Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-host-ipmid / 1e22a0f1a0348846eb56f534f101776dc445b764 / . / user_channel / user_layer.hpp
blob: 82e0d31f3a59acd9385bb92f580141c189d129b3 [file] [log] [blame]
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]1/*
2// Copyright (c) 2018 Intel Corporation
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15*/
16#pragma once
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]17
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]18#include <bitset>
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]19#include <ipmid/api.hpp>
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700[diff] [blame^]20#include <ipmid/types.hpp>
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]21#include <string>
22
23namespace ipmi
24{
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]25
26// TODO: Has to be replaced with proper channel number assignment logic
Richard Marian Thomaiyar6e1ba9e2018-11-29 06:29:21 +0530[diff] [blame]27/**
28 * @enum Channel Id
29 */
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]30enum class EChannelID : uint8_t
31{
32 chanLan1 = 0x01
33};
34
35static constexpr uint8_t invalidUserId = 0xFF;
36static constexpr uint8_t reservedUserId = 0x0;
37static constexpr uint8_t ipmiMaxUserName = 16;
38static constexpr uint8_t ipmiMaxUsers = 15;
39static constexpr uint8_t ipmiMaxChannels = 16;
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]40static constexpr uint8_t maxIpmi20PasswordSize = 20;
41static constexpr uint8_t maxIpmi15PasswordSize = 16;
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]42static constexpr uint8_t payloadsPerByte = 8;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]43
Richard Marian Thomaiyar6e1ba9e2018-11-29 06:29:21 +0530[diff] [blame]44/** @struct PrivAccess
45 *
46 * User privilege related access data as per IPMI specification.(refer spec
47 * sec 22.26)
48 */
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]49struct PrivAccess
50{
51#if BYTE_ORDER == LITTLE_ENDIAN
52 uint8_t privilege : 4;
53 uint8_t ipmiEnabled : 1;
54 uint8_t linkAuthEnabled : 1;
55 uint8_t accessCallback : 1;
56 uint8_t reserved : 1;
57#endif
58#if BYTE_ORDER == BIG_ENDIAN
59 uint8_t reserved : 1;
60 uint8_t accessCallback : 1;
61 uint8_t linkAuthEnabled : 1;
62 uint8_t ipmiEnabled : 1;
63 uint8_t privilege : 4;
64#endif
65} __attribute__((packed));
66
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]67/** @struct UserPayloadAccess
68 *
69 * Structure to denote payload access restrictions applicable for a
70 * given user and channel. (refer spec sec 24.6)
71 */
72struct PayloadAccess
73{
74 std::bitset<payloadsPerByte> stdPayloadEnables1;
75 std::bitset<payloadsPerByte> stdPayloadEnables2Reserved;
76 std::bitset<payloadsPerByte> oemPayloadEnables1;
77 std::bitset<payloadsPerByte> oemPayloadEnables2Reserved;
78};
79
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]80/** @brief initializes user management
81 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]82 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]83 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]84Cc ipmiUserInit();
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]85
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]86/** @brief The ipmi get user password layer call
87 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]88 * @param[in] userName - user name
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]89 *
90 * @return password or empty string
91 */
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700[diff] [blame^]92SecureString ipmiUserGetPassword(const std::string& userName);
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]93
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]94/** @brief The IPMI call to clear password entry associated with specified
95 * username
96 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]97 * @param[in] userName - user name to be removed
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]98 *
99 * @return 0 on success, non-zero otherwise.
100 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]101Cc ipmiClearUserEntryPassword(const std::string& userName);
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]102
103/** @brief The IPMI call to reuse password entry for the renamed user
104 * to another one
105 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]106 * @param[in] userName - user name which has to be renamed
107 * @param[in] newUserName - new user name
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]108 *
109 * @return 0 on success, non-zero otherwise.
110 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]111Cc ipmiRenameUserEntryPassword(const std::string& userName,
112 const std::string& newUserName);
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]113
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]114/** @brief determines valid userId
115 *
116 * @param[in] userId - user id
117 *
118 * @return true if valid, false otherwise
119 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]120bool ipmiUserIsValidUserId(const uint8_t userId);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]121
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]122/** @brief determines valid privilege level
123 *
124 * @param[in] priv - privilege level
125 *
126 * @return true if valid, false otherwise
127 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]128bool ipmiUserIsValidPrivilege(const uint8_t priv);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]129
130/** @brief get user id corresponding to the user name
131 *
132 * @param[in] userName - user name
133 *
134 * @return userid. Will return 0xff if no user id found
135 */
136uint8_t ipmiUserGetUserId(const std::string& userName);
137
138/** @brief set's user name
jayaprakash Mutyalacdcdf2b2020-03-28 00:12:05 +0000[diff] [blame]139 * This API is deprecated
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]140 */
jayaprakash Mutyalacdcdf2b2020-03-28 00:12:05 +0000[diff] [blame]141Cc ipmiUserSetUserName(const uint8_t userId, const char* userName)
142 __attribute__((deprecated));
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]143
jayaprakash Mutyala76363302020-02-14 23:50:38 +0000[diff] [blame]144/** @brief set's user name
145 *
146 * @param[in] userId - user id
147 * @param[in] userName - user name
148 *
149 * @return ccSuccess for success, others for failure.
