]> git.ozlabs.org Git - petitboot/log
petitboot
5 years agoutils/pb-console: Use -m to run shell in own process group v1.10.3
Samuel Mendoza-Jonas [Thu, 28 Mar 2019 03:52:35 +0000 (14:52 +1100)]
utils/pb-console: Use -m to run shell in own process group

Use -m to have the shell spawned by pb-console run it its own process
group, allowing commands such as Ctrl-C (SIGINT) to behave as expected
rather than killing the shell.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoui/ncurses: Add prompt for LUKS device password
Samuel Mendoza-Jonas [Thu, 14 Feb 2019 23:40:56 +0000 (10:40 +1100)]
ui/ncurses: Add prompt for LUKS device password

Implement device_add() in cui_client_ops and use this interface to
recognise when the server notifies the client of an encrypted device. A
"device header" will be created for this device and added to the menu
with no associated boot options.

The nc-auth prompt is extended to ask for a disk password when the device
header for an encrypted device is selected.
Assuming the password is correct pb-discover will remove the original
device and notify the client about the newly opened device, which will
be reflected in the menu.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover: Recognise and open LUKS encrypted partitions
Samuel Mendoza-Jonas [Thu, 14 Feb 2019 23:40:14 +0000 (10:40 +1100)]
discover: Recognise and open LUKS encrypted partitions

Handle devices encrypted with LUKS and call cryptsetup to open them if a
client sends the associated password.
If a new device has the "crypto_LUKS" filesystem type it is marked as a
LUKS device and sent to clients but further discovery is not performed.
Once a client sends the device's password cryptsetup is called to open
it. The opened device will appear separately, so the source device is
"forgotten" at this point and then the newly opened device is treated as
a normal partition. On destruction the device is "closed" with
cryptsetup so that discovery can start from the beginning.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agolib: Add AUTH_MSG_DECRYPT
Samuel Mendoza-Jonas [Thu, 14 Feb 2019 23:39:30 +0000 (10:39 +1100)]
lib: Add AUTH_MSG_DECRYPT

Extend the auth_message struct to support the AUTH_MSG_DECRYPT
operation, allowing the existing authentications methods to be used for
passing a disk password from the UI to pb-discover.
In addition add DEVICE_TYPE_LUKS to identify encrypted disk devices.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agolib/process: Add option to pipe to process stdin
Samuel Mendoza-Jonas [Thu, 14 Feb 2019 23:39:05 +0000 (10:39 +1100)]
lib/process: Add option to pipe to process stdin

If pipe_stdin exists, create a second pipe to write to the child
process's STDIN. This allows Petitboot to pipe information to a process,
for example piping a LUKS password to cryptsetup.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agolib/system: Add cryptsetup utility
Samuel Mendoza-Jonas [Thu, 14 Feb 2019 23:38:19 +0000 (10:38 +1100)]
lib/system: Add cryptsetup utility

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoutils/pb-console: Trap SIGTERM on boot v1.10.2
Samuel Mendoza-Jonas [Mon, 25 Feb 2019 02:47:03 +0000 (13:47 +1100)]
utils/pb-console: Trap SIGTERM on boot

On kexec all processes will be sent a SIGTERM and SIGKILL. By default
there are messages on the console alerting the user to this, however in
some implementations these messages are disabled. This can have the
effect of the UI seemingly exiting to the shell on boot and hanging for
a short while before the kexec actually jumps into the next kernel.
Trap the SIGTERM sent to the pb-console parent process and print a short
message to the screen instead of momentarily dropping to the shell and
printing the usual help messages.

While here also cleanup the shell help messages below which are now
handled in the shell's .shrc file.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoversion.sh: Include leading 'v' from git describe
Samuel Mendoza-Jonas [Fri, 22 Feb 2019 04:16:01 +0000 (15:16 +1100)]
version.sh: Include leading 'v' from git describe

For some reason our version script removes the leading 'v' from the git
tag. This confuses some other tools such as Buildroot and is different
to most other projects, so include it again.

