diff options
Diffstat (limited to 'meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update')
4 files changed, 86 insertions, 0 deletions
diff --git a/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/bmc-verify.sh b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/bmc-verify.sh new file mode 100644 index 000000000..bbaf15d7d --- /dev/null +++ b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/bmc-verify.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +sigfile="/tmp/bmc.sig" +imagebmc="/run/initramfs/image-bmc" +bmcimage="/run/initramfs/bmc-image" +publickey="/etc/activationdata/OpenBMC/publickey" +bmclog="/tmp/update-bmc.log" + +if [ -f $publickey ];then + r="$(openssl dgst -verify $publickey -sha256 -signature $sigfile $bmcimage)" + echo "$r" > $bmclog + if [[ "Verified OK" == "$r" ]]; then + mv $bmcimage $imagebmc + rm -f $sigfile + exit 0 + else + exit 1 + fi +else + echo "No $publickey file" > $bmclog + exit 1 +fi diff --git a/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/config-bmc.json b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/config-bmc.json new file mode 100644 index 000000000..16c7151ed --- /dev/null +++ b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/config-bmc.json @@ -0,0 +1,21 @@ +[{ + "blob": "/flash/image", + "handler": { + "type": "file", + "path": "/run/initramfs/bmc-image" + }, + "actions": { + "preparation": { + "type": "skip" + }, + "verification": { + "type": "systemd", + "unit": "phosphor-ipmi-flash-bmc-verify.service" + }, + "update": { + "type": "systemd", + "unit": "reboot.target", + "mode": "replace-irreversibly" + } + } +}] diff --git a/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/phosphor-ipmi-flash-bmc-verify.service b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/phosphor-ipmi-flash-bmc-verify.service new file mode 100644 index 000000000..574b318ef --- /dev/null +++ b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/phosphor-ipmi-flash-bmc-verify.service @@ -0,0 +1,9 @@ +[Unit] +Description=Phosphor-ipmi-flash bmc verify service + +[Service] +ExecStart=/usr/bin/bmc-verify.sh +Type=oneshot + +[Install] +WantedBy=phosphor-ipmi-flash-bmc-verify.target diff --git a/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/gbs-bmc-update.bb b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/gbs-bmc-update.bb new file mode 100644 index 000000000..a177586ca --- /dev/null +++ b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/gbs-bmc-update.bb @@ -0,0 +1,34 @@ +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + + +inherit systemd +inherit obmc-phosphor-systemd + + +SRC_URI = " file://phosphor-ipmi-flash-bmc-verify.service \ + file://bmc-verify.sh \ + file://config-bmc.json \ + " + +FILES_${PN} += "${datadir}/phosphor-ipmi-flash/config-bmc.json" + +DEPENDS += "systemd" +DEPENDS += "phosphor-ipmi-flash" +RDEPENDS_${PN} = "bash" + +do_install() { + install -d ${D}${bindir} + install -m 0755 ${WORKDIR}/bmc-verify.sh ${D}${bindir}/ + + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/phosphor-ipmi-flash-bmc-verify.service ${D}${systemd_system_unitdir} + + install -d ${D}${datadir}/phosphor-ipmi-flash + install -m 0644 ${WORKDIR}/config-bmc.json ${D}${datadir}/phosphor-ipmi-flash +} + + +SYSTEMD_PACKAGES = "${PN}" +SYSTEMD_SERVICE_${PN} = "phosphor-ipmi-flash-bmc-verify.service" |