test/README.md: Update access permissions

The default access permission for the README.md file should be 664.

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: Ia2c14646fd99eab3a580b1c2

test/README.md: Update access permissions

The default access permission for the README.md file should be 664.

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: Ia2c14646fd99eab3a580b1c276a46ff2f604b1ae

show more ...

test/README.md: Fix MD040 warnings

The following warnings are generated by using markdownlint analysis:
```
MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "

test/README.md: Fix MD040 warnings

The following warnings are generated by using markdownlint analysis:
```
MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
```
Refer to markdown-lint [1] to fix MD040
[1]: https://github.com/updownpress/markdown-lint/blob/master/rules/040-fenced-code-language.md

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: Ia1af9ab633a14fb94bb6bb26800238fcb1d4ff95

show more ...

test/README.md: Fix MD004 warnings

The following warnings are generated by using markdownlint analysis:
```
MD004/ul-style Unordered list style [Expected: dash; Actual: asterisk]
```
Refer to markdo

test/README.md: Fix MD004 warnings

The following warnings are generated by using markdownlint analysis:
```
MD004/ul-style Unordered list style [Expected: dash; Actual: asterisk]
```
Refer to markdown-lint [1] to fix MD004
[1]: https://github.com/updownpress/markdown-lint/blob/master/rules/004-ul-style.md

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: If4b0dcbd538a886d593ab3162f019a817eadeedd

show more ...

test/README.md: Fix MD041 warnings

The following warnings are generated by using markdownlint analysis:
```
MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading

test/README.md: Fix MD041 warnings

The following warnings are generated by using markdownlint analysis:
```
MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "Instructions on how to execute..."]
```
Refer to markdown-lint [1] to fix MD041
[1]: https://github.com/updownpress/markdown-lint/blob/master/rules/041-first-line-h1.md

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: I957dbc3093701663267a93bee4f2c688b1f9d1e8

show more ...

gen-bios-tar: Update private signing key

Updating from 1024 bits to 4096 bits for a more secure key

Change-Id: Idaa9bcdc04ec4143ff8035c84040646458bf8398
Signed-off-by: Rashmica Gupta <rashmica@linu

gen-bios-tar: Update private signing key

Updating from 1024 bits to 4096 bits for a more secure key

Change-Id: Idaa9bcdc04ec4143ff8035c84040646458bf8398
Signed-off-by: Rashmica Gupta <rashmica@linux.ibm.com>

show more ...

clang-tidy: Enable performance-inefficient-string-concatenation

This check warns about the performance overhead arising from
concatenating strings using the operator+

Change-Id: I93a5797adb0ffc9aa1

clang-tidy: Enable performance-inefficient-string-concatenation

This check warns about the performance overhead arising from
concatenating strings using the operator+

Change-Id: I93a5797adb0ffc9aa1d2353bab0a5ff6773ec6d5
Signed-off-by: Pavithra Barithaya <pavithrabarithaya07@gmail.com>

show more ...

clang-tidy: Enable readability-convert-member-functions-to-static

This check finds non-static member functions that can be made
static because the functions don’t use this.
This check also triggers

clang-tidy: Enable readability-convert-member-functions-to-static

This check finds non-static member functions that can be made
static because the functions don’t use this.
This check also triggers readability-static-accessed-through
-instance check as we are trying to access a static member
function through an instance.

Change-Id: Ia0867db019db8e40e710bdd4025e030061f7a992
Signed-off-by: Pavithra Barithaya <pavithrabarithaya07@gmail.com>

show more ...

clang-tidy: Enable performance-unnecessary-value-param check

This check flags value parameter declarations of expensive to copy
types that are copied for each invocation but it would suffice to
pass

clang-tidy: Enable performance-unnecessary-value-param check

This check flags value parameter declarations of expensive to copy
types that are copied for each invocation but it would suffice to
pass them by const reference.

Change-Id: I631deda63fcbb74362313c9596bf7e72933b0d0c
Signed-off-by: Pavithra Barithaya <pavithrabarithaya07@gmail.com>

show more ...

clang-tidy: Enable performance-for-range-copy check

This check optimizes performance in C++ for range-based loops
(for (auto element : container)), the key consideration is to
avoid unnecessary copi

clang-tidy: Enable performance-for-range-copy check

This check optimizes performance in C++ for range-based loops
(for (auto element : container)), the key consideration is to
avoid unnecessary copies of elements, especially when dealing with
larger or more complex objects.

Change-Id: I3349630950f72e1c0365b2ab23b7858c1bfbc9d4
Signed-off-by: Pavithra Barithaya <pavithrabarithaya07@gmail.com>

show more ...

clang-tidy: Enable cppcoreguidelines-explicit-virtual-functions

This check enforces guidelines related to explicitly specifying
override or final when overriding virtual functions in C++
classes.

C

clang-tidy: Enable cppcoreguidelines-explicit-virtual-functions

This check enforces guidelines related to explicitly specifying
override or final when overriding virtual functions in C++
classes.

Change-Id: I5c7de19e9f7521f4b8a947a25540a44c400da104
Signed-off-by: Pavithra Barithaya <pavithrabarithaya07@gmail.com>

show more ...

clang-tidy: Enable bugprone-narrowing-conversions check

This check indicates instances where there's a potential loss of
data during type conversions, particularly when converting from
a wider type

clang-tidy: Enable bugprone-narrowing-conversions check

This check indicates instances where there's a potential loss of
data during type conversions, particularly when converting from
a wider type to a narrower type.

Change-Id: I43f3d9ff4a6d672f51c7b2d3eccca90f262fa852
Signed-off-by: Pavithra Barithaya <pavithrabarithaya07@gmail.com>

show more ...

clang-tidy: Enable bugprone-implicit-widening-of-multiplication-result

The check diagnoses instances where a result of a multiplication is
implicitly widened, and suggests (with fix-it) to either si

clang-tidy: Enable bugprone-implicit-widening-of-multiplication-result

The check diagnoses instances where a result of a multiplication is
implicitly widened, and suggests (with fix-it) to either silence
the code by making widening explicit, or to perform the
multiplication in a wider type, to avoid the widening afterwards.

Change-Id: I97b1b3d3158d753e70bd2bd98f7938dc6e35af5a
Signed-off-by: Pavithra Barithaya <pavithrabarithaya07@gmail.com>

show more ...

meson: Drop legacy 'verify-signature' option

Currently there are two options for the image signature verification:
- 'verify-signature' (legacy),
- 'verify-full-signature' (current).

Drop legacy op

meson: Drop legacy 'verify-signature' option

Currently there are two options for the image signature verification:
- 'verify-signature' (legacy),
- 'verify-full-signature' (current).

Drop legacy option and let the current one take its place.

Change-Id: Ia205424395179fd190e3d055159beca93cff0545
Signed-off-by: Konstantin Aladyshev <aladyshev22@gmail.com>

show more ...

prettier: re-format

Prettier is enabled in openbmc-build-scripts on Markdown, JSON, and YAML
files to have consistent formatting for these file types. Re-run the
formatter on the whole repository.

prettier: re-format

Prettier is enabled in openbmc-build-scripts on Markdown, JSON, and YAML
files to have consistent formatting for these file types. Re-run the
formatter on the whole repository.

Change-Id: Ib954d53a0fdfba96a0e0f9bdd2ad75ed3c4f4927
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

meson: remove oe-sdk support

Very few of our projects have this extra code and it doesn't seem
very useful considering we have both meson-subproject support and
developers can use devtool.

Signed-o

meson: remove oe-sdk support

Very few of our projects have this extra code and it doesn't seem
very useful considering we have both meson-subproject support and
developers can use devtool.

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I41f8ba99600c04596b4fc37cc5b0ec00976d1e24

show more ...

image-verify: Skip full verify for non-BMC images

The verifyFullImage() only supports verify BMC image, but does not apply
to other images like BIOS.

Skip doing verifyFullImage() for non-BMC images

image-verify: Skip full verify for non-BMC images

The verifyFullImage() only supports verify BMC image, but does not apply
to other images like BIOS.

Skip doing verifyFullImage() for non-BMC images so that it is possible
to do BIOS code update when fieldMode is enabled.

Tested: Verify BIOS update is successful without verification error.
Add related unit test case and verify it passes.

Signed-off-by: Lei YU <yulei.sh@bytedance.com>
Change-Id: Id9e72367bd2797f7a61c017b61fb81df1dd4d15c

show more ...

Add support for Inventory.Decorator.Compatible

This adds support for the compatibility strings interface described in
https://github.com/openbmc/phosphor-dbus-interfaces/tree/master/yaml/xyz/openbmc

Add support for Inventory.Decorator.Compatible

This adds support for the compatibility strings interface described in
https://github.com/openbmc/phosphor-dbus-interfaces/tree/master/yaml/xyz/openbmc_project/Software#compatibility.

The Version objects will now be created with the Inventory.Decorator.Compatible
interface with the compatibility names coming from the MANIFEST file.
e.g.
version=1.2.3
MachineName=foo
purpose=Other
ExtendedVersion=a.b.c
CompatibleName=foo.bar
CompatibleName=baz.bim

Tested:
$ busctl get-property xyz.openbmc_project.Software.Version \
/xyz/openbmc_project/software/517751da \
xyz.openbmc_project.Inventory.Decorator.Compatible Names
as 2 "foo.bar" "baz.bim"

Signed-off-by: Justin Ledford <justinledford@google.com>
Change-Id: I9ee36af2d3d1494d533a3b09c466a250c4fe786b

show more ...

openssl: test: stop using deprecated SHA512_* functions

Complete the work from I91959eef65793f1092536f7e4c027839ce6cdf52 to
switch the test cases over to the OpenSSL 3 supported functions.

Tested:

openssl: test: stop using deprecated SHA512_* functions

Complete the work from I91959eef65793f1092536f7e4c027839ce6cdf52 to
switch the test cases over to the OpenSSL 3 supported functions.

Tested: This was done in two steps to show that the conversion is
identical. Test cases pass with conversion.

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Ia2abc82f0b1282a52925a0eb9a2246d05f9b30cf

show more ...

utest: Fix test case SignatureTest.TestSignatureVerify()

The unit test case SignatureTest.TestSignatureVerify() passes
with default config.
But when `verify-full-signature` is enabled, the test case

utest: Fix test case SignatureTest.TestSignatureVerify()

The unit test case SignatureTest.TestSignatureVerify() passes
with default config.
But when `verify-full-signature` is enabled, the test case fails.

resolved: openbmc/phosphor-bmc-code-mgmt#9

Tested: Unit Test successfully when `verify-full-signature` is
enabled.

Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: Ia600690ea26ca3559f1e9f2049283880ddf95a4d

show more ...

Implement Software.Extended Version

- Populate the ExtendedVersion object from MANIFEST
- Create an ExtendedVersion object

Change-Id: I13e352d4cb8f4a73259a940f341a736fe7e9305f
Signed-off-by: Chanh

Implement Software.Extended Version

- Populate the ExtendedVersion object from MANIFEST
- Create an ExtendedVersion object

Change-Id: I13e352d4cb8f4a73259a940f341a736fe7e9305f
Signed-off-by: Chanh Nguyen <chanh@amperemail.onmicrosoft.com>

show more ...

utils: Add execute command

As issue openbmc/phosphor-bmc-code-mgmt#6 describes, the code
makes use of the systemd services to execute commands via a
script, but calls to systemd service files are as

utils: Add execute command

As issue openbmc/phosphor-bmc-code-mgmt#6 describes, the code
makes use of the systemd services to execute commands via a
script, but calls to systemd service files are async, so if
there is a need to wait for the service to finish executing,
workarounds like sleep commands have been added to the code, ex:
https://github.com/openbmc/phosphor-bmc-code-mgmt/commit/60f5ccfd5ab0fc8cedc3a2bf5f5adcab77318b7d

Create a function that would execute a command in a child
process so that it's possible to wait for it to finish. In
addition, errors can be more obvious by checking the return
of the execute function and taking action to notify the caller
of the error instead of relying on system unit dependencies
to run recovery actions on error.

Tested: Called new execute function from the code and verified
it was successful. Ex:
utils::execute("/bin/mkdir", "/tmp/test-execute");

Change-Id: I81a6aa0a50276abb6aba40196a214629ec9baa13
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>

show more ...

Add support for tarball contents signature

Currently only supported to allow optional image files in BMC tarball.
In order to ensure that the contents of the tarball are the expected
ones as a full

Add support for tarball contents signature

Currently only supported to allow optional image files in BMC tarball.
In order to ensure that the contents of the tarball are the expected
ones as a full package, an additional signature file has been created
for all the signature files in the tarball,
(ex: image-full.sig = hash(file1.sig + file2.sig + file3.sig...)).
Need to check the existence of the file and the signature verification
passed.

Also, added unit test case for the mergeFiles method.

Tested:
Enable `WANT_SIGNATURE_FULL_VERIFY` and ran the following command:

curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/octet-stream"
-X POST -T obmc-phosphor-image-fp5280g2.static.mtd.tar

https://${bmc}/redfish/v1/UpdateService
{
"@odata.id": "/redfish/v1/TaskService/Tasks/1",
"@odata.type": "#Task.v1_4_3.Task",
"Id": "1",
"TaskState": "Running",
"TaskStatus": "OK"
}

And Log output:
`Successfully completed Signature vaildation.`

Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I0e658b9dd90ea405a9c8292f29183ab516a0fa31

show more ...

meson: build: Remove automake files and update READMEs

Tested: Ran CI and code update on witherspoon.

Change-Id: I4d9695cdddf48e4a4d884fb9b8e30108ee6dfe6c
Signed-off-by: Adriana Kobylak <anoo@us.ib

meson: build: Remove automake files and update READMEs

Tested: Ran CI and code update on witherspoon.

Change-Id: I4d9695cdddf48e4a4d884fb9b8e30108ee6dfe6c
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>

show more ...

Use std::filesystem instead of std::experimental

std::filesystem is fully supported in c++17, no need to keep
the experimental around anymore.

Note that the path append behavior changed, so appendi

Use std::filesystem instead of std::experimental

std::filesystem is fully supported in c++17, no need to keep
the experimental around anymore.

Note that the path append behavior changed, so appending an
absolute path replaces the path instead of appending, therefore
need to use .relative_path().

Tested: Did a code update on witherspoon and verified the sync
path was correct.

Change-Id: Iffe42cf0ebd5537920c8fdbf9edcec640ab9c724
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>

show more ...

meson: Fix compile errors

Meson runs stricter compiler checks. Fix the following errors in
preparation to moving to meson:

- Unusued parameters. Ex:
../download_manager_main.cpp:7:14: error: unused

meson: Fix compile errors

Meson runs stricter compiler checks. Fix the following errors in
preparation to moving to meson:

- Unusued parameters. Ex:
../download_manager_main.cpp:7:14: error: unused parameter ‘argc’ [-Werror=unused-parameter]
../static/item_updater_helper.cpp:16:42: error: unused parameter ‘entryId’ [-Werror=unused-parameter]
../watch.cpp:77:38: error: unused parameter ‘s’ [-Werror=unused-parameter]
[test/utest.cpp:166]: (style) Variable 'pubKeyConfFile' is assigned a value that is never used.

- Add destructor and initialize variable in init list:
../flash.hpp:18:7: error: ‘class phosphor::software::updater::Flash’ has virtual functions and accessible non-virtual destructor [-Werror=non-virtual-dtor]
[version.hpp:81]: callback is assigned in constructor body. Consider performing initialization in initialization list

Tested: Verified code update on witherspoon still worked.

Change-Id: Ib7a0e0e11d6bfe6eeeb3f2ea4bfefd43505d639e
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>

show more ...