Age | Commit message (Collapse) | Author | Files | Lines |
|
Add systemd.conf options for watchdog to replace watchdog-conf
```
// interval is 60s by default
interval = 10
watchdog-device = /dev/watchdog
// The value is in pages. They are presently 4KiB each.
// Reset the BMC if it goes below 3MiB
min-memory = 768
```
Tested:
```
$ cat /lib/systemd/system.conf.d/40-system.conf
[Manager]
DefaultMemoryAccounting=yes
RuntimeWatchdogSec=10s
WatchdogDevice=/dev/watchdog
```
Change-Id: I51171746669dfeb1efe6c09952efa3457e33c86b
Signed-off-by: Willy Tu <wltu@google.com>
|
|
This ensures that all of the rules are processed and unexpected packets
are not allowed or blocked by the kernel at any time.
Change-Id: Ia7bb1d7f604f8ed1bd9759a23e370d20cb0c690d
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Change-Id: I5fc6db2510b9c27d8d2ce27304e0a5e821015fb3
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Patrick Williams (3):
nemora-postd: fix compile fail
sdbusplus: remove usage of deprecated alias
MAINTAINERS: fix syntax
William A. Kennington III (2):
ncsid: Only log errors a single time
ncsid: update_ra_gw: Fix SIGTERM handling
Change-Id: I6af4e21f61b4e126979cac3042bfac72516f62e3
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
The receipt of the RA is indicative of a non-NCSI configuration so we
can shut down the daemon in this instance.
Change-Id: Iff958be408cff853973bd335f2459cd3d9bca0e0
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Change-Id: If3dacbfde966de337702b44b9b06b3eb21755546
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
The nft rules were not deleted in cases where the public addresses are
removed from the gbmc-br interface. This would create broken rules.
Change-Id: I22a88f1fb15ccbea49e586061ea8e93bbbfb1bc1
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
We were missing this address but we want neighbor discovery from outside
the BMC to work against this range.
Change-Id: I6ef139486f382df21596c460626bfe2f692c7236
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
We use functions from the network-sh library and need to include it.
Change-Id: I7f78b7dd37c4e5d38342c4625c26c4b583133bf5
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
This ensures they are run prior to running other DHCP configuration
logic.
Change-Id: I0180414bbc291ea49e548a312cd2b713344613e1
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
This makes it possible for a BMC to acquire a public address via DHCP
provisioning.
None of the update processes are included yet.
Change-Id: I51ca2aa4859bcd2b9e909dd5a0d9e66cfbd648af
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
This scans the gbmcbr interface for public addresses, and adds the
relevant addresses to the NCSI interface of the BMC. This is required
for neighbor discovery to work from prod over the NCSI link, when the
addresses do not already exist (BMC DHCP will not have them).
Change-Id: I27ff0cd3c4750b752b35399b8a0288db5ac9fe28
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
The gbmc-ncsi-ip-from-ra script was missing these.
Change-Id: Id379632a814519d6623588905273b3e8e3b70528
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Willy Tu (1):
copyright: Add Google Copyright to test helper.cpp
Change-Id: I9465595985668960370f746830a21e3fef246ac8
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
William A. Kennington III (1):
ncsid: Add service for discovering routers
Change-Id: I6691e682cff2785f7ac7a7be89abb234375c167f
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
William A. Kennington III (1):
ncsid: Ignore delete failures
Change-Id: Iace51a7c54bbe316e17fc13dba0757d2d09090c2
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
Reconfiguring network interfaces immediately after detecting changes may
not allow them enough time to settle. Without waiting, we might
pre-emptively assume the configuration is changing even though networkd
is just flushing and resetting the interface with the same config.
Change-Id: I6a6858578d0499305fe2a3d3592dc73533bb02f1
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
This makes it possible to defer actions for a future time in order to
let networking events settle out before triggering a reconfiguration.
Change-Id: I0b2372ba6b114a6b6548ccac3944af912482d68a
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
We plan to use deprecated addresses to allow for neighbor discovery, but
they will be ignored by networkd and this script as to prevent
misconfiguration.
Change-Id: Ibc0bee71c19add79f05b5ce58b34d3175e2f6fbd
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Currently this will make no difference in configuration, but it will be
useful once we implement our DHCP process and need to contend with
multiple configurations.
Change-Id: Ia93530e67cdb88fcbe90ef2b6dfbd5a239469ff7
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
We can have multiple gBMC networks within one "machine". This allows us
to have multiple address sets.
Change-Id: I5b18b7822f50bb0570e1aa5a70ac47036694d922
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
William A. Kennington III (5):
libcr51sign: build: Refactor for subproject use
libcr51sign: Fixes for compiler warnings
build: Make it possible to use as a subproject
libcr51sign: Fix struct size warning
libcr51sign: Ensure OMIT_VARIABLE_ARRAYS passed to pkgconfig
Willy Tu (1):
Fixed prod_to_dev_downgrade_allowed logic in validate_transition
Change-Id: I5d2dc218310600b2bcc50541857516f1f4801428
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
Just turning DHCP off via the DHCP= option is not enough. If you use
IPv6AcceptRA=true you need to also disable the DHCPv6Client= in the
IPv6AcceptRA section.
Change-Id: I6e2e6e3f9b9395bd690f3d1a8915fac5061a0b25
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Manojkiran Eda (1):
Add OWNERS file
Change-Id: I3c5adab1a8a560e174a2823a37d907f92a90df73
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
Manojkiran Eda (1):
Add OWNERS file
Change-Id: I6229b878254f752a54faf2054cd27ee362799e3c
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
William A. Kennington III (1):
Temporarily ignore eslint validation
Willy Tu (1):
build: Update to c++20, c18, and meson >= 0.57.0
Change-Id: I8fa3f7206951f9b73834e9d6488d1de26b8957c1
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
This make it possible for the hostname or IP information to change
independently, in case a mistake is made in a development environment
and just the hostname or just the prefix need to be updated.
Change-Id: I66169dc6cdee681f77bad4b8638dc6a2c72fca5f
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
We can't dynamically bind to the at24 driver if the eeprom is not in
the kernel's device tree. Since this support was intended to be used
for dynamic FRUs, it is broken when the kernel has the entries removed.
Change-Id: I99c774191c22d67e518fe9435b1446b80efb5600
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
William A. Kennington III (1):
ncsid: Fix update_ra_neighbor.sh license
Change-Id: I337b95f18b2cbea64d4512ab15122fe0b694ac5a
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
Willy Tu (5):
build: Update to c++20 and meson >= 0.57.0
Add Google Copyright 2021
test: Replace the C++ MOCK_METHOD<n> macros with the new MOCK_METHOD
google-ipmi-sys: Refactor to use new version of OEM IPMI Handler
google-ipmi-sys: Convert input to use std::span<const uint8_t>
Change-Id: I4a4d3416bcc48ca1e4c902969d669a1a4aca6d2f
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
This makes it possible to specify a FRU lookup by a dynamically
discovered FRUs from entity manager.
Change-Id: Icf83aa3eff1cbc08a8fa3f99754e5c10e3e583fc
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
This will allow us to implement other types of FRU path lookup
mechanisms beyond the OF name one that is currently in use. This change
is fully backward compatible.
Change-Id: Icedecedc9fcaad75fa32c23142a0fd3dfa7f6c0d
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
This makes it possible to create new specifications besides the default
mapping of OF name to eeprom path. Right now this provides backward
compatability with anything that uses of_name_to_eeprom and only
provides a new explicit specifier for that specification.
Change-Id: If02d9cb392a48e0698b10644d7ade3220bde3eb5
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Change-Id: Ieaa81c38a107ea17f6901dded3583f93f48a4e98
Signed-off-by: Willy Tu <wltu@google.com>
|
|
Tested:
```
$ find -name platforms_secure.pem
./tmp/sysroots-components/armv7a/google-bios-key/usr/share/google-bios-key/platforms_secure.pem
./tmp/sysroots-components/armv7a/google-bios-key/usr/share/platforms_secure.pem
$ ls -l ./tmp/sysroots-components/armv7a/google-bios-key/usr/share/platforms_secure.pem
lrwxrwxrwx 2 build build 36 Oct 13 08:09
./tmp/sysroots-components/armv7a/google-bios-key/usr/share/platforms_secure.pem
-> google-bios-key/platforms_secure.pem
$ find -name platforms_bringup.pem
./tmp/sysroots-components/armv7a/google-bios-key/usr/share/platforms_bringup.pem
./tmp/sysroots-components/armv7a/google-bios-key/usr/share/google-bios-key/platforms_bringup.pem
$ ls -l ./tmp/sysroots-components/armv7a/google-bios-key/usr/share/platforms_bringup.pem
lrwxrwxrwx 2 build build 37 Oct 13 08:09
./tmp/sysroots-components/armv7a/google-bios-key/usr/share/platforms_bringup.pem
-> google-bios-key/platforms_bringup.pem
```
Change-Id: I38a4dcb5daa77bc2acf28ac19cdde07f22d8ba44
Signed-off-by: Willy Tu <wltu@google.com>
|
|
The scripts distributed with this recipe depend on bash at runtime,
causing sanity check failures without proper specification.
Change-Id: I32e4ad135ca94c3f0f707ca7d48f5c3fa29d2441
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Willy Tu (1):
Revert "bios-key: import from gBMC"
Change-Id: Ie654c5507bd94633f65fe9f1a3ecac4a1e465d00
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
Add the public Google BIOS keys for gBMC
Change-Id: Id60b5f2d5bf9f6b7491959ad17c79698ade570ad
Signed-off-by: Willy Tu <wltu@google.com>
|
|
This reverts commit f10df3ffeb8d695167c95530ab2c1022e3d02103.
https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/47253 is
submitted and libcr51sign is ready for use.
Change-Id: I646dcf872d495d4baf18b9c4dc6149f576e6761d
Signed-off-by: Willy Tu <wltu@google.com>
|
|
Copybara-Service (1):
Merge pull request #96 from l9i:go-presubmit
Piotr Lewandowski (3):
Print the ouptut of `gofmt -d` (if any)
Print the output of `gofmt -d` (if any)
Merge branch 'go-presubmit' of github.com:l9i/glome into go-presubmit
William A. Kennington III (1):
login/login: Remove glib url escap
Change-Id: Ief099a8ebec5d78ce256e32dacb5cf90173bcfc9
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
We need the hostname to be properly configured in order to login with
GLOME. This derives the hostname from the FQDN that is passed via the
DNS list in the RA messages from the smart NIC.
Change-Id: I4e7a414b6b75bfb227df5763917e9e5d09579d7d
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Our end2end DHCP solution is not yet working, but we need a way to
derive addresses for a BMC from the smart NIC in front of it. This
provides a mechanism for detecting the address from RA beacons the NIC
is sending.
Change-Id: I0cdc8c192974c0b00257ebe58e911e62636e4c81
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
We may have multiple BMCs running on the internal gbmcbr network via USB
links to attached trays. These BMCs do not have a direct connection to
the network, and require the NCSI BMC to relay all of their traffic
(including DHCP) out opf the machine. This patch enables dhcrelay to run
on the NCSI interface and proxy all DHCP traffic from the bridge out of
the machine.
Change-Id: I60f97ae2d64289c7b706b3d0a6c8fb79a931e485
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Nan Zhou (1):
libcr51sign: import from gBMC
William A. Kennington III (2):
ncsid: Stop targets when daemon stops
ncsid: Support parsing unsolicited RA announcements
Willy Tu (2):
google-misc: libcr51sign: add feature to fetch image regions
bios-key: import from gBMC
Change-Id: I47cd3bd37ca6eeb647f61fab66994a4e224f982a
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
|
|
This reverts commit 9568db489935842fc31854a649efb7bf681d5650.
We will fix libcr51sign and tools that use it first.
Change-Id: I97190c0b85bdc040ccce5d9c5f18aca35e6c2be7
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
|
|
The `pfx` variable was not correctly being initialized
Change-Id: Iafc0a2ca8dbfe943a9bc8c1649ae68fb00d267a1
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
The return statements should have been exits.
Change-Id: I39a190250656ba676ea2ccbe570b88e3f18e5121
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Change-Id: Id980b8175dc5621f394771941de065689239fe3f
Signed-off-by: Willy Tu <wltu@google.com>
|
|
We want to use sets instead of separate rules for each address. This
also ensures that packets coming from internal sources are matched as
internal packets.
Change-Id: Iff87b81c48c7491a74af1a2cead4cabcb56d81a0
Signed-off-by: William A. Kennington III <wak@google.com>
|
|
Signed-off-by: Michael Shen <gpgpgp@google.com>
Change-Id: I716b873ad2a3a7cc4437f90638081bba12bb280c
|