Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-dbus-interfaces / cb01cd402e2c76bc7206317977706f2fd2073218^! / . / yaml / xyz / openbmc_project / Dump / Entry / System.interface.yaml
commitcb01cd402e2c76bc7206317977706f2fd2073218[log] [tgz]
authorDhruvaraj Subhashchandran <dhruvaraj@in.ibm.com>Mon Jul 10 02:20:18 2023 -0500
committerDhruvaraj Subhashchandran <dhruvaraj@in.ibm.com>Tue Jul 18 14:31:14 2023 -0500
tree48d9b8170cf83259573c32aa3b1e8990f17949b4
parent2117deabad40f9ac63815f3338e7ac3e1e3fe397 [diff] [blame]
Dump: Add user-challenge to System Dump entry

This commit introduces a 'UserChallenge' field to the
xyz.openbmc_project.Dump.Entry.System interface. This update
specifically addresses the requirement for non-disruptive system dumps.
Non-disruptive dumps are requested to the host and do not disrupt the
current system state. However, as they consume significant host
resources and involve the collection of host memory data, they must be
executed by authorized personnel.

To enforce this, the host requires user-challenge validation to process
the dump request. If the provided user-challenge is incorrect, the host
rejects the operation.

Change-Id: Ia9871a7264e036715a3ebe10f9054a2302e64c32
Signed-off-by: Dhruvaraj Subhashchandran <dhruvaraj@in.ibm.com>

diff --git a/yaml/xyz/openbmc_project/Dump/Entry/System.interface.yaml b/yaml/xyz/openbmc_project/Dump/Entry/System.interface.yaml
index 1e530c8..2547485 100644
--- a/yaml/xyz/openbmc_project/Dump/Entry/System.interface.yaml
+++ b/yaml/xyz/openbmc_project/Dump/Entry/System.interface.yaml

@@ -35,6 +35,21 @@
           system crashes. The second type is a 'non-disruptive' dump. As the
           name suggests, this dump is created without causing any disruption to
           the system state.
+    - name: UserChallenge
+      type: string
+      description: >
+          On some host implementations a user-challenge need to be provided by
+          the user and it flows through BMC and up to the host as a part of the
+          dump request. Non-disruptive dumps consume significant host resources
+          and involve the collection of host memory data. To safeguard these
+          operations and ensure they are initiated only by authorized personnel,
+          the provided passphrase is employed. In some systems, an Access
+          Control List (ACL) file, provided through the Platform Level Data
+          Model (PLDM), is used. The host validates the provided user-challenge
+          against this ACL. If the user-challenge doesn't match any entry in the
+          ACL, the host will reject the dump request. This field is needed so
+          the host can check that only authorized users are allowed to perform
+          certain dump operations.
 
 enumerations:
     - name: SystemImpact