DMTF has a relatively-new Redfish project, with tools (currently 6 Python-based tools) that’re useful for security researchers, system administrators, and firmware testers:
Sensor List (rf_sensor_list.py): walk a Redfish service and list sensor info
System Inventory (rf_sys_inventory.py): walk a Redfish service and list component information
Power/Reset (rf_power_reset.py): perform a power/reset operation of a system
Boot Override (rf_boot_override.py): perform a one time boot override of a system
Accounts (rf_accounts.py): manage user accounts on a Redfish service
Update (rf_update.py): perform an update with a Redfish service
DMTF has released v2019.1 of Redfish, which includes 19 schema updates, revisions to the Redfish specification, and additional developer resources:
Redfish Schema Bundle (updated)
Redfish Specification (updated)
Redfish 2019.1 Overview (updated)
Redfish Resource and Schema Guide (updated)
Redfish Release History (updated)
Redfish Property Guide (new document)
This repository contains selection of Redfish recordings that can be served by the Redfish mock servers.
Hopefully they take patches; if so, please consider submitting info for Redfish-capable machines you have access to, it appears fairly easy to generate the necessary data. Right now, beyond the mockups, there’s one entry for a Lenovo system.
I just learned about redfish-finder, a Redfish discovery tool for Linux. It maps your BMC NIC to the name redfish-localhost. When the Spring 2019 UEFI Forum Plugfest slides and videos are uploaded, there’s a presentation that talks about this tool. It is in the latest version of Fedora. Hopefully coming soon to other distros….
A GUI Test Tool comparing JSON with SPEC using excel
A new Redfish library:
.Net library to consume Redfish API.
libredfish is a new Rust-based Redfish library. Not to be confused by the libredfish library in C by the DMTF.
The Redfish specification supports event mechanism through which the target redfish devices can send events from different components in the system to an event listener. This project provides an event listener that is create in native PowerShell.
Redfish-based API tool for managing bare-metal systems via the Redfish API
[I’m also posting this so any Redfish exploiters realize that this name is already taken. 🙂 There’s actually a few dozen interesting Redfish tools/libraries that I need to make posts on.]
One of the difficulties of using the Redfish host api is the translation of the SMBIOS data above into meaningful application configuration data.[…]redfish-finder: parses the smbios data for Redfish access, translates the device specification to an OS interface name, uses NetworkManager to configure the network interface with the appropriate settings, and adds an entry to /etc/hosts mapping the name redfish-localhost to the Discovered Redfish service address.[…]
DMTF Redfish has updated their schema and specs.
New Redfish Schema, Specification and Developer Resources Now Available. New items just released include:
* 2018.1 Redfish Schema Bundle: A .zip file that contains the current versions of all Redfish schema, including a new ExternalAccountProvider schema for LDAP/ActiveDirectory support. Additional schema updates enable support for Server Sent-Eventing (SSE), provide additional information for Processors and Settings, and more.
* Redfish Specification v1.5.0: Adds new support for SSE, enabling the streaming of events to web-based GUIs and other clients. Other specification updates in this release include a mechanism for specifying deterministic behavior for the application of Create, Delete or Action (POST) operations.
* Redfish Resource and Schema Guide: New for 2018, this human-readable guide to the Redfish Schema is designed to help educate users of Redfish. Application developers and DevOps personnel creating client-side software to communicate with a Redfish service, as well as other consumers of the API, will benefit from the explanations in this resource.
* Redfish 2018.1 Overview: Provides detailed descriptions of each revision in the latest version of the Redfish Schema and Specification.
Click to access DSP0266_1.5.0.pdf
Click to access DSP2046_2018.1_0.pdf
Click to access Redfish_2018_Release_1_Overview.pdf
DMTF and PICMG Form Alliance
DMTF and the PCI Industrial Computer Manufacturer Group (PICMG) have formed an alliance to help ensure the two organizations’ standards are coordinated and aligned in the Industrial Internet of Things (IIoT) domain.
Click to access PICMG_Work_Register_v1.0.pdf
Expect to see Redfish listed as 10th entry here shortly, I am guessing:
The DMTF, NVM Express, Inc. and SNIA have formed a new three-way alliance to coordinate standards for managing SSD storage devices. […] In addition to SNIA’s Swordfish and DMTF’s Redfish, the alliance’s collaborative work will include the following standards:
* NVM Express™(NVMe™) is the register interface and command set for PCI Express attached storage with industry standard software available for numerous operating systems. The NVM Express™Management Interface (NVMe-MI™) is the command set and architecture for management of NVM Express storage (e.g., discovering, monitoring, and updating NVMe devices using a BMC).
* DMTF’s Management Component Transport Protocol (MCTP) is a protocol and Platform Level Data Model (PLDM) is a low-level data model defined by the DMTF Platform Management Components Intercommunications (PMCI) Working Group (https://www.dmtf.org/standards/pmci) . MCTP is designed to support communications between different intelligent hardware components that make up a platform management subsystem that provides monitoring and control functions inside a managed system.
Click to access NVMe-DMTF-SNIA_Work_Register_v1.0.pdf
ISO/IEC 30115:2018: The Redfish Scalable Platforms Management API (“Redfish”) is a new specification that uses RESTful interface semantics to access data defined in model format to perform out-of-band systems management. It is suitable for a wide range of servers, from stand-alone servers to rack mount and bladed environments but scales equally well for large scale cloud environments. There are several out-of-band systems management standards (defacto and de jour) available in the industry. They all either vary widely in implementation, were developed for single server embedded environments or have their roots in antiquated software modeling constructs. There is no single industry standard that is simple to use, based on emerging programming standards, embedded friendly and capable of meeting large scale data center & cloud needs.
[…]Redfish-JSON-C-Struct-Converter is a C client library which used to convert Redfish resource in JSON text format to C structure and vice versa. The functions in Redfish-JSON-C-Struct-Converter library provides the C language friendly structure which can be easily utilized in C programs. Bindings also provided on top of C source/header files for different computer languages and build environments, such as UEFI EDK2 environment or akin to the bindings for Java and Python in libredfish library. Each C file is a converter for the specific version of Redfish schema released by SPFM. For example, ServiceRoot.v1_2_0.c under /ServiceRoot/ServiceRoot.v1_2_0 provides functions to convert ServiceRoot.v1_2_0.ServiceRoot property to predefined RedfishServiceRootV1_2_0_CS C structure. It also provides functions to convert RedfishServiceRootV1_2_0_CS C structure to JSON text file. All C files under /src are built into a single library. Other programs which built with Redfish-JSON-C-Struct-Converter library must links with this library and invokes the conversion functions as it needs.[…]
The DMTF has released its new Platform Level Data Model (PLDM) for Redfish® Device Enablement Specification  as a Work in Progress, inviting public review and comment. This standard enables a management controller to present Redfish -conformant management of I/O adapters in a server, without the need for code specific to each adapter family/vendor/model. PLDM for Redfish Device Enablement describes the operation and format of request messages (also referred to as commands) and response messages, designed to be delivered using PLDM messaging. Using Redfish, messages are generated by a Redfish client through interactions with a user or a script, and communicated via JSON over HTTP or HTTPS to a management controller. Using the new standard, the management controller will encode the message into a binary format (Binary Encoded JSON, or BEJ) and communicate it using PLDM to an appropriate device for servicing. The device processes the message and returns the response back using PLDM to the management controller, again in binary format. The management controller then decodes the response and constructs a standard Redfish response in JSON over HTTP or HTTPS for delivery back to the client. PLDM for Redfish Device Enablement is developed by the DMTF’s Platform Management Components Intercommunications (PMCI) Working Group , which defines standards to address “inside the box” communication and functional interfaces. It can be used in conjunction with other PMCI standards, such as the PLDM Firmware Update Specification, to provide a comprehensive, common architecture for improved communication between management subsystem components. The new WIP release is the latest example of the ongoing hard work and close collaboration between DMTF Working Groups (including PMCI, SMBIOS and SPMF) to seamlessly address both internal- and external-facing interfaces and protocols for system management.
” OpenUSM – Let Docker Containers Manage Your Datacenter
OpenUSM is a suite of tools and utilities which configures and manage the lifecycle of system management. OpenUSM has a capability to perform the following functions:
* BIOS Token Change
* Firmware Update