Commit Graph

8163 Commits

Author SHA1 Message Date
Vivek
2c7dce428c
[mellanox] Update SAI to SAIBuild2311.25.0.36, SDK/FW to 4.6.2104/2012.2104 (#17131)
Why I did it
Update SDK/SAI and FW for Mellanox Platform

How I did it
Update SDK/FW to v4.6.2104/v2012.2104

Fixed Issues:

Some of the Warmboot related files which were created by SDK during switch create are now generated during pre shutdown flow
New Features:

Debian 12 and kernel 6.1 support
Update SAI

New Features:

Auto Fec Support
FDB entries are now restored after warmboot to prevent temporary system flooding.
Minor Enhancement and Bug Fix in integrate-mlnx-sdk

How to verify it
Build Image and run tests

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>
2023-11-16 18:01:52 -08:00
Vivek
3fc48d51db
[Mellanox] Upgrade HW-MGMT to 7.0030.2008 and update platform-api (#17134)
Why I did it
Add platform support for Debian 12 (Bookworm) on Mellanox Platform

How I did it
Update hw-management to v7.0030.2008
Deprecate the sfp_count == module_count approach in favour of asic init completion
Ref: Mellanox/hw-mgmt@bf4f593
Add xxd package to base image which is required by hw-management scripts
Add the non-upstream flag into linux kernel cache options
Update the thermalctl logic based on new sysfs attributes
Fix the integrate-mlnx-hw-mgmt script to not populate the arm64 Kconfig
How to verify it
Build kernel and run platform tests

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>
Co-authored-by: Junchao-Mellanox <junchao@nvidia.com>
Co-authored-by: Junchao-Mellanox <57339448+Junchao-Mellanox@users.noreply.github.com>
2023-11-16 18:01:06 -08:00
Vivek
98fc38ebec
[bookworm] Fix docker gid mismatch with host (#17158)
* [bookworm] Fix docker gid mismatch with host
* Use group-add arg instead of update sonic-slave user

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>
2023-11-16 17:59:55 -08:00
Pavan Naregundi
a8e4fb1aaa
[marvell-armhf]: Enable SDK module for bookworm (#17110)
* Enable SDK modules for Bookworm
* Update SAI deb to 1.13.0-1



Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com>
2023-11-10 13:43:17 -08:00
Saikrishna Arcot
470a242362 fixup! Update sonic-utilities for changes in Python 2023-11-06 17:40:07 -08:00
Vivek
5ca53be90d [Bookworm] [Secure Boot] Fix the updated path for extract-cert binary (#17015)
extract-certs was moved from scripts/ to certs/ from kernel 5.17 340a02535e

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>
2023-11-06 17:40:07 -08:00
Saikrishna Arcot
0f61219102 Add note about minimum Docker version due to clone3 syscall usage
Add a note saying if running on a recent kernel, then Docker 20.10.10 or
newer needs to be used. This is because in Bookworm, glibc will use the
`clone3` syscall, which is not properly handled by Docker's seccomp
filter in versions older than 20.10.10.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:07 -08:00
mssonicbld
aafe64ad2a [ci/build]: Upgrade SONiC package versions (#17035) 2023-11-06 17:40:07 -08:00
Saikrishna Arcot
2683de5008 Fix docker-sonic-mgmt-framework for armhf
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
a8fa955580 Modify the sudoers file to lecture RO users once
Debian changed the defaults of the sudo package to never lecture the
user when using an unauthorized sudo command, which breaks our use case
of lecturing once. Add a line to lecture once, which is the old
defaults.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
5e945d5eff Fix container down event not sending out a notification
systemd changed the log message syntax for a container going down.
Update the regex for the new format.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
0eda8b4864 Upgrade lldpd to 1.0.16
This fixes lldpcli hitting some error related to being unable to get a
lock on /var/run/lldpd.socket. This version is the version in Debian
Bookworm, even though lldpd is in the lldp container, and that is on
Bullseye. This is because there is a change that went into 1.0.12 that
uses a separate lock file for the lldpd socket instead of locking the
socket file itself. This appears to cause problems in an unprivileged
docker container for unknown reasons (privileged docker container is
fine). Bullseye is on 1.0.11, which isn't new enough to have this
change.

