Redfish-Tacklebox: Python based utilities for performing common management operations with Redfish

DMTF has a relatively-new Redfish project, with tools (currently 6 Python-based tools) that’re useful for security researchers, system administrators, and firmware testers:

Sensor List ( walk a Redfish service and list sensor info

System Inventory ( walk a Redfish service and list component information

Power/Reset ( perform a power/reset operation of a system

Boot Override ( perform a one time boot override of a system

Accounts ( manage user accounts on a Redfish service

Update ( perform an update with a Redfish service

Redfish Version 2019.1 released

DMTF has released v2019.1 of Redfish, which includes 19 schema updates, revisions to the Redfish specification, and additional developer resources:

Redfish Schema Bundle (updated)
Redfish Specification (updated)
Redfish 2019.1 Overview (updated)
Redfish Resource and Schema Guide (updated)
Redfish Release History (updated)
Redfish Property Guide (new document)

redfish-finder: utility to parse dmidecode output for Host Management Controllers, and setup canonically named access to them

I just learned about redfish-finder, a Redfish discovery tool for Linux. It maps your BMC NIC to the name redfish-localhost. When the Spring 2019 UEFI Forum Plugfest slides and videos are uploaded, there’s a presentation that talks about this tool. It is in the latest version of Fedora. Hopefully coming soon to other distros….

PSRedfishEventListener: Redfish Event Listener in PowerShell

The Redfish specification supports event mechanism through which the target redfish devices can send events from different components in the system to an event listener. This project provides an event listener that is create in native PowerShell.

Redfish-finder: utility to parse dmidecode output for Host Management Controllers, and setup canonically named access to them

One of the difficulties of using the Redfish host api is the translation of the SMBIOS data above into meaningful application configuration data.[…]redfish-finder: parses the smbios data for Redfish access, translates the device specification to an OS interface name, uses NetworkManager to configure the network interface with the appropriate settings, and adds an entry to /etc/hosts mapping the name redfish-localhost to the Discovered Redfish service address.[…]


Eclypsium research on SuperMicro BMC/Redfish vulnerability

Insecure Firmware Updates in Server Management Systems

Redfish releases new schema and spec

DMTF Redfish has updated their schema and specs.

New Redfish Schema, Specification and Developer Resources Now Available. New items just released include:

* 2018.1 Redfish Schema Bundle: A .zip file that contains the current versions of all Redfish schema, including a new ExternalAccountProvider schema for LDAP/ActiveDirectory support. Additional schema updates enable support for Server Sent-Eventing (SSE), provide additional information for Processors and Settings, and more.

* Redfish Specification v1.5.0:  Adds new support for SSE, enabling the streaming of events to web-based GUIs and other clients. Other specification updates in this release include a mechanism for specifying deterministic behavior for the application of Create, Delete or Action (POST) operations.

* Redfish Resource and Schema Guide: New for 2018, this human-readable guide to the Redfish Schema is designed to help educate users of Redfish. Application developers and DevOps personnel creating client-side software to communicate with a Redfish service, as well as other consumers of the API, will benefit from the explanations in this resource.

* Redfish 2018.1 Overview: Provides detailed descriptions of each revision in the latest version of the Redfish Schema and Specification.

Click to access DSP0266_1.5.0.pdf

Click to access DSP2046_2018.1_0.pdf

Click to access Redfish_2018_Release_1_Overview.pdf


DMTF Redfish and PCIMG form alliance for Industrial IoT standards

DMTF and PICMG Form Alliance

DMTF and the PCI Industrial Computer Manufacturer Group (PICMG) have formed an alliance to help ensure the two organizations’ standards are coordinated and aligned in the Industrial Internet of Things (IIoT) domain.

Click to access PICMG_Work_Register_v1.0.pdf

Expect to see Redfish listed as 10th entry here shortly, I am guessing:


DMTF, NVMe and SNIA form 3-way alliance for SSD storage mgmt

The DMTF, NVM Express, Inc. and SNIA have formed a new three-way alliance to coordinate standards for managing SSD storage devices. […] In addition to SNIA’s Swordfish and DMTF’s Redfish, the alliance’s collaborative work will include the following standards:

* NVM Express™(NVMe™) is the register interface and command set for PCI Express attached storage with industry standard software available for numerous operating systems. The NVM Express™Management Interface (NVMe-MI™) is the command set and architecture for management of NVM Express storage (e.g., discovering, monitoring, and updating NVMe devices using a BMC).

* DMTF’s Management Component Transport Protocol (MCTP) is a protocol and Platform Level Data Model (PLDM) is a low-level data model defined by the DMTF Platform Management Components Intercommunications (PMCI) Working Group ( . MCTP is designed to support communications between different intelligent hardware components that make up a platform management subsystem that provides monitoring and control functions inside a managed system.

* DMTF’s PLDM for Redfish Device Enablement (RDE) defines messages and data structures used for enabling PLDM devices to participate in Redfish-based management without needing to support either JavaScript Object Notation (JSON, used for operation data payloads) or the [Secure] Hypertext Transfer Protocol (HTTP/HTTPS, used to transport and configure operations).


Click to access NVMe-DMTF-SNIA_Work_Register_v1.0.pdf

DMTF Redfish becomes ISO/IEC 30115:2018 Redfish

ISO/IEC 30115:2018: The Redfish Scalable Platforms Management API (“Redfish”) is a new specification that uses RESTful interface semantics to access data defined in model format to perform out-of-band systems management. It is suitable for a wide range of servers, from stand-alone servers to rack mount and bladed environments but scales equally well for large scale cloud environments. There are several out-of-band systems management standards (defacto and de jour) available in the industry. They all either vary widely in implementation, were developed for single server embedded environments or have their roots in antiquated software modeling constructs. There is no single industry standard that is simple to use, based on emerging programming standards, embedded friendly and capable of meeting large scale data center & cloud needs.

Redfish-JSON-C-Struct-Converter: Convert Redfish JSON resource to C structure and vice versa

[…]Redfish-JSON-C-Struct-Converter is a C client library which used to convert Redfish resource in JSON text format to C structure and vice versa. The functions in Redfish-JSON-C-Struct-Converter library provides the C language friendly structure which can be easily utilized in C programs. Bindings also provided on top of C source/header files for different computer languages and build environments, such as UEFI EDK2 environment or akin to the bindings for Java and Python in libredfish library. Each C file is a converter for the specific version of Redfish schema released by SPFM. For example, ServiceRoot.v1_2_0.c under /ServiceRoot/ServiceRoot.v1_2_0 provides functions to convert ServiceRoot.v1_2_0.ServiceRoot property to predefined RedfishServiceRootV1_2_0_CS C structure. It also provides functions to convert RedfishServiceRootV1_2_0_CS C structure to JSON text file. All C files under /src are built into a single library. Other programs which built with Redfish-JSON-C-Struct-Converter library must links with this library and invokes the conversion functions as it needs.[…]


DMTF Releases New PLDM for Redfish Device Enablement Specification

The DMTF has released its new Platform Level Data Model (PLDM) for Redfish® Device Enablement Specification [1] as a Work in Progress, inviting public review and comment. This standard enables a management controller to present Redfish -conformant management of I/O adapters in a server, without the need for code specific to each adapter family/vendor/model. PLDM for Redfish Device Enablement describes the operation and format of request messages (also referred to as commands) and response messages, designed to be delivered using PLDM messaging. Using Redfish, messages are generated by a Redfish client through interactions with a user or a script, and communicated via JSON over HTTP or HTTPS to a management controller. Using the new standard, the management controller will encode the message into a binary format (Binary Encoded JSON, or BEJ) and communicate it using PLDM to an appropriate device for servicing. The device processes the message and returns the response back using PLDM to the management controller, again in binary format. The management controller then decodes the response and constructs a standard Redfish response in JSON over HTTP or HTTPS for delivery back to the client. PLDM for Redfish Device Enablement is developed by the DMTF’s Platform Management Components Intercommunications (PMCI) Working Group [2], which defines standards to address “inside the box” communication and functional interfaces. It can be used in conjunction with other PMCI standards, such as the PLDM Firmware Update Specification, to provide a comprehensive, common architecture for improved communication between management subsystem components. The new WIP release is the latest example of the ongoing hard work and close collaboration between DMTF Working Groups (including PMCI, SMBIOS and SPMF) to seamlessly address both internal- and external-facing interfaces and protocols for system management.


Redfish 2017.3 released

Redfish Specification v1.4.0 is released.


DMTF’s Redfish Version 2017.3 is now available. Version 2017.3 adds new schemas for BootOption, Assembly, Protocol, and more.


Dell releases Redfish-based OpenUSM, has firmware-update feature

” OpenUSM – Let Docker Containers Manage Your Datacenter
OpenUSM is a suite of tools and utilities which configures and manage the lifecycle of system management. OpenUSM has a capability to perform the following functions:
* BIOS Token Change
* Firmware Update

alt text