cryptodev: hide symmetric session structure

Structure rte_cryptodev_sym_session is moved to internal
headers which are not visible to applications.
The only field which should be used by app is opaque_data.
This field can now be accessed via set/get APIs added in this
patch.
Subsequent changes in app and lib are made to compile the code.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Tested-by: Gagandeep Singh <g.singh@nxp.com>
Tested-by: David Coyle <david.coyle@intel.com>
Tested-by: Kevin O'Sullivan <kevin.osullivan@intel.com>

app/test-crypto-perf/cperf_ops.c

@@ -13,7 +13,7 @@ static void
 cperf_set_ops_asym(struct rte_crypto_op **ops,
 		   uint32_t src_buf_offset __rte_unused,
 		   uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
-		   struct rte_cryptodev_sym_session *sess,
+		   void *sess,
 		   const struct cperf_options *options,
 		   const struct cperf_test_vector *test_vector __rte_unused,
 		   uint16_t iv_offset __rte_unused,
@@ -55,7 +55,7 @@ static void
 cperf_set_ops_security(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset __rte_unused,
 		uint32_t dst_buf_offset __rte_unused,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -125,7 +125,7 @@ static void
 cperf_set_ops_security_ipsec(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset __rte_unused,
 		uint32_t dst_buf_offset __rte_unused,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -183,7 +183,7 @@ cperf_set_ops_security_ipsec(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -221,7 +221,7 @@ cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_null_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -259,7 +259,7 @@ cperf_set_ops_null_auth(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_cipher(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -314,7 +314,7 @@ cperf_set_ops_cipher(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -414,7 +414,7 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -532,7 +532,7 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 static void
 cperf_set_ops_aead(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -640,7 +640,7 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 	}
 }
 
-static struct rte_cryptodev_sym_session *
+static void *
 create_ipsec_session(struct rte_mempool *sess_mp,
 		struct rte_mempool *priv_mp,
 		uint8_t dev_id,
@@ -757,7 +757,7 @@ create_ipsec_session(struct rte_mempool *sess_mp,
 				&sess_conf, sess_mp, priv_mp);
 }
 
-static struct rte_cryptodev_sym_session *
+static void *
 cperf_create_session(struct rte_mempool *sess_mp,
 	struct rte_mempool *priv_mp,
 	uint8_t dev_id,
@@ -768,7 +768,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 	struct rte_crypto_sym_xform cipher_xform;
 	struct rte_crypto_sym_xform auth_xform;
 	struct rte_crypto_sym_xform aead_xform;
-	struct rte_cryptodev_sym_session *sess = NULL;
+	void *sess = NULL;
 	void *asym_sess = NULL;
 	struct rte_crypto_asym_xform xform = {0};
 	int ret;

app/test-crypto-perf/cperf_ops.h

@@ -12,15 +12,16 @@
 #include "cperf_test_vectors.h"
 
 
-typedef struct rte_cryptodev_sym_session *(*cperf_sessions_create_t)(
-		struct rte_mempool *sess_mp, struct rte_mempool *sess_priv_mp,
+typedef void *(*cperf_sessions_create_t)(
+		struct rte_mempool *sess_mp,
+		struct rte_mempool *priv_mp,
 		uint8_t dev_id, const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset);
 
 typedef void (*cperf_populate_ops_t)(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,

app/test-crypto-perf/cperf_test_latency.c

@@ -24,7 +24,7 @@ struct cperf_latency_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 

app/test-crypto-perf/cperf_test_pmd_cyclecount.c

@@ -28,7 +28,7 @@ struct cperf_pmd_cyclecount_ctx {
 	struct rte_crypto_op **ops;
 	struct rte_crypto_op **ops_processed;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 

app/test-crypto-perf/cperf_test_throughput.c

@@ -20,7 +20,7 @@ struct cperf_throughput_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 

app/test-crypto-perf/cperf_test_verify.c

@@ -20,7 +20,7 @@ struct cperf_verify_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 

app/test-eventdev/test_perf_common.c

@@ -852,11 +852,11 @@ perf_event_crypto_adapter_setup(struct test_perf *t, struct prod_data *p)
 	return ret;
 }
 
-static struct rte_cryptodev_sym_session *
+static void *
 cryptodev_sym_sess_create(struct prod_data *p, struct test_perf *t)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
 	cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_NULL;
@@ -1007,7 +1007,7 @@ perf_event_dev_port_setup(struct evt_test *test, struct evt_options *opt,
 				m_data.response_info.flow_id = flow_id;
 				if (opt->crypto_op_type ==
 						RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
-					struct rte_cryptodev_sym_session *sess;
+					void *sess;
 
 					sess = cryptodev_sym_sess_create(p, t);
 					if (sess == NULL)
@@ -1466,7 +1466,7 @@ perf_cryptodev_destroy(struct evt_test *test, struct evt_options *opt)
 		return;
 
 	for (port = t->nb_workers; port < perf_nb_event_ports(opt); port++) {
-		struct rte_cryptodev_sym_session *sess;
+		void *sess;
 		struct prod_data *p = &t->prod[port];
 		uint32_t flow_id;
 		uint8_t cdev_id;

app/test/test_cryptodev.c

@@ -82,7 +82,7 @@ struct crypto_unittest_params {
 #endif
 
 	union {
-		struct rte_cryptodev_sym_session *sess;
+		void *sess;
 #ifdef RTE_LIB_SECURITY
 		struct rte_security_session *sec_session;
 #endif
@@ -122,7 +122,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 		uint8_t *hmac_key);
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_param,
 		const uint8_t *cipher,
@@ -2289,7 +2289,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 		uint8_t *hmac_key);
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_params,
 		const uint8_t *cipher,
@@ -2330,7 +2330,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_params,
 		const uint8_t *cipher,
@@ -12199,7 +12199,7 @@ test_multi_session(void)
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
 	struct crypto_unittest_params *ut_params = &unittest_params;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session **sessions;
+	void **sessions;
 	uint16_t i;
 
 	/* Verify the capabilities */
@@ -12222,7 +12222,7 @@ test_multi_session(void)
 	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
 	sessions = rte_malloc(NULL,
-			sizeof(struct rte_cryptodev_sym_session *) *
+			sizeof(void *) *
 			(MAX_NB_SESSIONS + 1), 0);
 
 	/* Create multiple crypto sessions*/
@@ -12291,7 +12291,7 @@ test_multi_session_random_usage(void)
 {
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session **sessions;
+	void **sessions;
 	uint32_t i, j;
 	struct multi_session_params ut_paramz[] = {
 
@@ -12334,8 +12334,7 @@ test_multi_session_random_usage(void)
 
 	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
-	sessions = rte_malloc(NULL,
-			(sizeof(struct rte_cryptodev_sym_session *)
+	sessions = rte_malloc(NULL, (sizeof(void *)
 					* MAX_NB_SESSIONS) + 1, 0);
 
 	for (i = 0; i < MB_SESSION_NUMBER; i++) {

app/test/test_cryptodev_blockcipher.c

@@ -80,7 +80,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 	struct rte_crypto_sym_op *sym_op = NULL;
 	struct rte_crypto_op *op = NULL;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session *sess = NULL;
+	void *sess = NULL;
 
 	int status = TEST_SUCCESS;
 	const struct blockcipher_test_data *tdata = t->test_data;

app/test/test_event_crypto_adapter.c

@@ -276,13 +276,13 @@ static int
 test_op_forward_mode(uint8_t session_less)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
 	union rte_event_crypto_metadata m_data;
 	struct rte_crypto_sym_op *sym_op;
 	struct rte_crypto_op *op;
 	struct rte_mbuf *m;
 	struct rte_event ev;
 	uint32_t cap;
+	void *sess;
 	int ret;
 
 	memset(&m_data, 0, sizeof(m_data));
@@ -649,12 +649,12 @@ static int
 test_op_new_mode(uint8_t session_less)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
 	union rte_event_crypto_metadata m_data;
 	struct rte_crypto_sym_op *sym_op;
 	struct rte_crypto_op *op;
 	struct rte_mbuf *m;
 	uint32_t cap;
+	void *sess;
 	int ret;
 
 	memset(&m_data, 0, sizeof(m_data));

app/test/test_ipsec.c

@@ -645,7 +645,7 @@ static int
 create_crypto_session(struct ipsec_unitest_params *ut,
 	struct rte_cryptodev_qp_conf *qp, uint8_t dev_id, uint32_t j)
 {
-	struct rte_cryptodev_sym_session *s;
+	void *s;
 
 	s = rte_cryptodev_sym_session_create(dev_id, ut->crypto_xforms,
 			qp->mp_session);

app/test/test_ipsec_perf.c

@@ -227,7 +227,7 @@ static int
 create_sa(enum rte_security_session_action_type action_type,
 	  struct ipsec_sa *sa)
 {
-	static struct rte_cryptodev_sym_session dummy_ses;
+	void *dummy_ses = NULL;
 	size_t sz;
 	int rc;
 
