Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-host-ipmid / a440cd420bf12d3e6414eb40a3a76a9637f29ca6 / . / app / channel.cpp
blob: c22bd8ddeb23df02f8b94d07fe26861c79b2c359 [file] [log] [blame]
Patrick Venture5794fcf2017-10-26 11:11:14 -0700[diff] [blame]1#include "channel.hpp"
Patrick Venture5794fcf2017-10-26 11:11:14 -0700[diff] [blame]2
Johnathan Mantey74a21022018-12-13 13:17:56 -0800[diff] [blame]3#include "user_channel/channel_layer.hpp"
Patrick Venture0b02be92018-08-31 11:55:55 -0700[diff] [blame]4
Patrick Venture5794fcf2017-10-26 11:11:14 -0700[diff] [blame]5#include <arpa/inet.h>
6
Tom Joseph13227682018-08-10 01:05:21 +0530[diff] [blame]7#include <boost/process/child.hpp>
Vernon Mauery33250242019-03-12 16:49:26 -0700[diff] [blame]8#include <ipmid/types.hpp>
Vernon Mauery6a98fe72019-03-11 15:57:48 -0700[diff] [blame]9#include <ipmid/utils.hpp>
Patrick Venture5794fcf2017-10-26 11:11:14 -0700[diff] [blame]10#include <phosphor-logging/elog-errors.hpp>
Patrick Venture0b02be92018-08-31 11:55:55 -0700[diff] [blame]11#include <phosphor-logging/log.hpp>
Patrick Williamsfbc6c9d2023-05-10 07:50:16 -0500[diff] [blame]12#include <xyz/openbmc_project/Common/error.hpp>
13
14#include <fstream>
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]15#include <set>
Patrick Venture0b02be92018-08-31 11:55:55 -0700[diff] [blame]16#include <string>
Patrick Venture5794fcf2017-10-26 11:11:14 -0700[diff] [blame]17
18using namespace phosphor::logging;
Willy Tu523e2d12023-09-05 11:36:48 -0700[diff] [blame]19using namespace sdbusplus::error::xyz::openbmc_project::common;
Patrick Venture5794fcf2017-10-26 11:11:14 -0700[diff] [blame]20
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]21namespace cipher
22{
23
24/** @brief Get the supported Cipher records
25 *
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]26 * The cipher records are read from the JSON file and converted into
27 * 1. cipher suite record format mentioned in the IPMI specification. The
28 * records can be either OEM or standard cipher. Each json entry is parsed and
29 * converted into the cipher record format and pushed into the vector.
30 * 2. Algorithms listed in vector format
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]31 *
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]32 * @return pair of vector containing 1. all the cipher suite records. 2.
33 * Algorithms supported
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]34 *
35 */
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]36std::pair<std::vector<uint8_t>, std::vector<uint8_t>> getCipherRecords()
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]37{
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]38 std::vector<uint8_t> cipherRecords;
39 std::vector<uint8_t> supportedAlgorithmRecords;
40 // create set to get the unique supported algorithms
41 std::set<uint8_t> supportedAlgorithmSet;
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]42
43 std::ifstream jsonFile(configFile);
44 if (!jsonFile.is_open())
45 {
46 log<level::ERR>("Channel Cipher suites file not found");
47 elog<InternalFailure>();
48 }
49
50 auto data = Json::parse(jsonFile, nullptr, false);
51 if (data.is_discarded())
52 {
53 log<level::ERR>("Parsing channel cipher suites JSON failed");
54 elog<InternalFailure>();
55 }
56
57 for (const auto& record : data)
58 {
59 if (record.find(oem) != record.end())
60 {
61 // OEM cipher suite - 0xC1
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]62 cipherRecords.push_back(oemCipherSuite);
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]63 // Cipher Suite ID
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]64 cipherRecords.push_back(record.value(cipher, 0));
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]65 // OEM IANA - 3 bytes
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]66 cipherRecords.push_back(record.value(oem, 0));
67 cipherRecords.push_back(record.value(oem, 0) >> 8);
68 cipherRecords.push_back(record.value(oem, 0) >> 16);
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]69 }
70 else
71 {
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]72 // Standard cipher suite - 0xC0
73 cipherRecords.push_back(stdCipherSuite);
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]74 // Cipher Suite ID
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]75 cipherRecords.push_back(record.value(cipher, 0));
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]76 }
77
78 // Authentication algorithm number
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]79 cipherRecords.push_back(record.value(auth, 0));
80 supportedAlgorithmSet.insert(record.value(auth, 0));
81
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]82 // Integrity algorithm number
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]83 cipherRecords.push_back(record.value(integrity, 0) | integrityTag);
84 supportedAlgorithmSet.insert(record.value(integrity, 0) | integrityTag);
85
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]86 // Confidentiality algorithm number
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]87 cipherRecords.push_back(record.value(conf, 0) | confTag);
88 supportedAlgorithmSet.insert(record.value(conf, 0) | confTag);
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]89 }
90
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]91 // copy the set to supportedAlgorithmRecord which is vector based.
92 std::copy(supportedAlgorithmSet.begin(), supportedAlgorithmSet.end(),
93 std::back_inserter(supportedAlgorithmRecords));
94
95 return std::make_pair(cipherRecords, supportedAlgorithmRecords);
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]96}
97
Patrick Venture0b02be92018-08-31 11:55:55 -0700[diff] [blame]98} // namespace cipher
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]99
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]100/** @brief this command is used to look up what authentication, integrity,
101 * confidentiality algorithms are supported.
102 *
103 * @ param ctx - context pointer
104 * @ param channelNumber - channel number
105 * @ param payloadType - payload type
106 * @ param listIndex - list index
107 * @ param algoSelectBit - list algorithms
108 *
109 * @returns ipmi completion code plus response data
110 * - rspChannel - channel number for authentication algorithm.
111 * - rspRecords - cipher suite records.
112 **/
113ipmi::RspType<uint8_t, // Channel Number
114 std::vector<uint8_t> // Cipher Records
115 >
116 getChannelCipherSuites(ipmi::Context::ptr ctx, uint4_t channelNumber,
117 uint4_t reserved1, uint8_t payloadType,
118 uint6_t listIndex, uint1_t reserved2,
119 uint1_t algoSelectBit)
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]120{
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]121 static std::vector<uint8_t> cipherRecords;
122 static std::vector<uint8_t> supportedAlgorithms;
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]123 static auto recordInit = false;
124
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]125 uint8_t rspChannel = ipmi::convertCurrentChannelNum(
126 static_cast<uint8_t>(channelNumber), ctx->channel);
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]127
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]128 if (!ipmi::isValidChannel(rspChannel) || reserved1 != 0 || reserved2 != 0)
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]129 {
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]130 return ipmi::responseInvalidFieldRequest();
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]131 }
jayaprakash Mutyala69daefa2019-10-03 19:36:49 +0000[diff] [blame]132 if (!ipmi::isValidPayloadType(static_cast<ipmi::PayloadType>(payloadType)))
133 {
134 log<level::DEBUG>("Get channel cipher suites - Invalid payload type");
135 constexpr uint8_t ccPayloadTypeNotSupported = 0x80;
136 return ipmi::response(ccPayloadTypeNotSupported);
137 }
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]138
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]139 if (!recordInit)
140 {
141 try
142 {
Patrick Williamsfbc6c9d2023-05-10 07:50:16 -0500[diff] [blame]143 std::tie(cipherRecords,
144 supportedAlgorithms) = cipher::getCipherRecords();
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]145 recordInit = true;
146 }
Patrick Venture0b02be92018-08-31 11:55:55 -0700[diff] [blame]147 catch (const std::exception& e)
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]148 {
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]149 return ipmi::responseUnspecifiedError();
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]150 }
151 }
152
Patrick Williamsfbc6c9d2023-05-10 07:50:16 -0500[diff] [blame]153 const std::vector<uint8_t>& records = algoSelectBit ? cipherRecords
154 : supportedAlgorithms;
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]155 static constexpr auto respSize = 16;
Richard Marian Thomaiyarf301f042019-01-16 15:56:16 +0530[diff] [blame]156
Ayushi Smritid7dadc22019-09-03 11:43:45 +0530[diff] [blame]157 // Session support is available in active LAN channels.
158 if ((ipmi::getChannelSessionSupport(rspChannel) ==
159 ipmi::EChannelSessSupported::none) ||
160 !(ipmi::doesDeviceExist(rspChannel)))
161 {
162 log<level::DEBUG>("Get channel cipher suites - Device does not exist");
163 return ipmi::responseInvalidFieldRequest();
164 }
165
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]166 // List index(00h-3Fh), 0h selects the first set of 16, 1h selects the next
167 // set of 16 and so on.
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]168
169 // Calculate the number of record data bytes to be returned.
Patrick Williamsfbc6c9d2023-05-10 07:50:16 -0500[diff] [blame]170 auto start = std::min(static_cast<size_t>(listIndex) * respSize,
171 records.size());
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]172 auto end = std::min((static_cast<size_t>(listIndex) * respSize) + respSize,
173 records.size());
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]174 auto size = end - start;
175
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]176 std::vector<uint8_t> rspRecords;
177 std::copy_n(records.data() + start, size, std::back_inserter(rspRecords));
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]178
Ayushi Smriti5c3b72c2019-08-30 13:47:31 +0000[diff] [blame]179 return ipmi::responseSuccess(rspChannel, rspRecords);
Tom Joseph7cbe2282018-03-21 21:17:33 +0530[diff] [blame]180}