matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] Upgrade kernel to 3.16.57-2 on 201803 branch (#2116)

Browse Source 
* [security] Upgrade kernel to 3.16.57-2

Fix issues below:
https://www.debian.org/security/2018/dsa-4120
https://www.debian.org/security/2018/dsa-4179
https://www.debian.org/security/2018/dsa-4187
https://www.debian.org/security/2018/dsa-4188
https://www.debian.org/security/2018/dsa-4196

and more.

* update opennsl-modules-3.16.0-6-amd64_3.4.1.11-7_amd64.deb package

Signed-off-by: Guohan Lu <gulv@microsoft.com>

* [mellanox] update sdk base url (new kernel version)
This commit is contained in:
zhenggen-xu 2018-10-10 23:41:27 -07:00 committed by lguohan
parent eba171b222
commit 773ed99d0a
25 changed files with 52 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
build_debian.sh
View File

@ -114,7 +114,7 @@ echo '[INFO] Install SONiC linux kernel image'
## Note: duplicate apt-get command to ensure every line return zero
sudo dpkg --root=$FILESYSTEM_ROOT -i target/debs/initramfs-tools_*.deb || \
sudo LANG=C DEBIAN_FRONTEND=noninteractive chroot $FILESYSTEM_ROOT apt-get -y install -f
sudo dpkg --root=$FILESYSTEM_ROOT -i target/debs/linux-image-3.16.0-5-amd64_*.deb || \
sudo dpkg --root=$FILESYSTEM_ROOT -i target/debs/linux-image-3.16.0-6-amd64_*.deb || \
sudo LANG=C DEBIAN_FRONTEND=noninteractive chroot $FILESYSTEM_ROOT apt-get -y install -f
## Update initramfs for booting with squashfs+aufs
@ -152,10 +152,10 @@ sudo chmod +x $FILESYSTEM_ROOT/etc/initramfs-tools/hooks/union-fsck
sudo chroot $FILESYSTEM_ROOT update-initramfs -u
## Install latest intel igb driver
sudo cp target/debs/igb.ko $FILESYSTEM_ROOT/lib/modules/3.16.0-5-amd64/kernel/drivers/net/ethernet/intel/igb/igb.ko
sudo cp target/debs/igb.ko $FILESYSTEM_ROOT/lib/modules/3.16.0-6-amd64/kernel/drivers/net/ethernet/intel/igb/igb.ko
## Install latest intel ixgbe driver
sudo cp target/debs/ixgbe.ko $FILESYSTEM_ROOT/lib/modules/3.16.0-5-amd64/kernel/drivers/net/ethernet/intel/ixgbe/ixgbe.ko
sudo cp target/debs/ixgbe.ko $FILESYSTEM_ROOT/lib/modules/3.16.0-6-amd64/kernel/drivers/net/ethernet/intel/ixgbe/ixgbe.ko
## Install docker
echo '[INFO] Install docker'

8
files/build_templates/swss.service.j2
View File

@ -2,16 +2,16 @@
Description=switch state service
Requires=database.service updategraph.service
{% if sonic_asic_platform == 'broadcom' %}
Requires=opennsl-modules-3.16.0-5-amd64.service
Requires=opennsl-modules-3.16.0-6-amd64.service
{% elif sonic_asic_platform == 'nephos' %}
Requires=nps-modules-3.16.0-5-amd64.service
Requires=nps-modules-3.16.0-6-amd64.service
{% endif %}
After=database.service updategraph.service
After=interfaces-config.service
{% if sonic_asic_platform == 'broadcom' %}
After=opennsl-modules-3.16.0-5-amd64.service
After=opennsl-modules-3.16.0-6-amd64.service
{% elif sonic_asic_platform == 'nephos' %}
After=nps-modules-3.16.0-5-amd64.service
After=nps-modules-3.16.0-6-amd64.service
{% endif %}
[Service]

4
installer/x86_64/install.sh
View File

@ -570,11 +570,11 @@ menuentry '$demo_grub_entry' {
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_msdos
insmod ext2
linux /$image_dir/boot/vmlinuz-3.16.0-5-amd64 root=$grub_cfg_root rw $GRUB_CMDLINE_LINUX \
linux /$image_dir/boot/vmlinuz-3.16.0-6-amd64 root=$grub_cfg_root rw $GRUB_CMDLINE_LINUX \
loop=$image_dir/$FILESYSTEM_SQUASHFS loopfstype=squashfs \
apparmor=1 security=apparmor varlog_size=$VAR_LOG_SIZE usbcore.autosuspend=-1 $ONIE_PLATFORM_EXTRA_CMDLINE_LINUX
echo 'Loading $demo_volume_label $demo_type initial ramdisk ...'
initrd /$image_dir/boot/initrd.img-3.16.0-5-amd64
initrd /$image_dir/boot/initrd.img-3.16.0-6-amd64
}
EOF

6
platform/broadcom/sdk.mk
View File

@ -1,4 +1,6 @@
BRCM_OPENNSL_KERNEL = opennsl-modules-3.16.0-5-amd64_3.4.1.11-2_amd64.deb
$(BRCM_OPENNSL_KERNEL)_URL = "https://sonicstorage.blob.core.windows.net/packages/opennsl-modules-3.16.0-5-amd64_3.4.1.11-2_amd64.deb?sv=2015-04-05&sr=b&sig=xtf8nafmS1pcqx5hhBsfmLNSx2BeqmwN4Dwq5uwM1bo%3D&se=2031-11-16T21%3A54%3A27Z&sp=r"
# mock link here, need to be replaced by real link from MSFT
BRCM_OPENNSL_KERNEL = opennsl-modules-3.16.0-6-amd64_3.4.1.11-7_amd64.deb
$(BRCM_OPENNSL_KERNEL)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/opennsl-modules-3.16.0-6-amd64_3.4.1.11-7_amd64.deb?sv=2015-04-05&sr=b&sig=HGePoJSCcURIMW3bPRh5iXlx6z5SWiElmqD44mqUchI%3D&se=2155-08-28T16%3A31%3A48Z&sp=r"
SONIC_ONLINE_DEBS += $(BRCM_OPENNSL_KERNEL)

4
platform/broadcom/sonic-platform-modules-accton/as5712-54x/utils/README
View File

@ -39,7 +39,7 @@ User is not necessary to handle docker environment creation.
- Copy patches and series from patch/kernel of this release to
sonic-linux-kernel/patch.
- Build kernel by "make".
- The built kernel package, linux-image-3.16.0-5-amd64_3.16.51-3+deb8u1_amd64.deb
- The built kernel package, linux-image-3.16.0-6-amd64_3.16.51-3+deb8u1_amd64.deb
, is generated.
3. Build installer
- Change directory back to sonic-buildimage/.
@ -52,7 +52,7 @@ User is not necessary to handle docker environment creation.
The default user and password are "admin" & "YourPaSsWoRd" respectively.
- Run "make configure PLATFORM=broadcom"
- Copy the built kernel debian package to target/debs/.
The file is linux-image-3.16.0-5-amd64_*_amd64.deb under directory
The file is linux-image-3.16.0-6-amd64_*_amd64.deb under directory
src/sonic-linux-kernel/.
- Run "make target/sonic-generic.bin"
- Get the installer, target/sonic-generic.bin, to target machine and install.

4
platform/broadcom/sonic-platform-modules-accton/as7312-54x/utils/README
View File

@ -39,7 +39,7 @@ User is not necessary to handle docker environment creation.
- Copy patches and series from patch/kernel of this release to
sonic-linux-kernel/patch.
- Build kernel by "make".
- The built kernel package, linux-image-3.16.0-5-amd64_3.16.51-3+deb8u1_amd64.deb
- The built kernel package, linux-image-3.16.0-6-amd64_3.16.51-3+deb8u1_amd64.deb
, is generated.
3. Build installer
- Change directory back to sonic-buildimage/.
@ -52,7 +52,7 @@ User is not necessary to handle docker environment creation.
The default user and password are "admin" & "YourPaSsWoRd" respectively.
- Run "make configure PLATFORM=broadcom"
- Copy the built kernel debian package to target/debs/.
The file is linux-image-3.16.0-5-amd64_*_amd64.deb under directory
The file is linux-image-3.16.0-6-amd64_*_amd64.deb under directory
src/sonic-linux-kernel/.
- Run "make target/sonic-generic.bin"
- Get the installer, target/sonic-generic.bin, to target machine and install.

