Re: [dpdk-dev] [dpdk-dev v9 3/4] test/crypto: add unit-test for cryptodev direct APIs

[Akhil Goyal <akhil.goyal@nxp.com>]

Hi Fan,

> Subject: [dpdk-dev v9 3/4] test/crypto: add unit-test for cryptodev direct APIs
> 
> This patch adds the QAT test to use cryptodev symmetric crypto
> direct APIs.
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
>  app/test/test_cryptodev.c             | 461 +++++++++++++++++++++++---
>  app/test/test_cryptodev.h             |   7 +
>  app/test/test_cryptodev_blockcipher.c |  51 ++-
>  3 files changed, 456 insertions(+), 63 deletions(-)
> 
> diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
> index 70bf6fe2c..13f642e0e 100644
> --- a/app/test/test_cryptodev.c
> +++ b/app/test/test_cryptodev.c
> @@ -49,6 +49,8 @@
>  #define VDEV_ARGS_SIZE 100
>  #define MAX_NB_SESSIONS 4
> 
> +#define MAX_DRV_SERVICE_CTX_SIZE 256
> +
>  #define IN_PLACE 0
>  #define OUT_OF_PLACE 1
> 
> @@ -57,6 +59,8 @@ static int gbl_driver_id;
>  static enum rte_security_session_action_type gbl_action_type =
>  	RTE_SECURITY_ACTION_TYPE_NONE;
> 
> +int cryptodev_dp_test;
> +

Why do we need this? We should make decision based on Feature flag of crypto device.


>  struct crypto_testsuite_params {
>  	struct rte_mempool *mbuf_pool;
>  	struct rte_mempool *large_mbuf_pool;
> @@ -147,6 +151,182 @@ ceil_byte_length(uint32_t num_bits)
>  		return (num_bits >> 3);
>  }
> 
> +void
> +process_sym_hw_api_op(uint8_t dev_id, uint16_t qp_id, struct rte_crypto_op
> *op,
> +		uint8_t is_cipher, uint8_t is_auth, uint8_t len_in_bits,
> +		uint8_t cipher_iv_len)
> +{
> +	int32_t n;
> +	struct rte_crypto_sym_op *sop;
> +	struct rte_crypto_op *ret_op = NULL;
> +	struct rte_crypto_vec data_vec[UINT8_MAX];
> +	union rte_crypto_sym_additional_data a_data;
> +	union rte_crypto_sym_ofs ofs;
> +	int32_t status;
> +	uint32_t max_len;
> +	union rte_cryptodev_session_ctx sess;
> +	enum rte_crypto_dp_service service_type;
> +	uint32_t count = 0;
> +	uint8_t service_data[MAX_DRV_SERVICE_CTX_SIZE] = {0};
> +	struct rte_crypto_dp_service_ctx *ctx = (void *)service_data;
> +	uint32_t cipher_offset = 0, cipher_len = 0, auth_offset = 0,
> +			auth_len = 0;
> +	int ctx_service_size;
> +
> +	sop = op->sym;
> +
> +	sess.crypto_sess = sop->session;
> +
> +	if (is_cipher && is_auth) {
> +		service_type = RTE_CRYPTO_DP_SYM_CHAIN;
> +		cipher_offset = sop->cipher.data.offset;
> +		cipher_len = sop->cipher.data.length;
> +		auth_offset = sop->auth.data.offset;
> +		auth_len = sop->auth.data.length;
> +		max_len = RTE_MAX(cipher_offset + cipher_len,
> +				auth_offset + auth_len);
> +	} else if (is_cipher) {
> +		service_type = RTE_CRYPTO_DP_SYM_CIPHER_ONLY;
> +		cipher_offset = sop->cipher.data.offset;
> +		cipher_len = sop->cipher.data.length;
> +		max_len = cipher_len + cipher_offset;
> +	} else if (is_auth) {
> +		service_type = RTE_CRYPTO_DP_SYM_AUTH_ONLY;
> +		auth_offset = sop->auth.data.offset;
> +		auth_len = sop->auth.data.length;
> +		max_len = auth_len + auth_offset;
> +	} else { /* aead */
> +		service_type = RTE_CRYPTO_DP_SYM_AEAD;
> +		cipher_offset = sop->aead.data.offset;
> +		cipher_len = sop->aead.data.length;
> +		max_len = cipher_len + cipher_offset;
> +	}
> +
> +	if (len_in_bits) {
> +		max_len = max_len >> 3;
> +		cipher_offset = cipher_offset >> 3;
> +		auth_offset = auth_offset >> 3;
> +		cipher_len = cipher_len >> 3;
> +		auth_len = auth_len >> 3;
> +	}
> +
> +	ctx_service_size = rte_cryptodev_dp_get_service_ctx_data_size(dev_id);
> +	assert(ctx_service_size <= MAX_DRV_SERVICE_CTX_SIZE &&
> +			ctx_service_size > 0);
> +
> +	if (rte_cryptodev_dp_configure_service(dev_id, qp_id, service_type,
> +			RTE_CRYPTO_OP_WITH_SESSION, sess, ctx, 0) < 0) {
> +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +		return;
> +	}

**_dp_configure_service does not provide context of the API. What does service mean here?
Can we rename it to rte_cryptodev_configure_raw_dp?
This gives better readability to have an API to configure crypto device for raw data path.

> +
> +	/* test update service */
> +	if (rte_cryptodev_dp_configure_service(dev_id, qp_id, service_type,
> +			RTE_CRYPTO_OP_WITH_SESSION, sess, ctx, 1) < 0) {

Do we really need an extra parameter to specify update? Can we not call again same API
for update? Anyway the implementation will be copying the complete information from
the sess.

> +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +		return;
> +	}
> +
> +	n = rte_crypto_mbuf_to_vec(sop->m_src, 0, max_len,
> +			data_vec, RTE_DIM(data_vec));
> +	if (n < 0 || n > sop->m_src->nb_segs) {
> +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +		return;
> +	}
> +
> +	ofs.raw = 0;
> +
> +	switch (service_type) {
> +	case RTE_CRYPTO_DP_SYM_AEAD:
> +		ofs.ofs.cipher.head = cipher_offset;
> +		ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
> +		a_data.aead.iv_ptr = rte_crypto_op_ctod_offset(op, void *,
> +				IV_OFFSET);
> +		a_data.aead.iv_iova = rte_crypto_op_ctophys_offset(op,
> +				IV_OFFSET);
> +		a_data.aead.aad_ptr = (void *)sop->aead.aad.data;
> +		a_data.aead.aad_iova = sop->aead.aad.phys_addr;
> +		a_data.aead.digest_ptr = (void *)sop->aead.digest.data;
> +		a_data.aead.digest_iova = sop->aead.digest.phys_addr;
> +		break;
> +	case RTE_CRYPTO_DP_SYM_CIPHER_ONLY:
> +		ofs.ofs.cipher.head = cipher_offset;
> +		ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
> +		a_data.cipher_auth.cipher_iv_ptr = rte_crypto_op_ctod_offset(
> +				op, void *, IV_OFFSET);
> +		a_data.cipher_auth.cipher_iv_iova =
> +				rte_crypto_op_ctophys_offset(op, IV_OFFSET);
> +		break;
> +	case RTE_CRYPTO_DP_SYM_AUTH_ONLY:
> +		ofs.ofs.auth.head = auth_offset;
> +		ofs.ofs.auth.tail = max_len - auth_offset - auth_len;
> +		a_data.cipher_auth.auth_iv_ptr = rte_crypto_op_ctod_offset(
> +				op, void *, IV_OFFSET + cipher_iv_len);
> +		a_data.cipher_auth.auth_iv_iova =
> +				rte_crypto_op_ctophys_offset(op, IV_OFFSET +
> +						cipher_iv_len);
> +		a_data.cipher_auth.digest_ptr = (void *)sop->auth.digest.data;
> +		a_data.cipher_auth.digest_iova = sop->auth.digest.phys_addr;
> +		break;
> +	case RTE_CRYPTO_DP_SYM_CHAIN:
> +		ofs.ofs.cipher.head = cipher_offset;
> +		ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
> +		ofs.ofs.auth.head = auth_offset;
> +		ofs.ofs.auth.tail = max_len - auth_offset - auth_len;
> +		a_data.cipher_auth.cipher_iv_ptr = rte_crypto_op_ctod_offset(
> +				op, void *, IV_OFFSET);
> +		a_data.cipher_auth.cipher_iv_iova =
> +				rte_crypto_op_ctophys_offset(op, IV_OFFSET);
> +		a_data.cipher_auth.auth_iv_ptr = rte_crypto_op_ctod_offset(
> +				op, void *, IV_OFFSET + cipher_iv_len);
> +		a_data.cipher_auth.auth_iv_iova =
> +				rte_crypto_op_ctophys_offset(op, IV_OFFSET +
> +						cipher_iv_len);
> +		a_data.cipher_auth.digest_ptr = (void *)sop->auth.digest.data;
> +		a_data.cipher_auth.digest_iova = sop->auth.digest.phys_addr;

Instead of cipher_auth, it should be chain. Can we also support "hash then cipher" case also?

> +		break;
> +	default:
> +		break;
> +	}
> +
> +	status = rte_cryptodev_dp_sym_submit_single_job(ctx, data_vec, n, ofs,
> +		&a_data, (void *)op);
> +	if (status < 0) {
> +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +		return;
> +	}
> +
> +	status = rte_cryptodev_dp_sym_submit_done(ctx, 1);
> +	if (status < 0) {
> +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +		return;
> +	}
> +
> +
> +	status = -1;
> +	while (count++ < 65535 && status == -1) {
> +		status = rte_cryptodev_dp_sym_dequeue_single_job(ctx,
> +				(void **)&ret_op);
> +		if (status == -1)
> +			rte_pause();
> +	}
> +
> +	if (status != -1) {
> +		if (rte_cryptodev_dp_sym_dequeue_done(ctx, 1) < 0) {
> +			op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +			return;
> +		}
> +	}
> +
> +	if (count == 65536 || status != 1 || ret_op != op) {

Remove hardcode 65536

> +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +		return;
> +	}
> +
> +	op->status = status == 1 ? RTE_CRYPTO_OP_STATUS_SUCCESS :
> +			RTE_CRYPTO_OP_STATUS_ERROR;
> +}
> +
>  static void
>  process_cpu_aead_op(uint8_t dev_id, struct rte_crypto_op *op)
>  {
> @@ -1656,6 +1836,9 @@
> test_AES_CBC_HMAC_SHA512_decrypt_perform(struct
> rte_cryptodev_sym_session *sess,
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_crypt_auth_op(ts_params->valid_devs[0],
>  			ut_params->op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 0, 0);

Can we rename process_sym_hw_api_op to process_sym_hw_raw_op?

