Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[security kernel] Upgrade kernel from 4.9.110-3+deb9u2 to 4.9.110-3+deb9u6 #2367

Merged
merged 2 commits into from
Dec 11, 2018

Conversation

zhenggen-xu
Copy link
Collaborator

short version: 4.9.0-7 to 4.9.0-8

See changelogs for security fixes:
https://tracker.debian.org/media/packages/l/linux/changelog-4.9.110-3deb9u6

Signed-off-by: Zhenggen Xu zxu@linkedin.com

This PR is depending on sonic-net/sonic-linux-kernel#72

- What I did
Upgrade kernel from 4.9.110-3+deb9u2 to 4.9.110-3+deb9u6

fix security issues below:
linux (4.9.110-3+deb9u6) stretch-security; urgency=high

  • [arm64] KVM: Tighten guest core register access from userspace
    (CVE-2018-18021)
  • [arm64] KVM: Sanitize PSTATE.M when being set from userspace
    (CVE-2018-18021)
  • xen-netback: fix input validation in xenvif_set_hash_mapping()
    (CVE-2018-15471)

-- Salvatore Bonaccorso carnil@debian.org Mon, 08 Oct 2018 08:05:17 +0200

linux (4.9.110-3+deb9u5) stretch-security; urgency=high

[ Salvatore Bonaccorso ]

  • irda: Fix memory leak caused by repeated binds of irda socket
    (CVE-2018-6554)
  • irda: Only insert new objects into the global database via setsockopt
    (CVE-2018-6555)
  • mm: get rid of vmacache_flush_all() entirely (CVE-2018-17182)
  • floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
    (CVE-2018-7755)
  • Bluetooth: hidp: buffer overflow in hidp_process_report (CVE-2018-9363)
  • ALSA: rawmidi: Change resized buffers atomically (CVE-2018-10902)
  • scsi: target: iscsi: Use hex2bin instead of a re-implementation
    (CVE-2018-14633)
  • [x86] entry/64: Remove %ebx handling from error_entry/exit
    (CVE-2018-14678)
  • infiniband: fix a possible use-after-free bug (CVE-2018-14734)
  • [x86] speculation: Protect against userspace-userspace spectreRSB
    (CVE-2018-15572)
  • [x86] paravirt: Fix spectre-v2 mitigations for paravirt guests
    (CVE-2018-15594)

[ Ben Hutchings ]

  • mm: Avoid ABI change for CVE-2018-17182 fix
  • HID: debug: check length before copy_to_user() (CVE-2018-9516)
  • Cipso: cipso_v4_optptr enter infinite loop (CVE-2018-10938)
  • f2fs: fix to do sanity check with reserved blkaddr of inline inode
    (CVE-2018-13099)
  • btrfs: relocation: Only remove reloc rb_trees if reloc control has been
    initialized (CVE-2018-14609)
  • hfsplus: fix NULL dereference in hfsplus_lookup() (CVE-2018-14617)
  • USB: yurex: fix out-of-bounds uaccess in read handler (CVE-2018-16276)
  • cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (CVE-2018-16658)

-- Ben Hutchings ben@decadent.org.uk Sun, 30 Sep 2018 17:37:51 +0100

linux (4.9.110-3+deb9u4) stretch-security; urgency=high

  • init: rename and re-order boot_cpu_state_init()
    Adresses boot failures on arm* systems. (Closes: #906769)
  • Sync "cpu/hotplug: Boot HT siblings at least once" from 4.9.120
  • Sync "cpu/hotplug: Non-SMP machines do not make use of booted_once" from
    4.9.120
  • Refresh features/all/rt/0157-softirq-Split-softirq-locks.patch patch.
    Adjust context after applying "init: rename and re-order
    boot_cpu_state_init()".

-- Salvatore Bonaccorso carnil@debian.org Tue, 21 Aug 2018 16:50:09 +0200

linux (4.9.110-3+deb9u3) stretch-security; urgency=high

[ Salvatore Bonaccorso ]

  • Add L1 Terminal Fault fixes (CVE-2018-3620, CVE-2018-3646)
    • [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
    • [x86] mm: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
    • [x86] speculation/l1tf: Change order of offset/type in swap entry
    • [x86] speculation/l1tf: Protect swap entries against L1TF
    • [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation
    • [x86] speculation/l1tf: Make sure the first page is always reserved
    • [x86] speculation/l1tf: Add sysfs reporting for l1tf
    • [x86] speculation/l1tf: Disallow non privileged high MMIO PROT_NONE
      mappings
    • [x86] speculation/l1tf: Limit swap file size to MAX_PA/2
    • [x86] bugs: Move the l1tf function and define pr_fmt properly
    • [x86] smp: Provide topology_is_primary_thread()
    • [x86] topology: Provide topology_smt_supported()
    • cpu/hotplug: Make bringup/teardown of smp threads symmetric
    • cpu/hotplug: Split do_cpu_down()
    • cpu/hotplug: Provide knobs to control SMT
    • [x86] cpu: Remove the pointless CPU printout
    • [x86] cpu/AMD: Remove the pointless detect_ht() call
    • [x86] cpu/common: Provide detect_ht_early()
    • [x86] cpu/topology: Provide detect_extended_topology_early()
    • [x86] cpu/intel: Evaluate smp_num_siblings early
    • [x86] CPU/AMD: Do not check CPUID max ext level before parsing SMP
      info
    • [x86] cpu/AMD: Evaluate smp_num_siblings early
    • [x86] apic: Ignore secondary threads if nosmt=force
    • [x86] speculation/l1tf: Extend 64bit swap file size limit
    • [x86] cpufeatures: Add detection of L1D cache flush support.
    • [x86] CPU/AMD: Move TOPOEXT reenablement before reading
      smp_num_siblings
    • [x86] speculation/l1tf: Protect PAE swap entries against L1TF
    • [x86] speculation/l1tf: Fix up pte->pfn conversion for PAE
    • Revert "[x86] apic: Ignore secondary threads if nosmt=force"
    • cpu/hotplug: Boot HT siblings at least once
    • [x86] KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being
      present
    • [x86] KVM/VMX: Add module argument for L1TF mitigation
    • [x86] KVM/VMX: Add L1D flush algorithm
    • [x86] KVM/VMX: Add L1D MSR based flush
    • [x86] KVM/VMX: Add L1D flush logic
    • kvm: nVMX: Update MSR load counts on a VMCS switch
    • [x86] KVM/VMX: Split the VMX MSR LOAD structures to have an
      host/guest numbers
    • [x86] KVM/VMX: Add find_msr() helper function
    • [x86] KVM/VMX: Separate the VMX AUTOLOAD guest/host number
      accounting
    • [x86] KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only
      MSRs
    • [x86] KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
    • cpu/hotplug: Online siblings when SMT control is turned on
    • [x86] litf: Introduce vmx status variable
    • [x86] kvm: Drop L1TF MSR list approach
    • [x86] l1tf: Handle EPT disabled state proper
    • [x86] kvm: Move l1tf setup function
    • [x86] kvm: Add static key for flush always
    • [x86] kvm: Serialize L1D flush parameter setter
    • [x86] kvm: Allow runtime control of L1D flush
    • cpu/hotplug: Expose SMT control init function
    • cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
    • [x86] bugs, kvm: Introduce boot-time control of L1TF mitigations
    • Documentation: Add section about CPU vulnerabilities
    • [x86] KVM/VMX: Initialize the vmx_l1d_flush_pages' content
    • Documentation/l1tf: Fix typos
    • cpu/hotplug: detect SMT disabled by BIOS
    • [x86] KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
    • [x86] KVM/VMX: Replace 'vmx_l1d_flush_always' with
      'vmx_l1d_flush_cond'
    • [x86] KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
    • [x86] irq: Demote irq_cpustat_t::__softirq_pending to u16
    • [x86] KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
    • [x86] Don't include linux/irq.h from asm/hardirq.h
    • [x86] irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
    • [x86] KVM/VMX: Don't set l1tf_flush_l1d from
      vmx_handle_external_intr()
    • Documentation/l1tf: Remove Yonah processors from not vulnerable
      list
    • [x86] KVM: x86: Add a framework for supporting MSR-based features
    • KVM: SVM: Add MSR-based feature support for serializing LFENCE
    • [x86] KVM: X86: Introduce kvm_get_msr_feature()
    • [x86] KVM: X86: Allow userspace to define the microcode version
    • KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
    • [x86] speculation: Simplify sysfs report of VMX L1TF vulnerability
    • [x86] speculation: Use ARCH_CAPABILITIES to skip L1D flush on
      vmentry
    • KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
    • cpu/hotplug: Fix SMT supported evaluation
    • [x86] speculation/l1tf: Invert all not present mappings
    • [x86] speculation/l1tf: Make pmd/pud_mknotpresent() invert
    • [x86] mm/pat: Make set_memory_np() L1TF safe
    • [x86] mm/kmmio: Make the tracer robust against L1TF
    • tools headers: Synchronise x86 cpufeatures.h for L1TF additions
    • [x86] microcode: Do not upload microcode if CPUs are offline
    • [x86] microcode: Allow late microcode loading with SMT disabled
    • [x86] smp: fix non-SMP broken build due to redefinition of
      apic_id_is_primary_thread
    • cpu/hotplug: Non-SMP machines do not make use of booted_once
    • [x86] init: fix build with CONFIG_SWAP=n
    • [x86] speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED
      architectures
    • [x86] cpu/amd: Limit cpu_core_id fixup to families older than F17h
    • [x86] CPU/AMD: Have smp_num_siblings and cpu_llc_id always be
      present
    • [x86] l1tf: Fix build error seen if CONFIG_KVM_INTEL is disabled
    • [x86] i8259: Add missing include file
    • [x86] speculation/l1tf: Exempt zeroed PTEs from inversion