@@ -247,7 +247,7 @@ create_sa(enum rte_security_session_action_type action_type,
 		"failed to allocate memory for rte_ipsec_sa\n");
 
 	sa->ss[0].type = action_type;
-	sa->ss[0].crypto.ses = &dummy_ses;
+	sa->ss[0].crypto.ses = dummy_ses;
 
 	rc = rte_ipsec_sa_init(sa->ss[0].sa, &sa->sa_prm, sz);
 	rc = (rc > 0 && (uint32_t)rc <= sz) ? 0 : -EINVAL;

doc/guides/prog_guide/cryptodev_lib.rst

@@ -125,13 +125,11 @@ Each queue pairs resources may be allocated on a specified socket.
         uint32_t nb_descriptors; /**< Number of descriptors per queue pair */
         struct rte_mempool *mp_session;
         /**< The mempool for creating session in sessionless mode */
-        struct rte_mempool *mp_session_private;
-        /**< The mempool for creating sess private data in sessionless mode */
     };
 
 
-The fields ``mp_session`` and ``mp_session_private`` are used for creating
-temporary session to process the crypto operations in the session-less mode.
+The field ``mp_session`` is used for creating temporary session to process
+the crypto operations in the session-less mode.
 They can be the same other different mempools. Please note not all Cryptodev
 PMDs supports session-less mode.
 
@@ -595,7 +593,7 @@ chain.
         struct rte_mbuf *m_dst;
 
         union {
-            struct rte_cryptodev_sym_session *session;
+            void *session;
             /**< Handle for the initialised session context */
             struct rte_crypto_sym_xform *xform;
             /**< Session-less API Crypto operation parameters */
@@ -943,15 +941,11 @@ using one of the crypto PMDs available in DPDK.
 
     /* Create crypto session and initialize it for the crypto device. */
     struct rte_cryptodev_sym_session *session;
-    session = rte_cryptodev_sym_session_create(session_pool);
+    session = rte_cryptodev_sym_session_create(cdev_id, &cipher_xform,
+                    session_pool);
     if (session == NULL)
         rte_exit(EXIT_FAILURE, "Session could not be created\n");
 
-    if (rte_cryptodev_sym_session_init(cdev_id, session,
-                    &cipher_xform, session_priv_pool) < 0)
-        rte_exit(EXIT_FAILURE, "Session could not be initialized "
-                    "for the crypto device\n");
-
     /* Get a burst of crypto operations. */
     struct rte_crypto_op *crypto_ops[BURST_SIZE];
     if (rte_crypto_op_bulk_alloc(crypto_op_pool,

doc/guides/rel_notes/deprecation.rst

@@ -133,11 +133,6 @@ Deprecation Notices
   this `RFC <https://patches.dpdk.org/project/dpdk/list/?series=23367>`__.
   This should be updated in DPDK 22.11.
 
-* cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
-  ``rte_cryptodev_asym_session`` to remove unnecessary indirection between
-  session and the private data of session. An opaque pointer can be exposed
-  directly to application which can be attached to the ``rte_crypto_op``.
-
 * cryptodev: The function ``rte_cryptodev_cb_fn`` will be updated
   to have another parameter ``qp_id`` to return the queue pair ID
   which got error interrupt to the application,

doc/guides/rel_notes/release_22_11.rst

@@ -260,6 +260,15 @@ API Changes
 * ethdev: Promoted ``rte_flow_pick_transfer_proxy()``
   from experimental to stable.
 
+* cryptodev: The structure ``rte_cryptodev_sym_session`` was made internal.
+  The API ``rte_cryptodev_sym_session_init`` and ``rte_cryptodev_sym_session_clear``
+  were removed and user would only need to call ``rte_cryptodev_sym_session_create``
+  and ``rte_cryptodev_sym_session_free`` to create/destroy sessions.
+  The API ``rte_cryptodev_sym_session_create`` was updated to take a single mempool
+  with element size big enough to hold session data and session private data.
+  All sample applications were updated to attach an opaque pointer for the session
+  to the ``rte_crypto_op`` while enqueuing.
+
 * security: MACsec support is added which resulted in updates
   to structures ``rte_security_macsec_xform``, ``rte_security_macsec_stats``
   and security capability structure ``rte_security_capability``

drivers/crypto/bcmfs/bcmfs_sym_session.c

@@ -210,8 +210,7 @@ bcmfs_sym_get_session(struct rte_crypto_op *op)
 		BCMFS_DP_LOG(ERR, "operations op(%p) is sessionless", op);
 	} else if (likely(op->sym->session != NULL)) {
 		/* get existing session */
-		sess = (struct bcmfs_sym_session *)
-			op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	}
 
 	if (sess == NULL)
@@ -233,7 +232,7 @@ bcmfs_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	sess_private_data = (void *)sess->driver_priv_data;
+	sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	ret = crypto_set_session_parameters(sess_private_data, xform);
 

drivers/crypto/caam_jr/caam_jr.c

@@ -1356,8 +1356,7 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 
 	switch (op->sess_type) {
 	case RTE_CRYPTO_OP_WITH_SESSION:
-		ses = (struct caam_jr_session *)
-			op->sym->session->driver_priv_data;
+		ses = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 		break;
 	case RTE_CRYPTO_OP_SECURITY_SESSION:
 		ses = (struct caam_jr_session *)
@@ -1699,7 +1698,7 @@ caam_jr_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 	int ret;
 
 	PMD_INIT_FUNC_TRACE();
-	sess_private_data = (void *)sess->driver_priv_data;
+	sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
 	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
 	if (ret != 0) {
@@ -1716,12 +1715,11 @@ static void
 caam_jr_sym_session_clear(struct rte_cryptodev *dev __rte_unused,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_priv = (void *)sess->driver_priv_data;
-	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+	struct caam_jr_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	PMD_INIT_FUNC_TRACE();
 
-	if (sess_priv) {
+	if (s) {
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 	}

drivers/crypto/ccp/ccp_crypto.c

@@ -1585,7 +1585,7 @@ ccp_perform_hmac(struct rte_crypto_op *op,
 	void *append_ptr;
 	uint8_t *addr;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	addr = session->auth.pre_compute;
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
@@ -1764,7 +1764,7 @@ ccp_perform_sha(struct rte_crypto_op *op,
 	void *append_ptr;
 	uint64_t auth_msg_bits;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
 					      op->sym->auth.data.offset);
@@ -1855,7 +1855,7 @@ ccp_perform_sha3_hmac(struct rte_crypto_op *op,
 	uint32_t tail;
 	phys_addr_t src_addr, dest_addr, ctx_paddr, dest_addr_t;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
 					      op->sym->auth.data.offset);
@@ -1999,7 +1999,7 @@ ccp_perform_sha3(struct rte_crypto_op *op,
 	uint32_t tail;
 	phys_addr_t src_addr, dest_addr, ctx_paddr;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
 					      op->sym->auth.data.offset);
@@ -2071,7 +2071,7 @@ ccp_perform_aes_cmac(struct rte_crypto_op *op,
 	phys_addr_t src_addr, dest_addr, key_addr;
 	int length, non_align_len;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	key_addr = rte_mem_virt2phy(session->auth.key_ccp);
 
 	src_addr = rte_pktmbuf_iova_offset(op->sym->m_src,
@@ -2232,7 +2232,7 @@ ccp_perform_aes(struct rte_crypto_op *op,
 	phys_addr_t src_addr, dest_addr, key_addr;
 	uint8_t *iv;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	function.raw = 0;
 
 	iv = rte_crypto_op_ctod_offset(op, uint8_t *, session->iv.offset);
@@ -2318,7 +2318,7 @@ ccp_perform_3des(struct rte_crypto_op *op,
 	uint8_t *iv;
 	phys_addr_t src_addr, dest_addr, key_addr;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	iv = rte_crypto_op_ctod_offset(op, uint8_t *, session->iv.offset);
 	switch (session->cipher.um.des_mode) {
@@ -2426,7 +2426,7 @@ ccp_perform_aes_gcm(struct rte_crypto_op *op, struct ccp_queue *cmd_q)
 	phys_addr_t digest_dest_addr;
 	int length, non_align_len;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	iv = rte_crypto_op_ctod_offset(op, uint8_t *, session->iv.offset);
 	key_addr = session->cipher.key_phys;
 
