit_log_process_exit",
"_CMDLINE" : "/lib/systemd/systemd",
"__REALTIME_TIMESTAMP" : "1568475808183927",
"_SOURCE_REALTIME_TIMESTAMP" : "1568475808183827",
"COMMAND" : "ExecStart",
"INVOCATION_ID" : "67ff87a3ad4b4a4da3fe7e0ff083e2b8",
"_TRANSPORT" : "journal",
"_MACHINE_ID" : "f7182be05e2147feba2eaceaea0aded3",
"_BOOT_ID" : "2efcc2f735f74bc99588861556589a72",
"EXIT_CODE" : "killed",
"_PID" : "1"
}
Change-Id: I9f3233546b43a331076d21b73beabbf2aaca9d8b
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The Set LAN Configuration Auth Type Enables is not supported by
OpenBMC because RMCP is deprecated. The Get command always returns
zeros. The Set command cannot change the BMC state. As such this is
considered a ReadOnly register set.
Tested:
ipmitool raw 0xc 1 1 2 0 0 0 0 0 # returns 0x82 error code
Change-Id: I5cdc45270d0095538449c8d8b358fd3c31906599
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the netmask is assigned the value 0.0.0.0 the prefix is 0, not
33. The algorithm generated an incorrect prefix value when the netmask
was set to 0.0.0.0.
Tested:
ipmitool lan set 3 ipsrc static
ipmitool lan set 3 ipaddr 192.168.20.12
Setting LAN IP Address to 192.168.20.12
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 52:3b:aa:7b:0d:d5 brd ff:ff:ff:ff:ff:ff
inet 192.168.20.12/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::503b:aaff:fe7b:dd5/64 scope link
valid_lft forever preferred_lft forever
ipmitool lan set 3 netmask 0.0.0.0
Setting LAN Subnet Mask to 0.0.0.0
LAN Parameter Data does not match! Write may have failed.
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 52:3b:aa:7b:0d:d5 brd ff:ff:ff:ff:ff:ff
inet 169.254.51.116/16 brd 169.254.255.255 scope link eth0
valid_lft forever preferred_lft forever
inet6 fe80::503b:aaff:fe7b:dd5/64 scope link
valid_lft forever preferred_lft forever
ipmitool lan set 3 ipaddr 192.168.20.12
Setting LAN IP Address to 192.168.20.12
ipmitool raw 0xc 1 3 6 0 0 0 0
Unable to send RAW command (channel=0x0 netfn=0xc lun=0x0 cmd=0x1 rsp=0xff): Unspecified error
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 52:3b:aa:7b:0d:d5 brd ff:ff:ff:ff:ff:ff
inet 169.254.51.116/16 brd 169.254.255.255 scope link eth0
valid_lft forever preferred_lft forever
inet6 fe80::503b:aaff:fe7b:dd5/64 scope link
valid_lft forever preferred_lft forever
Change-Id: I94cc02971bf21dabf1f1e22ad078d879393133b8
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Get LAN Configuration command, per the IPMI 2.0 spec, has Operator
privilege, not administrator privilege. This is per Table G, Command
Number and Privilege Levels.
