Crypto Device Drivers

Release 17.11.10

Feb 27, 2020
1 Crypto Device Supported Functionality Matrices .......................... 1
  1.1 Supported Feature Flags ........................................... 1
  1.2 Supported Cipher Algorithms ...................................... 2
  1.3 Supported Authentication Algorithms ............................. 3
  1.4 Supported AEAD Algorithms ...................................... 4

2 AES-NI Multi Buffer Crypto Poll Mode Driver .............................. 5
  2.1 Features .................................................................. 5
  2.2 Limitations ........................................................... 6
  2.3 Installation ........................................................... 6
  2.4 Initialization .......................................................... 6
  2.5 Extra notes ............................................................ 7

3 AES-NI GCM Crypto Poll Mode Driver ......................................... 8
  3.1 Features .................................................................. 8
  3.2 Limitations ........................................................... 8
  3.3 Installation ........................................................... 8
  3.4 Initialization .......................................................... 9

4 ARMv8 Crypto Poll Mode Driver ................................................ 10
  4.1 Features .................................................................. 10
  4.2 Installation ........................................................... 10
  4.3 Initialization .......................................................... 11
  4.4 Limitations ............................................................ 11

5 NXP DPAA2 CAAM (DPAA2_SEC) ........................................... 12
  5.1 Architecture ........................................................... 12
  5.2 Implementation ...................................................... 13
  5.3 Features ............................................................... 14
  5.4 Supported DPAA2 SoCs ........................................... 14
  5.5 Limitations ........................................................... 14
  5.6 Prerequisites .......................................................... 14
  5.7 Pre-Installation Configuration ..................................... 15
  5.8 Installations ........................................................... 15

6 NXP DPAA CAAM (DPAA_SEC) ............................................... 16
  6.1 Architecture ........................................................... 16
  6.2 Implementation ...................................................... 16
  6.3 Features ............................................................... 16
  6.4 Supported DPAA SoCs ........................................... 17
6.5 Limitations ........................................ 17
6.6 Prerequisites ...................................... 17
6.7 Pre-Installation Configuration .................. 18
6.8 Installations ...................................... 18

7 KASUMI Crypto Poll Mode Driver .......................... 19
7.1 Features ........................................... 19
7.2 Limitations ........................................ 19
7.3 Installation ........................................ 19
7.4 Initialization ...................................... 20
7.5 Extra notes on KASUMI F9 ......................... 20

8 OpenSSL Crypto Poll Mode Driver ......................... 21
8.1 Features ........................................... 21
8.2 Installation ........................................ 22
8.3 Initialization ...................................... 22
8.4 Limitations ........................................ 22

9 MRVL Crypto Poll Mode Driver ........................... 23
9.1 Features ........................................... 23
9.2 Limitations ........................................ 24
9.3 Installation ........................................ 24
9.4 Initialization ...................................... 24

10 Null Crypto Poll Mode Driver ............................ 27
10.1 Features ........................................... 27
10.2 Limitations ........................................ 27
10.3 Installation ....................................... 27
10.4 Initialization ...................................... 28

11 Cryptodev Scheduler Poll Mode Driver Library ......... 29
11.1 Limitations ....................................... 29
11.2 Installation ....................................... 30
11.3 Initialization ...................................... 30
11.4 Cryptodev Scheduler Modes Overview ................. 30

12 SNOW 3G Crypto Poll Mode Driver ....................... 33
12.1 Features ........................................... 33
12.2 Limitations ....................................... 33
12.3 Installation ....................................... 33
12.4 Initialization ...................................... 34

13 Intel(R) QuickAssist (QAT) Crypto Poll Mode Driver .... 35
13.1 Features ........................................... 35
13.2 Limitations ....................................... 36
13.3 Installation ....................................... 36
13.4 Installation using kernel.org driver ................. 37
13.5 Installation using 01.org QAT driver ................. 38
13.6 Binding the available VFs to the DPDK UIO driver .... 39
13.7 Extra notes on KASUMI F9 ......................... 41

14 ZUC Crypto Poll Mode Driver ............................ 42
14.1 Features ........................................... 42
# CRYPTO DEVICE SUPPORTED FUNCTIONALITY MATRICES

## 1.1 Supported Feature Flags

Table 1.1: Features availability in crypto drivers

| Feature                  | aes     | ni_     | g cm | aes     | ni_     | mb | arm    | v8 | dap     | a2_     | sec | dap     | a_s     | sec | kas     | su     | mi | mrv     | ll | op      | en     | ssl | qat     | sn      | ow     | 3g     | zuc     |
|--------------------------|---------|---------|------|---------|---------|----|--------|----|---------|---------|     |        |        |     |        |       |    |        |      |       |        |        |       |       |        |
| Symmetric crypto         | Y       | Y       | Y    | Y       | Y       |    |        |    | Y       | Y       |    |        | Y       |    |        | Y     |    |        | Y     |    |        | Y     |    |       | Y     |
| Asymmetric crypto        |         |         |      |         |         |    |        |    |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| Sym operation chaining   | Y       | Y       | Y    | Y       | Y       |    |        |    | Y       | Y       |    |        | Y       |    |        | Y     |    |        | Y     |    |        | Y     |    |       | Y     |
| HW Accelerated           |         |         |      |         |         |    |        | Y  |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| Protocol offload          |         |         |      |         |         |    |        | Y  |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| CPU SSE                  | Y       | Y       |      |         |         |    |        |    |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| CPU AVX                  | Y       |         |      |         |         |    |        |    |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| CPU AVX2                 | Y       | Y       |      |         |         |    |        |    |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| CPU AVX512               | Y       |         |      |         |         |    |        |    |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| CPU AESNI                | Y       | Y       |      |         |         |    |        |    |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| CPU NEON                 |         |         |      |         |         |    |        | Y  |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
| CPU ARM CE               |         |         |      |         |         |    |        | Y  |         |         |    |        |         |    |        |       |    |        |       |    |        |       |    |       |       |
## 1.2 Supported Cipher Algorithms

<table>
<thead>
<tr>
<th>Cipher algorithm</th>
<th>aes ni mc</th>
<th>aes ni mb</th>
<th>ar m v</th>
<th>dpa 2 sec</th>
<th>dpa a sec</th>
<th>ka su mi</th>
<th>m r v l</th>
<th>n u l l</th>
<th>op ens s l</th>
<th>q a t</th>
<th>s n o w 3 g</th>
<th>z u c</th>
</tr>
</thead>
<tbody>
<tr>
<td>NULL</td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CBC (128)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CBC (192)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CBC (256)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CTR (128)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CTR (192)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CTR (256)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES DOC-SIS BPI</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>3DES CBC</td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>3DES CTR</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>DES CBC</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>DES DOC-SIS BPI</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>SNOW3G UEA2</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>KA-SUMI F8</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>ZUC EEA3</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
## 1.3 Supported Authentication Algorithms

Table 1.3: Authentication algorithms in crypto drivers

<table>
<thead>
<tr>
<th>Authentication algorithm</th>
<th>aes n i g c m</th>
<th>aes n i m b</th>
<th>ar m v 8</th>
<th>d p a a 2 _ s e c</th>
<th>d p a a _ s e c</th>
<th>k a s u m i</th>
<th>m r v l</th>
<th>n u l l</th>
<th>o p e n s s l</th>
<th>q a t</th>
<th>s n o w 3 g</th>
<th>z u c</th>
</tr>
</thead>
<tbody>
<tr>
<td>NULL</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>MD5</td>
<td></td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>HMAC</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>SHA1</td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>HMAC</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>SHA224</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>HMAC</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>SHA256</td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>HMAC</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>SHA384</td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>HMAC</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>SHA512</td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>HMAC</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES XCBC MAC</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES GMAC</td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>SNOW3G UIA2</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>KASUMI F9</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>ZUC EIA3</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
# 1.4 Supported AEAD Algorithms

## Table 1.4: AEAD algorithms in crypto drivers

<table>
<thead>
<tr>
<th>AEAD algorithm</th>
<th>aesni_gcm</th>
<th>aesni_mb</th>
<th>armv8</th>
<th>dpaa2sec</th>
<th>dpassec</th>
<th>kasmim</th>
<th>mrvl</th>
<th>null</th>
<th>openssl</th>
<th>qant</th>
<th>snow3g</th>
<th>zuc</th>
</tr>
</thead>
<tbody>
<tr>
<td>AES GCM (128)</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES GCM (192)</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES GCM (256)</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CCM (128)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CCM (192)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
</tr>
<tr>
<td>AES CCM (256)</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>Y</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
The AESNI MB PMD (librte_pmd_aesni_mb) provides poll mode crypto driver support for utilizing Intel multi buffer library, see the white paper Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors.

The AES-NI MB PMD has current only been tested on Fedora 21 64-bit with gcc.

2.1 Features

AESNI MB PMD has support for:

Cipher algorithms:
- RTE_CRYPTO_CIPHER_AES128_CBC
- RTE_CRYPTO_CIPHER_AES192_CBC
- RTE_CRYPTO_CIPHER_AES256_CBC
- RTE_CRYPTO_CIPHER_AES128_CTR
- RTE_CRYPTO_CIPHER_AES192_CTR
- RTE_CRYPTO_CIPHER_AES256_CTR
- RTE_CRYPTO_CIPHER_AES_DOCSISBPI
- RTE_CRYPTO_CIPHER_DES_CBC
- RTE_CRYPTO_CIPHER_DES_DOCSISBPI

Hash algorithms:
- RTE_CRYPTO_HASH_MD5_HMAC
- RTE_CRYPTO_HASH_SHA1_HMAC
- RTE_CRYPTO_HASH_SHA224_HMAC
- RTE_CRYPTO_HASH_SHA256_HMAC
- RTE_CRYPTO_HASH_SHA384_HMAC
- RTE_CRYPTO_HASH_SHA512_HMAC
- RTE_CRYPTO_HASH_AES_XCBC_HMAC
2.2 Limitations

- Chained mbufs are not supported.
- Only in-place is currently supported (destination address is the same as source address).

2.3 Installation

To build DPDK with the AESNI_MB_PMD the user is required to download the multi-buffer library from here and compile it on their user system before building DPDK. The latest version of the library supported by this PMD is v0.47, which can be downloaded from https://github.com/01org/intel-ipsec-mb/archive/v0.47.zip.

As a reference, the following table shows a mapping between the past DPDK versions and the Multi-Buffer library version supported by them:

<table>
<thead>
<tr>
<th>DPDK version</th>
<th>Multi-buffer library version</th>
</tr>
</thead>
<tbody>
<tr>
<td>2.2 - 16.11</td>
<td>0.43 - 0.44</td>
</tr>
<tr>
<td>17.02</td>
<td>0.44</td>
</tr>
<tr>
<td>17.05 - 17.08</td>
<td>0.45 - 0.47</td>
</tr>
<tr>
<td>17.11+</td>
<td>0.47</td>
</tr>
</tbody>
</table>

2.4 Initialization

In order to enable this virtual crypto PMD, user must:

- Export the environmental variable AESNI_MULTI_BUFFER_LIB_PATH with the path where the library was extracted.
- Build the multi buffer library (explained in Installation section).
- Set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_base.

To use the PMD in an application, user must:

- Call rte_vdev_init("crypto_aesni_mb") within the application.
- Use --vdev="crypto_aesni_mb" in the EAL options, which will call rte_vdev_init() internally.

The following parameters (all optional) can be provided in the previous two calls:

- socket_id: Specify the socket where the memory for the device is going to be allocated (by default, socket_id will be the socket where the core that is creating the PMD is running on).
- max_nb_queue_pairs: Specify the maximum number of queue pairs in the device (8 by default).
• **max_nb_sessions**: Specify the maximum number of sessions that can be created (2048 by default).

Example:

```
./l2fwd-crypto -l 1 -n 4 --vdev="crypto_aesni_mb,socket_id=0,max_nb_sessions=128" \
-- -p 1 --cdev SW --chain CIPHER_HASH --cipher_algo "aes-cbc" --auth_algo "sha1-hmac"
```

### 2.5 Extra notes

For AES Counter mode (AES-CTR), the library supports two different sizes for Initialization Vector (IV):

- **12 bytes**: used mainly for IPSec, as it requires 12 bytes from the user, which internally are appended the counter block (4 bytes), which is set to 1 for the first block (no padding required from the user)
- **16 bytes**: when passing 16 bytes, the library will take them and use the last 4 bytes as the initial counter block for the first block.
The AES-NI GCM PMD (librte_pmd_aesni_gcm) provides poll mode crypto driver support for utilizing Intel multi buffer library (see AES-NI Multi-buffer PMD documentation to learn more about it, including installation).

### 3.1 Features

AESNI GCM PMD has support for:
- Authentication algorithms:
  - RTE_CRYPTO_AUTH_AES_GMAC
- AEAD algorithms:
  - RTE_CRYPTO_AEAD_AES_GCM

### 3.2 Limitations

- Chained mbufs are supported but only out-of-place (destination mbuf must be contiguous).
- Chained mbufs are only supported by RTE_CRYPTO_AEAD_AES_GCM algorithm, not RTE_CRYPTO_AUTH_AES_GMAC.
- Cipher only is not supported.

### 3.3 Installation

To build DPDK with the AESNI_GCM_PMD the user is required to download the multi-buffer library from [here](https://github.com/01org/intel-ipsec-mb/archive/v0.47.zip) and compile it on their user system before building DPDK. The latest version of the library supported by this PMD is v0.47, which can be downloaded in [https://github.com/01org/intel-ipsec-mb/archive/v0.47.zip](https://github.com/01org/intel-ipsec-mb/archive/v0.47.zip).

As a reference, the following table shows a mapping between the past DPDK versions and the external crypto libraries supported by them:
Table 3.1: DPDK and external crypto library version compatibility

<table>
<thead>
<tr>
<th>DPDK version</th>
<th>Crypto library version</th>
</tr>
</thead>
<tbody>
<tr>
<td>16.04 - 16.11</td>
<td>Multi-buffer library 0.43 - 0.44</td>
</tr>
<tr>
<td>17.02 - 17.05</td>
<td>ISA-L Crypto v2.18</td>
</tr>
<tr>
<td>17.08+</td>
<td>Multi-buffer library 0.46+</td>
</tr>
</tbody>
</table>

3.4 Initialization

In order to enable this virtual crypto PMD, user must:

- Export the environmental variable AESNI_MULTI_BUFFER_LIB_PATH with the path where the library was extracted.
- Build the multi buffer library (explained in Installation section).
- Set CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=y in config/common_base.

To use the PMD in an application, user must:

- Call rte_vdev_init(“crypto_aesni_gcm”) within the application.
- Use -vdev=“crypto_aesni_gcm” in the EAL options, which will call rte_vdev_init() internally.

The following parameters (all optional) can be provided in the previous two calls:

- socket_id: Specify the socket where the memory for the device is going to be allocated (by default, socket_id will be the socket where the core that is creating the PMD is running on).
- max_nb_queue_pairs: Specify the maximum number of queue pairs in the device (8 by default).
- max_nb_sessions: Specify the maximum number of sessions that can be created (2048 by default).

Example:

```
./l2fwd-crypto -l 1 -n 4 --vdev="crypto_aesni_gcm,socket_id=0,max_nb_sessions=128" \
-- -p 1 --cdev SW --chain AEAD --aead_algo "aes-gcm"
```
This code provides the initial implementation of the ARMv8 crypto PMD. The driver uses ARMv8 cryptographic extensions to process chained crypto operations in an optimized way. The core functionality is provided by a low-level library, written in the assembly code.

4.1 Features

ARMv8 Crypto PMD has support for the following algorithm pairs:

Supported cipher algorithms:

• RTE_CRYPTO_CIPHER_AES_CBC

Supported authentication algorithms:

• RTE_CRYPTO_AUTH_SHA1_HMAC
• RTE_CRYPTO_AUTH_SHA256_HMAC

4.2 Installation

In order to enable this virtual crypto PMD, user must:

• Download ARMv8 crypto library source code from [here](#)

• Export the environmental variable ARMV8_CRYPTO_LIB_PATH with the path where the armv8_crypto library was downloaded or cloned.

• Build the library by invoking:

```bash
make -C $ARMV8_CRYPTO_LIB_PATH/
```

• Set CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO=y in config/defconfig_arm64-armv8a-linuxapp-gcc

The corresponding device can be created only if the following features are supported by the CPU:

• RTE_CPUFLAG_AES
• RTE_CPUFLAG_SHA1
• RTE_CPUFLAG_SHA2
• RTE_CPUFLAG_NEON
4.3 Initialization

User can use app/test application to check how to use this PMD and to verify crypto processing. Test name is cryptodev_sw_armv8_autotest. For performance test cryptodev_sw_armv8_perftest can be used.

4.4 Limitations

- Maximum number of sessions is 2048.
- Only chained operations are supported.
- AES-128-CBC is the only supported cipher variant.
- Cipher input data has to be a multiple of 16 bytes.
- Digest input data has to be a multiple of 8 bytes.
The DPAA2_SEC PMD provides poll mode crypto driver support for NXP DPAA2 CAAM hardware accelerator.

5.1 Architecture

SEC is the SOC’s security engine, which serves as NXP’s latest cryptographic acceleration and offloading hardware. It combines functions previously implemented in separate modules to create a modular and scalable acceleration and assurance engine. It also implements block encryption algorithms, stream cipher algorithms, hashing algorithms, public key algorithms, run-time integrity checking, and a hardware random number generator. SEC performs higher-level cryptographic operations than previous NXP cryptographic accelerators. This provides significant improvement to system level performance.

DPAA2_SEC is one of the hardware resource in DPAA2 Architecture. More information on DPAA2 Architecture is described in dpaa2_overview.

DPAA2_SEC PMD is one of DPAA2 drivers which interacts with Management Complex (MC) portal to access the hardware object - DPSECI. The MC provides access to create, discover, connect, configure and destroy dpseci objects in DPAA2_SEC PMD.

DPAA2_SEC PMD also uses some of the other hardware resources like buffer pools, queues, queue portals to store and to enqueue/dequeue data to the hardware SEC.

DPSECI objects are detected by PMD using a resource container called DPRC (like in dpaa2_overview).

For example:

```
DPRC.1 (bus)

+---------+---------+---------+---------+---------+
|         |         |         |         |         |
| DPMCP.1 | DPIO.1  | DPBP.1  | DPNI.1  | DPMAC.1 |
| DPMCP.2 | DPIO.2  |         | DPNI.2  | DPMAC.2 |
| DPMCP.3 |
```

5.2 Implementation

SEC provides platform assurance by working with SecMon, which is a companion logic block that tracks the security state of the SOC. SEC is programmed by means of descriptors (not to be confused with frame descriptors (FDs)) that indicate the operations to be performed and
link to the message and associated data. SEC incorporates two DMA engines to fetch the
descriptors, read the message data, and write the results of the operations. The DMA engine
provides a scatter/gather capability so that SEC can read and write data scattered in memory.
SEC may be configured by means of software for dynamic changes in byte ordering. The
default configuration for this version of SEC is little-endian mode.

A block diagram similar to dpaa2 NIC is shown below to show where DPAA2_SEC fits in the
DPAA2 Bus model

```
+----------------+ +------------+
| DPDK DPAA2_SEC | | Mempool |
| PMD             | (DPSECII)   | (DPBP)   |
+----------------+ +------------+

+--------------------------+
| MC SEC object |.......| Mempool |
+--------------------------+

+---------------+---+---+--------+ +-----+------+
| ^ | . | | enqueue, |
| | | | dequeue> |
| | | |
+--------------------------+

+----+------------+
| DPIO driver | |
| (DPIO)      | |
+------------+

+---------------+---+---+--------+ +-----+------+
|QBMAN | Driver | |
+-------+-----+------+

+-------------------+-------------------+
| /bus/fslmc         | /bus/fslmc         |
+-------------------+-------------------+

+--------------------------HARDWARE--------------------------+
| DPIO                     |
| DPSECII--DPBP            |
```

5.3 Features

The DPAA2_SEC PMD has support for:

Cipher algorithms:

- `RTE_CRYPTO_CIPHER_3DES_CBC`
- `RTE_CRYPTO_CIPHER_AES128_CBC`
- `RTE_CRYPTO_CIPHER_AES192_CBC`
- `RTE_CRYPTO_CIPHER_AES256_CBC`
- `RTE_CRYPTO_CIPHER_AES128_CTR`
- `RTE_CRYPTO_CIPHER_AES192_CTR`
- `RTE_CRYPTO_CIPHER_AES256_CTR`

Hash algorithms:
Crypto Device Drivers, Release 17.11.10

AEAD algorithms:

• RTE_CRYPTO_AEAD_AES_GCM

5.4 Supported DPAA2 SoCs

• LS2080A/LS2040A
• LS2084A/LS2044A
• LS2088A/LS2048A
• LS1088A/LS1048A

5.5 Limitations

• Chained mbufs are not supported.
• Hash followed by Cipher mode is not supported
• Only supports the session-oriented API implementation (session-less APIs are not supported).

5.6 Prerequisites

DPAA2_SEC driver has similar pre-requisites as described in dpaa2_overview. The following dependencies are not part of DPDK and must be installed separately:

• NXP Linux SDK

NXP Linux software development kit (SDK) includes support for the family of QorIQ® ARM-Architecture-based system on chip (SoC) processors and corresponding boards.

It includes the Linux board support packages (BSPs) for NXP SoCs, a fully operational tool chain, kernel and board specific modules.

SDK and related information can be obtained from: NXP QorIQ SDK.

• DPDK Extra Scripts

DPAA2 based resources can be configured easily with the help of ready scripts as provided in the DPDK helper repository.

DPDK Extra Scripts.
Currently supported by DPDK:

- NXP SDK 17.08+.
- MC Firmware version 10.3.1 and higher.
- Supported architectures: arm64 LE.
- Follow the DPDK Getting Started Guide for Linux to setup the basic DPDK environment.

5.7 Pre-Installation Configuration

5.7.1 Config File Options

Basic DPAA2 config file options are described in dpaa2_overview. In addition to those, the following options can be modified in the config file to enable DPAA2_SEC PMD.

Please note that enabling debugging options may affect system performance.

- `CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC` (default n) By default it is only enabled in defconfig_arm64-dpaa2-* config. Toggle compilation of the librte_pmd_dpaa2_sec driver.
- `CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_INIT` (default n) Toggle display of initialization related driver messages
- `CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_DRIVER` (default n) Toggle display of driver runtime messages
- `CONFIG_RTE_LIBRTE_DPAA2_SEC_DEBUG_RX` (default n) Toggle display of receive fast path run-time message
- `CONFIG_RTE_DPAA2_SEC_PMD_MAX_NB_SESSIONS` By default it is set as 2048 in defconfig_arm64-dpaa2-* config. It indicates Number of sessions to create in the session memory pool on a single DPAA2 SEC device.

5.8 Installations

To compile the DPAA2_SEC PMD for Linux arm64 gcc target, run the following make command:

    cd <DPDK-source-directory>
    make config T=arm64-dpaa2-linuxapp-gcc install
The DPAA_SEC PMD provides poll mode crypto driver support for NXP DPAA CAAM hardware accelerator.

6.1 Architecture

SEC is the SOC’s security engine, which serves as NXP’s latest cryptographic acceleration and offloading hardware. It combines functions previously implemented in separate modules to create a modular and scalable acceleration and assurance engine. It also implements block encryption algorithms, stream cipher algorithms, hashing algorithms, public key algorithms, run-time integrity checking, and a hardware random number generator. SEC performs higher-level cryptographic operations than previous NXP cryptographic accelerators. This provides significant improvement to system level performance.

DPAA_SEC is one of the hardware resource in DPAA Architecture. More information on DPAA Architecture is described in dpaa_overview.

DPAA_SEC PMD is one of DPAA drivers which interacts with QBMAN to create, configure and destroy the device instance using queue pair with CAAM portal.

DPAA_SEC PMD also uses some of the other hardware resources like buffer pools, queues, queue portals to store and to enqueue/dequeue data to the hardware SEC.

6.2 Implementation

SEC provides platform assurance by working with SecMon, which is a companion logic block that tracks the security state of the SOC. SEC is programmed by means of descriptors (not to be confused with frame descriptors (FDs)) that indicate the operations to be performed and link to the message and associated data. SEC incorporates two DMA engines to fetch the descriptors, read the message data, and write the results of the operations. The DMA engine provides a scatter/gather capability so that SEC can read and write data scattered in memory. SEC may be configured by means of software for dynamic changes in byte ordering. The default configuration for this version of SEC is little-endian mode.

