lanserv: Check that message and negotiated authtypes are the same
Update some strings for newer IPMI standards
Fix error report in startup_set_sel_time
Well, there are at least two problem. One is the crash. It looks like the only abort() calls in the OpenIPMIpthread library are in the lock/unlock code. So it's probably a use after free thing. Can you load the dbgsym package for libopenipmi so you can get the actual files and line numbers in the backtrace? No matter what, that bug needs to be fixed. The other is: Why are so many message outstanding in the driver? That limit was added to avoid getting too many messages in the driver, which can cause...
CVE-2024-42934 for OpenIPMI
Unfortunately, the traceback doesn't have many symbols in it, so I'm not sure what's happening. It's in a message handler (ipmi_handle_rsp_item_copymsg) but that doesn't narrow it down very much. And usually an abort prints the line number and function of where abort() is called, but it doesn't here. Was this a one-time occurrence, or can you reproduce?
Version of collectd: OpenIPMI 2.0 Operating system / distribution: Debian Bookworm Kernel version (if applicable): 6.1.99 Observation: After kernel migration from Buster to Bookworm obseobserved OpenIPMI library crashing with the below failure. logs: sdr.c(info_send): initial_sdr_fetch: Couldn't send first SDR fetch: 10 mc.c(start_sel_time_set): Unable to start SEL time set due to error: 10, retrying sdr.c(handle_sdr_data): Could not send SDR fetch: 10 Please find the reference of the core dump;...
Works fine, thanks a lot!
ipmi_sim: segfault on bad auth message log (2.0.35)
Closing, since this is resolved. Thanks again.
Can't authorize through openipmigui with authtype=default (2.0.35)
Ok, thanks for reporting this. All should be good now.
No, I use it for testing
Thanks!
BTW, are you using ipmi_sim for some production purpose?
OpenIPMI 2.0.36 released
Move to version 2.0.36
It's actually RMCP+ authorization that's broken. I added a fix for something and forgot to take that into account. I just pushed a change up to fix that, I'll get a release out.
lanserv: Fix an issue with authorization range checking
Can't authorize through openipmigui with authtype=default (2.0.35)
I would like to add some functionality to OpenIPMI for some custom IPMI (OEM) commands over a custom bus. Does OpenIPMI support Linux 6.x kernels?. Or what is the latest Linux kernel that OpenIPMI supports?. I am also wondering if the stock ipmitool works with OpenIPMI. I will be making changes to ipmitool to support my custom commands.
Not at all. We use ipmi_sim in Linux HA / ClusterLabs CI https://clusterlabs.org/ Specifically: https://github.com/ClusterLabs/anvil/ expects to deploy on real bare-metal hardware with BMC/ipmi and other goodies. We can´t have enough BM to run those tests, so we simulate the whole HW environment, including UPS, APC, PDUs via a fork of Simengine: https://github.com/Alteeve/simengine Simengine uses and configures ipmi_sim to work with a normal libvirt+qemu VM + a bunch of other stuff. CI is here: https://ci.kronosnet.org/job/anvil/...
Hi Corey, thanks for the fast response. The fix appears to be working fine. No crashes and I see the expected message in the logs. Signed-off-by: Fabio M. Di Nitto fdinitto@redhat.com
Also, if you don't mind me asking, what are you using ipmi_sim for? I wasn't aware many people were using it. If people are using it for serious purposes, I need to be more serious about security on it.
Very helpful, and you are correct, it was calling the log with parts of the message uninitialized. And it was a bug even before that change, because the check above it would have caused a crash if a too-short message came in. I've pushed up a patch to fix this, can you test it? I'll do a release if it's correct.
lanserv: Fix an issue logging an error on a message
include: Add a doc for the lifetime of ipmi_entity_get_fru()
lanserv: Fix an issue logging an error on a message
ipmi_sim: segfault on bad auth message log (2.0.35)
Move to version 2.0.35
lanserv: Check some bounds on incoming messages
OpenIPMI 2.0.35 released
Create SECURITY.md
swig: Cast some values to get proper passing of values
sample: Fix an snprintf overflow issue
ui: Fix an snprintf overflow issue
Add github actions
Add github actions
Add github actions
cmdlang: Remove yet more dead code
swig: Remove a double free
ui: More print issues
Finish up error updates
sensor: Remove more dead code
swig: Fix more resource leaks
ui: Fix a ton of formatting errors
cmdlang: Remove some dead code
cmdlang: Remove some dead code
cmdlang: Remove an unnecessary loop
cmdlang: Remove an unneeded if
cmdlang: Remove some dead code
lanserv: Fix an invalid overlapping copy
lanserv: Add a missing break for watchdog handling
lanserv: Add a missing NULL pointer check
lanserv: Add a check for the picmg address controller not found
lanserv: Fix an error report
lanserv: Remove some dead code
lanserv: Fix an unsigned compare issue
domain: Fix some various bugs
lanserv: Fix reading persistance data
smi: Remove some dead code
fru: Fix record with possible NULL data
atca: Fix some various issues
control,sensor: Fix some string handling
entity: Fix a ordering check issue
oem_motorola_mxp: Fix some minor issues
utils: Fix address comparison
fru: Remove unnecessary check
mc: Fix sel re-fetch
sel: Add a missing NULL check
sample: Remove some dead code
sensor: Fix some wrong sizes
swig: Fix a wrong malloc size
tcl: Fix an infinite loop
lanserv: Fix a memory leak in sdrcomp
unix: Add missing unlock on an error handler
unix: Cast a variable to int from time()
swig: Fix issues with memory handling
Don't run perl tests in parallel
C type errors in the SWIG-generated Perl bindings
Looks good. Thanks for the patch.
C type errors in the SWIG-generated Perl bindings
C type errors in the SWIG-generated Perl bindings
OpenIPMI 2.0.34 Released
Move to version 2.0.34
swig:perl: Fix the tests
swig:perl: Add a way to print the test environment
lanserv: Allow zero to be specified for the port
lanserv: Return an error if sensor data is requested before ready
Ok, thank you a lot for your time. =) I'll make an update when new firmware tested.
On Sun, May 07, 2023 at 07:48:03PM -0000, Alexander Khatsayuk wrote: I've got next response: => INFO: ipmi_lan.c(connection_up): Connection 0 to the BMC is up INFO: ipmi_lan.c(connection_up): Connection to the BMC restored Connection up to port 0 Connection up to port 0 f 0 a 23 00 00 00 00 00 05 => Got message: type = response addr_type = SI channel = 0xf lun = 0x0 netfn = 0xb cmd = 0x23 data =c3 I've already communicate with hardware vendor and tech-support send me new firmware, but I've not test...
I've got next response: => INFO: ipmi_lan.c(connection_up): Connection 0 to the BMC is up INFO: ipmi_lan.c(connection_up): Connection to the BMC restored Connection up to port 0 Connection up to port 0 f 0 a 23 00 00 00 00 00 05 => Got message: type = response addr_type = SI channel = 0xf lun = 0x0 netfn = 0xb cmd = 0x23 data =c3 I've already communicate with hardware vendor and tech-support send me new firmware, but I've not test it yet. It's Yadro Vegman S220.
On Sun, May 07, 2023 at 09:42:07AM -0000, Alexander Khatsayuk wrote: Yeap, attached it. Attachments: ipmi.log (153.0 kB; application/octet-stream) Hmm: DEBG: test_server 0 outgoing msg to IPMI addr = 0c 00 00 00 0f 00 00 00 msg = netfn=storage(c):0a cmd=GetSDR:23 data_len=6 data(len=6.) = 48 02 00 00 00 05 EINF: test_server(f.f)(m,0) sdr.c(handle_sdr_data): SDR fetch error getting sdr 0x0: c3 WARN: test_server domain.c(sdr_handler): Could not get main SDRs, error 0x10000c3 Is there a delay between...
Yeap, attached it.
unix: Handle EAGAIN along with EINTR
Can you use openipmish, do "debug msg on" and then a "domain open ...." and send me the output? The C3 error is a timeout, not sure what's going on.
Attach Zabbix log.