* Copyright 2020 NXP
*/
+#ifndef RTE_EXEC_ENV_WINDOWS
+
#include <time.h>
#include <rte_common.h>
int enqueue_status, dequeue_status;
struct crypto_unittest_params *ut_params = &unittest_params;
int is_sgl = sop->m_src->nb_segs > 1;
+ int is_oop = 0;
ctx_service_size = rte_cryptodev_get_raw_dp_ctx_size(dev_id);
if (ctx_service_size < 0) {
ofs.raw = 0;
+ if ((sop->m_dst != NULL) && (sop->m_dst != sop->m_src))
+ is_oop = 1;
+
if (is_cipher && is_auth) {
cipher_offset = sop->cipher.data.offset;
cipher_len = sop->cipher.data.length;
if (is_sgl) {
uint32_t remaining_off = auth_offset + auth_len;
struct rte_mbuf *sgl_buf = sop->m_src;
+ if (is_oop)
+ sgl_buf = sop->m_dst;
while (remaining_off >= rte_pktmbuf_data_len(sgl_buf)
&& sgl_buf->next != NULL) {
/* Then check if digest-encrypted conditions are met */
if ((auth_offset + auth_len < cipher_offset + cipher_len) &&
(digest.iova == auth_end_iova) && is_sgl)
- max_len = RTE_MAX(max_len, auth_offset + auth_len +
+ max_len = RTE_MAX(max_len,
+ auth_offset + auth_len +
ut_params->auth_xform.auth.digest_length);
} else if (is_cipher) {
sgl.num = n;
/* Out of place */
- if (sop->m_dst != NULL) {
+ if (is_oop) {
dest_sgl.vec = dest_data_vec;
vec.dest_sgl = &dest_sgl;
n = rte_crypto_mbuf_to_vec(sop->m_dst, 0, max_len,
dst += 1;
}
- if (td->ipsec_xform.tunnel.type ==
- RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
- memcpy(&ipsec_xform.tunnel.ipv4.src_ip, &src, sizeof(src));
- memcpy(&ipsec_xform.tunnel.ipv4.dst_ip, &dst, sizeof(dst));
- } else {
- memcpy(&ipsec_xform.tunnel.ipv6.src_addr, &v6_src,
- sizeof(v6_src));
- memcpy(&ipsec_xform.tunnel.ipv6.dst_addr, &v6_dst,
- sizeof(v6_dst));
+ if (td->ipsec_xform.mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL) {
+ if (td->ipsec_xform.tunnel.type ==
+ RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
+ memcpy(&ipsec_xform.tunnel.ipv4.src_ip, &src,
+ sizeof(src));
+ memcpy(&ipsec_xform.tunnel.ipv4.dst_ip, &dst,
+ sizeof(dst));
+
+ if (flags->df == TEST_IPSEC_SET_DF_0_INNER_1)
+ ipsec_xform.tunnel.ipv4.df = 0;
+
+ if (flags->df == TEST_IPSEC_SET_DF_1_INNER_0)
+ ipsec_xform.tunnel.ipv4.df = 1;
+
+ } else {
+ memcpy(&ipsec_xform.tunnel.ipv6.src_addr, &v6_src,
+ sizeof(v6_src));
+ memcpy(&ipsec_xform.tunnel.ipv6.dst_addr, &v6_dst,
+ sizeof(v6_dst));
+ }
}
ctx = rte_cryptodev_get_sec_ctx(dev_id);
memcpy(input_text, td[i].input_text.data,
td[i].input_text.len);
+ if (test_ipsec_pkt_update(input_text, flags))
+ return TEST_FAILED;
+
/* Generate crypto op data structure */
ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
RTE_CRYPTO_OP_TYPE_SYMMETRIC);
if (ret != TEST_SUCCESS)
goto crypto_op_free;
+ ret = test_ipsec_stats_verify(ctx, ut_params->sec_session,
+ flags, dir);
+ if (ret != TEST_SUCCESS)
+ goto crypto_op_free;
+
rte_crypto_op_free(ut_params->op);
ut_params->op = NULL;
memcpy(&td_outb, test_data, sizeof(td_outb));
- /* Disable IV gen to be able to test with known vectors */
- td_outb.ipsec_xform.options.iv_gen_disable = 1;
+ if (td_outb.aead ||
+ td_outb.xform.chain.cipher.cipher.algo != RTE_CRYPTO_CIPHER_NULL) {
+ /* Disable IV gen to be able to test with known vectors */
+ td_outb.ipsec_xform.options.iv_gen_disable = 1;
+ }
return test_ipsec_proto_process(&td_outb, NULL, 1, false, &flags);
}
td_outb,
nb_pkts);
+ if (!td_outb->aead) {
+ enum rte_crypto_cipher_algorithm cipher_alg;
+ enum rte_crypto_auth_algorithm auth_alg;
+
+ cipher_alg = td_outb->xform.chain.cipher.cipher.algo;
+ auth_alg = td_outb->xform.chain.auth.auth.algo;
+
+ /* ICV is not applicable for NULL auth */
+ if (flags->icv_corrupt &&
+ auth_alg == RTE_CRYPTO_AUTH_NULL)
