1 #include "config.h" 2 3 #include <arpa/inet.h> 4 #include <fcntl.h> 5 #include <limits.h> 6 #include <linux/i2c-dev.h> 7 #include <linux/i2c.h> 8 #include <sys/ioctl.h> 9 #include <sys/stat.h> 10 #include <sys/types.h> 11 #include <systemd/sd-bus.h> 12 #include <unistd.h> 13 14 #include <app/channel.hpp> 15 #include <app/watchdog.hpp> 16 #include <apphandler.hpp> 17 #include <ipmid/api.hpp> 18 #include <ipmid/sessiondef.hpp> 19 #include <ipmid/sessionhelper.hpp> 20 #include <ipmid/types.hpp> 21 #include <ipmid/utils.hpp> 22 #include <nlohmann/json.hpp> 23 #include <phosphor-logging/elog-errors.hpp> 24 #include <phosphor-logging/lg2.hpp> 25 #include <sdbusplus/message/types.hpp> 26 #include <sys_info_param.hpp> 27 #include <xyz/openbmc_project/Common/error.hpp> 28 #include <xyz/openbmc_project/Control/Power/ACPIPowerState/server.hpp> 29 #include <xyz/openbmc_project/Software/Activation/server.hpp> 30 #include <xyz/openbmc_project/Software/Version/server.hpp> 31 #include <xyz/openbmc_project/State/BMC/server.hpp> 32 33 #include <algorithm> 34 #include <array> 35 #include <charconv> 36 #include <cstddef> 37 #include <cstdint> 38 #include <filesystem> 39 #include <fstream> 40 #include <memory> 41 #include <regex> 42 #include <string> 43 #include <string_view> 44 #include <tuple> 45 #include <vector> 46 47 extern sd_bus* bus; 48 49 constexpr auto bmc_state_interface = "xyz.openbmc_project.State.BMC"; 50 constexpr auto bmc_state_property = "CurrentBMCState"; 51 52 static constexpr auto redundancyIntf = 53 "xyz.openbmc_project.Software.RedundancyPriority"; 54 static constexpr auto versionIntf = "xyz.openbmc_project.Software.Version"; 55 static constexpr auto activationIntf = 56 "xyz.openbmc_project.Software.Activation"; 57 static constexpr auto softwareRoot = "/xyz/openbmc_project/software"; 58 59 void register_netfn_app_functions() __attribute__((constructor)); 60 61 using namespace phosphor::logging; 62 using namespace sdbusplus::error::xyz::openbmc_project::common; 63 using Version = sdbusplus::server::xyz::openbmc_project::software::Version; 64 using Activation = 65 sdbusplus::server::xyz::openbmc_project::software::Activation; 66 using BMC = sdbusplus::server::xyz::openbmc_project::state::BMC; 67 namespace fs = std::filesystem; 68 69 #ifdef ENABLE_I2C_WHITELIST_CHECK 70 typedef struct 71 { 72 uint8_t busId; 73 uint8_t targetAddr; 74 uint8_t targetAddrMask; 75 std::vector<uint8_t> data; 76 std::vector<uint8_t> dataMask; 77 } i2cControllerWRAllowlist; 78 79 static std::vector<i2cControllerWRAllowlist>& getWRAllowlist() 80 { 81 static std::vector<i2cControllerWRAllowlist> wrAllowlist; 82 return wrAllowlist; 83 } 84 85 static constexpr const char* i2cControllerWRAllowlistFile = 86 "/usr/share/ipmi-providers/master_write_read_white_list.json"; 87 88 static constexpr const char* filtersStr = "filters"; 89 static constexpr const char* busIdStr = "busId"; 90 static constexpr const char* targetAddrStr = "slaveAddr"; 91 static constexpr const char* targetAddrMaskStr = "slaveAddrMask"; 92 static constexpr const char* cmdStr = "command"; 93 static constexpr const char* cmdMaskStr = "commandMask"; 94 static constexpr int base_16 = 16; 95 #endif // ENABLE_I2C_WHITELIST_CHECK 96 static constexpr uint8_t oemCmdStart = 192; 97 static constexpr uint8_t invalidParamSelectorStart = 8; 98 static constexpr uint8_t invalidParamSelectorEnd = 191; 99 100 /** 101 * @brief Returns the Version info from primary s/w object 102 * 103 * Get the Version info from the active s/w object which is having high 104 * "Priority" value(a smaller number is a higher priority) and "Purpose" 105 * is "BMC" from the list of all s/w objects those are implementing 106 * RedundancyPriority interface from the given softwareRoot path. 107 * 108 * @return On success returns the Version info from primary s/w object. 109 * 110 */ 111 std::string getActiveSoftwareVersionInfo(ipmi::Context::ptr ctx) 112 { 113 std::string revision{}; 114 ipmi::ObjectTree objectTree; 115 try 116 { 117 objectTree = ipmi::getAllDbusObjects(*ctx->bus, softwareRoot, 118 redundancyIntf); 119 } 120 catch (const sdbusplus::exception_t& e) 121 { 122 lg2::error("Failed to fetch redundancy object from dbus, " 123 "interface: {INTERFACE}, error: {ERROR}", 124 "INTERFACE", redundancyIntf, "ERROR", e); 125 elog<InternalFailure>(); 126 } 127 128 auto objectFound = false; 129 for (auto& softObject : objectTree) 130 { 131 auto service = ipmi::getService(*ctx->bus, redundancyIntf, 132 softObject.first); 133 auto objValueTree = ipmi::getManagedObjects(*ctx->bus, service, 134 softwareRoot); 135 136 auto minPriority = 0xFF; 137 for (const auto& objIter : objValueTree) 138 { 139 try 140 { 141 auto& intfMap = objIter.second; 142 auto& redundancyPriorityProps = intfMap.at(redundancyIntf); 143 auto& versionProps = intfMap.at(versionIntf); 144 auto& activationProps = intfMap.at(activationIntf); 145 auto priority = 146 std::get<uint8_t>(redundancyPriorityProps.at("Priority")); 147 auto purpose = 148 std::get<std::string>(versionProps.at("Purpose")); 149 auto activation = 150 std::get<std::string>(activationProps.at("Activation")); 151 auto version = 152 std::get<std::string>(versionProps.at("Version")); 153 if ((Version::convertVersionPurposeFromString(purpose) == 154 Version::VersionPurpose::BMC) && 155 (Activation::convertActivationsFromString(activation) == 156 Activation::Activations::Active)) 157 { 158 if (priority < minPriority) 159 { 160 minPriority = priority; 161 objectFound = true; 162 revision = std::move(version); 163 } 164 } 165 } 166 catch (const std::exception& e) 167 { 168 lg2::error("error message: {ERROR}", "ERROR", e); 169 } 170 } 171 } 172 173 if (!objectFound) 174 { 175 lg2::error("Could not found an BMC software Object"); 176 elog<InternalFailure>(); 177 } 178 179 return revision; 180 } 181 182 bool getCurrentBmcState() 183 { 184 sdbusplus::bus_t bus{ipmid_get_sd_bus_connection()}; 185 186 // Get the Inventory object implementing the BMC interface 187 ipmi::DbusObjectInfo bmcObject = ipmi::getDbusObject(bus, 188 bmc_state_interface); 189 auto variant = ipmi::getDbusProperty(bus, bmcObject.second, bmcObject.first, 190 bmc_state_interface, 191 bmc_state_property); 192 193 return std::holds_alternative<std::string>(variant) && 194 BMC::convertBMCStateFromString(std::get<std::string>(variant)) == 195 BMC::BMCState::Ready; 196 } 197 198 bool getCurrentBmcStateWithFallback(const bool fallbackAvailability) 199 { 200 try 201 { 202 return getCurrentBmcState(); 203 } 204 catch (...) 205 { 206 // Nothing provided the BMC interface, therefore return whatever was 207 // configured as the default. 208 return fallbackAvailability; 209 } 210 } 211 212 namespace acpi_state 213 { 214 using namespace sdbusplus::server::xyz::openbmc_project::control::power; 215 216 const static constexpr char* acpiObjPath = 217 "/xyz/openbmc_project/control/host0/acpi_power_state"; 218 const static constexpr char* acpiInterface = 219 "xyz.openbmc_project.Control.Power.ACPIPowerState"; 220 const static constexpr char* sysACPIProp = "SysACPIStatus"; 221 const static constexpr char* devACPIProp = "DevACPIStatus"; 222 223 enum class PowerStateType : uint8_t 224 { 225 sysPowerState = 0x00, 226 devPowerState = 0x01, 227 }; 228 229 // Defined in 20.6 of ipmi doc 230 enum class PowerState : uint8_t 231 { 232 s0G0D0 = 0x00, 233 s1D1 = 0x01, 234 s2D2 = 0x02, 235 s3D3 = 0x03, 236 s4 = 0x04, 237 s5G2 = 0x05, 238 s4S5 = 0x06, 239 g3 = 0x07, 240 sleep = 0x08, 241 g1Sleep = 0x09, 242 override = 0x0a, 243 legacyOn = 0x20, 244 legacyOff = 0x21, 245 unknown = 0x2a, 246 noChange = 0x7f, 247 }; 248 249 static constexpr uint8_t stateChanged = 0x80; 250 251 std::map<ACPIPowerState::ACPI, PowerState> dbusToIPMI = { 252 {ACPIPowerState::ACPI::S0_G0_D0, PowerState::s0G0D0}, 253 {ACPIPowerState::ACPI::S1_D1, PowerState::s1D1}, 254 {ACPIPowerState::ACPI::S2_D2, PowerState::s2D2}, 255 {ACPIPowerState::ACPI::S3_D3, PowerState::s3D3}, 256 {ACPIPowerState::ACPI::S4, PowerState::s4}, 257 {ACPIPowerState::ACPI::S5_G2, PowerState::s5G2}, 258 {ACPIPowerState::ACPI::S4_S5, PowerState::s4S5}, 259 {ACPIPowerState::ACPI::G3, PowerState::g3}, 260 {ACPIPowerState::ACPI::SLEEP, PowerState::sleep}, 261 {ACPIPowerState::ACPI::G1_SLEEP, PowerState::g1Sleep}, 262 {ACPIPowerState::ACPI::OVERRIDE, PowerState::override}, 263 {ACPIPowerState::ACPI::LEGACY_ON, PowerState::legacyOn}, 264 {ACPIPowerState::ACPI::LEGACY_OFF, PowerState::legacyOff}, 265 {ACPIPowerState::ACPI::Unknown, PowerState::unknown}}; 266 267 bool isValidACPIState(acpi_state::PowerStateType type, uint8_t state) 268 { 269 if (type == acpi_state::PowerStateType::sysPowerState) 270 { 271 if ((state <= static_cast<uint8_t>(acpi_state::PowerState::override)) || 272 (state == static_cast<uint8_t>(acpi_state::PowerState::legacyOn)) || 273 (state == 274 static_cast<uint8_t>(acpi_state::PowerState::legacyOff)) || 275 (state == static_cast<uint8_t>(acpi_state::PowerState::unknown)) || 276 (state == static_cast<uint8_t>(acpi_state::PowerState::noChange))) 277 { 278 return true; 279 } 280 else 281 { 282 return false; 283 } 284 } 285 else if (type == acpi_state::PowerStateType::devPowerState) 286 { 287 if ((state <= static_cast<uint8_t>(acpi_state::PowerState::s3D3)) || 288 (state == static_cast<uint8_t>(acpi_state::PowerState::unknown)) || 289 (state == static_cast<uint8_t>(acpi_state::PowerState::noChange))) 290 { 291 return true; 292 } 293 else 294 { 295 return false; 296 } 297 } 298 else 299 { 300 return false; 301 } 302 return false; 303 } 304 } // namespace acpi_state 305 306 /** @brief implements Set ACPI Power State command 307 * @param sysAcpiState - ACPI system power state to set 308 * @param devAcpiState - ACPI device power state to set 309 * 310 * @return IPMI completion code on success 311 **/ 312 ipmi::RspType<> ipmiSetAcpiPowerState(uint8_t sysAcpiState, 313 uint8_t devAcpiState) 314 { 315 auto s = static_cast<uint8_t>(acpi_state::PowerState::unknown); 316 317 sdbusplus::bus_t bus{ipmid_get_sd_bus_connection()}; 318 319 auto value = acpi_state::ACPIPowerState::ACPI::Unknown; 320 321 if (sysAcpiState & acpi_state::stateChanged) 322 { 323 // set system power state 324 s = sysAcpiState & ~acpi_state::stateChanged; 325 326 if (!acpi_state::isValidACPIState( 327 acpi_state::PowerStateType::sysPowerState, s)) 328 { 329 lg2::error("set_acpi_power sys invalid input, S: {S}", "S", s); 330 return ipmi::responseParmOutOfRange(); 331 } 332 333 // valid input 334 if (s == static_cast<uint8_t>(acpi_state::PowerState::noChange)) 335 { 336 lg2::debug("No change for system power state"); 337 } 338 else 339 { 340 auto found = std::find_if(acpi_state::dbusToIPMI.begin(), 341 acpi_state::dbusToIPMI.end(), 342 [&s](const auto& iter) { 343 return (static_cast<uint8_t>(iter.second) == s); 344 }); 345 346 value = found->first; 347 348 try 349 { 350 auto acpiObject = 351 ipmi::getDbusObject(bus, acpi_state::acpiInterface); 352 ipmi::setDbusProperty(bus, acpiObject.second, acpiObject.first, 353 acpi_state::acpiInterface, 354 acpi_state::sysACPIProp, 355 convertForMessage(value)); 356 } 357 catch (const InternalFailure& e) 358 { 359 lg2::error("Failed in set ACPI system property: {ERROR}", 360 "ERROR", e); 361 return ipmi::responseUnspecifiedError(); 362 } 363 } 364 } 365 else 366 { 367 lg2::debug("Do not change system power state"); 368 } 369 370 if (devAcpiState & acpi_state::stateChanged) 371 { 372 // set device power state 373 s = devAcpiState & ~acpi_state::stateChanged; 374 if (!acpi_state::isValidACPIState( 375 acpi_state::PowerStateType::devPowerState, s)) 376 { 377 lg2::error("set_acpi_power dev invalid input, S: {S}", "S", s); 378 return ipmi::responseParmOutOfRange(); 379 } 380 381 // valid input 382 if (s == static_cast<uint8_t>(acpi_state::PowerState::noChange)) 383 { 384 lg2::debug("No change for device power state"); 385 } 386 else 387 { 388 auto found = std::find_if(acpi_state::dbusToIPMI.begin(), 389 acpi_state::dbusToIPMI.end(), 390 [&s](const auto& iter) { 391 return (static_cast<uint8_t>(iter.second) == s); 392 }); 393 394 value = found->first; 395 396 try 397 { 398 auto acpiObject = 399 ipmi::getDbusObject(bus, acpi_state::acpiInterface); 400 ipmi::setDbusProperty(bus, acpiObject.second, acpiObject.first, 401 acpi_state::acpiInterface, 402 acpi_state::devACPIProp, 403 convertForMessage(value)); 404 } 405 catch (const InternalFailure& e) 406 { 407 lg2::error("Failed in set ACPI device property: {ERROR}", 408 "ERROR", e); 409 return ipmi::responseUnspecifiedError(); 410 } 411 } 412 } 413 else 414 { 415 lg2::debug("Do not change device power state"); 416 } 417 return ipmi::responseSuccess(); 418 } 419 420 /** 421 * @brief implements the get ACPI power state command 422 * 423 * @return IPMI completion code plus response data on success. 424 * - ACPI system power state 425 * - ACPI device power state 426 **/ 427 ipmi::RspType<uint8_t, // acpiSystemPowerState 428 uint8_t // acpiDevicePowerState 429 > 430 ipmiGetAcpiPowerState() 431 { 432 uint8_t sysAcpiState; 433 uint8_t devAcpiState; 434 435 sdbusplus::bus_t bus{ipmid_get_sd_bus_connection()}; 436 437 try 438 { 439 auto acpiObject = ipmi::getDbusObject(bus, acpi_state::acpiInterface); 440 441 auto sysACPIVal = ipmi::getDbusProperty( 442 bus, acpiObject.second, acpiObject.first, acpi_state::acpiInterface, 443 acpi_state::sysACPIProp); 444 auto sysACPI = acpi_state::ACPIPowerState::convertACPIFromString( 445 std::get<std::string>(sysACPIVal)); 446 sysAcpiState = static_cast<uint8_t>(acpi_state::dbusToIPMI.at(sysACPI)); 447 448 auto devACPIVal = ipmi::getDbusProperty( 449 bus, acpiObject.second, acpiObject.first, acpi_state::acpiInterface, 450 acpi_state::devACPIProp); 451 auto devACPI = acpi_state::ACPIPowerState::convertACPIFromString( 452 std::get<std::string>(devACPIVal)); 453 devAcpiState = static_cast<uint8_t>(acpi_state::dbusToIPMI.at(devACPI)); 454 } 455 catch (const InternalFailure& e) 456 { 457 return ipmi::responseUnspecifiedError(); 458 } 459 460 return ipmi::responseSuccess(sysAcpiState, devAcpiState); 461 } 462 463 typedef struct 464 { 465 char major; 466 char minor; 467 uint8_t aux[4]; 468 } Revision; 469 470 /* Use regular expression searching matched pattern X.Y, and convert it to */ 471 /* Major (X) and Minor (Y) version. */ 472 /* Example: */ 473 /* version = 2.14.0-dev */ 474 /* ^ ^ */ 475 /* | |---------------- Minor */ 476 /* |------------------ Major */ 477 /* */ 478 /* Default regex string only tries to match Major and Minor version. */ 479 /* */ 480 /* To match more firmware version info, platforms need to define it own */ 481 /* regex string to match more strings, and assign correct mapping index in */ 482 /* matches array. */ 483 /* */ 484 /* matches[0]: matched index for major ver */ 485 /* matches[1]: matched index for minor ver */ 486 /* matches[2]: matched index for aux[0] (set 0 to skip) */ 487 /* matches[3]: matched index for aux[1] (set 0 to skip) */ 488 /* matches[4]: matched index for aux[2] (set 0 to skip) */ 489 /* matches[5]: matched index for aux[3] (set 0 to skip) */ 490 /* Example: */ 491 /* regex = "([\d]+).([\d]+).([\d]+)-dev-([\d]+)-g([0-9a-fA-F]{2}) */ 492 /* ([0-9a-fA-F]{2})([0-9a-fA-F]{2})([0-9a-fA-F]{2})" */ 493 /* matches = {1,2,5,6,7,8} */ 494 /* version = 2.14.0-dev-750-g37a7c5ad1-dirty */ 495 /* ^ ^ ^ ^ ^ ^ ^ ^ */ 496 /* | | | | | | | | */ 497 /* | | | | | | | |-- Aux byte 3 (0xAD), index 8 */ 498 /* | | | | | | |---- Aux byte 2 (0xC5), index 7 */ 499 /* | | | | | |------ Aux byte 1 (0xA7), index 6 */ 500 /* | | | | |-------- Aux byte 0 (0x37), index 5 */ 501 /* | | | |------------- Not used, index 4 */ 502 /* | | |------------------- Not used, index 3 */ 503 /* | |---------------------- Minor (14), index 2 */ 504 /* |------------------------ Major (2), index 1 */ 505 int convertVersion(std::string s, Revision& rev) 506 { 507 static const std::vector<size_t> matches = { 508 MAJOR_MATCH_INDEX, MINOR_MATCH_INDEX, AUX_0_MATCH_INDEX, 509 AUX_1_MATCH_INDEX, AUX_2_MATCH_INDEX, AUX_3_MATCH_INDEX}; 510 std::regex fw_regex(FW_VER_REGEX); 511 std::smatch m; 512 Revision r = {0}; 513 size_t val; 514 515 if (std::regex_search(s, m, fw_regex)) 516 { 517 if (m.size() < *std::max_element(matches.begin(), matches.end())) 518 { // max index higher than match count 519 return -1; 520 } 521 522 // convert major 523 { 524 std::string_view str = m[matches[0]].str(); 525 auto [ptr, ec]{std::from_chars(str.begin(), str.end(), val)}; 526 if (ec != std::errc() || ptr != str.begin() + str.size()) 527 { // failed to convert major string 528 return -1; 529 } 530 531 if (val >= 2000) 532 { // For the platforms use year as major version, it would expect to 533 // have major version between 0 - 99. If the major version is 534 // greater than or equal to 2000, it is treated as a year and 535 // converted to 0 - 99. 536 r.major = val % 100; 537 } 538 else 539 { 540 r.major = val & 0x7F; 541 } 542 } 543 544 // convert minor 545 { 546 std::string_view str = m[matches[1]].str(); 547 auto [ptr, ec]{std::from_chars(str.begin(), str.end(), val)}; 548 if (ec != std::errc() || ptr != str.begin() + str.size()) 549 { // failed to convert minor string 550 return -1; 551 } 552 r.minor = val & 0xFF; 553 } 554 555 // convert aux bytes 556 { 557 size_t i; 558 for (i = 0; i < 4; i++) 559 { 560 if (matches[i + 2] == 0) 561 { 562 continue; 563 } 564 565 std::string_view str = m[matches[i + 2]].str(); 566 auto [ptr, 567 ec]{std::from_chars(str.begin(), str.end(), val, 16)}; 568 if (ec != std::errc() || ptr != str.begin() + str.size()) 569 { // failed to convert aux byte string 570 break; 571 } 572 573 r.aux[i] = val & 0xFF; 574 } 575 576 if (i != 4) 577 { // something wrong durign converting aux bytes 578 return -1; 579 } 580 } 581 582 // all matched 583 rev = r; 584 return 0; 585 } 586 587 return -1; 588 } 589 590 /* @brief: Implement the Get Device ID IPMI command per the IPMI spec 591 * @param[in] ctx - shared_ptr to an IPMI context struct 592 * 593 * @returns IPMI completion code plus response data 594 * - Device ID (manufacturer defined) 595 * - Device revision[4 bits]; reserved[3 bits]; SDR support[1 bit] 596 * - FW revision major[7 bits] (binary encoded); available[1 bit] 597 * - FW Revision minor (BCD encoded) 598 * - IPMI version (0x02 for IPMI 2.0) 599 * - device support (bitfield of supported options) 600 * - MFG IANA ID (3 bytes) 601 * - product ID (2 bytes) 602 * - AUX info (4 bytes) 603 */ 604 ipmi::RspType<uint8_t, // Device ID 605 uint8_t, // Device Revision 606 uint8_t, // Firmware Revision Major 607 uint8_t, // Firmware Revision minor 608 uint8_t, // IPMI version 609 uint8_t, // Additional device support 610 uint24_t, // MFG ID 611 uint16_t, // Product ID 612 uint32_t // AUX info 613 > 614 ipmiAppGetDeviceId([[maybe_unused]] ipmi::Context::ptr ctx) 615 { 616 static struct 617 { 618 uint8_t id; 619 uint8_t revision; 620 uint8_t fw[2]; 621 uint8_t ipmiVer; 622 uint8_t addnDevSupport; 623 uint24_t manufId; 624 uint16_t prodId; 625 uint32_t aux; 626 } devId; 627 static bool dev_id_initialized = false; 628 static bool defaultActivationSetting = true; 629 const char* filename = "/usr/share/ipmi-providers/dev_id.json"; 630 constexpr auto ipmiDevIdStateShift = 7; 631 constexpr auto ipmiDevIdFw1Mask = ~(1 << ipmiDevIdStateShift); 632 633 #ifdef GET_DBUS_ACTIVE_SOFTWARE 634 static bool haveBMCVersion = false; 635 if (!haveBMCVersion || !dev_id_initialized) 636 { 637 int r = -1; 638 Revision rev = {0, 0, 0, 0}; 639 try 640 { 641 auto version = getActiveSoftwareVersionInfo(ctx); 642 r = convertVersion(version, rev); 643 } 644 catch (const std::exception& e) 645 { 646 lg2::error("error message: {ERROR}", "ERROR", e); 647 } 648 649 if (r >= 0) 650 { 651 // bit7 identifies if the device is available 652 // 0=normal operation 653 // 1=device firmware, SDR update, 654 // or self-initialization in progress. 655 // The availability may change in run time, so mask here 656 // and initialize later. 657 devId.fw[0] = rev.major & ipmiDevIdFw1Mask; 658 659 rev.minor = (rev.minor > 99 ? 99 : rev.minor); 660 devId.fw[1] = rev.minor % 10 + (rev.minor / 10) * 16; 661 std::memcpy(&devId.aux, rev.aux, sizeof(rev.aux)); 662 haveBMCVersion = true; 663 } 664 } 665 #endif 666 if (!dev_id_initialized) 667 { 668 // IPMI Spec version 2.0 669 devId.ipmiVer = 2; 670 671 std::ifstream devIdFile(filename); 672 if (devIdFile.is_open()) 673 { 674 auto data = nlohmann::json::parse(devIdFile, nullptr, false); 675 if (!data.is_discarded()) 676 { 677 devId.id = data.value("id", 0); 678 devId.revision = data.value("revision", 0); 679 devId.addnDevSupport = data.value("addn_dev_support", 0); 680 devId.manufId = data.value("manuf_id", 0); 681 devId.prodId = data.value("prod_id", 0); 682 #ifdef GET_DBUS_ACTIVE_SOFTWARE 683 if (!(AUX_0_MATCH_INDEX || AUX_1_MATCH_INDEX || 684 AUX_2_MATCH_INDEX || AUX_3_MATCH_INDEX)) 685 #endif 686 { 687 devId.aux = data.value("aux", 0); 688 } 689 690 if (data.contains("firmware_revision")) 691 { 692 const auto& firmwareRevision = data.at("firmware_revision"); 693 if (firmwareRevision.contains("major")) 694 { 695 firmwareRevision.at("major").get_to(devId.fw[0]); 696 } 697 if (firmwareRevision.contains("minor")) 698 { 699 firmwareRevision.at("minor").get_to(devId.fw[1]); 700 } 701 } 702 703 // Set the availablitity of the BMC. 704 defaultActivationSetting = data.value("availability", true); 705 706 // Don't read the file every time if successful 707 dev_id_initialized = true; 708 } 709 else 710 { 711 lg2::error("Device ID JSON parser failure"); 712 return ipmi::responseUnspecifiedError(); 713 } 714 } 715 else 716 { 717 lg2::error("Device ID file not found"); 718 return ipmi::responseUnspecifiedError(); 719 } 720 } 721 722 // Set availability to the actual current BMC state 723 devId.fw[0] &= ipmiDevIdFw1Mask; 724 if (!getCurrentBmcStateWithFallback(defaultActivationSetting)) 725 { 726 devId.fw[0] |= (1 << ipmiDevIdStateShift); 727 } 728 729 return ipmi::responseSuccess( 730 devId.id, devId.revision, devId.fw[0], devId.fw[1], devId.ipmiVer, 731 devId.addnDevSupport, devId.manufId, devId.prodId, devId.aux); 732 } 733 734 auto ipmiAppGetSelfTestResults() -> ipmi::RspType<uint8_t, uint8_t> 735 { 736 // Byte 2: 737 // 55h - No error. 