| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
Update openbmc initfs to add temporary run from RAM
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Deleting a variable with a long value exposed a duplicate
openbmcinitdownloadurl variable resulting in two lines in the
url file, and wget was not happy.
The u-boot environment ends with a double NUL character like
many operating environments. Using strings to separate on the
NUL bytes was loosing this information.
The fw_printenv command does not clear the remainder of the
environment when deleting variables. Instead it just makes sure
it is terminated with a double NUL byte.
Switch from strings to tr to separate the strings. Translate NL
to CR to avoid false matches, and use sed to detect a blank line.
Also use tail to skip over the CRC bytes. We don't have the
config file to know if a flag exists so assume 1 copy for now.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Tell systemd the host-ipmid service wants the clear-once service
to be started, and that it wants to run after the clear-once
service.
The new OEM command will use the openbmc init run once variables
set in the u-boot environment. We want the u-boot variable
cleared before the host can request it be set again.
Tell bitbake to require the clean-once package.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Create a service unit to clear the openbmconce variable in the
the u-boot environment with fw_setenv.
Set the timeout to allow the flash to be written, even though we
currently just update the ram shadow file.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Install the init-option and init-download-url if they exist in
the build directory.
This change to the bitbake recipe allows an override layer to
simply add these files to the SRC_URI variable and then have them
appear in the initramfs.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a hook to download a read-only file system image file from
a URL using TFTP, HTTP, or FTP. The URL is retrieved from a
u-boot environment variable unless the file is already in the
initramfs image. Only execute this command if the previously
established options file has a keyword trigger. Do not even
consider the option if a build option flag is not set to y,
and allow each protocol to be disabled by simiar build options.
This allows one to specify at u-boot commands that would download
a read-only file system into memory for execution this boot instead
of needing to create a custom initramfs to netboot or specifying
debug-init-sh, entering the password, and doing the download from
the shell.
Note: Access to set u-boot environment variables implys the
ability to replace the kernel and initramfs session. Access to
the variables and the serial console likely gives full root access
to the system at this time. The existing shutdown and update
scripts have paths that expose a root shell to the serial port
without a prior password challenge.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the file /init-options exists copy it to the runtime location
/run/initramfs/init-options.
This allows an initramfs image to be built that will not parse
any u-boot or command line variables by adding a file into the
the image. This can be done either through a recipe overlay or
additonal package today and could also be a cpio merged into the
initrd in the future.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Look in the saved u-boot environment for init options in addition
to the kernel command line. This allows setting options to run
in the u-boot environment instead of setting bootargs.
Look at specific variables but not the whole environment so that
users can setup variable to run. Look at two variables so scripts
can automatically clear one on successful boot as one-time options
(defer that to the full filesystem).
Instead of having the full fw_setenv / fw_getenv binaries which
would overflow the existing space for the initramfs, just use the
busybox strings command to extract the variables. The oldest
variable might get a crc32 character or flag byte if redundant
environment were configured for nand but that is not expected
to be these user defined variables.
[1] The environment consists of a crc32, a flag byte if a
redundant environment is configured, then a series of var=value
strings separated by NUL bytes. The flag byte is 1 (active) or 0
(obsolete) for NOR flash, or a counter 0-255 in nand, the flag
byte cycles through 0-255.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Add an option to copy files from the rwfs to ram then run in ram.
This allows customizations like user ids and network settings to
be initialized from the read-write filesystem.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Use the copy in /run/initramfs/update to call update to be consistent
with other uses.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When calling update for save and restore phases be explicitly tell
update to clean saved files when we are done and not bother trying
to save or restore when we know we will do a split save, erase, and
restore sequence.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If copy-base-filesystem-to-ram is found copy the read-only
filesystem source device to /run/image-rofs. If the copy fails
then remove the partial copy and invoke debug takeover.
This will allow a new image to be downloaded and flashed while
running from the existing copy for the duration of this boot.
Alternatively with the overlay also in RAM pflash could be used
to update the flash from the host as the BMC would no longer need
the flash or flash controller.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| | |
If overlay-filesystem-in-ram is found set rwfst=none suppressing
the rwfs mount.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If images are to be updated before init continue to move them
to /run/initramfs. However, if they are not to be flashed before
init instead move them to /run.
This will result in the image-rofs being loop mounted for this run,
and all images will be available at runtime for flash update at
runtime.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow file system type none for rwfst, which means do not mount a
separate file system but just use the directory in the tmpfs /run.
This will be used to allow the flash controller to not be used by
the running image, allowing flash updates while the BMC is running
the main application.
It could also be used for a file system less prone to corruption
where the read-write overlay is only updated with whitelisted files
at specific points in time with updates to the update script.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Decide lack of fsck is not a problem by the type of the rwfs image
instead of the full name of the fsck command. This eliminates
duplicates knowledge of how the fsck path is formed.
Suggested-by: Andrew Jeffery <andrew@aj.id.au>
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If a read-only file system image is in /run, specifically
/run/image-rofs, then mount it instead of the mtd partition.
This will allow running from ram to allow the flash to be updated,
either from a downloaded image, a packaged image, or an image
copied at boot.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Grep options from a file instead of directly from /proc/cmdline
which will allow additonal sources for options.
Initially the options file is just a copy of the kernel command
line, but it may be edited at debug-init-sh or via a later
debug_takeover point or before restarting init.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Note explicitly when an empty image is provided that will not
alter a flash partition.
While using flashcp on an empty file succeeds and does not alter
the flash, it may be confusing to see 0/0 messages for the erase,
write, and verify phases.
These empty files are used to trigger the save and restore phases
and may also be used by developers to cause the update to fail
and break into a shell at shutdown for maintence.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remove image files as they are flashed so a repeated call to
update does not erase and write the image again.
As we add the ability to call update at runtime repeated calls
are expected. This both signals successful copy and removes the
need for callers to cleanup.
Also remove commented alternate flash method using eraseall
that was not tested.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add an option to copy files to the runtime copy-on-write upper
directory from the saved directory to allow init to request the
files for use without knowing the saved files directory.
This will be used to initialize the cow directory from the
persistent rwfs file system when choosing to run in RAM.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Skip mounting and unmounting the read-write file system when
saving files if the upper directory exists. Instead interpret
this as a sign the system either is or was running from RAM (or
from some future alternative and maybe temporary mounted file
system) and save the files from that upper directory.
It is possible some other filesystem is mounted on the read-write
mountpoint that is not a mtd device, either a tmpfs or some
other future media, so only try to unmount the file system if
this update script mounted it.
Each boot an empty /run filesytem is created and populated by init
with selected directories and mount points for the read-only and
read-write file systems and mounts them on these points.
The upper directory is under the read-write mount point, so if it
exists then either a file system is mounted there or the system
was prepared to run from RAM using the run tmpfs file system and
updates may have been made there. In either case the files to
be saved exist in that directory.
Background on overlayfs:
The upper directory contains files and directory entries that were
either opened for write or had meta data changed. Before this
happens the overlayfs copies each file or directory by name into
the work directory then atomically moves it into the corresponding
upper directory.
To form a read-write overlayfs mount, the upper directory must be,
by definition, in a read-write file system along with the work
directory, and both are required to be in the same filesystem.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use the full /run/initramfs/rw path for the mount point of the
read-write filesystem.
This prevents creating and directories in / when it is invoked
before shutdown.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This will ensure the cp command always writes to an existing
directory but will also make any future component directories if
the upper directory is later moved from the root of the filesystem.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This will allow us to restore or check-point the whitelisted files
to the read-write filesystem device without causing confusion by
mounting over the upperdir location while at runtime.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Instead of in saving files in root which is messy and logically
part of the cow space, save the files in a directory under /run
which will be mounted during init, runtime, and shutdown.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Find the whitelist under /run/initramfs directory instead of
looking in root directory. This results in the whitelist always
existing and being the same instance (copy) in all environments.
Currently the update script is invoked from two places: from
shutdown, where systemd bind-mounted the initramfs directory on
itself and made it root (with its parent /run mounted underneath
it in a twist), and from the initramfs init script where it
copied the files from its root directory into the /run/initramfs
directory for use at shutdown time when the original rootfs is
no longer reachable.
By looking under /run/initramfs we will always look at one copy
of the whitelist. This will also allow future modes where the
update script can be invoked while running from a copies of
the file systems located in RAM.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Let the copy loop execute zero times instead of checking if
the whitelist is empty.
Suppressing the mount and copying the files can be achieved via
command line options. This removes a condition and prepares for
splitting the whitelist into component files with support for
commented out lines.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow the save and/or restore of whitelisted files to be
suppressed.
This reduces the noise and possible problems trying to mount the
read-write filesystem read-write when its dirty. The filesystem
may be cleaned or repaired between the backup and restore.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Because update now returns to shutdown for the final halt or
reboot system call it does not need to handle systemd arguments.
Instead update is being invoked from multiple environments, and
further environments will need alternate behaviors.
Add a code to start parsing the command line. Start wtih a flag
to clean the saved files at the end of the update process.
This will reclaim the space and prevent stale saved files
from being restored without requiring the calling script to
know the location of the saved files directory.
Parse true and complement actions in case we decide to change
the defaults later.
For now keep the user feature of calling update, flashing some
files by hand, then a final call to update with a possibly
empty image file will have the original saved files merged
into the rwfs.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| | |
We don't need to hold saved files for a future restore.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| | |
While both are the same directory via bind mount when shutdown
is executing from systemd use the full pathname to the script.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Complain if the update program is missing if flash update images
are present. This is similar to the message in root and will
inform a serial console reader why the update images are not
being applied.
The update script is copied from the initramfs to the run tmpfs
ram file system. It is built and packaged with the init and
shutdown script. It would have been removed, unpackaged, or
init changed for unknown reasons by root or the build system
for this to occur.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The test command is documented as taking = and not == to test
two strings for equality. While both appear to work use the
documented comparison operator.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The desired system call is not an ioctl but tcsetattr with
second parameter TCSADRAIN.
Reported-by: Andrew Jeffery <andrew@aj.id.au>
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The intention was to test the flag variable set when proc was
mounted earlier in the script, not the constant string containing
the name of the variable.
The unnecessary unmount is not noticeable when a normal shutdown
or reboot is being performed while executing after systemd, but
results in a less usable environment when invoked manually.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| |\ \
| | |
| | | |
inarp: Add inverse ARP daemon
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This change adds 'inarp': A small daemon to listen for, and reply to
inverse ARP requests.
This should be started at system init time, so we add a .service file.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |/ /
| |
| |
| |
| |
| | |
Fixes memory leaks and watchdog timer issues
Signed-off-by: Norman James <nkskjames@gmail.com>
|
| |/
|
|
|
|
|
|
| |
You will now get all the debug data in the event logs. This was different
then in the past as there was a fixed few bytes of meaningless information.
The feature also reduces the memory footprint of the event manager AND
removes eselxxx logs in /tmp
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To see all the messages during shutdown call stty cooked.
A side effect of setting any mode is it will call ioctl(TIOC_DRAIN)
to drain the buffers first without regard to any change in the mode.
Shutdown and flash update now show the final ouptut and "Rebooting"
message before the reboot system call.
Before:
+ set +x
Remaining mounts:
tmpfs / tmpfs rw,nosuid,nodev,mode=755 0 0
dev /dev devtmpfs rw,relatime,size=126384k,nr_inodes=31596,mode=755 0 0
proc /proc proc rw,relatime 0 0
sys /s
U-Boot 2013.07 (Feb 23 2016 - 10:21:23)
After:
+ set +x
Remaining mounts:
tmpfs / tmpfs rw,nosuid,nodev,mode=755 0 0
dev /dev devtmpfs rw,relatime,size=126384k,nr_inodes=31596,mode=755 0 0
proc /proc proc rw,relatime 0 0
sys /sys sysfs rw,relatime 0 0
tmpfs /run tmpfs rw,nosuid,nodev,mode=755 0 0
reboot: Restarting system
U-Boot 2013.07 (Feb 23 2016 - 10:21:23)
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add code to clear the rwfs (preserving files from the whitelist)
during init, by a command line option.
Also allow it to be triggered by the file system not being a jffs2.
A console user can download images to /run/initramfs/ at the
debug-init-sh prompt for manual update.
Also add code but do not enable detecting images loaded into
initramfs / for future update options. If enabled a custom initrd
with update images can be bulit (it would not fit in flash and
need to be netbooted).
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| |
|
|
|
|
|
|
| |
We know there is no command and we plan to have this the default.
Suppress the message to avoid user questions and concerns.
Signed-off-by: Milton Miller <miltonm@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Busybox's blkid is a little hamstrung, requiring some processing of the
output to emulate what can be achieved with a couple of options with
blkid from util-linux.
Similar to findmtd(), the code for probe_fs_type() and blkid_fs_type()
is duplicated between obmc-{init,update}.sh. Some consideration should
be given to splitting out common functionality into well-defined
sourcable scripts.
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
|
| |
|
|
| |
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
|
| |\
| |
| | |
Enable authentication over REST
|
| | |
| |
| |
| |
| | |
Rest through the spec to see how to interact.
https://github.com/openbmc/docs/blob/master/rest-api.md
|
| | | |
|
| | |
| |
| |
| |
| | |
Update skeleton recipe to pick up persistent UUID support
by using the system uuid.
|
| | |
| |
| |
| |
| |
| | |
Create virtual class to include user management in the image
Add the systemd patch for network support to the systemd recipe
Update the IPMI recipe to pickup the support for network configuration
|
