Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 2db77d34ca673f32411621b7e34b039dec948bd3^! / . / meson_options.txt
commit2db77d34ca673f32411621b7e34b039dec948bd3[log] [tgz]
authorJohnathan Mantey <johnathanx.mantey@intel.com>Fri Nov 20 08:51:11 2020 -0800
committerEd Tanous <ed@tanous.net>Tue Mar 16 20:27:33 2021 +0000
tree71fbb4110f9db5f73af186ffbe879dd753920d6c
parent75710de2c0708a40a0caf6d513dba9ace033aad7 [diff] [blame]
Force HostName property to be read-only per the schema

The ManagerNetworkProtocol schema defines the HostName entry to be
read-only. Change the doPatch code to prevent updating the hostname
attribute.

The DMTF redfish/v1/Managers/bmc/NetworkProtocol is a read-only
location.

The DMTF approved location for changing the HostName is:
redfish/v1/Managers/bmc/EthernetInterfaces/<str>

This change does not impact phosphor-webui, as it uses D-Bus to
perform all of its work.
This change does not impact webui-vue, as it is using the DMTF
approved API.

This commit deprecates allowing Read/Write access to the Hostname in
the ManagersNetworkProtocol URI. To reduce the impact to Redfish
clients that rely upon Read/Write access a Meson compile time flag has
been added to allow Read/Write access to be restored. The Meson build
flag, redfish-allow-deprecated-hostname-patch, can be enabled to
restore Read/Write access. The Meson build flag is slated to be
removed in Q4 2021 enforcing the read-only state.

Tested:
Explicitly PATCH'd HostName to confirm it cannot be modified.
Enabled the HostName feature, and confirmed the HostName accepted a
PATCH command.
Ran Redfish_Service_Validator (deprecated, and re-enabled).

Change-Id: If7f2148d8bbb8a7b420c4abde086272c4320977a
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>

diff --git a/meson_options.txt b/meson_options.txt
index 5e5f7b5..9611631 100644
--- a/meson_options.txt
+++ b/meson_options.txt

@@ -29,6 +29,7 @@
 option('mutual-tls-auth', type : 'feature', value : 'enabled', description : '''Enables authenticating users through TLS client certificates. The insecure-disable-ssl must be disabled for this option to take effect.''')
 option('ibm-management-console', type : 'feature', value : 'disabled', description : 'Enable the IBM management console specific functionality. Paths are under \'/ibm/v1/\'')
 option('http-body-limit', type: 'integer', min : 0, max : 512, value : 30, description : 'Specifies the http request body length limit')
+option('redfish-allow-deprecated-hostname-patch', type : 'feature', value : 'disabled', description : 'Enable/disable Managers/bmc/NetworkProtocol HostName PATCH commands. The default condition is to prevent HostName changes from this URI, following the Redfish schema. Enabling this switch permits the HostName to be PATCHed at this URI. In Q4 2021 this feature will be removed, and the Redfish schema enforced, making the HostName read-only.')
 
 # Insecure options. Every option that starts with a `insecure` flag should
 # not be enabled by default for any platform, unless the author fully comprehends