Bug 1103308 - update ssif max_xmit_msg_size limit for multi-part messages
update ssif max_xmit_msg_size limit for multi-part messages
Status: RESOLVED FIXED
Classification: SUSE Linux Enterprise Server
Product: Beta SUSE Linux Enterprise Server 15
Classification: SUSE Linux Enterprise Server
Component: Kernel
GMC
aarch64 SLES 12
: P3 - Medium : Normal
: ---
Assigned To: Yousaf Kaukab
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-07-31 21:22 UTC by Bob Sanders
Modified: 2019-08-28 09:24 UTC (History)
11 users (show)

See Also:
Found By: Third Party Developer/Partner
Services Priority:
Business Priority:
Blocker: No
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Bob Sanders 2018-07-31 21:22:02 UTC
There is an issue with Host name Write command with payload size of 132 bytes.
Currently ipmi driver limits max_xmit_msg_size to 63 bytes. Due to this
all IPMI commands with request size more than 63 bytes will not work.

The upstream patch for this, and discussion of it, may be found at:

https://sourceforge.net/p/openipmi/mailman/message/36377108/

https://lkml.org/lkml/2018/7/5/218
Comment 1 Bob Sanders 2018-08-01 14:14:16 UTC
Latest testing results:

https://lore.kernel.org/patchwork/patch/968915/
Comment 2 Yousaf Kaukab 2018-08-14 12:45:00 UTC
No progress on the path upstream.

https://lkml.org/lkml/2018/7/30/279
Comment 3 Yousaf Kaukab 2018-08-24 09:44:34 UTC
Robert Richter pointed to the updated patch: 

https://github.com/cminyard/linux-ipmi/commit/38aee662f3ddf86b35f6d65beb764f3200258c22
Comment 4 Bob Sanders 2018-09-24 17:53:02 UTC
Change is verified and committed to upstream. 
This will be part of the kernel after 4.19.

https://github.com/cminyard/linux-ipmi

https://github.com/cminyard/linux-ipmi/commit/10042504ed92c06077b8a20a4edd67ba784847d4
Comment 5 Yousaf Kaukab 2018-10-04 10:17:21 UTC
Bob, I am getting following error after applying the path:

[   37.266065] ipmi_ssif 0-001c: Could not write multi-part start, though the BMC said it could handle it.  Just limit sends to one part.
[   37.266069] ipmi_ssif 0-001c: Second multipart test failed.

This machine is running TX2-FW-Release-6.3. Are multipart messages supposed to work with this firmware version?
Comment 6 Yousaf Kaukab 2018-10-04 12:43:51 UTC
(In reply to Mian Yousaf Kaukab from comment #5)
> Bob, I am getting following error after applying the path:
> 
> [   37.266065] ipmi_ssif 0-001c: Could not write multi-part start, though
> the BMC said it could handle it.  Just limit sends to one part.
> [   37.266069] ipmi_ssif 0-001c: Second multipart test failed.
> 
> This machine is running TX2-FW-Release-6.3. Are multipart messages supposed
> to work with this firmware version?
I don't see this error on Cavium Saber systems using firmware v7.0.
Comment 7 Bob Sanders 2018-10-04 21:54:47 UTC
I checked with Cavium.  They informed me that the multi-byte write
feature is not enabled in the BMC, version 3.0.5.  It should be
enabled in either BMC firmware 3.0.6 or 3.0.7.

I need to check with the internal team to find the release schedule
of the updated BMC firmware and which version will contain the 
multi-byte write.

Thanks,

Bob
Comment 8 Swamp Workflow Management 2018-10-11 08:44:35 UTC
This is an autogenerated message for OBS integration:
This bug (1103308) was mentioned in
https://build.opensuse.org/request/show/641142 42.3 / kernel-source
Comment 9 Swamp Workflow Management 2018-10-13 09:01:46 UTC
This is an autogenerated message for OBS integration:
This bug (1103308) was mentioned in
https://build.opensuse.org/request/show/641813 15.0 / kernel-source
Comment 10 Bob Sanders 2018-10-15 16:31:35 UTC
Uploaded the BMC firmware that allows multi-byte write.

This is for VP2 blades and retains the admin/admin login/password.

Uploaded to - ftp://beta.suse.com/incoming/

File name: bmc_306vp2.tar.gz
md5sum: bd23837b6d0b31c304b6317c56ec4163

Bob
Comment 12 Swamp Workflow Management 2018-10-15 19:10:01 UTC
openSUSE-RU-2018:3152-1: An update that has 34 recommended fixes can now be installed.

Category: recommended (important)
Bug References: 1046540,1050319,1050536,1050540,1051510,1067126,1086283,1086288,1099125,1100132,1102881,1103308,1106105,1106110,1106237,1106240,1106838,1107685,1108241,1108468,1108828,1108841,1108870,1109151,1109158,1109217,1109784,1110006,1110096,1110538,1110561,1110921,1111028,1111076
CVE References: 
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.22.1, kernel-default-4.12.14-lp150.12.22.1, kernel-docs-4.12.14-lp150.12.22.1, kernel-kvmsmall-4.12.14-lp150.12.22.1, kernel-obs-build-4.12.14-lp150.12.22.1, kernel-obs-qa-4.12.14-lp150.12.22.1, kernel-source-4.12.14-lp150.12.22.1, kernel-syms-4.12.14-lp150.12.22.1, kernel-vanilla-4.12.14-lp150.12.22.1
Comment 13 Robert Richter 2018-10-17 15:34:58 UTC
Patch scheduled for 4.20:

 linux-ipmi/for-next 10042504ed92 ipmi:ssif: Add support for multi-part transmit messages > 2 parts
Comment 14 Swamp Workflow Management 2018-10-17 19:15:31 UTC
openSUSE-SU-2018:3202-1: An update that solves 13 vulnerabilities and has 74 fixes is now available.

Category: security (important)
Bug References: 1012382,1044189,1050549,1063026,1065600,1066223,1082519,1082863,1082979,1084427,1084536,1088087,1089343,1090535,1094244,1094555,1094562,1095344,1095753,1096052,1096547,1099597,1099810,1100056,1100059,1100060,1100061,1100062,1102495,1102715,1102870,1102875,1102877,1102879,1102882,1102896,1103156,1103269,1103308,1103405,1105428,1105795,1106095,1106105,1106240,1106293,1106434,1106512,1106594,1106934,1107318,1107829,1107924,1108096,1108170,1108240,1108315,1108399,1108803,1108823,1109333,1109336,1109337,1109441,1109806,1110006,1110297,1110337,1110363,1110468,1110600,1110601,1110602,1110603,1110604,1110605,1110606,1110611,1110612,1110613,1110614,1110615,1110616,1110618,1110619,1110930,1111363
CVE References: CVE-2018-13096,CVE-2018-13097,CVE-2018-13098,CVE-2018-13099,CVE-2018-13100,CVE-2018-14613,CVE-2018-14617,CVE-2018-14633,CVE-2018-16276,CVE-2018-16597,CVE-2018-17182,CVE-2018-7480,CVE-2018-7757
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.159-73.1, kernel-default-4.4.159-73.1, kernel-docs-4.4.159-73.2, kernel-obs-build-4.4.159-73.1, kernel-obs-qa-4.4.159-73.1, kernel-source-4.4.159-73.1, kernel-syms-4.4.159-73.1, kernel-vanilla-4.4.159-73.1
Comment 15 Yousaf Kaukab 2018-10-19 13:56:44 UTC
(In reply to Bob Sanders from comment #0)
> There is an issue with Host name Write command with payload size of 132
> bytes.
Is this the correct ipmi command: 

ipmitool mc setsysinfo system_name <132 bytes string>

> Currently ipmi driver limits max_xmit_msg_size to 63 bytes. Due to this
> all IPMI commands with request size more than 63 bytes will not work.

Above command succeeds for me with BMC v3.06. However "ipmitool mc getsysinfo system_name" returns only the first 62 bytes for the written string. Is this the expected behavior or the issue is not completely fixed?

> 
> The upstream patch for this, and discussion of it, may be found at:
> 
> https://sourceforge.net/p/openipmi/mailman/message/36377108/
> 
> https://lkml.org/lkml/2018/7/5/218

Patch is available in SLE15 KOTD if you would like to test it:
https://kernel.opensuse.org/packages/SLE15
Comment 16 Bob Sanders 2018-10-23 22:19:38 UTC
ipmitool only supports writes/reads between 63 bytes and 256 bytes in raw
mode.

