Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/101502/?format=api
{ "id": 101502, "url": "http://patches.dpdk.org/api/patches/101502/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20211013192222.1582631-2-gakhil@marvell.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20211013192222.1582631-2-gakhil@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20211013192222.1582631-2-gakhil@marvell.com", "date": "2021-10-13T19:22:16", "name": "[v2,1/7] security: rework session framework", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "2d28315fc4ccd6d31ab790e245f68a1c40430d09", "submitter": { "id": 2094, "url": "http://patches.dpdk.org/api/people/2094/?format=api", "name": "Akhil Goyal", "email": "gakhil@marvell.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20211013192222.1582631-2-gakhil@marvell.com/mbox/", "series": [ { "id": 19616, "url": "http://patches.dpdk.org/api/series/19616/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=19616", "date": "2021-10-13T19:22:15", "name": "crypto/security session framework rework", "version": 2, "mbox": "http://patches.dpdk.org/series/19616/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/101502/comments/", "check": "warning", "checks": "http://patches.dpdk.org/api/patches/101502/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 5C02CA0C55;\n\tWed, 13 Oct 2021 21:22:50 +0200 (CEST)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 3DBD1411EC;\n\tWed, 13 Oct 2021 21:22:50 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com\n [67.231.156.173])\n by mails.dpdk.org (Postfix) with ESMTP id 266784111B\n for <dev@dpdk.org>; Wed, 13 Oct 2021 21:22:48 +0200 (CEST)", "from pps.filterd (m0045851.ppops.net [127.0.0.1])\n by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id\n 19DIvIV2030399;\n Wed, 13 Oct 2021 12:22:42 -0700", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0b-0016f401.pphosted.com with ESMTP id 3bp0h3sjxn-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Wed, 13 Oct 2021 12:22:42 -0700", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;\n Wed, 13 Oct 2021 12:22:39 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.18 via Frontend\n Transport; Wed, 13 Oct 2021 12:22:39 -0700", "from localhost.localdomain (unknown [10.28.36.185])\n by maili.marvell.com (Postfix) with ESMTP id C2FCA3F7089;\n Wed, 13 Oct 2021 12:22:32 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=JOCf2hwPeZH468Nj0oy9EGd1taNYlRBrqhn0lG22kCk=;\n b=PGF6iCNrTuoDSnulA6D2ugyNo1/AttAu5xmjngFJ4xesw7HHkeOEBWM74pLkMn3HQ2yb\n /ikSZ1i/qokX3pOG338KKkORYnmJcOCj1tWnc1QqHlwG0tAhR+RLrdaqwYPvVy3PhnBU\n z13gSX+AdFUhiy0HfLeJARDx6BWUvzuuUp0AfoZhChsu1IbEqbPRd14udMlRfc/70QVC\n Q6tCpapxq3vhdGTsfptrlO8osCCEI9hX/rTjGKXWuHEPfN2G1HnN4YU11kGz1YUnWjJ4\n 3HNVmqIhnFpUqKw72aiqeBLbY7ThZbZBLGP4rvvT8db3h8H+IbbZEDOag62CrNnUdQzn +g==", "From": "Akhil Goyal <gakhil@marvell.com>", "To": "<dev@dpdk.org>", "CC": "<thomas@monjalon.net>, <david.marchand@redhat.com>,\n <hemant.agrawal@nxp.com>, <anoobj@marvell.com>,\n <pablo.de.lara.guarch@intel.com>, <fiona.trahe@intel.com>,\n <declan.doherty@intel.com>, <matan@nvidia.com>, <g.singh@nxp.com>,\n <roy.fan.zhang@intel.com>, <jianjay.zhou@huawei.com>,\n <asomalap@amd.com>, <ruifeng.wang@arm.com>,\n <konstantin.ananyev@intel.com>, <radu.nicolau@intel.com>,\n <ajit.khaparde@broadcom.com>, <rnagadheeraj@marvell.com>,\n <adwivedi@marvell.com>, <ciara.power@intel.com>,\n <haiyue.wang@intel.com>, <jiawenwu@trustnetic.com>,\n <jianwang@trustnetic.com>, Akhil Goyal <gakhil@marvell.com>", "Date": "Thu, 14 Oct 2021 00:52:16 +0530", "Message-ID": "<20211013192222.1582631-2-gakhil@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20211013192222.1582631-1-gakhil@marvell.com>", "References": "<20210930145014.2476799-1-gakhil@marvell.com>\n <20211013192222.1582631-1-gakhil@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-GUID": "y8UE_slLxg5DOueASv28a5HOerXGWVEl", "X-Proofpoint-ORIG-GUID": "y8UE_slLxg5DOueASv28a5HOerXGWVEl", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475\n definitions=2021-10-13_07,2021-10-13_02,2020-04-07_01", "Subject": "[dpdk-dev] [PATCH v2 1/7] security: rework session framework", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "As per current design, rte_security_session_create()\nunnecesarily use 2 mempool objects for a single session.\nAnd structure rte_security_session is not directly used\nby the application, it may cause ABI breakage if the structure\nis modified in future.\n\nTo address these two issues, the API will now take only 1 mempool\nobject instead of 2 and return a void pointer directly\nto the session private data. With this change, the library layer\nwill get the object from mempool and pass session_private_data\nto the PMD for filling the PMD data.\nSince set and get pkt metadata for security sessions are now\nmade inline for Inline crypto/proto mode, a new member fast_mdata\nis added to the rte_security_session.\nTo access opaque data and fast_mdata will be accessed via inline\nAPIs which can do pointer manipulations inside library from\nsession_private_data pointer coming from application.\n\nSigned-off-by: Akhil Goyal <gakhil@marvell.com>\n---\n app/test-crypto-perf/cperf_ops.c | 13 +-\n .../cperf_test_pmd_cyclecount.c | 2 +-\n app/test/test_cryptodev.c | 17 +-\n app/test/test_ipsec.c | 11 +-\n app/test/test_security.c | 193 ++++--------------\n drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 5 +-\n .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 30 +--\n drivers/crypto/caam_jr/caam_jr.c | 32 +--\n drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 6 +-\n drivers/crypto/cnxk/cn10k_ipsec.c | 53 +----\n drivers/crypto/cnxk/cn9k_cryptodev_ops.c | 2 +-\n drivers/crypto/cnxk/cn9k_ipsec.c | 50 +----\n drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 39 +---\n drivers/crypto/dpaa_sec/dpaa_sec.c | 34 +--\n drivers/crypto/mvsam/rte_mrvl_pmd.c | 3 +-\n drivers/crypto/mvsam/rte_mrvl_pmd_ops.c | 11 +-\n drivers/crypto/octeontx2/otx2_cryptodev_ops.c | 2 +-\n drivers/crypto/octeontx2/otx2_cryptodev_sec.c | 54 +----\n drivers/crypto/qat/qat_sym.c | 3 +-\n drivers/crypto/qat/qat_sym.h | 8 +-\n drivers/crypto/qat/qat_sym_session.c | 21 +-\n drivers/crypto/qat/qat_sym_session.h | 4 +-\n drivers/net/ixgbe/ixgbe_ipsec.c | 38 +---\n drivers/net/meson.build | 2 +-\n drivers/net/octeontx2/otx2_ethdev_sec.c | 51 ++---\n drivers/net/octeontx2/otx2_ethdev_sec_tx.h | 2 +-\n drivers/net/txgbe/txgbe_ipsec.c | 38 +---\n examples/ipsec-secgw/ipsec.c | 9 +-\n lib/security/rte_security.c | 28 +--\n lib/security/rte_security.h | 41 ++--\n lib/security/rte_security_driver.h | 16 +-\n 31 files changed, 203 insertions(+), 615 deletions(-)", "diff": "diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c\nindex 263841c339..6c3aa77dec 100644\n--- a/app/test-crypto-perf/cperf_ops.c\n+++ b/app/test-crypto-perf/cperf_ops.c\n@@ -67,8 +67,6 @@ cperf_set_ops_security(struct rte_crypto_op **ops,\n \n \tfor (i = 0; i < nb_ops; i++) {\n \t\tstruct rte_crypto_sym_op *sym_op = ops[i]->sym;\n-\t\tstruct rte_security_session *sec_sess =\n-\t\t\t(struct rte_security_session *)sess;\n \t\tuint32_t buf_sz;\n \n \t\tuint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ops[i],\n@@ -76,7 +74,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,\n \t\t*per_pkt_hfn = options->pdcp_ses_hfn_en ? 0 : PDCP_DEFAULT_HFN;\n \n \t\tops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;\n-\t\trte_security_attach_session(ops[i], sec_sess);\n+\t\trte_security_attach_session(ops[i], (void *)sess);\n \t\tsym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] +\n \t\t\t\t\t\t\tsrc_buf_offset);\n \n@@ -608,7 +606,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,\n \n static struct rte_cryptodev_sym_session *\n create_ipsec_session(struct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *priv_mp,\n \t\tuint8_t dev_id,\n \t\tconst struct cperf_options *options,\n \t\tconst struct cperf_test_vector *test_vector,\n@@ -720,7 +717,7 @@ create_ipsec_session(struct rte_mempool *sess_mp,\n \n \t/* Create security session */\n \treturn (void *)rte_security_session_create(ctx,\n-\t\t\t\t&sess_conf, sess_mp, priv_mp);\n+\t\t\t\t&sess_conf, sess_mp);\n }\n \n static struct rte_cryptodev_sym_session *\n@@ -831,11 +828,11 @@ cperf_create_session(struct rte_mempool *sess_mp,\n \n \t\t/* Create security session */\n \t\treturn (void *)rte_security_session_create(ctx,\n-\t\t\t\t\t&sess_conf, sess_mp, priv_mp);\n+\t\t\t\t\t&sess_conf, sess_mp);\n \t}\n \n \tif (options->op_type == CPERF_IPSEC) {\n-\t\treturn create_ipsec_session(sess_mp, priv_mp, dev_id,\n+\t\treturn create_ipsec_session(sess_mp, dev_id,\n \t\t\t\toptions, test_vector, iv_offset);\n \t}\n \n@@ -880,7 +877,7 @@ cperf_create_session(struct rte_mempool *sess_mp,\n \n \t\t/* Create security session */\n \t\treturn (void *)rte_security_session_create(ctx,\n-\t\t\t\t\t&sess_conf, sess_mp, priv_mp);\n+\t\t\t\t\t&sess_conf, sess_mp);\n \t}\n #endif\n \tsess = rte_cryptodev_sym_session_create(sess_mp);\ndiff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\nindex fda97e8ab9..e43e2a3b96 100644\n--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\n+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\n@@ -70,7 +70,7 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)\n \t\t\t\t(struct rte_security_ctx *)\n \t\t\t\trte_cryptodev_get_sec_ctx(ctx->dev_id);\n \t\t\trte_security_session_destroy(sec_ctx,\n-\t\t\t\t(struct rte_security_session *)ctx->sess);\n+\t\t\t\t(void *)ctx->sess);\n \t\t} else\n #endif\n \t\t{\ndiff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c\nindex 65b64e1af0..79019eb766 100644\n--- a/app/test/test_cryptodev.c\n+++ b/app/test/test_cryptodev.c\n@@ -83,7 +83,7 @@ struct crypto_unittest_params {\n \tunion {\n \t\tstruct rte_cryptodev_sym_session *sess;\n #ifdef RTE_LIB_SECURITY\n-\t\tstruct rte_security_session *sec_session;\n+\t\tvoid *sec_session;\n #endif\n \t};\n #ifdef RTE_LIB_SECURITY\n@@ -8278,8 +8278,7 @@ static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx,\n-\t\t\t\t&sess_conf, ts_params->session_mpool,\n-\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t&sess_conf, ts_params->session_mpool);\n \n \tif (!ut_params->sec_session) {\n \t\tprintf(\"TestCase %s()-%d line %d failed %s: \",\n@@ -8539,8 +8538,7 @@ test_pdcp_proto_SGL(int i, int oop,\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx,\n-\t\t\t\t&sess_conf, ts_params->session_mpool,\n-\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t&sess_conf, ts_params->session_mpool);\n \n \tif (!ut_params->sec_session) {\n \t\tprintf(\"TestCase %s()-%d line %d failed %s: \",\n@@ -9024,8 +9022,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx, &sess_conf,\n-\t\t\t\t\tts_params->session_mpool,\n-\t\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t\tts_params->session_mpool);\n \n \tif (ut_params->sec_session == NULL)\n \t\treturn TEST_SKIPPED;\n@@ -9446,8 +9443,7 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td)\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx, &sess_conf,\n-\t\t\t\t\tts_params->session_mpool,\n-\t\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t\tts_params->session_mpool);\n \n \tif (!ut_params->sec_session) {\n \t\tprintf(\"TestCase %s(%d) line %d: %s\\n\",\n@@ -9622,8 +9618,7 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td)\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx, &sess_conf,\n-\t\t\t\t\tts_params->session_mpool,\n-\t\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t\tts_params->session_mpool);\n \n \tif (!ut_params->sec_session) {\n \t\tprintf(\"TestCase %s(%d) line %d: %s\\n\",\ndiff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c\nindex c6d6b88d6d..2ffa2a8e79 100644\n--- a/app/test/test_ipsec.c\n+++ b/app/test/test_ipsec.c\n@@ -148,18 +148,16 @@ const struct supported_auth_algo auth_algos[] = {\n \n static int\n dummy_sec_create(void *device, struct rte_security_session_conf *conf,\n-\tstruct rte_security_session *sess, struct rte_mempool *mp)\n+\tvoid *sess)\n {\n \tRTE_SET_USED(device);\n \tRTE_SET_USED(conf);\n-\tRTE_SET_USED(mp);\n-\n-\tsess->sess_private_data = NULL;\n+\tRTE_SET_USED(sess);\n \treturn 0;\n }\n \n static int\n-dummy_sec_destroy(void *device, struct rte_security_session *sess)\n+dummy_sec_destroy(void *device, void *sess)\n {\n \tRTE_SET_USED(device);\n \tRTE_SET_USED(sess);\n@@ -631,8 +629,7 @@ create_dummy_sec_session(struct ipsec_unitest_params *ut,\n \tstatic struct rte_security_session_conf conf;\n \n \tut->ss[j].security.ses = rte_security_session_create(&dummy_sec_ctx,\n-\t\t\t\t\t&conf, qp->mp_session,\n-\t\t\t\t\tqp->mp_session_private);\n+\t\t\t\t\t&conf, qp->mp_session);\n \n \tif (ut->ss[j].security.ses == NULL)\n \t\treturn -ENOMEM;\ndiff --git a/app/test/test_security.c b/app/test/test_security.c\nindex 060cf1ffa8..1cea756880 100644\n--- a/app/test/test_security.c\n+++ b/app/test/test_security.c\n@@ -200,25 +200,6 @@\n \t\t\texpected_mempool_usage, mempool_usage);\t\t\\\n } while (0)\n \n-/**\n- * Verify usage of mempool by checking if number of allocated objects matches\n- * expectations. The mempool is used to manage objects for sessions priv data.\n- * A single object is acquired from mempool during session_create\n- * and put back in session_destroy.\n- *\n- * @param expected_priv_mp_usage\texpected number of used priv mp objects\n- */\n-#define TEST_ASSERT_PRIV_MP_USAGE(expected_priv_mp_usage) do {\t\t\\\n-\tstruct security_testsuite_params *ts_params = &testsuite_params;\\\n-\tunsigned int priv_mp_usage;\t\t\t\t\t\\\n-\tpriv_mp_usage = rte_mempool_in_use_count(\t\t\t\\\n-\t\t\tts_params->session_priv_mpool);\t\t\t\\\n-\tTEST_ASSERT_EQUAL(expected_priv_mp_usage, priv_mp_usage,\t\\\n-\t\t\t\"Expecting %u priv mempool allocations, \"\t\\\n-\t\t\t\"but there are %u allocated objects\",\t\t\\\n-\t\t\texpected_priv_mp_usage, priv_mp_usage);\t\t\\\n-} while (0)\n-\n /**\n * Mockup structures and functions for rte_security_ops;\n *\n@@ -253,39 +234,28 @@\n static struct mock_session_create_data {\n \tvoid *device;\n \tstruct rte_security_session_conf *conf;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \tstruct rte_mempool *mp;\n-\tstruct rte_mempool *priv_mp;\n \n \tint ret;\n \n \tint called;\n \tint failed;\n-} mock_session_create_exp = {NULL, NULL, NULL, NULL, NULL, 0, 0, 0};\n+} mock_session_create_exp = {NULL, NULL, NULL, NULL, 0, 0, 0};\n \n static int\n mock_session_create(void *device,\n \t\tstruct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_mempool *priv_mp)\n+\t\tvoid *sess)\n {\n-\tvoid *sess_priv;\n-\tint ret;\n \n \tmock_session_create_exp.called++;\n \n \tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, device);\n \tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, conf);\n-\tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, priv_mp);\n \n-\tif (mock_session_create_exp.ret == 0) {\n-\t\tret = rte_mempool_get(priv_mp, &sess_priv);\n-\t\tTEST_ASSERT_EQUAL(0, ret,\n-\t\t\t\"priv mempool does not have enough objects\");\n-\n-\t\tset_sec_session_private_data(sess, sess_priv);\n+\tif (mock_session_create_exp.ret == 0)\n \t\tmock_session_create_exp.sess = sess;\n-\t}\n \n \treturn mock_session_create_exp.ret;\n }\n@@ -297,7 +267,7 @@ mock_session_create(void *device,\n */\n static struct mock_session_update_data {\n \tvoid *device;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \tstruct rte_security_session_conf *conf;\n \n \tint ret;\n@@ -308,7 +278,7 @@ static struct mock_session_update_data {\n \n static int\n mock_session_update(void *device,\n-\t\tstruct rte_security_session *sess,\n+\t\tvoid *sess,\n \t\tstruct rte_security_session_conf *conf)\n {\n \tmock_session_update_exp.called++;\n@@ -351,7 +321,7 @@ mock_session_get_size(void *device)\n */\n static struct mock_session_stats_get_data {\n \tvoid *device;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \tstruct rte_security_stats *stats;\n \n \tint ret;\n@@ -362,7 +332,7 @@ static struct mock_session_stats_get_data {\n \n static int\n mock_session_stats_get(void *device,\n-\t\tstruct rte_security_session *sess,\n+\t\tvoid *sess,\n \t\tstruct rte_security_stats *stats)\n {\n \tmock_session_stats_get_exp.called++;\n@@ -381,7 +351,7 @@ mock_session_stats_get(void *device,\n */\n static struct mock_session_destroy_data {\n \tvoid *device;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tint ret;\n \n@@ -390,15 +360,9 @@ static struct mock_session_destroy_data {\n } mock_session_destroy_exp = {NULL, NULL, 0, 0, 0};\n \n static int\n-mock_session_destroy(void *device, struct rte_security_session *sess)\n+mock_session_destroy(void *device, void *sess)\n {\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n-\n \tmock_session_destroy_exp.called++;\n-\tif ((mock_session_destroy_exp.ret == 0) && (sess_priv != NULL)) {\n-\t\trte_mempool_put(rte_mempool_from_obj(sess_priv), sess_priv);\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t}\n \tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, device);\n \tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, sess);\n \n@@ -412,7 +376,7 @@ mock_session_destroy(void *device, struct rte_security_session *sess)\n */\n static struct mock_set_pkt_metadata_data {\n \tvoid *device;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \tstruct rte_mbuf *m;\n \tvoid *params;\n \n@@ -424,7 +388,7 @@ static struct mock_set_pkt_metadata_data {\n \n static int\n mock_set_pkt_metadata(void *device,\n-\t\tstruct rte_security_session *sess,\n+\t\tvoid *sess,\n \t\tstruct rte_mbuf *m,\n \t\tvoid *params)\n {\n@@ -536,7 +500,6 @@ struct rte_security_ops mock_ops = {\n */\n static struct security_testsuite_params {\n \tstruct rte_mempool *session_mpool;\n-\tstruct rte_mempool *session_priv_mpool;\n } testsuite_params = { NULL };\n \n /**\n@@ -549,7 +512,7 @@ static struct security_testsuite_params {\n static struct security_unittest_params {\n \tstruct rte_security_ctx ctx;\n \tstruct rte_security_session_conf conf;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n } unittest_params = {\n \t.ctx = {\n \t\t.device = NULL,\n@@ -563,7 +526,7 @@ static struct security_unittest_params {\n #define SECURITY_TEST_PRIV_MEMPOOL_NAME \"SecurityTestPrivMp\"\n #define SECURITY_TEST_MEMPOOL_SIZE 15\n #define SECURITY_TEST_SESSION_OBJ_SZ sizeof(struct rte_security_session)\n-#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 64\n+#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 1024\n \n /**\n * testsuite_setup initializes whole test suite parameters.\n@@ -577,27 +540,13 @@ testsuite_setup(void)\n \tts_params->session_mpool = rte_mempool_create(\n \t\t\tSECURITY_TEST_MEMPOOL_NAME,\n \t\t\tSECURITY_TEST_MEMPOOL_SIZE,\n-\t\t\tSECURITY_TEST_SESSION_OBJ_SZ,\n+\t\t\tSECURITY_TEST_SESSION_OBJ_SZ +\n+\t\t\tSECURITY_TEST_SESSION_PRIV_OBJ_SZ,\n \t\t\t0, 0, NULL, NULL, NULL, NULL,\n \t\t\tSOCKET_ID_ANY, 0);\n \tTEST_ASSERT_NOT_NULL(ts_params->session_mpool,\n \t\t\t\"Cannot create mempool %s\\n\", rte_strerror(rte_errno));\n \n-\tts_params->session_priv_mpool = rte_mempool_create(\n-\t\t\tSECURITY_TEST_PRIV_MEMPOOL_NAME,\n-\t\t\tSECURITY_TEST_MEMPOOL_SIZE,\n-\t\t\tSECURITY_TEST_SESSION_PRIV_OBJ_SZ,\n-\t\t\t0, 0, NULL, NULL, NULL, NULL,\n-\t\t\tSOCKET_ID_ANY, 0);\n-\tif (ts_params->session_priv_mpool == NULL) {\n-\t\tRTE_LOG(ERR, USER1, \"TestCase %s() line %d failed (null): \"\n-\t\t\t\t\"Cannot create priv mempool %s\\n\",\n-\t\t\t\t__func__, __LINE__, rte_strerror(rte_errno));\n-\t\trte_mempool_free(ts_params->session_mpool);\n-\t\tts_params->session_mpool = NULL;\n-\t\treturn TEST_FAILED;\n-\t}\n-\n \treturn TEST_SUCCESS;\n }\n \n@@ -612,10 +561,6 @@ testsuite_teardown(void)\n \t\trte_mempool_free(ts_params->session_mpool);\n \t\tts_params->session_mpool = NULL;\n \t}\n-\tif (ts_params->session_priv_mpool) {\n-\t\trte_mempool_free(ts_params->session_priv_mpool);\n-\t\tts_params->session_priv_mpool = NULL;\n-\t}\n }\n \n /**\n@@ -704,7 +649,7 @@ ut_setup_with_session(void)\n {\n \tstruct security_unittest_params *ut_params = &unittest_params;\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tint ret = ut_setup();\n \tif (ret != TEST_SUCCESS)\n@@ -713,12 +658,11 @@ ut_setup_with_session(void)\n \tmock_session_create_exp.device = NULL;\n \tmock_session_create_exp.conf = &ut_params->conf;\n \tmock_session_create_exp.mp = ts_params->session_mpool;\n-\tmock_session_create_exp.priv_mp = ts_params->session_priv_mpool;\n \tmock_session_create_exp.ret = 0;\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n+\tmock_session_get_size_exp.called = 0;\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,\n \t\t\tsess);\n \tTEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,\n@@ -757,16 +701,14 @@ test_session_create_inv_context(void)\n {\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tsess = rte_security_session_create(NULL, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -781,18 +723,16 @@ test_session_create_inv_context_ops(void)\n {\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tut_params->ctx.ops = NULL;\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -807,18 +747,16 @@ test_session_create_inv_context_ops_fun(void)\n {\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tut_params->ctx.ops = &empty_ops;\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -832,16 +770,14 @@ test_session_create_inv_configuration(void)\n {\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tsess = rte_security_session_create(&ut_params->ctx, NULL,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -855,39 +791,14 @@ static int\n test_session_create_inv_mempool(void)\n {\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct security_testsuite_params *ts_params = &testsuite_params;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tNULL, ts_params->session_priv_mpool);\n+\t\t\tNULL);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n-\tTEST_ASSERT_SESSION_COUNT(0);\n-\n-\treturn TEST_SUCCESS;\n-}\n-\n-/**\n- * Test execution of rte_security_session_create with NULL session\n- * priv mempool\n- */\n-static int\n-test_session_create_inv_sess_priv_mempool(void)\n-{\n-\tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct security_testsuite_params *ts_params = &testsuite_params;\n-\tstruct rte_security_session *sess;\n-\n-\tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool, NULL);\n-\tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n-\t\t\tsess, NULL, \"%p\");\n-\tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n-\tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -902,9 +813,8 @@ test_session_create_mempool_empty(void)\n {\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct rte_security_session *tmp[SECURITY_TEST_MEMPOOL_SIZE];\n-\tvoid *tmp1[SECURITY_TEST_MEMPOOL_SIZE];\n-\tstruct rte_security_session *sess;\n+\tvoid *tmp[SECURITY_TEST_MEMPOOL_SIZE];\n+\tvoid *sess;\n \n \t/* Get all available objects from mempool. */\n \tint i, ret;\n@@ -914,34 +824,23 @@ test_session_create_mempool_empty(void)\n \t\tTEST_ASSERT_EQUAL(0, ret,\n \t\t\t\t\"Expect getting %d object from mempool\"\n \t\t\t\t\" to succeed\", i);\n-\t\tret = rte_mempool_get(ts_params->session_priv_mpool,\n-\t\t\t\t(void **)(&tmp1[i]));\n-\t\tTEST_ASSERT_EQUAL(0, ret,\n-\t\t\t\t\"Expect getting %d object from priv mempool\"\n-\t\t\t\t\" to succeed\", i);\n \t}\n \tTEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);\n-\tTEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);\n-\tTEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \t/* Put objects back to the pool. */\n \tfor (i = 0; i < SECURITY_TEST_MEMPOOL_SIZE; ++i) {\n \t\trte_mempool_put(ts_params->session_mpool,\n \t\t\t\t(void *)(tmp[i]));\n-\t\trte_mempool_put(ts_params->session_priv_mpool,\n-\t\t\t\t(tmp1[i]));\n \t}\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \n \treturn TEST_SUCCESS;\n }\n@@ -955,22 +854,19 @@ test_session_create_ops_failure(void)\n {\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tmock_session_create_exp.device = NULL;\n \tmock_session_create_exp.conf = &ut_params->conf;\n \tmock_session_create_exp.mp = ts_params->session_mpool;\n-\tmock_session_create_exp.priv_mp = ts_params->session_priv_mpool;\n \tmock_session_create_exp.ret = -1;\t/* Return failure status. */\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -984,17 +880,15 @@ test_session_create_success(void)\n {\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct rte_security_session *sess;\n+\tvoid *sess;\n \n \tmock_session_create_exp.device = NULL;\n \tmock_session_create_exp.conf = &ut_params->conf;\n \tmock_session_create_exp.mp = ts_params->session_mpool;\n-\tmock_session_create_exp.priv_mp = ts_params->session_priv_mpool;\n \tmock_session_create_exp.ret = 0;\t/* Return success status. */\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,\n \t\t\tsess);\n \tTEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,\n@@ -1003,7 +897,6 @@ test_session_create_success(void)\n \t\t\tsess, mock_session_create_exp.sess);\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \t/*\n@@ -1389,7 +1282,6 @@ test_session_destroy_inv_context(void)\n \tstruct security_unittest_params *ut_params = &unittest_params;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(NULL, ut_params->sess);\n@@ -1397,7 +1289,6 @@ test_session_destroy_inv_context(void)\n \t\t\tret, -EINVAL, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1414,7 +1305,6 @@ test_session_destroy_inv_context_ops(void)\n \tut_params->ctx.ops = NULL;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx,\n@@ -1423,7 +1313,6 @@ test_session_destroy_inv_context_ops(void)\n \t\t\tret, -EINVAL, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1440,7 +1329,6 @@ test_session_destroy_inv_context_ops_fun(void)\n \tut_params->ctx.ops = &empty_ops;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx,\n@@ -1449,7 +1337,6 @@ test_session_destroy_inv_context_ops_fun(void)\n \t\t\tret, -ENOTSUP, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1464,7 +1351,6 @@ test_session_destroy_inv_session(void)\n \tstruct security_unittest_params *ut_params = &unittest_params;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx, NULL);\n@@ -1472,7 +1358,6 @@ test_session_destroy_inv_session(void)\n \t\t\tret, -EINVAL, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1492,7 +1377,6 @@ test_session_destroy_ops_failure(void)\n \tmock_session_destroy_exp.ret = -1;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx,\n@@ -1501,7 +1385,6 @@ test_session_destroy_ops_failure(void)\n \t\t\tret, -1, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1519,7 +1402,6 @@ test_session_destroy_success(void)\n \tmock_session_destroy_exp.sess = ut_params->sess;\n \tmock_session_destroy_exp.ret = 0;\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx,\n@@ -1528,7 +1410,6 @@ test_session_destroy_success(void)\n \t\t\tret, 0, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \t/*\n@@ -2495,8 +2376,6 @@ static struct unit_test_suite security_testsuite = {\n \t\t\t\ttest_session_create_inv_configuration),\n \t\tTEST_CASE_ST(ut_setup, ut_teardown,\n \t\t\t\ttest_session_create_inv_mempool),\n-\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n-\t\t\t\ttest_session_create_inv_sess_priv_mempool),\n \t\tTEST_CASE_ST(ut_setup, ut_teardown,\n \t\t\t\ttest_session_create_mempool_empty),\n \t\tTEST_CASE_ST(ut_setup, ut_teardown,\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\nindex bbf310166e..e8da9ea9e1 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n@@ -1021,8 +1021,7 @@ get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op)\n \t} else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n \t\tif (likely(op->sym->sec_session != NULL))\n \t\t\tsess = (struct aesni_mb_session *)\n-\t\t\t\t\tget_sec_session_private_data(\n-\t\t\t\t\t\top->sym->sec_session);\n+\t\t\t\t\t(op->sym->sec_session);\n #endif\n \t} else {\n \t\tvoid *_sess = rte_cryptodev_sym_session_create(qp->sess_mp);\n@@ -1638,7 +1637,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)\n \t\t * this is for DOCSIS\n \t\t */\n \t\tis_docsis_sec = 1;\n-\t\tsess = get_sec_session_private_data(op->sym->sec_session);\n+\t\tsess = (struct aesni_mb_session *)(op->sym->sec_session);\n \t} else\n #endif\n \t{\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\nindex 48a8f91868..39c67e3952 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n@@ -1056,10 +1056,8 @@ struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops = &aesni_mb_pmd_ops;\n */\n static int\n aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_mempool *mempool)\n+\t\t\t void *sess)\n {\n-\tvoid *sess_private_data;\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n@@ -1069,40 +1067,22 @@ aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,\n \t\treturn -EINVAL;\n \t}\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tAESNI_MB_LOG(ERR, \"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n-\tret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,\n-\t\t\tsess_private_data);\n-\n+\tret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf, sess);\n \tif (ret != 0) {\n \t\tAESNI_MB_LOG(ERR, \"Failed to configure session parameters\");\n-\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n /** Clear the memory of session so it doesn't leave key material behind */\n static int\n-aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,\n-\t\tstruct rte_security_session *sess)\n+aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused, void *sess)\n {\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n+\tif (sess)\n+\t\tmemset(sess, 0, sizeof(struct aesni_mb_session));\n \n-\tif (sess_priv) {\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n-\t\tmemset(sess_priv, 0, sizeof(struct aesni_mb_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n-\t}\n \treturn 0;\n }\n \ndiff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c\nindex 258750afe7..ce7a100778 100644\n--- a/drivers/crypto/caam_jr/caam_jr.c\n+++ b/drivers/crypto/caam_jr/caam_jr.c\n@@ -1361,9 +1361,7 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)\n \t\t\t\t\tcryptodev_driver_id);\n \t\tbreak;\n \tcase RTE_CRYPTO_OP_SECURITY_SESSION:\n-\t\tses = (struct caam_jr_session *)\n-\t\t\tget_sec_session_private_data(\n-\t\t\t\t\top->sym->sec_session);\n+\t\tses = (struct caam_jr_session *)(op->sym->sec_session);\n \t\tbreak;\n \tdefault:\n \t\tCAAM_JR_DP_ERR(\"sessionless crypto op not supported\");\n@@ -1911,22 +1909,14 @@ caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,\n static int\n caam_jr_security_session_create(void *dev,\n \t\t\t\tstruct rte_security_session_conf *conf,\n-\t\t\t\tstruct rte_security_session *sess,\n-\t\t\t\tstruct rte_mempool *mempool)\n+\t\t\t\tvoid *sess)\n {\n-\tvoid *sess_private_data;\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tCAAM_JR_ERR(\"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tswitch (conf->protocol) {\n \tcase RTE_SECURITY_PROTOCOL_IPSEC:\n-\t\tret = caam_jr_set_ipsec_session(cdev, conf,\n-\t\t\t\tsess_private_data);\n+\t\tret = caam_jr_set_ipsec_session(cdev, conf, sess);\n \t\tbreak;\n \tcase RTE_SECURITY_PROTOCOL_MACSEC:\n \t\treturn -ENOTSUP;\n@@ -1935,34 +1925,24 @@ caam_jr_security_session_create(void *dev,\n \t}\n \tif (ret != 0) {\n \t\tCAAM_JR_ERR(\"failed to configure session parameters\");\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n /* Clear the memory of session so it doesn't leave key material behind */\n static int\n-caam_jr_security_session_destroy(void *dev __rte_unused,\n-\t\t\t\t struct rte_security_session *sess)\n+caam_jr_security_session_destroy(void *dev __rte_unused, void *sess)\n {\n \tPMD_INIT_FUNC_TRACE();\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n \n-\tstruct caam_jr_session *s = (struct caam_jr_session *)sess_priv;\n-\n-\tif (sess_priv) {\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n+\tstruct caam_jr_session *s = (struct caam_jr_session *)sess;\n \n+\tif (sess) {\n \t\trte_free(s->cipher_key.data);\n \t\trte_free(s->auth_key.data);\n \t\tmemset(sess, 0, sizeof(struct caam_jr_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c\nindex c25c8e67b2..de2eebd507 100644\n--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c\n+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c\n@@ -122,8 +122,8 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],\n \n \tif (op->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {\n \t\tif (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n-\t\t\tsec_sess = get_sec_session_private_data(\n-\t\t\t\tsym_op->sec_session);\n+\t\t\tsec_sess = (struct cn10k_sec_session *)\n+\t\t\t\t(sym_op->sec_session);\n \t\t\tret = cpt_sec_inst_fill(op, sec_sess, infl_req,\n \t\t\t\t\t\t&inst[0]);\n \t\t\tif (unlikely(ret))\n@@ -360,7 +360,7 @@ cn10k_cpt_sec_ucc_process(struct rte_crypto_op *cop,\n \tif (!(infl_req->op_flags & CPT_OP_FLAGS_IPSEC_DIR_INBOUND))\n \t\treturn;\n \n-\tsess = get_sec_session_private_data(cop->sym->sec_session);\n+\tsess = (struct cn10k_sec_session *)(cop->sym->sec_session);\n \tsa = &sess->sa;\n \n \tmbuf = cop->sym->m_src;\ndiff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c\nindex 27df1dcd64..425fe599e0 100644\n--- a/drivers/crypto/cnxk/cn10k_ipsec.c\n+++ b/drivers/crypto/cnxk/cn10k_ipsec.c\n@@ -35,17 +35,15 @@ static int\n cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,\n \t\t\t struct rte_security_ipsec_xform *ipsec_xfrm,\n \t\t\t struct rte_crypto_sym_xform *crypto_xfrm,\n-\t\t\t struct rte_security_session *sec_sess)\n+\t\t\t struct cn10k_sec_session *sess)\n {\n \tunion roc_ot_ipsec_outb_param1 param1;\n \tstruct roc_ot_ipsec_outb_sa *out_sa;\n \tstruct cnxk_ipsec_outb_rlens rlens;\n-\tstruct cn10k_sec_session *sess;\n \tstruct cn10k_ipsec_sa *sa;\n \tunion cpt_inst_w4 inst_w4;\n \tint ret;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n \tsa = &sess->sa;\n \tout_sa = &sa->out_sa;\n \n@@ -114,16 +112,14 @@ static int\n cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,\n \t\t\t struct rte_security_ipsec_xform *ipsec_xfrm,\n \t\t\t struct rte_crypto_sym_xform *crypto_xfrm,\n-\t\t\t struct rte_security_session *sec_sess)\n+\t\t\t struct cn10k_sec_session *sess)\n {\n \tunion roc_ot_ipsec_inb_param1 param1;\n \tstruct roc_ot_ipsec_inb_sa *in_sa;\n-\tstruct cn10k_sec_session *sess;\n \tstruct cn10k_ipsec_sa *sa;\n \tunion cpt_inst_w4 inst_w4;\n \tint ret;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n \tsa = &sess->sa;\n \tin_sa = &sa->in_sa;\n \n@@ -175,7 +171,7 @@ static int\n cn10k_ipsec_session_create(void *dev,\n \t\t\t struct rte_security_ipsec_xform *ipsec_xfrm,\n \t\t\t struct rte_crypto_sym_xform *crypto_xfrm,\n-\t\t\t struct rte_security_session *sess)\n+\t\t\t struct cn10k_sec_session *sess)\n {\n \tstruct rte_cryptodev *crypto_dev = dev;\n \tstruct roc_cpt *roc_cpt;\n@@ -204,55 +200,28 @@ cn10k_ipsec_session_create(void *dev,\n \n static int\n cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,\n-\t\t\t struct rte_security_session *sess,\n-\t\t\t struct rte_mempool *mempool)\n+\t\t\t void *sess)\n {\n-\tstruct cn10k_sec_session *priv;\n-\tint ret;\n+\tstruct cn10k_sec_session *priv = sess;\n \n \tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)\n \t\treturn -EINVAL;\n \n-\tif (rte_mempool_get(mempool, (void **)&priv)) {\n-\t\tplt_err(\"Could not allocate security session private data\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n-\tset_sec_session_private_data(sess, priv);\n-\n \tif (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {\n-\t\tret = -ENOTSUP;\n-\t\tgoto mempool_put;\n+\t\treturn -ENOTSUP;\n \t}\n-\tret = cn10k_ipsec_session_create(device, &conf->ipsec,\n-\t\t\t\t\t conf->crypto_xform, sess);\n-\tif (ret)\n-\t\tgoto mempool_put;\n-\n-\treturn 0;\n-\n-mempool_put:\n-\trte_mempool_put(mempool, priv);\n-\tset_sec_session_private_data(sess, NULL);\n-\treturn ret;\n+\treturn cn10k_ipsec_session_create(device, &conf->ipsec,\n+\t\t\t\t\t conf->crypto_xform, priv);\n }\n \n static int\n-cn10k_sec_session_destroy(void *device __rte_unused,\n-\t\t\t struct rte_security_session *sess)\n+cn10k_sec_session_destroy(void *device __rte_unused, void *sess)\n {\n-\tstruct cn10k_sec_session *priv;\n-\tstruct rte_mempool *sess_mp;\n-\n-\tpriv = get_sec_session_private_data(sess);\n+\tstruct cn10k_sec_session *priv = sess;\n \n \tif (priv == NULL)\n \t\treturn 0;\n-\n-\tsess_mp = rte_mempool_from_obj(priv);\n-\n-\tset_sec_session_private_data(sess, NULL);\n-\trte_mempool_put(sess_mp, priv);\n+\tmemset(priv, 0, sizeof(*priv));\n \n \treturn 0;\n }\ndiff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c\nindex 75277936b0..4c2dc5b080 100644\n--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c\n+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c\n@@ -56,7 +56,7 @@ cn9k_cpt_sec_inst_fill(struct rte_crypto_op *op,\n \t\treturn -ENOTSUP;\n \t}\n \n-\tpriv = get_sec_session_private_data(op->sym->sec_session);\n+\tpriv = (struct cn9k_sec_session *)(op->sym->sec_session);\n \tsa = &priv->sa;\n \n \tif (sa->dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)\ndiff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c\nindex 53fb793654..a602d38a11 100644\n--- a/drivers/crypto/cnxk/cn9k_ipsec.c\n+++ b/drivers/crypto/cnxk/cn9k_ipsec.c\n@@ -275,14 +275,13 @@ static int\n cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,\n \t\t\t struct rte_security_ipsec_xform *ipsec,\n \t\t\t struct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t struct rte_security_session *sec_sess)\n+\t\t\t struct cn9k_sec_session *sess)\n {\n \tstruct rte_crypto_sym_xform *auth_xform = crypto_xform->next;\n \tstruct roc_ie_on_ip_template *template = NULL;\n \tstruct roc_cpt *roc_cpt = qp->lf.roc_cpt;\n \tstruct cnxk_cpt_inst_tmpl *inst_tmpl;\n \tstruct roc_ie_on_outb_sa *out_sa;\n-\tstruct cn9k_sec_session *sess;\n \tstruct roc_ie_on_sa_ctl *ctl;\n \tstruct cn9k_ipsec_sa *sa;\n \tstruct rte_ipv6_hdr *ip6;\n@@ -294,7 +293,6 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,\n \tsize_t ctx_len;\n \tint ret;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n \tsa = &sess->sa;\n \tout_sa = &sa->out_sa;\n \tctl = &out_sa->common_sa.ctl;\n@@ -422,13 +420,12 @@ static int\n cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,\n \t\t\t struct rte_security_ipsec_xform *ipsec,\n \t\t\t struct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t struct rte_security_session *sec_sess)\n+\t\t\t struct cn9k_sec_session *sess)\n {\n \tstruct rte_crypto_sym_xform *auth_xform = crypto_xform;\n \tstruct roc_cpt *roc_cpt = qp->lf.roc_cpt;\n \tstruct cnxk_cpt_inst_tmpl *inst_tmpl;\n \tstruct roc_ie_on_inb_sa *in_sa;\n-\tstruct cn9k_sec_session *sess;\n \tstruct cn9k_ipsec_sa *sa;\n \tconst uint8_t *auth_key;\n \tunion cpt_inst_w4 w4;\n@@ -437,7 +434,6 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,\n \tsize_t ctx_len = 0;\n \tint ret;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n \tsa = &sess->sa;\n \tin_sa = &sa->in_sa;\n \n@@ -501,7 +497,7 @@ static int\n cn9k_ipsec_session_create(void *dev,\n \t\t\t struct rte_security_ipsec_xform *ipsec_xform,\n \t\t\t struct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t struct rte_security_session *sess)\n+\t\t\t struct cn9k_sec_session *sess)\n {\n \tstruct rte_cryptodev *crypto_dev = dev;\n \tstruct cnxk_cpt_qp *qp;\n@@ -532,53 +528,32 @@ cn9k_ipsec_session_create(void *dev,\n \n static int\n cn9k_sec_session_create(void *device, struct rte_security_session_conf *conf,\n-\t\t\tstruct rte_security_session *sess,\n-\t\t\tstruct rte_mempool *mempool)\n+\t\t\tvoid *sess)\n {\n-\tstruct cn9k_sec_session *priv;\n-\tint ret;\n+\tstruct cn9k_sec_session *priv = sess;\n \n \tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)\n \t\treturn -EINVAL;\n \n-\tif (rte_mempool_get(mempool, (void **)&priv)) {\n-\t\tplt_err(\"Could not allocate security session private data\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tmemset(priv, 0, sizeof(*priv));\n \n-\tset_sec_session_private_data(sess, priv);\n-\n \tif (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {\n-\t\tret = -ENOTSUP;\n-\t\tgoto mempool_put;\n+\t\treturn -ENOTSUP;\n \t}\n \n-\tret = cn9k_ipsec_session_create(device, &conf->ipsec,\n-\t\t\t\t\tconf->crypto_xform, sess);\n-\tif (ret)\n-\t\tgoto mempool_put;\n-\n-\treturn 0;\n-\n-mempool_put:\n-\trte_mempool_put(mempool, priv);\n-\tset_sec_session_private_data(sess, NULL);\n-\treturn ret;\n+\treturn cn9k_ipsec_session_create(device, &conf->ipsec,\n+\t\t\t\t\tconf->crypto_xform, priv);\n }\n \n static int\n-cn9k_sec_session_destroy(void *device __rte_unused,\n-\t\t\t struct rte_security_session *sess)\n+cn9k_sec_session_destroy(void *device __rte_unused, void *sess)\n {\n \tstruct roc_ie_on_outb_sa *out_sa;\n \tstruct cn9k_sec_session *priv;\n-\tstruct rte_mempool *sess_mp;\n \tstruct roc_ie_on_sa_ctl *ctl;\n \tstruct cn9k_ipsec_sa *sa;\n \n-\tpriv = get_sec_session_private_data(sess);\n+\tpriv = sess;\n \tif (priv == NULL)\n \t\treturn 0;\n \n@@ -590,13 +565,8 @@ cn9k_sec_session_destroy(void *device __rte_unused,\n \n \trte_io_wmb();\n \n-\tsess_mp = rte_mempool_from_obj(priv);\n-\n \tmemset(priv, 0, sizeof(*priv));\n \n-\tset_sec_session_private_data(sess, NULL);\n-\trte_mempool_put(sess_mp, priv);\n-\n \treturn 0;\n }\n \ndiff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c\nindex dfa72f3f93..176f1a27a0 100644\n--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c\n+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c\n@@ -1358,8 +1358,7 @@ build_sec_fd(struct rte_crypto_op *op,\n \t\t\t\top->sym->session, cryptodev_driver_id);\n #ifdef RTE_LIB_SECURITY\n \telse if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)\n-\t\tsess = (dpaa2_sec_session *)get_sec_session_private_data(\n-\t\t\t\top->sym->sec_session);\n+\t\tsess = (dpaa2_sec_session *)(op->sym->sec_session);\n #endif\n \telse\n \t\treturn -ENOTSUP;\n@@ -1532,7 +1531,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)\n \tstruct rte_crypto_op *op;\n \tuint16_t len = DPAA2_GET_FD_LEN(fd);\n \tint16_t diff = 0;\n-\tdpaa2_sec_session *sess_priv __rte_unused;\n+\tdpaa2_sec_session *sess_priv;\n \n \tstruct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(\n \t\tDPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),\n@@ -1545,8 +1544,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)\n \tmbuf->buf_iova = op->sym->aead.digest.phys_addr;\n \top->sym->aead.digest.phys_addr = 0L;\n \n-\tsess_priv = (dpaa2_sec_session *)get_sec_session_private_data(\n-\t\t\t\top->sym->sec_session);\n+\tsess_priv = (dpaa2_sec_session *)(op->sym->sec_session);\n \tif (sess_priv->dir == DIR_ENC)\n \t\tmbuf->data_off += SEC_FLC_DHR_OUTBOUND;\n \telse\n@@ -3395,63 +3393,44 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,\n static int\n dpaa2_sec_security_session_create(void *dev,\n \t\t\t\t struct rte_security_session_conf *conf,\n-\t\t\t\t struct rte_security_session *sess,\n-\t\t\t\t struct rte_mempool *mempool)\n+\t\t\t\t void *sess)\n {\n-\tvoid *sess_private_data;\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tDPAA2_SEC_ERR(\"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tswitch (conf->protocol) {\n \tcase RTE_SECURITY_PROTOCOL_IPSEC:\n-\t\tret = dpaa2_sec_set_ipsec_session(cdev, conf,\n-\t\t\t\tsess_private_data);\n+\t\tret = dpaa2_sec_set_ipsec_session(cdev, conf, sess);\n \t\tbreak;\n \tcase RTE_SECURITY_PROTOCOL_MACSEC:\n \t\treturn -ENOTSUP;\n \tcase RTE_SECURITY_PROTOCOL_PDCP:\n-\t\tret = dpaa2_sec_set_pdcp_session(cdev, conf,\n-\t\t\t\tsess_private_data);\n+\t\tret = dpaa2_sec_set_pdcp_session(cdev, conf, sess);\n \t\tbreak;\n \tdefault:\n \t\treturn -EINVAL;\n \t}\n \tif (ret != 0) {\n \t\tDPAA2_SEC_ERR(\"Failed to configure session parameters\");\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n /** Clear the memory of session so it doesn't leave key material behind */\n static int\n-dpaa2_sec_security_session_destroy(void *dev __rte_unused,\n-\t\tstruct rte_security_session *sess)\n+dpaa2_sec_security_session_destroy(void *dev __rte_unused, void *sess)\n {\n \tPMD_INIT_FUNC_TRACE();\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n \n-\tdpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;\n-\n-\tif (sess_priv) {\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n+\tdpaa2_sec_session *s = (dpaa2_sec_session *)sess;\n \n+\tif (sess) {\n \t\trte_free(s->ctxt);\n \t\trte_free(s->cipher_key.data);\n \t\trte_free(s->auth_key.data);\n \t\tmemset(s, 0, sizeof(dpaa2_sec_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c\nindex d5aa2748d6..832b6e64ec 100644\n--- a/drivers/crypto/dpaa_sec/dpaa_sec.c\n+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c\n@@ -1793,8 +1793,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,\n #ifdef RTE_LIB_SECURITY\n \t\t\tcase RTE_CRYPTO_OP_SECURITY_SESSION:\n \t\t\t\tses = (dpaa_sec_session *)\n-\t\t\t\t\tget_sec_session_private_data(\n-\t\t\t\t\t\t\top->sym->sec_session);\n+\t\t\t\t\t(op->sym->sec_session);\n \t\t\t\tbreak;\n #endif\n \t\t\tdefault:\n@@ -2572,7 +2571,6 @@ static inline void\n free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)\n {\n \tstruct dpaa_sec_dev_private *qi = dev->data->dev_private;\n-\tstruct rte_mempool *sess_mp = rte_mempool_from_obj((void *)s);\n \tuint8_t i;\n \n \tfor (i = 0; i < MAX_DPAA_CORES; i++) {\n@@ -2582,7 +2580,6 @@ free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)\n \t\ts->qp[i] = NULL;\n \t}\n \tfree_session_data(s);\n-\trte_mempool_put(sess_mp, (void *)s);\n }\n \n /** Clear the memory of session so it doesn't leave key material behind */\n@@ -3117,26 +3114,17 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev,\n static int\n dpaa_sec_security_session_create(void *dev,\n \t\t\t\t struct rte_security_session_conf *conf,\n-\t\t\t\t struct rte_security_session *sess,\n-\t\t\t\t struct rte_mempool *mempool)\n+\t\t\t\t void *sess)\n {\n-\tvoid *sess_private_data;\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tDPAA_SEC_ERR(\"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tswitch (conf->protocol) {\n \tcase RTE_SECURITY_PROTOCOL_IPSEC:\n-\t\tret = dpaa_sec_set_ipsec_session(cdev, conf,\n-\t\t\t\tsess_private_data);\n+\t\tret = dpaa_sec_set_ipsec_session(cdev, conf, sess);\n \t\tbreak;\n \tcase RTE_SECURITY_PROTOCOL_PDCP:\n-\t\tret = dpaa_sec_set_pdcp_session(cdev, conf,\n-\t\t\t\tsess_private_data);\n+\t\tret = dpaa_sec_set_pdcp_session(cdev, conf, sess);\n \t\tbreak;\n \tcase RTE_SECURITY_PROTOCOL_MACSEC:\n \t\treturn -ENOTSUP;\n@@ -3145,29 +3133,21 @@ dpaa_sec_security_session_create(void *dev,\n \t}\n \tif (ret != 0) {\n \t\tDPAA_SEC_ERR(\"failed to configure session parameters\");\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n /** Clear the memory of session so it doesn't leave key material behind */\n static int\n-dpaa_sec_security_session_destroy(void *dev __rte_unused,\n-\t\tstruct rte_security_session *sess)\n+dpaa_sec_security_session_destroy(void *dev __rte_unused, void *sess)\n {\n \tPMD_INIT_FUNC_TRACE();\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n-\tdpaa_sec_session *s = (dpaa_sec_session *)sess_priv;\n+\tdpaa_sec_session *s = (dpaa_sec_session *)sess;\n \n-\tif (sess_priv) {\n+\tif (sess)\n \t\tfree_session_memory((struct rte_cryptodev *)dev, s);\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t}\n \treturn 0;\n }\n #endif\ndiff --git a/drivers/crypto/mvsam/rte_mrvl_pmd.c b/drivers/crypto/mvsam/rte_mrvl_pmd.c\nindex a72642a772..245a4ad353 100644\n--- a/drivers/crypto/mvsam/rte_mrvl_pmd.c\n+++ b/drivers/crypto/mvsam/rte_mrvl_pmd.c\n@@ -773,8 +773,7 @@ mrvl_request_prepare_sec(struct sam_cio_ipsec_params *request,\n \t\treturn -EINVAL;\n \t}\n \n-\tsess = (struct mrvl_crypto_session *)get_sec_session_private_data(\n-\t\t\top->sym->sec_session);\n+\tsess = (struct mrvl_crypto_session *)(op->sym->sec_session);\n \tif (unlikely(sess == NULL)) {\n \t\tMRVL_LOG(ERR, \"Session was not created for this device! %d\",\n \t\t\t cryptodev_driver_id);\ndiff --git a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c\nindex 3064b1f136..e04a2c88c7 100644\n--- a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c\n+++ b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c\n@@ -913,16 +913,12 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,\n \n /** Clear the memory of session so it doesn't leave key material behind */\n static int\n-mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,\n-\t\tstruct rte_security_session *sess)\n+mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused, void *sess)\n {\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n-\n \t/* Zero out the whole structure */\n-\tif (sess_priv) {\n+\tif (sess) {\n \t\tstruct mrvl_crypto_session *mrvl_sess =\n \t\t\t(struct mrvl_crypto_session *)sess_priv;\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n \n \t\tif (mrvl_sess->sam_sess &&\n \t\t sam_session_destroy(mrvl_sess->sam_sess) < 0) {\n@@ -932,9 +928,6 @@ mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,\n \t\trte_free(mrvl_sess->sam_sess_params.cipher_key);\n \t\trte_free(mrvl_sess->sam_sess_params.auth_key);\n \t\trte_free(mrvl_sess->sam_sess_params.cipher_iv);\n-\t\tmemset(sess, 0, sizeof(struct rte_security_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c\nindex 37fad11d91..7b744cd4b4 100644\n--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c\n+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c\n@@ -702,7 +702,7 @@ otx2_cpt_enqueue_sec(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,\n \tuint8_t esn;\n \tint ret;\n \n-\tpriv = get_sec_session_private_data(op->sym->sec_session);\n+\tpriv = (struct otx2_sec_session *)(op->sym->sec_session);\n \tsess = &priv->ipsec.lp;\n \tsa = &sess->in_sa;\n \ndiff --git a/drivers/crypto/octeontx2/otx2_cryptodev_sec.c b/drivers/crypto/octeontx2/otx2_cryptodev_sec.c\nindex a5db40047d..56900e3187 100644\n--- a/drivers/crypto/octeontx2/otx2_cryptodev_sec.c\n+++ b/drivers/crypto/octeontx2/otx2_cryptodev_sec.c\n@@ -203,7 +203,7 @@ static int\n crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,\n \t\t\t\t struct rte_security_ipsec_xform *ipsec,\n \t\t\t\t struct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t\t struct rte_security_session *sec_sess)\n+\t\t\t\t struct otx2_sec_session *sess)\n {\n \tstruct rte_crypto_sym_xform *auth_xform, *cipher_xform;\n \tstruct otx2_ipsec_po_ip_template *template = NULL;\n@@ -212,13 +212,11 @@ crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,\n \tstruct otx2_ipsec_po_sa_ctl *ctl;\n \tint cipher_key_len, auth_key_len;\n \tstruct otx2_ipsec_po_out_sa *sa;\n-\tstruct otx2_sec_session *sess;\n \tstruct otx2_cpt_inst_s inst;\n \tstruct rte_ipv6_hdr *ip6;\n \tstruct rte_ipv4_hdr *ip;\n \tint ret, ctx_len;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n \tsess->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;\n \tlp = &sess->ipsec.lp;\n \n@@ -398,7 +396,7 @@ static int\n crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,\n \t\t\t\t struct rte_security_ipsec_xform *ipsec,\n \t\t\t\t struct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t\t struct rte_security_session *sec_sess)\n+\t\t\t\t struct otx2_sec_session *sess)\n {\n \tstruct rte_crypto_sym_xform *auth_xform, *cipher_xform;\n \tconst uint8_t *cipher_key, *auth_key;\n@@ -406,11 +404,9 @@ crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,\n \tstruct otx2_ipsec_po_sa_ctl *ctl;\n \tint cipher_key_len, auth_key_len;\n \tstruct otx2_ipsec_po_in_sa *sa;\n-\tstruct otx2_sec_session *sess;\n \tstruct otx2_cpt_inst_s inst;\n \tint ret;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n \tsess->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n \tlp = &sess->ipsec.lp;\n \n@@ -512,7 +508,7 @@ static int\n crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,\n \t\t\t\tstruct rte_security_ipsec_xform *ipsec,\n \t\t\t\tstruct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t\tstruct rte_security_session *sess)\n+\t\t\t\tstruct otx2_sec_session *sess)\n {\n \tint ret;\n \n@@ -536,10 +532,9 @@ crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,\n static int\n otx2_crypto_sec_session_create(void *device,\n \t\t\t struct rte_security_session_conf *conf,\n-\t\t\t struct rte_security_session *sess,\n-\t\t\t struct rte_mempool *mempool)\n+\t\t\t void *sess)\n {\n-\tstruct otx2_sec_session *priv;\n+\tstruct otx2_sec_session *priv = sess;\n \tint ret;\n \n \tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)\n@@ -548,51 +543,25 @@ otx2_crypto_sec_session_create(void *device,\n \tif (rte_security_dynfield_register() < 0)\n \t\treturn -rte_errno;\n \n-\tif (rte_mempool_get(mempool, (void **)&priv)) {\n-\t\totx2_err(\"Could not allocate security session private data\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n-\tset_sec_session_private_data(sess, priv);\n-\n \tpriv->userdata = conf->userdata;\n \n \tif (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)\n \t\tret = crypto_sec_ipsec_session_create(device, &conf->ipsec,\n \t\t\t\t\t\t conf->crypto_xform,\n-\t\t\t\t\t\t sess);\n+\t\t\t\t\t\t priv);\n \telse\n \t\tret = -ENOTSUP;\n \n-\tif (ret)\n-\t\tgoto mempool_put;\n-\n-\treturn 0;\n-\n-mempool_put:\n-\trte_mempool_put(mempool, priv);\n-\tset_sec_session_private_data(sess, NULL);\n \treturn ret;\n }\n \n static int\n-otx2_crypto_sec_session_destroy(void *device __rte_unused,\n-\t\t\t\tstruct rte_security_session *sess)\n+otx2_crypto_sec_session_destroy(void *device __rte_unused, void *sess)\n {\n-\tstruct otx2_sec_session *priv;\n-\tstruct rte_mempool *sess_mp;\n+\tstruct otx2_sec_session *priv = sess;\n \n-\tpriv = get_sec_session_private_data(sess);\n-\n-\tif (priv == NULL)\n-\t\treturn 0;\n-\n-\tsess_mp = rte_mempool_from_obj(priv);\n-\n-\tmemset(priv, 0, sizeof(*priv));\n-\n-\tset_sec_session_private_data(sess, NULL);\n-\trte_mempool_put(sess_mp, priv);\n+\tif (priv)\n+\t\tmemset(priv, 0, sizeof(*priv));\n \n \treturn 0;\n }\n@@ -604,8 +573,7 @@ otx2_crypto_sec_session_get_size(void *device __rte_unused)\n }\n \n static int\n-otx2_crypto_sec_set_pkt_mdata(void *device __rte_unused,\n-\t\t\t struct rte_security_session *session,\n+otx2_crypto_sec_set_pkt_mdata(void *device __rte_unused, void *session,\n \t\t\t struct rte_mbuf *m, void *params __rte_unused)\n {\n \t/* Set security session as the pkt metadata */\ndiff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c\nindex 93b257522b..fbb17e61ff 100644\n--- a/drivers/crypto/qat/qat_sym.c\n+++ b/drivers/crypto/qat/qat_sym.c\n@@ -250,8 +250,7 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg,\n \t\t\t\top->sym->session, qat_sym_driver_id);\n #ifdef RTE_LIB_SECURITY\n \t} else {\n-\t\tctx = (struct qat_sym_session *)get_sec_session_private_data(\n-\t\t\t\top->sym->sec_session);\n+\t\tctx = (struct qat_sym_session *)(op->sym->sec_session);\n \t\tif (likely(ctx)) {\n \t\t\tif (unlikely(ctx->bpi_ctx == NULL)) {\n \t\t\t\tQAT_DP_LOG(ERR, \"QAT PMD only supports security\"\ndiff --git a/drivers/crypto/qat/qat_sym.h b/drivers/crypto/qat/qat_sym.h\nindex e3ec7f0de4..8904aabd3d 100644\n--- a/drivers/crypto/qat/qat_sym.h\n+++ b/drivers/crypto/qat/qat_sym.h\n@@ -202,9 +202,7 @@ qat_sym_preprocess_requests(void **ops, uint16_t nb_ops)\n \t\top = (struct rte_crypto_op *)ops[i];\n \n \t\tif (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n-\t\t\tctx = (struct qat_sym_session *)\n-\t\t\t\tget_sec_session_private_data(\n-\t\t\t\t\top->sym->sec_session);\n+\t\t\tctx = (struct qat_sym_session *)(op->sym->sec_session);\n \n \t\t\tif (ctx == NULL || ctx->bpi_ctx == NULL)\n \t\t\t\tcontinue;\n@@ -243,9 +241,7 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie)\n \t\t * Assuming at this point that if it's a security\n \t\t * op, that this is for DOCSIS\n \t\t */\n-\t\tsess = (struct qat_sym_session *)\n-\t\t\t\tget_sec_session_private_data(\n-\t\t\t\trx_op->sym->sec_session);\n+\t\tsess = (struct qat_sym_session *)(rx_op->sym->sec_session);\n \t\tis_docsis_sec = 1;\n \t} else\n #endif\ndiff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c\nindex 3f2f6736fc..2a22347c7f 100644\n--- a/drivers/crypto/qat/qat_sym_session.c\n+++ b/drivers/crypto/qat/qat_sym_session.c\n@@ -2283,10 +2283,8 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,\n int\n qat_security_session_create(void *dev,\n \t\t\t\tstruct rte_security_session_conf *conf,\n-\t\t\t\tstruct rte_security_session *sess,\n-\t\t\t\tstruct rte_mempool *mempool)\n+\t\t\t\tvoid *sess_private_data)\n {\n-\tvoid *sess_private_data;\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n@@ -2296,40 +2294,25 @@ qat_security_session_create(void *dev,\n \t\treturn -EINVAL;\n \t}\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tQAT_LOG(ERR, \"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tret = qat_sec_session_set_docsis_parameters(cdev, conf,\n \t\t\tsess_private_data);\n \tif (ret != 0) {\n \t\tQAT_LOG(ERR, \"Failed to configure session parameters\");\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n int\n-qat_security_session_destroy(void *dev __rte_unused,\n-\t\t\t\t struct rte_security_session *sess)\n+qat_security_session_destroy(void *dev __rte_unused, void *sess_priv)\n {\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n \tstruct qat_sym_session *s = (struct qat_sym_session *)sess_priv;\n \n \tif (sess_priv) {\n \t\tif (s->bpi_ctx)\n \t\t\tbpi_cipher_ctx_free(s->bpi_ctx);\n \t\tmemset(s, 0, qat_sym_session_get_private_size(dev));\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n-\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h\nindex 6ebc176729..7fcc1d6f7b 100644\n--- a/drivers/crypto/qat/qat_sym_session.h\n+++ b/drivers/crypto/qat/qat_sym_session.h\n@@ -166,9 +166,9 @@ qat_sym_validate_zuc_key(int key_len, enum icp_qat_hw_cipher_algo *alg);\n #ifdef RTE_LIB_SECURITY\n int\n qat_security_session_create(void *dev, struct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess, struct rte_mempool *mempool);\n+\t\tvoid *sess);\n int\n-qat_security_session_destroy(void *dev, struct rte_security_session *sess);\n+qat_security_session_destroy(void *dev, void *sess);\n #endif\n \n #endif /* _QAT_SYM_SESSION_H_ */\ndiff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c\nindex e45c5501e6..cd54a3beee 100644\n--- a/drivers/net/ixgbe/ixgbe_ipsec.c\n+++ b/drivers/net/ixgbe/ixgbe_ipsec.c\n@@ -369,24 +369,17 @@ ixgbe_crypto_remove_sa(struct rte_eth_dev *dev,\n static int\n ixgbe_crypto_create_session(void *device,\n \t\tstruct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *session,\n-\t\tstruct rte_mempool *mempool)\n+\t\tvoid *session)\n {\n \tstruct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;\n-\tstruct ixgbe_crypto_session *ic_session = NULL;\n+\tstruct ixgbe_crypto_session *ic_session = session;\n \tstruct rte_crypto_aead_xform *aead_xform;\n \tstruct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;\n \n-\tif (rte_mempool_get(mempool, (void **)&ic_session)) {\n-\t\tPMD_DRV_LOG(ERR, \"Cannot get object from ic_session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tif (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||\n \t\t\tconf->crypto_xform->aead.algo !=\n \t\t\t\t\tRTE_CRYPTO_AEAD_AES_GCM) {\n \t\tPMD_DRV_LOG(ERR, \"Unsupported crypto transformation mode\\n\");\n-\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\treturn -ENOTSUP;\n \t}\n \taead_xform = &conf->crypto_xform->aead;\n@@ -396,7 +389,6 @@ ixgbe_crypto_create_session(void *device,\n \t\t\tic_session->op = IXGBE_OP_AUTHENTICATED_DECRYPTION;\n \t\t} else {\n \t\t\tPMD_DRV_LOG(ERR, \"IPsec decryption not enabled\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -ENOTSUP;\n \t\t}\n \t} else {\n@@ -404,7 +396,6 @@ ixgbe_crypto_create_session(void *device,\n \t\t\tic_session->op = IXGBE_OP_AUTHENTICATED_ENCRYPTION;\n \t\t} else {\n \t\t\tPMD_DRV_LOG(ERR, \"IPsec encryption not enabled\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -ENOTSUP;\n \t\t}\n \t}\n@@ -416,12 +407,9 @@ ixgbe_crypto_create_session(void *device,\n \tic_session->spi = conf->ipsec.spi;\n \tic_session->dev = eth_dev;\n \n-\tset_sec_session_private_data(session, ic_session);\n-\n \tif (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n \t\tif (ixgbe_crypto_add_sa(ic_session)) {\n \t\t\tPMD_DRV_LOG(ERR, \"Failed to add SA\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -EPERM;\n \t\t}\n \t}\n@@ -436,14 +424,11 @@ ixgbe_crypto_session_get_size(__rte_unused void *device)\n }\n \n static int\n-ixgbe_crypto_remove_session(void *device,\n-\t\tstruct rte_security_session *session)\n+ixgbe_crypto_remove_session(void *device, void *session)\n {\n \tstruct rte_eth_dev *eth_dev = device;\n \tstruct ixgbe_crypto_session *ic_session =\n-\t\t(struct ixgbe_crypto_session *)\n-\t\tget_sec_session_private_data(session);\n-\tstruct rte_mempool *mempool = rte_mempool_from_obj(ic_session);\n+\t\t(struct ixgbe_crypto_session *)session;\n \n \tif (eth_dev != ic_session->dev) {\n \t\tPMD_DRV_LOG(ERR, \"Session not bound to this device\\n\");\n@@ -455,8 +440,6 @@ ixgbe_crypto_remove_session(void *device,\n \t\treturn -EFAULT;\n \t}\n \n-\trte_mempool_put(mempool, (void *)ic_session);\n-\n \treturn 0;\n }\n \n@@ -476,12 +459,11 @@ ixgbe_crypto_compute_pad_len(struct rte_mbuf *m)\n }\n \n static int\n-ixgbe_crypto_update_mb(void *device __rte_unused,\n-\t\tstruct rte_security_session *session,\n+ixgbe_crypto_update_mb(void *device __rte_unused, void *session,\n \t\t struct rte_mbuf *m, void *params __rte_unused)\n {\n-\tstruct ixgbe_crypto_session *ic_session =\n-\t\t\tget_sec_session_private_data(session);\n+\tstruct ixgbe_crypto_session *ic_session = session;\n+\n \tif (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n \t\tunion ixgbe_crypto_tx_desc_md *mdata =\n \t\t\t(union ixgbe_crypto_tx_desc_md *)\n@@ -685,8 +667,10 @@ ixgbe_crypto_add_ingress_sa_from_flow(const void *sess,\n \t\t\t\t const void *ip_spec,\n \t\t\t\t uint8_t is_ipv6)\n {\n-\tstruct ixgbe_crypto_session *ic_session\n-\t\t= get_sec_session_private_data(sess);\n+\tuint64_t sess_ptr = (uint64_t)sess;\n+\tstruct ixgbe_crypto_session *ic_session =\n+\t\t\t(struct ixgbe_crypto_session *)sess_ptr;\n+\t/* TODO: A proper fix need to be added to remove above typecasting. */\n \n \tif (ic_session->op == IXGBE_OP_AUTHENTICATED_DECRYPTION) {\n \t\tif (is_ipv6) {\ndiff --git a/drivers/net/meson.build b/drivers/net/meson.build\nindex bcf488f203..7a09f7183d 100644\n--- a/drivers/net/meson.build\n+++ b/drivers/net/meson.build\n@@ -12,7 +12,7 @@ drivers = [\n 'bnx2x',\n 'bnxt',\n 'bonding',\n- 'cnxk',\n+# 'cnxk',\n 'cxgbe',\n 'dpaa',\n 'dpaa2',\ndiff --git a/drivers/net/octeontx2/otx2_ethdev_sec.c b/drivers/net/octeontx2/otx2_ethdev_sec.c\nindex c2a36883cb..ef851fe52c 100644\n--- a/drivers/net/octeontx2/otx2_ethdev_sec.c\n+++ b/drivers/net/octeontx2/otx2_ethdev_sec.c\n@@ -350,7 +350,7 @@ static int\n eth_sec_ipsec_out_sess_create(struct rte_eth_dev *eth_dev,\n \t\t\t struct rte_security_ipsec_xform *ipsec,\n \t\t\t struct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t struct rte_security_session *sec_sess)\n+\t\t\t struct otx2_sec_session *sec_sess)\n {\n \tstruct rte_crypto_sym_xform *auth_xform, *cipher_xform;\n \tstruct otx2_sec_session_ipsec_ip *sess;\n@@ -363,7 +363,7 @@ eth_sec_ipsec_out_sess_create(struct rte_eth_dev *eth_dev,\n \tstruct otx2_cpt_inst_s inst;\n \tstruct otx2_cpt_qp *qp;\n \n-\tpriv = get_sec_session_private_data(sec_sess);\n+\tpriv = sec_sess;\n \tpriv->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;\n \tsess = &priv->ipsec.ip;\n \n@@ -468,7 +468,7 @@ static int\n eth_sec_ipsec_in_sess_create(struct rte_eth_dev *eth_dev,\n \t\t\t struct rte_security_ipsec_xform *ipsec,\n \t\t\t struct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t struct rte_security_session *sec_sess)\n+\t\t\t struct otx2_sec_session *sec_sess)\n {\n \tstruct rte_crypto_sym_xform *auth_xform, *cipher_xform;\n \tstruct otx2_eth_dev *dev = otx2_eth_pmd_priv(eth_dev);\n@@ -495,7 +495,7 @@ eth_sec_ipsec_in_sess_create(struct rte_eth_dev *eth_dev,\n \n \tctl = &sa->ctl;\n \n-\tpriv = get_sec_session_private_data(sec_sess);\n+\tpriv = sec_sess;\n \tpriv->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n \tsess = &priv->ipsec.ip;\n \n@@ -619,7 +619,7 @@ static int\n eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,\n \t\t\t struct rte_security_ipsec_xform *ipsec,\n \t\t\t struct rte_crypto_sym_xform *crypto_xform,\n-\t\t\t struct rte_security_session *sess)\n+\t\t\t struct otx2_sec_session *sess)\n {\n \tint ret;\n \n@@ -638,22 +638,14 @@ eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,\n static int\n otx2_eth_sec_session_create(void *device,\n \t\t\t struct rte_security_session_conf *conf,\n-\t\t\t struct rte_security_session *sess,\n-\t\t\t struct rte_mempool *mempool)\n+\t\t\t void *sess)\n {\n-\tstruct otx2_sec_session *priv;\n+\tstruct otx2_sec_session *priv = sess;\n \tint ret;\n \n \tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL)\n \t\treturn -ENOTSUP;\n \n-\tif (rte_mempool_get(mempool, (void **)&priv)) {\n-\t\totx2_err(\"Could not allocate security session private data\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n-\tset_sec_session_private_data(sess, priv);\n-\n \t/*\n \t * Save userdata provided by the application. For ingress packets, this\n \t * could be used to identify the SA.\n@@ -663,19 +655,14 @@ otx2_eth_sec_session_create(void *device,\n \tif (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)\n \t\tret = eth_sec_ipsec_sess_create(device, &conf->ipsec,\n \t\t\t\t\t\tconf->crypto_xform,\n-\t\t\t\t\t\tsess);\n+\t\t\t\t\t\tpriv);\n \telse\n \t\tret = -ENOTSUP;\n \n \tif (ret)\n-\t\tgoto mempool_put;\n+\t\treturn ret;\n \n \treturn 0;\n-\n-mempool_put:\n-\trte_mempool_put(mempool, priv);\n-\tset_sec_session_private_data(sess, NULL);\n-\treturn ret;\n }\n \n static void\n@@ -688,20 +675,14 @@ otx2_eth_sec_free_anti_replay(struct otx2_ipsec_fp_in_sa *sa)\n }\n \n static int\n-otx2_eth_sec_session_destroy(void *device,\n-\t\t\t struct rte_security_session *sess)\n+otx2_eth_sec_session_destroy(void *device, void *sess)\n {\n \tstruct otx2_eth_dev *dev = otx2_eth_pmd_priv(device);\n \tstruct otx2_sec_session_ipsec_ip *sess_ip;\n \tstruct otx2_ipsec_fp_in_sa *sa;\n-\tstruct otx2_sec_session *priv;\n-\tstruct rte_mempool *sess_mp;\n+\tstruct otx2_sec_session *priv = sess;\n \tint ret;\n \n-\tpriv = get_sec_session_private_data(sess);\n-\tif (priv == NULL)\n-\t\treturn -EINVAL;\n-\n \tsess_ip = &priv->ipsec.ip;\n \n \tif (priv->ipsec.dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {\n@@ -727,11 +708,6 @@ otx2_eth_sec_session_destroy(void *device,\n \t\t\treturn ret;\n \t}\n \n-\tsess_mp = rte_mempool_from_obj(priv);\n-\n-\tset_sec_session_private_data(sess, NULL);\n-\trte_mempool_put(sess_mp, priv);\n-\n \treturn 0;\n }\n \n@@ -742,9 +718,8 @@ otx2_eth_sec_session_get_size(void *device __rte_unused)\n }\n \n static int\n-otx2_eth_sec_set_pkt_mdata(void *device __rte_unused,\n-\t\t\t struct rte_security_session *session,\n-\t\t\t struct rte_mbuf *m, void *params __rte_unused)\n+otx2_eth_sec_set_pkt_mdata(void *device __rte_unused, void *session,\n+\t\tstruct rte_mbuf *m, void *params __rte_unused)\n {\n \t/* Set security session as the pkt metadata */\n \t*rte_security_dynfield(m) = (rte_security_dynfield_t)session;\ndiff --git a/drivers/net/octeontx2/otx2_ethdev_sec_tx.h b/drivers/net/octeontx2/otx2_ethdev_sec_tx.h\nindex 623a2a841e..9ecb786947 100644\n--- a/drivers/net/octeontx2/otx2_ethdev_sec_tx.h\n+++ b/drivers/net/octeontx2/otx2_ethdev_sec_tx.h\n@@ -54,7 +54,7 @@ otx2_sec_event_tx(uint64_t base, struct rte_event *ev, struct rte_mbuf *m,\n \t\tstruct nix_iova_s nix_iova;\n \t} *sd;\n \n-\tpriv = get_sec_session_private_data((void *)(*rte_security_dynfield(m)));\n+\tpriv = (void *)(*rte_security_dynfield(m));\n \tsess = &priv->ipsec.ip;\n \tsa = &sess->out_sa;\n \ndiff --git a/drivers/net/txgbe/txgbe_ipsec.c b/drivers/net/txgbe/txgbe_ipsec.c\nindex ccd747973b..444da5b8f3 100644\n--- a/drivers/net/txgbe/txgbe_ipsec.c\n+++ b/drivers/net/txgbe/txgbe_ipsec.c\n@@ -349,24 +349,17 @@ txgbe_crypto_remove_sa(struct rte_eth_dev *dev,\n static int\n txgbe_crypto_create_session(void *device,\n \t\tstruct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *session,\n-\t\tstruct rte_mempool *mempool)\n+\t\tvoid *session)\n {\n \tstruct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;\n-\tstruct txgbe_crypto_session *ic_session = NULL;\n+\tstruct txgbe_crypto_session *ic_session = session;\n \tstruct rte_crypto_aead_xform *aead_xform;\n \tstruct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;\n \n-\tif (rte_mempool_get(mempool, (void **)&ic_session)) {\n-\t\tPMD_DRV_LOG(ERR, \"Cannot get object from ic_session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tif (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||\n \t\t\tconf->crypto_xform->aead.algo !=\n \t\t\t\t\tRTE_CRYPTO_AEAD_AES_GCM) {\n \t\tPMD_DRV_LOG(ERR, \"Unsupported crypto transformation mode\\n\");\n-\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\treturn -ENOTSUP;\n \t}\n \taead_xform = &conf->crypto_xform->aead;\n@@ -376,7 +369,6 @@ txgbe_crypto_create_session(void *device,\n \t\t\tic_session->op = TXGBE_OP_AUTHENTICATED_DECRYPTION;\n \t\t} else {\n \t\t\tPMD_DRV_LOG(ERR, \"IPsec decryption not enabled\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -ENOTSUP;\n \t\t}\n \t} else {\n@@ -384,7 +376,6 @@ txgbe_crypto_create_session(void *device,\n \t\t\tic_session->op = TXGBE_OP_AUTHENTICATED_ENCRYPTION;\n \t\t} else {\n \t\t\tPMD_DRV_LOG(ERR, \"IPsec encryption not enabled\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -ENOTSUP;\n \t\t}\n \t}\n@@ -396,12 +387,9 @@ txgbe_crypto_create_session(void *device,\n \tic_session->spi = conf->ipsec.spi;\n \tic_session->dev = eth_dev;\n \n-\tset_sec_session_private_data(session, ic_session);\n-\n \tif (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n \t\tif (txgbe_crypto_add_sa(ic_session)) {\n \t\t\tPMD_DRV_LOG(ERR, \"Failed to add SA\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -EPERM;\n \t\t}\n \t}\n@@ -416,14 +404,11 @@ txgbe_crypto_session_get_size(__rte_unused void *device)\n }\n \n static int\n-txgbe_crypto_remove_session(void *device,\n-\t\tstruct rte_security_session *session)\n+txgbe_crypto_remove_session(void *device, void *session)\n {\n \tstruct rte_eth_dev *eth_dev = device;\n \tstruct txgbe_crypto_session *ic_session =\n-\t\t(struct txgbe_crypto_session *)\n-\t\tget_sec_session_private_data(session);\n-\tstruct rte_mempool *mempool = rte_mempool_from_obj(ic_session);\n+\t\t(struct txgbe_crypto_session *)session;\n \n \tif (eth_dev != ic_session->dev) {\n \t\tPMD_DRV_LOG(ERR, \"Session not bound to this device\\n\");\n@@ -435,8 +420,6 @@ txgbe_crypto_remove_session(void *device,\n \t\treturn -EFAULT;\n \t}\n \n-\trte_mempool_put(mempool, (void *)ic_session);\n-\n \treturn 0;\n }\n \n@@ -456,12 +439,11 @@ txgbe_crypto_compute_pad_len(struct rte_mbuf *m)\n }\n \n static int\n-txgbe_crypto_update_mb(void *device __rte_unused,\n-\t\tstruct rte_security_session *session,\n-\t\t struct rte_mbuf *m, void *params __rte_unused)\n+txgbe_crypto_update_mb(void *device __rte_unused, void *session,\n+\t\tstruct rte_mbuf *m, void *params __rte_unused)\n {\n-\tstruct txgbe_crypto_session *ic_session =\n-\t\t\tget_sec_session_private_data(session);\n+\tstruct txgbe_crypto_session *ic_session = session;\n+\n \tif (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n \t\tunion txgbe_crypto_tx_desc_md *mdata =\n \t\t\t(union txgbe_crypto_tx_desc_md *)\n@@ -661,8 +643,10 @@ txgbe_crypto_add_ingress_sa_from_flow(const void *sess,\n \t\t\t\t const void *ip_spec,\n \t\t\t\t uint8_t is_ipv6)\n {\n+\tuint64_t sess_ptr = (uint64_t)sess;\n \tstruct txgbe_crypto_session *ic_session =\n-\t\t\tget_sec_session_private_data(sess);\n+\t\t\t(struct txgbe_crypto_session *)sess_ptr;\n+\t/* TODO: A proper fix need to be added to remove above typecasting. */\n \n \tif (ic_session->op == TXGBE_OP_AUTHENTICATED_DECRYPTION) {\n \t\tif (is_ipv6) {\ndiff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c\nindex 6817139663..03d907cba8 100644\n--- a/examples/ipsec-secgw/ipsec.c\n+++ b/examples/ipsec-secgw/ipsec.c\n@@ -117,8 +117,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa,\n \t\t\tset_ipsec_conf(sa, &(sess_conf.ipsec));\n \n \t\t\tips->security.ses = rte_security_session_create(ctx,\n-\t\t\t\t\t&sess_conf, ipsec_ctx->session_pool,\n-\t\t\t\t\tipsec_ctx->session_priv_pool);\n+\t\t\t\t\t&sess_conf, ipsec_ctx->session_pool);\n \t\t\tif (ips->security.ses == NULL) {\n \t\t\t\tRTE_LOG(ERR, IPSEC,\n \t\t\t\t\"SEC Session init failed: err: %d\\n\", ret);\n@@ -199,8 +198,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,\n \t\t}\n \n \t\tips->security.ses = rte_security_session_create(sec_ctx,\n-\t\t\t\t&sess_conf, skt_ctx->session_pool,\n-\t\t\t\tskt_ctx->session_priv_pool);\n+\t\t\t\t&sess_conf, skt_ctx->session_pool);\n \t\tif (ips->security.ses == NULL) {\n \t\t\tRTE_LOG(ERR, IPSEC,\n \t\t\t\t\"SEC Session init failed: err: %d\\n\", ret);\n@@ -380,8 +378,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,\n \t\tsess_conf.userdata = (void *) sa;\n \n \t\tips->security.ses = rte_security_session_create(sec_ctx,\n-\t\t\t\t\t&sess_conf, skt_ctx->session_pool,\n-\t\t\t\t\tskt_ctx->session_priv_pool);\n+\t\t\t\t\t&sess_conf, skt_ctx->session_pool);\n \t\tif (ips->security.ses == NULL) {\n \t\t\tRTE_LOG(ERR, IPSEC,\n \t\t\t\t\"SEC Session init failed: err: %d\\n\", ret);\ndiff --git a/lib/security/rte_security.c b/lib/security/rte_security.c\nindex fe81ed3e4c..06560b9cba 100644\n--- a/lib/security/rte_security.c\n+++ b/lib/security/rte_security.c\n@@ -39,35 +39,37 @@ rte_security_dynfield_register(void)\n \treturn rte_security_dynfield_offset;\n }\n \n-struct rte_security_session *\n+void *\n rte_security_session_create(struct rte_security_ctx *instance,\n \t\t\t struct rte_security_session_conf *conf,\n-\t\t\t struct rte_mempool *mp,\n-\t\t\t struct rte_mempool *priv_mp)\n+\t\t\t struct rte_mempool *mp)\n {\n \tstruct rte_security_session *sess = NULL;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);\n \tRTE_PTR_OR_ERR_RET(conf, NULL);\n \tRTE_PTR_OR_ERR_RET(mp, NULL);\n-\tRTE_PTR_OR_ERR_RET(priv_mp, NULL);\n+\n+\tif (mp->elt_size < sizeof(struct rte_security_session) +\n+\t\t\tinstance->ops->session_get_size(instance->device))\n+\t\treturn NULL;\n \n \tif (rte_mempool_get(mp, (void **)&sess))\n \t\treturn NULL;\n \n \tif (instance->ops->session_create(instance->device, conf,\n-\t\t\t\tsess, priv_mp)) {\n+\t\t\t\tsess->sess_private_data)) {\n \t\trte_mempool_put(mp, (void *)sess);\n \t\treturn NULL;\n \t}\n \tinstance->sess_cnt++;\n \n-\treturn sess;\n+\treturn sess->sess_private_data;\n }\n \n int\n rte_security_session_update(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_session *sess,\n+\t\t\t void *sess,\n \t\t\t struct rte_security_session_conf *conf)\n {\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,\n@@ -88,8 +90,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance)\n \n int\n rte_security_session_stats_get(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_session *sess,\n-\t\t\t struct rte_security_stats *stats)\n+\t\t\t void *sess, struct rte_security_stats *stats)\n {\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,\n \t\t\t-ENOTSUP);\n@@ -100,9 +101,9 @@ rte_security_session_stats_get(struct rte_security_ctx *instance,\n }\n \n int\n-rte_security_session_destroy(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_session *sess)\n+rte_security_session_destroy(struct rte_security_ctx *instance, void *sess)\n {\n+\tstruct rte_security_session *s;\n \tint ret;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,\n@@ -113,7 +114,8 @@ rte_security_session_destroy(struct rte_security_ctx *instance,\n \tif (ret != 0)\n \t\treturn ret;\n \n-\trte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);\n+\ts = container_of(sess, struct rte_security_session, sess_private_data);\n+\trte_mempool_put(rte_mempool_from_obj(s), (void *)s);\n \n \tif (instance->sess_cnt)\n \t\tinstance->sess_cnt--;\n@@ -123,7 +125,7 @@ rte_security_session_destroy(struct rte_security_ctx *instance,\n \n int\n __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n-\t\t\t\tstruct rte_security_session *sess,\n+\t\t\t\tvoid *sess,\n \t\t\t\tstruct rte_mbuf *m, void *params)\n {\n #ifdef RTE_DEBUG\ndiff --git a/lib/security/rte_security.h b/lib/security/rte_security.h\nindex c0ea13892e..2c8e78c4c7 100644\n--- a/lib/security/rte_security.h\n+++ b/lib/security/rte_security.h\n@@ -491,10 +491,12 @@ struct rte_security_session_conf {\n };\n \n struct rte_security_session {\n-\tvoid *sess_private_data;\n-\t/**< Private session material */\n \tuint64_t opaque_data;\n \t/**< Opaque user defined data */\n+\tuint64_t fast_mdata;\n+\t/**< Fast metadata to be used for inline path */\n+\t__extension__ void *sess_private_data[0];\n+\t/**< Private session material */\n };\n \n /**\n@@ -508,11 +510,10 @@ struct rte_security_session {\n * - On success, pointer to session\n * - On failure, NULL\n */\n-struct rte_security_session *\n+void *\n rte_security_session_create(struct rte_security_ctx *instance,\n \t\t\t struct rte_security_session_conf *conf,\n-\t\t\t struct rte_mempool *mp,\n-\t\t\t struct rte_mempool *priv_mp);\n+\t\t\t struct rte_mempool *mp);\n \n /**\n * Update security session as specified by the session configuration\n@@ -527,7 +528,7 @@ rte_security_session_create(struct rte_security_ctx *instance,\n __rte_experimental\n int\n rte_security_session_update(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_session *sess,\n+\t\t\t void *sess,\n \t\t\t struct rte_security_session_conf *conf);\n \n /**\n@@ -558,7 +559,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance);\n */\n int\n rte_security_session_destroy(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_session *sess);\n+\t\t\t void *sess);\n \n /** Device-specific metadata field type */\n typedef uint64_t rte_security_dynfield_t;\n@@ -604,7 +605,7 @@ static inline bool rte_security_dynfield_is_registered(void)\n /** Function to call PMD specific function pointer set_pkt_metadata() */\n __rte_experimental\n extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n-\t\t\t\t\t struct rte_security_session *sess,\n+\t\t\t\t\t void *sess,\n \t\t\t\t\t struct rte_mbuf *m, void *params);\n \n /**\n@@ -622,13 +623,13 @@ extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n */\n static inline int\n rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_session *sess,\n+\t\t\t void *sess,\n \t\t\t struct rte_mbuf *mb, void *params)\n {\n \t/* Fast Path */\n \tif (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {\n \t\t*rte_security_dynfield(mb) =\n-\t\t\t(rte_security_dynfield_t)(sess->sess_private_data);\n+\t\t\t(rte_security_dynfield_t)(sess);\n \t\treturn 0;\n \t}\n \n@@ -678,26 +679,13 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)\n */\n static inline int\n __rte_security_attach_session(struct rte_crypto_sym_op *sym_op,\n-\t\t\t struct rte_security_session *sess)\n+\t\t\t void *sess)\n {\n \tsym_op->sec_session = sess;\n \n \treturn 0;\n }\n \n-static inline void *\n-get_sec_session_private_data(const struct rte_security_session *sess)\n-{\n-\treturn sess->sess_private_data;\n-}\n-\n-static inline void\n-set_sec_session_private_data(struct rte_security_session *sess,\n-\t\t\t void *private_data)\n-{\n-\tsess->sess_private_data = private_data;\n-}\n-\n /**\n * Attach a session to a crypto operation.\n * This API is needed only in case of RTE_SECURITY_SESS_CRYPTO_PROTO_OFFLOAD\n@@ -708,8 +696,7 @@ set_sec_session_private_data(struct rte_security_session *sess,\n * @param\tsess\tsecurity session\n */\n static inline int\n-rte_security_attach_session(struct rte_crypto_op *op,\n-\t\t\t struct rte_security_session *sess)\n+rte_security_attach_session(struct rte_crypto_op *op, void *sess)\n {\n \tif (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))\n \t\treturn -EINVAL;\n@@ -771,7 +758,7 @@ struct rte_security_stats {\n __rte_experimental\n int\n rte_security_session_stats_get(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_session *sess,\n+\t\t\t void *sess,\n \t\t\t struct rte_security_stats *stats);\n \n /**\ndiff --git a/lib/security/rte_security_driver.h b/lib/security/rte_security_driver.h\nindex b0253e962e..5a177d72d7 100644\n--- a/lib/security/rte_security_driver.h\n+++ b/lib/security/rte_security_driver.h\n@@ -35,8 +35,7 @@ extern \"C\" {\n */\n typedef int (*security_session_create_t)(void *device,\n \t\tstruct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_mempool *mp);\n+\t\tvoid *sess);\n \n /**\n * Free driver private session data.\n@@ -44,8 +43,7 @@ typedef int (*security_session_create_t)(void *device,\n * @param\tdevice\t\tCrypto/eth device pointer\n * @param\tsess\t\tSecurity session structure\n */\n-typedef int (*security_session_destroy_t)(void *device,\n-\t\tstruct rte_security_session *sess);\n+typedef int (*security_session_destroy_t)(void *device, void *sess);\n \n /**\n * Update driver private session data.\n@@ -60,8 +58,7 @@ typedef int (*security_session_destroy_t)(void *device,\n * - Returns -ENOTSUP if crypto device does not support the crypto transform.\n */\n typedef int (*security_session_update_t)(void *device,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_security_session_conf *conf);\n+\t\tvoid *sess, struct rte_security_session_conf *conf);\n \n /**\n * Get the size of a security session\n@@ -86,8 +83,7 @@ typedef unsigned int (*security_session_get_size)(void *device);\n * - Returns -EINVAL if session parameters are invalid.\n */\n typedef int (*security_session_stats_get_t)(void *device,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_security_stats *stats);\n+\t\tvoid *sess, struct rte_security_stats *stats);\n \n __rte_internal\n int rte_security_dynfield_register(void);\n@@ -96,7 +92,7 @@ int rte_security_dynfield_register(void);\n * Update the mbuf with provided metadata.\n *\n * @param\tdevice\t\tCrypto/eth device pointer\n- * @param\tsess\t\tSecurity session structure\n+ * @param\tsess\t\tSecurity session\n * @param\tmb\t\tPacket buffer\n * @param\tparams\t\tMetadata\n *\n@@ -105,7 +101,7 @@ int rte_security_dynfield_register(void);\n * - Returns -ve value for errors.\n */\n typedef int (*security_set_pkt_metadata_t)(void *device,\n-\t\tstruct rte_security_session *sess, struct rte_mbuf *mb,\n+\t\tvoid *sess, struct rte_mbuf *mb,\n \t\tvoid *params);\n \n /**\n", "prefixes": [ "v2", "1/7" ] }