[secure boot]Fix mokutil check issue with ONIE version older than 202…

[davidpil2002]

…1.11 by using efivar tool instead

Why I did it

solution to BUG below/
#14316
bug report also in this issue:
backport: secureboot support #14246

How I did it

When installing an image secure boot is checking if the UEFI have the secure boot flag enabled or disabled using a tool name mokutil this tool its not exist in ONIE version older than 2021.11 so its crasshing the install.
To fix that we add a coded that checking secure boot enabled/disabled by using efivar tool that should exist in any UEFI system

How to verify it

Install the image in a device with ONIE version older than 2021.11 and check that the installation and boot succeed (all docker up).

Which release branch to backport (provide reason below if selected)

• 201811
• 201911
• 202006
• 202012
• 202106
• 202111
• 202205
• [X ] 202211

Description for the changelog

Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

[davidpil2002]

pls @sacnaik can you review this fix?
@ITJamie can you review it as well, and confirm if its working on your ONIE version

[lguohan]

not sure what this 1 means here. can we use macro?

[davidpil2002]

done

[davidpil2002]

PR ready

[davidpil2002]

done

[davidpil2002]

you are WC to test this fix in your environment as well.
@kuanyu99

[luigitalboy]

Hllo @davidpil2002 ,
I will be glad to test the build on my env but should I have to compile it or the bin is already available?
Thanks!!

[davidpil2002]

Hllo @davidpil2002 , I will be glad to test the build on my env but should I have to compile it or the bin is already available? Thanks!!

Hi @luigitalboy ,
you should cherry-pick the fix to master branch or pull this branch, and build locally.

I don't think that Azure build image build in PR can be access to download the binary image,
@lguohan is possible to get access to the target image when the build in this PR finish?

[ITJamie]

the most recent broadcom build from this pr can be accessed at https://dev.azure.com/mssonic/build/_build/results?buildId=252268&view=artifacts&pathAsName=false&type=publishedArtifacts or more directly https://artprodcus3.artifacts.visualstudio.com/Af91412a5-a906-4990-9d7c-f697b81fc04d/be1b070f-be15-4154-aade-b1d3bfb17054/_apis/artifact/cGlwZWxpbmVhcnRpZmFjdDovL21zc29uaWMvcHJvamVjdElkL2JlMWIwNzBmLWJlMTUtNDE1NC1hYWRlLWIxZDNiZmIxNzA1NC9idWlsZElkLzI1MjI2OC9hcnRpZmFjdE5hbWUvc29uaWMtYnVpbGRpbWFnZS5icm9hZGNvbQ2/content?format=zip

(this is a large 16gb download of all the build artifacts, inside is the broadcom bin)

[luigitalboy]

Thanks @ITJamie! I downloaded the zip and I'm installing the sonic bin inside. Let's cross the fingers!

[luigitalboy]

@ITJamie Unfortunately the installation failed again:

ONIE:/ # onie-nos-install tftp://192.168.1.21/sonic-broadcom.bin
discover: installer mode detected.
Stopping: discover... done.
Info: Fetching tftp://192.168.1.21/sonic-broadcom.bin ...
sonic-broadcom.bin 0% | | 2402M999:59:59 ETA
ONIE: Executing installer: tftp://192.168.1.21/sonic-broadcom.bin
Verifying image checksum ... OK.
Preparing image archive ... OK.
Installing SONiC in ONIE
ONIE Installer: platform: x86_64-broadcom-r0
onie_platform: x86_64-quanta_ix8_rglbmc-r0
deleting partition 3 ...
Filesystem 1K-blocks Used Available Use% Mounted on
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
The operation has completed successfully.
Partition #1 is in use.
Partition #2 is in use.
Partition #3 is available
Creating new SONiC-OS partition /dev/sda3 ...
Could not create partition 3 from 788480 to 67897343
Unable to set partition 3's name to 'SONiC-OS'!
Error encountered; not saving changes.
Warning: The first trial of creating partition failed, trying the largest aligned available block of sectors on the disk
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
The operation has completed successfully.
mke2fs 1.42.8 (20-Jun-2013)
Discarding device blocks: done
Filesystem label=SONiC-OS
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
1929536 inodes, 7718097 blocks
385904 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
236 block groups
32768 blocks per group, 32768 fragments per group
8176 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

Installing SONiC to /tmp/tmp.0g3hQb/image-master-14589.252268-5ac59dc89
Archive: fs.zip
creating: boot/
inflating: boot/initrd.img-5.10.0-18-2-amd64
inflating: boot/System.map-5.10.0-18-2-amd64
inflating: boot/config-5.10.0-18-2-amd64
inflating: boot/vmlinuz-5.10.0-18-2-amd64
inflating: fs.squashfs
ONIE_IMAGE_PART_SIZE=32768
EXTRA_CMDLINE_LINUX=sonic_fips=1
Success: Support tarball created: /tmp/onie-support.tar.bz2
Failure: Unable to install image: tftp://192.168.1.21/sonic-broadcom.bin

[davidpil2002]

I will continue the debug on sunday probably, but pls can you type in your onie shell efivar -l
@luigitalboy

[gaggaman]

@davidpil2002 Same here:
...
Installing SONiC to /tmp/tmp.bzT1Ux/image-master-14589.252268-5ac59dc89
Archive: fs.zip
creating: boot/
inflating: boot/initrd.img-5.10.0-18-2-amd64
inflating: boot/System.map-5.10.0-18-2-amd64
inflating: boot/config-5.10.0-18-2-amd64
inflating: boot/vmlinuz-5.10.0-18-2-amd64
inflating: fs.squashfs
ONIE_IMAGE_PART_SIZE=32768
EXTRA_CMDLINE_LINUX=sonic_fips=1
Success: Support tarball created: /tmp/onie-support-cel_silverstone_dp.tar.bz2
Failure: Unable to install image: tftp://xx.xx.xx.xx/sonic-broadcom.bin
ONIE:/ #

No visible error message - just "Failure: Unable to install..." . Can I do anything to track this down?

Here is my efivar -l :

ONIE:/ # efivar -l
8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOrder
1b838190-4625-4ead-abc9-cd5e6af18fe0-HiiDB
8be4df61-93ca-11d2-aa0d-00e098032b8c-BootCurrent
8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOptionSupport
8be4df61-93ca-11d2-aa0d-00e098032b8c-PlatformLangCodes
8be4df61-93ca-11d2-aa0d-00e098032b8c-ErrOutDev
8be4df61-93ca-11d2-aa0d-00e098032b8c-ConOutDev
8be4df61-93ca-11d2-aa0d-00e098032b8c-ConInDev
4696e96d-e8d8-4703-bf7b-95c0bf14f3e6-VarRtmh
8be4df61-93ca-11d2-aa0d-00e098032b8c-OsIndicationsSupported
01368881-c4ad-4b1d-b631-d57a8ec8db6b-FPDT_Volatile
4bafc2b4-02dc-4104-b236-d6f1b98d9e84-S3SS
80e1202e-2697-4264-9cc9-80762c3e5863-Setup
ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-UsbSupport
d1405d16-7afc-4695-bb12-41459d3695a2-NetworkStackVar
c811fa38-42c8-4579-a9bb-60e94eddfb34-AMITSESetup
8be4df61-93ca-11d2-aa0d-00e098032b8c-Timeout
8be4df61-93ca-11d2-aa0d-00e098032b8c-PlatformLang
ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-Setup
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0004
d3705011-bc19-4af7-be16-f68030378c15-BootState
e20939be-32d4-41be-a150-897f85d49829-MemoryOverwriteRequestControl
4b3082a3-80c6-4d7e-9cd0-583917265df1-MaximumTableSize
4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosScratchBuffer
4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosV3EntryPointTable
4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosEntryPointTable
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0005
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0002
45cf35f6-0d6e-4d04-856a-0370a5b16f53-DefaultBootOrder
3c4ead08-45ae-4315-8d15-a60eaa8caf69-DefaultLegacyDevOrder
a56074db-65fe-45f7-bd21-2d2bdd8e9652-LegacyDevOrder
7d3dceee-cbce-4ea7-8709-6e552f1edbde-TpmServFlags
8be4df61-93ca-11d2-aa0d-00e098032b8c-ErrOut
8be4df61-93ca-11d2-aa0d-00e098032b8c-ConIn
8be4df61-93ca-11d2-aa0d-00e098032b8c-ConOut
a1948ff0-8c5d-11e0-83f2-0800200c9a66-RetryCounterMmioIo
8163179a-f31a-4132-aede-89f36aee43da-LastBootFailedIoh
4b3082a3-80c6-4d7e-9cd0-583917265df1-WriteOnceStatus
378d7b65-8da9-4773-b6e4-a47826a833e2-RTC
ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-IntelSetup
01239999-fc0e-4b6e-9e79-d54d5db6cd20-ServerSetup
378d7b65-8da9-4773-b6e4-a47826a833e1-RTC
01368881-c4ad-4b1d-b631-d57a8ec8db6b-MonotonicCounter
4599d26f-1a11-49b8-b91f-858745cff824-StdDefaults
ONIE:/ #

[davidpil2002]

@davidpil2002 Same here: ... Installing SONiC to /tmp/tmp.bzT1Ux/image-master-14589.252268-5ac59dc89 Archive: fs.zip creating: boot/ inflating: boot/initrd.img-5.10.0-18-2-amd64 inflating: boot/System.map-5.10.0-18-2-amd64 inflating: boot/config-5.10.0-18-2-amd64 inflating: boot/vmlinuz-5.10.0-18-2-amd64 inflating: fs.squashfs ONIE_IMAGE_PART_SIZE=32768 EXTRA_CMDLINE_LINUX=sonic_fips=1 Success: Support tarball created: /tmp/onie-support-cel_silverstone_dp.tar.bz2 Failure: Unable to install image: tftp://xx.xx.xx.xx/sonic-broadcom.bin ONIE:/ #

No visible error message - just "Failure: Unable to install..." . Can I do anything to track this down?

Here is my efivar -l :

ONIE:/ # efivar -l 8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOrder 1b838190-4625-4ead-abc9-cd5e6af18fe0-HiiDB 8be4df61-93ca-11d2-aa0d-00e098032b8c-BootCurrent 8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOptionSupport 8be4df61-93ca-11d2-aa0d-00e098032b8c-PlatformLangCodes 8be4df61-93ca-11d2-aa0d-00e098032b8c-ErrOutDev 8be4df61-93ca-11d2-aa0d-00e098032b8c-ConOutDev 8be4df61-93ca-11d2-aa0d-00e098032b8c-ConInDev 4696e96d-e8d8-4703-bf7b-95c0bf14f3e6-VarRtmh 8be4df61-93ca-11d2-aa0d-00e098032b8c-OsIndicationsSupported 01368881-c4ad-4b1d-b631-d57a8ec8db6b-FPDT_Volatile 4bafc2b4-02dc-4104-b236-d6f1b98d9e84-S3SS 80e1202e-2697-4264-9cc9-80762c3e5863-Setup ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-UsbSupport d1405d16-7afc-4695-bb12-41459d3695a2-NetworkStackVar c811fa38-42c8-4579-a9bb-60e94eddfb34-AMITSESetup 8be4df61-93ca-11d2-aa0d-00e098032b8c-Timeout 8be4df61-93ca-11d2-aa0d-00e098032b8c-PlatformLang ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-Setup 8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0004 d3705011-bc19-4af7-be16-f68030378c15-BootState e20939be-32d4-41be-a150-897f85d49829-MemoryOverwriteRequestControl 4b3082a3-80c6-4d7e-9cd0-583917265df1-MaximumTableSize 4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosScratchBuffer 4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosV3EntryPointTable 4b3082a3-80c6-4d7e-9cd0-583917265df1-SmbiosEntryPointTable 8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0005 8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot0002 45cf35f6-0d6e-4d04-856a-0370a5b16f53-DefaultBootOrder 3c4ead08-45ae-4315-8d15-a60eaa8caf69-DefaultLegacyDevOrder a56074db-65fe-45f7-bd21-2d2bdd8e9652-LegacyDevOrder 7d3dceee-cbce-4ea7-8709-6e552f1edbde-TpmServFlags 8be4df61-93ca-11d2-aa0d-00e098032b8c-ErrOut 8be4df61-93ca-11d2-aa0d-00e098032b8c-ConIn 8be4df61-93ca-11d2-aa0d-00e098032b8c-ConOut a1948ff0-8c5d-11e0-83f2-0800200c9a66-RetryCounterMmioIo 8163179a-f31a-4132-aede-89f36aee43da-LastBootFailedIoh 4b3082a3-80c6-4d7e-9cd0-583917265df1-WriteOnceStatus 378d7b65-8da9-4773-b6e4-a47826a833e2-RTC ec87d643-eba4-4bb5-a1e5-3f3e36b20da9-IntelSetup 01239999-fc0e-4b6e-9e79-d54d5db6cd20-ServerSetup 378d7b65-8da9-4773-b6e4-a47826a833e1-RTC 01368881-c4ad-4b1d-b631-d57a8ec8db6b-MonotonicCounter 4599d26f-1a11-49b8-b91f-858745cff824-StdDefaults ONIE:/ #

the command is working as expected, your uefi is not supporting secure boot feature, but even though the installation should not failed, so some issue exist.

if you can, basically, you can open you binary file with vi.
and search for the first line of the installation script
#!/bin/sh

and add in the next line the follow:
set -x
this basicly add debug print to the bash installation file .

ps: the binary file is big, so probably will take some time to open it and seach.
binary file, i mean this one
sonic-broadcom.bin

[gaggaman]

@davidpil2002

if you can, basically, you can open you binary file with vi. and search for the first line of the installation script #!/bin/sh

and add in the next line the follow: set -x this basicly add debug print to the bash installation file .

ps: the binary file is big, so probably will take some time to open it and seach. binary file, i mean this one sonic-broadcom.bin

vi seemed to tamper with the binary part, anyway I got it with a binary editor.

ONIE: Executing installer: tftp://10.58.60.155/sonic-broadcom.bin

• echo -n Verifying image checksum ...
  Verifying image checksum ...+ sed -e 1,/^exit_marker$/d /var/tmp/installer
• sha1sum
• awk { print $1 }
• sha1=3734c5fdb8034f9c8a8d3727cd244e623f933f80
• payload_sha1=3734c5fdb8034f9c8a8d3727cd244e623f933f80
• [ 3734c5fdb8034f9c8a8d3727cd244e623f933f80 != 3734c5fdb8034f9c8a8d3727cd244e623f933f80 ]
• echo OK.
  OK.
• sed -e 1,/^exit_marker$/d /var/tmp/installer
• tar --to-stdout -xf -
• wc -c
• image_size_in_kb=2461472
• pwd
• cur_wd=/
• export cur_wd
• realpath /var/tmp/installer
• archive_path=/var/tmp/installer
• mktemp -d
• tmp_dir=/tmp/tmp.UmzkhC
• id -u
• [ 0 = 0 ]
• mount -t tmpfs tmpfs-installer /tmp/tmp.UmzkhC
• df /tmp/tmp.UmzkhC
• tail -1
• tr -s
• cut -d -f4
• mount_size_in_kb=8156124
• padding=102400
• [ 8156124 -le 2563872 ]
• cd /tmp/tmp.UmzkhC
• echo -n Preparing image archive ...
  Preparing image archive ...+ sed -e 1,/^exit_marker$/d /var/tmp/installer
• tar xf -
• echo OK.
  OK.
• cd /
• [ -n ]
• /tmp/tmp.UmzkhC/installer/install.sh
  Installing SONiC in ONIE
  ONIE Installer: platform: x86_64-broadcom-r0
  onie_platform: x86_64-cel_silverstone_dp-r0
  The image you're trying to install is of a different ASIC type as the running platform's ASIC
  Do you still wish to install this image? [y/n]: y
  Force installing...
  deleting partition 3 ...
  Filesystem 1K-blocks Used Available Use% Mounted on
  Warning: The kernel is still using the old partition table.
  The new table will be used at the next reboot.
  The operation has completed successfully.
  Partition Update README.md #1 is in use.
  Partition Update README.md #2 is in use.
  Partition Update README.md #3 is available
  Creating new SONiC-OS partition /dev/sda3 ...
  Could not create partition 3 from 788480 to 67897343
  Unable to set partition 3's name to 'SONiC-OS'!
  Error encountered; not saving changes.
  Warning: The first trial of creating partition failed, trying the largest aligned available block of sectors on the disk
  Warning: The kernel is still using the old partition table.
  The new table will be used at the next reboot.
  The operation has completed successfully.
  mke2fs 1.42.13 (17-May-2015)
  Discarding device blocks: done
  Creating filesystem with 7718097 4k blocks and 1929536 inodes
  Filesystem UUID: 26bb2efe-07bf-40fd-b890-bf4318a9fd87
  Superblock backups stored on blocks:
  32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
  4096000

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

Installing SONiC to /tmp/tmp.H4sRv3/image-master-14589.252268-5ac59dc89
Archive: fs.zip
creating: boot/
inflating: boot/initrd.img-5.10.0-18-2-amd64
inflating: boot/System.map-5.10.0-18-2-amd64
inflating: boot/config-5.10.0-18-2-amd64
inflating: boot/vmlinuz-5.10.0-18-2-amd64
inflating: fs.squashfs
ONIE_IMAGE_PART_SIZE=32768
EXTRA_CMDLINE_LINUX=sonic_fips=1
Success: Support tarball created: /tmp/onie-support-cel_silverstone_dp.tar.bz2

• rc=1
• id -u
• [ 0 = 0 ]
• umount /tmp/tmp.UmzkhC
• rm -rf /tmp/tmp.UmzkhC
• exit 1
  Failure: Unable to install image: tftp://xx.xx.xx.xx/sonic-broadcom.bin

[davidpil2002]

Thanks for the info, I will get access to some setup on Sunday and do a deep debug.
for now, I can say that there is one error not related to my fix that can influence in the installation as well:
pls review this error:
The image you're trying to install is of a different ASIC type as the running platform's ASIC
Do you still wish to install this image? [y/n]: y
basicly its meaning that image do not support your setup.

In addition, if it's possible and you can add a debug print by modifying the binary,
if yes, pls add some echo print before and after this line:
reg_sb_guid=$(efivar -l | grep "SecureBoot")

[gaggaman]

pls review this error: The image you're trying to install is of a different ASIC type as the running platform's ASIC Do you still wish to install this image? [y/n]: y basicly its meaning that image do not support your setup.

The silverstone DP that I have is a broadcom machine. Does that error message mean that, although the chipset might be supported, the individual type of machine is not supported? Compatibility list says Sonic is compatible with cel silverstone, but there are at least two types of silverstone.

In addition, if it's possible and you can add a debug print by modifying the binary, if yes, pls add some echo print before and after this line: reg_sb_guid=$(efivar -l | grep "SecureBoot")

I sed-ed the set -x into the /tmp/.../install.sh script:

