diff mbox series

[v4,7/7] test/crypto: dynamically build blockcipher suite

Message ID 20210512113655.568814-8-ciara.power@intel.com (mailing list archive)
State Accepted, archived
Delegated to: akhil goyal
Headers show
Series test: refactor crypto unit test framework | expand

Checks

Context Check Description
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-mellanox-Functional success Functional Testing PASS
ci/intel-Testing success Testing PASS
ci/iol-abi-testing success Testing PASS
ci/iol-testing success Testing PASS
ci/Intel-compilation success Compilation OK
ci/github-robot success github build: passed
ci/checkpatch success coding style OK

Commit Message

Ciara Power May 12, 2021, 11:36 a.m. UTC
In the existing implementation, the blockcipher test cases are being run
and reported as one test case per type, even though multiple test cases
are hidden in each. For example, "test_AES_chain_all" runs 46 test cases.
Each blockcipher type should have a testsuite instead.

The blockcipher testsuite is dynamically built, depending on the
blockcipher type chosen. The testcase struct is modified to allow
running a testcase with data, which is used for data required when
running each blockcipher testcase.

The blockcipher testsuites are added dynamically to parent testsuites
as sub-testsuites where needed.

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Tested-by: Ruifeng Wang <ruifeng.wang@arm.com>

---
v3:
  - Modified release note to reflect allowing both nested testsuites
    and testcases.
  - Blockcipher testsuites now only need to be added to the cryptodev
    parent testsuite, and various scheduler sub-testsuites.
  - Setup functions are added for each blockcipher testsuite,
    and capabilities are checked in them.
v2:
  - Squashed release note patch into this patch.
  - Modified the build blockcipher suite function to use the testcases
    flexible array, and return a testsuite pointer.
---
 app/test/test.c                        |  11 +-
 app/test/test.h                        |  16 +-
 app/test/test_cryptodev.c              | 161 +++-------
 app/test/test_cryptodev_blockcipher.c  | 421 ++++++++++++++++++++++---
 app/test/test_cryptodev_blockcipher.h  |  12 +-
 doc/guides/rel_notes/release_21_05.rst |   5 +
 6 files changed, 447 insertions(+), 179 deletions(-)
diff mbox series

Patch

diff --git a/app/test/test.c b/app/test/test.c
index ac0a66392a..173d202e47 100644
--- a/app/test/test.c
+++ b/app/test/test.c
@@ -38,7 +38,8 @@  extern cmdline_parse_ctx_t main_ctx[];
 
 #define FOR_EACH_SUITE_TESTCASE(iter, suite, case)			\
 	for (iter = 0, case = suite->unit_test_cases[0];		\
-		suite->unit_test_cases[iter].testcase;			\
+		suite->unit_test_cases[iter].testcase ||		\
+		suite->unit_test_cases[iter].testcase_with_data;	\
 		iter++, case = suite->unit_test_cases[iter])
 
 #define FOR_EACH_SUITE_TESTSUITE(iter, suite, sub_ts)			\
@@ -341,7 +342,13 @@  unit_test_suite_runner(struct unit_test_suite *suite)
 
 		if (test_success == TEST_SUCCESS) {
 			/* run the test case */
-			test_success = tc.testcase();
+			if (tc.testcase)
+				test_success = tc.testcase();
+			else if (tc.testcase_with_data)
+				test_success = tc.testcase_with_data(tc.data);
+			else
+				test_success = -ENOTSUP;
+
 			if (test_success == TEST_SUCCESS)
 				suite->succeeded++;
 			else if (test_success == TEST_SKIPPED)
diff --git a/app/test/test.h b/app/test/test.h
index f277df7c9d..c3b2a877ec 100644
--- a/app/test/test.h
+++ b/app/test/test.h
@@ -108,24 +108,28 @@  struct unit_test_case {
 	int (*setup)(void);
 	void (*teardown)(void);
 	int (*testcase)(void);
+	int (*testcase_with_data)(const void *data);
 	const char *name;
 	unsigned enabled;
+	const void *data;
 };
 
-#define TEST_CASE(fn) { NULL, NULL, fn, #fn, 1 }
+#define TEST_CASE(fn) { NULL, NULL, fn, NULL, #fn, 1, NULL }
 
-#define TEST_CASE_NAMED(name, fn) { NULL, NULL, fn, name, 1 }
+#define TEST_CASE_NAMED(name, fn) { NULL, NULL, fn, NULL, name, 1, NULL }
 
 #define TEST_CASE_ST(setup, teardown, testcase) \
-		{ setup, teardown, testcase, #testcase, 1 }
+		{ setup, teardown, testcase, NULL, #testcase, 1, NULL }
 
+#define TEST_CASE_WITH_DATA(setup, teardown, testcase, data) \
+		{ setup, teardown, NULL, testcase, #testcase, 1, data }
 
-#define TEST_CASE_DISABLED(fn) { NULL, NULL, fn, #fn, 0 }
+#define TEST_CASE_DISABLED(fn) { NULL, NULL, fn, NULL, #fn, 0, NULL }
 
 #define TEST_CASE_ST_DISABLED(setup, teardown, testcase) \
-		{ setup, teardown, testcase, #testcase, 0 }
+		{ setup, teardown, testcase, NULL, #testcase, 0, NULL }
 
-#define TEST_CASES_END() { NULL, NULL, NULL, NULL, 0 }
+#define TEST_CASES_END() { NULL, NULL, NULL, NULL, NULL, 0, NULL }
 
 static inline void
 debug_hexdump(FILE *file, const char *title, const void *buf, size_t len)
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index cf0b69445e..736952a9e6 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -103,6 +103,15 @@  struct crypto_unittest_params {
 	for (j = 0; j < num_child_ts; index++, j++)			\
 		parent_ts.unit_test_suites[index] = child_ts[j]
 
+#define ADD_BLOCKCIPHER_TESTSUITE(index, parent_ts, blk_types, num_blk_types)	\
+	for (j = 0; j < num_blk_types; index++, j++)				\
+		parent_ts.unit_test_suites[index] =				\
+				build_blockcipher_test_suite(blk_types[j])
+
+#define FREE_BLOCKCIPHER_TESTSUITE(index, parent_ts, num_blk_types)		\
+	for (j = index; j < index + num_blk_types; j++)				\
+		free_blockcipher_test_suite(parent_ts.unit_test_suites[j])
+
 /*
  * Forward declarations.
  */
@@ -2312,80 +2321,6 @@  test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
 	return TEST_SUCCESS;
 }
 
