Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/135069/?format=api
{ "id": 135069, "url": "https://patches.dpdk.org/api/patches/135069/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/20231212153640.1561504-1-brian.dooley@intel.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20231212153640.1561504-1-brian.dooley@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20231212153640.1561504-1-brian.dooley@intel.com", "date": "2023-12-12T15:36:40", "name": "[v1] crypto/ipsec_mb: unified IPsec MB interface", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "4ac1957a5d267de67dbfe3544965e399feb0a403", "submitter": { "id": 2520, "url": "https://patches.dpdk.org/api/people/2520/?format=api", "name": "Dooley, Brian", "email": "brian.dooley@intel.com" }, "delegate": { "id": 6690, "url": "https://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "https://patches.dpdk.org/project/dpdk/patch/20231212153640.1561504-1-brian.dooley@intel.com/mbox/", "series": [ { "id": 30525, "url": "https://patches.dpdk.org/api/series/30525/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=30525", "date": "2023-12-12T15:36:40", "name": "[v1] crypto/ipsec_mb: unified IPsec MB interface", "version": 1, "mbox": "https://patches.dpdk.org/series/30525/mbox/" } ], "comments": "https://patches.dpdk.org/api/patches/135069/comments/", "check": "fail", "checks": "https://patches.dpdk.org/api/patches/135069/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id E69CC436D3;\n\tTue, 12 Dec 2023 16:36:57 +0100 (CET)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 78ACF40278;\n\tTue, 12 Dec 2023 16:36:57 +0100 (CET)", "from mgamail.intel.com (mgamail.intel.com [198.175.65.9])\n by mails.dpdk.org (Postfix) with ESMTP id 59A9C40270\n for <dev@dpdk.org>; Tue, 12 Dec 2023 16:36:54 +0100 (CET)", "from fmsmga002.fm.intel.com ([10.253.24.26])\n by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 12 Dec 2023 07:36:53 -0800", "from unknown (HELO silpixa00400886.ir.intel.com) ([10.243.23.150])\n by fmsmga002.fm.intel.com with ESMTP; 12 Dec 2023 07:36:49 -0800" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple;\n d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n t=1702395414; x=1733931414;\n h=from:to:cc:subject:date:message-id:mime-version:\n content-transfer-encoding;\n bh=q1Mh/aGzJjZf8Rda+wb5IiKHPHQpW3wQV26wYUIV2ws=;\n b=XrzovAD4PPyMAfSWCr4tRZuV4Jel1vwDDSoDfRs/n+ziqld6gKQP/GOv\n 7SLJMVFjscvXKBIvrPISAz2TtVVJ1pQYN4v/PYCHQi5FEDMKiRyHLRAdm\n YI6mpZc6kPSWOFWj/PIPyiLrsgfpMQn2BB6P6kbnNsaso0W/cMzGNOmGN\n uABjgMnSlsTBTjJnBnmlO0b/U1bxl1vYBlY3Qy+jovU8PUuOt5X1FxEQK\n KEPsaSoqcSf1JyPzl+3SKIF4/CB2AsN1J4GCOto9jpagx8tblaFp2P26b\n 2IeHQfl4qlQGdQBPOWQyH5s8JfcOvd9JBS0cUKrBtmp/BFjpkCp+TDn+k g==;", "X-IronPort-AV": [ "E=McAfee;i=\"6600,9927,10922\"; a=\"13512881\"", "E=Sophos;i=\"6.04,270,1695711600\"; d=\"scan'208\";a=\"13512881\"", "E=McAfee;i=\"6600,9927,10922\"; a=\"891636091\"", "E=Sophos;i=\"6.04,270,1695711600\"; d=\"scan'208\";a=\"891636091\"" ], "X-ExtLoop1": "1", "From": "Brian Dooley <brian.dooley@intel.com>", "To": "Kai Ji <kai.ji@intel.com>, Pablo de Lara <pablo.de.lara.guarch@intel.com>", "Cc": "dev@dpdk.org,\n\tgakhil@marvell.com,\n\tBrian Dooley <brian.dooley@intel.com>", "Subject": "[PATCH v1] crypto/ipsec_mb: unified IPsec MB interface", "Date": "Tue, 12 Dec 2023 15:36:40 +0000", "Message-Id": "<20231212153640.1561504-1-brian.dooley@intel.com>", "X-Mailer": "git-send-email 2.25.1", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "Currently IPsec MB provides both the JOB API and direct API.\nAESNI_MB PMD is using the JOB API codepath while ZUC, KASUMI, SNOW3G,\nCHACHA20_POLY1305 and AESNI_GCM are using the direct API.\nInstead of using the direct API for these PMDs, they should now make\nuse of the JOB API codepath. This would remove all use of the IPsec MB\ndirect API for these PMDs.\n\nSigned-off-by: Brian Dooley <brian.dooley@intel.com>\n---\n drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 758 +-----------------\n drivers/crypto/ipsec_mb/pmd_aesni_gcm_priv.h | 21 -\n drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 6 +-\n drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h | 13 +\n drivers/crypto/ipsec_mb/pmd_chacha_poly.c | 335 +-------\n .../crypto/ipsec_mb/pmd_chacha_poly_priv.h | 19 -\n drivers/crypto/ipsec_mb/pmd_kasumi.c | 404 +---------\n drivers/crypto/ipsec_mb/pmd_kasumi_priv.h | 12 -\n drivers/crypto/ipsec_mb/pmd_snow3g.c | 540 +------------\n drivers/crypto/ipsec_mb/pmd_snow3g_priv.h | 13 -\n drivers/crypto/ipsec_mb/pmd_zuc.c | 342 +-------\n drivers/crypto/ipsec_mb/pmd_zuc_priv.h | 11 -\n 12 files changed, 38 insertions(+), 2436 deletions(-)", "diff": "diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c\nindex 8d40bd9169..44609333ee 100644\n--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c\n+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c\n@@ -3,753 +3,7 @@\n */\n \n #include \"pmd_aesni_gcm_priv.h\"\n-\n-static void\n-aesni_gcm_set_ops(struct aesni_gcm_ops *ops, IMB_MGR *mb_mgr)\n-{\n-\t/* Set 128 bit function pointers. */\n-\tops[GCM_KEY_128].pre = mb_mgr->gcm128_pre;\n-\tops[GCM_KEY_128].init = mb_mgr->gcm128_init;\n-\n-\tops[GCM_KEY_128].enc = mb_mgr->gcm128_enc;\n-\tops[GCM_KEY_128].update_enc = mb_mgr->gcm128_enc_update;\n-\tops[GCM_KEY_128].finalize_enc = mb_mgr->gcm128_enc_finalize;\n-\n-\tops[GCM_KEY_128].dec = mb_mgr->gcm128_dec;\n-\tops[GCM_KEY_128].update_dec = mb_mgr->gcm128_dec_update;\n-\tops[GCM_KEY_128].finalize_dec = mb_mgr->gcm128_dec_finalize;\n-\n-\tops[GCM_KEY_128].gmac_init = mb_mgr->gmac128_init;\n-\tops[GCM_KEY_128].gmac_update = mb_mgr->gmac128_update;\n-\tops[GCM_KEY_128].gmac_finalize = mb_mgr->gmac128_finalize;\n-\n-\t/* Set 192 bit function pointers. */\n-\tops[GCM_KEY_192].pre = mb_mgr->gcm192_pre;\n-\tops[GCM_KEY_192].init = mb_mgr->gcm192_init;\n-\n-\tops[GCM_KEY_192].enc = mb_mgr->gcm192_enc;\n-\tops[GCM_KEY_192].update_enc = mb_mgr->gcm192_enc_update;\n-\tops[GCM_KEY_192].finalize_enc = mb_mgr->gcm192_enc_finalize;\n-\n-\tops[GCM_KEY_192].dec = mb_mgr->gcm192_dec;\n-\tops[GCM_KEY_192].update_dec = mb_mgr->gcm192_dec_update;\n-\tops[GCM_KEY_192].finalize_dec = mb_mgr->gcm192_dec_finalize;\n-\n-\tops[GCM_KEY_192].gmac_init = mb_mgr->gmac192_init;\n-\tops[GCM_KEY_192].gmac_update = mb_mgr->gmac192_update;\n-\tops[GCM_KEY_192].gmac_finalize = mb_mgr->gmac192_finalize;\n-\n-\t/* Set 256 bit function pointers. */\n-\tops[GCM_KEY_256].pre = mb_mgr->gcm256_pre;\n-\tops[GCM_KEY_256].init = mb_mgr->gcm256_init;\n-\n-\tops[GCM_KEY_256].enc = mb_mgr->gcm256_enc;\n-\tops[GCM_KEY_256].update_enc = mb_mgr->gcm256_enc_update;\n-\tops[GCM_KEY_256].finalize_enc = mb_mgr->gcm256_enc_finalize;\n-\n-\tops[GCM_KEY_256].dec = mb_mgr->gcm256_dec;\n-\tops[GCM_KEY_256].update_dec = mb_mgr->gcm256_dec_update;\n-\tops[GCM_KEY_256].finalize_dec = mb_mgr->gcm256_dec_finalize;\n-\n-\tops[GCM_KEY_256].gmac_init = mb_mgr->gmac256_init;\n-\tops[GCM_KEY_256].gmac_update = mb_mgr->gmac256_update;\n-\tops[GCM_KEY_256].gmac_finalize = mb_mgr->gmac256_finalize;\n-}\n-\n-static int\n-aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,\n-\t\t\t const struct rte_crypto_sym_xform *xform)\n-{\n-\tstruct aesni_gcm_session *sess = session;\n-\tconst struct rte_crypto_sym_xform *auth_xform;\n-\tconst struct rte_crypto_sym_xform *cipher_xform;\n-\tconst struct rte_crypto_sym_xform *aead_xform;\n-\n-\tuint8_t key_length;\n-\tconst uint8_t *key;\n-\tenum ipsec_mb_operation mode;\n-\tint ret = 0;\n-\n-\tret = ipsec_mb_parse_xform(xform, &mode, &auth_xform,\n-\t\t\t\t&cipher_xform, &aead_xform);\n-\tif (ret)\n-\t\treturn ret;\n-\n-\t/**< GCM key type */\n-\n-\tsess->op = mode;\n-\n-\tswitch (sess->op) {\n-\tcase IPSEC_MB_OP_HASH_GEN_ONLY:\n-\tcase IPSEC_MB_OP_HASH_VERIFY_ONLY:\n-\t\t/* AES-GMAC\n-\t\t * auth_xform = xform;\n-\t\t */\n-\t\tif (auth_xform->auth.algo != RTE_CRYPTO_AUTH_AES_GMAC) {\n-\t\t\tIPSEC_MB_LOG(ERR,\n-\t\"Only AES GMAC is supported as an authentication only algorithm\");\n-\t\t\tret = -ENOTSUP;\n-\t\t\tgoto error_exit;\n-\t\t}\n-\t\t/* Set IV parameters */\n-\t\tsess->iv.offset = auth_xform->auth.iv.offset;\n-\t\tsess->iv.length = auth_xform->auth.iv.length;\n-\t\tkey_length = auth_xform->auth.key.length;\n-\t\tkey = auth_xform->auth.key.data;\n-\t\tsess->req_digest_length =\n-\t\t RTE_MIN(auth_xform->auth.digest_length,\n-\t\t\t\tDIGEST_LENGTH_MAX);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:\n-\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:\n-\t\t/* AES-GCM\n-\t\t * aead_xform = xform;\n-\t\t */\n-\n-\t\tif (aead_xform->aead.algo != RTE_CRYPTO_AEAD_AES_GCM) {\n-\t\t\tIPSEC_MB_LOG(ERR,\n-\t\t\t\"The only combined operation supported is AES GCM\");\n-\t\t\tret = -ENOTSUP;\n-\t\t\tgoto error_exit;\n-\t\t}\n-\t\t/* Set IV parameters */\n-\t\tsess->iv.offset = aead_xform->aead.iv.offset;\n-\t\tsess->iv.length = aead_xform->aead.iv.length;\n-\t\tkey_length = aead_xform->aead.key.length;\n-\t\tkey = aead_xform->aead.key.data;\n-\t\tsess->aad_length = aead_xform->aead.aad_length;\n-\t\tsess->req_digest_length =\n-\t\t\tRTE_MIN(aead_xform->aead.digest_length,\n-\t\t\t\tDIGEST_LENGTH_MAX);\n-\t\tbreak;\n-\tdefault:\n-\t\tIPSEC_MB_LOG(\n-\t\t ERR, \"Wrong xform type, has to be AEAD or authentication\");\n-\t\tret = -ENOTSUP;\n-\t\tgoto error_exit;\n-\t}\n-\n-\t/* Check key length, and calculate GCM pre-compute. */\n-\tswitch (key_length) {\n-\tcase 16:\n-\t\tsess->key_length = GCM_KEY_128;\n-\t\tmb_mgr->gcm128_pre(key, &sess->gdata_key);\n-\t\tbreak;\n-\tcase 24:\n-\t\tsess->key_length = GCM_KEY_192;\n-\t\tmb_mgr->gcm192_pre(key, &sess->gdata_key);\n-\t\tbreak;\n-\tcase 32:\n-\t\tsess->key_length = GCM_KEY_256;\n-\t\tmb_mgr->gcm256_pre(key, &sess->gdata_key);\n-\t\tbreak;\n-\tdefault:\n-\t\tIPSEC_MB_LOG(ERR, \"Invalid key length\");\n-\t\tret = -EINVAL;\n-\t\tgoto error_exit;\n-\t}\n-\n-\t/* Digest check */\n-\tif (sess->req_digest_length > 16) {\n-\t\tIPSEC_MB_LOG(ERR, \"Invalid digest length\");\n-\t\tret = -EINVAL;\n-\t\tgoto error_exit;\n-\t}\n-\t/*\n-\t * If size requested is different, generate the full digest\n-\t * (16 bytes) in a temporary location and then memcpy\n-\t * the requested number of bytes.\n-\t */\n-\tif (sess->req_digest_length < 4)\n-\t\tsess->gen_digest_length = 16;\n-\telse\n-\t\tsess->gen_digest_length = sess->req_digest_length;\n-\n-error_exit:\n-\treturn ret;\n-}\n-\n-/**\n- * Process a completed job and return rte_mbuf which job processed\n- *\n- * @param job\tIMB_JOB job to process\n- *\n- * @return\n- * - Returns processed mbuf which is trimmed of output digest used in\n- * verification of supplied digest in the case of a HASH_CIPHER operation\n- * - Returns NULL on invalid job\n- */\n-static void\n-post_process_gcm_crypto_op(struct ipsec_mb_qp *qp,\n-\t\tstruct rte_crypto_op *op,\n-\t\tstruct aesni_gcm_session *session)\n-{\n-\tstruct aesni_gcm_qp_data *qp_data = ipsec_mb_get_qp_private_data(qp);\n-\n-\top->status = RTE_CRYPTO_OP_STATUS_SUCCESS;\n-\t/* Verify digest if required */\n-\tif (session->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT ||\n-\t\t\tsession->op == IPSEC_MB_OP_HASH_VERIFY_ONLY) {\n-\t\tuint8_t *digest;\n-\n-\t\tuint8_t *tag = qp_data->temp_digest;\n-\n-\t\tif (session->op == IPSEC_MB_OP_HASH_VERIFY_ONLY)\n-\t\t\tdigest = op->sym->auth.digest.data;\n-\t\telse\n-\t\t\tdigest = op->sym->aead.digest.data;\n-\n-#ifdef RTE_LIBRTE_PMD_AESNI_GCM_DEBUG\n-\t\trte_hexdump(stdout, \"auth tag (orig):\",\n-\t\t\t\tdigest, session->req_digest_length);\n-\t\trte_hexdump(stdout, \"auth tag (calc):\",\n-\t\t\t\ttag, session->req_digest_length);\n-#endif\n-\n-\t\tif (memcmp(tag, digest,\tsession->req_digest_length) != 0)\n-\t\t\top->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;\n-\t} else {\n-\t\tif (session->req_digest_length != session->gen_digest_length) {\n-\t\t\tif (session->op ==\n-\t\t\t\tIPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT)\n-\t\t\t\tmemcpy(op->sym->aead.digest.data,\n-\t\t\t\t\tqp_data->temp_digest,\n-\t\t\t\t\tsession->req_digest_length);\n-\t\t\telse\n-\t\t\t\tmemcpy(op->sym->auth.digest.data,\n-\t\t\t\t\tqp_data->temp_digest,\n-\t\t\t\t\tsession->req_digest_length);\n-\t\t}\n-\t}\n-}\n-\n-/**\n- * Process a completed GCM request\n- *\n- * @param qp\t\tQueue Pair to process\n- * @param op\t\tCrypto operation\n- * @param sess\t\tAESNI-GCM session\n- *\n- */\n-static void\n-handle_completed_gcm_crypto_op(struct ipsec_mb_qp *qp,\n-\t\tstruct rte_crypto_op *op,\n-\t\tstruct aesni_gcm_session *sess)\n-{\n-\tpost_process_gcm_crypto_op(qp, op, sess);\n-\n-\t/* Free session if a session-less crypto op */\n-\tif (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {\n-\t\tmemset(sess, 0, sizeof(struct aesni_gcm_session));\n-\t\trte_mempool_put(qp->sess_mp, op->sym->session);\n-\t\top->sym->session = NULL;\n-\t}\n-}\n-\n-/**\n- * Process a crypto operation, calling\n- * the GCM API from the multi buffer library.\n- *\n- * @param\tqp\t\tqueue pair\n- * @param\top\t\tsymmetric crypto operation\n- * @param\tsession\t\tGCM session\n- *\n- * @return\n- * 0 on success\n- */\n-static int\n-process_gcm_crypto_op(struct ipsec_mb_qp *qp, struct rte_crypto_op *op,\n-\t\tstruct aesni_gcm_session *session)\n-{\n-\tstruct aesni_gcm_qp_data *qp_data = ipsec_mb_get_qp_private_data(qp);\n-\tuint8_t *src, *dst;\n-\tuint8_t *iv_ptr;\n-\tstruct rte_crypto_sym_op *sym_op = op->sym;\n-\tstruct rte_mbuf *m_src = sym_op->m_src;\n-\tuint32_t offset, data_offset, data_length;\n-\tuint32_t part_len, total_len, data_len;\n-\tuint8_t *tag;\n-\tunsigned int oop = 0;\n-\tstruct aesni_gcm_ops *ops = &qp_data->ops[session->key_length];\n-\n-\tif (session->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT ||\n-\t\t\tsession->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT) {\n-\t\toffset = sym_op->aead.data.offset;\n-\t\tdata_offset = offset;\n-\t\tdata_length = sym_op->aead.data.length;\n-\t} else {\n-\t\toffset = sym_op->auth.data.offset;\n-\t\tdata_offset = offset;\n-\t\tdata_length = sym_op->auth.data.length;\n-\t}\n-\n-\tRTE_ASSERT(m_src != NULL);\n-\n-\twhile (offset >= m_src->data_len && data_length != 0) {\n-\t\toffset -= m_src->data_len;\n-\t\tm_src = m_src->next;\n-\n-\t\tRTE_ASSERT(m_src != NULL);\n-\t}\n-\n-\tsrc = rte_pktmbuf_mtod_offset(m_src, uint8_t *, offset);\n-\n-\tdata_len = m_src->data_len - offset;\n-\tpart_len = (data_len < data_length) ? data_len :\n-\t\t\tdata_length;\n-\n-\tRTE_ASSERT((sym_op->m_dst == NULL) ||\n-\t\t\t((sym_op->m_dst != NULL) &&\n-\t\t\t\trte_pktmbuf_is_contiguous(sym_op->m_dst)));\n-\n-\t/* In-place */\n-\tif (sym_op->m_dst == NULL || (sym_op->m_dst == sym_op->m_src))\n-\t\tdst = src;\n-\t/* Out-of-place */\n-\telse {\n-\t\toop = 1;\n-\t\t/* Segmented destination buffer is not supported\n-\t\t * if operation is Out-of-place\n-\t\t */\n-\t\tRTE_ASSERT(rte_pktmbuf_is_contiguous(sym_op->m_dst));\n-\t\tdst = rte_pktmbuf_mtod_offset(sym_op->m_dst, uint8_t *,\n-\t\t\t\t\tdata_offset);\n-\t}\n-\n-\tiv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,\n-\t\t\t\tsession->iv.offset);\n-\n-\tif (session->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT) {\n-\t\tops->init(&session->gdata_key, &qp_data->gcm_ctx_data, iv_ptr,\n-\t\t\t\tsym_op->aead.aad.data,\n-\t\t\t\t(uint64_t)session->aad_length);\n-\n-\t\tops->update_enc(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\tdst, src, (uint64_t)part_len);\n-\t\ttotal_len = data_length - part_len;\n-\n-\t\twhile (total_len) {\n-\t\t\tm_src = m_src->next;\n-\n-\t\t\tRTE_ASSERT(m_src != NULL);\n-\n-\t\t\tsrc = rte_pktmbuf_mtod(m_src, uint8_t *);\n-\t\t\tif (oop)\n-\t\t\t\tdst += part_len;\n-\t\t\telse\n-\t\t\t\tdst = src;\n-\t\t\tpart_len = (m_src->data_len < total_len) ?\n-\t\t\t\t\tm_src->data_len : total_len;\n-\n-\t\t\tops->update_enc(&session->gdata_key,\n-\t\t\t\t\t&qp_data->gcm_ctx_data,\n-\t\t\t\t\tdst, src, (uint64_t)part_len);\n-\t\t\ttotal_len -= part_len;\n-\t\t}\n-\n-\t\tif (session->req_digest_length != session->gen_digest_length)\n-\t\t\ttag = qp_data->temp_digest;\n-\t\telse\n-\t\t\ttag = sym_op->aead.digest.data;\n-\n-\t\tops->finalize_enc(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\ttag, session->gen_digest_length);\n-\t} else if (session->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT) {\n-\t\tops->init(&session->gdata_key, &qp_data->gcm_ctx_data, iv_ptr,\n-\t\t\t\tsym_op->aead.aad.data,\n-\t\t\t\t(uint64_t)session->aad_length);\n-\n-\t\tops->update_dec(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\tdst, src, (uint64_t)part_len);\n-\t\ttotal_len = data_length - part_len;\n-\n-\t\twhile (total_len) {\n-\t\t\tm_src = m_src->next;\n-\n-\t\t\tRTE_ASSERT(m_src != NULL);\n-\n-\t\t\tsrc = rte_pktmbuf_mtod(m_src, uint8_t *);\n-\t\t\tif (oop)\n-\t\t\t\tdst += part_len;\n-\t\t\telse\n-\t\t\t\tdst = src;\n-\t\t\tpart_len = (m_src->data_len < total_len) ?\n-\t\t\t\t\tm_src->data_len : total_len;\n-\n-\t\t\tops->update_dec(&session->gdata_key,\n-\t\t\t\t\t&qp_data->gcm_ctx_data,\n-\t\t\t\t\tdst, src, (uint64_t)part_len);\n-\t\t\ttotal_len -= part_len;\n-\t\t}\n-\n-\t\ttag = qp_data->temp_digest;\n-\t\tops->finalize_dec(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\ttag, session->gen_digest_length);\n-\t} else if (session->op == IPSEC_MB_OP_HASH_GEN_ONLY) {\n-\t\tops->gmac_init(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\tiv_ptr, session->iv.length);\n-\n-\t\tops->gmac_update(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\tsrc, (uint64_t)part_len);\n-\t\ttotal_len = data_length - part_len;\n-\n-\t\twhile (total_len) {\n-\t\t\tm_src = m_src->next;\n-\n-\t\t\tRTE_ASSERT(m_src != NULL);\n-\n-\t\t\tsrc = rte_pktmbuf_mtod(m_src, uint8_t *);\n-\t\t\tpart_len = (m_src->data_len < total_len) ?\n-\t\t\t\t\tm_src->data_len : total_len;\n-\n-\t\t\tops->gmac_update(&session->gdata_key,\n-\t\t\t\t\t&qp_data->gcm_ctx_data, src,\n-\t\t\t\t\t(uint64_t)part_len);\n-\t\t\ttotal_len -= part_len;\n-\t\t}\n-\n-\t\tif (session->req_digest_length != session->gen_digest_length)\n-\t\t\ttag = qp_data->temp_digest;\n-\t\telse\n-\t\t\ttag = sym_op->auth.digest.data;\n-\n-\t\tops->gmac_finalize(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\ttag, session->gen_digest_length);\n-\t} else { /* IPSEC_MB_OP_HASH_VERIFY_ONLY */\n-\t\tops->gmac_init(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\tiv_ptr, session->iv.length);\n-\n-\t\tops->gmac_update(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\tsrc, (uint64_t)part_len);\n-\t\ttotal_len = data_length - part_len;\n-\n-\t\twhile (total_len) {\n-\t\t\tm_src = m_src->next;\n-\n-\t\t\tRTE_ASSERT(m_src != NULL);\n-\n-\t\t\tsrc = rte_pktmbuf_mtod(m_src, uint8_t *);\n-\t\t\tpart_len = (m_src->data_len < total_len) ?\n-\t\t\t\t\tm_src->data_len : total_len;\n-\n-\t\t\tops->gmac_update(&session->gdata_key,\n-\t\t\t\t\t&qp_data->gcm_ctx_data, src,\n-\t\t\t\t\t(uint64_t)part_len);\n-\t\t\ttotal_len -= part_len;\n-\t\t}\n-\n-\t\ttag = qp_data->temp_digest;\n-\n-\t\tops->gmac_finalize(&session->gdata_key, &qp_data->gcm_ctx_data,\n-\t\t\t\ttag, session->gen_digest_length);\n-\t}\n-\treturn 0;\n-}\n-\n-/** Get gcm session */\n-static inline struct aesni_gcm_session *\n-aesni_gcm_get_session(struct ipsec_mb_qp *qp,\n-\t struct rte_crypto_op *op)\n-{\n-\tstruct rte_cryptodev_sym_session *sess = NULL;\n-\tstruct rte_crypto_sym_op *sym_op = op->sym;\n-\n-\tif (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {\n-\t\tif (likely(sym_op->session != NULL))\n-\t\t\tsess = sym_op->session;\n-\t} else {\n-\t\tif (rte_mempool_get(qp->sess_mp, (void **)&sess))\n-\t\t\treturn NULL;\n-\n-\t\tif (unlikely(sess->sess_data_sz <\n-\t\t\t\tsizeof(struct aesni_gcm_session))) {\n-\t\t\trte_mempool_put(qp->sess_mp, sess);\n-\t\t\treturn NULL;\n-\t\t}\n-\n-\t\tif (unlikely(aesni_gcm_session_configure(qp->mb_mgr,\n-\t\t\t\tCRYPTODEV_GET_SYM_SESS_PRIV(sess),\n-\t\t\t\tsym_op->xform) != 0)) {\n-\t\t\trte_mempool_put(qp->sess_mp, sess);\n-\t\t\tsess = NULL;\n-\t\t}\n-\t\tsym_op->session = sess;\n-\t}\n-\n-\tif (unlikely(sess == NULL))\n-\t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n-\n-\treturn CRYPTODEV_GET_SYM_SESS_PRIV(sess);\n-}\n-\n-static uint16_t\n-aesni_gcm_pmd_dequeue_burst(void *queue_pair,\n-\t\tstruct rte_crypto_op **ops, uint16_t nb_ops)\n-{\n-\tstruct aesni_gcm_session *sess;\n-\tstruct ipsec_mb_qp *qp = queue_pair;\n-\n-\tint retval = 0;\n-\tunsigned int i, nb_dequeued;\n-\n-\tnb_dequeued = rte_ring_dequeue_burst(qp->ingress_queue,\n-\t\t\t(void **)ops, nb_ops, NULL);\n-\n-\tfor (i = 0; i < nb_dequeued; i++) {\n-\n-\t\tsess = aesni_gcm_get_session(qp, ops[i]);\n-\t\tif (unlikely(sess == NULL)) {\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tqp->stats.dequeue_err_count++;\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\tretval = process_gcm_crypto_op(qp, ops[i], sess);\n-\t\tif (retval < 0) {\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tqp->stats.dequeue_err_count++;\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\thandle_completed_gcm_crypto_op(qp, ops[i], sess);\n-\t}\n-\n-\tqp->stats.dequeued_count += i;\n-\n-\treturn i;\n-}\n-\n-static inline void\n-aesni_gcm_fill_error_code(struct rte_crypto_sym_vec *vec,\n-\t\t\t int32_t errnum)\n-{\n-\tuint32_t i;\n-\n-\tfor (i = 0; i < vec->num; i++)\n-\t\tvec->status[i] = errnum;\n-}\n-\n-static inline int32_t\n-aesni_gcm_sgl_op_finalize_encryption(const struct aesni_gcm_session *s,\n-\t\t\t\t struct gcm_context_data *gdata_ctx,\n-\t\t\t\t uint8_t *digest, struct aesni_gcm_ops ops)\n-{\n-\tif (s->req_digest_length != s->gen_digest_length) {\n-\t\tuint8_t tmpdigest[s->gen_digest_length];\n-\n-\t\tops.finalize_enc(&s->gdata_key, gdata_ctx, tmpdigest,\n-\t\t\t\ts->gen_digest_length);\n-\t\tmemcpy(digest, tmpdigest, s->req_digest_length);\n-\t} else {\n-\t\tops.finalize_enc(&s->gdata_key, gdata_ctx, digest,\n-\t\t\t\ts->gen_digest_length);\n-\t}\n-\n-\treturn 0;\n-}\n-\n-static inline int32_t\n-aesni_gcm_sgl_op_finalize_decryption(const struct aesni_gcm_session *s,\n-\t\t\t\t struct gcm_context_data *gdata_ctx,\n-\t\t\t\t uint8_t *digest, struct aesni_gcm_ops ops)\n-{\n-\tuint8_t tmpdigest[s->gen_digest_length];\n-\n-\tops.finalize_dec(&s->gdata_key, gdata_ctx, tmpdigest,\n-\t\t\ts->gen_digest_length);\n-\n-\treturn memcmp(digest, tmpdigest, s->req_digest_length) == 0 ? 0\n-\t\t\t\t\t\t\t\t : EBADMSG;\n-}\n-\n-static inline void\n-aesni_gcm_process_gcm_sgl_op(const struct aesni_gcm_session *s,\n-\t\t\t struct gcm_context_data *gdata_ctx,\n-\t\t\t struct rte_crypto_sgl *sgl, void *iv, void *aad,\n-\t\t\t struct aesni_gcm_ops ops)\n-{\n-\tuint32_t i;\n-\n-\t/* init crypto operation */\n-\tops.init(&s->gdata_key, gdata_ctx, iv, aad,\n-\t\t (uint64_t)s->aad_length);\n-\n-\t/* update with sgl data */\n-\tfor (i = 0; i < sgl->num; i++) {\n-\t\tstruct rte_crypto_vec *vec = &sgl->vec[i];\n-\n-\t\tswitch (s->op) {\n-\t\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:\n-\t\t\tops.update_enc(&s->gdata_key, gdata_ctx,\n-\t\t\t vec->base, vec->base, vec->len);\n-\t\t\tbreak;\n-\t\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:\n-\t\t\tops.update_dec(&s->gdata_key, gdata_ctx,\n-\t\t\t vec->base, vec->base, vec->len);\n-\t\t\tbreak;\n-\t\tdefault:\n-\t\t\tIPSEC_MB_LOG(ERR, \"Invalid session op\");\n-\t\t\tbreak;\n-\t\t}\n-\n-\t}\n-}\n-\n-static inline void\n-aesni_gcm_process_gmac_sgl_op(const struct aesni_gcm_session *s,\n-\t\t\t struct gcm_context_data *gdata_ctx,\n-\t\t\t struct rte_crypto_sgl *sgl, void *iv,\n-\t\t\t struct aesni_gcm_ops ops)\n-{\n-\tops.init(&s->gdata_key, gdata_ctx, iv, sgl->vec[0].base,\n-\t\t sgl->vec[0].len);\n-}\n-\n-static inline uint32_t\n-aesni_gcm_sgl_encrypt(struct aesni_gcm_session *s,\n-\t\t struct gcm_context_data *gdata_ctx,\n-\t\t struct rte_crypto_sym_vec *vec,\n-\t\t struct aesni_gcm_ops ops)\n-{\n-\tuint32_t i, processed;\n-\n-\tprocessed = 0;\n-\tfor (i = 0; i < vec->num; ++i) {\n-\t\taesni_gcm_process_gcm_sgl_op(s, gdata_ctx, &vec->src_sgl[i],\n-\t\t\t\t\t vec->iv[i].va, vec->aad[i].va,\n-\t\t\t\t\t ops);\n-\t\tvec->status[i] = aesni_gcm_sgl_op_finalize_encryption(\n-\t\t s, gdata_ctx, vec->digest[i].va, ops);\n-\t\tprocessed += (vec->status[i] == 0);\n-\t}\n-\n-\treturn processed;\n-}\n-\n-static inline uint32_t\n-aesni_gcm_sgl_decrypt(struct aesni_gcm_session *s,\n-\t\t struct gcm_context_data *gdata_ctx,\n-\t\t struct rte_crypto_sym_vec *vec,\n-\t\t struct aesni_gcm_ops ops)\n-{\n-\tuint32_t i, processed;\n-\n-\tprocessed = 0;\n-\tfor (i = 0; i < vec->num; ++i) {\n-\t\taesni_gcm_process_gcm_sgl_op(s, gdata_ctx, &vec->src_sgl[i],\n-\t\t\t\t\t vec->iv[i].va, vec->aad[i].va,\n-\t\t\t\t\t ops);\n-\t\tvec->status[i] = aesni_gcm_sgl_op_finalize_decryption(\n-\t\t s, gdata_ctx, vec->digest[i].va, ops);\n-\t\tprocessed += (vec->status[i] == 0);\n-\t}\n-\n-\treturn processed;\n-}\n-\n-static inline uint32_t\n-aesni_gmac_sgl_generate(struct aesni_gcm_session *s,\n-\t\t\tstruct gcm_context_data *gdata_ctx,\n-\t\t\tstruct rte_crypto_sym_vec *vec,\n-\t\t\tstruct aesni_gcm_ops ops)\n-{\n-\tuint32_t i, processed;\n-\n-\tprocessed = 0;\n-\tfor (i = 0; i < vec->num; ++i) {\n-\t\tif (vec->src_sgl[i].num != 1) {\n-\t\t\tvec->status[i] = ENOTSUP;\n-\t\t\tcontinue;\n-\t\t}\n-\n-\t\taesni_gcm_process_gmac_sgl_op(s, gdata_ctx, &vec->src_sgl[i],\n-\t\t\t\t\t vec->iv[i].va, ops);\n-\t\tvec->status[i] = aesni_gcm_sgl_op_finalize_encryption(\n-\t\t s, gdata_ctx, vec->digest[i].va, ops);\n-\t\tprocessed += (vec->status[i] == 0);\n-\t}\n-\n-\treturn processed;\n-}\n-\n-static inline uint32_t\n-aesni_gmac_sgl_verify(struct aesni_gcm_session *s,\n-\t\t struct gcm_context_data *gdata_ctx,\n-\t\t struct rte_crypto_sym_vec *vec,\n-\t\t struct aesni_gcm_ops ops)\n-{\n-\tuint32_t i, processed;\n-\n-\tprocessed = 0;\n-\tfor (i = 0; i < vec->num; ++i) {\n-\t\tif (vec->src_sgl[i].num != 1) {\n-\t\t\tvec->status[i] = ENOTSUP;\n-\t\t\tcontinue;\n-\t\t}\n-\n-\t\taesni_gcm_process_gmac_sgl_op(s, gdata_ctx, &vec->src_sgl[i],\n-\t\t\t\t\t vec->iv[i].va, ops);\n-\t\tvec->status[i] = aesni_gcm_sgl_op_finalize_decryption(\n-\t\t s, gdata_ctx, vec->digest[i].va, ops);\n-\t\tprocessed += (vec->status[i] == 0);\n-\t}\n-\n-\treturn processed;\n-}\n-\n-/** Process CPU crypto bulk operations */\n-static uint32_t\n-aesni_gcm_process_bulk(struct rte_cryptodev *dev __rte_unused,\n-\t\t\tstruct rte_cryptodev_sym_session *sess,\n-\t\t\t__rte_unused union rte_crypto_sym_ofs ofs,\n-\t\t\tstruct rte_crypto_sym_vec *vec)\n-{\n-\tstruct aesni_gcm_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);\n-\tstruct gcm_context_data gdata_ctx;\n-\tIMB_MGR *mb_mgr;\n-\n-\t/* get per-thread MB MGR, create one if needed */\n-\tmb_mgr = get_per_thread_mb_mgr();\n-\tif (unlikely(mb_mgr == NULL))\n-\t\treturn 0;\n-\n-\t/* Check if function pointers have been set for this thread ops. */\n-\tif (unlikely(RTE_PER_LCORE(gcm_ops)[s->key_length].init == NULL))\n-\t\taesni_gcm_set_ops(RTE_PER_LCORE(gcm_ops), mb_mgr);\n-\n-\tswitch (s->op) {\n-\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:\n-\t\treturn aesni_gcm_sgl_encrypt(s, &gdata_ctx, vec,\n-\t\t\t\tRTE_PER_LCORE(gcm_ops)[s->key_length]);\n-\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:\n-\t\treturn aesni_gcm_sgl_decrypt(s, &gdata_ctx, vec,\n-\t\t\t\tRTE_PER_LCORE(gcm_ops)[s->key_length]);\n-\tcase IPSEC_MB_OP_HASH_GEN_ONLY:\n-\t\treturn aesni_gmac_sgl_generate(s, &gdata_ctx, vec,\n-\t\t\t\tRTE_PER_LCORE(gcm_ops)[s->key_length]);\n-\tcase IPSEC_MB_OP_HASH_VERIFY_ONLY:\n-\t\treturn aesni_gmac_sgl_verify(s, &gdata_ctx, vec,\n-\t\t\t\tRTE_PER_LCORE(gcm_ops)[s->key_length]);\n-\tdefault:\n-\t\taesni_gcm_fill_error_code(vec, EINVAL);\n-\t\treturn 0;\n-\t}\n-}\n-\n-static int\n-aesni_gcm_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,\n-\t\t\t\tconst struct rte_cryptodev_qp_conf *qp_conf,\n-\t\t\t\tint socket_id)\n-{\n-\tint ret = ipsec_mb_qp_setup(dev, qp_id, qp_conf, socket_id);\n-\tif (ret < 0)\n-\t\treturn ret;\n-\n-\tstruct ipsec_mb_qp *qp = dev->data->queue_pairs[qp_id];\n-\tstruct aesni_gcm_qp_data *qp_data = ipsec_mb_get_qp_private_data(qp);\n-\taesni_gcm_set_ops(qp_data->ops, qp->mb_mgr);\n-\treturn 0;\n-}\n+#include \"pmd_aesni_mb_priv.h\"\n \n struct rte_cryptodev_ops aesni_gcm_pmd_ops = {\n \t.dev_configure = ipsec_mb_config,\n@@ -762,10 +16,10 @@ struct rte_cryptodev_ops aesni_gcm_pmd_ops = {\n \n \t.dev_infos_get = ipsec_mb_info_get,\n \n-\t.queue_pair_setup = aesni_gcm_qp_setup,\n+\t.queue_pair_setup = ipsec_mb_qp_setup,\n \t.queue_pair_release = ipsec_mb_qp_release,\n \n-\t.sym_cpu_process = aesni_gcm_process_bulk,\n+\t.sym_cpu_process = aesni_mb_process_bulk,\n \n \t.sym_session_get_size = ipsec_mb_sym_session_get_size,\n \t.sym_session_configure = ipsec_mb_sym_session_configure,\n@@ -801,7 +55,7 @@ RTE_INIT(ipsec_mb_register_aesni_gcm)\n \t\t&ipsec_mb_pmds[IPSEC_MB_PMD_TYPE_AESNI_GCM];\n \n \taesni_gcm_data->caps = aesni_gcm_capabilities;\n-\taesni_gcm_data->dequeue_burst = aesni_gcm_pmd_dequeue_burst;\n+\taesni_gcm_data->dequeue_burst = aesni_mb_dequeue_burst;\n \taesni_gcm_data->feature_flags =\n \t\tRTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |\n \t\tRTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |\n@@ -814,6 +68,6 @@ RTE_INIT(ipsec_mb_register_aesni_gcm)\n \taesni_gcm_data->ops = &aesni_gcm_pmd_ops;\n \taesni_gcm_data->qp_priv_size = sizeof(struct aesni_gcm_qp_data);\n \taesni_gcm_data->queue_pair_configure = NULL;\n-\taesni_gcm_data->session_configure = aesni_gcm_session_configure;\n-\taesni_gcm_data->session_priv_size = sizeof(struct aesni_gcm_session);\n+\taesni_gcm_data->session_configure = aesni_mb_session_configure;\n+\taesni_gcm_data->session_priv_size = sizeof(struct aesni_mb_session);\n }\ndiff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm_priv.h b/drivers/crypto/ipsec_mb/pmd_aesni_gcm_priv.h\nindex 55a0416030..a40543ad15 100644\n--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm_priv.h\n+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm_priv.h\n@@ -143,25 +143,4 @@ struct aesni_gcm_qp_data {\n \t/**< Operation Handlers */\n };\n \n-/** AESNI GCM private session structure */\n-struct aesni_gcm_session {\n-\tstruct {\n-\t\tuint16_t length;\n-\t\tuint16_t offset;\n-\t} iv;\n-\t/**< IV parameters */\n-\tuint16_t aad_length;\n-\t/**< AAD length */\n-\tuint16_t req_digest_length;\n-\t/**< Requested digest length */\n-\tuint16_t gen_digest_length;\n-\t/**< Generated digest length */\n-\tenum ipsec_mb_operation op;\n-\t/**< GCM operation type */\n-\tstruct gcm_key_data gdata_key;\n-\t/**< GCM parameters */\n-\tenum aesni_gcm_key_length key_length;\n-\t/** Key Length */\n-};\n-\n #endif /* _PMD_AESNI_GCM_PRIV_H_ */\ndiff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\nindex ece9cfd5ed..712188216d 100644\n--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n@@ -759,7 +759,7 @@ aesni_mb_set_session_aead_parameters(const IMB_MGR *mb_mgr,\n }\n \n /** Configure a aesni multi-buffer session from a crypto xform chain */\n-static int\n+int\n aesni_mb_session_configure(IMB_MGR *mb_mgr,\n \t\tvoid *priv_sess,\n \t\tconst struct rte_crypto_sym_xform *xform)\n@@ -2124,7 +2124,7 @@ set_job_null_op(IMB_JOB *job, struct rte_crypto_op *op)\n }\n \n #if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM\n-static uint16_t\n+uint16_t\n aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,\n \t\tuint16_t nb_ops)\n {\n@@ -2442,7 +2442,7 @@ verify_sync_dgst(struct rte_crypto_sym_vec *vec,\n \treturn k;\n }\n \n-static uint32_t\n+uint32_t\n aesni_mb_process_bulk(struct rte_cryptodev *dev __rte_unused,\n \tstruct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs sofs,\n \tstruct rte_crypto_sym_vec *vec)\ndiff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h\nindex 85994fe5a1..9f0a89d20b 100644\n--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h\n+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h\n@@ -21,6 +21,19 @@\n #define MAX_NUM_SEGS 16\n #endif\n \n+int\n+aesni_mb_session_configure(IMB_MGR * m __rte_unused, void *priv_sess,\n+\t\tconst struct rte_crypto_sym_xform *xform);\n+\n+uint16_t\n+aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,\n+\t\tuint16_t nb_ops);\n+\n+uint32_t\n+aesni_mb_process_bulk(struct rte_cryptodev *dev __rte_unused,\n+\tstruct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs sofs,\n+\tstruct rte_crypto_sym_vec *vec);\n+\n static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {\n \t{\t/* MD5 HMAC */\n \t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\ndiff --git a/drivers/crypto/ipsec_mb/pmd_chacha_poly.c b/drivers/crypto/ipsec_mb/pmd_chacha_poly.c\nindex 97e7cef233..93f8e3588e 100644\n--- a/drivers/crypto/ipsec_mb/pmd_chacha_poly.c\n+++ b/drivers/crypto/ipsec_mb/pmd_chacha_poly.c\n@@ -3,334 +3,7 @@\n */\n \n #include \"pmd_chacha_poly_priv.h\"\n-\n-/** Parse crypto xform chain and set private session parameters. */\n-static int\n-chacha20_poly1305_session_configure(IMB_MGR * mb_mgr __rte_unused,\n-\t\tvoid *priv_sess, const struct rte_crypto_sym_xform *xform)\n-{\n-\tstruct chacha20_poly1305_session *sess = priv_sess;\n-\tconst struct rte_crypto_sym_xform *auth_xform;\n-\tconst struct rte_crypto_sym_xform *cipher_xform;\n-\tconst struct rte_crypto_sym_xform *aead_xform;\n-\n-\tuint8_t key_length;\n-\tconst uint8_t *key;\n-\tenum ipsec_mb_operation mode;\n-\tint ret = 0;\n-\n-\tret = ipsec_mb_parse_xform(xform, &mode, &auth_xform,\n-\t\t\t\t&cipher_xform, &aead_xform);\n-\tif (ret)\n-\t\treturn ret;\n-\n-\tsess->op = mode;\n-\n-\tswitch (sess->op) {\n-\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:\n-\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:\n-\t\tif (aead_xform->aead.algo !=\n-\t\t\t\tRTE_CRYPTO_AEAD_CHACHA20_POLY1305) {\n-\t\t\tIPSEC_MB_LOG(ERR,\n-\t\t\t\"The only combined operation supported is CHACHA20 POLY1305\");\n-\t\t\tret = -ENOTSUP;\n-\t\t\tgoto error_exit;\n-\t\t}\n-\t\t/* Set IV parameters */\n-\t\tsess->iv.offset = aead_xform->aead.iv.offset;\n-\t\tsess->iv.length = aead_xform->aead.iv.length;\n-\t\tkey_length = aead_xform->aead.key.length;\n-\t\tkey = aead_xform->aead.key.data;\n-\t\tsess->aad_length = aead_xform->aead.aad_length;\n-\t\tsess->req_digest_length = aead_xform->aead.digest_length;\n-\t\tbreak;\n-\tdefault:\n-\t\tIPSEC_MB_LOG(\n-\t\t ERR, \"Wrong xform type, has to be AEAD or authentication\");\n-\t\tret = -ENOTSUP;\n-\t\tgoto error_exit;\n-\t}\n-\n-\t/* IV check */\n-\tif (sess->iv.length != CHACHA20_POLY1305_IV_LENGTH &&\n-\t\tsess->iv.length != 0) {\n-\t\tIPSEC_MB_LOG(ERR, \"Wrong IV length\");\n-\t\tret = -EINVAL;\n-\t\tgoto error_exit;\n-\t}\n-\n-\t/* Check key length */\n-\tif (key_length != CHACHA20_POLY1305_KEY_SIZE) {\n-\t\tIPSEC_MB_LOG(ERR, \"Invalid key length\");\n-\t\tret = -EINVAL;\n-\t\tgoto error_exit;\n-\t} else {\n-\t\tmemcpy(sess->key, key, CHACHA20_POLY1305_KEY_SIZE);\n-\t}\n-\n-\t/* Digest check */\n-\tif (sess->req_digest_length != CHACHA20_POLY1305_DIGEST_LENGTH) {\n-\t\tIPSEC_MB_LOG(ERR, \"Invalid digest length\");\n-\t\tret = -EINVAL;\n-\t\tgoto error_exit;\n-\t} else {\n-\t\tsess->gen_digest_length = CHACHA20_POLY1305_DIGEST_LENGTH;\n-\t}\n-\n-error_exit:\n-\treturn ret;\n-}\n-\n-/**\n- * Process a crypto operation, calling\n- * the direct chacha poly API from the multi buffer library.\n- *\n- * @param\tqp\t\tqueue pair\n- * @param\top\t\tsymmetric crypto operation\n- * @param\tsession\t\tchacha poly session\n- *\n- * @return\n- * - Return 0 if success\n- */\n-static int\n-chacha20_poly1305_crypto_op(struct ipsec_mb_qp *qp, struct rte_crypto_op *op,\n-\t\tstruct chacha20_poly1305_session *session)\n-{\n-\tstruct chacha20_poly1305_qp_data *qp_data =\n-\t\t\t\t\tipsec_mb_get_qp_private_data(qp);\n-\tuint8_t *src, *dst;\n-\tuint8_t *iv_ptr;\n-\tstruct rte_crypto_sym_op *sym_op = op->sym;\n-\tstruct rte_mbuf *m_src = sym_op->m_src;\n-\tuint32_t offset, data_offset, data_length;\n-\tuint32_t part_len, data_len;\n-\tint total_len;\n-\tuint8_t *tag;\n-\tunsigned int oop = 0;\n-\n-\toffset = sym_op->aead.data.offset;\n-\tdata_offset = offset;\n-\tdata_length = sym_op->aead.data.length;\n-\tRTE_ASSERT(m_src != NULL);\n-\n-\twhile (offset >= m_src->data_len && data_length != 0) {\n-\t\toffset -= m_src->data_len;\n-\t\tm_src = m_src->next;\n-\n-\t\tRTE_ASSERT(m_src != NULL);\n-\t}\n-\n-\tsrc = rte_pktmbuf_mtod_offset(m_src, uint8_t *, offset);\n-\n-\tdata_len = m_src->data_len - offset;\n-\tpart_len = (data_len < data_length) ? data_len :\n-\t\t\tdata_length;\n-\n-\t/* In-place */\n-\tif (sym_op->m_dst == NULL || (sym_op->m_dst == sym_op->m_src))\n-\t\tdst = src;\n-\t/* Out-of-place */\n-\telse {\n-\t\toop = 1;\n-\t\t/* Segmented destination buffer is not supported\n-\t\t * if operation is Out-of-place\n-\t\t */\n-\t\tRTE_ASSERT(rte_pktmbuf_is_contiguous(sym_op->m_dst));\n-\t\tdst = rte_pktmbuf_mtod_offset(sym_op->m_dst, uint8_t *,\n-\t\t\t\t\tdata_offset);\n-\t}\n-\n-\tiv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,\n-\t\t\t\tsession->iv.offset);\n-\n-\tIMB_CHACHA20_POLY1305_INIT(qp->mb_mgr, session->key,\n-\t\t\t\t&qp_data->chacha20_poly1305_ctx_data,\n-\t\t\t\tiv_ptr,\tsym_op->aead.aad.data,\n-\t\t\t\t(uint64_t)session->aad_length);\n-\n-\tif (session->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT) {\n-\t\tIMB_CHACHA20_POLY1305_ENC_UPDATE(qp->mb_mgr,\n-\t\t\t\tsession->key,\n-\t\t\t\t&qp_data->chacha20_poly1305_ctx_data,\n-\t\t\t\tdst, src, (uint64_t)part_len);\n-\t\ttotal_len = data_length - part_len;\n-\n-\t\twhile (total_len) {\n-\t\t\tm_src = m_src->next;\n-\t\t\tRTE_ASSERT(m_src != NULL);\n-\n-\t\t\tsrc = rte_pktmbuf_mtod(m_src, uint8_t *);\n-\t\t\tif (oop)\n-\t\t\t\tdst += part_len;\n-\t\t\telse\n-\t\t\t\tdst = src;\n-\t\t\tpart_len = (m_src->data_len < total_len) ?\n-\t\t\t\t\tm_src->data_len : total_len;\n-\n-\t\t\tif (dst == NULL || src == NULL) {\n-\t\t\t\tIPSEC_MB_LOG(ERR, \"Invalid src or dst input\");\n-\t\t\t\treturn -EINVAL;\n-\t\t\t}\n-\t\t\tIMB_CHACHA20_POLY1305_ENC_UPDATE(qp->mb_mgr,\n-\t\t\t\t\tsession->key,\n-\t\t\t\t\t&qp_data->chacha20_poly1305_ctx_data,\n-\t\t\t\t\tdst, src, (uint64_t)part_len);\n-\t\t\ttotal_len -= part_len;\n-\t\t\tif (total_len < 0) {\n-\t\t\t\tIPSEC_MB_LOG(ERR, \"Invalid part len\");\n-\t\t\t\treturn -EINVAL;\n-\t\t\t}\n-\t\t}\n-\n-\t\ttag = sym_op->aead.digest.data;\n-\t\tIMB_CHACHA20_POLY1305_ENC_FINALIZE(qp->mb_mgr,\n-\t\t\t\t\t&qp_data->chacha20_poly1305_ctx_data,\n-\t\t\t\t\ttag, session->gen_digest_length);\n-\n-\t} else {\n-\t\tIMB_CHACHA20_POLY1305_DEC_UPDATE(qp->mb_mgr,\n-\t\t\t\t\tsession->key,\n-\t\t\t\t\t&qp_data->chacha20_poly1305_ctx_data,\n-\t\t\t\t\tdst, src, (uint64_t)part_len);\n-\n-\t\ttotal_len = data_length - part_len;\n-\n-\t\twhile (total_len) {\n-\t\t\tm_src = m_src->next;\n-\n-\t\t\tRTE_ASSERT(m_src != NULL);\n-\n-\t\t\tsrc = rte_pktmbuf_mtod(m_src, uint8_t *);\n-\t\t\tif (oop)\n-\t\t\t\tdst += part_len;\n-\t\t\telse\n-\t\t\t\tdst = src;\n-\t\t\tpart_len = (m_src->data_len < total_len) ?\n-\t\t\t\t\tm_src->data_len : total_len;\n-\n-\t\t\tif (dst == NULL || src == NULL) {\n-\t\t\t\tIPSEC_MB_LOG(ERR, \"Invalid src or dst input\");\n-\t\t\t\treturn -EINVAL;\n-\t\t\t}\n-\t\t\tIMB_CHACHA20_POLY1305_DEC_UPDATE(qp->mb_mgr,\n-\t\t\t\t\tsession->key,\n-\t\t\t\t\t&qp_data->chacha20_poly1305_ctx_data,\n-\t\t\t\t\tdst, src, (uint64_t)part_len);\n-\t\t\ttotal_len -= part_len;\n-\t\t\tif (total_len < 0) {\n-\t\t\t\tIPSEC_MB_LOG(ERR, \"Invalid part len\");\n-\t\t\t\treturn -EINVAL;\n-\t\t\t}\n-\t\t}\n-\n-\t\ttag = qp_data->temp_digest;\n-\t\tIMB_CHACHA20_POLY1305_DEC_FINALIZE(qp->mb_mgr,\n-\t\t\t\t\t&qp_data->chacha20_poly1305_ctx_data,\n-\t\t\t\t\ttag, session->gen_digest_length);\n-\t}\n-\n-\treturn 0;\n-}\n-\n-/**\n- * Process a completed chacha poly op\n- *\n- * @param qp\t\tQueue Pair to process\n- * @param op\t\tCrypto operation\n- * @param sess\t\tCrypto session\n- *\n- * @return\n- * - void\n- */\n-static void\n-post_process_chacha20_poly1305_crypto_op(struct ipsec_mb_qp *qp,\n-\t\tstruct rte_crypto_op *op,\n-\t\tstruct chacha20_poly1305_session *session)\n-{\n-\tstruct chacha20_poly1305_qp_data *qp_data =\n-\t\t\t\t\tipsec_mb_get_qp_private_data(qp);\n-\n-\top->status = RTE_CRYPTO_OP_STATUS_SUCCESS;\n-\t/* Verify digest if required */\n-\tif (session->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT ||\n-\t\t\tsession->op == IPSEC_MB_OP_HASH_VERIFY_ONLY) {\n-\t\tuint8_t *digest = op->sym->aead.digest.data;\n-\t\tuint8_t *tag = qp_data->temp_digest;\n-\n-#ifdef RTE_LIBRTE_PMD_CHACHA20_POLY1305_DEBUG\n-\t\trte_hexdump(stdout, \"auth tag (orig):\",\n-\t\t\t\tdigest, session->req_digest_length);\n-\t\trte_hexdump(stdout, \"auth tag (calc):\",\n-\t\t\t\ttag, session->req_digest_length);\n-#endif\n-\t\tif (memcmp(tag, digest,\tsession->req_digest_length) != 0)\n-\t\t\top->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;\n-\n-\t}\n-\n-}\n-\n-/**\n- * Process a completed Chacha20_poly1305 request\n- *\n- * @param qp\t\tQueue Pair to process\n- * @param op\t\tCrypto operation\n- * @param sess\t\tCrypto session\n- *\n- * @return\n- * - void\n- */\n-static void\n-handle_completed_chacha20_poly1305_crypto_op(struct ipsec_mb_qp *qp,\n-\t\tstruct rte_crypto_op *op,\n-\t\tstruct chacha20_poly1305_session *sess)\n-{\n-\tpost_process_chacha20_poly1305_crypto_op(qp, op, sess);\n-\n-\t/* Free session if a session-less crypto op */\n-\tif (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {\n-\t\tmemset(sess, 0, sizeof(struct chacha20_poly1305_session));\n-\t\trte_mempool_put(qp->sess_mp, op->sym->session);\n-\t\top->sym->session = NULL;\n-\t}\n-}\n-\n-static uint16_t\n-chacha20_poly1305_pmd_dequeue_burst(void *queue_pair,\n-\t\tstruct rte_crypto_op **ops, uint16_t nb_ops)\n-{\n-\tstruct chacha20_poly1305_session *sess;\n-\tstruct ipsec_mb_qp *qp = queue_pair;\n-\n-\tint retval = 0;\n-\tunsigned int i = 0, nb_dequeued;\n-\n-\tnb_dequeued = rte_ring_dequeue_burst(qp->ingress_queue,\n-\t\t\t(void **)ops, nb_ops, NULL);\n-\n-\tfor (i = 0; i < nb_dequeued; i++) {\n-\n-\t\tsess = ipsec_mb_get_session_private(qp, ops[i]);\n-\t\tif (unlikely(sess == NULL)) {\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tqp->stats.dequeue_err_count++;\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\tretval = chacha20_poly1305_crypto_op(qp, ops[i], sess);\n-\t\tif (retval < 0) {\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tqp->stats.dequeue_err_count++;\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\thandle_completed_chacha20_poly1305_crypto_op(qp, ops[i], sess);\n-\t}\n-\n-\tqp->stats.dequeued_count += i;\n-\n-\treturn i;\n-}\n+#include \"pmd_aesni_mb_priv.h\"\n \n struct rte_cryptodev_ops chacha20_poly1305_pmd_ops = {\n \t.dev_configure = ipsec_mb_config,\n@@ -384,7 +57,7 @@ RTE_INIT(ipsec_mb_register_chacha20_poly1305)\n \t\t= &ipsec_mb_pmds[IPSEC_MB_PMD_TYPE_CHACHA20_POLY1305];\n \n \tchacha_poly_data->caps = chacha20_poly1305_capabilities;\n-\tchacha_poly_data->dequeue_burst = chacha20_poly1305_pmd_dequeue_burst;\n+\tchacha_poly_data->dequeue_burst = aesni_mb_dequeue_burst;\n \tchacha_poly_data->feature_flags =\n \t\tRTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |\n \t\tRTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |\n@@ -398,7 +71,7 @@ RTE_INIT(ipsec_mb_register_chacha20_poly1305)\n \tchacha_poly_data->qp_priv_size =\n \t\t\tsizeof(struct chacha20_poly1305_qp_data);\n \tchacha_poly_data->session_configure =\n-\t\t\tchacha20_poly1305_session_configure;\n+\t\t\taesni_mb_session_configure;\n \tchacha_poly_data->session_priv_size =\n-\t\t\tsizeof(struct chacha20_poly1305_session);\n+\t\t\tsizeof(struct aesni_mb_session);\n }\ndiff --git a/drivers/crypto/ipsec_mb/pmd_chacha_poly_priv.h b/drivers/crypto/ipsec_mb/pmd_chacha_poly_priv.h\nindex 842f62f5d1..5b04c2edeb 100644\n--- a/drivers/crypto/ipsec_mb/pmd_chacha_poly_priv.h\n+++ b/drivers/crypto/ipsec_mb/pmd_chacha_poly_priv.h\n@@ -7,9 +7,7 @@\n \n #include \"ipsec_mb_private.h\"\n \n-#define CHACHA20_POLY1305_IV_LENGTH 12\n #define CHACHA20_POLY1305_DIGEST_LENGTH 16\n-#define CHACHA20_POLY1305_KEY_SIZE 32\n \n static const\n struct rte_cryptodev_capabilities chacha20_poly1305_capabilities[] = {\n@@ -45,23 +43,6 @@ struct rte_cryptodev_capabilities chacha20_poly1305_capabilities[] = {\n \n uint8_t pmd_driver_id_chacha20_poly1305;\n \n-/** CHACHA20 POLY1305 private session structure */\n-struct chacha20_poly1305_session {\n-\tstruct {\n-\t\tuint16_t length;\n-\t\tuint16_t offset;\n-\t} iv;\n-\t/**< IV parameters */\n-\tuint16_t aad_length;\n-\t/**< AAD length */\n-\tuint16_t req_digest_length;\n-\t/**< Requested digest length */\n-\tuint16_t gen_digest_length;\n-\t/**< Generated digest length */\n-\tuint8_t key[CHACHA20_POLY1305_KEY_SIZE];\n-\tenum ipsec_mb_operation op;\n-} __rte_cache_aligned;\n-\n struct chacha20_poly1305_qp_data {\n \tstruct chacha20_poly1305_context_data chacha20_poly1305_ctx_data;\n \tuint8_t temp_digest[CHACHA20_POLY1305_DIGEST_LENGTH];\ndiff --git a/drivers/crypto/ipsec_mb/pmd_kasumi.c b/drivers/crypto/ipsec_mb/pmd_kasumi.c\nindex 5db9c523cd..0c549f9459 100644\n--- a/drivers/crypto/ipsec_mb/pmd_kasumi.c\n+++ b/drivers/crypto/ipsec_mb/pmd_kasumi.c\n@@ -10,403 +10,7 @@\n #include <rte_malloc.h>\n \n #include \"pmd_kasumi_priv.h\"\n-\n-/** Parse crypto xform chain and set private session parameters. */\n-static int\n-kasumi_session_configure(IMB_MGR *mgr, void *priv_sess,\n-\t\t\t const struct rte_crypto_sym_xform *xform)\n-{\n-\tconst struct rte_crypto_sym_xform *auth_xform = NULL;\n-\tconst struct rte_crypto_sym_xform *cipher_xform = NULL;\n-\tenum ipsec_mb_operation mode;\n-\tstruct kasumi_session *sess = (struct kasumi_session *)priv_sess;\n-\t/* Select Crypto operation - hash then cipher / cipher then hash */\n-\tint ret = ipsec_mb_parse_xform(xform, &mode, &auth_xform,\n-\t\t\t\t&cipher_xform, NULL);\n-\n-\tif (ret)\n-\t\treturn ret;\n-\n-\tif (cipher_xform) {\n-\t\t/* Only KASUMI F8 supported */\n-\t\tif (cipher_xform->cipher.algo != RTE_CRYPTO_CIPHER_KASUMI_F8) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Unsupported cipher algorithm \");\n-\t\t\treturn -ENOTSUP;\n-\t\t}\n-\n-\t\tsess->cipher_iv_offset = cipher_xform->cipher.iv.offset;\n-\t\tif (cipher_xform->cipher.iv.length != KASUMI_IV_LENGTH) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Wrong IV length\");\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\n-\t\t/* Initialize key */\n-\t\tIMB_KASUMI_INIT_F8_KEY_SCHED(mgr,\n-\t\t\t\t\t cipher_xform->cipher.key.data,\n-\t\t\t\t\t &sess->pKeySched_cipher);\n-\t}\n-\n-\tif (auth_xform) {\n-\t\t/* Only KASUMI F9 supported */\n-\t\tif (auth_xform->auth.algo != RTE_CRYPTO_AUTH_KASUMI_F9) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Unsupported authentication\");\n-\t\t\treturn -ENOTSUP;\n-\t\t}\n-\n-\t\tif (auth_xform->auth.digest_length != KASUMI_DIGEST_LENGTH) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Wrong digest length\");\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\n-\t\tsess->auth_op = auth_xform->auth.op;\n-\n-\t\t/* Initialize key */\n-\t\tIMB_KASUMI_INIT_F9_KEY_SCHED(mgr, auth_xform->auth.key.data,\n-\t\t\t\t\t &sess->pKeySched_hash);\n-\t}\n-\n-\tsess->op = mode;\n-\treturn ret;\n-}\n-\n-/** Encrypt/decrypt mbufs with same cipher key. */\n-static uint8_t\n-process_kasumi_cipher_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,\n-\t\t\t struct kasumi_session *session, uint8_t num_ops)\n-{\n-\tunsigned int i;\n-\tuint8_t processed_ops = 0;\n-\tconst void *src[num_ops];\n-\tvoid *dst[num_ops];\n-\tuint8_t *iv_ptr;\n-\tuint64_t iv[num_ops];\n-\tuint32_t num_bytes[num_ops];\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\tsrc[i] = rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *)\n-\t\t\t + (ops[i]->sym->cipher.data.offset >> 3);\n-\t\tdst[i] = ops[i]->sym->m_dst\n-\t\t\t ? rte_pktmbuf_mtod(ops[i]->sym->m_dst, uint8_t *)\n-\t\t\t\t + (ops[i]->sym->cipher.data.offset >> 3)\n-\t\t\t : rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *)\n-\t\t\t\t + (ops[i]->sym->cipher.data.offset >> 3);\n-\t\tiv_ptr = rte_crypto_op_ctod_offset(ops[i], uint8_t *,\n-\t\t\t\t\t\t session->cipher_iv_offset);\n-\t\tiv[i] = *((uint64_t *)(iv_ptr));\n-\t\tnum_bytes[i] = ops[i]->sym->cipher.data.length >> 3;\n-\n-\t\tprocessed_ops++;\n-\t}\n-\n-\tif (processed_ops != 0)\n-\t\tIMB_KASUMI_F8_N_BUFFER(qp->mb_mgr, &session->pKeySched_cipher,\n-\t\t\t\t\tiv, src, dst, num_bytes,\n-\t\t\t\t\tprocessed_ops);\n-\n-\treturn processed_ops;\n-}\n-\n-/** Encrypt/decrypt mbuf (bit level function). */\n-static uint8_t\n-process_kasumi_cipher_op_bit(struct ipsec_mb_qp *qp, struct rte_crypto_op *op,\n-\t\t\t struct kasumi_session *session)\n-{\n-\tuint8_t *src, *dst;\n-\tuint8_t *iv_ptr;\n-\tuint64_t iv;\n-\tuint32_t length_in_bits, offset_in_bits;\n-\n-\toffset_in_bits = op->sym->cipher.data.offset;\n-\tsrc = rte_pktmbuf_mtod(op->sym->m_src, uint8_t *);\n-\tif (op->sym->m_dst == NULL)\n-\t\tdst = src;\n-\telse\n-\t\tdst = rte_pktmbuf_mtod(op->sym->m_dst, uint8_t *);\n-\tiv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,\n-\t\t\t\t\t session->cipher_iv_offset);\n-\tiv = *((uint64_t *)(iv_ptr));\n-\tlength_in_bits = op->sym->cipher.data.length;\n-\n-\tIMB_KASUMI_F8_1_BUFFER_BIT(qp->mb_mgr, &session->pKeySched_cipher, iv,\n-\t\t\t\t src, dst, length_in_bits, offset_in_bits);\n-\n-\treturn 1;\n-}\n-\n-/** Generate/verify hash from mbufs with same hash key. */\n-static int\n-process_kasumi_hash_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,\n-\t\t\tstruct kasumi_session *session, uint8_t num_ops)\n-{\n-\tunsigned int i;\n-\tuint8_t processed_ops = 0;\n-\tuint8_t *src, *dst;\n-\tuint32_t length_in_bits;\n-\tuint32_t num_bytes;\n-\tstruct kasumi_qp_data *qp_data = ipsec_mb_get_qp_private_data(qp);\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\t/* Data must be byte aligned */\n-\t\tif ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tIPSEC_MB_LOG(ERR, \"Invalid Offset\");\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\tlength_in_bits = ops[i]->sym->auth.data.length;\n-\n-\t\tsrc = rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *)\n-\t\t + (ops[i]->sym->auth.data.offset >> 3);\n-\t\t/* Direction from next bit after end of message */\n-\t\tnum_bytes = length_in_bits >> 3;\n-\n-\t\tif (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {\n-\t\t\tdst = qp_data->temp_digest;\n-\t\t\tIMB_KASUMI_F9_1_BUFFER(qp->mb_mgr,\n-\t\t\t\t\t\t&session->pKeySched_hash, src,\n-\t\t\t\t\t\tnum_bytes, dst);\n-\n-\t\t\t/* Verify digest. */\n-\t\t\tif (memcmp(dst, ops[i]->sym->auth.digest.data,\n-\t\t\t\t KASUMI_DIGEST_LENGTH)\n-\t\t\t != 0)\n-\t\t\t\tops[i]->status\n-\t\t\t\t = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;\n-\t\t} else {\n-\t\t\tdst = ops[i]->sym->auth.digest.data;\n-\n-\t\t\tIMB_KASUMI_F9_1_BUFFER(qp->mb_mgr,\n-\t\t\t\t\t\t&session->pKeySched_hash, src,\n-\t\t\t\t\t\tnum_bytes, dst);\n-\t\t}\n-\t\tprocessed_ops++;\n-\t}\n-\n-\treturn processed_ops;\n-}\n-\n-/** Process a batch of crypto ops which shares the same session. */\n-static int\n-process_ops(struct rte_crypto_op **ops, struct kasumi_session *session,\n-\t\tstruct ipsec_mb_qp *qp, uint8_t num_ops)\n-{\n-\tunsigned int i;\n-\tunsigned int processed_ops;\n-\n-\tswitch (session->op) {\n-\tcase IPSEC_MB_OP_ENCRYPT_ONLY:\n-\tcase IPSEC_MB_OP_DECRYPT_ONLY:\n-\t\tprocessed_ops\n-\t\t = process_kasumi_cipher_op(qp, ops, session, num_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_HASH_GEN_ONLY:\n-\tcase IPSEC_MB_OP_HASH_VERIFY_ONLY:\n-\t\tprocessed_ops\n-\t\t = process_kasumi_hash_op(qp, ops, session, num_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN:\n-\tcase IPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY:\n-\t\tprocessed_ops\n-\t\t = process_kasumi_cipher_op(qp, ops, session, num_ops);\n-\t\tprocess_kasumi_hash_op(qp, ops, session, processed_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT:\n-\tcase IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT:\n-\t\tprocessed_ops\n-\t\t = process_kasumi_hash_op(qp, ops, session, num_ops);\n-\t\tprocess_kasumi_cipher_op(qp, ops, session, processed_ops);\n-\t\tbreak;\n-\tdefault:\n-\t\t/* Operation not supported. */\n-\t\tprocessed_ops = 0;\n-\t}\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\t/*\n-\t\t * If there was no error/authentication failure,\n-\t\t * change status to successful.\n-\t\t */\n-\t\tif (ops[i]->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS;\n-\t\t/* Free session if a session-less crypto op. */\n-\t\tif (ops[i]->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {\n-\t\t\tmemset(session, 0, sizeof(struct kasumi_session));\n-\t\t\trte_mempool_put(qp->sess_mp, ops[i]->sym->session);\n-\t\t\tops[i]->sym->session = NULL;\n-\t\t}\n-\t}\n-\treturn processed_ops;\n-}\n-\n-/** Process a crypto op with length/offset in bits. */\n-static int\n-process_op_bit(struct rte_crypto_op *op, struct kasumi_session *session,\n-\t\tstruct ipsec_mb_qp *qp)\n-{\n-\tunsigned int processed_op;\n-\n-\tswitch (session->op) {\n-\t\t/* case KASUMI_OP_ONLY_CIPHER: */\n-\tcase IPSEC_MB_OP_ENCRYPT_ONLY:\n-\tcase IPSEC_MB_OP_DECRYPT_ONLY:\n-\t\tprocessed_op = process_kasumi_cipher_op_bit(qp, op, session);\n-\t\tbreak;\n-\t/* case KASUMI_OP_ONLY_AUTH: */\n-\tcase IPSEC_MB_OP_HASH_GEN_ONLY:\n-\tcase IPSEC_MB_OP_HASH_VERIFY_ONLY:\n-\t\tprocessed_op = process_kasumi_hash_op(qp, &op, session, 1);\n-\t\tbreak;\n-\t/* case KASUMI_OP_CIPHER_AUTH: */\n-\tcase IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN:\n-\t\tprocessed_op = process_kasumi_cipher_op_bit(qp, op, session);\n-\t\tif (processed_op == 1)\n-\t\t\tprocess_kasumi_hash_op(qp, &op, session, 1);\n-\t\tbreak;\n-\t/* case KASUMI_OP_AUTH_CIPHER: */\n-\tcase IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT:\n-\t\tprocessed_op = process_kasumi_hash_op(qp, &op, session, 1);\n-\t\tif (processed_op == 1)\n-\t\t\tprocess_kasumi_cipher_op_bit(qp, op, session);\n-\t\tbreak;\n-\tdefault:\n-\t\t/* Operation not supported. */\n-\t\tprocessed_op = 0;\n-\t}\n-\n-\t/*\n-\t * If there was no error/authentication failure,\n-\t * change status to successful.\n-\t */\n-\tif (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)\n-\t\top->status = RTE_CRYPTO_OP_STATUS_SUCCESS;\n-\n-\t/* Free session if a session-less crypto op. */\n-\tif (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {\n-\t\tmemset(CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session), 0,\n-\t\t\tsizeof(struct kasumi_session));\n-\t\trte_mempool_put(qp->sess_mp, (void *)op->sym->session);\n-\t\top->sym->session = NULL;\n-\t}\n-\treturn processed_op;\n-}\n-\n-static uint16_t\n-kasumi_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,\n-\t\t\t uint16_t nb_ops)\n-{\n-\tstruct rte_crypto_op *c_ops[nb_ops];\n-\tstruct rte_crypto_op *curr_c_op = NULL;\n-\n-\tstruct kasumi_session *prev_sess = NULL, *curr_sess = NULL;\n-\tstruct ipsec_mb_qp *qp = queue_pair;\n-\tunsigned int i;\n-\tuint8_t burst_size = 0;\n-\tuint8_t processed_ops;\n-\tunsigned int nb_dequeued;\n-\n-\tnb_dequeued = rte_ring_dequeue_burst(qp->ingress_queue,\n-\t\t\t\t\t (void **)ops, nb_ops, NULL);\n-\tfor (i = 0; i < nb_dequeued; i++) {\n-\t\tcurr_c_op = ops[i];\n-\n-#ifdef RTE_LIBRTE_PMD_KASUMI_DEBUG\n-\t\tif (!rte_pktmbuf_is_contiguous(curr_c_op->sym->m_src)\n-\t\t || (curr_c_op->sym->m_dst != NULL\n-\t\t\t&& !rte_pktmbuf_is_contiguous(\n-\t\t\t curr_c_op->sym->m_dst))) {\n-\t\t\tIPSEC_MB_LOG(ERR,\n-\t\t\t\t \"PMD supports only contiguous mbufs, op (%p) provides noncontiguous mbuf as source/destination buffer.\",\n-\t\t\t\t curr_c_op);\n-\t\t\tcurr_c_op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tbreak;\n-\t\t}\n-#endif\n-\n-\t\t/* Set status as enqueued (not processed yet) by default. */\n-\t\tcurr_c_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;\n-\n-\t\tcurr_sess = (struct kasumi_session *)\n-\t\t\tipsec_mb_get_session_private(qp, curr_c_op);\n-\t\tif (unlikely(curr_sess == NULL\n-\t\t\t || curr_sess->op == IPSEC_MB_OP_NOT_SUPPORTED)) {\n-\t\t\tcurr_c_op->status\n-\t\t\t = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\t/* If length/offset is at bit-level, process this buffer alone.\n-\t\t */\n-\t\tif (((curr_c_op->sym->cipher.data.length % BYTE_LEN) != 0)\n-\t\t || ((ops[i]->sym->cipher.data.offset % BYTE_LEN) != 0)) {\n-\t\t\t/* Process the ops of the previous session. */\n-\t\t\tif (prev_sess != NULL) {\n-\t\t\t\tprocessed_ops = process_ops(c_ops, prev_sess,\n-\t\t\t\t\t\tqp, burst_size);\n-\t\t\t\tif (processed_ops < burst_size) {\n-\t\t\t\t\tburst_size = 0;\n-\t\t\t\t\tbreak;\n-\t\t\t\t}\n-\n-\t\t\t\tburst_size = 0;\n-\t\t\t\tprev_sess = NULL;\n-\t\t\t}\n-\n-\t\t\tprocessed_ops = process_op_bit(curr_c_op,\n-\t\t\t\t\tcurr_sess, qp);\n-\t\t\tif (processed_ops != 1)\n-\t\t\t\tbreak;\n-\n-\t\t\tcontinue;\n-\t\t}\n-\n-\t\t/* Batch ops that share the same session. */\n-\t\tif (prev_sess == NULL) {\n-\t\t\tprev_sess = curr_sess;\n-\t\t\tc_ops[burst_size++] = curr_c_op;\n-\t\t} else if (curr_sess == prev_sess) {\n-\t\t\tc_ops[burst_size++] = curr_c_op;\n-\t\t\t/*\n-\t\t\t * When there are enough ops to process in a batch,\n-\t\t\t * process them, and start a new batch.\n-\t\t\t */\n-\t\t\tif (burst_size == KASUMI_MAX_BURST) {\n-\t\t\t\tprocessed_ops = process_ops(c_ops, prev_sess,\n-\t\t\t\t\t\tqp, burst_size);\n-\t\t\t\tif (processed_ops < burst_size) {\n-\t\t\t\t\tburst_size = 0;\n-\t\t\t\t\tbreak;\n-\t\t\t\t}\n-\n-\t\t\t\tburst_size = 0;\n-\t\t\t\tprev_sess = NULL;\n-\t\t\t}\n-\t\t} else {\n-\t\t\t/*\n-\t\t\t * Different session, process the ops\n-\t\t\t * of the previous session.\n-\t\t\t */\n-\t\t\tprocessed_ops = process_ops(c_ops, prev_sess, qp,\n-\t\t\t\t\tburst_size);\n-\t\t\tif (processed_ops < burst_size) {\n-\t\t\t\tburst_size = 0;\n-\t\t\t\tbreak;\n-\t\t\t}\n-\n-\t\t\tburst_size = 0;\n-\t\t\tprev_sess = curr_sess;\n-\n-\t\t\tc_ops[burst_size++] = curr_c_op;\n-\t\t}\n-\t}\n-\n-\tif (burst_size != 0) {\n-\t\t/* Process the crypto ops of the last session. */\n-\t\tprocessed_ops = process_ops(c_ops, prev_sess, qp, burst_size);\n-\t}\n-\n-\tqp->stats.dequeued_count += i;\n-\treturn i;\n-}\n+#include \"pmd_aesni_mb_priv.h\"\n \n struct rte_cryptodev_ops kasumi_pmd_ops = {\n \t.dev_configure = ipsec_mb_config,\n@@ -457,7 +61,7 @@ RTE_INIT(ipsec_mb_register_kasumi)\n \t = &ipsec_mb_pmds[IPSEC_MB_PMD_TYPE_KASUMI];\n \n \tkasumi_data->caps = kasumi_capabilities;\n-\tkasumi_data->dequeue_burst = kasumi_pmd_dequeue_burst;\n+\tkasumi_data->dequeue_burst = aesni_mb_dequeue_burst;\n \tkasumi_data->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO\n \t\t\t\t| RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING\n \t\t\t\t| RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA\n@@ -467,6 +71,6 @@ RTE_INIT(ipsec_mb_register_kasumi)\n \tkasumi_data->internals_priv_size = 0;\n \tkasumi_data->ops = &kasumi_pmd_ops;\n \tkasumi_data->qp_priv_size = sizeof(struct kasumi_qp_data);\n-\tkasumi_data->session_configure = kasumi_session_configure;\n-\tkasumi_data->session_priv_size = sizeof(struct kasumi_session);\n+\tkasumi_data->session_configure = aesni_mb_session_configure;\n+\tkasumi_data->session_priv_size = sizeof(struct aesni_mb_session);\n }\ndiff --git a/drivers/crypto/ipsec_mb/pmd_kasumi_priv.h b/drivers/crypto/ipsec_mb/pmd_kasumi_priv.h\nindex 8db1d1cc5b..fc962115ff 100644\n--- a/drivers/crypto/ipsec_mb/pmd_kasumi_priv.h\n+++ b/drivers/crypto/ipsec_mb/pmd_kasumi_priv.h\n@@ -9,8 +9,6 @@\n \n #define KASUMI_KEY_LENGTH 16\n #define KASUMI_IV_LENGTH 8\n-#define KASUMI_MAX_BURST 4\n-#define BYTE_LEN 8\n #define KASUMI_DIGEST_LENGTH 4\n \n uint8_t pmd_driver_id_kasumi;\n@@ -60,16 +58,6 @@ static const struct rte_cryptodev_capabilities kasumi_capabilities[] = {\n \tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n };\n \n-/** KASUMI private session structure */\n-struct kasumi_session {\n-\t/* Keys have to be 16-byte aligned */\n-\tkasumi_key_sched_t pKeySched_cipher;\n-\tkasumi_key_sched_t pKeySched_hash;\n-\tenum ipsec_mb_operation op;\n-\tenum rte_crypto_auth_operation auth_op;\n-\tuint16_t cipher_iv_offset;\n-} __rte_cache_aligned;\n-\n struct kasumi_qp_data {\n \tuint8_t temp_digest[KASUMI_DIGEST_LENGTH];\n \t/* *< Buffers used to store the digest generated\ndiff --git a/drivers/crypto/ipsec_mb/pmd_snow3g.c b/drivers/crypto/ipsec_mb/pmd_snow3g.c\nindex e64df1a462..92ec955baa 100644\n--- a/drivers/crypto/ipsec_mb/pmd_snow3g.c\n+++ b/drivers/crypto/ipsec_mb/pmd_snow3g.c\n@@ -3,539 +3,7 @@\n */\n \n #include \"pmd_snow3g_priv.h\"\n-\n-/** Parse crypto xform chain and set private session parameters. */\n-static int\n-snow3g_session_configure(IMB_MGR *mgr, void *priv_sess,\n-\t\tconst struct rte_crypto_sym_xform *xform)\n-{\n-\tstruct snow3g_session *sess = (struct snow3g_session *)priv_sess;\n-\tconst struct rte_crypto_sym_xform *auth_xform = NULL;\n-\tconst struct rte_crypto_sym_xform *cipher_xform = NULL;\n-\tenum ipsec_mb_operation mode;\n-\n-\t/* Select Crypto operation - hash then cipher / cipher then hash */\n-\tint ret = ipsec_mb_parse_xform(xform, &mode, &auth_xform,\n-\t\t\t\t&cipher_xform, NULL);\n-\tif (ret)\n-\t\treturn ret;\n-\n-\tif (cipher_xform) {\n-\t\t/* Only SNOW 3G UEA2 supported */\n-\t\tif (cipher_xform->cipher.algo != RTE_CRYPTO_CIPHER_SNOW3G_UEA2)\n-\t\t\treturn -ENOTSUP;\n-\n-\t\tif (cipher_xform->cipher.iv.length != SNOW3G_IV_LENGTH) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Wrong IV length\");\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\t\tif (cipher_xform->cipher.key.length > SNOW3G_MAX_KEY_SIZE) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Not enough memory to store the key\");\n-\t\t\treturn -ENOMEM;\n-\t\t}\n-\n-\t\tsess->cipher_iv_offset = cipher_xform->cipher.iv.offset;\n-\n-\t\t/* Initialize key */\n-\t\tIMB_SNOW3G_INIT_KEY_SCHED(mgr, cipher_xform->cipher.key.data,\n-\t\t\t\t\t&sess->pKeySched_cipher);\n-\t}\n-\n-\tif (auth_xform) {\n-\t\t/* Only SNOW 3G UIA2 supported */\n-\t\tif (auth_xform->auth.algo != RTE_CRYPTO_AUTH_SNOW3G_UIA2)\n-\t\t\treturn -ENOTSUP;\n-\n-\t\tif (auth_xform->auth.digest_length != SNOW3G_DIGEST_LENGTH) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Wrong digest length\");\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\t\tif (auth_xform->auth.key.length > SNOW3G_MAX_KEY_SIZE) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Not enough memory to store the key\");\n-\t\t\treturn -ENOMEM;\n-\t\t}\n-\n-\t\tsess->auth_op = auth_xform->auth.op;\n-\n-\t\tif (auth_xform->auth.iv.length != SNOW3G_IV_LENGTH) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Wrong IV length\");\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\t\tsess->auth_iv_offset = auth_xform->auth.iv.offset;\n-\n-\t\t/* Initialize key */\n-\t\tIMB_SNOW3G_INIT_KEY_SCHED(mgr, auth_xform->auth.key.data,\n-\t\t\t\t\t&sess->pKeySched_hash);\n-\t}\n-\n-\tsess->op = mode;\n-\n-\treturn 0;\n-}\n-\n-/** Check if conditions are met for digest-appended operations */\n-static uint8_t *\n-snow3g_digest_appended_in_src(struct rte_crypto_op *op)\n-{\n-\tunsigned int auth_size, cipher_size;\n-\n-\tauth_size = (op->sym->auth.data.offset >> 3) +\n-\t\t(op->sym->auth.data.length >> 3);\n-\tcipher_size = (op->sym->cipher.data.offset >> 3) +\n-\t\t(op->sym->cipher.data.length >> 3);\n-\n-\tif (auth_size < cipher_size)\n-\t\treturn rte_pktmbuf_mtod_offset(op->sym->m_src,\n-\t\t\t\tuint8_t *, auth_size);\n-\n-\treturn NULL;\n-}\n-\n-/** Encrypt/decrypt mbufs with same cipher key. */\n-static uint8_t\n-process_snow3g_cipher_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,\n-\t\tstruct snow3g_session *session,\n-\t\tuint8_t num_ops)\n-{\n-\tuint32_t i;\n-\tuint8_t processed_ops = 0;\n-\tconst void *src[SNOW3G_MAX_BURST] = {NULL};\n-\tvoid *dst[SNOW3G_MAX_BURST] = {NULL};\n-\tuint8_t *digest_appended[SNOW3G_MAX_BURST] = {NULL};\n-\tconst void *iv[SNOW3G_MAX_BURST] = {NULL};\n-\tuint32_t num_bytes[SNOW3G_MAX_BURST] = {0};\n-\tuint32_t cipher_off, cipher_len;\n-\tint unencrypted_bytes = 0;\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\n-\t\tcipher_off = ops[i]->sym->cipher.data.offset >> 3;\n-\t\tcipher_len = ops[i]->sym->cipher.data.length >> 3;\n-\t\tsrc[i] = rte_pktmbuf_mtod_offset(\n-\t\t\tops[i]->sym->m_src,\tuint8_t *, cipher_off);\n-\n-\t\t/* If out-of-place operation */\n-\t\tif (ops[i]->sym->m_dst &&\n-\t\t\tops[i]->sym->m_src != ops[i]->sym->m_dst) {\n-\t\t\tdst[i] = rte_pktmbuf_mtod_offset(\n-\t\t\t\tops[i]->sym->m_dst, uint8_t *, cipher_off);\n-\n-\t\t\t/* In case of out-of-place, auth-cipher operation\n-\t\t\t * with partial encryption of the digest, copy\n-\t\t\t * the remaining, unencrypted part.\n-\t\t\t */\n-\t\t\tif (session->op == IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT\n-\t\t\t || session->op == IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT)\n-\t\t\t\tunencrypted_bytes =\n-\t\t\t\t\t(ops[i]->sym->auth.data.offset >> 3) +\n-\t\t\t\t\t(ops[i]->sym->auth.data.length >> 3) +\n-\t\t\t\t\t(SNOW3G_DIGEST_LENGTH) -\n-\t\t\t\t\tcipher_off - cipher_len;\n-\t\t\tif (unencrypted_bytes > 0)\n-\t\t\t\trte_memcpy(\n-\t\t\t\t\trte_pktmbuf_mtod_offset(\n-\t\t\t\t\t\tops[i]->sym->m_dst, uint8_t *,\n-\t\t\t\t\t\tcipher_off + cipher_len),\n-\t\t\t\t\trte_pktmbuf_mtod_offset(\n-\t\t\t\t\t\tops[i]->sym->m_src, uint8_t *,\n-\t\t\t\t\t\tcipher_off + cipher_len),\n-\t\t\t\t\tunencrypted_bytes);\n-\t\t} else\n-\t\t\tdst[i] = rte_pktmbuf_mtod_offset(ops[i]->sym->m_src,\n-\t\t\t\t\t\tuint8_t *, cipher_off);\n-\n-\t\tiv[i] = rte_crypto_op_ctod_offset(ops[i], uint8_t *,\n-\t\t\t\tsession->cipher_iv_offset);\n-\t\tnum_bytes[i] = cipher_len;\n-\t\tprocessed_ops++;\n-\t}\n-\n-\tIMB_SNOW3G_F8_N_BUFFER(qp->mb_mgr, &session->pKeySched_cipher, iv,\n-\t\t\tsrc, dst, num_bytes, processed_ops);\n-\n-\t/* Take care of the raw digest data in src buffer */\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\tif ((session->op == IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT ||\n-\t\t\tsession->op == IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT) &&\n-\t\t\t\tops[i]->sym->m_dst != NULL) {\n-\t\t\tdigest_appended[i] =\n-\t\t\t\tsnow3g_digest_appended_in_src(ops[i]);\n-\t\t\t/* Clear unencrypted digest from\n-\t\t\t * the src buffer\n-\t\t\t */\n-\t\t\tif (digest_appended[i] != NULL)\n-\t\t\t\tmemset(digest_appended[i],\n-\t\t\t\t\t0, SNOW3G_DIGEST_LENGTH);\n-\t\t}\n-\t}\n-\treturn processed_ops;\n-}\n-\n-/** Encrypt/decrypt mbuf (bit level function). */\n-static uint8_t\n-process_snow3g_cipher_op_bit(struct ipsec_mb_qp *qp,\n-\t\tstruct rte_crypto_op *op,\n-\t\tstruct snow3g_session *session)\n-{\n-\tuint8_t *src, *dst;\n-\tuint8_t *iv;\n-\tuint32_t length_in_bits, offset_in_bits;\n-\tint unencrypted_bytes = 0;\n-\n-\toffset_in_bits = op->sym->cipher.data.offset;\n-\tsrc = rte_pktmbuf_mtod(op->sym->m_src, uint8_t *);\n-\tif (op->sym->m_dst == NULL) {\n-\t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\tIPSEC_MB_LOG(ERR, \"bit-level in-place not supported\\n\");\n-\t\treturn 0;\n-\t}\n-\tlength_in_bits = op->sym->cipher.data.length;\n-\tdst = rte_pktmbuf_mtod(op->sym->m_dst, uint8_t *);\n-\t/* In case of out-of-place, auth-cipher operation\n-\t * with partial encryption of the digest, copy\n-\t * the remaining, unencrypted part.\n-\t */\n-\tif (session->op == IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT ||\n-\t\tsession->op == IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT)\n-\t\tunencrypted_bytes =\n-\t\t\t(op->sym->auth.data.offset >> 3) +\n-\t\t\t(op->sym->auth.data.length >> 3) +\n-\t\t\t(SNOW3G_DIGEST_LENGTH) -\n-\t\t\t(offset_in_bits >> 3) -\n-\t\t\t(length_in_bits >> 3);\n-\tif (unencrypted_bytes > 0)\n-\t\trte_memcpy(\n-\t\t\trte_pktmbuf_mtod_offset(\n-\t\t\t\top->sym->m_dst, uint8_t *,\n-\t\t\t\t(length_in_bits >> 3)),\n-\t\t\trte_pktmbuf_mtod_offset(\n-\t\t\t\top->sym->m_src, uint8_t *,\n-\t\t\t\t(length_in_bits >> 3)),\n-\t\t\t\tunencrypted_bytes);\n-\n-\tiv = rte_crypto_op_ctod_offset(op, uint8_t *,\n-\t\t\t\tsession->cipher_iv_offset);\n-\n-\tIMB_SNOW3G_F8_1_BUFFER_BIT(qp->mb_mgr, &session->pKeySched_cipher, iv,\n-\t\t\tsrc, dst, length_in_bits, offset_in_bits);\n-\n-\treturn 1;\n-}\n-\n-/** Generate/verify hash from mbufs with same hash key. */\n-static int\n-process_snow3g_hash_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,\n-\t\tstruct snow3g_session *session,\n-\t\tuint8_t num_ops)\n-{\n-\tuint32_t i;\n-\tuint8_t processed_ops = 0;\n-\tuint8_t *src, *dst;\n-\tuint32_t length_in_bits;\n-\tuint8_t *iv;\n-\tuint8_t digest_appended = 0;\n-\tstruct snow3g_qp_data *qp_data = ipsec_mb_get_qp_private_data(qp);\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\t/* Data must be byte aligned */\n-\t\tif ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tIPSEC_MB_LOG(ERR, \"Offset\");\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\tdst = NULL;\n-\n-\t\tlength_in_bits = ops[i]->sym->auth.data.length;\n-\n-\t\tsrc = rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *) +\n-\t\t\t\t(ops[i]->sym->auth.data.offset >> 3);\n-\t\tiv = rte_crypto_op_ctod_offset(ops[i], uint8_t *,\n-\t\t\t\tsession->auth_iv_offset);\n-\n-\t\tif (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {\n-\t\t\tdst = qp_data->temp_digest;\n-\t\t\t /* Handle auth cipher verify oop case*/\n-\t\t\tif ((session->op ==\n-\t\t\t\tIPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN ||\n-\t\t\t\tsession->op ==\n-\t\t\t\tIPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY) &&\n-\t\t\t\tops[i]->sym->m_dst != NULL)\n-\t\t\t\tsrc = rte_pktmbuf_mtod_offset(\n-\t\t\t\t\tops[i]->sym->m_dst, uint8_t *,\n-\t\t\t\t\tops[i]->sym->auth.data.offset >> 3);\n-\n-\t\t\tIMB_SNOW3G_F9_1_BUFFER(qp->mb_mgr,\n-\t\t\t\t\t&session->pKeySched_hash,\n-\t\t\t\t\tiv, src, length_in_bits, dst);\n-\t\t\t/* Verify digest. */\n-\t\t\tif (memcmp(dst, ops[i]->sym->auth.digest.data,\n-\t\t\t\t\tSNOW3G_DIGEST_LENGTH) != 0)\n-\t\t\t\tops[i]->status =\n-\t\t\t\t\tRTE_CRYPTO_OP_STATUS_AUTH_FAILED;\n-\t\t} else {\n-\t\t\tif (session->op ==\n-\t\t\t\tIPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT ||\n-\t\t\t\tsession->op ==\n-\t\t\t\tIPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT)\n-\t\t\t\tdst = snow3g_digest_appended_in_src(ops[i]);\n-\n-\t\t\tif (dst != NULL)\n-\t\t\t\tdigest_appended = 1;\n-\t\t\telse\n-\t\t\t\tdst = ops[i]->sym->auth.digest.data;\n-\n-\t\t\tIMB_SNOW3G_F9_1_BUFFER(qp->mb_mgr,\n-\t\t\t\t\t&session->pKeySched_hash,\n-\t\t\t\t\tiv, src, length_in_bits, dst);\n-\n-\t\t\t/* Copy back digest from src to auth.digest.data */\n-\t\t\tif (digest_appended)\n-\t\t\t\trte_memcpy(ops[i]->sym->auth.digest.data,\n-\t\t\t\t\tdst, SNOW3G_DIGEST_LENGTH);\n-\t\t}\n-\t\tprocessed_ops++;\n-\t}\n-\n-\treturn processed_ops;\n-}\n-\n-/** Process a batch of crypto ops which shares the same session. */\n-static int\n-process_ops(struct rte_crypto_op **ops, struct snow3g_session *session,\n-\t\tstruct ipsec_mb_qp *qp, uint8_t num_ops)\n-{\n-\tuint32_t i;\n-\tuint32_t processed_ops;\n-\n-#ifdef RTE_LIBRTE_PMD_SNOW3G_DEBUG\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\tif (!rte_pktmbuf_is_contiguous(ops[i]->sym->m_src) ||\n-\t\t\t\t(ops[i]->sym->m_dst != NULL &&\n-\t\t\t\t!rte_pktmbuf_is_contiguous(\n-\t\t\t\t\t\tops[i]->sym->m_dst))) {\n-\t\t\tIPSEC_MB_LOG(ERR,\n-\t\t\t\t\"PMD supports only contiguous mbufs, \"\n-\t\t\t\t\"op (%p) provides noncontiguous mbuf as \"\n-\t\t\t\t\"source/destination buffer.\\n\", ops[i]);\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\treturn 0;\n-\t\t}\n-\t}\n-#endif\n-\n-\tswitch (session->op) {\n-\tcase IPSEC_MB_OP_ENCRYPT_ONLY:\n-\tcase IPSEC_MB_OP_DECRYPT_ONLY:\n-\t\tprocessed_ops = process_snow3g_cipher_op(qp, ops,\n-\t\t\t\tsession, num_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_HASH_GEN_ONLY:\n-\tcase IPSEC_MB_OP_HASH_VERIFY_ONLY:\n-\t\tprocessed_ops = process_snow3g_hash_op(qp, ops, session,\n-\t\t\t\tnum_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN:\n-\tcase IPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY:\n-\t\tprocessed_ops = process_snow3g_cipher_op(qp, ops, session,\n-\t\t\t\tnum_ops);\n-\t\tprocess_snow3g_hash_op(qp, ops, session, processed_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT:\n-\tcase IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT:\n-\t\tprocessed_ops = process_snow3g_hash_op(qp, ops, session,\n-\t\t\t\tnum_ops);\n-\t\tprocess_snow3g_cipher_op(qp, ops, session, processed_ops);\n-\t\tbreak;\n-\tdefault:\n-\t\t/* Operation not supported. */\n-\t\tprocessed_ops = 0;\n-\t}\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\t/*\n-\t\t * If there was no error/authentication failure,\n-\t\t * change status to successful.\n-\t\t */\n-\t\tif (ops[i]->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS;\n-\t\t/* Free session if a session-less crypto op. */\n-\t\tif (ops[i]->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {\n-\t\t\tmemset(session, 0, sizeof(struct snow3g_session));\n-\t\t\trte_mempool_put(qp->sess_mp, ops[i]->sym->session);\n-\t\t\tops[i]->sym->session = NULL;\n-\t\t}\n-\t}\n-\treturn processed_ops;\n-}\n-\n-/** Process a crypto op with length/offset in bits. */\n-static int\n-process_op_bit(struct rte_crypto_op *op, struct snow3g_session *session,\n-\t\tstruct ipsec_mb_qp *qp)\n-{\n-\tunsigned int processed_op;\n-\tint ret;\n-\n-\tswitch (session->op) {\n-\tcase IPSEC_MB_OP_ENCRYPT_ONLY:\n-\tcase IPSEC_MB_OP_DECRYPT_ONLY:\n-\n-\t\tprocessed_op = process_snow3g_cipher_op_bit(qp, op,\n-\t\t\t\tsession);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_HASH_GEN_ONLY:\n-\tcase IPSEC_MB_OP_HASH_VERIFY_ONLY:\n-\t\tprocessed_op = process_snow3g_hash_op(qp, &op, session, 1);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN:\n-\tcase IPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY:\n-\t\tprocessed_op = process_snow3g_cipher_op_bit(qp, op, session);\n-\t\tif (processed_op == 1)\n-\t\t\tprocess_snow3g_hash_op(qp, &op, session, 1);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT:\n-\tcase IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT:\n-\t\tprocessed_op = process_snow3g_hash_op(qp, &op, session, 1);\n-\t\tif (processed_op == 1)\n-\t\t\tprocess_snow3g_cipher_op_bit(qp, op, session);\n-\t\tbreak;\n-\tdefault:\n-\t\t/* Operation not supported. */\n-\t\tprocessed_op = 0;\n-\t}\n-\n-\t/*\n-\t * If there was no error/authentication failure,\n-\t * change status to successful.\n-\t */\n-\tif (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)\n-\t\top->status = RTE_CRYPTO_OP_STATUS_SUCCESS;\n-\n-\t/* Free session if a session-less crypto op. */\n-\tif (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {\n-\t\tmemset(CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session), 0,\n-\t\t\tsizeof(struct snow3g_session));\n-\t\trte_mempool_put(qp->sess_mp, (void *)op->sym->session);\n-\t\top->sym->session = NULL;\n-\t}\n-\n-\tif (unlikely(processed_op != 1))\n-\t\treturn 0;\n-\n-\tret = rte_ring_enqueue(qp->ingress_queue, op);\n-\tif (ret != 0)\n-\t\treturn ret;\n-\n-\treturn 1;\n-}\n-\n-static uint16_t\n-snow3g_pmd_dequeue_burst(void *queue_pair,\n-\t\tstruct rte_crypto_op **ops, uint16_t nb_ops)\n-{\n-\tstruct ipsec_mb_qp *qp = queue_pair;\n-\tstruct rte_crypto_op *c_ops[SNOW3G_MAX_BURST];\n-\tstruct rte_crypto_op *curr_c_op;\n-\n-\tstruct snow3g_session *prev_sess = NULL, *curr_sess = NULL;\n-\tuint32_t i;\n-\tuint8_t burst_size = 0;\n-\tuint8_t processed_ops;\n-\tuint32_t nb_dequeued;\n-\n-\tnb_dequeued = rte_ring_dequeue_burst(qp->ingress_queue,\n-\t\t\t(void **)ops, nb_ops, NULL);\n-\n-\tfor (i = 0; i < nb_dequeued; i++) {\n-\t\tcurr_c_op = ops[i];\n-\n-\t\t/* Set status as enqueued (not processed yet) by default. */\n-\t\tcurr_c_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;\n-\n-\t\tcurr_sess = ipsec_mb_get_session_private(qp, curr_c_op);\n-\t\tif (unlikely(curr_sess == NULL ||\n-\t\t\t\tcurr_sess->op == IPSEC_MB_OP_NOT_SUPPORTED)) {\n-\t\t\tcurr_c_op->status =\n-\t\t\t\t\tRTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\t/* If length/offset is at bit-level,\n-\t\t * process this buffer alone.\n-\t\t */\n-\t\tif (((curr_c_op->sym->cipher.data.length % BYTE_LEN) != 0)\n-\t\t\t\t|| ((curr_c_op->sym->cipher.data.offset\n-\t\t\t\t\t% BYTE_LEN) != 0)) {\n-\t\t\t/* Process the ops of the previous session. */\n-\t\t\tif (prev_sess != NULL) {\n-\t\t\t\tprocessed_ops = process_ops(c_ops, prev_sess,\n-\t\t\t\t\t\tqp, burst_size);\n-\t\t\t\tif (processed_ops < burst_size) {\n-\t\t\t\t\tburst_size = 0;\n-\t\t\t\t\tbreak;\n-\t\t\t\t}\n-\n-\t\t\t\tburst_size = 0;\n-\t\t\t\tprev_sess = NULL;\n-\t\t\t}\n-\n-\t\t\tprocessed_ops = process_op_bit(curr_c_op, curr_sess, qp);\n-\t\t\tif (processed_ops != 1)\n-\t\t\t\tbreak;\n-\n-\t\t\tcontinue;\n-\t\t}\n-\n-\t\t/* Batch ops that share the same session. */\n-\t\tif (prev_sess == NULL) {\n-\t\t\tprev_sess = curr_sess;\n-\t\t\tc_ops[burst_size++] = curr_c_op;\n-\t\t} else if (curr_sess == prev_sess) {\n-\t\t\tc_ops[burst_size++] = curr_c_op;\n-\t\t\t/*\n-\t\t\t * When there are enough ops to process in a batch,\n-\t\t\t * process them, and start a new batch.\n-\t\t\t */\n-\t\t\tif (burst_size == SNOW3G_MAX_BURST) {\n-\t\t\t\tprocessed_ops = process_ops(c_ops, prev_sess,\n-\t\t\t\t\t\tqp, burst_size);\n-\t\t\t\tif (processed_ops < burst_size) {\n-\t\t\t\t\tburst_size = 0;\n-\t\t\t\t\tbreak;\n-\t\t\t\t}\n-\n-\t\t\t\tburst_size = 0;\n-\t\t\t\tprev_sess = NULL;\n-\t\t\t}\n-\t\t} else {\n-\t\t\t/*\n-\t\t\t * Different session, process the ops\n-\t\t\t * of the previous session.\n-\t\t\t */\n-\t\t\tprocessed_ops = process_ops(c_ops, prev_sess,\n-\t\t\t\t\tqp, burst_size);\n-\t\t\tif (processed_ops < burst_size) {\n-\t\t\t\tburst_size = 0;\n-\t\t\t\tbreak;\n-\t\t\t}\n-\n-\t\t\tburst_size = 0;\n-\t\t\tprev_sess = curr_sess;\n-\n-\t\t\tc_ops[burst_size++] = curr_c_op;\n-\t\t}\n-\t}\n-\n-\tif (burst_size != 0) {\n-\t\t/* Process the crypto ops of the last session. */\n-\t\tprocessed_ops = process_ops(c_ops, prev_sess,\n-\t\t\t\tqp, burst_size);\n-\t}\n-\n-\tqp->stats.dequeued_count += i;\n-\treturn i;\n-}\n+#include \"pmd_aesni_mb_priv.h\"\n \n struct rte_cryptodev_ops snow3g_pmd_ops = {\n \t.dev_configure = ipsec_mb_config,\n@@ -586,7 +54,7 @@ RTE_INIT(ipsec_mb_register_snow3g)\n \t\t= &ipsec_mb_pmds[IPSEC_MB_PMD_TYPE_SNOW3G];\n \n \tsnow3g_data->caps = snow3g_capabilities;\n-\tsnow3g_data->dequeue_burst = snow3g_pmd_dequeue_burst;\n+\tsnow3g_data->dequeue_burst = aesni_mb_dequeue_burst;\n \tsnow3g_data->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |\n \t\t\tRTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |\n \t\t\tRTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA |\n@@ -596,6 +64,6 @@ RTE_INIT(ipsec_mb_register_snow3g)\n \tsnow3g_data->internals_priv_size = 0;\n \tsnow3g_data->ops = &snow3g_pmd_ops;\n \tsnow3g_data->qp_priv_size = sizeof(struct snow3g_qp_data);\n-\tsnow3g_data->session_configure = snow3g_session_configure;\n-\tsnow3g_data->session_priv_size = sizeof(struct snow3g_session);\n+\tsnow3g_data->session_configure = aesni_mb_session_configure;\n+\tsnow3g_data->session_priv_size = sizeof(struct aesni_mb_session);\n }\ndiff --git a/drivers/crypto/ipsec_mb/pmd_snow3g_priv.h b/drivers/crypto/ipsec_mb/pmd_snow3g_priv.h\nindex ca1ce7f9d6..75c9a8e525 100644\n--- a/drivers/crypto/ipsec_mb/pmd_snow3g_priv.h\n+++ b/drivers/crypto/ipsec_mb/pmd_snow3g_priv.h\n@@ -8,10 +8,7 @@\n #include \"ipsec_mb_private.h\"\n \n #define SNOW3G_IV_LENGTH 16\n-#define SNOW3G_MAX_BURST 8\n-#define BYTE_LEN 8\n #define SNOW3G_DIGEST_LENGTH 4\n-#define SNOW3G_MAX_KEY_SIZE 128\n \n uint8_t pmd_driver_id_snow3g;\n \n@@ -64,16 +61,6 @@ static const struct rte_cryptodev_capabilities snow3g_capabilities[] = {\n \tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n };\n \n-/** SNOW 3G private session structure */\n-struct snow3g_session {\n-\tenum ipsec_mb_operation op;\n-\tenum rte_crypto_auth_operation auth_op;\n-\tsnow3g_key_schedule_t pKeySched_cipher;\n-\tsnow3g_key_schedule_t pKeySched_hash;\n-\tuint16_t cipher_iv_offset;\n-\tuint16_t auth_iv_offset;\n-} __rte_cache_aligned;\n-\n struct snow3g_qp_data {\n \tuint8_t temp_digest[SNOW3G_DIGEST_LENGTH];\n \t/**< Buffer used to store the digest generated\ndiff --git a/drivers/crypto/ipsec_mb/pmd_zuc.c b/drivers/crypto/ipsec_mb/pmd_zuc.c\nindex 92fd9d1808..a4eef57d62 100644\n--- a/drivers/crypto/ipsec_mb/pmd_zuc.c\n+++ b/drivers/crypto/ipsec_mb/pmd_zuc.c\n@@ -3,341 +3,7 @@\n */\n \n #include \"pmd_zuc_priv.h\"\n-\n-/** Parse crypto xform chain and set private session parameters. */\n-static int\n-zuc_session_configure(__rte_unused IMB_MGR * mgr, void *zuc_sess,\n-\t\tconst struct rte_crypto_sym_xform *xform)\n-{\n-\tstruct zuc_session *sess = (struct zuc_session *) zuc_sess;\n-\tconst struct rte_crypto_sym_xform *auth_xform = NULL;\n-\tconst struct rte_crypto_sym_xform *cipher_xform = NULL;\n-\tenum ipsec_mb_operation mode;\n-\t/* Select Crypto operation - hash then cipher / cipher then hash */\n-\tint ret = ipsec_mb_parse_xform(xform, &mode, &auth_xform,\n-\t\t\t\t&cipher_xform, NULL);\n-\n-\tif (ret)\n-\t\treturn ret;\n-\n-\tif (cipher_xform) {\n-\t\t/* Only ZUC EEA3 supported */\n-\t\tif (cipher_xform->cipher.algo != RTE_CRYPTO_CIPHER_ZUC_EEA3)\n-\t\t\treturn -ENOTSUP;\n-\n-\t\tif (cipher_xform->cipher.iv.length != ZUC_IV_KEY_LENGTH) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Wrong IV length\");\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\t\tsess->cipher_iv_offset = cipher_xform->cipher.iv.offset;\n-\n-\t\t/* Copy the key */\n-\t\tmemcpy(sess->pKey_cipher, cipher_xform->cipher.key.data,\n-\t\t\t\tZUC_IV_KEY_LENGTH);\n-\t}\n-\n-\tif (auth_xform) {\n-\t\t/* Only ZUC EIA3 supported */\n-\t\tif (auth_xform->auth.algo != RTE_CRYPTO_AUTH_ZUC_EIA3)\n-\t\t\treturn -ENOTSUP;\n-\n-\t\tif (auth_xform->auth.digest_length != ZUC_DIGEST_LENGTH) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Wrong digest length\");\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\n-\t\tsess->auth_op = auth_xform->auth.op;\n-\n-\t\tif (auth_xform->auth.iv.length != ZUC_IV_KEY_LENGTH) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"Wrong IV length\");\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\t\tsess->auth_iv_offset = auth_xform->auth.iv.offset;\n-\n-\t\t/* Copy the key */\n-\t\tmemcpy(sess->pKey_hash, auth_xform->auth.key.data,\n-\t\t\t\tZUC_IV_KEY_LENGTH);\n-\t}\n-\n-\tsess->op = mode;\n-\treturn 0;\n-}\n-\n-/** Encrypt/decrypt mbufs. */\n-static uint8_t\n-process_zuc_cipher_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,\n-\t\tstruct zuc_session **sessions,\n-\t\tuint8_t num_ops)\n-{\n-\tunsigned int i;\n-\tuint8_t processed_ops = 0;\n-\tconst void *src[ZUC_MAX_BURST];\n-\tvoid *dst[ZUC_MAX_BURST];\n-\tconst void *iv[ZUC_MAX_BURST];\n-\tuint32_t num_bytes[ZUC_MAX_BURST];\n-\tconst void *cipher_keys[ZUC_MAX_BURST];\n-\tstruct zuc_session *sess;\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\tif (((ops[i]->sym->cipher.data.length % BYTE_LEN) != 0)\n-\t\t\t\t|| ((ops[i]->sym->cipher.data.offset\n-\t\t\t\t\t% BYTE_LEN) != 0)) {\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tIPSEC_MB_LOG(ERR, \"Data Length or offset\");\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\tsess = sessions[i];\n-\n-#ifdef RTE_LIBRTE_PMD_ZUC_DEBUG\n-\t\tif (!rte_pktmbuf_is_contiguous(ops[i]->sym->m_src) ||\n-\t\t\t\t(ops[i]->sym->m_dst != NULL &&\n-\t\t\t\t!rte_pktmbuf_is_contiguous(\n-\t\t\t\t\t\tops[i]->sym->m_dst))) {\n-\t\t\tIPSEC_MB_LOG(ERR, \"PMD supports only \"\n-\t\t\t\t\" contiguous mbufs, op (%p) \"\n-\t\t\t\t\"provides noncontiguous mbuf \"\n-\t\t\t\t\"as source/destination buffer.\\n\",\n-\t\t\t\t\"PMD supports only contiguous mbufs, \"\n-\t\t\t\t\"op (%p) provides noncontiguous mbuf \"\n-\t\t\t\t\"as source/destination buffer.\\n\",\n-\t\t\t\tops[i]);\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tbreak;\n-\t\t}\n-#endif\n-\n-\t\tsrc[i] = rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *) +\n-\t\t\t\t(ops[i]->sym->cipher.data.offset >> 3);\n-\t\tdst[i] = ops[i]->sym->m_dst ?\n-\t\t\trte_pktmbuf_mtod(ops[i]->sym->m_dst, uint8_t *) +\n-\t\t\t\t(ops[i]->sym->cipher.data.offset >> 3) :\n-\t\t\trte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *) +\n-\t\t\t\t(ops[i]->sym->cipher.data.offset >> 3);\n-\t\tiv[i] = rte_crypto_op_ctod_offset(ops[i], uint8_t *,\n-\t\t\t\tsess->cipher_iv_offset);\n-\t\tnum_bytes[i] = ops[i]->sym->cipher.data.length >> 3;\n-\n-\t\tcipher_keys[i] = sess->pKey_cipher;\n-\n-\t\tprocessed_ops++;\n-\t}\n-\n-\tIMB_ZUC_EEA3_N_BUFFER(qp->mb_mgr, (const void **)cipher_keys,\n-\t\t\t(const void **)iv, (const void **)src, (void **)dst,\n-\t\t\tnum_bytes, processed_ops);\n-\n-\treturn processed_ops;\n-}\n-\n-/** Generate/verify hash from mbufs. */\n-static int\n-process_zuc_hash_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,\n-\t\tstruct zuc_session **sessions,\n-\t\tuint8_t num_ops)\n-{\n-\tunsigned int i;\n-\tuint8_t processed_ops = 0;\n-\tuint8_t *src[ZUC_MAX_BURST] = { 0 };\n-\tuint32_t *dst[ZUC_MAX_BURST];\n-\tuint32_t length_in_bits[ZUC_MAX_BURST] = { 0 };\n-\tuint8_t *iv[ZUC_MAX_BURST] = { 0 };\n-\tconst void *hash_keys[ZUC_MAX_BURST] = { 0 };\n-\tstruct zuc_session *sess;\n-\tstruct zuc_qp_data *qp_data = ipsec_mb_get_qp_private_data(qp);\n-\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\t/* Data must be byte aligned */\n-\t\tif ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n-\t\t\tIPSEC_MB_LOG(ERR, \"Offset\");\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\tsess = sessions[i];\n-\n-\t\tlength_in_bits[i] = ops[i]->sym->auth.data.length;\n-\n-\t\tsrc[i] = rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *) +\n-\t\t\t\t(ops[i]->sym->auth.data.offset >> 3);\n-\t\tiv[i] = rte_crypto_op_ctod_offset(ops[i], uint8_t *,\n-\t\t\t\tsess->auth_iv_offset);\n-\n-\t\thash_keys[i] = sess->pKey_hash;\n-\t\tif (sess->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY)\n-\t\t\tdst[i] = (uint32_t *)qp_data->temp_digest[i];\n-\t\telse\n-\t\t\tdst[i] = (uint32_t *)ops[i]->sym->auth.digest.data;\n-\n-\t\tprocessed_ops++;\n-\t}\n-\n-\tIMB_ZUC_EIA3_N_BUFFER(qp->mb_mgr, (const void **)hash_keys,\n-\t\t\t(const void * const *)iv, (const void * const *)src,\n-\t\t\tlength_in_bits, dst, processed_ops);\n-\n-\t/*\n-\t * If tag needs to be verified, compare generated tag\n-\t * with attached tag\n-\t */\n-\tfor (i = 0; i < processed_ops; i++)\n-\t\tif (sessions[i]->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY)\n-\t\t\tif (memcmp(dst[i], ops[i]->sym->auth.digest.data,\n-\t\t\t\t\tZUC_DIGEST_LENGTH) != 0)\n-\t\t\t\tops[i]->status =\n-\t\t\t\t\tRTE_CRYPTO_OP_STATUS_AUTH_FAILED;\n-\n-\treturn processed_ops;\n-}\n-\n-/** Process a batch of crypto ops which shares the same operation type. */\n-static int\n-process_ops(struct rte_crypto_op **ops, enum ipsec_mb_operation op_type,\n-\t\tstruct zuc_session **sessions,\n-\t\tstruct ipsec_mb_qp *qp, uint8_t num_ops)\n-{\n-\tunsigned int i;\n-\tunsigned int processed_ops = 0;\n-\n-\tswitch (op_type) {\n-\tcase IPSEC_MB_OP_ENCRYPT_ONLY:\n-\tcase IPSEC_MB_OP_DECRYPT_ONLY:\n-\t\tprocessed_ops = process_zuc_cipher_op(qp, ops,\n-\t\t\t\tsessions, num_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_HASH_GEN_ONLY:\n-\tcase IPSEC_MB_OP_HASH_VERIFY_ONLY:\n-\t\tprocessed_ops = process_zuc_hash_op(qp, ops, sessions,\n-\t\t\t\tnum_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN:\n-\tcase IPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY:\n-\t\tprocessed_ops = process_zuc_cipher_op(qp, ops, sessions,\n-\t\t\t\tnum_ops);\n-\t\tprocess_zuc_hash_op(qp, ops, sessions, processed_ops);\n-\t\tbreak;\n-\tcase IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT:\n-\tcase IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT:\n-\t\tprocessed_ops = process_zuc_hash_op(qp, ops, sessions,\n-\t\t\t\tnum_ops);\n-\t\tprocess_zuc_cipher_op(qp, ops, sessions, processed_ops);\n-\t\tbreak;\n-\tdefault:\n-\t\t/* Operation not supported. */\n-\t\tfor (i = 0; i < num_ops; i++)\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n-\t}\n-\n-\tfor (i = 0; i < num_ops; i++) {\n-\t\t/*\n-\t\t * If there was no error/authentication failure,\n-\t\t * change status to successful.\n-\t\t */\n-\t\tif (ops[i]->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)\n-\t\t\tops[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS;\n-\t\t/* Free session if a session-less crypto op. */\n-\t\tif (ops[i]->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {\n-\t\t\tmemset(sessions[i], 0, sizeof(struct zuc_session));\n-\t\t\trte_mempool_put(qp->sess_mp, ops[i]->sym->session);\n-\t\t\tops[i]->sym->session = NULL;\n-\t\t}\n-\t}\n-\treturn processed_ops;\n-}\n-\n-static uint16_t\n-zuc_pmd_dequeue_burst(void *queue_pair,\n-\t\tstruct rte_crypto_op **c_ops, uint16_t nb_ops)\n-{\n-\n-\tstruct rte_crypto_op *curr_c_op;\n-\n-\tstruct zuc_session *curr_sess;\n-\tstruct zuc_session *sessions[ZUC_MAX_BURST];\n-\tstruct rte_crypto_op *int_c_ops[ZUC_MAX_BURST];\n-\tenum ipsec_mb_operation prev_zuc_op = IPSEC_MB_OP_NOT_SUPPORTED;\n-\tenum ipsec_mb_operation curr_zuc_op;\n-\tstruct ipsec_mb_qp *qp = queue_pair;\n-\tunsigned int nb_dequeued;\n-\tunsigned int i;\n-\tuint8_t burst_size = 0;\n-\tuint8_t processed_ops;\n-\n-\tnb_dequeued = rte_ring_dequeue_burst(qp->ingress_queue,\n-\t\t\t(void **)c_ops, nb_ops, NULL);\n-\n-\n-\tfor (i = 0; i < nb_dequeued; i++) {\n-\t\tcurr_c_op = c_ops[i];\n-\n-\t\tcurr_sess = (struct zuc_session *)\n-\t\t\tipsec_mb_get_session_private(qp, curr_c_op);\n-\t\tif (unlikely(curr_sess == NULL)) {\n-\t\t\tcurr_c_op->status =\n-\t\t\t\t\tRTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n-\t\t\tbreak;\n-\t\t}\n-\n-\t\tcurr_zuc_op = curr_sess->op;\n-\n-\t\t/*\n-\t\t * Batch ops that share the same operation type\n-\t\t * (cipher only, auth only...).\n-\t\t */\n-\t\tif (burst_size == 0) {\n-\t\t\tprev_zuc_op = curr_zuc_op;\n-\t\t\tint_c_ops[0] = curr_c_op;\n-\t\t\tsessions[0] = curr_sess;\n-\t\t\tburst_size++;\n-\t\t} else if (curr_zuc_op == prev_zuc_op) {\n-\t\t\tint_c_ops[burst_size] = curr_c_op;\n-\t\t\tsessions[burst_size] = curr_sess;\n-\t\t\tburst_size++;\n-\t\t\t/*\n-\t\t\t * When there are enough ops to process in a batch,\n-\t\t\t * process them, and start a new batch.\n-\t\t\t */\n-\t\t\tif (burst_size == ZUC_MAX_BURST) {\n-\t\t\t\tprocessed_ops = process_ops(int_c_ops, curr_zuc_op,\n-\t\t\t\t\t\tsessions, qp, burst_size);\n-\t\t\t\tif (processed_ops < burst_size) {\n-\t\t\t\t\tburst_size = 0;\n-\t\t\t\t\tbreak;\n-\t\t\t\t}\n-\n-\t\t\t\tburst_size = 0;\n-\t\t\t}\n-\t\t} else {\n-\t\t\t/*\n-\t\t\t * Different operation type, process the ops\n-\t\t\t * of the previous type.\n-\t\t\t */\n-\t\t\tprocessed_ops = process_ops(int_c_ops, prev_zuc_op,\n-\t\t\t\t\tsessions, qp, burst_size);\n-\t\t\tif (processed_ops < burst_size) {\n-\t\t\t\tburst_size = 0;\n-\t\t\t\tbreak;\n-\t\t\t}\n-\n-\t\t\tburst_size = 0;\n-\t\t\tprev_zuc_op = curr_zuc_op;\n-\n-\t\t\tint_c_ops[0] = curr_c_op;\n-\t\t\tsessions[0] = curr_sess;\n-\t\t\tburst_size++;\n-\t\t}\n-\t}\n-\n-\tif (burst_size != 0) {\n-\t\t/* Process the crypto ops of the last operation type. */\n-\t\tprocessed_ops = process_ops(int_c_ops, prev_zuc_op,\n-\t\t\t\tsessions, qp, burst_size);\n-\t}\n-\n-\tqp->stats.dequeued_count += i;\n-\treturn i;\n-}\n+#include \"pmd_aesni_mb_priv.h\"\n \n struct rte_cryptodev_ops zuc_pmd_ops = {\n \t.dev_configure = ipsec_mb_config,\n@@ -388,7 +54,7 @@ RTE_INIT(ipsec_mb_register_zuc)\n \t = &ipsec_mb_pmds[IPSEC_MB_PMD_TYPE_ZUC];\n \n \tzuc_data->caps = zuc_capabilities;\n-\tzuc_data->dequeue_burst = zuc_pmd_dequeue_burst;\n+\tzuc_data->dequeue_burst = aesni_mb_dequeue_burst;\n \tzuc_data->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO\n \t\t\t| RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING\n \t\t\t| RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA\n@@ -398,6 +64,6 @@ RTE_INIT(ipsec_mb_register_zuc)\n \tzuc_data->internals_priv_size = 0;\n \tzuc_data->ops = &zuc_pmd_ops;\n \tzuc_data->qp_priv_size = sizeof(struct zuc_qp_data);\n-\tzuc_data->session_configure = zuc_session_configure;\n-\tzuc_data->session_priv_size = sizeof(struct zuc_session);\n+\tzuc_data->session_configure = aesni_mb_session_configure;\n+\tzuc_data->session_priv_size = sizeof(struct aesni_mb_session);\n }\ndiff --git a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h\nindex 76fd6758c2..2e6eebc409 100644\n--- a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h\n+++ b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h\n@@ -10,7 +10,6 @@\n #define ZUC_IV_KEY_LENGTH 16\n #define ZUC_DIGEST_LENGTH 4\n #define ZUC_MAX_BURST 16\n-#define BYTE_LEN 8\n \n uint8_t pmd_driver_id_zuc;\n \n@@ -63,16 +62,6 @@ static const struct rte_cryptodev_capabilities zuc_capabilities[] = {\n \tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n };\n \n-/** ZUC private session structure */\n-struct zuc_session {\n-\tenum ipsec_mb_operation op;\n-\tenum rte_crypto_auth_operation auth_op;\n-\tuint8_t pKey_cipher[ZUC_IV_KEY_LENGTH];\n-\tuint8_t pKey_hash[ZUC_IV_KEY_LENGTH];\n-\tuint16_t cipher_iv_offset;\n-\tuint16_t auth_iv_offset;\n-} __rte_cache_aligned;\n-\n struct zuc_qp_data {\n \n \tuint8_t temp_digest[ZUC_MAX_BURST][ZUC_DIGEST_LENGTH];\n", "prefixes": [ "v1" ] }