[dpdk-dev] [PATCH] test/ipsec: fix test suite setup function

[dpdk-dev] [PATCH] test/ipsec: fix test suite setup function

[Bernard Iremonger]

Check for valid crypto_null devices before continuing.

Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
---
 test/test/test_ipsec.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c
index ff1a1c4..4dfc55b 100644
--- a/test/test/test_ipsec.c
+++ b/test/test/test_ipsec.c
@@ -46,6 +46,8 @@
 #define BURST_SIZE		32
 #define REORDER_PKTS	1
 
+static int gbl_driver_id;
+
 struct user_params {
 	enum rte_crypto_sym_xform_type auth;
 	enum rte_crypto_sym_xform_type cipher;
@@ -218,7 +220,7 @@ testsuite_setup(void)
 {
 	struct ipsec_testsuite_params *ts_params = &testsuite_params;
 	struct rte_cryptodev_info info;
-	uint32_t nb_devs, dev_id;
+	uint32_t i, nb_devs, dev_id;
 	size_t sess_sz;
 
 	memset(ts_params, 0, sizeof(*ts_params));
@@ -251,7 +253,18 @@ testsuite_setup(void)
 		return TEST_FAILED;
 	}
 
-	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
+	gbl_driver_id = rte_cryptodev_driver_id_get(
+				RTE_STR(CRYPTODEV_NAME_NULL_PMD));
+
+	/* Create list of valid crypto devs */
+	for (i = 0; i < nb_devs; i++) {
+		rte_cryptodev_info_get(i, &info);
+		if (info.driver_id == gbl_driver_id)
+			ts_params->valid_devs[ts_params->valid_dev_count++] = i;
+	}
+
+	if (ts_params->valid_dev_count < 1)
+		return TEST_FAILED;
 
 	/* Set up all the qps on the first of the valid devices found */
 	dev_id = ts_params->valid_devs[0];
-- 
2.7.4

Re: [dpdk-dev] [PATCH] test/ipsec: fix test suite setup function

[Ananyev, Konstantin]

> -----Original Message-----
> From: Iremonger, Bernard
> Sent: Tuesday, January 15, 2019 11:20 AM
> To: dev@dpdk.org; Ananyev, Konstantin <konstantin.ananyev@intel.com>
> Cc: Iremonger, Bernard <bernard.iremonger@intel.com>
> Subject: [PATCH] test/ipsec: fix test suite setup function
> 
> Check for valid crypto_null devices before continuing.
> 
> Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> ---
>  test/test/test_ipsec.c | 17 +++++++++++++++--
>  1 file changed, 15 insertions(+), 2 deletions(-)
> 
> diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c
> index ff1a1c4..4dfc55b 100644
> --- a/test/test/test_ipsec.c
> +++ b/test/test/test_ipsec.c
> @@ -46,6 +46,8 @@
>  #define BURST_SIZE		32
>  #define REORDER_PKTS	1
> 
> +static int gbl_driver_id;
> +

Why do you need that global here?

>  struct user_params {
>  	enum rte_crypto_sym_xform_type auth;
>  	enum rte_crypto_sym_xform_type cipher;
> @@ -218,7 +220,7 @@ testsuite_setup(void)
>  {
>  	struct ipsec_testsuite_params *ts_params = &testsuite_params;
>  	struct rte_cryptodev_info info;
> -	uint32_t nb_devs, dev_id;
> +	uint32_t i, nb_devs, dev_id;
>  	size_t sess_sz;
> 
>  	memset(ts_params, 0, sizeof(*ts_params));
> @@ -251,7 +253,18 @@ testsuite_setup(void)
>  		return TEST_FAILED;
>  	}
> 
> -	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
> +	gbl_driver_id = rte_cryptodev_driver_id_get(
> +				RTE_STR(CRYPTODEV_NAME_NULL_PMD));
> +
> +	/* Create list of valid crypto devs */
> +	for (i = 0; i < nb_devs; i++) {
> +		rte_cryptodev_info_get(i, &info);
> +		if (info.driver_id == gbl_driver_id)
> +			ts_params->valid_devs[ts_params->valid_dev_count++] = i;
> +	}

I think you need to check driver capabilities, instead of relying on driver name.

> +
> +	if (ts_params->valid_dev_count < 1)
> +		return TEST_FAILED;
> 
>  	/* Set up all the qps on the first of the valid devices found */
>  	dev_id = ts_params->valid_devs[0];

If we always use just valid_dev[0] to determine private session size,
why do you keep going though all devs in the loop above?
Another thing, as I mentioned off-line - later you still use all vald_devs[]
to init session:
s = rte_cryptodev_sym_session_create(qp->mp_session);
        if (s == NULL)
                return -ENOMEM;

        /* initiliaze SA crypto session for all supported devices */
        for (i = 0; i != devnum; i++) {
                rc = rte_cryptodev_sym_session_init(devid[i], s,
                        ut->crypto_xforms, qp->mp_session_private);
                if (rc != 0)
                        break;
        }

I think we need either to determine max private session size based
on *all* valid_devs[], or just use one device that can do NULL algorithm.
As we always enqueue/dequeuer into valid_devs[0] - I think there is no point to have
an arrays here, just single valid_dev should be sufficient.
Konstantin
 

Re: [dpdk-dev] [PATCH] test/ipsec: fix test suite setup function

[Iremonger, Bernard]

Hi Konstantin

<snip>

> > Subject: [PATCH] test/ipsec: fix test suite setup function
> >
> > Check for valid crypto_null devices before continuing.
> >
> > Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> > Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> > ---
> >  test/test/test_ipsec.c | 17 +++++++++++++++--
> >  1 file changed, 15 insertions(+), 2 deletions(-)
> >
> > diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c index
> > ff1a1c4..4dfc55b 100644
> > --- a/test/test/test_ipsec.c
> > +++ b/test/test/test_ipsec.c
> > @@ -46,6 +46,8 @@
> >  #define BURST_SIZE		32
> >  #define REORDER_PKTS	1
> >
> > +static int gbl_driver_id;
> > +
> 
> Why do you need that global here?

test_ipsec.c is based on test_cryptodev.c.
gbl_driver_id used to store the ID of the required driver.

> 
> >  struct user_params {
> >  	enum rte_crypto_sym_xform_type auth;
> >  	enum rte_crypto_sym_xform_type cipher; @@ -218,7 +220,7 @@
> > testsuite_setup(void)  {
> >  	struct ipsec_testsuite_params *ts_params = &testsuite_params;
> >  	struct rte_cryptodev_info info;
> > -	uint32_t nb_devs, dev_id;
> > +	uint32_t i, nb_devs, dev_id;
> >  	size_t sess_sz;
> >
> >  	memset(ts_params, 0, sizeof(*ts_params)); @@ -251,7 +253,18 @@
> > testsuite_setup(void)
> >  		return TEST_FAILED;
> >  	}
> >
> > -	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
> > +	gbl_driver_id = rte_cryptodev_driver_id_get(
> > +				RTE_STR(CRYPTODEV_NAME_NULL_PMD));

These tests only work with the crypto_null  PMD's,  gbl_driver_id is set to the crypto_null PMD id here.

> > +
> > +	/* Create list of valid crypto devs */
> > +	for (i = 0; i < nb_devs; i++) {
> > +		rte_cryptodev_info_get(i, &info);
> > +		if (info.driver_id == gbl_driver_id)
> > +			ts_params->valid_devs[ts_params->valid_dev_count++]
> = i;
> > +	}
> 
> I think you need to check driver capabilities, instead of relying on driver name.

I don't think it is necessary to check the driver capabilities.
This is how it is done in test_cryptodev.c.
 I think it makes sense to mirror the test_cryptodev.c implementation. 
 
> > +
> > +	if (ts_params->valid_dev_count < 1)
> > +		return TEST_FAILED;
> >
> >  	/* Set up all the qps on the first of the valid devices found */
> >  	dev_id = ts_params->valid_devs[0];
> 
> If we always use just valid_dev[0] to determine private session size, why do you
> keep going though all devs in the loop above?

There may be several crypto devs present for example, crypto_aesni_mb0, crypto_aseni_mb1, crypto_null0 and  crypto_null1.
The valid_dev[] array will contain all devs of the requested type, in this case crypto_null0 and crypto_null1.

> Another thing, as I mentioned off-line - later you still use all vald_devs[] to init
> session:
> s = rte_cryptodev_sym_session_create(qp->mp_session);
>         if (s == NULL)
>                 return -ENOMEM;
> 
>         /* initiliaze SA crypto session for all supported devices */
>         for (i = 0; i != devnum; i++) {
>                 rc = rte_cryptodev_sym_session_init(devid[i], s,
>                         ut->crypto_xforms, qp->mp_session_private);
>                 if (rc != 0)
>                         break;
>         }
> 
> I think we need either to determine max private session size based on *all*
> valid_devs[], or just use one device that can do NULL algorithm.

The valid_devs[] array only contains crypto_null PMD's 
The code is using the crypto_null PMD only. 

> As we always enqueue/dequeuer into valid_devs[0] - I think there is no point to
> have an arrays here, just single valid_dev should be sufficient.

The test program may be started with several crypto_dev PMD's for example:

test -c f -n 4 --vdev crypto_aesni_mb0 --vdev crypto_null0 --vdev crypto_aesni_mb1 --vdev crypto_dev_null1

In this case the valid_devs[] array will contain crypto_dev_null0 and crypto_dev_null1.

> Konstantin
> 
> 

Regards,

Bernard.

Re: [dpdk-dev] [PATCH] test/ipsec: fix test suite setup function

[Ananyev, Konstantin]

> -----Original Message-----
> From: Iremonger, Bernard
> Sent: Tuesday, January 15, 2019 12:34 PM
> To: Ananyev, Konstantin <konstantin.ananyev@intel.com>; dev@dpdk.org
> Cc: Iremonger, Bernard <bernard.iremonger@intel.com>
> Subject: RE: [PATCH] test/ipsec: fix test suite setup function
> 
> Hi Konstantin
> 
> <snip>
> 
> > > Subject: [PATCH] test/ipsec: fix test suite setup function
> > >
> > > Check for valid crypto_null devices before continuing.
> > >
> > > Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> > > Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> > > ---
> > >  test/test/test_ipsec.c | 17 +++++++++++++++--
> > >  1 file changed, 15 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c index
> > > ff1a1c4..4dfc55b 100644
> > > --- a/test/test/test_ipsec.c
> > > +++ b/test/test/test_ipsec.c
> > > @@ -46,6 +46,8 @@
> > >  #define BURST_SIZE		32
> > >  #define REORDER_PKTS	1
> > >
> > > +static int gbl_driver_id;
> > > +
> >
> > Why do you need that global here?
> 
> test_ipsec.c is based on test_cryptodev.c.
> gbl_driver_id used to store the ID of the required driver.

Sorry but referencing someone else code is not an answer.
Why do *you* need it *here*? 

> 
> >
> > >  struct user_params {
> > >  	enum rte_crypto_sym_xform_type auth;
> > >  	enum rte_crypto_sym_xform_type cipher; @@ -218,7 +220,7 @@
> > > testsuite_setup(void)  {
> > >  	struct ipsec_testsuite_params *ts_params = &testsuite_params;
> > >  	struct rte_cryptodev_info info;
> > > -	uint32_t nb_devs, dev_id;
> > > +	uint32_t i, nb_devs, dev_id;
> > >  	size_t sess_sz;
> > >
> > >  	memset(ts_params, 0, sizeof(*ts_params)); @@ -251,7 +253,18 @@
> > > testsuite_setup(void)
> > >  		return TEST_FAILED;
> > >  	}
> > >
> > > -	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
> > > +	gbl_driver_id = rte_cryptodev_driver_id_get(
> > > +				RTE_STR(CRYPTODEV_NAME_NULL_PMD));
> 
> These tests only work with the crypto_null  PMD's,  gbl_driver_id is set to the crypto_null PMD id here.
> 
> > > +
> > > +	/* Create list of valid crypto devs */
> > > +	for (i = 0; i < nb_devs; i++) {
> > > +		rte_cryptodev_info_get(i, &info);
> > > +		if (info.driver_id == gbl_driver_id)
> > > +			ts_params->valid_devs[ts_params->valid_dev_count++]
> > = i;
> > > +	}
> >
> > I think you need to check driver capabilities, instead of relying on driver name.
> 
> I don't think it is necessary to check the driver capabilities.

I still think that the valid way to check supported algorithms is to check device capabilities,
not the driver name.

> This is how it is done in test_cryptodev.c.
>  I think it makes sense to mirror the test_cryptodev.c implementation.
> 
> > > +
> > > +	if (ts_params->valid_dev_count < 1)
> > > +		return TEST_FAILED;
> > >
> > >  	/* Set up all the qps on the first of the valid devices found */
> > >  	dev_id = ts_params->valid_devs[0];
> >
> > If we always use just valid_dev[0] to determine private session size, why do you
> > keep going though all devs in the loop above?
> 
> There may be several crypto devs present for example, crypto_aesni_mb0, crypto_aseni_mb1, crypto_null0 and  crypto_null1.

Yes.

> The valid_dev[] array will contain all devs of the requested type, in this case crypto_null0 and crypto_null1.

But we need/use only one.

> 
> > Another thing, as I mentioned off-line - later you still use all vald_devs[] to init
> > session:
> > s = rte_cryptodev_sym_session_create(qp->mp_session);
> >         if (s == NULL)
> >                 return -ENOMEM;
> >
> >         /* initiliaze SA crypto session for all supported devices */
> >         for (i = 0; i != devnum; i++) {
> >                 rc = rte_cryptodev_sym_session_init(devid[i], s,
> >                         ut->crypto_xforms, qp->mp_session_private);
> >                 if (rc != 0)
> >                         break;
> >         }
> >
> > I think we need either to determine max private session size based on *all*
> > valid_devs[], or just use one device that can do NULL algorithm.
> 
> The valid_devs[] array only contains crypto_null PMD's
> The code is using the crypto_null PMD only.

In fact there is no reason to be crypto_null only.
I think it could be any crypto-dev that does support NULL auth/cipher.

> 
> > As we always enqueue/dequeuer into valid_devs[0] - I think there is no point to
> > have an arrays here, just single valid_dev should be sufficient.
> 
> The test program may be started with several crypto_dev PMD's for example:
> 
> test -c f -n 4 --vdev crypto_aesni_mb0 --vdev crypto_null0 --vdev crypto_aesni_mb1 --vdev crypto_dev_null1
> 
> In this case the valid_devs[] array will contain crypto_dev_null0 and crypto_dev_null1.
> 
> > Konstantin
> >
> >
> 
> Regards,
> 
> Bernard.

Re: [dpdk-dev] [PATCH] test/ipsec: fix test suite setup function

[Iremonger, Bernard]

Hi Konstantin,

<snip>

> > > > Subject: [PATCH] test/ipsec: fix test suite setup function
> > > >
> > > > Check for valid crypto_null devices before continuing.
> > > >
> > > > Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> > > > Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> > > > ---
> > > >  test/test/test_ipsec.c | 17 +++++++++++++++--
> > > >  1 file changed, 15 insertions(+), 2 deletions(-)
> > > >
> > > > diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c index
> > > > ff1a1c4..4dfc55b 100644
> > > > --- a/test/test/test_ipsec.c
> > > > +++ b/test/test/test_ipsec.c
> > > > @@ -46,6 +46,8 @@
> > > >  #define BURST_SIZE		32
> > > >  #define REORDER_PKTS	1
> > > >
> > > > +static int gbl_driver_id;
> > > > +
> > >
> > > Why do you need that global here?
> >
> > test_ipsec.c is based on test_cryptodev.c.
> > gbl_driver_id used to store the ID of the required driver.
> 
> Sorry but referencing someone else code is not an answer.
> Why do *you* need it *here*?

The global is not needed.
I have renamed it to driver_id and added it as a local variable where it is used.

