This is a fix for PR [kernel] Change grub cmdline to set c-states to 0 for "Intel" CPUs by shlomibitton · Pull Request #6051 · sonic-net/sonic-buildimage (github.com)
The original PR will disable intel idle driver but it cannot limit the max c-state to 1 due to system will fall back to acpi idle driver.
Currently intel_idle.max_cstate=0 is already present, which will disable intel idle driver. With the added option, common idle driver will be disabled as well, so there will not be idle management. This is to prevent a bug that can be triggered by idle instruction on intel platform.
Work item tracking
Microsoft ADO (number only): 24867921
#### Why I did it
src/sonic-snmpagent
```
* 64f0def - (HEAD -> 202012, origin/202012) Support interface speed for PortChannels (#262) (2 days ago) [Lukas Stockner]
```
#### Why I did it
src/sonic-dbsyncd
```
* d6b2000 - (HEAD -> 202012, origin/202012) Fix the LLDP_LOC_CHASSIS not getting populated if no remote neighbors are present (#39) (#58) (7 months ago) [abdosi]
* 0f8d503 - Use github code scanning instead of LGTM (#55) (8 months ago) [Liu Shilong]
```
### Why I did it
Upgrade the SAI version to 4.3.12.2 to include the following changes:
- 4.3.10.2: [JIRA SONIC-68535][CSP CS00012273299] sai_query_attribute_capability for obj type SAI_OBJECT_TYPE_SWITCH
- 4.3.11.2: [JIRA SONIC-76883][CSP CS00012303308] SDK-367579: Skip flex port check when in iBodSync context
- 4.3.12.2: [JIRA SONIC-76472][CSP CS00012299690] Source suppressed broadcast packets count on interface TX discard statistics
##### Work item tracking
- Microsoft ADO **(number only)**: 24962692
#### How I did it
Upgrade the SAI version in sai.mk file.
#### How to verify it
Run SONiC basic test in SAI release pipeline: https://dev.azure.com/mssonic/internal/_build/results?buildId=361078&view=results
ADO: 25136360
#### Why I did it
sonic-mgmt component test failed
#### How I did it
Change the order of components in platform file.
#### How to verify it
Run sonic-mgmt component API test scripts
- Why I did it
The recent change #15685 (comment) removed the db migration for non first reboots.
This is problematic for many deployments which doesn't rely on ZTP and push a custom config_db.json
Port to older branches after #15685 is ported back
- How I did it
Re-introduce the logic to run the db_migrator on non-first boots
- How to verify it
Verified reboot and warm-reboot cases
Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
Why I did it
Cherry-Pick #11926 into 202012
Work item tracking
Microsoft ADO (17850717):
How I did it
Create patch file to avoid notify race between io and main pthreads.
How to verify it
PR test, physical DUT for bgp related regression tests.
#### Why I did it
When an exception happens during `get_change_event` it brings the process invoking it down.
##### Work item tracking
- Microsoft ADO **(number only)**: 24599154
#### How I did it
This is a backport of #16112
Handle exceptions gracefully within `get_change_event`
#### Description for the changelog
Ignore poll errors during get_event_change on Arista devices
Cherry pick of #15685
MSFT ADO: 24274591
#### Why I did it
Two changes:
### 1 Fix a day1 issue, where check to wait until `CONFIG_DB_INITIALIZED` is incorrect.
There are multiple places where same incorrect logic is used.
Current logic (`until [[ $($SONIC_DB_CLI CONFIG_DB GET "CONFIG_DB_INITIALIZED") ]];`) will always result in pass, irrespective of the result of GET operation.
```
root@str2-7060cx-32s-29:~# sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED"
1
root@str2-7060cx-32s-29:~# until [[ $(sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED") ]]; do echo "entered here"; done
root@str2-7060cx-32s-29:~#
root@str2-7060cx-32s-29:~#
root@str2-7060cx-32s-29:~# sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED"
0
root@str2-7060cx-32s-29:~# until [[ $(sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED") ]]; do echo "entered here"; done
root@str2-7060cx-32s-29:~#
```
Fix this logic by checking for value of flag to be "1".
