Update systemd-sonic-generator to make it work on Trixie

The version of systemd on Trixie no longer allows service generators to
write to directories outside of what has been explicitly passed in. This
affects DPU and multi-ASIC use cases. Therefore, rework
systemd-sonic-generator to meet these requirements.

Also, compile systemd-sonic-generator with C++17. The gtest headers no
longer support C++11, so it needs to be bumped up to C++14 at minimum.

Also, move logs for systemd-sonic-generator into /dev/kmsg (sonic-net#34)

Co-authored-by: Hemanth Kumar Tirupati <tirupatihemanthkumar@gmail.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>

Author: 2 people

files/build_templates/per_namespace/dash-ha.service.j2

@@ -10,6 +10,7 @@ StartLimitBurst=3
 
 [Service]
 User={{ sonicadmin_user }}
+ExecCondition=/bin/bash /usr/local/bin/is-npu-or-dpu.sh
 ExecStartPre=/usr/local/bin/{{docker_container_name}}.sh start{% if multi_instance == 'true' %} %i{% endif %}
 ExecStart=/usr/local/bin/{{docker_container_name}}.sh wait{% if multi_instance == 'true' %} %i{% endif %}
 ExecStop=/usr/local/bin/{{docker_container_name}}.sh stop{% if multi_instance == 'true' %} %i{% endif %}

files/build_templates/sonic_debian_extension.j2

@@ -677,10 +677,16 @@ sudo cp $IMAGE_CONFIGS/config-chassisdb/config-chassisdb $FILESYSTEM_ROOT/usr/bi
 echo "config-chassisdb.service" | sudo tee -a $GENERATED_SERVICE_FILE
 sudo LANG=C chroot $FILESYSTEM_ROOT systemctl enable config-chassisdb.service
 
+# Copy basic script to handle NPU/DPU-specific things that cannot otherwise be handled
+# Note: Intentionally not setting executable bit because users generally won't
+# need to manually run these scripts.
+sudo cp $IMAGE_CONFIGS/midplane-network/is-npu-or-dpu.sh $FILESYSTEM_ROOT/usr/local/bin/
+sudo cp $IMAGE_CONFIGS/midplane-network/define-npu-specific-netdevs.sh $FILESYSTEM_ROOT/usr/local/bin/
+
 # Copy midplane network service file for smart switch
-sudo cp $IMAGE_CONFIGS/midplane-network/bridge-midplane.netdev $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_NETWORK/bridge-midplane.netdev
+sudo cp $IMAGE_CONFIGS/midplane-network/bridge-midplane.netdev $FILESYSTEM_ROOT/usr/share/sonic/templates/bridge-midplane.netdev
 sudo cp $IMAGE_CONFIGS/midplane-network/bridge-midplane.network $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_NETWORK/bridge-midplane.network
-sudo cp $IMAGE_CONFIGS/midplane-network/dummy-midplane.netdev $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_NETWORK/dummy-midplane.netdev
+sudo cp $IMAGE_CONFIGS/midplane-network/dummy-midplane.netdev $FILESYSTEM_ROOT/usr/share/sonic/templates/dummy-midplane.netdev
 sudo cp $IMAGE_CONFIGS/midplane-network/dummy-midplane.network $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_NETWORK/dummy-midplane.network
 sudo cp $IMAGE_CONFIGS/midplane-network/midplane-network-npu.network $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_NETWORK/midplane-network-npu.network
 sudo cp $IMAGE_CONFIGS/midplane-network/midplane-network-dpu.network $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_NETWORK/midplane-network-dpu.network
@@ -689,29 +695,21 @@ sudo cp $IMAGE_CONFIGS/midplane-network/midplane-network-dpu.service $FILESYSTEM
 