>  	else
>  		TEST_ASSERT_NOT_NULL(
>  				process_crypto_request(ts_params-
> >valid_devs[0],
> @@ -1710,12 +1893,18 @@ test_AES_cipheronly_all(void)
>  static int
>  test_AES_docsis_all(void)
>  {
> +	/* Data-path service does not support DOCSIS yet */
> +	if (cryptodev_dp_test)
> +		return -ENOTSUP;
>  	return test_blockcipher(BLKCIPHER_AES_DOCSIS_TYPE);
>  }
> 
>  static int
>  test_DES_docsis_all(void)
>  {
> +	/* Data-path service does not support DOCSIS yet */
> +	if (cryptodev_dp_test)
> +		return -ENOTSUP;
>  	return test_blockcipher(BLKCIPHER_DES_DOCSIS_TYPE);
>  }
> 
> @@ -2470,7 +2659,11 @@ test_snow3g_authentication(const struct
> snow3g_hash_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 1, 0);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  				ut_params->op);
>  	ut_params->obuf = ut_params->op->sym->m_src;
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> @@ -2549,7 +2742,11 @@ test_snow3g_authentication_verify(const struct
> snow3g_hash_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 1, 0);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  				ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>  	ut_params->obuf = ut_params->op->sym->m_src;
> @@ -2619,6 +2816,9 @@ test_kasumi_authentication(const struct
> kasumi_hash_test_data *tdata)
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_crypt_auth_op(ts_params->valid_devs[0],
>  			ut_params->op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 1, 0);
>  	else
>  		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> @@ -2690,7 +2890,11 @@ test_kasumi_authentication_verify(const struct
> kasumi_hash_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 1, 0);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  				ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>  	ut_params->obuf = ut_params->op->sym->m_src;
> @@ -2897,8 +3101,12 @@ test_kasumi_encryption(const struct
> kasumi_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> -						ut_params->op);
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
> +				ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
>  	ut_params->obuf = ut_params->op->sym->m_dst;
> @@ -2983,7 +3191,11 @@ test_kasumi_encryption_sgl(const struct
> kasumi_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  						ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
> @@ -3026,8 +3238,9 @@ test_kasumi_encryption_oop(const struct
> kasumi_test_data *tdata)
>  	struct rte_cryptodev_sym_capability_idx cap_idx;
>  	cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
>  	cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
> +	/* Data-path service does not support OOP */
>  	if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
> -			&cap_idx) == NULL)
> +			&cap_idx) == NULL || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	/* Create KASUMI session */
> @@ -3107,8 +3320,9 @@ test_kasumi_encryption_oop_sgl(const struct
> kasumi_test_data *tdata)
>  	struct rte_cryptodev_sym_capability_idx cap_idx;
>  	cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
>  	cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
> +	/* Data-path service does not support OOP */
>  	if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
> -			&cap_idx) == NULL)
> +			&cap_idx) == NULL || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
> @@ -3192,8 +3406,9 @@ test_kasumi_decryption_oop(const struct
> kasumi_test_data *tdata)
>  	struct rte_cryptodev_sym_capability_idx cap_idx;
>  	cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
>  	cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
> +	/* Data-path service does not support OOP */
>  	if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
> -			&cap_idx) == NULL)
> +			&cap_idx) == NULL || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	/* Create KASUMI session */
> @@ -3306,7 +3521,11 @@ test_kasumi_decryption(const struct
> kasumi_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 0, 1, 0);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  						ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
> @@ -3381,7 +3600,11 @@ test_snow3g_encryption(const struct
> snow3g_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  						ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
> @@ -3419,7 +3642,7 @@ test_snow3g_encryption_oop(const struct
> snow3g_test_data *tdata)
>  	cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
>  	cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
>  	if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
> -			&cap_idx) == NULL)
> +			&cap_idx) == NULL || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	/* Create SNOW 3G session */
> @@ -3502,7 +3725,7 @@ test_snow3g_encryption_oop_sgl(const struct
> snow3g_test_data *tdata)
>  	cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
>  	cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
>  	if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
> -			&cap_idx) == NULL)
> +			&cap_idx) == NULL || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
> @@ -3621,7 +3844,7 @@ test_snow3g_encryption_offset_oop(const struct
> snow3g_test_data *tdata)
>  	cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
>  	cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
>  	if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
> -			&cap_idx) == NULL)
> +			&cap_idx) == NULL || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	/* Create SNOW 3G session */
> @@ -3756,7 +3979,11 @@ static int test_snow3g_decryption(const struct
> snow3g_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  						ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>  	ut_params->obuf = ut_params->op->sym->m_dst;
> @@ -3791,7 +4018,7 @@ static int test_snow3g_decryption_oop(const struct
> snow3g_test_data *tdata)
>  	cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
>  	cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
>  	if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
> -			&cap_idx) == NULL)
> +			&cap_idx) == NULL || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	/* Create SNOW 3G session */
> @@ -3924,7 +4151,11 @@ test_zuc_cipher_auth(const struct
> wireless_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>  	ut_params->obuf = ut_params->op->sym->m_src;
> @@ -4019,7 +4250,11 @@ test_snow3g_cipher_auth(const struct
> snow3g_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>  	ut_params->obuf = ut_params->op->sym->m_src;
> @@ -4087,6 +4322,8 @@ test_snow3g_auth_cipher(const struct
> snow3g_test_data *tdata,
>  			printf("Device doesn't support digest encrypted.\n");
>  			return -ENOTSUP;
>  		}
> +		if (cryptodev_dp_test)
> +			return -ENOTSUP;
>  	}
> 
>  	/* Create SNOW 3G session */
> @@ -4155,7 +4392,11 @@ test_snow3g_auth_cipher(const struct
> snow3g_test_data *tdata,
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> @@ -4266,6 +4507,8 @@ test_snow3g_auth_cipher_sgl(const struct
> snow3g_test_data *tdata,
>  			return -ENOTSUP;
>  		}
>  	} else {
> +		if (cryptodev_dp_test)
> +			return -ENOTSUP;
>  		if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT))
> {
>  			printf("Device doesn't support out-of-place scatter-
> gather "
>  					"in both input and output mbufs.\n");
> @@ -4344,7 +4587,11 @@ test_snow3g_auth_cipher_sgl(const struct
> snow3g_test_data *tdata,
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> @@ -4453,6 +4700,8 @@ test_kasumi_auth_cipher(const struct
> kasumi_test_data *tdata,
>  	uint64_t feat_flags = dev_info.feature_flags;
> 
>  	if (op_mode == OUT_OF_PLACE) {
> +		if (cryptodev_dp_test)
> +			return -ENOTSUP;
>  		if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) {
>  			printf("Device doesn't support digest encrypted.\n");
>  			return -ENOTSUP;
> @@ -4526,7 +4775,11 @@ test_kasumi_auth_cipher(const struct
> kasumi_test_data *tdata,
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> @@ -4638,6 +4891,8 @@ test_kasumi_auth_cipher_sgl(const struct
> kasumi_test_data *tdata,
>  			return -ENOTSUP;
>  		}
>  	} else {
> +		if (cryptodev_dp_test)
> +			return -ENOTSUP;
>  		if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT))
> {
>  			printf("Device doesn't support out-of-place scatter-
> gather "
>  					"in both input and output mbufs.\n");
> @@ -4716,7 +4971,11 @@ test_kasumi_auth_cipher_sgl(const struct
> kasumi_test_data *tdata,
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> @@ -4857,7 +5116,11 @@ test_kasumi_cipher_auth(const struct
> kasumi_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
> @@ -4944,7 +5207,11 @@ test_zuc_encryption(const struct wireless_test_data
> *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  						ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
> @@ -5031,7 +5298,11 @@ test_zuc_encryption_sgl(const struct
> wireless_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  						ut_params->op);
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
> @@ -5119,7 +5390,11 @@ test_zuc_authentication(const struct
> wireless_test_data *tdata)
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 1, 0);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  				ut_params->op);
>  	ut_params->obuf = ut_params->op->sym->m_src;
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> @@ -5177,6 +5452,8 @@ test_zuc_auth_cipher(const struct wireless_test_data
> *tdata,
>  			return -ENOTSUP;
>  		}
>  	} else {
> +		if (cryptodev_dp_test)
> +			return -ENOTSUP;
>  		if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT))
> {
>  			printf("Device doesn't support out-of-place scatter-
> gather "
>  					"in both input and output mbufs.\n");
> @@ -5251,7 +5528,11 @@ test_zuc_auth_cipher(const struct
> wireless_test_data *tdata,
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> @@ -5359,6 +5640,8 @@ test_zuc_auth_cipher_sgl(const struct
> wireless_test_data *tdata,
>  			return -ENOTSUP;
>  		}
>  	} else {
> +		if (cryptodev_dp_test)
> +			return -ENOTSUP;
>  		if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT))
> {
>  			printf("Device doesn't support out-of-place scatter-
> gather "
>  					"in both input and output mbufs.\n");
> @@ -5437,7 +5720,11 @@ test_zuc_auth_cipher_sgl(const struct
> wireless_test_data *tdata,
>  	if (retval < 0)
>  		return retval;
> 
> -	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
> +	else
> +		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> @@ -5580,6 +5867,9 @@ test_kasumi_decryption_test_case_2(void)
>  static int
>  test_kasumi_decryption_test_case_3(void)
>  {
> +	/* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
> +	if (cryptodev_dp_test)
> +		return -ENOTSUP;
>  	return test_kasumi_decryption(&kasumi_test_case_3);
>  }
> 
> @@ -5779,6 +6069,9 @@ test_snow3g_auth_cipher_part_digest_enc_oop(void)
>  static int
>  test_snow3g_auth_cipher_test_case_3_sgl(void)
>  {
> +	/* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
> +	if (cryptodev_dp_test)
> +		return -ENOTSUP;
>  	return test_snow3g_auth_cipher_sgl(
>  		&snow3g_auth_cipher_test_case_3, IN_PLACE, 0);
>  }
> @@ -5793,6 +6086,9 @@ test_snow3g_auth_cipher_test_case_3_oop_sgl(void)
>  static int
>  test_snow3g_auth_cipher_part_digest_enc_sgl(void)
>  {
> +	/* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
> +	if (cryptodev_dp_test)
> +		return -ENOTSUP;
>  	return test_snow3g_auth_cipher_sgl(
>  		&snow3g_auth_cipher_partial_digest_encryption,
>  			IN_PLACE, 0);
> @@ -6146,10 +6442,9 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
>  	unsigned int ciphertext_len;
> 
>  	struct rte_cryptodev_info dev_info;
> -	struct rte_crypto_op *op;
> 
>  	/* Check if device supports particular algorithms separately */
> -	if (test_mixed_check_if_unsupported(tdata))
> +	if (test_mixed_check_if_unsupported(tdata) || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
> @@ -6161,6 +6456,9 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
>  		return -ENOTSUP;
>  	}
> 
> +	if (op_mode == OUT_OF_PLACE)
> +		return -ENOTSUP;
> +
>  	/* Create the session */
>  	if (verify)
>  		retval = create_wireless_algo_cipher_auth_session(
> @@ -6192,9 +6490,11 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
>  	/* clear mbuf payload */
>  	memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
>  		rte_pktmbuf_tailroom(ut_params->ibuf));
> -	if (op_mode == OUT_OF_PLACE)
> +	if (op_mode == OUT_OF_PLACE) {
> +
>  		memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0,
>  				rte_pktmbuf_tailroom(ut_params->obuf));
> +	}

Unnecessary change.

> 
>  	ciphertext_len = ceil_byte_length(tdata->ciphertext.len_bits);
>  	plaintext_len = ceil_byte_length(tdata->plaintext.len_bits);
> @@ -6235,18 +6535,17 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
>  	if (retval < 0)
>  		return retval;
> 
> -	op = process_crypto_request(ts_params->valid_devs[0],
> +	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
>  			ut_params->op);
> 
>  	/* Check if the op failed because the device doesn't */
>  	/* support this particular combination of algorithms */
> -	if (op == NULL && ut_params->op->status ==
> +	if (ut_params->op == NULL && ut_params->op->status ==
>  			RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
>  		printf("Device doesn't support this mixed combination. "
>  				"Test Skipped.\n");
>  		return -ENOTSUP;
>  	}
> -	ut_params->op = op;

Unnecessary change



> 
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
> @@ -6337,10 +6636,9 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
>  	uint8_t digest_buffer[10000];
> 
>  	struct rte_cryptodev_info dev_info;
> -	struct rte_crypto_op *op;
> 
>  	/* Check if device supports particular algorithms */
> -	if (test_mixed_check_if_unsupported(tdata))
> +	if (test_mixed_check_if_unsupported(tdata) || cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
> @@ -6440,20 +6738,18 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
>  	if (retval < 0)
>  		return retval;
> 
> -	op = process_crypto_request(ts_params->valid_devs[0],
> +	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
>  			ut_params->op);
> 
>  	/* Check if the op failed because the device doesn't */
>  	/* support this particular combination of algorithms */
> -	if (op == NULL && ut_params->op->status ==
> +	if (ut_params->op == NULL && ut_params->op->status ==
>  			RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
>  		printf("Device doesn't support this mixed combination. "
>  				"Test Skipped.\n");
>  		return -ENOTSUP;
>  	}

