Removing IsSystemInterface from biosconfigmanager
IsSystemInterface functionality is handled by whitelist filter.
Tested:
OOB commands work as expected.
Case-1: RMCPP interface
Command: ipmitool -I lanplus -H xx.xx.xx.xx -U debuguser -P 0penBmc1
-C 17 raw 0x30 0xd8
Response: Unable to send RAW command (channel=0x0 netfn=0x30 lun=0x0
cmd=0xd8 rsp=0xd4): Insufficient privilege level
Case-2: KCS interface
Working as expected from BIOS to BMC before CoreBIOSdone/POSTComplete
and blocking after CoreBIOSdone/POSTComplete.
Signed-off-by: Arun Lal K M <arun.lal@intel.com>
Change-Id: Ica3bec4a2f72d072718a7310d493692332a6d5bb
diff --git a/ipmi-whitelist.conf b/ipmi-whitelist.conf
index fa11ad8..5a3f154 100644
--- a/ipmi-whitelist.conf
+++ b/ipmi-whitelist.conf
@@ -285,12 +285,12 @@
0x30:0xcd:0xff7f //<Intel General Application>:<Get Switch Collection Information>
0x30:0xd0:0xff7f //<Intel General Application>:<Get NVMe Drive Data>
0x30:0xd1:0xff7f //<Intel General Application>:<HSBP Statistics>
-0x30:0xd3:0x7f7f //<Intel General Application>:<Set BIOS Feature Capability>
+0x30:0xd3:0x0000 //<Intel General Application>:<Set BIOS Feature Capability>
0x30:0xd4:0xff7f //<Intel General Application>:<Get BIOS Capsule (OOB Update)>
-0x30:0xd5:0x7f7f //<Intel General Application>:<Set Payload>
+0x30:0xd5:0x0000 //<Intel General Application>:<Set Payload>
0x30:0xd6:0xff7f //<Intel General Application>:<Get Payload>
-0x30:0xd7:0x7f7f //<Intel General Application>:<Set BIOS Password Hash Info>
-0x30:0xd8:0xff7f //<Intel General Application>:<Get Stored BIOS Password>
+0x30:0xd7:0x0000 //<Intel General Application>:<Set BIOS Password Hash Info>
+0x30:0xd8:0x0000 //<Intel General Application>:<Get Stored BIOS Password>
0x30:0xd9:0x7f7f //<Intel General Application>:<OOB Update Status>
0x30:0xdb:0x7f7f //<Intel General Application>:<Get/Set BMC Remote Debug Parameters>
0x30:0xe2:0xff7f //<Intel General Application>:<OEM Get Reading>
diff --git a/src/biosconfigcommands.cpp b/src/biosconfigcommands.cpp
index a40c978..0fae09c 100644
--- a/src/biosconfigcommands.cpp
+++ b/src/biosconfigcommands.cpp
@@ -653,40 +653,10 @@
return ipmi::ccResponseError;
}
-/** @brief implements check the command interface is
- ** system interface or not
- ** true mean System interface and false mean LAN or IPMB
- **/
-static bool IsSystemInterface(ipmi::Context::ptr ctx)
-{
- ChannelInfo chInfo;
- Cc status = false;
-
- try
- {
- getChannelInfo(ctx->channel, chInfo);
- }
- catch (const sdbusplus::exception_t& e)
- {
- return false;
- }
- if (chInfo.mediumType !=
- static_cast<uint8_t>(EChannelMediumType::systemInterface))
- {
- return false;
- }
- return true;
-}
-
ipmi::RspType<> ipmiOEMSetBIOSCap(ipmi::Context::ptr ctx,
uint8_t BIOSCapabilties, uint8_t reserved1,
uint8_t reserved2, uint8_t reserved3)
{
- if (!IsSystemInterface(ctx))
- {
- return ipmi::responseCommandNotAvailable();
- }
-
if (getPostCompleted())
{
return ipmi::response(ipmiCCNotSupportedInCurrentState);
@@ -739,11 +709,6 @@
// We should support this Payload type 0 command only in KCS Interface
if (payloadType == static_cast<uint8_t>(ipmi::PType::IntelXMLType0))
{
- if (!IsSystemInterface(ctx))
- {
- return ipmi::responseCommandNotAvailable();
- }
-
if (getPostCompleted())
{
return ipmi::response(ipmiCCNotSupportedInCurrentState);
@@ -1110,12 +1075,6 @@
ipmi::Context::ptr ctx, std::array<uint8_t, maxSeedSize>& pwdSeed,
uint8_t algoInfo, std::array<uint8_t, maxHashSize>& adminPwdHash)
{
- // We should support this command only in KCS Interface
- if (!IsSystemInterface(ctx))
- {
- return ipmi::responseCommandNotAvailable();
- }
-
// We should not support this command after System Booted - After Exit Boot
// service called
if (getPostCompleted())
@@ -1163,7 +1122,8 @@
{
nlohmann::json data = nullptr;
- // We should support this command only in KCS Interface
+ // We should not support this command after System Booted - After Exit Boot
+ // service called
if (getPostCompleted())
{
return ipmi::response(ipmiCCNotSupportedInCurrentState);