Tested:
ipmitool -I lanplus -H obmcjgmwfp -U root -P <pw> lan print
Set in Progress : Set Complete
Auth Type Support :
Auth Type Enable : Callback :
: User :
: Operator :
: Admin :
: OEM :
IP Address Source : DHCP Address
IP Address : 10.243.48.108
Subnet Mask : 255.255.254.0
MAC Address : de:a4:84:d7:2c:28
Default Gateway IP : 10.243.48.1
Default Gateway MAC : 00:00:00:00:00:00
802.1q VLAN ID : Disabled
RMCP+ Cipher Suites : 3,17
Cipher Suite Priv Max : Not Available
Bad Password Threshold : Not Available
ipmitool -I lanplus -H obmcjgmwfp -U operator1 -P <pw> -L operator lan print
Set in Progress : Set Complete
Auth Type Support :
Auth Type Enable : Callback :
: User :
: Operator :
: Admin :
: OEM :
IP Address Source : DHCP Address
IP Address : 10.243.48.108
Subnet Mask : 255.255.254.0
MAC Address : de:a4:84:d7:2c:28
Default Gateway IP : 10.243.48.1
Default Gateway MAC : 00:00:00:00:00:00
802.1q VLAN ID : Disabled
RMCP+ Cipher Suites : 3,17
Cipher Suite Priv Max : Not Available
Bad Password Threshold : Not Available
ipmitool -I lanplus -H obmcjgmwfp -U operator1 -P <pw> lan print
Set Session Privilege Level to ADMINISTRATOR failed: Unknown (0x81)
Error: Unable to establish IPMI v2 / RMCP+ session
Change-Id: I4928c34b68e8f28d2356ff49890daa536bd39b5f
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SessionId is now passed to host-ipmid context along with userid
and privilege information. This will enable certain commands to know
the current sessionid
Added option to get current session info in get session info command.
With this change, we can get the current session info by passing
sessionIndex as zero in get session info command via lan interface and
the same via host interface will return an error, beacuse no session
will be created for host interface.
Tested:
ipmitool -I lanplus -U <user> -P <password> -H <lan1_ip> raw 6 0x3d <Zero>
Response : gives currents session info
ipmitool -I lanplus -U <user> -P <password> -H <lan2_ip> raw 6 0x3d <Zero>
Response : gives currents session info
//host interface
ipmitool raw 6 0x3d 0
Response: 0xCC // invalid field in the request
//This command shows info of all sessions, which includes current
session info as well.
ipmitool -I lanplus -U <user> -P <password> -H <lan1_ip> session info all
session handle : 129
slot count : 45
active sessions : 1
user id : 1
privilege level : ADMINISTRATOR
session type : IPMIv1.5
channel number : 0x03
console ip : 0.0.0.0
console mac : 00:00:00:00:00:00
console port : 52670
session handle : 0
slot count : 45
active sessions : 1
//This command shows info of all sessions, which includes current
session info as well.
ipmitool -I lanplus -U <user> -P <password> -H <lan2_ip> session info all
session handle : 0
slot count : 45
active sessions : 1
session handle : 1
slot count : 45
active sessions : 1
user id : 1
privilege level : ADMINISTRATOR
session type : IPMIv1.5
channel number : 0x01
console ip : 0.0.0.0
console mac : 00:00:00:00:00:00
console port : 57622
//host interface
ipmitool session info all
session handle : 0
slot count : 45
active sessions : 0
session handle : 0
slot count : 45
active sessions : 0
Tested other postive and negative test cases for get session info
command in Lan1, Lan2 and host interfaces. All are working fine.
Signed-off-by: Rajashekar Gade Reddy <raja.sekhar.reddy.gade@linux.intel.com>
Change-Id: I9fb1ef12693e4c0da3661ffdf21eec248b48b5b4
|
| |
|
|
|
|
|
|
|
|
| |
The phosphor-logging code moved from implementing
org.openbmc.Associations to now implementing
xyz.openbmc_project.Association.Definitions. The property name was also
changed from associations to Associations.
Change-Id: I4443b9092319bf73245fa7a256efb9227e87097d
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updated privilege restrictions for below IPMI
commands as per IPMI spec.
- Get Session Info: User
- Get ACPI Power State: User
- Get Watchdog Timer: User
Tested:
Tested above commands with different privileged
users and validated.
Change-Id: If98d3125eee2192ac3b0f9195d1a46d57310abbf
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set NMI (Diagnostic Interrupt) signal source to Chassis command.
Please refer ipmi spec 1.3 table 1 for details.
Set Enabled property to inform NMI source handling to
trigger a NMI_OUT BSOD.
Tested:
NMI is actived(host is hang) due to NMI command
ipmitool chassis power diag
Change-Id: I8066aa19ba1f5a81897857de2a5fe551876101b3
Signed-off-by: Kuiying Wang <kuiying.wang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Get Channel Cipher Suites command should be available at any
privilege level as well as pre-session. This changes it so that it can
be used pre-session to determine the best cipher suite to use. As per
section 22.15 of the IPMI 2.0 spec, "This command can be executed prior
to establishing a session with the BMC." This means that it should be
able to be executed at any privilege, including 'none'.
Tested: run a new version of ipmitool that calls get channel cipher
suite as part of session initialization before and after. This
affects all commands, but raw is the shortest to run, so it is
used here. (raw 6 1 is get device id).
Before:
$ ipmitool -I lanplus -H a.b.c.d -U root -P 0penBmc raw 6 1
Get Channel Cipher Suites failed: Insufficient privilege level
23 00 00 01 02 bf 57 01 00 7b 00 99 91 cd 13
After:
$ ipmitool -I lanplus -H a.b.c.d -U root -P 0penBmc raw 6 1
23 00 00 01 02 bf 57 01 00 7b 00 99 91 cd 13
Change-Id: I59a3212f1ea5dc82c545e6ec1ee4a437ec5abfe1
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allowed password characters will be handled by password management,
instead of set user password command. This makes the checking to be
moved from set user password command to pam layer and accordingly
throw error, when the same is not valid.
Fix: So modified the code to handle with pam module itself.
Tested:
ipmitool user set password 6 0penBmc1\'
Set User Password command successful (user 6)
ipmitool user set password 6 0penBmc1\"
Set User Password command successful (user 6)
ipmitool user set password 6 12345678 //invalid password
IPMI command failed: Invalid data field in request
Set User Password command failed (user 6)
ipmitool user set password 3 asdf1234 //user id does not exit
IPMI command failed: Unspecified error
Set User Password command failed (user 3)
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: Iba6e2c29a927d53e6ebdb5d32e83ecc7cbbd2fd0
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rewrite get bmc global command to the new API.
Tested:
ipmitool raw 6 0x2f
09
ipmitool mc getenables
Receive Message Queue Interrupt : enabled
Event Message Buffer Full Interrupt : disabled
Event Message Buffer : disabled
System Event Logging : enabled
OEM 0 : disabled
OEM 1 : disabled
OEM 2 : disabled
Signed-off-by: Yong Li <yong.b.li@linux.intel.com>
Change-Id: I17ef6171b29f1dcb4adcb1f93e2e4e0292883ecd
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Only accept command from system interface, to align with the IPMI spec.
Tested:
In UEFI the comand works:
cmdtool.efi 20 18 2e 9
00
The command will fail if execute through network:
ipmitool -H $BMCIP -Uroot -P 0penBmc -I lanplus raw 6 0x2e 9
Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x2e rsp=0xd5):
Command not supported in present state
Signed-off-by: Yong Li <yong.b.li@linux.intel.com>
Change-Id: I4e65cdf88fbc9364532ae04da3a7219f432dee6b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some platforms doe not support safe mode in
set/get system boot options commands, add an compile option to disable it.
Using the below command:
./configure --disable-boot-flag-safe-mode-support
Tested:
After adding this compile option, below command fails:
// set safe mode in set system boot options command
ipmitool raw 0 8 5 0x80 0xc
Unable to send RAW command (channel=0x0 netfn=0x0 lun=0x0 cmd=0x8 rsp=0xcc):
Invalid data field in request
Signed-off-by: Yong Li <yong.b.li@linux.intel.com>
Change-Id: Ie479a0c68a8e9fc79f99c9d4cc10cdd1e6ceb20e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rewrite set bmc global command to the new API.
Tested:
ipmitool raw 6 0x2e 8
Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x2e rsp=0xcc):
Invalid data field in request
ipmitool mc setenables recv_msg_intr=on system_event_log=on
Enabling Receive Message Queue Interrupt
Enabling System Event Logging
Nothing to change...
