From: Srujana Challa <schalla@marvell.com>
To: <dev@dpdk.org>
Cc: <gakhil@marvell.com>, <anoobj@marvell.com>, <schalla@marvell.com>
Subject: [PATCH] test/security: skip IPsec post process for negative tests
Date: Thu, 3 Oct 2024 16:07:39 +0530 [thread overview]
Message-ID: <20241003103739.1128598-1-schalla@marvell.com> (raw)
Skips calling test_ipsec_post_process for negative inline IPsec tests
as received packet might not be valid for a negative case.
Signed-off-by: Srujana Challa <schalla@marvell.com>
---
app/test/test_cryptodev_security_ipsec.c | 1 +
app/test/test_security_inline_proto.c | 25 +++++++++++++++++++-----
2 files changed, 21 insertions(+), 5 deletions(-)
diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c
index 1aba1ad993..5fb5907473 100644
--- a/app/test/test_cryptodev_security_ipsec.c
+++ b/app/test/test_cryptodev_security_ipsec.c
@@ -916,6 +916,7 @@ test_ipsec_post_process(const struct rte_mbuf *m, const struct ipsec_test_data *
seg = seg->next;
}
len = RTE_MIN(len, data_len);
+ TEST_ASSERT(len <= IPSEC_TEXT_MAX_LEN, "Invalid packet length: %u", len);
/* Copy mbuf payload to continuous buffer */
output = rte_pktmbuf_read(m, 0, len, output_text);
if (output != output_text)
diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c
index 10f7e58caa..480469f672 100644
--- a/app/test/test_security_inline_proto.c
+++ b/app/test/test_security_inline_proto.c
@@ -1449,12 +1449,27 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td,
for (i = 0; i < nb_rx; i++) {
rte_pktmbuf_adj(rx_pkts_burst[i], RTE_ETHER_HDR_LEN);
- ret = test_ipsec_post_process(rx_pkts_burst[i], td,
- res_d, silent, flags);
- if (ret != TEST_SUCCESS) {
- for ( ; i < nb_rx; i++)
+ /* For tests with status as error for test success,
+ * skip verification
+ */
+ if (td->ipsec_xform.direction ==
+ RTE_SECURITY_IPSEC_SA_DIR_INGRESS && (flags->icv_corrupt ||
+ flags->sa_expiry_pkts_hard || flags->tunnel_hdr_verify ||
+ td->ar_packet)) {
+ if (!(rx_pkts_burst[i]->ol_flags &
+ RTE_MBUF_F_RX_SEC_OFFLOAD_FAILED)) {
rte_pktmbuf_free(rx_pkts_burst[i]);
- goto out;
+ rx_pkts_burst[i] = NULL;
+ return TEST_FAILED;
+ }
+ } else {
+ ret = test_ipsec_post_process(rx_pkts_burst[i], td,
+ res_d, silent, flags);
+ if (ret != TEST_SUCCESS) {
+ for ( ; i < nb_rx; i++)
+ rte_pktmbuf_free(rx_pkts_burst[i]);
+ goto out;
+ }
}
ret = test_ipsec_stats_verify(ctx, ses, flags,
--
2.25.1
reply other threads:[~2024-10-03 10:37 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241003103739.1128598-1-schalla@marvell.com \
--to=schalla@marvell.com \
--cc=anoobj@marvell.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).