Thang Q. Nguyen | bd7d633 | 2021-12-06 10:18:21 +0000 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | |
| 3 | # Handle the SCP Failover feature in which: |
| 4 | # - If the BMC receives the SCP_AUTH_FAILURE signal from Socket0, |
| 5 | # attempts to boot from the failover boot EEPROM. |
| 6 | # - If the second boot fails, treats this as a permanent boot failure |
| 7 | # and logs an event in SEL. |
| 8 | |
| 9 | # shellcheck disable=SC1091 |
chaul.ampere | 7b6d85f | 2022-07-23 04:28:42 +0000 | [diff] [blame] | 10 | # shellcheck disable=SC2046 |
| 11 | |
Thang Q. Nguyen | bd7d633 | 2021-12-06 10:18:21 +0000 | [diff] [blame] | 12 | source /usr/sbin/gpio-lib.sh |
| 13 | source /usr/sbin/gpio-defs.sh |
| 14 | |
| 15 | # Check the I2C_BACKUP_SEL |
| 16 | I2C_BACKUP_SEL=$(gpio_get_val "$BMC_I2C_BACKUP_SEL") |
| 17 | if [ "${I2C_BACKUP_SEL}" == "1" ]; then |
| 18 | # If it is HIGH, set it LOW. Then reset the Host to boot from |
| 19 | # the failover Boot EEPROM. |
| 20 | echo "scp-failover: switch HOST to failover boot EEPROM" |
chaul.ampere | 7b6d85f | 2022-07-23 04:28:42 +0000 | [diff] [blame] | 21 | gpioset $(gpiofind BMC_SELECT_EEPROM)=0 |
Thang Q. Nguyen | bd7d633 | 2021-12-06 10:18:21 +0000 | [diff] [blame] | 22 | |
| 23 | # Reset the Host to boot on the failover EEPROM |
| 24 | ampere_power_util.sh mb force_reset |
| 25 | else |
| 26 | # Turn OFF Host as SCP firmware on both Boot EEPROM fail |
| 27 | obmcutil chassisoff |
| 28 | |
| 29 | echo "scp-failover: switch HOST back to the main Boot EEPROM" |
chaul.ampere | 7b6d85f | 2022-07-23 04:28:42 +0000 | [diff] [blame] | 30 | gpioset $(gpiofind BMC_SELECT_EEPROM)=1 |
Thang Q. Nguyen | bd7d633 | 2021-12-06 10:18:21 +0000 | [diff] [blame] | 31 | |
| 32 | # Log event |
| 33 | ampere_add_redfishevent.sh OpenBMC.0.1.GeneralFirmwareSecurityViolation.Critical "SCP Authentication failure" |
| 34 | fi |