To restrict IPMI commands
Vernon Mauery
vernon.mauery at linux.intel.com
Sat Feb 23 07:05:45 AEDT 2019
On 22-Feb-2019 03:03 AM, P. K. Lee (李柏寬) wrote:
>Hi,
>
>Does anyone know how to restrict the IPMI command execution via out-of-band?
>
>I know that the IPMI commands via in-band can use the whitelist mechanism to restrict whether the commands can access the BMC, but I can't use this for the out-of-band.
>
>If there is currently no restriction mechanism for the out-of-band, I will try to add the whitelist function for it just like the in-band.
There is a mechanism in the works for this already. It is a generic
filter provider that allows filtering of commands based on any criteria.
See
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-host-ipmid/+/13896
for the current implementation.
--Vernon
More information about the openbmc
mailing list