@@ -2591,7 +2591,7 @@ ccp_crypto_cipher(struct rte_crypto_op *op,
 	int result = 0;
 	struct ccp_session *session;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	switch (session->cipher.algo) {
 	case CCP_CIPHER_ALGO_AES_CBC:
@@ -2627,7 +2627,7 @@ ccp_crypto_auth(struct rte_crypto_op *op,
 	int result = 0;
 	struct ccp_session *session;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	switch (session->auth.algo) {
 	case CCP_AUTH_ALGO_SHA1:
@@ -2695,7 +2695,7 @@ ccp_crypto_aead(struct rte_crypto_op *op,
 	int result = 0;
 	struct ccp_session *session;
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	switch (session->auth.algo) {
 	case CCP_AUTH_ALGO_AES_GCM:
@@ -2758,8 +2758,7 @@ process_ops_to_enqueue(struct ccp_qp *qp,
 	b_info->head_offset = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx *
 					 Q_DESC_SIZE);
 	for (i = b_idx; i < (nb_ops+b_idx); i++) {
-		session = (struct ccp_session *)
-			op[i]->sym->session->driver_priv_data;
+		session = CRYPTODEV_GET_SYM_SESS_PRIV(op[i]->sym->session);
 		switch (session->cmd_id) {
 		case CCP_CMD_CIPHER:
 			result = ccp_crypto_cipher(op[i], cmd_q, b_info);
@@ -2835,7 +2834,7 @@ static inline void ccp_auth_dq_prepare(struct rte_crypto_op *op)
 	int offset, digest_offset;
 	uint8_t digest_le[64];
 
-	session = (struct ccp_session *)op->sym->session->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	if (session->cmd_id == CCP_CMD_COMBINED) {
 		digest_data = op->sym->aead.digest.data;
@@ -2909,8 +2908,7 @@ ccp_prepare_ops(struct ccp_qp *qp,
 
 	for (i =  b_info->b_idx; i < min_ops; i++) {
 		op_d[i] = b_info->op[b_info->b_idx + b_info->op_idx++];
-		session = (struct ccp_session *)
-			op_d[i]->sym->session->driver_priv_data;
+		session = CRYPTODEV_GET_SYM_SESS_PRIV(op_d[i]->sym->session);
 		switch (session->cmd_id) {
 		case CCP_CMD_CIPHER:
 			op_d[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS;

drivers/crypto/ccp/ccp_pmd_ops.c

@@ -767,7 +767,7 @@ ccp_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	sess_private_data = (void *)sess->driver_priv_data;
+	sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	internals = (struct ccp_private *)dev->data->dev_private;
 	ret = ccp_set_session_parameters(sess_private_data, xform, internals);

drivers/crypto/ccp/rte_ccp_pmd.c

@@ -56,7 +56,7 @@ get_ccp_session(struct ccp_qp *qp, struct rte_crypto_op *op)
 		if (unlikely(op->sym->session == NULL))
 			return NULL;
 
-		sess = (void *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	} else if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
 		struct rte_cryptodev_sym_session *_sess;
 		struct ccp_private *internals;
@@ -152,7 +152,7 @@ ccp_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,
 		if (unlikely(ops[i]->sess_type ==
 			     RTE_CRYPTO_OP_SESSIONLESS)) {
 			struct ccp_session *sess =
-				(void *)ops[i]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(ops[i]->sym->session);
 
 			memset(sess, 0, sizeof(*sess));
 			rte_mempool_put(qp->sess_mp,

drivers/crypto/cnxk/cn10k_cryptodev_ops.c

@@ -129,7 +129,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 				return 0;
 			w7 = sec_sess->sa.inst.w7;
 		} else if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
-			sess = (void *)sym_op->session->driver_priv_data;
+			sess = CRYPTODEV_GET_SYM_SESS_PRIV(sym_op->session);
 			ret = cpt_sym_inst_fill(qp, op, sess, infl_req,
 						&inst[0]);
 			if (unlikely(ret))
@@ -309,9 +309,7 @@ cn10k_cpt_crypto_adapter_ev_mdata_set(struct rte_cryptodev *dev __rte_unused,
 		} else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct cnxk_se_sess *priv;
 
-			priv = (void *)(
-				((struct rte_cryptodev_sym_session *)sess)->
-				driver_priv_data);
+			priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 			priv->qp = qp;
 			priv->cpt_inst_w2 = w2;
 		} else
@@ -348,7 +346,7 @@ cn10k_ca_meta_info_extract(struct rte_crypto_op *op,
 		} else if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct cnxk_se_sess *priv;
 
-			priv = (void *)op->sym->session->driver_priv_data;
+			priv = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 			*qp = priv->qp;
 			*w2 = priv->cpt_inst_w2;
 		} else {

drivers/crypto/cnxk/cn9k_cryptodev_ops.c

@@ -69,7 +69,7 @@ cn9k_cpt_sym_temp_sess_create(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op)
 	if (ret)
 		goto sess_put;
 
-	priv = (void *)sess->driver_priv_data;
+	priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	sym_op->session = sess;
 
@@ -92,7 +92,7 @@ cn9k_cpt_inst_prep(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
 
 		if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			sym_op = op->sym;
-			sess = (void *)sym_op->session->driver_priv_data;
+			sess = CRYPTODEV_GET_SYM_SESS_PRIV(sym_op->session);
 			ret = cpt_sym_inst_fill(qp, op, sess, infl_req, inst);
 			inst->w7.u64 = sess->cpt_inst_w7;
 		} else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
@@ -344,9 +344,7 @@ cn9k_cpt_crypto_adapter_ev_mdata_set(struct rte_cryptodev *dev __rte_unused,
 		} else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct cnxk_se_sess *priv;
 
-			priv = (void *)((
-				(struct rte_cryptodev_sym_session *)sess)->
-				driver_priv_data);
+			priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 			priv->qp = qp;
 			priv->cpt_inst_w2 = w2;
 		} else
@@ -383,7 +381,7 @@ cn9k_ca_meta_info_extract(struct rte_crypto_op *op,
 		} else if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct cnxk_se_sess *priv;
 
-			priv = (void *)op->sym->session->driver_priv_data;
+			priv = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 			*qp = priv->qp;
 			inst->w2.u64 = priv->cpt_inst_w2;
 		} else {

drivers/crypto/cnxk/cnxk_cryptodev_ops.c

@@ -624,7 +624,7 @@ sym_session_configure(struct roc_cpt *roc_cpt,
 		      struct rte_cryptodev_sym_session *sess)
 {
 	enum cpt_dp_thread_type thr_type;
-	struct cnxk_se_sess *sess_priv = (void *)sess->driver_priv_data;
+	struct cnxk_se_sess *sess_priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	memset(sess_priv, 0, sizeof(struct cnxk_se_sess));
@@ -693,7 +693,7 @@ cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
 void
 sym_session_clear(struct rte_cryptodev_sym_session *sess)
 {
-	struct cnxk_se_sess *sess_priv = (void *)sess->driver_priv_data;
+	struct cnxk_se_sess *sess_priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	if (sess_priv->roc_se_ctx.auth_key != NULL)
 		plt_free(sess_priv->roc_se_ctx.auth_key);

drivers/crypto/cnxk/cnxk_cryptodev_ops.h

@@ -5,7 +5,7 @@
 #ifndef _CNXK_CRYPTODEV_OPS_H_
 #define _CNXK_CRYPTODEV_OPS_H_
 
-#include <rte_cryptodev.h>
+#include <cryptodev_pmd.h>
 #include <rte_event_crypto_adapter.h>
 
