GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/128867/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 128867,
    "url": "http://patchwork.dpdk.org/api/patches/128867/?format=api",
    "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20230620141115.841226-10-suanmingm@nvidia.com/",
    "project": {
        "id": 1,
        "url": "http://patchwork.dpdk.org/api/projects/1/?format=api",
        "name": "DPDK",
        "link_name": "dpdk",
        "list_id": "dev.dpdk.org",
        "list_email": "dev@dpdk.org",
        "web_url": "http://core.dpdk.org",
        "scm_url": "git://dpdk.org/dpdk",
        "webscm_url": "http://git.dpdk.org/dpdk",
        "list_archive_url": "https://inbox.dpdk.org/dev",
        "list_archive_url_format": "https://inbox.dpdk.org/dev/{}",
        "commit_url_format": ""
    },
    "msgid": "<20230620141115.841226-10-suanmingm@nvidia.com>",
    "list_archive_url": "https://inbox.dpdk.org/dev/20230620141115.841226-10-suanmingm@nvidia.com",
    "date": "2023-06-20T14:11:15",
    "name": "[v4,9/9] crypto/mlx5: enable AES-GCM capability",
    "commit_ref": null,
    "pull_url": null,
    "state": "accepted",
    "archived": true,
    "hash": "45b602c4bb381f29c744bc712210d3fba93c9e01",
    "submitter": {
        "id": 1887,
        "url": "http://patchwork.dpdk.org/api/people/1887/?format=api",
        "name": "Suanming Mou",
        "email": "suanmingm@nvidia.com"
    },
    "delegate": {
        "id": 6690,
        "url": "http://patchwork.dpdk.org/api/users/6690/?format=api",
        "username": "akhil",
        "first_name": "akhil",
        "last_name": "goyal",
        "email": "gakhil@marvell.com"
    },
    "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20230620141115.841226-10-suanmingm@nvidia.com/mbox/",
    "series": [
        {
            "id": 28586,
            "url": "http://patchwork.dpdk.org/api/series/28586/?format=api",
            "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=28586",
            "date": "2023-06-20T14:11:06",
            "name": "crypto/mlx5: support AES-GCM",
            "version": 4,
            "mbox": "http://patchwork.dpdk.org/series/28586/mbox/"
        }
    ],
    "comments": "http://patchwork.dpdk.org/api/patches/128867/comments/",
    "check": "success",
    "checks": "http://patchwork.dpdk.org/api/patches/128867/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<dev-bounces@dpdk.org>",
        "X-Original-To": "patchwork@inbox.dpdk.org",
        "Delivered-To": "patchwork@inbox.dpdk.org",
        "Received": [
            "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 96F7842D09;\n\tTue, 20 Jun 2023 16:13:13 +0200 (CEST)",
            "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 7A56742D70;\n\tTue, 20 Jun 2023 16:12:17 +0200 (CEST)",
            "from NAM12-DM6-obe.outbound.protection.outlook.com\n (mail-dm6nam12on2081.outbound.protection.outlook.com [40.107.243.81])\n by mails.dpdk.org (Postfix) with ESMTP id 7C2D342D44\n for <dev@dpdk.org>; Tue, 20 Jun 2023 16:12:15 +0200 (CEST)",
            "from MW4PR03CA0275.namprd03.prod.outlook.com (2603:10b6:303:b5::10)\n by SA1PR12MB7344.namprd12.prod.outlook.com (2603:10b6:806:2b7::15)\n with Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6477.37; Tue, 20 Jun\n 2023 14:12:13 +0000",
