From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by dpdk.space (Postfix) with ESMTP id 2F6D7A0679 for ; Sun, 28 Apr 2019 11:05:19 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id D0C5B1B45B; Sun, 28 Apr 2019 11:05:18 +0200 (CEST) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by dpdk.org (Postfix) with ESMTP id 0B42C1B3D8 for ; Sun, 28 Apr 2019 11:05:16 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Apr 2019 02:05:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,405,1549958400"; d="scan'208";a="139487739" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by orsmga006.jf.intel.com with ESMTP; 28 Apr 2019 02:05:15 -0700 Received: from fmsmsx111.amr.corp.intel.com (10.18.116.5) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.408.0; Sun, 28 Apr 2019 02:05:15 -0700 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by fmsmsx111.amr.corp.intel.com (10.18.116.5) with Microsoft SMTP Server (TLS) id 14.3.408.0; Sun, 28 Apr 2019 02:05:14 -0700 Received: from shsmsx101.ccr.corp.intel.com ([169.254.1.164]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.42]) with mapi id 14.03.0415.000; Sun, 28 Apr 2019 17:05:13 +0800 From: "Wu, ChangqingX" To: "Xiao, QimaiX" , "dts@dpdk.org" CC: "Xiao, QimaiX" Thread-Topic: [dts] [PATCH V1] update inline_ipsec to test dpdk19.05 Thread-Index: AQHU/J581rTP1dS4lUWVd4kPWtLqaKZRSbZQ Date: Sun, 28 Apr 2019 09:05:12 +0000 Message-ID: <7F81DD3887C58F49A6B2EFEC3C28E22E0B6D22CF@SHSMSX101.ccr.corp.intel.com> References: <1556331313-12105-1-git-send-email-qimaix.xiao@intel.com> In-Reply-To: <1556331313-12105-1-git-send-email-qimaix.xiao@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dts] [PATCH V1] update inline_ipsec to test dpdk19.05 X-BeenThere: dts@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: test suite reviews and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dts-bounces@dpdk.org Sender: "dts" Tested-by: Wu, ChangqingX -----Original Message----- From: dts [mailto:dts-bounces@dpdk.org] On Behalf Of xiao,qimai Sent: Saturday, April 27, 2019 10:15 AM To: dts@dpdk.org Cc: Xiao, QimaiX Subject: [dts] [PATCH V1] update inline_ipsec to test dpdk19.05 1.remove unused imports 2.add some steps to verfiy encrypt package 3.upadte verify message of decry= pt with wrong key Signed-off-by: xiao,qimai --- tests/TestSuite_inline_ipsec.py | 86 +++++++++++++++++++++++---------- 1 file changed, 60 insertions(+), 26 deletions(-) diff --git a/tests/TestSuite_inline_ipsec.py b/tests/TestSuite_inline_ipsec= .py index 1813c08..369d4f0 100644 --- a/tests/TestSuite_inline_ipsec.py +++ b/tests/TestSuite_inline_ipsec.py @@ -35,14 +35,13 @@ DPDK Test suite. Test inline_ipsec. """ =20 -import utils -import string -import time +import random import re -import threading +import time + +import utils +from scapy.all import ESP, IP, Ether, sendp, SecurityAssociation from test_case import TestCase -import getopt -from scapy.all import * =20 ETHER_STANDARD_MTU =3D 1518 ETHER_JUMBO_FRAME_MTU =3D 9000 @@ -51,9 +50,10 @@ ETHER_JUMBO_FRAME_MTU =3D 9000 class TestInlineIpsec(Te= stCase): """ This suite depend PyCryptodome,it provide authenticated encryption mod= es(GCM) - my environment:asn1crypto (0.22.0), pycryptodome (3.4.7), pycryptodome= x (3.4.7), - pycryptopp (0.6.0.1206569328141510525648634803928199668821045408958), = scapy (2.3.3.dev623) + my environment:cryptography (1.7.2), pycryptodome (3.4.7), pycryptodom= ex (3.4.7), + pycryptopp=20 + (0.6.0.1206569328141510525648634803928199668821045408958), scapy=20 + (2.4.2) """ + def set_up_all(self): """ Run at the start of each test suite. @@ -86,7 +86,7 @@ class TestInlineIpsec(TestCase): =20 self.path =3D "./examples/ipsec-secgw/build/ipsec-secgw" # add print code in IPSEC app - sedcmd =3D r"""sed -i -e '/process_pkts(qconf, pkts, nb_rx, portid= );/i\\printf("[debug]receive %hhu