From: Bruce Richardson <bruce.richardson@intel.com>
To: dev@dpdk.org
Cc: Bruce Richardson <bruce.richardson@intel.com>,
stable@dpdk.org, Akhil Goyal <gakhil@marvell.com>,
Anoob Joseph <anoobj@marvell.com>,
Nithin Dabilpuram <ndabilpuram@marvell.com>,
Fan Zhang <fanzhang.oss@gmail.com>
Subject: [PATCH 3/3] test/security_inline_proto: check for capabilities
Date: Mon, 22 Jun 2026 12:18:34 +0100 [thread overview]
Message-ID: <20260622111835.233554-4-bruce.richardson@intel.com> (raw)
In-Reply-To: <20260622111835.233554-1-bruce.richardson@intel.com>
Skip the test cases when the HW doesn't support the necessary offloads,
skipping the whole suite if necessary, e.g. if no IPsec capabilities are
present. For event-based tests, skip those if no eventdev is present.
Fixes: 86e2487c5f2c ("test/security: add cases for inline IPsec offload")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
app/test/test_security_inline_proto.c | 57 ++++++++++++++++++++++++++-
1 file changed, 56 insertions(+), 1 deletion(-)
diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c
index 81fce7364c..2e1ee17078 100644
--- a/app/test/test_security_inline_proto.c
+++ b/app/test/test_security_inline_proto.c
@@ -2043,10 +2043,25 @@ inline_ipsec_testsuite_setup(void)
}
memcpy(&local_port_conf, &port_conf, sizeof(port_conf));
+ local_port_conf.rxmode.offloads &= dev_info.rx_offload_capa;
+ local_port_conf.txmode.offloads &= dev_info.tx_offload_capa;
+
+ if (!(local_port_conf.rxmode.offloads & RTE_ETH_RX_OFFLOAD_SECURITY) ||
+ !(local_port_conf.txmode.offloads & RTE_ETH_TX_OFFLOAD_SECURITY)) {
+ printf("Inline IPsec unsupported: required security offloads are missing\n");
+ return TEST_SKIPPED;
+ }
+
/* Add Multi seg flags */
if (sg_mode) {
uint32_t max_data_room;
+ if (!(dev_info.rx_offload_capa & RTE_ETH_RX_OFFLOAD_SCATTER) ||
+ !(dev_info.tx_offload_capa & RTE_ETH_TX_OFFLOAD_MULTI_SEGS)) {
+ printf("SG mode unsupported: required scatter or multi-seg offloads are missing\n");
+ return TEST_SKIPPED;
+ }
+
if (dev_info.rx_desc_lim.nb_seg_max == 0) {
printf("SG mode unsupported: invalid max Rx segments (0)\n");
return TEST_SKIPPED;
@@ -2112,6 +2127,25 @@ inline_ipsec_testsuite_setup(void)
plaintext_len = 0;
}
+ /* Check that at least one inline IPsec capability is registered */
+ void *sec_ctx = rte_eth_dev_get_sec_ctx(port_id);
+ const struct rte_security_capability *cap;
+
+ if (sec_ctx == NULL) {
+ printf("No security context on port %d\n", port_id);
+ return TEST_SKIPPED;
+ }
+ for (cap = rte_security_capabilities_get(sec_ctx);
+ cap != NULL && cap->action != RTE_SECURITY_ACTION_TYPE_NONE; cap++) {
+ if (cap->action == RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL &&
+ cap->protocol == RTE_SECURITY_PROTOCOL_IPSEC)
+ break;
+ }
+ if (cap == NULL || cap->action == RTE_SECURITY_ACTION_TYPE_NONE) {
+ printf("No inline IPsec capabilities registered\n");
+ return TEST_SKIPPED;
+ }
+
return 0;
}
@@ -2140,6 +2174,8 @@ event_inline_ipsec_testsuite_setup(void)
struct rte_event_dev_config eventdev_conf = {0};
struct rte_event_queue_conf eventq_conf = {0};
struct rte_event_port_conf ev_port_conf = {0};
+ struct rte_eth_conf local_port_conf;
+ struct rte_eth_dev_info dev_info;
const uint16_t nb_txd = 1024, nb_rxd = 1024;
uint16_t nb_rx_queue = 1, nb_tx_queue = 1;
uint8_t ev_queue_id = 0, tx_queue_id = 0;
@@ -2151,6 +2187,11 @@ event_inline_ipsec_testsuite_setup(void)
printf("Start event inline IPsec test.\n");
+ if (rte_event_dev_count() == 0) {
+ printf("Event inline IPsec unsupported: no event devices available\n");
+ return TEST_SKIPPED;
+ }
+
nb_ports = rte_eth_dev_count_avail();
if (nb_ports == 0) {
printf("Test require: 1 port, available: 0\n");
@@ -2182,9 +2223,23 @@ event_inline_ipsec_testsuite_setup(void)
/* configuring port 0 for the test is enough */
port_id = 0;
+ if (rte_eth_dev_info_get(port_id, &dev_info)) {
+ printf("Failed to get devinfo");
+ return -1;
+ }
+
+ memcpy(&local_port_conf, &port_conf, sizeof(port_conf));
+ local_port_conf.rxmode.offloads &= dev_info.rx_offload_capa;
+ local_port_conf.txmode.offloads &= dev_info.tx_offload_capa;
+ if ((local_port_conf.rxmode.offloads & RTE_ETH_RX_OFFLOAD_SECURITY) == 0 ||
+ (local_port_conf.txmode.offloads & RTE_ETH_TX_OFFLOAD_SECURITY) == 0) {
+ printf("Event inline IPsec unsupported: required security offloads are missing\n");
+ return TEST_SKIPPED;
+ }
+
/* port configure */
ret = rte_eth_dev_configure(port_id, nb_rx_queue,
- nb_tx_queue, &port_conf);
+ nb_tx_queue, &local_port_conf);
if (ret < 0) {
printf("Cannot configure device: err=%d, port=%d\n",
ret, port_id);
--
2.53.0
prev parent reply other threads:[~2026-06-22 11:19 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-22 11:18 [PATCH 0/3] Fixes for inline ipsec test cases Bruce Richardson
2026-06-22 11:18 ` [PATCH 1/3] test/security_inline_proto: remove fast-free Tx flag Bruce Richardson
2026-06-22 11:18 ` [PATCH 2/3] test/security_inline_proto: fix MTU calculation underflow Bruce Richardson
2026-06-22 11:18 ` Bruce Richardson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260622111835.233554-4-bruce.richardson@intel.com \
--to=bruce.richardson@intel.com \
--cc=anoobj@marvell.com \
--cc=dev@dpdk.org \
--cc=fanzhang.oss@gmail.com \
--cc=gakhil@marvell.com \
--cc=ndabilpuram@marvell.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox