diff mbox series

[v3,4/4] crypto: modify return value for asym session create

Message ID 20220203160449.1638311-5-ciara.power@intel.com (mailing list archive)
State Superseded, archived
Delegated to: akhil goyal
Headers
Series crypto: improve asym session usage |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/Intel-compilation success Compilation OK
ci/intel-Testing success Testing PASS

Commit Message

Power, Ciara Feb. 3, 2022, 4:04 p.m. UTC 
  Rather than the asym session create function returning a session on
success, and a NULL value on error, it is modified to now return int
values - 0 on success or -EINVAL/-ENOTSUP/-ENOMEM on failure.
The session to be used is passed as input.

This adds clarity on the failure of the create function, which enables
treating the -ENOTSUP return as TEST_SKIPPED in test apps.

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>

---
v3:
  - Fixed variable declarations, putting initialised variable last.
  - Made function comment for return value more generic.
  - Fixed log to include line break.
  - Added documentation.
---
 app/test-crypto-perf/cperf_ops.c        |  12 ++-
 app/test/test_cryptodev_asym.c          | 132 +++++++++++++-----------
 doc/guides/prog_guide/cryptodev_lib.rst |   6 +-
 doc/guides/rel_notes/release_22_03.rst  |   3 +-
 lib/cryptodev/rte_cryptodev.c           |  27 ++---
 lib/cryptodev/rte_cryptodev.h           |  11 +-
 6 files changed, 104 insertions(+), 87 deletions(-)

Comments

Akhil Goyal Feb. 7, 2022, 9:04 a.m. UTC | #1 
> diff --git a/doc/guides/prog_guide/cryptodev_lib.rst
> b/doc/guides/prog_guide/cryptodev_lib.rst
> index 62bd3577f5..8e16461dc6 100644
> --- a/doc/guides/prog_guide/cryptodev_lib.rst
> +++ b/doc/guides/prog_guide/cryptodev_lib.rst
> @@ -1236,10 +1236,10 @@ crypto operations is similar except change to
> respective op and xform setup).
>       * Create asym crypto session and initialize it for the crypto device.
>       * The session structure is hidden from the app, so void * is used.
>       */
> -    void *asym_session;
> -    asym_session =
> rte_cryptodev_asym_session_create(asym_session_pool,
> +    void *asym_session = NULL;
> +    ret = rte_cryptodev_asym_session_create(&asym_session,
> asym_session_pool,
>              cdev_id, &modex_xform);
> -    if (asym_session == NULL)
> +    if (ret < 0)
>          rte_exit(EXIT_FAILURE, "Session could not be created\n");

Sample Code in the rst files is no more added. @Thomas: Could you please confirm?
Probably a separate patch is required to clean this up.

> diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
> index 0d816ed4a9..005f0e7952 100644
> --- a/lib/cryptodev/rte_cryptodev.c
> +++ b/lib/cryptodev/rte_cryptodev.c
> @@ -1912,9 +1912,9 @@ rte_cryptodev_sym_session_create(struct
> rte_mempool *mp)
>  	return sess;
>  }
> 
> -void *
> -rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t
> dev_id,
> -		struct rte_crypto_asym_xform *xforms)
> +int
> +rte_cryptodev_asym_session_create(void **session, struct rte_mempool
> *mp,
> +		uint8_t dev_id, struct rte_crypto_asym_xform *xforms)

Do you really need a double pointer for the session handle?

>  {
>  	struct rte_cryptodev_asym_session *sess;
>  	uint32_t session_priv_data_sz;
> @@ -1926,18 +1926,18 @@ rte_cryptodev_asym_session_create(struct
> rte_mempool *mp, uint8_t dev_id,
> 
>  	if (!rte_cryptodev_is_valid_dev(dev_id)) {
>  		CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id);
> -		return NULL;
> +		return -EINVAL;
>  	}
>  	session_priv_data_sz =
> rte_cryptodev_asym_get_private_session_size(
>  			dev_id);
>  	dev = rte_cryptodev_pmd_get_dev(dev_id);
> 
>  	if (dev == NULL)
> -		return NULL;
> +		return -EINVAL;
> 
>  	if (!mp) {
>  		CDEV_LOG_ERR("invalid mempool\n");
> -		return NULL;
> +		return -EINVAL;
>  	}
> 
>  	pool_priv = rte_mempool_get_priv(mp);
> @@ -1945,22 +1945,23 @@ rte_cryptodev_asym_session_create(struct
> rte_mempool *mp, uint8_t dev_id,
>  	if (pool_priv->max_priv_session_sz < session_priv_data_sz) {
>  		CDEV_LOG_DEBUG(
>  			"The private session data size used when creating the
> mempool is smaller than this device's private session data.");
> -		return NULL;
> +		return -EINVAL;
>  	}
> 
>  	/* Verify if provided mempool can hold elements big enough. */
>  	if (mp->elt_size < session_header_size + session_priv_data_sz) {
>  		CDEV_LOG_ERR(
>  			"mempool elements too small to hold session
> objects");
> -		return NULL;
> +		return -EINVAL;
>  	}
> 
>  	/* Allocate a session structure from the session pool */
> -	if (rte_mempool_get(mp, (void **)&sess)) {
> +	if (rte_mempool_get(mp, session)) {
>  		CDEV_LOG_ERR("couldn't get object from session
> mempool");
> -		return NULL;
> +		return -ENOMEM;
>  	}
> 
> +	sess = *session;
>  	sess->driver_id = dev->driver_id;
>  	sess->user_data_sz = pool_priv->user_data_sz;
>  	sess->max_priv_session_sz = pool_priv->max_priv_session_sz;
> @@ -1970,7 +1971,7 @@ rte_cryptodev_asym_session_create(struct
> rte_mempool *mp, uint8_t dev_id,
>  	 */
>  	memset(sess->sess_private_data, 0, session_priv_data_sz + sess-
> >user_data_sz);
> 
> -	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops-
> >asym_session_configure, NULL);
> +	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops-
> >asym_session_configure, -ENOTSUP);
> 
>  	if (sess->sess_private_data[0] == 0) {
>  		ret = dev->dev_ops->asym_session_configure(dev,
> @@ -1980,12 +1981,12 @@ rte_cryptodev_asym_session_create(struct
> rte_mempool *mp, uint8_t dev_id,
>  			CDEV_LOG_ERR(
>  				"dev_id %d failed to configure session
> details",
>  				dev_id);
> -			return NULL;
> +			return ret;
>  		}
>  	}
> 
>  	rte_cryptodev_trace_asym_session_create(mp, sess);
> -	return sess;
> +	return 0;
>  }
> 
>  int
> diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
> index 6a4d6d9934..9a75936963 100644
> --- a/lib/cryptodev/rte_cryptodev.h
> +++ b/lib/cryptodev/rte_cryptodev.h
> @@ -990,18 +990,21 @@ rte_cryptodev_sym_session_create(struct
> rte_mempool *mempool);
>  /**
>   * Create asymmetric crypto session header (generic with no private data)
>   *
> + * @param   session    void ** for session to be used
>   * @param   mempool    mempool to allocate asymmetric session
>   *                     objects from
>   * @param   dev_id   ID of device that we want the session to be used on
>   * @param   xforms   Asymmetric crypto transform operations to apply on
> flow
>   *                   processed with this session
>   * @return
> - *  - On success return pointer to asym-session
> - *  - On failure returns NULL
> + *  - 0 on success.
> + *  - -EINVAL on invalid arguments.
> + *  - -ENOMEM on memory error for session allocation.
> + *  - -ENOTSUP if device doesn't support session configuration.
>   */
>  __rte_experimental
> -void *
> -rte_cryptodev_asym_session_create(struct rte_mempool *mempool,
> +int
> +rte_cryptodev_asym_session_create(void **session, struct rte_mempool
> *mempool,
>  		uint8_t dev_id, struct rte_crypto_asym_xform *xforms);
> 
Session should be the last parameter.
First all in params and then out params.
Thomas Monjalon Feb. 7, 2022, 1:02 p.m. UTC | #2 
07/02/2022 10:04, Akhil Goyal:
> > diff --git a/doc/guides/prog_guide/cryptodev_lib.rst
> > b/doc/guides/prog_guide/cryptodev_lib.rst
> > index 62bd3577f5..8e16461dc6 100644
> > --- a/doc/guides/prog_guide/cryptodev_lib.rst
> > +++ b/doc/guides/prog_guide/cryptodev_lib.rst
> > @@ -1236,10 +1236,10 @@ crypto operations is similar except change to
> > respective op and xform setup).
> >       * Create asym crypto session and initialize it for the crypto device.
> >       * The session structure is hidden from the app, so void * is used.
> >       */
> > -    void *asym_session;
> > -    asym_session =
> > rte_cryptodev_asym_session_create(asym_session_pool,
> > +    void *asym_session = NULL;
> > +    ret = rte_cryptodev_asym_session_create(&asym_session,
> > asym_session_pool,
> >              cdev_id, &modex_xform);
> > -    if (asym_session == NULL)
> > +    if (ret < 0)
> >          rte_exit(EXIT_FAILURE, "Session could not be created\n");
> 
> Sample Code in the rst files is no more added. @Thomas: Could you please confirm?
> Probably a separate patch is required to clean this up.

Yes the target is to remove them.
Instead we want to include parts of examples with a specific syntax.
See literalinclude here:
https://doc.dpdk.org/guides/contributing/documentation.html#code-and-literal-block-sections
Power, Ciara Feb. 7, 2022, 2:50 p.m. UTC | #3 
Hi Akhil,

Some replies inline.

Thanks,
Ciara


>-----Original Message-----
>From: Akhil Goyal <gakhil@marvell.com>
>Sent: Monday 7 February 2022 09:05
>To: Power, Ciara <ciara.power@intel.com>; dev@dpdk.org;
>thomas@monjalon.net
>Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Anoob Joseph
><anoobj@marvell.com>; mdr@ashroe.eu; Doherty, Declan
><declan.doherty@intel.com>
>Subject: RE: [EXT] [PATCH v3 4/4] crypto: modify return value for asym session
>create
>
>> diff --git a/doc/guides/prog_guide/cryptodev_lib.rst
>> b/doc/guides/prog_guide/cryptodev_lib.rst
>> index 62bd3577f5..8e16461dc6 100644
>> --- a/doc/guides/prog_guide/cryptodev_lib.rst
>> +++ b/doc/guides/prog_guide/cryptodev_lib.rst
>> @@ -1236,10 +1236,10 @@ crypto operations is similar except change to
>> respective op and xform setup).
>>       * Create asym crypto session and initialize it for the crypto device.
>>       * The session structure is hidden from the app, so void * is used.
>>       */
>> -    void *asym_session;
>> -    asym_session =
>> rte_cryptodev_asym_session_create(asym_session_pool,
>> +    void *asym_session = NULL;
>> +    ret = rte_cryptodev_asym_session_create(&asym_session,
>> asym_session_pool,
>>              cdev_id, &modex_xform);
>> -    if (asym_session == NULL)
>> +    if (ret < 0)
>>          rte_exit(EXIT_FAILURE, "Session could not be created\n");
>
>Sample Code in the rst files is no more added. @Thomas: Could you please
>confirm?
>Probably a separate patch is required to clean this up.
>

[CP] I see Thomas replied on this - thanks. Will try find a section of example/test code that does the same thing as being shown here.


>> diff --git a/lib/cryptodev/rte_cryptodev.c
>> b/lib/cryptodev/rte_cryptodev.c index 0d816ed4a9..005f0e7952 100644
>> --- a/lib/cryptodev/rte_cryptodev.c
>> +++ b/lib/cryptodev/rte_cryptodev.c
>> @@ -1912,9 +1912,9 @@ rte_cryptodev_sym_session_create(struct
>> rte_mempool *mp)
>>  	return sess;
>>  }
>>
>> -void *
>> -rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t
>> dev_id,
>> -		struct rte_crypto_asym_xform *xforms)
>> +int
>> +rte_cryptodev_asym_session_create(void **session, struct rte_mempool
>> *mp,
>> +		uint8_t dev_id, struct rte_crypto_asym_xform *xforms)
>
>Do you really need a double pointer for the session handle?
>

[CP] Yes I believe so, the return value used to be session, but now that we have an int return value, the session needs to be passed in as a parameter somehow.
We need the double pointer because we need the call to rte_mempool_get() to set the original session pointer that can be accessed outside of this function,
rather than just the local copy if it were a singular session pointer passed in as a parameter.


<snip>
Akhil Goyal Feb. 8, 2022, 8:21 p.m. UTC | #4 
> >> diff --git a/lib/cryptodev/rte_cryptodev.c
> >> b/lib/cryptodev/rte_cryptodev.c index 0d816ed4a9..005f0e7952 100644
> >> --- a/lib/cryptodev/rte_cryptodev.c
> >> +++ b/lib/cryptodev/rte_cryptodev.c
> >> @@ -1912,9 +1912,9 @@ rte_cryptodev_sym_session_create(struct
> >> rte_mempool *mp)
> >>  	return sess;
> >>  }
> >>
> >> -void *
> >> -rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t
> >> dev_id,
> >> -		struct rte_crypto_asym_xform *xforms)
> >> +int
> >> +rte_cryptodev_asym_session_create(void **session, struct rte_mempool
> >> *mp,
> >> +		uint8_t dev_id, struct rte_crypto_asym_xform *xforms)
> >
> >Do you really need a double pointer for the session handle?
> >
> 
> [CP] Yes I believe so, the return value used to be session, but now that we have
> an int return value, the session needs to be passed in as a parameter somehow.
> We need the double pointer because we need the call to rte_mempool_get() to
> set the original session pointer that can be accessed outside of this function,
> rather than just the local copy if it were a singular session pointer passed in as a
> parameter.
> 
Ok
diff mbox series

Patch

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 948dc0f608..1486298931 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -734,7 +734,9 @@  cperf_create_session(struct rte_mempool *sess_mp,
 	struct rte_crypto_sym_xform auth_xform;
 	struct rte_crypto_sym_xform aead_xform;
 	struct rte_cryptodev_sym_session *sess = NULL;
+	void *asym_sess = NULL;
 	struct rte_crypto_asym_xform xform = {0};
+	int ret;
 
 	if (options->op_type == CPERF_ASYM_MODEX) {
 		xform.next = NULL;
@@ -744,11 +746,13 @@  cperf_create_session(struct rte_mempool *sess_mp,
 		xform.modex.exponent.data = perf_mod_e;
 		xform.modex.exponent.length = sizeof(perf_mod_e);
 
-		sess = (void *)rte_cryptodev_asym_session_create(sess_mp, dev_id, &xform);
-		if (sess == NULL)
+		ret = rte_cryptodev_asym_session_create(&asym_sess,
+				sess_mp, dev_id, &xform);
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Asym session create failed\n");
 			return NULL;
-
-		return sess;
+		}
+		return asym_sess;
 	}
 #ifdef RTE_LIB_SECURITY
 	/*
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index a81d6292f6..2edf8b5b42 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -315,7 +315,7 @@  test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,
 	uint8_t input[TEST_DATA_SIZE] = {0};
 	uint8_t *result = NULL;
 
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 
 	xform_tc.next = NULL;
 	xform_tc.xform_type = data_tc->modex.xform_type;
@@ -450,14 +450,14 @@  test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,
 	}
 
 	if (!sessionless) {
-		sess = rte_cryptodev_asym_session_create(ts_params->session_mpool,
-				dev_id, &xform_tc);
-		if (!sess) {
+		ret = rte_cryptodev_asym_session_create(&sess,
+				ts_params->session_mpool, dev_id, &xform_tc);
+		if (ret < 0) {
 			snprintf(test_msg, ASYM_TEST_MSG_LEN,
 					"line %u "
 					"FAILED: %s", __LINE__,
 					"Session creation failed");
-			status = TEST_FAILED;
+			status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 			goto error_exit;
 		}
 
@@ -644,9 +644,9 @@  test_rsa_sign_verify(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 
 	/* Test case supports op with exponent key only,
 	 * Check in PMD feature flag for RSA exponent key type support.
@@ -659,12 +659,12 @@  test_rsa_sign_verify(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"sign_verify\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -685,9 +685,9 @@  test_rsa_enc_dec(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 
 	/* Test case supports op with exponent key only,
 	 * Check in PMD feature flag for RSA exponent key type support.
@@ -700,11 +700,11 @@  test_rsa_enc_dec(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for enc_dec\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -726,9 +726,9 @@  test_rsa_sign_verify_crt(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 
 	/* Test case supports op with quintuple format key only,
 	 * Check im PMD feature flag for RSA quintuple key type support.
@@ -740,12 +740,12 @@  test_rsa_sign_verify_crt(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform_crt);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform_crt);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"sign_verify_crt\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -767,9 +767,9 @@  test_rsa_enc_dec_crt(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 
 	/* Test case supports op with quintuple format key only,
 	 * Check in PMD feature flag for RSA quintuple key type support.
@@ -781,12 +781,12 @@  test_rsa_enc_dec_crt(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform_crt);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform_crt);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"enc_dec_crt\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1050,7 +1050,7 @@  test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
 	struct rte_crypto_asym_op *asym_op = NULL;
 	struct rte_crypto_op *op = NULL, *result_op = NULL;
 	void *sess = NULL;
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
 	uint8_t peer[] = "01234567890123456789012345678901234567890123456789";
@@ -1077,12 +1077,13 @@  test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.shared_secret.data = output;
 	asym_op->dh.shared_secret.length = sizeof(output);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1135,7 +1136,7 @@  test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
 	struct rte_crypto_asym_op *asym_op = NULL;
 	struct rte_crypto_op *op = NULL, *result_op = NULL;
 	void *sess = NULL;
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
 
@@ -1157,12 +1158,13 @@  test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.priv_key.data = output;
 	asym_op->dh.priv_key.length = sizeof(output);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1218,7 +1220,7 @@  test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
 	struct rte_crypto_asym_op *asym_op = NULL;
 	struct rte_crypto_op *op = NULL, *result_op = NULL;
 	void *sess = NULL;
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
 
@@ -1248,12 +1250,13 @@  test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
 					0);
 	asym_op->dh.priv_key = dh_test_params.priv_key;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1309,7 +1312,7 @@  test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
 	struct rte_crypto_asym_op *asym_op = NULL;
 	struct rte_crypto_op *op = NULL, *result_op = NULL;
 	void *sess = NULL;
-	int status = TEST_SUCCESS;
+	int ret, status = TEST_SUCCESS;
 	uint8_t out_pub_key[TEST_DH_MOD_LEN];
 	uint8_t out_prv_key[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform pub_key_xform;
@@ -1339,12 +1342,13 @@  test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.priv_key.data = out_prv_key;
 	asym_op->dh.priv_key.length = sizeof(out_prv_key);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1430,12 +1434,13 @@  test_mod_inv(void)
 				return TEST_SKIPPED;
 		}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &modinv_xform);
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &modinv_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "line %u "
 				"FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1556,13 +1561,14 @@  test_mod_exp(void)
 		goto error_exit;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &modex_xform);
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &modex_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				 "line %u "
 				"FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1668,13 +1674,14 @@  test_dsa_sign(void)
 	uint8_t r[TEST_DH_MOD_LEN];
 	uint8_t s[TEST_DH_MOD_LEN];
 	uint8_t dgst[] = "35d81554afaad2cf18f3a1770d5fedc4ea5be344";
+	int ret;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &dsa_xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool, dev_id, &dsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				 "line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 	/* set up crypto op data structure */
@@ -1805,7 +1812,7 @@  test_ecdsa_sign_verify(enum curve curve_id)
 	struct rte_crypto_asym_op *asym_op;
 	struct rte_cryptodev_info dev_info;
 	struct rte_crypto_op *op = NULL;
-	int status = TEST_SUCCESS, ret;
+	int ret, status = TEST_SUCCESS;
 
 	switch (curve_id) {
 	case SECP192R1:
@@ -1850,12 +1857,13 @@  test_ecdsa_sign_verify(enum curve curve_id)
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA;
 	xform.ec.curve_id = input_params.curve;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto exit;
 	}
 
@@ -2009,7 +2017,7 @@  test_ecpm(enum curve curve_id)
 	struct rte_crypto_asym_op *asym_op;
 	struct rte_cryptodev_info dev_info;
 	struct rte_crypto_op *op = NULL;
-	int status = TEST_SUCCESS, ret;
+	int ret, status = TEST_SUCCESS;
 
 	switch (curve_id) {
 	case SECP192R1:
@@ -2054,12 +2062,12 @@  test_ecpm(enum curve curve_id)
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECPM;
 	xform.ec.curve_id = input_params.curve;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool, dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto exit;
 	}
 
diff --git a/doc/guides/prog_guide/cryptodev_lib.rst b/doc/guides/prog_guide/cryptodev_lib.rst
index 62bd3577f5..8e16461dc6 100644
--- a/doc/guides/prog_guide/cryptodev_lib.rst
+++ b/doc/guides/prog_guide/cryptodev_lib.rst
@@ -1236,10 +1236,10 @@  crypto operations is similar except change to respective op and xform setup).
      * Create asym crypto session and initialize it for the crypto device.
      * The session structure is hidden from the app, so void * is used.
      */
-    void *asym_session;
-    asym_session = rte_cryptodev_asym_session_create(asym_session_pool,
+    void *asym_session = NULL;
+    ret = rte_cryptodev_asym_session_create(&asym_session, asym_session_pool,
             cdev_id, &modex_xform);
-    if (asym_session == NULL)
+    if (ret < 0)
         rte_exit(EXIT_FAILURE, "Session could not be created\n");
 
     /* Get a burst of crypto operations. */
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 1022f77828..195a7efdd5 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -110,7 +110,8 @@  API Changes
   create a mempool with element size to hold the generic asym session header,
   along with the max size for a device private session data, and user data size.
   ``rte_cryptodev_asym_session_init`` was removed as this initialisation is
-  now done by ``rte_cryptodev_asym_session_create``.
+  now done by ``rte_cryptodev_asym_session_create``, which was updated to
+  return an integer value to indicate initialisation errors.
 
 
 ABI Changes
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index 0d816ed4a9..005f0e7952 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -1912,9 +1912,9 @@  rte_cryptodev_sym_session_create(struct rte_mempool *mp)
 	return sess;
 }
 
-void *
-rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
-		struct rte_crypto_asym_xform *xforms)
+int
+rte_cryptodev_asym_session_create(void **session, struct rte_mempool *mp,
+		uint8_t dev_id, struct rte_crypto_asym_xform *xforms)
 {
 	struct rte_cryptodev_asym_session *sess;
 	uint32_t session_priv_data_sz;
@@ -1926,18 +1926,18 @@  rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 
 	if (!rte_cryptodev_is_valid_dev(dev_id)) {
 		CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id);
-		return NULL;
+		return -EINVAL;
 	}
 	session_priv_data_sz = rte_cryptodev_asym_get_private_session_size(
 			dev_id);
 	dev = rte_cryptodev_pmd_get_dev(dev_id);
 
 	if (dev == NULL)
-		return NULL;
+		return -EINVAL;
 
 	if (!mp) {
 		CDEV_LOG_ERR("invalid mempool\n");
-		return NULL;
+		return -EINVAL;
 	}
 
 	pool_priv = rte_mempool_get_priv(mp);
@@ -1945,22 +1945,23 @@  rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 	if (pool_priv->max_priv_session_sz < session_priv_data_sz) {
 		CDEV_LOG_DEBUG(
 			"The private session data size used when creating the mempool is smaller than this device's private session data.");
-		return NULL;
+		return -EINVAL;
 	}
 
 	/* Verify if provided mempool can hold elements big enough. */
 	if (mp->elt_size < session_header_size + session_priv_data_sz) {
 		CDEV_LOG_ERR(
 			"mempool elements too small to hold session objects");
-		return NULL;
+		return -EINVAL;
 	}
 
 	/* Allocate a session structure from the session pool */
-	if (rte_mempool_get(mp, (void **)&sess)) {
+	if (rte_mempool_get(mp, session)) {
 		CDEV_LOG_ERR("couldn't get object from session mempool");
-		return NULL;
+		return -ENOMEM;
 	}
 
+	sess = *session;
 	sess->driver_id = dev->driver_id;
 	sess->user_data_sz = pool_priv->user_data_sz;
 	sess->max_priv_session_sz = pool_priv->max_priv_session_sz;
@@ -1970,7 +1971,7 @@  rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 	 */
 	memset(sess->sess_private_data, 0, session_priv_data_sz + sess->user_data_sz);
 
-	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_session_configure, NULL);
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_session_configure, -ENOTSUP);
 
 	if (sess->sess_private_data[0] == 0) {
 		ret = dev->dev_ops->asym_session_configure(dev,
@@ -1980,12 +1981,12 @@  rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 			CDEV_LOG_ERR(
 				"dev_id %d failed to configure session details",
 				dev_id);
-			return NULL;
+			return ret;
 		}
 	}
 
 	rte_cryptodev_trace_asym_session_create(mp, sess);
-	return sess;
+	return 0;
 }
 
 int
diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
index 6a4d6d9934..9a75936963 100644
--- a/lib/cryptodev/rte_cryptodev.h
+++ b/lib/cryptodev/rte_cryptodev.h
@@ -990,18 +990,21 @@  rte_cryptodev_sym_session_create(struct rte_mempool *mempool);
 /**
  * Create asymmetric crypto session header (generic with no private data)
  *
+ * @param   session    void ** for session to be used
  * @param   mempool    mempool to allocate asymmetric session
  *                     objects from
  * @param   dev_id   ID of device that we want the session to be used on
  * @param   xforms   Asymmetric crypto transform operations to apply on flow
  *                   processed with this session
  * @return
- *  - On success return pointer to asym-session
- *  - On failure returns NULL
+ *  - 0 on success.
+ *  - -EINVAL on invalid arguments.
+ *  - -ENOMEM on memory error for session allocation.
+ *  - -ENOTSUP if device doesn't support session configuration.
  */
 __rte_experimental
-void *
-rte_cryptodev_asym_session_create(struct rte_mempool *mempool,
+int
+rte_cryptodev_asym_session_create(void **session, struct rte_mempool *mempool,
 		uint8_t dev_id, struct rte_crypto_asym_xform *xforms);
 
 /**