An example to test with would be:

Command used:
ipmitool  raw 0x32 0x6c 1 0 0x0 0xd 0x42 0x4d 0x43 0x41 0x52 0x36 0x34 0x5a 0x41 0x4c 0x4f 0x4e 0x35 0x0 (115 0x0 at the end)
[Netfn 0x32, command No 0x6c]
[ Parameter selector 0x01, Block selector 0x00, Host setting Manual mode 0x00, Host name length 0x0d ] 4 Bytes
Hostname = BMCAR64ALON5 = 0x42 0x4d 0x43 0x41 0x52 0x36 0x34 0x5a 0x41 0x4c 0x4f 0x4e 0x35 = 13 bytes + 115 (0x0) bytes = 128 bytes

Thanks,

Bob
Comment 17 Robert Richter 2018-10-24 09:31:08 UTC
(In reply to Bob Sanders from comment #16)
> ipmitool only supports writes/reads between 63 bytes and 256 bytes in raw
> mode.

We use the following for testing:

{
    # send 132 bytes message
    ipmitool -v raw 0x32 0x6c 1 0 0x0 0xd 0x42 0x4d 0x43 0x41 0x52 0x36 \
             0x34 0x5a 0x41 0x4c 0x4f 0x4e 0x35 0x0 0x0 0x0 0x0 0x0     \
             0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0    \
             0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0    \
             0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0    \
             0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0    \
             0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0    \
             0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0    \
             0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0    \
             0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0 0
}

Current result:

------------------------------------------------------------
Running Get PICMG Properties my_addr 0x20, transit 0, target 0
Error response 0xc1 from Get PICMG Properities
Running Get VSO Capabilities my_addr 0x20, transit 0, target 0
Invalid completion code received: Invalid command
Discovered IPMB address 0x0
RAW REQ (channel=0x0 netfn=0x32 lun=0x0 cmd=0x6c data_len=132)
RAW REQUEST (132 bytes)
 01 00 00 0d 42 4d 43 41 52 36 34 5a 41 4c 4f 4e
 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00
Unable to send RAW command (channel=0x0 netfn=0x32 lun=0x0 cmd=0x6c rsp=0xff):
Unspecified error
------------------------------------------------------------
Comment 20 Swamp Workflow Management 2018-10-31 17:13:36 UTC
SUSE-SU-2018:3589-1: An update that solves four vulnerabilities and has 102 fixes is now available.

Category: security (important)
Bug References: 1046540,1050319,1050536,1050540,1051510,1055120,1065600,1066674,1067126,1067906,1076830,1079524,1083647,1084760,1084831,1086283,1086288,1094825,1095805,1099125,1100132,1102881,1103308,1103543,1104731,1105025,1105536,1106105,1106110,1106237,1106240,1106838,1107685,1108241,1108377,1108468,1108828,1108841,1108870,1109151,1109158,1109217,1109330,1109739,1109784,1109806,1109818,1109907,1109911,1109915,1109919,1109951,1110006,1110096,1110538,1110561,1110921,1111028,1111076,1111506,1111806,1111819,1111830,1111834,1111841,1111870,1111901,1111904,1111928,1111983,1112170,1112173,1112208,1112219,1112221,1112246,1112372,1112514,1112554,1112708,1112710,1112711,1112712,1112713,1112731,1112732,1112733,1112734,1112735,1112736,1112738,1112739,1112740,1112741,1112743,1112745,1112746,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113257,1113284
CVE References: CVE-2017-16533,CVE-2017-18224,CVE-2018-18386,CVE-2018-18445
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-25.25.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-25.25.1, kernel-docs-4.12.14-25.25.1, kernel-obs-qa-4.12.14-25.25.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-25.25.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-25.25.1, kernel-obs-build-4.12.14-25.25.1, kernel-source-4.12.14-25.25.1, kernel-syms-4.12.14-25.25.1, kernel-vanilla-4.12.14-25.25.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-25.25.1, kernel-source-4.12.14-25.25.1, kernel-zfcpdump-4.12.14-25.25.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-25.25.1
Comment 21 Swamp Workflow Management 2018-10-31 17:36:23 UTC
SUSE-SU-2018:3593-1: An update that solves four vulnerabilities and has 102 fixes is now available.

Category: security (important)
Bug References: 1046540,1050319,1050536,1050540,1051510,1055120,1065600,1066674,1067126,1067906,1076830,1079524,1083647,1084760,1084831,1086283,1086288,1094825,1095805,1099125,1100132,1102881,1103308,1103543,1104731,1105025,1105536,1106105,1106110,1106237,1106240,1106838,1107685,1108241,1108377,1108468,1108828,1108841,1108870,1109151,1109158,1109217,1109330,1109739,1109784,1109806,1109818,1109907,1109911,1109915,1109919,1109951,1110006,1110096,1110538,1110561,1110921,1111028,1111076,1111506,1111806,1111819,1111830,1111834,1111841,1111870,1111901,1111904,1111928,1111983,1112170,1112173,1112208,1112219,1112221,1112246,1112372,1112514,1112554,1112708,1112710,1112711,1112712,1112713,1112731,1112732,1112733,1112734,1112735,1112736,1112738,1112739,1112740,1112741,1112743,1112745,1112746,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113257,1113284
CVE References: CVE-2017-16533,CVE-2017-18224,CVE-2018-18386,CVE-2018-18445
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-25.25.1, kernel-livepatch-SLE15_Update_7-1-1.3.1
Comment 25 Swamp Workflow Management 2018-11-07 20:35:14 UTC
SUSE-SU-2018:3659-1: An update that solves 10 vulnerabilities and has 104 fixes is now available.

Category: security (important)
Bug References: 1012382,1042422,1044189,1050431,1050549,1053043,1063026,1065600,1065726,1066223,1067906,1079524,1082519,1082863,1082979,1084427,1084536,1084760,1088087,1089343,1090535,1091158,1094244,1094555,1094562,1094825,1095344,1095753,1095805,1096052,1096547,1099597,1099810,1101555,1102495,1102715,1102870,1102875,1102877,1102879,1102882,1102896,1103156,1103269,1103308,1103405,1105428,1105795,1105931,1106095,1106105,1106110,1106240,1106293,1106359,1106434,1106512,1106594,1106913,1106929,1106934,1107060,1107299,1107318,1107535,1107829,1107924,1108096,1108170,1108240,1108315,1108377,1108399,1108498,1108803,1108823,1109158,1109333,1109336,1109337,1109441,1109784,1109806,1109818,1109907,1109919,1109923,1110006,1110297,1110337,1110363,1110468,1110600,1110601,1110602,1110603,1110604,1110605,1110606,1110611,1110612,1110613,1110614,1110615,1110616,1110618,1110619,1110930,1111363,1111516,1111870,1112007,1112262,1112263
CVE References: CVE-2018-14613,CVE-2018-14617,CVE-2018-14633,CVE-2018-16276,CVE-2018-16597,CVE-2018-17182,CVE-2018-18386,CVE-2018-7480,CVE-2018-7757,CVE-2018-9516
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP3 (src):    kernel-rt-4.4.162-3.26.1, kernel-rt_debug-4.4.162-3.26.1, kernel-source-rt-4.4.162-3.26.1, kernel-syms-rt-4.4.162-3.26.1
Comment 26 Swamp Workflow Management 2018-11-09 20:32:53 UTC
SUSE-SU-2018:3688-1: An update that solves 6 vulnerabilities and has 100 fixes is now available.

Category: security (important)
Bug References: 1011920,1012382,1012422,1020645,1031392,1035053,1042422,1043591,1048129,1050431,1050549,1053043,1054239,1057199,1065600,1065726,1067906,1073579,1076393,1078788,1079524,1082519,1083215,1083527,1084760,1089343,1091158,1093118,1094244,1094825,1095805,1096052,1098050,1098996,1099597,1101555,1103308,1103405,1104124,1105025,1105428,1105795,1105931,1106105,1106110,1106240,1106293,1106359,1106434,1106594,1106913,1106929,1107060,1107299,1107318,1107535,1107829,1107870,1108315,1108377,1108498,1109158,1109333,1109772,1109784,1109806,1109818,1109907,1109919,1109923,1110006,1110363,1110468,1110600,1110601,1110602,1110603,1110604,1110605,1110606,1110611,1110612,1110613,1110614,1110615,1110616,1110618,1110619,1111363,1111516,1111870,1112007,1112262,1112263,1112894,1112902,1112903,1112905,1113667,1113751,1113769,1114178,1114229,1114648,981083,997172
CVE References: CVE-2018-14633,CVE-2018-18281,CVE-2018-18386,CVE-2018-18690,CVE-2018-18710,CVE-2018-9516
Sources used:
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_21-1-4.5.2
Comment 27 Swamp Workflow Management 2018-11-09 20:53:46 UTC
SUSE-SU-2018:3689-1: An update that solves 6 vulnerabilities and has 100 fixes is now available.

Category: security (important)
Bug References: 1011920,1012382,1012422,1020645,1031392,1035053,1042422,1043591,1048129,1050431,1050549,1053043,1054239,1057199,1065600,1065726,1067906,1073579,1076393,1078788,1079524,1082519,1083215,1083527,1084760,1089343,1091158,1093118,1094244,1094825,1095805,1096052,1098050,1098996,1099597,1101555,1103308,1103405,1104124,1105025,1105428,1105795,1105931,1106105,1106110,1106240,1106293,1106359,1106434,1106594,1106913,1106929,1107060,1107299,1107318,1107535,1107829,1107870,1108315,1108377,1108498,1109158,1109333,1109772,1109784,1109806,1109818,1109907,1109919,1109923,1110006,1110363,1110468,1110600,1110601,1110602,1110603,1110604,1110605,1110606,1110611,1110612,1110613,1110614,1110615,1110616,1110618,1110619,1111363,1111516,1111870,1112007,1112262,1112263,1112894,1112902,1112903,1112905,1113667,1113751,1113769,1114178,1114229,1114648,981083,997172
CVE References: CVE-2018-14633,CVE-2018-18281,CVE-2018-18386,CVE-2018-18690,CVE-2018-18710,CVE-2018-9516
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.162-94.69.2
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.162-94.69.2, kernel-obs-build-4.4.162-94.69.2
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.162-94.69.2, kernel-source-4.4.162-94.69.2, kernel-syms-4.4.162-94.69.2, lttng-modules-2.7.1-8.6.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.162-94.69.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.162-94.69.2, kernel-source-4.4.162-94.69.2, kernel-syms-4.4.162-94.69.2
SUSE CaaS Platform ALL (src):    kernel-default-4.4.162-94.69.2
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.162-94.69.2
Comment 28 Bob Sanders 2018-11-16 22:13:36 UTC
I provided bios 1.0.7 to Andreas which we used along with BMC 3.0.6 to
verify the fix for this:

The system configuration
BMC 3.06
UEFI 1.07
OS:SLES 15(4.12.14-192.gac78802-default)
Ipmitool: 1.8.18

Test command:
1. ipmitool -vvvvv raw 0x32 0x6B 1 0
2. ipmitool -vvvvv raw 0x32 0x6c 1 0 0x0 0xd 0x42 0x4d 0x43 0x41 0x52 0x36 0x34 0x5a 0x41 0x4c 0x4f 0x4e 0x35 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x00 0x0 0x0 0 0
3. ipmitool -vvvvv raw 0x32 0x6B 1 0

Thanks,

Bob
Comment 29 Yousaf Kaukab 2018-11-19 11:56:42 UTC
(In reply to Bob Sanders from comment #28)
> I provided bios 1.0.7 to Andreas which we used along with BMC 3.0.6 to
> verify the fix for this:
I have updated our machine to bios 1.0.7.

> 
> The system configuration
> BMC 3.06
> UEFI 1.07
> OS:SLES 15(4.12.14-192.gac78802-default)
> Ipmitool: 1.8.18
> 
> Test command:
> 1. ipmitool -vvvvv raw 0x32 0x6B 1 0

I see following errors with -v:
[...]
Error response 0xc1 from Get PICMG Properities
[...]
Invalid completion code received: Invalid command
[...]

Are they expected?

> 2. ipmitool -vvvvv raw 0x32 0x6c 1 0 0x0 0xd 0x42 0x4d 0x43 0x41 0x52 0x36
> 0x34 0x5a 0x41 0x4c 0x4f 0x4e 0x35 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0
> 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0
> 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0
> 0x0 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0
> 0x0 0x0 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0
> 0x0 0x0 0x0 0x0 0x00 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0
> 0x0 0x0 0x0 0x0 0x0 0x00 0x0 0x0 0 0
> 3. ipmitool -vvvvv raw 0x32 0x6B 1 0
> 
> Thanks,
> 
> Bob
Comment 31 Swamp Workflow Management 2018-11-30 20:27:14 UTC
SUSE-SU-2018:3961-1: An update that solves 22 vulnerabilities and has 286 fixes is now available.

Category: security (important)
Bug References: 1012382,1031392,1043912,1044189,1046302,1046305,1046306,1046307,1046540,1046543,1050244,1050319,1050536,1050540,1051510,1054914,1055014,1055117,1055120,1058659,1060463,1061840,1065600,1065729,1066674,1067126,1067906,1068032,1069138,1071995,1076830,1077761,1077989,1078720,1079524,1080157,1082519,1082555,1083647,1083663,1084760,1084831,1085030,1085042,1085262,1086282,1086283,1086288,1086327,1089663,1090078,1091800,1092903,1094244,1094825,1095344,1095805,1096748,1097105,1097583,1097584,1097585,1097586,1097587,1097588,1098459,1098782,1098822,1099125,1099922,1099999,1100001,1100132,1101480,1101557,1101669,1102346,1102495,1102517,1102715,1102870,1102875,1102877,1102879,1102881,1102882,1102896,1103269,1103308,1103356,1103363,1103387,1103405,1103421,1103543,1103587,1103636,1103948,1103949,1103961,1104172,1104353,1104482,1104683,1104731,1104824,1104888,1104890,1105025,1105190,1105247,1105292,1105322,1105355,1105378,1105396,1105428,1105467,1105524,1105536,1105597,1105603,1105672,1105731,1105795,1105907,1106007,1106016,1106105,1106110,1106121,1106170,1106178,1106229,1106230,1106231,1106233,1106235,1106236,1106237,1106238,1106240,1106291,1106297,1106333,1106369,1106427,1106464,1106509,1106511,1106594,1106636,1106688,1106697,1106779,1106800,1106838,1106890,1106891,1106892,1106893,1106894,1106896,1106897,1106898,1106899,1106900,1106901,1106902,1106903,1106905,1106906,1106948,1106995,1107008,1107060,1107061,1107065,1107074,1107207,1107319,1107320,1107522,1107535,1107685,1107689,1107735,1107756,1107783,1107829,1107870,1107924,1107928,1107945,1107947,1107966,1108010,1108093,1108096,1108170,1108241,1108243,1108260,1108281,1108323,1108377,1108399,1108468,1108520,1108823,1108841,1108870,1109151,1109158,1109217,1109244,1109269,1109330,1109333,1109336,1109337,1109511,1109603,1109739,1109772,1109784,1109806,1109818,1109907,1109915,1109919,1109951,1109979,1109992,1110006,1110096,1110301,1110363,1110538,1110561,1110639,1110642,1110643,1110644,1110645,1110646,1110647,1110649,1110650,1111028,1111040,1111076,1111506,1111806,1111819,1111830,1111834,1111841,1111870,1111901,1111904,1111921,1111928,1111983,1112170,1112208,1112219,1112246,1112372,1112514,1112554,1112708,1112710,1112711,1112712,1112713,1112731,1112732,1112733,1112734,1112735,1112736,1112738,1112739,1112740,1112741,1112743,1112745,1112746,1112878,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113257,1113284,1113295,1113408,1113667,1113722,1113751,1113780,1113972,1114279,971975
CVE References: CVE-2017-16533,CVE-2017-18224,CVE-2018-10902,CVE-2018-10938,CVE-2018-10940,CVE-2018-1128,CVE-2018-1129,CVE-2018-12896,CVE-2018-13093,CVE-2018-13095,CVE-2018-14613,CVE-2018-14617,CVE-2018-14633,CVE-2018-15572,CVE-2018-16658,CVE-2018-17182,CVE-2018-18386,CVE-2018-18445,CVE-2018-18710,CVE-2018-6554,CVE-2018-6555,CVE-2018-9363
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.16.1, kernel-source-azure-4.12.14-5.16.1, kernel-syms-azure-4.12.14-5.16.1
Comment 34 Swamp Workflow Management 2019-01-16 07:22:49 UTC
SUSE-SU-2019:0095-1: An update that solves 13 vulnerabilities and has 140 fixes is now available.