[ Yves-Alexis Perez ]

  • [rt] refresh 0284-cpu-rt-Rework-cpu-down-for-PREEMPT_RT and
    0286-kernel-cpu-fix-cpu-down-problem-if-kthread-s-cpu-is- context after
    applying L1TF fixes.
  • [rt] update 0281-random-Make-it-work-on-rt to fix builds with recent
    compilers.

[ Ben Hutchings ]

  • Bump ABI to 8

-- Salvatore Bonaccorso carnil@debian.org Sun, 19 Aug 2018 15:36:38 +0200

- How I did it
See PR changes.

- How to verify it
Image built and loaded on the one platform (BRCM based).
show version
SONiC Software Version: SONiC.kernel-upgrade.0-aa51611
Distribution: Debian 9.6
Kernel: 4.9.0-8-amd64

uname -a
Linux lnos-x1-a-asw04 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 GNU/Linux

ii linux-image-4.9.0-8-amd64 4.9.110-3+deb9u6 amd64 Linux 4.9 for 64-bit PCs
ii opennsl-modules-4.9.0-8-amd64 3.4.1.11-1 amd64 kernel modules for broadcom SAI

Below worked fine.
show platform summary
show platform syseeprom
show interface status
show interfaces transceiver eeprom

- Description for the changelog

- A picture of a cute animal (not mandatory but encouraged)

@lguohan
Copy link
Collaborator

lguohan commented Dec 8, 2018

can you update the kernel submodule?

@stcheng
Copy link
Contributor

stcheng commented Dec 9, 2018

we might need to define this kernel version variable somewhere in the future

@qiluo-msft
Copy link
Collaborator

Thanks for the PR! Could you please resolve the conflict?

…eb9u6

short version: 4.9.0-7 to 4.9.0-8

See changelogs for security fixes:
https://tracker.debian.org/media/packages/l/linux/changelog-4.9.110-3deb9u6

Signed-off-by: Zhenggen Xu <zxu@linkedin.com>
Signed-off-by: Zhenggen Xu <zxu@linkedin.com>
@zhenggen-xu
Copy link
Collaborator Author

Thanks for the PR! Could you please resolve the conflict?

Rebased.

@lguohan lguohan merged commit f093ef2 into sonic-net:master Dec 11, 2018
@zhenggen-xu zhenggen-xu deleted the kernel-upgrade branch June 7, 2019 19:34
yxieca added a commit to yxieca/sonic-buildimage that referenced this pull request Jul 28, 2022
…rm-common] advance submodule head

linkmgrd:
* e0fe1d4 2022-07-27 | TSA enhancement (sonic-net#98) (HEAD -> 202205) [Jing Zhang]

utilities:
* 7d7e15e 2022-07-18 | [vnet_route_check] Align DB data parse logic with format used by swsscommon API (sonic-net#2268) (HEAD -> 202205) [Volodymyr Samotiy]
* b3d5d18 2022-07-20 | [MultiAsic] sudo reboot command doesn't gracefully stop Asic syncd# on multiasic platform (sonic-net#2258) [Marty Y. Lok]
* 504ebe6 2022-07-08 | Add 'traffic_shift_away' option to config load_minigraph (sonic-net#2240) [tjchadaga]
* 4079e4a 2022-06-20 | Gives cisco-8000 more flexibility to easily add subcommnads under show platform (sonic-net#2213) [Nathan Cohen]
* 46443c6 2022-07-27 | Update db_migrator to support `PORT_QOS_MAP|global` (sonic-net#2205) [bingwang-ms]
* d7fbdd6 2022-05-26 | fix for non-coherent cmis modules (sonic-net#2163) [qinchuanares]
* 79b4439 2022-06-24 | [sfpshow/sfputil] Enhance sfpshow and sfputil to behavior correctly on RJ45 ports (sonic-net#2111) [Kebo Liu]

swss:
* 275f311 2022-07-26 | [DualToR] Handle race condition between tunnel_decap and mux orchestrator (sonic-net#2397) (HEAD -> 202205) [Devesh Pathak]
* 47586e8 2022-07-22 | [EVPN]Fix missing Vlan member update notification in P2MP scenario (sonic-net#2388) [Sudharsan Dhamal Gopalarathnam]
* 7d5c73f 2022-07-19 | [macsecmgr]: Fix cleanup macsec objs if container stop (sonic-net#2376) [Ze Gan]
* c03996f 2022-07-17 | [orchagent]: Enhance initSaiPhyApi (sonic-net#2367) [andywongarista]
* 57890d7 2022-07-27 | Fix for remote system interface not getting created (sonic-net#2364) [skeesara-nokia]
* 1a93ec9 2022-07-13 | Orchagent changes for synchronizing npu/phy device Tx in the data path before enabling transceiver<CMIS compliant> Tx. (sonic-net#2277) [jaganbal-a]

sairedis:
* a4903be 2022-07-20 | Update PN with XPN support (sonic-net#1081) (HEAD -> 202205, github/202205) [Ze Gan]
* 2cb5671 2022-07-27 | Add SAI_OBJECT_TYPE_TUNNEL object to break-before-make list (sonic-net#1075) [Vaibhav Hemant Dixit]

platform-daemon:
* 901c6a1 2022-06-28 | [CMIS]Improved 400G link bring up sequence (sonic-net#254) (HEAD -> 202205) [Prince George]

platform-common:
* f223b3f 2022-07-09 | Support get_port_or_cage_type (sonic-net#288) (HEAD -> 202205) [Stephen Sun]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
yxieca added a commit that referenced this pull request Jul 29, 2022
…rm-common] advance submodule head (#11578)

linkmgrd:
* e0fe1d4 2022-07-27 | TSA enhancement (#98) (HEAD -> 202205) [Jing Zhang]

utilities:
* 7d7e15e 2022-07-18 | [vnet_route_check] Align DB data parse logic with format used by swsscommon API (#2268) (HEAD -> 202205) [Volodymyr Samotiy]
* b3d5d18 2022-07-20 | [MultiAsic] sudo reboot command doesn't gracefully stop Asic syncd# on multiasic platform (#2258) [Marty Y. Lok]
* 504ebe6 2022-07-08 | Add 'traffic_shift_away' option to config load_minigraph (#2240) [tjchadaga]
* 4079e4a 2022-06-20 | Gives cisco-8000 more flexibility to easily add subcommnads under show platform (#2213) [Nathan Cohen]
* 46443c6 2022-07-27 | Update db_migrator to support `PORT_QOS_MAP|global` (#2205) [bingwang-ms]
* d7fbdd6 2022-05-26 | fix for non-coherent cmis modules (#2163) [qinchuanares]
* 79b4439 2022-06-24 | [sfpshow/sfputil] Enhance sfpshow and sfputil to behavior correctly on RJ45 ports (#2111) [Kebo Liu]

swss:
* 275f311 2022-07-26 | [DualToR] Handle race condition between tunnel_decap and mux orchestrator (#2397) (HEAD -> 202205) [Devesh Pathak]
* 47586e8 2022-07-22 | [EVPN]Fix missing Vlan member update notification in P2MP scenario (#2388) [Sudharsan Dhamal Gopalarathnam]
* 7d5c73f 2022-07-19 | [macsecmgr]: Fix cleanup macsec objs if container stop (#2376) [Ze Gan]
* c03996f 2022-07-17 | [orchagent]: Enhance initSaiPhyApi (#2367) [andywongarista]
* 57890d7 2022-07-27 | Fix for remote system interface not getting created (#2364) [skeesara-nokia]
* 1a93ec9 2022-07-13 | Orchagent changes for synchronizing npu/phy device Tx in the data path before enabling transceiver<CMIS compliant> Tx. (#2277) [jaganbal-a]

sairedis:
* a4903be 2022-07-20 | Update PN with XPN support (#1081) (HEAD -> 202205, github/202205) [Ze Gan]
* 2cb5671 2022-07-27 | Add SAI_OBJECT_TYPE_TUNNEL object to break-before-make list (#1075) [Vaibhav Hemant Dixit]

platform-daemon:
* 901c6a1 2022-06-28 | [CMIS]Improved 400G link bring up sequence (#254) (HEAD -> 202205) [Prince George]

platform-common:
* f223b3f 2022-07-09 | Support get_port_or_cage_type (#288) (HEAD -> 202205) [Stephen Sun]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
skbarista pushed a commit to skbarista/sonic-buildimage that referenced this pull request Aug 17, 2022
…rm-common] advance submodule head (sonic-net#11578)

linkmgrd:
* e0fe1d4 2022-07-27 | TSA enhancement (sonic-net#98) (HEAD -> 202205) [Jing Zhang]

utilities:
* 7d7e15e 2022-07-18 | [vnet_route_check] Align DB data parse logic with format used by swsscommon API (sonic-net#2268) (HEAD -> 202205) [Volodymyr Samotiy]
* b3d5d18 2022-07-20 | [MultiAsic] sudo reboot command doesn't gracefully stop Asic syncd# on multiasic platform (sonic-net#2258) [Marty Y. Lok]
* 504ebe6 2022-07-08 | Add 'traffic_shift_away' option to config load_minigraph (sonic-net#2240) [tjchadaga]
* 4079e4a 2022-06-20 | Gives cisco-8000 more flexibility to easily add subcommnads under show platform (sonic-net#2213) [Nathan Cohen]
* 46443c6 2022-07-27 | Update db_migrator to support `PORT_QOS_MAP|global` (sonic-net#2205) [bingwang-ms]
* d7fbdd6 2022-05-26 | fix for non-coherent cmis modules (sonic-net#2163) [qinchuanares]
* 79b4439 2022-06-24 | [sfpshow/sfputil] Enhance sfpshow and sfputil to behavior correctly on RJ45 ports (sonic-net#2111) [Kebo Liu]

