diff mbox series

[v5,3/6] cryptodev: hide sym session structure

Message ID 20221002185511.2669151-4-gakhil@marvell.com (mailing list archive)
State Superseded
Delegated to: akhil goyal
Headers show
Series crypto/security session framework rework | expand

Checks

Context Check Description
ci/checkpatch success coding style OK

Commit Message

Akhil Goyal Oct. 2, 2022, 6:55 p.m. UTC
Structure rte_cryptodev_sym_session is moved to internal
headers which are not visible to applications.
The only field which should be used by app is opaque_data.
This field can now be accessed via set/get APIs added in this
patch.
Subsequent changes in app and lib are made to compile the code.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Tested-by: Gagandeep Singh <g.singh@nxp.com>
Tested-by: David Coyle <david.coyle@intel.com>
Tested-by: Kevin O'Sullivan <kevin.osullivan@intel.com>
---
 app/test-crypto-perf/cperf_ops.c              | 24 ++++----
 app/test-crypto-perf/cperf_ops.h              |  6 +-
 app/test-crypto-perf/cperf_test_latency.c     |  2 +-
 .../cperf_test_pmd_cyclecount.c               |  2 +-
 app/test-crypto-perf/cperf_test_throughput.c  |  2 +-
 app/test-crypto-perf/cperf_test_verify.c      |  2 +-
 app/test-eventdev/test_perf_common.c          |  8 +--
 app/test/test_cryptodev.c                     | 17 +++---
 app/test/test_cryptodev_blockcipher.c         |  2 +-
 app/test/test_event_crypto_adapter.c          |  4 +-
 app/test/test_ipsec.c                         |  2 +-
 app/test/test_ipsec_perf.c                    |  4 +-
 doc/guides/prog_guide/cryptodev_lib.rst       | 16 ++----
 doc/guides/rel_notes/deprecation.rst          |  5 --
 doc/guides/rel_notes/release_22_11.rst        |  9 +++
 drivers/crypto/bcmfs/bcmfs_sym_session.c      |  5 +-
 drivers/crypto/caam_jr/caam_jr.c              | 10 ++--
 drivers/crypto/ccp/ccp_crypto.c               | 30 +++++-----
 drivers/crypto/ccp/ccp_pmd_ops.c              |  2 +-
 drivers/crypto/ccp/rte_ccp_pmd.c              |  4 +-
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |  8 +--
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c      | 10 ++--
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c      |  4 +-
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h      |  2 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   | 11 ++--
 drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c   |  2 +-
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  9 ++-
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c     |  2 +-
 drivers/crypto/ipsec_mb/ipsec_mb_ops.c        |  2 +-
 drivers/crypto/ipsec_mb/ipsec_mb_private.h    |  4 +-
 drivers/crypto/ipsec_mb/pmd_aesni_gcm.c       |  6 +-
 drivers/crypto/ipsec_mb/pmd_aesni_mb.c        |  4 +-
 drivers/crypto/ipsec_mb/pmd_kasumi.c          |  2 +-
 drivers/crypto/ipsec_mb/pmd_snow3g.c          |  2 +-
 drivers/crypto/mlx5/mlx5_crypto.c             |  7 +--
 drivers/crypto/nitrox/nitrox_sym.c            |  6 +-
 drivers/crypto/null/null_crypto_pmd.c         |  3 +-
 drivers/crypto/null/null_crypto_pmd_ops.c     |  2 +-
 drivers/crypto/octeontx/otx_cryptodev_ops.c   | 10 ++--
 drivers/crypto/openssl/rte_openssl_pmd.c      |  4 +-
 drivers/crypto/openssl/rte_openssl_pmd_ops.c  |  4 +-
 drivers/crypto/qat/qat_sym.c                  |  4 +-
 drivers/crypto/qat/qat_sym.h                  |  3 +-
 drivers/crypto/qat/qat_sym_session.c          |  6 +-
 .../scheduler/scheduler_pkt_size_distr.c      | 13 ++---
 drivers/crypto/scheduler/scheduler_pmd_ops.c  |  4 +-
 .../crypto/scheduler/scheduler_pmd_private.h  | 30 +++++-----
 drivers/crypto/virtio/virtio_cryptodev.c      |  4 +-
 drivers/crypto/virtio/virtio_rxtx.c           |  2 +-
 examples/fips_validation/fips_dev_self_test.c | 10 ++--
 examples/fips_validation/main.c               |  2 +-
 examples/l2fwd-crypto/main.c                  |  6 +-
 lib/cryptodev/cryptodev_pmd.h                 | 32 +++++++++++
 lib/cryptodev/cryptodev_trace_points.c        |  3 -
 lib/cryptodev/rte_crypto.h                    |  3 +-
 lib/cryptodev/rte_crypto_sym.h                |  7 +--
 lib/cryptodev/rte_cryptodev.c                 | 15 +++--
 lib/cryptodev/rte_cryptodev.h                 | 56 +++++++++----------
 lib/cryptodev/rte_cryptodev_trace.h           | 14 +----
 lib/cryptodev/version.map                     |  1 -
 lib/ipsec/rte_ipsec_group.h                   |  5 +-
 lib/ipsec/ses.c                               |  3 +-
 62 files changed, 239 insertions(+), 244 deletions(-)
diff mbox series

Patch

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index c6f5735bb0..5acd495794 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -13,7 +13,7 @@  static void
 cperf_set_ops_asym(struct rte_crypto_op **ops,
 		   uint32_t src_buf_offset __rte_unused,
 		   uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
-		   struct rte_cryptodev_sym_session *sess,
+		   void *sess,
 		   const struct cperf_options *options,
 		   const struct cperf_test_vector *test_vector __rte_unused,
 		   uint16_t iv_offset __rte_unused,
@@ -55,7 +55,7 @@  static void
 cperf_set_ops_security(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset __rte_unused,
 		uint32_t dst_buf_offset __rte_unused,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -125,7 +125,7 @@  static void
 cperf_set_ops_security_ipsec(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset __rte_unused,
 		uint32_t dst_buf_offset __rte_unused,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -183,7 +183,7 @@  cperf_set_ops_security_ipsec(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -221,7 +221,7 @@  cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_null_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -259,7 +259,7 @@  cperf_set_ops_null_auth(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_cipher(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -314,7 +314,7 @@  cperf_set_ops_cipher(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -414,7 +414,7 @@  cperf_set_ops_auth(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -532,7 +532,7 @@  cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_aead(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -640,7 +640,7 @@  cperf_set_ops_aead(struct rte_crypto_op **ops,
 	}
 }
 
-static struct rte_cryptodev_sym_session *
+static void *
 create_ipsec_session(struct rte_mempool *sess_mp,
 		struct rte_mempool *priv_mp,
 		uint8_t dev_id,
@@ -757,7 +757,7 @@  create_ipsec_session(struct rte_mempool *sess_mp,
 				&sess_conf, sess_mp, priv_mp);
 }
 
-static struct rte_cryptodev_sym_session *
+static void *
 cperf_create_session(struct rte_mempool *sess_mp,
 	struct rte_mempool *priv_mp,
 	uint8_t dev_id,
@@ -768,7 +768,7 @@  cperf_create_session(struct rte_mempool *sess_mp,
 	struct rte_crypto_sym_xform cipher_xform;
 	struct rte_crypto_sym_xform auth_xform;
 	struct rte_crypto_sym_xform aead_xform;
-	struct rte_cryptodev_sym_session *sess = NULL;
+	void *sess = NULL;
 	void *asym_sess = NULL;
 	struct rte_crypto_asym_xform xform = {0};
 	int ret;
diff --git a/app/test-crypto-perf/cperf_ops.h b/app/test-crypto-perf/cperf_ops.h
index 1d2fbb4e30..455f9cdc06 100644
--- a/app/test-crypto-perf/cperf_ops.h
+++ b/app/test-crypto-perf/cperf_ops.h
@@ -12,15 +12,15 @@ 
 #include "cperf_test_vectors.h"
 
 
-typedef struct rte_cryptodev_sym_session *(*cperf_sessions_create_t)(
-		struct rte_mempool *sess_mp, struct rte_mempool *sess_priv_mp,
+typedef void *(*cperf_sessions_create_t)(
+		struct rte_mempool *sess_mp,
 		uint8_t dev_id, const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset);
 
 typedef void (*cperf_populate_ops_t)(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
diff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c
index afd8cb209b..c8ad7f17a4 100644
--- a/app/test-crypto-perf/cperf_test_latency.c
+++ b/app/test-crypto-perf/cperf_test_latency.c
@@ -24,7 +24,7 @@  struct cperf_latency_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
index edd2730b73..dbdbe29feb 100644
--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
@@ -28,7 +28,7 @@  struct cperf_pmd_cyclecount_ctx {
 	struct rte_crypto_op **ops;
 	struct rte_crypto_op **ops_processed;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c
index fa13915dc3..83c93819de 100644
--- a/app/test-crypto-perf/cperf_test_throughput.c
+++ b/app/test-crypto-perf/cperf_test_throughput.c
@@ -20,7 +20,7 @@  struct cperf_throughput_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c
index c1465db243..345abb809f 100644
--- a/app/test-crypto-perf/cperf_test_verify.c
+++ b/app/test-crypto-perf/cperf_test_verify.c
@@ -20,7 +20,7 @@  struct cperf_verify_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
diff --git a/app/test-eventdev/test_perf_common.c b/app/test-eventdev/test_perf_common.c
index cd3c1d7ef1..0f8ea9c5ff 100644
--- a/app/test-eventdev/test_perf_common.c
+++ b/app/test-eventdev/test_perf_common.c
@@ -852,11 +852,11 @@  perf_event_crypto_adapter_setup(struct test_perf *t, struct prod_data *p)
 	return ret;
 }
 
-static struct rte_cryptodev_sym_session *
+static void *
 cryptodev_sym_sess_create(struct prod_data *p, struct test_perf *t)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
 	cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_NULL;
@@ -1007,7 +1007,7 @@  perf_event_dev_port_setup(struct evt_test *test, struct evt_options *opt,
 				m_data.response_info.flow_id = flow_id;
 				if (opt->crypto_op_type ==
 						RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
-					struct rte_cryptodev_sym_session *sess;
+					void *sess;
 
 					sess = cryptodev_sym_sess_create(p, t);
 					if (sess == NULL)
@@ -1466,7 +1466,7 @@  perf_cryptodev_destroy(struct evt_test *test, struct evt_options *opt)
 		return;
 
 	for (port = t->nb_workers; port < perf_nb_event_ports(opt); port++) {
-		struct rte_cryptodev_sym_session *sess;
+		void *sess;
 		struct prod_data *p = &t->prod[port];
 		uint32_t flow_id;
 		uint8_t cdev_id;
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index ae2b102ecb..b7479dae44 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -82,7 +82,7 @@  struct crypto_unittest_params {
 #endif
 
 	union {
-		struct rte_cryptodev_sym_session *sess;
+		void *sess;
 #ifdef RTE_LIB_SECURITY
 		struct rte_security_session *sec_session;
 #endif
@@ -122,7 +122,7 @@  test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 		uint8_t *hmac_key);
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_param,
 		const uint8_t *cipher,
@@ -2289,7 +2289,7 @@  test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 		uint8_t *hmac_key);
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_params,
 		const uint8_t *cipher,
@@ -2330,7 +2330,7 @@  test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_params,
 		const uint8_t *cipher,
@@ -12199,7 +12199,7 @@  test_multi_session(void)
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
 	struct crypto_unittest_params *ut_params = &unittest_params;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session **sessions;
+	void **sessions;
 	uint16_t i;
 
 	/* Verify the capabilities */
@@ -12222,7 +12222,7 @@  test_multi_session(void)
 	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
 	sessions = rte_malloc(NULL,
-			sizeof(struct rte_cryptodev_sym_session *) *
+			sizeof(void *) *
 			(MAX_NB_SESSIONS + 1), 0);
 
 	/* Create multiple crypto sessions*/
@@ -12291,7 +12291,7 @@  test_multi_session_random_usage(void)
 {
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session **sessions;
+	void **sessions;
 	uint32_t i, j;
 	struct multi_session_params ut_paramz[] = {
 
@@ -12334,8 +12334,7 @@  test_multi_session_random_usage(void)
 
 	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
-	sessions = rte_malloc(NULL,
-			(sizeof(struct rte_cryptodev_sym_session *)
+	sessions = rte_malloc(NULL, (sizeof(void *)
 					* MAX_NB_SESSIONS) + 1, 0);
 
 	for (i = 0; i < MB_SESSION_NUMBER; i++) {
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 4fcdd55660..28479812ee 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -80,7 +80,7 @@  test_blockcipher_one_case(const struct blockcipher_test_case *t,
 	struct rte_crypto_sym_op *sym_op = NULL;
 	struct rte_crypto_op *op = NULL;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session *sess = NULL;
+	void *sess = NULL;
 
 	int status = TEST_SUCCESS;
 	const struct blockcipher_test_data *tdata = t->test_data;
diff --git a/app/test/test_event_crypto_adapter.c b/app/test/test_event_crypto_adapter.c
index 0a7f8f8505..a38e389abd 100644
--- a/app/test/test_event_crypto_adapter.c
+++ b/app/test/test_event_crypto_adapter.c
@@ -276,13 +276,13 @@  static int
 test_op_forward_mode(uint8_t session_less)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
 	union rte_event_crypto_metadata m_data;
 	struct rte_crypto_sym_op *sym_op;
 	struct rte_crypto_op *op;
 	struct rte_mbuf *m;
 	struct rte_event ev;
 	uint32_t cap;
+	void *sess;
 	int ret;
 
 	memset(&m_data, 0, sizeof(m_data));
@@ -649,12 +649,12 @@  static int
 test_op_new_mode(uint8_t session_less)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
 	union rte_event_crypto_metadata m_data;
 	struct rte_crypto_sym_op *sym_op;
 	struct rte_crypto_op *op;
 	struct rte_mbuf *m;
 	uint32_t cap;
+	void *sess;
 	int ret;
 
 	memset(&m_data, 0, sizeof(m_data));
diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
index 04d231468b..1fc1ba3de1 100644
--- a/app/test/test_ipsec.c
+++ b/app/test/test_ipsec.c
@@ -645,7 +645,7 @@  static int
 create_crypto_session(struct ipsec_unitest_params *ut,
 	struct rte_cryptodev_qp_conf *qp, uint8_t dev_id, uint32_t j)
 {
-	struct rte_cryptodev_sym_session *s;
+	void *s;
 
 	s = rte_cryptodev_sym_session_create(dev_id, ut->crypto_xforms,
 			qp->mp_session);
diff --git a/app/test/test_ipsec_perf.c b/app/test/test_ipsec_perf.c
index b5d0c2e036..b221b7fc32 100644
--- a/app/test/test_ipsec_perf.c
+++ b/app/test/test_ipsec_perf.c
@@ -227,7 +227,7 @@  static int
 create_sa(enum rte_security_session_action_type action_type,
 	  struct ipsec_sa *sa)
 {
-	static struct rte_cryptodev_sym_session dummy_ses;
+	void *dummy_ses = NULL;
 	size_t sz;
 	int rc;
 
@@ -247,7 +247,7 @@  create_sa(enum rte_security_session_action_type action_type,
 		"failed to allocate memory for rte_ipsec_sa\n");
 
 	sa->ss[0].type = action_type;
-	sa->ss[0].crypto.ses = &dummy_ses;
+	sa->ss[0].crypto.ses = dummy_ses;
 
 	rc = rte_ipsec_sa_init(sa->ss[0].sa, &sa->sa_prm, sz);
 	rc = (rc > 0 && (uint32_t)rc <= sz) ? 0 : -EINVAL;
diff --git a/doc/guides/prog_guide/cryptodev_lib.rst b/doc/guides/prog_guide/cryptodev_lib.rst
index 9e54683aa1..01aad842a9 100644
--- a/doc/guides/prog_guide/cryptodev_lib.rst
+++ b/doc/guides/prog_guide/cryptodev_lib.rst
@@ -125,13 +125,11 @@  Each queue pairs resources may be allocated on a specified socket.
         uint32_t nb_descriptors; /**< Number of descriptors per queue pair */
         struct rte_mempool *mp_session;
         /**< The mempool for creating session in sessionless mode */
-        struct rte_mempool *mp_session_private;
-        /**< The mempool for creating sess private data in sessionless mode */
     };
 
 
-The fields ``mp_session`` and ``mp_session_private`` are used for creating
-temporary session to process the crypto operations in the session-less mode.
+The field ``mp_session`` is used for creating temporary session to process
+the crypto operations in the session-less mode.
 They can be the same other different mempools. Please note not all Cryptodev
 PMDs supports session-less mode.
 
@@ -595,7 +593,7 @@  chain.
         struct rte_mbuf *m_dst;
 
         union {
-            struct rte_cryptodev_sym_session *session;
+            void *session;
             /**< Handle for the initialised session context */
             struct rte_crypto_sym_xform *xform;
             /**< Session-less API Crypto operation parameters */
@@ -943,15 +941,11 @@  using one of the crypto PMDs available in DPDK.
 
     /* Create crypto session and initialize it for the crypto device. */
     struct rte_cryptodev_sym_session *session;
-    session = rte_cryptodev_sym_session_create(session_pool);
+    session = rte_cryptodev_sym_session_create(cdev_id, &cipher_xform,
+                    session_pool);
     if (session == NULL)
         rte_exit(EXIT_FAILURE, "Session could not be created\n");
 
-    if (rte_cryptodev_sym_session_init(cdev_id, session,
-                    &cipher_xform, session_priv_pool) < 0)
-        rte_exit(EXIT_FAILURE, "Session could not be initialized "
-                    "for the crypto device\n");
-
     /* Get a burst of crypto operations. */
     struct rte_crypto_op *crypto_ops[BURST_SIZE];
     if (rte_crypto_op_bulk_alloc(crypto_op_pool,
diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst
index f5efd5389d..cc94014bf3 100644
--- a/doc/guides/rel_notes/deprecation.rst
+++ b/doc/guides/rel_notes/deprecation.rst
@@ -124,11 +124,6 @@  Deprecation Notices
   ``RTE_ETH_EVENT_IPSEC_SA_BYTE_HARD_EXPIRY`` and
   ``RTE_ETH_EVENT_IPSEC_SA_PKT_HARD_EXPIRY`` in DPDK 22.11.
 
-* cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
-  ``rte_cryptodev_asym_session`` to remove unnecessary indirection between
-  session and the private data of session. An opaque pointer can be exposed
-  directly to application which can be attached to the ``rte_crypto_op``.
-
 * cryptodev: The function ``rte_cryptodev_cb_fn`` will be updated
   to have another parameter ``qp_id`` to return the queue pair ID
   which got error interrupt to the application,
diff --git a/doc/guides/rel_notes/release_22_11.rst b/doc/guides/rel_notes/release_22_11.rst
index 62363c3bba..6c33327c2f 100644
--- a/doc/guides/rel_notes/release_22_11.rst
+++ b/doc/guides/rel_notes/release_22_11.rst
@@ -249,6 +249,15 @@  API Changes
 * ethdev: Promoted ``rte_flow_pick_transfer_proxy()``
   from experimental to stable.
 
+* cryptodev: The structure ``rte_cryptodev_sym_session`` was made internal.
+  The API ``rte_cryptodev_sym_session_init`` and ``rte_cryptodev_sym_session_clear``
+  were removed and user would only need to call ``rte_cryptodev_sym_session_create``
+  and ``rte_cryptodev_sym_session_free`` to create/destroy sessions.
+  The API ``rte_cryptodev_sym_session_create`` was updated to take a single mempool
+  with element size big enough to hold session data and session private data.
+  All sample applications were updated to attach an opaque pointer for the session
+  to the ``rte_crypto_op`` while enqueuing.
+
 * security: MACsec support is added which resulted in updates
   to structures ``rte_security_macsec_xform``, ``rte_security_macsec_stats``
   and security capability structure ``rte_security_capability``
diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.c b/drivers/crypto/bcmfs/bcmfs_sym_session.c
index d3334dc920..40813d1fe5 100644
--- a/drivers/crypto/bcmfs/bcmfs_sym_session.c
+++ b/drivers/crypto/bcmfs/bcmfs_sym_session.c
@@ -210,8 +210,7 @@  bcmfs_sym_get_session(struct rte_crypto_op *op)
 		BCMFS_DP_LOG(ERR, "operations op(%p) is sessionless", op);
 	} else if (likely(op->sym->session != NULL)) {
 		/* get existing session */
-		sess = (struct bcmfs_sym_session *)
-			op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	}
 
 	if (sess == NULL)
@@ -233,7 +232,7 @@  bcmfs_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	sess_private_data = (void *)sess->driver_priv_data;
+	sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	ret = crypto_set_session_parameters(sess_private_data, xform);
 
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 59eaecfbd2..e43c56c719 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -1356,8 +1356,7 @@  caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 
 	switch (op->sess_type) {
 	case RTE_CRYPTO_OP_WITH_SESSION:
-		ses = (struct caam_jr_session *)
-			op->sym->session->driver_priv_data;
+		ses = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 		break;
 	case RTE_CRYPTO_OP_SECURITY_SESSION:
 		ses = (struct caam_jr_session *)
@@ -1699,7 +1698,7 @@  caam_jr_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 	int ret;
 
 	PMD_INIT_FUNC_TRACE();
-	sess_private_data = (void *)sess->driver_priv_data;
+	sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
 	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
 	if (ret != 0) {
@@ -1716,12 +1715,11 @@  static void
 caam_jr_sym_session_clear(struct rte_cryptodev *dev __rte_unused,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_priv = (void *)sess->driver_priv_data;
-	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+	struct caam_jr_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	PMD_INIT_FUNC_TRACE();
 
-	if (sess_priv) {
+	if (s) {
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 	}
diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c
index bd999abe61..b21b32e507 100644
--- a/drivers/crypto/ccp/ccp_crypto.c
+++ b/drivers/crypto/ccp/ccp_crypto.c
@@ -1585,7 +1585,7 @@  ccp_perform_hmac(struct rte_crypto_op *op,
 	void *append_ptr;
 	uint8_t *addr;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	addr = session->auth.pre_compute;
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
@@ -1764,7 +1764,7 @@  ccp_perform_sha(struct rte_crypto_op *op,
 	void *append_ptr;
 	uint64_t auth_msg_bits;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
 					      op->sym->auth.data.offset);
@@ -1855,7 +1855,7 @@  ccp_perform_sha3_hmac(struct rte_crypto_op *op,
 	uint32_t tail;
 	phys_addr_t src_addr, dest_addr, ctx_paddr, dest_addr_t;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
 					      op->sym->auth.data.offset);
@@ -1999,7 +1999,7 @@  ccp_perform_sha3(struct rte_crypto_op *op,
 	uint32_t tail;
 	phys_addr_t src_addr, dest_addr, ctx_paddr;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
 					      op->sym->auth.data.offset);
@@ -2071,7 +2071,7 @@  ccp_perform_aes_cmac(struct rte_crypto_op *op,
 	phys_addr_t src_addr, dest_addr, key_addr;
 	int length, non_align_len;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	key_addr = rte_mem_virt2phy(session->auth.key_ccp);
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
@@ -2232,7 +2232,7 @@  ccp_perform_aes(struct rte_crypto_op *op,
 	phys_addr_t src_addr, dest_addr, key_addr;
 	uint8_t *iv;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	function.raw = 0;
 
 	iv = rte_crypto_op_ctod_offset(op, uint8_t *, session->iv.offset);
@@ -2318,7 +2318,7 @@  ccp_perform_3des(struct rte_crypto_op *op,
 	uint8_t *iv;
 	phys_addr_t src_addr, dest_addr, key_addr;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	iv = rte_crypto_op_ctod_offset(op, uint8_t *, session->iv.offset);
 	switch (session->cipher.um.des_mode) {
@@ -2426,7 +2426,7 @@  ccp_perform_aes_gcm(struct rte_crypto_op *op, struct ccp_queue *cmd_q)
 	phys_addr_t digest_dest_addr;
 	int length, non_align_len;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	iv = rte_crypto_op_ctod_offset(op, uint8_t *, session->iv.offset);
 	key_addr = session->cipher.key_phys;
 
@@ -2591,7 +2591,7 @@  ccp_crypto_cipher(struct rte_crypto_op *op,
 	int result = 0;
 	struct ccp_session *session;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	switch (session->cipher.algo) {
 	case CCP_CIPHER_ALGO_AES_CBC:
@@ -2627,7 +2627,7 @@  ccp_crypto_auth(struct rte_crypto_op *op,
 	int result = 0;
 	struct ccp_session *session;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	switch (session->auth.algo) {
 	case CCP_AUTH_ALGO_SHA1:
@@ -2695,7 +2695,7 @@  ccp_crypto_aead(struct rte_crypto_op *op,
 	int result = 0;
 	struct ccp_session *session;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	switch (session->auth.algo) {
 	case CCP_AUTH_ALGO_AES_GCM:
@@ -2758,8 +2758,7 @@  process_ops_to_enqueue(struct ccp_qp *qp,
 	b_info->head_offset = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx *
 					 Q_DESC_SIZE);
 	for (i = b_idx; i < (nb_ops+b_idx); i++) {
-		session = (struct ccp_session *)
-			op[i]->sym->session->driver_priv_data;
+		session = CRYPTODEV_GET_SYM_SESS_PRIV(op[i]->sym->session);
 		switch (session->cmd_id) {
 		case CCP_CMD_CIPHER:
 			result = ccp_crypto_cipher(op[i], cmd_q, b_info);
@@ -2835,7 +2834,7 @@  static inline void ccp_auth_dq_prepare(struct rte_crypto_op *op)
 	int offset, digest_offset;
 	uint8_t digest_le[64];
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	if (session->cmd_id == CCP_CMD_COMBINED) {
 		digest_data = op->sym->aead.digest.data;
@@ -2909,8 +2908,7 @@  ccp_prepare_ops(struct ccp_qp *qp,
 
 	for (i =  b_info->b_idx; i < min_ops; i++) {
 		op_d[i] = b_info->op[b_info->b_idx + b_info->op_idx++];
-		session = (struct ccp_session *)
-			op_d[i]->sym->session->driver_priv_data;
+		session = CRYPTODEV_GET_SYM_SESS_PRIV(op_d[i]->sym->session);
 		switch (session->cmd_id) {
 		case CCP_CMD_CIPHER:
 			op_d[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c
index e401793a76..52f320b02b 100644
--- a/drivers/crypto/ccp/ccp_pmd_ops.c
+++ b/drivers/crypto/ccp/ccp_pmd_ops.c
@@ -767,7 +767,7 @@  ccp_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	sess_private_data = (void *)sess->driver_priv_data;
+	sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	internals = (struct ccp_private *)dev->data->dev_private;
 	ret = ccp_set_session_parameters(sess_private_data, xform, internals);
diff --git a/drivers/crypto/ccp/rte_ccp_pmd.c b/drivers/crypto/ccp/rte_ccp_pmd.c
index 6a0bfff45f..221a0a5235 100644
--- a/drivers/crypto/ccp/rte_ccp_pmd.c
+++ b/drivers/crypto/ccp/rte_ccp_pmd.c
@@ -56,7 +56,7 @@  get_ccp_session(struct ccp_qp *qp, struct rte_crypto_op *op)
 		if (unlikely(op->sym->session == NULL))
 			return NULL;
 
-		sess = (void *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	} else if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
 		struct rte_cryptodev_sym_session *_sess;
 		struct ccp_private *internals;
@@ -152,7 +152,7 @@  ccp_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,
 		if (unlikely(ops[i]->sess_type ==
 			     RTE_CRYPTO_OP_SESSIONLESS)) {
 			struct ccp_session *sess =
-				(void *)ops[i]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(ops[i]->sym->session);
 
 			memset(sess, 0, sizeof(*sess));
 			rte_mempool_put(qp->sess_mp,
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index dee1f299d2..07092d78b7 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -129,7 +129,7 @@  cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 				return 0;
 			w7 = sec_sess->sa.inst.w7;
 		} else if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
-			sess = (void *)sym_op->session->driver_priv_data;
+			sess = CRYPTODEV_GET_SYM_SESS_PRIV(sym_op->session);
 			ret = cpt_sym_inst_fill(qp, op, sess, infl_req,
 						&inst[0]);
 			if (unlikely(ret))
@@ -309,9 +309,7 @@  cn10k_cpt_crypto_adapter_ev_mdata_set(struct rte_cryptodev *dev __rte_unused,
 		} else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct cnxk_se_sess *priv;
 
-			priv = (void *)(
-				((struct rte_cryptodev_sym_session *)sess)->
-				driver_priv_data);
+			priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 			priv->qp = qp;
 			priv->cpt_inst_w2 = w2;
 		} else
@@ -348,7 +346,7 @@  cn10k_ca_meta_info_extract(struct rte_crypto_op *op,
 		} else if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct cnxk_se_sess *priv;
 
-			priv = (void *)op->sym->session->driver_priv_data;
+			priv = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 			*qp = priv->qp;
 			*w2 = priv->cpt_inst_w2;
 		} else {
diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
index a44f111ba6..5c344a6008 100644
--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
@@ -69,7 +69,7 @@  cn9k_cpt_sym_temp_sess_create(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op)
 	if (ret)
 		goto sess_put;
 
-	priv = (void *)sess->driver_priv_data;
+	priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	sym_op->session = sess;
 
@@ -92,7 +92,7 @@  cn9k_cpt_inst_prep(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
 
 		if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			sym_op = op->sym;
-			sess = (void *)sym_op->session->driver_priv_data;
+			sess = CRYPTODEV_GET_SYM_SESS_PRIV(sym_op->session);
 			ret = cpt_sym_inst_fill(qp, op, sess, infl_req, inst);
 			inst->w7.u64 = sess->cpt_inst_w7;
 		} else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
@@ -344,9 +344,7 @@  cn9k_cpt_crypto_adapter_ev_mdata_set(struct rte_cryptodev *dev __rte_unused,
 		} else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct cnxk_se_sess *priv;
 
-			priv = (void *)((
-				(struct rte_cryptodev_sym_session *)sess)->
-				driver_priv_data);
+			priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 			priv->qp = qp;
 			priv->cpt_inst_w2 = w2;
 		} else
@@ -383,7 +381,7 @@  cn9k_ca_meta_info_extract(struct rte_crypto_op *op,
 		} else if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct cnxk_se_sess *priv;
 
-			priv = (void *)op->sym->session->driver_priv_data;
+			priv = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 			*qp = priv->qp;
 			inst->w2.u64 = priv->cpt_inst_w2;
 		} else {
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index 018d7fcee8..a5233a942a 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -624,7 +624,7 @@  sym_session_configure(struct roc_cpt *roc_cpt,
 		      struct rte_cryptodev_sym_session *sess)
 {
 	enum cpt_dp_thread_type thr_type;
-	struct cnxk_se_sess *sess_priv = (void *)sess->driver_priv_data;
+	struct cnxk_se_sess *sess_priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	memset(sess_priv, 0, sizeof(struct cnxk_se_sess));
@@ -693,7 +693,7 @@  cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
 void
 sym_session_clear(struct rte_cryptodev_sym_session *sess)
 {
-	struct cnxk_se_sess *sess_priv = (void *)sess->driver_priv_data;
+	struct cnxk_se_sess *sess_priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	if (sess_priv->roc_se_ctx.auth_key != NULL)
 		plt_free(sess_priv->roc_se_ctx.auth_key);
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
index baa2b69c52..2064120505 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
@@ -5,7 +5,7 @@ 
 #ifndef _CNXK_CRYPTODEV_OPS_H_
 #define _CNXK_CRYPTODEV_OPS_H_
 
-#include <rte_cryptodev.h>
+#include <cryptodev_pmd.h>
 #include <rte_event_crypto_adapter.h>
 
 #include "roc_api.h"
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index fa1cdcf78b..fefaf0fc5f 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1379,7 +1379,7 @@  build_sec_fd(struct rte_crypto_op *op,
 	dpaa2_sec_session *sess;
 
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-		sess = (dpaa2_sec_session *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 #ifdef RTE_LIB_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
@@ -1677,7 +1677,7 @@  dpaa2_sec_dump(struct rte_crypto_op *op)
 	struct rte_crypto_sym_op *sym_op;
 
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-		sess = (dpaa2_sec_session *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 #ifdef RTE_LIBRTE_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
@@ -3756,7 +3756,7 @@  dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_private_data = (void *)sess->driver_priv_data;
+	void *sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	ret = dpaa2_sec_set_session_parameters(xform, sess_private_data);
@@ -3775,10 +3775,9 @@  dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev __rte_unused,
 		struct rte_cryptodev_sym_session *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = (void *)sess->driver_priv_data;
-	dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
+	dpaa2_sec_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
-	if (sess_priv) {
+	if (s) {
 		rte_free(s->ctxt);
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
index fb74be6012..d6ce11ae65 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
@@ -1012,7 +1012,7 @@  dpaa2_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
 				session_ctx.sec_sess);
 	else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-		sess = (void *)session_ctx.crypto_sess->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);
 	else
 		return -ENOTSUP;
 	raw_dp_ctx->dequeue_burst = dpaa2_sec_raw_dequeue_burst;
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 7a4c03a882..00a5474b2b 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -670,7 +670,7 @@  dpaa_sec_dump(struct dpaa_sec_op_ctx *ctx, struct dpaa_sec_qp *qp)
 	struct qm_sg_entry sg[2];
 
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-		sess = (dpaa_sec_session *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 #ifdef RTE_LIBRTE_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
 		sess = (dpaa_sec_session *)
@@ -1924,8 +1924,7 @@  dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 
 			switch (op->sess_type) {
 			case RTE_CRYPTO_OP_WITH_SESSION:
-				ses = (void *)
-					op->sym->session->driver_priv_data;
+				ses = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 				break;
 #ifdef RTE_LIB_SECURITY
 			case RTE_CRYPTO_OP_SECURITY_SESSION:
@@ -2673,7 +2672,7 @@  dpaa_sec_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_private_data = (void *)sess->driver_priv_data;
+	void *sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	PMD_INIT_FUNC_TRACE();
@@ -2714,7 +2713,7 @@  dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
 		struct rte_cryptodev_sym_session *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = (void *)sess->driver_priv_data;
+	void *sess_priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
 
 	free_session_memory(dev, s);
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
index 35f93ceb48..2f71d22a36 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
@@ -1018,7 +1018,7 @@  dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
 				session_ctx.sec_sess);
 	else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)
 		sess = (dpaa_sec_session *)
-			session_ctx.crypto_sess->driver_priv_data;
+			CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);
 	else
 		return -ENOTSUP;
 	raw_dp_ctx->dequeue_burst = dpaa_sec_raw_dequeue_burst;
diff --git a/drivers/crypto/ipsec_mb/ipsec_mb_ops.c b/drivers/crypto/ipsec_mb/ipsec_mb_ops.c
index 90ce5bc965..cedcaa2742 100644
--- a/drivers/crypto/ipsec_mb/ipsec_mb_ops.c
+++ b/drivers/crypto/ipsec_mb/ipsec_mb_ops.c
@@ -329,7 +329,7 @@  ipsec_mb_sym_session_configure(
 	}
 
 	ret = (*pmd_data->session_configure)(mb_mgr,
-			(void *)sess->driver_priv_data, xform);
+			CRYPTODEV_GET_SYM_SESS_PRIV(sess), xform);
 	if (ret != 0) {
 		IPSEC_MB_LOG(ERR, "failed configure session parameters");
 
diff --git a/drivers/crypto/ipsec_mb/ipsec_mb_private.h b/drivers/crypto/ipsec_mb/ipsec_mb_private.h
index e4aea7700c..b56eaf061e 100644
--- a/drivers/crypto/ipsec_mb/ipsec_mb_private.h
+++ b/drivers/crypto/ipsec_mb/ipsec_mb_private.h
@@ -434,7 +434,7 @@  ipsec_mb_get_session_private(struct ipsec_mb_qp *qp, struct rte_crypto_op *op)
 		}
 
 		if (unlikely(pmd_data->session_configure(qp->mb_mgr,
-			(void *)sess->driver_priv_data, sym_op->xform) != 0)) {
+			CRYPTODEV_GET_SYM_SESS_PRIV(sess), sym_op->xform) != 0)) {
 			rte_mempool_put(qp->sess_mp, _sess);
 			goto error_exit;
 		}
@@ -447,7 +447,7 @@  ipsec_mb_get_session_private(struct ipsec_mb_qp *qp, struct rte_crypto_op *op)
 		IPSEC_MB_LOG(ERR, "Unrecognized session type %u", sess_type);
 	}
 
-	return (void *)sess->driver_priv_data;
+	return CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 error_exit:
 	op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
index e4f274b608..8d40bd9169 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
@@ -468,7 +468,7 @@  aesni_gcm_get_session(struct ipsec_mb_qp *qp,
 		}
 
 		if (unlikely(aesni_gcm_session_configure(qp->mb_mgr,
-				(void *)sess->driver_priv_data,
+				CRYPTODEV_GET_SYM_SESS_PRIV(sess),
 				sym_op->xform) != 0)) {
 			rte_mempool_put(qp->sess_mp, sess);
 			sess = NULL;
@@ -479,7 +479,7 @@  aesni_gcm_get_session(struct ipsec_mb_qp *qp,
 	if (unlikely(sess == NULL))
 		op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
 
-	return (void *)sess->driver_priv_data;
+	return CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 }
 
 static uint16_t
@@ -704,7 +704,7 @@  aesni_gcm_process_bulk(struct rte_cryptodev *dev __rte_unused,
 			__rte_unused union rte_crypto_sym_ofs ofs,
 			struct rte_crypto_sym_vec *vec)
 {
-	struct aesni_gcm_session *s = (void *)sess->driver_priv_data;
+	struct aesni_gcm_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct gcm_context_data gdata_ctx;
 	IMB_MGR *mb_mgr;
 
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index f3565b04b5..7d2f3b0e4b 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -1723,7 +1723,7 @@  post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)
 		sess = get_sec_session_private_data(op->sym->sec_session);
 	} else
 #endif
-		sess = (void *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	if (likely(op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)) {
 		switch (job->status) {
@@ -2013,7 +2013,7 @@  aesni_mb_process_bulk(struct rte_cryptodev *dev __rte_unused,
 	void *buf;
 	IMB_JOB *job;
 	IMB_MGR *mb_mgr;
-	struct aesni_mb_session *s = (void *)sess->driver_priv_data;
+	struct aesni_mb_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	uint8_t tmp_dgst[vec->num][DIGEST_LENGTH_MAX];
 
 	/* get per-thread MB MGR, create one if needed */
diff --git a/drivers/crypto/ipsec_mb/pmd_kasumi.c b/drivers/crypto/ipsec_mb/pmd_kasumi.c
index b83e2d6715..5db9c523cd 100644
--- a/drivers/crypto/ipsec_mb/pmd_kasumi.c
+++ b/drivers/crypto/ipsec_mb/pmd_kasumi.c
@@ -282,7 +282,7 @@  process_op_bit(struct rte_crypto_op *op, struct kasumi_session *session,
 
 	/* Free session if a session-less crypto op. */
 	if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
-		memset(op->sym->session->driver_priv_data, 0,
+		memset(CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session), 0,
 			sizeof(struct kasumi_session));
 		rte_mempool_put(qp->sess_mp, (void *)op->sym->session);
 		op->sym->session = NULL;
diff --git a/drivers/crypto/ipsec_mb/pmd_snow3g.c b/drivers/crypto/ipsec_mb/pmd_snow3g.c
index f052d6d847..8ed069f428 100644
--- a/drivers/crypto/ipsec_mb/pmd_snow3g.c
+++ b/drivers/crypto/ipsec_mb/pmd_snow3g.c
@@ -413,7 +413,7 @@  process_op_bit(struct rte_crypto_op *op, struct snow3g_session *session,
 
 	/* Free session if a session-less crypto op. */
 	if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
-		memset(op->sym->session->driver_priv_data, 0,
+		memset(CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session), 0,
 			sizeof(struct snow3g_session));
 		rte_mempool_put(qp->sess_mp, (void *)op->sym->session);
 		op->sym->session = NULL;
diff --git a/drivers/crypto/mlx5/mlx5_crypto.c b/drivers/crypto/mlx5/mlx5_crypto.c
index e5063b515c..498613939c 100644
--- a/drivers/crypto/mlx5/mlx5_crypto.c
+++ b/drivers/crypto/mlx5/mlx5_crypto.c
@@ -175,7 +175,7 @@  mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
 {
 	struct mlx5_crypto_priv *priv = dev->data->dev_private;
 	struct mlx5_crypto_session *sess_private_data =
-		(void *)session->driver_priv_data;
+		CRYPTODEV_GET_SYM_SESS_PRIV(session);
 	struct rte_crypto_cipher_xform *cipher;
 	uint8_t encryption_order;
 
@@ -239,7 +239,7 @@  mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev,
 			      struct rte_cryptodev_sym_session *sess)
 {
 	struct mlx5_crypto_priv *priv = dev->data->dev_private;
-	struct mlx5_crypto_session *spriv = (void *)sess->driver_priv_data;
+	struct mlx5_crypto_session *spriv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	if (unlikely(spriv == NULL)) {
 		DRV_LOG(ERR, "Failed to get session %p private data.", spriv);
@@ -355,8 +355,7 @@  mlx5_crypto_wqe_set(struct mlx5_crypto_priv *priv,
 			 struct rte_crypto_op *op,
 			 struct mlx5_umr_wqe *umr)
 {
-	struct mlx5_crypto_session *sess =
-		(void *)op->sym->session->driver_priv_data;
+	struct mlx5_crypto_session *sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	struct mlx5_wqe_cseg *cseg = &umr->ctr;
 	struct mlx5_wqe_mkey_cseg *mkc = &umr->mkc;
 	struct mlx5_wqe_dseg *klms = &umr->kseg[0];
diff --git a/drivers/crypto/nitrox/nitrox_sym.c b/drivers/crypto/nitrox/nitrox_sym.c
index 505024a810..dd8457aaa4 100644
--- a/drivers/crypto/nitrox/nitrox_sym.c
+++ b/drivers/crypto/nitrox/nitrox_sym.c
@@ -534,7 +534,7 @@  nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev __rte_unused,
 			      struct rte_crypto_sym_xform *xform,
 			      struct rte_cryptodev_sym_session *sess)
 {
-	struct nitrox_crypto_ctx *ctx = (void *)sess->driver_priv_data;
+	struct nitrox_crypto_ctx *ctx = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	struct rte_crypto_auth_xform *auth_xform = NULL;
 	struct rte_crypto_aead_xform *aead_xform = NULL;
@@ -577,7 +577,7 @@  nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev __rte_unused,
 		goto err;
 	}
 
-	ctx->iova = sess->driver_priv_data_iova;
+	ctx->iova = CRYPTODEV_GET_SYM_SESS_PRIV_IOVA(sess);
 	return 0;
 err:
 	return ret;
@@ -593,7 +593,7 @@  get_crypto_ctx(struct rte_crypto_op *op)
 {
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 		if (likely(op->sym->session))
-			return (void *)op->sym->session->driver_priv_data;
+			return CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	}
 
 	return NULL;
diff --git a/drivers/crypto/null/null_crypto_pmd.c b/drivers/crypto/null/null_crypto_pmd.c
index 695eeaa1e8..8458306556 100644
--- a/drivers/crypto/null/null_crypto_pmd.c
+++ b/drivers/crypto/null/null_crypto_pmd.c
@@ -77,8 +77,7 @@  get_session(struct null_crypto_qp *qp, struct rte_crypto_op *op)
 
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 		if (likely(sym_op->session != NULL))
-			sess = (struct null_crypto_session *)
-				sym_op->session->driver_priv_data;
+			sess = CRYPTODEV_GET_SYM_SESS_PRIV(sym_op->session);
 	} else {
 		struct rte_cryptodev_sym_session *_sess = NULL;
 
diff --git a/drivers/crypto/null/null_crypto_pmd_ops.c b/drivers/crypto/null/null_crypto_pmd_ops.c
index fb43d3f7b5..f07e9c2ea0 100644
--- a/drivers/crypto/null/null_crypto_pmd_ops.c
+++ b/drivers/crypto/null/null_crypto_pmd_ops.c
@@ -265,7 +265,7 @@  null_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	sess_private_data = (void *)sess->driver_priv_data;
+	sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	ret = null_crypto_set_session_parameters(sess_private_data, xform);
 	if (ret != 0) {
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index 71856d5e86..947e1be385 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -248,7 +248,7 @@  sym_session_configure(struct rte_crypto_sym_xform *xform,
 	struct rte_crypto_sym_xform *temp_xform = xform;
 	struct cpt_sess_misc *misc;
 	vq_cmd_word3_t vq_cmd_w3;
-	void *priv = (void *)sess->driver_priv_data;
+	void *priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	ret = sym_xform_verify(xform);
@@ -294,7 +294,7 @@  sym_session_configure(struct rte_crypto_sym_xform *xform,
 		goto priv_put;
 	}
 
-	misc->ctx_dma_addr = sess->driver_priv_data_iova +
+	misc->ctx_dma_addr = CRYPTODEV_GET_SYM_SESS_PRIV_IOVA(sess) +
 			     sizeof(struct cpt_sess_misc);
 
 	vq_cmd_w3.u64 = 0;
@@ -313,7 +313,7 @@  sym_session_configure(struct rte_crypto_sym_xform *xform,
 static void
 sym_session_clear(struct rte_cryptodev_sym_session *sess)
 {
-	void *priv = (void *)sess->driver_priv_data;
+	void *priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct cpt_sess_misc *misc;
 	struct cpt_ctx *ctx;
 
@@ -507,7 +507,7 @@  otx_cpt_enq_single_sym(struct cpt_instance *instance,
 	void *req;
 	uint64_t cpt_op;
 
-	sess = (struct cpt_sess_misc *)sym_op->session->driver_priv_data;
+	sess = CRYPTODEV_GET_SYM_SESS_PRIV(sym_op->session);
 	cpt_op = sess->cpt_op;
 
 	if (likely(cpt_op & CPT_OP_CIPHER_MASK))
@@ -844,7 +844,7 @@  static inline void
 free_sym_session_data(const struct cpt_instance *instance,
 		      struct rte_crypto_op *cop)
 {
-	void *sess_private_data_t = (void *)cop->sym->session->driver_priv_data;
+	void *sess_private_data_t = CRYPTODEV_GET_SYM_SESS_PRIV(cop->sym->session);
 
 	memset(sess_private_data_t, 0, cpt_get_session_size());
 	rte_mempool_put(instance->sess_mp, cop->sym->session);
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index ff5e349ce8..05449b6e98 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -887,8 +887,8 @@  get_session(struct openssl_qp *qp, struct rte_crypto_op *op)
 		if (op->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
 			/* get existing session */
 			if (likely(op->sym->session != NULL))
-				sess = (void *)
-					op->sym->session->driver_priv_data;
+				sess = CRYPTODEV_GET_SYM_SESS_PRIV(
+					op->sym->session);
 		} else {
 			if (likely(op->asym->session != NULL))
 				asym_sess = (struct openssl_asym_session *)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 2a3662ee5a..defed4429e 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -795,7 +795,7 @@  openssl_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_private_data = (void *)sess->driver_priv_data;
+	void *sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -1319,7 +1319,7 @@  static void
 openssl_pmd_sym_session_clear(struct rte_cryptodev *dev __rte_unused,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_priv = (void *)sess->driver_priv_data;
+	void *sess_priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	/* Zero out the whole structure */
 	openssl_reset_session(sess_priv);
diff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c
index 2c58a0ec75..876522a605 100644
--- a/drivers/crypto/qat/qat_sym.c
+++ b/drivers/crypto/qat/qat_sym.c
@@ -67,7 +67,7 @@  qat_sym_build_request(void *in_op, uint8_t *out_msg,
 		return -EINVAL;
 
 	if (likely(op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)) {
-		ctx = (void *)op->sym->session->driver_priv_data;
+		ctx = (void *)CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 		if (sess != (uintptr_t)ctx) {
 			struct rte_cryptodev *cdev;
 			struct qat_cryptodev_private *internals;
@@ -386,7 +386,7 @@  qat_sym_configure_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
 	if (sess_type != RTE_CRYPTO_OP_WITH_SESSION)
 		return -EINVAL;
 
-	ctx = (void *)session_ctx.crypto_sess->driver_priv_data;
+	ctx = CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);
 
 	dp_ctx->session = ctx;
 
diff --git a/drivers/crypto/qat/qat_sym.h b/drivers/crypto/qat/qat_sym.h
index 2853ac5b88..653df0bf69 100644
--- a/drivers/crypto/qat/qat_sym.h
+++ b/drivers/crypto/qat/qat_sym.h
@@ -316,8 +316,7 @@  qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie,
 	} else
 #endif
 	{
-		sess = (struct qat_sym_session *)
-			rx_op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(rx_op->sym->session);
 		is_docsis_sec = 0;
 	}
 
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index da50bcbef1..e3ed1af5e6 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -229,7 +229,7 @@  void
 qat_sym_session_clear(struct rte_cryptodev *dev __rte_unused,
 		struct rte_cryptodev_sym_session *sess)
 {
-	struct qat_sym_session *s = (void *)sess->driver_priv_data;
+	struct qat_sym_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	if (s->bpi_ctx)
 		bpi_cipher_ctx_free(s->bpi_ctx);
@@ -524,8 +524,8 @@  qat_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 #endif
 	ret = qat_sym_session_set_parameters(dev, xform,
-			(void *)sess->driver_priv_data,
-			sess->driver_priv_data_iova);
+			CRYPTODEV_GET_SYM_SESS_PRIV(sess),
+			CRYPTODEV_GET_SYM_SESS_PRIV_IOVA(sess));
 	if (ret != 0) {
 		QAT_LOG(ERR,
 		    "Crypto QAT PMD: failed to configure session parameters");
diff --git a/drivers/crypto/scheduler/scheduler_pkt_size_distr.c b/drivers/crypto/scheduler/scheduler_pkt_size_distr.c
index 9204f6f608..396cc3723d 100644
--- a/drivers/crypto/scheduler/scheduler_pkt_size_distr.c
+++ b/drivers/crypto/scheduler/scheduler_pkt_size_distr.c
@@ -76,13 +76,10 @@  schedule_enqueue(void *qp, struct rte_crypto_op **ops, uint16_t nb_ops)
 		rte_prefetch0((uint8_t *)ops[i + 7]->sym->session +
 			sizeof(struct rte_cryptodev_sym_session));
 
-		sess_ctx[0] = (void *)ops[i]->sym->session->driver_priv_data;
-		sess_ctx[1] =
-			(void *)ops[i + 1]->sym->session->driver_priv_data;
-		sess_ctx[2] =
-			(void *)ops[i + 2]->sym->session->driver_priv_data;
-		sess_ctx[3] =
-			(void *)ops[i + 3]->sym->session->driver_priv_data;
+		sess_ctx[0] = CRYPTODEV_GET_SYM_SESS_PRIV(ops[i]->sym->session);
+		sess_ctx[1] = CRYPTODEV_GET_SYM_SESS_PRIV(ops[i + 1]->sym->session);
+		sess_ctx[2] = CRYPTODEV_GET_SYM_SESS_PRIV(ops[i + 2]->sym->session);
+		sess_ctx[3] = CRYPTODEV_GET_SYM_SESS_PRIV(ops[i + 3]->sym->session);
 
 		/* job_len is initialized as cipher data length, once
 		 * it is 0, equals to auth data length
@@ -166,7 +163,7 @@  schedule_enqueue(void *qp, struct rte_crypto_op **ops, uint16_t nb_ops)
 
 	for (; i < nb_ops; i++) {
 		struct scheduler_session_ctx *sess_ctx =
-			(void *)ops[i]->sym->session->driver_priv_data;
+			CRYPTODEV_GET_SYM_SESS_PRIV(ops[i]->sym->session);
 		uint32_t job_len;
 		uint8_t target;
 
diff --git a/drivers/crypto/scheduler/scheduler_pmd_ops.c b/drivers/crypto/scheduler/scheduler_pmd_ops.c
index c0da39f934..f84b05505e 100644
--- a/drivers/crypto/scheduler/scheduler_pmd_ops.c
+++ b/drivers/crypto/scheduler/scheduler_pmd_ops.c
@@ -483,7 +483,7 @@  scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
 {
 	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
 	struct rte_mempool *mp = rte_mempool_from_obj(sess);
-	struct scheduler_session_ctx *sess_ctx = (void *)sess->driver_priv_data;
+	struct scheduler_session_ctx *sess_ctx = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct scheduler_configured_sess_info configured_sess[
 			RTE_CRYPTODEV_SCHEDULER_MAX_NB_WORKERS] = { 0 };
 	uint32_t i, j, n_configured_sess = 0;
@@ -545,7 +545,7 @@  scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev,
 		struct rte_cryptodev_sym_session *sess)
 {
 	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
-	struct scheduler_session_ctx *sess_ctx = (void *)sess->driver_priv_data;
+	struct scheduler_session_ctx *sess_ctx = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct scheduler_configured_sess_info deleted_sess[
 			RTE_CRYPTODEV_SCHEDULER_MAX_NB_WORKERS] = { 0 };
 	uint32_t i, j, n_deleted_sess = 0;
diff --git a/drivers/crypto/scheduler/scheduler_pmd_private.h b/drivers/crypto/scheduler/scheduler_pmd_private.h
index 0e508727a4..41be928dc3 100644
--- a/drivers/crypto/scheduler/scheduler_pmd_private.h
+++ b/drivers/crypto/scheduler/scheduler_pmd_private.h
@@ -131,28 +131,28 @@  scheduler_set_worker_session(struct rte_crypto_op **ops, uint16_t nb_ops,
 
 		if (op[0]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[0]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[0]->sym->session);
 			op[0]->sym->session =
 				sess_ctx->worker_sess[worker_index];
 		}
 
 		if (op[1]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[1]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[1]->sym->session);
 			op[1]->sym->session =
 				sess_ctx->worker_sess[worker_index];
 		}
 
 		if (op[2]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[2]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[2]->sym->session);
 			op[2]->sym->session =
 				sess_ctx->worker_sess[worker_index];
 		}
 
 		if (op[3]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[3]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[3]->sym->session);
 			op[3]->sym->session =
 				sess_ctx->worker_sess[worker_index];
 		}
@@ -164,7 +164,7 @@  scheduler_set_worker_session(struct rte_crypto_op **ops, uint16_t nb_ops,
 	while (n--) {
 		if (op[0]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[0]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[0]->sym->session);
 
 			op[0]->sym->session =
 				sess_ctx->worker_sess[worker_index];
@@ -195,17 +195,17 @@  scheduler_retrieve_session(struct rte_crypto_op **ops, uint16_t nb_ops)
 		}
 
 		if (op[0]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[0]->sym->session =
-				(void *)op[0]->sym->session->opaque_data;
+			op[0]->sym->session = (void *)
+				rte_cryptodev_sym_session_opaque_data_get(op[0]->sym->session);
 		if (op[1]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[1]->sym->session =
-				(void *)op[1]->sym->session->opaque_data;
+			op[1]->sym->session = (void *)
+				rte_cryptodev_sym_session_opaque_data_get(op[1]->sym->session);
 		if (op[2]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[2]->sym->session =
-				(void *)op[2]->sym->session->opaque_data;
+			op[2]->sym->session = (void *)
+				rte_cryptodev_sym_session_opaque_data_get(op[2]->sym->session);
 		if (op[3]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[3]->sym->session =
-				(void *)op[3]->sym->session->opaque_data;
+			op[3]->sym->session = (void *)
+				rte_cryptodev_sym_session_opaque_data_get(op[3]->sym->session);
 
 		op += 4;
 		n -= 4;
@@ -213,8 +213,8 @@  scheduler_retrieve_session(struct rte_crypto_op **ops, uint16_t nb_ops)
 
 	while (n--) {
 		if (op[0]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[0]->sym->session =
-				(void *)op[0]->sym->session->opaque_data;
+			op[0]->sym->session = (void *)
+				rte_cryptodev_sym_session_opaque_data_get(op[0]->sym->session);
 		op++;
 	}
 }
diff --git a/drivers/crypto/virtio/virtio_cryptodev.c b/drivers/crypto/virtio/virtio_cryptodev.c
index d3b799b28d..4854820ba6 100644
--- a/drivers/crypto/virtio/virtio_cryptodev.c
+++ b/drivers/crypto/virtio/virtio_cryptodev.c
@@ -951,7 +951,7 @@  virtio_crypto_sym_clear_session(
 
 	hw = dev->data->dev_private;
 	vq = hw->cvq;
-	session = (struct virtio_crypto_session *)sess->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	VIRTIO_CRYPTO_SESSION_LOG_INFO("vq->vq_desc_head_idx = %d, "
 			"vq = %p", vq->vq_desc_head_idx, vq);
@@ -1318,7 +1318,7 @@  virtio_crypto_sym_configure_session(
 		VIRTIO_CRYPTO_SESSION_LOG_ERR("Invalid parameters");
 		return ret;
 	}
-	session = (struct virtio_crypto_session *)sess->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	memset(session, 0, sizeof(struct virtio_crypto_session));
 	ctrl_req = &session->ctrl;
 	ctrl_req->header.opcode = VIRTIO_CRYPTO_CIPHER_CREATE_SESSION;
diff --git a/drivers/crypto/virtio/virtio_rxtx.c b/drivers/crypto/virtio/virtio_rxtx.c
index b7f492a7f2..48b5f4ebbb 100644
--- a/drivers/crypto/virtio/virtio_rxtx.c
+++ b/drivers/crypto/virtio/virtio_rxtx.c
@@ -207,7 +207,7 @@  virtqueue_crypto_sym_enqueue_xmit(
 			offsetof(struct virtio_crypto_op_cookie, iv);
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct virtio_crypto_session *session =
-		(void *)cop->sym->session->driver_priv_data;
+		CRYPTODEV_GET_SYM_SESS_PRIV(cop->sym->session);
 	struct virtio_crypto_op_data_req *op_data_req;
 	uint32_t hash_result_len = 0;
 	struct virtio_crypto_op_cookie *crypto_op_cookie;
diff --git a/examples/fips_validation/fips_dev_self_test.c b/examples/fips_validation/fips_dev_self_test.c
index bce903e007..b17f664a5e 100644
--- a/examples/fips_validation/fips_dev_self_test.c
+++ b/examples/fips_validation/fips_dev_self_test.c
@@ -980,7 +980,7 @@  typedef int (*fips_dev_self_test_prepare_xform_t)(uint8_t,
 		uint32_t);
 
 typedef int (*fips_dev_self_test_prepare_op_t)(struct rte_crypto_op *,
-		struct rte_mbuf *, struct rte_cryptodev_sym_session *,
+		struct rte_mbuf *, void *,
 		uint32_t, struct fips_dev_self_test_vector *);
 
 typedef int (*fips_dev_self_test_check_result_t)(struct rte_crypto_op *,
@@ -1172,7 +1172,7 @@  prepare_aead_xform(uint8_t dev_id,
 static int
 prepare_cipher_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1211,7 +1211,7 @@  prepare_cipher_op(struct rte_crypto_op *op,
 static int
 prepare_auth_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1250,7 +1250,7 @@  prepare_auth_op(struct rte_crypto_op *op,
 static int
 prepare_aead_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1462,7 +1462,7 @@  run_single_test(uint8_t dev_id,
 		uint32_t negative_test)
 {
 	struct rte_crypto_sym_xform xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	uint16_t n_deqd;
 	uint8_t key[256];
 	int ret;
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e73e6b09c3..f8063b6599 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -60,7 +60,7 @@  struct cryptodev_fips_validate_env {
 	uint8_t *digest;
 	uint16_t digest_len;
 	struct rte_crypto_op *op;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	uint16_t self_test;
 	struct fips_dev_broken_test_config *broken_test_config;
 } env;
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index b555e63ff6..c08eea2ce2 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -188,7 +188,7 @@  struct l2fwd_crypto_params {
 	struct l2fwd_iv auth_iv;
 	struct l2fwd_iv aead_iv;
 	struct l2fwd_key aad;
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 
 	uint8_t do_cipher;
 	uint8_t do_hash;
@@ -670,7 +670,7 @@  generate_random_key(uint8_t *key, unsigned length)
 }
 
 /* Session is created and is later attached to the crypto operation. 8< */
-static struct rte_cryptodev_sym_session *
+static void *
 initialize_crypto_session(struct l2fwd_crypto_options *options, uint8_t cdev_id)
 {
 	struct rte_crypto_sym_xform *first_xform;
@@ -719,7 +719,7 @@  l2fwd_main_loop(struct l2fwd_crypto_options *options)
 			US_PER_S * BURST_TX_DRAIN_US;
 	struct l2fwd_crypto_params *cparams;
 	struct l2fwd_crypto_params port_cparams[qconf->nb_crypto_devs];
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 
 	if (qconf->nb_rx_ports == 0) {
 		RTE_LOG(INFO, L2FWD, "lcore %u has nothing to do\n", lcore_id);
diff --git a/lib/cryptodev/cryptodev_pmd.h b/lib/cryptodev/cryptodev_pmd.h
index 8aa4fe4648..f27b3249ea 100644
--- a/lib/cryptodev/cryptodev_pmd.h
+++ b/lib/cryptodev/cryptodev_pmd.h
@@ -133,6 +133,38 @@  struct cryptodev_driver {
 	uint8_t id;
 };
 
+/** Cryptodev symmetric crypto session
+ * Each session is derived from a fixed xform chain. Therefore each session
+ * has a fixed algo, key, op-type, digest_len etc.
+ */
+struct rte_cryptodev_sym_session {
+	RTE_MARKER cacheline0;
+	uint64_t opaque_data;
+	/**< Can be used for external metadata */
+	uint32_t sess_data_sz;
+	/**< Pointer to the user data stored after sess data */
+	uint16_t user_data_sz;
+	/**< Session user data will be placed after sess data */
+	uint8_t driver_id;
+	/**< Driver id to get the session priv */
+	rte_iova_t driver_priv_data_iova;
+	/**< Session driver data IOVA address */
+
+	RTE_MARKER cacheline1 __rte_cache_min_aligned;
+	/**< Second cache line - start of the driver session data */
+	uint8_t driver_priv_data[0];
+	/**< Driver specific session data, variable size */
+};
+
+/**
+ * Helper macro to get driver private data
+ */
+#define CRYPTODEV_GET_SYM_SESS_PRIV(s) \
+	((void *)(((struct rte_cryptodev_sym_session *)s)->driver_priv_data))
+#define CRYPTODEV_GET_SYM_SESS_PRIV_IOVA(s) \
+	(((struct rte_cryptodev_sym_session *)s)->driver_priv_data_iova)
+
+
 /**
  * Get the rte_cryptodev structure device pointer for the device. Assumes a
  * valid device index.
diff --git a/lib/cryptodev/cryptodev_trace_points.c b/lib/cryptodev/cryptodev_trace_points.c
index 727114aa45..63a81511a9 100644
--- a/lib/cryptodev/cryptodev_trace_points.c
+++ b/lib/cryptodev/cryptodev_trace_points.c
@@ -135,9 +135,6 @@  RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_asym_xform_capability_check_optype,
 RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_sym_cpu_crypto_process,
 	lib.cryptodev.sym.cpu.crypto.process)
 
-RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_sym_get_existing_header_session_size,
-	lib.cryptodev.sym.get.existing.header.session.size)
-
 RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_sym_session_get_user_data,
 	lib.cryptodev.sym.session.get.user.data)
 
diff --git a/lib/cryptodev/rte_crypto.h b/lib/cryptodev/rte_crypto.h
index 6dfca2c169..f9644d29ec 100644
--- a/lib/cryptodev/rte_crypto.h
+++ b/lib/cryptodev/rte_crypto.h
@@ -430,8 +430,7 @@  rte_crypto_op_sym_xforms_alloc(struct rte_crypto_op *op, uint8_t nb_xforms)
  * @param	sess	cryptodev session
  */
 static inline int
-rte_crypto_op_attach_sym_session(struct rte_crypto_op *op,
-		struct rte_cryptodev_sym_session *sess)
+rte_crypto_op_attach_sym_session(struct rte_crypto_op *op, void *sess)
 {
 	if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))
 		return -1;
diff --git a/lib/cryptodev/rte_crypto_sym.h b/lib/cryptodev/rte_crypto_sym.h
index 5b3c210837..7781a013c9 100644
--- a/lib/cryptodev/rte_crypto_sym.h
+++ b/lib/cryptodev/rte_crypto_sym.h
@@ -589,8 +589,6 @@  struct rte_crypto_sym_xform {
 	};
 };
 
-struct rte_cryptodev_sym_session;
-
 /**
  * Symmetric Cryptographic Operation.
  *
@@ -627,7 +625,7 @@  struct rte_crypto_sym_op {
 
 	RTE_STD_C11
 	union {
-		struct rte_cryptodev_sym_session *session;
+		void *session;
 		/**< Handle for the initialised session context */
 		struct rte_crypto_sym_xform *xform;
 		/**< Session-less API crypto operation parameters */
@@ -932,8 +930,7 @@  __rte_crypto_sym_op_sym_xforms_alloc(struct rte_crypto_sym_op *sym_op,
  * @param	sess	cryptodev session
  */
 static inline int
-__rte_crypto_sym_op_attach_sym_session(struct rte_crypto_sym_op *sym_op,
-		struct rte_cryptodev_sym_session *sess)
+__rte_crypto_sym_op_attach_sym_session(struct rte_crypto_sym_op *sym_op, void *sess)
 {
 	sym_op->session = sess;
 
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index 6acd5f4d91..2165a0688c 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -2095,11 +2095,11 @@  rte_cryptodev_asym_session_create(uint8_t dev_id,
 }
 
 int
-rte_cryptodev_sym_session_free(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess)
+rte_cryptodev_sym_session_free(uint8_t dev_id, void *_sess)
 {
 	struct rte_cryptodev *dev;
 	struct rte_mempool *sess_mp;
+	struct rte_cryptodev_sym_session *sess = _sess;
 	struct rte_cryptodev_sym_session_pool_private_data *pool_priv;
 
 	if (sess == NULL)
@@ -2222,10 +2222,11 @@  rte_cryptodev_asym_get_private_session_size(uint8_t dev_id)
 }
 
 int
-rte_cryptodev_sym_session_set_user_data(
-		struct rte_cryptodev_sym_session *sess, void *data,
+rte_cryptodev_sym_session_set_user_data(void *_sess, void *data,
 		uint16_t size)
 {
+	struct rte_cryptodev_sym_session *sess = _sess;
+
 	if (sess == NULL)
 		return -EINVAL;
 
@@ -2240,8 +2241,9 @@  rte_cryptodev_sym_session_set_user_data(
 }
 
 void *
-rte_cryptodev_sym_session_get_user_data(struct rte_cryptodev_sym_session *sess)
+rte_cryptodev_sym_session_get_user_data(void *_sess)
 {
+	struct rte_cryptodev_sym_session *sess = _sess;
 	void *data = NULL;
 
 	if (sess == NULL || sess->user_data_sz == 0)
@@ -2299,10 +2301,11 @@  sym_crypto_fill_status(struct rte_crypto_sym_vec *vec, int32_t errnum)
 
 uint32_t
 rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+	void *_sess, union rte_crypto_sym_ofs ofs,
 	struct rte_crypto_sym_vec *vec)
 {
 	struct rte_cryptodev *dev;
+	struct rte_cryptodev_sym_session *sess = _sess;
 
 	if (!rte_cryptodev_is_valid_dev(dev_id)) {
 		sym_crypto_fill_status(vec, EINVAL);
diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
index 0c65958f25..8b6a7a5c1d 100644
--- a/lib/cryptodev/rte_cryptodev.h
+++ b/lib/cryptodev/rte_cryptodev.h
@@ -902,28 +902,6 @@  struct rte_cryptodev_cb_rcu {
 void *
 rte_cryptodev_get_sec_ctx(uint8_t dev_id);
 
-/** Cryptodev symmetric crypto session
- * Each session is derived from a fixed xform chain. Therefore each session
- * has a fixed algo, key, op-type, digest_len etc.
- */
-struct rte_cryptodev_sym_session {
-	RTE_MARKER cacheline0;
-	uint8_t driver_id;
-	uint64_t opaque_data;
-	/**< Can be used for external metadata */
-	uint32_t sess_data_sz;
-	/**< Pointer to the user data stored after sess data */
-	uint16_t user_data_sz;
-	/**< session user data will be placed after sess data */
-	rte_iova_t driver_priv_data_iova;
-	/**< session driver data IOVA address */
-
-	RTE_MARKER cacheline1 __rte_cache_min_aligned;
-	/**< second cache line - start of the driver session data */
-	uint8_t driver_priv_data[0];
-	/**< Driver specific session data, variable size */
-};
-
 /**
  * Create a symmetric session mempool.
  *
@@ -1036,7 +1014,7 @@  rte_cryptodev_asym_session_create(uint8_t dev_id,
  */
 int
 rte_cryptodev_sym_session_free(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess);
+	void *sess);
 
 /**
  * Clears and frees asymmetric crypto session header and private data,
@@ -1136,11 +1114,31 @@  const char *rte_cryptodev_driver_name_get(uint8_t driver_id);
  */
 __rte_experimental
 int
-rte_cryptodev_sym_session_set_user_data(
-					struct rte_cryptodev_sym_session *sess,
+rte_cryptodev_sym_session_set_user_data(void *sess,
 					void *data,
 					uint16_t size);
 
+#define CRYPTO_SESS_OPAQUE_DATA_OFF 0
+/**
+ * Get opaque data from session handle
+ */
+static inline uint64_t
+rte_cryptodev_sym_session_opaque_data_get(void *sess)
+{
+	return *((uint64_t *)sess + CRYPTO_SESS_OPAQUE_DATA_OFF);
+}
+
+/**
+ * Set opaque data in session handle
+ */
+static inline void
+rte_cryptodev_sym_session_opaque_data_set(void *sess, uint64_t opaque)
+{
+	uint64_t *data;
+	data = (((uint64_t *)sess) + CRYPTO_SESS_OPAQUE_DATA_OFF);
+	*data = opaque;
+}
+
 /**
  * Get user data stored in a session.
  *
@@ -1153,8 +1151,7 @@  rte_cryptodev_sym_session_set_user_data(
  */
 __rte_experimental
 void *
-rte_cryptodev_sym_session_get_user_data(
-					struct rte_cryptodev_sym_session *sess);
+rte_cryptodev_sym_session_get_user_data(void *sess);
 
 /**
  * Store user data in an asymmetric session.
@@ -1202,7 +1199,7 @@  rte_cryptodev_asym_session_get_user_data(void *sess);
 __rte_experimental
 uint32_t
 rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+	void *sess, union rte_crypto_sym_ofs ofs,
 	struct rte_crypto_sym_vec *vec);
 
 /**
@@ -1244,8 +1241,7 @@  rte_cryptodev_session_event_mdata_set(uint8_t dev_id, void *sess,
  * Union of different crypto session types, including session-less xform
  * pointer.
  */
-union rte_cryptodev_session_ctx {
-	struct rte_cryptodev_sym_session *crypto_sess;
+union rte_cryptodev_session_ctx {void *crypto_sess;
 	struct rte_crypto_sym_xform *xform;
 	struct rte_security_session *sec_sess;
 };
diff --git a/lib/cryptodev/rte_cryptodev_trace.h b/lib/cryptodev/rte_cryptodev_trace.h
index 6ade0b72c4..6c214ce6ea 100644
--- a/lib/cryptodev/rte_cryptodev_trace.h
+++ b/lib/cryptodev/rte_cryptodev_trace.h
@@ -73,14 +73,10 @@  RTE_TRACE_POINT(
 
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_create,
-	RTE_TRACE_POINT_ARGS(uint8_t dev_id,
-		struct rte_cryptodev_sym_session *sess, void *xforms,
+	RTE_TRACE_POINT_ARGS(uint8_t dev_id, void *sess, void *xforms,
 		void *mempool),
 	rte_trace_point_emit_u8(dev_id);
 	rte_trace_point_emit_ptr(sess);
-	rte_trace_point_emit_u64(sess->opaque_data);
-	rte_trace_point_emit_u8(sess->driver_id);
-	rte_trace_point_emit_u16(sess->user_data_sz);
 	rte_trace_point_emit_ptr(xforms);
 	rte_trace_point_emit_ptr(mempool);
 )
@@ -108,7 +104,7 @@  RTE_TRACE_POINT(
 
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_free,
-	RTE_TRACE_POINT_ARGS(uint8_t dev_id, struct rte_cryptodev_sym_session *sess),
+	RTE_TRACE_POINT_ARGS(uint8_t dev_id, void *sess),
 	rte_trace_point_emit_u8(dev_id);
 	rte_trace_point_emit_ptr(sess);
 )
@@ -370,12 +366,6 @@  RTE_TRACE_POINT(
 	rte_trace_point_emit_ptr(sess);
 )
 
-RTE_TRACE_POINT(
-	rte_cryptodev_trace_sym_get_existing_header_session_size,
-	RTE_TRACE_POINT_ARGS(struct rte_cryptodev_sym_session *sess),
-	rte_trace_point_emit_ptr(sess);
-)
-
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_get_user_data,
 	RTE_TRACE_POINT_ARGS(const void *sess, const void *data),
diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map
index d9ccb10197..00c99fb45c 100644
--- a/lib/cryptodev/version.map
+++ b/lib/cryptodev/version.map
@@ -146,7 +146,6 @@  EXPERIMENTAL {
 	__rte_cryptodev_trace_sym_capability_check_cipher;
 	__rte_cryptodev_trace_sym_capability_get;
 	__rte_cryptodev_trace_sym_cpu_crypto_process;
-	__rte_cryptodev_trace_sym_get_existing_header_session_size;
 	__rte_cryptodev_trace_sym_get_private_session_size;
 	__rte_cryptodev_trace_sym_session_get_user_data;
 	__rte_cryptodev_trace_sym_session_set_user_data;
diff --git a/lib/ipsec/rte_ipsec_group.h b/lib/ipsec/rte_ipsec_group.h
index 62c2bd7217..a4e0e128f8 100644
--- a/lib/ipsec/rte_ipsec_group.h
+++ b/lib/ipsec/rte_ipsec_group.h
@@ -45,14 +45,15 @@  static inline struct rte_ipsec_session *
 rte_ipsec_ses_from_crypto(const struct rte_crypto_op *cop)
 {
 	const struct rte_security_session *ss;
-	const struct rte_cryptodev_sym_session *cs;
+	void *cs;
 
 	if (cop->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
 		ss = cop->sym[0].sec_session;
 		return (struct rte_ipsec_session *)(uintptr_t)ss->opaque_data;
 	} else if (cop->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 		cs = cop->sym[0].session;
-		return (struct rte_ipsec_session *)(uintptr_t)cs->opaque_data;
+		return (struct rte_ipsec_session *)(uintptr_t)
+			rte_cryptodev_sym_session_opaque_data_get(cs);
 	}
 	return NULL;
 }
diff --git a/lib/ipsec/ses.c b/lib/ipsec/ses.c
index 3d51ac4986..0d3c932302 100644
--- a/lib/ipsec/ses.c
+++ b/lib/ipsec/ses.c
@@ -45,7 +45,8 @@  rte_ipsec_session_prepare(struct rte_ipsec_session *ss)
 	ss->pkt_func = fp;
 
 	if (ss->type == RTE_SECURITY_ACTION_TYPE_NONE)
-		ss->crypto.ses->opaque_data = (uintptr_t)ss;
+		rte_cryptodev_sym_session_opaque_data_set(ss->crypto.ses,
+			(uintptr_t)ss);
 	else
 		ss->security.ses->opaque_data = (uintptr_t)ss;