git.droids-corp.org / dpdk.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
doc: remove references to make from cryptodevs guide
[dpdk.git] / app / test / test_cryptodev.c
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index d702cb9..384b487 100644 (file)
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -1,5 +1,6 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  * Copyright(c) 2015-2020 Intel Corporation
+ * Copyright 2020 NXP
  */
 
 #include <time.h>
@@ -18,7 +19,7 @@
 #include <rte_cryptodev_pmd.h>
 #include <rte_string_fns.h>
 
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
 #include <rte_cryptodev_scheduler.h>
 #include <rte_cryptodev_scheduler_operations.h>
 #endif
@@ -40,23 +41,37 @@
 #include "test_cryptodev_aead_test_vectors.h"
 #include "test_cryptodev_hmac_test_vectors.h"
 #include "test_cryptodev_mixed_test_vectors.h"
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 #include "test_cryptodev_security_pdcp_test_vectors.h"
+#include "test_cryptodev_security_pdcp_sdap_test_vectors.h"
 #include "test_cryptodev_security_pdcp_test_func.h"
 #include "test_cryptodev_security_docsis_test_vectors.h"
+
+#define SDAP_DISABLED  0
+#define SDAP_ENABLED   1
 #endif
 
 #define VDEV_ARGS_SIZE 100
 #define MAX_NB_SESSIONS 4
 
+#define MAX_DRV_SERVICE_CTX_SIZE 256
+
+#define MAX_RAW_DEQUEUE_COUNT  65535
+
 #define IN_PLACE 0
 #define OUT_OF_PLACE 1
 
+#ifndef ARRAY_SIZE
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+#endif
+
 static int gbl_driver_id;
 
 static enum rte_security_session_action_type gbl_action_type =
        RTE_SECURITY_ACTION_TYPE_NONE;
 
+enum cryptodev_api_test_type global_api_test_type = CRYPTODEV_API_TEST;
+
 struct crypto_testsuite_params {
        struct rte_mempool *mbuf_pool;
        struct rte_mempool *large_mbuf_pool;
@@ -74,17 +89,17 @@ struct crypto_unittest_params {
        struct rte_crypto_sym_xform cipher_xform;
        struct rte_crypto_sym_xform auth_xform;
        struct rte_crypto_sym_xform aead_xform;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
        struct rte_security_docsis_xform docsis_xform;
 #endif
 
        union {
                struct rte_cryptodev_sym_session *sess;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
                struct rte_security_session *sec_session;
 #endif
        };
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
        enum rte_security_session_action_type type;
 #endif
        struct rte_crypto_op *op;
@@ -147,15 +162,224 @@ ceil_byte_length(uint32_t num_bits)
                return (num_bits >> 3);
 }
 
+static uint32_t
+get_raw_dp_dequeue_count(void *user_data __rte_unused)
+{
+       return 1;
+}
+
+static void
+post_process_raw_dp_op(void *user_data,        uint32_t index __rte_unused,
+               uint8_t is_op_success)
+{
+       struct rte_crypto_op *op = user_data;
+       op->status = is_op_success ? RTE_CRYPTO_OP_STATUS_SUCCESS :
+                       RTE_CRYPTO_OP_STATUS_ERROR;
+}
+
+void
+process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id,
+               struct rte_crypto_op *op, uint8_t is_cipher, uint8_t is_auth,
+               uint8_t len_in_bits, uint8_t cipher_iv_len)
+{
+       struct rte_crypto_sym_op *sop = op->sym;
+       struct rte_crypto_op *ret_op = NULL;
+       struct rte_crypto_vec data_vec[UINT8_MAX];
+       struct rte_crypto_va_iova_ptr cipher_iv, digest, aad_auth_iv;
+       union rte_crypto_sym_ofs ofs;
+       struct rte_crypto_sym_vec vec;
+       struct rte_crypto_sgl sgl;
+       uint32_t max_len;
+       union rte_cryptodev_session_ctx sess;
+       uint32_t count = 0;
+       struct rte_crypto_raw_dp_ctx *ctx;
+       uint32_t cipher_offset = 0, cipher_len = 0, auth_offset = 0,
+                       auth_len = 0;
+       int32_t n;
+       uint32_t n_success;
+       int ctx_service_size;
+       int32_t status = 0;
+       int enqueue_status, dequeue_status;
+
+       ctx_service_size = rte_cryptodev_get_raw_dp_ctx_size(dev_id);
+       if (ctx_service_size < 0) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               return;
+       }
+
+       ctx = malloc(ctx_service_size);
+       if (!ctx) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               return;
+       }
+
+       /* Both are enums, setting crypto_sess will suit any session type */
+       sess.crypto_sess = op->sym->session;
+
+       if (rte_cryptodev_configure_raw_dp_ctx(dev_id, qp_id, ctx,
+                       op->sess_type, sess, 0) < 0) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               goto exit;
+       }
+
+       cipher_iv.iova = 0;
+       cipher_iv.va = NULL;
+       aad_auth_iv.iova = 0;
+       aad_auth_iv.va = NULL;
+       digest.iova = 0;
+       digest.va = NULL;
+       sgl.vec = data_vec;
+       vec.num = 1;
+       vec.sgl = &sgl;
+       vec.iv = &cipher_iv;
+       vec.digest = &digest;
+       vec.aad = &aad_auth_iv;
+       vec.status = &status;
+
+       ofs.raw = 0;
+
+       if (is_cipher && is_auth) {
+               cipher_offset = sop->cipher.data.offset;
+               cipher_len = sop->cipher.data.length;
+               auth_offset = sop->auth.data.offset;
+               auth_len = sop->auth.data.length;
+               max_len = RTE_MAX(cipher_offset + cipher_len,
+                               auth_offset + auth_len);
+               if (len_in_bits) {
+                       max_len = max_len >> 3;
+                       cipher_offset = cipher_offset >> 3;
+                       auth_offset = auth_offset >> 3;
+                       cipher_len = cipher_len >> 3;
+                       auth_len = auth_len >> 3;
+               }
+               ofs.ofs.cipher.head = cipher_offset;
+               ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
+               ofs.ofs.auth.head = auth_offset;
+               ofs.ofs.auth.tail = max_len - auth_offset - auth_len;
+               cipher_iv.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+               cipher_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET);
+               aad_auth_iv.va = rte_crypto_op_ctod_offset(
+                               op, void *, IV_OFFSET + cipher_iv_len);
+               aad_auth_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET +
+                               cipher_iv_len);
+               digest.va = (void *)sop->auth.digest.data;
+               digest.iova = sop->auth.digest.phys_addr;
+
+       } else if (is_cipher) {
+               cipher_offset = sop->cipher.data.offset;
+               cipher_len = sop->cipher.data.length;
+               max_len = cipher_len + cipher_offset;
+               if (len_in_bits) {
+                       max_len = max_len >> 3;
+                       cipher_offset = cipher_offset >> 3;
+                       cipher_len = cipher_len >> 3;
+               }
+               ofs.ofs.cipher.head = cipher_offset;
+               ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
+               cipher_iv.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+               cipher_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET);
+
+       } else if (is_auth) {
+               auth_offset = sop->auth.data.offset;
+               auth_len = sop->auth.data.length;
+               max_len = auth_len + auth_offset;
+               if (len_in_bits) {
+                       max_len = max_len >> 3;
+                       auth_offset = auth_offset >> 3;
+                       auth_len = auth_len >> 3;
+               }
+               ofs.ofs.auth.head = auth_offset;
+               ofs.ofs.auth.tail = max_len - auth_offset - auth_len;
+               aad_auth_iv.va = rte_crypto_op_ctod_offset(
+                               op, void *, IV_OFFSET + cipher_iv_len);
+               aad_auth_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET +
+                               cipher_iv_len);
+               digest.va = (void *)sop->auth.digest.data;
+               digest.iova = sop->auth.digest.phys_addr;
+
+       } else { /* aead */
+               cipher_offset = sop->aead.data.offset;
+               cipher_len = sop->aead.data.length;
+               max_len = cipher_len + cipher_offset;
+               if (len_in_bits) {
+                       max_len = max_len >> 3;
+                       cipher_offset = cipher_offset >> 3;
+                       cipher_len = cipher_len >> 3;
+               }
+               ofs.ofs.cipher.head = cipher_offset;
+               ofs.ofs.cipher.tail = max_len - cipher_offset - cipher_len;
+               cipher_iv.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+               cipher_iv.iova = rte_crypto_op_ctophys_offset(op, IV_OFFSET);
+               aad_auth_iv.va = (void *)sop->aead.aad.data;
+               aad_auth_iv.iova = sop->aead.aad.phys_addr;
+               digest.va = (void *)sop->aead.digest.data;
+               digest.iova = sop->aead.digest.phys_addr;
+       }
+
+       n = rte_crypto_mbuf_to_vec(sop->m_src, 0, max_len,
+                       data_vec, RTE_DIM(data_vec));
+       if (n < 0 || n > sop->m_src->nb_segs) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               goto exit;
+       }
+
+       sgl.num = n;
+
+       if (rte_cryptodev_raw_enqueue_burst(ctx, &vec, ofs, (void **)&op,
+                       &enqueue_status) < 1) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               goto exit;
+       }
+
+       if (enqueue_status == 0) {
+               status = rte_cryptodev_raw_enqueue_done(ctx, 1);
+               if (status < 0) {
+                       op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                       goto exit;
+               }
+       } else if (enqueue_status < 0) {
+               op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+               goto exit;
+       }
+
+       n = n_success = 0;
+       while (count++ < MAX_RAW_DEQUEUE_COUNT && n == 0) {
+               n = rte_cryptodev_raw_dequeue_burst(ctx,
+                       get_raw_dp_dequeue_count, post_process_raw_dp_op,
+                               (void **)&ret_op, 0, &n_success,
+                               &dequeue_status);
+               if (dequeue_status < 0) {
+                       op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                       goto exit;
+               }
+               if (n == 0)
+                       rte_pause();
+       }
+
+       if (n == 1 && dequeue_status == 0) {
+               if (rte_cryptodev_raw_dequeue_done(ctx, 1) < 0) {
+                       op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                       goto exit;
+               }
+       }
+
+       op->status = (count == MAX_RAW_DEQUEUE_COUNT + 1 || ret_op != op ||
+                       n_success < 1) ? RTE_CRYPTO_OP_STATUS_ERROR :
+                                       RTE_CRYPTO_OP_STATUS_SUCCESS;
+
+exit:
+       free(ctx);
+}
+
 static void
 process_cpu_aead_op(uint8_t dev_id, struct rte_crypto_op *op)
 {
        int32_t n, st;
-       void *iv;
        struct rte_crypto_sym_op *sop;
        union rte_crypto_sym_ofs ofs;
        struct rte_crypto_sgl sgl;
        struct rte_crypto_sym_vec symvec;
+       struct rte_crypto_va_iova_ptr iv_ptr, aad_ptr, digest_ptr;
        struct rte_crypto_vec vec[UINT8_MAX];
 