swss:
* 275f311 2022-07-26 | [DualToR] Handle race condition between tunnel_decap and mux orchestrator (sonic-net#2397) (HEAD -> 202205) [Devesh Pathak]
* 47586e8 2022-07-22 | [EVPN]Fix missing Vlan member update notification in P2MP scenario (sonic-net#2388) [Sudharsan Dhamal Gopalarathnam]
* 7d5c73f 2022-07-19 | [macsecmgr]: Fix cleanup macsec objs if container stop (sonic-net#2376) [Ze Gan]
* c03996f 2022-07-17 | [orchagent]: Enhance initSaiPhyApi (sonic-net#2367) [andywongarista]
* 57890d7 2022-07-27 | Fix for remote system interface not getting created (sonic-net#2364) [skeesara-nokia]
* 1a93ec9 2022-07-13 | Orchagent changes for synchronizing npu/phy device Tx in the data path before enabling transceiver<CMIS compliant> Tx. (sonic-net#2277) [jaganbal-a]

sairedis:
* a4903be 2022-07-20 | Update PN with XPN support (sonic-net#1081) (HEAD -> 202205, github/202205) [Ze Gan]
* 2cb5671 2022-07-27 | Add SAI_OBJECT_TYPE_TUNNEL object to break-before-make list (sonic-net#1075) [Vaibhav Hemant Dixit]

platform-daemon:
* 901c6a1 2022-06-28 | [CMIS]Improved 400G link bring up sequence (sonic-net#254) (HEAD -> 202205) [Prince George]

platform-common:
* f223b3f 2022-07-09 | Support get_port_or_cage_type (sonic-net#288) (HEAD -> 202205) [Stephen Sun]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
vivekrnv pushed a commit to vivekrnv/sonic-buildimage that referenced this pull request Aug 26, 2022
* Add support for generic hwinfo string in gearbox_config.json
The SAI_SWITCH_ATTR_SWITCH_HARDWARE_INFO formatting is vendor specific.
 * Remove the formating check that assumes its of the mdio sysfs format
 * Note the the count remains without including the NULL termintor,
   which is not compliant with the SAI header definintion that indicates
   a NULL terminated string.

Signed-off-by: aaronp@arista.com

* Add support to allow Firmware Major Version to return unsupported"

Some external phys do not support Firmware upgrades and therefore
do not have a firmware version.
The SAI_SWITCH_ATTR_FIRMWARE_MAJOR_VERSION may return
SAI_STATUS_ATTR_NOT_SUPPORTED which needs to be gracefully
supported and allow the phy to be created.
* Allow SAI_STATUS_NOT_SUPPORTED return value and set
  version to empty string.

Signed-off-by: Aaron Payment <aaronp@arista.com>

* Address review comments
* Address review comments, fix hwinfo

Co-authored-by: Aaron Payment <aaronp@arista.com>
vivekrnv pushed a commit to vivekrnv/sonic-buildimage that referenced this pull request Aug 26, 2022
What I did
Revert change from sonic-net#2367 which increases count associated with SAI_SWITCH_ATTR_SWITCH_HARDWARE_INFO by 1, as well as the memset.

Why I did it
Original intention of this change was to accommodate sairedis behaviour when copying null-terminated string; original behaviour is that the null-terminator would not be copied and so receiver of the hwinfo (PAI) would see non-null terminated string.

Reverting this change so that old behaviour is maintained and PAI driver is responsible for not relying on string to be null terminated.
dprital added a commit to dprital/sonic-buildimage that referenced this pull request Sep 21, 2022
Update sonic-utilities submodule pointer to include the following:
* 0a7557b [minigraph] add option to specify golden path in load_minigraph ([sonic-net#2350](sonic-net/sonic-utilities#2350))
* 322aefc [GCU]Remove GCU unique lane check for duplicate lanes platforms ([sonic-net#2343](sonic-net/sonic-utilities#2343))
* 7099fff [fastboot] fastboot enhancement: Use warm-boot infrastructure for fast-boot ([sonic-net#2286](sonic-net/sonic-utilities#2286))
* 09026ed [warm-reboot] fix warm-reboot when /tmp/cache is missing ([sonic-net#2367](sonic-net/sonic-utilities#2367))
* a3c404c Fix typo in platform_sfputil_helper.is_rj45_port ([sonic-net#2374](sonic-net/sonic-utilities#2374))
* 637d834 Vnet_route_check Vxlan tunnel route update. ([sonic-net#2281](sonic-net/sonic-utilities#2281))
* 29a3e51 Added support for tunnel route status in show vnet routes all. ([sonic-net#2341](sonic-net/sonic-utilities#2341))
* 1ac584b Use 'default' VRF when VRF name is not provided ([sonic-net#2368](sonic-net/sonic-utilities#2368))
* 4d377a6 [subinterface]Added additional checks in portchannel and subinterface commands ([sonic-net#2345](sonic-net/sonic-utilities#2345))
* bbcdf2e disk_check: Publish event  for RO state ([sonic-net#2320](sonic-net/sonic-utilities#2320))
* 3fd537b Support the bandit check by GitHub Action ([sonic-net#2358](sonic-net/sonic-utilities#2358))
* 491d3d3 [generate dump]Added error message when saisdkdump fails ([sonic-net#2356](sonic-net/sonic-utilities#2356))
* 6830e01 [counterpoll]Fixing counterpoll show for tunnel and acl stats ([sonic-net#2355](sonic-net/sonic-utilities#2355))
* 3be2ad7 [fast-reboot]Avoid stopping masked services during fast-reboot ([sonic-net#2335](sonic-net/sonic-utilities#2335))
* 0e1b0cf [GCU] Fix missing backend in dry run ([sonic-net#2347](sonic-net/sonic-utilities#2347))
* 676c31b Add verification for override ([sonic-net#2305](sonic-net/sonic-utilities#2305))
* 48997c2 Add Password Hardening CLI support ([sonic-net#2338](sonic-net/sonic-utilities#2338))
* 414e239 update unit tests for swap ([#locato](https://github.com/sonic-net/sonic-utilities/pull/locato))
* a91a492 consider swap checking memory in ([#stalle](https://github.com/sonic-net/sonic-utilities/pull/stalle))
* f0ce586 [route_check]: Ignore standalone tunnel routes ([sonic-net#2325](sonic-net/sonic-utilities#2325))

