Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
emulab
emulab-devel
Commits
54cab0a2
Commit
54cab0a2
authored
Jul 19, 2011
by
Mike Hibler
Browse files
(Hopefully) final DB changes for secure boot/load path.
parent
47fdfe18
Changes
2
Hide whitespace changes
Inline
Side-by-side
sql/database-fill.sql
View file @
54cab0a2
...
...
@@ -328,6 +328,7 @@ REPLACE INTO mode_transitions VALUES ('SECUREBOOT','TPMSIGNOFF','NORMAL','SHUTDO
REPLACE
INTO
mode_transitions
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'NORMALv2'
,
'SHUTDOWN'
,
''
);
REPLACE
INTO
mode_transitions
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'PXEFBSD'
,
'SHUTDOWN'
,
''
);
REPLACE
INTO
mode_transitions
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'PXEKERNEL'
,
'BOOTING'
,
'SecureBootDone'
);
REPLACE
INTO
mode_transitions
VALUES
(
'NORMALv2'
,
'SHUTDOWN'
,
'SECURELOAD'
,
'SHUTDOWN'
,
'SecureLoadStart'
);
--
-- Dumping data for table `priorities`
...
...
@@ -393,19 +394,19 @@ REPLACE INTO state_timeouts VALUES ('NORMALv2','TBSETUP',600,'NOTIFY');
REPLACE
INTO
state_timeouts
VALUES
(
'NORMALv2'
,
'BOOTING'
,
180
,
'REBOOT'
);
REPLACE
INTO
state_timeouts
VALUES
(
'GARCIA-STARGATEv1'
,
'TBSETUP'
,
600
,
'NOTIFY'
);
REPLACE
INTO
state_timeouts
VALUES
(
'PXEKERNEL'
,
'PXEWAKEUP'
,
20
,
'REBOOT'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'BOOTING'
,
3
6
00
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'GPXEBOOTING'
,
360
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'PXEBOOTING'
,
360
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'SHUTDOWN'
,
3
6
00
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
360
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'BOOTING'
,
3
6
00
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'GPXEBOOTING'
,
360
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'PXEBOOTING'
,
360
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'RELOADDONE'
,
3
6
00
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'BOOTING'
,
300
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'GPXEBOOTING'
,
6
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'PXEBOOTING'
,
6
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'SHUTDOWN'
,
300
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
6
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'BOOTING'
,
300
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'GPXEBOOTING'
,
6
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'PXEBOOTING'
,
6
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'RELOADDONE'
,
300
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'RELOADING'
,
3600
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'RELOADSETUP'
,
360
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'SHUTDOWN'
,
3
6
00
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'TPMSIGNOFF'
,
3
6
00
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'RELOADSETUP'
,
6
0
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'SHUTDOWN'
,
300
,
'STATE:SECVIOLATION'
);
REPLACE
INTO
state_timeouts
VALUES
(
'SECURELOAD'
,
'TPMSIGNOFF'
,
300
,
'STATE:SECVIOLATION'
);
--
-- Dumping data for table `state_transitions`
...
...
@@ -621,6 +622,7 @@ REPLACE INTO state_transitions VALUES ('SECURELOAD','RELOADDONE','TPMSIGNOFF','Q
REPLACE
INTO
state_transitions
VALUES
(
'SECURELOAD'
,
'RELOADING'
,
'RELOADDONE'
,
'ImageOK'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECURELOAD'
,
'RELOADING'
,
'SECVIOLATION'
,
'ImageBad'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECURELOAD'
,
'RELOADSETUP'
,
'RELOADING'
,
'ReloadReady'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECURELOAD'
,
'SHUTDOWN'
,
'SHUTDOWN'
,
'Retry'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECURELOAD'
,
'SHUTDOWN'
,
'GPXEBOOTING'
,
'QuoteOK'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECURELOAD'
,
'SHUTDOWN'
,
'SECVIOLATION'
,
'QuoteFailed'
);
...
...
