CN100476774C - Method and device for limitting command of base plate management controller - Google Patents
Method and device for limitting command of base plate management controller Download PDFInfo
- Publication number
- CN100476774C CN100476774C CNB2006100670634A CN200610067063A CN100476774C CN 100476774 C CN100476774 C CN 100476774C CN B2006100670634 A CNB2006100670634 A CN B2006100670634A CN 200610067063 A CN200610067063 A CN 200610067063A CN 100476774 C CN100476774 C CN 100476774C
- Authority
- CN
- China
- Prior art keywords
- command
- order
- management controller
- base plate
- bmc
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention discloses a method for limiting base plate management controller (BMC) command and its device. Said device includes the following several portions: memory, it is used for storing BMC command authority list and system interruption handling program; command processing device, it is used for executing interruption handling program; and interruption execution device, it is connected with system I/O bus and is used for producing interruption and transferring the intercepted command to processing device to make processing. Besides, said invention also provides the concrete steps for implementing said method for limiting BMC command.
Description
Technical field
The present invention relates to field of computer technology, be meant the method and the device of a kind of restricting substrate Management Controller (BMC, Baseboard Management Controller) order especially.
Background technology
IPMI (IPMI, Intelligent Platform Management Interface) normalized definition the system interface of three kinds of standards: keyboard controller specification (KCS, Keyboard ControllerStyle) interface, management interface chip (SMIC, System Management Interface Chip) interface and piece transmission (BT, Block Transfer) interface, be used for the communication between system software and the baseboard management controller (BMC, Baseboard Management Controller).By the defined system interface of IPMI standard, any system software can send order to baseboard management controller BMC, in order to control local or long-range computing machine.
Yet, for the consideration of secure context, to wish under many circumstances to limit freely sending of some BMC order, these BMC orders may be that the IPMI standard is defined, also may be OEM (OEM) oneself definition.
Support at present in the computer platform of BMC that BMC supports all BMC orders by operation firmware (Firmware), so prior art has only the BMC of modification firmware next in order to limit certain order, make BMC can't support this order.But, the more complicated because firmware modification is got up, and be difficult for the repeated multiple times modification, therefore this method lacks flexibility, and can't adapt to all application scenarios.In addition,,, then will violate the standard of IPMI, may cause unusual if forbid by revising the BMC firmware for the order of IPMI pressure definition.
Summary of the invention
In view of this, the object of the present invention is to provide a kind of method and device of the BMC of restriction order, do not require modification to the BMC firmware, just can be to the flexible restriction of all BMC orders carrying out.
Method based on above-mentioned purpose a kind of restricting substrate Management Controller BMC order provided by the invention comprises:
The BMC order that BMC command authority table is limited to send with regulation is set;
The system break handling procedure is set to find out limited BMC order and to handle;
If there is order to arrive the I/O of system bus, then triggering system is interrupted, enter the system break handling procedure, search BMC command authority table judges whether the order of the current arrival I/O of system bus is confined BMC order, if, then stop the transmission of the current command, otherwise, the transmission of the current command continued.
The described triggering system interrupt procedure of this method comprises: set in advance the I/O trap to monitor described system I/O bus, if there is order to arrive the I/O of system bus, then I/O trap triggering system is interrupted, and enters the system break handling procedure.
The described I/O trap of this method is arranged in the basic input-output system BIOS that links to each other with described system I/O bus.
The described I/O trap of this method is only monitored the order that is sent to the BMC direction from system software.
Show the corresponding relation of all orders and command authority in this method BMC command authority table;
Described deterministic process comprises: the command authority that search BMC command authority table is judged the current arrival I/O of system bus if be under an embargo, then stops the transmission of the current command for being under an embargo or being allowed to, if be allowed to, then continues the transmission of the current command.
Further comprise in the process of the transmission of the described prevention the current command of this method: the current command is abandoned.
The interrupt handling routine of this described system of method is a system management interrupt SMI handling procedure.
