lib: allow disabling optional libraries

[dpdk.git] / app / test / test_cryptodev.c
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c

index 42e4705..32e64e2 100644 (file)
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -1,5 +1,6 @@
  /* SPDX-License-Identifier: BSD-3-Clause
   * Copyright(c) 2015-2020 Intel Corporation
+ * Copyright 2020 NXP
   */
  
  #include <time.h>
@@ -18,7 +19,7 @@
  #include <rte_cryptodev_pmd.h>
  #include <rte_string_fns.h>
  
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
  #include <rte_cryptodev_scheduler.h>
  #include <rte_cryptodev_scheduler_operations.h>
  #endif
@@ -40,23 +41,37 @@
  #include "test_cryptodev_aead_test_vectors.h"
  #include "test_cryptodev_hmac_test_vectors.h"
  #include "test_cryptodev_mixed_test_vectors.h"
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
  #include "test_cryptodev_security_pdcp_test_vectors.h"
+#include "test_cryptodev_security_pdcp_sdap_test_vectors.h"
  #include "test_cryptodev_security_pdcp_test_func.h"
  #include "test_cryptodev_security_docsis_test_vectors.h"
+
+#define SDAP_DISABLED  0
+#define SDAP_ENABLED   1
  #endif
  
  #define VDEV_ARGS_SIZE 100
  #define MAX_NB_SESSIONS 4
  
+#define MAX_DRV_SERVICE_CTX_SIZE 256
+
+#define MAX_RAW_DEQUEUE_COUNT  65535
+
  #define IN_PLACE 0
  #define OUT_OF_PLACE 1
  
+#ifndef ARRAY_SIZE
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+#endif
+
  static int gbl_driver_id;
  
  static enum rte_security_session_action_type gbl_action_type =
         RTE_SECURITY_ACTION_TYPE_NONE;
  
+enum cryptodev_api_test_type global_api_test_type = CRYPTODEV_API_TEST;
+
  struct crypto_testsuite_params {
         struct rte_mempool *mbuf_pool;
         struct rte_mempool *large_mbuf_pool;
@@ -74,17 +89,17 @@ struct crypto_unittest_params {
         struct rte_crypto_sym_xform cipher_xform;
         struct rte_crypto_sym_xform auth_xform;
         struct rte_crypto_sym_xform aead_xform;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
         struct rte_security_docsis_xform docsis_xform;
  #endif
  
         union {
                 struct rte_cryptodev_sym_session *sess;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
                 struct rte_security_session *sec_session;
  #endif
         };
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
         enum rte_security_session_action_type type;
  #endif
         struct rte_crypto_op *op;
@@ -147,15 +162,218 @@ ceil_byte_length(uint32_t num_bits)
                 return (num_bits >> 3);
  }
  
+static void
+post_process_raw_dp_op(void *user_data,        uint32_t index __rte_unused,
+               uint8_t is_op_success)
+{
+       struct rte_crypto_op *op = user_data;
+       op->status = is_op_success ? RTE_CRYPTO_OP_STATUS_SUCCESS :
+                       RTE_CRYPTO_OP_STATUS_ERROR;
+}
+
+void
+process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id,
+               struct rte_crypto_op *op, uint8_t is_cipher, uint8_t is_auth,
+               uint8_t len_in_bits, uint8_t cipher_iv_len)
+{
+       struct rte_crypto_sym_op *sop = op->sym;
+       struct rte_crypto_op *ret_op = NULL;
+       struct rte_crypto_vec data_vec[UINT8_MAX];
+       struct rte_crypto_va_iova_ptr cipher_iv, digest, aad_auth_iv;
+       union rte_crypto_sym_ofs ofs;
+       struct rte_crypto_sym_vec vec;
+       struct rte_crypto_sgl sgl;
+       uint32_t max_len;
+       union rte_cryptodev_session_ctx sess;
+       uint32_t count = 0;
+       struct rte_crypto_raw_dp_ctx *ctx;
+       uint32_t cipher_offset = 0, cipher_len = 0, auth_offset = 0,
+                       auth_len = 0;
+       int32_t n;
+       uint32_t n_success;
+       int ctx_service_size;
+       int32_t status = 0;
+       int enqueue_status, dequeue_status;
+
+       ctx_service_size = rte_cryptodev_get_raw_dp_ctx_size(dev_id);
+       if (ctx_service_size < 0) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               return;
+       }
+
+       ctx = malloc(ctx_service_size);
+       if (!ctx) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               return;
+       }
+
+       /* Both are enums, setting crypto_sess will suit any session type */
+       sess.crypto_sess = op->sym->session;
+
+       if (rte_cryptodev_configure_raw_dp_ctx(dev_id, qp_id, ctx,
+                       op->sess_type, sess, 0) < 0) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               goto exit;
+       }
+
+       cipher_iv.iova = 0;
+       cipher_iv.va = NULL;
+       aad_auth_iv.iova = 0;
+       aad_auth_iv.va = NULL;
+       digest.iova = 0;
+       digest.va = NULL;
+       sgl.vec = data_vec;
+       vec.num = 1;
+       vec.sgl = &sgl;
+       vec.iv = &cipher_iv;
+       vec.digest = &digest;
+       vec.aad = &aad_auth_iv;
+       vec.status = &status;
+
+       ofs.raw = 0;
+
+       if (is_cipher && is_auth) {
+               cipher_offset = sop->cipher.data.offset;
+               cipher_len = sop->cipher.data.length;
+               auth_offset = sop->auth.data.offset;
+               auth_len = sop->auth.data.length;
+               max_len = RTE_MAX(cipher_offset + cipher_len,
+                               auth_offset + auth_len);
+               if (len_in_bits) {
+                       max_len = max_len >> 3;
+                       cipher_offset = cipher_offset >> 3;
+                       auth_offset = auth_offset >> 3;
+                       cipher_len = cipher_len >> 3;
+                       auth_len = auth_len >> 3;
+               }
+               ofs.ofs.cipher.head = cipher_offset;
+               ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
+               ofs.ofs.auth.head = auth_offset;
+               ofs.ofs.auth.tail = max_len - auth_offset - auth_len;
+               cipher_iv.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+               cipher_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET);
+               aad_auth_iv.va = rte_crypto_op_ctod_offset(
+                               op, void *, IV_OFFSET + cipher_iv_len);
+               aad_auth_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET +
+                               cipher_iv_len);
+               digest.va = (void *)sop->auth.digest.data;
+               digest.iova = sop->auth.digest.phys_addr;
+
+       } else if (is_cipher) {
+               cipher_offset = sop->cipher.data.offset;
+               cipher_len = sop->cipher.data.length;
+               max_len = cipher_len + cipher_offset;
+               if (len_in_bits) {
+                       max_len = max_len >> 3;
+                       cipher_offset = cipher_offset >> 3;
+                       cipher_len = cipher_len >> 3;
+               }
+               ofs.ofs.cipher.head = cipher_offset;
+               ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
+               cipher_iv.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+               cipher_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET);
+
+       } else if (is_auth) {
+               auth_offset = sop->auth.data.offset;
+               auth_len = sop->auth.data.length;
+               max_len = auth_len + auth_offset;
+               if (len_in_bits) {
+                       max_len = max_len >> 3;
+                       auth_offset = auth_offset >> 3;
+                       auth_len = auth_len >> 3;
+               }
+               ofs.ofs.auth.head = auth_offset;
+               ofs.ofs.auth.tail = max_len - auth_offset - auth_len;
+               aad_auth_iv.va = rte_crypto_op_ctod_offset(
+                               op, void *, IV_OFFSET + cipher_iv_len);
+               aad_auth_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET +
+                               cipher_iv_len);
+               digest.va = (void *)sop->auth.digest.data;
+               digest.iova = sop->auth.digest.phys_addr;
+
+       } else { /* aead */
+               cipher_offset = sop->aead.data.offset;
+               cipher_len = sop->aead.data.length;
+               max_len = cipher_len + cipher_offset;
+               if (len_in_bits) {
+                       max_len = max_len >> 3;
+                       cipher_offset = cipher_offset >> 3;
+                       cipher_len = cipher_len >> 3;
+               }
+               ofs.ofs.cipher.head = cipher_offset;
+               ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
+               cipher_iv.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+               cipher_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET);
+               aad_auth_iv.va = (void *)sop->aead.aad.data;
+               aad_auth_iv.iova = sop->aead.aad.phys_addr;
+               digest.va = (void *)sop->aead.digest.data;
+               digest.iova = sop->aead.digest.phys_addr;
+       }
+
+       n = rte_crypto_mbuf_to_vec(sop->m_src, 0, max_len,
+                       data_vec, RTE_DIM(data_vec));
+       if (n < 0 || n > sop->m_src->nb_segs) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               goto exit;
+       }
+
+       sgl.num = n;
+
+       if (rte_cryptodev_raw_enqueue_burst(ctx, &vec, ofs, (void **)&op,
+                       &enqueue_status) < 1) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               goto exit;
+       }
+
+       if (enqueue_status == 0) {
+               status = rte_cryptodev_raw_enqueue_done(ctx, 1);
+               if (status < 0) {
+                       op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                       goto exit;
+               }
+       } else if (enqueue_status < 0) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               goto exit;
+       }
+
+       n = n_success = 0;
+       while (count++ < MAX_RAW_DEQUEUE_COUNT && n == 0) {
+               n = rte_cryptodev_raw_dequeue_burst(ctx,
+                       NULL, 1, post_process_raw_dp_op,
+                               (void **)&ret_op, 0, &n_success,
+                               &dequeue_status);
+               if (dequeue_status < 0) {
+                       op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                       goto exit;
+               }
+               if (n == 0)
+                       rte_pause();
+       }
+
+       if (n == 1 && dequeue_status == 0) {
+               if (rte_cryptodev_raw_dequeue_done(ctx, 1) < 0) {
+                       op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                       goto exit;
+               }
+       }
+
+       op->status = (count == MAX_RAW_DEQUEUE_COUNT + 1 || ret_op != op ||
+                       n_success < 1) ? RTE_CRYPTO_OP_STATUS_ERROR :
+                                       RTE_CRYPTO_OP_STATUS_SUCCESS;
+
+exit:
+       free(ctx);
+}
+
  static void
  process_cpu_aead_op(uint8_t dev_id, struct rte_crypto_op *op)
  {
         int32_t n, st;
-       void *iv;
         struct rte_crypto_sym_op *sop;
         union rte_crypto_sym_ofs ofs;
         struct rte_crypto_sgl sgl;
         struct rte_crypto_sym_vec symvec;
+       struct rte_crypto_va_iova_ptr iv_ptr, aad_ptr, digest_ptr;
         struct rte_crypto_vec vec[UINT8_MAX];
  
         sop = op->sym;
@@ -171,13 +389,17 @@ process_cpu_aead_op(uint8_t dev_id, struct rte_crypto_op *op)
         sgl.vec = vec;
         sgl.num = n;
         symvec.sgl = &sgl;
-       iv = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
-       symvec.iv = &iv;
-       symvec.aad = (void **)&sop->aead.aad.data;
-       symvec.digest = (void **)&sop->aead.digest.data;
+       symvec.iv = &iv_ptr;
+       symvec.digest = &digest_ptr;
+       symvec.aad = &aad_ptr;
         symvec.status = &st;
         symvec.num = 1;
  