 #include "roc_api.h"

drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

@@ -1379,7 +1379,7 @@ build_sec_fd(struct rte_crypto_op *op,
 	dpaa2_sec_session *sess;
 
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-		sess = (dpaa2_sec_session *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 #ifdef RTE_LIB_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
@@ -1677,7 +1677,7 @@ dpaa2_sec_dump(struct rte_crypto_op *op)
 	struct rte_crypto_sym_op *sym_op;
 
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-		sess = (dpaa2_sec_session *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 #ifdef RTE_LIBRTE_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
@@ -3756,7 +3756,7 @@ dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_private_data = (void *)sess->driver_priv_data;
+	void *sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	ret = dpaa2_sec_set_session_parameters(xform, sess_private_data);
@@ -3775,10 +3775,9 @@ dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev __rte_unused,
 		struct rte_cryptodev_sym_session *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = (void *)sess->driver_priv_data;
-	dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
+	dpaa2_sec_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
-	if (sess_priv) {
+	if (s) {
 		rte_free(s->ctxt);
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);

drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c

@@ -1012,7 +1012,7 @@ dpaa2_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
 				session_ctx.sec_sess);
 	else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-		sess = (void *)session_ctx.crypto_sess->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);
 	else
 		return -ENOTSUP;
 	raw_dp_ctx->dequeue_burst = dpaa2_sec_raw_dequeue_burst;

drivers/crypto/dpaa_sec/dpaa_sec.c

@@ -670,7 +670,7 @@ dpaa_sec_dump(struct dpaa_sec_op_ctx *ctx, struct dpaa_sec_qp *qp)
 	struct qm_sg_entry sg[2];
 
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-		sess = (dpaa_sec_session *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 #ifdef RTE_LIBRTE_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
 		sess = (dpaa_sec_session *)
@@ -1924,8 +1924,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 
 			switch (op->sess_type) {
 			case RTE_CRYPTO_OP_WITH_SESSION:
-				ses = (void *)
-					op->sym->session->driver_priv_data;
+				ses = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 				break;
 #ifdef RTE_LIB_SECURITY
 			case RTE_CRYPTO_OP_SECURITY_SESSION:
@@ -2673,7 +2672,7 @@ dpaa_sec_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_private_data = (void *)sess->driver_priv_data;
+	void *sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	PMD_INIT_FUNC_TRACE();
@@ -2714,7 +2713,7 @@ dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
 		struct rte_cryptodev_sym_session *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = (void *)sess->driver_priv_data;
+	void *sess_priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
 
 	free_session_memory(dev, s);

drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c

@@ -1018,7 +1018,7 @@ dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
 				session_ctx.sec_sess);
 	else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)
 		sess = (dpaa_sec_session *)
-			session_ctx.crypto_sess->driver_priv_data;
+			CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);
 	else
 		return -ENOTSUP;
 	raw_dp_ctx->dequeue_burst = dpaa_sec_raw_dequeue_burst;

drivers/crypto/ipsec_mb/ipsec_mb_ops.c

@@ -329,7 +329,7 @@ ipsec_mb_sym_session_configure(
 	}
 
 	ret = (*pmd_data->session_configure)(mb_mgr,
-			(void *)sess->driver_priv_data, xform);
+			CRYPTODEV_GET_SYM_SESS_PRIV(sess), xform);
 	if (ret != 0) {
 		IPSEC_MB_LOG(ERR, "failed configure session parameters");
 

drivers/crypto/ipsec_mb/ipsec_mb_private.h

@@ -434,7 +434,7 @@ ipsec_mb_get_session_private(struct ipsec_mb_qp *qp, struct rte_crypto_op *op)
 		}
 
 		if (unlikely(pmd_data->session_configure(qp->mb_mgr,
-			(void *)sess->driver_priv_data, sym_op->xform) != 0)) {
+			CRYPTODEV_GET_SYM_SESS_PRIV(sess), sym_op->xform) != 0)) {
 			rte_mempool_put(qp->sess_mp, _sess);
 			goto error_exit;
 		}
@@ -447,7 +447,7 @@ ipsec_mb_get_session_private(struct ipsec_mb_qp *qp, struct rte_crypto_op *op)
 		IPSEC_MB_LOG(ERR, "Unrecognized session type %u", sess_type);
 	}
 
-	return (void *)sess->driver_priv_data;
+	return CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 error_exit:
 	op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;

drivers/crypto/ipsec_mb/pmd_aesni_gcm.c

@@ -468,7 +468,7 @@ aesni_gcm_get_session(struct ipsec_mb_qp *qp,
 		}
 
 		if (unlikely(aesni_gcm_session_configure(qp->mb_mgr,
-				(void *)sess->driver_priv_data,
+				CRYPTODEV_GET_SYM_SESS_PRIV(sess),
 				sym_op->xform) != 0)) {
 			rte_mempool_put(qp->sess_mp, sess);
 			sess = NULL;
@@ -479,7 +479,7 @@ aesni_gcm_get_session(struct ipsec_mb_qp *qp,
 	if (unlikely(sess == NULL))
 		op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
 
-	return (void *)sess->driver_priv_data;
+	return CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 }
 
 static uint16_t
@@ -704,7 +704,7 @@ aesni_gcm_process_bulk(struct rte_cryptodev *dev __rte_unused,
 			__rte_unused union rte_crypto_sym_ofs ofs,
 			struct rte_crypto_sym_vec *vec)
 {
-	struct aesni_gcm_session *s = (void *)sess->driver_priv_data;
+	struct aesni_gcm_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct gcm_context_data gdata_ctx;
 	IMB_MGR *mb_mgr;
 

drivers/crypto/ipsec_mb/pmd_aesni_mb.c

@@ -1723,7 +1723,7 @@ post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)
 		sess = get_sec_session_private_data(op->sym->sec_session);
 	} else
 #endif
-		sess = (void *)op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 
 	if (likely(op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)) {
 		switch (job->status) {
@@ -2013,7 +2013,7 @@ aesni_mb_process_bulk(struct rte_cryptodev *dev __rte_unused,
 	void *buf;
 	IMB_JOB *job;
 	IMB_MGR *mb_mgr;
-	struct aesni_mb_session *s = (void *)sess->driver_priv_data;
+	struct aesni_mb_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	uint8_t tmp_dgst[vec->num][DIGEST_LENGTH_MAX];
 
 	/* get per-thread MB MGR, create one if needed */

drivers/crypto/ipsec_mb/pmd_kasumi.c

@@ -282,7 +282,7 @@ process_op_bit(struct rte_crypto_op *op, struct kasumi_session *session,
 
 	/* Free session if a session-less crypto op. */
 	if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
-		memset(op->sym->session->driver_priv_data, 0,
+		memset(CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session), 0,
 			sizeof(struct kasumi_session));
 		rte_mempool_put(qp->sess_mp, (void *)op->sym->session);
 		op->sym->session = NULL;

drivers/crypto/ipsec_mb/pmd_snow3g.c

@@ -413,7 +413,7 @@ process_op_bit(struct rte_crypto_op *op, struct snow3g_session *session,
 
 	/* Free session if a session-less crypto op. */
 	if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
-		memset(op->sym->session->driver_priv_data, 0,
+		memset(CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session), 0,
 			sizeof(struct snow3g_session));
 		rte_mempool_put(qp->sess_mp, (void *)op->sym->session);
 		op->sym->session = NULL;

drivers/crypto/mlx5/mlx5_crypto.c

@@ -175,7 +175,7 @@ mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
 {
 	struct mlx5_crypto_priv *priv = dev->data->dev_private;
 	struct mlx5_crypto_session *sess_private_data =
-		(void *)session->driver_priv_data;
+		CRYPTODEV_GET_SYM_SESS_PRIV(session);
 	struct rte_crypto_cipher_xform *cipher;
 	uint8_t encryption_order;
 
@@ -239,7 +239,7 @@ mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev,
 			      struct rte_cryptodev_sym_session *sess)
 {
 	struct mlx5_crypto_priv *priv = dev->data->dev_private;
-	struct mlx5_crypto_session *spriv = (void *)sess->driver_priv_data;
+	struct mlx5_crypto_session *spriv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	if (unlikely(spriv == NULL)) {
 		DRV_LOG(ERR, "Failed to get session %p private data.", spriv);
@@ -355,8 +355,7 @@ mlx5_crypto_wqe_set(struct mlx5_crypto_priv *priv,
 			 struct rte_crypto_op *op,
 			 struct mlx5_umr_wqe *umr)
 {
-	struct mlx5_crypto_session *sess =
-		(void *)op->sym->session->driver_priv_data;
+	struct mlx5_crypto_session *sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	struct mlx5_wqe_cseg *cseg = &umr->ctr;
 	struct mlx5_wqe_mkey_cseg *mkc = &umr->mkc;
 	struct mlx5_wqe_dseg *klms = &umr->kseg[0];

drivers/crypto/nitrox/nitrox_sym.c

@@ -534,7 +534,7 @@ nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev __rte_unused,
 			      struct rte_crypto_sym_xform *xform,
 			      struct rte_cryptodev_sym_session *sess)
 {
-	struct nitrox_crypto_ctx *ctx = (void *)sess->driver_priv_data;
+	struct nitrox_crypto_ctx *ctx = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	struct rte_crypto_auth_xform *auth_xform = NULL;
 	struct rte_crypto_aead_xform *aead_xform = NULL;
@@ -577,7 +577,7 @@ nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev __rte_unused,
 		goto err;
 	}
 
-	ctx->iova = sess->driver_priv_data_iova;
+	ctx->iova = CRYPTODEV_GET_SYM_SESS_PRIV_IOVA(sess);
 	return 0;
 err:
 	return ret;
@@ -593,7 +593,7 @@ get_crypto_ctx(struct rte_crypto_op *op)
 {
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 		if (likely(op->sym->session))
-			return (void *)op->sym->session->driver_priv_data;
+			return CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 	}
 
 	return NULL;

drivers/crypto/null/null_crypto_pmd.c

@@ -77,8 +77,7 @@ get_session(struct null_crypto_qp *qp, struct rte_crypto_op *op)
 
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 		if (likely(sym_op->session != NULL))
-			sess = (struct null_crypto_session *)
-				sym_op->session->driver_priv_data;
+			sess = CRYPTODEV_GET_SYM_SESS_PRIV(sym_op->session);
 	} else {
 		struct rte_cryptodev_sym_session *_sess = NULL;
 

drivers/crypto/null/null_crypto_pmd_ops.c

@@ -265,7 +265,7 @@ null_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	sess_private_data = (void *)sess->driver_priv_data;
+	sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	ret = null_crypto_set_session_parameters(sess_private_data, xform);
 	if (ret != 0) {

drivers/crypto/octeontx/otx_cryptodev_ops.c

@@ -248,7 +248,7 @@ sym_session_configure(struct rte_crypto_sym_xform *xform,
 	struct rte_crypto_sym_xform *temp_xform = xform;
 	struct cpt_sess_misc *misc;
 	vq_cmd_word3_t vq_cmd_w3;
-	void *priv = (void *)sess->driver_priv_data;
+	void *priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	ret = sym_xform_verify(xform);
@@ -294,7 +294,7 @@ sym_session_configure(struct rte_crypto_sym_xform *xform,
 		goto priv_put;
 	}
 
-	misc->ctx_dma_addr = sess->driver_priv_data_iova +
+	misc->ctx_dma_addr = CRYPTODEV_GET_SYM_SESS_PRIV_IOVA(sess) +
 			     sizeof(struct cpt_sess_misc);
 
 	vq_cmd_w3.u64 = 0;
@@ -313,7 +313,7 @@ sym_session_configure(struct rte_crypto_sym_xform *xform,
 static void
 sym_session_clear(struct rte_cryptodev_sym_session *sess)
 {
-	void *priv = (void *)sess->driver_priv_data;
+	void *priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct cpt_sess_misc *misc;
 	struct cpt_ctx *ctx;
 
@@ -507,7 +507,7 @@ otx_cpt_enq_single_sym(struct cpt_instance *instance,
 	void *req;
 	uint64_t cpt_op;
 
-	sess = (struct cpt_sess_misc *)sym_op->session->driver_priv_data;
+	sess = CRYPTODEV_GET_SYM_SESS_PRIV(sym_op->session);
 	cpt_op = sess->cpt_op;
 
 	if (likely(cpt_op & CPT_OP_CIPHER_MASK))
@@ -844,7 +844,7 @@ static inline void
 free_sym_session_data(const struct cpt_instance *instance,
 		      struct rte_crypto_op *cop)
 {
-	void *sess_private_data_t = (void *)cop->sym->session->driver_priv_data;
+	void *sess_private_data_t = CRYPTODEV_GET_SYM_SESS_PRIV(cop->sym->session);
 
 	memset(sess_private_data_t, 0, cpt_get_session_size());
 	rte_mempool_put(instance->sess_mp, cop->sym->session);

drivers/crypto/openssl/rte_openssl_pmd.c

@@ -887,8 +887,8 @@ get_session(struct openssl_qp *qp, struct rte_crypto_op *op)
 		if (op->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
 			/* get existing session */
 			if (likely(op->sym->session != NULL))
-				sess = (void *)
-					op->sym->session->driver_priv_data;
+				sess = CRYPTODEV_GET_SYM_SESS_PRIV(
+					op->sym->session);
 		} else {
 			if (likely(op->asym->session != NULL))
 				asym_sess = (struct openssl_asym_session *)

drivers/crypto/openssl/rte_openssl_pmd_ops.c

@@ -795,7 +795,7 @@ openssl_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_private_data = (void *)sess->driver_priv_data;
+	void *sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -1319,7 +1319,7 @@ static void
 openssl_pmd_sym_session_clear(struct rte_cryptodev *dev __rte_unused,
 		struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_priv = (void *)sess->driver_priv_data;
+	void *sess_priv = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	/* Zero out the whole structure */
 	openssl_reset_session(sess_priv);

drivers/crypto/qat/qat_sym.c

@@ -67,7 +67,7 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg,
 		return -EINVAL;
 
 	if (likely(op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)) {
-		ctx = (void *)op->sym->session->driver_priv_data;
+		ctx = (void *)CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
 		if (sess != (uintptr_t)ctx) {
 			struct rte_cryptodev *cdev;
 			struct qat_cryptodev_private *internals;
@@ -386,7 +386,7 @@ qat_sym_configure_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
 	if (sess_type != RTE_CRYPTO_OP_WITH_SESSION)
 		return -EINVAL;
 
-	ctx = (void *)session_ctx.crypto_sess->driver_priv_data;
+	ctx = CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);
 
 	dp_ctx->session = ctx;
 

drivers/crypto/qat/qat_sym.h

@@ -316,8 +316,7 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie,
 	} else
 #endif
 	{
-		sess = (struct qat_sym_session *)
-			rx_op->sym->session->driver_priv_data;
+		sess = CRYPTODEV_GET_SYM_SESS_PRIV(rx_op->sym->session);
 		is_docsis_sec = 0;
 	}
 

drivers/crypto/qat/qat_sym_session.c

@@ -229,7 +229,7 @@ void
 qat_sym_session_clear(struct rte_cryptodev *dev __rte_unused,
 		struct rte_cryptodev_sym_session *sess)
 {
-	struct qat_sym_session *s = (void *)sess->driver_priv_data;
+	struct qat_sym_session *s = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	if (s->bpi_ctx)
 		bpi_cipher_ctx_free(s->bpi_ctx);
@@ -524,8 +524,8 @@ qat_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 #endif
 	ret = qat_sym_session_set_parameters(dev, xform,
-			(void *)sess->driver_priv_data,
-			sess->driver_priv_data_iova);
+			CRYPTODEV_GET_SYM_SESS_PRIV(sess),
+			CRYPTODEV_GET_SYM_SESS_PRIV_IOVA(sess));
 	if (ret != 0) {
 		QAT_LOG(ERR,
 		    "Crypto QAT PMD: failed to configure session parameters");

drivers/crypto/scheduler/scheduler_pkt_size_distr.c

@@ -76,13 +76,10 @@ schedule_enqueue(void *qp, struct rte_crypto_op **ops, uint16_t nb_ops)
 		rte_prefetch0((uint8_t *)ops[i + 7]->sym->session +
 			sizeof(struct rte_cryptodev_sym_session));
 
-		sess_ctx[0] = (void *)ops[i]->sym->session->driver_priv_data;
-		sess_ctx[1] =
-			(void *)ops[i + 1]->sym->session->driver_priv_data;
-		sess_ctx[2] =
-			(void *)ops[i + 2]->sym->session->driver_priv_data;
-		sess_ctx[3] =
-			(void *)ops[i + 3]->sym->session->driver_priv_data;
+		sess_ctx[0] = CRYPTODEV_GET_SYM_SESS_PRIV(ops[i]->sym->session);
+		sess_ctx[1] = CRYPTODEV_GET_SYM_SESS_PRIV(ops[i + 1]->sym->session);
+		sess_ctx[2] = CRYPTODEV_GET_SYM_SESS_PRIV(ops[i + 2]->sym->session);
+		sess_ctx[3] = CRYPTODEV_GET_SYM_SESS_PRIV(ops[i + 3]->sym->session);
 
 		/* job_len is initialized as cipher data length, once
 		 * it is 0, equals to auth data length
@@ -166,7 +163,7 @@ schedule_enqueue(void *qp, struct rte_crypto_op **ops, uint16_t nb_ops)
 
 	for (; i < nb_ops; i++) {
 		struct scheduler_session_ctx *sess_ctx =
-			(void *)ops[i]->sym->session->driver_priv_data;
+			CRYPTODEV_GET_SYM_SESS_PRIV(ops[i]->sym->session);
 		uint32_t job_len;
 		uint8_t target;
 

drivers/crypto/scheduler/scheduler_pmd_ops.c

@@ -483,7 +483,7 @@ scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
 {
 	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
 	struct rte_mempool *mp = rte_mempool_from_obj(sess);
-	struct scheduler_session_ctx *sess_ctx = (void *)sess->driver_priv_data;
+	struct scheduler_session_ctx *sess_ctx = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct scheduler_configured_sess_info configured_sess[
 			RTE_CRYPTODEV_SCHEDULER_MAX_NB_WORKERS] = {{0}};
 	uint32_t i, j, n_configured_sess = 0;
@@ -545,7 +545,7 @@ scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev,
 		struct rte_cryptodev_sym_session *sess)
 {
 	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
-	struct scheduler_session_ctx *sess_ctx = (void *)sess->driver_priv_data;
+	struct scheduler_session_ctx *sess_ctx = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	struct scheduler_configured_sess_info deleted_sess[
 			RTE_CRYPTODEV_SCHEDULER_MAX_NB_WORKERS] = {{0}};
 	uint32_t i, j, n_deleted_sess = 0;

drivers/crypto/scheduler/scheduler_pmd_private.h

@@ -131,28 +131,28 @@ scheduler_set_worker_session(struct rte_crypto_op **ops, uint16_t nb_ops,
 
 		if (op[0]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[0]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[0]->sym->session);
 			op[0]->sym->session =
 				sess_ctx->worker_sess[worker_index];
 		}
 
 		if (op[1]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[1]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[1]->sym->session);
 			op[1]->sym->session =
 				sess_ctx->worker_sess[worker_index];
 		}
 
 		if (op[2]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[2]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[2]->sym->session);
 			op[2]->sym->session =
 				sess_ctx->worker_sess[worker_index];
 		}
 
 		if (op[3]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[3]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[3]->sym->session);
 			op[3]->sym->session =
 				sess_ctx->worker_sess[worker_index];
 		}
@@ -164,7 +164,7 @@ scheduler_set_worker_session(struct rte_crypto_op **ops, uint16_t nb_ops,
 	while (n--) {
 		if (op[0]->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 			struct scheduler_session_ctx *sess_ctx =
-				(void *)op[0]->sym->session->driver_priv_data;
+				CRYPTODEV_GET_SYM_SESS_PRIV(op[0]->sym->session);
 
 			op[0]->sym->session =
 				sess_ctx->worker_sess[worker_index];
@@ -195,17 +195,17 @@ scheduler_retrieve_session(struct rte_crypto_op **ops, uint16_t nb_ops)
 		}
 
 		if (op[0]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[0]->sym->session =
-				(void *)op[0]->sym->session->opaque_data;
+			op[0]->sym->session = (void *)(uintptr_t)
+				rte_cryptodev_sym_session_opaque_data_get(op[0]->sym->session);
 		if (op[1]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[1]->sym->session =
-				(void *)op[1]->sym->session->opaque_data;
+			op[1]->sym->session = (void *)(uintptr_t)
+				rte_cryptodev_sym_session_opaque_data_get(op[1]->sym->session);
 		if (op[2]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[2]->sym->session =
-				(void *)op[2]->sym->session->opaque_data;
+			op[2]->sym->session = (void *)(uintptr_t)
+				rte_cryptodev_sym_session_opaque_data_get(op[2]->sym->session);
 		if (op[3]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[3]->sym->session =
-				(void *)op[3]->sym->session->opaque_data;
+			op[3]->sym->session = (void *)(uintptr_t)
+				rte_cryptodev_sym_session_opaque_data_get(op[3]->sym->session);
 
 		op += 4;
 		n -= 4;
@@ -213,8 +213,8 @@ scheduler_retrieve_session(struct rte_crypto_op **ops, uint16_t nb_ops)
 
 	while (n--) {
 		if (op[0]->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
-			op[0]->sym->session =
-				(void *)op[0]->sym->session->opaque_data;
+			op[0]->sym->session = (void *)(uintptr_t)
+				rte_cryptodev_sym_session_opaque_data_get(op[0]->sym->session);
 		op++;
 	}
 }

drivers/crypto/virtio/virtio_cryptodev.c

@@ -951,7 +951,7 @@ virtio_crypto_sym_clear_session(
 
 	hw = dev->data->dev_private;
 	vq = hw->cvq;
-	session = (struct virtio_crypto_session *)sess->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 
 	VIRTIO_CRYPTO_SESSION_LOG_INFO("vq->vq_desc_head_idx = %d, "
 			"vq = %p", vq->vq_desc_head_idx, vq);
@@ -1318,7 +1318,7 @@ virtio_crypto_sym_configure_session(
 		VIRTIO_CRYPTO_SESSION_LOG_ERR("Invalid parameters");
 		return ret;
 	}
-	session = (struct virtio_crypto_session *)sess->driver_priv_data;
+	session = CRYPTODEV_GET_SYM_SESS_PRIV(sess);
 	memset(session, 0, sizeof(struct virtio_crypto_session));
 	ctrl_req = &session->ctrl;
 	ctrl_req->header.opcode = VIRTIO_CRYPTO_CIPHER_CREATE_SESSION;

drivers/crypto/virtio/virtio_rxtx.c

@@ -207,7 +207,7 @@ virtqueue_crypto_sym_enqueue_xmit(
 			offsetof(struct virtio_crypto_op_cookie, iv);
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct virtio_crypto_session *session =
-		(void *)cop->sym->session->driver_priv_data;
+		CRYPTODEV_GET_SYM_SESS_PRIV(cop->sym->session);
 	struct virtio_crypto_op_data_req *op_data_req;
 	uint32_t hash_result_len = 0;
 	struct virtio_crypto_op_cookie *crypto_op_cookie;