Signed-off-by: dprital <drorp@nvidia.com>
@wen587 wen587 mentioned this pull request Sep 23, 2022
7 tasks
qiluo-msft pushed a commit that referenced this pull request Oct 1, 2022
0a7557bd9 [minigraph] add option to specify golden path in load_minigraph (#2350)
322aefc37 [GCU]Remove GCU unique lane check for duplicate lanes platforms (#2343)
7099fffa7 [fastboot] fastboot enhancement: Use warm-boot infrastructure for fast-boot (#2286)
09026edbb [warm-reboot] fix warm-reboot when /tmp/cache is missing (#2367)
a3c404c74 Fix typo in platform_sfputil_helper.is_rj45_port (#2374)
637d834ce Vnet_route_check Vxlan tunnel route update. (#2281)
29a3e5180 Added support for tunnel route status in show vnet routes all. (#2341)
1ac584bb3 Use 'default' VRF when VRF name is not provided (#2368)
4d377a620 [subinterface]Added additional checks in portchannel and subinterface commands (#2345)
bbcdf2ed7 disk_check: Publish event  for RO state (#2320)
3fd537b0a Support the bandit check by GitHub Action (#2358)
491d3d380 [generate dump]Added error message when saisdkdump fails (#2356)
6830e01ec [counterpoll]Fixing counterpoll show for tunnel and acl stats (#2355)
3be2ad7de [fast-reboot]Avoid stopping masked services during fast-reboot (#2335)
0e1b0cf20 [GCU] Fix missing backend in dry run (#2347)
676c31bd0 Add verification for override (#2305)
48997c266 Add Password Hardening CLI support (#2338)
414e239ea update unit tests for swap allocator
a91a4922f consider swap checking memory in installer
f0ce58635 [route_check]: Ignore standalone tunnel routes (#2325)
roberthong-qct pushed a commit to QuantaSwitch/sonic-buildimage that referenced this pull request Nov 18, 2022
0a7557bd9 [minigraph] add option to specify golden path in load_minigraph (sonic-net#2350)
322aefc37 [GCU]Remove GCU unique lane check for duplicate lanes platforms (sonic-net#2343)
7099fffa7 [fastboot] fastboot enhancement: Use warm-boot infrastructure for fast-boot (sonic-net#2286)
09026edbb [warm-reboot] fix warm-reboot when /tmp/cache is missing (sonic-net#2367)
a3c404c74 Fix typo in platform_sfputil_helper.is_rj45_port (sonic-net#2374)
637d834ce Vnet_route_check Vxlan tunnel route update. (sonic-net#2281)
29a3e5180 Added support for tunnel route status in show vnet routes all. (sonic-net#2341)
1ac584bb3 Use 'default' VRF when VRF name is not provided (sonic-net#2368)
4d377a620 [subinterface]Added additional checks in portchannel and subinterface commands (sonic-net#2345)
bbcdf2ed7 disk_check: Publish event  for RO state (sonic-net#2320)
3fd537b0a Support the bandit check by GitHub Action (sonic-net#2358)
491d3d380 [generate dump]Added error message when saisdkdump fails (sonic-net#2356)
6830e01ec [counterpoll]Fixing counterpoll show for tunnel and acl stats (sonic-net#2355)
3be2ad7de [fast-reboot]Avoid stopping masked services during fast-reboot (sonic-net#2335)
0e1b0cf20 [GCU] Fix missing backend in dry run (sonic-net#2347)
676c31bd0 Add verification for override (sonic-net#2305)
48997c266 Add Password Hardening CLI support (sonic-net#2338)
414e239ea update unit tests for swap allocator
a91a4922f consider swap checking memory in installer
f0ce58635 [route_check]: Ignore standalone tunnel routes (sonic-net#2325)
yxieca pushed a commit that referenced this pull request Apr 4, 2023
Why I did it
src/linkmgrd

* 373544f - (HEAD -> 202205, origin/202205) [active-active] Add mux server state correction mechanism (#191) (3 days ago) [Longxiang Lyu]
src/sonic-platform-daemons

* 0260695 - (HEAD -> 202205, origin/202205) Fix issue: Exception occured at SfpStateUpdateTask thread due to KeyError('status') (#346) (3 days ago) [Junchao-Mellanox]
src/sonic-swss

* af46930 - (HEAD -> 202205, origin/202205) Custom monitoring based priority tunnels (3 days ago) [siqbal1986]
src/sonic-utilities

* fe224f09 - (HEAD -> 202205, origin/202205) Revert "Convert IPv6 addresses to lowercase in apply-patch (#2299)" (#2758) (3 days ago) [jingwenxie]
* cf12bb5e - [warm-reboot] Use kexec_file_load instead of kexec_load when available (#2608) (10 days ago) [Saikrishna Arcot]
* 93f1d740 - [warm-reboot] fix warm-reboot when /tmp/cache is missing (#2367) (10 days ago) [Stepan Blyshchak]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants