[PATCH v2 0/3] crypto/aesni_mb: enable out of place processing

[PATCH v2 0/3] crypto/aesni_mb: enable out of place processing

[Fan Zhang]

Add out-of-place processing, i.e. different source and
destination m_bufs, plus related capability update, tests
and documentation.

Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Signed-off-by: Paul Luse <paul.e.luse@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>

v2:
- Removed limitation of not support cipher-auth.
- Updated tests for more comprehensive test-cases.
- Splitted the patch.

Fan Zhang (3):
  crypto/aesni_mb: enable out of place processing
  test: add out of place test for AESNI-MB
  doc: update documentation

 doc/guides/cryptodevs/aesni_mb.rst          |   1 -
 doc/guides/cryptodevs/features/aesni_mb.ini |   1 +
 doc/guides/rel_notes/release_19_05.rst      |   4 +
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c  |  98 +++++++++++++-----
 test/test/test_cryptodev_aes_test_vectors.h | 150 ++++++++++++++++++++++++++++
 test/test/test_cryptodev_blockcipher.c      |  81 +++++++++++++--
 test/test/test_cryptodev_blockcipher.h      |   4 +
 test/test/test_cryptodev_des_test_vectors.h |  24 +++--
 8 files changed, 321 insertions(+), 42 deletions(-)

-- 
2.14.5

[PATCH v2 1/3] crypto/aesni_mb: enable out of place processing

[Fan Zhang]

Add out-of-place processing, i.e. different source and
destination m_bufs, plus related capability update, tests
and documentation.

Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Signed-off-by: Paul Luse <paul.e.luse@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 98 ++++++++++++++++++++++--------
 1 file changed, 71 insertions(+), 27 deletions(-)

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 48d6ac002..9ff49b3fa 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -739,6 +739,56 @@ get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op)
 	return sess;
 }
 
+static inline uint64_t
+auth_start_offset(struct rte_crypto_op *op, struct aesni_mb_session *session,
+		uint32_t oop)
+{
+	struct rte_mbuf *m_src, *m_dst;
+	uint8_t *p_src, *p_dst;
+	uint64_t u_src, u_dst;
+	uint32_t cipher_end, auth_end;
+
+	/* Only cipher then hash needs special calculation. */
+	if (!oop || session->chain_order != CIPHER_HASH)
+		return op->sym->auth.data.offset;
+
+	m_src = op->sym->m_src;
+	m_dst = op->sym->m_dst;
+
+	p_src = rte_pktmbuf_mtod(m_src, uint8_t *);
+	p_dst = rte_pktmbuf_mtod(m_dst, uint8_t *);
+	u_src = (uint64_t)p_src;
+	u_dst = (uint64_t)p_dst + op->sym->auth.data.offset;
+
+	/**
+	 * Copy the content between cipher offset and auth offset for generating
+	 * correct digest.
+	 */
+	if (op->sym->cipher.data.offset > op->sym->auth.data.offset)
+		memcpy(p_dst + op->sym->auth.data.offset,
+				p_src + op->sym->auth.data.offset,
+				op->sym->cipher.data.offset -
+				op->sym->auth.data.offset);
+
+	/**
+	 * Copy the content between (cipher offset + length) and (auth offset +
+	 * length) for generating correct digest
+	 */
+	cipher_end = op->sym->cipher.data.offset + op->sym->cipher.data.length;
+	auth_end = op->sym->auth.data.offset + op->sym->auth.data.length;
+	if (cipher_end < auth_end)
+		memcpy(p_dst + cipher_end, p_src + cipher_end,
+				auth_end - cipher_end);
+
+	/**
+	 * Since intel-ipsec-mb only supports positive values,
+	 * we need to deduct the correct offset between src and dst.
+	 */
+
+	return u_src < u_dst ? (u_dst - u_src) :
+			(UINT64_MAX - u_src + u_dst + 1);
+}
+
 /**
  * Process a crypto operation and complete a JOB_AES_HMAC job structure for
  * submission to the multi buffer library for processing.
@@ -757,7 +807,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 {
 	struct rte_mbuf *m_src = op->sym->m_src, *m_dst;
 	struct aesni_mb_session *session;
-	uint16_t m_offset = 0;
+	uint32_t m_offset, oop;
 
 	session = get_session(qp, op);
 	if (session == NULL) {
@@ -840,31 +890,22 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 		}
 	}
 
-	/* Mutable crypto operation parameters */
-	if (op->sym->m_dst) {
-		m_src = m_dst = op->sym->m_dst;
-
-		/* append space for output data to mbuf */
-		char *odata = rte_pktmbuf_append(m_dst,
-				rte_pktmbuf_data_len(op->sym->m_src));
-		if (odata == NULL) {
-			AESNI_MB_LOG(ERR, "failed to allocate space in destination "
-					"mbuf for source data");
-			op->status = RTE_CRYPTO_OP_STATUS_ERROR;
-			return -1;
-		}
-
-		memcpy(odata, rte_pktmbuf_mtod(op->sym->m_src, void*),
-				rte_pktmbuf_data_len(op->sym->m_src));
-	} else {
+	if (!op->sym->m_dst || op->sym->m_dst == op->sym->m_src) {
+		/* in-place operation */
 		m_dst = m_src;
-		if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
-				session->cipher.mode == GCM))
-			m_offset = op->sym->aead.data.offset;
-		else
-			m_offset = op->sym->cipher.data.offset;
+		oop = 0;
+	} else {
+		/* out-of-place operation */
+		m_dst = op->sym->m_dst;
+		oop = 1;
 	}
 
+	if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+			session->cipher.mode == GCM))
+		m_offset = op->sym->aead.data.offset;
+	else
+		m_offset = op->sym->cipher.data.offset;
+
 	/* Set digest output location */
 	if (job->hash_alg != NULL_HASH &&
 			session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -893,7 +934,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 	/* Set IV parameters */
 	job->iv_len_in_bytes = session->iv.length;
 
-	/* Data  Parameter */
+	/* Data Parameters */
 	job->src = rte_pktmbuf_mtod(m_src, uint8_t *);
 	job->dst = rte_pktmbuf_mtod_offset(m_dst, uint8_t *, m_offset);
 
