matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
6,343 Commits 33 Branches 17 Tags 294 MiB
52c36cd31f
Commit Graph

11 Commits

Author SHA1 Message Date
Ze Gan
94556d3953
[submodule]: Update submodule for wpa-supplicant (#11264) 
3f43852b8 [sonic_operators.cpp]: Increasing select timeout (#55)
a1142e251  [sonic_operators.cpp] Update sonic_db_manager::get_counter (#56)
1069d2dd4 [sonic_operators.cpp]: Fixbug wait with false positive to return success (#54)

Signed-off-by: Ze Gan <ganze718@gmail.com>
 2022-06-28 09:29:59 +08:00
Ze Gan
9bf84fcad5
[submodule]: Update submodule for sonic-wpa-supplicant (#10957) 
1069d2dd4 [sonic_operators.cpp]: Fixbug wait with false positive to return success

Signed-off-by: Ze Gan <ganze718@gmail.com>
 2022-05-28 12:01:32 +08:00
Ze Gan
a6b1b0a968
[submodule]: Update submodule for sonic-wpa-supplicant (#10904) 
64caafe38 [driver_macsec_sonic]: Fixing missing zeros at the beginning of SCI (#52)

Signed-off-by: Ze Gan <ganze718@gmail.com>
 2022-05-25 05:25:57 +08:00
Ze Gan
b21cd70955
[Submodule]: update submodule for sonic-swss and sonic-wpa-supplicant (#10842) 
Signed-off-by: Ze Gan <ganze718@gmail.com>
 2022-05-20 01:21:11 +08:00
Ze Gan
87036c34ec
[macsec]: Upgrade docker-macsec to bullseye (#10574) 
Following the patch from : https://packages.debian.org/bullseye/wpasupplicant, to upgrade sonic-wpa-supplicant for supporting bullseye and upgrade docker-macsec.mk as a bullseye component.
 2022-04-17 20:32:51 +08:00
Ze Gan
5cdfffe2fc
[submodule]: update sonic-wpa-supplicant (#9388) 
457e94d51 [macsec_linux]: Fixbug cannot dump the PN due to type error (#42)
f7c073323 Disable P2P module (#41)
7b3b777e2 [ci]: use native arm64 and armhf build pool (#40)
d4e91d66c [sonic_operator]: Increase wait timeout (#39)
43611ef88e [sonic_operators]: Add log in sonic operators (#43)

Signed-off-by: Ze Gan <ganze718@gmail.com>
 2022-01-12 20:27:02 -08:00
Ze Gan
d051bc4eb7
Update wpa supplicant (#8998) 
Signed-off-by: Ze Gan <ganze718@gmail.com>

986a835153b3df3a37492fbd3a83fc8e38a40c10 Proactively rekey https://github.com/Azure/sonic-wpa-supplicant/pull/36
b84dd21ac7b76686caf53f2e9a2c8eb80519ab31 Fix azurepieline download sonic swss common deb pakcage https://github.com/Azure/sonic-wpa-supplicant/pull/37
66002de9d5e3165ccdbed40451db86ae0a8b3944 [macsec_sonic] driver support for macsec_include_sci https://github.com/Azure/sonic-wpa-supplicant/pull/35
dae8f59cb54c90bc9011bd675806a75dd0808d27 MACsec XPN changes https://github.com/Azure/sonic-wpa-supplicant/pull/34
c2271b2879ed157718edb51e842a3e33debeab7f Move SSCI from SC to SA and change packet number field name to adapt sai 1.7.1 https://github.com/Azure/sonic-wpa-supplicant/pull/26
1bbc8f1ef463dd21428ce80b72da107f3bd2f3f0 Fix for CP state machine issues https://github.com/Azure/sonic-wpa-supplicant/pull/33
 2021-10-25 10:14:29 +08:00
Ze Gan
4068944202
[MACsec]: Set MACsec feature to be auto-start (#6678) 
1. Add supervisord as the entrypoint of docker-macsec
2. Add wpa_supplicant conf into docker-macsec
3. Set the macsecmgrd as the critical_process
4. Configure supervisor to monitor macsecmgrd
5. Set macsec in the features list
6. Add config variable `INCLUDE_MACSEC`
7. Add macsec.service

**- How to verify it**

Change the `/etc/sonic/config_db.json` as follow
```
{
    "PORT": {
        "Ethernet0": {
            ...
            "macsec": "test"
         }
    }
    ...
    "MACSEC_PROFILE": {
        "test": {
            "priority": 64,
            "cipher_suite": "GCM-AES-128",
            "primary_cak": "0123456789ABCDEF0123456789ABCDEF",
            "primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
            "policy": "security"
        }
    }
}
```
To execute `sudo config reload -y`, We should find the following new items were inserted in app_db of redis
```
127.0.0.1:6379> keys *MAC*
1) "MACSEC_EGRESS_SC_TABLE:Ethernet0:72152375678227538"
2) "MACSEC_PORT_TABLE:Ethernet0"
127.0.0.1:6379> hgetall "MACSEC_EGRESS_SC_TABLE:Ethernet0:72152375678227538"
1) "ssci"
2) ""
3) "encoding_an"
4) "0"
127.0.0.1:6379> hgetall "MACSEC_PORT_TABLE:Ethernet0"
 1) "enable"
 2) "false"
 3) "cipher_suite"
 4) "GCM-AES-128"
 5) "enable_protect"
 6) "true"
 7) "enable_encrypt"
 8) "true"
 9) "enable_replay_protect"
10) "false"
11) "replay_window"
12) "0"
```

Signed-off-by: Ze Gan <ganze718@gmail.com>
 2021-02-23 13:22:45 -08:00
lguohan
6d13d0fa9b
[submodule]: update sonic-wpa-supplicant (#6492) 
* 3b330db4a 2021-01-18 | [build]: Fix build error when compiling for armhf (32-bit) (#30) (HEAD, origin/master, origin/HEAD, master) [dflynn-Nokia]
* 56aaa225b 2021-01-16 | [ci]: add pipeline for armhf and arm64 (#29) [lguohan]
* 90da6141c 2021-01-12 | [ci]: propagate the correct error code the next step (#27) [lguohan]

Signed-off-by: Guohan Lu <lguohan@gmail.com>
 2021-01-19 13:57:43 -08:00
lguohan
ab2ae41212
[build]: fix dpkg admindir corruption issue in parallel build (#6408) 
Fix #119

when parallel build is enable, multiple dpkg-buildpackage
instances are running at the same time. /var/lib/dpkg is shared
by all instances and the /var/lib/dpkg/updates could be corrupted
and cause the build failure.

the fix is to use overlay fs to mount separate /var/lib/dpkg
for each dpkg-buildpackage instance so that they are not affecting
each other.

Signed-off-by: Guohan Lu <lguohan@gmail.com>
 2021-01-12 06:03:12 -08:00
Ze Gan
c22575218a
[docker-macsec]: MACsec container and wpa_supplicant component (#5700) 
The HLD about MACsec feature is at :

https://github.com/Azure/SONiC/blob/master/doc/macsec/MACsec_hld.md

- How to verify it
This PR doesn't set MACsec container automatically start, You should manually start the container by docker run docker-macsec
wpa_supplicant binary can be found at MACsec container.
This PR depends on the PR, WPA_SUPPLICANT, and The MACsec container will be set as automatically start by later PR.

Signed-off-by: zegan <zegan@microsoft.com>
 2021-01-10 10:39:59 -08:00