dst += 1;
}
- if (td->ipsec_xform.tunnel.type ==
- RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
- memcpy(&ipsec_xform.tunnel.ipv4.src_ip, &src, sizeof(src));
- memcpy(&ipsec_xform.tunnel.ipv4.dst_ip, &dst, sizeof(dst));
- } else {
- memcpy(&ipsec_xform.tunnel.ipv6.src_addr, &v6_src,
- sizeof(v6_src));
- memcpy(&ipsec_xform.tunnel.ipv6.dst_addr, &v6_dst,
- sizeof(v6_dst));
+ if (td->ipsec_xform.mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL) {
+ if (td->ipsec_xform.tunnel.type ==
+ RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
+ memcpy(&ipsec_xform.tunnel.ipv4.src_ip, &src,
+ sizeof(src));
+ memcpy(&ipsec_xform.tunnel.ipv4.dst_ip, &dst,
+ sizeof(dst));
+ } else {
+ memcpy(&ipsec_xform.tunnel.ipv6.src_addr, &v6_src,
+ sizeof(v6_src));
+ memcpy(&ipsec_xform.tunnel.ipv6.dst_addr, &v6_dst,
+ sizeof(v6_dst));
+ }
}
ctx = rte_cryptodev_get_sec_ctx(dev_id);
return test_ipsec_proto_all(&flags);
}
+static int
+test_ipsec_proto_transport_v4(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.ipv6 = false;
+ flags.transport = true;
+
+ return test_ipsec_proto_all(&flags);
+}
+
static int
test_PDCP_PROTO_all(void)
{
"Tunnel IPv6 in IPv4",
ut_setup_security, ut_teardown,
test_ipsec_proto_tunnel_v6_in_v4),
+ TEST_CASE_NAMED_ST(
+ "Transport IPv4",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_transport_v4),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
test_ipsec_csum_init(&td->input_text.data, false, true);
}
- if (flags->tunnel_ipv6)
- td->ipsec_xform.tunnel.type =
- RTE_SECURITY_IPSEC_TUNNEL_IPV6;
- else
- td->ipsec_xform.tunnel.type =
- RTE_SECURITY_IPSEC_TUNNEL_IPV4;
+ if (flags->transport) {
+ td->ipsec_xform.mode =
+ RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT;
+ } else {
+ td->ipsec_xform.mode =
+ RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;
+
+ if (flags->tunnel_ipv6)
+ td->ipsec_xform.tunnel.type =
+ RTE_SECURITY_IPSEC_TUNNEL_IPV6;
+ else
+ td->ipsec_xform.tunnel.type =
+ RTE_SECURITY_IPSEC_TUNNEL_IPV4;
+ }
+
}
}
uint8_t *output_text = rte_pktmbuf_mtod(m, uint8_t *);
int ret;
- if (flags->iv_gen &&
- td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
- ret = test_ipsec_iv_verify_push(m, td);
- if (ret != TEST_SUCCESS)
- return ret;
- }
-
if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
const struct rte_ipv4_hdr *iph4;
const struct rte_ipv6_hdr *iph6;
- if (td->ipsec_xform.tunnel.type ==
- RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
- iph4 = (const struct rte_ipv4_hdr *)output_text;
- if (is_valid_ipv4_pkt(iph4) == false) {
- printf("Outer header is not IPv4\n");
- return TEST_FAILED;
+ if (flags->iv_gen) {
+ ret = test_ipsec_iv_verify_push(m, td);
+ if (ret != TEST_SUCCESS)
+ return ret;
+ }
+
+ iph4 = (const struct rte_ipv4_hdr *)output_text;
+
+ if (td->ipsec_xform.mode ==
+ RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) {
+ if (flags->ipv6) {
+ iph6 = (const struct rte_ipv6_hdr *)output_text;
+ if (is_valid_ipv6_pkt(iph6) == false) {
+ printf("Transport packet is not IPv6\n");
+ return TEST_FAILED;
+ }
+ } else {
+ if (is_valid_ipv4_pkt(iph4) == false) {
+ printf("Transport packet is not IPv4\n");
+ return TEST_FAILED;
+ }
}
} else {
- iph6 = (const struct rte_ipv6_hdr *)output_text;
- if (is_valid_ipv6_pkt(iph6) == false) {
- printf("Outer header is not IPv6\n");
- return TEST_FAILED;
+ if (td->ipsec_xform.tunnel.type ==
+ RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
+ if (is_valid_ipv4_pkt(iph4) == false) {
+ printf("Tunnel outer header is not IPv4\n");
+ return TEST_FAILED;
+ }
+ } else {
+ iph6 = (const struct rte_ipv6_hdr *)output_text;
+ if (is_valid_ipv6_pkt(iph6) == false) {
+ printf("Tunnel outer header is not IPv6\n");
+ return TEST_FAILED;
+ }
}
}
}
git.droids-corp.org / dpdk.git / commitdiff