Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[secure boot]Fix mokutil check issue with ONIE version older than 202… #14589

Merged

Conversation

davidpil2002
Copy link
Contributor

@davidpil2002 davidpil2002 commented Apr 10, 2023

…1.11 by using efivar tool instead

Why I did it

solution to BUG below/
#14316
bug report also in this issue:
backport: secureboot support #14246

How I did it

When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name mokutil this tool its not exist in ONIE version older than 2021.11 so its crasshing the install.
To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system

How to verify it

Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012
  • 202106
  • 202111
  • 202205
  • [X ] 202211

Description for the changelog

Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

@davidpil2002 davidpil2002 force-pushed the secure-boot-fix-mokutil-usage branch from a7d9dd2 to 29cdac1 Compare April 10, 2023 13:10
@davidpil2002 davidpil2002 mentioned this pull request Apr 10, 2023
8 tasks
@davidpil2002
Copy link
Contributor Author

pls @sacnaik can you review this fix?
@ITJamie can you review it as well, and confirm if its working on your ONIE version

echo secure_boot_state=$secure_boot_state
if [ "$secure_boot_state" = "SecureBoot enabled" ]; then
echo "UEFI Secure Boot is enabled"
if [ "$secure_boot_state" -eq 1 ]; then
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure what this 1 means here. can we use macro?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

Copy link
Contributor Author

@davidpil2002 davidpil2002 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR ready

echo secure_boot_state=$secure_boot_state
if [ "$secure_boot_state" = "SecureBoot enabled" ]; then
echo "UEFI Secure Boot is enabled"
if [ "$secure_boot_state" -eq 1 ]; then
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@davidpil2002
Copy link
Contributor Author

you are WC to test this fix in your environment as well.
@kuanyu99

@luigitalboy
Copy link

Hllo @davidpil2002 ,
I will be glad to test the build on my env but should I have to compile it or the bin is already available?
Thanks!!

@davidpil2002
Copy link
Contributor Author

Hllo @davidpil2002 , I will be glad to test the build on my env but should I have to compile it or the bin is already available? Thanks!!

Hi @luigitalboy ,
you should cherry-pick the fix to master branch or pull this branch, and build locally.

I don't think that Azure build image build in PR can be access to download the binary image,
@lguohan is possible to get access to the target image when the build in this PR finish?

@ITJamie
Copy link

ITJamie commented Apr 13, 2023

@luigitalboy
Copy link

Thanks @ITJamie! I downloaded the zip and I'm installing the sonic bin inside. Let's cross the fingers!

@luigitalboy
Copy link

@ITJamie Unfortunately the installation failed again:

ONIE:/ # onie-nos-install tftp://192.168.1.21/sonic-broadcom.bin
discover: installer mode detected.
Stopping: discover... done.
Info: Fetching tftp://192.168.1.21/sonic-broadcom.bin ...
sonic-broadcom.bin 0% | | 2402M999:59:59 ETA
ONIE: Executing installer: tftp://192.168.1.21/sonic-broadcom.bin
Verifying image checksum ... OK.
Preparing image archive ... OK.
Installing SONiC in ONIE
ONIE Installer: platform: x86_64-broadcom-r0
onie_platform: x86_64-quanta_ix8_rglbmc-r0
deleting partition 3 ...
Filesystem 1K-blocks Used Available Use% Mounted on
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
The operation has completed successfully.
Partition #1 is in use.
Partition #2 is in use.
Partition #3 is available
Creating new SONiC-OS partition /dev/sda3 ...
Could not create partition 3 from 788480 to 67897343
Unable to set partition 3's name to 'SONiC-OS'!
Error encountered; not saving changes.
Warning: The first trial of creating partition failed, trying the largest aligned available block of sectors on the disk
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
The operation has completed successfully.
mke2fs 1.42.8 (20-Jun-2013)
Discarding device blocks: done
Filesystem label=SONiC-OS
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
1929536 inodes, 7718097 blocks
385904 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
236 block groups
32768 blocks per group, 32768 fragments per group
8176 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

Installing SONiC to /tmp/tmp.0g3hQb/image-master-14589.252268-5ac59dc89
Archive: fs.zip
creating: boot/
inflating: boot/initrd.img-5.10.0-18-2-amd64
inflating: boot/System.map-5.10.0-18-2-amd64
inflating: boot/config-5.10.0-18-2-amd64
inflating: boot/vmlinuz-5.10.0-18-2-amd64
inflating: fs.squashfs
ONIE_IMAGE_PART_SIZE=32768
EXTRA_CMDLINE_LINUX=sonic_fips=1
Success: Support tarball created: /tmp/onie-support.tar.bz2
Failure: Unable to install image: tftp://192.168.1.21/sonic-broadcom.bin

@davidpil2002
Copy link
Contributor Author

davidpil2002 commented Apr 13, 2023

I will continue the debug on sunday probably, but pls can you type in your onie shell efivar -l
@luigitalboy

@gaggaman
Copy link

gaggaman commented Apr 13, 2023

@davidpil2002 Same here:
...
Installing SONiC to /tmp/tmp.bzT1Ux/image-master-14589.252268-5ac59dc89
Archive: fs.zip
creating: boot/
inflating: boot/initrd.img-5.10.0-18-2-amd64
inflating: boot/System.map-5.10.0-18-2-amd64
inflating: boot/config-5.10.0-18-2-amd64
inflating: boot/vmlinuz-5.10.0-18-2-amd64
inflating: fs.squashfs
ONIE_IMAGE_PART_SIZE=32768
EXTRA_CMDLINE_LINUX=sonic_fips=1
Success: Support tarball created: /tmp/onie-support-cel_silverstone_dp.tar.bz2
Failure: Unable to install image: tftp://xx.xx.xx.xx/sonic-broadcom.bin
ONIE:/ #

No visible error message - just "Failure: Unable to install..." . Can I do anything to track this down?

Here is my efivar -l :

ONIE:/ # efivar -l
8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOrder
1b838190-4625-4ead-abc9-cd5e6af18fe0-HiiDB
8be4df61-93ca-11d2-aa0d-00e098032b8c-BootCurrent
8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOptionSupport
8be4df61-93ca-11d2-aa0d-00e098032b8c-PlatformLangCodes
8be4df61-93ca-11d2-aa0d-00e098032b8c-ErrOutDev
8be4df61-93ca-11d2-aa0d-00e098032b8c-ConOutDev
8be4df61-93ca-11d2-aa0d-00e098032b8c-ConInDev
4696e96d-e8d8-4703-bf7b-95c0bf14f3e6-VarRtmh
8be4df61-93ca-11d2-aa0d-00e098032b8c-OsIndicationsSupported
01368881-c4ad-4b1d-b631-d57a8ec8db6b-FPDT_Volatile
4bafc2b4-02dc-4104-b236-d6f1b98d9e84-S3SS
80e1202e-2697-4264-9cc9-80762c3e5863-Setup
ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-UsbSupport
d1405d16-7afc-4695-bb12-41459d3695a2-NetworkStackVar
c811fa38-42c8-4579-a9bb-60e94eddfb34-AMITSESetup
8be4df61-93ca-11d2-aa0d-00e098032b8c-Timeout
8be4df61-93ca-11d2-aa0d-00e098032b8c-PlatformLang
ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-Setup
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0004
d3705011-bc19-4af7-be16-f68030378c15-BootState
e20939be-32d4-41be-a150-897f85d49829-MemoryOverwriteRequestControl
4b3082a3-80c6-4d7e-9cd0-583917265df1-MaximumTableSize
4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosScratchBuffer
4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosV3EntryPointTable
4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosEntryPointTable
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0005
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0002
45cf35f6-0d6e-4d04-856a-0370a5b16f53-DefaultBootOrder
3c4ead08-45ae-4315-8d15-a60eaa8caf69-DefaultLegacyDevOrder
a56074db-65fe-45f7-bd21-2d2bdd8e9652-LegacyDevOrder
7d3dceee-cbce-4ea7-8709-6e552f1edbde-TpmServFlags
8be4df61-93ca-11d2-aa0d-00e098032b8c-ErrOut
8be4df61-93ca-11d2-aa0d-00e098032b8c-ConIn
8be4df61-93ca-11d2-aa0d-00e098032b8c-ConOut
a1948ff0-8c5d-11e0-83f2-0800200c9a66-RetryCounterMmioIo
8163179a-f31a-4132-aede-89f36aee43da-LastBootFailedIoh
4b3082a3-80c6-4d7e-9cd0-583917265df1-WriteOnceStatus
378d7b65-8da9-4773-b6e4-a47826a833e2-RTC
ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-IntelSetup
01239999-fc0e-4b6e-9e79-d54d5db6cd20-ServerSetup
378d7b65-8da9-4773-b6e4-a47826a833e1-RTC
01368881-c4ad-4b1d-b631-d57a8ec8db6b-MonotonicCounter
4599d26f-1a11-49b8-b91f-858745cff824-StdDefaults
ONIE:/ #

@davidpil2002
Copy link
Contributor Author

davidpil2002 commented Apr 13, 2023

@davidpil2002 Same here: ... Installing SONiC to /tmp/tmp.bzT1Ux/image-master-14589.252268-5ac59dc89 Archive: fs.zip creating: boot/ inflating: boot/initrd.img-5.10.0-18-2-amd64 inflating: boot/System.map-5.10.0-18-2-amd64 inflating: boot/config-5.10.0-18-2-amd64 inflating: boot/vmlinuz-5.10.0-18-2-amd64 inflating: fs.squashfs ONIE_IMAGE_PART_SIZE=32768 EXTRA_CMDLINE_LINUX=sonic_fips=1 Success: Support tarball created: /tmp/onie-support-cel_silverstone_dp.tar.bz2 Failure: Unable to install image: tftp://xx.xx.xx.xx/sonic-broadcom.bin ONIE:/ #

No visible error message - just "Failure: Unable to install..." . Can I do anything to track this down?

Here is my efivar -l :

ONIE:/ # efivar -l 8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOrder 1b838190-4625-4ead-abc9-cd5e6af18fe0-HiiDB 8be4df61-93ca-11d2-aa0d-00e098032b8c-BootCurrent 8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOptionSupport 8be4df61-93ca-11d2-aa0d-00e098032b8c-PlatformLangCodes 8be4df61-93ca-11d2-aa0d-00e098032b8c-ErrOutDev 8be4df61-93ca-11d2-aa0d-00e098032b8c-ConOutDev 8be4df61-93ca-11d2-aa0d-00e098032b8c-ConInDev 4696e96d-e8d8-4703-bf7b-95c0bf14f3e6-VarRtmh 8be4df61-93ca-11d2-aa0d-00e098032b8c-OsIndicationsSupported 01368881-c4ad-4b1d-b631-d57a8ec8db6b-FPDT_Volatile 4bafc2b4-02dc-4104-b236-d6f1b98d9e84-S3SS 80e1202e-2697-4264-9cc9-80762c3e5863-Setup ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-UsbSupport d1405d16-7afc-4695-bb12-41459d3695a2-NetworkStackVar c811fa38-42c8-4579-a9bb-60e94eddfb34-AMITSESetup 8be4df61-93ca-11d2-aa0d-00e098032b8c-Timeout 8be4df61-93ca-11d2-aa0d-00e098032b8c-PlatformLang ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-Setup 8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0004 d3705011-bc19-4af7-be16-f68030378c15-BootState e20939be-32d4-41be-a150-897f85d49829-MemoryOverwriteRequestControl 4b3082a3-80c6-4d7e-9cd0-583917265df1-MaximumTableSize 4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosScratchBuffer 4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosV3EntryPointTable 4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosEntryPointTable 8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0005 8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0002 45cf35f6-0d6e-4d04-856a-0370a5b16f53-DefaultBootOrder 3c4ead08-45ae-4315-8d15-a60eaa8caf69-DefaultLegacyDevOrder a56074db-65fe-45f7-bd21-2d2bdd8e9652-LegacyDevOrder 7d3dceee-cbce-4ea7-8709-6e552f1edbde-TpmServFlags 8be4df61-93ca-11d2-aa0d-00e098032b8c-ErrOut 8be4df61-93ca-11d2-aa0d-00e098032b8c-ConIn 8be4df61-93ca-11d2-aa0d-00e098032b8c-ConOut a1948ff0-8c5d-11e0-83f2-0800200c9a66-RetryCounterMmioIo 8163179a-f31a-4132-aede-89f36aee43da-LastBootFailedIoh 4b3082a3-80c6-4d7e-9cd0-583917265df1-WriteOnceStatus 378d7b65-8da9-4773-b6e4-a47826a833e2-RTC ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-IntelSetup 01239999-fc0e-4b6e-9e79-d54d5db6cd20-ServerSetup 378d7b65-8da9-4773-b6e4-a47826a833e1-RTC 01368881-c4ad-4b1d-b631-d57a8ec8db6b-MonotonicCounter 4599d26f-1a11-49b8-b91f-858745cff824-StdDefaults ONIE:/ #

the command is working as expected, your uefi is not supporting secure boot feature, but even though the installation should not failed, so some issue exist.

if you can, basically, you can open you binary file with vi.
and search for the first line of the installation script
#!/bin/sh

and add in the next line the follow:
set -x
this basicly add debug print to the bash installation file .

ps: the binary file is big, so probably will take some time to open it and seach.
binary file, i mean this one
sonic-broadcom.bin

@gaggaman
Copy link

@davidpil2002

if you can, basically, you can open you binary file with vi. and search for the first line of the installation script #!/bin/sh

and add in the next line the follow: set -x this basicly add debug print to the bash installation file .

ps: the binary file is big, so probably will take some time to open it and seach. binary file, i mean this one sonic-broadcom.bin

vi seemed to tamper with the binary part, anyway I got it with a binary editor.

ONIE: Executing installer: tftp://10.58.60.155/sonic-broadcom.bin

  • echo -n Verifying image checksum ...
    Verifying image checksum ...+ sed -e 1,/^exit_marker$/d /var/tmp/installer
  • sha1sum
  • awk { print $1 }
  • sha1=3734c5fdb8034f9c8a8d3727cd244e623f933f80
  • payload_sha1=3734c5fdb8034f9c8a8d3727cd244e623f933f80
  • [ 3734c5fdb8034f9c8a8d3727cd244e623f933f80 != 3734c5fdb8034f9c8a8d3727cd244e623f933f80 ]
  • echo OK.
    OK.
  • sed -e 1,/^exit_marker$/d /var/tmp/installer
  • tar --to-stdout -xf -
  • wc -c
  • image_size_in_kb=2461472
  • pwd
  • cur_wd=/
  • export cur_wd
  • realpath /var/tmp/installer
  • archive_path=/var/tmp/installer
  • mktemp -d
  • tmp_dir=/tmp/tmp.UmzkhC
  • id -u
  • [ 0 = 0 ]
  • mount -t tmpfs tmpfs-installer /tmp/tmp.UmzkhC
  • df /tmp/tmp.UmzkhC
  • tail -1
  • tr -s
  • cut -d -f4
  • mount_size_in_kb=8156124
  • padding=102400
  • [ 8156124 -le 2563872 ]
  • cd /tmp/tmp.UmzkhC
  • echo -n Preparing image archive ...
    Preparing image archive ...+ sed -e 1,/^exit_marker$/d /var/tmp/installer
  • tar xf -
  • echo OK.
    OK.
  • cd /
  • [ -n ]
  • /tmp/tmp.UmzkhC/installer/install.sh
    Installing SONiC in ONIE
    ONIE Installer: platform: x86_64-broadcom-r0
    onie_platform: x86_64-cel_silverstone_dp-r0
    The image you're trying to install is of a different ASIC type as the running platform's ASIC
    Do you still wish to install this image? [y/n]: y
    Force installing...
    deleting partition 3 ...
    Filesystem 1K-blocks Used Available Use% Mounted on
    Warning: The kernel is still using the old partition table.
    The new table will be used at the next reboot.
    The operation has completed successfully.
    Partition Update README.md #1 is in use.
    Partition Update README.md #2 is in use.
    Partition Update README.md #3 is available
    Creating new SONiC-OS partition /dev/sda3 ...
    Could not create partition 3 from 788480 to 67897343
    Unable to set partition 3's name to 'SONiC-OS'!
    Error encountered; not saving changes.
    Warning: The first trial of creating partition failed, trying the largest aligned available block of sectors on the disk
    Warning: The kernel is still using the old partition table.
    The new table will be used at the next reboot.
    The operation has completed successfully.
    mke2fs 1.42.13 (17-May-2015)
    Discarding device blocks: done
    Creating filesystem with 7718097 4k blocks and 1929536 inodes
    Filesystem UUID: 26bb2efe-07bf-40fd-b890-bf4318a9fd87
    Superblock backups stored on blocks:
    32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
    4096000

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

Installing SONiC to /tmp/tmp.H4sRv3/image-master-14589.252268-5ac59dc89
Archive: fs.zip
creating: boot/
inflating: boot/initrd.img-5.10.0-18-2-amd64
inflating: boot/System.map-5.10.0-18-2-amd64
inflating: boot/config-5.10.0-18-2-amd64
inflating: boot/vmlinuz-5.10.0-18-2-amd64
inflating: fs.squashfs
ONIE_IMAGE_PART_SIZE=32768
EXTRA_CMDLINE_LINUX=sonic_fips=1
Success: Support tarball created: /tmp/onie-support-cel_silverstone_dp.tar.bz2

  • rc=1
  • id -u
  • [ 0 = 0 ]
  • umount /tmp/tmp.UmzkhC
  • rm -rf /tmp/tmp.UmzkhC
  • exit 1
    Failure: Unable to install image: tftp://xx.xx.xx.xx/sonic-broadcom.bin

@davidpil2002
Copy link
Contributor Author

Thanks for the info, I will get access to some setup on Sunday and do a deep debug.
for now, I can say that there is one error not related to my fix that can influence in the installation as well:
pls review this error:
The image you're trying to install is of a different ASIC type as the running platform's ASIC
Do you still wish to install this image? [y/n]: y
basicly its meaning that image do not support your setup.

