Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/117263/?format=api
{ "id": 117263, "url": "https://patches.dpdk.org/api/patches/117263/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/20221003135248.2855396-5-gakhil@marvell.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20221003135248.2855396-5-gakhil@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20221003135248.2855396-5-gakhil@marvell.com", "date": "2022-10-03T13:52:46", "name": "[v6,4/6] security: remove priv mempool usage", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "0184328b249476ecd719bee7de656e92d83b8722", "submitter": { "id": 2094, "url": "https://patches.dpdk.org/api/people/2094/?format=api", "name": "Akhil Goyal", "email": "gakhil@marvell.com" }, "delegate": { "id": 6690, "url": "https://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "https://patches.dpdk.org/project/dpdk/patch/20221003135248.2855396-5-gakhil@marvell.com/mbox/", "series": [ { "id": 24948, "url": "https://patches.dpdk.org/api/series/24948/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=24948", "date": "2022-10-03T13:52:42", "name": "crypto/security session framework rework", "version": 6, "mbox": "https://patches.dpdk.org/series/24948/mbox/" } ], "comments": "https://patches.dpdk.org/api/patches/117263/comments/", "check": "success", "checks": "https://patches.dpdk.org/api/patches/117263/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id CB75FA00C3;\n\tMon, 3 Oct 2022 15:53:53 +0200 (CEST)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 1B9D040E5A;\n\tMon, 3 Oct 2022 15:53:53 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com\n [67.231.148.174])\n by mails.dpdk.org (Postfix) with ESMTP id 90FEF40DFB\n for <dev@dpdk.org>; Mon, 3 Oct 2022 15:53:50 +0200 (CEST)", "from pps.filterd (m0045849.ppops.net [127.0.0.1])\n by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id\n 292MV8lG022823;\n Mon, 3 Oct 2022 06:53:44 -0700", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3jxjwqwyvr-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Mon, 03 Oct 2022 06:53:43 -0700", "from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;\n Mon, 3 Oct 2022 06:53:41 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend\n Transport; Mon, 3 Oct 2022 06:53:41 -0700", "from localhost.localdomain (unknown [10.28.36.102])\n by maili.marvell.com (Postfix) with ESMTP id BBDD93F704C;\n Mon, 3 Oct 2022 06:53:31 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=WXnnMwc/UMWJ0HDtbIRWx3F14l/Ljg7cr1aGf5fUPfo=;\n b=IGnI4jVpHAm9wd6NBhfrnja4UgJzuGifSYFIYor25Z5cRaFAsbTWm5U3zOPq08LPFnPO\n WxkyDgz/liEiilWOogqj+sf2NL8nGOpdaImqkuhoGzxJYG2bDHPQkpfiybalfoMxLjW1\n hW69l5xKFq8r2SGA0OS/J7RfvYKOtHfBiQuukkHwkjNRJp+l4Br8r9KTemSmvKhgGdxs\n /Xx5kY3YWelYY7V+263jzY+k8A3plXh4YDMKw/ov+5e3HZ3QdRU/VRT3SAHGhV3o8R9r\n iFhseFm9+YFlPBtj6zVBFXKXbtWhhqKlx40MK4ez9zJpPwY34CNA9Oqzg1QL5DyNWWZZ 4g==", "From": "Akhil Goyal <gakhil@marvell.com>", "To": "<dev@dpdk.org>", "CC": "<thomas@monjalon.net>, <david.marchand@redhat.com>,\n <hemant.agrawal@nxp.com>, <vattunuru@marvell.com>,\n <ferruh.yigit@xilinx.com>, <andrew.rybchenko@oktetlabs.ru>,\n <konstantin.v.ananyev@yandex.ru>, <jiawenwu@trustnetic.com>,\n <yisen.zhuang@huawei.com>, <irusskikh@marvell.com>,\n <jerinj@marvell.com>, <adwivedi@marvell.com>,\n <maxime.coquelin@redhat.com>, <chandu@amd.com>, <ruifeng.wang@arm.com>,\n <ajit.khaparde@broadcom.com>, <anoobj@marvell.com>,\n <pablo.de.lara.guarch@intel.com>, <matan@nvidia.com>,\n <g.singh@nxp.com>, <qiming.yang@intel.com>, <wenjun1.wu@intel.com>,\n <jianwang@trustnetic.com>, <jingjing.wu@intel.com>,\n <beilei.xing@intel.com>, <ndabilpuram@marvell.com>,\n <roy.fan.zhang@intel.com>, <lironh@marvell.com>,\n <royzhang1980@gmail.com>, <sunilprakashrao.uttarwar@amd.com>,\n <kai.ji@intel.com>, <rnagadheeraj@marvell.com>,\n <jianjay.zhou@huawei.com>, Akhil Goyal <gakhil@marvell.com>,\n David Coyle <david.coyle@intel.com>, Kevin O'Sullivan\n <kevin.osullivan@intel.com>", "Subject": "[PATCH v6 4/6] security: remove priv mempool usage", "Date": "Mon, 3 Oct 2022 19:22:46 +0530", "Message-ID": "<20221003135248.2855396-5-gakhil@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20221003135248.2855396-1-gakhil@marvell.com>", "References": "<20221003135248.2855396-1-gakhil@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-ORIG-GUID": "PdZ_-nFUMeptBW-i93T0RxbElOSY7iY9", "X-Proofpoint-GUID": "PdZ_-nFUMeptBW-i93T0RxbElOSY7iY9", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1\n definitions=2022-10-03_02,2022-09-29_03,2022-06-22_01", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "As per current design, rte_security_session_create()\nunnecessarily use 2 mempool objects for a single session.\n\nTo address this, the API will now take only 1 mempool\nobject instead of 2. With this change, the library layer\nwill get the object from mempool and session priv data is\nstored contiguously in the same mempool object.\n\nUser need to ensure that the mempool created in application\nis big enough for session private data as well. This can be\nensured if the pool is created after getting size of session\npriv data using API rte_security_session_get_size().\n\nSince set and get pkt metadata for security sessions are now\nmade inline for Inline crypto/proto mode, a new member fast_mdata\nis added to the rte_security_session.\nTo access opaque data and fast_mdata will be accessed via inline\nAPIs which can do pointer manipulations inside library from\nsession_private_data pointer coming from application.\n\nSigned-off-by: Akhil Goyal <gakhil@marvell.com>\nTested-by: Gagandeep Singh <g.singh@nxp.com>\nTested-by: David Coyle <david.coyle@intel.com>\nTested-by: Kevin O'Sullivan <kevin.osullivan@intel.com>\n---\n app/test-crypto-perf/cperf.h | 1 -\n app/test-crypto-perf/cperf_ops.c | 13 +-\n app/test-crypto-perf/cperf_test_latency.c | 3 +-\n app/test-crypto-perf/cperf_test_latency.h | 1 -\n .../cperf_test_pmd_cyclecount.c | 3 +-\n .../cperf_test_pmd_cyclecount.h | 1 -\n app/test-crypto-perf/cperf_test_throughput.c | 3 +-\n app/test-crypto-perf/cperf_test_throughput.h | 1 -\n app/test-crypto-perf/cperf_test_verify.c | 3 +-\n app/test-crypto-perf/cperf_test_verify.h | 1 -\n app/test-crypto-perf/main.c | 3 -\n app/test/test_cryptodev.c | 44 +-----\n app/test/test_ipsec.c | 7 +-\n app/test/test_security.c | 146 ++----------------\n app/test/test_security_inline_proto.c | 16 +-\n drivers/crypto/caam_jr/caam_jr.c | 31 +---\n drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 7 +-\n drivers/crypto/cnxk/cn10k_ipsec.c | 45 ++----\n drivers/crypto/cnxk/cn9k_cryptodev_ops.c | 9 +-\n drivers/crypto/cnxk/cn9k_ipsec.c | 50 ++----\n drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 29 +---\n drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c | 3 +-\n drivers/crypto/dpaa_sec/dpaa_sec.c | 25 +--\n drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 3 +-\n drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 26 +---\n drivers/crypto/mvsam/rte_mrvl_pmd.c | 3 +-\n drivers/crypto/mvsam/rte_mrvl_pmd_ops.c | 21 +--\n drivers/crypto/qat/qat_sym.c | 3 +-\n drivers/crypto/qat/qat_sym.h | 11 +-\n drivers/crypto/qat/qat_sym_session.c | 27 +---\n drivers/crypto/qat/qat_sym_session.h | 2 +-\n drivers/net/cnxk/cn10k_ethdev_sec.c | 38 ++---\n drivers/net/cnxk/cn9k_ethdev_sec.c | 41 ++---\n drivers/net/iavf/iavf_ipsec_crypto.c | 23 +--\n drivers/net/ixgbe/ixgbe_ipsec.c | 31 ++--\n drivers/net/txgbe/txgbe_ipsec.c | 32 ++--\n examples/ipsec-secgw/ipsec-secgw.c | 34 ----\n examples/ipsec-secgw/ipsec.c | 9 +-\n examples/ipsec-secgw/ipsec.h | 1 -\n lib/cryptodev/rte_cryptodev.h | 2 +-\n lib/security/rte_security.c | 20 ++-\n lib/security/rte_security.h | 30 ++--\n lib/security/rte_security_driver.h | 13 +-\n 43 files changed, 193 insertions(+), 622 deletions(-)", "diff": "diff --git a/app/test-crypto-perf/cperf.h b/app/test-crypto-perf/cperf.h\nindex 2b0aad095c..db58228dce 100644\n--- a/app/test-crypto-perf/cperf.h\n+++ b/app/test-crypto-perf/cperf.h\n@@ -15,7 +15,6 @@ struct cperf_op_fns;\n \n typedef void *(*cperf_constructor_t)(\n \t\tstruct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id,\n \t\tuint16_t qp_id,\n \t\tconst struct cperf_options *options,\ndiff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c\nindex 5acd495794..727eee6599 100644\n--- a/app/test-crypto-perf/cperf_ops.c\n+++ b/app/test-crypto-perf/cperf_ops.c\n@@ -642,7 +642,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,\n \n static void *\n create_ipsec_session(struct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *priv_mp,\n \t\tuint8_t dev_id,\n \t\tconst struct cperf_options *options,\n \t\tconst struct cperf_test_vector *test_vector,\n@@ -753,13 +752,11 @@ create_ipsec_session(struct rte_mempool *sess_mp,\n \t\t\t\trte_cryptodev_get_sec_ctx(dev_id);\n \n \t/* Create security session */\n-\treturn (void *)rte_security_session_create(ctx,\n-\t\t\t\t&sess_conf, sess_mp, priv_mp);\n+\treturn (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);\n }\n \n static void *\n cperf_create_session(struct rte_mempool *sess_mp,\n-\tstruct rte_mempool *priv_mp,\n \tuint8_t dev_id,\n \tconst struct cperf_options *options,\n \tconst struct cperf_test_vector *test_vector,\n@@ -859,12 +856,11 @@ cperf_create_session(struct rte_mempool *sess_mp,\n \t\t\t\t\trte_cryptodev_get_sec_ctx(dev_id);\n \n \t\t/* Create security session */\n-\t\treturn (void *)rte_security_session_create(ctx,\n-\t\t\t\t\t&sess_conf, sess_mp, priv_mp);\n+\t\treturn (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);\n \t}\n \n \tif (options->op_type == CPERF_IPSEC) {\n-\t\treturn create_ipsec_session(sess_mp, priv_mp, dev_id,\n+\t\treturn create_ipsec_session(sess_mp, dev_id,\n \t\t\t\toptions, test_vector, iv_offset);\n \t}\n \n@@ -908,8 +904,7 @@ cperf_create_session(struct rte_mempool *sess_mp,\n \t\t\t\t\trte_cryptodev_get_sec_ctx(dev_id);\n \n \t\t/* Create security session */\n-\t\treturn (void *)rte_security_session_create(ctx,\n-\t\t\t\t\t&sess_conf, sess_mp, priv_mp);\n+\t\treturn (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);\n \t}\n #endif\n \t/*\ndiff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c\nindex c8ad7f17a4..49bf421c01 100644\n--- a/app/test-crypto-perf/cperf_test_latency.c\n+++ b/app/test-crypto-perf/cperf_test_latency.c\n@@ -56,7 +56,6 @@ cperf_latency_test_free(struct cperf_latency_ctx *ctx)\n \n void *\n cperf_latency_test_constructor(struct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id, uint16_t qp_id,\n \t\tconst struct cperf_options *options,\n \t\tconst struct cperf_test_vector *test_vector,\n@@ -81,7 +80,7 @@ cperf_latency_test_constructor(struct rte_mempool *sess_mp,\n \t\tsizeof(struct rte_crypto_sym_op) +\n \t\tsizeof(struct cperf_op_result *);\n \n-\tctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,\n+\tctx->sess = op_fns->sess_create(sess_mp, dev_id, options,\n \t\t\ttest_vector, iv_offset);\n \tif (ctx->sess == NULL)\n \t\tgoto err;\ndiff --git a/app/test-crypto-perf/cperf_test_latency.h b/app/test-crypto-perf/cperf_test_latency.h\nindex ed5b0a07bb..d3fc3218d7 100644\n--- a/app/test-crypto-perf/cperf_test_latency.h\n+++ b/app/test-crypto-perf/cperf_test_latency.h\n@@ -17,7 +17,6 @@\n void *\n cperf_latency_test_constructor(\n \t\tstruct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id,\n \t\tuint16_t qp_id,\n \t\tconst struct cperf_options *options,\ndiff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\nindex dbdbe29feb..aa2654250f 100644\n--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\n+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\n@@ -88,7 +88,6 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)\n \n void *\n cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id, uint16_t qp_id,\n \t\tconst struct cperf_options *options,\n \t\tconst struct cperf_test_vector *test_vector,\n@@ -115,7 +114,7 @@ cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,\n \tuint16_t iv_offset = sizeof(struct rte_crypto_op) +\n \t\t\tsizeof(struct