> > > >  struct user_params {
> > > >  	enum rte_crypto_sym_xform_type auth;
> > > >  	enum rte_crypto_sym_xform_type cipher; @@ -218,7 +220,7 @@
> > > > testsuite_setup(void)  {
> > > >  	struct ipsec_testsuite_params *ts_params = &testsuite_params;
> > > >  	struct rte_cryptodev_info info;
> > > > -	uint32_t nb_devs, dev_id;
> > > > +	uint32_t i, nb_devs, dev_id;
> > > >  	size_t sess_sz;
> > > >
> > > >  	memset(ts_params, 0, sizeof(*ts_params)); @@ -251,7 +253,18 @@
> > > > testsuite_setup(void)
> > > >  		return TEST_FAILED;
> > > >  	}
> > > >
> > > > -	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
> > > > +	gbl_driver_id = rte_cryptodev_driver_id_get(
> > > > +				RTE_STR(CRYPTODEV_NAME_NULL_PMD));
> >
> > These tests only work with the crypto_null  PMD's,  gbl_driver_id is set to the
> crypto_null PMD id here.
> >
> > > > +
> > > > +	/* Create list of valid crypto devs */
> > > > +	for (i = 0; i < nb_devs; i++) {
> > > > +		rte_cryptodev_info_get(i, &info);
> > > > +		if (info.driver_id == gbl_driver_id)
> > > > +			ts_params->valid_devs[ts_params->valid_dev_count++]
> > > = i;
> > > > +	}
> > >
> > > I think you need to check driver capabilities, instead of relying on driver
> name.
> >
> > I don't think it is necessary to check the driver capabilities.
> 
> I still think that the valid way to check supported algorithms is to check device
> capabilities, not the driver name.

In the testsuite_setup() function the parameters for the check_cryptodev_capability() are not setup. They are setup in the test functions of the testsuite.
 
> > This is how it is done in test_cryptodev.c.
> >  I think it makes sense to mirror the test_cryptodev.c implementation.
> >
> > > > +
> > > > +	if (ts_params->valid_dev_count < 1)
> > > > +		return TEST_FAILED;
> > > >
> > > >  	/* Set up all the qps on the first of the valid devices found */
> > > >  	dev_id = ts_params->valid_devs[0];
> > >
> > > If we always use just valid_dev[0] to determine private session
> > > size, why do you keep going though all devs in the loop above?
> >
> > There may be several crypto devs present for example, crypto_aesni_mb0,
> crypto_aseni_mb1, crypto_null0 and  crypto_null1.
> 
> Yes.
> 
> > The valid_dev[] array will contain all devs of the requested type, in this case
> crypto_null0 and crypto_null1.
> 
> But we need/use only one.

I will change the code to replace the valid_devs[] with one valid_dev.

> > > Another thing, as I mentioned off-line - later you still use all
> > > vald_devs[] to init
> > > session:
> > > s = rte_cryptodev_sym_session_create(qp->mp_session);
> > >         if (s == NULL)
> > >                 return -ENOMEM;
> > >
> > >         /* initiliaze SA crypto session for all supported devices */
> > >         for (i = 0; i != devnum; i++) {
> > >                 rc = rte_cryptodev_sym_session_init(devid[i], s,
> > >                         ut->crypto_xforms, qp->mp_session_private);
> > >                 if (rc != 0)
> > >                         break;
> > >         }
> > >
> > > I think we need either to determine max private session size based
> > > on *all* valid_devs[], or just use one device that can do NULL algorithm.
> >
> > The valid_devs[] array only contains crypto_null PMD's The code is
> > using the crypto_null PMD only.
> 
> In fact there is no reason to be crypto_null only.
> I think it could be any crypto-dev that does support NULL auth/cipher.

As discussed offline it should be sufficient to test with the crypto_dev NULL PMD.

> > > As we always enqueue/dequeuer into valid_devs[0] - I think there is
> > > no point to have an arrays here, just single valid_dev should be sufficient.
> >
> > The test program may be started with several crypto_dev PMD's for example:
> >
> > test -c f -n 4 --vdev crypto_aesni_mb0 --vdev crypto_null0 --vdev
> > crypto_aesni_mb1 --vdev crypto_dev_null1
> >
> > In this case the valid_devs[] array will contain crypto_dev_null0 and
> crypto_dev_null1.

I will replace the valid_devs[] with valid_dev which contains the first crypto_null device found.

I will send a v2 patch

Regards,

Bernard.

[dpdk-dev] [PATCH v2] test/ipsec: fix test suite setup function

[Bernard Iremonger]

Check for valid crypto_null device before continuing.
Use valid_dev instead of valid_devs[].
Call create_crypto_session for one driver only.

Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
---
 test/test/test_ipsec.c | 91 +++++++++++++++++++++++++-------------------------
 1 file changed, 45 insertions(+), 46 deletions(-)

diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c
index ff1a1c4..a5c1c4b 100644
--- a/test/test/test_ipsec.c
+++ b/test/test/test_ipsec.c
@@ -62,7 +62,7 @@ struct ipsec_testsuite_params {
 	struct rte_cryptodev_config conf;
 	struct rte_cryptodev_qp_conf qp_conf;
 
-	uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];
+	uint8_t valid_dev;
 	uint8_t valid_dev_count;
 };
 
@@ -218,8 +218,9 @@ testsuite_setup(void)
 {
 	struct ipsec_testsuite_params *ts_params = &testsuite_params;
 	struct rte_cryptodev_info info;
-	uint32_t nb_devs, dev_id;
+	uint32_t i, nb_devs, dev_id;
 	size_t sess_sz;
+	int driver_id;
 
 	memset(ts_params, 0, sizeof(*ts_params));
 
@@ -251,10 +252,24 @@ testsuite_setup(void)
 		return TEST_FAILED;
 	}
 
-	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
+	driver_id = rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_NULL_PMD));
+
+	/* Find first valid crypto device */
+	for (i = 0; i < nb_devs; i++) {
+		rte_cryptodev_info_get(i, &info);
+		if (info.driver_id == driver_id) {
+			ts_params->valid_dev = i;
+			ts_params->valid_dev_count++;
+			break;
+		}
+	}
+
+	if (ts_params->valid_dev_count < 1)
+		return TEST_FAILED;
 
 	/* Set up all the qps on the first of the valid devices found */
-	dev_id = ts_params->valid_devs[0];
+	dev_id = ts_params->valid_dev;
 
 	rte_cryptodev_info_get(dev_id, &info);
 
@@ -353,9 +368,9 @@ ut_setup(void)
 	ts_params->conf.socket_id = SOCKET_ID_ANY;
 
 	/* Start the device */
-	TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]),
+	TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_dev),
 			"Failed to start cryptodev %u",
-			ts_params->valid_devs[0]);
+			ts_params->valid_dev);
 
 	return TEST_SUCCESS;
 }
@@ -399,7 +414,7 @@ ut_teardown(void)
 			rte_mempool_avail_count(ts_params->mbuf_pool));
 
 	/* Stop the device */
-	rte_cryptodev_stop(ts_params->valid_devs[0]);
+	rte_cryptodev_stop(ts_params->valid_dev);
 }
 
 #define IPSEC_MAX_PAD_SIZE	UINT8_MAX
@@ -589,57 +604,42 @@ create_dummy_sec_session(struct ipsec_unitest_params *ut,
 
 static int
 create_crypto_session(struct ipsec_unitest_params *ut,
-	struct rte_cryptodev_qp_conf *qp, const uint8_t crypto_dev[],
-	uint32_t crypto_dev_num, uint32_t j)
+	struct rte_cryptodev_qp_conf *qp, uint8_t crypto_dev, uint32_t j)
 {
 	int32_t rc;
-	uint32_t devnum, i;
 	struct rte_cryptodev_sym_session *s;
-	uint8_t devid[RTE_CRYPTO_MAX_DEVS];
-
-	/* check which cryptodevs support SA */
-	devnum = 0;
-	for (i = 0; i < crypto_dev_num; i++) {
-		if (check_cryptodev_capablity(ut, crypto_dev[i]) == 0)
-			devid[devnum++] = crypto_dev[i];
-	}
+	uint8_t devid;
 
-	if (devnum == 0)
+	/* check if crypto device supports SA */
+	if (check_cryptodev_capablity(ut, crypto_dev) == 0)
+		devid = crypto_dev;
+	else
 		return -ENODEV;
 
 	s = rte_cryptodev_sym_session_create(qp->mp_session);
 	if (s == NULL)
 		return -ENOMEM;
 
-	/* initiliaze SA crypto session for all supported devices */
-	for (i = 0; i != devnum; i++) {
-		rc = rte_cryptodev_sym_session_init(devid[i], s,
+	/* initiliaze SA crypto session for device */
+	rc = rte_cryptodev_sym_session_init(devid, s,
 			ut->crypto_xforms, qp->mp_session_private);
-		if (rc != 0)
-			break;
-	}
-
-	if (i == devnum) {
+	if (rc == 0) {
 		ut->ss[j].crypto.ses = s;
 		return 0;
+	} else {
+		/* failure, do cleanup */
+		rte_cryptodev_sym_session_clear(devid, s);
+		rte_cryptodev_sym_session_free(s);
+		return rc;
 	}
-
-	/* failure, do cleanup */
-	while (i-- != 0)
-		rte_cryptodev_sym_session_clear(devid[i], s);
-
-	rte_cryptodev_sym_session_free(s);
-	return rc;
 }
 
 static int
 create_session(struct ipsec_unitest_params *ut,
-	struct rte_cryptodev_qp_conf *qp, const uint8_t crypto_dev[],
-	uint32_t crypto_dev_num, uint32_t j)
+	struct rte_cryptodev_qp_conf *qp, uint8_t crypto_dev, uint32_t j)
 {
 	if (ut->ss[j].type == RTE_SECURITY_ACTION_TYPE_NONE)
-		return create_crypto_session(ut, qp, crypto_dev,
-			crypto_dev_num, j);
+		return create_crypto_session(ut, qp, crypto_dev, j);
 	else
 		return create_dummy_sec_session(ut, qp, j);
 }
@@ -740,8 +740,7 @@ create_sa(enum rte_security_session_action_type action_type,
 		"failed to allocate memory for rte_ipsec_sa\n");
 
 	ut->ss[j].type = action_type;
-	rc = create_session(ut, &ts->qp_conf, ts->valid_devs,
-		ts->valid_dev_count, j);
+	rc = create_session(ut, &ts->qp_conf, ts->valid_dev, j);
 	if (rc != 0)
 		return TEST_FAILED;
 
@@ -768,14 +767,14 @@ crypto_ipsec(uint16_t num_pkts)
 		RTE_LOG(ERR, USER1, "rte_ipsec_pkt_crypto_prepare fail\n");
 		return TEST_FAILED;
 	}
-	k = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,
+	k = rte_cryptodev_enqueue_burst(ts_params->valid_dev, 0,
 		ut_params->cop, num_pkts);
 	if (k != num_pkts) {
 		RTE_LOG(ERR, USER1, "rte_cryptodev_enqueue_burst fail\n");
 		return TEST_FAILED;
 	}
 
-	k = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,
+	k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
 		ut_params->cop, num_pkts);
 	if (k != num_pkts) {
 		RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
@@ -882,7 +881,7 @@ crypto_ipsec_2sa(void)
 				"rte_ipsec_pkt_crypto_prepare fail\n");
 			return TEST_FAILED;
 		}
-		k = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,
+		k = rte_cryptodev_enqueue_burst(ts_params->valid_dev, 0,
 				ut_params->cop + i, 1);
 		if (k != 1) {
 			RTE_LOG(ERR, USER1,
@@ -891,7 +890,7 @@ crypto_ipsec_2sa(void)
 		}
 	}
 
-	k = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,
+	k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
 		ut_params->cop, BURST_SIZE);
 	if (k != BURST_SIZE) {
 		RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
@@ -1021,7 +1020,7 @@ crypto_ipsec_2sa_4grp(void)
 				"rte_ipsec_pkt_crypto_prepare fail\n");
 			return TEST_FAILED;
 		}
-		k = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,
+		k = rte_cryptodev_enqueue_burst(ts_params->valid_dev, 0,
 				ut_params->cop + i, 1);
 		if (k != 1) {
 			RTE_LOG(ERR, USER1,
@@ -1030,7 +1029,7 @@ crypto_ipsec_2sa_4grp(void)
 		}
 	}
 
-	k = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,
+	k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
 		ut_params->cop, BURST_SIZE);
 	if (k != BURST_SIZE) {
 		RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
-- 
2.7.4

Re: [dpdk-dev] [PATCH] test/ipsec: fix test suite setup function

[Ananyev, Konstantin]

Hi Bernard,

> > > > > Subject: [PATCH] test/ipsec: fix test suite setup function
> > > > >
> > > > > Check for valid crypto_null devices before continuing.
> > > > >
> > > > > Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> > > > > Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> > > > > ---
> > > > >  test/test/test_ipsec.c | 17 +++++++++++++++--
> > > > >  1 file changed, 15 insertions(+), 2 deletions(-)
> > > > >
> > > > > diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c index
> > > > > ff1a1c4..4dfc55b 100644
> > > > > --- a/test/test/test_ipsec.c
> > > > > +++ b/test/test/test_ipsec.c
> > > > > @@ -46,6 +46,8 @@
> > > > >  #define BURST_SIZE		32
> > > > >  #define REORDER_PKTS	1
> > > > >
> > > > > +static int gbl_driver_id;
> > > > > +
> > > >
> > > > Why do you need that global here?
> > >
> > > test_ipsec.c is based on test_cryptodev.c.
> > > gbl_driver_id used to store the ID of the required driver.
> >
> > Sorry but referencing someone else code is not an answer.
> > Why do *you* need it *here*?
> 
> The global is not needed.
> I have renamed it to driver_id and added it as a local variable where it is used.
> 
> > > > >  struct user_params {
> > > > >  	enum rte_crypto_sym_xform_type auth;
> > > > >  	enum rte_crypto_sym_xform_type cipher; @@ -218,7 +220,7 @@
> > > > > testsuite_setup(void)  {
> > > > >  	struct ipsec_testsuite_params *ts_params = &testsuite_params;
> > > > >  	struct rte_cryptodev_info info;
> > > > > -	uint32_t nb_devs, dev_id;
> > > > > +	uint32_t i, nb_devs, dev_id;
> > > > >  	size_t sess_sz;
> > > > >
> > > > >  	memset(ts_params, 0, sizeof(*ts_params)); @@ -251,7 +253,18 @@
> > > > > testsuite_setup(void)
> > > > >  		return TEST_FAILED;
> > > > >  	}
> > > > >
> > > > > -	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
> > > > > +	gbl_driver_id = rte_cryptodev_driver_id_get(
> > > > > +				RTE_STR(CRYPTODEV_NAME_NULL_PMD));
> > >
> > > These tests only work with the crypto_null  PMD's,  gbl_driver_id is set to the
> > crypto_null PMD id here.
> > >
> > > > > +
> > > > > +	/* Create list of valid crypto devs */
> > > > > +	for (i = 0; i < nb_devs; i++) {
> > > > > +		rte_cryptodev_info_get(i, &info);
> > > > > +		if (info.driver_id == gbl_driver_id)
> > > > > +			ts_params->valid_devs[ts_params->valid_dev_count++]
> > > > = i;
> > > > > +	}
> > > >
> > > > I think you need to check driver capabilities, instead of relying on driver
> > name.
> > >
> > > I don't think it is necessary to check the driver capabilities.
> >
> > I still think that the valid way to check supported algorithms is to check device
> > capabilities, not the driver name.
> 
> In the testsuite_setup() function the parameters for the check_cryptodev_capability() are not setup. They are setup in the test functions of
> the testsuite.

Ok, so what prevents us to setup them earlier?