In addition, if it's possible and you can add a debug print by modifying the binary,
if yes, pls add some echo print before and after this line:
reg_sb_guid=$(efivar -l | grep "SecureBoot")

@gaggaman
Copy link

gaggaman commented Apr 14, 2023

pls review this error: The image you're trying to install is of a different ASIC type as the running platform's ASIC Do you still wish to install this image? [y/n]: y basicly its meaning that image do not support your setup.

The silverstone DP that I have is a broadcom machine. Does that error message mean that, although the chipset might be supported, the individual type of machine is not supported? Compatibility list says Sonic is compatible with cel silverstone, but there are at least two types of silverstone.

In addition, if it's possible and you can add a debug print by modifying the binary, if yes, pls add some echo print before and after this line: reg_sb_guid=$(efivar -l | grep "SecureBoot")

I sed-ed the set -x into the /tmp/.../install.sh script:

ONIE: Executing installer: tftp://xx.xx.xx.xx/sonic-broadcom.bin
+ echo -n Verifying image checksum ...
Verifying image checksum ...+ sed -e 1,/^exit_marker$/d /var/tmp/installer
+ sha1sum
+ awk { print $1 }
+ sha1=3734c5fdb8034f9c8a8d3727cd244e623f933f80
+ payload_sha1=3734c5fdb8034f9c8a8d3727cd244e623f933f80
+ [ 3734c5fdb8034f9c8a8d3727cd244e623f933f80 != 3734c5fdb8034f9c8a8d3727cd244e623f933f80 ]
+ echo  OK.
 OK.
+ sed -e 1,/^exit_marker$/d /var/tmp/installer
+ tar --to-stdout -xf -
+ wc -c
+ image_size_in_kb=2461472
+ pwd
+ cur_wd=/
+ export cur_wd
+ realpath /var/tmp/installer
+ archive_path=/var/tmp/installer
+ mktemp -d
+ tmp_dir=/tmp/tmp.IadSE3
+ id -u
+ [ 0 = 0 ]
+ mount -t tmpfs tmpfs-installer /tmp/tmp.IadSE3
+ df /tmp/tmp.IadSE3
+ tail -1
+ tr -s
+ cut -d  -f4
+ mount_size_in_kb=8156124
+ padding=102400
+ [ 8156124 -le 2563872 ]
+ cd /tmp/tmp.IadSE3
+ echo -n Preparing image archive ...
Preparing image archive ...+ sed -e 1,/^exit_marker$/d /var/tmp/installer
+ tar xf -
+ echo  OK.
 OK.
+ cd /
+ [ -n  ]
+ sed -i /^#!\/bin\/sh.*/a set -x /tmp/tmp.IadSE3/installer/install.sh
+ /tmp/tmp.IadSE3/installer/install.sh
+ _trap_push true
+ local next=true
+ echo true
+ sed -e s/'/'\\''/g
+ eval trap_push() {
        local oldcmd='true'
        local newcmd="$1; $oldcmd"
        trap -- "$newcmd" EXIT INT TERM HUP
        _trap_push "$newcmd"
    }
+ set -e
+ [ -d /etc/sonic ]
+ grep -Fxqs DISTRIB_ID=onie /etc/lsb-release
+ echo Installing SONiC in ONIE
Installing SONiC in ONIE
+ install_env=onie
+ dirname /tmp/tmp.IadSE3/installer/install.sh
+ cd /tmp/tmp.IadSE3/installer
+ [ -r ./machine.conf ]
+ read_conf_file ./machine.conf
+ local conf_file=./machine.conf
+ IFS== read -r var value
+ echo machine
+ tr -d \r\n
+ var=machine
+ echo broadcom
+ tr -d \r\n
+ value=broadcom
+ var=machine
+ value=broadcom
+ [ -z machine ]
+ tmp_val=broadcom
+ value=broadcom
+ eval machine="broadcom"
+ machine=broadcom
+ IFS== read -r var value
+ echo platform
+ tr -d \r\n
+ var=platform
+ echo x86_64-broadcom-r0
+ tr -d \r\n
+ value=x86_64-broadcom-r0
+ var=platform
+ value=x86_64-broadcom-r0
+ [ -z platform ]
+ tmp_val=x86_64-broadcom-r0
+ value=x86_64-broadcom-r0
+ eval platform="x86_64-broadcom-r0"
+ platform=x86_64-broadcom-r0
+ IFS== read -r var value
+ [ -n  ]
+ [ -r ./onie-image.conf ]
+ . ./onie-image.conf
+ : 32768
+ : x86_64
+ : generic
+ ONIEIMAGE_VERSION=r0
+ FILESYSTEM_ROOT=./fsroot-generic
+ FILESYSTEM_SQUASHFS=fs.squashfs
+ ONIE_INSTALLER_PAYLOAD=fs.zip
+ FILESYSTEM_DOCKERFS=dockerfs.tar.gz
+ DOCKERFS_DIR=docker
+ DOCKER_RAMFS_SIZE=1500M
+ OUTPUT_ONIE_IMAGE=target/sonic-generic.bin
+ OUTPUT_RAW_IMAGE=target/sonic-generic.raw
+ RAW_IMAGE_DISK_SIZE=4096
+ OUTPUT_KVM_IMAGE=target/sonic-generic.img
+ KVM_IMAGE_DISK_SIZE=16
+ OUTPUT_ABOOT_IMAGE=target/sonic-aboot-generic.swi
+ ABOOT_BOOT_IMAGE=.sonic-boot.swi
+ OUTPUT_KVM_4ASIC_IMAGE=target/sonic-4asic-generic.img
+ OUTPUT_KVM_6ASIC_IMAGE=target/sonic-6asic-generic.img
+ [ -r ./onie-image-*.conf ]
+ echo ONIE Installer: platform: x86_64-broadcom-r0
ONIE Installer: platform: x86_64-broadcom-r0
+ id -u
+ [ 0 -ne 0 ]
+ [ -r /etc/machine.conf ]
+ read_conf_file /etc/machine.conf
+ local conf_file=/etc/machine.conf
+ IFS== read -r var value
+ echo onie_version
+ tr -d \r\n
+ var=onie_version
+ echo 2018.11.0.0.2
+ tr -d \r\n
+ value=2018.11.0.0.2
+ var=onie_version
+ value=2018.11.0.0.2
+ [ -z onie_version ]
+ tmp_val=2018.11.0.0.2
+ value=2018.11.0.0.2
+ eval onie_version="2018.11.0.0.2"
+ onie_version=2018.11.0.0.2
+ IFS== read -r var value
+ echo onie_vendor_id
+ tr -d \r\n
+ var=onie_vendor_id
+ echo 12244
+ tr -d \r\n
+ value=12244
+ var=onie_vendor_id
+ value=12244
+ [ -z onie_vendor_id ]
+ tmp_val=12244
+ value=12244
+ eval onie_vendor_id="12244"
+ onie_vendor_id=12244
+ IFS== read -r var value
+ echo onie_build_machine
+ tr -d \r\n
+ var=onie_build_machine
+ echo cel_silverstone_dp
+ tr -d \r\n
+ value=cel_silverstone_dp
+ var=onie_build_machine
+ value=cel_silverstone_dp
+ [ -z onie_build_machine ]
+ tmp_val=cel_silverstone_dp
+ value=cel_silverstone_dp
+ eval onie_build_machine="cel_silverstone_dp"
+ onie_build_machine=cel_silverstone_dp
+ IFS== read -r var value
+ echo onie_machine_rev
+ tr -d \r\n
+ var=onie_machine_rev
+ echo 0
+ tr -d \r\n
+ value=0
+ var=onie_machine_rev
+ value=0
+ [ -z onie_machine_rev ]
+ tmp_val=0
+ value=0
+ eval onie_machine_rev="0"
+ onie_machine_rev=0
+ IFS== read -r var value
+ echo onie_arch
+ tr -d \r\n
+ var=onie_arch
+ echo x86_64
+ tr -d \r\n
+ value=x86_64
+ var=onie_arch
+ value=x86_64
+ [ -z onie_arch ]
+ tmp_val=x86_64
+ value=x86_64
+ eval onie_arch="x86_64"
+ onie_arch=x86_64
+ IFS== read -r var value
+ echo onie_build_platform
+ tr -d \r\n
+ var=onie_build_platform
+ echo x86_64-cel_silverstone_dp-r0
+ tr -d \r\n
+ value=x86_64-cel_silverstone_dp-r0
+ var=onie_build_platform
+ value=x86_64-cel_silverstone_dp-r0
+ [ -z onie_build_platform ]
+ tmp_val=x86_64-cel_silverstone_dp-r0
+ value=x86_64-cel_silverstone_dp-r0
+ eval onie_build_platform="x86_64-cel_silverstone_dp-r0"
+ onie_build_platform=x86_64-cel_silverstone_dp-r0
+ IFS== read -r var value
+ echo onie_config_version
+ tr -d \r\n
+ var=onie_config_version
+ echo 1
+ tr -d \r\n
+ value=1
+ var=onie_config_version
+ value=1
+ [ -z onie_config_version ]
+ tmp_val=1
+ value=1
+ eval onie_config_version="1"
+ onie_config_version=1
+ IFS== read -r var value
+ echo onie_build_date
+ tr -d \r\n
+ var=onie_build_date
+ echo "2019-07-25T14:43+07:00"
+ tr -d \r\n
+ value="2019-07-25T14:43+07:00"
+ var=onie_build_date
+ value="2019-07-25T14:43+07:00"
+ [ -z onie_build_date ]
+ tmp_val=2019-07-25T14:43+07:00"
+ value=2019-07-25T14:43+07:00
+ eval onie_build_date="2019-07-25T14:43+07:00"
+ onie_build_date=2019-07-25T14:43+07:00
+ IFS== read -r var value
+ echo onie_partition_type
+ tr -d \r\n
+ var=onie_partition_type
+ echo gpt
+ tr -d \r\n
+ value=gpt
+ var=onie_partition_type
+ value=gpt
+ [ -z onie_partition_type ]
+ tmp_val=gpt
+ value=gpt
+ eval onie_partition_type="gpt"
+ onie_partition_type=gpt
+ IFS== read -r var value
+ echo onie_kernel_version
+ tr -d \r\n
+ var=onie_kernel_version
+ echo 4.9.95
+ tr -d \r\n
+ value=4.9.95
+ var=onie_kernel_version
+ value=4.9.95
+ [ -z onie_kernel_version ]
+ tmp_val=4.9.95
+ value=4.9.95
+ eval onie_kernel_version="4.9.95"
+ onie_kernel_version=4.9.95
+ IFS== read -r var value
+ echo onie_firmware
+ tr -d \r\n
+ var=onie_firmware
+ echo auto
+ tr -d \r\n
+ value=auto
+ var=onie_firmware
+ value=auto
+ [ -z onie_firmware ]
+ tmp_val=auto
+ value=auto
+ eval onie_firmware="auto"
+ onie_firmware=auto
+ IFS== read -r var value
+ echo onie_switch_asic
+ tr -d \r\n
+ var=onie_switch_asic
+ echo bcm
+ tr -d \r\n
+ value=bcm
+ var=onie_switch_asic
+ value=bcm
+ [ -z onie_switch_asic ]
+ tmp_val=bcm
+ value=bcm
+ eval onie_switch_asic="bcm"
+ onie_switch_asic=bcm
+ IFS== read -r var value
+ echo onie_skip_ethmgmt_macs
+ tr -d \r\n
+ var=onie_skip_ethmgmt_macs
+ echo no
+ tr -d \r\n
+ value=no
+ var=onie_skip_ethmgmt_macs
+ value=no
+ [ -z onie_skip_ethmgmt_macs ]
+ tmp_val=no
+ value=no
+ eval onie_skip_ethmgmt_macs="no"
+ onie_skip_ethmgmt_macs=no
+ IFS== read -r var value
+ echo onie_grub_image_name
+ tr -d \r\n
+ var=onie_grub_image_name
+ echo grubx64.efi
+ tr -d \r\n
+ value=grubx64.efi
+ var=onie_grub_image_name
+ value=grubx64.efi
+ [ -z onie_grub_image_name ]
+ tmp_val=grubx64.efi
+ value=grubx64.efi
+ eval onie_grub_image_name="grubx64.efi"
+ onie_grub_image_name=grubx64.efi
+ IFS== read -r var value
+ echo onie_uefi_boot_loader
+ tr -d \r\n
+ var=onie_uefi_boot_loader
+ echo grubx64.efi
+ tr -d \r\n
+ value=grubx64.efi
+ var=onie_uefi_boot_loader
+ value=grubx64.efi
+ [ -z onie_uefi_boot_loader ]
+ tmp_val=grubx64.efi
+ value=grubx64.efi
+ eval onie_uefi_boot_loader="grubx64.efi"
+ onie_uefi_boot_loader=grubx64.efi
+ IFS== read -r var value
+ echo onie_uefi_arch
+ tr -d \r\n
+ var=onie_uefi_arch
+ echo x64
+ tr -d \r\n
+ value=x64
+ var=onie_uefi_arch
+ value=x64
+ [ -z onie_uefi_arch ]
+ tmp_val=x64
+ value=x64
+ eval onie_uefi_arch="x64"
+ onie_uefi_arch=x64
+ IFS== read -r var value
+ echo onie_machine
+ tr -d \r\n
+ var=onie_machine
+ echo cel_silverstone_dp
+ tr -d \r\n
+ value=cel_silverstone_dp
+ var=onie_machine
+ value=cel_silverstone_dp
+ [ -z onie_machine ]
+ tmp_val=cel_silverstone_dp
+ value=cel_silverstone_dp
+ eval onie_machine="cel_silverstone_dp"
+ onie_machine=cel_silverstone_dp
+ IFS== read -r var value
+ echo onie_platform
+ tr -d \r\n
+ var=onie_platform
+ echo x86_64-cel_silverstone_dp-r0
+ tr -d \r\n
+ value=x86_64-cel_silverstone_dp-r0
+ var=onie_platform
+ value=x86_64-cel_silverstone_dp-r0
+ [ -z onie_platform ]
+ tmp_val=x86_64-cel_silverstone_dp-r0
+ value=x86_64-cel_silverstone_dp-r0
+ eval onie_platform="x86_64-cel_silverstone_dp-r0"
+ onie_platform=x86_64-cel_silverstone_dp-r0
+ IFS== read -r var value
+ [ -n  ]
+ echo onie_platform: x86_64-cel_silverstone_dp-r0
onie_platform: x86_64-cel_silverstone_dp-r0
+ ONIE_PLATFORM_EXTRA_CMDLINE_LINUX=
+ VAR_LOG_SIZE=4096
+ [ -r platforms/x86_64-cel_silverstone_dp-r0 ]
+ [ onie = onie ]
+ grep -Fxq x86_64-cel_silverstone_dp-r0 platforms_asic
+ echo The image you're trying to install is of a different ASIC type as the running platform's ASIC
The image you're trying to install is of a different ASIC type as the running platform's ASIC
+ true
+ read -r -p Do you still wish to install this image? [y/n]:  input
Do you still wish to install this image? [y/n]: y
+ echo Force installing...
Force installing...
+ break
+ [ onie = onie ]
+ onie_bin=
+ onie_root_dir=/mnt/onie-boot/onie
+ onie_initrd_tmp=/
+ demo_type=OS
+ demo_part_size=32768
+ image_version=master-14589.252268-5ac59dc89
+ date -u +%Y%m%d
+ timestamp=20230414
+ demo_volume_label=SONiC-OS
+ demo_volume_revision_label=SONiC-OS-master-14589.252268-5ac59dc89
+ . ./default_platform.conf
+ [ -z  ]
+ cat /proc/cmdline
+ grep -Eo console=ttyS[0-9]+
+ cut -d = -f2
+ console_ttys=ttyS0
+ [ -z ttyS0 -o ttyS0 = ttyS0 ]
+ CONSOLE_PORT=0x3f8
+ CONSOLE_DEV=0
+ [ -z  ]
+ cat /proc/cmdline
+ grep -Eo console=ttyS[0-9]+,[0-9]+
+ cut -d , -f2
+ speed=115200
+ [ -z 115200 ]
+ CONSOLE_SPEED=115200
+ demo_part=
+ legacy_volume_label=ACS-OS
+ [ -r ./platform.conf ]
+ . ./platform.conf
+ image_dir=image-master-14589.252268-5ac59dc89
+ [ onie = onie ]
+ create_partition
+ [ onie != build ]
+ blkid
+ grep ONIE-BOOT
+ head -n 1
+ awk {print $1}
+ sed -e s/:.*$//
+ onie_dev=/dev/sda2
+ echo /dev/sda2
+ sed -e s/[1-9][0-9]*$//
+ sed -e s/\([0-9]\)\(p\)/\1/
+ blk_dev=/dev/sda
+ blk_suffix=
+ echo /dev/sda
+ grep -q nvme0
+ cat /proc/mounts
+ awk { if($2=="/") print $1 }
+ grep /dev/sda
+ true
+ cur_part=
+ [ -b /dev/sda ]
+ [ -d /sys/firmware/efi/efivars ]
+ firmware=uefi
+ [ onie = onie ]
+ onie-sysinfo -t
+ onie_partition_type=gpt
+ [ uefi = uefi ]
+ create_demo_uefi_partition /dev/sda
+ create_demo_gpt_partition /dev/sda
+ blk_dev=/dev/sda
+ mktemp -u
+ tmpfifo=/tmp/tmp.TCBn9s
+ trap_push rm /tmp/tmp.TCBn9s || true
+ local oldcmd=true
+ local newcmd=rm /tmp/tmp.TCBn9s || true; true
+ trap -- rm /tmp/tmp.TCBn9s || true; true EXIT INT TERM HUP
+ _trap_push rm /tmp/tmp.TCBn9s || true; true
+ local next=rm /tmp/tmp.TCBn9s || true; true
+ echo rm /tmp/tmp.TCBn9s || true; true
+ sed -e s/'/'\\''/g
+ eval trap_push() {
        local oldcmd='rm /tmp/tmp.TCBn9s || true; true'
        local newcmd="$1; $oldcmd"
        trap -- "$newcmd" EXIT INT TERM HUP
        _trap_push "$newcmd"
    }
+ mkfifo -m 600 /tmp/tmp.TCBn9s
+ sgdisk -p /dev/sda
+ grep -e SONiC-OS -e ACS-OS
+ awk {print $1}
+ demo_part=3
+ [ -n 3 ]
+ + readecho -r 3 part_index

