Documentation
¶
Overview ¶
Package setupandconfiguration facilitiates communication with Intel® AMT devices to access and interact with the Setup and Configuration Service, which is the logic in Intel® AMT that responds to Setup and Configuration requests.
Index ¶
- Constants
- type Body
- type CommitChanges_OUTPUT
- type EnabledState
- type GetUuid_OUTPUT
- type MEBXPassword
- type PasswordModelValue
- type ProvisioningMode
- type ProvisioningModeValue
- type ProvisioningStateValue
- type PullResponse
- type RequestedState
- type Response
- type Service
- func (s Service) CommitChanges() (response Response, err error)
- func (s Service) Enumerate() (response Response, err error)
- func (s Service) Get() (response Response, err error)
- func (s Service) GetUuid() (response Response, err error)
- func (s Service) Pull(enumerationContext string) (response Response, err error)
- func (s Service) Put(setupAndConfigurationService SetupAndConfigurationServiceRequest) (response Response, err error)
- func (s Service) SetMEBXPassword(password string) (response Response, err error)
- func (s Service) Unprovision(provisioningMode ProvisioningModeValue) (response Response, err error)
- type SetMEBxPassword_OUTPUT
- type SetupAndConfigurationServiceRequest
- type SetupAndConfigurationServiceResponse
- type Unprovision_OUTPUT
Constants ¶
const ( AMT_SetupAndConfigurationService string = "AMT_SetupAndConfigurationService" CommitChanges string = "CommitChanges" Unprovision string = "Unprovision" SetMEBxPassword string = "SetMEBxPassword" GetUuid string = "GetUuid" )
const ( AdminControlMode ProvisioningModeValue = 1 ClientControlMode ProvisioningModeValue = 4 PreProvisioning ProvisioningStateValue = 0 InProvisioning ProvisioningStateValue = 1 PostProvisioning ProvisioningStateValue = 2 )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Body ¶
type Body struct {
XMLName xml.Name `xml:"Body"`
GetResponse SetupAndConfigurationServiceResponse
EnumerateResponse common.EnumerateResponse
PullResponse PullResponse
GetUuid_OUTPUT GetUuid_OUTPUT `xml:"GetUuid_OUTPUT"`
Unprovision_OUTPUT Unprovision_OUTPUT `xml:"Unprovision_OUTPUT"`
CommitChanges_OUTPUT CommitChanges_OUTPUT `xml:"CommitChanges_OUTPUT"`
SetMEBxPassword_OUTPUT SetMEBxPassword_OUTPUT `xml:"SetMEBxPassword_OUTPUT"`
}
Response Types
type CommitChanges_OUTPUT ¶
ValueMap={0, 1, 38, 2057}
Values={PT_STATUS_SUCCESS, PT_STATUS_INTERNAL_ERROR, PT_STATUS_FLASH_WRITE_LIMIT_EXCEEDED, PT_STATUS_DATA_MISSING}
type EnabledState ¶
type EnabledState int
EnabledState is an integer enumeration that indicates the enabled and disabled states of an element. It can also indicate the transitions between these requested states. For example, shutting down (value=4) and starting (value=10) are transient states between enabled and disabled.
The following text briefly summarizes the various enabled and disabled states:
Enabled (2) indicates that the element is or could be executing commands, will process any queued commands, and queues new requests.
Disabled (3) indicates that the element will not execute commands and will drop any new requests.
Shutting Down (4) indicates that the element is in the process of going to a Disabled state.
Not Applicable (5) indicates the element does not support being enabled or disabled.
Enabled but Offline (6) indicates that the element might be completing commands, and will drop any new requests.
Test (7) indicates that the element is in a test state.
Deferred (8) indicates that the element might be completing commands, but will queue any new requests.
Quiesce (9) indicates that the element is enabled but in a restricted mode.
Starting (10) indicates that the element is in the process of going to an Enabled state. New requests are queued.
Value 6 ("Enabled but Offline") can be recieved also if the Audit Log is in locked state.
ValueMap={0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11..32767, 32768..65535}
Values={Unknown, Other, Enabled, Disabled, Shutting Down, Not Applicable, Enabled but Offline, In Test, Deferred, Quiesce, Starting, DMTF Reserved, Vendor Reserved}
const ( EnabledStateUnknown EnabledState = iota EnabledStateOther EnabledStateEnabled EnabledStateDisabled EnabledStateShuttingDown EnabledStateNotApplicable EnabledStateEnabledbutOffline EnabledStateInTest EnabledStateDeferred EnabledStateQuiesce EnabledStateStarting )
type GetUuid_OUTPUT ¶
UUID of the system. If the value is all FFh, the ID is not currently present in the system, but is settable. If the value is all 00h, the ID is not present in the system. Corresponds to the UUID field of the SMBIOS Type 1 structure
type MEBXPassword ¶
type MEBXPassword struct {
XMLName xml.Name `xml:"h:SetMEBxPassword_INPUT"`
H string `xml:"xmlns:h,attr"`
Password string `xml:"h:Password,omitempty"`
}
Password needs to be strong: Contain at least one of: upper-case, lower-case, digit and special character
MinLen=8, MaxLen=32
type PasswordModelValue ¶
type PasswordModelValue int
An enumeration value that determines the password model of Intel® AMT.
This is a read-only property.
While in post-provisioning state, value is 'Separate password model' (1), otherwise value is 'Coupled password model' (0)
ValueMap={0, 1, 2}
Values={Coupled password model (the password of the network and the local interfaces are identical), Separate password model (the password of the network and the local interfaces are separate), Separate-Hash password model}
const ( CoupledPasswordModel PasswordModelValue = iota SeparatePasswordModel SeparateHashPasswordModel )
type ProvisioningMode ¶
type ProvisioningMode struct {
XMLName xml.Name `xml:"h:Unprovision_INPUT"`
H string `xml:"xmlns:h,attr"`
ProvisioningMode ProvisioningModeValue `xml:"h:ProvisioningMode,omitempty"`
}
Indicates the provisioning mode (Enterprise , Small Business or Remote Connectivity) the device will enter following successful completion of the command. Starting from Release 6.0 only effective value is ProvisioningModeEnterprise
ValueMap={0, 1, 2, 3}
Values={ProvisioningModeCurrent, ProvisioningModeEnterprise, ProvisioningModeSmallBusiness, ProvisioningRemoteConnectivity}
type ProvisioningModeValue ¶
type ProvisioningModeValue int
A Read-Only enumeration value that determines the behavior of Intel® AMT when it is deployed. Starting from Release 7.0, this enumeration indicates whether AMT is deployed in "Admin control mode" or "Client control mode". In "Admin" mode, AMT functionality is on the same level of previous releases. In "Client" mode functionality is limited or requires user consent.
In AMT Release 7.0, the value map has changed to "Admin Control Mode" (1 - matches the previous "enterprise" mode) and "Client Control Mode" (4).
From Intel CSME 19.0, available also in pre-provisioning after IPS_HostBasedSetupService.Setup is called, before calling CommitChanges.
ValueMap={1, .., 4, ..}
Values={Admin Control Mode, Reserved1, Client Control Mode, Reserved2}
type ProvisioningStateValue ¶
type ProvisioningStateValue int
An enumeration value that indicates the state of the Intel® AMT subsystem in the provisioning process"Pre" - the setup operation has not started."In" - the setup operation is in progress."Post" - Intel® AMT is configured.
This is a read-only property.
ValueMap={0, 1, 2}
Values={Pre, In, Post}
type PullResponse ¶
type PullResponse struct {
XMLName xml.Name `xml:"PullResponse"`
SetupAndConfigurationServiceItems []SetupAndConfigurationServiceResponse `xml:"Items>AMT_SetupAndConfigurationService"`
}
Response Types
type RequestedState ¶
type RequestedState int
RequestedState is an integer enumeration that indicates the last requested or desired state for the element, irrespective of the mechanism through which it was requested. The actual state of the element is represented by EnabledState. This property is provided to compare the last requested and current enabled or disabled states. Note that when EnabledState is set to 5 ("Not Applicable"), then this property has no meaning. Refer to the EnabledState property description for explanations of the values in the RequestedState enumeration.
"Unknown" (0) indicates the last requested state for the element is unknown.
