From 8574e7e3de3fe14ba466801e200d2254623c18db Mon Sep 17 00:00:00 2001 From: Artem Senichev Date: Fri, 8 May 2020 12:33:35 +0300 Subject: meta-nicole: Add CLI for end users Command Line Interface (CLI) is a Bash-based shell that is used by non-system users to manage the OpenBMC system. (From meta-yadro rev: cd42b3483a43c1b80aaff8464d9f9c5c3d46979b) Signed-off-by: Artem Senichev Change-Id: If63b3eb4bdec59d966422d114d1a960c4a67ce2f Signed-off-by: Andrew Geissler --- .../recipes-phosphor/cli/obmc-yadro-cli_git.bb | 31 ++++++++++++++++++++++ .../images/obmc-phosphor-image.bbappend | 11 +++++--- 2 files changed, 38 insertions(+), 4 deletions(-) create mode 100644 meta-yadro/meta-nicole/recipes-phosphor/cli/obmc-yadro-cli_git.bb (limited to 'meta-yadro') diff --git a/meta-yadro/meta-nicole/recipes-phosphor/cli/obmc-yadro-cli_git.bb b/meta-yadro/meta-nicole/recipes-phosphor/cli/obmc-yadro-cli_git.bb new file mode 100644 index 000000000..0f1bc3aad --- /dev/null +++ b/meta-yadro/meta-nicole/recipes-phosphor/cli/obmc-yadro-cli_git.bb @@ -0,0 +1,31 @@ +SUMMARY = "Command-line interface" +DESCRIPTION = "YADRO OpenBMC Command Line Interface for end users" +HOMEPAGE = "https://github.com/YADRO-KNS/obmc-yadro-cli" +PR = "r1" +PV = "1.0+git${SRCPV}" + +# License info +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" + +# Dependencies +DEPENDS = "phosphor-user-manager" +RDEPENDS_${PN} = "sudo bash" + +# Besides executable file we also have shared help +FILES_${PN} += "${datadir}/cli.help" + +# Custom installation procedure +do_install() { + ${B}/install.sh \ + --dir ${D} \ + --machine ${MACHINE} \ + --admin priv-admin \ + --operator priv-operator \ + --user priv-user +} + +# Source code repository +S = "${WORKDIR}/git" +SRC_URI = "git://github.com/YADRO-KNS/obmc-yadro-cli" +SRCREV = "406688be909c702cbaecdf06147dc3b832c37f99" diff --git a/meta-yadro/meta-nicole/recipes-phosphor/images/obmc-phosphor-image.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/images/obmc-phosphor-image.bbappend index b2b27da74..46b1decf7 100644 --- a/meta-yadro/meta-nicole/recipes-phosphor/images/obmc-phosphor-image.bbappend +++ b/meta-yadro/meta-nicole/recipes-phosphor/images/obmc-phosphor-image.bbappend @@ -1,4 +1,7 @@ -OBMC_IMAGE_EXTRA_INSTALL_append = " mboxd \ - openpower-fru-vpd \ - first-boot-set-mac \ - first-boot-set-hostname" +OBMC_IMAGE_EXTRA_INSTALL_append = " \ + first-boot-set-hostname \ + first-boot-set-mac \ + mboxd \ + obmc-yadro-cli \ + openpower-fru-vpd \ +" -- cgit v1.2.3 From ca64d291023c59a71a24e560d64561e3dabfcc1f Mon Sep 17 00:00:00 2001 From: Artem Senichev Date: Sun, 10 May 2020 10:28:02 +0300 Subject: meta-nicole: Add default account for administrator Creates default administrative account for managing the OpenBMC. (From meta-yadro rev: 7eef85ee0d2e6f8100c06c0f9a9cb52c941ecd50) Signed-off-by: Artem Senichev Change-Id: If4aa85ace08c9628e98252f00c508fbf28385c9b Signed-off-by: Andrew Geissler --- .../images/obmc-phosphor-image.bbappend | 1 + .../recipes-phosphor/users/admin-account.bb | 38 ++++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 meta-yadro/meta-nicole/recipes-phosphor/users/admin-account.bb (limited to 'meta-yadro') diff --git a/meta-yadro/meta-nicole/recipes-phosphor/images/obmc-phosphor-image.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/images/obmc-phosphor-image.bbappend index 46b1decf7..8f69024d1 100644 --- a/meta-yadro/meta-nicole/recipes-phosphor/images/obmc-phosphor-image.bbappend +++ b/meta-yadro/meta-nicole/recipes-phosphor/images/obmc-phosphor-image.bbappend @@ -1,4 +1,5 @@ OBMC_IMAGE_EXTRA_INSTALL_append = " \ + admin-account \ first-boot-set-hostname \ first-boot-set-mac \ mboxd \ diff --git a/meta-yadro/meta-nicole/recipes-phosphor/users/admin-account.bb b/meta-yadro/meta-nicole/recipes-phosphor/users/admin-account.bb new file mode 100644 index 000000000..d94952e1f --- /dev/null +++ b/meta-yadro/meta-nicole/recipes-phosphor/users/admin-account.bb @@ -0,0 +1,38 @@ +SUMMARY = "Default administrative account" +DESCRIPTION = "Creating default account for system administrator" +PR = "r1" + +inherit useradd + +# License info +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +# Dependencies +DEPENDS = "sudo \ + phosphor-ipmi-host \ + phosphor-user-manager" + +# Groups +GROUP_ADMIN = "priv-admin" +GROUP_OPERATOR = "priv-operator" +GROUP_USER = "priv-user" +GROUP_IPMI = "ipmi" +GROUP_SUDO = "sudo" + +# Default administrative account (login: admin, password: admin) +ADMIN_LOGIN = "admin" +ADMIN_PASSW = "\$1\$Fze0kFe8\$sylEANC01t.osF8OewyB/1" +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--gid ${GROUP_ADMIN} \ + --groups ${GROUP_ADMIN},${GROUP_OPERATOR},${GROUP_USER},${GROUP_IPMI},${GROUP_SUDO} \ + --password '${ADMIN_PASSW}' \ + ${ADMIN_LOGIN}" + +# We don't have package body +ALLOW_EMPTY_${PN} = "1" + +# Workaround for meta-phosphor/classes/phosphor-rootfs-postcommands.bbclass. +# The bb-script cannot add root to non-empty groups (invalid sed command). +GROUPMEMS_PARAM_${PN} = "-a root -g ${GROUP_ADMIN}; \ + -a root -g ${GROUP_IPMI}" -- cgit v1.2.3 From 475592fd429f7b59ab1a2e9d521a3b35b9f8b04a Mon Sep 17 00:00:00 2001 From: Artem Senichev Date: Mon, 25 May 2020 18:14:23 +0300 Subject: nicole: esel-parser: srcrev bump c35879f..8d25ae3 Artem Senichev (1): Fix build with GCC 10 (From meta-yadro rev: af4fcfc9196dec6b4a3aac60f5a211ddc689917a) Signed-off-by: Artem Senichev Change-Id: I9ea6dc5fb97870b8b0ecda9633a16e5e764f06ae Signed-off-by: Andrew Geissler --- .../meta-nicole/recipes-phosphor/logging/openpower-esel-parser_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'meta-yadro') diff --git a/meta-yadro/meta-nicole/recipes-phosphor/logging/openpower-esel-parser_git.bb b/meta-yadro/meta-nicole/recipes-phosphor/logging/openpower-esel-parser_git.bb index fe9b8fee9..dc6d4b31a 100644 --- a/meta-yadro/meta-nicole/recipes-phosphor/logging/openpower-esel-parser_git.bb +++ b/meta-yadro/meta-nicole/recipes-phosphor/logging/openpower-esel-parser_git.bb @@ -20,4 +20,4 @@ DEPENDS += "autoconf-archive-native \ # Source code repository S = "${WORKDIR}/git" SRC_URI = "gitsm://github.com/YADRO-KNS/openpower-esel-parser" -SRCREV = "c35879fa605f3aa8098fff2c0a395815d8cbfe51" +SRCREV = "8d25ae3cf40c090dfa17eb30a95c3d844012235f" -- cgit v1.2.3 From 949357efb7771a96bac6061a2c4b81eb7d2df936 Mon Sep 17 00:00:00 2001 From: Alexander Filippov Date: Fri, 24 Apr 2020 20:34:54 +0300 Subject: meta-yadro: add obmc-yadro-lssensors package lssensors is a command line tool which shows available sensors. (From meta-yadro rev: d54a06e15444c1d7e66b0da7e1e1f9e36c158884) Change-Id: I25ba2b2725ad6cb18497070631ce4edd26484e60 Signed-off-by: Alexander Filippov Signed-off-by: Andrew Geissler --- .../recipes-phosphor/sensors/obmc-yadro-lssensors_git.bb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 meta-yadro/recipes-phosphor/sensors/obmc-yadro-lssensors_git.bb (limited to 'meta-yadro') diff --git a/meta-yadro/recipes-phosphor/sensors/obmc-yadro-lssensors_git.bb b/meta-yadro/recipes-phosphor/sensors/obmc-yadro-lssensors_git.bb new file mode 100644 index 000000000..55d549500 --- /dev/null +++ b/meta-yadro/recipes-phosphor/sensors/obmc-yadro-lssensors_git.bb @@ -0,0 +1,16 @@ +SUMMARY = "OpenBMC YADRO list sensors tool" +DESCRIPTION = "The command line tool to show detailed information about \ + all available sensors" +HOMEPAGE = "https://github.com/YADRO-KNS/obmc-yadro-lssensors" +PR = "r1" +PV = "1.0+git${SRCPV}" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" + +inherit meson + +DEPENDS += "sdbusplus" + +S = "${WORKDIR}/git" +SRC_URI = "git://github.com/YADRO-KNS/obmc-yadro-lssensors.git" +SRCREV = "4f55f0e21c5000d7a9e9c49cc2ad16bc6ba6463e" -- cgit v1.2.3 From 83c970a872c9dd26a9bcbc8dcf83a2a185c875c5 Mon Sep 17 00:00:00 2001 From: Alexander Filippov Date: Fri, 24 Apr 2020 20:38:39 +0300 Subject: meta-nicole: build obmc-yadro-lssensors Adds obmc-yadro-lssensors to nicole firmware. (From meta-yadro rev: 6ad79177812c3b3af1c962c31b65c76eb76b51dc) Change-Id: Ife48ab428e402b2291047f585e3b089ef7ed4c77 Signed-off-by: Alexander Filippov Signed-off-by: Andrew Geissler --- .../recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend | 1 + 1 file changed, 1 insertion(+) (limited to 'meta-yadro') diff --git a/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend index 8ad3a91eb..31e4f5b71 100644 --- a/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend +++ b/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend @@ -3,4 +3,5 @@ RDEPENDS_${PN}-extras_append = " \ phosphor-hostlogger \ openpower-esel-parser \ obmc-yadro-fwupdate \ + obmc-yadro-lssensors \ " -- cgit v1.2.3 From 9c8c27be725df83963ff8a188d33e20a4a3d7043 Mon Sep 17 00:00:00 2001 From: Alexander Filippov Date: Wed, 27 May 2020 14:57:27 +0300 Subject: meta-nicole: Add image signature verification Adds a firmware image signature verification. This brings: - The key is stored in `/etc/activationdata` folder. - The software item activation now begins with signature verification. The verification failure stops the activation only when the `fieldMode` is set to true. See https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/xyz/openbmc_project/Control/FieldMode.interface.yaml (From meta-yadro rev: f9e0ad9f1bb2a2520651f771e2b873bef384423a) Change-Id: I91cf92d15d29737a9cd05120b194189eb767636e Signed-off-by: Alexander Filippov Signed-off-by: Andrew Geissler --- .../recipes-phosphor/flash/openpower-software-manager_%.bbappend | 1 + .../recipes-phosphor/flash/phosphor-software-manager_%.bbappend | 1 + .../recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend | 5 ++++- 3 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 meta-yadro/meta-nicole/recipes-phosphor/flash/openpower-software-manager_%.bbappend create mode 100644 meta-yadro/meta-nicole/recipes-phosphor/flash/phosphor-software-manager_%.bbappend (limited to 'meta-yadro') diff --git a/meta-yadro/meta-nicole/recipes-phosphor/flash/openpower-software-manager_%.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/flash/openpower-software-manager_%.bbappend new file mode 100644 index 000000000..a2df9cf70 --- /dev/null +++ b/meta-yadro/meta-nicole/recipes-phosphor/flash/openpower-software-manager_%.bbappend @@ -0,0 +1 @@ +PACKAGECONFIG_append = " verify_pnor_signature" diff --git a/meta-yadro/meta-nicole/recipes-phosphor/flash/phosphor-software-manager_%.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/flash/phosphor-software-manager_%.bbappend new file mode 100644 index 000000000..c92b1a89c --- /dev/null +++ b/meta-yadro/meta-nicole/recipes-phosphor/flash/phosphor-software-manager_%.bbappend @@ -0,0 +1 @@ +PACKAGECONFIG_append = " verify_signature" diff --git a/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend index 31e4f5b71..26e64be50 100644 --- a/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend +++ b/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend @@ -2,6 +2,9 @@ RDEPENDS_${PN}-inventory_append = " openpower-occ-control" RDEPENDS_${PN}-extras_append = " \ phosphor-hostlogger \ openpower-esel-parser \ - obmc-yadro-fwupdate \ obmc-yadro-lssensors \ " +RDEPENDS_${PN}-software_append = " \ + obmc-yadro-fwupdate \ + phosphor-image-signing \ +" -- cgit v1.2.3 From ba04d699958701f1d645d1131c461ba1ad08f12a Mon Sep 17 00:00:00 2001 From: Alexander Filippov Date: Wed, 27 May 2020 15:55:34 +0300 Subject: meta-nicole: Enable field mode Enables the field mode by default. This marks the BMC as production version and activates some production specific functionalities. For example, this makes the software manager to discard unverified firmware images. Tested: - The output of `fw_printenv` contains `fieldmode=true`. - `busctl get-property xyz.openbmc_project.Software.BMC.Updater \ /xyz/openbmc_project/software \ xyz.openbmc_project.Control.FieldMode FieldModeEnabled` returns `true` (From meta-yadro rev: ca760a233b348efaf860e0691ea4b3f1c0db1ec1) Change-Id: I9c6fbead319f3c990efba669c923dccb97110e16 Signed-off-by: Alexander Filippov Signed-off-by: Andrew Geissler --- ...2-config-ast-common-set-fieldmode-to-true.patch | 27 ++++++++++++++++++++++ .../recipes-bsp/u-boot/u-boot-aspeed_%.bbappend | 1 + .../u-boot/u-boot-fw-utils-aspeed_%.bbappend | 1 + 3 files changed, 29 insertions(+) create mode 100644 meta-yadro/meta-nicole/recipes-bsp/u-boot/files/0002-config-ast-common-set-fieldmode-to-true.patch create mode 120000 meta-yadro/meta-nicole/recipes-bsp/u-boot/u-boot-fw-utils-aspeed_%.bbappend (limited to 'meta-yadro') diff --git a/meta-yadro/meta-nicole/recipes-bsp/u-boot/files/0002-config-ast-common-set-fieldmode-to-true.patch b/meta-yadro/meta-nicole/recipes-bsp/u-boot/files/0002-config-ast-common-set-fieldmode-to-true.patch new file mode 100644 index 000000000..a5c1bb2ae --- /dev/null +++ b/meta-yadro/meta-nicole/recipes-bsp/u-boot/files/0002-config-ast-common-set-fieldmode-to-true.patch @@ -0,0 +1,27 @@ +From efc627f4a288ea2e7969407f50fc403bb0264df1 Mon Sep 17 00:00:00 2001 +From: Alexander Filippov +Date: Wed, 23 Oct 2019 15:51:25 +0300 +Subject: [PATCH] config/ast-common: set fieldmode to true + +Force enables field mode. Our system always in production. + +Signed-off-by: Alexander Filippov +--- + include/configs/ast-common.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/include/configs/ast-common.h b/include/configs/ast-common.h +index a0243083bd..6285fa4037 100644 +--- a/include/configs/ast-common.h ++++ b/include/configs/ast-common.h +@@ -117,6 +117,7 @@ + #define ASPEED_ENV_SETTINGS \ + "verify=yes\0" \ + "spi_dma=yes\0" \ ++ "fieldmode=true\0" \ + "" + + #endif /* __AST_COMMON_CONFIG_H */ +-- +2.21.0 + diff --git a/meta-yadro/meta-nicole/recipes-bsp/u-boot/u-boot-aspeed_%.bbappend b/meta-yadro/meta-nicole/recipes-bsp/u-boot/u-boot-aspeed_%.bbappend index f0ff09e02..bf7802a68 100644 --- a/meta-yadro/meta-nicole/recipes-bsp/u-boot/u-boot-aspeed_%.bbappend +++ b/meta-yadro/meta-nicole/recipes-bsp/u-boot/u-boot-aspeed_%.bbappend @@ -2,4 +2,5 @@ FILESEXTRAPATHS_append := "${THISDIR}/files:" SRC_URI_append = " \ file://0001-Add-system-reset-status-support.patch \ + file://0002-config-ast-common-set-fieldmode-to-true.patch \ " diff --git a/meta-yadro/meta-nicole/recipes-bsp/u-boot/u-boot-fw-utils-aspeed_%.bbappend b/meta-yadro/meta-nicole/recipes-bsp/u-boot/u-boot-fw-utils-aspeed_%.bbappend new file mode 120000 index 000000000..742334ade --- /dev/null +++ b/meta-yadro/meta-nicole/recipes-bsp/u-boot/u-boot-fw-utils-aspeed_%.bbappend @@ -0,0 +1 @@ +u-boot-aspeed_%.bbappend \ No newline at end of file -- cgit v1.2.3