examples/fips_validation/fips_dev_self_test.c

@@ -980,7 +980,7 @@ typedef int (*fips_dev_self_test_prepare_xform_t)(uint8_t,
 		uint32_t);
 
 typedef int (*fips_dev_self_test_prepare_op_t)(struct rte_crypto_op *,
-		struct rte_mbuf *, struct rte_cryptodev_sym_session *,
+		struct rte_mbuf *, void *,
 		uint32_t, struct fips_dev_self_test_vector *);
 
 typedef int (*fips_dev_self_test_check_result_t)(struct rte_crypto_op *,
@@ -1172,7 +1172,7 @@ prepare_aead_xform(uint8_t dev_id,
 static int
 prepare_cipher_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1211,7 +1211,7 @@ prepare_cipher_op(struct rte_crypto_op *op,
 static int
 prepare_auth_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1250,7 +1250,7 @@ prepare_auth_op(struct rte_crypto_op *op,
 static int
 prepare_aead_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1462,7 +1462,7 @@ run_single_test(uint8_t dev_id,
 		uint32_t negative_test)
 {
 	struct rte_crypto_sym_xform xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	uint16_t n_deqd;
 	uint8_t key[256];
 	int ret;

examples/fips_validation/main.c

@@ -60,7 +60,7 @@ struct cryptodev_fips_validate_env {
 	uint8_t *digest;
 	uint16_t digest_len;
 	struct rte_crypto_op *op;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	uint16_t self_test;
 	struct fips_dev_broken_test_config *broken_test_config;
 } env;

examples/l2fwd-crypto/main.c

@@ -188,7 +188,7 @@ struct l2fwd_crypto_params {
 	struct l2fwd_iv auth_iv;
 	struct l2fwd_iv aead_iv;
 	struct l2fwd_key aad;
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 
 	uint8_t do_cipher;
 	uint8_t do_hash;
@@ -670,7 +670,7 @@ generate_random_key(uint8_t *key, unsigned length)
 }
 
 /* Session is created and is later attached to the crypto operation. 8< */
-static struct rte_cryptodev_sym_session *
+static void *
 initialize_crypto_session(struct l2fwd_crypto_options *options, uint8_t cdev_id)
 {
 	struct rte_crypto_sym_xform *first_xform;
@@ -719,7 +719,7 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
 			US_PER_S * BURST_TX_DRAIN_US;
 	struct l2fwd_crypto_params *cparams;
 	struct l2fwd_crypto_params port_cparams[qconf->nb_crypto_devs];
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 
 	if (qconf->nb_rx_ports == 0) {
 		RTE_LOG(INFO, L2FWD, "lcore %u has nothing to do\n", lcore_id);

lib/cryptodev/cryptodev_pmd.h

@@ -133,6 +133,38 @@ struct cryptodev_driver {
 	uint8_t id;
 };
 
+/** Cryptodev symmetric crypto session
+ * Each session is derived from a fixed xform chain. Therefore each session
+ * has a fixed algo, key, op-type, digest_len etc.
+ */
+struct rte_cryptodev_sym_session {
+	RTE_MARKER cacheline0;
+	uint64_t opaque_data;
+	/**< Can be used for external metadata */
+	uint32_t sess_data_sz;
+	/**< Pointer to the user data stored after sess data */
+	uint16_t user_data_sz;
+	/**< Session user data will be placed after sess data */
+	uint8_t driver_id;
+	/**< Driver id to get the session priv */
+	rte_iova_t driver_priv_data_iova;
+	/**< Session driver data IOVA address */
+
+	RTE_MARKER cacheline1 __rte_cache_min_aligned;
+	/**< Second cache line - start of the driver session data */
+	uint8_t driver_priv_data[0];
+	/**< Driver specific session data, variable size */
+};
+
+/**
+ * Helper macro to get driver private data
+ */
+#define CRYPTODEV_GET_SYM_SESS_PRIV(s) \
+	((void *)(((struct rte_cryptodev_sym_session *)s)->driver_priv_data))
+#define CRYPTODEV_GET_SYM_SESS_PRIV_IOVA(s) \
+	(((struct rte_cryptodev_sym_session *)s)->driver_priv_data_iova)
+
+
 /**
  * Get the rte_cryptodev structure device pointer for the device. Assumes a
  * valid device index.

lib/cryptodev/cryptodev_trace_points.c

@@ -135,9 +135,6 @@ RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_asym_xform_capability_check_optype,
 RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_sym_cpu_crypto_process,
 	lib.cryptodev.sym.cpu.crypto.process)
 
-RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_sym_get_existing_header_session_size,
-	lib.cryptodev.sym.get.existing.header.session.size)
-
 RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_sym_session_get_user_data,
 	lib.cryptodev.sym.session.get.user.data)
 

lib/cryptodev/rte_crypto.h

@@ -430,8 +430,7 @@ rte_crypto_op_sym_xforms_alloc(struct rte_crypto_op *op, uint8_t nb_xforms)
  * @param	sess	cryptodev session
  */
 static inline int
-rte_crypto_op_attach_sym_session(struct rte_crypto_op *op,
-		struct rte_cryptodev_sym_session *sess)
+rte_crypto_op_attach_sym_session(struct rte_crypto_op *op, void *sess)
 {
 	if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))
 		return -1;

lib/cryptodev/rte_crypto_sym.h

@@ -589,8 +589,6 @@ struct rte_crypto_sym_xform {
 	};
 };
 
-struct rte_cryptodev_sym_session;
-
 /**
  * Symmetric Cryptographic Operation.
  *
@@ -627,7 +625,7 @@ struct rte_crypto_sym_op {
 
 	RTE_STD_C11
 	union {
-		struct rte_cryptodev_sym_session *session;
+		void *session;
 		/**< Handle for the initialised session context */
 		struct rte_crypto_sym_xform *xform;
 		/**< Session-less API crypto operation parameters */
@@ -932,8 +930,7 @@ __rte_crypto_sym_op_sym_xforms_alloc(struct rte_crypto_sym_op *sym_op,
  * @param	sess	cryptodev session
  */
 static inline int
-__rte_crypto_sym_op_attach_sym_session(struct rte_crypto_sym_op *sym_op,
-		struct rte_cryptodev_sym_session *sess)
+__rte_crypto_sym_op_attach_sym_session(struct rte_crypto_sym_op *sym_op, void *sess)
 {
 	sym_op->session = sess;
 

lib/cryptodev/rte_cryptodev.c

@@ -2095,11 +2095,11 @@ rte_cryptodev_asym_session_create(uint8_t dev_id,
 }
 
 int
-rte_cryptodev_sym_session_free(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess)
+rte_cryptodev_sym_session_free(uint8_t dev_id, void *_sess)
 {
 	struct rte_cryptodev *dev;
 	struct rte_mempool *sess_mp;
+	struct rte_cryptodev_sym_session *sess = _sess;
 	struct rte_cryptodev_sym_session_pool_private_data *pool_priv;
 
 	if (sess == NULL)
@@ -2222,10 +2222,11 @@ rte_cryptodev_asym_get_private_session_size(uint8_t dev_id)
 }
 
 int
-rte_cryptodev_sym_session_set_user_data(
-		struct rte_cryptodev_sym_session *sess, void *data,
+rte_cryptodev_sym_session_set_user_data(void *_sess, void *data,
 		uint16_t size)
 {
+	struct rte_cryptodev_sym_session *sess = _sess;
+
 	if (sess == NULL)
 		return -EINVAL;
 
