From bc63f797465f381054fce0fc00dd788a55f71bc9 Mon Sep 17 00:00:00 2001 From: Sui Chen Date: Wed, 17 Mar 2021 17:10:55 -0700 Subject: recipes-google: Add metrics-ipmi-blobs metrics-ipmi-blobs provides a set of BMC health info through an IPMI blob. Tested: After adding the meta-google layer, the recipe "metrics-ipmi-blobs" shows up in `bitbake-layers show-recipes`. Change-Id: I0239644c16cecdf9a959b646bbab570737d4ee15 Signed-off-by: Sui Chen --- .../recipes-google/ipmi/metrics-ipmi-blobs_git.bb | 28 ++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb b/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb new file mode 100644 index 000000000..86ab7cc73 --- /dev/null +++ b/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb @@ -0,0 +1,28 @@ +HOMEPAGE = "http://github.com/openbmc/google-misc" +SUMMARY = "gBMC Health Metrics Blob" +DESCRIPTION = "BMC health metrics IPMI blob handler." +PR = "r1" +PV = "0.1+git${SRCPV}" +LICENSE = "Apache-2.0" + +inherit meson pkgconfig + +DEPENDS += "phosphor-ipmi-blobs" +DEPENDS += "phosphor-logging" +DEPENDS += "protobuf-native" +DEPENDS += "protobuf" + +SRC_URI = "git://github.com/openbmc/google-misc" +SRCREV = "3f43b7eebe17c96c13643018c927f38c0a071868" +S = "${WORKDIR}/git/metrics-ipmi-blobs" + +FILES_${PN} += "${libdir}/ipmid-providers/libmetricsblob.so*" +FILES_${PN} += "${libdir}/blob-ipmid/libmetricsblob.so*" +INSANE_SKIP_${PN} += "dev-so" + +BLOBIPMI_PROVIDER_LIBRARY += "libmetricsblob.so" + +do_install_append() { + install -d ${D}/${libdir}/blob-ipmid + ln -s ../ipmid-providers/libmetricsblob.so ${D}/${libdir}/blob-ipmid/libmetricsblob.so.0 +} -- cgit v1.2.3 From a299b63a67b89251591878697deabfce31cd6a91 Mon Sep 17 00:00:00 2001 From: Andrew Geissler Date: Thu, 18 Mar 2021 08:40:28 +0000 Subject: google-misc: srcrev bump 15fe169d1f..1285115c16 William A. Kennington III (1): meson: Fix build with 0.57.1 Change-Id: Ie3cdfdbc7a2e83bed6ab8063de2b12b05327c256 Signed-off-by: Andrew Geissler --- .../acpi-power-state-daemon/acpi-power-state-daemon_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb b/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb index bf26a8c07..4e27309de 100644 --- a/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb +++ b/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb @@ -8,7 +8,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://../LICENSE;md5=34400b68072d710fecd0a2940a0d1658" SRC_URI += "git://github.com/openbmc/google-misc" -SRCREV = "15fe169d1fbdd510bb9cfc9bb725baf0613350ff" +SRCREV = "1285115c16180bd28a3cfe79d9db8d10c84fe2ed" S = "${WORKDIR}/git/acpi-power-state-daemon" inherit meson -- cgit v1.2.3 From e1631ac78ab56fee2c873ba7e763b0faaf3c6dbe Mon Sep 17 00:00:00 2001 From: Andrew Geissler Date: Thu, 18 Mar 2021 08:40:38 +0000 Subject: google-misc: srcrev bump 15fe169d1f..1285115c16 William A. Kennington III (1): meson: Fix build with 0.57.1 Change-Id: I6b08157a77b2dbd2ce589a1f9fd4b8287890c92e Signed-off-by: Andrew Geissler --- meta-google/recipes-google/ncsi/ncsid_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/ncsi/ncsid_git.bb b/meta-google/recipes-google/ncsi/ncsid_git.bb index de5eb6e5b..4972ce854 100644 --- a/meta-google/recipes-google/ncsi/ncsid_git.bb +++ b/meta-google/recipes-google/ncsi/ncsid_git.bb @@ -8,7 +8,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://../LICENSE;md5=34400b68072d710fecd0a2940a0d1658" SRC_URI += "git://github.com/openbmc/google-misc" -SRCREV = "15fe169d1fbdd510bb9cfc9bb725baf0613350ff" +SRCREV = "1285115c16180bd28a3cfe79d9db8d10c84fe2ed" S = "${WORKDIR}/git/ncsid" inherit meson systemd -- cgit v1.2.3 From d02eb789919ee9877eab93105f9872e48322b399 Mon Sep 17 00:00:00 2001 From: Andrew Geissler Date: Wed, 24 Mar 2021 17:50:24 +0000 Subject: google-misc: srcrev bump 3f43b7eebe..b056df698c Brandon Kim (1): acpi-power-state: Import from gBMC William A. Kennington III (2): meson: Fix build with 0.57.1 metrics-ipmi-blobs: Fix generated source dependency Change-Id: I3234d7d21787e3050b53abcdb62e0f89e0dce78e Signed-off-by: Andrew Geissler --- meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb b/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb index 86ab7cc73..3eefb9d8c 100644 --- a/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb +++ b/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb @@ -13,7 +13,7 @@ DEPENDS += "protobuf-native" DEPENDS += "protobuf" SRC_URI = "git://github.com/openbmc/google-misc" -SRCREV = "3f43b7eebe17c96c13643018c927f38c0a071868" +SRCREV = "b056df698ca4405b7adfa5bbf931f4b8a9431e55" S = "${WORKDIR}/git/metrics-ipmi-blobs" FILES_${PN} += "${libdir}/ipmid-providers/libmetricsblob.so*" -- cgit v1.2.3 From cbb15ab4921045abe0c36de112e719108eb9b294 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 12 Mar 2021 18:19:01 -0800 Subject: meta-google: nftables-systemd: Flush at start We don't want errors in loading previous rules to affect the state of the ruleset during restart. Change-Id: Ic122e971670d56022029f1155c1accdf129672d0 Signed-off-by: William A. Kennington III --- meta-google/recipes-google/nftables/files/nft-configure.sh | 1 + meta-google/recipes-google/nftables/files/nftables.service | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/nftables/files/nft-configure.sh b/meta-google/recipes-google/nftables/files/nft-configure.sh index a82c2826f..05bb23d8b 100644 --- a/meta-google/recipes-google/nftables/files/nft-configure.sh +++ b/meta-google/recipes-google/nftables/files/nft-configure.sh @@ -9,6 +9,7 @@ for dir in /run/nftables /etc/nftables /usr/share/nftables; do let i+=1 done rc=0 +nft flush ruleset || rc=$? for key in $(printf "%s\n" "${!basemap[@]}" | sort -r); do echo "Executing ${basemap[$key]}" >&2 nft -f "${basemap[$key]}" || rc=$? diff --git a/meta-google/recipes-google/nftables/files/nftables.service b/meta-google/recipes-google/nftables/files/nftables.service index 79f0bb5b0..770a3d3ac 100644 --- a/meta-google/recipes-google/nftables/files/nftables.service +++ b/meta-google/recipes-google/nftables/files/nftables.service @@ -5,7 +5,7 @@ Before=network-pre.target Type=oneshot RemainAfterExit=yes ExecStart=/usr/libexec/nft-configure.sh -ExecStop=/bin/bash -c 'nft flush ruleset' +ExecStop=/usr/sbin/nft flush ruleset [Install] WantedBy=multi-user.target -- cgit v1.2.3 From 511bd615b05d08e441c036271b532bc9b699258f Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 24 Mar 2021 11:12:07 -0700 Subject: meta-google: google-misc: Split into include We don't want to generate bump commits for each project in the repo. Instead, provide an include that has common parameters used by all google-misc projects. Change-Id: Ice589c03aa0d38ca5043ee2081f3757568c4e4bb Signed-off-by: William A. Kennington III --- .../acpi-power-state-daemon_git.bb | 31 +++++++------------ .../recipes-google/google-misc/google-misc.inc | 12 ++++++++ .../recipes-google/ipmi/metrics-ipmi-blobs_git.bb | 35 +++++++++++----------- meta-google/recipes-google/ncsi/ncsid_git.bb | 19 ++++-------- 4 files changed, 46 insertions(+), 51 deletions(-) create mode 100644 meta-google/recipes-google/google-misc/google-misc.inc (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb b/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb index 4e27309de..0755d4eab 100644 --- a/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb +++ b/meta-google/recipes-google/acpi-power-state-daemon/acpi-power-state-daemon_git.bb @@ -1,28 +1,19 @@ SUMMARY = "ACPI Power/Sleep state daemon to allow host state events" DESCRIPTION = "ACPI Power/Sleep state daemon to allow host state events" -HOMEPAGE = "http://github.com/openbmc/google-misc" -PR = "r1" -PV = "1.0+git${SRCPV}" +GOOGLE_MISC_PROJ = "acpi-power-state-daemon" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://../LICENSE;md5=34400b68072d710fecd0a2940a0d1658" +require ../google-misc/google-misc.inc -SRC_URI += "git://github.com/openbmc/google-misc" -SRCREV = "1285115c16180bd28a3cfe79d9db8d10c84fe2ed" -S = "${WORKDIR}/git/acpi-power-state-daemon" - -inherit meson -inherit pkgconfig -inherit systemd +inherit pkgconfig systemd DEPENDS += " \ - phosphor-dbus-interfaces \ - sdbusplus \ - systemd \ - " + phosphor-dbus-interfaces \ + sdbusplus \ + systemd \ + " SYSTEMD_SERVICE_${PN} = " \ - acpi-power-state.service \ - host-s0-state.target \ - host-s5-state.target \ - " + acpi-power-state.service \ + host-s0-state.target \ + host-s5-state.target \ + " diff --git a/meta-google/recipes-google/google-misc/google-misc.inc b/meta-google/recipes-google/google-misc/google-misc.inc new file mode 100644 index 000000000..6146b2e62 --- /dev/null +++ b/meta-google/recipes-google/google-misc/google-misc.inc @@ -0,0 +1,12 @@ +HOMEPAGE = "http://github.com/openbmc/google-misc" +PR = "r1" +PV = "1.0+git${SRCPV}" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://../../LICENSE;md5=34400b68072d710fecd0a2940a0d1658" + +SRC_URI += "git://github.com/openbmc/google-misc" +SRCREV = "b056df698ca4405b7adfa5bbf931f4b8a9431e55" + +S = "${WORKDIR}/git/subprojects/${GOOGLE_MISC_PROJ}" +inherit meson diff --git a/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb b/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb index 3eefb9d8c..4518f49b5 100644 --- a/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb +++ b/meta-google/recipes-google/ipmi/metrics-ipmi-blobs_git.bb @@ -1,28 +1,27 @@ -HOMEPAGE = "http://github.com/openbmc/google-misc" SUMMARY = "gBMC Health Metrics Blob" DESCRIPTION = "BMC health metrics IPMI blob handler." -PR = "r1" -PV = "0.1+git${SRCPV}" -LICENSE = "Apache-2.0" +GOOGLE_MISC_PROJ = "metrics-ipmi-blobs" -inherit meson pkgconfig +require ../google-misc/google-misc.inc -DEPENDS += "phosphor-ipmi-blobs" -DEPENDS += "phosphor-logging" -DEPENDS += "protobuf-native" -DEPENDS += "protobuf" +inherit pkgconfig -SRC_URI = "git://github.com/openbmc/google-misc" -SRCREV = "b056df698ca4405b7adfa5bbf931f4b8a9431e55" -S = "${WORKDIR}/git/metrics-ipmi-blobs" - -FILES_${PN} += "${libdir}/ipmid-providers/libmetricsblob.so*" -FILES_${PN} += "${libdir}/blob-ipmid/libmetricsblob.so*" -INSANE_SKIP_${PN} += "dev-so" +DEPENDS += " \ + phosphor-ipmi-blobs \ + phosphor-logging \ + protobuf-native \ + protobuf \ + " +FILES_${PN} += " \ + ${libdir}/ipmid-providers/libmetricsblob.so* \ + ${libdir}/blob-ipmid/libmetricsblob.so* \ + " BLOBIPMI_PROVIDER_LIBRARY += "libmetricsblob.so" +INSANE_SKIP_${PN} += "dev-so" + do_install_append() { - install -d ${D}/${libdir}/blob-ipmid - ln -s ../ipmid-providers/libmetricsblob.so ${D}/${libdir}/blob-ipmid/libmetricsblob.so.0 + install -d ${D}/${libdir}/blob-ipmid + ln -s ../ipmid-providers/libmetricsblob.so ${D}/${libdir}/blob-ipmid/libmetricsblob.so.0 } diff --git a/meta-google/recipes-google/ncsi/ncsid_git.bb b/meta-google/recipes-google/ncsi/ncsid_git.bb index 4972ce854..4d74c992a 100644 --- a/meta-google/recipes-google/ncsi/ncsid_git.bb +++ b/meta-google/recipes-google/ncsi/ncsid_git.bb @@ -1,17 +1,10 @@ SUMMARY = "Google NCSI daemon" DESCRIPTION = "Google NCSI daemon." -HOMEPAGE = "http://github.com/openbmc/google-misc" -PR = "r1" -PV = "1.0+git${SRCPV}" +GOOGLE_MISC_PROJ = "ncsid" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://../LICENSE;md5=34400b68072d710fecd0a2940a0d1658" +require ../google-misc/google-misc.inc -SRC_URI += "git://github.com/openbmc/google-misc" -SRCREV = "1285115c16180bd28a3cfe79d9db8d10c84fe2ed" -S = "${WORKDIR}/git/ncsid" - -inherit meson systemd +inherit systemd SYSTEMD_SERVICE_${PN} += " \ dhcp4@.service \ @@ -21,13 +14,13 @@ SYSTEMD_SERVICE_${PN} += " \ nic-hostless@.target \ update-static-neighbors@.service \ update-static-neighbors@.timer \ -" + " DEPENDS += " \ fmt \ sdbusplus \ stdplus \ -" + " RDEPENDS_${PN} += " \ bash \ @@ -37,4 +30,4 @@ RDEPENDS_${PN} += " \ ndisc6-ndisc6 \ ndisc6-rdisc6 \ systemd \ -" + " -- cgit v1.2.3 From 1bca457e6ba5a4ba75241a77c5bcfe2ed62fcca8 Mon Sep 17 00:00:00 2001 From: Andrew Geissler Date: Wed, 24 Mar 2021 22:12:29 +0000 Subject: google-misc: srcrev bump b056df698c..4c68ffb8b0 William A. Kennington III (1): kcsbridge: Add alternative daemon Change-Id: I9e022d7b6d447269362652487f0d963ea2df53b4 Signed-off-by: Andrew Geissler --- meta-google/recipes-google/google-misc/google-misc.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/google-misc/google-misc.inc b/meta-google/recipes-google/google-misc/google-misc.inc index 6146b2e62..95f52613a 100644 --- a/meta-google/recipes-google/google-misc/google-misc.inc +++ b/meta-google/recipes-google/google-misc/google-misc.inc @@ -6,7 +6,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://../../LICENSE;md5=34400b68072d710fecd0a2940a0d1658" SRC_URI += "git://github.com/openbmc/google-misc" -SRCREV = "b056df698ca4405b7adfa5bbf931f4b8a9431e55" +SRCREV = "4c68ffb8b08fa4484824586ef4a981bcfabd38bb" S = "${WORKDIR}/git/subprojects/${GOOGLE_MISC_PROJ}" inherit meson -- cgit v1.2.3 From f89db26b407e44a620eccfae7df3186d65bdfa0c Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Tue, 23 Mar 2021 22:59:10 -0700 Subject: meta-google: google-kcsbridge: Add package Change-Id: I4507510cdb63c4be710c5674da87d640c633d610 Signed-off-by: William A. Kennington III --- meta-google/recipes-google/kcs/google-kcsbridge_git.bb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 meta-google/recipes-google/kcs/google-kcsbridge_git.bb (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/kcs/google-kcsbridge_git.bb b/meta-google/recipes-google/kcs/google-kcsbridge_git.bb new file mode 100644 index 000000000..4b3138eee --- /dev/null +++ b/meta-google/recipes-google/kcs/google-kcsbridge_git.bb @@ -0,0 +1,16 @@ +SUMMARY = "Google NCSI daemon" +DESCRIPTION = "Google NCSI daemon." +GOOGLE_MISC_PROJ = "kcsbridge" + +require ../google-misc/google-misc.inc + +inherit systemd + +DEPENDS += " \ + fmt \ + sdbusplus \ + sdeventplus \ + stdplus \ +" + +SYSTEMD_SERVICE_${PN} += "kcsbridge@.service" -- cgit v1.2.3 From f93003dd8cf24bd689a7cf24407273b54b9994d4 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Tue, 23 Mar 2021 22:59:39 -0700 Subject: meta-google: gbmc-kcs-config: Add package Change-Id: I0e68a7520191554680c94d8e3b8bc98f368ac71b Signed-off-by: William A. Kennington III --- meta-google/recipes-google/kcs/gbmc-kcs-config.bb | 46 ++++++++++++++++++++++ .../images/obmc-phosphor-image.bbappend | 2 + 2 files changed, 48 insertions(+) create mode 100644 meta-google/recipes-google/kcs/gbmc-kcs-config.bb (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/kcs/gbmc-kcs-config.bb b/meta-google/recipes-google/kcs/gbmc-kcs-config.bb new file mode 100644 index 000000000..ca7110660 --- /dev/null +++ b/meta-google/recipes-google/kcs/gbmc-kcs-config.bb @@ -0,0 +1,46 @@ +SUMMARY = "Configures KCS for a gBMC system" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +inherit systemd + +S = "${WORKDIR}" + +PROVIDES += "virtual-obmc-host-ipmi-hw" +RPROVIDES_${PN} += "virtual-obmc-host-ipmi-hw" + +FILES_${PN} += "${systemd_system_unitdir}" +RDEPENDS_${PN} += "google-kcsbridge" + +GBMC_KCS_DEV ?= "" + +def systemd_escape_char(c): + return '\\x{:x}'.format(ord(c)) + +def systemd_escape(unit): + import string + ret = '' + if len(unit) > 0 and unit[0] == '.': + ret += systemd_escape_char(unit[0]) + unit = unit[1:] + for c in unit: + if c == '/': + ret += '-' + elif c not in {*string.ascii_letters, *string.digits, ':', '_', '.'}: + ret += systemd_escape_char(c) + else: + ret += c + return ret + +do_install_append() { + if [ -z '${GBMC_KCS_DEV}' ]; then + echo "Missing GBMC_KCS_DEV" >&2 + exit 1 + fi + + wantdir=${D}${systemd_system_unitdir}/multi-user.target.wants + install -d -m0755 $wantdir + inst="${@systemd_escape(GBMC_KCS_DEV)}" + ln -sv ../kcsbridge@.service $wantdir/kcsbridge@$inst.service +} diff --git a/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend b/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend index acccde532..0dc37fd4e 100644 --- a/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend +++ b/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend @@ -11,3 +11,5 @@ OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ '${@"" if not d.getVar("GBMC_NCSI_IF_NAME") else " gbmc-ncsi-config"}' OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ '${@"" if not d.getVar("GBMC_MAC_EEPROM_OF_NAME") else " gbmc-mac-config"}' +OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ + '${@"" if not d.getVar("GBMC_KCS_DEV") else " gbmc-kcs-config"}' -- cgit v1.2.3 From cd9f5f00d75fe3735eebe886a1e0701bb25ea967 Mon Sep 17 00:00:00 2001 From: Zhenfei Tai Date: Fri, 2 Apr 2021 17:03:31 -0700 Subject: meta-google: add nanopb recipe We want to create a nanopb recipe instead of copying nanopb code into multiple recipes that need it. Signed-off-by: Zhenfei Tai Change-Id: Id03695ccd1ef57f078eefb9e3638bbd802234e58 --- meta-google/recipes-google/nanopb/nanopb_0.4.5.bb | 24 +++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 meta-google/recipes-google/nanopb/nanopb_0.4.5.bb (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/nanopb/nanopb_0.4.5.bb b/meta-google/recipes-google/nanopb/nanopb_0.4.5.bb new file mode 100644 index 000000000..232872e75 --- /dev/null +++ b/meta-google/recipes-google/nanopb/nanopb_0.4.5.bb @@ -0,0 +1,24 @@ +SUMMARY = "Nanopb library" +DESCRIPTION = "Nanopb - Protocol Buffers for Embedded Systems" +HOMEPAGE = "https://github.com/nanopb/nanopb" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=9db4b73a55a3994384112efcdb37c01f" + +inherit cmake python3native + +SRC_URI = "git://github.com/nanopb/nanopb" +SRCREV = "f7e4140a27d9e63517b5d596bc117bd6d5248888" +S = "${WORKDIR}/git" + +DEPENDS = "protobuf-native python3-protobuf" + +RDEPENDS_${PN}-generator += "python3 python3-protobuf" + +PACKAGES_prepend = "${PN}-generator ${PN}-runtime " + +FILES_${PN}-generator = "${libdir}/python* ${bindir}" + +FILES_${PN}-runtime = "${libdir}/*.so.*" + +BBCLASSEXTEND = "native" -- cgit v1.2.3 From 920f3c0ffc05f170f65868cd3e448d76c2023e53 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 31 Mar 2021 03:16:39 -0700 Subject: meta-google: authorized-keys-comp: Add package This adds a startup routine that compiles an authorized_keys file from multiple locations in the filesystem, allowing for multiple providers without clashing. Change-Id: Ib26e04af42f29d42410154fdd809aa3a525fc9d5 Signed-off-by: William A. Kennington III --- .../recipes-google/ssh/authorized-keys-comp.bb | 34 +++++++++++++++ .../authorized-keys-comp.service | 6 +++ .../authorized-keys-comp/authorized-keys-comp.sh | 51 ++++++++++++++++++++++ .../images/obmc-phosphor-image.bbappend | 1 + 4 files changed, 92 insertions(+) create mode 100644 meta-google/recipes-google/ssh/authorized-keys-comp.bb create mode 100644 meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.service create mode 100644 meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.sh (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/ssh/authorized-keys-comp.bb b/meta-google/recipes-google/ssh/authorized-keys-comp.bb new file mode 100644 index 000000000..81ee868a8 --- /dev/null +++ b/meta-google/recipes-google/ssh/authorized-keys-comp.bb @@ -0,0 +1,34 @@ +SUMMARY = "Compiles a set of authorized_keys files into a single file" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +inherit systemd + +SRC_URI += " \ + file://authorized-keys-comp.service \ + file://authorized-keys-comp.sh \ + " + +S = "${WORKDIR}" + +RDEPENDS_${PN} += "bash" + +SYSTEMD_SERVICE_${PN} += "authorized-keys-comp.service" + +FILES_${PN} += "/home" + +AUTHORIZED_KEYS_COMP_USERS ?= "root" + +do_install_append() { + install -d -m0755 ${D}${libexecdir} + install -m0755 authorized-keys-comp.sh ${D}${libexecdir}/ + + install -d -m0755 ${D}${systemd_system_unitdir} + install -m0644 authorized-keys-comp.service ${D}${systemd_system_unitdir}/ + + for user in ${AUTHORIZED_KEYS_COMP_USERS}; do + install -d -m0755 ${D}/home/$user/.ssh + ln -sv /run/authorized_keys/$user ${D}/home/$user/.ssh/authorized_keys + done +} diff --git a/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.service b/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.service new file mode 100644 index 000000000..92f9b2699 --- /dev/null +++ b/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.service @@ -0,0 +1,6 @@ +[Service] +Type=oneshot +ExecStart=/usr/libexec/authorized-keys-comp.sh + +[Install] +WantedBy=multi-user.target diff --git a/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.sh b/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.sh new file mode 100644 index 000000000..caff0a7a4 --- /dev/null +++ b/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.sh @@ -0,0 +1,51 @@ +#!/bin/bash +shopt -s nullglob + +# We want to iterate over all system users, check if they are opted-in to ssh +# authorized_keys building, and then construct their keyfile +for user in $(cut -d':' -f1 /etc/passwd); do + home="$(eval echo ~$user)" || continue + link="$(readlink $home/.ssh/authorized_keys 2>/dev/null)" || continue + # Users are only opted-in if they symlink to our well-known directory where + # the final output of this script lives. + if [ "$link" != "/run/authorized_keys/$user" ]; then + echo "Ignoring $user $home/.ssh/authorized_keys" >&2 + continue + fi + + echo "Updating $link" >&2 + declare -A basemap=() + declare -a dirs=( + "/usr/share/authorized_keys.d/$user" + "$home/.ssh/authorized_keys.d" + "/run/authorized_keys.d/$user" + ) + # Build a map that can be used for sorting directories by their priority + # and prioritizing the last listed directories over the later ones. We + # append a counter to ensure that there is a stable sorting mechanism for + # duplicate filenames. Duplicate filenames will be overridden by higher + # priority directories. + # Ex. + # /usr/share/authorized_keys.d/root/10-key + # /usr/share/authorized_keys.d/root/15-key + # /run/authorized_keys.d/root/10-key + # /run/authorized_keys.d/root/20-key + # Becomes + # ["10-key"]="/run/authorized_keys.d/root/10-key" + # ["15-key"]="/usr/share/authorized_keys.d/root/15-key" + # ["20-key"]="/run/authorized_keys.d/root/20-key" + for dir in "${dirs[@]}"; do + for file in "$dir"/*; do + basemap["${file##*/}"]="$file" + done + done + rm -f /run/authorized_keys.tmp + touch /run/authorized_keys.tmp + for key in $(printf "%s\n" "${!basemap[@]}" | sort -r); do + echo " Including ${basemap[$key]}" >&2 + cat "${basemap[$key]}" >>/run/authorized_keys.tmp + done + mkdir -p /run/authorized_keys + mv /run/authorized_keys.tmp /run/authorized_keys/$user + chown $user /run/authorized_keys/$user +done diff --git a/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend b/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend index 0dc37fd4e..042bb08b1 100644 --- a/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend +++ b/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend @@ -7,6 +7,7 @@ OBMC_IMAGE_EXTRA_INSTALL_append = " phosphor-ipmi-flash" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " iproute2 iproute2-ss" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " gbmc-systemd-config" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " gbmc-iperf3" +OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " authorized-keys-comp" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ '${@"" if not d.getVar("GBMC_NCSI_IF_NAME") else " gbmc-ncsi-config"}' OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ -- cgit v1.2.3 From 699337650eb6b0c24a903774872400411b78d3a0 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 31 Mar 2021 03:52:31 -0700 Subject: meta-google: gbmc-dev-ssh-key: Add package We want a key we can freely distribute to anyone who is building gBMC for use with SSH on development images. Change-Id: Iafedbbc6ebe2e62bce966bb368dd53831e29bd00 Signed-off-by: William A. Kennington III --- meta-google/recipes-google/ssh/gbmc-dev-ssh-key.bb | 15 +++++++++++++++ .../recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.priv | 7 +++++++ .../recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.pub | 1 + .../recipes-phosphor/images/obmc-phosphor-image.bbappend | 1 + 4 files changed, 24 insertions(+) create mode 100644 meta-google/recipes-google/ssh/gbmc-dev-ssh-key.bb create mode 100644 meta-google/recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.priv create mode 100644 meta-google/recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.pub (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/ssh/gbmc-dev-ssh-key.bb b/meta-google/recipes-google/ssh/gbmc-dev-ssh-key.bb new file mode 100644 index 000000000..a9d371e70 --- /dev/null +++ b/meta-google/recipes-google/ssh/gbmc-dev-ssh-key.bb @@ -0,0 +1,15 @@ +SUMMARY = "Publicly exposed development SSH key" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +SRC_URI += "file://gbmc-dev.pub" + +S = "${WORKDIR}" + +FILES_${PN} += " ${datadir}/authorized_keys.d" + +do_install() { + install -d ${D}${datadir}/authorized_keys.d/root + install -m 0755 ${S}/gbmc-dev.pub ${D}${datadir}/authorized_keys.d/root/50-gbmc-dev +} diff --git a/meta-google/recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.priv b/meta-google/recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.priv new file mode 100644 index 000000000..5fe3fb720 --- /dev/null +++ b/meta-google/recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.priv @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACAC+PxTCx2WyYG5iaq+GO0RArtziSb4kH/uzMZKyh5LKgAAAJAQPe9NED3v +TQAAAAtzc2gtZWQyNTUxOQAAACAC+PxTCx2WyYG5iaq+GO0RArtziSb4kH/uzMZKyh5LKg +AAAECx890MYHciMhMENgtQURn4zw10U3v5jAMymfFI9FaqwAL4/FMLHZbJgbmJqr4Y7REC +u3OJJviQf+7MxkrKHksqAAAACGdibWMtZGV2AQIDBAU= +-----END OPENSSH PRIVATE KEY----- diff --git a/meta-google/recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.pub b/meta-google/recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.pub new file mode 100644 index 000000000..82eb5f63d --- /dev/null +++ b/meta-google/recipes-google/ssh/gbmc-dev-ssh-key/gbmc-dev.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAL4/FMLHZbJgbmJqr4Y7RECu3OJJviQf+7MxkrKHksq gbmc-dev diff --git a/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend b/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend index 042bb08b1..0c74fc8bb 100644 --- a/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend +++ b/meta-google/recipes-phosphor/images/obmc-phosphor-image.bbappend @@ -8,6 +8,7 @@ OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " iproute2 iproute2-ss" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " gbmc-systemd-config" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " gbmc-iperf3" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = " authorized-keys-comp" +OBMC_IMAGE_EXTRA_INSTALL_append_gbmc_dev = " gbmc-dev-ssh-key" OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ '${@"" if not d.getVar("GBMC_NCSI_IF_NAME") else " gbmc-ncsi-config"}' OBMC_IMAGE_EXTRA_INSTALL_append_gbmc = \ -- cgit v1.2.3 From 6fae14e51c7e1f9d97289727bf51960e01acdb58 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Tue, 20 Apr 2021 00:08:40 -0700 Subject: meta-google: test-sh: Add package Provides a basic facility for unit testing shell scripts. Change-Id: I8b8baa1595ed80e5b8d13654ebdc3ba1d044b0cf Signed-off-by: William A. Kennington III --- meta-google/recipes-google/test/test-sh.bb | 21 ++++ meta-google/recipes-google/test/test-sh/lib.sh | 57 ++++++++++ meta-google/recipes-google/test/test-sh/test.sh | 145 ++++++++++++++++++++++++ 3 files changed, 223 insertions(+) create mode 100644 meta-google/recipes-google/test/test-sh.bb create mode 100755 meta-google/recipes-google/test/test-sh/lib.sh create mode 100755 meta-google/recipes-google/test/test-sh/test.sh (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/test/test-sh.bb b/meta-google/recipes-google/test/test-sh.bb new file mode 100644 index 000000000..7edbb9189 --- /dev/null +++ b/meta-google/recipes-google/test/test-sh.bb @@ -0,0 +1,21 @@ +SUMMARY = "Shell functions for testing shell scripts" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" +SRC_URI += "file://lib.sh" +SRC_URI += "file://test.sh" +S = "${WORKDIR}" + +DATA = "${datadir}/test" +FILES_${PN} += "${DATA}" + +do_compile() { + SYSROOT="$PKG_CONFIG_SYSROOT_DIR" bash test.sh || exit +} + +do_install_append() { + install -d -m0755 ${D}${DATA} + install -m0644 lib.sh ${D}${DATA}/ +} diff --git a/meta-google/recipes-google/test/test-sh/lib.sh b/meta-google/recipes-google/test/test-sh/lib.sh new file mode 100755 index 000000000..cc04c5dbf --- /dev/null +++ b/meta-google/recipes-google/test/test-sh/lib.sh @@ -0,0 +1,57 @@ +#!/bin/bash +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +expect_streq() { + local r="${2-$(cat)}" + [ "$1" = "$r" ] && return + echo " Line ${BASH_LINENO[0]} '$1' != '$r'" >&2 + test_err=1 +} + +expect_numeq() { + (( "$1" == "$2" )) && return + echo " Line ${BASH_LINENO[0]} '$1' != '$2'" >&2 + test_err=1 +} + +expect_err() { + local expected=$1 + shift + local rc=0 + "$@" || rc="$?" + (( rc == expected )) && return + echo " Line ${BASH_LINENO[0]} Status '$rc' != '$expected'" >&2 + test_err=1 +} + +fail() { + echo " Line ${BASH_LINENO[0]} Fail" >&2 + test_err=1 +} + +main() { + local agg_err=0 + for f in $(declare -F | grep 'declare -f test[A-Z_]' | awk '{print $3}'); do + echo "[$f] Running..." >&2 + local test_err=0 + if "$f" && (( test_err == 0 )); then + echo "[$f] Success" >&2 + else + echo "[$f] Failed ($?)" >&2 + agg_err=1 + fi + done + return $agg_err +} diff --git a/meta-google/recipes-google/test/test-sh/test.sh b/meta-google/recipes-google/test/test-sh/test.sh new file mode 100755 index 000000000..c74029d17 --- /dev/null +++ b/meta-google/recipes-google/test/test-sh/test.sh @@ -0,0 +1,145 @@ +#!/bin/bash +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +source "$(dirname "$0")/lib.sh" || exit + +( + echo '## Test Pass' >&2 + test_pass() { + return 0 + } + main || exit +) || exit + +( + echo '## Test Fail' >&2 + i=0 + test_pass1() { + (( i++ )) + return 0 + } + test_fail() { + return 1 + (( i++ )) + return 0 + } + test_pass2() { + (( i++ )) + return 0 + } + ! main || exit + (( i == 2 )) || exit +) || exit + +( + echo '## Test Deferred Fail' >&2 + i=0 + test_expect_fail() { + test_err=1 || return + (( i++ )) + return 0 + } + test_pass() { + (( i++ )) + return 0 + } + ! main || exit + (( i == 2 )) || exit +) || exit + +( + echo '## Test Fail' >&2 + i=0 + test_fail() { + fail 'Failed' || return + (( i++ )) + return 0 + } + ! main || exit + (( i == 1 )) || exit +) || exit + +( + echo '## Test Expect Err' >&2 + i=0 + test_expect_err() { + expect_err 1 false || return + (( i++ )) + return 0 + } + main || exit + (( i == 1 )) || exit +) || exit + +( + echo '## Test Expect Err Error' >&2 + i=0 + test_expect_err() { + expect_err 0 false || return + (( i++ )) + return 0 + } + ! main || exit + (( i == 1 )) || exit +) || exit + +( + echo '## Test Num EQ' >&2 + i=0 + test_num_eq() { + expect_numeq 15 0xf || return + expect_numeq 1 1 || return + (( i++ )) + return 0 + } + main || exit + (( i == 1 )) || exit +) || exit + +( + echo '## Test Num EQ Error' >&2 + i=0 + test_num_eq() { + expect_numeq 15 10 || return + (( i++ )) + return 0 + } + ! main || exit + (( i == 1 )) || exit +) || exit + +( + echo '## Test Str EQ' >&2 + i=0 + test_str_eq() { + expect_streq abz abz || return + (( i++ )) + return 0 + } + main || exit + (( i == 1 )) || exit +) || exit + +( + echo '## Test Str EQ Error' >&2 + i=0 + test_str_eq() { + expect_streq 15 0xf || return + (( i++ )) + return 0 + } + ! main || exit + (( i == 1 )) || exit +) || exit -- cgit v1.2.3 From 1e268105977df1f238c18f58eb5bca20fec3aecc Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Mon, 8 Mar 2021 13:00:12 -0800 Subject: meta-google: network-sh: Add library Provides a utility for working with network type data. Right now this is just for MAC address parsing and conversion to EUI{48,64}. Change-Id: I49946d8147f1c7b10cfe3a9e55b20fc30c083eda Signed-off-by: William A. Kennington III --- .../recipes-google/networking/network-sh.bb | 23 +++++ .../recipes-google/networking/network-sh/lib.sh | 106 +++++++++++++++++++++ .../recipes-google/networking/network-sh/test.sh | 84 ++++++++++++++++ 3 files changed, 213 insertions(+) create mode 100644 meta-google/recipes-google/networking/network-sh.bb create mode 100644 meta-google/recipes-google/networking/network-sh/lib.sh create mode 100755 meta-google/recipes-google/networking/network-sh/test.sh (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/networking/network-sh.bb b/meta-google/recipes-google/networking/network-sh.bb new file mode 100644 index 000000000..a377b9e2a --- /dev/null +++ b/meta-google/recipes-google/networking/network-sh.bb @@ -0,0 +1,23 @@ +SUMMARY = "Shell functions for manipulating network addresses" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" +SRC_URI += "file://lib.sh" +SRC_URI += "file://test.sh" +S = "${WORKDIR}" + +DATA = "${datadir}/network" +FILES_${PN} += "${DATA}" + +DEPENDS += "test-sh" + +do_compile() { + SYSROOT="$PKG_CONFIG_SYSROOT_DIR" bash test.sh || exit +} + +do_install_append() { + install -d -m0755 ${D}${DATA} + install -m0644 lib.sh ${D}${DATA}/ +} diff --git a/meta-google/recipes-google/networking/network-sh/lib.sh b/meta-google/recipes-google/networking/network-sh/lib.sh new file mode 100644 index 000000000..f37f7196d --- /dev/null +++ b/meta-google/recipes-google/networking/network-sh/lib.sh @@ -0,0 +1,106 @@ +#!/bin/bash +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +[ -n "${network_init-}" ] && return + +mac_to_bytes() { + local -n bytes="$1" + local str="$2" + + # Verify that the MAC is Valid + [[ "$str" =~ ^[[:xdigit:]]{1,2}(:[[:xdigit:]]{1,2}){5}$ ]] || return + + # Split the mac into hex bytes + local oldifs="$IFS" + IFS=: + local byte + for byte in $str; do + bytes+=(0x$byte) + done + IFS="$oldifs" +} + +mac_to_eui48() { + local mac_bytes=() + mac_to_bytes mac_bytes "$1" || return + + # Return the EUI-64 bytes in the IPv6 format + printf '%02x%02x:%02x%02x:%02x%02x\n' "${mac_bytes[@]}" +} + +mac_to_eui64() { + local mac_bytes=() + mac_to_bytes mac_bytes "$1" || return + + # Using EUI-64 conversion rules, create the suffix bytes from MAC bytes + # Invert bit-0 of the first byte, and insert 0xfffe in the middle. + local suffix_bytes=( + $((mac_bytes[0] ^ 1)) + ${mac_bytes[@]:1:2} + $((0xff)) $((0xfe)) + ${mac_bytes[@]:3:3} + ) + + # Return the EUI-64 bytes in the IPv6 format + printf '%02x%02x:%02x%02x:%02x%02x:%02x%02x\n' "${suffix_bytes[@]}" +} + +ipv6_pfx_concat() { + local pfx="$1" + local sfx="$2" + + # Validate the prefix + if ! [[ "$pfx" =~ ^(([0-9a-fA-F]{1,4}:)+):/([0-9]+)$ ]]; then + echo "Invalid IPv6 prefix: $pfx" >&2 + return 1 + fi + local addr="${BASH_REMATCH[1]}" + local cidr="${BASH_REMATCH[3]}" + # Ensure prefix doesn't have too many bytes + local nos="${addr//:/}" + if (( ${#addr} - ${#nos} > (cidr+7)/16 )); then + echo "Too many prefix bytes: $pfx" >&2 + return 1 + fi + + # Validate the suffix + if ! [[ "$sfx" =~ ^[0-9a-fA-F]{1,4}(:[0-9a-fA-F]{1,4})*$ ]]; then + echo "Invalid IPv6 suffix: $sfx" >&2 + return 1 + fi + # Ensure suffix doesn't have too many bytes + local nos="${sfx//:/}" + if (( ${#sfx} - ${#nos} >= (128-cidr)/16 )); then + echo "Too many suffix bytes: $sfx" >&2 + return 1 + fi + + local comb="$addr:$sfx" + local nos="${comb//:/}" + if (( ${#comb} - ${#nos} == 8 )); then + comb="$addr$sfx" + fi + echo "$comb/$cidr" +} + +ipv6_pfx_to_cidr() { + [[ "$1" =~ ^[0-9a-fA-F:]+/([0-9]+)$ ]] || return + echo "${BASH_REMATCH[1]}" +} + +network_init=1 +return 0 2>/dev/null +echo "network is a library, not executed directly" >&2 +exit 1 diff --git a/meta-google/recipes-google/networking/network-sh/test.sh b/meta-google/recipes-google/networking/network-sh/test.sh new file mode 100755 index 000000000..57387c47c --- /dev/null +++ b/meta-google/recipes-google/networking/network-sh/test.sh @@ -0,0 +1,84 @@ +#!/bin/bash +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +cd "$(dirname "$0")" +if [ -e ../network-sh.bb ]; then + source '../../test/test-sh/lib.sh' +else + source "$SYSROOT/usr/share/test/lib.sh" +fi +source lib.sh + +test_mac_to_bytes() { + out=() + expect_err 1 mac_to_bytes out '' + expect_err 1 mac_to_bytes out '00' + expect_err 1 mac_to_bytes out '12:34:56:78:90:' + expect_err 1 mac_to_bytes out ':12:34:56:78:90' + expect_err 1 mac_to_bytes out '12:34:56:78:90:0:' + expect_err 1 mac_to_bytes out '12:34:56:78:90:0:2' + + expect_err 0 mac_to_bytes out 'a2:0:f:de:0:29' + expected=(0xa2 0 0xf 0xde 0 0x29) + for (( i=0; i < ${#expected[@]}; ++i )); do + expect_numeq "${out[$i]}" "${expected[$i]}" + done +} + +test_mac_to_eui_48() { + str="$(mac_to_eui48 '12:34:56:78:90:af')" || fail + expect_streq "$str" '1234:5678:90af' +} + +test_eui_64() { + str="$(mac_to_eui64 '12:34:56:78:90:af')" || fail + expect_streq "$str" '1334:56ff:fe78:90af' +} + +test_ipv6_pfx_concat() { + # Invalid inputs + expect_err 1 ipv6_pfx_concat 'fd/64' '1234:5678:90af' + expect_err 1 ipv6_pfx_concat 'fd01::' '1234:5678:90af' + expect_err 1 ipv6_pfx_concat 'fd01:' '1234:5678:90af' + expect_err 1 ipv6_pfx_concat 'fd01::/a0' '1234:5678:90af' + expect_err 1 ipv6_pfx_concat 'fd01::/64' ':1234:5678:90af' + expect_err 1 ipv6_pfx_concat 'fd01::/64' '::' + + # Too many address bits + expect_err 1 ipv6_pfx_concat 'fd01:1:1:1:1::/64' '1234:5678:90af' + expect_err 1 ipv6_pfx_concat 'fd01::/64' '1:0:1234:5678:90af' + expect_err 1 ipv6_pfx_concat 'fd01::/65' '1:1234:5678:90af' + expect_err 1 ipv6_pfx_concat 'fd01::/72' '1:1234:5678:90af' + + str="$(ipv6_pfx_concat 'fd01::/64' '1')" || fail + expect_streq "$str" 'fd01::1/64' + str="$(ipv6_pfx_concat 'fd01::/72' '1234:5678:90af')" || fail + expect_streq "$str" 'fd01::1234:5678:90af/72' + str="$(ipv6_pfx_concat 'fd01:eeee:aaaa:cccc::/64' 'a:1234:5678:90af')" || fail + expect_streq "$str" 'fd01:eeee:aaaa:cccc:a:1234:5678:90af/64' +} + +test_ipv6_pfx_to_cidr() { + expect_err 1 ipv6_pfx_to_cidr 'z/64' + expect_err 1 ipv6_pfx_to_cidr '64' + + cidr="$(ipv6_pfx_to_cidr 'fd01::/64')" || fail + expect_numeq "$cidr" 64 + cidr="$(ipv6_pfx_to_cidr 'fd01:eeee:aaaa:cccc:a:1234:5678:90af/128')" || fail + expect_numeq "$cidr" 128 +} + +return 0 2>/dev/null +main -- cgit v1.2.3 From e33ec595eac55d4cf209ea4d3e1dc487803978e7 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 10 Mar 2021 17:43:48 -0800 Subject: meta-google: gbmc-ip-monitor: Add package Add a daemon that monitors all link / addr / route changes on a system, and runs a set of installed hooks to perform customized behavior when these changes occur. Change-Id: Id2a6b7dc2534ebae1beca7135528a6e1e4eada57 Signed-off-by: William A. Kennington III --- .../networking/files/gbmc-ip-monitor-test.sh | 181 +++++++++++++++++++++ .../networking/files/gbmc-ip-monitor.service | 9 + .../networking/files/gbmc-ip-monitor.sh | 122 ++++++++++++++ .../recipes-google/networking/gbmc-ip-monitor.bb | 35 ++++ 4 files changed, 347 insertions(+) create mode 100755 meta-google/recipes-google/networking/files/gbmc-ip-monitor-test.sh create mode 100644 meta-google/recipes-google/networking/files/gbmc-ip-monitor.service create mode 100755 meta-google/recipes-google/networking/files/gbmc-ip-monitor.sh create mode 100644 meta-google/recipes-google/networking/gbmc-ip-monitor.bb (limited to 'meta-google/recipes-google') diff --git a/meta-google/recipes-google/networking/files/gbmc-ip-monitor-test.sh b/meta-google/recipes-google/networking/files/gbmc-ip-monitor-test.sh new file mode 100755 index 000000000..8b5f3492f --- /dev/null +++ b/meta-google/recipes-google/networking/files/gbmc-ip-monitor-test.sh @@ -0,0 +1,181 @@ +#!/bin/bash +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +cd "$(dirname "$0")" +source gbmc-ip-monitor.sh +if [ -e ../gbmc-ip-monitor.bb ]; then + source '../../test/test-sh/lib.sh' +else + source "$SYSROOT/usr/share/test/lib.sh" +fi + +test_init_empty() { + ip() { + return 0 + } + str="$(gbmc_ip_monitor_generate_init)" || fail + expect_streq "$str" '[INIT]' +} + +test_init_link_populated() { + ip() { + if [ "$1" = 'link' ]; then + cat < mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 +2: eno2: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 + link/ether aa:aa:aa:aa:aa:aa brd ff:ff:ff:ff:ff:ff + altname enp0s31f6 +EOF + fi + return 0 + } + str="$(gbmc_ip_monitor_generate_init)" || fail + expect_streq "$str" < mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 +[LINK]2: eno2: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 + link/ether aa:aa:aa:aa:aa:aa brd ff:ff:ff:ff:ff:ff + altname enp0s31f6 +[INIT] +EOF +} + +test_init_addr_populated() { + ip() { + if [ "$1" = 'addr' ]; then + cat < mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host + valid_lft forever preferred_lft forever +2: eno2: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 + link/ether aa:aa:aa:aa:aa:aa brd ff:ff:ff:ff:ff:ff + altname enp0s31f6 + inet 192.168.242.57/23 brd 192.168.243.255 scope global dynamic noprefixroute eno2 + valid_lft 83967sec preferred_lft 83967sec + inet6 fd01:ff2:5687:4:cf03:45f3:983a:96eb/64 scope global temporary dynamic + valid_lft 518788sec preferred_lft 183sec +EOF + fi + return 0 + } + str="$(gbmc_ip_monitor_generate_init)" || fail + expect_streq "$str" < mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000" \ + < <(echo 'link/ether aa:aa:aa:aa:aa:aa brd ff:ff:ff:ff:ff:ff') + expect_streq "$change" 'link' + expect_streq "$action" 'add' + expect_streq "$intf" 'eno2' + expect_streq "$mac" 'aa:aa:aa:aa:aa:aa' +} + +testParseLinkDel() { + expect_err 0 gbmc_ip_monitor_parse_line "[LINK]Deleted 2: eno2: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000" \ + < <(echo 'link/ether aa:aa:aa:aa:aa:aa brd ff:ff:ff:ff:ff:ff') + expect_streq "$change" 'link' + expect_streq "$action" 'del' + expect_streq "$intf" 'eno2' + expect_streq "$mac" 'aa:aa:aa:aa:aa:aa' +} + +main diff --git a/meta-google/recipes-google/networking/files/gbmc-ip-monitor.service b/meta-google/recipes-google/networking/files/gbmc-ip-monitor.service new file mode 100644 index 000000000..435eac91d --- /dev/null +++ b/meta-google/recipes-google/networking/files/gbmc-ip-monitor.service @@ -0,0 +1,9 @@ +[Unit] +Before=systemd-networkd.service + +[Service] +Type=notify +ExecStart=/usr/libexec/gbmc-ip-monitor.sh + +[Install] +WantedBy=multi-user.target diff --git a/meta-google/recipes-google/networking/files/gbmc-ip-monitor.sh b/meta-google/recipes-google/networking/files/gbmc-ip-monitor.sh new file mode 100755 index 000000000..baeff9a85 --- /dev/null +++ b/meta-google/recipes-google/networking/files/gbmc-ip-monitor.sh @@ -0,0 +1,122 @@ +#!/bin/bash +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# A list of functions which get executed for each netlink event received. +# These are configured by the files included below. +GBMC_IP_MONITOR_HOOKS=() + +# Load configurations from a known location in the filesystem to populate +# hooks that are executed after each event. +shopt -s nullglob +for conf in /usr/share/gbmc-ip-monitor/*.sh; do + source "$conf" +done + +gbmc_ip_monitor_run_hooks() { + local hook + for hook in "${GBMC_IP_MONITOR_HOOKS[@]}"; do + "$hook" || continue + done +} + +gbmc_ip_monitor_generate_init() { + ip link | sed 's,^[^ ],[LINK]\0,' + local intf= + local line + while read line; do + [[ "$line" =~ ^([0-9]+:[[:space:]][^:]+) ]] && intf="${BASH_REMATCH[1]}" + [[ "$line" =~ ^[[:space:]]*inet ]] && echo "[ADDR]$intf $line" + done < <(ip addr) + ip -4 route | sed 's,^,[ROUTE],' + ip -6 route | sed 's,^,[ROUTE],' + echo '[INIT]' +} + +gbmc_ip_monitor_parse_line() { + local line="$1" + if [[ "$line" == '[INIT]'* ]]; then + change=init + echo "Initialized" >&2 + elif [[ "$line" == '[ADDR]'* ]]; then + change=addr + action=add + pfx_re='^\[ADDR\](Deleted )?[0-9]+:[[:space:]]*' + intf_re='([^ ]+)[[:space:]]+' + fam_re='([^ ]+)[[:space:]]+' + addr_re='([^/]+)/[0-9]+[[:space:]]+(brd[[:space:]]+[^ ]+[[:space:]]+)?' + scope_re='scope[[:space:]]+([^ ]+)[[:space:]]*(.*)' + combined_re="${pfx_re}${intf_re}${fam_re}${addr_re}${scope_re}" + if ! [[ "$line" =~ ${combined_re} ]]; then + echo "Failed to parse addr: $line" >&2 + return 1 + fi + if [ -n "${BASH_REMATCH[1]}" ]; then + action=del + fi + intf="${BASH_REMATCH[2]}" + fam="${BASH_REMATCH[3]}" + ip="${BASH_REMATCH[4]}" + scope="${BASH_REMATCH[6]}" + flags="${BASH_REMATCH[7]}" + elif [[ "$line" == '[ROUTE]'* ]]; then + line="${line#[ROUTE]}" + change=route + action=add + if ! [[ "$line" =~ ^\[ROUTE\](Deleted )?(.*)$ ]]; then + echo "Failed to parse link: $line" >&2 + return 1 + fi + if [ -n "${BASH_REMATCH[1]}" ]; then + action=del + fi + route="${BASH_REMATCH[2]}" + elif [[ "$line" == '[LINK]'* ]]; then + change=link + action=add + pfx_re='^\[LINK\](Deleted )?[0-9]+:[[:space:]]*' + intf_re='([^:]+):[[:space:]]+' + if ! [[ "$line" =~ ${pfx_re}${intf_re} ]]; then + echo "Failed to parse link: $line" >&2 + return 1 + fi + if [ -n "${BASH_REMATCH[1]}" ]; then + action=del + fi + intf="${BASH_REMATCH[2]}" + read line || break + data=($line) + mac="${data[1]}" + else + return 2 + fi +} + +cleanup() { + local st="$?" + trap - HUP INT QUIT ABRT TERM EXIT + jobs -l -p | xargs -r kill || true + exit $st +} +trap cleanup HUP INT QUIT ABRT TERM EXIT + +return 0 2>/dev/null + +while read line; do + gbmc_ip_monitor_parse_line || continue + gbmc_ip_monitor_run_hooks || continue + if [ "$change" = 'init' ]; then + systemd-notify --ready + fi +done < <(gbmc_ip_monitor_generate_init; exec ip monitor link addr route label) diff --git a/meta-google/recipes-google/networking/gbmc-ip-monitor.bb b/meta-google/recipes-google/networking/gbmc-ip-monitor.bb new file mode 100644 index 000000000..32804302b --- /dev/null +++ b/meta-google/recipes-google/networking/gbmc-ip-monitor.bb @@ -0,0 +1,35 @@ +SUMMARY = "Allows hooking netlink events to perform network actions" +PR = "r1" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +inherit systemd + +SRC_URI += " \ + file://gbmc-ip-monitor.service \ + file://gbmc-ip-monitor.sh \ + file://gbmc-ip-monitor-test.sh \ + " + +S = "${WORKDIR}" + +DEPENDS += "test-sh" + +RDEPENDS_${PN} += " \ + bash \ + iproute2 \ + " + +SYSTEMD_SERVICE_${PN} += "gbmc-ip-monitor.service" + +do_compile() { + SYSROOT="$PKG_CONFIG_SYSROOT_DIR" bash gbmc-ip-monitor-test.sh || exit +} + +do_install_append() { + install -d -m0755 ${D}${libexecdir} + install -m0755 gbmc-ip-monitor.sh ${D}${libexecdir}/ + + install -d -m0755 ${D}${systemd_system_unitdir} + install -m0644 gbmc-ip-monitor.service ${D}${systemd_system_unitdir}/ +} -- cgit v1.2.3