blob: ad215e394297a8c7b4c3556beaa598ca9544b15b [file] [log] [blame]
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +05301/*
2// Copyright (c) 2018 Intel Corporation
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15*/
16#pragma once
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +053017
NITIN SHARMAb541a5a2019-07-18 12:46:59 +000018#include <ipmid/api.hpp>
Vernon Mauery1e22a0f2021-07-30 13:36:54 -070019#include <ipmid/types.hpp>
Patrick Williamsfbc6c9d2023-05-10 07:50:16 -050020
21#include <bitset>
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +053022#include <string>
23
24namespace ipmi
25{
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053026
27// TODO: Has to be replaced with proper channel number assignment logic
Richard Marian Thomaiyar6e1ba9e2018-11-29 06:29:21 +053028/**
29 * @enum Channel Id
30 */
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053031enum class EChannelID : uint8_t
32{
33 chanLan1 = 0x01
34};
35
36static constexpr uint8_t invalidUserId = 0xFF;
37static constexpr uint8_t reservedUserId = 0x0;
38static constexpr uint8_t ipmiMaxUserName = 16;
39static constexpr uint8_t ipmiMaxUsers = 15;
40static constexpr uint8_t ipmiMaxChannels = 16;
Suryakanth Sekar90b00c72019-01-16 10:37:57 +053041static constexpr uint8_t maxIpmi20PasswordSize = 20;
42static constexpr uint8_t maxIpmi15PasswordSize = 16;
Saravanan Palanisamy77381f12019-05-15 22:33:17 +000043static constexpr uint8_t payloadsPerByte = 8;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053044
Richard Marian Thomaiyar6e1ba9e2018-11-29 06:29:21 +053045/** @struct PrivAccess
46 *
47 * User privilege related access data as per IPMI specification.(refer spec
48 * sec 22.26)
49 */
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053050struct PrivAccess
51{
52#if BYTE_ORDER == LITTLE_ENDIAN
Patrick Williams369824e2023-10-20 11:18:23 -050053 uint8_t privilege:4;
54 uint8_t ipmiEnabled:1;
55 uint8_t linkAuthEnabled:1;
56 uint8_t accessCallback:1;
57 uint8_t reserved:1;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053058#endif
59#if BYTE_ORDER == BIG_ENDIAN
Patrick Williams369824e2023-10-20 11:18:23 -050060 uint8_t reserved:1;
61 uint8_t accessCallback:1;
62 uint8_t linkAuthEnabled:1;
63 uint8_t ipmiEnabled:1;
64 uint8_t privilege:4;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053065#endif
66} __attribute__((packed));
67
Saravanan Palanisamy77381f12019-05-15 22:33:17 +000068/** @struct UserPayloadAccess
69 *
70 * Structure to denote payload access restrictions applicable for a
71 * given user and channel. (refer spec sec 24.6)
72 */
73struct PayloadAccess
74{
75 std::bitset<payloadsPerByte> stdPayloadEnables1;
76 std::bitset<payloadsPerByte> stdPayloadEnables2Reserved;
77 std::bitset<payloadsPerByte> oemPayloadEnables1;
78 std::bitset<payloadsPerByte> oemPayloadEnables2Reserved;
79};
80
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053081/** @brief initializes user management
82 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +000083 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053084 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +000085Cc ipmiUserInit();
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053086
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +053087/** @brief The ipmi get user password layer call
88 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053089 * @param[in] userName - user name
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +053090 *
91 * @return password or empty string
92 */
Vernon Mauery1e22a0f2021-07-30 13:36:54 -070093SecureString ipmiUserGetPassword(const std::string& userName);
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +053094
AppaRao Pulib29b5ab2018-05-17 10:28:48 +053095/** @brief The IPMI call to clear password entry associated with specified
96 * username
97 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +053098 * @param[in] userName - user name to be removed
AppaRao Pulib29b5ab2018-05-17 10:28:48 +053099 *
100 * @return 0 on success, non-zero otherwise.
101 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000102Cc ipmiClearUserEntryPassword(const std::string& userName);
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530103
104/** @brief The IPMI call to reuse password entry for the renamed user
105 * to another one
106 *
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530107 * @param[in] userName - user name which has to be renamed
108 * @param[in] newUserName - new user name
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530109 *
110 * @return 0 on success, non-zero otherwise.
