[202511] Trixie base image upgrade#24988
Merged
yxieca merged 43 commits intosonic-net:202511from Jan 12, 2026
Merged
Conversation
Collaborator
|
/azp run Azure.sonic-buildimage |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Collaborator
|
/azp run Azure.sonic-buildimage |
|
Azure Pipelines will not run the associated pipelines, because the pull request was updated after the run command was issued. Review the pull request again and issue a new run command. |
Co-authored-by: Hemanth Kumar Tirupati <tirupatihemanthkumar@gmail.com> Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Update the following to the version present in Trixie: * bash to 5.2.37-2 * kdump-tools to 1.10.7 * openssh to 10.0p1-7 * snmpd to 5.9.4-2 Co-authored-by: Hua Liu <58683130+liuh-80@users.noreply.github.com> Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
The version of systemd on Trixie no longer allows service generators to write to directories outside of what has been explicitly passed in. This affects DPU and multi-ASIC use cases. Therefore, rework systemd-sonic-generator to meet these requirements. Also, compile systemd-sonic-generator with C++17. The gtest headers no longer support C++11, so it needs to be bumped up to C++14 at minimum. Also, move logs for systemd-sonic-generator into /dev/kmsg (#34) Co-authored-by: Hemanth Kumar Tirupati <tirupatihemanthkumar@gmail.com> Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Co-authored-by: Hemanth Kumar Tirupati <tirupatihemanthkumar@gmail.com> Co-authored-by: Brad House - NextHop <bhouse@nexthop.ai> Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Loosen the help text check in `test_cfghelp.py` in `sonic-yang-mgmt`. The exact text might change from one Python version to another, and help text itself is more for use by a human rather than a machine. It's better to check that the expected elements of the help text (something about the options that are expected and the descriptions) are there rather than the exact formatting. Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
There is one test that is failing for unclear reasons. Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Co-authored-by: Yan Markman <ymarkman@marvell.com> Co-authored-by: Hemanth Kumar Tirupati <tirupatihemanthkumar@gmail.com> Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
With the base image upgrade to Trixie, Bookworm-based containers will need to use Boost 1.83. This is because of an incompatibility between rsyslog_plugin that uses Boost 1.83 on Trixie and the eventd container that uses Boost 1.74 on Bookworm; specifically there is an incompatiblity with serialization of objects between the two versions of Boost. Because of this, for Bookworm, use Boost 1.83 instead of the default to the default Boost 1.74. Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
With the trixie upgrade, all of the package versions for the base image will have changed, meaning the version control files will not be useful at all for the base image. Take this opportunity to recreate all of the version files (including the ones for the containers). Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Install and use the pam_system module, where systemd creates a user session manager for each user that logs in. This is now required for limiting login sessions, but brings in some advantages of cgroups limiting each user's resources and some resource isolation from the main sshd service. Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
* Fix FIPS build issue on trixie * Update sonic-fips.mk --------- Co-authored-by: sonicbld <sonicbld@microsoft.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
…he kernel module compilation errors Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
* [trixie] handle kernel feature string, sonic With respect to linux-headers for ARCH vs. COMMON KVER_ARCH := $(KVER)-sonic-amd64 KVER_COMMON := $(KVER)-common-sonic * kernel 6.12.x compile
Co-authored-by: sonicbld <sonicbld@microsoft.com> Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Support building under older kernels and newer kernels Fix Nexthop ADM driver for Trixie Simple ifdef to be able to compile for 6.1 and 6.12. This driver was recently upstreamed so it was brought in with the latest rebase.
* device [marvell] marvell-prestera for trixie device/marvell-prestera update required for trixie Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform submod [marvell] mrvl-prestera for trixie Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform submod [marvell] sonic-platform-marvell for trixie Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform [marvell] prestera - support AC5P-RD Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com> * platform [marvell] prestera boot distinct mmcblk vs scsi Why I did it AC5P-RD (arm64-marvell_rd98DX45xx_cn9131-r0) may have disk scsi or mmcblk, but only scsi is handled. On the "sonic-installer install" action the blk_dev is empty instead of "blk_dev=/dev/mmcblk0" leading to wrong Uboot env parameters sonic_boot_load= ... mmc 0: ... sonic_boot_load_old= ... mmc 0: ... instead of correct "mmc 0:2" The further reboot fails with Wrong Image Format for bootm command ERROR: can't get kernel image! How I did it Add mmc_bus="mmc0:0001" and use in get_install_device() as last default. How to test sonic-installer install sonic-marvell-prestera-arm64.bin; reboot Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform [marvell-prestera][nokia] debian/rules and 7215-a1 for trixie NOKIA board 7215-a1 Adjust debian/rules and Kernel-module source for TRIXIE Signed-off-by: Yan Markman <ymarkman@marvell.com> --------- Signed-off-by: Yan Markman <ymarkman@marvell.com> Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com> Co-authored-by: Pavan Naregundi <pnaregundi@marvell.com>
The following are the changes to get the modules compile:
* Update `probe` function signature in the `i2c_driver instance dropping
`i2c_device_id` parameter. This parameter is mostly unused in the probe
function, if used, can be derived from the passed client pointer.
* Remove `llseek` assignment to `no_llseek` in `file_operations`.
* Remove `I2C_CLASS_SPD` attribute added by the modules.
* Add missing import to `PMBUS` namespace.
* Update `remove` function signature in the `platform_driver` and `pci_driver`
instances, dropping return values.
* Update `i2c_mux_add_adapter` args, dropping more than 3 args, if passed.
* Fix `-Wint-conversion` errors occurring when `resource_size_t` is set to
`NULL` instead of `0`.
* Replace `strlcpy` with `strscpy`.
The following changes are done to align with trixie build (and other platforms):
* Remove `debian/compat` file.
* Update compat level to 13 and kernel version in `debian/control`.
* Update `debian/rules` to use `pybuild` for non-PDDF modules and the
conventional wheel package build for the PDDF modules. Also set shell option to
exit upon encountering error.
* Cleanup copying of wheel package in non-PDDF modules as the scripts are
installed as part of debian package.
* Make wheel package available under `build-<mod>` instead of under `modules`.
The changes are tested by building the platform packages through invoking the
below command:
`make NOBUSTER=1 NOBULLSEYE=1 NOBOOKWORM=1 target/debs/trixie/platform-modules-dx010_1.0_amd64.deb`
Additionally, with further changes to rebranding of platform (not part of this
commit, will be raised separately) and skipping inclusion of other platforms,
verified install/boot of the `sonic-broadcom.bin` on a `DS3000` unit.
platform-celestica: config and script fixes for pddf init (#55)
The following fixes applicable to platforms (ds1000, ds2000, ds3000,
ds4000/silverstone-v2) for correct pddf intialization and access of platform
devices:
* Update pddf-device json eliminating the need for additional indexing,
multiplication operations in raw ipmi get.
* The PDDF infra expects `num_components` as part of json config, update the
same.
* The ASIC PCIe firmware version uses `bcmcmd` to fetch the version. However,
when syncd is not running, the error string is reported as version, fix this
by return version as `Unknown` instead.
* The PDDF component init passes pddf_data and pddf_plugin_data parameters,
accommodate this.
* Lookup correct overridden fan names from the PDDF plugin data accommodating
fantray/psu and fan indices.
* Lookup correct overridden thermal names from the PDDF plugin data.
* Update platform specific monitoring service to start after `pddf-platform-init`
service as this service imports `sonic_platform` module.
* Update references of `/sys/class/i2c-adapter` to `/sys/bus/i2c/devices`
instead.
Tested these changes on ds1000, ds2000, ds3000 and silverstone-v2 platforms with
accessing platform commands querying PDDF components. Verified that the accesses
to the components are ok.