-static int
-test_blockcipher(enum blockcipher_test_type test_type)
-{
-	struct crypto_testsuite_params *ts_params = &testsuite_params;
-	int status;
-
-	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
-		ts_params->op_mpool,
-		ts_params->session_mpool, ts_params->session_priv_mpool,
-		ts_params->valid_devs[0],
-		test_type);
-
-	if (status == -ENOTSUP)
-		return status;
-
-	TEST_ASSERT_EQUAL(status, 0, "Test failed");
-
-	return TEST_SUCCESS;
-}
-
-static int
-test_AES_cipheronly_all(void)
-{
-	return test_blockcipher(BLKCIPHER_AES_CIPHERONLY_TYPE);
-}
-
-static int
-test_AES_docsis_all(void)
-{
-	/* Data-path service does not support DOCSIS yet */
-	if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
-		return TEST_SKIPPED;
-	return test_blockcipher(BLKCIPHER_AES_DOCSIS_TYPE);
-}
-
-static int
-test_DES_docsis_all(void)
-{
-	/* Data-path service does not support DOCSIS yet */
-	if (global_api_test_type == CRYPTODEV_RAW_API_TEST)
-		return TEST_SKIPPED;
-	return test_blockcipher(BLKCIPHER_DES_DOCSIS_TYPE);
-}
-
-static int
-test_DES_cipheronly_all(void)
-{
-	return test_blockcipher(BLKCIPHER_DES_CIPHERONLY_TYPE);
-}
-
-static int
-test_authonly_all(void)
-{
-	return test_blockcipher(BLKCIPHER_AUTHONLY_TYPE);
-}
-
-static int
-test_AES_chain_all(void)
-{
-	return test_blockcipher(BLKCIPHER_AES_CHAIN_TYPE);
-}
-
-static int
-test_3DES_chain_all(void)
-{
-	return test_blockcipher(BLKCIPHER_3DES_CHAIN_TYPE);
-}
-
-static int
-test_3DES_cipheronly_all(void)
-{
-	return test_blockcipher(BLKCIPHER_3DES_CIPHERONLY_TYPE);
-}
-
 /* ***** SNOW 3G Tests ***** */
 static int
 create_wireless_algo_hash_session(uint8_t dev_id,
@@ -13798,14 +13733,6 @@  static struct unit_test_suite cryptodev_gen_testsuite  = {
 				test_queue_pair_descriptor_setup),
 		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_device_configure_invalid_queue_pair_ids),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_chain_all),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_cipheronly_all),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_DES_cipheronly_all),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_AES_docsis_all),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_DES_docsis_all),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all),
 		TEST_CASE_ST(ut_setup, ut_teardown, test_stats),
 		TEST_CASE_ST(ut_setup, ut_teardown, test_enq_callback_setup),
 		TEST_CASE_ST(ut_setup, ut_teardown, test_deq_callback_setup),
@@ -14533,7 +14460,16 @@  static struct unit_test_suite cryptodev_mixed_cipher_hash_testsuite  = {
 static int
 run_cryptodev_testsuite(const char *pmd_name)
 {
-	uint8_t ret, j, i = 0;
+	uint8_t ret, j, i = 0, blk_start_idx = 0;
+	const enum blockcipher_test_type blk_suites[] = {
+		BLKCIPHER_AES_CHAIN_TYPE,
+		BLKCIPHER_AES_CIPHERONLY_TYPE,
+		BLKCIPHER_AES_DOCSIS_TYPE,
+		BLKCIPHER_3DES_CHAIN_TYPE,
+		BLKCIPHER_3DES_CIPHERONLY_TYPE,
+		BLKCIPHER_DES_CIPHERONLY_TYPE,
+		BLKCIPHER_DES_DOCSIS_TYPE,
+		BLKCIPHER_AUTHONLY_TYPE};
 	struct unit_test_suite *static_suites[] = {
 		&cryptodev_multi_session_testsuite,
 		&cryptodev_null_testsuite,
@@ -14572,11 +14508,13 @@  run_cryptodev_testsuite(const char *pmd_name)
 	}
 
 	ts.unit_test_suites = malloc(sizeof(struct unit_test_suite *) *
-			RTE_DIM(static_suites));
+			(RTE_DIM(blk_suites) + RTE_DIM(static_suites)));
 
+	ADD_BLOCKCIPHER_TESTSUITE(i, ts, blk_suites, RTE_DIM(blk_suites));
 	ADD_STATIC_TESTSUITE(i, ts, static_suites, RTE_DIM(static_suites));
 	ret = unit_test_suite_runner(&ts);
 
+	FREE_BLOCKCIPHER_TESTSUITE(blk_start_idx, ts, RTE_DIM(blk_suites));
 	free(ts.unit_test_suites);
 	return ret;
 }
@@ -14674,54 +14612,35 @@  test_cryptodev_mrvl(void)
 static int
 test_cryptodev_scheduler(void /*argv __rte_unused, int argc __rte_unused*/)
 {
-	uint8_t ret, j, i = 0;
+	uint8_t ret, sched_i, j, i = 0, blk_start_idx = 0;
+	const enum blockcipher_test_type blk_suites[] = {
+		BLKCIPHER_AES_CHAIN_TYPE,
+		BLKCIPHER_AES_CIPHERONLY_TYPE,
+		BLKCIPHER_AUTHONLY_TYPE
+	};
 	static struct unit_test_suite scheduler_multicore = {
 		.suite_name = "Scheduler Multicore Unit Test Suite",
 		.setup = scheduler_multicore_testsuite_setup,
 		.teardown = scheduler_mode_testsuite_teardown,
-		.unit_test_cases = {
-			TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
-			TEST_CASE_ST(ut_setup, ut_teardown,
-					test_AES_cipheronly_all),
-			TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all),
-			TEST_CASES_END()
-		}
+		.unit_test_cases = {TEST_CASES_END()}
 	};
 	static struct unit_test_suite scheduler_round_robin = {
 		.suite_name = "Scheduler Round Robin Unit Test Suite",
 		.setup = scheduler_roundrobin_testsuite_setup,
 		.teardown = scheduler_mode_testsuite_teardown,
-		.unit_test_cases = {
-			TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
-			TEST_CASE_ST(ut_setup, ut_teardown,
-					test_AES_cipheronly_all),
-			TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all),
-			TEST_CASES_END()
-		}
+		.unit_test_cases = {TEST_CASES_END()}
 	};
 	static struct unit_test_suite scheduler_failover = {
 		.suite_name = "Scheduler Failover Unit Test Suite",
 		.setup = scheduler_failover_testsuite_setup,
 		.teardown = scheduler_mode_testsuite_teardown,
-		.unit_test_cases = {
-			TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
-			TEST_CASE_ST(ut_setup, ut_teardown,
-					test_AES_cipheronly_all),
-			TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all),
-			TEST_CASES_END()
-		}
+		.unit_test_cases = {TEST_CASES_END()}
 	};
 	static struct unit_test_suite scheduler_pkt_size_distr = {
 		.suite_name = "Scheduler Pkt Size Distr Unit Test Suite",
 		.setup = scheduler_pkt_size_distr_testsuite_setup,
 		.teardown = scheduler_mode_testsuite_teardown,
-		.unit_test_cases = {
-			TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all),
-			TEST_CASE_ST(ut_setup, ut_teardown,
-					test_AES_cipheronly_all),
-			TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all),
-			TEST_CASES_END()
-		}
+		.unit_test_cases = {TEST_CASES_END()}
 	};
 	struct unit_test_suite *sched_mode_suites[] = {
 		&scheduler_multicore,
@@ -14767,6 +14686,16 @@  test_cryptodev_scheduler(void /*argv __rte_unused, int argc __rte_unused*/)
 		return TEST_SKIPPED;
 	}
 
+	for (sched_i = 0; sched_i < RTE_DIM(sched_mode_suites); sched_i++) {
+		uint8_t blk_i = 0;
+		sched_mode_suites[sched_i]->unit_test_suites = malloc(sizeof
+				(struct unit_test_suite *) *
+				(RTE_DIM(blk_suites) + 1));
+		ADD_BLOCKCIPHER_TESTSUITE(blk_i, (*sched_mode_suites[sched_i]),
+				blk_suites, RTE_DIM(blk_suites));
+		sched_mode_suites[sched_i]->unit_test_suites[blk_i] = &end_testsuite;
+	}
+
 	ts.unit_test_suites = malloc(sizeof(struct unit_test_suite *) *
 			(RTE_DIM(static_suites) + RTE_DIM(sched_mode_suites)));
 	ADD_STATIC_TESTSUITE(i, ts, sched_mode_suites,
@@ -14774,6 +14703,12 @@  test_cryptodev_scheduler(void /*argv __rte_unused, int argc __rte_unused*/)
 	ADD_STATIC_TESTSUITE(i, ts, static_suites, RTE_DIM(static_suites));
 	ret = unit_test_suite_runner(&ts);
 
+	for (sched_i = 0; sched_i < RTE_DIM(sched_mode_suites); sched_i++) {
+		FREE_BLOCKCIPHER_TESTSUITE(blk_start_idx,
+				(*sched_mode_suites[sched_i]),
+				RTE_DIM(blk_suites));
+		free(sched_mode_suites[sched_i]->unit_test_suites);
+	}
 	free(ts.unit_test_suites);
 	return ret;
 }
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 411968837f..d342c7b859 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -813,82 +813,401 @@  test_blockcipher_one_case(const struct blockcipher_test_case *t,
 	return status;
 }
 
