SYSTEM ARCHITECTURE COUNCIL Platform Software ARC --------------------------------- PSARC Regular Meeting time: Wednesdays 10:00-1:00pm in MPK17-3507.
10-07-2009 MEETING MINUTES ============================================================================ Send CORRECTIONS, additions, deletions to psarc-coord at sun.com. Minutes are archived in sac.Eng:/sac/export/sac/Minutes/PSARC. Co-Chair(s): Sebantien Roy: Yes Tim Marsland: no ATTENDEES - Members: (6 active members) Kais Belgaied: Yes Mark Carlson: Yes Richard Matthews: Yes Darren Moffat: no (on sabbatical) Garrett D'Amore: Yes Glenn Skinner: Yes Bill Sommerfeld: no (on sabbatical) Gary Winiger: Yes (on sabbatical) STAFF - Asa Romberger (PM): Yes ATTENDEES - Interns: Frank Che no James Falkner: no (on sabbatical) Daniel Hain: Yes Michael Haines: no Alan Hargreaves: no Phil Harman: no Wyllys Ingersoll: no Darren Reed: no Dean Roehrich no Ienup Sung: no Phi Tran no Brian Utterback: no James Walker Yes Suhasini Peddada Yes Calum Mackay no Mark Martin no (external) Don Cragun Yes (external) Guests: -- GUESTS -- Jordan Brown Kevin Song Rich Burridge Raja Andra Not all names are captured. Please send email to Asa.Romberger at Sun.com, if you attended the meeting and your name is missing from the list. --------------------------------------------------------------------------- MEETING SUMMARY: ================ AGENDA 10:00-10:10 Open ARC Business (use open dial in above) 10:10-10:55 Inception: Solaris ATCA IPMI Driver (2009/467) Submitter: Kevin Song Owner: Garrett D'Amore Intern: Jim Walker Exposure: open --------------------------------------------------------------------------- Case Anchors: <br> <A HREF="#case1">Solaris ATCA IPMI Driver (2009/467)</A> <br> =========================================================================== Fast Tracks: ============ Fast-tracks: Case (Timeout) Exposure Title 2009/503 (09/28/09) open usr/lib links for OpenSSL approved 2009/505 (09/28/09) open IRM Framework Extension(s) approved 2009/507 (09/29/09) open FIPS Capable OpenSSL approved 2009/516 (10/02/09) open Timezone cache renewal approved 2009/519 (10/02/09) open audioemu10k device driver approved 2009/525 (10/07/09) open qlge - QLogic PCIe converged NIC driver approved 2009/526 (10/07/09) open oce - Emulex PCIe converged NIC driver approved 2009/529 (10/12/09) open Python interface to privileges(5) & rbac(5) approved 2009/530 (10/12/09) open Removal of NIS+ approved 2009/531 (10/13/09) open sshd match block option let it run 2009/532 (10/13/09) open libgnomekbd re-integration let it run 2009/534 (10/14/09) open SMB/CIFS Standalone DFS let it run 2009/538 (10/14/09) open EOF of Tadpole SPARCLE let it run Other: ====== 2009/471 OpenSolaris_Distribution_Constructor Owner: Kais Belgaied Intern: Suha Peddada Next Meeting: ============= 10/14/2009 No meeting ------------------------------------------------------------------------------- 2009/467 Name: Solaris ATCA IPMI Driver Submitter: Kevin Song Owner: Garrett D'Amore Intern: Jim Walker Exposure: open SUMMARY ======= Sun Netra ATCA (Advanced Telecom Computing Architecture) blades have an ATCA version of IPMI controller as their baseboard management controller (BMC), to meet IPMI specification and ATCA base specification PICMG 3.0. This project develops a Solaris driver to interface the IPMI controller while - keeping an API compatible to open source community standard (OpenIPMI); - and supporting ATCA features; ISSUES ====== jaw What is the release binding? (jaw) Patch. Indicated in updated 20questions jaw Define IPMC in onepager.txt, section 2.1 (jaw) Updated. ram-1 Your proposal and specification seem to clearly show how you plan to bridge a variety of underlying IPMI implementations with a single interface. Are there reasons (other than its been declared out-of-scope) the same could not be done for the previously implemented IPMI project? Are there issues with the previous implementation that discourage this? (Previous version is PSARC/2004/453, correct?) ram-2 20questions #5. Your answer, which I believe is technically accurate, delegated any security to the IPMI implementation. In a layered access approach as you describe, are you storing any user/password information for various access? Is there any provision to protect underlying interfaces if they are found to be vulnerable? ram-99 nit: ipmi_onepager.txt: 5. Reference Documents: A couple of documents in: /net/mc-re190/export/public/atca_wosdocs/ipmi/onepager/references are not readable by other than owner. seb-01 Your interface table shows that you import OpenIPMI ioctls. Is that backwards? Does your driver not export these ioctls? seb-02 What privileges are required to issue each ioctl? VOTE ==== Approve - Deny - Abstain - Not Participating (NP) - THE NEXT STEP ============= Email vote when spec is updated to cover privilege Opinion: OpenIPMI is reference architecture going forward Opinion: Old drivers should update to use OpenIPMI TCR: Use least privilege