Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/94474/?format=api
{ "id": 94474, "url": "https://patches.dpdk.org/api/patches/94474/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/20210618121803.1189857-3-piotrx.bronowski@intel.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20210618121803.1189857-3-piotrx.bronowski@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20210618121803.1189857-3-piotrx.bronowski@intel.com", "date": "2021-06-18T12:17:58", "name": "[RFC,2/7] crypto/ipsec_mb: move aesni-mb PMD to ipsec_mb framework", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "9627eca83d849ad8a06351707958e6a72089e501", "submitter": { "id": 2261, "url": "https://patches.dpdk.org/api/people/2261/?format=api", "name": "Piotr Bronowski", "email": "piotrx.bronowski@intel.com" }, "delegate": { "id": 6690, "url": "https://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "https://patches.dpdk.org/project/dpdk/patch/20210618121803.1189857-3-piotrx.bronowski@intel.com/mbox/", "series": [ { "id": 17395, "url": "https://patches.dpdk.org/api/series/17395/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=17395", "date": "2021-06-18T12:17:56", "name": "crypto/ipsec_mb: introduce ipsec_mb framework", "version": 1, "mbox": "https://patches.dpdk.org/series/17395/mbox/" } ], "comments": "https://patches.dpdk.org/api/patches/94474/comments/", "check": "warning", "checks": "https://patches.dpdk.org/api/patches/94474/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 42EE7A0C46;\n\tFri, 18 Jun 2021 14:19:31 +0200 (CEST)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 2A92B40150;\n\tFri, 18 Jun 2021 14:19:31 +0200 (CEST)", "from mga07.intel.com (mga07.intel.com [134.134.136.100])\n by mails.dpdk.org (Postfix) with ESMTP id 8FA4140142\n for <dev@dpdk.org>; Fri, 18 Jun 2021 14:19:28 +0200 (CEST)", "from fmsmga001.fm.intel.com ([10.253.24.23])\n by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 18 Jun 2021 05:19:27 -0700", "from silpixa00400320.ir.intel.com ([10.237.214.214])\n by fmsmga001.fm.intel.com with ESMTP; 18 Jun 2021 05:19:23 -0700" ], "IronPort-SDR": [ "\n gqX2dnBt2ROQ1QZOujMI/2TpkmN8On8uBspQ026kQr73BLz9jfMhpP9nR3vf1vcJTBodOikk3n\n cYejYN810HzA==", "\n 9pSSpV9jEAxukIZ92/AG4MMtex9z2KNMvsgVAjNtqtJrxOse6OU3i7t+G/j4PAcrb81UYTAIqU\n 1sWaB1K0oczw==" ], "X-IronPort-AV": [ "E=McAfee;i=\"6200,9189,10018\"; a=\"270392050\"", "E=Sophos;i=\"5.83,283,1616482800\"; d=\"scan'208\";a=\"270392050\"", "E=Sophos;i=\"5.83,283,1616482800\"; d=\"scan'208\";a=\"555560483\"" ], "X-ExtLoop1": "1", "From": "pbronowx <piotrx.bronowski@intel.com>", "To": "dev@dpdk.org", "Cc": "roy.fan.zhang@intel.com, thomas@monjalon.net, gakhil@marvell.com,\n ferruh.yigit@intel.com, declan.doherty@intel.com,\n pbronowx <piotrx.bronowski@intel.com>", "Date": "Fri, 18 Jun 2021 12:17:58 +0000", "Message-Id": "<20210618121803.1189857-3-piotrx.bronowski@intel.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20210618121803.1189857-1-piotrx.bronowski@intel.com>", "References": "<20210618121803.1189857-1-piotrx.bronowski@intel.com>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Subject": "[dpdk-dev] [RFC 2/7] crypto/ipsec_mb: move aesni-mb PMD to ipsec_mb\n framework", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "This patch removes crypto/aesni_mb folder and gathers all aesni-mb PMD\nimplementation specific details into single file pmd_aesni_mb.c\nin crypto/ipsec_mb.\n\nSigned-off-by: pbronowx <piotrx.bronowski@intel.com>\n---\n .../crypto/aesni_mb/aesni_mb_pmd_private.h | 337 ----\n drivers/crypto/aesni_mb/meson.build | 25 -\n .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 1126 -----------\n drivers/crypto/aesni_mb/version.map | 3 -\n drivers/crypto/ipsec_mb/meson.build | 1 +\n .../pmd_aesni_mb.c} | 1762 ++++++++++++-----\n drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd.c | 7 +-\n .../ipsec_mb/rte_ipsec_mb_pmd_private.h | 145 +-\n drivers/crypto/meson.build | 1 -\n 9 files changed, 1442 insertions(+), 1965 deletions(-)\n delete mode 100644 drivers/crypto/aesni_mb/aesni_mb_pmd_private.h\n delete mode 100644 drivers/crypto/aesni_mb/meson.build\n delete mode 100644 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n delete mode 100644 drivers/crypto/aesni_mb/version.map\n rename drivers/crypto/{aesni_mb/rte_aesni_mb_pmd.c => ipsec_mb/pmd_aesni_mb.c} (60%)", "diff": "diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h\ndeleted file mode 100644\nindex 11e7bf5d18..0000000000\n--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h\n+++ /dev/null\n@@ -1,337 +0,0 @@\n-/* SPDX-License-Identifier: BSD-3-Clause\n- * Copyright(c) 2015-2016 Intel Corporation\n- */\n-\n-#ifndef _AESNI_MB_PMD_PRIVATE_H_\n-#define _AESNI_MB_PMD_PRIVATE_H_\n-\n-#include <intel-ipsec-mb.h>\n-\n-#if defined(RTE_LIB_SECURITY) && (IMB_VERSION_NUM) >= IMB_VERSION(0, 54, 0)\n-#define AESNI_MB_DOCSIS_SEC_ENABLED 1\n-#include <rte_security.h>\n-#include <rte_security_driver.h>\n-#endif\n-\n-enum aesni_mb_vector_mode {\n-\tRTE_AESNI_MB_NOT_SUPPORTED = 0,\n-\tRTE_AESNI_MB_SSE,\n-\tRTE_AESNI_MB_AVX,\n-\tRTE_AESNI_MB_AVX2,\n-\tRTE_AESNI_MB_AVX512\n-};\n-\n-#define CRYPTODEV_NAME_AESNI_MB_PMD\tcrypto_aesni_mb\n-/**< AES-NI Multi buffer PMD device name */\n-\n-/** AESNI_MB PMD LOGTYPE DRIVER */\n-extern int aesni_mb_logtype_driver;\n-\n-#define AESNI_MB_LOG(level, fmt, ...) \\\n-\trte_log(RTE_LOG_ ## level, aesni_mb_logtype_driver, \\\n-\t\t\t\"%s() line %u: \" fmt \"\\n\", __func__, __LINE__, \\\n-\t\t\t\t\t## __VA_ARGS__)\n-\n-\n-#define HMAC_IPAD_VALUE\t\t\t(0x36)\n-#define HMAC_OPAD_VALUE\t\t\t(0x5C)\n-\n-/* Maximum length for digest */\n-#define DIGEST_LENGTH_MAX 64\n-static const unsigned auth_blocksize[] = {\n-\t\t[NULL_HASH]\t\t\t= 0,\n-\t\t[MD5]\t\t\t\t= 64,\n-\t\t[SHA1]\t\t\t\t= 64,\n-\t\t[SHA_224]\t\t\t= 64,\n-\t\t[SHA_256]\t\t\t= 64,\n-\t\t[SHA_384]\t\t\t= 128,\n-\t\t[SHA_512]\t\t\t= 128,\n-\t\t[AES_XCBC]\t\t\t= 16,\n-\t\t[AES_CCM]\t\t\t= 16,\n-\t\t[AES_CMAC]\t\t\t= 16,\n-\t\t[AES_GMAC]\t\t\t= 16,\n-\t\t[PLAIN_SHA1]\t\t\t= 64,\n-\t\t[PLAIN_SHA_224]\t\t\t= 64,\n-\t\t[PLAIN_SHA_256]\t\t\t= 64,\n-\t\t[PLAIN_SHA_384]\t\t\t= 128,\n-\t\t[PLAIN_SHA_512]\t\t\t= 128,\n-#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n-\t\t[IMB_AUTH_ZUC_EIA3_BITLEN]\t= 16,\n-\t\t[IMB_AUTH_SNOW3G_UIA2_BITLEN]\t= 16,\n-\t\t[IMB_AUTH_KASUMI_UIA1]\t\t= 16\n-#endif\n-};\n-\n-/**\n- * Get the blocksize in bytes for a specified authentication algorithm\n- *\n- * @Note: this function will not return a valid value for a non-valid\n- * authentication algorithm\n- */\n-static inline unsigned\n-get_auth_algo_blocksize(JOB_HASH_ALG algo)\n-{\n-\treturn auth_blocksize[algo];\n-}\n-\n-static const unsigned auth_truncated_digest_byte_lengths[] = {\n-\t\t[MD5]\t\t\t\t= 12,\n-\t\t[SHA1]\t\t\t\t= 12,\n-\t\t[SHA_224]\t\t\t= 14,\n-\t\t[SHA_256]\t\t\t= 16,\n-\t\t[SHA_384]\t\t\t= 24,\n-\t\t[SHA_512]\t\t\t= 32,\n-\t\t[AES_XCBC]\t\t\t= 12,\n-\t\t[AES_CMAC]\t\t\t= 12,\n-\t\t[AES_CCM]\t\t\t= 8,\n-\t\t[NULL_HASH]\t\t\t= 0,\n-\t\t[AES_GMAC]\t\t\t= 12,\n-\t\t[PLAIN_SHA1]\t\t\t= 20,\n-\t\t[PLAIN_SHA_224]\t\t\t= 28,\n-\t\t[PLAIN_SHA_256]\t\t\t= 32,\n-\t\t[PLAIN_SHA_384]\t\t\t= 48,\n-\t\t[PLAIN_SHA_512]\t\t\t= 64,\n-#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n-\t\t[IMB_AUTH_ZUC_EIA3_BITLEN]\t= 4,\n-\t\t[IMB_AUTH_SNOW3G_UIA2_BITLEN]\t= 4,\n-\t\t[IMB_AUTH_KASUMI_UIA1]\t\t= 4\n-#endif\n-};\n-\n-/**\n- * Get the IPsec specified truncated length in bytes of the HMAC digest for a\n- * specified authentication algorithm\n- *\n- * @Note: this function will not return a valid value for a non-valid\n- * authentication algorithm\n- */\n-static inline unsigned\n-get_truncated_digest_byte_length(JOB_HASH_ALG algo)\n-{\n-\treturn auth_truncated_digest_byte_lengths[algo];\n-}\n-\n-static const unsigned auth_digest_byte_lengths[] = {\n-\t\t[MD5]\t\t\t\t= 16,\n-\t\t[SHA1]\t\t\t\t= 20,\n-\t\t[SHA_224]\t\t\t= 28,\n-\t\t[SHA_256]\t\t\t= 32,\n-\t\t[SHA_384]\t\t\t= 48,\n-\t\t[SHA_512]\t\t\t= 64,\n-\t\t[AES_XCBC]\t\t\t= 16,\n-\t\t[AES_CMAC]\t\t\t= 16,\n-\t\t[AES_CCM]\t\t\t= 16,\n-\t\t[AES_GMAC]\t\t\t= 16,\n-\t\t[NULL_HASH]\t\t\t= 0,\n-\t\t[PLAIN_SHA1]\t\t\t= 20,\n-\t\t[PLAIN_SHA_224]\t\t\t= 28,\n-\t\t[PLAIN_SHA_256]\t\t\t= 32,\n-\t\t[PLAIN_SHA_384]\t\t\t= 48,\n-\t\t[PLAIN_SHA_512]\t\t\t= 64,\n-#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n-\t\t[IMB_AUTH_ZUC_EIA3_BITLEN]\t= 4,\n-\t\t[IMB_AUTH_SNOW3G_UIA2_BITLEN]\t= 4,\n-\t\t[IMB_AUTH_KASUMI_UIA1]\t\t= 4\n-#endif\n-\t/**< Vector mode dependent pointer table of the multi-buffer APIs */\n-\n-};\n-\n-/**\n- * Get the full digest size in bytes for a specified authentication algorithm\n- * (if available in the Multi-buffer library)\n- *\n- * @Note: this function will not return a valid value for a non-valid\n- * authentication algorithm\n- */\n-static inline unsigned\n-get_digest_byte_length(JOB_HASH_ALG algo)\n-{\n-\treturn auth_digest_byte_lengths[algo];\n-}\n-\n-enum aesni_mb_operation {\n-\tAESNI_MB_OP_HASH_CIPHER,\n-\tAESNI_MB_OP_CIPHER_HASH,\n-\tAESNI_MB_OP_HASH_ONLY,\n-\tAESNI_MB_OP_CIPHER_ONLY,\n-\tAESNI_MB_OP_AEAD_HASH_CIPHER,\n-\tAESNI_MB_OP_AEAD_CIPHER_HASH,\n-\tAESNI_MB_OP_NOT_SUPPORTED\n-};\n-\n-/** private data structure for each virtual AESNI device */\n-struct aesni_mb_private {\n-\tenum aesni_mb_vector_mode vector_mode;\n-\t/**< CPU vector instruction set mode */\n-\tunsigned max_nb_queue_pairs;\n-\t/**< Max number of queue pairs supported by device */\n-\tMB_MGR *mb_mgr;\n-\t/**< Multi-buffer instance */\n-};\n-\n-/** AESNI Multi buffer queue pair */\n-struct aesni_mb_qp {\n-\tuint16_t id;\n-\t/**< Queue Pair Identifier */\n-\tchar name[RTE_CRYPTODEV_NAME_MAX_LEN];\n-\t/**< Unique Queue Pair Name */\n-\tMB_MGR *mb_mgr;\n-\t/**< Multi-buffer instance */\n-\tstruct rte_ring *ingress_queue;\n-\t/**< Ring for placing operations ready for processing */\n-\tstruct rte_mempool *sess_mp;\n-\t/**< Session Mempool */\n-\tstruct rte_mempool *sess_mp_priv;\n-\t/**< Session Private Data Mempool */\n-\tstruct rte_cryptodev_stats stats;\n-\t/**< Queue pair statistics */\n-\tuint8_t digest_idx;\n-\t/**< Index of the next slot to be used in temp_digests,\n-\t * to store the digest for a given operation\n-\t */\n-\tuint8_t temp_digests[MAX_JOBS][DIGEST_LENGTH_MAX];\n-\t/**< Buffers used to store the digest generated\n-\t * by the driver when verifying a digest provided\n-\t * by the user (using authentication verify operation)\n-\t */\n-} __rte_cache_aligned;\n-\n-/** AES-NI multi-buffer private session structure */\n-struct aesni_mb_session {\n-\tJOB_CHAIN_ORDER chain_order;\n-\tstruct {\n-\t\tuint16_t length;\n-\t\tuint16_t offset;\n-\t} iv;\n-\tstruct {\n-\t\tuint16_t length;\n-\t\tuint16_t offset;\n-\t} auth_iv;\n-\t/**< IV parameters */\n-\n-\t/** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;\n-\t/**< Vector mode dependent pointer table of the multi-buffer APIs */\n-\n-\tstruct {\n-\t\t/** Cipher direction - encrypt / decrypt */\n-\t\tJOB_CIPHER_DIRECTION direction;\n-\t\t/** Cipher mode - CBC / Counter */\n-\t\tJOB_CIPHER_MODE mode;\n-\n-\t\tuint64_t key_length_in_bytes;\n-\n-\t\tunion {\n-\t\t\tstruct {\n-\t\t\t\tuint32_t encode[60] __rte_aligned(16);\n-\t\t\t\t/**< encode key */\n-\t\t\t\tuint32_t decode[60] __rte_aligned(16);\n-\t\t\t\t/**< decode key */\n-\t\t\t} expanded_aes_keys;\n-\t\t\t/**< Expanded AES keys - Allocating space to\n-\t\t\t * contain the maximum expanded key size which\n-\t\t\t * is 240 bytes for 256 bit AES, calculate by:\n-\t\t\t * ((key size (bytes)) *\n-\t\t\t * ((number of rounds) + 1))\n-\t\t\t */\n-\t\t\tstruct {\n-\t\t\t\tconst void *ks_ptr[3];\n-\t\t\t\tuint64_t key[3][16];\n-\t\t\t} exp_3des_keys;\n-\t\t\t/**< Expanded 3DES keys */\n-\n-\t\t\tstruct gcm_key_data gcm_key;\n-\t\t\t/**< Expanded GCM key */\n-\t\t\tuint8_t zuc_cipher_key[16];\n-\t\t\t/**< ZUC cipher key */\n-#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n-\t\t\tsnow3g_key_schedule_t pKeySched_snow3g_cipher;\n-\t\t\t/**< SNOW3G scheduled cipher key */\n-\t\t\tkasumi_key_sched_t pKeySched_kasumi_cipher;\n-\t\t\t/**< KASUMI scheduled cipher key */\n-#endif\n-\t\t};\n-\t} cipher;\n-\n-\t/** Authentication Parameters */\n-\tstruct {\n-\t\tJOB_HASH_ALG algo; /**< Authentication Algorithm */\n-\t\tenum rte_crypto_auth_operation operation;\n-\t\t/**< auth operation generate or verify */\n-\t\tunion {\n-\t\t\tstruct {\n-\t\t\t\tuint8_t inner[128] __rte_aligned(16);\n-\t\t\t\t/**< inner pad */\n-\t\t\t\tuint8_t outer[128] __rte_aligned(16);\n-\t\t\t\t/**< outer pad */\n-\t\t\t} pads;\n-\t\t\t/**< HMAC Authentication pads -\n-\t\t\t * allocating space for the maximum pad\n-\t\t\t * size supported which is 128 bytes for\n-\t\t\t * SHA512\n-\t\t\t */\n-\n-\t\t\tstruct {\n-\t\t\t uint32_t k1_expanded[44] __rte_aligned(16);\n-\t\t\t /**< k1 (expanded key). */\n-\t\t\t uint8_t k2[16] __rte_aligned(16);\n-\t\t\t /**< k2. */\n-\t\t\t uint8_t k3[16] __rte_aligned(16);\n-\t\t\t /**< k3. */\n-\t\t\t} xcbc;\n-\n-\t\t\tstruct {\n-\t\t\t\tuint32_t expkey[60] __rte_aligned(16);\n-\t\t\t\t\t\t /**< k1 (expanded key). */\n-\t\t\t\tuint32_t skey1[4] __rte_aligned(16);\n-\t\t\t\t\t\t /**< k2. */\n-\t\t\t\tuint32_t skey2[4] __rte_aligned(16);\n-\t\t\t\t\t\t /**< k3. */\n-\t\t\t} cmac;\n-\t\t\t/**< Expanded XCBC authentication keys */\n-\t\t\tuint8_t zuc_auth_key[16];\n-\t\t\t/**< ZUC authentication key */\n-#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n-\t\t\tsnow3g_key_schedule_t pKeySched_snow3g_auth;\n-\t\t\t/**< SNOW3G scheduled authentication key */\n-\t\t\tkasumi_key_sched_t pKeySched_kasumi_auth;\n-\t\t\t/**< KASUMI scheduled authentication