738 // 56h - Self Test function not implemented in this controller. 739 // 57h - Corrupted or inaccesssible data or devices. 740 // 58h - Fatal hardware error. 741 // FFh - reserved. 742 // all other: Device-specific 'internal failure'. 743 // Byte 3: 744 // For byte 2 = 55h, 56h, FFh: 00h 745 // For byte 2 = 58h, all other: Device-specific 746 // For byte 2 = 57h: self-test error bitfield. 747 // Note: returning 57h does not imply that all test were run. 748 // [7] 1b = Cannot access SEL device. 749 // [6] 1b = Cannot access SDR Repository. 750 // [5] 1b = Cannot access BMC FRU device. 751 // [4] 1b = IPMB signal lines do not respond. 752 // [3] 1b = SDR Repository empty. 753 // [2] 1b = Internal Use Area of BMC FRU corrupted. 754 // [1] 1b = controller update 'boot block' firmware corrupted. 755 // [0] 1b = controller operational firmware corrupted. 756 constexpr uint8_t notImplemented = 0x56; 757 constexpr uint8_t zero = 0; 758 return ipmi::responseSuccess(notImplemented, zero); 759 } 760 761 static constexpr size_t uuidBinaryLength = 16; 762 static std::array<uint8_t, uuidBinaryLength> rfc4122ToIpmi(std::string rfc4122) 763 { 764 using Argument = xyz::openbmc_project::common::InvalidArgument; 765 // UUID is in RFC4122 format. Ex: 61a39523-78f2-11e5-9862-e6402cfc3223 766 // Per IPMI Spec 2.0 need to convert to 16 hex bytes and reverse the byte 767 // order 768 // Ex: 0x2332fc2c40e66298e511f2782395a361 769 constexpr size_t uuidHexLength = (2 * uuidBinaryLength); 770 constexpr size_t uuidRfc4122Length = (uuidHexLength + 4); 771 std::array<uint8_t, uuidBinaryLength> uuid; 772 if (rfc4122.size() == uuidRfc4122Length) 773 { 774 rfc4122.erase(std::remove(rfc4122.begin(), rfc4122.end(), '-'), 775 rfc4122.end()); 776 } 777 if (rfc4122.size() != uuidHexLength) 778 { 779 elog<InvalidArgument>(Argument::ARGUMENT_NAME("rfc4122"), 780 Argument::ARGUMENT_VALUE(rfc4122.c_str())); 781 } 782 for (size_t ind = 0; ind < uuidHexLength; ind += 2) 783 { 784 char v[3]; 785 v[0] = rfc4122[ind]; 786 v[1] = rfc4122[ind + 1]; 787 v[2] = 0; 788 size_t err; 789 long b; 790 try 791 { 792 b = std::stoul(v, &err, 16); 793 } 794 catch (const std::exception& e) 795 { 796 elog<InvalidArgument>(Argument::ARGUMENT_NAME("rfc4122"), 797 Argument::ARGUMENT_VALUE(rfc4122.c_str())); 798 } 799 // check that exactly two ascii bytes were converted 800 if (err != 2) 801 { 802 elog<InvalidArgument>(Argument::ARGUMENT_NAME("rfc4122"), 803 Argument::ARGUMENT_VALUE(rfc4122.c_str())); 804 } 805 uuid[uuidBinaryLength - (ind / 2) - 1] = static_cast<uint8_t>(b); 806 } 807 return uuid; 808 } 809 810 auto ipmiAppGetDeviceGuid() 811 -> ipmi::RspType<std::array<uint8_t, uuidBinaryLength>> 812 { 813 // return a fixed GUID based on /etc/machine-id 814 // This should match the /redfish/v1/Managers/bmc's UUID data 815 816 // machine specific application ID (for BMC ID) 817 // generated by systemd-id128 -p new as per man page 818 static constexpr sd_id128_t bmcUuidAppId = SD_ID128_MAKE( 819 e0, e1, 73, 76, 64, 61, 47, da, a5, 0c, d0, cc, 64, 12, 45, 78); 820 821 sd_id128_t bmcUuid; 822 // create the UUID from /etc/machine-id via the systemd API 823 sd_id128_get_machine_app_specific(bmcUuidAppId, &bmcUuid); 824 825 char bmcUuidCstr[SD_ID128_STRING_MAX]; 826 std::string systemUuid = sd_id128_to_string(bmcUuid, bmcUuidCstr); 827 828 std::array<uint8_t, uuidBinaryLength> uuid = rfc4122ToIpmi(systemUuid); 829 return ipmi::responseSuccess(uuid); 830 } 831 832 auto ipmiAppGetBtCapabilities() 833 -> ipmi::RspType<uint8_t, uint8_t, uint8_t, uint8_t, uint8_t> 834 { 835 // Per IPMI 2.0 spec, the input and output buffer size must be the max 836 // buffer size minus one byte to allocate space for the length byte. 837 constexpr uint8_t nrOutstanding = 0x01; 838 constexpr uint8_t inputBufferSize = MAX_IPMI_BUFFER - 1; 839 constexpr uint8_t outputBufferSize = MAX_IPMI_BUFFER - 1; 840 constexpr uint8_t transactionTime = 0x0A; 841 constexpr uint8_t nrRetries = 0x01; 842 843 return ipmi::responseSuccess(nrOutstanding, inputBufferSize, 844 outputBufferSize, transactionTime, nrRetries); 845 } 846 847 auto ipmiAppGetSystemGuid(ipmi::Context::ptr& ctx) 848 -> ipmi::RspType<std::array<uint8_t, 16>> 849 { 850 static constexpr auto uuidInterface = "xyz.openbmc_project.Common.UUID"; 851 static constexpr auto uuidProperty = "UUID"; 852 853 // Get the Inventory object implementing BMC interface 854 ipmi::DbusObjectInfo objectInfo{}; 855 boost::system::error_code ec = ipmi::getDbusObject(ctx, uuidInterface, 856 objectInfo); 857 if (ec.value()) 858 { 859 lg2::error("Failed to locate System UUID object, " 860 "interface: {INTERFACE}, error: {ERROR}", 861 "INTERFACE", uuidInterface, "ERROR", ec.message()); 862 } 863 864 // Read UUID property value from bmcObject 865 // UUID is in RFC4122 format Ex: 61a39523-78f2-11e5-9862-e6402cfc3223 866 std::string rfc4122Uuid{}; 867 ec = ipmi::getDbusProperty(ctx, objectInfo.second, objectInfo.first, 868 uuidInterface, uuidProperty, rfc4122Uuid); 869 if (ec.value()) 870 { 871 lg2::error("Failed to read System UUID property, " 872 "interface: {INTERFACE}, property: {PROPERTY}, " 873 "error: {ERROR}", 874 "INTERFACE", uuidInterface, "PROPERTY", uuidProperty, 875 "ERROR", ec.message()); 876 return ipmi::responseUnspecifiedError(); 877 } 878 std::array<uint8_t, 16> uuid; 879 try 880 { 881 // convert to IPMI format 882 uuid = rfc4122ToIpmi(rfc4122Uuid); 883 } 884 catch (const InvalidArgument& e) 885 { 886 lg2::error("Failed in parsing BMC UUID property, " 887 "interface: {INTERFACE}, property: {PROPERTY}, " 888 "value: {VALUE}, error: {ERROR}", 889 "INTERFACE", uuidInterface, "PROPERTY", uuidProperty, 890 "VALUE", rfc4122Uuid, "ERROR", e); 891 return ipmi::responseUnspecifiedError(); 892 } 893 return ipmi::responseSuccess(uuid); 894 } 895 896 /** 897 * @brief set the session state as teardown 898 * 899 * This function is to set the session state to tear down in progress if the 900 * state is active. 901 * 902 * @param[in] busp - Dbus obj 903 * @param[in] service - service name 904 * @param[in] obj - object path 905 * 906 * @return success completion code if it sets the session state to 907 * tearDownInProgress else return the corresponding error completion code. 908 **/ 909 uint8_t setSessionState(std::shared_ptr<sdbusplus::asio::connection>& busp, 910 const std::string& service, const std::string& obj) 911 { 912 try 913 { 914 uint8_t sessionState = std::get<uint8_t>(ipmi::getDbusProperty( 915 *busp, service, obj, session::sessionIntf, "State")); 916 917 if (sessionState == static_cast<uint8_t>(session::State::active)) 918 { 919 ipmi::setDbusProperty( 920 *busp, service, obj, session::sessionIntf, "State", 921 static_cast<uint8_t>(session::State::tearDownInProgress)); 922 return ipmi::ccSuccess; 923 } 924 } 925 catch (const std::exception& e) 926 { 927 lg2::error("Failed in getting session state property, " 928 "service: {SERVICE}, object path: {OBJECT_PATH}, " 929 "interface: {INTERFACE}, error: {ERROR}", 930 "SERVICE", service, "OBJECT_PATH", obj, "INTERFACE", 931 session::sessionIntf, "ERROR", e); 932 return ipmi::ccUnspecifiedError; 933 } 934 935 return ipmi::ccInvalidFieldRequest; 936 } 937 938 ipmi::RspType<> ipmiAppCloseSession(uint32_t reqSessionId, 939 std::optional<uint8_t> requestSessionHandle) 940 { 941 auto busp = getSdBus(); 942 uint8_t reqSessionHandle = 943 requestSessionHandle.value_or(session::defaultSessionHandle); 944 945 if (reqSessionId == session::sessionZero && 946 reqSessionHandle == session::defaultSessionHandle) 947 { 948 return ipmi::response(session::ccInvalidSessionId); 949 } 950 951 if (reqSessionId == session::sessionZero && 952 reqSessionHandle == session::invalidSessionHandle) 953 { 954 return ipmi::response(session::ccInvalidSessionHandle); 955 } 956 957 if (reqSessionId != session::sessionZero && 958 reqSessionHandle != session::defaultSessionHandle) 959 { 960 return ipmi::response(ipmi::ccInvalidFieldRequest); 961 } 962 963 try 964 { 965 ipmi::ObjectTree objectTree = ipmi::getAllDbusObjects( 966 *busp, session::sessionManagerRootPath, session::sessionIntf); 967 968 for (auto& objectTreeItr : objectTree) 969 { 970 const std::string obj = objectTreeItr.first; 971 972 if (isSessionObjectMatched(obj, reqSessionId, reqSessionHandle)) 973 { 974 auto& serviceMap = objectTreeItr.second; 975 976 // Session id and session handle are unique for each session. 977 // Session id and handler are retrived from the object path and 978 // object path will be unique for each session. Checking if 979 // multiple objects exist with same object path under multiple 980 // services. 981 if (serviceMap.size() != 1) 982 { 983 return ipmi::responseUnspecifiedError(); 984 } 985 986 auto itr = serviceMap.begin(); 987 const std::string service = itr->first; 988 return ipmi::response(setSessionState(busp, service, obj)); 989 } 990 } 991 } 992 catch (const sdbusplus::exception_t& e) 993 { 994 lg2::error("Failed to fetch object from dbus, " 995 "interface: {INTERFACE}, error: {ERROR}", 996 "INTERFACE", session::sessionIntf, "ERROR", e); 997 return ipmi::responseUnspecifiedError(); 998 } 999 1000 return ipmi::responseInvalidFieldRequest(); 1001 } 1002 1003 uint8_t getTotalSessionCount() 1004 { 1005 uint8_t count = 0, ch = 0; 1006 1007 while (ch < ipmi::maxIpmiChannels && 1008 count < session::maxNetworkInstanceSupported) 1009 { 1010 ipmi::ChannelInfo chInfo{}; 1011 ipmi::getChannelInfo(ch, chInfo); 1012 if (static_cast<ipmi::EChannelMediumType>(chInfo.mediumType) == 1013 ipmi::EChannelMediumType::lan8032) 1014 { 1015 count++; 1016 } 1017 ch++; 1018 } 1019 return count * session::maxSessionCountPerChannel; 1020 } 1021 1022 /** 1023 * @brief get session info request data. 1024 * 1025 * This function validates the request data and retrive request session id, 1026 * session handle. 1027 * 1028 * @param[in] ctx - context of current session. 1029 * @param[in] sessionIndex - request session index 1030 * @param[in] payload - input payload 1031 * @param[in] reqSessionId - unpacked session Id will be asigned 1032 * @param[in] reqSessionHandle - unpacked session handle will be asigned 1033 * 1034 * @return success completion code if request data is valid 1035 * else return the correcponding error completion code. 1036 **/ 1037 uint8_t getSessionInfoRequestData(const ipmi::Context::ptr ctx, 1038 const uint8_t sessionIndex, 1039 ipmi::message::Payload& payload, 1040 uint32_t& reqSessionId, 1041 uint8_t& reqSessionHandle) 1042 { 1043 if ((sessionIndex > session::maxSessionCountPerChannel) && 1044 (sessionIndex < session::searchSessionByHandle)) 1045 { 1046 return ipmi::ccInvalidFieldRequest; 1047 } 1048 1049 switch (sessionIndex) 1050 { 1051 case session::searchCurrentSession: 1052 1053 ipmi::ChannelInfo chInfo; 1054 ipmi::getChannelInfo(ctx->channel, chInfo); 1055 1056 if (static_cast<ipmi::EChannelMediumType>(chInfo.mediumType) != 1057 ipmi::EChannelMediumType::lan8032) 1058 { 1059 return ipmi::ccInvalidFieldRequest; 1060 } 1061 1062 if (!payload.fullyUnpacked()) 1063 { 1064 return ipmi::ccReqDataLenInvalid; 1065 } 1066 // Check if current sessionId is 0, sessionId 0 is reserved. 1067 if (ctx->sessionId == session::sessionZero) 1068 { 1069 return session::ccInvalidSessionId; 1070 } 1071 reqSessionId = ctx->sessionId; 1072 break; 1073 1074 case session::searchSessionByHandle: 1075 1076 if ((payload.unpack(reqSessionHandle)) || 1077 (!payload.fullyUnpacked())) 1078 { 1079 return ipmi::ccReqDataLenInvalid; 1080 } 1081 1082 if ((reqSessionHandle == session::sessionZero) || 1083 ((reqSessionHandle & session::multiIntfaceSessionHandleMask) > 1084 session::maxSessionCountPerChannel)) 1085 { 1086 return session::ccInvalidSessionHandle; 1087 } 1088 break; 1089 1090 case session::searchSessionById: 1091 1092 if ((payload.unpack(reqSessionId)) || (!payload.fullyUnpacked())) 1093 { 1094 return ipmi::ccReqDataLenInvalid; 1095 } 1096 1097 if (reqSessionId == session::sessionZero) 1098 { 1099 return session::ccInvalidSessionId; 1100 } 1101 break; 1102 1103 default: 1104 if (!payload.fullyUnpacked()) 1105 { 1106 return ipmi::ccReqDataLenInvalid; 1107 } 1108 break; 1109 } 1110 return ipmi::ccSuccess; 1111 } 1112 1113 uint8_t getSessionState(ipmi::Context::ptr ctx, const std::string& service, 1114 const std::string& objPath, uint8_t& sessionState) 1115 { 1116 boost::system::error_code ec = ipmi::getDbusProperty( 1117 ctx, service, objPath, session::sessionIntf, "State", sessionState); 1118 if (ec) 1119 { 1120 lg2::error("Failed to fetch state property, service: {SERVICE}, " 1121 "object path: {OBJECTPATH}, interface: {INTERFACE}, " 1122 "error: {ERROR}", 1123 "SERVICE", service, "OBJECTPATH", objPath, "INTERFACE", 1124 session::sessionIntf, "ERROR", ec.message()); 1125 return ipmi::ccUnspecifiedError; 1126 } 1127 return ipmi::ccSuccess; 1128 } 1129 1130 static constexpr uint8_t macAddrLen = 6; 1131 /** Alias SessionDetails - contain the optional information about an 1132 * RMCP+ session. 1133 * 1134 * @param userID - uint6_t session user ID (0-63) 1135 * @param reserved - uint2_t reserved 1136 * @param privilege - uint4_t session privilege (0-5) 1137 * @param reserved - uint4_t reserved 1138 * @param channel - uint4_t session channel number 1139 * @param protocol - uint4_t session protocol 1140 * @param remoteIP - uint32_t remote IP address 1141 * @param macAddr - std::array<uint8_t, 6> mac address 1142 * @param port - uint16_t remote port 1143 */ 1144 using SessionDetails = 1145 std::tuple<uint2_t, uint6_t, uint4_t, uint4_t, uint4_t, uint4_t, uint32_t, 1146 std::array<uint8_t, macAddrLen>, uint16_t>; 1147 1148 /** @brief get session details for a given session 1149 * 1150 * @param[in] ctx - ipmi::Context pointer for accessing D-Bus 1151 * @param[in] service - D-Bus service name to fetch details from 1152 * @param[in] objPath - D-Bus object path for session 1153 * @param[out] sessionHandle - return session handle for session 1154 * @param[out] sessionState - return session state for session 1155 * @param[out] details - return a SessionDetails tuple containing other 1156 * session info 1157 * @return - ipmi::Cc success or error code 1158 */ 1159 ipmi::Cc getSessionDetails(ipmi::Context::ptr ctx, const std::string& service, 1160 const std::string& objPath, uint8_t& sessionHandle, 1161 uint8_t& sessionState, SessionDetails& details) 1162 { 1163 ipmi::PropertyMap sessionProps; 1164 boost::system::error_code ec = ipmi::getAllDbusProperties( 1165 