14654d99fSRichard Marian Thomaiyar /* 24654d99fSRichard Marian Thomaiyar // Copyright (c) 2018 Intel Corporation 34654d99fSRichard Marian Thomaiyar // 44654d99fSRichard Marian Thomaiyar // Licensed under the Apache License, Version 2.0 (the "License"); 54654d99fSRichard Marian Thomaiyar // you may not use this file except in compliance with the License. 64654d99fSRichard Marian Thomaiyar // You may obtain a copy of the License at 74654d99fSRichard Marian Thomaiyar // 84654d99fSRichard Marian Thomaiyar // http://www.apache.org/licenses/LICENSE-2.0 94654d99fSRichard Marian Thomaiyar // 104654d99fSRichard Marian Thomaiyar // Unless required by applicable law or agreed to in writing, software 114654d99fSRichard Marian Thomaiyar // distributed under the License is distributed on an "AS IS" BASIS, 124654d99fSRichard Marian Thomaiyar // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 134654d99fSRichard Marian Thomaiyar // See the License for the specific language governing permissions and 144654d99fSRichard Marian Thomaiyar // limitations under the License. 154654d99fSRichard Marian Thomaiyar */ 164654d99fSRichard Marian Thomaiyar #pragma once 174654d99fSRichard Marian Thomaiyar 1877381f15SSaravanan Palanisamy #include <bitset> 19b541a5a5SNITIN SHARMA #include <ipmid/api.hpp> 204654d99fSRichard Marian Thomaiyar #include <string> 214654d99fSRichard Marian Thomaiyar 224654d99fSRichard Marian Thomaiyar namespace ipmi 234654d99fSRichard Marian Thomaiyar { 245a6b6369SRichard Marian Thomaiyar 255a6b6369SRichard Marian Thomaiyar // TODO: Has to be replaced with proper channel number assignment logic 266e1ba9efSRichard Marian Thomaiyar /** 276e1ba9efSRichard Marian Thomaiyar * @enum Channel Id 286e1ba9efSRichard Marian Thomaiyar */ 295a6b6369SRichard Marian Thomaiyar enum class EChannelID : uint8_t 305a6b6369SRichard Marian Thomaiyar { 315a6b6369SRichard Marian Thomaiyar chanLan1 = 0x01 325a6b6369SRichard Marian Thomaiyar }; 335a6b6369SRichard Marian Thomaiyar 345a6b6369SRichard Marian Thomaiyar static constexpr uint8_t invalidUserId = 0xFF; 355a6b6369SRichard Marian Thomaiyar static constexpr uint8_t reservedUserId = 0x0; 365a6b6369SRichard Marian Thomaiyar static constexpr uint8_t ipmiMaxUserName = 16; 375a6b6369SRichard Marian Thomaiyar static constexpr uint8_t ipmiMaxUsers = 15; 385a6b6369SRichard Marian Thomaiyar static constexpr uint8_t ipmiMaxChannels = 16; 3990b00c71SSuryakanth Sekar static constexpr uint8_t maxIpmi20PasswordSize = 20; 4090b00c71SSuryakanth Sekar static constexpr uint8_t maxIpmi15PasswordSize = 16; 4177381f15SSaravanan Palanisamy static constexpr uint8_t payloadsPerByte = 8; 425a6b6369SRichard Marian Thomaiyar 436e1ba9efSRichard Marian Thomaiyar /** @struct PrivAccess 446e1ba9efSRichard Marian Thomaiyar * 456e1ba9efSRichard Marian Thomaiyar * User privilege related access data as per IPMI specification.(refer spec 466e1ba9efSRichard Marian Thomaiyar * sec 22.26) 476e1ba9efSRichard Marian Thomaiyar */ 485a6b6369SRichard Marian Thomaiyar struct PrivAccess 495a6b6369SRichard Marian Thomaiyar { 505a6b6369SRichard Marian Thomaiyar #if BYTE_ORDER == LITTLE_ENDIAN 515a6b6369SRichard Marian Thomaiyar uint8_t privilege : 4; 525a6b6369SRichard Marian Thomaiyar uint8_t ipmiEnabled : 1; 535a6b6369SRichard Marian Thomaiyar uint8_t linkAuthEnabled : 1; 545a6b6369SRichard Marian Thomaiyar uint8_t accessCallback : 1; 555a6b6369SRichard Marian Thomaiyar uint8_t reserved : 1; 565a6b6369SRichard Marian Thomaiyar #endif 575a6b6369SRichard Marian Thomaiyar #if BYTE_ORDER == BIG_ENDIAN 585a6b6369SRichard Marian Thomaiyar uint8_t reserved : 1; 595a6b6369SRichard Marian Thomaiyar uint8_t accessCallback : 1; 605a6b6369SRichard Marian Thomaiyar uint8_t linkAuthEnabled : 1; 615a6b6369SRichard Marian Thomaiyar uint8_t ipmiEnabled : 1; 625a6b6369SRichard Marian Thomaiyar uint8_t privilege : 4; 635a6b6369SRichard Marian Thomaiyar #endif 645a6b6369SRichard