+ continue;
+
+ /* IV is not applicable for NULL cipher */
+ if (flags->iv_gen &&
+ cipher_alg == RTE_CRYPTO_CIPHER_NULL)
+ continue;
+ }
+
ret = test_ipsec_proto_process(td_outb, td_inb, nb_pkts, true,
flags);
if (ret == TEST_SKIPPED)
return test_ipsec_proto_all(&flags);
}
+static int
+test_ipsec_proto_transport_v4(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.ipv6 = false;
+ flags.transport = true;
+
+ return test_ipsec_proto_all(&flags);
+}
+
+static int
+test_ipsec_proto_stats(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.stats_success = true;
+
+ return test_ipsec_proto_all(&flags);
+}
+
+static int
+test_ipsec_proto_pkt_fragment(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.fragment = true;
+
+ return test_ipsec_proto_all(&flags);
+
+}
+
+static int
+test_ipsec_proto_copy_df_inner_0(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.df = TEST_IPSEC_COPY_DF_INNER_0;
+
+ return test_ipsec_proto_all(&flags);
+}
+
+static int
+test_ipsec_proto_copy_df_inner_1(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.df = TEST_IPSEC_COPY_DF_INNER_1;
+
+ return test_ipsec_proto_all(&flags);
+}
+
+static int
+test_ipsec_proto_set_df_0_inner_1(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.df = TEST_IPSEC_SET_DF_0_INNER_1;
+
+ return test_ipsec_proto_all(&flags);
+}
+
+static int
+test_ipsec_proto_set_df_1_inner_0(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.df = TEST_IPSEC_SET_DF_1_INNER_0;
+
+ return test_ipsec_proto_all(&flags);
+}
+
static int
test_PDCP_PROTO_all(void)
{
ut_setup_security, ut_teardown,
test_ipsec_proto_known_vec,
&pkt_aes_128_cbc_hmac_sha256_v6),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Outbound known vector (ESP tunnel mode IPv4 NULL AES-XCBC-MAC [12B ICV])",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_known_vec,
+ &pkt_null_aes_xcbc),
TEST_CASE_NAMED_WITH_DATA(
"Outbound fragmented packet",
ut_setup_security, ut_teardown,
ut_setup_security, ut_teardown,
test_ipsec_proto_known_vec_inb,
&pkt_aes_128_cbc_hmac_sha256_v6),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Inbound known vector (ESP tunnel mode IPv4 NULL AES-XCBC-MAC [12B ICV])",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_known_vec_inb,
+ &pkt_null_aes_xcbc),
TEST_CASE_NAMED_ST(
"Combined test alg list",
ut_setup_security, ut_teardown,
"Tunnel IPv6 in IPv4",
ut_setup_security, ut_teardown,
test_ipsec_proto_tunnel_v6_in_v4),
+ TEST_CASE_NAMED_ST(
+ "Transport IPv4",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_transport_v4),
+ TEST_CASE_NAMED_ST(
+ "Statistics: success",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_stats),
+ TEST_CASE_NAMED_ST(
+ "Fragmented packet",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_pkt_fragment),
+ TEST_CASE_NAMED_ST(
+ "Tunnel header copy DF (inner 0)",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_copy_df_inner_0),
+ TEST_CASE_NAMED_ST(
+ "Tunnel header copy DF (inner 1)",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_copy_df_inner_1),
+ TEST_CASE_NAMED_ST(
+ "Tunnel header set DF 0 (inner 1)",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_set_df_0_inner_1),
+ TEST_CASE_NAMED_ST(
+ "Tunnel header set DF 1 (inner 0)",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_set_df_1_inner_0),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
REGISTER_TEST_COMMAND(cryptodev_bcmfs_autotest, test_cryptodev_bcmfs);
REGISTER_TEST_COMMAND(cryptodev_cn9k_autotest, test_cryptodev_cn9k);
REGISTER_TEST_COMMAND(cryptodev_cn10k_autotest, test_cryptodev_cn10k);
+
+#endif /* !RTE_EXEC_ENV_WINDOWS */
git.droids-corp.org / dpdk.git / blobdiff