Remove getIoContext from Request object

At one point it was thought that we could pass the io_context object
through the request object, and have the potential to run multiple
io_context instances (

Remove getIoContext from Request object

At one point it was thought that we could pass the io_context object
through the request object, and have the potential to run multiple
io_context instances (one per connection).

Given the safety refactoring we had to do in
9838eb20341568971b9543c2187372d20daf64aa that idea is on ice for the
moment, and would need a major rethink of code to be viable. For the
moment, and in prep for
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/75668

make sure all calls are pulling from the same io object.

Tested: Unit tests pass. Redfish service validator passes.

Change-Id: I877752005c4ce94efbc13ce815f3cd0d99cc3d51
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is largely just
taking the clang-recommended fixes and checking them in. Subsequent
patches will fix the more unique issues.

Note, that a number of new ignores are added into the .clang-tidy file.
These can be cleaned up over time as they're understood. The majority
are places where boost includes a impl/x.hpp and x.hpp, but expects you
to use the later. include-cleaner opts for the impl, but it isn't clear
why.

Change-Id: Id3fdd7ee6df6c33b2fd35626898523048dd51bfb
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This pa

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This patchset does not intend to modify any intent on any existing
copyrights or licenses, only to standardize their inclusion.

[1] https://www.linuxfoundation.org/blog/blog/copyright-notices-in-open-source-software-projects

Change-Id: I935c7c0156caa78fc368c929cebd0f068031e830
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Clang-tidy updates for 19

Update to add new checks that are now available to us. Fix the minor
issues we have. A few of our checks that we previously had enabled have
been renamed, so remove those

Clang-tidy updates for 19

Update to add new checks that are now available to us. Fix the minor
issues we have. A few of our checks that we previously had enabled have
been renamed, so remove those from the file as well.

Change-Id: Idbbfc3cb7ba42ac780e557554d7ae8ab190e7551
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda forma

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda formatting also changed, so we have made changes to the
organization default style format to better handle lambda formatting.

See I5e08687e696dd240402a2780158664b7113def0e for updated style.
See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.

Change-Id: Iceec1dc95b6c908ec6c21fb40093de9dd18bf11a
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

obmc_console: Fix some missing headers

Fix some obvious missed headers.

Tested: It builds, no other testing.

Change-Id: I8cfd95e16eca38c75dcf76fc974ed384d13c6757
Signed-off-by: Gunnar Mills <gmill

obmc_console: Fix some missing headers

Fix some obvious missed headers.

Tested: It builds, no other testing.

Change-Id: I8cfd95e16eca38c75dcf76fc974ed384d13c6757
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

clang-format: copy latest and re-format

clang-format-17 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest

clang-format: copy latest and re-format

clang-format-17 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest .clang-format from the docs repository and reformat the
repository.

Change-Id: I2f9540cf0d545a2da4d6289fc87b754f684bc9a7
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Replace logging with std::format

std::format is a much more modern logging solution, and gives us a lot
more flexibility, and better compile times when doing logging.

Unfortunately, given its level

Replace logging with std::format

std::format is a much more modern logging solution, and gives us a lot
more flexibility, and better compile times when doing logging.

Unfortunately, given its level of compile time checks, it needs to be a
method, instead of the stream style logging we had before. This
requires a pretty substantial change. Fortunately, this change can be
largely automated, via the script included in this commit under
scripts/replace_logs.py. This is to aid people in moving their
patchsets over to the new form in the short period where old patches
will be based on the old logging. The intention is that this script
eventually goes away.

The old style logging (stream based) looked like.

BMCWEB_LOG_DEBUG << "Foo " << foo;

The new equivalent of the above would be:
BMCWEB_LOG_DEBUG("Foo {}", foo);

In the course of doing this, this also cleans up several ignored linter
errors, including macro usage, and array to pointer deconstruction.

Note, This patchset does remove the timestamp from the log message. In
practice, this was duplicated between journald and bmcweb, and there's
no need for both to exist.

One design decision of note is the addition of logPtr. Because the
compiler can't disambiguate between const char* and const MyThing*, it's
necessary to add an explicit cast to void*. This is identical to how
fmt handled it.

Tested: compiled with logging meson_option enabled, and launched bmcweb

Saw the usual logging, similar to what was present before:
```
[Error include/webassets.hpp:60] Unable to find or open /usr/share/www/ static file hosting disabled
[Debug include/persistent_data.hpp:133] Restored Session Timeout: 1800
[Debug redfish-core/include/event_service_manager.hpp:671] Old eventService config not exist
[Info src/webserver_main.cpp:59] Starting webserver on port 18080
[Error redfish-core/include/event_service_manager.hpp:1301] inotify_add_watch failed for redfish log file.
[Info src/webserver_main.cpp:137] Start Hostname Monitor Service...
```
Signed-off-by: Ed Tanous <ed@tanous.net>

Change-Id: I86a46aa2454be7fe80df608cb7e5573ca4029ec8

show more ...

Add support for multiple consoles

This drop adds support for multiple consoles. The following changes are
made to achieve this.
- Kept the "/console0" route for backward compatibility
- Added a new

Add support for multiple consoles

This drop adds support for multiple consoles. The following changes are
made to achieve this.
- Kept the "/console0" route for backward compatibility
- Added a new route "/console/<str>" to support multiple consoles. All
new consoles must use this route string.

Testing:
- Make sure that old console path /console0 is working.
[INFO "http_connection.hpp":209] Request: 0x1bc2e60 HTTP/1.1
GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bdb67c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":198] Console web socket path: /console0
Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[DEBUG "obmc_console.hpp":162] Remove connection 0x1bdb67c from
obmc console

- Make sure that new path for default console working
[INFO "http_connection.hpp":209] Request: 0x1bd76a8 HTTP/1.1
GET /console/default ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1baf82c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request
target = /console/default
[DEBUG "obmc_console.hpp":198] Console web socket path:
/console/default Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[INFO "obmc_console.hpp":154] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":162] Remove connection 0x1baf82c from
obmc console

- Make sure that path for hypervisor console is working.
[INFO "http_connection.hpp":209] Request: 0x1bc2e60 HTTP/1.1
GET /console/hypervisor ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bc5234 opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/hypervisor service =
xyz.openbmc_project.Console.hypervisor Request
target = /console/hypervisor
[DEBUG "obmc_console.hpp":198] Console web socket path:
/console/hypervisor Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[INFO "obmc_console.hpp":154] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":162] Remove connection 0x1bc5234 from
obmc console

- Make sure that bad console path is failing properly due to DBUS error.
[INFO "http_connection.hpp":209] Request: 0x1bd76a8 HTTP/1.1
GET /console/badconsoleid ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bdb67c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/badconsoleid service =
xyz.openbmc_project.Console.badconsoleid Request
target = /console/badconsoleid
[ERROR "obmc_console.hpp":174] Failed to call console Connect()
method DBUS error: No route to host

Change-Id: I9b617bc51e3ddc605dd7f4d213c805d05d2cfead
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

Simplify obmc console buffers

Backpressure on incoming bytes helps both to simplify the layering of
the console, as well as prevent some cases of OOM crashes.

Similar to what we did with nbd_proxy,

Simplify obmc console buffers

Backpressure on incoming bytes helps both to simplify the layering of
the console, as well as prevent some cases of OOM crashes.

Similar to what we did with nbd_proxy, move obmc console over to the new
sendEx interface, allowing for backpressure, and fixed size std::array
buffers.

Tested:
Made sure single console can see the data.
Made sure two consoles can see the data.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I63d142fc5e8f8a734f3a7b8d0aa3f0d8c263d5ba

show more ...

Introduce ConsoleHandler class under obmc_console

Added new ConsoleHandler class to prepare for the multiple consoles
support. All global fields are moved to the ConsoleHandler class and a
new globa

Introduce ConsoleHandler class under obmc_console

Added new ConsoleHandler class to prepare for the multiple consoles
support. All global fields are moved to the ConsoleHandler class and a
new global map added to remember the ConsoleHandler for each console
path. There is single ConsoleHandler per connection so we don't need
session map per route. There is a limit added for max number of
connection allowed to avoid any service attacks.

Testing:
- Make sure that single console works fine and data is seen on the
console.
- Make sure that multiple consoles of type host console are created
and data is seen on all consoles. Also using traces made sure
that new handlers are destroyed.

Traces: Traces shows that multiple consoles active and later destroyed.
[INFO "http_connection.hpp":209] Request: 0x24bb790 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x24eb424 opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x24c18fc added 1 for path
0x24eb424
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 13 duped FD: 14
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "http_connection.hpp":209] Request: 0x265d740 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x2661de4 opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x25e69ac added 1 for path
0x2661de4
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 19 duped FD: 20
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "http_connection.hpp":209] Request: 0x265d740 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x25f1fdc opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x26ff22c added 1 for path
0x25f1fdc
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 19 duped FD: 21
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x25f1fdc from obmc
handler 0x26ff22c for path /console0
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x2661de4 from obmc
handler 0x25e69ac for path /console0
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x24eb424 from obmc
handler 0x24c18fc for path /console0

Change-Id: I77a58a3a186e87611219aed90b221f9b8be7fa2f
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>

show more ...

Fix some includes

System includes should be included with <>, in-tree includes should be
included with "". This was found manually, with the help of the
following grep statement[1].

git grep -o -h

Fix some includes

System includes should be included with <>, in-tree includes should be
included with "". This was found manually, with the help of the
following grep statement[1].

git grep -o -h "#include .*" | sort | uniq

Tested:
Code compiles

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I1a6b2a5ba35ccbbb61c67b7c4b036a2d7b3a36a3

show more ...

Use console information from DBUS

This drop is a preparation of supporting multiple consoles in bmcweb.
In this drop we will hook up the new DBUS interface to get the unix
socket file descriptor for

Use console information from DBUS

This drop is a preparation of supporting multiple consoles in bmcweb.
In this drop we will hook up the new DBUS interface to get the unix
socket file descriptor for existing host console. At this time bmcweb
only allows host console.

This drop includes following bmcweb changes:
- The default console leaf node is set to "default" by the obmc-console
- Currently the URL is still maintained to /console0 for GUI
compatibility. In future, it will be changed to /console/<str>
where <str> could be any string which represents the console id.
- In the obmc routing function, query the console DBUS interface for
all available consoles. If the object leaf matches with the target
string, then create socket and assign the file descriptor returned
by the DBUS console.

[INFO "http_connection.hpp":209] Request: 0x1b8c608 HTTP/1.1 GET /console0
::ffff:x.xxx.xx.xxx
|
[DEBUG "routing.hpp":1440] Matched rule (upgrade) '/console0' 1 / 2
|
[DEBUG "obmc_console.hpp":247] Connection 0x13e3c8c opened
[DEBUG "obmc_console.hpp":268] Console Object path = \
/xyz/openbmc_project/console/default Request target = /console0
[DEBUG "obmc_console.hpp":230] Looking up unixFD for Service \
xyz.openbmc_project.Console.default Path /xyz/openbmc_project/console/default
[DEBUG "obmc_console.hpp":157] Console web socket path: /console0 Console\
unix FD: 12 duped FD: 13

Testing:
Make sure that console open is working for /console0 on rainier machine

Related commits:
1) phosphor-dbus-interface: https://gerrit.openbmc.org/c/openbmc/phosphor-dbus-interfaces/+/61486
2) obmc-console: https://gerrit.openbmc.org/c/openbmc/obmc-console/+/62496
3) bmcweb: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/62525

Change-Id: I476f1bb3e3be384ab09802340a59ffa036ca0278
Signed-off-by: Ninad Palsule <ninadpalsule@us.ibm.com>

show more ...

Added new pre-defined usergroup called hostconsole

The new pre-defined usergroup named "hostconsole" is added to
differentiate access between host console and manager console.
The only users allowed

Added new pre-defined usergroup called hostconsole

The new pre-defined usergroup named "hostconsole" is added to
differentiate access between host console and manager console.
The only users allowed to interact with host console are part of the
"hostconsole" group and they are in an administrator role.

