commit | aef8d92c297eb88f04032ce0b24e2b522be04f16 | [log] [tgz] |
---|---|---|
author | Jayashankar Padath <jayashankar.padath@in.ibm.com> | Tue Jan 28 10:43:35 2020 +0530 |
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | Thu Feb 06 12:18:41 2020 -0500 |
tree | 90fb5f004efdfbe7abfb5f8964e274507ceee49f | |
parent | 99215cc2d1f78c8bff3a6b3e40d8ab5d0c4d45bd [diff] |
Value setting for IPMI clear security keys Support to set the value for ClearSecurityKeys property which can be used to indicate when certain security keys need to be cleared or reset those values back to its default state from the system by the host. This property is mapped to an IPMI sensor and default value will be zero. Setting this property does not gurantee a successful operation as additional conditions like the physical presence pin or jumper settings will be checked by the host to clear/reset the sensitive data. Tested: Verified that the property is getting created with the expected default value as zero and can be updated to different values using ipmitool or busctl command. 1. Default value output: busctl get-property xyz.openbmc_project.Settings /org/open_power/control/host0/ClearHostSecurityKeys org.open_power.Control.TPM.SecurityKeys ClearHostSecurityKeys y 0 ipmitool -I lanplus -H 9.3.185.33 -U root -P 0penBmc raw 0x04 0x2D 0xE8 00 40 00 00 2. Set to a new value as 5 using busctl command: busctl set-property xyz.openbmc_project.Settings /org/open_power/control/host0/ClearHostSecurityKeys org.open_power.Control.TPM.SecurityKeys ClearHostSecurityKeys y 5 3. After setting to a new value as 5: ipmitool -I lanplus -H 9.3.185.33 -U root -P 0penBmc raw 0x04 0x2D 0xE8 05 40 00 00 4. ipmitool command to set the value as 4 ipmitool -I lanplus -H 9.3.185.33 -U root -P 0penBmc raw 0x04 0x30 0xE8 0x00 0x04 0x00 0x00 0x00 0x00 0x00 0x00 0x00 ipmitool -I lanplus -H 9.3.185.33 -U root -P 0penBmc raw 0x04 0x2D 0xE8 09 40 00 00 5. Invalid value test o/p: ipmitool -I lanplus -H 9.3.185.33 -U root -P 0penBmc raw 0x04 0x30 0xE8 0x00 0x12C 0x00 0x00 0x00 0x00 0x00 0x00 0x00 Given data "0x12C" is invalid. (From meta-ibm rev: 81a9143100d5d4a7d97350afa1794be694d45590) Signed-off-by: Jayashankar Padath <jayashankar.padath@in.ibm.com> Change-Id: I9e12b6e5abb3a9b198921847605a74b771fd9945 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
The OpenBMC project can be described as a Linux distribution for embedded devices that have a BMC; typically, but not limited to, things like servers, top of rack switches or RAID appliances. The OpenBMC stack uses technologies such as Yocto, OpenEmbedded, systemd, and D-Bus to allow easy customization for your server platform.
sudo apt-get install -y git build-essential libsdl1.2-dev texinfo gawk chrpath diffstat
sudo dnf install -y git patch diffstat texinfo chrpath SDL-devel bitbake \ rpcgen perl-Thread-Queue perl-bignum perl-Crypt-OpenSSL-Bignum sudo dnf groupinstall "C Development Tools and Libraries"
git clone git@github.com:openbmc/openbmc.git cd openbmc
Any build requires an environment variable known as TEMPLATECONF
to be set to a hardware target. You can see all of the known targets with find meta-* -name local.conf.sample
. Choose the hardware target and then move to the next step. Additional examples can be found in the OpenBMC Cheatsheet
Machine | TEMPLATECONF |
---|---|
Palmetto | meta-ibm/meta-palmetto/conf |
Zaius | meta-ingrasys/meta-zaius/conf |
Witherspoon | meta-ibm/meta-witherspoon/conf |
Romulus | meta-ibm/meta-romulus/conf |
As an example target Romulus
export TEMPLATECONF=meta-ibm/meta-romulus/conf
. openbmc-env bitbake obmc-phosphor-image
Additional details can be found in the docs repository.
The OpenBMC community maintains a set of tutorials new users can go through to get up to speed on OpenBMC development out here
Commits submitted by members of the OpenBMC GitHub community are compiled and tested via our Jenkins server. Commits are run through two levels of testing. At the repository level the makefile make check
directive is run. At the system level, the commit is built into a firmware image and run with an arm-softmmu QEMU model against a barrage of CI tests.
Commits submitted by non-members do not automatically proceed through CI testing. After visual inspection of the commit, a CI run can be manually performed by the reviewer.
Automated testing against the QEMU model along with supported systems are performed. The OpenBMC project uses the Robot Framework for all automation. Our complete test repository can be found here.
Support of additional hardware and software packages is always welcome. Please follow the contributing guidelines when making a submission. It is expected that contributions contain test cases.
Issues are managed on GitHub. It is recommended you search through the issues before opening a new one.
First, please do a search on the internet. There's a good chance your question has already been asked.
For general questions, please use the openbmc tag on Stack Overflow. Please review the discussion on Stack Overflow licensing before posting any code.
For technical discussions, please see contact info below for IRC and mailing list information. Please don't file an issue to ask a question. You'll get faster results by using the mailing list or IRC.
Feature List
Features In Progress
Features Requested but need help
Dive deeper into OpenBMC by opening the docs repository.
The Technical Steering Committee (TSC) guides the project. Members are: