Commit Graph

7132 Commits

Author SHA1 Message Date
Junchao-Mellanox
2126def04e
[infra] Support syslog rate limit configuration (#12490)
- Why I did it
Support syslog rate limit configuration feature

- How I did it
Remove unused rsyslog.conf from containers
Modify docker startup script to generate rsyslog.conf from template files
Add metadata/init data for syslog rate limit configuration

- How to verify it
Manual test
New sonic-mgmt regression cases
2022-12-20 10:53:58 +02:00
Liu Shilong
6681cad1c5
[action] Keep 'request for xxx branch' label when finished auto-cherry-pick. (#13107)
Why I did it
To keep 'Request for xxx branch' label when finished auto-cherry-pick.

How I did it
Change logic in post cherry pick action.

How to verify it
2022-12-20 16:41:04 +08:00
Liu Shilong
25d9ebbaf4
[build] Fix unexpected warnings: No names found, cannot describe anything. (#12963)
Why I did it
In PR check pipelines, there are too many duplicated warnings:
fatal: No names found, cannot describe anything.
SONIC_IMAGE_VERSION will not change in one build. We don't need to calculate in every reference. We just need calculate one time, then record it.
In Makefile, '=' will calculate again and again when it is referred.

How I did it
Fix it in Makefile.

How to verify it
Check this PR's check pipeline result.
2022-12-20 16:40:10 +08:00
Vivek
8d0419567b
[submodule] Advance sonic-swss pointer (#12970)
6185324fe dereg acl-rule counters during acl-table del (https://github.com/sonic-net/sonic-buildimage/pull/2574)
b865352e7 Align watermark flow with port configuration (https://github.com/sonic-net/sonic-buildimage/pull/2525)
f2d2fb362 L3 / L3 V6  Egress ACL table creation failure (https://github.com/sonic-net/sonic-buildimage/pull/2561)
577f6966c [muxorch] Skip programming ACL for standby `active-active` ports (https://github.com/sonic-net/sonic-buildimage/pull/2569)
242ee1194 [muxorch] Skip programming SoC IP kernel tunnel route (https://github.com/sonic-net/sonic-buildimage/pull/2557)
669511341 [gearbox] Support setting tx taps on gearbox ports (https://github.com/sonic-net/sonic-buildimage/pull/2158)
872f7bf9f [portinit] Do not call GET on SAI_PORT_ATTR_SPEED when AUTONEG is enabled (https://github.com/sonic-net/sonic-buildimage/pull/2484)
6afefe189 [vstest][virtual chassis] Removed dvs.runcmd using click commands (https://github.com/sonic-net/sonic-buildimage/pull/2214)
b8521cc66 [p4orch]: PINS Extension tables support (https://github.com/sonic-net/sonic-buildimage/pull/2506)
d0419dc4b sonic-swss: Fix orchagent crash in generateQueueMapPerPort. (https://github.com/sonic-net/sonic-buildimage/pull/2552)
bd652a040 [muxorch] Adding case for maintaining current state (https://github.com/sonic-net/sonic-buildimage/pull/2280)
6b6dda6af [Centec]for support mclag of centec to configure port isolate-group https://github.com/sonic-net/sonic-buildimage/pull/2529
ec507a4b2 [ACL] Support ACTION_COUNTER action in custom ACL table type (https://github.com/sonic-net/sonic-buildimage/pull/2550)
1a7460464 Use github code scanning instead of LGTM (https://github.com/sonic-net/sonic-buildimage/pull/2546)
bc3c894b0 [dual-tor] add missing SAI attribte in order to create IPNIP tunnel (https://github.com/sonic-net/sonic-buildimage/issues/2503)
dca78d804 (origin/202211) [Fdbsyncd] Bug Fix for remote MAC move to local MAC and Fix for Static MAC advertisement in EVPN. (https://github.com/sonic-net/sonic-buildimage/pull/2521)
2022-12-20 10:06:43 +02:00
Vadym Hlushko
1a5889ade7
[SFP] Change logging severity when failed to read EEPROM (#13011)
- Why I did it
In order to prevent the sonic-mgmt/tests/platform_tests/sfp/test_sfputil.py test failing on the log analyzer step.

The mentioned test is performing the sfputil reset EthernetX for every interface on the SONiC switch, this action will flap the SFP device status (INSTERTED -> REMOVED -> INSTERTED).

The SONiC XCVRD daemon will catch this SFP device status change (because it is monitoring the presence status of the cable).
To judge the cable presence status, currently, we are still leveraging to read the first bytes of the EEPROM, and the EEPROM could be not ready at some moment and the SONiC XCVRD daemon will print the error log to Syslog:

ERR pmon#xcvrd: Error! Unable to read data for 'xx' port, page 'xx' offset 128, rc = 1, err msg: Sending access register

- How I did it
Change logging severity from ERR to WARNING

- How to verify it
Run the sonic-mgmt/tests/platform_tests/sfp/test_sfputil.py

OR much faster way to run the next script on the switch:

#!/bin/bash

START=0
END=248

for (( intf=$START; intf<=$END; intf+=8))
do
    sfputil reset Ethernet"${intf}"
done

sfputil show presence
2022-12-20 10:05:45 +02:00
Kebo Liu
d6ee7f08c2
[Mellanox] change the implementation of is_host() to fix a stuck issue on simx platform (#13100)
- Why I did it
Following code to judge whether a process is running inside a docker could get stuck on the simx platform

subprocess.Popen(["docker", "--version"],
                                stdout=subprocess.PIPE,
                                stderr=subprocess.STDOUT,
                                universal_newlines=True)
When it gets stuck, the config-chassisdb service can not be successfully started, thus the system can not be booted up.

root@sonic:/# service config-chassisdb status
     config-chassisdb.service - Config chassis_db
     Loaded: loaded (/lib/systemd/system/config-chassisdb.service; enabled; vendor preset: enabled)
     Active: activating (start) since Thu 2022-12-15 09:23:02 UTC; 29min ago
   Main PID: 571 (config-chassisd)
      Tasks: 14 (limit: 9501)
     Memory: 132.4M
     CGroup: /system.slice/config-chassisdb.service
                        ├─571 /bin/bash /usr/bin/config-chassisdb
			├─575 /usr/bin/python3 /usr/local/bin/sonic-cfggen -H -v DEVICE_METADATA.localhost.platform
			├─602 /bin/sh -c sudo decode-syseeprom -m
			├─603 sudo decode-syseeprom -m
			├─607 /usr/bin/python3 /usr/local/bin/decode-syseeprom -m
			├─616 /bin/sh -c docker --version 2>/dev/null
			└─617 docker --version

- How I did it
Use an alternative way to implement this function and issue can be avoided:

docker_env_file = '/.dockerenv'
return os.path.exists(docker_env_file) is False

- How to verify it
run regression on real hardware and simx platform.
2022-12-20 10:00:11 +02:00
Liu Shilong
364045cfe5
[build] Add retry when make SONiC image to improve success rate. (#12325)
Why I did it
Makefile needs some dependencies from the Internet. It will fail for network related issue.
Retries will fix most of these issues.

How I did it
Add retries when running commands which maybe related with networking.

How to verify it
2022-12-19 12:18:36 +08:00
tianshangfei
b65e06f998
two platforms supporting S3IP SYSFS (TCS8400, TCS9400) (#12386)
Why I did it
Add two platform that support s3IP framework

How I did it
Add two platforms supporting S3IP SYSFS (TCS8400, TCS9400)

How to verify it
Manual test
2022-12-18 16:16:53 +08:00
FSSec
bb09ebe977
[FS][arm64] support new boars s5800-48t4s and s5800-48t8s-mars8p (#12994)
Adding platform support for FS s5800-48t4s and s5800-48t8s-mars8p.

Both s5800-48t4s and s5800-48t8s-mars8p have 48 * 10/100/1000 Base-T ports, 4 * 10GE SFP+ Ports on Centec TsingMa.
s5800-48t4s is different from s5800-48t8s-mars8p in that:

The phy chip used by s5800-48t4s is Marvell 88e1680;
The phy chip used by s5800-48t4s-mars8p is Centec ctc21108;
2022-12-17 14:48:02 -08:00
FuzailBrcm
8788f1cc0f
[pddf]: fix Observing the following error while running 'sfputil show lpmode' command. (#12636)
Why I did it
Fixes #12634

Observing the following error while running 'sfputil show lpmode' command.
AttributeError: 'Sfp' object has no attribute 'get_power_set'

Root Cause: get_power_set() is defined for QSFP28 and QSFP+ i.e. Sff8636 and Sff8634. However, the function is not defined in the optoe_base class.

How I did it
To use get_power_set(), we need to initialise the 'api' via get_xcvr_api() and then use it to run get_power_set().
2022-12-17 14:42:15 -08:00
Konstantin Vasin
20cad3b2f5
[Build] fix make clean (#12713)
Why I did it

make clean is broken after #12000:

bash: -c: line 1: syntax error near unexpected token `;'
bash: -c: line 1: `make -f slave.mk PLATFORM= PLATFORM_ARCH=amd64 MULTIARCH_QEMU_ENVIRON=n 
...
MIRROR_URLS= MIRROR_SECURITY_URLS=  Q=@ clean; ; '
make[1]: *** [Makefile.work:531: clean] Error 2

How I did it

Remove a conditional for clean command.

Signed-off-by: Konstantin Vasin <k.vasin@yadro.com>
2022-12-17 14:39:41 -08:00
Konstantin Vasin
bf90b498a4
[Build] use pigz to speed up a build (#12825)
Why I did it

It's possible to speed up some parts of a build using parallel compression/decompression.
This is especially important for build_debian.sh.

