-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[security] Upgrade kernel to 3.16.57-2 on 201803 branch #2116
Merged
lguohan
merged 7 commits into
sonic-net:201803
from
zhenggen-xu:201803-k-upgrade-upstream
Oct 11, 2018
Merged
[security] Upgrade kernel to 3.16.57-2 on 201803 branch #2116
lguohan
merged 7 commits into
sonic-net:201803
from
zhenggen-xu:201803-k-upgrade-upstream
Oct 11, 2018
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
can you update the kernel submodule |
It is done after the sonic-linux-kernel was merged. |
- Correct lane map in broadcom configuration - Add writes to txdisable bits for SFPs in hwsku-init - Add correct hwsku-init implementation for 201803 branch
…-xu/sonic-buildimage into zhenggen-xu-201803-k-upgrade-upstream
Signed-off-by: Guohan Lu <gulv@microsoft.com>
retest this please |
1 similar comment
retest this please |
stephenxs
added a commit
to stephenxs/sonic-buildimage
that referenced
this pull request
Mar 9, 2022
29d5d8d Use abort instead of exit in case calling SAI API failure (sonic-net#2170) 12f980c Fix issue config qos reload causing orchagent aborted via tracking dependencies among QoS tables (sonic-net#2116) 6e5ed1c [chassis][syncd][sai] Adjusting response timeout during syncd init (sonic-net#2159) 0a99f54 Try get port operational speed from STATE DB (sonic-net#2119) 828cccf [crm] Use sai_object_type_get_availability() API to get counters (sonic-net#2098) 18c73a1 Allow IPv4 link-local nexthops (sonic-net#1903) Signed-off-by: Stephen Sun <stephens@nvidia.com>
liat-grozovik
pushed a commit
that referenced
this pull request
Mar 15, 2022
Update sonic-swss with the following changes: 29d5d8d Use abort instead of exit in case calling SAI API failure (#2170) 12f980c Fix issue config qos reload causing orchagent aborted via tracking dependencies among QoS tables (#2116) 6e5ed1c [chassis][syncd][sai] Adjusting response timeout during syncd init (#2159) 0a99f54 Try get port operational speed from STATE DB (#2119) 828cccf [crm] Use sai_object_type_get_availability() API to get counters (#2098) 18c73a1 Allow IPv4 link-local nexthops (#1903) Signed-off-by: Stephen Sun <stephens@nvidia.com>
Ndancejic
pushed a commit
to Ndancejic/sonic-buildimage
that referenced
this pull request
May 3, 2022
…pendencies among QoS tables (sonic-net#2116) - What I did Fix issue config qos reload causing orchagent aborted via tracking dependencies among QoS tables 1. Track dependencies among QoS tables. 2. Won't call SAI remove API for an object if it is still referenced. 3. Support removing/replacing one field in PORT_QOS_MAP and QUEUE tables. 4. Optimize logic to handle QUEUE table. 5. Remove switch level DSCP_TO_TC map before the map is removed. 6. Add mock test - Why I did it Fix issue. - How I verified it Manually test and mock test. Signed-off-by: Stephen Sun <stephens@nvidia.com>
dprital
added a commit
to dprital/sonic-buildimage
that referenced
this pull request
May 25, 2022
Update sonic-utilities submodule pointer to include the following: * [GCU] Handling type1 lists ([sonic-net#2171](sonic-net/sonic-utilities#2171)) * [yang] extend ConfigMgmt constructor to pass YANG options ([sonic-net#2118](sonic-net/sonic-utilities#2118)) * [dump] implement ACL modules ([sonic-net#2153](sonic-net/sonic-utilities#2153)) * show commands for SYSTEM READY ([sonic-net#1851](sonic-net/sonic-utilities#1851)) * [GCU] Handling non-compliant leaf-list with string values ([sonic-net#2174](sonic-net/sonic-utilities#2174)) * Add sonic-delayed.target to Application Extension .timer file generator ([sonic-net#2176](sonic-net/sonic-utilities#2176)) * [portconfig] Allow to configure interface mtu for physical ports ([#l](https://github.com/Azure/sonic-utilities/pull/l)) * Broadcast Unknown-multicast and Unknown-unicast Storm-control ([sonic-net#928](sonic-net/sonic-utilities#928)) * sonic-utils: initial support for link-training ([sonic-net#2071](sonic-net/sonic-utilities#2071)) * [portchannel] Added ACL/PBH binding checks to the port before getting added to portchannel ([sonic-net#2151](sonic-net/sonic-utilities#2151)) * Modify override testcase to cover PORT admin_status ([sonic-net#2165](sonic-net/sonic-utilities#2165)) * [GCU] Validate peer_group_range ip_range are correct ([sonic-net#2145](sonic-net/sonic-utilities#2145)) * [auto-ts] add memory check ([sonic-net#2116](sonic-net/sonic-utilities#2116)) * support new interface types CR8/SR8/KR8/LR8 which are brougnt by SAI V.1.10.2 ([sonic-net#2167](sonic-net/sonic-utilities#2167)) * [scripts/fast-reboot] Add option to include ssd-upgrader-part boot option with SONiC partition ([sonic-net#2150](sonic-net/sonic-utilities#2150)) * [config reload] Fix invalid rstrip. ([sonic-net#2157](sonic-net/sonic-utilities#2157)) * Accept 0 for queue and dscp ([sonic-net#2162](sonic-net/sonic-utilities#2162)) Signed-off-by: dprital <drorp@nvidia.com>
6 tasks
stepanblyschak
added a commit
to stepanblyschak/sonic-buildimage
that referenced
this pull request
May 27, 2022
``` 3d3c89b fix for non-coherent cmis modules (sonic-net#2163) 2054680 [subinterface] Fix route add command to accept subinterface as dev (sonic-net#2180) 5383e92 [subinterface]Avoid removing the subinterface when last configured ip is removed (sonic-net#2181) f5af780 [GCU] Handling type1 lists (sonic-net#2171) 4516179 [yang] extend ConfigMgmt constructor to pass YANG options (sonic-net#2118) 2f53bd4 [dump] implement ACL modules (sonic-net#2153) 494dd62 show commands for SYSTEM READY (sonic-net#1851) 4fc09b1 [GCU] Handling non-compliant leaf-list with string values (sonic-net#2174) 675c7b6 Add sonic-delayed.target to Application Extension .timer file generator (sonic-net#2176) c587933 [portconfig] Allow to configure interface mtu for physical ports only 9881f3e Broadcast Unknown-multicast and Unknown-unicast Storm-control (sonic-net#928) 88286cb sonic-utils: initial support for link-training (sonic-net#2071) 29503ab [portchannel] Added ACL/PBH binding checks to the port before getting added to portchannel (sonic-net#2151) ac89489 Modify override testcase to cover PORT admin_status (sonic-net#2165) d7953d2 [GCU] Validate peer_group_range ip_range are correct (sonic-net#2145) aa81b97 [auto-ts] add memory check (sonic-net#2116) b370290 support new interface types CR8/SR8/KR8/LR8 which are brougnt by SAI V.1.10.2 (sonic-net#2167) 87fc0a4 [scripts/fast-reboot] Add option to include ssd-upgrader-part boot option with SONiC partition (sonic-net#2150) 90abc07 [config reload] Fix invalid rstrip. (sonic-net#2157) fac1769 Accept 0 for queue and dscp (sonic-net#2162) ``` Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
wen587
added a commit
that referenced
this pull request
Jun 13, 2022
29503ab [portchannel] Added ACL/PBH binding checks to the port before getting added to portchannel (#2151) ac89489 Modify override testcase to cover PORT admin_status (#2165) d7953d2 [GCU] Validate peer_group_range ip_range are correct (#2145) aa81b97 [auto-ts] add memory check (#2116) b370290 support new interface types CR8/SR8/KR8/LR8 which are brougnt by SAI V.1.10.2 (#2167) 87fc0a4 [scripts/fast-reboot] Add option to include ssd-upgrader-part boot option with SONiC partition (#2150) 90abc07 [config reload] Fix invalid rstrip. (#2157) fac1769 Accept 0 for queue and dscp (#2162)
volodymyrsamotiy
added a commit
to volodymyrsamotiy/sonic-buildimage
that referenced
this pull request
Oct 3, 2022
* be7da6b [sonic-installer] use host docker startup arguments when running dockerd in chroot (sonic-net#2179) (sonic-net#2407) * d112f7c [202205][auto-ts] add memory check (sonic-net#2116) (sonic-net#2413) Signed-off-by: Volodymyr Samotiy <volodymyrs@nvidia.com>
7 tasks
dgsudharsan
added a commit
to dgsudharsan/sonic-buildimage
that referenced
this pull request
Oct 3, 2022
To get following fixes: be7da6b [sonic-installer] use host docker startup arguments when running dockerd in chroot (sonic-net#2179) (sonic-net#2407) d112f7c [202205][auto-ts] add memory check (sonic-net#2116) (sonic-net#2413)