Unnecessary change

> 
> -	ut_params->op = op;
> -
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
> 
>  	ut_params->obuf = (op_mode == IN_PLACE ?
> @@ -7043,6 +7339,9 @@ test_authenticated_encryption(const struct
> aead_test_data *tdata)
>  	/* Process crypto operation */
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_aead_op(ts_params->valid_devs[0], ut_params-
> >op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 0, 0, 0);
>  	else
>  		TEST_ASSERT_NOT_NULL(
>  			process_crypto_request(ts_params->valid_devs[0],
> @@ -8540,6 +8839,9 @@ test_authenticated_decryption(const struct
> aead_test_data *tdata)
>  	/* Process crypto operation */
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_aead_op(ts_params->valid_devs[0], ut_params-
> >op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 0, 0, 0);
>  	else
>  		TEST_ASSERT_NOT_NULL(
>  			process_crypto_request(ts_params->valid_devs[0],
> @@ -8833,6 +9135,9 @@ test_authenticated_encryption_oop(const struct
> aead_test_data *tdata)
>  	if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
>  			&cap_idx) == NULL)
>  		return -ENOTSUP;
> +	/* Data-path service does not support OOP */
> +	if (cryptodev_dp_test)
> +		return -ENOTSUP;
> 
>  	/* not supported with CPU crypto */
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
> @@ -8923,8 +9228,9 @@ test_authenticated_decryption_oop(const struct
> aead_test_data *tdata)
>  			&cap_idx) == NULL)
>  		return -ENOTSUP;
> 
> -	/* not supported with CPU crypto */
> -	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
> +	/* not supported with CPU crypto and data-path service*/
> +	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO ||
> +			cryptodev_dp_test)
>  		return -ENOTSUP;
> 
>  	/* Create AEAD session */
> @@ -9151,8 +9457,13 @@ test_authenticated_decryption_sessionless(
>  			"crypto op session type not sessionless");
> 
>  	/* Process crypto operation */
> -	TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params-
> >valid_devs[0],
> -			ut_params->op), "failed to process sym crypto op");
> +	if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 0, 0, 0);
> +	else
> +		TEST_ASSERT_NOT_NULL(process_crypto_request(
> +			ts_params->valid_devs[0], ut_params->op),
> +				"failed to process sym crypto op");
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->op, "failed crypto process");
> 
> @@ -9472,6 +9783,9 @@ test_MD5_HMAC_generate(const struct
> HMAC_MD5_vector *test_case)
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_crypt_auth_op(ts_params->valid_devs[0],
>  			ut_params->op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 0, 0);
>  	else
>  		TEST_ASSERT_NOT_NULL(
>  			process_crypto_request(ts_params->valid_devs[0],
> @@ -9530,6 +9844,9 @@ test_MD5_HMAC_verify(const struct
> HMAC_MD5_vector *test_case)
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_crypt_auth_op(ts_params->valid_devs[0],
>  			ut_params->op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 0, 0);
>  	else
>  		TEST_ASSERT_NOT_NULL(
>  			process_crypto_request(ts_params->valid_devs[0],
> @@ -10098,6 +10415,9 @@ test_AES_GMAC_authentication(const struct
> gmac_test_data *tdata)
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_crypt_auth_op(ts_params->valid_devs[0],
>  			ut_params->op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 0, 0);
>  	else
>  		TEST_ASSERT_NOT_NULL(
>  			process_crypto_request(ts_params->valid_devs[0],
> @@ -10215,6 +10535,9 @@ test_AES_GMAC_authentication_verify(const
> struct gmac_test_data *tdata)
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_crypt_auth_op(ts_params->valid_devs[0],
>  			ut_params->op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 0, 0);
>  	else
>  		TEST_ASSERT_NOT_NULL(
>  			process_crypto_request(ts_params->valid_devs[0],
> @@ -10780,7 +11103,10 @@
> test_authentication_verify_fail_when_data_corruption(
>  		TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
>  			RTE_CRYPTO_OP_STATUS_SUCCESS,
>  			"authentication not failed");
> -	} else {
> +	} else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 0, 0);
> +	else {
>  		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
>  		TEST_ASSERT_NULL(ut_params->op, "authentication not
> failed");
> @@ -10851,7 +11177,10 @@
> test_authentication_verify_GMAC_fail_when_corruption(
>  		TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
>  			RTE_CRYPTO_OP_STATUS_SUCCESS,
>  			"authentication not failed");
> -	} else {
> +	} else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 1, 0, 0);
> +	else {
>  		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
>  		TEST_ASSERT_NULL(ut_params->op, "authentication not
> failed");
> @@ -10926,7 +11255,10 @@
> test_authenticated_decryption_fail_when_corruption(
>  		TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
>  			RTE_CRYPTO_OP_STATUS_SUCCESS,
>  			"authentication not failed");
> -	} else {
> +	} else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 0, 0);
> +	else {
>  		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
>  		TEST_ASSERT_NULL(ut_params->op, "authentication not
> failed");
> @@ -11021,6 +11353,9 @@ test_authenticated_encryt_with_esn(
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_crypt_auth_op(ts_params->valid_devs[0],
>  			ut_params->op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 0, 0);
>  	else
>  		ut_params->op = process_crypto_request(
>  			ts_params->valid_devs[0], ut_params->op);
> @@ -11141,6 +11476,9 @@ test_authenticated_decrypt_with_esn(
>  	if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_crypt_auth_op(ts_params->valid_devs[0],
>  			ut_params->op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 1, 1, 0, 0);
>  	else
>  		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> @@ -11285,6 +11623,9 @@ test_authenticated_encryption_SGL(const struct
> aead_test_data *tdata,
>  		unsigned int sgl_in = fragsz < tdata->plaintext.len;
>  		unsigned int sgl_out = (fragsz_oop ? fragsz_oop : fragsz) <
>  				tdata->plaintext.len;
> +		/* Data path service does not support OOP */
> +		if (cryptodev_dp_test)
> +			return -ENOTSUP;
>  		if (sgl_in && !sgl_out) {
>  			if (!(dev_info.feature_flags &
> 
> 	RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT))
> @@ -11480,6 +11821,9 @@ test_authenticated_encryption_SGL(const struct
> aead_test_data *tdata,
>  	if (oop == IN_PLACE &&
>  			gbl_action_type ==
> RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
>  		process_cpu_aead_op(ts_params->valid_devs[0], ut_params-
> >op);
> +	else if (cryptodev_dp_test)
> +		process_sym_hw_api_op(ts_params->valid_devs[0], 0,
> +				ut_params->op, 0, 0, 0, 0);
>  	else
>  		TEST_ASSERT_NOT_NULL(
>  			process_crypto_request(ts_params->valid_devs[0],
> @@ -13041,6 +13385,29 @@ test_cryptodev_nitrox(void)
>  	return unit_test_suite_runner(&cryptodev_nitrox_testsuite);
>  }
> 
> +static int
> +test_qat_sym_direct_api(void /*argv __rte_unused, int argc __rte_unused*/)
> +{
> +	int ret;
> +
> +	gbl_driver_id =	rte_cryptodev_driver_id_get(
> +			RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD));
> +
> +	if (gbl_driver_id == -1) {
> +		RTE_LOG(ERR, USER1, "QAT PMD must be loaded. Check that
> both "
> +		"CONFIG_RTE_LIBRTE_PMD_QAT and
> CONFIG_RTE_LIBRTE_PMD_QAT_SYM "
> +		"are enabled in config file to run this testsuite.\n");
> +		return TEST_SKIPPED;
> +	}
> +
> +	cryptodev_dp_test = 1;

Cryptodev_dp_test cannot be set blindly. You  should check for feature flag of the device
If the feature is supported or not.