@@ -937,7 +978,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 				op->sym->cipher.data.offset;
 		job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
 
-		job->hash_start_src_offset_in_bytes = op->sym->auth.data.offset;
+		job->hash_start_src_offset_in_bytes = auth_start_offset(op,
+				session, oop);
 		job->msg_len_to_hash_in_bytes = op->sym->auth.data.length;
 
 		job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
@@ -962,7 +1004,7 @@ static inline void
 generate_digest(JOB_AES_HMAC *job, struct rte_crypto_op *op,
 		struct aesni_mb_session *sess)
 {
-	/* No extra copy neeed */
+	/* No extra copy needed */
 	if (likely(sess->auth.req_digest_len == sess->auth.gen_digest_len))
 		return;
 
@@ -1217,7 +1259,9 @@ cryptodev_aesni_mb_create(const char *name,
 
 	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
-			RTE_CRYPTODEV_FF_CPU_AESNI;
+			RTE_CRYPTODEV_FF_CPU_AESNI |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
+
 
 	mb_mgr = alloc_mb_mgr(0);
 	if (mb_mgr == NULL)
-- 
2.14.5

[PATCH v2 2/3] test: add out of place test for AESNI-MB

[Fan Zhang]

This patch updates the unit test to enable AESNI-MB PMD
out-of-place tests. A special test type that swap both
the source and destination buffer is added for a more
comprehensive test set to take place.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 test/test/test_cryptodev_aes_test_vectors.h | 150 ++++++++++++++++++++++++++++
 test/test/test_cryptodev_blockcipher.c      |  81 +++++++++++++--
 test/test/test_cryptodev_blockcipher.h      |   4 +
 test/test/test_cryptodev_des_test_vectors.h |  24 +++--
 4 files changed, 245 insertions(+), 14 deletions(-)

diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index 6dd8e5f96..3ccb6fd43 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1160,6 +1160,67 @@ static const struct blockcipher_test_data aes_test_data_docsis_3 = {
 	}
 };
 
+static const uint8_t
+cipher_aescbc_offset_16[] = {
+	0x57, 0x68, 0x61, 0x74, 0x20, 0x61, 0x20, 0x6C,
+	0x6F, 0x75, 0x73, 0x79, 0x20, 0x65, 0x61, 0x72,
+	0x68, 0x2A, 0x6A, 0x82, 0xE0, 0x73, 0xC7, 0x51,
+	0x81, 0xF4, 0x47, 0x27, 0x1A, 0xEF, 0x76, 0x15,
+	0x1C, 0xE1, 0x38, 0x5F, 0xE1, 0x81, 0x77, 0xC7,
+	0x8B, 0xF0, 0x69, 0xC3, 0x3C, 0x45, 0x1C, 0x0A,
+	0xA3, 0x93, 0xBF, 0x60, 0x57, 0x88, 0xD2, 0xFF,
+	0xE1, 0x8F, 0xC0, 0x64, 0x2C, 0x42, 0xC5, 0x22,
+	0xE3, 0x5F, 0x71, 0x1F, 0xF7, 0x62, 0xA2, 0x7E,
+	0x0D, 0x42, 0xD9, 0xE7, 0xF3, 0x10, 0xB0, 0xEE,
+};
+
+/** AES-128-CBC SHA1 OOP test vector for swapping src/dst */
+static const struct blockcipher_test_data aes_test_data_14 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
+	.cipher_key = {
+		.data = {
+			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
+			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A
+		},
+		.len = 16
+	},
+	.iv = {
+		.data = {
+			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes_common,
+		.len = 80
+	},
+	.cipher_offset = 16,
+	.auth_offset = 0,
+	.ciphertext = {
+		.data = cipher_aescbc_offset_16,
+		.len = 80
+	},
+	.auth_algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+	.auth_key = {
+		.data = {
+			0xF8, 0x2A, 0xC7, 0x54, 0xDB, 0x96, 0x18, 0xAA,
+			0xC3, 0xA1, 0x53, 0xF6, 0x1F, 0x17, 0x60, 0xBD,
+			0xDE, 0xF4, 0xDE, 0xAD
+		},
+		.len = 20
+	},
+	.digest = {
+		.data = {
+			0xCC, 0x15, 0x83, 0xF7, 0x23, 0x87, 0x96, 0xA7,
+			0x29, 0x34, 0x32, 0xE4, 0x4C, 0x06, 0xE8, 0xEB,
+			0x70, 0x72, 0x4B, 0xAD
+		},
+		.len = 20,
+		.truncated_len = 12
+	}
+};
+
 static const struct blockcipher_test_case aes_chain_test_cases[] = {
 	{
 		.test_descr = "AES-128-CTR HMAC-SHA1 Encryption Digest",
@@ -1471,8 +1532,18 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
+	{
+		.test_descr = "AES-128-CBC HMAC-SHA1 Encryption Digest "
+			"OOP Swap MBUF",
+		.test_data = &aes_test_data_14,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
 			"Verify OOP",
@@ -1487,6 +1558,15 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
+	{
+		.test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
+			"Verify OOP Swap MBUF",
+		.test_data = &aes_test_data_4,
+		.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA224 Encryption Digest",
 		.test_data = &aes_test_data_8,
@@ -1700,6 +1780,14 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
 	},
+	{
+		.test_descr = "AES-256-CBC OOP Encryption Swap MBUF",
+		.test_data = &aes_test_data_11,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-256-CBC OOP Decryption",
 		.test_data = &aes_test_data_11,
@@ -1713,6 +1801,14 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
 	},
+	{
+		.test_descr = "AES-256-CBC OOP Decryption Swap MBUF",
+		.test_data = &aes_test_data_11,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-128-CTR Encryption",
 		.test_data = &aes_test_data_1,
@@ -1875,6 +1971,15 @@ static const struct blockcipher_test_case aes_docsis_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
 	},
+	{
+		.test_descr = "AES-DOCSIS-BPI OOP Full Block Encryption "
+				"Swap MBUF",
+		.test_data = &aes_test_data_docsis_1,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Runt Block Encryption",
 		.test_data = &aes_test_data_docsis_2,
@@ -1882,6 +1987,15 @@ static const struct blockcipher_test_case aes_docsis_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
 	},
+	{
+		.test_descr = "AES-DOCSIS-BPI OOP Runt Block Encryption "
+				"Swap MBUF",
+		.test_data = &aes_test_data_docsis_2,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Uneven Block Encryption",
 		.test_data = &aes_test_data_docsis_3,
@@ -1889,6 +2003,15 @@ static const struct blockcipher_test_case aes_docsis_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
 	},
+	{
+		.test_descr = "AES-DOCSIS-BPI OOP Uneven Block Encryption "
+				"Swap MBUF",
+		.test_data = &aes_test_data_docsis_3,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Full Block Decryption",
 		.test_data = &aes_test_data_docsis_1,
@@ -1896,6 +2019,15 @@ static const struct blockcipher_test_case aes_docsis_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
 	},
+	{
+		.test_descr = "AES-DOCSIS-BPI OOP Full Block Decryption "
+				"Swap MBUF",
+		.test_data = &aes_test_data_docsis_1,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Runt Block Decryption",
 		.test_data = &aes_test_data_docsis_2,
@@ -1903,12 +2035,30 @@ static const struct blockcipher_test_case aes_docsis_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
 	},
+	{
+		.test_descr = "AES-DOCSIS-BPI OOP Runt Block Decryption "
+				"Swap MBUF",
+		.test_data = &aes_test_data_docsis_2,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Uneven Block Decryption",
 		.test_data = &aes_test_data_docsis_3,
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-DOCSIS-BPI OOP Uneven Block Decryption "
+				"Swap MBUF",
+		.test_data = &aes_test_data_docsis_3,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP |
+			BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB
 	}
 };
 #endif /* TEST_CRYPTODEV_AES_TEST_VECTORS_H_ */
diff --git a/test/test/test_cryptodev_blockcipher.c b/test/test/test_cryptodev_blockcipher.c
index 1f0689114..6fa7f18d5 100644
--- a/test/test/test_cryptodev_blockcipher.c
+++ b/test/test/test_cryptodev_blockcipher.c
@@ -79,13 +79,26 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 			RTE_STR(CRYPTODEV_NAME_OCTEONTX_SYM_PMD));
 