6.3 Features

The DPAA PMD has support for:
Cipher algorithms:

- RTE_CRYPTO_CIPHER_3DES_CBC
- RTE_CRYPTO_CIPHER_AES128_CBC
- RTE_CRYPTO_CIPHER_AES192_CBC
- RTE_CRYPTO_CIPHER_AES256_CBC
- RTE_CRYPTO_CIPHER_AES128_CTR
- RTE_CRYPTO_CIPHER_AES192_CTR
- RTE_CRYPTO_CIPHER_AES256_CTR

Hash algorithms:

- RTE_CRYPTO_AUTH_SHA1_HMAC
- RTE_CRYPTO_AUTH_SHA224_HMAC
- RTE_CRYPTO_AUTH_SHA256_HMAC
- RTE_CRYPTO_AUTH_SHA384_HMAC
- RTE_CRYPTO_AUTH_SHA512_HMAC
- RTE_CRYPTO_AUTH_MD5_HMAC

AEAD algorithms:

- RTE_CRYPTO_AEAD_AES_GCM

6.4 Supported DPAA SoCs

- LS1046A/LS1026A
- LS1043A/LS1023A

6.5 Limitations

- Chained mbufs are not supported.
- Hash followed by Cipher mode is not supported
- Only supports the session-oriented API implementation (session-less APIs are not supported).

6.6 Prerequisites

DPAA_SEC driver has similar pre-requisites as described in dpaa_overview. The following dependencies are not part of DPDK and must be installed separately:

- NXP Linux SDK

NXP Linux software development kit (SDK) includes support for the family of QorIQ® ARM-Architecture-based system on chip (SoC) processors and corresponding boards.
It includes the Linux board support packages (BSPs) for NXP SoCs, a fully operational tool chain, kernel and board specific modules.

SDK and related information can be obtained from: NXP QorIQ SDK.

- **DPDK Extras Scripts**
  DPAA based resources can be configured easily with the help of ready scripts as provided in the DPDK Extras repository.

Currently supported by DPDK:

- NXP SDK 2.0+
- Supported architectures: arm64 LE
- Follow the DPDK Getting Started Guide for Linux to setup the basic DPDK environment.

### 6.7 Pre-Installation Configuration

#### 6.7.1 Config File Options

Basic DPAA config file options are described in dpaa_overview. In addition to those, the following options can be modified in the `config` file to enable DPAA_SEC PMD.

Please note that enabling debugging options may affect system performance.

- `CONFIG_RTE_LIBRTE_PMD_DPAA_SEC` (default `n`) By default it is only enabled in `defconfig_arm64-dpaa-*` config. Toggle compilation of the `librte_pmd_dpaa_sec` driver.

- `CONFIG_RTE_LIBRTE_DPAA_SEC_DEBUG_INIT` (default `n`) Toggle display of initialization related driver messages
- `CONFIG_RTE_LIBRTE_DPAA_SEC_DEBUG_DRIVER` (default `n`) Toggle display of driver runtime messages
- `CONFIG_RTE_LIBRTE_DPAA_SEC_DEBUG_RX` (default `n`) Toggle display of receive fast path run-time message
- `CONFIG_RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS` By default it is set as 2048 in `defconfig_arm64-dpaa-*` config. It indicates Number of sessions to create in the session memory pool on a single DPAA SEC device.

### 6.8 Installations

To compile the DPAA_SEC PMD for Linux arm64 gcc target, run the following `make` command:

```bash
cd <DPDK-source-directory>
make config T=arm64-dpaa-linuxapp-gcc install
```
KASUMI CRYPTO POLL MODE DRIVER

The KASUMI PMD (librte_pmd_kasumi) provides poll mode crypto driver support for utilizing Intel Libsso library, which implements F8 and F9 functions for KASUMI UEA1 cipher and UIA1 hash algorithms.

7.1 Features

KASUMI PMD has support for:

Cipher algorithm:
- RTE_CRYPTO_CIPHER_KASUMI_F8

Authentication algorithm:
- RTE_CRYPTO_AUTH_KASUMI_F9

7.2 Limitations

- Chained mbufs are not supported.
- KASUMI(F9) supported only if hash offset and length field is byte-aligned.
- In-place bit-level operations for KASUMI(F8) are not supported (if length and/or offset of data to be ciphered is not byte-aligned).

7.3 Installation

To build DPDK with the KASUMI_PMD the user is required to download the export controlled libsso_kasumi library, by requesting it from https://networkbuilders.intel.com/network-technologies/dpdk. Once approval has been granted, the user needs to log in https://networkbuilders.intel.com/dpdklogin and click on “Kasumi Bit Stream crypto library” link, to download the library. After downloading the library, the user needs to unpack and compile it on their system before building DPDK:

```make```

Note: When encrypting with KASUMI F8, by default the library encrypts full blocks of 8 bytes, regardless the number of bytes to be encrypted provided (which leads to a possible buffer overflow). To avoid this situation, it is necessary not to pass 3GPP_SAFE_BUFFERS as a
compilation flag. Also, this is required when using chained operations (cipher-then-auth/auth-then-cipher). For this, in the Makefile of the library, make sure that this flag is commented out:

```
#EXTRA_CFLAGS += -D_3GPP_SAFE_BUFFERS
```

**Note**: To build the PMD as a shared library, the libssso_kasumi library must be built as follows:

```
make KASUMI_CFLAGS=-DKASUMI_C
```

### 7.4 Initialization

In order to enable this virtual crypto PMD, user must:

- Export the environmental variable LIBSSO_KASUMI_PATH with the path where the library was extracted (kasumi folder).
- Build the LIBSSO library (explained in Installation section).
- Set `CONFIG_RTE_LIBRTE_PMD_KASUMI=y` in `config/common_base`

To use the PMD in an application, user must:

- Call `rte_vdev_init("crypto_kasumi")` within the application.
- Use `--vdev="crypto_kasumi"` in the EAL options, which will call `rte_vdev_init()` internally.

The following parameters (all optional) can be provided in the previous two calls:

- `socket_id`: Specify the socket where the memory for the device is going to be allocated (by default, `socket_id` will be the socket where the core that is creating the PMD is running on).
- `max_nb_queue_pairs`: Specify the maximum number of queue pairs in the device (8 by default).
- `max_nb_sessions`: Specify the maximum number of sessions that can be created (2048 by default).

**Example:**

```
./l2fwd-crypto -l 1 -n 4 --vdev="crypto_kasumi,socket_id=0,max_nb_sessions=128" \ 
-- p 1 --cdev SW --chain CIPHER_ONLY --cipher_algo "kasumi-f8"
```

### 7.5 Extra notes on KASUMI F9

When using KASUMI F9 authentication algorithm, the input buffer must be constructed according to the 3GPP KASUMI specifications (section 4.4, page 13): [http://cryptome.org/3gpp/35201-900.pdf](http://cryptome.org/3gpp/35201-900.pdf). Input buffer has to have COUNT (4 bytes), FRESH (4 bytes), MESSAGE and DIRECTION (1 bit) concatenated. After the DIRECTION bit, a single '1' bit is appended, followed by between 0 and 7 '0' bits, so that the total length of the buffer is multiple of 8 bits. Note that the actual message can be any length, specified in bits.

Once this buffer is passed this way, when creating the crypto operation, length of data to authenticate (op.sym.auth.data.length) must be the length of all the items described above, including the padding at the end. Also, offset of data to authenticate (op.sym.auth.data.offset) must be such that points at the start of the COUNT bytes.
CHAPTER
EIGHT

OPENSSL CRYPTO POLL MODE DRIVER

This code provides the initial implementation of the openssl poll mode driver. All cryptography operations are using Openssl library crypto API. Each algorithm uses EVP interface from openssl API - which is recommended by Openssl maintainers.

For more details about openssl library please visit openssl webpage: https://www.openssl.org/

8.1 Features

OpenSSL PMD has support for:

Supported cipher algorithms:

- RTE_CRYPTO_CIPHER_3DES_CBC
- RTE_CRYPTO_CIPHER_AES_CBC
- RTE_CRYPTO_CIPHER_AES_CTR
- RTE_CRYPTO_CIPHER_3DES_CTR
- RTE_CRYPTO_CIPHER_DES_DOCSISBPI

Supported authentication algorithms:

- RTE_CRYPTO_AUTH_AES_GMAC
- RTE_CRYPTO_AUTH_MD5
- RTE_CRYPTO_AUTH_SHA1
- RTE_CRYPTO_AUTH_SHA224
- RTE_CRYPTO_AUTH_SHA256
- RTE_CRYPTO_AUTH_SHA384
- RTE_CRYPTO_AUTH_SHA512
- RTE_CRYPTO_AUTH_MD5_HMAC
- RTE_CRYPTO_AUTH_SHA1_HMAC
- RTE_CRYPTO_AUTH_SHA224_HMAC
- RTE_CRYPTO_AUTH_SHA256_HMAC
- RTE_CRYPTO_AUTH_SHA384_HMAC
Supported AEAD algorithms:
- RTE_CRYPTO_AUTH_SHA512_HMAC
- RTE_CRYPTO_AEAD_AES_GCM
- RTE_CRYPTO_AEAD_AES_CCM

8.2 Installation

To compile openssl PMD, it has to be enabled in the config/common_base file and appropriate openssl packages have to be installed in the build environment.

The newest openssl library version is supported:
- 1.0.2h-fips 3 May 2016.

Older versions that were also verified:
- 1.0.1f 6 Jan 2014
- 1.0.1 14 Mar 2012

For Ubuntu 14.04 LTS these packages have to be installed in the build system:

```
sudo apt-get install openssl
sudo apt-get install libc6-dev-i386 # for i686-native-linuxapp-gcc target
```

This code was also verified on Fedora 24. This code has NOT been verified on FreeBSD yet.

8.3 Initialization

User can use app/test application to check how to use this pmd and to verify crypto processing. Test name is cryptodev_openssl_autotest. For performance test cryptodev_openssl_perftest can be used.

To verify real traffic l2fwd-crypto example can be used with this command:

```
```

8.4 Limitations

- Maximum number of sessions is 2048.
- Chained mbufs are supported only for source mbuf (destination must be contiguous).
- Hash only is not supported for GCM and GMAC.
- Cipher only is not supported for GCM and GMAC.
The MRVL CRYPTO PMD (librte_crypto_mrvl_pmd) provides poll mode crypto driver support by utilizing MUSDK library, which provides cryptographic operations acceleration by using Security Acceleration Engine (EIP197) directly from user-space with minimum overhead and high performance.

9.1 Features

MRVL CRYPTO PMD has support for:

- Symmetric crypto
- Sym operation chaining
- AES CBC (128)
- AES CBC (192)
- AES CBC (256)
- AES CTR (128)
- AES CTR (192)
- AES CTR (256)
- 3DES CBC
- 3DES CTR
- MD5
- MD5 HMAC
- SHA1
- SHA1 HMAC
- SHA256
- SHA256 HMAC
- SHA384
- SHA384 HMAC
- SHA512
- SHA512 HMAC
• AES GCM (128)

9.2 Limitations

• Hardware only supports scenarios where ICV (digest buffer) is placed just after the authenticated data. Other placement will result in error.
• Before running crypto test suite it is advised to increase limit of opened files:
  \[
  \text{ulimit -n 20000}
  \]

9.3 Installation

MRVL CRYPTO PMD driver compilation is disabled by default due to external dependencies. Currently there are two driver specific compilation options in \texttt{config/common\_base} available:

- \texttt{CONFIG\_RTE\_LIBRTE\_MRVL\_CRYPTO} (default \texttt{n})
  
  Toggle compilation of the \texttt{librte\_pmd\_mrvl} driver.

- \texttt{CONFIG\_RTE\_LIBRTE\_MRVL\_CRYPTO\_DEBUG} (default \texttt{n})
  
  Toggle display of debugging messages.

During compilation external MUSDK library, which provides direct access to Marvell's EIP197 cryptographic engine, is necessary. Library sources are available \url{here}. Alternatively, prebuilt library can be downloaded from \url{Marvell Extranet}. Once approval has been granted, library can be found by typing \texttt{musdk} in the search box.

For MUSDK library build instructions please refer to \url{doc/musdk_get_started.txt} in library sources directory.

MUSDK requires out of tree kernel modules to work. Kernel tree needed to build them is available \url{here}.

9.4 Initialization

After successfully building MRVL CRYPTO PMD, the following modules need to be loaded:

\begin{verbatim}
insmod musdk_uio.ko
insmod mvpp2x_sysfs.ko
insmod mv_pp_uio.ko
insmod mv_sam_uio.ko
insmod crypto_safexcel.ko
\end{verbatim}

- \texttt{musdk\_uio.ko}, \texttt{mv\_pp2\_uio.ko} and \texttt{mv\_sam\_uio.ko} are distributed together with MUSDK library.
- \texttt{crypto\_safexcel.ko} is an in-kernel module.
- \texttt{mvpp2x\_sysfs.ko} can be build from sources available \url{here}.

The following parameters (all optional) are exported by the driver:

- \texttt{max\_nb\_queue\_pairs}: maximum number of queue pairs in the device (8 by default).
• max_nb_sessions: maximum number of sessions that can be created (2048 by default).

• socket_id: socket on which to allocate the device resources on.

l2fwd-crypto example application can be used to verify MRVL CRYPTO PMD operation:

```
./l2fwd-crypto --vdev=net_mrvl,iface=eth0 --vdev=crypto_mrvl -- 
--cipher_op ENCRYPT --cipher_algo aes-cbc 
--cipher_key 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f 
--auth_op GENERATE --auth_algo sha1-hmac 
```

Example output:

```
[...]
AAD: at [0x7f253ceb80], len=
```

```
P ID 0 configuration ----
Port mode : KR
MAC status : disabled
Link status : link up
Port speed : 10G
Port duplex : full
Port: Egress enable tx_port_num=16 qmap=0x1
PORT: Port0 - link
P ID 0 configuration ----
Port mode : KR
MAC status : disabled
Link status : link down
Port speed : 10G
Port duplex : full
Port: Egress enable tx_port_num=16 qmap=0x1
```

```
Port 0 Link Up - speed 0 Mbps - full-duplex
Lcore 0: RX port 0
Allocated session pool on socket 0
eip197: 0:0 registers: paddr: 0xf2880000, vaddr: 0x0x7f56a80000
DMA buffer (131136 bytes) for CDR #0 allocated: paddr = 0xb0585e00, vaddr = 0x7f09384e00
DMA buffer (131136 bytes) for RDR #0 allocated: paddr = 0xb05a5f00, vaddr = 0x7f093a4f00
DMA buffers allocated for 2049 operations. Tokens - 256 bytes
Lcore 0: cryptodev 0
L2FWD: lcore 1 has nothing to do
L2FWD: lcore 2 has nothing to do
L2FWD: lcore 3 has nothing to do
L2FWD: entering main loop on lcore 0
L2FWD: -- lcoreid=0 portid=0
L2FWD: -- lcoreid=0 cryptoid=0
Options:-
nportmask: ffffffff
ports per lcore: 1
refresh period : 10000
single lcore mode: disabled
stats_printing: enabled
sessionless crypto: disabled
```

```
Crypto chain: Input --> Encrypt --> Auth generate --> Output
```

```
---- Cipher information ---
Algorithm: aes-cbc
Cipher key: at [0x7f56db4e80], len=16
00000000: 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ...............
IV: at [0x7f56db4b80], len=16
```
9.4. Initialization
The Null Crypto PMD (lib rte_pmd_null_crypto) provides a crypto poll mode driver which provides a minimal implementation for a software crypto device. As a null device it does not modify the data in the mbuf on which the crypto operation is to operate and it only has support for a single cipher and authentication algorithm.

When a burst of mbufs is submitted to a Null Crypto PMD for processing then each mbuf in the burst will be enqueued in an internal buffer for collection on a dequeue call as long as the mbuf has a valid rte_mbuf_offload operation with a valid rte_cryptodev_session or rte_crypto_xform chain of operations.

### 10.1 Features

#### Modes:
- RTE_CRYPTO_XFORM_CIPHER ONLY
- RTE_CRYPTO_XFORM_AUTH ONLY
- RTE_CRYPTO_XFORM_CIPHER THEN RTE_CRYPTO_XFORM_AUTH
- RTE_CRYPTO_XFORM_AUTH THEN RTE_CRYPTO_XFORM_CIPHER

#### Cipher algorithms:
- RTE_CRYPTO_CIPHER_NULL

#### Authentication algorithms:
- RTE_CRYPTO_AUTH_NULL

### 10.2 Limitations

- Only in-place is currently supported (destination address is the same as source address).

### 10.3 Installation

The Null Crypto PMD is enabled and built by default in both the Linux and FreeBSD builds.
10.4 Initialization

To use the PMD in an application, user must:

- Call `rte_vdev_init("crypto_null")` within the application.
- Use `--vdev="crypto_null"` in the EAL options, which will call `rte_vdev_init()` internally.

The following parameters (all optional) can be provided in the previous two calls:

- **socket_id**: Specify the socket where the memory for the device is going to be allocated (by default, `socket_id` will be the socket where the core that is creating the PMD is running on).
- **max_nb_queue_pairs**: Specify the maximum number of queue pairs in the device (8 by default).
- **max_nb_sessions**: Specify the maximum number of sessions that can be created (2048 by default).

Example:

```
./l2fwd-crypto -l 1 -n 4 --vdev="crypto_null,socket_id=0,max_nb_sessions=128" \
-- -p 1 --cdev SW --chain CIPHER_ONLY --cipher_algo "null"
```
CHAPTER
ELEVEN

CRYPTODEV SCHEDULER POLL MODE DRIVER LIBRARY

Scheduler PMD is a software crypto PMD, which has the capabilities of attaching hardware and/or software cryptodevs, and distributes ingress crypto ops among them in a certain manner.

The Cryptodev Scheduler PMD library ([librte_pmd_crypto_scheduler](#)) acts as a software crypto PMD and shares the same API provided by librte_cryptodev. The PMD supports attaching multiple crypto PMDs, software or hardware, as slaves, and distributes the crypto workload to them with certain behavior. The behaviors are categorized as different “modes”. Basically, a scheduling mode defines certain actions for scheduling crypto ops to its slaves.

The librte_pmd_crypto_scheduler library exports a C API which provides an API for attaching/detaching slaves, set/get scheduling modes, and enable/disable crypto ops reordering.

### 11.1 Limitations

- Sessionless crypto operation is not supported
- OOP crypto operation is not supported when the crypto op reordering feature is enabled.
11.2 Installation

To build DPDK with CRYPTO_SCHEDULER_PMD the user is required to set CONFIG_RTE_LIBRTE_PMD_CRYPTO_SCHEDULER=y in config/common_base, and recompile DPDK

11.3 Initialization

To use the PMD in an application, user must:

- Call rte_vdev_init("crypto_scheduler") within the application.
- Use --vdev="crypto_scheduler" in the EAL options, which will call rte_vdev_init() internally.

The following parameters (all optional) can be provided in the previous two calls:

- socket_id: Specify the socket where the memory for the device is going to be allocated (by default, socket_id will be the socket where the core that is creating the PMD is running on).
- max_nb_sessions: Specify the maximum number of sessions that can be created. This value may be overwritten internally if there are too many devices are attached.
- slave: If a cryptodev has been initialized with specific name, it can be attached to the scheduler using this parameter, simply filling the name here. Multiple cryptodevs can be attached initially by presenting this parameter multiple times.
- mode: Specify the scheduling mode of the PMD. The supported scheduling mode parameter values are specified in the “Cryptodev Scheduler Modes Overview” section.
- ordering: Specify the status of the crypto operations ordering feature. The value of this parameter can be “enable” or “disable”. This feature is disabled by default.

Example:

... --vdev "crypto_aesni_mb0,name=aesni_mb_1" --vdev "crypto_aesni_mb1,name=aesni_mb_2" --vdev ...

Note:

- The scheduler cryptodev cannot be started unless the scheduling mode is set and at least one slave is attached. Also, to configure the scheduler in the run-time, like attach/detach slave(s), change scheduling mode, or enable/disable crypto op ordering, one should stop the scheduler first, otherwise an error will be returned.
- The crypto op reordering feature requires using the userdata field of every mbuf to be processed to store temporary data. By the end of processing, the field is set to pointing to NULL, any previously stored value of this field will be lost.

11.4 Cryptodev Scheduler Modes Overview

Currently the Crypto Scheduler PMD library supports following modes of operation:
• **CDEV_SCHED_MODE_ROUNDROBIN:**

  *Initialization mode parameter: round-robin*

  Round-robin mode, which distributes the enqueued burst of crypto ops among its slaves in a round-robin manner. This mode may help to fill the throughput gap between the physical core and the existing cryptodevs to increase the overall performance.

• **CDEV_SCHED_MODE_PKT_SIZE_DISTR:**

  *Initialization mode parameter: packet-size-distr*

  Packet-size based distribution mode, which works with 2 slaves, the primary slave and the secondary slave, and distributes the enqueued crypto operations to them based on their data lengths. A crypto operation will be distributed to the primary slave if its data length is equal to or bigger than the designated threshold, otherwise it will be handled by the secondary slave.

  A typical usecase in this mode is with the QAT cryptodev as the primary and a software cryptodev as the secondary slave. This may help applications to process additional crypto workload than what the QAT cryptodev can handle on its own, by making use of the available CPU cycles to deal with smaller crypto workloads.

  The threshold is set to 128 bytes by default. It can be updated by calling function `rte_cryptodev_scheduler_option_set`. The parameter of *option_type* must be `CDEV_SCHED_OPTION_THRESHOLD` and *option* should point to a `rte_cryptodev_scheduler_threshold_option` structure filled with appropriate threshold value. Please NOTE this threshold has be a power-of-2 unsigned integer.

• **CDEV_SCHED_MODE_FAILEOVER:**

  *Initialization mode parameter: fail-over*

  Fail-over mode, which works with 2 slaves, the primary slave and the secondary slave. In this mode, the scheduler will enqueue the incoming crypto operation burst to the primary slave. When one or more crypto operations fail to be enqueued, then they will be enqueued to the secondary slave.

• **CDEV_SCHED_MODE_MULTICORE:**

  *Initialization mode parameter: multi-core*

  Multi-core mode, which distributes the workload with several (up to eight) worker cores. The enqueued bursts are distributed among the worker cores in a round-robin manner. If scheduler cannot enqueue entire burst to the same worker, it will enqueue the remaining operations to the next available worker. For pure small packet size (64 bytes) traffic however the multi-core mode is not an optimal solution, as it doesn’t give significant per-core performance improvement. For mixed traffic (IMIX) the optimal number of worker cores is around 2-3. For large packets (1.5 Kbytes) scheduler shows linear scaling in performance up to eight cores. Each worker uses its own slave cryptodev. Only software cryptodevs are supported. Only the same type of cryptodevs should be used concurrently.

  The multi-core mode uses one extra parameter:

  * corelist: Semicolon-separated list of logical cores to be used as workers. The number of worker cores should be equal to the number of slave cryptodevs.
These cores should be present in EAL core list parameter and should not be used by the application or any other process.

Example: ...

```
vdev "crypto_aesni_mb1,name=aesni_mb_1" –vdev "crypto_aesni_mb_pmd2,name=aesni_mb_2" –vdev "crypto_scheduler,slave=aesni_mb_1,slave=aesni_mb_2,mode=multi-core,corelist=23;24" ...
```
SNOW 3G CRYPTO POLL MODE DRIVER

The SNOW 3G PMD (librte_pmd_snow3g) provides poll mode crypto driver support for utilizing Intel Libsso library, which implements F8 and F9 functions for SNOW 3G UEA2 cipher and UIA2 hash algorithms.

12.1 Features

SNOW 3G PMD has support for:

Cipher algorithm:
- RTE_CRYPTO_CIPHER_SNOW3G_UEA2

Authentication algorithm:
- RTE_CRYPTO_AUTH_SNOW3G_UIA2

12.2 Limitations

- Chained mbufs are not supported.
- SNOW 3G (UIA2) supported only if hash offset field is byte-aligned.
- In-place bit-level operations for SNOW 3G (UEA2) are not supported (if length and/or offset of data to be ciphered is not byte-aligned).

12.3 Installation

To build DPDK with the SNOW3G_PMD the user is required to download the export controlled libsso_snow3g library, by requesting it from https://networkbuilders.intel.com/network-technologies/dpdk. Once approval has been granted, the user needs to log in https://networkbuilders.intel.com/dpdklogin and click on “Snow3G Bit Stream crypto library” link, to download the library. After downloading the library, the user needs to unpack and compile it on their system before building DPDK:

```make
make snow3G
```

Note: When encrypting with SNOW3G UEA2, by default the library encrypts blocks of 4 bytes, regardless the number of bytes to be encrypted provided (which leads to a possible buffer overflow). To avoid this situation, it is necessary not to pass 3GPP_SAFE_BUFFERS as a
compilation flag. For this, in the Makefile of the library, make sure that this flag is commented out:

```c
#define EXTRA_CFLAGS += -D_3GPP_SAFE_BUFFERS
```

### 12.4 Initialization

In order to enable this virtual crypto PMD, user must:

- Export the environmental variable LIBSSO_SNOW3G\_PATH with the path where the library was extracted (snow3g folder).
- Build the LIBSSO\_SNOW3G library (explained in Installation section).
- Set `CONFIG\_RTE\_LIBRTE\_PMD\_SNOW3G=y` in `config/common_base`.

To use the PMD in an application, user must:

- Call `rte\_vdev\_init`("crypto\_snow3g") within the application.
- Use `--vdev="crypto\_snow3g"` in the EAL options, which will call `rte\_vdev\_init()` internally.

The following parameters (all optional) can be provided in the previous two calls:

- `socket_id`: Specify the socket where the memory for the device is going to be allocated (by default, `socket_id` will be the socket where the core that is creating the PMD is running on).
- `max_nb_queue_pairs`: Specify the maximum number of queue pairs in the device (8 by default).
- `max_nb_sessions`: Specify the maximum number of sessions that can be created (2048 by default).

Example:

```bash
cat
./l2fwd-crypto -l 1 -n 4 --vdev="crypto_snow3g,socket_id=0,max_nb_sessions=128" \  
-- -p 1 --cdev SW --chain CIPHER\_ONLY --cipher\_algo "snow3g\_uea2"
```
The QAT PMD provides poll mode crypto driver support for the following hardware accelerator devices:

- Intel QuickAssist Technology DH895xCC
- Intel QuickAssist Technology C62x
- Intel QuickAssist Technology C3xxx
- Intel QuickAssist Technology D15xx

13.1 Features

The QAT PMD has support for:

Cipher algorithms:

- RTE_CRYPTO_CIPHER_3DES_CBC
- RTE_CRYPTO_CIPHER_3DES_CTR
- RTE_CRYPTO_CIPHER_AES128_CBC
- RTE_CRYPTO_CIPHER_AES128_CTR
- RTE_CRYPTO_CIPHER_AES192_CBC
- RTE_CRYPTO_CIPHER_AES192_CTR
- RTE_CRYPTO_CIPHER_AES256_CBC
- RTE_CRYPTO_CIPHER_AES256_CTR
- RTE_CRYPTO_CIPHER_SNOW3G_UEA2
- RTE_CRYPTO_CIPHER_NULL
- RTE_CRYPTO_CIPHER_KASUMI_F8
- RTE_CRYPTO_CIPHER_AES_DOCSISBPI
- RTE_CRYPTO_CIPHER_DES_CBC
- RTE_CRYPTO_CIPHER_DES_DOCSISBPI
- RTE_CRYPTO_CIPHER_ZUC_EEA3

Hash algorithms:
• RTE_CRYPTO_AUTH_SHA1_HMAC
• RTE_CRYPTO_AUTH_SHA224_HMAC
• RTE_CRYPTO_AUTH_SHA256_HMAC
• RTE_CRYPTO_AUTH_SHA384_HMAC
• RTE_CRYPTO_AUTH_SHA512_HMAC
• RTE_CRYPTO_AUTH_AES_XCBC_MAC
• RTE_CRYPTO_AUTH_MD5_HMAC
• RTE_CRYPTO_AUTH_NULL
• RTE_CRYPTO_AUTH_KASUMI_F9
• RTE_CRYPTO_AUTH_AES_GMAC
• RTE_CRYPTO_AUTH_SNOW3G_UIA2
• RTE_CRYPTO_AUTH_ZUC_EIA3

Supported AEAD algorithms:
• RTE_CRYPTO_AEAD_AES_GCM
• RTE_CRYPTO_AEAD_AES_CCM

13.2 Limitations

• Only supports the session-oriented API implementation (session-less APIs are not supported).

• SNOW 3G (UEA2), KASUMI (F8) and ZUC (EEA3) supported only if cipher length and offset fields are byte-multiple.

• SNOW 3G (UIA2) and ZUC (EIA3) supported only if hash length and offset fields are byte-multiple.

• No BSD support as BSD QAT kernel driver not available.

• ZUC EEA3/EIA3 is not supported by dh895xcc devices

• Maximum additional authenticated data (AAD) for GCM is 240 bytes long.

• Queue pairs are not thread-safe (that is, within a single queue pair, RX and TX from different lcores is not supported).

13.3 Installation

To enable QAT in DPDK, follow the instructions for modifying the compile-time configuration file as described here.

Quick instructions are as follows:
cd to the top-level DPDK directory
make config T=x86_64-native-linuxapp-gcc
sed -i 's,\(CONFIG_RTE_LIBRTE_PMD_QAT\)=-n,\1=y,,' build/.config
make

To use the DPDK QAT PMD an SRIOV-enabled QAT kernel driver is required. The VF devices exposed by this driver will be used by the QAT PMD. The devices and available kernel drivers and device ids are:

Table 13.1: QAT device generations, devices and drivers

<table>
<thead>
<tr>
<th>Gen</th>
<th>Device</th>
<th>Driver</th>
<th>Kernel Module</th>
<th>Pci Driver</th>
<th>PF Did</th>
<th>#PFs</th>
<th>Vf Did</th>
<th>VFs/PF</th>
</tr>
</thead>
<tbody>
<tr>
<td>1</td>
<td>DH895xCC</td>
<td>01.org</td>
<td>icp_qa_al</td>
<td>n/a</td>
<td>435</td>
<td>1</td>
<td>443</td>
<td>32</td>
</tr>
<tr>
<td>1</td>
<td>DH895xCC</td>
<td>4.4+</td>
<td>qat_dh895xcc</td>
<td>dh895xcc</td>
<td>435</td>
<td>1</td>
<td>443</td>
<td>32</td>
</tr>
<tr>
<td>2</td>
<td>C62x</td>
<td>4.5+</td>
<td>qat_c62x</td>
<td>c6xx</td>
<td>37c8</td>
<td>3</td>
<td>37c9</td>
<td>16</td>
</tr>
<tr>
<td>2</td>
<td>C3xxx</td>
<td>4.5+</td>
<td>qat_c3xxx</td>
<td>c3xx</td>
<td>19e2</td>
<td>1</td>
<td>19e3</td>
<td>16</td>
</tr>
<tr>
<td>2</td>
<td>D15xx</td>
<td>p</td>
<td>qat_d15x</td>
<td>d15x</td>
<td>6f54</td>
<td>1</td>
<td>6f55</td>
<td>16</td>
</tr>
</tbody>
</table>

The Driver column indicates either the Linux kernel version in which support for this device was introduced or a driver available on Intel's 01.org website. There are both linux and 01.org kernel drivers available for some devices. p = release pending.

If you are running on a kernel which includes a driver for your device, see Installation using kernel.org driver below. Otherwise see Installation using 01.org QAT driver.

### 13.4 Installation using kernel.org driver

The examples below are based on the C62x device, if you have a different device use the corresponding values in the above table.

In BIOS ensure that SRIOV is enabled and either:

- Disable VT-d or
- Enable VT-d and set "intel_iommu=on iommu=pt" in the grub file.

Check that the QAT driver is loaded on your system, by executing:

```bash
lsmod | grep qa
```

You should see the kernel module for your device listed, e.g.:

```bash
qat_c62x 5626 0
intel_qat 82336 1 qat_c62x
```

Next, you need to expose the Virtual Functions (VFs) using the sysfs file system.

First find the BDFs (Bus-Device-Function) of the physical functions (PFs) of your device, e.g.:

```bash
lspci -d : 37c8
```

You should see output similar to:

```bash
1a:00.0 Co-processor: Intel Corporation Device 37c8
3d:00.0 Co-processor: Intel Corporation Device 37c8
3f:00.0 Co-processor: Intel Corporation Device 37c8
```

Enable the VFs for each PF by echoing the number of VFs per PF to the pci driver:

```bash
```
Check that the VFs are available for use. For example `lspci -d:37c9` should list 48 VF devices available for a C62x device.

To complete the installation follow the instructions in *Binding the available VFs to the DPDK UIO driver*.

---

**Note:** If the QAT kernel modules are not loaded and you see an error like `Failed to load MMP firmware qat_895xcc_mmp.bin` in kernel logs, this may be as a result of not using a distribution, but just updating the kernel directly.

Download firmware from the [kernel firmware repo](https://www.kernel.org/firmware).  
Copy qat binaries to `/lib/firmware`:

```bash
cp qat_895xcc.bin /lib/firmware
cp qat_895xcc_mmp.bin /lib/firmware
```

Change to your Linux source root directory and start the qat kernel modules:

```bash
insmod ./drivers/crypto/qat/qat_common/intel_qat.ko
insmod ./drivers/crypto/qat/qat_dh895xcc/qat_dh895xcc.ko
```

**Note:** If you see the following warning in `/var/log/messages` it can be ignored: `IOMMU` should be enabled for SR-IOV to work correctly.

---

### 13.5 Installation using 01.org QAT driver

Download the latest QuickAssist Technology Driver from [01.org](https://www.01.org). Consult the *Getting Started Guide* at the same URL for further information.

The steps below assume you are:

- Building on a platform with one DH895xCC device.
- Using package `qatmux.1.2.3.0-34.tgz`.
- On Fedora21 kernel `3.17.4-301.fc21.x86_64`.

In the BIOS ensure that SRIOV is enabled and VT-d is disabled.

Uninstall any existing QAT driver, for example by running:

- `./installer.sh uninstall` in the directory where originally installed.
- `rmmod qat_dh895xcc; rmmod intel_qat`.

Build and install the SRIOV-enabled QAT driver:

```bash
mkdir /QAT
cd /QAT
# Copy qatmux.1.2.3.0-34.tgz to this location
tar zxof qatmux.1.2.3.0-34.tgz
```
You can use `cat /proc/icp_dh895xcc_dev0/version` to confirm the driver is correctly installed. You can use `lspci -d:443` to confirm the of the 32 VF devices available per DH895xCC device.

To complete the installation - follow instructions in *Binding the available VFs to the DPDK UIO driver*.

**Note:** If using a later kernel and the build fails with an error relating to `strict_stroul` not being available apply the following patch:

```c
#define STR_TO_64(str, base, num, endPtr) {endPtr=NULL; if (kstrtoul((str), (base), (num))) printk("Error strtoull convert \%s\n", str); }
```

**Note:** If the build fails due to missing header files you may need to do following:

```bash
sudo yum install zlib-devel
sudo yum install openssl-devel
```

**Note:** If the build or install fails due to mismatching kernel sources you may need to do the following:

```bash
sudo yum install kernel-headers-`uname -r`
sudo yum install kernel-src-`uname -r`
sudo yum install kernel-devel-`uname -r`
```

### 13.6. Binding the available VFs to the DPDK UIO driver

Unbind the VFs from the stock driver so they can be bound to the uio driver.
13.6.1 For an Intel(R) QuickAssist Technology DH895xCC device

The unbind command below assumes BDFs of 03:01.00-03:04.07, if your VFs are different adjust the unbind command below:

```bash
for device in $(seq 1 4); do \
  for fn in $(seq 0 7); do \
    echo -n 0000:03:0${device}.${fn} > /\n    /sys/bus/pci/devices/0000\:03\:0${device}.$(fn)/driver/unbind; \
    done; \
  done
```

13.6.2 For an Intel(R) QuickAssist Technology C62x device

The unbind command below assumes BDFs of 1a:01.00-1a:02.07, 3d:01.00-3d:02.07 and 3f:01.00-3f:02.07, if your VFs are different adjust the unbind command below:

```bash
for device in $(seq 1 2); do \
  for fn in $(seq 0 7); do \
    echo -n 0000:1a:0${device}.${fn} > /\n    /sys/bus/pci/devices/0000\:1a\:0${device}.$(fn)/driver/unbind; \
    echo -n 0000:3d:0${device}.${fn} > /\n    /sys/bus/pci/devices/0000\:3d\:0${device}.$(fn)/driver/unbind; \
    echo -n 0000:3f:0${device}.${fn} > /\n    /sys/bus/pci/devices/0000\:3f\:0${device}.$(fn)/driver/unbind; \
    done; \
  done
```

13.6.3 For Intel(R) QuickAssist Technology C3xxx or D15xx device

The unbind command below assumes BDFs of 01:01.00-01:02.07, if your VFs are different adjust the unbind command below:

```bash
for device in $(seq 1 2); do \
  for fn in $(seq 0 7); do \
    echo -n 0000:01:0${device}.${fn} > /\n    /sys/bus/pci/devices/0000\:01\:0${device}.$(fn)/driver/unbind; \
    done; \
  done
```

13.6.4 Bind to the DPDK uio driver

Install the DPDK igb_uio driver, bind the VF PCI Device id to it and use lspci to confirm the VF devices are now in use by igb_uio kernel driver, e.g. for the C62x device:

```bash
cd to the top-level DPDK directory
modprobe uio
insmod ./build/kmod/igb_uio.ko
echo "8086 37c9" > /sys/bus/pci/drivers/igb_uio/new_id
lspci -vvd:37c9
```

Another way to bind the VFs to the DPDK UIO driver is by using the `dpdk-devbind.py` script:

```bash
cd to the top-level DPDK directory
./usertools/dpdk-devbind.py -b igb_uio 0000:03:01.1
```
13.7 Extra notes on KASUMI F9

When using KASUMI F9 authentication algorithm, the input buffer must be constructed according to the 3GPP KASUMI specifications (section 4.4, page 13): http://cryptome.org/3gpp/35201-900.pdf. Input buffer has to have COUNT (4 bytes), FRESH (4 bytes), MESSAGE and DIRECTION (1 bit) concatenated. After the DIRECTION bit, a single ‘1’ bit is appended, followed by between 0 and 7 ‘0’ bits, so that the total length of the buffer is multiple of 8 bits. Note that the actual message can be any length, specified in bits.

Once this buffer is passed this way, when creating the crypto operation, length of data to authenticate (op.sym.auth.data.length) must be the length of all the items described above, including the padding at the end. Also, offset of data to authenticate (op.sym.auth.data.offset) must be such that points at the start of the COUNT bytes.
The ZUC PMD (librte_pmd_zuc) provides poll mode crypto driver support for utilizing Intel Libsso library, which implements F8 and F9 functions for ZUC EEA3 cipher and EIA3 hash algorithms.

### 14.1 Features

ZUC PMD has support for:

**Cipher algorithm:**
- RTE_CRYPTO_CIPHER_ZUC_EEA3

**Authentication algorithm:**
- RTE_CRYPTO_AUTH_ZUC_EIA3

### 14.2 Limitations

- Chained mbufs are not supported.
- ZUC (EIA3) supported only if hash offset field is byte-aligned.
- ZUC (EEA3) supported only if cipher length, cipher offset fields are byte-aligned.
- ZUC PMD cannot be built as a shared library, due to limitations in the underlying library.

### 14.3 Installation

To build DPDK with the ZUC_PMD the user is required to download the export controlled libsso_zuc library, by requesting it from https://networkbuilders.intel.com/network-technologies/dpdk. Once approval has been granted, the user needs to log in https://networkbuilders.intel.com/dpdklogin and click on “ZUC Library” link, to download the library. After downloading the library, the user needs to unpack and compile it on their system before building DPDK:

```
make
```
14.4 Initialization

In order to enable this virtual crypto PMD, user must:

- Export the environmental variable LIBSSO_ZUC_PATH with the path where the library was extracted (zuc folder).

- Export the environmental variable LD_LIBRARY_PATH with the path where the built libssso library is (LIBSSO_ZUC_PATH/build).

- Build the LIBSSO_ZUC library (explained in Installation section).

- Build DPDK as follows:

  ```
  make config T=x86_64-native-linuxapp-gcc
  sed -i 's,\(CONFIG_RTE_LIBRTE_PMD_ZUC\)=n,\1=y,,' build/.config
  make
  ```

To use the PMD in an application, user must:

- Call `rte_vdev_init("crypto_zuc")` within the application.

- Use `-vdev="crypto_zuc"` in the EAL options, which will call `rte_vdev_init()` internally.

The following parameters (all optional) can be provided in the previous two calls:

- `socket_id`:: Specify the socket where the memory for the device is going to be allocated (by default, `socket_id` will be the socket where the core that is creating the PMD is running on).

- `max_nb_queue_pairs`:: Specify the maximum number of queue pairs in the device (8 by default).

- `max_nb_sessions`:: Specify the maximum number of sessions that can be created (2048 by default).

Example:

```
./l2fwd-crypto -l 1 -n 4 --vdev="crypto_zuc,socket_id=0,max_nb_sessions=128" \ 
-- -p 1 --cdev SW --chain CIPHER_ONLY --cipher_algo "zuc-eea3"
```