From 32e440d8706ca2106d7d2a7a6013732cba529f21 Mon Sep 17 00:00:00 2001
From: "William A. Kennington III" <wak@google.com>
Date: Fri, 3 Dec 2021 18:19:07 -0800
Subject: meta-google: inplace-gbmc-update: Add dhcp hook

This makes it possible for the BMC to fetch an upgraded image during
DHCP time and perform an inplace update to the new version.

Change-Id: I6d32af306180dd52d4235ba4edbb80c3e49756d7
Signed-off-by: William A. Kennington III <wak@google.com>
---
 meta-google/recipes-phosphor/flash/gbmc-update.bb  | 17 ++++++
 .../flash/gbmc-update/75-gbmc-upgrade.sh           | 66 ++++++++++++++++++++++
 .../recipes-phosphor/flash/inplace-gbmc-update.bb  | 12 +++-
 .../inplace-gbmc-update/75-inplace-gbmc-upgrade.sh | 41 ++++++++++++++
 4 files changed, 134 insertions(+), 2 deletions(-)
 create mode 100644 meta-google/recipes-phosphor/flash/gbmc-update.bb
 create mode 100644 meta-google/recipes-phosphor/flash/gbmc-update/75-gbmc-upgrade.sh
 create mode 100644 meta-google/recipes-phosphor/flash/inplace-gbmc-update/75-inplace-gbmc-upgrade.sh

diff --git a/meta-google/recipes-phosphor/flash/gbmc-update.bb b/meta-google/recipes-phosphor/flash/gbmc-update.bb
new file mode 100644
index 0000000000..2c0f51066a
--- /dev/null
+++ b/meta-google/recipes-phosphor/flash/gbmc-update.bb
@@ -0,0 +1,17 @@
+SUMMARY = "Google BMC Update Utilities"
+DESCRIPTION = "Google BMC Update Utilities"
+PR = "r1"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10"
+
+SRC_URI += " \
+ file://75-gbmc-upgrade.sh \
+"
+
+FILES:${PN} += "${datadir}/gbmc-br-dhcp"
+
+do_install() {
+    install -d ${D}${datadir}/gbmc-br-dhcp
+    install -m 0644 ${WORKDIR}/75-gbmc-upgrade.sh ${D}${datadir}/gbmc-br-dhcp/
+}
diff --git a/meta-google/recipes-phosphor/flash/gbmc-update/75-gbmc-upgrade.sh b/meta-google/recipes-phosphor/flash/gbmc-update/75-gbmc-upgrade.sh
new file mode 100644
index 0000000000..c94bf5bd09
--- /dev/null
+++ b/meta-google/recipes-phosphor/flash/gbmc-update/75-gbmc-upgrade.sh
@@ -0,0 +1,66 @@
+#!/bin/bash
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+[ -z "${gbmc_upgrade-}" ] || exit
+
+: "${GBMC_UPGRADE_SIG=/tmp/bmc.sig}"
+
+gbmc_upgrade_hook() {
+  [ -n "${bootfile_url-}" ] || return
+
+  local tmpdir
+  tmpdir="$(mktemp -d)" || return
+  gbmc_upgrade_internal || true
+  # SC doesn't know our variable is defined elsewhere
+  # shellcheck disable=SC2153
+  rm -rf -- "$tmpdir" "$GBMC_UPGRADE_SIG" "$GBMC_UPGRADE_IMG"
+}
+
+gbmc_upgrade_fetch() (
+  echo "Fetching $bootfile_url" >&2
+
+  # We only support tarballs at the moment
+  if [[ "$bootfile_url" != *.tar ]]; then
+    echo "Unknown upgrade unpack method: $bootfile_url" >&2
+    return 1
+  fi
+
+  # Ensure some sane output file limit
+  # Currently no BMC image is larger than 64M
+  ulimit -H -f $((96 * 1024 * 1024)) || return
+  wget "$bootfile_url" | tar -xC "$tmpdir" || true
+
+  local sig
+  sig="$(find "$tmpdir" -name 'image-*.sig')" || return
+  local img="${sig%.sig}"
+  mv "$sig" "$GBMC_UPGRADE_SIG" || return
+  mv "$img" "$GBMC_UPGRADE_IMG" || return
+
+  # Regular packages have a VERSION file with the image
+  local imgdir="${sig%/*}"
+  if [ -f "$imgdir/VERSION" ]; then
+    cat "$imgdir/VERSION" || return
+  fi
+
+  # Staging packages have a directory named after the version
+  local vdir="${imgdir##*/}"
+  if [[ "$vdir" =~ ([0-9]+[.]){3}[0-9]+ ]]; then
+    echo "$vdir"
+  fi
+)
+
+GBMC_BR_DHCP_HOOKS+=(gbmc_upgrade_hook)
+
+gbmc_upgrade=1
diff --git a/meta-google/recipes-phosphor/flash/inplace-gbmc-update.bb b/meta-google/recipes-phosphor/flash/inplace-gbmc-update.bb
index 9e55afce53..418ee3932e 100644
--- a/meta-google/recipes-phosphor/flash/inplace-gbmc-update.bb
+++ b/meta-google/recipes-phosphor/flash/inplace-gbmc-update.bb
@@ -10,8 +10,11 @@ inherit obmc-phosphor-systemd
 PROVIDES += "virtual/bmc-update"
 RPROVIDES:${PN} += "virtual/bmc-update"
 
-RDEPENDS:${PN} += "google-key"
-RDEPENDS:${PN} += "bash"
+RDEPENDS:${PN} += " \
+  bash \
+  gbmc-update \
+  google-key \
+  "
 
 SRC_URI += " \
  file://config-bmc.json \
@@ -19,12 +22,14 @@ SRC_URI += " \
  file://inplace-gbmc-verify.sh \
  file://inplace-gbmc-version.service \
  file://inplace-gbmc-version.sh \
+ file://75-inplace-gbmc-upgrade.sh \
 "
 
 SYSTEMD_SERVICE:${PN} += "inplace-gbmc-verify.service"
 SYSTEMD_SERVICE:${PN} += "inplace-gbmc-version.service"
 
 FILES:${PN} += "${datadir}/phosphor-ipmi-flash"
+FILES:${PN} += "${datadir}/gbmc-br-dhcp"
 
 do_install() {
     sed -i 's,@ALLOW_DEV@,,' ${WORKDIR}/inplace-gbmc-verify.sh
@@ -37,6 +42,9 @@ do_install() {
 
     install -d ${D}${datadir}/phosphor-ipmi-flash
     install -m 0644 ${WORKDIR}/config-bmc.json ${D}${datadir}/phosphor-ipmi-flash
+
+    install -d ${D}${datadir}/gbmc-br-dhcp
+    install -m 0644 ${WORKDIR}/75-inplace-gbmc-upgrade.sh ${D}${datadir}/gbmc-br-dhcp/
 }
 
 do_install:prepend:dev() {
diff --git a/meta-google/recipes-phosphor/flash/inplace-gbmc-update/75-inplace-gbmc-upgrade.sh b/meta-google/recipes-phosphor/flash/inplace-gbmc-update/75-inplace-gbmc-upgrade.sh
new file mode 100644
index 0000000000..df4662f6d8
--- /dev/null
+++ b/meta-google/recipes-phosphor/flash/inplace-gbmc-update/75-inplace-gbmc-upgrade.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+[ -z "${inplace_gbmc_upgrade-}" ] || exit
+
+# SC doesn't know another file depends on this variable
+# shellcheck disable=SC2034
+GBMC_UPGRADE_IMG=/run/initramfs/bmc-image
+
+gbmc_upgrade_internal() {
+  local version
+  version="$(gbmc_upgrade_fetch)" || return
+
+  echo "IMG Version: $version" >&2
+  local active_version
+  active_version="$(inplace-gbmc-version.sh)" || return
+  echo "Active Version: $active_version" >&2
+  if [[ "$version" == "$active_version" ]]; then
+    echo 'Version already active' >&2
+    return 0
+  fi
+
+  echo 'Verifying image' >&2
+  systemctl start inplace-gbmc-verify || return
+  echo 'Rebooting to perform update' >&2
+  reboot || return
+}
+
+inplace_gbmc_upgrade=1
-- 
cgit v1.2.3