test/crypto: add capability checks
authorAdam Dybkowski <adamx.dybkowski@intel.com>
Mon, 20 Jan 2020 13:11:45 +0000 (14:11 +0100)
committerAkhil Goyal <akhil.goyal@nxp.com>
Wed, 5 Feb 2020 14:17:36 +0000 (15:17 +0100)
This patch adds capability checks to many tests meant to be run
in the future on various PMDs. This way the code is prepared for
more thorough refactoring in order to create one big central
unit tests array.

Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Tested-by: Akhil Goyal <akhil.goyal@nxp.com>
app/test/test_cryptodev.c

index d406ce4..ba6b7b2 100644 (file)
@@ -674,6 +674,13 @@ test_device_configure_invalid_queue_pair_ids(void)
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        uint16_t orig_nb_qps = ts_params->conf.nb_queue_pairs;
 
+       /* This test is for QAT and NITROX PMDs only */
+       if (gbl_driver_id != rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD)) &&
+           gbl_driver_id != rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_NITROX_PMD)))
+               return -ENOTSUP;
+
        /* Stop the device in case it's started so it can be configured */
        rte_cryptodev_stop(ts_params->valid_devs[0]);
 
@@ -745,6 +752,11 @@ test_queue_pair_descriptor_setup(void)
 
        uint16_t qp_id;
 
+       /* This test is for QAT PMD only */
+       if (gbl_driver_id != rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD)))
+               return -ENOTSUP;
+
        /* Stop the device in case it's started so it can be configured */
        rte_cryptodev_stop(ts_params->valid_devs[0]);
 
@@ -1353,6 +1365,19 @@ test_AES_CBC_HMAC_SHA1_encrypt_digest(void)
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA1_HMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Generate test mbuf data and space for digest */
        ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
                        catch_22_quote, QUOTE_512_BYTES, 0);
@@ -2333,6 +2358,20 @@ test_snow3g_authentication(const struct snow3g_hash_test_data *tdata)
        unsigned plaintext_len;
        uint8_t *plaintext;
 
+       /* QAT PMD supports byte-aligned data only */
+       if ((tdata->validAuthLenInBits.len % 8 != 0) &&
+                       (gbl_driver_id == rte_cryptodev_driver_id_get(
+                               RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD))))
+               return -ENOTSUP;
+
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
                        tdata->key.data, tdata->key.len,
@@ -2393,6 +2432,20 @@ test_snow3g_authentication_verify(const struct snow3g_hash_test_data *tdata)
        unsigned plaintext_len;
        uint8_t *plaintext;
 
+       /* QAT PMD supports byte-aligned data only */
+       if ((tdata->validAuthLenInBits.len % 8 != 0) &&
+                       (gbl_driver_id == rte_cryptodev_driver_id_get(
+                               RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD))))
+               return -ENOTSUP;
+
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
                                tdata->key.data, tdata->key.len,
@@ -2453,6 +2506,14 @@ test_kasumi_authentication(const struct kasumi_hash_test_data *tdata)
        unsigned plaintext_len;
        uint8_t *plaintext;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
                        tdata->key.data, tdata->key.len,
@@ -2513,6 +2574,14 @@ test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata)
        unsigned plaintext_len;
        uint8_t *plaintext;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
                                tdata->key.data, tdata->key.len,
@@ -2712,6 +2781,14 @@ test_kasumi_encryption(const struct kasumi_test_data *tdata)
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -2784,6 +2861,14 @@ test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata)
 
        struct rte_cryptodev_info dev_info;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -2862,6 +2947,14 @@ test_kasumi_encryption_oop(const struct kasumi_test_data *tdata)
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -2935,6 +3028,14 @@ test_kasumi_encryption_oop_sgl(const struct kasumi_test_data *tdata)
 
        struct rte_cryptodev_info dev_info;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -3012,6 +3113,14 @@ test_kasumi_decryption_oop(const struct kasumi_test_data *tdata)
        unsigned ciphertext_pad_len;
        unsigned ciphertext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_DECRYPT,
@@ -3081,6 +3190,14 @@ test_kasumi_decryption(const struct kasumi_test_data *tdata)
        unsigned ciphertext_pad_len;
        unsigned ciphertext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_DECRYPT,
@@ -3148,6 +3265,14 @@ test_snow3g_encryption(const struct snow3g_test_data *tdata)
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3214,6 +3339,14 @@ test_snow3g_encryption_oop(const struct snow3g_test_data *tdata)
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3289,6 +3422,14 @@ test_snow3g_encryption_oop_sgl(const struct snow3g_test_data *tdata)
 
