Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/132177/?format=api
{ "id": 132177, "url": "http://patches.dpdk.org/api/patches/132177/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20230929071636.796-2-anoobj@marvell.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20230929071636.796-2-anoobj@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20230929071636.796-2-anoobj@marvell.com", "date": "2023-09-29T07:16:35", "name": "[v2,2/2] test/cryptodev: add Rx inject test", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "179208b7d0d8eac0b364a6ef01a2fa7d3cc3dfdf", "submitter": { "id": 1205, "url": "http://patches.dpdk.org/api/people/1205/?format=api", "name": "Anoob Joseph", "email": "anoobj@marvell.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20230929071636.796-2-anoobj@marvell.com/mbox/", "series": [ { "id": 29690, "url": "http://patches.dpdk.org/api/series/29690/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=29690", "date": "2023-09-29T07:16:34", "name": "[v2,1/2] security: add fallback security processing and Rx inject", "version": 2, "mbox": "http://patches.dpdk.org/series/29690/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/132177/comments/", "check": "fail", "checks": "http://patches.dpdk.org/api/patches/132177/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 398984266D;\n\tFri, 29 Sep 2023 09:16:52 +0200 (CEST)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 4CA43402BE;\n\tFri, 29 Sep 2023 09:16:49 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com\n [67.231.148.174])\n by mails.dpdk.org (Postfix) with ESMTP id 85657402B1\n for <dev@dpdk.org>; Fri, 29 Sep 2023 09:16:47 +0200 (CEST)", "from pps.filterd (m0045849.ppops.net [127.0.0.1])\n by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id\n 38T273bG031717; Fri, 29 Sep 2023 00:16:46 -0700", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3td7y6v6h8-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Fri, 29 Sep 2023 00:16:46 -0700", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48;\n Fri, 29 Sep 2023 00:16:44 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend\n Transport; Fri, 29 Sep 2023 00:16:44 -0700", "from BG-LT92004.corp.innovium.com (unknown [10.28.163.189])\n by maili.marvell.com (Postfix) with ESMTP id 07D025B6945;\n Fri, 29 Sep 2023 00:16:40 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=UDfJ76SlKJh5394R5cbYc19jLkuPx2mi9rMiqmuIb7o=;\n b=DA9fB5MXKWRvsP6JzA2ZJK25Lk8Im7pVXZjyQ1jqJfBBfh7lf6VJB3hMNEgL881OMpV3\n 8JWQJ8ZjdmJrgnXssTbHH7GR2f+8BO9jh05Q6msOA16L7dXZD4oorioOhc3/JML7FfFl\n I41GvhxrrNW1xzfeFI4itoaJt5UmhywqSmjGNkLCyS4PYLlBfi8JH8EAbL0iml1vBAiR\n XUHomt3KBLcaJB4Af9kRpQRvOBNOEdPpc7KMMOCJBfR0lR5rbtRZS7PSmksRwTum2EmX\n xPg8zZu0G+Ke/R/5lE77nBbw/fS0lni7H19ep4lLUxj6LeQCCuyeTMqh4DrtrSB+gD3A Ew==", "From": "Anoob Joseph <anoobj@marvell.com>", "To": "Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>,\n Konstantin Ananyev <konstantin.v.ananyev@yandex.ru>", "CC": "Vidya Sagar Velumuri <vvelumuri@marvell.com>, Hemant Agrawal\n <hemant.agrawal@nxp.com>, <dev@dpdk.org>,\n <david.coyle@intel.com>, <kai.ji@intel.com>,\n <kevin.osullivan@intel.com>, Ciara Power <ciara.power@intel.com>", "Subject": "[PATCH v2 2/2] test/cryptodev: add Rx inject test", "Date": "Fri, 29 Sep 2023 12:46:35 +0530", "Message-ID": "<20230929071636.796-2-anoobj@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20230929071636.796-1-anoobj@marvell.com>", "References": "<20230811114510.576-1-anoobj@marvell.com>\n <20230929071636.796-1-anoobj@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-ORIG-GUID": "o4ZkL3hBgUCFNEDRnhwsDlOnxH4IDcqR", "X-Proofpoint-GUID": "o4ZkL3hBgUCFNEDRnhwsDlOnxH4IDcqR", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26\n definitions=2023-09-29_05,2023-09-28_03,2023-05-22_02", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "From: Vidya Sagar Velumuri <vvelumuri@marvell.com>\n\nAdd test to verify Rx inject. The test case added would push a known\nvector to cryptodev which would be injected to ethdev Rx. The test\ncase verifies that the packet is received from ethdev Rx and is\nprocessed successfully. It also verifies that the userdata matches with\nthe expectation.\n\nSigned-off-by: Anoob Joseph <anoobj@marvell.com>\nSigned-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>\n---\n app/test/test_cryptodev.c | 341 +++++++++++++++++++----\n app/test/test_cryptodev_security_ipsec.h | 1 +\n 2 files changed, 289 insertions(+), 53 deletions(-)", "diff": "diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c\nindex f2112e181e..420f60553d 100644\n--- a/app/test/test_cryptodev.c\n+++ b/app/test/test_cryptodev.c\n@@ -17,6 +17,7 @@\n \n #include <rte_crypto.h>\n #include <rte_cryptodev.h>\n+#include <rte_ethdev.h>\n #include <rte_ip.h>\n #include <rte_string_fns.h>\n #include <rte_tcp.h>\n@@ -1426,6 +1427,93 @@ ut_setup_security(void)\n \treturn dev_configure_and_start(0);\n }\n \n+static int\n+ut_setup_security_rx_inject(void)\n+{\n+\tstruct rte_mempool *mbuf_pool = rte_mempool_lookup(\"CRYPTO_MBUFPOOL\");\n+\tstruct crypto_testsuite_params *ts_params = &testsuite_params;\n+\tstruct rte_eth_conf port_conf = {\n+\t\t.rxmode = {\n+\t\t\t.offloads = RTE_ETH_RX_OFFLOAD_CHECKSUM |\n+\t\t\t\t RTE_ETH_RX_OFFLOAD_SECURITY,\n+\t\t},\n+\t\t.txmode = {\n+\t\t\t.offloads = RTE_ETH_TX_OFFLOAD_MBUF_FAST_FREE,\n+\t\t},\n+\t\t.lpbk_mode = 1, /* Enable loopback */\n+\t};\n+\tstruct rte_cryptodev_info dev_info;\n+\tstruct rte_eth_rxconf rx_conf = {\n+\t\t.rx_thresh = {\n+\t\t\t.pthresh = 8,\n+\t\t\t.hthresh = 8,\n+\t\t\t.wthresh = 8,\n+\t\t},\n+\t\t.rx_free_thresh = 32,\n+\t};\n+\tuint16_t nb_ports;\n+\tvoid *sec_ctx;\n+\tint ret;\n+\n+\trte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);\n+\tif (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SECURITY_RX_INJECT) ||\n+\t !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SECURITY)) {\n+\t\tRTE_LOG(INFO, USER1, \"Feature requirements for IPsec Rx inject test case not met\\n\"\n+\t\t );\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\tsec_ctx = rte_cryptodev_get_sec_ctx(ts_params->valid_devs[0]);\n+\tif (sec_ctx == NULL)\n+\t\treturn TEST_SKIPPED;\n+\n+\tnb_ports = rte_eth_dev_count_avail();\n+\tif (nb_ports == 0)\n+\t\treturn TEST_SKIPPED;\n+\n+\tret = rte_eth_dev_configure(0 /* port_id */,\n+\t\t\t\t 1 /* nb_rx_queue */,\n+\t\t\t\t 0 /* nb_tx_queue */,\n+\t\t\t\t &port_conf);\n+\tif (ret) {\n+\t\tprintf(\"Could not configure ethdev port 0 [err=%d]\\n\", ret);\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\t/* Rx queue setup */\n+\tret = rte_eth_rx_queue_setup(0 /* port_id */,\n+\t\t\t\t 0 /* rx_queue_id */,\n+\t\t\t\t 1024 /* nb_rx_desc */,\n+\t\t\t\t SOCKET_ID_ANY,\n+\t\t\t\t &rx_conf,\n+\t\t\t\t mbuf_pool);\n+\tif (ret) {\n+\t\tprintf(\"Could not setup eth port 0 queue 0\\n\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\tret = rte_security_rx_inject_configure(sec_ctx, 0, true);\n+\tif (ret) {\n+\t\tprintf(\"Could not enable Rx inject offload\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\tret = rte_eth_dev_start(0);\n+\tif (ret) {\n+\t\tprintf(\"Could not start ethdev\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\tret = rte_eth_promiscuous_enable(0);\n+\tif (ret) {\n+\t\tprintf(\"Could not enable promiscuous mode\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\t/* Configure and start cryptodev with no features disabled */\n+\treturn dev_configure_and_start(0);\n+}\n+\n void\n ut_teardown(void)\n {\n@@ -1478,6 +1566,33 @@ ut_teardown(void)\n \trte_cryptodev_stop(ts_params->valid_devs[0]);\n }\n \n+static void\n+ut_teardown_rx_inject(void)\n+{\n+\tstruct crypto_testsuite_params *ts_params = &testsuite_params;\n+\tvoid *sec_ctx;\n+\tint ret;\n+\n+\tif (rte_eth_dev_count_avail() != 0) {\n+\t\tret = rte_eth_dev_reset(0);\n+\t\tif (ret)\n+\t\t\tprintf(\"Could not reset eth port 0\");\n+\n+\t}\n+\n+\tut_teardown();\n+\n+\tsec_ctx = rte_cryptodev_get_sec_ctx(ts_params->valid_devs[0]);\n+\tif (sec_ctx == NULL)\n+\t\treturn;\n+\n+\tret = rte_security_rx_inject_configure(sec_ctx, 0, false);\n+\tif (ret) {\n+\t\tprintf(\"Could not disable Rx inject offload\");\n+\t\treturn;\n+\t}\n+}\n+\n static int\n test_device_configure_invalid_dev_id(void)\n {\n@@ -9875,6 +9990,137 @@ ext_mbuf_create(struct rte_mempool *mbuf_pool, int pkt_len,\n \treturn NULL;\n }\n \n+static int\n+test_ipsec_proto_crypto_op_enq(struct crypto_testsuite_params *ts_params,\n+\t\t\t struct crypto_unittest_params *ut_params,\n+\t\t\t struct rte_security_ipsec_xform *ipsec_xform,\n+\t\t\t const struct ipsec_test_data *td,\n+\t\t\t const struct ipsec_test_flags *flags,\n+\t\t\t int pkt_num)\n+{\n+\tuint8_t dev_id = ts_params->valid_devs[0];\n+\tenum rte_security_ipsec_sa_direction dir;\n+\tint ret;\n+\n+\tdir = ipsec_xform->direction;\n+\n+\t/* Generate crypto op data structure */\n+\tut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,\n+\t\t\t\tRTE_CRYPTO_OP_TYPE_SYMMETRIC);\n+\tif (!ut_params->op) {\n+\t\tprintf(\"Could not allocate crypto op\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Attach session to operation */\n+\trte_security_attach_session(ut_params->op, ut_params->sec_session);\n+\n+\t/* Set crypto operation mbufs */\n+\tut_params->op->sym->m_src = ut_params->ibuf;\n+\tut_params->op->sym->m_dst = NULL;\n+\n+\t/* Copy IV in crypto operation when IV generation is disabled */\n+\tif (dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&\n+\t ipsec_xform->options.iv_gen_disable == 1) {\n+\t\tuint8_t *iv = rte_crypto_op_ctod_offset(ut_params->op,\n+\t\t\t\t\t\t\tuint8_t *,\n+\t\t\t\t\t\t\tIV_OFFSET);\n+\t\tint len;\n+\n+\t\tif (td->aead)\n+\t\t\tlen = td->xform.aead.aead.iv.length;\n+\t\telse if (td->aes_gmac)\n+\t\t\tlen = td->xform.chain.auth.auth.iv.length;\n+\t\telse\n+\t\t\tlen = td->xform.chain.cipher.cipher.iv.length;\n+\n+\t\tmemcpy(iv, td->iv.data, len);\n+\t}\n+\n+\t/* Process crypto operation */\n+\tprocess_crypto_request(dev_id, ut_params->op);\n+\n+\tret = test_ipsec_status_check(td, ut_params->op, flags, dir, pkt_num);\n+\n+\trte_crypto_op_free(ut_params->op);\n+\tut_params->op = NULL;\n+\n+\treturn ret;\n+}\n+\n+static int\n+test_ipsec_proto_mbuf_enq(struct crypto_testsuite_params *ts_params,\n+\t\t\t struct crypto_unittest_params *ut_params,\n+\t\t\t void *ctx)\n+{\n+\tstruct rte_ether_hdr *hdr;\n+\tstruct rte_mbuf *m;\n+\tuint64_t timeout;\n+\tvoid **sec_sess;\n+\tvoid *userdata;\n+\tint ret;\n+\n+\tRTE_SET_USED(ts_params);\n+\n+\thdr = (void *)rte_pktmbuf_prepend(ut_params->ibuf, sizeof(struct rte_ether_hdr));\n+\thdr->ether_type = rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4);\n+\n+\tut_params->ibuf->l2_len = sizeof(struct rte_ether_hdr);\n+\n+\tsec_sess = &ut_params->sec_session;\n+\tret = rte_security_inb_pkt_rx_inject(ctx, &ut_params->ibuf, sec_sess, 1);\n+\n+\tif (ret != 1)\n+\t\treturn TEST_FAILED;\n+\n+\tut_params->ibuf = NULL;\n+\n+\t/* Add a timeout for 1 s */\n+\ttimeout = rte_get_tsc_cycles() + rte_get_tsc_hz();\n+\n+\tdo {\n+\t\t/* Get packet from port 0, queue 0 */\n+\t\tret = rte_eth_rx_burst(0, 0, &m, 1);\n+\t} while ((ret == 0) && (rte_get_tsc_cycles() > timeout));\n+\n+\tif (ret == 0) {\n+\t\tprintf(\"Could not receive packets from ethdev\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tif (m == NULL) {\n+\t\tprintf(\"Received mbuf is NULL\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tut_params->ibuf = m;\n+\n+\tif (!(m->ol_flags & RTE_MBUF_F_RX_SEC_OFFLOAD)) {\n+\t\tprintf(\"Received packet is not Rx security processed\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tif (m->ol_flags & RTE_MBUF_F_RX_SEC_OFFLOAD_FAILED) {\n+\t\tprintf(\"Received packet has failed Rx security processing\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/*\n+\t * 'ut_params' is set as userdata. Verify that the field is returned\n+\t * correctly.\n+\t */\n+\tuserdata = (void *)*rte_security_dynfield(m);\n+\tif (userdata != ut_params) {\n+\t\tprintf(\"Userdata retrieved not matching expected\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Trim L2 header */\n+\trte_pktmbuf_adj(m, sizeof(struct rte_ether_hdr));\n+\n+\treturn TEST_SUCCESS;\n+}\n+\n static int\n test_ipsec_proto_process(const struct ipsec_test_data td[],\n \t\t\t struct ipsec_test_data res_d[],\n@@ -10064,6 +10310,9 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \t\t}\n \t}\n \n+\tif (dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && flags->rx_inject)\n+\t\tsess_conf.userdata = ut_params;\n+\n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx, &sess_conf,\n \t\t\t\t\tts_params->session_mpool);\n@@ -10086,8 +10335,10 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \n \t\t/* Copy test data before modification */\n \t\tmemcpy(input_text, td[i].input_text.data, td[i].input_text.len);\n-\t\tif (test_ipsec_pkt_update(input_text, flags))\n-\t\t\treturn TEST_FAILED;\n+\t\tif (test_ipsec_pkt_update(input_text, flags)) {\n+\t\t\tret = TEST_FAILED;\n+\t\t\tgoto mbuf_free;\n+\t\t}\n \n \t\t/* Setup source mbuf payload */\n \t\tif (flags->use_ext_mbuf) {\n@@ -10099,50 +10350,18 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \t\t\tpktmbuf_write(ut_params->ibuf, 0, td[i].input_text.len, input_text);\n \t\t}\n \n-\t\t/* Generate crypto op data structure */\n-\t\tut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,\n-\t\t\t\t\tRTE_CRYPTO_OP_TYPE_SYMMETRIC);\n-\t\tif (!ut_params->op) {\n-\t\t\tprintf(\"TestCase %s line %d: %s\\n\",\n-\t\t\t\t__func__, __LINE__,\n-\t\t\t\t\"failed to allocate crypto op\");\n-\t\t\tret = TEST_FAILED;\n-\t\t\tgoto crypto_op_free;\n-\t\t}\n-\n-\t\t/* Attach session to operation */\n-\t\trte_security_attach_session(ut_params->op,\n-\t\t\t\t\t ut_params->sec_session);\n-\n-\t\t/* Set crypto operation mbufs */\n-\t\tut_params->op->sym->m_src = ut_params->ibuf;\n-\t\tut_params->op->sym->m_dst = NULL;\n-\n-\t\t/* Copy IV in crypto operation when IV generation is disabled */\n-\t\tif (dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&\n-\t\t ipsec_xform.options.iv_gen_disable == 1) {\n-\t\t\tuint8_t *iv = rte_crypto_op_ctod_offset(ut_params->op,\n-\t\t\t\t\t\t\t\tuint8_t *,\n-\t\t\t\t\t\t\t\tIV_OFFSET);\n-\t\t\tint len;\n-\n-\t\t\tif (td[i].aead)\n-\t\t\t\tlen = td[i].xform.aead.aead.iv.length;\n-\t\t\telse if (td[i].aes_gmac)\n-\t\t\t\tlen = td[i].xform.chain.auth.auth.iv.length;\n-\t\t\telse\n-\t\t\t\tlen = td[i].xform.chain.cipher.cipher.iv.length;\n-\n-\t\t\tmemcpy(iv, td[i].iv.data, len);\n-\t\t}\n-\n-\t\t/* Process crypto operation */\n-\t\tprocess_crypto_request(dev_id, ut_params->op);\n+\t\tif (dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && flags->rx_inject)\n+\t\t\tret = test_ipsec_proto_mbuf_enq(ts_params, ut_params,\n+\t\t\t\t\t\t\tctx);\n+\t\telse\n+\t\t\tret = test_ipsec_proto_crypto_op_enq(ts_params,\n+\t\t\t\t\t\t\t ut_params,\n+\t\t\t\t\t\t\t &ipsec_xform,\n+\t\t\t\t\t\t\t &td[i], flags,\n+\t\t\t\t\t\t\t i + 1);\n \n-\t\tret = test_ipsec_status_check(&td[i], ut_params->op, flags, dir,\n-\t\t\t\t\t i + 1);\n \t\tif (ret != TEST_SUCCESS)\n-\t\t\tgoto crypto_op_free;\n+\t\t\tgoto mbuf_free;\n \n \t\tif (res_d != NULL)\n \t\t\tres_d_tmp = &res_d[i];\n@@ -10150,24 +10369,18 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \t\tret = test_ipsec_post_process(ut_params->ibuf, &td[i],\n \t\t\t\t\t res_d_tmp, silent, flags);\n \t\tif (ret != TEST_SUCCESS)\n-\t\t\tgoto crypto_op_free;\n+\t\t\tgoto mbuf_free;\n \n \t\tret = test_ipsec_stats_verify(ctx, ut_params->sec_session,\n \t\t\t\t\t flags, dir);\n \t\tif (ret != TEST_SUCCESS)\n-\t\t\tgoto crypto_op_free;\n-\n-\t\trte_crypto_op_free(ut_params->op);\n-\t\tut_params->op = NULL;\n+\t\t\tgoto mbuf_free;\n \n \t\trte_pktmbuf_free(ut_params->ibuf);\n \t\tut_params->ibuf = NULL;\n \t}\n \n-crypto_op_free:\n-\trte_crypto_op_free(ut_params->op);\n-\tut_params->op = NULL;\n-\n+mbuf_free:\n \tif (flags->use_ext_mbuf)\n \t\text_mbuf_memzone_free(nb_segs);\n \n@@ -10256,6 +10469,24 @@ test_ipsec_proto_known_vec_fragmented(const void *test_data)\n \treturn test_ipsec_proto_process(&td_outb, NULL, 1, false, &flags);\n }\n \n+static int\n+test_ipsec_proto_known_vec_inb_rx_inject(const void *test_data)\n+{\n+\tconst struct ipsec_test_data *td = test_data;\n+\tstruct ipsec_test_flags flags;\n+\tstruct ipsec_test_data td_inb;\n+\n+\tmemset(&flags, 0, sizeof(flags));\n+\tflags.rx_inject = true;\n+\n+\tif (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)\n+\t\ttest_ipsec_td_in_from_out(td, &td_inb);\n+\telse\n+\t\tmemcpy(&td_inb, td, sizeof(td_inb));\n+\n+\treturn test_ipsec_proto_process(&td_inb, NULL, 1, false, &flags);\n+}\n+\n static int\n test_ipsec_proto_all(const struct ipsec_test_flags *flags)\n {\n@@ -16319,6 +16550,10 @@ static struct unit_test_suite ipsec_proto_testsuite = {\n \t\t\t\"Multi-segmented external mbuf mode\",\n \t\t\tut_setup_security, ut_teardown,\n \t\t\ttest_ipsec_proto_sgl_ext_mbuf),\n+\t\tTEST_CASE_NAMED_WITH_DATA(\n+\t\t\t\"Inbound known vector (ESP tunnel mode IPv4 AES-GCM 128) Rx inject\",\n+\t\t\tut_setup_security_rx_inject, ut_teardown_rx_inject,\n+\t\t\ttest_ipsec_proto_known_vec_inb_rx_inject, &pkt_aes_128_gcm),\n \t\tTEST_CASES_END() /**< NULL terminate unit test array */\n \t}\n };\ndiff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h\nindex 8587fc4577..d7fc562751 100644\n--- a/app/test/test_cryptodev_security_ipsec.h\n+++ b/app/test/test_cryptodev_security_ipsec.h\n@@ -112,6 +112,7 @@ struct ipsec_test_flags {\n \tuint32_t plaintext_len;\n \tint nb_segs_in_mbuf;\n \tbool inb_oop;\n+\tbool rx_inject;\n };\n \n struct crypto_param {\n", "prefixes": [ "v2", "2/2" ] }