+       /* for CPU crypto the IOVA address is not required */
+       iv_ptr.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+       digest_ptr.va = (void *)sop->aead.digest.data;
+       aad_ptr.va = (void *)sop->aead.aad.data;
+
         ofs.raw = 0;
  
         n = rte_cryptodev_sym_cpu_crypto_process(dev_id, sop->session, ofs,
@@ -193,11 +415,11 @@ static void
  process_cpu_crypt_auth_op(uint8_t dev_id, struct rte_crypto_op *op)
  {
         int32_t n, st;
-       void *iv;
         struct rte_crypto_sym_op *sop;
         union rte_crypto_sym_ofs ofs;
         struct rte_crypto_sgl sgl;
         struct rte_crypto_sym_vec symvec;
+       struct rte_crypto_va_iova_ptr iv_ptr, digest_ptr;
         struct rte_crypto_vec vec[UINT8_MAX];
  
         sop = op->sym;
@@ -213,13 +435,14 @@ process_cpu_crypt_auth_op(uint8_t dev_id, struct rte_crypto_op *op)
         sgl.vec = vec;
         sgl.num = n;
         symvec.sgl = &sgl;
-       iv = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
-       symvec.iv = &iv;
-       symvec.aad = (void **)&sop->aead.aad.data;
-       symvec.digest = (void **)&sop->auth.digest.data;
+       symvec.iv = &iv_ptr;
+       symvec.digest = &digest_ptr;
         symvec.status = &st;
         symvec.num = 1;
  
+       iv_ptr.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+       digest_ptr.va = (void *)sop->auth.digest.data;
+
         ofs.raw = 0;
         ofs.ofs.cipher.head = sop->cipher.data.offset - sop->auth.data.offset;
         ofs.ofs.cipher.tail = (sop->auth.data.offset + sop->auth.data.length) -
@@ -475,33 +698,33 @@ testsuite_setup(void)
                 }
         }
  
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
         char vdev_args[VDEV_ARGS_SIZE] = {""};
         char temp_str[VDEV_ARGS_SIZE] = {"mode=multi-core,"
                 "ordering=enable,name=cryptodev_test_scheduler,corelist="};
-       uint16_t slave_core_count = 0;
+       uint16_t worker_core_count = 0;
         uint16_t socket_id = 0;
  
         if (gbl_driver_id == rte_cryptodev_driver_id_get(
                         RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD))) {
  
-               /* Identify the Slave Cores
-                * Use 2 slave cores for the device args
+               /* Identify the Worker Cores
+                * Use 2 worker cores for the device args
                  */
-               RTE_LCORE_FOREACH_SLAVE(i) {
-                       if (slave_core_count > 1)
+               RTE_LCORE_FOREACH_WORKER(i) {
+                       if (worker_core_count > 1)
                                 break;
                         snprintf(vdev_args, sizeof(vdev_args),
                                         "%s%d", temp_str, i);
                         strcpy(temp_str, vdev_args);
                         strlcat(temp_str, ";", sizeof(temp_str));
-                       slave_core_count++;
+                       worker_core_count++;
                         socket_id = rte_lcore_to_socket_id(i);
                 }
-               if (slave_core_count != 2) {
+               if (worker_core_count != 2) {
                         RTE_LOG(ERR, USER1,
                                 "Cryptodev scheduler test require at least "
-                               "two slave cores to run. "
+                               "two worker cores to run. "
                                 "Please use the correct coremask.\n");
                         return TEST_FAILED;
                 }
@@ -522,7 +745,7 @@ testsuite_setup(void)
                                 i, RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD));
                 }
         }
-#endif /* RTE_LIBRTE_PMD_CRYPTO_SCHEDULER */
+#endif /* RTE_CRYPTO_SCHEDULER */
  
         nb_devs = rte_cryptodev_count();
         if (nb_devs < 1) {
@@ -553,9 +776,15 @@ testsuite_setup(void)
         unsigned int session_size =
                 rte_cryptodev_sym_get_private_session_size(dev_id);
  
+#ifdef RTE_LIB_SECURITY
+       unsigned int security_session_size = rte_security_session_get_size(
+                       rte_cryptodev_get_sec_ctx(dev_id));
+
+       if (session_size < security_session_size)
+               session_size = security_session_size;
+#endif
         /*
-        * Create mempool with maximum number of sessions * 2,
-        * to include the session headers
+        * Create mempool with maximum number of sessions.
          */
         if (info.sym.max_nb_sessions != 0 &&
                         info.sym.max_nb_sessions < MAX_NB_SESSIONS) {
@@ -607,6 +836,7 @@ static void
  testsuite_teardown(void)
  {
         struct crypto_testsuite_params *ts_params = &testsuite_params;
+       int res;
  
         if (ts_params->mbuf_pool != NULL) {
                 RTE_LOG(DEBUG, USER1, "CRYPTO_MBUFPOOL count %u\n",
@@ -628,10 +858,14 @@ testsuite_teardown(void)
                 rte_mempool_free(ts_params->session_mpool);
                 ts_params->session_mpool = NULL;
         }
+
+       res = rte_cryptodev_close(ts_params->valid_devs[0]);
+       if (res)
+               RTE_LOG(ERR, USER1, "Crypto device close error %d\n", res);
  }
  
  static int
-ut_setup(void)
+dev_configure_and_start(uint64_t ff_disable)
  {
         struct crypto_testsuite_params *ts_params = &testsuite_params;
         struct crypto_unittest_params *ut_params = &unittest_params;
@@ -643,7 +877,7 @@ ut_setup(void)
  
         /* Reconfigure device to default parameters */
         ts_params->conf.socket_id = SOCKET_ID_ANY;
-       ts_params->conf.ff_disable = RTE_CRYPTODEV_FF_SECURITY;
+       ts_params->conf.ff_disable = ff_disable;
         ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
         ts_params->qp_conf.mp_session = ts_params->session_mpool;
         ts_params->qp_conf.mp_session_private = ts_params->session_priv_mpool;
@@ -673,6 +907,20 @@ ut_setup(void)
         return TEST_SUCCESS;
  }
  
+static int
+ut_setup(void)
+{
+       /* Configure and start the device with security feature disabled */
+       return dev_configure_and_start(RTE_CRYPTODEV_FF_SECURITY);
+}
+
+static int
+ut_setup_security(void)
+{
+       /* Configure and start the device with no features disabled */
+       return dev_configure_and_start(0);
+}
+
  static void
  ut_teardown(void)
  {
@@ -681,7 +929,7 @@ ut_teardown(void)
         struct rte_cryptodev_stats stats;
  
         /* free crypto session structure */
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
         if (ut_params->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
                 if (ut_params->sec_session) {
                         rte_security_session_destroy(rte_cryptodev_get_sec_ctx
@@ -741,7 +989,7 @@ test_device_configure_invalid_dev_id(void)
                         "Need at least %d devices for test", 1);
  
         /* valid dev_id values */
-       dev_id = ts_params->valid_devs[ts_params->valid_dev_count - 1];
+       dev_id = ts_params->valid_devs[0];
  
         /* Stop the device in case it's started so it can be configured */
         rte_cryptodev_stop(dev_id);
@@ -1642,6 +1890,9 @@ test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                         ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 0, 0);
         else
                 TEST_ASSERT_NOT_NULL(
                                 process_crypto_request(ts_params->valid_devs[0],
@@ -1696,12 +1947,18 @@ test_AES_cipheronly_all(void)
  static int
  test_AES_docsis_all(void)
  {
+       /* Data-path service does not support DOCSIS yet */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
         return test_blockcipher(BLKCIPHER_AES_DOCSIS_TYPE);
  }
  
  static int
  test_DES_docsis_all(void)
  {
+       /* Data-path service does not support DOCSIS yet */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
         return test_blockcipher(BLKCIPHER_DES_DOCSIS_TYPE);
  }
  
@@ -2416,6 +2673,15 @@ test_snow3g_authentication(const struct snow3g_hash_test_data *tdata)
                 return -ENOTSUP;
         }
  
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
         cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
@@ -2456,7 +2722,11 @@ test_snow3g_authentication(const struct snow3g_hash_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                 ut_params->op);
         ut_params->obuf = ut_params->op->sym->m_src;
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -2494,6 +2764,15 @@ test_snow3g_authentication_verify(const struct snow3g_hash_test_data *tdata)
                 return -ENOTSUP;
         }
  
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
         cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
@@ -2535,7 +2814,11 @@ test_snow3g_authentication_verify(const struct snow3g_hash_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                 ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
         ut_params->obuf = ut_params->op->sym->m_src;
@@ -2561,6 +2844,19 @@ test_kasumi_authentication(const struct kasumi_hash_test_data *tdata)
         unsigned plaintext_pad_len;
         unsigned plaintext_len;
         uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -2605,6 +2901,9 @@ test_kasumi_authentication(const struct kasumi_hash_test_data *tdata)
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                         ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
         else
                 ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
@@ -2634,6 +2933,19 @@ test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata)
         unsigned plaintext_pad_len;
         unsigned plaintext_len;
         uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -2676,7 +2988,11 @@ test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                 ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
         ut_params->obuf = ut_params->op->sym->m_src;
@@ -2841,6 +3157,19 @@ test_kasumi_encryption(const struct kasumi_test_data *tdata)
         uint8_t *plaintext, *ciphertext;
         unsigned plaintext_pad_len;
         unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -2883,8 +3212,12 @@ test_kasumi_encryption(const struct kasumi_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
-                                               ut_params->op);
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+                               ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
  
         ut_params->obuf = ut_params->op->sym->m_dst;
@@ -2940,6 +3273,15 @@ test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata)
                 return -ENOTSUP;
         }
  
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Create KASUMI session */
         retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                         RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -2969,7 +3311,11 @@ test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                 ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
  
@@ -3012,10 +3358,17 @@ test_kasumi_encryption_oop(const struct kasumi_test_data *tdata)
         struct rte_cryptodev_sym_capability_idx cap_idx;
         cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
         cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       /* Data-path service does not support OOP */
         if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Create KASUMI session */
         retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                         RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3097,6 +3450,12 @@ test_kasumi_encryption_oop_sgl(const struct kasumi_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
         uint64_t feat_flags = dev_info.feature_flags;
@@ -3182,6 +3541,12 @@ test_kasumi_decryption_oop(const struct kasumi_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Create KASUMI session */
         retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                         RTE_CRYPTO_CIPHER_OP_DECRYPT,
@@ -3250,6 +3615,19 @@ test_kasumi_decryption(const struct kasumi_test_data *tdata)
         uint8_t *ciphertext, *plaintext;
         unsigned ciphertext_pad_len;
         unsigned ciphertext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -3292,7 +3670,11 @@ test_kasumi_decryption(const struct kasumi_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                 ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
  
@@ -3325,6 +3707,19 @@ test_snow3g_encryption(const struct snow3g_test_data *tdata)
         uint8_t *plaintext, *ciphertext;
         unsigned plaintext_pad_len;
         unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -3367,7 +3762,11 @@ test_snow3g_encryption(const struct snow3g_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                 ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
  
@@ -3408,6 +3807,12 @@ test_snow3g_encryption_oop(const struct snow3g_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Create SNOW 3G session */
         retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                         RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3491,6 +3896,12 @@ test_snow3g_encryption_oop_sgl(const struct snow3g_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
         uint64_t feat_flags = dev_info.feature_flags;
@@ -3610,6 +4021,12 @@ test_snow3g_encryption_offset_oop(const struct snow3g_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Create SNOW 3G session */
         retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                         RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3700,6 +4117,19 @@ static int test_snow3g_decryption(const struct snow3g_test_data *tdata)
         uint8_t *plaintext, *ciphertext;
         unsigned ciphertext_pad_len;
         unsigned ciphertext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -3742,7 +4172,11 @@ static int test_snow3g_decryption(const struct snow3g_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                 ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
         ut_params->obuf = ut_params->op->sym->m_dst;
@@ -3780,6 +4214,12 @@ static int test_snow3g_decryption_oop(const struct snow3g_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Create SNOW 3G session */
         retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                         RTE_CRYPTO_CIPHER_OP_DECRYPT,
@@ -3867,6 +4307,15 @@ test_zuc_cipher_auth(const struct wireless_test_data *tdata)
                 return -ENOTSUP;
         }
  
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Check if device supports ZUC EEA3 */
         cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
         cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_ZUC_EEA3;
@@ -3910,7 +4359,11 @@ test_zuc_cipher_auth(const struct wireless_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
         ut_params->obuf = ut_params->op->sym->m_src;
@@ -3950,6 +4403,19 @@ test_snow3g_cipher_auth(const struct snow3g_test_data *tdata)
         uint8_t *plaintext, *ciphertext;
         unsigned plaintext_pad_len;
         unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -4005,7 +4471,11 @@ test_snow3g_cipher_auth(const struct snow3g_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
         ut_params->obuf = ut_params->op->sym->m_src;
@@ -4064,6 +4534,9 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata,
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
         uint64_t feat_flags = dev_info.feature_flags;
@@ -4073,6 +4546,14 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata,
                         printf("Device doesn't support digest encrypted.\n");
                         return -ENOTSUP;
                 }
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
+       }
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
         }
  
         /* Create SNOW 3G session */
@@ -4141,7 +4622,11 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata,
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
  
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -4241,6 +4726,9 @@ test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata,
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
         uint64_t feat_flags = dev_info.feature_flags;
@@ -4251,7 +4739,14 @@ test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata,
                                         "in both input and output mbufs.\n");
                         return -ENOTSUP;
                 }
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
         } else {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                 if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) {
                         printf("Device doesn't support out-of-place scatter-gather "
                                         "in both input and output mbufs.\n");
@@ -4330,7 +4825,11 @@ test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata,
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
  
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -4438,7 +4937,18 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata,
  
         uint64_t feat_flags = dev_info.feature_flags;
  
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         if (op_mode == OUT_OF_PLACE) {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                 if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) {
                         printf("Device doesn't support digest encrypted.\n");
                         return -ENOTSUP;
@@ -4512,7 +5022,11 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata,
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
  
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -4613,6 +5127,9 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata,
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
         uint64_t feat_flags = dev_info.feature_flags;
@@ -4623,7 +5140,14 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata,
                                         "in both input and output mbufs.\n");
                         return -ENOTSUP;
                 }
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
         } else {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                 if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) {
                         printf("Device doesn't support out-of-place scatter-gather "
                                         "in both input and output mbufs.\n");
@@ -4702,7 +5226,11 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata,
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
  
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -4787,6 +5315,19 @@ test_kasumi_cipher_auth(const struct kasumi_test_data *tdata)
         uint8_t *plaintext, *ciphertext;
         unsigned plaintext_pad_len;
         unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -4843,7 +5384,11 @@ test_kasumi_cipher_auth(const struct kasumi_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
  
@@ -4886,6 +5431,19 @@ test_zuc_encryption(const struct wireless_test_data *tdata)
         uint8_t *plaintext, *ciphertext;
         unsigned plaintext_pad_len;
         unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
  
         struct rte_cryptodev_sym_capability_idx cap_idx;
  
@@ -4930,7 +5488,11 @@ test_zuc_encryption(const struct wireless_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                 ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
  
@@ -4975,6 +5537,9 @@ test_zuc_encryption_sgl(const struct wireless_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
         uint64_t feat_flags = dev_info.feature_flags;
@@ -4985,6 +5550,12 @@ test_zuc_encryption_sgl(const struct wireless_test_data *tdata)
                 return -ENOTSUP;
         }
  
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
         plaintext_len = ceil_byte_length(tdata->plaintext.len);
  
         /* Append data which is padded to a multiple */
@@ -5017,7 +5588,11 @@ test_zuc_encryption_sgl(const struct wireless_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                 ut_params->op);
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
  
@@ -5065,6 +5640,15 @@ test_zuc_authentication(const struct wireless_test_data *tdata)
                 return -ENOTSUP;
         }
  
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
         /* Check if device supports ZUC EIA3 */
         cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
         cap_idx.algo.auth = RTE_CRYPTO_AUTH_ZUC_EIA3;
@@ -5105,7 +5689,11 @@ test_zuc_authentication(const struct wireless_test_data *tdata)
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                 ut_params->op);
         ut_params->obuf = ut_params->op->sym->m_src;
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -5162,7 +5750,15 @@ test_zuc_auth_cipher(const struct wireless_test_data *tdata,
                                         "in both input and output mbufs.\n");
                         return -ENOTSUP;
                 }
+
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
         } else {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                 if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) {
                         printf("Device doesn't support out-of-place scatter-gather "
                                         "in both input and output mbufs.\n");
@@ -5237,7 +5833,11 @@ test_zuc_auth_cipher(const struct wireless_test_data *tdata,
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
  
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -5344,7 +5944,15 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata,
                                         "in both input and output mbufs.\n");
                         return -ENOTSUP;
                 }
+
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
         } else {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                 if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) {
                         printf("Device doesn't support out-of-place scatter-gather "
                                         "in both input and output mbufs.\n");
@@ -5423,7 +6031,11 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata,
         if (retval < 0)
                 return retval;
  
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
  
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -5566,6 +6178,9 @@ test_kasumi_decryption_test_case_2(void)
  static int
  test_kasumi_decryption_test_case_3(void)
  {
+       /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
         return test_kasumi_decryption(&kasumi_test_case_3);
  }
  
@@ -5708,6 +6323,16 @@ static int
  test_snow3g_decryption_with_digest_test_case_1(void)
  {
         struct snow3g_hash_test_data snow3g_hash_data;
+       struct rte_cryptodev_info dev_info;
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) {
+               printf("Device doesn't support encrypted digest operations.\n");
+               return -ENOTSUP;
+       }
  
         /*
          * Function prepare data for hash veryfication test case.
@@ -5765,6 +6390,9 @@ test_snow3g_auth_cipher_part_digest_enc_oop(void)
  static int
  test_snow3g_auth_cipher_test_case_3_sgl(void)
  {
+       /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
         return test_snow3g_auth_cipher_sgl(
                 &snow3g_auth_cipher_test_case_3, IN_PLACE, 0);
  }
@@ -5779,6 +6407,9 @@ test_snow3g_auth_cipher_test_case_3_oop_sgl(void)
  static int
  test_snow3g_auth_cipher_part_digest_enc_sgl(void)
  {
+       /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
         return test_snow3g_auth_cipher_sgl(
                 &snow3g_auth_cipher_partial_digest_encryption,
                         IN_PLACE, 0);
@@ -6137,6 +6768,8 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
         /* Check if device supports particular algorithms separately */
         if (test_mixed_check_if_unsupported(tdata))
                 return -ENOTSUP;
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
  
         rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
@@ -6178,9 +6811,11 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
         /* clear mbuf payload */
         memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
                 rte_pktmbuf_tailroom(ut_params->ibuf));
-       if (op_mode == OUT_OF_PLACE)
+       if (op_mode == OUT_OF_PLACE) {
+
                 memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0,
                                 rte_pktmbuf_tailroom(ut_params->obuf));
+       }
  
         ciphertext_len = ceil_byte_length(tdata->ciphertext.len_bits);
         plaintext_len = ceil_byte_length(tdata->plaintext.len_bits);
@@ -6221,8 +6856,7 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
         if (retval < 0)
                 return retval;
  
-       op = process_crypto_request(ts_params->valid_devs[0],
-                       ut_params->op);
+       op = process_crypto_request(ts_params->valid_devs[0], ut_params->op);
  
         /* Check if the op failed because the device doesn't */
         /* support this particular combination of algorithms */
@@ -6328,6 +6962,8 @@ test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata,
         /* Check if device supports particular algorithms */
         if (test_mixed_check_if_unsupported(tdata))
                 return -ENOTSUP;
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
  
         rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
@@ -6426,8 +7062,7 @@ test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata,
         if (retval < 0)
                 return retval;
  
-       op = process_crypto_request(ts_params->valid_devs[0],
-                       ut_params->op);
+       op = process_crypto_request(ts_params->valid_devs[0], ut_params->op);
  
         /* Check if the op failed because the device doesn't */
         /* support this particular combination of algorithms */
@@ -6437,7 +7072,6 @@ test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata,
                                 "Test Skipped.\n");
                 return -ENOTSUP;
         }
-
         ut_params->op = op;
  
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -6980,6 +7614,16 @@ test_authenticated_encryption(const struct aead_test_data *tdata)
         uint8_t *ciphertext, *auth_tag;
         uint16_t plaintext_pad_len;
         uint32_t i;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -7029,6 +7673,9 @@ test_authenticated_encryption(const struct aead_test_data *tdata)
         /* Process crypto operation */
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_aead_op(ts_params->valid_devs[0], ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 0, 0, 0);
         else
                 TEST_ASSERT_NOT_NULL(
                         process_crypto_request(ts_params->valid_devs[0],
@@ -7071,9 +7718,10 @@ test_authenticated_encryption(const struct aead_test_data *tdata)
  
  }
  
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
  static int
-security_proto_supported(enum rte_security_session_protocol proto)
+security_proto_supported(enum rte_security_session_action_type action,
+       enum rte_security_session_protocol proto)
  {
         struct crypto_testsuite_params *ts_params = &testsuite_params;
  
@@ -7093,7 +7741,8 @@ security_proto_supported(enum rte_security_session_protocol proto)
  
         while ((capability = &capabilities[i++])->action !=
                         RTE_SECURITY_ACTION_TYPE_NONE) {
-               if (capability->protocol == proto)
+               if (capability->action == action &&
+                               capability->protocol == proto)
                         return 0;
         }
  
@@ -7105,14 +7754,18 @@ security_proto_supported(enum rte_security_session_protocol proto)
   * on input_vec. Checks the output of the crypto operation against
   * output_vec.
   */
-static int
-test_pdcp_proto(int i, int oop,
-       enum rte_crypto_cipher_operation opc,
-       enum rte_crypto_auth_operation opa,
-       uint8_t *input_vec,
-       unsigned int input_vec_len,
-       uint8_t *output_vec,
-       unsigned int output_vec_len)
+static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,
+                          enum rte_crypto_auth_operation opa,
+                          const uint8_t *input_vec, unsigned int input_vec_len,
+                          const uint8_t *output_vec,
+                          unsigned int output_vec_len,
+                          enum rte_crypto_cipher_algorithm cipher_alg,
+                          const uint8_t *cipher_key, uint32_t cipher_key_len,
+                          enum rte_crypto_auth_algorithm auth_alg,
+                          const uint8_t *auth_key, uint32_t auth_key_len,
+                          uint8_t bearer, enum rte_security_pdcp_domain domain,
+                          uint8_t packet_direction, uint8_t sn_size,
+                          uint32_t hfn, uint32_t hfn_threshold, uint8_t sdap)
  {
         struct crypto_testsuite_params *ts_params = &testsuite_params;
         struct crypto_unittest_params *ut_params = &unittest_params;
@@ -7125,9 +7778,9 @@ test_pdcp_proto(int i, int oop,
         /* Verify the capabilities */
         struct rte_security_capability_idx sec_cap_idx;
  
-       sec_cap_idx.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
+       sec_cap_idx.action = ut_params->type;
         sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP;
-       sec_cap_idx.pdcp.domain = pdcp_test_params[i].domain;
+       sec_cap_idx.pdcp.domain = domain;
         if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL)
                 return -ENOTSUP;
  
@@ -7151,29 +7804,24 @@ test_pdcp_proto(int i, int oop,
                 rte_pktmbuf_append(ut_params->obuf, output_vec_len);
         }
  
-       /* Set crypto type as IPSEC */
-       ut_params->type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
-
         /* Setup Cipher Parameters */
         ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
-       ut_params->cipher_xform.cipher.algo = pdcp_test_params[i].cipher_alg;
+       ut_params->cipher_xform.cipher.algo = cipher_alg;
         ut_params->cipher_xform.cipher.op = opc;
-       ut_params->cipher_xform.cipher.key.data = pdcp_test_crypto_key[i];
-       ut_params->cipher_xform.cipher.key.length =
-                                       pdcp_test_params[i].cipher_key_len;
+       ut_params->cipher_xform.cipher.key.data = cipher_key;
+       ut_params->cipher_xform.cipher.key.length = cipher_key_len;
         ut_params->cipher_xform.cipher.iv.length =
-                               pdcp_test_packet_direction[i] ? 4 : 0;
+                               packet_direction ? 4 : 0;
         ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET;
  
         /* Setup HMAC Parameters if ICV header is required */
-       if (pdcp_test_params[i].auth_alg != 0) {
+       if (auth_alg != 0) {
                 ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
                 ut_params->auth_xform.next = NULL;
-               ut_params->auth_xform.auth.algo = pdcp_test_params[i].auth_alg;
+               ut_params->auth_xform.auth.algo = auth_alg;
                 ut_params->auth_xform.auth.op = opa;
-               ut_params->auth_xform.auth.key.data = pdcp_test_auth_key[i];
-               ut_params->auth_xform.auth.key.length =
-                                       pdcp_test_params[i].auth_key_len;
+               ut_params->auth_xform.auth.key.data = auth_key;
+               ut_params->auth_xform.auth.key.length = auth_key_len;
  
                 ut_params->cipher_xform.next = &ut_params->auth_xform;
         } else {
@@ -7181,32 +7829,33 @@ test_pdcp_proto(int i, int oop,
         }
  
         struct rte_security_session_conf sess_conf = {
-               .action_type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+               .action_type = ut_params->type,
                 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
                 {.pdcp = {
-                       .bearer = pdcp_test_bearer[i],
-                       .domain = pdcp_test_params[i].domain,
-                       .pkt_dir = pdcp_test_packet_direction[i],
-                       .sn_size = pdcp_test_data_sn_size[i],
-                       .hfn = pdcp_test_packet_direction[i] ?
-                               0 : pdcp_test_hfn[i],
-                               /**
-                                * hfn can be set as pdcp_test_hfn[i]
-                                * if hfn_ovrd is not set. Here, PDCP
-                                * packet direction is just used to
-                                * run half of the cases with session
-                                * HFN and other half with per packet
-                                * HFN.
-                                */
-                       .hfn_threshold = pdcp_test_hfn_threshold[i],
-                       .hfn_ovrd = pdcp_test_packet_direction[i] ? 1 : 0,
+                       .bearer = bearer,
+                       .domain = domain,
+                       .pkt_dir = packet_direction,
+                       .sn_size = sn_size,
+                       .hfn = packet_direction ? 0 : hfn,
+                       /**
+                        * hfn can be set as pdcp_test_hfn[i]
+                        * if hfn_ovrd is not set. Here, PDCP
+                        * packet direction is just used to
+                        * run half of the cases with session
+                        * HFN and other half with per packet
+                        * HFN.
+                        */
+                       .hfn_threshold = hfn_threshold,
+                       .hfn_ovrd = packet_direction ? 1 : 0,
+                       .sdap_enabled = sdap,
                 } },
                 .crypto_xform = &ut_params->cipher_xform
         };
  
         /* Create security session */
         ut_params->sec_session = rte_security_session_create(ctx,
-                               &sess_conf, ts_params->session_priv_mpool);
+                               &sess_conf, ts_params->session_mpool,
+                               ts_params->session_priv_mpool);
  
         if (!ut_params->sec_session) {
                 printf("TestCase %s()-%d line %d failed %s: ",
@@ -7228,7 +7877,7 @@ test_pdcp_proto(int i, int oop,
  
         uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ut_params->op,
                                         uint32_t *, IV_OFFSET);
-       *per_pkt_hfn = pdcp_test_packet_direction[i] ? pdcp_test_hfn[i] : 0;
+       *per_pkt_hfn = packet_direction ? hfn : 0;
  
         rte_security_attach_session(ut_params->op, ut_params->sec_session);
  
@@ -7315,7 +7964,7 @@ test_pdcp_proto_SGL(int i, int oop,
         /* Verify the capabilities */
         struct rte_security_capability_idx sec_cap_idx;
  
-       sec_cap_idx.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
+       sec_cap_idx.action = ut_params->type;
         sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP;
         sec_cap_idx.pdcp.domain = pdcp_test_params[i].domain;
         if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL)
@@ -7425,8 +8074,6 @@ test_pdcp_proto_SGL(int i, int oop,
                 ut_params->obuf->nb_segs = segs;
         }
  
-       ut_params->type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
-
         /* Setup Cipher Parameters */
         ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
         ut_params->cipher_xform.cipher.algo = pdcp_test_params[i].cipher_alg;
@@ -7452,7 +8099,7 @@ test_pdcp_proto_SGL(int i, int oop,
         }
  
         struct rte_security_session_conf sess_conf = {
-               .action_type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+               .action_type = ut_params->type,
                 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
                 {.pdcp = {
                         .bearer = pdcp_test_bearer[i],
@@ -7468,7 +8115,8 @@ test_pdcp_proto_SGL(int i, int oop,
  
         /* Create security session */
         ut_params->sec_session = rte_security_session_create(ctx,
-                               &sess_conf, ts_params->session_priv_mpool);
+                               &sess_conf, ts_params->session_mpool,
+                               ts_params->session_priv_mpool);
  
         if (!ut_params->sec_session) {
                 printf("TestCase %s()-%d line %d failed %s: ",
@@ -7571,74 +8219,97 @@ on_err:
  int
  test_pdcp_proto_cplane_encap(int i)
  {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_ENCRYPT,
-               RTE_CRYPTO_AUTH_OP_GENERATE,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i],
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i]+4);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4,
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
  }
  
  int
  test_pdcp_proto_uplane_encap(int i)
  {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_ENCRYPT,
-               RTE_CRYPTO_AUTH_OP_GENERATE,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i],
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i]);
-
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i],
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
  }
  
  int
  test_pdcp_proto_uplane_encap_with_int(int i)
  {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_ENCRYPT,
-               RTE_CRYPTO_AUTH_OP_GENERATE,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i],
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i] + 4);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4,
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
  }
  
  int
  test_pdcp_proto_cplane_decap(int i)
  {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_DECRYPT,
-               RTE_CRYPTO_AUTH_OP_VERIFY,
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i] + 4,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i]);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY,
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
  }
  
  int
  test_pdcp_proto_uplane_decap(int i)
  {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_DECRYPT,
-               RTE_CRYPTO_AUTH_OP_VERIFY,
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i],
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i]);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY,
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i],
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
  }
  
  int
  test_pdcp_proto_uplane_decap_with_int(int i)
  {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_DECRYPT,
-               RTE_CRYPTO_AUTH_OP_VERIFY,
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i] + 4,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i]);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY,
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
  }
  
  static int
@@ -7707,10 +8378,95 @@ test_PDCP_PROTO_SGL_oop_128B_32B(void)
                         128, 32);
  }
  
+static int
+test_PDCP_SDAP_PROTO_encap_all(void)
+{
+       int i = 0, size = 0;
+       int err, all_err = TEST_SUCCESS;
+       const struct pdcp_sdap_test *cur_test;
+
+       size = ARRAY_SIZE(list_pdcp_sdap_tests);
+
+       for (i = 0; i < size; i++) {
+               cur_test = &list_pdcp_sdap_tests[i];
+               err = test_pdcp_proto(
+                       i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT,
+                       RTE_CRYPTO_AUTH_OP_GENERATE, cur_test->data_in,
+                       cur_test->in_len, cur_test->data_out,
+                       cur_test->in_len + ((cur_test->auth_key) ? 4 : 0),
+                       cur_test->param.cipher_alg, cur_test->cipher_key,
+                       cur_test->param.cipher_key_len,
+                       cur_test->param.auth_alg,
+                       cur_test->auth_key, cur_test->param.auth_key_len,
+                       cur_test->bearer, cur_test->param.domain,
+                       cur_test->packet_direction, cur_test->sn_size,
+                       cur_test->hfn,
+                       cur_test->hfn_threshold, SDAP_ENABLED);
+               if (err) {
+                       printf("\t%d) %s: Encapsulation failed\n",
+                                       cur_test->test_idx,
+                                       cur_test->param.name);
+                       err = TEST_FAILED;
+               } else {
+                       printf("\t%d) %s: Encap PASS\n", cur_test->test_idx,
+                                       cur_test->param.name);
+                       err = TEST_SUCCESS;
+               }
+               all_err += err;
+       }
+
+       printf("Success: %d, Failure: %d\n", size + all_err, -all_err);
+
+       return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED;
+}
+
+static int
+test_PDCP_SDAP_PROTO_decap_all(void)
+{
+       int i = 0, size = 0;
+       int err, all_err = TEST_SUCCESS;
+       const struct pdcp_sdap_test *cur_test;
+
+       size = ARRAY_SIZE(list_pdcp_sdap_tests);
+
+       for (i = 0; i < size; i++) {
+               cur_test = &list_pdcp_sdap_tests[i];
+               err = test_pdcp_proto(
+                       i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT,
+                       RTE_CRYPTO_AUTH_OP_VERIFY,
+                       cur_test->data_out,
+                       cur_test->in_len + ((cur_test->auth_key) ? 4 : 0),
+                       cur_test->data_in, cur_test->in_len,
+                       cur_test->param.cipher_alg,
+                       cur_test->cipher_key, cur_test->param.cipher_key_len,
+                       cur_test->param.auth_alg, cur_test->auth_key,
+                       cur_test->param.auth_key_len, cur_test->bearer,
+                       cur_test->param.domain, cur_test->packet_direction,
+                       cur_test->sn_size, cur_test->hfn,
+                       cur_test->hfn_threshold, SDAP_ENABLED);
+               if (err) {
+                       printf("\t%d) %s: Decapsulation failed\n",
+                                       cur_test->test_idx,
+                                       cur_test->param.name);
+                       err = TEST_FAILED;
+               } else {
+                       printf("\t%d) %s: Decap PASS\n", cur_test->test_idx,
+                                       cur_test->param.name);
+                       err = TEST_SUCCESS;
+               }
+               all_err += err;
+       }
+
+       printf("Success: %d, Failure: %d\n", size + all_err, -all_err);
+
+       return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED;
+}
+
  static int
  test_PDCP_PROTO_all(void)
  {
         struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct crypto_unittest_params *ut_params = &unittest_params;
         struct rte_cryptodev_info dev_info;
         int status;
  
@@ -7720,7 +8476,13 @@ test_PDCP_PROTO_all(void)
         if (!(feat_flags & RTE_CRYPTODEV_FF_SECURITY))
                 return -ENOTSUP;
  
