#### Why I did it
src/sonic-linux-kernel
```
* b6fd1ba - (HEAD -> master, origin/master, origin/HEAD) arm64: dts: marvell: Add DTS for 7215-IXS-A1 board (#378) (4 hours ago) [Pavan-Nokia]
* bab1510 - Disable small sector erase size for UBIFS on flash (#382) (8 hours ago) [Mridul Bajpai]
```
#### How I did it
#### How to verify it
#### Description for the changelog
### Why I did it
Added YANG related changes for adding `dom_polling` field in PORT table of CONFIG_DB. This field can be set with `config interface transceiver dom PORT_NAME (enable|disable)` CLI.
The `dom_polling` field was added through https://github.com/sonic-net/sonic-utilities/pull/3187. Please refer to this PR for the details on the reason for adding `dom_polling` field.
### How I did it
Added `dom_polling` field to CONFIG_DB PORT table.
#### How to verify it
Added unit tests for both valid and invalid options for controlling `dom_polling`.
Valid values for for `dom_polling` are `enabled` and `disabled`
Any other value is treated as an invalid value
### Why I did it
BGP monitor asn is 0 in production, and we should have test to cover this configuration.
### How I did it
Update sonic-config-engine unit test, BGP monitor uses asn 0.
#### How to verify it
Run sonic-config-engine unit test.
Why I did it
When we change k8s script file to trigger k8s master image build, there's error reported.
/agent/_work/_temp/433f6aca-4fd0-4a79-898e-49d7d0fc7465.sh: line 19: unexpected EOF while looking for matching `''
The main reason is something wrong with passing k8s_options variable(in file template-skipvstest.yml) to build pipeline. Need to fix and improve the passing variable process.
Work item tracking
Microsoft ADO (number only): 25063800
How I did it
Separate the job of checking if k8s image build is needed from skipvstest checking job
Build a VHDX k8s master image for convenient
How to verify it
No error found when k8s master image build is triggered
We have a VHDX k8s master image in the build result.
#### Why I did it
src/sonic-platform-daemons
```
* 8a5ca2b - (HEAD -> master, origin/master, origin/HEAD) Add deterministic link bring-up feature for SFF compliant modules (#383) (2 days ago) [longhuan-cisco]
* a591c8a - [ycabled][build] Fix sonic_ycabled build failure in Bookworm (#432) (2 days ago) [Arun Saravanan Balachandran]
```
#### How I did it
#### How to verify it
#### Description for the changelog
ptf-py3 0.9.3 couldn't compile on bookworm
Update ptf-py3 to latest release.
How to verify it
Verify the build and installation is successful in bookworm, buster and bullseye environment
Test docker-ptf.gz is built properly.
Ran sonic-mgmt tests with this docker-ptf.gz
Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
Why I did it
Update Nokia-7215-A1 platform to address UT and OC test failures.
Update platform init and build files
Microsoft ADO: 27111894
How I did it
Identify failed test cases from OC run on arm64-nokia_ixs7215_52xb-r0 (Nokia-7215-A1) platform and fix bugs
How to verify it
Build a Marvell-arm64 target for Nokia-7215-A1
Run this image on arm64-nokia_ixs7215_52xb-r0 and verify all dockers are up and test basic commands like:
show version
show platform summary
show platform syseeprom
show platform fan
show platform psustatus
show platform firmware status
show platform temperature
show platform ssdhealth
Verify ports are up using "show interface status" command
Run unit tests and OC test cases.
set_route_by_linux_route() is not called by any function within this repo and its submodules, checked on 202106 branch and master branch
git grep --recurse-submodules "set_route_by_linux_route"
src/iccpd/src/mlacp_link_handler.c:static void set_route_by_linux_route(struct CSM* csm,
src/iccpd/src/mlacp_link_handler.c: /*set_route_by_linux_route(csm, set_l3_local_if, 1);*/ /*add static route by linux route tool*/
src/iccpd/src/mlacp_link_handler.c: /*set_route_by_linux_route(csm, set_l3_local_if, 0);*/ /*del static route by linux route tool*/
Microsoft ADO (number only): 27008034
Remove unused function set_route_by_linux_route()
Signed-off-by: Mai Bui <maibui@microsoft.com>
#### Why I did it
src/sonic-sairedis
```
* bb948f6 - (HEAD -> master, origin/master, origin/HEAD) Check MDIO server thread joinable before join the thread (#1342) (18 hours ago) [Jiahua Wang]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/dhcpmon
```
* 22a7467 - (HEAD -> master, origin/master, origin/HEAD) Fix revert (#21) (9 hours ago) [kellyyeh]
* b1d890a - Revert DHCP Counter (#20) (24 hours ago) [kellyyeh]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/dhcprelay
```
* 84e4419 - (HEAD -> master, origin/master, origin/HEAD) Revert DHCPv6 Counter (#48) (24 hours ago) [kellyyeh]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-linux-kernel
```
* 45295bf - (HEAD -> master, origin/master, origin/HEAD) Fix the issue with signed kernel compilation for ARM64 architecture (#381) (54 minutes ago) [Oleksandr Ivantsiv]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Why I did it
pkgs.k8s.io: Introducing Kubernetes Community-Owned Package Repositories | Kubernetes
For 1.22.2 k8s packages, source repo has been deprecated, going to store these packages in sonic build storage for installation to mitigate the issue. Will migrate to new repo when we are ready to upgrade k8s version.
Work item tracking
Microsoft ADO (number only): 27075924
How I did it
Store the 1.22.2 k8s package in sonic build storage and install the package there.
How to verify it
"apt list" to check if it's installed.
Improve nss-tacplus TACACS connect timeout
#### Why I did it
TACACS login usually config multiple server, when a high priority server not reachable or high lantency, remote user login will slowly, also run SUDO command will slowly.
To improve this issue, enable read timeout in nss-tacplus.
### How I did it
Enable read timeout in nss-tacplus.
#### How to verify it
Pass all UT.
### Description for the changelog
Improve nss-tacplus TACACS connect timeout.
#### Why I did it
src/sonic-platform-daemons
```
* 8829614 - (HEAD -> master, origin/master, origin/HEAD) Enable periodic polling of TRANSCEIVER_FIRMWARE_INFO table in DomInfoUpdateTask (#443) (10 minutes ago) [mihirpat1]
* 55b5805 - Combine psu presence/status update with data update (#424) (9 hours ago) [Yuanzhe]
```
#### How I did it
#### How to verify it
#### Description for the changelog
### Why I did it
When try to install k8s gpg file, there reports an error.
- "E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation curl: (23) Failed writing body".
To fix error we need to install gunpg package. But apt-key add is going to be deprecated, mv the gpg file to /etc/apt/trusted.gpg.d/ directly
### How I did it
Download k8s gpg file and put it in /etc/apt/trusted.gpg.d/
#### How to verify it
We can install k8s gpg file successfully, but no gnupg package installed inside sonic image.
#### Why I did it
src/sonic-mgmt-common
```
* fbb5fcd - (HEAD -> master, origin/master, origin/HEAD) Script to populate the test data to the simulator db (10 hours ago) [Sachin Holla]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-platform-common
```
* 56921d8 - (HEAD -> master, origin/master, origin/HEAD) File system based sensors implementation for voltage and current sensors (#426) (21 hours ago) [Mridul Bajpai]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Why I did it
We Nokia took the task to make macsec container to work with bookworm.
This PR requires another PR for sonic-wpa-supplicant(sonic-net/sonic-wpa-supplicant#80) to be in first. Otherwise sonic build will fail for bookworm wpasupplicant debian package.
How I did it
How to verify it
After build and boot up system with new image, macsec container should run with bookworm. Corresponding mgmt macsec suite will work here.
Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
Tested with latest master of sonic-buildimage. Built vs image and loaded into vs testing environment. Code pass with macsec test suites.
Description for the changelog
Make macsec container to build with bookworm
- Why I did it
Adding explicit dependency of libnl-route-3 for Mellanox SAI library. This is required for the latest SAI library.
- How I did it
Modifying Make files
- How to verify it
Building with the changes.
- Why I did it
Error messages occured when trying to read PSU files on init:
ERR pmon#psud: Failed to read from file /var/run/hw-management/power/psu1_volt_out2_capability - FileNotFoundError(2, 'No such file or directory')
This can happen when the power cord is disconnected from the PSU, so some PSU files may be absent, e.g.:
/var/run/hw-management/power/psu2_volt_out2
/var/run/hw-management/power/psu2_volt_out2_capability
- How I did it
Check if a file exists for a specific PSU parameter If not, return None so we can't read the PSU file any further
- How to verify it
Disconnect power cord from PSU and power supply from system
Wait few minutes and then connect power supply to system without power cord
Check logs for errors
Signed-off-by: Oleksandra Bella <oleksandrab@nvidia.com>
- Why I did it
Changing LPMODE timing is different between cables.
