[dpdk-dev] null_crypto_pmd: PMD to support null crypto operations

Message ID 1454273336-12102-1-git-send-email-declan.doherty@intel.com (mailing list archive)
State Superseded, archived
Delegated to: Thomas Monjalon
Headers

Commit Message

Doherty, Declan Jan. 31, 2016, 8:48 p.m. UTC
This patch provides the implementation of a NULL crypto PMD, which supports
NULL cipher and NULL authentication operations, which can be chained together
as follows:

- Authentication Only
- Cipher Only
- Authentication then Cipher
- Cipher then Authentication

As this is a NULL operation device the rte_mbuf's which are submitted for
processing are not actually modified and are stored in a queue pairs processed
packets ring ready for collection when rte_cryptodev_burst_dequeue() is called.

The patch also contains the related unit tests function to test the PMDs
supported operations.

Signed-off-by: Declan Doherty <declan.doherty@intel.com>
---
 MAINTAINERS                                   |   3 +
 app/test/test_cryptodev.c                     | 399 +++++++++++++++++++++++++-
 config/common_bsdapp                          |   9 +-
 config/common_linuxapp                        |   9 +-
 doc/guides/cryptodevs/index.rst               |   3 +-
 doc/guides/cryptodevs/null.rst                |  72 +++++
 drivers/crypto/Makefile                       |   3 +-
 drivers/crypto/null/Makefile                  |  60 ++++
 drivers/crypto/null/null_crypto_pmd.c         | 269 +++++++++++++++++
 drivers/crypto/null/null_crypto_pmd_ops.c     | 309 ++++++++++++++++++++
 drivers/crypto/null/null_crypto_pmd_private.h |  93 ++++++
 mk/rte.app.mk                                 |   1 +
 12 files changed, 1225 insertions(+), 5 deletions(-)
 create mode 100644 doc/guides/cryptodevs/null.rst
 create mode 100644 drivers/crypto/null/Makefile
 create mode 100644 drivers/crypto/null/null_crypto_pmd.c
 create mode 100644 drivers/crypto/null/null_crypto_pmd_ops.c
 create mode 100644 drivers/crypto/null/null_crypto_pmd_private.h
  

Patch

diff --git a/MAINTAINERS b/MAINTAINERS
index b90aeea..f1a4393 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -355,6 +355,9 @@  F: drivers/crypto/aesni_mb/
 Intel QuickAssist
 F: drivers/crypto/qat/
 
+Null Crypto PMD
+M: Declan Doherty <declan.doherty@intel.com>
+F: drivers/crypto/null/
 
 Packet processing
 -----------------
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index fd5b7ec..2cbf743 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -1,7 +1,7 @@ 
 /*-
  *   BSD LICENSE
  *
- *   Copyright(c) 2015 Intel Corporation. All rights reserved.
+ *   Copyright(c) 2015 - 2016 Intel Corporation. All rights reserved.
  *
  *   Redistribution and use in source and binary forms, with or without
  *   modification, are permitted provided that the following conditions
@@ -188,6 +188,23 @@  testsuite_setup(void)
 		}
 	}
 
+	/* Create 2 AESNI MB devices if required */
+	if (gbl_cryptodev_type == RTE_CRYPTODEV_NULL_PMD) {
+		nb_devs = rte_cryptodev_count_devtype(
+				RTE_CRYPTODEV_NULL_PMD);
+		if (nb_devs < 2) {
+			for (i = nb_devs; i < 2; i++) {
+				int dev_id = rte_eal_vdev_init(
+					CRYPTODEV_NAME_NULL_PMD, NULL);
+
+				TEST_ASSERT(dev_id >= 0,
+					"Failed to create instance %u of"
+					" pmd : %s",
+					i, CRYPTODEV_NAME_NULL_PMD);
+			}
+		}
+	}
+
 	nb_devs = rte_cryptodev_count();
 	if (nb_devs < 1) {
 		RTE_LOG(ERR, USER1, "No crypto devices found?");
@@ -1882,6 +1899,350 @@  test_not_in_place_crypto(void)
 	return TEST_SUCCESS;
 }
 