        struct rte_cryptodev_info dev_info;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -3390,6 +3531,19 @@ test_snow3g_encryption_offset_oop(const struct snow3g_test_data *tdata)
        uint8_t extra_offset = 4;
        uint8_t *expected_ciphertext_shifted;
 
+       /* QAT PMD supports byte-aligned data only */
+       if (gbl_driver_id == rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD)))
+               return -ENOTSUP;
+
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3481,6 +3635,14 @@ static int test_snow3g_decryption(const struct snow3g_test_data *tdata)
        unsigned ciphertext_pad_len;
        unsigned ciphertext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_DECRYPT,
@@ -3544,6 +3706,14 @@ static int test_snow3g_decryption_oop(const struct snow3g_test_data *tdata)
        unsigned ciphertext_pad_len;
        unsigned ciphertext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0],
                                        RTE_CRYPTO_CIPHER_OP_DECRYPT,
@@ -3704,6 +3874,19 @@ test_snow3g_cipher_auth(const struct snow3g_test_data *tdata)
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create SNOW 3G session */
        retval = create_wireless_algo_cipher_auth_session(ts_params->valid_devs[0],
                        RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -3791,6 +3974,19 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata,
 
        struct rte_cryptodev_info dev_info;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -3955,6 +4151,19 @@ test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata,
 
        struct rte_cryptodev_info dev_info;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -4135,6 +4344,19 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata,
 
        struct rte_cryptodev_info dev_info;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -4301,6 +4523,19 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata,
 
        struct rte_cryptodev_info dev_info;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        uint64_t feat_flags = dev_info.feature_flags;
@@ -4476,6 +4711,19 @@ test_kasumi_cipher_auth(const struct kasumi_test_data *tdata)
        unsigned plaintext_pad_len;
        unsigned plaintext_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create KASUMI session */
        retval = create_wireless_algo_cipher_auth_session(
                        ts_params->valid_devs[0],
@@ -4730,6 +4978,12 @@ test_zuc_authentication(const struct wireless_test_data *tdata)
 
        struct rte_cryptodev_sym_capability_idx cap_idx;
 
+       /* QAT PMD supports byte-aligned data only */
+       if ((tdata->validAuthLenInBits.len % 8 != 0) &&
+                       (gbl_driver_id == rte_cryptodev_driver_id_get(
+                               RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD))))
+               return -ENOTSUP;
+
        /* Check if device supports ZUC EIA3 */
        cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
        cap_idx.algo.auth = RTE_CRYPTO_AUTH_ZUC_EIA3;
@@ -4781,7 +5035,7 @@ test_zuc_authentication(const struct wireless_test_data *tdata)
        TEST_ASSERT_BUFFERS_ARE_EQUAL(
        ut_params->digest,
        tdata->digest.data,
-       DIGEST_BYTE_LENGTH_KASUMI_F9,
+       tdata->digest.len,
        "ZUC Generated auth tag not as expected");
 
        return 0;
@@ -5671,6 +5925,11 @@ test_zuc_hash_generate_test_case_6(void)
 static int
 test_zuc_hash_generate_test_case_7(void)
 {
+       /* This test is not for SW ZUC PMD */
+       if (gbl_driver_id == rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_ZUC_PMD)))
+               return -ENOTSUP;
+
        return test_zuc_authentication(&zuc_test_case_auth_2080b);
 }
 
