diff options
Diffstat (limited to 'meta-google')
28 files changed, 535 insertions, 47 deletions
diff --git a/meta-google/conf/layer.conf b/meta-google/conf/layer.conf index a8fda28ea..24a84800c 100644 --- a/meta-google/conf/layer.conf +++ b/meta-google/conf/layer.conf @@ -4,6 +4,13 @@ BBPATH .= ":${LAYERDIR}" BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \ ${LAYERDIR}/recipes-*/*/*.bbappend" +BBFILES_DYNAMIC += " \ + aspeed-layer:${LAYERDIR}/dynamic-layers/aspeed-layer/recipes-*/*/*.bb \ + aspeed-layer:${LAYERDIR}/dynamic-layers/aspeed-layer/recipes-*/*/*.bbappend \ + nuvoton-layer:${LAYERDIR}/dynamic-layers/nuvoton-layer/recipes-*/*/*.bb \ + nuvoton-layer:${LAYERDIR}/dynamic-layers/nuvoton-layer/recipes-*/*/*.bbappend \ + " + BBFILE_COLLECTIONS += "google-layer" BBFILE_PATTERN_google-layer := "^${LAYERDIR}/" LAYERVERSION_google-layer = "1" diff --git a/meta-google/dynamic-layers/aspeed-layer/recipes-kernel/linux/linux-aspeed_%.bbappend b/meta-google/dynamic-layers/aspeed-layer/recipes-kernel/linux/linux-aspeed_%.bbappend new file mode 100644 index 000000000..1f704ca9b --- /dev/null +++ b/meta-google/dynamic-layers/aspeed-layer/recipes-kernel/linux/linux-aspeed_%.bbappend @@ -0,0 +1,4 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/../../../../recipes-kernel/linux/files:" +SRC_URI_append_gbmc = " file://gbmc.cfg" +SRC_URI_append_gbmc_dev = " file://gbmc-dev.cfg" +SRC_URI_append_gbmc_prod = " file://gbmc-prod.cfg" diff --git a/meta-google/dynamic-layers/nuvoton-layer/recipes-bsp/images/npcm7xx-igps-native_%.bbappend b/meta-google/dynamic-layers/nuvoton-layer/recipes-bsp/images/npcm7xx-igps-native_%.bbappend new file mode 100644 index 000000000..890ebbb64 --- /dev/null +++ b/meta-google/dynamic-layers/nuvoton-layer/recipes-bsp/images/npcm7xx-igps-native_%.bbappend @@ -0,0 +1,3 @@ +FILESEXTRAPATHS_prepend_gbmc_hoth := "${THISDIR}/${BPN}:" + +SRC_URI_append_gbmc_hoth = " file://0001-Set-FIU0_DRD_CFG-and-FIU_Clk_divider-for-gbmc-hoth.patch" diff --git a/meta-google/dynamic-layers/nuvoton-layer/recipes-bsp/images/npcm7xx-igps/0001-Set-FIU0_DRD_CFG-and-FIU_Clk_divider-for-gbmc-hoth.patch b/meta-google/dynamic-layers/nuvoton-layer/recipes-bsp/images/npcm7xx-igps/0001-Set-FIU0_DRD_CFG-and-FIU_Clk_divider-for-gbmc-hoth.patch new file mode 100644 index 000000000..9352bb4ee --- /dev/null +++ b/meta-google/dynamic-layers/nuvoton-layer/recipes-bsp/images/npcm7xx-igps/0001-Set-FIU0_DRD_CFG-and-FIU_Clk_divider-for-gbmc-hoth.patch @@ -0,0 +1,52 @@ +From 98c236c535e6cd8cce3d08bb424f5f0d8a99617d Mon Sep 17 00:00:00 2001 +From: Benjamin Fair <benjaminfair@google.com> +Date: Wed, 20 Nov 2019 14:20:38 -0800 +Subject: [PATCH] Set FIU0_DRD_CFG and FIU_Clk_divider for gbmc hoth + +This is to set the SPI frequency to 20MHz + +Signed-off-by: Benjamin Fair <benjaminfair@google.com> +Signed-off-by: Brandon Kim <brandonkim@google.com> +--- + ImageGeneration/references/BootBlockAndHeader_EB.xml | 4 ++-- + ImageGeneration/references/UbootHeader_EB.xml | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/ImageGeneration/references/BootBlockAndHeader_EB.xml b/ImageGeneration/references/BootBlockAndHeader_EB.xml +index 775534f..4d5c053 100644 +--- a/ImageGeneration/references/BootBlockAndHeader_EB.xml ++++ b/ImageGeneration/references/BootBlockAndHeader_EB.xml +@@ -63,7 +63,7 @@ + <offset>0x108</offset> + <size>0x4</size> + </config> +- <content format='32bit'>0x030011BB</content> <!-- content the user should fill --> ++ <content format='32bit'>0x0300100B</content> <!-- content the user should fill --> + </BinField> + + <BinField> +@@ -73,7 +73,7 @@ + <offset>0x10C</offset> + <size>0x1</size> + </config> +- <content format='bytes'>4</content> <!-- content the user should fill --> ++ <content format='bytes'>10</content> <!-- content the user should fill --> + </BinField> + + <BinField> +diff --git a/ImageGeneration/references/UbootHeader_EB.xml b/ImageGeneration/references/UbootHeader_EB.xml +index 1e72e22..4434504 100644 +--- a/ImageGeneration/references/UbootHeader_EB.xml ++++ b/ImageGeneration/references/UbootHeader_EB.xml +@@ -63,7 +63,7 @@ + <offset>0x108</offset> <!-- offset in the header --> + <size>0x4</size> <!-- size in the header --> + </config> +- <content format='32bit'>0x030111BC</content> <!-- content the user should fill 0x030032EB --> ++ <content format='32bit'>0x0300100B</content> <!-- content the user should fill 0x030032EB --> + </BinField> + + <BinField> +-- +2.28.0.220.ged08abb693-goog + diff --git a/meta-google/dynamic-layers/nuvoton-layer/recipes-kernel/linux/files/gbmc-nuvoton.cfg b/meta-google/dynamic-layers/nuvoton-layer/recipes-kernel/linux/files/gbmc-nuvoton.cfg new file mode 100644 index 000000000..3bc14d5fa --- /dev/null +++ b/meta-google/dynamic-layers/nuvoton-layer/recipes-kernel/linux/files/gbmc-nuvoton.cfg @@ -0,0 +1,5 @@ +# Enable EDAC support +CONFIG_EDAC_SUPPORT=y +CONFIG_EDAC=y +CONFIG_EDAC_NPCM7XX=y +CONFIG_RAS=y diff --git a/meta-google/dynamic-layers/nuvoton-layer/recipes-kernel/linux/linux-nuvoton_%.bbappend b/meta-google/dynamic-layers/nuvoton-layer/recipes-kernel/linux/linux-nuvoton_%.bbappend new file mode 100644 index 000000000..8de09b103 --- /dev/null +++ b/meta-google/dynamic-layers/nuvoton-layer/recipes-kernel/linux/linux-nuvoton_%.bbappend @@ -0,0 +1,5 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:${THISDIR}/../../../../recipes-kernel/linux/files:" +SRC_URI_append_gbmc = " file://gbmc.cfg" +SRC_URI_append_gbmc = " file://gbmc-nuvoton.cfg" +SRC_URI_append_gbmc_dev = " file://gbmc-dev.cfg" +SRC_URI_append_gbmc_prod = " file://gbmc-prod.cfg" diff --git a/meta-google/recipes-core/busybox/busybox_%.bbappend b/meta-google/recipes-core/busybox/busybox_%.bbappend index 38863ec45..9d8cb2d97 100644 --- a/meta-google/recipes-core/busybox/busybox_%.bbappend +++ b/meta-google/recipes-core/busybox/busybox_%.bbappend @@ -1,6 +1,2 @@ FILESEXTRAPATHS_prepend_gbmc := "${THISDIR}/files:" -SRC_URI_append_gbmc = " \ - file://udhcpc6.cfg \ - file://ip.cfg \ - file://ls.cfg \ -" +SRC_URI_append_gbmc = " file://gbmc.cfg" diff --git a/meta-google/recipes-core/busybox/files/udhcpc6.cfg b/meta-google/recipes-core/busybox/files/gbmc.cfg index 1c2766fda..e097a921a 100644 --- a/meta-google/recipes-core/busybox/files/udhcpc6.cfg +++ b/meta-google/recipes-core/busybox/files/gbmc.cfg @@ -1,3 +1,15 @@ +# gBMC uses iproute2 +CONFIG_IP=n +CONFIG_NETSTAT=n + +# Debugging utilities +CONFIG_LSOF=y +CONFIG_LSUSB=y + +# Used for line buffering +CONFIG_SCRIPT=y + +# Used by NC-SId CONFIG_FEATURE_IPV6=y CONFIG_UDHCPC6=y CONFIG_FEATURE_UDHCPC6_RFC3646=y diff --git a/meta-google/recipes-core/busybox/files/ip.cfg b/meta-google/recipes-core/busybox/files/ip.cfg deleted file mode 100644 index f9357715e..000000000 --- a/meta-google/recipes-core/busybox/files/ip.cfg +++ /dev/null @@ -1 +0,0 @@ -CONFIG_IPNEIGH=y diff --git a/meta-google/recipes-core/busybox/files/ls.cfg b/meta-google/recipes-core/busybox/files/ls.cfg deleted file mode 100644 index a302cb8b1..000000000 --- a/meta-google/recipes-core/busybox/files/ls.cfg +++ /dev/null @@ -1 +0,0 @@ -CONFIG_LSOF=y diff --git a/meta-google/recipes-core/dropbear/dropbear_%.bbappend b/meta-google/recipes-core/dropbear/dropbear_%.bbappend new file mode 100644 index 000000000..20c53fecb --- /dev/null +++ b/meta-google/recipes-core/dropbear/dropbear_%.bbappend @@ -0,0 +1,11 @@ +# Allow SSH to the mgmt node on DEV builds +do_install_append_gbmc_dev() { + nftables_dir=${D}${sysconfdir}/nftables + rules=$nftables_dir/50-dropbear-dev.rules + install -d -m0755 $nftables_dir + echo 'table inet filter {' >"$rules" + echo ' chain mgmt_pub_input {' >>"$rules" + echo ' tcp dport 22 accept' >>"$rules" + echo ' }' >>"$rules" + echo '}' >>"$rules" +} diff --git a/meta-google/recipes-extended/networking/files/bridge-stp b/meta-google/recipes-extended/networking/files/bridge-stp index c874f4420..59c5786b7 100644 --- a/meta-google/recipes-extended/networking/files/bridge-stp +++ b/meta-google/recipes-extended/networking/files/bridge-stp @@ -1,31 +1,18 @@ -PR = "r1" -PV = "0.1+git${SRCPV}" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" - -SRC_URI = "git://github.com/yrutschle/sslh" -SRCREV = "de8e5725c27ba6941f47254e6fcb485e94f2de35" -S = "${WORKDIR}/git" - -inherit perlnative - -DEPENDS += "conf2struct-native" -DEPENDS += "libbsd" -DEPENDS += "libcap" -DEPENDS += "libconfig" -DEPENDS += "systemd" -DEPENDS += "pcre" - -EXTRA_OEMAKE += "DESTDIR=${D}" -EXTRA_OEMAKE += "PREFIX=${prefix}" -EXTRA_OEMAKE += "USELIBCAP=1" -EXTRA_OEMAKE += "USELIBBSD=1" -EXTRA_OEMAKE += "USESYSTEMD=1" - -do_compile() { - oe_runmake -} - -do_install() { - oe_runmake install -} +#!/bin/sh +if [ "$#" -lt 2 ]; then + echo "Missing args: bridge-stp <bridge> <start|stop>" >&2 + exit 1 +fi +case "$2" in + start) + /usr/sbin/mstpctl addbridge "$1" + exit + ;; + stop) + /usr/sbin/mstpctl delbridge "$1" + exit + ;; + *) + echo "Invalid operation: $2" >&2 + exit 1 +esac diff --git a/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb b/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb new file mode 100644 index 000000000..bf26a8c07 --- /dev/null +++ b/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb @@ -0,0 +1,28 @@ +SUMMARY = "ACPI Power/Sleep state daemon to allow host state events" +DESCRIPTION = "ACPI Power/Sleep state daemon to allow host state events" +HOMEPAGE = "http://github.com/openbmc/google-misc" +PR = "r1" +PV = "1.0+git${SRCPV}" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://../LICENSE;md5=34400b68072d710fecd0a2940a0d1658" + +SRC_URI += "git://github.com/openbmc/google-misc" +SRCREV = "15fe169d1fbdd510bb9cfc9bb725baf0613350ff" +S = "${WORKDIR}/git/acpi-power-state-daemon" + +inherit meson +inherit pkgconfig +inherit systemd + +DEPENDS += " \ + phosphor-dbus-interfaces \ + sdbusplus \ + systemd \ + " + +SYSTEMD_SERVICE_${PN} = " \ + acpi-power-state.service \ + host-s0-state.target \ + host-s5-state.target \ + " diff --git a/meta-google/recipes-google/ipmi/google-ipmi-sys_git.bb b/meta-google/recipes-google/ipmi/google-ipmi-sys_git.bb index c27248700..70c4bcb39 100644 --- a/meta-google/recipes-google/ipmi/google-ipmi-sys_git.bb +++ b/meta-google/recipes-google/ipmi/google-ipmi-sys_git.bb @@ -18,7 +18,7 @@ DEPENDS += "nlohmann-json" S = "${WORKDIR}/git" SRC_URI = "git://github.com/openbmc/google-ipmi-sys" -SRCREV = "96ad906981d1e32ecb77d1c75f30b18eeb9dd3d6" +SRCREV = "3b1b427c1fa4bcddcab1fc003410e5fa5d7a8334" FILES_${PN}_append = " ${libdir}/ipmid-providers/lib*${SOLIBS}" FILES_${PN}_append = " ${libdir}/host-ipmid/lib*${SOLIBS}" diff --git a/meta-google/recipes-google/ipmi/ipmi-fru-sh.bb b/meta-google/recipes-google/ipmi/ipmi-fru-sh.bb new file mode 100644 index 000000000..deaee7aac --- /dev/null +++ b/meta-google/recipes-google/ipmi/ipmi-fru-sh.bb @@ -0,0 +1,16 @@ +SUMMARY = "Shell functions for manipulating IPMI formatted EEPROMs" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" +SRC_URI += "file://lib.sh" +S = "${WORKDIR}" + +DATA = "${datadir}/ipmi-fru" +FILES_${PN} += "${DATA}" + +do_install_append() { + install -d -m0755 ${D}${DATA} + install -m0644 lib.sh ${D}${DATA}/ +} diff --git a/meta-google/recipes-google/ipmi/ipmi-fru-sh/lib.sh b/meta-google/recipes-google/ipmi/ipmi-fru-sh/lib.sh new file mode 100644 index 000000000..335e0b21c --- /dev/null +++ b/meta-google/recipes-google/ipmi/ipmi-fru-sh/lib.sh @@ -0,0 +1,124 @@ +#!/bin/bash +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +[ -n "${ipmi_fru_init-}" ] && return + +IPMI_FRU_COMMON_HEADER_INTERNAL_OFFSET_IDX=1 +IPMI_FRU_COMMON_HEADER_CHASSIS_OFFSET_IDX=2 +IPMI_FRU_COMMON_HEADER_BOARD_OFFSET_IDX=3 +IPMI_FRU_COMMON_HEADER_PRODUCT_OFFSET_IDX=4 +IPMI_FRU_COMMON_HEADER_MULTI_RECORD_OFFSET_IDX=5 +IPMI_FRU_AREA_HEADER_SIZE_IDX=1 +IPMI_FRU_CHECKSUM_IDX=-1 + +of_name_to_eeproms() { + local names + if ! names="$(grep -xl "$1" /sys/bus/i2c/devices/*/of_node/name)"; then + echo "Failed to find eeproms with of_name '$1'" >&2 + return 1 + fi + echo "$names" | sed 's,/of_node/name$,/eeprom,' +} + +of_name_to_eeprom() { + local eeproms + eeproms="$(of_name_to_eeproms "$1")" || return + if (( "$(echo "$eeproms" | wc -l)" != 1 )); then + echo "Got more than one eeprom for '$1':" $eeproms >&2 + return 1 + fi + echo "$eeproms" +} + +checksum() { + local -n checksum_arr="$1" + local checksum=0 + for byte in "${checksum_arr[@]}"; do + checksum=$((checksum + byte)) + done + echo $((checksum & 0xff)) +} + +fix_checksum() { + local -n fix_checksum_arr="$1" + old_cksum=${fix_checksum_arr[$IPMI_FRU_CHECKSUM_IDX]} + ((fix_checksum_arr[$IPMI_FRU_CHECKSUM_IDX]-=$(checksum fix_checksum_arr))) + ((fix_checksum_arr[$IPMI_FRU_CHECKSUM_IDX]&=0xff)) + printf 'Corrected %s checksum from 0x%02X -> 0x%02X\n' \ + "$1" "${old_cksum}" "${fix_checksum_arr[$IPMI_FRU_CHECKSUM_IDX]}" >&2 +} + +read_bytes() { + local file="$1" + local offset="$2" + local size="$3" + + echo "Reading $file at $offset for $size" >&2 + dd if="$file" bs=1 count="$size" skip="$offset" 2>/dev/null | \ + hexdump -v -e '1/1 "%d "' +} + +write_bytes() { + local file="$1" + local offset="$2" + local -n bytes_arr="$3" + + local hexstr + hexstr="$(printf '\\x%x' "${bytes_arr[@]}")" || return + echo "Writing $file at $offset for ${#bytes_arr[@]}" >&2 + printf "$hexstr" | dd of="$file" bs=1 seek=$offset 2>/dev/null +} + +read_header() { + local eeprom="$1" + local -n header_arr="$2" + + header_arr=($(read_bytes "$eeprom" 0 8)) || return + echo "Checking $eeprom FRU Header version" >&2 + # FRU header is always version 1 + (( header_arr[0] == 1 )) || return + echo "Checking $eeprom FRU Header checksum" >&2 + local sum + sum="$(checksum header_arr)" || return + # Checksums should be valid + (( sum == 0 )) || return 10 +} + +read_area() { + local eeprom="$1" + local offset="$2" + local -n area_arr="$3" + local area_size="${4-0}" + + offset=$((offset*8)) + area_arr=($(read_bytes "$eeprom" "$offset" 8)) || return + echo "Checking $eeprom $offset FRU Area version" >&2 + # FRU Area is always version 1 + (( area_arr[0] == 1 )) || return + if (( area_size == 0 )); then + area_size=${area_arr[$IPMI_FRU_AREA_HEADER_SIZE_IDX]} + fi + area_arr=($(read_bytes "$eeprom" "$offset" $((area_size*8)))) || return + echo "Checking $eeprom $offset FRU Area checksum" >&2 + local sum + sum="$(checksum area_arr)" || return + # Checksums should be valid + (( sum == 0 )) || return 10 +} + +ipmi_fru_init=1 +return 0 2>/dev/null +echo "ipmi-fru is a library, not executed directly" >&2 +exit 1 diff --git a/meta-google/recipes-google/ncsi/ncsid_git.bb b/meta-google/recipes-google/ncsi/ncsid_git.bb index 96833b885..de5eb6e5b 100644 --- a/meta-google/recipes-google/ncsi/ncsid_git.bb +++ b/meta-google/recipes-google/ncsi/ncsid_git.bb @@ -8,7 +8,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://../LICENSE;md5=34400b68072d710fecd0a2940a0d1658" SRC_URI += "git://github.com/openbmc/google-misc" -SRCREV = "a65b7b8174de2720b3abe97ebc95a4619bc1bd73" +SRCREV = "15fe169d1fbdd510bb9cfc9bb725baf0613350ff" S = "${WORKDIR}/git/ncsid" inherit meson systemd diff --git a/meta-google/recipes-google/networking/files/gbmc-mac-config.service b/meta-google/recipes-google/networking/files/gbmc-mac-config.service new file mode 100644 index 000000000..fd9247d27 --- /dev/null +++ b/meta-google/recipes-google/networking/files/gbmc-mac-config.service @@ -0,0 +1,10 @@ +[Unit] +Before=systemd-networkd.service + +[Service] +Restart=on-failure +Type=oneshot +ExecStart=/usr/libexec/gbmc-mac-config.sh + +[Install] +WantedBy=multi-user.target diff --git a/meta-google/recipes-google/networking/files/gbmc-mac-config.sh.in b/meta-google/recipes-google/networking/files/gbmc-mac-config.sh.in new file mode 100644 index 000000000..a3430a65e --- /dev/null +++ b/meta-google/recipes-google/networking/files/gbmc-mac-config.sh.in @@ -0,0 +1,82 @@ +#!