From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id CD75DA0C45; Sat, 25 Sep 2021 17:36:43 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 3F93A410F6; Sat, 25 Sep 2021 17:36:35 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id EB6B540DFD for ; Sat, 25 Sep 2021 17:36:32 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18PEvYuk023188; Sat, 25 Sep 2021 08:36:32 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=c1rPCkKjzOVvVl+/Um/r7sqlYfpe7v6utT256dlOQdc=; b=g8d7L9FhB1z5OQwfWRaOjV2hU3zUOfkysAd40TdwtZ5PKbGvaLGso9mK5P/U68ElUFxK Ru7EW/mTScMLiGaPuZW0F6hrLHHJW9Fdxc1h/vzUWJwVnAYsguMBcuqdUC6o5rlcKI9b 6miWRQRAhRiHa7B3eJGEGDZweUeHWEVESjuMtVHczaDMnuBAU7Rw4GvAhhTLWkYGTHjW 4uGNsbvmiGmsAUj4h47gpMCHfklrRaivxDs/zd7B8Hmfm7A57ceUunOUUWldioTUU/A1 7mik1Z6aLcGUUMQFR1lyrfK7xZ5gqqu13Cl9jPzo79YE+ynsCKSb68OP5JpvHMNZOzFK lw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com with ESMTP id 3ba39m8d8g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sat, 25 Sep 2021 08:36:32 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Sat, 25 Sep 2021 08:36:30 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Sat, 25 Sep 2021 08:36:30 -0700 Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218]) by maili.marvell.com (Postfix) with ESMTP id 8B6213F7077; Sat, 25 Sep 2021 08:36:26 -0700 (PDT) From: Anoob Joseph To: Akhil Goyal , Declan Doherty , Fan Zhang , "Konstantin Ananyev" CC: Tejasree Kondoj , Jerin Jacob , Archana Muniganti , Hemant Agrawal , Radu Nicolau , Ciara Power , Gagandeep Singh , , Anoob Joseph Date: Sat, 25 Sep 2021 21:05:32 +0530 Message-ID: <1632584132-289-6-git-send-email-anoobj@marvell.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1632584132-289-1-git-send-email-anoobj@marvell.com> References: <1631884523-836-1-git-send-email-anoobj@marvell.com> <1632584132-289-1-git-send-email-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: E4obpIlQd9HppQaWt7jq98l00rYY2nrh X-Proofpoint-ORIG-GUID: E4obpIlQd9HppQaWt7jq98l00rYY2nrh X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-25_05,2021-09-24_02,2020-04-07_01 Subject: [dpdk-dev] [PATCH v5 5/5] test/crypto: add UDP encapsulated IPsec test cases X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Tejasree Kondoj Add tests to verify UDP encapsulation with IPsec. The tests have IPsec packets generated from plain packets and verifies that UDP header is added. Subsequently, the packets are decapsulated and then resultant packet is verified by comparing against original packet. Signed-off-by: Anoob Joseph Signed-off-by: Tejasree Kondoj Acked-by: Akhil Goyal Acked-by: Ciara Power --- app/test/test_cryptodev.c | 19 +++++++++++++++++++ app/test/test_cryptodev_security_ipsec.c | 28 ++++++++++++++++++++++++++++ app/test/test_cryptodev_security_ipsec.h | 1 + doc/guides/rel_notes/release_21_11.rst | 1 + 4 files changed, 49 insertions(+) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 956541e..bc2490b 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -8946,6 +8946,9 @@ test_ipsec_proto_process(const struct ipsec_test_data td[], sec_cap_idx.ipsec.mode = ipsec_xform.mode; sec_cap_idx.ipsec.direction = ipsec_xform.direction; + if (flags->udp_encap) + ipsec_xform.options.udp_encap = 1; + sec_cap = rte_security_capability_get(ctx, &sec_cap_idx); if (sec_cap == NULL) return TEST_SKIPPED; @@ -9157,6 +9160,18 @@ test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused) } static int +test_ipsec_proto_udp_encap(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.udp_encap = true; + + return test_ipsec_proto_all(&flags); +} + +static int test_PDCP_PROTO_all(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; @@ -14073,6 +14088,10 @@ static struct unit_test_suite ipsec_proto_testsuite = { ut_setup_security, ut_teardown, test_ipsec_proto_iv_gen), TEST_CASE_NAMED_ST( + "UDP encapsulation", + ut_setup_security, ut_teardown, + test_ipsec_proto_udp_encap), + TEST_CASE_NAMED_ST( "Negative test: ICV corruption", ut_setup_security, ut_teardown, test_ipsec_proto_err_icv_corrupt), diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c index 78c7f3a..5b54996 100644 --- a/app/test/test_cryptodev_security_ipsec.c +++ b/app/test/test_cryptodev_security_ipsec.c @@ -7,6 +7,7 @@ #include #include #include +#include #include "test.h" #include "test_cryptodev_security_ipsec.h" @@ -183,6 +184,9 @@ test_ipsec_td_update(struct ipsec_test_data td_inb[], int icv_pos = td_inb[i].input_text.len - 4; td_inb[i].input_text.data[icv_pos] += 1; } + + if (flags->udp_encap) + td_inb[i].ipsec_xform.options.udp_encap = 1; } } @@ -268,6 +272,30 @@ test_ipsec_td_verify(struct rte_mbuf *m, const struct ipsec_test_data *td, td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) return TEST_SUCCESS; + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS && + flags->udp_encap) { + const struct rte_ipv4_hdr *iph4; + const struct rte_ipv6_hdr *iph6; + + if (td->ipsec_xform.tunnel.type == + RTE_SECURITY_IPSEC_TUNNEL_IPV4) { + iph4 = (const struct rte_ipv4_hdr *)output_text; + if (iph4->next_proto_id != IPPROTO_UDP) { + printf("UDP header is not found\n"); + return TEST_FAILED; + } + } else { + iph6 = (const struct rte_ipv6_hdr *)output_text; + if (iph6->proto != IPPROTO_UDP) { + printf("UDP header is not found\n"); + return TEST_FAILED; + } + } + + len -= sizeof(struct rte_udp_hdr); + output_text += sizeof(struct rte_udp_hdr); + } + if (len != td->output_text.len) { printf("Output length (%d) not matching with expected (%d)\n", len, td->output_text.len); diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index d2ec63f..e1645f4 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -51,6 +51,7 @@ struct ipsec_test_flags { bool display_alg; bool icv_corrupt; bool iv_gen; + bool udp_encap; }; struct crypto_param { diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst index cda0a92..30c9ccf 100644 --- a/doc/guides/rel_notes/release_21_11.rst +++ b/doc/guides/rel_notes/release_21_11.rst @@ -92,6 +92,7 @@ New Features * Added known vector tests (AES-GCM 128, 192, 256). * Added tests to verify error reporting with ICV corruption. * Added tests to verify IV generation. + * Added tests to verify UDP encapsulation. Removed Items -- 2.7.4