automatic DPDK test reports
 help / color / mirror / Atom feed
From: dpdklab@iol.unh.edu
To: test-report@dpdk.org
Cc: dpdk-test-reports@iol.unh.edu
Subject: [dpdk-test-report] |WARNING| pw98204-98209 [PATCH] [v2, 6/6] examples/ipsec-secgw: clear soft expiry configuration
Date: Tue,  7 Sep 2021 13:49:21 -0400 (EDT)	[thread overview]
Message-ID: <20210907174921.5F92CA600@noxus.dpdklab.iol.unh.edu> (raw)

[-- Attachment #1: Type: text/plain, Size: 9420 bytes --]

Test-Label: iol-testing
Test-Status: WARNING
http://dpdk.org/patch/98204

_apply patch failure_

Submitter: Anoob Joseph <anoobj@marvell.com>
Date: Tuesday, September 07 2021 16:32:52 
Applied on: CommitID:b344eb5d941a7522ff27b6b7b5419f68c3fea9a0
Apply patch set 98204-98209 failed:

Checking patch app/test/test_cryptodev_security_ipsec_test_vectors.h...
error: app/test/test_cryptodev_security_ipsec_test_vectors.h: does not exist in index
Checking patch doc/guides/rel_notes/deprecation.rst...
Checking patch doc/guides/rel_notes/release_21_11.rst...
Hunk #1 succeeded at 91 (offset -11 lines).
error: while searching for:
  * Added IPsec SA option to disable IV generation to allow known vector
    tests as well as usage of application provided IV on supported PMDs.


Known Issues
------------

error: patch failed: doc/guides/rel_notes/release_21_11.rst:123
Checking patch examples/ipsec-secgw/ipsec.c...
Checking patch examples/ipsec-secgw/ipsec.h...
Checking patch lib/cryptodev/rte_crypto.h...
Checking patch lib/security/rte_security.h...
Hunk #1 succeeded at 192 (offset -14 lines).
Hunk #2 succeeded at 235 (offset -14 lines).
Applied patch doc/guides/rel_notes/deprecation.rst cleanly.
Applying patch doc/guides/rel_notes/release_21_11.rst with 1 reject...
Hunk #1 applied cleanly.
Rejected hunk #2.
Applied patch examples/ipsec-secgw/ipsec.c cleanly.
Applied patch examples/ipsec-secgw/ipsec.h cleanly.
Applied patch lib/cryptodev/rte_crypto.h cleanly.
Applied patch lib/security/rte_security.h cleanly.
diff a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst	(rejected hunks)
@@ -123,6 +130,12 @@ ABI Changes
   * Added IPsec SA option to disable IV generation to allow known vector
     tests as well as usage of application provided IV on supported PMDs.
 
+* security: add IPsec SA lifetime configuration
+
+  * Added IPsec SA lifetime configuration to allow applications to configure
+    soft and hard SA expiry limits. Limits can be either in units of packets or
+    bytes.
+
 
 Known Issues
 ------------
Checking patch drivers/common/cnxk/cnxk_security.c...
Hunk #1 succeeded at 99 (offset -62 lines).
Hunk #2 succeeded at 193 (offset -63 lines).
Hunk #3 succeeded at 341 (offset -64 lines).
Checking patch drivers/crypto/cnxk/cn10k_cryptodev_ops.c...
Hunk #1 succeeded at 291 (offset -57 lines).
error: while searching for:
			goto temp_sess_free;
		}

		cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
			if (cop->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
				cn10k_cpt_sec_post_process(cop, res);
				return;
			}

			/* Verify authentication data if required */
			if (unlikely(infl_req->op_flags &
				     CPT_OP_FLAGS_AUTH_VERIFY)) {

error: patch failed: drivers/crypto/cnxk/cn10k_cryptodev_ops.c:364
Hunk #3 succeeded at 367 (offset -51 lines).
Checking patch drivers/crypto/cnxk/cn9k_ipsec.c...
error: drivers/crypto/cnxk/cn9k_ipsec.c: does not exist in index
Applied patch drivers/common/cnxk/cnxk_security.c cleanly.
Applying patch drivers/crypto/cnxk/cn10k_cryptodev_ops.c with 1 reject...
Hunk #1 applied cleanly.
Rejected hunk #2.
Hunk #3 applied cleanly.
diff a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c	(rejected hunks)
@@ -364,13 +396,7 @@ cn10k_cpt_dequeue_post_process(struct cnxk_cpt_qp *qp,
 			goto temp_sess_free;
 		}
 
-		cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
-			if (cop->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
-				cn10k_cpt_sec_post_process(cop, res);
-				return;
-			}
-
 			/* Verify authentication data if required */
 			if (unlikely(infl_req->op_flags &
 				     CPT_OP_FLAGS_AUTH_VERIFY)) {
Checking patch app/test/test_cryptodev.c...
error: while searching for:
		/* Process crypto operation */
		process_crypto_request(dev_id, ut_params->op);

		ret = test_ipsec_status_check(ut_params->op, flags, dir);
		if (ret != TEST_SUCCESS)
			goto crypto_op_free;


error: patch failed: app/test/test_cryptodev.c:8997
error: while searching for:
	unsigned int i, nb_pkts = 1, pass_cnt = 0;
	int ret;

	if (flags->iv_gen)
		nb_pkts = IPSEC_TEST_PACKETS_MAX;

	for (i = 0; i < RTE_DIM(aead_list); i++) {

error: patch failed: app/test/test_cryptodev.c:9067
error: while searching for:
}

static int
test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused)
{
	struct ipsec_test_flags flags;

error: patch failed: app/test/test_cryptodev.c:9132
error: while searching for:
			ut_setup_security, ut_teardown,
			test_ipsec_proto_udp_encap),
		TEST_CASE_NAMED_ST(
			"Negative test: ICV corruption",
			ut_setup_security, ut_teardown,
			test_ipsec_proto_err_icv_corrupt),

error: patch failed: app/test/test_cryptodev.c:14087
Checking patch app/test/test_cryptodev_security_ipsec.c...
error: app/test/test_cryptodev_security_ipsec.c: does not exist in index
Checking patch app/test/test_cryptodev_security_ipsec.h...
error: app/test/test_cryptodev_security_ipsec.h: does not exist in index
Applying patch app/test/test_cryptodev.c with 4 rejects...
Rejected hunk #1.
Rejected hunk #2.
Rejected hunk #3.
Rejected hunk #4.
diff a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c	(rejected hunks)
@@ -8997,7 +8997,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],
 		/* Process crypto operation */
 		process_crypto_request(dev_id, ut_params->op);
 
-		ret = test_ipsec_status_check(ut_params->op, flags, dir);
+		ret = test_ipsec_status_check(ut_params->op, flags, dir, i + 1);
 		if (ret != TEST_SUCCESS)
 			goto crypto_op_free;
 
@@ -9067,7 +9067,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags)
 	unsigned int i, nb_pkts = 1, pass_cnt = 0;
 	int ret;
 
-	if (flags->iv_gen)
+	if (flags->iv_gen ||
+	    flags->sa_expiry_pkts_soft)
 		nb_pkts = IPSEC_TEST_PACKETS_MAX;
 
 	for (i = 0; i < RTE_DIM(aead_list); i++) {
@@ -9132,6 +9133,18 @@ test_ipsec_proto_iv_gen(const void *data __rte_unused)
 }
 
 static int
+test_ipsec_proto_sa_exp_pkts_soft(const void *data __rte_unused)
+{
+	struct ipsec_test_flags flags;
+
+	memset(&flags, 0, sizeof(flags));
+
+	flags.sa_expiry_pkts_soft = true;
+
+	return test_ipsec_proto_all(&flags);
+}
+
+static int
 test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused)
 {
 	struct ipsec_test_flags flags;
@@ -14087,6 +14100,10 @@ static struct unit_test_suite ipsec_proto_testsuite  = {
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_udp_encap),
 		TEST_CASE_NAMED_ST(
+			"SA expiry packets soft",
+			ut_setup_security, ut_teardown,
+			test_ipsec_proto_sa_exp_pkts_soft),
+		TEST_CASE_NAMED_ST(
 			"Negative test: ICV corruption",
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_err_icv_corrupt),
Checking patch app/test/test_cryptodev.c...
error: while searching for:
	int ret;

	if (flags->iv_gen ||
	    flags->sa_expiry_pkts_soft)
		nb_pkts = IPSEC_TEST_PACKETS_MAX;

	for (i = 0; i < RTE_DIM(aead_list); i++) {

error: patch failed: app/test/test_cryptodev.c:9068
error: while searching for:
}

static int
test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused)
{
	struct ipsec_test_flags flags;

error: patch failed: app/test/test_cryptodev.c:9145
error: while searching for:
			ut_setup_security, ut_teardown,
			test_ipsec_proto_sa_exp_pkts_soft),
		TEST_CASE_NAMED_ST(
			"Negative test: ICV corruption",
			ut_setup_security, ut_teardown,
			test_ipsec_proto_err_icv_corrupt),

error: patch failed: app/test/test_cryptodev.c:14104
Checking patch app/test/test_cryptodev_security_ipsec.c...
error: app/test/test_cryptodev_security_ipsec.c: does not exist in index
Checking patch app/test/test_cryptodev_security_ipsec.h...
error: app/test/test_cryptodev_security_ipsec.h: does not exist in index
Applying patch app/test/test_cryptodev.c with 3 rejects...
Rejected hunk #1.
Rejected hunk #2.
Rejected hunk #3.
diff a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c	(rejected hunks)
@@ -9068,7 +9068,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags)
 	int ret;
 
 	if (flags->iv_gen ||
-	    flags->sa_expiry_pkts_soft)
+	    flags->sa_expiry_pkts_soft ||
+	    flags->sa_expiry_pkts_hard)
 		nb_pkts = IPSEC_TEST_PACKETS_MAX;
 
 	for (i = 0; i < RTE_DIM(aead_list); i++) {
@@ -9145,6 +9146,18 @@ test_ipsec_proto_sa_exp_pkts_soft(const void *data __rte_unused)
 }
 
 static int
+test_ipsec_proto_sa_exp_pkts_hard(const void *data __rte_unused)
+{
+	struct ipsec_test_flags flags;
+
+	memset(&flags, 0, sizeof(flags));
+
+	flags.sa_expiry_pkts_hard = true;
+
+	return test_ipsec_proto_all(&flags);
+}
+
+static int
 test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused)
 {
 	struct ipsec_test_flags flags;
@@ -14104,6 +14117,10 @@ static struct unit_test_suite ipsec_proto_testsuite  = {
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_sa_exp_pkts_soft),
 		TEST_CASE_NAMED_ST(
+			"SA expiry packets hard",
+			ut_setup_security, ut_teardown,
+			test_ipsec_proto_sa_exp_pkts_hard),
+		TEST_CASE_NAMED_ST(
 			"Negative test: ICV corruption",
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_err_icv_corrupt),
Checking patch examples/ipsec-secgw/ipsec.c...
error: examples/ipsec-secgw/ipsec.c: does not match index
Checking patch examples/ipsec-secgw/ipsec.h...
error: examples/ipsec-secgw/ipsec.h: does not match index

https://lab.dpdk.org/results/dashboard/patchsets/18605/

UNH-IOL DPDK Community Lab

                 reply	other threads:[~2021-09-07 17:49 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210907174921.5F92CA600@noxus.dpdklab.iol.unh.edu \
    --to=dpdklab@iol.unh.edu \
    --cc=dpdk-test-reports@iol.unh.edu \
    --cc=test-report@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).