From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 41CCFA050A;
	Sat, 16 Apr 2022 21:26:39 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 7D70F427EB;
	Sat, 16 Apr 2022 21:26:18 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 7318A41614
 for <dev@dpdk.org>; Sat, 16 Apr 2022 21:26:16 +0200 (CEST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 23GJDhCm022470;
 Sat, 16 Apr 2022 12:26:15 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=MjXITm/1d+ThHtUWp1yVmqg9NX4oPd7lMHdt44nKP+M=;
 b=MoA4ZZWi5OwsFNQ15Vvg1US2AmetyoK+R3DAUIJQJvboxpw0/wL18F1593I0Fqzh4JRz
 L2C/vjuXRW0bVfDNbp9TETjCPmWt7yDeVUJiB8Tj4ZN0oYJnU3sH++HEY+zHLgec0NM+
 PZ0E+l5Vh8jg4uyflGoSV3Zbe8YCtgKSH2yJOo1WnJ7uHQyHx0aLLomg1sd2Qq5I/FFD
 I8zCK8dk1fv0/KDaRazurr+DgG7B63e2qEY5k/k0ctLvluTTL05D8mgFlUnU3Jhdzshl
 i0wdaOp+Cqn8gild+atX4nUYmImUh3pL+wBsY2EbveEvUNGsNYvwzYH3oqcjxcjwjj0Z nw== 
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ffwanrrh5-8
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
 Sat, 16 Apr 2022 12:26:15 -0700
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Sat, 16 Apr 2022 12:26:12 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Sat, 16 Apr 2022 12:26:12 -0700
Received: from localhost.localdomain (unknown [10.28.48.55])
 by maili.marvell.com (Postfix) with ESMTP id 099AF3F7079;
 Sat, 16 Apr 2022 12:26:08 -0700 (PDT)
From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
CC: <thomas@monjalon.net>, <david.marchand@redhat.com>,
 <hemant.agrawal@nxp.com>, <anoobj@marvell.com>,
 <konstantin.ananyev@intel.com>, <ciara.power@intel.com>,
 <ferruh.yigit@intel.com>, <andrew.rybchenko@oktetlabs.ru>,
 <ndabilpuram@marvell.com>, <vattunuru@marvell.com>
Subject: [PATCH v4 08/10] test/security: add inline IPsec SA soft expiry cases
Date: Sun, 17 Apr 2022 00:55:28 +0530
Message-ID: <20220416192530.173895-9-gakhil@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20220416192530.173895-1-gakhil@marvell.com>
References: <20220217172341.607360-1-gakhil@marvell.com>
 <20220416192530.173895-1-gakhil@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-GUID: 3DSb927QTeZYyVfJQokakJGOj2mYt8vI
X-Proofpoint-ORIG-GUID: 3DSb927QTeZYyVfJQokakJGOj2mYt8vI
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.858,Hydra:6.0.486,FMLib:17.11.64.514
 definitions=2022-04-16_08,2022-04-15_01,2022-02-23_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Vamsi Attunuru <vattunuru@marvell.com>

Patch adds unit tests for packet & byte soft expiry events.

Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
---
 app/test/test_cryptodev_security_ipsec.h      |   2 +
 app/test/test_security_inline_proto.c         | 105 +++++++++++++++++-
 app/test/test_security_inline_proto_vectors.h |   6 +
 3 files changed, 112 insertions(+), 1 deletion(-)

diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h
index 0d9b5b6e2e..418ab16ba6 100644
--- a/app/test/test_cryptodev_security_ipsec.h
+++ b/app/test/test_cryptodev_security_ipsec.h
@@ -77,6 +77,8 @@ struct ipsec_test_flags {
 	bool display_alg;
 	bool sa_expiry_pkts_soft;
 	bool sa_expiry_pkts_hard;
+	bool sa_expiry_bytes_soft;
+	bool sa_expiry_bytes_hard;
 	bool icv_corrupt;
 	bool iv_gen;
 	uint32_t tunnel_hdr_verify;
diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c
index f8d6adc88f..5b111af53e 100644
--- a/app/test/test_security_inline_proto.c
+++ b/app/test/test_security_inline_proto.c
@@ -874,6 +874,62 @@ test_ipsec_with_reassembly(struct reassembly_vector *vector,
 	return ret;
 }
 
+static int
+test_ipsec_inline_sa_exp_event_callback(uint16_t port_id,
+		enum rte_eth_event_type type, void *param, void *ret_param)
+{
+	struct sa_expiry_vector *vector = (struct sa_expiry_vector *)param;
+	struct rte_eth_event_ipsec_desc *event_desc = NULL;
+
+	RTE_SET_USED(port_id);
+
+	if (type != RTE_ETH_EVENT_IPSEC)
+		return -1;
+
+	event_desc = ret_param;
+	if (event_desc == NULL) {
+		printf("Event descriptor not set\n");
+		return -1;
+	}
+	vector->notify_event = true;
+	if (event_desc->metadata != (uint64_t)vector->sa_data) {
+		printf("Mismatch in event specific metadata\n");
+		return -1;
+	}
+	if (event_desc->subtype == RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY) {
+		vector->event = RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY;
+		return 0;
+	} else if (event_desc->subtype == RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY) {
+		vector->event = RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY;
+		return 0;
+	} else if (event_desc->subtype >= RTE_ETH_EVENT_IPSEC_MAX) {
+		printf("Invalid IPsec event reported\n");
+		return -1;
+	}
+
+	return -1;
+}
+
+static enum rte_eth_event_ipsec_subtype
+test_ipsec_inline_setup_expiry_vector(struct sa_expiry_vector *vector,
+		const struct ipsec_test_flags *flags,
+		struct ipsec_test_data *tdata)
+{
+	enum rte_eth_event_ipsec_subtype event = RTE_ETH_EVENT_IPSEC_UNKNOWN;
+
+	vector->event = RTE_ETH_EVENT_IPSEC_UNKNOWN;
+	vector->notify_event = false;
+	vector->sa_data = (void *)tdata;
+	if (flags->sa_expiry_pkts_soft)
+		event = RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY;
+	else
+		event = RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY;
+	rte_eth_dev_callback_register(port_id, RTE_ETH_EVENT_IPSEC,
+		       test_ipsec_inline_sa_exp_event_callback, vector);
+
+	return event;
+}
+
 static int
 test_ipsec_inline_proto_process(struct ipsec_test_data *td,
 		struct ipsec_test_data *res_d,
@@ -881,10 +937,12 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td,
 		bool silent,
 		const struct ipsec_test_flags *flags)
 {
+	enum rte_eth_event_ipsec_subtype event = RTE_ETH_EVENT_IPSEC_UNKNOWN;
 	struct rte_security_session_conf sess_conf = {0};
 	struct rte_crypto_sym_xform cipher = {0};
 	struct rte_crypto_sym_xform auth = {0};
 	struct rte_crypto_sym_xform aead = {0};
+	struct sa_expiry_vector vector = {0};
 	struct rte_security_session *ses;
 	struct rte_security_ctx *ctx;
 	int nb_rx = 0, nb_sent;
@@ -893,6 +951,12 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td,
 
 	memset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * nb_pkts);
 
+	if (flags->sa_expiry_pkts_soft || flags->sa_expiry_bytes_soft) {
+		if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
+			return TEST_SUCCESS;
+		event = test_ipsec_inline_setup_expiry_vector(&vector, flags, td);
+	}
+
 	if (td->aead) {
 		sess_conf.crypto_xform = &aead;
 	} else {
@@ -999,6 +1063,15 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td,
 out:
 	if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
 		destroy_default_flow(port_id);
+	if (flags->sa_expiry_pkts_soft || flags->sa_expiry_bytes_soft) {
+		if (vector.notify_event && (vector.event == event))
+			ret = TEST_SUCCESS;
+		else
+			ret = TEST_FAILED;
+
+		rte_eth_dev_callback_unregister(port_id, RTE_ETH_EVENT_IPSEC,
+			test_ipsec_inline_sa_exp_event_callback, &vector);
+	}
 
 	/* Destroy session so that other cases can create the session again */
 	rte_security_session_destroy(ctx, ses);
@@ -1016,6 +1089,7 @@ test_ipsec_inline_proto_all(const struct ipsec_test_flags *flags)
 	int ret;
 
 	if (flags->iv_gen || flags->sa_expiry_pkts_soft ||
+			flags->sa_expiry_bytes_soft ||
 			flags->sa_expiry_pkts_hard)
 		nb_pkts = IPSEC_TEST_PACKETS_MAX;
 
@@ -1048,6 +1122,11 @@ test_ipsec_inline_proto_all(const struct ipsec_test_flags *flags)
 		if (flags->udp_encap)
 			td_outb.ipsec_xform.options.udp_encap = 1;
 
+		if (flags->sa_expiry_bytes_soft)
+			td_outb.ipsec_xform.life.bytes_soft_limit =
+				(((td_outb.output_text.len + RTE_ETHER_HDR_LEN)
+				  * nb_pkts) >> 3) - 1;
+
 		ret = test_ipsec_inline_proto_process(&td_outb, &td_inb, nb_pkts,
 						false, flags);
 		if (ret == TEST_SKIPPED)
@@ -1814,6 +1893,23 @@ test_ipsec_inline_proto_iv_gen(const void *data __rte_unused)
 	return test_ipsec_inline_proto_all(&flags);
 }
 
+static int
+test_ipsec_inline_proto_sa_pkt_soft_expiry(const void *data __rte_unused)
+{
+	struct ipsec_test_flags flags = {
+		.sa_expiry_pkts_soft = true
+	};
+	return test_ipsec_inline_proto_all(&flags);
+}
+static int
+test_ipsec_inline_proto_sa_byte_soft_expiry(const void *data __rte_unused)
+{
+	struct ipsec_test_flags flags = {
+		.sa_expiry_bytes_soft = true
+	};
+	return test_ipsec_inline_proto_all(&flags);
+}
+
 static int
 test_ipsec_inline_proto_known_vec_fragmented(const void *test_data)
 {
@@ -2202,7 +2298,14 @@ static struct unit_test_suite inline_ipsec_testsuite  = {
 			"IV generation",
 			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
 			test_ipsec_inline_proto_iv_gen),
-
+		TEST_CASE_NAMED_ST(
+			"SA soft expiry with packet limit",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_sa_pkt_soft_expiry),
+		TEST_CASE_NAMED_ST(
+			"SA soft expiry with byte limit",
+			ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+			test_ipsec_inline_proto_sa_byte_soft_expiry),
 
 		TEST_CASE_NAMED_WITH_DATA(
 			"Antireplay with window size 1024",
diff --git a/app/test/test_security_inline_proto_vectors.h b/app/test/test_security_inline_proto_vectors.h
index c18965d80f..003537e200 100644
--- a/app/test/test_security_inline_proto_vectors.h
+++ b/app/test/test_security_inline_proto_vectors.h
@@ -36,6 +36,12 @@ struct reassembly_vector {
 	bool burst;
 };
 
+struct sa_expiry_vector {
+	struct ipsec_session_data *sa_data;
+	enum rte_eth_event_ipsec_subtype event;
+	bool notify_event;
+};
+
 /* The source file includes below test vectors */
 /* IPv6:
  *
-- 
2.25.1