ctx, service, objPath, session::sessionIntf, sessionProps); 1166 1167 if (ec) 1168 { 1169 lg2::error("Failed to fetch state property, service: {SERVICE}, " 1170 "object path: {OBJECTPATH}, interface: {INTERFACE}, " 1171 "error: {ERROR}", 1172 "SERVICE", service, "OBJECTPATH", objPath, "INTERFACE", 1173 session::sessionIntf, "ERROR", ec.message()); 1174 return ipmi::ccUnspecifiedError; 1175 } 1176 1177 sessionState = ipmi::mappedVariant<uint8_t>( 1178 sessionProps, "State", static_cast<uint8_t>(session::State::inactive)); 1179 if (sessionState == static_cast<uint8_t>(session::State::active)) 1180 { 1181 sessionHandle = ipmi::mappedVariant<uint8_t>(sessionProps, 1182 "SessionHandle", 0); 1183 std::get<0>(details) = ipmi::mappedVariant<uint8_t>(sessionProps, 1184 "UserID", 0xff); 1185 // std::get<1>(details) = 0; // (default constructed to 0) 1186 std::get<2>(details) = 1187 ipmi::mappedVariant<uint8_t>(sessionProps, "CurrentPrivilege", 0); 1188 // std::get<3>(details) = 0; // (default constructed to 0) 1189 std::get<4>(details) = ipmi::mappedVariant<uint8_t>(sessionProps, 1190 "ChannelNum", 0xff); 1191 constexpr uint4_t rmcpPlusProtocol = 1; 1192 std::get<5>(details) = rmcpPlusProtocol; 1193 std::get<6>(details) = ipmi::mappedVariant<uint32_t>(sessionProps, 1194 "RemoteIPAddr", 0); 1195 // std::get<7>(details) = {{0}}; // default constructed to all 0 1196 std::get<8>(details) = ipmi::mappedVariant<uint16_t>(sessionProps, 1197 "RemotePort", 0); 1198 } 1199 1200 return ipmi::ccSuccess; 1201 } 1202 1203 ipmi::RspType<uint8_t, // session handle, 1204 uint8_t, // total session count 1205 uint8_t, // active session count 1206 std::optional<SessionDetails>> 1207 ipmiAppGetSessionInfo(ipmi::Context::ptr ctx, uint8_t sessionIndex, 1208 ipmi::message::Payload& payload) 1209 { 1210 uint32_t reqSessionId = 0; 1211 uint8_t reqSessionHandle = session::defaultSessionHandle; 1212 // initializing state to 0xff as 0 represents state as inactive. 1213 uint8_t state = 0xFF; 1214 1215 uint8_t completionCode = getSessionInfoRequestData( 1216 ctx, sessionIndex, payload, reqSessionId, reqSessionHandle); 1217 1218 if (completionCode) 1219 { 1220 return ipmi::response(completionCode); 1221 } 1222 ipmi::ObjectTree objectTree; 1223 boost::system::error_code ec = ipmi::getAllDbusObjects( 1224 ctx, session::sessionManagerRootPath, session::sessionIntf, objectTree); 1225 if (ec) 1226 { 1227 lg2::error("Failed to fetch object from dbus, " 1228 "interface: {INTERFACE}, error: {ERROR}", 1229 "INTERFACE", session::sessionIntf, "ERROR", ec.message()); 1230 return ipmi::responseUnspecifiedError(); 1231 } 1232 1233 uint8_t totalSessionCount = getTotalSessionCount(); 1234 uint8_t activeSessionCount = 0; 1235 uint8_t sessionHandle = session::defaultSessionHandle; 1236 uint8_t activeSessionHandle = 0; 1237 std::optional<SessionDetails> maybeDetails; 1238 uint8_t index = 0; 1239 for (auto& objectTreeItr : objectTree) 1240 { 1241 uint32_t sessionId = 0; 1242 std::string objectPath = objectTreeItr.first; 1243 1244 if (!parseCloseSessionInputPayload(objectPath, sessionId, 1245 sessionHandle)) 1246 { 1247 continue; 1248 } 1249 index++; 1250 auto& serviceMap = objectTreeItr.second; 1251 auto itr = serviceMap.begin(); 1252 1253 if (serviceMap.size() != 1) 1254 { 1255 return ipmi::responseUnspecifiedError(); 1256 } 1257 1258 std::string service = itr->first; 1259 uint8_t sessionState = 0; 1260 completionCode = getSessionState(ctx, service, objectPath, 1261 sessionState); 1262 if (completionCode) 1263 { 1264 return ipmi::response(completionCode); 1265 } 1266 1267 if (sessionState == static_cast<uint8_t>(session::State::active)) 1268 { 1269 activeSessionCount++; 1270 } 1271 1272 if (index == sessionIndex || reqSessionId == sessionId || 1273 reqSessionHandle == sessionHandle) 1274 { 1275 SessionDetails details{}; 1276 completionCode = getSessionDetails(ctx, service, objectPath, 1277 sessionHandle, state, details); 1278 1279 if (completionCode) 1280 { 1281 return ipmi::response(completionCode); 1282 } 1283 activeSessionHandle = sessionHandle; 1284 maybeDetails = std::move(details); 1285 } 1286 } 1287 1288 if (state == static_cast<uint8_t>(session::State::active) || 1289 state == static_cast<uint8_t>(session::State::tearDownInProgress)) 1290 { 1291 return ipmi::responseSuccess(activeSessionHandle, totalSessionCount, 1292 activeSessionCount, maybeDetails); 1293 } 1294 1295 return ipmi::responseInvalidFieldRequest(); 1296 } 1297 1298 static std::unique_ptr<SysInfoParamStore> sysInfoParamStore; 1299 1300 static std::string sysInfoReadSystemName() 1301 { 1302 // Use the BMC hostname as the "System Name." 1303 char hostname[HOST_NAME_MAX + 1] = {}; 1304 if (gethostname(hostname, HOST_NAME_MAX) != 0) 1305 { 1306 perror("System info parameter: system name"); 1307 } 1308 return hostname; 1309 } 1310 1311 static constexpr uint8_t paramRevision = 0x11; 1312 static constexpr size_t configParameterLength = 16; 1313 1314 static constexpr size_t smallChunkSize = 14; 1315 static constexpr size_t fullChunkSize = 16; 1316 static constexpr uint8_t progressMask = 0x3; 1317 static constexpr uint8_t maxValidEncodingData = 0x02; 1318 1319 static constexpr uint8_t setComplete = 0x0; 1320 static constexpr uint8_t setInProgress = 0x1; 1321 static constexpr uint8_t commitWrite = 0x2; 1322 static uint8_t transferStatus = setComplete; 1323 1324 static constexpr uint8_t configDataOverhead = 2; 1325 1326 // For EFI based system, 256 bytes is recommended. 1327 static constexpr size_t maxBytesPerParameter = 256; 1328 1329 namespace ipmi 1330 { 1331 constexpr Cc ccParmNotSupported = 0x80; 1332 constexpr Cc ccSetInProgressActive = 0x81; 1333 constexpr Cc ccSystemInfoParameterSetReadOnly = 0x82; 1334 1335 static inline auto responseParmNotSupported() 1336 { 1337 return response(ccParmNotSupported); 1338 } 1339 static inline auto responseSetInProgressActive() 1340 { 1341 return response(ccSetInProgressActive); 1342 } 1343 static inline auto responseSystemInfoParameterSetReadOnly() 1344 { 1345 return response(ccSystemInfoParameterSetReadOnly); 1346 } 1347 } // namespace ipmi 1348 1349 ipmi::RspType<uint8_t, // Parameter revision 1350 std::optional<uint8_t>, // data1 / setSelector / ProgressStatus 1351 std::optional<std::vector<uint8_t>>> // data2-17 1352 ipmiAppGetSystemInfo(uint7_t reserved, bool getRevision, 1353 uint8_t paramSelector, uint8_t setSelector, 1354 uint8_t BlockSelector) 1355 { 1356 if (reserved || (paramSelector >= invalidParamSelectorStart && 1357 paramSelector <= invalidParamSelectorEnd)) 1358 { 1359 return ipmi::responseInvalidFieldRequest(); 1360 } 1361 if (paramSelector >= oemCmdStart) 1362 { 1363 return ipmi::responseParmNotSupported(); 1364 } 1365 if (getRevision) 1366 { 1367 return ipmi::responseSuccess(paramRevision, std::nullopt, std::nullopt); 1368 } 1369 1370 if (paramSelector == 0) 1371 { 1372 return ipmi::responseSuccess(paramRevision, transferStatus, 1373 std::nullopt); 1374 } 1375 1376 if (BlockSelector != 0) // 00h if parameter does not require a block number 1377 { 1378 return ipmi::responseParmNotSupported(); 1379 } 1380 1381 if (sysInfoParamStore == nullptr) 1382 { 1383 sysInfoParamStore = std::make_unique<SysInfoParamStore>(); 1384 sysInfoParamStore->update(IPMI_SYSINFO_SYSTEM_NAME, 1385 sysInfoReadSystemName); 1386 } 1387 1388 // Parameters other than Set In Progress are assumed to be strings. 