ONIE: Executing installer: tftp://xx.xx.xx.xx/sonic-broadcom.bin
+ echo -n Verifying image checksum ...
Verifying image checksum ...+ sed -e 1,/^exit_marker$/d /var/tmp/installer
+ sha1sum
+ awk { print $1 }
+ sha1=3734c5fdb8034f9c8a8d3727cd244e623f933f80
+ payload_sha1=3734c5fdb8034f9c8a8d3727cd244e623f933f80
+ [ 3734c5fdb8034f9c8a8d3727cd244e623f933f80 != 3734c5fdb8034f9c8a8d3727cd244e623f933f80 ]
+ echo  OK.
 OK.
+ sed -e 1,/^exit_marker$/d /var/tmp/installer
+ tar --to-stdout -xf -
+ wc -c
+ image_size_in_kb=2461472
+ pwd
+ cur_wd=/
+ export cur_wd
+ realpath /var/tmp/installer
+ archive_path=/var/tmp/installer
+ mktemp -d
+ tmp_dir=/tmp/tmp.IadSE3
+ id -u
+ [ 0 = 0 ]
+ mount -t tmpfs tmpfs-installer /tmp/tmp.IadSE3
+ df /tmp/tmp.IadSE3
+ tail -1
+ tr -s
+ cut -d  -f4
+ mount_size_in_kb=8156124
+ padding=102400
+ [ 8156124 -le 2563872 ]
+ cd /tmp/tmp.IadSE3
+ echo -n Preparing image archive ...
Preparing image archive ...+ sed -e 1,/^exit_marker$/d /var/tmp/installer
+ tar xf -
+ echo  OK.
 OK.
+ cd /
+ [ -n  ]
+ sed -i /^#!\/bin\/sh.*/a set -x /tmp/tmp.IadSE3/installer/install.sh
+ /tmp/tmp.IadSE3/installer/install.sh
+ _trap_push true
+ local next=true
+ echo true
+ sed -e s/'/'\\''/g
+ eval trap_push() {
        local oldcmd='true'
        local newcmd="$1; $oldcmd"
        trap -- "$newcmd" EXIT INT TERM HUP
        _trap_push "$newcmd"
    }
+ set -e
+ [ -d /etc/sonic ]
+ grep -Fxqs DISTRIB_ID=onie /etc/lsb-release
+ echo Installing SONiC in ONIE
Installing SONiC in ONIE
+ install_env=onie
+ dirname /tmp/tmp.IadSE3/installer/install.sh
+ cd /tmp/tmp.IadSE3/installer
+ [ -r ./machine.conf ]
+ read_conf_file ./machine.conf
+ local conf_file=./machine.conf
+ IFS== read -r var value
+ echo machine
+ tr -d \r\n
+ var=machine
+ echo broadcom
+ tr -d \r\n
+ value=broadcom
+ var=machine
+ value=broadcom
+ [ -z machine ]
+ tmp_val=broadcom
+ value=broadcom
+ eval machine="broadcom"
+ machine=broadcom
+ IFS== read -r var value
+ echo platform
+ tr -d \r\n
+ var=platform
+ echo x86_64-broadcom-r0
+ tr -d \r\n
+ value=x86_64-broadcom-r0
+ var=platform
+ value=x86_64-broadcom-r0
+ [ -z platform ]
+ tmp_val=x86_64-broadcom-r0
+ value=x86_64-broadcom-r0
+ eval platform="x86_64-broadcom-r0"
+ platform=x86_64-broadcom-r0
+ IFS== read -r var value
+ [ -n  ]
+ [ -r ./onie-image.conf ]
+ . ./onie-image.conf
+ : 32768
+ : x86_64
+ : generic
+ ONIEIMAGE_VERSION=r0
+ FILESYSTEM_ROOT=./fsroot-generic
+ FILESYSTEM_SQUASHFS=fs.squashfs
+ ONIE_INSTALLER_PAYLOAD=fs.zip
+ FILESYSTEM_DOCKERFS=dockerfs.tar.gz
+ DOCKERFS_DIR=docker
+ DOCKER_RAMFS_SIZE=1500M
+ OUTPUT_ONIE_IMAGE=target/sonic-generic.bin
+ OUTPUT_RAW_IMAGE=target/sonic-generic.raw
+ RAW_IMAGE_DISK_SIZE=4096
+ OUTPUT_KVM_IMAGE=target/sonic-generic.img
+ KVM_IMAGE_DISK_SIZE=16
+ OUTPUT_ABOOT_IMAGE=target/sonic-aboot-generic.swi
+ ABOOT_BOOT_IMAGE=.sonic-boot.swi
+ OUTPUT_KVM_4ASIC_IMAGE=target/sonic-4asic-generic.img
+ OUTPUT_KVM_6ASIC_IMAGE=target/sonic-6asic-generic.img
+ [ -r ./onie-image-*.conf ]
+ echo ONIE Installer: platform: x86_64-broadcom-r0
ONIE Installer: platform: x86_64-broadcom-r0
+ id -u
+ [ 0 -ne 0 ]
+ [ -r /etc/machine.conf ]
+ read_conf_file /etc/machine.conf
+ local conf_file=/etc/machine.conf
+ IFS== read -r var value
+ echo onie_version
+ tr -d \r\n
+ var=onie_version
+ echo 2018.11.0.0.2
+ tr -d \r\n
+ value=2018.11.0.0.2
+ var=onie_version
+ value=2018.11.0.0.2
+ [ -z onie_version ]
+ tmp_val=2018.11.0.0.2
+ value=2018.11.0.0.2
+ eval onie_version="2018.11.0.0.2"
+ onie_version=2018.11.0.0.2
+ IFS== read -r var value
+ echo onie_vendor_id
+ tr -d \r\n
+ var=onie_vendor_id
+ echo 12244
+ tr -d \r\n
+ value=12244
+ var=onie_vendor_id
+ value=12244
+ [ -z onie_vendor_id ]
+ tmp_val=12244
+ value=12244
+ eval onie_vendor_id="12244"
+ onie_vendor_id=12244
+ IFS== read -r var value
+ echo onie_build_machine
+ tr -d \r\n
+ var=onie_build_machine
+ echo cel_silverstone_dp
+ tr -d \r\n
+ value=cel_silverstone_dp
+ var=onie_build_machine
+ value=cel_silverstone_dp
+ [ -z onie_build_machine ]
+ tmp_val=cel_silverstone_dp
+ value=cel_silverstone_dp
+ eval onie_build_machine="cel_silverstone_dp"
+ onie_build_machine=cel_silverstone_dp
+ IFS== read -r var value
+ echo onie_machine_rev
+ tr -d \r\n
+ var=onie_machine_rev
+ echo 0
+ tr -d \r\n
+ value=0
+ var=onie_machine_rev
+ value=0
+ [ -z onie_machine_rev ]
+ tmp_val=0
+ value=0
+ eval onie_machine_rev="0"
+ onie_machine_rev=0
+ IFS== read -r var value
+ echo onie_arch
+ tr -d \r\n
+ var=onie_arch
+ echo x86_64
+ tr -d \r\n
+ value=x86_64
+ var=onie_arch
+ value=x86_64
+ [ -z onie_arch ]
+ tmp_val=x86_64
+ value=x86_64
+ eval onie_arch="x86_64"
+ onie_arch=x86_64
+ IFS== read -r var value
+ echo onie_build_platform
+ tr -d \r\n
+ var=onie_build_platform
+ echo x86_64-cel_silverstone_dp-r0
+ tr -d \r\n
+ value=x86_64-cel_silverstone_dp-r0
+ var=onie_build_platform
+ value=x86_64-cel_silverstone_dp-r0
+ [ -z onie_build_platform ]
+ tmp_val=x86_64-cel_silverstone_dp-r0
+ value=x86_64-cel_silverstone_dp-r0
+ eval onie_build_platform="x86_64-cel_silverstone_dp-r0"
+ onie_build_platform=x86_64-cel_silverstone_dp-r0
+ IFS== read -r var value
+ echo onie_config_version
+ tr -d \r\n
+ var=onie_config_version
+ echo 1
+ tr -d \r\n
+ value=1
+ var=onie_config_version
+ value=1
+ [ -z onie_config_version ]
+ tmp_val=1
+ value=1
+ eval onie_config_version="1"
+ onie_config_version=1
+ IFS== read -r var value
+ echo onie_build_date
+ tr -d \r\n
+ var=onie_build_date
+ echo "2019-07-25T14:43+07:00"
+ tr -d \r\n
+ value="2019-07-25T14:43+07:00"
+ var=onie_build_date
+ value="2019-07-25T14:43+07:00"
+ [ -z onie_build_date ]
+ tmp_val=2019-07-25T14:43+07:00"
+ value=2019-07-25T14:43+07:00
+ eval onie_build_date="2019-07-25T14:43+07:00"
+ onie_build_date=2019-07-25T14:43+07:00
+ IFS== read -r var value
+ echo onie_partition_type
+ tr -d \r\n
+ var=onie_partition_type
+ echo gpt
+ tr -d \r\n
+ value=gpt
+ var=onie_partition_type
+ value=gpt
+ [ -z onie_partition_type ]
+ tmp_val=gpt
+ value=gpt
+ eval onie_partition_type="gpt"
+ onie_partition_type=gpt
+ IFS== read -r var value
+ echo onie_kernel_version
+ tr -d \r\n
+ var=onie_kernel_version
+ echo 4.9.95
+ tr -d \r\n
+ value=4.9.95
+ var=onie_kernel_version
+ value=4.9.95
+ [ -z onie_kernel_version ]
+ tmp_val=4.9.95
+ value=4.9.95
+ eval onie_kernel_version="4.9.95"
+ onie_kernel_version=4.9.95
+ IFS== read -r var value
+ echo onie_firmware
+ tr -d \r\n
+ var=onie_firmware
+ echo auto
+ tr -d \r\n
+ value=auto
+ var=onie_firmware
+ value=auto
+ [ -z onie_firmware ]
+ tmp_val=auto
+ value=auto
+ eval onie_firmware="auto"
+ onie_firmware=auto
+ IFS== read -r var value
+ echo onie_switch_asic
+ tr -d \r\n
+ var=onie_switch_asic
+ echo bcm
+ tr -d \r\n
+ value=bcm
+ var=onie_switch_asic
+ value=bcm
+ [ -z onie_switch_asic ]
+ tmp_val=bcm
+ value=bcm
+ eval onie_switch_asic="bcm"
+ onie_switch_asic=bcm
+ IFS== read -r var value
+ echo onie_skip_ethmgmt_macs
+ tr -d \r\n
+ var=onie_skip_ethmgmt_macs
+ echo no
+ tr -d \r\n
+ value=no
+ var=onie_skip_ethmgmt_macs
+ value=no
+ [ -z onie_skip_ethmgmt_macs ]
+ tmp_val=no
+ value=no
+ eval onie_skip_ethmgmt_macs="no"
+ onie_skip_ethmgmt_macs=no
+ IFS== read -r var value
+ echo onie_grub_image_name
+ tr -d \r\n
+ var=onie_grub_image_name
+ echo grubx64.efi
+ tr -d \r\n
+ value=grubx64.efi
+ var=onie_grub_image_name
+ value=grubx64.efi
+ [ -z onie_grub_image_name ]
+ tmp_val=grubx64.efi
+ value=grubx64.efi
+ eval onie_grub_image_name="grubx64.efi"
+ onie_grub_image_name=grubx64.efi
+ IFS== read -r var value
+ echo onie_uefi_boot_loader
+ tr -d \r\n
+ var=onie_uefi_boot_loader
+ echo grubx64.efi
+ tr -d \r\n
+ value=grubx64.efi
+ var=onie_uefi_boot_loader
+ value=grubx64.efi
+ [ -z onie_uefi_boot_loader ]
+ tmp_val=grubx64.efi
+ value=grubx64.efi
+ eval onie_uefi_boot_loader="grubx64.efi"
+ onie_uefi_boot_loader=grubx64.efi
+ IFS== read -r var value
+ echo onie_uefi_arch
+ tr -d \r\n
+ var=onie_uefi_arch
+ echo x64
+ tr -d \r\n
+ value=x64
+ var=onie_uefi_arch
+ value=x64
+ [ -z onie_uefi_arch ]
+ tmp_val=x64
+ value=x64
+ eval onie_uefi_arch="x64"
+ onie_uefi_arch=x64
+ IFS== read -r var value
+ echo onie_machine
+ tr -d \r\n
+ var=onie_machine
+ echo cel_silverstone_dp
+ tr -d \r\n
+ value=cel_silverstone_dp
+ var=onie_machine
+ value=cel_silverstone_dp
+ [ -z onie_machine ]
+ tmp_val=cel_silverstone_dp
+ value=cel_silverstone_dp
+ eval onie_machine="cel_silverstone_dp"
+ onie_machine=cel_silverstone_dp
+ IFS== read -r var value
+ echo onie_platform
+ tr -d \r\n
+ var=onie_platform
+ echo x86_64-cel_silverstone_dp-r0
+ tr -d \r\n
+ value=x86_64-cel_silverstone_dp-r0
+ var=onie_platform
+ value=x86_64-cel_silverstone_dp-r0
+ [ -z onie_platform ]
+ tmp_val=x86_64-cel_silverstone_dp-r0
+ value=x86_64-cel_silverstone_dp-r0
+ eval onie_platform="x86_64-cel_silverstone_dp-r0"
+ onie_platform=x86_64-cel_silverstone_dp-r0
+ IFS== read -r var value
+ [ -n  ]
+ echo onie_platform: x86_64-cel_silverstone_dp-r0
onie_platform: x86_64-cel_silverstone_dp-r0
+ ONIE_PLATFORM_EXTRA_CMDLINE_LINUX=
+ VAR_LOG_SIZE=4096
+ [ -r platforms/x86_64-cel_silverstone_dp-r0 ]
+ [ onie = onie ]
+ grep -Fxq x86_64-cel_silverstone_dp-r0 platforms_asic
+ echo The image you're trying to install is of a different ASIC type as the running platform's ASIC
The image you're trying to install is of a different ASIC type as the running platform's ASIC
+ true
+ read -r -p Do you still wish to install this image? [y/n]:  input
Do you still wish to install this image? [y/n]: y
+ echo Force installing...
Force installing...
+ break
+ [ onie = onie ]
+ onie_bin=
+ onie_root_dir=/mnt/onie-boot/onie
+ onie_initrd_tmp=/
+ demo_type=OS
+ demo_part_size=32768
+ image_version=master-14589.252268-5ac59dc89
+ date -u +%Y%m%d
+ timestamp=20230414
+ demo_volume_label=SONiC-OS
+ demo_volume_revision_label=SONiC-OS-master-14589.252268-5ac59dc89
+ . ./default_platform.conf
+ [ -z  ]
+ cat /proc/cmdline
+ grep -Eo console=ttyS[0-9]+
+ cut -d = -f2
+ console_ttys=ttyS0
+ [ -z ttyS0 -o ttyS0 = ttyS0 ]
+ CONSOLE_PORT=0x3f8
+ CONSOLE_DEV=0
+ [ -z  ]
+ cat /proc/cmdline
+ grep -Eo console=ttyS[0-9]+,[0-9]+
+ cut -d , -f2
+ speed=115200
+ [ -z 115200 ]
+ CONSOLE_SPEED=115200
+ demo_part=
+ legacy_volume_label=ACS-OS
+ [ -r ./platform.conf ]
+ . ./platform.conf
+ image_dir=image-master-14589.252268-5ac59dc89
+ [ onie = onie ]
+ create_partition
+ [ onie != build ]
+ blkid
+ grep ONIE-BOOT
+ head -n 1
+ awk {print $1}
+ sed -e s/:.*$//
+ onie_dev=/dev/sda2
+ echo /dev/sda2
+ sed -e s/[1-9][0-9]*$//
+ sed -e s/\([0-9]\)\(p\)/\1/
+ blk_dev=/dev/sda
+ blk_suffix=
+ echo /dev/sda
+ grep -q nvme0
+ cat /proc/mounts
+ awk { if($2=="/") print $1 }
+ grep /dev/sda
+ true
+ cur_part=
+ [ -b /dev/sda ]
+ [ -d /sys/firmware/efi/efivars ]
+ firmware=uefi
+ [ onie = onie ]
+ onie-sysinfo -t
+ onie_partition_type=gpt
+ [ uefi = uefi ]
+ create_demo_uefi_partition /dev/sda
+ create_demo_gpt_partition /dev/sda
+ blk_dev=/dev/sda
+ mktemp -u
+ tmpfifo=/tmp/tmp.TCBn9s
+ trap_push rm /tmp/tmp.TCBn9s || true
+ local oldcmd=true
+ local newcmd=rm /tmp/tmp.TCBn9s || true; true
+ trap -- rm /tmp/tmp.TCBn9s || true; true EXIT INT TERM HUP
+ _trap_push rm /tmp/tmp.TCBn9s || true; true
+ local next=rm /tmp/tmp.TCBn9s || true; true
+ echo rm /tmp/tmp.TCBn9s || true; true
+ sed -e s/'/'\\''/g
+ eval trap_push() {
        local oldcmd='rm /tmp/tmp.TCBn9s || true; true'
        local newcmd="$1; $oldcmd"
        trap -- "$newcmd" EXIT INT TERM HUP
        _trap_push "$newcmd"
    }
+ mkfifo -m 600 /tmp/tmp.TCBn9s
+ sgdisk -p /dev/sda
+ grep -e SONiC-OS -e ACS-OS
+ awk {print $1}
+ demo_part=3
+ [ -n 3 ]
+ + readecho -r 3 part_index

