Secure and Trusted Boot for ASPEED AST2600 BMC

This publishes the design posted by Chris on Gerrit. The design was implemented in the upstream OpenBMC code base by the team working on Rainier, the IBM Power10 system. The document does not appear in the docs repo as review was shut down by the maintainer.

Read More

Joel's Opinionated Guide to GPG and SSH on the YubiKey

A long time ago I got a (YubiKey 5C Nano)[https://support.yubico.com/hc/en-us/articles/360013724699-YubiKey-5C-Nano], and didn’t use it. All the noise around Passkeys made me decide to get it out, which was a waste of time because Linux support for Passkeys doesn’t yet exist. But they can be used for FIDO and as a GPG smartcard.

Read More

Testing and OpenBMC Kernel on eMMC

This guide provides notes on how to put a new kernel FIT on a OpenBMC system that uses the eMMC layout. It assumes you’ve built an OpenBMC FIT containing the device tree, initrd and kernel zImage for testing.

Read More

SBE Boot Progress

The OpenPower BMC kicks off the host booting by writing to a CFAM register over FSI. From there, if your system is healthy enough, it will start outputting characters over the LPC VUART. If it’s not, then you get no output, and the only indication that something went wrong is the host powering itself off.

Read More

OpenBMC console

The OpenBMC virtual serial console replaces IPMI Serial over LAN (SoL) as a way to see the UART output of your host system. Where you would have once run:

Read More

Using /dev/mem on OpenBMC

OpenBMC’s kernel configuration disables /dev/mem by default. In the early days of the project some functionality was implemented using simple userspace programs that read and wrote straight to peripherals, instead of kernel drivers. Now that it has kernel drivers userspace access to memory is restricted.

Read More

Linux kernel logs with GDB with Qemu

When your Linux kernel is misbehaving, you often look to the output of ‘dmesg’ to see what went wrong. If you can’t get to userspace, hopefully you have a serial port to see the latest output.

Read More

Petitboot hacks

A safe way to try out a new petitboot release on your machine is to add it to your disk, and chainload from the in-flash version to the one on disk. This uses the same well-tested mechanim as booting your operating system, but doesn’t require touching flash. If something goes wrong, just reboot!

Read More

Building Firefox for ppc64le

Firefox has bitrotted on PowerPC a little. I installed an Ubuntu 18.04 (and then upgraded to the in-development 18.10) ppc64le on a Power9 workstation, and attempted to run Firefox 61. It crashed (trimmed backtrace):

Read More

Using QEMU to boot OpenBMC ASPEED kernel

The LTC team at IBM have created a useful model of the ASPEED BMC SoCs and upstreamed it to QEMU. If you’re on a recent distro, you can skip building it and sudo apt-get install qemu-system-arm instead.

Read More

Jekyll container

This blog uses jekyll-now, which I found in a search for a method to have a simple blog. The highlight is it provides instructions for you to create and edit the blog using the Github interface.

Read More