diff options
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-phosphor')
27 files changed, 1198 insertions, 188 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/dbus/phosphor-dbus-interfaces/0026-Add-StandbySpare-support-for-software-inventory.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/dbus/phosphor-dbus-interfaces/0026-Add-StandbySpare-support-for-software-inventory.patch new file mode 100644 index 000000000..cbf966a37 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/dbus/phosphor-dbus-interfaces/0026-Add-StandbySpare-support-for-software-inventory.patch @@ -0,0 +1,56 @@ +From ae9e4b2a166dc4f34b255ed5338abbfa8aa37778 Mon Sep 17 00:00:00 2001 +From: Vikram Bodireddy <vikram.bodireddy@linux.intel.com> +Date: Sat, 30 Nov 2019 18:20:13 +0530 +Subject: [PATCH] Add StandbySpare support for software inventory + +Add support to allow update for active / recovery +regions of specified firmware. This update enables +the backend modules to advertise whether the +software object is active or recovery (StandbySpare) +image. + +Change-Id: I0d46206463ba566bcaa710fb271aa4d795fa49cd +Signed-off-by: Vikram Bodireddy <vikram.bodireddy@linux.intel.com> +--- + xyz/openbmc_project/Software/Activation.interface.yaml | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/xyz/openbmc_project/Software/Activation.interface.yaml b/xyz/openbmc_project/Software/Activation.interface.yaml +index 37c9cb9..b71b8e7 100644 +--- a/xyz/openbmc_project/Software/Activation.interface.yaml ++++ b/xyz/openbmc_project/Software/Activation.interface.yaml +@@ -28,12 +28,20 @@ enumerations: + - name: Activating + description: > + The Software.Version is in the process of being Activated. ++ - name: ActivatingAsStandbySpare ++ description: > ++ The Software.Version is in the process of being processed ++ as StandbySpare. + - name: Active + description: > + The Software.Version is currently Active. + - name: Failed + description: > + The Software.Version failed during or after Activation. ++ - name: StandbySpare ++ description: > ++ The Software.Version is part of a redundancy set and awaits ++ a failover or external action to activate. + - name: RequestedActivations + description: > + The possible RequestedActivation states of a Software.Version. +@@ -44,6 +52,10 @@ enumerations: + - name: Active + description: > + The Software.Version has been requested for Activation. ++ - name: StandbySpare ++ description: > ++ The Software.Version has been requested to be enabled as ++ StandbySpare. + # TODO: Specify "EAGAIN" type error when requested is unable to be acted on + # due to current system state. Currently, sdbusplus does not support + # errors on properties. +-- +2.7.4 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/dbus/phosphor-dbus-interfaces_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/dbus/phosphor-dbus-interfaces_%.bbappend index f21845ce6..d9240f760 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/dbus/phosphor-dbus-interfaces_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/dbus/phosphor-dbus-interfaces_%.bbappend @@ -1,5 +1,5 @@ SRC_URI = "git://github.com/openbmc/phosphor-dbus-interfaces.git" -SRCREV = "4610bace070eb17c6e4ee015210dac44284c53a7" +SRCREV = "1b02c38979ab4fa2649699a26266367b115eee7c" FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" @@ -13,4 +13,5 @@ SRC_URI += "file://0005-Add-DBUS-interface-of-CPU-and-Memory-s-properties.patch file://0024-Add-the-pre-timeout-interrupt-defined-in-IPMI-spec.patch \ file://0025-Add-PreInterruptFlag-properity-in-DBUS.patch \ file://0001-Reapply-Enhance-DHCP-beyond-just-OFF-and-IPv4-IPv6-e.patch \ + file://0026-Add-StandbySpare-support-for-software-inventory.patch \ " diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0007-Adding-StandBySpare-for-firmware-activation.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0007-Adding-StandBySpare-for-firmware-activation.patch new file mode 100644 index 000000000..b63226cce --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0007-Adding-StandBySpare-for-firmware-activation.patch @@ -0,0 +1,76 @@ +From c2ae3ac444f7a5e9674a82f47086874f947bcec6 Mon Sep 17 00:00:00 2001 +From: Vikram Bodireddy <vikram.bodireddy@linux.intel.com> +Date: Thu, 5 Dec 2019 12:38:21 +0530 +Subject: [PATCH] Adding StandBySpare for firmware activation + +Added new states 'StandBySpare', 'ActivatingAsStandbySpare' for +firmware activation. If the uploaded firmware image is for +backup/recovery, then it sets the "StandBySpare" value for +Activations. When backup/recovery image is in activating state, +then activations will be set to "ActivatingAsStandbySpare". + +Tested: +Tested using redfish interface. +Did the GET on "/redfish/v1/UpdateService/FirmwareInventory/<backup image>" +Response: + .... + "Status": { + "Health": "OK", + "HealthRollup": "OK", + "State": "StandbySpare" + } +....... + +Change-Id: I7f1608fac3196774a6d593b6128d58da3f5c88fc +Signed-off-by: Vikram Bodireddy <vikram.bodireddy@linux.intel.com> +--- + activation.cpp | 22 ++++++++++++++++++++-- + 1 file changed, 20 insertions(+), 2 deletions(-) + +diff --git a/activation.cpp b/activation.cpp +index 2966b2f..a098784 100644 +--- a/activation.cpp ++++ b/activation.cpp +@@ -80,12 +80,16 @@ auto Activation::activation(Activations value) -> Activations + { + + if ((value != softwareServer::Activation::Activations::Active) && +- (value != softwareServer::Activation::Activations::Activating)) ++ (value != softwareServer::Activation::Activations::Activating) && ++ (value != ++ softwareServer::Activation::Activations::ActivatingAsStandbySpare)) + { + redundancyPriority.reset(nullptr); + } + +- if (value == softwareServer::Activation::Activations::Activating) ++ if (value == softwareServer::Activation::Activations::Activating || ++ value == ++ softwareServer::Activation::Activations::ActivatingAsStandbySpare) + { + #ifdef UBIFS_LAYOUT + if (rwVolumeCreated == false && roVolumeCreated == false) +@@ -256,6 +260,20 @@ auto Activation::requestedActivation(RequestedActivations value) + softwareServer::Activation::Activations::Activating); + } + } ++ else if ((value == ++ softwareServer::Activation::RequestedActivations::StandbySpare) && ++ (softwareServer::Activation::requestedActivation() != ++ softwareServer::Activation::RequestedActivations::StandbySpare)) ++ { ++ if ((softwareServer::Activation::activation() == ++ softwareServer::Activation::Activations::Ready) || ++ (softwareServer::Activation::activation() == ++ softwareServer::Activation::Activations::Failed)) ++ { ++ Activation::activation(softwareServer::Activation::Activations:: ++ ActivatingAsStandbySpare); ++ } ++ } + return softwareServer::Activation::requestedActivation(value); + } + +-- +2.7.4 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0008-PFR-image-HASH-verification.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0008-PFR-image-HASH-verification.patch new file mode 100644 index 000000000..31373104f --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0008-PFR-image-HASH-verification.patch @@ -0,0 +1,408 @@ +From ac6e0c217a1b136d82f93b691aff1acb40009f26 Mon Sep 17 00:00:00 2001 +From: Vikram Bodireddy <vikram.bodireddy@linux.intel.com> +Date: Thu, 5 Dec 2019 11:55:36 +0530 +Subject: [PATCH] PFR image HASH verification + +This adds HASH verification on PFR images uploaded for +firmware updates + +Tested: tested firmware update with good and bad HASH images. + +Signed-off-by: Vikram Bodireddy <vikram.bodireddy@linux.intel.com> +--- + pfr_image_manager.cpp | 149 ++++++++++++++++++++++++++++++++---------- + pfr_image_manager.hpp | 112 +++++++++++++++++++++++++++++-- + 2 files changed, 221 insertions(+), 40 deletions(-) + +diff --git a/pfr_image_manager.cpp b/pfr_image_manager.cpp +index 242a6ca..1a41cbe 100644 +--- a/pfr_image_manager.cpp ++++ b/pfr_image_manager.cpp +@@ -5,6 +5,8 @@ + #include "version.hpp" + #include "watch.hpp" + ++#include <fcntl.h> ++#include <openssl/err.h> + #include <stdio.h> + #include <stdlib.h> + #include <sys/stat.h> +@@ -15,9 +17,9 @@ + #include <algorithm> + #include <cstring> + #include <elog-errors.hpp> +-#include <filesystem> + #include <fstream> + #include <iomanip> ++#include <set> + #include <sstream> + #include <string> + #include <xyz/openbmc_project/Software/Image/error.hpp> +@@ -33,12 +35,21 @@ using namespace sdbusplus::xyz::openbmc_project::Software::Image::Error; + namespace Software = phosphor::logging::xyz::openbmc_project::Software; + + static constexpr const uint32_t pfmPos = 2054; ++static constexpr const uint32_t block0Magic = 0xB6EAFD19; ++static constexpr const uint32_t lengthBlk0Blk1 = 1024; + +-static int getPFRImgInfo(const std::filesystem::path imgPath, uint8_t& imgType, +- std::string& version) ++int Manager::verifyPFRImage(const std::filesystem::path imgPath, ++ std::string& version, std::string& purposeString) + { +- struct pfrImgBlock0 block0Data; +- uint8_t verData[2]; ++ uint8_t imgType = 0; ++ uint32_t imgMagic = 0; ++ uint8_t verData[2] = {0}; ++ uint32_t hashLen = 0; ++ struct pfrImgBlock0 block0Data = {}; ++ ++ std::string imageName; ++ ++ EVP_MD_CTX* ctx; + + if (std::filesystem::exists(imgPath)) + { +@@ -55,17 +66,101 @@ static int getPFRImgInfo(const std::filesystem::path imgPath, uint8_t& imgType, + + imgFile.read(reinterpret_cast<char*>(&block0Data), + sizeof(block0Data)); ++ ++ imgMagic = block0Data.tag; ++ ++ if (imgMagic != block0Magic) ++ { ++ phosphor::logging::log<phosphor::logging::level::ERR>( ++ "Image magic number match failed", ++ phosphor::logging::entry("IMAGEMAGIC=0x%x", imgMagic)); ++ return -1; ++ } ++ + imgType = block0Data.pcType[0]; ++ ++ phosphor::logging::log<phosphor::logging::level::INFO>( ++ "Image Type", phosphor::logging::entry( ++ "IMAGETYPE=0x%x", static_cast<int>(imgType))); ++ ++ if (imgType == pfrBMCUpdateCap || imgType == pfrBMCPFM) ++ { ++ imageName = "BMC"; ++ purposeString = ++ "xyz.openbmc_project.Software.Version.VersionPurpose.BMC"; ++ } ++ else if (imgType == pfrPCHUpdateCap || imgType == pfrPCHPFM) ++ { ++ imageName = "BIOS"; ++ purposeString = ++ "xyz.openbmc_project.Software.Version.VersionPurpose.Host"; ++ } ++ else if (imgType == pfrCPLDUpdateCap) ++ { ++ imageName = "CPLD"; ++ purposeString = ++ "xyz.openbmc_project.Software.Version.VersionPurpose.Other"; ++ } ++ else ++ { ++ purposeString = "xyz.openbmc_project.Software.Version." ++ "VersionPurpose.Unknown"; ++ ++ phosphor::logging::log<phosphor::logging::level::ERR>( ++ "Unknown image type"); ++ return -1; ++ } ++ + imgFile.seekg(pfmPos, + std::ios::beg); // Version is at 0x806 in the PFM + imgFile.read(reinterpret_cast<char*>(&verData), sizeof(verData)); + imgFile.close(); +- version = +- std::to_string(verData[0]) + "." + std::to_string(verData[1]); ++ ++ auto size = std::filesystem::file_size(imgPath); ++ ++ phosphor::logging::log<phosphor::logging::level::INFO>( ++ "Image Size", phosphor::logging::entry("IMAGESIZE=0x%x", ++ static_cast<int>(size))); ++ ++ // Adds all digest algorithms to the internal table ++ OpenSSL_add_all_digests(); ++ ++ ctx = EVP_MD_CTX_create(); ++ EVP_DigestInit(ctx, EVP_sha256()); ++ ++ // Hash the image file and update the digest ++ auto dataPtr = mapFile(imgPath, size); ++ ++ EVP_DigestUpdate(ctx, ((uint8_t*)dataPtr() + lengthBlk0Blk1), ++ (size - lengthBlk0Blk1)); ++ ++ std::vector<uint8_t> digest(EVP_MD_size(EVP_sha256())); ++ std::vector<uint8_t> expectedDigest(block0Data.hash256, ++ &block0Data.hash256[0] + 32); ++ ++ EVP_DigestFinal(ctx, digest.data(), &hashLen); ++ EVP_MD_CTX_destroy(ctx); ++ ++ std::string redfishMsgID = "OpenBMC.0.1"; ++ ++ if (expectedDigest != digest) ++ { ++ redfishMsgID += ".GeneralFirmwareSecurityViolation"; ++ sd_journal_send("MESSAGE=%s", ++ "Firmware image HASH verification failed", ++ "PRIORITY=%i", LOG_ERR, "REDFISH_MESSAGE_ID=%s", ++ redfishMsgID.c_str(), "REDFISH_MESSAGE_ARGS=%s", ++ "Image HASH check fail", NULL); ++ return -1; ++ } ++ + phosphor::logging::log<phosphor::logging::level::INFO>( + "PFR image", + phosphor::logging::entry("PCType=%d", block0Data.pcType[0]), + phosphor::logging::entry("VERSION=%s", version.c_str())); ++ ++ version = ++ std::to_string(verData[0]) + "." + std::to_string(verData[1]); + } + catch (std::exception& e) + { +@@ -79,20 +174,20 @@ static int getPFRImgInfo(const std::filesystem::path imgPath, uint8_t& imgType, + + int Manager::processImage(const std::string& imgFilePath) + { ++ + std::filesystem::path imgPath(imgFilePath); + + if (!std::filesystem::exists(imgPath)) + return -1; + +- uint8_t imgType; + int retry = 3; + std::string ver; + std::string purposeString; + +- if (0 != getPFRImgInfo(imgFilePath, imgType, ver)) ++ if (0 != verifyPFRImage(imgFilePath, ver, purposeString)) + { + phosphor::logging::log<phosphor::logging::level::ERR>( +- "Error reading uploaded image type and version"); ++ "Error verifying uploaded image"); + return -1; + } + +@@ -103,31 +198,6 @@ int Manager::processImage(const std::string& imgFilePath) + return -1; + } + +- if (imgType == pfrBMCUpdateCap) +- { +- purposeString = +- "xyz.openbmc_project.Software.Version.VersionPurpose.BMC"; +- } +- else if (imgType == pfrPCHUpdateCap) +- { +- purposeString = +- "xyz.openbmc_project.Software.Version.VersionPurpose.Host"; +- } +- else if (imgType == pfrCPLDUpdateCap) +- { +- purposeString = +- "xyz.openbmc_project.Software.Version.VersionPurpose.Other"; +- } +- else +- { +- purposeString = +- "xyz.openbmc_project.Software.Version.VersionPurpose.Unknown"; +- +- phosphor::logging::log<phosphor::logging::level::ERR>( +- "Unknown image type"); +- return -1; +- } +- + sdbusplus::xyz::openbmc_project::Software::server::Version::VersionPurpose + purpose = Version::VersionPurpose::Unknown; + try +@@ -169,6 +239,7 @@ int Manager::processImage(const std::string& imgFilePath) + std::filesystem::create_directory(imageDirPath); + + std::filesystem::path newFileName = imageDirPath / "image-runtime"; ++ + std::filesystem::rename(imgFilePath, newFileName); + + // Create Version object +@@ -212,6 +283,14 @@ void Manager::erase(std::string entryId) + this->versions.erase(entryId); + } + ++CustomMap Manager::mapFile(const std::filesystem::path& path, size_t size) ++{ ++ ++ CustomFd fd(open(path.c_str(), O_RDONLY)); ++ ++ return CustomMap(mmap(nullptr, size, PROT_READ, MAP_PRIVATE, fd(), 0), ++ size); ++} + } // namespace manager + } // namespace software + } // namespace phosphor +diff --git a/pfr_image_manager.hpp b/pfr_image_manager.hpp +index c6ee6a4..5b7b2c3 100644 +--- a/pfr_image_manager.hpp ++++ b/pfr_image_manager.hpp +@@ -1,6 +1,13 @@ + #pragma once + #include "version.hpp" + ++#include <openssl/evp.h> ++#include <openssl/pem.h> ++#include <openssl/rsa.h> ++#include <sys/mman.h> ++#include <unistd.h> ++ ++#include <filesystem> + #include <sdbusplus/server.hpp> + + namespace phosphor +@@ -10,7 +17,8 @@ namespace software + namespace manager + { + +-enum pfrImgPCType { ++enum pfrImgPCType ++{ + pfrCPLDUpdateCap = 0x00, + pfrPCHPFM = 0x01, + pfrPCHUpdateCap = 0x02, +@@ -19,15 +27,94 @@ enum pfrImgPCType { + }; + + /* PFR image block 0 - As defined in HAS */ +-struct pfrImgBlock0 { +- uint8_t tag[4]; ++struct pfrImgBlock0 ++{ ++ uint32_t tag; + uint8_t pcLength[4]; + uint8_t pcType[4]; + uint8_t reserved1[4]; + uint8_t hash256[32]; + uint8_t hash384[48]; + uint8_t reserved2[32]; +-}__attribute__((packed)); ++} __attribute__((packed)); ++ ++/** @struct CustomFd ++ * ++ * RAII wrapper for file descriptor. ++ */ ++struct CustomFd ++{ ++ public: ++ CustomFd() = delete; ++ CustomFd(const CustomFd&) = delete; ++ CustomFd& operator=(const CustomFd&) = delete; ++ CustomFd(CustomFd&&) = default; ++ CustomFd& operator=(CustomFd&&) = default; ++ /** @brief Saves File descriptor and uses it to do file operation ++ * ++ * @param[in] fd - File descriptor ++ */ ++ CustomFd(int fd) : fd(fd) ++ { ++ } ++ ++ ~CustomFd() ++ { ++ if (fd >= 0) ++ { ++ close(fd); ++ } ++ } ++ ++ int operator()() const ++ { ++ return fd; ++ } ++ ++ private: ++ /** @brief File descriptor */ ++ int fd = -1; ++}; ++ ++/** @struct CustomMap ++ * ++ * RAII wrapper for mmap. ++ */ ++struct CustomMap ++{ ++ private: ++ /** @brief starting address of the map */ ++ void* addr; ++ ++ /** @brief length of the mapping */ ++ size_t length; ++ ++ public: ++ CustomMap() = delete; ++ CustomMap(const CustomMap&) = delete; ++ CustomMap& operator=(const CustomMap&) = delete; ++ CustomMap(CustomMap&&) = default; ++ CustomMap& operator=(CustomMap&&) = default; ++ ++ /** @brief Saves starting address of the map and ++ * and length of the file. ++ * @param[in] addr - Starting address of the map ++ * @param[in] length - length of the map ++ */ ++ CustomMap(void* addr, size_t length) : addr(addr), length(length) ++ { ++ } ++ ++ ~CustomMap() ++ { ++ munmap(addr, length); ++ } ++ ++ void* operator()() const ++ { ++ return addr; ++ } ++}; + + /** @class Manager + * @brief Contains a map of Version dbus objects. +@@ -61,13 +148,28 @@ class Manager + void erase(std::string entryId); + + private: ++ /** ++ * @brief Memory map the file ++ * @param[in] - file path ++ * @param[in] - file size ++ * @param[out] - Custom Mmap address ++ */ ++ CustomMap mapFile(const std::filesystem::path& path, size_t size); ++ ++ /** ++ * @brief Verify the PFR image and return version and purpose ++ * @param[in] - file path ++ * @param[out] - version ++ * @param[out] - purpose ++ */ ++ int verifyPFRImage(const std::filesystem::path imgPath, ++ std::string& version, std::string& purposeString); + /** @brief Persistent map of Version dbus objects and their + * version id */ + std::map<std::string, std::unique_ptr<Version>> versions; + + /** @brief Persistent sdbusplus DBus bus connection. */ + sdbusplus::bus::bus& bus; +- + }; + + } // namespace manager +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/fwupd@.service b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/fwupd@.service index d51fee312..64d9a47a6 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/fwupd@.service +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/fwupd@.service @@ -4,5 +4,5 @@ Description=Flash BMC with fwupd script : %I [Service]