The interrupt handling routine of this described system of method has CPU to carry out or is carried out by BIOS.
Device based on above-mentioned purpose the present invention also provides a kind of BMC of restriction to order comprises:
Storer is used to store BMC command authority table and orders with the BMC that provides against transmission, and the system break handling procedure is to find out limited BMC order and to handle;
Command processing device is used for the executive system interrupt handling routine, and search BMC command authority table judges whether the order of current intercepting and capturing is confined BMC order, if, then stop the transmission of this order, otherwise, the transmission of this order continued;
Interrupt actuating unit, is connected, be used to intercept and capture order, produce and interrupt, the order of intercepting and capturing is sent to treating apparatus handle by the I/O of system bus with system I/O bus.
From above as can be seen, the method and apparatus of a kind of BMC of the restriction order that invention provides is by intercepting and capturing the order of transmitting on the I/O of system bus, and order is judged etc. that technological means has realized the restriction to all BMC orders.And have following good effect: have good expansion elasticity, can be at any time by revising the authority of BMC order, restriction or permission system software send order to BMC, and needn't revise the firmware of BMC.
Description of drawings
Fig. 1 is the structured flowchart of the method for restriction BMC involved in the present invention order;
Fig. 2 limits the schematic flow sheet of BMC command sending method embodiment for the present invention.
Embodiment
Three kinds of system interfaces of IPMI definition, promptly KCS interface, SMIC interface and BT interface all pass through system's I/O (I/O) port and realize the transmission of BMC order and obtain rreturn value.Referring to shown in Figure 1, after system software 6 sent the BMC order that the destination is BMC 4, CPU 1 can be sent to north bridge chips 2 to this BMC order; North bridge chips 2 then is sent to South Bridge chip 3 to the BMC order; After South Bridge chip 3 is received the BMC order, corresponding system I/O port is sent in this BMC order, so the BMC order just has been placed on the I/O of the system bus 5; The transmission of system I/O bus 5 has been passed through in the BMC order, has finally arrived BMC4.
Therefore, thinking of the present invention is: when system software sends order toward the I/O of system mouth, and triggering system interrupt handling routine at once; And in the system break handling procedure, obtain the BMC order that system software sends, check whether the authority of this order belongs to the scope that restriction sends, and whether decision limits.Thereby do not require modification to the BMC firmware, just can be to the flexible restriction of all BMC orders carrying out.
Mainly comprising of restriction BMC command method provided by the invention: the BMC order of BMC command authority table with prescribed limits is set; The system break handling procedure is set to find out limited BMC order and to handle; If there is order to arrive the I/O of system bus, then triggering system is interrupted, enter the system break handling procedure, search BMC command authority table judges whether the order of the current arrival I/O of system bus is confined BMC order, if, then stop the transmission of the current command, otherwise, the transmission of the current command continued.
Below in conjunction with Fig. 1 and Fig. 2 preferred embodiment of the present invention is described in detail.
Set in advance of the BMC order of BMC command authority table 8 with prescribed limits; And the system break handling procedure is to find out limited BMC order and to handle.Referring to shown in Figure 1, list in the BMC command authority table 8 might be through the order of the I/O of system bus and the authority of these orders, promptly be allowed to or be under an embargo, so that the system break handling procedure is searched, the system break handling procedure can pass through system management interrupt (SMI) program to be realized, main operation is a search BMC command authority table 8, command authority is judged, with the further processing of decision to order.
Wherein, here BMC command authority table 8 form of listing just for example, can also take other forms, such as: only list confined BMC order, whether the system break handling procedure can be present in the BMC command authority table 8 by judging the current command like this, determines the current order transmission that whether is under an embargo.
When step 201, system software 6 sent " order B " to BMC 4, CPU 1 sent to north bridge chips 2, South Bridge chip 3 successively to " order B ", and South Bridge chip 3 will be ordered by system's I/O bus and be sent to BMC.
