[u-boot-mgr]: Initial u-boot mgr hardening intf
Initial u-boot mgr to harden interface and usage. This
exposes method in D-Bus which other daemon can use to update
U-Boot environment variables, instead of directly using
fw_printenv or fw_setenv tools.
Tested:
Verified able to query the ReadAll, Read and Write
method exposed in this interface.
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Change-Id: I21772c8f30b7c68f5c9a2da3d44217ea2f533014
diff --git a/.clang-format b/.clang-format
new file mode 100644
index 0000000..bbc1bb1
--- /dev/null
+++ b/.clang-format
@@ -0,0 +1,85 @@
+---
+Language: Cpp
+# BasedOnStyle: LLVM
+AccessModifierOffset: -2
+AlignAfterOpenBracket: Align
+AlignConsecutiveAssignments: false
+AlignConsecutiveDeclarations: false
+AlignEscapedNewlinesLeft: false
+AlignOperands: true
+AlignTrailingComments: true
+AllowAllParametersOfDeclarationOnNextLine: true
+AllowShortBlocksOnASingleLine: false
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortFunctionsOnASingleLine: None
+AllowShortIfStatementsOnASingleLine: false
+AllowShortLoopsOnASingleLine: false
+AlwaysBreakAfterDefinitionReturnType: None
+AlwaysBreakAfterReturnType: None
+AlwaysBreakBeforeMultilineStrings: false
+AlwaysBreakTemplateDeclarations: false
+BinPackArguments: true
+BinPackParameters: true
+BraceWrapping:
+ AfterClass: true
+ AfterControlStatement: true
+ AfterEnum: true
+ AfterFunction: true
+ AfterNamespace: true
+ AfterObjCDeclaration: true
+ AfterStruct: true
+ AfterUnion: true
+ BeforeCatch: true
+ BeforeElse: true
+ IndentBraces: false
+BreakBeforeBinaryOperators: None
+BreakBeforeBraces: Custom
+BreakBeforeTernaryOperators: true
+BreakConstructorInitializers: AfterColon
+ColumnLimit: 80
+CommentPragmas: '^ IWYU pragma:'
+ConstructorInitializerAllOnOneLineOrOnePerLine: false
+ConstructorInitializerIndentWidth: 4
+ContinuationIndentWidth: 4
+Cpp11BracedListStyle: true
+DerivePointerAlignment: true
+PointerAlignment: Left
+DisableFormat: false
+ExperimentalAutoDetectBinPacking: false
+FixNamespaceComments: true
+ForEachMacros: [ foreach, Q_FOREACH, BOOST_FOREACH ]
+IndentCaseLabels: true
+IndentWidth: 4
+IndentWrappedFunctionNames: true
+KeepEmptyLinesAtTheStartOfBlocks: true
+MacroBlockBegin: ''
+MacroBlockEnd: ''
+MaxEmptyLinesToKeep: 1
+NamespaceIndentation: None
+ObjCBlockIndentWidth: 2
+ObjCSpaceAfterProperty: false
+ObjCSpaceBeforeProtocolList: true
+PenaltyBreakBeforeFirstCallParameter: 19
+PenaltyBreakComment: 300
+PenaltyBreakFirstLessLess: 120
+PenaltyBreakString: 1000
+PenaltyExcessCharacter: 1000000
+PenaltyReturnTypeOnItsOwnLine: 60
+PointerAlignment: Right
+ReflowComments: true
+SortIncludes: false
+SpaceAfterCStyleCast: false
+SpaceBeforeAssignmentOperators: true
+SpaceBeforeParens: ControlStatements
+SpaceInEmptyParentheses: false
+SpacesBeforeTrailingComments: 1
+SpacesInAngles: false
+SpacesInContainerLiterals: true
+SpacesInCStyleCastParentheses: false
+SpacesInParentheses: false
+SpacesInSquareBrackets: false
+Standard: Cpp11
+TabWidth: 4
+UseTab: Never
+...
+
diff --git a/CMakeLists.txt b/CMakeLists.txt
new file mode 100644
index 0000000..5e29b6f
--- /dev/null
+++ b/CMakeLists.txt
@@ -0,0 +1,51 @@
+cmake_minimum_required(VERSION 3.5 FATAL_ERROR)
+project(phosphor-u-boot-env-mgr CXX)
+set(CMAKE_CXX_STANDARD 17)
+set(CMAKE_CXX_STANDARD_REQUIRED ON)
+set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-rtti")
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fno-rtti")
+
+include_directories(${CMAKE_CURRENT_SOURCE_DIR}/include)
+find_package(Boost REQUIRED)
+include_directories(${Boost_INCLUDE_DIRS})
+add_definitions(-DBOOST_ERROR_CODE_HEADER_ONLY)
+add_definitions(-DBOOST_SYSTEM_NO_DEPRECATED)
+add_definitions(-DBOOST_ALL_NO_LIB)
+add_definitions(-DBOOST_NO_RTTI)
+add_definitions(-DBOOST_NO_TYPEID)
+add_definitions(-DBOOST_ASIO_DISABLE_THREADS)
+
+set(SRC_FILES src/mainapp.cpp src/u-boot-env-mgr.cpp)
+
+# import sdbusplus
+find_package(PkgConfig REQUIRED)
+pkg_check_modules(SDBUSPLUSPLUS sdbusplus REQUIRED)
+include_directories(${SDBUSPLUSPLUS_INCLUDE_DIRS})
+link_directories(${SDBUSPLUSPLUS_LIBRARY_DIRS})
+find_program(SDBUSPLUSPLUS sdbus++)
+
+# phosphor-dbus-interfaces
+find_package(PkgConfig REQUIRED)
+pkg_check_modules(DBUSINTERFACE phosphor-dbus-interfaces REQUIRED)
+include_directories(${DBUSINTERFACE_INCLUDE_DIRS})
+link_directories(${DBUSINTERFACE_LIBRARY_DIRS})
+
+# import phosphor-logging
+find_package(PkgConfig REQUIRED)
+pkg_check_modules(LOGGING phosphor-logging REQUIRED)
+include_directories(${LOGGING_INCLUDE_DIRS})
+link_directories(${LOGGING_LIBRARY_DIRS})
+
+add_executable(${PROJECT_NAME} ${SRC_FILES})
+target_link_libraries(${PROJECT_NAME} ${SDBUSPLUSPLUS_LIBRARIES})
+target_link_libraries(${PROJECT_NAME} ${DBUSINTERFACE_LIBRARIES})
+target_link_libraries(${PROJECT_NAME} ${Boost_LIBRARIES})
+target_link_libraries(${PROJECT_NAME} phosphor_logging)
+
+set(SERVICE_FILES
+ ${PROJECT_SOURCE_DIR}/xyz.openbmc_project.U_Boot.Environment.Manager.service
+ )
+
+install(TARGETS ${PROJECT_NAME} DESTINATION bin)
+install(FILES ${SERVICE_FILES} DESTINATION /lib/systemd/system/)
+
diff --git a/include/u-boot-env-mgr.hpp b/include/u-boot-env-mgr.hpp
new file mode 100644
index 0000000..d033b4d
--- /dev/null
+++ b/include/u-boot-env-mgr.hpp
@@ -0,0 +1,42 @@
+/*
+// Copyright (c) 2019 Intel Corporation
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+*/
+
+#pragma once
+
+#include <sdbusplus/asio/object_server.hpp>
+
+static constexpr const char* uBootEnvMgrServiceName =
+ "xyz.openbmc_project.U_Boot.Environment.Manager";
+static constexpr const char* uBootEnvMgrIface =
+ "xyz.openbmc_project.U_Boot.Environment.Manager";
+static constexpr const char* uBootEnvMgrPath =
+ "/xyz/openbmc_project/u_boot/environment/mgr";
+
+class UBootEnvMgr
+{
+ boost::asio::io_service& io;
+ sdbusplus::asio::object_server& server;
+ std::shared_ptr<sdbusplus::asio::connection> conn;
+ std::shared_ptr<sdbusplus::asio::dbus_interface> iface;
+
+ std::unordered_map<std::string, std::string> readAllVariable();
+ void writeVariable(const std::string& key, const std::string& value);
+
+ public:
+ UBootEnvMgr(boost::asio::io_service& io,
+ sdbusplus::asio::object_server& srv,
+ std::shared_ptr<sdbusplus::asio::connection>& conn);
+};
diff --git a/src/mainapp.cpp b/src/mainapp.cpp
new file mode 100644
index 0000000..14d352f
--- /dev/null
+++ b/src/mainapp.cpp
@@ -0,0 +1,30 @@
+/*
+// Copyright (c) 2019 Intel Corporation
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+*/
+
+#include "u-boot-env-mgr.hpp"
+#include <phosphor-logging/log.hpp>
+
+int main()
+{
+ boost::asio::io_service io;
+ auto conn = std::make_shared<sdbusplus::asio::connection>(io);
+ conn->request_name(uBootEnvMgrServiceName);
+ sdbusplus::asio::object_server server(conn);
+
+ UBootEnvMgr uBootEnvMgr(io, server, conn);
+
+ io.run();
+}
diff --git a/src/u-boot-env-mgr.cpp b/src/u-boot-env-mgr.cpp
new file mode 100644
index 0000000..30c8656
--- /dev/null
+++ b/src/u-boot-env-mgr.cpp
@@ -0,0 +1,110 @@
+/*
+// Copyright (c) 2019 Intel Corporation
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+*/
+
+#include "u-boot-env-mgr.hpp"
+#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/elog-errors.hpp>
+#include <boost/process/child.hpp>
+#include <boost/process/io.hpp>
+#include <vector>
+#include <unordered_map>
+#include <xyz/openbmc_project/Common/error.hpp>
+
+template <typename... ArgTypes>
+static std::vector<std::string> executeCmd(const char* path,
+ ArgTypes&&... tArgs)
+{
+ std::vector<std::string> stdOutput;
+ boost::process::ipstream stdOutStream;
+ boost::process::child execProg(path, const_cast<char*>(tArgs)...,
+ boost::process::std_out > stdOutStream);
+ std::string stdOutLine;
+
+ while (stdOutStream && std::getline(stdOutStream, stdOutLine) &&
+ !stdOutLine.empty())
+ {
+ stdOutput.emplace_back(stdOutLine);
+ }
+
+ execProg.wait();
+
+ int retCode = execProg.exit_code();
+ if (retCode)
+ {
+ phosphor::logging::log<phosphor::logging::level::ERR>(
+ "Command execution failed",
+ phosphor::logging::entry("PATH=%d", path),
+ phosphor::logging::entry("RETURN_CODE:%d", retCode));
+ phosphor::logging::elog<
+ sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure>();
+ }
+
+ return stdOutput;
+}
+
+UBootEnvMgr::UBootEnvMgr(boost::asio::io_service& io_,
+ sdbusplus::asio::object_server& srv_,
+ std::shared_ptr<sdbusplus::asio::connection>& conn_) :
+ io(io_),
+ server(srv_), conn(conn_)
+{
+ iface = server.add_interface(uBootEnvMgrPath, uBootEnvMgrIface);
+ iface->register_method("ReadAll", [this]() { return readAllVariable(); });
+ iface->register_method("Read", [this](const std::string& key) {
+ std::unordered_map<std::string, std::string> env = readAllVariable();
+ auto it = env.find(key);
+ if (it != env.end())
+ {
+ return it->second;
+ }
+ return std::string{};
+ });
+
+ iface->register_method(
+ "Write", [this](const std::string& key, const std::string& value) {
+ writeVariable(key, value);
+ });
+ iface->initialize(true);
+}
+
+std::unordered_map<std::string, std::string> UBootEnvMgr::readAllVariable()
+{
+ std::unordered_map<std::string, std::string> env;
+ std::vector<std::string> output = executeCmd("/sbin/fw_printenv");
+ for (const auto& entry : output)
+ {
+ size_t pos = entry.find("=");
+ if (pos + 1 >= entry.size())
+ {
+ phosphor::logging::log<phosphor::logging::level::ERR>(
+ "Invalid U-Boot environment",
+ phosphor::logging::entry("ENTRY=%s", entry.c_str()));
+ continue;
+ }
+ // using string instead of string_view for null termination
+ std::string key = entry.substr(0, pos);
+ std::string value = entry.substr(pos + 1);
+ env.emplace(key, value);
+ }
+ return env;
+}
+
+void UBootEnvMgr::writeVariable(const std::string& key,
+ const std::string& value)
+{
+ executeCmd("/sbin/fw_setenv", key.c_str(), value.c_str());
+ return;
+}
diff --git a/xyz.openbmc_project.U_Boot.Environment.Manager.service b/xyz.openbmc_project.U_Boot.Environment.Manager.service
new file mode 100644
index 0000000..faae3bf
--- /dev/null
+++ b/xyz.openbmc_project.U_Boot.Environment.Manager.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Phosphor U-Boot environment manager
+
+[Service]
+Restart=always
+RestartSec=2
+ExecStart=/usr/bin/phosphor-u-boot-env-mgr
+StartLimitInterval=0
+Type=dbus
+BusName=xyz.openbmc_project.U_Boot.Environment.Manager
+
+[Install]
+WantedBy=basic.target