How I did it
pigz is a parallel implementation of gzip: https://zlib.net/pigz/
Some programs like docker and mkinitramfs can automatically detect and use it instead of gzip.
For tar we need to select it directly.

To enable this feature you need to set GZ_COMPRESS_PROGRAM=pigz
2022-12-17 14:38:31 -08:00
FuzailBrcm
abc8ed8a79
[pddf]: Adding PDDF common framework enhancements. (#12863)
- Consolidating multiple read functions in a PSU driver on the basis of byte, word or block read,
- Enhancing PDDF parsing script support for CPU and PCH temperature reading,
- Adding missing methods in PDDF common APIs

Why I did it
- PSU driver changes are to optimize the code and increase the code coverage
- PDDF parser script enhancements to accommodate the CPU and PCH temp reading using hwmon device path
- Some of the new APIs were missing from the PDDF common platform classes

How I did it
Added code changes and verified them on AS7816 adn AS7726 platforms.
2022-12-17 14:36:52 -08:00
andywongarista
372a7c85c5
[Arista] Update ip packet checksum when set to 0xffff on 720DT-48S (#13088)
Why I did it
This is to fix test_forward_ip_packet_with_0xffff_chksum_tolerant test failure on 720DT-48S. IP packets with checksum set to 0xffff will be forwarded with the same checksum on this platform, instead of updating to the correct value.

How I did it
Add bcm config sai_verify_incoming_chksum=0 so that checksum is updated instead of being left unchanged when checksum is 0xffff. Note that packets with invalid checksum are still dropped with this config.
2022-12-17 13:47:05 -08:00
Konstantin Vasin
8a3fad2891
[Build] mount cgroup2 in chroot to fix build on ubuntu 22.04 (#13030)
Why I did it
Ubuntu 22.04 uses cgroup2 by default, but docker.sh doesn't mount it.
As a result we get an error when trying to run docker info in chroot env:

ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

How I did it
mount cgroup2 in chroot if all enabled kernel cgroup controllers are currently not in use by cgroup1

So we need to mount cgroup in chroot environment on /sys/fs/cgroup.
Because inside chroot we don't know which cgroup version is used by the host we have two possible solutions:

cgroup tree for chroot is mounted by the host (it was my 1st version of this fix)
cgroup tree is mounted inside chroot based on info from /proc/cgroups (it's current version of this fix)
My 2nd version based on this code from systemd: 5c6c587ce2/src/shared/cgroup-setup.c (L35-L74)

We parse info from /proc/cgroups
Skip header line started from #
Skip controller if it's disabled (4th column = 0)
Count number of controllers with non-zero of hierarchy_id (2nd column)
If this number is not zero then we assume some of controllers are used by host system and the host system uses hybrid or legacy cgroup tree. In this case we can't use unified cgroup tree inside chroot and mount old cgroup tree (v1).
If this number is zero then we assume host system uses unified cgroup tree and we need to mount cgroup2 inside chroot.

Signed-off-by: Konstantin Vasin <k.vasin@yadro.com>
2022-12-17 12:16:45 -08:00
kellyyeh
947561c225
Advance dhcprelay submodule head (#12717)
Added below commits:
9b30690 jcaiMR Fri Dec 16 fix handleSwssNotification crash in dhcp6relay (#28)
047afb7 jcaiMR Wed Dec 14 14:08:58 2022 +0800 Fix multiple vlan issue (#27)
ff6bec3 Vivek Thu Dec 8 09:44:15 2022 -0800 Made the Error log informative (#22)
2fbe729 jcaiMR Wed Nov 30 14:41:53 2022 +0800 disable cfg dynamic change (#25)
13d0805 Liu Shilong Wed Nov 30 10:54:11 2022 +0800 Use github code scanning instead of LGTM (#26)
1e846f6 kellyyeh Wed Nov 23 14:36:02 2022 -0800 Fix packet range check for relay-reply packets (#21)
4d19e13 kellyyeh Thu Nov 17 10:04:53 2022 -0800 Add unittest infrastructure (#5)
7f4fdab jcaiMR Fri Nov 11 14:47:51 2022 +0800 fix packet range check issue (#20)
257ecdf kellyyeh Thu Nov 3 11:34:11 2022 -0700 Add client packet UDP header length check (#19)
2022-12-16 16:50:15 -08:00
Deepak Singhal
bf428fd9a7
DNX(J2/J2c/J2c+): Reserve Non-ECMP Fec Resource for Non-ECMP Route Nexthops/NBR Entries (#13076)
Why I did it
On DNX (J2/J2c/J2c+) platforms, Single Path Nexthops and ECMp Nexthop resources(FECs) are shared. BRCM SAI do not have partition of this resource, and hence more single path Nexthop entries, causes ECMP programming to fail in scaled setup.

