From 9c8c27be725df83963ff8a188d33e20a4a3d7043 Mon Sep 17 00:00:00 2001
From: Alexander Filippov <a.filippov@yadro.com>
Date: Wed, 27 May 2020 14:57:27 +0300
Subject: meta-nicole: Add image signature verification

Adds a firmware image signature verification.

This brings:
 - The key is stored in `/etc/activationdata` folder.
 - The software item activation now begins with signature verification.
   The verification failure stops the activation only when the
   `fieldMode` is set to true.
   See https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/xyz/openbmc_project/Control/FieldMode.interface.yaml

(From meta-yadro rev: f9e0ad9f1bb2a2520651f771e2b873bef384423a)

Change-Id: I91cf92d15d29737a9cd05120b194189eb767636e
Signed-off-by: Alexander Filippov <a.filippov@yadro.com>
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
---
 .../recipes-phosphor/flash/openpower-software-manager_%.bbappend     | 1 +
 .../recipes-phosphor/flash/phosphor-software-manager_%.bbappend      | 1 +
 .../recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend   | 5 ++++-
 3 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 meta-yadro/meta-nicole/recipes-phosphor/flash/openpower-software-manager_%.bbappend
 create mode 100644 meta-yadro/meta-nicole/recipes-phosphor/flash/phosphor-software-manager_%.bbappend

diff --git a/meta-yadro/meta-nicole/recipes-phosphor/flash/openpower-software-manager_%.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/flash/openpower-software-manager_%.bbappend
new file mode 100644
index 0000000000..a2df9cf707
--- /dev/null
+++ b/meta-yadro/meta-nicole/recipes-phosphor/flash/openpower-software-manager_%.bbappend
@@ -0,0 +1 @@
+PACKAGECONFIG_append = " verify_pnor_signature"
diff --git a/meta-yadro/meta-nicole/recipes-phosphor/flash/phosphor-software-manager_%.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/flash/phosphor-software-manager_%.bbappend
new file mode 100644
index 0000000000..c92b1a89c9
--- /dev/null
+++ b/meta-yadro/meta-nicole/recipes-phosphor/flash/phosphor-software-manager_%.bbappend
@@ -0,0 +1 @@
+PACKAGECONFIG_append = " verify_signature"
diff --git a/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend b/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend
index 31e4f5b710..26e64be50e 100644
--- a/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend
+++ b/meta-yadro/meta-nicole/recipes-phosphor/packagegroups/packagegroup-obmc-apps.bbappend
@@ -2,6 +2,9 @@ RDEPENDS_${PN}-inventory_append = " openpower-occ-control"
 RDEPENDS_${PN}-extras_append = " \
     phosphor-hostlogger \
     openpower-esel-parser \
-    obmc-yadro-fwupdate \
     obmc-yadro-lssensors \
 "
+RDEPENDS_${PN}-software_append = " \
+    obmc-yadro-fwupdate \
+    phosphor-image-signing \
+"
-- 
cgit v1.2.3