Fix for Callback privilege
Issue: Not returning proper error when user privilege is Callback
Returning proper error codes.
Tested:
Command: ipmitool raw 0x06 0x40 0x3 0x42 0x41 //SetChannelAccess
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x40 rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x40 0x3 0x42 0xc2 //SetChannelAccess
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x40 rsp=0x83): Unknown (0x83)
Command: ipmitool user priv 2 0x01 1
Response: IPMI command failed: Invalid data field in request
Set Privilege Level command failed (user 2)
Command: ipmitool raw 0x06 0x38 1 1 //Get Channel Auth Capabilities
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x38 rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x40 0x1 0x42 0x81 //SetChannelAccess
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x40 rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x43 0x1 2 1 0 //Set User Access Command
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x43 rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x43 0x2 1 2 0 //Set User Access Command
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x43 rsp=0xff): Unspecified error
Command: ipmitool raw 0x06 0x42 0x02 //Get Channel Info Command
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x42 rsp=0x82): Unknown (0x82)
Command: ipmitool raw 0x06 0x4E 0x02 //Get Channel Payload Support
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x4e rsp=0xff): Unspecified error
Command: ipmitool raw 0x06 0x4E 0x0F //Get Channel Payload Support
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x4e rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x4F 0x02 0x00 //Get Channel Payload Version
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x4f rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x4C 0x02 0x01 0x02 0x00 0x00 0x00
//Set User Payload Access
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x4c rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x44 0x02 0x02 //Get User Access Command
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x44 rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x44 0x01 0x11 //Get User Access Command
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x44 rsp=0xc9): Parameter out of range
Command: ipmitool raw 0x06 0x4D 0x02 0x02 //Get User Payload Access
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x4d rsp=0xcc): Invalid data field in request
Command: ipmitool raw 0x06 0x40 0x3 0x44 0x43
// set channel access for Non-volatile priv limit
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x40 rsp=0x83): Unknown (0x83)
Command: ipmitool raw 0x06 0x40 0x1 0x85 0x82
// set channel access for volatile priv limit
Response: Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0
cmd=0x40 rsp=0x83): Unknown (0x83)
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I4ff6fb5ae9a604e6b38fb92c249416605ec27cb5
diff --git a/user_channel/channelcommands.cpp b/user_channel/channelcommands.cpp
index 714c05a..4bf8071 100644
--- a/user_channel/channelcommands.cpp
+++ b/user_channel/channelcommands.cpp
@@ -47,16 +47,17 @@
uint2_t chanAccess, uint4_t channelPrivLimit,
uint2_t reserved2, uint2_t channelPrivMode)
{
- const uint8_t chNum =
- convertCurrentChannelNum(static_cast<uint8_t>(channel), ctx->channel);
-
- if (!isValidChannel(chNum) || reserved1 != 0 || reserved2 != 0)
+ if (reserved1 || reserved2 ||
+ !isValidPrivLimit(static_cast<uint8_t>(channelPrivLimit)))
{
log<level::DEBUG>("Set channel access - Invalid field in request");
return responseInvalidFieldRequest();
}
- if (getChannelSessionSupport(chNum) == EChannelSessSupported::none)
+ const uint8_t chNum =
+ convertCurrentChannelNum(static_cast<uint8_t>(channel), ctx->channel);
+ if ((getChannelSessionSupport(chNum) == EChannelSessSupported::none) ||
+ (!isValidChannel(chNum)))
{
log<level::DEBUG>("Set channel access - No support on channel");
return response(ccActionNotSupportedForChannel);
@@ -95,7 +96,7 @@
case reserved:
default:
log<level::DEBUG>("Set channel access - Invalid access set mode");
- return responseInvalidFieldRequest();