4
platform/broadcom/sonic-platform-modules-accton/as7716-32x/utils/README
View File

@ -39,7 +39,7 @@ User is not necessary to handle docker environment creation.
- Copy patches and series from patch/kernel of this release to
sonic-linux-kernel/patch.
- Build kernel by "make".
- The built kernel package, linux-image-3.16.0-5-amd64_3.16.51-3+deb8u1_amd64.deb
- The built kernel package, linux-image-3.16.0-6-amd64_3.16.51-3+deb8u1_amd64.deb
, is generated.
3. Build installer
- Change directory back to sonic-buildimage/.
@ -52,7 +52,7 @@ User is not necessary to handle docker environment creation.
The default user and password are "admin" & "YourPaSsWoRd" respectively.
- Run "make configure PLATFORM=broadcom"
- Copy the built kernel debian package to target/debs/.
The file is linux-image-3.16.0-5-amd64_*_amd64.deb under directory
The file is linux-image-3.16.0-6-amd64_*_amd64.deb under directory
src/sonic-linux-kernel/.
- Run "make target/sonic-generic.bin"
- Get the installer, target/sonic-generic.bin, to target machine and install.

14
platform/broadcom/sonic-platform-modules-accton/debian/control
View File

@ -7,35 +7,35 @@ Standards-Version: 3.9.3
Package: sonic-platform-accton-as7712-32x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: sonic-platform-accton-as5712-54x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: sonic-platform-accton-as7816-64x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: sonic-platform-accton-as7716-32x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: sonic-platform-accton-as7716-32xb
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: sonic-platform-accton-as7312-54x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: sonic-platform-accton-as7326-56x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp

2
platform/broadcom/sonic-platform-modules-arista/confs/arista-drivers.service
View File

@ -1,7 +1,7 @@
[Unit]
Description=Arista kernel modules init
After=local-fs.target
Before=opennsl-modules-3.16.0-5-amd64.service
Before=opennsl-modules-3.16.0-6-amd64.service
ConditionKernelCommandLine=Aboot
[Service]

2
platform/broadcom/sonic-platform-modules-arista/confs/gardena-watchdog-stop.service
View File

@ -1,7 +1,7 @@
[Unit]
Description=Disable the watchdog after boot
After=swss.service
After=opennsl-modules-3.16.0-5-amd64.service
After=opennsl-modules-3.16.0-6-amd64.service
ConditionKernelCommandLine=sid=Gardena
[Service]

2
platform/broadcom/sonic-platform-modules-arista/debian/control
View File

@ -21,7 +21,7 @@ Package: drivers-sonic-platform-arista
Architecture: amd64
Depends:
${misc:Depends},
linux-image-3.16.0-5-amd64
linux-image-3.16.0-6-amd64
Description: Arista kernel modules for arista platform devices such as fan, led, sfp, psu
Package: python-sonic-platform-arista

4
platform/broadcom/sonic-platform-modules-arista/utils/boot0
View File

@ -18,8 +18,8 @@
set -x
kernel=boot/vmlinuz-3.16.0-5-amd64
initrd=boot/initrd.img-3.16.0-5-amd64
kernel=boot/vmlinuz-3.16.0-6-amd64
initrd=boot/initrd.img-3.16.0-6-amd64
kernel_params=kernel-params
aboot_machine="arista_unknown"

2
platform/broadcom/sonic-platform-modules-cel/debian/control
View File

@ -7,6 +7,6 @@ Standards-Version: 3.9.3
Package: platform-modules-dx010
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp

4
platform/broadcom/sonic-platform-modules-dell/debian/control
View File

@ -7,11 +7,11 @@ Standards-Version: 3.9.3
Package: platform-modules-z9100
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: platform-modules-s6100
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp

6
platform/broadcom/sonic-platform-modules-delta/debian/control
View File

@ -7,15 +7,15 @@ Standards-Version: 3.9.3
Package: platform-modules-ag9032v1
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: platform-modules-ag9064
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: platform-modules-ag5648
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp

4
platform/broadcom/sonic-platform-modules-inventec/debian/control
View File

@ -7,11 +7,11 @@ Standards-Version: 3.9.3
Package: platform-modules-d7032q28b
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led
Package: platform-modules-d7054q28b
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led

2
platform/broadcom/sonic-platform-modules-mitac/debian/control
View File

@ -7,6 +7,6 @@ Standards-Version: 3.9.3
Package: sonic-platform-mitac-ly1200-32x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp

2
platform/broadcom/sonic-platform-modules-quanta/debian/control
View File

@ -7,6 +7,6 @@ Standards-Version: 3.9.3
Package: sonic-platform-quanta-ix1b-32x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as psu, led, sfp

2
platform/broadcom/sonic-platform-modules-s6000/debian/control
View File

@ -7,6 +7,6 @@ Standards-Version: 3.9.3
Package: platform-modules-s6000
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp

4
platform/centec/sonic-platform-modules-e582/debian/control
View File

@ -7,11 +7,11 @@ Standards-Version: 3.9.3
Package: platform-modules-e582-48x2q4z
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp
Package: platform-modules-e582-48x6q
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp

2
platform/mellanox/sdk.mk
View File

@ -1,4 +1,4 @@
MLNX_SDK_BASE_URL = https://github.com/Mellanox/SAI-Implementation/raw/5675ef1037813992cd234d3afcee43959e1ca4f6/sdk
MLNX_SDK_BASE_URL = https://github.com/Mellanox/SAI-Implementation/raw/dc2bafed31d0a84d9282d65bd94b5e20574d1a4d/sdk
MLNX_SDK_VERSION = 4.2.7303
MLNX_SDK_RDEBS += $(APPLIBS) $(IPROUTE2_MLNX) $(SX_ACL_RM) $(SX_COMPLIB) \
$(SX_EXAMPLES) $(SX_GEN_UTILS) $(SX_SCEW) $(SX_SDN_HAL) \

4
platform/nephos/sdk.mk
View File

@ -1,4 +1,4 @@
NEPHOS_NPS_KERNEL = nps-modules-3.16.0-5_2.0.3_3147dc_amd64.deb
$(NEPHOS_NPS_KERNEL)_URL = "https://github.com/NephosInc/SONiC/raw/master/sdk/nps-modules-3.16.0-5_2.0.3_3147dc_amd64.deb"
NEPHOS_NPS_KERNEL = nps-modules-3.16.0-6_2.0.3_3147dc_amd64.deb
$(NEPHOS_NPS_KERNEL)_URL = "https://github.com/NephosInc/SONiC/raw/master/sdk/nps-modules-3.16.0-6_2.0.3_3147dc_amd64.deb"
SONIC_ONLINE_DEBS += $(NEPHOS_NPS_KERNEL)

2
platform/nephos/sonic-platform-modules-accton/debian/control
View File

@ -7,5 +7,5 @@ Standards-Version: 3.9.3
Package: sonic-platform-accton-as7116-54x
Architecture: amd64
Depends: linux-image-3.16.0-5-amd64
Depends: linux-image-3.16.0-6-amd64
Description: kernel modules for platform devices such as fan, led, sfp

6
rules/linux-kernel.mk
View File

@ -1,9 +1,9 @@
# linux kernel package
KVERSION_SHORT = 3.16.0-5
KVERSION_SHORT = 3.16.0-6
KVERSION ?= $(KVERSION_SHORT)-amd64
KERNEL_VERSION = 3.16.51
KERNEL_SUBVERSION = 3+deb8u1
KERNEL_VERSION = 3.16.57
KERNEL_SUBVERSION = 2
export KVERSION_SHORT KVERSION KERNEL_VERSION KERNEL_SUBVERSION

2
src/sonic-linux-kernel

@ -1 +1 @@
Subproject commit 652f2592b90c2ae10064b9131b5217fbdde63526
Subproject commit dff16eb00bf3fc45c4b3cb4d557732ce7a64be17