 	int nb_segs = 1;
+	uint32_t nb_iterates = 0;
 
 	rte_cryptodev_info_get(dev_id, &dev_info);
 
+	if ((t->feature_mask & BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP) &&
+			!(t->feature_mask && BLOCKCIPHER_TEST_FEATURE_OOP)) {
+		printf("M_src/m_dst iteration test only works with OOP test\n");
+		return 0;
+	}
+
 	if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SG) {
 		uint64_t feat_flags = dev_info.feature_flags;
 		uint64_t oop_flag = RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT;
 
+		if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP) {
+			printf("M_src/m_dst iteration test does not support "
+				"Scatter-gather list\n");
+			return -1;
+		}
+
 		if (t->feature_mask && BLOCKCIPHER_TEST_FEATURE_OOP) {
 			if (!(feat_flags & oop_flag)) {
 				printf("Device doesn't support out-of-place "
@@ -201,6 +214,49 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 
 	sym_op = op->sym;
 
+iterate:
+	if ((t->feature_mask & BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP) &&
+			nb_iterates) {
+		struct rte_mbuf *tmp_buf = ibuf;
+
+		ibuf = obuf;
+		obuf = tmp_buf;
+
+		rte_pktmbuf_reset(ibuf);
+		rte_pktmbuf_reset(obuf);
+
+		rte_pktmbuf_append(ibuf, tdata->ciphertext.len);
+
+		/* only encryption requires plaintext.data input,
+		 * decryption/(digest gen)/(digest verify) use ciphertext.data
+		 * to be computed
+		 */
+		if (t->op_mask & BLOCKCIPHER_TEST_OP_ENCRYPT)
+			pktmbuf_write(ibuf, 0, tdata->plaintext.len,
+					tdata->plaintext.data);
+		else
+			pktmbuf_write(ibuf, 0, tdata->ciphertext.len,
+					tdata->ciphertext.data);
+
+		buf_p = rte_pktmbuf_append(ibuf, digest_len);
+		if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY)
+			rte_memcpy(buf_p, tdata->digest.data, digest_len);
+		else
+			memset(buf_p, 0, digest_len);
+
+		memset(obuf->buf_addr, dst_pattern, obuf->buf_len);
+
+		buf_p = rte_pktmbuf_append(obuf, buf_len);
+		if (!buf_p) {
+			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
+				"FAILED: %s", __LINE__,
+				"No room to append mbuf");
+			status = TEST_FAILED;
+			goto error_exit;
+		}
+		memset(buf_p, 0, buf_len);
+	}
+
 	sym_op->m_src = ibuf;
 
 	if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
@@ -307,8 +363,9 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 		cipher_xform->cipher.iv.offset = IV_OFFSET;
 		cipher_xform->cipher.iv.length = tdata->iv.len;
 
-		sym_op->cipher.data.offset = 0;
-		sym_op->cipher.data.length = tdata->ciphertext.len;
+		sym_op->cipher.data.offset = tdata->cipher_offset;
+		sym_op->cipher.data.length = tdata->ciphertext.len -
+				tdata->cipher_offset;
 		rte_memcpy(rte_crypto_op_ctod_offset(op, uint8_t *, IV_OFFSET),
 				tdata->iv.data,
 				tdata->iv.len);
@@ -339,12 +396,17 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 					digest_offset);
 		}
 
-		sym_op->auth.data.offset = 0;
-		sym_op->auth.data.length = tdata->ciphertext.len;
+		sym_op->auth.data.offset = tdata->auth_offset;
+		sym_op->auth.data.length = tdata->ciphertext.len -
+				tdata->auth_offset;
 	}
 
-	/* create session for sessioned op */
-	if (!(t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS)) {
+	/**
+	 * Create session for sessioned op. For mbuf iteration test,
+	 * skip the session creation for the second iteration.
+	 */
+	if (!(t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) &&
+			nb_iterates == 0) {
 		sess = rte_cryptodev_sym_session_create(sess_mpool);
 
 		rte_cryptodev_sym_session_init(dev_id, sess, init_xform,
@@ -524,6 +586,13 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 				goto error_exit;
 			}
 		}
+
+		if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP) {
+			if (!nb_iterates) {
+				nb_iterates++;
+				goto iterate;
+			}
+		}
 	} else {
 		/* In-place operation */
 		struct rte_mbuf *mbuf;
diff --git a/test/test/test_cryptodev_blockcipher.h b/test/test/test_cryptodev_blockcipher.h
index 5c22d5da6..7fda922f2 100644
--- a/test/test/test_cryptodev_blockcipher.h
+++ b/test/test/test_cryptodev_blockcipher.h
@@ -18,6 +18,7 @@
 #define BLOCKCIPHER_TEST_FEATURE_SESSIONLESS	0x02
 #define BLOCKCIPHER_TEST_FEATURE_STOPPER	0x04 /* stop upon failing */
 #define BLOCKCIPHER_TEST_FEATURE_SG		0x08 /* Scatter Gather */
+#define BLOCKCIPHER_TEST_FEATURE_EXCHANGE_OOP	0x10 /* Swap m_src/m_dst */
 
 #define BLOCKCIPHER_TEST_TARGET_PMD_MB		0x0001 /* Multi-buffer flag */
 #define BLOCKCIPHER_TEST_TARGET_PMD_QAT			0x0002 /* QAT flag */
@@ -98,6 +99,9 @@ struct blockcipher_test_data {
 		unsigned int len;		/* for qat */
 		unsigned int truncated_len;	/* for mb */
 	} digest;
+
+	unsigned int cipher_offset;
+	unsigned int auth_offset;
 };
 
 int
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index f1b8cbd45..a71b0e902 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -1016,7 +1016,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Runt Block Encryption",
@@ -1024,7 +1025,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Uneven Encryption",
@@ -1032,7 +1034,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Full Block Decryption",
@@ -1040,7 +1043,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Runt Block Decryption",
@@ -1048,7 +1052,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Uneven Decryption",
@@ -1056,7 +1061,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	}
 };
 
@@ -1200,7 +1206,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1212,7 +1219,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
-- 
2.14.5

[PATCH v2 3/3] doc: update documentation

[Fan Zhang]

This patch updates the documentation for the newly supported
AESNI-MB PMD out-of-place operation feature.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 doc/guides/cryptodevs/aesni_mb.rst          | 1 -
 doc/guides/cryptodevs/features/aesni_mb.ini | 1 +
 doc/guides/rel_notes/release_19_05.rst      | 4 ++++
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 47f2ecc2f..55aa7cd94 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -56,7 +56,6 @@ Limitations
 -----------
 
 * Chained mbufs are not supported.
-* Only in-place is currently supported (destination address is the same as source address).
 * RTE_CRYPTO_AEAD_AES_GCM only works properly when the multi-buffer library is
   0.51.0 or newer.
 * RTE_CRYPTO_HASH_AES_GMAC is supported by library version v0.51 or later.
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index f72957451..93a534f19 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -11,6 +11,7 @@ CPU AVX                = Y
 CPU AVX2               = Y
 CPU AVX512             = Y
 CPU AESNI              = Y
+OOP LB  In LB  Out     = Y
 
 ;
 ; Supported crypto algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_19_05.rst b/doc/guides/rel_notes/release_19_05.rst
index 2b0f60d3d..33067013f 100644
--- a/doc/guides/rel_notes/release_19_05.rst
+++ b/doc/guides/rel_notes/release_19_05.rst
@@ -65,6 +65,10 @@ New Features
     process.
   * Added support for Rx packet types list in a secondary process.
 
+* **Updated AESNI-MB PMD.**
+
+  Updated AESNI-MB PMD for supporting out-of-place operations.
+
 
 Removed Items
 -------------
-- 
2.14.5

Re: [PATCH v2 1/3] crypto/aesni_mb: enable out of place processing

[Trahe, Fiona]

> -----Original Message-----
> From: Zhang, Roy Fan
> Sent: Thursday, February 28, 2019 11:36 AM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>; Trahe, Fiona <fiona.trahe@intel.com>; Luse, Paul E
> <paul.e.luse@intel.com>
> Subject: [PATCH v2 1/3] crypto/aesni_mb: enable out of place processing
> 
> Add out-of-place processing, i.e. different source and
> destination m_bufs, plus related capability update, tests
> and documentation.
> 
> Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
> Signed-off-by: Paul Luse <paul.e.luse@intel.com>
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

Re: [PATCH v2 2/3] test: add out of place test for AESNI-MB

[Trahe, Fiona]

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fan Zhang
> Sent: Thursday, February 28, 2019 11:36 AM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>
> Subject: [dpdk-dev] [PATCH v2 2/3] test: add out of place test for AESNI-MB
> 
> This patch updates the unit test to enable AESNI-MB PMD
> out-of-place tests. A special test type that swap both
> the source and destination buffer is added for a more
> comprehensive test set to take place.
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

Re: [PATCH v2 3/3] doc: update documentation

[Trahe, Fiona]

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fan Zhang
> Sent: Thursday, February 28, 2019 11:36 AM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>
> Subject: [dpdk-dev] [PATCH v2 3/3] doc: update documentation
> 
> This patch updates the documentation for the newly supported
> AESNI-MB PMD out-of-place operation feature.
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

Re: [PATCH v2 1/3] crypto/aesni_mb: enable out of place processing

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Zhang, Roy Fan
> Sent: Thursday, February 28, 2019 11:36 AM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; De
> Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Trahe, Fiona
> <fiona.trahe@intel.com>; Luse, Paul E <paul.e.luse@intel.com>
> Subject: [PATCH v2 1/3] crypto/aesni_mb: enable out of place processing
> 
> Add out-of-place processing, i.e. different source and destination m_bufs,
> plus related capability update, tests and documentation.
> 
> Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
> Signed-off-by: Paul Luse <paul.e.luse@intel.com>
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 98
> ++++++++++++++++++++++--------
>  1 file changed, 71 insertions(+), 27 deletions(-)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> index 48d6ac002..9ff49b3fa 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> @@ -739,6 +739,56 @@ get_session(struct aesni_mb_qp *qp, struct
> rte_crypto_op *op)
>  	return sess;
>  }
> 
> +static inline uint64_t
> +auth_start_offset(struct rte_crypto_op *op, struct aesni_mb_session
> *session,
> +		uint32_t oop)
> +{
> +	struct rte_mbuf *m_src, *m_dst;
> +	uint8_t *p_src, *p_dst;
> +	uint64_t u_src, u_dst;
> +	uint32_t cipher_end, auth_end;
> +
> +	/* Only cipher then hash needs special calculation. */
> +	if (!oop || session->chain_order != CIPHER_HASH)
> +		return op->sym->auth.data.offset;
> +
> +	m_src = op->sym->m_src;
> +	m_dst = op->sym->m_dst;
> +
> +	p_src = rte_pktmbuf_mtod(m_src, uint8_t *);
> +	p_dst = rte_pktmbuf_mtod(m_dst, uint8_t *);
> +	u_src = (uint64_t)p_src;
> +	u_dst = (uint64_t)p_dst + op->sym->auth.data.offset;

Better to use (uintptr_t) instead of uint64_t.


...

> -
> -		memcpy(odata, rte_pktmbuf_mtod(op->sym->m_src, void*),
> -				rte_pktmbuf_data_len(op->sym->m_src));
> -	} else {
> +	if (!op->sym->m_dst || op->sym->m_dst == op->sym->m_src) {

Better to add parenthesis on the second part of this "or" condition.

Apart from this:

Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

Re: [PATCH v2 3/3] doc: update documentation

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Zhang, Roy Fan
> Sent: Thursday, February 28, 2019 11:36 AM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; De
> Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Subject: [PATCH v2 3/3] doc: update documentation

I think you can merge this patch with patch 1.

> 
> This patch updates the documentation for the newly supported AESNI-MB
> PMD out-of-place operation feature.
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>

...

> +++ b/doc/guides/rel_notes/release_19_05.rst
> @@ -65,6 +65,10 @@ New Features
>      process.
>    * Added support for Rx packet types list in a secondary process.
> 
> +* **Updated AESNI-MB PMD.**
> +
> +  Updated AESNI-MB PMD for supporting out-of-place operations.

Better to simply state "Added support for out-of-place operations", to avoid redundancy.

> +
> 
>  Removed Items
>  -------------
> --
> 2.14.5

[PATCH v3 0/2] crypto/aesni_mb: enable out of place processing

[Fan Zhang]

Add out-of-place processing, i.e. different source and
destination m_bufs, plus related capability update, tests
and documentation.

Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Signed-off-by: Paul Luse <paul.e.luse@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>

v3:
- Updated unit test, enable src-dst swap test for all oop tests.
- Merged patches.
- Updated documentation.
- Several code changes based on Pablo's comments.

v2:
- Removed limitation of not support cipher-auth.
- Updated tests for more comprehensive test-cases.
- Splitted the patch.

Fan Zhang (2):
  crypto/aesni_mb: enable out of place processing
  test: add out of place test for AESNI-MB

 app/test/test_cryptodev_aes_test_vectors.h  | 110 +++++++++++++++++++++++++---
 app/test/test_cryptodev_blockcipher.c       |  83 ++++++++++++++++++---
 app/test/test_cryptodev_blockcipher.h       |   3 +
 app/test/test_cryptodev_des_test_vectors.h  |  24 ++++--
 doc/guides/cryptodevs/aesni_mb.rst          |   1 -
 doc/guides/cryptodevs/features/aesni_mb.ini |   1 +
 doc/guides/rel_notes/release_19_05.rst      |   4 +
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c  | 102 +++++++++++++++++++-------
 8 files changed, 270 insertions(+), 58 deletions(-)

-- 
2.14.5

[PATCH v3 1/2] crypto/aesni_mb: enable out of place processing

[Fan Zhang]

Add out-of-place processing, i.e. different source and
destination m_bufs, plus related capability update, tests
and documentation.

Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Signed-off-by: Paul Luse <paul.e.luse@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 doc/guides/cryptodevs/aesni_mb.rst          |   1 -
 doc/guides/cryptodevs/features/aesni_mb.ini |   1 +
 doc/guides/rel_notes/release_19_05.rst      |   4 ++
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c  | 102 ++++++++++++++++++++--------
 4 files changed, 80 insertions(+), 28 deletions(-)

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 47f2ecc2f..55aa7cd94 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -56,7 +56,6 @@ Limitations
 -----------
 
 * Chained mbufs are not supported.
-* Only in-place is currently supported (destination address is the same as source address).
 * RTE_CRYPTO_AEAD_AES_GCM only works properly when the multi-buffer library is
   0.51.0 or newer.
 * RTE_CRYPTO_HASH_AES_GMAC is supported by library version v0.51 or later.
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index f72957451..93a534f19 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -11,6 +11,7 @@ CPU AVX                = Y
 CPU AVX2               = Y
 CPU AVX512             = Y
 CPU AESNI              = Y
+OOP LB  In LB  Out     = Y
 
 ;
 ; Supported crypto algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_19_05.rst b/doc/guides/rel_notes/release_19_05.rst
index bbc5e5b61..3749ed758 100644
--- a/doc/guides/rel_notes/release_19_05.rst
+++ b/doc/guides/rel_notes/release_19_05.rst
@@ -91,6 +91,10 @@ New Features
 
   * Added promiscuous mode support.
 
+* **Updated AESNI-MB PMD.**
+
+  Added support for out-of-place operations.
+
 
 Removed Items
 -------------
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 48d6ac002..8bcfe7939 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -739,6 +739,56 @@ get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op)
 	return sess;
 }
 
+static inline uint64_t
+auth_start_offset(struct rte_crypto_op *op, struct aesni_mb_session *session,
+		uint32_t oop)
+{
+	struct rte_mbuf *m_src, *m_dst;
+	uint8_t *p_src, *p_dst;
+	uintptr_t u_src, u_dst;
+	uint32_t cipher_end, auth_end;
+
+	/* Only cipher then hash needs special calculation. */
+	if (!oop || session->chain_order != CIPHER_HASH)
+		return op->sym->auth.data.offset;
+
+	m_src = op->sym->m_src;
+	m_dst = op->sym->m_dst;
+
+	p_src = rte_pktmbuf_mtod(m_src, uint8_t *);
+	p_dst = rte_pktmbuf_mtod(m_dst, uint8_t *);
+	u_src = (uintptr_t)p_src;
+	u_dst = (uintptr_t)p_dst + op->sym->auth.data.offset;
+
+	/**
+	 * Copy the content between cipher offset and auth offset for generating
+	 * correct digest.
+	 */
+	if (op->sym->cipher.data.offset > op->sym->auth.data.offset)
+		memcpy(p_dst + op->sym->auth.data.offset,
+				p_src + op->sym->auth.data.offset,
+				op->sym->cipher.data.offset -
+				op->sym->auth.data.offset);
+
+	/**
+	 * Copy the content between (cipher offset + length) and (auth offset +
+	 * length) for generating correct digest
+	 */
+	cipher_end = op->sym->cipher.data.offset + op->sym->cipher.data.length;
+	auth_end = op->sym->auth.data.offset + op->sym->auth.data.length;
+	if (cipher_end < auth_end)
+		memcpy(p_dst + cipher_end, p_src + cipher_end,
+				auth_end - cipher_end);
+
+	/**
+	 * Since intel-ipsec-mb only supports positive values,
+	 * we need to deduct the correct offset between src and dst.
+	 */
+
+	return u_src < u_dst ? (u_dst - u_src) :
+			(UINT64_MAX - u_src + u_dst + 1);
+}
+
 /**
  * Process a crypto operation and complete a JOB_AES_HMAC job structure for
  * submission to the multi buffer library for processing.
@@ -757,7 +807,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 {
 	struct rte_mbuf *m_src = op->sym->m_src, *m_dst;
 	struct aesni_mb_session *session;
-	uint16_t m_offset = 0;
+	uint32_t m_offset, oop;
 
 	session = get_session(qp, op);
 	if (session == NULL) {
@@ -840,31 +890,26 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 		}
 	}
 
-	/* Mutable crypto operation parameters */
-	if (op->sym->m_dst) {
-		m_src = m_dst = op->sym->m_dst;
-
-		/* append space for output data to mbuf */
-		char *odata = rte_pktmbuf_append(m_dst,
-				rte_pktmbuf_data_len(op->sym->m_src));
-		if (odata == NULL) {
-			AESNI_MB_LOG(ERR, "failed to allocate space in destination "
-					"mbuf for source data");
-			op->status = RTE_CRYPTO_OP_STATUS_ERROR;
-			return -1;
-		}
-
-		memcpy(odata, rte_pktmbuf_mtod(op->sym->m_src, void*),
-				rte_pktmbuf_data_len(op->sym->m_src));
-	} else {
+	if (!op->sym->m_dst) {
+		/* in-place operation */
 		m_dst = m_src;
-		if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
-				session->cipher.mode == GCM))
-			m_offset = op->sym->aead.data.offset;
-		else
-			m_offset = op->sym->cipher.data.offset;
+		oop = 0;
+	} else if (op->sym->m_dst == op->sym->m_src) {
+		/* in-place operation */
+		m_dst = m_src;
+		oop = 0;
+	} else {
+		/* out-of-place operation */
+		m_dst = op->sym->m_dst;
+		oop = 1;
 	}
 
+	if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+			session->cipher.mode == GCM))
+		m_offset = op->sym->aead.data.offset;
+	else
+		m_offset = op->sym->cipher.data.offset;
+
 	/* Set digest output location */
 	if (job->hash_alg != NULL_HASH &&
 			session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -893,7 +938,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 	/* Set IV parameters */
 	job->iv_len_in_bytes = session->iv.length;
 
-	/* Data  Parameter */
+	/* Data Parameters */
 	job->src = rte_pktmbuf_mtod(m_src, uint8_t *);
 	job->dst = rte_pktmbuf_mtod_offset(m_dst, uint8_t *, m_offset);
 
@@ -937,7 +982,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 				op->sym->cipher.data.offset;
 		job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
 
-		job->hash_start_src_offset_in_bytes = op->sym->auth.data.offset;
+		job->hash_start_src_offset_in_bytes = auth_start_offset(op,
+				session, oop);
 		job->msg_len_to_hash_in_bytes = op->sym->auth.data.length;
 
 		job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
@@ -962,7 +1008,7 @@ static inline void
 generate_digest(JOB_AES_HMAC *job, struct rte_crypto_op *op,
 		struct aesni_mb_session *sess)
 {
-	/* No extra copy neeed */
+	/* No extra copy needed */
 	if (likely(sess->auth.req_digest_len == sess->auth.gen_digest_len))
 		return;
 
@@ -1217,7 +1263,9 @@ cryptodev_aesni_mb_create(const char *name,
 
 	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
-			RTE_CRYPTODEV_FF_CPU_AESNI;
+			RTE_CRYPTODEV_FF_CPU_AESNI |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
+
 
 	mb_mgr = alloc_mb_mgr(0);
 	if (mb_mgr == NULL)
-- 
2.14.5

[PATCH v3 2/2] test: add out of place test for AESNI-MB

[Fan Zhang]

This patch updates the unit test to enable AESNI-MB PMD
out-of-place tests. A special test type that swap both
the source and destination buffer is added for a more
comprehensive test set to take place.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
---
 app/test/test_cryptodev_aes_test_vectors.h | 110 ++++++++++++++++++++++++++---
 app/test/test_cryptodev_blockcipher.c      |  83 ++++++++++++++++++----
 app/test/test_cryptodev_blockcipher.h      |   3 +
 app/test/test_cryptodev_des_test_vectors.h |  24 ++++---
 4 files changed, 190 insertions(+), 30 deletions(-)

diff --git a/app/test/test_cryptodev_aes_test_vectors.h b/app/test/test_cryptodev_aes_test_vectors.h
index 6dd8e5f96..3d3c7313b 100644
--- a/app/test/test_cryptodev_aes_test_vectors.h
+++ b/app/test/test_cryptodev_aes_test_vectors.h
@@ -1160,8 +1160,78 @@ static const struct blockcipher_test_data aes_test_data_docsis_3 = {
 	}
 };
 
