diff mbox series

[v4,5/5] test/crypto: add UDP encapsulation test cases

Message ID	1631884523-836-6-git-send-email-anoobj@marvell.com (mailing list archive)
State	Superseded, archived
Delegated to:	akhil goyal
Headers	From: Anoob Joseph <anoobj@marvell.com> To: Akhil Goyal <gakhil@marvell.com>, Declan Doherty <declan.doherty@intel.com>, Fan Zhang <roy.fan.zhang@intel.com>, "Konstantin Ananyev" <konstantin.ananyev@intel.com> CC: Tejasree Kondoj <ktejasree@marvell.com>, Jerin Jacob <jerinj@marvell.com>, Archana Muniganti <marchana@marvell.com>, Hemant Agrawal <hemant.agrawal@nxp.com>, Radu Nicolau <radu.nicolau@intel.com>, Ciara Power <ciara.power@intel.com>, Gagandeep Singh <g.singh@nxp.com>, <dev@dpdk.org> Date: Fri, 17 Sep 2021 18:45:23 +0530 Message-ID: <1631884523-836-6-git-send-email-anoobj@marvell.com> In-Reply-To: <1631884523-836-1-git-send-email-anoobj@marvell.com> References: <1630644420-1256-1-git-send-email-anoobj@marvell.com> <1631884523-836-1-git-send-email-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Subject: [dpdk-dev] [PATCH v4 5/5] test/crypto: add UDP encapsulation test cases Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	Add lookaside IPsec tests \| [v4,0/5] Add lookaside IPsec tests [v4,1/5] test/crypto: add lookaside IPsec tests [v4,2/5] test/crypto: add combined mode tests [v4,3/5] test/crypto: add lookaside IPsec ICV corrupt test case [v4,4/5] test/crypto: add IV gen tests [v4,5/5] test/crypto: add UDP encapsulation test cases

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/github-robot: build	success	github build: passed
ci/iol-spell-check-testing	warning	Testing issues
ci/Intel-compilation	success	Compilation OK
ci/intel-Testing	fail	Testing issues
ci/iol-aarch64-compile-testing	success	Testing PASS
ci/iol-x86_64-unit-testing	success	Testing PASS
ci/iol-x86_64-compile-testing	success	Testing PASS

Commit Message

Anoob Joseph Sept. 17, 2021, 1:15 p.m. UTC

  From: Tejasree Kondoj <ktejasree@marvell.com>

Adding UDP encapsulation test cases.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 app/test/test_cryptodev.c                | 19 +++++++++++++++++++
 app/test/test_cryptodev_security_ipsec.c | 28 ++++++++++++++++++++++++++++
 app/test/test_cryptodev_security_ipsec.h |  1 +
 doc/guides/rel_notes/release_21_11.rst   |  7 +++++++
 4 files changed, 55 insertions(+)

Comments

Akhil Goyal Sept. 21, 2021, 4:35 p.m. UTC | #1

> Subject: [PATCH v4 5/5] test/crypto: add UDP encapsulation test cases

Test/crypto: add UDP encapsulated IPSec cases
> 
> From: Tejasree Kondoj <ktejasree@marvell.com>
> 
> Adding UDP encapsulation test cases.
Elaborate the description as well

Apart from that,
Acked-by: Akhil Goyal <gakhil@marvell.com>
> 
> Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
> ---


> +* **Added lookaside protocol (IPsec) tests in dpdk-test.**
> +
> +  * Added known vector tests (AES-GCM 128, 192, 256).
> +  * Added tests to verify error reporting with ICV corruption.
> +  * Added tests to verify IV generation.
> +  * Added tests to verify UDP encapsulation.
> +
If each case is added as a separate bullet in release notes,
Then each of them should be added in the corresponding patch.

diff mbox series

Patch

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 0422ff3..b05e2ef 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -8942,6 +8942,9 @@  test_ipsec_proto_process(const struct ipsec_test_data td[],
 	sec_cap_idx.ipsec.mode = ipsec_xform.mode;
 	sec_cap_idx.ipsec.direction = ipsec_xform.direction;
 
