Commit Graph

8181 Commits

Author SHA1 Message Date
Arvindsrinivasan Lakshmi Narasimhan
46817036fd
[chassis]: removed dependency for bgp and swss for chassis supervisor (#15734)
Fixes #15667 and #13293

Work item tracking
Microsoft ADO 24472854:

How I did it
On chassis supervisor bgp feature is disabled in hostcfgd. The dependency between swss and bgp causes the bgp containers to start even though the feature is disabled.

How to verify it
Tests on chassis supervisor and LC
2023-08-07 09:52:48 -07:00
shdasari
d9393b0149
[radius]: Use execl instead of popen in RADIUS NSS code to fix vulnerability. (#15512)
Why I did it
#15284 fixes a case of shell escape exploit for TACACS+. This applies to RADIUS as well. RADIUS creates an unconfirmed user locally on the switch while attempting authentication. popen() is used to execute useradd,usermod and userdel commands. This exposes a vulnerability where a tactically designed username (which could contain explicit linux commands) can lead to getting executed as root.

An example of such a username could be "asd";echo>remoteRCE2;#". This leads to remoteRCE2 getting created in "/".

How I did it
All calls to popen() used to execute useradd, usermod and userdel are replaced with fork()/execl().

How to verify it
Prior to the fix, following is the behavior:

[s@i vm] ssh "asd";echo>remoteRCE2;#"@1.1.1.1
asd";echo>remoteRCE2;#@1.1.1.1's password:
Permission denied, please try again.

On the SONiC switch,

root@sonic:/# ls
accton_as7816_monitor.log home lib64 remoteRCE2 sys
bin host libx32 root tmp
boot initrd.img media run usr
cache.tgz initrd.img.old mnt sbin var
dev lib opt sonic vmlinuz
etc lib32 proc srv vmlinuz.old
root@sonic:/# ls -l

With the fix:

[s@i vm] ssh "asd";echo>remoteRCE2;#"@1.1.1.1
asd";echo>remoteRCE2;#@1.1.1.1's password:
Permission denied, please try again.

root@sonic:/# ls
accton_as7816_monitor.log etc lib mnt sbin usr
bin home lib32 opt sonic var
boot host lib64 proc srv vmlinuz
cache.tgz initrd.img libx32 root sys vmlinuz.old
dev initrd.img.old media run tmp

Verified that RADIUS authentication works as expected for valid users as well.
2023-08-07 09:48:18 -07:00
Sudharsan Dhamal Gopalarathnam
7bdd0d8011
[frr]: FRR 8.5.1 integration changes (#15965)
Why I did it
Upgrading FRR 8.5.1 to include latest fixes.

New patches that were added:

Patch	FRR Pull request	Issue fixed
0012-zebra-Rename-vrf_lookup_by_tableid-to-zebra_vrf_look.patch	FRRouting/frr#13396	#14866
0013-zebra-Move-protodown_r_bit-to-a-better-spot.patch	FRRouting/frr#13396	#14866
0014-zebra-Remove-unused-dplane_intf_delete.patch	FRRouting/frr#13396	#14866
0015-zebra-Remove-unused-add-variable.patch	FRRouting/frr#13396	#14866
0016-zebra-Remove-duplicate-function-for-netlink-interfac.patch	FRRouting/frr#13396	#14866
0017-zebra-Add-code-to-get-set-interface-to-pass-up-from-.patch	FRRouting/frr#13396	#14866
0018-zebra-Use-zebra-dplane-for-RTM-link-and-addr.patch	FRRouting/frr#13396	#14866
0019-zebra-Abstract-dplane_ctx_route_init-to-init-route-w.patch	FRRouting/frr#13757	FRRouting/frr#13754
00020-zebra-Fix-crash-when-dplane_fpm_nl-fails-to-process-.patch	FRRouting/frr#13757	FRRouting/frr#13754

Removed patches:

Patch	Upstream FRR commit that is present in 8.5.1
0001-Add-support-of-bgp-tcp-DSCP-value.patch	FRRouting/frr@425bd64
0010-zebra-Note-when-the-netlink-DUMP-command-is-interrup.patch	FRRouting/frr@2f71996
0011-bgpd-enhanced-capability-is-always-turned-on-for-int.patch	FRRouting/frr@8e89adc
0012-Ensure-ospf_apiclient_lsa_originate-cannot-accidently-write-into-stack.patch	FRRouting/frr@d2aeac3 , FRRouting/frr@49efc80, FRRouting/frr@ff6db10
0013-zebra-fix-dplane-fpm-nl-to-allow-for-fast-configuration.patch	FRRouting/frr@551fa8c
0014-bgpd-Allow-network-XXX-to-work-with-bgp-suppress-fib.patch	FRRouting/frr@4801fc4
0015-zebra-Return-statements-do-not-use-paranthesis.patch	FRRouting/frr@871a16c
0016-zebra-Add-zrouter.asic_notification_nexthop_control.patch	FRRouting/frr@06525c4
0017-zebra-Re-arrange-fpm_read-to-reduce-code-duplication.patch	FRRouting/frr@7d83e13
0018-zebra-Add-dplane_ctx_get-set_flags.patch	FRRouting/frr@10388e9
0019-zebra-Rearrange-dplane_ctx_route_init.patch	FRRouting/frr@f935122
0020-zebra-Add-ctx-to-netlink-message-parsing.patch	FRRouting/frr@45f0a10
0021-zebra-Read-from-the-dplane_fpm_nl-a-route-update.patch	FRRouting/frr@a0e1173
0022-zebra-Fix-code-because-missing-backport.patch	FRRouting/frr@07fd1f7
0024-zebra-continue-fpm-read-when-we-decide-a-netlink-message-is-not-needed.patch	FRRouting/frr@c0275ab
0025-zebra-Send-nht-resolved-entry-up-to-concerned-protoc.patch	FRRouting/frr@8ce0e51
0027-bgpd-Ensure-FRR-has-enough-data-to-read-in-peek_for_as4_capability-and-bgp_open_option_parse.patch	FRRouting/frr@3e46b43
0028-bgpd-Ensure-that-bgp-open-message-stream-has-enough-data-to-read.patch	FRRouting/frr@766eec1

Realigned patches:

Old Patch	New patch
0002-Reduce-severity-of-Vty-connected-from-message.patch	0001-Reduce-severity-of-Vty-connected-from-message.patch
0004-Allow-BGP-attr-NEXT_HOP-to-be-0.0.0.0-due-to-allevia.patch	0002-Allow-BGP-attr-NEXT_HOP-to-be-0.0.0.0-due-to-allevia.patch
0005-nexthops-compare-vrf-only-if-ip-type.patch	0003-nexthops-compare-vrf-only-if-ip-type.patch
0006-frr-remove-frr-log-outchannel-to-var-log-frr.log.patch	0004-frr-remove-frr-log-outchannel-to-var-log-frr.log.patch
0007-Add-support-of-bgp-l3vni-evpn.patch	0005-Add-support-of-bgp-l3vni-evpn.patch
0008-Link-local-scope-was-not-set-while-binding-socket-for-bgp-ipv6-link-local-neighbors.patch	0006-Link-local-scope-was-not-set-while-binding-socket-for-bgp-ipv6-link-local-neighbors.patch
0009-ignore-route-from-default-table.patch	0007-ignore-route-from-default-table.patch
0009-ignore-route-from-default-table.patch	0007-ignore-route-from-default-table.patch
0023-Use-vrf_id-for-vrf-not-tabled_id.patch	0008-Use-vrf_id-for-vrf-not-tabled_id.patch
0026-bgpd-Ensure-suppress-fib-pending-works-with-network-.patch	0009-bgpd-Ensure-suppress-fib-pending-works-with-network-.patch
0029-bgpd-Change-log-level-for-graceful-restart-events.patch	0010-bgpd-Change-log-level-for-graceful-restart-events.patch
0030-zebra-Static-routes-async-notification-do-not-need-t.patch	0011-zebra-Static-routes-async-notification-do-not-need-t.patch

How I did it
Upgrade FRR submodule. Align the patches. Integrate new patches to fix issues.

How to verify it
Run sonic-mgmt regression to verify
2023-08-07 09:45:13 -07:00
abdosi
c6d1dae741
Fix the Loopback0 IPv6 address of LC's in chassis not reachable from (#16026)
What I did:
Fix the Loopback0 IPv6 address of LC's in chassis not reachable from peer devices.

Why I did:
For Ipv6 Loopback0 address we only advertise /64 subnet to the peer devices. However, in case of chassis each LC will have it own /128 address of that /64 subnet . Since this /128 address does not get advertised peer devices can-not ping/reach the LC's loopback0.

How I fix:
Advertise /128 Loopback0 Ipv6 address only between i-BGP peers. This way even though /64 is advertised to e-BGP peer devices when packet reaches any of LC's it can reach the appropriate LC's.

How I verify:
Manual verification
UT added for same.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2023-08-06 22:36:33 -07:00
Vadym Hlushko
9fba98ce6d
[syncd.sh] Clear semaphore before updating firmware (#15818)
Why I did it
The hw resources should be released before updating firmware.