How I did it
Broadcom provided SAI changes to reserve resources for single path nexthop entries(More details in CSP: https://brcmsemiconductor-csm.wolkenservicedesk.com/wolken-support/allcases/request-details?requestId=CS00012251649).
Along with SAI changes, they provided configurable Macro/flag to reserve NON_ECMP entries.
This PR is to add that flag in various sai.profile files wherever applicable.

PS: We are reserving 3072 single path Nexthop entries on each Linecard. Calculation is as follows.
Max Slots per chassis: 8
Max No of Ports(each LC): 64
MyIP/Subnet Entries per port: 4(v4/v6)
Nbr Entries Per port: 2(v4/v6)

Total Non_ECMP Count: 8x64x(4+2) = 3072

How to verify it
Without this change, the ECMP group count will be shown as Max_count in 'crm show resources all' command, and with this change the ECMP group count will be decreased by 24(3072/128).
2022-12-16 16:43:43 -08:00
Song Yuan
1fd2395f29
Fix port index for multi-asic (#13042)
Port indexes of front panel ports are not contiguous in multi-asic because we didn't distiguish between
front panel and internal ports, e.g., recycle ports. Fix this by assigning index to front panel port first
and then internal ports.
2022-12-16 09:12:36 -08:00
tianshangfei
a2885b31ed
The CPLD and FPGA driver framework module complies with s3ip sysfs specification (#12891)
Why I did it
Provide CPLD and FPGA driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-16 22:05:53 +08:00
Konstantin Vasin
67ced0724c
[Build] fix md5sum calculation of web packages if transient error (#13013)
Fix #12279

Why I did it
Curl can fail when we calculate md5sum of web package.
E.g. if server responsed with 503 error.
But we don't validate this and pass any output from curl directly to md5sum.
After that we save incorrect md5 hash to versions-web file.

How I did it
use option --retry 5 for transient errors (default value is 0)
use option -f for curl and set -o pipefail for shell to detect errors
stop build if curl failed

Signed-off-by: Konstantin Vasin <k.vasin@yadro.com>
2022-12-15 23:05:41 -08:00
vaibhav-dahiya
0eb852c4a4 Revert "[Arista] Disable pcie checking on x86_64-arista_7050cx3_32s (#12900)"
This reverts commit dd87a791b4.
2022-12-15 22:56:19 -08:00
Longxiang Lyu
d2ab55cc15
[dualtor] Let T0 delay 10 seconds before sending BGP updates (#12996)
Why I did it
To ensure, that after a BGP startup, dualtor T0 receives BGP updates before sending out BGP updates.
Please refer to sonic-net/SONiC#1161 for more details.

How I did it
add coalesce-time 10000 to the frr bgp startup config.

Signed-off-by: Longxiang Lyu <lolv@microsoft.com>
2022-12-15 22:14:46 +00:00
Guillaume Lambert
7b9524a79f [doc]: Fix README.md linting issues
MarkDown linter "mdl" reports many warnings on README.md.
Let them get fixed to ease its maintenance and readability.

Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
2022-12-15 08:59:26 -08:00
Guillaume Lambert
19f7ba0756 [doc]: Improve README.md
- Running "sudo pip install" can be OK in a CI but generates a clear
  warning. It is strongly disadvised to run it in a user or a production
  environment because it can  break the host packages system.
  "pip install --user" or venv are usually prefered in most situations.
- Nested virtualization support is not always enough to build OVS image
  inside a VM. The full KVM interface must be exposed, what may require
  extra configuration such as the KVM paravirtualization in VirtualBox.
- On the recommended version of Ubuntu (20.0.4), installing docker CE
  with the given process does not remove docker from snap
  when a previous installation of the distribution package docker.io
  was already present in the system.
  Using docker through snap currently triggers a bug during the SONiC
  build process.
https://stackoverflow.com/questions/52526219/docker-mkdir-read-only-file-system

Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
2022-12-15 08:59:26 -08:00
xumia
14a5ec7914
[Build] Fix the docker image docker-dhcp-relay:latest not found issue (#13048)
Why I did it
It is to fix the broadcom build failure, it is caused by the build image docker-dhcp-relay:latest not found.

2022-12-14T00:09:57.5464893Z [ FAIL LOG START ] [ target/docker-dhcp-relay.gz-load ]
2022-12-14T00:09:57.5466036Z Attempting docker image lock for docker-dhcp-relay load
2022-12-14T00:09:57.5467113Z Obtained docker image lock for docker-dhcp-relay load
2022-12-14T00:09:57.5468206Z Loading docker image target/docker-dhcp-relay.gz
2022-12-14T00:09:57.5469361Z Loaded image: docker-dhcp-relay:internal.65852159-11ad82a07a
2022-12-14T00:09:57.5470686Z Tagging docker image docker-dhcp-relay:latest as docker-dhcp-relay-sonic:latest
2022-12-14T00:09:57.5471997Z Error response from daemon: No such image: docker-dhcp-relay:latest
2022-12-14T00:09:57.5473122Z [  FAIL LOG END  ] [ target/docker-dhcp-relay.gz-load ]
2022-12-14T00:09:57.5539792Z make: *** [slave.mk:1180: target/docker-dhcp-relay.gz-load] Error 1
2022-12-14T00:09:57.5540958Z make: *** Waiting for unfinished jobs....
The image had been built succeeded

