Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-bmc-code-mgmt / 0a06e97ff30ba125f13bfcbe2adaaeb1e5333a68
commit0a06e97ff30ba125f13bfcbe2adaaeb1e5333a68[log] [tgz]
authorGeorge Liu <liuxiwei@inspur.com>Thu Dec 17 09:17:04 2020 +0800
committerGeorge Liu <liuxiwei@inspur.com>Mon Jan 18 14:29:44 2021 +0800
treeada1d79f2c9808b49e6791395e590765a48f4678
parent574f94bcf122246b991c8b75cf8f314a2f844bbb [diff]
Add support for tarball contents signature

Currently only supported to allow optional image files in BMC tarball.
In order to ensure that the contents of the tarball are the expected
ones as a full package, an additional signature file has been created
for all the signature files in the tarball,
(ex: image-full.sig = hash(file1.sig + file2.sig + file3.sig...)).
Need to check the existence of the file and the signature verification
passed.

Also, added unit test case for the mergeFiles method.

Tested:
Enable `WANT_SIGNATURE_FULL_VERIFY` and ran the following command:

curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/octet-stream"
-X POST -T obmc-phosphor-image-fp5280g2.static.mtd.tar

https://${bmc}/redfish/v1/UpdateService
{
  "@odata.id": "/redfish/v1/TaskService/Tasks/1",
  "@odata.type": "#Task.v1_4_3.Task",
  "Id": "1",
  "TaskState": "Running",
  "TaskStatus": "OK"
}

And Log output:
`Successfully completed Signature vaildation.`

Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I0e658b9dd90ea405a9c8292f29183ab516a0fa31
7 files changed
tree: ada1d79f2c9808b49e6791395e590765a48f4678
  1. mmc/
  2. static/
  3. test/
  4. ubi/
  5. xyz/
  6. .clang-format
  7. .gitignore
  8. activation.cpp
  9. activation.hpp
  10. download_manager.cpp
  11. download_manager.hpp
  12. download_manager_main.cpp
  13. elog-errors.hpp
  14. flash.hpp
  15. force-reboot.service.in
  16. gen-bios-tar
  17. image_manager.cpp
  18. image_manager.hpp
  19. image_manager_main.cpp
  20. image_verify.cpp
  21. image_verify.hpp
  22. images.cpp
  23. images.hpp
  24. item_updater.cpp
  25. item_updater.hpp
  26. item_updater_helper.hpp
  27. item_updater_main.cpp
  28. LICENSE
  29. MAINTAINERS
  30. meson.build
  31. meson_options.txt
  32. msl_verify.cpp
  33. msl_verify.hpp
  34. obmc-flash-bmc
  35. obmc-flash-bmc-setenv@.service.in
  36. obmc-flash-host-bios@.service.in
  37. openssl_alloc.cpp
  38. openssl_alloc.hpp
  39. README.md
  40. reboot-guard-disable.service.in
  41. reboot-guard-enable.service.in
  42. serialize.cpp
  43. serialize.hpp
  44. software.conf
  45. sync_manager.cpp
  46. sync_manager.hpp
  47. sync_manager_main.cpp
  48. sync_watch.cpp
  49. sync_watch.hpp
  50. synclist
  51. usr-local.mount.in
  52. utils.cpp
  53. utils.hpp
  54. version.cpp
  55. version.hpp
  56. watch.cpp
  57. watch.hpp
  58. xyz.openbmc_project.Software.BMC.Updater.service.in
  59. xyz.openbmc_project.Software.Download.service.in
  60. xyz.openbmc_project.Software.Sync.service.in
  61. xyz.openbmc_project.Software.Version.service.in
README.md

phosphor-bmc-code-mgmt

Phosphor BMC Code Management provides a set of system software management applications. More information can be found at Software Architecture

To Build

To build this package, do the following steps:

  1. meson build
  2. ninja -C build

To clean the repository run rm -r build.