            "from MWH0EPF000989E9.namprd02.prod.outlook.com\n (2603:10b6:303:b5:cafe::60) by MW4PR03CA0275.outlook.office365.com\n (2603:10b6:303:b5::10) with Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6521.21 via Frontend\n Transport; Tue, 20 Jun 2023 14:12:13 +0000",
            "from mail.nvidia.com (216.228.117.161) by\n MWH0EPF000989E9.mail.protection.outlook.com (10.167.241.136) with Microsoft\n SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id\n 15.20.6521.17 via Frontend Transport; Tue, 20 Jun 2023 14:12:13 +0000",
            "from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com\n (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Tue, 20 Jun 2023\n 07:11:59 -0700",
            "from nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com\n (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Tue, 20 Jun\n 2023 07:11:56 -0700"
        ],
        "ARC-Seal": "i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;\n b=lDhhaNvzGYR/VAWxRfoIrtsThj/3YI4vIIX/UMaed2EUov6mIX7WWgQlZd7FfXK09rRmq4qCbhSSlixBjOdFtP8ixU+LbtIOSPa2qoS6uL4VcVBUQ/IFiJ4M9ADB+mMBTAp9XVfh0ch8xSnVBpnDtrbHuxXDHRhUeQ3Wp93kW48yQZSS9L3ppHHWePiwFjda+31Ue88L4CfGjvVoZg+JG6jkdJ5iQVJfXFrWDWNtawed9ULlEhORssPuhwWg328Wd44VpjSMshzJaVcxCgZ6+5RsT1Nxyfc4dqqILE0nSj2sMqIXB7Sqgm/0LXvpcnqj5uR+pIcMz/ZgInHL+pf6hw==",
        "ARC-Message-Signature": "i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;\n s=arcselector9901;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;\n bh=K7zFMXzrX2kyL/GBQUAcEYcK1aa9HH5xurjBUoEGRK0=;\n b=lfGqOIHb4oVlghIAX3vix1wUj0cRtZ4Z99KIJMYfKrheUfpqKC1PjBIvq1HL24SGkUNKvQPV0uqOIcyiA+BrVwgoBXQ1QRzpvvNiwycap11+LpxYhI/57C8QRrRPUYZ7ZMW50TYzJDpGr5N4uR7rCg3qRZtAo3nULTzCPnsC04f4bpCdpBMQtK0QarQu/3eQtW37Hhq9OESoIXCVxr1vZf6BaTNxlSlcHVRCXPL9AiObUx4mDf9F2+CcONUHr2OW3iIrIAZveqnahS/HN7nC84vAplud5xYS5GCfARuiLs/tvD2xvw2PsaiB/biGkZiwxrVSlafKdRyTlUBcMlT7pA==",
        "ARC-Authentication-Results": "i=1; mx.microsoft.com 1; spf=pass (sender ip is\n 216.228.117.161) smtp.rcpttodomain=marvell.com smtp.mailfrom=nvidia.com;\n dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com;\n dkim=none (message not signed); arc=none",
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com;\n s=selector2;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\n bh=K7zFMXzrX2kyL/GBQUAcEYcK1aa9HH5xurjBUoEGRK0=;\n b=XLf51pOolU7UcGk7nDUviw2cWawfGYmuBTonAClEGT5/hHiAw0KeJBVkXxGPn67XEfL5TaK7wTmAmTLQiK2WGJ6LTYDAW3ixufvDtgsHDfHRoLQmVkMCjrABmEQRuPGJ2FdJsE5gm5TR/R85zs9dp4/ChkP/32md2EBT87dhvjLr5cYhBGvtvBce5UM0eF+4cH0RUwHq6rJSDKorPx0woebBm811C/Y9JitIXadipCAJjci39xjPBErtYePBX5i9ubkx60xUHc4yr/gR9ByS/SvuHLzMMA0acjyHmj40d9ustAfT+pm/ivRdXYMUoam/UjR7bJaUgobiY//Kv5riog==",
        "X-MS-Exchange-Authentication-Results": "spf=pass (sender IP is 216.228.117.161)\n smtp.mailfrom=nvidia.com;\n dkim=none (message not signed)\n header.d=none;dmarc=pass action=none header.from=nvidia.com;",
        "Received-SPF": "Pass (protection.outlook.com: domain of nvidia.com designates\n 216.228.117.161 as permitted sender) receiver=protection.outlook.com;\n client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C",
        "From": "Suanming Mou <suanmingm@nvidia.com>",
        "To": "<gakhil@marvell.com>, Matan Azrad <matan@nvidia.com>",
        "CC": "<rasland@nvidia.com>, <dev@dpdk.org>",
        "Subject": "[PATCH v4 9/9] crypto/mlx5: enable AES-GCM capability",
        "Date": "Tue, 20 Jun 2023 17:11:15 +0300",
        "Message-ID": "<20230620141115.841226-10-suanmingm@nvidia.com>",
        "X-Mailer": "git-send-email 2.25.1",
        "In-Reply-To": "<20230620141115.841226-1-suanmingm@nvidia.com>",
        "References": "<20230418092325.2578712-1-suanmingm@nvidia.com>\n <20230620141115.841226-1-suanmingm@nvidia.com>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit",
        "Content-Type": "text/plain",
        "X-Originating-IP": "[10.126.231.35]",
        "X-ClientProxiedBy": "rnnvmail201.nvidia.com (10.129.68.8) To\n rnnvmail201.nvidia.com (10.129.68.8)",
        "X-EOPAttributedMessage": "0",
        "X-MS-PublicTrafficType": "Email",
        "X-MS-TrafficTypeDiagnostic": "MWH0EPF000989E9:EE_|SA1PR12MB7344:EE_",
        "X-MS-Office365-Filtering-Correlation-Id": "52fb9a26-3deb-42ca-4932-08db71985848",
        "X-MS-Exchange-SenderADCheck": "1",
        "X-MS-Exchange-AntiSpam-Relay": "0",
        "X-Microsoft-Antispam": "BCL:0;",
        "X-Microsoft-Antispam-Message-Info": "\n c/+TMTmgFOb7SlPCtpAMMFD+dldPeHlEeWNaUxgt5RMhWiKpVGSAPksw8s6Pcc5GhpQiX3uw+rB9HbCxyxJwmtPG6rMlHZ0lSYqrLz/tPVdnCGEpKmBoGRaJpWBY8AkSMHdDQgKP28cZxB/TJNbhVhtFDWAy8RLitJZT3nfrLBwl+YWH42+Cp8hWt+hDOziyNAKH9RHKePA1RAftF4pNzLf9ZZ01uxpBC6KD+zrsnhPe3WGRXsqx0TW/mNw2jBw9Yd8NAZy5MJdV5CSu7Xe/G5Xt/JtB6AEb3vk+Pb4vB16FhoNhTfhti8fAU/30DwXE4iteswtA3dSXdXqjmE1RyfbCjc0ErgL0lYJcMlGuAEhUV03a4kcPwgz4FpUovJH1neqyntNFARDcXjoTHQBLzoCjZvxPUj1AvAzjbCVF/04agKhFtbnpzQw72TqKDQJif8V1vun8N4sQqLU2SVHLIWquAyXLY+xO9R0MoK65MbunYaAwOHK2DK654OLDD8u3ALWdGtN101VCY+oyo4qGVUaz3cFlKv8zKuUTXLa9/DlfQBJcwtXQJiO3F1AIr9ZdoSpQHFDWeYeBcNGvrnAyYCdgTPWbRXcC/6MFG/g2pfmVzwsukaCmyYxd5gTU3k/xSYJuGl/LePluT43uZCLfd+/zbmPWLrWZ3JspQFAsclVIfwmeItbpdMHVgoZ8FeQ64+RJAkPie9QOBGU8zV6lkaQKe1ItPEEfYR4qhvETVEVJsvZMTsP98GE7oH/IugAS",
        "X-Forefront-Antispam-Report": "CIP:216.228.117.161; CTRY:US; LANG:en; SCL:1;\n SRV:;\n IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:dc6edge2.nvidia.com; CAT:NONE;\n SFS:(13230028)(4636009)(396003)(346002)(39860400002)(376002)(136003)(451199021)(46966006)(36840700001)(40470700004)(186003)(16526019)(336012)(36860700001)(6286002)(1076003)(6636002)(4326008)(70206006)(83380400001)(2906002)(70586007)(82310400005)(26005)(47076005)(426003)(2616005)(86362001)(36756003)(82740400003)(40460700003)(7636003)(356005)(41300700001)(7696005)(8936002)(5660300002)(8676002)(316002)(30864003)(55016003)(40480700001)(110136005)(478600001)(54906003)(6666004);\n DIR:OUT; SFP:1101;",
        "X-OriginatorOrg": "Nvidia.com",
        "X-MS-Exchange-CrossTenant-OriginalArrivalTime": "20 Jun 2023 14:12:13.2219 (UTC)",
        "X-MS-Exchange-CrossTenant-Network-Message-Id": "\n 52fb9a26-3deb-42ca-4932-08db71985848",
        "X-MS-Exchange-CrossTenant-Id": "43083d15-7273-40c1-b7db-39efd9ccc17a",
        "X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp": "\n TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.117.161];\n Helo=[mail.nvidia.com]",
        "X-MS-Exchange-CrossTenant-AuthSource": "\n MWH0EPF000989E9.namprd02.prod.outlook.com",
        "X-MS-Exchange-CrossTenant-AuthAs": "Anonymous",
        "X-MS-Exchange-CrossTenant-FromEntityHeader": "HybridOnPrem",
        "X-MS-Exchange-Transport-CrossTenantHeadersStamped": "SA1PR12MB7344",
        "X-BeenThere": "dev@dpdk.org",
        "X-Mailman-Version": "2.1.29",
        "Precedence": "list",
        "List-Id": "DPDK patches and discussions <dev.dpdk.org>",
        "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>",
        "List-Archive": "<http://mails.dpdk.org/archives/dev/>",
        "List-Post": "<mailto:dev@dpdk.org>",
        "List-Help": "<mailto:dev-request@dpdk.org?subject=help>",
        "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>",
        "Errors-To": "dev-bounces@dpdk.org"
    },
    "content": "This commit generates AES-GCM capability based on the NIC\nattributes and enables AES-GCM algo.\n\nAn new devarg \"algo\" is added to identify if the crypto PMD will\nbe initialized as AES-GCM(algo=1) or AES-XTS(algo=0, default).\n\nSigned-off-by: Suanming Mou <suanmingm@nvidia.com>\nAcked-by: Matan Azrad <matan@nvidia.com>\n---\n doc/guides/cryptodevs/features/mlx5.ini |  2 +\n doc/guides/cryptodevs/mlx5.rst          | 48 ++++++++++++++++++-\n doc/guides/rel_notes/release_23_07.rst  |  1 +\n drivers/crypto/mlx5/mlx5_crypto.c       | 26 ++++++++--\n drivers/crypto/mlx5/mlx5_crypto.h       |  1 +\n drivers/crypto/mlx5/mlx5_crypto_gcm.c   | 63 +++++++++++++++++++++++++\n 6 files changed, 136 insertions(+), 5 deletions(-)",
    "diff": "diff --git a/doc/guides/cryptodevs/features/mlx5.ini b/doc/guides/cryptodevs/features/mlx5.ini\nindex 0d210b2114..9bf1defac8 100644\n--- a/doc/guides/cryptodevs/features/mlx5.ini\n+++ b/doc/guides/cryptodevs/features/mlx5.ini\n@@ -30,6 +30,8 @@ AES XTS (256)  = Y\n ; Supported AEAD algorithms of a mlx5 crypto driver.\n ;\n [AEAD]\n+AES GCM (128)  = Y\n+AES GCM (256)  = Y\n \n ;\n ; Supported Asymmetric algorithms of a mlx5 crypto driver.\ndiff --git a/doc/guides/cryptodevs/mlx5.rst b/doc/guides/cryptodevs/mlx5.rst\nindex b35ac5f5f2..9a0ae8b0d2 100644\n--- a/doc/guides/cryptodevs/mlx5.rst\n+++ b/doc/guides/cryptodevs/mlx5.rst\n@@ -21,6 +21,11 @@ and **NVIDIA BlueField-3** family adapters.\n Overview\n --------\n \n+Nvidia MLX5 crypto driver supports AES-XTs and AES-GCM cryption.\n+\n+AES-XTS\n+-------\n+\n The device can provide disk encryption services,\n allowing data encryption and decryption towards a disk.\n Having all encryption/decryption operations done in a single device\n@@ -38,13 +43,19 @@ The encryption does not require text to be aligned to the AES block size (128b).\n \n See :doc:`../../platform/mlx5` guide for more design details.\n \n+AES-GCM\n+-------\n+The encryption and decryption processes the traffic as standard RTE crypto\n+API defines. The supported AAD/digest/key size can be read from dev_info.\n+\n+\n Configuration\n -------------\n \n See the :ref:`mlx5 common configuration <mlx5_common_env>`.\n \n A device comes out of NVIDIA factory with pre-defined import methods.\n-There are two possible import methods: wrapped or plaintext.