Category: security (important)
Bug References: 1011920,1012382,1012422,1020645,1031392,1035053,1042422,1043591,1044189,1048129,1050431,1050549,1053043,1054239,1057199,1062303,1063026,1065600,1065726,1066223,1067906,1073579,1076393,1078788,1079524,1082519,1082863,1082979,1083215,1083527,1084427,1084536,1084760,1087209,1088087,1089343,1090535,1091158,1093118,1094244,1094555,1094562,1094825,1095344,1095753,1095805,1096052,1096547,1098050,1098996,1099597,1099810,1101555,1102495,1102715,1102870,1102875,1102877,1102879,1102882,1102896,1103156,1103269,1103308,1103405,1104124,1105025,1105428,1105795,1105931,1106095,1106105,1106110,1106240,1106293,1106359,1106434,1106512,1106594,1106913,1106929,1106934,1107060,1107299,1107318,1107535,1107829,1107870,1107924,1108096,1108170,1108240,1108281,1108315,1108377,1108399,1108498,1108803,1108823,1109038,1109158,1109333,1109336,1109337,1109441,1109772,1109784,1109806,1109818,1109907,1109919,1109923,1110006,1110297,1110337,1110363,1110468,1110600,1110601,1110602,1110603,1110604,1110605,1110606,1110611,1110612,1110613,1110614,1110615,1110616,1110618,1110619,1110930,1111363,1111516,1111870,1112007,1112262,1112263,1112894,1112902,1112903,1112905,1113667,1113751,1113766,1113769,1114178,1114229,1114648,1115593,981083,997172
CVE References: CVE-2018-14613,CVE-2018-14617,CVE-2018-14633,CVE-2018-16276,CVE-2018-16597,CVE-2018-17182,CVE-2018-18281,CVE-2018-18386,CVE-2018-18690,CVE-2018-18710,CVE-2018-7480,CVE-2018-7757,CVE-2018-9516
Sources used:
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-azure-4.4.162-4.19.2, kernel-source-azure-4.4.162-4.19.1, kernel-syms-azure-4.4.162-4.19.1
Comment 35 Bob Sanders 2019-04-03 16:57:57 UTC
This has been verified by HPE on both SLES 12 SP4 and SLES 15.

Thanks,

Bob
Comment 36 Bob Sanders 2019-04-05 20:48:19 UTC
I'm a bit confused by what's being seen via the bmc sol interface and 
running ipmitool on the node under SLES 15 SP1 rc1:

On the node -

xe40125:~ # ipmitool -vvvvv raw 0x32 0x6B 1 0
Using ipmi device 0
Set IPMB address to 0x20
OpenIPMI Request Message Header:
  netfn     = 0x6
  cmd       = 0x1
Sending request 0x1 to System Interface
Got message:  type      = 1
  channel   = 0xf
  msgid     = 0
  netfn     = 0x7
  cmd       = 0x1
  data_len  = 16
  data      = 002001030902bfd1b300020200000000
Iana: 46033
Running Get PICMG Properties my_addr 0x20, transit 0, target 0
OpenIPMI Request Message Header:
  netfn     = 0x2c
  cmd       = 0x0
OpenIPMI Request Message Data (1 bytes)
 00
Sending request 0x0 to System Interface
Got message:  type      = 1
  channel   = 0xf
  msgid     = 1
  netfn     = 0x2d
  cmd       = 0x0
  data_len  = 1
  data      = c1
Error response 0xc1 from Get PICMG Properties
Running Get VSO Capabilities my_addr 0x20, transit 0, target 0
OpenIPMI Request Message Header:
  netfn     = 0x2c
  cmd       = 0x0
OpenIPMI Request Message Data (1 bytes)
 03
Sending request 0x0 to System Interface
Got message:  type      = 1
  channel   = 0xf
  msgid     = 2
  netfn     = 0x2d
  cmd       = 0x0
  data_len  = 1
  data      = c1
Invalid completion code received: Invalid command
Acquire IPMB address
Discovered IPMB address 0x0
Interface address: my_addr 0x20 transit 0:0 target 0x20:0 ipmb_target 0

RAW REQ (channel=0x0 netfn=0x32 lun=0x0 cmd=0x6b data_len=2)
RAW REQUEST (2 bytes)
 01 00
OpenIPMI Request Message Header:
  netfn     = 0x32
  cmd       = 0x6b
OpenIPMI Request Message Data (2 bytes)
 01 00
Sending request 0x6b to System Interface
Got message:  type      = 1
  channel   = 0xf
  msgid     = 3
  netfn     = 0x33
  cmd       = 0x6b
  data_len  = 1
  data      = ff
Unable to send RAW command (channel=0x0 netfn=0x32 lun=0x0 cmd=0x6b rsp=0xff): Unspecified error



Yet the same command via the BMC shows no errors:


rsanders@conejo2:~$ xe40125  -vvvvv raw 0x32 0x6B 1 0

>> Sending IPMI command payload
>>    netfn   : 0x06
>>    command : 0x38
>>    data    : 0x8e 0x04 

BUILDING A v1.5 COMMAND
added list entry seq=0x00 cmd=0x38
>> IPMI Request Session Header
>>   Authtype   : NONE
>>   Sequence   : 0x00000000
>>   Session ID : 0x00000000
>> IPMI Request Message Header
>>   Rs Addr    : 20
>>   NetFn      : 06
>>   Rs LUN     : 0
>>   Rq Addr    : 81
>>   Rq Seq     : 00
>>   Rq Lun     : 0
>>   Command    : 38
>> sending packet (23 bytes)
 06 00 ff 07 00 00 00 00 00 00 00 00 00 09 20 18
 c8 81 00 38 8e 04 b5
<< received packet (30 bytes)
 06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c
 63 20 00 38 00 01 84 14 03 00 00 00 00 0c
<< IPMI Response Session Header
<<   Authtype                : NONE
<<   Payload type            : IPMI (0)
<<   Session ID              : 0x00000000
<<   Sequence                : 0x00000000
<<   IPMI Msg/Payload Length : 16
<< IPMI Response Message Header
<<   Rq Addr    : 81
<<   NetFn      : 07
<<   Rq LUN     : 0
<<   Rs Addr    : 20
<<   Rq Seq     : 00
<<   Rs Lun     : 0
<<   Command    : 38
<<   Compl Code : 0x00
IPMI Request Match found
removed list entry seq=0x00 cmd=0x38
>> SENDING AN OPEN SESSION REQUEST

>> sending packet (48 bytes)
 06 00 ff 07 06 10 00 00 00 00 00 00 00 00 20 00
 00 00 00 00 a4 a3 a2 a0 00 00 00 08 01 00 00 00
 01 00 00 08 01 00 00 00 02 00 00 08 01 00 00 00
<< received packet (52 bytes)
 06 00 ff 07 06 11 00 00 00 00 00 00 00 00 24 00
 00 00 04 00 a4 a3 a2 a0 3f f0 97 e5 00 00 00 08
 01 00 00 00 01 00 00 08 01 00 00 00 02 00 00 08
 01 00 00 00
<<OPEN SESSION RESPONSE
<<  Message tag                        : 0x00
<<  RMCP+ status                       : no errors
<<  Maximum privilege level            : admin
<<  Console Session ID                 : 0xa0a2a3a4
<<  BMC Session ID                     : 0xe597f03f
<<  Negotiated authenticatin algorithm : hmac_sha1
<<  Negotiated integrity algorithm     : hmac_sha1_96
<<  Negotiated encryption algorithm    : aes_cbc_128

>> Console generated random number (16 bytes)
 43 6f 75 29 e1 75 8b 14 99 91 f2 66 2f 71 7e 1d
>> SENDING A RAKP 1 MESSAGE

>> sending packet (49 bytes)
 06 00 ff 07 06 12 00 00 00 00 00 00 00 00 21 00
 00 00 00 00 3f f0 97 e5 43 6f 75 29 e1 75 8b 14
 99 91 f2 66 2f 71 7e 1d 14 00 00 05 61 64 6d 69
 6e
<< received packet (76 bytes)
 06 00 ff 07 06 13 00 00 00 00 00 00 00 00 3c 00
 00 00 00 00 a4 a3 a2 a0 8e fb 66 59 ad 12 3a ab
 1a 51 d9 b0 93 f2 f4 e6 f4 03 43 fe 70 f2 ca 03
 00 10 de bf 40 3e 6c 6a 8b f4 4d fb 95 24 b7 5f
 74 04 c5 3c 4b 7b f5 b2 93 02 ec 58
<<RAKP 2 MESSAGE
<<  Message tag                   : 0x00
<<  RMCP+ status                  : no errors
<<  Console Session ID            : 0xa0a2a3a4
<<  BMC random number             : 0x8efb6659ad123aab1a51d9b093f2f4e6
<<  BMC GUID                      : 0xf40343fe70f2ca030010debf403e6c6a
<<  Key exchange auth code [sha1] : 0x8bf44dfb9524b75f7404c53c4b7bf5b29302ec58

bmc_rand (16 bytes)
 8e fb 66 59 ad 12 3a ab 1a 51 d9 b0 93 f2 f4 e6
>> rakp2 mac input buffer (63 bytes)
 a4 a3 a2 a0 3f f0 97 e5 43 6f 75 29 e1 75 8b 14
 99 91 f2 66 2f 71 7e 1d 8e fb 66 59 ad 12 3a ab
 1a 51 d9 b0 93 f2 f4 e6 f4 03 43 fe 70 f2 ca 03
 00 10 de bf 40 3e 6c 6a 14 05 61 64 6d 69 6e
>> rakp2 mac key (20 bytes)
 61 64 6d 69 6e 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00
>> rakp2 mac as computed by the remote console (20 bytes)
 8b f4 4d fb 95 24 b7 5f 74 04 c5 3c 4b 7b f5 b2
 93 02 ec 58
>> rakp3 mac input buffer (27 bytes)
 8e fb 66 59 ad 12 3a ab 1a 51 d9 b0 93 f2 f4 e6
 a4 a3 a2 a0 14 05 61 64 6d 69 6e
>> rakp3 mac key (20 bytes)
 61 64 6d 69 6e 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00
generated rakp3 mac (20 bytes)
 c4 9a 87 7b 42 a0 8e 29 f0 7f 26 3a dc 0a 25 34
 35 6c de b3
session integrity key input (39 bytes)
 43 6f 75 29 e1 75 8b 14 99 91 f2 66 2f 71 7e 1d
 8e fb 66 59 ad 12 3a ab 1a 51 d9 b0 93 f2 f4 e6
 14 05 61 64 6d 69 6e
Generated session integrity key (20 bytes)
 46 27 6b e6 05 4a 1e 18 64 f3 c6 80 66 e8 0b 2e
 f4 da 76 ff
Generated K1 (20 bytes)
 54 b6 36 8d 71 17 55 00 a5 71 2b bf 51 f4 06 b9
 75 a5 a4 1c
Generated K2 (20 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
 84 62 42 78
>> SENDING A RAKP 3 MESSAGE

