1. 16 Mar, 2012 1 commit
  2. 15 Mar, 2012 22 commits
  3. 14 Mar, 2012 3 commits
    • Mike Hibler's avatar
      Minor syntax error in update script. · ceaa2539
      Mike Hibler authored
      ceaa2539
    • Mike Hibler's avatar
      Make the secure boot path work with PXEWAIT. · ceeede28
      Mike Hibler authored
      When a node with the secure boot dongle is freed, it goes into PXEWAIT in
      the context of the secure MFS. Previously we remained in "secure mode"
      (i.e., did not terminate with a TPMSIGNOFF) while a node was in this state.
      If the next use of the node, just booted from the OS that was already on
      the disk, then we never signed off properly.
      
      Now we sign off before entering PXEWAIT. I thought that this would be the
      easiest alternative to fixing the problem..HaHaHa..not! Because now we have
      to restart the secure boot path (i.e., reboot) if the result of coming out
      of PXEWAIT is a request to reload the disk (i.e., if we are continuing the
      secure disk load path).
      
      Ideally this would have required only modifications to the state machines
      for SECUREBOOT/LOAD, but as you can see by the presence of stated.in in the
      modified files, this was not the case. The change required some additional
      "finesse" to get it working. See the comments in stated.in and bootinfo_mysql.c
      if you really care.
      ceeede28
    • Mike Hibler's avatar
      Pass through bootinfo flags on tmcc "bootwhat" command. · 3ca3abf6
      Mike Hibler authored
      bootwhat will now return a FLAGS=%d value corresponding to the flags
      field in the boot_what struct.
      
      NOTE: THIS REQUIRED A TMCD VERSION BUMP. We are now at version 35.
      The issue was backward compatibility with existing CD/dongle boot images
      which are overly strict in their parsing of the returned bootwhat values.
      
      Added a new boot_what flag (the whole point of this) to signify if the
      entity being returned is part of the "secure boot" path. This is used
      by the gPXE dongle to determine whether it needs to do a trusted boot
      path "sign-off" for the MFS it downloads. We used to use the name of
      the MFS as our heuristic for this.
      
      bootinfo uses the new tbdb.os_info osfeature "ontrustedboot" to determine
      whether to set the flag.
      3ca3abf6
  4. 13 Mar, 2012 1 commit
  5. 12 Mar, 2012 1 commit
    • Mike Hibler's avatar
      Print a less obtuse error if they attempt to image an "empty" partition. · 31e17da2
      Mike Hibler authored
      This is in the node type check where we look at what is currently in the
      partition they are imaging, and base the set of valid node type on that.
      However, if they specify a partition that doesn't currently have an image,
      we would previously effectively tell them that the image will not run on
      the node type that it is currently running on!
      
      Now we just say "there is no current image in that partition."
      31e17da2
  6. 11 Mar, 2012 1 commit
  7. 09 Mar, 2012 3 commits
    • Mike Hibler's avatar
      Add a node-default pxe_boot_path to go along with node-type-default. · 99a462a8
      Mike Hibler authored
      As if things weren't hairy enough for the pxe_boot_path, we need a per-node
      default value. This should not be confused with the next_pxe_boot_path or
      pxe_boot_path fields in the nodes table, which is a per-node value but only
      for the lifetime of the current experiment.
      
      We need this new field specifically so that we can switch some, but not all,
      of the d710s over to the TPM-aware pxeboot.
      
      For the record, the select order for setting the filename field in
      dhcpd.conf is:
      
       1. nodes.next_pxe_boot_path for node
       2. nodes.pxe_boot_path for node
       3. "pxe_boot_path" node_attribute for node
       4. "pxe_boot_path" node_type_attribute for node type
       5. don't set (i.e., use the dhcpd.conf global default).
      99a462a8
    • Mike Hibler's avatar
      Don't forget to update the nonce counter. · 77918217
      Mike Hibler authored
      77918217
    • Leigh Stoller's avatar
      When resolving a node, resolve the physical node if it is a virtual · 11201729
      Leigh Stoller authored
      node. This happens when building a tunnel on a virtual node using a
      0.2 rspec; the old manifest put the URN of the virtual node in, while
      the V2 manifest puts in the physical node. Since resolving a virtual
      node returns nothing useful even now, I figure this is safe.
      11201729
  8. 08 Mar, 2012 8 commits