Note that the value "No Change" (5) has been deprecated in lieu of indicating the last requested state is "Unknown" (0). If the last requested or desired state is unknown, RequestedState should have the value "Unknown" (0), but may have the value "No Change" (5).Offline (6) indicates that the element has been requested to transition to the Enabled but Offline EnabledState. It should be noted that there are two new values in RequestedState that build on the statuses of EnabledState. These are "Reboot" (10) and "Reset" (11). Reboot refers to doing a "Shut Down" and then moving to an "Enabled" state. Reset indicates that the element is first "Disabled" and then "Enabled". The distinction between requesting "Shut Down" and "Disabled" should also be noted. Shut Down requests an orderly transition to the Disabled state, and might involve removing power, to completely erase any existing state. The Disabled state requests an immediate disabling of the element, such that it will not execute or accept any commands or processing requests.
This property is set as the result of a method invocation (such as Start or StopService on CIM_Service), or can be overridden and defined as WRITEable in a subclass. The method approach is considered superior to a WRITEable property, because it allows an explicit invocation of the operation and the return of a result code.
If knowledge of the last RequestedState is not supported for the EnabledLogicalElement, the property shall be NULL or have the value 12 "Not Applicable".
ValueMap={0, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, .., 32768..65535}
Values={Unknown, Enabled, Disabled, Shut Down, No Change, Offline, Test, Deferred, Quiesce, Reboot, Reset, Not Applicable, DMTF Reserved, Vendor Reserved}
const ( RequestedStateEnabled RequestedState = iota + 2 RequestedStateDisabled RequestedStateShutDown RequestedStateNoChange RequestedStateOffline RequestedStateTest RequestedStateDeferred RequestedStateQuiesce RequestedStateReboot RequestedStateReset RequestedStateNotApplicable RequestedStateUnknown RequestedState = 0 )
type Response ¶
type Response struct {
*client.Message
XMLName xml.Name `xml:"Envelope"`
Header message.Header `xml:"Header"`
Body Body `xml:"Body"`
}
Response Types
func (*Response) DecodeUUID ¶
DecodeUUID formats the returned AMT base64 encoded UUID into a human readable UUID
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func NewSetupAndConfigurationServiceWithClient ¶
func NewSetupAndConfigurationServiceWithClient(wsmanMessageCreator *message.WSManMessageCreator, client client.WSMan) Service
NewSetupAndConfigurationServiceWithClient instantiates a new Service
func (Service) CommitChanges ¶
CommitChanges saves pending configuration commands made to the Intel® AMT device. Completes configuration when in "IN-provisioning" state. This routine commits pending configuration commands which are dependent on an internal restart sequence or a cumulative validity check.
Failure to execute this command prevents the pending configurations (which are not stored in flash memory) to take effect. Operations (or situations such as a power loss) that immediately change flash memory depend on a call to CommitChanges()to refresh the internal Firmware state.
Note:
1. If TLS is enabled, RSA Key and Certificate must be configured in order to work properly with the changes being committed.
2. If DHCP is enabled, host-name must be set.
3. If mutual authentication is configured, then at least one trusted root certificate must exist.
4. When using TLS mutual authentication, the user must first configure the Intel AMT system time.
5. If in EnterpriseMode Provisioning, then caller must update the internal clock and change the PRNG.
Since committing changes may cause an internal restart sequence, remote applications should allow sufficient time for Intel AMT to reload before issuing the next command.
ValueMap={0, 1, 38, 2057}
Values={PT_STATUS_SUCCESS, PT_STATUS_INTERNAL_ERROR, PT_STATUS_FLASH_WRITE_LIMIT_EXCEEDED, PT_STATUS_DATA_MISSING}
func (Service) Enumerate ¶
Enumerate returns an enumeration context which is used in a subsequent Pull call
func (Service) GetUuid ¶
GetUuid gets the AMT UUID from the device.
The returned value is in base64 format. DecodeUUID can be used to format this value into a human readable UUID
ValueMap={0, 1}
Values={PT_STATUS_SUCCESS, PT_STATUS_INTERNAL_ERROR}
func (Service) Pull ¶
Pull returns the instances of this class. An enumeration context provided by the Enumerate call is used as input.
func (Service) Put ¶
func (s Service) Put(setupAndConfigurationService SetupAndConfigurationServiceRequest) (response Response, err error)
Put will change properties of the selected instance
func (Service) SetMEBXPassword ¶
SetMEBXPassword changes the ME Bios extension password. It allows a remote caller to change the ME access password for the BIOS extension screen. This call succeeds depending on the password policy rule defined in MEBx (BIOS extension):
"Default Password Only" - Method succeeds only when the current password is still the default value and only in PKI provisioning.
"During Setup and Configuration" - Method succeeds only during provisioning, regardless of provisioning method or previous password value.
"ANYTIME" - Method will always succeed. (i.e. even when configured).
Note: API is blocked in client control mode
ValueMap={0, 1, 16, 2054}
Values={PT_STATUS_SUCCESS, PT_STATUS_INTERNAL_ERROR, PT_STATUS_NOT_PERMITTED, PT_STATUS_INVALID_PASSWORD}
func (Service) Unprovision ¶
func (s Service) Unprovision(provisioningMode ProvisioningModeValue) (response Response, err error)
Unprovision unconfigures and deactivates the Intel® AMT device. The device will need to be re-provisioned after this command before being able to use AMT features.
In Client Control Mode, call will succeed even if auditor is blocking the operation.
ValueMap={0, 1, 16, 36, 2076}
Values={PT_STATUS_SUCCESS, PT_STATUS_INTERNAL_ERROR, PT_STATUS_NOT_PERMITTED, PT_STATUS_INVALID_PARAMETER, PT_STATUS_BLOCKING_COMPONENT}
type SetMEBxPassword_OUTPUT ¶
type SetMEBxPassword_OUTPUT struct {
XMLName xml.Name `xml:"SetMEBxPassword_OUTPUT"`
ReturnValue int
}
ValueMap={0, 1, 16, 2054}
Values={PT_STATUS_SUCCESS, PT_STATUS_INTERNAL_ERROR, PT_STATUS_NOT_PERMITTED, PT_STATUS_INVALID_PASSWORD}
type SetupAndConfigurationServiceRequest ¶
type SetupAndConfigurationServiceRequest struct {
XMLName xml.Name `xml:"h:AMT_SetupAndConfigurationService"`
H string `xml:"xmlns:h,attr"`
RequestedState RequestedState `xml:"h:RequestedState,omitempty"` // RequestedState is an integer enumeration that indicates the last requested or desired state for the element, irrespective of the mechanism through which it was requested.
EnabledState EnabledState `xml:"h:EnabledState,omitempty"` // EnabledState is an integer enumeration that indicates the enabled and disabled states of an element.
ElementName string `xml:"h:ElementName,omitempty"` // A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties, identity data, and description information. Note that the Name property of ManagedSystemElement is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user-friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information can be present in both the Name and ElementName properties. Note that if there is an associated instance of CIM_EnabledLogicalElementCapabilities, restrictions on this properties may exist as defined in ElementNameMask and MaxElementNameLen properties defined in that class.
SystemCreationClassName string `xml:"h:SystemCreationClassName,omitempty"` // The CreationClassName of the scoping System.
SystemName string `xml:"h:SystemName,omitempty"` // The Name of the scoping System.
CreationClassName string `xml:"h:CreationClassName,omitempty"` // CreationClassName indicates the name of the class or the subclass that is used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified.
Name string `xml:"h:Name,omitempty"` // The Name property uniquely identifies the Service and provides an indication of the functionality that is managed. This functionality is described in more detail in the Description property of the object.
ProvisioningMode ProvisioningModeValue `xml:"h:ProvisioningMode,omitempty"` // A Read-Only enumeration value that determines the behavior of Intel® AMT when it is deployed.
ProvisioningState ProvisioningStateValue `xml:"h:ProvisioningState,omitempty"` // An enumeration value that indicates the state of the Intel® AMT subsystem in the provisioning process"Pre" - the setup operation has not started."In" - the setup operation is in progress."Post" - Intel® AMT is configured.