Note: The changes are spread across multiple repositories listed under
"Related commits:"

The bmcweb changes to incorporate new group are as follows:
- The new user is added in the hostconsole group only if it has an
administrative role.
- The ssh usergroup is only translated to ManagerConsole redfish group
and hostconsole usergroup is translated to HostConsole redfish group.
- The following changes are made to check the privileges for host console
access
- The new OEM privilege "OpenBMCHostConsole" added for host console
access. This privilege is not shared externally hence it is not
documented.
- Updated obmc_console BMCWEB_ROUTE to use the new privilege.
- Router functions now save user role and user groups in the session
- getUserPrivileges() function now takes session reference instead
of user role. This function now also checks for the user group
"hostconsole" and add the new privilege if user is member of this
group.
- Updated all callers of the getUserPrivileges to pass session
reference.
- Added test to validate that new privilege is set correctly.

Tested:
Loaded code on the system and validated that;
- New user gets added in hostconsole group. NOTE: Prior to this commit
all groups are assigned to new user. This drop does not change that
behavior.
- Access from the web gui is only available for users in hostconsole
group. Used IBM internal simulator called simics to test this. This
simulator allows accessing openbmc from GUI.
- Checked the role collection and there is no change.
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/Administrator
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/ReadOnly
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/Operator

- HostConsole is in AccountType when hostconsole group is present in
UserGroups D-Bus property

$ id user99
uid=1006(user99) gid=100(users) groups=1000(priv-admin),1005(web),\
1006(redfish),1013(hostconsole),100(users)

$ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"HostConsole",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "Administrator",
"UserName": "user99"

- The hostconsole group is not present for readonly or operator users
and also made sure that console access is not provided. This testing
is done one the system and console access was tried by modifying the
https://github.com/openbmc/bmcweb/blob/master/scripts/websocket_test.py

+ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"IPMI",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/ReadOnly"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "ReadOnly",
"UserName": "user99"

[INFO "http_connection.hpp":209] Request: 0x150ac38 HTTP/1.1 GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1265] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "routing.hpp":1084] userName = user99 userRole = priv-user
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ipmi
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=redfish
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ssh
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=web
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: Login
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureSelf
[DEBUG "routing.hpp":113] checkPrivileges: OEM REQUIRED: OpenBMCHostConsole
[ERROR "routing.hpp":1192] Insufficient Privilege

+ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"IPMI",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/Operator"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "Operator",
"UserName": "user99"

[INFO "http_connection.hpp":209] Request: 0x21c7c38 HTTP/1.1 GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1265] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "routing.hpp":1084] userName = user99 userRole = priv-operator
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ipmi
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=redfish
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ssh
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=web
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: Login
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureComponents
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureSelf
[DEBUG "routing.hpp":113] checkPrivileges: OEM REQUIRED: OpenBMCHostConsole
[ERROR "routing.hpp":1192] Insufficient Privilege

Related commits:
NOTE: docs, openbmc, obmc-console changes are already merged. bmcweb
and phosphor-user-manager will be merged together.
docs: https://gerrit.openbmc.org/c/openbmc/docs/+/60968
phosphor-user-manager: https://gerrit.openbmc.org/c/openbmc/phosphor-user-manager/+/61583
openbmc: https://gerrit.openbmc.org/c/openbmc/openbmc/+/61582
obmc-console: https://gerrit.openbmc.org/c/openbmc/obmc-console/+/61581
bmcweb: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/61580

Change-Id: Ia5a33dafc9a76444e6a8e74e752f0f90cb0a31c8
Signed-off-by: Ninad Palsule <ninadpalsule@us.ibm.com>

show more ...

Capture all boost::system::error_codes by ref

Capturing these possibly overloaded values by reference can avoid a copy
in some cases, and it's good to be consistent.

This change was made automatica

Capture all boost::system::error_codes by ref

Capturing these possibly overloaded values by reference can avoid a copy
in some cases, and it's good to be consistent.

This change was made automatically by grep/sed.

Tested: Code compiles.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iafeaca2a5dc52f39753b5a3880419d6bc943f81b

show more ...

Fix a boatload of #includes

Most of these missing includes were found by running clang-tidy on all
files, including headers. The existing scripts just run clang-tidy on
source files, which doesn't

Fix a boatload of #includes

Most of these missing includes were found by running clang-tidy on all
files, including headers. The existing scripts just run clang-tidy on
source files, which doesn't catch most of these.

Tested: Code compiles

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic741fbb2cc9e5e92955fd5a1b778a482830e80e8

show more ...

Add check for globals

We don't follow this cpp core guidelines rule well. This is something
that we should aspire to cleaning up in the future, but for the moment,
lets turn the rule on in clang-ti

Add check for globals

We don't follow this cpp core guidelines rule well. This is something
that we should aspire to cleaning up in the future, but for the moment,
lets turn the rule on in clang-tidy to stop the bleeding, add ignores
for the things that we know need some better abstractions, and work on
these over time.

Most of this commit is just adding NOLINTNEXTLINE exceptions for all of
our globals. There was one case in the sensor code where clang
correctly noted that those globals weren't actually const, which got
missed because of the use of auto.

Tested: CI should be good enough for this. Passes clang-tidy.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ieda08fee69a3b209d4b3e9771809a6c41524f066

show more ...

Try to fix the lambda formatting issue

clang-tidy has a setting, LambdaBodyIndentation, which it says:
"For callback-heavy code, it may improve readability to have the
signature indented two levels

Try to fix the lambda formatting issue

clang-tidy has a setting, LambdaBodyIndentation, which it says:
"For callback-heavy code, it may improve readability to have the
signature indented two levels and to use OuterScope."

bmcweb is very callback heavy code. Try to enable it and see if that
improves things. There are many cases where the length of a lambda call
will change, and reindent the entire lambda function. This is really
bad for code reviews, as it's difficult to see the lines changed. This
commit should resolve it. This does have the downside of reindenting a
lot of functions, which is unfortunate, but probably worth it in the
long run.

All changes except for the .clang-format file were made by the robot.

Tested: Code compiles, whitespace changes only.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib4aa2f1391fada981febd25b67dcdb9143827f43

show more ...

Remove AsyncResp from openHandler

This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.

Tested:
(from previou

Remove AsyncResp from openHandler

This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.

Tested:
(from previous commit) Opened KVM in webui-vue and it works.

Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I793f05836aeccdc275b7aaaeede41b3a2c276595

show more ...

Consitently use dbus::utility types

This saves about 4k on the binary size

Tested: Redfish service validator passes.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9546227a19c691b1aecb

Consitently use dbus::utility types

This saves about 4k on the binary size

Tested: Redfish service validator passes.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9546227a19c691b1aecb80e80307889548c0293f

show more ...

Revert "Remove AsyncResp from openHandler"

This reverts commit 0f3d3a01aed4040ef73a977a958ecdf4f68111f6.

Seeing bumps fail.

Change-Id: Ida7b1bae48abbed2e00a5259e8f94b64168d4788
Signed-off-by: Gunn

Revert "Remove AsyncResp from openHandler"

This reverts commit 0f3d3a01aed4040ef73a977a958ecdf4f68111f6.

Seeing bumps fail.

Change-Id: Ida7b1bae48abbed2e00a5259e8f94b64168d4788
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Remove AsyncResp from openHandler

This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.

Tested:
Opened KVM in

Remove AsyncResp from openHandler

This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.

Tested:
Opened KVM in webui-vue and it works.

Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Change-Id: I90811f4ab91ad41cb298877f76252dce80932b2b

show more ...

Remove ambiguous privileges constructor

There are a number of endpoints that assume that a given routes
privileges are governed by a single set of privileges, instead of
multiple sets ORed together.

Remove ambiguous privileges constructor

There are a number of endpoints that assume that a given routes
privileges are governed by a single set of privileges, instead of
multiple sets ORed together. To handle this, there were two overloads
of the privileges() method, one that took a vector of Privileges, and
one that took an initializer_list of const char*. Unfortunately, this
leads some code in AccountService to pick the wrong overload when it's
called like this
.privileges( {{"ConfigureUsers"}, {"ConfigureManager"},
{"ConfigureSelf"}})

This is supposed to be "User must have ConfigureUsers, or
ConfigureManager, or ConfigureSelf". Currently, because it selects the
wrong overload, it computes to "User must have ConfigureUsers AND
ConfigureManager AND ConfigureSelf.

The double braces are supposed to cause this to form a vector of
Privileges, but it appears that the initializer list gets consumed, and
the single invocation of initializer list is called. Interestingly,
trying to put in a privileges overload of
intializer_list<initializer_list<const char*>> causes the compilation to
fail with an ambiguous call error, which is what I would've expected to
see previously in this case, but alas, I'm only a novice when it comes
to how the C++ standard works in these edge cases. This is likely due
in part to the fact that they were templates of an unused template param
(seemingly copied from the previous method) and SFINAE rules around
templates.

This commit functionally removes one of the privileges overloads, and
adds a second set of braces to every privileges call that previously had
a single set of braces. Previous code will not compile now, which is
IMO a good thing.

This likely popped up in the Node class removal, because the Node class
explicitly constructs a vector of Privilege objects, ensuing it can hit
the right overload

Tested:
Ran Redfish service validator

Tested the specific use case outlined on discord with:
Creating a new user with operator privilege:
```
redfishtool -S Always -u root -p 0penBmc -vvvvvvvvv -r 192.168.7.2
AccountService adduser foo mysuperPass1 Operator
```

Then attempting to list accounts:
```
curl -vvvv --insecure --user foo:mysuperPass1
https://192.168.7.2/redfish/v1/AccountService/Accounts/foo
```

Which succeeded and returned the account in question.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I83e62b70e97f56dc57d43b9081f333a02fe85495

show more ...

Fix .clang-tidy

camelLower is not a type, camelBack is.

Changes were made automatically with clang-tidy --fix-errors

To be able to apply changes automatically, the only way I've found that
works w

Fix .clang-tidy

camelLower is not a type, camelBack is.

Changes were made automatically with clang-tidy --fix-errors

To be able to apply changes automatically, the only way I've found that
works was to build the version of clang/clang-tidy that yocto has, and
run the fix script within bitbake -c devshell bmcweb. Unfortunately,
yocto has clang-tidy 11, which can apparently find a couple extra errors
in tests we already had enabled. As such, a couple of those are also
included.

Tested:
Ran clang-tidy-11 and got a clean result.

Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I9d1080b67f0342229c2f267160849445c065ca51

show more ...

fix bmcweb crash during sol communication

After establishing the obmc_console socket
communication, If client closes the connection
abruptly, async read/write operation fails with
asio.ssl.stream er

fix bmcweb crash during sol communication

After establishing the obmc_console socket
communication, If client closes the connection
abruptly, async read/write operation fails with
asio.ssl.stream error. To handle the error, it calls
closeHandler call back function and cleans the session
and socket. Any ongoing async read operation should
be discarded by checking socket handle. Read/Write the
message from stream via async_read_some()/async_write
without checking socket handle, causes the crash.
Added socket handle validation before performing any
read/write operation to avoid crash.

Tested:
- Without fix, when sol connection closes abruptly, at times
saw the crash with below logs.
Nov 13 11:32:51 intel-obmc bmcweb[20169]: doRead error asio.ssl.stream:1
Nov 13 11:32:51 intel-obmc systemd[1]: bmcweb.service: Main process exited, code=dumped, status=11/SEGV
Nov 13 11:32:51 intel-obmc systemd[1]: bmcweb.service: Failed with result 'core-dump'.

- With fix, verified the case and no crashes seen.
Nov 13 12:55:04 intel-obmc bmcweb[24426]: (2020-11-13 12:55:04) [ERROR "websocket.h":207] doRead error asio.ssl.stream:1
Nov 13 12:55:04 intel-obmc bmcweb[24426]: (2020-11-13 12:55:04) [ERROR "obmc_console.hpp":67] doread() - Socket closed

Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: I2afda509ca77a561651a8682e042c45ca7366642

show more ...