Hi Bernard,
On 3/22/2019 7:17 PM, Bernard Iremonger wrote:
> Fix xform initialisation.
> Fix testsuite_setup.
> Loop on rte_cryptodev_dequeue_burst() calls.
> Remove unused variables.
>
> Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> Fixes: 59d7353b0df0 ("test/ipsec: fix test suite setup")
>
> Signed-off-by: Bernard Iremonger <bernard.iremon...@intel.com>
> ---
> Changes in v2:
> Increase DEQUEUE_COUNT to 1000
> Loop on other 2 rte_cryptodev_dequeue_burst() calls.
>
> app/test/test_ipsec.c | 60
> ++++++++++++++++++++++++++++++---------------------
> 1 file changed, 35 insertions(+), 25 deletions(-)
>
> diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
> index 80a2d25..3769e56 100644
> --- a/app/test/test_ipsec.c
> +++ b/app/test/test_ipsec.c
> @@ -42,6 +42,7 @@
> #define OUTBOUND_SPI 17
> #define BURST_SIZE 32
> #define REORDER_PKTS 1
> +#define DEQUEUE_COUNT 1000
>
> struct user_params {
> enum rte_crypto_sym_xform_type auth;
> @@ -79,7 +80,6 @@ struct ipsec_unitest_params {
> struct rte_mbuf *obuf[BURST_SIZE], *ibuf[BURST_SIZE],
> *testbuf[BURST_SIZE];
>
> - uint8_t *digest;
> uint16_t pkt_index;
> };
>
> @@ -111,8 +111,6 @@ static struct ipsec_testsuite_params testsuite_params = {
> NULL };
> static struct ipsec_unitest_params unittest_params;
> static struct user_params uparams;
>
> -static uint8_t global_key[128] = { 0 };
> -
> struct supported_cipher_algo {
> const char *keyword;
> enum rte_crypto_cipher_algorithm algo;
> @@ -215,30 +213,26 @@ fill_crypto_xform(struct ipsec_unitest_params
> *ut_params,
> const struct supported_auth_algo *auth_algo,
> const struct supported_cipher_algo *cipher_algo)
> {
> - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
> - ut_params->auth_xform.auth.algo = auth_algo->algo;
> - ut_params->auth_xform.auth.key.data = global_key;
> - ut_params->auth_xform.auth.key.length = auth_algo->key_len;
> - ut_params->auth_xform.auth.digest_length = auth_algo->digest_len;
> - ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
> -
> ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
> ut_params->cipher_xform.cipher.algo = cipher_algo->algo;
> - ut_params->cipher_xform.cipher.key.data = global_key;
> - ut_params->cipher_xform.cipher.key.length = cipher_algo->key_len;
> - ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT;
> - ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET;
> - ut_params->cipher_xform.cipher.iv.length = cipher_algo->iv_len;
> + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
> + ut_params->auth_xform.auth.algo = auth_algo->algo;
>
> if (ut_params->ipsec_xform.direction ==
> RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
> - ut_params->crypto_xforms = &ut_params->auth_xform;
> - ut_params->auth_xform.next = &ut_params->cipher_xform;
> + ut_params->cipher_xform.cipher.op =
> + RTE_CRYPTO_CIPHER_OP_DECRYPT;
> + ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
> ut_params->cipher_xform.next = NULL;
> + ut_params->auth_xform.next = &ut_params->cipher_xform;
> + ut_params->crypto_xforms = &ut_params->auth_xform;
> } else {
> - ut_params->crypto_xforms = &ut_params->cipher_xform;
> - ut_params->cipher_xform.next = &ut_params->auth_xform;
> + ut_params->cipher_xform.cipher.op =
> + RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> + ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
> ut_params->auth_xform.next = NULL;
> + ut_params->cipher_xform.next = &ut_params->auth_xform;
> + ut_params->crypto_xforms = &ut_params->cipher_xform;
> }
> }
>
> @@ -287,9 +281,12 @@ testsuite_setup(void)
> int rc;
>
> memset(ts_params, 0, sizeof(*ts_params));
> + memset(ut_params, 0, sizeof(*ut_params));
> + memset(&uparams, 0, sizeof(struct user_params));
>
> uparams.auth = RTE_CRYPTO_SYM_XFORM_AUTH;
> uparams.cipher = RTE_CRYPTO_SYM_XFORM_CIPHER;
> + uparams.aead = RTE_CRYPTO_SYM_XFORM_NOT_SPECIFIED;
> strcpy(uparams.auth_algo, "null");
> strcpy(uparams.cipher_algo, "null");
>
> @@ -759,6 +756,7 @@ crypto_ipsec(uint16_t num_pkts)
> struct ipsec_unitest_params *ut_params = &unittest_params;
> uint32_t k, ng;
> struct rte_ipsec_group grp[1];
> + int i = 0;
>
> /* call crypto prepare */
> k = rte_ipsec_pkt_crypto_prepare(&ut_params->ss[0], ut_params->ibuf,
> @@ -774,8 +772,12 @@ crypto_ipsec(uint16_t num_pkts)
> return TEST_FAILED;
> }
>
> - k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
> - ut_params->cop, num_pkts);
> + while ((k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
> + ut_params->cop, num_pkts)) == 0 && i < DEQUEUE_COUNT) {
> + rte_pause();
> + i++;
> + }
> +
> if (k != num_pkts) {
> RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
> return TEST_FAILED;
> @@ -890,8 +892,12 @@ crypto_ipsec_2sa(void)
> }
> }
>
> - k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
> - ut_params->cop, BURST_SIZE);
> + while ((k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
> + ut_params->cop, BURST_SIZE)) == 0 &&
> + i < DEQUEUE_COUNT) {
> + rte_pause();
> + i++;
> + }
> if (k != BURST_SIZE) {
> RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
> return TEST_FAILED;
> @@ -1029,8 +1035,12 @@ crypto_ipsec_2sa_4grp(void)
> }
> }
>
> - k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
> - ut_params->cop, BURST_SIZE);
> + while ((k = rte_cryptodev_dequeue_burst(ts_params->valid_dev, 0,
> + ut_params->cop, BURST_SIZE)) == 0 &&
> + i < DEQUEUE_COUNT) {
> + rte_pause();
> + i++;
> + }
> if (k != BURST_SIZE) {
> RTE_LOG(ERR, USER1, "rte_cryptodev_dequeue_burst fail\n");
> return TEST_FAILED;
The logic for dequeue is not correct here.
In case of hardware crypto PMD, there may be a case where we have lesser
number of dequeues as compared to the number of enqueues in one cycle.
Hardware PMDs are usually slow and may not give back packets in the same
cycle. So, multiple dequeues(say a few hundred) shall be done until we
get the enqueued_ops = dequeued_ops. But that would also be tricky here
as we need to increment the pointer to the cop as well.
Regards,
Akhil