packet in rxqueueid=3D%hhu\\n",nb_rx, que= ueid);' examples/ipsec-secgw/ipsec-secgw.c""" + sedcmd =3D r"""sed -i -e '/process_pkts(qconf, pkts, nb_rx, portid= );/i\\t\t\t\tprintf("[debug]receive %hhu packet in rxqueueid=3D%hhu\\n",nb_= rx, queueid);' examples/ipsec-secgw/ipsec-secgw.c""" self.dut.send_expect(sedcmd, "#", 60) =20 # build sample app @@ -165,7 +165,8 @@ class TestInlineIpsec(TestCase): f.write(cfg) self.dut.session.copy_file_to(filename, self.dut.base_dir) =20 - def send_encryption_package(self, intf, paysize=3D64, do_encrypt=3DFal= se, send_spi=3D5, count=3D1, inner_dst=3D'192.168.105.10', sa_src=3D'172.16= .1.5', sa_dst=3D'172.16.2.5'): + def send_encryption_package(self, intf, paysize=3D64, do_encrypt=3DFal= se, send_spi=3D5, count=3D1, + inner_dst=3D'192.168.105.10', sa_src=3D'17= 2.16.1.5', sa_dst=3D'172.16.2.5'): """ prepare a packet and send """ @@ -184,6 +185,8 @@ class TestInlineIpsec(TestCase): =20 if do_encrypt =3D=3D True: print "send encrypt package" + print("before encrypt, the package info is like below: ") + p.show() e =3D sa_gcm.encrypt(p) else: print "send normal package" @@ -196,14 +199,15 @@ class TestInlineIpsec(TestCase): name=3D'send_encryption_package') sendp(eth_e, iface=3Dintf, count=3Dcount) self.tester.destroy_session(session_send) + return payload, p.src, p.dst =20 - return payload - - def Ipsec_Encryption(self, config, file_name, txItf, rxItf, paysize=3D= 32, jumboframe=3D1518, do_encrypt=3DFalse, verify=3DTrue, send_spi=3D5, rec= eive_spi=3D1005, count=3D1, inner_dst=3D'192.168.105.10', sa_src=3D'172.16.= 1.5', sa_dst=3D'172.16.2.5'): + def Ipsec_Encryption(self, config, file_name, txItf, rxItf, paysize=3D= 32, jumboframe=3D1518, do_encrypt=3DFalse, + verify=3DTrue, send_spi=3D5, receive_spi=3D1005, = count=3D1, inner_dst=3D'192.168.105.10', + sa_src=3D'172.16.1.5', sa_dst=3D'172.16.2.5'): """ verify Ipsec receive package """ - cmd =3D self.path + " -l 20,21 -w %s -w %s --vdev 'crypto_null' --= log-level 8 --socket-mem 1024,1 -- -p 0xf -P -u 0x2 -j %s --config=3D'%s' -= f %s" % ( + cmd =3D self.path + " -l 20,21 -w %s -w %s --vdev 'crypto_null'=20 + --log-level 8 --socket-mem 1024,1024 -- -p 0xf -P -u 0x2 -j %s=20 + --config=3D'%s' -f %s" % ( self.portpci_0, self.portpci_1, jumboframe, config, file_name) self.dut.send_expect(cmd, "IPSEC", 60) =20 @@ -213,25 +217,40 @@ class TestInlineIpsec(TestCase): =20 session_receive.send_expect("scapy", ">>>", 10) session_receive.send_expect( - "pkts=3Dsniff(iface=3D'%s',count=3D1,timeout=3D10)" % rxItf, "= ", 30) - send_package =3D self.send_encryption_package( - txItf, paysize, do_encrypt, send_spi, count, inner_dst, sa_src= , sa_dst) + "pkts=3Dsniff(iface=3D'%s',count=3D1,timeout=3D45)" % rxItf, "= ",=20 + 10) =20 - time.sleep(10) - out =3D session_receive.send_expect("pkts", "", 30) if do_encrypt: + send_package =3D self.send_encryption_package( + txItf, paysize, do_encrypt, send_spi, count, inner_dst, sa= _src, sa_dst) + time.sleep(45) + session_receive.send_expect("pkts", "", 30) out =3D session_receive.send_expect("pkts[0]['IP'] ", ">>>", 1= 0) else: + session_receive2 =3D self.tester.create_session(name=3D'receiv= e_encryption_package2') + session_receive2.send_expect("tcpdump -Xvvvi %s -c 1" % rxItf,= "", 30) + send_package =3D self.send_encryption_package(txItf, paysize, = do_encrypt, send_spi, count, inner_dst, sa_src, + sa_dst) + time.sleep(45) + rev =3D session_receive2.get_session_before() + print(rev) + p =3D re.compile(': ESP\(spi=3D0x\w+,seq=3D0x\w+\),') + res =3D p.search(rev) + self.verify(res, 'encrypt failed, tcpdump get %s' % rev) + self.tester.destroy_session(session_receive2) + session_receive.send_expect("pkts", "", 30) session_receive.send_expect(sa_gcm, ">>>", 10) - session_receive.send_expect( - "results=3Dsa_gcm.decrypt(pkts[0]['IP'])", ">>>", 10) + time.sleep(2) + =20 + session_receive.send_expect("results=3Dsa_gcm.decrypt(pkts[0]['IP'])",=20 + ">>>", 10) out =3D session_receive.send_expect("results", ">>>", 10) =20 if verify: - self.verify(send_package in out, + print('received packet content is %s' % out) + print('send pkt src ip is %s, dst ip is %s, payload is %s' % ( + send_package[1], send_package[2], send_package[0])) + self.verify(send_package[0] in out, "Unreceived package or get other package") else: - self.verify(send_package not in out, + self.verify(send_package[0] not in out, "The function is not in effect") session_receive.send_expect("quit()", "#", 10) self.tester.destroy_session(session_receive) @@ -244,6 +263,7 @@ class TestInlineIpsec(TestCase): paysize =3D random.randint(1, ETHER_STANDARD_MTU) self.Ipsec_Encryption(config, '/root/dpdk/enc.cfg', self.txItf, self.rxItf, paysize) + self.dut.send_expect("^C", "#", 5) =20 def test_Ipsec_Encryption_Jumboframe(self): """ @@ -253,6 +273,7 @@ class TestInlineIpsec(TestCase): paysize =3D random.randint(ETHER_STANDARD_MTU, ETHER_JUMBO_FRAME_M= TU) self.Ipsec_Encryption(config, '/root/dpdk/enc.cfg', self.txItf, self.rxItf, paysize, ETHER_JUMBO= _FRAME_MTU) + self.dut.send_expect("^C", "#", 5) =20 def test_Ipsec_Encryption_Rss(self): """ @@ -264,6 +285,7 @@ class TestInlineIpsec(TestCase): out =3D self.dut.get_session_output() verifycode =3D "receive 1 packet in rxqueueid=3D1" self.verify(verifycode in out, "rxqueueid error") + self.dut.send_expect("^C", "#", 5) =20 def test_IPSec_Decryption(self): """ @@ -273,6 +295,7 @@ class TestInlineIpsec(TestCase): paysize =3D random.randint(1, ETHER_STANDARD_MTU) self.Ipsec_Encryption(config, '/root/dpdk/dec.cfg', self.rxItf, self.txItf, paysize, do_encrypt=3DTrue, coun= t=3D2) + self.dut.send_expect("^C", "#", 5) =20 def test_IPSec_Decryption_Jumboframe(self): """ @@ -282,6 +305,7 @@ class TestInlineIpsec(TestCase): paysize =3D random.randint(ETHER_STANDARD_MTU, ETHER_JUMBO_FRAME_M= TU) self.Ipsec_Encryption(config, '/root/dpdk/dec.cfg', self.rxItf, self.txItf, paysize, ETHER_JUMBO_FRAME_MTU, = do_encrypt=3DTrue, count=3D2) + self.dut.send_expect("^C", "#", 5) =20 def test_Ipsec_Decryption_Rss(self): """ @@ -293,6 +317,7 @@ class TestInlineIpsec(TestCase): out =3D self.dut.get_session_output() verifycode =3D "receive 1 packet in rxqueueid=3D1" self.verify(verifycode in out, "rxqueueid error") + self.dut.send_expect("^C", "#", 5) =20 def test_Ipsec_Decryption_wrongkey(self): """ @@ -303,8 +328,10 @@ class TestInlineIpsec(TestCase): self.Ipsec_Encryption(config, '/root/dpdk/dec_wrong_key.cfg', self= .rxItf, self.txItf, paysize, do_encrypt=3DTrue, veri= fy=3DFalse, count=3D2) out =3D self.dut.get_session_output() - verifycode =3D "IPSEC_ESP: failed crypto op" - self.verify(verifycode in out, "Ipsec Decryption wrongkey failed") + verifycode =3D "IPSEC_ESP: esp_inbound_post\(\) failed crypto op" + l =3D re.findall(verifycode, out) + self.verify(len(l) =3D=3D 2, "Ipsec Decryption wrongkey failed") + self.dut.send_expect("^C", "#", 5) =20 def test_Ipsec_Encryption_Decryption(self): """ @@ -350,10 +377,17 @@ class TestInlineIpsec(TestCase): eth_e2 =3D Ether() / e2 eth_e2.src =3D self.rx_src eth_e2.dst =3D self.tx_dst - + session_receive3 =3D self.tester.create_session('check_forward_enc= ryption_package') + session_receive3.send_expect("tcpdump -Xvvvi %s -c 1" % self.rxItf= , "", 30) + time.sleep(2) sendp(eth_e1, iface=3Dself.rxItf, count=3D2) sendp(eth_e2, iface=3Dself.txItf, count=3D1) time.sleep(30) + rev =3D session_receive3.get_session_before() + print(rev) + p =3D re.compile(': ESP\(spi=3D0x\w+,seq=3D0x\w+\),') + res =3D p.search(rev) + self.verify(res, 'encrypt failed, tcpdump get %s' % rev) session_receive.send_expect( "results=3Dsa_gcm.decrypt(pkts[2]['IP'])", ">>>", 60) out =3D session_receive.send_expect("results", ">>>", 60) -- 2.17.0