@@ -5695,6 +5954,11 @@ test_zuc_cipher_auth_test_case_2(void)
 static int
 test_zuc_auth_cipher_test_case_1(void)
 {
+       /* This test is not for SW ZUC PMD */
+       if (gbl_driver_id == rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_ZUC_PMD)))
+               return -ENOTSUP;
+
        return test_zuc_auth_cipher(
                &zuc_auth_cipher_test_case_1, IN_PLACE, 0);
 }
@@ -6631,6 +6895,20 @@ test_authenticated_encryption(const struct aead_test_data *tdata)
        uint16_t plaintext_pad_len;
        uint32_t i;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       const struct rte_cryptodev_symmetric_capability *capability;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+       cap_idx.algo.aead = tdata->algo;
+       capability = rte_cryptodev_sym_capability_get(
+                       ts_params->valid_devs[0], &cap_idx);
+       if (capability == NULL)
+               return -ENOTSUP;
+       if (rte_cryptodev_sym_capability_check_aead(
+                       capability, tdata->key.len, tdata->auth_tag.len,
+                       tdata->aad.len, tdata->iv.len))
+               return -ENOTSUP;
+
        /* Create AEAD session */
        retval = create_aead_session(ts_params->valid_devs[0],
                        tdata->algo,
@@ -6722,6 +7000,18 @@ test_pdcp_proto(int i, int oop,
        struct crypto_unittest_params *ut_params = &unittest_params;
        uint8_t *plaintext;
        int ret = TEST_SUCCESS;
+       struct rte_security_ctx *ctx = (struct rte_security_ctx *)
+                               rte_cryptodev_get_sec_ctx(
+                               ts_params->valid_devs[0]);
+
+       /* Verify the capabilities */
+       struct rte_security_capability_idx sec_cap_idx;
+
+       sec_cap_idx.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
+       sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP;
+       sec_cap_idx.pdcp.domain = pdcp_test_params[i].domain;
+       if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL)
+               return -ENOTSUP;
 
        /* Generate test mbuf data */
        ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
@@ -6784,10 +7074,6 @@ test_pdcp_proto(int i, int oop,
                .crypto_xform = &ut_params->cipher_xform
        };
 
-       struct rte_security_ctx *ctx = (struct rte_security_ctx *)
-                               rte_cryptodev_get_sec_ctx(
-                               ts_params->valid_devs[0]);
-
        /* Create security session */
        ut_params->sec_session = rte_security_session_create(ctx,
                                &sess_conf, ts_params->session_priv_mpool);
@@ -6888,6 +7174,18 @@ test_pdcp_proto_SGL(int i, int oop,
        int to_trn_tbl[16];
        int segs = 1;
        unsigned int trn_data = 0;
+       struct rte_security_ctx *ctx = (struct rte_security_ctx *)
+                               rte_cryptodev_get_sec_ctx(
+                               ts_params->valid_devs[0]);
+
+       /* Verify the capabilities */
+       struct rte_security_capability_idx sec_cap_idx;
+
+       sec_cap_idx.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;
+       sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP;
+       sec_cap_idx.pdcp.domain = pdcp_test_params[i].domain;
+       if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL)
+               return -ENOTSUP;
 
        if (fragsz > input_vec_len)
                fragsz = input_vec_len;
@@ -7033,10 +7331,6 @@ test_pdcp_proto_SGL(int i, int oop,
                .crypto_xform = &ut_params->cipher_xform
        };
 
