Commit Graph

1871 Commits

Author SHA1 Message Date
Volodymyr Samotiy
fd8d678927
[Mellanox] Update SDK/FW to 4.5.4150/2010.4150 (#13480)
- Why I did it
To include latest fixes and new functionality

SDK/FW
1. Fixed bug in recovery mechanism in case of I2C error when trying to access the XSFP module.
2. On the NVIDIA Spectrum-2 switch, when receiving a packet with Symbol Errors on ports that are configured to cut-thought mode, a pipeline might get stuck.
3. On the Spectrum-2 and Spectrum-3 switch, if you enable ECN marking and the port is in split mode, traffic sent to the port under congestion (for example, when connecting two ports with a total speed of 50GbE to a single 25GbE port) is not marked.
4. Modifying existing entry/Adding new one when switch is at its maximum capacity (full by maximum allowed entries from any type such as routes, FDB, and so forth), will fail with an error.
5. When many ports are active (e.g., 70 ports up), and the configuration of shared buffer is applied on the fly, occasionally, the firmware might get stuck.
6. When a system has more than 256 ACL rules, on rare occasion, removing/adding rules may cause some ACL rules not to work.
7. On SN2201 system, on RJ45 port, the link might appear in 'down' state even if it operations properly.
8. Layer 4 port information is not initialized for BFD packet event. To address the issue, remote peer UDP port information was added in BFD packet event.
9. When setting LAG as a SPAN analyzer, the distributor mode of the LAG members was not taken into account. It may happen that the LAG member with distributor mode disabled will be set as a SPAN analyzer port.

- How I did it
Updated SDK/SAI submodule and relevant makefiles with the required versions.

- How to verify it
Build an image and run tests from "sonic-mgmt".

Signed-off-by: Volodymyr Samotiy <volodymyrs@nvidia.com>
2023-01-26 12:41:22 +02:00
DavidZagury
4cc84c68dc
[Mellanox] Improve FW upgrade logging (#13465)
- Why I did it
To improve ASIC FW upgrade logging and have information about the cause of FW update failure in the log.

- How I did it
Added syslog logger support

In case the FW update has failed the update tool will give the cause of the failure in the output in the last line, starting with "Fail".
When running the tool, in case of a failed update, we will parse the output to retrieve the cause and log it.

Device #1:
 ----------
 
 Device Type:      ConnectX6DX
   Part Number:      MCX623106AN-CDA_Ax
   Description:      ConnectX-6 Dx EN adapter card; 100GbE; Dual-port QSFP56; PCIe 4.0/3.0 x16;
   PSID:             MT_0000000359
   PCI Device Name:  /dev/mst/mt4125_pciconf0
   Base GUID:        0c42a103007d22d4
   Base MAC:         0c42a17d22d4
   Versions:         Current        Available     
      FW             22.32.0498     22.32.0498    
      PXE            3.6.0500       3.6.0500      
      UEFI           14.25.0015     14.25.0015    
 
 Status:           Forced update required
 
---------
 Found 1 device(s) requiring firmware update...
 
Device #1: Updating FW ...     
 FSMST_INITIALIZE -   OK          
 Writing Boot image component -   OK          
 Fail : The Digest in the signature is wrong

- How to verify it
mlnx-fw-upgrade.sh --upgrade
2023-01-25 20:53:39 +02:00
Lior Avramov
9a49aec570
[Mellanox] [ECMP calculator] Add script usage and more information to script description in help option (#13493)
Add script usage and more information to script description being printed in help option.

- Why I did it
Missing information in script description in help option.

- How I did it
Expand script description and add script usage.