+ [ /dev/sda3 =  ]
+ echo deleting partition 3 ...
deleting partition 3 ...
+ df /dev/sda3
Filesystem           1K-blocks      Used Available Use% Mounted on
+ sgdisk -d 3 /dev/sda
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
The operation has completed successfully.
+ partprobe
+ read -r part_index
+ sgdisk -p /dev/sda
+ awk {if ($1 > 0 && $1 <= 99999) print $1}
+ all_part=1
2
+ echo 1
2
+ tail -n 1
+ awk {print $1}
+ last_part=2
+ demo_part=1
+ + echoread 1
2 -r
 used_part
+ echo Partition #1 is in use.
Partition #1 is in use.
+ [ 1 -ne 1 ]
+ expr 1 + 1
+ demo_part=2
+ read -r used_part
+ echo Partition #2 is in use.
Partition #2 is in use.
+ [ 2 -ne 2 ]
+ expr 2 + 1
+ demo_part=3
+ read -r used_part
+ echo Partition #3 is available
Partition #3 is available
+ echo Creating new SONiC-OS partition /dev/sda3 ...
Creating new SONiC-OS partition /dev/sda3 ...
+ [ OS = DIAG ]
+ attr_bitmask=0x0
+ sgdisk --new=3::+32768MB --attributes=3:=:0x0 --change-name=3:SONiC-OS /dev/sda
Could not create partition 3 from 788480 to 67897343
Unable to set partition 3's name to 'SONiC-OS'!
Error encountered; not saving changes.
+ echo Warning: The first trial of creating partition failed, trying the largest aligned available block of sectors on the disk
Warning: The first trial of creating partition failed, trying the largest aligned available block of sectors on the disk
+ sgdisk -F /dev/sda
+ begin=788480
+ sgdisk -E /dev/sda
+ end=62533262
+ sgdisk --new=3:788480:62533262 --attributes=3:=:0x0 --change-name=3:SONiC-OS /dev/sda
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
The operation has completed successfully.
+ partprobe
+ efibootmgr
+ grep -e SONiC-OS -e ACS-OS
+ awk { print $1 }
+ mount_partition
+ echo /dev/sda
+ sed -e s/\(mmcblk[0-9]\)/\1p/
+ demo_dev=/dev/sda3
+ echo /dev/sda
+ grep -q nvme0
+ mkfs.ext4 -L SONiC-OS /dev/sda3
mke2fs 1.42.13 (17-May-2015)
Discarding device blocks: done
Creating filesystem with 7718097 4k blocks and 1929536 inodes
Filesystem UUID: 67fb9ca6-5bb9-4d76-88c8-aeb0c64a3c0b
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

+ mktemp -d
+ demo_mnt=/tmp/tmp.0Gwbvz
+ trap_push  fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true
+ local oldcmd=rm /tmp/tmp.TCBn9s || true; true
+ local newcmd= fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true
+ trap --  fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true EXIT INT TERM HUP
+ _trap_push  fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true
+ local next= fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true
+ echo  fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true
+ sed -e s/'/'\\''/g
+ eval trap_push() {
        local oldcmd=' fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true'
        local newcmd="$1; $oldcmd"
        trap -- "$newcmd" EXIT INT TERM HUP
        _trap_push "$newcmd"
    }
+ mount -t ext4 -o defaults,rw /dev/sda3 /tmp/tmp.0Gwbvz
+ echo Installing SONiC to /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89
Installing SONiC to /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89
+ [ -d /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89 ]
+ mkdir /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89
+ [ x = xon ]
+ unzip -o fs.zip -x dockerfs.tar.gz platform.tar.gz -d /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89
Archive:  fs.zip
   creating: boot/
  inflating: boot/initrd.img-5.10.0-18-2-amd64
  inflating: boot/System.map-5.10.0-18-2-amd64
  inflating: boot/config-5.10.0-18-2-amd64
  inflating: boot/vmlinuz-5.10.0-18-2-amd64
  inflating: fs.squashfs
+ [ onie = onie ]
+ TAR_EXTRA_OPTION=--numeric-owner
+ mkdir -p /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/docker
+ unzip -op fs.zip dockerfs.tar.gz
+ tar xz --numeric-owner -f - -C /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/docker
+ mkdir -p /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/platform
+ unzip -op fs.zip platform.tar.gz
+ tar xz --numeric-owner -f - -C /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/platform
+ [ onie = onie ]
+ [ -f /etc/machine-build.conf ]
+ set
+ grep ^onie
+ sed -e s/='/=/ -e s/'$//
+ echo ONIE_IMAGE_PART_SIZE=32768
ONIE_IMAGE_PART_SIZE=32768
+ extra_cmdline_linux=sonic_fips=1
+ echo EXTRA_CMDLINE_LINUX=sonic_fips=1
EXTRA_CMDLINE_LINUX=sonic_fips=1
+ bootloader_menu_config
+ [ onie = onie ]
+ rm -f //tmp/onie-support*.tar.bz2
+ onie-support /tmp
Success: Support tarball created: /tmp/onie-support-cel_silverstone_dp.tar.bz2
+ mv //tmp/onie-support-cel_silverstone_dp.tar.bz2 /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/
+ [ uefi = uefi ]
+ secure_boot_state=
+ reg_sb_guid=
+ ENABLED=1
+ efivar -l
+ grep SecureBoot
+ reg_sb_guid=
+ fuser -km /tmp/tmp.0Gwbvz
+ umount /tmp/tmp.0Gwbvz
+ rm /tmp/tmp.TCBn9s
+ true
+ rc=1
+ id -u
+ [ 0 = 0 ]
+ umount /tmp/tmp.IadSE3
+ rm -rf /tmp/tmp.IadSE3
+ exit 1
Failure: Unable to install image: tftp://xx.xx.xx.xx/sonic-broadcom.bin
ONIE:/ #

@davidpil2002
Copy link
Contributor Author

thanks for the logs, I found the root cause, when grep command do not find a match is crashing the script.
I will provide a fix on Sunday/Monday

@davidpil2002
Copy link
Contributor Author

davidpil2002 commented Apr 15, 2023

The last commit fixed the last issue, it's doing the same logic as before, but with a code safer from bash errors.
Pls confirm if the PR fix the issue in your setups as well.
@gaggaman
@ITJamie
@luigitalboy

@davidpil2002
Copy link
Contributor Author

/azpw run Azure.sonic-buildimage

@mssonicbld
Copy link
Collaborator

/AzurePipelines run Azure.sonic-buildimage

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@gaggaman
Copy link

The last commit fixed the last issue, it's doing the same logic as before, but with a code safer from bash errors. Pls confirm if the PR fix the issue in your setups as well. @gaggaman @ITJamie @luigitalboy

Do you have an image for me? I don't have a build env yet.

@davidpil2002
Copy link
Contributor Author

/azpw run Azure.sonic-buildimage

@mssonicbld
Copy link
Collaborator

/AzurePipelines run Azure.sonic-buildimage

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@davidpil2002
Copy link
Contributor Author

/azpw run Azure.sonic-buildimage

@mssonicbld
Copy link
Collaborator

/AzurePipelines run Azure.sonic-buildimage

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@davidpil2002
Copy link
Contributor Author

/azpw run Azure.sonic-buildimage

@mssonicbld
Copy link
Collaborator

/AzurePipelines run Azure.sonic-buildimage

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@yejianquan
Copy link
Contributor

This PR ‘appears’ failure because there’s a test job management upgradation,
#14958
Azure.sonic-buildimage (Test kvmtest-t0) is deprecated, so the retry won't update the result of it.
Both Azure.sonic-buildimage (Test kvmtest-t0 by TestbedV2) and Azure.sonic-buildimage (Test kvmtest-t0 by TestbedV2) passed, so the t0 test job is actually passed.

Ack: the PR test passed
PS: Stackholder can merge the PR as you want even though the merger button appears to be red.

@davidpil2002
Copy link
Contributor Author

davidpil2002 commented May 28, 2023

This PR ‘appears’ failure because there’s a test job management upgradation, #14958 Azure.sonic-buildimage (Test kvmtest-t0) is deprecated, so the retry won't update the result of it. Both Azure.sonic-buildimage (Test kvmtest-t0 by TestbedV2) and Azure.sonic-buildimage (Test kvmtest-t0 by TestbedV2) passed, so the t0 test job is actually passed.

Ack: the PR test passed PS: Stackholder can merge the PR as you want even though the merger button appears to be red.

Hi @yejianquan ,
@liat-grozovik (reviewer) cannot merge when there is a failure checker.
pls can you fix the failure checker?

@davidpil2002
Copy link
Contributor Author

Hi @qiluo-msft ,

We are blocked with this merge due to a build issue, details are in the last comment (one before this one).
can you help?

@qiluo-msft qiluo-msft merged commit 7a2bb6d into sonic-net:master May 31, 2023
@DavidZagury
Copy link
Contributor

@dprital can you add request to 202211 to this PR?

sonic-otn pushed a commit to sonic-otn/sonic-buildimage that referenced this pull request Sep 20, 2023
sonic-net#14589)

…1.11 by using efivar tool instead

#### Why I did it
solution to BUG below/
sonic-net#14316
bug report also in this issue:
backport: secureboot support sonic-net#14246
#### How I did it
When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name `mokutil` this tool its not exist in ONIE version older than 2021.11 so its crasshing the install.
To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system
#### How to verify it
Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).
@krismarvell
Copy link
Contributor

Can we pls backport this PR to 202211 ?

@krismarvell
Copy link
Contributor

@qiluo-msft, I see the request to backport to 202211 is already there. Can you pls help merge to 202211 ?

bluecmd added a commit to kamelnetworks/sonic-buildimage that referenced this pull request Jan 22, 2024
bluecmd added a commit to kamelnetworks/sonic-buildimage that referenced this pull request Feb 19, 2024
bluecmd added a commit to kamelnetworks/sonic-buildimage that referenced this pull request Feb 19, 2024
bluecmd added a commit to kamelnetworks/sonic-buildimage that referenced this pull request Feb 19, 2024
bluecmd added a commit to kamelnetworks/sonic-buildimage that referenced this pull request Mar 3, 2024
bluecmd added a commit to kamelnetworks/sonic-buildimage that referenced this pull request Mar 6, 2024
mlok-nokia pushed a commit to mlok-nokia/sonic-buildimage that referenced this pull request Jun 5, 2024
bradh352 pushed a commit to bradh352/sonic-buildimage that referenced this pull request Nov 23, 2024
sonic-net#14589)

…1.11 by using efivar tool instead

#### Why I did it
solution to BUG below/
sonic-net#14316
bug report also in this issue:
backport: secureboot support sonic-net#14246
#### How I did it
When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name `mokutil` this tool its not exist in ONIE version older than 2021.11 so its crasshing the install.
To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system
#### How to verify it
Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).
bradh352 pushed a commit to bradh352/sonic-buildimage that referenced this pull request Dec 3, 2024
sonic-net#14589)

…1.11 by using efivar tool instead

#### Why I did it
solution to BUG below/
sonic-net#14316
bug report also in this issue:
backport: secureboot support sonic-net#14246
#### How I did it
When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name `mokutil` this tool its not exist in ONIE version older than 2021.11 so its crasshing the install.
To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system
#### How to verify it
Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).
bradh352 pushed a commit to bradh352/sonic-buildimage that referenced this pull request Dec 3, 2024
sonic-net#14589)

…1.11 by using efivar tool instead

#### Why I did it
solution to BUG below/
sonic-net#14316
bug report also in this issue:
backport: secureboot support sonic-net#14246
#### How I did it
When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name `mokutil` this tool its not exist in ONIE version older than 2021.11 so its crasshing the install.
To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system
#### How to verify it
Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.