Marian Thomaiyar } __attribute__((packed)); 655a6b6369SRichard Marian Thomaiyar 6677381f15SSaravanan Palanisamy /** @struct UserPayloadAccess 6777381f15SSaravanan Palanisamy * 6877381f15SSaravanan Palanisamy * Structure to denote payload access restrictions applicable for a 6977381f15SSaravanan Palanisamy * given user and channel. (refer spec sec 24.6) 7077381f15SSaravanan Palanisamy */ 7177381f15SSaravanan Palanisamy struct PayloadAccess 7277381f15SSaravanan Palanisamy { 7377381f15SSaravanan Palanisamy std::bitset<payloadsPerByte> stdPayloadEnables1; 7477381f15SSaravanan Palanisamy std::bitset<payloadsPerByte> stdPayloadEnables2Reserved; 7577381f15SSaravanan Palanisamy std::bitset<payloadsPerByte> oemPayloadEnables1; 7677381f15SSaravanan Palanisamy std::bitset<payloadsPerByte> oemPayloadEnables2Reserved; 7777381f15SSaravanan Palanisamy }; 7877381f15SSaravanan Palanisamy 795a6b6369SRichard Marian Thomaiyar /** @brief initializes user management 805a6b6369SRichard Marian Thomaiyar * 81b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 825a6b6369SRichard Marian Thomaiyar */ 83b541a5a5SNITIN SHARMA Cc ipmiUserInit(); 845a6b6369SRichard Marian Thomaiyar 854654d99fSRichard Marian Thomaiyar /** @brief The ipmi get user password layer call 864654d99fSRichard Marian Thomaiyar * 875a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name 884654d99fSRichard Marian Thomaiyar * 894654d99fSRichard Marian Thomaiyar * @return password or empty string 904654d99fSRichard Marian Thomaiyar */ 914654d99fSRichard Marian Thomaiyar std::string ipmiUserGetPassword(const std::string& userName); 924654d99fSRichard Marian Thomaiyar 93b29b5ab3SAppaRao Puli /** @brief The IPMI call to clear password entry associated with specified 94b29b5ab3SAppaRao Puli * username 95b29b5ab3SAppaRao Puli * 965a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name to be removed 97b29b5ab3SAppaRao Puli * 98b29b5ab3SAppaRao Puli * @return 0 on success, non-zero otherwise. 99b29b5ab3SAppaRao Puli */ 100b541a5a5SNITIN SHARMA Cc ipmiClearUserEntryPassword(const std::string& userName); 10142bed64dSRichard Marian Thomaiyar 10242bed64dSRichard Marian Thomaiyar /** @brief The IPMI call to reuse password entry for the renamed user 10342bed64dSRichard Marian Thomaiyar * to another one 10442bed64dSRichard Marian Thomaiyar * 1055a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name which has to be renamed 1065a6b6369SRichard Marian Thomaiyar * @param[in] newUserName - new user name 10742bed64dSRichard Marian Thomaiyar * 10842bed64dSRichard Marian Thomaiyar * @return 0 on success, non-zero otherwise. 10942bed64dSRichard Marian Thomaiyar */ 110b541a5a5SNITIN SHARMA Cc ipmiRenameUserEntryPassword(const std::string& userName, 11142bed64dSRichard Marian Thomaiyar const std::string& newUserName); 112b29b5ab3SAppaRao Puli 1135a6b6369SRichard Marian Thomaiyar /** @brief determines valid userId 1145a6b6369SRichard Marian Thomaiyar * 1155a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1165a6b6369SRichard Marian Thomaiyar * 1175a6b6369SRichard Marian Thomaiyar * @return true if valid, false otherwise 1185a6b6369SRichard Marian Thomaiyar */ 119a45cb34fSRichard Marian Thomaiyar bool ipmiUserIsValidUserId(const uint8_t userId); 1205a6b6369SRichard Marian Thomaiyar 1215a6b6369SRichard Marian Thomaiyar /** @brief determines valid privilege level 1225a6b6369SRichard Marian Thomaiyar * 1235a6b6369SRichard Marian Thomaiyar * @param[in] priv - privilege level 1245a6b6369SRichard Marian Thomaiyar * 1255a6b6369SRichard Marian Thomaiyar * @return true if valid, false otherwise 1265a6b6369SRichard Marian Thomaiyar */ 127a45cb34fSRichard Marian Thomaiyar bool ipmiUserIsValidPrivilege(const uint8_t priv); 1285a6b6369SRichard Marian Thomaiyar 1295a6b6369SRichard Marian Thomaiyar /** @brief get user id corresponding to the user name 1305a6b6369SRichard Marian Thomaiyar * 1315a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name 1325a6b6369SRichard Marian Thomaiyar * 1335a6b6369SRichard Marian Thomaiyar * @return userid. Will return 0xff if no user id found 1345a6b6369SRichard Marian Thomaiyar */ 1355a6b6369SRichard Marian Thomaiyar uint8_t ipmiUserGetUserId(const std::string& userName); 1365a6b6369SRichard Marian Thomaiyar 1375a6b6369SRichard Marian Thomaiyar /** @brief set's user name 1385a6b6369SRichard Marian Thomaiyar * 1395a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1405a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name 1415a6b6369SRichard Marian Thomaiyar * 142b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 1435a6b6369SRichard Marian Thomaiyar */ 144*e0af1c49Sjayaprakash Mutyala Cc ipmiUserSetUserName(const uint8_t userId, const char* userName); 1455a6b6369SRichard Marian Thomaiyar 14690b00c71SSuryakanth Sekar /** @brief set user password 14790b00c71SSuryakanth Sekar * 14890b00c71SSuryakanth Sekar * @param[in] userId - user id 14990b00c71SSuryakanth Sekar * @param[in] userPassword - New Password 15090b00c71SSuryakanth Sekar * 151b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 15290b00c71SSuryakanth Sekar */ 153b541a5a5SNITIN SHARMA Cc ipmiUserSetUserPassword(const uint8_t userId, const char* userPassword); 15490b00c71SSuryakanth Sekar 155788362ceSRichard Marian Thomaiyar /** @brief set special user password (non-ipmi accounts) 156788362ceSRichard Marian Thomaiyar * 157788362ceSRichard Marian Thomaiyar * @param[in] userName - user name 158788362ceSRichard Marian Thomaiyar * @param[in] userPassword - New Password 159788362ceSRichard Marian Thomaiyar * 160b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 161788362ceSRichard Marian Thomaiyar */ 162b541a5a5SNITIN SHARMA Cc ipmiSetSpecialUserPassword(const std::string& userName, 163788362ceSRichard Marian Thomaiyar const std::string& userPassword); 164788362ceSRichard Marian Thomaiyar 1655a6b6369SRichard Marian Thomaiyar /** @brief get user name 1665a6b6369SRichard Marian Thomaiyar * 1675a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1685a6b6369SRichard Marian Thomaiyar * @param[out] userName - user name 1695a6b6369SRichard Marian Thomaiyar * 170b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 1715a6b6369SRichard Marian Thomaiyar */ 172b541a5a5SNITIN SHARMA Cc ipmiUserGetUserName(const uint8_t userId, std::string& userName); 1735a6b6369SRichard Marian Thomaiyar 1745a6b6369SRichard Marian Thomaiyar /** @brief provides available fixed, max, and enabled user counts 1755a6b6369SRichard Marian Thomaiyar * 1765a6b6369SRichard Marian Thomaiyar * @param[out] maxChUsers - max channel users 1775a6b6369SRichard Marian Thomaiyar * @param[out] enabledUsers - enabled user count 1785a6b6369SRichard Marian Thomaiyar * @param[out] fixedUsers - fixed user count 1795a6b6369SRichard Marian Thomaiyar * 180b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 1815a6b6369SRichard Marian Thomaiyar */ 182b541a5a5SNITIN SHARMA Cc ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers, 1835a6b6369SRichard Marian Thomaiyar uint8_t& fixedUsers); 1845a6b6369SRichard Marian Thomaiyar 185282e79b4SRichard Marian Thomaiyar /** @brief function to update user enabled state 186282e79b4SRichard Marian Thomaiyar * 187282e79b4SRichard Marian Thomaiyar * @param[in] userId - user id 188282e79b4SRichard Marian Thomaiyar *..@param[in] state - state of the user to be updated, true - user enabled. 189282e79b4SRichard Marian Thomaiyar * 190b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 191282e79b4SRichard Marian Thomaiyar */ 192b541a5a5SNITIN SHARMA Cc ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state); 193282e79b4SRichard Marian Thomaiyar 1945a6b6369SRichard Marian Thomaiyar /** @brief determines whether user is enabled 1955a6b6369SRichard Marian Thomaiyar * 1965a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1975a6b6369SRichard Marian Thomaiyar *..@param[out] state - state of the user 1985a6b6369SRichard Marian Thomaiyar * 199b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 2005a6b6369SRichard Marian Thomaiyar */ 201b541a5a5SNITIN SHARMA Cc ipmiUserCheckEnabled(const uint8_t userId, bool& state); 2025a6b6369SRichard Marian Thomaiyar 2035a6b6369SRichard Marian Thomaiyar /** @brief provides user privilege access data 2045a6b6369SRichard Marian Thomaiyar * 2055a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 2065a6b6369SRichard Marian Thomaiyar * @param[in] chNum - channel number 2075a6b6369SRichard Marian Thomaiyar * @param[out] privAccess - privilege access data 2085a6b6369SRichard Marian Thomaiyar * 209b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 2105a6b6369SRichard Marian Thomaiyar */ 211b541a5a5SNITIN SHARMA Cc ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 2125a6b6369SRichard Marian Thomaiyar PrivAccess& privAccess); 2135a6b6369SRichard Marian Thomaiyar 2145a6b6369SRichard Marian Thomaiyar /** @brief sets user privilege access data 2155a6b6369SRichard Marian Thomaiyar * 2165a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 2175a6b6369SRichard Marian Thomaiyar * @param[in] chNum - channel number 2185a6b6369SRichard Marian Thomaiyar * @param[in] privAccess - privilege access data 2195a6b6369SRichard Marian Thomaiyar * @param[in] otherPrivUpdate - flags to indicate other fields update 2205a6b6369SRichard Marian Thomaiyar * 221b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 2225a6b6369SRichard Marian Thomaiyar */ 223b541a5a5SNITIN SHARMA Cc ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 2245a6b6369SRichard Marian Thomaiyar const PrivAccess& privAccess, 2255a6b6369SRichard Marian Thomaiyar const bool& otherPrivUpdate); 2265a6b6369SRichard Marian Thomaiyar 22702650d53SAyushi Smriti /** @brief check for user pam authentication. This is to determine, whether user 22802650d53SAyushi Smriti * is already locked out for failed login attempt 22902650d53SAyushi Smriti * 23002650d53SAyushi Smriti * @param[in] username - username 23102650d53SAyushi Smriti * @param[in] password - password 23202650d53SAyushi Smriti * 23302650d53SAyushi Smriti * @return status 23402650d53SAyushi Smriti */ 23502650d53SAyushi Smriti bool ipmiUserPamAuthenticate(std::string_view userName, 23602650d53SAyushi Smriti std::string_view userPassword); 23702650d53SAyushi Smriti 23877381f15SSaravanan Palanisamy /** @brief sets user payload access data 23977381f15SSaravanan Palanisamy * 24077381f15SSaravanan Palanisamy * @param[in] chNum - channel number 24177381f15SSaravanan Palanisamy * @param[in] operation - ENABLE / DISABLE operation 24277381f15SSaravanan Palanisamy * @param[in] userId - user id 24377381f15SSaravanan Palanisamy * @param[in] payloadAccess - payload access data 24477381f15SSaravanan Palanisamy * 245b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 24677381f15SSaravanan Palanisamy */ 247b541a5a5SNITIN SHARMA Cc ipmiUserSetUserPayloadAccess(const uint8_t chNum, const uint8_t operation, 24877381f15SSaravanan Palanisamy const uint8_t userId, 24977381f15SSaravanan Palanisamy const PayloadAccess& payloadAccess); 25077381f15SSaravanan Palanisamy 25177381f15SSaravanan Palanisamy /** @brief provides user payload access data 25277381f15SSaravanan Palanisamy * 25377381f15SSaravanan Palanisamy * @param[in] chNum - channel number 25477381f15SSaravanan Palanisamy * @param[in] userId - user id 25577381f15SSaravanan Palanisamy * @param[out] payloadAccess - payload access data 25677381f15SSaravanan Palanisamy * 257b541a5a5SNITIN SHARMA * @return ccSuccess for success, others for failure. 25877381f15SSaravanan Palanisamy */ 259b541a5a5SNITIN SHARMA Cc ipmiUserGetUserPayloadAccess(const uint8_t chNum, const uint8_t userId, 26077381f15SSaravanan Palanisamy PayloadAccess& payloadAccess); 26177381f15SSaravanan Palanisamy 2624654d99fSRichard Marian Thomaiyar } // namespace ipmi 263