Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Capability query for MACSEC ACL attribute #3135

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

smvmarvell
Copy link

What I did
-Modified the MACsec orchestration logic to conditionally include or exclude the ability to match the SCI in ACL configurations based on the ASIC's capabilities.
-Implemented a capability check in SONiC to determine whether the SAI_ACL_TABLE_ATTR_FIELD_MACSEC_SCI attribute is supported by the ASIC, thus ensuring that neither SAI_ACL_TABLE_ATTR_FIELD_MACSEC_SCI nor SAI_ACL_ENTRY_ATTR_FIELD_MACSEC_SCI is used when unsupported.

Why I did it

  • The current implementation attempts to use the SAI_ACL_ENTRY_ATTR_FIELD_MACSEC_SCI attribute even when it's not supported by the underlying ASIC or driver, causing failures in the vendor's SAI/SDK code.
  • The capability check prevents these errors, ensuring compatibility with different hardware.

How I verified it

  • Compiled the code successfully without errors.
  • Conducted manual tests on Marvell platforms without support for the SAI_ACL_TABLE_ATTR_FIELD_MACSEC_SCI attribute to validate the conditional logic.

Details if related
Fixes the issue raised in #3134

Copy link

linux-foundation-easycla bot commented May 7, 2024

CLA Signed

The committers listed above are authorized under a signed CLA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant