Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/98273/?format=api
http://patchwork.dpdk.org/api/patches/98273/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20210908082111.27396-4-ktejasree@marvell.com/", "project": { "id": 1, "url": "http://patchwork.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20210908082111.27396-4-ktejasree@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20210908082111.27396-4-ktejasree@marvell.com", "date": "2021-09-08T08:21:11", "name": "[3/3] test/crypto: add tunnel header verification tests", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "413dd38054900eed19439fb010d9a771280c7626", "submitter": { "id": 1789, "url": "http://patchwork.dpdk.org/api/people/1789/?format=api", "name": "Tejasree Kondoj", "email": "ktejasree@marvell.com" }, "delegate": { "id": 6690, "url": "http://patchwork.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20210908082111.27396-4-ktejasree@marvell.com/mbox/", "series": [ { "id": 18755, "url": "http://patchwork.dpdk.org/api/series/18755/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=18755", "date": "2021-09-08T08:21:08", "name": "add option to configure tunnel header verification", "version": 1, "mbox": "http://patchwork.dpdk.org/series/18755/mbox/" } ], "comments": "http://patchwork.dpdk.org/api/patches/98273/comments/", "check": "warning", "checks": "http://patchwork.dpdk.org/api/patches/98273/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id BBE65A0C56;\n\tWed, 8 Sep 2021 09:28:13 +0200 (CEST)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 7F3BC41130;\n\tWed, 8 Sep 2021 09:28:08 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com\n [67.231.148.174])\n by mails.dpdk.org (Postfix) with ESMTP id 0DC9141123\n for <dev@dpdk.org>; Wed, 8 Sep 2021 09:28:06 +0200 (CEST)", "from pps.filterd (m0045849.ppops.net [127.0.0.1])\n by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id\n 1883l5t8016067;\n Wed, 8 Sep 2021 00:28:06 -0700", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0a-0016f401.pphosted.com with ESMTP id 3axcm7tffy-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Wed, 08 Sep 2021 00:28:06 -0700", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;\n Wed, 8 Sep 2021 00:28:04 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.18 via Frontend\n Transport; Wed, 8 Sep 2021 00:28:04 -0700", "from hyd1554T5810.caveonetworks.com.com (unknown [10.29.57.11])\n by maili.marvell.com (Postfix) with ESMTP id 68AAD3F7095;\n Wed, 8 Sep 2021 00:28:00 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=qVkos/jkefJ2dhEH4hxuFABGUe7oDmW1avqCZNW+5vg=;\n b=XoWAXaJ30fpwFfiv5nIOVTLGY2WrPZqfOXpBkgfdYR8uAjxRTBN14NTCBbxPik+2EQwW\n 2qrdfCw8v1L3t/2801g/r2ocvwr9SfVToXcFvk7mDVVgGySl7vWclnZTgkVvg4GLs4wu\n e64HJ9tivdt/3A0JbKvn+tPV4NHGE0ChDbw1OmTwc61jveV9rD6FCW2zBx8GSEVgfKzJ\n ypG5zXoqM1fl+l9BBCdAUk9zchySxN5kZeA7q/e+XNcI1pr7LqZWoDvUGMeNvRdJ1CO9\n FT78a/3MjxdK857TaMLCYol6MwwzTXc+i1G4sD+8ZpM00vbDXWNt7M22Pab/6+7P2QPR kg==", "From": "Tejasree Kondoj <ktejasree@marvell.com>", "To": "Akhil Goyal <gakhil@marvell.com>, Radu Nicolau <radu.nicolau@intel.com>,\n Declan Doherty <declan.doherty@intel.com>", "CC": "Tejasree Kondoj <ktejasree@marvell.com>,\n Anoob Joseph <anoobj@marvell.com>,\n Ankur Dwivedi <adwivedi@marvell.com>, Jerin Jacob <jerinj@marvell.com>,\n Konstantin Ananyev <konstantin.ananyev@intel.com>,\n Ciara Power <ciara.power@intel.com>,\n Hemant Agrawal <hemant.agrawal@nxp.com>,\n Gagandeep Singh <g.singh@nxp.com>, Fan Zhang <roy.fan.zhang@intel.com>,\n Archana Muniganti <marchana@marvell.com>, <dev@dpdk.org>", "Date": "Wed, 8 Sep 2021 13:51:11 +0530", "Message-ID": "<20210908082111.27396-4-ktejasree@marvell.com>", "X-Mailer": "git-send-email 