Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-host-ipmid / f60be6943395f0d9283debc6e5fc558b7fca89ef / . / user_channel / user_layer.hpp
blob: ad215e394297a8c7b4c3556beaa598ca9544b15b [file] [log] [blame]
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]1/*
2// Copyright (c) 2018 Intel Corporation
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15*/
16#pragma once
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]17
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]18#include <ipmid/api.hpp>
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700[diff] [blame]19#include <ipmid/types.hpp>
Patrick Williamsfbc6c9d2023-05-10 07:50:16 -0500[diff] [blame]20
21#include <bitset>
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]22#include <string>
23
24namespace ipmi
25{
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]26
27// TODO: Has to be replaced with proper channel number assignment logic
Richard Marian Thomaiyar6e1ba9e2018-11-29 06:29:21 +0530[diff] [blame]28/**
29 * @enum Channel Id
30 */
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]31enum class EChannelID : uint8_t
32{
33 chanLan1 = 0x01
34};
35
36static constexpr uint8_t invalidUserId = 0xFF;
37static constexpr uint8_t reservedUserId = 0x0;
38static constexpr uint8_t ipmiMaxUserName = 16;
39static constexpr uint8_t ipmiMaxUsers = 15;
40static constexpr uint8_t ipmiMaxChannels = 16;
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]41static constexpr uint8_t maxIpmi20PasswordSize = 20;
42static constexpr uint8_t maxIpmi15PasswordSize = 16;
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]43static constexpr uint8_t payloadsPerByte = 8;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]44
Richard Marian Thomaiyar6e1ba9e2018-11-29 06:29:21 +0530[diff] [blame]45/** @struct PrivAccess
46 *
47 * User privilege related access data as per IPMI specification.(refer spec
48 * sec 22.26)
49 */
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]50struct PrivAccess
51{
52#if BYTE_ORDER == LITTLE_ENDIAN
Patrick Williams369824e2023-10-20 11:18:23 -0500[diff] [blame]53 uint8_t privilege:4;
54 uint8_t ipmiEnabled:1;
55 uint8_t linkAuthEnabled:1;
56 uint8_t accessCallback:1;
57 uint8_t reserved:1;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]58#endif
59#if BYTE_ORDER == BIG_ENDIAN
Patrick Williams369824e2023-10-20 11:18:23 -0500[diff] [blame]60 uint8_t reserved:1;
61 uint8_t accessCallback:1;
62 uint8_t linkAuthEnabled:1;
63 uint8_t ipmiEnabled:1;
64 uint8_t privilege:4;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]65#endif
66} __attribute__((packed));
67
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]68/** @struct UserPayloadAccess
69 *
70 * Structure to denote payload access restrictions applicable for a
71 * given user and channel. (refer spec sec 24.6)
72 */
73struct PayloadAccess
74{
75 std::bitset<payloadsPerByte> stdPayloadEnables1;
76 std::bitset<payloadsPerByte> stdPayloadEnables2Reserved;
77 std::bitset<payloadsPerByte> oemPayloadEnables1;
78 std::bitset<payloadsPerByte> oemPayloadEnables2Reserved;
79};
80
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]81/** @brief initializes user management
82 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]83 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]84 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]85Cc ipmiUserInit();
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]86
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]87/** @brief The ipmi get user password layer call
88 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]89 * @param[in] userName - user name
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]90 *
91 * @return password or empty string
92 */
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700[diff] [blame]93SecureString ipmiUserGetPassword(const std::string& userName);
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]94
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]95/** @brief The IPMI call to clear password entry associated with specified
96 * username
97 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]98 * @param[in] userName - user name to be removed
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]99 *
100 * @return 0 on success, non-zero otherwise.
101 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]102Cc ipmiClearUserEntryPassword(const std::string& userName);
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]103
104/** @brief The IPMI call to reuse password entry for the renamed user
105 * to another one
106 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]107 * @param[in] userName - user name which has to be renamed
108 * @param[in] newUserName - new user name
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]109 *
110 * @return 0 on success, non-zero otherwise.
111 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]112Cc ipmiRenameUserEntryPassword(const std::string& userName,
113 const std::string& newUserName);
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]114
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]115/** @brief determines valid userId
116 *
117 * @param[in] userId - user id
118 *
119 * @return true if valid, false otherwise
120 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]121bool ipmiUserIsValidUserId(const uint8_t userId);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]122
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]123/** @brief determines valid privilege level
124 *
125 * @param[in] priv - privilege level
126 *
127 * @return true if valid, false otherwise
128 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]129bool ipmiUserIsValidPrivilege(const uint8_t priv);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]130
131/** @brief get user id corresponding to the user name
132 *
133 * @param[in] userName - user name
134 *
135 * @return userid. Will return 0xff if no user id found
136 */
137uint8_t ipmiUserGetUserId(const std::string& userName);
138
139/** @brief set's user name
jayaprakash Mutyalacdcdf2b2020-03-28 00:12:05 +0000[diff] [blame]140 * This API is deprecated
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]141 */
jayaprakash Mutyalacdcdf2b2020-03-28 00:12:05 +0000[diff] [blame]142Cc ipmiUserSetUserName(const uint8_t userId, const char* userName)
143 __attribute__((deprecated));
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]144
jayaprakash Mutyala76363302020-02-14 23:50:38 +0000[diff] [blame]145/** @brief set's user name
146 *
147 * @param[in] userId - user id
148 * @param[in] userName - user name
149 *
150 * @return ccSuccess for success, others for failure.
151 */
152Cc ipmiUserSetUserName(const uint8_t userId, const std::string& userName);
153
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]154/** @brief set user password
155 *
156 * @param[in] userId - user id
157 * @param[in] userPassword - New Password
158 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]159 * @return ccSuccess for success, others for failure.
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]160 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]161Cc ipmiUserSetUserPassword(const uint8_t userId, const char* userPassword);
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]162
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530[diff] [blame]163/** @brief set special user password (non-ipmi accounts)
164 *
165 * @param[in] userName - user name
166 * @param[in] userPassword - New Password
167 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]168 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530[diff] [blame]169 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]170Cc ipmiSetSpecialUserPassword(const std::string& userName,
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700[diff] [blame]171 const SecureString& userPassword);
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530[diff] [blame]172
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]173/** @brief get user name
174 *
175 * @param[in] userId - user id
176 * @param[out] userName - user name
177 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]178 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]179 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]180Cc ipmiUserGetUserName(const uint8_t userId, std::string& userName);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]181
182/** @brief provides available fixed, max, and enabled user counts
183 *
184 * @param[out] maxChUsers - max channel users
185 * @param[out] enabledUsers - enabled user count
186 * @param[out] fixedUsers - fixed user count
187 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]188 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]189 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]190Cc ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers,
191 uint8_t& fixedUsers);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]192
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]193/** @brief function to update user enabled state
194 *
195 * @param[in] userId - user id
196 *..@param[in] state - state of the user to be updated, true - user enabled.
197 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]198 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]199 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]200Cc ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state);
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]201
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]202/** @brief determines whether user is enabled
203 *
204 * @param[in] userId - user id
205 *..@param[out] state - state of the user
206 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]207 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]208 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]209Cc ipmiUserCheckEnabled(const uint8_t userId, bool& state);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]210
211/** @brief provides user privilege access data
212 *
213 * @param[in] userId - user id
214 * @param[in] chNum - channel number
215 * @param[out] privAccess - privilege access data
216 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]217 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]218 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]219Cc ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
220 PrivAccess& privAccess);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]221
222/** @brief sets user privilege access data
223 *
224 * @param[in] userId - user id
225 * @param[in] chNum - channel number
226 * @param[in] privAccess - privilege access data
227 * @param[in] otherPrivUpdate - flags to indicate other fields update
228 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]229 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]230 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]231Cc ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
232 const PrivAccess& privAccess,
233 const bool& otherPrivUpdate);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]234
Ayushi Smriti02650d52019-05-15 11:59:09 +0000[diff] [blame]235/** @brief check for user pam authentication. This is to determine, whether user
236 * is already locked out for failed login attempt
237 *
238 * @param[in] username - username
239 * @param[in] password - password
240 *
241 * @return status
242 */
243bool ipmiUserPamAuthenticate(std::string_view userName,
244 std::string_view userPassword);
245
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]246/** @brief sets user payload access data
247 *
248 * @param[in] chNum - channel number
249 * @param[in] operation - ENABLE / DISABLE operation
250 * @param[in] userId - user id
251 * @param[in] payloadAccess - payload access data
252 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]253 * @return ccSuccess for success, others for failure.
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]254 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]255Cc ipmiUserSetUserPayloadAccess(const uint8_t chNum, const uint8_t operation,
256 const uint8_t userId,
257 const PayloadAccess& payloadAccess);
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]258
259/** @brief provides user payload access data
260 *
261 * @param[in] chNum - channel number
262 * @param[in] userId - user id
263 * @param[out] payloadAccess - payload access data
264 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]265 * @return ccSuccess for success, others for failure.
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]266 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]267Cc ipmiUserGetUserPayloadAccess(const uint8_t chNum, const uint8_t userId,
268 PayloadAccess& payloadAccess);
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]269
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]270} // namespace ipmi