discover/platform-powerpc: read bootdev config from IPMI boot mailbox The IPMI Get System Boot Options commands includes parameter 7, the "boot initiator mailbox". This can be used to hold arbitrary data to influence the boot order. Use this to provide an alternate bootdev configuration to Petitboot that will override the one saved to NVRAM. This provides more fine grained override options than the existing device-type based overrides. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/discover-server: Restrict clients based on uid If crypt support is enabled restrict what actions clients can perform by default. Initial authorisation is set at connection time; clients running as root are unrestricted, anything else runs as restricted until it makes an authentication to pb-discover. Unprivileged clients may only perform the following actions: - Boot the default boot option. - Cancel the autoboot timeout. - Make an authentication request. If a group named "petitgroup" exists then the socket permissions are also modified so that only clients running as root or in that group may connect to the socket. The user-event socket is only usable by root since the two main usecases are by utilities called by pb-discover or by a user in the shell who will need to su to root anyway. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/platform: Use pb_log_fn Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Move generic params routines to platform Move the generic params routines from platform-powerpc to platform. Also, for clarity, add a params prefix to the names. Signed-off-by: Ge Song <ge.song@hxt-semitech.com> [Split from a larger patch and cleaned up] Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Move generic config routines to platform Move the generic config routines from platform-powerpc to platform. Also, for clarity, add a config_ prefix to the names. Signed-off-by: Ge Song <ge.song@hxt-semitech.com> [Split from a larger patch and cleaned up] Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Add some debug print messages To aid in debugging print some additinal discover messages to the log. Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Support HTTP(S) proxies when downloading resources Allow the user to specify a HTTP and HTTPS proxy server. The discover server will set the http_proxy and https_proxy environment variables, enabling the proxy servers for any further HTTP(S) requests. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Consolidate petitboot,tty and petitboot,console Commit ce54f86 "Add petitboot,tty and track available consoles" added the petitboot,tty parameter, but the petitboot,console parameter is also recognised by Petitboot. These are ultimately handled by the 30-add-offb and 80-set-stdout hooks respectively, but exist for mostly the same purpose. We consolidate these down to just the original petitboot,console parameter. If the contents of petitboot,console have been configured by Petitboot (ie. it is of the form /dev/dev# [ Description ]) we behave as normal, otherwise we assume that petitboot,console contains a full OF path to the intended console device and do not allow it to be modified. This follows petitboot,console's original intent to be a debug aid, and takes precedence over any other use. The 80-set-stdout hook is removed as 30-add-offb now accounts for both use cases. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Use 'consoles' instead of 'tty' to refer to interfaces 'Console' is more readily understandable and technically more correct than 'tty' for referring to the interfaces that Petitboot starts a UI on. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Add petitboot,tty and track available consoles Add the NVRAM parameter petitboot,tty which sets the default console to use when booting a kernel. In load_config() construct a list of available consoles depending on the current platform. A future patch depending on firmware changes will allow this list to be constructed dynamically. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui: add URL for static configurations to load a specified file In certain configurations, e.g. automation, we want to use static networking but load a particular file, automatically and parse it as a pxelinux config file. Currently, we support something like this for DHCP based booting, but not static. Add a URL field to the UI for static configurations and reuse the logic from device_handler_process_url() to load the specified file. Signed-off-by: Nishanth Aravamudan <nacc@linux.vnet.ibm.com> Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
discover: Set default language Rather than setting NULL, do a setlocale(LC_ALL, NULL) to query the system locale value as our default. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
discover: Add disable param for dm-snapshots Add a debug-style nvram parameter to disallow the use of device-mapper snapshots. Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
Make read-only guarantee user-settable Create a new Petitboot option 'petitboot,write?' that specifies whether the system is allowed to mount devices read-write. The option can be toggled by the user in the nc-config screen. Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
petitboot: Implement ordered boot options Move petitboot to a more familiar 'boot-order' based autoboot system. The discover server now reads multiple values from the petitboot,bootdev parameter and adds them in order to config->autoboot_opts. Boot priority is determined by the options' position in the list. On the client, nc-config now recognises the new boot order, and allows the user to add, remove, and reorder the devices in the list. Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
lib: Define autoboot_options, device_type helpers Add the new autoboot_option struct, and helper functions for working with device_type enums. device_type_name() returns exact strings as used by platform code to read/write nvram params, so device_type_display_name() is added for use in user-visible strings. Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
discover/platform: rename finalise_config hook We want to expand the finalise_config hook to cover generic pre-boot functionality, so rename to pre_boot. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
discover: Integrate ipmi bootdev settings into the priority system Currently, we expose the boot device priorities through an array in struct config, which will either be the default (network -> disk), or a single device type specified by the IPMI code. Rather than hide the implementation details in this array, we'd like to expose the details of the machine configuration instead. This allows user visibility of the real boot configuration (for example, if an IPMI boot preference is set). This change removes the priority array, and replaces it with the ipmi_bootdev data (and a persistent flag). We update the default-conflict-resolution code to reflect the priorities between IPMI and UUID preferences. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
discover/platform: Add finalise_config_hook Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
discover/platform: Add boot device to config dump Signed-off-by: Jeremy Kerr <jk@ozlabs.org>