Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 48151,
    "url": "http://patches.dpdk.org/api/patches/48151/?format=api",
    "web_url": "http://patches.dpdk.org/project/dpdk/patch/1542326031-5263-10-git-send-email-konstantin.ananyev@intel.com/",
    "project": {
        "id": 1,
        "url": "http://patches.dpdk.org/api/projects/1/?format=api",
        "name": "DPDK",
        "link_name": "dpdk",
        "list_id": "dev.dpdk.org",
        "list_email": "dev@dpdk.org",
        "web_url": "http://core.dpdk.org",
        "scm_url": "git://dpdk.org/dpdk",
        "webscm_url": "http://git.dpdk.org/dpdk",
        "list_archive_url": "https://inbox.dpdk.org/dev",
        "list_archive_url_format": "https://inbox.dpdk.org/dev/{}",
        "commit_url_format": ""
    },
    "msgid": "<1542326031-5263-10-git-send-email-konstantin.ananyev@intel.com>",
    "list_archive_url": "https://inbox.dpdk.org/dev/1542326031-5263-10-git-send-email-konstantin.ananyev@intel.com",
    "date": "2018-11-15T23:53:51",
    "name": "[9/9] test/ipsec: introduce functional test",
    "commit_ref": null,
    "pull_url": null,
    "state": "superseded",
    "archived": true,
    "hash": "795d7ed717584f2cdf3a1c827392cd2d87b6176e",
    "submitter": {
        "id": 33,
        "url": "http://patches.dpdk.org/api/people/33/?format=api",
        "name": "Ananyev, Konstantin",
        "email": "konstantin.ananyev@intel.com"
    },
    "delegate": {
        "id": 1,
        "url": "http://patches.dpdk.org/api/users/1/?format=api",
        "username": "tmonjalo",
        "first_name": "Thomas",
        "last_name": "Monjalon",
        "email": "thomas@monjalon.net"
    },
    "mbox": "http://patches.dpdk.org/project/dpdk/patch/1542326031-5263-10-git-send-email-konstantin.ananyev@intel.com/mbox/",
    "series": [
        {
            "id": 2459,
            "url": "http://patches.dpdk.org/api/series/2459/?format=api",
            "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=2459",
            "date": "2018-11-15T23:53:51",
            "name": null,
            "version": 1,
            "mbox": "http://patches.dpdk.org/series/2459/mbox/"
        }
    ],
    "comments": "http://patches.dpdk.org/api/patches/48151/comments/",
    "check": "fail",
    "checks": "http://patches.dpdk.org/api/patches/48151/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<dev-bounces@dpdk.org>",
        "X-Original-To": "patchwork@dpdk.org",
        "Delivered-To": "patchwork@dpdk.org",
        "Received": [
            "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 8FDA55B20;\n\tFri, 16 Nov 2018 00:54:21 +0100 (CET)",
            "from mga09.intel.com (mga09.intel.com [134.134.136.24])\n\tby dpdk.org (Postfix) with ESMTP id 9E7F44CAD\n\tfor <dev@dpdk.org>; Fri, 16 Nov 2018 00:54:13 +0100 (CET)",
            "from orsmga007.jf.intel.com ([10.7.209.58])\n\tby orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t15 Nov 2018 15:54:13 -0800",
            "from sivswdev08.ir.intel.com (HELO localhost.localdomain)\n\t([10.237.217.47])\n\tby orsmga007.jf.intel.com with ESMTP; 15 Nov 2018 15:54:11 -0800"
        ],
        "X-Amp-Result": "SKIPPED(no attachment in message)",
        "X-Amp-File-Uploaded": "False",
        "X-ExtLoop1": "1",
        "X-IronPort-AV": "E=Sophos;i=\"5.56,238,1539673200\"; d=\"scan'208\";a=\"89697405\"",
        "From": "Konstantin Ananyev <konstantin.ananyev@intel.com>",
        "To": "dev@dpdk.org",
        "Cc": "Konstantin Ananyev <konstantin.ananyev@intel.com>,\n\tMohammad Abdul Awal <mohammad.abdul.awal@intel.com>,\n\tBernard Iremonger <bernard.iremonger@intel.com>",
        "Date": "Thu, 15 Nov 2018 23:53:51 +0000",
        "Message-Id": "<1542326031-5263-10-git-send-email-konstantin.ananyev@intel.com>",
        "X-Mailer": "git-send-email 1.7.0.7",
        "In-Reply-To": "<1535129598-27301-1-git-send-email-konstantin.ananyev@intel.com>",
        "References": "<1535129598-27301-1-git-send-email-konstantin.ananyev@intel.com>",
        "Subject": "[dpdk-dev] [PATCH 9/9] test/ipsec: introduce functional test",
        "X-BeenThere": "dev@dpdk.org",
        "X-Mailman-Version": "2.1.15",
        "Precedence": "list",
        "List-Id": "DPDK patches and discussions <dev.dpdk.org>",
        "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>",
        "List-Archive": "<http://mails.dpdk.org/archives/dev/>",
        "List-Post": "<mailto:dev@dpdk.org>",
        "List-Help": "<mailto:dev-request@dpdk.org?subject=help>",
        "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>",
        "Errors-To": "dev-bounces@dpdk.org",
        "Sender": "\"dev\" <dev-bounces@dpdk.org>"
    },
    "content": "Create functional test for librte_ipsec.\n\nSigned-off-by: Mohammad Abdul Awal <mohammad.abdul.awal@intel.com>\nSigned-off-by: Bernard Iremonger <bernard.iremonger@intel.com>\nSigned-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>\n---\n test/test/Makefile     |    3 +\n test/test/meson.build  |    3 +\n test/test/test_ipsec.c | 2209 ++++++++++++++++++++++++++++++++++++++++\n 3 files changed, 2215 insertions(+)\n create mode 100644 test/test/test_ipsec.c",
    "diff": "diff --git a/test/test/Makefile b/test/test/Makefile\nindex ab4fec34a..e7c8108f2 100644\n--- a/test/test/Makefile\n+++ b/test/test/Makefile\n@@ -207,6 +207,9 @@ SRCS-$(CONFIG_RTE_LIBRTE_KVARGS) += test_kvargs.c\n \n SRCS-$(CONFIG_RTE_LIBRTE_BPF) += test_bpf.c\n \n+SRCS-$(CONFIG_RTE_LIBRTE_IPSEC) += test_ipsec.c\n+LDLIBS += -lrte_ipsec\n+\n CFLAGS += -DALLOW_EXPERIMENTAL_API\n \n CFLAGS += -O3\ndiff --git a/test/test/meson.build b/test/test/meson.build\nindex 554e9945f..d4f689417 100644\n--- a/test/test/meson.build\n+++ b/test/test/meson.build\n@@ -48,6 +48,7 @@ test_sources = files('commands.c',\n \t'test_hash_perf.c',\n \t'test_hash_readwrite_lf.c',\n \t'test_interrupts.c',\n+\t'test_ipsec.c',\n \t'test_kni.c',\n \t'test_kvargs.c',\n \t'test_link_bonding.c',\n@@ -115,6 +116,7 @@ test_deps = ['acl',\n \t'eventdev',\n \t'flow_classify',\n \t'hash',\n+\t'ipsec',\n \t'lpm',\n \t'member',\n \t'metrics',\n@@ -179,6 +181,7 @@ test_names = [\n \t'hash_readwrite_autotest',\n \t'hash_readwrite_lf_autotest',\n \t'interrupt_autotest',\n+\t'ipsec_autotest',\n \t'kni_autotest',\n \t'kvargs_autotest',\n \t'link_bonding_autotest',\ndiff --git a/test/test/test_ipsec.c b/test/test/test_ipsec.c\nnew file mode 100644\nindex 000000000..95a447174\n--- /dev/null\n+++ b/test/test/test_ipsec.c\n@@ -0,0 +1,2209 @@\n+/* SPDX-License-Identifier: BSD-3-Clause\n+ * Copyright(c) 2018 Intel Corporation\n+ */\n+\n+#include <time.h>\n+\n+#include <netinet/in.h>\n+#include <netinet/ip.h>\n+\n+#include <rte_common.h>\n+#include <rte_hexdump.h>\n+#include <rte_mbuf.h>\n+#include <rte_malloc.h>\n+#include <rte_memcpy.h>\n+#include <rte_pause.h>\n+#include <rte_bus_vdev.h>\n+#include <rte_ip.h>\n+\n+#include <rte_crypto.h>\n+#include <rte_cryptodev.h>\n+#include <rte_cryptodev_pmd.h>\n+#include <rte_lcore.h>\n+#include <rte_ipsec.h>\n+#include <rte_random.h>\n+#include <rte_esp.h>\n+#include <rte_security_driver.h>\n+\n+#include \"test.h\"\n+#include \"test_cryptodev.h\"\n+\n+#define VDEV_ARGS_SIZE\t100\n+#define MAX_NB_SESSIONS\t100\n+#define MAX_NB_SAS\t\t2\n+#define REPLAY_WIN_0\t0\n+#define REPLAY_WIN_32\t32\n+#define REPLAY_WIN_64\t64\n+#define REPLAY_WIN_128\t128\n+#define REPLAY_WIN_256\t256\n+#define DATA_64_BYTES\t64\n+#define DATA_80_BYTES\t80\n+#define DATA_100_BYTES\t100\n+#define ESN_ENABLED\t\t1\n+#define ESN_DISABLED\t0\n+#define INBOUND_SPI\t\t7\n+#define OUTBOUND_SPI\t17\n+#define BURST_SIZE\t\t32\n+#define REORDER_PKTS\t1\n+\n+struct user_params {\n+\tenum rte_crypto_sym_xform_type auth;\n+\tenum rte_crypto_sym_xform_type cipher;\n+\tenum rte_crypto_sym_xform_type aead;\n+\n+\tchar auth_algo[128];\n+\tchar cipher_algo[128];\n+\tchar aead_algo[128];\n+};\n+\n+struct ipsec_testsuite_params {\n+\tstruct rte_mempool *mbuf_pool;\n+\tstruct rte_mempool *cop_mpool;\n+\tstruct rte_mempool *session_mpool;\n+\tstruct rte_cryptodev_config conf;\n+\tstruct rte_cryptodev_qp_conf qp_conf;\n+\n+\tuint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];\n+\tuint8_t valid_dev_count;\n+};\n+\n+struct ipsec_unitest_params {\n+\tstruct rte_crypto_sym_xform cipher_xform;\n+\tstruct rte_crypto_sym_xform auth_xform;\n+\tstruct rte_crypto_sym_xform aead_xform;\n+\tstruct rte_crypto_sym_xform *crypto_xforms;\n+\n+\tstruct rte_security_ipsec_xform ipsec_xform;\n+\n+\tstruct rte_ipsec_sa_prm sa_prm;\n+\tstruct rte_ipsec_session ss[MAX_NB_SAS];\n+\n+\tstruct rte_crypto_op *cop[BURST_SIZE];\n+\n+\tstruct rte_mbuf *obuf[BURST_SIZE], *ibuf[BURST_SIZE],\n+\t\t*testbuf[BURST_SIZE];\n+\n+\tuint8_t *digest;\n+\tuint16_t pkt_index;\n+};\n+\n+struct ipsec_test_cfg {\n+\tuint32_t replay_win_sz;\n+\tuint32_t esn;\n+\tuint64_t flags;\n+\tsize_t pkt_sz;\n+\tuint16_t num_pkts;\n+\tuint32_t reorder_pkts;\n+};\n+\n+static const struct ipsec_test_cfg test_cfg[] = {\n+\n+\t{REPLAY_WIN_0, ESN_DISABLED, 0, DATA_64_BYTES, 1, 0},\n+\t{REPLAY_WIN_0, ESN_DISABLED, 0, DATA_80_BYTES, BURST_SIZE,\n+\t\tREORDER_PKTS},\n+\t{REPLAY_WIN_32, ESN_ENABLED, 0, DATA_100_BYTES, 1, 0},\n+\t{REPLAY_WIN_32, ESN_ENABLED, 0, DATA_100_BYTES, BURST_SIZE,\n+\t\tREORDER_PKTS},\n+\t{REPLAY_WIN_64, ESN_ENABLED, 0, DATA_64_BYTES, 1, 0},\n+\t{REPLAY_WIN_128, ESN_ENABLED, RTE_IPSEC_SAFLAG_SQN_ATOM,\n+\t\tDATA_80_BYTES, 1, 0},\n+\t{REPLAY_WIN_256, ESN_DISABLED, 0, DATA_100_BYTES, 1, 0},\n+};\n+\n+static const int num_cfg = RTE_DIM(test_cfg);\n+static struct ipsec_testsuite_params testsuite_params = { NULL };\n+static struct ipsec_unitest_params unittest_params;\n+static struct user_params uparams;\n+\n+static uint8_t global_key[128] = { 0 };\n+\n+struct supported_cipher_algo {\n+\tconst char *keyword;\n+\tenum rte_crypto_cipher_algorithm algo;\n+\tuint16_t iv_len;\n+\tuint16_t block_size;\n+\tuint16_t key_len;\n+};\n+\n+struct supported_auth_algo {\n+\tconst char *keyword;\n+\tenum rte_crypto_auth_algorithm algo;\n+\tuint16_t digest_len;\n+\tuint16_t key_len;\n+\tuint8_t key_not_req;\n+};\n+\n+const struct supported_cipher_algo cipher_algos[] = {\n+\t{\n+\t\t.keyword = \"null\",\n+\t\t.algo = RTE_CRYPTO_CIPHER_NULL,\n+\t\t.iv_len = 0,\n+\t\t.block_size = 4,\n+\t\t.key_len = 0\n+\t},\n+};\n+\n+const struct supported_auth_algo auth_algos[] = {\n+\t{\n+\t\t.keyword = \"null\",\n+\t\t.algo = RTE_CRYPTO_AUTH_NULL,\n+\t\t.digest_len = 0,\n+\t\t.key_len = 0,\n+\t\t.key_not_req = 1\n+\t},\n+};\n+\n+static int\n+dummy_sec_create(void *device, struct rte_security_session_conf *conf,\n+\tstruct rte_security_session *sess, struct rte_mempool *mp)\n+{\n+\tRTE_SET_USED(device);\n+\tRTE_SET_USED(conf);\n+\tRTE_SET_USED(mp);\n+\n+\tsess->sess_private_data = NULL;\n+\treturn 0;\n+}\n+\n+static int\n+dummy_sec_destroy(void *device, struct rte_security_session *sess)\n+{\n+\tRTE_SET_USED(device);\n+\tRTE_SET_USED(sess);\n+\treturn 0;\n+}\n+\n+static const struct rte_security_ops dummy_sec_ops = {\n+\t.session_create = dummy_sec_create,\n+\t.session_destroy = dummy_sec_destroy,\n+};\n+\n+static struct rte_security_ctx dummy_sec_ctx = {\n+\t.ops = &dummy_sec_ops,\n+};\n+\n+static const struct supported_cipher_algo *\n+find_match_cipher_algo(const char *cipher_keyword)\n+{\n+\tsize_t i;\n+\n+\tfor (i = 0; i < RTE_DIM(cipher_algos); i++) {\n+\t\tconst struct supported_cipher_algo *algo =\n+\t\t\t&cipher_algos[i];\n+\n+\t\tif (strcmp(cipher_keyword, algo->keyword) == 0)\n+\t\t\treturn algo;\n+\t}\n+\n+\treturn NULL;\n+}\n+\n+static const struct supported_auth_algo *\n+find_match_auth_algo(const char *auth_keyword)\n+{\n+\tsize_t i;\n+\n+\tfor (i = 0; i < RTE_DIM(auth_algos); i++) {\n+\t\tconst struct supported_auth_algo *algo =\n+\t\t\t&auth_algos[i];\n+\n+\t\tif (strcmp(auth_keyword, algo->keyword) == 0)\n+\t\t\treturn algo;\n+\t}\n+\n+\treturn NULL;\n+}\n+\n+static int\n+testsuite_setup(void)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct rte_cryptodev_info info;\n+\tuint32_t nb_devs, dev_id;\n+\n+\tmemset(ts_params, 0, sizeof(*ts_params));\n+\n+\tts_params->mbuf_pool = rte_pktmbuf_pool_create(\n+\t\t\t\"CRYPTO_MBUFPOOL\",\n+\t\t\tNUM_MBUFS, MBUF_CACHE_SIZE, 0, MBUF_SIZE,\n+\t\t\trte_socket_id());\n+\tif (ts_params->mbuf_pool == NULL) {\n+\t\tRTE_LOG(ERR, USER1, \"Can't create CRYPTO_MBUFPOOL\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tts_params->cop_mpool = rte_crypto_op_pool_create(\n+\t\t\t\"MBUF_CRYPTO_SYM_OP_POOL\",\n+\t\t\tRTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t\tNUM_MBUFS, MBUF_CACHE_SIZE,\n+\t\t\tDEFAULT_NUM_XFORMS *\n+\t\t\tsizeof(struct rte_crypto_sym_xform) +\n+\t\t\tMAXIMUM_IV_LENGTH,\n+\t\t\trte_socket_id());\n+\tif (ts_params->cop_mpool == NULL) {\n+\t\tRTE_LOG(ERR, USER1, \"Can't create CRYPTO_OP_POOL\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tnb_devs = rte_cryptodev_count();\n+\tif (nb_devs < 1) {\n+\t\tRTE_LOG(ERR, USER1, \"No crypto devices found?\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tts_params->valid_devs[ts_params->valid_dev_count++] = 0;\n+\n+\t/* Set up all the qps on the first of the valid devices found */\n+\tdev_id = ts_params->valid_devs[0];\n+\n+\trte_cryptodev_info_get(dev_id, &info);\n+\n+\tts_params->conf.nb_queue_pairs = info.max_nb_queue_pairs;\n+\tts_params->conf.socket_id = SOCKET_ID_ANY;\n+\n+\tunsigned int session_size =\n+\t\trte_cryptodev_sym_get_private_session_size(dev_id);\n+\n+\t/*\n+\t * Create mempool with maximum number of sessions * 2,\n+\t * to include the session headers\n+\t */\n+\tif (info.sym.max_nb_sessions != 0 &&\n+\t\t\tinfo.sym.max_nb_sessions < MAX_NB_SESSIONS) {\n+\t\tRTE_LOG(ERR, USER1, \"Device does not support \"\n+\t\t\t\t\"at least %u sessions\\n\",\n+\t\t\t\tMAX_NB_SESSIONS);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tts_params->session_mpool = rte_mempool_create(\n+\t\t\t\t\"test_sess_mp\",\n+\t\t\t\tMAX_NB_SESSIONS * 2,\n+\t\t\t\tsession_size,\n+\t\t\t\t0, 0, NULL, NULL, NULL,\n+\t\t\t\tNULL, SOCKET_ID_ANY,\n+\t\t\t\t0);\n+\n+\tTEST_ASSERT_NOT_NULL(ts_params->session_mpool,\n+\t\t\t\"session mempool allocation failed\");\n+\n+\tTEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,\n+\t\t\t&ts_params->conf),\n+\t\t\t\"Failed to configure cryptodev %u with %u qps\",\n+\t\t\tdev_id, ts_params->conf.nb_queue_pairs);\n+\n+\tts_params->qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;\n+\n+\tTEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(\n+\t\tdev_id, 0, &ts_params->qp_conf,\n+\t\trte_cryptodev_socket_id(dev_id),\n+\t\tts_params->session_mpool),\n+\t\t\"Failed to setup queue pair %u on cryptodev %u\",\n+\t\t0, dev_id);\n+\n+\treturn TEST_SUCCESS;\n+}\n+\n+static void\n+testsuite_teardown(void)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\n+\tif (ts_params->mbuf_pool != NULL) {\n+\t\tRTE_LOG(DEBUG, USER1, \"CRYPTO_MBUFPOOL count %u\\n\",\n+\t\trte_mempool_avail_count(ts_params->mbuf_pool));\n+\t\trte_mempool_free(ts_params->mbuf_pool);\n+\t\tts_params->mbuf_pool = NULL;\n+\t}\n+\n+\tif (ts_params->cop_mpool != NULL) {\n+\t\tRTE_LOG(DEBUG, USER1, \"CRYPTO_OP_POOL count %u\\n\",\n+\t\trte_mempool_avail_count(ts_params->cop_mpool));\n+\t\trte_mempool_free(ts_params->cop_mpool);\n+\t\tts_params->cop_mpool = NULL;\n+\t}\n+\n+\t/* Free session mempools */\n+\tif (ts_params->session_mpool != NULL) {\n+\t\trte_mempool_free(ts_params->session_mpool);\n+\t\tts_params->session_mpool = NULL;\n+\t}\n+}\n+\n+static int\n+ut_setup(void)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\t/* Clear unit test parameters before running test */\n+\tmemset(ut_params, 0, sizeof(*ut_params));\n+\n+\t/* Reconfigure device to default parameters */\n+\tts_params->conf.socket_id = SOCKET_ID_ANY;\n+\n+\t/* Start the device */\n+\tTEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]),\n+\t\t\t\"Failed to start cryptodev %u\",\n+\t\t\tts_params->valid_devs[0]);\n+\n+\treturn TEST_SUCCESS;\n+}\n+\n+static void\n+ut_teardown(void)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tint i;\n+\n+\tfor (i = 0; i < BURST_SIZE; i++) {\n+\t\t/* free crypto operation structure */\n+\t\tif (ut_params->cop[i])\n+\t\t\trte_crypto_op_free(ut_params->cop[i]);\n+\n+\t\t/*\n+\t\t * free mbuf - both obuf and ibuf are usually the same,\n+\t\t * so check if they point at the same address is necessary,\n+\t\t * to avoid freeing the mbuf twice.