Can we also rename this flag as "test_raw_crypto_dp"

> +	ret = unit_test_suite_runner(&cryptodev_testsuite);
> +	cryptodev_dp_test = 0;
> +
> +	return ret;
> +}
> +
> +REGISTER_TEST_COMMAND(cryptodev_qat_sym_api_autotest,
> test_qat_sym_direct_api);

It would be better to name the test string as test_cryptodev_qat_raw_dp

>  REGISTER_TEST_COMMAND(cryptodev_qat_autotest, test_cryptodev_qat);
>  REGISTER_TEST_COMMAND(cryptodev_aesni_mb_autotest,
> test_cryptodev_aesni_mb);
>  REGISTER_TEST_COMMAND(cryptodev_cpu_aesni_mb_autotest,
> diff --git a/app/test/test_cryptodev.h b/app/test/test_cryptodev.h
> index 41542e055..e4e4c7626 100644
> --- a/app/test/test_cryptodev.h
> +++ b/app/test/test_cryptodev.h
> @@ -71,6 +71,8 @@
>  #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
>  #define CRYPTODEV_NAME_NITROX_PMD	crypto_nitrox_sym
> 
> +extern int cryptodev_dp_test;
> +
>  /**
>   * Write (spread) data from buffer to mbuf data
>   *
> @@ -209,4 +211,9 @@ create_segmented_mbuf(struct rte_mempool
> *mbuf_pool, int pkt_len,
>  	return NULL;
>  }
> 
> +void
> +process_sym_hw_api_op(uint8_t dev_id, uint16_t qp_id, struct rte_crypto_op
> *op,
> +		uint8_t is_cipher, uint8_t is_auth, uint8_t len_in_bits,
> +		uint8_t cipher_iv_len);
> +
>  #endif /* TEST_CRYPTODEV_H_ */
> diff --git a/app/test/test_cryptodev_blockcipher.c
> b/app/test/test_cryptodev_blockcipher.c
> index 221262341..311b34c15 100644
> --- a/app/test/test_cryptodev_blockcipher.c
> +++ b/app/test/test_cryptodev_blockcipher.c
> @@ -462,25 +462,44 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  	}
> 
>  	/* Process crypto operation */
> -	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> -		snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
> -			"line %u FAILED: %s",
> -			__LINE__, "Error sending packet for encryption");
> -		status = TEST_FAILED;
> -		goto error_exit;
> -	}
> +	if (cryptodev_dp_test) {
> +		uint8_t is_cipher = 0, is_auth = 0;
> 
> -	op = NULL;
> +		if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
> +			RTE_LOG(DEBUG, USER1,
> +			"QAT direct API does not support OOP, Test
> Skipped.\n");
> +			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
> "SKIPPED");
> +			status = TEST_SUCCESS;
> +			goto error_exit;
> +		}
> +		if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER)
> +			is_cipher = 1;
> +		if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH)
> +			is_auth = 1;
> 
> -	while (rte_cryptodev_dequeue_burst(dev_id, 0, &op, 1) == 0)
> -		rte_pause();
> +		process_sym_hw_api_op(dev_id, 0, op, is_cipher, is_auth, 0,
> +				tdata->iv.len);
> +	} else {
> +		if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> +			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
> +				"line %u FAILED: %s",
> +				__LINE__, "Error sending packet for
> encryption");
> +			status = TEST_FAILED;
> +			goto error_exit;
> +		}
> 
> -	if (!op) {
> -		snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
> -			"line %u FAILED: %s",
> -			__LINE__, "Failed to process sym crypto op");
> -		status = TEST_FAILED;
> -		goto error_exit;
> +		op = NULL;
> +
> +		while (rte_cryptodev_dequeue_burst(dev_id, 0, &op, 1) == 0)
> +			rte_pause();
> +
> +		if (!op) {
> +			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
> +				"line %u FAILED: %s",
> +				__LINE__, "Failed to process sym crypto op");
> +			status = TEST_FAILED;
> +			goto error_exit;
> +		}
>  	}
> 
>  	debug_hexdump(stdout, "m_src(after):",
> --
> 2.20.1