blob: b7c6205b2e1afce97effb92f74fc8ed5d2248190 [file] [log] [blame]
/**
* Copyright © 2018 Intel Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "config.h"
#include "settings.hpp"
#include <dlfcn.h>
#include <algorithm>
#include <any>
#include <exception>
#include <forward_list>
#include <host-cmd-manager.hpp>
#include <ipmid-host/cmd.hpp>
#include <ipmid/api.hpp>
#include <ipmid/handler.hpp>
#include <ipmid/message.hpp>
#include <ipmid/oemrouter.hpp>
#include <ipmid/registration.hpp>
#include <map>
#include <memory>
#include <optional>
#include <phosphor-logging/log.hpp>
#include <sdbusplus/asio/connection.hpp>
#include <sdbusplus/asio/object_server.hpp>
#include <sdbusplus/asio/sd_event.hpp>
#include <sdbusplus/bus.hpp>
#include <sdbusplus/bus/match.hpp>
#include <sdbusplus/timer.hpp>
#include <tuple>
#include <types.hpp>
#include <unordered_map>
#include <utility>
#include <vector>
#if __has_include(<filesystem>)
#include <filesystem>
#elif __has_include(<experimental/filesystem>)
#include <experimental/filesystem>
namespace std
{
// splice experimental::filesystem into std
namespace filesystem = std::experimental::filesystem;
} // namespace std
#else
#error filesystem not available
#endif
namespace fs = std::filesystem;
using namespace phosphor::logging;
// Global timer for network changes
std::unique_ptr<phosphor::Timer> networkTimer = nullptr;
// IPMI Spec, shared Reservation ID.
static unsigned short selReservationID = 0xFFFF;
static bool selReservationValid = false;
unsigned short reserveSel(void)
{
// IPMI spec, Reservation ID, the value simply increases against each
// execution of the Reserve SEL command.
if (++selReservationID == 0)
{
selReservationID = 1;
}
selReservationValid = true;
return selReservationID;
}
bool checkSELReservation(unsigned short id)
{
return (selReservationValid && selReservationID == id);
}
void cancelSELReservation(void)
{
selReservationValid = false;
}
EInterfaceIndex getInterfaceIndex(void)
{
return interfaceKCS;
}
sd_bus* bus;
sd_event* events = nullptr;
sd_event* ipmid_get_sd_event_connection(void)
{
return events;
}
sd_bus* ipmid_get_sd_bus_connection(void)
{
return bus;
}
namespace ipmi
{
static inline unsigned int makeCmdKey(unsigned int cluster, unsigned int cmd)
{
return (cluster << 8) | cmd;
}
using HandlerTuple = std::tuple<int, /* prio */
Privilege, HandlerBase::ptr /* handler */
>;
/* map to handle standard registered commands */
static std::unordered_map<unsigned int, /* key is NetFn/Cmd */
HandlerTuple>
handlerMap;
/* special map for decoding Group registered commands (NetFn 2Ch) */
static std::unordered_map<unsigned int, /* key is Group/Cmd (NetFn is 2Ch) */
HandlerTuple>
groupHandlerMap;
/* special map for decoding OEM registered commands (NetFn 2Eh) */
static std::unordered_map<unsigned int, /* key is Iana/Cmd (NetFn is 2Eh) */
HandlerTuple>
oemHandlerMap;
using FilterTuple = std::tuple<int, /* prio */
FilterBase::ptr /* filter */
>;
/* list to hold all registered ipmi command filters */
static std::forward_list<FilterTuple> filterList;
namespace impl
{
/* common function to register all standard IPMI handlers */
bool registerHandler(int prio, NetFn netFn, Cmd cmd, Privilege priv,
HandlerBase::ptr handler)
{
// check for valid NetFn: even; 00-0Ch, 30-3Eh
if (netFn & 1 || (netFn > netFnTransport && netFn < netFnGroup) ||
netFn > netFnOemEight)
{
return false;
}
// create key and value for this handler
unsigned int netFnCmd = makeCmdKey(netFn, cmd);
HandlerTuple item(prio, priv, handler);
// consult the handler map and look for a match
auto& mapCmd = handlerMap[netFnCmd];
if (!std::get<HandlerBase::ptr>(mapCmd) || std::get<int>(mapCmd) <= prio)
{
mapCmd = item;
return true;
}
return false;
}
/* common function to register all Group IPMI handlers */
bool registerGroupHandler(int prio, Group group, Cmd cmd, Privilege priv,
HandlerBase::ptr handler)
{
// create key and value for this handler
unsigned int netFnCmd = makeCmdKey(group, cmd);
HandlerTuple item(prio, priv, handler);
// consult the handler map and look for a match
auto& mapCmd = groupHandlerMap[netFnCmd];
if (!std::get<HandlerBase::ptr>(mapCmd) || std::get<int>(mapCmd) <= prio)
{
mapCmd = item;
return true;
}
return false;
}
/* common function to register all OEM IPMI handlers */
bool registerOemHandler(int prio, Iana iana, Cmd cmd, Privilege priv,
HandlerBase::ptr handler)
{
// create key and value for this handler
unsigned int netFnCmd = makeCmdKey(iana, cmd);
HandlerTuple item(prio, priv, handler);
// consult the handler map and look for a match
auto& mapCmd = oemHandlerMap[netFnCmd];
if (!std::get<HandlerBase::ptr>(mapCmd) || std::get<int>(mapCmd) <= prio)
{
mapCmd = item;
return true;
}
return false;
}
/* common function to register all IPMI filter handlers */
void registerFilter(int prio, FilterBase::ptr filter)
{
// check for initial placement
if (filterList.empty() || std::get<int>(filterList.front()) < prio)
{
filterList.emplace_front(std::make_tuple(prio, filter));
}
// walk the list and put it in the right place
auto j = filterList.begin();
for (auto i = j; i != filterList.end() && std::get<int>(*i) > prio; i++)
{
j = i;
}
filterList.emplace_after(j, std::make_tuple(prio, filter));
}
} // namespace impl
message::Response::ptr filterIpmiCommand(message::Request::ptr request)
{
// pass the command through the filter mechanism
// This can be the firmware firewall or any OEM mechanism like
// whitelist filtering based on operational mode
for (auto& item : filterList)
{
FilterBase::ptr filter = std::get<FilterBase::ptr>(item);
ipmi::Cc cc = filter->call(request);
if (ipmi::ccSuccess != cc)
{
return errorResponse(request, cc);
}
}
return message::Response::ptr();
}
message::Response::ptr executeIpmiCommandCommon(
std::unordered_map<unsigned int, HandlerTuple>& handlers,
unsigned int keyCommon, message::Request::ptr request)
{
// filter the command first; a non-null message::Response::ptr
// means that the message has been rejected for some reason
message::Response::ptr response = filterIpmiCommand(request);
if (response)
{
return response;
}
Cmd cmd = request->ctx->cmd;
unsigned int key = makeCmdKey(keyCommon, cmd);
auto cmdIter = handlers.find(key);
if (cmdIter != handlers.end())
{
HandlerTuple& chosen = cmdIter->second;
if (request->ctx->priv < std::get<Privilege>(chosen))
{
return errorResponse(request, ccInsufficientPrivilege);
}
return std::get<HandlerBase::ptr>(chosen)->call(request);
}
else
{
unsigned int wildcard = makeCmdKey(keyCommon, cmdWildcard);
cmdIter = handlers.find(wildcard);
if (cmdIter != handlers.end())
{
HandlerTuple& chosen = cmdIter->second;
if (request->ctx->priv < std::get<Privilege>(chosen))
{
return errorResponse(request, ccInsufficientPrivilege);
}
return std::get<HandlerBase::ptr>(chosen)->call(request);
}
}
return errorResponse(request, ccInvalidCommand);
}
message::Response::ptr executeIpmiGroupCommand(message::Request::ptr request)
{
// look up the group for this request
Group group;
if (0 != request->payload.unpack(group))
{
return errorResponse(request, ccReqDataLenInvalid);
}
// The handler will need to unpack group as well; we just need it for lookup
request->payload.reset();
message::Response::ptr response =
executeIpmiCommandCommon(groupHandlerMap, group, request);
// if the handler should add the group; executeIpmiCommandCommon does not
if (response->cc != ccSuccess && response->payload.size() == 0)
{
response->pack(group);
}
return response;
}
message::Response::ptr executeIpmiOemCommand(message::Request::ptr request)
{
// look up the iana for this request
Iana iana;
if (0 != request->payload.unpack(iana))
{
return errorResponse(request, ccReqDataLenInvalid);
}
request->payload.reset();
message::Response::ptr response =
executeIpmiCommandCommon(oemHandlerMap, iana, request);
// if the handler should add the iana; executeIpmiCommandCommon does not
if (response->cc != ccSuccess && response->payload.size() == 0)
{
response->pack(iana);
}
return response;
}
message::Response::ptr executeIpmiCommand(message::Request::ptr request)
{
NetFn netFn = request->ctx->netFn;
if (netFnGroup == netFn)
{
return executeIpmiGroupCommand(request);
}
else if (netFnOem == netFn)
{
return executeIpmiOemCommand(request);
}
return executeIpmiCommandCommon(handlerMap, netFn, request);
}
/* called from sdbus async server context */
auto executionEntry(boost::asio::yield_context yield, NetFn netFn, uint8_t lun,
Cmd cmd, std::vector<uint8_t>& data,
std::map<std::string, ipmi::Value>& options)
{
auto ctx = std::make_shared<ipmi::Context>(netFn, cmd, 0, 0,
ipmi::Privilege::Admin, &yield);
auto request = std::make_shared<ipmi::message::Request>(
ctx, std::forward<std::vector<uint8_t>>(data));
message::Response::ptr response = executeIpmiCommand(request);
// Responses in IPMI require a bit set. So there ya go...
