Zdenek,
I corrected the indentation and formatting. Please, review.
Regards,
Dmitry
18.04.2013 17:03, Zdenek Styblik пишет:
On Thu, Apr 18, 2013 at 8:00 AM, Dmitry Bazhenov <dim...@pigeonpoint.com> wrote:
Hello, all,
The attached patch adds a OEM handle and workaround code for Intel i82751
MAC working in the super pass-though mode which has known deviations in its
RMCP+ implementation. With the OEM handle active, IPMITool can successfully
interact with this Intel 82751-based boards.
Please, review.
Regards,
Dmitry
Hi,
it's hard to say, but it seems to me the following diffs have wrong indentation:
@@ -1568,6 +1568,8 @@ ipmi_sol_red_pill(struct ipmi_intf * int
FD_SET(0, &read_fds);
FD_SET(intf->fd, &read_fds);
+ if (!ipmi_oem_active(intf,"i82571spt"))
+ {
/* Send periodic keepalive packet */
if(_use_sol_for_keepalive == 0)
{
@@ -1604,7 +1606,7 @@ ipmi_sol_red_pill(struct ipmi_intf * int
/* if the keep Alive is successful reset retries to zero */
retrySol = 0;
}
-
+ } /* !oem="i82571spt" */
/* Wait up to half a second */
tv.tv_sec = 0;
tv.tv_usec = 500000;
~~~
And since the following is getting changed:
@@ -460,7 +469,7 @@ int lanplus_generate_rakp3_authcode(uint
* returns 0 on success
* 1 on failure
*/
-int lanplus_generate_sik(struct ipmi_session * session)
+int lanplus_generate_sik(struct ipmi_session * session, struct
ipmi_intf * intf)
{
uint8_t * input_buffer;
int input_buffer_length, i;
~~~
change it to(just an example what I mean and can be done by person
doing commit):
@@ -460,7 +469,8 @@ int lanplus_generate_rakp3_authcode(uint
* returns 0 on success
* 1 on failure
*/
-int lanplus_generate_sik(struct ipmi_session * session)
+int
+lanplus_generate_sik(struct ipmi_session * session, struct ipmi_intf * intf)
{
uint8_t * input_buffer;
int input_buffer_length, i;
~~~
Thanks,
Z.
diff -Nurp ipmitool.sav/lib/ipmi_oem.c ipmitool.cvs/lib/ipmi_oem.c
--- ipmitool.sav/lib/ipmi_oem.c 2013-04-18 11:26:39 +0600
+++ ipmitool.cvs/lib/ipmi_oem.c 2013-04-17 22:47:19 +0600
@@ -63,6 +63,10 @@ static struct ipmi_oem_handle ipmi_oem_l
desc: "IBM OEM support",
setup: ipmi_oem_ibm,
},
+ {
+ name: "i82571spt",
+ desc: "Intel 82571 MAC with integrated RMCP+ support in super pass-through mode",
+ },
{ 0 }
};
diff -Nurp ipmitool.sav/lib/ipmi_sol.c ipmitool.cvs/lib/ipmi_sol.c
--- ipmitool.sav/lib/ipmi_sol.c 2013-04-18 11:26:39 +0600
+++ ipmitool.cvs/lib/ipmi_sol.c 2013-04-19 12:15:51 +0600
@@ -1568,43 +1568,45 @@ ipmi_sol_red_pill(struct ipmi_intf * int
FD_SET(0, &read_fds);
FD_SET(intf->fd, &read_fds);
- /* Send periodic keepalive packet */
- if(_use_sol_for_keepalive == 0)
+ if (!ipmi_oem_active(intf,"i82571spt"))
{
- keepAliveRet = ipmi_sol_keepalive_using_getdeviceid(intf);
- }
- else
- {
- keepAliveRet = ipmi_sol_keepalive_using_sol(intf);
- }
+ /* Send periodic keepalive packet */
+ if(_use_sol_for_keepalive == 0)
+ {
+ keepAliveRet = ipmi_sol_keepalive_using_getdeviceid(intf);
+ }
+ else
+ {
+ keepAliveRet = ipmi_sol_keepalive_using_sol(intf);
+ }
- if (keepAliveRet != 0)
- {
- /*
- * Retrying the keep Alive before declaring a communication
- * lost state with the IPMC. Helpful when the payload is
- * reset and brings down the connection temporarily. Otherwise,
- * if we send getDevice Id to check the status of IPMC during
- * this down time when the connection is restarting, SOL will
- * exit even though the IPMC is available and the session is open.
- */
- if (retrySol == MAX_SOL_RETRY)
+ if (keepAliveRet != 0)
{
- /* no response to Get Device ID keepalive message */
- bShouldExit = 1;
- continue;
+ /*
+ * Retrying the keep Alive before declaring a communication
+ * lost state with the IPMC. Helpful when the payload is
+ * reset and brings down the connection temporarily. Otherwise,
+ * if we send getDevice Id to check the status of IPMC during
+ * this down time when the connection is restarting, SOL will
+ * exit even though the IPMC is available and the session is open.
+ */
+ if (retrySol == MAX_SOL_RETRY)
+ {
+ /* no response to Get Device ID keepalive message */
+ bShouldExit = 1;
+ continue;
+ }
+ else
+ {
+ retrySol++;
+ }
}
- else
- {
- retrySol++;
+ else
+ {
+ /* if the keep Alive is successful reset retries to zero */
+ retrySol = 0;
}
- }
- else
- {
- /* if the keep Alive is successful reset retries to zero */
- retrySol = 0;
- }
-
+ } /* !oem="i82571spt" */
/* Wait up to half a second */
tv.tv_sec = 0;
tv.tv_usec = 500000;
@@ -1757,6 +1759,20 @@ ipmi_sol_activate(struct ipmi_intf * int
if (ipmi_oem_active(intf, "intelplus")) {
data[2] |= IPMI_SOL_BMC_ASSERTS_CTS_MASK_TRUE;
+ } else if (ipmi_oem_active(intf, "i82571spt")) {
+ /*
+ * A quote from Intel: "Engineering believes the problem
+ * lies within the Auxiliary data being sent with the
+ * 'Activate Payload' command from IPMITool. IPMITool
+ * sends a C6h which sets some bits having to do with
+ * encryption and some behavior dealing with CTS DCD/DSR.
+ * I recommend that the customer modify this request
+ * to send 08h instead. This is what our internal utility
+ * sends and it works without issue. I will work with
+ * engineering to ensure the settings that IPMITool uses
+ * (C6h) are supported in the future.
+ */
+ data[2] = 0x08;
} else {
data[2] |= IPMI_SOL_BMC_ASSERTS_CTS_MASK_FALSE;
}
diff -Nurp ipmitool.sav/src/plugins/lanplus/lanplus.c ipmitool.cvs/src/plugins/lanplus/lanplus.c
--- ipmitool.sav/src/plugins/lanplus/lanplus.c 2013-04-18 11:26:39 +0600
+++ ipmitool.cvs/src/plugins/lanplus/lanplus.c 2013-04-17 22:45:59 +0600
@@ -3157,7 +3157,7 @@ ipmi_lanplus_rakp3(struct ipmi_intf * in
}
/* Generate our Session Integrity Key, K1, and K2 */
- if (lanplus_generate_sik(session))
+ if (lanplus_generate_sik(session, intf))
{
/* Error */
lprintf(LOG_INFO, "> Error generating session integrity key");
@@ -3408,7 +3408,8 @@ ipmi_lanplus_open(struct ipmi_intf * int
*
* I'm not sure why we accept a failure for the first call
*/
- if (ipmi_get_auth_capabilities_cmd(intf, &auth_cap)) {
+ if (!ipmi_oem_active(intf, "i82571spt") &&
+ ipmi_get_auth_capabilities_cmd(intf, &auth_cap)) {
sleep(1);
if (ipmi_get_auth_capabilities_cmd(intf, &auth_cap));
{
@@ -3418,7 +3419,7 @@ ipmi_lanplus_open(struct ipmi_intf * int
}
}
- if (! auth_cap.v20_data_available)
+ if (!ipmi_oem_active(intf, "i82571spt") && ! auth_cap.v20_data_available)
{
lprintf(LOG_INFO, "This BMC does not support IPMI v2 / RMCP+");
goto fail;
@@ -3455,9 +3456,11 @@ ipmi_lanplus_open(struct ipmi_intf * int
bridgePossible = 1;
- rc = ipmi_set_session_privlvl_cmd(intf);
- if (rc < 0)
- goto fail;
+ if (!ipmi_oem_active(intf, "i82571spt")) {
+ rc = ipmi_set_session_privlvl_cmd(intf);
+ if (rc < 0)
+ goto fail;
+ }
intf->manufacturer_id = ipmi_get_oem(intf);
return intf->fd;
diff -Nurp ipmitool.sav/src/plugins/lanplus/lanplus_crypt.c ipmitool.cvs/src/plugins/lanplus/lanplus_crypt.c
--- ipmitool.sav/src/plugins/lanplus/lanplus_crypt.c 2013-04-18 11:26:39 +0600
+++ ipmitool.cvs/src/plugins/lanplus/lanplus_crypt.c 2013-04-19 12:18:00 +0600
@@ -68,7 +68,8 @@
* return 0 on success (the authcode matches)
* 1 on failure (the authcode does not match)
*/
-int lanplus_rakp2_hmac_matches(const struct ipmi_session * session,
+int
+lanplus_rakp2_hmac_matches(const struct ipmi_session * session,
const uint8_t * bmc_mac,
struct ipmi_intf * intf)
{
@@ -153,6 +154,15 @@ int lanplus_rakp2_hmac_matches(const str
/* ROLEm */
buffer[56] = session->v2_data.requested_role;
+ if (ipmi_oem_active(intf, "i82571spt")) {
+ /*
+ * The HMAC calculation code in the Intel 82571 GbE
+ * skips this bit! Looks like a GbE bug, but we need
+ * to work around it here anyway...
+ */
+ buffer[56] &= ~0x10;
+ }
+
/* ULENGTHm */
buffer[57] = strlen((const char *)session->username);
@@ -213,7 +223,8 @@ int lanplus_rakp2_hmac_matches(const str
* 0 on failure (the authcode does not match)
*
*/
-int lanplus_rakp4_hmac_matches(const struct ipmi_session * session,
+int
+lanplus_rakp4_hmac_matches(const struct ipmi_session * session,
const uint8_t * bmc_mac,
struct ipmi_intf * intf)
{
@@ -341,7 +352,8 @@ int lanplus_rakp4_hmac_matches(const str
* returns 0 on success
* 1 on failure
*/
-int lanplus_generate_rakp3_authcode(uint8_t * output_buffer,
+int
+lanplus_generate_rakp3_authcode(uint8_t * output_buffer,
const struct ipmi_session * session,
uint32_t * mac_length,
struct ipmi_intf * intf)
@@ -396,7 +408,7 @@ int lanplus_generate_rakp3_authcode(uint
memcpy(input_buffer + 16, &SIDm_lsbf, 4);
/* ROLEm */
- if (ipmi_oem_active(intf, "intelplus"))
+ if (ipmi_oem_active(intf, "intelplus") || ipmi_oem_active(intf, "i82571spt"))
input_buffer[20] = session->privlvl;
else
input_buffer[20] = session->v2_data.requested_role;
@@ -460,7 +472,8 @@ int lanplus_generate_rakp3_authcode(uint
* returns 0 on success
* 1 on failure
*/
-int lanplus_generate_sik(struct ipmi_session * session)
+int
+lanplus_generate_sik(struct ipmi_session * session, struct ipmi_intf * intf)
{
uint8_t * input_buffer;
int input_buffer_length, i;
@@ -516,6 +529,15 @@ int lanplus_generate_sik(struct ipmi_ses
/* ROLEm */
input_buffer[32] = session->v2_data.requested_role;
+ if (ipmi_oem_active(intf, "i82571spt")) {
+ /*
+ * The HMAC calculation code in the Intel 82571 GbE
+ * skips this bit! Looks like a GbE bug, but we need
+ * to work around it here anyway...
+ */
+ input_buffer[32] &= ~0x10;
+ }
+
/* ULENGTHm */
input_buffer[33] = strlen((const char *)session->username);
@@ -580,7 +602,8 @@ int lanplus_generate_sik(struct ipmi_ses
* returns 0 on success
* 1 on failure
*/
-int lanplus_generate_k1(struct ipmi_session * session)
+int
+lanplus_generate_k1(struct ipmi_session * session)
{
uint32_t mac_length;
@@ -623,7 +646,8 @@ int lanplus_generate_k1(struct ipmi_sess
* returns 0 on success
* 1 on failure
*/
-int lanplus_generate_k2(struct ipmi_session * session)
+int
+lanplus_generate_k2(struct ipmi_session * session)
{
uint32_t mac_length;
@@ -673,7 +697,8 @@ int lanplus_generate_k2(struct ipmi_sess
* returns 0 on success
* 1 on failure
*/
-int lanplus_encrypt_payload(uint8_t crypt_alg,
+int
+lanplus_encrypt_payload(uint8_t crypt_alg,
const uint8_t * key,
const uint8_t * input,
uint32_t input_length,
@@ -777,7 +802,8 @@ int lanplus_encrypt_payload(uint8_t
* returns 1 on success (authcode is valid)
* 0 on failure (autchode integrity check failed)
*/
-int lanplus_has_valid_auth_code(struct ipmi_rs * rs,
+int
+lanplus_has_valid_auth_code(struct ipmi_rs * rs,
struct ipmi_session * session)
{
uint8_t * bmc_authcode;
@@ -837,7 +863,8 @@ int lanplus_has_valid_auth_code(struct i
* returns 0 on success (we were able to successfully decrypt the packet)
* 1 on failure (we were unable to successfully decrypt the packet)
*/
-int lanplus_decrypt_payload(uint8_t crypt_alg,
+int
+lanplus_decrypt_payload(uint8_t crypt_alg,
const uint8_t * key,
const uint8_t * input,
uint32_t input_length,
@@ -897,7 +924,7 @@ int lanplus_decrypt_payload(uint8_t
*/
for (i = 0; i < conf_pad_length; ++i)
{
- if (decrypted_payload[*payload_size + i] == i)
+ if (decrypted_payload[*payload_size + i] != (i + 1))
{
lprintf(LOG_ERR, "Malformed payload padding");
assert(0);
diff -Nurp ipmitool.sav/src/plugins/lanplus/lanplus_crypt.h ipmitool.cvs/src/plugins/lanplus/lanplus_crypt.h
--- ipmitool.sav/src/plugins/lanplus/lanplus_crypt.h 2006-03-20 02:54:44 +0600
+++ ipmitool.cvs/src/plugins/lanplus/lanplus_crypt.h 2013-04-17 22:45:59 +0600
@@ -51,7 +51,7 @@ int lanplus_generate_rakp3_authcode(uint
const struct ipmi_session * session,
uint32_t * auth_length,
struct ipmi_intf * intf);
-int lanplus_generate_sik(struct ipmi_session * session);
+int lanplus_generate_sik(struct ipmi_session * session, struct ipmi_intf * intf);
int lanplus_generate_k1(struct ipmi_session * session);
int lanplus_generate_k2(struct ipmi_session * session);
int lanplus_encrypt_payload(uint8_t crypt_alg,
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