rte_crypto_sym_op);\n \n-\tctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,\n+\tctx->sess = op_fns->sess_create(sess_mp, dev_id, options,\n \t\t\ttest_vector, iv_offset);\n \tif (ctx->sess == NULL)\n \t\tgoto err;\ndiff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h b/app/test-crypto-perf/cperf_test_pmd_cyclecount.h\nindex 3084038a18..beb4419910 100644\n--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h\n+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.h\n@@ -18,7 +18,6 @@\n void *\n cperf_pmd_cyclecount_test_constructor(\n \t\tstruct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id,\n \t\tuint16_t qp_id,\n \t\tconst struct cperf_options *options,\ndiff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c\nindex 83c93819de..db89b7ddff 100644\n--- a/app/test-crypto-perf/cperf_test_throughput.c\n+++ b/app/test-crypto-perf/cperf_test_throughput.c\n@@ -62,7 +62,6 @@ cperf_throughput_test_free(struct cperf_throughput_ctx *ctx)\n \n void *\n cperf_throughput_test_constructor(struct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id, uint16_t qp_id,\n \t\tconst struct cperf_options *options,\n \t\tconst struct cperf_test_vector *test_vector,\n@@ -85,7 +84,7 @@ cperf_throughput_test_constructor(struct rte_mempool *sess_mp,\n \tuint16_t iv_offset = sizeof(struct rte_crypto_op) +\n \t\tsizeof(struct rte_crypto_sym_op);\n \n-\tctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,\n+\tctx->sess = op_fns->sess_create(sess_mp, dev_id, options,\n \t\t\ttest_vector, iv_offset);\n \tif (ctx->sess == NULL)\n \t\tgoto err;\ndiff --git a/app/test-crypto-perf/cperf_test_throughput.h b/app/test-crypto-perf/cperf_test_throughput.h\nindex 91e1a4b708..439ec8e559 100644\n--- a/app/test-crypto-perf/cperf_test_throughput.h\n+++ b/app/test-crypto-perf/cperf_test_throughput.h\n@@ -18,7 +18,6 @@\n void *\n cperf_throughput_test_constructor(\n \t\tstruct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id,\n \t\tuint16_t qp_id,\n \t\tconst struct cperf_options *options,\ndiff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c\nindex 345abb809f..c03e1d5ba5 100644\n--- a/app/test-crypto-perf/cperf_test_verify.c\n+++ b/app/test-crypto-perf/cperf_test_verify.c\n@@ -50,7 +50,6 @@ cperf_verify_test_free(struct cperf_verify_ctx *ctx)\n \n void *\n cperf_verify_test_constructor(struct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id, uint16_t qp_id,\n \t\tconst struct cperf_options *options,\n \t\tconst struct cperf_test_vector *test_vector,\n@@ -73,7 +72,7 @@ cperf_verify_test_constructor(struct rte_mempool *sess_mp,\n \tuint16_t iv_offset = sizeof(struct rte_crypto_op) +\n \t\tsizeof(struct rte_crypto_sym_op);\n \n-\tctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,\n+\tctx->sess = op_fns->sess_create(sess_mp, dev_id, options,\n \t\t\ttest_vector, iv_offset);\n \tif (ctx->sess == NULL)\n \t\tgoto err;\ndiff --git a/app/test-crypto-perf/cperf_test_verify.h b/app/test-crypto-perf/cperf_test_verify.h\nindex ac2192ba99..9f70ad87ba 100644\n--- a/app/test-crypto-perf/cperf_test_verify.h\n+++ b/app/test-crypto-perf/cperf_test_verify.h\n@@ -18,7 +18,6 @@\n void *\n cperf_verify_test_constructor(\n \t\tstruct rte_mempool *sess_mp,\n-\t\tstruct rte_mempool *sess_priv_mp,\n \t\tuint8_t dev_id,\n \t\tuint16_t qp_id,\n \t\tconst struct cperf_options *options,\ndiff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c\nindex 3469b836e1..420acc3c6d 100644\n--- a/app/test-crypto-perf/main.c\n+++ b/app/test-crypto-perf/main.c\n@@ -24,7 +24,6 @@\n \n static struct {\n \tstruct rte_mempool *sess_mp;\n-\tstruct rte_mempool *priv_mp;\n } session_pool_socket[RTE_MAX_NUMA_NODES];\n \n const char *cperf_test_type_strs[] = {\n@@ -115,7 +114,6 @@ fill_session_pool_socket(int32_t socket_id, uint32_t session_priv_size,\n \t\tprintf(\"Allocated pool \\\"%s\\\" on socket %d\\n\",\n \t\t\tmp_name, socket_id);\n \t\tsession_pool_socket[socket_id].sess_mp = sess_mp;\n-\t\tsession_pool_socket[socket_id].priv_mp = sess_mp;\n \t}\n \n \treturn 0;\n@@ -660,7 +658,6 @@ main(int argc, char **argv)\n \n \t\tctx[i] = cperf_testmap[opts.test].constructor(\n \t\t\t\tsession_pool_socket[socket_id].sess_mp,\n-\t\t\t\tsession_pool_socket[socket_id].priv_mp,\n \t\t\t\tcdev_id, qp_id,\n \t\t\t\t&opts, t_vec, &op_fns);\n \t\tif (ctx[i] == NULL) {\ndiff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c\nindex b7479dae44..9708fc87d2 100644\n--- a/app/test/test_cryptodev.c\n+++ b/app/test/test_cryptodev.c\n@@ -649,12 +649,6 @@ testsuite_setup(void)\n \t\t\tSOCKET_ID_ANY);\n \tTEST_ASSERT_NOT_NULL(ts_params->session_mpool,\n \t\t\t\"session mempool allocation failed\");\n-\tts_params->session_priv_mpool = rte_mempool_create(\n-\t\t\t\"test_sess_mp_priv\", MAX_NB_SESSIONS, session_size,\n-\t\t\t0, 0, NULL, NULL, NULL, NULL, SOCKET_ID_ANY, 0);\n-\n-\tTEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,\n-\t\t\t\"session mempool allocation failed\");\n \n \tTEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,\n \t\t\t&ts_params->conf),\n@@ -694,8 +688,6 @@ testsuite_teardown(void)\n \tif (ts_params->session_mpool != NULL) {\n \t\trte_mempool_free(ts_params->session_mpool);\n \t\tts_params->session_mpool = NULL;\n-\t\trte_mempool_free(ts_params->session_priv_mpool);\n-\t\tts_params->session_priv_mpool = NULL;\n \t}\n \n \tres = rte_cryptodev_close(ts_params->valid_devs[0]);\n@@ -8621,8 +8613,7 @@ static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx,\n-\t\t\t\t&sess_conf, ts_params->session_mpool,\n-\t\t\t\tNULL);\n+\t\t\t\t&sess_conf, ts_params->session_mpool);\n \n \tif (!ut_params->sec_session) {\n \t\tprintf(\"TestCase %s()-%d line %d failed %s: \",\n@@ -8901,8 +8892,7 @@ test_pdcp_proto_SGL(int i, int oop,\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx,\n-\t\t\t\t&sess_conf, ts_params->session_mpool,\n-\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t&sess_conf, ts_params->session_mpool);\n \n \tif (!ut_params->sec_session) {\n \t\tprintf(\"TestCase %s()-%d line %d failed %s: \",\n@@ -9497,8 +9487,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx, &sess_conf,\n-\t\t\t\t\tts_params->session_mpool,\n-\t\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t\tts_params->session_mpool);\n \n \tif (ut_params->sec_session == NULL)\n \t\treturn TEST_SKIPPED;\n@@ -10509,8 +10498,7 @@ test_docsis_proto_uplink(const void *data)\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx, &sess_conf,\n-\t\t\t\t\tts_params->session_mpool,\n-\t\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t\tts_params->session_mpool);\n \n \tif (!ut_params->sec_session) {\n \t\tprintf(\"Test function %s line %u: failed to allocate session\\n\",\n@@ -10694,8 +10682,7 @@ test_docsis_proto_downlink(const void *data)\n \n \t/* Create security session */\n \tut_params->sec_session = rte_security_session_create(ctx, &sess_conf,\n-\t\t\t\t\tts_params->session_mpool,\n-\t\t\t\t\tts_params->session_priv_mpool);\n+\t\t\t\t\tts_params->session_mpool);\n \n \tif (!ut_params->sec_session) {\n \t\tprintf(\"Test function %s line %u: failed to allocate session\\n\",\n@@ -14976,10 +14963,6 @@ test_scheduler_attach_worker_op(void)\n \t\t\trte_mempool_free(ts_params->session_mpool);\n \t\t\tts_params->session_mpool = NULL;\n \t\t}\n-\t\tif (ts_params->session_priv_mpool) {\n-\t\t\trte_mempool_free(ts_params->session_priv_mpool);\n-\t\t\tts_params->session_priv_mpool = NULL;\n-\t\t}\n \n \t\tif (info.sym.max_nb_sessions != 0 &&\n \t\t\t\tinfo.sym.max_nb_sessions < MAX_NB_SESSIONS) {\n@@ -15003,23 +14986,6 @@ test_scheduler_attach_worker_op(void)\n \t\t\t\t\t\"session mempool allocation failed\");\n \t\t}\n \n-\t\t/*\n-\t\t * Create mempool with maximum number of sessions,\n-\t\t * to include device specific session private data\n-\t\t */\n-\t\tif (ts_params->session_priv_mpool == NULL) {\n-\t\t\tts_params->session_priv_mpool = rte_mempool_create(\n-\t\t\t\t\t\"test_sess_mp_priv\",\n-\t\t\t\t\tMAX_NB_SESSIONS,\n-\t\t\t\t\tsession_size,\n-\t\t\t\t\t0, 0, NULL, NULL, NULL,\n-\t\t\t\t\tNULL, SOCKET_ID_ANY,\n-\t\t\t\t\t0);\n-\n-\t\t\tTEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,\n-\t\t\t\t\t\"session mempool allocation failed\");\n-\t\t}\n-\n \t\tts_params->qp_conf.mp_session = ts_params->session_mpool;\n \n \t\tret = rte_cryptodev_scheduler_worker_attach(sched_id,\ndiff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c\nindex 1fc1ba3de1..cf71f99b96 100644\n--- a/app/test/test_ipsec.c\n+++ b/app/test/test_ipsec.c\n@@ -159,13 +159,12 @@ const struct supported_auth_algo auth_algos[] = {\n \n static int\n dummy_sec_create(void *device, struct rte_security_session_conf *conf,\n-\tstruct rte_security_session *sess, struct rte_mempool *mp)\n+\tstruct rte_security_session *sess)\n {\n \tRTE_SET_USED(device);\n \tRTE_SET_USED(conf);\n-\tRTE_SET_USED(mp);\n+\tRTE_SET_USED(sess);\n \n-\tsess->sess_private_data = NULL;\n \treturn 0;\n }\n \n@@ -631,7 +630,7 @@ create_dummy_sec_session(struct ipsec_unitest_params *ut,\n \tstatic struct rte_security_session_conf conf;\n \n \tut->ss[j].security.ses = rte_security_session_create(&dummy_sec_ctx,\n-\t\t\t\t\t&conf, qp->mp_session, NULL);\n+\t\t\t\t\t&conf, qp->mp_session);\n \n \tif (ut->ss[j].security.ses == NULL)\n \t\treturn -ENOMEM;\ndiff --git a/app/test/test_security.c b/app/test/test_security.c\nindex 23f3f09254..7467211673 100644\n--- a/app/test/test_security.c\n+++ b/app/test/test_security.c\n@@ -200,25 +200,6 @@\n \t\t\texpected_mempool_usage, mempool_usage);\t\t\\\n } while (0)\n \n-/**\n- * Verify usage of mempool by checking if number of allocated objects matches\n- * expectations. The mempool is used to manage objects for sessions priv data.\n- * A single object is acquired from mempool during session_create\n- * and put back in session_destroy.\n- *\n- * @param expected_priv_mp_usage\texpected number of used priv mp objects\n- */\n-#define TEST_ASSERT_PRIV_MP_USAGE(expected_priv_mp_usage) do {\t\t\\\n-\tstruct security_testsuite_params *ts_params = &testsuite_params;\\\n-\tunsigned int priv_mp_usage;\t\t\t\t\t\\\n-\tpriv_mp_usage = rte_mempool_in_use_count(\t\t\t\\\n-\t\t\tts_params->session_priv_mpool);\t\t\t\\\n-\tTEST_ASSERT_EQUAL(expected_priv_mp_usage, priv_mp_usage,\t\\\n-\t\t\t\"Expecting %u priv mempool allocations, \"\t\\\n-\t\t\t\"but there are %u allocated objects\",\t\t\\\n-\t\t\texpected_priv_mp_usage, priv_mp_usage);\t\t\\\n-} while (0)\n-\n /**\n * Mockup structures and functions for rte_security_ops;\n *\n@@ -266,24 +247,14 @@ static struct mock_session_create_data {\n static int\n mock_session_create(void *device,\n \t\tstruct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_mempool *priv_mp)\n+\t\tstruct rte_security_session *sess)\n {\n-\tvoid *sess_priv;\n-\tint ret;\n-\n \tmock_session_create_exp.called++;\n \n \tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, device);\n \tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, conf);\n-\tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, priv_mp);\n \n \tif (mock_session_create_exp.ret == 0) {\n-\t\tret = rte_mempool_get(priv_mp, &sess_priv);\n-\t\tTEST_ASSERT_EQUAL(0, ret,\n-\t\t\t\"priv mempool does not have enough objects\");\n-\n-\t\tset_sec_session_private_data(sess, sess_priv);\n \t\tmock_session_create_exp.sess = sess;\n \t}\n \n@@ -392,13 +363,7 @@ static struct mock_session_destroy_data {\n static int\n mock_session_destroy(void *device, struct rte_security_session *sess)\n {\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n-\n \tmock_session_destroy_exp.called++;\n-\tif ((mock_session_destroy_exp.ret == 0) && (sess_priv != NULL)) {\n-\t\trte_mempool_put(rte_mempool_from_obj(sess_priv), sess_priv);\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t}\n \tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, device);\n \tMOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, sess);\n \n@@ -498,7 +463,6 @@ struct rte_security_ops mock_ops = {\n */\n static struct security_testsuite_params {\n \tstruct rte_mempool *session_mpool;\n-\tstruct rte_mempool *session_priv_mpool;\n } testsuite_params = { NULL };\n \n /**\n@@ -524,8 +488,9 @@ static struct security_unittest_params {\n #define SECURITY_TEST_MEMPOOL_NAME \"SecurityTestMp\"\n #define SECURITY_TEST_PRIV_MEMPOOL_NAME \"SecurityTestPrivMp\"\n #define SECURITY_TEST_MEMPOOL_SIZE 15\n-#define SECURITY_TEST_SESSION_OBJ_SZ sizeof(struct rte_security_session)\n #define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 64\n+#define SECURITY_TEST_SESSION_OBJ_SZ (sizeof(struct rte_security_session) + \\\n+\t\t\t\t\tSECURITY_TEST_SESSION_PRIV_OBJ_SZ)\n \n /**\n * testsuite_setup initializes whole test suite parameters.