Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/105580/?format=api
{ "id": 105580, "url": "http://patchwork.dpdk.org/api/patches/105580/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20220103150813.1694888-6-gakhil@marvell.com/", "project": { "id": 1, "url": "http://patchwork.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20220103150813.1694888-6-gakhil@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20220103150813.1694888-6-gakhil@marvell.com", "date": "2022-01-03T15:08:10", "name": "[5/8] app/test: add unit cases for inline IPsec offload", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "b613c800502fe9849a80d79ead402d1792dce4b8", "submitter": { "id": 2094, "url": "http://patchwork.dpdk.org/api/people/2094/?format=api", "name": "Akhil Goyal", "email": "gakhil@marvell.com" }, "delegate": { "id": 1, "url": "http://patchwork.dpdk.org/api/users/1/?format=api", "username": "tmonjalo", "first_name": "Thomas", "last_name": "Monjalon", "email": "thomas@monjalon.net" }, "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20220103150813.1694888-6-gakhil@marvell.com/mbox/", "series": [ { "id": 21052, "url": "http://patchwork.dpdk.org/api/series/21052/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=21052", "date": "2022-01-03T15:08:05", "name": "ethdev: introduce IP reassembly offload", "version": 1, "mbox": "http://patchwork.dpdk.org/series/21052/mbox/" } ], "comments": "http://patchwork.dpdk.org/api/patches/105580/comments/", "check": "warning", "checks": "http://patchwork.dpdk.org/api/patches/105580/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 5ED22A04A3;\n\tMon, 3 Jan 2022 16:09:07 +0100 (CET)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 20DFB41153;\n\tMon, 3 Jan 2022 16:08:56 +0100 (CET)", "from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com\n [67.231.148.174])\n by mails.dpdk.org (Postfix) with ESMTP id 9C3EB41152\n for <dev@dpdk.org>; Mon, 3 Jan 2022 16:08:54 +0100 (CET)", "from pps.filterd (m0045849.ppops.net [127.0.0.1])\n by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id\n 203CCe1M013971;\n Mon, 3 Jan 2022 07:08:52 -0800", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3dbmvswf9q-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Mon, 03 Jan 2022 07:08:52 -0800", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;\n Mon, 3 Jan 2022 07:08:51 -0800", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend\n Transport; Mon, 3 Jan 2022 07:08:51 -0800", "from localhost.localdomain (unknown [10.28.48.55])\n by maili.marvell.com (Postfix) with ESMTP id A89E13F70C0;\n Mon, 3 Jan 2022 07:08:47 -0800 (PST)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=Fmwyo8Lfzr2/kwgrgOdM1uHMHH3GfInBhn9aU1872jA=;\n b=doBUeExjaPAQoaWfINkQ4g/LbFNEQGD7J3yinkjFsqe86fGyPPQorAPga8jPVstMe65w\n B7Y5LmbgHGnrFOQpSqX8QW02IkQcPtQrBZt/WBvWRZ3KBP4UEwiorJ22sp15wDqJMPCK\n 27z+5TgKnZ6ConFQeakOFsw1QK+dO7jLs1+d/3PXDkH1PWZaP/guLbS8CcYfT/aaI67L\n +zOVCc5sFwnrgbcI/9/C1a33ahhDLqWGHy3AWAgEzuLk4fOYwXMG21n6omLlLteRJxrX\n HHPFhale0pkhKq2T7n0X/92lrRAUkw/FNTonWlxx8AaVxSePHlRmC7djxVWkUCRmyhCY xg==", "From": "Akhil Goyal <gakhil@marvell.com>", "To": "<dev@dpdk.org>", "CC": "<anoobj@marvell.com>, <radu.nicolau@intel.com>,\n <declan.doherty@intel.com>,\n <hemant.agrawal@nxp.com>, <matan@nvidia.com>,\n <konstantin.ananyev@intel.com>, <thomas@monjalon.net>,\n <ferruh.yigit@intel.com>, <andrew.rybchenko@oktetlabs.ru>,\n <olivier.matz@6wind.com>, <rosen.xu@intel.com>, Akhil Goyal\n <gakhil@marvell.com>", "Subject": "[PATCH 5/8] app/test: add unit cases for inline IPsec offload", "Date": "Mon, 3 Jan 2022 20:38:10 +0530", "Message-ID": "<20220103150813.1694888-6-gakhil@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20220103150813.1694888-1-gakhil@marvell.com>", "References": "<20210823100259.1619886-1-gakhil@marvell.com>\n <20220103150813.1694888-1-gakhil@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-ORIG-GUID": "qgOLBXcyE7j4Y_UkmHNFbZ9AYuLeTBuV", "X-Proofpoint-GUID": "qgOLBXcyE7j4Y_UkmHNFbZ9AYuLeTBuV", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513\n definitions=2022-01-03_06,2022-01-01_01,2021-12-02_01", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "A new test suite is added in test app to test inline IPsec protocol\noffload. In this patch, a couple of predefined plain and cipher test\nvectors are used to verify the IPsec functionality without the need of\nexternal traffic generators. The sent packet is loopbacked onto the same\ninterface which is received and matched with the expected output.