-int
-test_blockcipher_all_tests(struct rte_mempool *mbuf_pool,
-	struct rte_mempool *op_mpool,
-	struct rte_mempool *sess_mpool,
-	struct rte_mempool *sess_priv_mpool,
-	uint8_t dev_id,
-	enum blockcipher_test_type test_type)
+static int
+blockcipher_test_case_run(const void *data)
 {
-	int status, overall_status = TEST_SUCCESS;
-	uint32_t i, test_index = 0;
+	const struct blockcipher_test_case *tc_data = data;
+	int status;
 	char test_msg[BLOCKCIPHER_TEST_MSG_LEN + 1];
-	uint32_t n_test_cases = 0;
-	const struct blockcipher_test_case *tcs = NULL;
+
+	status = test_blockcipher_one_case(tc_data,
+			p_testsuite_params->mbuf_pool,
+			p_testsuite_params->op_mpool,
+			p_testsuite_params->session_mpool,
+			p_testsuite_params->session_priv_mpool,
+			p_testsuite_params->valid_devs[0],
+			test_msg);
+	return status;
+}
+
+static int
+aes_chain_setup(void)
+{
+	uint8_t dev_id = p_testsuite_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	uint64_t feat_flags;
+	const enum rte_crypto_cipher_algorithm ciphers[] = {
+		RTE_CRYPTO_CIPHER_NULL,
+		RTE_CRYPTO_CIPHER_AES_CTR,
+		RTE_CRYPTO_CIPHER_AES_CBC
+	};
+	const enum rte_crypto_auth_algorithm auths[] = {
+		RTE_CRYPTO_AUTH_NULL,
+		RTE_CRYPTO_AUTH_SHA1_HMAC,
+		RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+		RTE_CRYPTO_AUTH_SHA256_HMAC,
+		RTE_CRYPTO_AUTH_SHA512_HMAC,
+		RTE_CRYPTO_AUTH_SHA224_HMAC,
+		RTE_CRYPTO_AUTH_SHA384_HMAC
+	};
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	feat_flags = dev_info.feature_flags;
+
+	if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
+			((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+			!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+		RTE_LOG(INFO, USER1, "Feature flag requirements for AES Chain "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0
+			&& check_auth_capabilities_supported(auths,
+			RTE_DIM(auths)) != 0) {
+		RTE_LOG(INFO, USER1, "Capability requirements for AES Chain "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	return 0;
+}
+
+static int
+aes_cipheronly_setup(void)
+{
+	uint8_t dev_id = p_testsuite_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	uint64_t feat_flags;
+	const enum rte_crypto_cipher_algorithm ciphers[] = {
+		RTE_CRYPTO_CIPHER_NULL,
+		RTE_CRYPTO_CIPHER_AES_CTR,
+		RTE_CRYPTO_CIPHER_AES_CBC,
+		RTE_CRYPTO_CIPHER_AES_ECB,
+		RTE_CRYPTO_CIPHER_AES_XTS
+	};
+	const enum rte_crypto_auth_algorithm auths[] = {
+		RTE_CRYPTO_AUTH_NULL,
+		RTE_CRYPTO_AUTH_SHA1_HMAC,
+		RTE_CRYPTO_AUTH_AES_XCBC_MAC
+	};
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	feat_flags = dev_info.feature_flags;
+
+	if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
+			((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+			!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+		RTE_LOG(INFO, USER1, "Feature flag requirements for AES Cipheronly "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0
+			&& check_auth_capabilities_supported(auths,
+			RTE_DIM(auths)) != 0) {
+		RTE_LOG(INFO, USER1, "Capability requirements for AES Cipheronly "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	return 0;
+}
+
+static int
+aes_docsis_setup(void)
+{
+	uint8_t dev_id = p_testsuite_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	uint64_t feat_flags;
+	const enum rte_crypto_cipher_algorithm ciphers[] = {
+		RTE_CRYPTO_CIPHER_AES_DOCSISBPI
+	};
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	feat_flags = dev_info.feature_flags;
+
+	/* Data-path service does not support DOCSIS yet */
+	if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
+			(global_api_test_type == CRYPTODEV_RAW_API_TEST)) {
+		RTE_LOG(INFO, USER1, "Feature flag requirements for AES Docsis "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) {
+		RTE_LOG(INFO, USER1, "Capability requirements for AES Docsis "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	return 0;
+}
+
+static int
+triple_des_chain_setup(void)
+{
+	uint8_t dev_id = p_testsuite_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	uint64_t feat_flags;
+	const enum rte_crypto_cipher_algorithm ciphers[] = {
+		RTE_CRYPTO_CIPHER_3DES_CTR,
+		RTE_CRYPTO_CIPHER_3DES_CBC
+	};
+	const enum rte_crypto_auth_algorithm auths[] = {
+		RTE_CRYPTO_AUTH_SHA1_HMAC,
+		RTE_CRYPTO_AUTH_SHA1
+	};
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	feat_flags = dev_info.feature_flags;
+
+	if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
+			((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+			!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+		RTE_LOG(INFO, USER1, "Feature flag requirements for 3DES Chain "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0
+			&& check_auth_capabilities_supported(auths,
+			RTE_DIM(auths)) != 0) {
+		RTE_LOG(INFO, USER1, "Capability requirements for 3DES Chain "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	return 0;
+}
+
+static int
+triple_des_cipheronly_setup(void)
+{
+	uint8_t dev_id = p_testsuite_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	uint64_t feat_flags;
+	const enum rte_crypto_cipher_algorithm ciphers[] = {
+		RTE_CRYPTO_CIPHER_3DES_CTR,
+		RTE_CRYPTO_CIPHER_3DES_CBC
+	};
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	feat_flags = dev_info.feature_flags;
+
+	if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
+			((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+			!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+		RTE_LOG(INFO, USER1, "Feature flag requirements for 3DES "
+				"Cipheronly testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) {
+		RTE_LOG(INFO, USER1, "Capability requirements for 3DES "
+				"Cipheronly testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	return 0;
+}
+
+static int
+des_cipheronly_setup(void)
+{
+	uint8_t dev_id = p_testsuite_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	uint64_t feat_flags;
+	const enum rte_crypto_cipher_algorithm ciphers[] = {
+		RTE_CRYPTO_CIPHER_DES_CBC
+	};
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	feat_flags = dev_info.feature_flags;
+
+	if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
+			((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+			!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+		RTE_LOG(INFO, USER1, "Feature flag requirements for DES "
+				"Cipheronly testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) {
+		RTE_LOG(INFO, USER1, "Capability requirements for DES "
+				"Cipheronly testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	return 0;
+}
+
+static int
+des_docsis_setup(void)
+{
+	uint8_t dev_id = p_testsuite_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	uint64_t feat_flags;
+	const enum rte_crypto_cipher_algorithm ciphers[] = {
+		RTE_CRYPTO_CIPHER_DES_DOCSISBPI
+	};
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	feat_flags = dev_info.feature_flags;
+
+	/* Data-path service does not support DOCSIS yet */
+	if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
+			(global_api_test_type == CRYPTODEV_RAW_API_TEST)) {
+		RTE_LOG(INFO, USER1, "Feature flag requirements for DES Docsis "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) {
+		RTE_LOG(INFO, USER1, "Capability requirements for DES Docsis "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	return 0;
+}
+
+static int
+authonly_setup(void)
+{
+	uint8_t dev_id = p_testsuite_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	uint64_t feat_flags;
+	const enum rte_crypto_auth_algorithm auths[] = {
+		RTE_CRYPTO_AUTH_MD5,
+		RTE_CRYPTO_AUTH_MD5_HMAC,
+		RTE_CRYPTO_AUTH_SHA1,
+		RTE_CRYPTO_AUTH_SHA1_HMAC,
+		RTE_CRYPTO_AUTH_SHA224,
+		RTE_CRYPTO_AUTH_SHA224_HMAC,
+		RTE_CRYPTO_AUTH_SHA256,
+		RTE_CRYPTO_AUTH_SHA256_HMAC,
+		RTE_CRYPTO_AUTH_SHA384,
+		RTE_CRYPTO_AUTH_SHA384_HMAC,
+		RTE_CRYPTO_AUTH_SHA512,
+		RTE_CRYPTO_AUTH_SHA512_HMAC,
+		RTE_CRYPTO_AUTH_AES_CMAC,
+		RTE_CRYPTO_AUTH_NULL,
+		RTE_CRYPTO_AUTH_AES_XCBC_MAC
+	};
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	feat_flags = dev_info.feature_flags;
+
+	if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
+			((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
+			!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
+		RTE_LOG(INFO, USER1, "Feature flag requirements for Auth Only "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	if (check_auth_capabilities_supported(auths, RTE_DIM(auths)) != 0) {
+		RTE_LOG(INFO, USER1, "Capability requirements for Auth Only "
+				"testsuite not met\n");
+		return TEST_SKIPPED;
+	}
+
+	return 0;
+}
+
+struct unit_test_suite *
+build_blockcipher_test_suite(enum blockcipher_test_type test_type)
+{
+	int i, n_test_cases = 0;
+	struct unit_test_suite *ts;
+	const char *ts_name = NULL;
+	const struct blockcipher_test_case *blk_tcs;
+	struct unit_test_case *tc;
+	int (*ts_setup)(void) = NULL;
 
 	switch (test_type) {
 	case BLKCIPHER_AES_CHAIN_TYPE:
-		n_test_cases = sizeof(aes_chain_test_cases) /
-		sizeof(aes_chain_test_cases[0]);
-		tcs = aes_chain_test_cases;
+		n_test_cases = RTE_DIM(aes_chain_test_cases);
+		blk_tcs = aes_chain_test_cases;
+		ts_name = "AES Chain";
+		ts_setup = aes_chain_setup;
 		break;
 	case BLKCIPHER_AES_CIPHERONLY_TYPE:
-		n_test_cases = sizeof(aes_cipheronly_test_cases) /
-		sizeof(aes_cipheronly_test_cases[0]);
-		tcs = aes_cipheronly_test_cases;
+		n_test_cases = RTE_DIM(aes_cipheronly_test_cases);
+		blk_tcs = aes_cipheronly_test_cases;
+		ts_name = "AES Cipher Only";
+		ts_setup = aes_cipheronly_setup;
 		break;
 	case BLKCIPHER_AES_DOCSIS_TYPE:
-		n_test_cases = sizeof(aes_docsis_test_cases) /
-		sizeof(aes_docsis_test_cases[0]);
-		tcs = aes_docsis_test_cases;
+		n_test_cases = RTE_DIM(aes_docsis_test_cases);
+		blk_tcs = aes_docsis_test_cases;
+		ts_name = "AES Docsis";
+		ts_setup = aes_docsis_setup;
 		break;
 	case BLKCIPHER_3DES_CHAIN_TYPE:
-		n_test_cases = sizeof(triple_des_chain_test_cases) /
-		sizeof(triple_des_chain_test_cases[0]);
-		tcs = triple_des_chain_test_cases;
+		n_test_cases = RTE_DIM(triple_des_chain_test_cases);
+		blk_tcs = triple_des_chain_test_cases;
+		ts_name = "3DES Chain";
+		ts_setup = triple_des_chain_setup;
 		break;
 	case BLKCIPHER_3DES_CIPHERONLY_TYPE:
-		n_test_cases = sizeof(triple_des_cipheronly_test_cases) /
-		sizeof(triple_des_cipheronly_test_cases[0]);
-		tcs = triple_des_cipheronly_test_cases;
+		n_test_cases = RTE_DIM(triple_des_cipheronly_test_cases);
+		blk_tcs = triple_des_cipheronly_test_cases;
+		ts_name = "3DES Cipher Only";
+		ts_setup = triple_des_cipheronly_setup;
 		break;
 	case BLKCIPHER_DES_CIPHERONLY_TYPE:
-		n_test_cases = sizeof(des_cipheronly_test_cases) /
-		sizeof(des_cipheronly_test_cases[0]);
-		tcs = des_cipheronly_test_cases;
+		n_test_cases = RTE_DIM(des_cipheronly_test_cases);
+		blk_tcs = des_cipheronly_test_cases;
+		ts_name = "DES Cipher Only";
+		ts_setup = des_cipheronly_setup;
 		break;
 	case BLKCIPHER_DES_DOCSIS_TYPE:
-		n_test_cases = sizeof(des_docsis_test_cases) /
-		sizeof(des_docsis_test_cases[0]);
-		tcs = des_docsis_test_cases;
+		n_test_cases = RTE_DIM(des_docsis_test_cases);
+		blk_tcs = des_docsis_test_cases;
+		ts_name = "DES Docsis";
+		ts_setup = des_docsis_setup;
 		break;
 	case BLKCIPHER_AUTHONLY_TYPE:
-		n_test_cases = sizeof(hash_test_cases) /
-		sizeof(hash_test_cases[0]);
-		tcs = hash_test_cases;
+		n_test_cases = RTE_DIM(hash_test_cases);
+		blk_tcs = hash_test_cases;
+		ts_name = "Auth Only";
+		ts_setup = authonly_setup;
 		break;
 	default:
 		break;
 	}
 
-	for (i = 0; i < n_test_cases; i++) {
-		const struct blockcipher_test_case *tc = &tcs[i];
+	ts = calloc(1, sizeof(struct unit_test_suite) +
+			(sizeof(struct unit_test_case) * (n_test_cases + 1)));
+	ts->suite_name = ts_name;
+	ts->setup = ts_setup;
 
-		status = test_blockcipher_one_case(tc, mbuf_pool, op_mpool,
-			sess_mpool, sess_priv_mpool, dev_id,
-			test_msg);
-
-		printf("  %u) TestCase %s %s\n", test_index ++,
-			tc->test_descr, test_msg);
-
-		if (status == TEST_FAILED) {
-			overall_status = status;
-
-			if (tc->feature_mask & BLOCKCIPHER_TEST_FEATURE_STOPPER)
-				break;
-		}
+	for (i = 0; i < n_test_cases; i++) {
+		tc = &ts->unit_test_cases[i];
+		tc->name = blk_tcs[i].test_descr;
+		tc->enabled = 1;
+		tc->setup = ut_setup;
+		tc->teardown = ut_teardown;
+		tc->testcase = NULL;
+		tc->testcase_with_data = blockcipher_test_case_run;
+		tc->data = &blk_tcs[i];
 	}
+	tc = &ts->unit_test_cases[i];
+	tc->name = NULL;
+	tc->enabled = 0;
+	tc->setup = NULL;
+	tc->teardown = NULL;
+	tc->testcase = NULL;
+	tc->testcase_with_data = NULL;
+	tc->data = NULL;
+
+	return ts;
+}
 
-	return overall_status;
+void
+free_blockcipher_test_suite(struct unit_test_suite *ts)
+{
+	free(ts);
 }
diff --git a/app/test/test_cryptodev_blockcipher.h b/app/test/test_cryptodev_blockcipher.h
index 145d8da07e..a06241b06d 100644
--- a/app/test/test_cryptodev_blockcipher.h
+++ b/app/test/test_cryptodev_blockcipher.h
@@ -99,12 +99,10 @@  struct blockcipher_test_data {
 	unsigned int auth_offset;
 };
 
-int
-test_blockcipher_all_tests(struct rte_mempool *mbuf_pool,
-	struct rte_mempool *op_mpool,
-	struct rte_mempool *sess_mpool,
-	struct rte_mempool *sess_priv_mpool,
-	uint8_t dev_id,
-	enum blockcipher_test_type test_type);
+struct unit_test_suite *
+build_blockcipher_test_suite(enum blockcipher_test_type test_type);
+
+void
+free_blockcipher_test_suite(struct unit_test_suite *ts);
 
 #endif /* TEST_CRYPTODEV_BLOCKCIPHER_H_ */
diff --git a/doc/guides/rel_notes/release_21_05.rst b/doc/guides/rel_notes/release_21_05.rst
index 30dec1c1d1..6f621b310f 100644
--- a/doc/guides/rel_notes/release_21_05.rst
+++ b/doc/guides/rel_notes/release_21_05.rst
@@ -287,6 +287,11 @@  New Features
   * Added support for crypto adapter forward mode in octeontx2 event and crypto
     device driver.
 
+* **Added sub-testsuite support.**
+
+  * The unit test suite struct now supports having both a nested
+    list of sub-testsuites, and a list of testcases as before.
+
 
 Removed Items
 -------------