Receive Message Queue Interrupt : enabled
Event Message Buffer Full Interrupt : disabled
Event Message Buffer : disabled
System Event Logging : enabled
OEM 0 : disabled
OEM 1 : disabled
OEM 2 : disabled
Signed-off-by: Yong Li <yong.b.li@linux.intel.com>
Change-Id: I79bb6186b880c8f26890cc6a1851ef05650efc5b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The expiration flags should be retain their state
across system resets and power cycles.
Tested:
Set “BIOS FRB2” and start
ipmitool raw 0x06 0x24 0x01 0x00 0x00 0x00 0x30 0x00
ipmitool mc watchdog reset
after stopped:
Timer Expiration Flags should be : (0x02)
* BIOS FRB2
Then Set “BIOS/POST” and start,
ipmitool raw 0x06 0x24 0x02 0x00 0x00 0x00 0x30 0x00
ipmitool mc watchdog reset
after stopped:
Timer Expiration Flags should be : (0x06)
* BIOS FRB2
* BIOS/POST
“impitool mc watchdog get” displays the correct Timer Expiration Flags
when the timer is running;
Signed-off-by: Yong Li <yong.b.li@linux.intel.com>
Change-Id: Ic0c27c6c1e8bed2db8ce30fc0eec2a6538bb1992
|
| |
|
|
|
|
|
|
|
|
| |
This header did not format correctly due to the space.
https://github.com/openbmc/phosphor-host-ipmid/blob/master/docs/configuration.md
Tested: With https://jbt.github.io/markdown-editor/
Change-Id: Ief57b88b022844fd74740bb516b9d21f2590e7c3
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Return proper error code 0x82 for session-less channel
Tested
1.verified with ipmitool raw commands
ipmitool raw 0x06 0x40 0x00 0x40 0x04
Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x40
rsp=0x82): Unknown (0x82)
ipmitool raw 0x06 0x41 0x00 0x40
Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x41
rsp=0x82): Unknown (0x82)
Signed-off-by: anil kumar appana <anil.kumarx.appana@intel.com>
Change-Id: I9ada001427a6c3dcaaf6de026f8831faa54c182d
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change refactors GetSensorResponse from std::array to struct.
This change depends on change #23544.
GetSensorResponse is an internal, intermediate structure, an unpacked
form of a Get Sensor Reading response, providing direct access to its
fields. Its life time is:
GetReadingResponse -> GetSensorResponse -> ipmi::RspType.
It is written to in 5 functions in the ipmi::sensor::get namespace, by
four setter functions (setOffset, setReading, setAssertionBytes,
enableScanning).
It is currently read from by 1 function (ipmiSensorGetSensorReading)
for transforming to an ipmi::RspType.
Originally, the setter functions assumed bitwise equivalence between
GetSensorResponse and GetReadingResponse, and the setter functions
used reinterpret_cast to assign to a GetSensorResponse as if it were
a GetReadingResponse.
With this change, the reinterpret_cast's are removed, and the set
functions now accept GetSensorResponse instead of GetReadingResponse,
so the code gets a bit easier to read.
Tested: Tested using a server with a BMC; sensor readings obtained
through `ipmitool` appear to be correct (the reading might change
within a small range):
# ipmitool raw 0x04 0x2d 0x16
9B 40 00 00
Signed-off-by: Sui Chen <suichen@google.com>
Change-Id: I5d454d6249f5431fb98169e6ef7c585c34024004
|
| |
|
|
|
|
|
|
|
|
| |
Rewrite: "Get sensor reading" command to new IPMI provider API.
Tested:
verified using ipmitool sensor commands.
