#include <rte_log.h>
#include <rte_memory.h>
#include <rte_mempool.h>
+#include <rte_ether.h>
#include <rte_security.h>
#include <rte_security_driver.h>
#define MOCK_TEST_ASSERT_EQUAL(fail_counter, a, b, msg, ...) \
MOCK_TEST_ASSERT(fail_counter, (a) == (b), msg, ##__VA_ARGS__)
+/**
+ * Verify not null condition inside mocked up function.
+ * Mockup function cannot return a test error, so the failure
+ * of assertion increases counter and print logs.
+ * The counter can be verified later to check if test case should fail.
+ *
+ * @param fail_counter fail counter
+ * @param val value expected not to be NULL
+ * @param msg printf style formatting string for custom message
+ */
+#define MOCK_TEST_ASSERT_NOT_NULL(fail_counter, val, msg, ...) \
+ MOCK_TEST_ASSERT(fail_counter, (val) != NULL, msg, ##__VA_ARGS__)
+
/**
* Verify if parameter of the mocked up function matches expected value.
#define MOCK_TEST_ASSERT_POINTER_PARAMETER(data, parameter) \
MOCK_TEST_ASSERT_PARAMETER(data, parameter, "%p")
+/**
+ * Wrap for MOCK_TEST_ASSERT_PARAMETER macro for uint64_t type parameters.
+ *
+ * @param data structure with expected values
+ * @param parameter name of the parameter (both field and parameter name)
+ */
+#define MOCK_TEST_ASSERT_U64_PARAMETER(data, parameter) \
+ MOCK_TEST_ASSERT_PARAMETER(data, parameter, "%" PRIu64)
+
/**
* Verify number of calls of the mocked up function
* and check if there were any fails during execution.
expected_mempool_usage, mempool_usage); \
} while (0)
+/**
+ * Verify usage of mempool by checking if number of allocated objects matches
+ * expectations. The mempool is used to manage objects for sessions priv data.
+ * A single object is acquired from mempool during session_create
+ * and put back in session_destroy.
+ *
+ * @param expected_priv_mp_usage expected number of used priv mp objects
+ */
+#define TEST_ASSERT_PRIV_MP_USAGE(expected_priv_mp_usage) do { \
+ struct security_testsuite_params *ts_params = &testsuite_params;\
+ unsigned int priv_mp_usage; \
+ priv_mp_usage = rte_mempool_in_use_count( \
+ ts_params->session_priv_mpool); \
+ TEST_ASSERT_EQUAL(expected_priv_mp_usage, priv_mp_usage, \
+ "Expecting %u priv mempool allocations, " \
+ "but there are %u allocated objects", \
+ expected_priv_mp_usage, priv_mp_usage); \
+} while (0)
/**
* Mockup structures and functions for rte_security_ops;
* increases .called counter. Function returns value stored in .ret field
* of the structure.
* In case of some parameters in some functions the expected value is unknown
- * and cannot be detrmined prior to call. Such parameters are stored
+ * and cannot be determined prior to call. Such parameters are stored
* in structure and can be compared or analyzed later in test case code.
*
* Below structures and functions follow the rules just described.
struct rte_security_session_conf *conf;
struct rte_security_session *sess;
struct rte_mempool *mp;
+ struct rte_mempool *priv_mp;
int ret;
int called;
int failed;
-} mock_session_create_exp = {NULL, NULL, NULL, NULL, 0, 0, 0};
+} mock_session_create_exp = {NULL, NULL, NULL, NULL, NULL, 0, 0, 0};
static int
mock_session_create(void *device,
struct rte_security_session_conf *conf,
struct rte_security_session *sess,
- struct rte_mempool *mp)
+ struct rte_mempool *priv_mp)
{
+ void *sess_priv;
+ int ret;
+
mock_session_create_exp.called++;
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, device);
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, conf);
- MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, mp);
+ MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, priv_mp);
+
+ if (mock_session_create_exp.ret == 0) {
+ ret = rte_mempool_get(priv_mp, &sess_priv);
+ TEST_ASSERT_EQUAL(0, ret,
+ "priv mempool does not have enough objects");
- mock_session_create_exp.sess = sess;
+ set_sec_session_private_data(sess, sess_priv);
+ mock_session_create_exp.sess = sess;
+ }
return mock_session_create_exp.ret;
}
static int
mock_session_destroy(void *device, struct rte_security_session *sess)
{
- mock_session_destroy_exp.called++;
+ void *sess_priv = get_sec_session_private_data(sess);
+ mock_session_destroy_exp.called++;
+ if ((mock_session_destroy_exp.ret == 0) && (sess_priv != NULL)) {
+ rte_mempool_put(rte_mempool_from_obj(sess_priv), sess_priv);
+ set_sec_session_private_data(sess, NULL);
+ }
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, device);
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, sess);
return mock_set_pkt_metadata_exp.ret;
}
+/**
+ * get_userdata mockup
+ *
+ * Verified parameters: device, md.
+ * The userdata parameter works as an output parameter, so a passed address
+ * is verified not to be NULL and filled with userdata stored in structure.
+ */
+static struct mock_get_userdata_data {
+ void *device;
+ uint64_t md;
+ void *userdata;
+
+ int ret;
+
+ int called;
+ int failed;
+} mock_get_userdata_exp = {NULL, 0UL, NULL, 0, 0, 0};
+
+static int
+mock_get_userdata(void *device,
+ uint64_t md,
+ void **userdata)
+{
+ mock_get_userdata_exp.called++;
+
+ MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_get_userdata_exp, device);
+ MOCK_TEST_ASSERT_U64_PARAMETER(mock_get_userdata_exp, md);
+
+ MOCK_TEST_ASSERT_NOT_NULL(mock_get_userdata_exp.failed,
+ userdata,
+ "Expecting parameter userdata not to be NULL but it's %p",
+ userdata);
+ *userdata = mock_get_userdata_exp.userdata;
+
+ return mock_get_userdata_exp.ret;
+}
+
+/**
+ * capabilities_get mockup
+ *
+ * Verified parameters: device.
+ */
+static struct mock_capabilities_get_data {
+ void *device;
+
+ struct rte_security_capability *ret;
+
+ int called;
+ int failed;
+} mock_capabilities_get_exp = {NULL, NULL, 0, 0};
+
+static const struct rte_security_capability *
+mock_capabilities_get(void *device)
+{
+ mock_capabilities_get_exp.called++;
+
+ MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_capabilities_get_exp, device);
+
+ return mock_capabilities_get_exp.ret;
+}
+
/**
* empty_ops
*
.session_stats_get = mock_session_stats_get,
.session_destroy = mock_session_destroy,
.set_pkt_metadata = mock_set_pkt_metadata,
+ .get_userdata = mock_get_userdata,
+ .capabilities_get = mock_capabilities_get,
};
*/
static struct security_testsuite_params {
struct rte_mempool *session_mpool;
+ struct rte_mempool *session_priv_mpool;
} testsuite_params = { NULL };
/**
.sess = NULL,
};
-#define SECURITY_TEST_MEMPOOL_NAME "SecurityTestsMempoolName"
+#define SECURITY_TEST_MEMPOOL_NAME "SecurityTestMp"
+#define SECURITY_TEST_PRIV_MEMPOOL_NAME "SecurityTestPrivMp"
#define SECURITY_TEST_MEMPOOL_SIZE 15
-#define SECURITY_TEST_SESSION_OBJECT_SIZE sizeof(struct rte_security_session)
+#define SECURITY_TEST_SESSION_OBJ_SZ sizeof(struct rte_security_session)
+#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 64
/**
* testsuite_setup initializes whole test suite parameters.
ts_params->session_mpool = rte_mempool_create(
SECURITY_TEST_MEMPOOL_NAME,
SECURITY_TEST_MEMPOOL_SIZE,
- SECURITY_TEST_SESSION_OBJECT_SIZE,
+ SECURITY_TEST_SESSION_OBJ_SZ,
0, 0, NULL, NULL, NULL, NULL,
SOCKET_ID_ANY, 0);
TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
"Cannot create mempool %s\n", rte_strerror(rte_errno));
+
+ ts_params->session_priv_mpool = rte_mempool_create(
+ SECURITY_TEST_PRIV_MEMPOOL_NAME,
+ SECURITY_TEST_MEMPOOL_SIZE,
+ SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
+ 0, 0, NULL, NULL, NULL, NULL,
+ SOCKET_ID_ANY, 0);
+ if (ts_params->session_priv_mpool == NULL) {
+ RTE_LOG(ERR, USER1, "TestCase %s() line %d failed (null): "
+ "Cannot create priv mempool %s\n",
+ __func__, __LINE__, rte_strerror(rte_errno));
+ rte_mempool_free(ts_params->session_mpool);
+ ts_params->session_mpool = NULL;
+ return TEST_FAILED;
+ }
+
return TEST_SUCCESS;
}
rte_mempool_free(ts_params->session_mpool);
ts_params->session_mpool = NULL;
}
+ if (ts_params->session_priv_mpool) {
+ rte_mempool_free(ts_params->session_priv_mpool);
+ ts_params->session_priv_mpool = NULL;
+ }
}
/**
mock_session_stats_get_exp.called = 0;
mock_session_destroy_exp.called = 0;
mock_set_pkt_metadata_exp.called = 0;
+ mock_get_userdata_exp.called = 0;
+ mock_capabilities_get_exp.called = 0;
mock_session_create_exp.failed = 0;
mock_session_update_exp.failed = 0;
mock_session_stats_get_exp.failed = 0;
mock_session_destroy_exp.failed = 0;
mock_set_pkt_metadata_exp.failed = 0;
+ mock_get_userdata_exp.failed = 0;
+ mock_capabilities_get_exp.failed = 0;
return TEST_SUCCESS;
}
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
+ mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = 0;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool);
+ ts_params->session_mpool,
+ ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
sess);
TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
struct rte_security_session *sess;
sess = rte_security_session_create(NULL, &ut_params->conf,
- ts_params->session_mpool);
+ ts_params->session_mpool,
+ ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
ut_params->ctx.ops = NULL;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool);
+ ts_params->session_mpool,
+ ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
ut_params->ctx.ops = &empty_ops;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool);
+ ts_params->session_mpool,
+ ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
struct rte_security_session *sess;
sess = rte_security_session_create(&ut_params->ctx, NULL,
- ts_params->session_mpool);
+ ts_params->session_mpool,
+ ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
}
/**
- * Test execution of rte_security_session_create with NULL mp parameter
+ * Test execution of rte_security_session_create with NULL session
+ * mempool
*/
static int
test_session_create_inv_mempool(void)
{
struct security_unittest_params *ut_params = &unittest_params;
+ struct security_testsuite_params *ts_params = &testsuite_params;
struct rte_security_session *sess;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- NULL);
+ NULL, ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
+ TEST_ASSERT_SESSION_COUNT(0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_session_create with NULL session
+ * priv mempool
+ */
+static int
+test_session_create_inv_sess_priv_mempool(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct security_testsuite_params *ts_params = &testsuite_params;
+ struct rte_security_session *sess;
+
+ sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
+ ts_params->session_mpool, NULL);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
+ sess, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
+ TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
struct rte_security_session *tmp[SECURITY_TEST_MEMPOOL_SIZE];
+ void *tmp1[SECURITY_TEST_MEMPOOL_SIZE];
struct rte_security_session *sess;
/* Get all available objects from mempool. */
TEST_ASSERT_EQUAL(0, ret,
"Expect getting %d object from mempool"
" to succeed", i);
+ ret = rte_mempool_get(ts_params->session_priv_mpool,
+ (void **)(&tmp1[i]));
+ TEST_ASSERT_EQUAL(0, ret,
+ "Expect getting %d object from priv mempool"
+ " to succeed", i);
}
TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
+ TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool);
+ ts_params->session_mpool,
+ ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
+ TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
TEST_ASSERT_SESSION_COUNT(0);
/* Put objects back to the pool. */
- for (i = 0; i < SECURITY_TEST_MEMPOOL_SIZE; ++i)
- rte_mempool_put(ts_params->session_mpool, (void *)(tmp[i]));
+ for (i = 0; i < SECURITY_TEST_MEMPOOL_SIZE; ++i) {
+ rte_mempool_put(ts_params->session_mpool,
+ (void *)(tmp[i]));
+ rte_mempool_put(ts_params->session_priv_mpool,
+ (tmp1[i]));
+ }
TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
return TEST_SUCCESS;
}
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
+ mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = -1; /* Return failure status. */
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool);
+ ts_params->session_mpool,
+ ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
+ mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = 0; /* Return success status. */
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool);
+ ts_params->session_mpool,
+ ts_params->session_priv_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
sess);
TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
sess, mock_session_create_exp.sess);
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
/*
struct security_unittest_params *ut_params = &unittest_params;
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(NULL, ut_params->sess);
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
ut_params->ctx.ops = NULL;
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
ut_params->ctx.ops = &empty_ops;
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
ret, -ENOTSUP, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
struct security_unittest_params *ut_params = &unittest_params;
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx, NULL);
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
mock_session_destroy_exp.ret = -1;
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
ret, -1, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
mock_session_destroy_exp.sess = ut_params->sess;
mock_session_destroy_exp.ret = 0;
TEST_ASSERT_MEMPOOL_USAGE(1);
+ TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
ret, 0, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(0);
+ TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
/*
static int
test_set_pkt_metadata_inv_context_ops_fun(void)
{
-#ifdef RTE_DEBUG
struct security_unittest_params *ut_params = &unittest_params;
struct rte_mbuf m;
int params;
TEST_ASSERT_MOCK_CALLS(mock_set_pkt_metadata_exp, 0);
return TEST_SUCCESS;
-#else
- return TEST_SKIPPED;
-#endif
}
/**
}
+/**
+ * rte_security_get_userdata tests
+ */
+
+/**
+ * Test execution of rte_security_get_userdata with NULL instance
+ */
+static int
+test_get_userdata_inv_context(void)
+{
+#ifdef RTE_DEBUG
+ uint64_t md = 0xDEADBEEF;
+
+ void *ret = rte_security_get_userdata(NULL, md);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_get_userdata,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_get_userdata_exp, 0);
+
+ return TEST_SUCCESS;
+#else
+ return TEST_SKIPPED;
+#endif
+}
+
+/**
+ * Test execution of rte_security_get_userdata with invalid
+ * security operations structure (NULL)
+ */
+static int
+test_get_userdata_inv_context_ops(void)
+{
+#ifdef RTE_DEBUG
+ struct security_unittest_params *ut_params = &unittest_params;
+ uint64_t md = 0xDEADBEEF;
+ ut_params->ctx.ops = NULL;
+
+ void *ret = rte_security_get_userdata(&ut_params->ctx, md);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_get_userdata,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_get_userdata_exp, 0);
+
+ return TEST_SUCCESS;
+#else
+ return TEST_SKIPPED;
+#endif
+}
+
+/**
+ * Test execution of rte_security_get_userdata with empty
+ * security operations
+ */
+static int
+test_get_userdata_inv_context_ops_fun(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ uint64_t md = 0xDEADBEEF;
+ ut_params->ctx.ops = &empty_ops;
+
+ void *ret = rte_security_get_userdata(&ut_params->ctx, md);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_get_userdata,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_get_userdata_exp, 0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_get_userdata when get_userdata
+ * security operation fails
+ */
+static int
+test_get_userdata_ops_failure(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ uint64_t md = 0xDEADBEEF;
+ void *userdata = (void *)0x7E577E57;
+
+ mock_get_userdata_exp.device = NULL;
+ mock_get_userdata_exp.md = md;
+ mock_get_userdata_exp.userdata = userdata;
+ mock_get_userdata_exp.ret = -1;
+
+ void *ret = rte_security_get_userdata(&ut_params->ctx, md);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_get_userdata,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_get_userdata_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_get_userdata in successful execution path
+ */
+static int
+test_get_userdata_success(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ uint64_t md = 0xDEADBEEF;
+ void *userdata = (void *)0x7E577E57;
