From 8506826348c422be191599572404eab9af89638c Mon Sep 17 00:00:00 2001 From: Saikrishna Arcot Date: Wed, 21 Feb 2024 13:22:07 -0800 Subject: [PATCH] Update the database, teamd, and radv containers to Bookworm (#18108) * Update Redis DB start options for multi-asic and chassis cases Starting with Redis 7.0 (specifically, redis/redis#9034), setting a custom `--bind` address on the command line no longer disables protected mode (which blocks connections from non-localhost IP addresses unless a password is set). For multi-asic and chassis database DBs, we currently specify a non-localhost IP address and do not specify any password, which means this change would break things there. To work around this, if we are specifying a non-localhost IP address on the command line, then disable protected mode. * Clean up debug pacakge list for docker-teamd The debug pacakges for swss and libswsscommon are already installed by docker-swss-layer-bookworm and docker-config-engine-bookworm, so they don't need to be specified here again. Signed-off-by: Saikrishna Arcot --- .../Dockerfile.j2 | 2 +- dockers/docker-database/Dockerfile.j2 | 2 +- dockers/docker-database/supervisord.conf.j2 | 8 +++- .../docker-router-advertiser/Dockerfile.j2 | 2 +- dockers/docker-teamd/Dockerfile.j2 | 2 +- rules/docker-database.mk | 10 ++--- rules/docker-router-advertiser.mk | 11 +++-- rules/docker-teamd.mk | 13 +++--- rules/libteam.mk | 18 ++++---- src/libteam/Makefile | 43 +++++++++---------- .../0008-libteam-Add-warm_reboot-mode.patch | 8 ++-- .../0015-add-support-for-custom-retry.patch | 23 +++++----- .../0016-block-retry-count-changes.patch | 4 +- src/libteam/patch/series | 8 ++-- 14 files changed, 76 insertions(+), 78 deletions(-) diff --git a/dockers/docker-config-engine-bookworm/Dockerfile.j2 b/dockers/docker-config-engine-bookworm/Dockerfile.j2 index 9662c98ec9..f31f996aba 100644 --- a/dockers/docker-config-engine-bookworm/Dockerfile.j2 +++ b/dockers/docker-config-engine-bookworm/Dockerfile.j2 @@ -21,7 +21,7 @@ RUN apt-get install -y \ # Explicitly install pyangbind here, as pyangbind causes enum34 to be installed. # enum34 causes Python 're' package to not work properly as it redefines an incompatible enum.py module # https://github.com/robshakir/pyangbind/issues/232 -RUN pip3 install pyangbind==0.8.1 +RUN pip3 install pyangbind==0.8.2 RUN pip3 uninstall -y enum34 # Install python-redis diff --git a/dockers/docker-database/Dockerfile.j2 b/dockers/docker-database/Dockerfile.j2 index 3b0de019ef..b73762da59 100644 --- a/dockers/docker-database/Dockerfile.j2 +++ b/dockers/docker-database/Dockerfile.j2 @@ -1,5 +1,5 @@ {% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %} -FROM docker-config-engine-bullseye-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}} +FROM docker-config-engine-bookworm-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}} ARG docker_container_name diff --git a/dockers/docker-database/supervisord.conf.j2 b/dockers/docker-database/supervisord.conf.j2 index b71a4c59db..62909aae3d 100644 --- a/dockers/docker-database/supervisord.conf.j2 +++ b/dockers/docker-database/supervisord.conf.j2 @@ -31,12 +31,16 @@ dependent_startup=true {% if INSTANCES %} {% for redis_inst, redis_items in INSTANCES.items() %} [program:{{ redis_inst }}] -{% if redis_items['hostname'] != '127.0.0.1' and redis_inst != 'redis_chassis' %} +{% if redis_items['hostname'] != '127.0.0.1' %} +{%- set ADDITIONAL_OPTS = '--protected-mode no' %} +{%- if redis_inst != 'redis_chassis' %} {%- set LOOPBACK_IP = '127.0.0.1' -%} +{%- endif -%} {%- else -%} {%- set LOOPBACK_IP = '' -%} +{%- set ADDITIONAL_OPTS = '' %} {%- endif -%} -command=/bin/bash -c "{ [[ -s /var/lib/{{ redis_inst }}/dump.rdb ]] || rm -f /var/lib/{{ redis_inst }}/dump.rdb; } && mkdir -p /var/lib/{{ redis_inst }} && exec /usr/bin/redis-server /etc/redis/redis.conf --bind {{ LOOPBACK_IP }} {{ redis_items['hostname'] }} --port {{ redis_items['port'] }} --unixsocket {{ redis_items['unix_socket_path'] }} --pidfile /var/run/redis/{{ redis_inst }}.pid --dir /var/lib/{{ redis_inst }}" +command=/bin/bash -c "{ [[ -s /var/lib/{{ redis_inst }}/dump.rdb ]] || rm -f /var/lib/{{ redis_inst }}/dump.rdb; } && mkdir -p /var/lib/{{ redis_inst }} && exec /usr/bin/redis-server /etc/redis/redis.conf --bind {{ LOOPBACK_IP }} {{ redis_items['hostname'] }} --port {{ redis_items['port'] }} --unixsocket {{ redis_items['unix_socket_path'] }} --pidfile /var/run/redis/{{ redis_inst }}.pid --dir /var/lib/{{ redis_inst }} {{ ADDITIONAL_OPTS }}" priority=2 user=redis autostart=true diff --git a/dockers/docker-router-advertiser/Dockerfile.j2 b/dockers/docker-router-advertiser/Dockerfile.j2 index d36eb7efe8..3818453fb2 100644 --- a/dockers/docker-router-advertiser/Dockerfile.j2 +++ b/dockers/docker-router-advertiser/Dockerfile.j2 @@ -1,5 +1,5 @@ {% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %} -FROM docker-config-engine-bullseye-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}} +FROM docker-config-engine-bookworm-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}} ARG docker_container_name ARG image_version diff --git a/dockers/docker-teamd/Dockerfile.j2 b/dockers/docker-teamd/Dockerfile.j2 index 33cb3af924..b128a7c943 100644 --- a/dockers/docker-teamd/Dockerfile.j2 +++ b/dockers/docker-teamd/Dockerfile.j2 @@ -1,5 +1,5 @@ {% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %} -FROM docker-swss-layer-bullseye-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}} +FROM docker-swss-layer-bookworm-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}} ARG docker_container_name diff --git a/rules/docker-database.mk b/rules/docker-database.mk index 5fb0908358..c38f574afb 100644 --- a/rules/docker-database.mk +++ b/rules/docker-database.mk @@ -10,21 +10,21 @@ $(DOCKER_DATABASE)_DEPENDS += $(LIBSWSSCOMMON) \ $(DOCKER_DATABASE)_PATH = $(DOCKERS_PATH)/$(DOCKER_DATABASE_STEM) -$(DOCKER_DATABASE)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_BULLSEYE)_DBG_DEPENDS) +$(DOCKER_DATABASE)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_BOOKWORM)_DBG_DEPENDS) -$(DOCKER_DATABASE)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_BULLSEYE)_DBG_IMAGE_PACKAGES) +$(DOCKER_DATABASE)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_BOOKWORM)_DBG_IMAGE_PACKAGES) -$(DOCKER_DATABASE)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE_BULLSEYE) +$(DOCKER_DATABASE)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE_BOOKWORM) $(DOCKER_DATABASE)_VERSION = 1.0.0 $(DOCKER_DATABASE)_PACKAGE_NAME = database SONIC_DOCKER_IMAGES += $(DOCKER_DATABASE) -SONIC_BULLSEYE_DOCKERS += $(DOCKER_DATABASE) +SONIC_BOOKWORM_DOCKERS += $(DOCKER_DATABASE) SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_DATABASE) SONIC_DOCKER_DBG_IMAGES += $(DOCKER_DATABASE_DBG) -SONIC_BULLSEYE_DBG_DOCKERS += $(DOCKER_DATABASE_DBG) +SONIC_BOOKWORM_DBG_DOCKERS += $(DOCKER_DATABASE_DBG) SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_DATABASE_DBG) $(DOCKER_DATABASE)_CONTAINER_NAME = database diff --git a/rules/docker-router-advertiser.mk b/rules/docker-router-advertiser.mk index f7dec2430a..fc23a43192 100644 --- a/rules/docker-router-advertiser.mk +++ b/rules/docker-router-advertiser.mk @@ -6,12 +6,11 @@ DOCKER_ROUTER_ADVERTISER_DBG = $(DOCKER_ROUTER_ADVERTISER_STEM)-$(DBG_IMAGE_MARK $(DOCKER_ROUTER_ADVERTISER)_PATH = $(DOCKERS_PATH)/$(DOCKER_ROUTER_ADVERTISER_STEM) -$(DOCKER_ROUTER_ADVERTISER)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_BULLSEYE)_DBG_DEPENDS) -$(DOCKER_ROUTER_ADVERTISER)_DBG_DEPENDS += $(RADVD_DBG) +$(DOCKER_ROUTER_ADVERTISER)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_BOOKWORM)_DBG_DEPENDS) -$(DOCKER_ROUTER_ADVERTISER)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_BULLSEYE)_DBG_IMAGE_PACKAGES) +$(DOCKER_ROUTER_ADVERTISER)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_BOOKWORM)_DBG_IMAGE_PACKAGES) -$(DOCKER_ROUTER_ADVERTISER)_LOAD_DOCKERS = $(DOCKER_CONFIG_ENGINE_BULLSEYE) +$(DOCKER_ROUTER_ADVERTISER)_LOAD_DOCKERS = $(DOCKER_CONFIG_ENGINE_BOOKWORM) $(DOCKER_ROUTER_ADVERTISER)_VERSION = 1.0.0 $(DOCKER_ROUTER_ADVERTISER)_PACKAGE_NAME = radv @@ -28,8 +27,8 @@ ifeq ($(INCLUDE_ROUTER_ADVERTISER), y) SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_ROUTER_ADVERTISER_DBG) endif -SONIC_BULLSEYE_DOCKERS += $(DOCKER_ROUTER_ADVERTISER) -SONIC_BULLSEYE_DBG_DOCKERS += $(DOCKER_ROUTER_ADVERTISER_DBG) +SONIC_BOOKWORM_DOCKERS += $(DOCKER_ROUTER_ADVERTISER) +SONIC_BOOKWORM_DBG_DOCKERS += $(DOCKER_ROUTER_ADVERTISER_DBG) $(DOCKER_ROUTER_ADVERTISER)_CONTAINER_NAME = radv $(DOCKER_ROUTER_ADVERTISER)_RUN_OPT += -t diff --git a/rules/docker-teamd.mk b/rules/docker-teamd.mk index 275fe1c063..6d29e0f7e4 100644 --- a/rules/docker-teamd.mk +++ b/rules/docker-teamd.mk @@ -6,14 +6,13 @@ DOCKER_TEAMD_DBG = $(DOCKER_TEAMD_STEM)-$(DBG_IMAGE_MARK).gz $(DOCKER_TEAMD)_PATH = $(DOCKERS_PATH)/$(DOCKER_TEAMD_STEM) -$(DOCKER_TEAMD)_DEPENDS += $(SWSS) $(LIBTEAMDCTL) $(LIBTEAM_UTILS) -$(DOCKER_TEAMD)_DBG_DEPENDS = $($(DOCKER_SWSS_LAYER_BULLSEYE)_DBG_DEPENDS) -$(DOCKER_TEAMD)_DBG_DEPENDS += $(SWSS_DBG) $(LIBSWSSCOMMON_DBG) +$(DOCKER_TEAMD)_DEPENDS += $(LIBTEAMDCTL) $(LIBTEAM_UTILS) +$(DOCKER_TEAMD)_DBG_DEPENDS = $($(DOCKER_SWSS_LAYER_BOOKWORM)_DBG_DEPENDS) $(DOCKER_TEAMD)_DBG_DEPENDS += $(LIBTEAMDCTL_DBG) $(LIBTEAM_UTILS_DBG) -$(DOCKER_TEAMD)_DBG_IMAGE_PACKAGES = $($(DOCKER_SWSS_LAYER_BULLSEYE)_DBG_IMAGE_PACKAGES) +$(DOCKER_TEAMD)_DBG_IMAGE_PACKAGES = $($(DOCKER_SWSS_LAYER_BOOKWORM)_DBG_IMAGE_PACKAGES) -$(DOCKER_TEAMD)_LOAD_DOCKERS += $(DOCKER_SWSS_LAYER_BULLSEYE) +$(DOCKER_TEAMD)_LOAD_DOCKERS += $(DOCKER_SWSS_LAYER_BOOKWORM) $(DOCKER_TEAMD)_VERSION = 1.0.0 $(DOCKER_TEAMD)_PACKAGE_NAME = teamd @@ -41,5 +40,5 @@ $(DOCKER_TEAMD)_RUN_OPT += -v /host/warmboot:/var/warmboot $(DOCKER_TEAMD)_BASE_IMAGE_FILES += teamdctl:/usr/bin/teamdctl $(DOCKER_TEAMD)_FILES += $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT) -SONIC_BULLSEYE_DOCKERS += $(DOCKER_TEAMD) -SONIC_BULLSEYE_DBG_DOCKERS += $(DOCKER_TEAMD_DBG) +SONIC_BOOKWORM_DOCKERS += $(DOCKER_TEAMD) +SONIC_BOOKWORM_DBG_DOCKERS += $(DOCKER_TEAMD_DBG) diff --git a/rules/libteam.mk b/rules/libteam.mk index 0dd1b88b09..e2bf726315 100644 --- a/rules/libteam.mk +++ b/rules/libteam.mk @@ -1,32 +1,34 @@ # libteam packages -LIBTEAM_VERSION = 1.30-1 +LIBTEAM_VERSION := 1.31 +LIBTEAM_VERSION_FULL := $(LIBTEAM_VERSION)-1 export LIBTEAM_VERSION +export LIBTEAM_VERSION_FULL -LIBTEAM = libteam5_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb +LIBTEAM = libteam5_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb $(LIBTEAM)_SRC_PATH = $(SRC_PATH)/libteam $(LIBTEAM)_DEPENDS += $(LIBNL_GENL3_DEV) $(LIBNL_CLI_DEV) SONIC_MAKE_DEBS += $(LIBTEAM) -LIBTEAM_DBG = libteam5-dbgsym_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb +LIBTEAM_DBG = libteam5-dbgsym_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb $(eval $(call add_derived_package,$(LIBTEAM),$(LIBTEAM_DBG))) -LIBTEAM_DEV = libteam-dev_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb +LIBTEAM_DEV = libteam-dev_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb $(LIBTEAM_DEV)_DEPENDS += $(LIBTEAMDCTL) $(eval $(call add_derived_package,$(LIBTEAM),$(LIBTEAM_DEV))) -LIBTEAMDCTL = libteamdctl0_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb +LIBTEAMDCTL = libteamdctl0_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb $(eval $(call add_derived_package,$(LIBTEAM),$(LIBTEAMDCTL))) -LIBTEAMDCTL_DBG = libteamdctl0-dbgsym_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb +LIBTEAMDCTL_DBG = libteamdctl0-dbgsym_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb $(eval $(call add_derived_package,$(LIBTEAM),$(LIBTEAMDCTL_DBG))) -LIBTEAM_UTILS = libteam-utils_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb +LIBTEAM_UTILS = libteam-utils_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb $(LIBTEAM_UTILS)_DEPENDS += $(LIBTEAMDCTL) $(eval $(call add_derived_package,$(LIBTEAM),$(LIBTEAM_UTILS))) -LIBTEAM_UTILS_DBG = libteam-utils-dbgsym_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb +LIBTEAM_UTILS_DBG = libteam-utils-dbgsym_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb $(eval $(call add_derived_package,$(LIBTEAM),$(LIBTEAM_UTILS_DBG))) # The .c, .cpp, .h & .hpp files under src/{$DBG_SRC_ARCHIVE list} diff --git a/src/libteam/Makefile b/src/libteam/Makefile index 0c98c0ce48..fa34d30eea 100644 --- a/src/libteam/Makefile +++ b/src/libteam/Makefile @@ -2,35 +2,32 @@ SHELL = /bin/bash .SHELLFLAGS += -e -MAIN_TARGET = libteam5_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb -DERIVED_TARGETS = libteam-dev_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb \ - libteamdctl0_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb \ - libteam-utils_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb \ - libteam5-dbgsym_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb \ - libteamdctl0-dbgsym_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb \ - libteam-utils-dbgsym_$(LIBTEAM_VERSION)_$(CONFIGURED_ARCH).deb +MAIN_TARGET = libteam5_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb +DERIVED_TARGETS = libteam-dev_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb \ + libteamdctl0_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb \ + libteam-utils_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb \ + libteam5-dbgsym_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb \ + libteamdctl0-dbgsym_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb \ + libteam-utils-dbgsym_$(LIBTEAM_VERSION_FULL)_$(CONFIGURED_ARCH).deb $(addprefix $(DEST)/, $(MAIN_TARGET)): $(DEST)/% : - # Obtain libteam - rm -rf ./libteam - git clone https://github.com/jpirko/libteam.git - pushd ./libteam - git checkout -b teamd -f c7237377dead39ae4a711297203bacf7edb9fa41 + # Remove any stale files + rm -rf ./libteam-$(LIBTEAM_VERSION) - # Apply patch series + # Get libteam release, debian files + dget -u https://deb.debian.org/debian/pool/main/libt/libteam/libteam_$(LIBTEAM_VERSION_FULL).dsc + pushd ./libteam-$(LIBTEAM_VERSION) + + # Create a git repository here for stg to apply patches + git init + git add -f * + git commit -qm "initial commit" + + # Apply patches stg init stg import -s ../patch/series - popd - # Obtain debian packaging - git clone https://salsa.debian.org/debian/libteam.git tmp - pushd ./tmp - git checkout -f debian/1.30-1 - popd - - mv tmp/debian libteam/ - rm -rf tmp - pushd ./libteam + # Build source and Debian packages ifeq ($(CROSS_BUILD_ENVIRON), y) dpkg-buildpackage -rfakeroot -b -us -uc -a$(CONFIGURED_ARCH) -Pcross,nocheck -j$(SONIC_CONFIG_MAKE_JOBS) --admindir $(SONIC_DPKG_ADMINDIR) else diff --git a/src/libteam/patch/0008-libteam-Add-warm_reboot-mode.patch b/src/libteam/patch/0008-libteam-Add-warm_reboot-mode.patch index 397ee85659..c1a8abcd10 100644 --- a/src/libteam/patch/0008-libteam-Add-warm_reboot-mode.patch +++ b/src/libteam/patch/0008-libteam-Add-warm_reboot-mode.patch @@ -667,7 +667,7 @@ index 955ef0c..782fc05 100644 teamd_log_info("%s: Changed port state: \"%s\" -> \"%s\"", lacp_port->tdport->ifname, lacp_port_state_name[lacp_port->state], -@@ -1097,34 +1402,23 @@ static int lacpdu_send(struct lacp_port *lacp_port) +@@ -1097,32 +1402,21 @@ static int lacpdu_send(struct lacp_port *lacp_port) return err; } @@ -691,11 +691,9 @@ index 955ef0c..782fc05 100644 - if (!teamd_port_present(lacp_port->ctx, lacp_port->tdport)) - return 0; -- if (!lacpdu_check(&lacpdu)) { -+ if (!lacpdu_check(lacpdu)) { - teamd_log_warn("malformed LACP PDU came."); +- if (!lacpdu_check(&lacpdu)) ++ if (!lacpdu_check(lacpdu)) return 0; - } + /* save received lacp pdu frame */ + (void)memcpy(&lacp_port->last_pdu, lacpdu, sizeof(struct lacpdu)); diff --git a/src/libteam/patch/0015-add-support-for-custom-retry.patch b/src/libteam/patch/0015-add-support-for-custom-retry.patch index f8bee7dec7..9bf8d95954 100644 --- a/src/libteam/patch/0015-add-support-for-custom-retry.patch +++ b/src/libteam/patch/0015-add-support-for-custom-retry.patch @@ -64,7 +64,7 @@ index 6b43916..3e8a0f6 100644 } static bool lacpdu_check(struct lacpdu *lacpdu) -@@ -100,14 +123,31 @@ static bool lacpdu_check(struct lacpdu *lacpdu) +@@ -100,12 +123,31 @@ static bool lacpdu_check(struct lacpdu *lacpdu) /* * According to 43.4.12 version_number, tlv_type and reserved fields * should not be checked. @@ -74,33 +74,32 @@ index 6b43916..3e8a0f6 100644 + * need to be checked. */ -- if (lacpdu->subtype != 0x01 || -- lacpdu->actor_info_len != 0x14 || +- if (lacpdu->actor_info_len != 0x14 || - lacpdu->partner_info_len != 0x14 || - lacpdu->collector_info_len != 0x10 || -- lacpdu->terminator_info_len != 0x00) -+ if (lacpdu->subtype != 0x01) -+ return false; +- lacpdu->terminator_info_len != 0x00) { + if (lacpdu->version_number == 0x01) { + if (lacpdu->actor_info_len != 0x14 || + lacpdu->partner_info_len != 0x14 || + lacpdu->collector_info_len != 0x10 || -+ lacpdu->v1.terminator_info_len != 0x00) ++ lacpdu->v1.terminator_info_len != 0x00) { ++ teamd_log_warn("malformed LACPv1 PDU came."); + return false; ++ } + } else if (lacpdu->version_number == 0xf1) { + if (lacpdu->actor_info_len != 0x14 || + lacpdu->partner_info_len != 0x14 || + lacpdu->collector_info_len != 0x10 || + lacpdu->v2.actor_retry_tlv_len != 0x04 || + lacpdu->v2.partner_retry_tlv_len != 0x04 || -+ lacpdu->v2.terminator_info_len != 0x00) ++ lacpdu->v2.terminator_info_len != 0x00) { ++ teamd_log_warn("malformed LACPv241 PDU came."); + return false; ++ } + } else { + teamd_log_warn("malformed LACP PDU came."); return false; -+ } - return true; - } - + } @@ -154,6 +194,10 @@ struct lacp { #define LACP_CFG_DFLT_MIN_PORTS_MAX 1024 enum lacp_agg_select_policy agg_select_policy; diff --git a/src/libteam/patch/0016-block-retry-count-changes.patch b/src/libteam/patch/0016-block-retry-count-changes.patch index d784795950..40a0a996b2 100644 --- a/src/libteam/patch/0016-block-retry-count-changes.patch +++ b/src/libteam/patch/0016-block-retry-count-changes.patch @@ -58,8 +58,8 @@ index 3e8a0f6..b6a8647 100644 int err; + struct timespec monotonic_time = {0}; - if (!lacpdu_check(lacpdu)) { - teamd_log_warn("malformed LACP PDU came."); + if (!lacpdu_check(lacpdu)) + return 0; @@ -1523,14 +1529,38 @@ static int lacpdu_process(struct lacp_port *lacp_port, struct lacpdu* lacpdu) lacp_port->partner_retry_count, lacpdu->v2.actor_retry_count); diff --git a/src/libteam/patch/series b/src/libteam/patch/series index 889320ec65..7dc1e0a76c 100644 --- a/src/libteam/patch/series +++ b/src/libteam/patch/series @@ -1,13 +1,13 @@ 0001-libteam-Temporarily-remove-redundant-debug-messages.patch 0002-teamd-lacp-runner-will-send-lacp-update-right-after-.patch 0003-libteam-Add-fallback-support-for-single-member-port-.patch -0004-Skip-setting-the-same-hwaddr-to-lag-port-to-avoid-di.patch +#0004-Skip-setting-the-same-hwaddr-to-lag-port-to-avoid-di.patch 0005-Increase-default-buffer-size-from-98304-to-983040.patch 0006-teamd-Administratively-shutdown-port-channel-has-mem.patch -0007-Send-LACP-PDU-immediately-if-our-state-changed.patch +#0007-Send-LACP-PDU-immediately-if-our-state-changed.patch 0008-libteam-Add-warm_reboot-mode.patch -0009-Fix-ifinfo_link_with_port-race-condition-with-newlink.patch -0010-When-read-of-timerfd-returned-0-don-t-consider-this-.patch +#0009-Fix-ifinfo_link_with_port-race-condition-with-newlink.patch +#0010-When-read-of-timerfd-returned-0-don-t-consider-this-.patch 0011-Remove-extensive-debug-output.patch 0012-Increase-min_ports-upper-limit-to-1024.patch 0013-set-port-to-disabled-state-during-removal.patch