+ [ /dev/sda3 =  ]
+ echo deleting partition 3 ...
deleting partition 3 ...
+ df /dev/sda3
Filesystem           1K-blocks      Used Available Use% Mounted on
+ sgdisk -d 3 /dev/sda
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
The operation has completed successfully.
+ partprobe
+ read -r part_index
+ sgdisk -p /dev/sda
+ awk {if ($1 > 0 && $1 <= 99999) print $1}
+ all_part=1
2
+ echo 1
2
+ tail -n 1
+ awk {print $1}
+ last_part=2
+ demo_part=1
+ + echoread 1
2 -r
 used_part
+ echo Partition #1 is in use.
Partition #1 is in use.
+ [ 1 -ne 1 ]
+ expr 1 + 1
+ demo_part=2
+ read -r used_part
+ echo Partition #2 is in use.
Partition #2 is in use.
+ [ 2 -ne 2 ]
+ expr 2 + 1
+ demo_part=3
+ read -r used_part
+ echo Partition #3 is available
Partition #3 is available
+ echo Creating new SONiC-OS partition /dev/sda3 ...
Creating new SONiC-OS partition /dev/sda3 ...
+ [ OS = DIAG ]
+ attr_bitmask=0x0
+ sgdisk --new=3::+32768MB --attributes=3:=:0x0 --change-name=3:SONiC-OS /dev/sda
Could not create partition 3 from 788480 to 67897343
Unable to set partition 3's name to 'SONiC-OS'!
Error encountered; not saving changes.
+ echo Warning: The first trial of creating partition failed, trying the largest aligned available block of sectors on the disk
Warning: The first trial of creating partition failed, trying the largest aligned available block of sectors on the disk
+ sgdisk -F /dev/sda
+ begin=788480
+ sgdisk -E /dev/sda
+ end=62533262
+ sgdisk --new=3:788480:62533262 --attributes=3:=:0x0 --change-name=3:SONiC-OS /dev/sda
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
The operation has completed successfully.
+ partprobe
+ efibootmgr
+ grep -e SONiC-OS -e ACS-OS
+ awk { print $1 }
+ mount_partition
+ echo /dev/sda
+ sed -e s/\(mmcblk[0-9]\)/\1p/
+ demo_dev=/dev/sda3
+ echo /dev/sda
+ grep -q nvme0
+ mkfs.ext4 -L SONiC-OS /dev/sda3
mke2fs 1.42.13 (17-May-2015)
Discarding device blocks: done
Creating filesystem with 7718097 4k blocks and 1929536 inodes
Filesystem UUID: 67fb9ca6-5bb9-4d76-88c8-aeb0c64a3c0b
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

