Revert "meta-gbmc-staging: revert to gbmc-release-24.1.18"
Set the release branch back to the current version
This reverts commit f804d1342a23a0d03d5eb29594bef01d148d6982.
Tested: the following is empty:
git diff HEAD gbmc-release-24.1.25
Google-Bug-Id: 328332485
Change-Id: I1236e4d991b9f8c28c0ae5bf7bd3abc6365f5e62
Signed-off-by: Benjamin Fair <benjaminfair@google.com>
diff --git a/recipes-google/bare-metal-setup/bare-metal-setup.bb b/recipes-google/bare-metal-setup/bare-metal-setup.bb
index 8e56bb8..1789bfc 100644
--- a/recipes-google/bare-metal-setup/bare-metal-setup.bb
+++ b/recipes-google/bare-metal-setup/bare-metal-setup.bb
@@ -26,6 +26,7 @@
GPIO_CHIP ?= "0"
GPIO_LINE ?= "0"
ENABLE_BM_FILE ?= "/var/google/config-package/enable-bm.flag"
+ENABLE_CONSOLE_FILE ?= "/var/google/config-package/enable-bm-console.flag"
BMREADY_FILE ?= "/run/bm-ready.flag"
do_install:append() {
@@ -35,6 +36,7 @@
-e "s#@GPIO_CHIP@#${GPIO_CHIP}#" \
-e "s#@GPIO_LINE@#${GPIO_LINE}#" \
-e "s#@ENABLE_BM_FILE@#${ENABLE_BM_FILE}#" \
+ -e "s#@ENABLE_CONSOLE_FILE@#${ENABLE_CONSOLE_FILE}#" \
-e "s#@BMREADY_FILE@#${BMREADY_FILE}#" \
>bare-metal-setup.sh
diff --git a/recipes-google/bare-metal-setup/files/bare-metal-setup.sh.in b/recipes-google/bare-metal-setup/files/bare-metal-setup.sh.in
index 4e3b76d..8c31d24 100644
--- a/recipes-google/bare-metal-setup/files/bare-metal-setup.sh.in
+++ b/recipes-google/bare-metal-setup/files/bare-metal-setup.sh.in
@@ -6,8 +6,48 @@
GPIO_CHIP="@GPIO_CHIP@"
GPIO_LINE="@GPIO_LINE@"
ENABLE_BM_FILE="@ENABLE_BM_FILE@"
+ENABLE_CONSOLE_FILE="@ENABLE_CONSOLE_FILE@"
BMREADY_FILE="@BMREADY_FILE@"
+READ_ONLY_CONSOLE_FLAG="/run/readonly-console.flag"
+
+function override_obmc_console_in_bm_mode() {
+ host_console_client_service="serial-to-host@.service"
+ bmc_console_client_service="serial-to-bmc@.service"
+
+ systemd_runtime_dir='/run/systemd/system'
+
+ host_console_client_dir="${systemd_runtime_dir}/${host_console_client_service}.d"
+ bmc_console_client_dir="${systemd_runtime_dir}/${bmc_console_client_service}.d"
+
+ touch "${READ_ONLY_CONSOLE_FLAG}"
+
+ mkdir -p "${host_console_client_dir}" "${bmc_console_client_dir}"
+
+ echo "[Unit]
+ConditionPathExists=${READ_ONLY_CONSOLE_FLAG}
+[Service]
+RestartPreventExitStatus=
+RestartPreventExitStatus=SIGINT SIGQUIT SIGTSTP
+SuccessExitStatus=
+SuccessExitStatus=SIGINT SIGQUIT SIGTSTP
+ExecStart=
+ExecStart=-/sbin/agetty -8 -n -l /usr/libexec/readonly-obmc-console-client -i -N -R -L %I 115200 xterm
+ExecStopPost=
+ExecStopPost=-/bin/sh -c 'systemctl start --no-block serial-to-bmc@%i'
+" > "${host_console_client_dir}/50-bm-override.conf"
+
+ echo "[Service]
+ExecStopPost=
+ExecStopPost=/bin/bash -c \"if [ -f ${READ_ONLY_CONSOLE_FLAG} ]; then \
+ systemctl start --no-block serial-to-host@%i; \
+else \
+ systemctl start --no-block serial-to-bmc@%i; \
+fi\"
+" > "${bmc_console_client_dir}/50-bm-override.conf"
+
+}
+
function hide_boot_drive_in_bm_mode() {
# In Bare Metal mode, power off the boot drive
if [[ "$BM_MODE" -eq "1" || -f "$ENABLE_BM_FILE" ]]; then
@@ -20,6 +60,12 @@
echo "Successfully set the GPIO to hide cSSD/cnSSD creating ${BMREADY_FILE}"
# Disable usb network
ln -s /dev/null /run/systemd/system/google-usb-dynamic.service 2> /dev/null
+ # Change the host console to read only, unless we require to keep the
+ # console
+ if [[ ! -f "$ENABLE_CONSOLE_FILE" ]]; then
+ override_obmc_console_in_bm_mode
+ fi
+
systemctl daemon-reload
touch "${BMREADY_FILE}"
else
diff --git a/recipes-google/bmc-crypto/bmc-crypto_git.bb b/recipes-google/bmc-crypto/bmc-crypto_git.bb
index a51de10..143c13a 100644
--- a/recipes-google/bmc-crypto/bmc-crypto_git.bb
+++ b/recipes-google/bmc-crypto/bmc-crypto_git.bb
@@ -22,6 +22,6 @@
S = "${WORKDIR}/git"
SRC_URI = "git://gbmc-private.googlesource.com/bmc-crypto;protocol=https;branch=master"
-SRCREV = "a66e6f583b66ade591f0ab11d7c463e81f94be2c"
+SRCREV = "2d67f1bf710a9e628b1e52250d82a828f7ae1536"
SYSTEMD_SERVICE:${PN} += "bmc_crypto.service"
diff --git a/recipes-google/devices/psdmd_git.bb b/recipes-google/devices/psdmd_git.bb
index 4b2ec5b..86deac2 100644
--- a/recipes-google/devices/psdmd_git.bb
+++ b/recipes-google/devices/psdmd_git.bb
@@ -27,7 +27,7 @@
S = "${WORKDIR}/git"
SRC_URI = "git://gbmc-private.googlesource.com/psdmd;protocol=https;branch=master"
-SRCREV = "fbe48dc90dad5205a6edc99ec0ed53da7dc9ee24"
+SRCREV = "2f00f7f91fe9ed395c9631abf3726c39cc470954"
SYSTEMD_PACKAGES = "${PN}"
SYSTEMD_SERVICE:${PN} += "psdmd.service"
diff --git a/recipes-google/emmc/emmc-logs/start_emmc_logging.sh b/recipes-google/emmc/emmc-logs/start_emmc_logging.sh
index a30d307..115fd90 100644
--- a/recipes-google/emmc/emmc-logs/start_emmc_logging.sh
+++ b/recipes-google/emmc/emmc-logs/start_emmc_logging.sh
@@ -3,6 +3,7 @@
EMMC_DIR=/mnt/luks-mmcblk0_fs
LOG_SUBDIR=logs
EMMC_LOG_DIR="$EMMC_DIR/$LOG_SUBDIR"
+EMMC_LOG_STATE_DIR="$EMMC_LOG_DIR/state"
EmmcMountCount=$(mount -l | grep -c "$EMMC_DIR")
if [ "$EmmcMountCount" -ne 1 ]
@@ -10,8 +11,11 @@
echo "eMMC is not mounted. Cannot log to eMMC."
exit 1
fi
-
mkdir -p "$EMMC_LOG_DIR"
+mkdir -p "$EMMC_LOG_STATE_DIR"
+
+echo "Stop rsyslog before migrating to eMMC to make sure we don't send out logs during transition"
+systemctl stop rsyslog.service
# We need to make room for incoming logs, or else systemd will just
# throw away the runtime journal. Ensure these values are in sync with
@@ -22,20 +26,27 @@
run_size="$(du -bs /run/log/journal | awk '{print $1}')"
perst_size="$(du -bs "$EMMC_LOG_DIR" | awk '{print $1}')"
# Determine the required vacuum amount + 1MB of slop for new logs
- req_size=$((max - (run_size + 1024*1024)))
- (( req_size > perst_size )) && break
+ req_size=$(( run_size + 1024*1024 ))
+ free_size=$(( max - perst_size ))
+ # journalctl --flush would be able to save all of the logs now.
+ (( req_size < free_size )) && break
- # Sum all but the biggest filesize to guarantee we vacuum some contents
- vsize=$(find "$EMMC_LOG_DIR" -type f -exec stat -c '%s' {} \; \
- | sort -nr | tail -n +2 | awk '{s+=$1} END {print s}')
- echo "Trimming to $((vsize/1024/1024))M"
- journalctl -D "$EMMC_LOG_DIR" --vacuum-size=$vsize
+ # Trim the persistent journal to make sure we can dump all of the run logs.
+ num_journal=$(ls "$EMMC_LOG_DIR"/* | grep system | wc -l)
+
+ (( num_journal == 0 )) && break
+ num_journal=$(( num_journal - 1 ))
+ journalctl -D "$EMMC_LOG_DIR" --vacuum-files=${num_journal} >&2
done
ln -s "$EMMC_LOG_DIR" /var/log/journal
+rm -rf /var/log/state
+ln -s "$EMMC_LOG_STATE_DIR" /var/log/state
echo "Flushing journal logs to eMMC"
journalctl --flush
echo "Journald is now logging to eMMC"
+systemctl restart rsyslog.service
+echo "Restarted Rsyslog to make sure it reload the state"
diff --git a/recipes-google/emmc/emmc-logs/stop_emmc_logging.sh b/recipes-google/emmc/emmc-logs/stop_emmc_logging.sh
index 7f34959..f17c517 100644
--- a/recipes-google/emmc/emmc-logs/stop_emmc_logging.sh
+++ b/recipes-google/emmc/emmc-logs/stop_emmc_logging.sh
@@ -11,6 +11,7 @@
# Remove the symlink to the eMMC log directory.
rm /var/log/journal
+rm -rf /var/log/state
# Restart rsyslog to make sure it closes the log files in the eMMC.
# 90 seconds after sigterm is send sig kill is sent
diff --git a/recipes-google/g3-shared-libs/gmi_git.bb b/recipes-google/g3-shared-libs/gmi_git.bb
index 69d750e..a8adf3a 100644
--- a/recipes-google/g3-shared-libs/gmi_git.bb
+++ b/recipes-google/g3-shared-libs/gmi_git.bb
@@ -19,10 +19,12 @@
# Install gmi/principal.proto in native for buliding only
do_install:append:class-native(){
install -d ${D}${datadir}/gmi
+ install ${S}/gmi/machine_identity.proto ${D}${datadir}/gmi
install ${S}/gmi/principal.proto ${D}${datadir}/gmi
}
BBCLASSEXTEND = "native"
FILES:${PN}-native = " \
+ ${datadir}/gmi/machine_identity.proto \
${datadir}/gmi/principal.proto \
"
diff --git a/recipes-phosphor/console/obmc-console/40-console-client-override.conf b/recipes-phosphor/console/obmc-console/40-console-client-override.conf
new file mode 100644
index 0000000..b3005d5
--- /dev/null
+++ b/recipes-phosphor/console/obmc-console/40-console-client-override.conf
@@ -0,0 +1,2 @@
+[Unit]
+After=bare-metal-setup.service
diff --git a/recipes-phosphor/console/obmc-console/readonly-obmc-console-client b/recipes-phosphor/console/obmc-console/readonly-obmc-console-client
new file mode 100644
index 0000000..bb05e0f
--- /dev/null
+++ b/recipes-phosphor/console/obmc-console/readonly-obmc-console-client
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+tail -f /dev/null | obmc-console-client
diff --git a/recipes-phosphor/console/obmc-console_%.bbappend b/recipes-phosphor/console/obmc-console_%.bbappend
new file mode 100644
index 0000000..cf1ed09
--- /dev/null
+++ b/recipes-phosphor/console/obmc-console_%.bbappend
@@ -0,0 +1,19 @@
+FILESEXTRAPATHS:prepend:gbmc := "${THISDIR}/${PN}:"
+
+SRC_URI:append:gbmc = " \
+ file://readonly-obmc-console-client \
+ file://40-console-client-override.conf \
+ "
+do_install:append:gbmc() {
+ install -d -m0644 ${D}${sysconfdir}/systemd/system/serial-to-host@.service.d/
+ install -m0644 ${WORKDIR}/40-console-client-override.conf \
+ ${D}${sysconfdir}/systemd/system/serial-to-host@.service.d/
+
+ install -d -m0644 ${D}${sysconfdir}/systemd/system/serial-to-bmc@.service.d/
+ install -m0644 ${WORKDIR}/40-console-client-override.conf \
+ ${D}${sysconfdir}/systemd/system/serial-to-bmc@.service.d/
+
+ install -d -m0755 ${D}${libexecdir}
+ install -m0755 ${WORKDIR}/readonly-obmc-console-client ${D}${libexecdir}/
+}
+
diff --git a/recipes-phosphor/interfaces/bmcweb_%.bbappend b/recipes-phosphor/interfaces/bmcweb_%.bbappend
index 10783d7..ce01af7 100644
--- a/recipes-phosphor/interfaces/bmcweb_%.bbappend
+++ b/recipes-phosphor/interfaces/bmcweb_%.bbappend
@@ -13,6 +13,7 @@
-Dhealth-populate=disabled \
-Dredfish-bmc-journal=disabled \
"
+
EXTRA_OEMESON:append:gbmc:gbmcfork = " \
-Dgoogle-baremetal=disabled \
"
@@ -156,10 +157,15 @@
}
# gRPC-Redfish feature starts
+# Insecure grpc is needed for the Redfish migration project
+# before nodes get credentials.
+# Note, any insecure port is still blacklist by the nftable.
+# See b/315215456, b/303452037
grpc_redfish_options = " \
-Dmtls-grpc=enabled \
-Dmtls-grpc-port=443 \
- -Dredfish-oem-google-grpc-statistics=enabled \
+ -Dinsecure-grpc=enabled \
+ -Dinsecure-grpc-port=3995 \
"
grpc_redfish_depends = " \
grpc-redfish \
diff --git a/recipes-phosphor/interfaces/gbmcweb.inc b/recipes-phosphor/interfaces/gbmcweb.inc
index 29382cf..3c65f18 100644
--- a/recipes-phosphor/interfaces/gbmcweb.inc
+++ b/recipes-phosphor/interfaces/gbmcweb.inc
@@ -1,2 +1,2 @@
GBMCWEB_SRC_URI = "git://gbmc.googlesource.com/gbmcweb;branch=gbmc-release-24.1.x;protocol=https"
-GBMCWEB_SRCREV = "d3034e782dcfb879d4081953e5f8ead3cc744236"
+GBMCWEB_SRCREV = "d09b70cc82d5d8716387f396a66be35775f58e78"
