IPMI Whitelisted commands for FRU and OEM repositories The IPMI whitelisted commands for phosphor-ipmi-fru and openpower-ipmi-oem is added. Only the IPMI whitelisted listed commands are allowed in restricted mode. The IPMI whitelisted commands for phosphor-ipmi-fru and openpower-ipmi-oem are added as native packages and host-ipmid depends on those. Change-Id: Ic4184773656567eb0dffa30ef29f8bc3ced3aff4 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>

commit: f07ae0128b380f1b5e6c27c510377cd450cff726 [log] [tgz]
author: Tom Joseph <tomjoseph@in.ibm.com> Mon Feb 20 12:01:43 2017 +0530
committer: Patrick Williams <patrick@stwcx.xyz> Tue Feb 21 14:21:01 2017 +0000
tree: f73eaf9861681a85ee4a10affd7c32b23a79c73d
parent: 773932295330e7e7ce1b2c79a73e83fee509e3a9 [diff]
diff --git a/classes/obmc-phosphor-utils.bbclass b/classes/obmc-phosphor-utils.bbclass
index 713c892..baaa19d 100644
--- a/classes/obmc-phosphor-utils.bbclass
+++ b/classes/obmc-phosphor-utils.bbclass

@@ -42,3 +42,11 @@
     lists = [listvar_to_list(d, x) for x in listvars]
     lst = [fmt.format(*x) for x in zip(*lists)]
     return (kw.get('sep') or ' ').join(lst)
+
+
+def append_suffix(val, suffix):
+    words = val.split(' ')
+    newval = []
+    for w in words:
+        newval.append(w + suffix)
+    return ' '.join(newval)
\ No newline at end of file

diff --git a/classes/phosphor-ipmi-host-whitelist.bbclass b/classes/phosphor-ipmi-host-whitelist.bbclass
new file mode 100644
index 0000000..7db71d5
--- /dev/null
+++ b/classes/phosphor-ipmi-host-whitelist.bbclass

@@ -0,0 +1,27 @@
+# Common code for recipes that implement Phosphor IPMI Whitelist
+# packages
+
+WHITELIST ?= "${PN}.conf"
+INSTALLDIR = "${sysconfdir}/phosphor-ipmi-host/"
+
+python phosphor_ipmi_host_whitelist_postinstall() {
+    def install_whitelist(d):
+        # Create the install directory if needed
+        whitelist_file = d.getVar('WHITELIST', True)
+        install_dir = d.getVar('INSTALLDIR', True)
+        if not os.path.exists(install_dir):
+            os.makedirs(install_dir)
+        install_file = os.path.join(install_dir, whitelist_file)
+
+        # Search for conf file in FILESPATH
+        searchpaths = d.getVar('FILESPATH', True)
+        path = bb.utils.which(searchpaths, whitelist_file)
+        if not os.path.isfile(path):
+            bb.fatal('Did not find conf file "%s"' % whitelist_file)
+
+        # Copy the conf file into install directory
+        bb.utils.copyfile(path, install_file)
+
+    install_whitelist(d)
+}
+do_install[postfuncs] += "phosphor_ipmi_host_whitelist_postinstall"
\ No newline at end of file

diff --git a/common/recipes-phosphor/ipmi/phosphor-ipmi-fru-whitelist-native.bb b/common/recipes-phosphor/ipmi/phosphor-ipmi-fru-whitelist-native.bb
new file mode 100644
index 0000000..30c2443
--- /dev/null
+++ b/common/recipes-phosphor/ipmi/phosphor-ipmi-fru-whitelist-native.bb

@@ -0,0 +1,6 @@
+SUMMARY = "Whitelisted IPMI FRU Parser commands"
+DESCRIPTION = "Whitelisted IPMI FRU Parser commands for OpenBMC"
+
+inherit obmc-phosphor-license
+inherit native
+inherit phosphor-ipmi-host-whitelist
\ No newline at end of file

diff --git a/common/recipes-phosphor/ipmi/phosphor-ipmi-fru-whitelist/phosphor-ipmi-fru-whitelist-native.conf b/common/recipes-phosphor/ipmi/phosphor-ipmi-fru-whitelist/phosphor-ipmi-fru-whitelist-native.conf
new file mode 100644
index 0000000..365c3d9
--- /dev/null
+++ b/common/recipes-phosphor/ipmi/phosphor-ipmi-fru-whitelist/phosphor-ipmi-fru-whitelist-native.conf

@@ -0,0 +1,2 @@
+#<NetFn>:<Command>
+0x0A:0x12    //<Storage>:<Write FRU Data>
\ No newline at end of file

diff --git a/common/recipes-phosphor/ipmi/phosphor-ipmi-host.bb b/common/recipes-phosphor/ipmi/phosphor-ipmi-host.bb
index 0b8b93d..285df5e 100644
--- a/common/recipes-phosphor/ipmi/phosphor-ipmi-host.bb
+++ b/common/recipes-phosphor/ipmi/phosphor-ipmi-host.bb

@@ -13,6 +13,7 @@
 DEPENDS += "phosphor-logging"
 DEPENDS += "phosphor-mapper"
 DEPENDS += "autoconf-archive-native"
+DEPENDS += "packagegroup-obmc-ipmid-providers"
 RDEPENDS_${PN}-dev += "phosphor-logging"
 RDEPENDS_${PN}-dev += "phosphor-mapper-dev"
 RDEPENDS_${PN} += "clear-once"
@@ -24,6 +25,15 @@
 
 SRCREV = "513d68e11cf6d392e847d39c743ce54ccaa0ebf7"
 
+# Setup IPMI Whitelist Conf files
+WHITELIST_CONF = " \
+        ${STAGING_ETCDIR_NATIVE}/phosphor-ipmi-host/*.conf \
+        ${S}/host-ipmid-whitelist.conf \
+        "
+EXTRA_OECONF = " \
+        WHITELIST_CONF="${WHITELIST_CONF}" \
+        "
+
 S = "${WORKDIR}/git"
 
 HOSTIPMI_PROVIDER_LIBRARY += "libapphandler.so"

diff --git a/common/recipes-phosphor/packagegroups/packagegroup-obmc-ipmid-providers.bb b/common/recipes-phosphor/packagegroups/packagegroup-obmc-ipmid-providers.bb
index 6f82cb3..476ad50 100644
--- a/common/recipes-phosphor/packagegroups/packagegroup-obmc-ipmid-providers.bb
+++ b/common/recipes-phosphor/packagegroups/packagegroup-obmc-ipmid-providers.bb

@@ -7,7 +7,12 @@
 PROVIDES = "${PACKAGES}"
 PACKAGES = "${PN}-libs"
 
+OBMC_IPMID_PROVIDERS = "phosphor-ipmi-fru"
+
 SUMMARY_${PN}-libs = "Extra providers for ipmid."
-RDEPENDS_${PN}-libs = " \
-        phosphor-ipmi-fru \
-        "
+RDEPENDS_${PN}-libs = "${OBMC_IPMID_PROVIDERS}"
+
+WHITELIST_FORMAT = "{0}-whitelist-native"
+OBMC_IPMID_WHITELISTS = "${@compose_list(d, 'WHITELIST_FORMAT', 'OBMC_IPMID_PROVIDERS')}"
+
+DEPENDS_append = "${OBMC_IPMID_WHITELISTS}"
\ No newline at end of file
commit	f07ae0128b380f1b5e6c27c510377cd450cff726	[log] [tgz]
author	Tom Joseph <tomjoseph@in.ibm.com>	Mon Feb 20 12:01:43 2017 +0530
committer	Patrick Williams <patrick@stwcx.xyz>	Tue Feb 21 14:21:01 2017 +0000
tree	f73eaf9861681a85ee4a10affd7c32b23a79c73d
parent	773932295330e7e7ce1b2c79a73e83fee509e3a9 [diff]