2.27.0", "In-Reply-To": "<20210908082111.27396-1-ktejasree@marvell.com>", "References": "<20210908082111.27396-1-ktejasree@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-GUID": "8Hb4h7-8gg0iNI6UVa0bzRWZDTFEUYn2", "X-Proofpoint-ORIG-GUID": "8Hb4h7-8gg0iNI6UVa0bzRWZDTFEUYn2", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475\n definitions=2021-09-08_02,2021-09-07_02,2020-04-07_01", "Subject": "[dpdk-dev] [PATCH 3/3] test/crypto: add tunnel header verification\n tests", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "Add test cases to verify tunnel header in IPsec inbound.\n\nSigned-off-by: Tejasree Kondoj <ktejasree@marvell.com>\n---\n app/test/test_cryptodev.c | 45 ++++++++++++++++++-\n app/test/test_cryptodev_security_ipsec.c | 25 ++++++++++-\n app/test/test_cryptodev_security_ipsec.h | 1 +\n ...st_cryptodev_security_ipsec_test_vectors.h | 3 ++\n 4 files changed, 71 insertions(+), 3 deletions(-)", "diff": "diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c\nindex e513f38765..ab7b63f37f 100644\n--- a/app/test/test_cryptodev.c\n+++ b/app/test/test_cryptodev.c\n@@ -8876,6 +8876,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \tint salt_len, i, ret = TEST_SUCCESS;\n \tstruct rte_security_ctx *ctx;\n \tuint8_t *input_text;\n+\tuint32_t verify;\n \n \tut_params->type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;\n \tgbl_action_type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL;\n@@ -8885,11 +8886,19 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \t/* Copy IPsec xform */\n \tmemcpy(&ipsec_xform, &td[0].ipsec_xform, sizeof(ipsec_xform));\n \n+\tdir = ipsec_xform.direction;\n+\tverify = flags->tunnel_hdr_verify;\n+\n+\tif ((dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) && verify) {\n+\t\tif (verify == RTE_SECURITY_IPSEC_TUNNEL_VERIFY_SRC_DST_ADDR)\n+\t\t\tsrc += 1;\n+\t\telse if (verify == RTE_SECURITY_IPSEC_TUNNEL_VERIFY_DST_ADDR)\n+\t\t\tdst += 1;\n+\t}\n+\n \tmemcpy(&ipsec_xform.tunnel.ipv4.src_ip, &src, sizeof(src));\n \tmemcpy(&ipsec_xform.tunnel.ipv4.dst_ip, &dst, sizeof(dst));\n \n-\tdir = ipsec_xform.direction;\n-\n \tctx = rte_cryptodev_get_sec_ctx(dev_id);\n \n \tsec_cap_idx.action = ut_params->type;\n@@ -9181,6 +9190,30 @@ test_ipsec_proto_udp_encap(const void *data __rte_unused)\n \treturn test_ipsec_proto_all(&flags);\n }\n \n+static int\n+test_ipsec_proto_tunnel_src_dst_addr_verify(const void *data __rte_unused)\n+{\n+\tstruct ipsec_test_flags flags;\n+\n+\tmemset(&flags, 0, sizeof(flags));\n+\n+\tflags.tunnel_hdr_verify = RTE_SECURITY_IPSEC_TUNNEL_VERIFY_SRC_DST_ADDR;\n+\n+\treturn test_ipsec_proto_all(&flags);\n+}\n+\n+static int\n+test_ipsec_proto_tunnel_dst_addr_verify(const void *data __rte_unused)\n+{\n+\tstruct ipsec_test_flags flags;\n+\n+\tmemset(&flags, 0, sizeof(flags));\n+\n+\tflags.tunnel_hdr_verify = RTE_SECURITY_IPSEC_TUNNEL_VERIFY_DST_ADDR;\n+\n+\treturn test_ipsec_proto_all(&flags);\n+}\n+\n static int\n test_PDCP_PROTO_all(void)\n {\n@@ -14124,6 +14157,14 @@ static struct unit_test_suite ipsec_proto_testsuite = {\n \t\t\t\"Negative test: ICV corruption\",\n \t\t\tut_setup_security, ut_teardown,\n \t\t\ttest_ipsec_proto_err_icv_corrupt),\n+\t\tTEST_CASE_NAMED_ST(\n+\t\t\t\"Tunnel dst addr verification\",\n+\t\t\tut_setup_security, ut_teardown,\n+\t\t\ttest_ipsec_proto_tunnel_dst_addr_verify),\n+\t\tTEST_CASE_NAMED_ST(\n+\t\t\t\"Tunnel src and dst addr verification\",\n+\t\t\tut_setup_security, ut_teardown,\n+\t\t\ttest_ipsec_proto_tunnel_src_dst_addr_verify),\n \t\tTEST_CASES_END() /**< NULL terminate unit test array */\n \t}\n };\ndiff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c\nindex 046536cc9c..f040630655 100644\n--- a/app/test/test_cryptodev_security_ipsec.c\n+++ b/app/test/test_cryptodev_security_ipsec.c\n@@ -86,6 +86,15 @@ test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,\n \t\treturn -ENOTSUP;\n \t}\n \n+\tif ((ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) &&\n+\t (ipsec_xform->options.tunnel_hdr_verify >\n+\t sec_cap->ipsec.options.tunnel_hdr_verify)) {\n+\t\tif (!silent)\n+\t\t\tRTE_LOG(INFO, USER1,\n+\t\t\t\t\"Tunnel header verify is not supported\\n\");\n+\t\treturn -ENOTSUP;\n+\t}\n+\n \treturn 0;\n }\n \n@@ -207,6 +216,9 @@ test_ipsec_td_update(struct ipsec_test_data td_inb[],\n \t\tif (flags->udp_encap)\n \t\t\ttd_inb[i].ipsec_xform.options.udp_encap = 1;\n \n+\t\ttd_inb[i].ipsec_xform.options.tunnel_hdr_verify =\n+\t\t\tflags->tunnel_hdr_verify;\n+\n \t\t/* Clear outbound specific flags */\n \t\ttd_inb[i].ipsec_xform.options.iv_gen_disable = 0;\n \t}\n@@ -292,7 +304,8 @@ test_ipsec_td_verify(struct rte_mbuf *m, const struct ipsec_test_data *td,\n \t/* For tests with status as error for test success, skip verification */\n \tif (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS &&\n \t (flags->icv_corrupt ||\n-\t flags->sa_expiry_pkts_hard))\n+\t flags->sa_expiry_pkts_hard ||\n+\t flags->tunnel_hdr_verify))\n \t\treturn TEST_SUCCESS;\n \n \tif (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&\n@@ -420,6 +433,16 @@ test_ipsec_status_check(struct rte_crypto_op *op,\n \t\t}\n \t}\n \n+\tif ((dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) &&\n+\t flags->tunnel_hdr_verify) {\n+\t\tif (op->status != RTE_CRYPTO_OP_STATUS_ERROR) {\n+\t\t\tprintf(\"Tunnel header verify test case failed\\n\");\n+\t\t\treturn TEST_FAILED;\n+\t\t} else {\n+\t\t\treturn TEST_SUCCESS;\n+\t\t}\n+\t}\n+\n \tif (dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS && flags->icv_corrupt) {\n \t\tif (op->status != RTE_CRYPTO_OP_STATUS_ERROR) {\n \t\t\tprintf(\"ICV corruption test case failed\\n\");\ndiff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h\nindex 18f3c64bb7..a65cb54eae 100644\n--- a/app/test/test_cryptodev_security_ipsec.h\n+++ b/app/test/test_cryptodev_security_ipsec.h\n@@ -53,6 +53,7 @@ struct ipsec_test_flags {\n \tbool sa_expiry_pkts_hard;\n \tbool icv_corrupt;\n \tbool iv_gen;\n+\tuint32_t tunnel_hdr_verify;\n \tbool udp_encap;\n };\n \ndiff --git a/app/test/test_cryptodev_security_ipsec_test_vectors.h b/app/test/test_cryptodev_security_ipsec_test_vectors.h\nindex 38ea43d157..4e147ec19c 100644\n--- a/app/test/test_cryptodev_security_ipsec_test_vectors.h\n+++ b/app/test/test_cryptodev_security_ipsec_test_vectors.h\n@@ -94,6 +94,7 @@ struct ipsec_test_data pkt_aes_128_gcm = {\n \t\t.options.dec_ttl = 0,\n \t\t.options.ecn = 0,\n \t\t.options.stats = 0,\n+\t\t.options.tunnel_hdr_verify = 0,\n \t\t.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,\n \t\t.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,\n \t\t.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,\n@@ -190,6 +191,7 @@ struct ipsec_test_data pkt_aes_192_gcm = {\n \t\t.options.dec_ttl = 0,\n \t\t.options.ecn = 0,\n \t\t.options.stats = 0,\n+\t\t.options.tunnel_hdr_verify = 0,\n \t\t.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,\n \t\t.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,\n \t\t.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,\n@@ -289,6 +291,7 @@ struct ipsec_test_data pkt_aes_256_gcm = {\n \t\t.options.dec_ttl = 0,\n \t\t.options.ecn = 0,\n \t\t.options.stats = 0,\n+\t\t.options.tunnel_hdr_verify = 0,\n \t\t.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,\n \t\t.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,\n \t\t.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,\n", "prefixes": [ "3/3" ] }{ "id": 98273, "url": "