>> sending packet (44 bytes)
 06 00 ff 07 06 14 00 00 00 00 00 00 00 00 1c 00
 00 00 00 00 3f f0 97 e5 c4 9a 87 7b 42 a0 8e 29
 f0 7f 26 3a dc 0a 25 34 35 6c de b3
<< received packet (36 bytes)
 06 00 ff 07 06 15 00 00 00 00 00 00 00 00 14 00
 00 00 00 00 a4 a3 a2 a0 a4 df 24 f0 71 80 cf 94
 62 99 9d 5e
<<RAKP 4 MESSAGE
<<  Message tag                   : 0x00
<<  RMCP+ status                  : no errors
<<  Console Session ID            : 0xa0a2a3a4
<<  Key exchange auth code [sha1] : 0xa4df24f07180cf9462999d5e

>> rakp4 mac input buffer (36 bytes)
 43 6f 75 29 e1 75 8b 14 99 91 f2 66 2f 71 7e 1d
 3f f0 97 e5 f4 03 43 fe 70 f2 ca 03 00 10 de bf
 40 3e 6c 6a
>> rakp4 mac key (sik) (20 bytes)
 46 27 6b e6 05 4a 1e 18 64 f3 c6 80 66 e8 0b 2e
 f4 da 76 ff
>> rakp4 mac as computed by the BMC (20 bytes)
 a4 df 24 f0 71 80 cf 94 62 99 9d 5e 93 f2 f4 e6
 f4 03 43 fe
>> rakp4 mac as computed by the remote console (20 bytes)
 a4 df 24 f0 71 80 cf 94 62 99 9d 5e 07 ea 94 1c
 cd de 58 ed
IPMIv2 / RMCP+ SESSION OPENED SUCCESSFULLY


>> Sending IPMI command payload
>>    netfn   : 0x06
>>    command : 0x3b
>>    data    : 0x04 

BUILDING A v2 COMMAND
added list entry seq=0x01 cmd=0x3b
Local RqAddr 0x20 transit 0:0 target 0x20:0 bridgePossible 0
>> Initialization vector (16 bytes)
 94 22 68 c3 08 74 2c 88 83 48 a2 47 d1 da be 22
encrypting with this IV (16 bytes)
 94 22 68 c3 08 74 2c 88 83 48 a2 47 d1 da be 22
encrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
encrypting this data (16 bytes)
 20 18 c8 81 04 3b 04 3c 01 02 03 04 05 06 07 07
authcode input (48 bytes)
 06 c0 3f f0 97 e5 03 00 00 00 20 00 94 22 68 c3
 08 74 2c 88 83 48 a2 47 d1 da be 22 97 20 8e 22
 1f b7 fd eb 87 39 91 fc 6f 1d 3b d3 ff ff 02 07
authcode output (12 bytes)
 3b 88 f3 52 85 3b b6 4d 5f e8 8d d1
>> sending packet (64 bytes)
 06 00 ff 07 06 c0 3f f0 97 e5 03 00 00 00 20 00
 94 22 68 c3 08 74 2c 88 83 48 a2 47 d1 da be 22
 97 20 8e 22 1f b7 fd eb 87 39 91 fc 6f 1d 3b d3
 ff ff 02 07 3b 88 f3 52 85 3b b6 4d 5f e8 8d d1
<< received packet (64 bytes)
 06 00 ff 07 06 c0 a4 a3 a2 a0 01 00 00 00 20 00
 7b c4 e6 cb 83 49 91 76 a1 75 1d 8b bc a3 1c bc
 f4 c0 5b 32 5c ed dd 71 c5 ba aa 4d 5b 86 b2 50
 ff ff 02 07 1e 62 b0 fd 2b 0d 56 07 3c 0d 79 40
Validating authcode
K1 (20 bytes)
 54 b6 36 8d 71 17 55 00 a5 71 2b bf 51 f4 06 b9
 75 a5 a4 1c
Authcode Input Data (48 bytes)
 06 c0 a4 a3 a2 a0 01 00 00 00 20 00 7b c4 e6 cb
 83 49 91 76 a1 75 1d 8b bc a3 1c bc f4 c0 5b 32
 5c ed dd 71 c5 ba aa 4d 5b 86 b2 50 ff ff 02 07
Generated authcode (12 bytes)
 1e 62 b0 fd 2b 0d 56 07 3c 0d 79 40
Expected authcode (12 bytes)
 1e 62 b0 fd 2b 0d 56 07 3c 0d 79 40
decrypting with this IV (16 bytes)
 7b c4 e6 cb 83 49 91 76 a1 75 1d 8b bc a3 1c bc
decrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
decrypting this data (16 bytes)
 f4 c0 5b 32 5c ed dd 71 c5 ba aa 4d 5b 86 b2 50
Decrypted 16 encrypted bytes
Decrypted this data (16 bytes)
 81 1c 63 20 04 3b 00 04 9d 01 02 03 04 05 06 06
<< IPMI Response Session Header
<<   Authtype                : RMCP+
<<   Payload type            : IPMI (0)
<<   Session ID              : 0xa0a2a3a4
<<   Sequence                : 0x00000001
<<   IPMI Msg/Payload Length : 32
<< IPMI Response Message Header
<<   Rq Addr    : 81
<<   NetFn      : 07
<<   Rq LUN     : 0
<<   Rs Addr    : 20
<<   Rq Seq     : 01
<<   Rs Lun     : 0
<<   Command    : 3b
<<   Compl Code : 0x00
IPMI Request Match found
removed list entry seq=0x01 cmd=0x3b
set_session_privlvl (1 bytes)
 04
Set Session Privilege Level to ADMINISTRATOR


>> Sending IPMI command payload
>>    netfn   : 0x2c
>>    command : 0x3e
>>    data    : 0x00 0x02 

BUILDING A v2 COMMAND
added list entry seq=0x02 cmd=0x3e
Local RqAddr 0x20 transit 0:0 target 0x20:0 bridgePossible 0
>> Initialization vector (16 bytes)
 14 1a 12 d9 3b b4 94 a0 50 c4 dc 35 1f 9f c6 ad
encrypting with this IV (16 bytes)
 14 1a 12 d9 3b b4 94 a0 50 c4 dc 35 1f 9f c6 ad
encrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
encrypting this data (16 bytes)
 20 b0 30 81 08 3e 00 02 37 01 02 03 04 05 06 06
authcode input (48 bytes)
 06 c0 3f f0 97 e5 04 00 00 00 20 00 14 1a 12 d9
 3b b4 94 a0 50 c4 dc 35 1f 9f c6 ad 8f a2 d4 3b
 82 3b 8c 2a e2 c9 58 10 2c 53 ea b3 ff ff 02 07
authcode output (12 bytes)
 f5 8b a3 6e fc d4 6e b1 d2 58 93 5a
>> sending packet (64 bytes)
 06 00 ff 07 06 c0 3f f0 97 e5 04 00 00 00 20 00
 14 1a 12 d9 3b b4 94 a0 50 c4 dc 35 1f 9f c6 ad
 8f a2 d4 3b 82 3b 8c 2a e2 c9 58 10 2c 53 ea b3
 ff ff 02 07 f5 8b a3 6e fc d4 6e b1 d2 58 93 5a
<< received packet (64 bytes)
 06 00 ff 07 06 c0 a4 a3 a2 a0 02 00 00 00 20 00
 6c 52 55 d0 81 08 b5 88 0f 47 2f cd 68 b7 b0 07
 51 d0 9c d8 fa 09 3b 9a f6 1a 04 e1 63 38 20 ee
 ff ff 02 07 6d af f1 49 11 14 1b 72 f3 33 63 b5
Validating authcode
K1 (20 bytes)
 54 b6 36 8d 71 17 55 00 a5 71 2b bf 51 f4 06 b9
 75 a5 a4 1c
Authcode Input Data (48 bytes)
 06 c0 a4 a3 a2 a0 02 00 00 00 20 00 6c 52 55 d0
 81 08 b5 88 0f 47 2f cd 68 b7 b0 07 51 d0 9c d8
 fa 09 3b 9a f6 1a 04 e1 63 38 20 ee ff ff 02 07
Generated authcode (12 bytes)
 6d af f1 49 11 14 1b 72 f3 33 63 b5
Expected authcode (12 bytes)
 6d af f1 49 11 14 1b 72 f3 33 63 b5
decrypting with this IV (16 bytes)
 6c 52 55 d0 81 08 b5 88 0f 47 2f cd 68 b7 b0 07
decrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
decrypting this data (16 bytes)
 51 d0 9c d8 fa 09 3b 9a f6 1a 04 e1 63 38 20 ee
Decrypted 16 encrypted bytes
Decrypted this data (16 bytes)
 81 b4 cb 20 08 3e c1 d9 01 02 03 04 05 06 07 07
<< IPMI Response Session Header
<<   Authtype                : RMCP+
<<   Payload type            : IPMI (0)
<<   Session ID              : 0xa0a2a3a4
<<   Sequence                : 0x00000002
<<   IPMI Msg/Payload Length : 32
<< IPMI Response Message Header
<<   Rq Addr    : 81
<<   NetFn      : 2d
<<   Rq LUN     : 0
<<   Rs Addr    : 20
<<   Rq Seq     : 02
<<   Rs Lun     : 0
<<   Command    : 3e
<<   Compl Code : 0xc1
IPMI Request Match found
removed list entry seq=0x02 cmd=0x3e
IPM Controller is not HPM.2 compatible

>> Sending IPMI command payload
>>    netfn   : 0x06
>>    command : 0x01
>>    data    : 

BUILDING A v2 COMMAND
added list entry seq=0x03 cmd=0x01
Local RqAddr 0x20 transit 0:0 target 0x20:0 bridgePossible 1
>> Initialization vector (16 bytes)
 fb c6 74 9f 74 6d 59 bf 61 12 dd 49 71 5d 9d 09
encrypting with this IV (16 bytes)
 fb c6 74 9f 74 6d 59 bf 61 12 dd 49 71 5d 9d 09
encrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
encrypting this data (16 bytes)
 20 18 c8 81 0c 01 72 01 02 03 04 05 06 07 08 08
authcode input (48 bytes)
 06 c0 3f f0 97 e5 05 00 00 00 20 00 fb c6 74 9f
 74 6d 59 bf 61 12 dd 49 71 5d 9d 09 89 23 b5 8c
 32 f5 68 cd ba 9c 9c 56 b2 15 23 fb ff ff 02 07
authcode output (12 bytes)
 9d d5 18 59 71 aa 4d ba 4e 2a d2 64
>> sending packet (64 bytes)
 06 00 ff 07 06 c0 3f f0 97 e5 05 00 00 00 20 00
 fb c6 74 9f 74 6d 59 bf 61 12 dd 49 71 5d 9d 09
 89 23 b5 8c 32 f5 68 cd ba 9c 9c 56 b2 15 23 fb
 ff ff 02 07 9d d5 18 59 71 aa 4d ba 4e 2a d2 64
<< received packet (80 bytes)
 06 00 ff 07 06 c0 a4 a3 a2 a0 03 00 00 00 30 00
 b9 3e e8 c4 5d b7 08 7c 32 d3 58 4c 8d fb 68 87
 a3 c2 fb 4c 33 f8 e3 e7 79 e8 3e e4 37 6b fc 12
 b0 da 24 a1 47 2a ab 37 96 28 72 a4 34 9d af 1d
 ff ff 02 07 a2 8d 3a e4 04 49 41 68 95 00 dd d9
Validating authcode
K1 (20 bytes)
 54 b6 36 8d 71 17 55 00 a5 71 2b bf 51 f4 06 b9
 75 a5 a4 1c
Authcode Input Data (64 bytes)
 06 c0 a4 a3 a2 a0 03 00 00 00 30 00 b9 3e e8 c4
 5d b7 08 7c 32 d3 58 4c 8d fb 68 87 a3 c2 fb 4c
 33 f8 e3 e7 79 e8 3e e4 37 6b fc 12 b0 da 24 a1
 47 2a ab 37 96 28 72 a4 34 9d af 1d ff ff 02 07
Generated authcode (12 bytes)
 a2 8d 3a e4 04 49 41 68 95 00 dd d9
Expected authcode (12 bytes)
 a2 8d 3a e4 04 49 41 68 95 00 dd d9
decrypting with this IV (16 bytes)
 b9 3e e8 c4 5d b7 08 7c 32 d3 58 4c 8d fb 68 87
decrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
decrypting this data (32 bytes)
 a3 c2 fb 4c 33 f8 e3 e7 79 e8 3e e4 37 6b fc 12
 b0 da 24 a1 47 2a ab 37 96 28 72 a4 34 9d af 1d
Decrypted 32 encrypted bytes
Decrypted this data (32 bytes)
 81 1c 63 20 0c 01 00 20 01 03 09 02 bf d1 b3 00
 02 02 00 00 00 00 5d 01 02 03 04 05 06 07 08 08
<< IPMI Response Session Header
<<   Authtype                : RMCP+
<<   Payload type            : IPMI (0)
<<   Session ID              : 0xa0a2a3a4
<<   Sequence                : 0x00000003
<<   IPMI Msg/Payload Length : 48
<< IPMI Response Message Header
<<   Rq Addr    : 81
<<   NetFn      : 07
<<   Rq LUN     : 0
<<   Rs Addr    : 20
<<   Rq Seq     : 03
<<   Rs Lun     : 0
<<   Command    : 01
<<   Compl Code : 0x00
IPMI Request Match found
removed list entry seq=0x03 cmd=0x01
Iana: 46033
Running Get PICMG Properties my_addr 0x20, transit 0, target 0x20

>> Sending IPMI command payload
>>    netfn   : 0x2c
>>    command : 0x00
>>    data    : 0x00 

BUILDING A v2 COMMAND
added list entry seq=0x04 cmd=0x00
Local RqAddr 0x20 transit 0:0 target 0x20:0 bridgePossible 1
>> Initialization vector (16 bytes)
 44 40 e7 9b ae 77 8d b0 1b f0 2e 5f 83 a4 3e 6e
encrypting with this IV (16 bytes)
 44 40 e7 9b ae 77 8d b0 1b f0 2e 5f 83 a4 3e 6e
encrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
encrypting this data (16 bytes)
 20 b0 30 81 10 00 00 6f 01 02 03 04 05 06 07 07
authcode input (48 bytes)
 06 c0 3f f0 97 e5 06 00 00 00 20 00 44 40 e7 9b
 ae 77 8d b0 1b f0 2e 5f 83 a4 3e 6e 1b 18 ba e8
 19 2b ef 32 99 f6 28 16 3d 8f 1b b9 ff ff 02 07
authcode output (12 bytes)
 c4 f0 fe e3 4b 95 b1 4d e5 49 f1 52
>> sending packet (64 bytes)
 06 00 ff 07 06 c0 3f f0 97 e5 06 00 00 00 20 00
 44 40 e7 9b ae 77 8d b0 1b f0 2e 5f 83 a4 3e 6e
 1b 18 ba e8 19 2b ef 32 99 f6 28 16 3d 8f 1b b9
 ff ff 02 07 c4 f0 fe e3 4b 95 b1 4d e5 49 f1 52
<< received packet (64 bytes)
 06 00 ff 07 06 c0 a4 a3 a2 a0 04 00 00 00 20 00
 25 8b f4 23 5a 5c c9 a8 a8 84 cc 3d 64 d5 95 c7
 e7 1c 64 b3 62 3c 5f 46 f6 a8 8d 8c 7f 00 cb 08
 ff ff 02 07 25 5b 0d 6b 32 19 c0 a7 de 07 7d 9a
Validating authcode
K1 (20 bytes)
 54 b6 36 8d 71 17 55 00 a5 71 2b bf 51 f4 06 b9
 75 a5 a4 1c
Authcode Input Data (48 bytes)
 06 c0 a4 a3 a2 a0 04 00 00 00 20 00 25 8b f4 23
 5a 5c c9 a8 a8 84 cc 3d 64 d5 95 c7 e7 1c 64 b3
 62 3c 5f 46 f6 a8 8d 8c 7f 00 cb 08 ff ff 02 07
Generated authcode (12 bytes)
 25 5b 0d 6b 32 19 c0 a7 de 07 7d 9a
Expected authcode (12 bytes)
 25 5b 0d 6b 32 19 c0 a7 de 07 7d 9a
decrypting with this IV (16 bytes)
 25 8b f4 23 5a 5c c9 a8 a8 84 cc 3d 64 d5 95 c7
decrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
decrypting this data (16 bytes)
 e7 1c 64 b3 62 3c 5f 46 f6 a8 8d 8c 7f 00 cb 08
Decrypted 16 encrypted bytes
Decrypted this data (16 bytes)
 81 b4 cb 20 10 00 c1 0f 01 02 03 04 05 06 07 07
<< IPMI Response Session Header
<<   Authtype                : RMCP+
<<   Payload type            : IPMI (0)
<<   Session ID              : 0xa0a2a3a4
<<   Sequence                : 0x00000004
<<   IPMI Msg/Payload Length : 32
<< IPMI Response Message Header
<<   Rq Addr    : 81
<<   NetFn      : 2d
<<   Rq LUN     : 0
<<   Rs Addr    : 20
<<   Rq Seq     : 04
<<   Rs Lun     : 0
<<   Command    : 00
<<   Compl Code : 0xc1
IPMI Request Match found
removed list entry seq=0x04 cmd=0x00
Error response 0xc1 from Get PICMG Properities
Running Get VSO Capabilities my_addr 0x20, transit 0, target 0x20

>> Sending IPMI command payload
>>    netfn   : 0x2c
>>    command : 0x00
>>    data    : 0x03 

BUILDING A v2 COMMAND
added list entry seq=0x05 cmd=0x00
Local RqAddr 0x20 transit 0:0 target 0x20:0 bridgePossible 1
>> Initialization vector (16 bytes)
 ed f8 c2 30 5a 4e c9 42 9e 32 9c 5a 72 a7 bc 96
encrypting with this IV (16 bytes)
 ed f8 c2 30 5a 4e c9 42 9e 32 9c 5a 72 a7 bc 96
encrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
encrypting this data (16 bytes)
 20 b0 30 81 14 00 03 68 01 02 03 04 05 06 07 07
authcode input (48 bytes)
 06 c0 3f f0 97 e5 07 00 00 00 20 00 ed f8 c2 30
 5a 4e c9 42 9e 32 9c 5a 72 a7 bc 96 ba f6 6b 80
 17 fe 84 db 17 7a a8 e8 d6 44 fa 0c ff ff 02 07
authcode output (12 bytes)
 46 9b 6c c3 ac db 51 ae e6 d9 bc 97
>> sending packet (64 bytes)
 06 00 ff 07 06 c0 3f f0 97 e5 07 00 00 00 20 00
 ed f8 c2 30 5a 4e c9 42 9e 32 9c 5a 72 a7 bc 96
 ba f6 6b 80 17 fe 84 db 17 7a a8 e8 d6 44 fa 0c
 ff ff 02 07 46 9b 6c c3 ac db 51 ae e6 d9 bc 97
<< received packet (64 bytes)
 06 00 ff 07 06 c0 a4 a3 a2 a0 05 00 00 00 20 00
 c6 36 27 69 1b 2f 34 3d 4e 0c 4d 3b 66 1b c2 4e
 89 d5 6e f8 ea 32 37 cc 60 71 f9 e8 7b 9e 5f b3
 ff ff 02 07 f3 71 4a 70 0a 6d 47 4b 50 8c 7a 7e
Validating authcode
K1 (20 bytes)
 54 b6 36 8d 71 17 55 00 a5 71 2b bf 51 f4 06 b9
 75 a5 a4 1c
Authcode Input Data (48 bytes)
 06 c0 a4 a3 a2 a0 05 00 00 00 20 00 c6 36 27 69
 1b 2f 34 3d 4e 0c 4d 3b 66 1b c2 4e 89 d5 6e f8
 ea 32 37 cc 60 71 f9 e8 7b 9e 5f b3 ff ff 02 07
Generated authcode (12 bytes)
 f3 71 4a 70 0a 6d 47 4b 50 8c 7a 7e
Expected authcode (12 bytes)
 f3 71 4a 70 0a 6d 47 4b 50 8c 7a 7e
decrypting with this IV (16 bytes)
 c6 36 27 69 1b 2f 34 3d 4e 0c 4d 3b 66 1b c2 4e
decrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
decrypting this data (16 bytes)
 89 d5 6e f8 ea 32 37 cc 60 71 f9 e8 7b 9e 5f b3
Decrypted 16 encrypted bytes
Decrypted this data (16 bytes)
 81 b4 cb 20 14 00 c1 0b 01 02 03 04 05 06 07 07
<< IPMI Response Session Header
<<   Authtype                : RMCP+
<<   Payload type            : IPMI (0)
<<   Session ID              : 0xa0a2a3a4
<<   Sequence                : 0x00000005
<<   IPMI Msg/Payload Length : 32
<< IPMI Response Message Header
<<   Rq Addr    : 81
<<   NetFn      : 2d
<<   Rq LUN     : 0
<<   Rs Addr    : 20
<<   Rq Seq     : 05
<<   Rs Lun     : 0
<<   Command    : 00
<<   Compl Code : 0xc1
IPMI Request Match found
removed list entry seq=0x05 cmd=0x00
Invalid completion code received: Invalid command
Acquire IPMB address
Discovered IPMB address 0x0
Interface address: my_addr 0x20 transit 0:0 target 0x20:0 ipmb_target 0

RAW REQ (channel=0x0 netfn=0x32 lun=0x0 cmd=0x6b data_len=2)
RAW REQUEST (2 bytes)
 01 00

>> Sending IPMI command payload
>>    netfn   : 0x32
>>    command : 0x6b
>>    data    : 0x01 0x00 