```
root@str2-7060cx-32s-29:~# until [[ $(sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED") -eq 1 ]]; do echo "entered here"; done
entered here
entered here
entered here
```
This gap in logic was highlighted when another fix was merged: https://github.com/sonic-net/sonic-buildimage/pull/14933
The issue being fixed here caused warmboot-finalizer to not wait until config-db is initialized.
### 2 Set and unset CONFIG_DB_INITIALIZED for warm-reboot case
Currently, during warm shutdown `CONFIG_DB_INITIALIZED`'s value is stored in redis db backup. This is restored back when the dump is loaded during warm-recovery.
So the value of `CONFIG_DB_INITIALIZED` does not depend on config db's state, however it remain what it was before reboot.
Fix this by setting `CONFIG_DB_INITIALIZED` to 0 as when the DB is loaded, and set it to 1 after db_migrator is done.
ADO: 24709703
#### Why I did it
sonic-mgmt platform testcases failed.
#### How I did it
Implement platform API 2.0.
#### How to verify it
Run sonic-mgmt tests.
#### Why I did it
src/sonic-utilities
```
* 7fe50faa - (HEAD -> 202012, origin/202012) UT change: for db_migrator test do not check for RESTAPI cert values (#2919) (6 minutes ago) [Vaibhav Hemant Dixit]
```
#### Why I did it
src/linkmgrd
```
* 3f89fce - (HEAD -> 202012, origin/202012) [202012] Use Vlan MAC as src MAC for link prober by default #93 (#209) (6 weeks ago) [Jing Zhang]
```
Why I did it
[E1031] fix pca9548 initializes failed occasionally in stress test.
When failure happened, ismt i2c bus hang up and need power cycle to
recover it.
How I did it
Add 0.5s delay between setuping and configuring pca9548 i2c mux.
How to verify it
Reboot stress test at least 100 times without failure.
Why I did it
Use remote PR test template from sonic-mgmt master to run PR test.
How I did it
Modify PR test azure pipeline yml file.
How to verify it
PR test executing normally.
Signed-off-by: Chun'ang Li <chunangli@microsoft.com>
### Why I did it
On 202012 images, there is an issue that certain reload causes are not cleared after reading and the uncleared causes may confuse the following reboot-cause reading after warm-reboot to master/202305.
##### Work item tracking
- Microsoft ADO **(number only)**: 24378183
#### How I did it
Clear the reload cause even in the case that it is determined as not important.
#### How to verify it
1) Cold-boot to 202012
2) Warm-reboot to master
3) Check the reboot cause is 'warm-reboot' by 'show reboot-cause'
### Why I did it
Upgrade SAI version to 4.3.8.1 to include the following change:
- CS00012288297: Fix TX queue for control packets
##### Work item tracking
- Microsoft ADO **(number only)**: 24669269
#### How I did it
Upgrade the SAI version in sai.mk file
* [Build] Fix the PyYang python package installation issue (#15890)
Why I did it
Fix the armhf build failure.
How to reproduce the issue:
docker run -it debain:bullseye bash
apt-get update && apt-get install -y python3-pip
pip3 install PyYAML==5.4.1
Error message:
Collecting PyYAML==5.4.1
Installing build dependencies ... done
Getting requirements to build wheel ... error
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 /tmp/tmp6xabslgb_in_process.py get_requires_for_build_wheel /tmp/tmp_er01ztl
....
raise AttributeError(attr)
AttributeError: cython_sources
----------------------------------------
WARNING: Discarding d63f2d7597/PyYAML-5.4.1.tar.gz (sha256)=607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e (from https://pypi.org/simple/pyyaml/) (requires-python:>=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*). Command errored out with exit status 1: /usr/bin/python3 /tmp/tmp6xabslgb_in_process.py get_requires_for_build_wheel /tmp/tmp_er01ztl Check the logs for full command output.
ERROR: Could not find a version that satisfies the requirement PyYAML==5.4.1
ERROR: No matching distribution found for PyYAML==5.4.1
root@fa2fa92edcfd:/#
But if adding the option --no-build-isolation, then it is good, see fix.
install "PyYAML==5.4.1" --no-build-isolation
The same error can be found in the multiple builds.
Work item tracking
Microsoft ADO (number only): 24567457
How I did it
Add a build option --no-build-isolation.
* Fix docker-platform-monitor python2 issue
* Fix wheel dependency issue
* Fix wheel dependency issue
* Fix the pip2 PyYAML in host image
#### Why I did it
cherry pick, #15535
Graceful restart is a key event for bgpd, related log print is debug level. To change it to info level to get more visibilities when this kind of event is triggered.
##### Work item tracking
- Microsoft ADO **(13875291)**:
#### How I did it
To create patch file to change from debug level to info level.
#### How to verify it
To run PR test and capture the print.
Fix libtacsupport.so can't parse tacplus_nss.conf issue and not reset server list before parse config file issue.
##### Work item tracking
- Microsoft ADO **(number only)**: 24433713
#### Why I did it
1. Fix libtacsupport.so can't parse tacplus_nss.conf correctly issue:
Support debug=on setting.
Support put server address and secret in same row.
2. Fix the parse_config_file method not reset server list before parse config file issue.
#### How I did it
Fix libtacsupport.so can't parse tacplus_nss.conf issue and not reset server list before parse config file issue.
#### How to verify it
UT with CUnit cover all code in this plugin.
Also pass all current UT.
#### Which release branch to backport (provide reason below if selected)
N/A
#### Tested branch (Please provide the tested image version)
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
- [ ] SONiC.202012-15723.312602-e230e2d3e
#### Description for the changelog
Fix libtacsupport.so can't parse tacplus_nss.conf issue and not reset server list before parse config file issue.
This pull request integrate audisp-tacplus to SONiC for per-command accounting.
##### Work item tracking
- Microsoft ADO **(number only)**: 24433713
#### Why I did it
To support TACACS per-command accounting, we integrate audisp-tacplus project to sonic.
#### How I did it
1. Add auditd service to SONiC
2. Port and patch audisp-tacplus to SONiC
#### How to verify it
UT with CUnit to cover all new code in usersecret-filter.c
Also pass all current UT.
#### Tested branch (Please provide the tested image version)
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
- [ ] SONiC.202012-15723.312602-e230e2d3e
#### Description for the changelog
Add audisp-tacplus for per-command accounting.
sonic-utilities submodule update
#### Why I did it
sonic-utilities submodule update:
```
399b1e3 2023-07-06 [202012][Show][BGP] Show BGP Change for no neighbor scenario (#2886)
7b47641 2023-07-10 [[202012] [TACACS+] Add config command for AAA authorization and accounting. (#1889)
```
##### Work item tracking
- Microsoft ADO **(number only)**:24433713
#### How I did it
Update sonic-utilities submodule.
#### How to verify it
Pass all test case.
#### Tested branch (Please provide the tested image version)
- [ ] SONiC.202012-15703.306864-1ef589c19
This pull request add Config DB schema and HostCfg Enforcer plugin to support TACACS+ per-command authorization&accounting.
##### Work item tracking
- Microsoft ADO **(number only)**: 24433713
#### Why I did it
Support TACACS per-command authorization&accounting.
#### How I did it
Change ConfigDB schema and HostCfg enforcer.
Add UT to cover changed code.
#### How to verify it
Build following project and pass all UTs:
make target/python-wheels/sonic_host_services-1.0-py3-none-any.whl
#### Which release branch to backport (provide reason below if selected)
N/A
#### Tested branch (Please provide the tested image version)
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
- [ ] SONiC.202012-15723.309781-38d8852cd
#### Description for the changelog
Add Config DB schema and HostCfg Enforcer plugin to support TACACS+ per-command authorization&accounting.
This pull request extract tacacs support functions into library to share TACACS config file parse code with other project. Also fix memory leak issue in parse config code.
#### Why I did it
To support TACACS per command authorization, we need reuse the TACACS config file parse code in bash plugin project.
##### Work item tracking
- Microsoft ADO **(number only)**: 24433713
#### How I did it
Add libtacsupport.pc.in to extract tacacs support functions into library.
Fix memory leak issue in TACACS config parse code by convert the dynamic memory allocation memory to static memory allocation.
#### How to verify it
Pass all current UT.
Check shared library generated manually.
#### Tested branch (Please provide the tested image version)
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
- [ ] SONiC.202012-15703.306864-1ef589c19
#### Description for the changelog
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
Backport #15461
#### Why I did it
* To fix `hiredis` compilation
#### How I did it
* Changed package version: `0.14.0-3~bpo9+1` -> `0.14.1-1`
#### How to verify it
1. make configure PLATFORM=mellanox
2. make target/sonic-mellanox.bin
#### Tested branch (Please provide the tested image version)
- [X] 202012 <!-- image version 1 -->
Why I did it
Refine PR test template format.
How I did it
Refine PR test template format.
How to verify it
PR test executed normally.
Signed-off-by: Chun'ang Li <chunangli@microsoft.com>
Cherry pick PR for https://github.com/sonic-net/sonic-host-services/pull/62
#### Why I did it
Fix the issue https://github.com/sonic-net/sonic-buildimage/issues/10883.
##### Work item tracking
- Microsoft ADO **(17795594)**:
#### How I did it
For performance reason, libswsscommon is not thread safe by design.
caclmgrd share config DB connection cross thread, so change to use new db connector in child thread.
#### How to verify it
Load scale ipv4/ipv6 rules and verify if caclmgrd is crashed
#### Why I did it
Aikido FPD update, power CPLD version display under fwutil CLI and fix for cpu lockup causing telemetry container crash or system reboot
##### Work item tracking
- Microsoft ADO **(number only)**: 24174212
#### How I did it
update cisco module to 202012.3.1.1
BACKPORT OF https://github.com/sonic-net/sonic-buildimage/pull/14925
#### Why I did it
ISSU version check fails due to inability to mount squashfs from 202211 on 201911
#### How I did it
Put ISSU version file under platform directory
#### How to verify it
202012 (with [202012][mlnx-ffb.sh] Update issu-version location #14927) to master
This reverts commit 02b17839c3.
Reverts #14933
The earlier commit caused a race condition that particularly broke cross branch warm upgrade.
Issue happens when db_migrator is still migrating the DB and finalizer is checking DB for list of components to reconcile.
If migration is not complete, finalizer get an empty list to wait for. Due to this, finalizer concludes warmboot (deletes system wide warmboot flag) and cause all the services to do cold restart.
ADO: 24274591
#### Why I did it
fix possible cpld race read issue between watchdog and reboot cause process
##### Work item tracking
- Microsoft ADO **(number only)**:
#### How I did it
Use flock to limit parallel access to cpld sys file
#### How to verify it
It can be simulate and verified with following python script
```python3
import signal
import subprocess
import threading
exit_flag = False
def run_command(cmd):
status = True
result = ""
try:
p = subprocess.Popen(
cmd, shell=True, universal_newlines=True,
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
raw_data, err = p.communicate()
if err == '':
result = raw_data.strip()
except:
status = False
return status, result
def get_cpld_reg_value(getreg_path, register):
#cmd = "echo {1} > {0}; cat {0}".format(getreg_path, register)
cmd = "flock {0} -c 'echo {1} > {0}; cat {0}'".format(getreg_path,
register)
status, result = run_command(cmd)
return result if status else None
def cpld_read(thread_num, cpld_reg):
while not exit_flag:
val
= get_cpld_reg_value("/sys/devices/platform/dx010_cpld/getreg",
cpld_reg)
print(f"Thread {thread_num}: get cpld reg {cpld_reg}, value
{val}")
def signal_handler(sig, frame):
global exit_flag
print("Ctrl+C detected. Quitting...")
exit_flag = True
if __name__ == '__main__':
# Register the signal handler for Ctrl+C
signal.signal(signal.SIGINT, signal_handler)
t1 = threading.Thread(target=cpld_read, args=(1, '0x103',))
t2 = threading.Thread(target=cpld_read, args=(2, '0x141',))
t1.start()
t2.start()
t1.join()
t2.join()
```
Why I did it
Fix all mirror is commented out in sources.list in slave image issue. It will have an issue when installing more packages in the slave container.
It will add additional space character after running add-apt-repository command.
For example:
The original config in /etc/apt/sources.list
#deb [arch=amd64] http://deb.debian.org/debian/ bullseye main contrib non-free
Run the following command:
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian bullseye stable"
Then the setting changed to: (added a new space character after #)
# deb [arch=amd64] http://deb.debian.org/debian/ bullseye main contrib non-free
How I did it
Fix the regex string to add the space pattern. After fixed, whether there is a space character or not, it will not be an issue.
How to verify it
Co-authored-by: xumia <59720581+xumia@users.noreply.github.com>