@@ -649,7 +651,7 @@ REPLACE INTO state_triggers VALUES ('*','*','SECVIOLATION','POWEROFF, EMAILNOTIF
REPLACE
INTO
state_triggers
VALUES
(
'*'
,
'SECUREBOOT'
,
'BOOTING'
,
''
);
REPLACE
INTO
state_triggers
VALUES
(
'*'
,
'SECUREBOOT'
,
'PXEBOOTING'
,
''
);
REPLACE
INTO
state_triggers
VALUES
(
'*'
,
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'PXEBOOT, BOOTING, CHECKGENISUP'
);
REPLACE
INTO
state_triggers
VALUES
(
'*'
,
'SECURELOAD'
,
'BOOTING'
,
''
);
REPLACE
INTO
state_triggers
VALUES
(
'*'
,
'SECURELOAD'
,
'BOOTING'
,
'
BOOTING
'
);
REPLACE
INTO
state_triggers
VALUES
(
'*'
,
'SECURELOAD'
,
'PXEBOOTING'
,
''
);
REPLACE
INTO
state_triggers
VALUES
(
'*'
,
'SECURELOAD'
,
'RELOADDONE'
,
'RESET, RELOADDONE'
);
...
...
sql/updates/4/249
0 → 100644
View file @
54cab0a2
#
# Additional state for secure boot/load path.
# Also set SECURE* timeouts to reasonable values.
#
use strict;
use libdb;
sub DoUpdate($$$)
{
my ($dbhandle, $dbname, $version) = @_;
my @mode_transitions = (
["NORMALv2","SHUTDOWN","SECURELOAD","SHUTDOWN","SecureLoadStart"]
);
my @timeouts = (
["SECUREBOOT","BOOTING",300,"STATE:SECVIOLATION"],
["SECUREBOOT","GPXEBOOTING",60,"STATE:SECVIOLATION"],
["SECUREBOOT","PXEBOOTING",60,"STATE:SECVIOLATION"],
["SECUREBOOT","SHUTDOWN",300,"STATE:SECVIOLATION"],
["SECUREBOOT","TPMSIGNOFF",60,"STATE:SECVIOLATION"],
["SECURELOAD","BOOTING",300,"STATE:SECVIOLATION"],
["SECURELOAD","GPXEBOOTING",60,"STATE:SECVIOLATION"],
["SECURELOAD","PXEBOOTING",60,"STATE:SECVIOLATION"],
["SECURELOAD","RELOADDONE",300,"STATE:SECVIOLATION"],
["SECURELOAD","RELOADING",3600,"STATE:SECVIOLATION"],
["SECURELOAD","RELOADSETUP",60,"STATE:SECVIOLATION"],
["SECURELOAD","SHUTDOWN",300,"STATE:SECVIOLATION"],
["SECURELOAD","TPMSIGNOFF",300,"STATE:SECVIOLATION"]
);
my @transitions = (
["SECURELOAD","SHUTDOWN","SHUTDOWN","Retry"]
);
my @triggers = (
["*","SECURELOAD","BOOTING","BOOTING"]
);
foreach my $row (@mode_transitions) {
my ($opm1,$s1,$opm2,$s2,$lab) = @$row;
DBQueryFatal("REPLACE INTO mode_transitions VALUES ".
"('$opm1','$s1','$opm2', '$s2','$lab')");
}
foreach my $row (@timeouts) {
my ($opm,$s,$to,$act) = @$row;
DBQueryFatal("REPLACE INTO state_timeouts VALUES ".
"('$opm','$s','$to', '$act')");
}
foreach my $row (@transitions) {
my ($opm,$s1,$s2,$lab) = @$row;
DBQueryFatal("REPLACE INTO state_transitions VALUES ".
"('$opm','$s1','$s2','$lab')");
}
foreach my $row (@triggers) {
my ($node,$opm,$s,$trig) = @$row;
DBQueryFatal("REPLACE INTO state_triggers VALUES ".
"('$node','$opm','$s','$trig')");
}
return 0;
}
1;
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment