From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id B22F6A0548; Tue, 17 Aug 2021 15:43:44 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7A39E411BA; Tue, 17 Aug 2021 15:43:43 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 6D4AB411A8 for ; Tue, 17 Aug 2021 15:43:41 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.0.43) with SMTP id 17H2lbqK006738; Tue, 17 Aug 2021 06:43:40 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=U0FYp4Dqo4EuNC69WRlmbxbNsUgBuUE578gapZmbKxg=; b=dsudmcn4yP8OyNAxiRbEuhG4K5kJ2Iu4QyoDaljYZsjmKMZWE/8Dsmeo1nv7Oa2R2aaB dXUEhjFUhy9bdd/1Q2iXJ1nAJOEI7iTBHZfVlxoycfaEbX3cQWTWH1xBXIyvV4X9s4eI Q1b101SKyWJEEtDHqxKzIEF/57YYT1+FTeFPiGoPNg7HmpfMgrPguSVZK6kHn4NXBECN IC5CDbs04X/nbGmhHHjFp4Lq6yAH1JuNCOAabKXAWQ5CapCFqZz/VLY7BI2wJ45LfaxO sIbrQqSZQGtp8j5jIuG/InJgao3FR25CbgeZWHkVVHGFTBqAD2RLjIMnO+kdrMUOVwD+ 4A== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com with ESMTP id 3ag4n0tajc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 17 Aug 2021 06:43:40 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Tue, 17 Aug 2021 06:43:39 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Tue, 17 Aug 2021 06:43:39 -0700 Received: from HY-LT1002.marvell.com (unknown [10.193.70.144]) by maili.marvell.com (Postfix) with ESMTP id 4424B3F7045; Tue, 17 Aug 2021 06:43:33 -0700 (PDT) From: Anoob Joseph To: Akhil Goyal , Declan Doherty , Fan Zhang , "Konstantin Ananyev" CC: Anoob Joseph , Jerin Jacob , Archana Muniganti , Tejasree Kondoj , Hemant Agrawal , "Radu Nicolau" , Ciara Power , Date: Tue, 17 Aug 2021 19:12:47 +0530 Message-ID: <1629207767-262-6-git-send-email-anoobj@marvell.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1629207767-262-1-git-send-email-anoobj@marvell.com> References: <1629207767-262-1-git-send-email-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: C6FdpXtCKpQEx8xxzMHiaJVFFAVbkpTW X-Proofpoint-ORIG-GUID: C6FdpXtCKpQEx8xxzMHiaJVFFAVbkpTW X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-08-17_04,2021-08-17_02,2020-04-07_01 Subject: [dpdk-dev] [PATCH 5/5] test/crypto: add packets hard expiry tests X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add tests to validate packets hard expiry handling. Signed-off-by: Anoob Joseph --- app/test/test_cryptodev.c | 19 ++++++++++++++++++- app/test/test_cryptodev_security_ipsec.c | 22 +++++++++++++++++++--- app/test/test_cryptodev_security_ipsec.h | 1 + 3 files changed, 38 insertions(+), 4 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 2baa569..a7374bf 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -9065,7 +9065,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags) int ret; if (flags->iv_gen || - flags->sa_expiry_pkts_soft) + flags->sa_expiry_pkts_soft || + flags->sa_expiry_pkts_hard) nb_pkts = IPSEC_TEST_PACKETS_MAX; for (i = 0; i < RTE_DIM(aead_list); i++) { @@ -9142,6 +9143,18 @@ test_ipsec_proto_sa_exp_pkts_soft(const void *data __rte_unused) } static int +test_ipsec_proto_sa_exp_pkts_hard(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.sa_expiry_pkts_hard = true; + + return test_ipsec_proto_all(&flags); +} + +static int test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused) { struct ipsec_test_flags flags; @@ -14084,6 +14097,10 @@ static struct unit_test_suite ipsec_proto_testsuite = { ut_setup_security, ut_teardown, test_ipsec_proto_sa_exp_pkts_soft), TEST_CASE_NAMED_ST( + "SA expiry packets hard", + ut_setup_security, ut_teardown, + test_ipsec_proto_sa_exp_pkts_hard), + TEST_CASE_NAMED_ST( "Negative test: ICV corruption", ut_setup_security, ut_teardown, test_ipsec_proto_err_icv_corrupt), diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c index 9eb610c..efb4c7e 100644 --- a/app/test/test_cryptodev_security_ipsec.c +++ b/app/test/test_cryptodev_security_ipsec.c @@ -199,6 +199,10 @@ test_ipsec_td_update(struct ipsec_test_data td_inb[], td_inb[i].input_text.data[icv_pos] += 1; } + if (flags->sa_expiry_pkts_hard) + td_inb[i].ipsec_xform.life.packets_hard_limit = + IPSEC_TEST_PACKETS_MAX - 1; + /* Clear outbound specific flags */ td_inb[i].ipsec_xform.options.iv_gen_disable = 0; } @@ -281,9 +285,10 @@ test_ipsec_td_verify(struct rte_mbuf *m, const struct ipsec_test_data *td, uint8_t *output_text = rte_pktmbuf_mtod(m, uint8_t *); uint32_t skip, len = rte_pktmbuf_pkt_len(m); - /* For negative tests, no need to do verification */ - if (flags->icv_corrupt && - td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) + /* For tests with status as error for test success, skip verification */ + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && + (flags->icv_corrupt || + flags->sa_expiry_pkts_hard)) return TEST_SUCCESS; if (len != td->output_text.len) { @@ -376,6 +381,17 @@ test_ipsec_status_check(struct rte_crypto_op *op, { int ret = TEST_SUCCESS; + if (dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && + flags->sa_expiry_pkts_hard && + pkt_num == IPSEC_TEST_PACKETS_MAX) { + if (op->status != RTE_CRYPTO_OP_STATUS_ERROR) { + printf("SA hard expiry (pkts) test failed\n"); + return TEST_FAILED; + } else { + return TEST_SUCCESS; + } + } + if (dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && flags->icv_corrupt) { if (op->status != RTE_CRYPTO_OP_STATUS_ERROR) { printf("ICV corruption test case failed\n"); diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index 921c58d..2d3dd59 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -50,6 +50,7 @@ struct ipsec_test_data { struct ipsec_test_flags { bool display_alg; bool sa_expiry_pkts_soft; + bool sa_expiry_pkts_hard; bool icv_corrupt; bool iv_gen; }; -- 2.7.4