diff options
Diffstat (limited to 'meta-openbmc-mods/meta-common')
33 files changed, 1527 insertions, 78 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1g.bb b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1i.bb index 66fa8f7d0..a9120d136 100644 --- a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1g.bb +++ b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1i.bb @@ -23,7 +23,7 @@ SRC_URI_append_class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[sha256sum] = "ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46" +SRC_URI[sha256sum] = "e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242" inherit lib_package multilib_header multilib_script ptest MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" diff --git a/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0031-iconv-Fix-incorrect-UCS4-inner-loop-bounds-BZ-26923.patch b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0031-iconv-Fix-incorrect-UCS4-inner-loop-bounds-BZ-26923.patch new file mode 100644 index 000000000..708c481e3 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0031-iconv-Fix-incorrect-UCS4-inner-loop-bounds-BZ-26923.patch @@ -0,0 +1,151 @@ +From 228edd356f03bf62dcf2b1335f25d43c602ee68d Mon Sep 17 00:00:00 2001 +From: Michael Colavita <mcolavita@fb.com> +Date: Thu, 19 Nov 2020 11:44:40 -0500 +Subject: [PATCH] iconv: Fix incorrect UCS4 inner loop bounds (BZ#26923) + +Previously, in UCS4 conversion routines we limit the number of +characters we examine to the minimum of the number of characters in the +input and the number of characters in the output. This is not the +correct behavior when __GCONV_IGNORE_ERRORS is set, as we do not consume +an output character when we skip a code unit. Instead, track the input +and output pointers and terminate the loop when either reaches its +limit. + +This resolves assertion failures when resetting the input buffer in a step of +iconv, which assumes that the input will be fully consumed given sufficient +output space. +--- + iconv/Makefile | 2 +- + iconv/gconv_simple.c | 16 ++++---------- + iconv/tst-iconv8.c | 50 ++++++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 55 insertions(+), 13 deletions(-) + create mode 100644 iconv/tst-iconv8.c + +diff --git a/iconv/Makefile b/iconv/Makefile +index 30bf996d3a..f9b51e23ec 100644 +--- a/iconv/Makefile ++++ b/iconv/Makefile +@@ -44,7 +44,7 @@ CFLAGS-linereader.c += -DNO_TRANSLITERATION + CFLAGS-simple-hash.c += -I../locale + + tests = tst-iconv1 tst-iconv2 tst-iconv3 tst-iconv4 tst-iconv5 tst-iconv6 \ +- tst-iconv7 tst-iconv-mt ++ tst-iconv7 tst-iconv8 tst-iconv-mt + + others = iconv_prog iconvconfig + install-others-programs = $(inst_bindir)/iconv +diff --git a/iconv/gconv_simple.c b/iconv/gconv_simple.c +index d4797fba17..963b29f246 100644 +--- a/iconv/gconv_simple.c ++++ b/iconv/gconv_simple.c +@@ -239,11 +239,9 @@ ucs4_internal_loop (struct __gconv_step *step, + int flags = step_data->__flags; + const unsigned char *inptr = *inptrp; + unsigned char *outptr = *outptrp; +- size_t n_convert = MIN (inend - inptr, outend - outptr) / 4; + int result; +- size_t cnt; + +- for (cnt = 0; cnt < n_convert; ++cnt, inptr += 4) ++ for (; inptr + 4 <= inend && outptr + 4 <= outend; inptr += 4) + { + uint32_t inval; + +@@ -307,11 +305,9 @@ ucs4_internal_loop_unaligned (struct __gconv_step *step, + int flags = step_data->__flags; + const unsigned char *inptr = *inptrp; + unsigned char *outptr = *outptrp; +- size_t n_convert = MIN (inend - inptr, outend - outptr) / 4; + int result; +- size_t cnt; + +- for (cnt = 0; cnt < n_convert; ++cnt, inptr += 4) ++ for (; inptr + 4 <= inend && outptr + 4 <= outend; inptr += 4) + { + if (__glibc_unlikely (inptr[0] > 0x80)) + { +@@ -613,11 +609,9 @@ ucs4le_internal_loop (struct __gconv_step *step, + int flags = step_data->__flags; + const unsigned char *inptr = *inptrp; + unsigned char *outptr = *outptrp; +- size_t n_convert = MIN (inend - inptr, outend - outptr) / 4; + int result; +- size_t cnt; + +- for (cnt = 0; cnt < n_convert; ++cnt, inptr += 4) ++ for (; inptr + 4 <= inend && outptr + 4 <= outend; inptr += 4) + { + uint32_t inval; + +@@ -684,11 +678,9 @@ ucs4le_internal_loop_unaligned (struct __gconv_step *step, + int flags = step_data->__flags; + const unsigned char *inptr = *inptrp; + unsigned char *outptr = *outptrp; +- size_t n_convert = MIN (inend - inptr, outend - outptr) / 4; + int result; +- size_t cnt; + +- for (cnt = 0; cnt < n_convert; ++cnt, inptr += 4) ++ for (; inptr + 4 <= inend && outptr + 4 <= outend; inptr += 4) + { + if (__glibc_unlikely (inptr[3] > 0x80)) + { +diff --git a/iconv/tst-iconv8.c b/iconv/tst-iconv8.c +new file mode 100644 +index 0000000000..0b92b19f66 +--- /dev/null ++++ b/iconv/tst-iconv8.c +@@ -0,0 +1,50 @@ ++/* Test iconv behavior on UCS4 conversions with //IGNORE. ++ Copyright (C) 2020 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ <http://www.gnu.org/licenses/>. */ ++ ++/* Derived from BZ #26923 */ ++#include <errno.h> ++#include <iconv.h> ++#include <stdio.h> ++#include <support/check.h> ++ ++static int ++do_test (void) ++{ ++ iconv_t cd = iconv_open ("UTF-8//IGNORE", "ISO-10646/UCS4/"); ++ TEST_VERIFY_EXIT (cd != (iconv_t) -1); ++ ++ /* ++ * Convert sequence beginning with an irreversible character into buffer that ++ * is too small. ++ */ ++ char input[12] = "\xe1\x80\xa1" "AAAAAAAAA"; ++ char *inptr = input; ++ size_t insize = sizeof (input); ++ char output[6]; ++ char *outptr = output; ++ size_t outsize = sizeof (output); ++ ++ TEST_VERIFY (iconv (cd, &inptr, &insize, &outptr, &outsize) == -1); ++ TEST_VERIFY (errno == E2BIG); ++ ++ TEST_VERIFY_EXIT (iconv_close (cd) != -1); ++ ++ return 0; ++} ++ ++#include <support/test-driver.c> +-- +2.27.0 + diff --git a/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0032-Fix-buffer-overrun-in-EUC-KR-conversion-module-BZ-24973.patch b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0032-Fix-buffer-overrun-in-EUC-KR-conversion-module-BZ-24973.patch new file mode 100644 index 000000000..bc012e290 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0032-Fix-buffer-overrun-in-EUC-KR-conversion-module-BZ-24973.patch @@ -0,0 +1,133 @@ +From ee7a3144c9922808181009b7b3e50e852fb4999b Mon Sep 17 00:00:00 2001 +From: Andreas Schwab <schwab@suse.de> +Date: Mon, 21 Dec 2020 08:56:43 +0530 +Subject: [PATCH] Fix buffer overrun in EUC-KR conversion module (bz #24973) + +The byte 0xfe as input to the EUC-KR conversion denotes a user-defined +area and is not allowed. The from_euc_kr function used to skip two bytes +when told to skip over the unknown designation, potentially running over +the buffer end. +--- + iconvdata/Makefile | 3 ++- + iconvdata/bug-iconv13.c | 53 +++++++++++++++++++++++++++++++++++++++++ + iconvdata/euc-kr.c | 6 +---- + iconvdata/ksc5601.h | 6 ++--- + 4 files changed, 59 insertions(+), 9 deletions(-) + create mode 100644 iconvdata/bug-iconv13.c + +diff --git a/iconvdata/Makefile b/iconvdata/Makefile +index 4ec2741cdc..85009f3390 100644 +--- a/iconvdata/Makefile ++++ b/iconvdata/Makefile +@@ -73,7 +73,8 @@ modules.so := $(addsuffix .so, $(modules)) + ifeq (yes,$(build-shared)) + tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \ + tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \ +- bug-iconv10 bug-iconv11 bug-iconv12 ++ bug-iconv10 bug-iconv11 bug-iconv12 \ ++ bug-iconv13 + ifeq ($(have-thread-library),yes) + tests += bug-iconv3 + endif +diff --git a/iconvdata/bug-iconv13.c b/iconvdata/bug-iconv13.c +new file mode 100644 +index 0000000000..87aaff398e +--- /dev/null ++++ b/iconvdata/bug-iconv13.c +@@ -0,0 +1,53 @@ ++/* bug 24973: Test EUC-KR module ++ Copyright (C) 2020 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ <https://www.gnu.org/licenses/>. */ ++ ++#include <errno.h> ++#include <iconv.h> ++#include <stdio.h> ++#include <support/check.h> ++ ++static int ++do_test (void) ++{ ++ iconv_t cd = iconv_open ("UTF-8//IGNORE", "EUC-KR"); ++ TEST_VERIFY_EXIT (cd != (iconv_t) -1); ++ ++ /* 0xfe (->0x7e : row 94) and 0xc9 (->0x49 : row 41) are user-defined ++ areas, which are not allowed and should be skipped over due to ++ //IGNORE. The trailing 0xfe also is an incomplete sequence, which ++ should be checked first. */ ++ char input[4] = { '\xc9', '\xa1', '\0', '\xfe' }; ++ char *inptr = input; ++ size_t insize = sizeof (input); ++ char output[4]; ++ char *outptr = output; ++ size_t outsize = sizeof (output); ++ ++ /* This used to crash due to buffer overrun. */ ++ TEST_VERIFY (iconv (cd, &inptr, &insize, &outptr, &outsize) == (size_t) -1); ++ TEST_VERIFY (errno == EINVAL); ++ /* The conversion should produce one character, the converted null ++ character. */ ++ TEST_VERIFY (sizeof (output) - outsize == 1); ++ ++ TEST_VERIFY_EXIT (iconv_close (cd) != -1); ++ ++ return 0; ++} ++ ++#include <support/test-driver.c> +diff --git a/iconvdata/euc-kr.c b/iconvdata/euc-kr.c +index b0d56cf3ee..1045bae926 100644 +--- a/iconvdata/euc-kr.c ++++ b/iconvdata/euc-kr.c +@@ -80,11 +80,7 @@ euckr_from_ucs4 (uint32_t ch, unsigned char *cp) + \ + if (ch <= 0x9f) \ + ++inptr; \ +- /* 0xfe(->0x7e : row 94) and 0xc9(->0x59 : row 41) are \ +- user-defined areas. */ \ +- else if (__builtin_expect (ch == 0xa0, 0) \ +- || __builtin_expect (ch > 0xfe, 0) \ +- || __builtin_expect (ch == 0xc9, 0)) \ ++ else if (__glibc_unlikely (ch == 0xa0)) \ + { \ + /* This is illegal. */ \ + STANDARD_FROM_LOOP_ERR_HANDLER (1); \ +diff --git a/iconvdata/ksc5601.h b/iconvdata/ksc5601.h +index d3eb3a4ff8..f5cdc72797 100644 +--- a/iconvdata/ksc5601.h ++++ b/iconvdata/ksc5601.h +@@ -50,15 +50,15 @@ ksc5601_to_ucs4 (const unsigned char **s, size_t avail, unsigned char offset) + unsigned char ch2; + int idx; + ++ if (avail < 2) ++ return 0; ++ + /* row 94(0x7e) and row 41(0x49) are user-defined area in KS C 5601 */ + + if (ch < offset || (ch - offset) <= 0x20 || (ch - offset) >= 0x7e + || (ch - offset) == 0x49) + return __UNKNOWN_10646_CHAR; + +- if (avail < 2) +- return 0; +- + ch2 = (*s)[1]; + if (ch2 < offset || (ch2 - offset) <= 0x20 || (ch2 - offset) >= 0x7f) + return __UNKNOWN_10646_CHAR; +-- +2.27.0 + diff --git a/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc_%.bbappend b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc_%.bbappend new file mode 100644 index 000000000..3fa99af0a --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc_%.bbappend @@ -0,0 +1,5 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +SRC_URI += "file://0031-iconv-Fix-incorrect-UCS4-inner-loop-bounds-BZ-26923.patch \ + file://0032-Fix-buffer-overrun-in-EUC-KR-conversion-module-BZ-24973.patch \ + " diff --git a/meta-openbmc-mods/meta-common/recipes-intel/psu-manager/psu-manager/0001-disable-PSU-cold-redundancy.patch b/meta-openbmc-mods/meta-common/recipes-intel/psu-manager/psu-manager/0001-disable-PSU-cold-redundancy.patch deleted file mode 100644 index 23b805b87..000000000 --- a/meta-openbmc-mods/meta-common/recipes-intel/psu-manager/psu-manager/0001-disable-PSU-cold-redundancy.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 5829d9e6e1956ebb34ed8a723b0758146529459f Mon Sep 17 00:00:00 2001 -From: AppaRao Puli <apparao.puli@linux.intel.com> -Date: Wed, 7 Oct 2020 22:42:26 +0530 -Subject: [PATCH] disable PSU cold redundancy - -In RP platforms, single PSU also considered as -valid configuration. We don't have user configuration -option to enable/disable PSU cold redundancy. So -it should be disabled by default to avoid issues in -Rp platforms. -Also make sure if persistent config already set this -to true, make it to false. - -This avoids unwanted critical event logs and -unexpected LED status for RP platforms where -single PSU also considered as valid config. - -Tested: - - Rebooted BMC and observed no CR event logs and - no amber blocking of status LED. - - Set the persistent store to true, rebooted - BMC and value changed back to disabled. - -Change-Id: Ie0f1f3f8daa95593af6db698d65ea804cebfee87 -Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com> ---- - src/cold_redundancy.cpp | 15 ++++++++++++++- - 1 file changed, 14 insertions(+), 1 deletion(-) - -diff --git a/src/cold_redundancy.cpp b/src/cold_redundancy.cpp -index d64a9e3..3bfd37f 100644 ---- a/src/cold_redundancy.cpp -+++ b/src/cold_redundancy.cpp -@@ -76,8 +76,9 @@ ColdRedundancy::ColdRedundancy( - std::cerr << "error initializing assoc interface\n"; - } - -+ // For RP platforms, default cold redundancy should be disabled. -+ powerSupplyRedundancyEnabled(false); - // set default configuration -- powerSupplyRedundancyEnabled(true); - rotationEnabled(true); - periodOfRotation(7 * oneDay); - rotationAlgorithm(Algo::bmcSpecific); -@@ -109,6 +110,14 @@ ColdRedundancy::ColdRedundancy( - return; - } - -+ // For RP platforms, cold redundancy should be disabled. -+ // If its already set to true in persistent area, Lets -+ // override to false during bootup. -+ if (*redundancyEnabled) -+ { -+ *redundancyEnabled = false; -+ } -+ - if (*period >= minRotationPeriod && *period <= maxRotationPeriod) - { - periodOfRotation(*period); -@@ -867,6 +876,10 @@ void ColdRedundancy::readPmbus(uint8_t bus, uint8_t slaveAddr, int& value) - - void ColdRedundancy::checkRedundancyEvent() - { -+ if (!crSupported || !powerSupplyRedundancyEnabled()) -+ { -+ return; -+ } - puRedundantTimer.expires_after(std::chrono::seconds(2)); - puRedundantTimer.async_wait([this](const boost::system::error_code& ec) { - if (ec == boost::asio::error::operation_aborted) --- -2.7.4 - diff --git a/meta-openbmc-mods/meta-common/recipes-intel/smbios/smbios-mdrv2.bb b/meta-openbmc-mods/meta-common/recipes-intel/smbios/smbios-mdrv2.bb index df38debfa..5a5604524 100644 --- a/meta-openbmc-mods/meta-common/recipes-intel/smbios/smbios-mdrv2.bb +++ b/meta-openbmc-mods/meta-common/recipes-intel/smbios/smbios-mdrv2.bb @@ -2,7 +2,7 @@ SUMMARY = "SMBIOS MDR version 2 service for Intel based platform" DESCRIPTION = "SMBIOS MDR version 2 service for Intel based platfrom" SRC_URI = "git://github.com/Intel-BMC/mdrv2.git;protocol=ssh" -SRCREV = "1573995f8949bbd76a17fb34bb6de056e81f391c" +SRCREV = "4478c25423287575ebe2c579aea3da0150f2b735" S = "${WORKDIR}/git" diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/0126-Adjust-soc-modules-probing-order.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/0126-Adjust-soc-modules-probing-order.patch new file mode 100644 index 000000000..b9c1a2341 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/0126-Adjust-soc-modules-probing-order.patch @@ -0,0 +1,39 @@ +From dcdfa13b5a5dd43a6e40c0f6091ac6b70f856450 Mon Sep 17 00:00:00 2001 +From: Jae Hyun Yoo <jae.hyun.yoo@intel.com> +Date: Mon, 4 Jan 2021 13:29:49 -0800 +Subject: [PATCH] Adjust soc modules probing order + +This commit moves object adding order for modules under soc to +adjust module probing order. + +Don't updtream it. It should be a downstream patch. + +Signed-off-by: Jae Hyun Yoo <jae.hyun.yoo@intel.com> +--- + drivers/Makefile | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/drivers/Makefile b/drivers/Makefile +index 297047d4ed9b..854e82d87727 100644 +--- a/drivers/Makefile ++++ b/drivers/Makefile +@@ -38,9 +38,6 @@ obj-y += clk/ + # really early. + obj-$(CONFIG_DMADEVICES) += dma/ + +-# SOC specific infrastructure drivers. +-obj-y += soc/ +- + obj-$(CONFIG_VIRTIO) += virtio/ + obj-$(CONFIG_XEN) += xen/ + +@@ -188,3 +185,6 @@ obj-$(CONFIG_INTERCONNECT) += interconnect/ + obj-$(CONFIG_COUNTER) += counter/ + obj-$(CONFIG_PECI) += peci/ + obj-$(CONFIG_JTAG_ASPEED) += jtag/ ++ ++# SOC specific infrastructure drivers. ++obj-y += soc/ +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1002-Filter-erroneous-adc-readings.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1002-Filter-erroneous-adc-readings.patch index 9306ca9e2..34fd66e69 100644 --- a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1002-Filter-erroneous-adc-readings.patch +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1002-Filter-erroneous-adc-readings.patch @@ -36,7 +36,7 @@ index c115797c4cc5..c1e775e764ca 100644 #define ASPEED_ADC_CHANNELS_MAX 16 #define ASPEED_ADC_RAW_VALUE_MAX 0x3ff -+#define ASPEED_ADC_RAW_VALUE_DELTA_THRESHOLD 80 ++#define ASPEED_ADC_RAW_VALUE_DELTA_THRESHOLD 40 struct aspeed_adc_model_data { const char *model_name; diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1003-Die_CPU-filter-first-zero-from-GetTemp.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1003-Die_CPU-filter-first-zero-from-GetTemp.patch new file mode 100644 index 000000000..b7823ce14 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1003-Die_CPU-filter-first-zero-from-GetTemp.patch @@ -0,0 +1,60 @@ +From 0d202fb06b873c5e258658462ac4fc01a673fd83 Mon Sep 17 00:00:00 2001 +From: Zhikui Ren <zhikui.ren@intel.com> +Date: Mon, 11 Jan 2021 16:31:36 -0800 +Subject: [PATCH] Die_CPU: filter first zero from GetTemp + +Peci command GetTemp can return 0 during CPU reset. +It does not have a have completion code either. +Discard the first zero reading and return -ENODATA. +Consecutive zeros will be returned so that real hot +condition will still be detected and logged but possibly delayed +by the sensor polling period, which is normally 500ms-1s. + +Signed-off-by: Zhikui Ren <zhikui.ren@intel.com> +--- + drivers/hwmon/peci-cputemp.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/drivers/hwmon/peci-cputemp.c b/drivers/hwmon/peci-cputemp.c +index b633ea545644..19002f02bd91 100644 +--- a/drivers/hwmon/peci-cputemp.c ++++ b/drivers/hwmon/peci-cputemp.c +@@ -15,6 +15,7 @@ + + struct temp_group { + struct peci_sensor_data die; ++ u32 die_raw_prev; + struct peci_sensor_data dts; + struct peci_sensor_data tcontrol; + struct peci_sensor_data tthrottle; +@@ -129,6 +130,7 @@ static int get_die_temp(struct peci_cputemp *priv) + { + struct peci_get_temp_msg msg; + int ret; ++ bool discard = false; + + if (!peci_sensor_need_update(&priv->temp.die)) + return 0; +@@ -139,6 +141,19 @@ static int get_die_temp(struct peci_cputemp *priv) + if (ret) + return ret; + ++ /* GET_TEMP command does not have cc and can return zero during ++ * cpu reset. Treat the first zero reading as data not available. ++ * Consecutive zeros will be returned so true hot condition ++ * is not be missed. ++ */ ++ if (msg.temp_raw == 0 && priv->temp.die_raw_prev != 0) { ++ pr_err("peci-cputemp_die: discard first 0 reading from GetTemp\n"); ++ discard = true; ++ } ++ priv->temp.die_raw_prev = msg.temp_raw; ++ if (discard) ++ return -ENODATA; ++ + /* Note that the tjmax should be available before calling it */ + priv->temp.die.value = priv->temp.tjmax.value + + (msg.temp_raw * 1000 / 64); +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1004-DTS_CPU-filter-first-zero-from-RdPkgConfig-10.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1004-DTS_CPU-filter-first-zero-from-RdPkgConfig-10.patch new file mode 100644 index 000000000..aab6c3cea --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/1004-DTS_CPU-filter-first-zero-from-RdPkgConfig-10.patch @@ -0,0 +1,64 @@ +From 68db4c74c43d4042b0b32bcd133121ab39b9b310 Mon Sep 17 00:00:00 2001 +From: Zhikui Ren <zhikui.ren@intel.com> +Date: Tue, 2 Feb 2021 14:49:28 -0800 +Subject: [PATCH] DTS_CPU: filter first zero from RdPkgConfig 10 + +Peci command GetPkgConfig 10 can return 0 (hot) with cc 0x40 +after cpu reset. Once pcode run time image is loaded +and it returns 0x8000 as DTS margin data not ready +Discard the first zero reading and return -ENODATA. +Consecutive zeros will be returned so that real hot +condition will still be detected and logged but possibly delayed +by the sensor polling period, which is normally one second. + +Signed-off-by: Zhikui Ren <zhikui.ren@intel.com> +--- + drivers/hwmon/peci-cputemp.c | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/drivers/hwmon/peci-cputemp.c b/drivers/hwmon/peci-cputemp.c +index 19002f02bd91..e1860779aa66 100644 +--- a/drivers/hwmon/peci-cputemp.c ++++ b/drivers/hwmon/peci-cputemp.c +@@ -17,6 +17,7 @@ struct temp_group { + struct peci_sensor_data die; + u32 die_raw_prev; + struct peci_sensor_data dts; ++ u32 dts_raw_prev; + struct peci_sensor_data tcontrol; + struct peci_sensor_data tthrottle; + struct peci_sensor_data tjmax; +@@ -168,6 +169,7 @@ static int get_dts(struct peci_cputemp *priv) + s32 dts_margin; + u8 pkg_cfg[4]; + int ret; ++ bool discard = false; + + if (!peci_sensor_need_update(&priv->temp.dts)) + return 0; +@@ -181,6 +183,22 @@ static int get_dts(struct peci_cputemp *priv) + + dts_margin = le16_to_cpup((__le16 *)pkg_cfg); + ++ /* There is a small window (500us) for read dts_margin (RdPkgConfig 10) ++ * to return cc 0x40, and dts_margin of 0 after cpu reset, before runtime ++ * image is loaded to set it to 0x8000 (dts reading not ready). ++ * DTS sensor is polled by user application at a slower rate than this window. ++ * Treat the first zero reading as data not available. ++ * Consecutive zeros will be returned so true hot condition ++ * is not be missed. ++ */ ++ if (dts_margin == 0 && priv->temp.dts_raw_prev != 0) { ++ pr_err("peci-cputemp_dts: discard first 0 reading from RdPkgConfig 10\n"); ++ discard = true; ++ } ++ priv->temp.dts_raw_prev = dts_margin; ++ if (discard) ++ return -ENODATA; ++ + /** + * Processors return a value of DTS reading in 10.6 format + * (10 bits signed decimal, 6 bits fractional). +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-0465/0001-HID-core-Correctly-handle-ReportSize-being-zero.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-0465/0001-HID-core-Correctly-handle-ReportSize-being-zero.patch new file mode 100644 index 000000000..d6550383b --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-0465/0001-HID-core-Correctly-handle-ReportSize-being-zero.patch @@ -0,0 +1,65 @@ +From 667514df10a08e4a65cb88f5fd5ffeccd027c4af Mon Sep 17 00:00:00 2001 +From: Marc Zyngier <maz@kernel.org> +Date: Sat, 29 Aug 2020 12:26:01 +0100 +Subject: [PATCH] HID: core: Correctly handle ReportSize being zero + +commit bce1305c0ece3dc549663605e567655dd701752c upstream. + +It appears that a ReportSize value of zero is legal, even if a bit +non-sensical. Most of the HID code seems to handle that gracefully, +except when computing the total size in bytes. When fed as input to +memset, this leads to some funky outcomes. + +Detect the corner case and correctly compute the size. + +Cc: stable@vger.kernel.org +Signed-off-by: Marc Zyngier <maz@kernel.org> +Signed-off-by: Benjamin Tissoires <benjamin.tissoires@gmail.com> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + drivers/hid/hid-core.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c +index 359616e3efbb..d2ecc9c45255 100644 +--- a/drivers/hid/hid-core.c ++++ b/drivers/hid/hid-core.c +@@ -1597,6 +1597,17 @@ static void hid_output_field(const struct hid_device *hid, + } + } + ++/* ++ * Compute the size of a report. ++ */ ++static size_t hid_compute_report_size(struct hid_report *report) ++{ ++ if (report->size) ++ return ((report->size - 1) >> 3) + 1; ++ ++ return 0; ++} ++ + /* + * Create a report. 'data' has to be allocated using + * hid_alloc_report_buf() so that it has proper size. +@@ -1609,7 +1620,7 @@ void hid_output_report(struct hid_report *report, __u8 *data) + if (report->id > 0) + *data++ = report->id; + +- memset(data, 0, ((report->size - 1) >> 3) + 1); ++ memset(data, 0, hid_compute_report_size(report)); + for (n = 0; n < report->maxfield; n++) + hid_output_field(report->device, report->field[n], data); + } +@@ -1739,7 +1750,7 @@ int hid_report_raw_event(struct hid_device *hid, int type, u8 *data, u32 size, + csize--; + } + +- rsize = ((report->size - 1) >> 3) + 1; ++ rsize = hid_compute_report_size(report); + + if (report_enum->numbered && rsize >= HID_MAX_BUFFER_SIZE) + rsize = HID_MAX_BUFFER_SIZE - 1; +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-0466/0001-epoll-Keep-a-reference-on-files-added-to-the-check-l.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-0466/0001-epoll-Keep-a-reference-on-files-added-to-the-check-l.patch new file mode 100644 index 000000000..0e2d0c53f --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-0466/0001-epoll-Keep-a-reference-on-files-added-to-the-check-l.patch @@ -0,0 +1,68 @@ +From b158e91610c76c5d9c61c4e990d56405b62bf05a Mon Sep 17 00:00:00 2001 +From: Marc Zyngier <maz@kernel.org> +Date: Wed, 19 Aug 2020 17:12:17 +0100 +Subject: [PATCH] epoll: Keep a reference on files added to the check list + +commit a9ed4a6560b8562b7e2e2bed9527e88001f7b682 upstream. + +When adding a new fd to an epoll, and that this new fd is an +epoll fd itself, we recursively scan the fds attached to it +to detect cycles, and add non-epool files to a "check list" +that gets subsequently parsed. + +However, this check list isn't completely safe when deletions +can happen concurrently. To sidestep the issue, make sure that +a struct file placed on the check list sees its f_count increased, +ensuring that a concurrent deletion won't result in the file +disapearing from under our feet. + +Cc: stable@vger.kernel.org +Signed-off-by: Marc Zyngier <maz@kernel.org> +Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> +Signed-off-by: Marc Zyngier <maz@kernel.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + fs/eventpoll.