1 /* 2 // Copyright (c) 2018 Intel Corporation 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 */ 16 #pragma once 17 18 #include "bmcweb_config.h" 19 20 #include "app.hpp" 21 #include "dbus_utility.hpp" 22 #include "error_messages.hpp" 23 #include "generated/enums/update_service.hpp" 24 #include "multipart_parser.hpp" 25 #include "ossl_random.hpp" 26 #include "query.hpp" 27 #include "registries/privilege_registry.hpp" 28 #include "task.hpp" 29 #include "task_messages.hpp" 30 #include "utils/collection.hpp" 31 #include "utils/dbus_utils.hpp" 32 #include "utils/json_utils.hpp" 33 #include "utils/sw_utils.hpp" 34 35 #include <sys/mman.h> 36 37 #include <boost/system/error_code.hpp> 38 #include <boost/url/format.hpp> 39 #include <sdbusplus/asio/property.hpp> 40 #include <sdbusplus/bus/match.hpp> 41 #include <sdbusplus/unpack_properties.hpp> 42 43 #include <array> 44 #include <cstddef> 45 #include <filesystem> 46 #include <functional> 47 #include <iterator> 48 #include <memory> 49 #include <optional> 50 #include <string> 51 #include <string_view> 52 #include <unordered_map> 53 #include <vector> 54 55 namespace redfish 56 { 57 58 // Match signals added on software path 59 // NOLINTNEXTLINE(cppcoreguidelines-avoid-non-const-global-variables) 60 static std::unique_ptr<sdbusplus::bus::match_t> fwUpdateMatcher; 61 // NOLINTNEXTLINE(cppcoreguidelines-avoid-non-const-global-variables) 62 static std::unique_ptr<sdbusplus::bus::match_t> fwUpdateErrorMatcher; 63 // Only allow one update at a time 64 // NOLINTNEXTLINE(cppcoreguidelines-avoid-non-const-global-variables) 65 static bool fwUpdateInProgress = false; 66 // Timer for software available 67 // NOLINTNEXTLINE(cppcoreguidelines-avoid-non-const-global-variables) 68 static std::unique_ptr<boost::asio::steady_timer> fwAvailableTimer; 69 70 struct MemoryFileDescriptor 71 { 72 int fd = -1; 73 74 explicit MemoryFileDescriptor(const std::string& filename) : 75 fd(memfd_create(filename.c_str(), 0)) 76 {} 77 78 MemoryFileDescriptor(const MemoryFileDescriptor&) = default; 79 MemoryFileDescriptor(MemoryFileDescriptor&& other) noexcept : fd(other.fd) 80 { 81 other.fd = -1; 82 } 83 MemoryFileDescriptor& operator=(const MemoryFileDescriptor&) = delete; 84 MemoryFileDescriptor& operator=(MemoryFileDescriptor&&) = default; 85 86 ~MemoryFileDescriptor() 87 { 88 if (fd != -1) 89 { 90 close(fd); 91 } 92 } 93 94 bool rewind() const 95 { 96 if (lseek(fd, 0, SEEK_SET) == -1) 97 { 98 BMCWEB_LOG_ERROR("Failed to seek to beginning of image memfd"); 99 return false; 100 } 101 return true; 102 } 103 }; 104 105 inline void cleanUp() 106 { 107 fwUpdateInProgress = false; 108 fwUpdateMatcher = nullptr; 109 fwUpdateErrorMatcher = nullptr; 110 } 111 112 inline void activateImage(const std::string& objPath, 113 const std::string& service) 114 { 115 BMCWEB_LOG_DEBUG("Activate image for {} {}", objPath, service); 116 sdbusplus::asio::setProperty( 117 *crow::connections::systemBus, service, objPath, 118 "xyz.openbmc_project.Software.Activation", "RequestedActivation", 119 "xyz.openbmc_project.Software.Activation.RequestedActivations.Active", 120 [](const boost::system::error_code& ec) { 121 if (ec) 122 { 123 BMCWEB_LOG_DEBUG("error_code = {}", ec); 124 BMCWEB_LOG_DEBUG("error msg = {}", ec.message()); 125 } 126 }); 127 } 128 129 inline bool handleCreateTask(const boost::system::error_code& ec2, 130 sdbusplus::message_t& msg, 131 const std::shared_ptr<task::TaskData>& taskData) 132 { 133 if (ec2) 134 { 135 return task::completed; 136 } 137 138 std::string iface; 139 dbus::utility::DBusPropertiesMap values; 140 141 std::string index = std::to_string(taskData->index); 142 msg.read(iface, values); 143 144 if (iface == "xyz.openbmc_project.Software.Activation") 145 { 146 const std::string* state = nullptr; 147 for (const auto& property : values) 148 { 149 if (property.first == "Activation") 150 { 151 state = std::get_if<std::string>(&property.second); 152 if (state == nullptr) 153 { 154 taskData->messages.emplace_back(messages::internalError()); 155 return task::completed; 156 } 157 } 158 } 159 160 if (state == nullptr) 161 { 162 return !task::completed; 163 } 164 165 if (state->ends_with("Invalid") || state->ends_with("Failed")) 166 { 167 taskData->state = "Exception"; 168 taskData->status = "Warning"; 169 taskData->messages.emplace_back(messages::taskAborted(index)); 170 return task::completed; 171 } 172 173 if (state->ends_with("Staged")) 174 { 175 taskData->state = "Stopping"; 176 taskData->messages.emplace_back(messages::taskPaused(index)); 177 178 // its staged, set a long timer to 179 // allow them time to complete the 180 // update (probably cycle the 181 // system) if this expires then 182 // task will be canceled 183 taskData->extendTimer(std::chrono::hours(5)); 184 return !task::completed; 185 } 186 187 if (state->ends_with("Active")) 188 { 189 taskData->messages.emplace_back(messages::taskCompletedOK(index)); 190 taskData->state = "Completed"; 191 return task::completed; 192 } 193 } 194 else if (iface == "xyz.openbmc_project.Software.ActivationProgress") 195 { 196 const uint8_t* progress = nullptr; 197 for (const