<div dir="ltr">Hi Vernon,<br><br> We may need to write our own custom filter for other channels as you suggested.<div> While implementing this, we need some clarifications.<br></div><div> </div><div> 1. How can we map channel Id's with settingsd restriction mode dbus-objects ?</div><div> 2. The Ipmb channel has multiple devices in our system, How can we handle and apply this multiple Ipmb interfaces with settingsd restriction mode dbus-objects ?<br><br></div><div> Please refer below link for multiple Ipmb channels for our system.<br><br></div><div> <a href="https://github.com/openbmc/openbmc/blob/master/meta-facebook/recipes-phosphor/ipmi/phosphor-ipmi-ipmb/yosemitev2/ipmb-channels.json">https://github.com/openbmc/openbmc/blob/master/meta-facebook/recipes-phosphor/ipmi/phosphor-ipmi-ipmb/yosemitev2/ipmb-channels.json</a></div><div> </div><div> Already we have "hostIdx'' in ipmi::Context struct, which represents the data coming from which hosts. Even Though if we plan to use this "hostIdx" , it is still not clear how we can map this "hostIdx'' with settingsd restriction mode dbus-objects.</div><div><br></div><div> Otherwise, can we have some Schema(Rules) to follow the channel order for this channel and devices(settingsd dbus-objects) mapping ? </div><div> Ex: First 4 or 6 channel is for host 1 - host4</div><div> Next channel is for Debug card, </div><div> Rest of the channel is for other devices.</div><div><br></div><div> I think we need to maintain this order in settingsd config file and ipmb-channels.json config file for this channel and device mapping. </div><div><br></div><div> Could you please provide your suggestion on this.</div><div> </div><div>Thanks,</div><div>Kumar. </div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Apr 26, 2022 at 9:25 PM Kumar Thangavel <<a href="mailto:kumarthangavel.hcl@gmail.com" target="_blank">kumarthangavel.hcl@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Thanks for your response and suggestions.<div><br></div><div>--Kumar.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Apr 23, 2022 at 4:55 AM Vernon Mauery <<a href="mailto:vernon.mauery@linux.intel.com" target="_blank">vernon.mauery@linux.intel.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 18-Apr-2022 04:56 PM, Kumar Thangavel wrote:<br>
>Thanks for the response and clarification.<br>
><br>
>I will clarify my question here,<br>
><br>
>IPMI restriction mode support has been added for host devices which support<br>
>IPMI.<br>
>This restriction mode support can be enabled or disabled from the<br>
>phosphor-settingsd configuration (.yaml) file.<br>
><br>
>Please check the below link for .yaml file of phosphor-settingsd.<br>
><br>
><a href="https://github.com/openbmc/openbmc/blob/7298b2478ec25cc1814124af523acc4ffade05e6/meta-phosphor/recipes-phosphor/settings/phosphor-settings-defaults/host-template.yaml#L61" rel="noreferrer" target="_blank">https://github.com/openbmc/openbmc/blob/7298b2478ec25cc1814124af523acc4ffade05e6/meta-phosphor/recipes-phosphor/settings/phosphor-settings-defaults/host-template.yaml#L61</a><br>
><br>
>We wanted to add restriction mode support for other IPMI based devices<br>
>(Debug card).<br>
>Already phosphor-ipmi-host supports filters for all IPMI commands which<br>
>have ipmi::Context objects.<br>
>So, How can we enable/disable this restriction mode support<br>
>from phosphor-settings for other IPMI based devices(Debug card). ?<br>
<br>
I understand that currently only the host channel is using the <br>
restriction mode. You want to add it for other channels. This has <br>
already been done in the intel-ipmi-oem repo, if you want to take a look <br>
at that. It allows a fine-grained mechanism for command filtering, based <br>
on the channel and the restriction mode (although currently, I think the <br>
restriction mode still only applies to the host channel).<br>
<br>
My point is that it is pretty easy to come up with a custom filter <br>
mechanism that should suit you. There is even an option to disable the <br>
built-in filter so you can supply your own.<br>
<br>
--Vernon<br>
<br>
><br>
><br>
><br>
>On Thu, Apr 14, 2022 at 6:15 AM Vernon Mauery <<a href="mailto:vernon.mauery@linux.intel.com" target="_blank">vernon.mauery@linux.intel.com</a>><br>
>wrote:<br>
><br>
>> On 04-Apr-2022 12:49 PM, Kumar Thangavel wrote:<br>
>> >Hi All,<br>
>> ><br>
>> > IPMI Restriction mode support has been added for host machines<br>
>> >which support IPMI.<br>
>> ><br>
>> ><br>
>> <a href="https://github.com/openbmc/openbmc/blob/7298b2478ec25cc1814124af523acc4ffade05e6/meta-phosphor/recipes-phosphor/settings/phosphor-settings-defaults/host-template.yaml#L61" rel="noreferrer" target="_blank">https://github.com/openbmc/openbmc/blob/7298b2478ec25cc1814124af523acc4ffade05e6/meta-phosphor/recipes-phosphor/settings/phosphor-settings-defaults/host-template.yaml#L61</a><br>
>> ><br>
>> > How IPMI restriction mode support can be added for other than host<br>
>> >devices (IPMI based devices). Ex Debug card. ?<br>
>><br>
>> I am not exactly sure what you are asking for here. When you say other<br>
>> devices, are you asking about restricting commands based on what channel<br>
>> they come in on?<br>
>><br>
>> This is possible. A filter can filter on any criteria that is available<br>
>> with the ipmi::Context object and the command. It can even extract<br>
>> command data and take action there. I only say this if you are<br>
>> interested in writing a new filter of your own.<br>
>><br>
>> But if you want to see a filter that is already implemented that<br>
>> restricts commands based on BMC state and incoming channel, you can look<br>
>> at the filtering done in the intel-ipmi-oem repo.<br>
>><br>
>> If my guess at what you meant was wrong, please clarify and I will try<br>
>> again.<br>
>><br>
>> --Vernon<br>
>><br>
>> > Could you please provide any suggestions or any docs ?<br>
>> ><br>
>> >Thanks,<br>
>> >Kumar.<br>
>><br>
</blockquote></div>
</blockquote></div>