Step 202, when arriving the I/O of system bus 5, triggering system interrupts entering the SMI program that sets in advance at " order B ".
The triggering function of this interruption can have multiple implementation, preferably realizes by the I/O trap is set here.Present computer system chip all has the I/O trap function, this function can realize detecting the I/O operation on the I/O of the current computer system bus, when requiring of its setting satisfied in the operation of the I/O on the I/O bus, this function can realize tackling current I/O operation, and the triggering system management interrupt, decide the result of this I/O operation by the system management interrupt program.
Preferably the I/O trap can be arranged in the Basic Input or Output System (BIOS) (BIOS),, therefore can intercept order very easily by the I/O of system bus 5 because BIOS is connected with the I/O of system bus 5.And if desired,, the I/O trap can also intercept and capture the order of mailing to the system software direction by BMC by being set.
Above-mentioned SMI handling procedure 7 can be stored among the BIOS and carry out this SMI handling procedure 7 by BIOS; In addition, also can be stored in other memory devices, carry out described SMI handling procedure 7 by CPU 1.
The present invention also provides a kind of device of restricting substrate Management Controller BMC order based on this method, comprise: storer, be used to store BMC command authority table and order, and the system break handling procedure is to find out limited BMC order and to handle with the BMC that provides against transmission; Command processing device is used for the executive system interrupt handling routine, and search BMC command authority table judges whether the order of current intercepting and capturing is confined BMC order, if, then stop the transmission of this order, otherwise, the transmission of this order continued; Interrupt actuating unit, is connected, be used to intercept and capture order, produce and interrupt, the order of intercepting and capturing is sent to treating apparatus handle by the I/O of system bus with system I/O bus.
Described in a word is not in order to limit the present invention for preferred embodiment of the present invention only.
Claims (9)
1. the method for a limitting command of base plate management controller is characterized in that, comprising:
The command of base plate management controller that the command of base plate management controller authority list is limited to send with regulation is set;
The system break handling procedure is set to find out limited command of base plate management controller and to handle;
If there is order to arrive the I/O of system bus, then triggering system is interrupted, enter the system break handling procedure, search command of base plate management controller authority list judges whether the order of the current arrival I/O of system bus is confined command of base plate management controller, if, then stop the transmission of the current command, otherwise, the transmission of the current command continued.
2. method according to claim 1, it is characterized in that described triggering system interrupt procedure comprises: set in advance the I/O trap to monitor described system I/O bus, if there is order to arrive the I/O of system bus, then I/O trap triggering system is interrupted, and enters the system break handling procedure.
3. method according to claim 2 is characterized in that, described I/O trap is arranged in the basic input-output system BIOS that links to each other with described system I/O bus.
4. method according to claim 2 is characterized in that, described I/O trap is only monitored the order that is sent to the baseboard management controller direction from system software.
5. method according to claim 1 is characterized in that, shows the corresponding relation of all orders and command authority in the command of base plate management controller authority list;
Described deterministic process comprises: search command of base plate management controller authority list judges that the command authority of the current arrival I/O of system bus is for being under an embargo or being allowed to, if be under an embargo, then stop the transmission of the current command,, then continue the transmission of the current command if be allowed to.
6. method according to claim 1 is characterized in that, further comprises in the process of the transmission of described prevention the current command: the current command is abandoned.
7. method according to claim 1 is characterized in that, the interrupt handling routine of described system is a system management interrupt SMI handling procedure.
8. method according to claim 1 is characterized in that, the interrupt handling routine of described system is carried out by CPU or carried out by BIOS.
