Skip to content

Update container_hardening for gnmi container#19886

Closed
ganglyu wants to merge 1 commit intosonic-net:masterfrom
ganglyu:dev/gnmi_privileged
Closed

Update container_hardening for gnmi container#19886
ganglyu wants to merge 1 commit intosonic-net:masterfrom
ganglyu:dev/gnmi_privileged

Conversation

@ganglyu
Copy link
Copy Markdown
Contributor

@ganglyu ganglyu commented Jul 29, 2025

Description of PR

Summary:
Fixes # (issue)

Type of change

  • Bug fix
  • Testbed and Framework(new/improvement)
  • New Test case
    • Skipped for non-supported platforms
  • Test case improvement

Back port request

  • 202205
  • 202305
  • 202311
  • 202405
  • 202411
  • 202505

Approach

What is the motivation for this PR?

How did you do it?

How did you verify/test it?

Any platform specific information?

Supported testbed topology if it's a new test case?

Documentation

@mssonicbld
Copy link
Copy Markdown
Collaborator

mssonicbld commented Jul 29, 2025

/azp run

@azure-pipelines
Copy link
Copy Markdown

azure-pipelines bot commented Jul 29, 2025

Azure Pipelines successfully started running 1 pipeline(s).

@ganglyu ganglyu closed this Nov 25, 2025
kazinator-arista pushed a commit to kazinator-arista/sonic-mgmt that referenced this pull request Mar 4, 2026
@saiarcot895 @vivekrnv
[202311] Update to Linux kernel 5.10.218 (sonic-net#19886)
80382c7 
* Update to Linux kernel 5.10.218

Signed-off-by: Saikrishna Arcot <[email protected]>

* [202311] [5.10.218] Integrate HW-MGMT 7.0030.4104 Changes (sonic-net#22)

* Integrate HW-MGMT 7.0030.4103 Changes

 ## Patch List
* 0098-2-Revert-mlxsw-i2c-Fix-chunk-size-setting.patch :
* 0241-DS-mlxsw-core_linecards-Disable-firmware-bundling-ma.patch :
* 0244-mlxsw-Use-u16-for-local_port-field-instead-of-u8.patch : torvalds/linux@c934757d9000
* 0245-mlxsw-minimal-Change-type-for-local-port.patch :
* 0246-mlxsw-i2c-Fix-chunk-size-setting-in-output-mailbox-b.patch :
* 0257-mlxsw-core_hwmon-Align-modules-label-name-assignment.patch :
* 0259-mlxsw-i2c-Limit-single-transaction-buffer-size.patch :
* 0260-mlxsw-reg-Limit-MTBR-register-records-buffer-by-one-.patch :
* 0269-dt-bindings-trivial-devices-Add-infineon-xdpe1a2g7.patch :
* 0270-leds-mlxreg-Add-support-for-new-flavour-of-capabilit.patch :
* 0271-leds-mlxreg-Remove-code-for-amber-LED-colour.patch :
* 0272-platform_data-mlxreg-Add-capability-bit-and-mask-fie.patch :
* 0273-hwmon-mlxreg-fan-Add-support-for-new-flavour-of-capa.patch :
* 0274-hwmon-mlxreg-fan-Extend-number-of-supporetd-fans.patch :
* 0281-platform-mellanox-Introduce-support-for-switches-equ.patch :
* 0282-mellanox-Relocate-mlx-platform-driver.patch :
* 0290-platform-mellanox-mlxreg-hotplug-Add-support-for-new.patch :
* 0291-platform-mellanox-mlx-platform-Change-register-name.patch :
* 0292-platform-mellanox-mlx-platform-Add-support-for-new-X.patch :
* 0294-mlxsw-i2c-Downstream-Add-retry-mechanism-for-failed-.patch :
* 0295-mlxsw-i2c-DBG-Add-debug-output-for-failed-transactio.patch :
* 0296-platform-mellanox-indicate-deferred-I2C-bus-creation.patch :
* 0298-platform-mellanox-mlx-platform-Fix-FAN-tacho-reading.patch :

* Integrate HW-MGMT 7.0030.4104 Changes

* [sflow]: Enable linux capabilities on sflow container for kernel 5.10.218 compatibility

In 5.10.218, Kernel mandates the process to have SYS_ADMIN/NET_ADMIN capability to join events/packets multicast group respectively
PSAMPLE used packets and DROPMON uses events

Signed-off-by: Saikrishna Arcot <[email protected]>
Signed-off-by: Vivek Reddy <[email protected]>
Co-authored-by: Vivek <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ganglyu @mssonicbld