\n+\t\t */\n+\t\tif (ut_params->obuf[i]) {\n+\t\t\trte_pktmbuf_free(ut_params->obuf[i]);\n+\t\t\tif (ut_params->ibuf[i] == ut_params->obuf[i])\n+\t\t\t\tut_params->ibuf[i] = 0;\n+\t\t\tut_params->obuf[i] = 0;\n+\t\t}\n+\t\tif (ut_params->ibuf[i]) {\n+\t\t\trte_pktmbuf_free(ut_params->ibuf[i]);\n+\t\t\tut_params->ibuf[i] = 0;\n+\t\t}\n+\n+\t\tif (ut_params->testbuf[i]) {\n+\t\t\trte_pktmbuf_free(ut_params->testbuf[i]);\n+\t\t\tut_params->testbuf[i] = 0;\n+\t\t}\n+\t}\n+\n+\tif (ts_params->mbuf_pool != NULL)\n+\t\tRTE_LOG(DEBUG, USER1, \"CRYPTO_MBUFPOOL count %u\\n\",\n+\t\t\trte_mempool_avail_count(ts_params->mbuf_pool));\n+\n+\t/* Stop the device */\n+\trte_cryptodev_stop(ts_params->valid_devs[0]);\n+}\n+\n+#define IPSEC_MAX_PAD_SIZE\tUINT8_MAX\n+\n+static const uint8_t esp_pad_bytes[IPSEC_MAX_PAD_SIZE] = {\n+\t1, 2, 3, 4, 5, 6, 7, 8,\n+\t9, 10, 11, 12, 13, 14, 15, 16,\n+\t17, 18, 19, 20, 21, 22, 23, 24,\n+\t25, 26, 27, 28, 29, 30, 31, 32,\n+\t33, 34, 35, 36, 37, 38, 39, 40,\n+\t41, 42, 43, 44, 45, 46, 47, 48,\n+\t49, 50, 51, 52, 53, 54, 55, 56,\n+\t57, 58, 59, 60, 61, 62, 63, 64,\n+\t65, 66, 67, 68, 69, 70, 71, 72,\n+\t73, 74, 75, 76, 77, 78, 79, 80,\n+\t81, 82, 83, 84, 85, 86, 87, 88,\n+\t89, 90, 91, 92, 93, 94, 95, 96,\n+\t97, 98, 99, 100, 101, 102, 103, 104,\n+\t105, 106, 107, 108, 109, 110, 111, 112,\n+\t113, 114, 115, 116, 117, 118, 119, 120,\n+\t121, 122, 123, 124, 125, 126, 127, 128,\n+\t129, 130, 131, 132, 133, 134, 135, 136,\n+\t137, 138, 139, 140, 141, 142, 143, 144,\n+\t145, 146, 147, 148, 149, 150, 151, 152,\n+\t153, 154, 155, 156, 157, 158, 159, 160,\n+\t161, 162, 163, 164, 165, 166, 167, 168,\n+\t169, 170, 171, 172, 173, 174, 175, 176,\n+\t177, 178, 179, 180, 181, 182, 183, 184,\n+\t185, 186, 187, 188, 189, 190, 191, 192,\n+\t193, 194, 195, 196, 197, 198, 199, 200,\n+\t201, 202, 203, 204, 205, 206, 207, 208,\n+\t209, 210, 211, 212, 213, 214, 215, 216,\n+\t217, 218, 219, 220, 221, 222, 223, 224,\n+\t225, 226, 227, 228, 229, 230, 231, 232,\n+\t233, 234, 235, 236, 237, 238, 239, 240,\n+\t241, 242, 243, 244, 245, 246, 247, 248,\n+\t249, 250, 251, 252, 253, 254, 255,\n+};\n+\n+/* ***** data for tests ***** */\n+\n+const char null_plain_data[] =\n+\t\"Network Security People Have A Strange Sense Of Humor unlike Other \"\n+\t\"People who have a normal sense of humour\";\n+\n+const char null_encrypted_data[] =\n+\t\"Network Security People Have A Strange Sense Of Humor unlike Other \"\n+\t\"People who have a normal sense of humour\";\n+\n+struct ipv4_hdr ipv4_outer  = {\n+\t.version_ihl = IPVERSION << 4 |\n+\t\tsizeof(ipv4_outer) / IPV4_IHL_MULTIPLIER,\n+\t.time_to_live = IPDEFTTL,\n+\t.next_proto_id = IPPROTO_ESP,\n+\t.src_addr = IPv4(192, 168, 1, 100),\n+\t.dst_addr = IPv4(192, 168, 2, 100),\n+};\n+\n+static struct rte_mbuf *\n+setup_test_string(struct rte_mempool *mpool,\n+\t\tconst char *string, size_t len, uint8_t blocksize)\n+{\n+\tstruct rte_mbuf *m = rte_pktmbuf_alloc(mpool);\n+\tsize_t t_len = len - (blocksize ? (len % blocksize) : 0);\n+\n+\tif (m) {\n+\t\tmemset(m->buf_addr, 0, m->buf_len);\n+\t\tchar *dst = rte_pktmbuf_append(m, t_len);\n+\n+\t\tif (!dst) {\n+\t\t\trte_pktmbuf_free(m);\n+\t\t\treturn NULL;\n+\t\t}\n+\t\tif (string != NULL)\n+\t\t\trte_memcpy(dst, string, t_len);\n+\t\telse\n+\t\t\tmemset(dst, 0, t_len);\n+\t}\n+\n+\treturn m;\n+}\n+\n+static struct rte_mbuf *\n+setup_test_string_tunneled(struct rte_mempool *mpool, const char *string,\n+\tsize_t len, uint32_t spi, uint32_t seq)\n+{\n+\tstruct rte_mbuf *m = rte_pktmbuf_alloc(mpool);\n+\tuint32_t hdrlen = sizeof(struct ipv4_hdr) + sizeof(struct esp_hdr);\n+\tuint32_t taillen = sizeof(struct esp_tail);\n+\tuint32_t t_len = len + hdrlen + taillen;\n+\tuint32_t padlen;\n+\n+\tstruct esp_hdr esph  = {\n+\t\t.spi = rte_cpu_to_be_32(spi),\n+\t\t.seq = rte_cpu_to_be_32(seq)\n+\t};\n+\n+\tpadlen = RTE_ALIGN(t_len, 4) - t_len;\n+\tt_len += padlen;\n+\n+\tstruct esp_tail espt  = {\n+\t\t.pad_len = padlen,\n+\t\t.next_proto = IPPROTO_IPIP,\n+\t};\n+\n+\tif (m == NULL)\n+\t\treturn NULL;\n+\n+\tmemset(m->buf_addr, 0, m->buf_len);\n+\tchar *dst = rte_pktmbuf_append(m, t_len);\n+\n+\tif (!dst) {\n+\t\trte_pktmbuf_free(m);\n+\t\treturn NULL;\n+\t}\n+\t/* copy outer IP and ESP header */\n+\tipv4_outer.total_length = rte_cpu_to_be_16(t_len);\n+\tipv4_outer.packet_id = rte_cpu_to_be_16(seq);\n+\trte_memcpy(dst, &ipv4_outer, sizeof(ipv4_outer));\n+\tdst += sizeof(ipv4_outer);\n+\tm->l3_len = sizeof(ipv4_outer);\n+\trte_memcpy(dst, &esph, sizeof(esph));\n+\tdst += sizeof(esph);\n+\n+\tif (string != NULL) {\n+\t\t/* copy payload */\n+\t\trte_memcpy(dst, string, len);\n+\t\tdst += len;\n+\t\t/* copy pad bytes */\n+\t\trte_memcpy(dst, esp_pad_bytes, padlen);\n+\t\tdst += padlen;\n+\t\t/* copy ESP tail header */\n+\t\trte_memcpy(dst, &espt, sizeof(espt));\n+\t} else\n+\t\tmemset(dst, 0, t_len);\n+\n+\treturn m;\n+}\n+\n+static int\n+check_cryptodev_capablity(const struct ipsec_unitest_params *ut,\n+\t\tuint8_t devid)\n+{\n+\tstruct rte_cryptodev_sym_capability_idx cap_idx;\n+\tconst struct rte_cryptodev_symmetric_capability *cap;\n+\tint rc = -1;\n+\n+\tcap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tcap_idx.algo.auth = ut->auth_xform.auth.algo;\n+\tcap = rte_cryptodev_sym_capability_get(devid, &cap_idx);\n+\n+\tif (cap != NULL) {\n+\t\trc = rte_cryptodev_sym_capability_check_auth(cap,\n+\t\t\t\tut->auth_xform.auth.key.length,\n+\t\t\t\tut->auth_xform.auth.digest_length, 0);\n+\t\tif (rc == 0) {\n+\t\t\tcap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\t\t\tcap_idx.algo.cipher = ut->cipher_xform.cipher.algo;\n+\t\t\tcap = rte_cryptodev_sym_capability_get(devid, &cap_idx);\n+\t\t\tif (cap != NULL)\n+\t\t\t\trc = rte_cryptodev_sym_capability_check_cipher(\n+\t\t\t\t\tcap,\n+\t\t\t\t\tut->cipher_xform.cipher.key.length,\n+\t\t\t\t\tut->cipher_xform.cipher.iv.length);\n+\t\t}\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+create_dummy_sec_session(struct ipsec_unitest_params *ut,\n+\tstruct rte_mempool *pool, uint32_t j)\n+{\n+\tstatic struct rte_security_session_conf conf;\n+\n+\tut->ss[j].security.ses = rte_security_session_create(&dummy_sec_ctx,\n+\t\t\t\t\t&conf, pool);\n+\n+\tif (ut->ss[j].security.ses == NULL)\n+\t\treturn -ENOMEM;\n+\n+\tut->ss[j].security.ctx = &dummy_sec_ctx;\n+\tut->ss[j].security.ol_flags = 0;\n+\treturn 0;\n+}\n+\n+static int\n+create_crypto_session(struct ipsec_unitest_params *ut,\n+\tstruct rte_mempool *pool, const uint8_t crypto_dev[],\n+\tuint32_t crypto_dev_num, uint32_t j)\n+{\n+\tint32_t rc;\n+\tuint32_t devnum, i;\n+\tstruct rte_cryptodev_sym_session *s;\n+\tuint8_t devid[RTE_CRYPTO_MAX_DEVS];\n+\n+\t/* check which cryptodevs support SA */\n+\tdevnum = 0;\n+\tfor (i = 0; i < crypto_dev_num; i++) {\n+\t\tif (check_cryptodev_capablity(ut, crypto_dev[i]) == 0)\n+\t\t\tdevid[devnum++] = crypto_dev[i];\n+\t}\n+\n+\tif (devnum == 0)\n+\t\treturn -ENODEV;\n+\n+\ts = rte_cryptodev_sym_session_create(pool);\n+\tif (s == NULL)\n+\t\treturn -ENOMEM;\n+\n+\t/* initiliaze SA crypto session for all supported devices */\n+\tfor (i = 0; i != devnum; i++) {\n+\t\trc = rte_cryptodev_sym_session_init(devid[i], s,\n+\t\t\tut->crypto_xforms, pool);\n+\t\tif (rc != 0)\n+\t\t\tbreak;\n+\t}\n+\n+\tif (i == devnum) {\n+\t\tut->ss[j].crypto.ses = s;\n+\t\treturn 0;\n+\t}\n+\n+\t/* failure, do cleanup */\n+\twhile (i-- != 0)\n+\t\trte_cryptodev_sym_session_clear(devid[i], s);\n+\n+\trte_cryptodev_sym_session_free(s);\n+\treturn rc;\n+}\n+\n+static int\n+create_session(struct ipsec_unitest_params *ut,\n+\tstruct rte_mempool *pool, const uint8_t crypto_dev[],\n+\tuint32_t crypto_dev_num, uint32_t j)\n+{\n+\tif (ut->ss[j].type == RTE_SECURITY_ACTION_TYPE_NONE)\n+\t\treturn create_crypto_session(ut, pool, crypto_dev,\n+\t\t\tcrypto_dev_num, j);\n+\telse\n+\t\treturn create_dummy_sec_session(ut, pool, j);\n+}\n+\n+static void\n+fill_crypto_xform(struct ipsec_unitest_params *ut_params,\n+\tconst struct supported_auth_algo *auth_algo,\n+\tconst struct supported_cipher_algo *cipher_algo)\n+{\n+\tut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tut_params->auth_xform.auth.algo = auth_algo->algo;\n+\tut_params->auth_xform.auth.key.data = global_key;\n+\tut_params->auth_xform.auth.key.length = auth_algo->key_len;\n+\tut_params->auth_xform.auth.digest_length = auth_algo->digest_len;\n+\n+\tut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;\n+\tut_params->auth_xform.next = &ut_params->cipher_xform;\n+\n+\tut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tut_params->cipher_xform.cipher.algo = cipher_algo->algo;\n+\tut_params->cipher_xform.cipher.key.data = global_key;\n+\tut_params->cipher_xform.cipher.key.length = cipher_algo->key_len;\n+\tut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT;\n+\tut_params->cipher_xform.cipher.iv.offset = IV_OFFSET;\n+\tut_params->cipher_xform.cipher.iv.length = cipher_algo->iv_len;\n+\tut_params->cipher_xform.next = NULL;\n+\n+\tut_params->crypto_xforms = &ut_params->auth_xform;\n+}\n+\n+static int\n+fill_ipsec_param(uint32_t replay_win_sz, uint64_t flags)\n+{\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tstruct rte_ipsec_sa_prm *prm = &ut_params->sa_prm;\n+\tconst struct supported_auth_algo *auth_algo;\n+\tconst struct supported_cipher_algo *cipher_algo;\n+\n+\tmemset(prm, 0, sizeof(*prm));\n+\n+\tprm->userdata = 1;\n+\tprm->flags = flags;\n+\tprm->replay_win_sz = replay_win_sz;\n+\n+\t/* setup ipsec xform */\n+\tprm->ipsec_xform = ut_params->ipsec_xform;\n+\tprm->ipsec_xform.salt = (uint32_t)rte_rand();\n+\n+\t/* setup tunnel related fields */\n+\tprm->tun.hdr_len = sizeof(ipv4_outer);\n+\tprm->tun.next_proto = IPPROTO_IPIP;\n+\tprm->tun.hdr = &ipv4_outer;\n+\n+\t/* setup crypto section */\n+\tif (uparams.aead != 0) {\n+\t\t/* TODO: will need to fill out with other test cases */\n+\t} else {\n+\t\tif (uparams.auth == 0 && uparams.cipher == 0)\n+\t\t\treturn TEST_FAILED;\n+\n+\t\tauth_algo = find_match_auth_algo(uparams.auth_algo);\n+\t\tcipher_algo = find_match_cipher_algo(uparams.cipher_algo);\n+\n+\t\tfill_crypto_xform(ut_params, auth_algo, cipher_algo);\n+\t}\n+\n+\tprm->crypto_xform = ut_params->crypto_xforms;\n+\treturn TEST_SUCCESS;\n+}\n+\n+static int\n+create_sa(enum rte_security_session_action_type action_type,\n+\t\tuint32_t replay_win_sz, uint64_t flags, uint32_t j)\n+{\n+\tstruct ipsec_testsuite_params *ts = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut = &unittest_params;\n+\tsize_t sz;\n+\tint rc;\n+\n+\tmemset(&ut->ss[j], 0, sizeof(ut->ss[j]));\n+\n+\trc = fill_ipsec_param(replay_win_sz, flags);\n+\tif (rc != 0)\n+\t\treturn TEST_FAILED;\n+\n+\t/* create rte_ipsec_sa*/\n+\tsz = rte_ipsec_sa_size(&ut->sa_prm);\n+\tTEST_ASSERT(sz > 0, \"rte_ipsec_sa_size() failed\\n\");\n+\n+\tut->ss[j].sa = rte_zmalloc(NULL, sz, RTE_CACHE_LINE_SIZE);\n+\tTEST_ASSERT_NOT_NULL(ut->ss[j].sa,\n+\t\t\"failed to allocate memory for rte_ipsec_sa\\n\");\n+\n+\tut->ss[j].type = action_type;\n+\trc = create_session(ut, ts->session_mpool, ts->valid_devs,\n+\t\tts->valid_dev_count, j);\n+\tif (rc != 0)\n+\t\treturn TEST_FAILED;\n+\n+\trc = rte_ipsec_sa_init(ut->ss[j].sa, &ut->sa_prm, sz);\n+\trc = (rc > 0 && (uint32_t)rc <= sz) ? 0 : -EINVAL;\n+\n+\treturn rte_ipsec_session_prepare(&ut->ss[j]);\n+}\n+\n+static int\n+crypto_ipsec(uint16_t num_pkts)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint32_t k, ng;\n+\tstruct rte_ipsec_group grp[1];\n+\n+\t/* call crypto prepare */\n+\tk = rte_ipsec_pkt_crypto_prepare(&ut_params->ss[0], ut_params->ibuf,\n+\t\tut_params->cop, num_pkts);\n+\tif (k != num_pkts) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_pkt_crypto_prepare fail\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\tk = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,\n+\t\tut_params->cop, num_pkts);\n+\tif (k != num_pkts) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_cryptodev_enqueue_burst fail\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tk = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,\n+\t\tut_params->cop, num_pkts);\n+\tif (k != num_pkts) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_cryptodev_dequeue_burst fail\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tng = rte_ipsec_pkt_crypto_group(\n+\t\t(const struct rte_crypto_op **)(uintptr_t)ut_params->cop,\n+\t\tut_params->obuf, grp, num_pkts);\n+\tif (ng != 1 ||\n+\t\tgrp[0].m[0] != ut_params->obuf[0] ||\n+\t\tgrp[0].cnt != num_pkts ||\n+\t\tgrp[0].id.ptr != &ut_params->ss[0]) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_pkt_crypto_group fail\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* call crypto process */\n+\tk = rte_ipsec_pkt_process(grp[0].id.ptr, grp[0].m, grp[0].cnt);\n+\tif (k != num_pkts) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_pkt_process fail\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\treturn TEST_SUCCESS;\n+}\n+\n+static int\n+crypto_ipsec_2sa(void)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tstruct rte_ipsec_group grp[BURST_SIZE];\n+\n+\tuint32_t k, ng, i, r;\n+\n+\tfor (i = 0; i < BURST_SIZE; i++) {\n+\t\tr = i % 2;\n+\t\t/* call crypto prepare */\n+\t\tk = rte_ipsec_pkt_crypto_prepare(&ut_params->ss[r],\n+\t\t\t\tut_params->ibuf + i, ut_params->cop + i, 1);\n+\t\tif (k != 1) {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"rte_ipsec_pkt_crypto_prepare fail\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t\tk = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,\n+\t\t\t\tut_params->cop + i, 1);\n+\t\tif (k != 1) {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"rte_cryptodev_enqueue_burst fail\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tk = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,\n+\t\tut_params->cop, BURST_SIZE);\n+\tif (k != BURST_SIZE) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_cryptodev_dequeue_burst fail\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tng = rte_ipsec_pkt_crypto_group(\n+\t\t(const struct rte_crypto_op **)(uintptr_t)ut_params->cop,\n+\t\tut_params->obuf, grp, BURST_SIZE);\n+\tif (ng != BURST_SIZE) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_pkt_crypto_group fail ng=%d\\n\",\n+\t\t\t\tng);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* call crypto process */\n+\tfor (i = 0; i < ng; i++) {\n+\t\tk = rte_ipsec_pkt_process(grp[i].id.ptr, grp[i].m, grp[i].cnt);\n+\t\tif (k != grp[i].cnt) {\n+\t\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_pkt_process fail\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t}\n+\treturn TEST_SUCCESS;\n+}\n+\n+#define PKT_4\t4\n+#define PKT_12\t12\n+#define PKT_21\t21\n+\n+static uint32_t\n+crypto_ipsec_4grp(uint32_t pkt_num)\n+{\n+\tuint32_t sa_ind;\n+\n+\t/* group packets in 4 different size groups groups, 2 per SA */\n+\tif (pkt_num < PKT_4)\n+\t\tsa_ind = 0;\n+\telse if (pkt_num < PKT_12)\n+\t\tsa_ind = 1;\n+\telse if (pkt_num < PKT_21)\n+\t\tsa_ind = 0;\n+\telse\n+\t\tsa_ind = 1;\n+\n+\treturn sa_ind;\n+}\n+\n+static uint32_t\n+crypto_ipsec_4grp_check_mbufs(uint32_t grp_ind, struct rte_ipsec_group *grp)\n+{\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint32_t i, j;\n+\tuint32_t rc = 0;\n+\n+\tif (grp_ind == 0) {\n+\t\tfor (i = 0, j = 0; i < PKT_4; i++, j++)\n+\t\t\tif (grp[grp_ind].m[i] != ut_params->obuf[j]) {\n+\t\t\t\trc = TEST_FAILED;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t} else if (grp_ind == 1) {\n+\t\tfor (i = 0, j = PKT_4; i < (PKT_12 - PKT_4); i++, j++) {\n+\t\t\tif (grp[grp_ind].m[i] != ut_params->obuf[j]) {\n+\t\t\t\trc = TEST_FAILED;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t\t}\n+\t} else if (grp_ind == 2) {\n+\t\tfor (i = 0, j =  PKT_12; i < (PKT_21 - PKT_12); i++, j++)\n+\t\t\tif (grp[grp_ind].m[i] != ut_params->obuf[j]) {\n+\t\t\t\trc = TEST_FAILED;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t} else if (grp_ind == 3) {\n+\t\tfor (i = 0, j = PKT_21; i < (BURST_SIZE - PKT_21); i++, j++)\n+\t\t\tif (grp[grp_ind].m[i] != ut_params->obuf[j]) {\n+\t\t\t\trc = TEST_FAILED;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t} else\n+\t\trc = TEST_FAILED;\n+\n+\treturn rc;\n+}\n+\n+static uint32_t\n+crypto_ipsec_4grp_check_cnt(uint32_t grp_ind, struct rte_ipsec_group *grp)\n+{\n+\tuint32_t rc = 0;\n+\n+\tif (grp_ind == 0) {\n+\t\tif (grp[grp_ind].cnt != PKT_4)\n+\t\t\trc = TEST_FAILED;\n+\t} else if (grp_ind == 1) {\n+\t\tif (grp[grp_ind].cnt != PKT_12 - PKT_4)\n+\t\t\trc = TEST_FAILED;\n+\t} else if (grp_ind == 2) {\n+\t\tif (grp[grp_ind].cnt != PKT_21 - PKT_12)\n+\t\t\trc = TEST_FAILED;\n+\t} else if (grp_ind == 3) {\n+\t\tif (grp[grp_ind].cnt != BURST_SIZE - PKT_21)\n+\t\t\trc = TEST_FAILED;\n+\t} else\n+\t\trc = TEST_FAILED;\n+\n+\treturn rc;\n+}\n+\n+static int\n+crypto_ipsec_2sa_4grp(void)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tstruct rte_ipsec_group grp[BURST_SIZE];\n+\tuint32_t k, ng, i, j;\n+\tuint32_t rc = 0;\n+\n+\tfor (i = 0; i < BURST_SIZE; i++) {\n+\t\tj = crypto_ipsec_4grp(i);\n+\n+\t\t/* call crypto prepare */\n+\t\tk = rte_ipsec_pkt_crypto_prepare(&ut_params->ss[j],\n+\t\t\t\tut_params->ibuf + i, ut_params->cop + i, 1);\n+\t\tif (k != 1) {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"rte_ipsec_pkt_crypto_prepare fail\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t\tk = rte_cryptodev_enqueue_burst(ts_params->valid_devs[0], 0,\n+\t\t\t\tut_params->cop + i, 1);\n+\t\tif (k != 1) {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"rte_cryptodev_enqueue_burst fail\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tk = rte_cryptodev_dequeue_burst(ts_params->valid_devs[0], 0,\n+\t\tut_params->cop, BURST_SIZE);\n+\tif (k != BURST_SIZE) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_cryptodev_dequeue_burst fail\\n\");\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tng = rte_ipsec_pkt_crypto_group(\n+\t\t(const struct rte_crypto_op **)(uintptr_t)ut_params->cop,\n+\t\tut_params->obuf, grp, BURST_SIZE);\n+\tif (ng != 4) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_pkt_crypto_group fail ng=%d\\n\",\n+\t\t\tng);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* call crypto process */\n+\tfor (i = 0; i < ng; i++) {\n+\t\tk = rte_ipsec_pkt_process(grp[i].id.ptr, grp[i].m, grp[i].cnt);\n+\t\tif (k != grp[i].cnt) {\n+\t\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_pkt_process fail\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t\trc = crypto_ipsec_4grp_check_cnt(i, grp);\n+\t\tif (rc != 0) {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"crypto_ipsec_4grp_check_cnt fail\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t\trc = crypto_ipsec_4grp_check_mbufs(i, grp);\n+\t\tif (rc != 0) {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"crypto_ipsec_4grp_check_mbufs fail\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t}\n+\treturn TEST_SUCCESS;\n+}\n+\n+static void\n+test_ipsec_reorder_inb_pkt_burst(uint16_t num_pkts)\n+{\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tstruct rte_mbuf *ibuf_tmp[BURST_SIZE];\n+\tuint16_t j;\n+\n+\t/* reorder packets and create gaps in sequence numbers */\n+\tstatic const uint32_t reorder[BURST_SIZE] = {\n+\t\t\t24, 25, 26, 27, 28, 29, 30, 31,\n+\t\t\t16, 17, 18, 19, 20, 21, 22, 23,\n+\t\t\t8, 9, 10, 11, 12, 13, 14, 15,\n+\t\t\t0, 1, 2, 3, 4, 5, 6, 7,\n+\t};\n+\n+\tif (num_pkts != BURST_SIZE)\n+\t\treturn;\n+\n+\tfor (j = 0; j != BURST_SIZE; j++)\n+\t\tibuf_tmp[j] = ut_params->ibuf[reorder[j]];\n+\n+\tmemcpy(ut_params->ibuf, ibuf_tmp, sizeof(ut_params->ibuf));\n+}\n+\n+static int\n+test_ipsec_crypto_op_alloc(uint16_t num_pkts)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tint rc = 0;\n+\tuint16_t j;\n+\n+\tfor (j = 0; j < num_pkts && rc == 0; j++) {\n+\t\tut_params->cop[j] = rte_crypto_op_alloc(ts_params->cop_mpool,\n+\t\t\t\tRTE_CRYPTO_OP_TYPE_SYMMETRIC);\n+\t\tif (ut_params->cop[j] == NULL) {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"Failed to allocate symmetric crypto op\\n\");\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static void\n+test_ipsec_dump_buffers(struct ipsec_unitest_params *ut_params, int i)\n+{\n+\tuint16_t j = ut_params->pkt_index;\n+\n+\tprintf(\"\\ntest config: num %d\\n\", i);\n+\tprintf(\"\treplay_win_sz %u\\n\", test_cfg[i].replay_win_sz);\n+\tprintf(\"\tesn %u\\n\", test_cfg[i].esn);\n+\tprintf(\"\tflags 0x%lx\\n\", test_cfg[i].flags);\n+\tprintf(\"\tpkt_sz %lu\\n\", test_cfg[i].pkt_sz);\n+\tprintf(\"\tnum_pkts %u\\n\\n\", test_cfg[i].num_pkts);\n+\n+\tif (ut_params->ibuf[j]) {\n+\t\tprintf(\"ibuf[%u] data:\\n\", j);\n+\t\trte_pktmbuf_dump(stdout, ut_params->ibuf[j],\n+\t\t\tut_params->ibuf[j]->data_len);\n+\t}\n+\tif (ut_params->obuf[j]) {\n+\t\tprintf(\"obuf[%u] data:\\n\", j);\n+\t\trte_pktmbuf_dump(stdout, ut_params->obuf[j],\n+\t\t\tut_params->obuf[j]->data_len);\n+\t}\n+\tif (ut_params->testbuf[j]) {\n+\t\tprintf(\"testbuf[%u] data:\\n\", j);\n+\t\trte_pktmbuf_dump(stdout, ut_params->testbuf[j],\n+\t\t\tut_params->testbuf[j]->data_len);\n+\t}\n+}\n+\n+static void\n+destroy_sa(uint32_t j)\n+{\n+\tstruct ipsec_unitest_params *ut = &unittest_params;\n+\n+\trte_ipsec_sa_fini(ut->ss[j].sa);\n+\trte_free(ut->ss[j].sa);\n+\trte_cryptodev_sym_session_free(ut->ss[j].crypto.ses);\n+\tmemset(&ut->ss[j], 0, sizeof(ut->ss[j]));\n+}\n+\n+static int\n+crypto_inb_burst_null_null_check(struct ipsec_unitest_params *ut_params, int i,\n+\t\tuint16_t num_pkts)\n+{\n+\tuint16_t j;\n+\n+\tfor (j = 0; j < num_pkts && num_pkts <= BURST_SIZE; j++) {\n+\t\tut_params->pkt_index = j;\n+\n+\t\t/* compare the data buffers */\n+\t\tTEST_ASSERT_BUFFERS_ARE_EQUAL(null_plain_data,\n+\t\t\trte_pktmbuf_mtod(ut_params->obuf[j], void *),\n+\t\t\ttest_cfg[i].pkt_sz,\n+\t\t\t\"input and output data does not match\\n\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->obuf[j]->data_len,\n+\t\t\tut_params->obuf[j]->pkt_len,\n+\t\t\t\"data_len is not equal to pkt_len\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->obuf[j]->data_len,\n+\t\t\ttest_cfg[i].pkt_sz,\n+\t\t\t\"data_len is not equal to input data\");\n+\t}\n+\n+\treturn 0;\n+}\n+\n+static int\n+test_ipsec_crypto_inb_burst_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint16_t num_pkts = test_cfg[i].num_pkts;\n+\tuint16_t j;\n+\tint rc;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa */\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate test mbuf data */\n+\tfor (j = 0; j < num_pkts && rc == 0; j++) {\n+\t\t/* packet with sequence number 0 is invalid */\n+\t\tut_params->ibuf[j] = setup_test_string_tunneled(\n+\t\t\tts_params->mbuf_pool, null_encrypted_data,\n+\t\t\ttest_cfg[i].pkt_sz, INBOUND_SPI, j + 1);\n+\t\tif (ut_params->ibuf[j] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\t}\n+\n+\tif (rc == 0) {\n+\t\tif (test_cfg[i].reorder_pkts)\n+\t\t\ttest_ipsec_reorder_inb_pkt_burst(num_pkts);\n+\t\trc = test_ipsec_crypto_op_alloc(num_pkts);\n+\t}\n+\n+\tif (rc == 0) {\n+\t\t/* call ipsec library api */\n+\t\trc = crypto_ipsec(num_pkts);\n+\t\tif (rc == 0)\n+\t\t\trc = crypto_inb_burst_null_null_check(\n+\t\t\t\t\tut_params, i, num_pkts);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed, cfg %d\\n\",\n+\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_crypto_inb_burst_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = INBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_crypto_inb_burst_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+crypto_outb_burst_null_null_check(struct ipsec_unitest_params *ut_params,\n+\tuint16_t num_pkts)\n+{\n+\tvoid *obuf_data;\n+\tvoid *testbuf_data;\n+\tuint16_t j;\n+\n+\tfor (j = 0; j < num_pkts && num_pkts <= BURST_SIZE; j++) {\n+\t\tut_params->pkt_index = j;\n+\n+\t\ttestbuf_data = rte_pktmbuf_mtod(ut_params->testbuf[j], void *);\n+\t\tobuf_data = rte_pktmbuf_mtod(ut_params->obuf[j], void *);\n+\t\t/* compare the buffer data */\n+\t\tTEST_ASSERT_BUFFERS_ARE_EQUAL(testbuf_data, obuf_data,\n+\t\t\tut_params->obuf[j]->pkt_len,\n+\t\t\t\"test and output data does not match\\n\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->obuf[j]->data_len,\n+\t\t\tut_params->testbuf[j]->data_len,\n+\t\t\t\"obuf data_len is not equal to testbuf data_len\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->obuf[j]->pkt_len,\n+\t\t\tut_params->testbuf[j]->pkt_len,\n+\t\t\t\"obuf pkt_len is not equal to testbuf pkt_len\");\n+\t}\n+\n+\treturn 0;\n+}\n+\n+static int\n+test_ipsec_crypto_outb_burst_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint16_t num_pkts = test_cfg[i].num_pkts;\n+\tuint16_t j;\n+\tint32_t rc;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa*/\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate input mbuf data */\n+\tfor (j = 0; j < num_pkts && rc == 0; j++) {\n+\t\tut_params->ibuf[j] = setup_test_string(ts_params->mbuf_pool,\n+\t\t\tnull_plain_data, test_cfg[i].pkt_sz, 0);\n+\t\tif (ut_params->ibuf[j] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\t\telse {\n+\t\t\t/* Generate test mbuf data */\n+\t\t\t/* packet with sequence number 0 is invalid */\n+\t\t\tut_params->testbuf[j] = setup_test_string_tunneled(\n+\t\t\t\t\tts_params->mbuf_pool,\n+\t\t\t\t\tnull_plain_data, test_cfg[i].pkt_sz,\n+\t\t\t\t\tOUTBOUND_SPI, j + 1);\n+\t\t\tif (ut_params->testbuf[j] == NULL)\n+\t\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif (rc == 0)\n+\t\trc = test_ipsec_crypto_op_alloc(num_pkts);\n+\n+\tif (rc == 0) {\n+\t\t/* call ipsec library api */\n+\t\trc = crypto_ipsec(num_pkts);\n+\t\tif (rc == 0)\n+\t\t\trc = crypto_outb_burst_null_null_check(ut_params,\n+\t\t\t\t\tnum_pkts);\n+\t\telse\n+\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed, cfg %d\\n\",\n+\t\t\t\ti);\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_crypto_outb_burst_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = OUTBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_crypto_outb_burst_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+inline_inb_burst_null_null_check(struct ipsec_unitest_params *ut_params, int i,\n+\tuint16_t num_pkts)\n+{\n+\tvoid *ibuf_data;\n+\tvoid *obuf_data;\n+\tuint16_t j;\n+\n+\tfor (j = 0; j < num_pkts && num_pkts <= BURST_SIZE; j++) {\n+\t\tut_params->pkt_index = j;\n+\n+\t\t/* compare the buffer data */\n+\t\tibuf_data = rte_pktmbuf_mtod(ut_params->ibuf[j], void *);\n+\t\tobuf_data = rte_pktmbuf_mtod(ut_params->obuf[j], void *);\n+\n+\t\tTEST_ASSERT_BUFFERS_ARE_EQUAL(ibuf_data, obuf_data,\n+\t\t\tut_params->ibuf[j]->data_len,\n+\t\t\t\"input and output data does not match\\n\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->ibuf[j]->data_len,\n+\t\t\tut_params->obuf[j]->data_len,\n+\t\t\t\"ibuf data_len is not equal to obuf data_len\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->ibuf[j]->pkt_len,\n+\t\t\tut_params->obuf[j]->pkt_len,\n+\t\t\t\"ibuf pkt_len is not equal to obuf pkt_len\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->ibuf[j]->data_len,\n+\t\t\ttest_cfg[i].pkt_sz,\n+\t\t\t\"data_len is not equal input data\");\n+\t}\n+\treturn 0;\n+}\n+\n+static int\n+test_ipsec_inline_inb_burst_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint16_t num_pkts = test_cfg[i].num_pkts;\n+\tuint16_t j;\n+\tint32_t rc;\n+\tuint32_t n;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa*/\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate inbound mbuf data */\n+\tfor (j = 0; j < num_pkts && rc == 0; j++) {\n+\t\tut_params->ibuf[j] = setup_test_string_tunneled(\n+\t\t\tts_params->mbuf_pool,\n+\t\t\tnull_plain_data, test_cfg[i].pkt_sz,\n+\t\t\tINBOUND_SPI, j + 1);\n+\t\tif (ut_params->ibuf[j] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\t\telse {\n+\t\t\t/* Generate test mbuf data */\n+\t\t\tut_params->obuf[j] = setup_test_string(\n+\t\t\t\tts_params->mbuf_pool,\n+\t\t\t\tnull_plain_data, test_cfg[i].pkt_sz, 0);\n+\t\t\tif (ut_params->obuf[j] == NULL)\n+\t\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif (rc == 0) {\n+\t\tn = rte_ipsec_pkt_process(&ut_params->ss[0], ut_params->ibuf,\n+\t\t\t\tnum_pkts);\n+\t\tif (n == num_pkts)\n+\t\t\trc = inline_inb_burst_null_null_check(ut_params, i,\n+\t\t\t\t\tnum_pkts);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"rte_ipsec_pkt_process failed, cfg %d\\n\",\n+\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_inline_inb_burst_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = INBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_inline_inb_burst_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+inline_outb_burst_null_null_check(struct ipsec_unitest_params *ut_params,\n+\tuint16_t num_pkts)\n+{\n+\tvoid *obuf_data;\n+\tvoid *ibuf_data;\n+\tuint16_t j;\n+\n+\tfor (j = 0; j < num_pkts && num_pkts <= BURST_SIZE; j++) {\n+\t\tut_params->pkt_index = j;\n+\n+\t\t/* compare the buffer data */\n+\t\tibuf_data = rte_pktmbuf_mtod(ut_params->ibuf[j], void *);\n+\t\tobuf_data = rte_pktmbuf_mtod(ut_params->obuf[j], void *);\n+\t\tTEST_ASSERT_BUFFERS_ARE_EQUAL(ibuf_data, obuf_data,\n+\t\t\tut_params->ibuf[j]->data_len,\n+\t\t\t\"input and output data does not match\\n\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->ibuf[j]->data_len,\n+\t\t\tut_params->obuf[j]->data_len,\n+\t\t\t\"ibuf data_len is not equal to obuf data_len\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->ibuf[j]->pkt_len,\n+\t\t\tut_params->obuf[j]->pkt_len,\n+\t\t\t\"ibuf pkt_len is not equal to obuf pkt_len\");\n+\t}\n+\treturn 0;\n+}\n+\n+static int\n+test_ipsec_inline_outb_burst_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint16_t num_pkts = test_cfg[i].num_pkts;\n+\tuint16_t j;\n+\tint32_t rc;\n+\tuint32_t n;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa */\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate test mbuf data */\n+\tfor (j = 0; j < num_pkts && rc == 0; j++) {\n+\t\tut_params->ibuf[j] = setup_test_string(ts_params->mbuf_pool,\n+\t\t\tnull_plain_data, test_cfg[i].pkt_sz, 0);\n+\t\tif (ut_params->ibuf[0] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\n+\t\tif (rc == 0) {\n+\t\t\t/* Generate test tunneled mbuf data for comparison */\n+\t\t\tut_params->obuf[j] = setup_test_string_tunneled(\n+\t\t\t\t\tts_params->mbuf_pool,\n+\t\t\t\t\tnull_plain_data, test_cfg[i].pkt_sz,\n+\t\t\t\t\tOUTBOUND_SPI, j + 1);\n+\t\t\tif (ut_params->obuf[j] == NULL)\n+\t\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif (rc == 0) {\n+\t\tn = rte_ipsec_pkt_process(&ut_params->ss[0], ut_params->ibuf,\n+\t\t\t\tnum_pkts);\n+\t\tif (n == num_pkts)\n+\t\t\trc = inline_outb_burst_null_null_check(ut_params,\n+\t\t\t\t\tnum_pkts);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"rte_ipsec_pkt_process failed, cfg %d\\n\",\n+\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_inline_outb_burst_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = OUTBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_inline_outb_burst_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+replay_inb_null_null_check(struct ipsec_unitest_params *ut_params, int i,\n+\tint num_pkts)\n+{\n+\tuint16_t j;\n+\n+\tfor (j = 0; j < num_pkts; j++) {\n+\t\t/* compare the buffer data */\n+\t\tTEST_ASSERT_BUFFERS_ARE_EQUAL(null_plain_data,\n+\t\t\trte_pktmbuf_mtod(ut_params->obuf[j], void *),\n+\t\t\ttest_cfg[i].pkt_sz,\n+\t\t\t\"input and output data does not match\\n\");\n+\n+\t\tTEST_ASSERT_EQUAL(ut_params->obuf[j]->data_len,\n+\t\t\tut_params->obuf[j]->pkt_len,\n+\t\t\t\"data_len is not equal to pkt_len\");\n+\t}\n+\n+\treturn 0;\n+}\n+\n+static int\n+test_ipsec_replay_inb_inside_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tint rc;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa*/\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate inbound mbuf data */\n+\tut_params->ibuf[0] = setup_test_string_tunneled(ts_params->mbuf_pool,\n+\t\tnull_encrypted_data, test_cfg[i].pkt_sz, INBOUND_SPI, 1);\n+\tif (ut_params->ibuf[0] == NULL)\n+\t\trc = TEST_FAILED;\n+\telse\n+\t\trc = test_ipsec_crypto_op_alloc(1);\n+\n+\tif (rc == 0) {\n+\t\t/* call ipsec library api */\n+\t\trc = crypto_ipsec(1);\n+\t\tif (rc == 0)\n+\t\t\trc = replay_inb_null_null_check(ut_params, i, 1);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed, cfg %d\\n\",\n+\t\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif ((rc == 0) && (test_cfg[i].replay_win_sz != 0)) {\n+\t\t/* generate packet with seq number inside the replay window */\n+\t\tif (ut_params->ibuf[0]) {\n+\t\t\trte_pktmbuf_free(ut_params->ibuf[0]);\n+\t\t\tut_params->ibuf[0] = 0;\n+\t\t}\n+\n+\t\tut_params->ibuf[0] = setup_test_string_tunneled(\n+\t\t\tts_params->mbuf_pool, null_encrypted_data,\n+\t\t\ttest_cfg[i].pkt_sz, INBOUND_SPI,\n+\t\t\ttest_cfg[i].replay_win_sz);\n+\t\tif (ut_params->ibuf[0] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\t\telse\n+\t\t\trc = test_ipsec_crypto_op_alloc(1);\n+\n+\t\tif (rc == 0) {\n+\t\t\t/* call ipsec library api */\n+\t\t\trc = crypto_ipsec(1);\n+\t\t\tif (rc == 0)\n+\t\t\t\trc = replay_inb_null_null_check(\n+\t\t\t\t\t\tut_params, i, 1);\n+\t\t\telse {\n+\t\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed\\n\");\n+\t\t\t\trc = TEST_FAILED;\n+\t\t\t}\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_replay_inb_inside_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = INBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_replay_inb_inside_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_replay_inb_outside_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tint rc;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa */\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate test mbuf data */\n+\tut_params->ibuf[0] = setup_test_string_tunneled(ts_params->mbuf_pool,\n+\t\tnull_encrypted_data, test_cfg[i].pkt_sz, INBOUND_SPI,\n+\t\ttest_cfg[i].replay_win_sz + 2);\n+\tif (ut_params->ibuf[0] == NULL)\n+\t\trc = TEST_FAILED;\n+\telse\n+\t\trc = test_ipsec_crypto_op_alloc(1);\n+\n+\tif (rc == 0) {\n+\t\t/* call ipsec library api */\n+\t\trc = crypto_ipsec(1);\n+\t\tif (rc == 0)\n+\t\t\trc = replay_inb_null_null_check(ut_params, i, 1);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed, cfg %d\\n\",\n+\t\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif ((rc == 0) && (test_cfg[i].replay_win_sz != 0)) {\n+\t\t/* generate packet with seq number outside the replay window */\n+\t\tif (ut_params->ibuf[0]) {\n+\t\t\trte_pktmbuf_free(ut_params->ibuf[0]);\n+\t\t\tut_params->ibuf[0] = 0;\n+\t\t}\n+\t\tut_params->ibuf[0] = setup_test_string_tunneled(\n+\t\t\tts_params->mbuf_pool, null_encrypted_data,\n+\t\t\ttest_cfg[i].pkt_sz, INBOUND_SPI, 1);\n+\t\tif (ut_params->ibuf[0] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\t\telse\n+\t\t\trc = test_ipsec_crypto_op_alloc(1);\n+\n+\t\tif (rc == 0) {\n+\t\t\t/* call ipsec library api */\n+\t\t\trc = crypto_ipsec(1);\n+\t\t\tif (rc == 0) {\n+\t\t\t\tif (test_cfg[i].esn == 0) {\n+\t\t\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\t\t\"packet is not outside the replay window, cfg %d pkt0_seq %u pkt1_seq %u\\n\",\n+\t\t\t\t\t\ti,\n+\t\t\t\t\t\ttest_cfg[i].replay_win_sz + 2,\n+\t\t\t\t\t\t1);\n+\t\t\t\t\trc = TEST_FAILED;\n+\t\t\t\t}\n+\t\t\t} else {\n+\t\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\t\"packet is outside the replay window, cfg %d pkt0_seq %u pkt1_seq %u\\n\",\n+\t\t\t\t\ti, test_cfg[i].replay_win_sz + 2, 1);\n+\t\t\t\trc = 0;\n+\t\t\t}\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_replay_inb_outside_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = INBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_replay_inb_outside_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_replay_inb_repeat_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tint rc;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa */\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\", i);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate test mbuf data */\n+\tut_params->ibuf[0] = setup_test_string_tunneled(ts_params->mbuf_pool,\n+\t\tnull_encrypted_data, test_cfg[i].pkt_sz, INBOUND_SPI, 1);\n+\tif (ut_params->ibuf[0] == NULL)\n+\t\trc = TEST_FAILED;\n+\telse\n+\t\trc = test_ipsec_crypto_op_alloc(1);\n+\n+\tif (rc == 0) {\n+\t\t/* call ipsec library api */\n+\t\trc = crypto_ipsec(1);\n+\t\tif (rc == 0)\n+\t\t\trc = replay_inb_null_null_check(ut_params, i, 1);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed, cfg %d\\n\",\n+\t\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif ((rc == 0) && (test_cfg[i].replay_win_sz != 0)) {\n+\t\t/*\n+\t\t * generate packet with repeat seq number in the replay\n+\t\t * window\n+\t\t */\n+\t\tif (ut_params->ibuf[0]) {\n+\t\t\trte_pktmbuf_free(ut_params->ibuf[0]);\n+\t\t\tut_params->ibuf[0] = 0;\n+\t\t}\n+\n+\t\tut_params->ibuf[0] = setup_test_string_tunneled(\n+\t\t\tts_params->mbuf_pool, null_encrypted_data,\n+\t\t\ttest_cfg[i].pkt_sz, INBOUND_SPI, 1);\n+\t\tif (ut_params->ibuf[0] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\t\telse\n+\t\t\trc = test_ipsec_crypto_op_alloc(1);\n+\n+\t\tif (rc == 0) {\n+\t\t\t/* call ipsec library api */\n+\t\t\trc = crypto_ipsec(1);\n+\t\t\tif (rc == 0) {\n+\t\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\t\"packet is not repeated in the replay window, cfg %d seq %u\\n\",\n+\t\t\t\t\ti, 1);\n+\t\t\t\trc = TEST_FAILED;\n+\t\t\t} else {\n+\t\t\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\t\"packet is repeated in the replay window, cfg %d seq %u\\n\",\n+\t\t\t\t\ti, 1);\n+\t\t\t\trc = 0;\n+\t\t\t}\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_replay_inb_repeat_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = INBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_replay_inb_repeat_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_replay_inb_inside_burst_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint16_t num_pkts = test_cfg[i].num_pkts;\n+\tint rc;\n+\tint j;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa*/\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate inbound mbuf data */\n+\tut_params->ibuf[0] = setup_test_string_tunneled(ts_params->mbuf_pool,\n+\t\tnull_encrypted_data, test_cfg[i].pkt_sz, INBOUND_SPI, 1);\n+\tif (ut_params->ibuf[0] == NULL)\n+\t\trc = TEST_FAILED;\n+\telse\n+\t\trc = test_ipsec_crypto_op_alloc(1);\n+\n+\tif (rc == 0) {\n+\t\t/* call ipsec library api */\n+\t\trc = crypto_ipsec(1);\n+\t\tif (rc == 0)\n+\t\t\trc = replay_inb_null_null_check(ut_params, i, 1);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed, cfg %d\\n\",\n+\t\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif ((rc == 0) && (test_cfg[i].replay_win_sz != 0)) {\n+\t\t/*\n+\t\t *  generate packet(s) with seq number(s) inside the\n+\t\t *  replay window\n+\t\t */\n+\t\tif (ut_params->ibuf[0]) {\n+\t\t\trte_pktmbuf_free(ut_params->ibuf[0]);\n+\t\t\tut_params->ibuf[0] = 0;\n+\t\t}\n+\n+\t\tfor (j = 0; j < num_pkts && rc == 0; j++) {\n+\t\t\t/* packet with sequence number 1 already processed */\n+\t\t\tut_params->ibuf[j] = setup_test_string_tunneled(\n+\t\t\t\tts_params->mbuf_pool, null_encrypted_data,\n+\t\t\t\ttest_cfg[i].pkt_sz, INBOUND_SPI, j + 2);\n+\t\t\tif (ut_params->ibuf[j] == NULL)\n+\t\t\t\trc = TEST_FAILED;\n+\t\t}\n+\n+\t\tif (rc == 0) {\n+\t\t\tif (test_cfg[i].reorder_pkts)\n+\t\t\t\ttest_ipsec_reorder_inb_pkt_burst(num_pkts);\n+\t\t\trc = test_ipsec_crypto_op_alloc(num_pkts);\n+\t\t}\n+\n+\t\tif (rc == 0) {\n+\t\t\t/* call ipsec library api */\n+\t\t\trc = crypto_ipsec(num_pkts);\n+\t\t\tif (rc == 0)\n+\t\t\t\trc = replay_inb_null_null_check(\n+\t\t\t\t\t\tut_params, i, num_pkts);\n+\t\t\telse {\n+\t\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed\\n\");\n+\t\t\t\trc = TEST_FAILED;\n+\t\t\t}\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_replay_inb_inside_burst_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = INBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_replay_inb_inside_burst_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+\n+static int\n+crypto_inb_burst_2sa_null_null_check(struct ipsec_unitest_params *ut_params,\n+\t\tint i)\n+{\n+\tuint16_t j;\n+\n+\tfor (j = 0; j < BURST_SIZE; j++) {\n+\t\tut_params->pkt_index = j;\n+\n+\t\t/* compare the data buffers */\n+\t\tTEST_ASSERT_BUFFERS_ARE_EQUAL(null_plain_data,\n+\t\t\trte_pktmbuf_mtod(ut_params->obuf[j], void *),\n+\t\t\ttest_cfg[i].pkt_sz,\n+\t\t\t\"input and output data does not match\\n\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->obuf[j]->data_len,\n+\t\t\tut_params->obuf[j]->pkt_len,\n+\t\t\t\"data_len is not equal to pkt_len\");\n+\t\tTEST_ASSERT_EQUAL(ut_params->obuf[j]->data_len,\n+\t\t\ttest_cfg[i].pkt_sz,\n+\t\t\t\"data_len is not equal to input data\");\n+\t}\n+\n+\treturn 0;\n+}\n+\n+static int\n+test_ipsec_crypto_inb_burst_2sa_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint16_t num_pkts = test_cfg[i].num_pkts;\n+\tuint16_t j, r;\n+\tint rc = 0;\n+\n+\tif (num_pkts != BURST_SIZE)\n+\t\treturn rc;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa */\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* create second rte_ipsec_sa */\n+\tut_params->ipsec_xform.spi = INBOUND_SPI + 1;\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 1);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\tdestroy_sa(0);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate test mbuf data */\n+\tfor (j = 0; j < num_pkts && rc == 0; j++) {\n+\t\tr = j % 2;\n+\t\t/* packet with sequence number 0 is invalid */\n+\t\tut_params->ibuf[j] = setup_test_string_tunneled(\n+\t\t\tts_params->mbuf_pool, null_encrypted_data,\n+\t\t\ttest_cfg[i].pkt_sz, INBOUND_SPI + r, j + 1);\n+\t\tif (ut_params->ibuf[j] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\t}\n+\n+\tif (rc == 0)\n+\t\trc = test_ipsec_crypto_op_alloc(num_pkts);\n+\n+\tif (rc == 0) {\n+\t\t/* call ipsec library api */\n+\t\trc = crypto_ipsec_2sa();\n+\t\tif (rc == 0)\n+\t\t\trc = crypto_inb_burst_2sa_null_null_check(\n+\t\t\t\t\tut_params, i);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed, cfg %d\\n\",\n+\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\tdestroy_sa(1);\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_crypto_inb_burst_2sa_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = INBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_crypto_inb_burst_2sa_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_crypto_inb_burst_2sa_4grp_null_null(int i)\n+{\n+\tstruct ipsec_testsuite_params *ts_params = &testsuite_params;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\tuint16_t num_pkts = test_cfg[i].num_pkts;\n+\tuint16_t j, k;\n+\tint rc = 0;\n+\n+\tif (num_pkts != BURST_SIZE)\n+\t\treturn rc;\n+\n+\tuparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\tuparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;\n+\tstrcpy(uparams.auth_algo, \"null\");\n+\tstrcpy(uparams.cipher_algo, \"null\");\n+\n+\t/* create rte_ipsec_sa */\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 0);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* create second rte_ipsec_sa */\n+\tut_params->ipsec_xform.spi = INBOUND_SPI + 1;\n+\trc = create_sa(RTE_SECURITY_ACTION_TYPE_NONE,\n+\t\t\ttest_cfg[i].replay_win_sz, test_cfg[i].flags, 1);\n+\tif (rc != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"rte_ipsec_sa_init failed, cfg %d\\n\",\n+\t\t\ti);\n+\t\tdestroy_sa(0);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/* Generate test mbuf data */\n+\tfor (j = 0; j < num_pkts && rc == 0; j++) {\n+\t\tk = crypto_ipsec_4grp(j);\n+\n+\t\t/* packet with sequence number 0 is invalid */\n+\t\tut_params->ibuf[j] = setup_test_string_tunneled(\n+\t\t\tts_params->mbuf_pool, null_encrypted_data,\n+\t\t\ttest_cfg[i].pkt_sz, INBOUND_SPI + k, j + 1);\n+\t\tif (ut_params->ibuf[j] == NULL)\n+\t\t\trc = TEST_FAILED;\n+\t}\n+\n+\tif (rc == 0)\n+\t\trc = test_ipsec_crypto_op_alloc(num_pkts);\n+\n+\tif (rc == 0) {\n+\t\t/* call ipsec library api */\n+\t\trc = crypto_ipsec_2sa_4grp();\n+\t\tif (rc == 0)\n+\t\t\trc = crypto_inb_burst_2sa_null_null_check(\n+\t\t\t\t\tut_params, i);\n+\t\telse {\n+\t\t\tRTE_LOG(ERR, USER1, \"crypto_ipsec failed, cfg %d\\n\",\n+\t\t\t\ti);\n+\t\t\trc = TEST_FAILED;\n+\t\t}\n+\t}\n+\n+\tif (rc == TEST_FAILED)\n+\t\ttest_ipsec_dump_buffers(ut_params, i);\n+\n+\tdestroy_sa(0);\n+\tdestroy_sa(1);\n+\treturn rc;\n+}\n+\n+static int\n+test_ipsec_crypto_inb_burst_2sa_4grp_null_null_wrapper(void)\n+{\n+\tint i;\n+\tint rc = 0;\n+\tstruct ipsec_unitest_params *ut_params = &unittest_params;\n+\n+\tut_params->ipsec_xform.spi = INBOUND_SPI;\n+\tut_params->ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n+\tut_params->ipsec_xform.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP;\n+\tut_params->ipsec_xform.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL;\n+\tut_params->ipsec_xform.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4;\n+\n+\tfor (i = 0; i < num_cfg && rc == 0; i++) {\n+\t\tut_params->ipsec_xform.options.esn = test_cfg[i].esn;\n+\t\trc = test_ipsec_crypto_inb_burst_2sa_4grp_null_null(i);\n+\t}\n+\n+\treturn rc;\n+}\n+\n+static struct unit_test_suite ipsec_testsuite  = {\n+\t.suite_name = \"IPsec NULL Unit Test Suite\",\n+\t.setup = testsuite_setup,\n+\t.teardown = testsuite_teardown,\n+\t.unit_test_cases = {\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_crypto_inb_burst_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_crypto_outb_burst_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_inline_inb_burst_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_inline_outb_burst_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_replay_inb_inside_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_replay_inb_outside_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_replay_inb_repeat_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_replay_inb_inside_burst_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_crypto_inb_burst_2sa_null_null_wrapper),\n+\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n+\t\t\ttest_ipsec_crypto_inb_burst_2sa_4grp_null_null_wrapper),\n+\t\tTEST_CASES_END() /**< NULL terminate unit test array */\n+\t}\n+};\n+\n+static int\n+test_ipsec(void)\n+{\n+\treturn unit_test_suite_runner(&ipsec_testsuite);\n+}\n+\n+REGISTER_TEST_COMMAND(ipsec_autotest, test_ipsec);\n",
    "prefixes": [
        "9/9"
    ]
}