+static int
+test_null_cipher_only_operation(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	/* Generate test mbuf data and space for digest */
+	ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
+			catch_22_quote, QUOTE_512_BYTES, 0);
+
+	/* Setup Cipher Parameters */
+	ut_params->cipher_xform.type = RTE_CRYPTO_XFORM_CIPHER;
+	ut_params->cipher_xform.next = NULL;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_NULL;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_session_create(ts_params->valid_devs[0],
+			&ut_params->cipher_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	/* Generate Crypto op data structure */
+	ut_params->ol = rte_pktmbuf_offload_alloc(ts_params->mbuf_ol_pool,
+				RTE_PKTMBUF_OL_CRYPTO);
+	TEST_ASSERT_NOT_NULL(ut_params->ol,
+			"Failed to allocate pktmbuf offload");
+
+	ut_params->op = &ut_params->ol->op.crypto;
+
+	/* Set crypto operation data parameters */
+	rte_crypto_op_attach_session(ut_params->op, ut_params->sess);
+
+	ut_params->op->data.to_cipher.offset = 0;
+	ut_params->op->data.to_cipher.length = QUOTE_512_BYTES;
+
+	rte_pktmbuf_offload_attach(ut_params->ibuf, ut_params->ol);
+
+	/* Process crypto operation */
+	ut_params->obuf = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->ibuf);
+	TEST_ASSERT_NOT_NULL(ut_params->obuf, "failed to retrieve obuf");
+
+	/* Validate obuf */
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(
+			rte_pktmbuf_mtod(ut_params->obuf, uint8_t *),
+			catch_22_quote,
+			QUOTE_512_BYTES,
+			"Ciphertext data not as expected");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_null_auth_only_operation(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	/* Generate test mbuf data and space for digest */
+	ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
+			catch_22_quote, QUOTE_512_BYTES, 0);
+
+	/* Setup HMAC Parameters */
+	ut_params->auth_xform.type = RTE_CRYPTO_XFORM_AUTH;
+	ut_params->auth_xform.next = NULL;
+
+	ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_NULL;
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_session_create(ts_params->valid_devs[0],
+			&ut_params->auth_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	/* Generate Crypto op data structure */
+	ut_params->ol = rte_pktmbuf_offload_alloc(ts_params->mbuf_ol_pool,
+				RTE_PKTMBUF_OL_CRYPTO);
+	TEST_ASSERT_NOT_NULL(ut_params->ol,
+			"Failed to allocate pktmbuf offload");
+
+	ut_params->op = &ut_params->ol->op.crypto;
+
+	/* Set crypto operation data parameters */
+	rte_crypto_op_attach_session(ut_params->op, ut_params->sess);
+
+	ut_params->op->data.to_hash.offset = 0;
+	ut_params->op->data.to_hash.length = QUOTE_512_BYTES;
+
+	rte_pktmbuf_offload_attach(ut_params->ibuf, ut_params->ol);
+
+	/* Process crypto operation */
+	ut_params->obuf = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->ibuf);
+	TEST_ASSERT_NOT_NULL(ut_params->obuf, "failed to retrieve obuf");
+
+	/* Validate obuf */
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(
+			rte_pktmbuf_mtod(ut_params->obuf, uint8_t *),
+			catch_22_quote,
+			QUOTE_512_BYTES,
+			"Ciphertext data not as expected");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_null_cipher_auth_operation(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	/* Generate test mbuf data and space for digest */
+	ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
+			catch_22_quote, QUOTE_512_BYTES, 0);
+
+	/* Setup Cipher Parameters */
+	ut_params->cipher_xform.type = RTE_CRYPTO_XFORM_CIPHER;
+	ut_params->cipher_xform.next = &ut_params->auth_xform;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_NULL;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
+
+	/* Setup HMAC Parameters */
+	ut_params->auth_xform.type = RTE_CRYPTO_XFORM_AUTH;
+	ut_params->auth_xform.next = NULL;
+
+	ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_NULL;
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_session_create(ts_params->valid_devs[0],
+			&ut_params->cipher_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	/* Generate Crypto op data structure */
+	ut_params->ol = rte_pktmbuf_offload_alloc(ts_params->mbuf_ol_pool,
+				RTE_PKTMBUF_OL_CRYPTO);
+	TEST_ASSERT_NOT_NULL(ut_params->ol,
+			"Failed to allocate pktmbuf offload");
+
+	ut_params->op = &ut_params->ol->op.crypto;
+
+	/* Set crypto operation data parameters */
+	rte_crypto_op_attach_session(ut_params->op, ut_params->sess);
+
+
+	ut_params->op->data.to_cipher.offset = 0;
+	ut_params->op->data.to_cipher.length = QUOTE_512_BYTES;
+	ut_params->op->data.to_hash.offset = 0;
+	ut_params->op->data.to_hash.length = QUOTE_512_BYTES;
+
+	rte_pktmbuf_offload_attach(ut_params->ibuf, ut_params->ol);
+
+	/* Process crypto operation */
+	ut_params->obuf = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->ibuf);
+	TEST_ASSERT_NOT_NULL(ut_params->obuf, "failed to retrieve obuf");
+
+	/* Validate obuf */
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(
+			rte_pktmbuf_mtod(ut_params->obuf, uint8_t *),
+			catch_22_quote,
+			QUOTE_512_BYTES,
+			"Ciphertext data not as expected");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_null_auth_cipher_operation(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	/* Generate test mbuf data and space for digest */
+	ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
+			catch_22_quote, QUOTE_512_BYTES, 0);
+
+	/* Setup Cipher Parameters */
+	ut_params->cipher_xform.type = RTE_CRYPTO_XFORM_CIPHER;
+	ut_params->cipher_xform.next = NULL;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_NULL;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
+
+	/* Setup HMAC Parameters */
+	ut_params->auth_xform.type = RTE_CRYPTO_XFORM_AUTH;
+	ut_params->auth_xform.next = &ut_params->cipher_xform;
+
+	ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_NULL;
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_session_create(ts_params->valid_devs[0],
+			&ut_params->cipher_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	/* Generate Crypto op data structure */
+	ut_params->ol = rte_pktmbuf_offload_alloc(ts_params->mbuf_ol_pool,
+				RTE_PKTMBUF_OL_CRYPTO);
+	TEST_ASSERT_NOT_NULL(ut_params->ol,
+			"Failed to allocate pktmbuf offload");
+
+	ut_params->op = &ut_params->ol->op.crypto;
+
+	/* Set crypto operation data parameters */
+	rte_crypto_op_attach_session(ut_params->op, ut_params->sess);
+
+
+	ut_params->op->data.to_cipher.offset = 0;
+	ut_params->op->data.to_cipher.length = QUOTE_512_BYTES;
+	ut_params->op->data.to_hash.offset = 0;
+	ut_params->op->data.to_hash.length = QUOTE_512_BYTES;
+
+	rte_pktmbuf_offload_attach(ut_params->ibuf, ut_params->ol);
+
+	/* Process crypto operation */
+	ut_params->obuf = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->ibuf);
+	TEST_ASSERT_NOT_NULL(ut_params->obuf, "failed to retrieve obuf");
+
+	/* Validate obuf */
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(
+			rte_pktmbuf_mtod(ut_params->obuf, uint8_t *),
+			catch_22_quote,
+			QUOTE_512_BYTES,
+			"Ciphertext data not as expected");
+
+	return TEST_SUCCESS;
+}
+
+
+static int
+test_null_invalid_operation(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	/* Setup Cipher Parameters */
+	ut_params->cipher_xform.type = RTE_CRYPTO_XFORM_CIPHER;
+	ut_params->cipher_xform.next = NULL;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_session_create(ts_params->valid_devs[0],
+			&ut_params->cipher_xform);
+	TEST_ASSERT_NULL(ut_params->sess, "Session creation failed");
+
+
+	/* Setup HMAC Parameters */
+	ut_params->auth_xform.type = RTE_CRYPTO_XFORM_AUTH;
+	ut_params->auth_xform.next = NULL;
+
+	ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_SHA1_HMAC;
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_session_create(ts_params->valid_devs[0],
+			&ut_params->cipher_xform);
+	TEST_ASSERT_NULL(ut_params->sess, "Session creation failed");
+
+	return TEST_SUCCESS;
+}
+
+
+#define NULL_BURST_LENGTH (32)
+
+static int
+test_null_burst_operation(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	unsigned i, burst_len = NULL_BURST_LENGTH;
+	struct rte_mbuf *burst[NULL_BURST_LENGTH] = { NULL };
+	struct rte_mbuf *burst_dequeued[NULL_BURST_LENGTH] = { NULL };
+
+	/* Generate a burst of mbufs */
+	for (i = 0; i < burst_len; i++) {
+		burst[i] = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+
+		TEST_ASSERT_NOT_NULL(burst[i], "Failed to allocate mbuf");
+
+		unsigned *data = (unsigned *)rte_pktmbuf_append(burst[i],
+							sizeof(unsigned));
+		*data = i;
+	}
+
+	/* Setup Cipher Parameters */
+	ut_params->cipher_xform.type = RTE_CRYPTO_XFORM_CIPHER;
+	ut_params->cipher_xform.next = &ut_params->auth_xform;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_NULL;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
+
+	/* Setup HMAC Parameters */
+	ut_params->auth_xform.type = RTE_CRYPTO_XFORM_AUTH;
+	ut_params->auth_xform.next = NULL;
+
+	ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_NULL;
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_session_create(ts_params->valid_devs[0],
+			&ut_params->cipher_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	/* Generate an offload operation for each mbuf in burst */
+	for (i = 0; i < burst_len; i++) {
+		ut_params->ol = rte_pktmbuf_offload_alloc(
+					ts_params->mbuf_ol_pool,
+					RTE_PKTMBUF_OL_CRYPTO);
+		TEST_ASSERT_NOT_NULL(ut_params->ol,
+					"Failed to allocate pktmbuf offload");
+
+		rte_crypto_op_attach_session(&ut_params->ol->op.crypto,
+						ut_params->sess);
+		rte_pktmbuf_offload_attach(burst[i], ut_params->ol);
+	}
+
+	/* Process crypto operation */
+	TEST_ASSERT_EQUAL(rte_cryptodev_enqueue_burst(ts_params->valid_devs[0],
+			0, burst, burst_len),
+			burst_len,
+			"Error enqueuing burst");
+
+	TEST_ASSERT_EQUAL(rte_cryptodev_dequeue_burst(ts_params->valid_devs[0],
+			0, burst_dequeued, burst_len),
+			burst_len,
+			"Error dequeuing burst");
+
+
+	for (i = 0; i < burst_len; i++) {
+		TEST_ASSERT_EQUAL(*rte_pktmbuf_mtod(burst[i], uint32_t *),
+				*rte_pktmbuf_mtod(burst_dequeued[i],
+				uint32_t *),
+				"data not as expected");
+	}
+
+	return TEST_SUCCESS;
+}
 
 static struct unit_test_suite cryptodev_qat_testsuite  = {
 	.suite_name = "Crypto QAT Unit Test Suite",
@@ -1958,6 +2319,28 @@  static struct unit_test_suite cryptodev_aesni_mb_testsuite  = {
 	}
 };
 
+static struct unit_test_suite cryptodev_null_testsuite  = {
+	.suite_name = "Crypto Device NULL Unit Test Suite",
+	.setup = testsuite_setup,
+	.teardown = testsuite_teardown,
+	.unit_test_cases = {
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_null_auth_only_operation),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_null_cipher_only_operation),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_null_cipher_auth_operation),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_null_auth_cipher_operation),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_null_invalid_operation),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_null_burst_operation),
+
+		TEST_CASES_END() /**< NULL terminate unit test array */
+	}
+};
+
 static int
 test_cryptodev_qat(void /*argv __rte_unused, int argc __rte_unused*/)
 {
@@ -1977,10 +2360,24 @@  test_cryptodev_aesni_mb(void /*argv __rte_unused, int argc __rte_unused*/)
 	return unit_test_suite_runner(&cryptodev_aesni_mb_testsuite);
 }
 
+static int
+test_cryptodev_null(void)
+{
+	gbl_cryptodev_type = RTE_CRYPTODEV_NULL_PMD;
+
+	return unit_test_suite_runner(&cryptodev_null_testsuite);
+}
+
 static struct test_command cryptodev_aesni_mb_cmd = {
 	.command = "cryptodev_aesni_mb_autotest",
 	.callback = test_cryptodev_aesni_mb,
 };
 
+static struct test_command cryptodev_null_cmd = {
+	.command = "cryptodev_null_autotest",
+	.callback = test_cryptodev_null,
+};
+
 REGISTER_TEST_COMMAND(cryptodev_qat_cmd);
 REGISTER_TEST_COMMAND(cryptodev_aesni_mb_cmd);
+REGISTER_TEST_COMMAND(cryptodev_null_cmd);
diff --git a/config/common_bsdapp b/config/common_bsdapp
index ed7c31c..6cda34c 100644
--- a/config/common_bsdapp
+++ b/config/common_bsdapp
@@ -1,6 +1,6 @@ 
 #   BSD LICENSE
 #
-#   Copyright(c) 2010-2015 Intel Corporation. All rights reserved.
+#   Copyright(c) 2010-2016 Intel Corporation. All rights reserved.
 #   All rights reserved.
 #
 #   Redistribution and use in source and binary forms, with or without
@@ -319,6 +319,13 @@  CONFIG_RTE_CRYPTO_MAX_DEVS=64
 CONFIG_RTE_CRYPTODEV_NAME_LEN=64
 
 #
+# Compile PMD for NULL Crypto device
+#
+CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y
+CONFIG_RTE_NULL_CRYPTO_PMD_MAX_NB_QUEUE_PAIRS=8
+CONFIG_RTE_NULL_CRYPTO_PMD_MAX_NB_SESSIONS=2048
+
+#
 # Compile PMD for QuickAssist based devices
 #
 CONFIG_RTE_LIBRTE_PMD_QAT=n
diff --git a/config/common_linuxapp b/config/common_linuxapp
index 74bc515..d428cb6 100644
--- a/config/common_linuxapp
+++ b/config/common_linuxapp
@@ -1,6 +1,6 @@ 
 #   BSD LICENSE
 #
-#   Copyright(c) 2010-2015 Intel Corporation. All rights reserved.
+#   Copyright(c) 2010-2016 Intel Corporation. All rights reserved.
 #   All rights reserved.
 #
 #   Redistribution and use in source and binary forms, with or without
@@ -333,6 +333,13 @@  CONFIG_RTE_LIBRTE_CRYPTODEV_DEBUG=n
 CONFIG_RTE_CRYPTO_MAX_DEVS=64
 CONFIG_RTE_CRYPTODEV_NAME_LEN=64
 
+
+# Compile PMD for NULL Crypto device
+#
+CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y
+CONFIG_RTE_NULL_CRYPTO_PMD_MAX_NB_QUEUE_PAIRS=8
+CONFIG_RTE_NULL_CRYPTO_PMD_MAX_NB_SESSIONS=2048
+
 #
 # Compile PMD for QuickAssist based devices
 #
diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst
index 16a5f4a..af0b3c8 100644
--- a/doc/guides/cryptodevs/index.rst
+++ b/doc/guides/cryptodevs/index.rst
@@ -1,5 +1,5 @@ 
 ..  BSD LICENSE
-    Copyright(c) 2015 Intel Corporation. All rights reserved.
+    Copyright(c) 2015 - 2016 Intel Corporation. All rights reserved.
 
     Redistribution and use in source and binary forms, with or without
     modification, are permitted provided that the following conditions
@@ -37,3 +37,4 @@  Crypto Device Drivers
 
     aesni_mb
     qat
+    null
diff --git a/doc/guides/cryptodevs/null.rst b/doc/guides/cryptodevs/null.rst
new file mode 100644
index 0000000..0d16c35
--- /dev/null
+++ b/doc/guides/cryptodevs/null.rst
@@ -0,0 +1,72 @@ 
+..  BSD LICENSE
+    Copyright(c) 2016 Intel Corporation. All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions
+    are met:
+
+    * Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in
+    the documentation and/or other materials provided with the
+    distribution.
+    * Neither the name of Intel Corporation nor the names of its
+    contributors may be used to endorse or promote products derived
+    from this software without specific prior written permission.
+
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+    "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+    LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+    A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+    OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+    SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+    LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+    THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Null Crytpo Poll Mode Driver
+============================
+
+The Null Crypto PMD (**librte_pmd_null_crypto**) provides a crypto poll mode
+driver which provides a minimal implementation for a software crypto device. As
+a null device it does not modify the data in the mbuf on which the crypto
+operation is to operate and it only has support for a single cipher and
+authentication algorithm.
+
+When a burst of mbufs is submitted to a Null Crypto PMD for processing then
+each mbuf in the burst will be enqueued in an internal buffer for collection on
+a dequeue call as long as the mbuf has a valid rte_mbuf_offload operation with
+a valid rte_cryptodev_session or rte_crypto_xform chain of operations.
+
+Features
+--------
+
+Modes:
+
+* RTE_CRYPTO_XFORM_CIPHER ONLY
+* RTE_CRYPTO_XFORM_AUTH ONLY
+* RTE_CRYPTO_XFORM_CIPHER THEN RTE_CRYPTO_XFORM_AUTH
+* RTE_CRYPTO_XFORM_AUTH THEN RTE_CRYPTO_XFORM_CIPHER
+
+Cipher algorithms:
+
+* RTE_CRYPTO_CIPHER_NULL
+
+Authentication algorithms:
+
+* RTE_CRYPTO_AUTH_NULL
+
+Limitations
+-----------
+
+* Only in-place is currently supported (destination address is the same as
+source address).
+
+Installation
+------------
+
+The Null Crypto PMD is enabled and built by default in both the Linux and
+FreeBSD builds.
\ No newline at end of file
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index d07ee96..67296aa 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -1,6 +1,6 @@ 
 #   BSD LICENSE
 #
-#   Copyright(c) 2010-2015 Intel Corporation. All rights reserved.
+#   Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
 #   All rights reserved.
 #
 #   Redistribution and use in source and binary forms, with or without
@@ -32,6 +32,7 @@ 
 include $(RTE_SDK)/mk/rte.vars.mk
 
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB) += aesni_mb
+DIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += null
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_QAT) += qat
 
 include $(RTE_SDK)/mk/rte.sharelib.mk
diff --git a/drivers/crypto/null/Makefile b/drivers/crypto/null/Makefile
new file mode 100644
index 0000000..cdff4dd
--- /dev/null
+++ b/drivers/crypto/null/Makefile
@@ -0,0 +1,60 @@ 
+#   BSD LICENSE
+#
+#   Copyright(c) 2016 Intel Corporation. All rights reserved.
+#
+#   Redistribution and use in source and binary forms, with or without
+#   modification, are permitted provided that the following conditions
+#   are met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in
+#       the documentation and/or other materials provided with the
+#       distribution.
+#     * Neither the name of Intel Corporation nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+#   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+#   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+#   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+#   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+#   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+#   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+#   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+#   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+#   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+#   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+include $(RTE_SDK)/mk/rte.vars.mk
+
+
+# library name
+LIB = librte_pmd_null_crypto.a
+
+# build flags
+CFLAGS += -O3
+CFLAGS += $(WERROR_FLAGS)
+
+# library version
+LIBABIVER := 1
+
+# versioning export map
+EXPORT_MAP := rte_pmd_null_crypto_version.map
+
+# library source files
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += null_crypto_pmd.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += null_crypto_pmd_ops.c
+
+# export include files
+SYMLINK-y-include +=
+
+# library dependencies
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += lib/librte_eal
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += lib/librte_mbuf
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += lib/librte_mbuf_offload
+DEPDIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += lib/librte_cryptodev
+
+include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/null/null_crypto_pmd.c b/drivers/crypto/null/null_crypto_pmd.c
new file mode 100644
index 0000000..9f8f45e
--- /dev/null
+++ b/drivers/crypto/null/null_crypto_pmd.c
@@ -0,0 +1,269 @@ 
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright(c) 2016 Intel Corporation. All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in
+ *       the documentation and/or other materials provided with the
+ *       distribution.
+ *     * Neither the name of Intel Corporation nor the names of its
+ *       contributors may be used to endorse or promote products derived
+ *       from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rte_common.h>
+#include <rte_config.h>
+#include <rte_cryptodev_pmd.h>
+#include <rte_dev.h>
+#include <rte_malloc.h>
+#include <rte_mbuf_offload.h>
+
+#include "null_crypto_pmd_private.h"
+
+/**
+ * Global static parameter used to create a unique name for each crypto device.
+ */
+static unsigned unique_name_id;
+
+static inline int
+create_unique_device_name(char *name, size_t size)
+{
+	int ret;
+
+	if (name == NULL)
+		return -EINVAL;
+
+	ret = snprintf(name, size, "%s_%u", CRYPTODEV_NAME_NULL_CRYPTO_PMD,
+			unique_name_id++);
+	if (ret < 0)
+		return ret;
+	return 0;
+}
+
+
+/** verify and set session parameters */
+int
+null_crypto_set_session_parameters(
+		struct null_crypto_session *sess __rte_unused,
+		const struct rte_crypto_xform *xform)
+{
+	if (xform == NULL) {
+		return -1;
+	} else if (xform->type == RTE_CRYPTO_XFORM_AUTH &&
+			xform->next == NULL) {
+		/* Authentication Only */
+		if (xform->auth.algo == RTE_CRYPTO_AUTH_NULL)
+			return 0;
+	} else if (xform->type == RTE_CRYPTO_XFORM_AUTH &&
+			xform->next->type == RTE_CRYPTO_XFORM_CIPHER) {
+		/* Authentication then Cipher */
+		if (xform->auth.algo == RTE_CRYPTO_AUTH_NULL &&
+			xform->next->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
+			return 0;
+	} else if (xform->type == RTE_CRYPTO_XFORM_CIPHER &&
+			xform->next == NULL) {
+		/* Cipher Only */
+		if (xform->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
+			return 0;
+	} else if (xform->type == RTE_CRYPTO_XFORM_CIPHER &&
+			xform->next->type == RTE_CRYPTO_XFORM_AUTH) {
+		/* Cipher then Authentication */
+		if (xform->cipher.algo == RTE_CRYPTO_CIPHER_NULL &&
+			xform->next->auth.algo == RTE_CRYPTO_AUTH_NULL)
+			return 0;
+	}
+
+	return -1;
+}
+
+/** Process crypto operation for mbuf */
+static int
+process_op(const struct null_crypto_qp *qp, struct rte_mbuf *m,
+		struct rte_crypto_op *op,
+		struct null_crypto_session *sess __rte_unused)
+{
+	/* set status as successful by default */
+	op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+
+	/* if crypto session and operation are valid just enqueue the packet
+	 * in the processed ring */
+	return rte_ring_enqueue(qp->processed_pkts, (void *)m);
+}
+
+static struct null_crypto_session *
+get_session(struct null_crypto_qp *qp, struct rte_crypto_op *op)
+{
+	struct null_crypto_session *sess;
+
+	if (op->type == RTE_CRYPTO_OP_WITH_SESSION) {
+		if (unlikely(op->session == NULL ||
+				op->session->type != RTE_CRYPTODEV_NULL_PMD))
+			return NULL;
+
+		sess = (struct null_crypto_session *)op->session->_private;
+	} else  {
+		struct rte_cryptodev_session *c_sess = NULL;
+
+		if (rte_mempool_get(qp->sess_mp, (void **)&c_sess))
+			return NULL;
+
+		sess = (struct null_crypto_session *)c_sess->_private;
+
+		if (unlikely(null_crypto_set_session_parameters(sess, op->xform)
+				!= 0))
+			return NULL;
+	}
+
+	return sess;
+}
+
+/** Enqueue burst */
+static uint16_t
+null_crypto_pmd_enqueue_burst(void *queue_pair, struct rte_mbuf **bufs,
+		uint16_t nb_bufs)
+{
+	struct rte_mbuf_offload *ol = NULL;
+
+	struct null_crypto_session *sess;
+	struct null_crypto_qp *qp = queue_pair;
+
+	int i, retval;
+
+	for (i = 0; i < nb_bufs; i++) {
+		ol = rte_pktmbuf_offload_get(bufs[i], RTE_PKTMBUF_OL_CRYPTO);
+		if (unlikely(ol == NULL))
+			goto enqueue_err;
+
+		sess = get_session(qp, &ol->op.crypto);
+		if (unlikely(sess == NULL))
+			goto enqueue_err;
+
+		retval = process_op(qp, bufs[i], &ol->op.crypto, sess);
+		if (unlikely(retval < 0))
+			goto enqueue_err;
+	}
+
+	qp->qp_stats.enqueued_count += i;
+
+	return i;
+
+enqueue_err:
+	if (ol)
+		ol->op.crypto.status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
+	qp->qp_stats.enqueue_err_count++;
+
+	return i;
+}
+
+/** Dequeue burst */
+static uint16_t
+null_crypto_pmd_dequeue_burst(void *queue_pair, struct rte_mbuf **bufs,
+		uint16_t nb_bufs)
+{
+	struct null_crypto_qp *qp = queue_pair;
+
+	unsigned nb_dequeued;
+
+	nb_dequeued = rte_ring_dequeue_burst(qp->processed_pkts,
+			(void **)bufs, nb_bufs);
+	qp->qp_stats.dequeued_count += nb_dequeued;
+
+	return nb_dequeued;
+}
+
+static int cryptodev_null_uninit(const char *name);
+
+/** Create crypto device */
+static int
+cryptodev_null_create(const char *name, unsigned socket_id)
+{
+	struct rte_cryptodev *dev;
+	char crypto_dev_name[RTE_CRYPTODEV_NAME_MAX_LEN];
+	struct null_crypto_private *internals;
+
+	/* create a unique device name */
+	if (create_unique_device_name(crypto_dev_name,
+			RTE_CRYPTODEV_NAME_MAX_LEN) != 0) {
+		NULL_CRYPTO_LOG_ERR("failed to create unique cryptodev name");
+		return -EINVAL;
+	}
+
+	dev = rte_cryptodev_pmd_virtual_dev_init(crypto_dev_name,
+			sizeof(struct null_crypto_private), socket_id);
+	if (dev == NULL) {
+		NULL_CRYPTO_LOG_ERR("failed to create cryptodev vdev");
+		goto init_error;
+	}
+
+	dev->dev_type = RTE_CRYPTODEV_NULL_PMD;
+	dev->dev_ops = null_crypto_pmd_ops;
+
+	/* register rx/tx burst functions for data path */
+	dev->dequeue_burst = null_crypto_pmd_dequeue_burst;
+	dev->enqueue_burst = null_crypto_pmd_enqueue_burst;
+
+	/* Set vector instructions mode supported */
+	internals = dev->data->dev_private;
+
+	internals->max_nb_qpairs = RTE_NULL_CRYPTO_PMD_MAX_NB_QUEUE_PAIRS;
+	internals->max_nb_sessions = RTE_NULL_CRYPTO_PMD_MAX_NB_SESSIONS;
+
+	return dev->data->dev_id;
+
+init_error:
+	NULL_CRYPTO_LOG_ERR("driver %s: cryptodev_null_create failed", name);
+	cryptodev_null_uninit(crypto_dev_name);
+
+	return -EFAULT;
+}
+
+/** Initialise null crypto device */
+static int
+cryptodev_null_init(const char *name,
+		const char *params __rte_unused)
+{
+	RTE_LOG(INFO, PMD, "Initialising %s\n", name);
+
+	return cryptodev_null_create(name, rte_socket_id());
+}
+
+/** Uninitialise null crypto device */
+static int
+cryptodev_null_uninit(const char *name)
+{
+	if (name == NULL)
+		return -EINVAL;
+
+	RTE_LOG(INFO, PMD, "Closing null crypto device %s on numa socket %u\n",
+			name, rte_socket_id());
+
+	return 0;
+}
+
+static struct rte_driver cryptodev_null_pmd_drv = {
+	.name = CRYPTODEV_NAME_NULL_PMD,
+	.type = PMD_VDEV,
+	.init = cryptodev_null_init,
+	.uninit = cryptodev_null_uninit
+};
+
+PMD_REGISTER_DRIVER(cryptodev_null_pmd_drv);
diff --git a/drivers/crypto/null/null_crypto_pmd_ops.c b/drivers/crypto/null/null_crypto_pmd_ops.c
new file mode 100644
index 0000000..9369be6
--- /dev/null
+++ b/drivers/crypto/null/null_crypto_pmd_ops.c
@@ -0,0 +1,309 @@ 
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright(c) 2016 Intel Corporation. All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in
+ *       the documentation and/or other materials provided with the
+ *       distribution.
+ *     * Neither the name of Intel Corporation nor the names of its
+ *       contributors may be used to endorse or promote products derived
+ *       from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <string.h>
+
+#include <rte_common.h>
+#include <rte_malloc.h>
+#include <rte_cryptodev_pmd.h>
+
+#include "null_crypto_pmd_private.h"
+
+/** Configure device */
+static int
+null_crypto_pmd_config(__rte_unused struct rte_cryptodev *dev)
+{
+	return 0;
+}
+
+/** Start device */
+static int
+null_crypto_pmd_start(__rte_unused struct rte_cryptodev *dev)
+{
+	return 0;
+}
+
+/** Stop device */
+static void
+null_crypto_pmd_stop(__rte_unused struct rte_cryptodev *dev)
+{
+}
+
+/** Close device */
+static int
+null_crypto_pmd_close(__rte_unused struct rte_cryptodev *dev)
+{
+	return 0;
+}
+
+/** Get device statistics */
+static void
+null_crypto_pmd_stats_get(struct rte_cryptodev *dev,
+		struct rte_cryptodev_stats *stats)
+{
+	int qp_id;
+
+	for (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) {
+		struct null_crypto_qp *qp = dev->data->queue_pairs[qp_id];
+
+		stats->enqueued_count += qp->qp_stats.enqueued_count;
+		stats->dequeued_count += qp->qp_stats.dequeued_count;
+
+		stats->enqueue_err_count += qp->qp_stats.enqueue_err_count;
+		stats->dequeue_err_count += qp->qp_stats.dequeue_err_count;
+	}
+}
+
+/** Reset device statistics */
+static void
+null_crypto_pmd_stats_reset(struct rte_cryptodev *dev)
+{
+	int qp_id;
+
+	for (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) {
+		struct null_crypto_qp *qp = dev->data->queue_pairs[qp_id];
+
+		memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
+	}
+}
+
+
+/** Get device info */
+static void
+null_crypto_pmd_info_get(struct rte_cryptodev *dev,
+		struct rte_cryptodev_info *dev_info)
+{
+	struct null_crypto_private *internals = dev->data->dev_private;
+
+	if (dev_info != NULL) {
+		dev_info->dev_type = dev->dev_type;
+		dev_info->max_nb_queue_pairs = internals->max_nb_qpairs;
+		dev_info->max_nb_sessions = internals->max_nb_sessions;
+	}
+}
+
+/** Release queue pair */
+static int
+null_crypto_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
+{
+	if (dev->data->queue_pairs[qp_id] != NULL) {
+		rte_free(dev->data->queue_pairs[qp_id]);
+		dev->data->queue_pairs[qp_id] = NULL;
+	}
+	return 0;
+}
+
+/** set a unique name for the queue pair based on it's name, dev_id and qp_id */
+static int
+null_crypto_pmd_qp_set_unique_name(struct rte_cryptodev *dev,
+		struct null_crypto_qp *qp)
+{
+	unsigned n = snprintf(qp->name, sizeof(qp->name),
+			"null_crypto_pmd_%u_qp_%u",
+			dev->data->dev_id, qp->id);
+
+	if (n > sizeof(qp->name))
+		return -1;
+
+	return 0;
+}
+
+/** Create a ring to place process packets on */
+static struct rte_ring *
+null_crypto_pmd_qp_create_processed_pkts_ring(struct null_crypto_qp *qp,
+		unsigned ring_size, int socket_id)
+{
+	struct rte_ring *r;
+
+	r = rte_ring_lookup(qp->name);
+	if (r) {
+		if (r->prod.size >= ring_size) {
+			NULL_CRYPTO_LOG_INFO(
+				"Reusing existing ring %s for processed packets",
+				qp->name);
+			return r;
+		}
+
+		NULL_CRYPTO_LOG_INFO(
+			"Unable to reuse existing ring %s for processed packets",
+			 qp->name);
+		return NULL;
+	}
+
+	return rte_ring_create(qp->name, ring_size, socket_id,
+			RING_F_SP_ENQ | RING_F_SC_DEQ);
+}
+
+/** Setup a queue pair */
+static int
+null_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
+		const struct rte_cryptodev_qp_conf *qp_conf,
+		 int socket_id)
+{
+	struct null_crypto_private *internals = dev->data->dev_private;
+	struct null_crypto_qp *qp;
+	int retval;
+
+	if (qp_id >= internals->max_nb_qpairs) {
+		NULL_CRYPTO_LOG_ERR("Invalid qp_id %u, greater than maximum "
+				"number of queue pairs supported (%u).",
+				qp_id, internals->max_nb_qpairs);
+		return (-EINVAL);
+	}
+
+	/* Free memory prior to re-allocation if needed. */
+	if (dev->data->queue_pairs[qp_id] != NULL)
+		null_crypto_pmd_qp_release(dev, qp_id);
+
+	/* Allocate the queue pair data structure. */
+	qp = rte_zmalloc_socket("Null Crypto PMD Queue Pair", sizeof(*qp),
+					RTE_CACHE_LINE_SIZE, socket_id);
+	if (qp == NULL) {
+		NULL_CRYPTO_LOG_ERR("Failed to allocate queue pair memory");
+		return (-ENOMEM);
+	}
+
+	qp->id = qp_id;
+	dev->data->queue_pairs[qp_id] = qp;
+
+	retval = null_crypto_pmd_qp_set_unique_name(dev, qp);
+	if (retval) {
+		NULL_CRYPTO_LOG_ERR("Failed to create unique name for null "
+				"crypto device");
+		goto qp_setup_cleanup;
+	}
+
+	qp->processed_pkts = null_crypto_pmd_qp_create_processed_pkts_ring(qp,
+			qp_conf->nb_descriptors, socket_id);
+	if (qp->processed_pkts == NULL) {
+		NULL_CRYPTO_LOG_ERR("Failed to create unique name for null "
+				"crypto device");
+		goto qp_setup_cleanup;
+	}
+
+	qp->sess_mp = dev->data->session_pool;
+
+	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
+
+	return 0;
+
+qp_setup_cleanup:
+	if (qp)
+		rte_free(qp);
+
+	return -1;
+}
+
+/** Start queue pair */
+static int
+null_crypto_pmd_qp_start(__rte_unused struct rte_cryptodev *dev,
+		__rte_unused uint16_t queue_pair_id)
+{
+	return -ENOTSUP;
+}
+
+/** Stop queue pair */
+static int
+null_crypto_pmd_qp_stop(__rte_unused struct rte_cryptodev *dev,
+		__rte_unused uint16_t queue_pair_id)
+{
+	return -ENOTSUP;
+}
+
+/** Return the number of allocated queue pairs */
+static uint32_t
+null_crypto_pmd_qp_count(struct rte_cryptodev *dev)
+{
+	return dev->data->nb_queue_pairs;
+}
+
+/** Returns the size of the NULL crypto session structure */
+static unsigned
+null_crypto_pmd_session_get_size(struct rte_cryptodev *dev __rte_unused)
+{
+	return sizeof(struct null_crypto_session);
+}
+
+/** Configure a null crypto session from a crypto xform chain */
+static void *
+null_crypto_pmd_session_configure(struct rte_cryptodev *dev __rte_unused,
+		struct rte_crypto_xform *xform,	void *sess)
+{
+	int retval;
+
+	if (unlikely(sess == NULL)) {
+		NULL_CRYPTO_LOG_ERR("invalid session struct");
+		return NULL;
+	}
+	retval = null_crypto_set_session_parameters(
+			(struct null_crypto_session *)sess, xform);
+	if (retval != 0) {
+		NULL_CRYPTO_LOG_ERR("failed configure session parameters");
+		return NULL;
+	}
+
+	return sess;
+}
+
+/** Clear the memory of session so it doesn't leave key material behind */
+static void
+null_crypto_pmd_session_clear(struct rte_cryptodev *dev __rte_unused,
+		void *sess)
+{
+	if (sess)
+		memset(sess, 0, sizeof(struct null_crypto_session));
+}
+
+struct rte_cryptodev_ops pmd_ops = {
+		.dev_configure		= null_crypto_pmd_config,
+		.dev_start		= null_crypto_pmd_start,
+		.dev_stop		= null_crypto_pmd_stop,
+		.dev_close		= null_crypto_pmd_close,
+
+		.stats_get		= null_crypto_pmd_stats_get,
+		.stats_reset		= null_crypto_pmd_stats_reset,
+
+		.dev_infos_get		= null_crypto_pmd_info_get,
+
+		.queue_pair_setup	= null_crypto_pmd_qp_setup,
+		.queue_pair_release	= null_crypto_pmd_qp_release,
+		.queue_pair_start	= null_crypto_pmd_qp_start,
+		.queue_pair_stop	= null_crypto_pmd_qp_stop,
+		.queue_pair_count	= null_crypto_pmd_qp_count,
+
+		.session_get_size	= null_crypto_pmd_session_get_size,
+		.session_configure	= null_crypto_pmd_session_configure,
+		.session_clear		= null_crypto_pmd_session_clear
+};
+
+struct rte_cryptodev_ops *null_crypto_pmd_ops = &pmd_ops;
+
diff --git a/drivers/crypto/null/null_crypto_pmd_private.h b/drivers/crypto/null/null_crypto_pmd_private.h
new file mode 100644
index 0000000..97a36bb
--- /dev/null
+++ b/drivers/crypto/null/null_crypto_pmd_private.h
@@ -0,0 +1,93 @@ 
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright(c) 2016 Intel Corporation. All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in
+ *       the documentation and/or other materials provided with the
+ *       distribution.
+ *     * Neither the name of Intel Corporation nor the names of its
+ *       contributors may be used to endorse or promote products derived
+ *       from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _NULL_CRYPTO_PMD_PRIVATE_H_
+#define _NULL_CRYPTO_PMD_PRIVATE_H_
+
+#include "rte_config.h"
+
+#define NULL_CRYPTO_LOG_ERR(fmt, args...) \
+	RTE_LOG(ERR, CRYPTODEV, "[%s] %s() line %u: " fmt "\n",  \
+			CRYPTODEV_NAME_NULL_PMD, \
+			__func__, __LINE__, ## args)
+
+#ifdef RTE_LIBRTE_NULL_CRYPTO_DEBUG
+#define NULL_CRYPTO_LOG_INFO(fmt, args...) \
+	RTE_LOG(INFO, CRYPTODEV, "[%s] %s() line %u: " fmt "\n", \
+			CRYPTODEV_NAME_NULL_PMD, \
+			__func__, __LINE__, ## args)
+
+#define NULL_CRYPTO_LOG_DBG(fmt, args...) \
+	RTE_LOG(DEBUG, CRYPTODEV, "[%s] %s() line %u: " fmt "\n", \
+			CRYPTODEV_NAME_NULL_PMD, \
+			__func__, __LINE__, ## args)
+#else
+#define NULL_CRYPTO_LOG_INFO(fmt, args...)
+#define NULL_CRYPTO_LOG_DBG(fmt, args...)
+#endif
+
+
+/** private data structure for each NULL crypto device */
+struct null_crypto_private {
+	unsigned max_nb_qpairs;		/**< Max number of queue pairs */
+	unsigned max_nb_sessions;	/**< Max number of sessions */
+};
+
+/** NULL crypto queue pair */
+struct null_crypto_qp {
+	uint16_t id;
+	/**< Queue Pair Identifier */
+	char name[RTE_CRYPTODEV_NAME_LEN];
+	/**< Unique Queue Pair Name */
+	struct rte_ring *processed_pkts;
+	/**< Ring for placing process packets */
+	struct rte_mempool *sess_mp;
+	/**< Session Mempool */
+	struct rte_cryptodev_stats qp_stats;
+	/**< Queue pair statistics */
+} __rte_cache_aligned;
+
+
+/** NULL crypto private session structure */
+struct null_crypto_session {
+	uint32_t reserved;
+} __rte_cache_aligned;
+
+/** Set and validate NULL crypto session parameters */
+extern int
+null_crypto_set_session_parameters(struct null_crypto_session *sess,
+		const struct rte_crypto_xform *xform);
+
+/** device specific operations function pointer structure */
+extern struct rte_cryptodev_ops *null_crypto_pmd_ops;
+
+#endif /* _NULL_CRYPTO_PMD_PRIVATE_H_ */
diff --git a/mk/rte.app.mk b/mk/rte.app.mk
index 8ecab41..5e9d511 100644
--- a/mk/rte.app.mk
+++ b/mk/rte.app.mk
@@ -154,6 +154,7 @@  _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_PCAP)       += -lrte_pmd_pcap
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_AF_PACKET)  += -lrte_pmd_af_packet
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_NULL)       += -lrte_pmd_null
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_QAT)        += -lrte_pmd_qat
+_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO)+= -lrte_pmd_null_crypto
 
 # AESNI MULTI BUFFER is dependent on the IPSec_MB library
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB)   += -lrte_pmd_aesni_mb