1389 std::tuple<bool, std::string> ret = 1390 sysInfoParamStore->lookup(paramSelector); 1391 bool found = std::get<0>(ret); 1392 if (!found) 1393 { 1394 return ipmi::responseSensorInvalid(); 1395 } 1396 std::string& paramString = std::get<1>(ret); 1397 std::vector<uint8_t> configData; 1398 size_t count = 0; 1399 if (setSelector == 0) 1400 { // First chunk has only 14 bytes. 1401 configData.emplace_back(0); // encoding 1402 configData.emplace_back(paramString.length()); // string length 1403 count = std::min(paramString.length(), smallChunkSize); 1404 configData.resize(count + configDataOverhead); 1405 std::copy_n(paramString.begin(), count, 1406 configData.begin() + configDataOverhead); // 14 bytes chunk 1407 1408 // Append zero's to remaining bytes 1409 if (configData.size() < configParameterLength) 1410 { 1411 std::fill_n(std::back_inserter(configData), 1412 configParameterLength - configData.size(), 0x00); 1413 } 1414 } 1415 else 1416 { 1417 size_t offset = (setSelector * fullChunkSize) - configDataOverhead; 1418 if (offset >= paramString.length()) 1419 { 1420 return ipmi::responseParmOutOfRange(); 1421 } 1422 count = std::min(paramString.length() - offset, fullChunkSize); 1423 configData.resize(count); 1424 std::copy_n(paramString.begin() + offset, count, 1425 configData.begin()); // 16 bytes chunk 1426 } 1427 return ipmi::responseSuccess(paramRevision, setSelector, configData); 1428 } 1429 1430 ipmi::RspType<> ipmiAppSetSystemInfo(uint8_t paramSelector, uint8_t data1, 1431 std::vector<uint8_t> configData) 1432 { 1433 if (paramSelector >= invalidParamSelectorStart && 1434 paramSelector <= invalidParamSelectorEnd) 1435 { 1436 return ipmi::responseInvalidFieldRequest(); 1437 } 1438 if (paramSelector >= oemCmdStart) 1439 { 1440 return ipmi::responseParmNotSupported(); 1441 } 1442 1443 if (paramSelector == 0) 1444 { 1445 // attempt to set the 'set in progress' value (in parameter #0) 1446 // when not in the set complete state. 1447 if ((transferStatus != setComplete) && (data1 == setInProgress)) 1448 { 1449 return ipmi::responseSetInProgressActive(); 1450 } 1451 // only following 2 states are supported 1452 if (data1 > setInProgress) 1453 { 1454 lg2::error("illegal SetInProgress status"); 1455 return ipmi::responseInvalidFieldRequest(); 1456 } 1457 1458 transferStatus = data1 & progressMask; 1459 return ipmi::responseSuccess(); 1460 } 1461 1462 if (configData.size() > configParameterLength) 1463 { 1464 return ipmi::responseInvalidFieldRequest(); 1465 } 1466 1467 // Append zero's to remaining bytes 1468 if (configData.size() < configParameterLength) 1469 { 1470 fill_n(back_inserter(configData), 1471 (configParameterLength - configData.size()), 0x00); 1472 } 1473 1474 if (!sysInfoParamStore) 1475 { 1476 sysInfoParamStore = std::make_unique<SysInfoParamStore>(); 1477 sysInfoParamStore->update(IPMI_SYSINFO_SYSTEM_NAME, 1478 sysInfoReadSystemName); 1479 } 1480 1481 // lookup 1482 std::tuple<bool, std::string> ret = 1483 sysInfoParamStore->lookup(paramSelector); 1484 bool found = std::get<0>(ret); 1485 std::string& paramString = std::get<1>(ret); 1486 if (!found) 1487 { 1488 // parameter does not exist. Init new 1489 paramString = ""; 1490 } 1491 1492 uint8_t setSelector = data1; 1493 size_t count = 0; 1494 if (setSelector == 0) // First chunk has only 14 bytes. 1495 { 1496 uint8_t encoding = configData.at(0); 1497 if (encoding > maxValidEncodingData) 1498 { 1499 return ipmi::responseInvalidFieldRequest(); 1500 } 1501 1502 size_t stringLen = configData.at(1); // string length 1503 // maxBytesPerParamter is 256. It will always be greater than stringLen 1504 // (unit8_t) if maxBytes changes in future, then following line is 1505 // needed. 1506 // stringLen = std::min(stringLen, maxBytesPerParameter); 1507 count = std::min(stringLen, smallChunkSize); 1508 count = std::min(count, configData.size()); 1509 paramString.resize(stringLen); // reserve space 1510 std::copy_n(configData.begin() + configDataOverhead, count, 1511 paramString.begin()); 1512 } 1513 else 1514 { 1515 size_t offset = (setSelector * fullChunkSize) - configDataOverhead; 1516 if (offset >= paramString.length()) 1517 { 1518 return ipmi::responseParmOutOfRange(); 1519 } 1520 count = std::min(paramString.length() - offset, configData.size()); 1521 std::copy_n(configData.begin(), count, paramString.begin() + offset); 1522 } 1523 sysInfoParamStore->update(paramSelector, paramString); 1524 return ipmi::responseSuccess(); 1525 } 1526 1527 #ifdef ENABLE_I2C_WHITELIST_CHECK 1528 inline std::vector<uint8_t> convertStringToData(const std::string& command) 1529 { 1530 std::istringstream iss(command); 1531 std::string token; 1532 std::vector<uint8_t> dataValue; 1533 while (std::getline(iss, token, ' ')) 1534 { 1535 dataValue.emplace_back( 1536 static_cast<uint8_t>(std::stoul(token, nullptr, base_16))); 1537 } 1538 return dataValue; 1539 } 1540 1541 static bool populateI2CControllerWRAllowlist() 1542 { 1543 nlohmann::json data = nullptr; 1544 std::ifstream jsonFile(i2cControllerWRAllowlistFile); 1545 1546 if (!jsonFile.good()) 1547 { 1548 lg2::warning("i2c allow list file not found! file name: {FILE_NAME}", 1549 "FILE_NAME", i2cControllerWRAllowlistFile); 1550 return false; 1551 } 1552 1553 try 1554 { 1555 data = nlohmann::json::parse(jsonFile, nullptr, false); 1556 } 1557 catch (const nlohmann::json::parse_error& e) 1558 { 1559 lg2::error("Corrupted i2c allow list config file, " 1560 "file name: {FILE_NAME}, error: {ERROR}", 1561 "FILE_NAME", i2cControllerWRAllowlistFile, "ERROR", e); 1562 return false; 1563 } 1564 1565 try 1566 { 1567 // Example JSON Structure format 1568 // "filters": [ 1569 // { 1570 // "Description": "Allow full read - ignore first byte write value 1571 // for 0x40 to 0x4F", 1572 // "busId": "0x01", 1573 // "slaveAddr": "0x40", 1574 // "slaveAddrMask": "0x0F", 1575 // "command": "0x00", 1576 // "commandMask": "0xFF" 1577 // }, 1578 // { 1579 // "Description": "Allow full read - first byte match 0x05 and 1580 // ignore second byte", 1581 // "busId": "0x01", 1582 // "slaveAddr": "0x57", 1583 // "slaveAddrMask": "0x00", 1584 // "command": "0x05 0x00", 1585 // "commandMask": "0x00 0xFF" 1586 // },] 1587 1588 nlohmann::json filters = data[filtersStr].get<nlohmann::json>(); 1589 std::vector<i2cControllerWRAllowlist>& allowlist = getWRAllowlist(); 1590 for (const auto& it : filters.items()) 1591 { 1592 nlohmann::json filter = it.value(); 1593 if (filter.is_null()) 1594 { 1595 lg2::error( 1596 "Corrupted I2C controller write read allowlist config file, " 1597 "file name: {FILE_NAME}", 1598 "FILE_NAME", i2cControllerWRAllowlistFile); 1599 return false; 1600 } 1601 const std::vector<uint8_t>& writeData = 1602 convertStringToData(filter[cmdStr].get<std::string>()); 1603 const std::vector<uint8_t>& writeDataMask = 1604 convertStringToData(filter[cmdMaskStr].get<std::string>()); 1605 if (writeDataMask.size() != writeData.size()) 1606 { 1607 lg2::error("I2C controller write read allowlist filter " 1608 "mismatch for command & mask size"); 1609 return false; 1610 } 1611 allowlist.push_back( 1612 {static_cast<uint8_t>(std::stoul( 1613 filter[busIdStr].get<std::string>(), nullptr, base_16)), 1614 static_cast<uint8_t>( 1615 std::stoul(filter[targetAddrStr].get<std::string>(), 1616 nullptr, base_16)), 1617 