git.droids-corp.org / dpdk.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
drivers/crypto: return error for not supported SA lifetime
[dpdk.git] / drivers / crypto / dpaa_sec / dpaa_sec.c
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index f69cb57..a552e64 100644 (file)
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2017-2019 NXP
+ *   Copyright 2017-2021 NXP
  *
  */
 
@@ -12,14 +12,15 @@
 
 #include <rte_byteorder.h>
 #include <rte_common.h>
-#include <rte_cryptodev_pmd.h>
+#include <cryptodev_pmd.h>
 #include <rte_crypto.h>
 #include <rte_cryptodev.h>
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 #include <rte_security_driver.h>
 #endif
 #include <rte_cycles.h>
 #include <rte_dev.h>
+#include <rte_ip.h>
 #include <rte_kvargs.h>
 #include <rte_malloc.h>
 #include <rte_mbuf.h>
@@ -44,10 +45,7 @@
 #include <dpaa_sec_log.h>
 #include <dpaax_iova_table.h>
 
-static uint8_t cryptodev_driver_id;
-
-static int
-dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess);
+uint8_t dpaa_cryptodev_driver_id;
 
 static inline void
 dpaa_sec_op_ending(struct dpaa_sec_op_ctx *ctx)
@@ -230,7 +228,7 @@ static inline int is_decode(dpaa_sec_session *ses)
        return ses->dir == DIR_DEC;
 }
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 static int
 dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
 {
@@ -262,14 +260,31 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
                p_authdata = &authdata;
        }
 
-       if (rta_inline_pdcp_query(authdata.algtype,
-                               cipherdata.algtype,
-                               ses->pdcp.sn_size,
-                               ses->pdcp.hfn_ovd)) {
-               cipherdata.key =
-                       (size_t)rte_dpaa_mem_vtop((void *)
-                                       (size_t)cipherdata.key);
-               cipherdata.key_type = RTA_DATA_PTR;
+       if (ses->pdcp.sdap_enabled) {
+               int nb_keys_to_inline =
+                               rta_inline_pdcp_sdap_query(authdata.algtype,
+                                       cipherdata.algtype,
+                                       ses->pdcp.sn_size,
+                                       ses->pdcp.hfn_ovd);
+               if (nb_keys_to_inline >= 1) {
+                       cipherdata.key = (size_t)rte_dpaa_mem_vtop((void *)
+                                               (size_t)cipherdata.key);
+                       cipherdata.key_type = RTA_DATA_PTR;
+               }
+               if (nb_keys_to_inline >= 2) {
+                       authdata.key = (size_t)rte_dpaa_mem_vtop((void *)
+                                               (size_t)authdata.key);
+                       authdata.key_type = RTA_DATA_PTR;
+               }
+       } else {
+               if (rta_inline_pdcp_query(authdata.algtype,
+                                       cipherdata.algtype,
+                                       ses->pdcp.sn_size,
+                                       ses->pdcp.hfn_ovd)) {
+                       cipherdata.key = (size_t)rte_dpaa_mem_vtop((void *)
+                                               (size_t)cipherdata.key);
+                       cipherdata.key_type = RTA_DATA_PTR;
+               }
        }
 
        if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_CONTROL) {
@@ -293,6 +308,9 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
                                        ses->pdcp.hfn_threshold,
                                        &cipherdata, &authdata,
                                        0);
+       } else if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_SHORT_MAC) {
+               shared_desc_len = cnstr_shdsc_pdcp_short_mac(cdb->sh_desc,
+                                                    1, swap, &authdata);
        } else {
                if (ses->dir == DIR_ENC) {
                        if (ses->pdcp.sdap_enabled)
@@ -434,7 +452,7 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
        memset(cdb, 0, sizeof(struct sec_cdb));
 
        switch (ses->ctxt) {
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
        case DPAA_SEC_IPSEC:
                shared_desc_len = dpaa_sec_prep_ipsec_cdb(ses);
                break;
@@ -453,6 +471,7 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
                switch (ses->cipher_alg) {
                case RTE_CRYPTO_CIPHER_AES_CBC:
                case RTE_CRYPTO_CIPHER_3DES_CBC:
+               case RTE_CRYPTO_CIPHER_DES_CBC:
                case RTE_CRYPTO_CIPHER_AES_CTR:
                case RTE_CRYPTO_CIPHER_3DES_CTR:
                        shared_desc_len = cnstr_shdsc_blkcipher(
@@ -487,6 +506,18 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
                alginfo_a.algtype = ses->auth_key.alg;
                alginfo_a.algmode = ses->auth_key.algmode;
                switch (ses->auth_alg) {
+               case RTE_CRYPTO_AUTH_MD5:
+               case RTE_CRYPTO_AUTH_SHA1:
+               case RTE_CRYPTO_AUTH_SHA224:
+               case RTE_CRYPTO_AUTH_SHA256:
+               case RTE_CRYPTO_AUTH_SHA384:
+               case RTE_CRYPTO_AUTH_SHA512:
+                       shared_desc_len = cnstr_shdsc_hash(
+                                               cdb->sh_desc, true,
+                                               swap, SHR_NEVER, &alginfo_a,
+                                               !ses->dir,
+                                               ses->digest_length);
+                       break;
                case RTE_CRYPTO_AUTH_MD5_HMAC:
                case RTE_CRYPTO_AUTH_SHA1_HMAC:
                case RTE_CRYPTO_AUTH_SHA224_HMAC:
@@ -513,6 +544,15 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
                                                !ses->dir,
                                                ses->digest_length);
                        break;
+               case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+               case RTE_CRYPTO_AUTH_AES_CMAC:
+                       shared_desc_len = cnstr_shdsc_aes_mac(
+                                               cdb->sh_desc,
+                                               true, swap, SHR_NEVER,
+                                               &alginfo_a,
+                                               !ses->dir,
+                                               ses->digest_length);
+                       break;
                default:
                        DPAA_SEC_ERR("unsupported auth alg %u", ses->auth_alg);
                }
@@ -1565,7 +1605,7 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
        return cf;
 }
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 static inline struct dpaa_sec_job *
 build_proto(struct rte_crypto_op *op, dpaa_sec_session *ses)
 {
@@ -1716,13 +1756,20 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
        uint32_t index, flags[DPAA_SEC_BURST] = {0};
        struct qman_fq *inq[DPAA_SEC_BURST];
 
+       if (unlikely(!DPAA_PER_LCORE_PORTAL)) {
+               if (rte_dpaa_portal_init((void *)0)) {
+                       DPAA_SEC_ERR("Failure in affining portal");
+                       return 0;
+               }
+       }
+
        while (nb_ops) {
                frames_to_send = (nb_ops > DPAA_SEC_BURST) ?
                                DPAA_SEC_BURST : nb_ops;
                for (loop = 0; loop < frames_to_send; loop++) {
                        op = *(ops++);
-                       if (op->sym->m_src->seqn != 0) {
-                               index = op->sym->m_src->seqn - 1;
+                       if (*dpaa_seqn(op->sym->m_src) != 0) {
+                               index = *dpaa_seqn(op->sym->m_src) - 1;
                                if (DPAA_PER_LCORE_DQRR_HELD & (1 << index)) {
                                        /* QM_EQCR_DCA_IDXMASK = 0x0f */
                                        flags[loop] = ((index & 0x0f) << 8);
@@ -1737,10 +1784,10 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                        case RTE_CRYPTO_OP_WITH_SESSION:
                                ses = (dpaa_sec_session *)
                                        get_sym_session_private_data(
-                                                       op->sym->session,
-                                                       cryptodev_driver_id);
+                                               op->sym->session,
+                                               dpaa_cryptodev_driver_id);
                                break;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
                        case RTE_CRYPTO_OP_SECURITY_SESSION:
                                ses = (dpaa_sec_session *)
                                        get_sec_session_private_data(
@@ -1787,7 +1834,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                  ((op->sym->m_dst == NULL) ||
                                   rte_pktmbuf_is_contiguous(op->sym->m_dst))) {
                                switch (ses->ctxt) {
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
                                case DPAA_SEC_PDCP:
                                case DPAA_SEC_IPSEC:
                                        cf = build_proto(op, ses);
@@ -1821,7 +1868,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                }
                        } else {
                                switch (ses->ctxt) {
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
                                case DPAA_SEC_PDCP:
                                case DPAA_SEC_IPSEC:
                                        cf = build_proto_sg(op, ses);
@@ -1878,7 +1925,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                        ((auth_tail_len << 16) | auth_hdr_len);
                        }
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
                        /* In case of PDCP, per packet HFN is stored in
                         * mbuf priv after sym_op.
                         */
@@ -1916,6 +1963,13 @@ dpaa_sec_dequeue_burst(void *qp, struct rte_crypto_op **ops,
        uint16_t num_rx;
        struct dpaa_sec_qp *dpaa_qp = (struct dpaa_sec_qp *)qp;
 
+       if (unlikely(!DPAA_PER_LCORE_PORTAL)) {
+               if (rte_dpaa_portal_init((void *)0)) {
+                       DPAA_SEC_ERR("Failure in affining portal");
+                       return 0;
+               }
+       }
+
        num_rx = dpaa_sec_deq(dpaa_qp, ops, nb_ops);
 
        dpaa_qp->rx_pkts += num_rx;
@@ -2028,6 +2082,10 @@ dpaa_sec_cipher_init(struct rte_cryptodev *dev __rte_unused,
                session->cipher_key.alg = OP_ALG_ALGSEL_AES;
                session->cipher_key.algmode = OP_ALG_AAI_CBC;
                break;
+       case RTE_CRYPTO_CIPHER_DES_CBC:
+               session->cipher_key.alg = OP_ALG_ALGSEL_DES;
+               session->cipher_key.algmode = OP_ALG_AAI_CBC;
+               break;
        case RTE_CRYPTO_CIPHER_3DES_CBC:
                session->cipher_key.alg = OP_ALG_ALGSEL_3DES;
                session->cipher_key.algmode = OP_ALG_AAI_CBC;
@@ -2060,43 +2118,70 @@ dpaa_sec_auth_init(struct rte_cryptodev *dev __rte_unused,
 {
        session->ctxt = DPAA_SEC_AUTH;
        session->auth_alg = xform->auth.algo;
-       session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
+       session->auth_key.length = xform->auth.key.length;
+       if (xform->auth.key.length) {
+               session->auth_key.data =
+                               rte_zmalloc(NULL, xform->auth.key.length,
                                             RTE_CACHE_LINE_SIZE);
-       if (session->auth_key.data == NULL && xform->auth.key.length > 0) {
-               DPAA_SEC_ERR("No Memory for auth key");
-               return -ENOMEM;
+               if (session->auth_key.data == NULL) {
+                       DPAA_SEC_ERR("No Memory for auth key");
+                       return -ENOMEM;
+               }
+               memcpy(session->auth_key.data, xform->auth.key.data,
+                               xform->auth.key.length);
+
        }
-       session->auth_key.length = xform->auth.key.length;
        session->digest_length = xform->auth.digest_length;
        if (session->cipher_alg == RTE_CRYPTO_CIPHER_NULL) {
                session->iv.offset = xform->auth.iv.offset;
                session->iv.length = xform->auth.iv.length;
        }
 
-       memcpy(session->auth_key.data, xform->auth.key.data,
-              xform->auth.key.length);
-
        switch (xform->auth.algo) {
+       case RTE_CRYPTO_AUTH_SHA1:
+               session->auth_key.alg = OP_ALG_ALGSEL_SHA1;
+               session->auth_key.algmode = OP_ALG_AAI_HASH;
+               break;
        case RTE_CRYPTO_AUTH_SHA1_HMAC:
                session->auth_key.alg = OP_ALG_ALGSEL_SHA1;
                session->auth_key.algmode = OP_ALG_AAI_HMAC;
                break;
+       case RTE_CRYPTO_AUTH_MD5:
+               session->auth_key.alg = OP_ALG_ALGSEL_MD5;
+               session->auth_key.algmode = OP_ALG_AAI_HASH;
+               break;
        case RTE_CRYPTO_AUTH_MD5_HMAC:
                session->auth_key.alg = OP_ALG_ALGSEL_MD5;
                session->auth_key.algmode = OP_ALG_AAI_HMAC;
                break;
+       case RTE_CRYPTO_AUTH_SHA224:
+               session->auth_key.alg = OP_ALG_ALGSEL_SHA224;
+               session->auth_key.algmode = OP_ALG_AAI_HASH;
+               break;
        case RTE_CRYPTO_AUTH_SHA224_HMAC:
                session->auth_key.alg = OP_ALG_ALGSEL_SHA224;
                session->auth_key.algmode = OP_ALG_AAI_HMAC;
                break;
+       case RTE_CRYPTO_AUTH_SHA256:
+               session->auth_key.alg = OP_ALG_ALGSEL_SHA256;
+               session->auth_key.algmode = OP_ALG_AAI_HASH;
+               break;
        case RTE_CRYPTO_AUTH_SHA256_HMAC:
                session->auth_key.alg = OP_ALG_ALGSEL_SHA256;
                session->auth_key.algmode = OP_ALG_AAI_HMAC;
                break;
+       case RTE_CRYPTO_AUTH_SHA384:
+               session->auth_key.alg = OP_ALG_ALGSEL_SHA384;
+               session->auth_key.algmode = OP_ALG_AAI_HASH;
+               break;
        case RTE_CRYPTO_AUTH_SHA384_HMAC:
                session->auth_key.alg = OP_ALG_ALGSEL_SHA384;
                session->auth_key.algmode = OP_ALG_AAI_HMAC;
                break;
+       case RTE_CRYPTO_AUTH_SHA512:
+               session->auth_key.alg = OP_ALG_ALGSEL_SHA512;
+               session->auth_key.algmode = OP_ALG_AAI_HASH;
+               break;
        case RTE_CRYPTO_AUTH_SHA512_HMAC:
                session->auth_key.alg = OP_ALG_ALGSEL_SHA512;
                session->auth_key.algmode = OP_ALG_AAI_HMAC;
@@ -2109,6 +2194,14 @@ dpaa_sec_auth_init(struct rte_cryptodev *dev __rte_unused,
                session->auth_key.alg = OP_ALG_ALGSEL_ZUCA;
                session->auth_key.algmode = OP_ALG_AAI_F9;
                break;
+       case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+               session->auth_key.alg = OP_ALG_ALGSEL_AES;
+               session->auth_key.algmode = OP_ALG_AAI_XCBC_MAC;
+               break;
+       case RTE_CRYPTO_AUTH_AES_CMAC:
+               session->auth_key.alg = OP_ALG_ALGSEL_AES;
+               session->auth_key.algmode = OP_ALG_AAI_CMAC;
+               break;
        default:
                DPAA_SEC_ERR("Crypto: Unsupported Auth specified %u",
                              xform->auth.algo);
@@ -2190,6 +2283,14 @@ dpaa_sec_chain_init(struct rte_cryptodev *dev __rte_unused,
                session->auth_key.alg = OP_ALG_ALGSEL_SHA512;
                session->auth_key.algmode = OP_ALG_AAI_HMAC;
                break;
+       case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+               session->auth_key.alg = OP_ALG_ALGSEL_AES;
+               session->auth_key.algmode = OP_ALG_AAI_XCBC_MAC;
+               break;
+       case RTE_CRYPTO_AUTH_AES_CMAC:
+               session->auth_key.alg = OP_ALG_ALGSEL_AES;
+               session->auth_key.algmode = OP_ALG_AAI_CMAC;
+               break;
        default:
                DPAA_SEC_ERR("Crypto: Unsupported Auth specified %u",
                              auth_xform->algo);
@@ -2203,6 +2304,10 @@ dpaa_sec_chain_init(struct rte_cryptodev *dev __rte_unused,
                session->cipher_key.alg = OP_ALG_ALGSEL_AES;
                session->cipher_key.algmode = OP_ALG_AAI_CBC;
                break;
+       case RTE_CRYPTO_CIPHER_DES_CBC:
+               session->cipher_key.alg = OP_ALG_ALGSEL_DES;
+               session->cipher_key.algmode = OP_ALG_AAI_CBC;
+               break;
        case RTE_CRYPTO_CIPHER_3DES_CBC:
                session->cipher_key.alg = OP_ALG_ALGSEL_3DES;
                session->cipher_key.algmode = OP_ALG_AAI_CBC;
@@ -2283,7 +2388,7 @@ dpaa_sec_detach_rxq(struct dpaa_sec_dev_private *qi, struct qman_fq *fq)
        for (i = 0; i < RTE_DPAA_MAX_RX_QUEUE; i++) {
                if (&qi->inq[i] == fq) {
                        if (qman_retire_fq(fq, NULL) != 0)
-                               DPAA_SEC_WARN("Queue is not retired\n");
+                               DPAA_SEC_DEBUG("Queue is not retired\n");
                        qman_oos_fq(fq);
                        qi->inq_attach[i] = 0;
                        return 0;
@@ -2292,7 +2397,7 @@ dpaa_sec_detach_rxq(struct dpaa_sec_dev_private *qi, struct qman_fq *fq)
        return -1;
 }
 
-static int
+int
 dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess)
 {
        int ret;
@@ -2493,7 +2598,7 @@ dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
        }
 }
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 static int
 dpaa_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform,
                        struct rte_security_ipsec_xform *ipsec_xform,
@@ -2621,12 +2726,16 @@ dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
                break;
        case RTE_CRYPTO_AUTH_AES_CMAC:
                session->auth_key.alg = OP_PCL_IPSEC_AES_CMAC_96;
+               session->auth_key.algmode = OP_ALG_AAI_CMAC;
                break;
        case RTE_CRYPTO_AUTH_NULL:
                session->auth_key.alg = OP_PCL_IPSEC_HMAC_NULL;
                break;
-       case RTE_CRYPTO_AUTH_SHA224_HMAC:
        case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+               session->auth_key.alg = OP_PCL_IPSEC_AES_XCBC_MAC_96;
+               session->auth_key.algmode = OP_ALG_AAI_XCBC_MAC;
+               break;
+       case RTE_CRYPTO_AUTH_SHA224_HMAC:
        case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
        case RTE_CRYPTO_AUTH_SHA1:
        case RTE_CRYPTO_AUTH_SHA256:
@@ -2652,6 +2761,10 @@ dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
                session->cipher_key.alg = OP_PCL_IPSEC_AES_CBC;
                session->cipher_key.algmode = OP_ALG_AAI_CBC;
                break;
+       case RTE_CRYPTO_CIPHER_DES_CBC:
+               session->cipher_key.alg = OP_PCL_IPSEC_DES;
+               session->cipher_key.algmode = OP_ALG_AAI_CBC;
+               break;
        case RTE_CRYPTO_CIPHER_3DES_CBC:
                session->cipher_key.alg = OP_PCL_IPSEC_3DES;
                session->cipher_key.algmode = OP_ALG_AAI_CBC;
@@ -2707,6 +2820,12 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
        session->proto_alg = conf->protocol;
        session->ctxt = DPAA_SEC_IPSEC;
 
+       if (ipsec_xform->life.bytes_hard_limit != 0 ||
+           ipsec_xform->life.bytes_soft_limit != 0 ||
+           ipsec_xform->life.packets_hard_limit != 0 ||
+           ipsec_xform->life.packets_soft_limit != 0)
+               return -ENOTSUP;
+
        if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
                session->dir = DIR_ENC;
        else
@@ -2785,12 +2904,14 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
                        session->encap_pdb.ip_hdr_len =
                                                sizeof(struct rte_ipv6_hdr);
                }
+
                session->encap_pdb.options =
                        (IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
                        PDBOPTS_ESP_OIHI_PDB_INL |
                        PDBOPTS_ESP_IVSRC |
-                       PDBHMO_ESP_ENCAP_DTTL |
                        PDBHMO_ESP_SNR;
+               if (ipsec_xform->options.dec_ttl)
+                       session->encap_pdb.options |= PDBHMO_ESP_ENCAP_DTTL;
                if (ipsec_xform->options.esn)
                        session->encap_pdb.options |= PDBOPTS_ESP_ESN;
                session->encap_pdb.spi = ipsec_xform->spi;
@@ -3100,7 +3221,7 @@ dpaa_sec_dev_infos_get(struct rte_cryptodev *dev,
                info->feature_flags = dev->feature_flags;
                info->capabilities = dpaa_sec_capabilities;
                info->sym.max_nb_sessions = internals->max_nb_sessions;
-               info->driver_id = cryptodev_driver_id;
+               info->driver_id = dpaa_cryptodev_driver_id;
        }
 }
 
@@ -3212,7 +3333,7 @@ dpaa_sec_process_atomic_event(void *event,
        DPAA_PER_LCORE_DQRR_HELD |= 1 << index;
        DPAA_PER_LCORE_DQRR_MBUF(index) = ctx->op->sym->m_src;
        ev->impl_opaque = index + 1;
-       ctx->op->sym->m_src->seqn = (uint32_t)index + 1;
+       *dpaa_seqn(ctx->op->sym->m_src) = (uint32_t)index + 1;
        *bufs = (void *)ctx->op;
 
        rte_mempool_put(ctx->ctx_pool, (void *)ctx);
@@ -3296,10 +3417,13 @@ static struct rte_cryptodev_ops crypto_ops = {
        .queue_pair_release   = dpaa_sec_queue_pair_release,
        .sym_session_get_size     = dpaa_sec_sym_session_get_size,
        .sym_session_configure    = dpaa_sec_sym_session_configure,
-       .sym_session_clear        = dpaa_sec_sym_session_clear
+       .sym_session_clear        = dpaa_sec_sym_session_clear,
+       /* Raw data-path API related operations */
+       .sym_get_raw_dp_ctx_size = dpaa_sec_get_dp_ctx_size,
+       .sym_configure_raw_dp_ctx = dpaa_sec_configure_raw_dp_ctx,
 };
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 static const struct rte_security_capability *
 dpaa_sec_capabilities_get(void *device __rte_unused)
 {
@@ -3338,7 +3462,7 @@ static int
 dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 {
        struct dpaa_sec_dev_private *internals;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
        struct rte_security_ctx *security_instance;
 #endif
        struct dpaa_sec_qp *qp;
@@ -3347,7 +3471,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 
        PMD_INIT_FUNC_TRACE();
 
-       cryptodev->driver_id = cryptodev_driver_id;
+       cryptodev->driver_id = dpaa_cryptodev_driver_id;
        cryptodev->dev_ops = &crypto_ops;
 
        cryptodev->enqueue_burst = dpaa_sec_enqueue_burst;
@@ -3356,6 +3480,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
                        RTE_CRYPTODEV_FF_HW_ACCELERATED |
                        RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
                        RTE_CRYPTODEV_FF_SECURITY |
+                       RTE_CRYPTODEV_FF_SYM_RAW_DP |
                        RTE_CRYPTODEV_FF_IN_PLACE_SGL |
                        RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
                        RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
@@ -3375,7 +3500,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
                DPAA_SEC_WARN("Device already init by primary process");
                return 0;
        }
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
        /* Initialize security_ctx only for primary process*/
        security_instance = rte_malloc("rte_security_instances_ops",
                                sizeof(struct rte_security_ctx), 0);
@@ -3477,8 +3602,10 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 
        /* Invoke PMD device initialization function */
        retval = dpaa_sec_dev_init(cryptodev);
-       if (retval == 0)
+       if (retval == 0) {
+               rte_cryptodev_pmd_probing_finish(cryptodev);
                return 0;
+       }
 
        retval = -ENXIO;
 out:
@@ -3521,5 +3648,5 @@ static struct cryptodev_driver dpaa_sec_crypto_drv;
 
 RTE_PMD_REGISTER_DPAA(CRYPTODEV_NAME_DPAA_SEC_PMD, rte_dpaa_sec_driver);
 RTE_PMD_REGISTER_CRYPTO_DRIVER(dpaa_sec_crypto_drv, rte_dpaa_sec_driver.driver,
-               cryptodev_driver_id);
+               dpaa_cryptodev_driver_id);
 RTE_LOG_REGISTER(dpaa_logtype_sec, pmd.crypto.dpaa, NOTICE);
DPDK repo used for reviews