+ mktemp -d
+ demo_mnt=/tmp/tmp.0Gwbvz
+ trap_push  fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true
+ local oldcmd=rm /tmp/tmp.TCBn9s || true; true
+ local newcmd= fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true
+ trap --  fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true EXIT INT TERM HUP
+ _trap_push  fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true
+ local next= fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true
+ echo  fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true
+ sed -e s/'/'\\''/g
+ eval trap_push() {
        local oldcmd=' fuser -km /tmp/tmp.0Gwbvz ||  umount /tmp/tmp.0Gwbvz ||  rmdir /tmp/tmp.0Gwbvz || true; rm /tmp/tmp.TCBn9s || true; true'
        local newcmd="$1; $oldcmd"
        trap -- "$newcmd" EXIT INT TERM HUP
        _trap_push "$newcmd"
    }
+ mount -t ext4 -o defaults,rw /dev/sda3 /tmp/tmp.0Gwbvz
+ echo Installing SONiC to /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89
Installing SONiC to /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89
+ [ -d /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89 ]
+ mkdir /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89
+ [ x = xon ]
+ unzip -o fs.zip -x dockerfs.tar.gz platform.tar.gz -d /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89
Archive:  fs.zip
   creating: boot/
  inflating: boot/initrd.img-5.10.0-18-2-amd64
  inflating: boot/System.map-5.10.0-18-2-amd64
  inflating: boot/config-5.10.0-18-2-amd64
  inflating: boot/vmlinuz-5.10.0-18-2-amd64
  inflating: fs.squashfs
+ [ onie = onie ]
+ TAR_EXTRA_OPTION=--numeric-owner
+ mkdir -p /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/docker
+ unzip -op fs.zip dockerfs.tar.gz
+ tar xz --numeric-owner -f - -C /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/docker
+ mkdir -p /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/platform
+ unzip -op fs.zip platform.tar.gz
+ tar xz --numeric-owner -f - -C /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/platform
+ [ onie = onie ]
+ [ -f /etc/machine-build.conf ]
+ set
+ grep ^onie
+ sed -e s/='/=/ -e s/'$//
+ echo ONIE_IMAGE_PART_SIZE=32768
ONIE_IMAGE_PART_SIZE=32768
+ extra_cmdline_linux=sonic_fips=1
+ echo EXTRA_CMDLINE_LINUX=sonic_fips=1
EXTRA_CMDLINE_LINUX=sonic_fips=1
+ bootloader_menu_config
+ [ onie = onie ]
+ rm -f //tmp/onie-support*.tar.bz2
+ onie-support /tmp
Success: Support tarball created: /tmp/onie-support-cel_silverstone_dp.tar.bz2
+ mv //tmp/onie-support-cel_silverstone_dp.tar.bz2 /tmp/tmp.0Gwbvz/image-master-14589.252268-5ac59dc89/
+ [ uefi = uefi ]
+ secure_boot_state=
+ reg_sb_guid=
+ ENABLED=1
+ efivar -l
+ grep SecureBoot
+ reg_sb_guid=
+ fuser -km /tmp/tmp.0Gwbvz
+ umount /tmp/tmp.0Gwbvz
+ rm /tmp/tmp.TCBn9s
+ true
+ rc=1
+ id -u
+ [ 0 = 0 ]
+ umount /tmp/tmp.IadSE3
+ rm -rf /tmp/tmp.IadSE3
+ exit 1
Failure: Unable to install image: tftp://xx.xx.xx.xx/sonic-broadcom.bin
ONIE:/ #

