[vslib] MACsec interface creation fails when send_sci=false #1667
Description
Bug Description
MACsec interface creation commands fails on VM/VS with send_sci=false and SCI combination.
admin@VM:~$ sudo ip link add link "eth0" name "macsec_eth1" type macsec sci 226b54b065000001 encrypt on send_sci off cipher GCM-AES-128
RTNETLINK answers: Invalid argument
Steps to Reproduce
Configure MACsec with send_sci=false
Expected Behavior
MACsec interface should be created successfully regardless of send_sci setting.
Root Cause
The current implementation always includes SCI and send_sci parameters in ip link add command.
Linux kernel rejects SCI with send_sci=false combination with invalid argument error drivers/net/macsec.c.
Code Location
sonic-sairedis/vslib/MACsecManager.cpp - create_macsec_egress_sc() function
Proposed Fix
Implement two-step approach:
- Create interface with send_sci=on to set SCI.
- Switch to send_sci=off if required.
Impact
Blocks MACsec deployment in scenarios requiring SCI transmission disabled
Affects VM/VS testing environments