netFn |= 0x01;
return std::make_tuple(netFn, lun, cmd, response->cc,
response->payload.raw);
}
/** @struct IpmiProvider
*
* RAII wrapper for dlopen so that dlclose gets called on exit
*/
struct IpmiProvider
{
public:
/** @brief address of the opened library */
void* addr;
std::string name;
IpmiProvider() = delete;
IpmiProvider(const IpmiProvider&) = delete;
IpmiProvider& operator=(const IpmiProvider&) = delete;
IpmiProvider(IpmiProvider&&) = delete;
IpmiProvider& operator=(IpmiProvider&&) = delete;
/** @brief dlopen a shared object file by path
* @param[in] filename - path of shared object to open
*/
explicit IpmiProvider(const char* fname) : addr(nullptr), name(fname)
{
log<level::DEBUG>("Open IPMI provider library",
entry("PROVIDER=%s", name.c_str()));
try
{
addr = dlopen(name.c_str(), RTLD_NOW);
}
catch (std::exception& e)
{
log<level::ERR>("ERROR opening IPMI provider",
entry("PROVIDER=%s", name.c_str()),
entry("ERROR=%s", e.what()));
}
catch (...)
{
std::exception_ptr eptr = std::current_exception();
try
{
std::rethrow_exception(eptr);
}
catch (std::exception& e)
{
log<level::ERR>("ERROR opening IPMI provider",
entry("PROVIDER=%s", name.c_str()),
entry("ERROR=%s", e.what()));
}
}
if (!isOpen())
{
log<level::ERR>("ERROR opening IPMI provider",
entry("PROVIDER=%s", name.c_str()),
entry("ERROR=%s", dlerror()));
}
}
~IpmiProvider()
{
if (isOpen())
{
dlclose(addr);
}
}
bool isOpen() const
{
return (nullptr != addr);
}
};
// Plugin libraries need to contain .so either at the end or in the middle
constexpr const char ipmiPluginExtn[] = ".so";
/* return a list of self-closing library handles */
std::forward_list<IpmiProvider> loadProviders(const fs::path& ipmiLibsPath)
{
std::vector<fs::path> libs;
for (const auto& libPath : fs::directory_iterator(ipmiLibsPath))
{
fs::path fname = libPath.path();
while (fname.has_extension())
{
fs::path extn = fname.extension();
if (extn == ipmiPluginExtn)
{
libs.push_back(libPath.path());
break;
}
fname.replace_extension();
}
}
std::sort(libs.begin(), libs.end());
std::forward_list<IpmiProvider> handles;
for (auto& lib : libs)
{
#ifdef __IPMI_DEBUG__
log<level::DEBUG>("Registering handler",
entry("HANDLER=%s", lib.c_str()));
#endif
handles.emplace_front(lib.c_str());
}
return handles;
}
} // namespace ipmi
static std::shared_ptr<boost::asio::io_service> io;
std::shared_ptr<boost::asio::io_service> getIoService()
{
return io;
}
static std::shared_ptr<sdbusplus::asio::connection> sdbusp;
std::shared_ptr<sdbusplus::asio::connection> getSdBus()
{
return sdbusp;
}
#ifdef ALLOW_DEPRECATED_API
/* legacy registration */
void ipmi_register_callback(ipmi_netfn_t netFn, ipmi_cmd_t cmd,
ipmi_context_t context, ipmid_callback_t handler,
ipmi_cmd_privilege_t priv)
{
auto h = ipmi::makeLegacyHandler(handler);
// translate priv from deprecated enum to current
ipmi::Privilege realPriv;
switch (priv)
{
case PRIVILEGE_CALLBACK:
realPriv = ipmi::Privilege::Callback;
break;
case PRIVILEGE_USER:
realPriv = ipmi::Privilege::User;
break;
case PRIVILEGE_OPERATOR:
realPriv = ipmi::Privilege::Operator;
break;
case PRIVILEGE_ADMIN:
realPriv = ipmi::Privilege::Admin;
break;
case PRIVILEGE_OEM:
realPriv = ipmi::Privilege::Oem;
break;
case SYSTEM_INTERFACE:
realPriv = ipmi::Privilege::Admin;
break;
default:
realPriv = ipmi::Privilege::Admin;
break;
}
ipmi::impl::registerHandler(ipmi::prioOpenBmcBase, netFn, cmd, realPriv, h);
}
namespace oem
{
class LegacyRouter : public oem::Router
{
public:
virtual ~LegacyRouter()
{
}
/// Enable message routing to begin.
void activate() override
{
}
void registerHandler(Number oen, ipmi_cmd_t cmd, Handler handler) override
{
auto h = ipmi::makeLegacyHandler(std::forward<Handler>(handler));
ipmi::impl::registerOemHandler(ipmi::prioOpenBmcBase, oen, cmd,
ipmi::Privilege::Admin, h);
}
};
static LegacyRouter legacyRouter;
Router* mutableRouter()
{
return &legacyRouter;
}
} // namespace oem
/* legacy alternative to executionEntry */
void handleLegacyIpmiCommand(sdbusplus::message::message& m)
{
unsigned char seq, netFn, lun, cmd;
std::vector<uint8_t> data;
m.read(seq, netFn, lun, cmd, data);
auto ctx = std::make_shared<ipmi::Context>(netFn, cmd, 0, 0,
ipmi::Privilege::Admin);
auto request = std::make_shared<ipmi::message::Request>(
ctx, std::forward<std::vector<uint8_t>>(data));
ipmi::message::Response::ptr response = ipmi::executeIpmiCommand(request);
// Responses in IPMI require a bit set. So there ya go...
netFn |= 0x01;
const char *dest, *path;
constexpr const char* DBUS_INTF = "org.openbmc.HostIpmi";
dest = m.get_sender();
path = m.get_path();
sdbusp->async_method_call([](boost::system::error_code ec) {}, dest, path,
DBUS_INTF, "sendMessage", seq, netFn, lun, cmd,
response->cc, response->payload.raw);
}
#endif /* ALLOW_DEPRECATED_API */
// Calls host command manager to do the right thing for the command
using CommandHandler = phosphor::host::command::CommandHandler;
std::unique_ptr<phosphor::host::command::Manager> cmdManager;
void ipmid_send_cmd_to_host(CommandHandler&& cmd)
{
return cmdManager->execute(std::move(cmd));
}
std::unique_ptr<phosphor::host::command::Manager>& ipmid_get_host_cmd_manager()
{
return cmdManager;
}
int main(int argc, char* argv[])
{
// Connect to system bus
io = std::make_shared<boost::asio::io_service>();
if (argc > 1 && std::string(argv[1]) == "-session")
{
sd_bus_default_user(&bus);
}
else
{
sd_bus_default_system(&bus);
}
sdbusp = std::make_shared<sdbusplus::asio::connection>(*io, bus);
sdbusp->request_name("xyz.openbmc_project.Ipmi.Host");
// TODO: Hack to keep the sdEvents running.... Not sure why the sd_event
// queue stops running if we don't have a timer that keeps re-arming
phosphor::Timer t2([]() { ; });
t2.start(std::chrono::microseconds(500000), true);
// TODO: Remove all vestiges of sd_event from phosphor-host-ipmid
// until that is done, add the sd_event wrapper to the io object
sdbusplus::asio::sd_event_wrapper sdEvents(*io);
cmdManager = std::make_unique<phosphor::host::command::Manager>(*sdbusp);
// Register all command providers and filters
auto handles = ipmi::loadProviders(HOST_IPMI_LIB_PATH);
// Add bindings for inbound IPMI requests
auto server = sdbusplus::asio::object_server(sdbusp);
auto iface = server.add_interface("/xyz/openbmc_project/Ipmi",
"xyz.openbmc_project.Ipmi.Server");
iface->register_method("execute", ipmi::executionEntry);
iface->initialize();
#ifdef ALLOW_DEPRECATED_API
// listen on deprecated signal interface for kcs/bt commands
constexpr const char* FILTER = "type='signal',interface='org.openbmc."
"HostIpmi',member='ReceivedMessage'";
sdbusplus::bus::match::match oldIpmiInterface(*sdbusp, FILTER,
handleLegacyIpmiCommand);
#endif /* ALLOW_DEPRECATED_API */
io->run();
// This avoids a warning about unused variables
handles.clear();
return 0;
}