X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcommon%2Fcpt%2Fcpt_ucode.h;h=763355fb1f03d6fa60b9cc6ab7b149faf04313f1;hb=f0f5d844d138;hp=239c5df929bfc8b4e624e93267314931da21d3d6;hpb=f39928e6560648362858f0103e3b7bed18e89606;p=dpdk.git

diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
index 239c5df929..763355fb1f 100644
--- a/drivers/common/cpt/cpt_ucode.h
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -22,40 +22,8 @@ static uint8_t zuc_d[32] = {
 	0x5E, 0x26, 0x3C, 0x4D, 0x78, 0x9A, 0x47, 0xAC
 };
 
-static __rte_always_inline int
-cpt_is_algo_supported(struct rte_crypto_sym_xform *xform)
-{
-	/*
-	 * Microcode only supports the following combination.
-	 * Encryption followed by authentication
-	 * Authentication followed by decryption
-	 */
-	if (xform->next) {
-		if ((xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) &&
-		    (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) &&
-		    (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)) {
-			/* Unsupported as of now by microcode */
-			CPT_LOG_DP_ERR("Unsupported combination");
-			return -1;
-		}
-		if ((xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) &&
-		    (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) &&
-		    (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT)) {
-			/* For GMAC auth there is no cipher operation */
-			if (xform->aead.algo != RTE_CRYPTO_AEAD_AES_GCM ||
-			    xform->next->auth.algo !=
-			    RTE_CRYPTO_AUTH_AES_GMAC) {
-				/* Unsupported as of now by microcode */
-				CPT_LOG_DP_ERR("Unsupported combination");
-				return -1;
-			}
-		}
-	}
-	return 0;
-}
-
 static __rte_always_inline void
-gen_key_snow3g(uint8_t *ck, uint32_t *keyx)
+gen_key_snow3g(const uint8_t *ck, uint32_t *keyx)
 {
 	int i, base;
 
@@ -89,8 +57,7 @@ cpt_fc_ciph_validate_key_aes(uint16_t key_len)
 }
 
 static __rte_always_inline int
-cpt_fc_ciph_validate_key(cipher_type_t type, struct cpt_ctx *cpt_ctx,
-		uint16_t key_len)
+cpt_fc_ciph_set_type(cipher_type_t type, struct cpt_ctx *ctx, uint16_t key_len)
 {
 	int fc_type = 0;
 	switch (type) {
@@ -110,6 +77,9 @@ cpt_fc_ciph_validate_key(cipher_type_t type, struct cpt_ctx *cpt_ctx,
 			return -1;
 		fc_type = FC_GEN;
 		break;
+	case CHACHA20:
+		fc_type = FC_GEN;
+		break;
 	case AES_XTS:
 		key_len = key_len / 2;
 		if (unlikely(key_len == CPT_BYTE_24)) {
@@ -125,7 +95,7 @@ cpt_fc_ciph_validate_key(cipher_type_t type, struct cpt_ctx *cpt_ctx,
 		if (unlikely(key_len != 16))
 			return -1;
 		/* No support for AEAD yet */
-		if (unlikely(cpt_ctx->hash_type))
+		if (unlikely(ctx->hash_type))
 			return -1;
 		fc_type = ZUC_SNOW3G;
 		break;
@@ -134,21 +104,23 @@ cpt_fc_ciph_validate_key(cipher_type_t type, struct cpt_ctx *cpt_ctx,
 		if (unlikely(key_len != 16))
 			return -1;
 		/* No support for AEAD yet */
-		if (unlikely(cpt_ctx->hash_type))
+		if (unlikely(ctx->hash_type))
 			return -1;
 		fc_type = KASUMI;
 		break;
 	default:
 		return -1;
 	}
-	return fc_type;
+
+	ctx->fc_type = fc_type;
+	return 0;
 }
 
 static __rte_always_inline void
 cpt_fc_ciph_set_key_passthrough(struct cpt_ctx *cpt_ctx, mc_fc_context_t *fctx)
 {
 	cpt_ctx->enc_cipher = 0;
-	CPT_P_ENC_CTRL(fctx).enc_cipher = 0;
+	fctx->enc.enc_cipher = 0;
 }
 
 static __rte_always_inline void
@@ -170,80 +142,74 @@ cpt_fc_ciph_set_key_set_aes_key_type(mc_fc_context_t *fctx, uint16_t key_len)
 		CPT_LOG_DP_ERR("Invalid AES key len");
 		return;
 	}
-	CPT_P_ENC_CTRL(fctx).aes_key = aes_key_type;
+	fctx->enc.aes_key = aes_key_type;
 }
 
 static __rte_always_inline void
-cpt_fc_ciph_set_key_snow3g_uea2(struct cpt_ctx *cpt_ctx, uint8_t *key,
+cpt_fc_ciph_set_key_snow3g_uea2(struct cpt_ctx *cpt_ctx, const uint8_t *key,
 		uint16_t key_len)
 {
 	uint32_t keyx[4];
 	cpt_ctx->snow3g = 1;
 	gen_key_snow3g(key, keyx);
 	memcpy(cpt_ctx->zs_ctx.ci_key, keyx, key_len);
-	cpt_ctx->fc_type = ZUC_SNOW3G;
 	cpt_ctx->zsk_flags = 0;
 }
 
 static __rte_always_inline void
-cpt_fc_ciph_set_key_zuc_eea3(struct cpt_ctx *cpt_ctx, uint8_t *key,
+cpt_fc_ciph_set_key_zuc_eea3(struct cpt_ctx *cpt_ctx, const uint8_t *key,
 		uint16_t key_len)
 {
 	cpt_ctx->snow3g = 0;
 	memcpy(cpt_ctx->zs_ctx.ci_key, key, key_len);
 	memcpy(cpt_ctx->zs_ctx.zuc_const, zuc_d, 32);
-	cpt_ctx->fc_type = ZUC_SNOW3G;
 	cpt_ctx->zsk_flags = 0;
 }
 
 static __rte_always_inline void
-cpt_fc_ciph_set_key_kasumi_f8_ecb(struct cpt_ctx *cpt_ctx, uint8_t *key,
+cpt_fc_ciph_set_key_kasumi_f8_ecb(struct cpt_ctx *cpt_ctx, const uint8_t *key,
 		uint16_t key_len)
 {
 	cpt_ctx->k_ecb = 1;
 	memcpy(cpt_ctx->k_ctx.ci_key, key, key_len);
 	cpt_ctx->zsk_flags = 0;
-	cpt_ctx->fc_type = KASUMI;
 }
 
 static __rte_always_inline void
-cpt_fc_ciph_set_key_kasumi_f8_cbc(struct cpt_ctx *cpt_ctx, uint8_t *key,
+cpt_fc_ciph_set_key_kasumi_f8_cbc(struct cpt_ctx *cpt_ctx, const uint8_t *key,
 		uint16_t key_len)
 {
 	memcpy(cpt_ctx->k_ctx.ci_key, key, key_len);
 	cpt_ctx->zsk_flags = 0;
-	cpt_ctx->fc_type = KASUMI;
 }
 
 static __rte_always_inline int
-cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key,
+cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key,
 		    uint16_t key_len, uint8_t *salt)
 {
 	struct cpt_ctx *cpt_ctx = ctx;
 	mc_fc_context_t *fctx = &cpt_ctx->fctx;
-	uint64_t *ctrl_flags = NULL;
-	int fc_type;
+	int ret;
 
-	/* Validate key before proceeding */
-	fc_type = cpt_fc_ciph_validate_key(type, cpt_ctx, key_len);
-	if (unlikely(fc_type == -1))
+	ret = cpt_fc_ciph_set_type(type, cpt_ctx, key_len);
+	if (unlikely(ret))
 		return -1;
 
