Add Unmarshal(cfg string) to VendorConfigManager

.github/workflows/ci.yaml

@@ -18,5 +18,5 @@ jobs:
     - name: Run golangci-lint
       uses: golangci/golangci-lint-action@v3
       with:
-        args: -v --config .golangci.yml --timeout=5m
+        args: -v --config .golangci.yml --timeout=5m --out-format=colored-line-number
         version: latest

config/asrockrack.go

@@ -1,4 +1,4 @@
 package config
 
 import (
 	"encoding/xml"
@@ -48,7 +48,7 @@
 		BiosCfg: &asrockrackBiosCfg{},
 	}
 
 	return asrr, nil
 }
 
 // FindMenu locates an existing asrockrackBiosCfgMenu if one exists in the ConfigData, if not
@@ -105,6 +105,15 @@
 	}
 }
 
+func (cm *asrockrackVendorConfig) Unmarshal(cfgData string) (err error) {
+	err = xml.Unmarshal([]byte(cfgData), cm.ConfigData)
+	return
+}
+
+func (cm *asrockrackVendorConfig) StandardConfig() (biosConfig map[string]string, err error) {
+	return
+}
+
 // Generic config options
 
 func (cm *asrockrackVendorConfig) EnableTPM() {

config/dell.go

@@ -54,7 +54,7 @@
 
 	dell.setSystemConfiguration(vendorOptions["model"], vendorOptions["servicetag"])
 
 	return dell, nil
 }
 
 func (cm *dellVendorConfig) setSystemConfiguration(model, servicetag string) {
@@ -129,6 +129,15 @@
 	}
 }
 
+func (cm *dellVendorConfig) Unmarshal(cfgData string) (err error) {
+	err = xml.Unmarshal([]byte(cfgData), cm.ConfigData)
+	return
+}
+
+func (cm *dellVendorConfig) StandardConfig() (biosConfig map[string]string, err error) {
+	return
+}
+
 // Generic config options
 
 func (cm *dellVendorConfig) EnableTPM() {

config/errors.go

@@ -7,11 +7,27 @@ import (
 
 var errUnknownConfigFormat = errors.New("unknown config format")
 var errUnknownVendor = errors.New("unknown/unsupported vendor")
+var errUnknownSettingType = errors.New("unknown setting type")
+
+var errInvalidBootModeOption = errors.New("invalid BootMode option <LEGACY|UEFI|DUAL>")
+var errInvalidSGXOption = errors.New("invalid SGX option <Enabled|Disabled|Software Controlled>")
 
 func UnknownConfigFormatError(format string) error {
 	return fmt.Errorf("unknown config format %w : %s", errUnknownConfigFormat, format)
 }
 
+func UnknownSettingType(t string) error {
+	return fmt.Errorf("unknown setting type %w : %s", errUnknownSettingType, t)
+}
+
 func UnknownVendorError(vendorName string) error {
 	return fmt.Errorf("unknown/unsupported vendor %w : %s", errUnknownVendor, vendorName)
 }
+
+func InvalidBootModeOption(mode string) error {
+	return fmt.Errorf("%w : %s", errInvalidBootModeOption, mode)
+}
+
+func InvalidSGXOption(mode string) error {
+	return fmt.Errorf("%w : %s", errInvalidSGXOption, mode)
+}

config/interface.go

@@ -7,11 +7,18 @@ import (
 )
 
 type VendorConfigManager interface {
-	EnableTPM()
-	EnableSRIOV()
-
 	Raw(name, value string, menuPath []string)
 	Marshal() (string, error)
+	Unmarshal(cfgData string) (err error)
+	StandardConfig() (biosConfig map[string]string, err error)
+
+	BootMode(mode string) error
+	BootOrder(mode string) error
+	IntelSGX(mode string) error
+	SecureBoot(enable bool) error
+	TPM(enable bool) error
+	SMT(enable bool) error
+	SRIOV(enable bool) error
 }
 
 func NewVendorConfigManager(configFormat, vendorName string, vendorOptions map[string]string) (VendorConfigManager, error) {

config/supermicro.go

@@ -1,8 +1,17 @@
 package config
 
 import (
+	"bytes"
 	"encoding/xml"
 	"strings"
+
+	"golang.org/x/net/html/charset"
+)
+
+const (
+	// enabledValue and disabledValue are utilized for bios setting value normalization
+	enabledValue  = "Enabled"
+	disabledValue = "Disabled"
 )
 
