The AESNI MB PMD (librte_pmd_aesni_mb) provides poll mode crypto driver support for utilizing Intel multi buffer library, see the white paper Fast Multi-buffer IPsec Implementations on IntelĀ® Architecture Processors.
The AES-NI MB PMD has current only been tested on Fedora 21 64-bit with gcc.
AESNI MB PMD has support for:
Cipher algorithms:
Hash algorithms:
AEAD algorithms:
To build DPDK with the AESNI_MB_PMD the user is required to download the multi-buffer library from here and compile it on their user system before building DPDK. The latest version of the library supported by this PMD is v0.53, which can be downloaded from https://github.com/01org/intel-ipsec-mb/archive/v0.53.zip.
make
make install
As a reference, the following table shows a mapping between the past DPDK versions and the Multi-Buffer library version supported by them:
DPDK version | Multi-buffer library version |
---|---|
2.2 - 16.11 | 0.43 - 0.44 |
17.02 | 0.44 |
17.05 - 17.08 | 0.45 - 0.48 |
17.11 | 0.47 - 0.48 |
18.02 | 0.48 |
18.05 - 19.02 | 0.49 - 0.52 |
19.05 - 19.08 | 0.52 |
19.11+ | 0.52 - 0.53 |
In order to enable this virtual crypto PMD, user must:
To use the PMD in an application, user must:
The following parameters (all optional) can be provided in the previous two calls:
Example:
./l2fwd-crypto -l 1 -n 4 --vdev="crypto_aesni_mb,socket_id=0,max_nb_sessions=128" \
-- -p 1 --cdev SW --chain CIPHER_HASH --cipher_algo "aes-cbc" --auth_algo "sha1-hmac"
For AES Counter mode (AES-CTR), the library supports two different sizes for Initialization Vector (IV):