> 
> > > This is how it is done in test_cryptodev.c.
> > >  I think it makes sense to mirror the test_cryptodev.c implementation.
> > >
> > > > > +
> > > > > +	if (ts_params->valid_dev_count < 1)
> > > > > +		return TEST_FAILED;
> > > > >
> > > > >  	/* Set up all the qps on the first of the valid devices found */
> > > > >  	dev_id = ts_params->valid_devs[0];
> > > >
> > > > If we always use just valid_dev[0] to determine private session
> > > > size, why do you keep going though all devs in the loop above?
> > >
> > > There may be several crypto devs present for example, crypto_aesni_mb0,
> > crypto_aseni_mb1, crypto_null0 and  crypto_null1.
> >
> > Yes.
> >
> > > The valid_dev[] array will contain all devs of the requested type, in this case
> > crypto_null0 and crypto_null1.
> >
> > But we need/use only one.
> 
> I will change the code to replace the valid_devs[] with one valid_dev.
> 
> > > > Another thing, as I mentioned off-line - later you still use all
> > > > vald_devs[] to init
> > > > session:
> > > > s = rte_cryptodev_sym_session_create(qp->mp_session);
> > > >         if (s == NULL)
> > > >                 return -ENOMEM;
> > > >
> > > >         /* initiliaze SA crypto session for all supported devices */
> > > >         for (i = 0; i != devnum; i++) {
> > > >                 rc = rte_cryptodev_sym_session_init(devid[i], s,
> > > >                         ut->crypto_xforms, qp->mp_session_private);
> > > >                 if (rc != 0)
> > > >                         break;
> > > >         }
> > > >
> > > > I think we need either to determine max private session size based
> > > > on *all* valid_devs[], or just use one device that can do NULL algorithm.
> > >
> > > The valid_devs[] array only contains crypto_null PMD's The code is
> > > using the crypto_null PMD only.
> >
> > In fact there is no reason to be crypto_null only.
> > I think it could be any crypto-dev that does support NULL auth/cipher.
> 
> As discussed offline it should be sufficient to test with the crypto_dev NULL PMD.

As we discussed  offline - yes, I don't think it's too excessive to verify ipsec_autotest
with each existing driver that supports _NULL algs, but I don't see the reason why
it shouldn't support anything except crypto_null.
Konstantin 

> 
> > > > As we always enqueue/dequeuer into valid_devs[0] - I think there is
> > > > no point to have an arrays here, just single valid_dev should be sufficient.
> > >
> > > The test program may be started with several crypto_dev PMD's for example:
> > >
> > > test -c f -n 4 --vdev crypto_aesni_mb0 --vdev crypto_null0 --vdev
> > > crypto_aesni_mb1 --vdev crypto_dev_null1
> > >
> > > In this case the valid_devs[] array will contain crypto_dev_null0 and
> > crypto_dev_null1.
> 
> I will replace the valid_devs[] with valid_dev which contains the first crypto_null device found.
> 
> I will send a v2 patch
> 
> Regards,
> 
> Bernard.

Re: [dpdk-dev] [PATCH v2] test/ipsec: fix test suite setup function

[Ananyev, Konstantin]

> -----Original Message-----
> From: Iremonger, Bernard
> Sent: Thursday, January 17, 2019 10:15 AM
> To: dev@dpdk.org; Ananyev, Konstantin <konstantin.ananyev@intel.com>
> Cc: Iremonger, Bernard <bernard.iremonger@intel.com>
> Subject: [PATCH v2] test/ipsec: fix test suite setup function
> 
> Check for valid crypto_null device before continuing.
> Use valid_dev instead of valid_devs[].
> Call create_crypto_session for one driver only.
> 
> Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> ---
>  test/test/test_ipsec.c | 91 +++++++++++++++++++++++++-------------------------
>  1 file changed, 45 insertions(+), 46 deletions(-)
> 
> diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c
> index ff1a1c4..a5c1c4b 100644
> --- a/test/test/test_ipsec.c
> +++ b/test/test/test_ipsec.c
> @@ -62,7 +62,7 @@ struct ipsec_testsuite_params {
>  	struct rte_cryptodev_config conf;
>  	struct rte_cryptodev_qp_conf qp_conf;
> 
> -	uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];
> +	uint8_t valid_dev;
>  	uint8_t valid_dev_count;
>  };
> 
> @@ -218,8 +218,9 @@ testsuite_setup(void)
>  {
>  	struct ipsec_testsuite_params *ts_params = &testsuite_params;
>  	struct rte_cryptodev_info info;
> -	uint32_t nb_devs, dev_id;
> +	uint32_t i, nb_devs, dev_id;
>  	size_t sess_sz;
> +	int driver_id;
> 
>  	memset(ts_params, 0, sizeof(*ts_params));
> 
> @@ -251,10 +252,24 @@ testsuite_setup(void)
>  		return TEST_FAILED;
>  	}
> 
> -	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
> +	driver_id = rte_cryptodev_driver_id_get(
> +			RTE_STR(CRYPTODEV_NAME_NULL_PMD));


I still think that guessing device capabilities by driver name
is not a right approach.
Please use check_device_capabilites() here.

> +
> +	/* Find first valid crypto device */
> +	for (i = 0; i < nb_devs; i++) {
> +		rte_cryptodev_info_get(i, &info);
> +		if (info.driver_id == driver_id) {
> +			ts_params->valid_dev = i;
> +			ts_params->valid_dev_count++;

As you use only one device now, I don't think you need valid_dev_count
any more.

> +			break;
> +		}
> +	}
> +
> +	if (ts_params->valid_dev_count < 1)
> +		return TEST_FAILED;
> 
>  	/* Set up all the qps on the first of the valid devices found */
> -	dev_id = ts_params->valid_devs[0];
> +	dev_id = ts_params->valid_dev;
> 
>  	rte_cryptodev_info_get(dev_id, &info);
> 
> @@ -353,9 +368,9 @@ ut_setup(void)
>  	ts_params->conf.socket_id = SOCKET_ID_ANY;
> 
>  	/* Start the device */
> -	TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]),
> +	TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_dev),
>  			"Failed to start cryptodev %u",
> -			ts_params->valid_devs[0]);
> +			ts_params->valid_dev);
> 
>  	return TEST_SUCCESS;
>  }
> @@ -399,7 +414,7 @@ ut_teardown(void)
>  			rte_mempool_avail_count(ts_params->mbuf_pool));
> 
>  	/* Stop the device */
> -	rte_cryptodev_stop(ts_params->valid_devs[0]);
> +	rte_cryptodev_stop(ts_params->valid_dev);
>  }
> 

Re: [dpdk-dev] [PATCH] test/ipsec: fix test suite setup function

[Iremonger, Bernard]

Hi Konstantin,

<snip>

> > > > > I think you need to check driver capabilities, instead of
> > > > > relying on driver
> > > name.
> > > >
> > > > I don't think it is necessary to check the driver capabilities.
> > >
> > > I still think that the valid way to check supported algorithms is to
> > > check device capabilities, not the driver name.
> >
> > In the testsuite_setup() function the parameters for the
> > check_cryptodev_capability() are not setup. They are setup in the test
> functions of the testsuite.
> 
> Ok, so what prevents us to setup them earlier?

This will require some refactoring of the tests, I will investigate.

<snip>

> > As discussed offline it should be sufficient to test with the crypto_dev NULL
> PMD.
> 
> As we discussed  offline - yes, I don't think it's too excessive to verify
> ipsec_autotest with each existing driver that supports _NULL algs, but I don't
> see the reason why it shouldn't support anything except crypto_null.
> Konstantin

Ok, I will investigate what needs to be done.

Regards,

Bernard.

Re: [dpdk-dev] [PATCH v2] test/ipsec: fix test suite setup function

[Iremonger, Bernard]

Hi Konstantin,

<snip>

> > Subject: [PATCH v2] test/ipsec: fix test suite setup function
> >
> > Check for valid crypto_null device before continuing.
> > Use valid_dev instead of valid_devs[].
> > Call create_crypto_session for one driver only.
> >
> > Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> > Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> > ---
> >  test/test/test_ipsec.c | 91
> > +++++++++++++++++++++++++-------------------------
> >  1 file changed, 45 insertions(+), 46 deletions(-)
> >
> > diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c index
> > ff1a1c4..a5c1c4b 100644
> > --- a/test/test/test_ipsec.c
> > +++ b/test/test/test_ipsec.c
> > @@ -62,7 +62,7 @@ struct ipsec_testsuite_params {
> >  	struct rte_cryptodev_config conf;
> >  	struct rte_cryptodev_qp_conf qp_conf;
> >
> > -	uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];
> > +	uint8_t valid_dev;
> >  	uint8_t valid_dev_count;
> >  };
> >
> > @@ -218,8 +218,9 @@ testsuite_setup(void)  {
> >  	struct ipsec_testsuite_params *ts_params = &testsuite_params;
> >  	struct rte_cryptodev_info info;
> > -	uint32_t nb_devs, dev_id;
> > +	uint32_t i, nb_devs, dev_id;
> >  	size_t sess_sz;
> > +	int driver_id;
> >
> >  	memset(ts_params, 0, sizeof(*ts_params));
> >
> > @@ -251,10 +252,24 @@ testsuite_setup(void)
> >  		return TEST_FAILED;
> >  	}
> >
> > -	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
> > +	driver_id = rte_cryptodev_driver_id_get(
> > +			RTE_STR(CRYPTODEV_NAME_NULL_PMD));
> 
> 
> I still think that guessing device capabilities by driver name is not a right
> approach.
> Please use check_device_capabilites() here.

Ok, this will require some refactoring of the tests.
 
> > +
> > +	/* Find first valid crypto device */
> > +	for (i = 0; i < nb_devs; i++) {
> > +		rte_cryptodev_info_get(i, &info);
> > +		if (info.driver_id == driver_id) {
> > +			ts_params->valid_dev = i;
> > +			ts_params->valid_dev_count++;
> 
> As you use only one device now, I don't think you need valid_dev_count any
> more.

I will check if it is still needed. 
 
> > +			break;
> > +		}
> > +	}
> > +
> > +	if (ts_params->valid_dev_count < 1)
> > +		return TEST_FAILED;
> >

<snip>

Regards,

Bernard.

Re: [dpdk-dev] [PATCH v2] test/ipsec: fix test suite setup function

[Iremonger, Bernard]

Hi Konstantin,

<snip>

> > > Subject: [PATCH v2] test/ipsec: fix test suite setup function
> > >
> > > Check for valid crypto_null device before continuing.
> > > Use valid_dev instead of valid_devs[].
> > > Call create_crypto_session for one driver only.
> > >
> > > Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> > > Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> > > ---
> > >  test/test/test_ipsec.c | 91
> > > +++++++++++++++++++++++++-------------------------
> > >  1 file changed, 45 insertions(+), 46 deletions(-)
> > >
> > > diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c index
> > > ff1a1c4..a5c1c4b 100644
> > > --- a/test/test/test_ipsec.c
> > > +++ b/test/test/test_ipsec.c
> > > @@ -62,7 +62,7 @@ struct ipsec_testsuite_params {
> > >  	struct rte_cryptodev_config conf;
> > >  	struct rte_cryptodev_qp_conf qp_conf;
> > >
> > > -	uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];
> > > +	uint8_t valid_dev;
> > >  	uint8_t valid_dev_count;
> > >  };
> > >
> > > @@ -218,8 +218,9 @@ testsuite_setup(void)  {
> > >  	struct ipsec_testsuite_params *ts_params = &testsuite_params;
> > >  	struct rte_cryptodev_info info;
> > > -	uint32_t nb_devs, dev_id;
> > > +	uint32_t i, nb_devs, dev_id;
> > >  	size_t sess_sz;
> > > +	int driver_id;
> > >
> > >  	memset(ts_params, 0, sizeof(*ts_params));
> > >
> > > @@ -251,10 +252,24 @@ testsuite_setup(void)
> > >  		return TEST_FAILED;
> > >  	}
> > >
> > > -	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
> > > +	driver_id = rte_cryptodev_driver_id_get(
> > > +			RTE_STR(CRYPTODEV_NAME_NULL_PMD));
> >
> >
> > I still think that guessing device capabilities by driver name is not
> > a right approach.
> > Please use check_device_capabilites() here.
> 
> Ok, this will require some refactoring of the tests.

I will refactor test_ipsec.c
 
> > > +
> > > +	/* Find first valid crypto device */
> > > +	for (i = 0; i < nb_devs; i++) {
> > > +		rte_cryptodev_info_get(i, &info);
> > > +		if (info.driver_id == driver_id) {
> > > +			ts_params->valid_dev = i;
> > > +			ts_params->valid_dev_count++;
> >
> > As you use only one device now, I don't think you need valid_dev_count
> > any more.
> 
> I will check if it is still needed.

Still need to know that a  valid device has been found.
I will rename valid_dev_count to valid_dev_found.

> 
> > > +			break;
> > > +		}
> > > +	}
> > > +
> > > +	if (ts_params->valid_dev_count < 1)
> > > +		return TEST_FAILED;
> > >
> 
> <snip>

I will send a v3 patch.

 Regards,
 
 Bernard.

[dpdk-dev] [PATCH v3] test/ipsec: fix test suite setup function

[Bernard Iremonger]

Check for valid crypto_null device before continuing.
Use valid_dev instead of valid_devs[].
Replace valid_dev_count with valid_dev_found
Call create_crypto_session for one driver only.
Refactor code so that driver capabilities can be checked in
the testsuite_setup function.

Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
---
 test/test/test_ipsec.c | 305 ++++++++++++++++++++-----------------------------
 1 file changed, 121 insertions(+), 184 deletions(-)

diff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c
index ff1a1c4..777d8f7 100644
--- a/test/test/test_ipsec.c
+++ b/test/test/test_ipsec.c
@@ -62,8 +62,8 @@ struct ipsec_testsuite_params {
 	struct rte_cryptodev_config conf;
 	struct rte_cryptodev_qp_conf qp_conf;
 
-	uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];
-	uint8_t valid_dev_count;
+	uint8_t valid_dev;
+	uint8_t valid_dev_found;
 };
 
 struct ipsec_unitest_params {
@@ -213,16 +213,112 @@ find_match_auth_algo(const char *auth_keyword)
 	return NULL;
 }
 
+static void
+fill_crypto_xform(struct ipsec_unitest_params *ut_params,
+	const struct supported_auth_algo *auth_algo,
+	const struct supported_cipher_algo *cipher_algo)
+{
+	ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+	ut_params->auth_xform.auth.algo = auth_algo->algo;
+	ut_params->auth_xform.auth.key.data = global_key;
+	ut_params->auth_xform.auth.key.length = auth_algo->key_len;
+	ut_params->auth_xform.auth.digest_length = auth_algo->digest_len;
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
+
+	ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+	ut_params->cipher_xform.cipher.algo = cipher_algo->algo;
+	ut_params->cipher_xform.cipher.key.data = global_key;
+	ut_params->cipher_xform.cipher.key.length = cipher_algo->key_len;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT;
+	ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET;
+	ut_params->cipher_xform.cipher.iv.length = cipher_algo->iv_len;
+
+	if (ut_params->ipsec_xform.direction ==
+			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
+		ut_params->crypto_xforms = &ut_params->auth_xform;
+		ut_params->auth_xform.next = &ut_params->cipher_xform;
+		ut_params->cipher_xform.next = NULL;
+	} else {
+		ut_params->crypto_xforms = &ut_params->cipher_xform;
+		ut_params->cipher_xform.next = &ut_params->auth_xform;
+		ut_params->auth_xform.next = NULL;
+	}
+}
+
+static int
+check_cryptodev_capablity(const struct ipsec_unitest_params *ut,
+		uint8_t dev_id)
+{
+	struct rte_cryptodev_sym_capability_idx cap_idx;
+	const struct rte_cryptodev_symmetric_capability *cap;
+	int rc = -1;
+
+	cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+	cap_idx.algo.auth = ut->auth_xform.auth.algo;
+	cap = rte_cryptodev_sym_capability_get(dev_id, &cap_idx);
+
+	if (cap != NULL) {
+		rc = rte_cryptodev_sym_capability_check_auth(cap,
+				ut->auth_xform.auth.key.length,
+				ut->auth_xform.auth.digest_length, 0);
+		if (rc == 0) {
+			cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+			cap_idx.algo.cipher = ut->cipher_xform.cipher.algo;
+			cap = rte_cryptodev_sym_capability_get(
+					dev_id, &cap_idx);
+			if (cap != NULL)
+				rc = rte_cryptodev_sym_capability_check_cipher(
+					cap,
+					ut->cipher_xform.cipher.key.length,
+					ut->cipher_xform.cipher.iv.length);
+		}
+	}
+
+	return rc;
+}
+
 static int
 testsuite_setup(void)
 {
 	struct ipsec_testsuite_params *ts_params = &testsuite_params;
+	struct ipsec_unitest_params *ut_params = &unittest_params;
+	const struct supported_auth_algo *auth_algo;
+	const struct supported_cipher_algo *cipher_algo;
 	struct rte_cryptodev_info info;
-	uint32_t nb_devs, dev_id;
+	uint32_t i, nb_devs, dev_id;
 	size_t sess_sz;
+	int rc;
 
