<html><body><p><tt>"openbmc" <openbmc-bounces+austenc=us.ibm.com@lists.ozlabs.org> wrote on 01/25/2017 04:15:27 PM:<br><br>> From: Adriana Kobylak <anoo@linux.vnet.ibm.com></tt><br><tt>> To: openbmc@lists.ozlabs.org</tt><br><tt>> Date: 01/25/2017 04:32 PM</tt><br><tt>> Subject: OpenBMC Image Management</tt><br><tt>> Sent by: "openbmc" <openbmc-bounces+austenc=us.ibm.com@lists.ozlabs.org></tt><br><tt>> <br>> Hi,<br>> <br>> Here is a first draft proposal for image management (code update) in<br>> OpenBMC for feedback.<br>> <br>> General:<br>> * Move to UBI volume management (on the BMC and PNOR chips), which <br>> provides dynamic partitioning and wear-leveling. In a limited flash <br>> space environment there might be the need to re-allocate partition <br>> space and resizing in a static partitioning implementation can be <br>> very painful.<br>> * Use CRAMFS for read-only partitions, and UBIFS for read-write partitions.<br>> <br>> PNOR:<br>> * Implement a new mboxd based on Cyril’s (see Cyril’s email “Mailbox<br>> daemon”) that handles dbus objects, generates a virtual PNOR for UBI<br>> content, etc.<br>> * Move to memory-based access instead of the current LPC-to-AHD path.<br>> * Allocate just enough space in the initial window for Hostboot’s <br>> TOC, HBB, and HBI partitions, grow as required.<br>> * Ability to ‘patch’ by copying a Hostboot image *.bin into a <br>> designated directory (/usr/local/ for example).<br>> * Tool to write from PNOR image to BMC format. Implement UBI <br>> initially but it could be extended to support different volume <br>> managements on other BMCs.<br>> <br>> BMC:<br>> *Save multiple firmware versions, starting with 2, to provide the <br>> ability to roll-back if needed. If single BMC chip system, save both<br>> versions there. If two BMC chip system, save other version in 2nd chip.<br>> * Implement various levels of ‘persistency’, such as dev, factory, <br>> field. Dev persistency would allow for local patches (/usr/local/ <br>> for example) that can be cleared before shipping to customers. <br>> Factory mode could delete the location where user data such as <br>> network settings resides but preserves the mac address and uuid for <br>> example. Etc.<br>> <br>> Thanks,<br>> <br>> Adriana<br>> _______________________________________________<br>> openbmc mailing list<br>> openbmc@lists.ozlabs.org<br>> <a href="https://lists.ozlabs.org/listinfo/openbmc">https://lists.ozlabs.org/listinfo/openbmc</a><br></tt><br><br><tt>So are the goals of Image Management..</tt><br><br><tt>1) Actively manage wear-leveling</tt><br><tt>2) Provide an api for BIOS/Host inband update</tt><br><tt>3) Provide a way to boot an image that is not from flash</tt><br><tt>4) Duel image support</tt><br><tt>5) Duel flash chip support</tt><br><tt>6) Support multiple tiers of sanitization </tt><br><br><tt>Are there any security goals that need to be considered? </tt><br><br><BR>
</body></html>