 type supermicroVendorConfig struct {
@@ -28,10 +37,12 @@ type supermicroBiosCfgMenu struct {
 
 type supermicroBiosCfgSetting struct {
 	XMLName        xml.Name `xml:"Setting"`
-	Name           string   `xml:"Name,attr"`
+	Name           string   `xml:"name,attr"`
 	Order          string   `xml:"order,attr"`
 	SelectedOption string   `xml:"selectedOption,attr"`
 	Type           string   `xml:"type,attr"`
+	CheckedStatus  string   `xml:"checkedStatus,attr"`
+	NumericValue   string   `xml:"numericValue,attr"`
 }
 
 func NewSupermicroVendorConfigManager(configFormat string, vendorOptions map[string]string) (VendorConfigManager, error) {
@@ -114,13 +125,208 @@ func (cm *supermicroVendorConfig) Marshal() (string, error) {
 	}
 }
 
+func (cm *supermicroVendorConfig) Unmarshal(cfgData string) (err error) {
+	// the xml exported by sum is ISO-8859-1 encoded
+	decoder := xml.NewDecoder(bytes.NewReader([]byte(cfgData)))
+	// convert characters from non-UTF-8 to UTF-8
+	decoder.CharsetReader = charset.NewReaderLabel
+
+	err = decoder.Decode(cm.ConfigData.BiosCfg)
+	if err != nil {
+		return err
+	}
+
+	return
+}
+
+func (cm *supermicroVendorConfig) StandardConfig() (biosConfig map[string]string, err error) {
+	biosConfig = make(map[string]string)
+
+	for _, menu := range cm.ConfigData.BiosCfg.Menus {
+		for _, s := range menu.Settings {
+			switch s.Name {
+			// We want to drop this list of settings
+			case "NewSetupPassword", "NewSysPassword", "OldSetupPassword", "OldSysPassword":
+			// All others get normalized
+			default:
+				var k, v string
+				k, v, err = normalizeSetting(s)
+
+				if err != nil {
+					return
+				}
+
+				biosConfig[k] = v
+			}
+		}
+	}
+
+	return
+}
+
+func normalizeSetting(s *supermicroBiosCfgSetting) (k, v string, err error) {
+	switch s.Type {
+	case "CheckBox":
+		k = normalizeName(s.Name)
+		v = normalizeValue(k, s.CheckedStatus)
+	case "Option":
+		k = normalizeName(s.Name)
+		v = normalizeValue(k, s.SelectedOption)
+	case "Password":
+		k = normalizeName(s.Name)
+		v = ""
+	case "Numeric":
+		k = normalizeName(s.Name)
+		v = normalizeValue(k, s.NumericValue)
+	default:
+		err = UnknownSettingType(s.Type)
+		return
+	}
+
+	return
+}
+
+func normalizeName(k string) string {
+	switch k {
+	case "CpuMinSevAsid":
+		return "amd_sev"
+	case "BootMode", "Boot mode select":
+		return "boot_mode"
+	case "IntelTxt":
+		return "intel_txt"
+	case "Software Guard Extensions (SGX)":
+		return "intel_sgx"
+	case "SecureBoot", "Secure Boot":
+		return "secure_boot"
+	case "Hyper-Threading", "Hyper-Threading [ALL]", "LogicalProc":
+		return "smt"
+	case "SriovGlobalEnable":
+		return "sr_iov"
+	case "TpmSecurity", "Security Device Support":
+		return "tpm"
+	default:
+		// When we don't normalize the key prepend "raw:"
+		return "raw:" + k
+	}
+}
+
+func normalizeBootMode(v string) string {
+	switch strings.ToLower(v) {
+	case "legacy":
+		return "BIOS"
+	default:
+		return strings.ToUpper(v)
+	}
+}
+
+func normalizeValue(k, v string) string {
+	if k == "boot_mode" {
+		return normalizeBootMode(v)
+	}
+
+	switch strings.ToLower(v) {
+	case "disable":
+		return disabledValue
+	case "disabled":
+		return disabledValue
+	case "enable":
+		return enabledValue
+	case "enabled":
+		return enabledValue
+	case "off":
+		return disabledValue
+	case "on":
+		return enabledValue
+	default:
+		return v
+	}
+}
+
 // Generic config options
 
-func (cm *supermicroVendorConfig) EnableTPM() {
-	cm.Raw("  Security Device Support", "Enable", []string{"Trusted Computing"})
-	cm.Raw("  SHA-1 PCR Bank", "Enabled", []string{"Trusted Computing"})
+func (cm *supermicroVendorConfig) BootMode(mode string) error {
+	switch strings.ToUpper(mode) {
+	case "LEGACY", "UEFI", "DUAL":
+		cm.Raw("Boot mode select", strings.ToUpper(mode), []string{"Boot"})
+	default:
+		return InvalidBootModeOption(strings.ToUpper(mode))
+	}
+
+	return nil
 }
 
-func (cm *supermicroVendorConfig) EnableSRIOV() {
-	cm.Raw("SR-IOV Support", "Enabled", []string{"Advanced", "PCIe/PCI/PnP Configuration"})
+func (cm *supermicroVendorConfig) BootOrder(mode string) error {
+	switch strings.ToUpper(mode) {
+	case "LEGACY":
+		cm.Raw("Legacy Boot Option #1", "Hard Disk", []string{"Boot"})
+		cm.Raw("Legacy Boot Option #2", "Network", []string{"Boot"})
+		for i := 3; i < 8; i++ {
+			cm.Raw("Legacy Boot Option #"+string(i), "Disabled", []string{"Boot"})
+		}
+	case "UEFI":
+		cm.Raw("UEFI Boot Option #1", "UEFI Hard Disk", []string{"Boot"})
+		cm.Raw("UEFI Boot Option #2", "UEFI Network", []string{"Boot"})
+		for i := 3; i < 9; i++ {
+			cm.Raw("UEFI Boot Option #"+string(i), "Disabled", []string{"Boot"})
+		}
+	case "DUAL":
+		// TODO(jwb) Is this just both sets?
+	default:
+		return InvalidBootModeOption(strings.ToUpper(mode))
+	}
+
+	return nil
+}
+
+func (cm *supermicroVendorConfig) IntelSGX(mode string) error {
+	switch mode {
+	case "Disabled", "Enabled", "Software Controlled":
+		// TODO(jwb) Path needs to be determined.
+		cm.Raw("Software Guard Extensions (SGX)", mode, []string{"Advanced", "PCIe/PCI/PnP Configuration"})
+	default:
+		return InvalidSGXOption(mode)
+	}
+
+	return nil
+}
+
+func (cm *supermicroVendorConfig) SecureBoot(enable bool) error {
+	if enable {
+		cm.Raw("Secure Boot", "Enabled", []string{"SMC Secure Boot Configuration"})
+		// cm.Raw("Secure Boot Mode", "Setup", []string{"SMC Secure Boot Configuration"})
+	} else {
+		cm.Raw("Secure Boot", "Disabled", []string{"SMC Secure Boot Configuration"})
+	}
+
+	return nil
+}
+
+func (cm *supermicroVendorConfig) TPM(enable bool) error {
+	if enable {
+		// Note, this is actually 'Enable' not 'Enabled' like everything else.
+		cm.Raw(" Security Device Support", "Enable", []string{"Trusted Computing"})
+		cm.Raw(" SHA-1 PCR Bank", "Enabled", []string{"Trusted Computing"})
+	} else {
+		// Note, this is actually 'Disable' not 'Disabled' like everything else.
+		cm.Raw(" Security Device Support", "Disable", []string{"Trusted Computing"})
+		cm.Raw(" SHA-1 PCR Bank", "Disabled", []string{"Trusted Computing"})
+	}
+
+	return nil
+}
+
+func (cm *supermicroVendorConfig) SMT(enable bool) error {
+	if enable {
+		cm.Raw("Hyper-Threading", "Enabled", []string{"Advanced", "CPU Configuration"})
+	} else {
+		cm.Raw("Hyper-Threading", "Disabled", []string{"Advanced", "CPU Configuration"})
+	}
+
+	return nil
+}
+
+func (cm *supermicroVendorConfig) SRIOV(enable bool) error {
+	// TODO(jwb) Need to figure out how we do this on platforms that support it...
+
+	return nil
 }

go.mod

@@ -1,3 +1,7 @@
 module github.com/bmc-toolbox/common
 
 go 1.17
+
+require golang.org/x/net v0.25.0
+
+require golang.org/x/text v0.15.0 // indirect

go.sum

@@ -0,0 +1,4 @@
+golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
+golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
+golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
+golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=