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/fs/eventpoll.c b/fs/eventpoll.c +index 6307c1d883e0..b53ae571f064 100644 +--- a/fs/eventpoll.c ++++ b/fs/eventpoll.c +@@ -1991,9 +1991,11 @@ static int ep_loop_check_proc(void *priv, void *cookie, int call_nests) + * not already there, and calling reverse_path_check() + * during ep_insert(). + */ +- if (list_empty(&epi->ffd.file->f_tfile_llink)) ++ if (list_empty(&epi->ffd.file->f_tfile_llink)) { ++ get_file(epi->ffd.file); + list_add(&epi->ffd.file->f_tfile_llink, + &tfile_check_list); ++ } + } + } + mutex_unlock(&ep->mtx); +@@ -2037,6 +2039,7 @@ static void clear_tfile_check_list(void) + file = list_first_entry(&tfile_check_list, struct file, + f_tfile_llink); + list_del_init(&file->f_tfile_llink); ++ fput(file); + } + INIT_LIST_HEAD(&tfile_check_list); + } +@@ -2196,9 +2199,11 @@ SYSCALL_DEFINE4(epoll_ctl, int, epfd, int, op, int, fd, + clear_tfile_check_list(); + goto error_tgt_fput; + } +- } else ++ } else { ++ get_file(tf.file); + list_add(&tf.file->f_tfile_llink, + &tfile_check_list); ++ } + mutex_lock_nested(&ep->mtx, 0); + if (is_file_epoll(tf.file)) { + tep = tf.file->private_data; +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-27825/0001-tracing-Fix-race-in-trace_open-and-buffer-resize-cal.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-27825/0001-tracing-Fix-race-in-trace_open-and-buffer-resize-cal.patch new file mode 100644 index 000000000..8313c0533 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-27825/0001-tracing-Fix-race-in-trace_open-and-buffer-resize-cal.patch @@ -0,0 +1,60 @@ +From d8fb64e4164d3f4c89eb58c27b2472a052359823 Mon Sep 17 00:00:00 2001 +From: Gaurav Kohli <gkohli@codeaurora.org> +Date: Tue, 6 Oct 2020 15:03:53 +0530 +Subject: [PATCH] tracing: Fix race in trace_open and buffer resize call + +Below race can come, if trace_open and resize of +cpu buffer is running parallely on different cpus +CPUX CPUY + ring_buffer_resize + atomic_read(&buffer->resize_disabled) +tracing_open +tracing_reset_online_cpus +ring_buffer_reset_cpu +rb_reset_cpu + rb_update_pages + remove/insert pages +resetting pointer + +This race can cause data abort or some times infinte loop in +rb_remove_pages and rb_insert_pages while checking pages +for sanity. + +Take buffer lock to fix this. + +Link: https://lkml.kernel.org/r/1601976833-24377-1-git-send-email-gkohli@codeaurora.org + +Cc: stable@vger.kernel.org +Fixes: b23d7a5f4a07a ("ring-buffer: speed up buffer resets by avoiding synchronize_rcu for each CPU") +Signed-off-by: Gaurav Kohli <gkohli@codeaurora.org> +Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> +--- + kernel/trace/ring_buffer.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c +index 4bf050fcfe3b..6a790901270f 100644 +--- a/kernel/trace/ring_buffer.c ++++ b/kernel/trace/ring_buffer.c +@@ -4406,6 +4406,9 @@ void ring_buffer_reset_cpu(struct ring_buffer *buffer, int cpu) + if (!cpumask_test_cpu(cpu, buffer->cpumask)) + return; + ++ /* prevent another thread from changing buffer sizes */ ++ mutex_lock(&buffer->mutex); ++ + atomic_inc(&buffer->resize_disabled); + atomic_inc(&cpu_buffer->record_disabled); + +@@ -4428,6 +4431,8 @@ void ring_buffer_reset_cpu(struct ring_buffer *buffer, int cpu) + + atomic_dec(&cpu_buffer->record_disabled); + atomic_dec(&buffer->resize_disabled); ++ ++ mutex_unlock(&buffer->mutex); + } + EXPORT_SYMBOL_GPL(ring_buffer_reset_cpu); + +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-29569/0001-xen-blkback-set-ring-xenblkd-to-null-after-kthread-stop.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-29569/0001-xen-blkback-set-ring-xenblkd-to-null-after-kthread-stop.patch new file mode 100644 index 000000000..2c55e4f46 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2020-29569/0001-xen-blkback-set-ring-xenblkd-to-null-after-kthread-stop.patch @@ -0,0 +1,54 @@ +From 1c728719a4da6e654afb9cc047164755072ed7c9 Mon Sep 17 00:00:00 2001 +From: Pawel Wieczorkiewicz <wipawel@amazon.de> +Date: Mon, 14 Dec 2020 10:25:57 +0100 +Subject: xen-blkback: set ring->xenblkd to NULL after kthread_stop() + +CVE-2020-29569 fix: This is XSA-350 +commit id: 1c728719a4da6e654afb9cc047164755072ed7c9 + +When xen_blkif_disconnect() is called, the kernel thread behind the +block interface is stopped by calling kthread_stop(ring->xenblkd). +The ring->xenblkd thread pointer being non-NULL determines if the +thread has been already stopped. +Normally, the thread's function xen_blkif_schedule() sets the +ring->xenblkd to NULL, when the thread's main loop ends. + +However, when the thread has not been started yet (i.e. +wake_up_process() has not been called on it), the xen_blkif_schedule() +function would not be called yet. + +In such case the kthread_stop() call returns -EINTR and the +ring->xenblkd remains dangling. +When this happens, any consecutive call to xen_blkif_disconnect (for +example in frontend_changed() callback) leads to a kernel crash in +kthread_stop() (e.g. NULL pointer dereference in exit_creds()). + +This is XSA-350. + +Cc: <stable@vger.kernel.org> # 4.12 +Fixes: a24fa22ce22a ("xen/blkback: don't use xen_blkif_get() in xen-blkback kthread") +Reported-by: Olivier Benjamin <oliben@amazon.com> +Reported-by: Pawel Wieczorkiewicz <wipawel@amazon.de> +Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> +Reviewed-by: Julien Grall <jgrall@amazon.com> +Reviewed-by: Juergen Gross <jgross@suse.com> +Signed-off-by: Juergen Gross <jgross@suse.com> +--- + drivers/block/xen-blkback/xenbus.c | 1 + + 1 file changed, 1 insertion(+) + +(limited to 'drivers/block/xen-blkback/xenbus.c') + +diff --git a/drivers/block/xen-blkback/xenbus.c b/drivers/block/xen-blkback/xenbus.c +index 1d8b8d24496c3..9860d4842f36c 100644 +--- a/drivers/block/xen-blkback/xenbus.c ++++ b/drivers/block/xen-blkback/xenbus.c +@@ -274,6 +274,7 @@ static int xen_blkif_disconnect(struct xen_blkif *blkif) + + if (ring->xenblkd) { + kthread_stop(ring->xenblkd); ++ ring->xenblkd = NULL; + wake_up(&ring->shutdown_wq); + } + +-- diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed_%.bbappend b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed_%.bbappend index c2e2343dc..0186ee5f4 100644 --- a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed_%.bbappend @@ -99,6 +99,9 @@ SRC_URI += " \ file://1002-Filter-erroneous-adc-readings.patch \ file://0121-Add-a-WA-to-defer-flash-writes-on-PS_ALERT_N-asserti.patch \ file://0125-i2c-aspeed-clear-slave-addresses-in-probe.patch \ + file://0126-Adjust-soc-modules-probing-order.patch \ + file://1003-Die_CPU-filter-first-zero-from-GetTemp.patch \ + file://1004-DTS_CPU-filter-first-zero-from-RdPkgConfig-10.patch \ " # CVE-2020-16166 vulnerability fix @@ -180,5 +183,29 @@ SRC_URI += " \ file://0001-tty-Fix-session-locking.patch \ " +# CVE-2020-29569 vulnerability fix +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}/CVE-2020-29569:" +SRC_URI += " \ + file://0001-xen-blkback-set-ring-xenblkd-to-null-after-kthread-stop.patch \ + " + +# CVE-2020-0465 vulnerability fix +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}/CVE-2020-0465:" +SRC_URI += " \ + file://0001-HID-core-Correctly-handle-ReportSize-being-zero.patch \ + " + +# CVE-2020-0466 vulnerability fix +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}/CVE-2020-0466:" +SRC_URI += " \ + file://0001-epoll-Keep-a-reference-on-files-added-to-the-check-l.patch \ + " + +# CVE-2020-27825 vulnerability fix +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}/CVE-2020-27825:" +SRC_URI += " \ + file://0001-tracing-Fix-race-in-trace_open-and-buffer-resize-cal.patch \ + " + SRC_URI += "${@bb.utils.contains('IMAGE_FSTYPES', 'intel-pfr', 'file://0005-128MB-flashmap-for-PFR.patch', '', d)}" SRC_URI += "${@bb.utils.contains('EXTRA_IMAGE_FEATURES', 'debug-tweaks', 'file://debug.cfg', '', d)}" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/fans/phosphor-pid-control/0003-fix-phosphor-pid-control-crash-when-fail-to-create-p.