Type=oneshot
RemainAfterExit=no
-ExecStart=/usr/bin/fwupd.sh file:////tmp/images/%i/image-runtime
-SyslogIdentifier=fwupd
\ No newline at end of file +ExecStart=/usr/bin/fwupd.sh %i
+SyslogIdentifier=fwupd
diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager_%.bbappend index 90da32ac2..96ddfc3ca 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager_%.bbappend @@ -9,6 +9,11 @@ SRC_URI += "file://0002-Redfish-firmware-activation.patch \ file://0004-Changed-the-condition-of-software-version-service-wa.patch \ file://0005-Modified-firmware-activation-to-launch-fwupd.sh-thro.patch \ file://0006-Modify-the-ID-of-software-image-updater-object-on-DB.patch \ + file://0007-Adding-StandBySpare-for-firmware-activation.patch \ " -SRC_URI += "${@bb.utils.contains('IMAGE_FSTYPES', 'intel-pfr', 'file://0007-PFR-images-support.patch', '', d)}" +SRC_URI_PFR = "file://0007-PFR-images-support.patch \ + file://0008-PFR-image-HASH-verification.patch \ + " + +SRC_URI += "${@bb.utils.contains('IMAGE_FSTYPES', 'intel-pfr', SRC_URI_PFR, '', d)}" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0001-Firmware-update-support-for-StandBySpare.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0001-Firmware-update-support-for-StandBySpare.patch new file mode 100644 index 000000000..9e7cdf768 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0001-Firmware-update-support-for-StandBySpare.patch @@ -0,0 +1,484 @@ +From ba9d7f8443716887bc101e300b06c570f7da8159 Mon Sep 17 00:00:00 2001 +From: Vikram Bodireddy <vikram.bodireddy@linux.intel.com> +Date: Thu, 5 Dec 2019 15:13:52 +0530 +Subject: [PATCH] Firmware update support for StandBySpare + +Firmware update support for StandBySpare. This will +have support for adding 'HttpPushUriTargets' and +'HttpPushUriTargetsBusy' attributes. These attributes enables +'HttpPushUri' to distinguish between the firmware update targets. + +Tested: + - GET on "/redfish/v1/UpdateService", got below response +......... + "HttpPushUriTargets": [], + "HttpPushUriTargetsBusy": false +........ + + - PATCH on "/redfish/v1/UpdateService" and works fine. +{ + "HttpPushUriTargets": ["bmc_recovery"], + "HttpPushUriTargetsBusy": true +} + + - Did Firmware update and verified end to end functionality + for both bmc active and backup images. + + - Successfully ran redfish validater with no new errors. + +Change-Id: I59f317ac001ebf56bbf30e7f43dbec5d69fa249a +Signed-off-by: Vikram Bodireddy <vikram.bodireddy@linux.intel.com> +--- + redfish-core/lib/update_service.hpp | 285 ++++++++++++++++++++++++++++++------ + 1 file changed, 241 insertions(+), 44 deletions(-) + +diff --git a/redfish-core/lib/update_service.hpp b/redfish-core/lib/update_service.hpp +index 57dcc07..c189d5a 100644 +--- a/redfish-core/lib/update_service.hpp ++++ b/redfish-core/lib/update_service.hpp +@@ -30,6 +30,17 @@ static std::unique_ptr<sdbusplus::bus::match::match> fwUpdateMatcher; + static bool fwUpdateInProgress = false; + // Timer for software available + static std::unique_ptr<boost::asio::steady_timer> fwAvailableTimer; ++static constexpr const char *versionIntf = ++ "xyz.openbmc_project.Software.Version"; ++static constexpr const char *activationIntf = ++ "xyz.openbmc_project.Software.Activation"; ++static constexpr const char *reqActivationPropName = "RequestedActivation"; ++static constexpr const char *reqActivationsActive = ++ "xyz.openbmc_project.Software.Activation.RequestedActivations.Active"; ++static constexpr const char *reqActivationsStandBySpare = ++ "xyz.openbmc_project.Software.Activation.RequestedActivations.StandbySpare"; ++static constexpr const char *activationsStandBySpare = ++ "xyz.openbmc_project.Software.Activation.Activations.StandbySpare"; + + static void cleanUp() + { +@@ -37,27 +48,118 @@ static void cleanUp() + fwUpdateMatcher = nullptr; + } + static void activateImage(const std::string &objPath, +- const std::string &service) ++ const std::string &service, ++ const std::vector<std::string> &imgUriTargets) + { + BMCWEB_LOG_DEBUG << "Activate image for " << objPath << " " << service; ++ ++ // If targets is empty, it will apply to the active. ++ if (imgUriTargets.size() == 0) ++ { ++ crow::connections::systemBus->async_method_call( ++ [](const boost::system::error_code error_code) { ++ if (error_code) ++ { ++ BMCWEB_LOG_DEBUG << "RequestedActivation failed: ec = " ++ << error_code; ++ } ++ }, ++ service, objPath, "org.freedesktop.DBus.Properties", "Set", ++ activationIntf, reqActivationPropName, ++ std::variant<std::string>(reqActivationsActive)); ++ return; ++ } ++ ++ // TODO: Now we support only one target becuase software-manager ++ // code support one activation per object. It will be enhanced ++ // to multiple targets for single image in future. For now, ++ // consider first target alone. + crow::connections::systemBus->async_method_call( +- [](const boost::system::error_code error_code) { +- if (error_code) ++ [objPath, service, imgTarget{imgUriTargets[0]}]( ++ const boost::system::error_code ec, ++ const crow::openbmc_mapper::GetSubTreeType &subtree) { ++ if (ec || !subtree.size()) + { +- BMCWEB_LOG_DEBUG << "error_code = " << error_code; +- BMCWEB_LOG_DEBUG << "error msg = " << error_code.message(); ++ return; ++ } ++ ++ for (const auto &[invObjPath, invDict] : subtree) ++ { ++ std::size_t idPos = invObjPath.rfind("/"); ++ if ((idPos == std::string::npos) || ++ ((idPos + 1) >= invObjPath.size())) ++ { ++ BMCWEB_LOG_DEBUG << "Can't parse firmware ID!!"; ++ return; ++ } ++ std::string swId = invObjPath.substr(idPos + 1); ++ ++ if (swId != imgTarget) ++ { ++ continue; ++ } ++ ++ if (invDict.size() < 1) ++ { ++ continue; ++ } ++ BMCWEB_LOG_DEBUG << "Image target matched with object " ++ << invObjPath; ++ crow::connections::systemBus->async_method_call( ++ [objPath, ++ service](const boost::system::error_code error_code, ++ const std::variant<std::string> value) { ++ if (error_code) ++ { ++ BMCWEB_LOG_DEBUG ++ << "Error in querying activation value"; ++ // not all fwtypes are updateable, ++ // this is ok ++ return; ++ } ++ std::string activationValue = ++ std::get<std::string>(value); ++ BMCWEB_LOG_DEBUG << "Activation Value: " ++ << activationValue; ++ std::string reqActivation = reqActivationsActive; ++ if (activationValue == activationsStandBySpare) ++ { ++ reqActivation = reqActivationsStandBySpare; ++ } ++ BMCWEB_LOG_DEBUG ++ << "Setting RequestedActivation value as " ++ << reqActivation << " for " << service << " " ++ << objPath; ++ crow::connections::systemBus->async_method_call( ++ [](const boost::system::error_code error_code) { ++ if (error_code) ++ { ++ BMCWEB_LOG_DEBUG ++ << "RequestedActivation failed: ec = " ++ << error_code; ++ } ++ return; ++ }, ++ service, objPath, "org.freedesktop.DBus.Properties", ++ "Set", activationIntf, reqActivationPropName, ++ std::variant<std::string>(reqActivation)); ++ }, ++ invDict[0].first, ++ "/xyz/openbmc_project/software/" + imgTarget, ++ "org.freedesktop.DBus.Properties", "Get", activationIntf, ++ "Activation"); + } + }, +- service, objPath, "org.freedesktop.DBus.Properties", "Set", +- "xyz.openbmc_project.Software.Activation", "RequestedActivation", +- std::variant<std::string>( +- "xyz.openbmc_project.Software.Activation.RequestedActivations." +- "Active")); ++ "xyz.openbmc_project.ObjectMapper", ++ "/xyz/openbmc_project/object_mapper", ++ "xyz.openbmc_project.ObjectMapper", "GetSubTree", "/", ++ static_cast<int32_t>(0), std::array<const char *, 1>{versionIntf}); + } + + // Note that asyncResp can be either a valid pointer or nullptr. If nullptr + // then no asyncResp updates will occur + static void softwareInterfaceAdded(std::shared_ptr<AsyncResp> asyncResp, ++ const std::vector<std::string> imgUriTargets, + sdbusplus::message::message &m) + { + std::vector<std::pair< +@@ -69,27 +171,24 @@ static void softwareInterfaceAdded(std::shared_ptr<AsyncResp> asyncResp, + + m.read(objPath, interfacesProperties); + +- BMCWEB_LOG_DEBUG << "obj path = " << objPath.str; ++ BMCWEB_LOG_DEBUG << "Software Interface Added. objPath = " << objPath.str; + for (auto &interface : interfacesProperties) + { +- BMCWEB_LOG_DEBUG << "interface = " << interface.first; +- +- if (interface.first == "xyz.openbmc_project.Software.Activation") ++ if (interface.first == activationIntf) + { + // Found our interface, disable callbacks + fwUpdateMatcher = nullptr; +- + // Retrieve service and activate + crow::connections::systemBus->async_method_call( +- [objPath, asyncResp]( ++ [objPath, asyncResp, imgTargets{imgUriTargets}]( + const boost::system::error_code error_code, + const std::vector<std::pair< + std::string, std::vector<std::string>>> &objInfo) { + if (error_code) + { +- BMCWEB_LOG_DEBUG << "error_code = " << error_code; +- BMCWEB_LOG_DEBUG << "error msg = " +- << error_code.message(); ++ BMCWEB_LOG_DEBUG ++ << "GetSoftwareObject path failed: ec = " ++ << error_code; + if (asyncResp) + { + messages::internalError(asyncResp->res); +@@ -113,8 +212,7 @@ static void softwareInterfaceAdded(std::shared_ptr<AsyncResp> asyncResp, + // xyz.openbmc_project.Software.Activation interface + // is added + fwAvailableTimer = nullptr; +- +- activateImage(objPath.str, objInfo[0].first); ++ activateImage(objPath.str, objInfo[0].first, imgTargets); + if (asyncResp) + { + redfish::messages::success(asyncResp->res); +@@ -124,17 +222,16 @@ static void softwareInterfaceAdded(std::shared_ptr<AsyncResp> asyncResp, + "xyz.openbmc_project.ObjectMapper", + "/xyz/openbmc_project/object_mapper", + "xyz.openbmc_project.ObjectMapper", "GetObject", objPath.str, +- std::array<const char *, 1>{ +- "xyz.openbmc_project.Software.Activation"}); ++ std::array<const char *, 1>{activationIntf}); + } + } + } + + // Note that asyncResp can be either a valid pointer or nullptr. If nullptr + // then no asyncResp updates will occur +-static void monitorForSoftwareAvailable(std::shared_ptr<AsyncResp> asyncResp, +- const crow::Request &req, +- int timeoutTimeSeconds = 5) ++static void monitorForSoftwareAvailable( ++ std::shared_ptr<AsyncResp> asyncResp, const crow::Request &req, ++ const std::vector<std::string> &imgUriTargets, int timeoutTimeSeconds = 5) + { + // Only allow one FW update at a time + if (fwUpdateInProgress != false) +@@ -145,7 +242,6 @@ static void monitorForSoftwareAvailable(std::shared_ptr<AsyncResp> asyncResp, + } + return; + } +- + fwAvailableTimer = + std::make_unique<boost::asio::steady_timer>(*req.ioService); + +@@ -174,10 +270,10 @@ static void monitorForSoftwareAvailable(std::shared_ptr<AsyncResp> asyncResp, + } + }); + +- auto callback = [asyncResp](sdbusplus::message::message &m) { +- BMCWEB_LOG_DEBUG << "Match fired"; +- softwareInterfaceAdded(asyncResp, m); +- }; ++ auto callback = ++ [asyncResp, imgTargets{imgUriTargets}](sdbusplus::message::message &m) { ++ softwareInterfaceAdded(asyncResp, imgTargets, m); ++ }; + + fwUpdateInProgress = true; + +@@ -286,9 +382,12 @@ class UpdateServiceActionsSimpleUpdate : public Node + std::string fwFile = imageURI.substr(separator + 1); + BMCWEB_LOG_DEBUG << "Server: " << tftpServer + " File: " << fwFile; + ++ // We will pass empty targets and its handled in activation. ++ std::vector<std::string> httpUriTargets; ++ + // Setup callback for when new software detected + // Give TFTP 2 minutes to complete +- monitorForSoftwareAvailable(nullptr, req, 120); ++ monitorForSoftwareAvailable(nullptr, req, httpUriTargets, 120); + + // TFTP can take up to 2 minutes depending on image size and + // connection speed. Return to caller as soon as the TFTP operation +@@ -322,7 +421,8 @@ class UpdateServiceActionsSimpleUpdate : public Node + class UpdateService : public Node + { + public: +- UpdateService(CrowApp &app) : Node(app, "/redfish/v1/UpdateService/") ++ UpdateService(CrowApp &app) : ++ Node(app, "/redfish/v1/UpdateService/"), httpPushUriTargetBusy(false) + { + entityPrivileges = { + {boost::beast::http::verb::get, {{"Login"}}}, +@@ -334,6 +434,9 @@ class UpdateService : public Node + } + + private: ++ std::vector<std::string> httpPushUriTargets; ++ bool httpPushUriTargetBusy; ++ + void doGet(crow::Response &res, const crow::Request &req, + const std::vector<std::string> ¶ms) override + { +@@ -346,6 +449,8 @@ class UpdateService : public Node + res.jsonValue["Description"] = "Service for Software Update"; + res.jsonValue["Name"] = "Update Service"; + res.jsonValue["HttpPushUri"] = "/redfish/v1/UpdateService"; ++ res.jsonValue["HttpPushUriTargets"] = httpPushUriTargets; ++ res.jsonValue["HttpPushUriTargetsBusy"] = httpPushUriTargetBusy; + // UpdateService cannot be disabled + res.jsonValue["ServiceEnabled"] = true; + res.jsonValue["FirmwareInventory"] = { +@@ -405,9 +510,14 @@ class UpdateService : public Node + std::shared_ptr<AsyncResp> asyncResp = std::make_shared<AsyncResp>(res); + + std::optional<nlohmann::json> pushUriOptions; +- if (!json_util::readJson(req, res, "HttpPushUriOptions", +- pushUriOptions)) ++ std::optional<std::vector<std::string>> imgTargets; ++ std::optional<bool> imgTargetBusy; ++ ++ if (!json_util::readJson(req, res, "HttpPushUriOptions", pushUriOptions, ++ "HttpPushUriTargets", imgTargets, ++ "HttpPushUriTargetsBusy", imgTargetBusy)) + { ++ BMCWEB_LOG_DEBUG << "UpdateService doPatch: Invalid request body"; + return; + } + +@@ -464,7 +574,6 @@ class UpdateService : public Node + messages::internalError(asyncResp->res); + return; + } +- messages::success(asyncResp->res); + }, + "xyz.openbmc_project.Settings", + "/xyz/openbmc_project/software/apply_time", +@@ -475,6 +584,98 @@ class UpdateService : public Node + } + } + } ++ ++ if (imgTargetBusy) ++ { ++ if ((httpPushUriTargetBusy) && (*imgTargetBusy)) ++ { ++ BMCWEB_LOG_DEBUG ++ << "Other client has reserved the HttpPushUriTargets " ++ "property for firmware updates."; ++ messages::resourceInUse(asyncResp->res); ++ return; ++ } ++ ++ if (imgTargets) ++ { ++ if (!(*imgTargetBusy)) ++ { ++ BMCWEB_LOG_DEBUG ++ << "UpdateService doPatch: httpPushUriTargetBusy " ++ "should be " ++ "true before setting httpPushUriTargets"; ++ messages::invalidObject(asyncResp->res, ++ "HttpPushUriTargetsBusy"); ++ return; ++ } ++ if ((*imgTargets).size() != 0) ++ { ++ // TODO: Now we support max one target becuase ++ // software-manager code support one activation per object. ++ // It will be enhanced to multiple targets for single image ++ // in future. For now, consider first target alone. ++ if ((*imgTargets).size() != 1) ++ { ++ messages::invalidObject(asyncResp->res, ++ "HttpPushUriTargets"); ++ return; ++ } ++ crow::connections::systemBus->async_method_call( ++ [this, asyncResp, uriTargets{*imgTargets}, ++ targetBusy{*imgTargetBusy}]( ++ const boost::system::error_code ec, ++ const std::vector<std::string> swInvPaths) { ++ if (ec) ++ { ++ return; ++ } ++ ++ bool swInvObjFound = false; ++ for (const std::string &path : swInvPaths) ++ { ++ std::size_t idPos = path.rfind("/"); ++ if ((idPos == std::string::npos) || ++ ((idPos + 1) >= path.size())) ++ { ++ messages::internalError(asyncResp->res); ++ BMCWEB_LOG_DEBUG ++ << "Can't parse firmware ID!!"; ++ return; ++ } ++ std::string swId = path.substr(idPos + 1); ++ ++ if (swId == uriTargets[0]) ++ { ++ swInvObjFound = true; ++ break; ++ } ++ } ++ if (!swInvObjFound) ++ { ++ messages::invalidObject(asyncResp->res, ++ "HttpPushUriTargets"); ++ return; ++ } ++ this->httpPushUriTargetBusy = targetBusy; ++ this->httpPushUriTargets = uriTargets; ++ }, ++ "xyz.openbmc_project.ObjectMapper", ++ "/xyz/openbmc_project/object_mapper", ++ "xyz.openbmc_project.ObjectMapper", "GetSubTreePaths", ++ "/", static_cast<int32_t>(0), ++ std::array<const char *, 1>{versionIntf}); ++ } ++ else ++ { ++ httpPushUriTargetBusy = *imgTargetBusy; ++ httpPushUriTargets = *imgTargets; ++ } ++ } ++ else ++ { ++ httpPushUriTargetBusy = *imgTargetBusy; ++ } ++ } + } + + void doPost(crow::Response &res, const crow::Request &req, +@@ -485,7 +686,7 @@ class UpdateService : public Node + std::shared_ptr<AsyncResp> asyncResp = std::make_shared<AsyncResp>(res); + + // Setup callback for when new software detected +- monitorForSoftwareAvailable(asyncResp, req); ++ monitorForSoftwareAvailable(asyncResp, req, httpPushUriTargets); + + std::string filepath( + "/tmp/images/" + +@@ -569,9 +770,7 @@ class SoftwareInventoryCollection : public Node + "xyz.openbmc_project.ObjectMapper", + "/xyz/openbmc_project/object_mapper", + "xyz.openbmc_project.ObjectMapper", "GetSubTree", "/", +- static_cast<int32_t>(0), +- std::array<const