Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/25591/?format=api
{ "id": 25591, "url": "http://patches.dpdk.org/api/patches/25591/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20170621074731.45013-14-pablo.de.lara.guarch@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20170621074731.45013-14-pablo.de.lara.guarch@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20170621074731.45013-14-pablo.de.lara.guarch@intel.com", "date": "2017-06-21T07:47:23", "name": "[dpdk-dev,14/22] cryptodev: add auth IV", "commit_ref": null, "pull_url": null, "state": "not-applicable", "archived": true, "hash": "ef8867a1c4a72a0d00ae8622526c5ae0f2d25ca8", "submitter": { "id": 9, "url": "http://patches.dpdk.org/api/people/9/?format=api", "name": "De Lara Guarch, Pablo", "email": "pablo.de.lara.guarch@intel.com" }, "delegate": null, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20170621074731.45013-14-pablo.de.lara.guarch@intel.com/mbox/", "series": [], "comments": "http://patches.dpdk.org/api/patches/25591/comments/", "check": "fail", "checks": "http://patches.dpdk.org/api/patches/25591/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@dpdk.org", "Delivered-To": "patchwork@dpdk.org", "Received": [ "from [92.243.14.124] (localhost [IPv6:::1])\n\tby dpdk.org (Postfix) with ESMTP id 546077D53;\n\tWed, 21 Jun 2017 17:47:53 +0200 (CEST)", "from mga02.intel.com (mga02.intel.com [134.134.136.20])\n\tby dpdk.org (Postfix) with ESMTP id B6A6A7CF1\n\tfor <dev@dpdk.org>; Wed, 21 Jun 2017 17:47:31 +0200 (CEST)", "from orsmga004.jf.intel.com ([10.7.209.38])\n\tby orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t21 Jun 2017 08:47:31 -0700", "from silpixa00399464.ir.intel.com (HELO\n\tsilpixa00399464.ger.corp.intel.com) ([10.237.222.157])\n\tby orsmga004.jf.intel.com with ESMTP; 21 Jun 2017 08:47:29 -0700" ], "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.39,369,1493708400\"; d=\"scan'208\";a=\"100153531\"", "From": "Pablo de Lara <pablo.de.lara.guarch@intel.com>", "To": "pablo.de.lara.guarch@intel.com", "Cc": "dev@dpdk.org", "Date": "Wed, 21 Jun 2017 08:47:23 +0100", "Message-Id": "<20170621074731.45013-14-pablo.de.lara.guarch@intel.com>", "X-Mailer": "git-send-email 2.9.4", "In-Reply-To": "<20170621074731.45013-1-pablo.de.lara.guarch@intel.com>", "References": "<20170621074731.45013-1-pablo.de.lara.guarch@intel.com>", "Subject": "[dpdk-dev] [PATCH 14/22] cryptodev: add auth IV", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<http://dpdk.org/ml/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://dpdk.org/ml/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<http://dpdk.org/ml/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "Authentication algorithms, such as AES-GMAC or the wireless\nalgorithms (like SNOW3G) use IV, like cipher algorithms.\nSo far, AES-GMAC has used the IV from the cipher structure,\nand the wireless algorithms have used the AAD field,\nwhich is not technically correct.\n\nTherefore, authentication IV parameters have been added,\nso API is more correct. Like cipher IV, auth IV is expected\nto be copied after the crypto operation.\n\nSigned-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>\n---\n app/test-crypto-perf/cperf_ops.c | 47 +++++++---\n app/test-crypto-perf/cperf_options.h | 2 +\n app/test-crypto-perf/cperf_options_parsing.c | 9 ++\n app/test-crypto-perf/cperf_test_latency.c | 4 +-\n app/test-crypto-perf/cperf_test_throughput.c | 3 +-\n app/test-crypto-perf/cperf_test_vector_parsing.c | 54 +++++++++---\n app/test-crypto-perf/cperf_test_vectors.c | 37 +++++---\n app/test-crypto-perf/cperf_test_vectors.h | 8 +-\n app/test-crypto-perf/cperf_test_verify.c | 3 +-\n app/test-crypto-perf/data/aes_cbc_128_sha.data | 2 +-\n app/test-crypto-perf/data/aes_cbc_192_sha.data | 2 +-\n app/test-crypto-perf/data/aes_cbc_256_sha.data | 2 +-\n app/test-crypto-perf/main.c | 25 ++++--\n doc/guides/sample_app_ug/l2_forward_crypto.rst | 17 ++--\n doc/guides/tools/cryptoperf.rst | 14 ++-\n drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c | 6 +-\n drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 21 +++--\n drivers/crypto/armv8/rte_armv8_pmd_ops.c | 6 +-\n drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h | 18 ++--\n drivers/crypto/kasumi/rte_kasumi_pmd_ops.c | 3 +-\n drivers/crypto/null/null_crypto_pmd_ops.c | 3 +-\n drivers/crypto/openssl/rte_openssl_pmd_ops.c | 78 +++++++++-------\n drivers/crypto/qat/qat_crypto_capabilities.h | 41 ++++++---\n drivers/crypto/snow3g/rte_snow3g_pmd_ops.c | 3 +-\n drivers/crypto/zuc/rte_zuc_pmd_ops.c | 3 +-\n examples/l2fwd-crypto/main.c | 108 +++++++++++++++++------\n lib/librte_cryptodev/rte_crypto_sym.h | 24 +++++\n lib/librte_cryptodev/rte_cryptodev.c | 6 +-\n lib/librte_cryptodev/rte_cryptodev.h | 6 +-\n 29 files changed, 401 insertions(+), 154 deletions(-)", "diff": "diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c\nindex d6d9f14..6c06ce5 100644\n--- a/app/test-crypto-perf/cperf_ops.c\n+++ b/app/test-crypto-perf/cperf_ops.c\n@@ -106,8 +106,8 @@ cperf_set_ops_cipher(struct rte_crypto_op **ops,\n \t\tsym_op->m_dst = bufs_out[i];\n \n \t\tmemcpy(rte_crypto_op_ctod_offset(ops[i], uint8_t *, iv_offset),\n-\t\t\t\ttest_vector->iv.data,\n-\t\t\t\ttest_vector->iv.length);\n+\t\t\t\ttest_vector->cipher_iv.data,\n+\t\t\t\ttest_vector->cipher_iv.length);\n \n \t\t/* cipher parameters */\n \t\tif (options->cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 ||\n@@ -129,7 +129,7 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,\n \t\tuint16_t nb_ops, struct rte_cryptodev_sym_session *sess,\n \t\tconst struct cperf_options *options,\n \t\tconst struct cperf_test_vector *test_vector,\n-\t\tuint16_t iv_offset __rte_unused)\n+\t\tuint16_t iv_offset)\n {\n \tuint16_t i;\n \n@@ -141,6 +141,14 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,\n \t\tsym_op->m_src = bufs_in[i];\n \t\tsym_op->m_dst = bufs_out[i];\n \n+\t\tif (test_vector->auth_iv.length) {\n+\t\t\tuint8_t *IV_ptr = rte_crypto_op_ctod_offset(ops[i],\n+\t\t\t\t\t\t\t\tuint8_t *,\n+\t\t\t\t\t\t\t\tiv_offset);\n+\t\t\tmemcpy(IV_ptr, test_vector->auth_iv.data,\n+\t\t\t\t\ttest_vector->auth_iv.length);\n+\t\t}\n+\n \t\t/* authentication parameters */\n \t\tif (options->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {\n \t\t\tsym_op->auth.digest.data = test_vector->digest.data;\n@@ -207,9 +215,11 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,\n \t\tsym_op->m_src = bufs_in[i];\n \t\tsym_op->m_dst = bufs_out[i];\n \n-\t\tmemcpy(rte_crypto_op_ctod_offset(ops[i], uint8_t *, iv_offset),\n-\t\t\t\ttest_vector->iv.data,\n-\t\t\t\ttest_vector->iv.length);\n+\t\tuint8_t *IV_ptr = rte_crypto_op_ctod_offset(ops[i],\n+\t\t\t\t\t\t\tuint8_t *,\n+\t\t\t\t\t\t\tiv_offset);\n+\t\tmemcpy(IV_ptr, test_vector->cipher_iv.data,\n+\t\t\t\ttest_vector->cipher_iv.length);\n \n \t\t/* cipher parameters */\n \t\tif (options->cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 ||\n@@ -221,6 +231,13 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,\n \n \t\tsym_op->cipher.data.offset = 0;\n \n+\t\tif (test_vector->auth_iv.length) {\n+\t\t\t/* Copy IV after the crypto operation and the cipher IV */\n+\t\t\tIV_ptr += test_vector->cipher_iv.length;\n+\t\t\tmemcpy(IV_ptr, test_vector->auth_iv.data,\n+\t\t\t\t\ttest_vector->auth_iv.length);\n+\t\t}\n+\n \t\t/* authentication parameters */\n \t\tif (options->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {\n \t\t\tsym_op->auth.digest.data = test_vector->digest.data;\n@@ -287,8 +304,8 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,\n \t\tsym_op->m_dst = bufs_out[i];\n \n \t\tmemcpy(rte_crypto_op_ctod_offset(ops[i], uint8_t *, iv_offset),\n-\t\t\t\ttest_vector->iv.data,\n-\t\t\t\ttest_vector->iv.length);\n+\t\t\t\ttest_vector->cipher_iv.data,\n+\t\t\t\ttest_vector->cipher_iv.length);\n \n \t\t/* cipher parameters */\n \t\tsym_op->cipher.data.length = options->test_buffer_size;\n@@ -365,8 +382,8 @@ cperf_create_session(uint8_t dev_id,\n \t\t\t\t\ttest_vector->cipher_key.data;\n \t\t\tcipher_xform.cipher.key.length =\n \t\t\t\t\ttest_vector->cipher_key.length;\n-\t\t\tcipher_xform.cipher.iv.length = test_vector->iv.length;\n-\n+\t\t\tcipher_xform.cipher.iv.length =\n+\t\t\t\t\ttest_vector->cipher_iv.length;\n \t\t} else {\n \t\t\tcipher_xform.cipher.key.data = NULL;\n \t\t\tcipher_xform.cipher.key.length = 0;\n@@ -392,11 +409,14 @@ cperf_create_session(uint8_t dev_id,\n \t\t\tauth_xform.auth.key.length =\n \t\t\t\t\ttest_vector->auth_key.length;\n \t\t\tauth_xform.auth.key.data = test_vector->auth_key.data;\n+\t\t\tauth_xform.auth.iv.length =\n+\t\t\t\t\ttest_vector->auth_iv.length;\n \t\t} else {\n \t\t\tauth_xform.auth.digest_length = 0;\n \t\t\tauth_xform.auth.add_auth_data_length = 0;\n \t\t\tauth_xform.auth.key.length = 0;\n \t\t\tauth_xform.auth.key.data = NULL;\n+\t\t\tauth_xform.auth.iv.length = 0;\n \t\t}\n \t\t/* create crypto session */\n \t\tsess = rte_cryptodev_sym_session_create(dev_id, &auth_xform);\n@@ -422,7 +442,8 @@ cperf_create_session(uint8_t dev_id,\n \t\t\t\t\ttest_vector->cipher_key.data;\n \t\t\tcipher_xform.cipher.key.length =\n \t\t\t\t\ttest_vector->cipher_key.length;\n-\t\t\tcipher_xform.cipher.iv.length = test_vector->iv.length;\n+\t\t\tcipher_xform.cipher.iv.length =\n+\t\t\t\t\ttest_vector->cipher_iv.length;\n \t\t} else {\n \t\t\tcipher_xform.cipher.key.data = NULL;\n \t\t\tcipher_xform.cipher.key.length = 0;\n@@ -447,17 +468,21 @@ cperf_create_session(uint8_t dev_id,\n \t\t\t\toptions->auth_algo == RTE_CRYPTO_AUTH_AES_GCM) {\n \t\t\t\tauth_xform.auth.key.length = 0;\n \t\t\t\tauth_xform.auth.key.data = NULL;\n+\t\t\t\tauth_xform.auth.iv.length = 0;\n \t\t\t} else { /* auth options for others */\n \t\t\t\tauth_xform.auth.key.length =\n \t\t\t\t\ttest_vector->auth_key.length;\n \t\t\t\tauth_xform.auth.key.data =\n \t\t\t\t\t\ttest_vector->auth_key.data;\n+\t\t\t\tauth_xform.auth.iv.length =\n+\t\t\t\t\t\ttest_vector->auth_iv.length;\n \t\t\t}\n \t\t} else {\n \t\t\tauth_xform.auth.digest_length = 0;\n \t\t\tauth_xform.auth.add_auth_data_length = 0;\n \t\t\tauth_xform.auth.key.length = 0;\n \t\t\tauth_xform.auth.key.data = NULL;\n+\t\t\tauth_xform.auth.iv.length = 0;\n \t\t}\n \n \t\t/* create crypto session for aes gcm */\ndiff --git a/app/test-crypto-perf/cperf_options.h b/app/test-crypto-perf/cperf_options.h\nindex b928c58..0e53c03 100644\n--- a/app/test-crypto-perf/cperf_options.h\n+++ b/app/test-crypto-perf/cperf_options.h\n@@ -28,6 +28,7 @@\n #define CPERF_AUTH_ALGO\t\t(\"auth-algo\")\n #define CPERF_AUTH_OP\t\t(\"auth-op\")\n #define CPERF_AUTH_KEY_SZ\t(\"auth-key-sz\")\n+#define CPERF_AUTH_IV_SZ\t(\"auth-iv-sz\")\n #define CPERF_AUTH_DIGEST_SZ\t(\"auth-digest-sz\")\n #define CPERF_AUTH_AAD_SZ\t(\"auth-aad-sz\")\n #define CPERF_CSV\t\t(\"csv-friendly\")\n@@ -76,6 +77,7 @@ struct cperf_options {\n \tenum rte_crypto_auth_operation auth_op;\n \n \tuint16_t auth_key_sz;\n+\tuint16_t auth_iv_sz;\n \tuint16_t auth_digest_sz;\n \tuint16_t auth_aad_sz;\n \ndiff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c\nindex 63ba37c..70b6a60 100644\n--- a/app/test-crypto-perf/cperf_options_parsing.c\n+++ b/app/test-crypto-perf/cperf_options_parsing.c\n@@ -549,6 +549,12 @@ parse_auth_digest_sz(struct cperf_options *opts, const char *arg)\n }\n \n static int\n+parse_auth_iv_sz(struct cperf_options *opts, const char *arg)\n+{\n+\treturn parse_uint16_t(&opts->auth_iv_sz, arg);\n+}\n+\n+static int\n parse_auth_aad_sz(struct cperf_options *opts, const char *arg)\n {\n \treturn parse_uint16_t(&opts->auth_aad_sz, arg);\n@@ -651,6 +657,7 @@ cperf_options_default(struct cperf_options *opts)\n \n \topts->auth_key_sz = 64;\n \topts->auth_digest_sz = 12;\n+\topts->auth_iv_sz = 0;\n \topts->auth_aad_sz = 0;\n }\n \n@@ -678,6 +685,7 @@ cperf_opts_parse_long(int opt_idx, struct cperf_options *opts)\n \t\t{ CPERF_AUTH_ALGO,\tparse_auth_algo },\n \t\t{ CPERF_AUTH_OP,\tparse_auth_op },\n \t\t{ CPERF_AUTH_KEY_SZ,\tparse_auth_key_sz },\n+\t\t{ CPERF_AUTH_IV_SZ,\tparse_auth_iv_sz },\n \t\t{ CPERF_AUTH_DIGEST_SZ,\tparse_auth_digest_sz },\n \t\t{ CPERF_AUTH_AAD_SZ,\tparse_auth_aad_sz },\n \t\t{ CPERF_CSV,\tparse_csv_friendly},\n@@ -914,6 +922,7 @@ cperf_options_dump(struct cperf_options *opts)\n \t\tprintf(\"# auth operation: %s\\n\",\n \t\t\trte_crypto_auth_operation_strings[opts->auth_op]);\n \t\tprintf(\"# auth key size: %u\\n\", opts->auth_key_sz);\n+\t\tprintf(\"# auth iv size: %u\\n\", opts->auth_iv_sz);\n \t\tprintf(\"# auth digest size: %u\\n\", opts->auth_digest_sz);\n \t\tprintf(\"# auth aad size: %u\\n\", opts->auth_aad_sz);\n \t\tprintf(\"#\\n\");\ndiff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c\nindex dfe208d..dc0ba84 100644\n--- a/app/test-crypto-perf/cperf_test_latency.c\n+++ b/app/test-crypto-perf/cperf_test_latency.c\n@@ -286,7 +286,9 @@ cperf_latency_test_constructor(uint8_t dev_id, uint16_t qp_id,\n \tsnprintf(pool_name, sizeof(pool_name), \"cperf_op_pool_cdev_%d\",\n \t\t\tdev_id);\n \n-\tuint16_t priv_size = sizeof(struct priv_op_data) + test_vector->iv.length;\n+\tuint16_t priv_size = sizeof(struct priv_op_data) +\n+\t\t\ttest_vector->cipher_iv.length +\n+\t\t\ttest_vector->auth_iv.length;\n \tctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,\n \t\t\tRTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz, 0, priv_size,\n \t\t\trte_socket_id());\ndiff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c\nindex 4d2b3d3..1e3f3b3 100644\n--- a/app/test-crypto-perf/cperf_test_throughput.c\n+++ b/app/test-crypto-perf/cperf_test_throughput.c\n@@ -266,7 +266,8 @@ cperf_throughput_test_constructor(uint8_t dev_id, uint16_t qp_id,\n \tsnprintf(pool_name, sizeof(pool_name), \"cperf_op_pool_cdev_%d\",\n \t\t\tdev_id);\n \n-\tuint16_t priv_size = test_vector->iv.length;\n+\tuint16_t priv_size = test_vector->cipher_iv.length +\n+\t\ttest_vector->auth_iv.length;\n \n \tctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,\n \t\t\tRTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz, 0, priv_size,\ndiff --git a/app/test-crypto-perf/cperf_test_vector_parsing.c b/app/test-crypto-perf/cperf_test_vector_parsing.c\nindex 62d0c91..277ff1e 100644\n--- a/app/test-crypto-perf/cperf_test_vector_parsing.c\n+++ b/app/test-crypto-perf/cperf_test_vector_parsing.c\n@@ -15,7 +15,8 @@ free_test_vector(struct cperf_test_vector *vector, struct cperf_options *opts)\n \tif (vector == NULL || opts == NULL)\n \t\treturn -1;\n \n-\trte_free(vector->iv.data);\n+\trte_free(vector->cipher_iv.data);\n+\trte_free(vector->auth_iv.data);\n \trte_free(vector->aad.data);\n \trte_free(vector->digest.data);\n \n@@ -84,15 +85,28 @@ show_test_vector(struct cperf_test_vector *test_vector)\n \t\tprintf(\"\\n\");\n \t}\n \n-\tif (test_vector->iv.data) {\n-\t\tprintf(\"\\niv =\\n\");\n-\t\tfor (i = 0; i < test_vector->iv.length; ++i) {\n+\tif (test_vector->cipher_iv.data) {\n+\t\tprintf(\"\\ncipher_iv =\\n\");\n+\t\tfor (i = 0; i < test_vector->cipher_iv.length; ++i) {\n \t\t\tif ((i % wrap == 0) && (i != 0))\n \t\t\t\tprintf(\"\\n\");\n-\t\t\tif (i == (uint32_t)(test_vector->iv.length - 1))\n-\t\t\t\tprintf(\"0x%02x\", test_vector->iv.data[i]);\n+\t\t\tif (i == (uint32_t)(test_vector->cipher_iv.length - 1))\n+\t\t\t\tprintf(\"0x%02x\", test_vector->cipher_iv.data[i]);\n \t\t\telse\n-\t\t\t\tprintf(\"0x%02x, \", test_vector->iv.data[i]);\n+\t\t\t\tprintf(\"0x%02x, \", test_vector->cipher_iv.data[i]);\n+\t\t}\n+\t\tprintf(\"\\n\");\n+\t}\n+\n+\tif (test_vector->auth_iv.data) {\n+\t\tprintf(\"\\nauth_iv =\\n\");\n+\t\tfor (i = 0; i < test_vector->auth_iv.length; ++i) {\n+\t\t\tif ((i % wrap == 0) && (i != 0))\n+\t\t\t\tprintf(\"\\n\");\n+\t\t\tif (i == (uint32_t)(test_vector->auth_iv.length - 1))\n+\t\t\t\tprintf(\"0x%02x\", test_vector->auth_iv.data[i]);\n+\t\t\telse\n+\t\t\t\tprintf(\"0x%02x, \", test_vector->auth_iv.data[i]);\n \t\t}\n \t\tprintf(\"\\n\");\n \t}\n@@ -300,18 +314,32 @@ parse_entry(char *entry, struct cperf_test_vector *vector,\n \t\t\tvector->auth_key.length = opts->auth_key_sz;\n \t\t}\n \n-\t} else if (strstr(key_token, \"iv\")) {\n-\t\trte_free(vector->iv.data);\n-\t\tvector->iv.data = data;\n+\t} else if (strstr(key_token, \"cipher_iv\")) {\n+\t\trte_free(vector->cipher_iv.data);\n+\t\tvector->cipher_iv.data = data;\n \t\tif (tc_found)\n-\t\t\tvector->iv.length = data_length;\n+\t\t\tvector->cipher_iv.length = data_length;\n \t\telse {\n \t\t\tif (opts->cipher_iv_sz > data_length) {\n-\t\t\t\tprintf(\"Global iv shorter than \"\n+\t\t\t\tprintf(\"Global cipher iv shorter than \"\n \t\t\t\t\t\"cipher_iv_sz\\n\");\n \t\t\t\treturn -1;\n \t\t\t}\n-\t\t\tvector->iv.length = opts->cipher_iv_sz;\n+\t\t\tvector->cipher_iv.length = opts->cipher_iv_sz;\n+\t\t}\n+\n+\t} else if (strstr(key_token, \"auth_iv\")) {\n+\t\trte_free(vector->auth_iv.data);\n+\t\tvector->auth_iv.data = data;\n+\t\tif (tc_found)\n+\t\t\tvector->auth_iv.length = data_length;\n+\t\telse {\n+\t\t\tif (opts->auth_iv_sz > data_length) {\n+\t\t\t\tprintf(\"Global auth iv shorter than \"\n+\t\t\t\t\t\"auth_iv_sz\\n\");\n+\t\t\t\treturn -1;\n+\t\t\t}\n+\t\t\tvector->auth_iv.length = opts->auth_iv_sz;\n \t\t}\n \n \t} else if (strstr(key_token, \"ciphertext\")) {\ndiff --git a/app/test-crypto-perf/cperf_test_vectors.c b/app/test-crypto-perf/cperf_test_vectors.c\nindex 4a14fb3..6829b86 100644\n--- a/app/test-crypto-perf/cperf_test_vectors.c\n+++ b/app/test-crypto-perf/cperf_test_vectors.c\n@@ -409,32 +409,34 @@ cperf_test_vector_get_dummy(struct cperf_options *options)\n \t\t\tt_vec->cipher_key.length = 0;\n \t\t\tt_vec->ciphertext.data = plaintext;\n \t\t\tt_vec->cipher_key.data = NULL;\n-\t\t\tt_vec->iv.data = NULL;\n+\t\t\tt_vec->cipher_iv.data = NULL;\n \t\t} else {\n \t\t\tt_vec->cipher_key.length = options->cipher_key_sz;\n \t\t\tt_vec->ciphertext.data = ciphertext;\n \t\t\tt_vec->cipher_key.data = cipher_key;\n-\t\t\tt_vec->iv.data = rte_malloc(NULL, options->cipher_iv_sz,\n+\t\t\tt_vec->cipher_iv.data = rte_malloc(NULL, options->cipher_iv_sz,\n \t\t\t\t\t16);\n-\t\t\tif (t_vec->iv.data == NULL) {\n+\t\t\tif (t_vec->cipher_iv.data == NULL) {\n \t\t\t\trte_free(t_vec);\n \t\t\t\treturn NULL;\n \t\t\t}\n-\t\t\tmemcpy(t_vec->iv.data, iv, options->cipher_iv_sz);\n+\t\t\tmemcpy(t_vec->cipher_iv.data, iv, options->cipher_iv_sz);\n \t\t}\n \t\tt_vec->ciphertext.length = options->max_buffer_size;\n+\n \t\t/* Set IV parameters */\n-\t\tt_vec->iv.data = rte_malloc(NULL, options->cipher_iv_sz,\n-\t\t\t\t\t16);\n-\t\tif (options->cipher_iv_sz && t_vec->iv.data == NULL) {\n+\t\tt_vec->cipher_iv.data = rte_malloc(NULL, options->cipher_iv_sz,\n+\t\t\t\t16);\n+\t\tif (options->cipher_iv_sz && t_vec->cipher_iv.data == NULL) {\n \t\t\trte_free(t_vec);\n \t\t\treturn NULL;\n \t\t}\n-\t\tmemcpy(t_vec->iv.data, iv, options->cipher_iv_sz);\n-\t\tt_vec->iv.length = options->cipher_iv_sz;\n+\t\tmemcpy(t_vec->cipher_iv.data, iv, options->cipher_iv_sz);\n+\t\tt_vec->cipher_iv.length = options->cipher_iv_sz;\n \n \t\tt_vec->data.cipher_offset = 0;\n \t\tt_vec->data.cipher_length = options->max_buffer_size;\n+\n \t}\n \n \tif (options->op_type ==\tCPERF_AUTH_ONLY ||\n@@ -476,7 +478,7 @@ cperf_test_vector_get_dummy(struct cperf_options *options)\n \t\t\t\t\toptions->auth_aad_sz, 16);\n \t\t\tif (t_vec->aad.data == NULL) {\n \t\t\t\tif (options->op_type !=\tCPERF_AUTH_ONLY)\n-\t\t\t\t\trte_free(t_vec->iv.data);\n+\t\t\t\t\trte_free(t_vec->cipher_iv.data);\n \t\t\t\trte_free(t_vec);\n \t\t\t\treturn NULL;\n \t\t\t}\n@@ -485,13 +487,26 @@ cperf_test_vector_get_dummy(struct cperf_options *options)\n \t\t\tt_vec->aad.data = NULL;\n \t\t}\n \n+\t\t/* Set IV parameters */\n+\t\tt_vec->auth_iv.data = rte_malloc(NULL, options->auth_iv_sz,\n+\t\t\t\t16);\n+\t\tif (options->auth_iv_sz && t_vec->auth_iv.data == NULL) {\n+\t\t\tif (options->op_type != CPERF_AUTH_ONLY)\n+\t\t\t\trte_free(t_vec->cipher_iv.data);\n+\t\t\trte_free(t_vec);\n+\t\t\treturn NULL;\n+\t\t}\n+\t\tmemcpy(t_vec->auth_iv.data, iv, options->auth_iv_sz);\n+\t\tt_vec->auth_iv.length = options->auth_iv_sz;\n+\n \t\tt_vec->aad.phys_addr = rte_malloc_virt2phy(t_vec->aad.data);\n \t\tt_vec->aad.length = options->auth_aad_sz;\n \t\tt_vec->digest.data = rte_malloc(NULL, options->auth_digest_sz,\n \t\t\t\t16);\n \t\tif (t_vec->digest.data == NULL) {\n \t\t\tif (options->op_type !=\tCPERF_AUTH_ONLY)\n-\t\t\t\trte_free(t_vec->iv.data);\n+\t\t\t\trte_free(t_vec->cipher_iv.data);\n+\t\t\trte_free(t_vec->auth_iv.data);\n \t\t\trte_free(t_vec->aad.data);\n \t\t\trte_free(t_vec);\n \t\t\treturn NULL;\ndiff --git a/app/test-crypto-perf/cperf_test_vectors.h b/app/test-crypto-perf/cperf_test_vectors.h\nindex e64f116..7f9c4fa 100644\n--- a/app/test-crypto-perf/cperf_test_vectors.h\n+++ b/app/test-crypto-perf/cperf_test_vectors.h\n@@ -53,9 +53,13 @@ struct cperf_test_vector {\n \n \tstruct {\n \t\tuint8_t *data;\n-\t\tphys_addr_t phys_addr;\n \t\tuint16_t length;\n-\t} iv;\n+\t} cipher_iv;\n+\n+\tstruct {\n+\t\tuint8_t *data;\n+\t\tuint16_t length;\n+\t} auth_iv;\n \n \tstruct {\n \t\tuint8_t *data;\ndiff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c\nindex 1b58b1d..81057ff 100644\n--- a/app/test-crypto-perf/cperf_test_verify.c\n+++ b/app/test-crypto-perf/cperf_test_verify.c\n@@ -270,7 +270,8 @@ cperf_verify_test_constructor(uint8_t dev_id, uint16_t qp_id,\n \tsnprintf(pool_name, sizeof(pool_name), \"cperf_op_pool_cdev_%d\",\n \t\t\tdev_id);\n \n-\tuint16_t priv_size = test_vector->iv.length;\n+\tuint16_t priv_size = test_vector->cipher_iv.length +\n+\t\ttest_vector->auth_iv.length;\n \tctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,\n \t\t\tRTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz, 0, priv_size,\n \t\t\trte_socket_id());\ndiff --git a/app/test-crypto-perf/data/aes_cbc_128_sha.data b/app/test-crypto-perf/data/aes_cbc_128_sha.data\nindex 0b054f5..ff55590 100644\n--- a/app/test-crypto-perf/data/aes_cbc_128_sha.data\n+++ b/app/test-crypto-perf/data/aes_cbc_128_sha.data\n@@ -282,7 +282,7 @@ auth_key =\n 0xe8, 0x38, 0x36, 0x58, 0x39, 0xd9, 0x9a, 0xc5, 0xe7, 0x3b, 0xc4, 0x47, 0xe2, 0xbd, 0x80, 0x73,\n 0xf8, 0xd1, 0x9a, 0x5e, 0x4b, 0xfb, 0x52, 0x6b, 0x50, 0xaf, 0x8b, 0xb7, 0xb5, 0x2c, 0x52, 0x84\n \n-iv =\n+cipher_iv =\n 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F\n \n ####################\ndiff --git a/app/test-crypto-perf/data/aes_cbc_192_sha.data b/app/test-crypto-perf/data/aes_cbc_192_sha.data\nindex 7bfe3da..3f85a00 100644\n--- a/app/test-crypto-perf/data/aes_cbc_192_sha.data\n+++ b/app/test-crypto-perf/data/aes_cbc_192_sha.data\n@@ -283,7 +283,7 @@ auth_key =\n 0xe8, 0x38, 0x36, 0x58, 0x39, 0xd9, 0x9a, 0xc5, 0xe7, 0x3b, 0xc4, 0x47, 0xe2, 0xbd, 0x80, 0x73,\n 0xf8, 0xd1, 0x9a, 0x5e, 0x4b, 0xfb, 0x52, 0x6b, 0x50, 0xaf, 0x8b, 0xb7, 0xb5, 0x2c, 0x52, 0x84\n \n-iv =\n+cipher_iv =\n 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F\n \n ####################\ndiff --git a/app/test-crypto-perf/data/aes_cbc_256_sha.data b/app/test-crypto-perf/data/aes_cbc_256_sha.data\nindex 52dafb9..8da8161 100644\n--- a/app/test-crypto-perf/data/aes_cbc_256_sha.data\n+++ b/app/test-crypto-perf/data/aes_cbc_256_sha.data\n@@ -283,7 +283,7 @@ auth_key =\n 0xe8, 0x38, 0x36, 0x58, 0x39, 0xd9, 0x9a, 0xc5, 0xe7, 0x3b, 0xc4, 0x47, 0xe2, 0xbd, 0x80, 0x73,\n 0xf8, 0xd1, 0x9a, 0x5e, 0x4b, 0xfb, 0x52, 0x6b, 0x50, 0xaf, 0x8b, 0xb7, 0xb5, 0x2c, 0x52, 0x84\n \n-iv =\n+cipher_iv =\n 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F\n \n ####################\ndiff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c\nindex 9ec2a4b..cf4fa4f 100644\n--- a/app/test-crypto-perf/main.c\n+++ b/app/test-crypto-perf/main.c\n@@ -138,7 +138,8 @@ cperf_verify_devices_capabilities(struct cperf_options *opts,\n \t\t\t\t\tcapability,\n \t\t\t\t\topts->auth_key_sz,\n \t\t\t\t\topts->auth_digest_sz,\n-\t\t\t\t\topts->auth_aad_sz);\n+\t\t\t\t\topts->auth_aad_sz,\n+\t\t\t\t\topts->auth_iv_sz);\n \t\t\tif (ret != 0)\n \t\t\t\treturn ret;\n \t\t}\n@@ -185,9 +186,9 @@ cperf_check_test_vector(struct cperf_options *opts,\n \t\t\t\treturn -1;\n \t\t\tif (test_vec->ciphertext.length < opts->max_buffer_size)\n \t\t\t\treturn -1;\n-\t\t\tif (test_vec->iv.data == NULL)\n+\t\t\tif (test_vec->cipher_iv.data == NULL)\n \t\t\t\treturn -1;\n-\t\t\tif (test_vec->iv.length != opts->cipher_iv_sz)\n+\t\t\tif (test_vec->cipher_iv.length != opts->cipher_iv_sz)\n \t\t\t\treturn -1;\n \t\t\tif (test_vec->cipher_key.data == NULL)\n \t\t\t\treturn -1;\n@@ -204,6 +205,11 @@ cperf_check_test_vector(struct cperf_options *opts,\n \t\t\t\treturn -1;\n \t\t\tif (test_vec->auth_key.length != opts->auth_key_sz)\n \t\t\t\treturn -1;\n+\t\t\tif (test_vec->auth_iv.length != opts->auth_iv_sz)\n+\t\t\t\treturn -1;\n+\t\t\t/* Auth IV is only required for some algorithms */\n+\t\t\tif (opts->auth_iv_sz && test_vec->auth_iv.data == NULL)\n+\t\t\t\treturn -1;\n \t\t\tif (test_vec->digest.data == NULL)\n \t\t\t\treturn -1;\n \t\t\tif (test_vec->digest.length < opts->auth_digest_sz)\n@@ -226,9 +232,9 @@ cperf_check_test_vector(struct cperf_options *opts,\n \t\t\t\treturn -1;\n \t\t\tif (test_vec->ciphertext.length < opts->max_buffer_size)\n \t\t\t\treturn -1;\n-\t\t\tif (test_vec->iv.data == NULL)\n+\t\t\tif (test_vec->cipher_iv.data == NULL)\n \t\t\t\treturn -1;\n-\t\t\tif (test_vec->iv.length != opts->cipher_iv_sz)\n+\t\t\tif (test_vec->cipher_iv.length != opts->cipher_iv_sz)\n \t\t\t\treturn -1;\n \t\t\tif (test_vec->cipher_key.data == NULL)\n \t\t\t\treturn -1;\n@@ -240,6 +246,11 @@ cperf_check_test_vector(struct cperf_options *opts,\n \t\t\t\treturn -1;\n \t\t\tif (test_vec->auth_key.length != opts->auth_key_sz)\n \t\t\t\treturn -1;\n+\t\t\tif (test_vec->auth_iv.length != opts->auth_iv_sz)\n+\t\t\t\treturn -1;\n+\t\t\t/* Auth IV is only required for some algorithms */\n+\t\t\tif (opts->auth_iv_sz && test_vec->auth_iv.data == NULL)\n+\t\t\t\treturn -1;\n \t\t\tif (test_vec->digest.data == NULL)\n \t\t\t\treturn -1;\n \t\t\tif (test_vec->digest.length < opts->auth_digest_sz)\n@@ -254,6 +265,10 @@ cperf_check_test_vector(struct cperf_options *opts,\n \t\t\treturn -1;\n \t\tif (test_vec->ciphertext.length < opts->max_buffer_size)\n \t\t\treturn -1;\n+\t\tif (test_vec->cipher_iv.data == NULL)\n+\t\t\treturn -1;\n+\t\tif (test_vec->cipher_iv.length != opts->cipher_iv_sz)\n+\t\t\treturn -1;\n \t\tif (test_vec->aad.data == NULL)\n \t\t\treturn -1;\n \t\tif (test_vec->aad.length != opts->auth_aad_sz)\ndiff --git a/doc/guides/sample_app_ug/l2_forward_crypto.rst b/doc/guides/sample_app_ug/l2_forward_crypto.rst\nindex 45d8a12..b9aa573 100644\n--- a/doc/guides/sample_app_ug/l2_forward_crypto.rst\n+++ b/doc/guides/sample_app_ug/l2_forward_crypto.rst\n@@ -86,9 +86,10 @@ The application requires a number of command line options:\n ./build/l2fwd-crypto [EAL options] -- [-p PORTMASK] [-q NQ] [-s] [-T PERIOD] /\n [--cdev_type HW/SW/ANY] [--chain HASH_CIPHER/CIPHER_HASH/CIPHER_ONLY/HASH_ONLY] /\n [--cipher_algo ALGO] [--cipher_op ENCRYPT/DECRYPT] [--cipher_key KEY] /\n- [--cipher_key_random_size SIZE] [--iv IV] [--iv_random_size SIZE] /\n+ [--cipher_key_random_size SIZE] [--cipher_iv IV] [--cipher_iv_random_size SIZE] /\n [--auth_algo ALGO] [--auth_op GENERATE/VERIFY] [--auth_key KEY] /\n- [--auth_key_random_size SIZE] [--aad AAD] [--aad_random_size SIZE] /\n+ [--auth_key_random_size SIZE] [--auth_iv IV] [--auth_iv_random_size SIZE] /\n+ [--aad AAD] [--aad_random_size SIZE] /\n [--digest size SIZE] [--sessionless] [--cryptodev_mask MASK]\n \n where,\n@@ -127,11 +128,11 @@ where,\n \n Note that if --cipher_key is used, this will be ignored.\n \n-* iv: set the IV to be used. Bytes has to be separated with \":\"\n+* cipher_iv: set the cipher IV to be used. Bytes has to be separated with \":\"\n \n-* iv_random_size: set the size of the IV, which will be generated randomly.\n+* cipher_iv_random_size: set the size of the cipher IV, which will be generated randomly.\n \n- Note that if --iv is used, this will be ignored.\n+ Note that if --cipher_iv is used, this will be ignored.\n \n * auth_algo: select the authentication algorithm (default is sha1-hmac)\n \n@@ -147,6 +148,12 @@ where,\n \n Note that if --auth_key is used, this will be ignored.\n \n+* auth_iv: set the auth IV to be used. Bytes has to be separated with \":\"\n+\n+* auth_iv_random_size: set the size of the auth IV, which will be generated randomly.\n+\n+ Note that if --auth_iv is used, this will be ignored.\n+\n * aad: set the AAD to be used. Bytes has to be separated with \":\"\n \n * aad_random_size: set the size of the AAD, which will be generated randomly.\ndiff --git a/doc/guides/tools/cryptoperf.rst b/doc/guides/tools/cryptoperf.rst\nindex 2d225d5..8834df7 100644\n--- a/doc/guides/tools/cryptoperf.rst\n+++ b/doc/guides/tools/cryptoperf.rst\n@@ -290,6 +290,10 @@ The following are the appication command-line options:\n \n Set the size of authentication key.\n \n+* ``--auth-iv-sz <n>``\n+\n+ Set the size of auth iv.\n+\n * ``--auth-digest-sz <n>``\n \n Set the size of authentication digest.\n@@ -345,9 +349,13 @@ a string of bytes in C byte array format::\n \n Key used in auth operation.\n \n-* ``iv``\n+* ``cipher_iv``\n+\n+ Cipher Initial Vector.\n+\n+* ``auth_iv``\n \n- Initial vector.\n+ Auth Initial Vector.\n \n * ``aad``\n \n@@ -412,7 +420,7 @@ Test vector file for cipher algorithm aes cbc 256 with authorization sha::\n 0xf5, 0x0c, 0xe7, 0xa2, 0xa6, 0x23, 0xd5, 0x3d, 0x95, 0xd8, 0xcd, 0x86, 0x79, 0xf5, 0x01, 0x47,\n 0x4f, 0xf9, 0x1d, 0x9d, 0x36, 0xf7, 0x68, 0x1a, 0x64, 0x44, 0x58, 0x5d, 0xe5, 0x81, 0x15, 0x2a,\n 0x41, 0xe4, 0x0e, 0xaa, 0x1f, 0x04, 0x21, 0xff, 0x2c, 0xf3, 0x73, 0x2b, 0x48, 0x1e, 0xd2, 0xf7\n- iv =\n+ cipher_iv =\n 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F\n # Section sha 1 hmac buff 32\n [sha1_hmac_buff_32]\ndiff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c\nindex 7b68a20..542e6c4 100644\n--- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c\n+++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c\n@@ -60,7 +60,8 @@ static const struct rte_cryptodev_capabilities aesni_gcm_pmd_capabilities[] = {\n \t\t\t\t\t.min = 0,\n \t\t\t\t\t.max = 65535,\n \t\t\t\t\t.increment = 1\n-\t\t\t\t}\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -85,7 +86,8 @@ static const struct rte_cryptodev_capabilities aesni_gcm_pmd_capabilities[] = {\n \t\t\t\t\t.min = 0,\n \t\t\t\t\t.max = 65535,\n \t\t\t\t\t.increment = 1\n-\t\t\t\t}\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\nindex d1bc28e..780b88b 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n@@ -57,7 +57,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.max = 12,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -78,7 +79,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.max = 12,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -99,7 +101,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.max = 14,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -120,7 +123,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.max = 16,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -141,7 +145,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.max = 24,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -162,7 +167,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.max = 32,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -183,7 +189,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.max = 12,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\ndiff --git a/drivers/crypto/armv8/rte_armv8_pmd_ops.c b/drivers/crypto/armv8/rte_armv8_pmd_ops.c\nindex 4d9ccbf..78ed770 100644\n--- a/drivers/crypto/armv8/rte_armv8_pmd_ops.c\n+++ b/drivers/crypto/armv8/rte_armv8_pmd_ops.c\n@@ -59,7 +59,8 @@ static const struct rte_cryptodev_capabilities\n \t\t\t\t\t\t.max = 20,\n \t\t\t\t\t\t.increment = 0\n \t\t\t\t\t},\n-\t\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t\t.iv_size = { 0 }\n \t\t\t\t}, }\n \t\t\t}, }\n \t},\n@@ -80,7 +81,8 @@ static const struct rte_cryptodev_capabilities\n \t\t\t\t\t\t.max = 32,\n \t\t\t\t\t\t.increment = 0\n \t\t\t\t\t},\n-\t\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t\t.iv_size = { 0 }\n \t\t\t\t}, }\n \t\t\t}, }\n \t},\ndiff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h\nindex d152161..ff3be70 100644\n--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h\n+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h\n@@ -217,7 +217,8 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {\n \t\t\t\t\t.max = 16,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -238,7 +239,8 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {\n \t\t\t\t\t.max = 20,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -259,7 +261,8 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {\n \t\t\t\t\t.max = 28,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -280,7 +283,8 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {\n \t\t\t\t\t\t.max = 32,\n \t\t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t\t}, }\n \t\t\t}, }\n \t\t},\n@@ -301,7 +305,8 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {\n \t\t\t\t\t.max = 48,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -322,7 +327,8 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {\n \t\t\t\t\t.max = 64,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\ndiff --git a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c\nindex 62ebdbd..8f1a116 100644\n--- a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c\n+++ b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c\n@@ -60,7 +60,8 @@ static const struct rte_cryptodev_capabilities kasumi_pmd_capabilities[] = {\n \t\t\t\t\t.min = 8,\n \t\t\t\t\t.max = 8,\n \t\t\t\t\t.increment = 0\n-\t\t\t\t}\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\ndiff --git a/drivers/crypto/null/null_crypto_pmd_ops.c b/drivers/crypto/null/null_crypto_pmd_ops.c\nindex 5f74f0c..f8ad8e4 100644\n--- a/drivers/crypto/null/null_crypto_pmd_ops.c\n+++ b/drivers/crypto/null/null_crypto_pmd_ops.c\n@@ -56,7 +56,8 @@ static const struct rte_cryptodev_capabilities null_crypto_pmd_capabilities[] =\n \t\t\t\t\t.max = 0,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, },\n \t\t}, },\n \t},\ndiff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c\nindex 22a6873..3026dbd 100644\n--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c\n+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c\n@@ -57,7 +57,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 16,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -78,7 +79,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 16,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -99,7 +101,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 20,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -120,7 +123,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 20,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -141,7 +145,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 28,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -162,7 +167,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 28,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -183,31 +189,33 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 32,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n \t{\t/* SHA256 */\n-\t\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t\t{.sym = {\n-\t\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t\t{.auth = {\n-\t\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA256,\n-\t\t\t\t\t.block_size = 64,\n-\t\t\t\t\t.key_size = {\n-\t\t\t\t\t\t.min = 0,\n-\t\t\t\t\t\t.max = 0,\n-\t\t\t\t\t\t.increment = 0\n-\t\t\t\t\t},\n-\t\t\t\t\t.digest_size = {\n-\t\t\t\t\t\t.min = 32,\n-\t\t\t\t\t\t.max = 32,\n-\t\t\t\t\t\t.increment = 0\n-\t\t\t\t\t},\n-\t\t\t\t\t.aad_size = { 0 }\n-\t\t\t\t}, }\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA256,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 0,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 32,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n-\t\t},\n+\t\t}, }\n+\t},\n \t{\t/* SHA384 HMAC */\n \t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n \t\t{.sym = {\n@@ -225,7 +233,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 48,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -246,7 +255,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 48,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -267,7 +277,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 64,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -288,7 +299,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.max = 64,\n \t\t\t\t\t.increment = 0\n \t\t\t\t},\n-\t\t\t\t.aad_size = { 0 }\n+\t\t\t\t.aad_size = { 0 },\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -353,7 +365,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.min = 0,\n \t\t\t\t\t.max = 65535,\n \t\t\t\t\t.increment = 1\n-\t\t\t\t}\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\n@@ -398,7 +411,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t\t\t.min = 8,\n \t\t\t\t\t.max = 65532,\n \t\t\t\t\t.increment = 4\n-\t\t\t\t}\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\ndiff --git a/drivers/crypto/qat/qat_crypto_capabilities.h b/drivers/crypto/qat/qat_crypto_capabilities.h\nindex 1294f24..4bc2c97 100644\n--- a/drivers/crypto/qat/qat_crypto_capabilities.h\n+++ b/drivers/crypto/qat/qat_crypto_capabilities.h\n@@ -52,7 +52,8 @@\n \t\t\t\t\t.max = 20,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n \t\t\t\t},\t\t\t\t\t\\\n-\t\t\t\t.aad_size = { 0 }\t\t\t\\\n+\t\t\t\t.aad_size = { 0 },\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -73,7 +74,8 @@\n \t\t\t\t\t.max = 28,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n \t\t\t\t},\t\t\t\t\t\\\n-\t\t\t\t.aad_size = { 0 }\t\t\t\\\n+\t\t\t\t.aad_size = { 0 },\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -94,7 +96,8 @@\n \t\t\t\t\t.max = 32,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n \t\t\t\t},\t\t\t\t\t\\\n-\t\t\t\t.aad_size = { 0 }\t\t\t\\\n+\t\t\t\t.aad_size = { 0 },\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -114,8 +117,9 @@\n \t\t\t\t\t.min = 48,\t\t\t\\\n \t\t\t\t\t.max = 48,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n-\t\t\t\t\t},\t\t\t\t\\\n-\t\t\t\t.aad_size = { 0 }\t\t\t\\\n+\t\t\t\t},\t\t\t\t\t\\\n+\t\t\t\t.aad_size = { 0 },\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -136,7 +140,8 @@\n \t\t\t\t\t.max = 64,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n \t\t\t\t},\t\t\t\t\t\\\n-\t\t\t\t.aad_size = { 0 }\t\t\t\\\n+\t\t\t\t.aad_size = { 0 },\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -157,7 +162,8 @@\n \t\t\t\t\t.max = 16,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n \t\t\t\t},\t\t\t\t\t\\\n-\t\t\t\t.aad_size = { 0 }\t\t\t\\\n+\t\t\t\t.aad_size = { 0 },\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -178,7 +184,8 @@\n \t\t\t\t\t.max = 16,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n \t\t\t\t},\t\t\t\t\t\\\n-\t\t\t\t.aad_size = { 0 }\t\t\t\\\n+\t\t\t\t.aad_size = { 0 },\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -203,7 +210,8 @@\n \t\t\t\t\t.min = 0,\t\t\t\\\n \t\t\t\t\t.max = 240,\t\t\t\\\n \t\t\t\t\t.increment = 1\t\t\t\\\n-\t\t\t\t}\t\t\t\t\t\\\n+\t\t\t\t},\t\t\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -228,7 +236,8 @@\n \t\t\t\t\t.min = 1,\t\t\t\\\n \t\t\t\t\t.max = 65535,\t\t\t\\\n \t\t\t\t\t.increment = 1\t\t\t\\\n-\t\t\t\t}\t\t\t\t\t\\\n+\t\t\t\t},\t\t\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -253,7 +262,8 @@\n \t\t\t\t\t.min = 16,\t\t\t\\\n \t\t\t\t\t.max = 16,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n-\t\t\t\t}\t\t\t\t\t\\\n+\t\t\t\t},\t\t\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -374,7 +384,8 @@\n \t\t\t\t\t.max = 0,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n \t\t\t\t},\t\t\t\t\t\\\n-\t\t\t\t.aad_size = { 0 }\t\t\t\\\n+\t\t\t\t.aad_size = { 0 },\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, },\t\t\t\t\t\t\\\n \t\t}, },\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -439,7 +450,8 @@\n \t\t\t\t\t.min = 8,\t\t\t\\\n \t\t\t\t\t.max = 8,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n-\t\t\t\t}\t\t\t\t\t\\\n+\t\t\t\t},\t\t\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t},\t\t\t\t\t\t\t\t\\\n@@ -566,7 +578,8 @@\n \t\t\t\t\t.min = 16,\t\t\t\\\n \t\t\t\t\t.max = 16,\t\t\t\\\n \t\t\t\t\t.increment = 0\t\t\t\\\n-\t\t\t\t}\t\t\t\t\t\\\n+\t\t\t\t},\t\t\t\t\t\\\n+\t\t\t\t.iv_size = { 0 }\t\t\t\\\n \t\t\t}, }\t\t\t\t\t\t\\\n \t\t}, }\t\t\t\t\t\t\t\\\n \t}\ndiff --git a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c\nindex 7ce96be..68ede97 100644\n--- a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c\n+++ b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c\n@@ -60,7 +60,8 @@ static const struct rte_cryptodev_capabilities snow3g_pmd_capabilities[] = {\n \t\t\t\t\t.min = 16,\n \t\t\t\t\t.max = 16,\n \t\t\t\t\t.increment = 0\n-\t\t\t\t}\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 },\n \t\t\t}, }\n \t\t}, }\n \t},\ndiff --git a/drivers/crypto/zuc/rte_zuc_pmd_ops.c b/drivers/crypto/zuc/rte_zuc_pmd_ops.c\nindex c24b9bd..02c3c4a 100644\n--- a/drivers/crypto/zuc/rte_zuc_pmd_ops.c\n+++ b/drivers/crypto/zuc/rte_zuc_pmd_ops.c\n@@ -60,7 +60,8 @@ static const struct rte_cryptodev_capabilities zuc_pmd_capabilities[] = {\n \t\t\t\t\t.min = 16,\n \t\t\t\t\t.max = 16,\n \t\t\t\t\t.increment = 0\n-\t\t\t\t}\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n \t\t}, }\n \t},\ndiff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c\nindex 0d98661..6c21c0e 100644\n--- a/examples/l2fwd-crypto/main.c\n+++ b/examples/l2fwd-crypto/main.c\n@@ -160,14 +160,18 @@ struct l2fwd_crypto_options {\n \tunsigned ckey_param;\n \tint ckey_random_size;\n \n-\tstruct l2fwd_iv iv;\n-\tunsigned int iv_param;\n-\tint iv_random_size;\n+\tstruct l2fwd_iv cipher_iv;\n+\tunsigned int cipher_iv_param;\n+\tint cipher_iv_random_size;\n \n \tstruct rte_crypto_sym_xform auth_xform;\n \tuint8_t akey_param;\n \tint akey_random_size;\n \n+\tstruct l2fwd_iv auth_iv;\n+\tunsigned int auth_iv_param;\n+\tint auth_iv_random_size;\n+\n \tstruct l2fwd_key aad;\n \tunsigned aad_param;\n \tint aad_random_size;\n@@ -188,7 +192,8 @@ struct l2fwd_crypto_params {\n \tunsigned digest_length;\n \tunsigned block_size;\n \n-\tstruct l2fwd_iv iv;\n+\tstruct l2fwd_iv cipher_iv;\n+\tstruct l2fwd_iv auth_iv;\n \tstruct l2fwd_key aad;\n \tstruct rte_cryptodev_sym_session *session;\n \n@@ -453,6 +458,16 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m,\n \trte_crypto_op_attach_sym_session(op, cparams->session);\n \n \tif (cparams->do_hash) {\n+\t\tif (cparams->auth_iv.length) {\n+\t\t\tuint8_t *IV_ptr = rte_crypto_op_ctod_offset(op,\n+\t\t\t\t\t\tuint8_t *,\n+\t\t\t\t\t\tIV_OFFSET +\n+\t\t\t\t\t\tcparams->cipher_iv.length);\n+\t\t\t/* Copy IV at the end of the crypto operation,\n+\t\t\t * after the cipher IV, if added */\n+\t\t\trte_memcpy(IV_ptr, cparams->auth_iv.data,\n+\t\t\t\t\tcparams->auth_iv.length);\n+\t\t}\n \t\tif (!cparams->hash_verify) {\n \t\t\t/* Append space for digest to end of packet */\n \t\t\top->sym->auth.digest.data = (uint8_t *)rte_pktmbuf_append(m,\n@@ -492,7 +507,8 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m,\n \t\tuint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,\n \t\t\t\t\t\t\tIV_OFFSET);\n \t\t/* Copy IV at the end of the crypto operation */\n-\t\trte_memcpy(IV_ptr, cparams->iv.data, cparams->iv.length);\n+\t\trte_memcpy(IV_ptr, cparams->cipher_iv.data,\n+\t\t\t\tcparams->cipher_iv.length);\n \n \t\t/* For wireless algorithms, offset/length must be in bits */\n \t\tif (cparams->cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 ||\n@@ -675,6 +691,18 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)\n \t\tport_cparams[i].block_size = options->block_size;\n \n \t\tif (port_cparams[i].do_hash) {\n+\t\t\tport_cparams[i].auth_iv.data = options->auth_iv.data;\n+\t\t\tport_cparams[i].auth_iv.length = options->auth_iv.length;\n+\t\t\tif (!options->auth_iv_param)\n+\t\t\t\tgenerate_random_key(port_cparams[i].auth_iv.data,\n+\t\t\t\t\t\tport_cparams[i].auth_iv.length);\n+\t\t\t/* Set IV parameters */\n+\t\t\tif (options->auth_iv.length) {\n+\t\t\t\toptions->auth_xform.auth.iv.offset =\n+\t\t\t\t\tIV_OFFSET + options->cipher_iv.length;\n+\t\t\t\toptions->auth_xform.auth.iv.length =\n+\t\t\t\t\toptions->auth_iv.length;\n+\t\t\t}\n \t\t\tport_cparams[i].digest_length =\n \t\t\t\t\toptions->auth_xform.auth.digest_length;\n \t\t\tif (options->auth_xform.auth.add_auth_data_length) {\n@@ -698,16 +726,16 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)\n \t\t}\n \n \t\tif (port_cparams[i].do_cipher) {\n-\t\t\tport_cparams[i].iv.data = options->iv.data;\n-\t\t\tport_cparams[i].iv.length = options->iv.length;\n-\t\t\tif (!options->iv_param)\n-\t\t\t\tgenerate_random_key(port_cparams[i].iv.data,\n-\t\t\t\t\t\tport_cparams[i].iv.length);\n+\t\t\tport_cparams[i].cipher_iv.data = options->cipher_iv.data;\n+\t\t\tport_cparams[i].cipher_iv.length = options->cipher_iv.length;\n+\t\t\tif (!options->cipher_iv_param)\n+\t\t\t\tgenerate_random_key(port_cparams[i].cipher_iv.data,\n+\t\t\t\t\t\tport_cparams[i].cipher_iv.length);\n \n \t\t\tport_cparams[i].cipher_algo = options->cipher_xform.cipher.algo;\n \t\t\t/* Set IV parameters */\n \t\t\toptions->cipher_xform.cipher.iv.offset = IV_OFFSET;\n-\t\t\toptions->cipher_xform.cipher.iv.length = options->iv.length;\n+\t\t\toptions->cipher_xform.cipher.iv.length = options->cipher_iv.length;\n \t\t}\n \n \t\tport_cparams[i].session = initialize_crypto_session(options,\n@@ -861,13 +889,15 @@ l2fwd_crypto_usage(const char *prgname)\n \t\t\" --cipher_op ENCRYPT / DECRYPT\\n\"\n \t\t\" --cipher_key KEY (bytes separated with \\\":\\\")\\n\"\n \t\t\" --cipher_key_random_size SIZE: size of cipher key when generated randomly\\n\"\n-\t\t\" --iv IV (bytes separated with \\\":\\\")\\n\"\n-\t\t\" --iv_random_size SIZE: size of IV when generated randomly\\n\"\n+\t\t\" --cipher_iv IV (bytes separated with \\\":\\\")\\n\"\n+\t\t\" --cipher_iv_random_size SIZE: size of cipher IV when generated randomly\\n\"\n \n \t\t\" --auth_algo ALGO\\n\"\n \t\t\" --auth_op GENERATE / VERIFY\\n\"\n \t\t\" --auth_key KEY (bytes separated with \\\":\\\")\\n\"\n \t\t\" --auth_key_random_size SIZE: size of auth key when generated randomly\\n\"\n+\t\t\" --auth_iv IV (bytes separated with \\\":\\\")\\n\"\n+\t\t\" --auth_iv_random_size SIZE: size of auth IV when generated randomly\\n\"\n \t\t\" --aad AAD (bytes separated with \\\":\\\")\\n\"\n \t\t\" --aad_random_size SIZE: size of AAD when generated randomly\\n\"\n \t\t\" --digest_size SIZE: size of digest to be generated/verified\\n\"\n@@ -1078,18 +1108,18 @@ l2fwd_crypto_parse_args_long_options(struct l2fwd_crypto_options *options,\n \telse if (strcmp(lgopts[option_index].name, \"cipher_key_random_size\") == 0)\n \t\treturn parse_size(&options->ckey_random_size, optarg);\n \n-\telse if (strcmp(lgopts[option_index].name, \"iv\") == 0) {\n-\t\toptions->iv_param = 1;\n-\t\toptions->iv.length =\n-\t\t\tparse_key(options->iv.data, optarg);\n-\t\tif (options->iv.length > 0)\n+\telse if (strcmp(lgopts[option_index].name, \"cipher_iv\") == 0) {\n+\t\toptions->cipher_iv_param = 1;\n+\t\toptions->cipher_iv.length =\n+\t\t\tparse_key(options->cipher_iv.data, optarg);\n+\t\tif (options->cipher_iv.length > 0)\n \t\t\treturn 0;\n \t\telse\n \t\t\treturn -1;\n \t}\n \n-\telse if (strcmp(lgopts[option_index].name, \"iv_random_size\") == 0)\n-\t\treturn parse_size(&options->iv_random_size, optarg);\n+\telse if (strcmp(lgopts[option_index].name, \"cipher_iv_random_size\") == 0)\n+\t\treturn parse_size(&options->cipher_iv_random_size, optarg);\n \n \t/* Authentication options */\n \telse if (strcmp(lgopts[option_index].name, \"auth_algo\") == 0) {\n@@ -1115,6 +1145,20 @@ l2fwd_crypto_parse_args_long_options(struct l2fwd_crypto_options *options,\n \t\treturn parse_size(&options->akey_random_size, optarg);\n \t}\n \n+\n+\telse if (strcmp(lgopts[option_index].name, \"auth_iv\") == 0) {\n+\t\toptions->auth_iv_param = 1;\n+\t\toptions->auth_iv.length =\n+\t\t\tparse_key(options->auth_iv.data, optarg);\n+\t\tif (options->auth_iv.length > 0)\n+\t\t\treturn 0;\n+\t\telse\n+\t\t\treturn -1;\n+\t}\n+\n+\telse if (strcmp(lgopts[option_index].name, \"auth_iv_random_size\") == 0)\n+\t\treturn parse_size(&options->auth_iv_random_size, optarg);\n+\n \telse if (strcmp(lgopts[option_index].name, \"aad\") == 0) {\n \t\toptions->aad_param = 1;\n \t\toptions->aad.length =\n@@ -1233,9 +1277,9 @@ l2fwd_crypto_default_options(struct l2fwd_crypto_options *options)\n \toptions->ckey_param = 0;\n \toptions->ckey_random_size = -1;\n \toptions->cipher_xform.cipher.key.length = 0;\n-\toptions->iv_param = 0;\n-\toptions->iv_random_size = -1;\n-\toptions->iv.length = 0;\n+\toptions->cipher_iv_param = 0;\n+\toptions->cipher_iv_random_size = -1;\n+\toptions->cipher_iv.length = 0;\n \n \toptions->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC;\n \toptions->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;\n@@ -1267,7 +1311,7 @@ display_cipher_info(struct l2fwd_crypto_options *options)\n \trte_hexdump(stdout, \"Cipher key:\",\n \t\t\toptions->cipher_xform.cipher.key.data,\n \t\t\toptions->cipher_xform.cipher.key.length);\n-\trte_hexdump(stdout, \"IV:\", options->iv.data, options->iv.length);\n+\trte_hexdump(stdout, \"IV:\", options->cipher_iv.data, options->cipher_iv.length);\n }\n \n static void\n@@ -1316,7 +1360,7 @@ l2fwd_crypto_options_print(struct l2fwd_crypto_options *options)\n \tif (options->akey_param && (options->akey_random_size != -1))\n \t\tprintf(\"Auth key already parsed, ignoring size of random key\\n\");\n \n-\tif (options->iv_param && (options->iv_random_size != -1))\n+\tif (options->cipher_iv_param && (options->cipher_iv_random_size != -1))\n \t\tprintf(\"IV already parsed, ignoring size of random IV\\n\");\n \n \tif (options->aad_param && (options->aad_random_size != -1))\n@@ -1660,8 +1704,10 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,\n \n \t\t\toptions->block_size = cap->sym.cipher.block_size;\n \n-\t\t\tcheck_iv_param(&cap->sym.cipher.iv_size, options->iv_param,\n-\t\t\t\t\toptions->iv_random_size, &options->iv.length);\n+\t\t\tcheck_iv_param(&cap->sym.cipher.iv_size,\n+\t\t\t\t\toptions->cipher_iv_param,\n+\t\t\t\t\toptions->cipher_iv_random_size,\n+\t\t\t\t\t&options->cipher_iv.length);\n \n \t\t\t/*\n \t\t\t * Check if length of provided cipher key is supported\n@@ -1731,6 +1777,10 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,\n \t\t\t\tcontinue;\n \t\t\t}\n \n+\t\t\tcheck_iv_param(&cap->sym.auth.iv_size,\n+\t\t\t\t\toptions->auth_iv_param,\n+\t\t\t\t\toptions->auth_iv_random_size,\n+\t\t\t\t\t&options->auth_iv.length);\n \t\t\t/*\n \t\t\t * Check if length of provided AAD is supported\n \t\t\t * by the algorithm chosen.\n@@ -1972,8 +2022,8 @@ reserve_key_memory(struct l2fwd_crypto_options *options)\n \tif (options->auth_xform.auth.key.data == NULL)\n \t\trte_exit(EXIT_FAILURE, \"Failed to allocate memory for auth key\");\n \n-\toptions->iv.data = rte_malloc(\"iv\", MAX_KEY_SIZE, 0);\n-\tif (options->iv.data == NULL)\n+\toptions->cipher_iv.data = rte_malloc(\"iv\", MAX_KEY_SIZE, 0);\n+\tif (options->cipher_iv.data == NULL)\n \t\trte_exit(EXIT_FAILURE, \"Failed to allocate memory for IV\");\n \n \toptions->aad.data = rte_malloc(\"aad\", MAX_KEY_SIZE, 0);\ndiff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h\nindex bc1bb46..98e385b 100644\n--- a/lib/librte_cryptodev/rte_crypto_sym.h\n+++ b/lib/librte_cryptodev/rte_crypto_sym.h\n@@ -393,6 +393,30 @@ struct rte_crypto_auth_xform {\n \t * of the AAD data is specified in additional authentication data\n \t * length field of the rte_crypto_sym_op_data structure\n \t */\n+\n+\tstruct {\n+\t\tuint16_t offset;\n+\t\t/**< Starting point for Initialisation Vector or Counter,\n+\t\t * specified as number of bytes from start of crypto\n+\t\t * operation.\n+\t\t *\n+\t\t * - For KASUMI in F9 mode, SNOW 3G in UIA2 mode,\n+\t\t * for ZUC in EIA3 mode and for AES-GMAC, this is the\n+\t\t * authentication Initialisation Vector (IV) value.\n+\t\t *\n+\t\t *\n+\t\t * For optimum performance, the data pointed to SHOULD\n+\t\t * be 8-byte aligned.\n+\t\t */\n+\t\tuint16_t length;\n+\t\t/**< Length of valid IV data.\n+\t\t *\n+\t\t * - For KASUMI in F9 mode, SNOW3G in UIA2 mode, for\n+\t\t * ZUC in EIA3 mode and for AES-GMAC, this is the length\n+\t\t * of the IV.\n+\t\t *\n+\t\t */\n+\t} iv;\t/**< Initialisation vector parameters */\n };\n \n /** Crypto transformation types */\ndiff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c\nindex b65cd9c..3d75397 100644\n--- a/lib/librte_cryptodev/rte_cryptodev.c\n+++ b/lib/librte_cryptodev/rte_cryptodev.c\n@@ -390,7 +390,8 @@ rte_cryptodev_sym_capability_check_cipher(\n int\n rte_cryptodev_sym_capability_check_auth(\n \t\tconst struct rte_cryptodev_symmetric_capability *capability,\n-\t\tuint16_t key_size, uint16_t digest_size, uint16_t aad_size)\n+\t\tuint16_t key_size, uint16_t digest_size, uint16_t aad_size,\n+\t\tuint16_t iv_size)\n {\n \tif (param_range_check(key_size, capability->auth.key_size))\n \t\treturn -1;\n@@ -401,6 +402,9 @@ rte_cryptodev_sym_capability_check_auth(\n \tif (param_range_check(aad_size, capability->auth.aad_size))\n \t\treturn -1;\n \n+\tif (param_range_check(iv_size, capability->auth.iv_size))\n+\t\treturn -1;\n+\n \treturn 0;\n }\n \ndiff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h\nindex bd09176..f1cd99e 100644\n--- a/lib/librte_cryptodev/rte_cryptodev.h\n+++ b/lib/librte_cryptodev/rte_cryptodev.h\n@@ -180,6 +180,8 @@ struct rte_cryptodev_symmetric_capability {\n \t\t\t/**< digest size range */\n \t\t\tstruct rte_crypto_param_range aad_size;\n \t\t\t/**< Additional authentication data size range */\n+\t\t\tstruct rte_crypto_param_range iv_size;\n+\t\t\t/**< Initialisation vector data size range */\n \t\t} auth;\n \t\t/**< Symmetric Authentication transform capabilities */\n \t\tstruct {\n@@ -256,6 +258,7 @@ rte_cryptodev_sym_capability_check_cipher(\n * @param\tkey_size\tAuth key size.\n * @param\tdigest_size\tAuth digest size.\n * @param\taad_size\tAuth aad size.\n+ * @param\tiv_size\t\tAuth initial vector size.\n *\n * @return\n * - Return 0 if the parameters are in range of the capability.\n@@ -264,7 +267,8 @@ rte_cryptodev_sym_capability_check_cipher(\n int\n rte_cryptodev_sym_capability_check_auth(\n \t\tconst struct rte_cryptodev_symmetric_capability *capability,\n-\t\tuint16_t key_size, uint16_t digest_size, uint16_t aad_size);\n+\t\tuint16_t key_size, uint16_t digest_size, uint16_t aad_size,\n+\t\tuint16_t iv_size);\n \n /**\n * Provide the cipher algorithm enum, given an algorithm string\n", "prefixes": [ "dpdk-dev", "14/22" ] }