BUILDING A v2 COMMAND
added list entry seq=0x06 cmd=0x6b
Local RqAddr 0x20 transit 0:0 target 0x20:0 bridgePossible 1
>> Initialization vector (16 bytes)
 3d c0 76 c9 45 6f 8d 57 a5 be 7f fd ac a5 12 1c
encrypting with this IV (16 bytes)
 3d c0 76 c9 45 6f 8d 57 a5 be 7f fd ac a5 12 1c
encrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
encrypting this data (16 bytes)
 20 c8 18 81 18 6b 01 00 fb 01 02 03 04 05 06 06
authcode input (48 bytes)
 06 c0 3f f0 97 e5 08 00 00 00 20 00 3d c0 76 c9
 45 6f 8d 57 a5 be 7f fd ac a5 12 1c 58 71 53 ef
 98 0d 51 97 50 bd 0e 23 0d dd 6f b9 ff ff 02 07
authcode output (12 bytes)
 02 e0 15 c0 22 dd af 97 e1 3c 98 06
>> sending packet (64 bytes)
 06 00 ff 07 06 c0 3f f0 97 e5 08 00 00 00 20 00
 3d c0 76 c9 45 6f 8d 57 a5 be 7f fd ac a5 12 1c
 58 71 53 ef 98 0d 51 97 50 bd 0e 23 0d dd 6f b9
 ff ff 02 07 02 e0 15 c0 22 dd af 97 e1 3c 98 06
<< received packet (192 bytes)
 06 00 ff 07 06 c0 a4 a3 a2 a0 06 00 00 00 a0 00
 04 3b d4 08 51 91 62 82 5b b6 72 dc 45 ef 36 02
 c7 a8 86 4d 7e c1 77 f6 9f e7 56 1e f1 17 96 6c
 4f 72 21 89 7b 74 62 7f 4b 2d f0 ed b0 b4 5e 83
 72 87 d4 60 5b 52 36 6e 8e 23 17 73 3b a5 d5 b7
 44 d3 6d 9c 1c 95 d7 86 20 67 73 92 75 33 f8 92
 32 a3 fa ba c6 55 07 17 d1 6c 2b 2b 06 be c1 82
 e4 c5 34 a3 59 40 e1 94 1f 5e 85 34 bc e1 fe aa
 99 6d 12 8a 7a 86 52 76 6b 86 b6 68 cf b7 0f 92
 05 db a4 cc 27 10 92 31 2e 05 75 92 06 d2 9c d7
 c3 10 6b 35 65 03 24 0d cd 1e 05 c6 27 3d 6b a0
 ff ff 02 07 93 dd 64 26 fb a0 ac ea 6d ad 6b 45
Validating authcode
K1 (20 bytes)
 54 b6 36 8d 71 17 55 00 a5 71 2b bf 51 f4 06 b9
 75 a5 a4 1c
Authcode Input Data (176 bytes)
 06 c0 a4 a3 a2 a0 06 00 00 00 a0 00 04 3b d4 08
 51 91 62 82 5b b6 72 dc 45 ef 36 02 c7 a8 86 4d
 7e c1 77 f6 9f e7 56 1e f1 17 96 6c 4f 72 21 89
 7b 74 62 7f 4b 2d f0 ed b0 b4 5e 83 72 87 d4 60
 5b 52 36 6e 8e 23 17 73 3b a5 d5 b7 44 d3 6d 9c
 1c 95 d7 86 20 67 73 92 75 33 f8 92 32 a3 fa ba
 c6 55 07 17 d1 6c 2b 2b 06 be c1 82 e4 c5 34 a3
 59 40 e1 94 1f 5e 85 34 bc e1 fe aa 99 6d 12 8a
 7a 86 52 76 6b 86 b6 68 cf b7 0f 92 05 db a4 cc
 27 10 92 31 2e 05 75 92 06 d2 9c d7 c3 10 6b 35
 65 03 24 0d cd 1e 05 c6 27 3d 6b a0 ff ff 02 07
Generated authcode (12 bytes)
 93 dd 64 26 fb a0 ac ea 6d ad 6b 45
Expected authcode (12 bytes)
 93 dd 64 26 fb a0 ac ea 6d ad 6b 45
decrypting with this IV (16 bytes)
 04 3b d4 08 51 91 62 82 5b b6 72 dc 45 ef 36 02
decrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
decrypting this data (144 bytes)
 c7 a8 86 4d 7e c1 77 f6 9f e7 56 1e f1 17 96 6c
 4f 72 21 89 7b 74 62 7f 4b 2d f0 ed b0 b4 5e 83
 72 87 d4 60 5b 52 36 6e 8e 23 17 73 3b a5 d5 b7
 44 d3 6d 9c 1c 95 d7 86 20 67 73 92 75 33 f8 92
 32 a3 fa ba c6 55 07 17 d1 6c 2b 2b 06 be c1 82
 e4 c5 34 a3 59 40 e1 94 1f 5e 85 34 bc e1 fe aa
 99 6d 12 8a 7a 86 52 76 6b 86 b6 68 cf b7 0f 92
 05 db a4 cc 27 10 92 31 2e 05 75 92 06 d2 9c d7
 c3 10 6b 35 65 03 24 0d cd 1e 05 c6 27 3d 6b a0
Decrypted 144 encrypted bytes
Decrypted this data (144 bytes)
 81 cc b3 20 18 6b 00 01 0f 41 4d 49 46 34 30 33
 34 33 46 45 37 30 46 32 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 c8 01 02 03 04 05 05
<< IPMI Response Session Header
<<   Authtype                : RMCP+
<<   Payload type            : IPMI (0)
<<   Session ID              : 0xa0a2a3a4
<<   Sequence                : 0x00000006
<<   IPMI Msg/Payload Length : 160
<< IPMI Response Message Header
<<   Rq Addr    : 81
<<   NetFn      : 33
<<   Rq LUN     : 0
<<   Rs Addr    : 20
<<   Rq Seq     : 06
<<   Rs Lun     : 0
<<   Command    : 6b
<<   Compl Code : 0x00
IPMI Request Match found
removed list entry seq=0x06 cmd=0x6b
RAW RSP (130 bytes)
 01 0f 41 4d 49 46 34 30 33 34 33 46 45 37 30 46
 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00 00

>> Sending IPMI command payload
>>    netfn   : 0x06
>>    command : 0x3c
>>    data    : 0x3f 0xf0 0x97 0xe5 

BUILDING A v2 COMMAND
added list entry seq=0x07 cmd=0x3c
Local RqAddr 0x20 transit 0:0 target 0x20:0 bridgePossible 0
>> Initialization vector (16 bytes)
 61 ea 4a a7 69 66 56 2b dc f9 cf 99 40 92 66 5d
encrypting with this IV (16 bytes)
 61 ea 4a a7 69 66 56 2b dc f9 cf 99 40 92 66 5d
encrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
encrypting this data (16 bytes)
 20 18 c8 81 1c 3c 3f f0 97 e5 7c 01 02 03 04 04
authcode input (48 bytes)
 06 c0 3f f0 97 e5 09 00 00 00 20 00 61 ea 4a a7
 69 66 56 2b dc f9 cf 99 40 92 66 5d 47 1c 16 20
 2b 31 fa 53 75 bd a1 0a 03 e2 a2 05 ff ff 02 07
authcode output (12 bytes)
 62 e4 52 ef 72 7a 78 a6 62 73 84 2f
>> sending packet (64 bytes)
 06 00 ff 07 06 c0 3f f0 97 e5 09 00 00 00 20 00
 61 ea 4a a7 69 66 56 2b dc f9 cf 99 40 92 66 5d
 47 1c 16 20 2b 31 fa 53 75 bd a1 0a 03 e2 a2 05
 ff ff 02 07 62 e4 52 ef 72 7a 78 a6 62 73 84 2f
<< received packet (64 bytes)
 06 00 ff 07 06 c0 a4 a3 a2 a0 07 00 00 00 20 00
 8b 41 9a b5 c2 70 4f cc 36 6e 9f 32 7b 82 cc 7c
 21 8e 91 ed e5 48 76 18 24 0c 69 b6 b8 b9 f7 a1
 ff ff 02 07 10 f6 59 d6 9c 9f bc d8 b9 f0 7a 04
Validating authcode
K1 (20 bytes)
 54 b6 36 8d 71 17 55 00 a5 71 2b bf 51 f4 06 b9
 75 a5 a4 1c
Authcode Input Data (48 bytes)
 06 c0 a4 a3 a2 a0 07 00 00 00 20 00 8b 41 9a b5
 c2 70 4f cc 36 6e 9f 32 7b 82 cc 7c 21 8e 91 ed
 e5 48 76 18 24 0c 69 b6 b8 b9 f7 a1 ff ff 02 07
Generated authcode (12 bytes)
 10 f6 59 d6 9c 9f bc d8 b9 f0 7a 04
Expected authcode (12 bytes)
 10 f6 59 d6 9c 9f bc d8 b9 f0 7a 04
decrypting with this IV (16 bytes)
 8b 41 9a b5 c2 70 4f cc 36 6e 9f 32 7b 82 cc 7c
decrypting with this key (16 bytes)
 ce 2d 7b f0 90 80 5c a3 2f 86 a2 28 b7 27 4a 39
decrypting this data (16 bytes)
 21 8e 91 ed e5 48 76 18 24 0c 69 b6 b8 b9 f7 a1
Decrypted 16 encrypted bytes
Decrypted this data (16 bytes)
 81 1c 63 20 1c 3c 00 88 01 02 03 04 05 06 07 07
<< IPMI Response Session Header
<<   Authtype                : RMCP+
<<   Payload type            : IPMI (0)
<<   Session ID              : 0xa0a2a3a4
<<   Sequence                : 0x00000007
<<   IPMI Msg/Payload Length : 32
<< IPMI Response Message Header
<<   Rq Addr    : 81
<<   NetFn      : 07
<<   Rq LUN     : 0
<<   Rs Addr    : 20
<<   Rq Seq     : 07
<<   Rs Lun     : 0
<<   Command    : 3c
<<   Compl Code : 0x00
IPMI Request Match found
removed list entry seq=0x07 cmd=0x3c
Closed Session e597f03f
Comment 37 Bob Sanders 2019-04-08 01:11:11 UTC
Looks like there is yet-another-update that takes care
of an off-by-one error when checking the response:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=https://kernel.opensuse.org/cgit/kernel/commit/?h=SLE15-SP1&id=7d6380cd40f7993f75c4bde5b36f6019237e8719

Bob
Comment 38 Robert Richter 2019-04-08 07:10:20 UTC
(adding Takashi)

Bob,

(In reply to Bob Sanders from comment #37)
> Looks like there is yet-another-update that takes care
> of an off-by-one error when checking the response:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/
> ?id=https://kernel.opensuse.org/cgit/kernel/commit/?h=SLE15-
> SP1&id=7d6380cd40f7993f75c4bde5b36f6019237e8719

this is already in SLE:

https://kernel.opensuse.org/cgit/kernel/commit/?h=SLE15-SP1&id=a266481c970ded985c27557ffc66f566b0ee29a8

$ git branch -r --list 'opensuse/*' --contains=a266481c970ded985c27557ffc66f566b0ee29a8
  opensuse/SLE12-SP4
  opensuse/SLE12-SP4-AZURE
  opensuse/SLE15
  opensuse/SLE15-AZURE
  opensuse/SLE15-SP1
  opensuse/openSUSE-15.0
  opensuse/openSUSE-15.1

Do you see an issue with current kernels and also upstream?

Thanks,

-Robert
Comment 39 Yousaf Kaukab 2019-05-06 07:49:54 UTC
Bob, I am closing this bug since all the requested patches are already merged. Please file a new ticket if any further investigations for the ipmitool are required.