9. the device of a limitting command of base plate management controller is characterized in that, comprising:
Storer be used for memory substrate Management Controller command authority table providing against the command of base plate management controller of transmission, and the system break handling procedure is to find out limited command of base plate management controller and to handle;
Command processing device is used for the executive system interrupt handling routine, search command of base plate management controller authority list, whether the order of judging current intercepting and capturing is confined command of base plate management controller, if then stop the transmission of this order, otherwise, continue the transmission of this order;
Interrupt actuating unit, is connected, be used to intercept and capture order, produce and interrupt, the order of intercepting and capturing is sent to treating apparatus handle by the I/O of system bus with system I/O bus.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100670634A CN100476774C (en) | 2006-03-31 | 2006-03-31 | Method and device for limitting command of base plate management controller |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100670634A CN100476774C (en) | 2006-03-31 | 2006-03-31 | Method and device for limitting command of base plate management controller |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101046785A CN101046785A (en) | 2007-10-03 |
| CN100476774C true CN100476774C (en) | 2009-04-08 |
Family
ID=38771406
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100670634A Expired - Fee Related CN100476774C (en) | 2006-03-31 | 2006-03-31 | Method and device for limitting command of base plate management controller |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100476774C (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102236629B (en) * | 2010-04-21 | 2015-04-15 | 中山市云创知识产权服务有限公司 | System and method for identifying serial interface signal |
| CN104679685B (en) * | 2013-11-29 | 2017-10-31 | 英业达科技有限公司 | Baseboard management controller access method |
| CN106528458B (en) * | 2016-11-01 | 2020-09-08 | 广东浪潮大数据研究有限公司 | Interface controller, substrate management controller and safety system |
| CN109669731B (en) * | 2018-12-28 | 2022-03-25 | 联想(北京)有限公司 | Service control method and device of baseboard manager |
| CN113391940B (en) * | 2021-06-18 | 2022-06-14 | 苏州浪潮智能科技有限公司 | Method and system for consolidating system service by breaking limit of watchdog |
-
2006
- 2006-03-31 CN CNB2006100670634A patent/CN100476774C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN101046785A (en) | 2007-10-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2701074B1 (en) | Method, device, and system for performing scheduling in multi-processor core system | |
| KR100762388B1 (en) | Low-overhead processor interfacing | |
| US9772879B2 (en) | System and method for isolating I/O execution via compiler and OS support | |
| US20060085582A1 (en) | Multiprocessor system | |
| US8051212B2 (en) | Network interface adapter with shared data send resources | |
| CN100476774C (en) | Method and device for limitting command of base plate management controller | |
| CN101459605B (en) | Method and device for flow control | |
| US8151147B2 (en) | Synchronize error handling for a plurality of partitions | |
| CN110971591B (en) | Method and system for multi-process access to trusted application | |
| US20170212852A1 (en) | Method and accelerator unit for interrupt handling | |
| CN100517177C (en) | Combined type reset system processing method and device | |
| CN107066413B (en) | Method for processing data of multiple bus devices and bus system thereof | |
| CN109828945A (en) | A kind of service message processing method and system | |
| CN101128808A (en) | Data processing system with interrupt controller and interrupt controlling method | |
| CN101976206B (en) | A kind of interruption processing method and device | |
| CN109343950B (en) | General interrupt processing method suitable for Xilinx soft-core processor | |
| CN102117223A (en) | Method for realizing interrupt response of application program of LXI loading board to M module by utilizing asynchronous notification | |
| CN111221755B (en) | Io interrupt control method for FPGA2 submodule | |
| US10949367B2 (en) | Method for handling kernel service request for interrupt routines in multi-core environment and electronic device thereof | |
| Maly et al. | Layered modeling of hardware and software, with application to a LAN extension router | |
| CN100493041C (en) | Adaptive variable time slice packet retransmitting dispatching method based on routing exchanger | |
| CN100397375C (en) | Interrupt handling apparatus and method for multi-interrupt handling unit | |
| Park et al. | Real-time scheduler for Middleware of Industrial Robot | |
| Sun et al. | Attendre: mitigating ill effects of race conditions in openflow via queueing mechanism | |
| CN105939258A (en) | Method and device for sending VRRP message |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090408 Termination date: 20210331 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |