meta-quanta: s6q: implement the chassis capabilities intrusion
This settings is according to IPMI SPEC chassis capabilities to provide intrusion sensor.
Adding chassis intrusion sensor monitor to implement 'ChassisIntrusionEnabled' property functionally.
Tested:
get chassis capabilities, first 01 is meant to enable intrusion sensor
~# ipmitool raw 0x00 0x00
01 20 20 20 20 20
check the intrusion sensor Status
~# systemctl status xyz.openbmc_project.intrusionsensor.service
● xyz.openbmc_project.intrusionsensor.service - Intrusion Sensor
Loaded: loaded (/lib/systemd/system/xyz.openbmc_project.intrusionsensor.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-01-10 01:53:48 UTC; 10min ago
Main PID: 478 (intrusionsensor)
CGroup: /system.slice/xyz.openbmc_project.intrusionsensor.service
└─478 intrusionsensor
then, set no provided any chassis capabilities function.
~# ipmitool raw 0x00 0x05 0x00 0x20 0x20 0x20 0x20 0x20
check chassis capabilities status.
~# ipmitool raw 0x00 0x00
00 20 20 20 20 20
now, intrusion sensor is not provided.
~# systemctl status xyz.openbmc_project.intrusionsensor.service
○ xyz.openbmc_project.intrusionsensor.service - Intrusion Sensor
Loaded: loaded (/lib/systemd/system/xyz.openbmc_project.intrusionsensor.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Mon 2022-01-10 02:05:44 UTC; 5s ago
Process: 478 ExecStart=/usr/bin/env intrusionsensor (code=killed, signal=TERM)
Main PID: 478 (code=killed, signal=TERM)
Signed-off-by: Joseph Fu <joseph.fu@quantatw.com>
Change-Id: Ib3e3811f9ae9ab79dab52921fb0e6e065d44c444
diff --git a/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor.bb b/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor.bb
new file mode 100644
index 0000000..20f73ad
--- /dev/null
+++ b/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor.bb
@@ -0,0 +1,17 @@
+SUMMARY = "Chassis Intrusion monitor for meta-s6q"
+PR = "r1"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10"
+
+inherit allarch
+inherit phosphor-dbus-monitor
+
+FILESEXTRAPATHS:prepend:s6q := "${THISDIR}/${BPN}:"
+
+SRC_URI += "file://config.yaml"
+
+do_install() {
+ install -D ${WORKDIR}/config.yaml ${D}${config_dir}/config.yaml
+}
+
+FILES:${PN} += "${config_dir}/config.yaml"
diff --git a/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor/config.yaml b/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor/config.yaml
new file mode 100644
index 0000000..f52eafb
--- /dev/null
+++ b/meta-quanta/meta-s6q/recipes-phosphor/dbus/chassis-intrusion-monitor/config.yaml
@@ -0,0 +1,111 @@
+- name: chassis capabilities path
+ class: group
+ group: path
+ members:
+ - meta: PATH
+ path: /xyz/openbmc_project/control/chassis_capabilities
+
+- name: intrusion property
+ class: group
+ group: property
+ type: boolean
+ members:
+ - interface: xyz.openbmc_project.Control.ChassisCapabilities
+ meta: PROPERTY
+ property: ChassisIntrusionEnabled
+
+- name: watch intrusionenable
+ class: watch
+ watch: property
+ paths: chassis capabilities path
+ properties: intrusion property
+ callback: intrusion enable
+
+- name: watch intrusiondisable
+ class: watch
+ watch: property
+ paths: chassis capabilities path
+ properties: intrusion property
+ callback: intrusion disable
+
+- name: intrusion enable
+ class: condition
+ condition: count
+ paths: chassis capabilities path
+ properties: intrusion property
+ callback: enable log and event
+ countop: '=='
+ countbound: 1
+ op: '=='
+ bound: true
+
+- name: intrusion disable
+ class: condition
+ condition: count
+ paths: chassis capabilities path
+ properties: intrusion property
+ callback: disable log and event
+ countop: '=='
+ countbound: 1
+ op: '=='
+ bound: false
+
+- name: enable log and event
+ class: callback
+ callback: group
+ members:
+ - journal callback enable value
+ - start intrusion sensor
+
+- name: disable log and event
+ class: callback
+ callback: group
+ members:
+ - journal callback disable value
+ - stop intrusion sensor
+
+- name: journal callback enable value
+ class: callback
+ callback: journal
+ paths: chassis capabilities path
+ properties: intrusion property
+ severity: INFO
+ message: chassis intrusion enable
+
+- name: journal callback disable value
+ class: callback
+ callback: journal
+ paths: chassis capabilities path
+ properties: intrusion property
+ severity: INFO
+ message: chassis intrusion disable
+
+- name: stop intrusion sensor
+ description: >
+ 'Stop intrusion sensor.'
+ class: callback
+ callback: method
+ service: org.freedesktop.systemd1
+ path: /org/freedesktop/systemd1
+ interface: org.freedesktop.systemd1.Manager
+ method: StopUnit
+ args:
+ - value: xyz.openbmc_project.intrusionsensor.service
+ type: string
+ - value: replace
+ type: string
+
+- name: start intrusion sensor
+ description: >
+ 'Start intrusion sensor.'
+ class: callback
+ callback: method
+ service: org.freedesktop.systemd1
+ path: /org/freedesktop/systemd1
+ interface: org.freedesktop.systemd1.Manager
+ method: StartUnit
+ args:
+ - value: xyz.openbmc_project.intrusionsensor.service
+ type: string
+ - value: replace
+ type: string
diff --git a/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor-config.bbappend b/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor-config.bbappend
new file mode 100644
index 0000000..bfe592e
--- /dev/null
+++ b/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor-config.bbappend
@@ -0,0 +1 @@
+PHOSPHOR_DBUS_MONITOR_CONFIGS:append:s6q = " chassis-intrusion-monitor"
diff --git a/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor_%.bbappend b/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor_%.bbappend
new file mode 100644
index 0000000..e8df886
--- /dev/null
+++ b/meta-quanta/meta-s6q/recipes-phosphor/dbus/phosphor-dbus-monitor_%.bbappend
@@ -0,0 +1 @@
+FILESEXTRAPATHS:append:s6q := ":${THISDIR}/${PN}"