'phosphor-bmc-code-mgmt' throws 'InvalidSignature' error even if 'verify-signature' is not enabled

Konstantin Aladyshev aladyshev22 at gmail.com
Mon Apr 17 17:59:20 AEST 2023


Hello!

By default the OpenBMC tarball is generated without a signature.
And 'verify-signature' is a separate option which is not enabled by default
in the 'phosphor-bmc-code-mgmt' recipe.
But still currently in that case when we load OpenBMC tarball,
the 'Software::Version::Error::InvalidSignature' error is generated in SEL.
I think it is not right, so I've proposed a patchset that changes this
behaviour.
Please check:
62521: meson: Disable 'verify-signature' option by default |
https://gerrit.openbmc.org/c/openbmc/phosphor-bmc-code-mgmt/+/62521

The patchset changes the default API of the 'phosphor-bmc-code-mgmt', so
this message is intended to ask if anybody has any objections against this
patchset.

Best regards,
Konstantin Aladyshev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20230417/b72cc48f/attachment.htm>


More information about the openbmc mailing list