From: Anoob Joseph Date: Tue, 28 Sep 2021 10:59:57 +0000 (+0530) Subject: test/crypto: add packet soft expiry cases X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=4aa52f213c9f2bb14ad7b838a3be197b91d41d89;p=dpdk.git test/crypto: add packet soft expiry cases Add tests to validate packets soft expiry handling. Signed-off-by: Anoob Joseph Acked-by: Akhil Goyal --- diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index f57a1a449c..1befbebb59 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -9045,7 +9045,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[], /* Process crypto operation */ process_crypto_request(dev_id, ut_params->op); - ret = test_ipsec_status_check(ut_params->op, flags, dir); + ret = test_ipsec_status_check(ut_params->op, flags, dir, i + 1); if (ret != TEST_SUCCESS) goto crypto_op_free; @@ -9115,7 +9115,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags) unsigned int i, nb_pkts = 1, pass_cnt = 0; int ret; - if (flags->iv_gen) + if (flags->iv_gen || + flags->sa_expiry_pkts_soft) nb_pkts = IPSEC_TEST_PACKETS_MAX; for (i = 0; i < RTE_DIM(aead_list); i++) { @@ -9179,6 +9180,18 @@ test_ipsec_proto_iv_gen(const void *data __rte_unused) return test_ipsec_proto_all(&flags); } +static int +test_ipsec_proto_sa_exp_pkts_soft(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.sa_expiry_pkts_soft = true; + + return test_ipsec_proto_all(&flags); +} + static int test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused) { @@ -14135,6 +14148,10 @@ static struct unit_test_suite ipsec_proto_testsuite = { "UDP encapsulation", ut_setup_security, ut_teardown, test_ipsec_proto_udp_encap), + TEST_CASE_NAMED_ST( + "SA expiry packets soft", + ut_setup_security, ut_teardown, + test_ipsec_proto_sa_exp_pkts_soft), TEST_CASE_NAMED_ST( "Negative test: ICV corruption", ut_setup_security, ut_teardown, diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c index f371b157b1..56a44b5039 100644 --- a/app/test/test_cryptodev_security_ipsec.c +++ b/app/test/test_cryptodev_security_ipsec.c @@ -173,6 +173,10 @@ test_ipsec_td_prepare(const struct crypto_param *param1, if (flags->iv_gen) td->ipsec_xform.options.iv_gen_disable = 0; + + if (flags->sa_expiry_pkts_soft) + td->ipsec_xform.life.packets_soft_limit = + IPSEC_TEST_PACKETS_MAX - 1; } RTE_SET_USED(param2); @@ -395,7 +399,8 @@ test_ipsec_post_process(struct rte_mbuf *m, const struct ipsec_test_data *td, int test_ipsec_status_check(struct rte_crypto_op *op, const struct ipsec_test_flags *flags, - enum rte_security_ipsec_sa_direction dir) + enum rte_security_ipsec_sa_direction dir, + int pkt_num) { int ret = TEST_SUCCESS; @@ -406,7 +411,16 @@ test_ipsec_status_check(struct rte_crypto_op *op, } } else { if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { - printf("Security op processing failed\n"); + printf("Security op processing failed [pkt_num: %d]\n", + pkt_num); + ret = TEST_FAILED; + } + } + + if (flags->sa_expiry_pkts_soft && pkt_num == IPSEC_TEST_PACKETS_MAX) { + if (!(op->aux_flags & + RTE_CRYPTO_OP_AUX_FLAGS_IPSEC_SOFT_EXPIRY)) { + printf("SA soft expiry (pkts) test failed\n"); ret = TEST_FAILED; } } diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index e1645f4670..eed3476578 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -49,6 +49,7 @@ struct ipsec_test_data { struct ipsec_test_flags { bool display_alg; + bool sa_expiry_pkts_soft; bool icv_corrupt; bool iv_gen; bool udp_encap; @@ -114,6 +115,7 @@ int test_ipsec_post_process(struct rte_mbuf *m, int test_ipsec_status_check(struct rte_crypto_op *op, const struct ipsec_test_flags *flags, - enum rte_security_ipsec_sa_direction dir); + enum rte_security_ipsec_sa_direction dir, + int pkt_num); #endif diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst index 0e928188b1..ae62df84c2 100644 --- a/doc/guides/rel_notes/release_21_11.rst +++ b/doc/guides/rel_notes/release_21_11.rst @@ -102,6 +102,7 @@ New Features * Added tests to verify error reporting with ICV corruption. * Added tests to verify IV generation. * Added tests to verify UDP encapsulation. + * Added tests to validate packets soft expiry. Removed Items