Allow unrestricted sensor override through flag
Allow overriding sensor values without any restriction based on
BMCWEB_INSECURE_UNRESTRICTED_SENSOR_OVERRIDE flag
Tested:
1. Redfish validator - passed for this new change
2. Verified for BMCWEB_ENABLE_VALIDATION_UNSECURE_FEATURE is OFF and
BMCWEB_INSECURE_UNRESTRICTED_SENSOR_OVERRIDE is ON
Case 1:
1. Enable manufacturing mode by pressing power button while bmc booting
2. Patch sensor values from Redfish.
Redfish URI:
PATCH https://<BMC-IP>/redfish/v1/Chassis/WC_Baseboard/Thermal
Body:
{
"Temperatures": [
{
"MemberId": "SSB_Temp",
"ReadingCelsius":112
}
]
}
Response:
{
"@odata.id": "/redfish/v1/Chassis/WC_Baseboard/Thermal",
"@odata.type": "#Thermal.v1_4_0.Thermal",
"Fans": [],
"Id": "Thermal",
"Name": "Thermal",
"Temperatures": []
}
3. Sensor value Overridden successfully
Case 2: Verified for ValidationUnsecure mode.
Case 3: Tested without SpecialMode mode
1. Stop the specialmodemgr.service service
2. Patch sensor values from Redfish.
3. Sensor value Overridden successfully
Case 4:
1. Disable manufacturing mode
Command: ipmitool raw 0x30 0xB4 3 0
Response: //Success
2. Patch sensor values from Redfish.
3. Sensor value Overridden successfully
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I0557cc88d2aceebade4b78e4478e17feecb6e088
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 3ced518..4bf1673 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -119,10 +119,16 @@
OFF
)
-option (BMCWEB_ENABLE_VALIDATION_UNSECURE_FEATURE
- "Enables unsecure features required by validation. Note: must
- be turned off for production images."
- OFF)
+option (
+ BMCWEB_ENABLE_VALIDATION_UNSECURE_FEATURE
+ "Enables unsecure features required by validation. Note: must
+ be turned off for production images."
+ OFF)
+
+option (
+ BMCWEB_INSECURE_UNRESTRICTED_SENSOR_OVERRIDE
+ "Enables Sensor override feature without any check."
+ OFF)
set (BMCWEB_HTTP_REQ_BODY_LIMIT_MB "30" CACHE STRING
"The max HTTP request body size in MB")
@@ -399,6 +405,8 @@
-DBMCWEB_ENABLE_REDFISH_PROVISIONING_FEATURE>
$<$<BOOL:${BMCWEB_ENABLE_VALIDATION_UNSECURE_FEATURE}>:
-DBMCWEB_ENABLE_VALIDATION_UNSECURE_FEATURE>
+ $<$<BOOL:${BMCWEB_INSECURE_UNRESTRICTED_SENSOR_OVERRIDE}>:
+ -DBMCWEB_INSECURE_UNRESTRICTED_SENSOR_OVERRIDE>
)
# configure and install systemd unit files
diff --git a/redfish-core/lib/sensors.hpp b/redfish-core/lib/sensors.hpp
index 3caaeed..9061165 100644
--- a/redfish-core/lib/sensors.hpp
+++ b/redfish-core/lib/sensors.hpp
@@ -2597,7 +2597,7 @@
*
* @param res response object
* @param allCollections Collections extract from sensors' request patch info
- * @param chassisSubNode Chassis Node for which the query has to happen
+ * @param chassisSubNode Chassis Node for which the query has to happen
*/
void setSensorsOverride(
std::shared_ptr<SensorsAsyncResp> sensorAsyncResp,
@@ -2774,17 +2774,17 @@
messages::internalError(sensorAsyncResp->res);
return;
}
- if (!resp.size())
- {
- // Special mode manager doesn't exist, proceed with sensor
- // override
- setSensorsOverride(sensorAsyncResp, allCollections);
- return;
- }
+#ifdef BMCWEB_INSECURE_UNRESTRICTED_SENSOR_OVERRIDE
+ // Proceed with sensor override
+ setSensorsOverride(sensorAsyncResp, allCollections);
+ return;
+#endif
if (resp.size() != 1)
{
- BMCWEB_LOG_DEBUG << "Queried object count mismatch. ";
+ BMCWEB_LOG_WARNING
+ << "Overriding sensor value is not allowed - Internal "
+ "error in querying SpecialMode property.";
messages::internalError(sensorAsyncResp->res);
return;
}