Age | Commit message (Collapse) | Author | Files | Lines |
|
Reset the following subtrees on thud HEAD:
poky: 87e3a9739d
meta-openembedded: 6094ae18c8
meta-security: 31dc4e7532
meta-raspberrypi: a48743dc36
meta-xilinx: c42016e2e6
Also re-apply backports that didn't make it into thud:
poky:
17726d0 systemd-systemctl-native: handle Install wildcards
meta-openembedded:
4321a5d libtinyxml2: update to 7.0.1
042f0a3 libcereal: Add native and nativesdk classes
e23284f libcereal: Allow empty package
030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG
179a1b9 gtest: update to 1.8.1
Squashed OpenBMC subtree compatibility updates:
meta-aspeed:
Brad Bishop (1):
aspeed: add yocto 2.6 compatibility
meta-ibm:
Brad Bishop (1):
ibm: prepare for yocto 2.6
meta-ingrasys:
Brad Bishop (1):
ingrasys: set layer compatibility to yocto 2.6
meta-openpower:
Brad Bishop (1):
openpower: set layer compatibility to yocto 2.6
meta-phosphor:
Brad Bishop (3):
phosphor: set layer compatibility to thud
phosphor: libgpg-error: drop patches
phosphor: react to fitimage artifact rename
Ed Tanous (4):
Dropbear: upgrade options for latest upgrade
yocto2.6: update openssl options
busybox: remove upstream watchdog patch
systemd: Rebase CONFIG_CGROUP_BPF patch
Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
Prevent building unbootable firmware images.
Resolves: openbmc/openbmc#3314
Tested: I checked builds for `palmetto` and `romulus`.
To reproduce the problem I appended a big file to initramfs by modify
`meta-phosphor/common/recipes-phosphor/initfs/obmc-phosphor-initfs.bb`.
The building process failed with message about too large initramfs image.
Change-Id: I0176e9c47a9cb26ce8ba588794e681b6426d567d
Signed-off-by: Alexander Filippov <a.filippov@yadro.com>
|
|
There are duplicated code about generating signatures.
Combine the duplicated code into a bash function so the code is cleaner
and easier to read.
Tested: Generated tarball contains the expected files.
Change-Id: I4144633f36291329dfc4008bb73482fb5a0d43c1
Signed-off-by: Lei YU <mine260309@gmail.com>
|
|
In generated fixed flash layout tarball, add manifest and signature
which can be used for code update by phosphor-software-manager.
Tested: Verify the generated static tar contains image(s), manifest,
public key and their signatures.
Verify that all.tar can be used to do code update by both
legacy method (org.openbmc.control.BmcFlash.service) and
phosphor-software-manager.
Change-Id: Ib6880c8a6d456cce6b0fd47116960d1d448d5d50
Signed-off-by: Lei YU <mine260309@gmail.com>
|
|
Do not rely on the base configuration to set this.
Change-Id: I537f08a1834fb2d2a5fd2f73ca73cfc0566464cb
Tested: Built a witherspoon image
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
In order to secure the BMC, we need to sign all the images and include a
public key in the package with which to verify future update images.
This commit adds a framework to sign the image files with an open
private key and generates a corresponding public key added to the image.
This isn't secure by itself (since the private key is available), but
additional changes can easily provide their own private key, creating a
secure BMC.
To use a secure private key:
export BB_ENV_EXTRAWHITE="$BB_ENV_EXTRAWHITE SIGNING_KEY"
SIGNING_KEY=/path/to/secure/key bitbake obmc-phosphor-image
Resolves openbmc/openbmc#2835
Resolves openbmc/openbmc#2836
Resolves openbmc/openbmc#2837
Change-Id: I28919b7de54e3a32e5efcbb4522fb39731e68384
Signed-off-by: Eddie James <eajames@us.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
The overlay image type doesn't have any code behind it and thus
selecting it in IMAGE_FSTYPES would result in unexpected behavior.
An overlay image type still exists but it was renamed to mtd-static
in an earlier refactor, and this cleanup was omitted.
Tested: Built witherspoon and palmetto images
Change-Id: I7eb41afcf25ae2d251bf671dd0e5a18e1064f7c4
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
Move image symlink creation for phosphor-bmc-code-mgmt out
of make_tar_of_images into its own function, so we can run
additional code in between symlink creation and tar file
creation.
Tested: Built witherspoon and palmetto images
Change-Id: I3025db6bb788d7c2bcf5c2a400af647c7c957164
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
Move OpenBMC to Yocto 2.3(pyro).
Tested: Built and verified Witherspoon and Palmetto images
Change-Id: I50744030e771f4850afc2a93a10d3507e76d36bc
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Resolves: openbmc/openbmc#2461
|
|
As with MRW the use of the UBI image scheme is distro policy.
Convert the existing machine feature to a distro feature.
Enable the new distro feature on the systems that use
it(Witherspoon).
Add a distro override and fix-up MF checks to use this override
instead for improved readability.
Tested: Built a Witherspoon image and validated image
Change-Id: I8ab03115bbfc2ecc77cff5c9eb8628903ae88051
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
The default size of the UBI read-write volume is currently set to 4MB.
There are no plans to store more than one BMC rootfs image on the chip
so in a 32MB flash chip, accounting for the current rootfs image size
of ~15MB with plans to grow to ~20MB with the addition of redfish and
other packages, it is safe to increase the read-write volume size to
6MB since the current size is already almost completely taken up if
there are multiple error logs / dumps on the system.
In addition, make the size configurable from a recipe so that the
size can be changed in a per-system basis. And during code update,
check the current size and update it if it's different, this allows
systems to be able to be resized to a new size by performing factory
reset after a code update that sets the new size.
Tested:
- Booted on QEMU and verified non-ubi system (romulus) retains the
current 4MB read-write volume, and ubi system (witherspoon) has a
6MB volume.
- Code updated to an image that has these changes and verified the
rwfs_size env variable changes to 6MB, and that a subsequent factory
reset rebuilds the volume with size 6MB.
Change-Id: I995eb560c1bd87ee95712c731e3d6e55bc0b2735
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
|
|
- When the new ubi layout is flashed onto the BMC, the volumes
were named kernel-0 and rofs-0 by default. This tends to be
misleading as we can't differentiate between two different BMC
versions.
- Now the ubi volumes will be named kernel-<versionID> and
rofs-<versionID> calculated by getting the hash(SHA-512) of
the version and taking the first 8 characters.
- The Uboot env needs to be updated to point to the correct
kernelname which has now changed from kernel-0 to
kernel-<versionID> calculated by getting the HASH(SHA-512)
of the version and taking the first 8 characters.
Resolves openbmc/openbmc#2323
Change-Id: I258d165b399d1ff59ea86f410006f6d03fe13a2e
Signed-off-by: Saqib Khan <khansa@us.ibm.com>
|
|
Name the BMC volume names consistently in the build process and
applications to be <name>-<id> for readability. For names, use
rofs and rwfs instead of ro and rw.
Change-Id: I860f740fb7d0292e4ee09493730db1d1f67c2ae5
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
|
|
When the obmc-ubi-fs feature is enabled we should use the raw Linux
kernel fitImage rather than the kernel+initramfs. Update
image-overlay to select based on the MACHINE_FEATURE.
Change-Id: I099e37c7f82218a2a7173de93724301b9a499bd3
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
|
|
Add new image types to enable selection of a two partition mtd
image: u-boot, and remaining components in a ubi image.
UBI enables advanced volume management for flash devices.
Resolves: openbmc/openbmc#1941
Change-Id: Ia6ffa96877943c73c14aba76f8fe9533d22b3aa5
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
More refactoring in preparation for ubi based mtd images.
Promote tar file generation to a real image_fstype. This allows tar
generation to be turned on or off as needed.
Move image-overlay function to image_types_phosphor. Perhaps phosphor
is not the best name but for now we only have a handful of image types and
the generation logic is to interdependant to warrant seperate classes
for each.
Attempt to improve readability throughout.
Drop ext4 override to discourage mtd block emulation.
Change-Id: Idbdc03444549b955ef2180622d133904cb191b28
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
Solve the problem resulting in the addition of this variable
differently, such that it can be removed and image type
selection can be selected in the standard way using IMAGE_FSTYPES.
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Change-Id: Ice94e8f278f00b8b4d344244bfb87dddeb173a23
|