 	memset(ts_params, 0, sizeof(*ts_params));
 
+	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
+	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
+	strcpy(uparams.auth_algo, "null");
+	strcpy(uparams.cipher_algo, "null");
+
+	auth_algo = find_match_auth_algo(uparams.auth_algo);
+	cipher_algo = find_match_cipher_algo(uparams.cipher_algo);
+	fill_crypto_xform(ut_params, auth_algo, cipher_algo);
+
+	nb_devs = rte_cryptodev_count();
+	if (nb_devs < 1) {
+		RTE_LOG(ERR, USER1, "No crypto devices found?\n");
+		return TEST_FAILED;
+	}
+
+	/* Find first valid crypto device */
+	for (i = 0; i < nb_devs; i++) {
+		rc = check_cryptodev_capablity(ut_params, i);
+		if (rc == 0) {
+			ts_params->valid_dev = i;
+			ts_params->valid_dev_found = 1;
+			break;
+		}
+	}
+
+	if (ts_params->valid_dev_found == 0)
+		return TEST_FAILED;
+
 	ts_params->mbuf_pool = rte_pktmbuf_pool_create(
 			"CRYPTO_MBUFPOOL",
 			NUM_MBUFS, MBUF_CACHE_SIZE, 0, MBUF_SIZE,
@@ -245,16 +341,8 @@ testsuite_setup(void)
 		return TEST_FAILED;
 	}
 
-	nb_devs = rte_cryptodev_count();
-	if (nb_devs < 1) {
-		RTE_LOG(ERR, USER1, "No crypto devices found?\n");
-		return TEST_FAILED;
-	}
-
-	ts_params->valid_devs[ts_params->valid_dev_count++] = 0;
-
 	/* Set up all the qps on the first of the valid devices found */
-	dev_id = ts_params->valid_devs[0];
+	dev_id = ts_params->valid_dev;
 
 	rte_cryptodev_info_get(dev_id, &info);
 
@@ -353,9 +441,9 @@ ut_setup(void)
 	ts_params->conf.socket_id = SOCKET_ID_ANY;
 
 	/* Start the device */
-	TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]),
+	TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_dev),
 			"Failed to start cryptodev %u",
-			ts_params->valid_devs[0]);
+			ts_params->valid_dev);
 
 	return TEST_SUCCESS;
 }
@@ -399,7 +487,7 @@ ut_teardown(void)
 			rte_mempool_avail_count(ts_params->mbuf_pool));
 
 	/* Stop the device */
-	rte_cryptodev_stop(ts_params->valid_devs[0]);
+	rte_cryptodev_stop(ts_params->valid_dev);
 }
 
 #define IPSEC_MAX_PAD_SIZE	UINT8_MAX
@@ -540,37 +628,6 @@ setup_test_string_tunneled(struct rte_mempool *mpool, const char *string,
 }
 
 static int
-check_cryptodev_capablity(const struct ipsec_unitest_params *ut,
-		uint8_t devid)
-{
-	struct rte_cryptodev_sym_capability_idx cap_idx;
-	const struct rte_cryptodev_symmetric_capability *cap;
-	int rc = -1;
-
-	cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
-	cap_idx.algo.auth = ut->auth_xform.auth.algo;
-	cap = rte_cryptodev_sym_capability_get(devid, &cap_idx);
-
-	if (cap != NULL) {
-		rc = rte_cryptodev_sym_capability_check_auth(cap,
-				ut->auth_xform.auth.key.length,
-				ut->auth_xform.auth.digest_length, 0);
-		if (rc == 0) {
-			cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
-			cap_idx.algo.cipher = ut->cipher_xform.cipher.algo;
-			cap = rte_cryptodev_sym_capability_get(devid, &cap_idx);
-			if (cap != NULL)
-				rc = rte_cryptodev_sym_capability_check_cipher(
-					cap,
-					ut->cipher_xform.cipher.key.length,
-					ut->cipher_xform.cipher.iv.length);
-		}
-	}
-
-	return rc;
-}
-
-static int
 create_dummy_sec_session(struct ipsec_unitest_params *ut,
 	struct rte_cryptodev_qp_conf *qp, uint32_t j)
 {
@@ -589,93 +646,39 @@ create_dummy_sec_session(struct ipsec_unitest_params *ut,
 
 static int
 create_crypto_session(struct ipsec_unitest_params *ut,
-	struct rte_cryptodev_qp_conf *qp, const uint8_t crypto_dev[],
-	uint32_t crypto_dev_num, uint32_t j)
+	struct rte_cryptodev_qp_conf *qp, uint8_t dev_id, uint32_t j)
 {
 	int32_t rc;
-	uint32_t devnum, i;
 	struct rte_cryptodev_sym_session *s;
-	uint8_t devid[RTE_CRYPTO_MAX_DEVS];
-
-	/* check which cryptodevs support SA */
-	devnum = 0;
-	for (i = 0; i < crypto_dev_num; i++) {
-		if (check_cryptodev_capablity(ut, crypto_dev[i]) == 0)
-			devid[devnum++] = crypto_dev[i];
-	}
-
-	if (devnum == 0)
-		return -ENODEV;
 
 	s = rte_cryptodev_sym_session_create(qp->mp_session);
 	if (s == NULL)
 		return -ENOMEM;
 
-	/* initiliaze SA crypto session for all supported devices */
-	for (i = 0; i != devnum; i++) {
-		rc = rte_cryptodev_sym_session_init(devid[i], s,
+	/* initiliaze SA crypto session for device */
+	rc = rte_cryptodev_sym_session_init(dev_id, s,
 			ut->crypto_xforms, qp->mp_session_private);
-		if (rc != 0)
-			break;
-	}
-
-	if (i == devnum) {
+	if (rc == 0) {
 		ut->ss[j].crypto.ses = s;
 		return 0;
+	} else {
+		/* failure, do cleanup */
+		rte_cryptodev_sym_session_clear(dev_id, s);
+		rte_cryptodev_sym_session_free(s);
+		return rc;
 	}
-
-	/* failure, do cleanup */
-	while (i-- != 0)
-		rte_cryptodev_sym_session_clear(devid[i], s);
-
-	rte_cryptodev_sym_session_free(s);
-	return rc;
 }
 
 static int
 create_session(struct ipsec_unitest_params *ut,
-	struct rte_cryptodev_qp_conf *qp, const uint8_t crypto_dev[],
-	uint32_t crypto_dev_num, uint32_t j)
+	struct rte_cryptodev_qp_conf *qp, uint8_t crypto_dev, uint32_t j)
 {
 	if (ut->ss[j].type == RTE_SECURITY_ACTION_TYPE_NONE)
-		return create_crypto_session(ut, qp, crypto_dev,
-			crypto_dev_num, j);
+		return create_crypto_session(ut, qp, crypto_dev, j);
 	else
 		return create_dummy_sec_session(ut, qp, j);
 }
 
-static void
-fill_crypto_xform(struct ipsec_unitest_params *ut_params,
-	const struct supported_auth_algo *auth_algo,
-	const struct supported_cipher_algo *cipher_algo)
-{
-	ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
-	ut_params->auth_xform.auth.algo = auth_algo->algo;
-	ut_params->auth_xform.auth.key.data = global_key;
-	ut_params->auth_xform.auth.key.length = auth_algo->key_len;
-	ut_params->auth_xform.auth.digest_length = auth_algo->digest_len;
-	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
-
-	ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	ut_params->cipher_xform.cipher.algo = cipher_algo->algo;
-	ut_params->cipher_xform.cipher.key.data = global_key;
-	ut_params->cipher_xform.cipher.key.length = cipher_algo->key_len;
-	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT;
-	ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET;
-	ut_params->cipher_xform.cipher.iv.length = cipher_algo->iv_len;
-
-	if (ut_params->ipsec_xform.direction ==
-			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
-		ut_params->crypto_xforms = &ut_params->auth_xform;
-		ut_params->auth_xform.next = &ut_params->cipher_xform;
-		ut_params->cipher_xform.next = NULL;
-	} else {
-		ut_params->crypto_xforms = &ut_params->cipher_xform;
-		ut_params->cipher_xform.next = &ut_params->auth_xform;
-		ut_params->auth_xform.next = NULL;
-	}
-}
-
 static int
 fill_ipsec_param(uint32_t replay_win_sz, uint64_t flags)
 {
@@ -740,8 +743,7 @@ create_sa(enum rte_security_session_action_type action_type,
 		"failed to allocate memory for rte_ipsec_sa\n");
 
 	ut->ss[j].type = action_type;
-	rc = create_session(ut, &ts->qp_conf, ts->valid_devs,
-		ts->valid_dev_count, j);
+	rc = create_session(ut, &ts->qp_conf, ts->valid_dev, j);
 	if (rc != 0)
 		return TEST_FAILED;
 
@@ -768,14 +770,14 @@ crypto_ipsec(uint16_t num_pkts)
 		RTE_LOG(ERR, USER1, "rte_ipsec_pkt_crypto_prepare fail\n");
 		return TEST_FAILED;
 	}
-	k = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,
+	k = rte_cryptodev_enqueue_burst(ts_params->valid_dev, 0,
 		ut_params->cop, num_pkts);
 	if (k != num_pkts) {
 		RTE_LOG(ERR, USER1, "rte_cryptodev_enqueue_burst fail\n");
 		return TEST_FAILED;
 	}
 
-	k = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,
+	k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
 		ut_params->cop, num_pkts);
 	if (k != num_pkts) {
 		RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
@@ -882,7 +884,7 @@ crypto_ipsec_2sa(void)
 				"rte_ipsec_pkt_crypto_prepare fail\n");
 			return TEST_FAILED;
 		}
-		k = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,
+		k = rte_cryptodev_enqueue_burst(ts_params->valid_dev, 0,
 				ut_params->cop + i, 1);
 		if (k != 1) {
 			RTE_LOG(ERR, USER1,
@@ -891,7 +893,7 @@ crypto_ipsec_2sa(void)
 		}
 	}
 
-	k = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,
+	k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
 		ut_params->cop, BURST_SIZE);
 	if (k != BURST_SIZE) {
 		RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
@@ -1021,7 +1023,7 @@ crypto_ipsec_2sa_4grp(void)
 				"rte_ipsec_pkt_crypto_prepare fail\n");
 			return TEST_FAILED;
 		}
-		k = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,
+		k = rte_cryptodev_enqueue_burst(ts_params->valid_dev, 0,
 				ut_params->cop + i, 1);
 		if (k != 1) {
 			RTE_LOG(ERR, USER1,
@@ -1030,7 +1032,7 @@ crypto_ipsec_2sa_4grp(void)
 		}
 	}
 
-	k = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,
+	k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
 		ut_params->cop, BURST_SIZE);
 	if (k != BURST_SIZE) {
 		RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
@@ -1188,11 +1190,6 @@ test_ipsec_crypto_inb_burst_null_null(int i)
 	uint16_t j;
 	int rc;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa */
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -1296,11 +1293,6 @@ test_ipsec_crypto_outb_burst_null_null(int i)
 	uint16_t j;
 	int32_t rc;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa*/
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -1411,11 +1403,6 @@ test_ipsec_inline_crypto_inb_burst_null_null(int i)
 	int32_t rc;
 	uint32_t n;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa*/
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -1495,11 +1482,6 @@ test_ipsec_inline_proto_inb_burst_null_null(int i)
 	int32_t rc;
 	uint32_t n;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa*/
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -1609,11 +1591,6 @@ test_ipsec_inline_crypto_outb_burst_null_null(int i)
 	int32_t rc;
 	uint32_t n;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa */
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -1693,11 +1670,6 @@ test_ipsec_inline_proto_outb_burst_null_null(int i)
 	int32_t rc;
 	uint32_t n;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa */
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -1775,11 +1747,6 @@ test_ipsec_lksd_proto_inb_burst_null_null(int i)
 	uint16_t j;
 	int rc;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa */
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -1894,11 +1861,6 @@ test_ipsec_replay_inb_inside_null_null(int i)
 	struct ipsec_unitest_params *ut_params = &unittest_params;
 	int rc;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa*/
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -1993,11 +1955,6 @@ test_ipsec_replay_inb_outside_null_null(int i)
 	struct ipsec_unitest_params *ut_params = &unittest_params;
 	int rc;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa */
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -2099,11 +2056,6 @@ test_ipsec_replay_inb_repeat_null_null(int i)
 	struct ipsec_unitest_params *ut_params = &unittest_params;
 	int rc;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa */
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -2205,11 +2157,6 @@ test_ipsec_replay_inb_inside_burst_null_null(int i)
 	int rc;
 	int j;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa*/
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -2344,11 +2291,6 @@ test_ipsec_crypto_inb_burst_2sa_null_null(int i)
 	if (num_pkts != BURST_SIZE)
 		return rc;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa */
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
@@ -2437,11 +2379,6 @@ test_ipsec_crypto_inb_burst_2sa_4grp_null_null(int i)
 	if (num_pkts != BURST_SIZE)
 		return rc;
 
-	uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
-	uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
-	strcpy(uparams.auth_algo, "null");
-	strcpy(uparams.cipher_algo, "null");
-
 	/* create rte_ipsec_sa */
 	rc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,
 			test_cfg[i].replay_win_sz, test_cfg[i].flags, 0);
-- 
2.7.4

Re: [dpdk-dev] [PATCH v3] test/ipsec: fix test suite setup function

[Ananyev, Konstantin]

> -----Original Message-----
> From: Iremonger, Bernard
> Sent: Thursday, January 17, 2019 4:04 PM
> To: dev@dpdk.org; Ananyev, Konstantin <konstantin.ananyev@intel.com>
> Cc: Iremonger, Bernard <bernard.iremonger@intel.com>
> Subject: [PATCH v3] test/ipsec: fix test suite setup function
> 
> Check for valid crypto_null device before continuing.
> Use valid_dev instead of valid_devs[].
> Replace valid_dev_count with valid_dev_found
> Call create_crypto_session for one driver only.
> Refactor code so that driver capabilities can be checked in
> the testsuite_setup function.
> 
> Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> ---
> --

Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>

> 2.7.4

Re: [dpdk-dev] [PATCH v3] test/ipsec: fix test suite setup function

[Thomas Monjalon]

> > Check for valid crypto_null device before continuing.
> > Use valid_dev instead of valid_devs[].
> > Replace valid_dev_count with valid_dev_found
> > Call create_crypto_session for one driver only.
> > Refactor code so that driver capabilities can be checked in
> > the testsuite_setup function.
> > 
> > Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> > Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> 
> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>

Applied, thanks