Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/44389/?format=api
{ "id": 44389, "url": "https://patches.dpdk.org/api/patches/44389/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/20180907104408.36469-2-roy.fan.zhang@intel.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20180907104408.36469-2-roy.fan.zhang@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20180907104408.36469-2-roy.fan.zhang@intel.com", "date": "2018-09-07T10:44:06", "name": "[1/3] crypto/aesni_mb: add aes-gcm algorithm support", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "b45ade5fe659424d0b50bf0ac208caf4ac01516e", "submitter": { "id": 304, "url": "https://patches.dpdk.org/api/people/304/?format=api", "name": "Fan Zhang", "email": "roy.fan.zhang@intel.com" }, "delegate": { "id": 6690, "url": "https://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "https://patches.dpdk.org/project/dpdk/patch/20180907104408.36469-2-roy.fan.zhang@intel.com/mbox/", "series": [ { "id": 1224, "url": "https://patches.dpdk.org/api/series/1224/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=1224", "date": "2018-09-07T10:44:05", "name": "crypto/aesni_mb: add aes-gcm support", "version": 1, "mbox": "https://patches.dpdk.org/series/1224/mbox/" } ], "comments": "https://patches.dpdk.org/api/patches/44389/comments/", "check": "success", "checks": "https://patches.dpdk.org/api/patches/44389/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@dpdk.org", "Delivered-To": "patchwork@dpdk.org", "Received": [ "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 25B3A4C8E;\n\tFri, 7 Sep 2018 12:58:16 +0200 (CEST)", "from mga02.intel.com (mga02.intel.com [134.134.136.20])\n\tby dpdk.org (Postfix) with ESMTP id 1444611A4\n\tfor <dev@dpdk.org>; Fri, 7 Sep 2018 12:58:12 +0200 (CEST)", "from fmsmga005.fm.intel.com ([10.253.24.32])\n\tby orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t07 Sep 2018 03:58:12 -0700", "from silpixa00398673.ir.intel.com (HELO\n\tsilpixa00398673.ger.corp.intel.com) ([10.237.223.54])\n\tby fmsmga005.fm.intel.com with ESMTP; 07 Sep 2018 03:58:11 -0700" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.53,342,1531810800\"; d=\"scan'208\";a=\"260657028\"", "From": "Fan Zhang <roy.fan.zhang@intel.com>", "To": "dev@dpdk.org", "Cc": "akhil.goyal@nxp.com", "Date": "Fri, 7 Sep 2018 11:44:06 +0100", "Message-Id": "<20180907104408.36469-2-roy.fan.zhang@intel.com>", "X-Mailer": "git-send-email 2.13.6", "In-Reply-To": "<20180907104408.36469-1-roy.fan.zhang@intel.com>", "References": "<20180907104408.36469-1-roy.fan.zhang@intel.com>", "Subject": "[dpdk-dev] [PATCH 1/3] crypto/aesni_mb: add aes-gcm algorithm\n\tsupport", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "This patch adds AES-GCM algorithm support to AESNI-MB PMD.\n\nSigned-off-by: Fan Zhang <roy.fan.zhang@intel.com>\n---\n drivers/crypto/aesni_mb/aesni_mb_ops.h | 28 +++-\n drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 159 +++++++++++++++------\n drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 30 ++++\n drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 3 +\n 4 files changed, 172 insertions(+), 48 deletions(-)", "diff": "diff --git a/drivers/crypto/aesni_mb/aesni_mb_ops.h b/drivers/crypto/aesni_mb/aesni_mb_ops.h\nindex 5a1cba6cb..7257e40aa 100644\n--- a/drivers/crypto/aesni_mb/aesni_mb_ops.h\n+++ b/drivers/crypto/aesni_mb/aesni_mb_ops.h\n@@ -39,6 +39,8 @@ typedef void (*aes_cmac_sub_key_gen_t)\n \t\t(const void *exp_key, void *k2, void *k3);\n typedef void (*aes_cmac_keyexp_t)\n \t\t(const void *key, void *keyexp);\n+typedef void (*aes_gcm_keyexp_t)\n+\t\t(const void *key, struct gcm_key_data *keyexp);\n \n /** Multi-buffer library function pointer table */\n struct aesni_mb_op_fns {\n@@ -86,6 +88,12 @@ struct aesni_mb_op_fns {\n \t\t\t/**< AES CMAC subkey expansions */\n \t\t\taes_cmac_keyexp_t aes_cmac_expkey;\n \t\t\t/**< AES CMAC key expansions */\n+\t\t\taes_gcm_keyexp_t aes_gcm_128;\n+\t\t\t/**< AES GCM 128 key expansions */\n+\t\t\taes_gcm_keyexp_t aes_gcm_192;\n+\t\t\t/**< AES GCM 192 key expansions */\n+\t\t\taes_gcm_keyexp_t aes_gcm_256;\n+\t\t\t/**< AES GCM 256 key expansions */\n \t\t} keyexp;\n \t\t/**< Key expansion functions */\n \t} aux;\n@@ -130,7 +138,10 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t\taes_keyexp_256_sse,\n \t\t\t\t\taes_xcbc_expand_key_sse,\n \t\t\t\t\taes_cmac_subkey_gen_sse,\n-\t\t\t\t\taes_keyexp_128_enc_sse\n+\t\t\t\t\taes_keyexp_128_enc_sse,\n+\t\t\t\t\taes_gcm_pre_128_sse,\n+\t\t\t\t\taes_gcm_pre_192_sse,\n+\t\t\t\t\taes_gcm_pre_256_sse\n \t\t\t\t}\n \t\t\t}\n \t\t},\n@@ -157,7 +168,10 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t\taes_keyexp_256_avx,\n \t\t\t\t\taes_xcbc_expand_key_avx,\n \t\t\t\t\taes_cmac_subkey_gen_avx,\n-\t\t\t\t\taes_keyexp_128_enc_avx\n+\t\t\t\t\taes_keyexp_128_enc_avx,\n+\t\t\t\t\taes_gcm_pre_128_avx_gen2,\n+\t\t\t\t\taes_gcm_pre_192_avx_gen2,\n+\t\t\t\t\taes_gcm_pre_256_avx_gen2\n \t\t\t\t}\n \t\t\t}\n \t\t},\n@@ -184,7 +198,10 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t\taes_keyexp_256_avx2,\n \t\t\t\t\taes_xcbc_expand_key_avx2,\n \t\t\t\t\taes_cmac_subkey_gen_avx2,\n-\t\t\t\t\taes_keyexp_128_enc_avx2\n+\t\t\t\t\taes_keyexp_128_enc_avx2,\n+\t\t\t\t\taes_gcm_pre_128_avx_gen4,\n+\t\t\t\t\taes_gcm_pre_192_avx_gen4,\n+\t\t\t\t\taes_gcm_pre_256_avx_gen4\n \t\t\t\t}\n \t\t\t}\n \t\t},\n@@ -211,7 +228,10 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t\taes_keyexp_256_avx512,\n \t\t\t\t\taes_xcbc_expand_key_avx512,\n \t\t\t\t\taes_cmac_subkey_gen_avx512,\n-\t\t\t\t\taes_keyexp_128_enc_avx512\n+\t\t\t\t\taes_keyexp_128_enc_avx512,\n+\t\t\t\t\taes_gcm_pre_128_avx_gen4,\n+\t\t\t\t\taes_gcm_pre_192_avx_gen4,\n+\t\t\t\t\taes_gcm_pre_256_avx_gen4\n \t\t\t\t}\n \t\t\t}\n \t\t}\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\nindex 93dc7a443..fe04ae48c 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n@@ -83,7 +83,8 @@ aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform)\n \t}\n \n \tif (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {\n-\t\tif (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM) {\n+\t\tif (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM ||\n+\t\t\t\txform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {\n \t\t\tif (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT)\n \t\t\t\treturn AESNI_MB_OP_AEAD_CIPHER_HASH;\n \t\t\telse\n@@ -330,7 +331,10 @@ aesni_mb_set_session_aead_parameters(const struct aesni_mb_op_fns *mb_ops,\n \t\tstruct aesni_mb_session *sess,\n \t\tconst struct rte_crypto_sym_xform *xform)\n {\n-\taes_keyexp_t aes_keyexp_fn;\n+\tunion {\n+\t\taes_keyexp_t aes_keyexp_fn;\n+\t\taes_gcm_keyexp_t aes_gcm_keyexp_fn;\n+\t} keyexp;\n \n \tswitch (xform->aead.op) {\n \tcase RTE_CRYPTO_AEAD_OP_ENCRYPT:\n@@ -350,7 +354,53 @@ aesni_mb_set_session_aead_parameters(const struct aesni_mb_op_fns *mb_ops,\n \tcase RTE_CRYPTO_AEAD_AES_CCM:\n \t\tsess->cipher.mode = CCM;\n \t\tsess->auth.algo = AES_CCM;\n+\n+\t\t/* Check key length and choose key expansion function for AES */\n+\t\tswitch (xform->aead.key.length) {\n+\t\tcase AES_128_BYTES:\n+\t\t\tsess->cipher.key_length_in_bytes = AES_128_BYTES;\n+\t\t\tkeyexp.aes_keyexp_fn = mb_ops->aux.keyexp.aes128;\n+\t\t\tbreak;\n+\t\tdefault:\n+\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\treturn -EINVAL;\n+\t\t}\n+\n+\t\t/* Expanded cipher keys */\n+\t\t(*keyexp.aes_keyexp_fn)(xform->aead.key.data,\n+\t\t\t\tsess->cipher.expanded_aes_keys.encode,\n+\t\t\t\tsess->cipher.expanded_aes_keys.decode);\n+\t\tbreak;\n+\n+\tcase RTE_CRYPTO_AEAD_AES_GCM:\n+\t\tsess->cipher.mode = GCM;\n+\t\tsess->auth.algo = AES_GMAC;\n+\n+\t\tswitch (xform->aead.key.length) {\n+\t\tcase AES_128_BYTES:\n+\t\t\tsess->cipher.key_length_in_bytes = AES_128_BYTES;\n+\t\t\tkeyexp.aes_gcm_keyexp_fn =\n+\t\t\t\t\tmb_ops->aux.keyexp.aes_gcm_128;\n+\t\t\tbreak;\n+\t\tcase AES_192_BYTES:\n+\t\t\tsess->cipher.key_length_in_bytes = AES_192_BYTES;\n+\t\t\tkeyexp.aes_gcm_keyexp_fn =\n+\t\t\t\t\tmb_ops->aux.keyexp.aes_gcm_192;\n+\t\t\tbreak;\n+\t\tcase AES_256_BYTES:\n+\t\t\tsess->cipher.key_length_in_bytes = AES_256_BYTES;\n+\t\t\tkeyexp.aes_gcm_keyexp_fn =\n+\t\t\t\t\tmb_ops->aux.keyexp.aes_gcm_256;\n+\t\t\tbreak;\n+\t\tdefault:\n+\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\treturn -EINVAL;\n+\t\t}\n+\n+\t\t(keyexp.aes_gcm_keyexp_fn)(xform->aead.key.data,\n+\t\t\t\t&sess->cipher.gcm_key);\n \t\tbreak;\n+\n \tdefault:\n \t\tAESNI_MB_LOG(ERR, \"Unsupported aead mode parameter\");\n \t\treturn -ENOTSUP;\n@@ -360,23 +410,6 @@ aesni_mb_set_session_aead_parameters(const struct aesni_mb_op_fns *mb_ops,\n \tsess->iv.offset = xform->aead.iv.offset;\n \tsess->iv.length = xform->aead.iv.length;\n \n-\t/* Check key length and choose key expansion function for AES */\n-\n-\tswitch (xform->aead.key.length) {\n-\tcase AES_128_BYTES:\n-\t\tsess->cipher.key_length_in_bytes = AES_128_BYTES;\n-\t\taes_keyexp_fn = mb_ops->aux.keyexp.aes128;\n-\t\tbreak;\n-\tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n-\t\treturn -EINVAL;\n-\t}\n-\n-\t/* Expanded cipher keys */\n-\t(*aes_keyexp_fn)(xform->aead.key.data,\n-\t\t\tsess->cipher.expanded_aes_keys.encode,\n-\t\t\tsess->cipher.expanded_aes_keys.decode);\n-\n \treturn 0;\n }\n \n@@ -573,38 +606,62 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \n \tjob->aes_key_len_in_bytes = session->cipher.key_length_in_bytes;\n \n-\tif (job->cipher_mode == DES3) {\n-\t\tjob->aes_enc_key_expanded =\n-\t\t\tsession->cipher.exp_3des_keys.ks_ptr;\n-\t\tjob->aes_dec_key_expanded =\n-\t\t\tsession->cipher.exp_3des_keys.ks_ptr;\n-\t} else {\n-\t\tjob->aes_enc_key_expanded =\n-\t\t\tsession->cipher.expanded_aes_keys.encode;\n-\t\tjob->aes_dec_key_expanded =\n-\t\t\tsession->cipher.expanded_aes_keys.decode;\n-\t}\n-\n-\n-\n-\n \t/* Set authentication parameters */\n \tjob->hash_alg = session->auth.algo;\n-\tif (job->hash_alg == AES_XCBC) {\n+\n+\tswitch (job->hash_alg) {\n+\tcase AES_XCBC:\n \t\tjob->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded;\n \t\tjob->u.XCBC._k2 = session->auth.xcbc.k2;\n \t\tjob->u.XCBC._k3 = session->auth.xcbc.k3;\n-\t} else if (job->hash_alg == AES_CCM) {\n+\n+\t\tjob->aes_enc_key_expanded =\n+\t\t\t\tsession->cipher.expanded_aes_keys.encode;\n+\t\tjob->aes_dec_key_expanded =\n+\t\t\t\tsession->cipher.expanded_aes_keys.decode;\n+\t\tbreak;\n+\n+\tcase AES_CCM:\n \t\tjob->u.CCM.aad = op->sym->aead.aad.data + 18;\n \t\tjob->u.CCM.aad_len_in_bytes = session->aead.aad_len;\n-\t} else if (job->hash_alg == AES_CMAC) {\n+\t\tjob->aes_enc_key_expanded =\n+\t\t\t\tsession->cipher.expanded_aes_keys.encode;\n+\t\tjob->aes_dec_key_expanded =\n+\t\t\t\tsession->cipher.expanded_aes_keys.decode;\n+\t\tbreak;\n+\n+\tcase AES_CMAC:\n \t\tjob->u.CMAC._key_expanded = session->auth.cmac.expkey;\n \t\tjob->u.CMAC._skey1 = session->auth.cmac.skey1;\n \t\tjob->u.CMAC._skey2 = session->auth.cmac.skey2;\n+\t\tjob->aes_enc_key_expanded =\n+\t\t\t\tsession->cipher.expanded_aes_keys.encode;\n+\t\tjob->aes_dec_key_expanded =\n+\t\t\t\tsession->cipher.expanded_aes_keys.decode;\n+\t\tbreak;\n \n-\t} else {\n+\tcase AES_GMAC:\n+\t\tjob->u.GCM.aad = op->sym->aead.aad.data;\n+\t\tjob->u.GCM.aad_len_in_bytes = session->aead.aad_len;\n+\t\tjob->aes_enc_key_expanded = &session->cipher.gcm_key;\n+\t\tjob->aes_dec_key_expanded = &session->cipher.gcm_key;\n+\t\tbreak;\n+\n+\tdefault:\n \t\tjob->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;\n \t\tjob->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;\n+\n+\t\tif (job->cipher_mode == DES3) {\n+\t\t\tjob->aes_enc_key_expanded =\n+\t\t\t\tsession->cipher.exp_3des_keys.ks_ptr;\n+\t\t\tjob->aes_dec_key_expanded =\n+\t\t\t\tsession->cipher.exp_3des_keys.ks_ptr;\n+\t\t} else {\n+\t\t\tjob->aes_enc_key_expanded =\n+\t\t\t\tsession->cipher.expanded_aes_keys.encode;\n+\t\t\tjob->aes_dec_key_expanded =\n+\t\t\t\tsession->cipher.expanded_aes_keys.decode;\n+\t\t}\n \t}\n \n \t/* Mutable crypto operation parameters */\n@@ -625,7 +682,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \t\t\t\trte_pktmbuf_data_len(op->sym->m_src));\n \t} else {\n \t\tm_dst = m_src;\n-\t\tif (job->hash_alg == AES_CCM)\n+\t\tif (job->hash_alg == AES_CCM || job->hash_alg == AES_GMAC)\n \t\t\tm_offset = op->sym->aead.data.offset;\n \t\telse\n \t\t\tm_offset = op->sym->cipher.data.offset;\n@@ -637,7 +694,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \t\tjob->auth_tag_output = qp->temp_digests[*digest_idx];\n \t\t*digest_idx = (*digest_idx + 1) % MAX_JOBS;\n \t} else {\n-\t\tif (job->hash_alg == AES_CCM)\n+\t\tif (job->hash_alg == AES_CCM || job->hash_alg == AES_GMAC)\n \t\t\tjob->auth_tag_output = op->sym->aead.digest.data;\n \t\telse\n \t\t\tjob->auth_tag_output = op->sym->auth.digest.data;\n@@ -647,7 +704,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \t * Multi-buffer library current only support returning a truncated\n \t * digest length as specified in the relevant IPsec RFCs\n \t */\n-\tif (job->hash_alg != AES_CCM && job->hash_alg != AES_CMAC)\n+\tif (job->hash_alg != AES_CCM && job->hash_alg != AES_CMAC &&\n+\t\t\tjob->hash_alg != AES_GMAC)\n \t\tjob->auth_tag_output_len_in_bytes =\n \t\t\t\tget_truncated_digest_byte_length(job->hash_alg);\n \telse\n@@ -662,7 +720,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \tjob->src = rte_pktmbuf_mtod(m_src, uint8_t *);\n \tjob->dst = rte_pktmbuf_mtod_offset(m_dst, uint8_t *, m_offset);\n \n-\tif (job->hash_alg == AES_CCM) {\n+\tswitch (job->hash_alg) {\n+\tcase AES_CCM:\n \t\tjob->cipher_start_src_offset_in_bytes =\n \t\t\t\top->sym->aead.data.offset;\n \t\tjob->msg_len_to_cipher_in_bytes = op->sym->aead.data.length;\n@@ -671,7 +730,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \n \t\tjob->iv = rte_crypto_op_ctod_offset(op, uint8_t *,\n \t\t\tsession->iv.offset + 1);\n-\t} else {\n+\t\tbreak;\n+\n+\tcase AES_GMAC:\n+\t\tjob->cipher_start_src_offset_in_bytes =\n+\t\t\t\top->sym->aead.data.offset;\n+\t\tjob->hash_start_src_offset_in_bytes = op->sym->aead.data.offset;\n+\t\tjob->msg_len_to_cipher_in_bytes = op->sym->aead.data.length;\n+\t\tjob->msg_len_to_hash_in_bytes = job->msg_len_to_cipher_in_bytes;\n+\t\tjob->iv = rte_crypto_op_ctod_offset(op, uint8_t *,\n+\t\t\t\tsession->iv.offset);\n+\t\tbreak;\n+\n+\tdefault:\n \t\tjob->cipher_start_src_offset_in_bytes =\n \t\t\t\top->sym->cipher.data.offset;\n \t\tjob->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;\n@@ -693,7 +764,7 @@ static inline void\n verify_digest(struct aesni_mb_qp *qp __rte_unused, JOB_AES_HMAC *job,\n \t\tstruct rte_crypto_op *op) {\n \t/* Verify digest if required */\n-\tif (job->hash_alg == AES_CCM) {\n+\tif (job->hash_alg == AES_CCM || job->hash_alg == AES_GMAC) {\n \t\tif (memcmp(job->auth_tag_output, op->sym->aead.digest.data,\n \t\t\t\tjob->auth_tag_output_len_in_bytes) != 0)\n \t\t\top->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\nindex ab26e5ae4..5a726bee3 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n@@ -330,6 +330,36 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t}, }\n \t\t}, }\n \t},\n+\t{\t/* AES GCM */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,\n+\t\t\t{.aead = {\n+\t\t\t\t.algo = RTE_CRYPTO_AEAD_AES_GCM,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 8\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 4\n+\t\t\t\t},\n+\t\t\t\t.aad_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 65535,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 12,\n+\t\t\t\t\t.max = 12,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n \tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n };\n \ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\nindex 70e9d18e5..24a943f2a 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\n@@ -91,6 +91,7 @@ static const unsigned auth_digest_byte_lengths[] = {\n \t\t[SHA_512]\t= 64,\n \t\t[AES_XCBC]\t= 16,\n \t\t[AES_CMAC]\t= 16,\n+\t\t[AES_GMAC]\t= 12,\n \t\t[NULL_HASH]\t\t= 0\n };\n \n@@ -180,6 +181,8 @@ struct aesni_mb_session {\n \t\t\t\tconst void *ks_ptr[3];\n \t\t\t\tuint64_t key[3][16];\n \t\t\t} exp_3des_keys;\n+\n+\t\t\tstruct gcm_key_data gcm_key;\n \t\t};\n \t\t/**< Expanded AES keys - Allocating space to\n \t\t * contain the maximum expanded key size which\n", "prefixes": [ "1/3" ] }