+static const uint8_t
+cipher_aescbc_offset_16[] = {
+	0x57, 0x68, 0x61, 0x74, 0x20, 0x61, 0x20, 0x6C,
+	0x6F, 0x75, 0x73, 0x79, 0x20, 0x65, 0x61, 0x72,
+	0x68, 0x2A, 0x6A, 0x82, 0xE0, 0x73, 0xC7, 0x51,
+	0x81, 0xF4, 0x47, 0x27, 0x1A, 0xEF, 0x76, 0x15,
+	0x1C, 0xE1, 0x38, 0x5F, 0xE1, 0x81, 0x77, 0xC7,
+	0x8B, 0xF0, 0x69, 0xC3, 0x3C, 0x45, 0x1C, 0x0A,
+	0xA3, 0x93, 0xBF, 0x60, 0x57, 0x88, 0xD2, 0xFF,
+	0xE1, 0x8F, 0xC0, 0x64, 0x2C, 0x42, 0xC5, 0x22,
+	0xE3, 0x5F, 0x71, 0x1F, 0xF7, 0x62, 0xA2, 0x7E,
+	0x0D, 0x42, 0xD9, 0xE7, 0xF3, 0x10, 0xB0, 0xEE,
+};
+
+/** AES-128-CBC SHA1 OOP test vector for swapping src/dst */
+static const struct blockcipher_test_data aes_test_data_14 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
+	.cipher_key = {
+		.data = {
+			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
+			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A
+		},
+		.len = 16
+	},
+	.iv = {
+		.data = {
+			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes_common,
+		.len = 80
+	},
+	.cipher_offset = 16,
+	.auth_offset = 0,
+	.ciphertext = {
+		.data = cipher_aescbc_offset_16,
+		.len = 80
+	},
+	.auth_algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+	.auth_key = {
+		.data = {
+			0xF8, 0x2A, 0xC7, 0x54, 0xDB, 0x96, 0x18, 0xAA,
+			0xC3, 0xA1, 0x53, 0xF6, 0x1F, 0x17, 0x60, 0xBD,
+			0xDE, 0xF4, 0xDE, 0xAD
+		},
+		.len = 20
+	},
+	.digest = {
+		.data = {
+			0xCC, 0x15, 0x83, 0xF7, 0x23, 0x87, 0x96, 0xA7,
+			0x29, 0x34, 0x32, 0xE4, 0x4C, 0x06, 0xE8, 0xEB,
+			0x70, 0x72, 0x4B, 0xAD
+		},
+		.len = 20,
+		.truncated_len = 12
+	}
+};
+
 static const struct blockcipher_test_case aes_chain_test_cases[] = {
 	{
+		.test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
+			"Verify OOP Offset",
+		.test_data = &aes_test_data_14,
+		.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+		{
 		.test_descr = "AES-128-CTR HMAC-SHA1 Encryption Digest",
 		.test_data = &aes_test_data_1,
 		.op_mask = BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN,
@@ -1471,8 +1541,18 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
+	{
+		.test_descr = "AES-128-CBC HMAC-SHA1 Encryption Digest "
+			"OOP Offset",
+		.test_data = &aes_test_data_14,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN,
+		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
 			"Verify OOP",
@@ -1485,7 +1565,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
-			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
+			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA224 Encryption Digest",
@@ -1698,7 +1779,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
-			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
+			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "AES-256-CBC OOP Decryption",
@@ -1711,7 +1793,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
-			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
+			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "AES-128-CTR Encryption",
@@ -1873,42 +1956,49 @@ static const struct blockcipher_test_case aes_docsis_test_cases[] = {
 		.test_data = &aes_test_data_docsis_1,
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
-		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Runt Block Encryption",
 		.test_data = &aes_test_data_docsis_2,
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
-		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
+
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Uneven Block Encryption",
 		.test_data = &aes_test_data_docsis_3,
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
-		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Full Block Decryption",
 		.test_data = &aes_test_data_docsis_1,
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
-		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Runt Block Decryption",
 		.test_data = &aes_test_data_docsis_2,
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
-		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "AES-DOCSIS-BPI OOP Uneven Block Decryption",
 		.test_data = &aes_test_data_docsis_3,
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
-		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
-	}
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
+	},
 };
 #endif /* TEST_CRYPTODEV_AES_TEST_VECTORS_H_ */
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 1f0689114..cdbdcce1e 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -79,6 +79,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 			RTE_STR(CRYPTODEV_NAME_OCTEONTX_SYM_PMD));
 
 	int nb_segs = 1;
+	uint32_t nb_iterates = 0;
 
 	rte_cryptodev_info_get(dev_id, &dev_info);
 
@@ -201,6 +202,48 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 
 	sym_op = op->sym;
 
+iterate:
+	if (nb_iterates) {
+		struct rte_mbuf *tmp_buf = ibuf;
+
+		ibuf = obuf;
+		obuf = tmp_buf;
+
+		rte_pktmbuf_reset(ibuf);
+		rte_pktmbuf_reset(obuf);
+
+		rte_pktmbuf_append(ibuf, tdata->ciphertext.len);
+
+		/* only encryption requires plaintext.data input,
+		 * decryption/(digest gen)/(digest verify) use ciphertext.data
+		 * to be computed
+		 */
+		if (t->op_mask & BLOCKCIPHER_TEST_OP_ENCRYPT)
+			pktmbuf_write(ibuf, 0, tdata->plaintext.len,
+					tdata->plaintext.data);
+		else
+			pktmbuf_write(ibuf, 0, tdata->ciphertext.len,
+					tdata->ciphertext.data);
+
+		buf_p = rte_pktmbuf_append(ibuf, digest_len);
+		if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY)
+			rte_memcpy(buf_p, tdata->digest.data, digest_len);
+		else
+			memset(buf_p, 0, digest_len);
+
+		memset(obuf->buf_addr, dst_pattern, obuf->buf_len);
+
+		buf_p = rte_pktmbuf_append(obuf, buf_len);
+		if (!buf_p) {
+			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
+				"FAILED: %s", __LINE__,
+				"No room to append mbuf");
+			status = TEST_FAILED;
+			goto error_exit;
+		}
+		memset(buf_p, 0, buf_len);
+	}
+
 	sym_op->m_src = ibuf;
 
 	if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
@@ -307,8 +350,9 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 		cipher_xform->cipher.iv.offset = IV_OFFSET;
 		cipher_xform->cipher.iv.length = tdata->iv.len;
 
-		sym_op->cipher.data.offset = 0;
-		sym_op->cipher.data.length = tdata->ciphertext.len;
+		sym_op->cipher.data.offset = tdata->cipher_offset;
+		sym_op->cipher.data.length = tdata->ciphertext.len -
+				tdata->cipher_offset;
 		rte_memcpy(rte_crypto_op_ctod_offset(op, uint8_t *, IV_OFFSET),
 				tdata->iv.data,
 				tdata->iv.len);
@@ -339,12 +383,17 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 					digest_offset);
 		}
 
-		sym_op->auth.data.offset = 0;
-		sym_op->auth.data.length = tdata->ciphertext.len;
+		sym_op->auth.data.offset = tdata->auth_offset;
+		sym_op->auth.data.length = tdata->ciphertext.len -
+				tdata->auth_offset;
 	}
 
-	/* create session for sessioned op */
-	if (!(t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS)) {
+	/**
+	 * Create session for sessioned op. For mbuf iteration test,
+	 * skip the session creation for the second iteration.
+	 */
+	if (!(t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) &&
+			nb_iterates == 0) {
 		sess = rte_cryptodev_sym_session_create(sess_mpool);
 
 		rte_cryptodev_sym_session_init(dev_id, sess, init_xform,
@@ -421,15 +470,20 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 		uint32_t compare_len;
 
 		if (t->op_mask & BLOCKCIPHER_TEST_OP_ENCRYPT) {
-			compare_ref = tdata->ciphertext.data;
-			compare_len = tdata->ciphertext.len;
+			compare_ref = tdata->ciphertext.data +
+					tdata->cipher_offset;
+			compare_len = tdata->ciphertext.len -
+					tdata->cipher_offset;
 		} else {
-			compare_ref = tdata->plaintext.data;
-			compare_len = tdata->plaintext.len;
+			compare_ref = tdata->plaintext.data +
+					tdata->cipher_offset;
+			compare_len = tdata->plaintext.len -
+					tdata->cipher_offset;
 		}
 
-		if (memcmp(rte_pktmbuf_read(iobuf, 0, compare_len,
-				buffer), compare_ref, compare_len)) {
+		if (memcmp(rte_pktmbuf_read(iobuf, tdata->cipher_offset,
+				compare_len, buffer), compare_ref,
+				compare_len)) {
 			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
 				"FAILED: %s", __LINE__,
 				"Crypto data not as expected");
@@ -524,6 +578,11 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 				goto error_exit;
 			}
 		}
+
+		if (!nb_iterates) {
+			nb_iterates++;
+			goto iterate;
+		}
 	} else {
 		/* In-place operation */
 		struct rte_mbuf *mbuf;
diff --git a/app/test/test_cryptodev_blockcipher.h b/app/test/test_cryptodev_blockcipher.h
index 6925a6c0d..060d10498 100644
--- a/app/test/test_cryptodev_blockcipher.h
+++ b/app/test/test_cryptodev_blockcipher.h
@@ -98,6 +98,9 @@ struct blockcipher_test_data {
 		unsigned int len;		/* for qat */
 		unsigned int truncated_len;	/* for mb */
 	} digest;
+
+	unsigned int cipher_offset;
+	unsigned int auth_offset;
 };
 
 int
diff --git a/app/test/test_cryptodev_des_test_vectors.h b/app/test/test_cryptodev_des_test_vectors.h
index f1b8cbd45..a71b0e902 100644
--- a/app/test/test_cryptodev_des_test_vectors.h
+++ b/app/test/test_cryptodev_des_test_vectors.h
@@ -1016,7 +1016,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Runt Block Encryption",
@@ -1024,7 +1025,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Uneven Encryption",
@@ -1032,7 +1034,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Full Block Decryption",
@@ -1040,7 +1043,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Runt Block Decryption",
@@ -1048,7 +1052,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "DES-DOCSIS-BPI OOP Uneven Decryption",
@@ -1056,7 +1061,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	}
 };
 
@@ -1200,7 +1206,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1212,7 +1219,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
+			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
-- 
2.14.5

Re: [PATCH v3 0/2] crypto/aesni_mb: enable out of place processing

[Akhil Goyal]

On 3/25/2019 7:21 PM, Fan Zhang wrote:
> Add out-of-place processing, i.e. different source and
> destination m_bufs, plus related capability update, tests
> and documentation.
>
> Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
> Signed-off-by: Paul Luse <paul.e.luse@intel.com>
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
>
> v3:
> - Updated unit test, enable src-dst swap test for all oop tests.
> - Merged patches.
> - Updated documentation.
> - Several code changes based on Pablo's comments.
>
> v2:
> - Removed limitation of not support cipher-auth.
> - Updated tests for more comprehensive test-cases.
> - Splitted the patch.
>
> Fan Zhang (2):
>    crypto/aesni_mb: enable out of place processing
>    test: add out of place test for AESNI-MB
>
>   app/test/test_cryptodev_aes_test_vectors.h  | 110 +++++++++++++++++++++++++---
>   app/test/test_cryptodev_blockcipher.c       |  83 ++++++++++++++++++---
>   app/test/test_cryptodev_blockcipher.h       |   3 +
>   app/test/test_cryptodev_des_test_vectors.h  |  24 ++++--
>   doc/guides/cryptodevs/aesni_mb.rst          |   1 -
>   doc/guides/cryptodevs/features/aesni_mb.ini |   1 +
>   doc/guides/rel_notes/release_19_05.rst      |   4 +
>   drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c  | 102 +++++++++++++++++++-------
>   8 files changed, 270 insertions(+), 58 deletions(-)
>
Applied to dpdk-next-crypto

Thanks.