\n@@ -545,21 +510,6 @@ testsuite_setup(void)\n \tTEST_ASSERT_NOT_NULL(ts_params->session_mpool,\n \t\t\t\"Cannot create mempool %s\\n\", rte_strerror(rte_errno));\n \n-\tts_params->session_priv_mpool = rte_mempool_create(\n-\t\t\tSECURITY_TEST_PRIV_MEMPOOL_NAME,\n-\t\t\tSECURITY_TEST_MEMPOOL_SIZE,\n-\t\t\tSECURITY_TEST_SESSION_PRIV_OBJ_SZ,\n-\t\t\t0, 0, NULL, NULL, NULL, NULL,\n-\t\t\tSOCKET_ID_ANY, 0);\n-\tif (ts_params->session_priv_mpool == NULL) {\n-\t\tRTE_LOG(ERR, USER1, \"TestCase %s() line %d failed (null): \"\n-\t\t\t\t\"Cannot create priv mempool %s\\n\",\n-\t\t\t\t__func__, __LINE__, rte_strerror(rte_errno));\n-\t\trte_mempool_free(ts_params->session_mpool);\n-\t\tts_params->session_mpool = NULL;\n-\t\treturn TEST_FAILED;\n-\t}\n-\n \treturn TEST_SUCCESS;\n }\n \n@@ -574,10 +524,6 @@ testsuite_teardown(void)\n \t\trte_mempool_free(ts_params->session_mpool);\n \t\tts_params->session_mpool = NULL;\n \t}\n-\tif (ts_params->session_priv_mpool) {\n-\t\trte_mempool_free(ts_params->session_priv_mpool);\n-\t\tts_params->session_priv_mpool = NULL;\n-\t}\n }\n \n /**\n@@ -673,12 +619,10 @@ ut_setup_with_session(void)\n \tmock_session_create_exp.device = NULL;\n \tmock_session_create_exp.conf = &ut_params->conf;\n \tmock_session_create_exp.mp = ts_params->session_mpool;\n-\tmock_session_create_exp.priv_mp = ts_params->session_priv_mpool;\n \tmock_session_create_exp.ret = 0;\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,\n \t\t\tsess);\n \tTEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,\n@@ -720,13 +664,11 @@ test_session_create_inv_context(void)\n \tstruct rte_security_session *sess;\n \n \tsess = rte_security_session_create(NULL, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -746,13 +688,11 @@ test_session_create_inv_context_ops(void)\n \tut_params->ctx.ops = NULL;\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -772,13 +712,11 @@ test_session_create_inv_context_ops_fun(void)\n \tut_params->ctx.ops = &empty_ops;\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -795,13 +733,11 @@ test_session_create_inv_configuration(void)\n \tstruct rte_security_session *sess;\n \n \tsess = rte_security_session_create(&ut_params->ctx, NULL,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -815,39 +751,13 @@ static int\n test_session_create_inv_mempool(void)\n {\n \tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct rte_security_session *sess;\n \n-\tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tNULL, ts_params->session_priv_mpool);\n+\tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf, NULL);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n-\tTEST_ASSERT_SESSION_COUNT(0);\n-\n-\treturn TEST_SUCCESS;\n-}\n-\n-/**\n- * Test execution of rte_security_session_create with NULL session\n- * priv mempool\n- */\n-static int\n-test_session_create_inv_sess_priv_mempool(void)\n-{\n-\tstruct security_unittest_params *ut_params = &unittest_params;\n-\tstruct security_testsuite_params *ts_params = &testsuite_params;\n-\tstruct rte_security_session *sess;\n-\n-\tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool, NULL);\n-\tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n-\t\t\tsess, NULL, \"%p\");\n-\tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n-\tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -863,7 +773,6 @@ test_session_create_mempool_empty(void)\n \tstruct security_testsuite_params *ts_params = &testsuite_params;\n \tstruct security_unittest_params *ut_params = &unittest_params;\n \tstruct rte_security_session *tmp[SECURITY_TEST_MEMPOOL_SIZE];\n-\tvoid *tmp1[SECURITY_TEST_MEMPOOL_SIZE];\n \tstruct rte_security_session *sess;\n \n \t/* Get all available objects from mempool. */\n@@ -874,34 +783,23 @@ test_session_create_mempool_empty(void)\n \t\tTEST_ASSERT_EQUAL(0, ret,\n \t\t\t\t\"Expect getting %d object from mempool\"\n \t\t\t\t\" to succeed\", i);\n-\t\tret = rte_mempool_get(ts_params->session_priv_mpool,\n-\t\t\t\t(void **)(&tmp1[i]));\n-\t\tTEST_ASSERT_EQUAL(0, ret,\n-\t\t\t\t\"Expect getting %d object from priv mempool\"\n-\t\t\t\t\" to succeed\", i);\n \t}\n \tTEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);\n-\tTEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);\n-\tTEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \t/* Put objects back to the pool. */\n \tfor (i = 0; i < SECURITY_TEST_MEMPOOL_SIZE; ++i) {\n \t\trte_mempool_put(ts_params->session_mpool,\n \t\t\t\t(void *)(tmp[i]));\n-\t\trte_mempool_put(ts_params->session_priv_mpool,\n-\t\t\t\t(tmp1[i]));\n \t}\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \n \treturn TEST_SUCCESS;\n }\n@@ -920,17 +818,14 @@ test_session_create_ops_failure(void)\n \tmock_session_create_exp.device = NULL;\n \tmock_session_create_exp.conf = &ut_params->conf;\n \tmock_session_create_exp.mp = ts_params->session_mpool;\n-\tmock_session_create_exp.priv_mp = ts_params->session_priv_mpool;\n \tmock_session_create_exp.ret = -1;\t/* Return failure status. */\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,\n \t\t\tsess, NULL, \"%p\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \treturn TEST_SUCCESS;\n@@ -949,12 +844,10 @@ test_session_create_success(void)\n \tmock_session_create_exp.device = NULL;\n \tmock_session_create_exp.conf = &ut_params->conf;\n \tmock_session_create_exp.mp = ts_params->session_mpool;\n-\tmock_session_create_exp.priv_mp = ts_params->session_priv_mpool;\n \tmock_session_create_exp.ret = 0;\t/* Return success status. */\n \n \tsess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,\n-\t\t\tts_params->session_mpool,\n-\t\t\tts_params->session_priv_mpool);\n+\t\t\tts_params->session_mpool);\n \tTEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,\n \t\t\tsess);\n \tTEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,\n@@ -963,7 +856,6 @@ test_session_create_success(void)\n \t\t\tsess, mock_session_create_exp.sess);\n \tTEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \t/*\n@@ -1349,7 +1241,6 @@ test_session_destroy_inv_context(void)\n \tstruct security_unittest_params *ut_params = &unittest_params;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(NULL, ut_params->sess);\n@@ -1357,7 +1248,6 @@ test_session_destroy_inv_context(void)\n \t\t\tret, -EINVAL, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1374,7 +1264,6 @@ test_session_destroy_inv_context_ops(void)\n \tut_params->ctx.ops = NULL;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx,\n@@ -1383,7 +1272,6 @@ test_session_destroy_inv_context_ops(void)\n \t\t\tret, -EINVAL, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1400,7 +1288,6 @@ test_session_destroy_inv_context_ops_fun(void)\n \tut_params->ctx.ops = &empty_ops;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx,\n@@ -1409,7 +1296,6 @@ test_session_destroy_inv_context_ops_fun(void)\n \t\t\tret, -ENOTSUP, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1424,7 +1310,6 @@ test_session_destroy_inv_session(void)\n \tstruct security_unittest_params *ut_params = &unittest_params;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx, NULL);\n@@ -1432,7 +1317,6 @@ test_session_destroy_inv_session(void)\n \t\t\tret, -EINVAL, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1452,7 +1336,6 @@ test_session_destroy_ops_failure(void)\n \tmock_session_destroy_exp.ret = -1;\n \n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx,\n@@ -1461,7 +1344,6 @@ test_session_destroy_ops_failure(void)\n \t\t\tret, -1, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \treturn TEST_SUCCESS;\n@@ -1479,7 +1361,6 @@ test_session_destroy_success(void)\n \tmock_session_destroy_exp.sess = ut_params->sess;\n \tmock_session_destroy_exp.ret = 0;\n \tTEST_ASSERT_MEMPOOL_USAGE(1);\n-\tTEST_ASSERT_PRIV_MP_USAGE(1);\n \tTEST_ASSERT_SESSION_COUNT(1);\n \n \tint ret = rte_security_session_destroy(&ut_params->ctx,\n@@ -1488,7 +1369,6 @@ test_session_destroy_success(void)\n \t\t\tret, 0, \"%d\");\n \tTEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);\n \tTEST_ASSERT_MEMPOOL_USAGE(0);\n-\tTEST_ASSERT_PRIV_MP_USAGE(0);\n \tTEST_ASSERT_SESSION_COUNT(0);\n \n \t/*\n@@ -2340,8 +2220,6 @@ static struct unit_test_suite security_testsuite = {\n \t\t\t\ttest_session_create_inv_configuration),\n \t\tTEST_CASE_ST(ut_setup, ut_teardown,\n \t\t\t\ttest_session_create_inv_mempool),\n-\t\tTEST_CASE_ST(ut_setup, ut_teardown,\n-\t\t\t\ttest_session_create_inv_sess_priv_mempool),\n \t\tTEST_CASE_ST(ut_setup, ut_teardown,\n \t\t\t\ttest_session_create_mempool_empty),\n \t\tTEST_CASE_ST(ut_setup, ut_teardown,\ndiff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c\nindex 81cac2f0a8..ee13c55dd6 100644\n--- a/app/test/test_security_inline_proto.c\n+++ b/app/test/test_security_inline_proto.c\n@@ -66,7 +66,6 @@ extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha512;\n \n static struct rte_mempool *mbufpool;\n static struct rte_mempool *sess_pool;\n-static struct rte_mempool *sess_priv_pool;\n /* ethernet addresses of ports */\n static struct rte_ether_addr ports_eth_addr[RTE_MAX_ETHPORTS];\n \n@@ -311,8 +310,7 @@ create_inline_ipsec_session(struct ipsec_test_data *sa, uint16_t portid,\n \t\tsetenv(\"ETH_SEC_IV_OVR\", arr, 1);\n \t}\n \n-\t*sess = rte_security_session_create(sec_ctx,\n-\t\t\t\tsess_conf, sess_pool, sess_priv_pool);\n+\t*sess = rte_security_session_create(sec_ctx, sess_conf, sess_pool);\n \tif (*sess == NULL) {\n \t\tprintf(\"SEC Session init failed.\\n\");\n \t\treturn TEST_FAILED;\n@@ -496,18 +494,6 @@ init_mempools(unsigned int nb_mbuf)\n \t\t}\n \t\tprintf(\"Allocated sess pool\\n\");\n \t}\n-\tif (sess_priv_pool == NULL) {\n-\t\tsnprintf(s, sizeof(s), \"sess_priv_pool\");\n-\t\tsess_priv_pool = rte_mempool_create(s, nb_sess, sess_sz,\n-\t\t\t\tMEMPOOL_CACHE_SIZE, 0,\n-\t\t\t\tNULL, NULL, NULL, NULL,\n-\t\t\t\tSOCKET_ID_ANY, 0);\n-\t\tif (sess_priv_pool == NULL) {\n-\t\t\tprintf(\"Cannot init sess_priv pool\\n\");\n-\t\t\treturn TEST_FAILED;\n-\t\t}\n-\t\tprintf(\"Allocated sess_priv pool\\n\");\n-\t}\n \n \treturn 0;\n }\ndiff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c\nindex e43c56c719..bbf2c0bdb1 100644\n--- a/drivers/crypto/caam_jr/caam_jr.c\n+++ b/drivers/crypto/caam_jr/caam_jr.c\n@@ -1359,9 +1359,7 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)\n \t\tses = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);\n \t\tbreak;\n \tcase RTE_CRYPTO_OP_SECURITY_SESSION:\n-\t\tses = (struct caam_jr_session *)\n-\t\t\tget_sec_session_private_data(\n-\t\t\t\t\top->sym->sec_session);\n+\t\tses = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \t\tbreak;\n \tdefault:\n \t\tCAAM_JR_DP_ERR(\"sessionless crypto op not supported\");\n@@ -1900,18 +1898,12 @@ caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,\n static int\n caam_jr_security_session_create(void *dev,\n \t\t\t\tstruct rte_security_session_conf *conf,\n-\t\t\t\tstruct rte_security_session *sess,\n-\t\t\t\tstruct rte_mempool *mempool)\n+\t\t\t\tstruct rte_security_session *sess)\n {\n-\tvoid *sess_private_data;\n+\tvoid *sess_private_data = SECURITY_GET_SESS_PRIV(sess);\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tCAAM_JR_ERR(\"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tswitch (conf->protocol) {\n \tcase RTE_SECURITY_PROTOCOL_IPSEC:\n \t\tret = caam_jr_set_ipsec_session(cdev, conf,\n@@ -1924,13 +1916,8 @@ caam_jr_security_session_create(void *dev,\n \t}\n \tif (ret != 0) {\n \t\tCAAM_JR_ERR(\"failed to configure session parameters\");\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n-\t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n@@ -1940,18 +1927,12 @@ caam_jr_security_session_destroy(void *dev __rte_unused,\n \t\t\t\t struct rte_security_session *sess)\n {\n \tPMD_INIT_FUNC_TRACE();\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n-\n-\tstruct caam_jr_session *s = (struct caam_jr_session *)sess_priv;\n-\n-\tif (sess_priv) {\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n+\tstruct caam_jr_session *s = SECURITY_GET_SESS_PRIV(sess);\n \n+\tif (s) {\n \t\trte_free(s->cipher_key.data);\n \t\trte_free(s->auth_key.data);\n-\t\tmemset(sess, 0, sizeof(struct caam_jr_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n+\t\tmemset(s, 0, sizeof(struct caam_jr_session));\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c\nindex 07092d78b7..d911deef55 100644\n--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c\n+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c\n@@ -122,8 +122,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],\n \n \tif (op->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {\n \t\tif (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n-\t\t\tsec_sess = get_sec_session_private_data(\n-\t\t\t\tsym_op->sec_session);\n+\t\t\tsec_sess = SECURITY_GET_SESS_PRIV(sym_op->sec_session);\n \t\t\tret = cpt_sec_inst_fill(qp, op, sec_sess, &inst[0]);\n \t\t\tif (unlikely(ret))\n \t\t\t\treturn 0;\n@@ -302,7 +301,7 @@ cn10k_cpt_crypto_adapter_ev_mdata_set(struct rte_cryptodev *dev __rte_unused,\n \t\t\tstruct cn10k_sec_session *priv;\n \t\t\tstruct cn10k_ipsec_sa *sa;\n \n-\t\t\tpriv = get_sec_session_private_data(sess);\n+\t\t\tpriv = SECURITY_GET_SESS_PRIV(sess);\n \t\t\tsa = &priv->sa;\n \t\t\tsa->qp = qp;\n \t\t\tsa->inst.w2 = w2;\n@@ -339,7 +338,7 @@ cn10k_ca_meta_info_extract(struct rte_crypto_op *op,\n \t\t\tstruct cn10k_sec_session *priv;\n \t\t\tstruct cn10k_ipsec_sa *sa;\n \n-\t\t\tpriv = get_sec_session_private_data(op->sym->sec_session);\n+\t\t\tpriv = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \t\t\tsa = &priv->sa;\n \t\t\t*qp = sa->qp;\n \t\t\t*w2 = sa->inst.w2;\ndiff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c\nindex d6ff1342ce..1ebdf7793a 100644\n--- a/drivers/crypto/cnxk/cn10k_ipsec.c\n+++ b/drivers/crypto/cnxk/cn10k_ipsec.c\n@@ -47,7 +47,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,\n \tvoid *out_sa;\n \tint ret = 0;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n+\tsess = SECURITY_GET_SESS_PRIV(sec_sess);\n \tsa = &sess->sa;\n \tout_sa = &sa->out_sa;\n \n@@ -173,7 +173,7 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,\n \tvoid *in_sa;\n \tint ret = 0;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n+\tsess = SECURITY_GET_SESS_PRIV(sec_sess);\n \tsa = &sess->sa;\n \tin_sa = &sa->in_sa;\n \n@@ -290,37 +290,16 @@ cn10k_ipsec_session_create(void *dev,\n \n static int\n cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,\n-\t\t\t struct rte_security_session *sess,\n-\t\t\t struct rte_mempool *mempool)\n+\t\t\t struct rte_security_session *sess)\n {\n-\tstruct cn10k_sec_session *priv;\n-\tint ret;\n-\n \tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)\n \t\treturn -EINVAL;\n \n-\tif (rte_mempool_get(mempool, (void **)&priv)) {\n-\t\tplt_err(\"Could not allocate security session private data\");\n-\t\treturn -ENOMEM;\n-\t}\n+\tif (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC)\n+\t\treturn -ENOTSUP;\n \n-\tset_sec_session_private_data(sess, priv);\n-\n-\tif (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {\n-\t\tret = -ENOTSUP;\n-\t\tgoto mempool_put;\n-\t}\n-\tret = cn10k_ipsec_session_create(device, &conf->ipsec,\n+\treturn cn10k_ipsec_session_create(device, &conf->ipsec,\n \t\t\t\t\t conf->crypto_xform, sess);\n-\tif (ret)\n-\t\tgoto mempool_put;\n-\n-\treturn 0;\n-\n-mempool_put:\n-\trte_mempool_put(mempool, priv);\n-\tset_sec_session_private_data(sess, NULL);\n-\treturn ret;\n }\n \n static int\n@@ -329,14 +308,13 @@ cn10k_sec_session_destroy(void *dev, struct rte_security_session *sec_sess)\n \tstruct rte_cryptodev *crypto_dev = dev;\n \tunion roc_ot_ipsec_sa_word2 *w2;\n \tstruct cn10k_sec_session *sess;\n-\tstruct rte_mempool *sess_mp;\n \tstruct cn10k_ipsec_sa *sa;\n \tstruct cnxk_cpt_qp *qp;\n \tstruct roc_cpt_lf *lf;\n \tvoid *sa_dptr = NULL;\n \tint ret;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n+\tsess = SECURITY_GET_SESS_PRIV(sec_sess);\n \tif (sess == NULL)\n \t\treturn 0;\n \n@@ -390,11 +368,6 @@ cn10k_sec_session_destroy(void *dev, struct rte_security_session *sec_sess)\n \t\troc_cpt_lf_ctx_reload(lf, &sa->in_sa);\n \t}\n \n-\tsess_mp = rte_mempool_from_obj(sess);\n-\n-\tset_sec_session_private_data(sec_sess, NULL);\n-\trte_mempool_put(sess_mp, sess);\n-\n \treturn 0;\n }\n \n@@ -416,7 +389,7 @@ cn10k_sec_session_stats_get(void *device, struct rte_security_session *sess,\n \tstruct cn10k_ipsec_sa *sa;\n \tstruct cnxk_cpt_qp *qp;\n \n-\tpriv = get_sec_session_private_data(sess);\n+\tpriv = SECURITY_GET_SESS_PRIV(sess);\n \tif (priv == NULL)\n \t\treturn -EINVAL;\n \n@@ -457,7 +430,7 @@ cn10k_sec_session_update(void *device, struct rte_security_session *sess,\n \tstruct cnxk_cpt_vf *vf;\n \tint ret;\n \n-\tpriv = get_sec_session_private_data(sess);\n+\tpriv = SECURITY_GET_SESS_PRIV(sess);\n \tif (priv == NULL)\n \t\treturn -EINVAL;\n \ndiff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c\nindex 5c344a6008..b395f830b1 100644\n--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c\n+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c\n@@ -27,7 +27,7 @@ cn9k_cpt_sec_inst_fill(struct rte_crypto_op *op,\n \tstruct cn9k_ipsec_sa *sa;\n \tint ret;\n \n-\tpriv = get_sec_session_private_data(op->sym->sec_session);\n+\tpriv = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \tsa = &priv->sa;\n \n \tif (unlikely(sym_op->m_dst && sym_op->m_dst != sym_op->m_src)) {\n@@ -337,7 +337,7 @@ cn9k_cpt_crypto_adapter_ev_mdata_set(struct rte_cryptodev *dev __rte_unused,\n \t\t\tstruct cn9k_sec_session *priv;\n \t\t\tstruct cn9k_ipsec_sa *sa;\n \n-\t\t\tpriv = get_sec_session_private_data(sess);\n+\t\t\tpriv = SECURITY_GET_SESS_PRIV(sess);\n \t\t\tsa = &priv->sa;\n \t\t\tsa->qp = qp;\n \t\t\tsa->inst.w2 = w2;\n@@ -374,7 +374,7 @@ cn9k_ca_meta_info_extract(struct rte_crypto_op *op,\n \t\t\tstruct cn9k_sec_session *priv;\n \t\t\tstruct cn9k_ipsec_sa *sa;\n \n-\t\t\tpriv = get_sec_session_private_data(op->sym->sec_session);\n+\t\t\tpriv = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \t\t\tsa = &priv->sa;\n \t\t\t*qp = sa->qp;\n \t\t\tinst->w2.u64 = sa->inst.w2;\n@@ -539,8 +539,7 @@ cn9k_cpt_sec_post_process(struct rte_crypto_op *cop,\n \t\t\t CPT_OP_FLAGS_IPSEC_INB_REPLAY)) {\n \t\t\tint ret;\n \n-\t\t\tpriv = get_sec_session_private_data(\n-\t\t\t\tsym_op->sec_session);\n+\t\t\tpriv = SECURITY_GET_SESS_PRIV(sym_op->sec_session);\n \t\t\tsa = &priv->sa;\n \n \t\t\tret = ipsec_antireplay_check(\ndiff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c\nindex 3d37449907..b56843f49b 100644\n--- a/drivers/crypto/cnxk/cn9k_ipsec.c\n+++ b/drivers/crypto/cnxk/cn9k_ipsec.c\n@@ -32,7 +32,7 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,\n \tuint8_t egrp;\n \tint ret;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n+\tsess = SECURITY_GET_SESS_PRIV(sec_sess);\n \tsa = &sess->sa;\n \n \tmemset(sa, 0, sizeof(struct cn9k_ipsec_sa));\n@@ -80,7 +80,7 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,\n \n \tctx_len = ret;\n \tegrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];\n-\tret = roc_on_cpt_ctx_write(&qp->lf, rte_mempool_virt2iova(&sa->out_sa),\n+\tret = roc_on_cpt_ctx_write(&qp->lf, SECURITY_GET_SESS_PRIV_IOVA(sec_sess),\n \t\t\t\t false, ctx_len, egrp);\n \n \tif (ret)\n@@ -108,7 +108,7 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,\n \n \tw7.u64 = 0;\n \tw7.s.egrp = egrp;\n-\tw7.s.cptr = rte_mempool_virt2iova(&sa->out_sa);\n+\tw7.s.cptr = SECURITY_GET_SESS_PRIV_IOVA(sec_sess);\n \n \tinst_tmpl = &sa->inst;\n \tinst_tmpl->w4 = w4.u64;\n@@ -134,7 +134,7 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,\n \tuint8_t egrp;\n \tint ret = 0;\n \n-\tsess = get_sec_session_private_data(sec_sess);\n+\tsess = SECURITY_GET_SESS_PRIV(sec_sess);\n \tsa = &sess->sa;\n \n \tmemset(sa, 0, sizeof(struct cn9k_ipsec_sa));\n@@ -170,7 +170,7 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,\n \n \tctx_len = ret;\n \tegrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];\n-\tret = roc_on_cpt_ctx_write(&qp->lf, rte_mempool_virt2iova(&sa->in_sa),\n+\tret = roc_on_cpt_ctx_write(&qp->lf, SECURITY_GET_SESS_PRIV_IOVA(sec_sess),\n \t\t\t\t true, ctx_len, egrp);\n \tif (ret)\n \t\treturn ret;\n@@ -184,7 +184,7 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,\n \tw4.s.param2 = param2.u16;\n \n \tw7.s.egrp = egrp;\n-\tw7.s.cptr = rte_mempool_virt2iova(&sa->in_sa);\n+\tw7.s.cptr = SECURITY_GET_SESS_PRIV_IOVA(sec_sess);\n \n \tinst_tmpl = &sa->inst;\n \tinst_tmpl->w4 = w4.u64;\n@@ -295,40 +295,20 @@ cn9k_ipsec_session_create(void *dev,\n \n static int\n cn9k_sec_session_create(void *device, struct rte_security_session_conf *conf,\n-\t\t\tstruct rte_security_session *sess,\n-\t\t\tstruct rte_mempool *mempool)\n+\t\t\tstruct rte_security_session *sess)\n {\n-\tstruct cn9k_sec_session *priv;\n-\tint ret;\n+\tstruct cn9k_sec_session *priv = SECURITY_GET_SESS_PRIV(sess);\n \n \tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)\n \t\treturn -EINVAL;\n \n-\tif (rte_mempool_get(mempool, (void **)&priv)) {\n-\t\tplt_err(\"Could not allocate security session private data\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tmemset(priv, 0, sizeof(*priv));\n \n-\tset_sec_session_private_data(sess, priv);\n+\tif (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC)\n+\t\treturn -ENOTSUP;\n \n-\tif (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {\n-\t\tret = -ENOTSUP;\n-\t\tgoto mempool_put;\n-\t}\n-\n-\tret = cn9k_ipsec_session_create(device, &conf->ipsec,\n+\treturn cn9k_ipsec_session_create(device, &conf->ipsec,\n \t\t\t\t\tconf->crypto_xform, sess);\n-\tif (ret)\n-\t\tgoto mempool_put;\n-\n-\treturn 0;\n-\n-mempool_put:\n-\trte_mempool_put(mempool, priv);\n-\tset_sec_session_private_data(sess, NULL);\n-\treturn ret;\n }\n \n static int\n@@ -337,11 +317,10 @@ cn9k_sec_session_destroy(void *device __rte_unused,\n {\n \tstruct roc_ie_on_outb_sa *out_sa;\n \tstruct cn9k_sec_session *priv;\n-\tstruct rte_mempool *sess_mp;\n \tstruct roc_ie_on_sa_ctl *ctl;\n \tstruct cn9k_ipsec_sa *sa;\n \n-\tpriv = get_sec_session_private_data(sess);\n+\tpriv = SECURITY_GET_SESS_PRIV(sess);\n \tif (priv == NULL)\n \t\treturn 0;\n \n@@ -353,13 +332,8 @@ cn9k_sec_session_destroy(void *device __rte_unused,\n \n \trte_io_wmb();\n \n-\tsess_mp = rte_mempool_from_obj(priv);\n-\n \tmemset(priv, 0, sizeof(*priv));\n \n-\tset_sec_session_private_data(sess, NULL);\n-\trte_mempool_put(sess_mp, priv);\n-\n \treturn 0;\n }\n \ndiff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c\nindex fefaf0fc5f..28a868da53 100644\n--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c\n+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c\n@@ -1382,8 +1382,7 @@ build_sec_fd(struct rte_crypto_op *op,\n \t\tsess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);\n #ifdef RTE_LIB_SECURITY\n \telse if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)\n-\t\tsess = (dpaa2_sec_session *)get_sec_session_private_data(\n-\t\t\t\top->sym->sec_session);\n+\t\tsess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n #endif\n \telse {\n \t\tDPAA2_SEC_DP_ERR(\"Session type invalid\\n\");\n@@ -1583,8 +1582,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)\n \tmbuf->buf_iova = op->sym->aead.digest.phys_addr;\n \top->sym->aead.digest.phys_addr = 0L;\n \n-\tsess_priv = (dpaa2_sec_session *)get_sec_session_private_data(\n-\t\t\t\top->sym->sec_session);\n+\tsess_priv = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \tif (sess_priv->dir == DIR_ENC)\n \t\tmbuf->data_off += SEC_FLC_DHR_OUTBOUND;\n \telse\n@@ -1680,8 +1678,7 @@ dpaa2_sec_dump(struct rte_crypto_op *op)\n \t\tsess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);\n #ifdef RTE_LIBRTE_SECURITY\n \telse if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)\n-\t\tsess = (dpaa2_sec_session *)get_sec_session_private_data(\n-\t\t\top->sym->sec_session);\n+\t\tsess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n #endif\n \n \tif (sess == NULL)\n@@ -3690,18 +3687,12 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,\n static int\n dpaa2_sec_security_session_create(void *dev,\n \t\t\t\t struct rte_security_session_conf *conf,\n-\t\t\t\t struct rte_security_session *sess,\n-\t\t\t\t struct rte_mempool *mempool)\n+\t\t\t\t struct rte_security_session *sess)\n {\n-\tvoid *sess_private_data;\n+\tvoid *sess_private_data = SECURITY_GET_SESS_PRIV(sess);\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tDPAA2_SEC_ERR(\"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tswitch (conf->protocol) {\n \tcase RTE_SECURITY_PROTOCOL_IPSEC:\n \t\tret = dpaa2_sec_set_ipsec_session(cdev, conf,\n@@ -3718,13 +3709,9 @@ dpaa2_sec_security_session_create(void *dev,\n \t}\n \tif (ret != 0) {\n \t\tDPAA2_SEC_ERR(\"Failed to configure session parameters\");\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n@@ -3734,19 +3721,15 @@ dpaa2_sec_security_session_destroy(void *dev __rte_unused,\n \t\tstruct rte_security_session *sess)\n {\n \tPMD_INIT_FUNC_TRACE();\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n+\tvoid *sess_priv = SECURITY_GET_SESS_PRIV(sess);\n \n \tdpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;\n \n \tif (sess_priv) {\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n-\n \t\trte_free(s->ctxt);\n \t\trte_free(s->cipher_key.data);\n \t\trte_free(s->auth_key.data);\n \t\tmemset(s, 0, sizeof(dpaa2_sec_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c\nindex d6ce11ae65..36c79e450a 100644\n--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c\n+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c\n@@ -1009,8 +1009,7 @@ dpaa2_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,\n \t}\n \n \tif (sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)\n-\t\tsess = (dpaa2_sec_session *)get_sec_session_private_data(\n-\t\t\t\tsession_ctx.sec_sess);\n+\t\tsess = SECURITY_GET_SESS_PRIV(session_ctx.sec_sess);\n \telse if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)\n \t\tsess = CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);\n \telse\ndiff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c\nindex 00a5474b2b..b1529bd1f6 100644\n--- a/drivers/crypto/dpaa_sec/dpaa_sec.c\n+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c\n@@ -673,9 +673,7 @@ dpaa_sec_dump(struct dpaa_sec_op_ctx *ctx, struct dpaa_sec_qp *qp)\n \t\tsess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);\n #ifdef RTE_LIBRTE_SECURITY\n \telse if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)\n-\t\tsess = (dpaa_sec_session *)\n-\t\t\tget_sec_session_private_data(\n-\t\t\t\t\top->sym->sec_session);\n+\t\tsess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n #endif\n \tif (sess == NULL) {\n \t\tprintf(\"session is NULL\\n\");\n@@ -1928,9 +1926,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,\n \t\t\t\tbreak;\n #ifdef RTE_LIB_SECURITY\n \t\t\tcase RTE_CRYPTO_OP_SECURITY_SESSION:\n-\t\t\t\tses = (dpaa_sec_session *)\n-\t\t\t\t\tget_sec_session_private_data(\n-\t\t\t\t\t\t\top->sym->sec_session);\n+\t\t\t\tses = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \t\t\t\tbreak;\n #endif\n \t\t\tdefault:\n@@ -3245,18 +3241,12 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev,\n static int\n dpaa_sec_security_session_create(void *dev,\n \t\t\t\t struct rte_security_session_conf *conf,\n-\t\t\t\t struct rte_security_session *sess,\n-\t\t\t\t struct rte_mempool *mempool)\n+\t\t\t\t struct rte_security_session *sess)\n {\n-\tvoid *sess_private_data;\n+\tvoid *sess_private_data = SECURITY_GET_SESS_PRIV(sess);\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tDPAA_SEC_ERR(\"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tswitch (conf->protocol) {\n \tcase RTE_SECURITY_PROTOCOL_IPSEC:\n \t\tret = dpaa_sec_set_ipsec_session(cdev, conf,\n@@ -3273,13 +3263,9 @@ dpaa_sec_security_session_create(void *dev,\n \t}\n \tif (ret != 0) {\n \t\tDPAA_SEC_ERR(\"failed to configure session parameters\");\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \tret = dpaa_sec_prep_cdb(sess_private_data);\n \tif (ret) {\n \t\tDPAA_SEC_ERR(\"Unable to prepare sec cdb\");\n@@ -3295,12 +3281,11 @@ dpaa_sec_security_session_destroy(void *dev __rte_unused,\n \t\tstruct rte_security_session *sess)\n {\n \tPMD_INIT_FUNC_TRACE();\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n+\tvoid *sess_priv = SECURITY_GET_SESS_PRIV(sess);\n \tdpaa_sec_session *s = (dpaa_sec_session *)sess_priv;\n \n \tif (sess_priv) {\n \t\tfree_session_memory((struct rte_cryptodev *)dev, s);\n-\t\tset_sec_session_private_data(sess, NULL);\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c\nindex 2f71d22a36..b7dd8beab2 100644\n--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c\n+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c\n@@ -1014,8 +1014,7 @@ dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,\n \t}\n \n \tif (sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)\n-\t\tsess = (dpaa_sec_session *)get_sec_session_private_data(\n-\t\t\t\tsession_ctx.sec_sess);\n+\t\tsess = SECURITY_GET_SESS_PRIV(session_ctx.sec_sess);\n \telse if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)\n \t\tsess = (dpaa_sec_session *)\n \t\t\tCRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);\ndiff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\nindex 7d2f3b0e4b..76cb1c543a 100644\n--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n@@ -1584,8 +1584,7 @@ set_sec_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,\n \t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n \t\treturn -1;\n \t}\n-\tsession = (struct aesni_mb_session *)\n-\t\tget_sec_session_private_data(op->sym->sec_session);\n+\tsession = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \n \tif (unlikely(session == NULL)) {\n \t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;\n@@ -1720,7 +1719,7 @@ post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)\n \t\t * this is for DOCSIS\n \t\t */\n \t\tis_docsis_sec = 1;\n-\t\tsess = get_sec_session_private_data(op->sym->sec_session);\n+\t\tsess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \t} else\n #endif\n \t\tsess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);\n@@ -2095,10 +2094,9 @@ struct rte_cryptodev_ops aesni_mb_pmd_ops = {\n */\n static int\n aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_mempool *mempool)\n+\t\tstruct rte_security_session *sess)\n {\n-\tvoid *sess_private_data;\n+\tvoid *sess_private_data = SECURITY_GET_SESS_PRIV(sess);\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tint ret;\n \n@@ -2108,24 +2106,14 @@ aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,\n \t\treturn -EINVAL;\n \t}\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tIPSEC_MB_LOG(ERR, \"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,\n \t\t\tsess_private_data);\n \n \tif (ret != 0) {\n \t\tIPSEC_MB_LOG(ERR, \"Failed to configure session parameters\");\n-\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n@@ -2134,14 +2122,10 @@ static int\n aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,\n \t\tstruct rte_security_session *sess)\n {\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n+\tvoid *sess_priv = SECURITY_GET_SESS_PRIV(sess);\n \n \tif (sess_priv) {\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n-\n \t\tmemset(sess_priv, 0, sizeof(struct aesni_mb_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/mvsam/rte_mrvl_pmd.c b/drivers/crypto/mvsam/rte_mrvl_pmd.c\nindex fdc9c14227..88651b9a55 100644\n--- a/drivers/crypto/mvsam/rte_mrvl_pmd.c\n+++ b/drivers/crypto/mvsam/rte_mrvl_pmd.c\n@@ -767,8 +767,7 @@ mrvl_request_prepare_sec(struct sam_cio_ipsec_params *request,\n \t\treturn -EINVAL;\n \t}\n \n-\tsess = (struct mrvl_crypto_session *)get_sec_session_private_data(\n-\t\t\top->sym->sec_session);\n+\tsess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \tif (unlikely(sess == NULL)) {\n \t\tMRVL_LOG(ERR, \"Session was not created for this device! %d\",\n \t\t\t cryptodev_driver_id);\ndiff --git a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c\nindex 0066236561..1aa8e935f1 100644\n--- a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c\n+++ b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c\n@@ -833,11 +833,10 @@ struct rte_cryptodev_ops *rte_mrvl_crypto_pmd_ops = &mrvl_crypto_pmd_ops;\n static int\n mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,\n \t\t\t\t struct rte_security_session_conf *conf,\n-\t\t\t\t struct rte_security_session *sess,\n-\t\t\t\t struct rte_mempool *mempool)\n+\t\t\t\t struct rte_security_session *sess)\n {\n \tstruct mrvl_crypto_session *mrvl_sess;\n-\tvoid *sess_private_data;\n+\tvoid *sess_private_data = SECURITY_GET_SESS_PRIV(sess);\n \tint ret;\n \n \tif (sess == NULL) {\n@@ -845,11 +844,6 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,\n \t\treturn -EINVAL;\n \t}\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tMRVL_LOG(ERR, \"Couldn't get object from session mempool.\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tswitch (conf->protocol) {\n \tcase RTE_SECURITY_PROTOCOL_IPSEC:\n \t\tmrvl_sess = (struct mrvl_crypto_session *)sess_private_data;\n@@ -863,8 +857,6 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,\n \t\tif (ret != 0) {\n \t\t\tMRVL_LOG(ERR, \"Failed to configure session parameters.\");\n \n-\t\t\t/* Return session to mempool */\n-\t\t\trte_mempool_put(mempool, sess_private_data);\n \t\t\treturn ret;\n \t\t}\n \n@@ -878,8 +870,6 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,\n \t\t\t\t&mrvl_sess->sam_sess);\n \t\tif (ret < 0) {\n \t\t\tMRVL_LOG(ERR, \"PMD: failed to create IPSEC session.\");\n-\t\t\t/* Return session to mempool */\n-\t\t\trte_mempool_put(mempool, sess_private_data);\n \t\t\treturn ret;\n \t\t}\n \t\tbreak;\n@@ -889,8 +879,6 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,\n \t\treturn -EINVAL;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n-\n \treturn ret;\n }\n \n@@ -899,13 +887,12 @@ static int\n mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,\n \t\tstruct rte_security_session *sess)\n {\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n+\tvoid *sess_priv = SECURITY_GET_SESS_PRIV(sess);\n \n \t/* Zero out the whole structure */\n \tif (sess_priv) {\n \t\tstruct mrvl_crypto_session *mrvl_sess =\n \t\t\t(struct mrvl_crypto_session *)sess_priv;\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n \n \t\tif (mrvl_sess->sam_sess &&\n \t\t sam_session_destroy(mrvl_sess->sam_sess) < 0) {\n@@ -916,8 +903,6 @@ mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,\n \t\trte_free(mrvl_sess->sam_sess_params.auth_key);\n \t\trte_free(mrvl_sess->sam_sess_params.cipher_iv);\n \t\tmemset(sess, 0, sizeof(struct rte_security_session));\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n \treturn 0;\n }\ndiff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c\nindex 876522a605..6eca40276a 100644\n--- a/drivers/crypto/qat/qat_sym.c\n+++ b/drivers/crypto/qat/qat_sym.c\n@@ -9,6 +9,7 @@\n #include <rte_crypto_sym.h>\n #include <bus_pci_driver.h>\n #include <rte_byteorder.h>\n+#include <rte_security_driver.h>\n \n #include \"qat_sym.h\"\n #include \"qat_crypto.h\"\n@@ -100,7 +101,7 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg,\n \n #ifdef RTE_LIB_SECURITY\n \telse if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n-\t\tctx = get_sec_session_private_data(op->sym->sec_session);\n+\t\tctx = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \t\tif (unlikely(!ctx)) {\n \t\t\tQAT_DP_LOG(ERR, \"No session for this device\");\n \t\t\treturn -EINVAL;\ndiff --git a/drivers/crypto/qat/qat_sym.h b/drivers/crypto/qat/qat_sym.h\nindex 653df0bf69..033ec0de85 100644\n--- a/drivers/crypto/qat/qat_sym.h\n+++ b/drivers/crypto/qat/qat_sym.h\n@@ -12,6 +12,9 @@\n \n #ifdef BUILD_QAT_SYM\n #include <openssl/evp.h>\n+#ifdef RTE_LIB_SECURITY\n+#include <rte_security_driver.h>\n+#endif\n \n #include \"qat_common.h\"\n #include \"qat_sym_session.h\"\n@@ -274,9 +277,7 @@ qat_sym_preprocess_requests(void **ops, uint16_t nb_ops)\n \t\top = (struct rte_crypto_op *)ops[i];\n \n \t\tif (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n-\t\t\tctx = (struct qat_sym_session *)\n-\t\t\t\tget_sec_session_private_data(\n-\t\t\t\t\top->sym->sec_session);\n+\t\t\tctx = SECURITY_GET_SESS_PRIV(op->sym->sec_session);\n \n \t\t\tif (ctx == NULL || ctx->bpi_ctx == NULL)\n \t\t\t\tcontinue;\n@@ -309,9 +310,7 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie,\n \t\t * Assuming at this point that if it's a security\n \t\t * op, that this is for DOCSIS\n \t\t */\n-\t\tsess = (struct qat_sym_session *)\n-\t\t\t\tget_sec_session_private_data(\n-\t\t\t\trx_op->sym->sec_session);\n+\t\tsess = SECURITY_GET_SESS_PRIV(rx_op->sym->sec_session);\n \t\tis_docsis_sec = 1;\n \t} else\n #endif\ndiff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c\nindex e3ed1af5e6..c2efb675e1 100644\n--- a/drivers/crypto/qat/qat_sym_session.c\n+++ b/drivers/crypto/qat/qat_sym_session.c\n@@ -25,7 +25,7 @@\n #include <rte_malloc.h>\n #include <rte_crypto_sym.h>\n #ifdef RTE_LIB_SECURITY\n-#include <rte_security.h>\n+#include <rte_security_driver.h>\n #endif\n \n #include \"qat_logs.h\"\n@@ -2570,7 +2570,8 @@ qat_sec_session_check_docsis(struct rte_security_session_conf *conf)\n \n static int\n qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,\n-\t\tstruct rte_security_session_conf *conf, void *session_private)\n+\t\tstruct rte_security_session_conf *conf, void *session_private,\n+\t\trte_iova_t session_paddr)\n {\n \tint ret;\n \tint qat_cmd_id;\n@@ -2589,7 +2590,6 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,\n \txform = conf->crypto_xform;\n \n \t/* Verify the session physical address is known */\n-\trte_iova_t session_paddr = rte_mempool_virt2iova(session);\n \tif (session_paddr == 0 || session_paddr == RTE_BAD_IOVA) {\n \t\tQAT_LOG(ERR,\n \t\t\t\"Session physical address unknown. Bad memory pool.\");\n@@ -2619,10 +2619,9 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,\n int\n qat_security_session_create(void *dev,\n \t\t\t\tstruct rte_security_session_conf *conf,\n-\t\t\t\tstruct rte_security_session *sess,\n-\t\t\t\tstruct rte_mempool *mempool)\n+\t\t\t\tstruct rte_security_session *sess)\n {\n-\tvoid *sess_private_data;\n+\tvoid *sess_private_data = SECURITY_GET_SESS_PRIV(sess);\n \tstruct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;\n \tstruct qat_cryptodev_private *internals = cdev->data->dev_private;\n \tenum qat_device_gen qat_dev_gen = internals->qat_dev->qat_dev_gen;\n@@ -2635,25 +2634,17 @@ qat_security_session_create(void *dev,\n \t\treturn -EINVAL;\n \t}\n \n-\tif (rte_mempool_get(mempool, &sess_private_data)) {\n-\t\tQAT_LOG(ERR, \"Couldn't get object from session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)\n \tif (ossl_legacy_provider_load())\n \t\treturn -EINVAL;\n #endif\n \tret = qat_sec_session_set_docsis_parameters(cdev, conf,\n-\t\t\tsess_private_data);\n+\t\t\tsess_private_data, SECURITY_GET_SESS_PRIV_IOVA(sess));\n \tif (ret != 0) {\n \t\tQAT_LOG(ERR, \"Failed to configure session parameters\");\n-\t\t/* Return session to mempool */\n-\t\trte_mempool_put(mempool, sess_private_data);\n \t\treturn ret;\n \t}\n \n-\tset_sec_session_private_data(sess, sess_private_data);\n \tsym_session = (struct qat_sym_session *)sess_private_data;\n \tsym_session->dev_id = internals->dev_id;\n \n@@ -2665,17 +2656,13 @@ int\n qat_security_session_destroy(void *dev __rte_unused,\n \t\t\t\t struct rte_security_session *sess)\n {\n-\tvoid *sess_priv = get_sec_session_private_data(sess);\n+\tvoid *sess_priv = SECURITY_GET_SESS_PRIV(sess);\n \tstruct qat_sym_session *s = (struct qat_sym_session *)sess_priv;\n \n \tif (sess_priv) {\n \t\tif (s->bpi_ctx)\n \t\t\tbpi_cipher_ctx_free(s->bpi_ctx);\n \t\tmemset(s, 0, qat_sym_session_get_private_size(dev));\n-\t\tstruct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);\n-\n-\t\tset_sec_session_private_data(sess, NULL);\n-\t\trte_mempool_put(sess_mp, sess_priv);\n \t}\n \n # if (OPENSSL_VERSION_NUMBER >= 0x30000000L)\ndiff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h\nindex 9e4aab06a6..ac57e0b240 100644\n--- a/drivers/crypto/qat/qat_sym_session.h\n+++ b/drivers/crypto/qat/qat_sym_session.h\n@@ -177,7 +177,7 @@ qat_sym_validate_zuc_key(int key_len, enum icp_qat_hw_cipher_algo *alg);\n #ifdef RTE_LIB_SECURITY\n int\n qat_security_session_create(void *dev, struct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess, struct rte_mempool *mempool);\n+\t\tstruct rte_security_session *sess);\n int\n qat_security_session_destroy(void *dev, struct rte_security_session *sess);\n #endif\ndiff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c\nindex 3795b0c78b..6de4a284da 100644\n--- a/drivers/net/cnxk/cn10k_ethdev_sec.c\n+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c\n@@ -583,15 +583,14 @@ cn10k_eth_sec_outb_sa_misc_fill(struct roc_nix *roc_nix,\n static int\n cn10k_eth_sec_session_create(void *device,\n \t\t\t struct rte_security_session_conf *conf,\n-\t\t\t struct rte_security_session *sess,\n-\t\t\t struct rte_mempool *mempool)\n+\t\t\t struct rte_security_session *sess)\n {\n \tstruct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;\n \tstruct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);\n \tstruct rte_security_ipsec_xform *ipsec;\n \tstruct cn10k_sec_sess_priv sess_priv;\n \tstruct rte_crypto_sym_xform *crypto;\n-\tstruct cnxk_eth_sec_sess *eth_sec;\n+\tstruct cnxk_eth_sec_sess *eth_sec = SECURITY_GET_SESS_PRIV(sess);\n \tstruct roc_nix *nix = &dev->nix;\n \tbool inbound, inl_dev;\n \trte_spinlock_t *lock;\n@@ -626,11 +625,6 @@ cn10k_eth_sec_session_create(void *device,\n \t\treturn -EEXIST;\n \t}\n \n-\tif (rte_mempool_get(mempool, (void **)ð_sec)) {\n-\t\tplt_err(\"Could not allocate security session private data\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tmemset(eth_sec, 0, sizeof(struct cnxk_eth_sec_sess));\n \tsess_priv.u64 = 0;\n \n@@ -659,12 +653,12 @@ cn10k_eth_sec_session_create(void *device,\n \t\t\t\t \"Failed to create ingress sa, inline dev \"\n \t\t\t\t \"not found or spi not in range\");\n \t\t\trc = -ENOTSUP;\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t} else if (!sa) {\n \t\t\tsnprintf(tbuf, sizeof(tbuf),\n \t\t\t\t \"Failed to create ingress sa\");\n \t\t\trc = -EFAULT;\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\tinb_sa = (struct roc_ot_ipsec_inb_sa *)sa;\n@@ -675,7 +669,7 @@ cn10k_eth_sec_session_create(void *device,\n \t\t\t\t \"Inbound SA with SPI %u already in use\",\n \t\t\t\t ipsec->spi);\n \t\t\trc = -EBUSY;\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\tinb_sa_dptr = (struct roc_ot_ipsec_inb_sa *)dev->inb.sa_dptr;\n@@ -687,7 +681,7 @@ cn10k_eth_sec_session_create(void *device,\n \t\tif (rc) {\n \t\t\tsnprintf(tbuf, sizeof(tbuf),\n \t\t\t\t \"Failed to init inbound sa, rc=%d\", rc);\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\tinb_priv = roc_nix_inl_ot_ipsec_inb_sa_sw_rsvd(inb_sa);\n@@ -724,7 +718,7 @@ cn10k_eth_sec_session_create(void *device,\n \t\t\t\t\t eth_sec->inb,\n \t\t\t\t\t sizeof(struct roc_ot_ipsec_inb_sa));\n \t\tif (rc)\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \n \t\tif (conf->ipsec.options.ip_reassembly_en) {\n \t\t\tinb_priv->reass_dynfield_off = dev->reass_dynfield_off;\n@@ -745,7 +739,7 @@ cn10k_eth_sec_session_create(void *device,\n \t\t/* Alloc an sa index */\n \t\trc = cnxk_eth_outb_sa_idx_get(dev, &sa_idx, ipsec->spi);\n \t\tif (rc)\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \n \t\toutb_sa = roc_nix_inl_ot_ipsec_outb_sa(sa_base, sa_idx);\n \t\toutb_priv = roc_nix_inl_ot_ipsec_outb_sa_sw_rsvd(outb_sa);\n@@ -760,7 +754,7 @@ cn10k_eth_sec_session_create(void *device,\n \t\t\tsnprintf(tbuf, sizeof(tbuf),\n \t\t\t\t \"Failed to init outbound sa, rc=%d\", rc);\n \t\t\trc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\tif (conf->ipsec.options.iv_gen_disable == 1) {\n@@ -776,7 +770,7 @@ cn10k_eth_sec_session_create(void *device,\n \t\t\t\t \"Failed to init outb sa misc params, rc=%d\",\n \t\t\t\t rc);\n \t\t\trc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\t/* Save userdata */\n@@ -818,7 +812,7 @@ cn10k_eth_sec_session_create(void *device,\n \t\t\t\t\t eth_sec->inb,\n \t\t\t\t\t sizeof(struct roc_ot_ipsec_outb_sa));\n \t\tif (rc)\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t}\n \tif (inbound && inl_dev)\n \t\troc_nix_inl_dev_unlock();\n@@ -830,15 +824,14 @@ cn10k_eth_sec_session_create(void *device,\n \t/*\n \t * Update fast path info in priv area.\n \t */\n-\tset_sec_session_private_data(sess, (void *)sess_priv.u64);\n+\tsess->fast_mdata = sess_priv.u64;\n \n \treturn 0;\n-mempool_put:\n+err:\n \tif (inbound && inl_dev)\n \t\troc_nix_inl_dev_unlock();\n \trte_spinlock_unlock(lock);\n \n-\trte_mempool_put(mempool, eth_sec);\n \tif (rc)\n \t\tplt_err(\"%s\", tbuf);\n \treturn rc;\n@@ -850,7 +843,6 @@ cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)\n \tstruct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;\n \tstruct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);\n \tstruct cnxk_eth_sec_sess *eth_sec;\n-\tstruct rte_mempool *mp;\n \trte_spinlock_t *lock;\n \tvoid *sa_dptr;\n \n@@ -896,10 +888,6 @@ cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)\n \t\t eth_sec->inb ? \"inbound\" : \"outbound\", eth_sec->spi,\n \t\t eth_sec->sa_idx, eth_sec->inl_dev);\n \n-\t/* Put eth_sec object back to pool */\n-\tmp = rte_mempool_from_obj(eth_sec);\n-\tset_sec_session_private_data(sess, NULL);\n-\trte_mempool_put(mp, eth_sec);\n \treturn 0;\n }\n \ndiff --git a/drivers/net/cnxk/cn9k_ethdev_sec.c b/drivers/net/cnxk/cn9k_ethdev_sec.c\nindex a96a4fa8cd..af3f74046a 100644\n--- a/drivers/net/cnxk/cn9k_ethdev_sec.c\n+++ b/drivers/net/cnxk/cn9k_ethdev_sec.c\n@@ -497,9 +497,10 @@ cn9k_eth_sec_session_update(void *device,\n \tplt_nix_dbg(\"Created outbound session with spi=%u, sa_idx=%u\",\n \t\t eth_sec->spi, eth_sec->sa_idx);\n \n-\t/* Update fast path info in priv area.\n+\t/*\n+\t * Update fast path info in priv area.