/bin/bash +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +source /usr/share/ipmi-fru/lib.sh || exit + +eeprom="$(of_name_to_eeprom '@EEPROM@')" || exit + +header=() +read_header "$eeprom" header || exit +internal_offset=${header[$IPMI_FRU_COMMON_HEADER_INTERNAL_OFFSET_IDX]} +if (( internal_offset == 0 )); then + echo "Internal offset invalid for eeprom" >&2 + exit 1 +fi + +# Our MAC Address configuration lives in the internal area with a format +# Offset Data +# 0 Version (Always 1) +# 1 Type (Always 1 for MAC Address) +# 2 Area Length in bytes (Always 32 bytes or 4 IPMI FRU sectors) +# 3-8 MAC Address Base Octets +# 9 Num Allocate MACs from Base +# 10-30 Padding (Always 0xFF) +# 31 IPMI FRU Checksum +internal=() +read_area "$eeprom" "$internal_offset" internal 4 || exit +if (( internal[1] != 1 || internal[2] != 32 )); then + echo "Not a MAC internal region" >&2 + exit 1 +fi +mac=("${internal[@]:3:6}") +num="${internal[@]:9:1}" +macstr=$(printf '%02x:%02x:%02x:%02x:%02x:%02x' "${mac[@]}") +echo "Base MAC $macstr num $num" >&2 + +rc=0 + +# Pre-Determine if we will miss an allocation due to the number of +# addresses the FRU actually supports. +declare -A num_to_if=(@NUM_TO_IF@) +for key in "${!num_to_if[@]}"; do + if (( key >= num )); then + echo "${num_to_if[$key]} at $key is out of range" >&2 + rc=1 + fi +done + +# Write out each MAC override to the runtime networkd configuration +for (( i=0; i<num; i++ )); do + intf="${num_to_if[$i]}" + if [ -n "$intf" ]; then + macstr=$(printf '%02x:%02x:%02x:%02x:%02x:%02x' "${mac[@]}") + echo "Setting $intf to $macstr" >&2 + for override in /run/systemd/network/{00,}-bmc-$intf.network.d; do + mkdir -p "$override" + printf '[Link]\nMACAddress=%s\n' "$macstr" >"$override"/50-mac.conf + done + for override in /run/systemd/network/{00,}-bmc-$intf.netdev.d; do + mkdir -p "$override" + printf '[NetDev]\nMACAddress=%s\n' "$macstr" >"$override"/50-mac.conf + done + fi + if (( ++mac[5] > 0xff )); then + echo "MAC assignment too large: ${mac[@]}" >&2 + rc=2 + break + fi +done + +exit $rc diff --git a/meta-google/recipes-google/networking/gbmc-iperf3.bb b/meta-google/recipes-google/networking/gbmc-iperf3.bb index f1a88b459..5044e418b 100644 --- a/meta-google/recipes-google/networking/gbmc-iperf3.bb +++ b/meta-google/recipes-google/networking/gbmc-iperf3.bb @@ -12,7 +12,19 @@ SRC_URI += "file://iperf3.service" SYSTEMD_SERVICE_${PN} += "iperf3.service" do_install() { - # Install service definitions - install -d -m 0755 ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/iperf3.service ${D}${systemd_system_unitdir} + # Install service definitions + install -d -m 0755 ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/iperf3.service ${D}${systemd_system_unitdir} +} + +# Allow IPERF3 to the mgmt node on DEV builds +do_install_append_dev() { + nftables_dir=${D}${sysconfdir}/nftables + rules=$nftables_dir/50-gbmc-iperf3-dev.rules + install -d -m0755 $nftables_dir + echo 'table inet filter {' >"$rules" + echo ' chain mgmt_pub_input {' >>"$rules" + echo ' tcp dport 5201 accept' >>"$rules" + echo ' }' >>"$rules" + echo '}' >>"$rules" } diff --git a/meta-google/recipes-google/networking/gbmc-mac-config.bb b/meta-google/recipes-google/networking/gbmc-mac-config.bb new file mode 100644 index 000000000..6ca4c798b --- /dev/null +++ b/meta-google/recipes-google/networking/gbmc-mac-config.bb @@ -0,0 +1,50 @@ +SUMMARY = "Configures MAC addresses on a gBMC system" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +inherit systemd + +SRC_URI += " \ + file://gbmc-mac-config.service \ + file://gbmc-mac-config.sh.in \ + " + +S = "${WORKDIR}" + +RDEPENDS_${PN} += " \ + bash \ + ipmi-fru-sh \ + " + +FILES_${PN} += "${systemd_unitdir}" + +SYSTEMD_SERVICE_${PN} += "gbmc-mac-config.service" + +GBMC_MAC_EEPROM_OF_NAME ?