matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-03-20. You can view files and clone it, but cannot push or open issues or pull requests.
0e30ffe4da
sonic-buildimage/files/build_templates
History
xumia 8ec8900d31
Support SONiC OpenSSL FIPS 140-3 based on SymCrypt engine (#9573) 
Why I did it
Support OpenSSL FIPS 140-3, see design doc: https://github.com/Azure/SONiC/blob/master/doc/fips/SONiC-OpenSSL-FIPS-140-3.md.

How I did it
Install the fips packages.
To build the fips packages, see https://github.com/Azure/sonic-fips
Azure pipelines: https://dev.azure.com/mssonic/build/_build?definitionId=412

How to verify it
Validate the SymCrypt engine:

admin@sonic:~$ dpkg-query -W | grep openssl
openssl 1.1.1k-1+deb11u1+fips
symcrypt-openssl        0.1

admin@sonic:~$ openssl engine -v | grep -i symcrypt
(symcrypt) SCOSSL (SymCrypt engine for OpenSSL)
admin@sonic:~$
2022-05-06 07:21:30 +08:00
..
per_namespace [Fastboot] Delay LLDP service for better fastboot performance (#10568) 2022-04-28 10:35:14 +03:00
share_image [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
arp_update_vars.j2 [swss][arp_update] Send ipv6 pings over vlan sub interfaces (#8363) 2021-08-06 21:14:18 -07:00
buffers_config.j2 [Chassis][QoS template] Skip configuring buffer and QoS config on recirc ports (#7869) 2022-03-09 16:04:36 -08:00
cbf_config.j2 [CBF] Added configuration templates to generate configs for CBF (#8689) 2021-10-29 17:18:57 -07:00
config-chassisdb.service.j2 [ChassisDB]: bring up ChassisDB service (#5283) 2020-10-14 15:15:24 -07:00
config-setup.service.j2 [config-setup]: create a SONiC configuration management service (#3227) 2019-12-04 07:15:58 -08:00
database.service.j2 Multi-ASIC implementation (#3888) 2020-03-31 10:06:19 -07:00
dhcp_relay.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
docker_image_ctl.j2 [Mellanox][asan] add address sanitizer support for syncd (#10266) 2022-04-14 15:00:32 -07:00
iccpd.service.j2 [services] introduce sonic.target (#5705) 2021-02-25 14:26:24 +02:00
init_cfg.json.j2 [Fastboot] Delay PMON service for better fastboot performance (#10567) 2022-05-02 10:44:17 +03:00
kube_cni.10-flannel.conflist First cut image update for kubernetes support. (#5421) 2020-12-22 08:01:33 -08:00
lldp.service.j2 Changes for LLDP docker to support multi-npu platforms (#4530) 2020-05-11 11:05:44 -07:00
lldp.timer.j2 [Fastboot] Delay LLDP service for better fastboot performance (#10568) 2022-04-28 10:35:14 +03:00
manifest.json.j2 [dockers] change RPC, DBG dockers version: put RPG, DBG sign in build metadata part of the version (#8920) 2021-11-01 19:02:57 +02:00
mgmt-framework.service.j2 [services] introduce sonic.target (#5705) 2021-02-25 14:26:24 +02:00
mgmt-framework.timer Grouping delayed services under a target for config reload checks (#7846) 2021-06-21 11:55:02 -07:00
mux.service.j2 [mux]: Fix mark_dhcp_packet (#9373) 2021-11-29 12:04:06 -08:00
nat.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
organization_extensions.sh Framework to plugin Organization specific scripts during ONIE Image build (#951) 2017-09-19 16:23:31 -07:00
p4rt.service.j2 [PINS] Build P4RT container for PINS (#9083) 2021-12-07 11:11:25 -08:00
packages.json.j2 [sonic_debian_extension] fix packages.json generation and make the build fail when packages.json is not generated (#8044) 2021-07-09 12:29:33 -07:00
pde.service.j2 [PDE]: introduce the SONiC Platform Development Env (#7510) 2021-07-24 16:24:43 -07:00
pmon.service.j2 [Fastboot] Delay PMON service for better fastboot performance (#10567) 2022-05-02 10:44:17 +03:00
pmon.timer [Fastboot] Delay PMON service for better fastboot performance (#10567) 2022-05-02 10:44:17 +03:00
qos_config.j2 Define qos map AZURE_TUNNEL for QoS remapping of tunnel traffic (#10565) 2022-04-25 15:06:10 +08:00
radv.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
restapi.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
sflow.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
snmp.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
snmp.timer Grouping delayed services under a target for config reload checks (#7846) 2021-06-21 11:55:02 -07:00
sonic_debian_extension.j2 Support SONiC OpenSSL FIPS 140-3 based on SymCrypt engine (#9573) 2022-05-06 07:21:30 +08:00
sonic_version.yml.j2 [Mellanox][asan] add address sanitizer support for syncd (#10266) 2022-04-14 15:00:32 -07:00
sonic-delayed.target Grouping delayed services under a target for config reload checks (#7846) 2021-06-21 11:55:02 -07:00
sonic.target [services] introduce sonic.target (#5705) 2021-02-25 14:26:24 +02:00
swss_vars.j2 Introduce the asic_subtype field for adding the sub platform variants. (#10235) 2022-03-28 11:22:32 -07:00
tacacs-config.service Add service to restore TACACS from old config (#7560) 2021-06-03 20:07:17 -07:00
tacacs-config.timer Add service to restore TACACS from old config (#7560) 2021-06-03 20:07:17 -07:00
telemetry.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
telemetry.timer Grouping delayed services under a target for config reload checks (#7846) 2021-06-21 11:55:02 -07:00
updategraph.service.j2 [config-setup]: create a SONiC configuration management service (#3227) 2019-12-04 07:15:58 -08:00