Updated privileges for IPMI commands
Updated privilege restrictions for below IPMI
commands as per IPMI spec.
- Get Session Info: User
- Get ACPI Power State: User
- Get Watchdog Timer: User
Tested:
Tested above commands with different privileged
users and validated.
Change-Id: If98d3125eee2192ac3b0f9195d1a46d57310abbf
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
diff --git a/apphandler.cpp b/apphandler.cpp
index ba1c439..8f11a8c 100644
--- a/apphandler.cpp
+++ b/apphandler.cpp
@@ -1638,8 +1638,8 @@
ipmi::Privilege::Operator, ipmiAppResetWatchdogTimer);
ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp,
- ipmi::app::cmdGetSessionInfo,
- ipmi::Privilege::Callback, ipmiAppGetSessionInfo);
+ ipmi::app::cmdGetSessionInfo, ipmi::Privilege::User,
+ ipmiAppGetSessionInfo);
// <Set Watchdog Timer>
ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp,
@@ -1652,8 +1652,8 @@
// <Get Watchdog Timer>
ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp,
- ipmi::app::cmdGetWatchdogTimer,
- ipmi::Privilege::Operator, ipmiGetWatchdogTimer);
+ ipmi::app::cmdGetWatchdogTimer, ipmi::Privilege::User,
+ ipmiGetWatchdogTimer);
// <Get Self Test Results>
ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp,
@@ -1672,7 +1672,7 @@
// <Get ACPI Power State>
ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnApp,
ipmi::app::cmdGetAcpiPowerState,
- ipmi::Privilege::Admin, ipmiGetAcpiPowerState);
+ ipmi::Privilege::User, ipmiGetAcpiPowerState);
// Note: For security reason, this command will be registered only when
// there are proper I2C Master write read whitelist