Add mfg filter to allow MTM cmds only in mfg mode
For security purpose, mfg filter check is used to allow
manufacturing mode commands execution only in manufacturing mode.
Invalid command comp code should be returned otherwise. This
provides option to return 0xC1 even for invalid number of
bytes specified as expected.
Tested:
ipmitool raw 0x30 0x14 0x0c 0x00 0x00 0x00
ipmitool raw 0x30 0x15 0x01 0x00
ipmitool raw 0x30 0xB5 0x01
ipmitool raw 0x30 0xA1
ipmitool raw 0x30 0xA2
All these commands return 0xC1, when not in manufacturing
mode and executes as expected
Signed-off-by: Ayushi Smriti <smriti.ayushi@linux.intel.com>
Change-Id: I0adae24b17f729d97aca7c5fc93df92520e7bf5a
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Signed-off-by: Ayushi Smriti <smriti.ayushi@linux.intel.com>
diff --git a/src/manufacturingcommands.cpp b/src/manufacturingcommands.cpp
index 38c44d9..8b8adab 100644
--- a/src/manufacturingcommands.cpp
+++ b/src/manufacturingcommands.cpp
@@ -262,10 +262,8 @@
appMTMGetSignal(boost::asio::yield_context yield, uint8_t signalTypeByte,
uint8_t instance, uint8_t actionByte)
{
- if (mtm.getAccessLvl() < MtmLvl::mtmAvailable)
- {
- return ipmi::responseInvalidCommand();
- }
+ // mfg filter logic is used to allow MTM get signal command only in
+ // manfacturing mode.
SmSignalGet signalType = static_cast<SmSignalGet>(signalTypeByte);
SmActionGet action = static_cast<SmActionGet>(actionByte);
@@ -433,10 +431,8 @@
uint8_t actionByte,
std::optional<uint8_t> pwmSpeed)
{
- if (mtm.getAccessLvl() < MtmLvl::mtmAvailable)
- {
- return ipmi::responseInvalidCommand();
- }
+ // mfg filter logic is used to allow MTM set signal command only in
+ // manfacturing mode.
SmSignalSet signalType = static_cast<SmSignalSet>(signalTypeByte);
SmActionSet action = static_cast<SmActionSet>(actionByte);
@@ -579,11 +575,9 @@
ipmi::RspType<> mtmKeepAlive(boost::asio::yield_context yield, uint8_t reserved,
const std::array<char, 5>& intentionalSignature)
{
- // Allow MTM keep alive command only in manfacturing mode.
- if (mtm.getAccessLvl() != MtmLvl::mtmAvailable)
- {
- return ipmi::responseInvalidCommand();
- }
+ // mfg filter logic is used to allow MTM keep alive command only in
+ // manfacturing mode
+
constexpr std::array<char, 5> signatureOk = {'I', 'N', 'T', 'E', 'L'};
if (intentionalSignature != signatureOk || reserved != 0)
{
@@ -592,22 +586,45 @@
return ipmi::response(resetMtmTimer(yield));
}
+static constexpr unsigned int makeCmdKey(unsigned int netFn, unsigned int cmd)
+{
+ return (netFn << 8) | cmd;
+}
+
ipmi::Cc mfgFilterMessage(ipmi::message::Request::ptr request)
{
- // i2c master write read command needs additional checking
- if ((request->ctx->netFn == ipmi::netFnApp) &&
- (request->ctx->cmd == ipmi::app::cmdMasterWriteRead))
+ // Restricted commands, must be executed only in Manufacturing mode
+ switch (makeCmdKey(request->ctx->netFn, request->ctx->cmd))
{
- if (request->payload.size() > 4)
- {
- // Allow write data count > 1, only if it is in MFG mode
+ // i2c master write read command needs additional checking
+ case makeCmdKey(ipmi::netFnApp, ipmi::app::cmdMasterWriteRead):
+ if (request->payload.size() > 4)
+ {
+ // Allow write data count > 1, only if it is in MFG mode
+ if (mtm.getAccessLvl() != MtmLvl::mtmAvailable)
+ {
+ return ipmi::ccInsufficientPrivilege;
+ }
+ }
+ break;
+ case makeCmdKey(ipmi::netFnOemOne,
+ ipmi::intel::general::cmdGetSmSignal):
+ case makeCmdKey(ipmi::netFnOemOne,
+ ipmi::intel::general::cmdSetSmSignal):
+ case makeCmdKey(ipmi::netFnOemOne,
+ ipmi::intel::general::cmdMtmKeepAlive):
+ case makeCmdKey(ipmi::netFnOemOne,
+ ipmi::intel::general::cmdSetManufacturingData):
+ case makeCmdKey(ipmi::netFnOemOne,
+ ipmi::intel::general::cmdGetManufacturingData):
+ case makeCmdKey(ipmi::netFnStorage, ipmi::storage::cmdWriteFruData):
+
+ // Check for MTM mode
if (mtm.getAccessLvl() != MtmLvl::mtmAvailable)
{
- return ipmi::ccInsufficientPrivilege;
+ return ipmi::ccInvalidCommand;
}
- }
}
-
return ipmi::ccSuccess;
}