150 */
151Cc ipmiUserSetUserName(const uint8_t userId, const std::string& userName);
152
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]153/** @brief set user password
154 *
155 * @param[in] userId - user id
156 * @param[in] userPassword - New Password
157 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]158 * @return ccSuccess for success, others for failure.
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]159 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]160Cc ipmiUserSetUserPassword(const uint8_t userId, const char* userPassword);
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]161
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530[diff] [blame]162/** @brief set special user password (non-ipmi accounts)
163 *
164 * @param[in] userName - user name
165 * @param[in] userPassword - New Password
166 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]167 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530[diff] [blame]168 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]169Cc ipmiSetSpecialUserPassword(const std::string& userName,
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700[diff] [blame^]170 const SecureString& userPassword);
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530[diff] [blame]171
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]172/** @brief get user name
173 *
174 * @param[in] userId - user id
175 * @param[out] userName - user name
176 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]177 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]178 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]179Cc ipmiUserGetUserName(const uint8_t userId, std::string& userName);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]180
181/** @brief provides available fixed, max, and enabled user counts
182 *
183 * @param[out] maxChUsers - max channel users
184 * @param[out] enabledUsers - enabled user count
185 * @param[out] fixedUsers - fixed user count
186 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]187 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]188 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]189Cc ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers,
190 uint8_t& fixedUsers);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]191
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]192/** @brief function to update user enabled state
193 *
194 * @param[in] userId - user id
195 *..@param[in] state - state of the user to be updated, true - user enabled.
196 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]197 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]198 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]199Cc ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state);
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]200
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]201/** @brief determines whether user is enabled
202 *
203 * @param[in] userId - user id
204 *..@param[out] state - state of the user
205 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]206 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]207 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]208Cc ipmiUserCheckEnabled(const uint8_t userId, bool& state);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]209
210/** @brief provides user privilege access data
211 *
212 * @param[in] userId - user id
213 * @param[in] chNum - channel number
214 * @param[out] privAccess - privilege access data
215 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]216 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]217 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]218Cc ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
219 PrivAccess& privAccess);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]220
221/** @brief sets user privilege access data
222 *
223 * @param[in] userId - user id
224 * @param[in] chNum - channel number
225 * @param[in] privAccess - privilege access data
226 * @param[in] otherPrivUpdate - flags to indicate other fields update
227 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]228 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]229 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]230Cc ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
231 const PrivAccess& privAccess,
232 const bool& otherPrivUpdate);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]233
Ayushi Smriti02650d52019-05-15 11:59:09 +0000[diff] [blame]234/** @brief check for user pam authentication. This is to determine, whether user
235 * is already locked out for failed login attempt
236 *
237 * @param[in] username - username
238 * @param[in] password - password
239 *
240 * @return status
241 */
242bool ipmiUserPamAuthenticate(std::string_view userName,
243 std::string_view userPassword);
244
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]245/** @brief sets user payload access data
246 *
247 * @param[in] chNum - channel number
248 * @param[in] operation - ENABLE / DISABLE operation
249 * @param[in] userId - user id
250 * @param[in] payloadAccess - payload access data
251 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]252 * @return ccSuccess for success, others for failure.
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]253 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]254Cc ipmiUserSetUserPayloadAccess(const uint8_t chNum, const uint8_t operation,
255 const uint8_t userId,
256 const PayloadAccess& payloadAccess);
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]257
258/** @brief provides user payload access data
259 *
260 * @param[in] chNum - channel number
261 * @param[in] userId - user id
262 * @param[out] payloadAccess - payload access data
263 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]264 * @return ccSuccess for success, others for failure.
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]265 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]266Cc ipmiUserGetUserPayloadAccess(const uint8_t chNum, const uint8_t userId,
267 PayloadAccess& payloadAccess);
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]268
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]269} // namespace ipmi