ZeroTouchConfigurationEnabled bool `xml:"h:ZeroTouchConfigurationEnabled,omitempty"` // Indicates if Zero Touch Configuration (Remote Configuration) is enabled or disabled. This property affects only enterprise mode. It can be modified while in SMB mode
ProvisioningServerOTP string `xml:"h:ProvisioningServerOTP,omitempty"` // A optional binary data value containing 8-32 characters,that represents a one-time password (OTP), used to authenticate the Intel® AMT to the configuration server. This property can be retrieved only in IN Provisioning state, nevertheless, it is settable also in POST provisioning state.
ConfigurationServerFQDN string `xml:"h:ConfigurationServerFQDN,omitempty"` // The FQDN of the configuration server.
PasswordModel PasswordModelValue `xml:"h:PasswordModel,omitempty"` // An enumeration value that determines the password model of Intel® AMT.
DhcpDNSSuffix string `xml:"h:DhcpDNSSuffix,omitempty"` // Domain name received from DHCP
TrustedDNSSuffix string `xml:"h:TrustedDNSSuffix,omitempty"` // Trusted domain name configured in MEBX
}
Request Types
type SetupAndConfigurationServiceResponse ¶
type SetupAndConfigurationServiceResponse struct {
XMLName xml.Name `xml:"AMT_SetupAndConfigurationService"`
RequestedState RequestedState `xml:"RequestedState,omitempty"` // RequestedState is an integer enumeration that indicates the last requested or desired state for the element, irrespective of the mechanism through which it was requested.
EnabledState EnabledState `xml:"EnabledState,omitempty"` // EnabledState is an integer enumeration that indicates the enabled and disabled states of an element.
ElementName string `xml:"ElementName,omitempty"` // A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties, identity data, and description information. Note that the Name property of ManagedSystemElement is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user-friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information can be present in both the Name and ElementName properties. Note that if there is an associated instance of CIM_EnabledLogicalElementCapabilities, restrictions on this properties may exist as defined in ElementNameMask and MaxElementNameLen properties defined in that class.
SystemCreationClassName string `xml:"SystemCreationClassName,omitempty"` // The CreationClassName of the scoping System.
SystemName string `xml:"SystemName,omitempty"` // The Name of the scoping System.
CreationClassName string `xml:"CreationClassName,omitempty"` // CreationClassName indicates the name of the class or the subclass that is used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified.
Name string `xml:"Name,omitempty"` // The Name property uniquely identifies the Service and provides an indication of the functionality that is managed. This functionality is described in more detail in the Description property of the object.
ProvisioningMode ProvisioningModeValue `xml:"ProvisioningMode,omitempty"` // A Read-Only enumeration value that determines the behavior of Intel® AMT when it is deployed.
ProvisioningState ProvisioningStateValue `xml:"ProvisioningState,omitempty"` // An enumeration value that indicates the state of the Intel® AMT subsystem in the provisioning process"Pre" - the setup operation has not started."In" - the setup operation is in progress."Post" - Intel® AMT is configured.
ZeroTouchConfigurationEnabled bool `xml:"ZeroTouchConfigurationEnabled,omitempty"` // Indicates if Zero Touch Configuration (Remote Configuration) is enabled or disabled. This property affects only enterprise mode. It can be modified while in SMB mode
ProvisioningServerOTP string `xml:"ProvisioningServerOTP,omitempty"` // A optional binary data value containing 8-32 characters,that represents a one-time password (OTP), used to authenticate the Intel® AMT to the configuration server. This property can be retrieved only in IN Provisioning state, nevertheless, it is settable also in POST provisioning state.
ConfigurationServerFQDN string `xml:"ConfigurationServerFQDN,omitempty"` // The FQDN of the configuration server.
PasswordModel PasswordModelValue `xml:"PasswordModel,omitempty"` // An enumeration value that determines the password model of Intel® AMT.
DhcpDNSSuffix string `xml:"DhcpDNSSuffix,omitempty"` // Domain name received from DHCP
TrustedDNSSuffix string `xml:"TrustedDNSSuffix,omitempty"` // Trusted domain name configured in MEBX
}
Response Types
type Unprovision_OUTPUT ¶
ValueMap={0, 1, 16, 36, 2076}
Values={PT_STATUS_SUCCESS, PT_STATUS_INTERNAL_ERROR, PT_STATUS_NOT_PERMITTED, PT_STATUS_INVALID_PARAMETER, PT_STATUS_BLOCKING_COMPONENT}
Source Files