[dpdk-dev,v3,03/10] crypto/dpaa2_sec: add dpaa2_sec poll mode driver

Message ID 20170120140509.4495-4-akhil.goyal@nxp.com
State Changes Requested, archived
Delegated to: Pablo de Lara Guarch
Headers show

Checks

Context Check Description
ci/Intel compilation fail apply patch file failure
ci/checkpatch success coding style OK

Commit Message

Akhil Goyal Jan. 20, 2017, 2:05 p.m.
From: Akhil Goyal <akhil.goyal@nxp.com>

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 config/common_base                                 |   8 +
 config/defconfig_arm64-dpaa2-linuxapp-gcc          |  12 +
 drivers/bus/Makefile                               |   3 +
 drivers/common/Makefile                            |   3 +
 drivers/crypto/Makefile                            |   1 +
 drivers/crypto/dpaa2_sec/Makefile                  |  77 +++++
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c        | 374 +++++++++++++++++++++
 drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h          |  70 ++++
 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h          | 225 +++++++++++++
 .../crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map |   4 +
 drivers/net/dpaa2/Makefile                         |   1 +
 drivers/pool/Makefile                              |   4 +
 mk/rte.app.mk                                      |   6 +
 13 files changed, 788 insertions(+)
 create mode 100644 drivers/crypto/dpaa2_sec/Makefile
 create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
 create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
 create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
 create mode 100644 drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map

Comments

Neil Horman Jan. 20, 2017, 12:32 p.m. | #1
On Fri, Jan 20, 2017 at 07:35:02PM +0530, akhil.goyal@nxp.com wrote:
> From: Akhil Goyal <akhil.goyal@nxp.com>
> 
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
> ---
>  config/common_base                                 |   8 +
>  config/defconfig_arm64-dpaa2-linuxapp-gcc          |  12 +
>  drivers/bus/Makefile                               |   3 +
>  drivers/common/Makefile                            |   3 +
>  drivers/crypto/Makefile                            |   1 +
>  drivers/crypto/dpaa2_sec/Makefile                  |  77 +++++
>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c        | 374 +++++++++++++++++++++
>  drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h          |  70 ++++
>  drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h          | 225 +++++++++++++
>  .../crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map |   4 +
>  drivers/net/dpaa2/Makefile                         |   1 +
>  drivers/pool/Makefile                              |   4 +
>  mk/rte.app.mk                                      |   6 +
>  13 files changed, 788 insertions(+)
>  create mode 100644 drivers/crypto/dpaa2_sec/Makefile
>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
>  create mode 100644 drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
> 
NAK, you're trying to patch driver/bus/Makefile, which doesn't exist in the
upstream tree, please fix your patch.

I'm also opposed to the inclusion of pmds that require non-open external
libraries as your documentation suggests that you require.  If you need an out
of tree library to support your hardware, you will recieve no benefit from the
upstream community in terms of testing and maintenence, nor will the community
be able to work with your hardware on arches that your library doesn't support.

Neil

> diff --git a/config/common_base b/config/common_base
> index ebd6281..44d5c00 100644
> --- a/config/common_base
> +++ b/config/common_base
> @@ -461,6 +461,14 @@ CONFIG_RTE_LIBRTE_PMD_ZUC_DEBUG=n
>  CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y
>  
>  #
> +#Compile NXP DPAA2 crypto sec driver for CAAM HW
> +#
> +CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC=n
> +CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT=n
> +CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_DRIVER=n
> +CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_RX=n
> +
> +#
>  # Compile librte_ring
>  #
>  CONFIG_RTE_LIBRTE_RING=y
> diff --git a/config/defconfig_arm64-dpaa2-linuxapp-gcc b/config/defconfig_arm64-dpaa2-linuxapp-gcc
> index 18c9589..30fd4e3 100644
> --- a/config/defconfig_arm64-dpaa2-linuxapp-gcc
> +++ b/config/defconfig_arm64-dpaa2-linuxapp-gcc
> @@ -66,3 +66,15 @@ CONFIG_RTE_LIBRTE_DPAA2_DEBUG_DRIVER=n
>  CONFIG_RTE_LIBRTE_DPAA2_DEBUG_RX=n
>  CONFIG_RTE_LIBRTE_DPAA2_DEBUG_TX=n
>  CONFIG_RTE_LIBRTE_DPAA2_DEBUG_TX_FREE=n
> +
> +#Compile NXP DPAA2 crypto sec driver for CAAM HW
> +CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC=y
> +CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT=n
> +CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_DRIVER=n
> +CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_RX=n
> +
> +#
> +# Number of sessions to create in the session memory pool
> +# on a single DPAA2 SEC device.
> +#
> +CONFIG_RTE_DPAA2_SEC_PMD_MAX_NB_SESSIONS=2048
> diff --git a/drivers/bus/Makefile b/drivers/bus/Makefile
> index 8f7864b..3ef7f2e 100644
> --- a/drivers/bus/Makefile
> +++ b/drivers/bus/Makefile
> @@ -32,6 +32,9 @@
>  include $(RTE_SDK)/mk/rte.vars.mk
>  
>  CONFIG_RTE_LIBRTE_FSLMC_BUS = $(CONFIG_RTE_LIBRTE_DPAA2_PMD)
> +ifneq ($(CONFIG_RTE_LIBRTE_FSLMC_BUS),y)
> +CONFIG_RTE_LIBRTE_FSLMC_BUS = $(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)
> +endif
>  
>  DIRS-$(CONFIG_RTE_LIBRTE_FSLMC_BUS) += fslmc
>  
> diff --git a/drivers/common/Makefile b/drivers/common/Makefile
> index 0a6d8db..00697e6 100644
> --- a/drivers/common/Makefile
> +++ b/drivers/common/Makefile
> @@ -39,6 +39,9 @@ endif
>  ifneq ($(CONFIG_RTE_LIBRTE_DPAA2_COMMON),y)
>  CONFIG_RTE_LIBRTE_DPAA2_COMMON = $(CONFIG_RTE_LIBRTE_FSLMC_BUS)
>  endif
> +ifneq ($(CONFIG_RTE_LIBRTE_DPAA2_COMMON),y)
> +CONFIG_RTE_LIBRTE_DPAA2_COMMON = $(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)
> +endif
>  
>  DIRS-$(CONFIG_RTE_LIBRTE_DPAA2_COMMON) += dpaa2
>  
> diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
> index 77b02cf..18cd682 100644
> --- a/drivers/crypto/Makefile
> +++ b/drivers/crypto/Makefile
> @@ -40,5 +40,6 @@ DIRS-$(CONFIG_RTE_LIBRTE_PMD_SNOW3G) += snow3g
>  DIRS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += kasumi
>  DIRS-$(CONFIG_RTE_LIBRTE_PMD_ZUC) += zuc
>  DIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += null
> +DIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += dpaa2_sec
>  
>  include $(RTE_SDK)/mk/rte.subdir.mk
> diff --git a/drivers/crypto/dpaa2_sec/Makefile b/drivers/crypto/dpaa2_sec/Makefile
> new file mode 100644
> index 0000000..5a7442b
> --- /dev/null
> +++ b/drivers/crypto/dpaa2_sec/Makefile
> @@ -0,0 +1,77 @@
> +#   BSD LICENSE
> +#
> +#   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
> +#   Copyright (c) 2016 NXP. All rights reserved.
> +#
> +#   Redistribution and use in source and binary forms, with or without
> +#   modification, are permitted provided that the following conditions
> +#   are met:
> +#
> +#     * Redistributions of source code must retain the above copyright
> +#       notice, this list of conditions and the following disclaimer.
> +#     * Redistributions in binary form must reproduce the above copyright
> +#       notice, this list of conditions and the following disclaimer in
> +#       the documentation and/or other materials provided with the
> +#       distribution.
> +#     * Neither the name of Freescale Semiconductor, Inc nor the names of its
> +#       contributors may be used to endorse or promote products derived
> +#       from this software without specific prior written permission.
> +#
> +#   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> +#   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> +#   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> +#   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> +#   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> +#   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> +#   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> +#   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> +#   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> +#   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> +#   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> +
> +include $(RTE_SDK)/mk/rte.vars.mk
> +
> +#
> +# library name
> +#
> +LIB = librte_pmd_dpaa2_sec.a
> +
> +# build flags
> +ifeq ($(CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT),y)
> +CFLAGS += -O0 -g
> +CFLAGS += "-Wno-error"
> +else
> +CFLAGS += -O3
> +CFLAGS += $(WERROR_FLAGS)
> +endif
> +CFLAGS += -D _GNU_SOURCE
> +
> +CFLAGS += -I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
> +CFLAGS += -I$(RTE_SDK)/drivers/bus/fslmc/
> +CFLAGS += -I$(RTE_SDK)/drivers/common/dpaa2/qbman/include
> +CFLAGS += -I$(RTE_SDK)/drivers/bus/fslmc/portal
> +CFLAGS += -I$(RTE_SDK)/drivers/pool/dpaa2/
> +CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
> +
> +# versioning export map
> +EXPORT_MAP := rte_pmd_dpaa2_sec_version.map
> +
> +# library version
> +LIBABIVER := 1
> +
> +# external library include paths
> +CFLAGS += -Iinclude
> +LDLIBS += -lcrypto
> +
> +# library source files
> +SRCS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += dpaa2_sec_dpseci.c
> +
> +# library dependencies
> +DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_eal
> +DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_mbuf
> +DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_cryptodev
> +DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_pmd_dpaa2_qbman
> +DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_pmd_fslmcbus
> +DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_pmd_dpaa2_pool
> +
> +include $(RTE_SDK)/mk/rte.lib.mk
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> new file mode 100644
> index 0000000..d6b6176
> --- /dev/null
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> @@ -0,0 +1,374 @@
> +/*-
> + *   BSD LICENSE
> + *
> + *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
> + *   Copyright (c) 2016 NXP. All rights reserved.
> + *
> + *   Redistribution and use in source and binary forms, with or without
> + *   modification, are permitted provided that the following conditions
> + *   are met:
> + *
> + *     * Redistributions of source code must retain the above copyright
> + *       notice, this list of conditions and the following disclaimer.
> + *     * Redistributions in binary form must reproduce the above copyright
> + *       notice, this list of conditions and the following disclaimer in
> + *       the documentation and/or other materials provided with the
> + *       distribution.
> + *     * Neither the name of  Freescale Semiconductor, Inc nor the names of its
> + *       contributors may be used to endorse or promote products derived
> + *       from this software without specific prior written permission.
> + *
> + *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> + *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> + *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> + *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> + *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> + *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> + *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> + *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +
> +#include <time.h>
> +#include <net/if.h>
> +#include <rte_mbuf.h>
> +#include <rte_cryptodev.h>
> +#include <rte_malloc.h>
> +#include <rte_memcpy.h>
> +#include <rte_string_fns.h>
> +#include <rte_cycles.h>
> +#include <rte_kvargs.h>
> +#include <rte_dev.h>
> +#include <rte_cryptodev_pmd.h>
> +#include <rte_common.h>
> +
> +#include <rte_fslmc.h>
> +#include <fslmc_vfio.h>
> +#include <dpaa2_hw_pvt.h>
> +#include <dpaa2_hw_dpio.h>
> +#include <mc/fsl_dpseci.h>
> +
> +#include "dpaa2_sec_priv.h"
> +#include "dpaa2_sec_logs.h"
> +
> +#define FSL_VENDOR_ID           0x1957
> +#define FSL_DEVICE_ID           0x410
> +#define FSL_SUBSYSTEM_SEC       1
> +#define FSL_MC_DPSECI_DEVID     3
> +
> +
> +static int
> +dpaa2_sec_dev_configure(struct rte_cryptodev *dev __rte_unused)
> +{
> +	PMD_INIT_FUNC_TRACE();
> +
> +	return -ENOTSUP;
> +}
> +
> +static int
> +dpaa2_sec_dev_start(struct rte_cryptodev *dev)
> +{
> +	struct dpaa2_sec_dev_private *priv = dev->data->dev_private;
> +	struct fsl_mc_io *dpseci = (struct fsl_mc_io *)priv->hw;
> +	struct dpseci_attr attr;
> +	struct dpaa2_queue *dpaa2_q;
> +	struct dpaa2_sec_qp **qp = (struct dpaa2_sec_qp **)
> +					dev->data->queue_pairs;
> +	struct dpseci_rx_queue_attr rx_attr;
> +	struct dpseci_tx_queue_attr tx_attr;
> +	int ret, i;
> +
> +	PMD_INIT_FUNC_TRACE();
> +
> +	memset(&attr, 0, sizeof(struct dpseci_attr));
> +
> +	ret = dpseci_enable(dpseci, CMD_PRI_LOW, priv->token);
> +	if (ret) {
> +		PMD_INIT_LOG(ERR, "DPSECI with HW_ID = %d ENABLE FAILED\n",
> +			     priv->hw_id);
> +		goto get_attr_failure;
> +	}
> +	ret = dpseci_get_attributes(dpseci, CMD_PRI_LOW, priv->token, &attr);
> +	if (ret) {
> +		PMD_INIT_LOG(ERR,
> +			     "DPSEC ATTRIBUTE READ FAILED, disabling DPSEC\n");
> +		goto get_attr_failure;
> +	}
> +	for (i = 0; i < attr.num_rx_queues && qp[i]; i++) {
> +		dpaa2_q = &qp[i]->rx_vq;
> +		dpseci_get_rx_queue(dpseci, CMD_PRI_LOW, priv->token, i,
> +				    &rx_attr);
> +		dpaa2_q->fqid = rx_attr.fqid;
> +		PMD_INIT_LOG(DEBUG, "rx_fqid: %d", dpaa2_q->fqid);
> +	}
> +	for (i = 0; i < attr.num_tx_queues && qp[i]; i++) {
> +		dpaa2_q = &qp[i]->tx_vq;
> +		dpseci_get_tx_queue(dpseci, CMD_PRI_LOW, priv->token, i,
> +				    &tx_attr);
> +		dpaa2_q->fqid = tx_attr.fqid;
> +		PMD_INIT_LOG(DEBUG, "tx_fqid: %d", dpaa2_q->fqid);
> +	}
> +
> +	return 0;
> +get_attr_failure:
> +	dpseci_disable(dpseci, CMD_PRI_LOW, priv->token);
> +	return -1;
> +}
> +
> +static void
> +dpaa2_sec_dev_stop(struct rte_cryptodev *dev)
> +{
> +	struct dpaa2_sec_dev_private *priv = dev->data->dev_private;
> +	struct fsl_mc_io *dpseci = (struct fsl_mc_io *)priv->hw;
> +	int ret;
> +
> +	PMD_INIT_FUNC_TRACE();
> +
> +	ret = dpseci_disable(dpseci, CMD_PRI_LOW, priv->token);
> +	if (ret) {
> +		PMD_INIT_LOG(ERR, "Failure in disabling dpseci %d device",
> +			     priv->hw_id);
> +		return;
> +	}
> +
> +	ret = dpseci_reset(dpseci, CMD_PRI_LOW, priv->token);
> +	if (ret < 0) {
> +		PMD_INIT_LOG(ERR, "SEC Device cannot be reset:Error = %0x\n",
> +			     ret);
> +		return;
> +	}
> +}
> +
> +static int
> +dpaa2_sec_dev_close(struct rte_cryptodev *dev)
> +{
> +	struct dpaa2_sec_dev_private *priv = dev->data->dev_private;
> +	struct fsl_mc_io *dpseci = (struct fsl_mc_io *)priv->hw;
> +	int ret;
> +
> +	PMD_INIT_FUNC_TRACE();
> +
> +	/* Function is reverse of dpaa2_sec_dev_init.
> +	 * It does the following:
> +	 * 1. Detach a DPSECI from attached resources i.e. buffer pools, dpbp_id
> +	 * 2. Close the DPSECI device
> +	 * 3. Free the allocated resources.
> +	 */
> +
> +	/*Close the device at underlying layer*/
> +	ret = dpseci_close(dpseci, CMD_PRI_LOW, priv->token);
> +	if (ret) {
> +		PMD_INIT_LOG(ERR, "Failure closing dpseci device with"
> +			     " error code %d\n", ret);
> +		return -1;
> +	}
> +
> +	/*Free the allocated memory for ethernet private data and dpseci*/
> +	priv->hw = NULL;
> +	free(dpseci);
> +
> +	return 0;
> +}
> +
> +static void
> +dpaa2_sec_dev_infos_get(struct rte_cryptodev *dev,
> +			struct rte_cryptodev_info *info)
> +{
> +	struct dpaa2_sec_dev_private *internals = dev->data->dev_private;
> +
> +	PMD_INIT_FUNC_TRACE();
> +	if (info != NULL) {
> +		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
> +		info->feature_flags = dev->feature_flags;
> +		info->capabilities = dpaa2_sec_capabilities;
> +		info->sym.max_nb_sessions = internals->max_nb_sessions;
> +		info->dev_type = RTE_CRYPTODEV_DPAA2_SEC_PMD;
> +	}
> +}
> +
> +static struct rte_cryptodev_ops crypto_ops = {
> +	.dev_configure	      = dpaa2_sec_dev_configure,
> +	.dev_start	      = dpaa2_sec_dev_start,
> +	.dev_stop	      = dpaa2_sec_dev_stop,
> +	.dev_close	      = dpaa2_sec_dev_close,
> +	.dev_infos_get        = dpaa2_sec_dev_infos_get,
> +};
> +
> +static int
> +dpaa2_sec_uninit(__attribute__((unused))
> +		 const struct rte_cryptodev_driver *crypto_drv,
> +		 struct rte_cryptodev *dev)
> +{
> +	if (dev->data->name == NULL)
> +		return -EINVAL;
> +
> +	PMD_INIT_LOG(INFO, "Closing DPAA2_SEC device %s on numa socket %u\n",
> +		     dev->data->name, rte_socket_id());
> +
> +	return 0;
> +}
> +
> +static int
> +dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
> +{
> +	struct dpaa2_sec_dev_private *internals;
> +	struct rte_device *dev = cryptodev->device;
> +	struct rte_dpaa2_device *dpaa2_dev;
> +	struct fsl_mc_io *dpseci;
> +	uint16_t token;
> +	struct dpseci_attr attr;
> +	int retcode, hw_id;
> +
> +	PMD_INIT_FUNC_TRACE();
> +	dpaa2_dev = container_of(dev, struct rte_dpaa2_device, device);
> +	if (dpaa2_dev == NULL) {
> +		PMD_INIT_LOG(ERR, "dpaa2_device not found\n");
> +		return -1;
> +	}
> +	hw_id = dpaa2_dev->object_id;
> +
> +	cryptodev->dev_type = RTE_CRYPTODEV_DPAA2_SEC_PMD;
> +	cryptodev->dev_ops = &crypto_ops;
> +
> +	cryptodev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
> +			RTE_CRYPTODEV_FF_HW_ACCELERATED |
> +			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING;
> +
> +	internals = cryptodev->data->dev_private;
> +	internals->max_nb_sessions = RTE_DPAA2_SEC_PMD_MAX_NB_SESSIONS;
> +
> +	/*
> +	 * For secondary processes, we don't initialise any further as primary
> +	 * has already done this work. Only check we don't need a different
> +	 * RX function
> +	 */
> +	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
> +		PMD_INIT_LOG(DEBUG, "Device already init by primary process");
> +		return 0;
> +	}
> +	/*Open the rte device via MC and save the handle for further use*/
> +	dpseci = (struct fsl_mc_io *)rte_calloc(NULL, 1,
> +				sizeof(struct fsl_mc_io), 0);
> +	if (!dpseci) {
> +		PMD_INIT_LOG(ERR,
> +			     "Error in allocating the memory for dpsec object");
> +		return -1;
> +	}
> +	dpseci->regs = mcp_ptr_list[0];
> +
> +	retcode = dpseci_open(dpseci, CMD_PRI_LOW, hw_id, &token);
> +	if (retcode != 0) {
> +		PMD_INIT_LOG(ERR, "Cannot open the dpsec device: Error = %x",
> +			     retcode);
> +		goto init_error;
> +	}
> +	retcode = dpseci_get_attributes(dpseci, CMD_PRI_LOW, token, &attr);
> +	if (retcode != 0) {
> +		PMD_INIT_LOG(ERR,
> +			     "Cannot get dpsec device attributed: Error = %x",
> +			     retcode);
> +		goto init_error;
> +	}
> +	sprintf(cryptodev->data->name, "dpsec-%u", hw_id);
> +
> +	internals->max_nb_queue_pairs = attr.num_tx_queues;
> +	cryptodev->data->nb_queue_pairs = internals->max_nb_queue_pairs;
> +	internals->hw = dpseci;
> +	internals->token = token;
> +
> +	PMD_INIT_LOG(DEBUG, "driver %s: created\n", cryptodev->data->name);
> +	return 0;
> +
> +init_error:
> +	PMD_INIT_LOG(ERR, "driver %s: create failed\n", cryptodev->data->name);
> +
> +	/* dpaa2_sec_uninit(crypto_dev_name); */
> +	return -EFAULT;
> +}
> +
> +static int
> +cryptodev_dpaa2_sec_probe(struct rte_dpaa2_driver *dpaa2_drv,
> +			  struct rte_dpaa2_device *dpaa2_dev)
> +{
> +	struct rte_cryptodev *cryptodev;
> +	char cryptodev_name[RTE_CRYPTODEV_NAME_MAX_LEN];
> +
> +	int retval;
> +
> +	sprintf(cryptodev_name, "dpsec-%d", dpaa2_dev->object_id);
> +
> +	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
> +	if (cryptodev == NULL)
> +		return -ENOMEM;
> +
> +	if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
> +		cryptodev->data->dev_private = rte_zmalloc_socket(
> +					"cryptodev private structure",
> +					sizeof(struct dpaa2_sec_dev_private),
> +					RTE_CACHE_LINE_SIZE,
> +					rte_socket_id());
> +
> +		if (cryptodev->data->dev_private == NULL)
> +			rte_panic("Cannot allocate memzone for private "
> +					"device data");
> +	}
> +
> +	dpaa2_dev->cryptodev = cryptodev;
> +	cryptodev->device = &dpaa2_dev->device;
> +	cryptodev->driver = (struct rte_cryptodev_driver *)dpaa2_drv;
> +
> +	/* init user callbacks */
> +	TAILQ_INIT(&(cryptodev->link_intr_cbs));
> +
> +	/* Invoke PMD device initialization function */
> +	retval = dpaa2_sec_dev_init(cryptodev);
> +	if (retval == 0)
> +		return 0;
> +
> +	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
> +		rte_free(cryptodev->data->dev_private);
> +
> +	cryptodev->attached = RTE_CRYPTODEV_DETACHED;
> +
> +	return -ENXIO;
> +}
> +
> +static int
> +cryptodev_dpaa2_sec_remove(struct rte_dpaa2_device *dpaa2_dev)
> +{
> +	struct rte_cryptodev *cryptodev;
> +	int ret;
> +
> +	cryptodev = dpaa2_dev->cryptodev;
> +	if (cryptodev == NULL)
> +		return -ENODEV;
> +
> +	ret = dpaa2_sec_uninit(NULL, cryptodev);
> +	if (ret)
> +		return ret;
> +
> +	/* free crypto device */
> +	rte_cryptodev_pmd_release_device(cryptodev);
> +
> +	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
> +		rte_free(cryptodev->data->dev_private);
> +
> +	cryptodev->pci_dev = NULL;
> +	cryptodev->driver = NULL;
> +	cryptodev->data = NULL;
> +
> +	return 0;
> +}
> +
> +static struct rte_dpaa2_driver rte_dpaa2_sec_driver = {
> +	.drv_type = DPAA2_MC_DPSECI_DEVID,
> +	.driver = {
> +		.name = "DPAA2 SEC PMD"
> +	},
> +	.probe = cryptodev_dpaa2_sec_probe,
> +	.remove = cryptodev_dpaa2_sec_remove,
> +};
> +
> +RTE_PMD_REGISTER_DPAA2(dpaa2_sec_pmd, rte_dpaa2_sec_driver);
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
> new file mode 100644
> index 0000000..03d4c70
> --- /dev/null
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
> @@ -0,0 +1,70 @@
> +/*-
> + *   BSD LICENSE
> + *
> + *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
> + *   Copyright (c) 2016 NXP. All rights reserved.
> + *
> + *   Redistribution and use in source and binary forms, with or without
> + *   modification, are permitted provided that the following conditions
> + *   are met:
> + *
> + *     * Redistributions of source code must retain the above copyright
> + *       notice, this list of conditions and the following disclaimer.
> + *     * Redistributions in binary form must reproduce the above copyright
> + *       notice, this list of conditions and the following disclaimer in
> + *       the documentation and/or other materials provided with the
> + *       distribution.
> + *     * Neither the name of  Freescale Semiconductor, Inc nor the names of its
> + *       contributors may be used to endorse or promote products derived
> + *       from this software without specific prior written permission.
> + *
> + *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> + *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> + *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> + *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> + *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> + *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> + *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> + *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +
> +#ifndef _DPAA2_SEC_LOGS_H_
> +#define _DPAA2_SEC_LOGS_H_
> +
> +#define PMD_INIT_LOG(level, fmt, args...) \
> +	RTE_LOG(level, PMD, "%s(): " fmt "\n", __func__, ##args)
> +
> +#ifdef RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT
> +#define PMD_INIT_FUNC_TRACE() PMD_INIT_LOG(DEBUG, " >>")
> +#else
> +#define PMD_INIT_FUNC_TRACE() do { } while (0)
> +#endif
> +
> +#ifdef RTE_LIBRTE_DPAA2_SEC_DEBUG_RX
> +#define PMD_RX_LOG(level, fmt, args...) \
> +	RTE_LOG(level, PMD, "%s(): " fmt "\n", __func__, ## args)
> +#else
> +#define PMD_RX_LOG(level, fmt, args...) do { } while (0)
> +#endif
> +
> +#ifdef RTE_LIBRTE_DPAA2_SEC_DEBUG_TX
> +#define PMD_TX_LOG(level, fmt, args...) \
> +	RTE_LOG(level, PMD, "%s(): " fmt "\n", __func__, ## args)
> +#else
> +#define PMD_TX_LOG(level, fmt, args...) do { } while (0)
> +#endif
> +
> +#ifdef RTE_LIBRTE_DPAA2_SEC_DEBUG_DRIVER
> +#define PMD_DRV_LOG_RAW(level, fmt, args...) \
> +	RTE_LOG(level, PMD, "%s(): " fmt, __func__, ## args)
> +#else
> +#define PMD_DRV_LOG_RAW(level, fmt, args...) do { } while (0)
> +#endif
> +
> +#define PMD_DRV_LOG(level, fmt, args...) \
> +	PMD_DRV_LOG_RAW(level, fmt "\n", ## args)
> +
> +#endif /* _DPAA2_SEC_LOGS_H_ */
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
> new file mode 100644
> index 0000000..e0d6148
> --- /dev/null
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
> @@ -0,0 +1,225 @@
> +/*-
> + *   BSD LICENSE
> + *
> + *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
> + *   Copyright (c) 2016 NXP. All rights reserved.
> + *
> + *   Redistribution and use in source and binary forms, with or without
> + *   modification, are permitted provided that the following conditions
> + *   are met:
> + *
> + *     * Redistributions of source code must retain the above copyright
> + *       notice, this list of conditions and the following disclaimer.
> + *     * Redistributions in binary form must reproduce the above copyright
> + *       notice, this list of conditions and the following disclaimer in
> + *       the documentation and/or other materials provided with the
> + *       distribution.
> + *     * Neither the name of  Freescale Semiconductor, Inc nor the names of its
> + *       contributors may be used to endorse or promote products derived
> + *       from this software without specific prior written permission.
> + *
> + *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> + *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> + *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> + *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> + *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> + *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> + *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> + *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +
> +#ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
> +#define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
> +
> +/** private data structure for each DPAA2_SEC device */
> +struct dpaa2_sec_dev_private {
> +	void *mc_portal; /**< MC Portal for configuring this device */
> +	void *hw; /**< Hardware handle for this device.Used by NADK framework */
> +	int32_t hw_id; /**< An unique ID of this device instance */
> +	int32_t vfio_fd; /**< File descriptor received via VFIO */
> +	uint16_t token; /**< Token required by DPxxx objects */
> +	unsigned int max_nb_queue_pairs;
> +
> +	unsigned int max_nb_sessions;
> +	/**< Max number of sessions supported by device */
> +};
> +
> +struct dpaa2_sec_qp {
> +	struct dpaa2_queue rx_vq;
> +	struct dpaa2_queue tx_vq;
> +};
> +
> +static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
> +	{	/* MD5 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
> +				.block_size = 64,
> +				.key_size = {
> +					.min = 64,
> +					.max = 64,
> +					.increment = 0
> +				},
> +				.digest_size = {
> +					.min = 16,
> +					.max = 16,
> +					.increment = 0
> +				},
> +				.aad_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA1 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
> +				.block_size = 64,
> +				.key_size = {
> +					.min = 64,
> +					.max = 64,
> +					.increment = 0
> +				},
> +				.digest_size = {
> +					.min = 20,
> +					.max = 20,
> +					.increment = 0
> +				},
> +				.aad_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA224 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
> +				.block_size = 64,
> +				.key_size = {
> +					.min = 64,
> +					.max = 64,
> +					.increment = 0
> +				},
> +				.digest_size = {
> +					.min = 28,
> +					.max = 28,
> +					.increment = 0
> +				},
> +				.aad_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA256 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
> +				.block_size = 64,
> +				.key_size = {
> +					.min = 64,
> +					.max = 64,
> +					.increment = 0
> +				},
> +				.digest_size = {
> +						.min = 32,
> +						.max = 32,
> +						.increment = 0
> +					},
> +					.aad_size = { 0 }
> +				}, }
> +			}, }
> +		},
> +	{	/* SHA384 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
> +				.block_size = 128,
> +				.key_size = {
> +					.min = 128,
> +					.max = 128,
> +					.increment = 0
> +				},
> +				.digest_size = {
> +					.min = 48,
> +					.max = 48,
> +					.increment = 0
> +				},
> +				.aad_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA512 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
> +				.block_size = 128,
> +				.key_size = {
> +					.min = 128,
> +					.max = 128,
> +					.increment = 0
> +				},
> +				.digest_size = {
> +					.min = 64,
> +					.max = 64,
> +					.increment = 0
> +				},
> +				.aad_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* AES CBC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> +			{.cipher = {
> +				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
> +				.block_size = 16,
> +				.key_size = {
> +					.min = 16,
> +					.max = 32,
> +					.increment = 8
> +				},
> +				.iv_size = {
> +					.min = 16,
> +					.max = 16,
> +					.increment = 0
> +				}
> +			}, }
> +		}, }
> +	},
> +	{	/* 3DES CBC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> +			{.cipher = {
> +				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> +				.block_size = 8,
> +				.key_size = {
> +					.min = 16,
> +					.max = 24,
> +					.increment = 8
> +				},
> +				.iv_size = {
> +					.min = 8,
> +					.max = 8,
> +					.increment = 0
> +				}
> +			}, }
> +		}, }
> +	},
> +
> +	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
> +};
> +#endif /* _RTE_DPAA2_SEC_PMD_PRIVATE_H_ */
> diff --git a/drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map b/drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
> new file mode 100644
> index 0000000..31eca32
> --- /dev/null
> +++ b/drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
> @@ -0,0 +1,4 @@
> +DPDK_17.02 {
> +
> +	local: *;
> +};
> diff --git a/drivers/net/dpaa2/Makefile b/drivers/net/dpaa2/Makefile
> index 5e669df..a24486e 100644
> --- a/drivers/net/dpaa2/Makefile
> +++ b/drivers/net/dpaa2/Makefile
> @@ -36,6 +36,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
>  #
>  LIB = librte_pmd_dpaa2.a
>  
> +# build flags
>  ifeq ($(CONFIG_RTE_LIBRTE_DPAA2_DEBUG_INIT),y)
>  CFLAGS += -O0 -g
>  CFLAGS += "-Wno-error"
> diff --git a/drivers/pool/Makefile b/drivers/pool/Makefile
> index 4325edd..cc8b66b 100644
> --- a/drivers/pool/Makefile
> +++ b/drivers/pool/Makefile
> @@ -33,6 +33,10 @@ include $(RTE_SDK)/mk/rte.vars.mk
>  
>  CONFIG_RTE_LIBRTE_DPAA2_POOL = $(CONFIG_RTE_LIBRTE_DPAA2_PMD)
>  
> +ifneq ($(CONFIG_RTE_LIBRTE_DPAA2_POOL),y)
> +CONFIG_RTE_LIBRTE_DPAA2_POOL = $(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)
> +endif
> +
>  DIRS-$(CONFIG_RTE_LIBRTE_DPAA2_COMMON) += dpaa2
>  
>  include $(RTE_SDK)/mk/rte.subdir.mk
> diff --git a/mk/rte.app.mk b/mk/rte.app.mk
> index f415c18..ad0e987 100644
> --- a/mk/rte.app.mk
> +++ b/mk/rte.app.mk
> @@ -155,6 +155,12 @@ _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ZUC)         += -lrte_pmd_zuc
>  _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ZUC)         += -L$(LIBSSO_ZUC_PATH)/build -lsso_zuc
>  _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO)    += -lrte_pmd_armv8
>  _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO)    += -L$(ARMV8_CRYPTO_LIB_PATH) -larmv8_crypto
> +ifeq ($(CONFIG_RTE_LIBRTE_DPAA2_COMMON),y)
> +_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_dpaa2_sec
> +_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_dpaa2_qbman
> +_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_dpaa2_pool
> +_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_fslmcbus
> +endif
>  endif # CONFIG_RTE_LIBRTE_CRYPTODEV
>  
>  endif # !CONFIG_RTE_BUILD_SHARED_LIBS
> -- 
> 2.9.3
> 
>
Akhil Goyal Jan. 20, 2017, 1:17 p.m. | #2
On 1/20/2017 6:02 PM, Neil Horman wrote:
> On Fri, Jan 20, 2017 at 07:35:02PM +0530, akhil.goyal@nxp.com wrote:
>> From: Akhil Goyal <akhil.goyal@nxp.com>
>>
>> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
>> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
>> ---
>>  config/common_base                                 |   8 +
>>  config/defconfig_arm64-dpaa2-linuxapp-gcc          |  12 +
>>  drivers/bus/Makefile                               |   3 +
>>  drivers/common/Makefile                            |   3 +
>>  drivers/crypto/Makefile                            |   1 +
>>  drivers/crypto/dpaa2_sec/Makefile                  |  77 +++++
>>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c        | 374 +++++++++++++++++++++
>>  drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h          |  70 ++++
>>  drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h          | 225 +++++++++++++
>>  .../crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map |   4 +
>>  drivers/net/dpaa2/Makefile                         |   1 +
>>  drivers/pool/Makefile                              |   4 +
>>  mk/rte.app.mk                                      |   6 +
>>  13 files changed, 788 insertions(+)
>>  create mode 100644 drivers/crypto/dpaa2_sec/Makefile
>>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
>>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
>>  create mode 100644 drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
>>
> NAK, you're trying to patch driver/bus/Makefile, which doesn't exist in the
> upstream tree, please fix your patch.
>
> I'm also opposed to the inclusion of pmds that require non-open external
> libraries as your documentation suggests that you require.  If you need an out
> of tree library to support your hardware, you will recieve no benefit from the
> upstream community in terms of testing and maintenence, nor will the community
> be able to work with your hardware on arches that your library doesn't support.
>
> Neil
>
Thanks for your comments Neil.
dpaa2_sec driver is dependent on dpaa2 driver which is in review in 
other thread. I have mentioned that in the cover letter.
Its latest version is http://dpdk.org/dev/patchwork/patch/19782/

Also there is no external library used. The libraries that are mentioned 
in the documentation are all part of the above dpaa2 driver patchset.

-Akhil
Neil Horman Jan. 20, 2017, 7:31 p.m. | #3
On Fri, Jan 20, 2017 at 06:47:49PM +0530, Akhil Goyal wrote:
> On 1/20/2017 6:02 PM, Neil Horman wrote:
> > On Fri, Jan 20, 2017 at 07:35:02PM +0530, akhil.goyal@nxp.com wrote:
> > > From: Akhil Goyal <akhil.goyal@nxp.com>
> > > 
> > > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > > Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
> > > ---
> > >  config/common_base                                 |   8 +
> > >  config/defconfig_arm64-dpaa2-linuxapp-gcc          |  12 +
> > >  drivers/bus/Makefile                               |   3 +
> > >  drivers/common/Makefile                            |   3 +
> > >  drivers/crypto/Makefile                            |   1 +
> > >  drivers/crypto/dpaa2_sec/Makefile                  |  77 +++++
> > >  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c        | 374 +++++++++++++++++++++
> > >  drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h          |  70 ++++
> > >  drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h          | 225 +++++++++++++
> > >  .../crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map |   4 +
> > >  drivers/net/dpaa2/Makefile                         |   1 +
> > >  drivers/pool/Makefile                              |   4 +
> > >  mk/rte.app.mk                                      |   6 +
> > >  13 files changed, 788 insertions(+)
> > >  create mode 100644 drivers/crypto/dpaa2_sec/Makefile
> > >  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > >  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
> > >  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
> > >  create mode 100644 drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
> > > 
> > NAK, you're trying to patch driver/bus/Makefile, which doesn't exist in the
> > upstream tree, please fix your patch.
> > 
> > I'm also opposed to the inclusion of pmds that require non-open external
> > libraries as your documentation suggests that you require.  If you need an out
> > of tree library to support your hardware, you will recieve no benefit from the
> > upstream community in terms of testing and maintenence, nor will the community
> > be able to work with your hardware on arches that your library doesn't support.
> > 
> > Neil
> > 
> Thanks for your comments Neil.
> dpaa2_sec driver is dependent on dpaa2 driver which is in review in other
> thread. I have mentioned that in the cover letter.
> Its latest version is http://dpdk.org/dev/patchwork/patch/19782/
> 
Sorry, I missed that comment, I'll go find the other thread and take another
look

> Also there is no external library used. The libraries that are mentioned in
> the documentation are all part of the above dpaa2 driver patchset.
> 
Your documentation patch doesn't seem to suggest that.  From the patch:

+This driver relies on external libraries and kernel drivers for resources
+allocations and initialization. The following dependencies are not part of
+DPDK and must be installed separately:
+
+- **NXP Linux SDK**
+
+  NXP Linux software development kit (SDK) includes support for family
+  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
+  and corresponding boards.

....

If thats not the case, you should update the documentation.  If it is the case,
I think my initial comment is still valid...

Regards
Neil

> -Akhil
> 
> 
>
Akhil Goyal Jan. 24, 2017, 6:34 a.m. | #4
On 1/21/2017 1:01 AM, Neil Horman wrote:
> On Fri, Jan 20, 2017 at 06:47:49PM +0530, Akhil Goyal wrote:
>> On 1/20/2017 6:02 PM, Neil Horman wrote:
>>> On Fri, Jan 20, 2017 at 07:35:02PM +0530, akhil.goyal@nxp.com wrote:
>>>> From: Akhil Goyal <akhil.goyal@nxp.com>
>>>>
>>>> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
>>>> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
>>>> ---
>>>>  config/common_base                                 |   8 +
>>>>  config/defconfig_arm64-dpaa2-linuxapp-gcc          |  12 +
>>>>  drivers/bus/Makefile                               |   3 +
>>>>  drivers/common/Makefile                            |   3 +
>>>>  drivers/crypto/Makefile                            |   1 +
>>>>  drivers/crypto/dpaa2_sec/Makefile                  |  77 +++++
>>>>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c        | 374 +++++++++++++++++++++
>>>>  drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h          |  70 ++++
>>>>  drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h          | 225 +++++++++++++
>>>>  .../crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map |   4 +
>>>>  drivers/net/dpaa2/Makefile                         |   1 +
>>>>  drivers/pool/Makefile                              |   4 +
>>>>  mk/rte.app.mk                                      |   6 +
>>>>  13 files changed, 788 insertions(+)
>>>>  create mode 100644 drivers/crypto/dpaa2_sec/Makefile
>>>>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>>>>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
>>>>  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
>>>>  create mode 100644 drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
>>>>
>>> NAK, you're trying to patch driver/bus/Makefile, which doesn't exist in the
>>> upstream tree, please fix your patch.
>>>
>>> I'm also opposed to the inclusion of pmds that require non-open external
>>> libraries as your documentation suggests that you require.  If you need an out
>>> of tree library to support your hardware, you will recieve no benefit from the
>>> upstream community in terms of testing and maintenence, nor will the community
>>> be able to work with your hardware on arches that your library doesn't support.
>>>
>>> Neil
>>>
>> Thanks for your comments Neil.
>> dpaa2_sec driver is dependent on dpaa2 driver which is in review in other
>> thread. I have mentioned that in the cover letter.
>> Its latest version is http://dpdk.org/dev/patchwork/patch/19782/
>>
> Sorry, I missed that comment, I'll go find the other thread and take another
> look
>
>> Also there is no external library used. The libraries that are mentioned in
>> the documentation are all part of the above dpaa2 driver patchset.
>>
> Your documentation patch doesn't seem to suggest that.  From the patch:
>
> +This driver relies on external libraries and kernel drivers for resources
> +allocations and initialization. The following dependencies are not part of
> +DPDK and must be installed separately:
> +
> +- **NXP Linux SDK**
> +
> +  NXP Linux software development kit (SDK) includes support for family
> +  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
> +  and corresponding boards.
>
> ....
>
> If thats not the case, you should update the documentation.  If it is the case,
> I think my initial comment is still valid...
>
> Regards
> Neil
>
>> -Akhil
>>
>>
>>
>
Thanks for pointing this out. I will update the documentation.

Regards,
Akhil
Neil Horman Jan. 24, 2017, 3:06 p.m. | #5
On Tue, Jan 24, 2017 at 12:04:09PM +0530, Akhil Goyal wrote:
> On 1/21/2017 1:01 AM, Neil Horman wrote:
> > On Fri, Jan 20, 2017 at 06:47:49PM +0530, Akhil Goyal wrote:
> > > On 1/20/2017 6:02 PM, Neil Horman wrote:
> > > > On Fri, Jan 20, 2017 at 07:35:02PM +0530, akhil.goyal@nxp.com wrote:
> > > > > From: Akhil Goyal <akhil.goyal@nxp.com>
> > > > > 
> > > > > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > > > > Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
> > > > > ---
> > > > >  config/common_base                                 |   8 +
> > > > >  config/defconfig_arm64-dpaa2-linuxapp-gcc          |  12 +
> > > > >  drivers/bus/Makefile                               |   3 +
> > > > >  drivers/common/Makefile                            |   3 +
> > > > >  drivers/crypto/Makefile                            |   1 +
> > > > >  drivers/crypto/dpaa2_sec/Makefile                  |  77 +++++
> > > > >  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c        | 374 +++++++++++++++++++++
> > > > >  drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h          |  70 ++++
> > > > >  drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h          | 225 +++++++++++++
> > > > >  .../crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map |   4 +
> > > > >  drivers/net/dpaa2/Makefile                         |   1 +
> > > > >  drivers/pool/Makefile                              |   4 +
> > > > >  mk/rte.app.mk                                      |   6 +
> > > > >  13 files changed, 788 insertions(+)
> > > > >  create mode 100644 drivers/crypto/dpaa2_sec/Makefile
> > > > >  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > > > >  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
> > > > >  create mode 100644 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
> > > > >  create mode 100644 drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
> > > > > 
> > > > NAK, you're trying to patch driver/bus/Makefile, which doesn't exist in the
> > > > upstream tree, please fix your patch.
> > > > 
> > > > I'm also opposed to the inclusion of pmds that require non-open external
> > > > libraries as your documentation suggests that you require.  If you need an out
> > > > of tree library to support your hardware, you will recieve no benefit from the
> > > > upstream community in terms of testing and maintenence, nor will the community
> > > > be able to work with your hardware on arches that your library doesn't support.
> > > > 
> > > > Neil
> > > > 
> > > Thanks for your comments Neil.
> > > dpaa2_sec driver is dependent on dpaa2 driver which is in review in other
> > > thread. I have mentioned that in the cover letter.
> > > Its latest version is http://dpdk.org/dev/patchwork/patch/19782/
> > > 
> > Sorry, I missed that comment, I'll go find the other thread and take another
> > look
> > 
> > > Also there is no external library used. The libraries that are mentioned in
> > > the documentation are all part of the above dpaa2 driver patchset.
> > > 
> > Your documentation patch doesn't seem to suggest that.  From the patch:
> > 
> > +This driver relies on external libraries and kernel drivers for resources
> > +allocations and initialization. The following dependencies are not part of
> > +DPDK and must be installed separately:
> > +
> > +- **NXP Linux SDK**
> > +
> > +  NXP Linux software development kit (SDK) includes support for family
> > +  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
> > +  and corresponding boards.
> > 
> > ....
> > 
> > If thats not the case, you should update the documentation.  If it is the case,
> > I think my initial comment is still valid...
> > 
> > Regards
> > Neil
> > 
> > > -Akhil
> > > 
> > > 
> > > 
> > 
> Thanks for pointing this out. I will update the documentation.
> 

I found the v6 patch series that you referenced, and this set still doesn't
apply cleanly to it.  Theres a conflict in one of the makefiles.


> Regards,
> Akhil
> 
>

Patch

diff --git a/config/common_base b/config/common_base
index ebd6281..44d5c00 100644
--- a/config/common_base
+++ b/config/common_base
@@ -461,6 +461,14 @@  CONFIG_RTE_LIBRTE_PMD_ZUC_DEBUG=n
 CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y
 
 #
+#Compile NXP DPAA2 crypto sec driver for CAAM HW
+#
+CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC=n
+CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT=n
+CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_DRIVER=n
+CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_RX=n
+
+#
 # Compile librte_ring
 #
 CONFIG_RTE_LIBRTE_RING=y
diff --git a/config/defconfig_arm64-dpaa2-linuxapp-gcc b/config/defconfig_arm64-dpaa2-linuxapp-gcc
index 18c9589..30fd4e3 100644
--- a/config/defconfig_arm64-dpaa2-linuxapp-gcc
+++ b/config/defconfig_arm64-dpaa2-linuxapp-gcc
@@ -66,3 +66,15 @@  CONFIG_RTE_LIBRTE_DPAA2_DEBUG_DRIVER=n
 CONFIG_RTE_LIBRTE_DPAA2_DEBUG_RX=n
 CONFIG_RTE_LIBRTE_DPAA2_DEBUG_TX=n
 CONFIG_RTE_LIBRTE_DPAA2_DEBUG_TX_FREE=n
+
+#Compile NXP DPAA2 crypto sec driver for CAAM HW
+CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC=y
+CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT=n
+CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_DRIVER=n
+CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_RX=n
+
+#
+# Number of sessions to create in the session memory pool
+# on a single DPAA2 SEC device.
+#
+CONFIG_RTE_DPAA2_SEC_PMD_MAX_NB_SESSIONS=2048
diff --git a/drivers/bus/Makefile b/drivers/bus/Makefile
index 8f7864b..3ef7f2e 100644
--- a/drivers/bus/Makefile
+++ b/drivers/bus/Makefile
@@ -32,6 +32,9 @@ 
 include $(RTE_SDK)/mk/rte.vars.mk
 
 CONFIG_RTE_LIBRTE_FSLMC_BUS = $(CONFIG_RTE_LIBRTE_DPAA2_PMD)
+ifneq ($(CONFIG_RTE_LIBRTE_FSLMC_BUS),y)
+CONFIG_RTE_LIBRTE_FSLMC_BUS = $(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)
+endif
 
 DIRS-$(CONFIG_RTE_LIBRTE_FSLMC_BUS) += fslmc
 
diff --git a/drivers/common/Makefile b/drivers/common/Makefile
index 0a6d8db..00697e6 100644
--- a/drivers/common/Makefile
+++ b/drivers/common/Makefile
@@ -39,6 +39,9 @@  endif
 ifneq ($(CONFIG_RTE_LIBRTE_DPAA2_COMMON),y)
 CONFIG_RTE_LIBRTE_DPAA2_COMMON = $(CONFIG_RTE_LIBRTE_FSLMC_BUS)
 endif
+ifneq ($(CONFIG_RTE_LIBRTE_DPAA2_COMMON),y)
+CONFIG_RTE_LIBRTE_DPAA2_COMMON = $(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)
+endif
 
 DIRS-$(CONFIG_RTE_LIBRTE_DPAA2_COMMON) += dpaa2
 
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index 77b02cf..18cd682 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -40,5 +40,6 @@  DIRS-$(CONFIG_RTE_LIBRTE_PMD_SNOW3G) += snow3g
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += kasumi
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_ZUC) += zuc
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += null
+DIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += dpaa2_sec
 
 include $(RTE_SDK)/mk/rte.subdir.mk
diff --git a/drivers/crypto/dpaa2_sec/Makefile b/drivers/crypto/dpaa2_sec/Makefile
new file mode 100644
index 0000000..5a7442b
--- /dev/null
+++ b/drivers/crypto/dpaa2_sec/Makefile
@@ -0,0 +1,77 @@ 
+#   BSD LICENSE
+#
+#   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
+#   Copyright (c) 2016 NXP. All rights reserved.
+#
+#   Redistribution and use in source and binary forms, with or without
+#   modification, are permitted provided that the following conditions
+#   are met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in
+#       the documentation and/or other materials provided with the
+#       distribution.
+#     * Neither the name of Freescale Semiconductor, Inc nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+#   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+#   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+#   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+#   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+#   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+#   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+#   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+#   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+#   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+#   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+include $(RTE_SDK)/mk/rte.vars.mk
+
+#
+# library name
+#
+LIB = librte_pmd_dpaa2_sec.a
+
+# build flags
+ifeq ($(CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT),y)
+CFLAGS += -O0 -g
+CFLAGS += "-Wno-error"
+else
+CFLAGS += -O3
+CFLAGS += $(WERROR_FLAGS)
+endif
+CFLAGS += -D _GNU_SOURCE
+
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
+CFLAGS += -I$(RTE_SDK)/drivers/bus/fslmc/
+CFLAGS += -I$(RTE_SDK)/drivers/common/dpaa2/qbman/include
+CFLAGS += -I$(RTE_SDK)/drivers/bus/fslmc/portal
+CFLAGS += -I$(RTE_SDK)/drivers/pool/dpaa2/
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
+
+# versioning export map
+EXPORT_MAP := rte_pmd_dpaa2_sec_version.map
+
+# library version
+LIBABIVER := 1
+
+# external library include paths
+CFLAGS += -Iinclude
+LDLIBS += -lcrypto
+
+# library source files
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += dpaa2_sec_dpseci.c
+
+# library dependencies
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_eal
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_mbuf
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_cryptodev
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_pmd_dpaa2_qbman
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_pmd_fslmcbus
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += lib/librte_pmd_dpaa2_pool
+
+include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
new file mode 100644
index 0000000..d6b6176
--- /dev/null
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -0,0 +1,374 @@ 
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
+ *   Copyright (c) 2016 NXP. All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in
+ *       the documentation and/or other materials provided with the
+ *       distribution.
+ *     * Neither the name of  Freescale Semiconductor, Inc nor the names of its
+ *       contributors may be used to endorse or promote products derived
+ *       from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <time.h>
+#include <net/if.h>
+#include <rte_mbuf.h>
+#include <rte_cryptodev.h>
+#include <rte_malloc.h>
+#include <rte_memcpy.h>
+#include <rte_string_fns.h>
+#include <rte_cycles.h>
+#include <rte_kvargs.h>
+#include <rte_dev.h>
+#include <rte_cryptodev_pmd.h>
+#include <rte_common.h>
+
+#include <rte_fslmc.h>
+#include <fslmc_vfio.h>
+#include <dpaa2_hw_pvt.h>
+#include <dpaa2_hw_dpio.h>
+#include <mc/fsl_dpseci.h>
+
+#include "dpaa2_sec_priv.h"
+#include "dpaa2_sec_logs.h"
+
+#define FSL_VENDOR_ID           0x1957
+#define FSL_DEVICE_ID           0x410
+#define FSL_SUBSYSTEM_SEC       1
+#define FSL_MC_DPSECI_DEVID     3
+
+
+static int
+dpaa2_sec_dev_configure(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return -ENOTSUP;
+}
+
+static int
+dpaa2_sec_dev_start(struct rte_cryptodev *dev)
+{
+	struct dpaa2_sec_dev_private *priv = dev->data->dev_private;
+	struct fsl_mc_io *dpseci = (struct fsl_mc_io *)priv->hw;
+	struct dpseci_attr attr;
+	struct dpaa2_queue *dpaa2_q;
+	struct dpaa2_sec_qp **qp = (struct dpaa2_sec_qp **)
+					dev->data->queue_pairs;
+	struct dpseci_rx_queue_attr rx_attr;
+	struct dpseci_tx_queue_attr tx_attr;
+	int ret, i;
+
+	PMD_INIT_FUNC_TRACE();
+
+	memset(&attr, 0, sizeof(struct dpseci_attr));
+
+	ret = dpseci_enable(dpseci, CMD_PRI_LOW, priv->token);
+	if (ret) {
+		PMD_INIT_LOG(ERR, "DPSECI with HW_ID = %d ENABLE FAILED\n",
+			     priv->hw_id);
+		goto get_attr_failure;
+	}
+	ret = dpseci_get_attributes(dpseci, CMD_PRI_LOW, priv->token, &attr);
+	if (ret) {
+		PMD_INIT_LOG(ERR,
+			     "DPSEC ATTRIBUTE READ FAILED, disabling DPSEC\n");
+		goto get_attr_failure;
+	}
+	for (i = 0; i < attr.num_rx_queues && qp[i]; i++) {
+		dpaa2_q = &qp[i]->rx_vq;
+		dpseci_get_rx_queue(dpseci, CMD_PRI_LOW, priv->token, i,
+				    &rx_attr);
+		dpaa2_q->fqid = rx_attr.fqid;
+		PMD_INIT_LOG(DEBUG, "rx_fqid: %d", dpaa2_q->fqid);
+	}
+	for (i = 0; i < attr.num_tx_queues && qp[i]; i++) {
+		dpaa2_q = &qp[i]->tx_vq;
+		dpseci_get_tx_queue(dpseci, CMD_PRI_LOW, priv->token, i,
+				    &tx_attr);
+		dpaa2_q->fqid = tx_attr.fqid;
+		PMD_INIT_LOG(DEBUG, "tx_fqid: %d", dpaa2_q->fqid);
+	}
+
+	return 0;
+get_attr_failure:
+	dpseci_disable(dpseci, CMD_PRI_LOW, priv->token);
+	return -1;
+}
+
+static void
+dpaa2_sec_dev_stop(struct rte_cryptodev *dev)
+{
+	struct dpaa2_sec_dev_private *priv = dev->data->dev_private;
+	struct fsl_mc_io *dpseci = (struct fsl_mc_io *)priv->hw;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+
+	ret = dpseci_disable(dpseci, CMD_PRI_LOW, priv->token);
+	if (ret) {
+		PMD_INIT_LOG(ERR, "Failure in disabling dpseci %d device",
+			     priv->hw_id);
+		return;
+	}
+
+	ret = dpseci_reset(dpseci, CMD_PRI_LOW, priv->token);
+	if (ret < 0) {
+		PMD_INIT_LOG(ERR, "SEC Device cannot be reset:Error = %0x\n",
+			     ret);
+		return;
+	}
+}
+
+static int
+dpaa2_sec_dev_close(struct rte_cryptodev *dev)
+{
+	struct dpaa2_sec_dev_private *priv = dev->data->dev_private;
+	struct fsl_mc_io *dpseci = (struct fsl_mc_io *)priv->hw;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+
+	/* Function is reverse of dpaa2_sec_dev_init.
+	 * It does the following:
+	 * 1. Detach a DPSECI from attached resources i.e. buffer pools, dpbp_id
+	 * 2. Close the DPSECI device
+	 * 3. Free the allocated resources.
+	 */
+
+	/*Close the device at underlying layer*/
+	ret = dpseci_close(dpseci, CMD_PRI_LOW, priv->token);
+	if (ret) {
+		PMD_INIT_LOG(ERR, "Failure closing dpseci device with"
+			     " error code %d\n", ret);
+		return -1;
+	}
+
+	/*Free the allocated memory for ethernet private data and dpseci*/
+	priv->hw = NULL;
+	free(dpseci);
+
+	return 0;
+}
+
+static void
+dpaa2_sec_dev_infos_get(struct rte_cryptodev *dev,
+			struct rte_cryptodev_info *info)
+{
+	struct dpaa2_sec_dev_private *internals = dev->data->dev_private;
+
+	PMD_INIT_FUNC_TRACE();
+	if (info != NULL) {
+		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
+		info->feature_flags = dev->feature_flags;
+		info->capabilities = dpaa2_sec_capabilities;
+		info->sym.max_nb_sessions = internals->max_nb_sessions;
+		info->dev_type = RTE_CRYPTODEV_DPAA2_SEC_PMD;
+	}
+}
+
+static struct rte_cryptodev_ops crypto_ops = {
+	.dev_configure	      = dpaa2_sec_dev_configure,
+	.dev_start	      = dpaa2_sec_dev_start,
+	.dev_stop	      = dpaa2_sec_dev_stop,
+	.dev_close	      = dpaa2_sec_dev_close,
+	.dev_infos_get        = dpaa2_sec_dev_infos_get,
+};
+
+static int
+dpaa2_sec_uninit(__attribute__((unused))
+		 const struct rte_cryptodev_driver *crypto_drv,
+		 struct rte_cryptodev *dev)
+{
+	if (dev->data->name == NULL)
+		return -EINVAL;
+
+	PMD_INIT_LOG(INFO, "Closing DPAA2_SEC device %s on numa socket %u\n",
+		     dev->data->name, rte_socket_id());
+
+	return 0;
+}
+
+static int
+dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
+{
+	struct dpaa2_sec_dev_private *internals;
+	struct rte_device *dev = cryptodev->device;
+	struct rte_dpaa2_device *dpaa2_dev;
+	struct fsl_mc_io *dpseci;
+	uint16_t token;
+	struct dpseci_attr attr;
+	int retcode, hw_id;
+
+	PMD_INIT_FUNC_TRACE();
+	dpaa2_dev = container_of(dev, struct rte_dpaa2_device, device);
+	if (dpaa2_dev == NULL) {
+		PMD_INIT_LOG(ERR, "dpaa2_device not found\n");
+		return -1;
+	}
+	hw_id = dpaa2_dev->object_id;
+
+	cryptodev->dev_type = RTE_CRYPTODEV_DPAA2_SEC_PMD;
+	cryptodev->dev_ops = &crypto_ops;
+
+	cryptodev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+			RTE_CRYPTODEV_FF_HW_ACCELERATED |
+			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING;
+
+	internals = cryptodev->data->dev_private;
+	internals->max_nb_sessions = RTE_DPAA2_SEC_PMD_MAX_NB_SESSIONS;
+
+	/*
+	 * For secondary processes, we don't initialise any further as primary
+	 * has already done this work. Only check we don't need a different
+	 * RX function
+	 */
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
+		PMD_INIT_LOG(DEBUG, "Device already init by primary process");
+		return 0;
+	}
+	/*Open the rte device via MC and save the handle for further use*/
+	dpseci = (struct fsl_mc_io *)rte_calloc(NULL, 1,
+				sizeof(struct fsl_mc_io), 0);
+	if (!dpseci) {
+		PMD_INIT_LOG(ERR,
+			     "Error in allocating the memory for dpsec object");
+		return -1;
+	}
+	dpseci->regs = mcp_ptr_list[0];
+
+	retcode = dpseci_open(dpseci, CMD_PRI_LOW, hw_id, &token);
+	if (retcode != 0) {
+		PMD_INIT_LOG(ERR, "Cannot open the dpsec device: Error = %x",
+			     retcode);
+		goto init_error;
+	}
+	retcode = dpseci_get_attributes(dpseci, CMD_PRI_LOW, token, &attr);
+	if (retcode != 0) {
+		PMD_INIT_LOG(ERR,
+			     "Cannot get dpsec device attributed: Error = %x",
+			     retcode);
+		goto init_error;
+	}
+	sprintf(cryptodev->data->name, "dpsec-%u", hw_id);
+
+	internals->max_nb_queue_pairs = attr.num_tx_queues;
+	cryptodev->data->nb_queue_pairs = internals->max_nb_queue_pairs;
+	internals->hw = dpseci;
+	internals->token = token;
+
+	PMD_INIT_LOG(DEBUG, "driver %s: created\n", cryptodev->data->name);
+	return 0;
+
+init_error:
+	PMD_INIT_LOG(ERR, "driver %s: create failed\n", cryptodev->data->name);
+
+	/* dpaa2_sec_uninit(crypto_dev_name); */
+	return -EFAULT;
+}
+
+static int
+cryptodev_dpaa2_sec_probe(struct rte_dpaa2_driver *dpaa2_drv,
+			  struct rte_dpaa2_device *dpaa2_dev)
+{
+	struct rte_cryptodev *cryptodev;
+	char cryptodev_name[RTE_CRYPTODEV_NAME_MAX_LEN];
+
+	int retval;
+
+	sprintf(cryptodev_name, "dpsec-%d", dpaa2_dev->object_id);
+
+	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
+	if (cryptodev == NULL)
+		return -ENOMEM;
+
+	if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
+		cryptodev->data->dev_private = rte_zmalloc_socket(
+					"cryptodev private structure",
+					sizeof(struct dpaa2_sec_dev_private),
+					RTE_CACHE_LINE_SIZE,
+					rte_socket_id());
+
+		if (cryptodev->data->dev_private == NULL)
+			rte_panic("Cannot allocate memzone for private "
+					"device data");
+	}
+
+	dpaa2_dev->cryptodev = cryptodev;
+	cryptodev->device = &dpaa2_dev->device;
+	cryptodev->driver = (struct rte_cryptodev_driver *)dpaa2_drv;
+
+	/* init user callbacks */
+	TAILQ_INIT(&(cryptodev->link_intr_cbs));
+
+	/* Invoke PMD device initialization function */
+	retval = dpaa2_sec_dev_init(cryptodev);
+	if (retval == 0)
+		return 0;
+
+	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
+		rte_free(cryptodev->data->dev_private);
+
+	cryptodev->attached = RTE_CRYPTODEV_DETACHED;
+
+	return -ENXIO;
+}
+
+static int
+cryptodev_dpaa2_sec_remove(struct rte_dpaa2_device *dpaa2_dev)
+{
+	struct rte_cryptodev *cryptodev;
+	int ret;
+
+	cryptodev = dpaa2_dev->cryptodev;
+	if (cryptodev == NULL)
+		return -ENODEV;
+
+	ret = dpaa2_sec_uninit(NULL, cryptodev);
+	if (ret)
+		return ret;
+
+	/* free crypto device */
+	rte_cryptodev_pmd_release_device(cryptodev);
+
+	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
+		rte_free(cryptodev->data->dev_private);
+
+	cryptodev->pci_dev = NULL;
+	cryptodev->driver = NULL;
+	cryptodev->data = NULL;
+
+	return 0;
+}
+
+static struct rte_dpaa2_driver rte_dpaa2_sec_driver = {
+	.drv_type = DPAA2_MC_DPSECI_DEVID,
+	.driver = {
+		.name = "DPAA2 SEC PMD"
+	},
+	.probe = cryptodev_dpaa2_sec_probe,
+	.remove = cryptodev_dpaa2_sec_remove,
+};
+
+RTE_PMD_REGISTER_DPAA2(dpaa2_sec_pmd, rte_dpaa2_sec_driver);
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
new file mode 100644
index 0000000..03d4c70
--- /dev/null
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h
@@ -0,0 +1,70 @@ 
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
+ *   Copyright (c) 2016 NXP. All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in
+ *       the documentation and/or other materials provided with the
+ *       distribution.
+ *     * Neither the name of  Freescale Semiconductor, Inc nor the names of its
+ *       contributors may be used to endorse or promote products derived
+ *       from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _DPAA2_SEC_LOGS_H_
+#define _DPAA2_SEC_LOGS_H_
+
+#define PMD_INIT_LOG(level, fmt, args...) \
+	RTE_LOG(level, PMD, "%s(): " fmt "\n", __func__, ##args)
+
+#ifdef RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT
+#define PMD_INIT_FUNC_TRACE() PMD_INIT_LOG(DEBUG, " >>")
+#else
+#define PMD_INIT_FUNC_TRACE() do { } while (0)
+#endif
+
+#ifdef RTE_LIBRTE_DPAA2_SEC_DEBUG_RX
+#define PMD_RX_LOG(level, fmt, args...) \
+	RTE_LOG(level, PMD, "%s(): " fmt "\n", __func__, ## args)
+#else
+#define PMD_RX_LOG(level, fmt, args...) do { } while (0)
+#endif
+
+#ifdef RTE_LIBRTE_DPAA2_SEC_DEBUG_TX
+#define PMD_TX_LOG(level, fmt, args...) \
+	RTE_LOG(level, PMD, "%s(): " fmt "\n", __func__, ## args)
+#else
+#define PMD_TX_LOG(level, fmt, args...) do { } while (0)
+#endif
+
+#ifdef RTE_LIBRTE_DPAA2_SEC_DEBUG_DRIVER
+#define PMD_DRV_LOG_RAW(level, fmt, args...) \
+	RTE_LOG(level, PMD, "%s(): " fmt, __func__, ## args)
+#else
+#define PMD_DRV_LOG_RAW(level, fmt, args...) do { } while (0)
+#endif
+
+#define PMD_DRV_LOG(level, fmt, args...) \
+	PMD_DRV_LOG_RAW(level, fmt "\n", ## args)
+
+#endif /* _DPAA2_SEC_LOGS_H_ */
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
new file mode 100644
index 0000000..e0d6148
--- /dev/null
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
@@ -0,0 +1,225 @@ 
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
+ *   Copyright (c) 2016 NXP. All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in
+ *       the documentation and/or other materials provided with the
+ *       distribution.
+ *     * Neither the name of  Freescale Semiconductor, Inc nor the names of its
+ *       contributors may be used to endorse or promote products derived
+ *       from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
+#define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
+
+/** private data structure for each DPAA2_SEC device */
+struct dpaa2_sec_dev_private {
+	void *mc_portal; /**< MC Portal for configuring this device */
+	void *hw; /**< Hardware handle for this device.Used by NADK framework */
+	int32_t hw_id; /**< An unique ID of this device instance */
+	int32_t vfio_fd; /**< File descriptor received via VFIO */
+	uint16_t token; /**< Token required by DPxxx objects */
+	unsigned int max_nb_queue_pairs;
+
+	unsigned int max_nb_sessions;
+	/**< Max number of sessions supported by device */
+};
+
+struct dpaa2_sec_qp {
+	struct dpaa2_queue rx_vq;
+	struct dpaa2_queue tx_vq;
+};
+
+static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
+	{	/* MD5 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 64,
+					.max = 64,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.aad_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA1 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 64,
+					.max = 64,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 20,
+					.max = 20,
+					.increment = 0
+				},
+				.aad_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA224 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 64,
+					.max = 64,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 28,
+					.max = 28,
+					.increment = 0
+				},
+				.aad_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA256 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 64,
+					.max = 64,
+					.increment = 0
+				},
+				.digest_size = {
+						.min = 32,
+						.max = 32,
+						.increment = 0
+					},
+					.aad_size = { 0 }
+				}, }
+			}, }
+		},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 128,
+					.max = 128,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+				.aad_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA512 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 128,
+					.max = 128,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 64,
+					.max = 64,
+					.increment = 0
+				},
+				.aad_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* AES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* 3DES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
+				.block_size = 8,
+				.key_size = {
+					.min = 16,
+					.max = 24,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 8,
+					.max = 8,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
+	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
+};
+#endif /* _RTE_DPAA2_SEC_PMD_PRIVATE_H_ */
diff --git a/drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map b/drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
new file mode 100644
index 0000000..31eca32
--- /dev/null
+++ b/drivers/crypto/dpaa2_sec/rte_pmd_dpaa2_sec_version.map
@@ -0,0 +1,4 @@ 
+DPDK_17.02 {
+
+	local: *;
+};
diff --git a/drivers/net/dpaa2/Makefile b/drivers/net/dpaa2/Makefile
index 5e669df..a24486e 100644
--- a/drivers/net/dpaa2/Makefile
+++ b/drivers/net/dpaa2/Makefile
@@ -36,6 +36,7 @@  include $(RTE_SDK)/mk/rte.vars.mk
 #
 LIB = librte_pmd_dpaa2.a
 
+# build flags
 ifeq ($(CONFIG_RTE_LIBRTE_DPAA2_DEBUG_INIT),y)
 CFLAGS += -O0 -g
 CFLAGS += "-Wno-error"
diff --git a/drivers/pool/Makefile b/drivers/pool/Makefile
index 4325edd..cc8b66b 100644
--- a/drivers/pool/Makefile
+++ b/drivers/pool/Makefile
@@ -33,6 +33,10 @@  include $(RTE_SDK)/mk/rte.vars.mk
 
 CONFIG_RTE_LIBRTE_DPAA2_POOL = $(CONFIG_RTE_LIBRTE_DPAA2_PMD)
 
+ifneq ($(CONFIG_RTE_LIBRTE_DPAA2_POOL),y)
+CONFIG_RTE_LIBRTE_DPAA2_POOL = $(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)
+endif
+
 DIRS-$(CONFIG_RTE_LIBRTE_DPAA2_COMMON) += dpaa2
 
 include $(RTE_SDK)/mk/rte.subdir.mk
diff --git a/mk/rte.app.mk b/mk/rte.app.mk
index f415c18..ad0e987 100644
--- a/mk/rte.app.mk
+++ b/mk/rte.app.mk
@@ -155,6 +155,12 @@  _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ZUC)         += -lrte_pmd_zuc
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ZUC)         += -L$(LIBSSO_ZUC_PATH)/build -lsso_zuc
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO)    += -lrte_pmd_armv8
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO)    += -L$(ARMV8_CRYPTO_LIB_PATH) -larmv8_crypto
+ifeq ($(CONFIG_RTE_LIBRTE_DPAA2_COMMON),y)
+_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_dpaa2_sec
+_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_dpaa2_qbman
+_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_dpaa2_pool
+_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_fslmcbus
+endif
 endif # CONFIG_RTE_LIBRTE_CRYPTODEV
 
 endif # !CONFIG_RTE_BUILD_SHARED_LIBS