char *, 1>{ +- "xyz.openbmc_project.Software.Version"}); ++ static_cast<int32_t>(0), std::array<const char *, 1>{versionIntf}); + } + }; + +@@ -756,7 +955,7 @@ class SoftwareInventory : public Node + }, + obj.second[0].first, obj.first, + "org.freedesktop.DBus.Properties", "GetAll", +- "xyz.openbmc_project.Software.Version"); ++ versionIntf); + } + if (!found) + { +@@ -778,9 +977,7 @@ class SoftwareInventory : public Node + "xyz.openbmc_project.ObjectMapper", + "/xyz/openbmc_project/object_mapper", + "xyz.openbmc_project.ObjectMapper", "GetSubTree", "/", +- static_cast<int32_t>(0), +- std::array<const char *, 1>{ +- "xyz.openbmc_project.Software.Version"}); ++ static_cast<int32_t>(0), std::array<const char *, 1>{versionIntf}); + } + }; + +-- +2.7.4 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend index 93e684cd7..00eb38799 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend @@ -1,5 +1,5 @@ SRC_URI = "git://github.com/openbmc/bmcweb.git" -SRCREV = "274dfe625f862e8ded2d4eb88dd856cf66bf54bf" +SRCREV = "97d57aaa0b95a110c71016d190f95f853051126a" FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" @@ -9,6 +9,9 @@ USERADD_PARAM_${PN} = "-r -s /usr/sbin/nologin -d /home/bmcweb -m -G shadow bmcw GROUPADD_PARAM_${PN} = "web; redfish " +SRC_URI += "file://0001-Firmware-update-support-for-StandBySpare.patch \ + " + # Enable CPU Log and Raw PECI support EXTRA_OECMAKE += "-DBMCWEB_ENABLE_REDFISH_CPU_LOG=ON" EXTRA_OECMAKE += "-DBMCWEB_ENABLE_REDFISH_RAW_PECI=ON" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0059-Move-Set-SOL-config-parameter-to-host-ipmid.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0059-Move-Set-SOL-config-parameter-to-host-ipmid.patch index 0d1a5abbb..bc8c72f13 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0059-Move-Set-SOL-config-parameter-to-host-ipmid.patch +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0059-Move-Set-SOL-config-parameter-to-host-ipmid.patch @@ -1,7 +1,7 @@ -From 27b94aa1df83abad63cbba69525273194b14ab9c Mon Sep 17 00:00:00 2001 +From 1c8cb6b7c99ad85f470aa87095fcfb4de822ddb1 Mon Sep 17 00:00:00 2001 From: Cheng C Yang <cheng.c.yang@intel.com> Date: Wed, 16 Oct 2019 14:24:20 +0800 -Subject: [PATCH] Move Set SOL config parameter to host-ipmid +Subject: [PATCH 1/1] Move Set SOL config parameter to host-ipmid Move Set SOL config parameter command from net-ipmid to host-ipmid, so that BIOS in Intel platform can enable or disable SOL through KCS. @@ -21,13 +21,14 @@ After reboot BMC, "Progress" property in dbus interface change back to 0 and other properties will not reset to default value. Signed-off-by: Cheng C Yang <cheng.c.yang@intel.com> +Signed-off-by: James Feist <james.feist@linux.intel.com> --- host-ipmid-whitelist.conf | 1 + - transporthandler.cpp | 322 ++++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 323 insertions(+) + transporthandler.cpp | 294 ++++++++++++++++++++++++++++++++++++++ + 2 files changed, 295 insertions(+) diff --git a/host-ipmid-whitelist.conf b/host-ipmid-whitelist.conf -index e8df7c7..f030ef4 100644 +index 5397115..c93f3b1 100644 --- a/host-ipmid-whitelist.conf +++ b/host-ipmid-whitelist.conf @@ -41,6 +41,7 @@ @@ -39,10 +40,10 @@ index e8df7c7..f030ef4 100644 0x2C:0x01 //<Group Extension>:<Get DCMI Capabilities> 0x2C:0x02 //<Group Extension>:<Get Power Reading> diff --git a/transporthandler.cpp b/transporthandler.cpp -index e88eb63..4a42e7b 100644 +index 61065ad..59e38ea 100644 --- a/transporthandler.cpp +++ b/transporthandler.cpp -@@ -1469,8 +1469,323 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly, +@@ -1469,8 +1469,298 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly, } // namespace transport } // namespace ipmi @@ -136,31 +137,6 @@ index e88eb63..4a42e7b 100644 + return 0; +} + -+void initializeSOLInProgress() -+{ -+ ipmi::ChannelInfo chInfo; -+ for (int chNum = 0; chNum < ipmi::maxIpmiChannels; chNum++) -+ { -+ if (!ipmi::isValidChannel(static_cast<uint8_t>(chNum))) -+ { -+ continue; -+ } -+ ipmi_ret_t compCode = -+ ipmi::getChannelInfo(static_cast<uint8_t>(chNum), chInfo); -+ if (compCode != IPMI_CC_OK || -+ chInfo.mediumType != -+ static_cast<uint8_t>(ipmi::EChannelMediumType::lan8032)) -+ { -+ continue; -+ } -+ if (setSOLParameter("Progress", static_cast<uint8_t>(0), chNum) < 0) -+ { -+ phosphor::logging::log<phosphor::logging::level::ERR>( -+ "Error initialize sol progress"); -+ } -+ } -+} -+ +static const constexpr uint8_t encryptMask = 0x80; +static const constexpr uint8_t encryptShift = 7; +static const constexpr uint8_t authMask = 0x40; @@ -366,7 +342,7 @@ index e88eb63..4a42e7b 100644 void register_netfn_transport_functions() { ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnTransport, -@@ -1479,4 +1794,11 @@ void register_netfn_transport_functions() +@@ -1479,4 +1769,8 @@ void register_netfn_transport_functions() ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnTransport, ipmi::transport::cmdGetLanConfigParameters, ipmi::Privilege::Operator, ipmi::transport::getLan); @@ -374,10 +350,7 @@ index e88eb63..4a42e7b 100644 + ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnTransport, + ipmi::transport::cmdSetSolConfigParameters, + ipmi::Privilege::Admin, setSOLConfParams); -+ -+ // Initialize dbus property progress to 0 every time sol manager restart. -+ initializeSOLInProgress(); } -- -2.7.4 +2.17.1 diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0060-Move-Get-SOL-config-parameter-to-host-ipmid.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0060-Move-Get-SOL-config-parameter-to-host-ipmid.patch index 01a3e49b8..61ac5fede 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0060-Move-Get-SOL-config-parameter-to-host-ipmid.patch +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0060-Move-Get-SOL-config-parameter-to-host-ipmid.patch @@ -1,7 +1,7 @@ -From e8ad148601fc3b45fac9092fdd45c537433e662f Mon Sep 17 00:00:00 2001 +From b5400c4bc756a800fbeb4cc53117956fb59dc57d Mon Sep 17 00:00:00 2001 From: Cheng C Yang <cheng.c.yang@intel.com> Date: Thu, 11 Jul 2019 00:32:58 +0800 -Subject: [PATCH] Move Get SOL config parameter to host-ipmid +Subject: [PATCH 1/1] Move Get SOL config parameter to host-ipmid Move Get SOL config parameter command from net-ipmid to host-ipmid. @@ -22,16 +22,17 @@ Payload Channel : 1 (0x01) Payload Port : 623 Signed-off-by: Cheng C Yang <cheng.c.yang@intel.com> +Signed-off-by: James Feist <james.feist@linux.intel.com> --- host-ipmid-whitelist.conf | 1 + - transporthandler.cpp | 191 ++++++++++++++++++++++++++++++++++++++++++++++ + transporthandler.cpp | 191 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 192 insertions(+) diff --git a/host-ipmid-whitelist.conf b/host-ipmid-whitelist.conf -index 44c2181..0fcac4e 100644 +index c93f3b1..730437d 100644 --- a/host-ipmid-whitelist.conf +++ b/host-ipmid-whitelist.conf -@@ -41,6 +41,7 @@ +@@ -42,6 +42,7 @@ 0x0A:0x49 //<Storage>:<Set SEL Time> 0x0C:0x02 //<Transport>:<Get LAN Configuration Parameters> 0x0C:0x21 //<Transport>:<Set SOL Configuration Parameters> @@ -40,10 +41,10 @@ index 44c2181..0fcac4e 100644 0x2C:0x01 //<Group Extension>:<Get DCMI Capabilities> 0x2C:0x02 //<Group Extension>:<Get Power Reading> diff --git a/transporthandler.cpp b/transporthandler.cpp -index 25062ae..9ba2868 100644 +index 59e38ea..b64953f 100644 --- a/transporthandler.cpp +++ b/transporthandler.cpp -@@ -1719,6 +1719,28 @@ static int getSOLParameter(const std::string& property, ipmi::Value& value, +@@ -1559,6 +1559,28 @@ static int getSOLParameter(const std::string& property, ipmi::Value& value, return 0; } @@ -69,10 +70,10 @@ index 25062ae..9ba2868 100644 + return 0; +} + - void initializeSOLInProgress() - { - ipmi::ChannelInfo chInfo; -@@ -1913,6 +1935,171 @@ ipmi::RspType<> setSOLConfParams(ipmi::Context::ptr ctx, uint4_t chNum, + static const constexpr uint8_t encryptMask = 0x80; + static const constexpr uint8_t encryptShift = 7; + static const constexpr uint8_t authMask = 0x40; +@@ -1761,6 +1783,171 @@ ipmi::RspType<> setSOLConfParams(ipmi::Context::ptr ctx, uint4_t chNum, return ipmi::responseSuccess(); } @@ -243,18 +244,16 @@ index 25062ae..9ba2868 100644 + void register_netfn_transport_functions() { - // As this timer is only for transport handler -@@ -1934,6 +2121,10 @@ void register_netfn_transport_functions() + ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnTransport, +@@ -1773,4 +1960,8 @@ void register_netfn_transport_functions() + ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnTransport, ipmi::transport::cmdSetSolConfigParameters, ipmi::Privilege::Admin, setSOLConfParams); - ++ + ipmi::registerHandler(ipmi::prioOpenBmcBase, ipmi::netFnTransport, + ipmi::transport::cmdGetSolConfigParameters, + ipmi::Privilege::User, getSOLConfParams); -+ - // Initialize dbus property progress to 0 every time sol manager restart. - initializeSOLInProgress(); - + } -- -2.7.4 +2.17.1 diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0064-Update-provisioning-mode-filter-logic.