Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
emulab
emulab-devel
Commits
c0d4949d
Commit
c0d4949d
authored
Aug 30, 2011
by
Mike Hibler
Browse files
Still more state machine tweaks for secure boot/load.
parent
8838cb53
Changes
3
Hide whitespace changes
Inline
Side-by-side
event/stated/stated.in
View file @
c0d4949d
...
...
@@ -680,14 +680,15 @@ sub stateTransition($$) {
if
(
$oldstate
eq
TBDB_NODESTATE_SECVIOLATION
&&
$newstate
ne
TBDB_NODESTATE_SECVIOLATION
)
{
#
# Allow transitions to SHUTDOWN.
# This allows someone to reboot
a node in the SECVIOLATION state
# getting it back to MINIMAL/SHUTDOWN.
# Allow transitions to SHUTDOWN
/POWEROFF
.
# This allows someone to reboot
(turn-off and back on) a node in
#
the SECVIOLATION state
getting it back to MINIMAL/SHUTDOWN.
#
# XXX DEBUG ONLY!
#
if
(
$soft_secviolation
&&
(
$newstate
eq
TBDB_NODESTATE_SHUTDOWN
||
$newstate
eq
TBDB_NODESTATE_POWEROFF
||
$newstate
eq
TBDB_NODESTATE_GPXEBOOTING
))
{
notify
("
$node
allowed to transition: SECVIOLATION =>
$newstate
\n
");
}
else
{
...
...
sql/database-fill.sql
View file @
c0d4949d
...
...
@@ -327,7 +327,7 @@ REPLACE INTO mode_transitions VALUES ('SECUREBOOT','TPMSIGNOFF','MINIMAL','SHUTD
REPLACE
INTO
mode_transitions
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'NORMAL'
,
'SHUTDOWN'
,
''
);
REPLACE
INTO
mode_transitions
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'NORMALv2'
,
'SHUTDOWN'
,
''
);
REPLACE
INTO
mode_transitions
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'PXEFBSD'
,
'SHUTDOWN'
,
''
);
REPLACE
INTO
mode_transitions
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'PXEKERNEL'
,
'
BOOTING
'
,
'SecureBootDone'
);
REPLACE
INTO
mode_transitions
VALUES
(
'SECUREBOOT'
,
'TPMSIGNOFF'
,
'PXEKERNEL'
,
'
SHUTDOWN
'
,
'SecureBootDone'
);
REPLACE
INTO
mode_transitions
VALUES
(
'NORMALv2'
,
'SHUTDOWN'
,
'SECURELOAD'
,
'SHUTDOWN'
,
'SecureLoadStart'
);
REPLACE
INTO
mode_transitions
VALUES
(
'PXEFBSD'
,
'SHUTDOWN'
,
'WIMRELOAD'
,
'SHUTDOWN'
,
''
);
REPLACE
INTO
mode_transitions
VALUES
(
'MINIMAL'
,
'SHUTDOWN'
,
'WIMRELOAD'
,
'SHUTDOWN'
,
''
);
...
...
@@ -655,6 +655,10 @@ REPLACE INTO state_transitions VALUES ('NORMALv2','*','POWEROFF','Power Off');
REPLACE
INTO
state_transitions
VALUES
(
'NORMAL'
,
'POWEROFF'
,
'SHUTDOWN'
,
'Power On'
);
REPLACE
INTO
state_transitions
VALUES
(
'NORMALv1'
,
'POWEROFF'
,
'SHUTDOWN'
,
'Power On'
);
REPLACE
INTO
state_transitions
VALUES
(
'NORMALv2'
,
'POWEROFF'
,
'SHUTDOWN'
,
'Power On'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECUREBOOT'
,
'SECVIOLATION'
,
'POWEROFF'
,
'Power Off'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECURELOAD'
,
'SECVIOLATION'
,
'POWEROFF'
,
'Power Off'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECUREBOOT'
,
'POWEROFF'
,
'SHUTDOWN'
,
'Power On'
);
REPLACE
INTO
state_transitions
VALUES
(
'SECURELOAD'
,
'POWEROFF'
,
'SHUTDOWN'
,
'Power On'
);
REPLACE
INTO
state_transitions
VALUES
(
'WIMRELOAD'
,
'SHUTDOWN'
,
'RELOADSETUP'
,
'BootOK'
);
REPLACE
INTO
state_transitions
VALUES
(
'WIMRELOAD'
,
'RELOADSETUP'
,
'RELOADING'
,
'ReloadStart'
);
REPLACE
INTO
state_transitions
VALUES
(
'WIMRELOAD'
,
'RELOADING'
,
'RELOADDONE'
,
'ReloadDone'
);
...
