commit 21dad047f1713fcafdc85532fefc83ca17d64a93
author Miguel Gomez <mgomez@mx1.ibm.com> Fri Jun 26 20:54:48 2020 +0000
committer Adriana Kobylak <anoo@linux.ibm.com> Tue Jul 28 21:07:21 2020 +0000
tree b937a748477a4dfb2b5e0d20d0975fd418c11d4c
parent 5312d8549ad4134d2f58ddbc8ff506bb926e99e3

BMC Minimum ship Level

This code compares the BMC_MSL defined at compile time,
It will parse the new fw (explicit at MANIFEST file) and use regex to
evaluate it  and compare BMC_MSL against version from MANIFEST.
If newer or equal  it will apply, otherwise it will fail,
preventing activation  operation.

Tested:
 regex-bmc-msl="([a-z]+[0-9]{2})+([0-9]+).([0-9]+).([0-9]+)"
 fw-package="version=fw1010.00-28.4-0-ge611abca21"
 bmc-msl="fw1010.00-27"  proceeds with activation...
 bmc-msl="fw1010.00-29"  returns:

Jul 15 20:35:45 tacoma1z-w81 phosphor-image-updater[766]:
BMC Minimum Ship Level NOT met

Jul 15 20:35:45 tacoma1z-w81 phosphor-image-updater[766]:
A system component has a software version that is incompatible as
determined by the implementation and needs to be updated....

Signed-off-by: Miguel Gomez <mgomez@mx1.ibm.com>
Change-Id: I0ab0eba7c7c89f38ca698aa3e369aa50797edb07

activation.cpp

diff --git a/activation.cpp b/activation.cpp
index 6b9dfb8..79b5b10 100644
--- a/activation.cpp
+++ b/activation.cpp
@@ -2,6 +2,7 @@
 
 #include "images.hpp"
 #include "item_updater.hpp"
+#include "msl_verify.hpp"
 #include "serialize.hpp"
 
 #include <phosphor-logging/elog-errors.hpp>
@@ -9,6 +10,7 @@
 #include <phosphor-logging/log.hpp>
 #include <sdbusplus/exception.hpp>
 #include <xyz/openbmc_project/Common/error.hpp>
+#include <xyz/openbmc_project/Software/Version/error.hpp>
 
 #ifdef WANT_SIGNATURE_VERIFY
 #include "image_verify.hpp"
@@ -78,7 +80,6 @@
 
 auto Activation::activation(Activations value) -> Activations
 {
-
     if ((value != softwareServer::Activation::Activations::Active) &&
         (value != softwareServer::Activation::Activations::Activating))
     {
@@ -111,6 +112,24 @@
         }
 #endif
 
+        auto versionStr = parent.versions.find(versionId)->second->version();
+
+        if (!minimum_ship_level::verify(versionStr))
+        {
+            using namespace phosphor::logging;
+            using IncompatibleErr = sdbusplus::xyz::openbmc_project::Software::
+                Version::Error::Incompatible;
+            using Incompatible =
+                xyz::openbmc_project::Software::Version::Incompatible;
+
+            report<IncompatibleErr>(
+                prev_entry<Incompatible::MIN_VERSION>(),
+                prev_entry<Incompatible::ACTUAL_VERSION>(),
+                prev_entry<Incompatible::VERSION_PURPOSE>());
+            return softwareServer::Activation::activation(
+                softwareServer::Activation::Activations::Failed);
+        }
+
 #ifdef WANT_SIGNATURE_VERIFY
         fs::path uploadDir(IMG_UPLOAD_DIR);
         if (!verifySignature(uploadDir / versionId, SIGNED_IMAGE_CONF_PATH))