Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-host-ipmid / 8c974f76411cb40f2c9c25cddd86814087d0eddf^! / .
commit8c974f76411cb40f2c9c25cddd86814087d0eddf[log] [tgz]
authorTyson Tuckerbear <ttucker@google.com>Mon Sep 19 15:49:06 2022 -0700
committerTyson Tuckerbear <ttucker@google.com>Thu Mar 20 20:14:20 2025 +0000
tree2373c634e430cc3e27884d9aa695d4935c6ab053
parent7acc8a2de959c7600bd38d65d8c5d21f488a45c6 [diff]
ipmid: Switch to /var/run for lockfiles

- This prevents IPMI connections from the host to the BMC from failing
  if the BMC's root ('/') partition fills up or is otherwise
  unwriteable.

- In the full filesystem case, this error only happens if the filesystem
  fills up prior to the first operation after flashing an image.

  This is because lockfiles are only created at connection time
  (e.g. see cacheUserDataFile() in user_channel/user_mgmt.cpp),
  so the failure only happens if no other operation has been performed
  since the image was first flashed.

- For the "root is otherwise unwriteable" case, all locking operations
  would fail, since even though the files may exist, they can't be
  opened as writeable.

- This approach is chosen since (a) `/var/run` is arguably the correct
  place for daemons to write runtime info, and (b) `/var/run` uses
  `tmpfs` so it should always be able to mount `rw`.

- Note that this does not prevent the "full filesystem" failure
  entirely, since other things may fill up `tmpfs`.

  The complete solution would include creating the files at start time
  (e.g. using systemd), which I will do in a followup change.

Tested: Flashed BMC with new image containing updated IPMI daemons.
Verified that IPMI operations work and that lock files are now created
in `/var/run/ipmi/` instead of `/var/lib/ipmi/`.

Signed-off-by: Tyson Tuckerbear <ttucker@google.com>
Change-Id: I33eb33ddb0009a978d5cea3fcd5615c45ce4416c

diff --git a/user_channel/channel_mgmt.hpp b/user_channel/channel_mgmt.hpp
index 43926bb..f27673b 100644
--- a/user_channel/channel_mgmt.hpp
+++ b/user_channel/channel_mgmt.hpp

@@ -38,7 +38,7 @@
 
 static constexpr const char* ipmiChannelMutex = "ipmi_channel_mutex";
 static constexpr const char* ipmiChMutexCleanupLockFile =
-    "/var/lib/ipmi/ipmi_channel_mutex_cleanup";
+    "/var/run/ipmi/ipmi_channel_mutex_cleanup";
 
 /** @struct ChannelAccessData
  *

diff --git a/user_channel/user_mgmt.cpp b/user_channel/user_mgmt.cpp
index b5680e0..bf11462 100644
--- a/user_channel/user_mgmt.cpp
+++ b/user_channel/user_mgmt.cpp

@@ -68,9 +68,9 @@
 
 static constexpr const char* ipmiUserMutex = "ipmi_usr_mutex";
 static constexpr const char* ipmiMutexCleanupLockFile =
-    "/var/lib/ipmi/ipmi_usr_mutex_cleanup";
+    "/var/run/ipmi/ipmi_usr_mutex_cleanup";
 static constexpr const char* ipmiUserSignalLockFile =
-    "/var/lib/ipmi/ipmi_usr_signal_mutex";
+    "/var/run/ipmi/ipmi_usr_signal_mutex";
 static constexpr const char* ipmiUserDataFile = "/var/lib/ipmi/ipmi_user.json";
 static constexpr const char* ipmiGrpName = "ipmi";
 static constexpr size_t privNoAccess = 0xF;