[D-Bus Intf] Security modes property & intf update
Defined new values like ProvisionedHostWhitelist,
ProvisionedHostDisabled, Provisioning which defines
how commands received through Host (system) interface
has to be filtered. Also defined SpecialMode interfaces
to handle special cases like manufacturing and validation
mode in OpenBMC.
Note: Please refer Security mode design doc under review for more
details
https://gerrit.openbmc-project.xyz/#/c/openbmc/docs/+/21195/
Change-Id: I270e7d23ca2ed260f2d121e3844c2ca79150070e
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
diff --git a/xyz/openbmc_project/Control/Security/RestrictionMode.interface.yaml b/xyz/openbmc_project/Control/Security/RestrictionMode.interface.yaml
index 8e4fd8d..0baae0e 100644
--- a/xyz/openbmc_project/Control/Security/RestrictionMode.interface.yaml
+++ b/xyz/openbmc_project/Control/Security/RestrictionMode.interface.yaml
@@ -21,3 +21,19 @@
- name: Blacklist
description: >
Prevent, if in the blacklist.
+ - name: Provisioning
+ description: >
+ Indicate that system is in provisioning mode
+ and all commands are allowed in system interface
+ in both pre and post BIOS boot.
+ - name: ProvisionedHostWhitelist
+ description: >
+ Commands in the whitelist will only be executed
+ through system interface after BIOS POST complete.
+ All KCS commands are supported before POST complete.
+ - name: ProvisionedHostDisabled
+ description: >
+ Commands through system interface are executed only
+ till BIOS POST complete notification, after
+ which system interface commands are blocked (except BIOS SMI
+ based ones).