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0064-Update-provisioning-mode-filter-logic.patch index 57a31c991..5cd8b3ec4 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0064-Update-provisioning-mode-filter-logic.patch +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/0064-Update-provisioning-mode-filter-logic.patch @@ -1,7 +1,7 @@ -From 3279300bb9afd1f169b35b7830d7f054045ab35f Mon Sep 17 00:00:00 2001 +From dcfce847654bd7e2475ad74bedf569b6120701dd Mon Sep 17 00:00:00 2001 From: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> Date: Tue, 18 Jun 2019 19:42:30 +0530 -Subject: [PATCH] Update provisioning mode filter logic +Subject: [PATCH 1/1] Update provisioning mode filter logic Updated provisioning mode filtering logic support. Based on the RestrictionMode property, Host (system) interface commands will be @@ -20,12 +20,13 @@ whitelist (Note: New whitelist conf is under review). Change-Id: I7a14e827d70e2d8d6975e600a0fd00e2a790bc22 Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> +Signed-off-by: James Feist <james.feist@linux.intel.com> --- - whitelist-filter.cpp | 155 ++++++++++++++++++++++++++++++++++++++++----------- - 1 file changed, 122 insertions(+), 33 deletions(-) + whitelist-filter.cpp | 191 ++++++++++++++++++++++++++++++------------- + 1 file changed, 136 insertions(+), 55 deletions(-) diff --git a/whitelist-filter.cpp b/whitelist-filter.cpp -index 9f1e7c8..2c56087 100644 +index 9f1e7c8..53461b4 100644 --- a/whitelist-filter.cpp +++ b/whitelist-filter.cpp @@ -25,6 +25,7 @@ namespace @@ -36,7 +37,7 @@ index 9f1e7c8..2c56087 100644 public: WhitelistFilter(); ~WhitelistFilter() = default; -@@ -35,17 +36,26 @@ class WhitelistFilter +@@ -35,17 +36,24 @@ class WhitelistFilter private: void postInit(); @@ -53,8 +54,7 @@ index 9f1e7c8..2c56087 100644 + RestrictionMode::Modes::ProvisionedHostWhitelist; + bool postCompleted = false; std::shared_ptr<sdbusplus::asio::connection> bus; - std::unique_ptr<settings::Objects> objects; -+ std::unique_ptr<settings::Objects> postCompleteObj; +- std::unique_ptr<settings::Objects> objects; std::unique_ptr<sdbusplus::bus::match::match> modeChangeMatch; + std::unique_ptr<sdbusplus::bus::match::match> postCompleteMatch; @@ -65,7 +65,7 @@ index 9f1e7c8..2c56087 100644 }; WhitelistFilter::WhitelistFilter() -@@ -63,16 +73,22 @@ WhitelistFilter::WhitelistFilter() +@@ -63,43 +71,83 @@ WhitelistFilter::WhitelistFilter() post_work([this]() { postInit(); }); } @@ -73,24 +73,40 @@ index 9f1e7c8..2c56087 100644 +void WhitelistFilter::cacheRestrictedAndPostCompleteMode() { using namespace sdbusplus::xyz::openbmc_project::Control::Security::server; ++ std::string restrictionModeSetting; std::string restrictionModeService; + std::string systemOsStatusPath; + std::string systemOsStatusService; try { - restrictionModeSetting = objects->map.at(restrictionModeIntf).at(0); +- restrictionModeSetting = objects->map.at(restrictionModeIntf).at(0); ++ auto objects = settings::Objects( ++ *bus, std::vector<settings::Interface>({restrictionModeIntf})); ++ auto postCompleteObj = settings::Objects( ++ *bus, std::vector<settings::Interface>({systemOsStatusIntf})); ++ ++ restrictionModeSetting = objects.map.at(restrictionModeIntf).at(0); restrictionModeService = - objects->service(restrictionModeSetting, restrictionModeIntf); +- objects->service(restrictionModeSetting, restrictionModeIntf); ++ objects.service(restrictionModeSetting, restrictionModeIntf); + -+ systemOsStatusPath = postCompleteObj->map.at(systemOsStatusIntf).at(0); ++ systemOsStatusPath = postCompleteObj.map.at(systemOsStatusIntf).at(0); + systemOsStatusService = -+ postCompleteObj->service(systemOsStatusPath, systemOsStatusIntf); ++ postCompleteObj.service(systemOsStatusPath, systemOsStatusIntf); } catch (const std::out_of_range& e) { -@@ -80,26 +96,50 @@ void WhitelistFilter::cacheRestrictedMode() - "Could not look up restriction mode interface from cache"); +- log<level::ERR>( +- "Could not look up restriction mode interface from cache"); ++ log<level::INFO>( ++ "Could not initialize provisioning mode, defaulting to restricted"); ++ return; ++ } ++ catch (const std::exception&) ++ { ++ log<level::INFO>( ++ "Could not initialize provisioning mode, defaulting to restricted"); return; } + @@ -98,11 +114,11 @@ index 9f1e7c8..2c56087 100644 [this](boost::system::error_code ec, ipmi::Value v) { if (ec) { - log<level::ERR>("Error in RestrictionMode Get"); - // Fail-safe to true. +- log<level::ERR>("Error in RestrictionMode Get"); +- // Fail-safe to true. - restrictedMode = true; -+ restrictionMode = -+ RestrictionMode::Modes::ProvisionedHostWhitelist; ++ log<level::INFO>("Could not initialize provisioning mode, " ++ "defaulting to restricted"); return; } auto mode = std::get<std::string>(v); @@ -147,7 +163,7 @@ index 9f1e7c8..2c56087 100644 } void WhitelistFilter::handleRestrictedModeChange(sdbusplus::message::message& m) -@@ -112,23 +152,44 @@ void WhitelistFilter::handleRestrictedModeChange(sdbusplus::message::message& m) +@@ -112,61 +160,94 @@ void WhitelistFilter::handleRestrictedModeChange(sdbusplus::message::message& m) { if (property.first == "RestrictionMode") { @@ -164,16 +180,24 @@ index 9f1e7c8..2c56087 100644 + log<level::INFO>( + "Updated restriction mode", + entry("VALUE=%d", static_cast<int>(restrictionMode))); -+ } -+ } -+} + } + } + } +- +-void WhitelistFilter::postInit() +void WhitelistFilter::handlePostCompleteChange(sdbusplus::message::message& m) -+{ + { +- objects = std::make_unique<settings::Objects>( +- *bus, std::vector<settings::Interface>({restrictionModeIntf})); +- if (!objects) + std::string intf; + std::vector<std::pair<std::string, ipmi::Value>> propertyList; + m.read(intf, propertyList); + for (const auto& property : propertyList) -+ { + { +- log<level::ERR>( +- "Failed to create settings object; defaulting to restricted mode"); +- return; + if (property.first == "OperatingSystemState") + { + std::string value = std::get<std::string>(property.second); @@ -187,47 +211,38 @@ index 9f1e7c8..2c56087 100644 + } + log<level::INFO>(postCompleted ? "Updated to POST Complete" + : "Updated to !POST Complete"); - } ++ } } - } - - void WhitelistFilter::postInit() - { - objects = std::make_unique<settings::Objects>( - *bus, std::vector<settings::Interface>({restrictionModeIntf})); -- if (!objects) -+ postCompleteObj = std::make_unique<settings::Objects>( -+ *bus, std::vector<settings::Interface>({systemOsStatusIntf})); -+ if (!objects || !postCompleteObj) - { - log<level::ERR>( - "Failed to create settings object; defaulting to restricted mode"); -@@ -136,37 +197,65 @@ void WhitelistFilter::postInit() - } - ++} ++void WhitelistFilter::postInit() ++{ // Initialize restricted mode - cacheRestrictedMode(); + cacheRestrictedAndPostCompleteMode(); // Wait for changes on Restricted mode - std::string filterStr; -+ std::string filterStrModeChange; -+ std::string filterStrPostComplete; - try - { +- try +- { - filterStr = sdbusplus::bus::match::rules::propertiesChanged( -+ filterStrModeChange = sdbusplus::bus::match::rules::propertiesChanged( - objects->map.at(restrictionModeIntf).at(0), restrictionModeIntf); -+ filterStrPostComplete = sdbusplus::bus::match::rules::propertiesChanged( -+ postCompleteObj->map.at(systemOsStatusIntf).at(0), -+ systemOsStatusIntf); - } - catch (const std::out_of_range& e) - { +- objects->map.at(restrictionModeIntf).at(0), restrictionModeIntf); +- } +- catch (const std::out_of_range& e) +- { - log<level::ERR>("Failed to determine restriction mode filter string"); -+ log<level::ERR>("Failed to determine restriction mode / POST complete " -+ "filter string"); - return; - } +- return; +- } ++ namespace rules = sdbusplus::bus::match::rules; ++ const std::string filterStrModeChange = ++ rules::type::signal() + rules::member("PropertiesChanged") + ++ rules::interface("org.freedesktop.DBus.Properties") + ++ rules::argN(0, restrictionModeIntf); ++ ++ const std::string filterStrPostComplete = ++ rules::type::signal() + rules::member("PropertiesChanged") + ++ rules::interface("org.freedesktop.DBus.Properties") + ++ rules::argN(0, systemOsStatusIntf); ++ modeChangeMatch = std::make_unique<sdbusplus::bus::match::match>( - *bus, filterStr, [this](sdbusplus::message::message& m) { + *bus, filterStrModeChange, [this](sdbusplus::message::message& m) { @@ -252,16 +267,16 @@ index 9f1e7c8..2c56087 100644 - whitelist.cbegin(), whitelist.cend(), - std::make_pair(request->ctx->netFn, request->ctx->cmd))) + if (!postCompleted) ++ { ++ // Allow all commands, till POST is not completed ++ return ipmi::ccSuccess; ++ } ++ switch (restrictionMode) { - log<level::ERR>("Net function not whitelisted", - entry("NETFN=0x%X", int(request->ctx->netFn)), - entry("CMD=0x%X", int(request->ctx->cmd))); - return ipmi::ccInsufficientPrivilege; -+ // Allow all commands, till POST is not completed -+ return ipmi::ccSuccess; -+ } -+ switch (restrictionMode) -+ { + case RestrictionMode::Modes::ProvisionedHostWhitelist: + { + if (!std::binary_search( @@ -282,5 +297,5 @@ index 9f1e7c8..2c56087 100644 } return ipmi::ccSuccess; -- -2.7.4 +2.17.1 diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/phosphor-ipmi-host.service b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/phosphor-ipmi-host.service index 30a4dec25..1e45ee6c9 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/phosphor-ipmi-host.service +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-host/phosphor-ipmi-host.service @@ -1,16 +1,5 @@ [Unit] Description=Phosphor Inband IPMI -# TODO openbmc/openbmc#2059 - The wants/after below should be based on providers -Wants=mapper-wait@-xyz-openbmc_project-control-host0-boot.service -After=mapper-wait@-xyz-openbmc_project-control-host0-boot.service -Wants=mapper-wait@-xyz-openbmc_project-control-host0-boot-one_time.service -After=mapper-wait@-xyz-openbmc_project-control-host0-boot-one_time.service -Wants=mapper-wait@-xyz-openbmc_project-control-host0-power_restore_policy.service -After=mapper-wait@-xyz-openbmc_project-control-host0-power_restore_policy.service -Wants=mapper-wait@-xyz-openbmc_project-control-security-restriction_mode.service -After=mapper-wait@-xyz-openbmc_project-control-security-restriction_mode.service -Wants=mapper-wait@-xyz-openbmc_project-state-os.service -After=mapper-wait@-xyz-openbmc_project-state-os.service [Service] Restart=always @@ -23,4 +12,4 @@ RuntimeDirectoryPreserve = yes StateDirectory = ipmi [Install] -WantedBy={SYSTEMD_DEFAULT_TARGET} +WantedBy=basic.target diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-net_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-net_%.bbappend index 9f3bf81ca..b488e6d8e 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-net_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-ipmi-net_%.bbappend @@ -3,7 +3,7 @@ inherit useradd # TODO: This should be removed, once up-stream bump up # issue is resolved SRC_URI += "git://github.com/openbmc/phosphor-net-ipmid" -SRCREV = "49a94b2f82fb1aa68d608f28c4863bb36661a3a4" +SRCREV = "0f63e01ce6bb11920d78d999267558500ca9a272" USERADD_PACKAGES = "${PN}" # add a group called ipmi diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-node-manager-proxy_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-node-manager-proxy_git.bb index 6d8334865..635f2d3a4 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-node-manager-proxy_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/ipmi/phosphor-node-manager-proxy_git.bb @@ -2,8 +2,8 @@ SUMMARY = "Node Manager Proxy" DESCRIPTION = "The Node Manager Proxy provides a simple interface for communicating \ with Management Engine via IPMB" -SRC_URI = "git://git@github.com/Intel-BMC/node-manager;protocol=ssh" -SRCREV = "a0d3ec079f569c47af21d8cafe46e65f5784cd5b" +SRC_URI = "git://github.com/Intel-BMC/node-manager;protocol=ssh" +SRCREV = "13c62849bce28161fc58134c52920e0c494745f9" PV = "0.1+git${SRCPV}" LICENSE = "Apache-2.0" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/multi-node-manager/multi-node-manager.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/multi-node-manager/multi-node-manager.bb index 177f5c98f..620a2ab51 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/multi-node-manager/multi-node-manager.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/multi-node-manager/multi-node-manager.bb @@ -1,7 +1,7 @@ SUMMARY = "Multi node manager" DESCRIPTION = "Daemon to handle chassis level shared resources on multi-node platform" -SRC_URI = "git://git@github.com/Intel-BMC/multi-node-manager.git;protocol=ssh" +SRC_URI = "git://github.com/Intel-BMC/multi-node-manager.git;protocol=ssh" SRCREV = "34d959285a3ca12c4bfefa4040d82d571c78843b" PV = "0.1+git${SRCPV}" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/phosphor-u-boot-mgr/phosphor-u-boot-mgr_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/phosphor-u-boot-mgr/phosphor-u-boot-mgr_git.bb index 78b6dd2bd..d89b30380 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/phosphor-u-boot-mgr/phosphor-u-boot-mgr_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/phosphor-u-boot-mgr/phosphor-u-boot-mgr_git.bb @@ -8,9 +8,9 @@ S = "${WORKDIR}/git/phosphor-u-boot-env-mgr" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e" -SRC_URI = "git://git@github.com/Intel-BMC/provingground.git;protocol=ssh" +SRC_URI = "git://github.com/Intel-BMC/provingground.git;protocol=ssh" -SRCREV = "e1dbcef575309efeb04d275565a6e9649f3b89dd" +SRCREV = "eddf621897090ba346b1aaa81a4b8be12076ab60" inherit cmake systemd SYSTEMD_SERVICE_${PN} = "xyz.openbmc_project.U_Boot.Environment.Manager.service" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/preinit-mounts/preinit-mounts/init b/meta-openbmc-mods/meta-common/recipes-phosphor/preinit-mounts/preinit-mounts/init index 9de00fd2f..0e38f3aeb 100755 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/preinit-mounts/preinit-mounts/init +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/preinit-mounts/preinit-mounts/init @@ -45,14 +45,21 @@ fi # list of things that need to be rw at boot NV_OVERLAYS="/etc /var /home" -# place to mount the real ubifs backing store +# place to mount the overlay backing store +OVERLAY_MNT=/tmp/.overlay +OVERLAY_SIZE=16384 +# place to mount NV RWFS_MNT=/tmp/.rwfs +# NV overlay storage +OVERLAY_SYNC=${RWFS_MNT}/.overlay if grep -q "$RWFS_MNT" /proc/mounts; then # quit - we have already run exit 0 fi -mkdir -p "$RWFS_MNT" +mkdir -p "$OVERLAY_MNT" +# TODO: remount the overlay with a size limit? +# mount -t tmpfs -o rw,size=${OVERLAY_SIZE} oltmp ${OVERLAY_MNT} mtd_by_name() { local name="$1" @@ -73,10 +80,10 @@ NV_MTD_NUM="$(mtdnum_by_name ${NV_MTD})" nvrw() { local p="$1" # Clear the work dir doing overlay mount - rm -rf "${RWFS_MNT}${p}.work" - mkdir -p "${RWFS_MNT}${p}" "${RWFS_MNT}${p}.work" - local mname=$(echo "rwnv${p}" | sed 's,/,,g') - local opts="lowerdir=${p},upperdir=${RWFS_MNT}${p},workdir=${RWFS_MNT}${p}.work,sync" + rm -rf "${OVERLAY_MNT}${p}.work" + mkdir -p "${OVERLAY_MNT}${p}" "${OVERLAY_MNT}${p}.work" + local mname=$(echo "ol${p}" | sed 's,/,,g') + local opts="lowerdir=${p},upperdir=${OVERLAY_MNT}${p},workdir=${OVERLAY_MNT}${p}.work,sync" mount -t overlay -o "$opts" "$mname" "$p" } @@ -84,19 +91,19 @@ targeted_clean() { log "restore-defaults: targeted_clean" # Do not delete FRU info, ssh/ssl certs, or machine-id ( - cd "${RWFS_MNT}/etc" + cd "${OVERLAY_SYNC}/etc" find . ! -regex '.*\(/ssl\|/dropbear\|/machine-id\(_bkup\)\?\|/fru\).*' -exec rm -rf {} + ) # nothing should be in the workdir, but clear it just in case - rm -rf "${RWFS_MNT}/etc.work" + rm -rf "${OVERLAY_SYNC}/etc.work" # clean everything out of /home - rm -rf "${RWFS_MNT}/home" "${RWFS_MNT}/home.work" + rm -rf "${OVERLAY_SYNC}/home" "${OVERLAY_SYNC}/home.work" # clean everything out of /var - rm -rf "${RWFS_MNT}/var" "${RWFS_MNT}/var.work" + rm -rf "${OVERLAY_SYNC}/var" "${OVERLAY_SYNC}/var.work" - echo "Files remaining: $(find $RWFS_MNT/)" + echo "Files remaining: $(find $OVERLAY_SYNC/)" sync } @@ -104,7 +111,7 @@ full_clean() { log "restore-defaults: full_clean" local OVL='' for OVL in $NV_OVERLAYS; do - rm -rf "${RWFS_MNT}${OVL}" "${RWFS_MNT}${OVL}.work" + rm -rf "${OVERLAY_SYNC}${OVL}" "${OVERLAY_SYNC}${OVL}.work" done sync } @@ -153,7 +160,8 @@ clear_ubenv() { flash_erase /dev/mtd/u-boot-env 0 0 } -# mount a UBIFS on the UBI volume +# mount NV filesystem +mkdir -p "$RWFS_MNT" prepare_ubi_volume $NV_MTD_NUM mount -t ubifs -o sync "/dev/ubi${NV_MTD_NUM}_0" "$RWFS_MNT" if [ $? -ne 0 ]; then @@ -178,21 +186,14 @@ elif [ $restore_op -eq 3 ]; then fi rm -f $RESTORE_FLAG +# Restore the overlay saved in the sync +rsync -a --delete "${OVERLAY_SYNC}/" "${OVERLAY_MNT}" +log "Restored overlay from sync location" + for FS in $NV_OVERLAYS; do nvrw "$FS" done -# at first boot, fix up /var/volatile/{log,tmp} to be RW (due to yocto nonsense) -if [ -L /var/log ]; then - # remove symlink /var/log -> volatile/log; make /var/log non-volatile - rm /var/log - mkdir -p /var/log - # remove symlink /var/tmp -> volatile/tmp; symlink to /tmp/var - rm /var/tmp - ln -s /tmp/var /var/tmp -fi -mkdir -p /tmp/var - # work around bug where /etc/machine-id will be mounted with a temporary file # if rootfs is read-only and the file is empty MACHINE_ID=/etc/machine-id @@ -205,9 +206,9 @@ if [ ! -s "$MACHINE_ID" ]; then # work around - Bug: Overlay fs fails for machine-id due to # origin mismatch. Clean it up, from overlay fs before re-creating # the same. - if [ -e "$RWFS_MNT$MACHINE_ID" ]; then + if [ -e "$OVERLAY_MNT$MACHINE_ID" ]; then umount "/etc" - rm -f "$RWFS_MNT$MACHINE_ID" + rm -f "$OVERLAY_MNT$MACHINE_ID" nvrw "/etc" # Restore the machine-id from backup, else generate it. if [ -s "${MACHINE_ID}_bkup" ]; then @@ -237,6 +238,6 @@ if ! grep -q sofs /proc/mounts; then fi fi -log "Finished mounting non-volatile overlays" +log "Finished mounting nv and overlays" exec /lib/systemd/systemd diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/prov-mode-mgr/prov-mode-mgr_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/prov-mode-mgr/prov-mode-mgr_git.bb index 94f0f8729..0b5a8f395 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/prov-mode-mgr/prov-mode-mgr_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/prov-mode-mgr/prov-mode-mgr_git.bb @@ -8,9 +8,9 @@ S = "${WORKDIR}/git/prov-mode-mgr" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e" -SRC_URI = "git://git@github.com/Intel-BMC/provingground.git;protocol=ssh" +SRC_URI = "git://github.com/Intel-BMC/provingground.git;protocol=ssh" -SRCREV = "e1dbcef575309efeb04d275565a6e9649f3b89dd" +SRCREV = "eddf621897090ba346b1aaa81a4b8be12076ab60" inherit cmake systemd SYSTEMD_SERVICE_${PN} = "xyz.openbmc_project.RestrictionMode.Manager.service" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/security-manager/security-manager_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/security-manager/security-manager_git.bb index 84e3f6c2b..6e1df2f89 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/security-manager/security-manager_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/security-manager/security-manager_git.bb @@ -9,8 +9,8 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://${INTELBASE}/COPYING.apache-2.0;md5=34400b68072d710fecd0a2940a0d1658" inherit cmake systemd -SRC_URI = "git://git@github.com/Intel-BMC/provingground.git;protocol=ssh" -SRCREV = "e1dbcef575309efeb04d275565a6e9649f3b89dd" +SRC_URI = "git://github.com/Intel-BMC/provingground.git;protocol=ssh" +SRCREV = "eddf621897090ba346b1aaa81a4b8be12076ab60" SYSTEMD_SERVICE_${PN} += "xyz.openbmc_project.SecurityManager.service" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/selftest/intel-self-test_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/selftest/intel-self-test_git.bb index da1d74207..f655d22e4 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/selftest/intel-self-test_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/selftest/intel-self-test_git.bb @@ -1,7 +1,7 @@ SUMMARY = "BMC Self Test service" DESCRIPTION = "BMC Self Test service for subsystem diagnosis failure info" -SRC_URI = "git://git@github.com/Intel-BMC/intel-self-test;protocol=ssh" +SRC_URI = "git://github.com/Intel-BMC/intel-self-test;protocol=ssh" PV = "1.0+git${SRCPV}" SRCREV = "d039998ad2c55aeae4191af30e15bbd3032508c1" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors_%.bbappend index 7da1cdc4d..f0bec9feb 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors_%.bbappend @@ -1,4 +1,4 @@ -SRCREV = "2424cb7c9752cbecc3d133a67cf1c20f8589f2c1" +SRCREV = "9f9b38d89a751e70cdf61bfb3f78c05800201f95" SRC_URI = "git://github.com/openbmc/dbus-sensors.git" DEPENDS_append = " libgpiod" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/settings/settings_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/settings/settings_git.bb index b8e3aa8e5..f8fe0682d 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/settings/settings_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/settings/settings_git.bb @@ -1,13 +1,13 @@ SUMMARY = "Settings" -SRC_URI = "git://git@github.com/Intel-BMC/provingground.git;protocol=ssh" -SRCREV = "e1dbcef575309efeb04d275565a6e9649f3b89dd" +SRC_URI = "git://github.com/Intel-BMC/provingground.git;protocol=ssh" +SRCREV = "eddf621897090ba346b1aaa81a4b8be12076ab60" PV = "0.1+git${SRCPV}" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://${INTELBASE}/COPYING.apache-2.0;md5=34400b68072d710fecd0a2940a0d1658" -SYSTEMD_SERVICE_${PN} = "settings.service" +SYSTEMD_SERVICE_${PN} = "xyz.openbmc_project.Settings.service" DEPENDS = "boost \ nlohmann-json \ diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/special-mode-mgr/special-mode-mgr_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/special-mode-mgr/special-mode-mgr_git.bb index 9b339d260..a6f5a433e 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/special-mode-mgr/special-mode-mgr_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/special-mode-mgr/special-mode-mgr_git.bb @@ -8,8 +8,8 @@ S = "${WORKDIR}/git/special-mode-mgr" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e" -SRC_URI = "git://git@github.com/Intel-BMC/provingground.git;protocol=ssh" -SRCREV = "e1dbcef575309efeb04d275565a6e9649f3b89dd" +SRC_URI = "git://github.com/Intel-BMC/provingground.git;protocol=ssh" +SRCREV = "eddf621897090ba346b1aaa81a4b8be12076ab60" EXTRA_OECMAKE += "${@bb.utils.contains('EXTRA_IMAGE_FEATURES', 'validation-unsecure', '-DBMC_VALIDATION_UNSECURE_FEATURE=ON', '', d)}" inherit cmake systemd diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/srvcfg-manager/srvcfg-manager_git.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/srvcfg-manager/srvcfg-manager_git.bb index 47202253a..05f97d1a9 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/srvcfg-manager/srvcfg-manager_git.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/srvcfg-manager/srvcfg-manager_git.bb @@ -8,8 +8,8 @@ S = "${WORKDIR}/git/srvcfg-manager" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e" -SRC_URI = "git://git@github.com/Intel-BMC/provingground.git;protocol=ssh" -SRCREV = "e1dbcef575309efeb04d275565a6e9649f3b89dd" +SRC_URI = "git://github.com/Intel-BMC/provingground.git;protocol=ssh" +SRCREV = "eddf621897090ba346b1aaa81a4b8be12076ab60" inherit cmake systemd SYSTEMD_SERVICE_${PN} = "srvcfg-manager.service" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/system/callback-manager.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/system/callback-manager.bb index 1ef186e3a..433bc7ca5 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/system/callback-manager.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/system/callback-manager.bb @@ -1,13 +1,13 @@ SUMMARY = "Callback Manager" DESCRIPTION = "D-Bus daemon that registers matches that trigger method calls" -SRC_URI = "git://git@github.com/Intel-BMC/provingground;protocol=ssh" +SRC_URI = "git://github.com/Intel-BMC/provingground;protocol=ssh" inherit cmake systemd DEPENDS = "boost sdbusplus" PV = "0.1+git${SRCPV}" -SRCREV = "e1dbcef575309efeb04d275565a6e9649f3b89dd" +SRCREV = "eddf621897090ba346b1aaa81a4b8be12076ab60" S = "${WORKDIR}/git/callback-manager" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/virtual-media/virtual-media.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/virtual-media/virtual-media.bb index a2c271885..ca86bd525 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/virtual-media/virtual-media.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/virtual-media/virtual-media.bb @@ -1,8 +1,8 @@ SUMMARY = "Virtual Media Service" DESCRIPTION = "Virtual Media Service" -SRC_URI = "git://git@github.com/Intel-BMC/provingground.git;protocol=ssh" -SRCREV = "e1dbcef575309efeb04d275565a6e9649f3b89dd" +SRC_URI = "git://github.com/Intel-BMC/provingground.git;protocol=ssh" +SRCREV = "eddf621897090ba346b1aaa81a4b8be12076ab60" S = "${WORKDIR}/git/virtual-media/" PV = "1.0+git${SRCPV}" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/webui/phosphor-webui_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/webui/phosphor-webui_%.bbappend index 2da438914..e77d8fd65 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/webui/phosphor-webui_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/webui/phosphor-webui_%.bbappend @@ -1,2 +1,2 @@ -SRC_URI = "git://git@github.com/Intel-BMC/phosphor-webui;protocol=ssh;branch=intel2" -SRCREV = "b26d415f38684f86e19e09a8073f9d4244adcb97" +SRC_URI = "git://github.com/Intel-BMC/phosphor-webui;protocol=ssh;branch=intel2" +SRCREV = "f9935eccf5b9de75d6622b3d0a719ce0f8a425d0" |