= "" + +# Maps the MAC address offset from the base address to an interface name +# in bash associative array syntax. +# Ex. "[0]=eth0 [2]=eth2" +GBMC_MAC_IF_MAP ?= "" + +do_install_append() { + if [ -z '${GBMC_MAC_EEPROM_OF_NAME}' ]; then + echo 'Missing GBMC_MAC_EEPROM_OF_NAME' >&2 + exit 1 + fi + + # Build time dictionary sanity check + bash -c 'declare -A dict=(${GBMC_MAC_IF_MAP})' + + sed gbmc-mac-config.sh.in \ + -e 's#@EEPROM@#${GBMC_MAC_EEPROM_OF_NAME}#' \ + -e 's#@NUM_TO_IF@#${GBMC_MAC_IF_MAP}#' \ + >gbmc-mac-config.sh + + install -d -m0755 ${D}${libexecdir} + install -m0755 gbmc-mac-config.sh ${D}${libexecdir}/ + + install -d -m0755 ${D}${systemd_system_unitdir} + install -m0644 gbmc-mac-config.service ${D}${systemd_system_unitdir}/ +} diff --git a/meta-google/recipes-google/nftables/files/nft-configure.sh b/meta-google/recipes-google/nftables/files/nft-configure.sh new file mode 100644 index 000000000..a82c2826f --- /dev/null +++ b/meta-google/recipes-google/nftables/files/nft-configure.sh @@ -0,0 +1,16 @@ +#!/bin/bash +shopt -s nullglob +declare -A basemap=() +i=0 +for dir in /run/nftables /etc/nftables /usr/share/nftables; do + for file in "$dir"/*.rules; do + basemap["${file##*/}$i"]="$file" + done + let i+=1 +done +rc=0 +for key in $(printf "%s\n" "${!basemap[@]}" | sort -r); do + echo "Executing ${basemap[$key]}" >&2 + nft -f "${basemap[$key]}" || rc=$? +done +exit $rc diff --git a/meta-google/recipes-google/nftables/files/nftables.service b/meta-google/recipes-google/nftables/files/nftables.service index 3830988eb..79f0bb5b0 100644 --- a/meta-google/recipes-google/nftables/files/nftables.service +++ b/meta-google/recipes-google/nftables/files/nftables.service @@ -4,7 +4,7 @@ Before=network-pre.target [Service] Type=oneshot RemainAfterExit=yes -ExecStart=/bin/bash -c 'shopt -s nullglob; echo /etc/nftables/*.rules | xargs -r -n 1 nft -f' +ExecStart=/usr/libexec/nft-configure.sh ExecStop=/bin/bash -c 'nft flush ruleset' [Install] diff --git a/meta-google/recipes-google/nftables/nftables-systemd.bb b/meta-google/recipes-google/nftables/nftables-systemd.bb index 24d3e821b..f4109ddc7 100644 --- a/meta-google/recipes-google/nftables/nftables-systemd.bb +++ b/meta-google/recipes-google/nftables/nftables-systemd.bb @@ -8,10 +8,22 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5 inherit systemd -SRC_URI += "file://nftables.service" +SRC_URI += " \ + file://nft-configure.sh \ + file://nftables.service \ + " + SYSTEMD_SERVICE_${PN} += "nftables.service" +RDEPENDS_${PN} += " \ + bash \ + nftables \ + " + do_install() { - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/nftables.service ${D}${systemd_system_unitdir} + install -d ${D}${libexecdir} + install -m0755 ${WORKDIR}/nft-configure.sh ${D}${libexecdir}/ + + install -d ${D}${systemd_system_unitdir} + install -m0644 ${WORKDIR}/nftables.service ${D}${systemd_system_unitdir}/ } diff --git a/meta-google/recipes-kernel/linux/files/gbmc-dev.cfg b/meta-google/recipes-kernel/linux/files/gbmc-dev.cfg new file mode 100644 index 000000000..d37b1163e --- /dev/null +++ b/meta-google/recipes-kernel/linux/files/gbmc-dev.cfg @@ -0,0 +1,15 @@ +# Enable all kinds of kernel debug features +CONFIG_DEBUG_KERNEL=y +CONFIG_DYNAMIC_DEBUG=y +CONFIG_DEBUG_FS=y +# Turn off DEBUG_INFO to compress image size. +CONFIG_DEBUG_INFO=n +CONFIG_FUNCTION_TRACER=y +CONFIG_FUNCTION_GRAPH_TRACER=y +CONFIG_STACK_TRACER=y +CONFIG_DYNAMIC_FTRACE=y + +# We want to allow for sysrqs over the console +CONFIG_MAGIC_SYSRQ=y +CONFIG_MAGIC_SYSRQ_SERIAL=y +CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1 diff --git a/meta-google/recipes-kernel/linux/files/gbmc-prod.cfg b/meta-google/recipes-kernel/linux/files/gbmc-prod.cfg new file mode 100644 index 000000000..e1a4ce8ec --- /dev/null +++ b/meta-google/recipes-kernel/linux/files/gbmc-prod.cfg @@ -0,0 +1,2 @@ +# Prod builds should not have SYSRQ +CONFIG_MAGIC_SYSRQ=n diff --git a/meta-google/recipes-kernel/linux/files/gbmc.cfg b/meta-google/recipes-kernel/linux/files/gbmc.cfg new file mode 100644 index 000000000..4385cc9eb --- /dev/null +++ b/meta-google/recipes-kernel/linux/files/gbmc.cfg @@ -0,0 +1,38 @@ +# Appended gBMC kernel commandline +CONFIG_CMDLINE="dummy.numdummies=0" +CONFIG_CMDLINE_EXTEND=y + +# We still have commandline users of /dev/mem +CONFIG_DEVMEM=y +CONFIG_DEVMEM_BOOTPARAM=n + +# Unused implicitly included functionality +CONFIG_IPV6_SIT=n + +# Used by gbmc nftables configurations +CONFIG_NETFILTER=y +CONFIG_NF_CONNTRACK=y +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_TABLES=y +CONFIG_NFT_CT=y +CONFIG_NF_TABLES_INET=y +CONFIG_NFT_REJECT=y +CONFIG_NFT_LOG=y +CONFIG_IP_NF_IPTABLES=y +CONFIG_NF_LOG_IPV4=y +CONFIG_NFT_FIB_IPV4=y +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_TARGET_REJECT=y +CONFIG_IP6_NF_IPTABLES=y +CONFIG_NF_LOG_IPV6=y +CONFIG_NFT_FIB_IPV6=y +CONFIG_IP6_NF_FILTER=y +CONFIG_IP6_NF_TARGET_REJECT=y + +# MGMT Bridge Required Features +CONFIG_BRIDGE=y +CONFIG_DUMMY=y +# Support for bridge filter +CONFIG_BRIDGE_NETFILTER=y +CONFIG_NF_TABLES_BRIDGE=y +CONFIG_BRIDGE_NF_EBTABLES=y diff --git a/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend b/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend index 37655b98f..acccde532 100644 --- a/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend +++ b/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend @@ -4,7 +4,10 @@ OBMC_IMAGE_EXTRA_INSTALL_append = " phosphor-ipmi-blobs" OBMC_IMAGE_EXTRA_INSTALL_append = " phosphor-ipmi-ethstats" OBMC_IMAGE_EXTRA_INSTALL_append = " phosphor-ipmi-flash" +OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " iproute2 iproute2-ss" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " gbmc-systemd-config" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " gbmc-iperf3" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ '${@"" if not d.getVar("GBMC_NCSI_IF_NAME") else " gbmc-ncsi-config"}' +OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ + '${@"" if not d.getVar("GBMC_MAC_EEPROM_OF_NAME") else " gbmc-mac-config"}' |