| commit | f7616315ea0caf514b2e2927f196392891748e2f | [log] [tgz] |
|---|---|---|
| author | Orit Kashany <okashany@nvidia.com> | Sun Aug 24 04:48:41 2025 -0700 |
| committer | Orit Kashany <okashany@nvidia.com> | Tue Aug 26 01:36:32 2025 -0700 |
| tree | 645b244a8dded4e762cdf5b5be6b3571e26011aa | |
| parent | 5659dda70999bc6ca9fb52fb22dac1f2fb6c47a7 [diff] |
Fix handling of 16-byte IPMI username without null terminator The IPMI spec defines username as a fixed 16-byte field, which may not contain a null terminator if the name length is exactly 16 characters. Several places in the code assumed C-string semantics (null terminated), causing incorrect user data reading and comparisons. This change: 1. Replaces incorrect std::string(const char *, size_t pos, size_t count), which does not exist, with length-safe strnlen + std::string(char *, size_t count). These are the relevant constructors exist: std::string(const char* s, size_t count) std::string(const std::string& str, size_t pos, size_t count). The old code used the second constructor with char *, which led to unexpected behaviors. 2. Replaces strncpy and unsafe std::fill casts with explicit zero padding memset and memcpy. 3. Ensures reads stop at the first null or take the full 16 bytes in case there is no null. This ensures storage, retrieval and comparison of all valid IPMI usernames, including the edge case of exactly 16 characters with no null terminator. Tested on bluefield BMC platform: ``` root@dpu-bmc:~# ipmitool user set name 10 firmware_updater root@dpu-bmc:~# ipmitool user list 1 ID Name Call Link Auth IPMI Msg Channel Priv Limit 1 root false true true ADMINISTRATOR 2 true false false NO ACCESS 3 true false false NO ACCESS 4 true false false NO ACCESS 5 true false false NO ACCESS 6 true false false NO ACCESS 7 true false false NO ACCESS 8 true false false NO ACCESS 9 true false false NO ACCESS 10 firmware_updater true false false USER 11 true false false NO ACCESS 12 true false false NO ACCESS 13 true false false NO ACCESS 14 true false false NO ACCESS 15 true false false NO ACCESS root@dpu-bmc:~# ipmitool user set name 10 "" root@dpu-bmc:~# ipmitool user list 1 ID Name Call Link Auth IPMI Msg Channel Priv Limit 1 root false true true ADMINISTRATOR 2 true false false NO ACCESS 3 true false false NO ACCESS 4 true false false NO ACCESS 5 true false false NO ACCESS 6 true false false NO ACCESS 7 true false false NO ACCESS 8 true false false NO ACCESS 9 true false false NO ACCESS 10 true false false NO ACCESS 11 true false false NO ACCESS 12 true false false NO ACCESS 13 true false false NO ACCESS 14 true false false NO ACCESS 15 true false false NO ACCESS root@dpu-bmc:~# ipmitool user set name 4 testuser root@dpu-bmc:~# ipmitool user set password 4 "Aa1234567890!!" Set User Password command successful (user 4) root@dpu-bmc:~# ipmitool channel setaccess 1 4 link=on ipmi=on privilege=4 Set User Access (channel 1 id 4) successful. root@dpu-bmc:~# ipmitool user enable 4 root@dpu-bmc:~# ipmitool channel getaccess 1 4 Maximum User IDs : 15 Enabled User IDs : 2 User ID : 4 User Name : testuser Fixed Name : No Access Available : callback Link Authentication : enabled IPMI Messaging : enabled Privilege Level : ADMINISTRATOR Enable Status : enabled On host: root@ldev-platform-12:~# ipmitool -I lanplus -H <bmc_ip> -U testuser -P 'Aa1234567890!!' -C 17 power status Chassis Power is on ``` Change-Id: Ib678bdcca1d88289d5c8ce414876563d5fead4ad Signed-off-by: Orit Kashany <okashany@nvidia.com>
meson builddir ninja -C builddir
meson builddir -Dbuildtype=minsize -Db_lto=true -Dtests=disabled ninja -C builddir
If any of the dependencies are not found on the host system during configuration, meson automatically gets them via its wrap dependencies mentioned in ipmid/subprojects.
meson builddir -Dwrap_mode=nofallback ninja -C builddir
meson builddir -Dbuildtype=debug ninja -C builddir
meson builddir -Db_coverage=true -Dtests=enabled ninja -C builddir test ninja -C builddir coverage