From: Andrew Jeffery <andrew@aj.id.au>
To: Vernon Mauery <vernon.mauery@linux.intel.com>
Cc: openbmc@lists.ozlabs.org
Subject: Re: BMC redundancy
Date: Mon, 05 Feb 2018 12:08:17 +1030 [thread overview]
Message-ID: <1517794697.21006.38.camel@aj.id.au> (raw)
In-Reply-To: <20180202211043.GD113334@mauery>
[-- Attachment #1: Type: text/plain, Size: 1729 bytes --]
On Fri, 2018-02-02 at 13:10 -0800, Vernon Mauery wrote:
> On 02-Feb-2018 11:18 AM, Andrew Jeffery wrote:
> > Hi Deepak,
> >
> > > So several of the existing OpenBMC apps implement specific D-Bus
> > > services. What does it take to make remote D-Bus calls to such apps?
> > > - It doesn't look like the D-Bus spec or libdbus officially has anything
> > > for D-Bus across computers. There are some good notes at
> > > https://www.freedesktop.org/wiki/Software/DBusRemote/.
> >
> > Applications can cannect to remote dbus servers; the --address
> > option to dbus-daemon allows it to listen on a TCP socket and
> > setting DBUS_SESSION_BUS_ADDRESS will point applications in the
> > right direction. So there are probably two ways we could do this:
>
> Putting DBus on an externally-available TCP socket is a security
> architect's nightmare. All command and control of the entire BMC is done
> over DBus; we cannot put that on an externally-available address.
I think what you're actually suggesting is that whatever interface is
exposed, it needs authentication/authorisation or for the system design
to ensure that no unexpected actors can connect.
It's true that the TCP socket option doesn't provide autentication, so
yeah, the suggestion isn't secure, but the suggestion was mainly to
counter the claim that "It doesn't look like the D-Bus spec or libdbus
officially has anything for D-Bus across computers". Support for this
is built into the spec:
https://dbus.freedesktop.org/doc/dbus-specification.html#transports-tcp-sockets
There are other ways to provide authentication and transport security,
so I don't think we have a huge design concern on our hands.
Cheers,
Andrew
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]
next prev parent reply other threads:[~2018-02-05 1:38 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-29 15:52 BMC redundancy Brad Bishop
[not found] ` <7eb0f506-1dd7-1a28-cc0a-9f7813c28562@yadro.com>
[not found] ` <524CA01B-1D8E-4C15-B5DB-A27157FBECB7@fuzziesquirrel.com>
2018-01-29 18:14 ` Brad Bishop
2018-01-29 20:43 ` Vernon Mauery
2018-01-29 21:38 ` Brad Bishop
2018-01-31 6:27 ` Deepak Kodihalli
2018-02-02 0:48 ` Andrew Jeffery
2018-02-02 6:28 ` Deepak Kodihalli
2018-02-02 9:48 ` Ratan Gupta
2018-02-02 14:42 ` Brad Bishop
2018-02-02 21:10 ` Vernon Mauery
2018-02-03 8:08 ` Deepak Kodihalli
2018-02-03 8:52 ` Ratan Gupta
2018-02-05 1:38 ` Andrew Jeffery [this message]
2018-02-06 6:10 ` Michael E Brown
2018-02-06 6:44 ` Deepak Kodihalli
[not found] ` <d78c6a15-8736-7641-47af-714559cc48f5@linux.vnet.ibm.com>
2018-04-13 11:57 ` Deepak Kodihalli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1517794697.21006.38.camel@aj.id.au \
--to=andrew@aj.id.au \
--cc=openbmc@lists.ozlabs.org \
--cc=vernon.mauery@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.