@@ -2240,8 +2241,9 @@ rte_cryptodev_sym_session_set_user_data(
 }
 
 void *
-rte_cryptodev_sym_session_get_user_data(struct rte_cryptodev_sym_session *sess)
+rte_cryptodev_sym_session_get_user_data(void *_sess)
 {
+	struct rte_cryptodev_sym_session *sess = _sess;
 	void *data = NULL;
 
 	if (sess == NULL || sess->user_data_sz == 0)
@@ -2299,10 +2301,11 @@ sym_crypto_fill_status(struct rte_crypto_sym_vec *vec, int32_t errnum)
 
 uint32_t
 rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+	void *_sess, union rte_crypto_sym_ofs ofs,
 	struct rte_crypto_sym_vec *vec)
 {
 	struct rte_cryptodev *dev;
+	struct rte_cryptodev_sym_session *sess = _sess;
 
 	if (!rte_cryptodev_is_valid_dev(dev_id)) {
 		sym_crypto_fill_status(vec, EINVAL);

lib/cryptodev/rte_cryptodev.h

@@ -902,28 +902,6 @@ struct rte_cryptodev_cb_rcu {
 void *
 rte_cryptodev_get_sec_ctx(uint8_t dev_id);
 
-/** Cryptodev symmetric crypto session
- * Each session is derived from a fixed xform chain. Therefore each session
- * has a fixed algo, key, op-type, digest_len etc.
- */
-struct rte_cryptodev_sym_session {
-	RTE_MARKER cacheline0;
-	uint8_t driver_id;
-	uint64_t opaque_data;
-	/**< Can be used for external metadata */
-	uint32_t sess_data_sz;
-	/**< Pointer to the user data stored after sess data */
-	uint16_t user_data_sz;
-	/**< session user data will be placed after sess data */
-	rte_iova_t driver_priv_data_iova;
-	/**< session driver data IOVA address */
-
-	RTE_MARKER cacheline1 __rte_cache_min_aligned;
-	/**< second cache line - start of the driver session data */
-	uint8_t driver_priv_data[0];
-	/**< Driver specific session data, variable size */
-};
-
 /**
  * Create a symmetric session mempool.
  *
@@ -1036,7 +1014,7 @@ rte_cryptodev_asym_session_create(uint8_t dev_id,
  */
 int
 rte_cryptodev_sym_session_free(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess);
+	void *sess);
 
 /**
  * Clears and frees asymmetric crypto session header and private data,
@@ -1136,11 +1114,31 @@ const char *rte_cryptodev_driver_name_get(uint8_t driver_id);
  */
 __rte_experimental
 int
-rte_cryptodev_sym_session_set_user_data(
-					struct rte_cryptodev_sym_session *sess,
+rte_cryptodev_sym_session_set_user_data(void *sess,
 					void *data,
 					uint16_t size);
 
+#define CRYPTO_SESS_OPAQUE_DATA_OFF 0
+/**
+ * Get opaque data from session handle
+ */
+static inline uint64_t
+rte_cryptodev_sym_session_opaque_data_get(void *sess)
+{
+	return *((uint64_t *)sess + CRYPTO_SESS_OPAQUE_DATA_OFF);
+}
+
+/**
+ * Set opaque data in session handle
+ */
+static inline void
+rte_cryptodev_sym_session_opaque_data_set(void *sess, uint64_t opaque)
+{
+	uint64_t *data;
+	data = (((uint64_t *)sess) + CRYPTO_SESS_OPAQUE_DATA_OFF);
+	*data = opaque;
+}
+
 /**
  * Get user data stored in a session.
  *
@@ -1153,8 +1151,7 @@ rte_cryptodev_sym_session_set_user_data(
  */
 __rte_experimental
 void *
-rte_cryptodev_sym_session_get_user_data(
-					struct rte_cryptodev_sym_session *sess);
+rte_cryptodev_sym_session_get_user_data(void *sess);
 
 /**
  * Store user data in an asymmetric session.
@@ -1202,7 +1199,7 @@ rte_cryptodev_asym_session_get_user_data(void *sess);
 __rte_experimental
 uint32_t
 rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+	void *sess, union rte_crypto_sym_ofs ofs,
 	struct rte_crypto_sym_vec *vec);
 
 /**
@@ -1244,8 +1241,7 @@ rte_cryptodev_session_event_mdata_set(uint8_t dev_id, void *sess,
  * Union of different crypto session types, including session-less xform
  * pointer.
  */
-union rte_cryptodev_session_ctx {
-	struct rte_cryptodev_sym_session *crypto_sess;
+union rte_cryptodev_session_ctx {void *crypto_sess;
 	struct rte_crypto_sym_xform *xform;
 	struct rte_security_session *sec_sess;
 };

lib/cryptodev/rte_cryptodev_trace.h

@@ -73,14 +73,10 @@ RTE_TRACE_POINT(
 
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_create,
-	RTE_TRACE_POINT_ARGS(uint8_t dev_id,
-		struct rte_cryptodev_sym_session *sess, void *xforms,
+	RTE_TRACE_POINT_ARGS(uint8_t dev_id, void *sess, void *xforms,
 		void *mempool),
 	rte_trace_point_emit_u8(dev_id);
 	rte_trace_point_emit_ptr(sess);
-	rte_trace_point_emit_u64(sess->opaque_data);
-	rte_trace_point_emit_u8(sess->driver_id);
-	rte_trace_point_emit_u16(sess->user_data_sz);
 	rte_trace_point_emit_ptr(xforms);
 	rte_trace_point_emit_ptr(mempool);
 )
@@ -108,7 +104,7 @@ RTE_TRACE_POINT(
 
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_free,
-	RTE_TRACE_POINT_ARGS(uint8_t dev_id, struct rte_cryptodev_sym_session *sess),
+	RTE_TRACE_POINT_ARGS(uint8_t dev_id, void *sess),
 	rte_trace_point_emit_u8(dev_id);
 	rte_trace_point_emit_ptr(sess);
 )
@@ -370,12 +366,6 @@ RTE_TRACE_POINT(
 	rte_trace_point_emit_ptr(sess);
 )
 
-RTE_TRACE_POINT(
-	rte_cryptodev_trace_sym_get_existing_header_session_size,
-	RTE_TRACE_POINT_ARGS(struct rte_cryptodev_sym_session *sess),
-	rte_trace_point_emit_ptr(sess);
-)
-
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_get_user_data,
 	RTE_TRACE_POINT_ARGS(const void *sess, const void *data),

lib/cryptodev/version.map

@@ -146,7 +146,6 @@ EXPERIMENTAL {
 	__rte_cryptodev_trace_sym_capability_check_cipher;
 	__rte_cryptodev_trace_sym_capability_get;
 	__rte_cryptodev_trace_sym_cpu_crypto_process;
-	__rte_cryptodev_trace_sym_get_existing_header_session_size;
 	__rte_cryptodev_trace_sym_get_private_session_size;
 	__rte_cryptodev_trace_sym_session_get_user_data;
 	__rte_cryptodev_trace_sym_session_set_user_data;

lib/ipsec/rte_ipsec_group.h

@@ -45,14 +45,15 @@ static inline struct rte_ipsec_session *
 rte_ipsec_ses_from_crypto(const struct rte_crypto_op *cop)
 {
 	const struct rte_security_session *ss;
-	const struct rte_cryptodev_sym_session *cs;
+	void *cs;
 
 	if (cop->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
 		ss = cop->sym[0].sec_session;
 		return (struct rte_ipsec_session *)(uintptr_t)ss->opaque_data;
 	} else if (cop->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 		cs = cop->sym[0].session;
-		return (struct rte_ipsec_session *)(uintptr_t)cs->opaque_data;
+		return (struct rte_ipsec_session *)(uintptr_t)
+			rte_cryptodev_sym_session_opaque_data_get(cs);
 	}
 	return NULL;
 }

lib/ipsec/ses.c

@@ -45,7 +45,8 @@ rte_ipsec_session_prepare(struct rte_ipsec_session *ss)
 	ss->pkt_func = fp;
 
 	if (ss->type == RTE_SECURITY_ACTION_TYPE_NONE)
-		ss->crypto.ses->opaque_data = (uintptr_t)ss;
+		rte_cryptodev_sym_session_opaque_data_set(ss->crypto.ses,
+			(uintptr_t)ss);
 	else
 		ss->security.ses->opaque_data = (uintptr_t)ss;