icastats test fails if adapters are being configured away via apmask

[borntraeger]

make check of libica fails if I take away crypto cards via /sys/bus/ap/apmask

Normal setup
$ lszcrypt
CARD.DOMAIN TYPE MODE STATUS REQUESTS

03 CEX5C CCA-Coproc online 854
03.0008 CEX5C CCA-Coproc online 854
06 CEX5C CCA-Coproc online 324
06.0008 CEX5C CCA-Coproc online 324
07 CEX5P EP11-Coproc online 0
07.0008 CEX5P EP11-Coproc online 0

normal make check:
PASS: fips_test
PASS: icastats_test
PASS: get_functionlist_test
PASS: get_version_test
PASS: rng_test
PASS: drbg_test
[...]

When I now disable all adapters from zcrypt
sudo bash -c "echo 0 > /sys/bus/ap/apmask"

icastats_test fails:
cat test/icastats_test.log
icastats RSA-ME test FAILED!
FAIL icastats_test (exit status: 1)

If the system has no crypto cards, then make check also suceeds.
So it seems that the icastat test tries to detect if there is RSA-ME support available, but it fails to detect that this support is actually not available.

[hfreude]

I could recreate this. It is because the icastats test checks the first counter to increase but without any adapter available the RSA-ME and RSA-CRT is executed in software (via openssl). So the testcase fails.
The testcase needs improvement.

[hfreude]

Looks like the is_crypto_card_loaded() function in the icastats testcase needs some more awareness about how the zcrypt device driver handles devices. This function currently tests, if there is at least one CEXxA or CEXxC card available and the online attrribute shows 1. But with the new apmask/aqmask functionallity, the card is still online but has no queues associated. So now the criterion for having a card available is "card online and at least one queue online".