static_cast<uint8_t>( 1618 std::stoul(filter[targetAddrMaskStr].get<std::string>(), 1619 nullptr, base_16)), 1620 writeData, writeDataMask}); 1621 } 1622 if (allowlist.size() != filters.size()) 1623 { 1624 lg2::error( 1625 "I2C controller write read allowlist filter size mismatch"); 1626 return false; 1627 } 1628 } 1629 catch (const std::exception& e) 1630 { 1631 lg2::error("I2C controller write read allowlist " 1632 "unexpected exception: {ERROR}", 1633 "ERROR", e); 1634 return false; 1635 } 1636 return true; 1637 } 1638 1639 static inline bool isWriteDataAllowlisted(const std::vector<uint8_t>& data, 1640 const std::vector<uint8_t>& dataMask, 1641 const std::vector<uint8_t>& writeData) 1642 { 1643 std::vector<uint8_t> processedDataBuf(data.size()); 1644 std::vector<uint8_t> processedReqBuf(dataMask.size()); 1645 std::transform(writeData.begin(), writeData.end(), dataMask.begin(), 1646 processedReqBuf.begin(), std::bit_or<uint8_t>()); 1647 std::transform(data.begin(), data.end(), dataMask.begin(), 1648 processedDataBuf.begin(), std::bit_or<uint8_t>()); 1649 1650 return (processedDataBuf == processedReqBuf); 1651 } 1652 1653 static bool isCmdAllowlisted(uint8_t busId, uint8_t targetAddr, 1654 std::vector<uint8_t>& writeData) 1655 { 1656 std::vector<i2cControllerWRAllowlist>& allowList = getWRAllowlist(); 1657 for (const auto& wlEntry : allowList) 1658 { 1659 if ((busId == wlEntry.busId) && 1660 ((targetAddr | wlEntry.targetAddrMask) == 1661 (wlEntry.targetAddr | wlEntry.targetAddrMask))) 1662 { 1663 const std::vector<uint8_t>& dataMask = wlEntry.dataMask; 1664 // Skip as no-match, if requested write data is more than the 1665 // write data mask size 1666 if (writeData.size() > dataMask.size()) 1667 { 1668 continue; 1669 } 1670 if (isWriteDataAllowlisted(wlEntry.data, dataMask, writeData)) 1671 { 1672 return true; 1673 } 1674 } 1675 } 1676 return false; 1677 } 1678 #else 1679 static bool populateI2CControllerWRAllowlist() 1680 { 1681 lg2::info("I2C_WHITELIST_CHECK is disabled, do not populate allowlist"); 1682 return true; 1683 } 1684 #endif // ENABLE_I2C_WHITELIST_CHECK 1685 1686 /** @brief implements controller write read IPMI command which can be used for 1687 * low-level I2C/SMBus write, read or write-read access 1688 * @param isPrivateBus -to indicate private bus usage 1689 * @param busId - bus id 1690 * @param channelNum - channel number 1691 * @param reserved - skip 1 bit 1692 * @param targetAddr - target address 1693 * @param read count - number of bytes to be read 1694 * @param writeData - data to be written 1695 * 1696 * @returns IPMI completion code plus response data 1697 * - readData - i2c response data 1698 */ 1699 ipmi::RspType<std::vector<uint8_t>> 1700 ipmiControllerWriteRead([[maybe_unused]] bool isPrivateBus, uint3_t busId, 1701 [[maybe_unused]] uint4_t channelNum, bool reserved, 1702 uint7_t targetAddr, uint8_t readCount, 1703 std::vector<uint8_t> writeData) 1704 { 1705 if (reserved) 1706 { 1707 return ipmi::responseInvalidFieldRequest(); 1708 } 1709 const size_t writeCount = writeData.size(); 1710 if (!readCount && !writeCount) 1711 { 1712 lg2::error("Controller write read command: Read & write count are 0"); 1713 return ipmi::responseInvalidFieldRequest(); 1714 } 1715 #ifdef ENABLE_I2C_WHITELIST_CHECK 1716 if (!isCmdAllowlisted(static_cast<uint8_t>(busId), 1717 static_cast<uint8_t>(targetAddr), writeData)) 1718 { 1719 lg2::error("Controller write read request blocked!, " 1720 "bus: {BUS}, addr: {ADDR}", 1721 "BUS", static_cast<uint8_t>(busId), "ADDR", lg2::hex, 1722 static_cast<uint8_t>(targetAddr)); 1723 } 1724 #endif // ENABLE_I2C_WHITELIST_CHECK 1725 std::vector<uint8_t> readBuf(readCount); 1726 std::string i2cBus = "/dev/i2c-" + 1727 std::to_string(static_cast<uint8_t>(busId)); 1728 1729 ipmi::Cc ret = ipmi::i2cWriteRead(i2cBus, static_cast<uint8_t>(targetAddr), 1730 writeData, readBuf); 1731 if (ret != ipmi::ccSuccess) 1732 { 1733 return ipmi::response(ret); 1734 } 1735 return ipmi::responseSuccess(readBuf); 1736 } 1737 1738 void register_netfn_app_functions() 1739 { 1740 // <Get Device ID> 1741 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1742 ipmi::app::cmdGetDeviceId, ipmi::Privilege::User, 1743 ipmiAppGetDeviceId); 1744 1745 // <Get BT Interface Capabilities> 1746 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1747 ipmi::app::cmdGetBtIfaceCapabilities, 1748 ipmi::Privilege::User, ipmiAppGetBtCapabilities); 1749 1750 // <Reset Watchdog Timer> 1751 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1752 ipmi::app::cmdResetWatchdogTimer, 1753 ipmi::Privilege::Operator, ipmiAppResetWatchdogTimer); 1754 1755 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1756 ipmi::app::cmdGetSessionInfo, ipmi::Privilege::User, 1757 ipmiAppGetSessionInfo); 1758 1759 // <Set Watchdog Timer> 1760 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1761 ipmi::app::cmdSetWatchdogTimer, 1762 ipmi::Privilege::Operator, ipmiSetWatchdogTimer); 1763 1764 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1765 ipmi::app::cmdCloseSession, ipmi::Privilege::Callback, 1766 ipmiAppCloseSession); 1767 1768 // <Get Watchdog Timer> 1769 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1770 ipmi::app::cmdGetWatchdogTimer, ipmi::Privilege::User, 1771 ipmiGetWatchdogTimer); 1772 1773 // <Get Self Test Results> 1774 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1775 ipmi::app::cmdGetSelfTestResults, 1776 ipmi::Privilege::User, ipmiAppGetSelfTestResults); 1777 1778 // <Get Device GUID> 1779 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1780 ipmi::app::cmdGetDeviceGuid, ipmi::Privilege::User, 1781 ipmiAppGetDeviceGuid); 1782 1783 // <Set ACPI Power State> 1784 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1785 ipmi::app::cmdSetAcpiPowerState, 1786 ipmi::Privilege::Admin, ipmiSetAcpiPowerState); 1787 // <Get ACPI Power State> 1788 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1789 ipmi::app::cmdGetAcpiPowerState, 1790 ipmi::Privilege::User, ipmiGetAcpiPowerState); 1791 1792 // Note: For security reason, this command will be registered only when 1793 // there are proper I2C Controller write read allowlist 1794 if (populateI2CControllerWRAllowlist()) 1795 { 1796 // Note: For security reasons, registering controller write read as 1797 // admin privilege command, even though IPMI 2.0 specification allows it 1798 // as operator privilege. 1799 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1800 ipmi::app::cmdMasterWriteRead, 1801 ipmi::Privilege::Admin, ipmiControllerWriteRead); 1802 } 1803 1804 // <Get System GUID Command> 1805 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1806 ipmi::app::cmdGetSystemGuid, ipmi::Privilege::User, 1807 ipmiAppGetSystemGuid); 1808 1809 // <Get Channel Cipher Suites Command> 1810 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1811 ipmi::app::cmdGetChannelCipherSuites, 1812 ipmi::Privilege::None, getChannelCipherSuites); 1813 1814 // <Get System Info Command> 1815 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1816 ipmi::app::cmdGetSystemInfoParameters, 1817 ipmi::Privilege::User, ipmiAppGetSystemInfo); 1818 // <Set System Info Command> 1819 ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp, 1820 ipmi::app::cmdSetSystemInfoParameters, 1821 ipmi::Privilege::Admin, ipmiAppSetSystemInfo); 1822 return; 1823 } 1824