- How to verify it
Run the script with -h option.
2023-01-25 20:50:38 +02:00
Marty Y. Lok
fd3966a0b8
[Nokia][sonic-platform] Update sonic-platform submodule for Nokia IXR7250E platform (#13437)
Why I did it
Update Nokia sonic-platform submodule

81a9c77  [Supervisor] Modifed the get_description to fix the name for Nokia-IXR7250E-SUP-10 card.
e49ddfb Fix the LedContorlCommon to get the physical index from port mapping
dd143f1 [module] modify the chassis.py and module.py to allow supervisor to retrieve the line card eemprom info
How I did it
Update Nokia sonic-platform submodule

81a9c77  [Supervisor] Modifed the get_description to fix the name for Nokia-IXR7250E-SUP-10 card.
e49ddfb Fix the LedContorlCommon to get the physical index from port mapping
dd143f1 [module] modify the chassis.py and module.py to allow supervisor to retrieve the line card eemprom info
How to verify it
On supervisor, "show chassis module status" should show Nokia-IXR7250E-SUP-10 instead of Nokia-IXR7250-SUP-10

Signed-off-by: mlok <marty.lok@nokia.com>
2023-01-24 11:40:59 -08:00
Dror Prital
940e2cd9bf
[Mellanox] Add ASIC simulation version tag to fw.mk (#13470)
Signed-off-by: dprital <drorp@nvidia.com>
2023-01-23 13:30:02 +02:00
Marty Y. Lok
e1f0d7650e
[Nokia][sonic-platform] Update sonic-platform submodule for Nokia IXR7250E (#13145)
fcb45b5 Add MDIPC channel cleanup code at signal-based termination time and don't precache in get_presence unless required
8984b3d Properly synchronize transceiver module presence globally

Signed-off-by: mlok <marty.lok@nokia.com>

Signed-off-by: mlok <marty.lok@nokia.com>
2023-01-18 15:47:02 -08:00
Samuel Angebault
dfaf379e27
[Arista] Update platform library submodules (#13398)
- add module reboot APIs for chassis
- add supervisor module on linecard (fixes show chassis module midplane-status)
- improve RTC update mechanism and sync every 10 mins
- fix sbtsi temp sensor presence/thresholds
- fix Mineral status leds
- remove thermal object on xcvrs
- misc fixes
2023-01-18 10:03:48 -08:00
Jemston Fernando
892f26556c
[platform]: Fix Belgite platform issues (#13389)
As part of platform hardening this commit fixes several platform issues
in various components like PSU, FAN, Temperature, LED.
2023-01-18 10:00:07 -08:00
Ikki Zhu
4539035e90
[Seastone] Enhancement fix for PR12200 syseeprom issue (#13344)
Why I did it
[Seastone] Enhancement fix for PR12200 syseeprom issue.

How I did it
Enhance the fix through replace the hardcoded devnum to bash variable

How to verify it
show platform syseeprom or decode-syseeprom
2023-01-12 23:51:33 -08:00
pettershao-ragilenetworks
bce4aa1412
[ragile] adapter for kernel 5.x (#10762)
Why I did it
Ragile adapter ra-b6510-32c ra-b6510-48v8c ra-b6910-64c ra-b6920-4s to kernel 5.x

Signed-off-by: “pettershao” pettershao@ragilenetworks.com
2023-01-12 18:01:47 -08:00
Kebo Liu
7873a9131d
[Mellanox] Skip the leftover hardware reboot cause in case of last boot is warm/fast reboot (#13246)
- Why I did it
In case of warm/fast reboot, the hardware reboot cause will NOT be cleared because CPLD will not be touched in this flow. To not confuse the reboot cause determine logic, the leftover hardware reboot cause shall be skipped by the platform API, platform API will return the 'REBOOT_CAUSE_NON_HARDWARE' instead of the "hardware" reboot cause.

- How I did it
Check the proc cmdline to see whether the last reboot is a warm or fast reboot, if yes skip checking the leftover hardware reboot cause.

- How to verify it
a. Manual test:
    - Perform a power loss
    - Perform a warm/fast reboot
    - Check the reboot cause should be "warm-reboot" or "fast-reboot" instead of "power loss"
b. Run reboot cause related regression test.