+ return response(ccAccessModeNotSupportedForChannel);
}
// cannot static cast directly from uint2_t to enum; must go via int
@@ -116,7 +117,7 @@
case reserved:
default:
log<level::DEBUG>("Set channel access - Invalid access priv mode");
- return responseInvalidFieldRequest();
+ return response(ccAccessModeNotSupportedForChannel);
}
if (setNVFlag != 0)
@@ -170,10 +171,7 @@
ipmiGetChannelAccess(Context::ptr ctx, uint4_t channel, uint4_t reserved1,
uint6_t reserved2, uint2_t accessSetMode)
{
- const uint8_t chNum =
- convertCurrentChannelNum(static_cast<uint8_t>(channel), ctx->channel);
-
- if (!isValidChannel(chNum) || reserved1 != 0 || reserved2 != 0)
+ if (reserved1 || reserved2)
{
log<level::DEBUG>("Get channel access - Invalid field in request");
return responseInvalidFieldRequest();
@@ -182,10 +180,14 @@
if ((accessSetMode == doNotSet) || (accessSetMode == reserved))
{
log<level::DEBUG>("Get channel access - Invalid Access mode");
- return responseInvalidFieldRequest();
+ return response(ccAccessModeNotSupportedForChannel);
}
- if (getChannelSessionSupport(chNum) == EChannelSessSupported::none)
+ const uint8_t chNum =
+ convertCurrentChannelNum(static_cast<uint8_t>(channel), ctx->channel);
+
+ if ((getChannelSessionSupport(chNum) == EChannelSessSupported::none) ||
+ (!isValidChannel(chNum)))
{
log<level::DEBUG>("Get channel access - No support on channel");
return response(ccActionNotSupportedForChannel);
@@ -245,14 +247,20 @@
>
ipmiGetChannelInfo(Context::ptr ctx, uint4_t channel, uint4_t reserved)
{
- uint8_t chNum =
- convertCurrentChannelNum(static_cast<uint8_t>(channel), ctx->channel);
- if (!isValidChannel(chNum) || reserved)
+ if (reserved)
{
log<level::DEBUG>("Get channel access - Invalid field in request");
return responseInvalidFieldRequest();
}
+ uint8_t chNum =
+ convertCurrentChannelNum(static_cast<uint8_t>(channel), ctx->channel);
+ if (!isValidChannel(chNum))
+ {
+ log<level::DEBUG>("Get channel Info - No support on channel");
+ return response(ccActionNotSupportedForChannel);
+ }
+
ChannelInfo chInfo;
Cc compCode = getChannelInfo(chNum, chInfo);
if (compCode != ccSuccess)
@@ -315,20 +323,19 @@
{
uint8_t chNum =
convertCurrentChannelNum(static_cast<uint8_t>(channel), ctx->channel);
- if (!isValidChannel(chNum) || reserved)
+
+ if (!doesDeviceExist(chNum) || !isValidChannel(chNum) || reserved)
{
- log<level::DEBUG>("Get channel access - Invalid field in request");
+ log<level::DEBUG>("Get channel payload - Invalid field in request");
return responseInvalidFieldRequest();
}
// Session support is available in active LAN channels.
- if ((getChannelSessionSupport(chNum) == EChannelSessSupported::none) ||
- !(doesDeviceExist(chNum)))
+ if (getChannelSessionSupport(chNum) == EChannelSessSupported::none)
{
- log<level::DEBUG>("Get channel payload - Device not exist");
- return responseInvalidFieldRequest();
+ log<level::DEBUG>("Get channel payload - No support on channel");
+ return response(ccActionNotSupportedForChannel);
}
-
constexpr uint16_t stdPayloadType = standardPayloadBit(PayloadType::IPMI) |
standardPayloadBit(PayloadType::SOL);
constexpr uint16_t sessSetupPayloadType =
@@ -361,15 +368,24 @@
uint8_t channel =
convertCurrentChannelNum(static_cast<uint8_t>(chNum), ctx->channel);
- if (reserved || !isValidChannel(channel) ||
- (getChannelSessionSupport(channel)) == EChannelSessSupported::none)
+ if (reserved || !isValidChannel(channel))
{
+ log<level::DEBUG>(
+ "Get channel payload version - Invalid field in request");
return responseInvalidFieldRequest();
}
+ if (getChannelSessionSupport(channel) == EChannelSessSupported::none)
+ {
+ log<level::DEBUG>(
+ "Get channel payload version - No support on channel");
+ return response(ccActionNotSupportedForChannel);
+ }
+
if (!isValidPayloadType(static_cast<PayloadType>(payloadTypeNum)))
{
- log<level::ERR>("Channel payload version - Payload type unavailable");
+ log<level::ERR>(
+ "Get channel payload version - Payload type unavailable");
constexpr uint8_t payloadTypeNotSupported = 0x80;
return response(payloadTypeNotSupported);