-       struct rte_security_ctx *ctx = (struct rte_security_ctx *)
-                               rte_cryptodev_get_sec_ctx(
-                               ts_params->valid_devs[0]);
-
        /* Create security session */
        ut_params->sec_session = rte_security_session_create(ctx,
                                &sess_conf, ts_params->session_priv_mpool);
@@ -7433,6 +7727,8 @@ test_AES_GCM_auth_encryption_fail_iv_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.iv.data[0] += 1;
        res = test_authenticated_encryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
        return TEST_SUCCESS;
 }
@@ -7447,6 +7743,8 @@ test_AES_GCM_auth_encryption_fail_in_data_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.plaintext.data[0] += 1;
        res = test_authenticated_encryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
        return TEST_SUCCESS;
 }
@@ -7461,6 +7759,8 @@ test_AES_GCM_auth_encryption_fail_out_data_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.ciphertext.data[0] += 1;
        res = test_authenticated_encryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
        return TEST_SUCCESS;
 }
@@ -7475,6 +7775,8 @@ test_AES_GCM_auth_encryption_fail_aad_len_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.aad.len += 1;
        res = test_authenticated_encryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
        return TEST_SUCCESS;
 }
@@ -7492,6 +7794,8 @@ test_AES_GCM_auth_encryption_fail_aad_corrupt(void)
        aad[0] += 1;
        tdata.aad.data = aad;
        res = test_authenticated_encryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
        return TEST_SUCCESS;
 }
@@ -7506,6 +7810,8 @@ test_AES_GCM_auth_encryption_fail_tag_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.auth_tag.data[0] += 1;
        res = test_authenticated_encryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
        return TEST_SUCCESS;
 }
@@ -7520,6 +7826,20 @@ test_authenticated_decryption(const struct aead_test_data *tdata)
        uint8_t *plaintext;
        uint32_t i;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       const struct rte_cryptodev_symmetric_capability *capability;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+       cap_idx.algo.aead = tdata->algo;
+       capability = rte_cryptodev_sym_capability_get(
+                       ts_params->valid_devs[0], &cap_idx);
+       if (capability == NULL)
+               return -ENOTSUP;
+       if (rte_cryptodev_sym_capability_check_aead(
+                       capability, tdata->key.len, tdata->auth_tag.len,
+                       tdata->aad.len, tdata->iv.len))
+               return -ENOTSUP;
+
        /* Create AEAD session */
        retval = create_aead_session(ts_params->valid_devs[0],
                        tdata->algo,
@@ -7735,6 +8055,8 @@ test_AES_GCM_auth_decryption_fail_iv_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.iv.data[0] += 1;
        res = test_authenticated_decryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
        return TEST_SUCCESS;
 }
@@ -7749,6 +8071,8 @@ test_AES_GCM_auth_decryption_fail_in_data_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.plaintext.data[0] += 1;
        res = test_authenticated_decryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
        return TEST_SUCCESS;
 }
@@ -7762,6 +8086,8 @@ test_AES_GCM_auth_decryption_fail_out_data_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.ciphertext.data[0] += 1;
        res = test_authenticated_decryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
        return TEST_SUCCESS;
 }
@@ -7775,6 +8101,8 @@ test_AES_GCM_auth_decryption_fail_aad_len_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.aad.len += 1;
        res = test_authenticated_decryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
        return TEST_SUCCESS;
 }
@@ -7791,6 +8119,8 @@ test_AES_GCM_auth_decryption_fail_aad_corrupt(void)
        aad[0] += 1;
        tdata.aad.data = aad;
        res = test_authenticated_decryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
        return TEST_SUCCESS;
 }
@@ -7804,6 +8134,8 @@ test_AES_GCM_auth_decryption_fail_tag_corrupt(void)
        memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
        tdata.auth_tag.data[0] += 1;
        res = test_authenticated_decryption(&tdata);
+       if (res == -ENOTSUP)
+               return res;
        TEST_ASSERT_EQUAL(res, TEST_FAILED, "authentication not failed");
        return TEST_SUCCESS;
 }
@@ -7818,6 +8150,14 @@ test_authenticated_encryption_oop(const struct aead_test_data *tdata)
        uint8_t *ciphertext, *auth_tag;
        uint16_t plaintext_pad_len;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+       cap_idx.algo.aead = tdata->algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create AEAD session */
        retval = create_aead_session(ts_params->valid_devs[0],
                        tdata->algo,
@@ -7895,6 +8235,14 @@ test_authenticated_decryption_oop(const struct aead_test_data *tdata)
        int retval;
        uint8_t *plaintext;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+       cap_idx.algo.aead = tdata->algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create AEAD session */
        retval = create_aead_session(ts_params->valid_devs[0],
                        tdata->algo,
@@ -7967,6 +8315,21 @@ test_authenticated_encryption_sessionless(
        uint16_t plaintext_pad_len;
        uint8_t key[tdata->key.len + 1];
 
+       /* This test is for AESNI MB and AESNI GCM PMDs only */
+       if ((gbl_driver_id != rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD))) &&
+                       (gbl_driver_id != rte_cryptodev_driver_id_get(
+                               RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD))))
+               return -ENOTSUP;
+
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+       cap_idx.algo.aead = tdata->algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
 
        /* clear mbuf payload */
@@ -8048,6 +8411,21 @@ test_authenticated_decryption_sessionless(
        uint8_t *plaintext;
        uint8_t key[tdata->key.len + 1];
 
+       /* This test is for AESNI MB and AESNI GCM PMDs only */
+       if ((gbl_driver_id != rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD))) &&
+                       (gbl_driver_id != rte_cryptodev_driver_id_get(
+                               RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD))))
+               return -ENOTSUP;
+
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+       cap_idx.algo.aead = tdata->algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* alloc mbuf and set payload */
        ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
 
@@ -8226,6 +8604,19 @@ test_stats(void)
        struct rte_cryptodev *dev;
        cryptodev_stats_get_t temp_pfn;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA1_HMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_stats_reset(ts_params->valid_devs[0]);
        TEST_ASSERT((rte_cryptodev_stats_get(ts_params->valid_devs[0] + 600,
                        &stats) == -ENODEV),
@@ -8360,6 +8751,14 @@ test_MD5_HMAC_generate(const struct HMAC_MD5_vector *test_case)
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_MD5_HMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        if (MD5_HMAC_create_session(ts_params, ut_params,
                        RTE_CRYPTO_AUTH_OP_GENERATE, test_case))
                return TEST_FAILED;
@@ -8406,6 +8805,14 @@ test_MD5_HMAC_verify(const struct HMAC_MD5_vector *test_case)
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_MD5_HMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        if (MD5_HMAC_create_session(ts_params, ut_params,
                        RTE_CRYPTO_AUTH_OP_VERIFY, test_case)) {
                return TEST_FAILED;
@@ -8464,6 +8871,19 @@ test_multi_session(void)
 
        uint16_t i;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA512_HMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(ut_params,
                        aes_cbc_key, hmac_sha512_key);
 
@@ -8579,6 +8999,19 @@ test_multi_session_random_usage(void)
 
        };
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA512_HMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
        sessions = rte_malloc(NULL,
@@ -8661,6 +9094,14 @@ test_null_cipher_only_operation(void)
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_NULL;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Generate test mbuf data and space for digest */
        ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
                        catch_22_quote, QUOTE_512_BYTES, 0);
@@ -8727,6 +9168,14 @@ test_null_auth_only_operation(void)
        struct crypto_unittest_params *ut_params = &unittest_params;
        uint8_t *digest;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_NULL;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Generate test mbuf data and space for digest */
        ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
                        catch_22_quote, QUOTE_512_BYTES, 0);
@@ -8799,6 +9248,19 @@ test_null_cipher_auth_operation(void)
        struct crypto_unittest_params *ut_params = &unittest_params;
        uint8_t *digest;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_NULL;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_NULL;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Generate test mbuf data and space for digest */
        ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
                        catch_22_quote, QUOTE_512_BYTES, 0);
@@ -8887,6 +9349,19 @@ test_null_auth_cipher_operation(void)
        struct crypto_unittest_params *ut_params = &unittest_params;
        uint8_t *digest;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_NULL;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_NULL;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Generate test mbuf data */
        ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
                        catch_22_quote, QUOTE_512_BYTES, 0);
@@ -8976,6 +9451,11 @@ test_null_invalid_operation(void)
        struct crypto_unittest_params *ut_params = &unittest_params;
        int ret;
 
+       /* This test is for NULL PMD only */
+       if (gbl_driver_id != rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_NULL_PMD)))
+               return -ENOTSUP;
+
        /* Setup Cipher Parameters */
        ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
        ut_params->cipher_xform.next = NULL;
@@ -9028,6 +9508,11 @@ test_null_burst_operation(void)
        struct rte_crypto_op *burst[NULL_BURST_LENGTH] = { NULL };
        struct rte_crypto_op *burst_dequeued[NULL_BURST_LENGTH] = { NULL };
 
+       /* This test is for NULL PMD only */
+       if (gbl_driver_id != rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_NULL_PMD)))
+               return -ENOTSUP;
+
        /* Setup Cipher Parameters */
        ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
        ut_params->cipher_xform.next = &ut_params->auth_xform;
@@ -9204,6 +9689,14 @@ test_AES_GMAC_authentication(const struct gmac_test_data *tdata)
        TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0,
                              "No GMAC length in the source data");
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_AES_GMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        retval = create_gmac_session(ts_params->valid_devs[0],
                        tdata, RTE_CRYPTO_AUTH_OP_GENERATE);
 