\n+There are two possible import methods: wrapped or plaintext(valid to AES-XTS only).\n \n In case the device is in wrapped mode, it needs to be moved to crypto operational mode.\n In order to move the device to crypto operational mode, credential and KEK\n@@ -120,24 +131,36 @@ Driver options\n Please refer to :ref:`mlx5 common options <mlx5_common_driver_options>`\n for an additional list of options shared with other mlx5 drivers.\n \n+- ``algo`` parameter [int]\n+\n+  - 0. AES-XTS crypto.\n+\n+  - 1. AES-GCM crypto.\n+\n+  Set to zero(AES-XTS) by default.\n+\n - ``wcs_file`` parameter [string] - mandatory in wrapped mode\n \n   File path including only the wrapped credential in string format of hexadecimal\n   numbers, represent 48 bytes (8 bytes IV added by the AES key wrap algorithm).\n+  This option is valid only to AES-XTS.\n \n - ``import_kek_id`` parameter [int]\n \n   The identifier of the KEK, default value is 0 represents the operational\n   register import_kek..\n+  This option is valid only to AES-XTS.\n \n - ``credential_id`` parameter [int]\n \n   The identifier of the credential, default value is 0 represents the operational\n   register credential.\n+  This option is valid only to AES-XTS.\n \n - ``keytag`` parameter [int]\n \n   The plaintext of the keytag appended to the AES-XTS keys, default value is 0.\n+  This option is valid only to AES-XTS.\n \n - ``max_segs_num`` parameter [int]\n \n@@ -161,6 +184,8 @@ Limitations\n - The supported data-unit lengths are 512B and 4KB and 1MB. In case the `dataunit_len`\n   is not provided in the cipher xform, the OP length is limited to the above\n   values.\n+- AES-GCM is only supported on BlueField-3.\n+- AES-GCM only supported key import plaintext mode.\n \n \n Prerequisites\n@@ -172,6 +197,7 @@ FW Prerequisites\n - xx.31.0328 for ConnectX-6.\n - xx.32.0108 for ConnectX-6 Dx and BlueField-2.\n - xx.36.xxxx for ConnectX-7 and BlueField-3.\n+- xx.37.3010 for BlueField-3 and newer for AES-GCM.\n \n Linux Prerequisites\n ~~~~~~~~~~~~~~~~~~~\n@@ -186,3 +212,23 @@ Windows Prerequisites\n \n - NVIDIA WINOF-2 version: **2.60** or higher.\n   See :ref:`mlx5 common prerequisites <mlx5_windows_prerequisites>` for more details.\n+\n+\n+Notes for rte_crypto AES-GCM\n+----------------------------\n+\n+In AES-GCM mode, the HW requires continuous input and output of Additional\n+Authenticated Data (AAD), payload, and digest (if needed). However, the RTE\n+API only provides a single AAD input, which means that in the out-of-place\n+mode, the AAD will be used in both input and output. This reuse of AAD in the\n+out-of-place mode breaks the continuous output, which degrades the performance\n+and introduces extra UMR WQE. If digest is not continuous after payload will\n+also lead to that extra UMR WQE.\n+\n+To address this issue, current RTE API provides min_mbuf_headroom_req and\n+min_mbuf_tailroom_req in rte_cryptodev_info as a hint to the PMD. It\n+indicates the PMD can use the buffer before and after the mbuf payload as AAD\n+and digest space. With this hint, the PMD will use the buffer before and\n+after the mbuf payload directly via copying AAD and digest. However, the\n+application must ensure that there is enough headroom and tailroom reserved\n+for the mbuf. Or, for non-continuous operations, extra UMR WQE will be used.\ndiff --git a/doc/guides/rel_notes/release_23_07.rst b/doc/guides/rel_notes/release_23_07.rst\nindex 027ae7bd2d..bbb8eddbca 100644\n--- a/doc/guides/rel_notes/release_23_07.rst\n+++ b/doc/guides/rel_notes/release_23_07.rst\n@@ -131,6 +131,7 @@ New Features\n   * Added support for CQE compression on Windows.\n   * Added support for enhanced multi-packet write on Windows.\n   * Added support for quota flow action and item.\n+  * Added support for AES-GCM crypto.\n \n * **Added vmxnet3 version 7 support.**\n \ndiff --git a/drivers/crypto/mlx5/mlx5_crypto.c b/drivers/crypto/mlx5/mlx5_crypto.c\nindex 4d7d3ef2a3..081e96ad4d 100644\n--- a/drivers/crypto/mlx5/mlx5_crypto.c\n+++ b/drivers/crypto/mlx5/mlx5_crypto.c\n@@ -269,6 +269,14 @@ mlx5_crypto_args_check_handler(const char *key, const char *val, void *opaque)\n \t\tattr->credential_pointer = (uint32_t)tmp;\n \t} else if (strcmp(key, \"keytag\") == 0) {\n \t\tdevarg_prms->keytag = tmp;\n+\t} else if (strcmp(key, \"algo\") == 0) {\n+\t\tif (tmp == 1) {\n+\t\t\tdevarg_prms->is_aes_gcm = 1;\n+\t\t} else if (tmp > 1) {\n+\t\t\tDRV_LOG(ERR, \"Invalid algo.\");\n+\t\t\trte_errno = EINVAL;\n+\t\t\treturn -rte_errno;\n+\t\t}\n \t}\n \treturn 0;\n }\n@@ -285,6 +293,7 @@ mlx5_crypto_parse_devargs(struct mlx5_kvargs_ctrl *mkvlist,\n \t\t\"keytag\",\n \t\t\"max_segs_num\",\n \t\t\"wcs_file\",\n+\t\t\"algo\",\n \t\tNULL,\n \t};\n \n@@ -370,10 +379,19 @@ mlx5_crypto_dev_probe(struct mlx5_common_device *cdev,\n \tpriv->crypto_dev = crypto_dev;\n \tpriv->is_wrapped_mode = wrapped_mode;\n \tpriv->max_segs_num = devarg_prms.max_segs_num;\n-\tret = mlx5_crypto_xts_init(priv);\n-\tif (ret) {\n-\t\tDRV_LOG(ERR, \"Failed to init AES-XTS crypto.\");\n-\t\treturn -ENOTSUP;\n+\t/* Init and override AES-GCM configuration. */\n+\tif (devarg_prms.is_aes_gcm) {\n+\t\tret = mlx5_crypto_gcm_init(priv);\n+\t\tif (ret) {\n+\t\t\tDRV_LOG(ERR, \"Failed to init AES-GCM crypto.\");\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n+\t} else {\n+\t\tret = mlx5_crypto_xts_init(priv);\n+\t\tif (ret) {\n+\t\t\tDRV_LOG(ERR, \"Failed to init AES-XTS crypto.\");\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n \t}\n \tif (mlx5_devx_uar_prepare(cdev, &priv->uar) != 0) {\n \t\trte_cryptodev_pmd_destroy(priv->crypto_dev);\ndiff --git a/drivers/crypto/mlx5/mlx5_crypto.h b/drivers/crypto/mlx5/mlx5_crypto.h\nindex 6dcb41b27c..36dacdcda4 100644\n--- a/drivers/crypto/mlx5/mlx5_crypto.h\n+++ b/drivers/crypto/mlx5/mlx5_crypto.h\n@@ -92,6 +92,7 @@ struct mlx5_crypto_devarg_params {\n \tstruct mlx5_devx_crypto_login_attr login_attr;\n \tuint64_t keytag;\n \tuint32_t max_segs_num;\n+\tuint32_t is_aes_gcm:1;\n };\n \n struct mlx5_crypto_session {\ndiff --git a/drivers/crypto/mlx5/mlx5_crypto_gcm.c b/drivers/crypto/mlx5/mlx5_crypto_gcm.c\nindex 8389c03c91..e26a338365 100644\n--- a/drivers/crypto/mlx5/mlx5_crypto_gcm.c\n+++ b/drivers/crypto/mlx5/mlx5_crypto_gcm.c\n@@ -109,6 +109,60 @@ mlx5_crypto_dek_fill_gcm_attr(struct mlx5_crypto_dek *dek,\n \treturn 0;\n }\n \n+static int\n+mlx5_crypto_generate_gcm_cap(struct mlx5_hca_crypto_mmo_attr *mmo_attr,\n+\t\t\t     struct rte_cryptodev_capabilities *cap)\n+{\n+\t/* Init key size. */\n+\tif (mmo_attr->gcm_128_encrypt && mmo_attr->gcm_128_decrypt &&\n+\t\tmmo_attr->gcm_256_encrypt && mmo_attr->gcm_256_decrypt) {\n+\t\tcap->sym.aead.key_size.min = 16;\n+\t\tcap->sym.aead.key_size.max = 32;\n+\t\tcap->sym.aead.key_size.increment = 16;\n+\t} else if (mmo_attr->gcm_256_encrypt && mmo_attr->gcm_256_decrypt) {\n+\t\tcap->sym.aead.key_size.min = 32;\n+\t\tcap->sym.aead.key_size.max = 32;\n+\t\tcap->sym.aead.key_size.increment = 0;\n+\t} else if (mmo_attr->gcm_128_encrypt && mmo_attr->gcm_128_decrypt) {\n+\t\tcap->sym.aead.key_size.min = 16;\n+\t\tcap->sym.aead.key_size.max = 16;\n+\t\tcap->sym.aead.key_size.increment = 0;\n+\t} else {\n+\t\tDRV_LOG(ERR, \"No available AES-GCM encryption/decryption supported.\");\n+\t\treturn -1;\n+\t}\n+\t/* Init tag size. */\n+\tif (mmo_attr->gcm_auth_tag_128 && mmo_attr->gcm_auth_tag_96) {\n+\t\tcap->sym.aead.digest_size.min = 12;\n+\t\tcap->sym.aead.digest_size.max = 16;\n+\t\tcap->sym.aead.digest_size.increment = 4;\n+\t} else if (mmo_attr->gcm_auth_tag_96) {\n+\t\tcap->sym.aead.digest_size.min = 12;\n+\t\tcap->sym.aead.digest_size.max = 12;\n+\t\tcap->sym.aead.digest_size.increment = 0;\n+\t} else if (mmo_attr->gcm_auth_tag_128) {\n+\t\tcap->sym.aead.digest_size.min = 16;\n+\t\tcap->sym.aead.digest_size.max = 16;\n+\t\tcap->sym.aead.digest_size.increment = 0;\n+\t} else {\n+\t\tDRV_LOG(ERR, \"No available AES-GCM tag size supported.\");\n+\t\treturn -1;\n+\t}\n+\t/* Init AAD size. */\n+\tcap->sym.aead.aad_size.min = 0;\n+\tcap->sym.aead.aad_size.max = UINT16_MAX;\n+\tcap->sym.aead.aad_size.increment = 1;\n+\t/* Init IV size. */\n+\tcap->sym.aead.iv_size.min = 12;\n+\tcap->sym.aead.iv_size.max = 12;\n+\tcap->sym.aead.iv_size.increment = 0;\n+\t/* Init left items. */\n+\tcap->op = RTE_CRYPTO_OP_TYPE_SYMMETRIC;\n+\tcap->sym.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD;\n+\tcap->sym.aead.algo = RTE_CRYPTO_AEAD_AES_GCM;\n+\treturn 0;\n+}\n+\n static int\n mlx5_crypto_sym_gcm_session_configure(struct rte_cryptodev *dev,\n \t\t\t\t  struct rte_crypto_sym_xform *xform,\n@@ -917,8 +971,10 @@ mlx5_crypto_gcm_dequeue_burst(void *queue_pair,\n int\n mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv)\n {\n+\tstruct mlx5_common_device *cdev = priv->cdev;\n \tstruct rte_cryptodev *crypto_dev = priv->crypto_dev;\n \tstruct rte_cryptodev_ops *dev_ops = crypto_dev->dev_ops;\n+\tint ret;\n \n \t/* Override AES-GCM specified ops. */\n \tdev_ops->sym_session_configure = mlx5_crypto_sym_gcm_session_configure;\n@@ -928,6 +984,13 @@ mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv)\n \tcrypto_dev->dequeue_burst = mlx5_crypto_gcm_dequeue_burst;\n \tcrypto_dev->enqueue_burst = mlx5_crypto_gcm_enqueue_burst;\n \tpriv->max_klm_num = RTE_ALIGN((priv->max_segs_num + 1) * 2 + 1, MLX5_UMR_KLM_NUM_ALIGN);\n+\t/* Generate GCM capability. */\n+\tret = mlx5_crypto_generate_gcm_cap(&cdev->config.hca_attr.crypto_mmo,\n+\t\t\t\t\t   mlx5_crypto_gcm_caps);\n+\tif (ret) {\n+\t\tDRV_LOG(ERR, \"No enough AES-GCM cap.\");\n+\t\treturn -1;\n+\t}\n \tpriv->caps = mlx5_crypto_gcm_caps;\n \treturn 0;\n }\n",
    "prefixes": [
        "v4",
        "9/9"
    ]
}