-	if (fc_type == FC_GEN) {
-		cpt_ctx->fc_type = FC_GEN;
-		ctrl_flags = (uint64_t *)&(fctx->enc.enc_ctrl.flags);
-		*ctrl_flags = rte_be_to_cpu_64(*ctrl_flags);
+	if (cpt_ctx->fc_type == FC_GEN) {
 		/*
 		 * We need to always say IV is from DPTR as user can
 		 * sometimes iverride IV per operation.
 		 */
-		CPT_P_ENC_CTRL(fctx).iv_source = CPT_FROM_DPTR;
+		fctx->enc.iv_source = CPT_FROM_DPTR;
+
+		if (cpt_ctx->auth_key_len > 64)
+			return -1;
 	}
 
 	switch (type) {
 	case PASSTHROUGH:
 		cpt_fc_ciph_set_key_passthrough(cpt_ctx, fctx);
-		goto fc_success;
+		goto success;
 	case DES3_CBC:
 		/* CPT performs DES using 3DES with the 8B DES-key
 		 * replicated 2 more times to match the 24B 3DES-key.
@@ -260,12 +226,13 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key,
 		break;
 	case DES3_ECB:
 		/* For DES3_ECB IV need to be from CTX. */
-		CPT_P_ENC_CTRL(fctx).iv_source = CPT_FROM_CTX;
+		fctx->enc.iv_source = CPT_FROM_CTX;
 		break;
 	case AES_CBC:
 	case AES_ECB:
 	case AES_CFB:
 	case AES_CTR:
+	case CHACHA20:
 		cpt_fc_ciph_set_key_set_aes_key_type(fctx, key_len);
 		break;
 	case AES_GCM:
@@ -278,7 +245,7 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key,
 			 * and nothing else
 			 */
 			if (!key)
-				goto fc_success;
+				goto success;
 		}
 		cpt_fc_ciph_set_key_set_aes_key_type(fctx, key_len);
 		break;
@@ -303,20 +270,17 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key,
 		cpt_fc_ciph_set_key_kasumi_f8_cbc(cpt_ctx, key, key_len);
 		goto success;
 	default:
-		break;
+		return -1;
 	}
 
 	/* Only for FC_GEN case */
 
 	/* For GMAC auth, cipher must be NULL */
 	if (cpt_ctx->hash_type != GMAC_TYPE)
-		CPT_P_ENC_CTRL(fctx).enc_cipher = type;
+		fctx->enc.enc_cipher = type;
 
 	memcpy(fctx->enc.encr_key, key, key_len);
 
-fc_success:
-	*ctrl_flags = rte_cpu_to_be_64(*ctrl_flags);
-
 success:
 	cpt_ctx->enc_cipher = type;
 
@@ -381,7 +345,7 @@ fill_sg_comp_from_iov(sg_comp_t *list,
 {
 	int32_t j;
 	uint32_t extra_len = extra_buf ? extra_buf->size : 0;
-	uint32_t size = *psize - extra_len;
+	uint32_t size = *psize;
 	buf_ptr_t *bufs;
 
 	bufs = from->bufs;
@@ -390,9 +354,6 @@ fill_sg_comp_from_iov(sg_comp_t *list,
 		uint32_t e_len;
 		sg_comp_t *to = &list[i >> 2];
 
-		if (!bufs[j].size)
-			continue;
-
 		if (unlikely(from_offset)) {
 			if (from_offset >= bufs[j].size) {
 				from_offset -= bufs[j].size;
@@ -424,18 +385,19 @@ fill_sg_comp_from_iov(sg_comp_t *list,
 				to->u.s.len[i % 4] = rte_cpu_to_be_16(e_len);
 			}
 
+			extra_len = RTE_MIN(extra_len, size);
 			/* Insert extra data ptr */
 			if (extra_len) {
 				i++;
 				to = &list[i >> 2];
 				to->u.s.len[i % 4] =
-					rte_cpu_to_be_16(extra_buf->size);
+					rte_cpu_to_be_16(extra_len);
 				to->ptr[i % 4] =
 					rte_cpu_to_be_64(extra_buf->dma_addr);
-
-				/* size already decremented by extra len */
+				size -= extra_len;
 			}
 
+			next_len = RTE_MIN(next_len, size);
 			/* insert the rest of the data */
 			if (next_len) {
 				i++;
@@ -467,7 +429,6 @@ cpt_digest_gen_prep(uint32_t flags,
 {
 	struct cpt_request_info *req;
 	uint32_t size, i;
-	int32_t m_size;
 	uint16_t data_len, mac_len, key_len;
 	auth_type_t hash_type;
 	buf_ptr_t *meta_p;
@@ -488,7 +449,6 @@ cpt_digest_gen_prep(uint32_t flags,
 
 	m_vaddr = meta_p->vaddr;
 	m_dma = meta_p->dma_addr;
-	m_size = meta_p->size;
 
 	/*
 	 * Save initial space that followed app data for completion code &
@@ -504,14 +464,12 @@ cpt_digest_gen_prep(uint32_t flags,
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	req = m_vaddr;
 
 	size = sizeof(struct cpt_request_info);
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	hash_type = ctx->hash_type;
 	mac_len = ctx->mac_len;
@@ -520,16 +478,15 @@ cpt_digest_gen_prep(uint32_t flags,
 
 	/*GP op header */
 	vq_cmd_w0.u64 = 0;
-	vq_cmd_w0.s.param2 = rte_cpu_to_be_16(((uint16_t)hash_type << 8));
+	vq_cmd_w0.s.param2 = ((uint16_t)hash_type << 8);
 	if (ctx->hmac) {
 		opcode.s.major = CPT_MAJOR_OP_HMAC | CPT_DMA_MODE;
-		vq_cmd_w0.s.param1 = rte_cpu_to_be_16(key_len);
-		vq_cmd_w0.s.dlen =
-			rte_cpu_to_be_16((data_len + ROUNDUP8(key_len)));
+		vq_cmd_w0.s.param1 = key_len;
+		vq_cmd_w0.s.dlen = data_len + ROUNDUP8(key_len);
 	} else {
 		opcode.s.major = CPT_MAJOR_OP_HASH | CPT_DMA_MODE;
 		vq_cmd_w0.s.param1 = 0;
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(data_len);
+		vq_cmd_w0.s.dlen = data_len;
 	}
 
 	opcode.s.minor = 0;
@@ -540,10 +497,10 @@ cpt_digest_gen_prep(uint32_t flags,
 		/* Minor op is passthrough */
 		opcode.s.minor = 0x03;
 		/* Send out completion code only */
-		vq_cmd_w0.s.param2 = rte_cpu_to_be_16(0x1);
+		vq_cmd_w0.s.param2 = 0x1;
 	}
 
-	vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+	vq_cmd_w0.s.opcode = opcode.flags;
 
 	/* DPTR has SG list */
 	in_buffer = m_vaddr;
@@ -622,11 +579,10 @@ cpt_digest_gen_prep(uint32_t flags,
 	size = g_size_bytes + s_size_bytes + SG_LIST_HDR_SIZE;
 
 	/* This is DPTR len incase of SG mode */
-	vq_cmd_w0.s.dlen = rte_cpu_to_be_16(size);
+	vq_cmd_w0.s.dlen = size;
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* cpt alternate completion address saved earlier */
 	req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8);
@@ -635,11 +591,6 @@ cpt_digest_gen_prep(uint32_t flags,
 
 	req->ist.ei1 = dptr_dma;
 	req->ist.ei2 = rptr_dma;
-	/* First 16-bit swap then 64-bit swap */
-	/* TODO: HACK: Reverse the vq_cmd and cpt_req bit field definitions
-	 * to eliminate all the swapping
-	 */
-	vq_cmd_w0.u64 = rte_cpu_to_be_64(vq_cmd_w0.u64);
 
 	/* vq command w3 */
 	vq_cmd_w3.u64 = 0;
@@ -684,13 +635,11 @@ cpt_enc_hmac_prep(uint32_t flags,
 	vq_cmd_word3_t vq_cmd_w3;
 	void *c_vaddr;
 	uint64_t c_dma;
-	int32_t m_size;
 	opcode_info_t opcode;
 
 	meta_p = &fc_params->meta_buf;
 	m_vaddr = meta_p->vaddr;
 	m_dma = meta_p->dma_addr;
-	m_size = meta_p->size;
 
 	encr_offset = ENCR_OFFSET(d_offs);
 	auth_offset = AUTH_OFFSET(d_offs);
@@ -726,7 +675,6 @@ cpt_enc_hmac_prep(uint32_t flags,
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* start cpt request info struct at 8 byte boundary */
 	size = (uint8_t *)RTE_PTR_ALIGN(m_vaddr, 8) -
@@ -737,10 +685,6 @@ cpt_enc_hmac_prep(uint32_t flags,
 	size += sizeof(struct cpt_request_info);
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
-
-	if (hash_type == GMAC_TYPE)
-		encr_data_len = 0;
 
 	if (unlikely(!(flags & VALID_IV_BUF))) {
 		iv_len = 0;
@@ -773,6 +717,11 @@ cpt_enc_hmac_prep(uint32_t flags,
 	opcode.s.major = CPT_MAJOR_OP_FC;
 	opcode.s.minor = 0;
 
+	if (hash_type == GMAC_TYPE) {
+		encr_offset = 0;
+		encr_data_len = 0;
+	}
+
 	auth_dlen = auth_offset + auth_data_len;
 	enc_dlen = encr_data_len + encr_offset;
 	if (unlikely(encr_data_len & 0xf)) {
@@ -783,11 +732,6 @@ cpt_enc_hmac_prep(uint32_t flags,
 			enc_dlen = ROUNDUP16(encr_data_len) + encr_offset;
 	}
 
-	if (unlikely(hash_type == GMAC_TYPE)) {
-		encr_offset = auth_dlen;
-		enc_dlen = 0;
-	}
-
 	if (unlikely(auth_dlen > enc_dlen)) {
 		inputlen = auth_dlen;
 		outputlen = auth_dlen + mac_len;
@@ -798,8 +742,8 @@ cpt_enc_hmac_prep(uint32_t flags,
 
 	/* GP op header */
 	vq_cmd_w0.u64 = 0;
-	vq_cmd_w0.s.param1 = rte_cpu_to_be_16(encr_data_len);
-	vq_cmd_w0.s.param2 = rte_cpu_to_be_16(auth_data_len);
+	vq_cmd_w0.s.param1 = encr_data_len;
+	vq_cmd_w0.s.param2 = auth_data_len;
 	/*
 	 * In 83XX since we have a limitation of
 	 * IV & Offset control word not part of instruction
@@ -826,9 +770,9 @@ cpt_enc_hmac_prep(uint32_t flags,
 		req->alternate_caddr = (uint64_t *)((uint8_t *)dm_vaddr
 						    + outputlen - iv_len);
 
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(inputlen + OFF_CTRL_LEN);
+		vq_cmd_w0.s.dlen = inputlen + OFF_CTRL_LEN;
 
-		vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+		vq_cmd_w0.s.opcode = opcode.flags;
 
 		if (likely(iv_len)) {
 			uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr
@@ -857,11 +801,10 @@ cpt_enc_hmac_prep(uint32_t flags,
 
 		m_vaddr = (uint8_t *)m_vaddr + size;
 		m_dma += size;
-		m_size -= size;
 
 		opcode.s.major |= CPT_DMA_MODE;
 
-		vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+		vq_cmd_w0.s.opcode = opcode.flags;
 
 		if (likely(iv_len)) {
 			uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr
@@ -1005,11 +948,10 @@ cpt_enc_hmac_prep(uint32_t flags,
 		size = g_size_bytes + s_size_bytes + SG_LIST_HDR_SIZE;
 
 		/* This is DPTR len incase of SG mode */
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(size);
+		vq_cmd_w0.s.dlen = size;
 
 		m_vaddr = (uint8_t *)m_vaddr + size;
 		m_dma += size;
-		m_size -= size;
 
 		/* cpt alternate completion address saved earlier */
 		req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8);
@@ -1020,12 +962,6 @@ cpt_enc_hmac_prep(uint32_t flags,
 		req->ist.ei2 = rptr_dma;
 	}
 
-	/* First 16-bit swap then 64-bit swap */
-	/* TODO: HACK: Reverse the vq_cmd and cpt_req bit field definitions
-	 * to eliminate all the swapping
-	 */
-	vq_cmd_w0.u64 = rte_cpu_to_be_64(vq_cmd_w0.u64);
-
 	ctx_dma = fc_params->ctx_buf.dma_addr +
 		offsetof(struct cpt_ctx, fctx);
 	/* vq command w3 */
@@ -1059,7 +995,7 @@ cpt_dec_hmac_prep(uint32_t flags,
 	uint32_t iv_offset = 0, size;
 	int32_t inputlen, outputlen, enc_dlen, auth_dlen;
 	struct cpt_ctx *cpt_ctx;
-	int32_t hash_type, mac_len, m_size;
+	int32_t hash_type, mac_len;
 	uint8_t iv_len = 16;
 	struct cpt_request_info *req;
 	buf_ptr_t *meta_p, *aad_buf = NULL;
@@ -1077,7 +1013,6 @@ cpt_dec_hmac_prep(uint32_t flags,
 	meta_p = &fc_params->meta_buf;
 	m_vaddr = meta_p->vaddr;
 	m_dma = meta_p->dma_addr;
-	m_size = meta_p->size;
 
 	encr_offset = ENCR_OFFSET(d_offs);
 	auth_offset = AUTH_OFFSET(d_offs);
@@ -1099,9 +1034,6 @@ cpt_dec_hmac_prep(uint32_t flags,
 	hash_type = cpt_ctx->hash_type;
 	mac_len = cpt_ctx->mac_len;
 
-	if (hash_type == GMAC_TYPE)
-		encr_data_len = 0;
-
 	if (unlikely(!(flags & VALID_IV_BUF))) {
 		iv_len = 0;
 		iv_offset = ENCR_IV_OFFSET(d_offs);
@@ -1143,7 +1075,6 @@ cpt_dec_hmac_prep(uint32_t flags,
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* start cpt request info structure at 8 byte alignment */
 	size = (uint8_t *)RTE_PTR_ALIGN(m_vaddr, 8) -
@@ -1154,12 +1085,16 @@ cpt_dec_hmac_prep(uint32_t flags,
 	size += sizeof(struct cpt_request_info);
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* Decryption */
 	opcode.s.major = CPT_MAJOR_OP_FC;
 	opcode.s.minor = 1;
 
+	if (hash_type == GMAC_TYPE) {
+		encr_offset = 0;
+		encr_data_len = 0;
+	}
+
 	enc_dlen = encr_offset + encr_data_len;
 	auth_dlen = auth_offset + auth_data_len;
 
@@ -1171,12 +1106,9 @@ cpt_dec_hmac_prep(uint32_t flags,
 		outputlen = enc_dlen;
 	}
 
-	if (hash_type == GMAC_TYPE)
-		encr_offset = inputlen;
-
 	vq_cmd_w0.u64 = 0;
-	vq_cmd_w0.s.param1 = rte_cpu_to_be_16(encr_data_len);
-	vq_cmd_w0.s.param2 = rte_cpu_to_be_16(auth_data_len);
+	vq_cmd_w0.s.param1 = encr_data_len;
+	vq_cmd_w0.s.param2 = auth_data_len;
 
 	/*
 	 * In 83XX since we have a limitation of
@@ -1209,9 +1141,9 @@ cpt_dec_hmac_prep(uint32_t flags,
 		 * hmac.
 		 */
 
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(inputlen + OFF_CTRL_LEN);
+		vq_cmd_w0.s.dlen = inputlen + OFF_CTRL_LEN;
 
-		vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+		vq_cmd_w0.s.opcode = opcode.flags;
 
 		if (likely(iv_len)) {
 			uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr +
@@ -1241,11 +1173,10 @@ cpt_dec_hmac_prep(uint32_t flags,
 
 		m_vaddr = (uint8_t *)m_vaddr + size;
 		m_dma += size;
-		m_size -= size;
 
 		opcode.s.major |= CPT_DMA_MODE;
 
-		vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+		vq_cmd_w0.s.opcode = opcode.flags;
 
 		if (likely(iv_len)) {
 			uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr +
@@ -1401,11 +1332,10 @@ cpt_dec_hmac_prep(uint32_t flags,
 		size = g_size_bytes + s_size_bytes + SG_LIST_HDR_SIZE;
 
 		/* This is DPTR len incase of SG mode */
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(size);
+		vq_cmd_w0.s.dlen = size;
 
 		m_vaddr = (uint8_t *)m_vaddr + size;
 		m_dma += size;
-		m_size -= size;
 
 		/* cpt alternate completion address saved earlier */
 		req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8);
@@ -1417,12 +1347,6 @@ cpt_dec_hmac_prep(uint32_t flags,
 		req->ist.ei2 = rptr_dma;
 	}
 
-	/* First 16-bit swap then 64-bit swap */
-	/* TODO: HACK: Reverse the vq_cmd and cpt_req bit field definitions
-	 * to eliminate all the swapping
-	 */
-	vq_cmd_w0.u64 = rte_cpu_to_be_64(vq_cmd_w0.u64);
-
 	ctx_dma = fc_params->ctx_buf.dma_addr +
 		offsetof(struct cpt_ctx, fctx);
 	/* vq command w3 */
@@ -1462,7 +1386,7 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 	buf_ptr_t *buf_p;
 	uint32_t encr_offset = 0, auth_offset = 0;
 	uint32_t encr_data_len = 0, auth_data_len = 0;
-	int flags, iv_len = 16, m_size;
+	int flags, iv_len = 16;
 	void *m_vaddr, *c_vaddr;
 	uint64_t m_dma, c_dma, offset_ctrl;
 	uint64_t *offset_vaddr, offset_dma;
@@ -1474,7 +1398,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 	buf_p = &params->meta_buf;
 	m_vaddr = buf_p->vaddr;
 	m_dma = buf_p->dma_addr;
-	m_size = buf_p->size;
 
 	cpt_ctx = params->ctx_buf.vaddr;
 	flags = cpt_ctx->zsk_flags;
@@ -1496,7 +1419,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* Reserve memory for cpt request info */
 	req = m_vaddr;
@@ -1504,12 +1426,12 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 	size = sizeof(struct cpt_request_info);
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	opcode.s.major = CPT_MAJOR_OP_ZUC_SNOW3G;
 
 	/* indicates CPTR ctx, operation type, KEY & IV mode from DPTR */
-	opcode.s.minor = ((1 << 6) | (snow3g << 5) | (0 << 4) |
+
+	opcode.s.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) |
 			  (0 << 3) | (flags & 0x7));
 
 	if (flags == 0x1) {
@@ -1573,8 +1495,8 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 	 * GP op header, lengths are expected in bits.
 	 */
 	vq_cmd_w0.u64 = 0;
-	vq_cmd_w0.s.param1 = rte_cpu_to_be_16(encr_data_len);
-	vq_cmd_w0.s.param2 = rte_cpu_to_be_16(auth_data_len);
+	vq_cmd_w0.s.param1 = encr_data_len;
+	vq_cmd_w0.s.param2 = auth_data_len;
 
 	/*
 	 * In 83XX since we have a limitation of
@@ -1603,9 +1525,9 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 		req->alternate_caddr = (uint64_t *)((uint8_t *)dm_vaddr
 						    + outputlen - iv_len);
 
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(inputlen + OFF_CTRL_LEN);
+		vq_cmd_w0.s.dlen = inputlen + OFF_CTRL_LEN;
 
-		vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+		vq_cmd_w0.s.opcode = opcode.flags;
 
 		if (likely(iv_len)) {
 			uint32_t *iv_d = (uint32_t *)((uint8_t *)offset_vaddr
@@ -1628,11 +1550,10 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 
 		m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len;
 		m_dma += OFF_CTRL_LEN + iv_len;
-		m_size -= OFF_CTRL_LEN + iv_len;
 
 		opcode.s.major |= CPT_DMA_MODE;
 
-		vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+		vq_cmd_w0.s.opcode = opcode.flags;
 
 		/* DPTR has SG list */
 		in_buffer = m_vaddr;
@@ -1734,11 +1655,10 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 		size = g_size_bytes + s_size_bytes + SG_LIST_HDR_SIZE;
 
 		/* This is DPTR len incase of SG mode */
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(size);
+		vq_cmd_w0.s.dlen = size;
 
 		m_vaddr = (uint8_t *)m_vaddr + size;
 		m_dma += size;
-		m_size -= size;
 
 		/* cpt alternate completion address saved earlier */
 		req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8);
@@ -1749,12 +1669,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags,
 		req->ist.ei2 = rptr_dma;
 	}
 
-	/* First 16-bit swap then 64-bit swap */
-	/* TODO: HACK: Reverse the vq_cmd and cpt_req bit field definitions
-	 * to eliminate all the swapping
-	 */
-	vq_cmd_w0.u64 = rte_cpu_to_be_64(vq_cmd_w0.u64);
-
 	/* vq command w3 */
 	vq_cmd_w3.u64 = 0;
 	vq_cmd_w3.s.grp = 0;
@@ -1792,7 +1706,7 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 	buf_ptr_t *buf_p;
 	uint32_t encr_offset;
 	uint32_t encr_data_len;
-	int flags, m_size;
+	int flags;
 	void *m_vaddr, *c_vaddr;
 	uint64_t m_dma, c_dma;
 	uint64_t *offset_vaddr, offset_dma;
@@ -1804,7 +1718,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 	buf_p = &params->meta_buf;
 	m_vaddr = buf_p->vaddr;
 	m_dma = buf_p->dma_addr;
-	m_size = buf_p->size;
 
 	/*
 	 * Microcode expects offsets in bytes
@@ -1831,7 +1744,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* Reserve memory for cpt request info */
 	req = m_vaddr;
@@ -1839,12 +1751,12 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 	size = sizeof(struct cpt_request_info);
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	opcode.s.major = CPT_MAJOR_OP_ZUC_SNOW3G;
 
 	/* indicates CPTR ctx, operation type, KEY & IV mode from DPTR */
-	opcode.s.minor = ((1 << 6) | (snow3g << 5) | (0 << 4) |
+
+	opcode.s.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) |
 			  (0 << 3) | (flags & 0x7));
 
 	/* consider iv len */
@@ -1874,7 +1786,7 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 	 * GP op header, lengths are expected in bits.
 	 */
 	vq_cmd_w0.u64 = 0;
-	vq_cmd_w0.s.param1 = rte_cpu_to_be_16(encr_data_len);
+	vq_cmd_w0.s.param1 = encr_data_len;
 
 	/*
 	 * In 83XX since we have a limitation of
@@ -1903,9 +1815,9 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 		req->alternate_caddr = (uint64_t *)((uint8_t *)dm_vaddr
 						    + outputlen - iv_len);
 
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(inputlen + OFF_CTRL_LEN);
+		vq_cmd_w0.s.dlen = inputlen + OFF_CTRL_LEN;
 
