examples/fips_validation: add power on self test

This patch adds a sample power on self-test to fips_validate
sample application.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Damian Nowak <damianx.nowak@intel.com>

examples/fips_validation/Makefile

@@ -12,6 +12,7 @@ SRCS-y += fips_validation_tdes.c
 SRCS-y += fips_validation_gcm.c
 SRCS-y += fips_validation_cmac.c
 SRCS-y += fips_validation_ccm.c
+SRCS-y += fips_dev_self_test.c
 SRCS-y += main.c
 
 # Build using pkg-config variables if possible

examples/fips_validation/fips_dev_self_test.h

@@ -0,0 +1,25 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2019 Intel Corporation
+ */
+
+#ifndef _CRYPTO_PMD_SELF_TEST_H_
+#define _CRYPTO_PMD_SELF_TEST_H_
+
+#include <rte_crypto_sym.h>
+
+enum fips_dev_self_test_dir {
+	self_test_dir_enc_auth_gen = 0,
+	self_test_dir_dec_auth_verify,
+	self_test_dir_max
+};
+
+struct fips_dev_broken_test_config {
+	uint32_t expect_fail_test_idx;
+	enum fips_dev_self_test_dir expect_fail_dir;
+};
+
+int
+fips_dev_self_test(uint8_t dev_id,
+		struct fips_dev_broken_test_config *config);
+
+#endif /* _CRYPTO_PMD_SELF_TEST_H_ */

examples/fips_validation/main.c

@@ -13,12 +13,18 @@
 #include <rte_string_fns.h>
 
 #include "fips_validation.h"
+#include "fips_dev_self_test.h"
 
 #define REQ_FILE_PATH_KEYWORD	"req-file"
 #define RSP_FILE_PATH_KEYWORD	"rsp-file"
 #define FOLDER_KEYWORD		"path-is-folder"
 #define CRYPTODEV_KEYWORD	"cryptodev"
 #define CRYPTODEV_ID_KEYWORD	"cryptodev-id"
+#define CRYPTODEV_ST_KEYWORD	"self-test"
+#define CRYPTODEV_BK_ID_KEYWORD	"broken-test-id"
+#define CRYPTODEV_BK_DIR_KEY	"broken-test-dir"
+#define CRYPTODEV_ENC_KEYWORD	"enc"
+#define CRYPTODEV_DEC_KEYWORD	"dec"
 
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
@@ -35,6 +41,8 @@ struct cryptodev_fips_validate_env {
 	struct rte_mbuf *mbuf;
 	struct rte_crypto_op *op;
 	struct rte_cryptodev_sym_session *sess;
+	uint32_t self_test;
+	struct fips_dev_broken_test_config *broken_test_config;
 } env;
 
 static int
@@ -46,6 +54,18 @@ cryptodev_fips_validate_app_int(void)
 			env.dev_id);
 	int ret;
 
+	if (env.self_test) {
+		ret = fips_dev_self_test(env.dev_id, env.broken_test_config);
+		if (ret < 0) {
+			struct rte_cryptodev *cryptodev =
+					rte_cryptodev_pmd_get_dev(env.dev_id);
+
+			rte_cryptodev_pmd_destroy(cryptodev);
+
+			return ret;
+		}
+	}
+
 	ret = rte_cryptodev_configure(env.dev_id, &conf);
 	if (ret < 0)
 		return ret;
@@ -176,9 +196,14 @@ cryptodev_fips_validate_usage(const char *prgname)
 		"  --%s: RESPONSE-FILE-PATH\n"
 		"  --%s: indicating both paths are folders\n"
 		"  --%s: CRYPTODEV-NAME\n"
-		"  --%s: CRYPTODEV-ID-NAME\n",
+		"  --%s: CRYPTODEV-ID-NAME\n"
+		"  --%s: self test indicator\n"
+		"  --%s: self broken test ID\n"
+		"  --%s: self broken test direction\n",
 		prgname, REQ_FILE_PATH_KEYWORD, RSP_FILE_PATH_KEYWORD,
-		FOLDER_KEYWORD, CRYPTODEV_KEYWORD, CRYPTODEV_ID_KEYWORD);
+		FOLDER_KEYWORD, CRYPTODEV_KEYWORD, CRYPTODEV_ID_KEYWORD,
+		CRYPTODEV_ST_KEYWORD, CRYPTODEV_BK_ID_KEYWORD,
+		CRYPTODEV_BK_DIR_KEY);
 }
 
 static int
@@ -194,6 +219,9 @@ cryptodev_fips_validate_parse_args(int argc, char **argv)
 			{FOLDER_KEYWORD, no_argument, 0, 0},
 			{CRYPTODEV_KEYWORD, required_argument, 0, 0},
 			{CRYPTODEV_ID_KEYWORD, required_argument, 0, 0},
+			{CRYPTODEV_ST_KEYWORD, no_argument, 0, 0},
+			{CRYPTODEV_BK_ID_KEYWORD, required_argument, 0, 0},
+			{CRYPTODEV_BK_DIR_KEY, required_argument, 0, 0},
 			{NULL, 0, 0, 0}
 	};
 
@@ -227,6 +255,56 @@ cryptodev_fips_validate_parse_args(int argc, char **argv)
 					cryptodev_fips_validate_usage(prgname);
 					return -EINVAL;
 				}
+			} else if (strcmp(lgopts[option_index].name,
+					CRYPTODEV_ST_KEYWORD) == 0) {
+				env.self_test = 1;
+			} else if (strcmp(lgopts[option_index].name,
+					CRYPTODEV_BK_ID_KEYWORD) == 0) {
+				if (!env.broken_test_config) {
+					env.broken_test_config = rte_malloc(
+						NULL,
+						sizeof(*env.broken_test_config),
+						0);
+					if (!env.broken_test_config)
+						return -ENOMEM;
+
+					env.broken_test_config->expect_fail_dir =
+						self_test_dir_enc_auth_gen;
+				}
+
+				if (parser_read_uint32(
+					&env.broken_test_config->expect_fail_test_idx,
+						optarg) < 0) {
+					rte_free(env.broken_test_config);
+					cryptodev_fips_validate_usage(prgname);
+					return -EINVAL;
+				}
+			} else if (strcmp(lgopts[option_index].name,
+					CRYPTODEV_BK_DIR_KEY) == 0) {
+				if (!env.broken_test_config) {
+					env.broken_test_config = rte_malloc(
+						NULL,
+						sizeof(*env.broken_test_config),
+						0);
+					if (!env.broken_test_config)
+						return -ENOMEM;
+
+					env.broken_test_config->
+						expect_fail_test_idx = 0;
+				}
+
+				if (strcmp(optarg, CRYPTODEV_ENC_KEYWORD) == 0)
+					env.broken_test_config->expect_fail_dir =
+						self_test_dir_enc_auth_gen;
+				else if (strcmp(optarg, CRYPTODEV_DEC_KEYWORD)
+						== 0)
+					env.broken_test_config->expect_fail_dir =
+						self_test_dir_dec_auth_verify;
+				else {
+					rte_free(env.broken_test_config);
+					cryptodev_fips_validate_usage(prgname);
+					return -EINVAL;
+				}
 			} else {
 				cryptodev_fips_validate_usage(prgname);
 				return -EINVAL;

examples/fips_validation/meson.build

@@ -16,5 +16,6 @@ sources = files(
 	'fips_validation_gcm.c',
 	'fips_validation_cmac.c',
 	'fips_validation_ccm.c',
+	'fips_dev_self_test.c',
 	'main.c'
 )