MACsec: Add option to always include ICV Indicator

MACsec: Add option to always include ICV Indicator

Some older MACsec switches incorrectly require ICV Indicator to be
present even when ICV has default length (Cisco C3560CX). To allow
communication with such devices option include-icv-indicator was added
to always include ICV Indicator.

Similar option is found in configuration of some other switches:

Cisco:
include-icv-indicator - this parameter configures inclusion of the
optional ICV Indicator as part of the transmitted MACsec Key Agreement
PDU (MKPDU). This configuration is necessary for MACsec to interoperate
with routers that run software prior to IOS XR version 6.1.3. This
configuration is also important in a service provider WAN setup where
MACsec interoperates with other vendor MACsec implementations that
expect ICV indicator to be present in the MKPDU.

fortiswitch:
include-mka-icv-ind: The MACsec Key Agreement (MKA) integrity check
value (ICV) indicator is always included. (enabled by default)

Signed-off-by: Petr Martínek <petr.martinek at elvac.eu>