-       if (security_proto_supported(RTE_SECURITY_PROTOCOL_PDCP) < 0)
+       /* Set action type */
+       ut_params->type = gbl_action_type == RTE_SECURITY_ACTION_TYPE_NONE ?
+               RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL :
+               gbl_action_type;
+
+       if (security_proto_supported(ut_params->type,
+                       RTE_SECURITY_PROTOCOL_PDCP) < 0)
                 return -ENOTSUP;
  
         status = test_PDCP_PROTO_cplane_encap_all();
@@ -7731,6 +8493,8 @@ test_PDCP_PROTO_all(void)
         status += test_PDCP_PROTO_SGL_oop_32B_128B();
         status += test_PDCP_PROTO_SGL_oop_32B_40B();
         status += test_PDCP_PROTO_SGL_oop_128B_32B();
+       status += test_PDCP_SDAP_PROTO_encap_all();
+       status += test_PDCP_SDAP_PROTO_decap_all();
  
         if (status)
                 return TEST_FAILED;
@@ -7760,7 +8524,7 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td)
         const struct rte_cryptodev_symmetric_capability *sym_cap;
         int j = 0;
  
-       sec_cap_idx.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
+       sec_cap_idx.action = ut_params->type;
         sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_DOCSIS;
         sec_cap_idx.docsis.direction = RTE_SECURITY_DOCSIS_UPLINK;
  
@@ -7796,9 +8560,6 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td)
  
         memcpy(ciphertext, d_td->ciphertext.data, d_td->ciphertext.len);
  
-       /* Set session action type */
-       ut_params->type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
-
         /* Setup cipher session parameters */
         ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
         ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI;
@@ -7821,6 +8582,7 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td)
  
         /* Create security session */
         ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
+                                       ts_params->session_mpool,
                                         ts_params->session_priv_mpool);
  
         if (!ut_params->sec_session) {
@@ -7938,7 +8700,7 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td)
         const struct rte_cryptodev_symmetric_capability *sym_cap;
         int j = 0;
  
-       sec_cap_idx.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
+       sec_cap_idx.action = ut_params->type;
         sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_DOCSIS;
         sec_cap_idx.docsis.direction = RTE_SECURITY_DOCSIS_DOWNLINK;
  
@@ -7974,9 +8736,6 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td)
  
         memcpy(plaintext, d_td->plaintext.data, d_td->plaintext.len);
  
-       /* Set session action type */
-       ut_params->type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
-
         /* Setup cipher session parameters */
         ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
         ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI;
@@ -7999,6 +8758,7 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td)
  
         /* Create security session */
         ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
+                                       ts_params->session_mpool,
                                         ts_params->session_priv_mpool);
  
         if (!ut_params->sec_session) {
@@ -8192,6 +8952,7 @@ static int
  test_DOCSIS_PROTO_all(void)
  {
         struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct crypto_unittest_params *ut_params = &unittest_params;
         struct rte_cryptodev_info dev_info;
         int status;
  
@@ -8201,7 +8962,13 @@ test_DOCSIS_PROTO_all(void)
         if (!(feat_flags & RTE_CRYPTODEV_FF_SECURITY))
                 return -ENOTSUP;
  
-       if (security_proto_supported(RTE_SECURITY_PROTOCOL_DOCSIS) < 0)
+       /* Set action type */
+       ut_params->type = gbl_action_type == RTE_SECURITY_ACTION_TYPE_NONE ?
+               RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL :
+               gbl_action_type;
+
+       if (security_proto_supported(ut_params->type,
+                       RTE_SECURITY_PROTOCOL_DOCSIS) < 0)
                 return -ENOTSUP;
  
         status = test_DOCSIS_PROTO_uplink_all();
@@ -8472,6 +9239,16 @@ test_authenticated_decryption(const struct aead_test_data *tdata)
         int retval;
         uint8_t *plaintext;
         uint32_t i;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -8521,6 +9298,9 @@ test_authenticated_decryption(const struct aead_test_data *tdata)
         /* Process crypto operation */
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_aead_op(ts_params->valid_devs[0], ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 0, 0, 0);
         else
                 TEST_ASSERT_NOT_NULL(
                         process_crypto_request(ts_params->valid_devs[0],
@@ -8815,6 +9595,9 @@ test_authenticated_encryption_oop(const struct aead_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
         /* not supported with CPU crypto */
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 return -ENOTSUP;
@@ -8904,8 +9687,9 @@ test_authenticated_decryption_oop(const struct aead_test_data *tdata)
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
-       /* not supported with CPU crypto */
-       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+       /* not supported with CPU crypto and raw data-path APIs*/
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO ||
+                       global_api_test_type == CRYPTODEV_RAW_API_TEST)
                 return -ENOTSUP;
  
         /* Create AEAD session */
@@ -9091,6 +9875,12 @@ test_authenticated_decryption_sessionless(
                 return -ENOTSUP;
         }
  
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
         /* not supported with CPU crypto */
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 return -ENOTSUP;
@@ -9132,8 +9922,13 @@ test_authenticated_decryption_sessionless(
                         "crypto op session type not sessionless");
  
         /* Process crypto operation */
-       TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0],
-                       ut_params->op), "failed to process sym crypto op");
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 0, 0, 0);
+       else
+               TEST_ASSERT_NOT_NULL(process_crypto_request(
+                       ts_params->valid_devs[0], ut_params->op),
+                               "failed to process sym crypto op");
  
         TEST_ASSERT_NOT_NULL(ut_params->op, "failed crypto process");
  
@@ -9307,9 +10102,7 @@ test_stats(void)
                 "rte_cryptodev_stats_get invalid Param failed");
  
         /* Test expected values */
-       ut_setup();
         test_AES_CBC_HMAC_SHA1_encrypt_digest();
-       ut_teardown();
         TEST_ASSERT_SUCCESS(rte_cryptodev_stats_get(ts_params->valid_devs[0],
                         &stats),
                 "rte_cryptodev_stats_get failed");
@@ -9425,6 +10218,16 @@ test_MD5_HMAC_generate(const struct HMAC_MD5_vector *test_case)
  
         struct crypto_testsuite_params *ts_params = &testsuite_params;
         struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -9453,6 +10256,9 @@ test_MD5_HMAC_generate(const struct HMAC_MD5_vector *test_case)
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                         ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
         else
                 TEST_ASSERT_NOT_NULL(
                         process_crypto_request(ts_params->valid_devs[0],
@@ -9485,6 +10291,16 @@ test_MD5_HMAC_verify(const struct HMAC_MD5_vector *test_case)
  
         struct crypto_testsuite_params *ts_params = &testsuite_params;
         struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -9511,6 +10327,9 @@ test_MD5_HMAC_verify(const struct HMAC_MD5_vector *test_case)
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                         ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
         else
                 TEST_ASSERT_NOT_NULL(
                         process_crypto_request(ts_params->valid_devs[0],
@@ -9917,63 +10736,350 @@ test_null_burst_operation(void)
         return TEST_SUCCESS;
  }
  
-static void
-generate_gmac_large_plaintext(uint8_t *data)
+static uint16_t
+test_enq_callback(uint16_t dev_id, uint16_t qp_id, struct rte_crypto_op **ops,
+                 uint16_t nb_ops, void *user_param)
  {
-       uint16_t i;
+       RTE_SET_USED(dev_id);
+       RTE_SET_USED(qp_id);
+       RTE_SET_USED(ops);
+       RTE_SET_USED(user_param);
  
-       for (i = 32; i < GMAC_LARGE_PLAINTEXT_LENGTH; i += 32)
-               memcpy(&data[i], &data[0], 32);
+       printf("crypto enqueue callback called\n");
+       return nb_ops;
+}
+
+static uint16_t
+test_deq_callback(uint16_t dev_id, uint16_t qp_id, struct rte_crypto_op **ops,
+                 uint16_t nb_ops, void *user_param)
+{
+       RTE_SET_USED(dev_id);
+       RTE_SET_USED(qp_id);
+       RTE_SET_USED(ops);
+       RTE_SET_USED(user_param);
+
+       printf("crypto dequeue callback called\n");
+       return nb_ops;
  }
  
+/*
+ * Thread using enqueue/dequeue callback with RCU.
+ */
  static int
-create_gmac_operation(enum rte_crypto_auth_operation op,
-               const struct gmac_test_data *tdata)
+test_enqdeq_callback_thread(void *arg)
+{
+       RTE_SET_USED(arg);
+       /* DP thread calls rte_cryptodev_enqueue_burst()/
+        * rte_cryptodev_dequeue_burst() and invokes callback.
+        */
+       test_null_burst_operation();
+       return 0;
+}
+
+static int
+test_enq_callback_setup(void)
  {
         struct crypto_testsuite_params *ts_params = &testsuite_params;
-       struct crypto_unittest_params *ut_params = &unittest_params;
-       struct rte_crypto_sym_op *sym_op;
+       struct rte_cryptodev_info dev_info;
+       struct rte_cryptodev_qp_conf qp_conf = {
+               .nb_descriptors = MAX_NUM_OPS_INFLIGHT
+       };
  
-       uint32_t plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16);
+       struct rte_cryptodev_cb *cb;
+       uint16_t qp_id = 0;
  
-       /* Generate Crypto op data structure */
-       ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
-                       RTE_CRYPTO_OP_TYPE_SYMMETRIC);
-       TEST_ASSERT_NOT_NULL(ut_params->op,
-                       "Failed to allocate symmetric crypto operation struct");
+       /* Stop the device in case it's started so it can be configured */
+       rte_cryptodev_stop(ts_params->valid_devs[0]);
  
-       sym_op = ut_params->op->sym;
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
  
-       sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append(
-                       ut_params->ibuf, tdata->gmac_tag.len);
-       TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data,
-                       "no room to append digest");
+       TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0],
+                       &ts_params->conf),
+                       "Failed to configure cryptodev %u",
+                       ts_params->valid_devs[0]);
  
-       sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset(
-                       ut_params->ibuf, plaintext_pad_len);
+       qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
+       qp_conf.mp_session = ts_params->session_mpool;
+       qp_conf.mp_session_private = ts_params->session_priv_mpool;
  
-       if (op == RTE_CRYPTO_AUTH_OP_VERIFY) {
-               rte_memcpy(sym_op->auth.digest.data, tdata->gmac_tag.data,
-                               tdata->gmac_tag.len);
-               debug_hexdump(stdout, "digest:",
-                               sym_op->auth.digest.data,
-                               tdata->gmac_tag.len);
-       }
+       TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
+                       ts_params->valid_devs[0], qp_id, &qp_conf,
+                       rte_cryptodev_socket_id(ts_params->valid_devs[0])),
+                       "Failed test for "
+                       "rte_cryptodev_queue_pair_setup: num_inflights "
+                       "%u on qp %u on cryptodev %u",
+                       qp_conf.nb_descriptors, qp_id,
+                       ts_params->valid_devs[0]);
  
-       uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op,
-                       uint8_t *, IV_OFFSET);
+       /* Test with invalid crypto device */
+       cb = rte_cryptodev_add_enq_callback(RTE_CRYPTO_MAX_DEVS,
+                       qp_id, test_enq_callback, NULL);
+       TEST_ASSERT_NULL(cb, "Add callback on qp %u on "
+                       "cryptodev %u did not fail",
+                       qp_id, RTE_CRYPTO_MAX_DEVS);
+
+       /* Test with invalid queue pair */
+       cb = rte_cryptodev_add_enq_callback(ts_params->valid_devs[0],
+                       dev_info.max_nb_queue_pairs + 1,
+                       test_enq_callback, NULL);
+       TEST_ASSERT_NULL(cb, "Add callback on qp %u on "
+                       "cryptodev %u did not fail",
+                       dev_info.max_nb_queue_pairs + 1,
+                       ts_params->valid_devs[0]);
  
-       rte_memcpy(iv_ptr, tdata->iv.data, tdata->iv.len);
+       /* Test with NULL callback */
+       cb = rte_cryptodev_add_enq_callback(ts_params->valid_devs[0],
+                       qp_id, NULL, NULL);
+       TEST_ASSERT_NULL(cb, "Add callback on qp %u on "
+                       "cryptodev %u did not fail",
+                       qp_id, ts_params->valid_devs[0]);
  
-       debug_hexdump(stdout, "iv:", iv_ptr, tdata->iv.len);
+       /* Test with valid configuration */
+       cb = rte_cryptodev_add_enq_callback(ts_params->valid_devs[0],
+                       qp_id, test_enq_callback, NULL);
+       TEST_ASSERT_NOT_NULL(cb, "Failed test to add callback on "
+                       "qp %u on cryptodev %u",
+                       qp_id, ts_params->valid_devs[0]);
  
-       sym_op->cipher.data.length = 0;
-       sym_op->cipher.data.offset = 0;
+       rte_cryptodev_start(ts_params->valid_devs[0]);
  
-       sym_op->auth.data.offset = 0;
-       sym_op->auth.data.length = tdata->plaintext.len;
+       /* Launch a thread */
+       rte_eal_remote_launch(test_enqdeq_callback_thread, NULL,
+                               rte_get_next_lcore(-1, 1, 0));
  
-       return 0;
+       /* Wait until reader exited. */
+       rte_eal_mp_wait_lcore();
+
+       /* Test with invalid crypto device */
+       TEST_ASSERT_FAIL(rte_cryptodev_remove_enq_callback(
+                       RTE_CRYPTO_MAX_DEVS, qp_id, cb),
+                       "Expected call to fail as crypto device is invalid");
+
+       /* Test with invalid queue pair */
+       TEST_ASSERT_FAIL(rte_cryptodev_remove_enq_callback(
+                       ts_params->valid_devs[0],
+                       dev_info.max_nb_queue_pairs + 1, cb),
+                       "Expected call to fail as queue pair is invalid");
+
+       /* Test with NULL callback */
+       TEST_ASSERT_FAIL(rte_cryptodev_remove_enq_callback(
+                       ts_params->valid_devs[0], qp_id, NULL),
+                       "Expected call to fail as callback is NULL");
+
+       /* Test with valid configuration */
+       TEST_ASSERT_SUCCESS(rte_cryptodev_remove_enq_callback(
+                       ts_params->valid_devs[0], qp_id, cb),
+                       "Failed test to remove callback on "
+                       "qp %u on cryptodev %u",
+                       qp_id, ts_params->valid_devs[0]);
+
+       return TEST_SUCCESS;
+}
+
+static int
+test_deq_callback_setup(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct rte_cryptodev_info dev_info;
+       struct rte_cryptodev_qp_conf qp_conf = {
+               .nb_descriptors = MAX_NUM_OPS_INFLIGHT
+       };
+
+       struct rte_cryptodev_cb *cb;
+       uint16_t qp_id = 0;
+
+       /* Stop the device in case it's started so it can be configured */
+       rte_cryptodev_stop(ts_params->valid_devs[0]);
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+
+       TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0],
+                       &ts_params->conf),
+                       "Failed to configure cryptodev %u",
+                       ts_params->valid_devs[0]);
+
+       qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
+       qp_conf.mp_session = ts_params->session_mpool;
+       qp_conf.mp_session_private = ts_params->session_priv_mpool;
+
+       TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
+                       ts_params->valid_devs[0], qp_id, &qp_conf,
+                       rte_cryptodev_socket_id(ts_params->valid_devs[0])),
+                       "Failed test for "
+                       "rte_cryptodev_queue_pair_setup: num_inflights "
+                       "%u on qp %u on cryptodev %u",
+                       qp_conf.nb_descriptors, qp_id,
+                       ts_params->valid_devs[0]);
+
+       /* Test with invalid crypto device */
+       cb = rte_cryptodev_add_deq_callback(RTE_CRYPTO_MAX_DEVS,
+                       qp_id, test_deq_callback, NULL);
+       TEST_ASSERT_NULL(cb, "Add callback on qp %u on "
+                       "cryptodev %u did not fail",
+                       qp_id, RTE_CRYPTO_MAX_DEVS);
+
+       /* Test with invalid queue pair */
+       cb = rte_cryptodev_add_deq_callback(ts_params->valid_devs[0],
+                       dev_info.max_nb_queue_pairs + 1,
+                       test_deq_callback, NULL);
+       TEST_ASSERT_NULL(cb, "Add callback on qp %u on "
+                       "cryptodev %u did not fail",
+                       dev_info.max_nb_queue_pairs + 1,
+                       ts_params->valid_devs[0]);
+
+       /* Test with NULL callback */
+       cb = rte_cryptodev_add_deq_callback(ts_params->valid_devs[0],
+                       qp_id, NULL, NULL);
+       TEST_ASSERT_NULL(cb, "Add callback on qp %u on "
+                       "cryptodev %u did not fail",
+                       qp_id, ts_params->valid_devs[0]);
+
+       /* Test with valid configuration */
+       cb = rte_cryptodev_add_deq_callback(ts_params->valid_devs[0],
+                       qp_id, test_deq_callback, NULL);
+       TEST_ASSERT_NOT_NULL(cb, "Failed test to add callback on "
+                       "qp %u on cryptodev %u",
+                       qp_id, ts_params->valid_devs[0]);
+
+       rte_cryptodev_start(ts_params->valid_devs[0]);
+
+       /* Launch a thread */
+       rte_eal_remote_launch(test_enqdeq_callback_thread, NULL,
+                               rte_get_next_lcore(-1, 1, 0));
+
+       /* Wait until reader exited. */
+       rte_eal_mp_wait_lcore();
+
+       /* Test with invalid crypto device */
+       TEST_ASSERT_FAIL(rte_cryptodev_remove_deq_callback(
+                       RTE_CRYPTO_MAX_DEVS, qp_id, cb),
+                       "Expected call to fail as crypto device is invalid");
+
+       /* Test with invalid queue pair */
+       TEST_ASSERT_FAIL(rte_cryptodev_remove_deq_callback(
+                       ts_params->valid_devs[0],
+                       dev_info.max_nb_queue_pairs + 1, cb),
+                       "Expected call to fail as queue pair is invalid");
+
+       /* Test with NULL callback */
+       TEST_ASSERT_FAIL(rte_cryptodev_remove_deq_callback(
+                       ts_params->valid_devs[0], qp_id, NULL),
+                       "Expected call to fail as callback is NULL");
+
+       /* Test with valid configuration */
+       TEST_ASSERT_SUCCESS(rte_cryptodev_remove_deq_callback(
+                       ts_params->valid_devs[0], qp_id, cb),
+                       "Failed test to remove callback on "
+                       "qp %u on cryptodev %u",
+                       qp_id, ts_params->valid_devs[0]);
+
+       return TEST_SUCCESS;
+}
+
+static void
+generate_gmac_large_plaintext(uint8_t *data)
+{
+       uint16_t i;
+
+       for (i = 32; i < GMAC_LARGE_PLAINTEXT_LENGTH; i += 32)
+               memcpy(&data[i], &data[0], 32);
+}
+
+static int
+create_gmac_operation(enum rte_crypto_auth_operation op,
+               const struct gmac_test_data *tdata)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_crypto_sym_op *sym_op;
+
+       uint32_t plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16);
+
+       /* Generate Crypto op data structure */
+       ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
+                       RTE_CRYPTO_OP_TYPE_SYMMETRIC);
+       TEST_ASSERT_NOT_NULL(ut_params->op,
+                       "Failed to allocate symmetric crypto operation struct");
+
+       sym_op = ut_params->op->sym;
+
+       sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append(
+                       ut_params->ibuf, tdata->gmac_tag.len);
+       TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data,
+                       "no room to append digest");
+
+       sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset(
+                       ut_params->ibuf, plaintext_pad_len);
+
+       if (op == RTE_CRYPTO_AUTH_OP_VERIFY) {
+               rte_memcpy(sym_op->auth.digest.data, tdata->gmac_tag.data,
+                               tdata->gmac_tag.len);
+               debug_hexdump(stdout, "digest:",
+                               sym_op->auth.digest.data,
+                               tdata->gmac_tag.len);
+       }
+
+       uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op,
+                       uint8_t *, IV_OFFSET);
+
+       rte_memcpy(iv_ptr, tdata->iv.data, tdata->iv.len);
+
+       debug_hexdump(stdout, "iv:", iv_ptr, tdata->iv.len);
+
+       sym_op->cipher.data.length = 0;
+       sym_op->cipher.data.offset = 0;
+
+       sym_op->auth.data.offset = 0;
+       sym_op->auth.data.length = tdata->plaintext.len;
+
+       return 0;
+}
+
+static int
+create_gmac_operation_sgl(enum rte_crypto_auth_operation op,
+               const struct gmac_test_data *tdata,
+               void *digest_mem, uint64_t digest_phys)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_crypto_sym_op *sym_op;
+
+       /* Generate Crypto op data structure */
+       ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
+                       RTE_CRYPTO_OP_TYPE_SYMMETRIC);
+       TEST_ASSERT_NOT_NULL(ut_params->op,
+                       "Failed to allocate symmetric crypto operation struct");
+
+       sym_op = ut_params->op->sym;
+
+       sym_op->auth.digest.data = digest_mem;
+       TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data,
+                       "no room to append digest");
+
+       sym_op->auth.digest.phys_addr = digest_phys;
+
+       if (op == RTE_CRYPTO_AUTH_OP_VERIFY) {
+               rte_memcpy(sym_op->auth.digest.data, tdata->gmac_tag.data,
+                               tdata->gmac_tag.len);
+               debug_hexdump(stdout, "digest:",
+                               sym_op->auth.digest.data,
+                               tdata->gmac_tag.len);
+       }
+
+       uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op,
+                       uint8_t *, IV_OFFSET);
+
+       rte_memcpy(iv_ptr, tdata->iv.data, tdata->iv.len);
+
+       debug_hexdump(stdout, "iv:", iv_ptr, tdata->iv.len);
+
+       sym_op->cipher.data.length = 0;
+       sym_op->cipher.data.offset = 0;
+
+       sym_op->auth.data.offset = 0;
+       sym_op->auth.data.length = tdata->plaintext.len;
+
+       return 0;
  }
  
  static int create_gmac_session(uint8_t dev_id,
@@ -10016,6 +11122,16 @@ test_AES_GMAC_authentication(const struct gmac_test_data *tdata)
  {
         struct crypto_testsuite_params *ts_params = &testsuite_params;
         struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         int retval;
  
@@ -10079,6 +11195,9 @@ test_AES_GMAC_authentication(const struct gmac_test_data *tdata)
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                         ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
         else
                 TEST_ASSERT_NOT_NULL(
                         process_crypto_request(ts_params->valid_devs[0],
@@ -10137,6 +11256,16 @@ test_AES_GMAC_authentication_verify(const struct gmac_test_data *tdata)
         int retval;
         uint32_t plaintext_pad_len;
         uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0,
                               "No GMAC length in the source data");
@@ -10196,6 +11325,9 @@ test_AES_GMAC_authentication_verify(const struct gmac_test_data *tdata)
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                         ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
         else
                 TEST_ASSERT_NOT_NULL(
                         process_crypto_request(ts_params->valid_devs[0],
@@ -10232,6 +11364,166 @@ test_AES_GMAC_authentication_verify_test_case_4(void)
         return test_AES_GMAC_authentication_verify(&gmac_test_case_4);
  }
  
+static int
+test_AES_GMAC_authentication_SGL(const struct gmac_test_data *tdata,
+                               uint32_t fragsz)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_cryptodev_info dev_info;
+       uint64_t feature_flags;
+       unsigned int trn_data = 0;
+       void *digest_mem = NULL;
+       uint32_t segs = 1;
+       unsigned int to_trn = 0;
+       struct rte_mbuf *buf = NULL;
+       uint8_t *auth_tag, *plaintext;
+       int retval;
+
+       TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0,
+                             "No GMAC length in the source data");
+
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_AES_GMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
+       /* Check for any input SGL support */
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       feature_flags = dev_info.feature_flags;
+
+       if ((!(feature_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) ||
+                       (!(feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT)) ||
+                       (!(feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)))
+               return -ENOTSUP;
+
+       if (fragsz > tdata->plaintext.len)
+               fragsz = tdata->plaintext.len;
+
+       uint16_t plaintext_len = fragsz;
+
+       retval = create_gmac_session(ts_params->valid_devs[0],
+                       tdata, RTE_CRYPTO_AUTH_OP_GENERATE);
+
+       if (retval < 0)
+               return retval;
+
+       ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+       TEST_ASSERT_NOT_NULL(ut_params->ibuf,
+                       "Failed to allocate input buffer in mempool");
+
+       memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
+                       rte_pktmbuf_tailroom(ut_params->ibuf));
+
+       plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+                               plaintext_len);
+       TEST_ASSERT_NOT_NULL(plaintext, "no room to append plaintext");
+
+       memcpy(plaintext, tdata->plaintext.data, plaintext_len);
+
+       trn_data += plaintext_len;
+
+       buf = ut_params->ibuf;
+
+       /*
+        * Loop until no more fragments
+        */
+
+       while (trn_data < tdata->plaintext.len) {
+               ++segs;
+               to_trn = (tdata->plaintext.len - trn_data < fragsz) ?
+                               (tdata->plaintext.len - trn_data) : fragsz;
+
+               buf->next = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+               buf = buf->next;
+
+               memset(rte_pktmbuf_mtod(buf, uint8_t *), 0,
+                               rte_pktmbuf_tailroom(buf));
+
+               plaintext = (uint8_t *)rte_pktmbuf_append(buf,
+                               to_trn);
+
+               memcpy(plaintext, tdata->plaintext.data + trn_data,
+                               to_trn);
+               trn_data += to_trn;
+               if (trn_data  == tdata->plaintext.len)
+                       digest_mem = (uint8_t *)rte_pktmbuf_append(buf,
+                                       tdata->gmac_tag.len);
+       }
+       ut_params->ibuf->nb_segs = segs;
+
+       /*
+        * Place digest at the end of the last buffer
+        */
+       uint64_t digest_phys = rte_pktmbuf_iova(buf) + to_trn;
+
+       if (!digest_mem) {
+               digest_mem = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+                               + tdata->gmac_tag.len);
+               digest_phys = rte_pktmbuf_iova_offset(ut_params->ibuf,
+                               tdata->plaintext.len);
+       }
+
+       retval = create_gmac_operation_sgl(RTE_CRYPTO_AUTH_OP_GENERATE,
+                       tdata, digest_mem, digest_phys);
+
+       if (retval < 0)
+               return retval;
+
+       rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess);
+
+       ut_params->op->sym->m_src = ut_params->ibuf;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
+       TEST_ASSERT_NOT_NULL(
+               process_crypto_request(ts_params->valid_devs[0],
+               ut_params->op), "failed to process sym crypto op");
+
+       TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS,
+                       "crypto op processing failed");
+
+       auth_tag = digest_mem;
+       debug_hexdump(stdout, "auth tag:", auth_tag, tdata->gmac_tag.len);
+       TEST_ASSERT_BUFFERS_ARE_EQUAL(
+                       auth_tag,
+                       tdata->gmac_tag.data,
+                       tdata->gmac_tag.len,
+                       "GMAC Generated auth tag not as expected");
+
+       return 0;
+}
+
+/* Segment size not multiple of block size (16B) */
+static int
+test_AES_GMAC_authentication_SGL_40B(void)
+{
+       return test_AES_GMAC_authentication_SGL(&gmac_test_case_1, 40);
+}
+
+static int
+test_AES_GMAC_authentication_SGL_80B(void)
+{
+       return test_AES_GMAC_authentication_SGL(&gmac_test_case_1, 80);
+}
+
+static int
+test_AES_GMAC_authentication_SGL_2048B(void)
+{
+       return test_AES_GMAC_authentication_SGL(&gmac_test_case_5, 2048);
+}
+
+/* Segment size not multiple of block size (16B) */
+static int
+test_AES_GMAC_authentication_SGL_2047B(void)
+{
+       return test_AES_GMAC_authentication_SGL(&gmac_test_case_5, 2047);
+}
+
  struct test_crypto_vector {
         enum rte_crypto_cipher_algorithm crypto_algo;
         unsigned int cipher_offset;
@@ -10711,6 +12003,16 @@ test_authentication_verify_fail_when_data_corruption(
         int retval;
  
         uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -10720,6 +12022,7 @@ test_authentication_verify_fail_when_data_corruption(
                         &cap_idx) == NULL)
                 return -ENOTSUP;
  
+
         /* Create session */
         retval = create_auth_session(ut_params,
                         ts_params->valid_devs[0],
@@ -10761,7 +12064,10 @@ test_authentication_verify_fail_when_data_corruption(
                 TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
                         RTE_CRYPTO_OP_STATUS_SUCCESS,
                         "authentication not failed");
-       } else {
+       } else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
+       else {
                 ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
                 TEST_ASSERT_NULL(ut_params->op, "authentication not failed");
@@ -10779,6 +12085,16 @@ test_authentication_verify_GMAC_fail_when_corruption(
  {
         int retval;
         uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -10832,7 +12148,10 @@ test_authentication_verify_GMAC_fail_when_corruption(
                 TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
                         RTE_CRYPTO_OP_STATUS_SUCCESS,
                         "authentication not failed");
-       } else {
+       } else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
+       else {
                 ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
                 TEST_ASSERT_NULL(ut_params->op, "authentication not failed");
@@ -10851,6 +12170,16 @@ test_authenticated_decryption_fail_when_corruption(
         int retval;
  
         uint8_t *ciphertext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -10907,7 +12236,10 @@ test_authenticated_decryption_fail_when_corruption(
                 TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
                         RTE_CRYPTO_OP_STATUS_SUCCESS,
                         "authentication not failed");
-       } else {
+       } else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 0, 0);
+       else {
                 ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
                 TEST_ASSERT_NULL(ut_params->op, "authentication not failed");
@@ -10928,6 +12260,16 @@ test_authenticated_encryt_with_esn(
         uint16_t plaintext_pad_len;
         uint8_t cipher_key[reference->cipher_key.len + 1];
         uint8_t auth_key[reference->auth_key.len + 1];
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -11002,6 +12344,9 @@ test_authenticated_encryt_with_esn(
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                         ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 0, 0);
         else
                 ut_params->op = process_crypto_request(
                         ts_params->valid_devs[0], ut_params->op);
@@ -11048,6 +12393,16 @@ test_authenticated_decrypt_with_esn(
         uint8_t *ciphertext;
         uint8_t cipher_key[reference->cipher_key.len + 1];
         uint8_t auth_key[reference->auth_key.len + 1];
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
  
         /* Verify the capabilities */
         struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -11122,6 +12477,9 @@ test_authenticated_decrypt_with_esn(
         if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                         ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 0, 0);
         else
                 ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                         ut_params->op);
@@ -11262,10 +12620,21 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
                 if (sgl_in && (!(dev_info.feature_flags &
                                 RTE_CRYPTODEV_FF_IN_PLACE_SGL)))
                         return -ENOTSUP;
+
+               uint64_t feat_flags = dev_info.feature_flags;
+
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
         } else {
                 unsigned int sgl_in = fragsz < tdata->plaintext.len;
                 unsigned int sgl_out = (fragsz_oop ? fragsz_oop : fragsz) <
                                 tdata->plaintext.len;
+               /* Raw data path API does not support OOP */
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                 if (sgl_in && !sgl_out) {
                         if (!(dev_info.feature_flags &
                                         RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT))
@@ -11461,6 +12830,9 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
         if (oop == IN_PLACE &&
                         gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                 process_cpu_aead_op(ts_params->valid_devs[0], ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 0, 0, 0);
         else
                 TEST_ASSERT_NOT_NULL(
                         process_crypto_request(ts_params->valid_devs[0],
@@ -11691,9 +13063,9 @@ test_chacha20_poly1305_decrypt_test_case_rfc8439(void)
         return test_authenticated_decryption(&chacha20_poly1305_case_rfc8439);
  }
  
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
  
-/* global AESNI slave IDs for the scheduler test */
+/* global AESNI worker IDs for the scheduler test */
  uint8_t aesni_ids[2];
  
  static int
@@ -11791,7 +13163,7 @@ test_scheduler_attach_slave_op(void)
                 ts_params->qp_conf.mp_session_private =
                                 ts_params->session_priv_mpool;
  
-               ret = rte_cryptodev_scheduler_slave_attach(sched_id,
+               ret = rte_cryptodev_scheduler_worker_attach(sched_id,
                                 (uint8_t)i);
  
                 TEST_ASSERT(ret == 0,
@@ -11815,7 +13187,7 @@ test_scheduler_detach_slave_op(void)
         int ret;
  
         for (i = 0; i < 2; i++) {
-               ret = rte_cryptodev_scheduler_slave_detach(sched_id,
+               ret = rte_cryptodev_scheduler_worker_detach(sched_id,
                                 aesni_ids[i]);
                 TEST_ASSERT(ret == 0,
                         "Failed to detach device %u", aesni_ids[i]);
@@ -11911,7 +13283,7 @@ static struct unit_test_suite cryptodev_scheduler_testsuite  = {
         }
  };
  
-#endif /* RTE_LIBRTE_PMD_CRYPTO_SCHEDULER */
+#endif /* RTE_CRYPTO_SCHEDULER */
  
  static struct unit_test_suite cryptodev_testsuite  = {
         .suite_name = "Crypto Unit Test Suite",
@@ -11924,7 +13296,6 @@ static struct unit_test_suite cryptodev_testsuite  = {
                                 test_queue_pair_descriptor_setup),
                 TEST_CASE_ST(ut_setup, ut_teardown,
                                 test_device_configure_invalid_queue_pair_ids),
-
                 TEST_CASE_ST(ut_setup, ut_teardown,
                                 test_multi_session),
                 TEST_CASE_ST(ut_setup, ut_teardown,
@@ -11933,7 +13304,6 @@ static struct unit_test_suite cryptodev_testsuite  = {
                 TEST_CASE_ST(ut_setup, ut_teardown,
                         test_null_invalid_operation),
                 TEST_CASE_ST(ut_setup, ut_teardown, test_null_burst_operation),
-
                 TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
                 TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all),
                 TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_chain_all),
@@ -12145,6 +13515,15 @@ static struct unit_test_suite cryptodev_testsuite  = {
                         test_AES_GMAC_authentication_test_case_4),
                 TEST_CASE_ST(ut_setup, ut_teardown,
                         test_AES_GMAC_authentication_verify_test_case_4),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_AES_GMAC_authentication_SGL_40B),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_AES_GMAC_authentication_SGL_80B),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_AES_GMAC_authentication_SGL_2048B),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_AES_GMAC_authentication_SGL_2047B),
+
                 /** Chacha20-Poly1305 */
                 TEST_CASE_ST(ut_setup, ut_teardown,
                         test_chacha20_poly1305_encrypt_test_case_rfc8439),
@@ -12532,12 +13911,14 @@ static struct unit_test_suite cryptodev_testsuite  = {
                 TEST_CASE_ST(ut_setup, ut_teardown,
                         test_verify_auth_aes_cmac_cipher_null_test_case_1),
  
-#ifdef RTE_LIBRTE_SECURITY
-               TEST_CASE_ST(ut_setup, ut_teardown,
+#ifdef RTE_LIB_SECURITY
+               TEST_CASE_ST(ut_setup_security, ut_teardown,
                         test_PDCP_PROTO_all),
-               TEST_CASE_ST(ut_setup, ut_teardown,
+               TEST_CASE_ST(ut_setup_security, ut_teardown,
                         test_DOCSIS_PROTO_all),
  #endif
+               TEST_CASE_ST(ut_setup, ut_teardown, test_enq_callback_setup),
+               TEST_CASE_ST(ut_setup, ut_teardown, test_deq_callback_setup),
                 TEST_CASES_END() /**< NULL terminate unit test array */
         }
  };
@@ -12573,23 +13954,6 @@ static struct unit_test_suite cryptodev_caam_jr_testsuite  = {
         }
  };
  
-static struct unit_test_suite cryptodev_armv8_testsuite  = {
-       .suite_name = "Crypto Device ARMv8 Unit Test Suite",
-       .setup = testsuite_setup,
-       .teardown = testsuite_teardown,
-       .unit_test_cases = {
-               TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
-
-               /** Negative tests */
-               TEST_CASE_ST(ut_setup, ut_teardown,
-                       auth_decryption_AES128CBC_HMAC_SHA1_fail_data_corrupt),
-               TEST_CASE_ST(ut_setup, ut_teardown,
-                       auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt),
-
-               TEST_CASES_END() /**< NULL terminate unit test array */
-       }
-};
-
  static struct unit_test_suite cryptodev_mrvl_testsuite  = {
         .suite_name = "Crypto Device Marvell Component Test Suite",
         .setup = testsuite_setup,
@@ -12646,22 +14010,6 @@ static struct unit_test_suite cryptodev_ccp_testsuite  = {
         }
  };
  
-static struct unit_test_suite cryptodev_nitrox_testsuite  = {
-       .suite_name = "Crypto NITROX Unit Test Suite",
-       .setup = testsuite_setup,
-       .teardown = testsuite_teardown,
-       .unit_test_cases = {
-               TEST_CASE_ST(ut_setup, ut_teardown,
-                            test_device_configure_invalid_dev_id),
-               TEST_CASE_ST(ut_setup, ut_teardown,
-                               test_device_configure_invalid_queue_pair_ids),
-               TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
-               TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_chain_all),
-
-               TEST_CASES_END() /**< NULL terminate unit test array */
-       }
-};
-
  static int
  test_cryptodev_qat(void /*argv __rte_unused, int argc __rte_unused*/)
  {
@@ -12669,9 +14017,7 @@ test_cryptodev_qat(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "QAT PMD must be loaded. Check that both "
-               "CONFIG_RTE_LIBRTE_PMD_QAT and CONFIG_RTE_LIBRTE_PMD_QAT_SYM "
-               "are enabled in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "QAT PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12685,9 +14031,7 @@ test_cryptodev_virtio(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_VIRTIO_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "VIRTIO PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_VIRTIO_CRYPTO is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "VIRTIO PMD must be loaded.\n");
                 return TEST_FAILED;
         }
  
@@ -12701,9 +14045,7 @@ test_cryptodev_aesni_mb(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "AESNI MB PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_AESNI_MB is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "AESNI MB PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12720,9 +14062,7 @@ test_cryptodev_cpu_aesni_mb(void)
                         RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "AESNI MB PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_AESNI_MB is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "AESNI MB PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12740,9 +14080,7 @@ test_cryptodev_openssl(void)
                         RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "OPENSSL PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_OPENSSL is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "OPENSSL PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12756,9 +14094,7 @@ test_cryptodev_aesni_gcm(void)
                         RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "AESNI GCM PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_AESNI_GCM is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "AESNI GCM PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12775,9 +14111,7 @@ test_cryptodev_cpu_aesni_gcm(void)
                         RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "AESNI GCM PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_AESNI_GCM is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "AESNI GCM PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12795,9 +14129,7 @@ test_cryptodev_null(void)
                         RTE_STR(CRYPTODEV_NAME_NULL_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "NULL PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_NULL is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "NULL PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12811,9 +14143,7 @@ test_cryptodev_sw_snow3g(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_SNOW3G_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "SNOW3G PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_SNOW3G is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "SNOW3G PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12827,9 +14157,7 @@ test_cryptodev_sw_kasumi(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_KASUMI_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "ZUC PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_KASUMI is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "ZUC PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12843,9 +14171,7 @@ test_cryptodev_sw_zuc(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_ZUC_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "ZUC PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_ZUC is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "ZUC PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12859,13 +14185,11 @@ test_cryptodev_armv8(void)
                         RTE_STR(CRYPTODEV_NAME_ARMV8_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "ARMV8 PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_ARMV8 is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "ARMV8 PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
-       return unit_test_suite_runner(&cryptodev_armv8_testsuite);
+       return unit_test_suite_runner(&cryptodev_testsuite);
  }
  
  static int
@@ -12875,16 +14199,14 @@ test_cryptodev_mrvl(void)
                         RTE_STR(CRYPTODEV_NAME_MVSAM_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "MVSAM PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_MVSAM_CRYPTO is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "MVSAM PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
         return unit_test_suite_runner(&cryptodev_mrvl_testsuite);
  }
  
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
  
  static int
  test_cryptodev_scheduler(void /*argv __rte_unused, int argc __rte_unused*/)
@@ -12893,16 +14215,13 @@ test_cryptodev_scheduler(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "SCHEDULER PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_SCHEDULER is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "SCHEDULER PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
         if (rte_cryptodev_driver_id_get(
                                 RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)) == -1) {
-               RTE_LOG(ERR, USER1, "CONFIG_RTE_LIBRTE_PMD_AESNI_MB must be"
-                       " enabled in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "AESNI MB PMD must be loaded.\n");
                 return TEST_SKIPPED;
  }
         return unit_test_suite_runner(&cryptodev_scheduler_testsuite);
@@ -12919,9 +14238,7 @@ test_cryptodev_dpaa2_sec(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "DPAA2 SEC PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "DPAA2 SEC PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12935,9 +14252,7 @@ test_cryptodev_dpaa_sec(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "DPAA SEC PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_DPAA_SEC is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "DPAA SEC PMD must be loaded.\n");
                 return TEST_SKIPPED;
         }
  
@@ -12951,9 +14266,7 @@ test_cryptodev_ccp(void)
                         RTE_STR(CRYPTODEV_NAME_CCP_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "CCP PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_CCP is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "CCP PMD must be loaded.\n");
                 return TEST_FAILED;
         }
  
@@ -12966,10 +14279,7 @@ test_cryptodev_octeontx(void)
         gbl_driver_id = rte_cryptodev_driver_id_get(
                         RTE_STR(CRYPTODEV_NAME_OCTEONTX_SYM_PMD));
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "OCTEONTX PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO is "
-                               "enabled in config file to run this "
-                               "testsuite.\n");
+               RTE_LOG(ERR, USER1, "OCTEONTX PMD must be loaded.\n");
                 return TEST_FAILED;
         }
         return unit_test_suite_runner(&cryptodev_testsuite);
@@ -12981,10 +14291,7 @@ test_cryptodev_octeontx2(void)
         gbl_driver_id = rte_cryptodev_driver_id_get(
                         RTE_STR(CRYPTODEV_NAME_OCTEONTX2_PMD));
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "OCTEON TX2 PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO is "
-                               "enabled in config file to run this "
-                               "testsuite.\n");
+               RTE_LOG(ERR, USER1, "OCTEON TX2 PMD must be loaded.\n");
                 return TEST_FAILED;
         }
         return unit_test_suite_runner(&cryptodev_testsuite);
@@ -12997,9 +14304,7 @@ test_cryptodev_caam_jr(void /*argv __rte_unused, int argc __rte_unused*/)
                         RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "CAAM_JR PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_CAAM_JR is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "CAAM_JR PMD must be loaded.\n");
                 return TEST_FAILED;
         }
  
@@ -13013,15 +14318,49 @@ test_cryptodev_nitrox(void)
                         RTE_STR(CRYPTODEV_NAME_NITROX_PMD));
  
         if (gbl_driver_id == -1) {
-               RTE_LOG(ERR, USER1, "NITROX PMD must be loaded. Check if "
-                               "CONFIG_RTE_LIBRTE_PMD_NITROX is enabled "
-                               "in config file to run this testsuite.\n");
+               RTE_LOG(ERR, USER1, "NITROX PMD must be loaded.\n");
+               return TEST_FAILED;
+       }
+
+       return unit_test_suite_runner(&cryptodev_testsuite);
+}
+
+static int
+test_cryptodev_bcmfs(void)
+{
+       gbl_driver_id = rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_BCMFS_PMD));
+
+       if (gbl_driver_id == -1) {
+               RTE_LOG(ERR, USER1, "BCMFS PMD must be loaded.\n");
                 return TEST_FAILED;
         }
  
-       return unit_test_suite_runner(&cryptodev_nitrox_testsuite);
+       return unit_test_suite_runner(&cryptodev_testsuite);
+}
+
+static int
+test_cryptodev_qat_raw_api(void /*argv __rte_unused, int argc __rte_unused*/)
+{
+       int ret;
+
+       gbl_driver_id = rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD));
+
+       if (gbl_driver_id == -1) {
+               RTE_LOG(ERR, USER1, "QAT PMD must be loaded.\n");
+               return TEST_SKIPPED;
+       }
+
+       global_api_test_type = CRYPTODEV_RAW_API_TEST;
+       ret = unit_test_suite_runner(&cryptodev_testsuite);
+       global_api_test_type = CRYPTODEV_API_TEST;
+
+       return ret;
  }
  
+REGISTER_TEST_COMMAND(cryptodev_qat_raw_api_autotest,
+               test_cryptodev_qat_raw_api);
  REGISTER_TEST_COMMAND(cryptodev_qat_autotest, test_cryptodev_qat);
  REGISTER_TEST_COMMAND(cryptodev_aesni_mb_autotest, test_cryptodev_aesni_mb);
  REGISTER_TEST_COMMAND(cryptodev_cpu_aesni_mb_autotest,
@@ -13044,3 +14383,4 @@ REGISTER_TEST_COMMAND(cryptodev_octeontx_autotest, test_cryptodev_octeontx);
  REGISTER_TEST_COMMAND(cryptodev_octeontx2_autotest, test_cryptodev_octeontx2);
  REGISTER_TEST_COMMAND(cryptodev_caam_jr_autotest, test_cryptodev_caam_jr);
  REGISTER_TEST_COMMAND(cryptodev_nitrox_autotest, test_cryptodev_nitrox);
+REGISTER_TEST_COMMAND(cryptodev_bcmfs_autotest, test_cryptodev_bcmfs);