Signed-off-by: Kebo Liu <kebol@nvidia.com>
2023-01-11 16:50:46 +02:00
Richard.Yu
689f7d2c43
[SAI-PTF][BFN]Enable saiserver test container on bfn container (#13166)
Why I did it
Enable Test sai api on bfn container with a lightweight container(saiserver).

How I did it
enable saiserver container on barefoot platform.

add docker-saiserver-bfn.mk for building saiserver container
in platform/barefoot/docker-saiserver-bfn, add necessary files that needs in saiserver container
How to verify it
Tested on Intel platform ec9516

Signed-off-by: richardyu-ms <richard.yu@microsoft.com>

Signed-off-by: richardyu-ms <richard.yu@microsoft.com>
2023-01-06 11:45:03 +08:00
Richard.Yu
3ebdaefa8c
[SAIServer]Upgrade SAI server init script (#13175) (#13227) (#13232)
Why I did it
why
In order to apply different config across different platform, and use the code with a unified format, reuse syncd init script to init saiserver.

How I did it
how
Reuse syncd init script

How to verify it
Test
Test in DUT s6000 and dx010 with sonic 202205
2023-01-06 11:44:34 +08:00
Mai Bui
06e1a0bc14
[device/dell] Mitigation for security vulnerability (#11875)
Dependency: [PR (#12065)](https://github.com/sonic-net/sonic-buildimage/pull/12065) needs to merge first.

#### Why I did it
`commands` module is not protected against malicious input
`getstatusoutput` is detected without a static string, uses `shell=True`
#### How I did it
Eliminate the use of `commands`
Use `subprocess.run()`, commands in `subprorcess.run()` are totally static
Fix indentation
#### How to verify it
Tested on DUT
[dell_log.txt](https://github.com/sonic-net/sonic-buildimage/files/9561332/dell_log.txt)
2023-01-05 16:22:09 -08:00
Rida Hanif
f1e84f9cd8
[gns3]: modify SONiC VS image name (#13136)
Modified sonic.gns3.sh file by changing name of VS image from "image" to "img"
2023-01-03 10:02:10 -08:00
Yoush
e7600ff79d
[centec]: reference to v1.11.0-1 sai debian package for master (#13206) 2023-01-03 09:53:46 -08:00
Santhosh Kumar T
e83aa15f30
[DellEMC] Fixing 'show interface status' break in DellEMC platforms (#13021)
When a non-root user tries to run 'show interface status' command, the command got break as 2.0 API throws permission denied error.
2022-12-20 12:38:09 -08:00
Junchao-Mellanox
2126def04e
[infra] Support syslog rate limit configuration (#12490)
- Why I did it
Support syslog rate limit configuration feature

- How I did it
Remove unused rsyslog.conf from containers
Modify docker startup script to generate rsyslog.conf from template files
Add metadata/init data for syslog rate limit configuration

- How to verify it
Manual test
New sonic-mgmt regression cases
2022-12-20 10:53:58 +02:00
Vadym Hlushko
1a5889ade7
[SFP] Change logging severity when failed to read EEPROM (#13011)
- Why I did it
In order to prevent the sonic-mgmt/tests/platform_tests/sfp/test_sfputil.py test failing on the log analyzer step.

The mentioned test is performing the sfputil reset EthernetX for every interface on the SONiC switch, this action will flap the SFP device status (INSTERTED -> REMOVED -> INSTERTED).

The SONiC XCVRD daemon will catch this SFP device status change (because it is monitoring the presence status of the cable).
To judge the cable presence status, currently, we are still leveraging to read the first bytes of the EEPROM, and the EEPROM could be not ready at some moment and the SONiC XCVRD daemon will print the error log to Syslog:

ERR pmon#xcvrd: Error! Unable to read data for 'xx' port, page 'xx' offset 128, rc = 1, err msg: Sending access register

- How I did it
Change logging severity from ERR to WARNING

- How to verify it
Run the sonic-mgmt/tests/platform_tests/sfp/test_sfputil.py

OR much faster way to run the next script on the switch:

#!/bin/bash

START=0
END=248

for (( intf=$START; intf<=$END; intf+=8))
do
    sfputil reset Ethernet"${intf}"
done

sfputil show presence
2022-12-20 10:05:45 +02:00
Kebo Liu
d6ee7f08c2
[Mellanox] change the implementation of is_host() to fix a stuck issue on simx platform (#13100)
- Why I did it
Following code to judge whether a process is running inside a docker could get stuck on the simx platform

subprocess.Popen(["docker", "--version"],
                                stdout=subprocess.PIPE,
                                stderr=subprocess.STDOUT,
                                universal_newlines=True)
When it gets stuck, the config-chassisdb service can not be successfully started, thus the system can not be booted up.

root@sonic:/# service config-chassisdb status
     config-chassisdb.service - Config chassis_db
     Loaded: loaded (/lib/systemd/system/config-chassisdb.service; enabled; vendor preset: enabled)
     Active: activating (start) since Thu 2022-12-15 09:23:02 UTC; 29min ago
   Main PID: 571 (config-chassisd)
      Tasks: 14 (limit: 9501)
     Memory: 132.4M
     CGroup: /system.slice/config-chassisdb.service
                        ├─571 /bin/bash /usr/bin/config-chassisdb
			├─575 /usr/bin/python3 /usr/local/bin/sonic-cfggen -H -v DEVICE_METADATA.localhost.platform
			├─602 /bin/sh -c sudo decode-syseeprom -m
			├─603 sudo decode-syseeprom -m
			├─607 /usr/bin/python3 /usr/local/bin/decode-syseeprom -m
			├─616 /bin/sh -c docker --version 2>/dev/null
			└─617 docker --version

- How I did it
Use an alternative way to implement this function and issue can be avoided:

docker_env_file = '/.dockerenv'
return os.path.exists(docker_env_file) is False

- How to verify it
run regression on real hardware and simx platform.
2022-12-20 10:00:11 +02:00
tianshangfei
b65e06f998
two platforms supporting S3IP SYSFS (TCS8400, TCS9400) (#12386)
Why I did it
Add two platform that support s3IP framework

How I did it
Add two platforms supporting S3IP SYSFS (TCS8400, TCS9400)

How to verify it
Manual test
2022-12-18 16:16:53 +08:00
FSSec
bb09ebe977
[FS][arm64] support new boars s5800-48t4s and s5800-48t8s-mars8p (#12994)
Adding platform support for FS s5800-48t4s and s5800-48t8s-mars8p.

Both s5800-48t4s and s5800-48t8s-mars8p have 48 * 10/100/1000 Base-T ports, 4 * 10GE SFP+ Ports on Centec TsingMa.
s5800-48t4s is different from s5800-48t8s-mars8p in that:

The phy chip used by s5800-48t4s is Marvell 88e1680;
The phy chip used by s5800-48t4s-mars8p is Centec ctc21108;
2022-12-17 14:48:02 -08:00
FuzailBrcm
8788f1cc0f
[pddf]: fix Observing the following error while running 'sfputil show lpmode' command. (#12636)
Why I did it
Fixes #12634

Observing the following error while running 'sfputil show lpmode' command.
AttributeError: 'Sfp' object has no attribute 'get_power_set'

Root Cause: get_power_set() is defined for QSFP28 and QSFP+ i.e. Sff8636 and Sff8634. However, the function is not defined in the optoe_base class.

How I did it
To use get_power_set(), we need to initialise the 'api' via get_xcvr_api() and then use it to run get_power_set().
2022-12-17 14:42:15 -08:00
FuzailBrcm
abc8ed8a79
[pddf]: Adding PDDF common framework enhancements. (#12863)
- Consolidating multiple read functions in a PSU driver on the basis of byte, word or block read,
- Enhancing PDDF parsing script support for CPU and PCH temperature reading,
- Adding missing methods in PDDF common APIs

Why I did it
- PSU driver changes are to optimize the code and increase the code coverage
- PDDF parser script enhancements to accommodate the CPU and PCH temp reading using hwmon device path
- Some of the new APIs were missing from the PDDF common platform classes

How I did it
Added code changes and verified them on AS7816 adn AS7726 platforms.
2022-12-17 14:36:52 -08:00
tianshangfei
a2885b31ed
The CPLD and FPGA driver framework module complies with s3ip sysfs specification (#12891)
Why I did it
Provide CPLD and FPGA driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-16 22:05:53 +08:00
Lior Avramov
bb2e7685c8
[Mellanox] Update ECMP calculator README (#13051)
Why I did it
Update ECMP calculator README file with new instructions how to run the calculator.

How I did it
Update README file.

How to verify it
Read README file.
2022-12-15 09:47:33 +02:00
Saikrishna Arcot
d57de0987a
Keep custom rsyslog file for docker-sonic-vs (#13056)
docker-sonic-vs doesn't have the infra needed for the syslog rate limit
configuration, so it's not going to be rendering jinja templates to
overwrite /etc/rsyslog.conf. This also means that syslog messages would
get logged twice (because both the default /etc/rsyslog.conf file and
/etc/rsyslog.d/50-default.conf are telling it to log to syslog).

Therefore, keep the custom static /etc/rsyslog.conf file for docker-sonic-vs.

Fixes sonic-net/sonic-swss#2570.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2022-12-14 16:49:37 -08:00
tianshangfei
de4506dbf6
The build project of s3ip frameworkk (#12896)
Why I did it
The build project of s3ip framework

How I did it
How to verify it
2022-12-14 22:36:08 +08:00
tianshangfei
ea807d7d0b
The demo driver complies with s3ip sysfs specification,which use the s3ip kernel framework (#12895)
Why I did it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification

How I did it
1、 demo driver will call the s3ip kernel framework interface

How to verify it
run the demo ,it will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:35:33 +08:00
tianshangfei
f7d80e63db
The user framework module complies with s3ip sysfs specification (#12894)
Why I did it
The user framework module complies with s3ip sysfs specification

How I did it
1、 create a s3ip_sysfs service
2、 the s3ip_sysfs service call the “s3ip_sysfs_tool.sh” to install kernel module and run s3ip_load.py
3、 s3ip_load.py will parse the s3ip_sysfs_conf.json configuration file and create /sys_switch/ directory

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:34:55 +08:00
tianshangfei
8fe4fab89f
The slot and switch_rootsysfs driver framework module complies with s3ip sysfs specification (#12893)
Why I did it
Provide slot and switch_rootsysfs driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:34:27 +08:00
tianshangfei
8f124dc56d
The LED and watchdog driver framework module complies with s3ip sysfs specification (#12892)
Why I did it
Provide SYSLED and watchdog driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:33:52 +08:00
tianshangfei
0ca8282f40
The Sensor driver framework module complies with s3ip sysfs specification (#12890)
Why I did it
Provide a sensor driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:32:37 +08:00
tianshangfei
92a33e4847
The Transceiver driver framework module complies with s3ip sysfs specification (#12889)
Why I did it
Provide a transceiver driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:29:45 +08:00
tianshangfei
422196a72a
The FAN driver framework module complies with s3ip sysfs specification (#12888)
Why I did it
Provide a Fan driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:29:24 +08:00
tianshangfei
d8f41e1179
The PSU driver module complies with s3ip sysfs specification (#12887)
Why I did it
Provide a PSU driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:28:53 +08:00
Dmytro Lytvynenko
5550c5da08
[BFN]: Implement getting psu related sensors in sonic_platform directly from BMC (#12786)
Why I did it
Platform interface doesn't provide all sensors and using it isn't effective

How I did it
Request sensors via http from BMC server and parse the result

How to verify it
Related daemon in pmon populates redis db, run this command to view the contents
2022-12-14 22:21:36 +08:00
Junchao-Mellanox
9590339d69
[Mellanox] Remove TODO comments which are no longer needed (#13023)
- Why I did it
Remove TODO comments which are no longer needed

- How I did it
Remove TODO comments which are no longer needed

- How to verify it
Only comment change
2022-12-14 09:57:48 +02:00
Konstantin Vasin
dfc73fc8bd
[build] use real wget for SAI_FLAGS (#12665)
Why I did it

We download libsaibcm.deb every time when we use make to build.
That's because we use build hook but not real wget to get hash for SAI_FLAGS.
As a result we also call curl for libsaibcm.deb inside of function download_packages.

How I did it
Add SKIP_BUILD_HOOK=y to use real wget instead of build hook.

How to verify it
I redirected all requests to proxy to log them (1st column is timing).

Without fix (curl, curl , wget):

1668034736.348 0 CONNECT sonicstorage.blob.core.windows.net:443
1668034831.997 40064209 GET https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm_7.1.17.4_amd64.deb
1668034832.601 0 CONNECT sonicstorage.blob.core.windows.net:443
1668034833.212 113911 GET https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm-dev_7.1.17.4_amd64.deb
1668034833.831 0 CONNECT sonicstorage.blob.core.windows.net:443
1668034834.030 549 HEAD https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm_7.1.17.4_amd64.deb
1668034834.235 547 HEAD https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm-dev_7.1.17.4_amd64.deb

Fixed version (only wget):

1668034973.199 0 CONNECT sonicstorage.blob.core.windows.net:443
1668034973.339 549 HEAD https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm_7.1.17.4_amd64.deb
1668034973.501 547 HEAD https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm-dev_7.1.17.4_amd64.deb

Signed-off-by: Konstantin Vasin <k.vasin@yadro.com>
2022-12-13 23:28:00 -08:00
Kalimuthu-Velappan
0dc22bd27c
05.Version cache - docker dpkg caching support (#12005)
This feature caches all the deb files during docker build and stores them
into version cache.

It loads the cache file if already exists in the version cache and copies the extracted
deb file from cache file into Debian cache path( /var/cache/apt/archives).

The apt-install always installs the deb file from the cache if exists, this
avoid unnecessary package download from the repo and speeds up the overall build.

The cache file is selected based on the SHA value of version dependency
files.

Why I did it
How I did it
How to verify it


* 03.Version-cache - framework environment settings

It defines and passes the necessary version cache environment variables
to the caching framework.

It adds the utils script for shared cache file access.

It also adds the post-cleanup logic for cleaning the unwanted files from
the docker/image after the version cache creation.

* 04.Version cache - debug framework

Added DBGOPT Make variable to enable the cache framework
scripts in trace mode. This option takes the part name of the script to
enable the particular shell script in trace mode.

Multiple shell script names can also be given.

	Eg: make DBGOPT="image|docker"

Added verbose mode to dump the version merge details during
build/dry-run mode.
	Eg: scripts/versions_manager.py freeze -v \
		'dryrun|cmod=docker-swss|cfile=versions-deb|cname=all|stage=sub|stage=add'

* 05.Version cache - docker dpkg caching support

This feature caches all the deb files during docker build and stores them
into version cache.

It loads the cache file if already exists in the version cache and copies the extracted
deb file from cache file into Debian cache path( /var/cache/apt/archives).

The apt-install always installs the deb file from the cache if exists, this
avoid unnecessary package download from the repo and speeds up the overall build.

The cache file is selected based on the SHA value of version dependency
files.
2022-12-12 09:20:56 +08:00
Mai Bui
51a1eb112b
[device/celestica] Mitigation for command injection vulnerability (#11740)
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [PR (#12065)](https://github.com/sonic-net/sonic-buildimage/pull/12065) needs to merge first.
#### Why I did it
1. `eval()` - not secure against maliciously constructed input, can be dangerous if used to evaluate dynamic content. This may be a code injection vulnerability.
2. `subprocess()` - when using with `shell=True` is dangerous. Using subprocess function without a static string can lead to command injection.
3. `os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content.
4. `is` operator - string comparison should not be used with reference equality.
5. `globals()` - extremely dangerous because it may allow an attacker to execute arbitrary code on the system
#### How I did it
1. `eval()` - use `literal_eval()`
2. `subprocess()` - use `shell=False` instead. use an array string. Ref: [https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation](https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation)
3. `os` - use with `subprocess`
4. `is` - replace by `==` operator for value equality
5. `globals()` - avoid the use of globals()
2022-12-09 10:30:20 -05:00
Andriy Kokhan
ffad305fd3
[BFN] Added watchdog platform plugin (#12995)
Why I did it
Initial implementation of Watchdog platform plugin for BMC-based boards

How I did it
How to verify it
Run platform_tests/test_reload_config.py
2022-12-08 21:56:40 +08:00
hari-selvam
d993444883
[sflow]: Unblocked psample_*() function calls in BRCM ESW platforms for proper functionality of sflow feature (#12918)
*Replaced BRCM SDK's psample support flag(PSAMPLE_SUPPORT) with linux kernel psample module support config flag(CONFIG_PSAMPLE) in saibcm-modules.
*Replaced BUILD_PSAMPLE conditioanl check with CONFIG_PSAMPLE to build psample callback library(psample-cb.o), only if psample config is enabled in linux kernel.
*Cleaned up PSAMPLE_SUPPORT related commented code.

Signed-off-by: haris@celestica.com

Signed-off-by: haris@celestica.com
2022-12-07 17:14:34 -08:00
Dmytro Lytvynenko
0711aea3aa
[bfn]: Fix sigterm processing (#12952)
Why I did it
SIGTERM takes more than 10 seconds to be processed, so psud is stopped by SIGKILL, this causes unexpected behavior since data base is not cleared

How I did it
Decorate get_presence api to cancel it on SIGTERM signal in order to avoid long processing.

How to verify it
test_pmon_psud_stop_and_start_status
test_pmon_psud_term_and_start_status
2022-12-06 23:38:23 -08:00
Samuel Angebault
19ec89b830
[Arista] Update platform library submodules (#12967)
- add reboot cause support for linecards
- add back a Wolverine variant removed by mistake
- misc fixes and improvements
2022-12-06 23:34:59 -08:00
Mykhailo Onipko
586d715f17
[BFN] Update BFN sdk to SAI 1.11.0 (#12945)
Why I did it
SONiC moved to SAI 1.11.0

How I did it
Build package with SAI 1.11.0

How to verify it
Ran sanity for all included profiles
2022-12-06 16:47:31 +08:00
Marty Y. Lok
f2ece3a4fc
[Nokia]Update Nokia platform submodule for Nokia-IXR7250E platform (#12876)
1d53bf4 Skip platform NDK health check two times in watchdog.sh
d68297c Added code to shutdown the channel after the grpc call also fixed the show fp-status command
0769efe Impelemented the module API to return the correct eeprom info for fabric card.
171569c Remove explicit logger identifier for transceiver module operations; use inherited id
6c4d651 Corrected the log messages for firmware install

Signed-off-by: mlok <marty.lok@nokia.com>
2022-12-05 11:38:52 -08:00
Ikki Zhu
64e7fff7c7
[Platform/Seastone]: fix syseeprom tlv read issue (#12200)
Why I did it
Fix Seastone syseeprom tlv header read incorrect issue

How I did it
Set mux idle_state

How to verify it
i2cdump -y -f 12 0x50 i
2022-12-05 09:49:43 -08:00
Lior Avramov
e5808020a7
Add ECMP calculator tool (#12482)
- Why I did it
Added ECMP calculator tool.

- How I did it
New files were added.

- How to verify it
Manual tests performed according to tests chapter in HLD
Automated tests will be added by verification.
2022-12-04 17:14:25 +02:00
LuiSzee
cd12486316
[centec][arm64] fix tsingma bsp compile error (#12774)
fix centec arm64 tsingma bsp compile error caused by linux kernel api change
2022-12-03 23:05:59 -08:00