From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C5EC0A050A; Sat, 16 Apr 2022 21:26:43 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6B16E42808; Sat, 16 Apr 2022 21:26:19 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 42E9A40DFD for ; Sat, 16 Apr 2022 21:26:18 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 23GIhiNx024978; Sat, 16 Apr 2022 12:26:17 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=TJa9eh1/7RUMAwUPVIIUOcvkv1qHKh7uCh0G6xdoYWM=; b=WEEub1GzM1PybFEz+EaQbNN4sFMlD3O9F5VSAB4r7Ww66qDkUfcuB/S3+sJvtLf8K5bP e+rDBc0WCgzC3/XLmksvALg285IsQJSE+s0vSdz3aIhjKmX5Itk8xovzkmLSpR2XsD/w kmIaO1Nzo6iaEY7hxZvByjEKLVmZ7HuqqXYDis9gEKRunK4HqWPPB3niD/MRrX2w4CKk depO/jZHytPu7a4ubUwGHjdH9JsYcWhExvx4V13a0/FS0vpPZ3+1IhURlp6XWZBU8H6/ BM3xaeMDikYkfaSnovKHf5gDepYO+U7vnCceC1QLs5CKU43L0Ct1ImkGRxyh/9KVk67I tg== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ffu5p9103-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sat, 16 Apr 2022 12:26:17 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sat, 16 Apr 2022 12:26:15 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Sat, 16 Apr 2022 12:26:15 -0700 Received: from localhost.localdomain (unknown [10.28.48.55]) by maili.marvell.com (Postfix) with ESMTP id A17C93F707A; Sat, 16 Apr 2022 12:26:12 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , Subject: [PATCH v4 09/10] test/security: add inline IPsec SA hard expiry cases Date: Sun, 17 Apr 2022 00:55:29 +0530 Message-ID: <20220416192530.173895-10-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220416192530.173895-1-gakhil@marvell.com> References: <20220217172341.607360-1-gakhil@marvell.com> <20220416192530.173895-1-gakhil@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: erxwhDXz9BIbUxsnjTTpIm8F-mhTC9Tk X-Proofpoint-ORIG-GUID: erxwhDXz9BIbUxsnjTTpIm8F-mhTC9Tk X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.858,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-04-16_08,2022-04-15_01,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Vamsi Attunuru Patch adds hard expiry unit tests for both packet and byte limits. Signed-off-by: Vamsi Attunuru --- app/test/test_security_inline_proto.c | 71 +++++++++++++++++++++++---- 1 file changed, 61 insertions(+), 10 deletions(-) diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c index 5b111af53e..15f08a2d6c 100644 --- a/app/test/test_security_inline_proto.c +++ b/app/test/test_security_inline_proto.c @@ -896,18 +896,25 @@ test_ipsec_inline_sa_exp_event_callback(uint16_t port_id, printf("Mismatch in event specific metadata\n"); return -1; } - if (event_desc->subtype == RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY) { + switch (event_desc->subtype) { + case RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY: vector->event = RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY; - return 0; - } else if (event_desc->subtype == RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY) { + break; + case RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY: vector->event = RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY; - return 0; - } else if (event_desc->subtype >= RTE_ETH_EVENT_IPSEC_MAX) { + break; + case RTE_ETH_EVENT_IPSEC_SA_PKT_HARD_EXPIRY: + vector->event = RTE_ETH_EVENT_IPSEC_SA_PKT_HARD_EXPIRY; + break; + case RTE_ETH_EVENT_IPSEC_SA_BYTE_HARD_EXPIRY: + vector->event = RTE_ETH_EVENT_IPSEC_SA_BYTE_HARD_EXPIRY; + break; + default: printf("Invalid IPsec event reported\n"); return -1; } - return -1; + return 0; } static enum rte_eth_event_ipsec_subtype @@ -922,8 +929,12 @@ test_ipsec_inline_setup_expiry_vector(struct sa_expiry_vector *vector, vector->sa_data = (void *)tdata; if (flags->sa_expiry_pkts_soft) event = RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY; - else + else if (flags->sa_expiry_bytes_soft) event = RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY; + else if (flags->sa_expiry_pkts_hard) + event = RTE_ETH_EVENT_IPSEC_SA_PKT_HARD_EXPIRY; + else + event = RTE_ETH_EVENT_IPSEC_SA_BYTE_HARD_EXPIRY; rte_eth_dev_callback_register(port_id, RTE_ETH_EVENT_IPSEC, test_ipsec_inline_sa_exp_event_callback, vector); @@ -951,7 +962,8 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, memset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * nb_pkts); - if (flags->sa_expiry_pkts_soft || flags->sa_expiry_bytes_soft) { + if (flags->sa_expiry_pkts_soft || flags->sa_expiry_bytes_soft || + flags->sa_expiry_pkts_hard || flags->sa_expiry_bytes_hard) { if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) return TEST_SUCCESS; event = test_ipsec_inline_setup_expiry_vector(&vector, flags, td); @@ -1029,7 +1041,9 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, break; } while (j++ < 5 || nb_rx == 0); - if (nb_rx != nb_sent) { + if (!flags->sa_expiry_pkts_hard && + !flags->sa_expiry_bytes_hard && + (nb_rx != nb_sent)) { printf("\nUnable to RX all %d packets", nb_sent); while(--nb_rx) rte_pktmbuf_free(rx_pkts_burst[nb_rx]); @@ -1063,7 +1077,8 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, out: if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) destroy_default_flow(port_id); - if (flags->sa_expiry_pkts_soft || flags->sa_expiry_bytes_soft) { + if (flags->sa_expiry_pkts_soft || flags->sa_expiry_bytes_soft || + flags->sa_expiry_pkts_hard || flags->sa_expiry_bytes_hard) { if (vector.notify_event && (vector.event == event)) ret = TEST_SUCCESS; else @@ -1090,6 +1105,7 @@ test_ipsec_inline_proto_all(const struct ipsec_test_flags *flags) if (flags->iv_gen || flags->sa_expiry_pkts_soft || flags->sa_expiry_bytes_soft || + flags->sa_expiry_bytes_hard || flags->sa_expiry_pkts_hard) nb_pkts = IPSEC_TEST_PACKETS_MAX; @@ -1126,6 +1142,13 @@ test_ipsec_inline_proto_all(const struct ipsec_test_flags *flags) td_outb.ipsec_xform.life.bytes_soft_limit = (((td_outb.output_text.len + RTE_ETHER_HDR_LEN) * nb_pkts) >> 3) - 1; + if (flags->sa_expiry_pkts_hard) + td_outb.ipsec_xform.life.packets_hard_limit = + IPSEC_TEST_PACKETS_MAX - 1; + if (flags->sa_expiry_bytes_hard) + td_outb.ipsec_xform.life.bytes_hard_limit = + (((td_outb.output_text.len + RTE_ETHER_HDR_LEN) + * nb_pkts) >> 3) - 1; ret = test_ipsec_inline_proto_process(&td_outb, &td_inb, nb_pkts, false, flags); @@ -1910,6 +1933,26 @@ test_ipsec_inline_proto_sa_byte_soft_expiry(const void *data __rte_unused) return test_ipsec_inline_proto_all(&flags); } +static int +test_ipsec_inline_proto_sa_pkt_hard_expiry(const void *data __rte_unused) +{ + struct ipsec_test_flags flags = { + .sa_expiry_pkts_hard = true + }; + + return test_ipsec_inline_proto_all(&flags); +} + +static int +test_ipsec_inline_proto_sa_byte_hard_expiry(const void *data __rte_unused) +{ + struct ipsec_test_flags flags = { + .sa_expiry_bytes_hard = true + }; + + return test_ipsec_inline_proto_all(&flags); +} + static int test_ipsec_inline_proto_known_vec_fragmented(const void *test_data) { @@ -2306,6 +2349,14 @@ static struct unit_test_suite inline_ipsec_testsuite = { "SA soft expiry with byte limit", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_sa_byte_soft_expiry), + TEST_CASE_NAMED_ST( + "SA hard expiry with packet limit", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_sa_pkt_hard_expiry), + TEST_CASE_NAMED_ST( + "SA hard expiry with byte limit", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_sa_byte_hard_expiry), TEST_CASE_NAMED_WITH_DATA( "Antireplay with window size 1024", -- 2.25.1