\n \t */\n-\tset_sec_session_private_data(sess, (void *)sess_priv.u64);\n+\tsess->fast_mdata = sess_priv.u64;\n \n \treturn 0;\n exit:\n@@ -512,15 +513,14 @@ cn9k_eth_sec_session_update(void *device,\n static int\n cn9k_eth_sec_session_create(void *device,\n \t\t\t struct rte_security_session_conf *conf,\n-\t\t\t struct rte_security_session *sess,\n-\t\t\t struct rte_mempool *mempool)\n+\t\t\t struct rte_security_session *sess)\n {\n+\tstruct cnxk_eth_sec_sess *eth_sec = SECURITY_GET_SESS_PRIV(sess);\n \tstruct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;\n \tstruct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);\n \tstruct rte_security_ipsec_xform *ipsec;\n \tstruct cn9k_sec_sess_priv sess_priv;\n \tstruct rte_crypto_sym_xform *crypto;\n-\tstruct cnxk_eth_sec_sess *eth_sec;\n \tstruct roc_nix *nix = &dev->nix;\n \trte_spinlock_t *lock;\n \tchar tbuf[128] = {0};\n@@ -548,11 +548,6 @@ cn9k_eth_sec_session_create(void *device,\n \t\treturn -EEXIST;\n \t}\n \n-\tif (rte_mempool_get(mempool, (void **)ð_sec)) {\n-\t\tplt_err(\"Could not allocate security session private data\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tlock = inbound ? &dev->inb.lock : &dev->outb.lock;\n \trte_spinlock_lock(lock);\n \n@@ -582,7 +577,7 @@ cn9k_eth_sec_session_create(void *device,\n \t\t\tsnprintf(tbuf, sizeof(tbuf),\n \t\t\t\t \"Failed to create ingress sa\");\n \t\t\trc = -EFAULT;\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\t/* Check if SA is already in use */\n@@ -591,7 +586,7 @@ cn9k_eth_sec_session_create(void *device,\n \t\t\t\t \"Inbound SA with SPI %u already in use\",\n \t\t\t\t ipsec->spi);\n \t\t\trc = -EBUSY;\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\tmemset(inb_sa, 0, sizeof(struct roc_ie_on_inb_sa));\n@@ -601,7 +596,7 @@ cn9k_eth_sec_session_create(void *device,\n \t\tif (rc < 0) {\n \t\t\tsnprintf(tbuf, sizeof(tbuf),\n \t\t\t\t \"Failed to init inbound sa, rc=%d\", rc);\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\tctx_len = rc;\n@@ -610,7 +605,7 @@ cn9k_eth_sec_session_create(void *device,\n \t\tif (rc) {\n \t\t\tsnprintf(tbuf, sizeof(tbuf),\n \t\t\t\t \"Failed to create inbound sa, rc=%d\", rc);\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\tinb_priv = roc_nix_inl_on_ipsec_inb_sa_sw_rsvd(inb_sa);\n@@ -624,7 +619,7 @@ cn9k_eth_sec_session_create(void *device,\n \t\tif (inb_priv->replay_win_sz) {\n \t\t\trc = ar_window_init(inb_priv);\n \t\t\tif (rc)\n-\t\t\t\tgoto mempool_put;\n+\t\t\t\tgoto err;\n \t\t}\n \n \t\t/* Prepare session priv */\n@@ -654,7 +649,7 @@ cn9k_eth_sec_session_create(void *device,\n \t\t/* Alloc an sa index */\n \t\trc = cnxk_eth_outb_sa_idx_get(dev, &sa_idx, 0);\n \t\tif (rc)\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \n \t\toutb_sa = roc_nix_inl_on_ipsec_outb_sa(sa_base, sa_idx);\n \t\toutb_priv = roc_nix_inl_on_ipsec_outb_sa_sw_rsvd(outb_sa);\n@@ -668,7 +663,7 @@ cn9k_eth_sec_session_create(void *device,\n \t\t\tsnprintf(tbuf, sizeof(tbuf),\n \t\t\t\t \"Failed to init outbound sa, rc=%d\", rc);\n \t\t\trc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\tctx_len = rc;\n@@ -678,7 +673,7 @@ cn9k_eth_sec_session_create(void *device,\n \t\t\tsnprintf(tbuf, sizeof(tbuf),\n \t\t\t\t \"Failed to init outbound sa, rc=%d\", rc);\n \t\t\trc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);\n-\t\t\tgoto mempool_put;\n+\t\t\tgoto err;\n \t\t}\n \n \t\t/* When IV is provided by the application,\n@@ -731,12 +726,11 @@ cn9k_eth_sec_session_create(void *device,\n \t/*\n \t * Update fast path info in priv area.\n \t */\n-\tset_sec_session_private_data(sess, (void *)sess_priv.u64);\n+\tsess->fast_mdata = sess_priv.u64;\n \n \treturn 0;\n-mempool_put:\n+err:\n \trte_spinlock_unlock(lock);\n-\trte_mempool_put(mempool, eth_sec);\n \tif (rc)\n \t\tplt_err(\"%s\", tbuf);\n \treturn rc;\n@@ -750,7 +744,6 @@ cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)\n \tstruct cnxk_eth_sec_sess *eth_sec;\n \tstruct roc_ie_on_outb_sa *outb_sa;\n \tstruct roc_ie_on_inb_sa *inb_sa;\n-\tstruct rte_mempool *mp;\n \trte_spinlock_t *lock;\n \n \teth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess);\n@@ -787,10 +780,6 @@ cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)\n \t\t eth_sec->inb ? \"inbound\" : \"outbound\", eth_sec->spi,\n \t\t eth_sec->sa_idx);\n \n-\t/* Put eth_sec object back to pool */\n-\tmp = rte_mempool_from_obj(eth_sec);\n-\tset_sec_session_private_data(sess, NULL);\n-\trte_mempool_put(mp, eth_sec);\n \treturn 0;\n }\n \ndiff --git a/drivers/net/iavf/iavf_ipsec_crypto.c b/drivers/net/iavf/iavf_ipsec_crypto.c\nindex e6261a4058..afd7f8f467 100644\n--- a/drivers/net/iavf/iavf_ipsec_crypto.c\n+++ b/drivers/net/iavf/iavf_ipsec_crypto.c\n@@ -640,14 +640,13 @@ set_session_parameter(struct iavf_security_ctx *iavf_sctx,\n static int\n iavf_ipsec_crypto_session_create(void *device,\n \t\t\t\t struct rte_security_session_conf *conf,\n-\t\t\t\t struct rte_security_session *session,\n-\t\t\t\t struct rte_mempool *mempool)\n+\t\t\t\t struct rte_security_session *session)\n {\n \tstruct rte_eth_dev *ethdev = device;\n \tstruct iavf_adapter *adapter =\n \t\tIAVF_DEV_PRIVATE_TO_ADAPTER(ethdev->data->dev_private);\n \tstruct iavf_security_ctx *iavf_sctx = adapter->security_ctx;\n-\tstruct iavf_security_session *iavf_session = NULL;\n+\tstruct iavf_security_session *iavf_session = SECURITY_GET_SESS_PRIV(session);\n \tint sa_idx;\n \tint ret = 0;\n \n@@ -656,12 +655,6 @@ iavf_ipsec_crypto_session_create(void *device,\n \tif (ret)\n \t\treturn ret;\n \n-\t/* allocate session context */\n-\tif (rte_mempool_get(mempool, (void **)&iavf_session)) {\n-\t\tPMD_DRV_LOG(ERR, \"Cannot get object from sess mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \t/* add SA to hardware database */\n \tsa_idx = iavf_ipsec_crypto_security_association_add(adapter, conf);\n \tif (sa_idx < 0) {\n@@ -675,16 +668,12 @@ iavf_ipsec_crypto_session_create(void *device,\n \t\t\t\tRTE_SECURITY_IPSEC_SA_DIR_INGRESS ?\n \t\t\t\t\"inbound\" : \"outbound\");\n \n-\t\trte_mempool_put(mempool, iavf_session);\n \t\treturn -EFAULT;\n \t}\n \n \t/* save data plane required session parameters */\n \tset_session_parameter(iavf_sctx, iavf_session, conf, sa_idx);\n \n-\t/* save to security session private data */\n-\tset_sec_session_private_data(session, iavf_session);\n-\n \treturn 0;\n }\n \n@@ -702,7 +691,7 @@ iavf_ipsec_crypto_action_valid(struct rte_eth_dev *ethdev,\n {\n \tstruct iavf_adapter *adapter =\n \t\tIAVF_DEV_PRIVATE_TO_ADAPTER(ethdev->data->dev_private);\n-\tstruct iavf_security_session *sess = session->sess_private_data;\n+\tconst struct iavf_security_session *sess = (const void *)session->driver_priv_data;\n \n \t/* verify we have a valid session and that it belong to this adapter */\n \tif (unlikely(sess == NULL || sess->adapter != adapter))\n@@ -880,7 +869,7 @@ iavf_ipsec_crypto_session_update(void *device,\n \tint rc = 0;\n \n \tadapter = IAVF_DEV_PRIVATE_TO_ADAPTER(eth_dev->data->dev_private);\n-\tiavf_sess = (struct iavf_security_session *)session->sess_private_data;\n+\tiavf_sess = SECURITY_GET_SESS_PRIV(session);\n \n \t/* verify we have a valid session and that it belong to this adapter */\n \tif (unlikely(iavf_sess == NULL || iavf_sess->adapter != adapter))\n@@ -1046,7 +1035,7 @@ iavf_ipsec_crypto_session_destroy(void *device,\n \tint ret;\n \n \tadapter = IAVF_DEV_PRIVATE_TO_ADAPTER(eth_dev->data->dev_private);\n-\tiavf_sess = (struct iavf_security_session *)session->sess_private_data;\n+\tiavf_sess = SECURITY_GET_SESS_PRIV(session);\n \n \t/* verify we have a valid session and that it belong to this adapter */\n \tif (unlikely(iavf_sess == NULL || iavf_sess->adapter != adapter))\n@@ -1141,7 +1130,7 @@ iavf_ipsec_crypto_pkt_metadata_set(void *device,\n \tstruct iavf_adapter *adapter =\n \t\t\tIAVF_DEV_PRIVATE_TO_ADAPTER(ethdev->data->dev_private);\n \tstruct iavf_security_ctx *iavf_sctx = adapter->security_ctx;\n-\tstruct iavf_security_session *iavf_sess = session->sess_private_data;\n+\tstruct iavf_security_session *iavf_sess = SECURITY_GET_SESS_PRIV(session);\n \tstruct iavf_ipsec_crypto_pkt_metadata *md;\n \tstruct rte_esp_tail *esp_tail;\n \tuint64_t *sqn = params;\ndiff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c\nindex c353ae33b4..210071b7d6 100644\n--- a/drivers/net/ixgbe/ixgbe_ipsec.c\n+++ b/drivers/net/ixgbe/ixgbe_ipsec.c\n@@ -369,24 +369,17 @@ ixgbe_crypto_remove_sa(struct rte_eth_dev *dev,\n static int\n ixgbe_crypto_create_session(void *device,\n \t\tstruct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *session,\n-\t\tstruct rte_mempool *mempool)\n+\t\tstruct rte_security_session *session)\n {\n \tstruct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;\n-\tstruct ixgbe_crypto_session *ic_session = NULL;\n+\tstruct ixgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);\n \tstruct rte_crypto_aead_xform *aead_xform;\n \tstruct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;\n \n-\tif (rte_mempool_get(mempool, (void **)&ic_session)) {\n-\t\tPMD_DRV_LOG(ERR, \"Cannot get object from ic_session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tif (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||\n \t\t\tconf->crypto_xform->aead.algo !=\n \t\t\t\t\tRTE_CRYPTO_AEAD_AES_GCM) {\n \t\tPMD_DRV_LOG(ERR, \"Unsupported crypto transformation mode\\n\");\n-\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\treturn -ENOTSUP;\n \t}\n \taead_xform = &conf->crypto_xform->aead;\n@@ -396,7 +389,6 @@ ixgbe_crypto_create_session(void *device,\n \t\t\tic_session->op = IXGBE_OP_AUTHENTICATED_DECRYPTION;\n \t\t} else {\n \t\t\tPMD_DRV_LOG(ERR, \"IPsec decryption not enabled\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -ENOTSUP;\n \t\t}\n \t} else {\n@@ -404,7 +396,6 @@ ixgbe_crypto_create_session(void *device,\n \t\t\tic_session->op = IXGBE_OP_AUTHENTICATED_ENCRYPTION;\n \t\t} else {\n \t\t\tPMD_DRV_LOG(ERR, \"IPsec encryption not enabled\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -ENOTSUP;\n \t\t}\n \t}\n@@ -416,12 +407,9 @@ ixgbe_crypto_create_session(void *device,\n \tic_session->spi = conf->ipsec.spi;\n \tic_session->dev = eth_dev;\n \n-\tset_sec_session_private_data(session, ic_session);\n-\n \tif (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n \t\tif (ixgbe_crypto_add_sa(ic_session)) {\n \t\t\tPMD_DRV_LOG(ERR, \"Failed to add SA\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -EPERM;\n \t\t}\n \t}\n@@ -440,9 +428,7 @@ ixgbe_crypto_remove_session(void *device,\n \t\tstruct rte_security_session *session)\n {\n \tstruct rte_eth_dev *eth_dev = device;\n-\tstruct ixgbe_crypto_session *ic_session =\n-\t\t(struct ixgbe_crypto_session *)\n-\t\tget_sec_session_private_data(session);\n+\tstruct ixgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);\n \tstruct rte_mempool *mempool = rte_mempool_from_obj(ic_session);\n \n \tif (eth_dev != ic_session->dev) {\n@@ -480,8 +466,7 @@ ixgbe_crypto_update_mb(void *device __rte_unused,\n \t\tstruct rte_security_session *session,\n \t\t struct rte_mbuf *m, void *params __rte_unused)\n {\n-\tstruct ixgbe_crypto_session *ic_session =\n-\t\t\tget_sec_session_private_data(session);\n+\tstruct ixgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);\n \tif (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n \t\tunion ixgbe_crypto_tx_desc_md *mdata =\n \t\t\t(union ixgbe_crypto_tx_desc_md *)\n@@ -685,8 +670,12 @@ ixgbe_crypto_add_ingress_sa_from_flow(const void *sess,\n \t\t\t\t const void *ip_spec,\n \t\t\t\t uint8_t is_ipv6)\n {\n-\tstruct ixgbe_crypto_session *ic_session\n-\t\t= get_sec_session_private_data(sess);\n+\t/**\n+\t * FIXME Updating the session priv data when the session is const.\n+\t * Typecasting done here is wrong and the implementation need to be corrected.\n+\t */\n+\tstruct ixgbe_crypto_session *ic_session = (void *)(uint64_t)\n+\t\t\t((const struct rte_security_session *)sess)->driver_priv_data;\n \n \tif (ic_session->op == IXGBE_OP_AUTHENTICATED_DECRYPTION) {\n \t\tif (is_ipv6) {\ndiff --git a/drivers/net/txgbe/txgbe_ipsec.c b/drivers/net/txgbe/txgbe_ipsec.c\nindex 3ca3d85ed5..f75cfe33a4 100644\n--- a/drivers/net/txgbe/txgbe_ipsec.c\n+++ b/drivers/net/txgbe/txgbe_ipsec.c\n@@ -349,24 +349,17 @@ txgbe_crypto_remove_sa(struct rte_eth_dev *dev,\n static int\n txgbe_crypto_create_session(void *device,\n \t\tstruct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *session,\n-\t\tstruct rte_mempool *mempool)\n+\t\tstruct rte_security_session *session)\n {\n \tstruct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;\n-\tstruct txgbe_crypto_session *ic_session = NULL;\n+\tstruct txgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);\n \tstruct rte_crypto_aead_xform *aead_xform;\n \tstruct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;\n \n-\tif (rte_mempool_get(mempool, (void **)&ic_session)) {\n-\t\tPMD_DRV_LOG(ERR, \"Cannot get object from ic_session mempool\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n \tif (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||\n \t\t\tconf->crypto_xform->aead.algo !