Conversation
Backporting sonic-net#12692 PR on 202205 branch. The diffs of sonic-net#12692 does not cleanly gets apply. on 202205 branch. Hence the patch sonic-net#12692 slightly modified so that it can get applied on 202205 branch without functional break. Signed-off-by: Sachin Naik <[email protected]>
|
@davidpil2002 , would you please review this one for 202205? thanks |
|
@sacnaik In general look good to me. |
The older ONIE version does not support mokutil command. This backport changes will address the issue.
|
|
looks good to me, |
hi @sacnaik , You are welcome to review it as well |
|
Backported #14589 as well |
yxieca
left a comment
yxieca
left a comment
There was a problem hiding this comment.
This change is not an approved feature for 202205 branch. Please request back porting to 202211 branch instead.
rlhui
added
the
Chassis for 202205 branch
#14589) …1.11 by using efivar tool instead #### Why I did it solution to BUG below/ #14316 bug report also in this issue: backport: secureboot support #14246 #### How I did it When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name `mokutil` this tool its not exist in ONIE version older than 2021.11 so its crasshing the install. To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system #### How to verify it Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).
|
Already Backport msft repo 202205 branch. |
sonic-net#14589) …1.11 by using efivar tool instead #### Why I did it solution to BUG below/ sonic-net#14316 bug report also in this issue: backport: secureboot support sonic-net#14246 #### How I did it When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name `mokutil` this tool its not exist in ONIE version older than 2021.11 so its crasshing the install. To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system #### How to verify it Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).
gechiang
added
the
Included in Chassis for 202205 Branch
|
Added the label "Icluded in Chassis for 202205 branch" label to keep the consistency where this PR was already backported by Abhishek separately even though this PR got closed. |
sonic-net#14589) …1.11 by using efivar tool instead #### Why I did it solution to BUG below/ sonic-net#14316 bug report also in this issue: backport: secureboot support sonic-net#14246 #### How I did it When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name `mokutil` this tool its not exist in ONIE version older than 2021.11 so its crasshing the install. To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system #### How to verify it Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).
8 participants
Backporting PR#12692 to the 202205 branch.
The diffs of PR#12692 do not cleanly get applied to the 202205 branch. Hence patch #12692 was slightly modified for the 202205 branch.
Why I did it
To support UEFI secure boot on the 202205 branch
How I did it
The feature is supported at the master branch see #12692.
Backported #12692 from master to 202205 branch
How to verify it
Booted on UEFI secure boot-enabled hardware.
Which release branch to backport (provide reason below if selected)
Description for the changelog
Refer HLD: sonic-net/SONiC#1028
Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)