auto& property : values) 198 { 199 if (property.first == "Progress") 200 { 201 progress = std::get_if<uint8_t>(&property.second); 202 if (progress == nullptr) 203 { 204 taskData->messages.emplace_back(messages::internalError()); 205 return task::completed; 206 } 207 } 208 } 209 210 if (progress == nullptr) 211 { 212 return !task::completed; 213 } 214 taskData->percentComplete = *progress; 215 taskData->messages.emplace_back( 216 messages::taskProgressChanged(index, *progress)); 217 218 // if we're getting status updates it's 219 // still alive, update timer 220 taskData->extendTimer(std::chrono::minutes(5)); 221 } 222 223 // as firmware update often results in a 224 // reboot, the task may never "complete" 225 // unless it is an error 226 227 return !task::completed; 228 } 229 230 inline void createTask(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 231 task::Payload&& payload, 232 const sdbusplus::message::object_path& objPath) 233 { 234 std::shared_ptr<task::TaskData> task = task::TaskData::createTask( 235 std::bind_front(handleCreateTask), 236 "type='signal',interface='org.freedesktop.DBus.Properties'," 237 "member='PropertiesChanged',path='" + 238 objPath.str + "'"); 239 task->startTimer(std::chrono::minutes(5)); 240 task->populateResp(asyncResp->res); 241 task->payload.emplace(std::move(payload)); 242 } 243 244 // Note that asyncResp can be either a valid pointer or nullptr. If nullptr 245 // then no asyncResp updates will occur 246 static void 247 softwareInterfaceAdded(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 248 sdbusplus::message_t& m, task::Payload&& payload) 249 { 250 dbus::utility::DBusInterfacesMap interfacesProperties; 251 252 sdbusplus::message::object_path objPath; 253 254 m.read(objPath, interfacesProperties); 255 256 BMCWEB_LOG_DEBUG("obj path = {}", objPath.str); 257 for (const auto& interface : interfacesProperties) 258 { 259 BMCWEB_LOG_DEBUG("interface = {}", interface.first); 260 261 if (interface.first == "xyz.openbmc_project.Software.Activation") 262 { 263 // Retrieve service and activate 264 constexpr std::array<std::string_view, 1> interfaces = { 265 "xyz.openbmc_project.Software.Activation"}; 266 dbus::utility::getDbusObject( 267 objPath.str, interfaces, 268 [objPath, asyncResp, payload(std::move(payload))]( 269 const boost::system::error_code& ec, 270 const std::vector< 271 std::pair<std::string, std::vector<std::string>>>& 272 objInfo) mutable { 273 if (ec) 274 { 275 BMCWEB_LOG_DEBUG("error_code = {}", ec); 276 BMCWEB_LOG_DEBUG("error msg = {}", ec.message()); 277 if (asyncResp) 278 { 279 messages::internalError(asyncResp->res); 280 } 281 cleanUp(); 282 return; 283 } 284 // Ensure we only got one service back 285 if (objInfo.size() != 1) 286 { 287 BMCWEB_LOG_ERROR("Invalid Object Size {}", objInfo.size()); 288 if (asyncResp) 289 { 290 messages::internalError(asyncResp->res); 291 } 292 cleanUp(); 293 return; 294 } 295 // cancel timer only when 296 // xyz.openbmc_project.Software.Activation interface 297 // is added 298 fwAvailableTimer = nullptr; 299 300 activateImage(objPath.str, objInfo[0].first); 301 if (asyncResp) 302 { 303 createTask(asyncResp, std::move(payload), objPath); 304 } 305 fwUpdateInProgress = false; 306 }); 307 308 break; 309 } 310 } 311 } 312 313 inline void afterAvailbleTimerAsyncWait( 314 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 315 const boost::system::error_code& ec) 316 { 317 cleanUp(); 318 if (ec == boost::asio::error::operation_aborted) 319 { 320 // expected, we were canceled before the timer completed. 321 return; 322 } 323 BMCWEB_LOG_ERROR("Timed out waiting for firmware object being created"); 324 BMCWEB_LOG_ERROR("FW image may has already been uploaded to server"); 325 if (ec) 326 { 327 BMCWEB_LOG_ERROR("Async_wait failed{}", ec); 328 return; 329 } 330 if (asyncResp) 331 { 332 redfish::messages::internalError(asyncResp->res); 333 } 334 } 335 336 inline void 337 handleUpdateErrorType(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 338 const std::string& url, const std::string& type) 339 { 340 if (type == "xyz.openbmc_project.Software.Image.Error.UnTarFailure") 341 { 342 redfish::messages::invalidUpload(asyncResp->res, url, 343 "Invalid archive"); 344 } 345 else if (type == 346 "xyz.openbmc_project.Software.Image.Error.ManifestFileFailure") 347 { 348 redfish::messages::invalidUpload(asyncResp->res, url, 349 "Invalid manifest"); 350 } 351 else if (type == "xyz.openbmc_project.Software.Image.Error.ImageFailure") 352 { 353 redfish::messages::invalidUpload(asyncResp->res, url, 354 "Invalid image format"); 355 } 356 else if (type == "xyz.openbmc_project.Software.Version.Error.AlreadyExists") 357 { 358 redfish::messages::invalidUpload(asyncResp->res, url, 359 "Image version already exists"); 360 361 redfish::messages::resourceAlreadyExists( 362 asyncResp->res, "UpdateService", "Version", "uploaded version"); 363 } 364 else if (type == "xyz.openbmc_project.Software.Image.Error.BusyFailure") 365 { 366 redfish::messages::resourceExhaustion(asyncResp->res, url); 367 } 368 else if (type == "xyz.openbmc_project.Software.Version.Error.Incompatible") 369 { 370 redfish::messages::invalidUpload(asyncResp->res, url, 371 "Incompatible image version"); 372 } 373 else if (type == 374 "xyz.openbmc_project.Software.Version.Error.ExpiredAccessKey") 375 { 376 redfish::messages::invalidUpload(asyncResp->res, url, 377 "Update Access Key Expired"); 378 } 379 else if (type == 380 "xyz.openbmc_project.Software.Version.Error.InvalidSignature") 381 { 382 redfish::messages::invalidUpload(asyncResp->res, url, 383 "Invalid image signature"); 384 } 385 else if (type == 386 "xyz.openbmc_project.Software.Image.Error.InternalFailure" || 387 type == "xyz.openbmc_project.Software.Version.Error.HostFile") 388 { 389 BMCWEB_LOG_ERROR("Software Image Error type={}", type); 390 redfish::messages::internalError(asyncResp->res); 391 } 392 else 393 { 394 // Unrelated error types. Ignored 395 BMCWEB_LOG_INFO("Non-Software-related Error type={}. Ignored", type); 396 return; 397 } 398 // Clear the timer 399 fwAvailableTimer = nullptr; 400 } 401 402 inline void 403 afterUpdateErrorMatcher(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 404 const std::string& url, sdbusplus::message_t& m) 405 { 406 dbus::utility::DBusInterfacesMap interfacesProperties; 407 sdbusplus::message::object_path objPath; 408 m.read(objPath, interfacesProperties); 409 BMCWEB_LOG_DEBUG("obj path = {}", objPath.str); 410 for (const std::pair<std::string, dbus::utility::DBusPropertiesMap>& 411 interface : interfacesProperties) 412 { 413 if (interface.first == "xyz.openbmc_project.Logging.Entry") 414 { 415 for (const std::pair<std::string, dbus::utility::DbusVariantType>& 416 value : interface.second) 417 { 418 if (value.first != "Message") 419 { 420 continue; 421 } 422 const std::string* type = 423 std::get_if<std::string>(&value.second); 424 if (type == nullptr) 425 { 426 // if this was our message, timeout will cover it 427 return; 428 } 429 handleUpdateErrorType(asyncResp, url, *type); 430 } 431 } 432 } 433 } 434 435 // Note that asyncResp can be either a valid pointer or nullptr. If nullptr 436 // then no asyncResp updates will occur 437 inline void monitorForSoftwareAvailable( 438 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 439 const crow::Request& req, const std::string& url, 440 int timeoutTimeSeconds = 25) 441 { 442 // Only allow one FW update at a time 443 if (fwUpdateInProgress) 444 { 445 if (asyncResp) 446 { 447 messages::serviceTemporarilyUnavailable(asyncResp->res, "30"); 448 } 449 return; 450 } 451 452 if (req.ioService == nullptr) 453 { 454 messages::internalError(asyncResp->res); 455 return; 456 } 457 458 fwAvailableTimer = 459 std::make_unique<boost::asio::steady_timer>(*req.ioService); 460 461 fwAvailableTimer->expires_after(std::chrono::seconds(timeoutTimeSeconds)); 462 463 fwAvailableTimer->async_wait( 464 std::bind_front(afterAvailbleTimerAsyncWait, asyncResp)); 465 466 task::Payload payload(req); 467 auto callback = [asyncResp, payload](sdbusplus::message_t& m) mutable { 468 BMCWEB_LOG_DEBUG("Match fired"); 469 softwareInterfaceAdded(asyncResp, m, std::move(payload)); 470 }; 471 472 fwUpdateInProgress = true; 473 474 fwUpdateMatcher = std::make_unique<sdbusplus::bus::match_t>( 475 *crow::connections::systemBus, 476 "interface='org.freedesktop.DBus.ObjectManager',type='signal'," 477 "member='InterfacesAdded',path='/xyz/openbmc_project/software'", 478 callback); 479 480 fwUpdateErrorMatcher = std::make_unique<sdbusplus::bus::match_t>( 481 *crow::connections::systemBus, 482 "interface='org.freedesktop.DBus.ObjectManager',type='signal'," 483 "member='InterfacesAdded'," 484 "path='/xyz/openbmc_project/logging'", 485 std::bind_front(afterUpdateErrorMatcher, asyncResp, url)); 486 } 487 488 inline std::optional<boost::urls::url> 489 parseSimpleUpdateUrl(std::string imageURI, 490 std::optional<std::string> transferProtocol, 491 crow::Response& res) 492 { 493 if (imageURI.find("://") == std::string::npos) 494 { 495 if (imageURI.starts_with("/")) 496 { 497 messages::actionParameterValueTypeError( 498 res, imageURI, "ImageURI", "UpdateService.SimpleUpdate"); 499 return std::nullopt; 500 } 501 if (!transferProtocol) 502 { 503 messages::actionParameterValueTypeError( 504 res, imageURI, "ImageURI", "UpdateService.SimpleUpdate"); 505 return std::nullopt; 506 } 507 // OpenBMC currently only supports TFTP or HTTPS 508 if (*transferProtocol == "TFTP") 509 { 510 imageURI = "tftp://" + imageURI; 511 } 512 else if (*transferProtocol == "HTTPS") 513 { 514 imageURI = "https://" + imageURI; 515 } 516 else 517 { 518 messages::actionParameterNotSupported(res, "TransferProtocol", 519 *transferProtocol); 520 BMCWEB_LOG_ERROR("Request incorrect protocol parameter: {}", 521 *transferProtocol); 522 return std::nullopt; 523 } 524 } 525 526 boost::system::result<boost::urls::url> url = 527 boost::urls::parse_absolute_uri(imageURI); 528 if (!url) 529 { 530 messages::actionParameterValueTypeError(res, imageURI, "ImageURI", 531 "UpdateService.SimpleUpdate"); 532 533 return std::nullopt; 534 } 535 url->normalize(); 536 537 if (url->scheme() == "tftp") 538 { 539 if (url->encoded_path().size() < 2) 540 { 541 messages::actionParameterNotSupported(res, "ImageURI", 542 url->buffer()); 543 return std::nullopt; 544 } 545 } 546 else if (url->scheme() == "https") 547 { 548 // Empty paths default to "/" 549 if (url->encoded_path().empty()) 550 { 551 url->set_encoded_path("/"); 552 } 553 } 554 else 555 { 556 messages::actionParameterNotSupported(res, "ImageURI", imageURI); 557 return std::nullopt; 558 } 559 560 if (url->encoded_path().empty()) 561 { 562 messages::actionParameterValueTypeError(res, imageURI, "ImageURI", 563 "UpdateService.SimpleUpdate"); 564 return std::nullopt; 565 } 566 567 return *url; 568 } 569 570 inline void doHttpsUpdate(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 571 const boost::urls::url_view_base& url) 572 { 573 messages::actionParameterNotSupported(asyncResp->res, "ImageURI", 574 url.buffer()); 575 } 576 577 inline void handleUpdateServiceSimpleUpdateAction( 578 crow::App& app, const crow::Request& req, 579 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 580 { 581 if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 582 { 583 return; 584 } 585 586 std::optional<std::string> transferProtocol; 587 std::string imageURI; 588 589 BMCWEB_LOG_DEBUG("Enter UpdateService.SimpleUpdate doPost"); 590 591 // User can pass in both TransferProtocol and ImageURI parameters or 592 // they can pass in just the ImageURI with the transfer protocol 593 // embedded within it. 594 // 1) TransferProtocol:TFTP ImageURI:1.1.1.1/myfile.bin 595 // 2) ImageURI:tftp://1.1.1.1/myfile.bin 596 597 if (!json_util::readJsonAction(req, asyncResp->res, "TransferProtocol", 598 transferProtocol, "ImageURI", imageURI)) 599 { 600 BMCWEB_LOG_DEBUG("Missing TransferProtocol or ImageURI parameter"); 601 return; 602 } 603 604 std::optional<boost::urls::url> url = 605 parseSimpleUpdateUrl(imageURI, transferProtocol, asyncResp->res); 606 if (!url) 607 { 608 return; 609 } 610 if (url->scheme() == "https") 611 { 612 doHttpsUpdate(asyncResp, *url); 613 } 614 else 615 { 616 messages::actionParameterNotSupported(asyncResp->res, "ImageURI", 617 url->buffer()); 618 return; 619 } 620 621 BMCWEB_LOG_DEBUG("Exit UpdateService.SimpleUpdate doPost"); 622 } 623 624 inline void uploadImageFile(crow::Response& res, std::string_view body) 625 { 626 std::filesystem::path filepath("/tmp/images/" + bmcweb::getRandomUUID()); 627 628 BMCWEB_LOG_DEBUG("Writing file to {}", filepath.string()); 629 std::ofstream out(filepath, std::ofstream::out | std::ofstream::binary | 630 std::ofstream::trunc); 631 // set the permission of the file to 640 632 std::filesystem::perms permission = std::filesystem::perms::owner_read | 633 std::filesystem::perms::group_read; 634 std::filesystem::permissions(filepath, permission); 635 out << body; 636 637 if (out.bad()) 638 { 639 messages::internalError(res); 640 cleanUp(); 641 } 642 } 643 644 // Convert the Request Apply Time to the D-Bus value 645 inline bool convertApplyTime(crow::Response& res, const std::string& applyTime, 646 std::string& applyTimeNewVal) 647 { 648 if (applyTime == "Immediate") 649 { 650 applyTimeNewVal = 651 "xyz.openbmc_project.Software.ApplyTime.RequestedApplyTimes.Immediate"; 652 } 653 else if (applyTime == "OnReset") 654 { 655 applyTimeNewVal = 656 "xyz.openbmc_project.Software.ApplyTime.RequestedApplyTimes.OnReset"; 657 } 658 else 659 { 660 BMCWEB_LOG_WARNING( 661 "ApplyTime value {} is not in the list of acceptable values", 662 applyTime); 663 messages::propertyValueNotInList(res, applyTime, "ApplyTime"); 664 return false; 665 } 666 return true; 667 } 668 669 inline void setApplyTime(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 670 const std::string& applyTime) 671 { 672 std::string applyTimeNewVal; 673 if (!convertApplyTime(asyncResp->res, applyTime, applyTimeNewVal)) 674 { 675 return; 676 } 677 678 setDbusProperty(asyncResp, "ApplyTime", "xyz.openbmc_project.Settings", 679 sdbusplus::message::object_path( 680 "/xyz/openbmc_project/software/apply_time"), 681 "xyz.openbmc_project.Software.ApplyTime", 682 "RequestedApplyTime", applyTimeNewVal); 683 } 684 685 struct MultiPartUpdateParameters 686 { 687 std::optional<std::string> applyTime; 688 std::string uploadData; 689 std::vector<std::string> targets; 690 }; 691 692 inline std::optional<std::string> 693 processUrl(boost::system::result<boost::urls::url_view>& url) 694 { 695 if (!url) 696 { 697 return std::nullopt; 698 } 699 if (crow::utility::readUrlSegments(*url, "redfish", "v1", "Managers", 700 BMCWEB_REDFISH_MANAGER_URI_NAME)) 701 { 702 return std::make_optional(std::string(BMCWEB_REDFISH_MANAGER_URI_NAME)); 703 } 704 if constexpr (!BMCWEB_REDFISH_UPDATESERVICE_USE_DBUS) 705 { 706 return std::nullopt; 707 } 708 std::string firmwareId; 709 if (!crow::utility::readUrlSegments(*url, "redfish", "v1", "UpdateService", 710 "FirmwareInventory", 711 std::ref(firmwareId))) 712 { 713 return std::nullopt; 714 } 715 716 return std::make_optional(firmwareId); 717 } 718 719 inline std::optional<MultiPartUpdateParameters> 720 extractMultipartUpdateParameters( 721 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 722 MultipartParser parser) 723 { 724 MultiPartUpdateParameters multiRet; 725 for (FormPart& formpart : parser.mime_fields) 726 { 727 boost::beast::http::fields::const_iterator it = 728 formpart.fields.find("Content-Disposition"); 729 if (it == formpart.fields.end()) 730 { 731 BMCWEB_LOG_ERROR("Couldn't find Content-Disposition"); 732 return std::nullopt; 733 } 734 BMCWEB_LOG_INFO("Parsing value {}", it->value()); 735 736 // The construction parameters of param_list must start with `;` 737 size_t index = it->value().find(';'); 738 if (index == std::string::npos) 739 { 740 continue; 741 } 742 743 for (const auto& param : 744 boost::beast::http::param_list{it->value().substr(index)}) 745 { 746 if (param.first != "name" || param.second.empty()) 747 { 748 continue; 749 } 750 751 if (param.second == "UpdateParameters") 752 { 753 std::vector<std::string> tempTargets; 754 nlohmann::json content = nlohmann::json::parse(formpart.content, 755 nullptr, false); 756 if (content.is_discarded()) 757 { 758 return std::nullopt; 759 } 760 nlohmann::json::object_t* obj = 761 content.get_ptr<nlohmann::json::object_t*>(); 762 if (obj == nullptr) 763 { 764 messages::propertyValueTypeError( 765 asyncResp->res, formpart.content, "UpdateParameters"); 766 return std::nullopt; 767 } 768 769 if (!json_util::readJsonObject( 770 *obj, asyncResp->res, "Targets", tempTargets, 771 "@Redfish.OperationApplyTime", multiRet.applyTime)) 772 { 773 return std::nullopt; 774 } 775 776 for (size_t urlIndex = 0; urlIndex < tempTargets.size(); 777 urlIndex++) 778 { 779 const std::string& target = tempTargets[urlIndex]; 780 boost::system::result<boost::urls::url_view> url = 781 boost::urls::parse_origin_form(target); 782 auto res = processUrl(url); 783 if (!res.has_value()) 784 { 785 messages::propertyValueFormatError( 786 asyncResp->res, target, 787 std::format("Targets/{}", urlIndex)); 788 return std::nullopt; 789 } 790 multiRet.targets.emplace_back(res.value()); 791 } 792 if (multiRet.targets.size() != 1) 793 { 794 messages::propertyValueFormatError( 795 asyncResp->res, multiRet.targets, "Targets"); 796 return std::nullopt; 797 } 798 } 799 else if (param.second == "UpdateFile") 800 { 801 multiRet.uploadData = std::move(formpart.content); 802 } 803 } 804 } 805 806 if (multiRet.uploadData.empty()) 807 { 808 BMCWEB_LOG_ERROR("Upload data is NULL"); 809 messages::propertyMissing(asyncResp->res, "UpdateFile"); 810 return std::nullopt; 811 } 812 if (multiRet.targets.empty()) 813 { 814 messages::propertyMissing(asyncResp->res, "Targets"); 815 return std::nullopt; 816 } 817 return multiRet; 818 } 819 820 inline void 821 handleStartUpdate(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 822 task::Payload payload, const std::string& objectPath, 823 const boost::system::error_code& ec, 824 const sdbusplus::message::object_path& retPath) 825 { 826 if (ec) 827 { 828 BMCWEB_LOG_ERROR("error_code = {}", ec); 829 BMCWEB_LOG_ERROR("error msg = {}", ec.message()); 830 messages::internalError(asyncResp->res); 831 return; 832 } 833 834 BMCWEB_LOG_INFO("Call to StartUpdate Success, retPath = {}", retPath.str); 835 createTask(asyncResp, std::move(payload), objectPath); 836 } 837 838 inline void startUpdate(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 839 task::Payload payload, 840 const MemoryFileDescriptor& memfd, 841 const std::string& applyTime, 842 const std::string& objectPath, 843 const std::string& serviceName) 844 { 845 crow::connections::systemBus->async_method_call( 846 [asyncResp, payload = std::move(payload), 847 objectPath](const boost::system::error_code& ec1, 848 const sdbusplus::message::object_path& retPath) mutable { 849 handleStartUpdate(asyncResp, std::move(payload), objectPath, ec1, 850 retPath); 851 }, 852 serviceName, objectPath, "xyz.openbmc_project.Software.Update", 853 "StartUpdate", sdbusplus::message::unix_fd(memfd.fd), applyTime); 854 } 855 856 inline void getSwInfo(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 857 task::Payload payload, const MemoryFileDescriptor& memfd, 858 const std::string& applyTime, const std::string& target, 859 const boost::system::error_code& ec, 860 const dbus::utility::MapperGetSubTreeResponse& subtree) 861 { 862 using SwInfoMap = std::unordered_map< 863 std::string, std::pair<sdbusplus::message::object_path, std::string>>; 864 SwInfoMap swInfoMap; 865 866 if (ec) 867 { 868 BMCWEB_LOG_ERROR("error_code = {}", ec); 869 BMCWEB_LOG_ERROR("error msg = {}", ec.message()); 870 messages::internalError(asyncResp->res); 871 return; 872 } 873 BMCWEB_LOG_DEBUG("Found {} software version paths", subtree.size()); 874 875 for (const auto& entry : subtree) 876 { 877 sdbusplus::message::object_path path(entry.first); 878 std::string swId = path.filename(); 879 swInfoMap.emplace(swId, make_pair(path, entry.second[0].first)); 880 } 881 882 auto swEntry = swInfoMap.find(target); 883 if (swEntry == swInfoMap.end()) 884 { 885 BMCWEB_LOG_WARNING("No valid DBus path for Target URI {}", target); 886 messages::propertyValueFormatError(asyncResp->res, target, "Targets"); 887 return; 888 } 889 890 BMCWEB_LOG_DEBUG("Found software version path {} serviceName {}", 891 swEntry->second.first.str, swEntry->second.second); 892 893 startUpdate(asyncResp, std::move(payload), memfd, applyTime, 894 swEntry->second.first.str, swEntry->second.second); 895 } 896 897 inline void 898 handleBMCUpdate(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 899 task::Payload payload, const MemoryFileDescriptor& memfd, 900 const std::string& applyTime, 901 const boost::system::error_code& ec, 902 const dbus::utility::MapperEndPoints& functionalSoftware) 903 { 904 if (ec) 905 { 906 BMCWEB_LOG_ERROR("error_code = {}", ec); 907 BMCWEB_LOG_ERROR("error msg = {}", ec.message()); 908 messages::internalError(asyncResp->res); 909 return; 910 } 911 if (functionalSoftware.size() != 1) 912 { 913 BMCWEB_LOG_ERROR("Found {} functional software endpoints", 914 functionalSoftware.size()); 915 messages::internalError(asyncResp->res); 916 return; 917 } 918 919 startUpdate(asyncResp, std::move(payload), memfd, applyTime, 920 functionalSoftware[0], "xyz.openbmc_project.Software.Manager"); 921 } 922 923 inline void 924 processUpdateRequest(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 925 task::Payload&& payload, std::string_view body, 926 const std::string& applyTime, 927 std::vector<std::string>& targets) 928 { 929 MemoryFileDescriptor memfd("update-image"); 930 if (memfd.fd == -1) 931 { 932 BMCWEB_LOG_ERROR("Failed to create image memfd"); 933 messages::internalError(asyncResp->res); 934 return; 935 } 936 if (write(memfd.fd, body.data(), body.length()) != 937 static_cast<ssize_t>(body.length())) 938 { 939 BMCWEB_LOG_ERROR("Failed to write to image memfd"); 940 messages::internalError(asyncResp->res); 941 return; 942 } 943 if (!memfd.rewind()) 944 { 945 messages::internalError(asyncResp->res); 946 return; 947 } 948 949 if (!targets.empty() && targets[0] == BMCWEB_REDFISH_MANAGER_URI_NAME) 950 { 951 dbus::utility::getAssociationEndPoints( 952 "/xyz/openbmc_project/software/bmc/functional", 953 [asyncResp, payload = std::move(payload), memfd = std::move(memfd), 954 applyTime]( 955 const boost::system::error_code& ec, 956 const dbus::utility::MapperEndPoints& objectPaths) mutable { 957 handleBMCUpdate(asyncResp, std::move(payload), memfd, applyTime, ec, 958 objectPaths); 959 }); 960 } 961 else 962 { 963 constexpr std::array<std::string_view, 1> interfaces = { 964 "xyz.openbmc_project.Software.Version"}; 965 dbus::utility::getSubTree( 966 "/xyz/openbmc_project/software", 1, interfaces, 967 [asyncResp, payload = std::move(payload), memfd = std::move(memfd), 968 applyTime, targets](const boost::system::error_code& ec, 969 const dbus::utility::MapperGetSubTreeResponse& 970 subtree) mutable { 971 getSwInfo(asyncResp, std::move(payload), memfd, applyTime, 972 targets[0], ec, subtree); 973 }); 974 } 975 } 976 977 inline void 978 updateMultipartContext(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 979 const crow::Request& req, MultipartParser&& parser) 980 { 981 std::optional<MultiPartUpdateParameters> multipart = 982 extractMultipartUpdateParameters(asyncResp, std::move(parser)); 983 if (!multipart) 984 { 985 return; 986 } 987 if (!multipart->applyTime) 988 { 989 multipart->applyTime = "OnReset"; 990 } 991 992 if constexpr (BMCWEB_REDFISH_UPDATESERVICE_USE_DBUS) 993 { 994 std::string applyTimeNewVal; 995 if (!convertApplyTime(asyncResp->res, *multipart->applyTime, 996 applyTimeNewVal)) 997 { 998 return; 999 } 1000 task::Payload payload(req); 1001 1002 processUpdateRequest(asyncResp, std::move(payload), 1003 multipart->uploadData, applyTimeNewVal, 1004 multipart->targets); 1005 } 1006 else 1007 { 1008 setApplyTime(asyncResp, *multipart->applyTime); 1009 1010 // Setup callback for when new software detected 1011 monitorForSoftwareAvailable(asyncResp, req, 1012 "/redfish/v1/UpdateService"); 1013 1014 uploadImageFile(asyncResp->res, multipart->uploadData); 1015 } 1016 } 1017 1018 inline void doHTTPUpdate(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 1019 const crow::Request& req) 1020 { 1021 if constexpr (BMCWEB_REDFISH_UPDATESERVICE_USE_DBUS) 1022 { 1023 task::Payload payload(req); 1024 // HTTP push only supports BMC updates (with ApplyTime as immediate) for 1025 // backwards compatibility. Specific component updates will be handled 1026 // through Multipart form HTTP push. 1027 std::vector<std::string> targets; 1028 targets.emplace_back(BMCWEB_REDFISH_MANAGER_URI_NAME); 1029 1030 processUpdateRequest( 1031 asyncResp, std::move(payload), req.body(), 1032 "xyz.openbmc_project.Software.ApplyTime.RequestedApplyTimes.Immediate", 1033 targets); 1034 } 1035 else 1036 { 1037 // Setup callback for when new software detected 1038 monitorForSoftwareAvailable(asyncResp, req, 1039 "/redfish/v1/UpdateService"); 1040 1041 uploadImageFile(asyncResp->res, req.body()); 1042 } 1043 } 1044 1045 inline void 1046 handleUpdateServicePost(App& app, const crow::Request& req, 1047 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 1048 { 1049 if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 1050 { 1051 return; 1052 } 1053 std::string_view contentType = req.getHeaderValue("Content-Type"); 1054 1055 BMCWEB_LOG_DEBUG("doPost: contentType={}", contentType); 1056 1057 // Make sure that content type is application/octet-stream or 1058 // multipart/form-data 1059 if (bmcweb::asciiIEquals(contentType, "application/octet-stream")) 1060 { 1061 doHTTPUpdate(asyncResp, req); 1062 } 1063 else if (contentType.starts_with("multipart/form-data")) 1064 { 1065 MultipartParser parser; 1066 1067 ParserError ec = parser.parse(req); 1068 if (ec != ParserError::PARSER_SUCCESS) 1069 { 1070 // handle error 1071 BMCWEB_LOG_ERROR("MIME parse failed, ec : {}", 1072 static_cast<int>(ec)); 1073 messages::internalError(asyncResp->res); 1074 return; 1075 } 1076 1077 updateMultipartContext(asyncResp, req, std::move(parser)); 1078 } 1079 else 1080 { 1081 BMCWEB_LOG_DEBUG("Bad content type specified:{}", contentType); 1082 asyncResp->res.result(boost::beast::http::status::bad_request); 1083 } 1084 } 1085 1086 inline void 1087 handleUpdateServiceGet(App& app, const crow::Request& req, 1088 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 1089 { 1090 if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 1091 { 1092 return; 1093 } 1094 asyncResp->res.jsonValue["@odata.type"] = 1095 "#UpdateService.v1_11_1.UpdateService"; 1096 asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/UpdateService"; 1097 asyncResp->res.jsonValue["Id"] = "UpdateService"; 1098 asyncResp->res.jsonValue["Description"] = "Service for Software Update"; 1099 asyncResp->res.jsonValue["Name"] = "Update Service"; 1100 1101 asyncResp->res.jsonValue["HttpPushUri"] = 1102 "/redfish/v1/UpdateService/update"; 1103 asyncResp->res.jsonValue["MultipartHttpPushUri"] = 1104 "/redfish/v1/UpdateService/update"; 1105 1106 // UpdateService cannot be disabled 1107 asyncResp->res.jsonValue["ServiceEnabled"] = true; 1108 asyncResp->res.jsonValue["FirmwareInventory"]["@odata.id"] = 1109 "/redfish/v1/UpdateService/FirmwareInventory"; 1110 // Get the MaxImageSizeBytes 1111 asyncResp->res.jsonValue["MaxImageSizeBytes"] = BMCWEB_HTTP_BODY_LIMIT * 1112 1024 * 1024; 1113 1114 // Update Actions object. 1115 nlohmann::json& updateSvcSimpleUpdate = 1116 asyncResp->res.jsonValue["Actions"]["#UpdateService.SimpleUpdate"]; 1117 updateSvcSimpleUpdate["target"] = 1118 "/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate"; 1119 1120 nlohmann::json::array_t allowed; 1121 allowed.emplace_back(update_service::TransferProtocolType::HTTPS); 1122 1123 if constexpr (BMCWEB_INSECURE_PUSH_STYLE_NOTIFICATION) 1124 { 1125 allowed.emplace_back(update_service::TransferProtocolType::TFTP); 1126 } 1127 1128 updateSvcSimpleUpdate["TransferProtocol@Redfish.AllowableValues"] = 1129 std::move(allowed); 1130 1131 asyncResp->res 1132 .jsonValue["HttpPushUriOptions"]["HttpPushUriApplyTime"]["ApplyTime"] = 1133 update_service::ApplyTime::Immediate; 1134 } 1135 1136 inline void handleUpdateServiceFirmwareInventoryCollectionGet( 1137 App& app, const crow::Request& req, 1138 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 1139 { 1140 if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 1141 { 1142 return; 1143 } 1144 asyncResp->res.jsonValue["@odata.type"] = 1145 "#SoftwareInventoryCollection.SoftwareInventoryCollection"; 1146 asyncResp->res.jsonValue["@odata.id"] = 1147 "/redfish/v1/UpdateService/FirmwareInventory"; 1148 asyncResp->res.jsonValue["Name"] = "Software Inventory Collection"; 1149 const std::array<const std::string_view, 1> iface = { 1150 "xyz.openbmc_project.Software.Version"}; 1151 1152 redfish::collection_util::getCollectionMembers( 1153 asyncResp, 1154 boost::urls::url("/redfish/v1/UpdateService/FirmwareInventory"), iface, 1155 "/xyz/openbmc_project/software"); 1156 } 1157 1158 /* Fill related item links (i.e. bmc, bios) in for inventory */ 1159 inline void getRelatedItems(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 1160 const std::string& purpose) 1161 { 1162 if (purpose == sw_util::bmcPurpose) 1163 { 1164 nlohmann::json& relatedItem = asyncResp->res.jsonValue["RelatedItem"]; 1165 nlohmann::json::object_t item; 1166 item["@odata.id"] = boost::urls::format( 1167 "/redfish/v1/Managers/{}", BMCWEB_REDFISH_MANAGER_URI_NAME); 1168 relatedItem.emplace_back(std::move(item)); 1169 asyncResp->res.jsonValue["RelatedItem@odata.count"] = 1170 relatedItem.size(); 1171 } 1172 else if (purpose == sw_util::biosPurpose) 1173 { 1174 nlohmann::json& relatedItem = asyncResp->res.jsonValue["RelatedItem"]; 1175 nlohmann::json::object_t item; 1176 item["@odata.id"] = std::format("/redfish/v1/Systems/{}/Bios", 1177 BMCWEB_REDFISH_SYSTEM_URI_NAME); 1178 relatedItem.emplace_back(std::move(item)); 1179 asyncResp->res.jsonValue["RelatedItem@odata.count"] = 1180 relatedItem.size(); 1181 } 1182 else 1183 { 1184 BMCWEB_LOG_DEBUG("Unknown software purpose {}", purpose); 1185 } 1186 } 1187 1188 inline void 1189 getSoftwareVersion(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 1190 const std::string& service, const std::string& path, 1191 const std::string& swId) 1192 { 1193 sdbusplus::asio::getAllProperties( 1194 *crow::connections::systemBus, service, path, 1195 "xyz.openbmc_project.Software.Version", 1196 [asyncResp, 1197 swId](const boost::system::error_code& ec, 1198 const dbus::utility::DBusPropertiesMap& propertiesList) { 1199 if (ec) 1200 { 1201 messages::internalError(asyncResp->res); 1202 return; 1203 } 1204 1205 const std::string* swInvPurpose = nullptr; 1206 const std::string* version = nullptr; 1207 1208 const bool success = sdbusplus::unpackPropertiesNoThrow( 1209 dbus_utils::UnpackErrorPrinter(), propertiesList, "Purpose", 1210 swInvPurpose, "Version", version); 1211 1212 if (!success) 1213 { 1214 messages::internalError(asyncResp->res); 1215 return; 1216 } 1217 1218 if (swInvPurpose == nullptr) 1219 { 1220 BMCWEB_LOG_DEBUG("Can't find property \"Purpose\"!"); 1221 messages::internalError(asyncResp->res); 1222 return; 1223 } 1224 1225 BMCWEB_LOG_DEBUG("swInvPurpose = {}", *swInvPurpose); 1226 1227 if (version == nullptr) 1228 { 1229 BMCWEB_LOG_DEBUG("Can't find property \"Version\"!"); 1230 1231 messages::internalError(asyncResp->res); 1232 1233 return; 1234 } 1235 asyncResp->res.jsonValue["Version"] = *version; 1236 asyncResp->res.jsonValue["Id"] = swId; 1237 1238 // swInvPurpose is of format: 1239 // xyz.openbmc_project.Software.Version.VersionPurpose.ABC 1240 // Translate this to "ABC image" 1241 size_t endDesc = swInvPurpose->rfind('.'); 1242 if (endDesc == std::string::npos) 1243 { 1244 messages::internalError(asyncResp->res); 1245 return; 1246 } 1247 endDesc++; 1248 if (endDesc >= swInvPurpose->size()) 1249 { 1250 messages::internalError(asyncResp->res); 1251 return; 1252 } 1253 1254 std::string formatDesc = swInvPurpose->substr(endDesc); 1255 asyncResp->res.jsonValue["Description"] = formatDesc + " image"; 1256 getRelatedItems(asyncResp, *swInvPurpose); 1257 }); 1258 } 1259 1260 inline void handleUpdateServiceFirmwareInventoryGet( 1261 App& app, const crow::Request& req, 1262 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 1263 const std::string& param) 1264 { 1265 if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 1266 { 1267 return; 1268 } 1269 std::shared_ptr<std::string> swId = std::make_shared<std::string>(param); 1270 1271 asyncResp->res.jsonValue["@odata.id"] = boost::urls::format( 1272 "/redfish/v1/UpdateService/FirmwareInventory/{}", *swId); 1273 1274 constexpr std::array<std::string_view, 1> interfaces = { 1275 "xyz.openbmc_project.Software.Version"}; 1276 dbus::utility::getSubTree( 1277 "/", 0, interfaces, 1278 [asyncResp, 1279 swId](const boost::system::error_code& ec, 1280 const dbus::utility::MapperGetSubTreeResponse& subtree) { 1281 BMCWEB_LOG_DEBUG("doGet callback..."); 1282 if (ec) 1283 { 1284 messages::internalError(asyncResp->res); 1285 return; 1286 } 1287 1288 // Ensure we find our input swId, otherwise return an error 1289 bool found = false; 1290 for (const std::pair< 1291 std::string, 1292 std::vector<std::pair<std::string, std::vector<std::string>>>>& 1293 obj : subtree) 1294 { 1295 if (!obj.first.ends_with(*swId)) 1296 { 1297 continue; 1298 } 1299 1300 if (obj.second.empty()) 1301 { 1302 continue; 1303 } 1304 1305 found = true; 1306 sw_util::getSwStatus(asyncResp, swId, obj.second[0].first); 1307 getSoftwareVersion(asyncResp, obj.second[0].first, obj.first, 1308 *swId); 1309 } 1310 if (!found) 1311 { 1312 BMCWEB_LOG_WARNING("Input swID {} not found!", *swId); 1313 messages::resourceMissingAtURI( 1314 asyncResp->res, 1315 boost::urls::format( 1316 "/redfish/v1/UpdateService/FirmwareInventory/{}", *swId)); 1317 return; 1318 } 1319 asyncResp->res.jsonValue["@odata.type"] = 1320 "#SoftwareInventory.v1_1_0.SoftwareInventory"; 1321 asyncResp->res.jsonValue["Name"] = "Software Inventory"; 1322 asyncResp->res.jsonValue["Status"]["HealthRollup"] = 1323 resource::Health::OK; 1324 1325 asyncResp->res.jsonValue["Updateable"] = false; 1326 sw_util::getSwUpdatableStatus(asyncResp, swId); 1327 }); 1328 } 1329 1330 inline void requestRoutesUpdateService(App& app) 1331 { 1332 BMCWEB_ROUTE( 1333 app, "/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate/") 1334 .privileges(redfish::privileges::postUpdateService) 1335 .methods(boost::beast::http::verb::post)(std::bind_front( 1336 handleUpdateServiceSimpleUpdateAction, std::ref(app))); 1337 1338 BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/FirmwareInventory/<str>/") 1339 .privileges(redfish::privileges::getSoftwareInventory) 1340 .methods(boost::beast::http::verb::get)(std::bind_front( 1341 handleUpdateServiceFirmwareInventoryGet, std::ref(app))); 1342 1343 BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/") 1344 .privileges(redfish::privileges::getUpdateService) 1345 .methods(boost::beast::http::verb::get)( 1346 std::bind_front(handleUpdateServiceGet, std::ref(app))); 1347 1348 BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/update/") 1349 .privileges(redfish::privileges::postUpdateService) 1350 .methods(boost::beast::http::verb::post)( 1351 std::bind_front(handleUpdateServicePost, std::ref(app))); 1352 1353 BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/FirmwareInventory/") 1354 .privileges(redfish::privileges::getSoftwareInventoryCollection) 1355 .methods(boost::beast::http::verb::get)(std::bind_front( 1356 handleUpdateServiceFirmwareInventoryCollectionGet, std::ref(app))); 1357 } 1358 1359 } // namespace redfish 1360