I can't see any specific system capability that might address this.
Rather than debugging this further, just upgrade to the Bookworm
version.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
cdced98331 Fix PAM module configuration issue
pam-auth-update doesn't store local configuration, and it's meant to be
used by packages only. Because libpam-systemd was getting uninstalled
afterwards, this caused tacplus to get re-enabled.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Vivek
51d71a296f [Nvidia] Fix mlnx-sai build failure (#14)
Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

[Nvidia] Enable iproute2 & fix mft build (#16)

* Enable iproute2 as the SDK is also built

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

* [Nvidia] Dont use mkbmdeb method of dkms to build the package

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

* Added linux image to the Depends section of mft

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

[Nvidia] [Bookworm] Separate KERNEL_MFT into a new target (#16782)

* [Nvidia] Seperate KERNEL_MFT into a new target because of kernel header dependency

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

* Update linux-kernel submodule

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

* Fix paralell build problem

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

---------

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
433306b99a Modify rasdaemon service on amd64 only
Rasdaemon is not installed on armhf or arm64

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Keshav Gupta
a75b5d3d56 [marvell-arm64]: Enable SDK module for bookworm (#16909)
This patch enables compiling of Marvell platform
module and fixes sonic-platform-nokia compilation
issues for bookworm.
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
48b7b6e65b Disable some Marvell components to get build working
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
ef9625f158 Disable some Mellanox components to get build working
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
bdded2679a Update pyyaml in sonic-bgpcfgd and sonic-frr-mgmt-framework to 6.0
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
2658cdae3b Update saibcm-modules for Linux 6.1
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
9caddabab7 Disable the DNX module for now, since the sources are in a separate repo
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
jostar-yang
d883a9481e [Edgecore][sonic-platform-modules-accton]Support kernel 6.1 and bookworm (#16982)
* [Edgecore][sonic-platform-modules-accton]Support kernel 6.1 and bookworm

* Modify pddf drv code for i2c_remove_callback function fail
2023-11-06 17:40:06 -08:00
Ramasamy Chandramouli
e9350f073e [PR:16737, PR:16739] platform-modules: pddf, broadcom/cel: adapt for kernel 6.1 and bookworm (#16954)
* sonic-platform-modules-cel: broadcom: adapt for kernel 6.1 and bookworm

The i2c_driver->remove API declaration has been updated to return void instead
of int, as part of cleanup patches in 6.1. More details can be referred from
here: [1]. Update the remove API definition in the modules accordingly and
cleanup variables that go unused from the remove API.

Update python build commands for bookworm. The packaging based on calling
setup.py is deprecated and using build module/pip utility is the recommended
method for python packaging/installation. Further details can be referred to
from here: [2], [3]. The build module is picky about the package information file,
which needs to be either setup.py or pyproject.toml.

Additionally, fix formatting inconsistencies in debian/changelog reported by
`dh_installchangelogs` during the build.

Tested the changes by compiling the changes as below:

    make sonic-slave-bash NOBUSTER=1 NOBULLSEYE=1
    sudo dpkg -i target/debs/bookworm/linux-headers-6.1.0-11-2-*.deb
    cd platform/broadcom/sonic-platform-modules-cel
    KVERSION=6.1.0-11-2-amd64 dpkg-buildpackage

Also verified the python scripts under the sonic-platform-modules-cel with
pyflakes to ensure no new errors are flagged (with exception of unused modules).

References:
   [1] - https://github.com/torvalds/linux/commit/ed5c2f5f
   [2] - https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.htm
   [3] - 0b20a4863 (Update Python build commands for Bookworm, 2023-09-07)

Signed-off-by: Ramasamy Chandramouli <rachandr@celestica.com>

* platform/pddf: i2c: adapt for kernel 6.1 and bookworm

   * Fixup i2c_driver->remove API due to changes in the function
     prototype (ref: [1]).

   * Cleanup `MODULE_SUPPORTED_DEVICE` macros that were cleaned up in
     the upstream (ref: [2]).

   * Sanitize python packaging and installation using the `build` module
   instead of calling the setup.py directly (ref: [3]. [4]).

Tested the changes by compiling pddf module as below:

     make sonic-slave-bash NOBUSTER=1 NOBULLSEYE=1
     sudo dpkg -i target/debs/bookworm/linux-headers-6.1.0-11-2-*.deb
     cd platform/pddf/i2c
     KVERSION=6.1.0-11-2-amd64 dpkg-buildpackage

References:
    [1] - https://github.com/torvalds/linux/commit/ed5c2f5f
    [2] - https://github.com/torvalds/linux/commit/6417f031
    [2] - https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.htm
    [3] - 0b20a4863 (Update Python build commands for Bookworm, 2023-09-07)

Signed-off-by: Ramasamy Chandramouli <rachandr@celestica.com>

* platform/broadcom: include platform-modules-cel in builds

With pddf modules patched for 6.1, platform-modules-cel can be compiled
and included in the final image.

Testing by building sonic-broadcom.bin/sonic-broadcom-dnx.bin.

Signed-off-by: Ramasamy Chandramouli <rachandr@celestica.com>

* pddf/i2c: revert correct rootdir for pip install

The pip install directory has been set to test-pkg1/ for testing the build and
incorrectly retained as is. Revert this to the correct path $(PACKAGE_PRE_NAME).

Signed-off-by: Ramasamy Chandramouli <rachandr@celestica.com>

* platform/broadcom: include pddf/modules-cel in the base package

Without this change, the modules were built but not packaged in the final .bin.

The final sonic-broadcom.bin has been tested for bootup on Celestica's
Silverstone platform.

   admin@sonic:~$ uname -a
   Linux sonic 6.1.0-11-2-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.38-4 (2023-08-08) x86_64 GNU/Linux
   admin@sonic:~$ show platform summary
   Platform: x86_64-cel_silverstone-r0
   HwSKU: Silverstone
   ASIC: broadcom
   ASIC Count: 1
   Serial Number: R4009B2F062504LK200024
   Model Number: N/A
   Hardware Revision: N/A
   admin@sonic:~$ show version | head

   SONiC Software Version: SONiC.g0aad6c67c-rachandr
   SONiC OS Version: 12
   Distribution: Debian 12.2
   Kernel: 6.1.0-11-2-amd64
   Build commit: 0aad6c67c
   Build date: Thu Oct 26 07:13:47 UTC 2023
   Built by: rachandr@AZUHPS14

   Platform: x86_64-cel_silverstone-r0

Signed-off-by: Ramasamy Chandramouli <rachandr@celestica.com>

---------

Signed-off-by: Ramasamy Chandramouli <rachandr@celestica.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
9898f3b1a5 Disable several platform modules for Bookworm
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
410968cd14 Enable PR builds on bookworm branch
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
351725ed2d For Bookworm, use non-free-firmware instead of non-free
Starting with Bookworm, Debian moved the non-free Linux firmware blobs
into a new non-free-firmware component, since they are frequently needed
by users and since they need to be updated frequently. Since the only
thing we currently install from the non-free component (that I can think
of) is the Linux firmware, have Bookworm use non-free-firmware instead
of non-free.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
152354df48 Update Debian build script for Bookworm
Notable changes:
* Use j2cli from Debian repos instead of pip
* Use setuptools from Debian repos instead of pip
* Use wheel from Debian repos instead of pip
* Update grpcio and grpcio-tools python packages to match version in
  Bookworm
* Use m2crypto from Debian repos instead of pip

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
c54de85c89 Update sonic-host-services for changes in Python
This fixes 3 issues:
* Specify test dependencies under extra_requires
* Update the PAM configuration for Bookworm
* Break a cyclical dependency between sonic-host-services and
  sonic-buildimage by moving the contents of
  src/sonic-host-services-data into sonic-host-services submodule

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
0786f9d0bc Update sonic-utilities for changes in Python
This fixes 4 issues:
* Update tabulate to 0.9.0 and deepdiff to 6.2.2
* Specify test dependencies under extra_requires
* Add check_output parameter to the setup function due to the patch
* Fix error about having a mutable default for field headers in
  dataclass

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:06 -08:00
Saikrishna Arcot
1529ee74f5 Fix GCC 12 errors in sonic-swss-common
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-06 17:40:01 -08:00
Saikrishna Arcot
3a8dfb5074 Temporarily disable tests for sonic-utilities for Bookworm
There are odd failures in TestAclLoader and TestMuxcable. Skip running
tests for now.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-05 08:48:17 -08:00
Saikrishna Arcot
90bfb19844 Temporarily disable tests for sonic-config-engine for Bookworm
With the new test command, test_cfggen_from_yang.py is now being run,
whereas previously, it was never run. This results in new failures
appearing from changes that have occurred some time back.