 # Disable smart switch unit by default, these units will be controlled by systemd-sonic-generator
 sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/network/bridge-midplane.netdev
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/network/bridge-midplane.network
 sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/network/dummy-midplane.netdev
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/network/dummy-midplane.network
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/network/midplane-network-npu.network
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/network/midplane-network-dpu.network
-echo "midplane-network-npu.service" | sudo tee -a $GENERATED_SERVICE_FILE
+#echo "midplane-network-npu.service" | sudo tee -a $GENERATED_SERVICE_FILE
 sudo LANG=C chroot $FILESYSTEM_ROOT systemctl disable midplane-network-npu.service
-echo "midplane-network-dpu.service" | sudo tee -a $GENERATED_SERVICE_FILE
+#echo "midplane-network-dpu.service" | sudo tee -a $GENERATED_SERVICE_FILE
 sudo LANG=C chroot $FILESYSTEM_ROOT systemctl disable midplane-network-dpu.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha@dpu0.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha@dpu1.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha@dpu2.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha@dpu3.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha@dpu4.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha@dpu5.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha@dpu6.service
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/dash-ha@dpu7.service
+
 # According to the issue: https://github.com/systemd/systemd/issues/19106, To disable ManageForeignRoutingPolicyRules to avoid the ip rules being deleted by systemd-networkd
 sudo sed -i 's/#ManageForeignRoutingPolicyRules=yes/ManageForeignRoutingPolicyRules=no/g' $FILESYSTEM_ROOT/etc/systemd/networkd.conf
+sudo mkdir $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_SYSTEM/systemd-networkd.service.d
+sudo cp $IMAGE_CONFIGS/midplane-network/systemd-networkd.override.conf $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_SYSTEM/systemd-networkd.service.d/override.conf
 
-sudo ln -s /dev/null $FILESYSTEM_ROOT/etc/systemd/system/systemd-networkd.service
-sudo LANG=C chroot $FILESYSTEM_ROOT systemctl disable systemd-networkd-wait-online.service
+# Copy systemd-networkd-wait-online override configuration
+sudo mkdir -p $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_SYSTEM/systemd-networkd-wait-online.service.d
+sudo cp $IMAGE_CONFIGS/midplane-network/systemd-networkd-wait-online.override.conf $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_SYSTEM/systemd-networkd-wait-online.service.d/override.conf
+sudo LANG=C chroot $FILESYSTEM_ROOT systemctl enable systemd-networkd-wait-online.service
 
 # Copy backend-acl script and service file
 sudo cp $IMAGE_CONFIGS/backend_acl/backend-acl.service $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_SYSTEM/backend-acl.service
@@ -826,6 +824,11 @@ sudo LANG=C chroot $FILESYSTEM_ROOT systemctl enable fstrim.timer
 ## copy platform rc.local
 sudo cp $IMAGE_CONFIGS/platform/rc.local $FILESYSTEM_ROOT/etc/
 
+## Remove network-online.target dependency from rc-local.service debian.conf
+if [ -f $FILESYSTEM_ROOT/usr/lib/systemd/system/rc-local.service.d/debian.conf ]; then
+    sudo sed -i '/^After=network-online.target/d' $FILESYSTEM_ROOT/usr/lib/systemd/system/rc-local.service.d/debian.conf
+fi
+
 ## copy blacklist file
 sudo cp $IMAGE_CONFIGS/platform/linux_kernel_bde.conf $FILESYSTEM_ROOT/etc/modprobe.d/
 
@@ -1227,3 +1230,5 @@ sudo touch $FILESYSTEM_ROOT_ETC_SONIC/enable_multidb
 
 # Install syslog counter plugin
 install_deb_package $debs_path/syslog-counter_*.deb
+
+

files/dsc/dpu.service

@@ -6,7 +6,6 @@ Requires=local-fs.target
 After=local-fs.target
 Requires=ionic-modules.service
 After=ionic-modules.service
-Before=midplane-network-dpu.service
 
 [Service]
 Type=oneshot

files/image_config/midplane-network/define-npu-specific-netdevs.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -e
+
+if /bin/bash /usr/local/bin/is-npu-or-dpu.sh -n; then
+    cp --remove-destination /usr/share/sonic/templates/bridge-midplane.netdev /etc/systemd/network/
+    cp --remove-destination /usr/share/sonic/templates/dummy-midplane.netdev /etc/systemd/network/
+fi

files/image_config/midplane-network/is-npu-or-dpu.sh

@@ -0,0 +1,50 @@
+#!/bin/bash
+
+OPTIND=1         # Reset in case getopts has been used previously in the shell.
+
+CHECK_ONLY_FOR_DPU=0
+CHECK_ONLY_FOR_NPU=0
+
+while getopts "dn" opt; do
+  case "$opt" in
+    d)  CHECK_ONLY_FOR_DPU=1
+      ;;
+    n)  CHECK_ONLY_FOR_NPU=1
+      ;;
+  esac
+done
+
+PLATFORM=$(grep onie_platform /host/machine.conf | cut -d= -f 2)
+
+if [[ -z $PLATFORM ]]; then
+    PLATFORM=$(grep aboot_platform /host/machine.conf | cut -d= -f 2)
+fi
+
+HAS_DPU=0
+HAS_NPU=0
+
+if [[ -f /usr/share/sonic/device/${PLATFORM}/platform.json ]]; then
+    if jq -e '.DPUS' /usr/share/sonic/device/${PLATFORM}/platform.json >/dev/null; then
+        HAS_NPU=1
+    fi
+
+    if jq -e '.DPU' /usr/share/sonic/device/${PLATFORM}/platform.json >/dev/null; then
+        HAS_DPU=1
+    fi
+fi
+
+if [[ ${CHECK_ONLY_FOR_DPU} -eq 0 ]] && [[ ${CHECK_ONLY_FOR_NPU} -eq 0 ]]; then
+    if [[ ${HAS_DPU} -eq 1 ]] || [[ ${HAS_NPU} -eq 1 ]]; then
+        exit 0
+    fi
+elif [[ ${CHECK_ONLY_FOR_DPU} -eq 1 ]]; then
+    if [[ ${HAS_DPU} -eq 1 ]]; then
+        exit 0
+    fi
+else
+    if [[ ${HAS_NPU} -eq 1 ]]; then
+        exit 0
+    fi
+fi
+
+exit 1

files/image_config/midplane-network/systemd-networkd-wait-online.override.conf

@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --timeout=600

files/image_config/midplane-network/systemd-networkd.override.conf

@@ -0,0 +1,3 @@
+[Service]
+ExecCondition=/bin/bash /usr/local/bin/is-npu-or-dpu.sh
+ExecStartPre=+/bin/bash /usr/local/bin/define-npu-specific-netdevs.sh

src/systemd-sonic-generator/Makefile

@@ -1,8 +1,7 @@
 CC=gcc
-CFLAGS += -std=gnu99 -D_GNU_SOURCE
 
 CXX=g++
-CXXFLAGS += -std=c++11 -D_GNU_SOURCE -I ./
+CXXFLAGS += -std=c++20 -D_GNU_SOURCE -I ./
 LDFLAGS += -l stdc++ -lpthread -lboost_filesystem -lboost_system -lgtest -ljson-c
 
 BINARY = systemd-sonic-generator

src/systemd-sonic-generator/ssg-test.cc

@@ -6,6 +6,7 @@
  * Copyright (c) 2021 by Cisco Systems, Inc.
  *------------------------------------------------------------------
  */
+#include <fstream>
 #include <mutex>
 #include <string>
 #include <sys/stat.h>
@@ -71,8 +72,6 @@ const std::vector<std::string> generated_services = {
     "test.service",                 /* A single instance test service
                                        to test dependency creation */
     "test.timer",                   /* A timer service */
-    "midplane-network-npu.service", /* A midplane network service for smart switch NPU*/
-    "midplane-network-dpu.service", /* A midplane network service for smart switch DPU*/
     "database.service",             /* A database service*/
     "database@.service",            /* A database service for multi instances */
 };
@@ -225,15 +224,15 @@ class SsgMainTest : public SsgFunctionTest {
     bool find_string_in_file(std::string str,
                              std::string file_name) {
         bool found = false;
-            std::string line;
+        std::string line;
 
-            std::ifstream file(TEST_UNIT_FILE_PREFIX + file_name);
-            while (getline(file, line) && !found) {
-                if (str == line) {
-                    found = true;
-                    break;
-                }
+        std::ifstream file(TEST_OUTPUT_DIR + file_name);
+        while (getline(file, line) && !found) {
+            if (str == line) {
+                found = true;
+                break;
             }
+        }
         return found;
     }
 
@@ -263,6 +262,18 @@ class SsgMainTest : public SsgFunctionTest {
         }
     }
 
+    void validate_output_dependency_list_ignore_multi_instance(
+            std::vector<std::string> strs,
+            std::string target,
+            bool expected_result) {
+        for (std::string str : strs) {
+            bool finished = false;
+            EXPECT_EQ(find_string_in_file(str, target),
+                    expected_result)
+                    << "Error validating " + str + " in " + target;
+        }
+    }
+
     /* This function validates if unit file paths in the provided
      * list strs exists or not as per expected_result. The unit files
      * should exist if expected_result is true.
@@ -302,7 +313,16 @@ class SsgMainTest : public SsgFunctionTest {
      * This function validates the generated dependencies in a Unit File.
      */
     void validate_depedency_in_unit_file(const SsgMainConfig &cfg) {
-        std::string test_service = "test.service";
+        std::string test_service = "test.service.d/multi-asic-dependencies.conf";
+
+        if (IS_SINGLE_ASIC(cfg.num_asics) && cfg.num_dpus == 0) {
+            /* Nothing in this section will apply to single asic, as the file
+             * won't be created at all.
+             */
+            validate_output_dependency_list(common_dependency_list,
+                test_service, false, cfg.num_asics);
+            return;
+        }
 
         /* Validate Unit file dependency creation for multi instance
          * services. These entries should be present for multi asic
@@ -317,21 +337,10 @@ class SsgMainTest : public SsgFunctionTest {
          * Despite the split, the final result remains equivalent.
          */
         if (cfg.num_dpus > 0) {
-            /* Validate Unit file dependency creation for single instance
-            * services. These entries should not be present for multi asic
-            * system but present for single asic system.
-            */
-            validate_output_dependency_list(single_asic_dependency_list_split,
-                test_service, IS_SINGLE_ASIC(cfg.num_asics), cfg.num_asics);
-            validate_output_dependency_list(npu_dependency_list,
-                "midplane-network-npu.service", true, cfg.num_dpus);
-        } else {
-            /* Validate Unit file dependency creation for single instance
-            * services. These entries should not be present for multi asic
-            * system but present for single asic system.
-            */
-            validate_output_dependency_list(single_asic_dependency_list,
-                test_service, IS_SINGLE_ASIC(cfg.num_asics), cfg.num_asics);
+            for (int i = 0; i < cfg.num_dpus; i++) {
+                validate_output_dependency_list_ignore_multi_instance(npu_dependency_list,
+                    "database@dpu" + std::to_string(i) + ".service.d/ordering.conf", true);
+            }
         }
 
         /* Validate Unit file dependency creation for single instance
@@ -355,8 +364,6 @@ class SsgMainTest : public SsgFunctionTest {
             test_target, true, cfg.num_asics);
         validate_output_unit_files(npu_service_list,
             test_target, cfg.is_smart_switch_npu, cfg.num_dpus);
-        validate_output_unit_files(npu_network_service_list,
-            "network", cfg.is_smart_switch_npu, cfg.num_dpus);
         validate_output_unit_files(dpu_service_list,
             test_target, cfg.is_smart_switch_dpu, cfg.num_dpus);
         validate_output_unit_files(dpu_network_service_list,
@@ -374,19 +381,26 @@ class SsgMainTest : public SsgFunctionTest {
 
         checked_service_list.insert(checked_service_list.end(), common_service_list.begin(), common_service_list.end());
         if (cfg.num_dpus > 0) {
-            checked_service_list.insert(checked_service_list.end(), npu_service_list.begin(), npu_service_list.end());
+            checked_service_list.insert(checked_service_list.end(), npu_service_list_for_environment_variables.begin(), npu_service_list_for_environment_variables.end());
         }
         if (cfg.num_asics > 1) {
             checked_service_list.insert(checked_service_list.end(), multi_asic_service_list.begin(), multi_asic_service_list.end());
         }
 
         for (const auto &target: checked_service_list) {
-            if (find_string_in_file("[Service]", target)) {
-                for (const auto& item : env_vars) {
-                    std::string str = "Environment=\"" + item.first + "=" + item.second + "\"";
-                    EXPECT_EQ(find_string_in_file(str, target), true)
-                        << "Error validating " + str + " in " + target;
+            if (!target.ends_with(".service")) {
+                continue;
+            }
+
+            for (const auto& item : env_vars) {
+                std::string str = "Environment=\"" + item.first + "=" + item.second + "\"";
+                auto target_unit = target;
+                if (is_multi_instance(target)) {
+                    /* insert instance id in string */
+                    target_unit = (boost::format{target_unit} % "").str();
                 }
+                EXPECT_EQ(find_string_in_file(str, target_unit + ".d/environment.conf"), true)
+                    << "Error validating " + str + " in " + target_unit;
             }
         }
     }
@@ -466,14 +480,6 @@ class SsgMainTest : public SsgFunctionTest {
     /* Save global variables before running tests */
     virtual void SetUp() {
         SsgFunctionTest::SetUp();
-        // Create /dev/null symlink for simulation disabled service
-        std::vector<std::string> disabled_service;
-        disabled_service.insert(disabled_service.end(), npu_network_service_list.begin(), npu_network_service_list.end());
-        disabled_service.insert(disabled_service.end(), dpu_network_service_list.begin(), dpu_network_service_list.end());
-        for (const auto &service : disabled_service) {
-            fs::create_symlink("/dev/null", TEST_ETC_NETWORK + service);
-        }
-        fs::create_symlink("/dev/null", TEST_ETC_SYSTEM + "systemd-networkd.service");
     }
 
     /* Restore global vars */
@@ -488,7 +494,7 @@ class SsgMainTest : public SsgFunctionTest {
     static const std::vector<std::string> common_service_list;
     static const std::vector<std::string> non_smart_switch_service_list;
     static const std::vector<std::string> npu_service_list;
-    static const std::vector<std::string> npu_network_service_list;
+    static const std::vector<std::string> npu_service_list_for_environment_variables;
     static const std::vector<std::string> dpu_service_list;
     static const std::vector<std::string> dpu_network_service_list;
     static const std::vector<std::string> single_asic_dependency_list;
@@ -541,17 +547,11 @@ SsgMainTest::non_smart_switch_service_list = {
 const std::vector<std::string>
 SsgMainTest::npu_service_list = {
     "database@dpu%1%.service",
-    "midplane-network-npu.service",
 };
 
-/* Systemd service Unit file list for Smart Switch NPU. */
 const std::vector<std::string>
-SsgMainTest::npu_network_service_list = {
-    "bridge-midplane.netdev",
-    "bridge-midplane.network",
-    "dummy-midplane.netdev",
-    "dummy-midplane.network",
-    "midplane-network-npu.network",
+SsgMainTest::npu_service_list_for_environment_variables = {
+    "database@%1%.service",
 };
 
 /* Systemd service Unit file list for Smart Switch DPU. */
@@ -609,7 +609,8 @@ SsgMainTest::common_dependency_list = {
 
 const std::vector<std::string>
 SsgMainTest::npu_dependency_list = {
-    "Before=database@dpu%1%.service",
+    "Requires=systemd-networkd-wait-online@bridge-midplane.service",
+    "After=systemd-networkd-wait-online@bridge-midplane.service",
 };
 
 /* Test get functions for global vasr*/