1 /* 2 // Copyright (c) 2018 Intel Corporation 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 */ 16 #pragma once 17 #include <host-ipmid/ipmid-api.h> 18 19 #include <string> 20 21 namespace ipmi 22 { 23 24 // TODO: Has to be replaced with proper channel number assignment logic 25 /** 26 * @enum Channel Id 27 */ 28 enum class EChannelID : uint8_t 29 { 30 chanLan1 = 0x01 31 }; 32 33 static constexpr uint8_t invalidUserId = 0xFF; 34 static constexpr uint8_t reservedUserId = 0x0; 35 static constexpr uint8_t ipmiMaxUserName = 16; 36 static constexpr uint8_t ipmiMaxUsers = 15; 37 static constexpr uint8_t ipmiMaxChannels = 16; 38 39 /** @struct PrivAccess 40 * 41 * User privilege related access data as per IPMI specification.(refer spec 42 * sec 22.26) 43 */ 44 struct PrivAccess 45 { 46 #if BYTE_ORDER == LITTLE_ENDIAN 47 uint8_t privilege : 4; 48 uint8_t ipmiEnabled : 1; 49 uint8_t linkAuthEnabled : 1; 50 uint8_t accessCallback : 1; 51 uint8_t reserved : 1; 52 #endif 53 #if BYTE_ORDER == BIG_ENDIAN 54 uint8_t reserved : 1; 55 uint8_t accessCallback : 1; 56 uint8_t linkAuthEnabled : 1; 57 uint8_t ipmiEnabled : 1; 58 uint8_t privilege : 4; 59 #endif 60 } __attribute__((packed)); 61 62 /** @brief initializes user management 63 * 64 * @return IPMI_CC_OK for success, others for failure. 65 */ 66 ipmi_ret_t ipmiUserInit(); 67 68 /** @brief The ipmi get user password layer call 69 * 70 * @param[in] userName - user name 71 * 72 * @return password or empty string 73 */ 74 std::string ipmiUserGetPassword(const std::string& userName); 75 76 /** @brief The IPMI call to clear password entry associated with specified 77 * username 78 * 79 * @param[in] userName - user name to be removed 80 * 81 * @return 0 on success, non-zero otherwise. 82 */ 83 ipmi_ret_t ipmiClearUserEntryPassword(const std::string& userName); 84 85 /** @brief The IPMI call to reuse password entry for the renamed user 86 * to another one 87 * 88 * @param[in] userName - user name which has to be renamed 89 * @param[in] newUserName - new user name 90 * 91 * @return 0 on success, non-zero otherwise. 92 */ 93 ipmi_ret_t ipmiRenameUserEntryPassword(const std::string& userName, 94 const std::string& newUserName); 95 96 /** @brief determines valid userId 97 * 98 * @param[in] userId - user id 99 * 100 * @return true if valid, false otherwise 101 */ 102 bool ipmiUserIsValidUserId(const uint8_t userId); 103 104 /** @brief determines valid channel 105 * 106 * @param[in] chNum- channel number 107 * 108 * @return true if valid, false otherwise 109 */ 110 bool ipmiUserIsValidChannel(const uint8_t chNum); 111 112 /** @brief determines valid privilege level 113 * 114 * @param[in] priv - privilege level 115 * 116 * @return true if valid, false otherwise 117 */ 118 bool ipmiUserIsValidPrivilege(const uint8_t priv); 119 120 /** @brief get user id corresponding to the user name 121 * 122 * @param[in] userName - user name 123 * 124 * @return userid. Will return 0xff if no user id found 125 */ 126 uint8_t ipmiUserGetUserId(const std::string& userName); 127 128 /** @brief set's user name 129 * 130 * @param[in] userId - user id 131 * @param[in] userName - user name 132 * 133 * @return IPMI_CC_OK for success, others for failure. 134 */ 135 ipmi_ret_t ipmiUserSetUserName(const uint8_t userId, const char* userName); 136 137 /** @brief get user name 138 * 139 * @param[in] userId - user id 140 * @param[out] userName - user name 141 * 142 * @return IPMI_CC_OK for success, others for failure. 143 */ 144 ipmi_ret_t ipmiUserGetUserName(const uint8_t userId, std::string& userName); 145 146 /** @brief provides available fixed, max, and enabled user counts 147 * 148 * @param[out] maxChUsers - max channel users 149 * @param[out] enabledUsers - enabled user count 150 * @param[out] fixedUsers - fixed user count 151 * 152 * @return IPMI_CC_OK for success, others for failure. 153 */ 154 ipmi_ret_t ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers, 155 uint8_t& fixedUsers); 156 157 /** @brief function to update user enabled state 158 * 159 * @param[in] userId - user id 160 *..@param[in] state - state of the user to be updated, true - user enabled. 161 * 162 * @return IPMI_CC_OK for success, others for failure. 163 */ 164 ipmi_ret_t ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state); 165 166 /** @brief determines whether user is enabled 167 * 168 * @param[in] userId - user id 169 *..@param[out] state - state of the user 170 * 171 * @return IPMI_CC_OK for success, others for failure. 172 */ 173 ipmi_ret_t ipmiUserCheckEnabled(const uint8_t userId, bool& state); 174 175 /** @brief provides user privilege access data 176 * 177 * @param[in] userId - user id 178 * @param[in] chNum - channel number 179 * @param[out] privAccess - privilege access data 180 * 181 * @return IPMI_CC_OK for success, others for failure. 182 */ 183 ipmi_ret_t ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 184 PrivAccess& privAccess); 185 186 /** @brief sets user privilege access data 187 * 188 * @param[in] userId - user id 189 * @param[in] chNum - channel number 190 * @param[in] privAccess - privilege access data 191 * @param[in] otherPrivUpdate - flags to indicate other fields update 192 * 193 * @return IPMI_CC_OK for success, others for failure. 194 */ 195 ipmi_ret_t ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 196 const PrivAccess& privAccess, 197 const bool& otherPrivUpdate); 198 199 } // namespace ipmi 200