crypto/ipsec_mb: support snow3g digest appended ops

[dpdk.git] / doc / guides / cryptodevs / mlx5.rst

diff --git a/doc/guides/cryptodevs/mlx5.rst b/doc/guides/cryptodevs/mlx5.rst
index 6f9668e..68bfdf3 100644 (file)
--- a/doc/guides/cryptodevs/mlx5.rst
+++ b/doc/guides/cryptodevs/mlx5.rst
@@ -54,6 +54,9 @@ wrapping.
 The credential and the AES-XTS keys should be provided to the hardware, as ciphertext
 encrypted by the KEK.
 
+A keytag (64 bits) should be appended to the AES-XTS keys (before wrapping),
+and will be validated when the hardware attempts to access it.
+
 When crypto engines are defined to work in wrapped import method, they come out
 of the factory in Commissioning mode, and thus, cannot be used for crypto operations
 yet. A dedicated tool is used for changing the mode from Commissioning to
@@ -96,6 +99,11 @@ The mlxreg dedicated tool should be used as follows:
   The "wrapped_crypto_operational" value will be "0x00000001" if the mode was
   successfully changed to operational mode.
 
+  The mlx5 crypto PMD can be verified by running the test application::
+
+     dpdk-test -c 1 -n 1 -w <dev>,class=crypto,wcs_file=<file_path>
+     RTE>>cryptodev_mlx5_autotest
+
 
 Driver options
 --------------
@@ -120,6 +128,14 @@ Driver options
   The identifier of the credential, default value is 0 represents the operational
   register credential.
 
+- ``keytag`` parameter [int]
+
+  The plaintext of the keytag appended to the AES-XTS keys, default value is 0.
+
+- ``max_segs_num`` parameter [int]
+
+  Maximum number of mbuf chain segments(src or dest), default value is 8.
+
 
 Supported NICs
 --------------