@@ -9307,6 +9800,14 @@ test_AES_GMAC_authentication_verify(const struct gmac_test_data *tdata)
        TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0,
                              "No GMAC length in the source data");
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = RTE_CRYPTO_AUTH_AES_GMAC;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        retval = create_gmac_session(ts_params->valid_devs[0],
                        tdata, RTE_CRYPTO_AUTH_OP_VERIFY);
 
@@ -9865,6 +10366,14 @@ test_authentication_verify_fail_when_data_corruption(
 
        uint8_t *plaintext;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = reference->auth_algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create session */
        retval = create_auth_session(ut_params,
                        ts_params->valid_devs[0],
@@ -9918,6 +10427,14 @@ test_authentication_verify_GMAC_fail_when_corruption(
        int retval;
        uint8_t *plaintext;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = reference->auth_algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create session */
        retval = create_auth_cipher_session(ut_params,
                        ts_params->valid_devs[0],
@@ -9975,6 +10492,19 @@ test_authenticated_decryption_fail_when_corruption(
 
        uint8_t *ciphertext;
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = reference->auth_algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = reference->crypto_algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create session */
        retval = create_auth_cipher_session(ut_params,
                        ts_params->valid_devs[0],
@@ -10032,6 +10562,19 @@ test_authenticated_encryt_with_esn(
        uint8_t cipher_key[reference->cipher_key.len + 1];
        uint8_t auth_key[reference->auth_key.len + 1];
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = reference->auth_algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = reference->crypto_algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create session */
        memcpy(cipher_key, reference->cipher_key.data,
                        reference->cipher_key.len);
@@ -10135,6 +10678,19 @@ test_authenticated_decrypt_with_esn(
        uint8_t cipher_key[reference->cipher_key.len + 1];
        uint8_t auth_key[reference->auth_key.len + 1];
 
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+       cap_idx.algo.auth = reference->auth_algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+       cap_idx.algo.cipher = reference->crypto_algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
        /* Create session */
        memcpy(cipher_key, reference->cipher_key.data,
                        reference->cipher_key.len);
@@ -10310,6 +10866,41 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
        int segs = 1;
        unsigned int trn_data = 0;
        uint8_t *plaintext, *ciphertext, *auth_tag;
+       struct rte_cryptodev_info dev_info;
+
+       /* Verify the capabilities */
+       struct rte_cryptodev_sym_capability_idx cap_idx;
+       cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+       cap_idx.algo.aead = tdata->algo;
+       if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0],
+                       &cap_idx) == NULL)
+               return -ENOTSUP;
+
+       /* Detailed check for the particular SGL support flag */
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+       if (!oop) {
+               unsigned int sgl_in = fragsz < tdata->plaintext.len;
+               if (sgl_in && (!(dev_info.feature_flags &
+                               RTE_CRYPTODEV_FF_IN_PLACE_SGL)))
+                       return -ENOTSUP;
+       } else {
+               unsigned int sgl_in = fragsz < tdata->plaintext.len;
+               unsigned int sgl_out = (fragsz_oop ? fragsz_oop : fragsz) <
+                               tdata->plaintext.len;
+               if (sgl_in && !sgl_out) {
+                       if (!(dev_info.feature_flags &
+                                       RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT))
+                               return -ENOTSUP;
+               } else if (!sgl_in && sgl_out) {
+                       if (!(dev_info.feature_flags &
+                                       RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT))
+                               return -ENOTSUP;
+               } else if (sgl_in && sgl_out) {
+                       if (!(dev_info.feature_flags &
+                                       RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT))
+                               return -ENOTSUP;
+               }
+       }
 
        if (fragsz > tdata->plaintext.len)
                fragsz = tdata->plaintext.len;
@@ -10567,6 +11158,10 @@ test_AES_GCM_auth_encrypt_SGL_out_of_place_400B_1seg(void)
 static int
 test_AES_GCM_auth_encrypt_SGL_in_place_1500B(void)
 {
+       /* This test is not for OPENSSL PMD */
+       if (gbl_driver_id == rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)))
+               return -ENOTSUP;
 
        return test_authenticated_encryption_SGL(
                        &gcm_test_case_SGL_1, IN_PLACE, 1500, 0);