+	if (flags->udp_encap)
+		ipsec_xform.options.udp_encap = 1;
+
 	sec_cap = rte_security_capability_get(ctx, &sec_cap_idx);
 	if (sec_cap == NULL)
 		return TEST_SKIPPED;
@@ -9153,6 +9156,18 @@  test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused)
 }
 
 static int
+test_ipsec_proto_udp_encap(const void *data __rte_unused)
+{
+	struct ipsec_test_flags flags;
+
+	memset(&flags, 0, sizeof(flags));
+
+	flags.udp_encap = true;
+
+	return test_ipsec_proto_all(&flags);
+}
+
+static int
 test_PDCP_PROTO_all(void)
 {
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -14068,6 +14083,10 @@  static struct unit_test_suite ipsec_proto_testsuite  = {
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_iv_gen),
 		TEST_CASE_NAMED_ST(
+			"UDP encapsulation",
+			ut_setup_security, ut_teardown,
+			test_ipsec_proto_udp_encap),
+		TEST_CASE_NAMED_ST(
 			"Negative test: ICV corruption",
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_err_icv_corrupt),
diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c
index 78c7f3a..5b54996 100644
--- a/app/test/test_cryptodev_security_ipsec.c
+++ b/app/test/test_cryptodev_security_ipsec.c
@@ -7,6 +7,7 @@ 
 #include <rte_esp.h>
 #include <rte_ip.h>
 #include <rte_security.h>
+#include <rte_udp.h>
 
 #include "test.h"
 #include "test_cryptodev_security_ipsec.h"
@@ -183,6 +184,9 @@  test_ipsec_td_update(struct ipsec_test_data td_inb[],
 			int icv_pos = td_inb[i].input_text.len - 4;
 			td_inb[i].input_text.data[icv_pos] += 1;
 		}
+
+		if (flags->udp_encap)
+			td_inb[i].ipsec_xform.options.udp_encap = 1;
 	}
 }
 
@@ -268,6 +272,30 @@  test_ipsec_td_verify(struct rte_mbuf *m, const struct ipsec_test_data *td,
 	    td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
 		return TEST_SUCCESS;
 
+	if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&
+	   flags->udp_encap) {
+		const struct rte_ipv4_hdr *iph4;
+		const struct rte_ipv6_hdr *iph6;
+
+		if (td->ipsec_xform.tunnel.type ==
+				RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
+			iph4 = (const struct rte_ipv4_hdr *)output_text;
+			if (iph4->next_proto_id != IPPROTO_UDP) {
+				printf("UDP header is not found\n");
+				return TEST_FAILED;
+			}
+		} else {
+			iph6 = (const struct rte_ipv6_hdr *)output_text;
+			if (iph6->proto != IPPROTO_UDP) {
+				printf("UDP header is not found\n");
+				return TEST_FAILED;
+			}
+		}
+
+		len -= sizeof(struct rte_udp_hdr);
+		output_text += sizeof(struct rte_udp_hdr);
+	}
+
 	if (len != td->output_text.len) {
 		printf("Output length (%d) not matching with expected (%d)\n",
 			len, td->output_text.len);
diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h
index d2ec63f..e1645f4 100644
--- a/app/test/test_cryptodev_security_ipsec.h
+++ b/app/test/test_cryptodev_security_ipsec.h
@@ -51,6 +51,7 @@  struct ipsec_test_flags {
 	bool display_alg;
 	bool icv_corrupt;
 	bool iv_gen;
+	bool udp_encap;
 };
 
 struct crypto_param {
diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst
index 43d367b..30c9ccf 100644
--- a/doc/guides/rel_notes/release_21_11.rst
+++ b/doc/guides/rel_notes/release_21_11.rst
@@ -87,6 +87,13 @@  New Features
   Added command-line options to specify total number of processes and
   current process ID. Each process owns subset of Rx and Tx queues.
 
+* **Added lookaside protocol (IPsec) tests in dpdk-test.**
+
+  * Added known vector tests (AES-GCM 128, 192, 256).
+  * Added tests to verify error reporting with ICV corruption.
+  * Added tests to verify IV generation.
+  * Added tests to verify UDP encapsulation.
+
 
 Removed Items
 -------------