        sop = op->sym;
@@ -171,13 +395,17 @@ process_cpu_aead_op(uint8_t dev_id, struct rte_crypto_op *op)
        sgl.vec = vec;
        sgl.num = n;
        symvec.sgl = &sgl;
-       iv = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
-       symvec.iv = &iv;
-       symvec.aad = (void **)&sop->aead.aad.data;
-       symvec.digest = (void **)&sop->aead.digest.data;
+       symvec.iv = &iv_ptr;
+       symvec.digest = &digest_ptr;
+       symvec.aad = &aad_ptr;
        symvec.status = &st;
        symvec.num = 1;
 
+       /* for CPU crypto the IOVA address is not required */
+       iv_ptr.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+       digest_ptr.va = (void *)sop->aead.digest.data;
+       aad_ptr.va = (void *)sop->aead.aad.data;
+
        ofs.raw = 0;
 
        n = rte_cryptodev_sym_cpu_crypto_process(dev_id, sop->session, ofs,
@@ -193,11 +421,11 @@ static void
 process_cpu_crypt_auth_op(uint8_t dev_id, struct rte_crypto_op *op)
 {
        int32_t n, st;
-       void *iv;
        struct rte_crypto_sym_op *sop;
        union rte_crypto_sym_ofs ofs;
        struct rte_crypto_sgl sgl;
        struct rte_crypto_sym_vec symvec;
+       struct rte_crypto_va_iova_ptr iv_ptr, digest_ptr;
        struct rte_crypto_vec vec[UINT8_MAX];
 
        sop = op->sym;
@@ -213,13 +441,14 @@ process_cpu_crypt_auth_op(uint8_t dev_id, struct rte_crypto_op *op)
        sgl.vec = vec;
        sgl.num = n;
        symvec.sgl = &sgl;
-       iv = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
-       symvec.iv = &iv;
-       symvec.aad = (void **)&sop->aead.aad.data;
-       symvec.digest = (void **)&sop->auth.digest.data;
+       symvec.iv = &iv_ptr;
+       symvec.digest = &digest_ptr;
        symvec.status = &st;
        symvec.num = 1;
 
+       iv_ptr.va = rte_crypto_op_ctod_offset(op, void *, IV_OFFSET);
+       digest_ptr.va = (void *)sop->auth.digest.data;
+
        ofs.raw = 0;
        ofs.ofs.cipher.head = sop->cipher.data.offset - sop->auth.data.offset;
        ofs.ofs.cipher.tail = (sop->auth.data.offset + sop->auth.data.length) -
@@ -475,7 +704,7 @@ testsuite_setup(void)
                }
        }
 
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
        char vdev_args[VDEV_ARGS_SIZE] = {""};
        char temp_str[VDEV_ARGS_SIZE] = {"mode=multi-core,"
                "ordering=enable,name=cryptodev_test_scheduler,corelist="};
@@ -488,7 +717,7 @@ testsuite_setup(void)
                /* Identify the Worker Cores
                 * Use 2 worker cores for the device args
                 */
-               RTE_LCORE_FOREACH_SLAVE(i) {
+               RTE_LCORE_FOREACH_WORKER(i) {
                        if (worker_core_count > 1)
                                break;
                        snprintf(vdev_args, sizeof(vdev_args),
@@ -522,7 +751,7 @@ testsuite_setup(void)
                                i, RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD));
                }
        }
-#endif /* RTE_LIBRTE_PMD_CRYPTO_SCHEDULER */
+#endif /* RTE_CRYPTO_SCHEDULER */
 
        nb_devs = rte_cryptodev_count();
        if (nb_devs < 1) {
@@ -553,9 +782,15 @@ testsuite_setup(void)
        unsigned int session_size =
                rte_cryptodev_sym_get_private_session_size(dev_id);
 
+#ifdef RTE_LIB_SECURITY
+       unsigned int security_session_size = rte_security_session_get_size(
+                       rte_cryptodev_get_sec_ctx(dev_id));
+
+       if (session_size < security_session_size)
+               session_size = security_session_size;
+#endif
        /*
-        * Create mempool with maximum number of sessions * 2,
-        * to include the session headers
+        * Create mempool with maximum number of sessions.
         */
        if (info.sym.max_nb_sessions != 0 &&
                        info.sym.max_nb_sessions < MAX_NB_SESSIONS) {
@@ -695,7 +930,7 @@ ut_teardown(void)
        struct rte_cryptodev_stats stats;
 
        /* free crypto session structure */
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
        if (ut_params->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
                if (ut_params->sec_session) {
                        rte_security_session_destroy(rte_cryptodev_get_sec_ctx
@@ -1656,6 +1891,9 @@ test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                        ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 0, 0);
        else
                TEST_ASSERT_NOT_NULL(
                                process_crypto_request(ts_params->valid_devs[0],
@@ -1710,12 +1948,18 @@ test_AES_cipheronly_all(void)
 static int
 test_AES_docsis_all(void)
 {
+       /* Data-path service does not support DOCSIS yet */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
        return test_blockcipher(BLKCIPHER_AES_DOCSIS_TYPE);
 }
 
 static int
 test_DES_docsis_all(void)
 {
+       /* Data-path service does not support DOCSIS yet */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
        return test_blockcipher(BLKCIPHER_DES_DOCSIS_TYPE);
 }
 
@@ -2430,6 +2674,12 @@ test_snow3g_authentication(const struct snow3g_hash_test_data *tdata)
                return -ENOTSUP;
        }
 
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
        cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
@@ -2470,7 +2720,11 @@ test_snow3g_authentication(const struct snow3g_hash_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                ut_params->op);
        ut_params->obuf = ut_params->op->sym->m_src;
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -2508,6 +2762,12 @@ test_snow3g_authentication_verify(const struct snow3g_hash_test_data *tdata)
                return -ENOTSUP;
        }
 
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
        cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
@@ -2549,7 +2809,11 @@ test_snow3g_authentication_verify(const struct snow3g_hash_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
        ut_params->obuf = ut_params->op->sym->m_src;
@@ -2575,6 +2839,16 @@ test_kasumi_authentication(const struct kasumi_hash_test_data *tdata)
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
        uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -2619,6 +2893,9 @@ test_kasumi_authentication(const struct kasumi_hash_test_data *tdata)
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                        ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
        else
                ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
@@ -2648,6 +2925,16 @@ test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata)
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
        uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -2690,7 +2977,11 @@ test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
        ut_params->obuf = ut_params->op->sym->m_src;
@@ -2855,6 +3146,16 @@ test_kasumi_encryption(const struct kasumi_test_data *tdata)
        uint8_t *plaintext, *ciphertext;
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -2897,8 +3198,12 @@ test_kasumi_encryption(const struct kasumi_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
-                                               ut_params->op);
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+                               ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
        ut_params->obuf = ut_params->op->sym->m_dst;
@@ -2954,6 +3259,12 @@ test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata)
                return -ENOTSUP;
        }
 
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
        /* Create KASUMI session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -2983,7 +3294,11 @@ test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
@@ -3026,10 +3341,14 @@ test_kasumi_encryption_oop(const struct kasumi_test_data *tdata)
        struct rte_cryptodev_sym_capability_idx cap_idx;
        cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
        cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       /* Data-path service does not support OOP */
        if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3111,6 +3430,9 @@ test_kasumi_encryption_oop_sgl(const struct kasumi_test_data *tdata)
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -3196,6 +3518,9 @@ test_kasumi_decryption_oop(const struct kasumi_test_data *tdata)
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_DECRYPT,
@@ -3264,6 +3589,16 @@ test_kasumi_decryption(const struct kasumi_test_data *tdata)
        uint8_t *ciphertext, *plaintext;
        unsigned ciphertext_pad_len;
        unsigned ciphertext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -3306,7 +3641,11 @@ test_kasumi_decryption(const struct kasumi_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
@@ -3339,6 +3678,16 @@ test_snow3g_encryption(const struct snow3g_test_data *tdata)
        uint8_t *plaintext, *ciphertext;
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -3381,7 +3730,11 @@ test_snow3g_encryption(const struct snow3g_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
@@ -3422,6 +3775,9 @@ test_snow3g_encryption_oop(const struct snow3g_test_data *tdata)
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3505,6 +3861,9 @@ test_snow3g_encryption_oop_sgl(const struct snow3g_test_data *tdata)
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -3624,6 +3983,9 @@ test_snow3g_encryption_offset_oop(const struct snow3g_test_data *tdata)
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3714,6 +4076,16 @@ static int test_snow3g_decryption(const struct snow3g_test_data *tdata)
        uint8_t *plaintext, *ciphertext;
        unsigned ciphertext_pad_len;
        unsigned ciphertext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -3756,7 +4128,11 @@ static int test_snow3g_decryption(const struct snow3g_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
        ut_params->obuf = ut_params->op->sym->m_dst;
@@ -3794,6 +4170,9 @@ static int test_snow3g_decryption_oop(const struct snow3g_test_data *tdata)
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_DECRYPT,
@@ -3881,6 +4260,12 @@ test_zuc_cipher_auth(const struct wireless_test_data *tdata)
                return -ENOTSUP;
        }
 
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
        /* Check if device supports ZUC EEA3 */
        cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
        cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_ZUC_EEA3;
@@ -3924,7 +4309,11 @@ test_zuc_cipher_auth(const struct wireless_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
        ut_params->obuf = ut_params->op->sym->m_src;
@@ -3964,6 +4353,16 @@ test_snow3g_cipher_auth(const struct snow3g_test_data *tdata)
        uint8_t *plaintext, *ciphertext;
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -4019,7 +4418,11 @@ test_snow3g_cipher_auth(const struct snow3g_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
        ut_params->obuf = ut_params->op->sym->m_src;
@@ -4087,6 +4490,14 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata,
                        printf("Device doesn't support digest encrypted.\n");
                        return -ENOTSUP;
                }
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
+       }
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
        }
 
        /* Create SNOW 3G session */
@@ -4155,7 +4566,11 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata,
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
 
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -4265,7 +4680,14 @@ test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata,
                                        "in both input and output mbufs.\n");
                        return -ENOTSUP;
                }
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
        } else {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) {
                        printf("Device doesn't support out-of-place scatter-gather "
                                        "in both input and output mbufs.\n");
@@ -4344,7 +4766,11 @@ test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata,
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
 
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -4452,7 +4878,15 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata,
 
        uint64_t feat_flags = dev_info.feature_flags;
 
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
        if (op_mode == OUT_OF_PLACE) {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) {
                        printf("Device doesn't support digest encrypted.\n");
                        return -ENOTSUP;
@@ -4526,7 +4960,11 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata,
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
 
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -4637,7 +5075,14 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata,
                                        "in both input and output mbufs.\n");
                        return -ENOTSUP;
                }
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
        } else {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) {
                        printf("Device doesn't support out-of-place scatter-gather "
                                        "in both input and output mbufs.\n");
@@ -4716,7 +5161,11 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata,
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
 
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -4801,6 +5250,16 @@ test_kasumi_cipher_auth(const struct kasumi_test_data *tdata)
        uint8_t *plaintext, *ciphertext;
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -4857,7 +5316,11 @@ test_kasumi_cipher_auth(const struct kasumi_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
@@ -4900,6 +5363,16 @@ test_zuc_encryption(const struct wireless_test_data *tdata)
        uint8_t *plaintext, *ciphertext;
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        struct rte_cryptodev_sym_capability_idx cap_idx;
 
@@ -4944,7 +5417,11 @@ test_zuc_encryption(const struct wireless_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
@@ -4999,6 +5476,12 @@ test_zuc_encryption_sgl(const struct wireless_test_data *tdata)
                return -ENOTSUP;
        }
 
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
        plaintext_len = ceil_byte_length(tdata->plaintext.len);
 
        /* Append data which is padded to a multiple */
@@ -5031,7 +5514,11 @@ test_zuc_encryption_sgl(const struct wireless_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 0, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                                ut_params->op);
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
@@ -5079,6 +5566,12 @@ test_zuc_authentication(const struct wireless_test_data *tdata)
                return -ENOTSUP;
        }
 
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
        /* Check if device supports ZUC EIA3 */
        cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
        cap_idx.algo.auth = RTE_CRYPTO_AUTH_ZUC_EIA3;
@@ -5119,7 +5612,11 @@ test_zuc_authentication(const struct wireless_test_data *tdata)
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 1, 0);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                                ut_params->op);
        ut_params->obuf = ut_params->op->sym->m_src;
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -5176,7 +5673,15 @@ test_zuc_auth_cipher(const struct wireless_test_data *tdata,
                                        "in both input and output mbufs.\n");
                        return -ENOTSUP;
                }
+
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
        } else {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) {
                        printf("Device doesn't support out-of-place scatter-gather "
                                        "in both input and output mbufs.\n");
@@ -5251,7 +5756,11 @@ test_zuc_auth_cipher(const struct wireless_test_data *tdata,
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
 
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -5358,7 +5867,15 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata,
                                        "in both input and output mbufs.\n");
                        return -ENOTSUP;
                }
+
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
        } else {
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) {
                        printf("Device doesn't support out-of-place scatter-gather "
                                        "in both input and output mbufs.\n");
@@ -5437,7 +5954,11 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata,
        if (retval < 0)
                return retval;
 
-       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 1, tdata->cipher_iv.len);
+       else
+               ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
 
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -5580,6 +6101,9 @@ test_kasumi_decryption_test_case_2(void)
 static int
 test_kasumi_decryption_test_case_3(void)
 {
+       /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
        return test_kasumi_decryption(&kasumi_test_case_3);
 }
 
@@ -5779,6 +6303,9 @@ test_snow3g_auth_cipher_part_digest_enc_oop(void)
 static int
 test_snow3g_auth_cipher_test_case_3_sgl(void)
 {
+       /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
        return test_snow3g_auth_cipher_sgl(
                &snow3g_auth_cipher_test_case_3, IN_PLACE, 0);
 }
@@ -5793,6 +6320,9 @@ test_snow3g_auth_cipher_test_case_3_oop_sgl(void)
 static int
 test_snow3g_auth_cipher_part_digest_enc_sgl(void)
 {
+       /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
        return test_snow3g_auth_cipher_sgl(
                &snow3g_auth_cipher_partial_digest_encryption,
                        IN_PLACE, 0);
@@ -6146,11 +6676,12 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
        unsigned int ciphertext_len;
 
        struct rte_cryptodev_info dev_info;
-       struct rte_crypto_op *op;
 
        /* Check if device supports particular algorithms separately */
        if (test_mixed_check_if_unsupported(tdata))
                return -ENOTSUP;
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
 
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
@@ -6161,6 +6692,9 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
                return -ENOTSUP;
        }
 
+       if (op_mode == OUT_OF_PLACE)
+               return -ENOTSUP;
+
        /* Create the session */
        if (verify)
                retval = create_wireless_algo_cipher_auth_session(
@@ -6192,9 +6726,11 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
        /* clear mbuf payload */
        memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
                rte_pktmbuf_tailroom(ut_params->ibuf));
-       if (op_mode == OUT_OF_PLACE)
+       if (op_mode == OUT_OF_PLACE) {
+
                memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0,
                                rte_pktmbuf_tailroom(ut_params->obuf));
+       }
 
        ciphertext_len = ceil_byte_length(tdata->ciphertext.len_bits);
        plaintext_len = ceil_byte_length(tdata->plaintext.len_bits);
@@ -6235,18 +6771,17 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
        if (retval < 0)
                return retval;
 
-       op = process_crypto_request(ts_params->valid_devs[0],
+       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
 
        /* Check if the op failed because the device doesn't */
        /* support this particular combination of algorithms */
-       if (op == NULL && ut_params->op->status ==
+       if (ut_params->op == NULL && ut_params->op->status ==
                        RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
                printf("Device doesn't support this mixed combination. "
                                "Test Skipped.\n");
                return -ENOTSUP;
        }
-       ut_params->op = op;
 
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
@@ -6337,11 +6872,12 @@ test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata,
        uint8_t digest_buffer[10000];
 
        struct rte_cryptodev_info dev_info;
-       struct rte_crypto_op *op;
 
        /* Check if device supports particular algorithms */
        if (test_mixed_check_if_unsupported(tdata))
                return -ENOTSUP;
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
 
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
@@ -6440,20 +6976,18 @@ test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata,
        if (retval < 0)
                return retval;
 
-       op = process_crypto_request(ts_params->valid_devs[0],
+       ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
 
        /* Check if the op failed because the device doesn't */
        /* support this particular combination of algorithms */
-       if (op == NULL && ut_params->op->status ==
+       if (ut_params->op == NULL && ut_params->op->status ==
                        RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
                printf("Device doesn't support this mixed combination. "
                                "Test Skipped.\n");
                return -ENOTSUP;
        }
 
-       ut_params->op = op;
-
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
 
        ut_params->obuf = (op_mode == IN_PLACE ?
@@ -6994,6 +7528,16 @@ test_authenticated_encryption(const struct aead_test_data *tdata)
        uint8_t *ciphertext, *auth_tag;
        uint16_t plaintext_pad_len;
        uint32_t i;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -7043,6 +7587,9 @@ test_authenticated_encryption(const struct aead_test_data *tdata)
        /* Process crypto operation */
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_aead_op(ts_params->valid_devs[0], ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 0, 0, 0);
        else
                TEST_ASSERT_NOT_NULL(
                        process_crypto_request(ts_params->valid_devs[0],
@@ -7085,7 +7632,7 @@ test_authenticated_encryption(const struct aead_test_data *tdata)
 
 }
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 static int
 security_proto_supported(enum rte_security_session_action_type action,
        enum rte_security_session_protocol proto)
@@ -7121,14 +7668,18 @@ security_proto_supported(enum rte_security_session_action_type action,
  * on input_vec. Checks the output of the crypto operation against
  * output_vec.
  */
-static int
-test_pdcp_proto(int i, int oop,
-       enum rte_crypto_cipher_operation opc,
-       enum rte_crypto_auth_operation opa,
-       uint8_t *input_vec,
-       unsigned int input_vec_len,
-       uint8_t *output_vec,
-       unsigned int output_vec_len)
+static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,
+                          enum rte_crypto_auth_operation opa,
+                          const uint8_t *input_vec, unsigned int input_vec_len,
+                          const uint8_t *output_vec,
+                          unsigned int output_vec_len,
+                          enum rte_crypto_cipher_algorithm cipher_alg,
+                          const uint8_t *cipher_key, uint32_t cipher_key_len,
+                          enum rte_crypto_auth_algorithm auth_alg,
+                          const uint8_t *auth_key, uint32_t auth_key_len,
+                          uint8_t bearer, enum rte_security_pdcp_domain domain,
+                          uint8_t packet_direction, uint8_t sn_size,
+                          uint32_t hfn, uint32_t hfn_threshold, uint8_t sdap)
 {
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
@@ -7143,7 +7694,7 @@ test_pdcp_proto(int i, int oop,
 
        sec_cap_idx.action = ut_params->type;
        sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP;
-       sec_cap_idx.pdcp.domain = pdcp_test_params[i].domain;
+       sec_cap_idx.pdcp.domain = domain;
        if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL)
                return -ENOTSUP;
 
@@ -7169,24 +7720,22 @@ test_pdcp_proto(int i, int oop,
 
        /* Setup Cipher Parameters */
        ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
-       ut_params->cipher_xform.cipher.algo = pdcp_test_params[i].cipher_alg;
+       ut_params->cipher_xform.cipher.algo = cipher_alg;
        ut_params->cipher_xform.cipher.op = opc;
-       ut_params->cipher_xform.cipher.key.data = pdcp_test_crypto_key[i];
-       ut_params->cipher_xform.cipher.key.length =
-                                       pdcp_test_params[i].cipher_key_len;
+       ut_params->cipher_xform.cipher.key.data = cipher_key;
+       ut_params->cipher_xform.cipher.key.length = cipher_key_len;
        ut_params->cipher_xform.cipher.iv.length =
-                               pdcp_test_packet_direction[i] ? 4 : 0;
+                               packet_direction ? 4 : 0;
        ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET;
 
        /* Setup HMAC Parameters if ICV header is required */
-       if (pdcp_test_params[i].auth_alg != 0) {
+       if (auth_alg != 0) {
                ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
                ut_params->auth_xform.next = NULL;
-               ut_params->auth_xform.auth.algo = pdcp_test_params[i].auth_alg;
+               ut_params->auth_xform.auth.algo = auth_alg;
                ut_params->auth_xform.auth.op = opa;
-               ut_params->auth_xform.auth.key.data = pdcp_test_auth_key[i];
-               ut_params->auth_xform.auth.key.length =
-                                       pdcp_test_params[i].auth_key_len;
+               ut_params->auth_xform.auth.key.data = auth_key;
+               ut_params->auth_xform.auth.key.length = auth_key_len;
 
                ut_params->cipher_xform.next = &ut_params->auth_xform;
        } else {
@@ -7197,29 +7746,30 @@ test_pdcp_proto(int i, int oop,
                .action_type = ut_params->type,
                .protocol = RTE_SECURITY_PROTOCOL_PDCP,
                {.pdcp = {
-                       .bearer = pdcp_test_bearer[i],
-                       .domain = pdcp_test_params[i].domain,
-                       .pkt_dir = pdcp_test_packet_direction[i],
-                       .sn_size = pdcp_test_data_sn_size[i],
-                       .hfn = pdcp_test_packet_direction[i] ?
-                               0 : pdcp_test_hfn[i],
-                               /**
-                                * hfn can be set as pdcp_test_hfn[i]
-                                * if hfn_ovrd is not set. Here, PDCP
-                                * packet direction is just used to
-                                * run half of the cases with session
-                                * HFN and other half with per packet
-                                * HFN.
-                                */
-                       .hfn_threshold = pdcp_test_hfn_threshold[i],
-                       .hfn_ovrd = pdcp_test_packet_direction[i] ? 1 : 0,
+                       .bearer = bearer,
+                       .domain = domain,
+                       .pkt_dir = packet_direction,
+                       .sn_size = sn_size,
+                       .hfn = packet_direction ? 0 : hfn,
+                       /**
+                        * hfn can be set as pdcp_test_hfn[i]
+                        * if hfn_ovrd is not set. Here, PDCP
+                        * packet direction is just used to
+                        * run half of the cases with session
+                        * HFN and other half with per packet
+                        * HFN.
+                        */
+                       .hfn_threshold = hfn_threshold,
+                       .hfn_ovrd = packet_direction ? 1 : 0,
+                       .sdap_enabled = sdap,
                } },
                .crypto_xform = &ut_params->cipher_xform
        };
 
        /* Create security session */
        ut_params->sec_session = rte_security_session_create(ctx,
-                               &sess_conf, ts_params->session_priv_mpool);
+                               &sess_conf, ts_params->session_mpool,
+                               ts_params->session_priv_mpool);
 
        if (!ut_params->sec_session) {
                printf("TestCase %s()-%d line %d failed %s: ",
@@ -7241,7 +7791,7 @@ test_pdcp_proto(int i, int oop,
 
        uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ut_params->op,
                                        uint32_t *, IV_OFFSET);
-       *per_pkt_hfn = pdcp_test_packet_direction[i] ? pdcp_test_hfn[i] : 0;
+       *per_pkt_hfn = packet_direction ? hfn : 0;
 
        rte_security_attach_session(ut_params->op, ut_params->sec_session);
 
@@ -7479,7 +8029,8 @@ test_pdcp_proto_SGL(int i, int oop,
 
        /* Create security session */
        ut_params->sec_session = rte_security_session_create(ctx,
-                               &sess_conf, ts_params->session_priv_mpool);
+                               &sess_conf, ts_params->session_mpool,
+                               ts_params->session_priv_mpool);
 
        if (!ut_params->sec_session) {
                printf("TestCase %s()-%d line %d failed %s: ",
@@ -7582,74 +8133,97 @@ on_err:
 int
 test_pdcp_proto_cplane_encap(int i)
 {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_ENCRYPT,
-               RTE_CRYPTO_AUTH_OP_GENERATE,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i],
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i]+4);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4,
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
 }
 
 int
 test_pdcp_proto_uplane_encap(int i)
 {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_ENCRYPT,
-               RTE_CRYPTO_AUTH_OP_GENERATE,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i],
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i]);
-
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i],
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
 }
 
 int
 test_pdcp_proto_uplane_encap_with_int(int i)
 {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_ENCRYPT,
-               RTE_CRYPTO_AUTH_OP_GENERATE,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i],
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i] + 4);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4,
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
 }
 
 int
 test_pdcp_proto_cplane_decap(int i)
 {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_DECRYPT,
-               RTE_CRYPTO_AUTH_OP_VERIFY,
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i] + 4,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i]);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY,
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
 }
 
 int
 test_pdcp_proto_uplane_decap(int i)
 {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_DECRYPT,
-               RTE_CRYPTO_AUTH_OP_VERIFY,
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i],
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i]);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY,
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i],
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
 }
 
 int
 test_pdcp_proto_uplane_decap_with_int(int i)
 {
-       return test_pdcp_proto(i, 0,
-               RTE_CRYPTO_CIPHER_OP_DECRYPT,
-               RTE_CRYPTO_AUTH_OP_VERIFY,
-               pdcp_test_data_out[i],
-               pdcp_test_data_in_len[i] + 4,
-               pdcp_test_data_in[i],
-               pdcp_test_data_in_len[i]);
+       return test_pdcp_proto(
+               i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY,
+               pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4,
+               pdcp_test_data_in[i], pdcp_test_data_in_len[i],
+               pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i],
+               pdcp_test_params[i].cipher_key_len,
+               pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i],
+               pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i],
+               pdcp_test_params[i].domain, pdcp_test_packet_direction[i],
+               pdcp_test_data_sn_size[i], pdcp_test_hfn[i],
+               pdcp_test_hfn_threshold[i], SDAP_DISABLED);
 }
 
 static int
@@ -7718,6 +8292,90 @@ test_PDCP_PROTO_SGL_oop_128B_32B(void)
                        128, 32);
 }
 