7 tasks
vivekrnv
added a commit
to vivekrnv/sonic-buildimage
that referenced
this pull request
Oct 4, 2022
be7da6b [sonic-installer] use host docker startup arguments when running dockerd in chroot (sonic-net#2179) (sonic-net#2407) d112f7c [202205][auto-ts] add memory check (sonic-net#2116) (sonic-net#2413) Signed-off-by: Vivek Reddy <vkarri@nvidia.com>
7 tasks
stepanblyschak
added a commit
to stepanblyschak/sonic-buildimage
that referenced
this pull request
Oct 5, 2022
``` 99425a8 (HEAD -> 202205, origin/202205) [actions] Support Semgrep by Github Actions (sonic-net#2417) f41e4d1 Fix for show vxlan tunnel command display issue sonic-net#11902 (sonic-net#2391) e1d827e [VxLAN]Fix Vxlan delete command to throw error when there are references (sonic-net#2404) d77acf8 [doc] add documentation on automatic techsupport based on memory (sonic-net#2411) 2cfc75a [doc] update "config feature" section with "--block" option (sonic-net#2409) 9dc8471 [Vxlanmgrd] [CPA] Update the vxlan_tunnel name len to be under IFNAMIZ to overcome netdev creation failure (sonic-net#2398) 342589e Added cisco config platform commands (sonic-net#2242) (sonic-net#2418) be7da6b [sonic-installer] use host docker startup arguments when running dockerd in chroot (sonic-net#2179) (sonic-net#2407) d112f7c [202205][auto-ts] add memory check (sonic-net#2116) (sonic-net#2413) ``` Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
liat-grozovik
pushed a commit
that referenced
this pull request
Oct 6, 2022
7 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
- What I did
Upgrade kernel to 3.16.57-2 on 201803 branch
to fix security issues like:
https://www.debian.org/security/2018/dsa-4120
https://www.debian.org/security/2018/dsa-4179
https://www.debian.org/security/2018/dsa-4187
https://www.debian.org/security/2018/dsa-4188
https://www.debian.org/security/2018/dsa-4196
and more.
- How I did it
Use the code in sonic-linux-kernel PR:
sonic-net/sonic-linux-kernel#68
Fix all modules that rely on kernel modules at sonic-buildimage
- How to verify it
Built opennsl module locally with the sonic-linux-kernel code 3.16.57-2, point the mk file to that module.
Build onie image and loaded to the box with BRCM chip:
sonic:~$uname -a
Linux lnos-x1-a-asw03 3.16.0-6-amd64 #1 SMP Debian 3.16.57-2 (2015-12-19) x86_64 GNU/Linux
sonic:~$ show interfaces status
Interface Lanes Speed MTU Alias Oper Admin
Ethernet0 65 10G 9100 Eth1/1 down up
Ethernet1 66 10G 9100 Eth1/2 down up
Ethernet2 67 10G 9100 Eth1/3 down up
Ethernet3 68 10G 9100 Eth1/4 down up
Ethernet4 69 10G 9100 Eth2/1 down up
Ethernet5 70 10G 9100 Eth2/2 down up
Ethernet6 71 10G 9100 Eth2/3 down up
Ethernet7 72 10G 9100 Eth2/4 down up
Ethernet8 73 10G 9100 Eth3/1 up up
Ethernet9 74 10G 9100 Eth3/2 up up
Ethernet10 75 10G 9100 Eth3/3 down up
Note: The opennsl module should be updated to MSFT official one before merge. Other ASIC vendors binary links need to be updated as well.
Test:
show ver
SONiC Software Version: SONiC.HEAD.3000-0a5337f
Distribution: Debian 8.11
Kernel: 3.16.0-6-amd64
Build commit: 0a5337f
Build date: Fri Oct 5 19:56:19 UTC 2018
Built by: johnar@jenkins-worker-1
Summary:
TestSuite: acl Pass: 276 Fail: 0
TestSuite: arp Pass: 98 Fail: 0
TestSuite: bgp_fact Pass: 59 Fail: 0
TestSuite: continuous_reboot Pass: 112 Fail: 0
TestSuite: everflow_testbed Pass: 493 Fail: 0
TestSuite: fib Pass: 67 Fail: 0
TestSuite: lldp Pass: 62 Fail: 0
TestSuite: link_flap Pass: 564 Fail: 0
TestSuite: mem_check Pass: 56 Fail: 0
TestSuite: mtu Pass: 62 Fail: 0
TestSuite: port_toggle Pass: 61 Fail: 0
TestSuite: reboot Pass: 69 Fail: 0
TestSuite: repeat_harness Pass: 61 Fail: 0
TestSuite: restart_swss Pass: 53 Fail: 0
TestSuite: restart_swss_service Pass: 69 Fail: 0
TestSuite: sensors Pass: 59 Fail: 0
TestSuite: syslog Pass: 79 Fail: 0
Total Pass: 2300 Total Fail: 0
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)