Additionally now that we have tagged releases just use git describe
rather than using a SHA and date to describe non-tag commits.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agolib/url: Include port in pb_url_to_string() v1.10.1
Samuel Mendoza-Jonas [Thu, 17 Jan 2019 02:32:24 +0000 (13:32 +1100)]
lib/url: Include port in pb_url_to_string()

And include a pxe-parser test which uses a port in the path prefix to
exercise this. This could cause PXE discovery failures if parameters
such as pathprefix included a port in the URL.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover/devmapper: Retry dm-device remove if busy v1.10.0
Samuel Mendoza-Jonas [Tue, 4 Dec 2018 01:49:28 +0000 (12:49 +1100)]
discover/devmapper: Retry dm-device remove if busy

Buildroot's libdm is not built with --enable-udev_sync, so device-mapper
actions are not able to sync or wait for udev events.
(see 185676316, "discover/devmapper: Disable libdm udev sync support")

This can cause an issue when tearing down a snapshot in
devmapper_destroy_snapshot() which performs a DM_DEVICE_REMOVE task
against the snapshot, origin, and base devices one after the other. In
some cases if the interval between these actions is too short the action
can fail as the preceding device hasn't disappeared yet and the device
being removed is still busy.

Since we don't yet have a way to tell exactly when the device is ready,
pause for a short time and retry the action, letting
devmapper_destroy_snapshot() continue and, for example, letting
mount_device() fall back to the physical device.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoui/ncurses: Add option to clear IPMI boot mailbox
Samuel Mendoza-Jonas [Thu, 13 Dec 2018 00:24:09 +0000 (11:24 +1100)]
ui/ncurses: Add option to clear IPMI boot mailbox

If there is an IPMI boot mailbox configuration present display a message
in the System Configuration screen and provide the option to clear the
mailbox.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoutils: Add helper to send mailbox request
Samuel Mendoza-Jonas [Fri, 30 Nov 2018 05:55:43 +0000 (16:55 +1100)]
utils: Add helper to send mailbox request

A simple script to set, display, and clear a BMC's boot initiator mailbox.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover/platform-powerpc: read bootdev config from IPMI boot mailbox
Samuel Mendoza-Jonas [Thu, 29 Nov 2018 04:36:31 +0000 (15:36 +1100)]
discover/platform-powerpc: read bootdev config from IPMI boot mailbox

The IPMI Get System Boot Options commands includes parameter 7, the
"boot initiator mailbox". This can be used to hold arbitrary data to
influence the boot order.

Use this to provide an alternate bootdev configuration to Petitboot that
will override the one saved to NVRAM. This provides more fine grained
override options than the existing device-type based overrides.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoui/ncurses: Keep track of the default boot option
Samuel Mendoza-Jonas [Thu, 28 Jun 2018 04:45:19 +0000 (14:45 +1000)]
ui/ncurses: Keep track of the default boot option

Keep track of the default boot option, and prefix its display name with
a '(*)' to point it out to the user.
This avoids having to authenticate with pb-discover even if only booting
the default option.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoui/ncurses: Add nc-auth and authenticate when required.
Samuel Mendoza-Jonas [Wed, 20 Jun 2018 00:45:56 +0000 (10:45 +1000)]
ui/ncurses: Add nc-auth and authenticate when required.

When the user tries to perform actions that require authentication a new
subscreen 'nc-auth' is launched which accepts a password and will send
an authentication request before performing the action.
This also adds a button in nc-config which launches an nc-auth screen
allowing the user to set or change the system password.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoui/common: Client authentication helpers
Samuel Mendoza-Jonas [Wed, 20 Jun 2018 00:45:41 +0000 (10:45 +1000)]
ui/common: Client authentication helpers

Track the client's authentication status and provide methods for the
client to send authentication requests to the server.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoui/ncurses: Simplify starting shell
Samuel Mendoza-Jonas [Tue, 5 Jun 2018 00:24:20 +0000 (10:24 +1000)]
ui/ncurses: Simplify starting shell

Instead of calling sh twice to echo the 'exiting' message just call sh
by itself and leave any welcome message to the shell's interactive
config.
Also drop the explicit nc_scr_unpost() in cui_run_cmd() since clear()
will blank out the screen anyway.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover/platform-powerpc: Read and write password hash from NVRAM
Samuel Mendoza-Jonas [Tue, 19 Jun 2018 06:51:50 +0000 (16:51 +1000)]
discover/platform-powerpc: Read and write password hash from NVRAM

If petitboot,password exists set it as the root password. This will be
the password used to authenticate clients.
This is the *hash* of a password as it would appear in /etc/shadow, not
the password itself.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover/device-handler: Prevent normal users changing boot target
Samuel Mendoza-Jonas [Tue, 19 Jun 2018 06:52:27 +0000 (16:52 +1000)]
discover/device-handler: Prevent normal users changing boot target

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover/discover-server: Restrict clients based on uid
Samuel Mendoza-Jonas [Tue, 19 Jun 2018 06:50:28 +0000 (16:50 +1000)]
discover/discover-server: Restrict clients based on uid

If crypt support is enabled restrict what actions clients can perform by
default. Initial authorisation is set at connection time; clients
running as root are unrestricted, anything else runs as restricted until
it makes an authentication to pb-discover.

Unprivileged clients may only perform the following actions:
- Boot the default boot option.
- Cancel the autoboot timeout.
- Make an authentication request.

If a group named "petitgroup" exists then the socket permissions are
also modified so that only clients running as root or in that group may
connect to the socket.
The user-event socket is only usable by root since the two main
usecases are by utilities called by pb-discover or by a user in the
shell who will need to su to root anyway.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agolib/pb-protocol: Add PB_PROTOCOL_ACTION_AUTHENTICATE
Samuel Mendoza-Jonas [Tue, 19 Jun 2018 06:35:22 +0000 (16:35 +1000)]
lib/pb-protocol: Add PB_PROTOCOL_ACTION_AUTHENTICATE

Add a new "authenticate" action. Depending on the 'op' field this is
either a) an authentication request, b) a response indicating the
result, or c) a request to change the password.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agolib/crypt: Add helpers for operating on /etc/shadow
Samuel Mendoza-Jonas [Tue, 19 Jun 2018 06:33:42 +0000 (16:33 +1000)]
lib/crypt: Add helpers for operating on /etc/shadow

Provides helper functions for reading, writing, and checking against
/etc/shadow. The main use case if for authenticating clients against the
"system" password, which is set as the root password.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoutils/pb-console: Ignore SIGINT
Samuel Mendoza-Jonas [Tue, 5 Jun 2018 00:01:06 +0000 (10:01 +1000)]
utils/pb-console: Ignore SIGINT

Trap and ignore SIGINT to avoid a SIGINT intended for petitboot-nc also
exiting the parent pb-console script.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoutils/pb-console: Set up controlling terminal
Samuel Mendoza-Jonas [Fri, 1 Jun 2018 02:55:16 +0000 (12:55 +1000)]
utils/pb-console: Set up controlling terminal

Enabling job control in the shell.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoutils/pb-sos: Don't create files in root by default
Samuel Mendoza-Jonas [Mon, 23 Apr 2018 04:46:59 +0000 (14:46 +1000)]
utils/pb-sos: Don't create files in root by default

If running in a non-root shell the user will not be able to create or
access files in / so operate in the current directory instead.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoutils/pb-console: Support agetty's autologin option
Samuel Mendoza-Jonas [Mon, 23 Apr 2018 04:46:37 +0000 (14:46 +1000)]
utils/pb-console: Support agetty's autologin option

If the getty arguments include '-a' do not set the '-l' option. This
implies the environment has been configured with users and will launch
the subsequent pb-console instance itself.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agoui/ncurses: Add a missing gettext call & update translations
Samuel Mendoza-Jonas [Wed, 28 Nov 2018 23:56:08 +0000 (10:56 +1100)]
ui/ncurses: Add a missing gettext call & update translations

Fix up a spot where we forgot to translate the "Plugins" label on update
and make the check for that label more resilient.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover/platform-powerpc: Remove unused variable
Samuel Mendoza-Jonas [Thu, 29 Nov 2018 02:28:12 +0000 (13:28 +1100)]
discover/platform-powerpc: Remove unused variable

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover: Display warning if saving config fails
Samuel Mendoza-Jonas [Thu, 29 Nov 2018 02:05:02 +0000 (13:05 +1100)]
discover: Display warning if saving config fails

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
5 years agodiscover/boot: Fix talloc parent for resource URLs
Samuel Mendoza-Jonas [Thu, 29 Nov 2018 00:53:05 +0000 (11:53 +1100)]
discover/boot: Fix talloc parent for resource URLs

The pb_urls for the boot resources use 'opt' as the talloc parent but
this may be NULL, for example if this is a user-created boot option.
Move the boot_task initialisation so it can be used as the talloc parent
instead.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/grub2: Add support for initrd16 builtin
Shawn Anastasio [Wed, 21 Nov 2018 05:02:25 +0000 (23:02 -0600)]
discover/grub2: Add support for initrd16 builtin

This commit adds support for the initrd16 builtin
which compliments the existing linux16 support and
improves usability on x86 platforms.

