From ab713dcfb6e2e154be02addecf4634b987908fc2 Mon Sep 17 00:00:00 2001 From: judyjoseph <53951155+judyjoseph@users.noreply.github.com> Date: Tue, 8 Nov 2022 11:03:38 -0800 Subject: [PATCH] Use the macsec_enabled flag in platform to enable macsec feature state (#11998) * Use the macsec_enabled flag in platform to enable macesc feature state * Add macsec supported metadata in DEVICE_RUNTIME_METADATA --- .../platform_env.conf | 1 + .../platform_env.conf | 1 + files/build_templates/init_cfg.json.j2 | 2 +- .../sonic_py_common/device_info.py | 23 +++++++++++++++++++ 4 files changed, 26 insertions(+), 1 deletion(-) diff --git a/device/arista/x86_64-arista_7800r3a_36d2_lc/platform_env.conf b/device/arista/x86_64-arista_7800r3a_36d2_lc/platform_env.conf index 558fb7393f..0f19ad3cad 100644 --- a/device/arista/x86_64-arista_7800r3a_36d2_lc/platform_env.conf +++ b/device/arista/x86_64-arista_7800r3a_36d2_lc/platform_env.conf @@ -1,2 +1,3 @@ usemsi=1 dmasize=64M +macsec_enabled=1 diff --git a/device/nokia/x86_64-nokia_ixr7250e_36x400g-r0/platform_env.conf b/device/nokia/x86_64-nokia_ixr7250e_36x400g-r0/platform_env.conf index 45697fe72f..15a060d467 100644 --- a/device/nokia/x86_64-nokia_ixr7250e_36x400g-r0/platform_env.conf +++ b/device/nokia/x86_64-nokia_ixr7250e_36x400g-r0/platform_env.conf @@ -1,3 +1,4 @@ usemsi=1 dmasize=512M default_mtu=9100 +macsec_enabled=1 diff --git a/files/build_templates/init_cfg.json.j2 b/files/build_templates/init_cfg.json.j2 index 7de0ad9778..f94a561cb8 100644 --- a/files/build_templates/init_cfg.json.j2 +++ b/files/build_templates/init_cfg.json.j2 @@ -51,7 +51,7 @@ {%- if include_p4rt == "y" %}{% do features.append(("p4rt", "enabled", false, "enabled")) %}{% endif %} {%- if include_restapi == "y" %}{% do features.append(("restapi", "enabled", false, "enabled")) %}{% endif %} {%- if include_sflow == "y" %}{% do features.append(("sflow", "disabled", false, "enabled")) %}{% endif %} -{%- if include_macsec == "y" %}{% do features.append(("macsec", "disabled", false, "enabled")) %}{% endif %} +{%- if include_macsec == "y" %}{% do features.append(("macsec", "{% if 'type' in DEVICE_METADATA['localhost'] and DEVICE_METADATA['localhost']['type'] == 'SpineRouter' and DEVICE_RUNTIME_METADATA['MACSEC_SUPPORTED'] %}enabled{% else %}disabled{% endif %}", false, "enabled")) %}{% endif %} {%- if include_system_telemetry == "y" %}{% do features.append(("telemetry", "enabled", true, "enabled")) %}{% endif %} "FEATURE": { {# has_timer field if set, will start the feature systemd .timer unit instead of .service unit #} diff --git a/src/sonic-py-common/sonic_py_common/device_info.py b/src/sonic-py-common/sonic_py_common/device_info.py index f8c892bb9e..aadef81a5e 100644 --- a/src/sonic-py-common/sonic_py_common/device_info.py +++ b/src/sonic-py-common/sonic_py_common/device_info.py @@ -470,6 +470,27 @@ def is_supervisor(): return True return False +# Check if this platform has macsec capability. +def is_macsec_supported(): + supported = 0 + platform_env_conf_file_path = get_platform_env_conf_file_path() + + # platform_env.conf file not present for platform + if platform_env_conf_file_path is None: + return supported + + # Else open the file check for keyword - macsec_enabled - + with open(platform_env_conf_file_path) as platform_env_conf_file: + for line in platform_env_conf_file: + tokens = line.split('=') + if len(tokens) < 2: + continue + if tokens[0].lower() == 'macsec_enabled': + supported = tokens[1].strip() + break + return int(supported) + + def get_device_runtime_metadata(): chassis_metadata = {} if is_chassis(): @@ -477,9 +498,11 @@ def get_device_runtime_metadata(): 'chassis_type': 'voq' if is_voq_chassis() else 'packet'}} port_metadata = {'ETHERNET_PORTS_PRESENT': True if get_path_to_port_config_file(hwsku=None, asic="0" if is_multi_npu() else None) else False} + macsec_support_metadata = {'MACSEC_SUPPORTED': True if is_macsec_supported() else False} runtime_metadata = {} runtime_metadata.update(chassis_metadata) runtime_metadata.update(port_metadata) + runtime_metadata.update(macsec_support_metadata) return {'DEVICE_RUNTIME_METADATA': runtime_metadata } def get_npu_id_from_name(npu_name):