How I did it
Added logic to release hw resources in syncd.sh script

Signed-off-by: Vadym Hlushko <vadymh@nvidia.com>
2023-08-06 22:30:33 -07:00
mssonicbld
642350c524
[submodule] Update submodule sonic-swss-common to the latest HEAD automatically (#16031)
#### Why I did it
src/sonic-swss-common
```
* be425ed - (HEAD -> master, origin/master, origin/HEAD) [redisCommand]: Not store the error return code of redisFormat (#809) (2 days ago) [Ze Gan]
* 5966d8b - Fix binary serializer can't deserialize protopuf buffer content issue (#810) (3 days ago) [Hua Liu]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-08-06 16:32:34 +08:00
andywongarista
96fa513690
[Arista] Add support for DCS-7060DX5-32 (#14793)
* Add asic support for blackhawkth4dd

* Add bfd feature to BlackhawkTh4Dd

* Add platform data for blackhawkth4

* Add Qos settings for Blackhawk-TH4

* Add pg and queue settings for Blackhawk-TH4

* Add buffers_defaults_t0.j2

* Add blackhawkth4 to boot0

* Update 7060dx5 config.bcm

* Fix build error

---------

Co-authored-by: Boyang Yu <byu@arista.com>
Co-authored-by: David Meggy <davidm@arista.com>
2023-08-05 22:11:45 +08:00
mssonicbld
14c8ce282f
[submodule] Update submodule sonic-host-services to the latest HEAD automatically (#15992)
#### Why I did it
src/sonic-host-services
```
* 6767bc7 - (HEAD -> master, origin/master, origin/HEAD) [FeatureD] Move the Feature related config from Hostcfgd into a new daemon (#71) (6 days ago) [Vivek]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-08-05 14:32:40 +08:00
Vaibhav Hemant Dixit
e127701660
Fix CONFIG_DB_INITIALIZED flag check logic and set/reset flag for warmboot (#15685)
* Fix CONFIG_DB_INITIALIZED flag check logic and set/reset flag for warm-reboot
* Fix db-cli usage
* Handle same image warm-reboot and generalize handling of INIT flag
* Cover boot from ONIE case: set config init flag when minigraph, config_db are missing
* Handle case: first boot of SONiC
* Check for config init flag
* Simplify logic, and do not call db_migrator for same image reboot
2023-08-04 16:00:26 -07:00
vdahiya12
f41aad9226
[minigraph] remove number of lanes check for changing speed from 400G to 100G and set speed setting before lane reconfiguration (#15721)
8111 800G interface, split to 2x400G (each has 4 lanes) fails to change interface speed from 400G to 100G during deploy mg. In minigraph.xml, the interface speed configuration is good, but fails to generate the right value to config_db.json.

In order to support this SKU the speed transitioning should support both 4 lanes and 8 lanes in the port_config.ini.

Why I did it

before this change for a 400G to 100G transition, in all cases except when lanes are 8, we would continue and the line
ports.setdefault(port_name, {})['speed'] = port_speed_png[port_name]
would not be executed, hence the default speed will never be set for a case and config_db will not be updated,
where speed is transitioning from 400G to 100G or 40G, but lanes are not equal to 8.

In order for those cases to pass where lanes are not specifically 8, we need the change

Work item tracking
24242657

Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
2023-08-04 14:53:49 -07:00
Stephen Sun
97a091abd2
[Mellanox] Use Debian reboot in Nvidia platform reboot when it is invoked from kdump capture boot (#15701)
#### Why I did it

When a kernel crash occurs, the system will reboot to the kdump capture kernel if kdump is enabled (`config kdump enable`). In the kdump capture boot, it only stores the crash information, and then reboot the system to a normal boot.
In this boot, no SONiC service is started but it invokes `reboot` which is actually the SONiC reboot that depends on SONiC services. There is a logic to skip all SONiC stuff and invoke platform reboot in SONiC reboot to avoid issues.
However, on Nvidia platforms, the platform reboot still depends on SONiC services, which can cause issues.
So, the Debian reboot is called directly in platform reboot if it is invoked from the kdump capture boot.

#### How I did it

Manual test
2023-08-04 13:24:38 -07:00
Vivek
f1a4fbb1ad
[FeatureD] Add featured systemd files in host-services and update submodule (#15815)
### Why I did it

- Hostcfgd is handling a lot of tasks and Feature table is by itself an important and big task which can benefit from separation into a new daemon
- Currently, Hostcfgd handles feature table first before other tables an thus other taska such as Aaa, Ntp are delayed. With the split, they can run in paralell
- After the recent config-reload enhancements, Hostcfgd uses a multi-threading approach to listen to PortInitDone. BY splitting the daemon into two, we can avoid having a separate thread by using SubscriberStateTable and Select,.

#### Note: 

Depends on host-services PR : https://github.com/sonic-net/sonic-host-services/pull/71
Once the host-services is merged, updating the submodule along with this PR should fix the CI problem

#### How I did it

Refactor the feature related tasks from hostcfgd into a seperate daemon.

#### How to verify it

UT's and Tested on DUT

```
admin@r-tigris-22:~$ show logging -f | grep featured
Jun 28 22:13:33.870021 r-tigris-22 INFO featured: ConfigDB connect success
Jun 28 22:14:05.638063 r-tigris-22 INFO featured: Updating feature 'radv' systemd config file related to auto-restart ...
Jun 28 22:14:06.169184 r-tigris-22 INFO featured: Feature radv is enabled and started
Jun 28 22:14:06.172343 r-tigris-22 INFO featured: Updating feature 'sflow' systemd config file related to auto-restart ...
Jun 28 22:14:06.844322 r-tigris-22 INFO featured: Feature sflow is stopped and disabled
Jun 28 22:14:06.846761 r-tigris-22 INFO featured: Updating feature 'snmp' systemd config file related to auto-restart ...
Jun 28 22:14:07.129090 r-tigris-22 INFO featured: Feature is snmp delayed for port init
Jun 28 22:14:07.132052 r-tigris-22 INFO featured: Updating feature 'swss' systemd config file related to auto-restart ...
Jun 28 22:14:08.368948 r-tigris-22 INFO featured: Feature swss is enabled and started
Jun 28 22:14:08.369240 r-tigris-22 INFO featured: Updating feature 'syncd' systemd config file related to auto-restart ...
Jun 28 22:14:08.718357 r-tigris-22 INFO featured: Feature syncd is enabled and started
Jun 28 22:14:08.721496 r-tigris-22 INFO featured: Updating feature 'teamd' systemd config file related to auto-restart ...
Jun 28 22:14:09.042495 r-tigris-22 INFO featured: Feature teamd is enabled and started
Jun 28 22:14:09.045441 r-tigris-22 INFO featured: Updating feature 'telemetry' systemd config file related to auto-restart ...
Jun 28 22:14:09.359831 r-tigris-22 INFO featured: Feature is telemetry delayed for port init
Jun 28 22:14:30.740499 r-tigris-22 INFO featured: Updating delayed features after port initialization
Jun 28 22:14:33.914178 r-tigris-22 INFO featured: Feature lldp is enabled and started
Jun 28 22:14:35.536264 r-tigris-22 INFO featured: Feature mgmt-framework is enabled and started
Jun 28 22:14:38.098571 r-tigris-22 INFO featured: Feature snmp is enabled and started
Jun 28 22:14:39.555727 r-tigris-22 INFO featured: Feature telemetry is enabled and started


Jun 28 22:13:33.977011 r-tigris-22 INFO hostcfgd: ConfigDB connect success
Jun 28 22:13:33.993878 r-tigris-22 INFO hostcfgd: Waiting for systemctl to finish initialization
Jun 28 22:13:34.274818 r-tigris-22 INFO hostcfgd: systemctl has finished initialization -- proceeding ...
Jun 28 22:13:34.391623 r-tigris-22 INFO hostcfgd: file size check pass: /etc/pam.d/sshd size is (2139) bytes
Jun 28 22:13:34.427273 r-tigris-22 INFO hostcfgd: file size check pass: /etc/pam.d/login size is (4132) bytes
Jun 28 22:13:34.433390 r-tigris-22 INFO hostcfgd: file size check pass: /etc/nsswitch.conf size is (494) bytes
Jun 28 22:13:34.455110 r-tigris-22 INFO hostcfgd: file size check pass: /etc/nsswitch.conf size is (494) bytes
Jun 28 22:13:34.478882 r-tigris-22 INFO hostcfgd: Found audisp-tacplus PID: 442
Jun 28 22:13:34.482365 r-tigris-22 INFO hostcfgd: cmd - ['service', 'aaastatsd', 'stop']
Jun 28 22:13:36.108569 r-tigris-22 INFO hostcfgd: NtpCfg load ...
Jun 28 22:13:36.108699 r-tigris-22 INFO hostcfgd: ntp server update key 0
Jun 28 22:13:36.108763 r-tigris-22 INFO hostcfgd: ntp server update, restarting ntp-config, ntp servers configured set()
Jun 28 22:14:06.691693 r-tigris-22 INFO hostcfgd: KdumpCfg init ...
Jun 28 22:14:06.691771 r-tigris-22 DEBUG hostcfgd: passw_policies_update - key: POLICIES
Jun 28 22:14:06.691832 r-tigris-22 DEBUG hostcfgd: passw_policies_update - data: {'digits_class': 'true', 'expiration': '180', 'expiration_warning': '15', 'history_cnt': '10', 'len_min': '8', 'lower_class': 'true', 'reject_user_passw_match': 'true', 'special_class': 'true', 'state': 'disabled', 'upper_class': 'true'}
Jun 28 22:14:06.691891 r-tigris-22 DEBUG hostcfgd: modify_conf_file: passw_policies - {'digits_class': True, 'expiration': '180', 'expiration_warning': '15', 'history_cnt': '10', 'len_min': '8', 'lower_class': True, 'reject_user_passw_match': True, 'special_class': True, 'state': 'disabled', 'upper_class': True}
Jun 28 22:14:06.701982 r-tigris-22 DEBUG hostcfgd: Initial hostname: r-tigris-22
Jun 28 22:14:06.702075 r-tigris-22 DEBUG hostcfgd: Initial mgmt interface conf: {('eth0', '10.210.24.108/22'): {'gwaddr': '10.210.24.1'}}
Jun 28 22:14:06.702115 r-tigris-22 DEBUG hostcfgd: Initial mgmt VRF state: 
Jun 28 22:14:06.702177 r-tigris-22 INFO hostcfgd: RSyslogCfg: Initial config: {'config': {'GLOBAL': {'rate_limit_burst': '0', 'rate_limit_interval': '0'}}, 'servers': {}}
Jun 28 22:14:06.709455 r-tigris-22 INFO hostcfgd[39326]: Failed to restart resolv-config.service: Unit resolv-config.service not found.
Jun 28 22:14:06.709560 r-tigris-22 ERR hostcfgd: ['systemctl', 'restart', 'resolv-config'] - failed: return code - 5, output:#012None
admin@r-tigris-22:~$ Connection to r-tigris-22 closed by remote host.
```
2023-08-04 13:00:54 -07:00
pettershao-ragilenetworks
abccdaeb6c
[Ragile]Adapt kernel 5.10 for broadcom on RA-B6510-48V8C (#14809)
* Adapt kernel 5.10 for broadcom on RA-B6510-48V4C

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* update

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* update

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* update

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* update

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* modify one-image.mk file

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* modify debian/rule.mk

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* Add platform.json file

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

---------

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>
2023-08-04 12:01:49 -07:00
mssonicbld
b11c6d47ea
[submodule] Update submodule sonic-utilities to the latest HEAD automatically (#16032) 2023-08-04 15:15:04 +08:00
Junchao-Mellanox
91f3da018e
[Mellanox] Add more unit test coverage for platform API (#15842)
- Why I did it
Increase UT coverage for Nvidia platform API code

Work item tracking
Microsoft ADO (number only):

- How I did it
Focus on low coverage file:
1. component.py
2. watchdog.py
3. pcie.py

- How to verify it
Run the unit test, the coverage has been changed from 70% to 90%
2023-08-03 13:54:31 +03:00
Kebo Liu
380898f3a1
[Mellanox] Remove unnecessary file manipulation in the SAI Make file (#15993)
Signed-off-by: Kebo Liu <kebol@nvidia.com>
2023-08-03 13:39:27 +03:00
Vadym Hlushko
521a86b2de
[Mellanox] Add mlxtrace to techsupport (#15961)
- Why I did it
Added the fwtrace config files in order to be able to call the mlxstrace utility during the show techsupport dump.

Work item tracking
Microsoft ADO (number only):

- How I did it
Added fwtrace config files. Added path to these files to sai.profile for each mlnx device.

- How to verify it
Execute the show techsupport command and check if mlxstrace output is in system dump.

Signed-off-by: vadymhlushko-mlnx <vadymh@nvidia.com>
2023-08-03 11:36:58 +03:00
mssonicbld
9cc2b2badd
[submodule] Update submodule sonic-gnmi to the latest HEAD automatically (#16024)
#### Why I did it
src/sonic-gnmi
```
* c548cc2 - (HEAD -> master, origin/master, origin/HEAD) Support empty protobytes (#141) (2 hours ago) [ganglv]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-08-03 16:32:37 +08:00
mssonicbld
13f081e926
[submodule] Update submodule sonic-utilities to the latest HEAD automatically (#16025)
#### Why I did it
src/sonic-utilities
```
* cd882cc8 - (HEAD -> master, origin/master, origin/HEAD) Input check for timeout in generate_dump (#2925) (4 hours ago) [ycoheNvidia]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-08-03 16:32:31 +08:00
Ikki Zhu
9a7eb495c2
[E1031] add platform specific reboot command support (#15889)
* [E1031] add platform specific reboot command support

Why I did it
E1031: add platform specific cold reboot support

How I did it
Use the CPLD to trigger board level power cycle when cold reboot

How to verify it
Do reboot stress test and check the reboot cause history

* [E1031] try to umount filesystem before power cycle reboot

* [E1031] remove fstrim in customized reboot script
2023-08-02 17:20:53 -07:00
Jing Zhang
b23ec06a87
add service_mgmt (#15927)
Adding yang model for CONFIG_DB table MUX_LINKMGR|SERVICE_MGMT.

sign-off: Jing Zhang zhangjing@microsoft.com
2023-08-02 14:41:48 -07:00
Pavan-Nokia
a850175776
[Nokia-7215-A1] Update Nokia-7215-A1 platform (#15342)
Update Nokia-7215-A1 platform to address UT and OC test failures
2023-08-02 09:08:15 -07:00
mssonicbld
72ac5ccf1a
[submodule] Update submodule sonic-gnmi to the latest HEAD automatically (#16014)
#### Why I did it
src/sonic-gnmi
```
* 58a7b20 - (HEAD -> master, origin/master, origin/HEAD) Add delete field to On change response when key is deleted (#139) (8 hours ago) [Zain Budhwani]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-08-02 16:32:24 +08:00
mssonicbld
0474c296b1
[submodule] Update submodule sonic-swss-common to the latest HEAD automatically (#15786) 2023-08-02 15:17:12 +08:00
Liu Shilong
ea34cb2f0a
[ci] Add PR checker for rpc target and debug target. (#15997)
Why I did it
Enable rpc target in PR checker to avoid build break for rpc target.

Work item tracking
Microsoft ADO (number only): 24708372
How I did it
How to verify it
2023-08-01 21:03:49 +08:00
mssonicbld
70c1bdf5f1
[submodule] Update submodule sonic-utilities to the latest HEAD automatically (#16005)
#### Why I did it
src/sonic-utilities
```
* a56b11b6 - (HEAD -> master, origin/master, origin/HEAD) revert unit test tests/test_clear_tag (#2934) (10 hours ago) [Mai Bui]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-08-01 16:32:29 +08:00
lerry-lee
dda6bd11f2
[CI/CD] Use remote PR test template from sonic-mgmt master to run PR test (#15975)
Why I did it
Use remote PR test template from sonic-mgmt master to run PR test.

How I did it
Modify PR test azure pipeline yml file.

How to verify it
PR test executing normally.

Signed-off-by: Chun'ang Li <chunangli@microsoft.com>
2023-08-01 16:18:35 +08:00
Ze Gan
5d91bd14cd
Fix protoc-dev cache error (#15998)
Why I did it
The protoc-dev library with the wrong declaration.

Work item tracking
Microsoft ADO (number only): 24707066
How I did it
Revise the wrong declaration from:
PROTOC = libprotoc_$(PROTOBUF_VERSION_FULL)_$(CONFIGURED_ARCH).deb to PROTOC_DEV = libprotoc-dev$(PROTOBUF_VERSION_FULL)_$(CONFIGURED_ARCH).deb

How to verify it
Check Azp log error.
2023-08-01 15:41:20 +08:00
ganglv
5c4ab7a7f4
Use DNS j2 for default DNS configuration (#15901)
Why I did it
Support default DNS configuration

How I did it
Use j2 template to generate default DNS configuration.

How to verify it
Run sonic-config-engine unit test.
2023-07-31 15:43:00 -07:00
Liu Shilong
04a6031b2d
Revert "Update sairedis submodule (#15720)" (#15995)
This reverts commit e0927e28af.


Why I did it
Reverts #15720

It breaks build for target/debs/bullseye/syncd_1.0.0_amd64.deb

make[2]: Entering directory '/sonic/src/sonic-sairedis'
dh_install
# Note: escape with an extra symbol
if [ -f debian/syncd-rpc/usr/bin/syncd_init_common.sh ] ; then
/bin/sh: 1: Syntax error: end of file unexpected (expecting "fi")
make[2]: *** [debian/rules:65: override_dh_install] Error 2
make[2]: Leaving directory '/sonic/src/sonic-sairedis'
make[1]: *** [debian/rules:51: binary] Error 2
make[1]: Leaving directory '/sonic/src/sonic-sairedis'
dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned exit status 2
Work item tracking
Microsoft ADO (number only): 24691535
How I did it
How to verify it
2023-07-31 16:09:35 +08:00
Santhosh Kumar T
141132c94b
Update the iSMART_64 tool (#15936)
Why I did it
Updating the iSMART_64 tool for supporting latest debian releases.

How I did it
On branch new_ismart
Changes to be committed:
(use "git restore --staged ..." to unstage)
modified: platform/broadcom/sonic-platform-modules-dell/s6100/scripts/iSMART_64

How to verify it
In s6100, run the iSMART_64 tool.
md5sum - 24725730d7649769c7ba50971c1f2955
2023-07-30 09:52:02 -07:00
kannansel
2d9be532c1
Why I did it (#14826)
Midstone platform has compilation error in master branch, fixed the same.

How I did it
Due to bullseye migration i2c_new_dummy API is deprecated modified with i2c_new_dummy_device.

How to verify it
Verified target/debs/bullseye/platform-modules-midstone-200i_0.2.2_amd64.deb is generated

Co-authored-by: Kannan Selvaraj <skannan@celestica.com>
2023-07-30 09:48:36 -07:00
Ikki Zhu
b23078b52b
[E1031] fix pca9548 initializes failed occasionally (#15712)
Why I did it
[E1031] fix pca9548 initializes failed occasionally in stress test.
When failure happened, ismt i2c bus hang up and need power cycle to
recover it.

How I did it
Add 0.5s delay between setuping and configuring pca9548 i2c mux.

How to verify it
Reboot stress test at least 100 times without failure.
2023-07-30 09:42:14 -07:00
mssonicbld
9b08fe4eb2 [ci/build]: Upgrade SONiC package versions 2023-07-29 16:32:36 +08:00
mssonicbld
2a69c6c9a1
[submodule] Update submodule sonic-gnmi to the latest HEAD automatically (#15991)
#### Why I did it
src/sonic-gnmi
```
* 2c8e4ab - (HEAD -> master, origin/master, origin/HEAD) Support proto encoding (#140) (22 hours ago) [ganglv]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-07-29 16:32:27 +08:00
mssonicbld
351162a727
[submodule] Update submodule sonic-platform-common to the latest HEAD automatically (#15984) 2023-07-29 16:09:53 +08:00
mssonicbld
a3110bc296
[submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (#15974) 2023-07-29 15:18:04 +08:00
Yevhen Fastiuk
4c6be287a8
Add cache for AUDISP TACPLUS (#13033)
#### Why I did it
Tacplus package has missed cache configuration

#### How I did it
Defined cache configuration for tacplus package

#### How to verify it
Build image with cache enabled and make sure you don't see any warnings related to tacplus
2023-07-28 16:24:10 -07:00
mssonicbld
e7160af768
[submodule] Update submodule sonic-host-services to the latest HEAD automatically (#15937) 2023-07-28 22:54:26 +08:00
Liu Shilong
671346cb83
[build] Add sonic-utilities to sonic-host-services dependencies list. (#15987)
Why I did it
sonic-host-services depends on sonic-utilities because of FIPS feature.
Add dependency to unblock submodule sonic-host-services HEAD pointer update.

Work item tracking
Microsoft ADO (number only): 24671218
How I did it
2023-07-28 18:19:57 +08:00
xumia
a0b3ec2df6
Support FIPS DB configuration (#15632)
Why I did it
Support FIPS DB configuration
Design Doc: sonic-net/SONiC#1372

Work item tracking
Microsoft ADO (number only): 24411148
How I did it
Add the FIPS Yang model to make FIPS configurable in ConfigDB.

How to verify it
See TestPlan: sonic-net/sonic-mgmt#9092
Build the image and run the tests: sonic-net/sonic-mgmt#9091
2023-07-28 16:54:02 +08:00
mssonicbld
4f03e3c71b
[submodule] Update submodule linkmgrd to the latest HEAD automatically (#15952)
#### Why I did it
src/linkmgrd
```
* aa902a3 - (HEAD -> master, origin/master, origin/HEAD) [link prober] Increase pause/restart probe log verbosity (#213) (3 days ago) [Longxiang Lyu]
* 736cdda - [active-standby] Write `unhealthy` is default route `N/A` (#214) (3 days ago) [Longxiang Lyu]
* e923e15 - Add ADO to the PR template (#215) (4 days ago) [Longxiang Lyu]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-07-28 16:32:48 +08:00
mssonicbld
5b07f72662
[submodule] Update submodule sonic-utilities to the latest HEAD automatically (#15985) 2023-07-28 15:11:51 +08:00
mssonicbld
f53b26f97e
[submodule] Update submodule sonic-swss to the latest HEAD automatically (#15944) 2023-07-28 15:10:17 +08:00
mssonicbld
8f81d0f273
[submodule] Update submodule sonic-sairedis to the latest HEAD automatically (#15698)
#### Why I did it
src/sonic-sairedis
```
* ce8f642 - (HEAD -> master, origin/master, origin/HEAD) [vs] Use boost join to concatenate switch types in config (#1266) (6 days ago) [Kamil Cudnik]
* d6055a2 - [vslib]: Temporaily map DPU switch type to NVDA_MBF2H536C (#1259) (13 days ago) [prabhataravind]
* e1cdb4d - [CodeQL]: Use dependencies with relevant versions in azp template. (#1262) (3 weeks ago) [Nazarii Hnydyn]
* c08f9a2 - [CI]: Fix collect log error in azp template. (#1260) (3 weeks ago) [Nazarii Hnydyn]
* eed856c - [CodeQL]: Fix syncd compilation in azp template. (#1261) (3 weeks ago) [Nazarii Hnydyn]
* a3f1f1a - Reland 'Make changes to building and packaging sairedis (#1116)' (#1194) (3 weeks ago) [Saikrishna Arcot]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-07-28 14:33:01 +08:00
SuvarnaMeenakshi
c8b2d33b89
[YANG][SNMP]: Add YANG model for SNMP_AGENT_ADDRESS_CONFIG table (#15587)
#### Why I did it
https://github.com/sonic-net/sonic-utilities/pull/472 Added SNMP_AGENT_ADDRESS_CONFIG table in config db.
This PR is to add corresponding YANG model for that table.
##### Work item tracking
- Microsoft ADO **(number only)**:

#### How I did it
Added YANG modesl for SNMP_AGENT_ADDRESS_CONFIG.

keys: agent_ip, port number, vrf.
CLI implementaion checks if agent_ip, port number already exists in CONFIG_DB table, if it does, then new entry is not added.
So added another condition to ensure combination of agent_ip and port is unique.
Below is an example of how data looks like in DB:
```
127.0.0.1:6379[4]> HGETALL  "SNMP_AGENT_ADDRESS_CONFIG|10.1.1.1|161|foo"
1) "NULL"
2) "NULL"
127.0.0.1:6379[4]> HGETALL "SNMP_AGENT_ADDRESS_CONFIG|10.1.0.32|161|"
1) "NULL"
2) "NULL"
```
#### How to verify it
Added unit-test for various combinations and ensures that it passes.
2023-07-27 16:48:15 -07:00
Mohammedz93
42a13665f8
Change build-image licenses to Apache (#15377)
* Change build-image licenses to Apache

* Delete irrelevant LICENSE files
2023-07-27 08:30:12 -07:00
mssonicbld
751e595b93
[submodule] Update submodule sonic-utilities to the latest HEAD automatically (#15967) 2023-07-27 15:15:51 +08:00
pavannaregundi
30da473fd7
[Marvell] Fix get_system_mac for system without eeprom (#15376)
Why I did it
get_system_mac was returning 'None' mac for system without eeprom.
get_system_mac for marvell platform checks for mac in eeprom, profile.ini(hwsku file) and eth0. Check for valid mac returned by syseeprom was incorrect. Which was resulting in bypassing mac get from profile.ini and eth0.

How I did it
get_system_mac already has a logic to get first valid mac.
Removed null check for mac returned by eeprom.
Corrected the check for profile.ini file by checking if file exist.

How to verify it
Executed sonic-cfggen to check valid mac address is getting configured in config_db.json with/without profile.ini.
Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com>
2023-07-26 10:17:39 -07:00
Longxiang Lyu
47742dfc2c
[YANG][vlan-sub-interface] Add vlan field (#15838)
* [YANG][vlan-sub-interface] Add `vlan` field

Signed-off-by: Longxiang Lyu <lolv@microsoft.com>

* Fix typo

Signed-off-by: Longxiang Lyu <lolv@microsoft.com>

* Fix UT

Signed-off-by: Longxiang Lyu <lolv@microsoft.com>

---------

Signed-off-by: Longxiang Lyu <lolv@microsoft.com>
2023-07-25 10:03:36 -07:00