From patchwork Mon Jul 6 05:36:46 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 73145 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 00384A00BE; Mon, 6 Jul 2020 07:37:03 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id C1CD21D698; Mon, 6 Jul 2020 07:36:57 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 949D71D5D6 for ; Mon, 6 Jul 2020 07:36:54 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 79B6C1A0550; Mon, 6 Jul 2020 07:36:54 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 917271A0569; Mon, 6 Jul 2020 07:36:52 +0200 (CEST) Received: from lsv03273.swis.in-blr01.nxp.com (lsv03273.swis.in-blr01.nxp.com [92.120.147.113]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 395D5402C8; Mon, 6 Jul 2020 13:36:50 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: hemant.agrawal@nxp.com, Akhil Goyal Date: Mon, 6 Jul 2020 11:06:46 +0530 Message-Id: <20200706053648.13271-2-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200706053648.13271-1-akhil.goyal@nxp.com> References: <20200706052142.12116-2-akhil.goyal@nxp.com> <20200706053648.13271-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v3 1/3] drivers/crypto: fix 18bit PDCP cases with HFN override X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" In case of RTA_SEC_ERA = 8, where the length of shared desc is large for some of PDCP cases, the descriptor buffer cannot hold 2 extra words when HFN override is enabled. As a result, the descriptor fails. This patch converts one of the keys from immediate key to reference key hence reducing the length of the descriptor. Signed-off-by: Akhil Goyal --- drivers/common/dpaax/caamflib/desc/pdcp.h | 44 +++++++++++++++++++++ drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 ++++ drivers/crypto/dpaa_sec/dpaa_sec.c | 33 +++------------- 3 files changed, 58 insertions(+), 27 deletions(-) diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h index b5e2d24e4..99eb0f71a 100644 --- a/drivers/common/dpaax/caamflib/desc/pdcp.h +++ b/drivers/common/dpaax/caamflib/desc/pdcp.h @@ -262,6 +262,50 @@ enum pdb_type_e { PDCP_PDB_TYPE_INVALID }; +/** + * rta_inline_pdcp_query() - Provide indications if a key can be passed as + * immediate data or shall be referenced in a + * shared descriptor. + * Return: 0 if data can be inlined or 1 if referenced. + */ +static inline int +rta_inline_pdcp_query(enum auth_type_pdcp auth_alg, + enum cipher_type_pdcp cipher_alg, + enum pdcp_sn_size sn_size, + int8_t hfn_ovd) +{ + /** + * Shared Descriptors for some of the cases does not fit in the + * MAX_DESC_SIZE of the descriptor especially when non-protocol + * descriptors are formed as in 18bit cases and when HFN override + * is enabled as 2 extra words are added in the job descriptor. + * The cases which exceed are for RTA_SEC_ERA=8 and HFN override + * enabled and 18bit uplane and either of following Algo combinations. + * - SNOW-AES + * - AES-SNOW + * - SNOW-SNOW + * - ZUC-SNOW + * + * We cannot make inline for all cases, as this will impact performance + * due to extra memory accesses for the keys. + */ + if ((rta_sec_era == RTA_SEC_ERA_8) && hfn_ovd && + (sn_size == PDCP_SN_SIZE_18) && + ((cipher_alg == PDCP_CIPHER_TYPE_SNOW && + auth_alg == PDCP_AUTH_TYPE_AES) || + (cipher_alg == PDCP_CIPHER_TYPE_AES && + auth_alg == PDCP_AUTH_TYPE_SNOW) || + (cipher_alg == PDCP_CIPHER_TYPE_SNOW && + auth_alg == PDCP_AUTH_TYPE_SNOW) || + (cipher_alg == PDCP_CIPHER_TYPE_ZUC && + auth_alg == PDCP_AUTH_TYPE_SNOW))) { + + return 1; + } + + return 0; +} + /* * Function for appending the portion of a PDCP Control Plane shared descriptor * which performs NULL encryption and integrity (i.e. copies the input frame diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index 12f833136..60fdced78 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -3154,6 +3154,14 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, goto out; } + if (rta_inline_pdcp_query(authdata.algtype, + cipherdata.algtype, + session->pdcp.sn_size, + session->pdcp.hfn_ovd)) { + cipherdata.key = DPAA2_VADDR_TO_IOVA(cipherdata.key); + cipherdata.key_type = RTA_DATA_PTR; + } + if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { if (session->dir == DIR_ENC) bufsize = cnstr_shdsc_pdcp_c_plane_encap( diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index d9fa8bb36..01e79c8ea 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -240,7 +240,6 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) struct sec_cdb *cdb = &ses->cdb; struct alginfo *p_authdata = NULL; int32_t shared_desc_len = 0; - int err; #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN int swap = false; #else @@ -254,10 +253,6 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) cipherdata.algtype = ses->cipher_key.alg; cipherdata.algmode = ses->cipher_key.algmode; - cdb->sh_desc[0] = cipherdata.keylen; - cdb->sh_desc[1] = 0; - cdb->sh_desc[2] = 0; - if (ses->auth_alg) { authdata.key = (size_t)ses->auth_key.data; authdata.keylen = ses->auth_key.length; @@ -267,33 +262,17 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) authdata.algmode = ses->auth_key.algmode; p_authdata = &authdata; - - cdb->sh_desc[1] = authdata.keylen; } - err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, - (unsigned int *)cdb->sh_desc, - &cdb->sh_desc[2], 2); - if (err < 0) { - DPAA_SEC_ERR("Crypto: Incorrect key lengths"); - return err; - } - - if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { + if (rta_inline_pdcp_query(authdata.algtype, + cipherdata.algtype, + ses->pdcp.sn_size, + ses->pdcp.hfn_ovd)) { cipherdata.key = - (size_t)rte_dpaa_mem_vtop((void *)(size_t)cipherdata.key); + (size_t)rte_dpaa_mem_vtop((void *) + (size_t)cipherdata.key); cipherdata.key_type = RTA_DATA_PTR; } - if (!(cdb->sh_desc[2] & (1 << 1)) && authdata.keylen) { - authdata.key = - (size_t)rte_dpaa_mem_vtop((void *)(size_t)authdata.key); - authdata.key_type = RTA_DATA_PTR; - } - - cdb->sh_desc[0] = 0; - cdb->sh_desc[1] = 0; - cdb->sh_desc[2] = 0; if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_CONTROL) { if (ses->dir == DIR_ENC) From patchwork Mon Jul 6 05:36:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 73146 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id B55C3A00BE; Mon, 6 Jul 2020 07:37:11 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 494081D6B4; Mon, 6 Jul 2020 07:36:59 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id C07991D621 for ; Mon, 6 Jul 2020 07:36:54 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 9816B20150B; Mon, 6 Jul 2020 07:36:54 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id DF0E52003E5; Mon, 6 Jul 2020 07:36:52 +0200 (CEST) Received: from lsv03273.swis.in-blr01.nxp.com (lsv03273.swis.in-blr01.nxp.com [92.120.147.113]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 87B09402F0; Mon, 6 Jul 2020 13:36:50 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: hemant.agrawal@nxp.com, Akhil Goyal Date: Mon, 6 Jul 2020 11:06:47 +0530 Message-Id: <20200706053648.13271-3-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200706053648.13271-1-akhil.goyal@nxp.com> References: <20200706052142.12116-2-akhil.goyal@nxp.com> <20200706053648.13271-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v3 2/3] test/crypto: update PDCP HFN scenarios X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" As per current framework of PDCP testing, app can only support either HFN override or fixed session HFN values but not both. Now to enable both, either we duplicate all PDCP cases(>100) for both override and fixed HFN. It will look clumsy as the number of cases will be very high without much value addition. Now to overcome this, we can do HFN override for Downlink cases and fixed HFN for uplink cases. This way we will not loose the test coverage and there will not be duplicacy in the test cases. Signed-off-by: Akhil Goyal --- app/test/test_cryptodev.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index f1c11bcd8..d63958ddd 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -7161,7 +7161,9 @@ test_pdcp_proto(int i, int oop, ut_params->cipher_xform.cipher.key.data = pdcp_test_crypto_key[i]; ut_params->cipher_xform.cipher.key.length = pdcp_test_params[i].cipher_key_len; - ut_params->cipher_xform.cipher.iv.length = 0; + ut_params->cipher_xform.cipher.iv.length = + pdcp_test_packet_direction[i] ? 4 : 0; + ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; /* Setup HMAC Parameters if ICV header is required */ if (pdcp_test_params[i].auth_alg != 0) { @@ -7186,8 +7188,18 @@ test_pdcp_proto(int i, int oop, .domain = pdcp_test_params[i].domain, .pkt_dir = pdcp_test_packet_direction[i], .sn_size = pdcp_test_data_sn_size[i], - .hfn = pdcp_test_hfn[i], + .hfn = pdcp_test_packet_direction[i] ? + 0 : pdcp_test_hfn[i], + /** + * hfn can be set as pdcp_test_hfn[i] + * if hfn_ovrd is not set. Here, PDCP + * packet direction is just used to + * run half of the cases with session + * HFN and other half with per packet + * HFN. + */ .hfn_threshold = pdcp_test_hfn_threshold[i], + .hfn_ovrd = pdcp_test_packet_direction[i] ? 1 : 0, } }, .crypto_xform = &ut_params->cipher_xform }; @@ -7214,6 +7226,10 @@ test_pdcp_proto(int i, int oop, goto on_err; } + uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ut_params->op, + uint32_t *, IV_OFFSET); + *per_pkt_hfn = pdcp_test_packet_direction[i] ? pdcp_test_hfn[i] : 0; + rte_security_attach_session(ut_params->op, ut_params->sec_session); /* set crypto operation source mbuf */ @@ -7445,6 +7461,7 @@ test_pdcp_proto_SGL(int i, int oop, .sn_size = pdcp_test_data_sn_size[i], .hfn = pdcp_test_hfn[i], .hfn_threshold = pdcp_test_hfn_threshold[i], + .hfn_ovrd = 0, } }, .crypto_xform = &ut_params->cipher_xform }; From patchwork Mon Jul 6 05:36:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 73147 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6A4A8A00BE; Mon, 6 Jul 2020 07:37:21 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id E35EF1D6C5; Mon, 6 Jul 2020 07:37:00 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 3973A1D5D6 for ; Mon, 6 Jul 2020 07:36:55 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 1E6111A0569; Mon, 6 Jul 2020 07:36:55 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 36C751A055D; Mon, 6 Jul 2020 07:36:53 +0200 (CEST) Received: from lsv03273.swis.in-blr01.nxp.com (lsv03273.swis.in-blr01.nxp.com [92.120.147.113]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id D47A4402F7; Mon, 6 Jul 2020 13:36:50 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: hemant.agrawal@nxp.com, Akhil Goyal Date: Mon, 6 Jul 2020 11:06:48 +0530 Message-Id: <20200706053648.13271-4-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200706053648.13271-1-akhil.goyal@nxp.com> References: <20200706052142.12116-2-akhil.goyal@nxp.com> <20200706053648.13271-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v3 3/3] test/crypto-perf: add option to enable session HFN X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add a new option for PDCP cases to enable use of session based fixed HFN value instead of per packet HFN which was enabled by hfn override feature. By default HFN override is enabled and if session based fixed HFN need to be tested, add "--pdcp-ses-hfn-en" in the command line. Signed-off-by: Akhil Goyal --- app/test-crypto-perf/cperf_ops.c | 11 ++++++++--- app/test-crypto-perf/cperf_options.h | 3 +++ app/test-crypto-perf/cperf_options_parsing.c | 13 +++++++++++++ doc/guides/tools/cryptoperf.rst | 4 ++++ 4 files changed, 28 insertions(+), 3 deletions(-) diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c index e06b59f55..f851509ec 100644 --- a/app/test-crypto-perf/cperf_ops.c +++ b/app/test-crypto-perf/cperf_ops.c @@ -26,6 +26,10 @@ cperf_set_ops_security(struct rte_crypto_op **ops, (struct rte_security_session *)sess; uint32_t buf_sz; + uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ops[i], + uint32_t *, iv_offset); + *per_pkt_hfn = options->pdcp_ses_hfn_en ? 0 : PDCP_DEFAULT_HFN; + ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; rte_security_attach_session(ops[i], sec_sess); sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] + @@ -554,16 +558,15 @@ cperf_create_session(struct rte_mempool *sess_mp, cipher_xform.cipher.algo = options->cipher_algo; cipher_xform.cipher.op = options->cipher_op; cipher_xform.cipher.iv.offset = iv_offset; + cipher_xform.cipher.iv.length = 4; /* cipher different than null */ if (options->cipher_algo != RTE_CRYPTO_CIPHER_NULL) { cipher_xform.cipher.key.data = test_vector->cipher_key.data; cipher_xform.cipher.key.length = test_vector->cipher_key.length; - cipher_xform.cipher.iv.length = test_vector->cipher_iv.length; } else { cipher_xform.cipher.key.data = NULL; cipher_xform.cipher.key.length = 0; - cipher_xform.cipher.iv.length = 0; } /* Setup Auth Parameters */ @@ -601,8 +604,10 @@ cperf_create_session(struct rte_mempool *sess_mp, .domain = options->pdcp_domain, .pkt_dir = 0, .sn_size = options->pdcp_sn_sz, - .hfn = 0x1, + .hfn = options->pdcp_ses_hfn_en ? + PDCP_DEFAULT_HFN : 0, .hfn_threshold = 0x70C0A, + .hfn_ovrd = !(options->pdcp_ses_hfn_en), } }, .crypto_xform = &cipher_xform }; diff --git a/app/test-crypto-perf/cperf_options.h b/app/test-crypto-perf/cperf_options.h index e5f1edffc..256fabb07 100644 --- a/app/test-crypto-perf/cperf_options.h +++ b/app/test-crypto-perf/cperf_options.h @@ -50,6 +50,8 @@ #ifdef RTE_LIBRTE_SECURITY #define CPERF_PDCP_SN_SZ ("pdcp-sn-sz") #define CPERF_PDCP_DOMAIN ("pdcp-domain") +#define CPERF_PDCP_SES_HFN_EN ("pdcp-ses-hfn-en") +#define PDCP_DEFAULT_HFN 0x1 #define CPERF_DOCSIS_HDR_SZ ("docsis-hdr-sz") #endif @@ -123,6 +125,7 @@ struct cperf_options { #ifdef RTE_LIBRTE_SECURITY uint16_t pdcp_sn_sz; + uint16_t pdcp_ses_hfn_en; enum rte_security_pdcp_domain pdcp_domain; uint16_t docsis_hdr_sz; #endif diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c index 20577a144..44aa7f925 100644 --- a/app/test-crypto-perf/cperf_options_parsing.c +++ b/app/test-crypto-perf/cperf_options_parsing.c @@ -58,6 +58,9 @@ usage(char *progname) " and dequeue in pmd-cyclecount benchmarking mode\n" " --csv-friendly: enable test result output CSV friendly\n" #ifdef RTE_LIBRTE_SECURITY + " --pdcp-sn-sz N: set PDCP SN size N <5/7/12/15/18>\n" + " --pdcp-domain DOMAIN: set PDCP domain \n" + " --pdcp-ses-hfn-en: enable session based fixed HFN\n" " --docsis-hdr-sz: set DOCSIS header size\n" #endif " -h: prints this help\n", @@ -834,6 +837,7 @@ static struct option lgopts[] = { #ifdef RTE_LIBRTE_SECURITY { CPERF_PDCP_SN_SZ, required_argument, 0, 0 }, { CPERF_PDCP_DOMAIN, required_argument, 0, 0 }, + { CPERF_PDCP_SES_HFN_EN, no_argument, 0, 0 }, { CPERF_DOCSIS_HDR_SZ, required_argument, 0, 0 }, #endif { CPERF_CSV, no_argument, 0, 0}, @@ -905,6 +909,7 @@ cperf_options_default(struct cperf_options *opts) #ifdef RTE_LIBRTE_SECURITY opts->pdcp_sn_sz = 12; opts->pdcp_domain = RTE_SECURITY_PDCP_MODE_CONTROL; + opts->pdcp_ses_hfn_en = 0; opts->docsis_hdr_sz = 17; #endif } @@ -945,6 +950,7 @@ cperf_opts_parse_long(int opt_idx, struct cperf_options *opts) #ifdef RTE_LIBRTE_SECURITY { CPERF_PDCP_SN_SZ, parse_pdcp_sn_sz }, { CPERF_PDCP_DOMAIN, parse_pdcp_domain }, + { CPERF_PDCP_SES_HFN_EN, parse_pdcp_ses_hfn_en }, { CPERF_DOCSIS_HDR_SZ, parse_docsis_hdr_sz }, #endif { CPERF_CSV, parse_csv_friendly}, @@ -1079,6 +1085,13 @@ check_docsis_buffer_length(struct cperf_options *options) return 0; } + +static int +parse_pdcp_ses_hfn_en(struct cperf_options *opts, const char *arg __rte_unused) +{ + opts->pdcp_ses_hfn_en = 1; + return 0; +} #endif int diff --git a/doc/guides/tools/cryptoperf.rst b/doc/guides/tools/cryptoperf.rst index a8df8bc99..28b729dbd 100644 --- a/doc/guides/tools/cryptoperf.rst +++ b/doc/guides/tools/cryptoperf.rst @@ -347,6 +347,10 @@ The following are the application command-line options: Set DOCSIS header size(n) in bytes. +* ``--pdcp-ses-hfn-en`` + + Enable fixed session based HFN instead of per packet HFN. + Test Vector File ~~~~~~~~~~~~~~~~