2022-12-13T17:01:59.9046935Z [ finished ] [ target/docker-eventd.gz ] 
2022-12-13T17:02:00.4947165Z [ building ] [ target/docker-dhcp-relay.gz ] 
2022-12-13T17:02:00.6688627Z /sonic/dockers/docker-dhcp-relay/cli-plugin-tests /sonic
2022-12-13T17:02:41.1123955Z /sonic
2022-12-13T17:07:04.1786069Z [ finished ] [ target/docker-dhcp-relay.gz ] 
But it was tagged by another value:

Obtained docker image lock for docker-dhcp-relay save
Tagging docker image docker-dhcp-relay-sonic:latest as docker-dhcp-relay:internal.65852159-11ad82a07a
Saving docker image docker-dhcp-relay:internal.65852159-11ad82a07a
Released docker image lock for docker-dhcp-relay save
Removing docker image docker-dhcp-relay-sonic:latest
Untagged: docker-dhcp-relay-sonic:latest
target/docker-dhcp-relay.gz
File /dpkg_cache/docker-dhcp-relay.gz-2ddfa01a109ca69b7621f1a-450bae36026d9dee62646f2.tgz saved in cache 
[ CACHE::SAVED ] /dpkg_cache/docker-dhcp-relay.gz-2ddfa01a109ca69b7621f1a-450bae36026d9dee62646f2.tgz
How I did it
When the feature SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD not enabled, always save as the latest tag, not use the specify version.
The version is dynamic, it is changed when a new commit checked in, but the image of docker-dhcp-relay is not necessary to change.
2022-12-15 21:03:21 +08:00
Lior Avramov
bb2e7685c8
[Mellanox] Update ECMP calculator README (#13051)
Why I did it
Update ECMP calculator README file with new instructions how to run the calculator.

How I did it
Update README file.

How to verify it
Read README file.
2022-12-15 09:47:33 +02:00
Dror Prital
33d86bd951
[submodule] Advance sonic-utilities pointer (#13050)
Update sonic-utilities submodule pointer to include the following:
* 49fc389 [show]Fix show route return code on error ([#2542](https://github.com/sonic-net/sonic-utilities/pull/2542))
* b2eca37 [route_check]: Ignore ASIC only SOC IPs ([#2548](https://github.com/sonic-net/sonic-utilities/pull/2548))

Signed-off-by: dprital <drorp@nvidia.com>
2022-12-15 08:59:44 +02:00
Saikrishna Arcot
d57de0987a
Keep custom rsyslog file for docker-sonic-vs (#13056)
docker-sonic-vs doesn't have the infra needed for the syslog rate limit
configuration, so it's not going to be rendering jinja templates to
overwrite /etc/rsyslog.conf. This also means that syslog messages would
get logged twice (because both the default /etc/rsyslog.conf file and
/etc/rsyslog.d/50-default.conf are telling it to log to syslog).

Therefore, keep the custom static /etc/rsyslog.conf file for docker-sonic-vs.

Fixes sonic-net/sonic-swss#2570.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2022-12-14 16:49:37 -08:00
donNewtonIntel
86894d5b8d
Add genl packet to sonic-buildimage (#13032)
* Adding sonic-genl-packet submodule

Signed-off-by don.newton@intel.com

* Adding build files for genl-packet

Signed-off-by: don.newton@intel.com

Signed-off-by: don.newton@intel.com
2022-12-14 15:15:47 -05:00
tianshangfei
de4506dbf6
The build project of s3ip frameworkk (#12896)
Why I did it
The build project of s3ip framework

How I did it
How to verify it
2022-12-14 22:36:08 +08:00
tianshangfei
ea807d7d0b
The demo driver complies with s3ip sysfs specification,which use the s3ip kernel framework (#12895)
Why I did it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification

How I did it
1、 demo driver will call the s3ip kernel framework interface

How to verify it
run the demo ,it will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:35:33 +08:00
tianshangfei
f7d80e63db
The user framework module complies with s3ip sysfs specification (#12894)
Why I did it
The user framework module complies with s3ip sysfs specification

How I did it
1、 create a s3ip_sysfs service
2、 the s3ip_sysfs service call the “s3ip_sysfs_tool.sh” to install kernel module and run s3ip_load.py
3、 s3ip_load.py will parse the s3ip_sysfs_conf.json configuration file and create /sys_switch/ directory

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:34:55 +08:00
tianshangfei
8fe4fab89f
The slot and switch_rootsysfs driver framework module complies with s3ip sysfs specification (#12893)
Why I did it
Provide slot and switch_rootsysfs driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:34:27 +08:00
tianshangfei
8f124dc56d
The LED and watchdog driver framework module complies with s3ip sysfs specification (#12892)
Why I did it
Provide SYSLED and watchdog driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:33:52 +08:00
tianshangfei
0ca8282f40
The Sensor driver framework module complies with s3ip sysfs specification (#12890)
Why I did it
Provide a sensor driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:32:37 +08:00
tianshangfei
92a33e4847
The Transceiver driver framework module complies with s3ip sysfs specification (#12889)
Why I did it
Provide a transceiver driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:29:45 +08:00
tianshangfei
422196a72a
The FAN driver framework module complies with s3ip sysfs specification (#12888)
Why I did it
Provide a Fan driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:29:24 +08:00
tianshangfei
d8f41e1179
The PSU driver module complies with s3ip sysfs specification (#12887)
Why I did it
Provide a PSU driver framework that complies with s3ip sysfs specification

How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node

How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
2022-12-14 22:28:53 +08:00
Dmytro Lytvynenko
5550c5da08
[BFN]: Implement getting psu related sensors in sonic_platform directly from BMC (#12786)
Why I did it
Platform interface doesn't provide all sensors and using it isn't effective

How I did it
Request sensors via http from BMC server and parse the result

How to verify it
Related daemon in pmon populates redis db, run this command to view the contents
2022-12-14 22:21:36 +08:00
Dror Prital
94bd8e988a
[submodule] Advance sonic-utilities pointer (#12962)
Update sonic-utilities submodule pointer to include the following:

208824d YANG Validation for ConfigDB Updates: WARM_RESTART, SFLOW_SESSION, SFLOW, VXLAN_TUNNEL, VXLAN_EVPN_NVO, VXLAN_TUNNEL_MAP, MGMT_VRF_CONFIG, CABLE_LENGTH, VRF tables (#2526)
09b8dd1 [db_migrator] Remove import of swsssdk as it is not supported in master (#2544)
10eb5ba Support syslog rate limit configuration for containers and host (#2454)
ca9a020 [generate_dump] [Mellanox] Fix the duplicate dfw dump collection problem by adding symlinks (#2536)
92c7001 [config] Add check in config interface ip command to block if the interface is portchannel member (#2539)
e8130f5 [system-health] Improve code structure of system health CLIs (#2453)
00c01b3 Transceiver eeprom dom CLI modification to show output from TRANSCEIVER_DOM_THRESHOLD table (#2535)
42f51c2 sonic-utilities: Update config reload() to verify formatting of an input file (#2529)
a5e1e2b [GCU] Add RemoveCreateOnlyDependency Validator/Generator (#2500)
6411b52 [QoS] Introduce delay to the qos reload flow (#2503)
fce7ec3 Use github code scanning instead of LGTM (#2530)
91bd6de Change show kube command default value of insecure key to True (#2517)
c44c584 Add db_migrator_constants.py script to setup.py (#2534)
6a3238e [drop counters] Fix CLI script for unconfigured PGs (#2518)
263810b Update vrf add, del commands for duplicate/non-existing VRFs (#2467)
addae73 Port 202012 DB migration changes to newer branches (#2515)
2af8cfa [VXLAN]Fixing traceback in show remotemac when mac moves during command execution (#2506)
2022-12-14 11:59:56 +02:00
Junchao-Mellanox
9590339d69
[Mellanox] Remove TODO comments which are no longer needed (#13023)
- Why I did it
Remove TODO comments which are no longer needed

- How I did it
Remove TODO comments which are no longer needed

- How to verify it
Only comment change
2022-12-14 09:57:48 +02:00
Konstantin Vasin
dfc73fc8bd
[build] use real wget for SAI_FLAGS (#12665)
Why I did it

We download libsaibcm.deb every time when we use make to build.
That's because we use build hook but not real wget to get hash for SAI_FLAGS.
As a result we also call curl for libsaibcm.deb inside of function download_packages.

How I did it
Add SKIP_BUILD_HOOK=y to use real wget instead of build hook.

How to verify it
I redirected all requests to proxy to log them (1st column is timing).

Without fix (curl, curl , wget):

1668034736.348 0 CONNECT sonicstorage.blob.core.windows.net:443
1668034831.997 40064209 GET https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm_7.1.17.4_amd64.deb
1668034832.601 0 CONNECT sonicstorage.blob.core.windows.net:443
1668034833.212 113911 GET https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm-dev_7.1.17.4_amd64.deb
1668034833.831 0 CONNECT sonicstorage.blob.core.windows.net:443
1668034834.030 549 HEAD https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm_7.1.17.4_amd64.deb
1668034834.235 547 HEAD https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm-dev_7.1.17.4_amd64.deb

Fixed version (only wget):