+
+ mock_get_userdata_exp.device = NULL;
+ mock_get_userdata_exp.md = md;
+ mock_get_userdata_exp.userdata = userdata;
+ mock_get_userdata_exp.ret = 0;
+
+ void *ret = rte_security_get_userdata(&ut_params->ctx, md);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_get_userdata,
+ ret, userdata, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_get_userdata_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+
+/**
+ * rte_security_capabilities_get tests
+ */
+
+/**
+ * Test execution of rte_security_capabilities_get with NULL instance
+ */
+static int
+test_capabilities_get_inv_context(void)
+{
+ const struct rte_security_capability *ret;
+ ret = rte_security_capabilities_get(NULL);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capabilities_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capabilities_get with invalid
+ * security operations structure (NULL)
+ */
+static int
+test_capabilities_get_inv_context_ops(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ ut_params->ctx.ops = NULL;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capabilities_get(&ut_params->ctx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capabilities_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capabilities_get with empty
+ * security operations
+ */
+static int
+test_capabilities_get_inv_context_ops_fun(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ ut_params->ctx.ops = &empty_ops;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capabilities_get(&ut_params->ctx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capabilities_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capabilities_get when capabilities_get
+ * security operation fails
+ */
+static int
+test_capabilities_get_ops_failure(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = NULL;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capabilities_get(&ut_params->ctx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capabilities_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capabilities_get in successful execution path
+ */
+static int
+test_capabilities_get_success(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability capabilities;
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = &capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capabilities_get(&ut_params->ctx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capabilities_get,
+ ret, &capabilities, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+
+/**
+ * rte_security_capability_get tests
+ */
+
+/**
+ * Test execution of rte_security_capability_get with NULL instance
+ */
+static int
+test_capability_get_inv_context(void)
+{
+ struct rte_security_capability_idx idx;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(NULL, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get with invalid
+ * security operations structure (NULL)
+ */
+static int
+test_capability_get_inv_context_ops(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx;
+ ut_params->ctx.ops = NULL;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get with empty
+ * security operations
+ */
+static int
+test_capability_get_inv_context_ops_fun(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx;
+ ut_params->ctx.ops = &empty_ops;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get with NULL idx parameter
+ */
+static int
+test_capability_get_inv_idx(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, NULL);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 0);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities_get
+ * security operation fails
+ */
+static int
+test_capability_get_ops_failure(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx;
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = NULL;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * is empty (contains only RTE_SECURITY_ACTION_TYPE_NONE ending entry)
+ */
+static int
+test_capability_get_empty_table(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx;
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * does not contain entry with matching action
+ */
+static int
+test_capability_get_no_matching_action(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL,
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * does not contain entry with matching protocol
+ */
+static int
+test_capability_get_no_matching_protocol(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_MACSEC,
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_PDCP,
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when macsec protocol
+ * is searched and capabilities table contain proper entry.
+ * However macsec records search is not supported in rte_security.
+ */
+static int
+test_capability_get_no_support_for_macsec(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_MACSEC,
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_MACSEC,
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * does not contain entry with matching ipsec proto field
+ */
+static int
+test_capability_get_ipsec_mismatch_proto(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ .ipsec = {
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ },
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ .ipsec = {
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_AH,
+ },
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * does not contain entry with matching ipsec mode field
+ */
+static int
+test_capability_get_ipsec_mismatch_mode(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ .ipsec = {
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT,
+ },
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ .ipsec = {
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+ },
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * does not contain entry with matching ipsec direction field
+ */
+static int
+test_capability_get_ipsec_mismatch_dir(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ .ipsec = {
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+ .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+ },
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ .ipsec = {
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+ .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+ },
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * contains matching ipsec entry
+ */
+static int
+test_capability_get_ipsec_match(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ .ipsec = {
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+ .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+ },
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ .ipsec = {
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+ .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+ },
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, &capabilities[1], "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * does not contain entry with matching pdcp domain field
+ */
+static int
+test_capability_get_pdcp_mismatch_domain(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_PDCP,
+ .pdcp = {
+ .domain = RTE_SECURITY_PDCP_MODE_CONTROL,
+ },
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_PDCP,
+ .pdcp = {
+ .domain = RTE_SECURITY_PDCP_MODE_DATA,
+ },
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * contains matching pdcp entry
+ */
+static int
+test_capability_get_pdcp_match(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_PDCP,
+ .pdcp = {
+ .domain = RTE_SECURITY_PDCP_MODE_CONTROL,
+ },
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_PDCP,
+ .pdcp = {
+ .domain = RTE_SECURITY_PDCP_MODE_CONTROL,
+ },
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, &capabilities[1], "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * does not contain entry with matching DOCSIS direction field
+ */
+static int
+test_capability_get_docsis_mismatch_direction(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
+ .docsis = {
+ .direction = RTE_SECURITY_DOCSIS_DOWNLINK
+ },
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
+ .docsis = {
+ .direction = RTE_SECURITY_DOCSIS_UPLINK
+ },
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, NULL, "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
+/**
+ * Test execution of rte_security_capability_get when capabilities table
+ * contains matching DOCSIS entry
+ */
+static int
+test_capability_get_docsis_match(void)
+{
+ struct security_unittest_params *ut_params = &unittest_params;
+ struct rte_security_capability_idx idx = {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
+ .docsis = {
+ .direction = RTE_SECURITY_DOCSIS_UPLINK
+ },
+ };
+ struct rte_security_capability capabilities[] = {
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
+ .docsis = {
+ .direction = RTE_SECURITY_DOCSIS_UPLINK
+ },
+ },
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE,
+ },
+ };
+
+ mock_capabilities_get_exp.device = NULL;
+ mock_capabilities_get_exp.ret = capabilities;
+
+ const struct rte_security_capability *ret;
+ ret = rte_security_capability_get(&ut_params->ctx, &idx);
+ TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_capability_get,
+ ret, &capabilities[1], "%p");
+ TEST_ASSERT_MOCK_CALLS(mock_capabilities_get_exp, 1);
+
+ return TEST_SUCCESS;
+}
+
/**
* Declaration of testcases
*/
test_session_create_inv_configuration),
TEST_CASE_ST(ut_setup, ut_teardown,
test_session_create_inv_mempool),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_session_create_inv_sess_priv_mempool),
TEST_CASE_ST(ut_setup, ut_teardown,
test_session_create_mempool_empty),
TEST_CASE_ST(ut_setup, ut_teardown,
TEST_CASE_ST(ut_setup_with_session, ut_teardown,
test_set_pkt_metadata_success),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_get_userdata_inv_context),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_get_userdata_inv_context_ops),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_get_userdata_inv_context_ops_fun),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_get_userdata_ops_failure),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_get_userdata_success),
+
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capabilities_get_inv_context),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capabilities_get_inv_context_ops),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capabilities_get_inv_context_ops_fun),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capabilities_get_ops_failure),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capabilities_get_success),
+
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_inv_context),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_inv_context_ops),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_inv_context_ops_fun),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_inv_idx),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_ops_failure),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_empty_table),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_no_matching_action),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_no_matching_protocol),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_no_support_for_macsec),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_ipsec_mismatch_proto),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_ipsec_mismatch_mode),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_ipsec_mismatch_dir),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_ipsec_match),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_pdcp_mismatch_domain),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_pdcp_match),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_docsis_mismatch_direction),
+ TEST_CASE_ST(ut_setup_with_session, ut_teardown,
+ test_capability_get_docsis_match),
+
TEST_CASES_END() /**< NULL terminate unit test array */
}
};