Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-host-ipmid / 02650d53027326ed9b24a58b23596a74e5456654 / . / user_channel / user_layer.hpp
blob: 7926c594636eab7112befa260554f3fb7c939135 [file] [log] [blame]
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]1/*
2// Copyright (c) 2018 Intel Corporation
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15*/
16#pragma once
William A. Kennington III194375f2018-12-14 02:14:33 -0800[diff] [blame]17#include <ipmid/api.h>
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]18
19#include <string>
20
21namespace ipmi
22{
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]23
24// TODO: Has to be replaced with proper channel number assignment logic
Richard Marian Thomaiyar6e1ba9e2018-11-29 06:29:21 +0530[diff] [blame]25/**
26 * @enum Channel Id
27 */
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]28enum class EChannelID : uint8_t
29{
30 chanLan1 = 0x01
31};
32
33static constexpr uint8_t invalidUserId = 0xFF;
34static constexpr uint8_t reservedUserId = 0x0;
35static constexpr uint8_t ipmiMaxUserName = 16;
36static constexpr uint8_t ipmiMaxUsers = 15;
37static constexpr uint8_t ipmiMaxChannels = 16;
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]38static constexpr uint8_t maxIpmi20PasswordSize = 20;
39static constexpr uint8_t maxIpmi15PasswordSize = 16;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]40
Richard Marian Thomaiyar6e1ba9e2018-11-29 06:29:21 +0530[diff] [blame]41/** @struct PrivAccess
42 *
43 * User privilege related access data as per IPMI specification.(refer spec
44 * sec 22.26)
45 */
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]46struct PrivAccess
47{
48#if BYTE_ORDER == LITTLE_ENDIAN
49 uint8_t privilege : 4;
50 uint8_t ipmiEnabled : 1;
51 uint8_t linkAuthEnabled : 1;
52 uint8_t accessCallback : 1;
53 uint8_t reserved : 1;
54#endif
55#if BYTE_ORDER == BIG_ENDIAN
56 uint8_t reserved : 1;
57 uint8_t accessCallback : 1;
58 uint8_t linkAuthEnabled : 1;
59 uint8_t ipmiEnabled : 1;
60 uint8_t privilege : 4;
61#endif
62} __attribute__((packed));
63
64/** @brief initializes user management
65 *
66 * @return IPMI_CC_OK for success, others for failure.
67 */
68ipmi_ret_t ipmiUserInit();
69
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]70/** @brief The ipmi get user password layer call
71 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]72 * @param[in] userName - user name
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]73 *
74 * @return password or empty string
75 */
76std::string ipmiUserGetPassword(const std::string& userName);
77
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]78/** @brief The IPMI call to clear password entry associated with specified
79 * username
80 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]81 * @param[in] userName - user name to be removed
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]82 *
83 * @return 0 on success, non-zero otherwise.
84 */
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]85ipmi_ret_t ipmiClearUserEntryPassword(const std::string& userName);
86
87/** @brief The IPMI call to reuse password entry for the renamed user
88 * to another one
89 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]90 * @param[in] userName - user name which has to be renamed
91 * @param[in] newUserName - new user name
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]92 *
93 * @return 0 on success, non-zero otherwise.
94 */
95ipmi_ret_t ipmiRenameUserEntryPassword(const std::string& userName,
96 const std::string& newUserName);
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]97
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]98/** @brief determines valid userId
99 *
100 * @param[in] userId - user id
101 *
102 * @return true if valid, false otherwise
103 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]104bool ipmiUserIsValidUserId(const uint8_t userId);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]105
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]106/** @brief determines valid privilege level
107 *
108 * @param[in] priv - privilege level
109 *
110 * @return true if valid, false otherwise
111 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]112bool ipmiUserIsValidPrivilege(const uint8_t priv);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]113
114/** @brief get user id corresponding to the user name
115 *
116 * @param[in] userName - user name
117 *
118 * @return userid. Will return 0xff if no user id found
119 */
120uint8_t ipmiUserGetUserId(const std::string& userName);
121
122/** @brief set's user name
123 *
124 * @param[in] userId - user id
125 * @param[in] userName - user name
126 *
127 * @return IPMI_CC_OK for success, others for failure.
128 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]129ipmi_ret_t ipmiUserSetUserName(const uint8_t userId, const char* userName);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]130
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]131/** @brief set user password
132 *
133 * @param[in] userId - user id
134 * @param[in] userPassword - New Password
135 *
136 * @return IPMI_CC_OK for success, others for failure.
137 */
138ipmi_ret_t ipmiUserSetUserPassword(const uint8_t userId,
139 const char* userPassword);
140
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530[diff] [blame]141/** @brief set special user password (non-ipmi accounts)
142 *
143 * @param[in] userName - user name
144 * @param[in] userPassword - New Password
145 *
146 * @return IPMI_CC_OK for success, others for failure.
147 */
148ipmi_ret_t ipmiSetSpecialUserPassword(const std::string& userName,
149 const std::string& userPassword);
150
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]151/** @brief get user name
152 *
153 * @param[in] userId - user id
154 * @param[out] userName - user name
155 *
156 * @return IPMI_CC_OK for success, others for failure.
157 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]158ipmi_ret_t ipmiUserGetUserName(const uint8_t userId, std::string& userName);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]159
160/** @brief provides available fixed, max, and enabled user counts
161 *
162 * @param[out] maxChUsers - max channel users
163 * @param[out] enabledUsers - enabled user count
164 * @param[out] fixedUsers - fixed user count
165 *
166 * @return IPMI_CC_OK for success, others for failure.
167 */
168ipmi_ret_t ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers,
169 uint8_t& fixedUsers);
170
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]171/** @brief function to update user enabled state
172 *
173 * @param[in] userId - user id
174 *..@param[in] state - state of the user to be updated, true - user enabled.
175 *
176 * @return IPMI_CC_OK for success, others for failure.
177 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]178ipmi_ret_t ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state);
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]179
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]180/** @brief determines whether user is enabled
181 *
182 * @param[in] userId - user id
183 *..@param[out] state - state of the user
184 *
185 * @return IPMI_CC_OK for success, others for failure.
186 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]187ipmi_ret_t ipmiUserCheckEnabled(const uint8_t userId, bool& state);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]188
189/** @brief provides user privilege access data
190 *
191 * @param[in] userId - user id
192 * @param[in] chNum - channel number
193 * @param[out] privAccess - privilege access data
194 *
195 * @return IPMI_CC_OK for success, others for failure.
196 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]197ipmi_ret_t ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]198 PrivAccess& privAccess);
199
200/** @brief sets user privilege access data
201 *
202 * @param[in] userId - user id
203 * @param[in] chNum - channel number
204 * @param[in] privAccess - privilege access data
205 * @param[in] otherPrivUpdate - flags to indicate other fields update
206 *
207 * @return IPMI_CC_OK for success, others for failure.
208 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]209ipmi_ret_t ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]210 const PrivAccess& privAccess,
211 const bool& otherPrivUpdate);
212
Ayushi Smriti02650d52019-05-15 11:59:09 +0000[diff] [blame^]213/** @brief check for user pam authentication. This is to determine, whether user
214 * is already locked out for failed login attempt
215 *
216 * @param[in] username - username
217 * @param[in] password - password
218 *
219 * @return status
220 */
221bool ipmiUserPamAuthenticate(std::string_view userName,
222 std::string_view userPassword);
223
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]224} // namespace ipmi