[davidpil2002]

thanks for the logs, I found the root cause, when grep command do not find a match is crashing the script.
I will provide a fix on Sunday/Monday

[davidpil2002]

The last commit fixed the last issue, it's doing the same logic as before, but with a code safer from bash errors.
Pls confirm if the PR fix the issue in your setups as well.
@gaggaman
@ITJamie
@luigitalboy

[davidpil2002]

/azpw run Azure.sonic-buildimage

[mssonicbld]

/AzurePipelines run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[gaggaman]

The last commit fixed the last issue, it's doing the same logic as before, but with a code safer from bash errors. Pls confirm if the PR fix the issue in your setups as well. @gaggaman @ITJamie @luigitalboy

Do you have an image for me? I don't have a build env yet.

[davidpil2002]

/azpw run Azure.sonic-buildimage

[mssonicbld]

/AzurePipelines run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[davidpil2002]

/azpw run Azure.sonic-buildimage

[mssonicbld]

/AzurePipelines run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[davidpil2002]

/azpw run Azure.sonic-buildimage

[mssonicbld]

/AzurePipelines run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[davidpil2002]

/azpw run Azure.sonic-buildimage

[mssonicbld]

/AzurePipelines run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[yejianquan]

This PR ‘appears’ failure because there’s a test job management upgradation,
#14958
Azure.sonic-buildimage (Test kvmtest-t0) is deprecated, so the retry won't update the result of it.
Both Azure.sonic-buildimage (Test kvmtest-t0 by TestbedV2) and Azure.sonic-buildimage (Test kvmtest-t0 by TestbedV2) passed, so the t0 test job is actually passed.

Ack: the PR test passed
PS: Stackholder can merge the PR as you want even though the merger button appears to be red.

[davidpil2002]

This PR ‘appears’ failure because there’s a test job management upgradation, #14958 Azure.sonic-buildimage (Test kvmtest-t0) is deprecated, so the retry won't update the result of it. Both Azure.sonic-buildimage (Test kvmtest-t0 by TestbedV2) and Azure.sonic-buildimage (Test kvmtest-t0 by TestbedV2) passed, so the t0 test job is actually passed.

Ack: the PR test passed PS: Stackholder can merge the PR as you want even though the merger button appears to be red.

Hi @yejianquan ,
@liat-grozovik (reviewer) cannot merge when there is a failure checker.
pls can you fix the failure checker?

[davidpil2002]

Hi @qiluo-msft ,

We are blocked with this merge due to a build issue, details are in the last comment (one before this one).
can you help?

[DavidZagury]

@dprital can you add request to 202211 to this PR?

[krismarvell]

Can we pls backport this PR to 202211 ?

[krismarvell]

@qiluo-msft, I see the request to backport to 202211 is already there. Can you pls help merge to 202211 ?