\nThe test suite can be updated further with other functional test cases.\nThe testsuite can be run using:\nRTE> inline_ipsec_autotest\n\nSigned-off-by: Akhil Goyal <gakhil@marvell.com>\n---\n app/test/meson.build | 1 +\n app/test/test_inline_ipsec.c | 728 ++++++++++++++++++\n .../test_inline_ipsec_reassembly_vectors.h | 198 +++++\n 3 files changed, 927 insertions(+)\n create mode 100644 app/test/test_inline_ipsec.c\n create mode 100644 app/test/test_inline_ipsec_reassembly_vectors.h", "diff": "diff --git a/app/test/meson.build b/app/test/meson.build\nindex 2b480adfba..9c88240e3f 100644\n--- a/app/test/meson.build\n+++ b/app/test/meson.build\n@@ -74,6 +74,7 @@ test_sources = files(\n 'test_hash_readwrite.c',\n 'test_hash_perf.c',\n 'test_hash_readwrite_lf_perf.c',\n+\t'test_inline_ipsec.c',\n 'test_interrupts.c',\n 'test_ipfrag.c',\n 'test_ipsec.c',\ndiff --git a/app/test/test_inline_ipsec.c b/app/test/test_inline_ipsec.c\nnew file mode 100644\nindex 0000000000..54b56ba9e8\n--- /dev/null\n+++ b/app/test/test_inline_ipsec.c\n@@ -0,0 +1,728 @@\n+/* SPDX-License-Identifier: BSD-3-Clause\n+ * Copyright(C) 2021 Marvell.\n+ */\n+\n+\n+#include <stdio.h>\n+#include <inttypes.h>\n+#include <signal.h>\n+#include <unistd.h>\n+#include <rte_cycles.h>\n+#include <rte_ethdev.h>\n+#include <rte_security.h>\n+#include <rte_ipsec.h>\n+#include <rte_byteorder.h>\n+#include <rte_atomic.h>\n+#include <rte_malloc.h>\n+#include \"test_inline_ipsec_reassembly_vectors.h\"\n+#include \"test.h\"\n+\n+#define NB_ETHPORTS_USED (1)\n+#define NB_SOCKETS (2)\n+#define MEMPOOL_CACHE_SIZE 32\n+#define MAX_PKT_BURST (32)\n+#define RTE_TEST_RX_DESC_DEFAULT (1024)\n+#define RTE_TEST_TX_DESC_DEFAULT (1024)\n+#define RTE_PORT_ALL (~(uint16_t)0x0)\n+\n+/*\n+ * RX and TX Prefetch, Host, and Write-back threshold values should be\n+ * carefully set for optimal performance. Consult the network\n+ * controller's datasheet and supporting DPDK documentation for guidance\n+ * on how these parameters should be set.\n+ */\n+#define RX_PTHRESH 8 /**< Default values of RX prefetch threshold reg. */\n+#define RX_HTHRESH 8 /**< Default values of RX host threshold reg. */\n+#define RX_WTHRESH 0 /**< Default values of RX write-back threshold reg. */\n+\n+#define TX_PTHRESH 32 /**< Default values of TX prefetch threshold reg. */\n+#define TX_HTHRESH 0 /**< Default values of TX host threshold reg. */\n+#define TX_WTHRESH 0 /**< Default values of TX write-back threshold reg. */\n+\n+#define MAX_TRAFFIC_BURST 2048\n+\n+#define NB_MBUF 1024\n+\n+#define APP_REASS_TIMEOUT\t\t20\n+\n+static struct rte_mempool *mbufpool[NB_SOCKETS];\n+static struct rte_mempool *sess_pool[NB_SOCKETS];\n+static struct rte_mempool *sess_priv_pool[NB_SOCKETS];\n+/* ethernet addresses of ports */\n+static struct rte_ether_addr ports_eth_addr[RTE_MAX_ETHPORTS];\n+\n+static struct rte_eth_conf port_conf = {\n+\t.rxmode = {\n+\t\t.mq_mode = RTE_ETH_MQ_RX_NONE,\n+\t\t.split_hdr_size = 0,\n+\t\t.offloads = RTE_ETH_RX_OFFLOAD_IP_REASSEMBLY |\n+\t\t\t RTE_ETH_RX_OFFLOAD_CHECKSUM |\n+\t\t\t RTE_ETH_RX_OFFLOAD_SECURITY,\n+\t},\n+\t.txmode = {\n+\t\t.mq_mode = RTE_ETH_MQ_TX_NONE,\n+\t\t.offloads = RTE_ETH_TX_OFFLOAD_SECURITY |\n+\t\t\t RTE_ETH_TX_OFFLOAD_MBUF_FAST_FREE,\n+\t},\n+\t.lpbk_mode = 1, /* enable loopback */\n+};\n+\n+static struct rte_eth_rxconf rx_conf = {\n+\t.rx_thresh = {\n+\t\t.pthresh = RX_PTHRESH,\n+\t\t.hthresh = RX_HTHRESH,\n+\t\t.wthresh = RX_WTHRESH,\n+\t},\n+\t.rx_free_thresh = 32,\n+};\n+\n+static struct rte_eth_txconf tx_conf = {\n+\t.tx_thresh = {\n+\t\t.pthresh = TX_PTHRESH,\n+\t\t.hthresh = TX_HTHRESH,\n+\t\t.wthresh = TX_WTHRESH,\n+\t},\n+\t.tx_free_thresh = 32, /* Use PMD default values */\n+\t.tx_rs_thresh = 32, /* Use PMD default values */\n+};\n+\n+enum {\n+\tLCORE_INVALID = 0,\n+\tLCORE_AVAIL,\n+\tLCORE_USED,\n+};\n+\n+struct lcore_cfg {\n+\tuint8_t status;\n+\tuint8_t socketid;\n+\tuint16_t nb_ports;\n+\tuint16_t port;\n+} __rte_cache_aligned;\n+\n+struct lcore_cfg lcore_cfg;\n+\n+static uint64_t link_mbps;\n+\n+/* Create Inline IPsec session */\n+static int\n+create_inline_ipsec_session(struct ipsec_session_data *sa,\n+\t\tuint16_t portid, struct rte_ipsec_session *ips,\n+\t\tenum rte_security_ipsec_sa_direction dir,\n+\t\tenum rte_security_ipsec_tunnel_type tun_type)\n+{\n+\tint32_t ret = 0;\n+\tstruct rte_security_ctx *sec_ctx;\n+\tuint32_t src_v4 = rte_cpu_to_be_32(RTE_IPV4(192, 168, 1, 0));\n+\tuint32_t dst_v4 = rte_cpu_to_be_32(RTE_IPV4(192, 168, 1, 1));\n+\tuint16_t src_v6[8] = {0x2607, 0xf8b0, 0x400c, 0x0c03, 0x0000, 0x0000,\n+\t\t\t\t0x0000, 0x001a};\n+\tuint16_t dst_v6[8] = {0x2001, 0x0470, 0xe5bf, 0xdead, 0x4957, 0x2174,\n+\t\t\t\t0xe82c, 0x4887};\n+\tstruct rte_security_session_conf sess_conf = {\n+\t\t.action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL,\n+\t\t.protocol = RTE_SECURITY_PROTOCOL_IPSEC,\n+\t\t.ipsec = sa->ipsec_xform,\n+\t\t.crypto_xform = &sa->xform.aead,\n+\t\t.userdata = NULL,\n+\t};\n+\tsess_conf.ipsec.direction = dir;\n+\n+\tconst struct rte_security_capability *sec_cap;\n+\n+\tsec_ctx = (struct rte_security_ctx *)\n+\t\t\trte_eth_dev_get_sec_ctx(portid);\n+\n+\tif (sec_ctx == NULL) {\n+\t\tprintf(\"Ethernet device doesn't support security features.\\n\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\tsess_conf.crypto_xform->aead.key.data = sa->key.data;\n+\n+\t/* Save SA as userdata for the security session. When\n+\t * the packet is received, this userdata will be\n+\t * retrieved using the metadata from the packet.\n+\t *\n+\t * The PMD is expected to set similar metadata for other\n+\t * operations, like rte_eth_event, which are tied to\n+\t * security session. In such cases, the userdata could\n+\t * be obtained to uniquely identify the security\n+\t * parameters denoted.\n+\t */\n+\n+\tsess_conf.userdata = (void *) sa;\n+\tsess_conf.ipsec.tunnel.type = tun_type;\n+\tif (tun_type == RTE_SECURITY_IPSEC_TUNNEL_IPV4) {\n+\t\tmemcpy(&sess_conf.ipsec.tunnel.ipv4.src_ip, &src_v4,\n+\t\t\t\tsizeof(src_v4));\n+\t\tmemcpy(&sess_conf.ipsec.tunnel.ipv4.dst_ip, &dst_v4,\n+\t\t\t\tsizeof(dst_v4));\n+\t} else {\n+\t\tmemcpy(&sess_conf.ipsec.tunnel.ipv6.src_addr, &src_v6,\n+\t\t\t\tsizeof(src_v6));\n+\t\tmemcpy(&sess_conf.ipsec.tunnel.ipv6.dst_addr, &dst_v6,\n+\t\t\t\tsizeof(dst_v6));\n+\t}\n+\tips->security.ses = rte_security_session_create(sec_ctx,\n+\t\t\t\t&sess_conf, sess_pool[lcore_cfg.socketid],\n+\t\t\t\tsess_priv_pool[lcore_cfg.socketid]);\n+\tif (ips->security.ses == NULL) {\n+\t\tprintf(\"SEC Session init failed: err: %d\\n\", ret);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\tsec_cap = rte_security_capabilities_get(sec_ctx);\n+\tif (sec_cap == NULL) {\n+\t\tprintf(\"No capabilities registered\\n\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\t/* iterate until ESP tunnel*/\n+\twhile (sec_cap->action !=\n+\t\t\tRTE_SECURITY_ACTION_TYPE_NONE) {\n+\t\tif (sec_cap->action == sess_conf.action_type &&\n+\t\t sec_cap->protocol ==\n+\t\t\tRTE_SECURITY_PROTOCOL_IPSEC &&\n+\t\t sec_cap->ipsec.mode ==\n+\t\t\tsess_conf.ipsec.mode &&\n+\t\t sec_cap->ipsec.direction == dir)\n+\t\t\tbreak;\n+\t\tsec_cap++;\n+\t}\n+\n+\tif (sec_cap->action == RTE_SECURITY_ACTION_TYPE_NONE) {\n+\t\tprintf(\"No suitable security capability found\\n\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\tips->security.ol_flags = sec_cap->ol_flags;\n+\tips->security.ctx = sec_ctx;\n+\n+\treturn 0;\n+}\n+\n+/* Check the link status of all ports in up to 3s, and print them finally */\n+static void\n+check_all_ports_link_status(uint16_t port_num, uint32_t port_mask)\n+{\n+#define CHECK_INTERVAL 100 /* 100ms */\n+#define MAX_CHECK_TIME 30 /* 3s (30 * 100ms) in total */\n+\tuint16_t portid;\n+\tuint8_t count, all_ports_up, print_flag = 0;\n+\tstruct rte_eth_link link;\n+\tint ret;\n+\tchar link_status[RTE_ETH_LINK_MAX_STR_LEN];\n+\n+\tprintf(\"Checking link statuses...\\n\");\n+\tfflush(stdout);\n+\tfor (count = 0; count <= MAX_CHECK_TIME; count++) {\n+\t\tall_ports_up = 1;\n+\t\tfor (portid = 0; portid < port_num; portid++) {\n+\t\t\tif ((port_mask & (1 << portid)) == 0)\n+\t\t\t\tcontinue;\n+\t\t\tmemset(&link, 0, sizeof(link));\n+\t\t\tret = rte_eth_link_get_nowait(portid, &link);\n+\t\t\tif (ret < 0) {\n+\t\t\t\tall_ports_up = 0;\n+\t\t\t\tif (print_flag == 1)\n+\t\t\t\t\tprintf(\"Port %u link get failed: %s\\n\",\n+\t\t\t\t\t\tportid, rte_strerror(-ret));\n+\t\t\t\tcontinue;\n+\t\t\t}\n+\n+\t\t\t/* print link status if flag set */\n+\t\t\tif (print_flag == 1) {\n+\t\t\t\tif (link.link_status && link_mbps == 0)\n+\t\t\t\t\tlink_mbps = link.link_speed;\n+\n+\t\t\t\trte_eth_link_to_str(link_status,\n+\t\t\t\t\tsizeof(link_status), &link);\n+\t\t\t\tprintf(\"Port %d %s\\n\", portid, link_status);\n+\t\t\t\tcontinue;\n+\t\t\t}\n+\t\t\t/* clear all_ports_up flag if any link down */\n+\t\t\tif (link.link_status == RTE_ETH_LINK_DOWN) {\n+\t\t\t\tall_ports_up = 0;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t\t}\n+\t\t/* after finally printing all link status, get out */\n+\t\tif (print_flag == 1)\n+\t\t\tbreak;\n+\n+\t\tif (all_ports_up == 0) {\n+\t\t\tfflush(stdout);\n+\t\t\trte_delay_ms(CHECK_INTERVAL);\n+\t\t}\n+\n+\t\t/* set the print_flag if all ports up or timeout */\n+\t\tif (all_ports_up == 1 || count == (MAX_CHECK_TIME - 1))\n+\t\t\tprint_flag = 1;\n+\t}\n+}\n+\n+static void\n+print_ethaddr(const char *name, const struct rte_ether_addr *eth_addr)\n+{\n+\tchar buf[RTE_ETHER_ADDR_FMT_SIZE];\n+\trte_ether_format_addr(buf, RTE_ETHER_ADDR_FMT_SIZE, eth_addr);\n+\tprintf(\"%s%s\", name, buf);\n+}\n+\n+static void\n+copy_buf_to_pkt_segs(void *buf, unsigned len, struct rte_mbuf *pkt,\n+\t\tunsigned offset)\n+{\n+\tstruct rte_mbuf *seg;\n+\tvoid *seg_buf;\n+\tunsigned copy_len;\n+\n+\tseg = pkt;\n+\twhile (offset >= seg->data_len) {\n+\t\toffset -= seg->data_len;\n+\t\tseg = seg->next;\n+\t}\n+\tcopy_len = seg->data_len - offset;\n+\tseg_buf = rte_pktmbuf_mtod_offset(seg, char *, offset);\n+\twhile (len > copy_len) {\n+\t\trte_memcpy(seg_buf, buf, (size_t) copy_len);\n+\t\tlen -= copy_len;\n+\t\tbuf = ((char *) buf + copy_len);\n+\t\tseg = seg->next;\n+\t\tseg_buf = rte_pktmbuf_mtod(seg, void *);\n+\t}\n+\trte_memcpy(seg_buf, buf, (size_t) len);\n+}\n+\n+static inline void\n+copy_buf_to_pkt(void *buf, unsigned len, struct rte_mbuf *pkt, unsigned offset)\n+{\n+\tif (offset + len <= pkt->data_len) {\n+\t\trte_memcpy(rte_pktmbuf_mtod_offset(pkt, char *, offset), buf,\n+\t\t\t (size_t) len);\n+\t\treturn;\n+\t}\n+\tcopy_buf_to_pkt_segs(buf, len, pkt, offset);\n+}\n+\n+static inline int\n+init_traffic(struct rte_mempool *mp,\n+\t struct rte_mbuf **pkts_burst,\n+\t struct ipsec_test_packet *vectors[],\n+\t uint32_t nb_pkts)\n+{\n+\tstruct rte_mbuf *pkt;\n+\tuint32_t i;\n+\n+\tfor (i = 0; i < nb_pkts; i++) {\n+\t\tpkt = rte_pktmbuf_alloc(mp);\n+\t\tif (pkt == NULL) {\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t\tpkt->data_len = vectors[i]->len;\n+\t\tpkt->pkt_len = vectors[i]->len;\n+\t\tcopy_buf_to_pkt(vectors[i]->data, vectors[i]->len,\n+\t\t\t\tpkt, vectors[i]->l2_offset);\n+\n+\t\tpkts_burst[i] = pkt;\n+\t}\n+\treturn i;\n+}\n+\n+static int\n+init_lcore(void)\n+{\n+\tunsigned lcore_id;\n+\n+\tfor (lcore_id = 0; lcore_id < RTE_MAX_LCORE; lcore_id++) {\n+\t\tlcore_cfg.socketid =\n+\t\t\trte_lcore_to_socket_id(lcore_id);\n+\t\tif (rte_lcore_is_enabled(lcore_id) == 0) {\n+\t\t\tlcore_cfg.status = LCORE_INVALID;\n+\t\t\tcontinue;\n+\t\t} else {\n+\t\t\tlcore_cfg.status = LCORE_AVAIL;\n+\t\t\tbreak;\n+\t\t}\n+\t}\n+\treturn 0;\n+}\n+\n+static int\n+init_mempools(unsigned nb_mbuf)\n+{\n+\tstruct rte_security_ctx *sec_ctx;\n+\tint socketid;\n+\tunsigned lcore_id;\n+\tuint16_t nb_sess = 64;\n+\tuint32_t sess_sz;\n+\tchar s[64];\n+\n+\tfor (lcore_id = 0; lcore_id < RTE_MAX_LCORE; lcore_id++) {\n+\t\tif (rte_lcore_is_enabled(lcore_id) == 0)\n+\t\t\tcontinue;\n+\n+\t\tsocketid = rte_lcore_to_socket_id(lcore_id);\n+\t\tif (socketid >= NB_SOCKETS) {\n+\t\t\trte_exit(EXIT_FAILURE,\n+\t\t\t\t\"Socket %d of lcore %u is out of range %d\\n\",\n+\t\t\t\tsocketid, lcore_id, NB_SOCKETS);\n+\t\t}\n+\t\tif (mbufpool[socketid] == NULL) {\n+\t\t\tsnprintf(s, sizeof(s), \"mbuf_pool_%d\", socketid);\n+\t\t\tmbufpool[socketid] =\n+\t\t\t\trte_pktmbuf_pool_create(s, nb_mbuf,\n+\t\t\t\t\tMEMPOOL_CACHE_SIZE, 0,\n+\t\t\t\t\tRTE_MBUF_DEFAULT_BUF_SIZE, socketid);\n+\t\t\tif (mbufpool[socketid] == NULL)\n+\t\t\t\trte_exit(EXIT_FAILURE,\n+\t\t\t\t\t\"Cannot init mbuf pool on socket %d\\n\",\n+\t\t\t\t\tsocketid);\n+\t\t\telse\n+\t\t\t\tprintf(\"Allocated mbuf pool on socket %d\\n\",\n+\t\t\t\t\tsocketid);\n+\t\t}\n+\n+\t\tsec_ctx = rte_eth_dev_get_sec_ctx(lcore_cfg.port);\n+\t\tif (sec_ctx == NULL)\n+\t\t\tcontinue;\n+\n+\t\tsess_sz = rte_security_session_get_size(sec_ctx);\n+\t\tif (sess_pool[socketid] == NULL) {\n+\t\t\tsnprintf(s, sizeof(s), \"sess_pool_%d\", socketid);\n+\t\t\tsess_pool[socketid] =\n+\t\t\t\trte_mempool_create(s, nb_sess,\n+\t\t\t\t\tsess_sz,\n+\t\t\t\t\tMEMPOOL_CACHE_SIZE, 0,\n+\t\t\t\t\tNULL, NULL, NULL, NULL,\n+\t\t\t\t\tsocketid, 0);\n+\t\t\tif (sess_pool[socketid] == NULL) {\n+\t\t\t\tprintf(\"Cannot init sess pool on socket %d\\n\",\n+\t\t\t\t\tsocketid);\n+\t\t\t\treturn TEST_FAILED;\n+\t\t\t} else\n+\t\t\t\tprintf(\"Allocated sess pool on socket %d\\n\",\n+\t\t\t\t\tsocketid);\n+\t\t}\n+\t\tif (sess_priv_pool[socketid] == NULL) {\n+\t\t\tsnprintf(s, sizeof(s), \"sess_priv_pool_%d\", socketid);\n+\t\t\tsess_priv_pool[socketid] =\n+\t\t\t\trte_mempool_create(s, nb_sess,\n+\t\t\t\t\tsess_sz,\n+\t\t\t\t\tMEMPOOL_CACHE_SIZE, 0,\n+\t\t\t\t\tNULL, NULL, NULL, NULL,\n+\t\t\t\t\tsocketid, 0);\n+\t\t\tif (sess_priv_pool[socketid] == NULL) {\n+\t\t\t\tprintf(\"Cannot init sess_priv pool on socket %d\\n\",\n+\t\t\t\t\tsocketid);\n+\t\t\t\treturn TEST_FAILED;\n+\t\t\t} else\n+\t\t\t\tprintf(\"Allocated sess_priv pool on socket %d\\n\",\n+\t\t\t\t\tsocketid);\n+\t\t}\n+\t}\n+\treturn 0;\n+}\n+\n+static void\n+create_default_flow(uint16_t port_id)\n+{\n+\tstruct rte_flow_action action[2];\n+\tstruct rte_flow_item pattern[2];\n+\tstruct rte_flow_attr attr = {0};\n+\tstruct rte_flow_error err;\n+\tstruct rte_flow *flow;\n+\tint ret;\n+\n+\t/* Add the default rte_flow to enable SECURITY for all ESP packets */\n+\n+\tpattern[0].type = RTE_FLOW_ITEM_TYPE_ESP;\n+\tpattern[0].spec = NULL;\n+\tpattern[0].mask = NULL;\n+\tpattern[0].last = NULL;\n+\tpattern[1].type = RTE_FLOW_ITEM_TYPE_END;\n+\n+\taction[0].type = RTE_FLOW_ACTION_TYPE_SECURITY;\n+\taction[0].conf = NULL;\n+\taction[1].type = RTE_FLOW_ACTION_TYPE_END;\n+\taction[1].conf = NULL;\n+\n+\tattr.ingress = 1;\n+\n+\tret = rte_flow_validate(port_id, &attr, pattern, action, &err);\n+\tif (ret)\n+\t\treturn;\n+\n+\tflow = rte_flow_create(port_id, &attr, pattern, action, &err);\n+\tif (flow == NULL)\n+\t\treturn;\n+}\n+\n+struct rte_mbuf **tx_pkts_burst;\n+\n+static int\n+test_ipsec(struct reassembly_vector *vector,\n+\t enum rte_security_ipsec_sa_direction dir,\n+\t enum rte_security_ipsec_tunnel_type tun_type)\n+{\n+\tstruct rte_mbuf *pkts_burst[MAX_PKT_BURST];\n+\tunsigned i, portid, nb_rx = 0, nb_tx = 1;\n+\tstruct rte_ipsec_session ips = {0};\n+\tstruct rte_eth_dev_info dev_info = {0};\n+\n+\tportid = lcore_cfg.port;\n+\trte_eth_dev_info_get(portid, &dev_info);\n+\tif (dev_info.reass_capa.max_frags < nb_tx)\n+\t\treturn TEST_SKIPPED;\n+\n+\tinit_traffic(mbufpool[lcore_cfg.socketid],\n+\t\t\ttx_pkts_burst, vector->frags, nb_tx);\n+\n+\t/* Create Inline IPsec session. */\n+\tif (create_inline_ipsec_session(vector->sa_data, portid, &ips, dir,\n+\t\t\t\t\ttun_type))\n+\t\treturn TEST_FAILED;\n+\tif (dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)\n+\t\tcreate_default_flow(portid);\n+\telse {\n+\t\tfor (i = 0; i < nb_tx; i++) {\n+\t\t\tif (ips.security.ol_flags &\n+\t\t\t\t\tRTE_SECURITY_TX_OLOAD_NEED_MDATA)\n+\t\t\t\trte_security_set_pkt_metadata(ips.security.ctx,\n+\t\t\t\tips.security.ses, tx_pkts_burst[i], NULL);\n+\t\t\ttx_pkts_burst[i]->ol_flags |= RTE_MBUF_F_TX_SEC_OFFLOAD;\n+\t\t\ttx_pkts_burst[i]->l2_len = 14;\n+\t\t}\n+\t}\n+\n+\tnb_tx = rte_eth_tx_burst(portid, 0, tx_pkts_burst, nb_tx);\n+\n+\trte_pause();\n+\n+\tdo {\n+\t\tnb_rx = rte_eth_rx_burst(portid, 0, pkts_burst, MAX_PKT_BURST);\n+\t} while (nb_rx == 0);\n+\n+\t/* Destroy session so that other cases can create the session again */\n+\trte_security_session_destroy(ips.security.ctx, ips.security.ses);\n+\n+\t/* Compare results with known vectors. */\n+\tif (nb_rx == 1) {\n+\t\tif (memcmp(rte_pktmbuf_mtod(pkts_burst[0], char *),\n+\t\t\t\t\tvector->full_pkt->data,\n+\t\t\t\t\t(size_t) vector->full_pkt->len)) {\n+\t\t\tprintf(\"\\n====Inline IPsec case failed: Data Mismatch\");\n+\t\t\trte_hexdump(stdout, \"received\",\n+\t\t\t\trte_pktmbuf_mtod(pkts_burst[0], char *),\n+\t\t\t\tvector->full_pkt->len);\n+\t\t\trte_hexdump(stdout, \"reference\",\n+\t\t\t\tvector->full_pkt->data,\n+\t\t\t\tvector->full_pkt->len);\n+\t\t\treturn TEST_FAILED;\n+\t\t}\n+\t\treturn TEST_SUCCESS;\n+\t} else\n+\t\treturn TEST_FAILED;\n+}\n+\n+static int\n+ut_setup_inline_ipsec(void)\n+{\n+\tuint16_t portid = lcore_cfg.port;\n+\tint ret;\n+\n+\t/* Set IP reassembly configuration. */\n+\tstruct rte_eth_dev_info dev_info = {0};\n+\trte_eth_dev_info_get(portid, &dev_info);\n+\n+\tret = rte_eth_ip_reassembly_conf_set(portid, &dev_info.reass_capa);\n+\tif (ret < 0) {\n+\t\tprintf(\"IP reassembly configuration err=%d, port=%d\\n\",\n+\t\t\tret, portid);\n+\t\treturn ret;\n+\t}\n+\n+\t/* Start device */\n+\tret = rte_eth_dev_start(portid);\n+\tif (ret < 0) {\n+\t\tprintf(\"rte_eth_dev_start: err=%d, port=%d\\n\",\n+\t\t\tret, portid);\n+\t\treturn ret;\n+\t}\n+\t/* always eanble promiscuous */\n+\tret = rte_eth_promiscuous_enable(portid);\n+\tif (ret != 0) {\n+\t\tprintf(\"rte_eth_promiscuous_enable: err=%s, port=%d\\n\",\n+\t\t\trte_strerror(-ret), portid);\n+\t\treturn ret;\n+\t}\n+\tlcore_cfg.port = portid;\n+\tcheck_all_ports_link_status(1, RTE_PORT_ALL);\n+\n+\treturn 0;\n+}\n+\n+static void\n+ut_teardown_inline_ipsec(void)\n+{\n+\tuint16_t portid = lcore_cfg.port;\n+\tint socketid = lcore_cfg.socketid;\n+\tint ret;\n+\n+\t/* port tear down */\n+\tRTE_ETH_FOREACH_DEV(portid) {\n+\t\tif (socketid != rte_eth_dev_socket_id(portid))\n+\t\t\tcontinue;\n+\n+\t\tret = rte_eth_dev_stop(portid);\n+\t\tif (ret != 0)\n+\t\t\tprintf(\"rte_eth_dev_stop: err=%s, port=%u\\n\",\n+\t\t\t rte_strerror(-ret), portid);\n+\t}\n+}\n+\n+static int\n+testsuite_setup(void)\n+{\n+\tuint16_t nb_rxd;\n+\tuint16_t nb_txd;\n+\tuint16_t nb_ports;\n+\tint socketid, ret;\n+\tuint16_t nb_rx_queue = 1, nb_tx_queue = 1;\n+\tuint16_t portid = lcore_cfg.port;\n+\n+\tprintf(\"Start inline IPsec test.\\n\");\n+\n+\tnb_ports = rte_eth_dev_count_avail();\n+\tif (nb_ports < NB_ETHPORTS_USED) {\n+\t\tprintf(\"At least %u port(s) used for test\\n\",\n+\t\t NB_ETHPORTS_USED);\n+\t\treturn -1;\n+\t}\n+\n+\tinit_lcore();\n+\n+\tinit_mempools(NB_MBUF);\n+\n+\tsocketid = lcore_cfg.socketid;\n+\tif (tx_pkts_burst == NULL) {\n+\t\ttx_pkts_burst = (struct rte_mbuf **)\n+\t\t\trte_calloc_socket(\"tx_buff\",\n+\t\t\t\t\t MAX_TRAFFIC_BURST * nb_ports,\n+\t\t\t\t\t sizeof(void *),\n+\t\t\t\t\t RTE_CACHE_LINE_SIZE, socketid);\n+\t\tif (!tx_pkts_burst)\n+\t\t\treturn -1;\n+\t}\n+\n+\tprintf(\"Generate %d packets @socket %d\\n\",\n+\t MAX_TRAFFIC_BURST * nb_ports, socketid);\n+\n+\tnb_rxd = RTE_TEST_RX_DESC_DEFAULT;\n+\tnb_txd = RTE_TEST_TX_DESC_DEFAULT;\n+\n+\t/* port configure */\n+\tret = rte_eth_dev_configure(portid, nb_rx_queue,\n+\t\t\t\t nb_tx_queue, &port_conf);\n+\tif (ret < 0) {\n+\t\tprintf(\"Cannot configure device: err=%d, port=%d\\n\",\n+\t\t\t ret, portid);\n+\t\treturn ret;\n+\t}\n+\tret = rte_eth_macaddr_get(portid, &ports_eth_addr[portid]);\n+\tif (ret < 0) {\n+\t\tprintf(\"Cannot get mac address: err=%d, port=%d\\n\",\n+\t\t\t ret, portid);\n+\t\treturn ret;\n+\t}\n+\tprintf(\"Port %u \", portid);\n+\tprint_ethaddr(\"Address:\", &ports_eth_addr[portid]);\n+\tprintf(\"\\n\");\n+\n+\t/* tx queue setup */\n+\tret = rte_eth_tx_queue_setup(portid, 0, nb_txd,\n+\t\t\t\t socketid, &tx_conf);\n+\tif (ret < 0) {\n+\t\tprintf(\"rte_eth_tx_queue_setup: err=%d, port=%d\\n\",\n+\t\t\t\tret, portid);\n+\t\treturn ret;\n+\t}\n+\t/* rx queue steup */\n+\tret = rte_eth_rx_queue_setup(portid, 0, nb_rxd,\n+\t\t\t\t\tsocketid, &rx_conf,\n+\t\t\t\t\tmbufpool[socketid]);\n+\tif (ret < 0) {\n+\t\tprintf(\"rte_eth_rx_queue_setup: err=%d, port=%d\\n\",\n+\t\t\t\tret, portid);\n+\t\treturn ret;\n+\t}\n+\n+\n+\treturn 0;\n+}\n+\n+static void\n+testsuite_teardown(void)\n+{\n+\tint ret;\n+\tuint16_t portid = lcore_cfg.port;\n+\tuint16_t socketid = lcore_cfg.socketid;\n+\n+\t/* port tear down */\n+\tRTE_ETH_FOREACH_DEV(portid) {\n+\t\tif (socketid != rte_eth_dev_socket_id(portid))\n+\t\t\tcontinue;\n+\n+\t\tret = rte_eth_dev_stop(portid);\n+\t\tif (ret != 0)\n+\t\t\tprintf(\"rte_eth_dev_stop: err=%s, port=%u\\n\",\n+\t\t\t rte_strerror(-ret), portid);\n+\t}\n+}\n+static int\n+test_ipsec_ipv4_encap_nofrag(void) {\n+\tstruct reassembly_vector ipv4_nofrag_case = {\n+\t\t\t\t.sa_data = &conf_aes_128_gcm,\n+\t\t\t\t.full_pkt = &pkt_ipv4_gcm128_cipher,\n+\t\t\t\t.frags[0] = &pkt_ipv4_plain,\n+\t};\n+\treturn test_ipsec(&ipv4_nofrag_case,\n+\t\t\tRTE_SECURITY_IPSEC_SA_DIR_EGRESS,\n+\t\t\tRTE_SECURITY_IPSEC_TUNNEL_IPV4);\n+}\n+\n+static int\n+test_ipsec_ipv4_decap_nofrag(void) {\n+\tstruct reassembly_vector ipv4_nofrag_case = {\n+\t\t\t\t.sa_data = &conf_aes_128_gcm,\n+\t\t\t\t.full_pkt = &pkt_ipv4_plain,\n+\t\t\t\t.frags[0] = &pkt_ipv4_gcm128_cipher,\n+\t};\n+\treturn test_ipsec(&ipv4_nofrag_case,\n+\t\t\tRTE_SECURITY_IPSEC_SA_DIR_INGRESS,\n+\t\t\tRTE_SECURITY_IPSEC_TUNNEL_IPV4);\n+}\n+\n+static struct unit_test_suite inline_ipsec_testsuite = {\n+\t.suite_name = \"Inline IPsec Ethernet Device Unit Test Suite\",\n+\t.setup = testsuite_setup,\n+\t.teardown = testsuite_teardown,\n+\t.unit_test_cases = {\n+\t\tTEST_CASE_ST(ut_setup_inline_ipsec,\n+\t\t\t\tut_teardown_inline_ipsec,\n+\t\t\t\ttest_ipsec_ipv4_encap_nofrag),\n+\t\tTEST_CASE_ST(ut_setup_inline_ipsec,\n+\t\t\t\tut_teardown_inline_ipsec,\n+\t\t\t\ttest_ipsec_ipv4_decap_nofrag),\n+\n+\t\tTEST_CASES_END() /**< NULL terminate unit test array */\n+\t}\n+};\n+\n+static int\n+test_inline_ipsec(void)\n+{\n+\treturn unit_test_suite_runner(&inline_ipsec_testsuite);\n+}\n+\n+REGISTER_TEST_COMMAND(inline_ipsec_autotest, test_inline_ipsec);\ndiff --git a/app/test/test_inline_ipsec_reassembly_vectors.h b/app/test/test_inline_ipsec_reassembly_vectors.h\nnew file mode 100644\nindex 0000000000..68066a0957\n--- /dev/null\n+++ b/app/test/test_inline_ipsec_reassembly_vectors.h\n@@ -0,0 +1,198 @@\n+/* SPDX-License-Identifier: BSD-3-Clause\n+ * Copyright(C) 2021 Marvell.\n+ */\n+#ifndef _TEST_INLINE_IPSEC_REASSEMBLY_VECTORS_H_\n+#define _TEST_INLINE_IPSEC_REASSEMBLY_VECTORS_H_\n+\n+#define MAX_FRAG_LEN\t\t 1500\n+#define MAX_FRAGS\t\t 6\n+#define MAX_PKT_LEN\t\t (MAX_FRAG_LEN * MAX_FRAGS)\n+struct ipsec_session_data {\n+\tstruct {\n+\t\tuint8_t data[32];\n+\t} key;\n+\tstruct {\n+\t\tuint8_t data[4];\n+\t\tunsigned int len;\n+\t} salt;\n+\tstruct {\n+\t\tuint8_t data[16];\n+\t} iv;\n+\tstruct rte_security_ipsec_xform ipsec_xform;\n+\tbool aead;\n+\tunion {\n+\t\tstruct {\n+\t\t\tstruct rte_crypto_sym_xform cipher;\n+\t\t\tstruct rte_crypto_sym_xform auth;\n+\t\t} chain;\n+\t\tstruct rte_crypto_sym_xform aead;\n+\t} xform;\n+};\n+\n+struct ipsec_test_packet {\n+\tuint32_t len;\n+\tuint32_t l2_offset;\n+\tuint32_t l3_offset;\n+\tuint32_t l4_offset;\n+\tuint8_t data[MAX_PKT_LEN];\n+};\n+\n+struct reassembly_vector {\n+\tstruct ipsec_session_data *sa_data;\n+\tstruct ipsec_test_packet *full_pkt;\n+\tstruct ipsec_test_packet *frags[MAX_FRAGS];\n+};\n+\n+struct ipsec_test_packet pkt_ipv4_plain = {\n+\t.len = 76,\n+\t.l2_offset = 0,\n+\t.l3_offset = 14,\n+\t.l4_offset = 34,\n+\t.data = {\n+\t\t/* ETH */\n+\t\t0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,\n+\t\t0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,\n+\n+\t\t/* IP */\n+\t\t0x45, 0x00, 0x00, 0x3e, 0x69, 0x8f, 0x00, 0x00,\n+\t\t0x80, 0x11, 0x4d, 0xcc, 0xc0, 0xa8, 0x01, 0x02,\n+\t\t0xc0, 0xa8, 0x01, 0x01,\n+\n+\t\t/* UDP */\n+\t\t0x0a, 0x98, 0x00, 0x35, 0x00, 0x2a, 0x23, 0x43,\n+\t\t0xb2, 0xd0, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00,\n+\t\t0x00, 0x00, 0x00, 0x00, 0x03, 0x73, 0x69, 0x70,\n+\t\t0x09, 0x63, 0x79, 0x62, 0x65, 0x72, 0x63, 0x69,\n+\t\t0x74, 0x79, 0x02, 0x64, 0x6b, 0x00, 0x00, 0x01,\n+\t\t0x00, 0x01,\n+\t},\n+};\n+\n+struct ipsec_test_packet pkt_ipv4_gcm128_cipher = {\n+\t.len = 130,\n+\t.l2_offset = 0,\n+\t.l3_offset = 14,\n+\t.l4_offset = 34,\n+\t.data = {\n+\t\t/* ETH */\n+\t\t0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,\n+\t\t0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,\n+\n+\t\t/* IP - outer header */\n+\t\t0x45, 0x00, 0x00, 0x74, 0x69, 0x8f, 0x00, 0x00,\n+\t\t0x80, 0x32, 0x4d, 0x75, 0xc0, 0xa8, 0x01, 0x02,\n+\t\t0xc0, 0xa8, 0x01, 0x01,\n+\n+\t\t/* ESP */\n+\t\t0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,\n+\n+\t\t/* IV */\n+\t\t0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,\n+\n+\t\t/* Data */\n+\t\t0xde, 0xb2, 0x2c, 0xd9, 0xb0, 0x7c, 0x72, 0xc1,\n+\t\t0x6e, 0x3a, 0x65, 0xbe, 0xeb, 0x8d, 0xf3, 0x04,\n+\t\t0xa5, 0xa5, 0x89, 0x7d, 0x33, 0xae, 0x53, 0x0f,\n+\t\t0x1b, 0xa7, 0x6d, 0x5d, 0x11, 0x4d, 0x2a, 0x5c,\n+\t\t0x3d, 0xe8, 0x18, 0x27, 0xc1, 0x0e, 0x9a, 0x4f,\n+\t\t0x51, 0x33, 0x0d, 0x0e, 0xec, 0x41, 0x66, 0x42,\n+\t\t0xcf, 0xbb, 0x85, 0xa5, 0xb4, 0x7e, 0x48, 0xa4,\n+\t\t0xec, 0x3b, 0x9b, 0xa9, 0x5d, 0x91, 0x8b, 0xd4,\n+\t\t0x29, 0xc7, 0x37, 0x57, 0x9f, 0xf1, 0x9e, 0x58,\n+\t\t0xcf, 0xfc, 0x60, 0x7a, 0x3b, 0xce, 0x89, 0x94,\n+\t},\n+};\n+\n+static inline void\n+test_vector_payload_populate(struct ipsec_test_packet *pkt,\n+\t\tbool first_frag)\n+{\n+\tuint32_t i = pkt->l4_offset;\n+\n+\t/* For non-fragmented packets and first frag, skip 8 bytes from\n+\t * l4_offset for UDP header */\n+\n+\tif (first_frag)\n+\t\ti += 8;\n+\n+\tfor (; i < pkt->len; i++)\n+\t\tpkt->data[i] = 0x58;\n+}\n+\n+static inline unsigned int\n+reass_test_vectors_init(struct reassembly_vector *vector)\n+{\n+\tunsigned int i = 0;\n+\n+\tif (vector->frags[0] != NULL && vector->frags[1] == NULL)\n+\t\treturn 1;\n+\n+\ttest_vector_payload_populate(vector->full_pkt, true);\n+\tfor (;vector->frags[i] != NULL && i < MAX_FRAGS; i++)\n+\t\ttest_vector_payload_populate(vector->frags[i],\n+\t\t\t\t(i == 0) ? true : false);\n+\treturn i;\n+}\n+\n+struct ipsec_session_data conf_aes_128_gcm = {\n+\t.key = {\n+\t\t.data = {\n+\t\t\t0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,\n+\t\t\t0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08\n+\t\t},\n+\t},\n+\n+\t.salt = {\n+\t\t.data = {\n+\t\t\t0xca, 0xfe, 0xba, 0xbe\n+\t\t},\n+\t\t.len = 4,\n+\t},\n+\n+\t.iv = {\n+\t\t.data = {\n+\t\t\t0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88\n+\t\t},\n+\t},\n+\n+\t.ipsec_xform = {\n+\t\t.spi = 0xa5f8,\n+\t\t.salt = 0xbebafeca,\n+\t\t.options.esn = 0,\n+\t\t.options.udp_encap = 0,\n+\t\t.options.copy_dscp = 0,\n+\t\t.options.copy_flabel = 0,\n+\t\t.options.copy_df = 0,\n+\t\t.options.dec_ttl = 0,\n+\t\t.options.ecn = 0,\n+\t\t.options.stats = 0,\n+\t\t.options.tunnel_hdr_verify = 0,\n+\t\t.options.ip_csum_enable = 0,\n+\t\t.options.l4_csum_enable = 0,\n+\t\t.options.reass_en = 1,\n+\t\t.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,\n+\t\t.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,\n+\t\t.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,\n+\t\t.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,\n+\t\t.replay_win_sz = 0,\n+\t},\n+\n+\t.aead = true,\n+\n+\t.xform = {\n+\t\t.aead = {\n+\t\t\t.next = NULL,\n+\t\t\t.type = RTE_CRYPTO_SYM_XFORM_AEAD,\n+\t\t\t.aead = {\n+\t\t\t\t.op = RTE_CRYPTO_AEAD_OP_ENCRYPT,\n+\t\t\t\t.algo = RTE_CRYPTO_AEAD_AES_GCM,\n+\t\t\t\t.key.length = 16,\n+\t\t\t\t.iv.length = 12,\n+\t\t\t\t.iv.offset = 0,\n+\t\t\t\t.digest_length = 16,\n+\t\t\t\t.aad_length = 12,\n+\t\t\t},\n+\t\t},\n+\t},\n+};\n+#endif\n", "prefixes": [ "5/8" ] }