+static int
+test_PDCP_SDAP_PROTO_encap_all(void)
+{
+       int i = 0, size = 0;
+       int err, all_err = TEST_SUCCESS;
+       const struct pdcp_sdap_test *cur_test;
+
+       size = ARRAY_SIZE(list_pdcp_sdap_tests);
+
+       for (i = 0; i < size; i++) {
+               cur_test = &list_pdcp_sdap_tests[i];
+               err = test_pdcp_proto(
+                       i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT,
+                       RTE_CRYPTO_AUTH_OP_GENERATE, cur_test->data_in,
+                       cur_test->in_len, cur_test->data_out,
+                       cur_test->in_len + ((cur_test->auth_key) ? 4 : 0),
+                       cur_test->param.cipher_alg, cur_test->cipher_key,
+                       cur_test->param.cipher_key_len,
+                       cur_test->param.auth_alg,
+                       cur_test->auth_key, cur_test->param.auth_key_len,
+                       cur_test->bearer, cur_test->param.domain,
+                       cur_test->packet_direction, cur_test->sn_size,
+                       cur_test->hfn,
+                       cur_test->hfn_threshold, SDAP_ENABLED);
+               if (err) {
+                       printf("\t%d) %s: Encapsulation failed\n",
+                                       cur_test->test_idx,
+                                       cur_test->param.name);
+                       err = TEST_FAILED;
+               } else {
+                       printf("\t%d) %s: Encap PASS\n", cur_test->test_idx,
+                                       cur_test->param.name);
+                       err = TEST_SUCCESS;
+               }
+               all_err += err;
+       }
+
+       printf("Success: %d, Failure: %d\n", size + all_err, -all_err);
+
+       return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED;
+}
+
+static int
+test_PDCP_SDAP_PROTO_decap_all(void)
+{
+       int i = 0, size = 0;
+       int err, all_err = TEST_SUCCESS;
+       const struct pdcp_sdap_test *cur_test;
+
+       size = ARRAY_SIZE(list_pdcp_sdap_tests);
+
+       for (i = 0; i < size; i++) {
+               cur_test = &list_pdcp_sdap_tests[i];
+               err = test_pdcp_proto(
+                       i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT,
+                       RTE_CRYPTO_AUTH_OP_VERIFY,
+                       cur_test->data_out,
+                       cur_test->in_len + ((cur_test->auth_key) ? 4 : 0),
+                       cur_test->data_in, cur_test->in_len,
+                       cur_test->param.cipher_alg,
+                       cur_test->cipher_key, cur_test->param.cipher_key_len,
+                       cur_test->param.auth_alg, cur_test->auth_key,
+                       cur_test->param.auth_key_len, cur_test->bearer,
+                       cur_test->param.domain, cur_test->packet_direction,
+                       cur_test->sn_size, cur_test->hfn,
+                       cur_test->hfn_threshold, SDAP_ENABLED);
+               if (err) {
+                       printf("\t%d) %s: Decapsulation failed\n",
+                                       cur_test->test_idx,
+                                       cur_test->param.name);
+                       err = TEST_FAILED;
+               } else {
+                       printf("\t%d) %s: Decap PASS\n", cur_test->test_idx,
+                                       cur_test->param.name);
+                       err = TEST_SUCCESS;
+               }
+               all_err += err;
+       }
+
+       printf("Success: %d, Failure: %d\n", size + all_err, -all_err);
+
+       return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED;
+}
+
 static int
 test_PDCP_PROTO_all(void)
 {
@@ -7749,6 +8407,8 @@ test_PDCP_PROTO_all(void)
        status += test_PDCP_PROTO_SGL_oop_32B_128B();
        status += test_PDCP_PROTO_SGL_oop_32B_40B();
        status += test_PDCP_PROTO_SGL_oop_128B_32B();
+       status += test_PDCP_SDAP_PROTO_encap_all();
+       status += test_PDCP_SDAP_PROTO_decap_all();
 
        if (status)
                return TEST_FAILED;
@@ -7836,6 +8496,7 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td)
 
        /* Create security session */
        ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
+                                       ts_params->session_mpool,
                                        ts_params->session_priv_mpool);
 
        if (!ut_params->sec_session) {
@@ -8011,6 +8672,7 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td)
 
        /* Create security session */
        ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
+                                       ts_params->session_mpool,
                                        ts_params->session_priv_mpool);
 
        if (!ut_params->sec_session) {
@@ -8491,6 +9153,16 @@ test_authenticated_decryption(const struct aead_test_data *tdata)
        int retval;
        uint8_t *plaintext;
        uint32_t i;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -8540,6 +9212,9 @@ test_authenticated_decryption(const struct aead_test_data *tdata)
        /* Process crypto operation */
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_aead_op(ts_params->valid_devs[0], ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 0, 0, 0);
        else
                TEST_ASSERT_NOT_NULL(
                        process_crypto_request(ts_params->valid_devs[0],
@@ -8834,6 +9509,9 @@ test_authenticated_encryption_oop(const struct aead_test_data *tdata)
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               return -ENOTSUP;
+
        /* not supported with CPU crypto */
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                return -ENOTSUP;
@@ -8923,8 +9601,9 @@ test_authenticated_decryption_oop(const struct aead_test_data *tdata)
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
-       /* not supported with CPU crypto */
-       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+       /* not supported with CPU crypto and raw data-path APIs*/
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO ||
+                       global_api_test_type == CRYPTODEV_RAW_API_TEST)
                return -ENOTSUP;
 
        /* Create AEAD session */
@@ -9110,6 +9789,12 @@ test_authenticated_decryption_sessionless(
                return -ENOTSUP;
        }
 
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
+
        /* not supported with CPU crypto */
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                return -ENOTSUP;
@@ -9151,8 +9836,13 @@ test_authenticated_decryption_sessionless(
                        "crypto op session type not sessionless");
 
        /* Process crypto operation */
-       TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0],
-                       ut_params->op), "failed to process sym crypto op");
+       if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 0, 0, 0);
+       else
+               TEST_ASSERT_NOT_NULL(process_crypto_request(
+                       ts_params->valid_devs[0], ut_params->op),
+                               "failed to process sym crypto op");
 
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed crypto process");
 
@@ -9442,6 +10132,16 @@ test_MD5_HMAC_generate(const struct HMAC_MD5_vector *test_case)
 
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -9470,6 +10170,9 @@ test_MD5_HMAC_generate(const struct HMAC_MD5_vector *test_case)
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                        ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
        else
                TEST_ASSERT_NOT_NULL(
                        process_crypto_request(ts_params->valid_devs[0],
@@ -9502,6 +10205,16 @@ test_MD5_HMAC_verify(const struct HMAC_MD5_vector *test_case)
 
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -9528,6 +10241,9 @@ test_MD5_HMAC_verify(const struct HMAC_MD5_vector *test_case)
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                        ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
        else
                TEST_ASSERT_NOT_NULL(
                        process_crypto_request(ts_params->valid_devs[0],
@@ -9993,6 +10709,53 @@ create_gmac_operation(enum rte_crypto_auth_operation op,
        return 0;
 }
 
+static int
+create_gmac_operation_sgl(enum rte_crypto_auth_operation op,
+               const struct gmac_test_data *tdata,
+               void *digest_mem, uint64_t digest_phys)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_crypto_sym_op *sym_op;
+
+       /* Generate Crypto op data structure */
+       ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
+                       RTE_CRYPTO_OP_TYPE_SYMMETRIC);
+       TEST_ASSERT_NOT_NULL(ut_params->op,
+                       "Failed to allocate symmetric crypto operation struct");
+
+       sym_op = ut_params->op->sym;
+
+       sym_op->auth.digest.data = digest_mem;
+       TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data,
+                       "no room to append digest");
+
+       sym_op->auth.digest.phys_addr = digest_phys;
+
+       if (op == RTE_CRYPTO_AUTH_OP_VERIFY) {
+               rte_memcpy(sym_op->auth.digest.data, tdata->gmac_tag.data,
+                               tdata->gmac_tag.len);
+               debug_hexdump(stdout, "digest:",
+                               sym_op->auth.digest.data,
+                               tdata->gmac_tag.len);
+       }
+
+       uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op,
+                       uint8_t *, IV_OFFSET);
+
+       rte_memcpy(iv_ptr, tdata->iv.data, tdata->iv.len);
+
+       debug_hexdump(stdout, "iv:", iv_ptr, tdata->iv.len);
+
+       sym_op->cipher.data.length = 0;
+       sym_op->cipher.data.offset = 0;
+
+       sym_op->auth.data.offset = 0;
+       sym_op->auth.data.length = tdata->plaintext.len;
+
+       return 0;
+}
+
 static int create_gmac_session(uint8_t dev_id,
                const struct gmac_test_data *tdata,
                enum rte_crypto_auth_operation auth_op)
@@ -10033,6 +10796,16 @@ test_AES_GMAC_authentication(const struct gmac_test_data *tdata)
 {
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        int retval;
 
@@ -10096,6 +10869,9 @@ test_AES_GMAC_authentication(const struct gmac_test_data *tdata)
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                        ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
        else
                TEST_ASSERT_NOT_NULL(
                        process_crypto_request(ts_params->valid_devs[0],
@@ -10154,6 +10930,16 @@ test_AES_GMAC_authentication_verify(const struct gmac_test_data *tdata)
        int retval;
        uint32_t plaintext_pad_len;
        uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0,
                              "No GMAC length in the source data");
@@ -10213,6 +10999,9 @@ test_AES_GMAC_authentication_verify(const struct gmac_test_data *tdata)
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                        ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
        else
                TEST_ASSERT_NOT_NULL(
                        process_crypto_request(ts_params->valid_devs[0],
@@ -10249,6 +11038,166 @@ test_AES_GMAC_authentication_verify_test_case_4(void)
        return test_AES_GMAC_authentication_verify(&gmac_test_case_4);
 }
 