1668034973.199 0 CONNECT sonicstorage.blob.core.windows.net:443
1668034973.339 549 HEAD https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm_7.1.17.4_amd64.deb
1668034973.501 547 HEAD https://sonicstorage.blob.core.windows.net/public/sai/bcmsai/REL_7.0/7.1.17.4/libsaibcm-dev_7.1.17.4_amd64.deb

Signed-off-by: Konstantin Vasin <k.vasin@yadro.com>
2022-12-13 23:28:00 -08:00
Maxime Lorrillere
298de5abef
Fix missing system_ref_core_clock_khz (#12663)
Add missing system_ref_core_clock_khz in Arista-7800R3A-36D2-C36 and Arista-7800R3A-36D2-C72
2022-12-13 22:20:16 -08:00
kenneth-arista
570e6fb28f
Add aggregate port_config.ini for Wolverine SKU (#12951)
Add missing aggregate port_config.ini needed by sonic-mgmt

Concatenate the ASIC specific port_config.ini from device/arista/x86_64-arista_7800r3a_36d2_lc/Arista-7800R3A-36D2-C36/[01] to create the aggregate file.
2022-12-13 22:02:14 -08:00
Oleksandr Ivantsiv
9988ff888b
[build] Add the possibility to disable compilation of teamd and radv containers. (#12920)
- Why I did it
This optimization is needed for DPU SONiC. DPU SONiC runs a limited set of containers and teamd and radv containers are not part of them. Unlike the other containers, there was no possibility to disable teamd and radv containers compilation.
To reduce DPU SONiC compilation time and reduce the image size this commit adds the possibility to disable their compilation.

- How I did it
Two new configuration options are added to rules/config file:

INCLUDE_TEAMD
INCLUDE_ROUTER_ADVERTISER
By default to preserve the existing behavior both options are enabled. There are two ways to override them:

To change option value to "n" in rules/config file.
To override their value using SONIC_OVERRIDE_BUILD_VARS env variable:
SONIC_OVERRIDE_BUILD_VARS="SONIC_INCLUDE_TEAMD=y SONIC_INCLUDE_ROUTER_ADVERTISER=n"

- How to verify it
The default behavior is preserved. To verify it compile the image without overriding new options. Install the image and verify that both teamd and radv containers are present and running.
To verify the new options override them with "n" value. Compile and install image. Verify that no docker containers are present. Verify that SWSS can start without errors.
2022-12-13 12:06:30 +02:00
mihirpat1
4ff15a64c3
[platform-daemon][platform-common][utilities] Advance submodule head (#13009)
platform-daemon:

657a26de312d1eb61f15d13953ec1cd09634443 (HEAD, origin/master, origin/HEAD, master) [thermalctld] fix some redundant removal of state DB tables (#315)
56046dc36907c7e873911ef60e9193fe8717b12c Add new fields to status/dom_sensor/pm tables in STATE_DB for CMIS/C-CMIS (#304)
adcd69beb637aaf109573582a96bdeca82c8d1f0 Create TRANSCEIVER_DOM_THRESHOLD table in state DB (#320)
0573416ef546109849e0851d48ec1380426f7ef5 Remove the argument that is causing the xcvrd to crash (#318)

platform-common:

8f2dffb9d7708d05823462e9e643965103989d0d (HEAD, origin/master, origin/HEAD, master) Add get_transceiver_status and get_transceiver_pm to API interface (#315)
bf2ca02e06c93be9617cd0626049f7439b2192c1 [syseeprom] Remove the trailing space in the value of VENDOR_EXT field in the eepromTlvInfo decode (#333)
580357f740920671e9ca98dc0d1249537bddcf1d [Ci] Upgrade to bullseye and fix the branch reference issue (#331)
4f1722500b229fd3fd0b5e3a34686a00590af0a4 Use github code scanning instead of LGTM (#328)
ce9aacb628c5de7632e533deb008c012e0b9c40d EEPROM/DOM Info: The Compliance Code will show "unknown" by using FINISAR 10G LR XCVR (#319)

utilities:
208824d3202445e5d51c6ab6e5abeeb9c5483c1f (HEAD, origin/master, origin/HEAD, master) YANG Validation for ConfigDB Updates: WARM_RESTART, SFLOW_SESSION, SFLOW, VXLAN_TUNNEL, VXLAN_EVPN_NVO, VXLAN_TUNNEL_MAP, MGMT_VRF_CONFIG, CABLE_LENGTH, VRF tables (#2526)
09b8dd1333c84e9993234e017e2809d948c47c40 [db_migrator] Remove import of swsssdk as it is not supported in master (#2544)
10eb5ba8e3af26695eb4f00ddaf70b6be60a73b1 Support syslog rate limit configuration for containers and host (#2454)
ca9a02033f6609993a779d26a9da1b123a1115f6 [generate_dump] [Mellanox] Fix the duplicate dfw dump collection problem by adding symlinks (#2536)
92c70011307670aba6b73ef571f0e8d966ab62e3 [config] Add check in config interface ip command to block if the interface is portchannel member (#2539)
e8130f58bb66040a5c25435382e3c3df4bd0618b [system-health] Improve code structure of system health CLIs (#2453)
00c01b37c759283d3e8fa201ec94310b33ce7aab Transceiver eeprom dom CLI modification to show output from TRANSCEIVER_DOM_THRESHOLD table (#2535)
42f51c26d1d0017f3211904ca19c023b5d784463 sonic-utilities: Update config reload() to verify formatting of an input file (#2529)
a5e1e2b43e4c8fdb81307c49a8eb7b4db726758d [GCU] Add RemoveCreateOnlyDependency Validator/Generator (#2500)
6411b52e5e83837d731aed15b793d9df4277a47a [QoS] Introduce delay to the qos reload flow (#2503)
fce7ec32f5c07e9f017f15aa6790534f8596ef7b Use github code scanning instead of LGTM (#2530)
91bd6dee75d251dff72618b442376b537d6d3100 Change show kube command default value of insecure key to True (#2517)
c44c584f77577638460aaec78af1a3327aa8b4a5 Add db_migrator_constants.py script to setup.py (#2534)
6a3238e69062033159711ee6d4a3a8e39849f0c7 [drop counters] Fix CLI script for unconfigured PGs (#2518)
263810b25d12dc2435406d57245a113f7e9688c8 Update vrf add, del commands for duplicate/non-existing VRFs (#2467)
addae730177555c1a5d276e93b2610833604e5b8 Port 202012 DB migration changes to newer branches (#2515)
2af8cfa428af29551bdbdf3e44bbfe4fea4561b2 [VXLAN]Fixing traceback in show remotemac when mac moves during command execution (#2506)


Signed-off-by: Mihir Patel <patelmi@microsoft.com>
2022-12-12 23:39:32 -08:00
Kalimuthu-Velappan
0dc22bd27c
05.Version cache - docker dpkg caching support (#12005)
This feature caches all the deb files during docker build and stores them
into version cache.

It loads the cache file if already exists in the version cache and copies the extracted
deb file from cache file into Debian cache path( /var/cache/apt/archives).

The apt-install always installs the deb file from the cache if exists, this
avoid unnecessary package download from the repo and speeds up the overall build.

The cache file is selected based on the SHA value of version dependency
files.

Why I did it
How I did it
How to verify it


* 03.Version-cache - framework environment settings

It defines and passes the necessary version cache environment variables
to the caching framework.

It adds the utils script for shared cache file access.

It also adds the post-cleanup logic for cleaning the unwanted files from
the docker/image after the version cache creation.

* 04.Version cache - debug framework

Added DBGOPT Make variable to enable the cache framework
scripts in trace mode. This option takes the part name of the script to
enable the particular shell script in trace mode.

Multiple shell script names can also be given.

	Eg: make DBGOPT="image|docker"

Added verbose mode to dump the version merge details during
build/dry-run mode.
	Eg: scripts/versions_manager.py freeze -v \
		'dryrun|cmod=docker-swss|cfile=versions-deb|cname=all|stage=sub|stage=add'

* 05.Version cache - docker dpkg caching support

This feature caches all the deb files during docker build and stores them
into version cache.

It loads the cache file if already exists in the version cache and copies the extracted
deb file from cache file into Debian cache path( /var/cache/apt/archives).

The apt-install always installs the deb file from the cache if exists, this
avoid unnecessary package download from the repo and speeds up the overall build.

The cache file is selected based on the SHA value of version dependency
files.
2022-12-12 09:20:56 +08:00
Vivek
5624d15a7c
Fix dependency of dhcp-mon on VLAN with only v6 (#13006)
Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
2022-12-09 14:41:07 -08:00
wenyiz2021
8a8d83b814
[arista] Add platform.json for arista chassis LC5 (#12949)
Add components all LCs
add platform.json for new sku LC5
mark thermal controllable to false to skip setter function of high/low threshold
2022-12-09 13:45:22 -08:00
Mai Bui
51a1eb112b
[device/celestica] Mitigation for command injection vulnerability (#11740)
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [PR (#12065)](https://github.com/sonic-net/sonic-buildimage/pull/12065) needs to merge first.
#### Why I did it
1. `eval()` - not secure against maliciously constructed input, can be dangerous if used to evaluate dynamic content. This may be a code injection vulnerability.
2. `subprocess()` - when using with `shell=True` is dangerous. Using subprocess function without a static string can lead to command injection.
3. `os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content.
4. `is` operator - string comparison should not be used with reference equality.
5. `globals()` - extremely dangerous because it may allow an attacker to execute arbitrary code on the system
#### How I did it
1. `eval()` - use `literal_eval()`
2. `subprocess()` - use `shell=False` instead. use an array string. Ref: [https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation](https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation)
3. `os` - use with `subprocess`
4. `is` - replace by `==` operator for value equality
5. `globals()` - avoid the use of globals()
2022-12-09 10:30:20 -05:00