From c259c996b4767d4ab4f040b1448869fabbc6bc50 Mon Sep 17 00:00:00 2001 From: judyjoseph <53951155+judyjoseph@users.noreply.github.com> Date: Tue, 8 Nov 2022 11:03:38 -0800 Subject: [PATCH] Use the macsec_enabled flag in platform to enable macsec feature state (#11998) * Use the macsec_enabled flag in platform to enable macesc feature state * Add macsec supported metadata in DEVICE_RUNTIME_METADATA --- .../platform_env.conf | 1 + .../platform_env.conf | 1 + files/build_templates/init_cfg.json.j2 | 2 +- .../sonic_py_common/device_info.py | 23 +++++++++++++++++++ 4 files changed, 26 insertions(+), 1 deletion(-) diff --git a/device/arista/x86_64-arista_7800r3a_36d2_lc/platform_env.conf b/device/arista/x86_64-arista_7800r3a_36d2_lc/platform_env.conf index 558fb7393f62..0f19ad3cadb6 100644 --- a/device/arista/x86_64-arista_7800r3a_36d2_lc/platform_env.conf +++ b/device/arista/x86_64-arista_7800r3a_36d2_lc/platform_env.conf @@ -1,2 +1,3 @@ usemsi=1 dmasize=64M +macsec_enabled=1 diff --git a/device/nokia/x86_64-nokia_ixr7250e_36x400g-r0/platform_env.conf b/device/nokia/x86_64-nokia_ixr7250e_36x400g-r0/platform_env.conf index 45697fe72fc1..15a060d467b1 100644 --- a/device/nokia/x86_64-nokia_ixr7250e_36x400g-r0/platform_env.conf +++ b/device/nokia/x86_64-nokia_ixr7250e_36x400g-r0/platform_env.conf @@ -1,3 +1,4 @@ usemsi=1 dmasize=512M default_mtu=9100 +macsec_enabled=1 diff --git a/files/build_templates/init_cfg.json.j2 b/files/build_templates/init_cfg.json.j2 index 3f0465be15ef..8342b4178d37 100644 --- a/files/build_templates/init_cfg.json.j2 +++ b/files/build_templates/init_cfg.json.j2 @@ -52,7 +52,7 @@ {%- if include_p4rt == "y" %}{% do features.append(("p4rt", "disabled", false, "enabled")) %}{% endif %} {%- if include_restapi == "y" %}{% do features.append(("restapi", "enabled", false, "enabled")) %}{% endif %} {%- if include_sflow == "y" %}{% do features.append(("sflow", "disabled", false, "enabled")) %}{% endif %} -{%- if include_macsec == "y" %}{% do features.append(("macsec", "disabled", false, "enabled")) %}{% endif %} +{%- if include_macsec == "y" %}{% do features.append(("macsec", "{% if 'type' in DEVICE_METADATA['localhost'] and DEVICE_METADATA['localhost']['type'] == 'SpineRouter' and DEVICE_RUNTIME_METADATA['MACSEC_SUPPORTED'] %}enabled{% else %}disabled{% endif %}", false, "enabled")) %}{% endif %} {%- if include_system_telemetry == "y" %}{% do features.append(("telemetry", "enabled", true, "enabled")) %}{% endif %} "FEATURE": { {# has_timer field if set, will start the feature systemd .timer unit instead of .service unit #} diff --git a/src/sonic-py-common/sonic_py_common/device_info.py b/src/sonic-py-common/sonic_py_common/device_info.py index 3e14979fe4d6..48a7e76e2f81 100644 --- a/src/sonic-py-common/sonic_py_common/device_info.py +++ b/src/sonic-py-common/sonic_py_common/device_info.py @@ -469,6 +469,27 @@ def is_supervisor(): return True return False +# Check if this platform has macsec capability. +def is_macsec_supported(): + supported = 0 + platform_env_conf_file_path = get_platform_env_conf_file_path() + + # platform_env.conf file not present for platform + if platform_env_conf_file_path is None: + return supported + + # Else open the file check for keyword - macsec_enabled - + with open(platform_env_conf_file_path) as platform_env_conf_file: + for line in platform_env_conf_file: + tokens = line.split('=') + if len(tokens) < 2: + continue + if tokens[0].lower() == 'macsec_enabled': + supported = tokens[1].strip() + break + return int(supported) + + def get_device_runtime_metadata(): chassis_metadata = {} if is_chassis(): @@ -476,9 +497,11 @@ def get_device_runtime_metadata(): 'chassis_type': 'voq' if is_voq_chassis() else 'packet'}} port_metadata = {'ETHERNET_PORTS_PRESENT': True if get_path_to_port_config_file(hwsku=None, asic="0" if is_multi_npu() else None) else False} + macsec_support_metadata = {'MACSEC_SUPPORTED': True if is_macsec_supported() else False} runtime_metadata = {} runtime_metadata.update(chassis_metadata) runtime_metadata.update(port_metadata) + runtime_metadata.update(macsec_support_metadata) return {'DEVICE_RUNTIME_METADATA': runtime_metadata } def get_npu_id_from_name(npu_name):