Added OemComputerSystems and properties for provisioning
- Added OemComputerSystems Schema for provisioning properties
- Added "ProvisioningStatus" Oem property with EnumType
1) NotProvisioned
2) ProvisionedButNotLocked
3) ProvisionedAndLocked
Intel secures platform firmware components using Intel PFR mechanism.
This may differ for other Oem's(non-intel platforms) but the properties
like Provisioned, Locked states should be of generic as per NIST SP
800-193. Added build time flag to enable/disable PFR supported platforms.
Tested:
- By default provisioning feature is OFF, using GET method on below URI
verified Oem Property and observed no such property. This is default
behaviour on upstream.
URI: /redfish/v1/Systems/system
Response: No "Oem" property.
- Enabled provisioning feature in Intel platforms and Verified using Systems
URI. Ran the redfish validator tool and no new issues found due to this
change.
URI: /redfish/v1/Systems/system
RESPONSE:
.....
"Oem": {
"OpenBmc": {
"FirmwareProvisioning": {
"ProvisioningStatus": "NotProvisioned"
}
}
}
.....
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: I674e6075263f4fa2962637d3add47393a1ff0c0b
diff --git a/redfish-core/lib/systems.hpp b/redfish-core/lib/systems.hpp
index 70c2eb8..d15a510 100644
--- a/redfish-core/lib/systems.hpp
+++ b/redfish-core/lib/systems.hpp
@@ -1157,6 +1157,74 @@
"xyz.openbmc_project.Object.Enable", "Enabled");
}
+#ifdef BMCWEB_ENABLE_REDFISH_PROVISIONING_FEATURE
+/**
+ * @brief Retrieves provisioning status
+ *
+ * @param[in] aResp Shared pointer for completing asynchronous calls.
+ *
+ * @return None.
+ */
+void getProvisioningStatus(std::shared_ptr<AsyncResp> aResp)
+{
+ BMCWEB_LOG_DEBUG << "Get OEM information.";
+ crow::connections::systemBus->async_method_call(
+ [aResp](const boost::system::error_code ec,
+ const std::vector<std::pair<std::string, VariantType>>
+ &propertiesList) {
+ if (ec)
+ {
+ BMCWEB_LOG_DEBUG << "DBUS response error " << ec;
+ messages::internalError(aResp->res);
+ return;
+ }
+
+ const bool *provState = nullptr;
+ const bool *lockState = nullptr;
+ for (const std::pair<std::string, VariantType> &property :
+ propertiesList)
+ {
+ if (property.first == "UfmProvisioned")
+ {
+ provState = std::get_if<bool>(&property.second);
+ }
+ else if (property.first == "UfmLocked")
+ {
+ lockState = std::get_if<bool>(&property.second);
+ }
+ }
+
+ if ((provState == nullptr) || (lockState == nullptr))
+ {
+ BMCWEB_LOG_DEBUG << "Unable to get PFR attributes.";
+ messages::internalError(aResp->res);
+ return;
+ }
+
+ nlohmann::json &oemPFR =
+ aResp->res.jsonValue["Oem"]["OpenBmc"]["FirmwareProvisioning"];
+ if (*provState == true)
+ {
+ if (*lockState == true)
+ {
+ oemPFR["ProvisioningStatus"] = "ProvisionedAndLocked";
+ }
+ else
+ {
+ oemPFR["ProvisioningStatus"] = "ProvisionedButNotLocked";
+ }
+ }
+ else
+ {
+ oemPFR["ProvisioningStatus"] = "NotProvisioned";
+ }
+ },
+ "xyz.openbmc_project.PFR.Manager", "/xyz/openbmc_project/pfr",
+ "org.freedesktop.DBus.Properties", "GetAll",
+ "xyz.openbmc_project.PFR.Attributes");
+}
+#endif
+
/**
* @brief Translates watchdog timeout action DBUS property value to redfish.
*
@@ -1668,6 +1736,9 @@
getBootProperties(asyncResp);
getPCIeDeviceList(asyncResp, "PCIeDevices");
getHostWatchdogTimer(asyncResp);
+#ifdef BMCWEB_ENABLE_REDFISH_PROVISIONING_FEATURE
+ getProvisioningStatus(asyncResp);
+#endif
}
void doPatch(crow::Response &res, const crow::Request &req,