111 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000112Cc ipmiRenameUserEntryPassword(const std::string& userName,
113 const std::string& newUserName);
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530114
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530115/** @brief determines valid userId
116 *
117 * @param[in] userId - user id
118 *
119 * @return true if valid, false otherwise
120 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530121bool ipmiUserIsValidUserId(const uint8_t userId);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530122
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530123/** @brief determines valid privilege level
124 *
125 * @param[in] priv - privilege level
126 *
127 * @return true if valid, false otherwise
128 */
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530129bool ipmiUserIsValidPrivilege(const uint8_t priv);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530130
131/** @brief get user id corresponding to the user name
132 *
133 * @param[in] userName - user name
134 *
135 * @return userid. Will return 0xff if no user id found
136 */
137uint8_t ipmiUserGetUserId(const std::string& userName);
138
139/** @brief set's user name
jayaprakash Mutyalacdcdf2b2020-03-28 00:12:05 +0000140 * This API is deprecated
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530141 */
jayaprakash Mutyalacdcdf2b2020-03-28 00:12:05 +0000142Cc ipmiUserSetUserName(const uint8_t userId, const char* userName)
143 __attribute__((deprecated));
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530144
jayaprakash Mutyala76363302020-02-14 23:50:38 +0000145/** @brief set's user name
146 *
147 * @param[in] userId - user id
148 * @param[in] userName - user name
149 *
150 * @return ccSuccess for success, others for failure.
151 */
152Cc ipmiUserSetUserName(const uint8_t userId, const std::string& userName);
153
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530154/** @brief set user password
155 *
156 * @param[in] userId - user id
157 * @param[in] userPassword - New Password
158 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000159 * @return ccSuccess for success, others for failure.
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530160 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000161Cc ipmiUserSetUserPassword(const uint8_t userId, const char* userPassword);
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530162
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530163/** @brief set special user password (non-ipmi accounts)
164 *
165 * @param[in] userName - user name
166 * @param[in] userPassword - New Password
167 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000168 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530169 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000170Cc ipmiSetSpecialUserPassword(const std::string& userName,
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700171 const SecureString& userPassword);
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530172
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530173/** @brief get user name
174 *
175 * @param[in] userId - user id
176 * @param[out] userName - user name
177 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000178 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530179 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000180Cc ipmiUserGetUserName(const uint8_t userId, std::string& userName);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530181
182/** @brief provides available fixed, max, and enabled user counts
183 *
184 * @param[out] maxChUsers - max channel users
185 * @param[out] enabledUsers - enabled user count
186 * @param[out] fixedUsers - fixed user count
187 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000188 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530189 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000190Cc ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers,
191 uint8_t& fixedUsers);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530192
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530193/** @brief function to update user enabled state
194 *
195 * @param[in] userId - user id
196 *..@param[in] state - state of the user to be updated, true - user enabled.
197 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000198 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530199 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000200Cc ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state);
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530201
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530202/** @brief determines whether user is enabled
203 *
204 * @param[in] userId - user id
205 *..@param[out] state - state of the user
206 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000207 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530208 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000209Cc ipmiUserCheckEnabled(const uint8_t userId, bool& state);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530210
211/** @brief provides user privilege access data
212 *
213 * @param[in] userId - user id
214 * @param[in] chNum - channel number
215 * @param[out] privAccess - privilege access data
216 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000217 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530218 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000219Cc ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
220 PrivAccess& privAccess);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530221
222/** @brief sets user privilege access data
223 *
224 * @param[in] userId - user id
225 * @param[in] chNum - channel number
226 * @param[in] privAccess - privilege access data
227 * @param[in] otherPrivUpdate - flags to indicate other fields update
228 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000229 * @return ccSuccess for success, others for failure.
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530230 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000231Cc ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
232 const PrivAccess& privAccess,
233 const bool& otherPrivUpdate);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530234
Ayushi Smriti02650d52019-05-15 11:59:09 +0000235/** @brief check for user pam authentication. This is to determine, whether user
236 * is already locked out for failed login attempt
237 *
238 * @param[in] username - username
239 * @param[in] password - password
240 *
241 * @return status
242 */
243bool ipmiUserPamAuthenticate(std::string_view userName,
244 std::string_view userPassword);
245
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000246/** @brief sets user payload access data
247 *
248 * @param[in] chNum - channel number
249 * @param[in] operation - ENABLE / DISABLE operation
250 * @param[in] userId - user id
251 * @param[in] payloadAccess - payload access data
252 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000253 * @return ccSuccess for success, others for failure.
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000254 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000255Cc ipmiUserSetUserPayloadAccess(const uint8_t chNum, const uint8_t operation,
256 const uint8_t userId,
257 const PayloadAccess& payloadAccess);
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000258
259/** @brief provides user payload access data
260 *
261 * @param[in] chNum - channel number
262 * @param[in] userId - user id
263 * @param[out] payloadAccess - payload access data
264 *
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000265 * @return ccSuccess for success, others for failure.
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000266 */
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000267Cc ipmiUserGetUserPayloadAccess(const uint8_t chNum, const uint8_t userId,
268 PayloadAccess& payloadAccess);
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000269
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530270} // namespace ipmi