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/fans/phosphor-pid-control/0003-fix-phosphor-pid-control-crash-when-fail-to-create-p.patch new file mode 100644 index 000000000..8ba880440 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/fans/phosphor-pid-control/0003-fix-phosphor-pid-control-crash-when-fail-to-create-p.patch @@ -0,0 +1,122 @@ +From 15db42de295b0d38fdd4a3b6bdd8bb9dfe75eba9 Mon Sep 17 00:00:00 2001 +From: Zhikui Ren <zhikui.ren@intel.com> +Date: Mon, 4 Jan 2021 23:31:37 -0800 +Subject: [PATCH] fix phosphor-pid-control crash when fail to create passive + sensor + +When creation of a passive dbus sensor that monitors an existing sensor +object fails, try to create the passive sensor in the failed state, +and mark it non-functional. The failed sensor state may set the fan to +boosted state. If this attempt fails also, something is wrong, +throw the exception. + +This change prevents phosphor-pid-control to crash if some dependent +sensor service is in a bad state. This patch tries to only change the +behavior for this corner case, which is observed for +exitairtempsensor during dc-cyle testing. +Added a logging message to gather information on why it fails. + +This is temporary workaround. When rootcause is understood, +rework maybe needed for a better long term fix.. + +Tested: +Faked a failure in passive sensor creation and verified that the failed +Sensor was created. +Ran dc cycle 1000 times, phosphor-pid-control did not crash + +Signed-off-by: Zhikui Ren <zhikui.ren@intel.com> +--- + dbus/dbuspassive.cpp | 27 +++++++++++++++++++++++++++ + dbus/dbuspassive.hpp | 6 ++++++ + sensors/builder.cpp | 13 ++++++++++--- + 3 files changed, 43 insertions(+), 3 deletions(-) + +diff --git a/dbus/dbuspassive.cpp b/dbus/dbuspassive.cpp +index 4c6e405..de64711 100644 +--- a/dbus/dbuspassive.cpp ++++ b/dbus/dbuspassive.cpp +@@ -58,6 +58,8 @@ std::unique_ptr<ReadInterface> DbusPassive::createDbusPassive( + } + catch (const std::exception& e) + { ++ std::cerr << __func__ << " line:" << __LINE__ << e.what() << "\n"; ++ std::cerr << "type: " << type << " id:" << id << "\n"; + return nullptr; + } + +@@ -72,6 +74,31 @@ std::unique_ptr<ReadInterface> DbusPassive::createDbusPassive( + failed, path, redundancy); + } + ++std::unique_ptr<ReadInterface> DbusPassive::createFailedDbusPassive( ++ sdbusplus::bus::bus& bus, const std::string& type, const std::string& id, ++ DbusHelperInterface* helper, const conf::SensorConfig* info, ++ const std::shared_ptr<DbusPassiveRedundancy>& redundancy) ++{ ++ if (helper == nullptr) ++ { ++ return nullptr; ++ } ++ if (!validType(type)) ++ { ++ return nullptr; ++ } ++ ++ /* service == busname */ ++ std::string path = getSensorPath(type, id); ++ ++ struct SensorProperties settings; ++ //mark sensor failed ++ auto failedSensor = std::make_unique<DbusPassive>(bus, type, id, helper, settings, ++ true, path, redundancy); ++ failedSensor->setFunctional (false); ++ return failedSensor; ++} ++ + DbusPassive::DbusPassive( + sdbusplus::bus::bus& bus, const std::string& type, const std::string& id, + DbusHelperInterface* helper, const struct SensorProperties& settings, +diff --git a/dbus/dbuspassive.hpp b/dbus/dbuspassive.hpp +index 91733e9..d104e47 100644 +--- a/dbus/dbuspassive.hpp ++++ b/dbus/dbuspassive.hpp +@@ -41,6 +41,12 @@ class DbusPassive : public ReadInterface + const conf::SensorConfig* info, + const std::shared_ptr<DbusPassiveRedundancy>& redundancy); + ++ static std::unique_ptr<ReadInterface> createFailedDbusPassive( ++ sdbusplus::bus::bus& bus, const std::string& type, ++ const std::string& id, DbusHelperInterface* helper, ++ const conf::SensorConfig* info, ++ const std::shared_ptr<DbusPassiveRedundancy>& redundancy); ++ + DbusPassive(sdbusplus::bus::bus& bus, const std::string& type, + const std::string& id, DbusHelperInterface* helper, + const struct SensorProperties& settings, bool failed, +diff --git a/sensors/builder.cpp b/sensors/builder.cpp +index 4da1cf2..72fa3cb 100644 +--- a/sensors/builder.cpp ++++ b/sensors/builder.cpp +@@ -87,9 +87,16 @@ SensorManager + } + if (ri == nullptr) + { +- throw SensorBuildException( +- "Failed to create dbus passive sensor: " + name + +- " of type: " + info->type); ++ ri = DbusPassive::createFailedDbusPassive(passiveListeningBus, ++ info->type, name, ++ &helper, info, nullptr); ++ if (ri == nullptr) { ++ throw SensorBuildException( ++ "Failed to create dbus passive sensor: " + name + ++ " of type: " + info->type); ++ } else { ++ std::cerr << "set failed dbus passive sensor to non-function\n"; ++ } + } + break; + case IOInterfaceType::EXTERNAL: +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/fans/phosphor-pid-control_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/fans/phosphor-pid-control_%.bbappend index 7d717a01d..8f65609d7 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/fans/phosphor-pid-control_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/fans/phosphor-pid-control_%.bbappend @@ -11,4 +11,5 @@ FILES_${PN} = "${bindir}/swampd ${bindir}/setsensor" SRC_URI += "file://0001-Eliminate-swampd-core-dump-after-D-Bus-updates-senso.patch \ file://0002-Prevent-run-away-memory-consumption-from-swamped.patch \ + file://0003-fix-phosphor-pid-control-crash-when-fail-to-create-p.patch \ " diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd/0001-Avoid-negated-postcode-write-to-D-Bus.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd/0001-Avoid-negated-postcode-write-to-D-Bus.patch new file mode 100644 index 000000000..37b57fd11 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd/0001-Avoid-negated-postcode-write-to-D-Bus.patch @@ -0,0 +1,55 @@ +From c931dfac478b3ac045a399ca372ddef847bcf9dd Mon Sep 17 00:00:00 2001 +From: AppaRao Puli <apparao.puli@linux.intel.com> +Date: Mon, 21 Dec 2020 01:00:28 +0530 +Subject: [PATCH] Avoid negated postcode write to D-Bus + +This commit removes the code which writes the negated +postcode value to D-Bus object. This has some side effects +when bombarded data pushed to port 80. + +With this change, if same post code is written on LPC channel +it will be set but D-Bus will not emit the 'PropertiesChanged' +signal. Actually there is no need to emit the signal if actual +property value(postcode) is not changed. + +So if post code is changes, D-Bus will emit the signal as usual +with this code. Any client applications depends on this, still +can register for signal for knowing postcode change. + +Tested: + - Manually verified setting different post code emits the signal. + + busctl set-property xyz.openbmc_project.State.Boot.Raw + /xyz/openbmc_project/state/boot/raw xyz.openbmc_project.State.Boot.Raw + Value t 00 + + dbus-monitor --system "type='signal',member='PropertiesChanged', + interface='org.freedesktop.DBus.Properties', + path_namespace=/xyz/openbmc_project/state/boot/raw, + arg0=xyz.openbmc_project.State.Boot.Raw" + + - Verified functionality with real post code changes. + +Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com> +--- + main.cpp | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/main.cpp b/main.cpp +index 1094e43..5d5d923 100644 +--- a/main.cpp ++++ b/main.cpp +@@ -62,10 +62,6 @@ void PostCodeEventHandler(sdeventplus::source::IO& s, int postFd, uint32_t, + { + fprintf(stderr, "Code: 0x%" PRIx64 "\n", code); + } +- // HACK: Always send property changed signal even for the same code +- // since we are single threaded, external users will never see the +- // first value. +- reporter->value(~code, true); + reporter->value(code); + + // read depends on old data being cleared since it doens't always read +-- +2.7.4 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_%.bbappend new file mode 100644 index 000000000..19142899d --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_%.bbappend @@ -0,0 +1,6 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" +PROJECT_SRC_DIR := "${THISDIR}/${PN}" + +DEPENDS += " gtest" + +SRC_URI += "file://0001-Avoid-negated-postcode-write-to-D-Bus.patch" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_git.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_git.bbappend deleted file mode 100644 index 08d867de4..000000000 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_git.bbappend +++ /dev/null @@ -1 +0,0 @@ -DEPENDS += " gtest" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0039-Return-InternalError-on-DBus-error.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0039-Return-InternalError-on-DBus-error.patch new file mode 100644 index 000000000..f36ff76c8 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0039-Return-InternalError-on-DBus-error.patch @@ -0,0 +1,41 @@ +From 1a78cc35251621eec99f092fb39c8bb303681395 Mon Sep 17 00:00:00 2001 +From: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski@intel.com> +Date: Thu, 21 Jan 2021 14:41:15 +0100 +Subject: [PATCH] Return InternalError on DBus error + +Fixes returning empty response with 200 return code on GET request on +Virtual Media resource. +This happens when eg. dbus is highly occupied. Dbus call return timeout +error and response is silently dropped. +This update makes the response for such request more verbose, making +user aware that something went wrong. + +Tested: +Tested using Multiple_simultaneous_sessions.py. The one used to +reproduce this problem. + +Change-Id: I2c72684a2f4379ef32432895bdf0f412880790f2 +Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski@intel.com> +--- + redfish-core/lib/virtual_media.hpp | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/redfish-core/lib/virtual_media.hpp b/redfish-core/lib/virtual_media.hpp +index 5739204..70368eb 100644 +--- a/redfish-core/lib/virtual_media.hpp ++++ b/redfish-core/lib/virtual_media.hpp +@@ -223,7 +223,10 @@ static void getVmData(std::shared_ptr<AsyncResp> aResp, + ManagedObjectType& subtree) { + if (ec) + { +- BMCWEB_LOG_DEBUG << "DBUS response error"; ++ BMCWEB_LOG_ERROR ++ << "VirtualMedia::GetManagedObjects() D-Bus call error: " ++ << ec; ++ messages::internalError(aResp->res); + + return; + } +-- +2.26.2 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0040-Add-boundary-check-to-avoid-crash.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0040-Add-boundary-check-to-avoid-crash.patch new file mode 100644 index 000000000..ecb40c5b1 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0040-Add-boundary-check-to-avoid-crash.patch @@ -0,0 +1,58 @@ +From 87542156191bbfbc4f40a62ca4d8e67dc4f7d173 Mon Sep 17 00:00:00 2001 +From: AppaRao Puli <apparao.puli@linux.intel.com> +Date: Fri, 22 Jan 2021 13:31:20 +0530 +Subject: [PATCH] Add boundary check to avoid crash + +While stressing the firmware updates, its found +that bmcweb is crashing with below error. +Jan 06 21:38:40 intel-obmc bmcweb[388]: malloc(): unsorted double linked list corrupted +Jan 06 21:38:42 intel-obmc systemd[1]: bmcweb.service: Main process exited, code=dumped, status=6/ABRT +Jan 06 21:38:42 intel-obmc systemd[1]: bmcweb.service: Failed with result 'core-dump'. + +Further reviewing code, Its found that this could +be due to memory usage out of boundary. So change strcpy +to safe strncpy call. Also added return value check for +calloc failure. + +Tested: + - Performed some redfish stress with basic auth. + - Performed firmware updates stressing and no issues + found afterwards. + +Change-Id: I43767ec294c0de08047f4108adbda950bf84007a +Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com> +--- + include/pam_authenticate.hpp | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/include/pam_authenticate.hpp b/include/pam_authenticate.hpp +index 912093a..12f19c0 100644 +--- a/include/pam_authenticate.hpp ++++ b/include/pam_authenticate.hpp +@@ -23,17 +23,18 @@ inline int pamFunctionConversation(int numMsg, const struct pam_message** msg, + return PAM_AUTH_ERR; + } + +- std::strcpy(pass, appPass); ++ std::strncpy(pass, appPass, appPassSize + 1); + +- *resp = reinterpret_cast<pam_response*>( +- calloc(static_cast<size_t>(numMsg), sizeof(struct pam_response))); +- +- if (resp == nullptr) ++ void* ptr = ++ calloc(static_cast<size_t>(numMsg), sizeof(struct pam_response)); ++ if (ptr == nullptr) + { + free(pass); + return PAM_AUTH_ERR; + } + ++ *resp = reinterpret_cast<pam_response*>(ptr); ++ + for (int i = 0; i < numMsg; ++i) + { + /* Ignore all PAM messages except prompting for hidden input */ +-- +2.7.4 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0041-Revamp-Redfish-Event-Log-Unique-ID-Generation.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0041-Revamp-Redfish-Event-Log-Unique-ID-Generation.patch new file mode 100644 index 000000000..8e61673e3 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0041-Revamp-Redfish-Event-Log-Unique-ID-Generation.patch @@ -0,0 +1,225 @@ +From 1c557e1d8bee8f66d97037b0dc8ae392c6ec45d3 Mon Sep 17 00:00:00 2001 +From: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com> +Date: Fri, 22 Jan 2021 17:00:21 +0530 +Subject: [PATCH] Revamp Redfish Event Log Unique ID Generation + +The unique ID for Redfish log events was generated using +the Timestamp of the log until seconds. This commit +allows the use of microseconds as well to create unique +Redfish Log ID, thereby improving the uniqueness of each +Log event ID + +Tested: +- GET of /redfish/v1/Systems/system/LogServices/EventLog/Entries + produces unique LogEvent Id's +- Verified Event ID's on Event listener. +- Redfish validator passed + +Change-Id: Ie2046a8ee7f9e7f6f14b05071b18a291c4313370 +Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com> +--- + .../include/event_service_manager.hpp | 40 +++++------- + redfish-core/lib/log_services.hpp | 63 ++++++------------- + 2 files changed, 35 insertions(+), 68 deletions(-) + +diff --git a/redfish-core/include/event_service_manager.hpp b/redfish-core/include/event_service_manager.hpp +index afbf799..470636f 100644 +--- a/redfish-core/include/event_service_manager.hpp ++++ b/redfish-core/include/event_service_manager.hpp +@@ -142,38 +142,32 @@ static const Message* formatMessage(const std::string_view& messageID) + + namespace event_log + { +-bool getUniqueEntryID(const std::string& logEntry, std::string& entryID, +- const bool firstEntry = true) ++bool getUniqueEntryID(const std::string& logEntry, std::string& entryID) + { +- static time_t prevTs = 0; +- static int index = 0; +- if (firstEntry) +- { +- prevTs = 0; +- } +- + // Get the entry timestamp +- std::time_t curTs = 0; + std::tm timeStruct = {}; + std::istringstream entryStream(logEntry); + if (entryStream >> std::get_time(&timeStruct, "%Y-%m-%dT%H:%M:%S")) + { +- curTs = std::mktime(&timeStruct); +- if (curTs == -1) ++ time_t seconds = std::mktime(&timeStruct); ++ if (seconds == -1) + { + return false; + } +- } +- // If the timestamp isn't unique, increment the index +- index = (curTs == prevTs) ? index + 1 : 0; +- +- // Save the timestamp +- prevTs = curTs; + +- entryID = std::to_string(curTs); +- if (index > 0) ++ size_t dot = logEntry.find_first_of("."); ++ if (dot == std::string::npos) ++ { ++ return false; ++ } ++ // 2015-10-24T06:54:38.383093 => 6 digits for microseconds ++ std::string microSec = logEntry.substr((dot + 1), 6); ++ entryID = std::to_string(seconds) + "_"; ++ entryID += microSec; ++ } ++ else + { +- entryID += "_" + std::to_string(index); ++ return false; + } + return true; + } +@@ -1131,7 +1125,6 @@ class EventServiceManager + std::vector<EventLogObjectsType> eventRecords; + + bool startLogCollection = false; +- bool firstEntry = true; + + std::string logEntry; + while (std::getline(logStream, logEntry)) +@@ -1146,11 +1139,10 @@ class EventServiceManager + } + + std::string idStr; +- if (!event_log::getUniqueEntryID(logEntry, idStr, firstEntry)) ++ if (!event_log::getUniqueEntryID(logEntry, idStr)) + { + continue; + } +- firstEntry = false; + + std::string timestamp; + std::string messageID; +diff --git a/redfish-core/lib/log_services.hpp b/redfish-core/lib/log_services.hpp +index e6a9022..ee064ce 100644 +--- a/redfish-core/lib/log_services.hpp ++++ b/redfish-core/lib/log_services.hpp +@@ -306,41 +306,32 @@ static bool getUniqueEntryID(sd_journal* journal, std::string& entryID, + return true; + } + +-static bool getUniqueEntryID(const std::string& logEntry, std::string& entryID, +- const bool firstEntry = true) ++static bool getUniqueEntryID(const std::string& logEntry, std::string& entryID) + { +- static time_t prevTs = 0; +- static int index = 0; +- if (firstEntry) +- { +- prevTs = 0; +- } +- + // Get the entry timestamp +- std::time_t curTs = 0; + std::tm timeStruct = {}; + std::istringstream entryStream(logEntry); + if (entryStream >> std::get_time(&timeStruct, "%Y-%m-%dT%H:%M:%S")) + { +- curTs = std::mktime(&timeStruct); +- } +- // If the timestamp isn't unique, increment the index +- if (curTs == prevTs) +- { +- index++; ++ time_t seconds = std::mktime(&timeStruct); ++ if (seconds == -1) ++ { ++ return false; ++ } ++ ++ size_t dot = logEntry.find_first_of("."); ++ if (dot == std::string::npos) ++ { ++ return false; ++ } ++ // 2015-10-24T06:54:38.383093 => 6 digits for microseconds ++ std::string microSec = logEntry.substr((dot + 1), 6); ++ entryID = std::to_string(seconds) + "_"; ++ entryID += microSec; + } + else + { +- // Otherwise, reset it +- index = 0; +- } +- // Save the timestamp +- prevTs = curTs; +- +- entryID = std::to_string(curTs); +- if (index > 0) +- { +- entryID += "_" + std::to_string(index); ++ return false; + } + return true; + } +@@ -1265,9 +1256,6 @@ class JournalEventLogEntryCollection : public Node + uint64_t entryCount = 0; + std::string logEntry; + +- // Reset the unique ID on the first entry +- bool firstEntry = true; +- + // Oldest logs are in the last file, so start there and loop backwards + for (auto it = redfishLogFiles.rbegin(); it < redfishLogFiles.rend(); + it++) +@@ -1289,16 +1277,11 @@ class JournalEventLogEntryCollection : public Node + } + + std::string idStr; +- if (!getUniqueEntryID(logEntry, idStr, firstEntry)) ++ if (!getUniqueEntryID(logEntry, idStr)) + { + continue; + } + +- if (firstEntry) +- { +- firstEntry = false; +- } +- + logEntryArray.push_back({}); + nlohmann::json& bmcLogEntry = logEntryArray.back(); + if (fillEventLogEntryJson(idStr, logEntry, bmcLogEntry) != 0) +@@ -1354,9 +1337,6 @@ class JournalEventLogEntry : public Node + getRedfishLogFiles(redfishLogFiles); + std::string logEntry; + +- // Reset the unique ID on the first entry +- bool firstEntry = true; +- + // Oldest logs are in the last file, so start there and loop backwards + for (auto it = redfishLogFiles.rbegin(); it < redfishLogFiles.rend(); + it++) +@@ -1370,16 +1350,11 @@ class JournalEventLogEntry : public Node + while (std::getline(logStream, logEntry)) + { + std::string idStr; +- if (!getUniqueEntryID(logEntry, idStr, firstEntry)) ++ if (!getUniqueEntryID(logEntry, idStr)) + { + continue; + } + +- if (firstEntry) +- { +- firstEntry = false; +- } +- + if (idStr == targetID) + { + if (fillEventLogEntryJson(idStr, logEntry, +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend index 279b8bec4..b409243a4 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend @@ -53,6 +53,9 @@ SRC_URI += "file://0001-Firmware-update-support-for-StandBySpare.patch \ file://0036-fix-bmcweb-crash-during-sol-communication.patch \ file://0037-Use-non-throw-version-of-remote_endpoint.patch \ file://0038-Change-Severity-for-ServiceFailure-redfish-event.patch \ + file://0039-Return-InternalError-on-DBus-error.patch \ + file://0040-Add-boundary-check-to-avoid-crash.patch \ + file://0041-Revamp-Redfish-Event-Log-Unique-ID-Generation.patch \ " # Temporary downstream mirror of upstream patches, see telemetry\README for details diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors/0001-Fix-for-intrusionsensor-service-crash.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors/0001-Fix-for-intrusionsensor-service-crash.patch new file mode 100644 index 000000000..43a249f56 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors/0001-Fix-for-intrusionsensor-service-crash.patch @@ -0,0 +1,41 @@ +From d2aa20ed1a6358ed7db04088256fb8e59cd39669 Mon Sep 17 00:00:00 2001 +From: Jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> +Date: Tue, 29 Dec 2020 12:05:08 +0000 +Subject: [PATCH] Fix for intrusionsensor service crash + +Issue: Due to issuing of continuous Lan command on 2 ethernet LAN cables +connected BMC, intrusionsensor service is getting crashed. + +Fix: Add configuration unit "StartLimitBurst" to restart +intrusionsensor service. + +Tested: +Verified by issuing LAN commands continuously, Successfully +intrusionsensor service restarted. +Commands: +ipmitool lan set 1 ipsrc static +ipmitool lan set 3 ipsrc static +ipmitool lan set 1 ipsrc dhcp +ipmitool lan set 3 ipsrc dhcp + +Signed-off-by: Jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> +--- + service_files/xyz.openbmc_project.intrusionsensor.service | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/service_files/xyz.openbmc_project.intrusionsensor.service b/service_files/xyz.openbmc_project.intrusionsensor.service +index 1730b07..bccb4a1 100644 +--- a/service_files/xyz.openbmc_project.intrusionsensor.service ++++ b/service_files/xyz.openbmc_project.intrusionsensor.service +@@ -7,6 +7,8 @@ After=xyz.openbmc_project.EntityManager.service + [Service] + Restart=always + RestartSec=5 ++StartLimitIntervalSec=5 ++StartLimitBurst=5 + ExecStart=/usr/bin/env intrusionsensor + SyslogIdentifier=intrusion-sensor + +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors_%.bbappend index ebb63ca19..5cdb6c525 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/sensors/dbus-sensors_%.bbappend @@ -6,6 +6,7 @@ SRCREV = "8aeffd91ff3434f7812e9fdb6b0b03c6119921dd" SRC_URI += "\ file://intrusionsensor-depend-on-networkd.conf \ + file://0001-Fix-for-intrusionsensor-service-crash.patch \ " DEPENDS_append = " libgpiod libmctp" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/users/phosphor-user-manager/0008-Remove-ldap-dependencies.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/users/phosphor-user-manager/0008-Remove-ldap-dependencies.patch new file mode 100644 index 000000000..f15659ba9 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/users/phosphor-user-manager/0008-Remove-ldap-dependencies.patch @@ -0,0 +1,29 @@ +From d6051890ba56327e1bc56cc7b02ad0ae5a44010c Mon Sep 17 00:00:00 2001 +From: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com> +Date: Fri, 8 Jan 2021 16:46:38 +0530 +Subject: [PATCH] Remove ldap dependencies + +The Makfile of phosphor-user-manager includes +phosphor-ldap-config and phosphor-ldap-mapper to be built. +Removing these Makefile path, as we do not use ldap. + +Change-Id: I649ece9b3105d28cf98d4e5bb1595b5cf6557f5d +Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com> +--- + Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile.am b/Makefile.am +index 58916b0..4a0ee31 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -23,5 +23,5 @@ phosphor_user_manager_CXXFLAGS = $(SYSTEMD_CFLAGS) \ + -DBOOST_SYSTEM_NO_DEPRECATED \ + -DBOOST_ERROR_CODE_HEADER_ONLY + +-SUBDIRS = . phosphor-ldap-mapper phosphor-ldap-config test ++SUBDIRS = . test + +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/users/phosphor-user-manager_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/users/phosphor-user-manager_%.bbappend index 8f6fbf760..415390149 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/users/phosphor-user-manager_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/users/phosphor-user-manager_%.bbappend @@ -8,4 +8,7 @@ SRC_URI += " \ file://0005-Added-suport-for-multiple-user-manager-services.patch \ file://0006-Use-groupmems-instead-of-getgrnam_r-due-to-overlay.patch \ file://0007-Treat-pwd-is-not-set-if-no-entry-in-shadow-for-usr.patch \ + file://0008-Remove-ldap-dependencies.patch \ " + +DEPENDS_remove = "nss-pam-ldapd" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/webui/phosphor-webui_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/webui/phosphor-webui_%.bbappend index 46f4a28a9..a0141f2b7 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/webui/phosphor-webui_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/webui/phosphor-webui_%.bbappend @@ -1,7 +1,7 @@ SRC_URI = "git://github.com/Intel-BMC/phosphor-webui;protocol=ssh;branch=intel2" FILESEXTRAPATHS_prepend_intel := "${THISDIR}/${PN}:" -SRCREV = "3b13f734a5f881b9b51346ba09fabea752b145f3" +SRCREV = "6313c9df615fd85a8617c46444f964b972abdebd" # Adding the code below as a workaround as # favicon gets corrupted during emit due to issue with html-webpack-plugin. diff --git a/meta-openbmc-mods/meta-common/recipes-support/curl/curl/0001-replace-krb5-config-with-pkg-config.patch b/meta-openbmc-mods/meta-common/recipes-support/curl/curl/0001-replace-krb5-config-with-pkg-config.patch new file mode 100644 index 000000000..a7db1b3c9 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-support/curl/curl/0001-replace-krb5-config-with-pkg-config.patch @@ -0,0 +1,44 @@ +From ed70f0623708b8a6c1f58a5d243d87c5ff45b24d Mon Sep 17 00:00:00 2001 +From: Roy Li <rongqing.li@windriver.com> +Date: Tue, 26 Apr 2016 13:13:01 +0800 +Subject: [PATCH] replace krb5-config with pkg-config + +Upstream-Status: Pending + +Signed-off-by: Roy Li <rongqing.li@windriver.com> + +--- + configure.ac | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 5569a26..56b0380 100755 +--- a/configure.ac ++++ b/configure.ac +@@ -1290,7 +1290,7 @@ AC_ARG_WITH(gssapi, + fi + ]) + +-: ${KRB5CONFIG:="$GSSAPI_ROOT/bin/krb5-config"} ++KRB5CONFIG=`which pkg-config` + + save_CPPFLAGS="$CPPFLAGS" + AC_MSG_CHECKING([if GSS-API support is requested]) +@@ -1301,7 +1301,7 @@ if test x"$want_gss" = xyes; then + if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then + GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi` + elif test -f "$KRB5CONFIG"; then +- GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi` ++ GSSAPI_INCS=`$KRB5CONFIG --cflags mit-krb5-gssapi` + elif test "$GSSAPI_ROOT" != "yes"; then + GSSAPI_INCS="-I$GSSAPI_ROOT/include" + fi +@@ -1394,7 +1394,7 @@ if test x"$want_gss" = xyes; then + elif test -f "$KRB5CONFIG"; then + dnl krb5-config doesn't have --libs-only-L or similar, put everything + dnl into LIBS +- gss_libs=`$KRB5CONFIG --libs gssapi` ++ gss_libs=`$KRB5CONFIG --libs mit-krb5-gssapi` + LIBS="$gss_libs $LIBS" + else + case $host in diff --git a/meta-openbmc-mods/meta-common/recipes-support/curl/curl_7.74.0.bb b/meta-openbmc-mods/meta-common/recipes-support/curl/curl_7.74.0.bb new file mode 100644 index 000000000..73dbd853c --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-support/curl/curl_7.74.0.bb @@ -0,0 +1,81 @@ +SUMMARY = "Command line tool and library for client-side URL transfers" +HOMEPAGE = "http://curl.haxx.se/" +BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker" +SECTION = "console/network" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://COPYING;md5=2e9fb35867314fe31c6a4977ef7dd531" + +SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ + file://0001-replace-krb5-config-with-pkg-config.patch \ +" + +SRC_URI[md5sum] = "646c71c7c9fdb71308032790d885ea00" +SRC_URI[sha256sum] = "0f4d63e6681636539dc88fa8e929f934cd3a840c46e0bf28c73be11e521b77a5" + +CVE_PRODUCT = "curl libcurl" +inherit autotools pkgconfig binconfig multilib_header + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib" +PACKAGECONFIG_class-native = "ipv6 proxy ssl threaded-resolver verbose zlib" +PACKAGECONFIG_class-nativesdk = "ipv6 proxy ssl threaded-resolver verbose zlib" + +# 'ares' and 'threaded-resolver' are mutually exclusive +PACKAGECONFIG[ares] = "--enable-ares,--disable-ares,c-ares,,,threaded-resolver" +PACKAGECONFIG[brotli] = "--with-brotli,--without-brotli,brotli" +PACKAGECONFIG[builtinmanual] = "--enable-manual,--disable-manual" +PACKAGECONFIG[dict] = "--enable-dict,--disable-dict," +PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls" +PACKAGECONFIG[gopher] = "--enable-gopher,--disable-gopher," +PACKAGECONFIG[imap] = "--enable-imap,--disable-imap," +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," +PACKAGECONFIG[krb5] = "--with-gssapi,--without-gssapi,krb5" +PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap," +PACKAGECONFIG[ldaps] = "--enable-ldaps,--disable-ldaps," +PACKAGECONFIG[libidn] = "--with-libidn2,--without-libidn2,libidn2" +PACKAGECONFIG[libssh2] = "--with-libssh2,--without-libssh2,libssh2" +PACKAGECONFIG[mbedtls] = "--with-mbedtls=${STAGING_DIR_TARGET},--without-mbedtls,mbedtls" +PACKAGECONFIG[mqtt] = "--enable-mqtt,--disable-mqtt," +PACKAGECONFIG[nghttp2] = "--with-nghttp2,--without-nghttp2,nghttp2" +PACKAGECONFIG[pop3] = "--enable-pop3,--disable-pop3," +PACKAGECONFIG[proxy] = "--enable-proxy,--disable-proxy," +PACKAGECONFIG[rtmpdump] = "--with-librtmp,--without-librtmp,rtmpdump" +PACKAGECONFIG[rtsp] = "--enable-rtsp,--disable-rtsp," +PACKAGECONFIG[smb] = "--enable-smb,--disable-smb," +PACKAGECONFIG[smtp] = "--enable-smtp,--disable-smtp," +PACKAGECONFIG[ssl] = "--with-ssl --with-random=/dev/urandom,--without-ssl,openssl" +PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss" +PACKAGECONFIG[telnet] = "--enable-telnet,--disable-telnet," +PACKAGECONFIG[tftp] = "--enable-tftp,--disable-tftp," +PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threaded-resolver,,,,ares" +PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose" +PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib" + +EXTRA_OECONF = " \ + --disable-libcurl-option \ + --disable-ntlm-wb \ + --enable-crypto-auth \ + --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt \ + --without-libmetalink \ + --without-libpsl \ +" + +do_install_append_class-target() { + # cleanup buildpaths from curl-config + sed -i \ + -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ + -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \ + -e 's|${DEBUG_PREFIX_MAP}||g' \ + ${D}${bindir}/curl-config +} + +PACKAGES =+ "lib${BPN}" + +FILES_lib${BPN} = "${libdir}/lib*.so.*" +RRECOMMENDS_lib${BPN} += "ca-certificates" + +FILES_${PN} += "${datadir}/zsh" + +inherit multilib_script +MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/curl-config" + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openbmc-mods/meta-common/recipes-x86/chassis/x86-power-control/0002-save-current-power-state-in-tmp-file.patch b/meta-openbmc-mods/meta-common/recipes-x86/chassis/x86-power-control/0002-save-current-power-state-in-tmp-file.patch new file mode 100644 index 000000000..a01a90c26 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-x86/chassis/x86-power-control/0002-save-current-power-state-in-tmp-file.patch @@ -0,0 +1,86 @@ +From ee182e17b21b99dae7e1a57759558530f9081d78 Mon Sep 17 00:00:00 2001 +From: Zhikui Ren <zhikui.ren@intel.com> +Date: Wed, 10 Feb 2021 13:26:57 -0800 +Subject: [PATCH] save current power state in tmp file + +host power state is captured in dbus object properties. +But dbus latency can be many seconds or longer at times. +which is not meeting the realtime requirement for some +application like sensors. + +Capture current power state in a temp file as a way to share +the power state in realtime with other applications. + +Tested: +1. ipmitool power on + cat /tmp/host-state + xyz.openbmc_project.State.Host.HostState.Running + +2. ipmitool power off + cat /tmp/host-state + xyz.openbmc_project.State.Host.HostState.Off + +3. AC cycle with DC on and DC off + tmp file created correctly + +4. Reset BMC with DC on and DC off + tmp file created correctly + +5. After FW update and BMC restart + tmp file created correctly + +Signed-off-by: Zhikui Ren <zhikui.ren@intel.com> +--- + power-control-x86/src/power_control.cpp | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/power-control-x86/src/power_control.cpp b/power-control-x86/src/power_control.cpp +index bddb16e..9dc08ba 100644 +--- a/power-control-x86/src/power_control.cpp ++++ b/power-control-x86/src/power_control.cpp +@@ -62,6 +62,8 @@ const static constexpr int powerOffSaveTimeMs = 7000; + + const static std::filesystem::path powerControlDir = "/var/lib/power-control"; + const static constexpr std::string_view powerStateFile = "power-state"; ++const static std::filesystem::path tmpHostStateFileDir = "/tmp"; ++const static constexpr std::string_view hostStateFile = "host-state"; + + static bool nmiEnabled = true; + static constexpr const char* nmiOutName = "NMI_OUT"; +@@ -453,6 +455,11 @@ static void setPowerState(const PowerState state) + std::string(getChassisState(powerState))); + chassisIface->set_property("LastStateChangeTime", getCurrentTimeMs()); + ++ // dbus latency can be unpredictable sometime ++ // tmp file is used to share current power state ++ std::ofstream tmpHostStateStream(tmpHostStateFileDir / hostStateFile); ++ tmpHostStateStream << getHostState(state); ++ + // Save the power state for the restore policy + savePowerState(state); + } +@@ -628,6 +635,13 @@ static void nmiDiagIntLog() + + static int initializePowerStateStorage() + { ++ // Create tmp power state file if it doesn't exist ++ if (!std::filesystem::exists(tmpHostStateFileDir / hostStateFile)) ++ { ++ std::ofstream tmpHostStateStream(tmpHostStateFileDir / hostStateFile); ++ tmpHostStateStream << getHostState(powerState); ++ } ++ + // create the power control directory if it doesn't exist + std::error_code ec; + if (!(std::filesystem::create_directories(powerControlDir, ec))) +@@ -639,6 +653,7 @@ static int initializePowerStateStorage() + return -1; + } + } ++ + // Create the power state file if it doesn't exist + if (!std::filesystem::exists(powerControlDir / powerStateFile)) + { +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-x86/chassis/x86-power-control_%.bbappend b/meta-openbmc-mods/meta-common/recipes-x86/chassis/x86-power-control_%.bbappend index d2d918404..ea6a65bb2 100755 --- a/meta-openbmc-mods/meta-common/recipes-x86/chassis/x86-power-control_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-x86/chassis/x86-power-control_%.bbappend @@ -6,4 +6,5 @@ FILESEXTRAPATHS_append := "${THISDIR}/${PN}:" SRC_URI += " \ file://0001-Extend-VR-Watchdog-timeout.patch \ + file://0002-save-current-power-state-in-tmp-file.patch \ " |