From: Nithin Dabilpuram <ndabilpuram@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Fan Zhang <fanzhang.oss@gmail.com>
Cc: <jerinj@marvell.com>, <dev@dpdk.org>,
Nithin Dabilpuram <ndabilpuram@marvell.com>
Subject: [PATCH 3/3] test/security: add unittest for inline ingress oop
Date: Tue, 11 Apr 2023 15:34:09 +0530 [thread overview]
Message-ID: <20230411100410.1174495-3-ndabilpuram@marvell.com> (raw)
In-Reply-To: <20230411100410.1174495-1-ndabilpuram@marvell.com>
Add unittest for inline ingress out-of-place processing.
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
---
app/test/test_cryptodev_security_ipsec.c | 8 +++
app/test/test_cryptodev_security_ipsec.h | 1 +
app/test/test_security_inline_proto.c | 85 ++++++++++++++++++++++++
3 files changed, 94 insertions(+)
diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c
index 7a8688c692..be9e246bfe 100644
--- a/app/test/test_cryptodev_security_ipsec.c
+++ b/app/test/test_cryptodev_security_ipsec.c
@@ -213,6 +213,14 @@ test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
}
}
+ if (ipsec_xform->options.ingress_oop == 1 &&
+ sec_cap->ipsec.options.ingress_oop == 0) {
+ if (!silent)
+ RTE_LOG(INFO, USER1,
+ "Inline Ingress OOP processing is not supported\n");
+ return -ENOTSUP;
+ }
+
return 0;
}
diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h
index 92e641ba0b..5606ec056d 100644
--- a/app/test/test_cryptodev_security_ipsec.h
+++ b/app/test/test_cryptodev_security_ipsec.h
@@ -110,6 +110,7 @@ struct ipsec_test_flags {
bool ah;
uint32_t plaintext_len;
int nb_segs_in_mbuf;
+ bool inb_oop;
};
struct crypto_param {
diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c
index 79858e559f..80bcdfc701 100644
--- a/app/test/test_security_inline_proto.c
+++ b/app/test/test_security_inline_proto.c
@@ -735,6 +735,51 @@ get_and_verify_incomplete_frags(struct rte_mbuf *mbuf,
return ret;
}
+static int
+verify_inbound_oop(struct ipsec_test_data *td,
+ bool silent, struct rte_mbuf *mbuf)
+{
+ int ret = TEST_SUCCESS, rc;
+ struct rte_mbuf *orig;
+ uint32_t len;
+ void *data;
+
+ orig = *rte_security_oop_dynfield(mbuf);
+ if (!orig) {
+ if (!silent)
+ printf("\nUnable to get orig buffer OOP session");
+ return TEST_FAILED;
+ }
+
+ /* Skip Ethernet header comparison */
+ rte_pktmbuf_adj(orig, RTE_ETHER_HDR_LEN);
+
+ len = td->input_text.len;
+ if (orig->pkt_len != len) {
+ if (!silent)
+ printf("\nOriginal packet length mismatch, expected %u, got %u ",
+ len, orig->pkt_len);
+ ret = TEST_FAILED;
+ }
+
+ data = rte_pktmbuf_mtod(orig, void *);
+ rc = memcmp(data, td->input_text.data, len);
+ if (rc) {
+ ret = TEST_FAILED;
+ if (silent)
+ goto exit;
+
+ printf("TestCase %s line %d: %s\n", __func__, __LINE__,
+ "output text not as expected\n");
+
+ rte_hexdump(stdout, "expected", td->input_text.data, len);
+ rte_hexdump(stdout, "actual", data, len);
+ }
+exit:
+ rte_pktmbuf_free(orig);
+ return ret;
+}
+
static int
test_ipsec_with_reassembly(struct reassembly_vector *vector,
const struct ipsec_test_flags *flags)
@@ -1115,6 +1160,12 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td,
if (ret)
return ret;
+ if (flags->inb_oop && rte_security_oop_dynfield_offset < 0) {
+ printf("\nDynamic field not available for inline inbound OOP");
+ ret = TEST_FAILED;
+ goto out;
+ }
+
if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
ret = create_default_flow(port_id);
if (ret)
@@ -1206,6 +1257,15 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td,
goto out;
}
+ if (flags->inb_oop) {
+ ret = verify_inbound_oop(td, silent, rx_pkts_burst[i]);
+ if (ret != TEST_SUCCESS) {
+ for ( ; i < nb_rx; i++)
+ rte_pktmbuf_free(rx_pkts_burst[i]);
+ goto out;
+ }
+ }
+
rte_pktmbuf_free(rx_pkts_burst[i]);
rx_pkts_burst[i] = NULL;
}
@@ -1994,6 +2054,26 @@ test_ipsec_inline_proto_known_vec_inb(const void *test_data)
return test_ipsec_inline_proto_process(&td_inb, NULL, 1, false, &flags);
}
+static int
+test_ipsec_inline_proto_oop_inb(const void *test_data)
+{
+ const struct ipsec_test_data *td = test_data;
+ struct ipsec_test_flags flags;
+ struct ipsec_test_data td_inb;
+
+ memset(&flags, 0, sizeof(flags));
+ flags.inb_oop = true;
+
+ if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
+ test_ipsec_td_in_from_out(td, &td_inb);
+ else
+ memcpy(&td_inb, td, sizeof(td_inb));
+
+ td_inb.ipsec_xform.options.ingress_oop = true;
+
+ return test_ipsec_inline_proto_process(&td_inb, NULL, 1, false, &flags);
+}
+
static int
test_ipsec_inline_proto_display_list(const void *data __rte_unused)
{
@@ -3086,6 +3166,11 @@ static struct unit_test_suite inline_ipsec_testsuite = {
"IPv4 Reassembly with burst of 4 fragments",
ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
test_inline_ip_reassembly, &ipv4_4frag_burst_vector),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Inbound Out-Of-Place processing",
+ ut_setup_inline_ipsec, ut_teardown_inline_ipsec,
+ test_ipsec_inline_proto_oop_inb,
+ &pkt_aes_128_gcm),
TEST_CASES_END() /**< NULL terminate unit test array */
},
--
2.25.1
next prev parent reply other threads:[~2023-04-11 10:08 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-09 8:56 [RFC 1/2] security: introduce out of place support for inline ingress Nithin Dabilpuram
2023-03-09 8:56 ` [RFC 2/2] test/security: add unittest for inline ingress oop Nithin Dabilpuram
2023-04-11 10:04 ` [PATCH 1/3] security: introduce out of place support for inline ingress Nithin Dabilpuram
2023-04-11 10:04 ` [PATCH 2/3] net/cnxk: support inline ingress out of place session Nithin Dabilpuram
2023-04-11 10:04 ` Nithin Dabilpuram [this message]
2023-04-11 18:05 ` [PATCH 1/3] security: introduce out of place support for inline ingress Stephen Hemminger
2023-04-18 8:33 ` Jerin Jacob
2023-04-24 22:41 ` Thomas Monjalon
2023-05-19 8:07 ` Jerin Jacob
2023-05-30 9:23 ` Jerin Jacob
2023-05-30 13:51 ` Thomas Monjalon
2023-05-31 9:26 ` Morten Brørup
2023-07-01 7:15 ` [PATCH] doc: announce addition of new security IPsec SA option Nithin Dabilpuram
2023-07-03 14:35 ` Akhil Goyal
2023-07-04 5:15 ` [PATCH v2] " Nithin Dabilpuram
2023-07-05 14:07 ` Jerin Jacob
2023-07-11 8:55 ` [EXT] " Akhil Goyal
2023-07-06 23:05 ` [PATCH] " Ji, Kai
2023-08-11 8:54 ` [PATCH 1/3] security: introduce out of place support for inline ingress Nithin Dabilpuram
2023-08-11 8:54 ` [PATCH 2/3] net/cnxk: support inline ingress out of place session Nithin Dabilpuram
2023-08-11 8:54 ` [PATCH 3/3] test/security: add unittest for inline ingress oop Nithin Dabilpuram
2023-09-19 19:55 ` [PATCH 1/3] security: introduce out of place support for inline ingress Akhil Goyal
2023-09-21 2:15 ` [PATCH v2 " Nithin Dabilpuram
2023-09-21 2:15 ` [PATCH v2 2/3] net/cnxk: support inline ingress out of place session Nithin Dabilpuram
2023-09-21 2:15 ` [PATCH v2 3/3] test/security: add unittest for inline ingress oop Nithin Dabilpuram
2023-09-21 10:44 ` [PATCH v2 1/3] security: introduce out of place support for inline ingress Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230411100410.1174495-3-ndabilpuram@marvell.com \
--to=ndabilpuram@marvell.com \
--cc=dev@dpdk.org \
--cc=fanzhang.oss@gmail.com \
--cc=gakhil@marvell.com \
--cc=jerinj@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.