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I61eb77216820795d6e422a69fc1f4314167373ff
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This command can get info of any session
Tested all positive and negative test cases
Tested:
Get active session info by valid session handle
ipmitool raw 0x6 0x3d <sesssion index = search session by handle> <valid session handle>
Response : successfully gets the session info as per IPMI spec
Get active session info by valid session id
ipmitool raw 0x6 0x3d <sesssion index = search session by id> <valid session id>
Response : successfully gets the session info as per IPMI spec
Get inactive session info by valid session handle
ipmitool raw 0x6 0x3d <sesssion index = search session by handle> <valid session handle>
Response : successfully gets the session info as per IPMI spec
Get inactive session info by valid session id
ipmitool raw 0x6 0x3d <sesssion index = search session by id> <valid session id>
Response : successfully gets the session info as per IPMI spec
Get session info by invalid session handle
ipmitool raw 0x6 0x3d <sesssion index = search session by handle> <invalid session handle>
Response : 0x88 // Inavlid Session Handle
Get session info by invalid session id
ipmitool raw 0x6 0x3d <sesssion index = search session by id> <invalid session id>
Response : 0x87 // Inavlid Session Id
Signed-off-by: Rajashekar Gade Reddy <raja.sekhar.reddy.gade@linux.intel.com>
Change-Id: Ib36a9fe5eac58d15011cc9379ceed480ba0be96d
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Issue: Get channel CipherSuite command passed with invalid payload type
Fix: Added the check now to allow only valid payload types
Tested:
Command: ipmitool raw 0x06 0x54 0x01 0xff 0x80
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x54
rsp=0x80): Unknown (0x80)
Command: ipmitool raw 0x06 0x54 0x01 0x12 0x80
Response: 01 c0 03 01 41 81 c0 11 03 44 81
Command: ipmitool raw 0x06 0x54 0x01 0x09 0x80
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x54
rsp=0x80): Unknown (0x80)
Command: ipmitool raw 0x06 0x54 0x01 0x02 0x00
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x54
rsp=0x80): Unknown (0x80)
Command: ipmitool raw 0x06 0x54 0x01 0x12 0x00
Response: 01 01 03 41 44 81
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I552250736d7e898191ddbb45fd1bff42681b9c63
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IPMI has four commands that accept "OEM Parameters". The existing IPMI
command handlers do not account for these OEM extensions. This commit
adds OEM Parameters support for the Set/Get LAN Configuration
Parameters commands.
Tested:
ipmitool raw 0xc 1 3 0xc0 0 ;; received 0x80 return code
ipmitool raw 0xc 2 3 0 0 ;; received 0x80 return code
Change-Id: I81135b6d3269cec98ffd7754a03201a74c436c11
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
| |
|
|
|
|
|
|
|
| |
Adds support for setting the MAC address of the gateway. Most of the
interesting code in this change is around saving / restoring the gateway
MAC address when the gateway or interface change.
Change-Id: I85b7c665c44af4f030f51456be355f3eb11ab2fc
Signed-off-by: William A. Kennington III <wak@google.com>
|
| |
|
|
|
|
|
|
|
| |
Cleaning up phosphor logging entry messages from
the usage of ':' to '=' in the whole user_channel
dir cpp files.
Signed-off-by: Ayushi Smriti <smriti.ayushi@linux.intel.com>
Change-Id: Ifa8eb35751279cf6bebd876105b7a4d24deb98a0
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The work done to migrate this file from the old IPMI calling structure
to the new calling structure removed the RMCP+ cipher suite
commands. The prior commit was approved on the condition these
commands be restored.
Tested:
ipmitool raw 0xc 2 1 22 0 0 ; returns correct cipher count
ipmitool raw 0xc 2 1 23 0 0 ; returns the active cipher ID's
Change-Id: Ie0ac0fb066f53772174e7e61d2c81ae876b6c2e3
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
For some time now we the maintainers have been requesting things like
50/72 commit messages, unit tests, Tested: footers, etc. But these
requirements haven't been written down. This document is an attempt to
codify some of the unwritten rules of contribution in the OpenBMC IPMI
stack.
Signed-off-by: Emily Shaffer <emilyshaffer@google.com>
Change-Id: Ieb7a72f89f44374efbbe7265c7341338f6850158
|