Signed-off-by: Shawn Anastasio <shawn@anastas.io>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Nicely format IPMI response buffers v1.9.2
Samuel Mendoza-Jonas [Mon, 12 Nov 2018 01:01:05 +0000 (12:01 +1100)]
discover: Nicely format IPMI response buffers

A few places where we print out the response buffer from an IPMI command
weren't updated when log timestamps were added, resulting in very hard
to read output. Add a little helper to format buffers and use it to
print these with only one timestamp.

Example:

[04:59:01] ipmi_get_bmc_versions: BMC version resp [0][16]:
0x00 0x20 0x01 0x02 0x13 0x02 0xbf 0x00
0x00 0x00 0xbb 0xaa 0x58 0x98 0x01 0x00

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agoui/ncurses: Reset console options on boot
Samuel Mendoza-Jonas [Tue, 6 Nov 2018 04:34:51 +0000 (15:34 +1100)]
ui/ncurses: Reset console options on boot

The ncurses UI sets a few console options at startup that are needed for
ncurses to work properly. These aren't reset however and can lead to
quirks like the cursor being invisible after kexecing to the next
kernel.
The UI process doesn't have time to reset these when it is killed by
kexec, so instead add a 'boot_active' field to status updates. This is
set by boot.c's update handler so the UI can assume it is about to boot
if it receives a status update with this field, and resets the console
options. If the boot is cancelled for any reason the status update will
reflect that and the console options are restored.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Reimplement native-parser as a Bison parser
Samuel Mendoza-Jonas [Tue, 30 Oct 2018 04:26:04 +0000 (15:26 +1100)]
discover: Reimplement native-parser as a Bison parser

Occasionally you look at some code and realise that a) this never gets
built, and b) even if it did it would never compile. Today's example is
native-parser.c which we must have just assumed worked for quite a
while.

The native parser has bitrotted entirely and needs to be brought up to
date. While we're here, lets take the chance to implement a proper
grammar for it. This helps us reason more effectively about the parser,
lets us extend it easily in the future, and.. I wanted to write a Bison
parser too.

This implements most of the old functionality, but drops off some
smaller details like settings icons which needs some separate attention
to bring up to date.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Remove unused params.c
Samuel Mendoza-Jonas [Sun, 28 Oct 2018 21:06:09 +0000 (10:06 +1300)]
discover: Remove unused params.c

The discover/params code is an artifact from a long time ago, and isn't
used by anything today: remove it.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/flash: Check if the partition is signed
Samuel Mendoza-Jonas [Thu, 17 May 2018 06:08:06 +0000 (16:08 +1000)]
lib/flash: Check if the partition is signed

In more recent firmware images built by op-build the VERSION partition
is signed, and includes a 'secure header'. Check for this and skip it if
found so we parse the version strings properly.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Change into docker directory
Geoff Levand [Mon, 17 Sep 2018 17:08:27 +0000 (10:08 -0700)]
docker: Change into docker directory

To avoid sending all the files in the top most project
directory tree down to the docker daemon, change into
the docker directory when running 'docker build'.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Allow CC and make command to be customised
Samuel Mendoza-Jonas [Wed, 29 Aug 2018 05:30:36 +0000 (15:30 +1000)]
docker: Allow CC and make command to be customised

Allow CC to be passed through to change the default compiler, and also
allow the invocation of 'make' to be customised. An example use case of
this is to set CC=/usr/bin/clang and use
--make-command 'scan-build make' to build Petitboot with the clang
static analyzer.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/kboot-parser: Recognise 'default' parameter v1.9.1
Samuel Mendoza-Jonas [Mon, 27 Aug 2018 04:34:57 +0000 (14:34 +1000)]
discover/kboot-parser: Recognise 'default' parameter

The kboot parser doesn't set a default option. Change it so that if we
see the 'default' parameter we match against this value when deciding if
an option should be set as default.

For example:

default=linux
linux='/vmlinux initrd=/initrd arg1=value1 arg2'

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/device-handler: Restore autoboot setting on requery
Samuel Mendoza-Jonas [Mon, 27 Aug 2018 01:50:47 +0000 (11:50 +1000)]
discover/device-handler: Restore autoboot setting on requery

When a device requery is triggered we cancel any default boot option on
the device. This also disables autoboot which we don't want; any boot
options found after the requery will not be able to autoboot.
To avoid this restore the existing autoboot setting after checking for
default options.

