1#!/bin/bash 2 3# Handle the SCP Failover feature in which: 4# - If the BMC receives the SCP_AUTH_FAILURE signal from Socket0, 5# attempts to boot from the failover boot EEPROM. 6# - If the second boot fails, treats this as a permanent boot failure 7# and logs an event in SEL. 8 9# shellcheck disable=SC1091 10# shellcheck disable=SC2046 11 12# Check the I2C_BACKUP_SEL 13I2C_BACKUP_SEL=$(gpioget $(gpiofind i2c-backup-sel)) 14if [ "${I2C_BACKUP_SEL}" == "1" ]; then 15 # If it is HIGH, set it LOW. Then reset the Host to boot from 16 # the failover Boot EEPROM. 17 echo "scp-failover: switch HOST to failover boot EEPROM" 18 gpioset $(gpiofind i2c-backup-sel)=0 19 20 # Reset the Host to boot on the failover EEPROM 21 ampere_power_util.sh mb force_reset 22else 23 # Turn OFF Host as SCP firmware on both Boot EEPROM fail 24 obmcutil chassisoff 25 26 echo "scp-failover: switch HOST back to the main Boot EEPROM" 27 gpioset $(gpiofind i2c-backup-sel)=1 28 29 # Log event 30 ampere_add_redfishevent.sh OpenBMC.0.1.GeneralFirmwareSecurityViolation.Critical "SCP Authentication failure" 31fi 32