DPDK patches and discussions
 help / color / mirror / Atom feed
From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
Cc: <thomas@monjalon.net>, <david.marchand@redhat.com>,
	<hemant.agrawal@nxp.com>, <anoobj@marvell.com>,
	<konstantin.ananyev@intel.com>, <ciara.power@intel.com>,
	<ferruh.yigit@intel.com>, <andrew.rybchenko@oktetlabs.ru>,
	<ndabilpuram@marvell.com>, <vattunuru@marvell.com>,
	Akhil Goyal <gakhil@marvell.com>
Subject: [PATCH v4 01/10] app/test: add unit cases for inline IPsec offload
Date: Sun, 17 Apr 2022 00:55:21 +0530	[thread overview]
Message-ID: <20220416192530.173895-2-gakhil@marvell.com> (raw)
In-Reply-To: <20220416192530.173895-1-gakhil@marvell.com>

A new test suite is added in test app to test inline IPsec protocol
offload. In this patch, predefined vectors from Lookaside IPsec test
are used to verify the IPsec functionality without the need of
external traffic generators. The sent packet is loopbacked onto the same
interface which is received and matched with the expected output.
The test suite can be updated further with other functional test cases.
In this patch encap only cases are added.
The testsuite can be run using:
RTE> inline_ipsec_autotest

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
---
 MAINTAINERS                                   |   2 +-
 app/test/meson.build                          |   1 +
 app/test/test_security_inline_proto.c         | 881 ++++++++++++++++++
 app/test/test_security_inline_proto_vectors.h |  20 +
 4 files changed, 903 insertions(+), 1 deletion(-)
 create mode 100644 app/test/test_security_inline_proto.c
 create mode 100644 app/test/test_security_inline_proto_vectors.h

diff --git a/MAINTAINERS b/MAINTAINERS
index 15008c03bc..89affa08ff 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -440,7 +440,7 @@ M: Akhil Goyal <gakhil@marvell.com>
 T: git://dpdk.org/next/dpdk-next-crypto
 F: lib/security/
 F: doc/guides/prog_guide/rte_security.rst
-F: app/test/test_security.c
+F: app/test/test_security*
 
 Compression API - EXPERIMENTAL
 M: Fan Zhang <roy.fan.zhang@intel.com>
diff --git a/app/test/meson.build b/app/test/meson.build
index 5fc1dd1b7b..39952c6c4f 100644
--- a/app/test/meson.build
+++ b/app/test/meson.build
@@ -125,6 +125,7 @@ test_sources = files(
         'test_rwlock.c',
         'test_sched.c',
         'test_security.c',
+        'test_security_inline_proto.c',
         'test_service_cores.c',
         'test_spinlock.c',
         'test_stack.c',
diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c
new file mode 100644
index 0000000000..aeb5a57aca
--- /dev/null
+++ b/app/test/test_security_inline_proto.c
@@ -0,0 +1,881 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2022 Marvell.
+ */
+
+
+#include <stdio.h>
+#include <inttypes.h>
+
+#include <rte_ethdev.h>
+#include <rte_malloc.h>
+#include <rte_security.h>
+
+#include "test.h"
+#include "test_security_inline_proto_vectors.h"
+
+#ifdef RTE_EXEC_ENV_WINDOWS
+static int
+test_inline_ipsec(void)
+{
+	printf("Inline ipsec not supported on Windows, skipping test\n");
+	return TEST_SKIPPED;
+}
+
+#else
+
+#define NB_ETHPORTS_USED		1
+#define MEMPOOL_CACHE_SIZE		32
+#define MAX_PKT_BURST			32
+#define RTE_TEST_RX_DESC_DEFAULT	1024
+#define RTE_TEST_TX_DESC_DEFAULT	1024
+#define RTE_PORT_ALL		(~(uint16_t)0x0)
+
+#define RX_PTHRESH 8 /**< Default values of RX prefetch threshold reg. */
+#define RX_HTHRESH 8 /**< Default values of RX host threshold reg. */
+#define RX_WTHRESH 0 /**< Default values of RX write-back threshold reg. */
+
+#define TX_PTHRESH 32 /**< Default values of TX prefetch threshold reg. */
+#define TX_HTHRESH 0  /**< Default values of TX host threshold reg. */
+#define TX_WTHRESH 0  /**< Default values of TX write-back threshold reg. */
+
+#define MAX_TRAFFIC_BURST		2048
+#define NB_MBUF				10240
+
+extern struct ipsec_test_data pkt_aes_128_gcm;
+extern struct ipsec_test_data pkt_aes_192_gcm;
+extern struct ipsec_test_data pkt_aes_256_gcm;
+extern struct ipsec_test_data pkt_aes_128_gcm_frag;
+extern struct ipsec_test_data pkt_aes_128_cbc_null;
+extern struct ipsec_test_data pkt_null_aes_xcbc;
+extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha384;
+extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha512;
+
+static struct rte_mempool *mbufpool;
+static struct rte_mempool *sess_pool;
+static struct rte_mempool *sess_priv_pool;
+/* ethernet addresses of ports */
+static struct rte_ether_addr ports_eth_addr[RTE_MAX_ETHPORTS];
+
+static struct rte_eth_conf port_conf = {
+	.rxmode = {
+		.mq_mode = RTE_ETH_MQ_RX_NONE,
+		.split_hdr_size = 0,
+		.offloads = RTE_ETH_RX_OFFLOAD_CHECKSUM |
+			    RTE_ETH_RX_OFFLOAD_SECURITY,
+	},
+	.txmode = {
+		.mq_mode = RTE_ETH_MQ_TX_NONE,
+		.offloads = RTE_ETH_TX_OFFLOAD_SECURITY |
+			    RTE_ETH_TX_OFFLOAD_MBUF_FAST_FREE,
+	},
+	.lpbk_mode = 1,  /* enable loopback */
+};
+
+static struct rte_eth_rxconf rx_conf = {
+	.rx_thresh = {
+		.pthresh = RX_PTHRESH,
+		.hthresh = RX_HTHRESH,
+		.wthresh = RX_WTHRESH,
+	},
+	.rx_free_thresh = 32,
+};
+
+static struct rte_eth_txconf tx_conf = {
+	.tx_thresh = {
+		.pthresh = TX_PTHRESH,
+		.hthresh = TX_HTHRESH,
+		.wthresh = TX_WTHRESH,
+	},
+	.tx_free_thresh = 32, /* Use PMD default values */
+	.tx_rs_thresh = 32, /* Use PMD default values */
+};
+
+uint16_t port_id;
+
+static uint64_t link_mbps;
+
+static struct rte_flow *default_flow[RTE_MAX_ETHPORTS];
+
+/* Create Inline IPsec session */
+static int
+create_inline_ipsec_session(struct ipsec_test_data *sa, uint16_t portid,
+		struct rte_security_session **sess, struct rte_security_ctx **ctx,
+		uint32_t *ol_flags, const struct ipsec_test_flags *flags,
+		struct rte_security_session_conf *sess_conf)
+{
+	uint16_t src_v6[8] = {0x2607, 0xf8b0, 0x400c, 0x0c03, 0x0000, 0x0000,
+				0x0000, 0x001a};
+	uint16_t dst_v6[8] = {0x2001, 0x0470, 0xe5bf, 0xdead, 0x4957, 0x2174,
+				0xe82c, 0x4887};
+	uint32_t src_v4 = rte_cpu_to_be_32(RTE_IPV4(192, 168, 1, 2));
+	uint32_t dst_v4 = rte_cpu_to_be_32(RTE_IPV4(192, 168, 1, 1));
+	struct rte_security_capability_idx sec_cap_idx;
+	const struct rte_security_capability *sec_cap;
+	enum rte_security_ipsec_sa_direction dir;
+	struct rte_security_ctx *sec_ctx;
+	uint32_t verify;
+	int32_t ret = 0;
+
+	sess_conf->action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;
+	sess_conf->protocol = RTE_SECURITY_PROTOCOL_IPSEC;
+	sess_conf->ipsec = sa->ipsec_xform;
+
+	dir = sa->ipsec_xform.direction;
+	verify = flags->tunnel_hdr_verify;
+
+	if ((dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) && verify) {
+		if (verify == RTE_SECURITY_IPSEC_TUNNEL_VERIFY_SRC_DST_ADDR)
+			src_v4 += 1;
+		else if (verify == RTE_SECURITY_IPSEC_TUNNEL_VERIFY_DST_ADDR)
+			dst_v4 += 1;
+	}
+
+	if (sa->ipsec_xform.mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL) {
+		if (sa->ipsec_xform.tunnel.type ==
+				RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
+			memcpy(&sess_conf->ipsec.tunnel.ipv4.src_ip, &src_v4,
+					sizeof(src_v4));
+			memcpy(&sess_conf->ipsec.tunnel.ipv4.dst_ip, &dst_v4,
+					sizeof(dst_v4));
+
+			if (flags->df == TEST_IPSEC_SET_DF_0_INNER_1)
+				sess_conf->ipsec.tunnel.ipv4.df = 0;
+
+			if (flags->df == TEST_IPSEC_SET_DF_1_INNER_0)
+				sess_conf->ipsec.tunnel.ipv4.df = 1;
+
+			if (flags->dscp == TEST_IPSEC_SET_DSCP_0_INNER_1)
+				sess_conf->ipsec.tunnel.ipv4.dscp = 0;
+
+			if (flags->dscp == TEST_IPSEC_SET_DSCP_1_INNER_0)
+				sess_conf->ipsec.tunnel.ipv4.dscp =
+						TEST_IPSEC_DSCP_VAL;
+		} else {
+			if (flags->dscp == TEST_IPSEC_SET_DSCP_0_INNER_1)
+				sess_conf->ipsec.tunnel.ipv6.dscp = 0;
+
+			if (flags->dscp == TEST_IPSEC_SET_DSCP_1_INNER_0)
+				sess_conf->ipsec.tunnel.ipv6.dscp =
+						TEST_IPSEC_DSCP_VAL;
+
+			memcpy(&sess_conf->ipsec.tunnel.ipv6.src_addr, &src_v6,
+					sizeof(src_v6));
+			memcpy(&sess_conf->ipsec.tunnel.ipv6.dst_addr, &dst_v6,
+					sizeof(dst_v6));
+		}
+	}
+
+	/* Save SA as userdata for the security session. When
+	 * the packet is received, this userdata will be
+	 * retrieved using the metadata from the packet.
+	 *
+	 * The PMD is expected to set similar metadata for other
+	 * operations, like rte_eth_event, which are tied to
+	 * security session. In such cases, the userdata could
+	 * be obtained to uniquely identify the security
+	 * parameters denoted.
+	 */
+
+	sess_conf->userdata = (void *) sa;
+
+	sec_ctx = (struct rte_security_ctx *)rte_eth_dev_get_sec_ctx(portid);
+	if (sec_ctx == NULL) {
+		printf("Ethernet device doesn't support security features.\n");
+		return TEST_SKIPPED;
+	}
+
+	sec_cap_idx.action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;
+	sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_IPSEC;
+	sec_cap_idx.ipsec.proto = sess_conf->ipsec.proto;
+	sec_cap_idx.ipsec.mode = sess_conf->ipsec.mode;
+	sec_cap_idx.ipsec.direction = sess_conf->ipsec.direction;
+	sec_cap = rte_security_capability_get(sec_ctx, &sec_cap_idx);
+	if (sec_cap == NULL) {
+		printf("No capabilities registered\n");
+		return TEST_SKIPPED;
+	}
+
+	if (sa->aead || sa->aes_gmac)
+		memcpy(&sess_conf->ipsec.salt, sa->salt.data,
+			RTE_MIN(sizeof(sess_conf->ipsec.salt), sa->salt.len));
+
+	/* Copy cipher session parameters */
+	if (sa->aead) {
+		rte_memcpy(sess_conf->crypto_xform, &sa->xform.aead,
+				sizeof(struct rte_crypto_sym_xform));
+		sess_conf->crypto_xform->aead.key.data = sa->key.data;
+		/* Verify crypto capabilities */
+		if (test_ipsec_crypto_caps_aead_verify(sec_cap,
+					sess_conf->crypto_xform) != 0) {
+			RTE_LOG(INFO, USER1,
+				"Crypto capabilities not supported\n");
+			return TEST_SKIPPED;
+		}
+	} else {
+		if (dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+			rte_memcpy(&sess_conf->crypto_xform->cipher,
+					&sa->xform.chain.cipher.cipher,
+					sizeof(struct rte_crypto_cipher_xform));
+
+			rte_memcpy(&sess_conf->crypto_xform->next->auth,
+					&sa->xform.chain.auth.auth,
+					sizeof(struct rte_crypto_auth_xform));
+			sess_conf->crypto_xform->cipher.key.data =
+							sa->key.data;
+			sess_conf->crypto_xform->next->auth.key.data =
+							sa->auth_key.data;
+			/* Verify crypto capabilities */
+			if (test_ipsec_crypto_caps_cipher_verify(sec_cap,
+					sess_conf->crypto_xform) != 0) {
+				RTE_LOG(INFO, USER1,
+					"Cipher crypto capabilities not supported\n");
+				return TEST_SKIPPED;
+			}
+
+			if (test_ipsec_crypto_caps_auth_verify(sec_cap,
+					sess_conf->crypto_xform->next) != 0) {
+				RTE_LOG(INFO, USER1,
+					"Auth crypto capabilities not supported\n");
+				return TEST_SKIPPED;
+			}
+		} else {
+			rte_memcpy(&sess_conf->crypto_xform->next->cipher,