We want to add functionality to make sure LPMODE has changed.
For that, the wait_until utility is used and every 1 second (until timeout), it will check with lower-layers what is the current Lpmode.
Once it is the expected mode, set_lpmode() functino will return True.
If after seconds, Lpmode is still not in the expected mode, set_lpmode() function will return False.
- How I did it
Add use of wait_until function to make sure lpmode was changed.
- How to verify it
sfputil lpmode on
sfputil lpmode off
#### Why I did it
src/sonic-platform-common
```
* 3d35404 - (HEAD -> master, origin/master, origin/HEAD) Certain VDM fields not populating after encountering KeyError on 400ZR optics (#442) (34 hours ago) [mihirpat1]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-platform-daemons
```
* b9e6ba5 - (HEAD -> master, origin/master, origin/HEAD) Updated supported CMIS module types in xcvrd to include new module for SPC4 (#440) (25 hours ago) [Tomer Shalvi]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-sairedis
```
* d770370 - (HEAD -> master, origin/master, origin/HEAD) [asan] Disable the "maybe-uninitialized" warning when compiled with ASAN enabled. (#1360) (30 hours ago) [Oleksandr Ivantsiv]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-swss
```
* 9c995f0c - (HEAD -> master, origin/master, origin/HEAD) [asan] Disable the "maybe-uninitialized" warning when compiled with ASAN enabled. (30 hours ago) [Oleksandr Ivantsiv]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-utilities
```
* bf355960 - (HEAD -> master, origin/master, origin/HEAD) Add vlan validation in config interface ip add command (#3155) (24 hours ago) [Mati Alfaro]
* ba98c7f8 - CLI enhancements to revtrieve data from TRANSCEIVER_FIRMWARE_INFO table (#3177) (34 hours ago) [mihirpat1]
* aefb61bd - Modify transceiver PM CLI to handle N/A value for DOM threshold (#3174) (34 hours ago) [mihirpat1]
```
#### How I did it
#### How to verify it
#### Description for the changelog
- Why I did it
The field 'subport' represents the index of the split port within a physical port. For example, if a port is split into 4, the subport of the first logical port is 1, the subport of the second logical port is 2, and so on.
In xcvrd, the CMIS manager uses the subport to calculate the lane mask, which is used to control the data path per lane. In Nvidia platform, the subport is missing and is always set to 0. According to the xcvrd code, when subport=0, it will always correspond to the first logical port. Therefore, if we shut down any logical port that is not the first one, we will see the operational status of the first logical port also becomes down.
This PR aims to add the subport field to CONFIG DB and prevent such scenarios. This is applicable only for static default breakout mode. For DPB, subport calculation will happen on the fly (changes are not in Sonic yet).
(Subport HLD: HLD of subport: [link to the HLD document])
- How I did it
I have added the 'subport' field to all relevant Nvidia hwsku.json files (minigraph generation is based on them). Additionally, I introduced the new 'subport' field to portconfig.py, so that sonic-cfggen will be able to generate the minigraph with it. In this file, I also fixed an error that caused all attributes from hwsku.json to be applied only to the first logical ports associated with a physical port.
Furthermore, I updated hwsku_json_checker to include the new field and applied a fix to the sample_hwsku.json file. sample_hwsku.json is the file that sonic-config-engine's unit tests rely on for its tests. Previously, it only included attributes for the first logical port of a split physical port. For example, if Ethernet4, a 4-lane port, was split into 2 ports, then sample_hwsku.json included only the entry for Ethernet4, with no entry for Ethernet6. This misalignment with the structure of other hwsku.json files has been corrected as well.
- How to verify it
Ensure that each logical port has the correct value of 'subport' in CONFIG DB, and that shutting down a logical port affects only that port and not other ports in the split.
If encountered a line without RequiredBy or WantedBy the code passes uninitialized pointer to get_install_targets_from_line(). Where it can fail with segfault or silently pass randomly.
- Why I did it
Uninitialized target_suffix is passed to get_install_targets_from_line() when other fields are present in [Install] section, like this:
root@sonic:/home/admin# systemctl cat ntpsec
...
[Install]
Alias=ntp.service
Alias=ntpd.service
WantedBy=multi-user.target
- How I did it
Initialize target_suffix with NULL, put an assert in get_install_targets_from_line(). Edited test to cover this scenario.
- How to verify it
UT and on the switch.
Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
- Why I did it
The creation of system EEPROM VPD file "/var/run/hw-management/eeprom/vpd_info" is triggered by the udev event during the system boot up, in case the CPU is busy during the bootup, the udev event handling can be delayed, and need to wait for some more time for the file creation.
- How I did it
Extend the waiting time from 10s to 20s to overcome some extreme case.
- How to verify it
continuously run reboot case and verify whether still can see error msg "ERR decode-syseeprom: Nowhere to read syseeprom from! No symlink found"
Signed-off-by: Kebo Liu <kebol@nvidia.com>
In some local buildings, an error /bin/bash: line 0: cd: src/sonic-dash-api/sonic-dash-api: No such file or directory will be raised due to the directory structure of sonic-dash-api has been changed.
Signed-off-by: Ze Gan <ganze718@gmail.com>
#### Why I did it
src/sonic-swss
```
* 97c7f3ed - (HEAD -> master, origin/master, origin/HEAD) Fix multi VLAN neighbor learning (#3049) (4 hours ago) [Lawrence Lee]
* 2617d4c5 - [intfsorch] Enable ipv6 proxy ndp along with proxy arp (#3045) (6 hours ago) [Nikola Dancejic]
```
#### How I did it
#### How to verify it
#### Description for the changelog
### Why I did it
- Currently inside k8s master image we are going to use AAD to do authentication related stuff with python language, we need to pre-install several azure key-vault related python packages.
- Need to upgrade cri-dockerd to 0.3.10 to support bookworm
- Need to change netcat package name to netcat-openbsd for bookworm
- Remove the unnecessary apt-get update
##### Work item tracking
- Microsoft ADO **(number only)**: 26435886
#### How I did it
- pip3 install azure-keyvault-secrets
- apt-get -y install netcat-openbsd
- upgrade the cri-dockerd version for bookworm
#### How to verify it
- pip3 list to check if azure-keyvault-secrets is installed inside image
- dpkg -l to check if netcat-openbsd is installed inside image
- systemctl status cri-dockerd.service to check if it's running well
### Why I did it
Update sonic-sairedis submodule pointer to include the following:
Add new functionality to syncd_init_common.sh, to use common sai.profile (https://github.com/sonic-net/sonic-sairedis/pull/1352)
### How I did it
Advance sonic-sairedis pointer
Adding rule to ebtables to drop multicast packets in kernel. This was
done to address a bug where NS packets were flooding ports with
duplicate packets.
Signed-off-by: Nikola Dancejic <ndancejic@microsoft.com>
#### Why I did it
src/sonic-sairedis
```
* 09cd7f6 - (HEAD -> master, origin/master, origin/HEAD) Add new functionality to syncd_init_common.sh, to use common sai.profile (#1352) (17 hours ago) [noaOrMlnx]
```
#### How I did it
#### How to verify it
#### Description for the changelog
### Why I did it
ipmitool utility is used to access various HW sensors. Some platforms use "ipmitool raw " to read specific addresses.
ipmitool_1.8.19-4_amd64.deb, that is part of bookworm has a defect. The package is missing file enterprise.txt that is expected by the "raw read" code path.
It is so because the file the .deb tries to download at the build time does not have the necessary extension as it is available on remote server: https://www.iana.org/assignments/enterprise-numbers.txt
### How I did it
The defect had been fixed using coding changes in next unstable version of Linux. It is expected to be available in future stable version of the OS. Hence to keep the changes to minimal, the .dsc file is downloaded and only the Makefile is modified to download the correct file. To make is work as patch necessary changes are made.
#### How to verify it
Build log is attached and installation of the file is noted line #2274
When using vanilla bookworm on platforms like 5212 or 5224:
-------------------------------------------------------------------
root@sonic:~# ipmitool raw 0x04 0x2d 0x31
IANA PEN registry open failed: No such file or directory
00 c0 01 80
When fixed we should not see the above error:
--------------------------------------------------
root@sonic:/home/admin# ipmitool raw 0x04 0x2d 0x31
00 c0 00 80
### Description for the changelog
This change is to address ipmitool raw read issue. This patch must be removed once it is available in next stable Linux release that contains the fix.
1edb0e27e4
### Why I did it
Command cannot be executed when tacacs+ in AAA authorization is set and passkey in TACPLUs is not set. There should be such restriction in YANG model definition.
##### Work item tracking
- Microsoft ADO **(number only)**: 26898399
#### How I did it
Add restirction
#### How to verify it
unit test