This prevents a particular corner case where a default boot option has
been selected for boot but one of its boot files has stalled or is
taking more time to download than the requery timeout and the requery
accidentally cancels autoboot preventing Petitboot from trying to boot
again.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agoui/ncurses: in lockdown ensure system reboot in ncurses menu exit
Brett Grandbois [Sun, 26 Aug 2018 22:17:20 +0000 (08:17 +1000)]
ui/ncurses: in lockdown ensure system reboot in ncurses menu exit

In a lockdown situation in the ncurses menu there is a switch to replace
the 'Exit to shell' option with 'Reboot', so the intent seems to be to
not allow the user the option to exit to shell in a lockdown situation.
However the associated foreced reboot logic is in the process atexit so
is only triggered when completely exiting the menu system.  The default
menu item logic to exit to shell is still in place though so the menu
exit never occurs and shell access is still available.
Add a switch to a different menu exit callback to force a menu abort
using the same mechanism as a signal in lockdown situations so the shell
can never be entered.  This also affects the 'x' or esc shortcut keys.

Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Let 'boot' user-event boot by name
Samuel Mendoza-Jonas [Mon, 20 Aug 2018 06:09:58 +0000 (16:09 +1000)]
discover: Let 'boot' user-event boot by name

If a 'name' parameter is used for a boot user event, search existing
boot options for one that matches that name on the given device.
This allows a pb-event user to boot based on name rather than having to
specify the exact boot arguments.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agotravis: Update to job matrix
Geoff Levand [Fri, 17 Aug 2018 17:59:33 +0000 (10:59 -0700)]
travis: Update to job matrix

o Set language to bash (same as generic), so just the
   scrip steps run.
 o Move build-builder to 'before_script'.
 o Switch to a job matrix of 'os' entries with names.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Update to Ubuntu 18.04 LTS
Joel Stanley [Fri, 17 Aug 2018 05:39:32 +0000 (15:09 +0930)]
docker: Update to Ubuntu 18.04 LTS

Ubuntu 17.10 was end of life in July. Update to the latest LTS.

Signed-off-by: Joel Stanley <joel@jms.id.au>
[Docker tag bumped]
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/network: Stop udhcpc6 process on requery
Samuel Mendoza-Jonas [Fri, 17 Aug 2018 00:51:26 +0000 (10:51 +1000)]
discover/network: Stop udhcpc6 process on requery

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agoREADME: Update
Geoff Levand [Thu, 16 Aug 2018 17:30:08 +0000 (10:30 -0700)]
README: Update

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agotravis: Use docker scripts v1.9.0
Samuel Mendoza-Jonas [Wed, 15 Aug 2018 01:39:31 +0000 (11:39 +1000)]
travis: Use docker scripts

Update the Travis config to use Petitboot's own docker scripts, and add
ppc64le to the list of recognised architectures.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/arm64: Update to struct efi_mount
Geoff Levand [Fri, 10 Aug 2018 17:29:15 +0000 (17:29 +0000)]
discover/arm64: Update to struct efi_mount

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agotest/efivar: Rework for efi_mount
Geoff Levand [Tue, 14 Aug 2018 14:25:09 +0000 (07:25 -0700)]
test/efivar: Rework for efi_mount

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/efi: Move magic to implementation
Geoff Levand [Fri, 10 Aug 2018 17:29:15 +0000 (17:29 +0000)]
lib/efi: Move magic to implementation

efi_check_mount now does a magic number check by default, so
move the magic number related code from efivar.h to efivar.c.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/efi: Add new struct efi_mount
Geoff Levand [Fri, 10 Aug 2018 17:29:14 +0000 (17:29 +0000)]
lib/efi: Add new struct efi_mount

To make it easier to manage EFI variables add a new struct efi_mount
that holds the path to the EFI file system mount and the EFI variable
name GUID. Update the lib/efi routines to use struct efi_mount.  Add
a new routine efi_check_mount based on the checks done in
platform-arm64.

This change to using struct efi_mount removes the static variable
efivarfs_path making the lib/efi routines stateless.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/efi: Log operations to debug log
Geoff Levand [Fri, 10 Aug 2018 17:29:14 +0000 (17:29 +0000)]
lib/efi: Log operations to debug log

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/efi: Add EFI_DEFALT_ATTRIBUTES macro
Geoff Levand [Fri, 10 Aug 2018 17:29:14 +0000 (17:29 +0000)]
lib/efi: Add EFI_DEFALT_ATTRIBUTES macro

For convenience, add a new efi data attributes macro
EFI_DEFALT_ATTRIBUTES.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Use host networking
Samuel Mendoza-Jonas [Wed, 8 Aug 2018 01:08:06 +0000 (11:08 +1000)]
docker: Use host networking

Use the host driver by default to simplify networking for build-builder,
especially when DNS settings need to be inherited from the host.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/efi: Add check for ioctl_iflags support
Geoff Levand [Wed, 8 Aug 2018 00:01:10 +0000 (00:01 +0000)]
lib/efi: Add check for ioctl_iflags support

The efi tests may use a filesystem which does not support
ioctl_iflags.  Add a check and skip the ioctl_iflags
operations if not supported.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/platforms: Fix param_list talloc failure
Geoff Levand [Wed, 8 Aug 2018 00:01:10 +0000 (00:01 +0000)]
discover/platforms: Fix param_list talloc failure

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/talloc: Fix TALLOC_ABORT
Geoff Levand [Wed, 8 Aug 2018 20:24:50 +0000 (13:24 -0700)]
lib/talloc: Fix TALLOC_ABORT

The current TALLOC_ABORT macro had a number of problems.
Failures were not going to the pb log, but only to stderr.
If the object passed in was not a talloc object the printing
of an object name would be printing random data.
The use of a macro obscured the code.

To clean this up, remove all reference to TALLOC_ABORT and
put the logging and abort calls directly into talloc_chunk_from_ptr.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agopb_log: Break out timestamp
Geoff Levand [Mon, 13 Aug 2018 16:23:07 +0000 (09:23 -0700)]
pb_log: Break out timestamp

Fixes double timestamp on pb_log_fn, pb_debug_fn.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/platform: Use pb_log_fn
Geoff Levand [Wed, 8 Aug 2018 00:01:09 +0000 (00:01 +0000)]
discover/platform: Use pb_log_fn

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Add strace for interactive debugging
Geoff Levand [Wed, 8 Aug 2018 00:01:09 +0000 (00:01 +0000)]
docker: Add strace for interactive debugging

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Add platform-arm64
Ge Song [Thu, 2 Aug 2018 17:29:41 +0000 (17:29 +0000)]
discover: Add platform-arm64

Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch and cleaned up]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/system: Add dmidecode as system app
Geoff Levand [Thu, 2 Aug 2018 17:29:40 +0000 (17:29 +0000)]
lib/system: Add dmidecode as system app

For use by the arm64 get_sysinfo.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agoconfigure: Add conditional platform builds
Geoff Levand [Thu, 2 Aug 2018 17:29:40 +0000 (17:29 +0000)]
configure: Add conditional platform builds

Add configure --enable-platform-XXX options to allow specifying
which platform support to build.

--enable-platform-auto, the default, will use the host
triplet to guess which platforms to build.
--enable-platform-all will build all platforms.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Add platform-dummy
Geoff Levand [Thu, 2 Aug 2018 17:29:40 +0000 (17:29 +0000)]
discover: Add platform-dummy

With the new configure enable-platform parameters it is possible
configure no platform support.  Add a new minimal 'dummy' platform
so that the __start_platforms and __stop_platforms variables needed
by platform_init are created.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agoconfigure: Rename ENABLE_PS3 to PLATFORM_PS3
Geoff Levand [Thu, 2 Aug 2018 17:29:39 +0000 (17:29 +0000)]
configure: Rename ENABLE_PS3 to PLATFORM_PS3

To prepare for other configure platform names.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Move generic params routines to platform
Ge Song [Thu, 2 Aug 2018 17:29:39 +0000 (17:29 +0000)]
discover: Move generic params routines to platform

Move the generic params routines from platform-powerpc to platform.
Also, for clarity, add a params prefix to the names.

Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch and cleaned up]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Move generic config routines to platform
Ge Song [Thu, 2 Aug 2018 17:29:39 +0000 (17:29 +0000)]
discover: Move generic config routines to platform

Move the generic config routines from platform-powerpc to platform.
Also, for clarity, add a config_ prefix to the names.

Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch and cleaned up]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/powerpc: Switch to new param_list
Geoff Levand [Thu, 2 Aug 2018 17:29:38 +0000 (17:29 +0000)]
discover/powerpc: Switch to new param_list

Signed-off-by: Geoff Levand <geoff@infradead.org>
[Name string fixup]
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/powerpc: Add param_name arg
Geoff Levand [Thu, 2 Aug 2018 17:29:38 +0000 (17:29 +0000)]
discover/powerpc: Add param_name arg

Update update_network_config and update_bootdev_config to
operate on a generic parameter name passed as an argument.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/powerpc: Rearange save_config
Ge Song [Thu, 2 Aug 2018 17:29:38 +0000 (17:29 +0000)]
discover/powerpc: Rearange save_config

Rearange update_config and save_config so that update_config
only operates on the platform params list.

Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch and cleaned up]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/param_list: Add new parameter list routines
Geoff Levand [Thu, 2 Aug 2018 17:29:38 +0000 (17:29 +0000)]
lib/param_list: Add new parameter list routines

Based on the powerpc param routines adds new generic routines
to manage a name + value parameter list.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/event: Rename param -> event_param
Geoff Levand [Thu, 2 Aug 2018 17:29:37 +0000 (17:29 +0000)]
discover/event: Rename param -> event_param

To avoid name clash with other 'struct param'.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Move generic ipmi routines to ipmi
Ge Song [Thu, 2 Aug 2018 17:29:37 +0000 (17:29 +0000)]
discover: Move generic ipmi routines to ipmi

Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agotest-efivar: Update to latest lib/efi routines
Samuel Mendoza-Jonas [Thu, 2 Aug 2018 17:29:37 +0000 (17:29 +0000)]
test-efivar: Update to latest lib/efi routines

From: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/efi: Cleanup read/write routines
Geoff Levand [Thu, 2 Aug 2018 17:29:36 +0000 (17:29 +0000)]
lib/efi: Cleanup read/write routines

Make a new stucture struct efi_data to hold the info that describes
an efi variable.  Make a common routine efi_open that opens the efi
variable file.  Switch the efi get/set/del routines over to use
efi_open.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/efi: Add new routines to access efi variables
Ge Song [Thu, 2 Aug 2018 17:29:36 +0000 (17:29 +0000)]
lib/efi: Add new routines to access efi variables

Provide methods to load/store petitboot's configuration on efi-based
platforms. A test case is also provided.

Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Cleanup file comments, make efivarfs_path static.]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/powerpc: Use process_get_stdout
Geoff Levand [Thu, 2 Aug 2018 17:29:36 +0000 (17:29 +0000)]
discover/powerpc: Use process_get_stdout

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/process: Add process_get_stdout
Geoff Levand [Thu, 2 Aug 2018 17:29:35 +0000 (17:29 +0000)]
lib/process: Add process_get_stdout

Add a new structure 'struct process_stdout' and optional parameter
'stdout' to the process_run_simple functions to allow the caller
to get a buffer filled with the stdout from the child process.

Rename the process_run_simple functions to process_get_stdout
and add wrappers for the old process_run_simple function names.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/process: Cleanup stdout callback
Geoff Levand [Thu, 2 Aug 2018 17:29:35 +0000 (17:29 +0000)]
lib/process: Cleanup stdout callback

General cleanup of async stdout processing.

The process_stdout_cb and process_stdout_custom routines were doing the
same thing, so rename process_stdout_custom to process_process_stdout
and make process_stdout_cb a wrapper that calls process_process_stdout.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/parser: Hookup parser_is_unique
Geoff Levand [Thu, 2 Aug 2018 17:29:35 +0000 (17:29 +0000)]
discover/parser: Hookup parser_is_unique

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agotest/parser: Add parser_is_unique
Geoff Levand [Thu, 2 Aug 2018 17:29:35 +0000 (17:29 +0000)]
test/parser: Add parser_is_unique

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/parser: Add new parser_is_unique
Geoff Levand [Thu, 2 Aug 2018 17:29:34 +0000 (17:29 +0000)]
discover/parser: Add new parser_is_unique

Add a new routine parser_is_unique that tests a file's inode
against a list of known file inodes.  Useful when searching
case-insensitive filesystems.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Add some debug print messages
Geoff Levand [Thu, 2 Aug 2018 17:29:34 +0000 (17:29 +0000)]
discover: Add some debug print messages

To aid in debugging print some additinal discover messages
to the log.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/kboot-parser: Look in /boot
Geoff Levand [Thu, 2 Aug 2018 17:29:34 +0000 (17:29 +0000)]
discover/kboot-parser: Look in /boot

Other parsers look in /boot for config files, so add
it to the kboot parser.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Add --debug to kexec
Geoff Levand [Thu, 2 Aug 2018 17:29:34 +0000 (17:29 +0000)]
discover: Add --debug to kexec

If verbose logging is enabled then add '--debug' to the kexec command line.
Adds a new routine pb_log_get_debug() that can be used to query the log
debug state.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/log: Switch to pb_log_fn
Geoff Levand [Thu, 2 Aug 2018 17:29:34 +0000 (17:29 +0000)]
lib/log: Switch to pb_log_fn

The only functional change should be an additional '/n' to
a few log messagees that seemed to be missing it.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/log: Add verbose logging routines
Geoff Levand [Thu, 2 Aug 2018 17:29:33 +0000 (17:29 +0000)]
lib/log: Add verbose logging routines

Add three new logging routines pb_log_fn and pb_debug_fn, which
print the calling function's name to the log, and pb_debug_fl
which prints the calling function's name and the file line
number to the log.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agoconfigure: Remove unused ENABLE_DEBUG
Geoff Levand [Thu, 2 Aug 2018 17:29:33 +0000 (17:29 +0000)]
configure: Remove unused ENABLE_DEBUG

We setup debug builds in the configure script with DEFAULT_CFLAGS and
DEFAULT_CPPFLAGS.  Remove the unused ENABLE_DEBUG AM conditional.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agoconfigure: Add check for UI build
Geoff Levand [Thu, 2 Aug 2018 17:29:33 +0000 (17:29 +0000)]
configure: Add check for UI build

Emit configure warning if no UI program is to be built.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Add libfdt-dev
Geoff Levand [Thu, 2 Aug 2018 17:29:33 +0000 (17:29 +0000)]
docker: Add libfdt-dev

Add package libfdt-dev to the pb-builder docker image.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/paths: Cleanup res after getaddrinfo
Samuel Mendoza-Jonas [Thu, 26 Jul 2018 01:50:33 +0000 (11:50 +1000)]
discover/paths: Cleanup res after getaddrinfo

Fixes Coverity defect #187192.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Pass extra options to configure
Samuel Mendoza-Jonas [Wed, 1 Aug 2018 04:53:07 +0000 (14:53 +1000)]
docker: Pass extra options to configure

Pass extra configure options and CFLAGS/LDFLAGS to docker to enable
building multiple configurations.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Pass proxy variables to docker build
Samuel Mendoza-Jonas [Wed, 1 Aug 2018 04:52:43 +0000 (14:52 +1000)]
docker: Pass proxy variables to docker build

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodocker: Add signed boot dependencies
Samuel Mendoza-Jonas [Wed, 1 Aug 2018 04:52:09 +0000 (14:52 +1000)]
docker: Add signed boot dependencies

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover/paths: Set suffix to default value on error.
Samuel Mendoza-Jonas [Mon, 30 Jul 2018 01:48:26 +0000 (11:48 +1000)]
discover/paths: Set suffix to default value on error.

This avoids the log filling up with "Couldn't recognise suffix" messages
if a lot of partial stdout updates are received.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Be more verbose about boot failures
Samuel Mendoza-Jonas [Mon, 30 Jul 2018 01:48:25 +0000 (11:48 +1000)]
discover: Be more verbose about boot failures

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agolib/log: Include timestamp prefix
Samuel Mendoza-Jonas [Mon, 30 Jul 2018 01:48:24 +0000 (11:48 +1000)]
lib/log: Include timestamp prefix

The relative time between logged events is very useful during debugging,
particularly when debugging autoboot failures. Prepend a short HH:MM:SS
timestamp to each line logged.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agojenkins: Add build jobs
Geoff Levand [Thu, 24 May 2018 00:25:57 +0000 (17:25 -0700)]
jenkins: Add build jobs

Adds two Jenkins pipeline jobs pb-upstream-trigger and pb-build-matrix.
pb-upstream-trigger checks for upstream updates and runs
pb-build-matrix.  pb-build-matrix builds a pb-builder image and runs the
build-pb script.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agoui/ncurses: Allow IPv6 addresses in address fields
Samuel Mendoza-Jonas [Wed, 23 May 2018 01:39:14 +0000 (11:39 +1000)]
ui/ncurses: Allow IPv6 addresses in address fields

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
6 years agodiscover: Determine connectivity with getaddrinfo()
Samuel Mendoza-Jonas [Wed, 23 May 2018 04:39:17 +0000 (14:39 +1000)]
discover: Determine connectivity with getaddrinfo()

Use getaddrinfo() to determine if a remote URL is reachable instead of
only checking if we have an addresses configured. This avoids, for
example, trying to load an IPv4 URL when only an IPv6 address is
available.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>