...
sql/updates/4/259
0 → 100644
View file @
c0d4949d
#
# Assorted fixups for the secureboot/load path.
#
use strict;
use libdb;
sub DoUpdate($$$)
{
my ($dbhandle, $dbname, $version) = @_;
my @mode_transitions = (
);
my @timeouts = (
);
my @transitions = (
["SECUREBOOT","BOOTING","PXEBOOTING","re-BootInfo"],
["SECUREBOOT","SECVIOLATION","POWEROFF","Power Off"],
["SECURELOAD","SECVIOLATION","POWEROFF","Power Off"],
["SECUREBOOT","POWEROFF","SHUTDOWN","Power On"],
["SECURELOAD","POWEROFF","SHUTDOWN","Power On"]
);
my @triggers = (
);
foreach my $row (@mode_transitions) {
my ($opm1,$s1,$opm2,$s2,$lab) = @$row;
my $query_result =
DBQueryFatal("SELECT op_mode1 FROM mode_transitions WHERE ".
"op_mode1='$opm1' AND state1='$s1' AND ".
"op_mode2='$opm2' AND state2='$s2'");
if ($query_result->numrows == 0) {
DBQueryFatal("INSERT INTO mode_transitions VALUES ".
"('$opm1','$s1','$opm2', '$s2','$lab')");
}
}
foreach my $row (@timeouts) {
my ($opm,$s,$to,$act) = @$row;
my $query_result =
DBQueryFatal("SELECT op_mode FROM state_timeouts WHERE ".
"op_mode='$opm' AND state='$s'");
if ($query_result->numrows == 0) {
DBQueryFatal("INSERT INTO state_timeouts VALUES ".
"('$opm','$s','$to', '$act')");
}
}
foreach my $row (@transitions) {
my ($opm,$s1,$s2,$lab) = @$row;
my $query_result =
DBQueryFatal("SELECT op_mode FROM state_transitions WHERE ".
"op_mode='$opm' AND state1='$s1' AND state2='$s2'");
if ($query_result->numrows == 0) {
DBQueryFatal("INSERT INTO state_transitions VALUES ".
"('$opm','$s1','$s2','$lab')");
}
}
foreach my $row (@triggers) {
my ($node,$opm,$s,$trig) = @$row;
my $query_result =
DBQueryFatal("SELECT node_id FROM state_triggers WHERE ".
"node_id='$node' AND op_mode='$opm' AND state='$s'");
if ($query_result->numrows == 0) {
DBQueryFatal("INSERT INTO state_triggers VALUES ".
"('$node','$opm','$s','$trig')");
}
}
# tweak a previous transition that wasn't quite right
DBQueryFatal("UPDATE mode_transitions SET state2='SHUTDOWN' WHERE ".
" state1='TPMSIGNOFF' AND op_mode2='PXEKERNEL' AND ".
" state2='BOOTING'");
# no need to BOOTING, CHECKGENISUP as those will happen in next BOOTING
DBQueryFatal("UPDATE state_triggers SET `trigger`='PXEBOOT' WHERE ".
" op_mode='SECUREBOOT' AND state='TPMSIGNOFF'");
return 0;
}
1;
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment