From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 128EC41E2B; Thu, 9 Mar 2023 09:57:05 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 18E5941611; Thu, 9 Mar 2023 09:57:02 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 032C04113D for ; Thu, 9 Mar 2023 09:57:00 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3295Q7U8019720; Thu, 9 Mar 2023 00:57:00 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=ED58yXRpVo8NBkwI1Ya23HFzmyUEU7aKIlmkoB0IUpk=; b=JaEhexB7OzW8VLrVMhia6PmG26ieeilTv3Hytjocqqfh6DJDOPSFjir957f+xFyBclzi +RvUYh+rEwKLpixflMlsVn9hOTZ5AymNANAQdy79TDtBh74W4xgLKnMwdI8iV7pjjpZz GADWSBT+MKqfMFEbBKUOzpYY4w6sjazDvtbzhX1xbT3OAEWLtczohQXK/hKFd9WimPqN 5/lepIjnhUdup60O7hr27oCUbbEz/huBpDXmN9LX9YAF+j5nuWwZQ95ZQZOalhX4NAyS 25TayBBvDIbs1aqvYotedW3JSHL16U20rlkx9C4IbJwnDobtqKnR4/fzIYnpb0I6DA5X /w== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3p6ff3gbfr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 09 Mar 2023 00:57:00 -0800 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.42; Thu, 9 Mar 2023 00:56:58 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.42 via Frontend Transport; Thu, 9 Mar 2023 00:56:58 -0800 Received: from hyd1588t430.caveonetworks.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 4ED585B6942; Thu, 9 Mar 2023 00:56:56 -0800 (PST) From: Nithin Dabilpuram To: Akhil Goyal , Fan Zhang CC: , , Nithin Dabilpuram Subject: [RFC 2/2] test/security: add unittest for inline ingress oop Date: Thu, 9 Mar 2023 14:26:44 +0530 Message-ID: <20230309085645.1630826-2-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230309085645.1630826-1-ndabilpuram@marvell.com> References: <20230309085645.1630826-1-ndabilpuram@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: dD8SZPEC8CDymqupc1ivuB7d-l9qde1y X-Proofpoint-GUID: dD8SZPEC8CDymqupc1ivuB7d-l9qde1y X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-09_05,2023-03-08_03,2023-02-09_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add unittest for inline ingress out-of-place processing. Signed-off-by: Nithin Dabilpuram --- app/test/test_cryptodev_security_ipsec.c | 8 +++ app/test/test_cryptodev_security_ipsec.h | 1 + app/test/test_security_inline_proto.c | 85 ++++++++++++++++++++++++ 3 files changed, 94 insertions(+) diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c index 221edaa98d..f11bacb4d2 100644 --- a/app/test/test_cryptodev_security_ipsec.c +++ b/app/test/test_cryptodev_security_ipsec.c @@ -213,6 +213,14 @@ test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform, } } + if (ipsec_xform->options.ingress_oop == 1 && + sec_cap->ipsec.options.ingress_oop == 0) { + if (!silent) + RTE_LOG(INFO, USER1, + "Inline Ingress OOP processing is not supported\n"); + return -ENOTSUP; + } + return 0; } diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index 92e641ba0b..5606ec056d 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -110,6 +110,7 @@ struct ipsec_test_flags { bool ah; uint32_t plaintext_len; int nb_segs_in_mbuf; + bool inb_oop; }; struct crypto_param { diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c index 79858e559f..80bcdfc701 100644 --- a/app/test/test_security_inline_proto.c +++ b/app/test/test_security_inline_proto.c @@ -735,6 +735,51 @@ get_and_verify_incomplete_frags(struct rte_mbuf *mbuf, return ret; } +static int +verify_inbound_oop(struct ipsec_test_data *td, + bool silent, struct rte_mbuf *mbuf) +{ + int ret = TEST_SUCCESS, rc; + struct rte_mbuf *orig; + uint32_t len; + void *data; + + orig = *rte_security_oop_dynfield(mbuf); + if (!orig) { + if (!silent) + printf("\nUnable to get orig buffer OOP session"); + return TEST_FAILED; + } + + /* Skip Ethernet header comparison */ + rte_pktmbuf_adj(orig, RTE_ETHER_HDR_LEN); + + len = td->input_text.len; + if (orig->pkt_len != len) { + if (!silent) + printf("\nOriginal packet length mismatch, expected %u, got %u ", + len, orig->pkt_len); + ret = TEST_FAILED; + } + + data = rte_pktmbuf_mtod(orig, void *); + rc = memcmp(data, td->input_text.data, len); + if (rc) { + ret = TEST_FAILED; + if (silent) + goto exit; + + printf("TestCase %s line %d: %s\n", __func__, __LINE__, + "output text not as expected\n"); + + rte_hexdump(stdout, "expected", td->input_text.data, len); + rte_hexdump(stdout, "actual", data, len); + } +exit: + rte_pktmbuf_free(orig); + return ret; +} + static int test_ipsec_with_reassembly(struct reassembly_vector *vector, const struct ipsec_test_flags *flags) @@ -1115,6 +1160,12 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, if (ret) return ret; + if (flags->inb_oop && rte_security_oop_dynfield_offset < 0) { + printf("\nDynamic field not available for inline inbound OOP"); + ret = TEST_FAILED; + goto out; + } + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) { ret = create_default_flow(port_id); if (ret) @@ -1206,6 +1257,15 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, goto out; } + if (flags->inb_oop) { + ret = verify_inbound_oop(td, silent, rx_pkts_burst[i]); + if (ret != TEST_SUCCESS) { + for ( ; i < nb_rx; i++) + rte_pktmbuf_free(rx_pkts_burst[i]); + goto out; + } + } + rte_pktmbuf_free(rx_pkts_burst[i]); rx_pkts_burst[i] = NULL; } @@ -1994,6 +2054,26 @@ test_ipsec_inline_proto_known_vec_inb(const void *test_data) return test_ipsec_inline_proto_process(&td_inb, NULL, 1, false, &flags); } +static int +test_ipsec_inline_proto_oop_inb(const void *test_data) +{ + const struct ipsec_test_data *td = test_data; + struct ipsec_test_flags flags; + struct ipsec_test_data td_inb; + + memset(&flags, 0, sizeof(flags)); + flags.inb_oop = true; + + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) + test_ipsec_td_in_from_out(td, &td_inb); + else + memcpy(&td_inb, td, sizeof(td_inb)); + + td_inb.ipsec_xform.options.ingress_oop = true; + + return test_ipsec_inline_proto_process(&td_inb, NULL, 1, false, &flags); +} + static int test_ipsec_inline_proto_display_list(const void *data __rte_unused) { @@ -3086,6 +3166,11 @@ static struct unit_test_suite inline_ipsec_testsuite = { "IPv4 Reassembly with burst of 4 fragments", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_inline_ip_reassembly, &ipv4_4frag_burst_vector), + TEST_CASE_NAMED_WITH_DATA( + "Inbound Out-Of-Place processing", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_oop_inb, + &pkt_aes_128_gcm), TEST_CASES_END() /**< NULL terminate unit test array */ }, -- 2.25.1