key */\n-#endif\n-\t\t};\n-\t/** Generated digest size by the Multi-buffer library */\n-\tuint16_t gen_digest_len;\n-\t/** Requested digest size from Cryptodev */\n-\tuint16_t req_digest_len;\n-\n-\t} auth;\n-\tstruct {\n-\t\t/** AAD data length */\n-\t\tuint16_t aad_len;\n-\t} aead;\n-} __rte_cache_aligned;\n-\n-extern int\n-aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,\n-\t\tstruct aesni_mb_session *sess,\n-\t\tconst struct rte_crypto_sym_xform *xform);\n-\n-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n-extern int\n-aesni_mb_set_docsis_sec_session_parameters(\n-\t\t__rte_unused struct rte_cryptodev *dev,\n-\t\tstruct rte_security_session_conf *conf,\n-\t\tvoid *sess);\n-#endif\n-\n-/** device specific operations function pointer structures */\n-extern struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops;\n-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n-extern struct rte_security_ops *rte_aesni_mb_pmd_sec_ops;\n-#endif\n-\n-extern uint32_t\n-aesni_mb_cpu_crypto_process_bulk(struct rte_cryptodev *dev,\n-\tstruct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs sofs,\n-\tstruct rte_crypto_sym_vec *vec);\n-\n-#endif /* _AESNI_MB_PMD_PRIVATE_H_ */\ndiff --git a/drivers/crypto/aesni_mb/meson.build b/drivers/crypto/aesni_mb/meson.build\ndeleted file mode 100644\nindex ed6b9f53e4..0000000000\n--- a/drivers/crypto/aesni_mb/meson.build\n+++ /dev/null\n@@ -1,25 +0,0 @@\n-# SPDX-License-Identifier: BSD-3-Clause\n-# Copyright(c) 2018 Intel Corporation\n-\n-IMB_required_ver = '0.52.0'\n-lib = cc.find_library('IPSec_MB', required: false)\n-if not lib.found()\n- build = false\n- reason = 'missing dependency, \"libIPSec_MB\"'\n-else\n- ext_deps += lib\n-\n- # version comes with quotes, so we split based on \" and take the middle\n- imb_ver = cc.get_define('IMB_VERSION_STR',\n- prefix : '#include<intel-ipsec-mb.h>').split('\"')[1]\n-\n- if (imb_ver == '') or (imb_ver.version_compare('<' + IMB_required_ver))\n- reason = 'IPSec_MB version >= @0@ is required, found version @1@'.format(\n- IMB_required_ver, imb_ver)\n- build = false\n- endif\n-\n-endif\n-\n-sources = files('rte_aesni_mb_pmd.c', 'rte_aesni_mb_pmd_ops.c')\n-deps += ['bus_vdev', 'net', 'security']\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\ndeleted file mode 100644\nindex fc7fdfec8e..0000000000\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n+++ /dev/null\n@@ -1,1126 +0,0 @@\n-/* SPDX-License-Identifier: BSD-3-Clause\n- * Copyright(c) 2015-2017 Intel Corporation\n- */\n-\n-#include <string.h>\n-\n-#include <rte_string_fns.h>\n-#include <rte_common.h>\n-#include <rte_malloc.h>\n-#include <rte_ether.h>\n-#include <rte_cryptodev_pmd.h>\n-\n-#include \"aesni_mb_pmd_private.h\"\n-\n-\n-static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n-\t{\t/* MD5 HMAC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_MD5_HMAC,\n-\t\t\t\t.block_size = 64,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 64,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA1 HMAC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,\n-\t\t\t\t.block_size = 64,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 65535,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 20,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA1 */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA1,\n-\t\t\t\t.block_size = 64,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 0,\n-\t\t\t\t\t.max = 0,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 20,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA224 HMAC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,\n-\t\t\t\t.block_size = 64,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 65535,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 28,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA224 */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA224,\n-\t\t\t\t.block_size = 64,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 0,\n-\t\t\t\t\t.max = 0,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 28,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA256 HMAC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,\n-\t\t\t\t.block_size = 64,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 65535,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA256 */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA256,\n-\t\t\t\t.block_size = 64,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 0,\n-\t\t\t\t\t.max = 0,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA384 HMAC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,\n-\t\t\t\t.block_size = 128,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 65535,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 48,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA384 */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA384,\n-\t\t\t\t.block_size = 128,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 0,\n-\t\t\t\t\t.max = 0,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 48,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA512 HMAC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,\n-\t\t\t\t.block_size = 128,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 65535,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 64,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SHA512 */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA512,\n-\t\t\t\t.block_size = 128,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 0,\n-\t\t\t\t\t.max = 0,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 64,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* AES XCBC HMAC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 12,\n-\t\t\t\t\t.max = 12,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* AES CBC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_CBC,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 8\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* AES CTR */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_CTR,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 8\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 12,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 4\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* AES DOCSIS BPI */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 16\n-#else\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-#endif\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* DES CBC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_DES_CBC,\n-\t\t\t\t.block_size = 8,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 8,\n-\t\t\t\t\t.max = 8,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 8,\n-\t\t\t\t\t.max = 8,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* 3DES CBC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_3DES_CBC,\n-\t\t\t\t.block_size = 8,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 8,\n-\t\t\t\t\t.max = 24,\n-\t\t\t\t\t.increment = 8\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 8,\n-\t\t\t\t\t.max = 8,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* DES DOCSIS BPI */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI,\n-\t\t\t\t.block_size = 8,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 8,\n-\t\t\t\t\t.max = 8,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 8,\n-\t\t\t\t\t.max = 8,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* AES CCM */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,\n-\t\t\t{.aead = {\n-\t\t\t\t.algo = RTE_CRYPTO_AEAD_AES_CCM,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-#if IMB_VERSION(0, 54, 2) <= IMB_VERSION_NUM\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 16\n-#else\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-#endif\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 4,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 2\n-\t\t\t\t},\n-\t\t\t\t.aad_size = {\n-\t\t\t\t\t.min = 0,\n-\t\t\t\t\t.max = 46,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 7,\n-\t\t\t\t\t.max = 13,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* AES CMAC */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_AES_CMAC,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* AES GCM */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,\n-\t\t\t{.aead = {\n-\t\t\t\t.algo = RTE_CRYPTO_AEAD_AES_GCM,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 8\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.aad_size = {\n-\t\t\t\t\t.min = 0,\n-\t\t\t\t\t.max = 65535,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 12,\n-\t\t\t\t\t.max = 12,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* AES GMAC (AUTH) */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_AES_GMAC,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 8\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 1,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 12,\n-\t\t\t\t\t.max = 12,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-#if IMB_VERSION(0, 53, 0) <= IMB_VERSION_NUM\n-\t{\t/* AES ECB */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_ECB,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 8\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-#endif\n-#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n-\t{\t/* ZUC (EIA3) */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_ZUC_EIA3,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 4,\n-\t\t\t\t\t.max = 4,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* ZUC (EEA3) */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SNOW 3G (UIA2) */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 4,\n-\t\t\t\t\t.max = 4,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* SNOW 3G (UEA2) */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* KASUMI (F9) */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n-\t\t\t{.auth = {\n-\t\t\t\t.algo = RTE_CRYPTO_AUTH_KASUMI_F9,\n-\t\t\t\t.block_size = 8,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 4,\n-\t\t\t\t\t.max = 4,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = { 0 }\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\t{\t/* KASUMI (F8) */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_KASUMI_F8,\n-\t\t\t\t.block_size = 8,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 8,\n-\t\t\t\t\t.max = 8,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-#endif\n-#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM\n-\t{\t/* CHACHA20-POLY1305 */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,\n-\t\t\t{.aead = {\n-\t\t\t\t.algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,\n-\t\t\t\t.block_size = 64,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 32,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.digest_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t\t.aad_size = {\n-\t\t\t\t\t.min = 0,\n-\t\t\t\t\t.max = 240,\n-\t\t\t\t\t.increment = 1\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 12,\n-\t\t\t\t\t.max = 12,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t},\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-#endif\n-\tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n-};\n-\n-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n-static const struct rte_cryptodev_capabilities\n-\t\t\t\t\taesni_mb_pmd_security_crypto_cap[] = {\n-\t{\t/* AES DOCSIS BPI */\n-\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n-\t\t{.sym = {\n-\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n-\t\t\t{.cipher = {\n-\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI,\n-\t\t\t\t.block_size = 16,\n-\t\t\t\t.key_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 32,\n-\t\t\t\t\t.increment = 16\n-\t\t\t\t},\n-\t\t\t\t.iv_size = {\n-\t\t\t\t\t.min = 16,\n-\t\t\t\t\t.max = 16,\n-\t\t\t\t\t.increment = 0\n-\t\t\t\t}\n-\t\t\t}, }\n-\t\t}, }\n-\t},\n-\n-\tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n-};\n-\n-static const struct rte_security_capability aesni_mb_pmd_security_cap[] = {\n-\t{\t/* DOCSIS Uplink */\n-\t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n-\t\t.protocol = RTE_SECURITY_PROTOCOL_DOCSIS,\n-\t\t.docsis = {\n-\t\t\t.direction = RTE_SECURITY_DOCSIS_UPLINK\n-\t\t},\n-\t\t.crypto_capabilities = aesni_mb_pmd_security_crypto_cap\n-\t},\n-\t{\t/* DOCSIS Downlink */\n-\t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n-\t\t.protocol = RTE_SECURITY_PROTOCOL_DOCSIS,\n-\t\t.docsis = {\n-\t\t\t.direction = RTE_SECURITY_DOCSIS_DOWNLINK\n-\t\t},\n-\t\t.crypto_capabilities = aesni_mb_pmd_security_crypto_cap\n-\t},\n-\t{\n-\t\t.action = RTE_SECURITY_ACTION_TYPE_NONE\n-\t}\n-};\n-#endif\n-\n-/** Configure device */\n-static int\n-aesni_mb_pmd_config(__rte_unused struct rte_cryptodev *dev,\n-\t\t__rte_unused struct rte_cryptodev_config *config)\n-{\n-\treturn 0;\n-}\n-\n-/** Start device */\n-static int\n-aesni_mb_pmd_start(__rte_unused struct rte_cryptodev *dev)\n-{\n-\treturn 0;\n-}\n-\n-/** Stop device */\n-static void\n-aesni_mb_pmd_stop(__rte_unused struct rte_cryptodev *dev)\n-{\n-}\n-\n-/** Close device */\n-static int\n-aesni_mb_pmd_close(__rte_unused struct rte_cryptodev *dev)\n-{\n-\treturn 0;\n-}\n-\n-\n-/** Get device statistics */\n-static void\n-aesni_mb_pmd_stats_get(struct rte_cryptodev *dev,\n-\t\tstruct rte_cryptodev_stats *stats)\n-{\n-\tint qp_id;\n-\n-\tfor (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) {\n-\t\tstruct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];\n-\n-\t\tstats->enqueued_count += qp->stats.enqueued_count;\n-\t\tstats->dequeued_count += qp->stats.dequeued_count;\n-\n-\t\tstats->enqueue_err_count += qp->stats.enqueue_err_count;\n-\t\tstats->dequeue_err_count += qp->stats.dequeue_err_count;\n-\t}\n-}\n-\n-/** Reset device statistics */\n-static void\n-aesni_mb_pmd_stats_reset(struct rte_cryptodev *dev)\n-{\n-\tint qp_id;\n-\n-\tfor (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) {\n-\t\tstruct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];\n-\n-\t\tmemset(&qp->stats, 0, sizeof(qp->stats));\n-\t}\n-}\n-\n-\n-/** Get device info */\n-static void\n-aesni_mb_pmd_info_get(struct rte_cryptodev *dev,\n-\t\tstruct rte_cryptodev_info *dev_info)\n-{\n-\tstruct aesni_mb_private *internals = dev->data->dev_private;\n-\n-\tif (dev_info != NULL) {\n-\t\tdev_info->driver_id = dev->driver_id;\n-\t\tdev_info->feature_flags = dev->feature_flags;\n-\t\tdev_info->capabilities = aesni_mb_pmd_capabilities;\n-\t\tdev_info->max_nb_queue_pairs = internals->max_nb_queue_pairs;\n-\t\t/* No limit of number of sessions */\n-\t\tdev_info->sym.max_nb_sessions = 0;\n-\t}\n-}\n-\n-/** Release queue pair */\n-static int\n-aesni_mb_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)\n-{\n-\tstruct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];\n-\tstruct rte_ring *r = NULL;\n-\n-\tif (qp != NULL) {\n-\t\tr = rte_ring_lookup(qp->name);\n-\t\tif (r)\n-\t\t\trte_ring_free(r);\n-\t\tif (qp->mb_mgr)\n-\t\t\tfree_mb_mgr(qp->mb_mgr);\n-\t\trte_free(qp);\n-\t\tdev->data->queue_pairs[qp_id] = NULL;\n-\t}\n-\treturn 0;\n-}\n-\n-/** set a unique name for the queue pair based on it's name, dev_id and qp_id */\n-static int\n-aesni_mb_pmd_qp_set_unique_name(struct rte_cryptodev *dev,\n-\t\tstruct aesni_mb_qp *qp)\n-{\n-\tunsigned n = snprintf(qp->name, sizeof(qp->name),\n-\t\t\t\"aesni_mb_pmd_%u_qp_%u\",\n-\t\t\tdev->data->dev_id, qp->id);\n-\n-\tif (n >= sizeof(qp->name))\n-\t\treturn -1;\n-\n-\treturn 0;\n-}\n-\n-/** Create a ring to place processed operations on */\n-static struct rte_ring *\n-aesni_mb_pmd_qp_create_processed_ops_ring(struct aesni_mb_qp *qp,\n-\t\tunsigned int ring_size, int socket_id)\n-{\n-\tstruct rte_ring *r;\n-\tchar ring_name[RTE_CRYPTODEV_NAME_MAX_LEN];\n-\n-\tunsigned int n = strlcpy(ring_name, qp->name, sizeof(ring_name));\n-\n-\tif (n >= sizeof(ring_name))\n-\t\treturn NULL;\n-\n-\tr = rte_ring_lookup(ring_name);\n-\tif (r) {\n-\t\tif (rte_ring_get_size(r) >= ring_size) {\n-\t\t\tAESNI_MB_LOG(INFO, \"Reusing existing ring %s for processed ops\",\n-\t\t\tring_name);\n-\t\t\treturn r;\n-\t\t}\n-\n-\t\tAESNI_MB_LOG(ERR, \"Unable to reuse existing ring %s for processed ops\",\n-\t\t\tring_name);\n-\t\treturn NULL;\n-\t}\n-\n-\treturn rte_ring_create(ring_name, ring_size, socket_id,\n-\t\t\tRING_F_SP_ENQ | RING_F_SC_DEQ);\n-}\n-\n-/** Setup a queue pair */\n-static int\n-aesni_mb_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,\n-\t\tconst struct rte_cryptodev_qp_conf *qp_conf,\n-\t\tint socket_id)\n-{\n-\tstruct aesni_mb_qp *qp = NULL;\n-\tstruct aesni_mb_private *internals = dev->data->dev_private;\n-\tint ret = -1;\n-\n-\t/* Free memory prior to re-allocation if needed. */\n-\tif (dev->data->queue_pairs[qp_id] != NULL)\n-\t\taesni_mb_pmd_qp_release(dev, qp_id);\n-\n-\t/* Allocate the queue pair data structure. */\n-\tqp = rte_zmalloc_socket(\"AES-NI PMD Queue Pair\", sizeof(*qp),\n-\t\t\t\t\tRTE_CACHE_LINE_SIZE, socket_id);\n-\tif (qp == NULL)\n-\t\treturn -ENOMEM;\n-\n-\tqp->id = qp_id;\n-\tdev->data->queue_pairs[qp_id] = qp;\n-\n-\tif (aesni_mb_pmd_qp_set_unique_name(dev, qp))\n-\t\tgoto qp_setup_cleanup;\n-\n-\n-\tqp->mb_mgr = alloc_mb_mgr(0);\n-\tif (qp->mb_mgr == NULL) {\n-\t\tret = -ENOMEM;\n-\t\tgoto qp_setup_cleanup;\n-\t}\n-\n-\tswitch (internals->vector_mode) {\n-\tcase RTE_AESNI_MB_SSE:\n-\t\tdev->feature_flags |= RTE_CRYPTODEV_FF_CPU_SSE;\n-\t\tinit_mb_mgr_sse(qp->mb_mgr);\n-\t\tbreak;\n-\tcase RTE_AESNI_MB_AVX:\n-\t\tdev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX;\n-\t\tinit_mb_mgr_avx(qp->mb_mgr);\n-\t\tbreak;\n-\tcase RTE_AESNI_MB_AVX2:\n-\t\tdev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX2;\n-\t\tinit_mb_mgr_avx2(qp->mb_mgr);\n-\t\tbreak;\n-\tcase RTE_AESNI_MB_AVX512:\n-\t\tdev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX512;\n-\t\tinit_mb_mgr_avx512(qp->mb_mgr);\n-\t\tbreak;\n-\tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported vector mode %u\\n\",\n-\t\t\t\tinternals->vector_mode);\n-\t\tgoto qp_setup_cleanup;\n-\t}\n-\n-\tqp->ingress_queue = aesni_mb_pmd_qp_create_processed_ops_ring(qp,\n-\t\t\tqp_conf->nb_descriptors, socket_id);\n-\tif (qp->ingress_queue == NULL) {\n-\t\tret = -1;\n-\t\tgoto qp_setup_cleanup;\n-\t}\n-\n-\tqp->sess_mp = qp_conf->mp_session;\n-\tqp->sess_mp_priv = qp_conf->mp_session_private;\n-\n-\tmemset(&qp->stats, 0, sizeof(qp->stats));\n-\n-\tchar mp_name[RTE_MEMPOOL_NAMESIZE];\n-\n-\tsnprintf(mp_name, RTE_MEMPOOL_NAMESIZE,\n-\t\t\t\t\"digest_mp_%u_%u\", dev->data->dev_id, qp_id);\n-\treturn 0;\n-\n-qp_setup_cleanup:\n-\tif (qp) {\n-\t\tif (qp->mb_mgr)\n-\t\t\tfree_mb_mgr(qp->mb_mgr);\n-\t\trte_free(qp);\n-\t}\n-\n-\treturn ret;\n-}\n-\n-/** Returns the size of the aesni multi-buffer session structure */\n-static unsigned\n-aesni_mb_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)\n-{\n-\treturn sizeof(struct aesni_mb_session);\n-}\n-\n-/** Configure a aesni multi-buffer session from a crypto xform chain */\n-static int\n-aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,\n-\t\tstruct rte_crypto_sym_xform *xform,\n-\t\tstruct rte_cryptodev_sym_session *sess,\n-\t\tstruct rte_mempool *mempool)\n-{\n-\tvoid *sess_private_data;\n-\tstruct aesni_mb_private *internals = dev->data->dev_private;\n-\tint ret;\n-\n-\tif (unlikely(sess == NULL)) {\n-\t\tAESNI_MB_LOG(ERR, \"invalid session struct\");\n-\t\treturn -EINVAL;\n-\t}\n-\n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tAESNI_MB_LOG(ERR,\n-\t\t\t\t\"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n-\tret = aesni_mb_set_session_parameters(internals->mb_mgr,\n-\t\t\tsess_private_data, xform);\n-\tif (ret != 0) {\n-\t\tAESNI_MB_LOG(ERR, \"failed configure session parameters\");\n-\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n-\t\treturn ret;\n-\t}\n-\n-\tset_sym_session_private_data(sess, dev->driver_id,\n-\t\t\tsess_private_data);\n-\n-\treturn 0;\n-}\n-\n-/** Clear the memory of session so it doesn't leave key material behind */\n-static void\n-aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev,\n-\t\tstruct rte_cryptodev_sym_session *sess)\n-{\n-\tuint8_t index = dev->driver_id;\n-\tvoid *sess_priv = get_sym_session_private_data(sess, index);\n-\n-\t/* Zero out the whole structure */\n-\tif (sess_priv) {\n-\t\tmemset(sess_priv, 0, sizeof(struct aesni_mb_session));\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n-\t\tset_sym_session_private_data(sess, index, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n-\t}\n-}\n-\n-struct rte_cryptodev_ops aesni_mb_pmd_ops = {\n-\t\t.dev_configure\t\t= aesni_mb_pmd_config,\n-\t\t.dev_start\t\t= aesni_mb_pmd_start,\n-\t\t.dev_stop\t\t= aesni_mb_pmd_stop,\n-\t\t.dev_close\t\t= aesni_mb_pmd_close,\n-\n-\t\t.stats_get\t\t= aesni_mb_pmd_stats_get,\n-\t\t.stats_reset\t\t= aesni_mb_pmd_stats_reset,\n-\n-\t\t.dev_infos_get\t\t= aesni_mb_pmd_info_get,\n-\n-\t\t.queue_pair_setup\t= aesni_mb_pmd_qp_setup,\n-\t\t.queue_pair_release\t= aesni_mb_pmd_qp_release,\n-\n-\t\t.sym_cpu_process\t= aesni_mb_cpu_crypto_process_bulk,\n-\n-\t\t.sym_session_get_size\t= aesni_mb_pmd_sym_session_get_size,\n-\t\t.sym_session_configure\t= aesni_mb_pmd_sym_session_configure,\n-\t\t.sym_session_clear\t= aesni_mb_pmd_sym_session_clear\n-};\n-\n-struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops = &aesni_mb_pmd_ops;\n-\n-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n-/**\n- * Configure a aesni multi-buffer session from a security session\n- * configuration\n- */\n-static int\n-aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_mempool *mempool)\n-{\n-\tvoid *sess_private_data;\n-\tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n-\tint ret;\n-\n-\tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL ||\n-\t\t\tconf->protocol != RTE_SECURITY_PROTOCOL_DOCSIS) {\n-\t\tAESNI_MB_LOG(ERR, \"Invalid security protocol\");\n-\t\treturn -EINVAL;\n-\t}\n-\n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tAESNI_MB_LOG(ERR, \"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n-\tret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,\n-\t\t\tsess_private_data);\n-\n-\tif (ret != 0) {\n-\t\tAESNI_MB_LOG(ERR, \"Failed to configure session parameters\");\n-\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n-\t\treturn ret;\n-\t}\n-\n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n-\treturn ret;\n-}\n-\n-/** Clear the memory of session so it doesn't leave key material behind */\n-static int\n-aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,\n-\t\tstruct rte_security_session *sess)\n-{\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n-\n-\tif (sess_priv) {\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n-\t\tmemset(sess_priv, 0, sizeof(struct aesni_mb_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n-\t}\n-\treturn 0;\n-}\n-\n-/** Get security capabilities for aesni multi-buffer */\n-static const struct rte_security_capability *\n-aesni_mb_pmd_sec_capa_get(void *device __rte_unused)\n-{\n-\treturn aesni_mb_pmd_security_cap;\n-}\n-\n-static struct rte_security_ops aesni_mb_pmd_sec_ops = {\n-\t\t.session_create = aesni_mb_pmd_sec_sess_create,\n-\t\t.session_update = NULL,\n-\t\t.session_stats_get = NULL,\n-\t\t.session_destroy = aesni_mb_pmd_sec_sess_destroy,\n-\t\t.set_pkt_metadata = NULL,\n-\t\t.capabilities_get = aesni_mb_pmd_sec_capa_get\n-};\n-\n-struct rte_security_ops *rte_aesni_mb_pmd_sec_ops = &aesni_mb_pmd_sec_ops;\n-#endif\ndiff --git a/drivers/crypto/aesni_mb/version.map b/drivers/crypto/aesni_mb/version.map\ndeleted file mode 100644\nindex 4a76d1d52d..0000000000\n--- a/drivers/crypto/aesni_mb/version.map\n+++ /dev/null\n@@ -1,3 +0,0 @@\n-DPDK_21 {\n-\tlocal: *;\n-};\ndiff --git a/drivers/crypto/ipsec_mb/meson.build b/drivers/crypto/ipsec_mb/meson.build\nindex 087ff98c33..f31817f45d 100644\n--- a/drivers/crypto/ipsec_mb/meson.build\n+++ b/drivers/crypto/ipsec_mb/meson.build\n@@ -23,5 +23,6 @@ endif\n \n sources = files('rte_ipsec_mb_pmd.c',\n \t\t'rte_ipsec_mb_pmd_ops.c',\n+\t\t'pmd_aesni_mb.c'\n \t\t)\n deps += ['bus_vdev', 'net', 'security']\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\nsimilarity index 60%\nrename from drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\nrename to drivers/crypto/ipsec_mb/pmd_aesni_mb.c\nindex a01c826a3c..e11ea9a013 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n@@ -1,39 +1,953 @@\n /* SPDX-License-Identifier: BSD-3-Clause\n- * Copyright(c) 2015-2017 Intel Corporation\n+ * Copyright(c) 2015-2021 Intel Corporation\n */\n \n+/**\n+ * function used to process crypto workload using job API\n+ */\n #include <intel-ipsec-mb.h>\n \n-#include <rte_common.h>\n-#include <rte_hexdump.h>\n-#include <rte_cryptodev.h>\n-#include <rte_cryptodev_pmd.h>\n-#include <rte_bus_vdev.h>\n-#include <rte_malloc.h>\n-#include <rte_cpuflags.h>\n-#include <rte_per_lcore.h>\n+#if defined(RTE_LIB_SECURITY) && (IMB_VERSION_NUM) >= IMB_VERSION(0, 54, 0)\n+#define AESNI_MB_DOCSIS_SEC_ENABLED 1\n+#include <rte_security.h>\n+#include <rte_security_driver.h>\n #include <rte_ether.h>\n+#endif\n \n-#include \"aesni_mb_pmd_private.h\"\n+#include \"rte_ipsec_mb_pmd_private.h\"\n \n #define AES_CCM_DIGEST_MIN_LEN 4\n #define AES_CCM_DIGEST_MAX_LEN 16\n #define HMAC_MAX_BLOCK_SIZE 128\n-static uint8_t cryptodev_driver_id;\n+#define HMAC_IPAD_VALUE\t\t\t(0x36)\n+#define HMAC_OPAD_VALUE\t\t\t(0x5C)\n+\n+static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {\n+\t{\t/* MD5 HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_MD5_HMAC,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 64,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA1 HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 65535,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 20,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA1 */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA1,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 0,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 20,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA224 HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 65535,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 28,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA224 */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA224,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 0,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 28,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA256 HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 65535,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA256 */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA256,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 0,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA384 HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,\n+\t\t\t\t.block_size = 128,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 65535,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 48,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA384 */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA384,\n+\t\t\t\t.block_size = 128,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 0,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 48,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA512 HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,\n+\t\t\t\t.block_size = 128,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 65535,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 64,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA512 */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA512,\n+\t\t\t\t.block_size = 128,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 0,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 64,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES XCBC HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 12,\n+\t\t\t\t\t.max = 12,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES CBC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_CBC,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 8\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES CTR */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_CTR,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 8\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 12,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 4\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES DOCSIS BPI */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 16\n+#else\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+#endif\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* DES CBC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_DES_CBC,\n+\t\t\t\t.block_size = 8,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 8,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 8,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* 3DES CBC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_3DES_CBC,\n+\t\t\t\t.block_size = 8,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 24,\n+\t\t\t\t\t.increment = 8\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 8,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* DES DOCSIS BPI */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI,\n+\t\t\t\t.block_size = 8,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 8,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 8,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES CCM */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,\n+\t\t\t{.aead = {\n+\t\t\t\t.algo = RTE_CRYPTO_AEAD_AES_CCM,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+#if IMB_VERSION(0, 54, 2) <= IMB_VERSION_NUM\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 16\n+#else\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+#endif\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 4,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 2\n+\t\t\t\t},\n+\t\t\t\t.aad_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 46,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 7,\n+\t\t\t\t\t.max = 13,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES CMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_AES_CMAC,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES GCM */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,\n+\t\t\t{.aead = {\n+\t\t\t\t.algo = RTE_CRYPTO_AEAD_AES_GCM,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 8\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.aad_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 65535,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 12,\n+\t\t\t\t\t.max = 12,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES GMAC (AUTH) */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_AES_GMAC,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 8\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 12,\n+\t\t\t\t\t.max = 12,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+#if IMB_VERSION(0, 53, 0) <= IMB_VERSION_NUM\n+\t{\t/* AES ECB */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_ECB,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 8\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+#endif\n+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n+\t{\t/* ZUC (EIA3) */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_ZUC_EIA3,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 4,\n+\t\t\t\t\t.max = 4,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* ZUC (EEA3) */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SNOW 3G (UIA2) */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 4,\n+\t\t\t\t\t.max = 4,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SNOW 3G (UEA2) */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* KASUMI (F9) */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_KASUMI_F9,\n+\t\t\t\t.block_size = 8,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 4,\n+\t\t\t\t\t.max = 4,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = { 0 }\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* KASUMI (F8) */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_KASUMI_F8,\n+\t\t\t\t.block_size = 8,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 8,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+#endif\n+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM\n+\t{\t/* CHACHA20-POLY1305 */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,\n+\t\t\t{.aead = {\n+\t\t\t\t.algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 32,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.aad_size = {\n+\t\t\t\t\t.min = 0,\n+\t\t\t\t\t.max = 240,\n+\t\t\t\t\t.increment = 1\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 12,\n+\t\t\t\t\t.max = 12,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+#endif\n+\tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n+};\n+\n+uint8_t pmd_driver_id_aesni_mb;\n+\n+struct aesni_mb_qp_data {\n+\tuint8_t temp_digests[MAX_JOBS][DIGEST_LENGTH_MAX];\n+\t/* *< Buffers used to store the digest generated\n+\t * by the driver when verifying a digest provided\n+\t * by the user (using authentication verify operation)\n+\t */\n+};\n+\n+/* Maximum length for digest */\n+#define DIGEST_LENGTH_MAX 64\n+static const unsigned int auth_blocksize[] = {\n+\t\t[NULL_HASH]\t\t\t= 0,\n+\t\t[MD5]\t\t\t\t= 64,\n+\t\t[SHA1]\t\t\t\t= 64,\n+\t\t[SHA_224]\t\t\t= 64,\n+\t\t[SHA_256]\t\t\t= 64,\n+\t\t[SHA_384]\t\t\t= 128,\n+\t\t[SHA_512]\t\t\t= 128,\n+\t\t[AES_XCBC]\t\t\t= 16,\n+\t\t[AES_CCM]\t\t\t= 16,\n+\t\t[AES_CMAC]\t\t\t= 16,\n+\t\t[AES_GMAC]\t\t\t= 16,\n+\t\t[PLAIN_SHA1]\t\t\t= 64,\n+\t\t[PLAIN_SHA_224]\t\t\t= 64,\n+\t\t[PLAIN_SHA_256]\t\t\t= 64,\n+\t\t[PLAIN_SHA_384]\t\t\t= 128,\n+\t\t[PLAIN_SHA_512]\t\t\t= 128,\n+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n+\t\t[IMB_AUTH_ZUC_EIA3_BITLEN]\t= 16,\n+\t\t[IMB_AUTH_SNOW3G_UIA2_BITLEN]\t= 16,\n+\t\t[IMB_AUTH_KASUMI_UIA1]\t\t= 16\n+#endif\n+};\n+\n+/**\n+ * Get the blocksize in bytes for a specified authentication algorithm\n+ *\n+ * @Note: this function will not return a valid value for a non-valid\n+ * authentication algorithm\n+ */\n+static inline unsigned int\n+get_auth_algo_blocksize(JOB_HASH_ALG algo)\n+{\n+\treturn auth_blocksize[algo];\n+}\n+\n+static const unsigned int auth_truncated_digest_byte_lengths[] = {\n+\t\t[MD5]\t\t\t\t= 12,\n+\t\t[SHA1]\t\t\t\t= 12,\n+\t\t[SHA_224]\t\t\t= 14,\n+\t\t[SHA_256]\t\t\t= 16,\n+\t\t[SHA_384]\t\t\t= 24,\n+\t\t[SHA_512]\t\t\t= 32,\n+\t\t[AES_XCBC]\t\t\t= 12,\n+\t\t[AES_CMAC]\t\t\t= 12,\n+\t\t[AES_CCM]\t\t\t= 8,\n+\t\t[NULL_HASH]\t\t\t= 0,\n+\t\t[AES_GMAC]\t\t\t= 12,\n+\t\t[PLAIN_SHA1]\t\t\t= 20,\n+\t\t[PLAIN_SHA_224]\t\t\t= 28,\n+\t\t[PLAIN_SHA_256]\t\t\t= 32,\n+\t\t[PLAIN_SHA_384]\t\t\t= 48,\n+\t\t[PLAIN_SHA_512]\t\t\t= 64,\n+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n+\t\t[IMB_AUTH_ZUC_EIA3_BITLEN]\t= 4,\n+\t\t[IMB_AUTH_SNOW3G_UIA2_BITLEN]\t= 4,\n+\t\t[IMB_AUTH_KASUMI_UIA1]\t\t= 4\n+#endif\n+};\n \n-/*\n- * Needed to support CPU-CRYPTO API (rte_cryptodev_sym_cpu_crypto_process),\n- * as we still use JOB based API even for synchronous processing.\n+/**\n+ * Get the IPsec specified truncated length in bytes of the HMAC digest for a\n+ * specified authentication algorithm\n+ *\n+ * @Note: this function will not return a valid value for a non-valid\n+ * authentication algorithm\n+ */\n+static inline unsigned int\n+get_truncated_digest_byte_length(JOB_HASH_ALG algo)\n+{\n+\treturn auth_truncated_digest_byte_lengths[algo];\n+}\n+\n+static const unsigned int auth_digest_byte_lengths[] = {\n+\t\t[MD5]\t\t\t\t= 16,\n+\t\t[SHA1]\t\t\t\t= 20,\n+\t\t[SHA_224]\t\t\t= 28,\n+\t\t[SHA_256]\t\t\t= 32,\n+\t\t[SHA_384]\t\t\t= 48,\n+\t\t[SHA_512]\t\t\t= 64,\n+\t\t[AES_XCBC]\t\t\t= 16,\n+\t\t[AES_CMAC]\t\t\t= 16,\n+\t\t[AES_CCM]\t\t\t= 16,\n+\t\t[AES_GMAC]\t\t\t= 16,\n+\t\t[NULL_HASH]\t\t\t= 0,\n+\t\t[PLAIN_SHA1]\t\t\t= 20,\n+\t\t[PLAIN_SHA_224]\t\t\t= 28,\n+\t\t[PLAIN_SHA_256]\t\t\t= 32,\n+\t\t[PLAIN_SHA_384]\t\t\t= 48,\n+\t\t[PLAIN_SHA_512]\t\t\t= 64,\n+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n+\t\t[IMB_AUTH_ZUC_EIA3_BITLEN]\t= 4,\n+\t\t[IMB_AUTH_SNOW3G_UIA2_BITLEN]\t= 4,\n+\t\t[IMB_AUTH_KASUMI_UIA1]\t\t= 4\n+#endif\n+\t/**< Vector mode dependent pointer table of the multi-buffer APIs */\n+\n+};\n+\n+/**\n+ * Get the full digest size in bytes for a specified authentication algorithm\n+ * (if available in the Multi-buffer library)\n+ *\n+ * @Note: this function will not return a valid value for a non-valid\n+ * authentication algorithm\n */\n-static RTE_DEFINE_PER_LCORE(MB_MGR *, sync_mb_mgr);\n+static inline unsigned int\n+get_digest_byte_length(JOB_HASH_ALG algo)\n+{\n+\treturn auth_digest_byte_lengths[algo];\n+}\n+\n+/** AES-NI multi-buffer private session structure */\n+struct aesni_mb_session {\n+\tJOB_CIPHER_MODE cipher_mode;\n+\tJOB_CIPHER_DIRECTION cipher_direction;\n+\tJOB_HASH_ALG hash_alg;\n+\tJOB_CHAIN_ORDER chain_order;\n+\t/* common job fields */\n+\tstruct {\n+\t\tuint16_t length;\n+\t\tuint16_t offset;\n+\t} iv;\n+\tstruct {\n+\t\tuint16_t length;\n+\t\tuint16_t offset;\n+\t} auth_iv;\n+\t/* *< IV parameters\n+\t */\n+\n+\t/* * Cipher Parameters\n+\t */\n+\tstruct {\n+\t\t/* * Cipher direction - encrypt / decrypt */\n+\t\tJOB_CIPHER_DIRECTION direction;\n+\t\t/* * Cipher mode - CBC / Counter */\n+\t\tJOB_CIPHER_MODE mode;\n+\n+\t\tuint64_t key_length_in_bytes;\n+\n+\t\tunion {\n+\t\t\tstruct {\n+\t\t\t\tuint32_t encode[60] __rte_aligned(16);\n+\t\t\t\t/* *< encode key */\n+\t\t\t\tuint32_t decode[60] __rte_aligned(16);\n+\t\t\t\t/* *< decode key */\n+\t\t\t} expanded_aes_keys;\n+\t\t\t/* *< Expanded AES keys - Allocating space to\n+\t\t\t * contain the maximum expanded key size which\n+\t\t\t * is 240 bytes for 256 bit AES, calculate by:\n+\t\t\t * ((key size (bytes)) *\n+\t\t\t * ((number of rounds) + 1))\n+\t\t\t */\n+\t\t\tstruct {\n+\t\t\t\tconst void *ks_ptr[3];\n+\t\t\t\tuint64_t key[3][16];\n+\t\t\t} exp_3des_keys;\n+\t\t\t/* *< Expanded 3DES keys */\n+\n+\t\t\tstruct gcm_key_data gcm_key;\n+\t\t\t/* *< Expanded GCM key */\n+\t\t\tuint8_t zuc_cipher_key[16];\n+\t\t\t/* *< ZUC cipher key */\n+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n+\t\t\tsnow3g_key_schedule_t pKeySched_snow3g_cipher;\n+\t\t\t/* *< SNOW3G scheduled cipher key */\n+\t\t\tkasumi_key_sched_t pKeySched_kasumi_cipher;\n+\t\t\t/* *< KASUMI scheduled cipher key */\n+#endif\n+\t\t};\n+\t} cipher;\n+\n+\t/* *< Authentication Parameters */\n+\tstruct {\n+\t\tJOB_HASH_ALG algo; /* *< Authentication Algorithm */\n+\t\tenum rte_crypto_auth_operation operation;\n+\t\t/* *< auth operation generate or verify */\n+\t\tunion {\n+\t\t\tstruct {\n+\t\t\t\tuint8_t inner[128] __rte_aligned(16);\n+\t\t\t\t/* *< inner pad */\n+\t\t\t\tuint8_t outer[128] __rte_aligned(16);\n+\t\t\t\t/* *< outer pad */\n+\t\t\t} pads;\n+\t\t\t/* *< HMAC Authentication pads -\n+\t\t\t * allocating space for the maximum pad\n+\t\t\t * size supported which is 128 bytes for\n+\t\t\t * SHA512\n+\t\t\t */\n+\n+\t\t\tstruct {\n+\t\t\t\tuint32_t k1_expanded[44] __rte_aligned(16);\n+\t\t\t\t/* *< k1 (expanded key). */\n+\t\t\t\tuint8_t k2[16] __rte_aligned(16);\n+\t\t\t\t/* *< k2. */\n+\t\t\t\tuint8_t k3[16] __rte_aligned(16);\n+\t\t\t\t/* *< k3. */\n+\t\t\t} xcbc;\n+\n+\t\t\tstruct {\n+\t\t\t\tuint32_t expkey[60] __rte_aligned(16);\n+\t\t\t\t/* *< k1 (expanded key). */\n+\t\t\t\tuint32_t skey1[4] __rte_aligned(16);\n+\t\t\t\t/* *< k2. */\n+\t\t\t\tuint32_t skey2[4] __rte_aligned(16);\n+\t\t\t\t/* *< k3. */\n+\t\t\t} cmac;\n+\t\t\t/* *< Expanded XCBC authentication keys */\n+\t\t\tuint8_t zuc_auth_key[16];\n+\t\t\t/* *< ZUC authentication key */\n+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n+\t\t\tsnow3g_key_schedule_t pKeySched_snow3g_auth;\n+\t\t\t/* *< SNOW3G scheduled authentication key */\n+\t\t\tkasumi_key_sched_t pKeySched_kasumi_auth;\n+\t\t\t/* *< KASUMI scheduled authentication key */\n+#endif\n+\t\t};\n+\t\t/* * Generated digest size by the Multi-buffer library */\n+\t\tuint16_t gen_digest_len;\n+\t\t/* * Requested digest size from Cryptodev */\n+\t\tuint16_t req_digest_len;\n+\n+\t} auth;\n+\tstruct {\n+\t\t/* * AAD data length */\n+\t\tuint16_t aad_len;\n+\t} aead;\n+} __rte_cache_aligned;\n \n typedef void (*hash_one_block_t)(const void *data, void *digest);\n-typedef void (*aes_keyexp_t)(const void *key, void *enc_exp_keys, void *dec_exp_keys);\n+typedef void (*aes_keyexp_t)(const void *key, void *enc_exp_keys,\n+\t\t\tvoid *dec_exp_keys);\n+\n \n /**\n * Calculate the authentication pre-computes\n *\n- * @param one_block_hash\tFunction pointer to calculate digest on ipad/opad\n+ * @param one_block_hash\tFunction pointer\n+ *\t\t\t\tto calculate digest on ipad/opad\n * @param ipad\t\t\tInner pad output byte array\n * @param opad\t\t\tOuter pad output byte array\n * @param hkey\t\t\tAuthentication key\n@@ -46,7 +960,7 @@ calculate_auth_precomputes(hash_one_block_t one_block_hash,\n \t\tconst uint8_t *hkey, uint16_t hkey_len,\n \t\tuint16_t blocksize)\n {\n-\tunsigned i, length;\n+\tuint32_t i, length;\n \n \tuint8_t ipad_buf[blocksize] __rte_aligned(16);\n \tuint8_t opad_buf[blocksize] __rte_aligned(16);\n@@ -72,59 +986,6 @@ calculate_auth_precomputes(hash_one_block_t one_block_hash,\n \tmemset(opad_buf, 0, blocksize);\n }\n \n-/** Get xform chain order */\n-static enum aesni_mb_operation\n-aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform)\n-{\n-\tif (xform == NULL)\n-\t\treturn AESNI_MB_OP_NOT_SUPPORTED;\n-\n-\tif (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {\n-\t\tif (xform->next == NULL)\n-\t\t\treturn AESNI_MB_OP_CIPHER_ONLY;\n-\t\tif (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)\n-\t\t\treturn AESNI_MB_OP_CIPHER_HASH;\n-\t}\n-\n-\tif (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {\n-\t\tif (xform->next == NULL)\n-\t\t\treturn AESNI_MB_OP_HASH_ONLY;\n-\t\tif (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER)\n-\t\t\treturn AESNI_MB_OP_HASH_CIPHER;\n-\t}\n-#if IMB_VERSION_NUM > IMB_VERSION(0, 52, 0)\n-\tif (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {\n-\t\tif (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {\n-\t\t\t/*\n-\t\t\t * CCM requires to hash first and cipher later\n-\t\t\t * when encrypting\n-\t\t\t */\n-\t\t\tif (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM)\n-\t\t\t\treturn AESNI_MB_OP_AEAD_HASH_CIPHER;\n-\t\t\telse\n-\t\t\t\treturn AESNI_MB_OP_AEAD_CIPHER_HASH;\n-\t\t} else {\n-\t\t\tif (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM)\n-\t\t\t\treturn AESNI_MB_OP_AEAD_CIPHER_HASH;\n-\t\t\telse\n-\t\t\t\treturn AESNI_MB_OP_AEAD_HASH_CIPHER;\n-\t\t}\n-\t}\n-#else\n-\tif (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {\n-\t\tif (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM ||\n-\t\t\t\txform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {\n-\t\t\tif (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT)\n-\t\t\t\treturn AESNI_MB_OP_AEAD_CIPHER_HASH;\n-\t\t\telse\n-\t\t\t\treturn AESNI_MB_OP_AEAD_HASH_CIPHER;\n-\t\t}\n-\t}\n-#endif\n-\n-\treturn AESNI_MB_OP_NOT_SUPPORTED;\n-}\n-\n static inline int\n is_aead_algo(JOB_HASH_ALG hash_alg, JOB_CIPHER_MODE cipher_mode)\n {\n@@ -154,7 +1015,7 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \t}\n \n \tif (xform->type != RTE_CRYPTO_SYM_XFORM_AUTH) {\n-\t\tAESNI_MB_LOG(ERR, \"Crypto xform struct not of type auth\");\n+\t\tIPSEC_MB_LOG(ERR, \"Crypto xform struct not of type auth\");\n \t\treturn -1;\n \t}\n \n@@ -175,7 +1036,7 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \t\tuint16_t xcbc_mac_digest_len =\n \t\t\tget_truncated_digest_byte_length(AES_XCBC);\n \t\tif (sess->auth.req_digest_len != xcbc_mac_digest_len) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n@@ -194,7 +1055,7 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \t\tuint16_t cmac_digest_len = get_digest_byte_length(AES_CMAC);\n \n \t\tif (sess->auth.req_digest_len > cmac_digest_len) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\t/*\n@@ -225,8 +1086,9 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \t\t\tsess->cipher.direction = DECRYPT;\n \n \t\tsess->auth.algo = AES_GMAC;\n-\t\tif (sess->auth.req_digest_len > get_digest_byte_length(AES_GMAC)) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\tif (sess->auth.req_digest_len >\n+\t\t\tget_digest_byte_length(AES_GMAC)) {\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n@@ -261,9 +1123,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \tif (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {\n \t\tsess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;\n \t\tuint16_t zuc_eia3_digest_len =\n-\t\t\tget_truncated_digest_byte_length(IMB_AUTH_ZUC_EIA3_BITLEN);\n+\t\t\tget_truncated_digest_byte_length(\n+\t\t\t\t\t\tIMB_AUTH_ZUC_EIA3_BITLEN);\n \t\tif (sess->auth.req_digest_len != zuc_eia3_digest_len) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n@@ -273,9 +1136,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \t} else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {\n \t\tsess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;\n \t\tuint16_t snow3g_uia2_digest_len =\n-\t\t\tget_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN);\n+\t\t\tget_truncated_digest_byte_length(\n+\t\t\t\t\t\tIMB_AUTH_SNOW3G_UIA2_BITLEN);\n \t\tif (sess->auth.req_digest_len != snow3g_uia2_digest_len) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n@@ -288,7 +1152,7 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \t\tuint16_t kasumi_f9_digest_len =\n \t\t\tget_truncated_digest_byte_length(IMB_AUTH_KASUMI_UIA1);\n \t\tif (sess->auth.req_digest_len != kasumi_f9_digest_len) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n@@ -380,7 +1244,8 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \t\tauth_precompute = 0;\n \t\tbreak;\n \tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported authentication algorithm selection\");\n+\t\tIPSEC_MB_LOG(ERR,\n+\t\t\t\"Unsupported authentication algorithm selection\");\n \t\treturn -ENOTSUP;\n \t}\n \tuint16_t trunc_digest_size =\n@@ -390,7 +1255,7 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,\n \n \tif (sess->auth.req_digest_len > full_digest_size ||\n \t\t\tsess->auth.req_digest_len == 0) {\n-\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\treturn -EINVAL;\n \t}\n \n@@ -443,7 +1308,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n \t}\n \n \tif (xform->type != RTE_CRYPTO_SYM_XFORM_CIPHER) {\n-\t\tAESNI_MB_LOG(ERR, \"Crypto xform struct not of type cipher\");\n+\t\tIPSEC_MB_LOG(ERR, \"Crypto xform struct not of type cipher\");\n \t\treturn -EINVAL;\n \t}\n \n@@ -456,7 +1321,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n \t\tsess->cipher.direction = DECRYPT;\n \t\tbreak;\n \tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Invalid cipher operation parameter\");\n+\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher operation parameter\");\n \t\treturn -EINVAL;\n \t}\n \n@@ -505,7 +1370,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n \t\tbreak;\n #endif\n \tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported cipher mode parameter\");\n+\t\tIPSEC_MB_LOG(ERR, \"Unsupported cipher mode parameter\");\n \t\treturn -ENOTSUP;\n \t}\n \n@@ -535,7 +1400,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n \t\t\t\t\tsess->cipher.expanded_aes_keys.decode);\n \t\t\tbreak;\n \t\tdefault:\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t} else if (is_docsis) {\n@@ -555,7 +1420,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n \t\t\tbreak;\n #endif\n \t\tdefault:\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t} else if (is_3DES) {\n@@ -597,7 +1462,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n \t\t\tsess->cipher.exp_3des_keys.ks_ptr[2] = keys[0];\n \t\t\tbreak;\n \t\tdefault:\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \n@@ -605,7 +1470,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM\n \t} else if (is_zuc) {\n \t\tif (xform->cipher.key.length != 16) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->cipher.key_length_in_bytes = 16;\n@@ -613,7 +1478,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n \t\t\t16);\n \t} else if (is_snow3g) {\n \t\tif (xform->cipher.key.length != 16) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->cipher.key_length_in_bytes = 16;\n@@ -621,7 +1486,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n \t\t\t\t\t&sess->cipher.pKeySched_snow3g_cipher);\n \t} else if (is_kasumi) {\n \t\tif (xform->cipher.key.length != 16) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->cipher.key_length_in_bytes = 16;\n@@ -630,7 +1495,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,\n #endif\n \t} else {\n \t\tif (xform->cipher.key.length != 8) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->cipher.key_length_in_bytes = 8;\n@@ -661,7 +1526,7 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,\n \t\tsess->auth.operation = RTE_CRYPTO_AUTH_OP_VERIFY;\n \t\tbreak;\n \tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Invalid aead operation parameter\");\n+\t\tIPSEC_MB_LOG(ERR, \"Invalid aead operation parameter\");\n \t\treturn -EINVAL;\n \t}\n \n@@ -693,15 +1558,15 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,\n \t\t\t\t\tsess->cipher.expanded_aes_keys.decode);\n \t\t\tbreak;\n \t\tdefault:\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \n \t\t/* CCM digests must be between 4 and 16 and an even number */\n \t\tif (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN ||\n-\t\t\t\tsess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN ||\n-\t\t\t\t(sess->auth.req_digest_len & 1) == 1) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\t\tsess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN ||\n+\t\t\t(sess->auth.req_digest_len & 1) == 1) {\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tbreak;\n@@ -727,14 +1592,14 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,\n \t\t\t\t&sess->cipher.gcm_key);\n \t\t\tbreak;\n \t\tdefault:\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid cipher key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid cipher key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \n \t\t/* GCM digest size must be between 1 and 16 */\n \t\tif (sess->auth.req_digest_len == 0 ||\n \t\t\t\tsess->auth.req_digest_len > 16) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tbreak;\n@@ -745,81 +1610,82 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,\n \t\tsess->auth.algo = IMB_AUTH_CHACHA20_POLY1305;\n \n \t\tif (xform->aead.key.length != 32) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid key length\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid key length\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tsess->cipher.key_length_in_bytes = 32;\n \t\tmemcpy(sess->cipher.expanded_aes_keys.encode,\n \t\t\txform->aead.key.data, 32);\n \t\tif (sess->auth.req_digest_len != 16) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\t\tIPSEC_MB_LOG(ERR, \"Invalid digest size\\n\");\n \t\t\treturn -EINVAL;\n \t\t}\n \t\tbreak;\n #endif\n \tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported aead mode parameter\");\n+\t\tIPSEC_MB_LOG(ERR, \"Unsupported aead mode parameter\");\n \t\treturn -ENOTSUP;\n \t}\n \n \treturn 0;\n }\n \n-/** Parse crypto xform chain and set private session parameters */\n-int\n-aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,\n-\t\tstruct aesni_mb_session *sess,\n+/** Configure a aesni multi-buffer session from a crypto xform chain */\n+static int\n+aesni_mb_session_configure(MB_MGR *mb_mgr,\n+\t\tvoid *priv_sess,\n \t\tconst struct rte_crypto_sym_xform *xform)\n {\n \tconst struct rte_crypto_sym_xform *auth_xform = NULL;\n \tconst struct rte_crypto_sym_xform *cipher_xform = NULL;\n \tconst struct rte_crypto_sym_xform *aead_xform = NULL;\n+\tenum ipsec_mb_operation mode;\n+\tstruct aesni_mb_session *sess = (struct aesni_mb_session *) priv_sess;\n \tint ret;\n \n+\tret = ipsec_mb_parse_xform(xform, &mode, &auth_xform,\n+\t\t\t\t&cipher_xform, &aead_xform);\n+\tif (ret)\n+\t\treturn ret;\n+\n \t/* Select Crypto operation - hash then cipher / cipher then hash */\n-\tswitch (aesni_mb_get_chain_order(xform)) {\n-\tcase AESNI_MB_OP_HASH_CIPHER:\n+\tswitch (mode) {\n+\tcase IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT:\n \t\tsess->chain_order = HASH_CIPHER;\n-\t\tauth_xform = xform;\n-\t\tcipher_xform = xform->next;\n \t\tbreak;\n-\tcase AESNI_MB_OP_CIPHER_HASH:\n+\tcase IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN:\n+\tcase IPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY:\n \t\tsess->chain_order = CIPHER_HASH;\n-\t\tauth_xform = xform->next;\n-\t\tcipher_xform = xform;\n \t\tbreak;\n-\tcase AESNI_MB_OP_HASH_ONLY:\n+\tcase IPSEC_MB_OP_HASH_GEN_ONLY:\n+\tcase IPSEC_MB_OP_HASH_VERIFY_ONLY:\n+\tcase IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT:\n \t\tsess->chain_order = HASH_CIPHER;\n-\t\tauth_xform = xform;\n-\t\tcipher_xform = NULL;\n \t\tbreak;\n-\tcase AESNI_MB_OP_CIPHER_ONLY:\n-\t\t/*\n-\t\t * Multi buffer library operates only at two modes,\n-\t\t * CIPHER_HASH and HASH_CIPHER. When doing ciphering only,\n-\t\t * chain order depends on cipher operation: encryption is always\n-\t\t * the first operation and decryption the last one.\n-\t\t */\n-\t\tif (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)\n-\t\t\tsess->chain_order = CIPHER_HASH;\n-\t\telse\n-\t\t\tsess->chain_order = HASH_CIPHER;\n-\t\tauth_xform = NULL;\n-\t\tcipher_xform = xform;\n+\t/*\n+\t * Multi buffer library operates only at two modes,\n+\t * CIPHER_HASH and HASH_CIPHER. When doing ciphering only,\n+\t * chain order depends on cipher operation: encryption is always\n+\t * the first operation and decryption the last one.\n+\t */\n+\tcase IPSEC_MB_OP_ENCRYPT_ONLY:\n+\t\tsess->chain_order = CIPHER_HASH;\n+\t\tbreak;\n+\tcase IPSEC_MB_OP_DECRYPT_ONLY:\n+\t\tsess->chain_order = HASH_CIPHER;\n \t\tbreak;\n-\tcase AESNI_MB_OP_AEAD_CIPHER_HASH:\n+\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:\n \t\tsess->chain_order = CIPHER_HASH;\n \t\tsess->aead.aad_len = xform->aead.aad_length;\n-\t\taead_xform = xform;\n \t\tbreak;\n-\tcase AESNI_MB_OP_AEAD_HASH_CIPHER:\n+\tcase IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:\n \t\tsess->chain_order = HASH_CIPHER;\n \t\tsess->aead.aad_len = xform->aead.aad_length;\n-\t\taead_xform = xform;\n \t\tbreak;\n-\tcase AESNI_MB_OP_NOT_SUPPORTED:\n+\tcase IPSEC_MB_OP_NOT_SUPPORTED:\n \tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported operation chain order parameter\");\n+\t\tIPSEC_MB_LOG(ERR,\n+\t\t\t\"Unsupported operation chain order parameter\");\n \t\treturn -ENOTSUP;\n \t}\n \n@@ -829,14 +1695,15 @@ aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,\n \n \tret = aesni_mb_set_session_auth_parameters(mb_mgr, sess, auth_xform);\n \tif (ret != 0) {\n-\t\tAESNI_MB_LOG(ERR, \"Invalid/unsupported authentication parameters\");\n+\t\tIPSEC_MB_LOG(ERR,\n+\t\t\t\"Invalid/unsupported authentication parameters\");\n \t\treturn ret;\n \t}\n \n \tret = aesni_mb_set_session_cipher_parameters(mb_mgr, sess,\n \t\t\tcipher_xform);\n \tif (ret != 0) {\n-\t\tAESNI_MB_LOG(ERR, \"Invalid/unsupported cipher parameters\");\n+\t\tIPSEC_MB_LOG(ERR, \"Invalid/unsupported cipher parameters\");\n \t\treturn ret;\n \t}\n \n@@ -844,7 +1711,8 @@ aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,\n \t\tret = aesni_mb_set_session_aead_parameters(mb_mgr, sess,\n \t\t\t\taead_xform);\n \t\tif (ret != 0) {\n-\t\t\tAESNI_MB_LOG(ERR, \"Invalid/unsupported aead parameters\");\n+\t\t\tIPSEC_MB_LOG(ERR,\n+\t\t\t\t\"Invalid/unsupported aead parameters\");\n \t\t\treturn ret;\n \t\t}\n \t}\n@@ -899,7 +1767,7 @@ aesni_mb_set_docsis_sec_session_auth_parameters(struct aesni_mb_session *sess,\n \t\tstruct rte_security_docsis_xform *xform)\n {\n \tif (xform == NULL) {\n-\t\tAESNI_MB_LOG(ERR, \"Invalid DOCSIS xform\");\n+\t\tIPSEC_MB_LOG(ERR, \"Invalid DOCSIS xform\");\n \t\treturn -EINVAL;\n \t}\n \n@@ -911,7 +1779,7 @@ aesni_mb_set_docsis_sec_session_auth_parameters(struct aesni_mb_session *sess,\n \t\tsess->auth.algo = IMB_AUTH_DOCSIS_CRC32;\n \t\tsess->auth.operation = RTE_CRYPTO_AUTH_OP_GENERATE;\n \t} else {\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported DOCSIS direction\");\n+\t\tIPSEC_MB_LOG(ERR, \"Unsupported DOCSIS direction\");\n \t\treturn -ENOTSUP;\n \t}\n \n@@ -925,135 +1793,67 @@ aesni_mb_set_docsis_sec_session_auth_parameters(struct aesni_mb_session *sess,\n * Parse DOCSIS security session configuration and set private session\n * parameters\n */\n-int\n+static int\n aesni_mb_set_docsis_sec_session_parameters(\n \t\t__rte_unused struct rte_cryptodev *dev,\n \t\tstruct rte_security_session_conf *conf,\n \t\tvoid *sess)\n {\n+\tMB_MGR *mb_mgr = alloc_init_mb_mgr();\n \tstruct rte_security_docsis_xform *docsis_xform;\n \tstruct rte_crypto_sym_xform *cipher_xform;\n-\tstruct aesni_mb_session *aesni_sess = sess;\n-\tstruct aesni_mb_private *internals = dev->data->dev_private;\n-\tint ret;\n+\tstruct aesni_mb_session *ipsec_sess = sess;\n+\tint ret = 0;\n+\n+\tif (!mb_mgr)\n+\t\treturn -ENOMEM;\n \n \tret = check_docsis_sec_session(conf);\n \tif (ret) {\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported DOCSIS security configuration\");\n-\t\treturn ret;\n+\t\tIPSEC_MB_LOG(ERR, \"Unsupported DOCSIS security configuration\");\n+\t\tgoto error_exit;\n \t}\n \n \tswitch (conf->docsis.direction) {\n \tcase RTE_SECURITY_DOCSIS_UPLINK:\n-\t\taesni_sess->chain_order = IMB_ORDER_CIPHER_HASH;\n+\t\tipsec_sess->chain_order = IMB_ORDER_CIPHER_HASH;\n \t\tdocsis_xform = &conf->docsis;\n \t\tcipher_xform = conf->crypto_xform;\n \t\tbreak;\n \tcase RTE_SECURITY_DOCSIS_DOWNLINK:\n-\t\taesni_sess->chain_order = IMB_ORDER_HASH_CIPHER;\n+\t\tipsec_sess->chain_order = IMB_ORDER_HASH_CIPHER;\n \t\tcipher_xform = conf->crypto_xform;\n \t\tdocsis_xform = &conf->docsis;\n \t\tbreak;\n \tdefault:\n-\t\treturn -EINVAL;\n+\t\tIPSEC_MB_LOG(ERR, \"Unsupported DOCSIS security configuration\");\n+\t\tret = -EINVAL;\n+\t\tgoto error_exit;\n \t}\n \n \t/* Default IV length = 0 */\n-\taesni_sess->iv.length = 0;\n+\tipsec_sess->iv.length = 0;\n \n-\tret = aesni_mb_set_docsis_sec_session_auth_parameters(aesni_sess,\n+\tret = aesni_mb_set_docsis_sec_session_auth_parameters(ipsec_sess,\n \t\t\tdocsis_xform);\n \tif (ret != 0) {\n-\t\tAESNI_MB_LOG(ERR, \"Invalid/unsupported DOCSIS parameters\");\n-\t\treturn -EINVAL;\n+\t\tIPSEC_MB_LOG(ERR, \"Invalid/unsupported DOCSIS parameters\");\n+\t\tgoto error_exit;\n \t}\n \n-\tret = aesni_mb_set_session_cipher_parameters(internals->mb_mgr,\n-\t\t\taesni_sess, cipher_xform);\n+\tret = aesni_mb_set_session_cipher_parameters(mb_mgr,\n+\t\t\tipsec_sess, cipher_xform);\n \n \tif (ret != 0) {\n-\t\tAESNI_MB_LOG(ERR, \"Invalid/unsupported cipher parameters\");\n-\t\treturn -EINVAL;\n+\t\tIPSEC_MB_LOG(ERR, \"Invalid/unsupported cipher parameters\");\n+\t\tgoto error_exit;\n \t}\n \n-\treturn 0;\n-}\n-#endif\n-\n-/**\n- * burst enqueue, place crypto operations on ingress queue for processing.\n- *\n- * @param __qp Queue Pair to process\n- * @param ops Crypto operations for processing\n- * @param nb_ops Number of crypto operations for processing\n- *\n- * @return\n- * - Number of crypto operations enqueued\n- */\n-static uint16_t\n-aesni_mb_pmd_enqueue_burst(void *__qp, struct rte_crypto_op **ops,\n-\t\tuint16_t nb_ops)\n-{\n-\tstruct aesni_mb_qp *qp = __qp;\n-\n-\tunsigned int nb_enqueued;\n-\n-\tnb_enqueued = rte_ring_enqueue_burst(qp->ingress_queue,\n-\t\t\t(void **)ops, nb_ops, NULL);\n-\n-\tqp->stats.enqueued_count += nb_enqueued;\n-\n-\treturn nb_enqueued;\n+error_exit:\n+\tfree_mb_mgr(mb_mgr);\n+\treturn ret;\n }\n-\n-/** Get multi buffer session */\n-static inline struct aesni_mb_session *\n-get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op)\n-{\n-\tstruct aesni_mb_session *sess = NULL;\n-\n-\tif (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {\n-\t\tif (likely(op->sym->session != NULL))\n-\t\t\tsess = (struct aesni_mb_session *)\n-\t\t\t\t\tget_sym_session_private_data(\n-\t\t\t\t\top->sym->session,\n-\t\t\t\t\tcryptodev_driver_id);\n-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n-\t} else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n-\t\tif (likely(op->sym->sec_session != NULL))\n-\t\t\tsess = (struct aesni_mb_session *)\n-\t\t\t\t\tget_sec_session_private_data(\n-\t\t\t\t\t\top->sym->sec_session);\n #endif\n-\t} else {\n-\t\tvoid *_sess = rte_cryptodev_sym_session_create(qp->sess_mp);\n-\t\tvoid *_sess_private_data = NULL;\n-\n-\t\tif (_sess == NULL)\n-\t\t\treturn NULL;\n-\n-\t\tif (rte_mempool_get(qp->sess_mp_priv,\n-\t\t\t\t(void **)&_sess_private_data))\n-\t\t\treturn NULL;\n-\n-\t\tsess = (struct aesni_mb_session *)_sess_private_data;\n-\n-\t\tif (unlikely(aesni_mb_set_session_parameters(qp->mb_mgr,\n-\t\t\t\tsess, op->sym->xform) != 0)) {\n-\t\t\trte_mempool_put(qp->sess_mp, _sess);\n-\t\t\trte_mempool_put(qp->sess_mp_priv, _sess_private_data);\n-\t\t\tsess = NULL;\n-\t\t}\n-\t\top->sym->session = (struct rte_cryptodev_sym_session *)_sess;\n-\t\tset_sym_session_private_data(op->sym->session,\n-\t\t\t\tcryptodev_driver_id, _sess_private_data);\n-\t}\n-\n-\tif (unlikely(sess == NULL))\n-\t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n-\n-\treturn sess;\n-}\n \n static inline uint64_t\n auth_start_offset(struct rte_crypto_op *op, struct aesni_mb_session *session,\n@@ -1173,9 +1973,12 @@ set_cpu_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_session *session,\n #if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM\n \tcase IMB_AUTH_CHACHA20_POLY1305:\n \t\tjob->u.CHACHA20_POLY1305.aad = aad->va;\n-\t\tjob->u.CHACHA20_POLY1305.aad_len_in_bytes = session->aead.aad_len;\n-\t\tjob->aes_enc_key_expanded = session->cipher.expanded_aes_keys.encode;\n-\t\tjob->aes_dec_key_expanded = session->cipher.expanded_aes_keys.encode;\n+\t\tjob->u.CHACHA20_POLY1305.aad_len_in_bytes =\n+\t\t\tsession->aead.aad_len;\n+\t\tjob->aes_enc_key_expanded =\n+\t\t\tsession->cipher.expanded_aes_keys.encode;\n+\t\tjob->aes_dec_key_expanded =\n+\t\t\tsession->cipher.expanded_aes_keys.encode;\n \t\tbreak;\n #endif\n \tdefault:\n@@ -1240,14 +2043,15 @@ set_cpu_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_session *session,\n * - NULL pointer if completion of JOB_AES_HMAC structure isn't possible\n */\n static inline int\n-set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n+set_mb_job_params(JOB_AES_HMAC *job, struct ipsec_mb_qp *qp,\n \t\tstruct rte_crypto_op *op, uint8_t *digest_idx)\n {\n \tstruct rte_mbuf *m_src = op->sym->m_src, *m_dst;\n+\tstruct aesni_mb_qp_data *qp_data = ipsec_mb_get_qp_private_data(qp);\n \tstruct aesni_mb_session *session;\n \tuint32_t m_offset, oop;\n \n-\tsession = get_session(qp, op);\n+\tsession = ipsec_mb_get_session_private(qp, op);\n \tif (session == NULL) {\n \t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n \t\treturn -1;\n@@ -1319,25 +2123,33 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \t\t\t\t\t\tsession->auth_iv.offset);\n \t\tbreak;\n \tcase IMB_AUTH_SNOW3G_UIA2_BITLEN:\n-\t\tjob->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth;\n-\t\tjob->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,\n+\t\tjob->u.SNOW3G_UIA2._key = (void *)\n+\t\t\t&session->auth.pKeySched_snow3g_auth;\n+\t\tjob->u.SNOW3G_UIA2._iv =\n+\t\t\trte_crypto_op_ctod_offset(op, uint8_t *,\n \t\t\t\t\t\tsession->auth_iv.offset);\n \t\tbreak;\n \tcase IMB_AUTH_KASUMI_UIA1:\n-\t\tjob->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth;\n+\t\tjob->u.KASUMI_UIA1._key = (void *)\n+\t\t\t&session->auth.pKeySched_kasumi_auth;\n \t\tbreak;\n #endif\n #if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM\n \tcase IMB_AUTH_CHACHA20_POLY1305:\n \t\tjob->u.CHACHA20_POLY1305.aad = op->sym->aead.aad.data;\n-\t\tjob->u.CHACHA20_POLY1305.aad_len_in_bytes = session->aead.aad_len;\n-\t\tjob->aes_enc_key_expanded = session->cipher.expanded_aes_keys.encode;\n-\t\tjob->aes_dec_key_expanded = session->cipher.expanded_aes_keys.encode;\n+\t\tjob->u.CHACHA20_POLY1305.aad_len_in_bytes =\n+\t\t\tsession->aead.aad_len;\n+\t\tjob->aes_enc_key_expanded =\n+\t\t\tsession->cipher.expanded_aes_keys.encode;\n+\t\tjob->aes_dec_key_expanded =\n+\t\t\tsession->cipher.expanded_aes_keys.encode;\n \t\tbreak;\n #endif\n \tdefault:\n-\t\tjob->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;\n-\t\tjob->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;\n+\t\tjob->u.HMAC._hashed_auth_key_xor_ipad =\n+\t\t\tsession->auth.pads.inner;\n+\t\tjob->u.HMAC._hashed_auth_key_xor_opad =\n+\t\t\tsession->auth.pads.outer;\n \n \t\tif (job->cipher_mode == DES3) {\n \t\t\tjob->aes_enc_key_expanded =\n@@ -1387,7 +2199,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \t/* Set digest output location */\n \tif (job->hash_alg != NULL_HASH &&\n \t\t\tsession->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {\n-\t\tjob->auth_tag_output = qp->temp_digests[*digest_idx];\n+\t\tjob->auth_tag_output = qp_data->temp_digests[*digest_idx];\n \t\t*digest_idx = (*digest_idx + 1) % MAX_JOBS;\n \t} else {\n \t\tif (aead)\n@@ -1395,8 +2207,10 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \t\telse\n \t\t\tjob->auth_tag_output = op->sym->auth.digest.data;\n \n-\t\tif (session->auth.req_digest_len != session->auth.gen_digest_len) {\n-\t\t\tjob->auth_tag_output = qp->temp_digests[*digest_idx];\n+\t\tif (session->auth.req_digest_len !=\n+\t\t\t\tsession->auth.gen_digest_len) {\n+\t\t\tjob->auth_tag_output =\n+\t\t\t\tqp_data->temp_digests[*digest_idx];\n \t\t\t*digest_idx = (*digest_idx + 1) % MAX_JOBS;\n \t\t}\n \t}\n@@ -1452,8 +2266,10 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \n #if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM\n \tcase IMB_AUTH_CHACHA20_POLY1305:\n-\t\tjob->cipher_start_src_offset_in_bytes = op->sym->aead.data.offset;\n-\t\tjob->hash_start_src_offset_in_bytes = op->sym->aead.data.offset;\n+\t\tjob->cipher_start_src_offset_in_bytes =\n+\t\t\top->sym->aead.data.offset;\n+\t\tjob->hash_start_src_offset_in_bytes =\n+\t\t\top->sym->aead.data.offset;\n \t\tjob->msg_len_to_cipher_in_bytes =\n \t\t\t\top->sym->aead.data.length;\n \t\tjob->msg_len_to_hash_in_bytes =\n@@ -1497,19 +2313,25 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n * processing.\n */\n static inline int\n-set_sec_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n-\t\tstruct rte_crypto_op *op, uint8_t *digest_idx)\n+set_sec_mb_job_params(JOB_AES_HMAC *job, struct ipsec_mb_qp *qp,\n+\t\t\tstruct rte_crypto_op *op, uint8_t *digest_idx)\n {\n+\tstruct aesni_mb_qp_data *qp_data = ipsec_mb_get_qp_private_data(qp);\n \tstruct rte_mbuf *m_src, *m_dst;\n \tstruct rte_crypto_sym_op *sym;\n-\tstruct aesni_mb_session *session;\n+\tstruct aesni_mb_session *session = NULL;\n \n-\tsession = get_session(qp, op);\n-\tif (unlikely(session == NULL)) {\n+\tif (unlikely(op->sess_type != RTE_CRYPTO_OP_SECURITY_SESSION)) {\n \t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n \t\treturn -1;\n \t}\n+\tsession = (struct aesni_mb_session *)\n+\t\tget_sec_session_private_data(op->sym->sec_session);\n \n+\tif (unlikely(session == NULL)) {\n+\t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n+\t\treturn -1;\n+\t}\n \t/* Only DOCSIS protocol operations supported now */\n \tif (session->cipher.mode != IMB_CIPHER_DOCSIS_SEC_BPI ||\n \t\t\tsession->auth.algo != IMB_AUTH_DOCSIS_CRC32) {\n@@ -1548,7 +2370,7 @@ set_sec_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \tjob->hash_alg = session->auth.algo;\n \n \t/* Set digest output location */\n-\tjob->auth_tag_output = qp->temp_digests[*digest_idx];\n+\tjob->auth_tag_output = qp_data->temp_digests[*digest_idx];\n \t*digest_idx = (*digest_idx + 1) % MAX_JOBS;\n \n \t/* Set digest length */\n@@ -1625,10 +2447,12 @@ generate_digest(JOB_AES_HMAC *job, struct rte_crypto_op *op,\n * - Returns NULL on invalid job\n */\n static inline struct rte_crypto_op *\n-post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)\n+post_process_mb_job(struct ipsec_mb_qp *qp, JOB_AES_HMAC *job)\n {\n \tstruct rte_crypto_op *op = (struct rte_crypto_op *)job->user_data;\n \tstruct aesni_mb_session *sess = NULL;\n+\tuint32_t driver_id = ipsec_mb_get_driver_id(\n+\t\t\t\t\t\tIPSEC_MB_PMD_TYPE_AESNI_MB);\n \n #ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n \tuint8_t is_docsis_sec = 0;\n@@ -1644,7 +2468,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)\n #endif\n \t{\n \t\tsess = get_sym_session_private_data(op->sym->session,\n-\t\t\t\t\t\tcryptodev_driver_id);\n+\t\t\t\t\t\tdriver_id);\n \t}\n \n \tif (unlikely(sess == NULL)) {\n@@ -1661,7 +2485,8 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)\n \t\t\t\tbreak;\n \n \t\t\tif (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {\n-\t\t\t\tif (is_aead_algo(job->hash_alg, sess->cipher.mode))\n+\t\t\t\tif (is_aead_algo(job->hash_alg,\n+\t\t\t\t\t\tsess->cipher.mode))\n \t\t\t\t\tverify_digest(job,\n \t\t\t\t\t\top->sym->aead.digest.data,\n \t\t\t\t\t\tsess->auth.req_digest_len,\n@@ -1718,11 +2543,12 @@ post_process_mb_sync_job(JOB_AES_HMAC *job)\n * - Number of processed jobs\n */\n static unsigned\n-handle_completed_jobs(struct aesni_mb_qp *qp, JOB_AES_HMAC *job,\n-\t\tstruct rte_crypto_op **ops, uint16_t nb_ops)\n+handle_completed_jobs(struct ipsec_mb_qp *qp, MB_MGR *mb_mgr,\n+\t\tJOB_AES_HMAC *job, struct rte_crypto_op **ops,\n+\t\tuint16_t nb_ops)\n {\n \tstruct rte_crypto_op *op = NULL;\n-\tunsigned processed_jobs = 0;\n+\tuint16_t processed_jobs = 0;\n \n \twhile (job != NULL) {\n \t\top = post_process_mb_job(qp, job);\n@@ -1737,7 +2563,7 @@ handle_completed_jobs(struct aesni_mb_qp *qp, JOB_AES_HMAC *job,\n \t\tif (processed_jobs == nb_ops)\n \t\t\tbreak;\n \n-\t\tjob = IMB_GET_COMPLETED_JOB(qp->mb_mgr);\n+\t\tjob = IMB_GET_COMPLETED_JOB(mb_mgr);\n \t}\n \n \treturn processed_jobs;\n@@ -1764,16 +2590,16 @@ flush_mb_sync_mgr(MB_MGR *mb_mgr)\n }\n \n static inline uint16_t\n-flush_mb_mgr(struct aesni_mb_qp *qp, struct rte_crypto_op **ops,\n-\t\tuint16_t nb_ops)\n+flush_mb_mgr(struct ipsec_mb_qp *qp, MB_MGR *mb_mgr,\n+\t\tstruct rte_crypto_op **ops, uint16_t nb_ops)\n {\n \tint processed_ops = 0;\n \n \t/* Flush the remaining jobs */\n-\tJOB_AES_HMAC *job = IMB_FLUSH_JOB(qp->mb_mgr);\n+\tJOB_AES_HMAC *job = IMB_FLUSH_JOB(mb_mgr);\n \n \tif (job)\n-\t\tprocessed_ops += handle_completed_jobs(qp, job,\n+\t\tprocessed_ops += handle_completed_jobs(qp, mb_mgr, job,\n \t\t\t\t&ops[processed_ops], nb_ops - processed_ops);\n \n \treturn processed_ops;\n@@ -1794,33 +2620,33 @@ set_job_null_op(JOB_AES_HMAC *job, struct rte_crypto_op *op)\n }\n \n static uint16_t\n-aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,\n+aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,\n \t\tuint16_t nb_ops)\n {\n-\tstruct aesni_mb_qp *qp = queue_pair;\n-\n+\tstruct ipsec_mb_qp *qp = queue_pair;\n+\tMB_MGR *mb_mgr = qp->mb_mgr;\n \tstruct rte_crypto_op *op;\n \tJOB_AES_HMAC *job;\n-\n \tint retval, processed_jobs = 0;\n \n-\tif (unlikely(nb_ops == 0))\n+\tif (unlikely(nb_ops == 0 || mb_mgr == NULL))\n \t\treturn 0;\n \n \tuint8_t digest_idx = qp->digest_idx;\n+\n \tdo {\n \t\t/* Get next free mb job struct from mb manager */\n-\t\tjob = IMB_GET_NEXT_JOB(qp->mb_mgr);\n+\t\tjob = IMB_GET_NEXT_JOB(mb_mgr);\n \t\tif (unlikely(job == NULL)) {\n \t\t\t/* if no free mb job structs we need to flush mb_mgr */\n-\t\t\tprocessed_jobs += flush_mb_mgr(qp,\n+\t\t\tprocessed_jobs += flush_mb_mgr(qp, mb_mgr,\n \t\t\t\t\t&ops[processed_jobs],\n \t\t\t\t\tnb_ops - processed_jobs);\n \n \t\t\tif (nb_ops == processed_jobs)\n \t\t\t\tbreak;\n \n-\t\t\tjob = IMB_GET_NEXT_JOB(qp->mb_mgr);\n+\t\t\tjob = IMB_GET_NEXT_JOB(mb_mgr);\n \t\t}\n \n \t\t/*\n@@ -1839,7 +2665,8 @@ aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,\n \t\t\t\t\t\t&digest_idx);\n \t\telse\n #endif\n-\t\t\tretval = set_mb_job_params(job, qp, op, &digest_idx);\n+\t\t\tretval = set_mb_job_params(job, qp, op,\n+\t\t\t\t&digest_idx);\n \n \t\tif (unlikely(retval != 0)) {\n \t\t\tqp->stats.dequeue_err_count++;\n@@ -1848,17 +2675,17 @@ aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,\n \n \t\t/* Submit job to multi-buffer for processing */\n #ifdef RTE_LIBRTE_PMD_AESNI_MB_DEBUG\n-\t\tjob = IMB_SUBMIT_JOB(qp->mb_mgr);\n+\t\tjob = IMB_SUBMIT_JOB(mb_mgr);\n #else\n-\t\tjob = IMB_SUBMIT_JOB_NOCHECK(qp->mb_mgr);\n+\t\tjob = IMB_SUBMIT_JOB_NOCHECK(mb_mgr);\n #endif\n \t\t/*\n \t\t * If submit returns a processed job then handle it,\n \t\t * before submitting subsequent jobs\n \t\t */\n \t\tif (job)\n-\t\t\tprocessed_jobs += handle_completed_jobs(qp, job,\n-\t\t\t\t\t&ops[processed_jobs],\n+\t\t\tprocessed_jobs += handle_completed_jobs(qp, mb_mgr,\n+\t\t\t\t\tjob, &ops[processed_jobs],\n \t\t\t\t\tnb_ops - processed_jobs);\n \n \t} while (processed_jobs < nb_ops);\n@@ -1866,44 +2693,16 @@ aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,\n \tqp->digest_idx = digest_idx;\n \n \tif (processed_jobs < 1)\n-\t\tprocessed_jobs += flush_mb_mgr(qp,\n+\t\tprocessed_jobs += flush_mb_mgr(qp, mb_mgr,\n \t\t\t\t&ops[processed_jobs],\n \t\t\t\tnb_ops - processed_jobs);\n \n \treturn processed_jobs;\n }\n \n-static MB_MGR *\n-alloc_init_mb_mgr(enum aesni_mb_vector_mode vector_mode)\n-{\n-\tMB_MGR *mb_mgr = alloc_mb_mgr(0);\n-\tif (mb_mgr == NULL)\n-\t\treturn NULL;\n-\n-\tswitch (vector_mode) {\n-\tcase RTE_AESNI_MB_SSE:\n-\t\tinit_mb_mgr_sse(mb_mgr);\n-\t\tbreak;\n-\tcase RTE_AESNI_MB_AVX:\n-\t\tinit_mb_mgr_avx(mb_mgr);\n-\t\tbreak;\n-\tcase RTE_AESNI_MB_AVX2:\n-\t\tinit_mb_mgr_avx2(mb_mgr);\n-\t\tbreak;\n-\tcase RTE_AESNI_MB_AVX512:\n-\t\tinit_mb_mgr_avx512(mb_mgr);\n-\t\tbreak;\n-\tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported vector mode %u\\n\", vector_mode);\n-\t\tfree_mb_mgr(mb_mgr);\n-\t\treturn NULL;\n-\t}\n-\n-\treturn mb_mgr;\n-}\n \n static inline void\n-aesni_mb_fill_error_code(struct rte_crypto_sym_vec *vec, int32_t err)\n+ipsec_mb_fill_error_code(struct rte_crypto_sym_vec *vec, int32_t err)\n {\n \tuint32_t i;\n \n@@ -1916,9 +2715,9 @@ check_crypto_sgl(union rte_crypto_sym_ofs so, const struct rte_crypto_sgl *sgl)\n {\n \t/* no multi-seg support with current AESNI-MB PMD */\n \tif (sgl->num != 1)\n-\t\treturn ENOTSUP;\n+\t\treturn -ENOTSUP;\n \telse if (so.ofs.cipher.head + so.ofs.cipher.tail > sgl->vec[0].len)\n-\t\treturn EINVAL;\n+\t\treturn -EINVAL;\n \treturn 0;\n }\n \n@@ -1966,8 +2765,8 @@ verify_sync_dgst(struct rte_crypto_sym_vec *vec,\n \treturn k;\n }\n \n-uint32_t\n-aesni_mb_cpu_crypto_process_bulk(struct rte_cryptodev *dev,\n+static uint32_t\n+aesni_mb_process_bulk(struct rte_cryptodev *dev,\n \tstruct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs sofs,\n \tstruct rte_crypto_sym_vec *vec)\n {\n@@ -1976,32 +2775,21 @@ aesni_mb_cpu_crypto_process_bulk(struct rte_cryptodev *dev,\n \tvoid *buf;\n \tJOB_AES_HMAC *job;\n \tMB_MGR *mb_mgr;\n-\tstruct aesni_mb_private *priv;\n \tstruct aesni_mb_session *s;\n \tuint8_t tmp_dgst[vec->num][DIGEST_LENGTH_MAX];\n \n \ts = get_sym_session_private_data(sess, dev->driver_id);\n \tif (s == NULL) {\n-\t\taesni_mb_fill_error_code(vec, EINVAL);\n+\t\tipsec_mb_fill_error_code(vec, EINVAL);\n \t\treturn 0;\n \t}\n \n \t/* get per-thread MB MGR, create one if needed */\n-\tmb_mgr = RTE_PER_LCORE(sync_mb_mgr);\n-\tif (mb_mgr == NULL) {\n-\n-\t\tpriv = dev->data->dev_private;\n-\t\tmb_mgr = alloc_init_mb_mgr(priv->vector_mode);\n-\t\tif (mb_mgr == NULL) {\n-\t\t\taesni_mb_fill_error_code(vec, ENOMEM);\n-\t\t\treturn 0;\n-\t\t}\n-\t\tRTE_PER_LCORE(sync_mb_mgr) = mb_mgr;\n-\t}\n+\tmb_mgr = get_per_thread_mb_mgr();\n+\tif (unlikely(mb_mgr == NULL))\n+\t\treturn 0;\n \n \tfor (i = 0, j = 0, k = 0; i != vec->num; i++) {\n-\n-\n \t\tret = check_crypto_sgl(sofs, vec->sgl + i);\n \t\tif (ret != 0) {\n \t\t\tvec->status[i] = ret;\n@@ -2047,186 +2835,220 @@ aesni_mb_cpu_crypto_process_bulk(struct rte_cryptodev *dev,\n \treturn k;\n }\n \n-static int cryptodev_aesni_mb_remove(struct rte_vdev_device *vdev);\n+struct rte_cryptodev_ops aes_mb_pmd_ops = {\n+\t.dev_configure = ipsec_mb_pmd_config,\n+\t.dev_start = ipsec_mb_pmd_start,\n+\t.dev_stop = ipsec_mb_pmd_stop,\n+\t.dev_close = ipsec_mb_pmd_close,\n \n-static uint64_t\n-vec_mode_to_flags(enum aesni_mb_vector_mode mode)\n-{\n-\tswitch (mode) {\n-\tcase RTE_AESNI_MB_SSE:\n-\t\treturn RTE_CRYPTODEV_FF_CPU_SSE;\n-\tcase RTE_AESNI_MB_AVX:\n-\t\treturn RTE_CRYPTODEV_FF_CPU_AVX;\n-\tcase RTE_AESNI_MB_AVX2:\n-\t\treturn RTE_CRYPTODEV_FF_CPU_AVX2;\n-\tcase RTE_AESNI_MB_AVX512:\n-\t\treturn RTE_CRYPTODEV_FF_CPU_AVX512;\n-\tdefault:\n-\t\tAESNI_MB_LOG(ERR, \"Unsupported vector mode %u\\n\", mode);\n-\t\treturn 0;\n-\t}\n-}\n+\t.stats_get = ipsec_mb_pmd_stats_get,\n+\t.stats_reset = ipsec_mb_pmd_stats_reset,\n \n-static int\n-cryptodev_aesni_mb_create(const char *name,\n-\t\t\tstruct rte_vdev_device *vdev,\n-\t\t\tstruct rte_cryptodev_pmd_init_params *init_params)\n-{\n-\tstruct rte_cryptodev *dev;\n-\tstruct aesni_mb_private *internals;\n-\tenum aesni_mb_vector_mode vector_mode;\n-\tMB_MGR *mb_mgr;\n+\t.dev_infos_get = ipsec_mb_pmd_info_get,\n \n-\tdev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);\n-\tif (dev == NULL) {\n-\t\tAESNI_MB_LOG(ERR, \"failed to create cryptodev vdev\");\n-\t\treturn -ENODEV;\n-\t}\n+\t.queue_pair_setup = ipsec_mb_pmd_qp_setup,\n+\t.queue_pair_release = ipsec_mb_pmd_qp_release,\n \n-\t/* Check CPU for supported vector instruction set */\n-\tif (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX512F))\n-\t\tvector_mode = RTE_AESNI_MB_AVX512;\n-\telse if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX2))\n-\t\tvector_mode = RTE_AESNI_MB_AVX2;\n-\telse if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX))\n-\t\tvector_mode = RTE_AESNI_MB_AVX;\n-\telse\n-\t\tvector_mode = RTE_AESNI_MB_SSE;\n+\t.sym_cpu_process = aesni_mb_process_bulk,\n \n-\tdev->driver_id = cryptodev_driver_id;\n-\tdev->dev_ops = rte_aesni_mb_pmd_ops;\n+\t.sym_session_get_size = ipsec_mb_pmd_sym_session_get_size,\n+\t.sym_session_configure = ipsec_mb_pmd_sym_session_configure,\n+\t.sym_session_clear = ipsec_mb_pmd_sym_session_clear\n+};\n \n-\t/* register rx/tx burst functions for data path */\n-\tdev->dequeue_burst = aesni_mb_pmd_dequeue_burst;\n-\tdev->enqueue_burst = aesni_mb_pmd_enqueue_burst;\n+#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n+/**\n+ * Configure a aesni multi-buffer session from a security session\n+ * configuration\n+ */\n+static int\n+aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,\n+\t\tstruct rte_security_session *sess,\n+\t\tstruct rte_mempool *mempool)\n+{\n+\tvoid *sess_private_data;\n+\tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n+\tint ret;\n \n-\tdev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |\n-\t\t\tRTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |\n-\t\t\tRTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |\n-\t\t\tRTE_CRYPTODEV_FF_SYM_CPU_CRYPTO |\n-\t\t\tRTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA |\n-\t\t\tRTE_CRYPTODEV_FF_SYM_SESSIONLESS;\n+\tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL ||\n+\t\t\tconf->protocol != RTE_SECURITY_PROTOCOL_DOCSIS) {\n+\t\tIPSEC_MB_LOG(ERR, \"Invalid security protocol\");\n+\t\treturn -EINVAL;\n+\t}\n \n-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n-\tstruct rte_security_ctx *security_instance;\n-\tsecurity_instance = rte_malloc(\"aesni_mb_sec\",\n-\t\t\t\tsizeof(struct rte_security_ctx),\n-\t\t\t\tRTE_CACHE_LINE_SIZE);\n-\tif (security_instance == NULL) {\n-\t\tAESNI_MB_LOG(ERR, \"rte_security_ctx memory alloc failed\");\n-\t\trte_cryptodev_pmd_destroy(dev);\n+\tif (rte_mempool_get(mempool, &sess_private_data)) {\n+\t\tIPSEC_MB_LOG(ERR, \"Couldn't get object from session mempool\");\n \t\treturn -ENOMEM;\n \t}\n \n-\tsecurity_instance->device = (void *)dev;\n-\tsecurity_instance->ops = rte_aesni_mb_pmd_sec_ops;\n-\tsecurity_instance->sess_cnt = 0;\n-\tdev->security_ctx = security_instance;\n-\tdev->feature_flags |= RTE_CRYPTODEV_FF_SECURITY;\n-#endif\n-\n-\t/* Check CPU for support for AES instruction set */\n-\tif (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AES))\n-\t\tdev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AESNI;\n-\telse\n-\t\tAESNI_MB_LOG(WARNING, \"AES instructions not supported by CPU\");\n+\tret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,\n+\t\t\tsess_private_data);\n \n-\tdev->feature_flags |= vec_mode_to_flags(vector_mode);\n+\tif (ret != 0) {\n+\t\tIPSEC_MB_LOG(ERR, \"Failed to configure session parameters\");\n \n-\tmb_mgr = alloc_init_mb_mgr(vector_mode);\n-\tif (mb_mgr == NULL) {\n-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n-\t\trte_free(dev->security_ctx);\n-\t\tdev->security_ctx = NULL;\n-#endif\n-\t\trte_cryptodev_pmd_destroy(dev);\n-\t\treturn -ENOMEM;\n+\t\t/* Return session to mempool */\n+\t\trte_mempool_put(mempool, sess_private_data);\n+\t\treturn ret;\n \t}\n \n-\t/* Set vector instructions mode supported */\n-\tinternals = dev->data->dev_private;\n-\n-\tinternals->vector_mode = vector_mode;\n-\tinternals->max_nb_queue_pairs = init_params->max_nb_queue_pairs;\n-\tinternals->mb_mgr = mb_mgr;\n+\tset_sec_session_private_data(sess, sess_private_data);\n \n-\tAESNI_MB_LOG(INFO, \"IPSec Multi-buffer library version used: %s\\n\",\n-\t\t\timb_get_version_str());\n-\treturn 0;\n+\treturn ret;\n }\n \n+/** Clear the memory of session so it does not leave key material behind */\n static int\n-cryptodev_aesni_mb_probe(struct rte_vdev_device *vdev)\n+aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,\n+\t\tstruct rte_security_session *sess)\n {\n-\tstruct rte_cryptodev_pmd_init_params init_params = {\n-\t\t\"\",\n-\t\tsizeof(struct aesni_mb_private),\n-\t\trte_socket_id(),\n-\t\tRTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS\n-\t};\n-\tconst char *name, *args;\n-\tint retval;\n-\n-\tname = rte_vdev_device_name(vdev);\n-\tif (name == NULL)\n-\t\treturn -EINVAL;\n+\tvoid *sess_priv = get_sec_session_private_data(sess);\n \n-\targs = rte_vdev_device_args(vdev);\n+\tif (sess_priv) {\n+\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n \n-\tretval = rte_cryptodev_pmd_parse_input_args(&init_params, args);\n-\tif (retval) {\n-\t\tAESNI_MB_LOG(ERR, \"Failed to parse initialisation arguments[%s]\",\n-\t\t\t\targs);\n-\t\treturn -EINVAL;\n+\t\tmemset(sess_priv, 0, sizeof(struct aesni_mb_session));\n+\t\tset_sec_session_private_data(sess, NULL);\n+\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n-\n-\treturn cryptodev_aesni_mb_create(name, vdev, &init_params);\n+\treturn 0;\n }\n \n-static int\n-cryptodev_aesni_mb_remove(struct rte_vdev_device *vdev)\n+static const struct rte_cryptodev_capabilities\n+\t\t\t\t\taesni_mb_pmd_security_crypto_cap[] = {\n+\t{\t/* AES DOCSIS BPI */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 16\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\n+\tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n+};\n+\n+static const struct rte_security_capability aesni_mb_pmd_security_cap[] = {\n+\t{\t/* DOCSIS Uplink */\n+\t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n+\t\t.protocol = RTE_SECURITY_PROTOCOL_DOCSIS,\n+\t\t.docsis = {\n+\t\t\t.direction = RTE_SECURITY_DOCSIS_UPLINK\n+\t\t},\n+\t\t.crypto_capabilities = aesni_mb_pmd_security_crypto_cap\n+\t},\n+\t{\t/* DOCSIS Downlink */\n+\t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n+\t\t.protocol = RTE_SECURITY_PROTOCOL_DOCSIS,\n+\t\t.docsis = {\n+\t\t\t.direction = RTE_SECURITY_DOCSIS_DOWNLINK\n+\t\t},\n+\t\t.crypto_capabilities = aesni_mb_pmd_security_crypto_cap\n+\t},\n+\t{\n+\t\t.action = RTE_SECURITY_ACTION_TYPE_NONE\n+\t}\n+};\n+\n+/** Get security capabilities for aesni multi-buffer */\n+static const struct rte_security_capability *\n+aesni_mb_pmd_sec_capa_get(void *device __rte_unused)\n {\n-\tstruct rte_cryptodev *cryptodev;\n-\tstruct aesni_mb_private *internals;\n-\tconst char *name;\n+\treturn aesni_mb_pmd_security_cap;\n+}\n \n-\tname = rte_vdev_device_name(vdev);\n-\tif (name == NULL)\n-\t\treturn -EINVAL;\n+static struct rte_security_ops aesni_mb_pmd_sec_ops = {\n+\t\t.session_create = aesni_mb_pmd_sec_sess_create,\n+\t\t.session_update = NULL,\n+\t\t.session_stats_get = NULL,\n+\t\t.session_destroy = aesni_mb_pmd_sec_sess_destroy,\n+\t\t.set_pkt_metadata = NULL,\n+\t\t.capabilities_get = aesni_mb_pmd_sec_capa_get\n+};\n \n-\tcryptodev = rte_cryptodev_pmd_get_named_dev(name);\n-\tif (cryptodev == NULL)\n-\t\treturn -ENODEV;\n+struct rte_security_ops *rte_aesni_mb_pmd_sec_ops = &aesni_mb_pmd_sec_ops;\n+\n+static int\n+aesni_mb_configure_dev(struct rte_cryptodev *dev)\n+{\n+\tstruct rte_security_ctx *security_instance;\n \n-\tinternals = cryptodev->data->dev_private;\n+\tsecurity_instance = rte_malloc(\"aesni_mb_sec\",\n+\t\t\t\tsizeof(struct rte_security_ctx),\n+\t\t\t\tRTE_CACHE_LINE_SIZE);\n+\tif (security_instance != NULL) {\n+\t\tsecurity_instance->device = (void *)dev;\n+\t\tsecurity_instance->ops = rte_aesni_mb_pmd_sec_ops;\n+\t\tsecurity_instance->sess_cnt = 0;\n+\t\tdev->security_ctx = security_instance;\n \n-\tfree_mb_mgr(internals->mb_mgr);\n-\tif (RTE_PER_LCORE(sync_mb_mgr)) {\n-\t\tfree_mb_mgr(RTE_PER_LCORE(sync_mb_mgr));\n-\t\tRTE_PER_LCORE(sync_mb_mgr) = NULL;\n+\t\treturn 0;\n \t}\n \n-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n-\trte_free(cryptodev->security_ctx);\n-\tcryptodev->security_ctx = NULL;\n+\treturn -ENOMEM;\n+}\n+\n #endif\n \n-\treturn rte_cryptodev_pmd_destroy(cryptodev);\n+static int\n+cryptodev_aesni_mb_probe(struct rte_vdev_device *vdev)\n+{\n+\treturn cryptodev_ipsec_mb_create(vdev, IPSEC_MB_PMD_TYPE_AESNI_MB);\n }\n \n static struct rte_vdev_driver cryptodev_aesni_mb_pmd_drv = {\n \t.probe = cryptodev_aesni_mb_probe,\n-\t.remove = cryptodev_aesni_mb_remove\n+\t.remove = cryptodev_ipsec_mb_remove\n };\n \n static struct cryptodev_driver aesni_mb_crypto_drv;\n \n-RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_AESNI_MB_PMD, cryptodev_aesni_mb_pmd_drv);\n+RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_AESNI_MB_PMD,\n+\tcryptodev_aesni_mb_pmd_drv);\n RTE_PMD_REGISTER_ALIAS(CRYPTODEV_NAME_AESNI_MB_PMD, cryptodev_aesni_mb_pmd);\n RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_AESNI_MB_PMD,\n-\t\"max_nb_queue_pairs=<int> \"\n-\t\"socket_id=<int>\");\n-RTE_PMD_REGISTER_CRYPTO_DRIVER(aesni_mb_crypto_drv,\n-\t\tcryptodev_aesni_mb_pmd_drv.driver,\n-\t\tcryptodev_driver_id);\n-RTE_LOG_REGISTER_DEFAULT(aesni_mb_logtype_driver, NOTICE);\n+\t\t\t\"max_nb_queue_pairs=<int> socket_id=<int>\");\n+RTE_PMD_REGISTER_CRYPTO_DRIVER(\n+\taesni_mb_crypto_drv,\n+\tcryptodev_aesni_mb_pmd_drv.driver,\n+\tpmd_driver_id_aesni_mb);\n+\n+/* Constructor function to register aesni-mb PMD */\n+RTE_INIT(ipsec_mb_register_aesni_mb)\n+{\n+\tstruct ipsec_mb_pmd_data *aesni_mb_data =\n+\t\t&ipsec_mb_pmds[IPSEC_MB_PMD_TYPE_AESNI_MB];\n+\n+\taesni_mb_data->caps = aesni_mb_capabilities;\n+\taesni_mb_data->dequeue_burst = aesni_mb_dequeue_burst;\n+\taesni_mb_data->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |\n+\t\t\tRTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |\n+\t\t\tRTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |\n+\t\t\tRTE_CRYPTODEV_FF_SYM_CPU_CRYPTO |\n+\t\t\tRTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA |\n+\t\t\tRTE_CRYPTODEV_FF_SYM_SESSIONLESS;\n+\n+\taesni_mb_data->internals_priv_size = 0;\n+\taesni_mb_data->ops = &aes_mb_pmd_ops;\n+\taesni_mb_data->qp_priv_size = sizeof(struct aesni_mb_qp_data);\n+\taesni_mb_data->queue_pair_configure = NULL;\n+#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n+\taesni_mb_data->security_ops = &aesni_mb_pmd_sec_ops;\n+\taesni_mb_data->dev_config = aesni_mb_configure_dev;\n+\taesni_mb_data->feature_flags |= RTE_CRYPTODEV_FF_SECURITY;\n+#endif\n+\taesni_mb_data->session_configure = aesni_mb_session_configure;\n+\taesni_mb_data->session_priv_size = sizeof(struct aesni_mb_session);\n+}\ndiff --git a/drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd.c b/drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd.c\nindex 6ce1a9fe1d..18a66174ae 100644\n--- a/drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd.c\n+++ b/drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd.c\n@@ -106,6 +106,7 @@ cryptodev_ipsec_mb_create(struct rte_vdev_device *vdev,\n \tdev->dev_ops = ipsec_mb_pmds[pmd_type].ops;\n \tdev->enqueue_burst = ipsec_mb_pmd_enqueue_burst;\n \tdev->dequeue_burst = ipsec_mb_pmds[pmd_type].dequeue_burst;\n+\tdev->feature_flags = pmd_data->feature_flags;\n \n \tif (pmd_data->dev_config) {\n \t\tretval = (*pmd_data->dev_config)(dev);\n@@ -117,8 +118,6 @@ cryptodev_ipsec_mb_create(struct rte_vdev_device *vdev,\n \t\t}\n \t}\n \n-\tdev->feature_flags = pmd_data->feature_flags;\n-\n \tswitch (vector_mode) {\n \tcase IPSEC_MB_AVX512:\n \t\tdev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX512;\n@@ -170,6 +169,10 @@ cryptodev_ipsec_mb_remove(struct rte_vdev_device *vdev)\n \t\trte_free(cryptodev->security_ctx);\n \t\tcryptodev->security_ctx = NULL;\n \t}\n+#ifdef AESNI_MB_DOCSIS_SEC_ENABLED\n+\trte_free(cryptodev->security_ctx);\n+\tcryptodev->security_ctx = NULL;\n+#endif\n \n \treturn rte_cryptodev_pmd_destroy(cryptodev);\n }\ndiff --git a/drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd_private.h b/drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd_private.h\nindex 85733d328d..bcfe6c72ce 100644\n--- a/drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd_private.h\n+++ b/drivers/crypto/ipsec_mb/rte_ipsec_mb_pmd_private.h\n@@ -31,6 +31,9 @@ extern enum ipsec_mb_vector_mode vector_mode;\n /** MB_MGR instances, one per thread */\n extern RTE_DEFINE_PER_LCORE(MB_MGR *, mb_mgr);\n \n+#define CRYPTODEV_NAME_AESNI_MB_PMD crypto_aesni_mb\n+/**< IPSEC Multi buffer aesni_mb PMD device name */\n+\n /** PMD LOGTYPE DRIVER, common to all PMDs */\n extern int ipsec_mb_logtype_driver;\n #define IPSEC_MB_LOG(level, fmt, ...) \\\n@@ -39,6 +42,7 @@ extern int ipsec_mb_logtype_driver;\n \n /** All supported device types */\n enum ipsec_mb_pmd_types {\n+\tIPSEC_MB_PMD_TYPE_AESNI_MB = 0,\n \tIPSEC_MB_N_PMD_TYPES\n };\n \n@@ -57,10 +61,18 @@ enum ipsec_mb_operation {\n \tIPSEC_MB_OP_NOT_SUPPORTED\n };\n \n+extern uint8_t pmd_driver_id_aesni_mb;\n+\n /** Helper function. Gets driver ID based on PMD type */\n static __rte_always_inline uint8_t\n-ipsec_mb_get_driver_id(__rte_unused enum ipsec_mb_pmd_types pmd_type)\n+ipsec_mb_get_driver_id(enum ipsec_mb_pmd_types pmd_type)\n {\n+\tswitch (pmd_type) {\n+\tcase IPSEC_MB_PMD_TYPE_AESNI_MB:\n+\t\treturn pmd_driver_id_aesni_mb;\n+\tdefault:\n+\t\tbreak;\n+\t}\n \treturn UINT8_MAX;\n }\n \n@@ -148,6 +160,137 @@ get_per_thread_mb_mgr(void)\n \treturn RTE_PER_LCORE(mb_mgr);\n }\n \n+/** Helper function. Gets mode and chained xforms from the xform */\n+static __rte_always_inline int\n+ipsec_mb_parse_xform(const struct rte_crypto_sym_xform *xform,\n+\t\t\tenum ipsec_mb_operation *mode,\n+\t\t\tconst struct rte_crypto_sym_xform **auth_xform,\n+\t\t\tconst struct rte_crypto_sym_xform **cipher_xform,\n+\t\t\tconst struct rte_crypto_sym_xform **aead_xform)\n+{\n+\tconst struct rte_crypto_sym_xform *next = xform->next;\n+\n+\tif (xform == NULL) {\n+\t\t*mode = IPSEC_MB_OP_NOT_SUPPORTED;\n+\t\treturn -ENOTSUP;\n+\t}\n+\n+\tif (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {\n+\t\tif (next == NULL) {\n+\t\t\tif (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {\n+\t\t\t\t*mode = IPSEC_MB_OP_ENCRYPT_ONLY;\n+\t\t\t\t*cipher_xform = xform;\n+\t\t\t\t*auth_xform = NULL;\n+\t\t\t\treturn 0;\n+\t\t\t}\n+\t\t\t*mode = IPSEC_MB_OP_DECRYPT_ONLY;\n+\t\t\t*cipher_xform = xform;\n+\t\t\t*auth_xform = NULL;\n+\t\t\treturn 0;\n+\t\t}\n+\n+\t\tif (next->type != RTE_CRYPTO_SYM_XFORM_AUTH) {\n+\t\t\t*mode = IPSEC_MB_OP_NOT_SUPPORTED;\n+\t\t\treturn -ENOTSUP;\n+\t\t\t}\n+\n+\t\tif (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {\n+\t\t\tif (next->auth.op != RTE_CRYPTO_AUTH_OP_GENERATE) {\n+\t\t\t\t*mode = IPSEC_MB_OP_NOT_SUPPORTED;\n+\t\t\t\treturn -ENOTSUP;\n+\t\t\t}\n+\n+\t\t\t*mode = IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN;\n+\t\t\t*cipher_xform = xform;\n+\t\t\t*auth_xform = xform->next;\n+\t\t\treturn 0;\n+\t\t}\n+\t\tif (next->auth.op != RTE_CRYPTO_AUTH_OP_VERIFY) {\n+\t\t\t*mode = IPSEC_MB_OP_NOT_SUPPORTED;\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n+\n+\t\t*mode = IPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY;\n+\t\t*cipher_xform = xform;\n+\t\t*auth_xform = xform->next;\n+\t\treturn 0;\n+\t}\n+\n+\tif (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {\n+\t\tif (next == NULL) {\n+\t\t\tif (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) {\n+\t\t\t\t*mode = IPSEC_MB_OP_HASH_GEN_ONLY;\n+\t\t\t\t*auth_xform = xform;\n+\t\t\t\t*cipher_xform = NULL;\n+\t\t\t\treturn 0;\n+\t\t\t}\n+\t\t\t*mode = IPSEC_MB_OP_HASH_VERIFY_ONLY;\n+\t\t\t*auth_xform = xform;\n+\t\t\t*cipher_xform = NULL;\n+\t\t\treturn 0;\n+\t\t}\n+\n+\t\tif (next->type != RTE_CRYPTO_SYM_XFORM_CIPHER) {\n+\t\t\t*mode = IPSEC_MB_OP_NOT_SUPPORTED;\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n+\n+\t\tif (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) {\n+\t\t\tif (next->cipher.op != RTE_CRYPTO_CIPHER_OP_ENCRYPT) {\n+\t\t\t\t*mode = IPSEC_MB_OP_NOT_SUPPORTED;\n+\t\t\t\treturn -ENOTSUP;\n+\t\t\t}\n+\n+\t\t\t*mode = IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT;\n+\t\t\t*auth_xform = xform;\n+\t\t\t*cipher_xform = xform->next;\n+\t\t\treturn 0;\n+\t\t}\n+\t\tif (next->cipher.op != RTE_CRYPTO_CIPHER_OP_DECRYPT) {\n+\t\t\t*mode = IPSEC_MB_OP_NOT_SUPPORTED;\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n+\n+\t\t*mode = IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT;\n+\t\t*auth_xform = xform;\n+\t\t*cipher_xform = xform->next;\n+\t\treturn 0;\n+\t}\n+\n+\tif (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {\n+\t\tif (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {\n+\t\t\t/*\n+\t\t\t * CCM requires to hash first and cipher later\n+\t\t\t * when encrypting\n+\t\t\t */\n+\t\t\tif (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM) {\n+\t\t\t\t*mode = IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT;\n+\t\t\t\t*aead_xform = xform;\n+\t\t\t\treturn 0;\n+\t\t\t\t} else {\n+\t\t\t\t\t*mode =\n+\t\t\t\tIPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT;\n+\t\t\t\t\t*aead_xform = xform;\n+\t\t\t\t\treturn 0;\n+\t\t\t\t}\n+\t\t} else {\n+\t\t\tif (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM) {\n+\t\t\t\t*mode = IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT;\n+\t\t\t\t*aead_xform = xform;\n+\t\t\t\treturn 0;\n+\t\t\t}\n+\t\t\t*mode = IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT;\n+\t\t\t*aead_xform = xform;\n+\t\t\treturn 0;\n+\t\t}\n+\t}\n+\n+\t*mode = IPSEC_MB_OP_NOT_SUPPORTED;\n+\treturn -ENOTSUP;\n+\n+}\n+\n+\n /** Device creation function */\n int\n cryptodev_ipsec_mb_create(struct rte_vdev_device *vdev,\ndiff --git a/drivers/crypto/meson.build b/drivers/crypto/meson.build\nindex 216a77e3bc..d22b1eeaf3 100644\n--- a/drivers/crypto/meson.build\n+++ b/drivers/crypto/meson.build\n@@ -8,7 +8,6 @@ endif\n drivers = [\n 'ipsec_mb',\n 'aesni_gcm',\n- 'aesni_mb',\n 'armv8',\n 'bcmfs',\n 'caam_jr',\n", "prefixes": [ "RFC", "2/7" ] }