Co-authored-by: Ramasamy Chandramouli <rachandr@celestica.com>
Co-authored-by: Hemanth Kumar Tirupati <tirupatihemanthkumar@gmail.com> Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
…logs The `imklog` plugin of rsyslog collects the kernel logs from `/dev/kmsg` and enqueues it to the syslog. With `CONFIG_PRINTK_TIME` the kernel messages are by default prefixed with the elapsed time since boot. The `imklog` plugin parsing these messages have a few options such as to keep the timestamps as such or to interpret and adjust the syslog's reported time accordingly. The rsylog release `8.2312.0` has fixes in interpreting these timestamps, leading to the change in behavior observed in sonic-net#24386. https://salsa.debian.org/debian/rsyslog/-/blob/debian/8.2504.0-1/ChangeLog?ref_type=tags#L619 To restore the earlier behavior or retaining the kernel reported elapsed time, disable `KlogParseKernelTimestamp` as this leads to removal of timestamp from kernel messages and enable `KlogKeepKernelTimestamp` explicitly. The later is required as the default is now to discard the kernel timestamp. With this change, the logs retain the kernel timestamp: root@sonic:~# cat /var/log/syslog | grep "sonic.*kernel:" | head -n 3 2025 Nov 4 05:15:14.918946 sonic NOTICE kernel: [ 0.000000] Linux version 6.12.41+deb13-sonic-amd64 (debian-kernel@lists.debian.org) (x86_64-linux-gnu-gcc-14 (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44) #1 SMP PREEMPT_DYNAMIC Debian 6.12.41-1 (2025-08-12) 2025 Nov 4 05:15:14.919533 sonic INFO kernel: [ 0.000000] Command line: BOOT_IMAGE=/image-trixie.0-dirty-20251102.122837/boot/vmlinuz-6.12.41+deb13-sonic-amd64 root=UUID=ac0b6826-f8a3-461f-a8ff-701df60d90b6 rw console=tty0 console=ttyS0,115200n8 quiet processor.max_cstate=1 intel_idle.max_cstate=0 net.ifnames=0 biosdevname=0 loop=image-trixie.0-dirty-20251102.122837/fs.squashfs loopfstype=squashfs apparmor=1 security=apparmor varlog_size=4096 usbcore.autosuspend=-1 intel_iommu=off modprobe.blacklist=gpio_ich,i2c-ismt,i2c_ismt,i2c-i801,i2c_i801 crashkernel=0M-2G:256M,2G-4G:320M,4G-8G:384M,8G-:448M acpi_no_watchdog 2025 Nov 4 05:15:14.919536 sonic INFO kernel: [ 0.000000] BIOS-provided physical RAM map: root@sonic:~# cat /var/log/syslog | grep "sonic.*kernel:" | tail -n 3 2025 Nov 4 05:17:26.831607 sonic WARNING kernel: [ 143.527486] PDDF_LED set_status_led: Set [FANTRAY_LED;1] color[green] 2025 Nov 4 05:17:26.912442 sonic WARNING kernel: [ 143.607086] PDDF_LED set_status_led: Set [FANTRAY_LED;2] color[green] 2025 Nov 4 05:20:32.499634 sonic WARNING kernel: [ 329.195319] PDDF_LED set_status_led: Set [SYS_LED;0] color[amber] root@sonic:~# Signed-off-by: Ramasamy Chandramouli <rachandr@celestica.com> Co-authored-by: Ramasamy Chandramouli <rachandr@celestica.com>
* Add linux-kbuild as build dependency for signing kernel modules * Fix rshim 2.5.7 build dependency requirements
* sonic-platform-marvell replace i2c-adapter Signed-off-by: Yan Markman <ymarkman@marvell.com> * mrvl-prestera KO update trixie Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform/marvell-prest: Nokia7215: i2c-adapter to i2c-dev Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform/marvell-prest: Nokia7215-armhf ko-modules init Add mvGpioDrv.ko source and build. Run-time install mvcpss.ko and mvGpioDrv.ko by the nokia-7215init.sh. This run-time install is strictly needed to speedup and resolve timing latency and async-collisions on TRIXIE. Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform/marvell-prest: Nokia7215: cmdline with cma=32M SONIC handles TWO images and config Uboot env for them with possibility ro run either one of them run sonic_image_1 -- default auto-started run sonic_image_2 -- alternative non default "linuxargs_old" The ARM-HF architecture requires CMA (DMA) area 32M reservation over Kernel command line by parameter cma=32M@0-3G. For the "default" this cma=32M@0-3G present but the alternative run loss this parameter and fails on SAI-start. Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform/marvell-prest: move PLATFORM_CN9131 fit_addr up trixie On TRIXIE 'initrd' loaded into 0x6000000 with size exceeding the address 0x8000000. This overlaps with FIT-image loaded into fdt_addr=0x8000000. FIX: Move loading address up to fdt_addr=0x9000000 Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform/marvell-prest: ramdisk compression none arm64 According to boot startup the ramdisk compression is deprecated. Config sonic_fit.its with compression "none". Signed-off-by: Yan Markman <ymarkman@marvell.com> * platform/marvell-prest: fdt_cn9131 link to usr/lib/linux-image-arm64 Use fdt_cn9131 pointing to link usr/lib/linux-image-arm64/ just like it is used by all other platforms (instead of /boot/ used in Bookworm) Signed-off-by: Yan Markman <ymarkman@marvell.com> --------- Signed-off-by: Yan Markman <ymarkman@marvell.com>
* Linux Kbuild support for signing added to all platforms through #62 Hence removing this dependency for Mellanox platform * Fix Actual kernel version read by component versions Before root@sonic:/home/admin# get_component_versions.py KERNEL 6.12.41+deb13-sonic 13 After root@sonic:/home/admin# get_component_versions.py KERNEL 6.12.41+deb13-sonic 6.12.41+deb13-sonic
Downgrade to grub2 2.06 from Trixie's 2.12. This is to serve as a workaround for ONIE chainloading not fully working when secure boot is enabled, until we have a better solution available. Workaround for sonic-net#24249 Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
…ebian 13 (Trixie)
* Dont run dkms build command twice Signed-off-by: Vivek Reddy <vkarri@nvidia.com> * Install linux headers before DKMS package Signed-off-by: Vivek Reddy <vkarri@nvidia.com> * Add an ability to pass custom options or env variables to install targets Signed-off-by: Vivek Reddy <vkarri@nvidia.com> --------- Signed-off-by: Vivek Reddy <vkarri@nvidia.com> Co-authored-by: Vivek Reddy <vkarri@nvidia.com>
* [master_RC] Update hw-mgmt to V.7.0050.2000 * [master_RC] Update hw-mgmt pointer to V.7.0050.2000 * Integrate HW-MGMT 7.0050.2002 Changes * Update SAI to SAIBuild2505.33.2.67 and SDK/FW to 4.8.2096/2016.2096 and SIMx to 25.10-1134 * Update MFT to 4.34.0-145 * Track sonic-linux-kernel submodule with nvidia trixie platform support changes for switch --------- Co-authored-by: Volodymyr Samotiy <volodymyrs@nvidia.com>
…sonic-net#23989) To add platform service support based on PDDF to DBMVTX9180 board. This PR also adds additional HWSKUs DBMVTX9180 platform. --------- Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com>
* Add Trixie support Signed-off-by: Naveen Rampuram <nrampuram@marvell.com> * Update submodule sonic-platform-marvell-teralynx Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com> * Update submodule mrvl-teralynx Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com> --------- Signed-off-by: Naveen Rampuram <nrampuram@marvell.com> Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com> Co-authored-by: Naveen Rampuram <nrampuram@marvell.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Signed-off-by: Hemanth Kumar Tirupati <htirupati@nvidia.com>
saiarcot895
force-pushed
the
202511-trixie
branch
from
69f0405 to
b72ee63
Compare
Collaborator
|
/azp run Azure.sonic-buildimage |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Contributor
Author
|
/azpw run |
Collaborator
|
/AzurePipelines run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
saiarcot895
requested review from
lguohan,
qiluo-msft and
xumia
as code owners
This was referenced Jan 12, 2026
This was referenced Jan 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
12 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why I did it
Cherry-pick of #23340 to 202511 branch.
This upgrades the base image (including kernel) to Debian Trixie. Containers remain on Debian Bookworm at this time.
Work item tracking
How I did it
How to verify it
Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
Description for the changelog
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)