Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/138318/?format=api
{ "id": 138318, "url": "http://patches.dpdk.org/api/patches/138318/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20240313105901.1959675-12-asasidharan@marvell.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20240313105901.1959675-12-asasidharan@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20240313105901.1959675-12-asasidharan@marvell.com", "date": "2024-03-13T10:58:51", "name": "[v5,11/21] test/security: add DTLS 1.2 anti-replay tests", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": true, "hash": "85aa520df7a1c06b5e261b22cce5e990a9322cd8", "submitter": { "id": 2800, "url": "http://patches.dpdk.org/api/people/2800/?format=api", "name": "Aakash Sasidharan", "email": "asasidharan@marvell.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20240313105901.1959675-12-asasidharan@marvell.com/mbox/", "series": [ { "id": 31494, "url": "http://patches.dpdk.org/api/series/31494/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=31494", "date": "2024-03-13T10:58:40", "name": "Improvements and new test cases", "version": 5, "mbox": "http://patches.dpdk.org/series/31494/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/138318/comments/", "check": "success", "checks": "http://patches.dpdk.org/api/patches/138318/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 0941B43C9F;\n\tWed, 13 Mar 2024 12:00:28 +0100 (CET)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id AB4DB42E12;\n\tWed, 13 Mar 2024 11:59:40 +0100 (CET)", "from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com\n [67.231.156.173])\n by mails.dpdk.org (Postfix) with ESMTP id C695442E1A\n for <dev@dpdk.org>; Wed, 13 Mar 2024 11:59:38 +0100 (CET)", "from pps.filterd (m0045851.ppops.net [127.0.0.1])\n by mx0b-0016f401.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id\n 42D85U74026170; Wed, 13 Mar 2024 03:59:38 -0700", "from dc5-exch05.marvell.com ([199.233.59.128])\n by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3wswdd1eu1-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);\n Wed, 13 Mar 2024 03:59:37 -0700 (PDT)", "from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH05.marvell.com\n (10.69.176.209) with Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.1258.12; Wed, 13 Mar\n 2024 03:59:36 -0700", "from DC5-EXCH05.marvell.com (10.69.176.209) by\n DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id\n 15.0.1497.48; Wed, 13 Mar 2024 03:59:36 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH05.marvell.com\n (10.69.176.209) with Microsoft SMTP Server id 15.2.1258.12 via Frontend\n Transport; Wed, 13 Mar 2024 03:59:36 -0700", "from localhost.localdomain (unknown [10.28.36.177])\n by maili.marvell.com (Postfix) with ESMTP id 434D93F7080;\n Wed, 13 Mar 2024 03:59:34 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=\n from:to:cc:subject:date:message-id:in-reply-to:references\n :mime-version:content-transfer-encoding:content-type; s=\n pfpt0220; bh=LQSu9yGo0FB9R1bZT7Lchw431euaPM6oFZSbc751Z+0=; b=fot\n UIggdarXhf1C+NdixZWG2tjxcjnzU58HmypU76zj1pGGPq25jMXXn7A4CmIPH7yU\n BNHVLd+pZgM/jRLvdJr9Cafgdnj2p9cwv+nI9V1DrN43Va/hO/SQZgwDfOmUio97\n Xjlm9aSGAo3DQcT3KTSMHiw7zvChnd08RgpTuRhM6lcjINjg/1GJBKBAms4dNRCe\n o6+grwAkmAwIlKkyqnR7USQbbiJAExTT12wNtFJUx1q5dCVm2L0fSA/jrXsbGKO2\n SuLpNnSqkd4n9nxptUXZG3v+d8ucyVMsktQi2JW8nsPQKtcagGHMCQws0Ckbtqql\n YfarqYfDSilwUloJAQQ==", "From": "Aakash Sasidharan <asasidharan@marvell.com>", "To": "Akhil Goyal <gakhil@marvell.com>, Fan Zhang <fanzhang.oss@gmail.com>", "CC": "<jerinj@marvell.com>, <anoobj@marvell.com>, <vvelumuri@marvell.com>,\n <asasidharan@marvell.com>, <dev@dpdk.org>", "Subject": "[PATCH v5 11/21] test/security: add DTLS 1.2 anti-replay tests", "Date": "Wed, 13 Mar 2024 16:28:51 +0530", "Message-ID": "<20240313105901.1959675-12-asasidharan@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20240313105901.1959675-1-asasidharan@marvell.com>", "References": "<20240313055030.1685039-1-asasidharan@marvell.com>\n <20240313105901.1959675-1-asasidharan@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-ORIG-GUID": "lz_J2XjVNEcZNCe6bWGgossEckUYuKPp", "X-Proofpoint-GUID": "lz_J2XjVNEcZNCe6bWGgossEckUYuKPp", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26\n definitions=2024-03-13_07,2024-03-12_01,2023-05-22_02", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "Add anti-replay test for DTLS 1.2.\n\nSigned-off-by: Aakash Sasidharan <asasidharan@marvell.com>\n---\n app/test/test_cryptodev.c | 115 ++++++++++++++-\n app/test/test_cryptodev_security_tls_record.c | 132 ++++++++++--------\n app/test/test_cryptodev_security_tls_record.h | 11 +-\n 3 files changed, 188 insertions(+), 70 deletions(-)", "diff": "diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c\nindex 95f2377d4d..904bad39d3 100644\n--- a/app/test/test_cryptodev.c\n+++ b/app/test/test_cryptodev.c\n@@ -11827,6 +11827,10 @@ test_tls_record_proto_process(const struct tls_record_test_data td[],\n \t\t.protocol = RTE_SECURITY_PROTOCOL_TLS_RECORD,\n \t};\n \n+\tif ((tls_record_xform.ver == RTE_SECURITY_VERSION_DTLS_1_2) &&\n+\t (sess_type == RTE_SECURITY_TLS_SESS_TYPE_READ))\n+\t\tsess_conf.tls_record.dtls_1_2.ar_win_sz = flags->ar_win_size;\n+\n \tif (td[0].aead)\n \t\ttest_tls_record_imp_nonce_update(&td[0], &tls_record_xform);\n \n@@ -11851,6 +11855,17 @@ test_tls_record_proto_process(const struct tls_record_test_data td[],\n \t\treturn TEST_SKIPPED;\n \n \tfor (i = 0; i < nb_td; i++) {\n+\t\tif (flags->ar_win_size &&\n+\t\t\t(sess_type == RTE_SECURITY_TLS_SESS_TYPE_WRITE)) {\n+\t\t\tsess_conf.tls_record.dtls_1_2.seq_no =\n+\t\t\t\ttd[i].tls_record_xform.dtls_1_2.seq_no;\n+\t\t\tret = rte_security_session_update(ctx, ut_params->sec_session, &sess_conf);\n+\t\t\tif (ret) {\n+\t\t\t\tprintf(\"Could not update sequence number in session\\n\");\n+\t\t\t\treturn TEST_SKIPPED;\n+\t\t\t}\n+\t\t}\n+\n \t\t/* Setup source mbuf payload */\n \t\tut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, td[i].input_text.len,\n \t\t\t\tnb_segs, 0);\n@@ -11890,17 +11905,19 @@ test_tls_record_proto_process(const struct tls_record_test_data td[],\n \t\t/* Process crypto operation */\n \t\tprocess_crypto_request(dev_id, ut_params->op);\n \n-\t\tret = test_tls_record_status_check(ut_params->op);\n+\t\tret = test_tls_record_status_check(ut_params->op, &td[i]);\n \t\tif (ret != TEST_SUCCESS)\n \t\t\tgoto crypto_op_free;\n \n \t\tif (res_d != NULL)\n \t\t\tres_d_tmp = &res_d[i];\n \n-\t\tret = test_tls_record_post_process(ut_params->ibuf, &td[i], res_d_tmp, silent);\n-\t\tif (ret != TEST_SUCCESS)\n-\t\t\tgoto crypto_op_free;\n-\n+\t\tif (ut_params->op->status == RTE_CRYPTO_OP_STATUS_SUCCESS) {\n+\t\t\tret = test_tls_record_post_process(ut_params->ibuf, &td[i], res_d_tmp,\n+\t\t\t\t\t\t\t silent);\n+\t\t\tif (ret != TEST_SUCCESS)\n+\t\t\t\tgoto crypto_op_free;\n+\t\t}\n \n \t\trte_crypto_op_free(ut_params->op);\n \t\tut_params->op = NULL;\n@@ -12190,6 +12207,90 @@ test_dtls_1_2_record_proto_display_list(void)\n \treturn test_tls_record_proto_all(&flags);\n }\n \n+static int\n+test_dtls_pkt_replay(const uint64_t seq_no[],\n+\t\t bool replayed_pkt[], uint32_t nb_pkts,\n+\t\t struct tls_record_test_flags *flags)\n+{\n+\tstruct tls_record_test_data td_outb[TEST_SEC_PKTS_MAX];\n+\tstruct tls_record_test_data td_inb[TEST_SEC_PKTS_MAX];\n+\tunsigned int i, idx, pass_cnt = 0;\n+\tint ret;\n+\n+\tfor (i = 0; i < RTE_DIM(sec_alg_list); i++) {\n+\t\ttest_tls_record_td_prepare(sec_alg_list[i].param1, sec_alg_list[i].param2, flags,\n+\t\t\t\t\t td_outb, nb_pkts, 0);\n+\n+\t\tfor (idx = 0; idx < nb_pkts; idx++)\n+\t\t\ttd_outb[idx].tls_record_xform.dtls_1_2.seq_no = seq_no[idx];\n+\n+\t\tret = test_tls_record_proto_process(td_outb, td_inb, nb_pkts, true, flags);\n+\t\tif (ret == TEST_SKIPPED)\n+\t\t\tcontinue;\n+\n+\t\tif (ret == TEST_FAILED)\n+\t\t\treturn TEST_FAILED;\n+\n+\t\ttest_tls_record_td_update(td_inb, td_outb, nb_pkts, flags);\n+\n+\t\tfor (idx = 0; idx < nb_pkts; idx++) {\n+\t\t\ttd_inb[idx].tls_record_xform.dtls_1_2.ar_win_sz = flags->ar_win_size;\n+\t\t\t/* Set antireplay flag for packets to be dropped */\n+\t\t\ttd_inb[idx].ar_packet = replayed_pkt[idx];\n+\t\t}\n+\n+\t\tret = test_tls_record_proto_process(td_inb, NULL, nb_pkts, true, flags);\n+\t\tif (ret == TEST_SKIPPED)\n+\t\t\tcontinue;\n+\n+\t\tif (ret == TEST_FAILED)\n+\t\t\treturn TEST_FAILED;\n+\n+\t\tif (flags->display_alg)\n+\t\t\ttest_sec_alg_display(sec_alg_list[i].param1, sec_alg_list[i].param2);\n+\n+\t\tpass_cnt++;\n+\t}\n+\n+\tif (pass_cnt > 0)\n+\t\treturn TEST_SUCCESS;\n+\telse\n+\t\treturn TEST_SKIPPED;\n+}\n+\n+static int\n+test_dtls_1_2_record_proto_antireplay(void)\n+{\n+\tstruct tls_record_test_flags flags;\n+\tuint64_t winsz = 64, seq_no[5];\n+\tuint32_t nb_pkts = 5;\n+\tbool replayed_pkt[5];\n+\n+\tmemset(&flags, 0, sizeof(flags));\n+\n+\tflags.tls_version = RTE_SECURITY_VERSION_DTLS_1_2;\n+\tflags.ar_win_size = winsz;\n+\n+\t/* 1. Advance the TOP of the window to WS * 2 */\n+\tseq_no[0] = winsz * 2;\n+\t/* 2. Test sequence number within the new window(WS + 1) */\n+\tseq_no[1] = winsz + 1;\n+\t/* 3. Test sequence number less than the window BOTTOM */\n+\tseq_no[2] = winsz;\n+\t/* 4. Test sequence number in the middle of the window */\n+\tseq_no[3] = winsz + (winsz / 2);\n+\t/* 5. Test replay of the packet in the middle of the window */\n+\tseq_no[4] = winsz + (winsz / 2);\n+\n+\treplayed_pkt[0] = false;\n+\treplayed_pkt[1] = false;\n+\treplayed_pkt[2] = true;\n+\treplayed_pkt[3] = false;\n+\treplayed_pkt[4] = true;\n+\n+\treturn test_dtls_pkt_replay(seq_no, replayed_pkt, nb_pkts, &flags);\n+}\n+\n static int\n test_dtls_1_2_record_proto_sgl(void)\n {\n@@ -17505,6 +17606,10 @@ static struct unit_test_suite dtls12_record_proto_testsuite = {\n \t\t\t\"Zero len DTLS record with content type as ctrl\",\n \t\t\tut_setup_security, ut_teardown,\n \t\t\ttest_dtls_1_2_record_proto_zero_len_non_app),\n+\t\tTEST_CASE_NAMED_ST(\n+\t\t\t\"Antireplay with window size 64\",\n+\t\t\tut_setup_security, ut_teardown,\n+\t\t\ttest_dtls_1_2_record_proto_antireplay),\n \t\tTEST_CASES_END() /**< NULL terminate unit test array */\n \t}\n };\ndiff --git a/app/test/test_cryptodev_security_tls_record.c b/app/test/test_cryptodev_security_tls_record.c\nindex c5410a4c92..907e043ddd 100644\n--- a/app/test/test_cryptodev_security_tls_record.c\n+++ b/app/test/test_cryptodev_security_tls_record.c\n@@ -12,10 +12,21 @@\n #include \"test_security_proto.h\"\n \n int\n-test_tls_record_status_check(struct rte_crypto_op *op)\n+test_tls_record_status_check(struct rte_crypto_op *op,\n+\t\t\t const struct tls_record_test_data *td)\n {\n \tint ret = TEST_SUCCESS;\n \n+\tif ((td->tls_record_xform.type == RTE_SECURITY_TLS_SESS_TYPE_READ) &&\n+\t td->ar_packet) {\n+\t\tif (op->status != RTE_CRYPTO_OP_STATUS_ERROR) {\n+\t\t\tprintf(\"Anti replay test case failed\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t} else {\n+\t\t\treturn TEST_SUCCESS;\n+\t\t}\n+\t}\n+\n \tif (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS)\n \t\tret = TEST_FAILED;\n \n@@ -101,81 +112,80 @@ test_tls_record_td_prepare(const struct crypto_param *param1, const struct crypt\n \t\t\ttd->xform.chain.auth.auth.key.length = param2->key_length;\n \t\t\ttd->xform.chain.auth.auth.digest_length = param2->digest_length;\n \t\t}\n-\t}\n-\n-\tif (flags->data_walkthrough || flags->zero_len) {\n-\t\ttest_sec_proto_pattern_set(td->input_text.data, data_len);\n-\t\ttd->input_text.len = data_len;\n-\t}\n-\n-\tif (flags->content_type == TLS_RECORD_TEST_CONTENT_TYPE_CUSTOM)\n-\t\ttd->app_type = RTE_TLS_TYPE_MAX;\n-\telse if (flags->content_type == TLS_RECORD_TEST_CONTENT_TYPE_HANDSHAKE)\n-\t\ttd->app_type = RTE_TLS_TYPE_HANDSHAKE;\n \n-\ttls_pkt_size = td->input_text.len;\n+\t\tif (flags->data_walkthrough || flags->zero_len) {\n+\t\t\ttest_sec_proto_pattern_set(td->input_text.data, data_len);\n+\t\t\ttd->input_text.len = data_len;\n+\t\t}\n \n-\tif (!td->aead) {\n-\t\tmac_len = td->xform.chain.auth.auth.digest_length;\n-\t\tswitch (td->xform.chain.cipher.cipher.algo) {\n-\t\tcase RTE_CRYPTO_CIPHER_3DES_CBC:\n-\t\t\troundup_len = 8;\n+\t\tif (flags->content_type == TLS_RECORD_TEST_CONTENT_TYPE_CUSTOM)\n+\t\t\ttd->app_type = RTE_TLS_TYPE_MAX;\n+\t\telse if (flags->content_type == TLS_RECORD_TEST_CONTENT_TYPE_HANDSHAKE)\n+\t\t\ttd->app_type = RTE_TLS_TYPE_HANDSHAKE;\n+\n+\t\ttls_pkt_size = td->input_text.len;\n+\n+\t\tif (!td->aead) {\n+\t\t\tmac_len = td->xform.chain.auth.auth.digest_length;\n+\t\t\tswitch (td->xform.chain.cipher.cipher.algo) {\n+\t\t\tcase RTE_CRYPTO_CIPHER_3DES_CBC:\n+\t\t\t\troundup_len = 8;\n+\t\t\t\texp_nonce_len = 8;\n+\t\t\t\tbreak;\n+\t\t\tcase RTE_CRYPTO_CIPHER_AES_CBC:\n+\t\t\t\troundup_len = 16;\n+\t\t\t\texp_nonce_len = 16;\n+\t\t\t\tbreak;\n+\t\t\tdefault:\n+\t\t\t\troundup_len = 0;\n+\t\t\t\texp_nonce_len = 0;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t\t} else {\n+\t\t\tmac_len = td->xform.aead.aead.digest_length;\n+\t\t\troundup_len = 0;\n \t\t\texp_nonce_len = 8;\n+\t\t}\n+\n+\t\tswitch (td->tls_record_xform.ver) {\n+\t\tcase RTE_SECURITY_VERSION_TLS_1_2:\n+\t\tcase RTE_SECURITY_VERSION_TLS_1_3:\n+\t\t\thdr_len = sizeof(struct rte_tls_hdr);\n+\t\t\tif (td->aead)\n+\t\t\t\tmin_padding = 0;\n+\t\t\telse\n+\t\t\t\tmin_padding = 1;\n \t\t\tbreak;\n-\t\tcase RTE_CRYPTO_CIPHER_AES_CBC:\n-\t\t\troundup_len = 16;\n-\t\t\texp_nonce_len = 16;\n+\t\tcase RTE_SECURITY_VERSION_DTLS_1_2:\n+\t\t\thdr_len = sizeof(struct rte_dtls_hdr);\n+\t\t\tif (td->aead)\n+\t\t\t\tmin_padding = 0;\n+\t\t\telse\n+\t\t\t\tmin_padding = 1;\n \t\t\tbreak;\n \t\tdefault:\n-\t\t\troundup_len = 0;\n-\t\t\texp_nonce_len = 0;\n+\t\t\thdr_len = 0;\n+\t\t\tmin_padding = 0;\n \t\t\tbreak;\n \t\t}\n-\t} else {\n-\t\tmac_len = td->xform.aead.aead.digest_length;\n-\t\troundup_len = 0;\n-\t\texp_nonce_len = 8;\n-\t}\n-\n-\tswitch (td->tls_record_xform.ver) {\n-\tcase RTE_SECURITY_VERSION_TLS_1_2:\n-\tcase RTE_SECURITY_VERSION_TLS_1_3:\n-\t\thdr_len = sizeof(struct rte_tls_hdr);\n-\t\tif (td->aead)\n-\t\t\tmin_padding = 0;\n-\t\telse\n-\t\t\tmin_padding = 1;\n-\t\tbreak;\n-\tcase RTE_SECURITY_VERSION_DTLS_1_2:\n-\t\thdr_len = sizeof(struct rte_dtls_hdr);\n-\t\tif (td->aead)\n-\t\t\tmin_padding = 0;\n-\t\telse\n-\t\t\tmin_padding = 1;\n-\t\tbreak;\n-\tdefault:\n-\t\thdr_len = 0;\n-\t\tmin_padding = 0;\n-\t\tbreak;\n-\t}\n \n-\ttls_pkt_size += mac_len;\n+\t\ttls_pkt_size += mac_len;\n \n-\t/* Padding */\n-\ttls_pkt_size += min_padding;\n+\t\t/* Padding */\n+\t\ttls_pkt_size += min_padding;\n \n-\tif (roundup_len)\n-\t\ttls_pkt_size = RTE_ALIGN_MUL_CEIL(tls_pkt_size, roundup_len);\n+\t\tif (roundup_len)\n+\t\t\ttls_pkt_size = RTE_ALIGN_MUL_CEIL(tls_pkt_size, roundup_len);\n \n-\t/* Explicit nonce */\n-\ttls_pkt_size += exp_nonce_len;\n+\t\t/* Explicit nonce */\n+\t\ttls_pkt_size += exp_nonce_len;\n \n-\t/* Add TLS header */\n-\ttls_pkt_size += hdr_len;\n+\t\t/* Add TLS header */\n+\t\ttls_pkt_size += hdr_len;\n \n-\ttd->output_text.len = tls_pkt_size;\n+\t\ttd->output_text.len = tls_pkt_size;\n \n-\tRTE_SET_USED(flags);\n+\t}\n }\n \n void\ndiff --git a/app/test/test_cryptodev_security_tls_record.h b/app/test/test_cryptodev_security_tls_record.h\nindex 68e243b842..efb16aed7d 100644\n--- a/app/test/test_cryptodev_security_tls_record.h\n+++ b/app/test/test_cryptodev_security_tls_record.h\n@@ -89,16 +89,18 @@ struct tls_record_test_data {\n \tstruct rte_security_tls_record_xform tls_record_xform;\n \tuint8_t app_type;\n \tbool aead;\n+\tbool ar_packet;\n };\n \n struct tls_record_test_flags {\n \tbool display_alg;\n-\tuint8_t nb_segs_in_mbuf;\n \tbool data_walkthrough;\n-\tenum rte_security_tls_version tls_version;\n \tbool pkt_corruption;\n-\tenum tls_record_test_content_type content_type;\n \tbool zero_len;\n+\tuint8_t nb_segs_in_mbuf;\n+\tenum rte_security_tls_version tls_version;\n+\tenum tls_record_test_content_type content_type;\n+\tint ar_win_size;\n };\n \n extern struct tls_record_test_data tls_test_data_aes_128_gcm_v1;\n@@ -123,7 +125,8 @@ extern struct tls_record_test_data dtls_test_data_aes_256_cbc_sha384_hmac;\n extern struct tls_record_test_data dtls_test_data_3des_cbc_sha1_hmac;\n extern struct tls_record_test_data dtls_test_data_null_cipher_sha1_hmac;\n \n-int test_tls_record_status_check(struct rte_crypto_op *op);\n+int test_tls_record_status_check(struct rte_crypto_op *op,\n+\t\t\t\t const struct tls_record_test_data *td);\n \n int test_tls_record_sec_caps_verify(struct rte_security_tls_record_xform *tls_record_xform,\n \t\t\t\t const struct rte_security_capability *sec_cap, bool silent);\n", "prefixes": [ "v5", "11/21" ] }