=\n \t\t\t\t\tRTE_CRYPTO_AEAD_AES_GCM) {\n \t\tPMD_DRV_LOG(ERR, \"Unsupported crypto transformation mode\\n\");\n-\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\treturn -ENOTSUP;\n \t}\n \taead_xform = &conf->crypto_xform->aead;\n@@ -376,7 +369,6 @@ txgbe_crypto_create_session(void *device,\n \t\t\tic_session->op = TXGBE_OP_AUTHENTICATED_DECRYPTION;\n \t\t} else {\n \t\t\tPMD_DRV_LOG(ERR, \"IPsec decryption not enabled\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -ENOTSUP;\n \t\t}\n \t} else {\n@@ -384,7 +376,6 @@ txgbe_crypto_create_session(void *device,\n \t\t\tic_session->op = TXGBE_OP_AUTHENTICATED_ENCRYPTION;\n \t\t} else {\n \t\t\tPMD_DRV_LOG(ERR, \"IPsec encryption not enabled\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -ENOTSUP;\n \t\t}\n \t}\n@@ -396,12 +387,9 @@ txgbe_crypto_create_session(void *device,\n \tic_session->spi = conf->ipsec.spi;\n \tic_session->dev = eth_dev;\n \n-\tset_sec_session_private_data(session, ic_session);\n-\n \tif (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n \t\tif (txgbe_crypto_add_sa(ic_session)) {\n \t\t\tPMD_DRV_LOG(ERR, \"Failed to add SA\\n\");\n-\t\t\trte_mempool_put(mempool, (void *)ic_session);\n \t\t\treturn -EPERM;\n \t\t}\n \t}\n@@ -420,9 +408,7 @@ txgbe_crypto_remove_session(void *device,\n \t\tstruct rte_security_session *session)\n {\n \tstruct rte_eth_dev *eth_dev = device;\n-\tstruct txgbe_crypto_session *ic_session =\n-\t\t(struct txgbe_crypto_session *)\n-\t\tget_sec_session_private_data(session);\n+\tstruct txgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);\n \tstruct rte_mempool *mempool = rte_mempool_from_obj(ic_session);\n \n \tif (eth_dev != ic_session->dev) {\n@@ -460,8 +446,8 @@ txgbe_crypto_update_mb(void *device __rte_unused,\n \t\tstruct rte_security_session *session,\n \t\t struct rte_mbuf *m, void *params __rte_unused)\n {\n-\tstruct txgbe_crypto_session *ic_session =\n-\t\t\tget_sec_session_private_data(session);\n+\tstruct txgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);\n+\n \tif (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n \t\tunion txgbe_crypto_tx_desc_md *mdata =\n \t\t\t(union txgbe_crypto_tx_desc_md *)\n@@ -661,8 +647,12 @@ txgbe_crypto_add_ingress_sa_from_flow(const void *sess,\n \t\t\t\t const void *ip_spec,\n \t\t\t\t uint8_t is_ipv6)\n {\n-\tstruct txgbe_crypto_session *ic_session =\n-\t\t\tget_sec_session_private_data(sess);\n+\t/**\n+\t * FIXME Updating the session priv data when the session is const.\n+\t * Typecasting done here is wrong and the implementation need to be corrected.\n+\t */\n+\tstruct txgbe_crypto_session *ic_session = (void *)(uint64_t)\n+\t\t\t((const struct rte_security_session *)sess)->driver_priv_data;\n \n \tif (ic_session->op == TXGBE_OP_AUTHENTICATED_DECRYPTION) {\n \t\tif (is_ipv6) {\ndiff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c\nindex 338fbe6236..8351aab05c 100644\n--- a/examples/ipsec-secgw/ipsec-secgw.c\n+++ b/examples/ipsec-secgw/ipsec-secgw.c\n@@ -2110,38 +2110,6 @@ session_pool_init(struct socket_ctx *ctx, int32_t socket_id, size_t sess_sz)\n \t\tprintf(\"Allocated session pool on socket %d\\n\",\tsocket_id);\n }\n \n-static void\n-session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,\n-\tsize_t sess_sz)\n-{\n-\tchar mp_name[RTE_MEMPOOL_NAMESIZE];\n-\tstruct rte_mempool *sess_mp;\n-\tuint32_t nb_sess;\n-\n-\tsnprintf(mp_name, RTE_MEMPOOL_NAMESIZE,\n-\t\t\t\"sess_mp_priv_%u\", socket_id);\n-\tnb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *\n-\t\trte_lcore_count());\n-\tnb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *\n-\t\t\tCDEV_MP_CACHE_MULTIPLIER);\n-\tsess_mp = rte_mempool_create(mp_name,\n-\t\t\tnb_sess,\n-\t\t\tsess_sz,\n-\t\t\tCDEV_MP_CACHE_SZ,\n-\t\t\t0, NULL, NULL, NULL,\n-\t\t\tNULL, socket_id,\n-\t\t\t0);\n-\tctx->session_priv_pool = sess_mp;\n-\n-\tif (ctx->session_priv_pool == NULL)\n-\t\trte_exit(EXIT_FAILURE,\n-\t\t\t\"Cannot init session priv pool on socket %d\\n\",\n-\t\t\tsocket_id);\n-\telse\n-\t\tprintf(\"Allocated session priv pool on socket %d\\n\",\n-\t\t\tsocket_id);\n-}\n-\n static void\n pool_init(struct socket_ctx *ctx, int32_t socket_id, int portid,\n \t uint32_t nb_mbuf)\n@@ -3000,8 +2968,6 @@ main(int32_t argc, char **argv)\n \t\t\tcontinue;\n \n \t\tsession_pool_init(&socket_ctx[socket_id], socket_id, sess_sz);\n-\t\tsession_priv_pool_init(&socket_ctx[socket_id], socket_id,\n-\t\t\tsess_sz);\n \t}\n \tprintf(\"Number of mbufs in packet pool %d\\n\", nb_bufs_in_pool);\n \ndiff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c\nindex bb84dcec7e..ee1cf871ca 100644\n--- a/examples/ipsec-secgw/ipsec.c\n+++ b/examples/ipsec-secgw/ipsec.c\n@@ -151,8 +151,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx_lcore[],\n \t\t\tset_ipsec_conf(sa, &(sess_conf.ipsec));\n \n \t\t\tips->security.ses = rte_security_session_create(ctx,\n-\t\t\t\t\t&sess_conf, skt_ctx->session_pool,\n-\t\t\t\t\tskt_ctx->session_priv_pool);\n+\t\t\t\t\t&sess_conf, skt_ctx->session_pool);\n \t\t\tif (ips->security.ses == NULL) {\n \t\t\t\tRTE_LOG(ERR, IPSEC,\n \t\t\t\t\"SEC Session init failed: err: %d\\n\", ret);\n@@ -278,8 +277,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,\n \t\t}\n \n \t\tips->security.ses = rte_security_session_create(sec_ctx,\n-\t\t\t\t&sess_conf, skt_ctx->session_pool,\n-\t\t\t\tskt_ctx->session_priv_pool);\n+\t\t\t\t&sess_conf, skt_ctx->session_pool);\n \t\tif (ips->security.ses == NULL) {\n \t\t\tRTE_LOG(ERR, IPSEC,\n \t\t\t\t\"SEC Session init failed: err: %d\\n\", ret);\n@@ -478,8 +476,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,\n \t\tsess_conf.userdata = (void *) sa;\n \n \t\tips->security.ses = rte_security_session_create(sec_ctx,\n-\t\t\t\t\t&sess_conf, skt_ctx->session_pool,\n-\t\t\t\t\tskt_ctx->session_priv_pool);\n+\t\t\t\t\t&sess_conf, skt_ctx->session_pool);\n \t\tif (ips->security.ses == NULL) {\n \t\t\tRTE_LOG(ERR, IPSEC,\n \t\t\t\t\"SEC Session init failed: err: %d\\n\", ret);\ndiff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h\nindex 2c37bb022d..538eb17d94 100644\n--- a/examples/ipsec-secgw/ipsec.h\n+++ b/examples/ipsec-secgw/ipsec.h\n@@ -258,7 +258,6 @@ struct socket_ctx {\n \tstruct rte_mempool *mbuf_pool[RTE_MAX_ETHPORTS];\n \tstruct rte_mempool *mbuf_pool_indir;\n \tstruct rte_mempool *session_pool;\n-\tstruct rte_mempool *session_priv_pool;\n };\n \n struct cnt_blk {\ndiff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h\nindex 8b6a7a5c1d..ece7157970 100644\n--- a/lib/cryptodev/rte_cryptodev.h\n+++ b/lib/cryptodev/rte_cryptodev.h\n@@ -967,7 +967,7 @@ rte_cryptodev_asym_session_pool_create(const char *name, uint32_t nb_elts,\n * @param dev_id ID of device that we want the session to be used on\n * @param xforms Symmetric crypto transform operations to apply on flow\n * processed with this session\n- * @param mempool Mempool where the private data is allocated.\n+ * @param mp Mempool where the private data is allocated.\n *\n * @return\n * - On success return pointer to sym-session.\ndiff --git a/lib/security/rte_security.c b/lib/security/rte_security.c\nindex f94ed9ca43..7c0e86968b 100644\n--- a/lib/security/rte_security.c\n+++ b/lib/security/rte_security.c\n@@ -45,21 +45,28 @@ rte_security_dynfield_register(void)\n struct rte_security_session *\n rte_security_session_create(struct rte_security_ctx *instance,\n \t\t\t struct rte_security_session_conf *conf,\n-\t\t\t struct rte_mempool *mp,\n-\t\t\t struct rte_mempool *priv_mp)\n+\t\t\t struct rte_mempool *mp)\n {\n \tstruct rte_security_session *sess = NULL;\n+\tuint32_t sess_priv_size;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);\n \tRTE_PTR_OR_ERR_RET(conf, NULL);\n \tRTE_PTR_OR_ERR_RET(mp, NULL);\n-\tRTE_PTR_OR_ERR_RET(priv_mp, NULL);\n+\n+\tsess_priv_size = instance->ops->session_get_size(instance->device);\n+\tif (mp->elt_size < (sizeof(struct rte_security_session) + sess_priv_size))\n+\t\treturn NULL;\n \n \tif (rte_mempool_get(mp, (void **)&sess))\n \t\treturn NULL;\n \n-\tif (instance->ops->session_create(instance->device, conf,\n-\t\t\t\tsess, priv_mp)) {\n+\t/* Clear session priv data */\n+\tmemset(sess->driver_priv_data, 0, sess_priv_size);\n+\n+\tsess->driver_priv_data_iova = rte_mempool_virt2iova(sess) +\n+\t\t\toffsetof(struct rte_security_session, driver_priv_data);\n+\tif (instance->ops->session_create(instance->device, conf, sess)) {\n \t\trte_mempool_put(mp, (void *)sess);\n \t\treturn NULL;\n \t}\n@@ -86,7 +93,8 @@ rte_security_session_get_size(struct rte_security_ctx *instance)\n {\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);\n \n-\treturn instance->ops->session_get_size(instance->device);\n+\treturn (sizeof(struct rte_security_session) +\n+\t\t\tinstance->ops->session_get_size(instance->device));\n }\n \n int\ndiff --git a/lib/security/rte_security.h b/lib/security/rte_security.h\nindex e4bfc89f3a..07f3c2c365 100644\n--- a/lib/security/rte_security.h\n+++ b/lib/security/rte_security.h\n@@ -674,10 +674,17 @@ struct rte_security_session_conf {\n };\n \n struct rte_security_session {\n-\tvoid *sess_private_data;\n-\t/**< Private session material */\n+\tRTE_MARKER cacheline0;\n \tuint64_t opaque_data;\n \t/**< Opaque user defined data */\n+\tuint64_t fast_mdata;\n+\t/**< Fast metadata to be used for inline path */\n+\trte_iova_t driver_priv_data_iova;\n+\t/**< session private data IOVA address */\n+\n+\tRTE_MARKER cacheline1 __rte_cache_min_aligned;\n+\tuint8_t driver_priv_data[0];\n+\t/**< Private session material, variable size (depends on driver) */\n };\n \n /**\n@@ -686,7 +693,6 @@ struct rte_security_session {\n * @param instance\tsecurity instance\n * @param conf\tsession configuration parameters\n * @param mp\t\tmempool to allocate session objects from\n- * @param priv_mp\tmempool to allocate session private data objects from\n * @return\n * - On success, pointer to session\n * - On failure, NULL\n@@ -694,8 +700,7 @@ struct rte_security_session {\n struct rte_security_session *\n rte_security_session_create(struct rte_security_ctx *instance,\n \t\t\t struct rte_security_session_conf *conf,\n-\t\t\t struct rte_mempool *mp,\n-\t\t\t struct rte_mempool *priv_mp);\n+\t\t\t struct rte_mempool *mp);\n \n /**\n * Update security session as specified by the session configuration\n@@ -885,7 +890,7 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n \t/* Fast Path */\n \tif (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {\n \t\t*rte_security_dynfield(mb) =\n-\t\t\t(rte_security_dynfield_t)(sess->sess_private_data);\n+\t\t\t(rte_security_dynfield_t)(sess->fast_mdata);\n \t\treturn 0;\n \t}\n \n@@ -908,19 +913,6 @@ __rte_security_attach_session(struct rte_crypto_sym_op *sym_op,\n \treturn 0;\n }\n \n-static inline void *\n-get_sec_session_private_data(const struct rte_security_session *sess)\n-{\n-\treturn sess->sess_private_data;\n-}\n-\n-static inline void\n-set_sec_session_private_data(struct rte_security_session *sess,\n-\t\t\t void *private_data)\n-{\n-\tsess->sess_private_data = private_data;\n-}\n-\n /**\n * Attach a session to a crypto operation.\n * This API is needed only in case of RTE_SECURITY_SESS_CRYPTO_PROTO_OFFLOAD\ndiff --git a/lib/security/rte_security_driver.h b/lib/security/rte_security_driver.h\nindex f866ee0248..cb16b55277 100644\n--- a/lib/security/rte_security_driver.h\n+++ b/lib/security/rte_security_driver.h\n@@ -19,24 +19,29 @@ extern \"C\" {\n \n #include \"rte_security.h\"\n \n+/**\n+ * Helper macro to get driver private data\n+ */\n+#define SECURITY_GET_SESS_PRIV(s) \\\n+\t((void *)(((struct rte_security_session *)s)->driver_priv_data))\n+#define SECURITY_GET_SESS_PRIV_IOVA(s) \\\n+\t(((struct rte_security_session *)s)->driver_priv_data_iova)\n+\n /**\n * Configure a security session on a device.\n *\n * @param\tdevice\t\tCrypto/eth device pointer\n * @param\tconf\t\tSecurity session configuration\n * @param\tsess\t\tPointer to Security private session structure\n- * @param\tmp\t\tMempool where the private session is allocated\n *\n * @return\n * - Returns 0 if private session structure have been created successfully.\n * - Returns -EINVAL if input parameters are invalid.\n * - Returns -ENOTSUP if crypto device does not support the crypto transform.\n- * - Returns -ENOMEM if the private session could not be allocated.\n */\n typedef int (*security_session_create_t)(void *device,\n \t\tstruct rte_security_session_conf *conf,\n-\t\tstruct rte_security_session *sess,\n-\t\tstruct rte_mempool *mp);\n+\t\tstruct rte_security_session *sess);\n \n /**\n * Free driver private session data.\n", "prefixes": [ "v6", "4/6" ] }