+static int
+test_AES_GMAC_authentication_SGL(const struct gmac_test_data *tdata,
+                               uint32_t fragsz)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct crypto_unittest_params *ut_params = &unittest_params;
+       struct rte_cryptodev_info dev_info;
+       uint64_t feature_flags;
+       unsigned int trn_data = 0;
+       void *digest_mem = NULL;
+       uint32_t segs = 1;
+       unsigned int to_trn = 0;
+       struct rte_mbuf *buf = NULL;
+       uint8_t *auth_tag, *plaintext;
+       int retval;
+
+       TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0,
+                             "No GMAC length in the source data");
+
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_AES_GMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
+       /* Check for any input SGL support */
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       feature_flags = dev_info.feature_flags;
+
+       if ((!(feature_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) &&
+                       (!(feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT)) &&
+                       (!(feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)))
+               return -ENOTSUP;
+
+       if (fragsz > tdata->plaintext.len)
+               fragsz = tdata->plaintext.len;
+
+       uint16_t plaintext_len = fragsz;
+
+       retval = create_gmac_session(ts_params->valid_devs[0],
+                       tdata, RTE_CRYPTO_AUTH_OP_GENERATE);
+
+       if (retval < 0)
+               return retval;
+
+       ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+       TEST_ASSERT_NOT_NULL(ut_params->ibuf,
+                       "Failed to allocate input buffer in mempool");
+
+       memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
+                       rte_pktmbuf_tailroom(ut_params->ibuf));
+
+       plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+                               plaintext_len);
+       TEST_ASSERT_NOT_NULL(plaintext, "no room to append plaintext");
+
+       memcpy(plaintext, tdata->plaintext.data, plaintext_len);
+
+       trn_data += plaintext_len;
+
+       buf = ut_params->ibuf;
+
+       /*
+        * Loop until no more fragments
+        */
+
+       while (trn_data < tdata->plaintext.len) {
+               ++segs;
+               to_trn = (tdata->plaintext.len - trn_data < fragsz) ?
+                               (tdata->plaintext.len - trn_data) : fragsz;
+
+               buf->next = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+               buf = buf->next;
+
+               memset(rte_pktmbuf_mtod(buf, uint8_t *), 0,
+                               rte_pktmbuf_tailroom(buf));
+
+               plaintext = (uint8_t *)rte_pktmbuf_append(buf,
+                               to_trn);
+
+               memcpy(plaintext, tdata->plaintext.data + trn_data,
+                               to_trn);
+               trn_data += to_trn;
+               if (trn_data  == tdata->plaintext.len)
+                       digest_mem = (uint8_t *)rte_pktmbuf_append(buf,
+                                       tdata->gmac_tag.len);
+       }
+       ut_params->ibuf->nb_segs = segs;
+
+       /*
+        * Place digest at the end of the last buffer
+        */
+       uint64_t digest_phys = rte_pktmbuf_iova(buf) + to_trn;
+
+       if (!digest_mem) {
+               digest_mem = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+                               + tdata->gmac_tag.len);
+               digest_phys = rte_pktmbuf_iova_offset(ut_params->ibuf,
+                               tdata->plaintext.len);
+       }
+
+       retval = create_gmac_operation_sgl(RTE_CRYPTO_AUTH_OP_GENERATE,
+                       tdata, digest_mem, digest_phys);
+
+       if (retval < 0)
+               return retval;
+
+       rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess);
+
+       ut_params->op->sym->m_src = ut_params->ibuf;
+
+       if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
+               return -ENOTSUP;
+
+       TEST_ASSERT_NOT_NULL(
+               process_crypto_request(ts_params->valid_devs[0],
+               ut_params->op), "failed to process sym crypto op");
+
+       TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS,
+                       "crypto op processing failed");
+
+       auth_tag = digest_mem;
+       debug_hexdump(stdout, "auth tag:", auth_tag, tdata->gmac_tag.len);
+       TEST_ASSERT_BUFFERS_ARE_EQUAL(
+                       auth_tag,
+                       tdata->gmac_tag.data,
+                       tdata->gmac_tag.len,
+                       "GMAC Generated auth tag not as expected");
+
+       return 0;
+}
+
+/* Segment size not multiple of block size (16B) */
+static int
+test_AES_GMAC_authentication_SGL_40B(void)
+{
+       return test_AES_GMAC_authentication_SGL(&gmac_test_case_1, 40);
+}
+
+static int
+test_AES_GMAC_authentication_SGL_80B(void)
+{
+       return test_AES_GMAC_authentication_SGL(&gmac_test_case_1, 80);
+}
+
+static int
+test_AES_GMAC_authentication_SGL_2048B(void)
+{
+       return test_AES_GMAC_authentication_SGL(&gmac_test_case_5, 2048);
+}
+
+/* Segment size not multiple of block size (16B) */
+static int
+test_AES_GMAC_authentication_SGL_2047B(void)
+{
+       return test_AES_GMAC_authentication_SGL(&gmac_test_case_5, 2047);
+}
+
 struct test_crypto_vector {
        enum rte_crypto_cipher_algorithm crypto_algo;
        unsigned int cipher_offset;
@@ -10728,6 +11677,16 @@ test_authentication_verify_fail_when_data_corruption(
        int retval;
 
        uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -10737,6 +11696,7 @@ test_authentication_verify_fail_when_data_corruption(
                        &cap_idx) == NULL)
                return -ENOTSUP;
 
+
        /* Create session */
        retval = create_auth_session(ut_params,
                        ts_params->valid_devs[0],
@@ -10778,7 +11738,10 @@ test_authentication_verify_fail_when_data_corruption(
                TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
                        RTE_CRYPTO_OP_STATUS_SUCCESS,
                        "authentication not failed");
-       } else {
+       } else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
+       else {
                ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
                TEST_ASSERT_NULL(ut_params->op, "authentication not failed");
@@ -10796,6 +11759,16 @@ test_authentication_verify_GMAC_fail_when_corruption(
 {
        int retval;
        uint8_t *plaintext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -10849,7 +11822,10 @@ test_authentication_verify_GMAC_fail_when_corruption(
                TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
                        RTE_CRYPTO_OP_STATUS_SUCCESS,
                        "authentication not failed");
-       } else {
+       } else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 1, 0, 0);
+       else {
                ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
                TEST_ASSERT_NULL(ut_params->op, "authentication not failed");
@@ -10868,6 +11844,16 @@ test_authenticated_decryption_fail_when_corruption(
        int retval;
 
        uint8_t *ciphertext;
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -10924,7 +11910,10 @@ test_authenticated_decryption_fail_when_corruption(
                TEST_ASSERT_NOT_EQUAL(ut_params->op->status,
                        RTE_CRYPTO_OP_STATUS_SUCCESS,
                        "authentication not failed");
-       } else {
+       } else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 0, 0);
+       else {
                ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
                TEST_ASSERT_NULL(ut_params->op, "authentication not failed");
@@ -10945,6 +11934,16 @@ test_authenticated_encryt_with_esn(
        uint16_t plaintext_pad_len;
        uint8_t cipher_key[reference->cipher_key.len + 1];
        uint8_t auth_key[reference->auth_key.len + 1];
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -11019,6 +12018,9 @@ test_authenticated_encryt_with_esn(
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                        ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 0, 0);
        else
                ut_params->op = process_crypto_request(
                        ts_params->valid_devs[0], ut_params->op);
@@ -11065,6 +12067,16 @@ test_authenticated_decrypt_with_esn(
        uint8_t *ciphertext;
        uint8_t cipher_key[reference->cipher_key.len + 1];
        uint8_t auth_key[reference->auth_key.len + 1];
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+               printf("Device doesn't support RAW data-path APIs.\n");
+               return -ENOTSUP;
+       }
 
        /* Verify the capabilities */
        struct rte_cryptodev_sym_capability_idx cap_idx;
@@ -11139,6 +12151,9 @@ test_authenticated_decrypt_with_esn(
        if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_crypt_auth_op(ts_params->valid_devs[0],
                        ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 1, 1, 0, 0);
        else
                ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
@@ -11279,10 +12294,21 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
                if (sgl_in && (!(dev_info.feature_flags &
                                RTE_CRYPTODEV_FF_IN_PLACE_SGL)))
                        return -ENOTSUP;
+
+               uint64_t feat_flags = dev_info.feature_flags;
+
+               if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+                       (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+                       printf("Device doesn't support RAW data-path APIs.\n");
+                       return -ENOTSUP;
+               }
        } else {
                unsigned int sgl_in = fragsz < tdata->plaintext.len;
                unsigned int sgl_out = (fragsz_oop ? fragsz_oop : fragsz) <
                                tdata->plaintext.len;
+               /* Raw data path API does not support OOP */
+               if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+                       return -ENOTSUP;
                if (sgl_in && !sgl_out) {
                        if (!(dev_info.feature_flags &
                                        RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT))
@@ -11478,6 +12504,9 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
        if (oop == IN_PLACE &&
                        gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO)
                process_cpu_aead_op(ts_params->valid_devs[0], ut_params->op);
+       else if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
+               process_sym_raw_dp_op(ts_params->valid_devs[0], 0,
+                               ut_params->op, 0, 0, 0, 0);
        else
                TEST_ASSERT_NOT_NULL(
                        process_crypto_request(ts_params->valid_devs[0],
@@ -11708,7 +12737,7 @@ test_chacha20_poly1305_decrypt_test_case_rfc8439(void)
        return test_authenticated_decryption(&chacha20_poly1305_case_rfc8439);
 }
 
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
 
 /* global AESNI worker IDs for the scheduler test */
 uint8_t aesni_ids[2];
@@ -11928,7 +12957,7 @@ static struct unit_test_suite cryptodev_scheduler_testsuite  = {
        }
 };
 
-#endif /* RTE_LIBRTE_PMD_CRYPTO_SCHEDULER */
+#endif /* RTE_CRYPTO_SCHEDULER */
 
 static struct unit_test_suite cryptodev_testsuite  = {
        .suite_name = "Crypto Unit Test Suite",
@@ -12162,6 +13191,15 @@ static struct unit_test_suite cryptodev_testsuite  = {
                        test_AES_GMAC_authentication_test_case_4),
                TEST_CASE_ST(ut_setup, ut_teardown,
                        test_AES_GMAC_authentication_verify_test_case_4),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_AES_GMAC_authentication_SGL_40B),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_AES_GMAC_authentication_SGL_80B),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_AES_GMAC_authentication_SGL_2048B),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_AES_GMAC_authentication_SGL_2047B),
+
                /** Chacha20-Poly1305 */
                TEST_CASE_ST(ut_setup, ut_teardown,
                        test_chacha20_poly1305_encrypt_test_case_rfc8439),
@@ -12549,7 +13587,7 @@ static struct unit_test_suite cryptodev_testsuite  = {
                TEST_CASE_ST(ut_setup, ut_teardown,
                        test_verify_auth_aes_cmac_cipher_null_test_case_1),
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
                TEST_CASE_ST(ut_setup_security, ut_teardown,
                        test_PDCP_PROTO_all),
                TEST_CASE_ST(ut_setup_security, ut_teardown,
@@ -12590,23 +13628,6 @@ static struct unit_test_suite cryptodev_caam_jr_testsuite  = {
        }
 };
 
-static struct unit_test_suite cryptodev_armv8_testsuite  = {
-       .suite_name = "Crypto Device ARMv8 Unit Test Suite",
-       .setup = testsuite_setup,
-       .teardown = testsuite_teardown,
-       .unit_test_cases = {
-               TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
-
-               /** Negative tests */
-               TEST_CASE_ST(ut_setup, ut_teardown,
-                       auth_decryption_AES128CBC_HMAC_SHA1_fail_data_corrupt),
-               TEST_CASE_ST(ut_setup, ut_teardown,
-                       auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt),
-
-               TEST_CASES_END() /**< NULL terminate unit test array */
-       }
-};
-
 static struct unit_test_suite cryptodev_mrvl_testsuite  = {
        .suite_name = "Crypto Device Marvell Component Test Suite",
        .setup = testsuite_setup,
@@ -12842,7 +13863,7 @@ test_cryptodev_armv8(void)
                return TEST_SKIPPED;
        }
 
-       return unit_test_suite_runner(&cryptodev_armv8_testsuite);
+       return unit_test_suite_runner(&cryptodev_testsuite);
 }
 
 static int
@@ -12859,7 +13880,7 @@ test_cryptodev_mrvl(void)
        return unit_test_suite_runner(&cryptodev_mrvl_testsuite);
 }
 
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
 
 static int
 test_cryptodev_scheduler(void /*argv __rte_unused, int argc __rte_unused*/)
@@ -12978,6 +13999,44 @@ test_cryptodev_nitrox(void)
        return unit_test_suite_runner(&cryptodev_testsuite);
 }
 
+static int
+test_cryptodev_bcmfs(void)
+{
+       gbl_driver_id = rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_BCMFS_PMD));
+
+       if (gbl_driver_id == -1) {
+               RTE_LOG(ERR, USER1, "BCMFS PMD must be loaded.\n");
+               return TEST_FAILED;
+       }
+
+       return unit_test_suite_runner(&cryptodev_testsuite);
+}
+
+static int
+test_cryptodev_qat_raw_api(void /*argv __rte_unused, int argc __rte_unused*/)
+{
+       int ret;
+
+       gbl_driver_id = rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD));
+
+       if (gbl_driver_id == -1) {
+               RTE_LOG(ERR, USER1, "QAT PMD must be loaded. Check that both "
+               "CONFIG_RTE_LIBRTE_PMD_QAT and CONFIG_RTE_LIBRTE_PMD_QAT_SYM "
+               "are enabled in config file to run this testsuite.\n");
+               return TEST_SKIPPED;
+       }
+
+       global_api_test_type = CRYPTODEV_RAW_API_TEST;
+       ret = unit_test_suite_runner(&cryptodev_testsuite);
+       global_api_test_type = CRYPTODEV_API_TEST;
+
+       return ret;
+}
+
+REGISTER_TEST_COMMAND(cryptodev_qat_raw_api_autotest,
+               test_cryptodev_qat_raw_api);
 REGISTER_TEST_COMMAND(cryptodev_qat_autotest, test_cryptodev_qat);
 REGISTER_TEST_COMMAND(cryptodev_aesni_mb_autotest, test_cryptodev_aesni_mb);
 REGISTER_TEST_COMMAND(cryptodev_cpu_aesni_mb_autotest,
@@ -13000,3 +14059,4 @@ REGISTER_TEST_COMMAND(cryptodev_octeontx_autotest, test_cryptodev_octeontx);
 REGISTER_TEST_COMMAND(cryptodev_octeontx2_autotest, test_cryptodev_octeontx2);
 REGISTER_TEST_COMMAND(cryptodev_caam_jr_autotest, test_cryptodev_caam_jr);
 REGISTER_TEST_COMMAND(cryptodev_nitrox_autotest, test_cryptodev_nitrox);
+REGISTER_TEST_COMMAND(cryptodev_bcmfs_autotest, test_cryptodev_bcmfs);
DPDK repo used for reviews