From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 675B0A0032; Tue, 28 Sep 2021 12:09:18 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 9FB43410FE; Tue, 28 Sep 2021 12:09:04 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 9F18C410D7 for ; Tue, 28 Sep 2021 12:08:57 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18SA6Csd002655; Tue, 28 Sep 2021 03:08:57 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=gJ8//O5y2ygAxM/MryI/IwlzlF+8MkMg0JRqyDsqJKY=; b=JAM3JRs7QSs1dbhzcWrzOj6uRHRRMG/MYYQ8Yh3qufBqGFjFg/EAkS8irtQcaEW5JwJl JOn7BZQJba8uCk56WhCJOBFhxEh/QcqNrbHNKxCktwycgVy9BJC2neYMFFt2r/VUyoVn d+VdY4KfoUWBUXo8ubMY7DccpDAX2R4KjkD95Ywz18Kn+LGhc2TQtiWaXxi4cHYxjo2o LNqFDjt16RJYSfDkRih89fUVvnq9OHzbk+uZBOr/jWXmXUXqtDAI0xHGXpMVFVglvchQ YEfIw2QPT9EtQyrDyFnqNgXX0WjbJ5keVlUXKrYNUl7Q/TvscVcCwJju10OLKkjZtESE Pw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com with ESMTP id 3bbdmjv9x8-15 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 28 Sep 2021 03:08:56 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Tue, 28 Sep 2021 03:08:35 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Tue, 28 Sep 2021 03:08:35 -0700 Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218]) by maili.marvell.com (Postfix) with ESMTP id 3303D3F707D; Tue, 28 Sep 2021 03:08:30 -0700 (PDT) From: Anoob Joseph To: Akhil Goyal , Declan Doherty , Fan Zhang , "Konstantin Ananyev" CC: Anoob Joseph , Jerin Jacob , Archana Muniganti , Tejasree Kondoj , Hemant Agrawal , "Radu Nicolau" , Ciara Power , Gagandeep Singh , Date: Tue, 28 Sep 2021 15:37:40 +0530 Message-ID: <1632823662-384-6-git-send-email-anoobj@marvell.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1632823662-384-1-git-send-email-anoobj@marvell.com> References: <1631032372-275-1-git-send-email-anoobj@marvell.com> <1632823662-384-1-git-send-email-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: 94I6TM9uORrThZ9981lQVCe5hCQryoMd X-Proofpoint-ORIG-GUID: 94I6TM9uORrThZ9981lQVCe5hCQryoMd X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-28_05,2021-09-28_01,2020-04-07_01 Subject: [dpdk-dev] [PATCH v3 5/6] test/crypto: add packets hard expiry tests X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add tests to validate packets hard expiry handling. Signed-off-by: Anoob Joseph --- app/test/test_cryptodev.c | 19 ++++++++++++++++++- app/test/test_cryptodev_security_ipsec.c | 22 +++++++++++++++++++--- app/test/test_cryptodev_security_ipsec.h | 1 + 3 files changed, 38 insertions(+), 4 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 1befbeb..34b55a9 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -9116,7 +9116,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags) int ret; if (flags->iv_gen || - flags->sa_expiry_pkts_soft) + flags->sa_expiry_pkts_soft || + flags->sa_expiry_pkts_hard) nb_pkts = IPSEC_TEST_PACKETS_MAX; for (i = 0; i < RTE_DIM(aead_list); i++) { @@ -9193,6 +9194,18 @@ test_ipsec_proto_sa_exp_pkts_soft(const void *data __rte_unused) } static int +test_ipsec_proto_sa_exp_pkts_hard(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.sa_expiry_pkts_hard = true; + + return test_ipsec_proto_all(&flags); +} + +static int test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused) { struct ipsec_test_flags flags; @@ -14153,6 +14166,10 @@ static struct unit_test_suite ipsec_proto_testsuite = { ut_setup_security, ut_teardown, test_ipsec_proto_sa_exp_pkts_soft), TEST_CASE_NAMED_ST( + "SA expiry packets hard", + ut_setup_security, ut_teardown, + test_ipsec_proto_sa_exp_pkts_hard), + TEST_CASE_NAMED_ST( "Negative test: ICV corruption", ut_setup_security, ut_teardown, test_ipsec_proto_err_icv_corrupt), diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c index 56a44b5..046536c 100644 --- a/app/test/test_cryptodev_security_ipsec.c +++ b/app/test/test_cryptodev_security_ipsec.c @@ -200,6 +200,10 @@ test_ipsec_td_update(struct ipsec_test_data td_inb[], td_inb[i].input_text.data[icv_pos] += 1; } + if (flags->sa_expiry_pkts_hard) + td_inb[i].ipsec_xform.life.packets_hard_limit = + IPSEC_TEST_PACKETS_MAX - 1; + if (flags->udp_encap) td_inb[i].ipsec_xform.options.udp_encap = 1; @@ -285,9 +289,10 @@ test_ipsec_td_verify(struct rte_mbuf *m, const struct ipsec_test_data *td, uint8_t *output_text = rte_pktmbuf_mtod(m, uint8_t *); uint32_t skip, len = rte_pktmbuf_pkt_len(m); - /* For negative tests, no need to do verification */ - if (flags->icv_corrupt && - td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) + /* For tests with status as error for test success, skip verification */ + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && + (flags->icv_corrupt || + flags->sa_expiry_pkts_hard)) return TEST_SUCCESS; if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS && @@ -404,6 +409,17 @@ test_ipsec_status_check(struct rte_crypto_op *op, { int ret = TEST_SUCCESS; + if (dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && + flags->sa_expiry_pkts_hard && + pkt_num == IPSEC_TEST_PACKETS_MAX) { + if (op->status != RTE_CRYPTO_OP_STATUS_ERROR) { + printf("SA hard expiry (pkts) test failed\n"); + return TEST_FAILED; + } else { + return TEST_SUCCESS; + } + } + if (dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && flags->icv_corrupt) { if (op->status != RTE_CRYPTO_OP_STATUS_ERROR) { printf("ICV corruption test case failed\n"); diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index eed3476..18f3c64 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -50,6 +50,7 @@ struct ipsec_test_data { struct ipsec_test_flags { bool display_alg; bool sa_expiry_pkts_soft; + bool sa_expiry_pkts_hard; bool icv_corrupt; bool iv_gen; bool udp_encap; -- 2.7.4