kernel: kmod-macsec module for 4.9

MACsec/IEEE 802.1AE is useful to secure communication to and from endpoints at Layer 2. Starting with 4.6, the linux kernel provides a universal macsec driver for authentication and encryption of traffic in a LAN, typically with GCM-AES-128, and optional replay protection. http://standards.ieee.org/getieee802/download/802.1AE-2006.pdf Note: LEDE can utilize MACsec with a static connectivity association key (static PSK) with the ip-full package installed. <http://man7.org/linux/man-pages/man8/ip-macsec.8.html> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
7 years ago · 81e28be824
parent e4b6900fd6
commit 81e28be824
1 changed files with 15 additions and 0 deletions
--- a/package/kernel/linux/modules/netsupport.mk
+++ b/package/kernel/linux/modules/netsupport.mk
@ -1009,3 +1009,18 @@ define KernelPackage/mdio/description
 endef

 $(eval $(call KernelPackage,mdio))
+
+define KernelPackage/macsec
+  SUBMENU:=$(NETWORK_SUPPORT_MENU)
+  TITLE:=IEEE 802.1AE MAC-level encryption (MAC)
+  DEPENDS:=+kmod-crypto-gcm @!LINUX_3_18 @!LINUX_4_1 @!LINUX_4_4
+  KCONFIG:=CONFIG_MACSEC
+  FILES:=$(LINUX_DIR)/drivers/net/macsec.ko
+  AUTOLOAD:=$(call AutoLoad,13,macsec)
+endef
+
+define KernelPackage/macsec/description
+ MACsec is an encryption standard for Ethernet.
+endef
+
+$(eval $(call KernelPackage,macsec))