============================================
-The AESNI MB PMD (**librte_pmd_aesni_mb**) provides poll mode crypto driver
+The AESNI MB PMD (**librte_crypto_aesni_mb**) provides poll mode crypto driver
support for utilizing Intel multi buffer library, see the white paper
`Fast Multi-buffer IPsec Implementations on IntelĀ® Architecture Processors
<https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/fast-multi-buffer-ipsec-implementations-ia-processors-paper.pdf>`_.
* RTE_CRYPTO_CIPHER_DES_CBC
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
+* RTE_CRYPTO_CIPHER_AES128_ECB
+* RTE_CRYPTO_CIPHER_AES192_ECB
+* RTE_CRYPTO_CIPHER_AES256_ECB
+* RTE_CRYPTO_CIPHER_ZUC_EEA3
+* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
+* RTE_CRYPTO_CIPHER_KASUMI_F8
Hash algorithms:
-* RTE_CRYPTO_HASH_MD5_HMAC
-* RTE_CRYPTO_HASH_SHA1_HMAC
-* RTE_CRYPTO_HASH_SHA224_HMAC
-* RTE_CRYPTO_HASH_SHA256_HMAC
-* RTE_CRYPTO_HASH_SHA384_HMAC
-* RTE_CRYPTO_HASH_SHA512_HMAC
-* RTE_CRYPTO_HASH_AES_XCBC_HMAC
-* RTE_CRYPTO_HASH_AES_CMAC
-* RTE_CRYPTO_HASH_AES_GMAC
-* RTE_CRYPTO_HASH_SHA1
-* RTE_CRYPTO_HASH_SHA224
-* RTE_CRYPTO_HASH_SHA256
-* RTE_CRYPTO_HASH_SHA384
-* RTE_CRYPTO_HASH_SHA512
+* RTE_CRYPTO_AUTH_MD5_HMAC
+* RTE_CRYPTO_AUTH_SHA1_HMAC
+* RTE_CRYPTO_AUTH_SHA224_HMAC
+* RTE_CRYPTO_AUTH_SHA256_HMAC
+* RTE_CRYPTO_AUTH_SHA384_HMAC
+* RTE_CRYPTO_AUTH_SHA512_HMAC
+* RTE_CRYPTO_AUTH_AES_XCBC_HMAC
+* RTE_CRYPTO_AUTH_AES_CMAC
+* RTE_CRYPTO_AUTH_AES_GMAC
+* RTE_CRYPTO_AUTH_SHA1
+* RTE_CRYPTO_AUTH_SHA224
+* RTE_CRYPTO_AUTH_SHA256
+* RTE_CRYPTO_AUTH_SHA384
+* RTE_CRYPTO_AUTH_SHA512
+* RTE_CRYPTO_AUTH_ZUC_EIA3
+* RTE_CRYPTO_AUTH_SNOW3G_UIA2
+* RTE_CRYPTO_AUTH_KASUMI_F9
AEAD algorithms:
* RTE_CRYPTO_AEAD_AES_CCM
* RTE_CRYPTO_AEAD_AES_GCM
+* RTE_CRYPTO_AEAD_CHACHA20_POLY1305
+
+Protocol offloads:
+
+* RTE_SECURITY_PROTOCOL_DOCSIS
Limitations
-----------
* Chained mbufs are not supported.
+* Out-of-place is not supported for combined Crypto-CRC DOCSIS security
+ protocol.
+* RTE_CRYPTO_CIPHER_DES_DOCSISBPI is not supported for combined Crypto-CRC
+ DOCSIS security protocol.
Installation
To build DPDK with the AESNI_MB_PMD the user is required to download the multi-buffer
library from `here <https://github.com/01org/intel-ipsec-mb>`_
and compile it on their user system before building DPDK.
-The latest version of the library supported by this PMD is v0.54, which
-can be downloaded from `<https://github.com/01org/intel-ipsec-mb/archive/v0.54.zip>`_.
+The latest version of the library supported by this PMD is v0.55, which
+can be downloaded from `<https://github.com/01org/intel-ipsec-mb/archive/v0.55.zip>`_.
.. code-block:: console
18.02 0.48
18.05 - 19.02 0.49 - 0.52
19.05 - 19.08 0.52
- 19.11+ 0.52 - 0.54
+ 19.11+ 0.52 - 0.55
============== ============================
* Build the multi buffer library (explained in Installation section).
-* Set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_base.
-
To use the PMD in an application, user must:
* Call rte_vdev_init("crypto_aesni_mb") within the application.
.. code-block:: console
- ./l2fwd-crypto -l 1 -n 4 --vdev="crypto_aesni_mb,socket_id=0,max_nb_sessions=128" \
+ ./dpdk-l2fwd-crypto -l 1 -n 4 --vdev="crypto_aesni_mb,socket_id=0,max_nb_sessions=128" \
-- -p 1 --cdev SW --chain CIPHER_HASH --cipher_algo "aes-cbc" --auth_algo "sha1-hmac"
Extra notes