-		vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+		vq_cmd_w0.s.opcode = opcode.flags;
 
 		if (likely(iv_len)) {
 			uint32_t *iv_d = (uint32_t *)((uint8_t *)offset_vaddr
@@ -1929,11 +1841,10 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 
 		m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len;
 		m_dma += OFF_CTRL_LEN + iv_len;
-		m_size -= OFF_CTRL_LEN + iv_len;
 
 		opcode.s.major |= CPT_DMA_MODE;
 
-		vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+		vq_cmd_w0.s.opcode = opcode.flags;
 
 		/* DPTR has SG list */
 		in_buffer = m_vaddr;
@@ -2008,11 +1919,10 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 		size = g_size_bytes + s_size_bytes + SG_LIST_HDR_SIZE;
 
 		/* This is DPTR len incase of SG mode */
-		vq_cmd_w0.s.dlen = rte_cpu_to_be_16(size);
+		vq_cmd_w0.s.dlen = size;
 
 		m_vaddr = (uint8_t *)m_vaddr + size;
 		m_dma += size;
-		m_size -= size;
 
 		/* cpt alternate completion address saved earlier */
 		req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8);
@@ -2023,12 +1933,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags,
 		req->ist.ei2 = rptr_dma;
 	}
 
-	/* First 16-bit swap then 64-bit swap */
-	/* TODO: HACK: Reverse the vq_cmd and cpt_req bit field definitions
-	 * to eliminate all the swapping
-	 */
-	vq_cmd_w0.u64 = rte_cpu_to_be_64(vq_cmd_w0.u64);
-
 	/* vq command w3 */
 	vq_cmd_w3.u64 = 0;
 	vq_cmd_w3.s.grp = 0;
@@ -2067,7 +1971,7 @@ cpt_kasumi_enc_prep(uint32_t req_flags,
 	buf_ptr_t *buf_p;
 	uint32_t encr_offset, auth_offset;
 	uint32_t encr_data_len, auth_data_len;
-	int flags, m_size;
+	int flags;
 	uint8_t *iv_s, *iv_d, iv_len = 8;
 	uint8_t dir = 0;
 	void *m_vaddr, *c_vaddr;
@@ -2085,7 +1989,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags,
 	buf_p = &params->meta_buf;
 	m_vaddr = buf_p->vaddr;
 	m_dma = buf_p->dma_addr;
-	m_size = buf_p->size;
 
 	encr_offset = ENCR_OFFSET(d_offs) / 8;
 	auth_offset = AUTH_OFFSET(d_offs) / 8;
@@ -2118,7 +2021,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags,
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* Reserve memory for cpt request info */
 	req = m_vaddr;
@@ -2126,7 +2028,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags,
 	size = sizeof(struct cpt_request_info);
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	opcode.s.major = CPT_MAJOR_OP_KASUMI | CPT_DMA_MODE;
 
@@ -2138,9 +2039,9 @@ cpt_kasumi_enc_prep(uint32_t req_flags,
 	 * GP op header, lengths are expected in bits.
 	 */
 	vq_cmd_w0.u64 = 0;
-	vq_cmd_w0.s.param1 = rte_cpu_to_be_16(encr_data_len);
-	vq_cmd_w0.s.param2 = rte_cpu_to_be_16(auth_data_len);
-	vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+	vq_cmd_w0.s.param1 = encr_data_len;
+	vq_cmd_w0.s.param2 = auth_data_len;
+	vq_cmd_w0.s.opcode = opcode.flags;
 
 	/* consider iv len */
 	if (flags == 0x0) {
@@ -2154,7 +2055,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags,
 
 	m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len;
 	m_dma += OFF_CTRL_LEN + iv_len;
-	m_size -= OFF_CTRL_LEN + iv_len;
 
 	/* DPTR has SG list */
 	in_buffer = m_vaddr;
@@ -2267,11 +2167,10 @@ cpt_kasumi_enc_prep(uint32_t req_flags,
 	size = g_size_bytes + s_size_bytes + SG_LIST_HDR_SIZE;
 
 	/* This is DPTR len incase of SG mode */
-	vq_cmd_w0.s.dlen = rte_cpu_to_be_16(size);
+	vq_cmd_w0.s.dlen = size;
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* cpt alternate completion address saved earlier */
 	req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8);
@@ -2281,12 +2180,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags,
 	req->ist.ei1 = dptr_dma;
 	req->ist.ei2 = rptr_dma;
 
-	/* First 16-bit swap then 64-bit swap */
-	/* TODO: HACK: Reverse the vq_cmd and cpt_req bit field definitions
-	 * to eliminate all the swapping
-	 */
-	vq_cmd_w0.u64 = rte_cpu_to_be_64(vq_cmd_w0.u64);
-
 	/* vq command w3 */
 	vq_cmd_w3.u64 = 0;
 	vq_cmd_w3.s.grp = 0;
@@ -2323,7 +2216,7 @@ cpt_kasumi_dec_prep(uint64_t d_offs,
 	buf_ptr_t *buf_p;
 	uint32_t encr_offset;
 	uint32_t encr_data_len;
-	int flags, m_size;
+	int flags;
 	uint8_t dir = 0;
 	void *m_vaddr, *c_vaddr;
 	uint64_t m_dma, c_dma;
@@ -2340,7 +2233,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs,
 	buf_p = &params->meta_buf;
 	m_vaddr = buf_p->vaddr;
 	m_dma = buf_p->dma_addr;
-	m_size = buf_p->size;
 
 	encr_offset = ENCR_OFFSET(d_offs) / 8;
 	encr_data_len = ENCR_DLEN(d_lens);
@@ -2362,7 +2254,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs,
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* Reserve memory for cpt request info */
 	req = m_vaddr;
@@ -2370,7 +2261,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs,
 	size = sizeof(struct cpt_request_info);
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	opcode.s.major = CPT_MAJOR_OP_KASUMI | CPT_DMA_MODE;
 
@@ -2382,8 +2272,8 @@ cpt_kasumi_dec_prep(uint64_t d_offs,
 	 * GP op header, lengths are expected in bits.
 	 */
 	vq_cmd_w0.u64 = 0;
-	vq_cmd_w0.s.param1 = rte_cpu_to_be_16(encr_data_len);
-	vq_cmd_w0.s.opcode = rte_cpu_to_be_16(opcode.flags);
+	vq_cmd_w0.s.param1 = encr_data_len;
+	vq_cmd_w0.s.opcode = opcode.flags;
 
 	/* consider iv len */
 	encr_offset += iv_len;
@@ -2397,7 +2287,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs,
 
 	m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len;
 	m_dma += OFF_CTRL_LEN + iv_len;
-	m_size -= OFF_CTRL_LEN + iv_len;
 
 	/* DPTR has SG list */
 	in_buffer = m_vaddr;
@@ -2468,11 +2357,10 @@ cpt_kasumi_dec_prep(uint64_t d_offs,
 	size = g_size_bytes + s_size_bytes + SG_LIST_HDR_SIZE;
 
 	/* This is DPTR len incase of SG mode */
-	vq_cmd_w0.s.dlen = rte_cpu_to_be_16(size);
+	vq_cmd_w0.s.dlen = size;
 
 	m_vaddr = (uint8_t *)m_vaddr + size;
 	m_dma += size;
-	m_size -= size;
 
 	/* cpt alternate completion address saved earlier */
 	req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8);
@@ -2482,12 +2370,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs,
 	req->ist.ei1 = dptr_dma;
 	req->ist.ei2 = rptr_dma;
 
-	/* First 16-bit swap then 64-bit swap */
-	/* TODO: HACK: Reverse the vq_cmd and cpt_req bit field definitions
-	 * to eliminate all the swapping
-	 */
-	vq_cmd_w0.u64 = rte_cpu_to_be_64(vq_cmd_w0.u64);
-
 	/* vq command w3 */
 	vq_cmd_w3.u64 = 0;
 	vq_cmd_w3.s.grp = 0;
@@ -2541,7 +2423,7 @@ cpt_fc_dec_hmac_prep(uint32_t flags,
 	return prep_req;
 }
 
-static __rte_always_inline void *__hot
+static __rte_always_inline void *__rte_hot
 cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
 		     fc_params_t *fc_params, void *op)
 {
@@ -2569,12 +2451,11 @@ cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
 }
 
 static __rte_always_inline int
-cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key,
+cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key,
 		    uint16_t key_len, uint16_t mac_len)
 {
 	struct cpt_ctx *cpt_ctx = ctx;
 	mc_fc_context_t *fctx = &cpt_ctx->fctx;
-	uint64_t *ctrl_flags = NULL;
 
 	if ((type >= ZUC_EIA3) && (type <= KASUMI_F9_ECB)) {
 		uint32_t keyx[4];
@@ -2625,15 +2506,15 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key,
 			cpt_ctx->fc_type = HASH_HMAC;
 	}
 
-	ctrl_flags = (uint64_t *)&fctx->enc.enc_ctrl.flags;
-	*ctrl_flags = rte_be_to_cpu_64(*ctrl_flags);
+	if (cpt_ctx->fc_type == FC_GEN && key_len > 64)
+		return -1;
 
 	/* For GMAC auth, cipher must be NULL */
 	if (type == GMAC_TYPE)
-		CPT_P_ENC_CTRL(fctx).enc_cipher = 0;
+		fctx->enc.enc_cipher = 0;
 
-	CPT_P_ENC_CTRL(fctx).hash_type = cpt_ctx->hash_type = type;
-	CPT_P_ENC_CTRL(fctx).mac_len = cpt_ctx->mac_len = mac_len;
+	fctx->enc.hash_type = cpt_ctx->hash_type = type;
+	fctx->enc.mac_len = cpt_ctx->mac_len = mac_len;
 
 	if (key_len) {
 		cpt_ctx->hmac = 1;
@@ -2642,10 +2523,11 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key,
 		cpt_ctx->auth_key_len = key_len;
 		memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad));
 		memset(fctx->hmac.opad, 0, sizeof(fctx->hmac.opad));
-		memcpy(fctx->hmac.opad, key, key_len);
-		CPT_P_ENC_CTRL(fctx).auth_input_type = 1;
+
+		if (key_len <= 64)
+			memcpy(fctx->hmac.opad, key, key_len);
+		fctx->enc.auth_input_type = 1;
 	}
-	*ctrl_flags = rte_cpu_to_be_64(*ctrl_flags);
 	return 0;
 }
 
@@ -2657,20 +2539,18 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform,
 	cipher_type_t enc_type = 0; /* NULL Cipher type */
 	auth_type_t auth_type = 0; /* NULL Auth type */
 	uint32_t cipher_key_len = 0;
-	uint8_t zsk_flag = 0, aes_gcm = 0;
+	uint8_t aes_gcm = 0;
 	aead_form = &xform->aead;
-	void *ctx;
+	void *ctx = SESS_PRIV(sess);
 
-	if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT &&
-	   aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) {
+	if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {
 		sess->cpt_op |= CPT_OP_CIPHER_ENCRYPT;
 		sess->cpt_op |= CPT_OP_AUTH_GENERATE;
-	} else if (aead_form->op == RTE_CRYPTO_AEAD_OP_DECRYPT &&
-		aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) {
+	} else if (aead_form->op == RTE_CRYPTO_AEAD_OP_DECRYPT) {
 		sess->cpt_op |= CPT_OP_CIPHER_DECRYPT;
 		sess->cpt_op |= CPT_OP_AUTH_VERIFY;
 	} else {
-		CPT_LOG_DP_ERR("Unknown cipher operation\n");
+		CPT_LOG_DP_ERR("Unknown aead operation\n");
 		return -1;
 	}
 	switch (aead_form->algo) {
@@ -2683,6 +2563,12 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform,
 		CPT_LOG_DP_ERR("Crypto: Unsupported cipher algo %u",
 			       aead_form->algo);
 		return -1;
+	case RTE_CRYPTO_AEAD_CHACHA20_POLY1305:
+		enc_type = CHACHA20;
+		auth_type = POLY1305;
+		cipher_key_len = 32;
+		sess->chacha_poly = 1;
+		break;
 	default:
 		CPT_LOG_DP_ERR("Crypto: Undefined cipher algo %u specified",
 			       aead_form->algo);
@@ -2693,18 +2579,20 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform,
 			       (unsigned int long)aead_form->key.length);
 		return -1;
 	}
-	sess->zsk_flag = zsk_flag;
+	sess->zsk_flag = 0;
 	sess->aes_gcm = aes_gcm;
 	sess->mac_len = aead_form->digest_length;
 	sess->iv_offset = aead_form->iv.offset;
 	sess->iv_length = aead_form->iv.length;
 	sess->aad_length = aead_form->aad_length;
-	ctx = (void *)((uint8_t *)sess + sizeof(struct cpt_sess_misc)),
 
-	cpt_fc_ciph_set_key(ctx, enc_type, aead_form->key.data,
-			aead_form->key.length, NULL);
+	if (unlikely(cpt_fc_ciph_set_key(ctx, enc_type, aead_form->key.data,
+			aead_form->key.length, NULL)))
+		return -1;
 
-	cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, aead_form->digest_length);
+	if (unlikely(cpt_fc_auth_set_key(ctx, auth_type, NULL, 0,
+			aead_form->digest_length)))
+		return -1;
 
 	return 0;
 }
@@ -2716,10 +2604,7 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform,
 	struct rte_crypto_cipher_xform *c_form;
 	cipher_type_t enc_type = 0; /* NULL Cipher type */
 	uint32_t cipher_key_len = 0;
-	uint8_t zsk_flag = 0, aes_gcm = 0, aes_ctr = 0, is_null = 0;
-
-	if (xform->type != RTE_CRYPTO_SYM_XFORM_CIPHER)
-		return -1;
+	uint8_t zsk_flag = 0, aes_ctr = 0, is_null = 0;
 
 	c_form = &xform->cipher;
 
@@ -2801,14 +2686,15 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform,
 	}
 
 	sess->zsk_flag = zsk_flag;
-	sess->aes_gcm = aes_gcm;
+	sess->aes_gcm = 0;
 	sess->aes_ctr = aes_ctr;
 	sess->iv_offset = c_form->iv.offset;
 	sess->iv_length = c_form->iv.length;
 	sess->is_null = is_null;
 
-	cpt_fc_ciph_set_key(SESS_PRIV(sess), enc_type, c_form->key.data,
-			    c_form->key.length, NULL);
+	if (unlikely(cpt_fc_ciph_set_key(SESS_PRIV(sess), enc_type,
+			c_form->key.data, c_form->key.length, NULL)))
+		return -1;
 
 	return 0;
 }
@@ -2821,9 +2707,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform,
 	auth_type_t auth_type = 0; /* NULL Auth type */
 	uint8_t zsk_flag = 0, aes_gcm = 0, is_null = 0;
 
-	if (xform->type != RTE_CRYPTO_SYM_XFORM_AUTH)
-		goto error_out;
-
 	a_form = &xform->auth;
 
 	if (a_form->op == RTE_CRYPTO_AUTH_OP_VERIFY)
@@ -2835,11 +2718,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform,
 		return -1;
 	}
 
-	if (a_form->key.length > 64) {
-		CPT_LOG_DP_ERR("Auth key length is big");
-		return -1;
-	}
-
 	switch (a_form->algo) {
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		/* Fall through */
@@ -2895,11 +2773,11 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform,
 	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
 		CPT_LOG_DP_ERR("Crypto: Unsupported hash algo %u",
 			       a_form->algo);
-		goto error_out;
+		return -1;
 	default:
 		CPT_LOG_DP_ERR("Crypto: Undefined Hash algo %u specified",
 			       a_form->algo);
-		goto error_out;
+		return -1;
 	}
 
 	sess->zsk_flag = zsk_flag;
@@ -2910,13 +2788,12 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform,
 		sess->auth_iv_offset = a_form->iv.offset;
 		sess->auth_iv_length = a_form->iv.length;
 	}
-	cpt_fc_auth_set_key(SESS_PRIV(sess), auth_type, a_form->key.data,
-			    a_form->key.length, a_form->digest_length);
+	if (unlikely(cpt_fc_auth_set_key(SESS_PRIV(sess), auth_type,
+			a_form->key.data, a_form->key.length,
+			a_form->digest_length)))
+		return -1;
 
 	return 0;
-
-error_out:
-	return -1;
 }
 
 static __rte_always_inline int
@@ -2926,11 +2803,7 @@ fill_sess_gmac(struct rte_crypto_sym_xform *xform,
 	struct rte_crypto_auth_xform *a_form;
 	cipher_type_t enc_type = 0; /* NULL Cipher type */
 	auth_type_t auth_type = 0; /* NULL Auth type */
-	uint8_t zsk_flag = 0, aes_gcm = 0;
-	void *ctx;
-
-	if (xform->type != RTE_CRYPTO_SYM_XFORM_AUTH)
-		return -1;
+	void *ctx = SESS_PRIV(sess);
 
 	a_form = &xform->auth;
 
@@ -2954,17 +2827,20 @@ fill_sess_gmac(struct rte_crypto_sym_xform *xform,
 		return -1;
 	}
 
-	sess->zsk_flag = zsk_flag;
-	sess->aes_gcm = aes_gcm;
+	sess->zsk_flag = 0;
+	sess->aes_gcm = 0;
 	sess->is_gmac = 1;
 	sess->iv_offset = a_form->iv.offset;
 	sess->iv_length = a_form->iv.length;
 	sess->mac_len = a_form->digest_length;
-	ctx = (void *)((uint8_t *)sess + sizeof(struct cpt_sess_misc)),
 
-	cpt_fc_ciph_set_key(ctx, enc_type, a_form->key.data,
-			a_form->key.length, NULL);
-	cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, a_form->digest_length);
+	if (unlikely(cpt_fc_ciph_set_key(ctx, enc_type, a_form->key.data,
+			a_form->key.length, NULL)))
+		return -1;
+
+	if (unlikely(cpt_fc_auth_set_key(ctx, auth_type, NULL, 0,
+			a_form->digest_length)))
+		return -1;
 
 	return 0;
 }
@@ -2986,7 +2862,7 @@ alloc_op_meta(struct rte_mbuf *m_src,
 		tailroom = rte_pktmbuf_tailroom(m_src);
 		if (likely(tailroom > len + 8)) {
 			mdata = (uint8_t *)m_src->buf_addr + m_src->buf_len;
-			mphys = m_src->buf_physaddr + m_src->buf_len;
+			mphys = m_src->buf_iova + m_src->buf_len;
 			mdata -= len;
 			mphys -= len;
 			buf->vaddr = mdata;
@@ -3042,7 +2918,7 @@ prepare_iov_from_pkt(struct rte_mbuf *pkt,
 
 	if (!start_offset) {
 		seg_data = rte_pktmbuf_mtod(pkt, void *);
-		seg_phys = rte_pktmbuf_mtophys(pkt);
+		seg_phys = rte_pktmbuf_iova(pkt);
 		seg_size = pkt->data_len;
 	} else {
 		while (start_offset >= pkt->data_len) {
@@ -3051,7 +2927,7 @@ prepare_iov_from_pkt(struct rte_mbuf *pkt,
 		}
 
 		seg_data = rte_pktmbuf_mtod_offset(pkt, void *, start_offset);
-		seg_phys = rte_pktmbuf_mtophys_offset(pkt, start_offset);
+		seg_phys = rte_pktmbuf_iova_offset(pkt, start_offset);
 		seg_size = pkt->data_len - start_offset;
 		if (!seg_size)
 			return 1;
@@ -3066,7 +2942,7 @@ prepare_iov_from_pkt(struct rte_mbuf *pkt,
 
 	while (unlikely(pkt != NULL)) {
 		seg_data = rte_pktmbuf_mtod(pkt, void *);
-		seg_phys = rte_pktmbuf_mtophys(pkt);
+		seg_phys = rte_pktmbuf_iova(pkt);
 		seg_size = pkt->data_len;
 		if (!seg_size)
 			break;
@@ -3096,7 +2972,7 @@ prepare_iov_from_pkt_inplace(struct rte_mbuf *pkt,
 	iov_ptr_t *iovec;
 
 	seg_data = rte_pktmbuf_mtod(pkt, void *);
-	seg_phys = rte_pktmbuf_mtophys(pkt);
+	seg_phys = rte_pktmbuf_iova(pkt);
 	seg_size = pkt->data_len;
 
 	/* first seg */
@@ -3125,7 +3001,7 @@ prepare_iov_from_pkt_inplace(struct rte_mbuf *pkt,
 
 	while (unlikely(pkt != NULL)) {
 		seg_data = rte_pktmbuf_mtod(pkt, void *);
-		seg_phys = rte_pktmbuf_mtophys(pkt);
+		seg_phys = rte_pktmbuf_iova(pkt);
 		seg_size = pkt->data_len;
 
 		if (!seg_size)
@@ -3147,7 +3023,7 @@ prepare_iov_from_pkt_inplace(struct rte_mbuf *pkt,
 static __rte_always_inline int
 fill_fc_params(struct rte_crypto_op *cop,
 	       struct cpt_sess_misc *sess_misc,
-	       struct cptvf_meta_info *cpt_m_info,
+	       struct cpt_qp_meta_info *m_info,
 	       void **mdata_ptr,
 	       void **prep_req)
 {
@@ -3160,9 +3036,6 @@ fill_fc_params(struct rte_crypto_op *cop,
 	uint64_t d_offs, d_lens;
 	struct rte_mbuf *m_src, *m_dst;
 	uint8_t cpt_op = sess_misc->cpt_op;
-	uint8_t zsk_flag = sess_misc->zsk_flag;
-	uint8_t aes_gcm = sess_misc->aes_gcm;
-	uint16_t mac_len = sess_misc->mac_len;
 #ifdef CPT_ALWAYS_USE_SG_MODE
 	uint8_t inplace = 0;
 #else
@@ -3188,21 +3061,17 @@ fill_fc_params(struct rte_crypto_op *cop,
 		}
 	}
 
-	if (zsk_flag) {
+	if (sess_misc->zsk_flag) {
 		fc_params.auth_iv_buf = rte_crypto_op_ctod_offset(cop,
 					uint8_t *,
 					sess_misc->auth_iv_offset);
-		if (zsk_flag == K_F9) {
-			CPT_LOG_DP_ERR("Should not reach here for "
-			"kasumi F9\n");
-		}
-		if (zsk_flag != ZS_EA)
+		if (sess_misc->zsk_flag != ZS_EA)
 			inplace = 0;
 	}
 	m_src = sym_op->m_src;
 	m_dst = sym_op->m_dst;
 
-	if (aes_gcm) {
+	if (sess_misc->aes_gcm || sess_misc->chacha_poly) {
 		uint8_t *salt;
 		uint8_t *aad_data;
 		uint16_t aad_len;
@@ -3236,7 +3105,7 @@ fill_fc_params(struct rte_crypto_op *cop,
 			sess_misc->salt = *(uint32_t *)salt;
 		}
 		fc_params.iv_buf = salt + 4;
-		if (likely(mac_len)) {
+		if (likely(sess_misc->mac_len)) {
 			struct rte_mbuf *m = (cpt_op & CPT_OP_ENCODE) ? m_dst :
 					     m_src;
 
@@ -3279,7 +3148,7 @@ fill_fc_params(struct rte_crypto_op *cop,
 			}
 			fc_params.iv_buf = salt + 4;
 		}
-		if (likely(mac_len)) {
+		if (likely(sess_misc->mac_len)) {
 			struct rte_mbuf *m;
 
 			m = (cpt_op & CPT_OP_ENCODE) ? m_dst : m_src;
@@ -3338,7 +3207,6 @@ fill_fc_params(struct rte_crypto_op *cop,
 			uint32_t pkt_len;
 
 			/* Try to make room as much as src has */
-			m_dst = sym_op->m_dst;
 			pkt_len = rte_pktmbuf_pkt_len(m_dst);
 
 			if (unlikely(pkt_len < rte_pktmbuf_pkt_len(m_src))) {
@@ -3365,15 +3233,11 @@ fill_fc_params(struct rte_crypto_op *cop,
 	}
 
 	if (likely(flags & SINGLE_BUF_HEADTAILROOM))
-		mdata = alloc_op_meta(m_src,
-				      &fc_params.meta_buf,
-				      cpt_m_info->cptvf_op_sb_mlen,
-				      cpt_m_info->cptvf_meta_pool);
+		mdata = alloc_op_meta(m_src, &fc_params.meta_buf,
+				      m_info->lb_mlen, m_info->pool);
 	else
-		mdata = alloc_op_meta(NULL,
-				      &fc_params.meta_buf,
-				      cpt_m_info->cptvf_op_mlen,
-				      cpt_m_info->cptvf_meta_pool);
+		mdata = alloc_op_meta(NULL, &fc_params.meta_buf,
+				      m_info->sg_mlen, m_info->pool);
 
 	if (unlikely(mdata == NULL)) {
 		CPT_LOG_DP_ERR("Error allocating meta buffer for request");
@@ -3410,7 +3274,7 @@ fill_fc_params(struct rte_crypto_op *cop,
 	return 0;
 
 free_mdata_and_exit:
-	free_op_meta(mdata, cpt_m_info->cptvf_meta_pool);
+	free_op_meta(mdata, m_info->pool);
 err_exit:
 	return ret;
 }
@@ -3441,49 +3305,6 @@ compl_auth_verify(struct rte_crypto_op *op,
 		op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 }
 
-static __rte_always_inline int
-instance_session_cfg(struct rte_crypto_sym_xform *xform, void *sess)
-{
-	struct rte_crypto_sym_xform *chain;
-
-	CPT_PMD_INIT_FUNC_TRACE();
-
-	if (cpt_is_algo_supported(xform))
-		goto err;
-
-	chain = xform;
-	while (chain) {
-		switch (chain->type) {
-		case RTE_CRYPTO_SYM_XFORM_AEAD:
-			if (fill_sess_aead(chain, sess))
-				goto err;
-			break;
-		case RTE_CRYPTO_SYM_XFORM_CIPHER:
-			if (fill_sess_cipher(chain, sess))
-				goto err;
-			break;
-		case RTE_CRYPTO_SYM_XFORM_AUTH:
-			if (chain->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC) {
-				if (fill_sess_gmac(chain, sess))
-					goto err;
-			} else {
-				if (fill_sess_auth(chain, sess))
-					goto err;
-			}
-			break;
-		default:
-			CPT_LOG_DP_ERR("Invalid crypto xform type");
-			break;
-		}
-		chain = chain->next;
-	}
-
-	return 0;
-
-err:
-	return -1;
-}
-
 static __rte_always_inline void
 find_kasumif9_direction_and_length(uint8_t *src,
 				   uint32_t counter_num_bytes,
@@ -3521,7 +3342,7 @@ find_kasumif9_direction_and_length(uint8_t *src,
 static __rte_always_inline int
 fill_digest_params(struct rte_crypto_op *cop,
 		   struct cpt_sess_misc *sess,
-		   struct cptvf_meta_info *cpt_m_info,
+		   struct cpt_qp_meta_info *m_info,
 		   void **mdata_ptr,
 		   void **prep_req)
 {
@@ -3535,7 +3356,6 @@ fill_digest_params(struct rte_crypto_op *cop,
 	uint64_t d_offs = 0, d_lens;
 	struct rte_mbuf *m_src, *m_dst;
 	uint16_t auth_op = sess->cpt_op & CPT_OP_AUTH_MASK;
-	uint8_t zsk_flag = sess->zsk_flag;
 	uint16_t mac_len = sess->mac_len;
 	fc_params_t params;
 	char src[SRC_IOV_SIZE];
@@ -3547,8 +3367,8 @@ fill_digest_params(struct rte_crypto_op *cop,
 	m_src = sym_op->m_src;
 
 	/* For just digest lets force mempool alloc */
-	mdata = alloc_op_meta(NULL, &params.meta_buf, cpt_m_info->cptvf_op_mlen,
-			      cpt_m_info->cptvf_meta_pool);
+	mdata = alloc_op_meta(NULL, &params.meta_buf, m_info->sg_mlen,
+			      m_info->pool);
 	if (mdata == NULL) {
 		ret = -ENOMEM;
 		goto err_exit;
@@ -3566,7 +3386,7 @@ fill_digest_params(struct rte_crypto_op *cop,
 
 	flags = VALID_MAC_BUF;
 	params.src_iov = (void *)src;
-	if (unlikely(zsk_flag)) {
+	if (unlikely(sess->zsk_flag)) {
 		/*
 		 * Since for Zuc, Kasumi, Snow3g offsets are in bits
 		 * we will send pass through even for auth only case,
@@ -3576,10 +3396,9 @@ fill_digest_params(struct rte_crypto_op *cop,
 		auth_range_off = 0;
 		params.auth_iv_buf = rte_crypto_op_ctod_offset(cop,
 					uint8_t *, sess->auth_iv_offset);
-		if (zsk_flag == K_F9) {
+		if (sess->zsk_flag == K_F9) {
 			uint32_t length_in_bits, num_bytes;
 			uint8_t *src, direction = 0;
-			uint32_t counter_num_bytes;
 
 			memcpy(iv_buf, rte_pktmbuf_mtod(cop->sym->m_src,
 							uint8_t *), 8);
@@ -3589,10 +3408,9 @@ fill_digest_params(struct rte_crypto_op *cop,
 			 */
 			length_in_bits = cop->sym->auth.data.length;
 			num_bytes = (length_in_bits >> 3);
-			counter_num_bytes = num_bytes;
 			src = rte_pktmbuf_mtod(cop->sym->m_src, uint8_t *);
 			find_kasumif9_direction_and_length(src,
-						counter_num_bytes,
+						num_bytes,
 						&length_in_bits,
 						&direction);
 			length_in_bits -= 64;
@@ -3645,7 +3463,7 @@ fill_digest_params(struct rte_crypto_op *cop,
 			params.mac_buf.vaddr =
 				rte_pktmbuf_mtod_offset(m_dst, void *, off);
 			params.mac_buf.dma_addr =
-				rte_pktmbuf_mtophys_offset(m_dst, off);
+				rte_pktmbuf_iova_offset(m_dst, off);
 			params.mac_buf.size = mac_len;
 		}
 	} else {
@@ -3683,7 +3501,7 @@ fill_digest_params(struct rte_crypto_op *cop,
 	return 0;
 
 free_mdata_and_exit:
-	free_op_meta(mdata, cpt_m_info->cptvf_meta_pool);
+	free_op_meta(mdata, m_info->pool);
 err_exit:
 	return ret;
 }