+					&sa->xform.chain.cipher.cipher,
+					sizeof(struct rte_crypto_cipher_xform));
+			rte_memcpy(&sess_conf->crypto_xform->auth,
+					&sa->xform.chain.auth.auth,
+					sizeof(struct rte_crypto_auth_xform));
+			sess_conf->crypto_xform->auth.key.data =
+							sa->auth_key.data;
+			sess_conf->crypto_xform->next->cipher.key.data =
+							sa->key.data;
+
+			/* Verify crypto capabilities */
+			if (test_ipsec_crypto_caps_cipher_verify(sec_cap,
+					sess_conf->crypto_xform->next) != 0) {
+				RTE_LOG(INFO, USER1,
+					"Cipher crypto capabilities not supported\n");
+				return TEST_SKIPPED;
+			}
+
+			if (test_ipsec_crypto_caps_auth_verify(sec_cap,
+					sess_conf->crypto_xform) != 0) {
+				RTE_LOG(INFO, USER1,
+					"Auth crypto capabilities not supported\n");
+				return TEST_SKIPPED;
+			}
+		}
+	}
+
+	if (test_ipsec_sec_caps_verify(&sess_conf->ipsec, sec_cap, false) != 0)
+		return TEST_SKIPPED;
+
+	if ((sa->ipsec_xform.direction ==
+			RTE_SECURITY_IPSEC_SA_DIR_EGRESS) &&
+			(sa->ipsec_xform.options.iv_gen_disable == 1)) {
+		/* Set env variable when IV generation is disabled */
+		char arr[128];
+		int len = 0, j = 0;
+		int iv_len = (sa->aead || sa->aes_gmac) ? 8 : 16;
+
+		for (; j < iv_len; j++)
+			len += snprintf(arr+len, sizeof(arr) - len,
+					"0x%x, ", sa->iv.data[j]);
+		setenv("ETH_SEC_IV_OVR", arr, 1);
+	}
+
+	*sess = rte_security_session_create(sec_ctx,
+				sess_conf, sess_pool, sess_priv_pool);
+	if (*sess == NULL) {
+		printf("SEC Session init failed: err: %d\n", ret);
+		return TEST_FAILED;
+	}
+
+	*ol_flags = sec_cap->ol_flags;
+	*ctx = sec_ctx;
+
+	return 0;
+}
+
+/* Check the link status of all ports in up to 3s, and print them finally */
+static void
+check_all_ports_link_status(uint16_t port_num, uint32_t port_mask)
+{
+#define CHECK_INTERVAL 100 /* 100ms */
+#define MAX_CHECK_TIME 30 /* 3s (30 * 100ms) in total */
+	uint16_t portid;
+	uint8_t count, all_ports_up, print_flag = 0;
+	struct rte_eth_link link;
+	int ret;
+	char link_status[RTE_ETH_LINK_MAX_STR_LEN];
+
+	printf("Checking link statuses...\n");
+	fflush(stdout);
+	for (count = 0; count <= MAX_CHECK_TIME; count++) {
+		all_ports_up = 1;
+		for (portid = 0; portid < port_num; portid++) {
+			if ((port_mask & (1 << portid)) == 0)
+				continue;
+			memset(&link, 0, sizeof(link));
+			ret = rte_eth_link_get_nowait(portid, &link);
+			if (ret < 0) {
+				all_ports_up = 0;
+				if (print_flag == 1)
+					printf("Port %u link get failed: %s\n",
+						portid, rte_strerror(-ret));
+				continue;
+			}
+
+			/* print link status if flag set */
+			if (print_flag == 1) {
+				if (link.link_status && link_mbps == 0)
+					link_mbps = link.link_speed;
+
+				rte_eth_link_to_str(link_status,
+					sizeof(link_status), &link);
+				printf("Port %d %s\n", portid, link_status);
+				continue;
+			}
+			/* clear all_ports_up flag if any link down */
+			if (link.link_status == RTE_ETH_LINK_DOWN) {
+				all_ports_up = 0;
+				break;
+			}
+		}
+		/* after finally printing all link status, get out */
+		if (print_flag == 1)
+			break;
+
+		if (all_ports_up == 0) {
+			fflush(stdout);
+			rte_delay_ms(CHECK_INTERVAL);
+		}
+
+		/* set the print_flag if all ports up or timeout */
+		if (all_ports_up == 1 || count == (MAX_CHECK_TIME - 1))
+			print_flag = 1;
+	}
+}
+
+static void
+print_ethaddr(const char *name, const struct rte_ether_addr *eth_addr)
+{
+	char buf[RTE_ETHER_ADDR_FMT_SIZE];
+	rte_ether_format_addr(buf, RTE_ETHER_ADDR_FMT_SIZE, eth_addr);
+	printf("%s%s", name, buf);
+}
+
+static void
+copy_buf_to_pkt_segs(const uint8_t *buf, unsigned int len,
+		     struct rte_mbuf *pkt, unsigned int offset)
+{
+	unsigned int copied = 0;
+	unsigned int copy_len;
+	struct rte_mbuf *seg;
+	void *seg_buf;
+
+	seg = pkt;
+	while (offset >= seg->data_len) {
+		offset -= seg->data_len;
+		seg = seg->next;
+	}
+	copy_len = seg->data_len - offset;
+	seg_buf = rte_pktmbuf_mtod_offset(seg, char *, offset);
+	while (len > copy_len) {
+		rte_memcpy(seg_buf, buf + copied, (size_t) copy_len);
+		len -= copy_len;
+		copied += copy_len;
+		seg = seg->next;
+		seg_buf = rte_pktmbuf_mtod(seg, void *);
+	}
+	rte_memcpy(seg_buf, buf + copied, (size_t) len);
+}
+
+static inline struct rte_mbuf *
+init_packet(struct rte_mempool *mp, const uint8_t *data, unsigned int len)
+{
+	struct rte_mbuf *pkt;
+
+	pkt = rte_pktmbuf_alloc(mp);
+	if (pkt == NULL)
+		return NULL;
+	if (((data[0] & 0xF0) >> 4) == IPVERSION) {
+		rte_memcpy(rte_pktmbuf_append(pkt, RTE_ETHER_HDR_LEN),
+				&dummy_ipv4_eth_hdr, RTE_ETHER_HDR_LEN);
+		pkt->l3_len = sizeof(struct rte_ipv4_hdr);
+	} else {
+		rte_memcpy(rte_pktmbuf_append(pkt, RTE_ETHER_HDR_LEN),
+				&dummy_ipv6_eth_hdr, RTE_ETHER_HDR_LEN);
+		pkt->l3_len = sizeof(struct rte_ipv6_hdr);
+	}
+	pkt->l2_len = RTE_ETHER_HDR_LEN;
+
+	if (pkt->buf_len > (len + RTE_ETHER_HDR_LEN))
+		rte_memcpy(rte_pktmbuf_append(pkt, len), data, len);
+	else
+		copy_buf_to_pkt_segs(data, len, pkt, RTE_ETHER_HDR_LEN);
+	return pkt;
+}
+
+static int
+init_mempools(unsigned int nb_mbuf)
+{
+	struct rte_security_ctx *sec_ctx;
+	uint16_t nb_sess = 512;
+	uint32_t sess_sz;
+	char s[64];
+
+	if (mbufpool == NULL) {
+		snprintf(s, sizeof(s), "mbuf_pool");
+		mbufpool = rte_pktmbuf_pool_create(s, nb_mbuf,
+				MEMPOOL_CACHE_SIZE, 0,
+				RTE_MBUF_DEFAULT_BUF_SIZE, SOCKET_ID_ANY);
+		if (mbufpool == NULL) {
+			printf("Cannot init mbuf pool\n");
+			return TEST_FAILED;
+		}
+		printf("Allocated mbuf pool \n");
+	}
+
+	sec_ctx = rte_eth_dev_get_sec_ctx(port_id);
+	if (sec_ctx == NULL) {
+		printf("Device does not support Security ctx\n");
+		return TEST_FAILED;
+	}
+	sess_sz = rte_security_session_get_size(sec_ctx);
+	if (sess_pool == NULL) {
+		snprintf(s, sizeof(s), "sess_pool");
+		sess_pool = rte_mempool_create(s, nb_sess, sess_sz,
+				MEMPOOL_CACHE_SIZE, 0,
+				NULL, NULL, NULL, NULL,
+				SOCKET_ID_ANY, 0);
+		if (sess_pool == NULL) {
+			printf("Cannot init sess pool\n");
+			return TEST_FAILED;
+		}
+		printf("Allocated sess pool\n");
+	}
+	if (sess_priv_pool == NULL) {
+		snprintf(s, sizeof(s), "sess_priv_pool");
+		sess_priv_pool = rte_mempool_create(s, nb_sess, sess_sz,
+				MEMPOOL_CACHE_SIZE, 0,
+				NULL, NULL, NULL, NULL,
+				SOCKET_ID_ANY, 0);
+		if (sess_priv_pool == NULL) {
+			printf("Cannot init sess_priv pool\n");
+			return TEST_FAILED;
+		}
+		printf("Allocated sess_priv pool\n");
+	}
+
+	return 0;
+}
+
+static void
+create_default_flow(uint16_t portid)
+{
+	struct rte_flow_action action[2];
+	struct rte_flow_item pattern[2];
+	struct rte_flow_attr attr = {0};
+	struct rte_flow_error err;
+	struct rte_flow *flow;
+	int ret;
+
+	/* Add the default rte_flow to enable SECURITY for all ESP packets */
+
+	pattern[0].type = RTE_FLOW_ITEM_TYPE_ESP;
+	pattern[0].spec = NULL;
+	pattern[0].mask = NULL;
+	pattern[0].last = NULL;
+	pattern[1].type = RTE_FLOW_ITEM_TYPE_END;
+
+	action[0].type = RTE_FLOW_ACTION_TYPE_SECURITY;
+	action[0].conf = NULL;
+	action[1].type = RTE_FLOW_ACTION_TYPE_END;
+	action[1].conf = NULL;
+
+	attr.ingress = 1;
+
+	ret = rte_flow_validate(portid, &attr, pattern, action, &err);
+	if (ret) {
+		printf("\nValidate flow failed, ret = %d\n", ret);
+		return;
+	}
+	flow = rte_flow_create(portid, &attr, pattern, action, &err);
+	if (flow == NULL) {
+		printf("\nDefault flow rule create failed\n");
+		return;
+	}
+
+	default_flow[portid] = flow;
+}
+
+static void
+destroy_default_flow(uint16_t portid)
+{
+	struct rte_flow_error err;
+	int ret;
+	if (!default_flow[portid])
+		return;
+	ret = rte_flow_destroy(portid, default_flow[portid], &err);
+	if (ret) {
+		printf("\nDefault flow rule destroy failed\n");
+		return;
+	}
+	default_flow[portid] = NULL;
+}
+
+struct rte_mbuf **tx_pkts_burst;
+struct rte_mbuf **rx_pkts_burst;
+
+static int
+test_ipsec_inline_proto_process(struct ipsec_test_data *td,
+		struct ipsec_test_data *res_d,
+		int nb_pkts,
+		bool silent,
+		const struct ipsec_test_flags *flags)
+{
+	struct rte_security_session_conf sess_conf = {0};
+	struct rte_crypto_sym_xform cipher = {0};
+	struct rte_crypto_sym_xform auth = {0};
+	struct rte_crypto_sym_xform aead = {0};
+	struct rte_security_session *ses;
+	struct rte_security_ctx *ctx;
+	int nb_rx = 0, nb_sent;
+	uint32_t ol_flags;
+	int i, j = 0, ret;
+
+	memset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * nb_pkts);
+
+	if (td->aead) {
+		sess_conf.crypto_xform = &aead;
+	} else {
+		if (td->ipsec_xform.direction ==
+				RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+			sess_conf.crypto_xform = &cipher;
+			sess_conf.crypto_xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+			sess_conf.crypto_xform->next = &auth;
+			sess_conf.crypto_xform->next->type = RTE_CRYPTO_SYM_XFORM_AUTH;
+		} else {
+			sess_conf.crypto_xform = &auth;
+			sess_conf.crypto_xform->type = RTE_CRYPTO_SYM_XFORM_AUTH;
+			sess_conf.crypto_xform->next = &cipher;
+			sess_conf.crypto_xform->next->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+		}
+	}
+
+	/* Create Inline IPsec session. */
+	ret = create_inline_ipsec_session(td, port_id, &ses, &ctx,
+					  &ol_flags, flags, &sess_conf);
+	if (ret)
+		return ret;
+
+	if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
+		create_default_flow(port_id);
+
+	for (i = 0; i < nb_pkts; i++) {
+		tx_pkts_burst[i] = init_packet(mbufpool, td->input_text.data,
+						td->input_text.len);
+		if (tx_pkts_burst[i] == NULL) {
+			while (i--)
+				rte_pktmbuf_free(tx_pkts_burst[i]);
+			ret = TEST_FAILED;
+			goto out;
+		}
+
+		if (test_ipsec_pkt_update(rte_pktmbuf_mtod_offset(tx_pkts_burst[i],
+					uint8_t *, RTE_ETHER_HDR_LEN), flags)) {
+			while (i--)
+				rte_pktmbuf_free(tx_pkts_burst[i]);
+			ret = TEST_FAILED;
+			goto out;
+		}
+
+		if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+			if (ol_flags & RTE_SECURITY_TX_OLOAD_NEED_MDATA)
+				rte_security_set_pkt_metadata(ctx, ses,
+						tx_pkts_burst[i], NULL);
+			tx_pkts_burst[i]->ol_flags |= RTE_MBUF_F_TX_SEC_OFFLOAD;
+		}
+	}
+		/* Send packet to ethdev for inline IPsec processing. */
+	nb_sent = rte_eth_tx_burst(port_id, 0, tx_pkts_burst, nb_pkts);
+	if (nb_sent != nb_pkts) {
+		printf("\nUnable to TX %d packets", nb_pkts);
+		for ( ; nb_sent < nb_pkts; nb_sent++)
+			rte_pktmbuf_free(tx_pkts_burst[nb_sent]);
+		ret = TEST_FAILED;
+		goto out;
+	}
+
+	rte_pause();
+
+	/* Receive back packet on loopback interface. */
+	do {
+		rte_delay_ms(1);
+		nb_rx += rte_eth_rx_burst(port_id, 0, &rx_pkts_burst[nb_rx],
+				nb_sent - nb_rx);
+		if (nb_rx >= nb_sent)
+			break;
+	} while (j++ < 5 || nb_rx == 0);
+
+	if (nb_rx != nb_sent) {
+		printf("\nUnable to RX all %d packets", nb_sent);
+		while(--nb_rx)
+			rte_pktmbuf_free(rx_pkts_burst[nb_rx]);
+		ret = TEST_FAILED;
+		goto out;
+	}
+
+	for (i = 0; i < nb_rx; i++) {
+		rte_pktmbuf_adj(rx_pkts_burst[i], RTE_ETHER_HDR_LEN);
+
+		ret = test_ipsec_post_process(rx_pkts_burst[i], td,
+					      res_d, silent, flags);
+		if (ret != TEST_SUCCESS) {
+			for ( ; i < nb_rx; i++)
+				rte_pktmbuf_free(rx_pkts_burst[i]);
+			goto out;
+		}
+
+		ret = test_ipsec_stats_verify(ctx, ses, flags,
+					td->ipsec_xform.direction);
+		if (ret != TEST_SUCCESS) {
+			for ( ; i < nb_rx; i++)
+				rte_pktmbuf_free(rx_pkts_burst[i]);
+			goto out;
+		}
+
+		rte_pktmbuf_free(rx_pkts_burst[i]);
+		rx_pkts_burst[i] = NULL;
+	}
+
+out:
+	if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
+		destroy_default_flow(port_id);
+
+	/* Destroy session so that other cases can create the session again */
+	rte_security_session_destroy(ctx, ses);
+	ses = NULL;
+
+	return ret;
+}
+
+static int
+ut_setup_inline_ipsec(void)
+{
+	int ret;
+
+	/* Start device */
+	ret = rte_eth_dev_start(port_id);
+	if (ret < 0) {
+		printf("rte_eth_dev_start: err=%d, port=%d\n",
+			ret, port_id);
+		return ret;
+	}
+	/* always enable promiscuous */
+	ret = rte_eth_promiscuous_enable(port_id);
+	if (ret != 0) {
+		printf("rte_eth_promiscuous_enable: err=%s, port=%d\n",
+			rte_strerror(-ret), port_id);
+		return ret;
+	}
+
+	check_all_ports_link_status(1, RTE_PORT_ALL);
+
+	return 0;
+}
+
+static void
+ut_teardown_inline_ipsec(void)
+{
+	uint16_t portid;
+	int ret;
+
+	/* port tear down */
+	RTE_ETH_FOREACH_DEV(portid) {
+		ret = rte_eth_dev_stop(portid);
+		if (ret != 0)
+			printf("rte_eth_dev_stop: err=%s, port=%u\n",
+			       rte_strerror(-ret), portid);
+	}
+}
+
+static int
+inline_ipsec_testsuite_setup(void)
+{
+	uint16_t nb_rxd;
+	uint16_t nb_txd;
+	uint16_t nb_ports;
+	int ret;
+	uint16_t nb_rx_queue = 1, nb_tx_queue = 1;
+
+	printf("Start inline IPsec test.\n");
+
+	nb_ports = rte_eth_dev_count_avail();
+	if (nb_ports < NB_ETHPORTS_USED) {
+		printf("At least %u port(s) used for test\n",
+		       NB_ETHPORTS_USED);
+		return -1;
+	}
+
+	init_mempools(NB_MBUF);
+
+	if (tx_pkts_burst == NULL) {
+		tx_pkts_burst = (struct rte_mbuf **)rte_calloc("tx_buff",
+					  MAX_TRAFFIC_BURST,
+					  sizeof(void *),
+					  RTE_CACHE_LINE_SIZE);
+		if (!tx_pkts_burst)
+			return -1;
+
+		rx_pkts_burst = (struct rte_mbuf **)rte_calloc("rx_buff",
+					  MAX_TRAFFIC_BURST,
+					  sizeof(void *),
+					  RTE_CACHE_LINE_SIZE);
+		if (!rx_pkts_burst)
+			return -1;
+	}
+
+	printf("Generate %d packets \n", MAX_TRAFFIC_BURST);
+
+	nb_rxd = RTE_TEST_RX_DESC_DEFAULT;
+	nb_txd = RTE_TEST_TX_DESC_DEFAULT;
+
+	/* configuring port 0 for the test is enough */
+	port_id = 0;
+	/* port configure */
+	ret = rte_eth_dev_configure(port_id, nb_rx_queue,
+				    nb_tx_queue, &port_conf);
+	if (ret < 0) {
+		printf("Cannot configure device: err=%d, port=%d\n",
+			 ret, port_id);
+		return ret;
+	}
+	ret = rte_eth_macaddr_get(port_id, &ports_eth_addr[port_id]);
+	if (ret < 0) {
+		printf("Cannot get mac address: err=%d, port=%d\n",
+			 ret, port_id);
+		return ret;
+	}
+	printf("Port %u ", port_id);
+	print_ethaddr("Address:", &ports_eth_addr[port_id]);
+	printf("\n");
+
+	/* tx queue setup */
+	ret = rte_eth_tx_queue_setup(port_id, 0, nb_txd,
+				     SOCKET_ID_ANY, &tx_conf);
+	if (ret < 0) {
+		printf("rte_eth_tx_queue_setup: err=%d, port=%d\n",
+				ret, port_id);
+		return ret;
+	}
+	/* rx queue steup */
+	ret = rte_eth_rx_queue_setup(port_id, 0, nb_rxd, SOCKET_ID_ANY,
+				     &rx_conf, mbufpool);
+	if (ret < 0) {
+		printf("rte_eth_rx_queue_setup: err=%d, port=%d\n",
+				ret, port_id);
+		return ret;
+	}
+	test_ipsec_alg_list_populate();
+
+	return 0;
+}
+
+static void
+inline_ipsec_testsuite_teardown(void)
+{
+	uint16_t portid;
+	int ret;
+
+	/* port tear down */
+	RTE_ETH_FOREACH_DEV(portid) {
+		ret = rte_eth_dev_reset(portid);
+		if (ret != 0)
+			printf("rte_eth_dev_reset: err=%s, port=%u\n",
+			       rte_strerror(-ret), port_id);
+	}
+}
+
+static int
+test_ipsec_inline_proto_known_vec(const void *test_data)
+{
+	struct ipsec_test_data td_outb;
+	struct ipsec_test_flags flags;
+
+	memset(&flags, 0, sizeof(flags));
+
+	memcpy(&td_outb, test_data, sizeof(td_outb));
+
+	if (td_outb.aead ||
+	    td_outb.xform.chain.cipher.cipher.algo != RTE_CRYPTO_CIPHER_NULL) {
+		/* Disable IV gen to be able to test with known vectors */
+		td_outb.ipsec_xform.options.iv_gen_disable = 1;
+	}
+
+	return test_ipsec_inline_proto_process(&td_outb, NULL, 1,
+				false, &flags);
+}
+
+static struct unit_test_suite inline_ipsec_testsuite  = {
+	.suite_name = "Inline IPsec Ethernet Device Unit Test Suite",
+	.setup = inline_ipsec_testsuite_setup,
+	.teardown = inline_ipsec_testsuite_teardown,
+	.unit_test_cases = {
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-GCM 128)",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec, &pkt_aes_128_gcm),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-GCM 192)",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec, &pkt_aes_192_gcm),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-GCM 256)",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec, &pkt_aes_256_gcm),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec,
+			&pkt_aes_128_cbc_hmac_sha256),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA384 [24B ICV])",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec,
+			&pkt_aes_128_cbc_hmac_sha384),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA512 [32B ICV])",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec,
+			&pkt_aes_128_cbc_hmac_sha512),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv6 AES-GCM 128)",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec, &pkt_aes_256_gcm_v6),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv6 AES-CBC 128 HMAC-SHA256 [16B ICV])",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec,
+			&pkt_aes_128_cbc_hmac_sha256_v6),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 NULL AES-XCBC-MAC [12B ICV])",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_known_vec,
+			&pkt_null_aes_xcbc),
+
+		TEST_CASES_END() /**< NULL terminate unit test array */
+	},
+};
+
+
+static int
+test_inline_ipsec(void)
+{
+	return unit_test_suite_runner(&inline_ipsec_testsuite);
+}
+
+#endif /* !RTE_EXEC_ENV_WINDOWS */
+
+REGISTER_TEST_COMMAND(inline_ipsec_autotest, test_inline_ipsec);
diff --git a/app/test/test_security_inline_proto_vectors.h b/app/test/test_security_inline_proto_vectors.h
new file mode 100644
index 0000000000..d1074da36a
--- /dev/null
+++ b/app/test/test_security_inline_proto_vectors.h
@@ -0,0 +1,20 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2022 Marvell.
+ */
+#ifndef _TEST_INLINE_IPSEC_REASSEMBLY_VECTORS_H_
+#define _TEST_INLINE_IPSEC_REASSEMBLY_VECTORS_H_
+
+#include "test_cryptodev_security_ipsec.h"
+
+uint8_t dummy_ipv4_eth_hdr[] = {
+		/* ETH */
+		0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
+		0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
+};
+uint8_t dummy_ipv6_eth_hdr[] = {
+		/* ETH */
+		0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
+		0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x86, 0xdd,
+};
+
+#endif
-- 
2.25.1


  reply	other threads:[~2022-04-16 19:25 UTC|newest]

Thread overview: 184+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-23 10:02 [dpdk-dev] [PATCH] RFC: ethdev: add reassembly offload Akhil Goyal
2021-08-23 10:18 ` Andrew Rybchenko
2021-08-29 13:14   ` [dpdk-dev] [EXT] " Akhil Goyal
2021-09-21 19:59     ` Thomas Monjalon
2021-09-07  8:47 ` [dpdk-dev] " Ferruh Yigit
2021-09-08 10:29   ` [dpdk-dev] [EXT] " Anoob Joseph
2021-09-13  6:56     ` Xu, Rosen
2021-09-13  7:22       ` Andrew Rybchenko
2021-09-14  5:14         ` Anoob Joseph
2021-09-08  6:34 ` [dpdk-dev] " Xu, Rosen
2021-09-08  6:36   ` Xu, Rosen
2022-01-03 15:08 ` [PATCH 0/8] ethdev: introduce IP " Akhil Goyal
2022-01-03 15:08   ` [PATCH 1/8] " Akhil Goyal
2022-01-11 16:03     ` Ananyev, Konstantin
2022-01-22  7:38     ` Andrew Rybchenko
2022-01-30 16:53       ` [EXT] " Akhil Goyal
2022-01-03 15:08   ` [PATCH 2/8] ethdev: add dev op for IP reassembly configuration Akhil Goyal
2022-01-11 16:09     ` Ananyev, Konstantin
2022-01-11 18:54       ` Akhil Goyal
2022-01-12 10:22         ` Ananyev, Konstantin
2022-01-12 10:32           ` Akhil Goyal
2022-01-12 10:48             ` Ananyev, Konstantin
2022-01-12 11:06               ` Akhil Goyal
2022-01-13 13:31                 ` Akhil Goyal
2022-01-13 14:41                   ` Ananyev, Konstantin
2022-01-03 15:08   ` [PATCH 3/8] ethdev: add mbuf dynfield for incomplete IP reassembly Akhil Goyal
2022-01-11 17:04     ` Ananyev, Konstantin
2022-01-11 18:44       ` Akhil Goyal
2022-01-12 10:30         ` Ananyev, Konstantin
2022-01-12 10:59           ` Akhil Goyal
2022-01-13 22:29             ` Ananyev, Konstantin
2022-01-13 13:18         ` Akhil Goyal
2022-01-13 14:36           ` Ananyev, Konstantin
2022-01-13 15:04             ` Akhil Goyal
2022-01-03 15:08   ` [PATCH 4/8] security: add IPsec option for " Akhil Goyal
2022-01-03 15:08   ` [PATCH 5/8] app/test: add unit cases for inline IPsec offload Akhil Goyal
2022-01-20 16:48     ` [PATCH v2 0/4] app/test: add inline IPsec and reassembly cases Akhil Goyal
2022-01-20 16:48       ` [PATCH v2 1/4] app/test: add unit cases for inline IPsec offload Akhil Goyal
2022-01-20 16:48       ` [PATCH v2 2/4] app/test: add IP reassembly case with no frags Akhil Goyal
2022-01-20 16:48       ` [PATCH v2 3/4] app/test: add IP reassembly cases with multiple fragments Akhil Goyal
2022-01-20 16:48       ` [PATCH v2 4/4] app/test: add IP reassembly negative cases Akhil Goyal
2022-02-17 17:23       ` [PATCH v3 0/4] app/test: add inline IPsec and reassembly cases Akhil Goyal
2022-02-17 17:23         ` [PATCH v3 1/4] app/test: add unit cases for inline IPsec offload Akhil Goyal
2022-02-17 17:23         ` [PATCH v3 2/4] app/test: add IP reassembly case with no frags Akhil Goyal
2022-02-17 17:23         ` [PATCH v3 3/4] app/test: add IP reassembly cases with multiple fragments Akhil Goyal
2022-02-17 17:23         ` [PATCH v3 4/4] app/test: add IP reassembly negative cases Akhil Goyal
2022-04-16 19:25         ` [PATCH v4 00/10] app/test: add inline IPsec and reassembly cases Akhil Goyal
2022-04-16 19:25           ` Akhil Goyal [this message]
2022-04-16 19:25           ` [PATCH v4 02/10] test/security: add inline inbound IPsec cases Akhil Goyal
2022-04-16 19:25           ` [PATCH v4 03/10] test/security: add combined mode inline " Akhil Goyal
2022-04-16 19:25           ` [PATCH v4 04/10] test/security: add inline IPsec reassembly cases Akhil Goyal
2022-04-16 19:25           ` [PATCH v4 05/10] test/security: add more inline IPsec functional cases Akhil Goyal
2022-04-16 19:25           ` [PATCH v4 06/10] test/security: add ESN and anti-replay cases for inline Akhil Goyal
2022-04-16 19:25           ` [PATCH v4 07/10] ethdev: add IPsec SA expiry event subtypes Akhil Goyal
2022-04-19  8:58             ` Thomas Monjalon
2022-04-19 10:14               ` [EXT] " Akhil Goyal
2022-04-19 10:19                 ` Anoob Joseph
2022-04-19 10:37                   ` Thomas Monjalon
2022-04-19 10:39                     ` Anoob Joseph
2022-04-19 10:47                 ` Thomas Monjalon
2022-04-19 12:27                   ` Akhil Goyal
2022-04-19 15:41                     ` Ray Kinsella
2022-04-20 13:51                       ` Akhil Goyal
2022-09-24 13:57             ` [PATCH v5 0/3] Add and test IPsec SA expiry events Akhil Goyal
2022-09-24 13:57               ` [PATCH v5 1/3] ethdev: add IPsec SA expiry event subtypes Akhil Goyal
2022-09-24 14:02                 ` Akhil Goyal
2022-09-26 14:02                 ` Thomas Monjalon
2022-09-27 18:44                   ` [EXT] " Akhil Goyal
2022-09-24 13:57               ` [PATCH v5 2/3] test/security: add inline IPsec SA soft expiry cases Akhil Goyal
2022-09-24 13:57               ` [PATCH v5 3/3] test/security: add inline IPsec SA hard " Akhil Goyal
2022-09-26 17:07               ` [PATCH v6 0/3] Add and test IPsec SA expiry events Akhil Goyal
2022-09-26 17:07                 ` [PATCH v6 1/3] ethdev: add IPsec SA expiry event subtypes Akhil Goyal
2022-09-26 17:07                 ` [PATCH v6 2/3] test/security: add inline IPsec SA soft expiry cases Akhil Goyal
2022-09-26 17:07                 ` [PATCH v6 3/3] test/security: add inline IPsec SA hard " Akhil Goyal
2022-04-16 19:25           ` [PATCH v4 08/10] test/security: add inline IPsec SA soft " Akhil Goyal
2022-04-16 19:25           ` [PATCH v4 09/10] test/security: add inline IPsec SA hard " Akhil Goyal
2022-04-16 19:25           ` [PATCH v4 10/10] test/security: add inline IPsec IPv6 flow label cases Akhil Goyal
2022-04-18  3:44             ` Anoob Joseph
2022-04-18  3:55               ` Akhil Goyal
2022-04-25 12:38           ` [PATCH v4 00/10] app/test: add inline IPsec and reassembly cases Poczatek, Jakub
2022-04-27 15:10           ` [PATCH v5 0/7] " Akhil Goyal
2022-04-27 15:10             ` [PATCH v5 1/7] app/test: add unit cases for inline IPsec offload Akhil Goyal
2022-04-27 15:44               ` Zhang, Roy Fan
2022-04-27 15:10             ` [PATCH v5 2/7] test/security: add inline inbound IPsec cases Akhil Goyal
2022-04-27 15:44               ` Zhang, Roy Fan
2022-04-27 15:10             ` [PATCH v5 3/7] test/security: add combined mode inline " Akhil Goyal
2022-04-27 15:45               ` Zhang, Roy Fan
2022-04-27 15:10             ` [PATCH v5 4/7] test/security: add inline IPsec reassembly cases Akhil Goyal
2022-04-27 15:45               ` Zhang, Roy Fan
2022-04-27 15:10             ` [PATCH v5 5/7] test/security: add more inline IPsec functional cases Akhil Goyal
2022-04-27 15:46               ` Zhang, Roy Fan
2022-04-27 15:10             ` [PATCH v5 6/7] test/security: add ESN and anti-replay cases for inline Akhil Goyal
2022-04-27 15:46               ` Zhang, Roy Fan
2022-04-28  5:25               ` Anoob Joseph
2022-04-27 15:10             ` [PATCH v5 7/7] test/security: add inline IPsec IPv6 flow label cases Akhil Goyal
2022-04-27 15:46               ` Zhang, Roy Fan
2022-04-27 15:42             ` [PATCH v5 0/7] app/test: add inline IPsec and reassembly cases Zhang, Roy Fan
2022-05-13  7:31             ` [PATCH v6 " Akhil Goyal
2022-05-13  7:31               ` [PATCH v6 1/7] app/test: add unit cases for inline IPsec offload Akhil Goyal
2022-05-13  7:31               ` [PATCH v6 2/7] test/security: add inline inbound IPsec cases Akhil Goyal
2022-05-13  7:31               ` [PATCH v6 3/7] test/security: add combined mode inline " Akhil Goyal
2022-05-13  7:31               ` [PATCH v6 4/7] test/security: add inline IPsec reassembly cases Akhil Goyal
2022-05-13  7:31               ` [PATCH v6 5/7] test/security: add more inline IPsec functional cases Akhil Goyal
2022-05-13  7:32               ` [PATCH v6 6/7] test/security: add ESN and anti-replay cases for inline Akhil Goyal
2022-05-13  7:32               ` [PATCH v6 7/7] test/security: add inline IPsec IPv6 flow label cases Akhil Goyal
2022-05-24  7:22               ` [PATCH v7 0/7] app/test: add inline IPsec and reassembly cases Akhil Goyal
2022-05-24  7:22                 ` [PATCH v7 1/7] app/test: add unit cases for inline IPsec offload Akhil Goyal
2022-05-24  7:22                 ` [PATCH v7 2/7] test/security: add inline inbound IPsec cases Akhil Goyal
2022-05-24  7:22                 ` [PATCH v7 3/7] test/security: add combined mode inline " Akhil Goyal
2022-05-24  7:22                 ` [PATCH v7 4/7] test/security: add inline IPsec reassembly cases Akhil Goyal
2022-05-24  7:22                 ` [PATCH v7 5/7] test/security: add more inline IPsec functional cases Akhil Goyal
2022-05-24  7:22                 ` [PATCH v7 6/7] test/security: add ESN and anti-replay cases for inline Akhil Goyal
2022-05-24  7:22                 ` [PATCH v7 7/7] test/security: add inline IPsec IPv6 flow label cases Akhil Goyal
2022-05-24  8:05                 ` [PATCH v7 0/7] app/test: add inline IPsec and reassembly cases Anoob Joseph
2022-05-24  9:38                   ` Akhil Goyal
2022-01-03 15:08   ` [PATCH 6/8] app/test: add IP reassembly case with no frags Akhil Goyal
2022-01-03 15:08   ` [PATCH 7/8] app/test: add IP reassembly cases with multiple fragments Akhil Goyal
2022-01-03 15:08   ` [PATCH 8/8] app/test: add IP reassembly negative cases Akhil Goyal
2022-01-06  9:51   ` [PATCH 0/8] ethdev: introduce IP reassembly offload David Marchand
2022-01-06  9:54     ` [EXT] " Akhil Goyal
2022-01-20 16:26   ` [PATCH v2 0/4] " Akhil Goyal
2022-01-20 16:26     ` [PATCH v2 1/4] " Akhil Goyal
2022-01-20 16:45       ` Stephen Hemminger
2022-01-20 17:11         ` [EXT] " Akhil Goyal
2022-01-20 16:26     ` [PATCH v2 2/4] ethdev: add dev op to set/get IP reassembly configuration Akhil Goyal
2022-01-22  8:17       ` Andrew Rybchenko
2022-01-30 16:30         ` [EXT] " Akhil Goyal
2022-01-20 16:26     ` [PATCH v2 3/4] ethdev: add mbuf dynfield for incomplete IP reassembly Akhil Goyal
2022-01-20 16:26     ` [PATCH v2 4/4] security: add IPsec option for " Akhil Goyal
2022-01-30 17:59     ` [PATCH v3 0/4] ethdev: introduce IP reassembly offload Akhil Goyal
2022-01-30 17:59       ` [PATCH v3 1/4] " Akhil Goyal
2022-02-01 14:11         ` Ferruh Yigit
2022-02-02 10:57           ` [EXT] " Akhil Goyal
2022-02-02 14:05             ` Ferruh Yigit
2022-01-30 17:59       ` [PATCH v3 2/4] ethdev: add dev op to set/get IP reassembly configuration Akhil Goyal
2022-01-30 17:59       ` [PATCH v3 3/4] ethdev: add mbuf dynfield for incomplete IP reassembly Akhil Goyal
2022-02-01 14:11         ` Ferruh Yigit
2022-02-02  9:13           ` [EXT] " Akhil Goyal
2022-01-30 17:59       ` [PATCH v3 4/4] security: add IPsec option for " Akhil Goyal
2022-02-01 14:12         ` Ferruh Yigit
2022-02-02  9:15           ` [EXT] " Akhil Goyal
2022-02-02 14:04             ` Ferruh Yigit
2022-02-01 14:10       ` [PATCH v3 0/4] ethdev: introduce IP reassembly offload Ferruh Yigit
2022-02-02  9:05         ` [EXT] " Akhil Goyal
2022-02-04 22:13       ` [PATCH v4 0/3] " Akhil Goyal
2022-02-04 22:13         ` [PATCH v4 1/3] " Akhil Goyal
2022-02-04 22:20           ` Akhil Goyal
2022-02-07 13:53           ` Ferruh Yigit
2022-02-07 14:36             ` [EXT] " Akhil Goyal
2022-02-04 22:13         ` [PATCH v4 2/3] ethdev: add mbuf dynfield for incomplete IP reassembly Akhil Goyal
2022-02-07 13:58           ` Ferruh Yigit
2022-02-07 14:20             ` [EXT] " Akhil Goyal
2022-02-07 14:56               ` Ferruh Yigit
2022-02-07 16:20                 ` Akhil Goyal
2022-02-07 16:41                   ` Ferruh Yigit
2022-02-07 17:17                     ` Akhil Goyal
2022-02-07 17:23           ` Stephen Hemminger
2022-02-07 17:28             ` Ferruh Yigit
2022-02-07 18:01               ` Stephen Hemminger
2022-02-07 18:28                 ` [EXT] " Akhil Goyal
2022-02-07 19:08                   ` Stephen Hemminger
2022-02-07 17:29             ` Akhil Goyal
2022-02-04 22:13         ` [PATCH v4 3/3] security: add IPsec option for " Akhil Goyal
2022-02-08  9:01           ` David Marchand
2022-02-08  9:18             ` [EXT] " Akhil Goyal
2022-02-08  9:27               ` David Marchand
2022-02-08 10:45                 ` Akhil Goyal
2022-02-08 13:19                   ` Akhil Goyal
2022-02-08 19:55                     ` David Marchand
2022-02-08 20:01                       ` Akhil Goyal
2022-02-08 20:11         ` [PATCH v5 0/3] ethdev: introduce IP reassembly offload Akhil Goyal
2022-02-08 20:11           ` [PATCH v5 1/3] " Akhil Goyal
2022-02-08 20:11           ` [PATCH v5 2/3] ethdev: add mbuf dynfield for incomplete IP reassembly Akhil Goyal
2022-02-08 20:11           ` [PATCH v5 3/3] security: add IPsec option for " Akhil Goyal
2022-02-08 22:20           ` [PATCH v6 0/3] ethdev: introduce IP reassembly offload Akhil Goyal
2022-02-08 22:20             ` [PATCH v6 1/3] " Akhil Goyal
2022-02-10  8:54               ` Ferruh Yigit
2022-02-10 10:08               ` Andrew Rybchenko
2022-02-10 10:20                 ` Ferruh Yigit
2022-02-10 10:30                   ` Ferruh Yigit
2022-02-08 22:20             ` [PATCH v6 2/3] ethdev: add mbuf dynfield for incomplete IP reassembly Akhil Goyal
2022-02-10  8:54               ` Ferruh Yigit
2022-02-08 22:20             ` [PATCH v6 3/3] security: add IPsec option for " Akhil Goyal
2022-02-10  8:54             ` [PATCH v6 0/3] ethdev: introduce IP reassembly offload Ferruh Yigit

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220416192530.173895-2-gakhil@marvell.com \
    --to=gakhil@marvell.com \
    --cc=andrew.rybchenko@oktetlabs.ru \
    --cc=anoobj@marvell.com \
    --cc=ciara.power@intel.com \
    --cc=david.marchand@redhat.com \
    --cc=dev@dpdk.org \
    --cc=ferruh.yigit@intel.com \
    --cc=hemant.agrawal@nxp.com \
    --cc=konstantin.ananyev@intel.com \
    --cc=ndabilpuram@marvell.com \
    --cc=thomas@monjalon.net \
    --cc=vattunuru@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).