Therefore, for now, disable tests for sonic-config-engine when building
for Bookworm.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-05 08:48:17 -08:00
Saikrishna Arcot
758c43a747 Loosen help text test for sonic-yang-mgmt
The help text printed for sonic-yang-mgmt has slight differences
depending on the package versions. Loosen this check to only check the
options themselves, rather than the surrounding text.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-05 08:48:17 -08:00
Saikrishna Arcot
cb6cb415b6 Update bitarray to 2.8.1 and pyyaml to 6.0 for sonic-config-engine
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-05 08:48:17 -08:00
Saikrishna Arcot
bdc717e010 Upgrade initramfs-tools to 0.142
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-05 08:48:17 -08:00
Saikrishna Arcot
ae59d9b8a8 Fix libnss-tacplus compilation
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-05 08:48:17 -08:00
Saikrishna Arcot
471fb86114 Upgrade kdump-tools
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-05 08:48:17 -08:00
Saikrishna Arcot
b401c909aa Migrate from ntp to ntpsec
Debian Bookworm no longer uses NTP, and instead uses NTPsec. Modify our
files to update/replace the NTPsec files instead.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-05 08:48:17 -08:00
Saikrishna Arcot
8517411792 For libyang, don't add an ordering dependency on frr for Bookworm
This ordering dependency causes FRR to get built for Bookworm, which we
don't need currently. Skip this by having it apply only to Bookworm.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 13:50:59 -07:00
Saikrishna Arcot
01af4e405c Mark many (but not all) of the dockers as Bullseye dockers
This tells the build infra that they need to be built as part of
Bullseye and not Bookworm.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 13:50:59 -07:00
Saikrishna Arcot
eb75f7252d Update openssh to 9.2p1-2+deb12u1 (the version in Debian Bookworm)
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Co-authored-by: Aravind Mani <aravind.m1@dell.com>
2023-11-03 13:50:59 -07:00
Saikrishna Arcot
3d554d344d sonic-yang-models: Specify test dependencies under extra_requires
Newer versions of pip/setuptools don't support test_requires, and the
current standard is to specify any extra dependencies (such as those
required for testing) under extra_requires.

Therefore, specify the testing dependencies under extra_requires. These
can be installed via pip using `pip install '.[testing]'`.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 13:50:59 -07:00
Saikrishna Arcot
b3e3c4cb2e sonic-yang-mgmt and sonic-yang-models: Update Python dependencies
Update tabulate to 0.9.0 and ijson to 3.2.3

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 13:50:59 -07:00
Saikrishna Arcot
cdc0237971 Update Python build commands for Bookworm
In Bookworm's version of setuptools, direct calls to setup.py are
deprecated and no longer guaranteed to work. One of the recommended
commands is to use the `build` python package to build packages, and
call it with `python -m build`. This, by default, builds the packages in
a virtualenv to ensure that only the specified dependencies in setup.py
are needed to build the package. This also extends to running tests,
where directly calling `setup.py test` may not work, and the recommended
alternatives are to either call `pytest` directly, or call `tox` or
`nox.` More details are available at [1].

For SONiC's use case, for building python packages, we cannot build all
Python packages in a virtualenv since there are dependencies that we
would have built earlier, and these packages are not pushed to pypi or
any package registry. (There may be a cleaner approach to this, though,
but I'm not aware of it.) For this reason, the `-n` flag is added to not
build the package in a virtualenv.

For testing, `pytest` is now called instead of `setup.py test`.

[1] https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.html

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 13:50:59 -07:00
Saikrishna Arcot
22a0e876cc Update sonic-linux-kernel to use 6.1.38
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 13:50:51 -07:00
Saikrishna Arcot
fef8e304b0 Update slave.mk to assume a Bookworm base image
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 11:41:39 -07:00
Saikrishna Arcot
c1971ddb3a Add Bookworm slave container
Changes from Bullseye slave container:
* Python 2 is no longer available at all
* Python 3.11 (instead of Python 3.9)
* GCC 12 (instead of GCC 10)
* Python ipaddr package is no longer available
* OpenJDK 17 (instead of OpenJDK 11)
* Remove doxygen armhf manual compilation (no longer needed)
* Disable FIPS, as the FIPS binaries are currently not yet available
* Install Python setuptools through Debian instead of pip
* Install Python wheel through Debian instead of pip
* Install Python nose through Debian instead of pip
* Install Python j2cli through Debian instead of pip
* Install Python pexpect through Debian instead of pip
* Install Python parameterized through Debian instead of pip
* Install Python pyyaml through Debian instead of pip
* Install Python pyfakefs through Debian instead of pip
* Install Python m2crypto through Debian instead of pip
* Python pympler 1.0 (instead of 0.8)
* Install Python build (as a replacement to setup.py)

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 11:41:05 -07:00
Saikrishna Arcot
c244e366ae Disable FIPS for Bookworm
FIPS packages for Bookworm are not yet available. Disable FIPS until
those packages are ready.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 11:41:05 -07:00
Saikrishna Arcot
a3aa03d5dc Remove packages.trafficmanager.net/debian/debian/ from build mirrors
This repo has been deprecated, and will not have Bookworm packages
available. Remove it from the build mirror config script.

Snapshot packages are still available from this repo.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-11-03 11:41:04 -07:00
mssonicbld
e895f5bbd0
[submodule] Update submodule sonic-host-services to the latest HEAD automatically (#17083)
#### Why I did it
src/sonic-host-services
```
* beb8bbe - (HEAD -> master, origin/master, origin/HEAD) [DualToR][caclmgrd] Fix IPtables rules for multiple vlan interfaces for DualToR config (#82) (3 hours ago) [vdahiya12]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-11-03 16:32:57 +08:00