DPDK patches and discussions
 help / color / mirror / Atom feed
* [dpdk-dev] [PATCH 0/3] crypto/security session framework rework
@ 2021-09-30 14:50 Akhil Goyal
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 1/3] security: rework session framework Akhil Goyal
                   ` (3 more replies)
  0 siblings, 4 replies; 49+ messages in thread
From: Akhil Goyal @ 2021-09-30 14:50 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, Akhil Goyal

As discussed in last release deprecation notice,
crypto and security session framework are reworked
to reduce the need of two mempool objects and
remove the requirement to expose the rte_security_session
and rte_cryptodev_sym_session structures.

Similar work will need to be done for asymmetric sessions
as well.
Design methodology is explained in the patch description.

Please review this and help in filling the missing parts
for all the affected PMDs. The patches are compilable
and tested with dpdk-test app on CN9k platform.

Akhil Goyal (3):
  security: rework session framework
  drivers/net: temporary disable ixgbe and txgbe
  cryptodev: rework session framework

 app/test-crypto-perf/cperf.h                  |   1 -
 app/test-crypto-perf/cperf_ops.c              |  41 ++--
 app/test-crypto-perf/cperf_ops.h              |   6 +-
 app/test-crypto-perf/cperf_test_latency.c     |   5 +-
 app/test-crypto-perf/cperf_test_latency.h     |   1 -
 .../cperf_test_pmd_cyclecount.c               |   7 +-
 .../cperf_test_pmd_cyclecount.h               |   1 -
 app/test-crypto-perf/cperf_test_throughput.c  |   5 +-
 app/test-crypto-perf/cperf_test_throughput.h  |   1 -
 app/test-crypto-perf/cperf_test_verify.c      |   5 +-
 app/test-crypto-perf/cperf_test_verify.h      |   1 -
 app/test-crypto-perf/main.c                   |  29 +--
 app/test/test_cryptodev.c                     | 147 +++--------
 app/test/test_cryptodev.h                     |   1 -
 app/test/test_cryptodev_asym.c                |   1 -
 app/test/test_cryptodev_blockcipher.c         |   6 +-
 app/test/test_event_crypto_adapter.c          |  28 +--
 app/test/test_ipsec.c                         |  33 +--
 app/test/test_security.c                      | 229 ++++++++----------
 drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c  |  33 +--
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c    |   5 +-
 .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  64 +----
 drivers/crypto/armv8/rte_armv8_pmd_ops.c      |  34 +--
 drivers/crypto/bcmfs/bcmfs_sym_session.c      |  36 +--
 drivers/crypto/bcmfs/bcmfs_sym_session.h      |   6 +-
 drivers/crypto/caam_jr/caam_jr.c              |  64 ++---
 drivers/crypto/ccp/ccp_pmd_ops.c              |  32 +--
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |  22 +-
 drivers/crypto/cnxk/cn10k_ipsec.c             |  53 +---
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |  20 +-
 drivers/crypto/cnxk/cn9k_ipsec.c              |  50 +---
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c      |  61 ++---
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h      |  13 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  68 ++----
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  69 ++----
 drivers/crypto/kasumi/rte_kasumi_pmd_ops.c    |  34 +--
 drivers/crypto/mlx5/mlx5_crypto.c             |  24 +-
 drivers/crypto/mvsam/rte_mrvl_pmd.c           |   3 +-
 drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  47 +---
 drivers/crypto/nitrox/nitrox_sym.c            |  31 +--
 drivers/crypto/null/null_crypto_pmd_ops.c     |  34 +--
 .../crypto/octeontx/otx_cryptodev_hw_access.h |   1 -
 drivers/crypto/octeontx/otx_cryptodev_ops.c   |  60 ++---
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  54 ++---
 .../octeontx2/otx2_cryptodev_ops_helper.h     |  16 +-
 drivers/crypto/octeontx2/otx2_cryptodev_sec.c |  54 +----
 drivers/crypto/openssl/rte_openssl_pmd_ops.c  |  35 +--
 drivers/crypto/qat/qat_sym.c                  |   3 +-
 drivers/crypto/qat/qat_sym.h                  |   8 +-
 drivers/crypto/qat/qat_sym_session.c          |  50 +---
 drivers/crypto/qat/qat_sym_session.h          |  10 +-
 drivers/crypto/scheduler/scheduler_pmd_ops.c  |   9 +-
 drivers/crypto/snow3g/rte_snow3g_pmd_ops.c    |  34 +--
 drivers/crypto/virtio/virtio_cryptodev.c      |  31 +--
 drivers/crypto/zuc/rte_zuc_pmd_ops.c          |  35 +--
 .../octeontx2/otx2_evdev_crypto_adptr_rx.h    |   3 +-
 drivers/net/ixgbe/ixgbe_ipsec.c               |  36 +--
 drivers/net/meson.build                       |   4 +-
 drivers/net/octeontx2/otx2_ethdev_sec.c       |  51 +---
 drivers/net/octeontx2/otx2_ethdev_sec_tx.h    |   2 +-
 drivers/net/txgbe/txgbe_ipsec.c               |  36 +--
 examples/fips_validation/fips_dev_self_test.c |  32 +--
 examples/fips_validation/main.c               |  20 +-
 examples/ipsec-secgw/ipsec-secgw.c            |  72 +++---
 examples/ipsec-secgw/ipsec.c                  |  12 +-
 examples/ipsec-secgw/ipsec.h                  |   1 -
 examples/ipsec-secgw/ipsec_worker.c           |   4 -
 examples/l2fwd-crypto/main.c                  |  41 +---
 examples/vhost_crypto/main.c                  |  16 +-
 lib/cryptodev/cryptodev_pmd.h                 |   7 +-
 lib/cryptodev/rte_crypto.h                    |   2 +-
 lib/cryptodev/rte_crypto_sym.h                |   2 +-
 lib/cryptodev/rte_cryptodev.c                 |  73 ++++--
 lib/cryptodev/rte_cryptodev.h                 |  23 +-
 lib/cryptodev/rte_cryptodev_trace.h           |   5 +-
 lib/pipeline/rte_table_action.c               |   8 +-
 lib/pipeline/rte_table_action.h               |   2 +-
 lib/security/rte_security.c                   |  28 ++-
 lib/security/rte_security.h                   |  41 ++--
 lib/security/rte_security_driver.h            |  16 +-
 lib/vhost/rte_vhost_crypto.h                  |   3 -
 lib/vhost/vhost_crypto.c                      |   7 +-
 82 files changed, 665 insertions(+), 1633 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH 1/3] security: rework session framework
  2021-09-30 14:50 [dpdk-dev] [PATCH 0/3] crypto/security session framework rework Akhil Goyal
@ 2021-09-30 14:50 ` Akhil Goyal
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe Akhil Goyal
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 49+ messages in thread
From: Akhil Goyal @ 2021-09-30 14:50 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, Akhil Goyal

As per current design, rte_security_session_create()
unnecesarily use 2 mempool objects for a single session.
And structure rte_security_session is not directly used
by the application, it may cause ABI breakage if the structure
is modified in future.

To address these two issues, the API will now take only 1 mempool
object instead of 2 and return a void pointer directly
to the session private data. With this change, the library layer
will get the object from mempool and pass session_private_data
to the PMD for filling the PMD data.
Since set and get pkt metadata for security sessions are now
made inline for Inline crypto/proto mode, a new member fast_mdata
is added to the rte_security_session.
To access opaque data and fast_mdata will be accessed via inline
APIs which can do pointer manipulations inside library from
session_private_data pointer coming from application.

TODO:
- inline APIs for opaque data and fast_mdata
- move rte_security_session struct to security_driver.h

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test-crypto-perf/cperf_ops.c              |   8 +-
 .../cperf_test_pmd_cyclecount.c               |   2 +-
 app/test/test_cryptodev.c                     |  17 +-
 app/test/test_ipsec.c                         |  11 +-
 app/test/test_security.c                      | 229 ++++++++----------
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c    |   5 +-
 .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  30 +--
 drivers/crypto/caam_jr/caam_jr.c              |  32 +--
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |   4 +-
 drivers/crypto/cnxk/cn10k_ipsec.c             |  53 +---
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |   2 +-
 drivers/crypto/cnxk/cn9k_ipsec.c              |  50 +---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  39 +--
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  38 ++-
 drivers/crypto/mvsam/rte_mrvl_pmd.c           |   3 +-
 drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  11 +-
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c |   2 +-
 drivers/crypto/octeontx2/otx2_cryptodev_sec.c |  54 +----
 drivers/crypto/qat/qat_sym.c                  |   3 +-
 drivers/crypto/qat/qat_sym.h                  |   8 +-
 drivers/crypto/qat/qat_sym_session.c          |  21 +-
 drivers/crypto/qat/qat_sym_session.h          |   4 +-
 drivers/net/ixgbe/ixgbe_ipsec.c               |  36 +--
 drivers/net/octeontx2/otx2_ethdev_sec.c       |  51 +---
 drivers/net/octeontx2/otx2_ethdev_sec_tx.h    |   2 +-
 drivers/net/txgbe/txgbe_ipsec.c               |  36 +--
 examples/ipsec-secgw/ipsec.c                  |   9 +-
 lib/security/rte_security.c                   |  28 ++-
 lib/security/rte_security.h                   |  41 ++--
 lib/security/rte_security_driver.h            |  16 +-
 30 files changed, 264 insertions(+), 581 deletions(-)

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 4b7d66edb2..1b3cbe77b9 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -49,8 +49,6 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
 
 	for (i = 0; i < nb_ops; i++) {
 		struct rte_crypto_sym_op *sym_op = ops[i]->sym;
-		struct rte_security_session *sec_sess =
-			(struct rte_security_session *)sess;
 		uint32_t buf_sz;
 
 		uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ops[i],
@@ -58,7 +56,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
 		*per_pkt_hfn = options->pdcp_ses_hfn_en ? 0 : PDCP_DEFAULT_HFN;
 
 		ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
-		rte_security_attach_session(ops[i], sec_sess);
+		rte_security_attach_session(ops[i], (void *)sess);
 		sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] +
 							src_buf_offset);
 
@@ -673,7 +671,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 
 		/* Create security session */
 		return (void *)rte_security_session_create(ctx,
-					&sess_conf, sess_mp, priv_mp);
+					&sess_conf, sess_mp);
 	}
 	if (options->op_type == CPERF_DOCSIS) {
 		enum rte_security_docsis_direction direction;
@@ -716,7 +714,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 
 		/* Create security session */
 		return (void *)rte_security_session_create(ctx,
-					&sess_conf, sess_mp, priv_mp);
+					&sess_conf, sess_mp);
 	}
 #endif
 	sess = rte_cryptodev_sym_session_create(sess_mp);
diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
index 844659aeca..cbbbedd9ba 100644
--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
@@ -70,7 +70,7 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)
 				(struct rte_security_ctx *)
 				rte_cryptodev_get_sec_ctx(ctx->dev_id);
 			rte_security_session_destroy(sec_ctx,
-				(struct rte_security_session *)ctx->sess);
+				(void *)ctx->sess);
 		} else
 #endif
 		{
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index e6ceeb487f..82f819211a 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -81,7 +81,7 @@ struct crypto_unittest_params {
 	union {
 		struct rte_cryptodev_sym_session *sess;
 #ifdef RTE_LIB_SECURITY
-		struct rte_security_session *sec_session;
+		void *sec_session;
 #endif
 	};
 #ifdef RTE_LIB_SECURITY
@@ -8276,8 +8276,7 @@ static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx,
-				&sess_conf, ts_params->session_mpool,
-				ts_params->session_priv_mpool);
+				&sess_conf, ts_params->session_mpool);
 
 	if (!ut_params->sec_session) {
 		printf("TestCase %s()-%d line %d failed %s: ",
@@ -8537,8 +8536,7 @@ test_pdcp_proto_SGL(int i, int oop,
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx,
-				&sess_conf, ts_params->session_mpool,
-				ts_params->session_priv_mpool);
+				&sess_conf, ts_params->session_mpool);
 
 	if (!ut_params->sec_session) {
 		printf("TestCase %s()-%d line %d failed %s: ",
@@ -9022,8 +9020,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
-					ts_params->session_mpool,
-					ts_params->session_priv_mpool);
+					ts_params->session_mpool);
 
 	if (ut_params->sec_session == NULL)
 		return TEST_SKIPPED;
@@ -9420,8 +9417,7 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td)
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
-					ts_params->session_mpool,
-					ts_params->session_priv_mpool);
+					ts_params->session_mpool);
 
 	if (!ut_params->sec_session) {
 		printf("TestCase %s(%d) line %d: %s\n",
@@ -9596,8 +9592,7 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td)
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
-					ts_params->session_mpool,
-					ts_params->session_priv_mpool);
+					ts_params->session_mpool);
 
 	if (!ut_params->sec_session) {
 		printf("TestCase %s(%d) line %d: %s\n",
diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
index c6d6b88d6d..2ffa2a8e79 100644
--- a/app/test/test_ipsec.c
+++ b/app/test/test_ipsec.c
@@ -148,18 +148,16 @@ const struct supported_auth_algo auth_algos[] = {
 
 static int
 dummy_sec_create(void *device, struct rte_security_session_conf *conf,
-	struct rte_security_session *sess, struct rte_mempool *mp)
+	void *sess)
 {
 	RTE_SET_USED(device);
 	RTE_SET_USED(conf);
-	RTE_SET_USED(mp);
-
-	sess->sess_private_data = NULL;
+	RTE_SET_USED(sess);
 	return 0;
 }
 
 static int
-dummy_sec_destroy(void *device, struct rte_security_session *sess)
+dummy_sec_destroy(void *device, void *sess)
 {
 	RTE_SET_USED(device);
 	RTE_SET_USED(sess);
@@ -631,8 +629,7 @@ create_dummy_sec_session(struct ipsec_unitest_params *ut,
 	static struct rte_security_session_conf conf;
 
 	ut->ss[j].security.ses = rte_security_session_create(&dummy_sec_ctx,
-					&conf, qp->mp_session,
-					qp->mp_session_private);
+					&conf, qp->mp_session);
 
 	if (ut->ss[j].security.ses == NULL)
 		return -ENOMEM;
diff --git a/app/test/test_security.c b/app/test/test_security.c
index 060cf1ffa8..b02c2cf207 100644
--- a/app/test/test_security.c
+++ b/app/test/test_security.c
@@ -207,7 +207,7 @@
  * and put back in session_destroy.
  *
  * @param   expected_priv_mp_usage	expected number of used priv mp objects
- */
+ *
 #define TEST_ASSERT_PRIV_MP_USAGE(expected_priv_mp_usage) do {		\
 	struct security_testsuite_params *ts_params = &testsuite_params;\
 	unsigned int priv_mp_usage;					\
@@ -218,7 +218,7 @@
 			"but there are %u allocated objects",		\
 			expected_priv_mp_usage, priv_mp_usage);		\
 } while (0)
-
+*/
 /**
  * Mockup structures and functions for rte_security_ops;
  *
@@ -253,37 +253,37 @@
 static struct mock_session_create_data {
 	void *device;
 	struct rte_security_session_conf *conf;
-	struct rte_security_session *sess;
+	void *sess;
 	struct rte_mempool *mp;
-	struct rte_mempool *priv_mp;
+//	struct rte_mempool *priv_mp;
 
 	int ret;
 
 	int called;
 	int failed;
-} mock_session_create_exp = {NULL, NULL, NULL, NULL, NULL, 0, 0, 0};
+} mock_session_create_exp = {NULL, NULL, NULL, NULL, 0, 0, 0};
 
 static int
 mock_session_create(void *device,
 		struct rte_security_session_conf *conf,
-		struct rte_security_session *sess,
-		struct rte_mempool *priv_mp)
+		void *sess)
+//		struct rte_mempool *priv_mp)
 {
-	void *sess_priv;
-	int ret;
+//	void *sess_priv;
+//	int ret;
 
 	mock_session_create_exp.called++;
 
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, device);
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, conf);
-	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, priv_mp);
+//	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, priv_mp);
 
 	if (mock_session_create_exp.ret == 0) {
-		ret = rte_mempool_get(priv_mp, &sess_priv);
-		TEST_ASSERT_EQUAL(0, ret,
-			"priv mempool does not have enough objects");
+//		ret = rte_mempool_get(priv_mp, &sess_priv);
+//		TEST_ASSERT_EQUAL(0, ret,
+//			"priv mempool does not have enough objects");
 
-		set_sec_session_private_data(sess, sess_priv);
+//		set_sec_session_private_data(sess, sess_priv);
 		mock_session_create_exp.sess = sess;
 	}
 
@@ -297,7 +297,7 @@ mock_session_create(void *device,
  */
 static struct mock_session_update_data {
 	void *device;
-	struct rte_security_session *sess;
+	void *sess;
 	struct rte_security_session_conf *conf;
 
 	int ret;
@@ -308,7 +308,7 @@ static struct mock_session_update_data {
 
 static int
 mock_session_update(void *device,
-		struct rte_security_session *sess,
+		void *sess,
 		struct rte_security_session_conf *conf)
 {
 	mock_session_update_exp.called++;
@@ -351,7 +351,7 @@ mock_session_get_size(void *device)
  */
 static struct mock_session_stats_get_data {
 	void *device;
-	struct rte_security_session *sess;
+	void *sess;
 	struct rte_security_stats *stats;
 
 	int ret;
@@ -362,7 +362,7 @@ static struct mock_session_stats_get_data {
 
 static int
 mock_session_stats_get(void *device,
-		struct rte_security_session *sess,
+		void *sess,
 		struct rte_security_stats *stats)
 {
 	mock_session_stats_get_exp.called++;
@@ -381,7 +381,7 @@ mock_session_stats_get(void *device,
  */
 static struct mock_session_destroy_data {
 	void *device;
-	struct rte_security_session *sess;
+	void *sess;
 
 	int ret;
 
@@ -390,15 +390,9 @@ static struct mock_session_destroy_data {
 } mock_session_destroy_exp = {NULL, NULL, 0, 0, 0};
 
 static int
-mock_session_destroy(void *device, struct rte_security_session *sess)
+mock_session_destroy(void *device, void *sess)
 {
-	void *sess_priv = get_sec_session_private_data(sess);
-
 	mock_session_destroy_exp.called++;
-	if ((mock_session_destroy_exp.ret == 0) && (sess_priv != NULL)) {
-		rte_mempool_put(rte_mempool_from_obj(sess_priv), sess_priv);
-		set_sec_session_private_data(sess, NULL);
-	}
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, device);
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, sess);
 
@@ -412,7 +406,7 @@ mock_session_destroy(void *device, struct rte_security_session *sess)
  */
 static struct mock_set_pkt_metadata_data {
 	void *device;
-	struct rte_security_session *sess;
+	void *sess;
 	struct rte_mbuf *m;
 	void *params;
 
@@ -424,7 +418,7 @@ static struct mock_set_pkt_metadata_data {
 
 static int
 mock_set_pkt_metadata(void *device,
-		struct rte_security_session *sess,
+		void *sess,
 		struct rte_mbuf *m,
 		void *params)
 {
@@ -536,7 +530,6 @@ struct rte_security_ops mock_ops = {
  */
 static struct security_testsuite_params {
 	struct rte_mempool *session_mpool;
-	struct rte_mempool *session_priv_mpool;
 } testsuite_params = { NULL };
 
 /**
@@ -549,7 +542,7 @@ static struct security_testsuite_params {
 static struct security_unittest_params {
 	struct rte_security_ctx ctx;
 	struct rte_security_session_conf conf;
-	struct rte_security_session *sess;
+	void *sess;
 } unittest_params = {
 	.ctx = {
 		.device = NULL,
@@ -563,7 +556,7 @@ static struct security_unittest_params {
 #define SECURITY_TEST_PRIV_MEMPOOL_NAME "SecurityTestPrivMp"
 #define SECURITY_TEST_MEMPOOL_SIZE 15
 #define SECURITY_TEST_SESSION_OBJ_SZ sizeof(struct rte_security_session)
-#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 64
+#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 1024
 
 /**
  * testsuite_setup initializes whole test suite parameters.
@@ -577,26 +570,27 @@ testsuite_setup(void)
 	ts_params->session_mpool = rte_mempool_create(
 			SECURITY_TEST_MEMPOOL_NAME,
 			SECURITY_TEST_MEMPOOL_SIZE,
-			SECURITY_TEST_SESSION_OBJ_SZ,
+			SECURITY_TEST_SESSION_OBJ_SZ +
+			SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
 			0, 0, NULL, NULL, NULL, NULL,
 			SOCKET_ID_ANY, 0);
 	TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
 			"Cannot create mempool %s\n", rte_strerror(rte_errno));
 
-	ts_params->session_priv_mpool = rte_mempool_create(
-			SECURITY_TEST_PRIV_MEMPOOL_NAME,
-			SECURITY_TEST_MEMPOOL_SIZE,
-			SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
-			0, 0, NULL, NULL, NULL, NULL,
-			SOCKET_ID_ANY, 0);
-	if (ts_params->session_priv_mpool == NULL) {
-		RTE_LOG(ERR, USER1, "TestCase %s() line %d failed (null): "
-				"Cannot create priv mempool %s\n",
-				__func__, __LINE__, rte_strerror(rte_errno));
-		rte_mempool_free(ts_params->session_mpool);
-		ts_params->session_mpool = NULL;
-		return TEST_FAILED;
-	}
+//	ts_params->session_priv_mpool = rte_mempool_create(
+//			SECURITY_TEST_PRIV_MEMPOOL_NAME,
+//			SECURITY_TEST_MEMPOOL_SIZE,
+//			SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
+//			0, 0, NULL, NULL, NULL, NULL,
+//			SOCKET_ID_ANY, 0);
+//	if (ts_params->session_priv_mpool == NULL) {
+//		RTE_LOG(ERR, USER1, "TestCase %s() line %d failed (null): "
+//				"Cannot create priv mempool %s\n",
+//				__func__, __LINE__, rte_strerror(rte_errno));
+//		rte_mempool_free(ts_params->session_mpool);
+//		ts_params->session_mpool = NULL;
+//		return TEST_FAILED;
+//	}
 
 	return TEST_SUCCESS;
 }
@@ -612,10 +606,6 @@ testsuite_teardown(void)
 		rte_mempool_free(ts_params->session_mpool);
 		ts_params->session_mpool = NULL;
 	}
-	if (ts_params->session_priv_mpool) {
-		rte_mempool_free(ts_params->session_priv_mpool);
-		ts_params->session_priv_mpool = NULL;
-	}
 }
 
 /**
@@ -704,7 +694,7 @@ ut_setup_with_session(void)
 {
 	struct security_unittest_params *ut_params = &unittest_params;
 	struct security_testsuite_params *ts_params = &testsuite_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	int ret = ut_setup();
 	if (ret != TEST_SUCCESS)
@@ -713,12 +703,11 @@ ut_setup_with_session(void)
 	mock_session_create_exp.device = NULL;
 	mock_session_create_exp.conf = &ut_params->conf;
 	mock_session_create_exp.mp = ts_params->session_mpool;
-	mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
 	mock_session_create_exp.ret = 0;
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
+	mock_session_get_size_exp.called = 0;
 	TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
 			sess);
 	TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
@@ -757,16 +746,14 @@ test_session_create_inv_context(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	sess = rte_security_session_create(NULL, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -781,18 +768,16 @@ test_session_create_inv_context_ops(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	ut_params->ctx.ops = NULL;
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -807,18 +792,16 @@ test_session_create_inv_context_ops_fun(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	ut_params->ctx.ops = &empty_ops;
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -832,16 +815,14 @@ test_session_create_inv_configuration(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	sess = rte_security_session_create(&ut_params->ctx, NULL,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -855,16 +836,14 @@ static int
 test_session_create_inv_mempool(void)
 {
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct security_testsuite_params *ts_params = &testsuite_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			NULL, ts_params->session_priv_mpool);
+			NULL);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -874,24 +853,24 @@ test_session_create_inv_mempool(void)
  * Test execution of rte_security_session_create with NULL session
  * priv mempool
  */
-static int
-test_session_create_inv_sess_priv_mempool(void)
-{
-	struct security_unittest_params *ut_params = &unittest_params;
-	struct security_testsuite_params *ts_params = &testsuite_params;
-	struct rte_security_session *sess;
-
-	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool, NULL);
-	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
-			sess, NULL, "%p");
-	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
-	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
-	TEST_ASSERT_SESSION_COUNT(0);
-
-	return TEST_SUCCESS;
-}
+//static int
+//test_session_create_inv_sess_priv_mempool(void)
+//{
+//	struct security_unittest_params *ut_params = &unittest_params;
+//	struct security_testsuite_params *ts_params = &testsuite_params;
+//	struct rte_security_session *sess;
+//
+//	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
+//			ts_params->session_mpool, NULL);
+//	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
+//			sess, NULL, "%p");
+//	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
+//	TEST_ASSERT_MEMPOOL_USAGE(0);
+//	TEST_ASSERT_PRIV_MP_USAGE(0);
+//	TEST_ASSERT_SESSION_COUNT(0);
+//
+//	return TEST_SUCCESS;
+//}
 
 /**
  * Test execution of rte_security_session_create in case when mempool
@@ -902,9 +881,9 @@ test_session_create_mempool_empty(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *tmp[SECURITY_TEST_MEMPOOL_SIZE];
-	void *tmp1[SECURITY_TEST_MEMPOOL_SIZE];
-	struct rte_security_session *sess;
+//	struct rte_security_session *tmp[SECURITY_TEST_MEMPOOL_SIZE];
+	void *tmp[SECURITY_TEST_MEMPOOL_SIZE];
+	void *sess;
 
 	/* Get all available objects from mempool. */
 	int i, ret;
@@ -914,34 +893,34 @@ test_session_create_mempool_empty(void)
 		TEST_ASSERT_EQUAL(0, ret,
 				"Expect getting %d object from mempool"
 				" to succeed", i);
-		ret = rte_mempool_get(ts_params->session_priv_mpool,
-				(void **)(&tmp1[i]));
-		TEST_ASSERT_EQUAL(0, ret,
-				"Expect getting %d object from priv mempool"
-				" to succeed", i);
+//		ret = rte_mempool_get(ts_params->session_priv_mpool,
+//				(void **)(&tmp1[i]));
+//		TEST_ASSERT_EQUAL(0, ret,
+//				"Expect getting %d object from priv mempool"
+//				" to succeed", i);
 	}
 	TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
-	TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
+//	TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
+//			ts_params->session_priv_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
-	TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
+//	TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	/* Put objects back to the pool. */
 	for (i = 0; i < SECURITY_TEST_MEMPOOL_SIZE; ++i) {
 		rte_mempool_put(ts_params->session_mpool,
 				(void *)(tmp[i]));
-		rte_mempool_put(ts_params->session_priv_mpool,
-				(tmp1[i]));
+//		rte_mempool_put(ts_params->session_priv_mpool,
+//				(tmp1[i]));
 	}
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
+//	TEST_ASSERT_PRIV_MP_USAGE(0);
 
 	return TEST_SUCCESS;
 }
@@ -955,22 +934,22 @@ test_session_create_ops_failure(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	mock_session_create_exp.device = NULL;
 	mock_session_create_exp.conf = &ut_params->conf;
 	mock_session_create_exp.mp = ts_params->session_mpool;
-	mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
+//	mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
 	mock_session_create_exp.ret = -1;	/* Return failure status. */
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
+//			ts_params->session_priv_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
+//	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -984,17 +963,17 @@ test_session_create_success(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	mock_session_create_exp.device = NULL;
 	mock_session_create_exp.conf = &ut_params->conf;
 	mock_session_create_exp.mp = ts_params->session_mpool;
-	mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
+//	mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
 	mock_session_create_exp.ret = 0;	/* Return success status. */
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
+//			ts_params->session_priv_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
 			sess);
 	TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
@@ -1003,7 +982,7 @@ test_session_create_success(void)
 			sess, mock_session_create_exp.sess);
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
+//	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	/*
@@ -1389,7 +1368,6 @@ test_session_destroy_inv_context(void)
 	struct security_unittest_params *ut_params = &unittest_params;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(NULL, ut_params->sess);
@@ -1397,7 +1375,6 @@ test_session_destroy_inv_context(void)
 			ret, -EINVAL, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1414,7 +1391,6 @@ test_session_destroy_inv_context_ops(void)
 	ut_params->ctx.ops = NULL;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1423,7 +1399,6 @@ test_session_destroy_inv_context_ops(void)
 			ret, -EINVAL, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1440,7 +1415,6 @@ test_session_destroy_inv_context_ops_fun(void)
 	ut_params->ctx.ops = &empty_ops;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1449,7 +1423,6 @@ test_session_destroy_inv_context_ops_fun(void)
 			ret, -ENOTSUP, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1464,7 +1437,6 @@ test_session_destroy_inv_session(void)
 	struct security_unittest_params *ut_params = &unittest_params;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx, NULL);
@@ -1472,7 +1444,6 @@ test_session_destroy_inv_session(void)
 			ret, -EINVAL, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1492,7 +1463,6 @@ test_session_destroy_ops_failure(void)
 	mock_session_destroy_exp.ret = -1;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1501,7 +1471,6 @@ test_session_destroy_ops_failure(void)
 			ret, -1, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1519,7 +1488,6 @@ test_session_destroy_success(void)
 	mock_session_destroy_exp.sess = ut_params->sess;
 	mock_session_destroy_exp.ret = 0;
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1528,7 +1496,6 @@ test_session_destroy_success(void)
 			ret, 0, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	/*
@@ -2495,8 +2462,8 @@ static struct unit_test_suite security_testsuite  = {
 				test_session_create_inv_configuration),
 		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_session_create_inv_mempool),
-		TEST_CASE_ST(ut_setup, ut_teardown,
-				test_session_create_inv_sess_priv_mempool),
+//		TEST_CASE_ST(ut_setup, ut_teardown,
+//				test_session_create_inv_sess_priv_mempool),
 		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_session_create_mempool_empty),
 		TEST_CASE_ST(ut_setup, ut_teardown,
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 60963a8208..93a56994da 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -1022,8 +1022,7 @@ get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op)
 	} else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
 		if (likely(op->sym->sec_session != NULL))
 			sess = (struct aesni_mb_session *)
-					get_sec_session_private_data(
-						op->sym->sec_session);
+					(op->sym->sec_session);
 #endif
 	} else {
 		void *_sess = rte_cryptodev_sym_session_create(qp->sess_mp);
@@ -1639,7 +1638,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)
 		 * this is for DOCSIS
 		 */
 		is_docsis_sec = 1;
-		sess = get_sec_session_private_data(op->sym->sec_session);
+		sess = (struct aesni_mb_session *)(op->sym->sec_session);
 	} else
 #endif
 	{
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 48a8f91868..39c67e3952 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -1056,10 +1056,8 @@ struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops = &aesni_mb_pmd_ops;
  */
 static int
 aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
-		struct rte_security_session *sess,
-		struct rte_mempool *mempool)
+			     void *sess)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
@@ -1069,40 +1067,22 @@ aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		AESNI_MB_LOG(ERR, "Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,
-			sess_private_data);
-
+	ret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf, sess);
 	if (ret != 0) {
 		AESNI_MB_LOG(ERR, "Failed to configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static int
-aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,
-		struct rte_security_session *sess)
+aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused, void *sess)
 {
-	void *sess_priv = get_sec_session_private_data(sess);
+	if (sess)
+		memset(sess, 0, sizeof(struct aesni_mb_session));
 
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		memset(sess_priv, 0, sizeof(struct aesni_mb_session));
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
 	return 0;
 }
 
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 258750afe7..ce7a100778 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -1361,9 +1361,7 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 					cryptodev_driver_id);
 		break;
 	case RTE_CRYPTO_OP_SECURITY_SESSION:
-		ses = (struct caam_jr_session *)
-			get_sec_session_private_data(
-					op->sym->sec_session);
+		ses = (struct caam_jr_session *)(op->sym->sec_session);
 		break;
 	default:
 		CAAM_JR_DP_ERR("sessionless crypto op not supported");
@@ -1911,22 +1909,14 @@ caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 static int
 caam_jr_security_session_create(void *dev,
 				struct rte_security_session_conf *conf,
-				struct rte_security_session *sess,
-				struct rte_mempool *mempool)
+				void *sess)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CAAM_JR_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	switch (conf->protocol) {
 	case RTE_SECURITY_PROTOCOL_IPSEC:
-		ret = caam_jr_set_ipsec_session(cdev, conf,
-				sess_private_data);
+		ret = caam_jr_set_ipsec_session(cdev, conf, sess);
 		break;
 	case RTE_SECURITY_PROTOCOL_MACSEC:
 		return -ENOTSUP;
@@ -1935,34 +1925,24 @@ caam_jr_security_session_create(void *dev,
 	}
 	if (ret != 0) {
 		CAAM_JR_ERR("failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 /* Clear the memory of session so it doesn't leave key material behind */
 static int
-caam_jr_security_session_destroy(void *dev __rte_unused,
-				 struct rte_security_session *sess)
+caam_jr_security_session_destroy(void *dev __rte_unused, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = get_sec_session_private_data(sess);
 
-	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
-
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+	struct caam_jr_session *s = (struct caam_jr_session *)sess;
 
+	if (sess) {
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 		memset(sess, 0, sizeof(struct caam_jr_session));
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 	return 0;
 }
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 3caf05aab9..99968cc353 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -120,8 +120,8 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 
 	if (op->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
 		if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
-			sec_sess = get_sec_session_private_data(
-				sym_op->sec_session);
+			sec_sess = (struct cn10k_sec_session *)
+						(sym_op->sec_session);
 			ret = cpt_sec_inst_fill(op, sec_sess, &inst[0]);
 			if (unlikely(ret))
 				return 0;
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index ebb2a7ec48..6f31fd04c6 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -35,16 +35,14 @@ static int
 cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
 			   struct rte_security_ipsec_xform *ipsec_xfrm,
 			   struct rte_crypto_sym_xform *crypto_xfrm,
-			   struct rte_security_session *sec_sess)
+			   struct cn10k_sec_session *sess)
 {
 	struct roc_ot_ipsec_outb_sa *out_sa;
 	struct cnxk_ipsec_outb_rlens rlens;
-	struct cn10k_sec_session *sess;
 	struct cn10k_ipsec_sa *sa;
 	union cpt_inst_w4 inst_w4;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	out_sa = &sa->out_sa;
 
@@ -93,15 +91,13 @@ static int
 cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,
 			  struct rte_security_ipsec_xform *ipsec_xfrm,
 			  struct rte_crypto_sym_xform *crypto_xfrm,
-			  struct rte_security_session *sec_sess)
+			  struct cn10k_sec_session *sess)
 {
 	struct roc_ot_ipsec_inb_sa *in_sa;
-	struct cn10k_sec_session *sess;
 	struct cn10k_ipsec_sa *sa;
 	union cpt_inst_w4 inst_w4;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	in_sa = &sa->in_sa;
 
@@ -132,7 +128,7 @@ static int
 cn10k_ipsec_session_create(void *dev,
 			   struct rte_security_ipsec_xform *ipsec_xfrm,
 			   struct rte_crypto_sym_xform *crypto_xfrm,
-			   struct rte_security_session *sess)
+			   struct cn10k_sec_session *sess)
 {
 	struct rte_cryptodev *crypto_dev = dev;
 	struct roc_cpt *roc_cpt;
@@ -161,55 +157,28 @@ cn10k_ipsec_session_create(void *dev,
 
 static int
 cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,
-			 struct rte_security_session *sess,
-			 struct rte_mempool *mempool)
+			 void *sess)
 {
-	struct cn10k_sec_session *priv;
-	int ret;
+	struct cn10k_sec_session *priv = sess;
 
 	if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
 		return -EINVAL;
 
-	if (rte_mempool_get(mempool, (void **)&priv)) {
-		plt_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
-	set_sec_session_private_data(sess, priv);
-
 	if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {
-		ret = -ENOTSUP;
-		goto mempool_put;
+		return -ENOTSUP;
 	}
-	ret = cn10k_ipsec_session_create(device, &conf->ipsec,
-					 conf->crypto_xform, sess);
-	if (ret)
-		goto mempool_put;
-
-	return 0;
-
-mempool_put:
-	rte_mempool_put(mempool, priv);
-	set_sec_session_private_data(sess, NULL);
-	return ret;
+	return cn10k_ipsec_session_create(device, &conf->ipsec,
+					 conf->crypto_xform, priv);
 }
 
 static int
-cn10k_sec_session_destroy(void *device __rte_unused,
-			  struct rte_security_session *sess)
+cn10k_sec_session_destroy(void *device __rte_unused, void *sess)
 {
-	struct cn10k_sec_session *priv;
-	struct rte_mempool *sess_mp;
-
-	priv = get_sec_session_private_data(sess);
+	struct cn10k_sec_session *priv = sess;
 
 	if (priv == NULL)
 		return 0;
-
-	sess_mp = rte_mempool_from_obj(priv);
-
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
+	memset(priv, 0, sizeof(*priv));
 
 	return 0;
 }
diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
index 75277936b0..4c2dc5b080 100644
--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
@@ -56,7 +56,7 @@ cn9k_cpt_sec_inst_fill(struct rte_crypto_op *op,
 		return -ENOTSUP;
 	}
 
-	priv = get_sec_session_private_data(op->sym->sec_session);
+	priv = (struct cn9k_sec_session *)(op->sym->sec_session);
 	sa = &priv->sa;
 
 	if (sa->dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index 63ae025030..f3a6df0145 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -274,13 +274,12 @@ static int
 cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 			  struct rte_security_ipsec_xform *ipsec,
 			  struct rte_crypto_sym_xform *crypto_xform,
-			  struct rte_security_session *sec_sess)
+			  struct cn9k_sec_session *sess)
 {
 	struct rte_crypto_sym_xform *auth_xform = crypto_xform->next;
 	struct roc_ie_on_ip_template *template = NULL;
 	struct cnxk_cpt_inst_tmpl *inst_tmpl;
 	struct roc_ie_on_outb_sa *out_sa;
-	struct cn9k_sec_session *sess;
 	struct roc_ie_on_sa_ctl *ctl;
 	struct cn9k_ipsec_sa *sa;
 	struct rte_ipv6_hdr *ip6;
@@ -292,7 +291,6 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 	size_t ctx_len;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	out_sa = &sa->out_sa;
 	ctl = &out_sa->common_sa.ctl;
@@ -420,12 +418,11 @@ static int
 cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 			 struct rte_security_ipsec_xform *ipsec,
 			 struct rte_crypto_sym_xform *crypto_xform,
-			 struct rte_security_session *sec_sess)
+			 struct cn9k_sec_session *sess)
 {
 	struct rte_crypto_sym_xform *auth_xform = crypto_xform;
 	struct cnxk_cpt_inst_tmpl *inst_tmpl;
 	struct roc_ie_on_inb_sa *in_sa;
-	struct cn9k_sec_session *sess;
 	struct cn9k_ipsec_sa *sa;
 	const uint8_t *auth_key;
 	union cpt_inst_w4 w4;
@@ -434,7 +431,6 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 	size_t ctx_len = 0;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	in_sa = &sa->in_sa;
 
@@ -498,7 +494,7 @@ static int
 cn9k_ipsec_session_create(void *dev,
 			  struct rte_security_ipsec_xform *ipsec_xform,
 			  struct rte_crypto_sym_xform *crypto_xform,
-			  struct rte_security_session *sess)
+			  struct cn9k_sec_session *sess)
 {
 	struct rte_cryptodev *crypto_dev = dev;
 	struct cnxk_cpt_qp *qp;
@@ -529,53 +525,32 @@ cn9k_ipsec_session_create(void *dev,
 
 static int
 cn9k_sec_session_create(void *device, struct rte_security_session_conf *conf,
-			struct rte_security_session *sess,
-			struct rte_mempool *mempool)
+			void *sess)
 {
-	struct cn9k_sec_session *priv;
-	int ret;
+	struct cn9k_sec_session *priv = sess;
 
 	if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
 		return -EINVAL;
 
-	if (rte_mempool_get(mempool, (void **)&priv)) {
-		plt_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
 	memset(priv, 0, sizeof(*priv));
 
-	set_sec_session_private_data(sess, priv);
-
 	if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {
-		ret = -ENOTSUP;
-		goto mempool_put;
+		return -ENOTSUP;
 	}
 
-	ret = cn9k_ipsec_session_create(device, &conf->ipsec,
-					conf->crypto_xform, sess);
-	if (ret)
-		goto mempool_put;
-
-	return 0;
-
-mempool_put:
-	rte_mempool_put(mempool, priv);
-	set_sec_session_private_data(sess, NULL);
-	return ret;
+	return cn9k_ipsec_session_create(device, &conf->ipsec,
+					conf->crypto_xform, priv);
 }
 
 static int
-cn9k_sec_session_destroy(void *device __rte_unused,
-			 struct rte_security_session *sess)
+cn9k_sec_session_destroy(void *device __rte_unused, void *sess)
 {
 	struct roc_ie_on_outb_sa *out_sa;
 	struct cn9k_sec_session *priv;
-	struct rte_mempool *sess_mp;
 	struct roc_ie_on_sa_ctl *ctl;
 	struct cn9k_ipsec_sa *sa;
 
-	priv = get_sec_session_private_data(sess);
+	priv = sess;
 	if (priv == NULL)
 		return 0;
 
@@ -587,13 +562,8 @@ cn9k_sec_session_destroy(void *device __rte_unused,
 
 	rte_io_wmb();
 
-	sess_mp = rte_mempool_from_obj(priv);
-
 	memset(priv, 0, sizeof(*priv));
 
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
-
 	return 0;
 }
 
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index dfa72f3f93..176f1a27a0 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1358,8 +1358,7 @@ build_sec_fd(struct rte_crypto_op *op,
 				op->sym->session, cryptodev_driver_id);
 #ifdef RTE_LIB_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
-		sess = (dpaa2_sec_session *)get_sec_session_private_data(
-				op->sym->sec_session);
+		sess = (dpaa2_sec_session *)(op->sym->sec_session);
 #endif
 	else
 		return -ENOTSUP;
@@ -1532,7 +1531,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	struct rte_crypto_op *op;
 	uint16_t len = DPAA2_GET_FD_LEN(fd);
 	int16_t diff = 0;
-	dpaa2_sec_session *sess_priv __rte_unused;
+	dpaa2_sec_session *sess_priv;
 
 	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
 		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
@@ -1545,8 +1544,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	mbuf->buf_iova = op->sym->aead.digest.phys_addr;
 	op->sym->aead.digest.phys_addr = 0L;
 
-	sess_priv = (dpaa2_sec_session *)get_sec_session_private_data(
-				op->sym->sec_session);
+	sess_priv = (dpaa2_sec_session *)(op->sym->sec_session);
 	if (sess_priv->dir == DIR_ENC)
 		mbuf->data_off += SEC_FLC_DHR_OUTBOUND;
 	else
@@ -3395,63 +3393,44 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 static int
 dpaa2_sec_security_session_create(void *dev,
 				  struct rte_security_session_conf *conf,
-				  struct rte_security_session *sess,
-				  struct rte_mempool *mempool)
+				  void *sess)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		DPAA2_SEC_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	switch (conf->protocol) {
 	case RTE_SECURITY_PROTOCOL_IPSEC:
-		ret = dpaa2_sec_set_ipsec_session(cdev, conf,
-				sess_private_data);
+		ret = dpaa2_sec_set_ipsec_session(cdev, conf, sess);
 		break;
 	case RTE_SECURITY_PROTOCOL_MACSEC:
 		return -ENOTSUP;
 	case RTE_SECURITY_PROTOCOL_PDCP:
-		ret = dpaa2_sec_set_pdcp_session(cdev, conf,
-				sess_private_data);
+		ret = dpaa2_sec_set_pdcp_session(cdev, conf, sess);
 		break;
 	default:
 		return -EINVAL;
 	}
 	if (ret != 0) {
 		DPAA2_SEC_ERR("Failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static int
-dpaa2_sec_security_session_destroy(void *dev __rte_unused,
-		struct rte_security_session *sess)
+dpaa2_sec_security_session_destroy(void *dev __rte_unused, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = get_sec_session_private_data(sess);
 
-	dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
-
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+	dpaa2_sec_session *s = (dpaa2_sec_session *)sess;
 
+	if (sess) {
 		rte_free(s->ctxt);
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 		memset(s, 0, sizeof(dpaa2_sec_session));
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 	return 0;
 }
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index d5aa2748d6..5a087df090 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -1793,8 +1793,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 #ifdef RTE_LIB_SECURITY
 			case RTE_CRYPTO_OP_SECURITY_SESSION:
 				ses = (dpaa_sec_session *)
-					get_sec_session_private_data(
-							op->sym->sec_session);
+					(op->sym->sec_session);
 				break;
 #endif
 			default:
@@ -2572,7 +2571,6 @@ static inline void
 free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)
 {
 	struct dpaa_sec_dev_private *qi = dev->data->dev_private;
-	struct rte_mempool *sess_mp = rte_mempool_from_obj((void *)s);
 	uint8_t i;
 
 	for (i = 0; i < MAX_DPAA_CORES; i++) {
@@ -2582,7 +2580,6 @@ free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)
 		s->qp[i] = NULL;
 	}
 	free_session_data(s);
-	rte_mempool_put(sess_mp, (void *)s);
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
@@ -3117,26 +3114,23 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev,
 static int
 dpaa_sec_security_session_create(void *dev,
 				 struct rte_security_session_conf *conf,
-				 struct rte_security_session *sess,
-				 struct rte_mempool *mempool)
+				 void *sess)
 {
-	void *sess_private_data;
+//	void *sess_private_data = sess;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		DPAA_SEC_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
+//	if (rte_mempool_get(mempool, &sess_private_data)) {
+//		DPAA_SEC_ERR("Couldn't get object from session mempool");
+//		return -ENOMEM;
+//	}
 
 	switch (conf->protocol) {
 	case RTE_SECURITY_PROTOCOL_IPSEC:
-		ret = dpaa_sec_set_ipsec_session(cdev, conf,
-				sess_private_data);
+		ret = dpaa_sec_set_ipsec_session(cdev, conf, sess);
 		break;
 	case RTE_SECURITY_PROTOCOL_PDCP:
-		ret = dpaa_sec_set_pdcp_session(cdev, conf,
-				sess_private_data);
+		ret = dpaa_sec_set_pdcp_session(cdev, conf, sess);
 		break;
 	case RTE_SECURITY_PROTOCOL_MACSEC:
 		return -ENOTSUP;
@@ -3146,28 +3140,24 @@ dpaa_sec_security_session_create(void *dev,
 	if (ret != 0) {
 		DPAA_SEC_ERR("failed to configure session parameters");
 		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
+//		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
+//	set_sec_session_private_data(sess, sess_private_data);
 
 	return ret;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static int
-dpaa_sec_security_session_destroy(void *dev __rte_unused,
-		struct rte_security_session *sess)
+dpaa_sec_security_session_destroy(void *dev __rte_unused, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = get_sec_session_private_data(sess);
-	dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
+	dpaa_sec_session *s = (dpaa_sec_session *)sess;
 
-	if (sess_priv) {
+	if (sess)
 		free_session_memory((struct rte_cryptodev *)dev, s);
-		set_sec_session_private_data(sess, NULL);
-	}
 	return 0;
 }
 #endif
diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd.c b/drivers/crypto/mvsam/rte_mrvl_pmd.c
index a72642a772..245a4ad353 100644
--- a/drivers/crypto/mvsam/rte_mrvl_pmd.c
+++ b/drivers/crypto/mvsam/rte_mrvl_pmd.c
@@ -773,8 +773,7 @@ mrvl_request_prepare_sec(struct sam_cio_ipsec_params *request,
 		return -EINVAL;
 	}
 
-	sess = (struct mrvl_crypto_session *)get_sec_session_private_data(
-			op->sym->sec_session);
+	sess = (struct mrvl_crypto_session *)(op->sym->sec_session);
 	if (unlikely(sess == NULL)) {
 		MRVL_LOG(ERR, "Session was not created for this device! %d",
 			 cryptodev_driver_id);
diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
index 3064b1f136..e04a2c88c7 100644
--- a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
+++ b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
@@ -913,16 +913,12 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static int
-mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,
-		struct rte_security_session *sess)
+mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused, void *sess)
 {
-	void *sess_priv = get_sec_session_private_data(sess);
-
 	/* Zero out the whole structure */
-	if (sess_priv) {
+	if (sess) {
 		struct mrvl_crypto_session *mrvl_sess =
 			(struct mrvl_crypto_session *)sess_priv;
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
 
 		if (mrvl_sess->sam_sess &&
 		    sam_session_destroy(mrvl_sess->sam_sess) < 0) {
@@ -932,9 +928,6 @@ mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,
 		rte_free(mrvl_sess->sam_sess_params.cipher_key);
 		rte_free(mrvl_sess->sam_sess_params.auth_key);
 		rte_free(mrvl_sess->sam_sess_params.cipher_iv);
-		memset(sess, 0, sizeof(struct rte_security_session));
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 	return 0;
 }
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
index 37fad11d91..7b744cd4b4 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
@@ -702,7 +702,7 @@ otx2_cpt_enqueue_sec(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
 	uint8_t esn;
 	int ret;
 
-	priv = get_sec_session_private_data(op->sym->sec_session);
+	priv = (struct otx2_sec_session *)(op->sym->sec_session);
 	sess = &priv->ipsec.lp;
 	sa = &sess->in_sa;
 
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_sec.c b/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
index a5db40047d..56900e3187 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
@@ -203,7 +203,7 @@ static int
 crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
 				     struct rte_security_ipsec_xform *ipsec,
 				     struct rte_crypto_sym_xform *crypto_xform,
-				     struct rte_security_session *sec_sess)
+				     struct otx2_sec_session *sess)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	struct otx2_ipsec_po_ip_template *template = NULL;
@@ -212,13 +212,11 @@ crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
 	struct otx2_ipsec_po_sa_ctl *ctl;
 	int cipher_key_len, auth_key_len;
 	struct otx2_ipsec_po_out_sa *sa;
-	struct otx2_sec_session *sess;
 	struct otx2_cpt_inst_s inst;
 	struct rte_ipv6_hdr *ip6;
 	struct rte_ipv4_hdr *ip;
 	int ret, ctx_len;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sess->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;
 	lp = &sess->ipsec.lp;
 
@@ -398,7 +396,7 @@ static int
 crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
 				    struct rte_security_ipsec_xform *ipsec,
 				    struct rte_crypto_sym_xform *crypto_xform,
-				    struct rte_security_session *sec_sess)
+				    struct otx2_sec_session *sess)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	const uint8_t *cipher_key, *auth_key;
@@ -406,11 +404,9 @@ crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
 	struct otx2_ipsec_po_sa_ctl *ctl;
 	int cipher_key_len, auth_key_len;
 	struct otx2_ipsec_po_in_sa *sa;
-	struct otx2_sec_session *sess;
 	struct otx2_cpt_inst_s inst;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sess->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;
 	lp = &sess->ipsec.lp;
 
@@ -512,7 +508,7 @@ static int
 crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,
 				struct rte_security_ipsec_xform *ipsec,
 				struct rte_crypto_sym_xform *crypto_xform,
-				struct rte_security_session *sess)
+				struct otx2_sec_session *sess)
 {
 	int ret;
 
@@ -536,10 +532,9 @@ crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,
 static int
 otx2_crypto_sec_session_create(void *device,
 			       struct rte_security_session_conf *conf,
-			       struct rte_security_session *sess,
-			       struct rte_mempool *mempool)
+			       void *sess)
 {
-	struct otx2_sec_session *priv;
+	struct otx2_sec_session *priv = sess;
 	int ret;
 
 	if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
@@ -548,51 +543,25 @@ otx2_crypto_sec_session_create(void *device,
 	if (rte_security_dynfield_register() < 0)
 		return -rte_errno;
 
-	if (rte_mempool_get(mempool, (void **)&priv)) {
-		otx2_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
-	set_sec_session_private_data(sess, priv);
-
 	priv->userdata = conf->userdata;
 
 	if (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)
 		ret = crypto_sec_ipsec_session_create(device, &conf->ipsec,
 						      conf->crypto_xform,
-						      sess);
+						      priv);
 	else
 		ret = -ENOTSUP;
 
-	if (ret)
-		goto mempool_put;
-
-	return 0;
-
-mempool_put:
-	rte_mempool_put(mempool, priv);
-	set_sec_session_private_data(sess, NULL);
 	return ret;
 }
 
 static int
-otx2_crypto_sec_session_destroy(void *device __rte_unused,
-				struct rte_security_session *sess)
+otx2_crypto_sec_session_destroy(void *device __rte_unused, void *sess)
 {
-	struct otx2_sec_session *priv;
-	struct rte_mempool *sess_mp;
+	struct otx2_sec_session *priv = sess;
 
-	priv = get_sec_session_private_data(sess);
-
-	if (priv == NULL)
-		return 0;
-
-	sess_mp = rte_mempool_from_obj(priv);
-
-	memset(priv, 0, sizeof(*priv));
-
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
+	if (priv)
+		memset(priv, 0, sizeof(*priv));
 
 	return 0;
 }
@@ -604,8 +573,7 @@ otx2_crypto_sec_session_get_size(void *device __rte_unused)
 }
 
 static int
-otx2_crypto_sec_set_pkt_mdata(void *device __rte_unused,
-			      struct rte_security_session *session,
+otx2_crypto_sec_set_pkt_mdata(void *device __rte_unused, void *session,
 			      struct rte_mbuf *m, void *params __rte_unused)
 {
 	/* Set security session as the pkt metadata */
diff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c
index 93b257522b..fbb17e61ff 100644
--- a/drivers/crypto/qat/qat_sym.c
+++ b/drivers/crypto/qat/qat_sym.c
@@ -250,8 +250,7 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg,
 				op->sym->session, qat_sym_driver_id);
 #ifdef RTE_LIB_SECURITY
 	} else {
-		ctx = (struct qat_sym_session *)get_sec_session_private_data(
-				op->sym->sec_session);
+		ctx = (struct qat_sym_session *)(op->sym->sec_session);
 		if (likely(ctx)) {
 			if (unlikely(ctx->bpi_ctx == NULL)) {
 				QAT_DP_LOG(ERR, "QAT PMD only supports security"
diff --git a/drivers/crypto/qat/qat_sym.h b/drivers/crypto/qat/qat_sym.h
index e3ec7f0de4..8904aabd3d 100644
--- a/drivers/crypto/qat/qat_sym.h
+++ b/drivers/crypto/qat/qat_sym.h
@@ -202,9 +202,7 @@ qat_sym_preprocess_requests(void **ops, uint16_t nb_ops)
 		op = (struct rte_crypto_op *)ops[i];
 
 		if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
-			ctx = (struct qat_sym_session *)
-				get_sec_session_private_data(
-					op->sym->sec_session);
+			ctx = (struct qat_sym_session *)(op->sym->sec_session);
 
 			if (ctx == NULL || ctx->bpi_ctx == NULL)
 				continue;
@@ -243,9 +241,7 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie)
 		 * Assuming at this point that if it's a security
 		 * op, that this is for DOCSIS
 		 */
-		sess = (struct qat_sym_session *)
-				get_sec_session_private_data(
-				rx_op->sym->sec_session);
+		sess = (struct qat_sym_session *)(rx_op->sym->sec_session);
 		is_docsis_sec = 1;
 	} else
 #endif
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 3f2f6736fc..2a22347c7f 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -2283,10 +2283,8 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
 int
 qat_security_session_create(void *dev,
 				struct rte_security_session_conf *conf,
-				struct rte_security_session *sess,
-				struct rte_mempool *mempool)
+				void *sess_private_data)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
@@ -2296,40 +2294,25 @@ qat_security_session_create(void *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		QAT_LOG(ERR, "Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = qat_sec_session_set_docsis_parameters(cdev, conf,
 			sess_private_data);
 	if (ret != 0) {
 		QAT_LOG(ERR, "Failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 int
-qat_security_session_destroy(void *dev __rte_unused,
-				 struct rte_security_session *sess)
+qat_security_session_destroy(void *dev __rte_unused, void *sess_priv)
 {
-	void *sess_priv = get_sec_session_private_data(sess);
 	struct qat_sym_session *s = (struct qat_sym_session *)sess_priv;
 
 	if (sess_priv) {
 		if (s->bpi_ctx)
 			bpi_cipher_ctx_free(s->bpi_ctx);
 		memset(s, 0, qat_sym_session_get_private_size(dev));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 	return 0;
 }
diff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h
index 6ebc176729..7fcc1d6f7b 100644
--- a/drivers/crypto/qat/qat_sym_session.h
+++ b/drivers/crypto/qat/qat_sym_session.h
@@ -166,9 +166,9 @@ qat_sym_validate_zuc_key(int key_len, enum icp_qat_hw_cipher_algo *alg);
 #ifdef RTE_LIB_SECURITY
 int
 qat_security_session_create(void *dev, struct rte_security_session_conf *conf,
-		struct rte_security_session *sess, struct rte_mempool *mempool);
+		void *sess);
 int
-qat_security_session_destroy(void *dev, struct rte_security_session *sess);
+qat_security_session_destroy(void *dev, void *sess);
 #endif
 
 #endif /* _QAT_SYM_SESSION_H_ */
diff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c
index e45c5501e6..7e3f05a067 100644
--- a/drivers/net/ixgbe/ixgbe_ipsec.c
+++ b/drivers/net/ixgbe/ixgbe_ipsec.c
@@ -369,24 +369,17 @@ ixgbe_crypto_remove_sa(struct rte_eth_dev *dev,
 static int
 ixgbe_crypto_create_session(void *device,
 		struct rte_security_session_conf *conf,
-		struct rte_security_session *session,
-		struct rte_mempool *mempool)
+		void *session)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
-	struct ixgbe_crypto_session *ic_session = NULL;
+	struct ixgbe_crypto_session *ic_session = session;
 	struct rte_crypto_aead_xform *aead_xform;
 	struct rte_eth_conf *dev_conf = &eth_dev->data->dev_conf;
 
-	if (rte_mempool_get(mempool, (void **)&ic_session)) {
-		PMD_DRV_LOG(ERR, "Cannot get object from ic_session mempool");
-		return -ENOMEM;
-	}
-
 	if (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||
 			conf->crypto_xform->aead.algo !=
 					RTE_CRYPTO_AEAD_AES_GCM) {
 		PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
-		rte_mempool_put(mempool, (void *)ic_session);
 		return -ENOTSUP;
 	}
 	aead_xform = &conf->crypto_xform->aead;
@@ -396,7 +389,6 @@ ixgbe_crypto_create_session(void *device,
 			ic_session->op = IXGBE_OP_AUTHENTICATED_DECRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	} else {
@@ -404,7 +396,6 @@ ixgbe_crypto_create_session(void *device,
 			ic_session->op = IXGBE_OP_AUTHENTICATED_ENCRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	}
@@ -416,12 +407,9 @@ ixgbe_crypto_create_session(void *device,
 	ic_session->spi = conf->ipsec.spi;
 	ic_session->dev = eth_dev;
 
-	set_sec_session_private_data(session, ic_session);
-
 	if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		if (ixgbe_crypto_add_sa(ic_session)) {
 			PMD_DRV_LOG(ERR, "Failed to add SA\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -EPERM;
 		}
 	}
@@ -436,14 +424,11 @@ ixgbe_crypto_session_get_size(__rte_unused void *device)
 }
 
 static int
-ixgbe_crypto_remove_session(void *device,
-		struct rte_security_session *session)
+ixgbe_crypto_remove_session(void *device, void *session)
 {
 	struct rte_eth_dev *eth_dev = device;
 	struct ixgbe_crypto_session *ic_session =
-		(struct ixgbe_crypto_session *)
-		get_sec_session_private_data(session);
-	struct rte_mempool *mempool = rte_mempool_from_obj(ic_session);
+		(struct ixgbe_crypto_session *)session;
 
 	if (eth_dev != ic_session->dev) {
 		PMD_DRV_LOG(ERR, "Session not bound to this device\n");
@@ -455,8 +440,6 @@ ixgbe_crypto_remove_session(void *device,
 		return -EFAULT;
 	}
 
-	rte_mempool_put(mempool, (void *)ic_session);
-
 	return 0;
 }
 
@@ -476,12 +459,11 @@ ixgbe_crypto_compute_pad_len(struct rte_mbuf *m)
 }
 
 static int
-ixgbe_crypto_update_mb(void *device __rte_unused,
-		struct rte_security_session *session,
+ixgbe_crypto_update_mb(void *device __rte_unused, void *session,
 		       struct rte_mbuf *m, void *params __rte_unused)
 {
-	struct ixgbe_crypto_session *ic_session =
-			get_sec_session_private_data(session);
+	struct ixgbe_crypto_session *ic_session = session;
+
 	if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		union ixgbe_crypto_tx_desc_md *mdata =
 			(union ixgbe_crypto_tx_desc_md *)
@@ -685,8 +667,8 @@ ixgbe_crypto_add_ingress_sa_from_flow(const void *sess,
 				      const void *ip_spec,
 				      uint8_t is_ipv6)
 {
-	struct ixgbe_crypto_session *ic_session
-		= get_sec_session_private_data(sess);
+	struct ixgbe_crypto_session *ic_session =
+				(struct ixgbe_crypto_session *)sess;
 
 	if (ic_session->op == IXGBE_OP_AUTHENTICATED_DECRYPTION) {
 		if (is_ipv6) {
diff --git a/drivers/net/octeontx2/otx2_ethdev_sec.c b/drivers/net/octeontx2/otx2_ethdev_sec.c
index c2a36883cb..ef851fe52c 100644
--- a/drivers/net/octeontx2/otx2_ethdev_sec.c
+++ b/drivers/net/octeontx2/otx2_ethdev_sec.c
@@ -350,7 +350,7 @@ static int
 eth_sec_ipsec_out_sess_create(struct rte_eth_dev *eth_dev,
 			      struct rte_security_ipsec_xform *ipsec,
 			      struct rte_crypto_sym_xform *crypto_xform,
-			      struct rte_security_session *sec_sess)
+			      struct otx2_sec_session *sec_sess)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	struct otx2_sec_session_ipsec_ip *sess;
@@ -363,7 +363,7 @@ eth_sec_ipsec_out_sess_create(struct rte_eth_dev *eth_dev,
 	struct otx2_cpt_inst_s inst;
 	struct otx2_cpt_qp *qp;
 
-	priv = get_sec_session_private_data(sec_sess);
+	priv = sec_sess;
 	priv->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;
 	sess = &priv->ipsec.ip;
 
@@ -468,7 +468,7 @@ static int
 eth_sec_ipsec_in_sess_create(struct rte_eth_dev *eth_dev,
 			     struct rte_security_ipsec_xform *ipsec,
 			     struct rte_crypto_sym_xform *crypto_xform,
-			     struct rte_security_session *sec_sess)
+			     struct otx2_sec_session *sec_sess)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	struct otx2_eth_dev *dev = otx2_eth_pmd_priv(eth_dev);
@@ -495,7 +495,7 @@ eth_sec_ipsec_in_sess_create(struct rte_eth_dev *eth_dev,
 
 	ctl = &sa->ctl;
 
-	priv = get_sec_session_private_data(sec_sess);
+	priv = sec_sess;
 	priv->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;
 	sess = &priv->ipsec.ip;
 
@@ -619,7 +619,7 @@ static int
 eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,
 			  struct rte_security_ipsec_xform *ipsec,
 			  struct rte_crypto_sym_xform *crypto_xform,
-			  struct rte_security_session *sess)
+			  struct otx2_sec_session *sess)
 {
 	int ret;
 
@@ -638,22 +638,14 @@ eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,
 static int
 otx2_eth_sec_session_create(void *device,
 			    struct rte_security_session_conf *conf,
-			    struct rte_security_session *sess,
-			    struct rte_mempool *mempool)
+			    void *sess)
 {
-	struct otx2_sec_session *priv;
+	struct otx2_sec_session *priv = sess;
 	int ret;
 
 	if (conf->action_type != RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL)
 		return -ENOTSUP;
 
-	if (rte_mempool_get(mempool, (void **)&priv)) {
-		otx2_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
-	set_sec_session_private_data(sess, priv);
-
 	/*
 	 * Save userdata provided by the application. For ingress packets, this
 	 * could be used to identify the SA.
@@ -663,19 +655,14 @@ otx2_eth_sec_session_create(void *device,
 	if (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)
 		ret = eth_sec_ipsec_sess_create(device, &conf->ipsec,
 						conf->crypto_xform,
-						sess);
+						priv);
 	else
 		ret = -ENOTSUP;
 
 	if (ret)
-		goto mempool_put;
+		return ret;
 
 	return 0;
-
-mempool_put:
-	rte_mempool_put(mempool, priv);
-	set_sec_session_private_data(sess, NULL);
-	return ret;
 }
 
 static void
@@ -688,20 +675,14 @@ otx2_eth_sec_free_anti_replay(struct otx2_ipsec_fp_in_sa *sa)
 }
 
 static int
-otx2_eth_sec_session_destroy(void *device,
-			     struct rte_security_session *sess)
+otx2_eth_sec_session_destroy(void *device, void *sess)
 {
 	struct otx2_eth_dev *dev = otx2_eth_pmd_priv(device);
 	struct otx2_sec_session_ipsec_ip *sess_ip;
 	struct otx2_ipsec_fp_in_sa *sa;
-	struct otx2_sec_session *priv;
-	struct rte_mempool *sess_mp;
+	struct otx2_sec_session *priv = sess;
 	int ret;
 
-	priv = get_sec_session_private_data(sess);
-	if (priv == NULL)
-		return -EINVAL;
-
 	sess_ip = &priv->ipsec.ip;
 
 	if (priv->ipsec.dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
@@ -727,11 +708,6 @@ otx2_eth_sec_session_destroy(void *device,
 			return ret;
 	}
 
-	sess_mp = rte_mempool_from_obj(priv);
-
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
-
 	return 0;
 }
 
@@ -742,9 +718,8 @@ otx2_eth_sec_session_get_size(void *device __rte_unused)
 }
 
 static int
-otx2_eth_sec_set_pkt_mdata(void *device __rte_unused,
-			    struct rte_security_session *session,
-			    struct rte_mbuf *m, void *params __rte_unused)
+otx2_eth_sec_set_pkt_mdata(void *device __rte_unused, void *session,
+		struct rte_mbuf *m, void *params __rte_unused)
 {
 	/* Set security session as the pkt metadata */
 	*rte_security_dynfield(m) = (rte_security_dynfield_t)session;
diff --git a/drivers/net/octeontx2/otx2_ethdev_sec_tx.h b/drivers/net/octeontx2/otx2_ethdev_sec_tx.h
index 623a2a841e..9ecb786947 100644
--- a/drivers/net/octeontx2/otx2_ethdev_sec_tx.h
+++ b/drivers/net/octeontx2/otx2_ethdev_sec_tx.h
@@ -54,7 +54,7 @@ otx2_sec_event_tx(uint64_t base, struct rte_event *ev, struct rte_mbuf *m,
 		struct nix_iova_s nix_iova;
 	} *sd;
 
-	priv = get_sec_session_private_data((void *)(*rte_security_dynfield(m)));
+	priv = (void *)(*rte_security_dynfield(m));
 	sess = &priv->ipsec.ip;
 	sa = &sess->out_sa;
 
diff --git a/drivers/net/txgbe/txgbe_ipsec.c b/drivers/net/txgbe/txgbe_ipsec.c
index ccd747973b..cc6370c2f3 100644
--- a/drivers/net/txgbe/txgbe_ipsec.c
+++ b/drivers/net/txgbe/txgbe_ipsec.c
@@ -349,24 +349,17 @@ txgbe_crypto_remove_sa(struct rte_eth_dev *dev,
 static int
 txgbe_crypto_create_session(void *device,
 		struct rte_security_session_conf *conf,
-		struct rte_security_session *session,
-		struct rte_mempool *mempool)
+		void *session)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
-	struct txgbe_crypto_session *ic_session = NULL;
+	struct txgbe_crypto_session *ic_session = session;
 	struct rte_crypto_aead_xform *aead_xform;
 	struct rte_eth_conf *dev_conf = &eth_dev->data->dev_conf;
 
-	if (rte_mempool_get(mempool, (void **)&ic_session)) {
-		PMD_DRV_LOG(ERR, "Cannot get object from ic_session mempool");
-		return -ENOMEM;
-	}
-
 	if (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||
 			conf->crypto_xform->aead.algo !=
 					RTE_CRYPTO_AEAD_AES_GCM) {
 		PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
-		rte_mempool_put(mempool, (void *)ic_session);
 		return -ENOTSUP;
 	}
 	aead_xform = &conf->crypto_xform->aead;
@@ -376,7 +369,6 @@ txgbe_crypto_create_session(void *device,
 			ic_session->op = TXGBE_OP_AUTHENTICATED_DECRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	} else {
@@ -384,7 +376,6 @@ txgbe_crypto_create_session(void *device,
 			ic_session->op = TXGBE_OP_AUTHENTICATED_ENCRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	}
@@ -396,12 +387,9 @@ txgbe_crypto_create_session(void *device,
 	ic_session->spi = conf->ipsec.spi;
 	ic_session->dev = eth_dev;
 
-	set_sec_session_private_data(session, ic_session);
-
 	if (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		if (txgbe_crypto_add_sa(ic_session)) {
 			PMD_DRV_LOG(ERR, "Failed to add SA\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -EPERM;
 		}
 	}
@@ -416,14 +404,11 @@ txgbe_crypto_session_get_size(__rte_unused void *device)
 }
 
 static int
-txgbe_crypto_remove_session(void *device,
-		struct rte_security_session *session)
+txgbe_crypto_remove_session(void *device, void *session)
 {
 	struct rte_eth_dev *eth_dev = device;
 	struct txgbe_crypto_session *ic_session =
-		(struct txgbe_crypto_session *)
-		get_sec_session_private_data(session);
-	struct rte_mempool *mempool = rte_mempool_from_obj(ic_session);
+		(struct txgbe_crypto_session *)session;
 
 	if (eth_dev != ic_session->dev) {
 		PMD_DRV_LOG(ERR, "Session not bound to this device\n");
@@ -435,8 +420,6 @@ txgbe_crypto_remove_session(void *device,
 		return -EFAULT;
 	}
 
-	rte_mempool_put(mempool, (void *)ic_session);
-
 	return 0;
 }
 
@@ -456,12 +439,11 @@ txgbe_crypto_compute_pad_len(struct rte_mbuf *m)
 }
 
 static int
-txgbe_crypto_update_mb(void *device __rte_unused,
-		struct rte_security_session *session,
-		       struct rte_mbuf *m, void *params __rte_unused)
+txgbe_crypto_update_mb(void *device __rte_unused, void *session,
+		struct rte_mbuf *m, void *params __rte_unused)
 {
-	struct txgbe_crypto_session *ic_session =
-			get_sec_session_private_data(session);
+	struct txgbe_crypto_session *ic_session = session;
+
 	if (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		union txgbe_crypto_tx_desc_md *mdata =
 			(union txgbe_crypto_tx_desc_md *)
@@ -662,7 +644,7 @@ txgbe_crypto_add_ingress_sa_from_flow(const void *sess,
 				      uint8_t is_ipv6)
 {
 	struct txgbe_crypto_session *ic_session =
-			get_sec_session_private_data(sess);
+				(struct txgbe_crypto_session *)sess;
 
 	if (ic_session->op == TXGBE_OP_AUTHENTICATED_DECRYPTION) {
 		if (is_ipv6) {
diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 6817139663..03d907cba8 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -117,8 +117,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa,
 			set_ipsec_conf(sa, &(sess_conf.ipsec));
 
 			ips->security.ses = rte_security_session_create(ctx,
-					&sess_conf, ipsec_ctx->session_pool,
-					ipsec_ctx->session_priv_pool);
+					&sess_conf, ipsec_ctx->session_pool);
 			if (ips->security.ses == NULL) {
 				RTE_LOG(ERR, IPSEC,
 				"SEC Session init failed: err: %d\n", ret);
@@ -199,8 +198,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
 		}
 
 		ips->security.ses = rte_security_session_create(sec_ctx,
-				&sess_conf, skt_ctx->session_pool,
-				skt_ctx->session_priv_pool);
+				&sess_conf, skt_ctx->session_pool);
 		if (ips->security.ses == NULL) {
 			RTE_LOG(ERR, IPSEC,
 				"SEC Session init failed: err: %d\n", ret);
@@ -380,8 +378,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
 		sess_conf.userdata = (void *) sa;
 
 		ips->security.ses = rte_security_session_create(sec_ctx,
-					&sess_conf, skt_ctx->session_pool,
-					skt_ctx->session_priv_pool);
+					&sess_conf, skt_ctx->session_pool);
 		if (ips->security.ses == NULL) {
 			RTE_LOG(ERR, IPSEC,
 				"SEC Session init failed: err: %d\n", ret);
diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c
index fe81ed3e4c..06560b9cba 100644
--- a/lib/security/rte_security.c
+++ b/lib/security/rte_security.c
@@ -39,35 +39,37 @@ rte_security_dynfield_register(void)
 	return rte_security_dynfield_offset;
 }
 
-struct rte_security_session *
+void *
 rte_security_session_create(struct rte_security_ctx *instance,
 			    struct rte_security_session_conf *conf,
-			    struct rte_mempool *mp,
-			    struct rte_mempool *priv_mp)
+			    struct rte_mempool *mp)
 {
 	struct rte_security_session *sess = NULL;
 
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
 	RTE_PTR_OR_ERR_RET(conf, NULL);
 	RTE_PTR_OR_ERR_RET(mp, NULL);
-	RTE_PTR_OR_ERR_RET(priv_mp, NULL);
+
+	if (mp->elt_size < sizeof(struct rte_security_session) +
+			instance->ops->session_get_size(instance->device))
+		return NULL;
 
 	if (rte_mempool_get(mp, (void **)&sess))
 		return NULL;
 
 	if (instance->ops->session_create(instance->device, conf,
-				sess, priv_mp)) {
+				sess->sess_private_data)) {
 		rte_mempool_put(mp, (void *)sess);
 		return NULL;
 	}
 	instance->sess_cnt++;
 
-	return sess;
+	return sess->sess_private_data;
 }
 
 int
 rte_security_session_update(struct rte_security_ctx *instance,
-			    struct rte_security_session *sess,
+			    void *sess,
 			    struct rte_security_session_conf *conf)
 {
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
@@ -88,8 +90,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance)
 
 int
 rte_security_session_stats_get(struct rte_security_ctx *instance,
-			       struct rte_security_session *sess,
-			       struct rte_security_stats *stats)
+			       void *sess, struct rte_security_stats *stats)
 {
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
 			-ENOTSUP);
@@ -100,9 +101,9 @@ rte_security_session_stats_get(struct rte_security_ctx *instance,
 }
 
 int
-rte_security_session_destroy(struct rte_security_ctx *instance,
-			     struct rte_security_session *sess)
+rte_security_session_destroy(struct rte_security_ctx *instance, void *sess)
 {
+	struct rte_security_session *s;
 	int ret;
 
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
@@ -113,7 +114,8 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
 	if (ret != 0)
 		return ret;
 
-	rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
+	s = container_of(sess, struct rte_security_session, sess_private_data);
+	rte_mempool_put(rte_mempool_from_obj(s), (void *)s);
 
 	if (instance->sess_cnt)
 		instance->sess_cnt--;
@@ -123,7 +125,7 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
 
 int
 __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
-				struct rte_security_session *sess,
+				void *sess,
 				struct rte_mbuf *m, void *params)
 {
 #ifdef RTE_DEBUG
diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
index ab1a6e1f65..bef42c0686 100644
--- a/lib/security/rte_security.h
+++ b/lib/security/rte_security.h
@@ -457,10 +457,12 @@ struct rte_security_session_conf {
 };
 
 struct rte_security_session {
-	void *sess_private_data;
-	/**< Private session material */
 	uint64_t opaque_data;
 	/**< Opaque user defined data */
+	uint64_t fast_mdata;
+	/**< Fast metadata to be used for inline path */
+	__extension__ void *sess_private_data[0];
+	/**< Private session material */
 };
 
 /**
@@ -474,11 +476,10 @@ struct rte_security_session {
  *  - On success, pointer to session
  *  - On failure, NULL
  */
-struct rte_security_session *
+void *
 rte_security_session_create(struct rte_security_ctx *instance,
 			    struct rte_security_session_conf *conf,
-			    struct rte_mempool *mp,
-			    struct rte_mempool *priv_mp);
+			    struct rte_mempool *mp);
 
 /**
  * Update security session as specified by the session configuration
@@ -493,7 +494,7 @@ rte_security_session_create(struct rte_security_ctx *instance,
 __rte_experimental
 int
 rte_security_session_update(struct rte_security_ctx *instance,
-			    struct rte_security_session *sess,
+			    void *sess,
 			    struct rte_security_session_conf *conf);
 
 /**
@@ -524,7 +525,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance);
  */
 int
 rte_security_session_destroy(struct rte_security_ctx *instance,
-			     struct rte_security_session *sess);
+			     void *sess);
 
 /** Device-specific metadata field type */
 typedef uint64_t rte_security_dynfield_t;
@@ -570,7 +571,7 @@ static inline bool rte_security_dynfield_is_registered(void)
 /** Function to call PMD specific function pointer set_pkt_metadata() */
 __rte_experimental
 extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
-					   struct rte_security_session *sess,
+					   void *sess,
 					   struct rte_mbuf *m, void *params);
 
 /**
@@ -588,13 +589,13 @@ extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
  */
 static inline int
 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
-			      struct rte_security_session *sess,
+			      void *sess,
 			      struct rte_mbuf *mb, void *params)
 {
 	/* Fast Path */
 	if (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {
 		*rte_security_dynfield(mb) =
-			(rte_security_dynfield_t)(sess->sess_private_data);
+			(rte_security_dynfield_t)(sess);
 		return 0;
 	}
 
@@ -644,26 +645,13 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
  */
 static inline int
 __rte_security_attach_session(struct rte_crypto_sym_op *sym_op,
-			      struct rte_security_session *sess)
+			      void *sess)
 {
 	sym_op->sec_session = sess;
 
 	return 0;
 }
 
-static inline void *
-get_sec_session_private_data(const struct rte_security_session *sess)
-{
-	return sess->sess_private_data;
-}
-
-static inline void
-set_sec_session_private_data(struct rte_security_session *sess,
-			     void *private_data)
-{
-	sess->sess_private_data = private_data;
-}
-
 /**
  * Attach a session to a crypto operation.
  * This API is needed only in case of RTE_SECURITY_SESS_CRYPTO_PROTO_OFFLOAD
@@ -674,8 +662,7 @@ set_sec_session_private_data(struct rte_security_session *sess,
  * @param	sess	security session
  */
 static inline int
-rte_security_attach_session(struct rte_crypto_op *op,
-			    struct rte_security_session *sess)
+rte_security_attach_session(struct rte_crypto_op *op, void *sess)
 {
 	if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))
 		return -EINVAL;
@@ -737,7 +724,7 @@ struct rte_security_stats {
 __rte_experimental
 int
 rte_security_session_stats_get(struct rte_security_ctx *instance,
-			       struct rte_security_session *sess,
+			       void *sess,
 			       struct rte_security_stats *stats);
 
 /**
diff --git a/lib/security/rte_security_driver.h b/lib/security/rte_security_driver.h
index 938373205c..9afefc8c4e 100644
--- a/lib/security/rte_security_driver.h
+++ b/lib/security/rte_security_driver.h
@@ -35,8 +35,7 @@ extern "C" {
  */
 typedef int (*security_session_create_t)(void *device,
 		struct rte_security_session_conf *conf,
-		struct rte_security_session *sess,
-		struct rte_mempool *mp);
+		void *sess);
 
 /**
  * Free driver private session data.
@@ -44,8 +43,7 @@ typedef int (*security_session_create_t)(void *device,
  * @param	device		Crypto/eth device pointer
  * @param	sess		Security session structure
  */
-typedef int (*security_session_destroy_t)(void *device,
-		struct rte_security_session *sess);
+typedef int (*security_session_destroy_t)(void *device, void *sess);
 
 /**
  * Update driver private session data.
@@ -60,8 +58,7 @@ typedef int (*security_session_destroy_t)(void *device,
  *  - Returns -ENOTSUP if crypto device does not support the crypto transform.
  */
 typedef int (*security_session_update_t)(void *device,
-		struct rte_security_session *sess,
-		struct rte_security_session_conf *conf);
+		void *sess, struct rte_security_session_conf *conf);
 
 /**
  * Get the size of a security session
@@ -86,8 +83,7 @@ typedef unsigned int (*security_session_get_size)(void *device);
  *  - Returns -EINVAL if session parameters are invalid.
  */
 typedef int (*security_session_stats_get_t)(void *device,
-		struct rte_security_session *sess,
-		struct rte_security_stats *stats);
+		void *sess, struct rte_security_stats *stats);
 
 __rte_experimental
 int rte_security_dynfield_register(void);
@@ -96,7 +92,7 @@ int rte_security_dynfield_register(void);
  * Update the mbuf with provided metadata.
  *
  * @param	device		Crypto/eth device pointer
- * @param	sess		Security session structure
+ * @param	sess		Security session
  * @param	mb		Packet buffer
  * @param	params		Metadata
  *
@@ -105,7 +101,7 @@ int rte_security_dynfield_register(void);
  *  - Returns -ve value for errors.
  */
 typedef int (*security_set_pkt_metadata_t)(void *device,
-		struct rte_security_session *sess, struct rte_mbuf *mb,
+		void *sess, struct rte_mbuf *mb,
 		void *params);
 
 /**
-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe
  2021-09-30 14:50 [dpdk-dev] [PATCH 0/3] crypto/security session framework rework Akhil Goyal
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 1/3] security: rework session framework Akhil Goyal
@ 2021-09-30 14:50 ` Akhil Goyal
  2021-10-12 12:26   ` Zhang, Roy Fan
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 3/3] cryptodev: rework session framework Akhil Goyal
  2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework Akhil Goyal
  3 siblings, 1 reply; 49+ messages in thread
From: Akhil Goyal @ 2021-09-30 14:50 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, Akhil Goyal, Jian Wang, Jiawen Wu,
	Haiyue Wang

The PMDs ixgbe and txgbe are currently making
rte_security_session private data as constant,
but they are getting filled inside the API.
This was feasible as the session_private_data
and rte_security_session pointers were separate.
But now these two will be from same memory chunk.
Hence it cannot use them as const.
Need help from PMD owners to fix this.
Cc: Jian Wang <jianwang@trustnetic.com>
Cc: Jiawen Wu <jiawenwu@trustnetic.com>
Cc: Haiyue Wang <haiyue.wang@intel.com>
Cc: Fan Zhang <roy.fan.zhang@intel.com>

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 drivers/net/meson.build | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/net/meson.build b/drivers/net/meson.build
index bcf488f203..4c0cd50cd5 100644
--- a/drivers/net/meson.build
+++ b/drivers/net/meson.build
@@ -30,7 +30,7 @@ drivers = [
         'igc',
         'ionic',
         'ipn3ke',
-        'ixgbe',
+	#        'ixgbe',
         'kni',
         'liquidio',
         'memif',
@@ -55,7 +55,7 @@ drivers = [
         'szedata2',
         'tap',
         'thunderx',
-        'txgbe',
+#        'txgbe',
         'vdev_netvsc',
         'vhost',
         'virtio',
-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH 3/3] cryptodev: rework session framework
  2021-09-30 14:50 [dpdk-dev] [PATCH 0/3] crypto/security session framework rework Akhil Goyal
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 1/3] security: rework session framework Akhil Goyal
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe Akhil Goyal
@ 2021-09-30 14:50 ` Akhil Goyal
  2021-10-01 15:53   ` Zhang, Roy Fan
  2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework Akhil Goyal
  3 siblings, 1 reply; 49+ messages in thread
From: Akhil Goyal @ 2021-09-30 14:50 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, Akhil Goyal

As per current design, rte_cryptodev_sym_session_create() and
rte_cryptodev_sym_session_init() use separate mempool objects
for a single session.
And structure rte_cryptodev_sym_session is not directly used
by the application, it may cause ABI breakage if the structure
is modified in future.

To address these two issues, the rte_cryptodev_sym_session_create
will take one mempool object for both the session and session
private data. The API rte_cryptodev_sym_session_init will now not
take mempool object.
rte_cryptodev_sym_session_create will now return an opaque session
pointer which will be used by the app in rte_cryptodev_sym_session_init
and other APIs.

With this change, rte_cryptodev_sym_session_init will send
pointer to session private data of corresponding driver to the PMD
based on the driver_id for filling the PMD data.

In data path, opaque session pointer is attached to rte_crypto_op
and the PMD can call an internal library API to get the session
private data pointer based on the driver id.

TODO:
- inline APIs for opaque data
- move rte_cryptodev_sym_session struct to cryptodev_pmd.h
- currently nb_drivers are getting updated in RTE_INIT which
result in increasing the memory requirements for session.
This will be moved to PMD probe so that memory is created
only for those PMDs which are probed and not just compiled in.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test-crypto-perf/cperf.h                  |   1 -
 app/test-crypto-perf/cperf_ops.c              |  33 ++---
 app/test-crypto-perf/cperf_ops.h              |   6 +-
 app/test-crypto-perf/cperf_test_latency.c     |   5 +-
 app/test-crypto-perf/cperf_test_latency.h     |   1 -
 .../cperf_test_pmd_cyclecount.c               |   5 +-
 .../cperf_test_pmd_cyclecount.h               |   1 -
 app/test-crypto-perf/cperf_test_throughput.c  |   5 +-
 app/test-crypto-perf/cperf_test_throughput.h  |   1 -
 app/test-crypto-perf/cperf_test_verify.c      |   5 +-
 app/test-crypto-perf/cperf_test_verify.h      |   1 -
 app/test-crypto-perf/main.c                   |  29 +---
 app/test/test_cryptodev.c                     | 130 +++++-------------
 app/test/test_cryptodev.h                     |   1 -
 app/test/test_cryptodev_asym.c                |   1 -
 app/test/test_cryptodev_blockcipher.c         |   6 +-
 app/test/test_event_crypto_adapter.c          |  28 +---
 app/test/test_ipsec.c                         |  22 +--
 drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c  |  33 +----
 .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  34 +----
 drivers/crypto/armv8/rte_armv8_pmd_ops.c      |  34 +----
 drivers/crypto/bcmfs/bcmfs_sym_session.c      |  36 +----
 drivers/crypto/bcmfs/bcmfs_sym_session.h      |   6 +-
 drivers/crypto/caam_jr/caam_jr.c              |  32 ++---
 drivers/crypto/ccp/ccp_pmd_ops.c              |  32 +----
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |  18 ++-
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |  18 +--
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c      |  61 +++-----
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h      |  13 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  29 +---
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  31 +----
 drivers/crypto/kasumi/rte_kasumi_pmd_ops.c    |  34 +----
 drivers/crypto/mlx5/mlx5_crypto.c             |  24 +---
 drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  36 ++---
 drivers/crypto/nitrox/nitrox_sym.c            |  31 +----
 drivers/crypto/null/null_crypto_pmd_ops.c     |  34 +----
 .../crypto/octeontx/otx_cryptodev_hw_access.h |   1 -
 drivers/crypto/octeontx/otx_cryptodev_ops.c   |  60 +++-----
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  52 +++----
 .../octeontx2/otx2_cryptodev_ops_helper.h     |  16 +--
 drivers/crypto/openssl/rte_openssl_pmd_ops.c  |  35 +----
 drivers/crypto/qat/qat_sym_session.c          |  29 +---
 drivers/crypto/qat/qat_sym_session.h          |   6 +-
 drivers/crypto/scheduler/scheduler_pmd_ops.c  |   9 +-
 drivers/crypto/snow3g/rte_snow3g_pmd_ops.c    |  34 +----
 drivers/crypto/virtio/virtio_cryptodev.c      |  31 ++---
 drivers/crypto/zuc/rte_zuc_pmd_ops.c          |  35 +----
 .../octeontx2/otx2_evdev_crypto_adptr_rx.h    |   3 +-
 examples/fips_validation/fips_dev_self_test.c |  32 ++---
 examples/fips_validation/main.c               |  20 +--
 examples/ipsec-secgw/ipsec-secgw.c            |  72 +++++-----
 examples/ipsec-secgw/ipsec.c                  |   3 +-
 examples/ipsec-secgw/ipsec.h                  |   1 -
 examples/ipsec-secgw/ipsec_worker.c           |   4 -
 examples/l2fwd-crypto/main.c                  |  41 +-----
 examples/vhost_crypto/main.c                  |  16 +--
 lib/cryptodev/cryptodev_pmd.h                 |   7 +-
 lib/cryptodev/rte_crypto.h                    |   2 +-
 lib/cryptodev/rte_crypto_sym.h                |   2 +-
 lib/cryptodev/rte_cryptodev.c                 |  73 ++++++----
 lib/cryptodev/rte_cryptodev.h                 |  23 ++--
 lib/cryptodev/rte_cryptodev_trace.h           |   5 +-
 lib/pipeline/rte_table_action.c               |   8 +-
 lib/pipeline/rte_table_action.h               |   2 +-
 lib/vhost/rte_vhost_crypto.h                  |   3 -
 lib/vhost/vhost_crypto.c                      |   7 +-
 66 files changed, 399 insertions(+), 1050 deletions(-)

diff --git a/app/test-crypto-perf/cperf.h b/app/test-crypto-perf/cperf.h
index 2b0aad095c..db58228dce 100644
--- a/app/test-crypto-perf/cperf.h
+++ b/app/test-crypto-perf/cperf.h
@@ -15,7 +15,6 @@ struct cperf_op_fns;
 
 typedef void  *(*cperf_constructor_t)(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 1b3cbe77b9..f094bc656d 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -12,7 +12,7 @@ static int
 cperf_set_ops_asym(struct rte_crypto_op **ops,
 		   uint32_t src_buf_offset __rte_unused,
 		   uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
-		   struct rte_cryptodev_sym_session *sess,
+		   void *sess,
 		   const struct cperf_options *options __rte_unused,
 		   const struct cperf_test_vector *test_vector __rte_unused,
 		   uint16_t iv_offset __rte_unused,
@@ -40,7 +40,7 @@ static int
 cperf_set_ops_security(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset __rte_unused,
 		uint32_t dst_buf_offset __rte_unused,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options __rte_unused,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
@@ -106,7 +106,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
@@ -145,7 +145,7 @@ cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_null_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
@@ -184,7 +184,7 @@ cperf_set_ops_null_auth(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_cipher(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx)
@@ -240,7 +240,7 @@ cperf_set_ops_cipher(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx)
@@ -340,7 +340,7 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx)
@@ -455,7 +455,7 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_aead(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx)
@@ -563,9 +563,8 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 	return 0;
 }
 
-static struct rte_cryptodev_sym_session *
+static void *
 cperf_create_session(struct rte_mempool *sess_mp,
-	struct rte_mempool *priv_mp,
 	uint8_t dev_id,
 	const struct cperf_options *options,
 	const struct cperf_test_vector *test_vector,
@@ -590,7 +589,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 		if (sess == NULL)
 			return NULL;
 		rc = rte_cryptodev_asym_session_init(dev_id, (void *)sess,
-						     &xform, priv_mp);
+						     &xform, sess_mp);
 		if (rc < 0) {
 			if (sess != NULL) {
 				rte_cryptodev_asym_session_clear(dev_id,
@@ -742,8 +741,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 			cipher_xform.cipher.iv.length = 0;
 		}
 		/* create crypto session */
-		rte_cryptodev_sym_session_init(dev_id, sess, &cipher_xform,
-				priv_mp);
+		rte_cryptodev_sym_session_init(dev_id, sess, &cipher_xform);
 	/*
 	 *  auth only
 	 */
@@ -770,8 +768,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 			auth_xform.auth.iv.length = 0;
 		}
 		/* create crypto session */
-		rte_cryptodev_sym_session_init(dev_id, sess, &auth_xform,
-				priv_mp);
+		rte_cryptodev_sym_session_init(dev_id, sess, &auth_xform);
 	/*
 	 * cipher and auth
 	 */
@@ -830,12 +827,12 @@ cperf_create_session(struct rte_mempool *sess_mp,
 			cipher_xform.next = &auth_xform;
 			/* create crypto session */
 			rte_cryptodev_sym_session_init(dev_id,
-					sess, &cipher_xform, priv_mp);
+					sess, &cipher_xform);
 		} else { /* auth then cipher */
 			auth_xform.next = &cipher_xform;
 			/* create crypto session */
 			rte_cryptodev_sym_session_init(dev_id,
-					sess, &auth_xform, priv_mp);
+					sess, &auth_xform);
 		}
 	} else { /* options->op_type == CPERF_AEAD */
 		aead_xform.type = RTE_CRYPTO_SYM_XFORM_AEAD;
@@ -856,7 +853,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 
 		/* Create crypto session */
 		rte_cryptodev_sym_session_init(dev_id,
-					sess, &aead_xform, priv_mp);
+					sess, &aead_xform);
 	}
 
 	return sess;
diff --git a/app/test-crypto-perf/cperf_ops.h b/app/test-crypto-perf/cperf_ops.h
index ff125d12cd..3ff10491a0 100644
--- a/app/test-crypto-perf/cperf_ops.h
+++ b/app/test-crypto-perf/cperf_ops.h
@@ -12,15 +12,15 @@
 #include "cperf_test_vectors.h"
 
 
-typedef struct rte_cryptodev_sym_session *(*cperf_sessions_create_t)(
-		struct rte_mempool *sess_mp, struct rte_mempool *sess_priv_mp,
+typedef void *(*cperf_sessions_create_t)(
+		struct rte_mempool *sess_mp,
 		uint8_t dev_id, const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset);
 
 typedef int (*cperf_populate_ops_t)(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx);
diff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c
index 159fe8492b..4193f7e777 100644
--- a/app/test-crypto-perf/cperf_test_latency.c
+++ b/app/test-crypto-perf/cperf_test_latency.c
@@ -24,7 +24,7 @@ struct cperf_latency_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
@@ -59,7 +59,6 @@ cperf_latency_test_free(struct cperf_latency_ctx *ctx)
 
 void *
 cperf_latency_test_constructor(struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id, uint16_t qp_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -84,7 +83,7 @@ cperf_latency_test_constructor(struct rte_mempool *sess_mp,
 		sizeof(struct rte_crypto_sym_op) +
 		sizeof(struct cperf_op_result *);
 
-	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
 			test_vector, iv_offset);
 	if (ctx->sess == NULL)
 		goto err;
diff --git a/app/test-crypto-perf/cperf_test_latency.h b/app/test-crypto-perf/cperf_test_latency.h
index ed5b0a07bb..d3fc3218d7 100644
--- a/app/test-crypto-perf/cperf_test_latency.h
+++ b/app/test-crypto-perf/cperf_test_latency.h
@@ -17,7 +17,6 @@
 void *
 cperf_latency_test_constructor(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
index cbbbedd9ba..3dd489376f 100644
--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
@@ -27,7 +27,7 @@ struct cperf_pmd_cyclecount_ctx {
 	struct rte_crypto_op **ops;
 	struct rte_crypto_op **ops_processed;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
@@ -93,7 +93,6 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)
 
 void *
 cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id, uint16_t qp_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -120,7 +119,7 @@ cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,
 	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
 			sizeof(struct rte_crypto_sym_op);
 
-	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
 			test_vector, iv_offset);
 	if (ctx->sess == NULL)
 		goto err;
diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h b/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
index 3084038a18..beb4419910 100644
--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
@@ -18,7 +18,6 @@
 void *
 cperf_pmd_cyclecount_test_constructor(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c
index 76fcda47ff..dc5c48b4da 100644
--- a/app/test-crypto-perf/cperf_test_throughput.c
+++ b/app/test-crypto-perf/cperf_test_throughput.c
@@ -18,7 +18,7 @@ struct cperf_throughput_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
@@ -64,7 +64,6 @@ cperf_throughput_test_free(struct cperf_throughput_ctx *ctx)
 
 void *
 cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id, uint16_t qp_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -87,7 +86,7 @@ cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
 	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
 		sizeof(struct rte_crypto_sym_op);
 
-	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
 			test_vector, iv_offset);
 	if (ctx->sess == NULL)
 		goto err;
diff --git a/app/test-crypto-perf/cperf_test_throughput.h b/app/test-crypto-perf/cperf_test_throughput.h
index 91e1a4b708..439ec8e559 100644
--- a/app/test-crypto-perf/cperf_test_throughput.h
+++ b/app/test-crypto-perf/cperf_test_throughput.h
@@ -18,7 +18,6 @@
 void *
 cperf_throughput_test_constructor(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c
index 2939aeaa93..cf561dd700 100644
--- a/app/test-crypto-perf/cperf_test_verify.c
+++ b/app/test-crypto-perf/cperf_test_verify.c
@@ -18,7 +18,7 @@ struct cperf_verify_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
@@ -51,7 +51,6 @@ cperf_verify_test_free(struct cperf_verify_ctx *ctx)
 
 void *
 cperf_verify_test_constructor(struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id, uint16_t qp_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -74,7 +73,7 @@ cperf_verify_test_constructor(struct rte_mempool *sess_mp,
 	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
 		sizeof(struct rte_crypto_sym_op);
 
-	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
 			test_vector, iv_offset);
 	if (ctx->sess == NULL)
 		goto err;
diff --git a/app/test-crypto-perf/cperf_test_verify.h b/app/test-crypto-perf/cperf_test_verify.h
index ac2192ba99..9f70ad87ba 100644
--- a/app/test-crypto-perf/cperf_test_verify.h
+++ b/app/test-crypto-perf/cperf_test_verify.h
@@ -18,7 +18,6 @@
 void *
 cperf_verify_test_constructor(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c
index 390380898e..c3327b7e55 100644
--- a/app/test-crypto-perf/main.c
+++ b/app/test-crypto-perf/main.c
@@ -118,35 +118,14 @@ fill_session_pool_socket(int32_t socket_id, uint32_t session_priv_size,
 	char mp_name[RTE_MEMPOOL_NAMESIZE];
 	struct rte_mempool *sess_mp;
 
-	if (session_pool_socket[socket_id].priv_mp == NULL) {
-		snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
-			"priv_sess_mp_%u", socket_id);
-
-		sess_mp = rte_mempool_create(mp_name,
-					nb_sessions,
-					session_priv_size,
-					0, 0, NULL, NULL, NULL,
-					NULL, socket_id,
-					0);
-
-		if (sess_mp == NULL) {
-			printf("Cannot create pool \"%s\" on socket %d\n",
-				mp_name, socket_id);
-			return -ENOMEM;
-		}
-
-		printf("Allocated pool \"%s\" on socket %d\n",
-			mp_name, socket_id);
-		session_pool_socket[socket_id].priv_mp = sess_mp;
-	}
-
 	if (session_pool_socket[socket_id].sess_mp == NULL) {
 
 		snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
 			"sess_mp_%u", socket_id);
 
 		sess_mp = rte_cryptodev_sym_session_pool_create(mp_name,
-					nb_sessions, 0, 0, 0, socket_id);
+					nb_sessions, session_priv_size,
+					0, 0, socket_id);
 
 		if (sess_mp == NULL) {
 			printf("Cannot create pool \"%s\" on socket %d\n",
@@ -344,12 +323,9 @@ cperf_initialize_cryptodev(struct cperf_options *opts, uint8_t *enabled_cdevs)
 			return ret;
 
 		qp_conf.mp_session = session_pool_socket[socket_id].sess_mp;
-		qp_conf.mp_session_private =
-				session_pool_socket[socket_id].priv_mp;
 
 		if (opts->op_type == CPERF_ASYM_MODEX) {
 			qp_conf.mp_session = NULL;
-			qp_conf.mp_session_private = NULL;
 		}
 
 		ret = rte_cryptodev_configure(cdev_id, &conf);
@@ -704,7 +680,6 @@ main(int argc, char **argv)
 
 		ctx[i] = cperf_testmap[opts.test].constructor(
 				session_pool_socket[socket_id].sess_mp,
-				session_pool_socket[socket_id].priv_mp,
 				cdev_id, qp_id,
 				&opts, t_vec, &op_fns);
 		if (ctx[i] == NULL) {
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 82f819211a..e5c7930c63 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -79,7 +79,7 @@ struct crypto_unittest_params {
 #endif
 
 	union {
-		struct rte_cryptodev_sym_session *sess;
+		void *sess;
 #ifdef RTE_LIB_SECURITY
 		void *sec_session;
 #endif
@@ -119,7 +119,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 		uint8_t *hmac_key);
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_param,
 		const uint8_t *cipher,
@@ -596,23 +596,11 @@ testsuite_setup(void)
 	}
 
 	ts_params->session_mpool = rte_cryptodev_sym_session_pool_create(
-			"test_sess_mp", MAX_NB_SESSIONS, 0, 0, 0,
+			"test_sess_mp", MAX_NB_SESSIONS, session_size, 0, 0,
 			SOCKET_ID_ANY);
 	TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
 			"session mempool allocation failed");
 
-	ts_params->session_priv_mpool = rte_mempool_create(
-			"test_sess_mp_priv",
-			MAX_NB_SESSIONS,
-			session_size,
-			0, 0, NULL, NULL, NULL,
-			NULL, SOCKET_ID_ANY,
-			0);
-	TEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,
-			"session mempool allocation failed");
-
-
-
 	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,
 			&ts_params->conf),
 			"Failed to configure cryptodev %u with %u qps",
@@ -620,7 +608,6 @@ testsuite_setup(void)
 
 	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	ts_params->qp_conf.mp_session = ts_params->session_mpool;
-	ts_params->qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
 		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
@@ -650,11 +637,6 @@ testsuite_teardown(void)
 	}
 
 	/* Free session mempools */
-	if (ts_params->session_priv_mpool != NULL) {
-		rte_mempool_free(ts_params->session_priv_mpool);
-		ts_params->session_priv_mpool = NULL;
-	}
-
 	if (ts_params->session_mpool != NULL) {
 		rte_mempool_free(ts_params->session_mpool);
 		ts_params->session_mpool = NULL;
@@ -1330,7 +1312,6 @@ dev_configure_and_start(uint64_t ff_disable)
 	ts_params->conf.ff_disable = ff_disable;
 	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	ts_params->qp_conf.mp_session = ts_params->session_mpool;
-	ts_params->qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0],
 			&ts_params->conf),
@@ -1552,7 +1533,6 @@ test_queue_pair_descriptor_setup(void)
 	 */
 	qp_conf.nb_descriptors = MIN_NUM_OPS_INFLIGHT; /* min size*/
 	qp_conf.mp_session = ts_params->session_mpool;
-	qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) {
 		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
@@ -2146,8 +2126,7 @@ test_AES_CBC_HMAC_SHA1_encrypt_digest(void)
 
 	/* Create crypto session*/
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->cipher_xform);
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
 	/* Generate crypto op data structure */
@@ -2247,7 +2226,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 		uint8_t *hmac_key);
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_params,
 		const uint8_t *cipher,
@@ -2288,7 +2267,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_params,
 		const uint8_t *cipher,
@@ -2401,8 +2380,7 @@ create_wireless_algo_hash_session(uint8_t dev_id,
 			ts_params->session_mpool);
 
 	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->auth_xform);
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
 
@@ -2443,8 +2421,7 @@ create_wireless_algo_cipher_session(uint8_t dev_id,
 			ts_params->session_mpool);
 
 	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->cipher_xform);
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
 
@@ -2566,8 +2543,7 @@ create_wireless_algo_cipher_auth_session(uint8_t dev_id,
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
 	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->cipher_xform);
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
 
@@ -2629,8 +2605,7 @@ create_wireless_cipher_auth_session(uint8_t dev_id,
 			ts_params->session_mpool);
 
 	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->cipher_xform);
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
 
@@ -2699,13 +2674,11 @@ create_wireless_algo_auth_cipher_session(uint8_t dev_id,
 		ut_params->auth_xform.next = NULL;
 		ut_params->cipher_xform.next = &ut_params->auth_xform;
 		status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-				&ut_params->cipher_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->cipher_xform);
 
 	} else
 		status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-				&ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->auth_xform);
 
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
@@ -7838,8 +7811,7 @@ create_aead_session(uint8_t dev_id, enum rte_crypto_aead_algorithm algo,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->aead_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->aead_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -10992,8 +10964,7 @@ static int MD5_HMAC_create_session(struct crypto_testsuite_params *ts_params,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->auth_xform);
 
 	if (ut_params->sess == NULL)
 		return TEST_FAILED;
@@ -11206,7 +11177,7 @@ test_multi_session(void)
 	struct crypto_unittest_params *ut_params = &unittest_params;
 
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session **sessions;
+	void **sessions;
 
 	uint16_t i;
 
@@ -11229,9 +11200,7 @@ test_multi_session(void)
 
 	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
-	sessions = rte_malloc(NULL,
-			sizeof(struct rte_cryptodev_sym_session *) *
-			(MAX_NB_SESSIONS + 1), 0);
+	sessions = rte_malloc(NULL, sizeof(void *) * (MAX_NB_SESSIONS + 1), 0);
 
 	/* Create multiple crypto sessions*/
 	for (i = 0; i < MAX_NB_SESSIONS; i++) {
@@ -11240,8 +11209,7 @@ test_multi_session(void)
 				ts_params->session_mpool);
 
 		rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-				sessions[i], &ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				sessions[i], &ut_params->auth_xform);
 		TEST_ASSERT_NOT_NULL(sessions[i],
 				"Session creation failed at session number %u",
 				i);
@@ -11279,8 +11247,7 @@ test_multi_session(void)
 	sessions[i] = NULL;
 	/* Next session create should fail */
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			sessions[i], &ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			sessions[i], &ut_params->auth_xform);
 	TEST_ASSERT_NULL(sessions[i],
 			"Session creation succeeded unexpectedly!");
 
@@ -11311,7 +11278,7 @@ test_multi_session_random_usage(void)
 {
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session **sessions;
+	void **sessions;
 	uint32_t i, j;
 	struct multi_session_params ut_paramz[] = {
 
@@ -11355,8 +11322,7 @@ test_multi_session_random_usage(void)
 	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
 	sessions = rte_malloc(NULL,
-			(sizeof(struct rte_cryptodev_sym_session *)
-					* MAX_NB_SESSIONS) + 1, 0);
+			(sizeof(void *) * MAX_NB_SESSIONS) + 1, 0);
 
 	for (i = 0; i < MB_SESSION_NUMBER; i++) {
 		sessions[i] = rte_cryptodev_sym_session_create(
@@ -11373,8 +11339,7 @@ test_multi_session_random_usage(void)
 		rte_cryptodev_sym_session_init(
 				ts_params->valid_devs[0],
 				sessions[i],
-				&ut_paramz[i].ut_params.auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_paramz[i].ut_params.auth_xform);
 
 		TEST_ASSERT_NOT_NULL(sessions[i],
 				"Session creation failed at session number %u",
@@ -11457,8 +11422,7 @@ test_null_invalid_operation(void)
 
 	/* Create Crypto session*/
 	ret = rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->cipher_xform);
 	TEST_ASSERT(ret < 0,
 			"Session creation succeeded unexpectedly");
 
@@ -11475,8 +11439,7 @@ test_null_invalid_operation(void)
 
 	/* Create Crypto session*/
 	ret = rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->auth_xform);
 	TEST_ASSERT(ret < 0,
 			"Session creation succeeded unexpectedly");
 
@@ -11521,8 +11484,7 @@ test_null_burst_operation(void)
 
 	/* Create Crypto session*/
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->cipher_xform);
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
 	TEST_ASSERT_EQUAL(rte_crypto_op_bulk_alloc(ts_params->op_mpool,
@@ -11634,7 +11596,6 @@ test_enq_callback_setup(void)
 
 	qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	qp_conf.mp_session = ts_params->session_mpool;
-	qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
 			ts_params->valid_devs[0], qp_id, &qp_conf,
@@ -11734,7 +11695,6 @@ test_deq_callback_setup(void)
 
 	qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	qp_conf.mp_session = ts_params->session_mpool;
-	qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
 			ts_params->valid_devs[0], qp_id, &qp_conf,
@@ -11943,8 +11903,7 @@ static int create_gmac_session(uint8_t dev_id,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->auth_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -12588,8 +12547,7 @@ create_auth_session(struct crypto_unittest_params *ut_params,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-				&ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->auth_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -12641,8 +12599,7 @@ create_auth_cipher_session(struct crypto_unittest_params *ut_params,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-				&ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->auth_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -13149,8 +13106,7 @@ test_authenticated_encrypt_with_esn(
 
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
 				ut_params->sess,
-				&ut_params->cipher_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->cipher_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -13281,8 +13237,7 @@ test_authenticated_decrypt_with_esn(
 
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
 				ut_params->sess,
-				&ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->auth_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -14003,11 +13958,6 @@ test_scheduler_attach_worker_op(void)
 			rte_mempool_free(ts_params->session_mpool);
 			ts_params->session_mpool = NULL;
 		}
-		if (ts_params->session_priv_mpool) {
-			rte_mempool_free(ts_params->session_priv_mpool);
-			ts_params->session_priv_mpool = NULL;
-		}
-
 		if (info.sym.max_nb_sessions != 0 &&
 				info.sym.max_nb_sessions < MAX_NB_SESSIONS) {
 			RTE_LOG(ERR, USER1,
@@ -14024,32 +13974,14 @@ test_scheduler_attach_worker_op(void)
 			ts_params->session_mpool =
 				rte_cryptodev_sym_session_pool_create(
 						"test_sess_mp",
-						MAX_NB_SESSIONS, 0, 0, 0,
+						MAX_NB_SESSIONS,
+						session_size, 0, 0,
 						SOCKET_ID_ANY);
 			TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
 					"session mempool allocation failed");
 		}
 
-		/*
-		 * Create mempool with maximum number of sessions,
-		 * to include device specific session private data
-		 */
-		if (ts_params->session_priv_mpool == NULL) {
-			ts_params->session_priv_mpool = rte_mempool_create(
-					"test_sess_mp_priv",
-					MAX_NB_SESSIONS,
-					session_size,
-					0, 0, NULL, NULL, NULL,
-					NULL, SOCKET_ID_ANY,
-					0);
-
-			TEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,
-					"session mempool allocation failed");
-		}
-
 		ts_params->qp_conf.mp_session = ts_params->session_mpool;
-		ts_params->qp_conf.mp_session_private =
-				ts_params->session_priv_mpool;
 
 		ret = rte_cryptodev_scheduler_worker_attach(sched_id,
 				(uint8_t)i);
diff --git a/app/test/test_cryptodev.h b/app/test/test_cryptodev.h
index 1cdd84d01f..a3a10d484b 100644
--- a/app/test/test_cryptodev.h
+++ b/app/test/test_cryptodev.h
@@ -89,7 +89,6 @@ struct crypto_testsuite_params {
 	struct rte_mempool *large_mbuf_pool;
 	struct rte_mempool *op_mpool;
 	struct rte_mempool *session_mpool;
-	struct rte_mempool *session_priv_mpool;
 	struct rte_cryptodev_config conf;
 	struct rte_cryptodev_qp_conf qp_conf;
 
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 9d19a6d6d9..35da574da8 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -924,7 +924,6 @@ testsuite_setup(void)
 	/* configure qp */
 	ts_params->qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;
 	ts_params->qp_conf.mp_session = ts_params->session_mpool;
-	ts_params->qp_conf.mp_session_private = ts_params->session_mpool;
 	for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
 		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
 			dev_id, qp_id, &ts_params->qp_conf,
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 3cdb2c96e8..9417803f18 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -68,7 +68,6 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 	struct rte_mempool *mbuf_pool,
 	struct rte_mempool *op_mpool,
 	struct rte_mempool *sess_mpool,
-	struct rte_mempool *sess_priv_mpool,
 	uint8_t dev_id,
 	char *test_msg)
 {
@@ -81,7 +80,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 	struct rte_crypto_sym_op *sym_op = NULL;
 	struct rte_crypto_op *op = NULL;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session *sess = NULL;
+	void *sess = NULL;
 
 	int status = TEST_SUCCESS;
 	const struct blockcipher_test_data *tdata = t->test_data;
@@ -514,7 +513,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 		sess = rte_cryptodev_sym_session_create(sess_mpool);
 
 		status = rte_cryptodev_sym_session_init(dev_id, sess,
-				init_xform, sess_priv_mpool);
+				init_xform);
 		if (status == -ENOTSUP) {
 			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "UNSUPPORTED");
 			status = TEST_SKIPPED;
@@ -831,7 +830,6 @@ blockcipher_test_case_run(const void *data)
 			p_testsuite_params->mbuf_pool,
 			p_testsuite_params->op_mpool,
 			p_testsuite_params->session_mpool,
-			p_testsuite_params->session_priv_mpool,
 			p_testsuite_params->valid_devs[0],
 			test_msg);
 	return status;
diff --git a/app/test/test_event_crypto_adapter.c b/app/test/test_event_crypto_adapter.c
index 3ad20921e2..59229a1cde 100644
--- a/app/test/test_event_crypto_adapter.c
+++ b/app/test/test_event_crypto_adapter.c
@@ -61,7 +61,6 @@ struct event_crypto_adapter_test_params {
 	struct rte_mempool *mbuf_pool;
 	struct rte_mempool *op_mpool;
 	struct rte_mempool *session_mpool;
-	struct rte_mempool *session_priv_mpool;
 	struct rte_cryptodev_config *config;
 	uint8_t crypto_event_port_id;
 	uint8_t internal_port_op_fwd;
@@ -167,7 +166,7 @@ static int
 test_op_forward_mode(uint8_t session_less)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	union rte_event_crypto_metadata m_data;
 	struct rte_crypto_sym_op *sym_op;
 	struct rte_crypto_op *op;
@@ -203,7 +202,7 @@ test_op_forward_mode(uint8_t session_less)
 
 		/* Create Crypto session*/
 		ret = rte_cryptodev_sym_session_init(TEST_CDEV_ID, sess,
-				&cipher_xform, params.session_priv_mpool);
+				&cipher_xform);
 		TEST_ASSERT_SUCCESS(ret, "Failed to init session\n");
 
 		ret = rte_event_crypto_adapter_caps_get(evdev, TEST_CDEV_ID,
@@ -367,7 +366,7 @@ static int
 test_op_new_mode(uint8_t session_less)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	union rte_event_crypto_metadata m_data;
 	struct rte_crypto_sym_op *sym_op;
 	struct rte_crypto_op *op;
@@ -411,7 +410,7 @@ test_op_new_mode(uint8_t session_less)
 						&m_data, sizeof(m_data));
 		}
 		ret = rte_cryptodev_sym_session_init(TEST_CDEV_ID, sess,
-				&cipher_xform, params.session_priv_mpool);
+				&cipher_xform);
 		TEST_ASSERT_SUCCESS(ret, "Failed to init session\n");
 
 		rte_crypto_op_attach_sym_session(op, sess);
@@ -553,22 +552,12 @@ configure_cryptodev(void)
 
 	params.session_mpool = rte_cryptodev_sym_session_pool_create(
 			"CRYPTO_ADAPTER_SESSION_MP",
-			MAX_NB_SESSIONS, 0, 0,
+			MAX_NB_SESSIONS, session_size, 0,
 			sizeof(union rte_event_crypto_metadata),
 			SOCKET_ID_ANY);
 	TEST_ASSERT_NOT_NULL(params.session_mpool,
 			"session mempool allocation failed\n");
 
-	params.session_priv_mpool = rte_mempool_create(
-				"CRYPTO_AD_SESS_MP_PRIV",
-				MAX_NB_SESSIONS,
-				session_size,
-				0, 0, NULL, NULL, NULL,
-				NULL, SOCKET_ID_ANY,
-				0);
-	TEST_ASSERT_NOT_NULL(params.session_priv_mpool,
-			"session mempool allocation failed\n");
-
 	rte_cryptodev_info_get(TEST_CDEV_ID, &info);
 	conf.nb_queue_pairs = info.max_nb_queue_pairs;
 	conf.socket_id = SOCKET_ID_ANY;
@@ -580,7 +569,6 @@ configure_cryptodev(void)
 
 	qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;
 	qp_conf.mp_session = params.session_mpool;
-	qp_conf.mp_session_private = params.session_priv_mpool;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
 			TEST_CDEV_ID, TEST_CDEV_QP_ID, &qp_conf,
@@ -934,12 +922,6 @@ crypto_teardown(void)
 		rte_mempool_free(params.session_mpool);
 		params.session_mpool = NULL;
 	}
-	if (params.session_priv_mpool != NULL) {
-		rte_mempool_avail_count(params.session_priv_mpool);
-		rte_mempool_free(params.session_priv_mpool);
-		params.session_priv_mpool = NULL;
-	}
-
 	/* Free ops mempool */
 	if (params.op_mpool != NULL) {
 		RTE_LOG(DEBUG, USER1, "EVENT_CRYPTO_SYM_OP_POOL count %u\n",
diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
index 2ffa2a8e79..134545efe1 100644
--- a/app/test/test_ipsec.c
+++ b/app/test/test_ipsec.c
@@ -355,20 +355,9 @@ testsuite_setup(void)
 		return TEST_FAILED;
 	}
 
-	ts_params->qp_conf.mp_session_private = rte_mempool_create(
-				"test_priv_sess_mp",
-				MAX_NB_SESSIONS,
-				sess_sz,
-				0, 0, NULL, NULL, NULL,
-				NULL, SOCKET_ID_ANY,
-				0);
-
-	TEST_ASSERT_NOT_NULL(ts_params->qp_conf.mp_session_private,
-			"private session mempool allocation failed");
-
 	ts_params->qp_conf.mp_session =
 		rte_cryptodev_sym_session_pool_create("test_sess_mp",
-			MAX_NB_SESSIONS, 0, 0, 0, SOCKET_ID_ANY);
+			MAX_NB_SESSIONS, sess_sz, 0, 0, SOCKET_ID_ANY);
 
 	TEST_ASSERT_NOT_NULL(ts_params->qp_conf.mp_session,
 			"session mempool allocation failed");
@@ -413,11 +402,6 @@ testsuite_teardown(void)
 		rte_mempool_free(ts_params->qp_conf.mp_session);
 		ts_params->qp_conf.mp_session = NULL;
 	}
-
-	if (ts_params->qp_conf.mp_session_private != NULL) {
-		rte_mempool_free(ts_params->qp_conf.mp_session_private);
-		ts_params->qp_conf.mp_session_private = NULL;
-	}
 }
 
 static int
@@ -644,7 +628,7 @@ create_crypto_session(struct ipsec_unitest_params *ut,
 	struct rte_cryptodev_qp_conf *qp, uint8_t dev_id, uint32_t j)
 {
 	int32_t rc;
-	struct rte_cryptodev_sym_session *s;
+	void *s;
 
 	s = rte_cryptodev_sym_session_create(qp->mp_session);
 	if (s == NULL)
@@ -652,7 +636,7 @@ create_crypto_session(struct ipsec_unitest_params *ut,
 
 	/* initiliaze SA crypto session for device */
 	rc = rte_cryptodev_sym_session_init(dev_id, s,
-			ut->crypto_xforms, qp->mp_session_private);
+			ut->crypto_xforms);
 	if (rc == 0) {
 		ut->ss[j].crypto.ses = s;
 		return 0;
diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
index edb7275e76..75330292af 100644
--- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
+++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
@@ -235,7 +235,6 @@ aesni_gcm_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 		goto qp_setup_cleanup;
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -259,10 +258,8 @@ aesni_gcm_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 aesni_gcm_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 	struct aesni_gcm_private *internals = dev->data->dev_private;
 
@@ -271,42 +268,24 @@ aesni_gcm_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		AESNI_GCM_LOG(ERR,
-				"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
 	ret = aesni_gcm_set_session_parameters(internals->ops,
-				sess_private_data, xform);
+				sess, xform);
 	if (ret != 0) {
 		AESNI_GCM_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-aesni_gcm_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+aesni_gcm_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct aesni_gcm_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct aesni_gcm_session));
 }
 
 struct rte_cryptodev_ops aesni_gcm_pmd_ops = {
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 39c67e3952..efdc05c45f 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -944,7 +944,6 @@ aesni_mb_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->stats, 0, sizeof(qp->stats));
 
@@ -974,11 +973,8 @@ aesni_mb_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 /** Configure a aesni multi-buffer session from a crypto xform chain */
 static int
 aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,
-		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		struct rte_crypto_sym_xform *xform, void *sess)
 {
-	void *sess_private_data;
 	struct aesni_mb_private *internals = dev->data->dev_private;
 	int ret;
 
@@ -987,43 +983,25 @@ aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		AESNI_MB_LOG(ERR,
-				"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = aesni_mb_set_session_parameters(internals->mb_mgr,
-			sess_private_data, xform);
+			sess, xform);
 	if (ret != 0) {
 		AESNI_MB_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
+	RTE_SET_USED(dev);
 
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct aesni_mb_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct aesni_mb_session));
 }
 
 struct rte_cryptodev_ops aesni_mb_pmd_ops = {
diff --git a/drivers/crypto/armv8/rte_armv8_pmd_ops.c b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
index 1b2749fe62..2d3b54b063 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd_ops.c
+++ b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
@@ -244,7 +244,6 @@ armv8_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 		goto qp_setup_cleanup;
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->stats, 0, sizeof(qp->stats));
 
@@ -268,10 +267,8 @@ armv8_crypto_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 armv8_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -279,42 +276,23 @@ armv8_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CDEV_LOG_ERR(
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = armv8_crypto_set_session_parameters(sess_private_data, xform);
+	ret = armv8_crypto_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		ARMV8_CRYPTO_LOG_ERR("failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-armv8_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+armv8_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct armv8_crypto_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct armv8_crypto_session));
 }
 
 struct rte_cryptodev_ops armv8_crypto_pmd_ops = {
diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.c b/drivers/crypto/bcmfs/bcmfs_sym_session.c
index 675ed0ad55..b4b167d0c2 100644
--- a/drivers/crypto/bcmfs/bcmfs_sym_session.c
+++ b/drivers/crypto/bcmfs/bcmfs_sym_session.c
@@ -224,10 +224,9 @@ bcmfs_sym_get_session(struct rte_crypto_op *op)
 int
 bcmfs_sym_session_configure(struct rte_cryptodev *dev,
 			    struct rte_crypto_sym_xform *xform,
-			    struct rte_cryptodev_sym_session *sess,
-			    struct rte_mempool *mempool)
+			    void *sess)
 {
-	void *sess_private_data;
+	RTE_SET_USED(dev);
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -235,44 +234,23 @@ bcmfs_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		BCMFS_DP_LOG(ERR,
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = crypto_set_session_parameters(sess_private_data, xform);
+	ret = crypto_set_session_parameters(sess, xform);
 
 	if (ret != 0) {
 		BCMFS_DP_LOG(ERR, "Failed configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-				     sess_private_data);
-
 	return 0;
 }
 
 /* Clear the memory of session so it doesn't leave key material behind */
 void
-bcmfs_sym_session_clear(struct rte_cryptodev *dev,
-			struct rte_cryptodev_sym_session  *sess)
+bcmfs_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
-	if (sess_priv) {
-		struct rte_mempool *sess_mp;
-
-		memset(sess_priv, 0, sizeof(struct bcmfs_sym_session));
-		sess_mp = rte_mempool_from_obj(sess_priv);
-
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	RTE_SET_USED(dev);
+	if (sess)
+		memset(sess, 0, sizeof(struct bcmfs_sym_session));
 }
 
 unsigned int
diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.h b/drivers/crypto/bcmfs/bcmfs_sym_session.h
index d40595b4bd..7faafe2fd5 100644
--- a/drivers/crypto/bcmfs/bcmfs_sym_session.h
+++ b/drivers/crypto/bcmfs/bcmfs_sym_session.h
@@ -93,12 +93,10 @@ bcmfs_process_crypto_op(struct rte_crypto_op *op,
 int
 bcmfs_sym_session_configure(struct rte_cryptodev *dev,
 			    struct rte_crypto_sym_xform *xform,
-			    struct rte_cryptodev_sym_session *sess,
-			    struct rte_mempool *mempool);
+			    void *sess);
 
 void
-bcmfs_sym_session_clear(struct rte_cryptodev *dev,
-			struct rte_cryptodev_sym_session  *sess);
+bcmfs_sym_session_clear(struct rte_cryptodev *dev, void *sess);
 
 unsigned int
 bcmfs_sym_session_get_private_size(struct rte_cryptodev *dev __rte_unused);
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index ce7a100778..8a04820fa6 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -1692,52 +1692,36 @@ caam_jr_set_session_parameters(struct rte_cryptodev *dev,
 static int
 caam_jr_sym_session_configure(struct rte_cryptodev *dev,
 			      struct rte_crypto_sym_xform *xform,
-			      struct rte_cryptodev_sym_session *sess,
-			      struct rte_mempool *mempool)
+			      void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	PMD_INIT_FUNC_TRACE();
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CAAM_JR_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
-	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
+	memset(sess, 0, sizeof(struct caam_jr_session));
+	ret = caam_jr_set_session_parameters(dev, xform, sess);
 	if (ret != 0) {
 		CAAM_JR_ERR("failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
-
 	return 0;
 }
 
 /* Clear the memory of session so it doesn't leave key material behind */
 static void
-caam_jr_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+caam_jr_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+	RTE_SET_USED(dev);
+
+	struct caam_jr_session *s = (struct caam_jr_session *)sess;
 
 	PMD_INIT_FUNC_TRACE();
 
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
+	if (sess) {
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 		memset(s, 0, sizeof(struct caam_jr_session));
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 }
 
diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c
index 0d615d311c..cac1268130 100644
--- a/drivers/crypto/ccp/ccp_pmd_ops.c
+++ b/drivers/crypto/ccp/ccp_pmd_ops.c
@@ -727,7 +727,6 @@ ccp_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	/* mempool for batch info */
 	qp->batch_mp = rte_mempool_create(
@@ -758,11 +757,9 @@ ccp_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 ccp_pmd_sym_session_configure(struct rte_cryptodev *dev,
 			  struct rte_crypto_sym_xform *xform,
-			  struct rte_cryptodev_sym_session *sess,
-			  struct rte_mempool *mempool)
+			  void *sess)
 {
 	int ret;
-	void *sess_private_data;
 	struct ccp_private *internals;
 
 	if (unlikely(sess == NULL || xform == NULL)) {
@@ -770,39 +767,22 @@ ccp_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CCP_LOG_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
 	internals = (struct ccp_private *)dev->data->dev_private;
-	ret = ccp_set_session_parameters(sess_private_data, xform, internals);
+	ret = ccp_set_session_parameters(sess, xform, internals);
 	if (ret != 0) {
 		CCP_LOG_ERR("failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
-	set_sym_session_private_data(sess, dev->driver_id,
-				 sess_private_data);
 
 	return 0;
 }
 
 static void
-ccp_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		      struct rte_cryptodev_sym_session *sess)
+ccp_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
-		rte_mempool_put(sess_mp, sess_priv);
-		memset(sess_priv, 0, sizeof(struct ccp_session));
-		set_sym_session_private_data(sess, index, NULL);
-	}
+	RTE_SET_USED(dev);
+	if (sess)
+		memset(sess, 0, sizeof(struct ccp_session));
 }
 
 struct rte_cryptodev_ops ccp_ops = {
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 99968cc353..50cae5e3d6 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -32,17 +32,18 @@ cn10k_cpt_sym_temp_sess_create(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op)
 	if (sess == NULL)
 		return NULL;
 
-	ret = sym_session_configure(qp->lf.roc_cpt, driver_id, sym_op->xform,
-				    sess, qp->sess_mp_priv);
+	sess->sess_data[driver_id].data =
+			(void *)((uint8_t *)sess +
+			rte_cryptodev_sym_get_header_session_size() +
+			(driver_id * sess->priv_sz));
+	priv = get_sym_session_private_data(sess, driver_id);
+	ret = sym_session_configure(qp->lf.roc_cpt, sym_op->xform, (void *)priv);
 	if (ret)
 		goto sess_put;
 
-	priv = get_sym_session_private_data(sess, driver_id);
-
 	sym_op->session = sess;
 
 	return priv;
-
 sess_put:
 	rte_mempool_put(qp->sess_mp, sess);
 	return NULL;
@@ -144,9 +145,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 			ret = cpt_sym_inst_fill(qp, op, sess, infl_req,
 						&inst[0]);
 			if (unlikely(ret)) {
-				sym_session_clear(cn10k_cryptodev_driver_id,
-						  op->sym->session);
-				rte_mempool_put(qp->sess_mp, op->sym->session);
+				sym_session_clear(op->sym->session);
 				return 0;
 			}
 			w7 = sess->cpt_inst_w7;
@@ -437,8 +436,7 @@ cn10k_cpt_dequeue_post_process(struct cnxk_cpt_qp *qp,
 temp_sess_free:
 	if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
 		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
-			sym_session_clear(cn10k_cryptodev_driver_id,
-					  cop->sym->session);
+			sym_session_clear(cop->sym->session);
 			sz = rte_cryptodev_sym_get_existing_header_session_size(
 				cop->sym->session);
 			memset(cop->sym->session, 0, sz);
diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
index 4c2dc5b080..5f83581131 100644
--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
@@ -81,17 +81,19 @@ cn9k_cpt_sym_temp_sess_create(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op)
 	if (sess == NULL)
 		return NULL;
 
-	ret = sym_session_configure(qp->lf.roc_cpt, driver_id, sym_op->xform,
-				    sess, qp->sess_mp_priv);
+	sess->sess_data[driver_id].data =
+			(void *)((uint8_t *)sess +
+			rte_cryptodev_sym_get_header_session_size() +
+			(driver_id * sess->priv_sz));
+	priv = get_sym_session_private_data(sess, driver_id);
+	ret = sym_session_configure(qp->lf.roc_cpt, sym_op->xform,
+			(void *)priv);
 	if (ret)
 		goto sess_put;
 
-	priv = get_sym_session_private_data(sess, driver_id);
-
 	sym_op->session = sess;
 
 	return priv;
-
 sess_put:
 	rte_mempool_put(qp->sess_mp, sess);
 	return NULL;
@@ -126,8 +128,7 @@ cn9k_cpt_inst_prep(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
 			ret = cn9k_cpt_sym_inst_fill(qp, op, sess, infl_req,
 						     inst);
 			if (unlikely(ret)) {
-				sym_session_clear(cn9k_cryptodev_driver_id,
-						  op->sym->session);
+				sym_session_clear(op->sym->session);
 				rte_mempool_put(qp->sess_mp, op->sym->session);
 			}
 			inst->w7.u64 = sess->cpt_inst_w7;
@@ -484,8 +485,7 @@ cn9k_cpt_dequeue_post_process(struct cnxk_cpt_qp *qp, struct rte_crypto_op *cop,
 temp_sess_free:
 	if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
 		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
-			sym_session_clear(cn9k_cryptodev_driver_id,
-					  cop->sym->session);
+			sym_session_clear(cop->sym->session);
 			sz = rte_cryptodev_sym_get_existing_header_session_size(
 				cop->sym->session);
 			memset(cop->sym->session, 0, sz);
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index 41d8fe49e1..52d9cf0cf3 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -379,7 +379,6 @@ cnxk_cpt_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = conf->mp_session;
-	qp->sess_mp_priv = conf->mp_session_private;
 	dev->data->queue_pairs[qp_id] = qp;
 
 	return 0;
@@ -493,27 +492,20 @@ cnxk_cpt_inst_w7_get(struct cnxk_se_sess *sess, struct roc_cpt *roc_cpt)
 }
 
 int
-sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
+sym_session_configure(struct roc_cpt *roc_cpt,
 		      struct rte_crypto_sym_xform *xform,
-		      struct rte_cryptodev_sym_session *sess,
-		      struct rte_mempool *pool)
+		      void *sess) 
 {
 	struct cnxk_se_sess *sess_priv;
-	void *priv;
 	int ret;
 
 	ret = sym_xform_verify(xform);
 	if (unlikely(ret < 0))
 		return ret;
 
-	if (unlikely(rte_mempool_get(pool, &priv))) {
-		plt_dp_err("Could not allocate session private data");
-		return -ENOMEM;
-	}
+	memset(sess, 0, sizeof(struct cnxk_se_sess));
 
-	memset(priv, 0, sizeof(struct cnxk_se_sess));
-
-	sess_priv = priv;
+	sess_priv = sess;
 
 	switch (ret) {
 	case CNXK_CPT_CIPHER:
@@ -547,7 +539,7 @@ sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
 	}
 
 	if (ret)
-		goto priv_put;
+		return -ENOTSUP;
 
 	if ((sess_priv->roc_se_ctx.fc_type == ROC_SE_HASH_HMAC) &&
 	    cpt_mac_len_verify(&xform->auth)) {
@@ -557,66 +549,45 @@ sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
 			sess_priv->roc_se_ctx.auth_key = NULL;
 		}
 
-		ret = -ENOTSUP;
-		goto priv_put;
+		return -ENOTSUP;
 	}
 
 	sess_priv->cpt_inst_w7 = cnxk_cpt_inst_w7_get(sess_priv, roc_cpt);
 
-	set_sym_session_private_data(sess, driver_id, sess_priv);
-
 	return 0;
-
-priv_put:
-	rte_mempool_put(pool, priv);
-
-	return -ENOTSUP;
 }
 
 int
 cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
 			       struct rte_crypto_sym_xform *xform,
-			       struct rte_cryptodev_sym_session *sess,
-			       struct rte_mempool *pool)
+			       void *sess)
 {
 	struct cnxk_cpt_vf *vf = dev->data->dev_private;
 	struct roc_cpt *roc_cpt = &vf->cpt;
-	uint8_t driver_id;
 
-	driver_id = dev->driver_id;
-
-	return sym_session_configure(roc_cpt, driver_id, xform, sess, pool);
+	return sym_session_configure(roc_cpt, xform, sess);
 }
 
 void
-sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
+sym_session_clear(void *sess)
 {
-	void *priv = get_sym_session_private_data(sess, driver_id);
-	struct cnxk_se_sess *sess_priv;
-	struct rte_mempool *pool;
+	struct cnxk_se_sess *sess_priv = sess;
 
-	if (priv == NULL)
+	if (sess == NULL)
 		return;
 
-	sess_priv = priv;
-
 	if (sess_priv->roc_se_ctx.auth_key != NULL)
 		plt_free(sess_priv->roc_se_ctx.auth_key);
 
-	memset(priv, 0, cnxk_cpt_sym_session_get_size(NULL));
-
-	pool = rte_mempool_from_obj(priv);
-
-	set_sym_session_private_data(sess, driver_id, NULL);
-
-	rte_mempool_put(pool, priv);
+	memset(sess_priv, 0, cnxk_cpt_sym_session_get_size(NULL));
 }
 
 void
-cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
-			   struct rte_cryptodev_sym_session *sess)
+cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	return sym_session_clear(dev->driver_id, sess);
+	RTE_SET_USED(dev);
+
+	return sym_session_clear(sess);
 }
 
 unsigned int
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
index c5332dec53..3c09d10582 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
@@ -111,18 +111,15 @@ unsigned int cnxk_cpt_sym_session_get_size(struct rte_cryptodev *dev);
 
 int cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
 				   struct rte_crypto_sym_xform *xform,
-				   struct rte_cryptodev_sym_session *sess,
-				   struct rte_mempool *pool);
+				   void *sess);
 
-int sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
+int sym_session_configure(struct roc_cpt *roc_cpt,
 			  struct rte_crypto_sym_xform *xform,
-			  struct rte_cryptodev_sym_session *sess,
-			  struct rte_mempool *pool);
+			  void *sess);
 
-void cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
-				struct rte_cryptodev_sym_session *sess);
+void cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev, void *sess);
 
-void sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess);
+void sym_session_clear(void *sess);
 
 unsigned int cnxk_ae_session_size_get(struct rte_cryptodev *dev __rte_unused);
 
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 176f1a27a0..42229763f8 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -3438,49 +3438,32 @@ dpaa2_sec_security_session_destroy(void *dev __rte_unused, void *sess)
 static int
 dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		DPAA2_SEC_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = dpaa2_sec_set_session_parameters(dev, xform, sess_private_data);
+	ret = dpaa2_sec_set_session_parameters(dev, xform, sess);
 	if (ret != 0) {
 		DPAA2_SEC_ERR("Failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-	dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
+	RTE_SET_USED(dev);
+	dpaa2_sec_session *s = (dpaa2_sec_session *)sess;
 
-	if (sess_priv) {
+	if (sess) {
 		rte_free(s->ctxt);
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 		memset(s, 0, sizeof(dpaa2_sec_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 }
 
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 5a087df090..4727088b45 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2537,33 +2537,18 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
 
 static int
 dpaa_sec_sym_session_configure(struct rte_cryptodev *dev,
-		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		struct rte_crypto_sym_xform *xform, void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	PMD_INIT_FUNC_TRACE();
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		DPAA_SEC_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = dpaa_sec_set_session_parameters(dev, xform, sess_private_data);
+	ret = dpaa_sec_set_session_parameters(dev, xform, sess);
 	if (ret != 0) {
 		DPAA_SEC_ERR("failed to configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
-
 	return 0;
 }
 
@@ -2584,18 +2569,14 @@ free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+dpaa_sec_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-	dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
+	RTE_SET_USED(dev);
+	dpaa_sec_session *s = (dpaa_sec_session *)sess;
 
-	if (sess_priv) {
+	if (sess)
 		free_session_memory(dev, s);
-		set_sym_session_private_data(sess, index, NULL);
-	}
 }
 
 #ifdef RTE_LIB_SECURITY
diff --git a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
index f075054807..b2e5c92598 100644
--- a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
+++ b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
@@ -220,7 +220,6 @@ kasumi_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 
 	qp->mgr = internals->mgr;
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -243,10 +242,8 @@ kasumi_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 	struct kasumi_private *internals = dev->data->dev_private;
 
@@ -255,43 +252,24 @@ kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		KASUMI_LOG(ERR,
-				"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = kasumi_set_session_parameters(internals->mgr,
-					sess_private_data, xform);
+					sess, xform);
 	if (ret != 0) {
 		KASUMI_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-kasumi_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+kasumi_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct kasumi_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct kasumi_session));
 }
 
 struct rte_cryptodev_ops kasumi_pmd_ops = {
diff --git a/drivers/crypto/mlx5/mlx5_crypto.c b/drivers/crypto/mlx5/mlx5_crypto.c
index 682cf8b607..615ab9f45d 100644
--- a/drivers/crypto/mlx5/mlx5_crypto.c
+++ b/drivers/crypto/mlx5/mlx5_crypto.c
@@ -165,14 +165,12 @@ mlx5_crypto_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
 				  struct rte_crypto_sym_xform *xform,
-				  struct rte_cryptodev_sym_session *session,
-				  struct rte_mempool *mp)
+				  void *session)
 {
 	struct mlx5_crypto_priv *priv = dev->data->dev_private;
-	struct mlx5_crypto_session *sess_private_data;
+	struct mlx5_crypto_session *sess_private_data = session;
 	struct rte_crypto_cipher_xform *cipher;
 	uint8_t encryption_order;
-	int ret;
 
 	if (unlikely(xform->next != NULL)) {
 		DRV_LOG(ERR, "Xform next is not supported.");
@@ -183,17 +181,9 @@ mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
 		DRV_LOG(ERR, "Only AES-XTS algorithm is supported.");
 		return -ENOTSUP;
 	}
-	ret = rte_mempool_get(mp, (void *)&sess_private_data);
-	if (ret != 0) {
-		DRV_LOG(ERR,
-			"Failed to get session %p private data from mempool.",
-			sess_private_data);
-		return -ENOMEM;
-	}
 	cipher = &xform->cipher;
 	sess_private_data->dek = mlx5_crypto_dek_prepare(priv, cipher);
 	if (sess_private_data->dek == NULL) {
-		rte_mempool_put(mp, sess_private_data);
 		DRV_LOG(ERR, "Failed to prepare dek.");
 		return -ENOMEM;
 	}
@@ -228,27 +218,21 @@ mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
 	sess_private_data->dek_id =
 			rte_cpu_to_be_32(sess_private_data->dek->obj->id &
 					 0xffffff);
-	set_sym_session_private_data(session, dev->driver_id,
-				     sess_private_data);
 	DRV_LOG(DEBUG, "Session %p was configured.", sess_private_data);
 	return 0;
 }
 
 static void
-mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev,
-			      struct rte_cryptodev_sym_session *sess)
+mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	struct mlx5_crypto_priv *priv = dev->data->dev_private;
-	struct mlx5_crypto_session *spriv = get_sym_session_private_data(sess,
-								dev->driver_id);
+	struct mlx5_crypto_session *spriv = sess;
 
 	if (unlikely(spriv == NULL)) {
 		DRV_LOG(ERR, "Failed to get session %p private data.", spriv);
 		return;
 	}
 	mlx5_crypto_dek_destroy(priv, spriv->dek);
-	set_sym_session_private_data(sess, dev->driver_id, NULL);
-	rte_mempool_put(rte_mempool_from_obj(spriv), spriv);
 	DRV_LOG(DEBUG, "Session %p was cleared.", spriv);
 }
 
diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
index e04a2c88c7..2e4b27ea21 100644
--- a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
+++ b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
@@ -704,7 +704,6 @@ mrvl_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 			break;
 
 		qp->sess_mp = qp_conf->mp_session;
-		qp->sess_mp_priv = qp_conf->mp_session_private;
 
 		memset(&qp->stats, 0, sizeof(qp->stats));
 		dev->data->queue_pairs[qp_id] = qp;
@@ -735,12 +734,9 @@ mrvl_crypto_pmd_sym_session_get_size(__rte_unused struct rte_cryptodev *dev)
  */
 static int
 mrvl_crypto_pmd_sym_session_configure(__rte_unused struct rte_cryptodev *dev,
-		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mp)
+		struct rte_crypto_sym_xform *xform, void *sess)
 {
 	struct mrvl_crypto_session *mrvl_sess;
-	void *sess_private_data;
 	int ret;
 
 	if (sess == NULL) {
@@ -748,25 +744,16 @@ mrvl_crypto_pmd_sym_session_configure(__rte_unused struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mp, &sess_private_data)) {
-		CDEV_LOG_ERR("Couldn't get object from session mempool.");
-		return -ENOMEM;
-	}
+	memset(sess, 0, sizeof(struct mrvl_crypto_session));
 
-	memset(sess_private_data, 0, sizeof(struct mrvl_crypto_session));
-
-	ret = mrvl_crypto_set_session_parameters(sess_private_data, xform);
+	ret = mrvl_crypto_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		MRVL_LOG(ERR, "Failed to configure session parameters!");
-
-		/* Return session to mempool */
-		rte_mempool_put(mp, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
 
-	mrvl_sess = (struct mrvl_crypto_session *)sess_private_data;
+	mrvl_sess = (struct mrvl_crypto_session *)sess;
 	if (sam_session_create(&mrvl_sess->sam_sess_params,
 				&mrvl_sess->sam_sess) < 0) {
 		MRVL_LOG(DEBUG, "Failed to create session!");
@@ -789,17 +776,13 @@ mrvl_crypto_pmd_sym_session_configure(__rte_unused struct rte_cryptodev *dev,
  * @returns 0. Always.
  */
 static void
-mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
+	if (sess) {
 		struct mrvl_crypto_session *mrvl_sess =
-			(struct mrvl_crypto_session *)sess_priv;
+			(struct mrvl_crypto_session *)sess;
 
 		if (mrvl_sess->sam_sess &&
 		    sam_session_destroy(mrvl_sess->sam_sess) < 0) {
@@ -807,9 +790,6 @@ mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
 		}
 
 		memset(mrvl_sess, 0, sizeof(struct mrvl_crypto_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 }
 
diff --git a/drivers/crypto/nitrox/nitrox_sym.c b/drivers/crypto/nitrox/nitrox_sym.c
index f8b7edcd69..0c9bbfef46 100644
--- a/drivers/crypto/nitrox/nitrox_sym.c
+++ b/drivers/crypto/nitrox/nitrox_sym.c
@@ -532,22 +532,16 @@ configure_aead_ctx(struct rte_crypto_aead_xform *xform,
 static int
 nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev,
 			      struct rte_crypto_sym_xform *xform,
-			      struct rte_cryptodev_sym_session *sess,
-			      struct rte_mempool *mempool)
+			      void *sess)
 {
-	void *mp_obj;
 	struct nitrox_crypto_ctx *ctx;
 	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	struct rte_crypto_auth_xform *auth_xform = NULL;
 	struct rte_crypto_aead_xform *aead_xform = NULL;
 	int ret = -EINVAL;
 
-	if (rte_mempool_get(mempool, &mp_obj)) {
-		NITROX_LOG(ERR, "Couldn't allocate context\n");
-		return -ENOMEM;
-	}
-
-	ctx = mp_obj;
+	RTE_SET_USED(cdev);
+	ctx = sess;
 	ctx->nitrox_chain = get_crypto_chain_order(xform);
 	switch (ctx->nitrox_chain) {
 	case NITROX_CHAIN_CIPHER_ONLY:
@@ -586,28 +580,17 @@ nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev,
 	}
 
 	ctx->iova = rte_mempool_virt2iova(ctx);
-	set_sym_session_private_data(sess, cdev->driver_id, ctx);
 	return 0;
 err:
-	rte_mempool_put(mempool, mp_obj);
 	return ret;
 }
 
 static void
-nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev,
-			  struct rte_cryptodev_sym_session *sess)
+nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev, void *sess)
 {
-	struct nitrox_crypto_ctx *ctx = get_sym_session_private_data(sess,
-							cdev->driver_id);
-	struct rte_mempool *sess_mp;
-
-	if (!ctx)
-		return;
-
-	memset(ctx, 0, sizeof(*ctx));
-	sess_mp = rte_mempool_from_obj(ctx);
-	set_sym_session_private_data(sess, cdev->driver_id, NULL);
-	rte_mempool_put(sess_mp, ctx);
+	RTE_SET_USED(cdev);
+	if (sess)
+		memset(sess, 0, sizeof(struct nitrox_crypto_ctx));
 }
 
 static struct nitrox_crypto_ctx *
diff --git a/drivers/crypto/null/null_crypto_pmd_ops.c b/drivers/crypto/null/null_crypto_pmd_ops.c
index a8b5a06e7f..65bfa8dcf7 100644
--- a/drivers/crypto/null/null_crypto_pmd_ops.c
+++ b/drivers/crypto/null/null_crypto_pmd_ops.c
@@ -234,7 +234,6 @@ null_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -258,10 +257,8 @@ null_crypto_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 null_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mp)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -269,42 +266,23 @@ null_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mp, &sess_private_data)) {
-		NULL_LOG(ERR,
-				"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = null_crypto_set_session_parameters(sess_private_data, xform);
+	ret = null_crypto_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		NULL_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mp, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-null_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+null_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct null_crypto_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct null_crypto_session));
 }
 
 static struct rte_cryptodev_ops pmd_ops = {
diff --git a/drivers/crypto/octeontx/otx_cryptodev_hw_access.h b/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
index 7c6b1e45b4..95659e472b 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
+++ b/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
@@ -49,7 +49,6 @@ struct cpt_instance {
 	uint32_t queue_id;
 	uintptr_t rsvd;
 	struct rte_mempool *sess_mp;
-	struct rte_mempool *sess_mp_priv;
 	struct cpt_qp_meta_info meta_info;
 	uint8_t ca_enabled;
 };
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index 9e8fd495cf..abd0963be0 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -171,7 +171,6 @@ otx_cpt_que_pair_setup(struct rte_cryptodev *dev,
 
 	instance->queue_id = que_pair_id;
 	instance->sess_mp = qp_conf->mp_session;
-	instance->sess_mp_priv = qp_conf->mp_session_private;
 	dev->data->queue_pairs[que_pair_id] = instance;
 
 	return 0;
@@ -243,29 +242,22 @@ sym_xform_verify(struct rte_crypto_sym_xform *xform)
 }
 
 static int
-sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
-		      struct rte_cryptodev_sym_session *sess,
-		      struct rte_mempool *pool)
+sym_session_configure(struct rte_crypto_sym_xform *xform,
+		      void *sess)
 {
 	struct rte_crypto_sym_xform *temp_xform = xform;
 	struct cpt_sess_misc *misc;
 	vq_cmd_word3_t vq_cmd_w3;
-	void *priv;
 	int ret;
 
 	ret = sym_xform_verify(xform);
 	if (unlikely(ret))
 		return ret;
 
-	if (unlikely(rte_mempool_get(pool, &priv))) {
-		CPT_LOG_ERR("Could not allocate session private data");
-		return -ENOMEM;
-	}
-
-	memset(priv, 0, sizeof(struct cpt_sess_misc) +
+	memset(sess, 0, sizeof(struct cpt_sess_misc) +
 			offsetof(struct cpt_ctx, mc_ctx));
 
-	misc = priv;
+	misc = sess;
 
 	for ( ; xform != NULL; xform = xform->next) {
 		switch (xform->type) {
@@ -301,8 +293,6 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 		goto priv_put;
 	}
 
-	set_sym_session_private_data(sess, driver_id, priv);
-
 	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
 			     sizeof(struct cpt_sess_misc);
 
@@ -316,56 +306,46 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 	return 0;
 
 priv_put:
-	if (priv)
-		rte_mempool_put(pool, priv);
 	return -ENOTSUP;
 }
 
 static void
-sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
+sym_session_clear(void *sess)
 {
-	void *priv = get_sym_session_private_data(sess, driver_id);
 	struct cpt_sess_misc *misc;
-	struct rte_mempool *pool;
 	struct cpt_ctx *ctx;
 
-	if (priv == NULL)
+	if (sess == NULL)
 		return;
 
-	misc = priv;
+	misc = sess;
 	ctx = SESS_PRIV(misc);
 
 	if (ctx->auth_key != NULL)
 		rte_free(ctx->auth_key);
 
-	memset(priv, 0, cpt_get_session_size());
-
-	pool = rte_mempool_from_obj(priv);
-
-	set_sym_session_private_data(sess, driver_id, NULL);
-
-	rte_mempool_put(pool, priv);
+	memset(sess, 0, cpt_get_session_size());
 }
 
 static int
 otx_cpt_session_cfg(struct rte_cryptodev *dev,
 		    struct rte_crypto_sym_xform *xform,
-		    struct rte_cryptodev_sym_session *sess,
-		    struct rte_mempool *pool)
+		    void *sess)
 {
 	CPT_PMD_INIT_FUNC_TRACE();
+	RTE_SET_USED(dev);
 
-	return sym_session_configure(dev->driver_id, xform, sess, pool);
+	return sym_session_configure(xform, sess);
 }
 
 
 static void
-otx_cpt_session_clear(struct rte_cryptodev *dev,
-		  struct rte_cryptodev_sym_session *sess)
+otx_cpt_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	CPT_PMD_INIT_FUNC_TRACE();
+	RTE_SET_USED(dev);
 
-	return sym_session_clear(dev->driver_id, sess);
+	return sym_session_clear(sess);
 }
 
 static unsigned int
@@ -576,7 +556,6 @@ static __rte_always_inline void * __rte_hot
 otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
 				struct rte_crypto_op *op)
 {
-	const int driver_id = otx_cryptodev_driver_id;
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct rte_cryptodev_sym_session *sess;
 	void *req;
@@ -589,8 +568,12 @@ otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
 		return NULL;
 	}
 
-	ret = sym_session_configure(driver_id, sym_op->xform, sess,
-				    instance->sess_mp_priv);
+	sess->sess_data[otx_cryptodev_driver_id].data =
+			(void *)((uint8_t *)sess +
+			rte_cryptodev_sym_get_header_session_size() +
+			(otx_cryptodev_driver_id * sess->priv_sz));
+	ret = sym_session_configure(sym_op->xform,
+			sess->sess_data[otx_cryptodev_driver_id].data);
 	if (ret)
 		goto sess_put;
 
@@ -604,7 +587,7 @@ otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
 	return req;
 
 priv_put:
-	sym_session_clear(driver_id, sess);
+	sym_session_clear(sess);
 sess_put:
 	rte_mempool_put(instance->sess_mp, sess);
 	return NULL;
@@ -913,7 +896,6 @@ free_sym_session_data(const struct cpt_instance *instance,
 	memset(cop->sym->session, 0,
 	       rte_cryptodev_sym_get_existing_header_session_size(
 		       cop->sym->session));
-	rte_mempool_put(instance->sess_mp_priv, sess_private_data_t);
 	rte_mempool_put(instance->sess_mp, cop->sym->session);
 	cop->sym->session = NULL;
 }
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
index 7b744cd4b4..dcfbc49996 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
@@ -371,29 +371,21 @@ sym_xform_verify(struct rte_crypto_sym_xform *xform)
 }
 
 static int
-sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
-		      struct rte_cryptodev_sym_session *sess,
-		      struct rte_mempool *pool)
+sym_session_configure(struct rte_crypto_sym_xform *xform, void *sess)
 {
 	struct rte_crypto_sym_xform *temp_xform = xform;
 	struct cpt_sess_misc *misc;
 	vq_cmd_word3_t vq_cmd_w3;
-	void *priv;
 	int ret;
 
 	ret = sym_xform_verify(xform);
 	if (unlikely(ret))
 		return ret;
 
-	if (unlikely(rte_mempool_get(pool, &priv))) {
-		CPT_LOG_ERR("Could not allocate session private data");
-		return -ENOMEM;
-	}
-
-	memset(priv, 0, sizeof(struct cpt_sess_misc) +
+	memset(sess, 0, sizeof(struct cpt_sess_misc) +
 			offsetof(struct cpt_ctx, mc_ctx));
 
-	misc = priv;
+	misc = sess;
 
 	for ( ; xform != NULL; xform = xform->next) {
 		switch (xform->type) {
@@ -414,7 +406,7 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 		}
 
 		if (ret)
-			goto priv_put;
+			return -ENOTSUP;
 	}
 
 	if ((GET_SESS_FC_TYPE(misc) == HASH_HMAC) &&
@@ -425,12 +417,9 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 			rte_free(ctx->auth_key);
 			ctx->auth_key = NULL;
 		}
-		ret = -ENOTSUP;
-		goto priv_put;
+		return -ENOTSUP;
 	}
 
-	set_sym_session_private_data(sess, driver_id, misc);
-
 	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
 			     sizeof(struct cpt_sess_misc);
 
@@ -451,11 +440,6 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 	misc->cpt_inst_w7 = vq_cmd_w3.u64;
 
 	return 0;
-
-priv_put:
-	rte_mempool_put(pool, priv);
-
-	return -ENOTSUP;
 }
 
 static __rte_always_inline int32_t __rte_hot
@@ -765,7 +749,6 @@ otx2_cpt_enqueue_sym_sessless(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
 			      struct pending_queue *pend_q,
 			      unsigned int burst_index)
 {
-	const int driver_id = otx2_cryptodev_driver_id;
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct rte_cryptodev_sym_session *sess;
 	int ret;
@@ -775,8 +758,12 @@ otx2_cpt_enqueue_sym_sessless(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
 	if (sess == NULL)
 		return -ENOMEM;
 
-	ret = sym_session_configure(driver_id, sym_op->xform, sess,
-				    qp->sess_mp_priv);
+	sess->sess_data[otx2_cryptodev_driver_id].data =
+			(void *)((uint8_t *)sess +
+			rte_cryptodev_sym_get_header_session_size() +
+			(otx2_cryptodev_driver_id * sess->priv_sz));
+	ret = sym_session_configure(sym_op->xform,
+			sess->sess_data[otx2_cryptodev_driver_id].data);
 	if (ret)
 		goto sess_put;
 
@@ -790,7 +777,7 @@ otx2_cpt_enqueue_sym_sessless(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
 	return 0;
 
 priv_put:
-	sym_session_clear(driver_id, sess);
+	sym_session_clear(sess);
 sess_put:
 	rte_mempool_put(qp->sess_mp, sess);
 	return ret;
@@ -1035,8 +1022,7 @@ otx2_cpt_dequeue_post_process(struct otx2_cpt_qp *qp, struct rte_crypto_op *cop,
 		}
 
 		if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
-			sym_session_clear(otx2_cryptodev_driver_id,
-					  cop->sym->session);
+			sym_session_clear(cop->sym->session);
 			sz = rte_cryptodev_sym_get_existing_header_session_size(
 					cop->sym->session);
 			memset(cop->sym->session, 0, sz);
@@ -1291,7 +1277,6 @@ otx2_cpt_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = conf->mp_session;
-	qp->sess_mp_priv = conf->mp_session_private;
 	dev->data->queue_pairs[qp_id] = qp;
 
 	return 0;
@@ -1330,21 +1315,22 @@ otx2_cpt_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 otx2_cpt_sym_session_configure(struct rte_cryptodev *dev,
 			       struct rte_crypto_sym_xform *xform,
-			       struct rte_cryptodev_sym_session *sess,
-			       struct rte_mempool *pool)
+			       void *sess)
 {
 	CPT_PMD_INIT_FUNC_TRACE();
+	RTE_SET_USED(dev);
 
-	return sym_session_configure(dev->driver_id, xform, sess, pool);
+	return sym_session_configure(xform, sess);
 }
 
 static void
 otx2_cpt_sym_session_clear(struct rte_cryptodev *dev,
-			   struct rte_cryptodev_sym_session *sess)
+			   void *sess)
 {
 	CPT_PMD_INIT_FUNC_TRACE();
+	RTE_SET_USED(dev);
 
-	return sym_session_clear(dev->driver_id, sess);
+	return sym_session_clear(sess);
 }
 
 static unsigned int
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h b/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
index 01c081a216..5f63eaf7b7 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
@@ -8,29 +8,21 @@
 #include "cpt_pmd_logs.h"
 
 static void
-sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
+sym_session_clear(void *sess)
 {
-	void *priv = get_sym_session_private_data(sess, driver_id);
 	struct cpt_sess_misc *misc;
-	struct rte_mempool *pool;
 	struct cpt_ctx *ctx;
 
-	if (priv == NULL)
+	if (sess == NULL)
 		return;
 
-	misc = priv;
+	misc = sess;
 	ctx = SESS_PRIV(misc);
 
 	if (ctx->auth_key != NULL)
 		rte_free(ctx->auth_key);
 
-	memset(priv, 0, cpt_get_session_size());
-
-	pool = rte_mempool_from_obj(priv);
-
-	set_sym_session_private_data(sess, driver_id, NULL);
-
-	rte_mempool_put(pool, priv);
+	memset(sess, 0, cpt_get_session_size());
 }
 
 static __rte_always_inline uint8_t
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 52715f86f8..1b48a6b400 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -741,7 +741,6 @@ openssl_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 		goto qp_setup_cleanup;
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->stats, 0, sizeof(qp->stats));
 
@@ -772,10 +771,8 @@ openssl_pmd_asym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 openssl_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -783,24 +780,12 @@ openssl_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		OPENSSL_LOG(ERR,
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = openssl_set_session_parameters(sess_private_data, xform);
+	ret = openssl_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		OPENSSL_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
 	return 0;
 }
 
@@ -1154,19 +1139,13 @@ openssl_pmd_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-openssl_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+openssl_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		openssl_reset_session(sess_priv);
-		memset(sess_priv, 0, sizeof(struct openssl_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
+	if (sess) {
+		openssl_reset_session(sess);
+		memset(sess, 0, sizeof(struct openssl_session));
 	}
 }
 
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 2a22347c7f..114bf081c1 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -172,21 +172,14 @@ qat_is_auth_alg_supported(enum rte_crypto_auth_algorithm algo,
 }
 
 void
-qat_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+qat_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-	struct qat_sym_session *s = (struct qat_sym_session *)sess_priv;
+	struct qat_sym_session *s = (struct qat_sym_session *)sess;
 
-	if (sess_priv) {
+	if (sess) {
 		if (s->bpi_ctx)
 			bpi_cipher_ctx_free(s->bpi_ctx);
 		memset(s, 0, qat_sym_session_get_private_size(dev));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 }
 
@@ -458,31 +451,17 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
 int
 qat_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess_private_data)
 {
-	void *sess_private_data;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CDEV_LOG_ERR(
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = qat_sym_session_set_parameters(dev, xform, sess_private_data);
 	if (ret != 0) {
 		QAT_LOG(ERR,
 		    "Crypto QAT PMD: failed to configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
diff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h
index 7fcc1d6f7b..6da29e2305 100644
--- a/drivers/crypto/qat/qat_sym_session.h
+++ b/drivers/crypto/qat/qat_sym_session.h
@@ -112,8 +112,7 @@ struct qat_sym_session {
 int
 qat_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool);
+		void *sess);
 
 int
 qat_sym_session_set_parameters(struct rte_cryptodev *dev,
@@ -135,8 +134,7 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev,
 				struct qat_sym_session *session);
 
 void
-qat_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *session);
+qat_sym_session_clear(struct rte_cryptodev *dev, void *session);
 
 unsigned int
 qat_sym_session_get_private_size(struct rte_cryptodev *dev);
diff --git a/drivers/crypto/scheduler/scheduler_pmd_ops.c b/drivers/crypto/scheduler/scheduler_pmd_ops.c
index 465b88ade8..87260b5a22 100644
--- a/drivers/crypto/scheduler/scheduler_pmd_ops.c
+++ b/drivers/crypto/scheduler/scheduler_pmd_ops.c
@@ -476,9 +476,7 @@ scheduler_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 
 static int
 scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
-	struct rte_crypto_sym_xform *xform,
-	struct rte_cryptodev_sym_session *sess,
-	struct rte_mempool *mempool)
+	struct rte_crypto_sym_xform *xform, void *sess)
 {
 	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
 	uint32_t i;
@@ -488,7 +486,7 @@ scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		struct scheduler_worker *worker = &sched_ctx->workers[i];
 
 		ret = rte_cryptodev_sym_session_init(worker->dev_id, sess,
-					xform, mempool);
+					xform);
 		if (ret < 0) {
 			CR_SCHED_LOG(ERR, "unable to config sym session");
 			return ret;
@@ -500,8 +498,7 @@ scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
 	uint32_t i;
diff --git a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
index 3f46014b7d..b0f8f6d86a 100644
--- a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
+++ b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
@@ -226,7 +226,6 @@ snow3g_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 
 	qp->mgr = internals->mgr;
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -250,10 +249,8 @@ snow3g_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 snow3g_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 	struct snow3g_private *internals = dev->data->dev_private;
 
@@ -262,43 +259,24 @@ snow3g_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		SNOW3G_LOG(ERR,
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = snow3g_set_session_parameters(internals->mgr,
-					sess_private_data, xform);
+					sess, xform);
 	if (ret != 0) {
 		SNOW3G_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-snow3g_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+snow3g_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct snow3g_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct snow3g_session));
 }
 
 struct rte_cryptodev_ops snow3g_pmd_ops = {
diff --git a/drivers/crypto/virtio/virtio_cryptodev.c b/drivers/crypto/virtio/virtio_cryptodev.c
index 8faa39df4a..de52fec32e 100644
--- a/drivers/crypto/virtio/virtio_cryptodev.c
+++ b/drivers/crypto/virtio/virtio_cryptodev.c
@@ -37,11 +37,10 @@ static void virtio_crypto_dev_free_mbufs(struct rte_cryptodev *dev);
 static unsigned int virtio_crypto_sym_get_session_private_size(
 		struct rte_cryptodev *dev);
 static void virtio_crypto_sym_clear_session(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess);
+		void *sess);
 static int virtio_crypto_sym_configure_session(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *session,
-		struct rte_mempool *mp);
+		void *session);
 
 /*
  * The set of PCI devices this driver supports
@@ -927,7 +926,7 @@ virtio_crypto_check_sym_clear_session_paras(
 static void
 virtio_crypto_sym_clear_session(
 		struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+		void *sess)
 {
 	struct virtio_crypto_hw *hw;
 	struct virtqueue *vq;
@@ -1290,11 +1289,9 @@ static int
 virtio_crypto_check_sym_configure_session_paras(
 		struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sym_sess,
-		struct rte_mempool *mempool)
+		void *sym_sess)
 {
-	if (unlikely(xform == NULL) || unlikely(sym_sess == NULL) ||
-		unlikely(mempool == NULL)) {
+	if (unlikely(xform == NULL) || unlikely(sym_sess == NULL)) {
 		VIRTIO_CRYPTO_SESSION_LOG_ERR("NULL pointer");
 		return -1;
 	}
@@ -1309,12 +1306,9 @@ static int
 virtio_crypto_sym_configure_session(
 		struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
 	int ret;
-	struct virtio_crypto_session crypto_sess;
-	void *session_private = &crypto_sess;
 	struct virtio_crypto_session *session;
 	struct virtio_crypto_op_ctrl_req *ctrl_req;
 	enum virtio_crypto_cmd_id cmd_id;
@@ -1326,19 +1320,13 @@ virtio_crypto_sym_configure_session(
 	PMD_INIT_FUNC_TRACE();
 
 	ret = virtio_crypto_check_sym_configure_session_paras(dev, xform,
-			sess, mempool);
+			sess);
 	if (ret < 0) {
 		VIRTIO_CRYPTO_SESSION_LOG_ERR("Invalid parameters");
 		return ret;
 	}
 
-	if (rte_mempool_get(mempool, &session_private)) {
-		VIRTIO_CRYPTO_SESSION_LOG_ERR(
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	session = (struct virtio_crypto_session *)session_private;
+	session = (struct virtio_crypto_session *)sess;
 	memset(session, 0, sizeof(struct virtio_crypto_session));
 	ctrl_req = &session->ctrl;
 	ctrl_req->header.opcode = VIRTIO_CRYPTO_CIPHER_CREATE_SESSION;
@@ -1401,9 +1389,6 @@ virtio_crypto_sym_configure_session(
 		goto error_out;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		session_private);
-
 	return 0;
 
 error_out:
diff --git a/drivers/crypto/zuc/rte_zuc_pmd_ops.c b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
index 38642d45ab..04126c8a04 100644
--- a/drivers/crypto/zuc/rte_zuc_pmd_ops.c
+++ b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
@@ -226,7 +226,6 @@ zuc_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 
 	qp->mb_mgr = internals->mb_mgr;
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -250,10 +249,8 @@ zuc_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 zuc_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -261,43 +258,23 @@ zuc_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		ZUC_LOG(ERR,
-			"Couldn't get object from session mempool");
-
-		return -ENOMEM;
-	}
-
-	ret = zuc_set_session_parameters(sess_private_data, xform);
+	ret = zuc_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		ZUC_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-zuc_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+zuc_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct zuc_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct zuc_session));
 }
 
 struct rte_cryptodev_ops zuc_pmd_ops = {
diff --git a/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h b/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
index b33cb7e139..8522f2dfda 100644
--- a/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
+++ b/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
@@ -38,8 +38,7 @@ otx2_ca_deq_post_process(const struct otx2_cpt_qp *qp,
 		}
 
 		if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
-			sym_session_clear(otx2_cryptodev_driver_id,
-					  cop->sym->session);
+			sym_session_clear(cop->sym->session);
 			memset(cop->sym->session, 0,
 			rte_cryptodev_sym_get_existing_header_session_size(
 				cop->sym->session));
diff --git a/examples/fips_validation/fips_dev_self_test.c b/examples/fips_validation/fips_dev_self_test.c
index b4eab05a98..bbc27a1b6f 100644
--- a/examples/fips_validation/fips_dev_self_test.c
+++ b/examples/fips_validation/fips_dev_self_test.c
@@ -969,7 +969,6 @@ struct fips_dev_auto_test_env {
 	struct rte_mempool *mpool;
 	struct rte_mempool *op_pool;
 	struct rte_mempool *sess_pool;
-	struct rte_mempool *sess_priv_pool;
 	struct rte_mbuf *mbuf;
 	struct rte_crypto_op *op;
 };
@@ -981,7 +980,7 @@ typedef int (*fips_dev_self_test_prepare_xform_t)(uint8_t,
 		uint32_t);
 
 typedef int (*fips_dev_self_test_prepare_op_t)(struct rte_crypto_op *,
-		struct rte_mbuf *, struct rte_cryptodev_sym_session *,
+		struct rte_mbuf *, void *,
 		uint32_t, struct fips_dev_self_test_vector *);
 
 typedef int (*fips_dev_self_test_check_result_t)(struct rte_crypto_op *,
@@ -1173,7 +1172,7 @@ prepare_aead_xform(uint8_t dev_id,
 static int
 prepare_cipher_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1212,7 +1211,7 @@ prepare_cipher_op(struct rte_crypto_op *op,
 static int
 prepare_auth_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1251,7 +1250,7 @@ prepare_auth_op(struct rte_crypto_op *op,
 static int
 prepare_aead_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1464,7 +1463,7 @@ run_single_test(uint8_t dev_id,
 		uint32_t negative_test)
 {
 	struct rte_crypto_sym_xform xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	uint16_t n_deqd;
 	uint8_t key[256];
 	int ret;
@@ -1484,8 +1483,7 @@ run_single_test(uint8_t dev_id,
 	if (!sess)
 		return -ENOMEM;
 
-	ret = rte_cryptodev_sym_session_init(dev_id,
-			sess, &xform, env->sess_priv_pool);
+	ret = rte_cryptodev_sym_session_init(dev_id, sess, &xform);
 	if (ret < 0) {
 		RTE_LOG(ERR, PMD, "Error %i: Init session\n", ret);
 		return ret;
@@ -1533,8 +1531,6 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
 		rte_mempool_free(env->op_pool);
 	if (env->sess_pool)
 		rte_mempool_free(env->sess_pool);
-	if (env->sess_priv_pool)
-		rte_mempool_free(env->sess_priv_pool);
 
 	rte_cryptodev_stop(dev_id);
 }
@@ -1542,7 +1538,7 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
 static int
 fips_dev_auto_test_init(uint8_t dev_id, struct fips_dev_auto_test_env *env)
 {
-	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
+	struct rte_cryptodev_qp_conf qp_conf = {128, NULL};
 	uint32_t sess_sz = rte_cryptodev_sym_get_private_session_size(dev_id);
 	struct rte_cryptodev_config conf;
 	char name[128];
@@ -1586,25 +1582,13 @@ fips_dev_auto_test_init(uint8_t dev_id, struct fips_dev_auto_test_env *env)
 	snprintf(name, 128, "%s%u", "SELF_TEST_SESS_POOL", dev_id);
 
 	env->sess_pool = rte_cryptodev_sym_session_pool_create(name,
-			128, 0, 0, 0, rte_cryptodev_socket_id(dev_id));
+			128, sess_sz, 0, 0, rte_cryptodev_socket_id(dev_id));
 	if (!env->sess_pool) {
 		ret = -ENOMEM;
 		goto error_exit;
 	}
 
-	memset(name, 0, 128);
-	snprintf(name, 128, "%s%u", "SELF_TEST_SESS_PRIV_POOL", dev_id);
-
-	env->sess_priv_pool = rte_mempool_create(name,
-			128, sess_sz, 0, 0, NULL, NULL, NULL,
-			NULL, rte_cryptodev_socket_id(dev_id), 0);
-	if (!env->sess_priv_pool) {
-		ret = -ENOMEM;
-		goto error_exit;
-	}
-
 	qp_conf.mp_session = env->sess_pool;
-	qp_conf.mp_session_private = env->sess_priv_pool;
 
 	ret = rte_cryptodev_queue_pair_setup(dev_id, 0, &qp_conf,
 			rte_cryptodev_socket_id(dev_id));
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index a8daad1f48..03c6ccb5b8 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -48,13 +48,12 @@ struct cryptodev_fips_validate_env {
 	uint16_t mbuf_data_room;
 	struct rte_mempool *mpool;
 	struct rte_mempool *sess_mpool;
-	struct rte_mempool *sess_priv_mpool;
 	struct rte_mempool *op_pool;
 	struct rte_mbuf *mbuf;
 	uint8_t *digest;
 	uint16_t digest_len;
 	struct rte_crypto_op *op;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	uint16_t self_test;
 	struct fips_dev_broken_test_config *broken_test_config;
 } env;
@@ -63,7 +62,7 @@ static int
 cryptodev_fips_validate_app_int(void)
 {
 	struct rte_cryptodev_config conf = {rte_socket_id(), 1, 0};
-	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
+	struct rte_cryptodev_qp_conf qp_conf = {128, NULL};
 	struct rte_cryptodev_info dev_info;
 	uint32_t sess_sz = rte_cryptodev_sym_get_private_session_size(
 			env.dev_id);
@@ -103,16 +102,11 @@ cryptodev_fips_validate_app_int(void)
 	ret = -ENOMEM;
 
 	env.sess_mpool = rte_cryptodev_sym_session_pool_create(
-			"FIPS_SESS_MEMPOOL", 16, 0, 0, 0, rte_socket_id());
+			"FIPS_SESS_MEMPOOL", 16, sess_sz, 0, 0,
+			rte_socket_id());
 	if (!env.sess_mpool)
 		goto error_exit;
 
-	env.sess_priv_mpool = rte_mempool_create("FIPS_SESS_PRIV_MEMPOOL",
-			16, sess_sz, 0, 0, NULL, NULL, NULL,
-			NULL, rte_socket_id(), 0);
-	if (!env.sess_priv_mpool)
-		goto error_exit;
-
 	env.op_pool = rte_crypto_op_pool_create(
 			"FIPS_OP_POOL",
 			RTE_CRYPTO_OP_TYPE_SYMMETRIC,
@@ -127,7 +121,6 @@ cryptodev_fips_validate_app_int(void)
 		goto error_exit;
 
 	qp_conf.mp_session = env.sess_mpool;
-	qp_conf.mp_session_private = env.sess_priv_mpool;
 
 	ret = rte_cryptodev_queue_pair_setup(env.dev_id, 0, &qp_conf,
 			rte_socket_id());
@@ -141,8 +134,6 @@ cryptodev_fips_validate_app_int(void)
 	rte_mempool_free(env.mpool);
 	if (env.sess_mpool)
 		rte_mempool_free(env.sess_mpool);
-	if (env.sess_priv_mpool)
-		rte_mempool_free(env.sess_priv_mpool);
 	if (env.op_pool)
 		rte_mempool_free(env.op_pool);
 
@@ -158,7 +149,6 @@ cryptodev_fips_validate_app_uninit(void)
 	rte_cryptodev_sym_session_free(env.sess);
 	rte_mempool_free(env.mpool);
 	rte_mempool_free(env.sess_mpool);
-	rte_mempool_free(env.sess_priv_mpool);
 	rte_mempool_free(env.op_pool);
 }
 
@@ -1179,7 +1169,7 @@ fips_run_test(void)
 		return -ENOMEM;
 
 	ret = rte_cryptodev_sym_session_init(env.dev_id,
-			env.sess, &xform, env.sess_priv_mpool);
+			env.sess, &xform);
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Init session\n",
 				ret);
diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index 7ad94cb822..65528ee2e7 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -1216,15 +1216,11 @@ ipsec_poll_mode_worker(void)
 	qconf->inbound.sa_ctx = socket_ctx[socket_id].sa_in;
 	qconf->inbound.cdev_map = cdev_map_in;
 	qconf->inbound.session_pool = socket_ctx[socket_id].session_pool;
-	qconf->inbound.session_priv_pool =
-			socket_ctx[socket_id].session_priv_pool;
 	qconf->outbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_out;
 	qconf->outbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_out;
 	qconf->outbound.sa_ctx = socket_ctx[socket_id].sa_out;
 	qconf->outbound.cdev_map = cdev_map_out;
 	qconf->outbound.session_pool = socket_ctx[socket_id].session_pool;
-	qconf->outbound.session_priv_pool =
-			socket_ctx[socket_id].session_priv_pool;
 	qconf->frag.pool_dir = socket_ctx[socket_id].mbuf_pool;
 	qconf->frag.pool_indir = socket_ctx[socket_id].mbuf_pool_indir;
 
@@ -2142,8 +2138,6 @@ cryptodevs_init(uint16_t req_queue_num)
 		qp_conf.nb_descriptors = CDEV_QUEUE_DESC;
 		qp_conf.mp_session =
 			socket_ctx[dev_conf.socket_id].session_pool;
-		qp_conf.mp_session_private =
-			socket_ctx[dev_conf.socket_id].session_priv_pool;
 		for (qp = 0; qp < dev_conf.nb_queue_pairs; qp++)
 			if (rte_cryptodev_queue_pair_setup(cdev_id, qp,
 					&qp_conf, dev_conf.socket_id))
@@ -2405,37 +2399,37 @@ session_pool_init(struct socket_ctx *ctx, int32_t socket_id, size_t sess_sz)
 		printf("Allocated session pool on socket %d\n",	socket_id);
 }
 
-static void
-session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
-	size_t sess_sz)
-{
-	char mp_name[RTE_MEMPOOL_NAMESIZE];
-	struct rte_mempool *sess_mp;
-	uint32_t nb_sess;
-
-	snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
-			"sess_mp_priv_%u", socket_id);
-	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
-		rte_lcore_count());
-	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
-			CDEV_MP_CACHE_MULTIPLIER);
-	sess_mp = rte_mempool_create(mp_name,
-			nb_sess,
-			sess_sz,
-			CDEV_MP_CACHE_SZ,
-			0, NULL, NULL, NULL,
-			NULL, socket_id,
-			0);
-	ctx->session_priv_pool = sess_mp;
-
-	if (ctx->session_priv_pool == NULL)
-		rte_exit(EXIT_FAILURE,
-			"Cannot init session priv pool on socket %d\n",
-			socket_id);
-	else
-		printf("Allocated session priv pool on socket %d\n",
-			socket_id);
-}
+//static void
+//session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
+//	size_t sess_sz)
+//{
+//	char mp_name[RTE_MEMPOOL_NAMESIZE];
+//	struct rte_mempool *sess_mp;
+//	uint32_t nb_sess;
+//
+//	snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
+//			"sess_mp_priv_%u", socket_id);
+//	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
+//		rte_lcore_count());
+//	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
+//			CDEV_MP_CACHE_MULTIPLIER);
+//	sess_mp = rte_mempool_create(mp_name,
+//			nb_sess,
+//			sess_sz,
+//			CDEV_MP_CACHE_SZ,
+//			0, NULL, NULL, NULL,
+//			NULL, socket_id,
+//			0);
+//	ctx->session_priv_pool = sess_mp;
+//
+//	if (ctx->session_priv_pool == NULL)
+//		rte_exit(EXIT_FAILURE,
+//			"Cannot init session priv pool on socket %d\n",
+//			socket_id);
+//	else
+//		printf("Allocated session priv pool on socket %d\n",
+//			socket_id);
+//}
 
 static void
 pool_init(struct socket_ctx *ctx, int32_t socket_id, uint32_t nb_mbuf)
@@ -2938,8 +2932,8 @@ main(int32_t argc, char **argv)
 
 		pool_init(&socket_ctx[socket_id], socket_id, nb_bufs_in_pool);
 		session_pool_init(&socket_ctx[socket_id], socket_id, sess_sz);
-		session_priv_pool_init(&socket_ctx[socket_id], socket_id,
-			sess_sz);
+//		session_priv_pool_init(&socket_ctx[socket_id], socket_id,
+//			sess_sz);
 	}
 	printf("Number of mbufs in packet pool %d\n", nb_bufs_in_pool);
 
diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 03d907cba8..a5921de11c 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -143,8 +143,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa,
 		ips->crypto.ses = rte_cryptodev_sym_session_create(
 				ipsec_ctx->session_pool);
 		rte_cryptodev_sym_session_init(ipsec_ctx->tbl[cdev_id_qp].id,
-				ips->crypto.ses, sa->xforms,
-				ipsec_ctx->session_priv_pool);
+				ips->crypto.ses, sa->xforms);
 
 		rte_cryptodev_info_get(ipsec_ctx->tbl[cdev_id_qp].id,
 				&cdev_info);
diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
index 8405c48171..673c64e8dc 100644
--- a/examples/ipsec-secgw/ipsec.h
+++ b/examples/ipsec-secgw/ipsec.h
@@ -243,7 +243,6 @@ struct socket_ctx {
 	struct rte_mempool *mbuf_pool;
 	struct rte_mempool *mbuf_pool_indir;
 	struct rte_mempool *session_pool;
-	struct rte_mempool *session_priv_pool;
 };
 
 struct cnt_blk {
diff --git a/examples/ipsec-secgw/ipsec_worker.c b/examples/ipsec-secgw/ipsec_worker.c
index c545497cee..04bcce49db 100644
--- a/examples/ipsec-secgw/ipsec_worker.c
+++ b/examples/ipsec-secgw/ipsec_worker.c
@@ -537,14 +537,10 @@ ipsec_wrkr_non_burst_int_port_app_mode(struct eh_event_link_info *links,
 	lconf.inbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_in;
 	lconf.inbound.sa_ctx = socket_ctx[socket_id].sa_in;
 	lconf.inbound.session_pool = socket_ctx[socket_id].session_pool;
-	lconf.inbound.session_priv_pool =
-			socket_ctx[socket_id].session_priv_pool;
 	lconf.outbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_out;
 	lconf.outbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_out;
 	lconf.outbound.sa_ctx = socket_ctx[socket_id].sa_out;
 	lconf.outbound.session_pool = socket_ctx[socket_id].session_pool;
-	lconf.outbound.session_priv_pool =
-			socket_ctx[socket_id].session_priv_pool;
 
 	RTE_LOG(INFO, IPSEC,
 		"Launching event mode worker (non-burst - Tx internal port - "
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index 66d1491bf7..bdc3da731c 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -188,7 +188,7 @@ struct l2fwd_crypto_params {
 	struct l2fwd_iv auth_iv;
 	struct l2fwd_iv aead_iv;
 	struct l2fwd_key aad;
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 
 	uint8_t do_cipher;
 	uint8_t do_hash;
@@ -229,7 +229,6 @@ struct rte_mempool *l2fwd_pktmbuf_pool;
 struct rte_mempool *l2fwd_crypto_op_pool;
 static struct {
 	struct rte_mempool *sess_mp;
-	struct rte_mempool *priv_mp;
 } session_pool_socket[RTE_MAX_NUMA_NODES];
 
 /* Per-port statistics struct */
@@ -671,11 +670,11 @@ generate_random_key(uint8_t *key, unsigned length)
 }
 
 /* Session is created and is later attached to the crypto operation. 8< */
-static struct rte_cryptodev_sym_session *
+static void *
 initialize_crypto_session(struct l2fwd_crypto_options *options, uint8_t cdev_id)
 {
 	struct rte_crypto_sym_xform *first_xform;
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 	int retval = rte_cryptodev_socket_id(cdev_id);
 
 	if (retval < 0)
@@ -703,8 +702,7 @@ initialize_crypto_session(struct l2fwd_crypto_options *options, uint8_t cdev_id)
 		return NULL;
 
 	if (rte_cryptodev_sym_session_init(cdev_id, session,
-				first_xform,
-				session_pool_socket[socket_id].priv_mp) < 0)
+				first_xform) < 0)
 		return NULL;
 
 	return session;
@@ -730,7 +728,7 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
 			US_PER_S * BURST_TX_DRAIN_US;
 	struct l2fwd_crypto_params *cparams;
 	struct l2fwd_crypto_params port_cparams[qconf->nb_crypto_devs];
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 
 	if (qconf->nb_rx_ports == 0) {
 		RTE_LOG(INFO, L2FWD, "lcore %u has nothing to do\n", lcore_id);
@@ -2388,30 +2386,6 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,
 		} else
 			sessions_needed = enabled_cdev_count;
 
-		if (session_pool_socket[socket_id].priv_mp == NULL) {
-			char mp_name[RTE_MEMPOOL_NAMESIZE];
-
-			snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
-				"priv_sess_mp_%u", socket_id);
-
-			session_pool_socket[socket_id].priv_mp =
-					rte_mempool_create(mp_name,
-						sessions_needed,
-						max_sess_sz,
-						0, 0, NULL, NULL, NULL,
-						NULL, socket_id,
-						0);
-
-			if (session_pool_socket[socket_id].priv_mp == NULL) {
-				printf("Cannot create pool on socket %d\n",
-					socket_id);
-				return -ENOMEM;
-			}
-
-			printf("Allocated pool \"%s\" on socket %d\n",
-				mp_name, socket_id);
-		}
-
 		if (session_pool_socket[socket_id].sess_mp == NULL) {
 			char mp_name[RTE_MEMPOOL_NAMESIZE];
 			snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
@@ -2421,7 +2395,8 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,
 					rte_cryptodev_sym_session_pool_create(
 							mp_name,
 							sessions_needed,
-							0, 0, 0, socket_id);
+							max_sess_sz,
+							0, 0, socket_id);
 
 			if (session_pool_socket[socket_id].sess_mp == NULL) {
 				printf("Cannot create pool on socket %d\n",
@@ -2573,8 +2548,6 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,
 
 		qp_conf.nb_descriptors = 2048;
 		qp_conf.mp_session = session_pool_socket[socket_id].sess_mp;
-		qp_conf.mp_session_private =
-				session_pool_socket[socket_id].priv_mp;
 
 		retval = rte_cryptodev_queue_pair_setup(cdev_id, 0, &qp_conf,
 				socket_id);
diff --git a/examples/vhost_crypto/main.c b/examples/vhost_crypto/main.c
index dea7dcbd07..cbb97aaf76 100644
--- a/examples/vhost_crypto/main.c
+++ b/examples/vhost_crypto/main.c
@@ -46,7 +46,6 @@ struct vhost_crypto_info {
 	int vids[MAX_NB_SOCKETS];
 	uint32_t nb_vids;
 	struct rte_mempool *sess_pool;
-	struct rte_mempool *sess_priv_pool;
 	struct rte_mempool *cop_pool;
 	uint8_t cid;
 	uint32_t qid;
@@ -304,7 +303,6 @@ new_device(int vid)
 	}
 
 	ret = rte_vhost_crypto_create(vid, info->cid, info->sess_pool,
-			info->sess_priv_pool,
 			rte_lcore_to_socket_id(options.los[i].lcore_id));
 	if (ret) {
 		RTE_LOG(ERR, USER1, "Cannot create vhost crypto\n");
@@ -458,7 +456,6 @@ free_resource(void)
 
 		rte_mempool_free(info->cop_pool);
 		rte_mempool_free(info->sess_pool);
-		rte_mempool_free(info->sess_priv_pool);
 
 		for (j = 0; j < lo->nb_sockets; j++) {
 			rte_vhost_driver_unregister(lo->socket_files[i]);
@@ -544,16 +541,12 @@ main(int argc, char *argv[])
 
 		snprintf(name, 127, "SESS_POOL_%u", lo->lcore_id);
 		info->sess_pool = rte_cryptodev_sym_session_pool_create(name,
-				SESSION_MAP_ENTRIES, 0, 0, 0,
-				rte_lcore_to_socket_id(lo->lcore_id));
-
-		snprintf(name, 127, "SESS_POOL_PRIV_%u", lo->lcore_id);
-		info->sess_priv_pool = rte_mempool_create(name,
 				SESSION_MAP_ENTRIES,
 				rte_cryptodev_sym_get_private_session_size(
-				info->cid), 64, 0, NULL, NULL, NULL, NULL,
-				rte_lcore_to_socket_id(lo->lcore_id), 0);
-		if (!info->sess_priv_pool || !info->sess_pool) {
+					info->cid), 0, 0,
+				rte_lcore_to_socket_id(lo->lcore_id));
+
+		if (!info->sess_pool) {
 			RTE_LOG(ERR, USER1, "Failed to create mempool");
 			goto error_exit;
 		}
@@ -574,7 +567,6 @@ main(int argc, char *argv[])
 
 		qp_conf.nb_descriptors = NB_CRYPTO_DESCRIPTORS;
 		qp_conf.mp_session = info->sess_pool;
-		qp_conf.mp_session_private = info->sess_priv_pool;
 
 		for (j = 0; j < dev_info.max_nb_queue_pairs; j++) {
 			ret = rte_cryptodev_queue_pair_setup(info->cid, j,
diff --git a/lib/cryptodev/cryptodev_pmd.h b/lib/cryptodev/cryptodev_pmd.h
index ae3aac59ae..d758b3b85d 100644
--- a/lib/cryptodev/cryptodev_pmd.h
+++ b/lib/cryptodev/cryptodev_pmd.h
@@ -242,7 +242,6 @@ typedef unsigned int (*cryptodev_asym_get_session_private_size_t)(
  * @param	dev		Crypto device pointer
  * @param	xform		Single or chain of crypto xforms
  * @param	session		Pointer to cryptodev's private session structure
- * @param	mp		Mempool where the private session is allocated
  *
  * @return
  *  - Returns 0 if private session structure have been created successfully.
@@ -251,9 +250,7 @@ typedef unsigned int (*cryptodev_asym_get_session_private_size_t)(
  *  - Returns -ENOMEM if the private session could not be allocated.
  */
 typedef int (*cryptodev_sym_configure_session_t)(struct rte_cryptodev *dev,
-		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *session,
-		struct rte_mempool *mp);
+		struct rte_crypto_sym_xform *xform, void *session);
 /**
  * Configure a Crypto asymmetric session on a device.
  *
@@ -279,7 +276,7 @@ typedef int (*cryptodev_asym_configure_session_t)(struct rte_cryptodev *dev,
  * @param	sess		Cryptodev session structure
  */
 typedef void (*cryptodev_sym_free_session_t)(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess);
+		void *sess);
 /**
  * Free asymmetric session private data.
  *
diff --git a/lib/cryptodev/rte_crypto.h b/lib/cryptodev/rte_crypto.h
index a864f5036f..200617f623 100644
--- a/lib/cryptodev/rte_crypto.h
+++ b/lib/cryptodev/rte_crypto.h
@@ -420,7 +420,7 @@ rte_crypto_op_sym_xforms_alloc(struct rte_crypto_op *op, uint8_t nb_xforms)
  */
 static inline int
 rte_crypto_op_attach_sym_session(struct rte_crypto_op *op,
-		struct rte_cryptodev_sym_session *sess)
+		void *sess)
 {
 	if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))
 		return -1;
diff --git a/lib/cryptodev/rte_crypto_sym.h b/lib/cryptodev/rte_crypto_sym.h
index 58c0724743..848da1942c 100644
--- a/lib/cryptodev/rte_crypto_sym.h
+++ b/lib/cryptodev/rte_crypto_sym.h
@@ -932,7 +932,7 @@ __rte_crypto_sym_op_sym_xforms_alloc(struct rte_crypto_sym_op *sym_op,
  */
 static inline int
 __rte_crypto_sym_op_attach_sym_session(struct rte_crypto_sym_op *sym_op,
-		struct rte_cryptodev_sym_session *sess)
+		void *sess)
 {
 	sym_op->session = sess;
 
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index 9fa3aff1d3..a31cae202a 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -199,6 +199,8 @@ struct rte_cryptodev_sym_session_pool_private_data {
 	/**< number of elements in sess_data array */
 	uint16_t user_data_sz;
 	/**< session user data will be placed after sess_data */
+	uint16_t sess_priv_sz;
+	/**< session user data will be placed after sess_data */
 };
 
 int
@@ -1223,8 +1225,7 @@ rte_cryptodev_queue_pair_setup(uint8_t dev_id, uint16_t queue_pair_id,
 		return -EINVAL;
 	}
 
-	if ((qp_conf->mp_session && !qp_conf->mp_session_private) ||
-			(!qp_conf->mp_session && qp_conf->mp_session_private)) {
+	if (!qp_conf->mp_session) {
 		CDEV_LOG_ERR("Invalid mempools\n");
 		return -EINVAL;
 	}
@@ -1232,7 +1233,6 @@ rte_cryptodev_queue_pair_setup(uint8_t dev_id, uint16_t queue_pair_id,
 	if (qp_conf->mp_session) {
 		struct rte_cryptodev_sym_session_pool_private_data *pool_priv;
 		uint32_t obj_size = qp_conf->mp_session->elt_size;
-		uint32_t obj_priv_size = qp_conf->mp_session_private->elt_size;
 		struct rte_cryptodev_sym_session s = {0};
 
 		pool_priv = rte_mempool_get_priv(qp_conf->mp_session);
@@ -1244,11 +1244,11 @@ rte_cryptodev_queue_pair_setup(uint8_t dev_id, uint16_t queue_pair_id,
 
 		s.nb_drivers = pool_priv->nb_drivers;
 		s.user_data_sz = pool_priv->user_data_sz;
+		s.priv_sz = pool_priv->sess_priv_sz;
 
-		if ((rte_cryptodev_sym_get_existing_header_session_size(&s) >
-			obj_size) || (s.nb_drivers <= dev->driver_id) ||
-			rte_cryptodev_sym_get_private_session_size(dev_id) >
-				obj_priv_size) {
+		if (((rte_cryptodev_sym_get_existing_header_session_size(&s) +
+				(s.nb_drivers * s.priv_sz)) > obj_size) ||
+				(s.nb_drivers <= dev->driver_id)) {
 			CDEV_LOG_ERR("Invalid mempool\n");
 			return -EINVAL;
 		}
@@ -1710,11 +1710,11 @@ rte_cryptodev_pmd_callback_process(struct rte_cryptodev *dev,
 
 int
 rte_cryptodev_sym_session_init(uint8_t dev_id,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_crypto_sym_xform *xforms,
-		struct rte_mempool *mp)
+		void *sess_opaque,
+		struct rte_crypto_sym_xform *xforms)
 {
 	struct rte_cryptodev *dev;
+	struct rte_cryptodev_sym_session *sess = sess_opaque;
 	uint32_t sess_priv_sz = rte_cryptodev_sym_get_private_session_size(
 			dev_id);
 	uint8_t index;
@@ -1727,10 +1727,10 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
 
 	dev = rte_cryptodev_pmd_get_dev(dev_id);
 
-	if (sess == NULL || xforms == NULL || dev == NULL || mp == NULL)
+	if (sess == NULL || xforms == NULL || dev == NULL)
 		return -EINVAL;
 
-	if (mp->elt_size < sess_priv_sz)
+	if (sess->priv_sz < sess_priv_sz)
 		return -EINVAL;
 
 	index = dev->driver_id;
@@ -1740,8 +1740,11 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
 	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->sym_session_configure, -ENOTSUP);
 
 	if (sess->sess_data[index].refcnt == 0) {
+		sess->sess_data[index].data = (void *)((uint8_t *)sess +
+				rte_cryptodev_sym_get_header_session_size() +
+				(index * sess->priv_sz));
 		ret = dev->dev_ops->sym_session_configure(dev, xforms,
-							sess, mp);
+				sess->sess_data[index].data);
 		if (ret < 0) {
 			CDEV_LOG_ERR(
 				"dev_id %d failed to configure session details",
@@ -1750,7 +1753,7 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
 		}
 	}
 
-	rte_cryptodev_trace_sym_session_init(dev_id, sess, xforms, mp);
+	rte_cryptodev_trace_sym_session_init(dev_id, sess, xforms);
 	sess->sess_data[index].refcnt++;
 	return 0;
 }
@@ -1795,6 +1798,21 @@ rte_cryptodev_asym_session_init(uint8_t dev_id,
 	rte_cryptodev_trace_asym_session_init(dev_id, sess, xforms, mp);
 	return 0;
 }
+static size_t
+get_max_sym_sess_priv_sz(void)
+{
+	size_t max_sz, sz;
+	int16_t cdev_id, n;
+
+	max_sz = 0;
+	n =  rte_cryptodev_count();
+	for (cdev_id = 0; cdev_id != n; cdev_id++) {
+		sz = rte_cryptodev_sym_get_private_session_size(cdev_id);
+		if (sz > max_sz)
+			max_sz = sz;
+	}
+	return max_sz;
+}
 
 struct rte_mempool *
 rte_cryptodev_sym_session_pool_create(const char *name, uint32_t nb_elts,
@@ -1804,15 +1822,15 @@ rte_cryptodev_sym_session_pool_create(const char *name, uint32_t nb_elts,
 	struct rte_mempool *mp;
 	struct rte_cryptodev_sym_session_pool_private_data *pool_priv;
 	uint32_t obj_sz;
+	uint32_t sess_priv_sz = get_max_sym_sess_priv_sz();
 
 	obj_sz = rte_cryptodev_sym_get_header_session_size() + user_data_size;
-	if (obj_sz > elt_size)
+	if (elt_size < obj_sz + (sess_priv_sz * nb_drivers)) {
 		CDEV_LOG_INFO("elt_size %u is expanded to %u\n", elt_size,
-				obj_sz);
-	else
-		obj_sz = elt_size;
-
-	mp = rte_mempool_create(name, nb_elts, obj_sz, cache_size,
+				obj_sz + (sess_priv_sz * nb_drivers));
+		elt_size = obj_sz + (sess_priv_sz * nb_drivers);
+	}
+	mp = rte_mempool_create(name, nb_elts, elt_size, cache_size,
 			(uint32_t)(sizeof(*pool_priv)),
 			NULL, NULL, NULL, NULL,
 			socket_id, 0);
@@ -1832,6 +1850,7 @@ rte_cryptodev_sym_session_pool_create(const char *name, uint32_t nb_elts,
 
 	pool_priv->nb_drivers = nb_drivers;
 	pool_priv->user_data_sz = user_data_size;
+	pool_priv->sess_priv_sz = sess_priv_sz;
 
 	rte_cryptodev_trace_sym_session_pool_create(name, nb_elts,
 		elt_size, cache_size, user_data_size, mp);
@@ -1865,7 +1884,7 @@ rte_cryptodev_sym_is_valid_session_pool(struct rte_mempool *mp)
 	return 1;
 }
 
-struct rte_cryptodev_sym_session *
+void *
 rte_cryptodev_sym_session_create(struct rte_mempool *mp)
 {
 	struct rte_cryptodev_sym_session *sess;
@@ -1886,6 +1905,7 @@ rte_cryptodev_sym_session_create(struct rte_mempool *mp)
 
 	sess->nb_drivers = pool_priv->nb_drivers;
 	sess->user_data_sz = pool_priv->user_data_sz;
+	sess->priv_sz = pool_priv->sess_priv_sz;
 	sess->opaque_data = 0;
 
 	/* Clear device session pointer.
@@ -1895,7 +1915,7 @@ rte_cryptodev_sym_session_create(struct rte_mempool *mp)
 			rte_cryptodev_sym_session_data_size(sess));
 
 	rte_cryptodev_trace_sym_session_create(mp, sess);
-	return sess;
+	return (void *)sess;
 }
 
 struct rte_cryptodev_asym_session *
@@ -1933,9 +1953,9 @@ rte_cryptodev_asym_session_create(struct rte_mempool *mp)
 }
 
 int
-rte_cryptodev_sym_session_clear(uint8_t dev_id,
-		struct rte_cryptodev_sym_session *sess)
+rte_cryptodev_sym_session_clear(uint8_t dev_id, void *s)
 {
+	struct rte_cryptodev_sym_session *sess = s;
 	struct rte_cryptodev *dev;
 	uint8_t driver_id;
 
@@ -1957,7 +1977,7 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id,
 
 	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->sym_session_clear, -ENOTSUP);
 
-	dev->dev_ops->sym_session_clear(dev, sess);
+	dev->dev_ops->sym_session_clear(dev, sess->sess_data[driver_id].data);
 
 	rte_cryptodev_trace_sym_session_clear(dev_id, sess);
 	return 0;
@@ -1988,10 +2008,11 @@ rte_cryptodev_asym_session_clear(uint8_t dev_id,
 }
 
 int
-rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess)
+rte_cryptodev_sym_session_free(void *s)
 {
 	uint8_t i;
 	struct rte_mempool *sess_mp;
+	struct rte_cryptodev_sym_session *sess = s;
 
 	if (sess == NULL)
 		return -EINVAL;
diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
index bb01f0f195..25af6fa7b9 100644
--- a/lib/cryptodev/rte_cryptodev.h
+++ b/lib/cryptodev/rte_cryptodev.h
@@ -537,8 +537,6 @@ struct rte_cryptodev_qp_conf {
 	uint32_t nb_descriptors; /**< Number of descriptors per queue pair */
 	struct rte_mempool *mp_session;
 	/**< The mempool for creating session in sessionless mode */
-	struct rte_mempool *mp_session_private;
-	/**< The mempool for creating sess private data in sessionless mode */
 };
 
 /**
@@ -1126,6 +1124,8 @@ struct rte_cryptodev_sym_session {
 	/**< number of elements in sess_data array */
 	uint16_t user_data_sz;
 	/**< session user data will be placed after sess_data */
+	uint16_t priv_sz;
+	/**< Maximum private session data size which each driver can use */
 	__extension__ struct {
 		void *data;
 		uint16_t refcnt;
@@ -1177,10 +1177,10 @@ rte_cryptodev_sym_session_pool_create(const char *name, uint32_t nb_elts,
  * @param   mempool    Symmetric session mempool to allocate session
  *                     objects from
  * @return
- *  - On success return pointer to sym-session
+ *  - On success return opaque pointer to sym-session
  *  - On failure returns NULL
  */
-struct rte_cryptodev_sym_session *
+void *
 rte_cryptodev_sym_session_create(struct rte_mempool *mempool);
 
 /**
@@ -1209,7 +1209,7 @@ rte_cryptodev_asym_session_create(struct rte_mempool *mempool);
  *  - -EBUSY if not all device private data has been freed.
  */
 int
-rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess);
+rte_cryptodev_sym_session_free(void *sess);
 
 /**
  * Frees asymmetric crypto session header, after checking that all
@@ -1229,25 +1229,23 @@ rte_cryptodev_asym_session_free(struct rte_cryptodev_asym_session *sess);
 
 /**
  * Fill out private data for the device id, based on its device type.
+ * Memory for private data is already allocated in sess, driver need
+ * to fill the content.
  *
  * @param   dev_id   ID of device that we want the session to be used on
  * @param   sess     Session where the private data will be attached to
  * @param   xforms   Symmetric crypto transform operations to apply on flow
  *                   processed with this session
- * @param   mempool  Mempool where the private data is allocated.
  *
  * @return
  *  - On success, zero.
  *  - -EINVAL if input parameters are invalid.
  *  - -ENOTSUP if crypto device does not support the crypto transform or
  *    does not support symmetric operations.
- *  - -ENOMEM if the private session could not be allocated.
  */
 int
-rte_cryptodev_sym_session_init(uint8_t dev_id,
-			struct rte_cryptodev_sym_session *sess,
-			struct rte_crypto_sym_xform *xforms,
-			struct rte_mempool *mempool);
+rte_cryptodev_sym_session_init(uint8_t dev_id, void *sess,
+			struct rte_crypto_sym_xform *xforms);
 
 /**
  * Initialize asymmetric session on a device with specific asymmetric xform
@@ -1286,8 +1284,7 @@ rte_cryptodev_asym_session_init(uint8_t dev_id,
  *  - -ENOTSUP if crypto device does not support symmetric operations.
  */
 int
-rte_cryptodev_sym_session_clear(uint8_t dev_id,
-			struct rte_cryptodev_sym_session *sess);
+rte_cryptodev_sym_session_clear(uint8_t dev_id, void *sess);
 
 /**
  * Frees resources held by asymmetric session during rte_cryptodev_session_init
diff --git a/lib/cryptodev/rte_cryptodev_trace.h b/lib/cryptodev/rte_cryptodev_trace.h
index d1f4f069a3..44da04c425 100644
--- a/lib/cryptodev/rte_cryptodev_trace.h
+++ b/lib/cryptodev/rte_cryptodev_trace.h
@@ -56,7 +56,6 @@ RTE_TRACE_POINT(
 	rte_trace_point_emit_u16(queue_pair_id);
 	rte_trace_point_emit_u32(conf->nb_descriptors);
 	rte_trace_point_emit_ptr(conf->mp_session);
-	rte_trace_point_emit_ptr(conf->mp_session_private);
 )
 
 RTE_TRACE_POINT(
@@ -106,15 +105,13 @@ RTE_TRACE_POINT(
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_init,
 	RTE_TRACE_POINT_ARGS(uint8_t dev_id,
-		struct rte_cryptodev_sym_session *sess, void *xforms,
-		void *mempool),
+		struct rte_cryptodev_sym_session *sess, void *xforms),
 	rte_trace_point_emit_u8(dev_id);
 	rte_trace_point_emit_ptr(sess);
 	rte_trace_point_emit_u64(sess->opaque_data);
 	rte_trace_point_emit_u16(sess->nb_drivers);
 	rte_trace_point_emit_u16(sess->user_data_sz);
 	rte_trace_point_emit_ptr(xforms);
-	rte_trace_point_emit_ptr(mempool);
 )
 
 RTE_TRACE_POINT(
diff --git a/lib/pipeline/rte_table_action.c b/lib/pipeline/rte_table_action.c
index ad7904c0ee..efdba9c899 100644
--- a/lib/pipeline/rte_table_action.c
+++ b/lib/pipeline/rte_table_action.c
@@ -1719,7 +1719,7 @@ struct sym_crypto_data {
 	uint16_t op_mask;
 
 	/** Session pointer. */
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 
 	/** Direction of crypto, encrypt or decrypt */
 	uint16_t direction;
@@ -1780,7 +1780,7 @@ sym_crypto_apply(struct sym_crypto_data *data,
 	const struct rte_crypto_auth_xform *auth_xform = NULL;
 	const struct rte_crypto_aead_xform *aead_xform = NULL;
 	struct rte_crypto_sym_xform *xform = p->xform;
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 	int ret;
 
 	memset(data, 0, sizeof(*data));
@@ -1905,7 +1905,7 @@ sym_crypto_apply(struct sym_crypto_data *data,
 		return -ENOMEM;
 
 	ret = rte_cryptodev_sym_session_init(cfg->cryptodev_id, session,
-			p->xform, cfg->mp_init);
+			p->xform);
 	if (ret < 0) {
 		rte_cryptodev_sym_session_free(session);
 		return ret;
@@ -2858,7 +2858,7 @@ rte_table_action_time_read(struct rte_table_action *action,
 	return 0;
 }
 
-struct rte_cryptodev_sym_session *
+void *
 rte_table_action_crypto_sym_session_get(struct rte_table_action *action,
 	void *data)
 {
diff --git a/lib/pipeline/rte_table_action.h b/lib/pipeline/rte_table_action.h
index 82bc9d9ac9..68db453a8b 100644
--- a/lib/pipeline/rte_table_action.h
+++ b/lib/pipeline/rte_table_action.h
@@ -1129,7 +1129,7 @@ rte_table_action_time_read(struct rte_table_action *action,
  *   The pointer to the session on success, NULL otherwise.
  */
 __rte_experimental
-struct rte_cryptodev_sym_session *
+void *
 rte_table_action_crypto_sym_session_get(struct rte_table_action *action,
 	void *data);
 
diff --git a/lib/vhost/rte_vhost_crypto.h b/lib/vhost/rte_vhost_crypto.h
index f54d731139..d9b7beed9c 100644
--- a/lib/vhost/rte_vhost_crypto.h
+++ b/lib/vhost/rte_vhost_crypto.h
@@ -50,8 +50,6 @@ rte_vhost_crypto_driver_start(const char *path);
  *  multiple Vhost-crypto devices.
  * @param sess_pool
  *  The pointer to the created cryptodev session pool.
- * @param sess_priv_pool
- *  The pointer to the created cryptodev session private data mempool.
  * @param socket_id
  *  NUMA Socket ID to allocate resources on. *
  * @return
@@ -61,7 +59,6 @@ rte_vhost_crypto_driver_start(const char *path);
 int
 rte_vhost_crypto_create(int vid, uint8_t cryptodev_id,
 		struct rte_mempool *sess_pool,
-		struct rte_mempool *sess_priv_pool,
 		int socket_id);
 
 /**
diff --git a/lib/vhost/vhost_crypto.c b/lib/vhost/vhost_crypto.c
index 926b5c0bd9..b4464c4253 100644
--- a/lib/vhost/vhost_crypto.c
+++ b/lib/vhost/vhost_crypto.c
@@ -338,7 +338,7 @@ vhost_crypto_create_sess(struct vhost_crypto *vcrypto,
 		VhostUserCryptoSessionParam *sess_param)
 {
 	struct rte_crypto_sym_xform xform1 = {0}, xform2 = {0};
-	struct rte_cryptodev_sym_session *session;
+	void *session;
 	int ret;
 
 	switch (sess_param->op_type) {
@@ -383,8 +383,7 @@ vhost_crypto_create_sess(struct vhost_crypto *vcrypto,
 		return;
 	}
 
-	if (rte_cryptodev_sym_session_init(vcrypto->cid, session, &xform1,
-			vcrypto->sess_priv_pool) < 0) {
+	if (rte_cryptodev_sym_session_init(vcrypto->cid, session, &xform1) < 0) {
 		VC_LOG_ERR("Failed to initialize session");
 		sess_param->session_id = -VIRTIO_CRYPTO_ERR;
 		return;
@@ -1425,7 +1424,6 @@ rte_vhost_crypto_driver_start(const char *path)
 int
 rte_vhost_crypto_create(int vid, uint8_t cryptodev_id,
 		struct rte_mempool *sess_pool,
-		struct rte_mempool *sess_priv_pool,
 		int socket_id)
 {
 	struct virtio_net *dev = get_device(vid);
@@ -1447,7 +1445,6 @@ rte_vhost_crypto_create(int vid, uint8_t cryptodev_id,
 	}
 
 	vcrypto->sess_pool = sess_pool;
-	vcrypto->sess_priv_pool = sess_priv_pool;
 	vcrypto->cid = cryptodev_id;
 	vcrypto->cache_session_id = UINT64_MAX;
 	vcrypto->last_session_id = 1;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [dpdk-dev] [PATCH 3/3] cryptodev: rework session framework
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 3/3] cryptodev: rework session framework Akhil Goyal
@ 2021-10-01 15:53   ` Zhang, Roy Fan
  2021-10-04 19:07     ` Akhil Goyal
  0 siblings, 1 reply; 49+ messages in thread
From: Zhang, Roy Fan @ 2021-10-01 15:53 UTC (permalink / raw)
  To: Akhil Goyal, dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj, De Lara Guarch,
	Pablo, Trahe, Fiona, Doherty, Declan, matan, g.singh,
	jianjay.zhou, asomalap, ruifeng.wang, Ananyev, Konstantin,
	Nicolau, Radu, ajit.khaparde, rnagadheeraj, adwivedi, Power,
	Ciara

Hi Akhil,

Your patch failed all QAT tests - maybe it will fail on all PMDs requiring to know the session's physical address (such as nitrox, caam).

The reason is QAT PMD driver cannot know the physical address of the session private data passed into it - as the private data is computed by 
rte_cryptodev_sym_session_init() from the start of the session (which has a mempool obj header with valid physical address) to the offset for that driver type. The session private data pointer - although is a valid buffer - does not have the obj header that contains the physical address.

I think the solution can be - instead of passing the session private data, the rte_cryptodev_sym_session pointer should be passed and a macro shall be provided to the drivers to manually compute the offset and then find the correct session private data from the session for itself.

Regards,
Fan

> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Thursday, September 30, 2021 3:50 PM
> To: dev@dpdk.org
> Cc: thomas@monjalon.net; david.marchand@redhat.com;
> hemant.agrawal@nxp.com; anoobj@marvell.com; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>; Trahe, Fiona <fiona.trahe@intel.com>;
> Doherty, Declan <declan.doherty@intel.com>; matan@nvidia.com;
> g.singh@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> jianjay.zhou@huawei.com; asomalap@amd.com; ruifeng.wang@arm.com;
> Ananyev, Konstantin <konstantin.ananyev@intel.com>; Nicolau, Radu
> <radu.nicolau@intel.com>; ajit.khaparde@broadcom.com;
> rnagadheeraj@marvell.com; adwivedi@marvell.com; Power, Ciara
> <ciara.power@intel.com>; Akhil Goyal <gakhil@marvell.com>
> Subject: [PATCH 3/3] cryptodev: rework session framework
> 
> As per current design, rte_cryptodev_sym_session_create() and
> rte_cryptodev_sym_session_init() use separate mempool objects
> for a single session.
> And structure rte_cryptodev_sym_session is not directly used
> by the application, it may cause ABI breakage if the structure
> is modified in future.
> 
> To address these two issues, the rte_cryptodev_sym_session_create
> will take one mempool object for both the session and session
> private data. The API rte_cryptodev_sym_session_init will now not
> take mempool object.
> rte_cryptodev_sym_session_create will now return an opaque session
> pointer which will be used by the app in rte_cryptodev_sym_session_init
> and other APIs.
> 
> With this change, rte_cryptodev_sym_session_init will send
> pointer to session private data of corresponding driver to the PMD
> based on the driver_id for filling the PMD data.
> 
> In data path, opaque session pointer is attached to rte_crypto_op
> and the PMD can call an internal library API to get the session
> private data pointer based on the driver id.
> 
> TODO:
> - inline APIs for opaque data
> - move rte_cryptodev_sym_session struct to cryptodev_pmd.h
> - currently nb_drivers are getting updated in RTE_INIT which
> result in increasing the memory requirements for session.
> This will be moved to PMD probe so that memory is created
> only for those PMDs which are probed and not just compiled in.
> 
> Signed-off-by: Akhil Goyal <gakhil@marvell.com>
> ---
>  app/test-crypto-perf/cperf.h                  |   1 -
>  app/test-crypto-perf/cperf_ops.c              |  33 ++---
>  app/test-crypto-perf/cperf_ops.h              |   6 +-
>  app/test-crypto-perf/cperf_test_latency.c     |   5 +-
>  app/test-crypto-perf/cperf_test_latency.h     |   1 -
>  .../cperf_test_pmd_cyclecount.c               |   5 +-
>  .../cperf_test_pmd_cyclecount.h               |   1 -
>  app/test-crypto-perf/cperf_test_throughput.c  |   5 +-
>  app/test-crypto-perf/cperf_test_throughput.h  |   1 -
>  app/test-crypto-perf/cperf_test_verify.c      |   5 +-
>  app/test-crypto-perf/cperf_test_verify.h      |   1 -
>  app/test-crypto-perf/main.c                   |  29 +---
>  app/test/test_cryptodev.c                     | 130 +++++-------------
>  app/test/test_cryptodev.h                     |   1 -
>  app/test/test_cryptodev_asym.c                |   1 -
>  app/test/test_cryptodev_blockcipher.c         |   6 +-
>  app/test/test_event_crypto_adapter.c          |  28 +---
>  app/test/test_ipsec.c                         |  22 +--
>  drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c  |  33 +----
>  .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  34 +----
>  drivers/crypto/armv8/rte_armv8_pmd_ops.c      |  34 +----
>  drivers/crypto/bcmfs/bcmfs_sym_session.c      |  36 +----
>  drivers/crypto/bcmfs/bcmfs_sym_session.h      |   6 +-
>  drivers/crypto/caam_jr/caam_jr.c              |  32 ++---
>  drivers/crypto/ccp/ccp_pmd_ops.c              |  32 +----
>  drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |  18 ++-
>  drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |  18 +--
>  drivers/crypto/cnxk/cnxk_cryptodev_ops.c      |  61 +++-----
>  drivers/crypto/cnxk/cnxk_cryptodev_ops.h      |  13 +-
>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  29 +---
>  drivers/crypto/dpaa_sec/dpaa_sec.c            |  31 +----
>  drivers/crypto/kasumi/rte_kasumi_pmd_ops.c    |  34 +----
>  drivers/crypto/mlx5/mlx5_crypto.c             |  24 +---
>  drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  36 ++---
>  drivers/crypto/nitrox/nitrox_sym.c            |  31 +----
>  drivers/crypto/null/null_crypto_pmd_ops.c     |  34 +----
>  .../crypto/octeontx/otx_cryptodev_hw_access.h |   1 -
>  drivers/crypto/octeontx/otx_cryptodev_ops.c   |  60 +++-----
>  drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  52 +++----
>  .../octeontx2/otx2_cryptodev_ops_helper.h     |  16 +--
>  drivers/crypto/openssl/rte_openssl_pmd_ops.c  |  35 +----
>  drivers/crypto/qat/qat_sym_session.c          |  29 +---
>  drivers/crypto/qat/qat_sym_session.h          |   6 +-
>  drivers/crypto/scheduler/scheduler_pmd_ops.c  |   9 +-
>  drivers/crypto/snow3g/rte_snow3g_pmd_ops.c    |  34 +----
>  drivers/crypto/virtio/virtio_cryptodev.c      |  31 ++---
>  drivers/crypto/zuc/rte_zuc_pmd_ops.c          |  35 +----
>  .../octeontx2/otx2_evdev_crypto_adptr_rx.h    |   3 +-
>  examples/fips_validation/fips_dev_self_test.c |  32 ++---
>  examples/fips_validation/main.c               |  20 +--
>  examples/ipsec-secgw/ipsec-secgw.c            |  72 +++++-----
>  examples/ipsec-secgw/ipsec.c                  |   3 +-
>  examples/ipsec-secgw/ipsec.h                  |   1 -
>  examples/ipsec-secgw/ipsec_worker.c           |   4 -
>  examples/l2fwd-crypto/main.c                  |  41 +-----
>  examples/vhost_crypto/main.c                  |  16 +--
>  lib/cryptodev/cryptodev_pmd.h                 |   7 +-
>  lib/cryptodev/rte_crypto.h                    |   2 +-
>  lib/cryptodev/rte_crypto_sym.h                |   2 +-
>  lib/cryptodev/rte_cryptodev.c                 |  73 ++++++----
>  lib/cryptodev/rte_cryptodev.h                 |  23 ++--
>  lib/cryptodev/rte_cryptodev_trace.h           |   5 +-
>  lib/pipeline/rte_table_action.c               |   8 +-
>  lib/pipeline/rte_table_action.h               |   2 +-
>  lib/vhost/rte_vhost_crypto.h                  |   3 -
>  lib/vhost/vhost_crypto.c                      |   7 +-
>  66 files changed, 399 insertions(+), 1050 deletions(-)
> 
> diff --git a/app/test-crypto-perf/cperf.h b/app/test-crypto-perf/cperf.h
> index 2b0aad095c..db58228dce 100644
> --- a/app/test-crypto-perf/cperf.h
> +++ b/app/test-crypto-perf/cperf.h
> @@ -15,7 +15,6 @@ struct cperf_op_fns;
> 
>  typedef void  *(*cperf_constructor_t)(
>  		struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id,
>  		uint16_t qp_id,
>  		const struct cperf_options *options,
> diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-
> perf/cperf_ops.c
> index 1b3cbe77b9..f094bc656d 100644
> --- a/app/test-crypto-perf/cperf_ops.c
> +++ b/app/test-crypto-perf/cperf_ops.c
> @@ -12,7 +12,7 @@ static int
>  cperf_set_ops_asym(struct rte_crypto_op **ops,
>  		   uint32_t src_buf_offset __rte_unused,
>  		   uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
> -		   struct rte_cryptodev_sym_session *sess,
> +		   void *sess,
>  		   const struct cperf_options *options __rte_unused,
>  		   const struct cperf_test_vector *test_vector __rte_unused,
>  		   uint16_t iv_offset __rte_unused,
> @@ -40,7 +40,7 @@ static int
>  cperf_set_ops_security(struct rte_crypto_op **ops,
>  		uint32_t src_buf_offset __rte_unused,
>  		uint32_t dst_buf_offset __rte_unused,
> -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> +		uint16_t nb_ops, void *sess,
>  		const struct cperf_options *options __rte_unused,
>  		const struct cperf_test_vector *test_vector __rte_unused,
>  		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
> @@ -106,7 +106,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
>  static int
>  cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
>  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> +		uint16_t nb_ops, void *sess,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector __rte_unused,
>  		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
> @@ -145,7 +145,7 @@ cperf_set_ops_null_cipher(struct rte_crypto_op
> **ops,
>  static int
>  cperf_set_ops_null_auth(struct rte_crypto_op **ops,
>  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> +		uint16_t nb_ops, void *sess,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector __rte_unused,
>  		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
> @@ -184,7 +184,7 @@ cperf_set_ops_null_auth(struct rte_crypto_op **ops,
>  static int
>  cperf_set_ops_cipher(struct rte_crypto_op **ops,
>  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> +		uint16_t nb_ops, void *sess,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
>  		uint16_t iv_offset, uint32_t *imix_idx)
> @@ -240,7 +240,7 @@ cperf_set_ops_cipher(struct rte_crypto_op **ops,
>  static int
>  cperf_set_ops_auth(struct rte_crypto_op **ops,
>  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> +		uint16_t nb_ops, void *sess,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
>  		uint16_t iv_offset, uint32_t *imix_idx)
> @@ -340,7 +340,7 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
>  static int
>  cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
>  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> +		uint16_t nb_ops, void *sess,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
>  		uint16_t iv_offset, uint32_t *imix_idx)
> @@ -455,7 +455,7 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op
> **ops,
>  static int
>  cperf_set_ops_aead(struct rte_crypto_op **ops,
>  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> +		uint16_t nb_ops, void *sess,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
>  		uint16_t iv_offset, uint32_t *imix_idx)
> @@ -563,9 +563,8 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
>  	return 0;
>  }
> 
> -static struct rte_cryptodev_sym_session *
> +static void *
>  cperf_create_session(struct rte_mempool *sess_mp,
> -	struct rte_mempool *priv_mp,
>  	uint8_t dev_id,
>  	const struct cperf_options *options,
>  	const struct cperf_test_vector *test_vector,
> @@ -590,7 +589,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
>  		if (sess == NULL)
>  			return NULL;
>  		rc = rte_cryptodev_asym_session_init(dev_id, (void *)sess,
> -						     &xform, priv_mp);
> +						     &xform, sess_mp);
>  		if (rc < 0) {
>  			if (sess != NULL) {
>  				rte_cryptodev_asym_session_clear(dev_id,
> @@ -742,8 +741,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
>  			cipher_xform.cipher.iv.length = 0;
>  		}
>  		/* create crypto session */
> -		rte_cryptodev_sym_session_init(dev_id, sess,
> &cipher_xform,
> -				priv_mp);
> +		rte_cryptodev_sym_session_init(dev_id, sess,
> &cipher_xform);
>  	/*
>  	 *  auth only
>  	 */
> @@ -770,8 +768,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
>  			auth_xform.auth.iv.length = 0;
>  		}
>  		/* create crypto session */
> -		rte_cryptodev_sym_session_init(dev_id, sess, &auth_xform,
> -				priv_mp);
> +		rte_cryptodev_sym_session_init(dev_id, sess,
> &auth_xform);
>  	/*
>  	 * cipher and auth
>  	 */
> @@ -830,12 +827,12 @@ cperf_create_session(struct rte_mempool
> *sess_mp,
>  			cipher_xform.next = &auth_xform;
>  			/* create crypto session */
>  			rte_cryptodev_sym_session_init(dev_id,
> -					sess, &cipher_xform, priv_mp);
> +					sess, &cipher_xform);
>  		} else { /* auth then cipher */
>  			auth_xform.next = &cipher_xform;
>  			/* create crypto session */
>  			rte_cryptodev_sym_session_init(dev_id,
> -					sess, &auth_xform, priv_mp);
> +					sess, &auth_xform);
>  		}
>  	} else { /* options->op_type == CPERF_AEAD */
>  		aead_xform.type = RTE_CRYPTO_SYM_XFORM_AEAD;
> @@ -856,7 +853,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
> 
>  		/* Create crypto session */
>  		rte_cryptodev_sym_session_init(dev_id,
> -					sess, &aead_xform, priv_mp);
> +					sess, &aead_xform);
>  	}
> 
>  	return sess;
> diff --git a/app/test-crypto-perf/cperf_ops.h b/app/test-crypto-
> perf/cperf_ops.h
> index ff125d12cd..3ff10491a0 100644
> --- a/app/test-crypto-perf/cperf_ops.h
> +++ b/app/test-crypto-perf/cperf_ops.h
> @@ -12,15 +12,15 @@
>  #include "cperf_test_vectors.h"
> 
> 
> -typedef struct rte_cryptodev_sym_session *(*cperf_sessions_create_t)(
> -		struct rte_mempool *sess_mp, struct rte_mempool
> *sess_priv_mp,
> +typedef void *(*cperf_sessions_create_t)(
> +		struct rte_mempool *sess_mp,
>  		uint8_t dev_id, const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
>  		uint16_t iv_offset);
> 
>  typedef int (*cperf_populate_ops_t)(struct rte_crypto_op **ops,
>  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> +		uint16_t nb_ops, void *sess,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
>  		uint16_t iv_offset, uint32_t *imix_idx);
> diff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-
> perf/cperf_test_latency.c
> index 159fe8492b..4193f7e777 100644
> --- a/app/test-crypto-perf/cperf_test_latency.c
> +++ b/app/test-crypto-perf/cperf_test_latency.c
> @@ -24,7 +24,7 @@ struct cperf_latency_ctx {
> 
>  	struct rte_mempool *pool;
> 
> -	struct rte_cryptodev_sym_session *sess;
> +	void *sess;
> 
>  	cperf_populate_ops_t populate_ops;
> 
> @@ -59,7 +59,6 @@ cperf_latency_test_free(struct cperf_latency_ctx *ctx)
> 
>  void *
>  cperf_latency_test_constructor(struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id, uint16_t qp_id,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
> @@ -84,7 +83,7 @@ cperf_latency_test_constructor(struct rte_mempool
> *sess_mp,
>  		sizeof(struct rte_crypto_sym_op) +
>  		sizeof(struct cperf_op_result *);
> 
> -	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id,
> options,
> +	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
>  			test_vector, iv_offset);
>  	if (ctx->sess == NULL)
>  		goto err;
> diff --git a/app/test-crypto-perf/cperf_test_latency.h b/app/test-crypto-
> perf/cperf_test_latency.h
> index ed5b0a07bb..d3fc3218d7 100644
> --- a/app/test-crypto-perf/cperf_test_latency.h
> +++ b/app/test-crypto-perf/cperf_test_latency.h
> @@ -17,7 +17,6 @@
>  void *
>  cperf_latency_test_constructor(
>  		struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id,
>  		uint16_t qp_id,
>  		const struct cperf_options *options,
> diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-
> crypto-perf/cperf_test_pmd_cyclecount.c
> index cbbbedd9ba..3dd489376f 100644
> --- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
> +++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
> @@ -27,7 +27,7 @@ struct cperf_pmd_cyclecount_ctx {
>  	struct rte_crypto_op **ops;
>  	struct rte_crypto_op **ops_processed;
> 
> -	struct rte_cryptodev_sym_session *sess;
> +	void *sess;
> 
>  	cperf_populate_ops_t populate_ops;
> 
> @@ -93,7 +93,6 @@ cperf_pmd_cyclecount_test_free(struct
> cperf_pmd_cyclecount_ctx *ctx)
> 
>  void *
>  cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id, uint16_t qp_id,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
> @@ -120,7 +119,7 @@ cperf_pmd_cyclecount_test_constructor(struct
> rte_mempool *sess_mp,
>  	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
>  			sizeof(struct rte_crypto_sym_op);
> 
> -	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id,
> options,
> +	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
>  			test_vector, iv_offset);
>  	if (ctx->sess == NULL)
>  		goto err;
> diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h b/app/test-
> crypto-perf/cperf_test_pmd_cyclecount.h
> index 3084038a18..beb4419910 100644
> --- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
> +++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
> @@ -18,7 +18,6 @@
>  void *
>  cperf_pmd_cyclecount_test_constructor(
>  		struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id,
>  		uint16_t qp_id,
>  		const struct cperf_options *options,
> diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-
> perf/cperf_test_throughput.c
> index 76fcda47ff..dc5c48b4da 100644
> --- a/app/test-crypto-perf/cperf_test_throughput.c
> +++ b/app/test-crypto-perf/cperf_test_throughput.c
> @@ -18,7 +18,7 @@ struct cperf_throughput_ctx {
> 
>  	struct rte_mempool *pool;
> 
> -	struct rte_cryptodev_sym_session *sess;
> +	void *sess;
> 
>  	cperf_populate_ops_t populate_ops;
> 
> @@ -64,7 +64,6 @@ cperf_throughput_test_free(struct
> cperf_throughput_ctx *ctx)
> 
>  void *
>  cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id, uint16_t qp_id,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
> @@ -87,7 +86,7 @@ cperf_throughput_test_constructor(struct
> rte_mempool *sess_mp,
>  	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
>  		sizeof(struct rte_crypto_sym_op);
> 
> -	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id,
> options,
> +	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
>  			test_vector, iv_offset);
>  	if (ctx->sess == NULL)
>  		goto err;
> diff --git a/app/test-crypto-perf/cperf_test_throughput.h b/app/test-
> crypto-perf/cperf_test_throughput.h
> index 91e1a4b708..439ec8e559 100644
> --- a/app/test-crypto-perf/cperf_test_throughput.h
> +++ b/app/test-crypto-perf/cperf_test_throughput.h
> @@ -18,7 +18,6 @@
>  void *
>  cperf_throughput_test_constructor(
>  		struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id,
>  		uint16_t qp_id,
>  		const struct cperf_options *options,
> diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-
> perf/cperf_test_verify.c
> index 2939aeaa93..cf561dd700 100644
> --- a/app/test-crypto-perf/cperf_test_verify.c
> +++ b/app/test-crypto-perf/cperf_test_verify.c
> @@ -18,7 +18,7 @@ struct cperf_verify_ctx {
> 
>  	struct rte_mempool *pool;
> 
> -	struct rte_cryptodev_sym_session *sess;
> +	void *sess;
> 
>  	cperf_populate_ops_t populate_ops;
> 
> @@ -51,7 +51,6 @@ cperf_verify_test_free(struct cperf_verify_ctx *ctx)
> 
>  void *
>  cperf_verify_test_constructor(struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id, uint16_t qp_id,
>  		const struct cperf_options *options,
>  		const struct cperf_test_vector *test_vector,
> @@ -74,7 +73,7 @@ cperf_verify_test_constructor(struct rte_mempool
> *sess_mp,
>  	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
>  		sizeof(struct rte_crypto_sym_op);
> 
> -	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id,
> options,
> +	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
>  			test_vector, iv_offset);
>  	if (ctx->sess == NULL)
>  		goto err;
> diff --git a/app/test-crypto-perf/cperf_test_verify.h b/app/test-crypto-
> perf/cperf_test_verify.h
> index ac2192ba99..9f70ad87ba 100644
> --- a/app/test-crypto-perf/cperf_test_verify.h
> +++ b/app/test-crypto-perf/cperf_test_verify.h
> @@ -18,7 +18,6 @@
>  void *
>  cperf_verify_test_constructor(
>  		struct rte_mempool *sess_mp,
> -		struct rte_mempool *sess_priv_mp,
>  		uint8_t dev_id,
>  		uint16_t qp_id,
>  		const struct cperf_options *options,
> diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c
> index 390380898e..c3327b7e55 100644
> --- a/app/test-crypto-perf/main.c
> +++ b/app/test-crypto-perf/main.c
> @@ -118,35 +118,14 @@ fill_session_pool_socket(int32_t socket_id,
> uint32_t session_priv_size,
>  	char mp_name[RTE_MEMPOOL_NAMESIZE];
>  	struct rte_mempool *sess_mp;
> 
> -	if (session_pool_socket[socket_id].priv_mp == NULL) {
> -		snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> -			"priv_sess_mp_%u", socket_id);
> -
> -		sess_mp = rte_mempool_create(mp_name,
> -					nb_sessions,
> -					session_priv_size,
> -					0, 0, NULL, NULL, NULL,
> -					NULL, socket_id,
> -					0);
> -
> -		if (sess_mp == NULL) {
> -			printf("Cannot create pool \"%s\" on socket %d\n",
> -				mp_name, socket_id);
> -			return -ENOMEM;
> -		}
> -
> -		printf("Allocated pool \"%s\" on socket %d\n",
> -			mp_name, socket_id);
> -		session_pool_socket[socket_id].priv_mp = sess_mp;
> -	}
> -
>  	if (session_pool_socket[socket_id].sess_mp == NULL) {
> 
>  		snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
>  			"sess_mp_%u", socket_id);
> 
>  		sess_mp =
> rte_cryptodev_sym_session_pool_create(mp_name,
> -					nb_sessions, 0, 0, 0, socket_id);
> +					nb_sessions, session_priv_size,
> +					0, 0, socket_id);
> 
>  		if (sess_mp == NULL) {
>  			printf("Cannot create pool \"%s\" on socket %d\n",
> @@ -344,12 +323,9 @@ cperf_initialize_cryptodev(struct cperf_options
> *opts, uint8_t *enabled_cdevs)
>  			return ret;
> 
>  		qp_conf.mp_session =
> session_pool_socket[socket_id].sess_mp;
> -		qp_conf.mp_session_private =
> -				session_pool_socket[socket_id].priv_mp;
> 
>  		if (opts->op_type == CPERF_ASYM_MODEX) {
>  			qp_conf.mp_session = NULL;
> -			qp_conf.mp_session_private = NULL;
>  		}
> 
>  		ret = rte_cryptodev_configure(cdev_id, &conf);
> @@ -704,7 +680,6 @@ main(int argc, char **argv)
> 
>  		ctx[i] = cperf_testmap[opts.test].constructor(
>  				session_pool_socket[socket_id].sess_mp,
> -				session_pool_socket[socket_id].priv_mp,
>  				cdev_id, qp_id,
>  				&opts, t_vec, &op_fns);
>  		if (ctx[i] == NULL) {
> diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
> index 82f819211a..e5c7930c63 100644
> --- a/app/test/test_cryptodev.c
> +++ b/app/test/test_cryptodev.c
> @@ -79,7 +79,7 @@ struct crypto_unittest_params {
>  #endif
> 
>  	union {
> -		struct rte_cryptodev_sym_session *sess;
> +		void *sess;
>  #ifdef RTE_LIB_SECURITY
>  		void *sec_session;
>  #endif
> @@ -119,7 +119,7 @@
> test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
>  		uint8_t *hmac_key);
> 
>  static int
> -test_AES_CBC_HMAC_SHA512_decrypt_perform(struct
> rte_cryptodev_sym_session *sess,
> +test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
>  		struct crypto_unittest_params *ut_params,
>  		struct crypto_testsuite_params *ts_param,
>  		const uint8_t *cipher,
> @@ -596,23 +596,11 @@ testsuite_setup(void)
>  	}
> 
>  	ts_params->session_mpool =
> rte_cryptodev_sym_session_pool_create(
> -			"test_sess_mp", MAX_NB_SESSIONS, 0, 0, 0,
> +			"test_sess_mp", MAX_NB_SESSIONS, session_size, 0,
> 0,
>  			SOCKET_ID_ANY);
>  	TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
>  			"session mempool allocation failed");
> 
> -	ts_params->session_priv_mpool = rte_mempool_create(
> -			"test_sess_mp_priv",
> -			MAX_NB_SESSIONS,
> -			session_size,
> -			0, 0, NULL, NULL, NULL,
> -			NULL, SOCKET_ID_ANY,
> -			0);
> -	TEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,
> -			"session mempool allocation failed");
> -
> -
> -
>  	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,
>  			&ts_params->conf),
>  			"Failed to configure cryptodev %u with %u qps",
> @@ -620,7 +608,6 @@ testsuite_setup(void)
> 
>  	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
>  	ts_params->qp_conf.mp_session = ts_params->session_mpool;
> -	ts_params->qp_conf.mp_session_private = ts_params-
> >session_priv_mpool;
> 
>  	for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
>  		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
> @@ -650,11 +637,6 @@ testsuite_teardown(void)
>  	}
> 
>  	/* Free session mempools */
> -	if (ts_params->session_priv_mpool != NULL) {
> -		rte_mempool_free(ts_params->session_priv_mpool);
> -		ts_params->session_priv_mpool = NULL;
> -	}
> -
>  	if (ts_params->session_mpool != NULL) {
>  		rte_mempool_free(ts_params->session_mpool);
>  		ts_params->session_mpool = NULL;
> @@ -1330,7 +1312,6 @@ dev_configure_and_start(uint64_t ff_disable)
>  	ts_params->conf.ff_disable = ff_disable;
>  	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
>  	ts_params->qp_conf.mp_session = ts_params->session_mpool;
> -	ts_params->qp_conf.mp_session_private = ts_params-
> >session_priv_mpool;
> 
>  	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params-
> >valid_devs[0],
>  			&ts_params->conf),
> @@ -1552,7 +1533,6 @@ test_queue_pair_descriptor_setup(void)
>  	 */
>  	qp_conf.nb_descriptors = MIN_NUM_OPS_INFLIGHT; /* min size*/
>  	qp_conf.mp_session = ts_params->session_mpool;
> -	qp_conf.mp_session_private = ts_params->session_priv_mpool;
> 
>  	for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) {
>  		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
> @@ -2146,8 +2126,7 @@ test_AES_CBC_HMAC_SHA1_encrypt_digest(void)
> 
>  	/* Create crypto session*/
>  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> -			ut_params->sess, &ut_params->cipher_xform,
> -			ts_params->session_priv_mpool);
> +			ut_params->sess, &ut_params->cipher_xform);
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
>  	/* Generate crypto op data structure */
> @@ -2247,7 +2226,7 @@
> test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
>  		uint8_t *hmac_key);
> 
>  static int
> -test_AES_CBC_HMAC_SHA512_decrypt_perform(struct
> rte_cryptodev_sym_session *sess,
> +test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
>  		struct crypto_unittest_params *ut_params,
>  		struct crypto_testsuite_params *ts_params,
>  		const uint8_t *cipher,
> @@ -2288,7 +2267,7 @@
> test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
> 
> 
>  static int
> -test_AES_CBC_HMAC_SHA512_decrypt_perform(struct
> rte_cryptodev_sym_session *sess,
> +test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
>  		struct crypto_unittest_params *ut_params,
>  		struct crypto_testsuite_params *ts_params,
>  		const uint8_t *cipher,
> @@ -2401,8 +2380,7 @@ create_wireless_algo_hash_session(uint8_t dev_id,
>  			ts_params->session_mpool);
> 
>  	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> -			&ut_params->auth_xform,
> -			ts_params->session_priv_mpool);
> +			&ut_params->auth_xform);
>  	if (status == -ENOTSUP)
>  		return TEST_SKIPPED;
> 
> @@ -2443,8 +2421,7 @@ create_wireless_algo_cipher_session(uint8_t
> dev_id,
>  			ts_params->session_mpool);
> 
>  	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> -			&ut_params->cipher_xform,
> -			ts_params->session_priv_mpool);
> +			&ut_params->cipher_xform);
>  	if (status == -ENOTSUP)
>  		return TEST_SKIPPED;
> 
> @@ -2566,8 +2543,7 @@ create_wireless_algo_cipher_auth_session(uint8_t
> dev_id,
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
>  	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> -			&ut_params->cipher_xform,
> -			ts_params->session_priv_mpool);
> +			&ut_params->cipher_xform);
>  	if (status == -ENOTSUP)
>  		return TEST_SKIPPED;
> 
> @@ -2629,8 +2605,7 @@ create_wireless_cipher_auth_session(uint8_t
> dev_id,
>  			ts_params->session_mpool);
> 
>  	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> -			&ut_params->cipher_xform,
> -			ts_params->session_priv_mpool);
> +			&ut_params->cipher_xform);
>  	if (status == -ENOTSUP)
>  		return TEST_SKIPPED;
> 
> @@ -2699,13 +2674,11 @@
> create_wireless_algo_auth_cipher_session(uint8_t dev_id,
>  		ut_params->auth_xform.next = NULL;
>  		ut_params->cipher_xform.next = &ut_params->auth_xform;
>  		status = rte_cryptodev_sym_session_init(dev_id,
> ut_params->sess,
> -				&ut_params->cipher_xform,
> -				ts_params->session_priv_mpool);
> +				&ut_params->cipher_xform);
> 
>  	} else
>  		status = rte_cryptodev_sym_session_init(dev_id,
> ut_params->sess,
> -				&ut_params->auth_xform,
> -				ts_params->session_priv_mpool);
> +				&ut_params->auth_xform);
> 
>  	if (status == -ENOTSUP)
>  		return TEST_SKIPPED;
> @@ -7838,8 +7811,7 @@ create_aead_session(uint8_t dev_id, enum
> rte_crypto_aead_algorithm algo,
>  			ts_params->session_mpool);
> 
>  	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> -			&ut_params->aead_xform,
> -			ts_params->session_priv_mpool);
> +			&ut_params->aead_xform);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
> @@ -10992,8 +10964,7 @@ static int MD5_HMAC_create_session(struct
> crypto_testsuite_params *ts_params,
>  			ts_params->session_mpool);
> 
>  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> -			ut_params->sess, &ut_params->auth_xform,
> -			ts_params->session_priv_mpool);
> +			ut_params->sess, &ut_params->auth_xform);
> 
>  	if (ut_params->sess == NULL)
>  		return TEST_FAILED;
> @@ -11206,7 +11177,7 @@ test_multi_session(void)
>  	struct crypto_unittest_params *ut_params = &unittest_params;
> 
>  	struct rte_cryptodev_info dev_info;
> -	struct rte_cryptodev_sym_session **sessions;
> +	void **sessions;
> 
>  	uint16_t i;
> 
> @@ -11229,9 +11200,7 @@ test_multi_session(void)
> 
>  	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
> 
> -	sessions = rte_malloc(NULL,
> -			sizeof(struct rte_cryptodev_sym_session *) *
> -			(MAX_NB_SESSIONS + 1), 0);
> +	sessions = rte_malloc(NULL, sizeof(void *) * (MAX_NB_SESSIONS +
> 1), 0);
> 
>  	/* Create multiple crypto sessions*/
>  	for (i = 0; i < MAX_NB_SESSIONS; i++) {
> @@ -11240,8 +11209,7 @@ test_multi_session(void)
>  				ts_params->session_mpool);
> 
>  		rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> -				sessions[i], &ut_params->auth_xform,
> -				ts_params->session_priv_mpool);
> +				sessions[i], &ut_params->auth_xform);
>  		TEST_ASSERT_NOT_NULL(sessions[i],
>  				"Session creation failed at session
> number %u",
>  				i);
> @@ -11279,8 +11247,7 @@ test_multi_session(void)
>  	sessions[i] = NULL;
>  	/* Next session create should fail */
>  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> -			sessions[i], &ut_params->auth_xform,
> -			ts_params->session_priv_mpool);
> +			sessions[i], &ut_params->auth_xform);
>  	TEST_ASSERT_NULL(sessions[i],
>  			"Session creation succeeded unexpectedly!");
> 
> @@ -11311,7 +11278,7 @@ test_multi_session_random_usage(void)
>  {
>  	struct crypto_testsuite_params *ts_params = &testsuite_params;
>  	struct rte_cryptodev_info dev_info;
> -	struct rte_cryptodev_sym_session **sessions;
> +	void **sessions;
>  	uint32_t i, j;
>  	struct multi_session_params ut_paramz[] = {
> 
> @@ -11355,8 +11322,7 @@ test_multi_session_random_usage(void)
>  	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
> 
>  	sessions = rte_malloc(NULL,
> -			(sizeof(struct rte_cryptodev_sym_session *)
> -					* MAX_NB_SESSIONS) + 1, 0);
> +			(sizeof(void *) * MAX_NB_SESSIONS) + 1, 0);
> 
>  	for (i = 0; i < MB_SESSION_NUMBER; i++) {
>  		sessions[i] = rte_cryptodev_sym_session_create(
> @@ -11373,8 +11339,7 @@ test_multi_session_random_usage(void)
>  		rte_cryptodev_sym_session_init(
>  				ts_params->valid_devs[0],
>  				sessions[i],
> -				&ut_paramz[i].ut_params.auth_xform,
> -				ts_params->session_priv_mpool);
> +				&ut_paramz[i].ut_params.auth_xform);
> 
>  		TEST_ASSERT_NOT_NULL(sessions[i],
>  				"Session creation failed at session
> number %u",
> @@ -11457,8 +11422,7 @@ test_null_invalid_operation(void)
> 
>  	/* Create Crypto session*/
>  	ret = rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> -			ut_params->sess, &ut_params->cipher_xform,
> -			ts_params->session_priv_mpool);
> +			ut_params->sess, &ut_params->cipher_xform);
>  	TEST_ASSERT(ret < 0,
>  			"Session creation succeeded unexpectedly");
> 
> @@ -11475,8 +11439,7 @@ test_null_invalid_operation(void)
> 
>  	/* Create Crypto session*/
>  	ret = rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> -			ut_params->sess, &ut_params->auth_xform,
> -			ts_params->session_priv_mpool);
> +			ut_params->sess, &ut_params->auth_xform);
>  	TEST_ASSERT(ret < 0,
>  			"Session creation succeeded unexpectedly");
> 
> @@ -11521,8 +11484,7 @@ test_null_burst_operation(void)
> 
>  	/* Create Crypto session*/
>  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> -			ut_params->sess, &ut_params->cipher_xform,
> -			ts_params->session_priv_mpool);
> +			ut_params->sess, &ut_params->cipher_xform);
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
>  	TEST_ASSERT_EQUAL(rte_crypto_op_bulk_alloc(ts_params-
> >op_mpool,
> @@ -11634,7 +11596,6 @@ test_enq_callback_setup(void)
> 
>  	qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
>  	qp_conf.mp_session = ts_params->session_mpool;
> -	qp_conf.mp_session_private = ts_params->session_priv_mpool;
> 
>  	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
>  			ts_params->valid_devs[0], qp_id, &qp_conf,
> @@ -11734,7 +11695,6 @@ test_deq_callback_setup(void)
> 
>  	qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
>  	qp_conf.mp_session = ts_params->session_mpool;
> -	qp_conf.mp_session_private = ts_params->session_priv_mpool;
> 
>  	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
>  			ts_params->valid_devs[0], qp_id, &qp_conf,
> @@ -11943,8 +11903,7 @@ static int create_gmac_session(uint8_t dev_id,
>  			ts_params->session_mpool);
> 
>  	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> -			&ut_params->auth_xform,
> -			ts_params->session_priv_mpool);
> +			&ut_params->auth_xform);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
> @@ -12588,8 +12547,7 @@ create_auth_session(struct
> crypto_unittest_params *ut_params,
>  			ts_params->session_mpool);
> 
>  	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> -				&ut_params->auth_xform,
> -				ts_params->session_priv_mpool);
> +				&ut_params->auth_xform);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
> @@ -12641,8 +12599,7 @@ create_auth_cipher_session(struct
> crypto_unittest_params *ut_params,
>  			ts_params->session_mpool);
> 
>  	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> -				&ut_params->auth_xform,
> -				ts_params->session_priv_mpool);
> +				&ut_params->auth_xform);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
> @@ -13149,8 +13106,7 @@ test_authenticated_encrypt_with_esn(
> 
>  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
>  				ut_params->sess,
> -				&ut_params->cipher_xform,
> -				ts_params->session_priv_mpool);
> +				&ut_params->cipher_xform);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
> @@ -13281,8 +13237,7 @@ test_authenticated_decrypt_with_esn(
> 
>  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
>  				ut_params->sess,
> -				&ut_params->auth_xform,
> -				ts_params->session_priv_mpool);
> +				&ut_params->auth_xform);
> 
>  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> failed");
> 
> @@ -14003,11 +13958,6 @@ test_scheduler_attach_worker_op(void)
>  			rte_mempool_free(ts_params->session_mpool);
>  			ts_params->session_mpool = NULL;
>  		}
> -		if (ts_params->session_priv_mpool) {
> -			rte_mempool_free(ts_params-
> >session_priv_mpool);
> -			ts_params->session_priv_mpool = NULL;
> -		}
> -
>  		if (info.sym.max_nb_sessions != 0 &&
>  				info.sym.max_nb_sessions <
> MAX_NB_SESSIONS) {
>  			RTE_LOG(ERR, USER1,
> @@ -14024,32 +13974,14 @@ test_scheduler_attach_worker_op(void)
>  			ts_params->session_mpool =
>  				rte_cryptodev_sym_session_pool_create(
>  						"test_sess_mp",
> -						MAX_NB_SESSIONS, 0, 0, 0,
> +						MAX_NB_SESSIONS,
> +						session_size, 0, 0,
>  						SOCKET_ID_ANY);
>  			TEST_ASSERT_NOT_NULL(ts_params-
> >session_mpool,
>  					"session mempool allocation failed");
>  		}
> 
> -		/*
> -		 * Create mempool with maximum number of sessions,
> -		 * to include device specific session private data
> -		 */
> -		if (ts_params->session_priv_mpool == NULL) {
> -			ts_params->session_priv_mpool =
> rte_mempool_create(
> -					"test_sess_mp_priv",
> -					MAX_NB_SESSIONS,
> -					session_size,
> -					0, 0, NULL, NULL, NULL,
> -					NULL, SOCKET_ID_ANY,
> -					0);
> -
> -			TEST_ASSERT_NOT_NULL(ts_params-
> >session_priv_mpool,
> -					"session mempool allocation failed");
> -		}
> -
>  		ts_params->qp_conf.mp_session = ts_params-
> >session_mpool;
> -		ts_params->qp_conf.mp_session_private =
> -				ts_params->session_priv_mpool;
> 
>  		ret = rte_cryptodev_scheduler_worker_attach(sched_id,
>  				(uint8_t)i);
> diff --git a/app/test/test_cryptodev.h b/app/test/test_cryptodev.h
> index 1cdd84d01f..a3a10d484b 100644
> --- a/app/test/test_cryptodev.h
> +++ b/app/test/test_cryptodev.h
> @@ -89,7 +89,6 @@ struct crypto_testsuite_params {
>  	struct rte_mempool *large_mbuf_pool;
>  	struct rte_mempool *op_mpool;
>  	struct rte_mempool *session_mpool;
> -	struct rte_mempool *session_priv_mpool;
>  	struct rte_cryptodev_config conf;
>  	struct rte_cryptodev_qp_conf qp_conf;
> 
> diff --git a/app/test/test_cryptodev_asym.c
> b/app/test/test_cryptodev_asym.c
> index 9d19a6d6d9..35da574da8 100644
> --- a/app/test/test_cryptodev_asym.c
> +++ b/app/test/test_cryptodev_asym.c
> @@ -924,7 +924,6 @@ testsuite_setup(void)
>  	/* configure qp */
>  	ts_params->qp_conf.nb_descriptors =
> DEFAULT_NUM_OPS_INFLIGHT;
>  	ts_params->qp_conf.mp_session = ts_params->session_mpool;
> -	ts_params->qp_conf.mp_session_private = ts_params-
> >session_mpool;
>  	for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
>  		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
>  			dev_id, qp_id, &ts_params->qp_conf,
> diff --git a/app/test/test_cryptodev_blockcipher.c
> b/app/test/test_cryptodev_blockcipher.c
> index 3cdb2c96e8..9417803f18 100644
> --- a/app/test/test_cryptodev_blockcipher.c
> +++ b/app/test/test_cryptodev_blockcipher.c
> @@ -68,7 +68,6 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  	struct rte_mempool *mbuf_pool,
>  	struct rte_mempool *op_mpool,
>  	struct rte_mempool *sess_mpool,
> -	struct rte_mempool *sess_priv_mpool,
>  	uint8_t dev_id,
>  	char *test_msg)
>  {
> @@ -81,7 +80,7 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  	struct rte_crypto_sym_op *sym_op = NULL;
>  	struct rte_crypto_op *op = NULL;
>  	struct rte_cryptodev_info dev_info;
> -	struct rte_cryptodev_sym_session *sess = NULL;
> +	void *sess = NULL;
> 
>  	int status = TEST_SUCCESS;
>  	const struct blockcipher_test_data *tdata = t->test_data;
> @@ -514,7 +513,7 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  		sess = rte_cryptodev_sym_session_create(sess_mpool);
> 
>  		status = rte_cryptodev_sym_session_init(dev_id, sess,
> -				init_xform, sess_priv_mpool);
> +				init_xform);
>  		if (status == -ENOTSUP) {
>  			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
> "UNSUPPORTED");
>  			status = TEST_SKIPPED;
> @@ -831,7 +830,6 @@ blockcipher_test_case_run(const void *data)
>  			p_testsuite_params->mbuf_pool,
>  			p_testsuite_params->op_mpool,
>  			p_testsuite_params->session_mpool,
> -			p_testsuite_params->session_priv_mpool,
>  			p_testsuite_params->valid_devs[0],
>  			test_msg);
>  	return status;
> diff --git a/app/test/test_event_crypto_adapter.c
> b/app/test/test_event_crypto_adapter.c
> index 3ad20921e2..59229a1cde 100644
> --- a/app/test/test_event_crypto_adapter.c
> +++ b/app/test/test_event_crypto_adapter.c
> @@ -61,7 +61,6 @@ struct event_crypto_adapter_test_params {
>  	struct rte_mempool *mbuf_pool;
>  	struct rte_mempool *op_mpool;
>  	struct rte_mempool *session_mpool;
> -	struct rte_mempool *session_priv_mpool;
>  	struct rte_cryptodev_config *config;
>  	uint8_t crypto_event_port_id;
>  	uint8_t internal_port_op_fwd;
> @@ -167,7 +166,7 @@ static int
>  test_op_forward_mode(uint8_t session_less)
>  {
>  	struct rte_crypto_sym_xform cipher_xform;
> -	struct rte_cryptodev_sym_session *sess;
> +	void *sess;
>  	union rte_event_crypto_metadata m_data;
>  	struct rte_crypto_sym_op *sym_op;
>  	struct rte_crypto_op *op;
> @@ -203,7 +202,7 @@ test_op_forward_mode(uint8_t session_less)
> 
>  		/* Create Crypto session*/
>  		ret = rte_cryptodev_sym_session_init(TEST_CDEV_ID, sess,
> -				&cipher_xform, params.session_priv_mpool);
> +				&cipher_xform);
>  		TEST_ASSERT_SUCCESS(ret, "Failed to init session\n");
> 
>  		ret = rte_event_crypto_adapter_caps_get(evdev,
> TEST_CDEV_ID,
> @@ -367,7 +366,7 @@ static int
>  test_op_new_mode(uint8_t session_less)
>  {
>  	struct rte_crypto_sym_xform cipher_xform;
> -	struct rte_cryptodev_sym_session *sess;
> +	void *sess;
>  	union rte_event_crypto_metadata m_data;
>  	struct rte_crypto_sym_op *sym_op;
>  	struct rte_crypto_op *op;
> @@ -411,7 +410,7 @@ test_op_new_mode(uint8_t session_less)
>  						&m_data, sizeof(m_data));
>  		}
>  		ret = rte_cryptodev_sym_session_init(TEST_CDEV_ID, sess,
> -				&cipher_xform, params.session_priv_mpool);
> +				&cipher_xform);
>  		TEST_ASSERT_SUCCESS(ret, "Failed to init session\n");
> 
>  		rte_crypto_op_attach_sym_session(op, sess);
> @@ -553,22 +552,12 @@ configure_cryptodev(void)
> 
>  	params.session_mpool = rte_cryptodev_sym_session_pool_create(
>  			"CRYPTO_ADAPTER_SESSION_MP",
> -			MAX_NB_SESSIONS, 0, 0,
> +			MAX_NB_SESSIONS, session_size, 0,
>  			sizeof(union rte_event_crypto_metadata),
>  			SOCKET_ID_ANY);
>  	TEST_ASSERT_NOT_NULL(params.session_mpool,
>  			"session mempool allocation failed\n");
> 
> -	params.session_priv_mpool = rte_mempool_create(
> -				"CRYPTO_AD_SESS_MP_PRIV",
> -				MAX_NB_SESSIONS,
> -				session_size,
> -				0, 0, NULL, NULL, NULL,
> -				NULL, SOCKET_ID_ANY,
> -				0);
> -	TEST_ASSERT_NOT_NULL(params.session_priv_mpool,
> -			"session mempool allocation failed\n");
> -
>  	rte_cryptodev_info_get(TEST_CDEV_ID, &info);
>  	conf.nb_queue_pairs = info.max_nb_queue_pairs;
>  	conf.socket_id = SOCKET_ID_ANY;
> @@ -580,7 +569,6 @@ configure_cryptodev(void)
> 
>  	qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;
>  	qp_conf.mp_session = params.session_mpool;
> -	qp_conf.mp_session_private = params.session_priv_mpool;
> 
>  	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
>  			TEST_CDEV_ID, TEST_CDEV_QP_ID, &qp_conf,
> @@ -934,12 +922,6 @@ crypto_teardown(void)
>  		rte_mempool_free(params.session_mpool);
>  		params.session_mpool = NULL;
>  	}
> -	if (params.session_priv_mpool != NULL) {
> -		rte_mempool_avail_count(params.session_priv_mpool);
> -		rte_mempool_free(params.session_priv_mpool);
> -		params.session_priv_mpool = NULL;
> -	}
> -
>  	/* Free ops mempool */
>  	if (params.op_mpool != NULL) {
>  		RTE_LOG(DEBUG, USER1, "EVENT_CRYPTO_SYM_OP_POOL
> count %u\n",
> diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
> index 2ffa2a8e79..134545efe1 100644
> --- a/app/test/test_ipsec.c
> +++ b/app/test/test_ipsec.c
> @@ -355,20 +355,9 @@ testsuite_setup(void)
>  		return TEST_FAILED;
>  	}
> 
> -	ts_params->qp_conf.mp_session_private = rte_mempool_create(
> -				"test_priv_sess_mp",
> -				MAX_NB_SESSIONS,
> -				sess_sz,
> -				0, 0, NULL, NULL, NULL,
> -				NULL, SOCKET_ID_ANY,
> -				0);
> -
> -	TEST_ASSERT_NOT_NULL(ts_params->qp_conf.mp_session_private,
> -			"private session mempool allocation failed");
> -
>  	ts_params->qp_conf.mp_session =
>  		rte_cryptodev_sym_session_pool_create("test_sess_mp",
> -			MAX_NB_SESSIONS, 0, 0, 0, SOCKET_ID_ANY);
> +			MAX_NB_SESSIONS, sess_sz, 0, 0, SOCKET_ID_ANY);
> 
>  	TEST_ASSERT_NOT_NULL(ts_params->qp_conf.mp_session,
>  			"session mempool allocation failed");
> @@ -413,11 +402,6 @@ testsuite_teardown(void)
>  		rte_mempool_free(ts_params->qp_conf.mp_session);
>  		ts_params->qp_conf.mp_session = NULL;
>  	}
> -
> -	if (ts_params->qp_conf.mp_session_private != NULL) {
> -		rte_mempool_free(ts_params-
> >qp_conf.mp_session_private);
> -		ts_params->qp_conf.mp_session_private = NULL;
> -	}
>  }
> 
>  static int
> @@ -644,7 +628,7 @@ create_crypto_session(struct ipsec_unitest_params
> *ut,
>  	struct rte_cryptodev_qp_conf *qp, uint8_t dev_id, uint32_t j)
>  {
>  	int32_t rc;
> -	struct rte_cryptodev_sym_session *s;
> +	void *s;
> 
>  	s = rte_cryptodev_sym_session_create(qp->mp_session);
>  	if (s == NULL)
> @@ -652,7 +636,7 @@ create_crypto_session(struct ipsec_unitest_params
> *ut,
> 
>  	/* initiliaze SA crypto session for device */
>  	rc = rte_cryptodev_sym_session_init(dev_id, s,
> -			ut->crypto_xforms, qp->mp_session_private);
> +			ut->crypto_xforms);
>  	if (rc == 0) {
>  		ut->ss[j].crypto.ses = s;
>  		return 0;
> diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
> b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
> index edb7275e76..75330292af 100644
> --- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
> +++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
> @@ -235,7 +235,6 @@ aesni_gcm_pmd_qp_setup(struct rte_cryptodev
> *dev, uint16_t qp_id,
>  		goto qp_setup_cleanup;
> 
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> 
> @@ -259,10 +258,8 @@ aesni_gcm_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  aesni_gcm_pmd_sym_session_configure(struct rte_cryptodev *dev
> __rte_unused,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
>  	struct aesni_gcm_private *internals = dev->data->dev_private;
> 
> @@ -271,42 +268,24 @@ aesni_gcm_pmd_sym_session_configure(struct
> rte_cryptodev *dev __rte_unused,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		AESNI_GCM_LOG(ERR,
> -				"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
>  	ret = aesni_gcm_set_session_parameters(internals->ops,
> -				sess_private_data, xform);
> +				sess, xform);
>  	if (ret != 0) {
>  		AESNI_GCM_LOG(ERR, "failed configure session
> parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -			sess_private_data);
> -
>  	return 0;
>  }
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -aesni_gcm_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +aesni_gcm_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> +	RTE_SET_USED(dev);
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> -		memset(sess_priv, 0, sizeof(struct aesni_gcm_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> -	}
> +	if (sess)
> +		memset(sess, 0, sizeof(struct aesni_gcm_session));
>  }
> 
>  struct rte_cryptodev_ops aesni_gcm_pmd_ops = {
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
> index 39c67e3952..efdc05c45f 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
> @@ -944,7 +944,6 @@ aesni_mb_pmd_qp_setup(struct rte_cryptodev *dev,
> uint16_t qp_id,
>  	}
> 
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	memset(&qp->stats, 0, sizeof(qp->stats));
> 
> @@ -974,11 +973,8 @@ aesni_mb_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  /** Configure a aesni multi-buffer session from a crypto xform chain */
>  static int
>  aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,
> -		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		struct rte_crypto_sym_xform *xform, void *sess)
>  {
> -	void *sess_private_data;
>  	struct aesni_mb_private *internals = dev->data->dev_private;
>  	int ret;
> 
> @@ -987,43 +983,25 @@ aesni_mb_pmd_sym_session_configure(struct
> rte_cryptodev *dev,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		AESNI_MB_LOG(ERR,
> -				"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
>  	ret = aesni_mb_set_session_parameters(internals->mb_mgr,
> -			sess_private_data, xform);
> +			sess, xform);
>  	if (ret != 0) {
>  		AESNI_MB_LOG(ERR, "failed configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -			sess_private_data);
> -
>  	return 0;
>  }
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> +	RTE_SET_USED(dev);
> 
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> -		memset(sess_priv, 0, sizeof(struct aesni_mb_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> -	}
> +	if (sess)
> +		memset(sess, 0, sizeof(struct aesni_mb_session));
>  }
> 
>  struct rte_cryptodev_ops aesni_mb_pmd_ops = {
> diff --git a/drivers/crypto/armv8/rte_armv8_pmd_ops.c
> b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
> index 1b2749fe62..2d3b54b063 100644
> --- a/drivers/crypto/armv8/rte_armv8_pmd_ops.c
> +++ b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
> @@ -244,7 +244,6 @@ armv8_crypto_pmd_qp_setup(struct rte_cryptodev
> *dev, uint16_t qp_id,
>  		goto qp_setup_cleanup;
> 
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	memset(&qp->stats, 0, sizeof(qp->stats));
> 
> @@ -268,10 +267,8 @@ armv8_crypto_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  armv8_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
> 
>  	if (unlikely(sess == NULL)) {
> @@ -279,42 +276,23 @@ armv8_crypto_pmd_sym_session_configure(struct
> rte_cryptodev *dev,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		CDEV_LOG_ERR(
> -			"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
> -	ret = armv8_crypto_set_session_parameters(sess_private_data,
> xform);
> +	ret = armv8_crypto_set_session_parameters(sess, xform);
>  	if (ret != 0) {
>  		ARMV8_CRYPTO_LOG_ERR("failed configure session
> parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -			sess_private_data);
> -
>  	return 0;
>  }
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -armv8_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +armv8_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void
> *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> +	RTE_SET_USED(dev);
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> -		memset(sess_priv, 0, sizeof(struct armv8_crypto_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> -	}
> +	if (sess)
> +		memset(sess, 0, sizeof(struct armv8_crypto_session));
>  }
> 
>  struct rte_cryptodev_ops armv8_crypto_pmd_ops = {
> diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.c
> b/drivers/crypto/bcmfs/bcmfs_sym_session.c
> index 675ed0ad55..b4b167d0c2 100644
> --- a/drivers/crypto/bcmfs/bcmfs_sym_session.c
> +++ b/drivers/crypto/bcmfs/bcmfs_sym_session.c
> @@ -224,10 +224,9 @@ bcmfs_sym_get_session(struct rte_crypto_op *op)
>  int
>  bcmfs_sym_session_configure(struct rte_cryptodev *dev,
>  			    struct rte_crypto_sym_xform *xform,
> -			    struct rte_cryptodev_sym_session *sess,
> -			    struct rte_mempool *mempool)
> +			    void *sess)
>  {
> -	void *sess_private_data;
> +	RTE_SET_USED(dev);
>  	int ret;
> 
>  	if (unlikely(sess == NULL)) {
> @@ -235,44 +234,23 @@ bcmfs_sym_session_configure(struct
> rte_cryptodev *dev,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		BCMFS_DP_LOG(ERR,
> -			"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
> -	ret = crypto_set_session_parameters(sess_private_data, xform);
> +	ret = crypto_set_session_parameters(sess, xform);
> 
>  	if (ret != 0) {
>  		BCMFS_DP_LOG(ERR, "Failed configure session parameters");
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -				     sess_private_data);
> -
>  	return 0;
>  }
> 
>  /* Clear the memory of session so it doesn't leave key material behind */
>  void
> -bcmfs_sym_session_clear(struct rte_cryptodev *dev,
> -			struct rte_cryptodev_sym_session  *sess)
> +bcmfs_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> -	if (sess_priv) {
> -		struct rte_mempool *sess_mp;
> -
> -		memset(sess_priv, 0, sizeof(struct bcmfs_sym_session));
> -		sess_mp = rte_mempool_from_obj(sess_priv);
> -
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> -	}
> +	RTE_SET_USED(dev);
> +	if (sess)
> +		memset(sess, 0, sizeof(struct bcmfs_sym_session));
>  }
> 
>  unsigned int
> diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.h
> b/drivers/crypto/bcmfs/bcmfs_sym_session.h
> index d40595b4bd..7faafe2fd5 100644
> --- a/drivers/crypto/bcmfs/bcmfs_sym_session.h
> +++ b/drivers/crypto/bcmfs/bcmfs_sym_session.h
> @@ -93,12 +93,10 @@ bcmfs_process_crypto_op(struct rte_crypto_op *op,
>  int
>  bcmfs_sym_session_configure(struct rte_cryptodev *dev,
>  			    struct rte_crypto_sym_xform *xform,
> -			    struct rte_cryptodev_sym_session *sess,
> -			    struct rte_mempool *mempool);
> +			    void *sess);
> 
>  void
> -bcmfs_sym_session_clear(struct rte_cryptodev *dev,
> -			struct rte_cryptodev_sym_session  *sess);
> +bcmfs_sym_session_clear(struct rte_cryptodev *dev, void *sess);
> 
>  unsigned int
>  bcmfs_sym_session_get_private_size(struct rte_cryptodev *dev
> __rte_unused);
> diff --git a/drivers/crypto/caam_jr/caam_jr.c
> b/drivers/crypto/caam_jr/caam_jr.c
> index ce7a100778..8a04820fa6 100644
> --- a/drivers/crypto/caam_jr/caam_jr.c
> +++ b/drivers/crypto/caam_jr/caam_jr.c
> @@ -1692,52 +1692,36 @@ caam_jr_set_session_parameters(struct
> rte_cryptodev *dev,
>  static int
>  caam_jr_sym_session_configure(struct rte_cryptodev *dev,
>  			      struct rte_crypto_sym_xform *xform,
> -			      struct rte_cryptodev_sym_session *sess,
> -			      struct rte_mempool *mempool)
> +			      void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
> 
>  	PMD_INIT_FUNC_TRACE();
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		CAAM_JR_ERR("Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
> -	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
> -	ret = caam_jr_set_session_parameters(dev, xform,
> sess_private_data);
> +	memset(sess, 0, sizeof(struct caam_jr_session));
> +	ret = caam_jr_set_session_parameters(dev, xform, sess);
>  	if (ret != 0) {
>  		CAAM_JR_ERR("failed to configure session parameters");
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> sess_private_data);
> -
>  	return 0;
>  }
> 
>  /* Clear the memory of session so it doesn't leave key material behind */
>  static void
> -caam_jr_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +caam_jr_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
> +	RTE_SET_USED(dev);
> +
> +	struct caam_jr_session *s = (struct caam_jr_session *)sess;
> 
>  	PMD_INIT_FUNC_TRACE();
> 
> -	if (sess_priv) {
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -
> +	if (sess) {
>  		rte_free(s->cipher_key.data);
>  		rte_free(s->auth_key.data);
>  		memset(s, 0, sizeof(struct caam_jr_session));
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
>  	}
>  }
> 
> diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c
> b/drivers/crypto/ccp/ccp_pmd_ops.c
> index 0d615d311c..cac1268130 100644
> --- a/drivers/crypto/ccp/ccp_pmd_ops.c
> +++ b/drivers/crypto/ccp/ccp_pmd_ops.c
> @@ -727,7 +727,6 @@ ccp_pmd_qp_setup(struct rte_cryptodev *dev,
> uint16_t qp_id,
>  	}
> 
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	/* mempool for batch info */
>  	qp->batch_mp = rte_mempool_create(
> @@ -758,11 +757,9 @@ ccp_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  ccp_pmd_sym_session_configure(struct rte_cryptodev *dev,
>  			  struct rte_crypto_sym_xform *xform,
> -			  struct rte_cryptodev_sym_session *sess,
> -			  struct rte_mempool *mempool)
> +			  void *sess)
>  {
>  	int ret;
> -	void *sess_private_data;
>  	struct ccp_private *internals;
> 
>  	if (unlikely(sess == NULL || xform == NULL)) {
> @@ -770,39 +767,22 @@ ccp_pmd_sym_session_configure(struct
> rte_cryptodev *dev,
>  		return -ENOMEM;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		CCP_LOG_ERR("Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
>  	internals = (struct ccp_private *)dev->data->dev_private;
> -	ret = ccp_set_session_parameters(sess_private_data, xform,
> internals);
> +	ret = ccp_set_session_parameters(sess, xform, internals);
>  	if (ret != 0) {
>  		CCP_LOG_ERR("failed configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> -	set_sym_session_private_data(sess, dev->driver_id,
> -				 sess_private_data);
> 
>  	return 0;
>  }
> 
>  static void
> -ccp_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		      struct rte_cryptodev_sym_session *sess)
> +ccp_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> -	if (sess_priv) {
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -
> -		rte_mempool_put(sess_mp, sess_priv);
> -		memset(sess_priv, 0, sizeof(struct ccp_session));
> -		set_sym_session_private_data(sess, index, NULL);
> -	}
> +	RTE_SET_USED(dev);
> +	if (sess)
> +		memset(sess, 0, sizeof(struct ccp_session));
>  }
> 
>  struct rte_cryptodev_ops ccp_ops = {
> diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
> b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
> index 99968cc353..50cae5e3d6 100644
> --- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
> +++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
> @@ -32,17 +32,18 @@ cn10k_cpt_sym_temp_sess_create(struct
> cnxk_cpt_qp *qp, struct rte_crypto_op *op)
>  	if (sess == NULL)
>  		return NULL;
> 
> -	ret = sym_session_configure(qp->lf.roc_cpt, driver_id, sym_op-
> >xform,
> -				    sess, qp->sess_mp_priv);
> +	sess->sess_data[driver_id].data =
> +			(void *)((uint8_t *)sess +
> +			rte_cryptodev_sym_get_header_session_size() +
> +			(driver_id * sess->priv_sz));
> +	priv = get_sym_session_private_data(sess, driver_id);
> +	ret = sym_session_configure(qp->lf.roc_cpt, sym_op->xform, (void
> *)priv);
>  	if (ret)
>  		goto sess_put;
> 
> -	priv = get_sym_session_private_data(sess, driver_id);
> -
>  	sym_op->session = sess;
> 
>  	return priv;
> -
>  sess_put:
>  	rte_mempool_put(qp->sess_mp, sess);
>  	return NULL;
> @@ -144,9 +145,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct
> rte_crypto_op *ops[],
>  			ret = cpt_sym_inst_fill(qp, op, sess, infl_req,
>  						&inst[0]);
>  			if (unlikely(ret)) {
> -
> 	sym_session_clear(cn10k_cryptodev_driver_id,
> -						  op->sym->session);
> -				rte_mempool_put(qp->sess_mp, op->sym-
> >session);
> +				sym_session_clear(op->sym->session);
>  				return 0;
>  			}
>  			w7 = sess->cpt_inst_w7;
> @@ -437,8 +436,7 @@ cn10k_cpt_dequeue_post_process(struct
> cnxk_cpt_qp *qp,
>  temp_sess_free:
>  	if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
>  		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
> -			sym_session_clear(cn10k_cryptodev_driver_id,
> -					  cop->sym->session);
> +			sym_session_clear(cop->sym->session);
>  			sz =
> rte_cryptodev_sym_get_existing_header_session_size(
>  				cop->sym->session);
>  			memset(cop->sym->session, 0, sz);
> diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
> b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
> index 4c2dc5b080..5f83581131 100644
> --- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
> +++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
> @@ -81,17 +81,19 @@ cn9k_cpt_sym_temp_sess_create(struct
> cnxk_cpt_qp *qp, struct rte_crypto_op *op)
>  	if (sess == NULL)
>  		return NULL;
> 
> -	ret = sym_session_configure(qp->lf.roc_cpt, driver_id, sym_op-
> >xform,
> -				    sess, qp->sess_mp_priv);
> +	sess->sess_data[driver_id].data =
> +			(void *)((uint8_t *)sess +
> +			rte_cryptodev_sym_get_header_session_size() +
> +			(driver_id * sess->priv_sz));
> +	priv = get_sym_session_private_data(sess, driver_id);
> +	ret = sym_session_configure(qp->lf.roc_cpt, sym_op->xform,
> +			(void *)priv);
>  	if (ret)
>  		goto sess_put;
> 
> -	priv = get_sym_session_private_data(sess, driver_id);
> -
>  	sym_op->session = sess;
> 
>  	return priv;
> -
>  sess_put:
>  	rte_mempool_put(qp->sess_mp, sess);
>  	return NULL;
> @@ -126,8 +128,7 @@ cn9k_cpt_inst_prep(struct cnxk_cpt_qp *qp, struct
> rte_crypto_op *op,
>  			ret = cn9k_cpt_sym_inst_fill(qp, op, sess, infl_req,
>  						     inst);
>  			if (unlikely(ret)) {
> -
> 	sym_session_clear(cn9k_cryptodev_driver_id,
> -						  op->sym->session);
> +				sym_session_clear(op->sym->session);
>  				rte_mempool_put(qp->sess_mp, op->sym-
> >session);
>  			}
>  			inst->w7.u64 = sess->cpt_inst_w7;
> @@ -484,8 +485,7 @@ cn9k_cpt_dequeue_post_process(struct
> cnxk_cpt_qp *qp, struct rte_crypto_op *cop,
>  temp_sess_free:
>  	if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
>  		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
> -			sym_session_clear(cn9k_cryptodev_driver_id,
> -					  cop->sym->session);
> +			sym_session_clear(cop->sym->session);
>  			sz =
> rte_cryptodev_sym_get_existing_header_session_size(
>  				cop->sym->session);
>  			memset(cop->sym->session, 0, sz);
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
> b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
> index 41d8fe49e1..52d9cf0cf3 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
> @@ -379,7 +379,6 @@ cnxk_cpt_queue_pair_setup(struct rte_cryptodev
> *dev, uint16_t qp_id,
>  	}
> 
>  	qp->sess_mp = conf->mp_session;
> -	qp->sess_mp_priv = conf->mp_session_private;
>  	dev->data->queue_pairs[qp_id] = qp;
> 
>  	return 0;
> @@ -493,27 +492,20 @@ cnxk_cpt_inst_w7_get(struct cnxk_se_sess *sess,
> struct roc_cpt *roc_cpt)
>  }
> 
>  int
> -sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
> +sym_session_configure(struct roc_cpt *roc_cpt,
>  		      struct rte_crypto_sym_xform *xform,
> -		      struct rte_cryptodev_sym_session *sess,
> -		      struct rte_mempool *pool)
> +		      void *sess)
>  {
>  	struct cnxk_se_sess *sess_priv;
> -	void *priv;
>  	int ret;
> 
>  	ret = sym_xform_verify(xform);
>  	if (unlikely(ret < 0))
>  		return ret;
> 
> -	if (unlikely(rte_mempool_get(pool, &priv))) {
> -		plt_dp_err("Could not allocate session private data");
> -		return -ENOMEM;
> -	}
> +	memset(sess, 0, sizeof(struct cnxk_se_sess));
> 
> -	memset(priv, 0, sizeof(struct cnxk_se_sess));
> -
> -	sess_priv = priv;
> +	sess_priv = sess;
> 
>  	switch (ret) {
>  	case CNXK_CPT_CIPHER:
> @@ -547,7 +539,7 @@ sym_session_configure(struct roc_cpt *roc_cpt, int
> driver_id,
>  	}
> 
>  	if (ret)
> -		goto priv_put;
> +		return -ENOTSUP;
> 
>  	if ((sess_priv->roc_se_ctx.fc_type == ROC_SE_HASH_HMAC) &&
>  	    cpt_mac_len_verify(&xform->auth)) {
> @@ -557,66 +549,45 @@ sym_session_configure(struct roc_cpt *roc_cpt, int
> driver_id,
>  			sess_priv->roc_se_ctx.auth_key = NULL;
>  		}
> 
> -		ret = -ENOTSUP;
> -		goto priv_put;
> +		return -ENOTSUP;
>  	}
> 
>  	sess_priv->cpt_inst_w7 = cnxk_cpt_inst_w7_get(sess_priv, roc_cpt);
> 
> -	set_sym_session_private_data(sess, driver_id, sess_priv);
> -
>  	return 0;
> -
> -priv_put:
> -	rte_mempool_put(pool, priv);
> -
> -	return -ENOTSUP;
>  }
> 
>  int
>  cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
>  			       struct rte_crypto_sym_xform *xform,
> -			       struct rte_cryptodev_sym_session *sess,
> -			       struct rte_mempool *pool)
> +			       void *sess)
>  {
>  	struct cnxk_cpt_vf *vf = dev->data->dev_private;
>  	struct roc_cpt *roc_cpt = &vf->cpt;
> -	uint8_t driver_id;
> 
> -	driver_id = dev->driver_id;
> -
> -	return sym_session_configure(roc_cpt, driver_id, xform, sess, pool);
> +	return sym_session_configure(roc_cpt, xform, sess);
>  }
> 
>  void
> -sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
> +sym_session_clear(void *sess)
>  {
> -	void *priv = get_sym_session_private_data(sess, driver_id);
> -	struct cnxk_se_sess *sess_priv;
> -	struct rte_mempool *pool;
> +	struct cnxk_se_sess *sess_priv = sess;
> 
> -	if (priv == NULL)
> +	if (sess == NULL)
>  		return;
> 
> -	sess_priv = priv;
> -
>  	if (sess_priv->roc_se_ctx.auth_key != NULL)
>  		plt_free(sess_priv->roc_se_ctx.auth_key);
> 
> -	memset(priv, 0, cnxk_cpt_sym_session_get_size(NULL));
> -
> -	pool = rte_mempool_from_obj(priv);
> -
> -	set_sym_session_private_data(sess, driver_id, NULL);
> -
> -	rte_mempool_put(pool, priv);
> +	memset(sess_priv, 0, cnxk_cpt_sym_session_get_size(NULL));
>  }
> 
>  void
> -cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
> -			   struct rte_cryptodev_sym_session *sess)
> +cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	return sym_session_clear(dev->driver_id, sess);
> +	RTE_SET_USED(dev);
> +
> +	return sym_session_clear(sess);
>  }
> 
>  unsigned int
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
> b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
> index c5332dec53..3c09d10582 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
> @@ -111,18 +111,15 @@ unsigned int
> cnxk_cpt_sym_session_get_size(struct rte_cryptodev *dev);
> 
>  int cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
>  				   struct rte_crypto_sym_xform *xform,
> -				   struct rte_cryptodev_sym_session *sess,
> -				   struct rte_mempool *pool);
> +				   void *sess);
> 
> -int sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
> +int sym_session_configure(struct roc_cpt *roc_cpt,
>  			  struct rte_crypto_sym_xform *xform,
> -			  struct rte_cryptodev_sym_session *sess,
> -			  struct rte_mempool *pool);
> +			  void *sess);
> 
> -void cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
> -				struct rte_cryptodev_sym_session *sess);
> +void cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev, void *sess);
> 
> -void sym_session_clear(int driver_id, struct rte_cryptodev_sym_session
> *sess);
> +void sym_session_clear(void *sess);
> 
>  unsigned int cnxk_ae_session_size_get(struct rte_cryptodev *dev
> __rte_unused);
> 
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> index 176f1a27a0..42229763f8 100644
> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> @@ -3438,49 +3438,32 @@ dpaa2_sec_security_session_destroy(void *dev
> __rte_unused, void *sess)
>  static int
>  dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		DPAA2_SEC_ERR("Couldn't get object from session
> mempool");
> -		return -ENOMEM;
> -	}
> -
> -	ret = dpaa2_sec_set_session_parameters(dev, xform,
> sess_private_data);
> +	ret = dpaa2_sec_set_session_parameters(dev, xform, sess);
>  	if (ret != 0) {
>  		DPAA2_SEC_ERR("Failed to configure session parameters");
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -		sess_private_data);
> -
>  	return 0;
>  }
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
>  	PMD_INIT_FUNC_TRACE();
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -	dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
> +	RTE_SET_USED(dev);
> +	dpaa2_sec_session *s = (dpaa2_sec_session *)sess;
> 
> -	if (sess_priv) {
> +	if (sess) {
>  		rte_free(s->ctxt);
>  		rte_free(s->cipher_key.data);
>  		rte_free(s->auth_key.data);
>  		memset(s, 0, sizeof(dpaa2_sec_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
>  	}
>  }
> 
> diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c
> b/drivers/crypto/dpaa_sec/dpaa_sec.c
> index 5a087df090..4727088b45 100644
> --- a/drivers/crypto/dpaa_sec/dpaa_sec.c
> +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
> @@ -2537,33 +2537,18 @@ dpaa_sec_set_session_parameters(struct
> rte_cryptodev *dev,
> 
>  static int
>  dpaa_sec_sym_session_configure(struct rte_cryptodev *dev,
> -		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		struct rte_crypto_sym_xform *xform, void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
> 
>  	PMD_INIT_FUNC_TRACE();
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		DPAA_SEC_ERR("Couldn't get object from session
> mempool");
> -		return -ENOMEM;
> -	}
> -
> -	ret = dpaa_sec_set_session_parameters(dev, xform,
> sess_private_data);
> +	ret = dpaa_sec_set_session_parameters(dev, xform, sess);
>  	if (ret != 0) {
>  		DPAA_SEC_ERR("failed to configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -			sess_private_data);
> -
> -
>  	return 0;
>  }
> 
> @@ -2584,18 +2569,14 @@ free_session_memory(struct rte_cryptodev
> *dev, dpaa_sec_session *s)
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +dpaa_sec_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
>  	PMD_INIT_FUNC_TRACE();
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -	dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
> +	RTE_SET_USED(dev);
> +	dpaa_sec_session *s = (dpaa_sec_session *)sess;
> 
> -	if (sess_priv) {
> +	if (sess)
>  		free_session_memory(dev, s);
> -		set_sym_session_private_data(sess, index, NULL);
> -	}
>  }
> 
>  #ifdef RTE_LIB_SECURITY
> diff --git a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
> b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
> index f075054807..b2e5c92598 100644
> --- a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
> +++ b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
> @@ -220,7 +220,6 @@ kasumi_pmd_qp_setup(struct rte_cryptodev *dev,
> uint16_t qp_id,
> 
>  	qp->mgr = internals->mgr;
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> 
> @@ -243,10 +242,8 @@ kasumi_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
>  	struct kasumi_private *internals = dev->data->dev_private;
> 
> @@ -255,43 +252,24 @@ kasumi_pmd_sym_session_configure(struct
> rte_cryptodev *dev,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		KASUMI_LOG(ERR,
> -				"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
>  	ret = kasumi_set_session_parameters(internals->mgr,
> -					sess_private_data, xform);
> +					sess, xform);
>  	if (ret != 0) {
>  		KASUMI_LOG(ERR, "failed configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -		sess_private_data);
> -
>  	return 0;
>  }
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -kasumi_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +kasumi_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> +	RTE_SET_USED(dev);
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> -		memset(sess_priv, 0, sizeof(struct kasumi_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> -	}
> +	if (sess)
> +		memset(sess, 0, sizeof(struct kasumi_session));
>  }
> 
>  struct rte_cryptodev_ops kasumi_pmd_ops = {
> diff --git a/drivers/crypto/mlx5/mlx5_crypto.c
> b/drivers/crypto/mlx5/mlx5_crypto.c
> index 682cf8b607..615ab9f45d 100644
> --- a/drivers/crypto/mlx5/mlx5_crypto.c
> +++ b/drivers/crypto/mlx5/mlx5_crypto.c
> @@ -165,14 +165,12 @@ mlx5_crypto_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
>  				  struct rte_crypto_sym_xform *xform,
> -				  struct rte_cryptodev_sym_session *session,
> -				  struct rte_mempool *mp)
> +				  void *session)
>  {
>  	struct mlx5_crypto_priv *priv = dev->data->dev_private;
> -	struct mlx5_crypto_session *sess_private_data;
> +	struct mlx5_crypto_session *sess_private_data = session;
>  	struct rte_crypto_cipher_xform *cipher;
>  	uint8_t encryption_order;
> -	int ret;
> 
>  	if (unlikely(xform->next != NULL)) {
>  		DRV_LOG(ERR, "Xform next is not supported.");
> @@ -183,17 +181,9 @@ mlx5_crypto_sym_session_configure(struct
> rte_cryptodev *dev,
>  		DRV_LOG(ERR, "Only AES-XTS algorithm is supported.");
>  		return -ENOTSUP;
>  	}
> -	ret = rte_mempool_get(mp, (void *)&sess_private_data);
> -	if (ret != 0) {
> -		DRV_LOG(ERR,
> -			"Failed to get session %p private data from
> mempool.",
> -			sess_private_data);
> -		return -ENOMEM;
> -	}
>  	cipher = &xform->cipher;
>  	sess_private_data->dek = mlx5_crypto_dek_prepare(priv, cipher);
>  	if (sess_private_data->dek == NULL) {
> -		rte_mempool_put(mp, sess_private_data);
>  		DRV_LOG(ERR, "Failed to prepare dek.");
>  		return -ENOMEM;
>  	}
> @@ -228,27 +218,21 @@ mlx5_crypto_sym_session_configure(struct
> rte_cryptodev *dev,
>  	sess_private_data->dek_id =
>  			rte_cpu_to_be_32(sess_private_data->dek->obj->id
> &
>  					 0xffffff);
> -	set_sym_session_private_data(session, dev->driver_id,
> -				     sess_private_data);
>  	DRV_LOG(DEBUG, "Session %p was configured.", sess_private_data);
>  	return 0;
>  }
> 
>  static void
> -mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev,
> -			      struct rte_cryptodev_sym_session *sess)
> +mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
>  	struct mlx5_crypto_priv *priv = dev->data->dev_private;
> -	struct mlx5_crypto_session *spriv =
> get_sym_session_private_data(sess,
> -								dev-
> >driver_id);
> +	struct mlx5_crypto_session *spriv = sess;
> 
>  	if (unlikely(spriv == NULL)) {
>  		DRV_LOG(ERR, "Failed to get session %p private data.", spriv);
>  		return;
>  	}
>  	mlx5_crypto_dek_destroy(priv, spriv->dek);
> -	set_sym_session_private_data(sess, dev->driver_id, NULL);
> -	rte_mempool_put(rte_mempool_from_obj(spriv), spriv);
>  	DRV_LOG(DEBUG, "Session %p was cleared.", spriv);
>  }
> 
> diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
> b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
> index e04a2c88c7..2e4b27ea21 100644
> --- a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
> +++ b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
> @@ -704,7 +704,6 @@ mrvl_crypto_pmd_qp_setup(struct rte_cryptodev
> *dev, uint16_t qp_id,
>  			break;
> 
>  		qp->sess_mp = qp_conf->mp_session;
> -		qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  		memset(&qp->stats, 0, sizeof(qp->stats));
>  		dev->data->queue_pairs[qp_id] = qp;
> @@ -735,12 +734,9 @@
> mrvl_crypto_pmd_sym_session_get_size(__rte_unused struct
> rte_cryptodev *dev)
>   */
>  static int
>  mrvl_crypto_pmd_sym_session_configure(__rte_unused struct
> rte_cryptodev *dev,
> -		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mp)
> +		struct rte_crypto_sym_xform *xform, void *sess)
>  {
>  	struct mrvl_crypto_session *mrvl_sess;
> -	void *sess_private_data;
>  	int ret;
> 
>  	if (sess == NULL) {
> @@ -748,25 +744,16 @@
> mrvl_crypto_pmd_sym_session_configure(__rte_unused struct
> rte_cryptodev *dev,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mp, &sess_private_data)) {
> -		CDEV_LOG_ERR("Couldn't get object from session
> mempool.");
> -		return -ENOMEM;
> -	}
> +	memset(sess, 0, sizeof(struct mrvl_crypto_session));
> 
> -	memset(sess_private_data, 0, sizeof(struct mrvl_crypto_session));
> -
> -	ret = mrvl_crypto_set_session_parameters(sess_private_data,
> xform);
> +	ret = mrvl_crypto_set_session_parameters(sess, xform);
>  	if (ret != 0) {
>  		MRVL_LOG(ERR, "Failed to configure session parameters!");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mp, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> sess_private_data);
> 
> -	mrvl_sess = (struct mrvl_crypto_session *)sess_private_data;
> +	mrvl_sess = (struct mrvl_crypto_session *)sess;
>  	if (sam_session_create(&mrvl_sess->sam_sess_params,
>  				&mrvl_sess->sam_sess) < 0) {
>  		MRVL_LOG(DEBUG, "Failed to create session!");
> @@ -789,17 +776,13 @@
> mrvl_crypto_pmd_sym_session_configure(__rte_unused struct
> rte_cryptodev *dev,
>   * @returns 0. Always.
>   */
>  static void
> -mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void
> *sess)
>  {
> -
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> +	RTE_SET_USED(dev);
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> +	if (sess) {
>  		struct mrvl_crypto_session *mrvl_sess =
> -			(struct mrvl_crypto_session *)sess_priv;
> +			(struct mrvl_crypto_session *)sess;
> 
>  		if (mrvl_sess->sam_sess &&
>  		    sam_session_destroy(mrvl_sess->sam_sess) < 0) {
> @@ -807,9 +790,6 @@ mrvl_crypto_pmd_sym_session_clear(struct
> rte_cryptodev *dev,
>  		}
> 
>  		memset(mrvl_sess, 0, sizeof(struct mrvl_crypto_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
>  	}
>  }
> 
> diff --git a/drivers/crypto/nitrox/nitrox_sym.c
> b/drivers/crypto/nitrox/nitrox_sym.c
> index f8b7edcd69..0c9bbfef46 100644
> --- a/drivers/crypto/nitrox/nitrox_sym.c
> +++ b/drivers/crypto/nitrox/nitrox_sym.c
> @@ -532,22 +532,16 @@ configure_aead_ctx(struct rte_crypto_aead_xform
> *xform,
>  static int
>  nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev,
>  			      struct rte_crypto_sym_xform *xform,
> -			      struct rte_cryptodev_sym_session *sess,
> -			      struct rte_mempool *mempool)
> +			      void *sess)
>  {
> -	void *mp_obj;
>  	struct nitrox_crypto_ctx *ctx;
>  	struct rte_crypto_cipher_xform *cipher_xform = NULL;
>  	struct rte_crypto_auth_xform *auth_xform = NULL;
>  	struct rte_crypto_aead_xform *aead_xform = NULL;
>  	int ret = -EINVAL;
> 
> -	if (rte_mempool_get(mempool, &mp_obj)) {
> -		NITROX_LOG(ERR, "Couldn't allocate context\n");
> -		return -ENOMEM;
> -	}
> -
> -	ctx = mp_obj;
> +	RTE_SET_USED(cdev);
> +	ctx = sess;
>  	ctx->nitrox_chain = get_crypto_chain_order(xform);
>  	switch (ctx->nitrox_chain) {
>  	case NITROX_CHAIN_CIPHER_ONLY:
> @@ -586,28 +580,17 @@ nitrox_sym_dev_sess_configure(struct
> rte_cryptodev *cdev,
>  	}
> 
>  	ctx->iova = rte_mempool_virt2iova(ctx);
> -	set_sym_session_private_data(sess, cdev->driver_id, ctx);
>  	return 0;
>  err:
> -	rte_mempool_put(mempool, mp_obj);
>  	return ret;
>  }
> 
>  static void
> -nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev,
> -			  struct rte_cryptodev_sym_session *sess)
> +nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev, void *sess)
>  {
> -	struct nitrox_crypto_ctx *ctx = get_sym_session_private_data(sess,
> -							cdev->driver_id);
> -	struct rte_mempool *sess_mp;
> -
> -	if (!ctx)
> -		return;
> -
> -	memset(ctx, 0, sizeof(*ctx));
> -	sess_mp = rte_mempool_from_obj(ctx);
> -	set_sym_session_private_data(sess, cdev->driver_id, NULL);
> -	rte_mempool_put(sess_mp, ctx);
> +	RTE_SET_USED(cdev);
> +	if (sess)
> +		memset(sess, 0, sizeof(struct nitrox_crypto_ctx));
>  }
> 
>  static struct nitrox_crypto_ctx *
> diff --git a/drivers/crypto/null/null_crypto_pmd_ops.c
> b/drivers/crypto/null/null_crypto_pmd_ops.c
> index a8b5a06e7f..65bfa8dcf7 100644
> --- a/drivers/crypto/null/null_crypto_pmd_ops.c
> +++ b/drivers/crypto/null/null_crypto_pmd_ops.c
> @@ -234,7 +234,6 @@ null_crypto_pmd_qp_setup(struct rte_cryptodev
> *dev, uint16_t qp_id,
>  	}
> 
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> 
> @@ -258,10 +257,8 @@ null_crypto_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  null_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev
> __rte_unused,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mp)
> +		void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
> 
>  	if (unlikely(sess == NULL)) {
> @@ -269,42 +266,23 @@ null_crypto_pmd_sym_session_configure(struct
> rte_cryptodev *dev __rte_unused,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mp, &sess_private_data)) {
> -		NULL_LOG(ERR,
> -				"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
> -	ret = null_crypto_set_session_parameters(sess_private_data,
> xform);
> +	ret = null_crypto_set_session_parameters(sess, xform);
>  	if (ret != 0) {
>  		NULL_LOG(ERR, "failed configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mp, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -		sess_private_data);
> -
>  	return 0;
>  }
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -null_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +null_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void
> *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> +	RTE_SET_USED(dev);
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> -		memset(sess_priv, 0, sizeof(struct null_crypto_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> -	}
> +	if (sess)
> +		memset(sess, 0, sizeof(struct null_crypto_session));
>  }
> 
>  static struct rte_cryptodev_ops pmd_ops = {
> diff --git a/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
> b/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
> index 7c6b1e45b4..95659e472b 100644
> --- a/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
> +++ b/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
> @@ -49,7 +49,6 @@ struct cpt_instance {
>  	uint32_t queue_id;
>  	uintptr_t rsvd;
>  	struct rte_mempool *sess_mp;
> -	struct rte_mempool *sess_mp_priv;
>  	struct cpt_qp_meta_info meta_info;
>  	uint8_t ca_enabled;
>  };
> diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c
> b/drivers/crypto/octeontx/otx_cryptodev_ops.c
> index 9e8fd495cf..abd0963be0 100644
> --- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
> +++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
> @@ -171,7 +171,6 @@ otx_cpt_que_pair_setup(struct rte_cryptodev *dev,
> 
>  	instance->queue_id = que_pair_id;
>  	instance->sess_mp = qp_conf->mp_session;
> -	instance->sess_mp_priv = qp_conf->mp_session_private;
>  	dev->data->queue_pairs[que_pair_id] = instance;
> 
>  	return 0;
> @@ -243,29 +242,22 @@ sym_xform_verify(struct rte_crypto_sym_xform
> *xform)
>  }
> 
>  static int
> -sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
> -		      struct rte_cryptodev_sym_session *sess,
> -		      struct rte_mempool *pool)
> +sym_session_configure(struct rte_crypto_sym_xform *xform,
> +		      void *sess)
>  {
>  	struct rte_crypto_sym_xform *temp_xform = xform;
>  	struct cpt_sess_misc *misc;
>  	vq_cmd_word3_t vq_cmd_w3;
> -	void *priv;
>  	int ret;
> 
>  	ret = sym_xform_verify(xform);
>  	if (unlikely(ret))
>  		return ret;
> 
> -	if (unlikely(rte_mempool_get(pool, &priv))) {
> -		CPT_LOG_ERR("Could not allocate session private data");
> -		return -ENOMEM;
> -	}
> -
> -	memset(priv, 0, sizeof(struct cpt_sess_misc) +
> +	memset(sess, 0, sizeof(struct cpt_sess_misc) +
>  			offsetof(struct cpt_ctx, mc_ctx));
> 
> -	misc = priv;
> +	misc = sess;
> 
>  	for ( ; xform != NULL; xform = xform->next) {
>  		switch (xform->type) {
> @@ -301,8 +293,6 @@ sym_session_configure(int driver_id, struct
> rte_crypto_sym_xform *xform,
>  		goto priv_put;
>  	}
> 
> -	set_sym_session_private_data(sess, driver_id, priv);
> -
>  	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
>  			     sizeof(struct cpt_sess_misc);
> 
> @@ -316,56 +306,46 @@ sym_session_configure(int driver_id, struct
> rte_crypto_sym_xform *xform,
>  	return 0;
> 
>  priv_put:
> -	if (priv)
> -		rte_mempool_put(pool, priv);
>  	return -ENOTSUP;
>  }
> 
>  static void
> -sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
> +sym_session_clear(void *sess)
>  {
> -	void *priv = get_sym_session_private_data(sess, driver_id);
>  	struct cpt_sess_misc *misc;
> -	struct rte_mempool *pool;
>  	struct cpt_ctx *ctx;
> 
> -	if (priv == NULL)
> +	if (sess == NULL)
>  		return;
> 
> -	misc = priv;
> +	misc = sess;
>  	ctx = SESS_PRIV(misc);
> 
>  	if (ctx->auth_key != NULL)
>  		rte_free(ctx->auth_key);
> 
> -	memset(priv, 0, cpt_get_session_size());
> -
> -	pool = rte_mempool_from_obj(priv);
> -
> -	set_sym_session_private_data(sess, driver_id, NULL);
> -
> -	rte_mempool_put(pool, priv);
> +	memset(sess, 0, cpt_get_session_size());
>  }
> 
>  static int
>  otx_cpt_session_cfg(struct rte_cryptodev *dev,
>  		    struct rte_crypto_sym_xform *xform,
> -		    struct rte_cryptodev_sym_session *sess,
> -		    struct rte_mempool *pool)
> +		    void *sess)
>  {
>  	CPT_PMD_INIT_FUNC_TRACE();
> +	RTE_SET_USED(dev);
> 
> -	return sym_session_configure(dev->driver_id, xform, sess, pool);
> +	return sym_session_configure(xform, sess);
>  }
> 
> 
>  static void
> -otx_cpt_session_clear(struct rte_cryptodev *dev,
> -		  struct rte_cryptodev_sym_session *sess)
> +otx_cpt_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
>  	CPT_PMD_INIT_FUNC_TRACE();
> +	RTE_SET_USED(dev);
> 
> -	return sym_session_clear(dev->driver_id, sess);
> +	return sym_session_clear(sess);
>  }
> 
>  static unsigned int
> @@ -576,7 +556,6 @@ static __rte_always_inline void * __rte_hot
>  otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
>  				struct rte_crypto_op *op)
>  {
> -	const int driver_id = otx_cryptodev_driver_id;
>  	struct rte_crypto_sym_op *sym_op = op->sym;
>  	struct rte_cryptodev_sym_session *sess;
>  	void *req;
> @@ -589,8 +568,12 @@ otx_cpt_enq_single_sym_sessless(struct
> cpt_instance *instance,
>  		return NULL;
>  	}
> 
> -	ret = sym_session_configure(driver_id, sym_op->xform, sess,
> -				    instance->sess_mp_priv);
> +	sess->sess_data[otx_cryptodev_driver_id].data =
> +			(void *)((uint8_t *)sess +
> +			rte_cryptodev_sym_get_header_session_size() +
> +			(otx_cryptodev_driver_id * sess->priv_sz));
> +	ret = sym_session_configure(sym_op->xform,
> +			sess->sess_data[otx_cryptodev_driver_id].data);
>  	if (ret)
>  		goto sess_put;
> 
> @@ -604,7 +587,7 @@ otx_cpt_enq_single_sym_sessless(struct
> cpt_instance *instance,
>  	return req;
> 
>  priv_put:
> -	sym_session_clear(driver_id, sess);
> +	sym_session_clear(sess);
>  sess_put:
>  	rte_mempool_put(instance->sess_mp, sess);
>  	return NULL;
> @@ -913,7 +896,6 @@ free_sym_session_data(const struct cpt_instance
> *instance,
>  	memset(cop->sym->session, 0,
>  	       rte_cryptodev_sym_get_existing_header_session_size(
>  		       cop->sym->session));
> -	rte_mempool_put(instance->sess_mp_priv, sess_private_data_t);
>  	rte_mempool_put(instance->sess_mp, cop->sym->session);
>  	cop->sym->session = NULL;
>  }
> diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
> b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
> index 7b744cd4b4..dcfbc49996 100644
> --- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
> +++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
> @@ -371,29 +371,21 @@ sym_xform_verify(struct rte_crypto_sym_xform
> *xform)
>  }
> 
>  static int
> -sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
> -		      struct rte_cryptodev_sym_session *sess,
> -		      struct rte_mempool *pool)
> +sym_session_configure(struct rte_crypto_sym_xform *xform, void *sess)
>  {
>  	struct rte_crypto_sym_xform *temp_xform = xform;
>  	struct cpt_sess_misc *misc;
>  	vq_cmd_word3_t vq_cmd_w3;
> -	void *priv;
>  	int ret;
> 
>  	ret = sym_xform_verify(xform);
>  	if (unlikely(ret))
>  		return ret;
> 
> -	if (unlikely(rte_mempool_get(pool, &priv))) {
> -		CPT_LOG_ERR("Could not allocate session private data");
> -		return -ENOMEM;
> -	}
> -
> -	memset(priv, 0, sizeof(struct cpt_sess_misc) +
> +	memset(sess, 0, sizeof(struct cpt_sess_misc) +
>  			offsetof(struct cpt_ctx, mc_ctx));
> 
> -	misc = priv;
> +	misc = sess;
> 
>  	for ( ; xform != NULL; xform = xform->next) {
>  		switch (xform->type) {
> @@ -414,7 +406,7 @@ sym_session_configure(int driver_id, struct
> rte_crypto_sym_xform *xform,
>  		}
> 
>  		if (ret)
> -			goto priv_put;
> +			return -ENOTSUP;
>  	}
> 
>  	if ((GET_SESS_FC_TYPE(misc) == HASH_HMAC) &&
> @@ -425,12 +417,9 @@ sym_session_configure(int driver_id, struct
> rte_crypto_sym_xform *xform,
>  			rte_free(ctx->auth_key);
>  			ctx->auth_key = NULL;
>  		}
> -		ret = -ENOTSUP;
> -		goto priv_put;
> +		return -ENOTSUP;
>  	}
> 
> -	set_sym_session_private_data(sess, driver_id, misc);
> -
>  	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
>  			     sizeof(struct cpt_sess_misc);
> 
> @@ -451,11 +440,6 @@ sym_session_configure(int driver_id, struct
> rte_crypto_sym_xform *xform,
>  	misc->cpt_inst_w7 = vq_cmd_w3.u64;
> 
>  	return 0;
> -
> -priv_put:
> -	rte_mempool_put(pool, priv);
> -
> -	return -ENOTSUP;
>  }
> 
>  static __rte_always_inline int32_t __rte_hot
> @@ -765,7 +749,6 @@ otx2_cpt_enqueue_sym_sessless(struct otx2_cpt_qp
> *qp, struct rte_crypto_op *op,
>  			      struct pending_queue *pend_q,
>  			      unsigned int burst_index)
>  {
> -	const int driver_id = otx2_cryptodev_driver_id;
>  	struct rte_crypto_sym_op *sym_op = op->sym;
>  	struct rte_cryptodev_sym_session *sess;
>  	int ret;
> @@ -775,8 +758,12 @@ otx2_cpt_enqueue_sym_sessless(struct
> otx2_cpt_qp *qp, struct rte_crypto_op *op,
>  	if (sess == NULL)
>  		return -ENOMEM;
> 
> -	ret = sym_session_configure(driver_id, sym_op->xform, sess,
> -				    qp->sess_mp_priv);
> +	sess->sess_data[otx2_cryptodev_driver_id].data =
> +			(void *)((uint8_t *)sess +
> +			rte_cryptodev_sym_get_header_session_size() +
> +			(otx2_cryptodev_driver_id * sess->priv_sz));
> +	ret = sym_session_configure(sym_op->xform,
> +			sess->sess_data[otx2_cryptodev_driver_id].data);
>  	if (ret)
>  		goto sess_put;
> 
> @@ -790,7 +777,7 @@ otx2_cpt_enqueue_sym_sessless(struct otx2_cpt_qp
> *qp, struct rte_crypto_op *op,
>  	return 0;
> 
>  priv_put:
> -	sym_session_clear(driver_id, sess);
> +	sym_session_clear(sess);
>  sess_put:
>  	rte_mempool_put(qp->sess_mp, sess);
>  	return ret;
> @@ -1035,8 +1022,7 @@ otx2_cpt_dequeue_post_process(struct
> otx2_cpt_qp *qp, struct rte_crypto_op *cop,
>  		}
> 
>  		if (unlikely(cop->sess_type ==
> RTE_CRYPTO_OP_SESSIONLESS)) {
> -			sym_session_clear(otx2_cryptodev_driver_id,
> -					  cop->sym->session);
> +			sym_session_clear(cop->sym->session);
>  			sz =
> rte_cryptodev_sym_get_existing_header_session_size(
>  					cop->sym->session);
>  			memset(cop->sym->session, 0, sz);
> @@ -1291,7 +1277,6 @@ otx2_cpt_queue_pair_setup(struct rte_cryptodev
> *dev, uint16_t qp_id,
>  	}
> 
>  	qp->sess_mp = conf->mp_session;
> -	qp->sess_mp_priv = conf->mp_session_private;
>  	dev->data->queue_pairs[qp_id] = qp;
> 
>  	return 0;
> @@ -1330,21 +1315,22 @@ otx2_cpt_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  otx2_cpt_sym_session_configure(struct rte_cryptodev *dev,
>  			       struct rte_crypto_sym_xform *xform,
> -			       struct rte_cryptodev_sym_session *sess,
> -			       struct rte_mempool *pool)
> +			       void *sess)
>  {
>  	CPT_PMD_INIT_FUNC_TRACE();
> +	RTE_SET_USED(dev);
> 
> -	return sym_session_configure(dev->driver_id, xform, sess, pool);
> +	return sym_session_configure(xform, sess);
>  }
> 
>  static void
>  otx2_cpt_sym_session_clear(struct rte_cryptodev *dev,
> -			   struct rte_cryptodev_sym_session *sess)
> +			   void *sess)
>  {
>  	CPT_PMD_INIT_FUNC_TRACE();
> +	RTE_SET_USED(dev);
> 
> -	return sym_session_clear(dev->driver_id, sess);
> +	return sym_session_clear(sess);
>  }
> 
>  static unsigned int
> diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
> b/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
> index 01c081a216..5f63eaf7b7 100644
> --- a/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
> +++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
> @@ -8,29 +8,21 @@
>  #include "cpt_pmd_logs.h"
> 
>  static void
> -sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
> +sym_session_clear(void *sess)
>  {
> -	void *priv = get_sym_session_private_data(sess, driver_id);
>  	struct cpt_sess_misc *misc;
> -	struct rte_mempool *pool;
>  	struct cpt_ctx *ctx;
> 
> -	if (priv == NULL)
> +	if (sess == NULL)
>  		return;
> 
> -	misc = priv;
> +	misc = sess;
>  	ctx = SESS_PRIV(misc);
> 
>  	if (ctx->auth_key != NULL)
>  		rte_free(ctx->auth_key);
> 
> -	memset(priv, 0, cpt_get_session_size());
> -
> -	pool = rte_mempool_from_obj(priv);
> -
> -	set_sym_session_private_data(sess, driver_id, NULL);
> -
> -	rte_mempool_put(pool, priv);
> +	memset(sess, 0, cpt_get_session_size());
>  }
> 
>  static __rte_always_inline uint8_t
> diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> index 52715f86f8..1b48a6b400 100644
> --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> @@ -741,7 +741,6 @@ openssl_pmd_qp_setup(struct rte_cryptodev *dev,
> uint16_t qp_id,
>  		goto qp_setup_cleanup;
> 
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	memset(&qp->stats, 0, sizeof(qp->stats));
> 
> @@ -772,10 +771,8 @@ openssl_pmd_asym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  openssl_pmd_sym_session_configure(struct rte_cryptodev *dev
> __rte_unused,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
> 
>  	if (unlikely(sess == NULL)) {
> @@ -783,24 +780,12 @@ openssl_pmd_sym_session_configure(struct
> rte_cryptodev *dev __rte_unused,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		OPENSSL_LOG(ERR,
> -			"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
> -	ret = openssl_set_session_parameters(sess_private_data, xform);
> +	ret = openssl_set_session_parameters(sess, xform);
>  	if (ret != 0) {
>  		OPENSSL_LOG(ERR, "failed configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -			sess_private_data);
> -
>  	return 0;
>  }
> 
> @@ -1154,19 +1139,13 @@ openssl_pmd_asym_session_configure(struct
> rte_cryptodev *dev __rte_unused,
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -openssl_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +openssl_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> +	RTE_SET_USED(dev);
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> -		openssl_reset_session(sess_priv);
> -		memset(sess_priv, 0, sizeof(struct openssl_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> +	if (sess) {
> +		openssl_reset_session(sess);
> +		memset(sess, 0, sizeof(struct openssl_session));
>  	}
>  }
> 
> diff --git a/drivers/crypto/qat/qat_sym_session.c
> b/drivers/crypto/qat/qat_sym_session.c
> index 2a22347c7f..114bf081c1 100644
> --- a/drivers/crypto/qat/qat_sym_session.c
> +++ b/drivers/crypto/qat/qat_sym_session.c
> @@ -172,21 +172,14 @@ qat_is_auth_alg_supported(enum
> rte_crypto_auth_algorithm algo,
>  }
> 
>  void
> -qat_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +qat_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -	struct qat_sym_session *s = (struct qat_sym_session *)sess_priv;
> +	struct qat_sym_session *s = (struct qat_sym_session *)sess;
> 
> -	if (sess_priv) {
> +	if (sess) {
>  		if (s->bpi_ctx)
>  			bpi_cipher_ctx_free(s->bpi_ctx);
>  		memset(s, 0, qat_sym_session_get_private_size(dev));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
>  	}
>  }
> 
> @@ -458,31 +451,17 @@ qat_sym_session_configure_cipher(struct
> rte_cryptodev *dev,
>  int
>  qat_sym_session_configure(struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess_private_data)
>  {
> -	void *sess_private_data;
>  	int ret;
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		CDEV_LOG_ERR(
> -			"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
>  	ret = qat_sym_session_set_parameters(dev, xform,
> sess_private_data);
>  	if (ret != 0) {
>  		QAT_LOG(ERR,
>  		    "Crypto QAT PMD: failed to configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -		sess_private_data);
> -
>  	return 0;
>  }
> 
> diff --git a/drivers/crypto/qat/qat_sym_session.h
> b/drivers/crypto/qat/qat_sym_session.h
> index 7fcc1d6f7b..6da29e2305 100644
> --- a/drivers/crypto/qat/qat_sym_session.h
> +++ b/drivers/crypto/qat/qat_sym_session.h
> @@ -112,8 +112,7 @@ struct qat_sym_session {
>  int
>  qat_sym_session_configure(struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool);
> +		void *sess);
> 
>  int
>  qat_sym_session_set_parameters(struct rte_cryptodev *dev,
> @@ -135,8 +134,7 @@ qat_sym_session_configure_auth(struct
> rte_cryptodev *dev,
>  				struct qat_sym_session *session);
> 
>  void
> -qat_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *session);
> +qat_sym_session_clear(struct rte_cryptodev *dev, void *session);
> 
>  unsigned int
>  qat_sym_session_get_private_size(struct rte_cryptodev *dev);
> diff --git a/drivers/crypto/scheduler/scheduler_pmd_ops.c
> b/drivers/crypto/scheduler/scheduler_pmd_ops.c
> index 465b88ade8..87260b5a22 100644
> --- a/drivers/crypto/scheduler/scheduler_pmd_ops.c
> +++ b/drivers/crypto/scheduler/scheduler_pmd_ops.c
> @@ -476,9 +476,7 @@ scheduler_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
> 
>  static int
>  scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
> -	struct rte_crypto_sym_xform *xform,
> -	struct rte_cryptodev_sym_session *sess,
> -	struct rte_mempool *mempool)
> +	struct rte_crypto_sym_xform *xform, void *sess)
>  {
>  	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
>  	uint32_t i;
> @@ -488,7 +486,7 @@ scheduler_pmd_sym_session_configure(struct
> rte_cryptodev *dev,
>  		struct scheduler_worker *worker = &sched_ctx->workers[i];
> 
>  		ret = rte_cryptodev_sym_session_init(worker->dev_id, sess,
> -					xform, mempool);
> +					xform);
>  		if (ret < 0) {
>  			CR_SCHED_LOG(ERR, "unable to config sym session");
>  			return ret;
> @@ -500,8 +498,7 @@ scheduler_pmd_sym_session_configure(struct
> rte_cryptodev *dev,
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
>  	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
>  	uint32_t i;
> diff --git a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
> b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
> index 3f46014b7d..b0f8f6d86a 100644
> --- a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
> +++ b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
> @@ -226,7 +226,6 @@ snow3g_pmd_qp_setup(struct rte_cryptodev *dev,
> uint16_t qp_id,
> 
>  	qp->mgr = internals->mgr;
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> 
> @@ -250,10 +249,8 @@ snow3g_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  snow3g_pmd_sym_session_configure(struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
>  	struct snow3g_private *internals = dev->data->dev_private;
> 
> @@ -262,43 +259,24 @@ snow3g_pmd_sym_session_configure(struct
> rte_cryptodev *dev,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		SNOW3G_LOG(ERR,
> -			"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
>  	ret = snow3g_set_session_parameters(internals->mgr,
> -					sess_private_data, xform);
> +					sess, xform);
>  	if (ret != 0) {
>  		SNOW3G_LOG(ERR, "failed configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -		sess_private_data);
> -
>  	return 0;
>  }
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -snow3g_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +snow3g_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> +	RTE_SET_USED(dev);
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> -		memset(sess_priv, 0, sizeof(struct snow3g_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> -	}
> +	if (sess)
> +		memset(sess, 0, sizeof(struct snow3g_session));
>  }
> 
>  struct rte_cryptodev_ops snow3g_pmd_ops = {
> diff --git a/drivers/crypto/virtio/virtio_cryptodev.c
> b/drivers/crypto/virtio/virtio_cryptodev.c
> index 8faa39df4a..de52fec32e 100644
> --- a/drivers/crypto/virtio/virtio_cryptodev.c
> +++ b/drivers/crypto/virtio/virtio_cryptodev.c
> @@ -37,11 +37,10 @@ static void virtio_crypto_dev_free_mbufs(struct
> rte_cryptodev *dev);
>  static unsigned int virtio_crypto_sym_get_session_private_size(
>  		struct rte_cryptodev *dev);
>  static void virtio_crypto_sym_clear_session(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess);
> +		void *sess);
>  static int virtio_crypto_sym_configure_session(struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *session,
> -		struct rte_mempool *mp);
> +		void *session);
> 
>  /*
>   * The set of PCI devices this driver supports
> @@ -927,7 +926,7 @@ virtio_crypto_check_sym_clear_session_paras(
>  static void
>  virtio_crypto_sym_clear_session(
>  		struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +		void *sess)
>  {
>  	struct virtio_crypto_hw *hw;
>  	struct virtqueue *vq;
> @@ -1290,11 +1289,9 @@ static int
>  virtio_crypto_check_sym_configure_session_paras(
>  		struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sym_sess,
> -		struct rte_mempool *mempool)
> +		void *sym_sess)
>  {
> -	if (unlikely(xform == NULL) || unlikely(sym_sess == NULL) ||
> -		unlikely(mempool == NULL)) {
> +	if (unlikely(xform == NULL) || unlikely(sym_sess == NULL)) {
>  		VIRTIO_CRYPTO_SESSION_LOG_ERR("NULL pointer");
>  		return -1;
>  	}
> @@ -1309,12 +1306,9 @@ static int
>  virtio_crypto_sym_configure_session(
>  		struct rte_cryptodev *dev,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess)
>  {
>  	int ret;
> -	struct virtio_crypto_session crypto_sess;
> -	void *session_private = &crypto_sess;
>  	struct virtio_crypto_session *session;
>  	struct virtio_crypto_op_ctrl_req *ctrl_req;
>  	enum virtio_crypto_cmd_id cmd_id;
> @@ -1326,19 +1320,13 @@ virtio_crypto_sym_configure_session(
>  	PMD_INIT_FUNC_TRACE();
> 
>  	ret = virtio_crypto_check_sym_configure_session_paras(dev, xform,
> -			sess, mempool);
> +			sess);
>  	if (ret < 0) {
>  		VIRTIO_CRYPTO_SESSION_LOG_ERR("Invalid parameters");
>  		return ret;
>  	}
> 
> -	if (rte_mempool_get(mempool, &session_private)) {
> -		VIRTIO_CRYPTO_SESSION_LOG_ERR(
> -			"Couldn't get object from session mempool");
> -		return -ENOMEM;
> -	}
> -
> -	session = (struct virtio_crypto_session *)session_private;
> +	session = (struct virtio_crypto_session *)sess;
>  	memset(session, 0, sizeof(struct virtio_crypto_session));
>  	ctrl_req = &session->ctrl;
>  	ctrl_req->header.opcode =
> VIRTIO_CRYPTO_CIPHER_CREATE_SESSION;
> @@ -1401,9 +1389,6 @@ virtio_crypto_sym_configure_session(
>  		goto error_out;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -		session_private);
> -
>  	return 0;
> 
>  error_out:
> diff --git a/drivers/crypto/zuc/rte_zuc_pmd_ops.c
> b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
> index 38642d45ab..04126c8a04 100644
> --- a/drivers/crypto/zuc/rte_zuc_pmd_ops.c
> +++ b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
> @@ -226,7 +226,6 @@ zuc_pmd_qp_setup(struct rte_cryptodev *dev,
> uint16_t qp_id,
> 
>  	qp->mb_mgr = internals->mb_mgr;
>  	qp->sess_mp = qp_conf->mp_session;
> -	qp->sess_mp_priv = qp_conf->mp_session_private;
> 
>  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> 
> @@ -250,10 +249,8 @@ zuc_pmd_sym_session_get_size(struct
> rte_cryptodev *dev __rte_unused)
>  static int
>  zuc_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
>  		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_mempool *mempool)
> +		void *sess)
>  {
> -	void *sess_private_data;
>  	int ret;
> 
>  	if (unlikely(sess == NULL)) {
> @@ -261,43 +258,23 @@ zuc_pmd_sym_session_configure(struct
> rte_cryptodev *dev __rte_unused,
>  		return -EINVAL;
>  	}
> 
> -	if (rte_mempool_get(mempool, &sess_private_data)) {
> -		ZUC_LOG(ERR,
> -			"Couldn't get object from session mempool");
> -
> -		return -ENOMEM;
> -	}
> -
> -	ret = zuc_set_session_parameters(sess_private_data, xform);
> +	ret = zuc_set_session_parameters(sess, xform);
>  	if (ret != 0) {
>  		ZUC_LOG(ERR, "failed configure session parameters");
> -
> -		/* Return session to mempool */
> -		rte_mempool_put(mempool, sess_private_data);
>  		return ret;
>  	}
> 
> -	set_sym_session_private_data(sess, dev->driver_id,
> -		sess_private_data);
> -
>  	return 0;
>  }
> 
>  /** Clear the memory of session so it doesn't leave key material behind */
>  static void
> -zuc_pmd_sym_session_clear(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess)
> +zuc_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
>  {
> -	uint8_t index = dev->driver_id;
> -	void *sess_priv = get_sym_session_private_data(sess, index);
> -
> +	RTE_SET_USED(dev);
>  	/* Zero out the whole structure */
> -	if (sess_priv) {
> -		memset(sess_priv, 0, sizeof(struct zuc_session));
> -		struct rte_mempool *sess_mp =
> rte_mempool_from_obj(sess_priv);
> -		set_sym_session_private_data(sess, index, NULL);
> -		rte_mempool_put(sess_mp, sess_priv);
> -	}
> +	if (sess)
> +		memset(sess, 0, sizeof(struct zuc_session));
>  }
> 
>  struct rte_cryptodev_ops zuc_pmd_ops = {
> diff --git a/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
> b/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
> index b33cb7e139..8522f2dfda 100644
> --- a/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
> +++ b/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
> @@ -38,8 +38,7 @@ otx2_ca_deq_post_process(const struct otx2_cpt_qp
> *qp,
>  		}
> 
>  		if (unlikely(cop->sess_type ==
> RTE_CRYPTO_OP_SESSIONLESS)) {
> -			sym_session_clear(otx2_cryptodev_driver_id,
> -					  cop->sym->session);
> +			sym_session_clear(cop->sym->session);
>  			memset(cop->sym->session, 0,
> 
> 	rte_cryptodev_sym_get_existing_header_session_size(
>  				cop->sym->session));
> diff --git a/examples/fips_validation/fips_dev_self_test.c
> b/examples/fips_validation/fips_dev_self_test.c
> index b4eab05a98..bbc27a1b6f 100644
> --- a/examples/fips_validation/fips_dev_self_test.c
> +++ b/examples/fips_validation/fips_dev_self_test.c
> @@ -969,7 +969,6 @@ struct fips_dev_auto_test_env {
>  	struct rte_mempool *mpool;
>  	struct rte_mempool *op_pool;
>  	struct rte_mempool *sess_pool;
> -	struct rte_mempool *sess_priv_pool;
>  	struct rte_mbuf *mbuf;
>  	struct rte_crypto_op *op;
>  };
> @@ -981,7 +980,7 @@ typedef int
> (*fips_dev_self_test_prepare_xform_t)(uint8_t,
>  		uint32_t);
> 
>  typedef int (*fips_dev_self_test_prepare_op_t)(struct rte_crypto_op *,
> -		struct rte_mbuf *, struct rte_cryptodev_sym_session *,
> +		struct rte_mbuf *, void *,
>  		uint32_t, struct fips_dev_self_test_vector *);
> 
>  typedef int (*fips_dev_self_test_check_result_t)(struct rte_crypto_op *,
> @@ -1173,7 +1172,7 @@ prepare_aead_xform(uint8_t dev_id,
>  static int
>  prepare_cipher_op(struct rte_crypto_op *op,
>  		struct rte_mbuf *mbuf,
> -		struct rte_cryptodev_sym_session *session,
> +		void *session,
>  		uint32_t dir,
>  		struct fips_dev_self_test_vector *vec)
>  {
> @@ -1212,7 +1211,7 @@ prepare_cipher_op(struct rte_crypto_op *op,
>  static int
>  prepare_auth_op(struct rte_crypto_op *op,
>  		struct rte_mbuf *mbuf,
> -		struct rte_cryptodev_sym_session *session,
> +		void *session,
>  		uint32_t dir,
>  		struct fips_dev_self_test_vector *vec)
>  {
> @@ -1251,7 +1250,7 @@ prepare_auth_op(struct rte_crypto_op *op,
>  static int
>  prepare_aead_op(struct rte_crypto_op *op,
>  		struct rte_mbuf *mbuf,
> -		struct rte_cryptodev_sym_session *session,
> +		void *session,
>  		uint32_t dir,
>  		struct fips_dev_self_test_vector *vec)
>  {
> @@ -1464,7 +1463,7 @@ run_single_test(uint8_t dev_id,
>  		uint32_t negative_test)
>  {
>  	struct rte_crypto_sym_xform xform;
> -	struct rte_cryptodev_sym_session *sess;
> +	void *sess;
>  	uint16_t n_deqd;
>  	uint8_t key[256];
>  	int ret;
> @@ -1484,8 +1483,7 @@ run_single_test(uint8_t dev_id,
>  	if (!sess)
>  		return -ENOMEM;
> 
> -	ret = rte_cryptodev_sym_session_init(dev_id,
> -			sess, &xform, env->sess_priv_pool);
> +	ret = rte_cryptodev_sym_session_init(dev_id, sess, &xform);
>  	if (ret < 0) {
>  		RTE_LOG(ERR, PMD, "Error %i: Init session\n", ret);
>  		return ret;
> @@ -1533,8 +1531,6 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
>  		rte_mempool_free(env->op_pool);
>  	if (env->sess_pool)
>  		rte_mempool_free(env->sess_pool);
> -	if (env->sess_priv_pool)
> -		rte_mempool_free(env->sess_priv_pool);
> 
>  	rte_cryptodev_stop(dev_id);
>  }
> @@ -1542,7 +1538,7 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
>  static int
>  fips_dev_auto_test_init(uint8_t dev_id, struct fips_dev_auto_test_env
> *env)
>  {
> -	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
> +	struct rte_cryptodev_qp_conf qp_conf = {128, NULL};
>  	uint32_t sess_sz =
> rte_cryptodev_sym_get_private_session_size(dev_id);
>  	struct rte_cryptodev_config conf;
>  	char name[128];
> @@ -1586,25 +1582,13 @@ fips_dev_auto_test_init(uint8_t dev_id, struct
> fips_dev_auto_test_env *env)
>  	snprintf(name, 128, "%s%u", "SELF_TEST_SESS_POOL", dev_id);
> 
>  	env->sess_pool = rte_cryptodev_sym_session_pool_create(name,
> -			128, 0, 0, 0, rte_cryptodev_socket_id(dev_id));
> +			128, sess_sz, 0, 0, rte_cryptodev_socket_id(dev_id));
>  	if (!env->sess_pool) {
>  		ret = -ENOMEM;
>  		goto error_exit;
>  	}
> 
> -	memset(name, 0, 128);
> -	snprintf(name, 128, "%s%u", "SELF_TEST_SESS_PRIV_POOL", dev_id);
> -
> -	env->sess_priv_pool = rte_mempool_create(name,
> -			128, sess_sz, 0, 0, NULL, NULL, NULL,
> -			NULL, rte_cryptodev_socket_id(dev_id), 0);
> -	if (!env->sess_priv_pool) {
> -		ret = -ENOMEM;
> -		goto error_exit;
> -	}
> -
>  	qp_conf.mp_session = env->sess_pool;
> -	qp_conf.mp_session_private = env->sess_priv_pool;
> 
>  	ret = rte_cryptodev_queue_pair_setup(dev_id, 0, &qp_conf,
>  			rte_cryptodev_socket_id(dev_id));
> diff --git a/examples/fips_validation/main.c
> b/examples/fips_validation/main.c
> index a8daad1f48..03c6ccb5b8 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -48,13 +48,12 @@ struct cryptodev_fips_validate_env {
>  	uint16_t mbuf_data_room;
>  	struct rte_mempool *mpool;
>  	struct rte_mempool *sess_mpool;
> -	struct rte_mempool *sess_priv_mpool;
>  	struct rte_mempool *op_pool;
>  	struct rte_mbuf *mbuf;
>  	uint8_t *digest;
>  	uint16_t digest_len;
>  	struct rte_crypto_op *op;
> -	struct rte_cryptodev_sym_session *sess;
> +	void *sess;
>  	uint16_t self_test;
>  	struct fips_dev_broken_test_config *broken_test_config;
>  } env;
> @@ -63,7 +62,7 @@ static int
>  cryptodev_fips_validate_app_int(void)
>  {
>  	struct rte_cryptodev_config conf = {rte_socket_id(), 1, 0};
> -	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
> +	struct rte_cryptodev_qp_conf qp_conf = {128, NULL};
>  	struct rte_cryptodev_info dev_info;
>  	uint32_t sess_sz = rte_cryptodev_sym_get_private_session_size(
>  			env.dev_id);
> @@ -103,16 +102,11 @@ cryptodev_fips_validate_app_int(void)
>  	ret = -ENOMEM;
> 
>  	env.sess_mpool = rte_cryptodev_sym_session_pool_create(
> -			"FIPS_SESS_MEMPOOL", 16, 0, 0, 0, rte_socket_id());
> +			"FIPS_SESS_MEMPOOL", 16, sess_sz, 0, 0,
> +			rte_socket_id());
>  	if (!env.sess_mpool)
>  		goto error_exit;
> 
> -	env.sess_priv_mpool =
> rte_mempool_create("FIPS_SESS_PRIV_MEMPOOL",
> -			16, sess_sz, 0, 0, NULL, NULL, NULL,
> -			NULL, rte_socket_id(), 0);
> -	if (!env.sess_priv_mpool)
> -		goto error_exit;
> -
>  	env.op_pool = rte_crypto_op_pool_create(
>  			"FIPS_OP_POOL",
>  			RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> @@ -127,7 +121,6 @@ cryptodev_fips_validate_app_int(void)
>  		goto error_exit;
> 
>  	qp_conf.mp_session = env.sess_mpool;
> -	qp_conf.mp_session_private = env.sess_priv_mpool;
> 
>  	ret = rte_cryptodev_queue_pair_setup(env.dev_id, 0, &qp_conf,
>  			rte_socket_id());
> @@ -141,8 +134,6 @@ cryptodev_fips_validate_app_int(void)
>  	rte_mempool_free(env.mpool);
>  	if (env.sess_mpool)
>  		rte_mempool_free(env.sess_mpool);
> -	if (env.sess_priv_mpool)
> -		rte_mempool_free(env.sess_priv_mpool);
>  	if (env.op_pool)
>  		rte_mempool_free(env.op_pool);
> 
> @@ -158,7 +149,6 @@ cryptodev_fips_validate_app_uninit(void)
>  	rte_cryptodev_sym_session_free(env.sess);
>  	rte_mempool_free(env.mpool);
>  	rte_mempool_free(env.sess_mpool);
> -	rte_mempool_free(env.sess_priv_mpool);
>  	rte_mempool_free(env.op_pool);
>  }
> 
> @@ -1179,7 +1169,7 @@ fips_run_test(void)
>  		return -ENOMEM;
> 
>  	ret = rte_cryptodev_sym_session_init(env.dev_id,
> -			env.sess, &xform, env.sess_priv_mpool);
> +			env.sess, &xform);
>  	if (ret < 0) {
>  		RTE_LOG(ERR, USER1, "Error %i: Init session\n",
>  				ret);
> diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-
> secgw/ipsec-secgw.c
> index 7ad94cb822..65528ee2e7 100644
> --- a/examples/ipsec-secgw/ipsec-secgw.c
> +++ b/examples/ipsec-secgw/ipsec-secgw.c
> @@ -1216,15 +1216,11 @@ ipsec_poll_mode_worker(void)
>  	qconf->inbound.sa_ctx = socket_ctx[socket_id].sa_in;
>  	qconf->inbound.cdev_map = cdev_map_in;
>  	qconf->inbound.session_pool = socket_ctx[socket_id].session_pool;
> -	qconf->inbound.session_priv_pool =
> -			socket_ctx[socket_id].session_priv_pool;
>  	qconf->outbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_out;
>  	qconf->outbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_out;
>  	qconf->outbound.sa_ctx = socket_ctx[socket_id].sa_out;
>  	qconf->outbound.cdev_map = cdev_map_out;
>  	qconf->outbound.session_pool =
> socket_ctx[socket_id].session_pool;
> -	qconf->outbound.session_priv_pool =
> -			socket_ctx[socket_id].session_priv_pool;
>  	qconf->frag.pool_dir = socket_ctx[socket_id].mbuf_pool;
>  	qconf->frag.pool_indir = socket_ctx[socket_id].mbuf_pool_indir;
> 
> @@ -2142,8 +2138,6 @@ cryptodevs_init(uint16_t req_queue_num)
>  		qp_conf.nb_descriptors = CDEV_QUEUE_DESC;
>  		qp_conf.mp_session =
>  			socket_ctx[dev_conf.socket_id].session_pool;
> -		qp_conf.mp_session_private =
> -			socket_ctx[dev_conf.socket_id].session_priv_pool;
>  		for (qp = 0; qp < dev_conf.nb_queue_pairs; qp++)
>  			if (rte_cryptodev_queue_pair_setup(cdev_id, qp,
>  					&qp_conf, dev_conf.socket_id))
> @@ -2405,37 +2399,37 @@ session_pool_init(struct socket_ctx *ctx, int32_t
> socket_id, size_t sess_sz)
>  		printf("Allocated session pool on socket %d\n",
> 	socket_id);
>  }
> 
> -static void
> -session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
> -	size_t sess_sz)
> -{
> -	char mp_name[RTE_MEMPOOL_NAMESIZE];
> -	struct rte_mempool *sess_mp;
> -	uint32_t nb_sess;
> -
> -	snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> -			"sess_mp_priv_%u", socket_id);
> -	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
> -		rte_lcore_count());
> -	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
> -			CDEV_MP_CACHE_MULTIPLIER);
> -	sess_mp = rte_mempool_create(mp_name,
> -			nb_sess,
> -			sess_sz,
> -			CDEV_MP_CACHE_SZ,
> -			0, NULL, NULL, NULL,
> -			NULL, socket_id,
> -			0);
> -	ctx->session_priv_pool = sess_mp;
> -
> -	if (ctx->session_priv_pool == NULL)
> -		rte_exit(EXIT_FAILURE,
> -			"Cannot init session priv pool on socket %d\n",
> -			socket_id);
> -	else
> -		printf("Allocated session priv pool on socket %d\n",
> -			socket_id);
> -}
> +//static void
> +//session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
> +//	size_t sess_sz)
> +//{
> +//	char mp_name[RTE_MEMPOOL_NAMESIZE];
> +//	struct rte_mempool *sess_mp;
> +//	uint32_t nb_sess;
> +//
> +//	snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> +//			"sess_mp_priv_%u", socket_id);
> +//	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
> +//		rte_lcore_count());
> +//	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
> +//			CDEV_MP_CACHE_MULTIPLIER);
> +//	sess_mp = rte_mempool_create(mp_name,
> +//			nb_sess,
> +//			sess_sz,
> +//			CDEV_MP_CACHE_SZ,
> +//			0, NULL, NULL, NULL,
> +//			NULL, socket_id,
> +//			0);
> +//	ctx->session_priv_pool = sess_mp;
> +//
> +//	if (ctx->session_priv_pool == NULL)
> +//		rte_exit(EXIT_FAILURE,
> +//			"Cannot init session priv pool on socket %d\n",
> +//			socket_id);
> +//	else
> +//		printf("Allocated session priv pool on socket %d\n",
> +//			socket_id);
> +//}
> 
>  static void
>  pool_init(struct socket_ctx *ctx, int32_t socket_id, uint32_t nb_mbuf)
> @@ -2938,8 +2932,8 @@ main(int32_t argc, char **argv)
> 
>  		pool_init(&socket_ctx[socket_id], socket_id,
> nb_bufs_in_pool);
>  		session_pool_init(&socket_ctx[socket_id], socket_id,
> sess_sz);
> -		session_priv_pool_init(&socket_ctx[socket_id], socket_id,
> -			sess_sz);
> +//		session_priv_pool_init(&socket_ctx[socket_id], socket_id,
> +//			sess_sz);
>  	}
>  	printf("Number of mbufs in packet pool %d\n", nb_bufs_in_pool);
> 
> diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
> index 03d907cba8..a5921de11c 100644
> --- a/examples/ipsec-secgw/ipsec.c
> +++ b/examples/ipsec-secgw/ipsec.c
> @@ -143,8 +143,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx,
> struct ipsec_sa *sa,
>  		ips->crypto.ses = rte_cryptodev_sym_session_create(
>  				ipsec_ctx->session_pool);
>  		rte_cryptodev_sym_session_init(ipsec_ctx-
> >tbl[cdev_id_qp].id,
> -				ips->crypto.ses, sa->xforms,
> -				ipsec_ctx->session_priv_pool);
> +				ips->crypto.ses, sa->xforms);
> 
>  		rte_cryptodev_info_get(ipsec_ctx->tbl[cdev_id_qp].id,
>  				&cdev_info);
> diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
> index 8405c48171..673c64e8dc 100644
> --- a/examples/ipsec-secgw/ipsec.h
> +++ b/examples/ipsec-secgw/ipsec.h
> @@ -243,7 +243,6 @@ struct socket_ctx {
>  	struct rte_mempool *mbuf_pool;
>  	struct rte_mempool *mbuf_pool_indir;
>  	struct rte_mempool *session_pool;
> -	struct rte_mempool *session_priv_pool;
>  };
> 
>  struct cnt_blk {
> diff --git a/examples/ipsec-secgw/ipsec_worker.c b/examples/ipsec-
> secgw/ipsec_worker.c
> index c545497cee..04bcce49db 100644
> --- a/examples/ipsec-secgw/ipsec_worker.c
> +++ b/examples/ipsec-secgw/ipsec_worker.c
> @@ -537,14 +537,10 @@ ipsec_wrkr_non_burst_int_port_app_mode(struct
> eh_event_link_info *links,
>  	lconf.inbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_in;
>  	lconf.inbound.sa_ctx = socket_ctx[socket_id].sa_in;
>  	lconf.inbound.session_pool = socket_ctx[socket_id].session_pool;
> -	lconf.inbound.session_priv_pool =
> -			socket_ctx[socket_id].session_priv_pool;
>  	lconf.outbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_out;
>  	lconf.outbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_out;
>  	lconf.outbound.sa_ctx = socket_ctx[socket_id].sa_out;
>  	lconf.outbound.session_pool = socket_ctx[socket_id].session_pool;
> -	lconf.outbound.session_priv_pool =
> -			socket_ctx[socket_id].session_priv_pool;
> 
>  	RTE_LOG(INFO, IPSEC,
>  		"Launching event mode worker (non-burst - Tx internal port -
> "
> diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
> index 66d1491bf7..bdc3da731c 100644
> --- a/examples/l2fwd-crypto/main.c
> +++ b/examples/l2fwd-crypto/main.c
> @@ -188,7 +188,7 @@ struct l2fwd_crypto_params {
>  	struct l2fwd_iv auth_iv;
>  	struct l2fwd_iv aead_iv;
>  	struct l2fwd_key aad;
> -	struct rte_cryptodev_sym_session *session;
> +	void *session;
> 
>  	uint8_t do_cipher;
>  	uint8_t do_hash;
> @@ -229,7 +229,6 @@ struct rte_mempool *l2fwd_pktmbuf_pool;
>  struct rte_mempool *l2fwd_crypto_op_pool;
>  static struct {
>  	struct rte_mempool *sess_mp;
> -	struct rte_mempool *priv_mp;
>  } session_pool_socket[RTE_MAX_NUMA_NODES];
> 
>  /* Per-port statistics struct */
> @@ -671,11 +670,11 @@ generate_random_key(uint8_t *key, unsigned
> length)
>  }
> 
>  /* Session is created and is later attached to the crypto operation. 8< */
> -static struct rte_cryptodev_sym_session *
> +static void *
>  initialize_crypto_session(struct l2fwd_crypto_options *options, uint8_t
> cdev_id)
>  {
>  	struct rte_crypto_sym_xform *first_xform;
> -	struct rte_cryptodev_sym_session *session;
> +	void *session;
>  	int retval = rte_cryptodev_socket_id(cdev_id);
> 
>  	if (retval < 0)
> @@ -703,8 +702,7 @@ initialize_crypto_session(struct l2fwd_crypto_options
> *options, uint8_t cdev_id)
>  		return NULL;
> 
>  	if (rte_cryptodev_sym_session_init(cdev_id, session,
> -				first_xform,
> -				session_pool_socket[socket_id].priv_mp) < 0)
> +				first_xform) < 0)
>  		return NULL;
> 
>  	return session;
> @@ -730,7 +728,7 @@ l2fwd_main_loop(struct l2fwd_crypto_options
> *options)
>  			US_PER_S * BURST_TX_DRAIN_US;
>  	struct l2fwd_crypto_params *cparams;
>  	struct l2fwd_crypto_params port_cparams[qconf->nb_crypto_devs];
> -	struct rte_cryptodev_sym_session *session;
> +	void *session;
> 
>  	if (qconf->nb_rx_ports == 0) {
>  		RTE_LOG(INFO, L2FWD, "lcore %u has nothing to do\n",
> lcore_id);
> @@ -2388,30 +2386,6 @@ initialize_cryptodevs(struct l2fwd_crypto_options
> *options, unsigned nb_ports,
>  		} else
>  			sessions_needed = enabled_cdev_count;
> 
> -		if (session_pool_socket[socket_id].priv_mp == NULL) {
> -			char mp_name[RTE_MEMPOOL_NAMESIZE];
> -
> -			snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> -				"priv_sess_mp_%u", socket_id);
> -
> -			session_pool_socket[socket_id].priv_mp =
> -					rte_mempool_create(mp_name,
> -						sessions_needed,
> -						max_sess_sz,
> -						0, 0, NULL, NULL, NULL,
> -						NULL, socket_id,
> -						0);
> -
> -			if (session_pool_socket[socket_id].priv_mp == NULL)
> {
> -				printf("Cannot create pool on socket %d\n",
> -					socket_id);
> -				return -ENOMEM;
> -			}
> -
> -			printf("Allocated pool \"%s\" on socket %d\n",
> -				mp_name, socket_id);
> -		}
> -
>  		if (session_pool_socket[socket_id].sess_mp == NULL) {
>  			char mp_name[RTE_MEMPOOL_NAMESIZE];
>  			snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> @@ -2421,7 +2395,8 @@ initialize_cryptodevs(struct l2fwd_crypto_options
> *options, unsigned nb_ports,
> 
> 	rte_cryptodev_sym_session_pool_create(
>  							mp_name,
>  							sessions_needed,
> -							0, 0, 0, socket_id);
> +							max_sess_sz,
> +							0, 0, socket_id);
> 
>  			if (session_pool_socket[socket_id].sess_mp == NULL)
> {
>  				printf("Cannot create pool on socket %d\n",
> @@ -2573,8 +2548,6 @@ initialize_cryptodevs(struct l2fwd_crypto_options
> *options, unsigned nb_ports,
> 
>  		qp_conf.nb_descriptors = 2048;
>  		qp_conf.mp_session =
> session_pool_socket[socket_id].sess_mp;
> -		qp_conf.mp_session_private =
> -				session_pool_socket[socket_id].priv_mp;
> 
>  		retval = rte_cryptodev_queue_pair_setup(cdev_id, 0,
> &qp_conf,
>  				socket_id);
> diff --git a/examples/vhost_crypto/main.c b/examples/vhost_crypto/main.c
> index dea7dcbd07..cbb97aaf76 100644
> --- a/examples/vhost_crypto/main.c
> +++ b/examples/vhost_crypto/main.c
> @@ -46,7 +46,6 @@ struct vhost_crypto_info {
>  	int vids[MAX_NB_SOCKETS];
>  	uint32_t nb_vids;
>  	struct rte_mempool *sess_pool;
> -	struct rte_mempool *sess_priv_pool;
>  	struct rte_mempool *cop_pool;
>  	uint8_t cid;
>  	uint32_t qid;
> @@ -304,7 +303,6 @@ new_device(int vid)
>  	}
> 
>  	ret = rte_vhost_crypto_create(vid, info->cid, info->sess_pool,
> -			info->sess_priv_pool,
>  			rte_lcore_to_socket_id(options.los[i].lcore_id));
>  	if (ret) {
>  		RTE_LOG(ERR, USER1, "Cannot create vhost crypto\n");
> @@ -458,7 +456,6 @@ free_resource(void)
> 
>  		rte_mempool_free(info->cop_pool);
>  		rte_mempool_free(info->sess_pool);
> -		rte_mempool_free(info->sess_priv_pool);
> 
>  		for (j = 0; j < lo->nb_sockets; j++) {
>  			rte_vhost_driver_unregister(lo->socket_files[i]);
> @@ -544,16 +541,12 @@ main(int argc, char *argv[])
> 
>  		snprintf(name, 127, "SESS_POOL_%u", lo->lcore_id);
>  		info->sess_pool =
> rte_cryptodev_sym_session_pool_create(name,
> -				SESSION_MAP_ENTRIES, 0, 0, 0,
> -				rte_lcore_to_socket_id(lo->lcore_id));
> -
> -		snprintf(name, 127, "SESS_POOL_PRIV_%u", lo->lcore_id);
> -		info->sess_priv_pool = rte_mempool_create(name,
>  				SESSION_MAP_ENTRIES,
> 
> 	rte_cryptodev_sym_get_private_session_size(
> -				info->cid), 64, 0, NULL, NULL, NULL, NULL,
> -				rte_lcore_to_socket_id(lo->lcore_id), 0);
> -		if (!info->sess_priv_pool || !info->sess_pool) {
> +					info->cid), 0, 0,
> +				rte_lcore_to_socket_id(lo->lcore_id));
> +
> +		if (!info->sess_pool) {
>  			RTE_LOG(ERR, USER1, "Failed to create mempool");
>  			goto error_exit;
>  		}
> @@ -574,7 +567,6 @@ main(int argc, char *argv[])
> 
>  		qp_conf.nb_descriptors = NB_CRYPTO_DESCRIPTORS;
>  		qp_conf.mp_session = info->sess_pool;
> -		qp_conf.mp_session_private = info->sess_priv_pool;
> 
>  		for (j = 0; j < dev_info.max_nb_queue_pairs; j++) {
>  			ret = rte_cryptodev_queue_pair_setup(info->cid, j,
> diff --git a/lib/cryptodev/cryptodev_pmd.h
> b/lib/cryptodev/cryptodev_pmd.h
> index ae3aac59ae..d758b3b85d 100644
> --- a/lib/cryptodev/cryptodev_pmd.h
> +++ b/lib/cryptodev/cryptodev_pmd.h
> @@ -242,7 +242,6 @@ typedef unsigned int
> (*cryptodev_asym_get_session_private_size_t)(
>   * @param	dev		Crypto device pointer
>   * @param	xform		Single or chain of crypto xforms
>   * @param	session		Pointer to cryptodev's private session
> structure
> - * @param	mp		Mempool where the private session is
> allocated
>   *
>   * @return
>   *  - Returns 0 if private session structure have been created successfully.
> @@ -251,9 +250,7 @@ typedef unsigned int
> (*cryptodev_asym_get_session_private_size_t)(
>   *  - Returns -ENOMEM if the private session could not be allocated.
>   */
>  typedef int (*cryptodev_sym_configure_session_t)(struct rte_cryptodev
> *dev,
> -		struct rte_crypto_sym_xform *xform,
> -		struct rte_cryptodev_sym_session *session,
> -		struct rte_mempool *mp);
> +		struct rte_crypto_sym_xform *xform, void *session);
>  /**
>   * Configure a Crypto asymmetric session on a device.
>   *
> @@ -279,7 +276,7 @@ typedef int
> (*cryptodev_asym_configure_session_t)(struct rte_cryptodev *dev,
>   * @param	sess		Cryptodev session structure
>   */
>  typedef void (*cryptodev_sym_free_session_t)(struct rte_cryptodev *dev,
> -		struct rte_cryptodev_sym_session *sess);
> +		void *sess);
>  /**
>   * Free asymmetric session private data.
>   *
> diff --git a/lib/cryptodev/rte_crypto.h b/lib/cryptodev/rte_crypto.h
> index a864f5036f..200617f623 100644
> --- a/lib/cryptodev/rte_crypto.h
> +++ b/lib/cryptodev/rte_crypto.h
> @@ -420,7 +420,7 @@ rte_crypto_op_sym_xforms_alloc(struct
> rte_crypto_op *op, uint8_t nb_xforms)
>   */
>  static inline int
>  rte_crypto_op_attach_sym_session(struct rte_crypto_op *op,
> -		struct rte_cryptodev_sym_session *sess)
> +		void *sess)
>  {
>  	if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))
>  		return -1;
> diff --git a/lib/cryptodev/rte_crypto_sym.h
> b/lib/cryptodev/rte_crypto_sym.h
> index 58c0724743..848da1942c 100644
> --- a/lib/cryptodev/rte_crypto_sym.h
> +++ b/lib/cryptodev/rte_crypto_sym.h
> @@ -932,7 +932,7 @@ __rte_crypto_sym_op_sym_xforms_alloc(struct
> rte_crypto_sym_op *sym_op,
>   */
>  static inline int
>  __rte_crypto_sym_op_attach_sym_session(struct rte_crypto_sym_op
> *sym_op,
> -		struct rte_cryptodev_sym_session *sess)
> +		void *sess)
>  {
>  	sym_op->session = sess;
> 
> diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
> index 9fa3aff1d3..a31cae202a 100644
> --- a/lib/cryptodev/rte_cryptodev.c
> +++ b/lib/cryptodev/rte_cryptodev.c
> @@ -199,6 +199,8 @@ struct
> rte_cryptodev_sym_session_pool_private_data {
>  	/**< number of elements in sess_data array */
>  	uint16_t user_data_sz;
>  	/**< session user data will be placed after sess_data */
> +	uint16_t sess_priv_sz;
> +	/**< session user data will be placed after sess_data */
>  };
> 
>  int
> @@ -1223,8 +1225,7 @@ rte_cryptodev_queue_pair_setup(uint8_t dev_id,
> uint16_t queue_pair_id,
>  		return -EINVAL;
>  	}
> 
> -	if ((qp_conf->mp_session && !qp_conf->mp_session_private) ||
> -			(!qp_conf->mp_session && qp_conf-
> >mp_session_private)) {
> +	if (!qp_conf->mp_session) {
>  		CDEV_LOG_ERR("Invalid mempools\n");
>  		return -EINVAL;
>  	}
> @@ -1232,7 +1233,6 @@ rte_cryptodev_queue_pair_setup(uint8_t dev_id,
> uint16_t queue_pair_id,
>  	if (qp_conf->mp_session) {
>  		struct rte_cryptodev_sym_session_pool_private_data
> *pool_priv;
>  		uint32_t obj_size = qp_conf->mp_session->elt_size;
> -		uint32_t obj_priv_size = qp_conf->mp_session_private-
> >elt_size;
>  		struct rte_cryptodev_sym_session s = {0};
> 
>  		pool_priv = rte_mempool_get_priv(qp_conf->mp_session);
> @@ -1244,11 +1244,11 @@ rte_cryptodev_queue_pair_setup(uint8_t
> dev_id, uint16_t queue_pair_id,
> 
>  		s.nb_drivers = pool_priv->nb_drivers;
>  		s.user_data_sz = pool_priv->user_data_sz;
> +		s.priv_sz = pool_priv->sess_priv_sz;
> 
> -		if
> ((rte_cryptodev_sym_get_existing_header_session_size(&s) >
> -			obj_size) || (s.nb_drivers <= dev->driver_id) ||
> -
> 	rte_cryptodev_sym_get_private_session_size(dev_id) >
> -				obj_priv_size) {
> +		if
> (((rte_cryptodev_sym_get_existing_header_session_size(&s) +
> +				(s.nb_drivers * s.priv_sz)) > obj_size) ||
> +				(s.nb_drivers <= dev->driver_id)) {
>  			CDEV_LOG_ERR("Invalid mempool\n");
>  			return -EINVAL;
>  		}
> @@ -1710,11 +1710,11 @@ rte_cryptodev_pmd_callback_process(struct
> rte_cryptodev *dev,
> 
>  int
>  rte_cryptodev_sym_session_init(uint8_t dev_id,
> -		struct rte_cryptodev_sym_session *sess,
> -		struct rte_crypto_sym_xform *xforms,
> -		struct rte_mempool *mp)
> +		void *sess_opaque,
> +		struct rte_crypto_sym_xform *xforms)
>  {
>  	struct rte_cryptodev *dev;
> +	struct rte_cryptodev_sym_session *sess = sess_opaque;
>  	uint32_t sess_priv_sz =
> rte_cryptodev_sym_get_private_session_size(
>  			dev_id);
>  	uint8_t index;
> @@ -1727,10 +1727,10 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
> 
>  	dev = rte_cryptodev_pmd_get_dev(dev_id);
> 
> -	if (sess == NULL || xforms == NULL || dev == NULL || mp == NULL)
> +	if (sess == NULL || xforms == NULL || dev == NULL)
>  		return -EINVAL;
> 
> -	if (mp->elt_size < sess_priv_sz)
> +	if (sess->priv_sz < sess_priv_sz)
>  		return -EINVAL;
> 
>  	index = dev->driver_id;
> @@ -1740,8 +1740,11 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
>  	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops-
> >sym_session_configure, -ENOTSUP);
> 
>  	if (sess->sess_data[index].refcnt == 0) {
> +		sess->sess_data[index].data = (void *)((uint8_t *)sess +
> +
> 	rte_cryptodev_sym_get_header_session_size() +
> +				(index * sess->priv_sz));
>  		ret = dev->dev_ops->sym_session_configure(dev, xforms,
> -							sess, mp);
> +				sess->sess_data[index].data);
>  		if (ret < 0) {
>  			CDEV_LOG_ERR(
>  				"dev_id %d failed to configure session
> details",
> @@ -1750,7 +1753,7 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
>  		}
>  	}
> 
> -	rte_cryptodev_trace_sym_session_init(dev_id, sess, xforms, mp);
> +	rte_cryptodev_trace_sym_session_init(dev_id, sess, xforms);
>  	sess->sess_data[index].refcnt++;
>  	return 0;
>  }
> @@ -1795,6 +1798,21 @@ rte_cryptodev_asym_session_init(uint8_t dev_id,
>  	rte_cryptodev_trace_asym_session_init(dev_id, sess, xforms, mp);
>  	return 0;
>  }
> +static size_t
> +get_max_sym_sess_priv_sz(void)
> +{
> +	size_t max_sz, sz;
> +	int16_t cdev_id, n;
> +
> +	max_sz = 0;
> +	n =  rte_cryptodev_count();
> +	for (cdev_id = 0; cdev_id != n; cdev_id++) {
> +		sz = rte_cryptodev_sym_get_private_session_size(cdev_id);
> +		if (sz > max_sz)
> +			max_sz = sz;
> +	}
> +	return max_sz;
> +}
> 
>  struct rte_mempool *
>  rte_cryptodev_sym_session_pool_create(const char *name, uint32_t
> nb_elts,
> @@ -1804,15 +1822,15 @@ rte_cryptodev_sym_session_pool_create(const
> char *name, uint32_t nb_elts,
>  	struct rte_mempool *mp;
>  	struct rte_cryptodev_sym_session_pool_private_data *pool_priv;
>  	uint32_t obj_sz;
> +	uint32_t sess_priv_sz = get_max_sym_sess_priv_sz();
> 
>  	obj_sz = rte_cryptodev_sym_get_header_session_size() +
> user_data_size;
> -	if (obj_sz > elt_size)
> +	if (elt_size < obj_sz + (sess_priv_sz * nb_drivers)) {
>  		CDEV_LOG_INFO("elt_size %u is expanded to %u\n",
> elt_size,
> -				obj_sz);
> -	else
> -		obj_sz = elt_size;
> -
> -	mp = rte_mempool_create(name, nb_elts, obj_sz, cache_size,
> +				obj_sz + (sess_priv_sz * nb_drivers));
> +		elt_size = obj_sz + (sess_priv_sz * nb_drivers);
> +	}
> +	mp = rte_mempool_create(name, nb_elts, elt_size, cache_size,
>  			(uint32_t)(sizeof(*pool_priv)),
>  			NULL, NULL, NULL, NULL,
>  			socket_id, 0);
> @@ -1832,6 +1850,7 @@ rte_cryptodev_sym_session_pool_create(const
> char *name, uint32_t nb_elts,
> 
>  	pool_priv->nb_drivers = nb_drivers;
>  	pool_priv->user_data_sz = user_data_size;
> +	pool_priv->sess_priv_sz = sess_priv_sz;
> 
>  	rte_cryptodev_trace_sym_session_pool_create(name, nb_elts,
>  		elt_size, cache_size, user_data_size, mp);
> @@ -1865,7 +1884,7 @@ rte_cryptodev_sym_is_valid_session_pool(struct
> rte_mempool *mp)
>  	return 1;
>  }
> 
> -struct rte_cryptodev_sym_session *
> +void *
>  rte_cryptodev_sym_session_create(struct rte_mempool *mp)
>  {
>  	struct rte_cryptodev_sym_session *sess;
> @@ -1886,6 +1905,7 @@ rte_cryptodev_sym_session_create(struct
> rte_mempool *mp)
> 
>  	sess->nb_drivers = pool_priv->nb_drivers;
>  	sess->user_data_sz = pool_priv->user_data_sz;
> +	sess->priv_sz = pool_priv->sess_priv_sz;
>  	sess->opaque_data = 0;
> 
>  	/* Clear device session pointer.
> @@ -1895,7 +1915,7 @@ rte_cryptodev_sym_session_create(struct
> rte_mempool *mp)
>  			rte_cryptodev_sym_session_data_size(sess));
> 
>  	rte_cryptodev_trace_sym_session_create(mp, sess);
> -	return sess;
> +	return (void *)sess;
>  }
> 
>  struct rte_cryptodev_asym_session *
> @@ -1933,9 +1953,9 @@ rte_cryptodev_asym_session_create(struct
> rte_mempool *mp)
>  }
> 
>  int
> -rte_cryptodev_sym_session_clear(uint8_t dev_id,
> -		struct rte_cryptodev_sym_session *sess)
> +rte_cryptodev_sym_session_clear(uint8_t dev_id, void *s)
>  {
> +	struct rte_cryptodev_sym_session *sess = s;
>  	struct rte_cryptodev *dev;
>  	uint8_t driver_id;
> 
> @@ -1957,7 +1977,7 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id,
> 
>  	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->sym_session_clear,
> -ENOTSUP);
> 
> -	dev->dev_ops->sym_session_clear(dev, sess);
> +	dev->dev_ops->sym_session_clear(dev, sess-
> >sess_data[driver_id].data);
> 
>  	rte_cryptodev_trace_sym_session_clear(dev_id, sess);
>  	return 0;
> @@ -1988,10 +2008,11 @@ rte_cryptodev_asym_session_clear(uint8_t
> dev_id,
>  }
> 
>  int
> -rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess)
> +rte_cryptodev_sym_session_free(void *s)
>  {
>  	uint8_t i;
>  	struct rte_mempool *sess_mp;
> +	struct rte_cryptodev_sym_session *sess = s;
> 
>  	if (sess == NULL)
>  		return -EINVAL;
> diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
> index bb01f0f195..25af6fa7b9 100644
> --- a/lib/cryptodev/rte_cryptodev.h
> +++ b/lib/cryptodev/rte_cryptodev.h
> @@ -537,8 +537,6 @@ struct rte_cryptodev_qp_conf {
>  	uint32_t nb_descriptors; /**< Number of descriptors per queue pair
> */
>  	struct rte_mempool *mp_session;
>  	/**< The mempool for creating session in sessionless mode */
> -	struct rte_mempool *mp_session_private;
> -	/**< The mempool for creating sess private data in sessionless mode
> */
>  };
> 
>  /**
> @@ -1126,6 +1124,8 @@ struct rte_cryptodev_sym_session {
>  	/**< number of elements in sess_data array */
>  	uint16_t user_data_sz;
>  	/**< session user data will be placed after sess_data */
> +	uint16_t priv_sz;
> +	/**< Maximum private session data size which each driver can use */
>  	__extension__ struct {
>  		void *data;
>  		uint16_t refcnt;
> @@ -1177,10 +1177,10 @@ rte_cryptodev_sym_session_pool_create(const
> char *name, uint32_t nb_elts,
>   * @param   mempool    Symmetric session mempool to allocate session
>   *                     objects from
>   * @return
> - *  - On success return pointer to sym-session
> + *  - On success return opaque pointer to sym-session
>   *  - On failure returns NULL
>   */
> -struct rte_cryptodev_sym_session *
> +void *
>  rte_cryptodev_sym_session_create(struct rte_mempool *mempool);
> 
>  /**
> @@ -1209,7 +1209,7 @@ rte_cryptodev_asym_session_create(struct
> rte_mempool *mempool);
>   *  - -EBUSY if not all device private data has been freed.
>   */
>  int
> -rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session
> *sess);
> +rte_cryptodev_sym_session_free(void *sess);
> 
>  /**
>   * Frees asymmetric crypto session header, after checking that all
> @@ -1229,25 +1229,23 @@ rte_cryptodev_asym_session_free(struct
> rte_cryptodev_asym_session *sess);
> 
>  /**
>   * Fill out private data for the device id, based on its device type.
> + * Memory for private data is already allocated in sess, driver need
> + * to fill the content.
>   *
>   * @param   dev_id   ID of device that we want the session to be used on
>   * @param   sess     Session where the private data will be attached to
>   * @param   xforms   Symmetric crypto transform operations to apply on
> flow
>   *                   processed with this session
> - * @param   mempool  Mempool where the private data is allocated.
>   *
>   * @return
>   *  - On success, zero.
>   *  - -EINVAL if input parameters are invalid.
>   *  - -ENOTSUP if crypto device does not support the crypto transform or
>   *    does not support symmetric operations.
> - *  - -ENOMEM if the private session could not be allocated.
>   */
>  int
> -rte_cryptodev_sym_session_init(uint8_t dev_id,
> -			struct rte_cryptodev_sym_session *sess,
> -			struct rte_crypto_sym_xform *xforms,
> -			struct rte_mempool *mempool);
> +rte_cryptodev_sym_session_init(uint8_t dev_id, void *sess,
> +			struct rte_crypto_sym_xform *xforms);
> 
>  /**
>   * Initialize asymmetric session on a device with specific asymmetric xform
> @@ -1286,8 +1284,7 @@ rte_cryptodev_asym_session_init(uint8_t dev_id,
>   *  - -ENOTSUP if crypto device does not support symmetric operations.
>   */
>  int
> -rte_cryptodev_sym_session_clear(uint8_t dev_id,
> -			struct rte_cryptodev_sym_session *sess);
> +rte_cryptodev_sym_session_clear(uint8_t dev_id, void *sess);
> 
>  /**
>   * Frees resources held by asymmetric session during
> rte_cryptodev_session_init
> diff --git a/lib/cryptodev/rte_cryptodev_trace.h
> b/lib/cryptodev/rte_cryptodev_trace.h
> index d1f4f069a3..44da04c425 100644
> --- a/lib/cryptodev/rte_cryptodev_trace.h
> +++ b/lib/cryptodev/rte_cryptodev_trace.h
> @@ -56,7 +56,6 @@ RTE_TRACE_POINT(
>  	rte_trace_point_emit_u16(queue_pair_id);
>  	rte_trace_point_emit_u32(conf->nb_descriptors);
>  	rte_trace_point_emit_ptr(conf->mp_session);
> -	rte_trace_point_emit_ptr(conf->mp_session_private);
>  )
> 
>  RTE_TRACE_POINT(
> @@ -106,15 +105,13 @@ RTE_TRACE_POINT(
>  RTE_TRACE_POINT(
>  	rte_cryptodev_trace_sym_session_init,
>  	RTE_TRACE_POINT_ARGS(uint8_t dev_id,
> -		struct rte_cryptodev_sym_session *sess, void *xforms,
> -		void *mempool),
> +		struct rte_cryptodev_sym_session *sess, void *xforms),
>  	rte_trace_point_emit_u8(dev_id);
>  	rte_trace_point_emit_ptr(sess);
>  	rte_trace_point_emit_u64(sess->opaque_data);
>  	rte_trace_point_emit_u16(sess->nb_drivers);
>  	rte_trace_point_emit_u16(sess->user_data_sz);
>  	rte_trace_point_emit_ptr(xforms);
> -	rte_trace_point_emit_ptr(mempool);
>  )
> 
>  RTE_TRACE_POINT(
> diff --git a/lib/pipeline/rte_table_action.c b/lib/pipeline/rte_table_action.c
> index ad7904c0ee..efdba9c899 100644
> --- a/lib/pipeline/rte_table_action.c
> +++ b/lib/pipeline/rte_table_action.c
> @@ -1719,7 +1719,7 @@ struct sym_crypto_data {
>  	uint16_t op_mask;
> 
>  	/** Session pointer. */
> -	struct rte_cryptodev_sym_session *session;
> +	void *session;
> 
>  	/** Direction of crypto, encrypt or decrypt */
>  	uint16_t direction;
> @@ -1780,7 +1780,7 @@ sym_crypto_apply(struct sym_crypto_data *data,
>  	const struct rte_crypto_auth_xform *auth_xform = NULL;
>  	const struct rte_crypto_aead_xform *aead_xform = NULL;
>  	struct rte_crypto_sym_xform *xform = p->xform;
> -	struct rte_cryptodev_sym_session *session;
> +	void *session;
>  	int ret;
> 
>  	memset(data, 0, sizeof(*data));
> @@ -1905,7 +1905,7 @@ sym_crypto_apply(struct sym_crypto_data *data,
>  		return -ENOMEM;
> 
>  	ret = rte_cryptodev_sym_session_init(cfg->cryptodev_id, session,
> -			p->xform, cfg->mp_init);
> +			p->xform);
>  	if (ret < 0) {
>  		rte_cryptodev_sym_session_free(session);
>  		return ret;
> @@ -2858,7 +2858,7 @@ rte_table_action_time_read(struct
> rte_table_action *action,
>  	return 0;
>  }
> 
> -struct rte_cryptodev_sym_session *
> +void *
>  rte_table_action_crypto_sym_session_get(struct rte_table_action *action,
>  	void *data)
>  {
> diff --git a/lib/pipeline/rte_table_action.h b/lib/pipeline/rte_table_action.h
> index 82bc9d9ac9..68db453a8b 100644
> --- a/lib/pipeline/rte_table_action.h
> +++ b/lib/pipeline/rte_table_action.h
> @@ -1129,7 +1129,7 @@ rte_table_action_time_read(struct
> rte_table_action *action,
>   *   The pointer to the session on success, NULL otherwise.
>   */
>  __rte_experimental
> -struct rte_cryptodev_sym_session *
> +void *
>  rte_table_action_crypto_sym_session_get(struct rte_table_action *action,
>  	void *data);
> 
> diff --git a/lib/vhost/rte_vhost_crypto.h b/lib/vhost/rte_vhost_crypto.h
> index f54d731139..d9b7beed9c 100644
> --- a/lib/vhost/rte_vhost_crypto.h
> +++ b/lib/vhost/rte_vhost_crypto.h
> @@ -50,8 +50,6 @@ rte_vhost_crypto_driver_start(const char *path);
>   *  multiple Vhost-crypto devices.
>   * @param sess_pool
>   *  The pointer to the created cryptodev session pool.
> - * @param sess_priv_pool
> - *  The pointer to the created cryptodev session private data mempool.
>   * @param socket_id
>   *  NUMA Socket ID to allocate resources on. *
>   * @return
> @@ -61,7 +59,6 @@ rte_vhost_crypto_driver_start(const char *path);
>  int
>  rte_vhost_crypto_create(int vid, uint8_t cryptodev_id,
>  		struct rte_mempool *sess_pool,
> -		struct rte_mempool *sess_priv_pool,
>  		int socket_id);
> 
>  /**
> diff --git a/lib/vhost/vhost_crypto.c b/lib/vhost/vhost_crypto.c
> index 926b5c0bd9..b4464c4253 100644
> --- a/lib/vhost/vhost_crypto.c
> +++ b/lib/vhost/vhost_crypto.c
> @@ -338,7 +338,7 @@ vhost_crypto_create_sess(struct vhost_crypto
> *vcrypto,
>  		VhostUserCryptoSessionParam *sess_param)
>  {
>  	struct rte_crypto_sym_xform xform1 = {0}, xform2 = {0};
> -	struct rte_cryptodev_sym_session *session;
> +	void *session;
>  	int ret;
> 
>  	switch (sess_param->op_type) {
> @@ -383,8 +383,7 @@ vhost_crypto_create_sess(struct vhost_crypto
> *vcrypto,
>  		return;
>  	}
> 
> -	if (rte_cryptodev_sym_session_init(vcrypto->cid, session, &xform1,
> -			vcrypto->sess_priv_pool) < 0) {
> +	if (rte_cryptodev_sym_session_init(vcrypto->cid, session, &xform1)
> < 0) {
>  		VC_LOG_ERR("Failed to initialize session");
>  		sess_param->session_id = -VIRTIO_CRYPTO_ERR;
>  		return;
> @@ -1425,7 +1424,6 @@ rte_vhost_crypto_driver_start(const char *path)
>  int
>  rte_vhost_crypto_create(int vid, uint8_t cryptodev_id,
>  		struct rte_mempool *sess_pool,
> -		struct rte_mempool *sess_priv_pool,
>  		int socket_id)
>  {
>  	struct virtio_net *dev = get_device(vid);
> @@ -1447,7 +1445,6 @@ rte_vhost_crypto_create(int vid, uint8_t
> cryptodev_id,
>  	}
> 
>  	vcrypto->sess_pool = sess_pool;
> -	vcrypto->sess_priv_pool = sess_priv_pool;
>  	vcrypto->cid = cryptodev_id;
>  	vcrypto->cache_session_id = UINT64_MAX;
>  	vcrypto->last_session_id = 1;
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [dpdk-dev] [PATCH 3/3] cryptodev: rework session framework
  2021-10-01 15:53   ` Zhang, Roy Fan
@ 2021-10-04 19:07     ` Akhil Goyal
  0 siblings, 0 replies; 49+ messages in thread
From: Akhil Goyal @ 2021-10-04 19:07 UTC (permalink / raw)
  To: Zhang, Roy Fan, dev
  Cc: thomas, david.marchand, hemant.agrawal, Anoob Joseph,
	De Lara Guarch, Pablo, Trahe, Fiona, Doherty, Declan, matan,
	g.singh, jianjay.zhou, asomalap, ruifeng.wang, Ananyev,
	Konstantin, Nicolau, Radu, ajit.khaparde, Nagadheeraj Rottela,
	Ankur Dwivedi, Power, Ciara

Hi Fan,

> Hi Akhil,
> 
> Your patch failed all QAT tests - maybe it will fail on all PMDs requiring to
> know the session's physical address (such as nitrox, caam).
> 
> The reason is QAT PMD driver cannot know the physical address of the
> session private data passed into it - as the private data is computed by
> rte_cryptodev_sym_session_init() from the start of the session (which has a
> mempool obj header with valid physical address) to the offset for that driver
> type. The session private data pointer - although is a valid buffer - does not
> have the obj header that contains the physical address.
> 
> I think the solution can be - instead of passing the session private data, the
> rte_cryptodev_sym_session pointer should be passed and a macro shall be
> provided to the drivers to manually compute the offset and then find the
> correct session private data from the session for itself.

Thanks for trying this patchset.
Instead of passing the rte_cryptodev_sym_session, Can we add another
Argument in the sym_session_configure() to pass physical address of session.
This will reduce the overhead of PMD to get the offset from lib and then call rte_mempool_virt2iova.
sym_session_configure(dev, xforms, sess_priv, sess_priv_iova)

The motive for above change: Since the mempool is not exposed to PMD,
It does not make sense to call rte_mempool_virt2iova Inside PMD.
What do you suggest?

Regards,
Akhil

> 
> Regards,
> Fan
> 
> > -----Original Message-----
> > From: Akhil Goyal <gakhil@marvell.com>
> > Sent: Thursday, September 30, 2021 3:50 PM
> > To: dev@dpdk.org
> > Cc: thomas@monjalon.net; david.marchand@redhat.com;
> > hemant.agrawal@nxp.com; anoobj@marvell.com; De Lara Guarch, Pablo
> > <pablo.de.lara.guarch@intel.com>; Trahe, Fiona <fiona.trahe@intel.com>;
> > Doherty, Declan <declan.doherty@intel.com>; matan@nvidia.com;
> > g.singh@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> > jianjay.zhou@huawei.com; asomalap@amd.com; ruifeng.wang@arm.com;
> > Ananyev, Konstantin <konstantin.ananyev@intel.com>; Nicolau, Radu
> > <radu.nicolau@intel.com>; ajit.khaparde@broadcom.com;
> > rnagadheeraj@marvell.com; adwivedi@marvell.com; Power, Ciara
> > <ciara.power@intel.com>; Akhil Goyal <gakhil@marvell.com>
> > Subject: [PATCH 3/3] cryptodev: rework session framework
> >
> > As per current design, rte_cryptodev_sym_session_create() and
> > rte_cryptodev_sym_session_init() use separate mempool objects
> > for a single session.
> > And structure rte_cryptodev_sym_session is not directly used
> > by the application, it may cause ABI breakage if the structure
> > is modified in future.
> >
> > To address these two issues, the rte_cryptodev_sym_session_create
> > will take one mempool object for both the session and session
> > private data. The API rte_cryptodev_sym_session_init will now not
> > take mempool object.
> > rte_cryptodev_sym_session_create will now return an opaque session
> > pointer which will be used by the app in rte_cryptodev_sym_session_init
> > and other APIs.
> >
> > With this change, rte_cryptodev_sym_session_init will send
> > pointer to session private data of corresponding driver to the PMD
> > based on the driver_id for filling the PMD data.
> >
> > In data path, opaque session pointer is attached to rte_crypto_op
> > and the PMD can call an internal library API to get the session
> > private data pointer based on the driver id.
> >
> > TODO:
> > - inline APIs for opaque data
> > - move rte_cryptodev_sym_session struct to cryptodev_pmd.h
> > - currently nb_drivers are getting updated in RTE_INIT which
> > result in increasing the memory requirements for session.
> > This will be moved to PMD probe so that memory is created
> > only for those PMDs which are probed and not just compiled in.
> >
> > Signed-off-by: Akhil Goyal <gakhil@marvell.com>
> > ---
> >  app/test-crypto-perf/cperf.h                  |   1 -
> >  app/test-crypto-perf/cperf_ops.c              |  33 ++---
> >  app/test-crypto-perf/cperf_ops.h              |   6 +-
> >  app/test-crypto-perf/cperf_test_latency.c     |   5 +-
> >  app/test-crypto-perf/cperf_test_latency.h     |   1 -
> >  .../cperf_test_pmd_cyclecount.c               |   5 +-
> >  .../cperf_test_pmd_cyclecount.h               |   1 -
> >  app/test-crypto-perf/cperf_test_throughput.c  |   5 +-
> >  app/test-crypto-perf/cperf_test_throughput.h  |   1 -
> >  app/test-crypto-perf/cperf_test_verify.c      |   5 +-
> >  app/test-crypto-perf/cperf_test_verify.h      |   1 -
> >  app/test-crypto-perf/main.c                   |  29 +---
> >  app/test/test_cryptodev.c                     | 130 +++++-------------
> >  app/test/test_cryptodev.h                     |   1 -
> >  app/test/test_cryptodev_asym.c                |   1 -
> >  app/test/test_cryptodev_blockcipher.c         |   6 +-
> >  app/test/test_event_crypto_adapter.c          |  28 +---
> >  app/test/test_ipsec.c                         |  22 +--
> >  drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c  |  33 +----
> >  .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  34 +----
> >  drivers/crypto/armv8/rte_armv8_pmd_ops.c      |  34 +----
> >  drivers/crypto/bcmfs/bcmfs_sym_session.c      |  36 +----
> >  drivers/crypto/bcmfs/bcmfs_sym_session.h      |   6 +-
> >  drivers/crypto/caam_jr/caam_jr.c              |  32 ++---
> >  drivers/crypto/ccp/ccp_pmd_ops.c              |  32 +----
> >  drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |  18 ++-
> >  drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |  18 +--
> >  drivers/crypto/cnxk/cnxk_cryptodev_ops.c      |  61 +++-----
> >  drivers/crypto/cnxk/cnxk_cryptodev_ops.h      |  13 +-
> >  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  29 +---
> >  drivers/crypto/dpaa_sec/dpaa_sec.c            |  31 +----
> >  drivers/crypto/kasumi/rte_kasumi_pmd_ops.c    |  34 +----
> >  drivers/crypto/mlx5/mlx5_crypto.c             |  24 +---
> >  drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  36 ++---
> >  drivers/crypto/nitrox/nitrox_sym.c            |  31 +----
> >  drivers/crypto/null/null_crypto_pmd_ops.c     |  34 +----
> >  .../crypto/octeontx/otx_cryptodev_hw_access.h |   1 -
> >  drivers/crypto/octeontx/otx_cryptodev_ops.c   |  60 +++-----
> >  drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  52 +++----
> >  .../octeontx2/otx2_cryptodev_ops_helper.h     |  16 +--
> >  drivers/crypto/openssl/rte_openssl_pmd_ops.c  |  35 +----
> >  drivers/crypto/qat/qat_sym_session.c          |  29 +---
> >  drivers/crypto/qat/qat_sym_session.h          |   6 +-
> >  drivers/crypto/scheduler/scheduler_pmd_ops.c  |   9 +-
> >  drivers/crypto/snow3g/rte_snow3g_pmd_ops.c    |  34 +----
> >  drivers/crypto/virtio/virtio_cryptodev.c      |  31 ++---
> >  drivers/crypto/zuc/rte_zuc_pmd_ops.c          |  35 +----
> >  .../octeontx2/otx2_evdev_crypto_adptr_rx.h    |   3 +-
> >  examples/fips_validation/fips_dev_self_test.c |  32 ++---
> >  examples/fips_validation/main.c               |  20 +--
> >  examples/ipsec-secgw/ipsec-secgw.c            |  72 +++++-----
> >  examples/ipsec-secgw/ipsec.c                  |   3 +-
> >  examples/ipsec-secgw/ipsec.h                  |   1 -
> >  examples/ipsec-secgw/ipsec_worker.c           |   4 -
> >  examples/l2fwd-crypto/main.c                  |  41 +-----
> >  examples/vhost_crypto/main.c                  |  16 +--
> >  lib/cryptodev/cryptodev_pmd.h                 |   7 +-
> >  lib/cryptodev/rte_crypto.h                    |   2 +-
> >  lib/cryptodev/rte_crypto_sym.h                |   2 +-
> >  lib/cryptodev/rte_cryptodev.c                 |  73 ++++++----
> >  lib/cryptodev/rte_cryptodev.h                 |  23 ++--
> >  lib/cryptodev/rte_cryptodev_trace.h           |   5 +-
> >  lib/pipeline/rte_table_action.c               |   8 +-
> >  lib/pipeline/rte_table_action.h               |   2 +-
> >  lib/vhost/rte_vhost_crypto.h                  |   3 -
> >  lib/vhost/vhost_crypto.c                      |   7 +-
> >  66 files changed, 399 insertions(+), 1050 deletions(-)
> >
> > diff --git a/app/test-crypto-perf/cperf.h b/app/test-crypto-perf/cperf.h
> > index 2b0aad095c..db58228dce 100644
> > --- a/app/test-crypto-perf/cperf.h
> > +++ b/app/test-crypto-perf/cperf.h
> > @@ -15,7 +15,6 @@ struct cperf_op_fns;
> >
> >  typedef void  *(*cperf_constructor_t)(
> >  		struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id,
> >  		uint16_t qp_id,
> >  		const struct cperf_options *options,
> > diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-
> > perf/cperf_ops.c
> > index 1b3cbe77b9..f094bc656d 100644
> > --- a/app/test-crypto-perf/cperf_ops.c
> > +++ b/app/test-crypto-perf/cperf_ops.c
> > @@ -12,7 +12,7 @@ static int
> >  cperf_set_ops_asym(struct rte_crypto_op **ops,
> >  		   uint32_t src_buf_offset __rte_unused,
> >  		   uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
> > -		   struct rte_cryptodev_sym_session *sess,
> > +		   void *sess,
> >  		   const struct cperf_options *options __rte_unused,
> >  		   const struct cperf_test_vector *test_vector __rte_unused,
> >  		   uint16_t iv_offset __rte_unused,
> > @@ -40,7 +40,7 @@ static int
> >  cperf_set_ops_security(struct rte_crypto_op **ops,
> >  		uint32_t src_buf_offset __rte_unused,
> >  		uint32_t dst_buf_offset __rte_unused,
> > -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> > +		uint16_t nb_ops, void *sess,
> >  		const struct cperf_options *options __rte_unused,
> >  		const struct cperf_test_vector *test_vector __rte_unused,
> >  		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
> > @@ -106,7 +106,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
> >  static int
> >  cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
> >  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> > -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> > +		uint16_t nb_ops, void *sess,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector __rte_unused,
> >  		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
> > @@ -145,7 +145,7 @@ cperf_set_ops_null_cipher(struct rte_crypto_op
> > **ops,
> >  static int
> >  cperf_set_ops_null_auth(struct rte_crypto_op **ops,
> >  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> > -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> > +		uint16_t nb_ops, void *sess,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector __rte_unused,
> >  		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
> > @@ -184,7 +184,7 @@ cperf_set_ops_null_auth(struct rte_crypto_op
> **ops,
> >  static int
> >  cperf_set_ops_cipher(struct rte_crypto_op **ops,
> >  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> > -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> > +		uint16_t nb_ops, void *sess,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> >  		uint16_t iv_offset, uint32_t *imix_idx)
> > @@ -240,7 +240,7 @@ cperf_set_ops_cipher(struct rte_crypto_op **ops,
> >  static int
> >  cperf_set_ops_auth(struct rte_crypto_op **ops,
> >  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> > -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> > +		uint16_t nb_ops, void *sess,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> >  		uint16_t iv_offset, uint32_t *imix_idx)
> > @@ -340,7 +340,7 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
> >  static int
> >  cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
> >  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> > -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> > +		uint16_t nb_ops, void *sess,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> >  		uint16_t iv_offset, uint32_t *imix_idx)
> > @@ -455,7 +455,7 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op
> > **ops,
> >  static int
> >  cperf_set_ops_aead(struct rte_crypto_op **ops,
> >  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> > -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> > +		uint16_t nb_ops, void *sess,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> >  		uint16_t iv_offset, uint32_t *imix_idx)
> > @@ -563,9 +563,8 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
> >  	return 0;
> >  }
> >
> > -static struct rte_cryptodev_sym_session *
> > +static void *
> >  cperf_create_session(struct rte_mempool *sess_mp,
> > -	struct rte_mempool *priv_mp,
> >  	uint8_t dev_id,
> >  	const struct cperf_options *options,
> >  	const struct cperf_test_vector *test_vector,
> > @@ -590,7 +589,7 @@ cperf_create_session(struct rte_mempool
> *sess_mp,
> >  		if (sess == NULL)
> >  			return NULL;
> >  		rc = rte_cryptodev_asym_session_init(dev_id, (void *)sess,
> > -						     &xform, priv_mp);
> > +						     &xform, sess_mp);
> >  		if (rc < 0) {
> >  			if (sess != NULL) {
> >  				rte_cryptodev_asym_session_clear(dev_id,
> > @@ -742,8 +741,7 @@ cperf_create_session(struct rte_mempool
> *sess_mp,
> >  			cipher_xform.cipher.iv.length = 0;
> >  		}
> >  		/* create crypto session */
> > -		rte_cryptodev_sym_session_init(dev_id, sess,
> > &cipher_xform,
> > -				priv_mp);
> > +		rte_cryptodev_sym_session_init(dev_id, sess,
> > &cipher_xform);
> >  	/*
> >  	 *  auth only
> >  	 */
> > @@ -770,8 +768,7 @@ cperf_create_session(struct rte_mempool
> *sess_mp,
> >  			auth_xform.auth.iv.length = 0;
> >  		}
> >  		/* create crypto session */
> > -		rte_cryptodev_sym_session_init(dev_id, sess, &auth_xform,
> > -				priv_mp);
> > +		rte_cryptodev_sym_session_init(dev_id, sess,
> > &auth_xform);
> >  	/*
> >  	 * cipher and auth
> >  	 */
> > @@ -830,12 +827,12 @@ cperf_create_session(struct rte_mempool
> > *sess_mp,
> >  			cipher_xform.next = &auth_xform;
> >  			/* create crypto session */
> >  			rte_cryptodev_sym_session_init(dev_id,
> > -					sess, &cipher_xform, priv_mp);
> > +					sess, &cipher_xform);
> >  		} else { /* auth then cipher */
> >  			auth_xform.next = &cipher_xform;
> >  			/* create crypto session */
> >  			rte_cryptodev_sym_session_init(dev_id,
> > -					sess, &auth_xform, priv_mp);
> > +					sess, &auth_xform);
> >  		}
> >  	} else { /* options->op_type == CPERF_AEAD */
> >  		aead_xform.type = RTE_CRYPTO_SYM_XFORM_AEAD;
> > @@ -856,7 +853,7 @@ cperf_create_session(struct rte_mempool
> *sess_mp,
> >
> >  		/* Create crypto session */
> >  		rte_cryptodev_sym_session_init(dev_id,
> > -					sess, &aead_xform, priv_mp);
> > +					sess, &aead_xform);
> >  	}
> >
> >  	return sess;
> > diff --git a/app/test-crypto-perf/cperf_ops.h b/app/test-crypto-
> > perf/cperf_ops.h
> > index ff125d12cd..3ff10491a0 100644
> > --- a/app/test-crypto-perf/cperf_ops.h
> > +++ b/app/test-crypto-perf/cperf_ops.h
> > @@ -12,15 +12,15 @@
> >  #include "cperf_test_vectors.h"
> >
> >
> > -typedef struct rte_cryptodev_sym_session *(*cperf_sessions_create_t)(
> > -		struct rte_mempool *sess_mp, struct rte_mempool
> > *sess_priv_mp,
> > +typedef void *(*cperf_sessions_create_t)(
> > +		struct rte_mempool *sess_mp,
> >  		uint8_t dev_id, const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> >  		uint16_t iv_offset);
> >
> >  typedef int (*cperf_populate_ops_t)(struct rte_crypto_op **ops,
> >  		uint32_t src_buf_offset, uint32_t dst_buf_offset,
> > -		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
> > +		uint16_t nb_ops, void *sess,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> >  		uint16_t iv_offset, uint32_t *imix_idx);
> > diff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-
> > perf/cperf_test_latency.c
> > index 159fe8492b..4193f7e777 100644
> > --- a/app/test-crypto-perf/cperf_test_latency.c
> > +++ b/app/test-crypto-perf/cperf_test_latency.c
> > @@ -24,7 +24,7 @@ struct cperf_latency_ctx {
> >
> >  	struct rte_mempool *pool;
> >
> > -	struct rte_cryptodev_sym_session *sess;
> > +	void *sess;
> >
> >  	cperf_populate_ops_t populate_ops;
> >
> > @@ -59,7 +59,6 @@ cperf_latency_test_free(struct cperf_latency_ctx *ctx)
> >
> >  void *
> >  cperf_latency_test_constructor(struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id, uint16_t qp_id,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> > @@ -84,7 +83,7 @@ cperf_latency_test_constructor(struct rte_mempool
> > *sess_mp,
> >  		sizeof(struct rte_crypto_sym_op) +
> >  		sizeof(struct cperf_op_result *);
> >
> > -	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id,
> > options,
> > +	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
> >  			test_vector, iv_offset);
> >  	if (ctx->sess == NULL)
> >  		goto err;
> > diff --git a/app/test-crypto-perf/cperf_test_latency.h b/app/test-crypto-
> > perf/cperf_test_latency.h
> > index ed5b0a07bb..d3fc3218d7 100644
> > --- a/app/test-crypto-perf/cperf_test_latency.h
> > +++ b/app/test-crypto-perf/cperf_test_latency.h
> > @@ -17,7 +17,6 @@
> >  void *
> >  cperf_latency_test_constructor(
> >  		struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id,
> >  		uint16_t qp_id,
> >  		const struct cperf_options *options,
> > diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-
> > crypto-perf/cperf_test_pmd_cyclecount.c
> > index cbbbedd9ba..3dd489376f 100644
> > --- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
> > +++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
> > @@ -27,7 +27,7 @@ struct cperf_pmd_cyclecount_ctx {
> >  	struct rte_crypto_op **ops;
> >  	struct rte_crypto_op **ops_processed;
> >
> > -	struct rte_cryptodev_sym_session *sess;
> > +	void *sess;
> >
> >  	cperf_populate_ops_t populate_ops;
> >
> > @@ -93,7 +93,6 @@ cperf_pmd_cyclecount_test_free(struct
> > cperf_pmd_cyclecount_ctx *ctx)
> >
> >  void *
> >  cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id, uint16_t qp_id,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> > @@ -120,7 +119,7 @@ cperf_pmd_cyclecount_test_constructor(struct
> > rte_mempool *sess_mp,
> >  	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
> >  			sizeof(struct rte_crypto_sym_op);
> >
> > -	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id,
> > options,
> > +	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
> >  			test_vector, iv_offset);
> >  	if (ctx->sess == NULL)
> >  		goto err;
> > diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h b/app/test-
> > crypto-perf/cperf_test_pmd_cyclecount.h
> > index 3084038a18..beb4419910 100644
> > --- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
> > +++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
> > @@ -18,7 +18,6 @@
> >  void *
> >  cperf_pmd_cyclecount_test_constructor(
> >  		struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id,
> >  		uint16_t qp_id,
> >  		const struct cperf_options *options,
> > diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-
> crypto-
> > perf/cperf_test_throughput.c
> > index 76fcda47ff..dc5c48b4da 100644
> > --- a/app/test-crypto-perf/cperf_test_throughput.c
> > +++ b/app/test-crypto-perf/cperf_test_throughput.c
> > @@ -18,7 +18,7 @@ struct cperf_throughput_ctx {
> >
> >  	struct rte_mempool *pool;
> >
> > -	struct rte_cryptodev_sym_session *sess;
> > +	void *sess;
> >
> >  	cperf_populate_ops_t populate_ops;
> >
> > @@ -64,7 +64,6 @@ cperf_throughput_test_free(struct
> > cperf_throughput_ctx *ctx)
> >
> >  void *
> >  cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id, uint16_t qp_id,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> > @@ -87,7 +86,7 @@ cperf_throughput_test_constructor(struct
> > rte_mempool *sess_mp,
> >  	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
> >  		sizeof(struct rte_crypto_sym_op);
> >
> > -	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id,
> > options,
> > +	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
> >  			test_vector, iv_offset);
> >  	if (ctx->sess == NULL)
> >  		goto err;
> > diff --git a/app/test-crypto-perf/cperf_test_throughput.h b/app/test-
> > crypto-perf/cperf_test_throughput.h
> > index 91e1a4b708..439ec8e559 100644
> > --- a/app/test-crypto-perf/cperf_test_throughput.h
> > +++ b/app/test-crypto-perf/cperf_test_throughput.h
> > @@ -18,7 +18,6 @@
> >  void *
> >  cperf_throughput_test_constructor(
> >  		struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id,
> >  		uint16_t qp_id,
> >  		const struct cperf_options *options,
> > diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-
> > perf/cperf_test_verify.c
> > index 2939aeaa93..cf561dd700 100644
> > --- a/app/test-crypto-perf/cperf_test_verify.c
> > +++ b/app/test-crypto-perf/cperf_test_verify.c
> > @@ -18,7 +18,7 @@ struct cperf_verify_ctx {
> >
> >  	struct rte_mempool *pool;
> >
> > -	struct rte_cryptodev_sym_session *sess;
> > +	void *sess;
> >
> >  	cperf_populate_ops_t populate_ops;
> >
> > @@ -51,7 +51,6 @@ cperf_verify_test_free(struct cperf_verify_ctx *ctx)
> >
> >  void *
> >  cperf_verify_test_constructor(struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id, uint16_t qp_id,
> >  		const struct cperf_options *options,
> >  		const struct cperf_test_vector *test_vector,
> > @@ -74,7 +73,7 @@ cperf_verify_test_constructor(struct rte_mempool
> > *sess_mp,
> >  	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
> >  		sizeof(struct rte_crypto_sym_op);
> >
> > -	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id,
> > options,
> > +	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
> >  			test_vector, iv_offset);
> >  	if (ctx->sess == NULL)
> >  		goto err;
> > diff --git a/app/test-crypto-perf/cperf_test_verify.h b/app/test-crypto-
> > perf/cperf_test_verify.h
> > index ac2192ba99..9f70ad87ba 100644
> > --- a/app/test-crypto-perf/cperf_test_verify.h
> > +++ b/app/test-crypto-perf/cperf_test_verify.h
> > @@ -18,7 +18,6 @@
> >  void *
> >  cperf_verify_test_constructor(
> >  		struct rte_mempool *sess_mp,
> > -		struct rte_mempool *sess_priv_mp,
> >  		uint8_t dev_id,
> >  		uint16_t qp_id,
> >  		const struct cperf_options *options,
> > diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c
> > index 390380898e..c3327b7e55 100644
> > --- a/app/test-crypto-perf/main.c
> > +++ b/app/test-crypto-perf/main.c
> > @@ -118,35 +118,14 @@ fill_session_pool_socket(int32_t socket_id,
> > uint32_t session_priv_size,
> >  	char mp_name[RTE_MEMPOOL_NAMESIZE];
> >  	struct rte_mempool *sess_mp;
> >
> > -	if (session_pool_socket[socket_id].priv_mp == NULL) {
> > -		snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> > -			"priv_sess_mp_%u", socket_id);
> > -
> > -		sess_mp = rte_mempool_create(mp_name,
> > -					nb_sessions,
> > -					session_priv_size,
> > -					0, 0, NULL, NULL, NULL,
> > -					NULL, socket_id,
> > -					0);
> > -
> > -		if (sess_mp == NULL) {
> > -			printf("Cannot create pool \"%s\" on socket %d\n",
> > -				mp_name, socket_id);
> > -			return -ENOMEM;
> > -		}
> > -
> > -		printf("Allocated pool \"%s\" on socket %d\n",
> > -			mp_name, socket_id);
> > -		session_pool_socket[socket_id].priv_mp = sess_mp;
> > -	}
> > -
> >  	if (session_pool_socket[socket_id].sess_mp == NULL) {
> >
> >  		snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> >  			"sess_mp_%u", socket_id);
> >
> >  		sess_mp =
> > rte_cryptodev_sym_session_pool_create(mp_name,
> > -					nb_sessions, 0, 0, 0, socket_id);
> > +					nb_sessions, session_priv_size,
> > +					0, 0, socket_id);
> >
> >  		if (sess_mp == NULL) {
> >  			printf("Cannot create pool \"%s\" on socket %d\n",
> > @@ -344,12 +323,9 @@ cperf_initialize_cryptodev(struct cperf_options
> > *opts, uint8_t *enabled_cdevs)
> >  			return ret;
> >
> >  		qp_conf.mp_session =
> > session_pool_socket[socket_id].sess_mp;
> > -		qp_conf.mp_session_private =
> > -				session_pool_socket[socket_id].priv_mp;
> >
> >  		if (opts->op_type == CPERF_ASYM_MODEX) {
> >  			qp_conf.mp_session = NULL;
> > -			qp_conf.mp_session_private = NULL;
> >  		}
> >
> >  		ret = rte_cryptodev_configure(cdev_id, &conf);
> > @@ -704,7 +680,6 @@ main(int argc, char **argv)
> >
> >  		ctx[i] = cperf_testmap[opts.test].constructor(
> >  				session_pool_socket[socket_id].sess_mp,
> > -				session_pool_socket[socket_id].priv_mp,
> >  				cdev_id, qp_id,
> >  				&opts, t_vec, &op_fns);
> >  		if (ctx[i] == NULL) {
> > diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
> > index 82f819211a..e5c7930c63 100644
> > --- a/app/test/test_cryptodev.c
> > +++ b/app/test/test_cryptodev.c
> > @@ -79,7 +79,7 @@ struct crypto_unittest_params {
> >  #endif
> >
> >  	union {
> > -		struct rte_cryptodev_sym_session *sess;
> > +		void *sess;
> >  #ifdef RTE_LIB_SECURITY
> >  		void *sec_session;
> >  #endif
> > @@ -119,7 +119,7 @@
> > test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
> >  		uint8_t *hmac_key);
> >
> >  static int
> > -test_AES_CBC_HMAC_SHA512_decrypt_perform(struct
> > rte_cryptodev_sym_session *sess,
> > +test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
> >  		struct crypto_unittest_params *ut_params,
> >  		struct crypto_testsuite_params *ts_param,
> >  		const uint8_t *cipher,
> > @@ -596,23 +596,11 @@ testsuite_setup(void)
> >  	}
> >
> >  	ts_params->session_mpool =
> > rte_cryptodev_sym_session_pool_create(
> > -			"test_sess_mp", MAX_NB_SESSIONS, 0, 0, 0,
> > +			"test_sess_mp", MAX_NB_SESSIONS, session_size, 0,
> > 0,
> >  			SOCKET_ID_ANY);
> >  	TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
> >  			"session mempool allocation failed");
> >
> > -	ts_params->session_priv_mpool = rte_mempool_create(
> > -			"test_sess_mp_priv",
> > -			MAX_NB_SESSIONS,
> > -			session_size,
> > -			0, 0, NULL, NULL, NULL,
> > -			NULL, SOCKET_ID_ANY,
> > -			0);
> > -	TEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,
> > -			"session mempool allocation failed");
> > -
> > -
> > -
> >  	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,
> >  			&ts_params->conf),
> >  			"Failed to configure cryptodev %u with %u qps",
> > @@ -620,7 +608,6 @@ testsuite_setup(void)
> >
> >  	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
> >  	ts_params->qp_conf.mp_session = ts_params->session_mpool;
> > -	ts_params->qp_conf.mp_session_private = ts_params-
> > >session_priv_mpool;
> >
> >  	for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
> >  		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
> > @@ -650,11 +637,6 @@ testsuite_teardown(void)
> >  	}
> >
> >  	/* Free session mempools */
> > -	if (ts_params->session_priv_mpool != NULL) {
> > -		rte_mempool_free(ts_params->session_priv_mpool);
> > -		ts_params->session_priv_mpool = NULL;
> > -	}
> > -
> >  	if (ts_params->session_mpool != NULL) {
> >  		rte_mempool_free(ts_params->session_mpool);
> >  		ts_params->session_mpool = NULL;
> > @@ -1330,7 +1312,6 @@ dev_configure_and_start(uint64_t ff_disable)
> >  	ts_params->conf.ff_disable = ff_disable;
> >  	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
> >  	ts_params->qp_conf.mp_session = ts_params->session_mpool;
> > -	ts_params->qp_conf.mp_session_private = ts_params-
> > >session_priv_mpool;
> >
> >  	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params-
> > >valid_devs[0],
> >  			&ts_params->conf),
> > @@ -1552,7 +1533,6 @@ test_queue_pair_descriptor_setup(void)
> >  	 */
> >  	qp_conf.nb_descriptors = MIN_NUM_OPS_INFLIGHT; /* min size*/
> >  	qp_conf.mp_session = ts_params->session_mpool;
> > -	qp_conf.mp_session_private = ts_params->session_priv_mpool;
> >
> >  	for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) {
> >  		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
> > @@ -2146,8 +2126,7 @@
> test_AES_CBC_HMAC_SHA1_encrypt_digest(void)
> >
> >  	/* Create crypto session*/
> >  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> > -			ut_params->sess, &ut_params->cipher_xform,
> > -			ts_params->session_priv_mpool);
> > +			ut_params->sess, &ut_params->cipher_xform);
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> >  	/* Generate crypto op data structure */
> > @@ -2247,7 +2226,7 @@
> > test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
> >  		uint8_t *hmac_key);
> >
> >  static int
> > -test_AES_CBC_HMAC_SHA512_decrypt_perform(struct
> > rte_cryptodev_sym_session *sess,
> > +test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
> >  		struct crypto_unittest_params *ut_params,
> >  		struct crypto_testsuite_params *ts_params,
> >  		const uint8_t *cipher,
> > @@ -2288,7 +2267,7 @@
> > test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
> >
> >
> >  static int
> > -test_AES_CBC_HMAC_SHA512_decrypt_perform(struct
> > rte_cryptodev_sym_session *sess,
> > +test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
> >  		struct crypto_unittest_params *ut_params,
> >  		struct crypto_testsuite_params *ts_params,
> >  		const uint8_t *cipher,
> > @@ -2401,8 +2380,7 @@ create_wireless_algo_hash_session(uint8_t
> dev_id,
> >  			ts_params->session_mpool);
> >
> >  	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> > -			&ut_params->auth_xform,
> > -			ts_params->session_priv_mpool);
> > +			&ut_params->auth_xform);
> >  	if (status == -ENOTSUP)
> >  		return TEST_SKIPPED;
> >
> > @@ -2443,8 +2421,7 @@ create_wireless_algo_cipher_session(uint8_t
> > dev_id,
> >  			ts_params->session_mpool);
> >
> >  	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> > -			&ut_params->cipher_xform,
> > -			ts_params->session_priv_mpool);
> > +			&ut_params->cipher_xform);
> >  	if (status == -ENOTSUP)
> >  		return TEST_SKIPPED;
> >
> > @@ -2566,8 +2543,7 @@
> create_wireless_algo_cipher_auth_session(uint8_t
> > dev_id,
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> >  	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> > -			&ut_params->cipher_xform,
> > -			ts_params->session_priv_mpool);
> > +			&ut_params->cipher_xform);
> >  	if (status == -ENOTSUP)
> >  		return TEST_SKIPPED;
> >
> > @@ -2629,8 +2605,7 @@ create_wireless_cipher_auth_session(uint8_t
> > dev_id,
> >  			ts_params->session_mpool);
> >
> >  	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> > -			&ut_params->cipher_xform,
> > -			ts_params->session_priv_mpool);
> > +			&ut_params->cipher_xform);
> >  	if (status == -ENOTSUP)
> >  		return TEST_SKIPPED;
> >
> > @@ -2699,13 +2674,11 @@
> > create_wireless_algo_auth_cipher_session(uint8_t dev_id,
> >  		ut_params->auth_xform.next = NULL;
> >  		ut_params->cipher_xform.next = &ut_params->auth_xform;
> >  		status = rte_cryptodev_sym_session_init(dev_id,
> > ut_params->sess,
> > -				&ut_params->cipher_xform,
> > -				ts_params->session_priv_mpool);
> > +				&ut_params->cipher_xform);
> >
> >  	} else
> >  		status = rte_cryptodev_sym_session_init(dev_id,
> > ut_params->sess,
> > -				&ut_params->auth_xform,
> > -				ts_params->session_priv_mpool);
> > +				&ut_params->auth_xform);
> >
> >  	if (status == -ENOTSUP)
> >  		return TEST_SKIPPED;
> > @@ -7838,8 +7811,7 @@ create_aead_session(uint8_t dev_id, enum
> > rte_crypto_aead_algorithm algo,
> >  			ts_params->session_mpool);
> >
> >  	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> > -			&ut_params->aead_xform,
> > -			ts_params->session_priv_mpool);
> > +			&ut_params->aead_xform);
> >
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> > @@ -10992,8 +10964,7 @@ static int MD5_HMAC_create_session(struct
> > crypto_testsuite_params *ts_params,
> >  			ts_params->session_mpool);
> >
> >  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> > -			ut_params->sess, &ut_params->auth_xform,
> > -			ts_params->session_priv_mpool);
> > +			ut_params->sess, &ut_params->auth_xform);
> >
> >  	if (ut_params->sess == NULL)
> >  		return TEST_FAILED;
> > @@ -11206,7 +11177,7 @@ test_multi_session(void)
> >  	struct crypto_unittest_params *ut_params = &unittest_params;
> >
> >  	struct rte_cryptodev_info dev_info;
> > -	struct rte_cryptodev_sym_session **sessions;
> > +	void **sessions;
> >
> >  	uint16_t i;
> >
> > @@ -11229,9 +11200,7 @@ test_multi_session(void)
> >
> >  	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
> >
> > -	sessions = rte_malloc(NULL,
> > -			sizeof(struct rte_cryptodev_sym_session *) *
> > -			(MAX_NB_SESSIONS + 1), 0);
> > +	sessions = rte_malloc(NULL, sizeof(void *) * (MAX_NB_SESSIONS +
> > 1), 0);
> >
> >  	/* Create multiple crypto sessions*/
> >  	for (i = 0; i < MAX_NB_SESSIONS; i++) {
> > @@ -11240,8 +11209,7 @@ test_multi_session(void)
> >  				ts_params->session_mpool);
> >
> >  		rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> > -				sessions[i], &ut_params->auth_xform,
> > -				ts_params->session_priv_mpool);
> > +				sessions[i], &ut_params->auth_xform);
> >  		TEST_ASSERT_NOT_NULL(sessions[i],
> >  				"Session creation failed at session
> > number %u",
> >  				i);
> > @@ -11279,8 +11247,7 @@ test_multi_session(void)
> >  	sessions[i] = NULL;
> >  	/* Next session create should fail */
> >  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> > -			sessions[i], &ut_params->auth_xform,
> > -			ts_params->session_priv_mpool);
> > +			sessions[i], &ut_params->auth_xform);
> >  	TEST_ASSERT_NULL(sessions[i],
> >  			"Session creation succeeded unexpectedly!");
> >
> > @@ -11311,7 +11278,7 @@ test_multi_session_random_usage(void)
> >  {
> >  	struct crypto_testsuite_params *ts_params = &testsuite_params;
> >  	struct rte_cryptodev_info dev_info;
> > -	struct rte_cryptodev_sym_session **sessions;
> > +	void **sessions;
> >  	uint32_t i, j;
> >  	struct multi_session_params ut_paramz[] = {
> >
> > @@ -11355,8 +11322,7 @@ test_multi_session_random_usage(void)
> >  	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
> >
> >  	sessions = rte_malloc(NULL,
> > -			(sizeof(struct rte_cryptodev_sym_session *)
> > -					* MAX_NB_SESSIONS) + 1, 0);
> > +			(sizeof(void *) * MAX_NB_SESSIONS) + 1, 0);
> >
> >  	for (i = 0; i < MB_SESSION_NUMBER; i++) {
> >  		sessions[i] = rte_cryptodev_sym_session_create(
> > @@ -11373,8 +11339,7 @@ test_multi_session_random_usage(void)
> >  		rte_cryptodev_sym_session_init(
> >  				ts_params->valid_devs[0],
> >  				sessions[i],
> > -				&ut_paramz[i].ut_params.auth_xform,
> > -				ts_params->session_priv_mpool);
> > +				&ut_paramz[i].ut_params.auth_xform);
> >
> >  		TEST_ASSERT_NOT_NULL(sessions[i],
> >  				"Session creation failed at session
> > number %u",
> > @@ -11457,8 +11422,7 @@ test_null_invalid_operation(void)
> >
> >  	/* Create Crypto session*/
> >  	ret = rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> > -			ut_params->sess, &ut_params->cipher_xform,
> > -			ts_params->session_priv_mpool);
> > +			ut_params->sess, &ut_params->cipher_xform);
> >  	TEST_ASSERT(ret < 0,
> >  			"Session creation succeeded unexpectedly");
> >
> > @@ -11475,8 +11439,7 @@ test_null_invalid_operation(void)
> >
> >  	/* Create Crypto session*/
> >  	ret = rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> > -			ut_params->sess, &ut_params->auth_xform,
> > -			ts_params->session_priv_mpool);
> > +			ut_params->sess, &ut_params->auth_xform);
> >  	TEST_ASSERT(ret < 0,
> >  			"Session creation succeeded unexpectedly");
> >
> > @@ -11521,8 +11484,7 @@ test_null_burst_operation(void)
> >
> >  	/* Create Crypto session*/
> >  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> > -			ut_params->sess, &ut_params->cipher_xform,
> > -			ts_params->session_priv_mpool);
> > +			ut_params->sess, &ut_params->cipher_xform);
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> >  	TEST_ASSERT_EQUAL(rte_crypto_op_bulk_alloc(ts_params-
> > >op_mpool,
> > @@ -11634,7 +11596,6 @@ test_enq_callback_setup(void)
> >
> >  	qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
> >  	qp_conf.mp_session = ts_params->session_mpool;
> > -	qp_conf.mp_session_private = ts_params->session_priv_mpool;
> >
> >  	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
> >  			ts_params->valid_devs[0], qp_id, &qp_conf,
> > @@ -11734,7 +11695,6 @@ test_deq_callback_setup(void)
> >
> >  	qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
> >  	qp_conf.mp_session = ts_params->session_mpool;
> > -	qp_conf.mp_session_private = ts_params->session_priv_mpool;
> >
> >  	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
> >  			ts_params->valid_devs[0], qp_id, &qp_conf,
> > @@ -11943,8 +11903,7 @@ static int create_gmac_session(uint8_t dev_id,
> >  			ts_params->session_mpool);
> >
> >  	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> > -			&ut_params->auth_xform,
> > -			ts_params->session_priv_mpool);
> > +			&ut_params->auth_xform);
> >
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> > @@ -12588,8 +12547,7 @@ create_auth_session(struct
> > crypto_unittest_params *ut_params,
> >  			ts_params->session_mpool);
> >
> >  	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> > -				&ut_params->auth_xform,
> > -				ts_params->session_priv_mpool);
> > +				&ut_params->auth_xform);
> >
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> > @@ -12641,8 +12599,7 @@ create_auth_cipher_session(struct
> > crypto_unittest_params *ut_params,
> >  			ts_params->session_mpool);
> >
> >  	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
> > -				&ut_params->auth_xform,
> > -				ts_params->session_priv_mpool);
> > +				&ut_params->auth_xform);
> >
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> > @@ -13149,8 +13106,7 @@ test_authenticated_encrypt_with_esn(
> >
> >  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> >  				ut_params->sess,
> > -				&ut_params->cipher_xform,
> > -				ts_params->session_priv_mpool);
> > +				&ut_params->cipher_xform);
> >
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> > @@ -13281,8 +13237,7 @@ test_authenticated_decrypt_with_esn(
> >
> >  	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
> >  				ut_params->sess,
> > -				&ut_params->auth_xform,
> > -				ts_params->session_priv_mpool);
> > +				&ut_params->auth_xform);
> >
> >  	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation
> > failed");
> >
> > @@ -14003,11 +13958,6 @@ test_scheduler_attach_worker_op(void)
> >  			rte_mempool_free(ts_params->session_mpool);
> >  			ts_params->session_mpool = NULL;
> >  		}
> > -		if (ts_params->session_priv_mpool) {
> > -			rte_mempool_free(ts_params-
> > >session_priv_mpool);
> > -			ts_params->session_priv_mpool = NULL;
> > -		}
> > -
> >  		if (info.sym.max_nb_sessions != 0 &&
> >  				info.sym.max_nb_sessions <
> > MAX_NB_SESSIONS) {
> >  			RTE_LOG(ERR, USER1,
> > @@ -14024,32 +13974,14 @@ test_scheduler_attach_worker_op(void)
> >  			ts_params->session_mpool =
> >  				rte_cryptodev_sym_session_pool_create(
> >  						"test_sess_mp",
> > -						MAX_NB_SESSIONS, 0, 0, 0,
> > +						MAX_NB_SESSIONS,
> > +						session_size, 0, 0,
> >  						SOCKET_ID_ANY);
> >  			TEST_ASSERT_NOT_NULL(ts_params-
> > >session_mpool,
> >  					"session mempool allocation failed");
> >  		}
> >
> > -		/*
> > -		 * Create mempool with maximum number of sessions,
> > -		 * to include device specific session private data
> > -		 */
> > -		if (ts_params->session_priv_mpool == NULL) {
> > -			ts_params->session_priv_mpool =
> > rte_mempool_create(
> > -					"test_sess_mp_priv",
> > -					MAX_NB_SESSIONS,
> > -					session_size,
> > -					0, 0, NULL, NULL, NULL,
> > -					NULL, SOCKET_ID_ANY,
> > -					0);
> > -
> > -			TEST_ASSERT_NOT_NULL(ts_params-
> > >session_priv_mpool,
> > -					"session mempool allocation failed");
> > -		}
> > -
> >  		ts_params->qp_conf.mp_session = ts_params-
> > >session_mpool;
> > -		ts_params->qp_conf.mp_session_private =
> > -				ts_params->session_priv_mpool;
> >
> >  		ret = rte_cryptodev_scheduler_worker_attach(sched_id,
> >  				(uint8_t)i);
> > diff --git a/app/test/test_cryptodev.h b/app/test/test_cryptodev.h
> > index 1cdd84d01f..a3a10d484b 100644
> > --- a/app/test/test_cryptodev.h
> > +++ b/app/test/test_cryptodev.h
> > @@ -89,7 +89,6 @@ struct crypto_testsuite_params {
> >  	struct rte_mempool *large_mbuf_pool;
> >  	struct rte_mempool *op_mpool;
> >  	struct rte_mempool *session_mpool;
> > -	struct rte_mempool *session_priv_mpool;
> >  	struct rte_cryptodev_config conf;
> >  	struct rte_cryptodev_qp_conf qp_conf;
> >
> > diff --git a/app/test/test_cryptodev_asym.c
> > b/app/test/test_cryptodev_asym.c
> > index 9d19a6d6d9..35da574da8 100644
> > --- a/app/test/test_cryptodev_asym.c
> > +++ b/app/test/test_cryptodev_asym.c
> > @@ -924,7 +924,6 @@ testsuite_setup(void)
> >  	/* configure qp */
> >  	ts_params->qp_conf.nb_descriptors =
> > DEFAULT_NUM_OPS_INFLIGHT;
> >  	ts_params->qp_conf.mp_session = ts_params->session_mpool;
> > -	ts_params->qp_conf.mp_session_private = ts_params-
> > >session_mpool;
> >  	for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
> >  		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
> >  			dev_id, qp_id, &ts_params->qp_conf,
> > diff --git a/app/test/test_cryptodev_blockcipher.c
> > b/app/test/test_cryptodev_blockcipher.c
> > index 3cdb2c96e8..9417803f18 100644
> > --- a/app/test/test_cryptodev_blockcipher.c
> > +++ b/app/test/test_cryptodev_blockcipher.c
> > @@ -68,7 +68,6 @@ test_blockcipher_one_case(const struct
> > blockcipher_test_case *t,
> >  	struct rte_mempool *mbuf_pool,
> >  	struct rte_mempool *op_mpool,
> >  	struct rte_mempool *sess_mpool,
> > -	struct rte_mempool *sess_priv_mpool,
> >  	uint8_t dev_id,
> >  	char *test_msg)
> >  {
> > @@ -81,7 +80,7 @@ test_blockcipher_one_case(const struct
> > blockcipher_test_case *t,
> >  	struct rte_crypto_sym_op *sym_op = NULL;
> >  	struct rte_crypto_op *op = NULL;
> >  	struct rte_cryptodev_info dev_info;
> > -	struct rte_cryptodev_sym_session *sess = NULL;
> > +	void *sess = NULL;
> >
> >  	int status = TEST_SUCCESS;
> >  	const struct blockcipher_test_data *tdata = t->test_data;
> > @@ -514,7 +513,7 @@ test_blockcipher_one_case(const struct
> > blockcipher_test_case *t,
> >  		sess = rte_cryptodev_sym_session_create(sess_mpool);
> >
> >  		status = rte_cryptodev_sym_session_init(dev_id, sess,
> > -				init_xform, sess_priv_mpool);
> > +				init_xform);
> >  		if (status == -ENOTSUP) {
> >  			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
> > "UNSUPPORTED");
> >  			status = TEST_SKIPPED;
> > @@ -831,7 +830,6 @@ blockcipher_test_case_run(const void *data)
> >  			p_testsuite_params->mbuf_pool,
> >  			p_testsuite_params->op_mpool,
> >  			p_testsuite_params->session_mpool,
> > -			p_testsuite_params->session_priv_mpool,
> >  			p_testsuite_params->valid_devs[0],
> >  			test_msg);
> >  	return status;
> > diff --git a/app/test/test_event_crypto_adapter.c
> > b/app/test/test_event_crypto_adapter.c
> > index 3ad20921e2..59229a1cde 100644
> > --- a/app/test/test_event_crypto_adapter.c
> > +++ b/app/test/test_event_crypto_adapter.c
> > @@ -61,7 +61,6 @@ struct event_crypto_adapter_test_params {
> >  	struct rte_mempool *mbuf_pool;
> >  	struct rte_mempool *op_mpool;
> >  	struct rte_mempool *session_mpool;
> > -	struct rte_mempool *session_priv_mpool;
> >  	struct rte_cryptodev_config *config;
> >  	uint8_t crypto_event_port_id;
> >  	uint8_t internal_port_op_fwd;
> > @@ -167,7 +166,7 @@ static int
> >  test_op_forward_mode(uint8_t session_less)
> >  {
> >  	struct rte_crypto_sym_xform cipher_xform;
> > -	struct rte_cryptodev_sym_session *sess;
> > +	void *sess;
> >  	union rte_event_crypto_metadata m_data;
> >  	struct rte_crypto_sym_op *sym_op;
> >  	struct rte_crypto_op *op;
> > @@ -203,7 +202,7 @@ test_op_forward_mode(uint8_t session_less)
> >
> >  		/* Create Crypto session*/
> >  		ret = rte_cryptodev_sym_session_init(TEST_CDEV_ID, sess,
> > -				&cipher_xform,
> params.session_priv_mpool);
> > +				&cipher_xform);
> >  		TEST_ASSERT_SUCCESS(ret, "Failed to init session\n");
> >
> >  		ret = rte_event_crypto_adapter_caps_get(evdev,
> > TEST_CDEV_ID,
> > @@ -367,7 +366,7 @@ static int
> >  test_op_new_mode(uint8_t session_less)
> >  {
> >  	struct rte_crypto_sym_xform cipher_xform;
> > -	struct rte_cryptodev_sym_session *sess;
> > +	void *sess;
> >  	union rte_event_crypto_metadata m_data;
> >  	struct rte_crypto_sym_op *sym_op;
> >  	struct rte_crypto_op *op;
> > @@ -411,7 +410,7 @@ test_op_new_mode(uint8_t session_less)
> >  						&m_data, sizeof(m_data));
> >  		}
> >  		ret = rte_cryptodev_sym_session_init(TEST_CDEV_ID, sess,
> > -				&cipher_xform,
> params.session_priv_mpool);
> > +				&cipher_xform);
> >  		TEST_ASSERT_SUCCESS(ret, "Failed to init session\n");
> >
> >  		rte_crypto_op_attach_sym_session(op, sess);
> > @@ -553,22 +552,12 @@ configure_cryptodev(void)
> >
> >  	params.session_mpool = rte_cryptodev_sym_session_pool_create(
> >  			"CRYPTO_ADAPTER_SESSION_MP",
> > -			MAX_NB_SESSIONS, 0, 0,
> > +			MAX_NB_SESSIONS, session_size, 0,
> >  			sizeof(union rte_event_crypto_metadata),
> >  			SOCKET_ID_ANY);
> >  	TEST_ASSERT_NOT_NULL(params.session_mpool,
> >  			"session mempool allocation failed\n");
> >
> > -	params.session_priv_mpool = rte_mempool_create(
> > -				"CRYPTO_AD_SESS_MP_PRIV",
> > -				MAX_NB_SESSIONS,
> > -				session_size,
> > -				0, 0, NULL, NULL, NULL,
> > -				NULL, SOCKET_ID_ANY,
> > -				0);
> > -	TEST_ASSERT_NOT_NULL(params.session_priv_mpool,
> > -			"session mempool allocation failed\n");
> > -
> >  	rte_cryptodev_info_get(TEST_CDEV_ID, &info);
> >  	conf.nb_queue_pairs = info.max_nb_queue_pairs;
> >  	conf.socket_id = SOCKET_ID_ANY;
> > @@ -580,7 +569,6 @@ configure_cryptodev(void)
> >
> >  	qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;
> >  	qp_conf.mp_session = params.session_mpool;
> > -	qp_conf.mp_session_private = params.session_priv_mpool;
> >
> >  	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
> >  			TEST_CDEV_ID, TEST_CDEV_QP_ID, &qp_conf,
> > @@ -934,12 +922,6 @@ crypto_teardown(void)
> >  		rte_mempool_free(params.session_mpool);
> >  		params.session_mpool = NULL;
> >  	}
> > -	if (params.session_priv_mpool != NULL) {
> > -		rte_mempool_avail_count(params.session_priv_mpool);
> > -		rte_mempool_free(params.session_priv_mpool);
> > -		params.session_priv_mpool = NULL;
> > -	}
> > -
> >  	/* Free ops mempool */
> >  	if (params.op_mpool != NULL) {
> >  		RTE_LOG(DEBUG, USER1, "EVENT_CRYPTO_SYM_OP_POOL
> > count %u\n",
> > diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
> > index 2ffa2a8e79..134545efe1 100644
> > --- a/app/test/test_ipsec.c
> > +++ b/app/test/test_ipsec.c
> > @@ -355,20 +355,9 @@ testsuite_setup(void)
> >  		return TEST_FAILED;
> >  	}
> >
> > -	ts_params->qp_conf.mp_session_private = rte_mempool_create(
> > -				"test_priv_sess_mp",
> > -				MAX_NB_SESSIONS,
> > -				sess_sz,
> > -				0, 0, NULL, NULL, NULL,
> > -				NULL, SOCKET_ID_ANY,
> > -				0);
> > -
> > -	TEST_ASSERT_NOT_NULL(ts_params->qp_conf.mp_session_private,
> > -			"private session mempool allocation failed");
> > -
> >  	ts_params->qp_conf.mp_session =
> >  		rte_cryptodev_sym_session_pool_create("test_sess_mp",
> > -			MAX_NB_SESSIONS, 0, 0, 0, SOCKET_ID_ANY);
> > +			MAX_NB_SESSIONS, sess_sz, 0, 0, SOCKET_ID_ANY);
> >
> >  	TEST_ASSERT_NOT_NULL(ts_params->qp_conf.mp_session,
> >  			"session mempool allocation failed");
> > @@ -413,11 +402,6 @@ testsuite_teardown(void)
> >  		rte_mempool_free(ts_params->qp_conf.mp_session);
> >  		ts_params->qp_conf.mp_session = NULL;
> >  	}
> > -
> > -	if (ts_params->qp_conf.mp_session_private != NULL) {
> > -		rte_mempool_free(ts_params-
> > >qp_conf.mp_session_private);
> > -		ts_params->qp_conf.mp_session_private = NULL;
> > -	}
> >  }
> >
> >  static int
> > @@ -644,7 +628,7 @@ create_crypto_session(struct ipsec_unitest_params
> > *ut,
> >  	struct rte_cryptodev_qp_conf *qp, uint8_t dev_id, uint32_t j)
> >  {
> >  	int32_t rc;
> > -	struct rte_cryptodev_sym_session *s;
> > +	void *s;
> >
> >  	s = rte_cryptodev_sym_session_create(qp->mp_session);
> >  	if (s == NULL)
> > @@ -652,7 +636,7 @@ create_crypto_session(struct ipsec_unitest_params
> > *ut,
> >
> >  	/* initiliaze SA crypto session for device */
> >  	rc = rte_cryptodev_sym_session_init(dev_id, s,
> > -			ut->crypto_xforms, qp->mp_session_private);
> > +			ut->crypto_xforms);
> >  	if (rc == 0) {
> >  		ut->ss[j].crypto.ses = s;
> >  		return 0;
> > diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
> > b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
> > index edb7275e76..75330292af 100644
> > --- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
> > +++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
> > @@ -235,7 +235,6 @@ aesni_gcm_pmd_qp_setup(struct rte_cryptodev
> > *dev, uint16_t qp_id,
> >  		goto qp_setup_cleanup;
> >
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> >
> > @@ -259,10 +258,8 @@ aesni_gcm_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  aesni_gcm_pmd_sym_session_configure(struct rte_cryptodev *dev
> > __rte_unused,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >  	struct aesni_gcm_private *internals = dev->data->dev_private;
> >
> > @@ -271,42 +268,24 @@ aesni_gcm_pmd_sym_session_configure(struct
> > rte_cryptodev *dev __rte_unused,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		AESNI_GCM_LOG(ERR,
> > -				"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> >  	ret = aesni_gcm_set_session_parameters(internals->ops,
> > -				sess_private_data, xform);
> > +				sess, xform);
> >  	if (ret != 0) {
> >  		AESNI_GCM_LOG(ERR, "failed configure session
> > parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -			sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -aesni_gcm_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +aesni_gcm_pmd_sym_session_clear(struct rte_cryptodev *dev, void
> *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > +	RTE_SET_USED(dev);
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > -		memset(sess_priv, 0, sizeof(struct aesni_gcm_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -	}
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct aesni_gcm_session));
> >  }
> >
> >  struct rte_cryptodev_ops aesni_gcm_pmd_ops = {
> > diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
> > b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
> > index 39c67e3952..efdc05c45f 100644
> > --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
> > +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
> > @@ -944,7 +944,6 @@ aesni_mb_pmd_qp_setup(struct rte_cryptodev
> *dev,
> > uint16_t qp_id,
> >  	}
> >
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	memset(&qp->stats, 0, sizeof(qp->stats));
> >
> > @@ -974,11 +973,8 @@ aesni_mb_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  /** Configure a aesni multi-buffer session from a crypto xform chain */
> >  static int
> >  aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,
> > -		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		struct rte_crypto_sym_xform *xform, void *sess)
> >  {
> > -	void *sess_private_data;
> >  	struct aesni_mb_private *internals = dev->data->dev_private;
> >  	int ret;
> >
> > @@ -987,43 +983,25 @@ aesni_mb_pmd_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		AESNI_MB_LOG(ERR,
> > -				"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> >  	ret = aesni_mb_set_session_parameters(internals->mb_mgr,
> > -			sess_private_data, xform);
> > +			sess, xform);
> >  	if (ret != 0) {
> >  		AESNI_MB_LOG(ERR, "failed configure session parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -			sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > +	RTE_SET_USED(dev);
> >
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > -		memset(sess_priv, 0, sizeof(struct aesni_mb_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -	}
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct aesni_mb_session));
> >  }
> >
> >  struct rte_cryptodev_ops aesni_mb_pmd_ops = {
> > diff --git a/drivers/crypto/armv8/rte_armv8_pmd_ops.c
> > b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
> > index 1b2749fe62..2d3b54b063 100644
> > --- a/drivers/crypto/armv8/rte_armv8_pmd_ops.c
> > +++ b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
> > @@ -244,7 +244,6 @@ armv8_crypto_pmd_qp_setup(struct rte_cryptodev
> > *dev, uint16_t qp_id,
> >  		goto qp_setup_cleanup;
> >
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	memset(&qp->stats, 0, sizeof(qp->stats));
> >
> > @@ -268,10 +267,8 @@ armv8_crypto_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  armv8_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >
> >  	if (unlikely(sess == NULL)) {
> > @@ -279,42 +276,23 @@
> armv8_crypto_pmd_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		CDEV_LOG_ERR(
> > -			"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	ret = armv8_crypto_set_session_parameters(sess_private_data,
> > xform);
> > +	ret = armv8_crypto_set_session_parameters(sess, xform);
> >  	if (ret != 0) {
> >  		ARMV8_CRYPTO_LOG_ERR("failed configure session
> > parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -			sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -armv8_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +armv8_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void
> > *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > +	RTE_SET_USED(dev);
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > -		memset(sess_priv, 0, sizeof(struct armv8_crypto_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -	}
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct armv8_crypto_session));
> >  }
> >
> >  struct rte_cryptodev_ops armv8_crypto_pmd_ops = {
> > diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.c
> > b/drivers/crypto/bcmfs/bcmfs_sym_session.c
> > index 675ed0ad55..b4b167d0c2 100644
> > --- a/drivers/crypto/bcmfs/bcmfs_sym_session.c
> > +++ b/drivers/crypto/bcmfs/bcmfs_sym_session.c
> > @@ -224,10 +224,9 @@ bcmfs_sym_get_session(struct rte_crypto_op
> *op)
> >  int
> >  bcmfs_sym_session_configure(struct rte_cryptodev *dev,
> >  			    struct rte_crypto_sym_xform *xform,
> > -			    struct rte_cryptodev_sym_session *sess,
> > -			    struct rte_mempool *mempool)
> > +			    void *sess)
> >  {
> > -	void *sess_private_data;
> > +	RTE_SET_USED(dev);
> >  	int ret;
> >
> >  	if (unlikely(sess == NULL)) {
> > @@ -235,44 +234,23 @@ bcmfs_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		BCMFS_DP_LOG(ERR,
> > -			"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	ret = crypto_set_session_parameters(sess_private_data, xform);
> > +	ret = crypto_set_session_parameters(sess, xform);
> >
> >  	if (ret != 0) {
> >  		BCMFS_DP_LOG(ERR, "Failed configure session parameters");
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -				     sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /* Clear the memory of session so it doesn't leave key material behind */
> >  void
> > -bcmfs_sym_session_clear(struct rte_cryptodev *dev,
> > -			struct rte_cryptodev_sym_session  *sess)
> > +bcmfs_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > -	if (sess_priv) {
> > -		struct rte_mempool *sess_mp;
> > -
> > -		memset(sess_priv, 0, sizeof(struct bcmfs_sym_session));
> > -		sess_mp = rte_mempool_from_obj(sess_priv);
> > -
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -	}
> > +	RTE_SET_USED(dev);
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct bcmfs_sym_session));
> >  }
> >
> >  unsigned int
> > diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.h
> > b/drivers/crypto/bcmfs/bcmfs_sym_session.h
> > index d40595b4bd..7faafe2fd5 100644
> > --- a/drivers/crypto/bcmfs/bcmfs_sym_session.h
> > +++ b/drivers/crypto/bcmfs/bcmfs_sym_session.h
> > @@ -93,12 +93,10 @@ bcmfs_process_crypto_op(struct rte_crypto_op
> *op,
> >  int
> >  bcmfs_sym_session_configure(struct rte_cryptodev *dev,
> >  			    struct rte_crypto_sym_xform *xform,
> > -			    struct rte_cryptodev_sym_session *sess,
> > -			    struct rte_mempool *mempool);
> > +			    void *sess);
> >
> >  void
> > -bcmfs_sym_session_clear(struct rte_cryptodev *dev,
> > -			struct rte_cryptodev_sym_session  *sess);
> > +bcmfs_sym_session_clear(struct rte_cryptodev *dev, void *sess);
> >
> >  unsigned int
> >  bcmfs_sym_session_get_private_size(struct rte_cryptodev *dev
> > __rte_unused);
> > diff --git a/drivers/crypto/caam_jr/caam_jr.c
> > b/drivers/crypto/caam_jr/caam_jr.c
> > index ce7a100778..8a04820fa6 100644
> > --- a/drivers/crypto/caam_jr/caam_jr.c
> > +++ b/drivers/crypto/caam_jr/caam_jr.c
> > @@ -1692,52 +1692,36 @@ caam_jr_set_session_parameters(struct
> > rte_cryptodev *dev,
> >  static int
> >  caam_jr_sym_session_configure(struct rte_cryptodev *dev,
> >  			      struct rte_crypto_sym_xform *xform,
> > -			      struct rte_cryptodev_sym_session *sess,
> > -			      struct rte_mempool *mempool)
> > +			      void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >
> >  	PMD_INIT_FUNC_TRACE();
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		CAAM_JR_ERR("Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
> > -	ret = caam_jr_set_session_parameters(dev, xform,
> > sess_private_data);
> > +	memset(sess, 0, sizeof(struct caam_jr_session));
> > +	ret = caam_jr_set_session_parameters(dev, xform, sess);
> >  	if (ret != 0) {
> >  		CAAM_JR_ERR("failed to configure session parameters");
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /* Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -caam_jr_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +caam_jr_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
> > +	RTE_SET_USED(dev);
> > +
> > +	struct caam_jr_session *s = (struct caam_jr_session *)sess;
> >
> >  	PMD_INIT_FUNC_TRACE();
> >
> > -	if (sess_priv) {
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -
> > +	if (sess) {
> >  		rte_free(s->cipher_key.data);
> >  		rte_free(s->auth_key.data);
> >  		memset(s, 0, sizeof(struct caam_jr_session));
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> >  	}
> >  }
> >
> > diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c
> > b/drivers/crypto/ccp/ccp_pmd_ops.c
> > index 0d615d311c..cac1268130 100644
> > --- a/drivers/crypto/ccp/ccp_pmd_ops.c
> > +++ b/drivers/crypto/ccp/ccp_pmd_ops.c
> > @@ -727,7 +727,6 @@ ccp_pmd_qp_setup(struct rte_cryptodev *dev,
> > uint16_t qp_id,
> >  	}
> >
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	/* mempool for batch info */
> >  	qp->batch_mp = rte_mempool_create(
> > @@ -758,11 +757,9 @@ ccp_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  ccp_pmd_sym_session_configure(struct rte_cryptodev *dev,
> >  			  struct rte_crypto_sym_xform *xform,
> > -			  struct rte_cryptodev_sym_session *sess,
> > -			  struct rte_mempool *mempool)
> > +			  void *sess)
> >  {
> >  	int ret;
> > -	void *sess_private_data;
> >  	struct ccp_private *internals;
> >
> >  	if (unlikely(sess == NULL || xform == NULL)) {
> > @@ -770,39 +767,22 @@ ccp_pmd_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  		return -ENOMEM;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		CCP_LOG_ERR("Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> >  	internals = (struct ccp_private *)dev->data->dev_private;
> > -	ret = ccp_set_session_parameters(sess_private_data, xform,
> > internals);
> > +	ret = ccp_set_session_parameters(sess, xform, internals);
> >  	if (ret != 0) {
> >  		CCP_LOG_ERR("failed configure session parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -				 sess_private_data);
> >
> >  	return 0;
> >  }
> >
> >  static void
> > -ccp_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		      struct rte_cryptodev_sym_session *sess)
> > +ccp_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > -	if (sess_priv) {
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -		memset(sess_priv, 0, sizeof(struct ccp_session));
> > -		set_sym_session_private_data(sess, index, NULL);
> > -	}
> > +	RTE_SET_USED(dev);
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct ccp_session));
> >  }
> >
> >  struct rte_cryptodev_ops ccp_ops = {
> > diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
> > b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
> > index 99968cc353..50cae5e3d6 100644
> > --- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
> > +++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
> > @@ -32,17 +32,18 @@ cn10k_cpt_sym_temp_sess_create(struct
> > cnxk_cpt_qp *qp, struct rte_crypto_op *op)
> >  	if (sess == NULL)
> >  		return NULL;
> >
> > -	ret = sym_session_configure(qp->lf.roc_cpt, driver_id, sym_op-
> > >xform,
> > -				    sess, qp->sess_mp_priv);
> > +	sess->sess_data[driver_id].data =
> > +			(void *)((uint8_t *)sess +
> > +			rte_cryptodev_sym_get_header_session_size() +
> > +			(driver_id * sess->priv_sz));
> > +	priv = get_sym_session_private_data(sess, driver_id);
> > +	ret = sym_session_configure(qp->lf.roc_cpt, sym_op->xform, (void
> > *)priv);
> >  	if (ret)
> >  		goto sess_put;
> >
> > -	priv = get_sym_session_private_data(sess, driver_id);
> > -
> >  	sym_op->session = sess;
> >
> >  	return priv;
> > -
> >  sess_put:
> >  	rte_mempool_put(qp->sess_mp, sess);
> >  	return NULL;
> > @@ -144,9 +145,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct
> > rte_crypto_op *ops[],
> >  			ret = cpt_sym_inst_fill(qp, op, sess, infl_req,
> >  						&inst[0]);
> >  			if (unlikely(ret)) {
> > -
> > 	sym_session_clear(cn10k_cryptodev_driver_id,
> > -						  op->sym->session);
> > -				rte_mempool_put(qp->sess_mp, op->sym-
> > >session);
> > +				sym_session_clear(op->sym->session);
> >  				return 0;
> >  			}
> >  			w7 = sess->cpt_inst_w7;
> > @@ -437,8 +436,7 @@ cn10k_cpt_dequeue_post_process(struct
> > cnxk_cpt_qp *qp,
> >  temp_sess_free:
> >  	if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
> >  		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
> > -			sym_session_clear(cn10k_cryptodev_driver_id,
> > -					  cop->sym->session);
> > +			sym_session_clear(cop->sym->session);
> >  			sz =
> > rte_cryptodev_sym_get_existing_header_session_size(
> >  				cop->sym->session);
> >  			memset(cop->sym->session, 0, sz);
> > diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
> > b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
> > index 4c2dc5b080..5f83581131 100644
> > --- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
> > +++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
> > @@ -81,17 +81,19 @@ cn9k_cpt_sym_temp_sess_create(struct
> > cnxk_cpt_qp *qp, struct rte_crypto_op *op)
> >  	if (sess == NULL)
> >  		return NULL;
> >
> > -	ret = sym_session_configure(qp->lf.roc_cpt, driver_id, sym_op-
> > >xform,
> > -				    sess, qp->sess_mp_priv);
> > +	sess->sess_data[driver_id].data =
> > +			(void *)((uint8_t *)sess +
> > +			rte_cryptodev_sym_get_header_session_size() +
> > +			(driver_id * sess->priv_sz));
> > +	priv = get_sym_session_private_data(sess, driver_id);
> > +	ret = sym_session_configure(qp->lf.roc_cpt, sym_op->xform,
> > +			(void *)priv);
> >  	if (ret)
> >  		goto sess_put;
> >
> > -	priv = get_sym_session_private_data(sess, driver_id);
> > -
> >  	sym_op->session = sess;
> >
> >  	return priv;
> > -
> >  sess_put:
> >  	rte_mempool_put(qp->sess_mp, sess);
> >  	return NULL;
> > @@ -126,8 +128,7 @@ cn9k_cpt_inst_prep(struct cnxk_cpt_qp *qp, struct
> > rte_crypto_op *op,
> >  			ret = cn9k_cpt_sym_inst_fill(qp, op, sess, infl_req,
> >  						     inst);
> >  			if (unlikely(ret)) {
> > -
> > 	sym_session_clear(cn9k_cryptodev_driver_id,
> > -						  op->sym->session);
> > +				sym_session_clear(op->sym->session);
> >  				rte_mempool_put(qp->sess_mp, op->sym-
> > >session);
> >  			}
> >  			inst->w7.u64 = sess->cpt_inst_w7;
> > @@ -484,8 +485,7 @@ cn9k_cpt_dequeue_post_process(struct
> > cnxk_cpt_qp *qp, struct rte_crypto_op *cop,
> >  temp_sess_free:
> >  	if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
> >  		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
> > -			sym_session_clear(cn9k_cryptodev_driver_id,
> > -					  cop->sym->session);
> > +			sym_session_clear(cop->sym->session);
> >  			sz =
> > rte_cryptodev_sym_get_existing_header_session_size(
> >  				cop->sym->session);
> >  			memset(cop->sym->session, 0, sz);
> > diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
> > b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
> > index 41d8fe49e1..52d9cf0cf3 100644
> > --- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
> > +++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
> > @@ -379,7 +379,6 @@ cnxk_cpt_queue_pair_setup(struct rte_cryptodev
> > *dev, uint16_t qp_id,
> >  	}
> >
> >  	qp->sess_mp = conf->mp_session;
> > -	qp->sess_mp_priv = conf->mp_session_private;
> >  	dev->data->queue_pairs[qp_id] = qp;
> >
> >  	return 0;
> > @@ -493,27 +492,20 @@ cnxk_cpt_inst_w7_get(struct cnxk_se_sess *sess,
> > struct roc_cpt *roc_cpt)
> >  }
> >
> >  int
> > -sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
> > +sym_session_configure(struct roc_cpt *roc_cpt,
> >  		      struct rte_crypto_sym_xform *xform,
> > -		      struct rte_cryptodev_sym_session *sess,
> > -		      struct rte_mempool *pool)
> > +		      void *sess)
> >  {
> >  	struct cnxk_se_sess *sess_priv;
> > -	void *priv;
> >  	int ret;
> >
> >  	ret = sym_xform_verify(xform);
> >  	if (unlikely(ret < 0))
> >  		return ret;
> >
> > -	if (unlikely(rte_mempool_get(pool, &priv))) {
> > -		plt_dp_err("Could not allocate session private data");
> > -		return -ENOMEM;
> > -	}
> > +	memset(sess, 0, sizeof(struct cnxk_se_sess));
> >
> > -	memset(priv, 0, sizeof(struct cnxk_se_sess));
> > -
> > -	sess_priv = priv;
> > +	sess_priv = sess;
> >
> >  	switch (ret) {
> >  	case CNXK_CPT_CIPHER:
> > @@ -547,7 +539,7 @@ sym_session_configure(struct roc_cpt *roc_cpt, int
> > driver_id,
> >  	}
> >
> >  	if (ret)
> > -		goto priv_put;
> > +		return -ENOTSUP;
> >
> >  	if ((sess_priv->roc_se_ctx.fc_type == ROC_SE_HASH_HMAC) &&
> >  	    cpt_mac_len_verify(&xform->auth)) {
> > @@ -557,66 +549,45 @@ sym_session_configure(struct roc_cpt *roc_cpt,
> int
> > driver_id,
> >  			sess_priv->roc_se_ctx.auth_key = NULL;
> >  		}
> >
> > -		ret = -ENOTSUP;
> > -		goto priv_put;
> > +		return -ENOTSUP;
> >  	}
> >
> >  	sess_priv->cpt_inst_w7 = cnxk_cpt_inst_w7_get(sess_priv, roc_cpt);
> >
> > -	set_sym_session_private_data(sess, driver_id, sess_priv);
> > -
> >  	return 0;
> > -
> > -priv_put:
> > -	rte_mempool_put(pool, priv);
> > -
> > -	return -ENOTSUP;
> >  }
> >
> >  int
> >  cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
> >  			       struct rte_crypto_sym_xform *xform,
> > -			       struct rte_cryptodev_sym_session *sess,
> > -			       struct rte_mempool *pool)
> > +			       void *sess)
> >  {
> >  	struct cnxk_cpt_vf *vf = dev->data->dev_private;
> >  	struct roc_cpt *roc_cpt = &vf->cpt;
> > -	uint8_t driver_id;
> >
> > -	driver_id = dev->driver_id;
> > -
> > -	return sym_session_configure(roc_cpt, driver_id, xform, sess, pool);
> > +	return sym_session_configure(roc_cpt, xform, sess);
> >  }
> >
> >  void
> > -sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
> > +sym_session_clear(void *sess)
> >  {
> > -	void *priv = get_sym_session_private_data(sess, driver_id);
> > -	struct cnxk_se_sess *sess_priv;
> > -	struct rte_mempool *pool;
> > +	struct cnxk_se_sess *sess_priv = sess;
> >
> > -	if (priv == NULL)
> > +	if (sess == NULL)
> >  		return;
> >
> > -	sess_priv = priv;
> > -
> >  	if (sess_priv->roc_se_ctx.auth_key != NULL)
> >  		plt_free(sess_priv->roc_se_ctx.auth_key);
> >
> > -	memset(priv, 0, cnxk_cpt_sym_session_get_size(NULL));
> > -
> > -	pool = rte_mempool_from_obj(priv);
> > -
> > -	set_sym_session_private_data(sess, driver_id, NULL);
> > -
> > -	rte_mempool_put(pool, priv);
> > +	memset(sess_priv, 0, cnxk_cpt_sym_session_get_size(NULL));
> >  }
> >
> >  void
> > -cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
> > -			   struct rte_cryptodev_sym_session *sess)
> > +cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	return sym_session_clear(dev->driver_id, sess);
> > +	RTE_SET_USED(dev);
> > +
> > +	return sym_session_clear(sess);
> >  }
> >
> >  unsigned int
> > diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
> > b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
> > index c5332dec53..3c09d10582 100644
> > --- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
> > +++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
> > @@ -111,18 +111,15 @@ unsigned int
> > cnxk_cpt_sym_session_get_size(struct rte_cryptodev *dev);
> >
> >  int cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
> >  				   struct rte_crypto_sym_xform *xform,
> > -				   struct rte_cryptodev_sym_session *sess,
> > -				   struct rte_mempool *pool);
> > +				   void *sess);
> >
> > -int sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
> > +int sym_session_configure(struct roc_cpt *roc_cpt,
> >  			  struct rte_crypto_sym_xform *xform,
> > -			  struct rte_cryptodev_sym_session *sess,
> > -			  struct rte_mempool *pool);
> > +			  void *sess);
> >
> > -void cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
> > -				struct rte_cryptodev_sym_session *sess);
> > +void cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev, void *sess);
> >
> > -void sym_session_clear(int driver_id, struct rte_cryptodev_sym_session
> > *sess);
> > +void sym_session_clear(void *sess);
> >
> >  unsigned int cnxk_ae_session_size_get(struct rte_cryptodev *dev
> > __rte_unused);
> >
> > diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > index 176f1a27a0..42229763f8 100644
> > --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > @@ -3438,49 +3438,32 @@ dpaa2_sec_security_session_destroy(void
> *dev
> > __rte_unused, void *sess)
> >  static int
> >  dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		DPAA2_SEC_ERR("Couldn't get object from session
> > mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	ret = dpaa2_sec_set_session_parameters(dev, xform,
> > sess_private_data);
> > +	ret = dpaa2_sec_set_session_parameters(dev, xform, sess);
> >  	if (ret != 0) {
> >  		DPAA2_SEC_ERR("Failed to configure session parameters");
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -		sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> >  	PMD_INIT_FUNC_TRACE();
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -	dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
> > +	RTE_SET_USED(dev);
> > +	dpaa2_sec_session *s = (dpaa2_sec_session *)sess;
> >
> > -	if (sess_priv) {
> > +	if (sess) {
> >  		rte_free(s->ctxt);
> >  		rte_free(s->cipher_key.data);
> >  		rte_free(s->auth_key.data);
> >  		memset(s, 0, sizeof(dpaa2_sec_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> >  	}
> >  }
> >
> > diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c
> > b/drivers/crypto/dpaa_sec/dpaa_sec.c
> > index 5a087df090..4727088b45 100644
> > --- a/drivers/crypto/dpaa_sec/dpaa_sec.c
> > +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
> > @@ -2537,33 +2537,18 @@ dpaa_sec_set_session_parameters(struct
> > rte_cryptodev *dev,
> >
> >  static int
> >  dpaa_sec_sym_session_configure(struct rte_cryptodev *dev,
> > -		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		struct rte_crypto_sym_xform *xform, void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >
> >  	PMD_INIT_FUNC_TRACE();
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		DPAA_SEC_ERR("Couldn't get object from session
> > mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	ret = dpaa_sec_set_session_parameters(dev, xform,
> > sess_private_data);
> > +	ret = dpaa_sec_set_session_parameters(dev, xform, sess);
> >  	if (ret != 0) {
> >  		DPAA_SEC_ERR("failed to configure session parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -			sess_private_data);
> > -
> > -
> >  	return 0;
> >  }
> >
> > @@ -2584,18 +2569,14 @@ free_session_memory(struct rte_cryptodev
> > *dev, dpaa_sec_session *s)
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +dpaa_sec_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> >  	PMD_INIT_FUNC_TRACE();
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -	dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
> > +	RTE_SET_USED(dev);
> > +	dpaa_sec_session *s = (dpaa_sec_session *)sess;
> >
> > -	if (sess_priv) {
> > +	if (sess)
> >  		free_session_memory(dev, s);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -	}
> >  }
> >
> >  #ifdef RTE_LIB_SECURITY
> > diff --git a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
> > b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
> > index f075054807..b2e5c92598 100644
> > --- a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
> > +++ b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
> > @@ -220,7 +220,6 @@ kasumi_pmd_qp_setup(struct rte_cryptodev *dev,
> > uint16_t qp_id,
> >
> >  	qp->mgr = internals->mgr;
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> >
> > @@ -243,10 +242,8 @@ kasumi_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >  	struct kasumi_private *internals = dev->data->dev_private;
> >
> > @@ -255,43 +252,24 @@ kasumi_pmd_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		KASUMI_LOG(ERR,
> > -				"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> >  	ret = kasumi_set_session_parameters(internals->mgr,
> > -					sess_private_data, xform);
> > +					sess, xform);
> >  	if (ret != 0) {
> >  		KASUMI_LOG(ERR, "failed configure session parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -		sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -kasumi_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +kasumi_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > +	RTE_SET_USED(dev);
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > -		memset(sess_priv, 0, sizeof(struct kasumi_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -	}
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct kasumi_session));
> >  }
> >
> >  struct rte_cryptodev_ops kasumi_pmd_ops = {
> > diff --git a/drivers/crypto/mlx5/mlx5_crypto.c
> > b/drivers/crypto/mlx5/mlx5_crypto.c
> > index 682cf8b607..615ab9f45d 100644
> > --- a/drivers/crypto/mlx5/mlx5_crypto.c
> > +++ b/drivers/crypto/mlx5/mlx5_crypto.c
> > @@ -165,14 +165,12 @@ mlx5_crypto_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
> >  				  struct rte_crypto_sym_xform *xform,
> > -				  struct rte_cryptodev_sym_session *session,
> > -				  struct rte_mempool *mp)
> > +				  void *session)
> >  {
> >  	struct mlx5_crypto_priv *priv = dev->data->dev_private;
> > -	struct mlx5_crypto_session *sess_private_data;
> > +	struct mlx5_crypto_session *sess_private_data = session;
> >  	struct rte_crypto_cipher_xform *cipher;
> >  	uint8_t encryption_order;
> > -	int ret;
> >
> >  	if (unlikely(xform->next != NULL)) {
> >  		DRV_LOG(ERR, "Xform next is not supported.");
> > @@ -183,17 +181,9 @@ mlx5_crypto_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  		DRV_LOG(ERR, "Only AES-XTS algorithm is supported.");
> >  		return -ENOTSUP;
> >  	}
> > -	ret = rte_mempool_get(mp, (void *)&sess_private_data);
> > -	if (ret != 0) {
> > -		DRV_LOG(ERR,
> > -			"Failed to get session %p private data from
> > mempool.",
> > -			sess_private_data);
> > -		return -ENOMEM;
> > -	}
> >  	cipher = &xform->cipher;
> >  	sess_private_data->dek = mlx5_crypto_dek_prepare(priv, cipher);
> >  	if (sess_private_data->dek == NULL) {
> > -		rte_mempool_put(mp, sess_private_data);
> >  		DRV_LOG(ERR, "Failed to prepare dek.");
> >  		return -ENOMEM;
> >  	}
> > @@ -228,27 +218,21 @@ mlx5_crypto_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  	sess_private_data->dek_id =
> >  			rte_cpu_to_be_32(sess_private_data->dek->obj->id
> > &
> >  					 0xffffff);
> > -	set_sym_session_private_data(session, dev->driver_id,
> > -				     sess_private_data);
> >  	DRV_LOG(DEBUG, "Session %p was configured.", sess_private_data);
> >  	return 0;
> >  }
> >
> >  static void
> > -mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev,
> > -			      struct rte_cryptodev_sym_session *sess)
> > +mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> >  	struct mlx5_crypto_priv *priv = dev->data->dev_private;
> > -	struct mlx5_crypto_session *spriv =
> > get_sym_session_private_data(sess,
> > -								dev-
> > >driver_id);
> > +	struct mlx5_crypto_session *spriv = sess;
> >
> >  	if (unlikely(spriv == NULL)) {
> >  		DRV_LOG(ERR, "Failed to get session %p private data.",
> spriv);
> >  		return;
> >  	}
> >  	mlx5_crypto_dek_destroy(priv, spriv->dek);
> > -	set_sym_session_private_data(sess, dev->driver_id, NULL);
> > -	rte_mempool_put(rte_mempool_from_obj(spriv), spriv);
> >  	DRV_LOG(DEBUG, "Session %p was cleared.", spriv);
> >  }
> >
> > diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
> > b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
> > index e04a2c88c7..2e4b27ea21 100644
> > --- a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
> > +++ b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
> > @@ -704,7 +704,6 @@ mrvl_crypto_pmd_qp_setup(struct rte_cryptodev
> > *dev, uint16_t qp_id,
> >  			break;
> >
> >  		qp->sess_mp = qp_conf->mp_session;
> > -		qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  		memset(&qp->stats, 0, sizeof(qp->stats));
> >  		dev->data->queue_pairs[qp_id] = qp;
> > @@ -735,12 +734,9 @@
> > mrvl_crypto_pmd_sym_session_get_size(__rte_unused struct
> > rte_cryptodev *dev)
> >   */
> >  static int
> >  mrvl_crypto_pmd_sym_session_configure(__rte_unused struct
> > rte_cryptodev *dev,
> > -		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mp)
> > +		struct rte_crypto_sym_xform *xform, void *sess)
> >  {
> >  	struct mrvl_crypto_session *mrvl_sess;
> > -	void *sess_private_data;
> >  	int ret;
> >
> >  	if (sess == NULL) {
> > @@ -748,25 +744,16 @@
> > mrvl_crypto_pmd_sym_session_configure(__rte_unused struct
> > rte_cryptodev *dev,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mp, &sess_private_data)) {
> > -		CDEV_LOG_ERR("Couldn't get object from session
> > mempool.");
> > -		return -ENOMEM;
> > -	}
> > +	memset(sess, 0, sizeof(struct mrvl_crypto_session));
> >
> > -	memset(sess_private_data, 0, sizeof(struct mrvl_crypto_session));
> > -
> > -	ret = mrvl_crypto_set_session_parameters(sess_private_data,
> > xform);
> > +	ret = mrvl_crypto_set_session_parameters(sess, xform);
> >  	if (ret != 0) {
> >  		MRVL_LOG(ERR, "Failed to configure session parameters!");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mp, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > sess_private_data);
> >
> > -	mrvl_sess = (struct mrvl_crypto_session *)sess_private_data;
> > +	mrvl_sess = (struct mrvl_crypto_session *)sess;
> >  	if (sam_session_create(&mrvl_sess->sam_sess_params,
> >  				&mrvl_sess->sam_sess) < 0) {
> >  		MRVL_LOG(DEBUG, "Failed to create session!");
> > @@ -789,17 +776,13 @@
> > mrvl_crypto_pmd_sym_session_configure(__rte_unused struct
> > rte_cryptodev *dev,
> >   * @returns 0. Always.
> >   */
> >  static void
> > -mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void
> > *sess)
> >  {
> > -
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > +	RTE_SET_USED(dev);
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > +	if (sess) {
> >  		struct mrvl_crypto_session *mrvl_sess =
> > -			(struct mrvl_crypto_session *)sess_priv;
> > +			(struct mrvl_crypto_session *)sess;
> >
> >  		if (mrvl_sess->sam_sess &&
> >  		    sam_session_destroy(mrvl_sess->sam_sess) < 0) {
> > @@ -807,9 +790,6 @@ mrvl_crypto_pmd_sym_session_clear(struct
> > rte_cryptodev *dev,
> >  		}
> >
> >  		memset(mrvl_sess, 0, sizeof(struct mrvl_crypto_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> >  	}
> >  }
> >
> > diff --git a/drivers/crypto/nitrox/nitrox_sym.c
> > b/drivers/crypto/nitrox/nitrox_sym.c
> > index f8b7edcd69..0c9bbfef46 100644
> > --- a/drivers/crypto/nitrox/nitrox_sym.c
> > +++ b/drivers/crypto/nitrox/nitrox_sym.c
> > @@ -532,22 +532,16 @@ configure_aead_ctx(struct
> rte_crypto_aead_xform
> > *xform,
> >  static int
> >  nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev,
> >  			      struct rte_crypto_sym_xform *xform,
> > -			      struct rte_cryptodev_sym_session *sess,
> > -			      struct rte_mempool *mempool)
> > +			      void *sess)
> >  {
> > -	void *mp_obj;
> >  	struct nitrox_crypto_ctx *ctx;
> >  	struct rte_crypto_cipher_xform *cipher_xform = NULL;
> >  	struct rte_crypto_auth_xform *auth_xform = NULL;
> >  	struct rte_crypto_aead_xform *aead_xform = NULL;
> >  	int ret = -EINVAL;
> >
> > -	if (rte_mempool_get(mempool, &mp_obj)) {
> > -		NITROX_LOG(ERR, "Couldn't allocate context\n");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	ctx = mp_obj;
> > +	RTE_SET_USED(cdev);
> > +	ctx = sess;
> >  	ctx->nitrox_chain = get_crypto_chain_order(xform);
> >  	switch (ctx->nitrox_chain) {
> >  	case NITROX_CHAIN_CIPHER_ONLY:
> > @@ -586,28 +580,17 @@ nitrox_sym_dev_sess_configure(struct
> > rte_cryptodev *cdev,
> >  	}
> >
> >  	ctx->iova = rte_mempool_virt2iova(ctx);
> > -	set_sym_session_private_data(sess, cdev->driver_id, ctx);
> >  	return 0;
> >  err:
> > -	rte_mempool_put(mempool, mp_obj);
> >  	return ret;
> >  }
> >
> >  static void
> > -nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev,
> > -			  struct rte_cryptodev_sym_session *sess)
> > +nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev, void *sess)
> >  {
> > -	struct nitrox_crypto_ctx *ctx = get_sym_session_private_data(sess,
> > -							cdev->driver_id);
> > -	struct rte_mempool *sess_mp;
> > -
> > -	if (!ctx)
> > -		return;
> > -
> > -	memset(ctx, 0, sizeof(*ctx));
> > -	sess_mp = rte_mempool_from_obj(ctx);
> > -	set_sym_session_private_data(sess, cdev->driver_id, NULL);
> > -	rte_mempool_put(sess_mp, ctx);
> > +	RTE_SET_USED(cdev);
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct nitrox_crypto_ctx));
> >  }
> >
> >  static struct nitrox_crypto_ctx *
> > diff --git a/drivers/crypto/null/null_crypto_pmd_ops.c
> > b/drivers/crypto/null/null_crypto_pmd_ops.c
> > index a8b5a06e7f..65bfa8dcf7 100644
> > --- a/drivers/crypto/null/null_crypto_pmd_ops.c
> > +++ b/drivers/crypto/null/null_crypto_pmd_ops.c
> > @@ -234,7 +234,6 @@ null_crypto_pmd_qp_setup(struct rte_cryptodev
> > *dev, uint16_t qp_id,
> >  	}
> >
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> >
> > @@ -258,10 +257,8 @@ null_crypto_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  null_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev
> > __rte_unused,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mp)
> > +		void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >
> >  	if (unlikely(sess == NULL)) {
> > @@ -269,42 +266,23 @@ null_crypto_pmd_sym_session_configure(struct
> > rte_cryptodev *dev __rte_unused,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mp, &sess_private_data)) {
> > -		NULL_LOG(ERR,
> > -				"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	ret = null_crypto_set_session_parameters(sess_private_data,
> > xform);
> > +	ret = null_crypto_set_session_parameters(sess, xform);
> >  	if (ret != 0) {
> >  		NULL_LOG(ERR, "failed configure session parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mp, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -		sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -null_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +null_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void
> > *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > +	RTE_SET_USED(dev);
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > -		memset(sess_priv, 0, sizeof(struct null_crypto_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -	}
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct null_crypto_session));
> >  }
> >
> >  static struct rte_cryptodev_ops pmd_ops = {
> > diff --git a/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
> > b/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
> > index 7c6b1e45b4..95659e472b 100644
> > --- a/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
> > +++ b/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
> > @@ -49,7 +49,6 @@ struct cpt_instance {
> >  	uint32_t queue_id;
> >  	uintptr_t rsvd;
> >  	struct rte_mempool *sess_mp;
> > -	struct rte_mempool *sess_mp_priv;
> >  	struct cpt_qp_meta_info meta_info;
> >  	uint8_t ca_enabled;
> >  };
> > diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c
> > b/drivers/crypto/octeontx/otx_cryptodev_ops.c
> > index 9e8fd495cf..abd0963be0 100644
> > --- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
> > +++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
> > @@ -171,7 +171,6 @@ otx_cpt_que_pair_setup(struct rte_cryptodev *dev,
> >
> >  	instance->queue_id = que_pair_id;
> >  	instance->sess_mp = qp_conf->mp_session;
> > -	instance->sess_mp_priv = qp_conf->mp_session_private;
> >  	dev->data->queue_pairs[que_pair_id] = instance;
> >
> >  	return 0;
> > @@ -243,29 +242,22 @@ sym_xform_verify(struct rte_crypto_sym_xform
> > *xform)
> >  }
> >
> >  static int
> > -sym_session_configure(int driver_id, struct rte_crypto_sym_xform
> *xform,
> > -		      struct rte_cryptodev_sym_session *sess,
> > -		      struct rte_mempool *pool)
> > +sym_session_configure(struct rte_crypto_sym_xform *xform,
> > +		      void *sess)
> >  {
> >  	struct rte_crypto_sym_xform *temp_xform = xform;
> >  	struct cpt_sess_misc *misc;
> >  	vq_cmd_word3_t vq_cmd_w3;
> > -	void *priv;
> >  	int ret;
> >
> >  	ret = sym_xform_verify(xform);
> >  	if (unlikely(ret))
> >  		return ret;
> >
> > -	if (unlikely(rte_mempool_get(pool, &priv))) {
> > -		CPT_LOG_ERR("Could not allocate session private data");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	memset(priv, 0, sizeof(struct cpt_sess_misc) +
> > +	memset(sess, 0, sizeof(struct cpt_sess_misc) +
> >  			offsetof(struct cpt_ctx, mc_ctx));
> >
> > -	misc = priv;
> > +	misc = sess;
> >
> >  	for ( ; xform != NULL; xform = xform->next) {
> >  		switch (xform->type) {
> > @@ -301,8 +293,6 @@ sym_session_configure(int driver_id, struct
> > rte_crypto_sym_xform *xform,
> >  		goto priv_put;
> >  	}
> >
> > -	set_sym_session_private_data(sess, driver_id, priv);
> > -
> >  	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
> >  			     sizeof(struct cpt_sess_misc);
> >
> > @@ -316,56 +306,46 @@ sym_session_configure(int driver_id, struct
> > rte_crypto_sym_xform *xform,
> >  	return 0;
> >
> >  priv_put:
> > -	if (priv)
> > -		rte_mempool_put(pool, priv);
> >  	return -ENOTSUP;
> >  }
> >
> >  static void
> > -sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
> > +sym_session_clear(void *sess)
> >  {
> > -	void *priv = get_sym_session_private_data(sess, driver_id);
> >  	struct cpt_sess_misc *misc;
> > -	struct rte_mempool *pool;
> >  	struct cpt_ctx *ctx;
> >
> > -	if (priv == NULL)
> > +	if (sess == NULL)
> >  		return;
> >
> > -	misc = priv;
> > +	misc = sess;
> >  	ctx = SESS_PRIV(misc);
> >
> >  	if (ctx->auth_key != NULL)
> >  		rte_free(ctx->auth_key);
> >
> > -	memset(priv, 0, cpt_get_session_size());
> > -
> > -	pool = rte_mempool_from_obj(priv);
> > -
> > -	set_sym_session_private_data(sess, driver_id, NULL);
> > -
> > -	rte_mempool_put(pool, priv);
> > +	memset(sess, 0, cpt_get_session_size());
> >  }
> >
> >  static int
> >  otx_cpt_session_cfg(struct rte_cryptodev *dev,
> >  		    struct rte_crypto_sym_xform *xform,
> > -		    struct rte_cryptodev_sym_session *sess,
> > -		    struct rte_mempool *pool)
> > +		    void *sess)
> >  {
> >  	CPT_PMD_INIT_FUNC_TRACE();
> > +	RTE_SET_USED(dev);
> >
> > -	return sym_session_configure(dev->driver_id, xform, sess, pool);
> > +	return sym_session_configure(xform, sess);
> >  }
> >
> >
> >  static void
> > -otx_cpt_session_clear(struct rte_cryptodev *dev,
> > -		  struct rte_cryptodev_sym_session *sess)
> > +otx_cpt_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> >  	CPT_PMD_INIT_FUNC_TRACE();
> > +	RTE_SET_USED(dev);
> >
> > -	return sym_session_clear(dev->driver_id, sess);
> > +	return sym_session_clear(sess);
> >  }
> >
> >  static unsigned int
> > @@ -576,7 +556,6 @@ static __rte_always_inline void * __rte_hot
> >  otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
> >  				struct rte_crypto_op *op)
> >  {
> > -	const int driver_id = otx_cryptodev_driver_id;
> >  	struct rte_crypto_sym_op *sym_op = op->sym;
> >  	struct rte_cryptodev_sym_session *sess;
> >  	void *req;
> > @@ -589,8 +568,12 @@ otx_cpt_enq_single_sym_sessless(struct
> > cpt_instance *instance,
> >  		return NULL;
> >  	}
> >
> > -	ret = sym_session_configure(driver_id, sym_op->xform, sess,
> > -				    instance->sess_mp_priv);
> > +	sess->sess_data[otx_cryptodev_driver_id].data =
> > +			(void *)((uint8_t *)sess +
> > +			rte_cryptodev_sym_get_header_session_size() +
> > +			(otx_cryptodev_driver_id * sess->priv_sz));
> > +	ret = sym_session_configure(sym_op->xform,
> > +			sess->sess_data[otx_cryptodev_driver_id].data);
> >  	if (ret)
> >  		goto sess_put;
> >
> > @@ -604,7 +587,7 @@ otx_cpt_enq_single_sym_sessless(struct
> > cpt_instance *instance,
> >  	return req;
> >
> >  priv_put:
> > -	sym_session_clear(driver_id, sess);
> > +	sym_session_clear(sess);
> >  sess_put:
> >  	rte_mempool_put(instance->sess_mp, sess);
> >  	return NULL;
> > @@ -913,7 +896,6 @@ free_sym_session_data(const struct cpt_instance
> > *instance,
> >  	memset(cop->sym->session, 0,
> >  	       rte_cryptodev_sym_get_existing_header_session_size(
> >  		       cop->sym->session));
> > -	rte_mempool_put(instance->sess_mp_priv, sess_private_data_t);
> >  	rte_mempool_put(instance->sess_mp, cop->sym->session);
> >  	cop->sym->session = NULL;
> >  }
> > diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
> > b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
> > index 7b744cd4b4..dcfbc49996 100644
> > --- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
> > +++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
> > @@ -371,29 +371,21 @@ sym_xform_verify(struct rte_crypto_sym_xform
> > *xform)
> >  }
> >
> >  static int
> > -sym_session_configure(int driver_id, struct rte_crypto_sym_xform
> *xform,
> > -		      struct rte_cryptodev_sym_session *sess,
> > -		      struct rte_mempool *pool)
> > +sym_session_configure(struct rte_crypto_sym_xform *xform, void *sess)
> >  {
> >  	struct rte_crypto_sym_xform *temp_xform = xform;
> >  	struct cpt_sess_misc *misc;
> >  	vq_cmd_word3_t vq_cmd_w3;
> > -	void *priv;
> >  	int ret;
> >
> >  	ret = sym_xform_verify(xform);
> >  	if (unlikely(ret))
> >  		return ret;
> >
> > -	if (unlikely(rte_mempool_get(pool, &priv))) {
> > -		CPT_LOG_ERR("Could not allocate session private data");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	memset(priv, 0, sizeof(struct cpt_sess_misc) +
> > +	memset(sess, 0, sizeof(struct cpt_sess_misc) +
> >  			offsetof(struct cpt_ctx, mc_ctx));
> >
> > -	misc = priv;
> > +	misc = sess;
> >
> >  	for ( ; xform != NULL; xform = xform->next) {
> >  		switch (xform->type) {
> > @@ -414,7 +406,7 @@ sym_session_configure(int driver_id, struct
> > rte_crypto_sym_xform *xform,
> >  		}
> >
> >  		if (ret)
> > -			goto priv_put;
> > +			return -ENOTSUP;
> >  	}
> >
> >  	if ((GET_SESS_FC_TYPE(misc) == HASH_HMAC) &&
> > @@ -425,12 +417,9 @@ sym_session_configure(int driver_id, struct
> > rte_crypto_sym_xform *xform,
> >  			rte_free(ctx->auth_key);
> >  			ctx->auth_key = NULL;
> >  		}
> > -		ret = -ENOTSUP;
> > -		goto priv_put;
> > +		return -ENOTSUP;
> >  	}
> >
> > -	set_sym_session_private_data(sess, driver_id, misc);
> > -
> >  	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
> >  			     sizeof(struct cpt_sess_misc);
> >
> > @@ -451,11 +440,6 @@ sym_session_configure(int driver_id, struct
> > rte_crypto_sym_xform *xform,
> >  	misc->cpt_inst_w7 = vq_cmd_w3.u64;
> >
> >  	return 0;
> > -
> > -priv_put:
> > -	rte_mempool_put(pool, priv);
> > -
> > -	return -ENOTSUP;
> >  }
> >
> >  static __rte_always_inline int32_t __rte_hot
> > @@ -765,7 +749,6 @@ otx2_cpt_enqueue_sym_sessless(struct
> otx2_cpt_qp
> > *qp, struct rte_crypto_op *op,
> >  			      struct pending_queue *pend_q,
> >  			      unsigned int burst_index)
> >  {
> > -	const int driver_id = otx2_cryptodev_driver_id;
> >  	struct rte_crypto_sym_op *sym_op = op->sym;
> >  	struct rte_cryptodev_sym_session *sess;
> >  	int ret;
> > @@ -775,8 +758,12 @@ otx2_cpt_enqueue_sym_sessless(struct
> > otx2_cpt_qp *qp, struct rte_crypto_op *op,
> >  	if (sess == NULL)
> >  		return -ENOMEM;
> >
> > -	ret = sym_session_configure(driver_id, sym_op->xform, sess,
> > -				    qp->sess_mp_priv);
> > +	sess->sess_data[otx2_cryptodev_driver_id].data =
> > +			(void *)((uint8_t *)sess +
> > +			rte_cryptodev_sym_get_header_session_size() +
> > +			(otx2_cryptodev_driver_id * sess->priv_sz));
> > +	ret = sym_session_configure(sym_op->xform,
> > +			sess->sess_data[otx2_cryptodev_driver_id].data);
> >  	if (ret)
> >  		goto sess_put;
> >
> > @@ -790,7 +777,7 @@ otx2_cpt_enqueue_sym_sessless(struct
> otx2_cpt_qp
> > *qp, struct rte_crypto_op *op,
> >  	return 0;
> >
> >  priv_put:
> > -	sym_session_clear(driver_id, sess);
> > +	sym_session_clear(sess);
> >  sess_put:
> >  	rte_mempool_put(qp->sess_mp, sess);
> >  	return ret;
> > @@ -1035,8 +1022,7 @@ otx2_cpt_dequeue_post_process(struct
> > otx2_cpt_qp *qp, struct rte_crypto_op *cop,
> >  		}
> >
> >  		if (unlikely(cop->sess_type ==
> > RTE_CRYPTO_OP_SESSIONLESS)) {
> > -			sym_session_clear(otx2_cryptodev_driver_id,
> > -					  cop->sym->session);
> > +			sym_session_clear(cop->sym->session);
> >  			sz =
> > rte_cryptodev_sym_get_existing_header_session_size(
> >  					cop->sym->session);
> >  			memset(cop->sym->session, 0, sz);
> > @@ -1291,7 +1277,6 @@ otx2_cpt_queue_pair_setup(struct rte_cryptodev
> > *dev, uint16_t qp_id,
> >  	}
> >
> >  	qp->sess_mp = conf->mp_session;
> > -	qp->sess_mp_priv = conf->mp_session_private;
> >  	dev->data->queue_pairs[qp_id] = qp;
> >
> >  	return 0;
> > @@ -1330,21 +1315,22 @@ otx2_cpt_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  otx2_cpt_sym_session_configure(struct rte_cryptodev *dev,
> >  			       struct rte_crypto_sym_xform *xform,
> > -			       struct rte_cryptodev_sym_session *sess,
> > -			       struct rte_mempool *pool)
> > +			       void *sess)
> >  {
> >  	CPT_PMD_INIT_FUNC_TRACE();
> > +	RTE_SET_USED(dev);
> >
> > -	return sym_session_configure(dev->driver_id, xform, sess, pool);
> > +	return sym_session_configure(xform, sess);
> >  }
> >
> >  static void
> >  otx2_cpt_sym_session_clear(struct rte_cryptodev *dev,
> > -			   struct rte_cryptodev_sym_session *sess)
> > +			   void *sess)
> >  {
> >  	CPT_PMD_INIT_FUNC_TRACE();
> > +	RTE_SET_USED(dev);
> >
> > -	return sym_session_clear(dev->driver_id, sess);
> > +	return sym_session_clear(sess);
> >  }
> >
> >  static unsigned int
> > diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
> > b/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
> > index 01c081a216..5f63eaf7b7 100644
> > --- a/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
> > +++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
> > @@ -8,29 +8,21 @@
> >  #include "cpt_pmd_logs.h"
> >
> >  static void
> > -sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
> > +sym_session_clear(void *sess)
> >  {
> > -	void *priv = get_sym_session_private_data(sess, driver_id);
> >  	struct cpt_sess_misc *misc;
> > -	struct rte_mempool *pool;
> >  	struct cpt_ctx *ctx;
> >
> > -	if (priv == NULL)
> > +	if (sess == NULL)
> >  		return;
> >
> > -	misc = priv;
> > +	misc = sess;
> >  	ctx = SESS_PRIV(misc);
> >
> >  	if (ctx->auth_key != NULL)
> >  		rte_free(ctx->auth_key);
> >
> > -	memset(priv, 0, cpt_get_session_size());
> > -
> > -	pool = rte_mempool_from_obj(priv);
> > -
> > -	set_sym_session_private_data(sess, driver_id, NULL);
> > -
> > -	rte_mempool_put(pool, priv);
> > +	memset(sess, 0, cpt_get_session_size());
> >  }
> >
> >  static __rte_always_inline uint8_t
> > diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> > b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> > index 52715f86f8..1b48a6b400 100644
> > --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> > +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> > @@ -741,7 +741,6 @@ openssl_pmd_qp_setup(struct rte_cryptodev *dev,
> > uint16_t qp_id,
> >  		goto qp_setup_cleanup;
> >
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	memset(&qp->stats, 0, sizeof(qp->stats));
> >
> > @@ -772,10 +771,8 @@ openssl_pmd_asym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  openssl_pmd_sym_session_configure(struct rte_cryptodev *dev
> > __rte_unused,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >
> >  	if (unlikely(sess == NULL)) {
> > @@ -783,24 +780,12 @@ openssl_pmd_sym_session_configure(struct
> > rte_cryptodev *dev __rte_unused,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		OPENSSL_LOG(ERR,
> > -			"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	ret = openssl_set_session_parameters(sess_private_data, xform);
> > +	ret = openssl_set_session_parameters(sess, xform);
> >  	if (ret != 0) {
> >  		OPENSSL_LOG(ERR, "failed configure session parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -			sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> > @@ -1154,19 +1139,13 @@ openssl_pmd_asym_session_configure(struct
> > rte_cryptodev *dev __rte_unused,
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -openssl_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +openssl_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > +	RTE_SET_USED(dev);
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > -		openssl_reset_session(sess_priv);
> > -		memset(sess_priv, 0, sizeof(struct openssl_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > +	if (sess) {
> > +		openssl_reset_session(sess);
> > +		memset(sess, 0, sizeof(struct openssl_session));
> >  	}
> >  }
> >
> > diff --git a/drivers/crypto/qat/qat_sym_session.c
> > b/drivers/crypto/qat/qat_sym_session.c
> > index 2a22347c7f..114bf081c1 100644
> > --- a/drivers/crypto/qat/qat_sym_session.c
> > +++ b/drivers/crypto/qat/qat_sym_session.c
> > @@ -172,21 +172,14 @@ qat_is_auth_alg_supported(enum
> > rte_crypto_auth_algorithm algo,
> >  }
> >
> >  void
> > -qat_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +qat_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -	struct qat_sym_session *s = (struct qat_sym_session *)sess_priv;
> > +	struct qat_sym_session *s = (struct qat_sym_session *)sess;
> >
> > -	if (sess_priv) {
> > +	if (sess) {
> >  		if (s->bpi_ctx)
> >  			bpi_cipher_ctx_free(s->bpi_ctx);
> >  		memset(s, 0, qat_sym_session_get_private_size(dev));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> >  	}
> >  }
> >
> > @@ -458,31 +451,17 @@ qat_sym_session_configure_cipher(struct
> > rte_cryptodev *dev,
> >  int
> >  qat_sym_session_configure(struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess_private_data)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		CDEV_LOG_ERR(
> > -			"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> >  	ret = qat_sym_session_set_parameters(dev, xform,
> > sess_private_data);
> >  	if (ret != 0) {
> >  		QAT_LOG(ERR,
> >  		    "Crypto QAT PMD: failed to configure session
> parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -		sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> > diff --git a/drivers/crypto/qat/qat_sym_session.h
> > b/drivers/crypto/qat/qat_sym_session.h
> > index 7fcc1d6f7b..6da29e2305 100644
> > --- a/drivers/crypto/qat/qat_sym_session.h
> > +++ b/drivers/crypto/qat/qat_sym_session.h
> > @@ -112,8 +112,7 @@ struct qat_sym_session {
> >  int
> >  qat_sym_session_configure(struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool);
> > +		void *sess);
> >
> >  int
> >  qat_sym_session_set_parameters(struct rte_cryptodev *dev,
> > @@ -135,8 +134,7 @@ qat_sym_session_configure_auth(struct
> > rte_cryptodev *dev,
> >  				struct qat_sym_session *session);
> >
> >  void
> > -qat_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *session);
> > +qat_sym_session_clear(struct rte_cryptodev *dev, void *session);
> >
> >  unsigned int
> >  qat_sym_session_get_private_size(struct rte_cryptodev *dev);
> > diff --git a/drivers/crypto/scheduler/scheduler_pmd_ops.c
> > b/drivers/crypto/scheduler/scheduler_pmd_ops.c
> > index 465b88ade8..87260b5a22 100644
> > --- a/drivers/crypto/scheduler/scheduler_pmd_ops.c
> > +++ b/drivers/crypto/scheduler/scheduler_pmd_ops.c
> > @@ -476,9 +476,7 @@ scheduler_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >
> >  static int
> >  scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
> > -	struct rte_crypto_sym_xform *xform,
> > -	struct rte_cryptodev_sym_session *sess,
> > -	struct rte_mempool *mempool)
> > +	struct rte_crypto_sym_xform *xform, void *sess)
> >  {
> >  	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
> >  	uint32_t i;
> > @@ -488,7 +486,7 @@ scheduler_pmd_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  		struct scheduler_worker *worker = &sched_ctx->workers[i];
> >
> >  		ret = rte_cryptodev_sym_session_init(worker->dev_id, sess,
> > -					xform, mempool);
> > +					xform);
> >  		if (ret < 0) {
> >  			CR_SCHED_LOG(ERR, "unable to config sym
> session");
> >  			return ret;
> > @@ -500,8 +498,7 @@ scheduler_pmd_sym_session_configure(struct
> > rte_cryptodev *dev,
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> >  	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
> >  	uint32_t i;
> > diff --git a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
> > b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
> > index 3f46014b7d..b0f8f6d86a 100644
> > --- a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
> > +++ b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
> > @@ -226,7 +226,6 @@ snow3g_pmd_qp_setup(struct rte_cryptodev *dev,
> > uint16_t qp_id,
> >
> >  	qp->mgr = internals->mgr;
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> >
> > @@ -250,10 +249,8 @@ snow3g_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  snow3g_pmd_sym_session_configure(struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >  	struct snow3g_private *internals = dev->data->dev_private;
> >
> > @@ -262,43 +259,24 @@ snow3g_pmd_sym_session_configure(struct
> > rte_cryptodev *dev,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		SNOW3G_LOG(ERR,
> > -			"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> >  	ret = snow3g_set_session_parameters(internals->mgr,
> > -					sess_private_data, xform);
> > +					sess, xform);
> >  	if (ret != 0) {
> >  		SNOW3G_LOG(ERR, "failed configure session parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -		sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -snow3g_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +snow3g_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > +	RTE_SET_USED(dev);
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > -		memset(sess_priv, 0, sizeof(struct snow3g_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -	}
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct snow3g_session));
> >  }
> >
> >  struct rte_cryptodev_ops snow3g_pmd_ops = {
> > diff --git a/drivers/crypto/virtio/virtio_cryptodev.c
> > b/drivers/crypto/virtio/virtio_cryptodev.c
> > index 8faa39df4a..de52fec32e 100644
> > --- a/drivers/crypto/virtio/virtio_cryptodev.c
> > +++ b/drivers/crypto/virtio/virtio_cryptodev.c
> > @@ -37,11 +37,10 @@ static void virtio_crypto_dev_free_mbufs(struct
> > rte_cryptodev *dev);
> >  static unsigned int virtio_crypto_sym_get_session_private_size(
> >  		struct rte_cryptodev *dev);
> >  static void virtio_crypto_sym_clear_session(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess);
> > +		void *sess);
> >  static int virtio_crypto_sym_configure_session(struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *session,
> > -		struct rte_mempool *mp);
> > +		void *session);
> >
> >  /*
> >   * The set of PCI devices this driver supports
> > @@ -927,7 +926,7 @@ virtio_crypto_check_sym_clear_session_paras(
> >  static void
> >  virtio_crypto_sym_clear_session(
> >  		struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +		void *sess)
> >  {
> >  	struct virtio_crypto_hw *hw;
> >  	struct virtqueue *vq;
> > @@ -1290,11 +1289,9 @@ static int
> >  virtio_crypto_check_sym_configure_session_paras(
> >  		struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sym_sess,
> > -		struct rte_mempool *mempool)
> > +		void *sym_sess)
> >  {
> > -	if (unlikely(xform == NULL) || unlikely(sym_sess == NULL) ||
> > -		unlikely(mempool == NULL)) {
> > +	if (unlikely(xform == NULL) || unlikely(sym_sess == NULL)) {
> >  		VIRTIO_CRYPTO_SESSION_LOG_ERR("NULL pointer");
> >  		return -1;
> >  	}
> > @@ -1309,12 +1306,9 @@ static int
> >  virtio_crypto_sym_configure_session(
> >  		struct rte_cryptodev *dev,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess)
> >  {
> >  	int ret;
> > -	struct virtio_crypto_session crypto_sess;
> > -	void *session_private = &crypto_sess;
> >  	struct virtio_crypto_session *session;
> >  	struct virtio_crypto_op_ctrl_req *ctrl_req;
> >  	enum virtio_crypto_cmd_id cmd_id;
> > @@ -1326,19 +1320,13 @@ virtio_crypto_sym_configure_session(
> >  	PMD_INIT_FUNC_TRACE();
> >
> >  	ret = virtio_crypto_check_sym_configure_session_paras(dev, xform,
> > -			sess, mempool);
> > +			sess);
> >  	if (ret < 0) {
> >  		VIRTIO_CRYPTO_SESSION_LOG_ERR("Invalid parameters");
> >  		return ret;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &session_private)) {
> > -		VIRTIO_CRYPTO_SESSION_LOG_ERR(
> > -			"Couldn't get object from session mempool");
> > -		return -ENOMEM;
> > -	}
> > -
> > -	session = (struct virtio_crypto_session *)session_private;
> > +	session = (struct virtio_crypto_session *)sess;
> >  	memset(session, 0, sizeof(struct virtio_crypto_session));
> >  	ctrl_req = &session->ctrl;
> >  	ctrl_req->header.opcode =
> > VIRTIO_CRYPTO_CIPHER_CREATE_SESSION;
> > @@ -1401,9 +1389,6 @@ virtio_crypto_sym_configure_session(
> >  		goto error_out;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -		session_private);
> > -
> >  	return 0;
> >
> >  error_out:
> > diff --git a/drivers/crypto/zuc/rte_zuc_pmd_ops.c
> > b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
> > index 38642d45ab..04126c8a04 100644
> > --- a/drivers/crypto/zuc/rte_zuc_pmd_ops.c
> > +++ b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
> > @@ -226,7 +226,6 @@ zuc_pmd_qp_setup(struct rte_cryptodev *dev,
> > uint16_t qp_id,
> >
> >  	qp->mb_mgr = internals->mb_mgr;
> >  	qp->sess_mp = qp_conf->mp_session;
> > -	qp->sess_mp_priv = qp_conf->mp_session_private;
> >
> >  	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
> >
> > @@ -250,10 +249,8 @@ zuc_pmd_sym_session_get_size(struct
> > rte_cryptodev *dev __rte_unused)
> >  static int
> >  zuc_pmd_sym_session_configure(struct rte_cryptodev *dev
> __rte_unused,
> >  		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_mempool *mempool)
> > +		void *sess)
> >  {
> > -	void *sess_private_data;
> >  	int ret;
> >
> >  	if (unlikely(sess == NULL)) {
> > @@ -261,43 +258,23 @@ zuc_pmd_sym_session_configure(struct
> > rte_cryptodev *dev __rte_unused,
> >  		return -EINVAL;
> >  	}
> >
> > -	if (rte_mempool_get(mempool, &sess_private_data)) {
> > -		ZUC_LOG(ERR,
> > -			"Couldn't get object from session mempool");
> > -
> > -		return -ENOMEM;
> > -	}
> > -
> > -	ret = zuc_set_session_parameters(sess_private_data, xform);
> > +	ret = zuc_set_session_parameters(sess, xform);
> >  	if (ret != 0) {
> >  		ZUC_LOG(ERR, "failed configure session parameters");
> > -
> > -		/* Return session to mempool */
> > -		rte_mempool_put(mempool, sess_private_data);
> >  		return ret;
> >  	}
> >
> > -	set_sym_session_private_data(sess, dev->driver_id,
> > -		sess_private_data);
> > -
> >  	return 0;
> >  }
> >
> >  /** Clear the memory of session so it doesn't leave key material behind */
> >  static void
> > -zuc_pmd_sym_session_clear(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess)
> > +zuc_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
> >  {
> > -	uint8_t index = dev->driver_id;
> > -	void *sess_priv = get_sym_session_private_data(sess, index);
> > -
> > +	RTE_SET_USED(dev);
> >  	/* Zero out the whole structure */
> > -	if (sess_priv) {
> > -		memset(sess_priv, 0, sizeof(struct zuc_session));
> > -		struct rte_mempool *sess_mp =
> > rte_mempool_from_obj(sess_priv);
> > -		set_sym_session_private_data(sess, index, NULL);
> > -		rte_mempool_put(sess_mp, sess_priv);
> > -	}
> > +	if (sess)
> > +		memset(sess, 0, sizeof(struct zuc_session));
> >  }
> >
> >  struct rte_cryptodev_ops zuc_pmd_ops = {
> > diff --git a/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
> > b/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
> > index b33cb7e139..8522f2dfda 100644
> > --- a/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
> > +++ b/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
> > @@ -38,8 +38,7 @@ otx2_ca_deq_post_process(const struct otx2_cpt_qp
> > *qp,
> >  		}
> >
> >  		if (unlikely(cop->sess_type ==
> > RTE_CRYPTO_OP_SESSIONLESS)) {
> > -			sym_session_clear(otx2_cryptodev_driver_id,
> > -					  cop->sym->session);
> > +			sym_session_clear(cop->sym->session);
> >  			memset(cop->sym->session, 0,
> >
> > 	rte_cryptodev_sym_get_existing_header_session_size(
> >  				cop->sym->session));
> > diff --git a/examples/fips_validation/fips_dev_self_test.c
> > b/examples/fips_validation/fips_dev_self_test.c
> > index b4eab05a98..bbc27a1b6f 100644
> > --- a/examples/fips_validation/fips_dev_self_test.c
> > +++ b/examples/fips_validation/fips_dev_self_test.c
> > @@ -969,7 +969,6 @@ struct fips_dev_auto_test_env {
> >  	struct rte_mempool *mpool;
> >  	struct rte_mempool *op_pool;
> >  	struct rte_mempool *sess_pool;
> > -	struct rte_mempool *sess_priv_pool;
> >  	struct rte_mbuf *mbuf;
> >  	struct rte_crypto_op *op;
> >  };
> > @@ -981,7 +980,7 @@ typedef int
> > (*fips_dev_self_test_prepare_xform_t)(uint8_t,
> >  		uint32_t);
> >
> >  typedef int (*fips_dev_self_test_prepare_op_t)(struct rte_crypto_op *,
> > -		struct rte_mbuf *, struct rte_cryptodev_sym_session *,
> > +		struct rte_mbuf *, void *,
> >  		uint32_t, struct fips_dev_self_test_vector *);
> >
> >  typedef int (*fips_dev_self_test_check_result_t)(struct rte_crypto_op *,
> > @@ -1173,7 +1172,7 @@ prepare_aead_xform(uint8_t dev_id,
> >  static int
> >  prepare_cipher_op(struct rte_crypto_op *op,
> >  		struct rte_mbuf *mbuf,
> > -		struct rte_cryptodev_sym_session *session,
> > +		void *session,
> >  		uint32_t dir,
> >  		struct fips_dev_self_test_vector *vec)
> >  {
> > @@ -1212,7 +1211,7 @@ prepare_cipher_op(struct rte_crypto_op *op,
> >  static int
> >  prepare_auth_op(struct rte_crypto_op *op,
> >  		struct rte_mbuf *mbuf,
> > -		struct rte_cryptodev_sym_session *session,
> > +		void *session,
> >  		uint32_t dir,
> >  		struct fips_dev_self_test_vector *vec)
> >  {
> > @@ -1251,7 +1250,7 @@ prepare_auth_op(struct rte_crypto_op *op,
> >  static int
> >  prepare_aead_op(struct rte_crypto_op *op,
> >  		struct rte_mbuf *mbuf,
> > -		struct rte_cryptodev_sym_session *session,
> > +		void *session,
> >  		uint32_t dir,
> >  		struct fips_dev_self_test_vector *vec)
> >  {
> > @@ -1464,7 +1463,7 @@ run_single_test(uint8_t dev_id,
> >  		uint32_t negative_test)
> >  {
> >  	struct rte_crypto_sym_xform xform;
> > -	struct rte_cryptodev_sym_session *sess;
> > +	void *sess;
> >  	uint16_t n_deqd;
> >  	uint8_t key[256];
> >  	int ret;
> > @@ -1484,8 +1483,7 @@ run_single_test(uint8_t dev_id,
> >  	if (!sess)
> >  		return -ENOMEM;
> >
> > -	ret = rte_cryptodev_sym_session_init(dev_id,
> > -			sess, &xform, env->sess_priv_pool);
> > +	ret = rte_cryptodev_sym_session_init(dev_id, sess, &xform);
> >  	if (ret < 0) {
> >  		RTE_LOG(ERR, PMD, "Error %i: Init session\n", ret);
> >  		return ret;
> > @@ -1533,8 +1531,6 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
> >  		rte_mempool_free(env->op_pool);
> >  	if (env->sess_pool)
> >  		rte_mempool_free(env->sess_pool);
> > -	if (env->sess_priv_pool)
> > -		rte_mempool_free(env->sess_priv_pool);
> >
> >  	rte_cryptodev_stop(dev_id);
> >  }
> > @@ -1542,7 +1538,7 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
> >  static int
> >  fips_dev_auto_test_init(uint8_t dev_id, struct fips_dev_auto_test_env
> > *env)
> >  {
> > -	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
> > +	struct rte_cryptodev_qp_conf qp_conf = {128, NULL};
> >  	uint32_t sess_sz =
> > rte_cryptodev_sym_get_private_session_size(dev_id);
> >  	struct rte_cryptodev_config conf;
> >  	char name[128];
> > @@ -1586,25 +1582,13 @@ fips_dev_auto_test_init(uint8_t dev_id, struct
> > fips_dev_auto_test_env *env)
> >  	snprintf(name, 128, "%s%u", "SELF_TEST_SESS_POOL", dev_id);
> >
> >  	env->sess_pool = rte_cryptodev_sym_session_pool_create(name,
> > -			128, 0, 0, 0, rte_cryptodev_socket_id(dev_id));
> > +			128, sess_sz, 0, 0, rte_cryptodev_socket_id(dev_id));
> >  	if (!env->sess_pool) {
> >  		ret = -ENOMEM;
> >  		goto error_exit;
> >  	}
> >
> > -	memset(name, 0, 128);
> > -	snprintf(name, 128, "%s%u", "SELF_TEST_SESS_PRIV_POOL", dev_id);
> > -
> > -	env->sess_priv_pool = rte_mempool_create(name,
> > -			128, sess_sz, 0, 0, NULL, NULL, NULL,
> > -			NULL, rte_cryptodev_socket_id(dev_id), 0);
> > -	if (!env->sess_priv_pool) {
> > -		ret = -ENOMEM;
> > -		goto error_exit;
> > -	}
> > -
> >  	qp_conf.mp_session = env->sess_pool;
> > -	qp_conf.mp_session_private = env->sess_priv_pool;
> >
> >  	ret = rte_cryptodev_queue_pair_setup(dev_id, 0, &qp_conf,
> >  			rte_cryptodev_socket_id(dev_id));
> > diff --git a/examples/fips_validation/main.c
> > b/examples/fips_validation/main.c
> > index a8daad1f48..03c6ccb5b8 100644
> > --- a/examples/fips_validation/main.c
> > +++ b/examples/fips_validation/main.c
> > @@ -48,13 +48,12 @@ struct cryptodev_fips_validate_env {
> >  	uint16_t mbuf_data_room;
> >  	struct rte_mempool *mpool;
> >  	struct rte_mempool *sess_mpool;
> > -	struct rte_mempool *sess_priv_mpool;
> >  	struct rte_mempool *op_pool;
> >  	struct rte_mbuf *mbuf;
> >  	uint8_t *digest;
> >  	uint16_t digest_len;
> >  	struct rte_crypto_op *op;
> > -	struct rte_cryptodev_sym_session *sess;
> > +	void *sess;
> >  	uint16_t self_test;
> >  	struct fips_dev_broken_test_config *broken_test_config;
> >  } env;
> > @@ -63,7 +62,7 @@ static int
> >  cryptodev_fips_validate_app_int(void)
> >  {
> >  	struct rte_cryptodev_config conf = {rte_socket_id(), 1, 0};
> > -	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
> > +	struct rte_cryptodev_qp_conf qp_conf = {128, NULL};
> >  	struct rte_cryptodev_info dev_info;
> >  	uint32_t sess_sz = rte_cryptodev_sym_get_private_session_size(
> >  			env.dev_id);
> > @@ -103,16 +102,11 @@ cryptodev_fips_validate_app_int(void)
> >  	ret = -ENOMEM;
> >
> >  	env.sess_mpool = rte_cryptodev_sym_session_pool_create(
> > -			"FIPS_SESS_MEMPOOL", 16, 0, 0, 0, rte_socket_id());
> > +			"FIPS_SESS_MEMPOOL", 16, sess_sz, 0, 0,
> > +			rte_socket_id());
> >  	if (!env.sess_mpool)
> >  		goto error_exit;
> >
> > -	env.sess_priv_mpool =
> > rte_mempool_create("FIPS_SESS_PRIV_MEMPOOL",
> > -			16, sess_sz, 0, 0, NULL, NULL, NULL,
> > -			NULL, rte_socket_id(), 0);
> > -	if (!env.sess_priv_mpool)
> > -		goto error_exit;
> > -
> >  	env.op_pool = rte_crypto_op_pool_create(
> >  			"FIPS_OP_POOL",
> >  			RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > @@ -127,7 +121,6 @@ cryptodev_fips_validate_app_int(void)
> >  		goto error_exit;
> >
> >  	qp_conf.mp_session = env.sess_mpool;
> > -	qp_conf.mp_session_private = env.sess_priv_mpool;
> >
> >  	ret = rte_cryptodev_queue_pair_setup(env.dev_id, 0, &qp_conf,
> >  			rte_socket_id());
> > @@ -141,8 +134,6 @@ cryptodev_fips_validate_app_int(void)
> >  	rte_mempool_free(env.mpool);
> >  	if (env.sess_mpool)
> >  		rte_mempool_free(env.sess_mpool);
> > -	if (env.sess_priv_mpool)
> > -		rte_mempool_free(env.sess_priv_mpool);
> >  	if (env.op_pool)
> >  		rte_mempool_free(env.op_pool);
> >
> > @@ -158,7 +149,6 @@ cryptodev_fips_validate_app_uninit(void)
> >  	rte_cryptodev_sym_session_free(env.sess);
> >  	rte_mempool_free(env.mpool);
> >  	rte_mempool_free(env.sess_mpool);
> > -	rte_mempool_free(env.sess_priv_mpool);
> >  	rte_mempool_free(env.op_pool);
> >  }
> >
> > @@ -1179,7 +1169,7 @@ fips_run_test(void)
> >  		return -ENOMEM;
> >
> >  	ret = rte_cryptodev_sym_session_init(env.dev_id,
> > -			env.sess, &xform, env.sess_priv_mpool);
> > +			env.sess, &xform);
> >  	if (ret < 0) {
> >  		RTE_LOG(ERR, USER1, "Error %i: Init session\n",
> >  				ret);
> > diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-
> > secgw/ipsec-secgw.c
> > index 7ad94cb822..65528ee2e7 100644
> > --- a/examples/ipsec-secgw/ipsec-secgw.c
> > +++ b/examples/ipsec-secgw/ipsec-secgw.c
> > @@ -1216,15 +1216,11 @@ ipsec_poll_mode_worker(void)
> >  	qconf->inbound.sa_ctx = socket_ctx[socket_id].sa_in;
> >  	qconf->inbound.cdev_map = cdev_map_in;
> >  	qconf->inbound.session_pool = socket_ctx[socket_id].session_pool;
> > -	qconf->inbound.session_priv_pool =
> > -			socket_ctx[socket_id].session_priv_pool;
> >  	qconf->outbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_out;
> >  	qconf->outbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_out;
> >  	qconf->outbound.sa_ctx = socket_ctx[socket_id].sa_out;
> >  	qconf->outbound.cdev_map = cdev_map_out;
> >  	qconf->outbound.session_pool =
> > socket_ctx[socket_id].session_pool;
> > -	qconf->outbound.session_priv_pool =
> > -			socket_ctx[socket_id].session_priv_pool;
> >  	qconf->frag.pool_dir = socket_ctx[socket_id].mbuf_pool;
> >  	qconf->frag.pool_indir = socket_ctx[socket_id].mbuf_pool_indir;
> >
> > @@ -2142,8 +2138,6 @@ cryptodevs_init(uint16_t req_queue_num)
> >  		qp_conf.nb_descriptors = CDEV_QUEUE_DESC;
> >  		qp_conf.mp_session =
> >  			socket_ctx[dev_conf.socket_id].session_pool;
> > -		qp_conf.mp_session_private =
> > -			socket_ctx[dev_conf.socket_id].session_priv_pool;
> >  		for (qp = 0; qp < dev_conf.nb_queue_pairs; qp++)
> >  			if (rte_cryptodev_queue_pair_setup(cdev_id, qp,
> >  					&qp_conf, dev_conf.socket_id))
> > @@ -2405,37 +2399,37 @@ session_pool_init(struct socket_ctx *ctx,
> int32_t
> > socket_id, size_t sess_sz)
> >  		printf("Allocated session pool on socket %d\n",
> > 	socket_id);
> >  }
> >
> > -static void
> > -session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
> > -	size_t sess_sz)
> > -{
> > -	char mp_name[RTE_MEMPOOL_NAMESIZE];
> > -	struct rte_mempool *sess_mp;
> > -	uint32_t nb_sess;
> > -
> > -	snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> > -			"sess_mp_priv_%u", socket_id);
> > -	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
> > -		rte_lcore_count());
> > -	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
> > -			CDEV_MP_CACHE_MULTIPLIER);
> > -	sess_mp = rte_mempool_create(mp_name,
> > -			nb_sess,
> > -			sess_sz,
> > -			CDEV_MP_CACHE_SZ,
> > -			0, NULL, NULL, NULL,
> > -			NULL, socket_id,
> > -			0);
> > -	ctx->session_priv_pool = sess_mp;
> > -
> > -	if (ctx->session_priv_pool == NULL)
> > -		rte_exit(EXIT_FAILURE,
> > -			"Cannot init session priv pool on socket %d\n",
> > -			socket_id);
> > -	else
> > -		printf("Allocated session priv pool on socket %d\n",
> > -			socket_id);
> > -}
> > +//static void
> > +//session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
> > +//	size_t sess_sz)
> > +//{
> > +//	char mp_name[RTE_MEMPOOL_NAMESIZE];
> > +//	struct rte_mempool *sess_mp;
> > +//	uint32_t nb_sess;
> > +//
> > +//	snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> > +//			"sess_mp_priv_%u", socket_id);
> > +//	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
> > +//		rte_lcore_count());
> > +//	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
> > +//			CDEV_MP_CACHE_MULTIPLIER);
> > +//	sess_mp = rte_mempool_create(mp_name,
> > +//			nb_sess,
> > +//			sess_sz,
> > +//			CDEV_MP_CACHE_SZ,
> > +//			0, NULL, NULL, NULL,
> > +//			NULL, socket_id,
> > +//			0);
> > +//	ctx->session_priv_pool = sess_mp;
> > +//
> > +//	if (ctx->session_priv_pool == NULL)
> > +//		rte_exit(EXIT_FAILURE,
> > +//			"Cannot init session priv pool on socket %d\n",
> > +//			socket_id);
> > +//	else
> > +//		printf("Allocated session priv pool on socket %d\n",
> > +//			socket_id);
> > +//}
> >
> >  static void
> >  pool_init(struct socket_ctx *ctx, int32_t socket_id, uint32_t nb_mbuf)
> > @@ -2938,8 +2932,8 @@ main(int32_t argc, char **argv)
> >
> >  		pool_init(&socket_ctx[socket_id], socket_id,
> > nb_bufs_in_pool);
> >  		session_pool_init(&socket_ctx[socket_id], socket_id,
> > sess_sz);
> > -		session_priv_pool_init(&socket_ctx[socket_id], socket_id,
> > -			sess_sz);
> > +//		session_priv_pool_init(&socket_ctx[socket_id], socket_id,
> > +//			sess_sz);
> >  	}
> >  	printf("Number of mbufs in packet pool %d\n", nb_bufs_in_pool);
> >
> > diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
> > index 03d907cba8..a5921de11c 100644
> > --- a/examples/ipsec-secgw/ipsec.c
> > +++ b/examples/ipsec-secgw/ipsec.c
> > @@ -143,8 +143,7 @@ create_lookaside_session(struct ipsec_ctx
> *ipsec_ctx,
> > struct ipsec_sa *sa,
> >  		ips->crypto.ses = rte_cryptodev_sym_session_create(
> >  				ipsec_ctx->session_pool);
> >  		rte_cryptodev_sym_session_init(ipsec_ctx-
> > >tbl[cdev_id_qp].id,
> > -				ips->crypto.ses, sa->xforms,
> > -				ipsec_ctx->session_priv_pool);
> > +				ips->crypto.ses, sa->xforms);
> >
> >  		rte_cryptodev_info_get(ipsec_ctx->tbl[cdev_id_qp].id,
> >  				&cdev_info);
> > diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
> > index 8405c48171..673c64e8dc 100644
> > --- a/examples/ipsec-secgw/ipsec.h
> > +++ b/examples/ipsec-secgw/ipsec.h
> > @@ -243,7 +243,6 @@ struct socket_ctx {
> >  	struct rte_mempool *mbuf_pool;
> >  	struct rte_mempool *mbuf_pool_indir;
> >  	struct rte_mempool *session_pool;
> > -	struct rte_mempool *session_priv_pool;
> >  };
> >
> >  struct cnt_blk {
> > diff --git a/examples/ipsec-secgw/ipsec_worker.c b/examples/ipsec-
> > secgw/ipsec_worker.c
> > index c545497cee..04bcce49db 100644
> > --- a/examples/ipsec-secgw/ipsec_worker.c
> > +++ b/examples/ipsec-secgw/ipsec_worker.c
> > @@ -537,14 +537,10 @@
> ipsec_wrkr_non_burst_int_port_app_mode(struct
> > eh_event_link_info *links,
> >  	lconf.inbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_in;
> >  	lconf.inbound.sa_ctx = socket_ctx[socket_id].sa_in;
> >  	lconf.inbound.session_pool = socket_ctx[socket_id].session_pool;
> > -	lconf.inbound.session_priv_pool =
> > -			socket_ctx[socket_id].session_priv_pool;
> >  	lconf.outbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_out;
> >  	lconf.outbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_out;
> >  	lconf.outbound.sa_ctx = socket_ctx[socket_id].sa_out;
> >  	lconf.outbound.session_pool = socket_ctx[socket_id].session_pool;
> > -	lconf.outbound.session_priv_pool =
> > -			socket_ctx[socket_id].session_priv_pool;
> >
> >  	RTE_LOG(INFO, IPSEC,
> >  		"Launching event mode worker (non-burst - Tx internal port -
> > "
> > diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
> > index 66d1491bf7..bdc3da731c 100644
> > --- a/examples/l2fwd-crypto/main.c
> > +++ b/examples/l2fwd-crypto/main.c
> > @@ -188,7 +188,7 @@ struct l2fwd_crypto_params {
> >  	struct l2fwd_iv auth_iv;
> >  	struct l2fwd_iv aead_iv;
> >  	struct l2fwd_key aad;
> > -	struct rte_cryptodev_sym_session *session;
> > +	void *session;
> >
> >  	uint8_t do_cipher;
> >  	uint8_t do_hash;
> > @@ -229,7 +229,6 @@ struct rte_mempool *l2fwd_pktmbuf_pool;
> >  struct rte_mempool *l2fwd_crypto_op_pool;
> >  static struct {
> >  	struct rte_mempool *sess_mp;
> > -	struct rte_mempool *priv_mp;
> >  } session_pool_socket[RTE_MAX_NUMA_NODES];
> >
> >  /* Per-port statistics struct */
> > @@ -671,11 +670,11 @@ generate_random_key(uint8_t *key, unsigned
> > length)
> >  }
> >
> >  /* Session is created and is later attached to the crypto operation. 8< */
> > -static struct rte_cryptodev_sym_session *
> > +static void *
> >  initialize_crypto_session(struct l2fwd_crypto_options *options, uint8_t
> > cdev_id)
> >  {
> >  	struct rte_crypto_sym_xform *first_xform;
> > -	struct rte_cryptodev_sym_session *session;
> > +	void *session;
> >  	int retval = rte_cryptodev_socket_id(cdev_id);
> >
> >  	if (retval < 0)
> > @@ -703,8 +702,7 @@ initialize_crypto_session(struct
> l2fwd_crypto_options
> > *options, uint8_t cdev_id)
> >  		return NULL;
> >
> >  	if (rte_cryptodev_sym_session_init(cdev_id, session,
> > -				first_xform,
> > -				session_pool_socket[socket_id].priv_mp) < 0)
> > +				first_xform) < 0)
> >  		return NULL;
> >
> >  	return session;
> > @@ -730,7 +728,7 @@ l2fwd_main_loop(struct l2fwd_crypto_options
> > *options)
> >  			US_PER_S * BURST_TX_DRAIN_US;
> >  	struct l2fwd_crypto_params *cparams;
> >  	struct l2fwd_crypto_params port_cparams[qconf->nb_crypto_devs];
> > -	struct rte_cryptodev_sym_session *session;
> > +	void *session;
> >
> >  	if (qconf->nb_rx_ports == 0) {
> >  		RTE_LOG(INFO, L2FWD, "lcore %u has nothing to do\n",
> > lcore_id);
> > @@ -2388,30 +2386,6 @@ initialize_cryptodevs(struct
> l2fwd_crypto_options
> > *options, unsigned nb_ports,
> >  		} else
> >  			sessions_needed = enabled_cdev_count;
> >
> > -		if (session_pool_socket[socket_id].priv_mp == NULL) {
> > -			char mp_name[RTE_MEMPOOL_NAMESIZE];
> > -
> > -			snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> > -				"priv_sess_mp_%u", socket_id);
> > -
> > -			session_pool_socket[socket_id].priv_mp =
> > -					rte_mempool_create(mp_name,
> > -						sessions_needed,
> > -						max_sess_sz,
> > -						0, 0, NULL, NULL, NULL,
> > -						NULL, socket_id,
> > -						0);
> > -
> > -			if (session_pool_socket[socket_id].priv_mp == NULL)
> > {
> > -				printf("Cannot create pool on socket %d\n",
> > -					socket_id);
> > -				return -ENOMEM;
> > -			}
> > -
> > -			printf("Allocated pool \"%s\" on socket %d\n",
> > -				mp_name, socket_id);
> > -		}
> > -
> >  		if (session_pool_socket[socket_id].sess_mp == NULL) {
> >  			char mp_name[RTE_MEMPOOL_NAMESIZE];
> >  			snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
> > @@ -2421,7 +2395,8 @@ initialize_cryptodevs(struct
> l2fwd_crypto_options
> > *options, unsigned nb_ports,
> >
> > 	rte_cryptodev_sym_session_pool_create(
> >  							mp_name,
> >  							sessions_needed,
> > -							0, 0, 0, socket_id);
> > +							max_sess_sz,
> > +							0, 0, socket_id);
> >
> >  			if (session_pool_socket[socket_id].sess_mp == NULL)
> > {
> >  				printf("Cannot create pool on socket %d\n",
> > @@ -2573,8 +2548,6 @@ initialize_cryptodevs(struct
> l2fwd_crypto_options
> > *options, unsigned nb_ports,
> >
> >  		qp_conf.nb_descriptors = 2048;
> >  		qp_conf.mp_session =
> > session_pool_socket[socket_id].sess_mp;
> > -		qp_conf.mp_session_private =
> > -				session_pool_socket[socket_id].priv_mp;
> >
> >  		retval = rte_cryptodev_queue_pair_setup(cdev_id, 0,
> > &qp_conf,
> >  				socket_id);
> > diff --git a/examples/vhost_crypto/main.c
> b/examples/vhost_crypto/main.c
> > index dea7dcbd07..cbb97aaf76 100644
> > --- a/examples/vhost_crypto/main.c
> > +++ b/examples/vhost_crypto/main.c
> > @@ -46,7 +46,6 @@ struct vhost_crypto_info {
> >  	int vids[MAX_NB_SOCKETS];
> >  	uint32_t nb_vids;
> >  	struct rte_mempool *sess_pool;
> > -	struct rte_mempool *sess_priv_pool;
> >  	struct rte_mempool *cop_pool;
> >  	uint8_t cid;
> >  	uint32_t qid;
> > @@ -304,7 +303,6 @@ new_device(int vid)
> >  	}
> >
> >  	ret = rte_vhost_crypto_create(vid, info->cid, info->sess_pool,
> > -			info->sess_priv_pool,
> >  			rte_lcore_to_socket_id(options.los[i].lcore_id));
> >  	if (ret) {
> >  		RTE_LOG(ERR, USER1, "Cannot create vhost crypto\n");
> > @@ -458,7 +456,6 @@ free_resource(void)
> >
> >  		rte_mempool_free(info->cop_pool);
> >  		rte_mempool_free(info->sess_pool);
> > -		rte_mempool_free(info->sess_priv_pool);
> >
> >  		for (j = 0; j < lo->nb_sockets; j++) {
> >  			rte_vhost_driver_unregister(lo->socket_files[i]);
> > @@ -544,16 +541,12 @@ main(int argc, char *argv[])
> >
> >  		snprintf(name, 127, "SESS_POOL_%u", lo->lcore_id);
> >  		info->sess_pool =
> > rte_cryptodev_sym_session_pool_create(name,
> > -				SESSION_MAP_ENTRIES, 0, 0, 0,
> > -				rte_lcore_to_socket_id(lo->lcore_id));
> > -
> > -		snprintf(name, 127, "SESS_POOL_PRIV_%u", lo->lcore_id);
> > -		info->sess_priv_pool = rte_mempool_create(name,
> >  				SESSION_MAP_ENTRIES,
> >
> > 	rte_cryptodev_sym_get_private_session_size(
> > -				info->cid), 64, 0, NULL, NULL, NULL, NULL,
> > -				rte_lcore_to_socket_id(lo->lcore_id), 0);
> > -		if (!info->sess_priv_pool || !info->sess_pool) {
> > +					info->cid), 0, 0,
> > +				rte_lcore_to_socket_id(lo->lcore_id));
> > +
> > +		if (!info->sess_pool) {
> >  			RTE_LOG(ERR, USER1, "Failed to create mempool");
> >  			goto error_exit;
> >  		}
> > @@ -574,7 +567,6 @@ main(int argc, char *argv[])
> >
> >  		qp_conf.nb_descriptors = NB_CRYPTO_DESCRIPTORS;
> >  		qp_conf.mp_session = info->sess_pool;
> > -		qp_conf.mp_session_private = info->sess_priv_pool;
> >
> >  		for (j = 0; j < dev_info.max_nb_queue_pairs; j++) {
> >  			ret = rte_cryptodev_queue_pair_setup(info->cid, j,
> > diff --git a/lib/cryptodev/cryptodev_pmd.h
> > b/lib/cryptodev/cryptodev_pmd.h
> > index ae3aac59ae..d758b3b85d 100644
> > --- a/lib/cryptodev/cryptodev_pmd.h
> > +++ b/lib/cryptodev/cryptodev_pmd.h
> > @@ -242,7 +242,6 @@ typedef unsigned int
> > (*cryptodev_asym_get_session_private_size_t)(
> >   * @param	dev		Crypto device pointer
> >   * @param	xform		Single or chain of crypto xforms
> >   * @param	session		Pointer to cryptodev's private session
> > structure
> > - * @param	mp		Mempool where the private session is
> > allocated
> >   *
> >   * @return
> >   *  - Returns 0 if private session structure have been created successfully.
> > @@ -251,9 +250,7 @@ typedef unsigned int
> > (*cryptodev_asym_get_session_private_size_t)(
> >   *  - Returns -ENOMEM if the private session could not be allocated.
> >   */
> >  typedef int (*cryptodev_sym_configure_session_t)(struct rte_cryptodev
> > *dev,
> > -		struct rte_crypto_sym_xform *xform,
> > -		struct rte_cryptodev_sym_session *session,
> > -		struct rte_mempool *mp);
> > +		struct rte_crypto_sym_xform *xform, void *session);
> >  /**
> >   * Configure a Crypto asymmetric session on a device.
> >   *
> > @@ -279,7 +276,7 @@ typedef int
> > (*cryptodev_asym_configure_session_t)(struct rte_cryptodev *dev,
> >   * @param	sess		Cryptodev session structure
> >   */
> >  typedef void (*cryptodev_sym_free_session_t)(struct rte_cryptodev *dev,
> > -		struct rte_cryptodev_sym_session *sess);
> > +		void *sess);
> >  /**
> >   * Free asymmetric session private data.
> >   *
> > diff --git a/lib/cryptodev/rte_crypto.h b/lib/cryptodev/rte_crypto.h
> > index a864f5036f..200617f623 100644
> > --- a/lib/cryptodev/rte_crypto.h
> > +++ b/lib/cryptodev/rte_crypto.h
> > @@ -420,7 +420,7 @@ rte_crypto_op_sym_xforms_alloc(struct
> > rte_crypto_op *op, uint8_t nb_xforms)
> >   */
> >  static inline int
> >  rte_crypto_op_attach_sym_session(struct rte_crypto_op *op,
> > -		struct rte_cryptodev_sym_session *sess)
> > +		void *sess)
> >  {
> >  	if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))
> >  		return -1;
> > diff --git a/lib/cryptodev/rte_crypto_sym.h
> > b/lib/cryptodev/rte_crypto_sym.h
> > index 58c0724743..848da1942c 100644
> > --- a/lib/cryptodev/rte_crypto_sym.h
> > +++ b/lib/cryptodev/rte_crypto_sym.h
> > @@ -932,7 +932,7 @@ __rte_crypto_sym_op_sym_xforms_alloc(struct
> > rte_crypto_sym_op *sym_op,
> >   */
> >  static inline int
> >  __rte_crypto_sym_op_attach_sym_session(struct rte_crypto_sym_op
> > *sym_op,
> > -		struct rte_cryptodev_sym_session *sess)
> > +		void *sess)
> >  {
> >  	sym_op->session = sess;
> >
> > diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
> > index 9fa3aff1d3..a31cae202a 100644
> > --- a/lib/cryptodev/rte_cryptodev.c
> > +++ b/lib/cryptodev/rte_cryptodev.c
> > @@ -199,6 +199,8 @@ struct
> > rte_cryptodev_sym_session_pool_private_data {
> >  	/**< number of elements in sess_data array */
> >  	uint16_t user_data_sz;
> >  	/**< session user data will be placed after sess_data */
> > +	uint16_t sess_priv_sz;
> > +	/**< session user data will be placed after sess_data */
> >  };
> >
> >  int
> > @@ -1223,8 +1225,7 @@ rte_cryptodev_queue_pair_setup(uint8_t
> dev_id,
> > uint16_t queue_pair_id,
> >  		return -EINVAL;
> >  	}
> >
> > -	if ((qp_conf->mp_session && !qp_conf->mp_session_private) ||
> > -			(!qp_conf->mp_session && qp_conf-
> > >mp_session_private)) {
> > +	if (!qp_conf->mp_session) {
> >  		CDEV_LOG_ERR("Invalid mempools\n");
> >  		return -EINVAL;
> >  	}
> > @@ -1232,7 +1233,6 @@ rte_cryptodev_queue_pair_setup(uint8_t
> dev_id,
> > uint16_t queue_pair_id,
> >  	if (qp_conf->mp_session) {
> >  		struct rte_cryptodev_sym_session_pool_private_data
> > *pool_priv;
> >  		uint32_t obj_size = qp_conf->mp_session->elt_size;
> > -		uint32_t obj_priv_size = qp_conf->mp_session_private-
> > >elt_size;
> >  		struct rte_cryptodev_sym_session s = {0};
> >
> >  		pool_priv = rte_mempool_get_priv(qp_conf->mp_session);
> > @@ -1244,11 +1244,11 @@ rte_cryptodev_queue_pair_setup(uint8_t
> > dev_id, uint16_t queue_pair_id,
> >
> >  		s.nb_drivers = pool_priv->nb_drivers;
> >  		s.user_data_sz = pool_priv->user_data_sz;
> > +		s.priv_sz = pool_priv->sess_priv_sz;
> >
> > -		if
> > ((rte_cryptodev_sym_get_existing_header_session_size(&s) >
> > -			obj_size) || (s.nb_drivers <= dev->driver_id) ||
> > -
> > 	rte_cryptodev_sym_get_private_session_size(dev_id) >
> > -				obj_priv_size) {
> > +		if
> > (((rte_cryptodev_sym_get_existing_header_session_size(&s) +
> > +				(s.nb_drivers * s.priv_sz)) > obj_size) ||
> > +				(s.nb_drivers <= dev->driver_id)) {
> >  			CDEV_LOG_ERR("Invalid mempool\n");
> >  			return -EINVAL;
> >  		}
> > @@ -1710,11 +1710,11 @@ rte_cryptodev_pmd_callback_process(struct
> > rte_cryptodev *dev,
> >
> >  int
> >  rte_cryptodev_sym_session_init(uint8_t dev_id,
> > -		struct rte_cryptodev_sym_session *sess,
> > -		struct rte_crypto_sym_xform *xforms,
> > -		struct rte_mempool *mp)
> > +		void *sess_opaque,
> > +		struct rte_crypto_sym_xform *xforms)
> >  {
> >  	struct rte_cryptodev *dev;
> > +	struct rte_cryptodev_sym_session *sess = sess_opaque;
> >  	uint32_t sess_priv_sz =
> > rte_cryptodev_sym_get_private_session_size(
> >  			dev_id);
> >  	uint8_t index;
> > @@ -1727,10 +1727,10 @@ rte_cryptodev_sym_session_init(uint8_t
> dev_id,
> >
> >  	dev = rte_cryptodev_pmd_get_dev(dev_id);
> >
> > -	if (sess == NULL || xforms == NULL || dev == NULL || mp == NULL)
> > +	if (sess == NULL || xforms == NULL || dev == NULL)
> >  		return -EINVAL;
> >
> > -	if (mp->elt_size < sess_priv_sz)
> > +	if (sess->priv_sz < sess_priv_sz)
> >  		return -EINVAL;
> >
> >  	index = dev->driver_id;
> > @@ -1740,8 +1740,11 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
> >  	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops-
> > >sym_session_configure, -ENOTSUP);
> >
> >  	if (sess->sess_data[index].refcnt == 0) {
> > +		sess->sess_data[index].data = (void *)((uint8_t *)sess +
> > +
> > 	rte_cryptodev_sym_get_header_session_size() +
> > +				(index * sess->priv_sz));
> >  		ret = dev->dev_ops->sym_session_configure(dev, xforms,
> > -							sess, mp);
> > +				sess->sess_data[index].data);
> >  		if (ret < 0) {
> >  			CDEV_LOG_ERR(
> >  				"dev_id %d failed to configure session
> > details",
> > @@ -1750,7 +1753,7 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
> >  		}
> >  	}
> >
> > -	rte_cryptodev_trace_sym_session_init(dev_id, sess, xforms, mp);
> > +	rte_cryptodev_trace_sym_session_init(dev_id, sess, xforms);
> >  	sess->sess_data[index].refcnt++;
> >  	return 0;
> >  }
> > @@ -1795,6 +1798,21 @@ rte_cryptodev_asym_session_init(uint8_t
> dev_id,
> >  	rte_cryptodev_trace_asym_session_init(dev_id, sess, xforms, mp);
> >  	return 0;
> >  }
> > +static size_t
> > +get_max_sym_sess_priv_sz(void)
> > +{
> > +	size_t max_sz, sz;
> > +	int16_t cdev_id, n;
> > +
> > +	max_sz = 0;
> > +	n =  rte_cryptodev_count();
> > +	for (cdev_id = 0; cdev_id != n; cdev_id++) {
> > +		sz = rte_cryptodev_sym_get_private_session_size(cdev_id);
> > +		if (sz > max_sz)
> > +			max_sz = sz;
> > +	}
> > +	return max_sz;
> > +}
> >
> >  struct rte_mempool *
> >  rte_cryptodev_sym_session_pool_create(const char *name, uint32_t
> > nb_elts,
> > @@ -1804,15 +1822,15 @@
> rte_cryptodev_sym_session_pool_create(const
> > char *name, uint32_t nb_elts,
> >  	struct rte_mempool *mp;
> >  	struct rte_cryptodev_sym_session_pool_private_data *pool_priv;
> >  	uint32_t obj_sz;
> > +	uint32_t sess_priv_sz = get_max_sym_sess_priv_sz();
> >
> >  	obj_sz = rte_cryptodev_sym_get_header_session_size() +
> > user_data_size;
> > -	if (obj_sz > elt_size)
> > +	if (elt_size < obj_sz + (sess_priv_sz * nb_drivers)) {
> >  		CDEV_LOG_INFO("elt_size %u is expanded to %u\n",
> > elt_size,
> > -				obj_sz);
> > -	else
> > -		obj_sz = elt_size;
> > -
> > -	mp = rte_mempool_create(name, nb_elts, obj_sz, cache_size,
> > +				obj_sz + (sess_priv_sz * nb_drivers));
> > +		elt_size = obj_sz + (sess_priv_sz * nb_drivers);
> > +	}
> > +	mp = rte_mempool_create(name, nb_elts, elt_size, cache_size,
> >  			(uint32_t)(sizeof(*pool_priv)),
> >  			NULL, NULL, NULL, NULL,
> >  			socket_id, 0);
> > @@ -1832,6 +1850,7 @@ rte_cryptodev_sym_session_pool_create(const
> > char *name, uint32_t nb_elts,
> >
> >  	pool_priv->nb_drivers = nb_drivers;
> >  	pool_priv->user_data_sz = user_data_size;
> > +	pool_priv->sess_priv_sz = sess_priv_sz;
> >
> >  	rte_cryptodev_trace_sym_session_pool_create(name, nb_elts,
> >  		elt_size, cache_size, user_data_size, mp);
> > @@ -1865,7 +1884,7 @@ rte_cryptodev_sym_is_valid_session_pool(struct
> > rte_mempool *mp)
> >  	return 1;
> >  }
> >
> > -struct rte_cryptodev_sym_session *
> > +void *
> >  rte_cryptodev_sym_session_create(struct rte_mempool *mp)
> >  {
> >  	struct rte_cryptodev_sym_session *sess;
> > @@ -1886,6 +1905,7 @@ rte_cryptodev_sym_session_create(struct
> > rte_mempool *mp)
> >
> >  	sess->nb_drivers = pool_priv->nb_drivers;
> >  	sess->user_data_sz = pool_priv->user_data_sz;
> > +	sess->priv_sz = pool_priv->sess_priv_sz;
> >  	sess->opaque_data = 0;
> >
> >  	/* Clear device session pointer.
> > @@ -1895,7 +1915,7 @@ rte_cryptodev_sym_session_create(struct
> > rte_mempool *mp)
> >  			rte_cryptodev_sym_session_data_size(sess));
> >
> >  	rte_cryptodev_trace_sym_session_create(mp, sess);
> > -	return sess;
> > +	return (void *)sess;
> >  }
> >
> >  struct rte_cryptodev_asym_session *
> > @@ -1933,9 +1953,9 @@ rte_cryptodev_asym_session_create(struct
> > rte_mempool *mp)
> >  }
> >
> >  int
> > -rte_cryptodev_sym_session_clear(uint8_t dev_id,
> > -		struct rte_cryptodev_sym_session *sess)
> > +rte_cryptodev_sym_session_clear(uint8_t dev_id, void *s)
> >  {
> > +	struct rte_cryptodev_sym_session *sess = s;
> >  	struct rte_cryptodev *dev;
> >  	uint8_t driver_id;
> >
> > @@ -1957,7 +1977,7 @@ rte_cryptodev_sym_session_clear(uint8_t
> dev_id,
> >
> >  	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->sym_session_clear,
> > -ENOTSUP);
> >
> > -	dev->dev_ops->sym_session_clear(dev, sess);
> > +	dev->dev_ops->sym_session_clear(dev, sess-
> > >sess_data[driver_id].data);
> >
> >  	rte_cryptodev_trace_sym_session_clear(dev_id, sess);
> >  	return 0;
> > @@ -1988,10 +2008,11 @@ rte_cryptodev_asym_session_clear(uint8_t
> > dev_id,
> >  }
> >
> >  int
> > -rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess)
> > +rte_cryptodev_sym_session_free(void *s)
> >  {
> >  	uint8_t i;
> >  	struct rte_mempool *sess_mp;
> > +	struct rte_cryptodev_sym_session *sess = s;
> >
> >  	if (sess == NULL)
> >  		return -EINVAL;
> > diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
> > index bb01f0f195..25af6fa7b9 100644
> > --- a/lib/cryptodev/rte_cryptodev.h
> > +++ b/lib/cryptodev/rte_cryptodev.h
> > @@ -537,8 +537,6 @@ struct rte_cryptodev_qp_conf {
> >  	uint32_t nb_descriptors; /**< Number of descriptors per queue pair
> > */
> >  	struct rte_mempool *mp_session;
> >  	/**< The mempool for creating session in sessionless mode */
> > -	struct rte_mempool *mp_session_private;
> > -	/**< The mempool for creating sess private data in sessionless mode
> > */
> >  };
> >
> >  /**
> > @@ -1126,6 +1124,8 @@ struct rte_cryptodev_sym_session {
> >  	/**< number of elements in sess_data array */
> >  	uint16_t user_data_sz;
> >  	/**< session user data will be placed after sess_data */
> > +	uint16_t priv_sz;
> > +	/**< Maximum private session data size which each driver can use */
> >  	__extension__ struct {
> >  		void *data;
> >  		uint16_t refcnt;
> > @@ -1177,10 +1177,10 @@
> rte_cryptodev_sym_session_pool_create(const
> > char *name, uint32_t nb_elts,
> >   * @param   mempool    Symmetric session mempool to allocate session
> >   *                     objects from
> >   * @return
> > - *  - On success return pointer to sym-session
> > + *  - On success return opaque pointer to sym-session
> >   *  - On failure returns NULL
> >   */
> > -struct rte_cryptodev_sym_session *
> > +void *
> >  rte_cryptodev_sym_session_create(struct rte_mempool *mempool);
> >
> >  /**
> > @@ -1209,7 +1209,7 @@ rte_cryptodev_asym_session_create(struct
> > rte_mempool *mempool);
> >   *  - -EBUSY if not all device private data has been freed.
> >   */
> >  int
> > -rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session
> > *sess);
> > +rte_cryptodev_sym_session_free(void *sess);
> >
> >  /**
> >   * Frees asymmetric crypto session header, after checking that all
> > @@ -1229,25 +1229,23 @@ rte_cryptodev_asym_session_free(struct
> > rte_cryptodev_asym_session *sess);
> >
> >  /**
> >   * Fill out private data for the device id, based on its device type.
> > + * Memory for private data is already allocated in sess, driver need
> > + * to fill the content.
> >   *
> >   * @param   dev_id   ID of device that we want the session to be used on
> >   * @param   sess     Session where the private data will be attached to
> >   * @param   xforms   Symmetric crypto transform operations to apply on
> > flow
> >   *                   processed with this session
> > - * @param   mempool  Mempool where the private data is allocated.
> >   *
> >   * @return
> >   *  - On success, zero.
> >   *  - -EINVAL if input parameters are invalid.
> >   *  - -ENOTSUP if crypto device does not support the crypto transform or
> >   *    does not support symmetric operations.
> > - *  - -ENOMEM if the private session could not be allocated.
> >   */
> >  int
> > -rte_cryptodev_sym_session_init(uint8_t dev_id,
> > -			struct rte_cryptodev_sym_session *sess,
> > -			struct rte_crypto_sym_xform *xforms,
> > -			struct rte_mempool *mempool);
> > +rte_cryptodev_sym_session_init(uint8_t dev_id, void *sess,
> > +			struct rte_crypto_sym_xform *xforms);
> >
> >  /**
> >   * Initialize asymmetric session on a device with specific asymmetric xform
> > @@ -1286,8 +1284,7 @@ rte_cryptodev_asym_session_init(uint8_t dev_id,
> >   *  - -ENOTSUP if crypto device does not support symmetric operations.
> >   */
> >  int
> > -rte_cryptodev_sym_session_clear(uint8_t dev_id,
> > -			struct rte_cryptodev_sym_session *sess);
> > +rte_cryptodev_sym_session_clear(uint8_t dev_id, void *sess);
> >
> >  /**
> >   * Frees resources held by asymmetric session during
> > rte_cryptodev_session_init
> > diff --git a/lib/cryptodev/rte_cryptodev_trace.h
> > b/lib/cryptodev/rte_cryptodev_trace.h
> > index d1f4f069a3..44da04c425 100644
> > --- a/lib/cryptodev/rte_cryptodev_trace.h
> > +++ b/lib/cryptodev/rte_cryptodev_trace.h
> > @@ -56,7 +56,6 @@ RTE_TRACE_POINT(
> >  	rte_trace_point_emit_u16(queue_pair_id);
> >  	rte_trace_point_emit_u32(conf->nb_descriptors);
> >  	rte_trace_point_emit_ptr(conf->mp_session);
> > -	rte_trace_point_emit_ptr(conf->mp_session_private);
> >  )
> >
> >  RTE_TRACE_POINT(
> > @@ -106,15 +105,13 @@ RTE_TRACE_POINT(
> >  RTE_TRACE_POINT(
> >  	rte_cryptodev_trace_sym_session_init,
> >  	RTE_TRACE_POINT_ARGS(uint8_t dev_id,
> > -		struct rte_cryptodev_sym_session *sess, void *xforms,
> > -		void *mempool),
> > +		struct rte_cryptodev_sym_session *sess, void *xforms),
> >  	rte_trace_point_emit_u8(dev_id);
> >  	rte_trace_point_emit_ptr(sess);
> >  	rte_trace_point_emit_u64(sess->opaque_data);
> >  	rte_trace_point_emit_u16(sess->nb_drivers);
> >  	rte_trace_point_emit_u16(sess->user_data_sz);
> >  	rte_trace_point_emit_ptr(xforms);
> > -	rte_trace_point_emit_ptr(mempool);
> >  )
> >
> >  RTE_TRACE_POINT(
> > diff --git a/lib/pipeline/rte_table_action.c b/lib/pipeline/rte_table_action.c
> > index ad7904c0ee..efdba9c899 100644
> > --- a/lib/pipeline/rte_table_action.c
> > +++ b/lib/pipeline/rte_table_action.c
> > @@ -1719,7 +1719,7 @@ struct sym_crypto_data {
> >  	uint16_t op_mask;
> >
> >  	/** Session pointer. */
> > -	struct rte_cryptodev_sym_session *session;
> > +	void *session;
> >
> >  	/** Direction of crypto, encrypt or decrypt */
> >  	uint16_t direction;
> > @@ -1780,7 +1780,7 @@ sym_crypto_apply(struct sym_crypto_data
> *data,
> >  	const struct rte_crypto_auth_xform *auth_xform = NULL;
> >  	const struct rte_crypto_aead_xform *aead_xform = NULL;
> >  	struct rte_crypto_sym_xform *xform = p->xform;
> > -	struct rte_cryptodev_sym_session *session;
> > +	void *session;
> >  	int ret;
> >
> >  	memset(data, 0, sizeof(*data));
> > @@ -1905,7 +1905,7 @@ sym_crypto_apply(struct sym_crypto_data
> *data,
> >  		return -ENOMEM;
> >
> >  	ret = rte_cryptodev_sym_session_init(cfg->cryptodev_id, session,
> > -			p->xform, cfg->mp_init);
> > +			p->xform);
> >  	if (ret < 0) {
> >  		rte_cryptodev_sym_session_free(session);
> >  		return ret;
> > @@ -2858,7 +2858,7 @@ rte_table_action_time_read(struct
> > rte_table_action *action,
> >  	return 0;
> >  }
> >
> > -struct rte_cryptodev_sym_session *
> > +void *
> >  rte_table_action_crypto_sym_session_get(struct rte_table_action *action,
> >  	void *data)
> >  {
> > diff --git a/lib/pipeline/rte_table_action.h b/lib/pipeline/rte_table_action.h
> > index 82bc9d9ac9..68db453a8b 100644
> > --- a/lib/pipeline/rte_table_action.h
> > +++ b/lib/pipeline/rte_table_action.h
> > @@ -1129,7 +1129,7 @@ rte_table_action_time_read(struct
> > rte_table_action *action,
> >   *   The pointer to the session on success, NULL otherwise.
> >   */
> >  __rte_experimental
> > -struct rte_cryptodev_sym_session *
> > +void *
> >  rte_table_action_crypto_sym_session_get(struct rte_table_action *action,
> >  	void *data);
> >
> > diff --git a/lib/vhost/rte_vhost_crypto.h b/lib/vhost/rte_vhost_crypto.h
> > index f54d731139..d9b7beed9c 100644
> > --- a/lib/vhost/rte_vhost_crypto.h
> > +++ b/lib/vhost/rte_vhost_crypto.h
> > @@ -50,8 +50,6 @@ rte_vhost_crypto_driver_start(const char *path);
> >   *  multiple Vhost-crypto devices.
> >   * @param sess_pool
> >   *  The pointer to the created cryptodev session pool.
> > - * @param sess_priv_pool
> > - *  The pointer to the created cryptodev session private data mempool.
> >   * @param socket_id
> >   *  NUMA Socket ID to allocate resources on. *
> >   * @return
> > @@ -61,7 +59,6 @@ rte_vhost_crypto_driver_start(const char *path);
> >  int
> >  rte_vhost_crypto_create(int vid, uint8_t cryptodev_id,
> >  		struct rte_mempool *sess_pool,
> > -		struct rte_mempool *sess_priv_pool,
> >  		int socket_id);
> >
> >  /**
> > diff --git a/lib/vhost/vhost_crypto.c b/lib/vhost/vhost_crypto.c
> > index 926b5c0bd9..b4464c4253 100644
> > --- a/lib/vhost/vhost_crypto.c
> > +++ b/lib/vhost/vhost_crypto.c
> > @@ -338,7 +338,7 @@ vhost_crypto_create_sess(struct vhost_crypto
> > *vcrypto,
> >  		VhostUserCryptoSessionParam *sess_param)
> >  {
> >  	struct rte_crypto_sym_xform xform1 = {0}, xform2 = {0};
> > -	struct rte_cryptodev_sym_session *session;
> > +	void *session;
> >  	int ret;
> >
> >  	switch (sess_param->op_type) {
> > @@ -383,8 +383,7 @@ vhost_crypto_create_sess(struct vhost_crypto
> > *vcrypto,
> >  		return;
> >  	}
> >
> > -	if (rte_cryptodev_sym_session_init(vcrypto->cid, session, &xform1,
> > -			vcrypto->sess_priv_pool) < 0) {
> > +	if (rte_cryptodev_sym_session_init(vcrypto->cid, session, &xform1)
> > < 0) {
> >  		VC_LOG_ERR("Failed to initialize session");
> >  		sess_param->session_id = -VIRTIO_CRYPTO_ERR;
> >  		return;
> > @@ -1425,7 +1424,6 @@ rte_vhost_crypto_driver_start(const char *path)
> >  int
> >  rte_vhost_crypto_create(int vid, uint8_t cryptodev_id,
> >  		struct rte_mempool *sess_pool,
> > -		struct rte_mempool *sess_priv_pool,
> >  		int socket_id)
> >  {
> >  	struct virtio_net *dev = get_device(vid);
> > @@ -1447,7 +1445,6 @@ rte_vhost_crypto_create(int vid, uint8_t
> > cryptodev_id,
> >  	}
> >
> >  	vcrypto->sess_pool = sess_pool;
> > -	vcrypto->sess_priv_pool = sess_priv_pool;
> >  	vcrypto->cid = cryptodev_id;
> >  	vcrypto->cache_session_id = UINT64_MAX;
> >  	vcrypto->last_session_id = 1;
> > --
> > 2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [dpdk-dev] [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe Akhil Goyal
@ 2021-10-12 12:26   ` Zhang, Roy Fan
  2021-10-12 12:29     ` Akhil Goyal
  0 siblings, 1 reply; 49+ messages in thread
From: Zhang, Roy Fan @ 2021-10-12 12:26 UTC (permalink / raw)
  To: Akhil Goyal, dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj, De Lara Guarch,
	Pablo, Trahe, Fiona, Doherty, Declan, matan, g.singh,
	jianjay.zhou, asomalap, ruifeng.wang, Ananyev, Konstantin,
	Nicolau, Radu, ajit.khaparde, rnagadheeraj, adwivedi, Power,
	Ciara, Jian Wang, Jiawen Wu, Wang, Haiyue

Hi Akhil,

Looks like you commented out ixgbe/txgbe from build in this patch,
but you didn't add them back in in the next patch?

Regards,
Fan

> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Thursday, September 30, 2021 3:50 PM
> To: dev@dpdk.org
> Cc: thomas@monjalon.net; david.marchand@redhat.com;
> hemant.agrawal@nxp.com; anoobj@marvell.com; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>; Trahe, Fiona <fiona.trahe@intel.com>;
> Doherty, Declan <declan.doherty@intel.com>; matan@nvidia.com;
> g.singh@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> jianjay.zhou@huawei.com; asomalap@amd.com; ruifeng.wang@arm.com;
> Ananyev, Konstantin <konstantin.ananyev@intel.com>; Nicolau, Radu
> <radu.nicolau@intel.com>; ajit.khaparde@broadcom.com;
> rnagadheeraj@marvell.com; adwivedi@marvell.com; Power, Ciara
> <ciara.power@intel.com>; Akhil Goyal <gakhil@marvell.com>; Jian Wang
> <jianwang@trustnetic.com>; Jiawen Wu <jiawenwu@trustnetic.com>; Wang,
> Haiyue <haiyue.wang@intel.com>
> Subject: [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe
> 
> The PMDs ixgbe and txgbe are currently making
> rte_security_session private data as constant,
> but they are getting filled inside the API.
> This was feasible as the session_private_data
> and rte_security_session pointers were separate.
> But now these two will be from same memory chunk.
> Hence it cannot use them as const.
> Need help from PMD owners to fix this.
> Cc: Jian Wang <jianwang@trustnetic.com>
> Cc: Jiawen Wu <jiawenwu@trustnetic.com>
> Cc: Haiyue Wang <haiyue.wang@intel.com>
> Cc: Fan Zhang <roy.fan.zhang@intel.com>
> 
> Signed-off-by: Akhil Goyal <gakhil@marvell.com>
> ---
>  drivers/net/meson.build | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/net/meson.build b/drivers/net/meson.build
> index bcf488f203..4c0cd50cd5 100644
> --- a/drivers/net/meson.build
> +++ b/drivers/net/meson.build
> @@ -30,7 +30,7 @@ drivers = [
>          'igc',
>          'ionic',
>          'ipn3ke',
> -        'ixgbe',
> +	#        'ixgbe',
>          'kni',
>          'liquidio',
>          'memif',
> @@ -55,7 +55,7 @@ drivers = [
>          'szedata2',
>          'tap',
>          'thunderx',
> -        'txgbe',
> +#        'txgbe',
>          'vdev_netvsc',
>          'vhost',
>          'virtio',
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [dpdk-dev] [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe
  2021-10-12 12:26   ` Zhang, Roy Fan
@ 2021-10-12 12:29     ` Akhil Goyal
  2021-10-12 13:32       ` Zhang, Roy Fan
  0 siblings, 1 reply; 49+ messages in thread
From: Akhil Goyal @ 2021-10-12 12:29 UTC (permalink / raw)
  To: Zhang, Roy Fan, dev
  Cc: thomas, david.marchand, hemant.agrawal, Anoob Joseph,
	De Lara Guarch, Pablo, Trahe, Fiona, Doherty, Declan, matan,
	g.singh, jianjay.zhou, asomalap, ruifeng.wang, Ananyev,
	Konstantin, Nicolau, Radu, ajit.khaparde, Nagadheeraj Rottela,
	Ankur Dwivedi, Power, Ciara, Jian Wang, Jiawen Wu, Wang, Haiyue

> Hi Akhil,
> 
> Looks like you commented out ixgbe/txgbe from build in this patch,
> but you didn't add them back in in the next patch?
> 
Yes because these need attention from the maintainer of these drivers.
I mentioned this in the commit log.

^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [dpdk-dev] [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe
  2021-10-12 12:29     ` Akhil Goyal
@ 2021-10-12 13:32       ` Zhang, Roy Fan
  0 siblings, 0 replies; 49+ messages in thread
From: Zhang, Roy Fan @ 2021-10-12 13:32 UTC (permalink / raw)
  To: Akhil Goyal, dev, Nicolau, Radu
  Cc: thomas, david.marchand, hemant.agrawal, Anoob Joseph,
	De Lara Guarch, Pablo, Trahe, Fiona, Doherty, Declan, matan,
	g.singh, jianjay.zhou, asomalap, ruifeng.wang, Ananyev,
	Konstantin, Nicolau, Radu, ajit.khaparde, Nagadheeraj Rottela,
	Ankur Dwivedi, Power, Ciara, Jian Wang, Jiawen Wu, Wang, Haiyue

Adding Radu as a gentle remainder to review the approach.

> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Tuesday, October 12, 2021 1:30 PM
> To: Zhang, Roy Fan <roy.fan.zhang@intel.com>; dev@dpdk.org
> Cc: thomas@monjalon.net; david.marchand@redhat.com;
> hemant.agrawal@nxp.com; Anoob Joseph <anoobj@marvell.com>; De Lara
> Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Trahe, Fiona
> <fiona.trahe@intel.com>; Doherty, Declan <declan.doherty@intel.com>;
> matan@nvidia.com; g.singh@nxp.com; jianjay.zhou@huawei.com;
> asomalap@amd.com; ruifeng.wang@arm.com; Ananyev, Konstantin
> <konstantin.ananyev@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>;
> ajit.khaparde@broadcom.com; Nagadheeraj Rottela
> <rnagadheeraj@marvell.com>; Ankur Dwivedi <adwivedi@marvell.com>;
> Power, Ciara <ciara.power@intel.com>; Jian Wang
> <jianwang@trustnetic.com>; Jiawen Wu <jiawenwu@trustnetic.com>; Wang,
> Haiyue <haiyue.wang@intel.com>
> Subject: RE: [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe
> 
> > Hi Akhil,
> >
> > Looks like you commented out ixgbe/txgbe from build in this patch,
> > but you didn't add them back in in the next patch?
> >
> Yes because these need attention from the maintainer of these drivers.
> I mentioned this in the commit log.

^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework
  2021-09-30 14:50 [dpdk-dev] [PATCH 0/3] crypto/security session framework rework Akhil Goyal
                   ` (2 preceding siblings ...)
  2021-09-30 14:50 ` [dpdk-dev] [PATCH 3/3] cryptodev: rework session framework Akhil Goyal
@ 2021-10-13 19:22 ` Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 1/7] security: rework session framework Akhil Goyal
                     ` (7 more replies)
  3 siblings, 8 replies; 49+ messages in thread
From: Akhil Goyal @ 2021-10-13 19:22 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, haiyue.wang, jiawenwu, jianwang,
	Akhil Goyal

As discussed in last release deprecation notice,
crypto and security session framework are reworked
to reduce the need of two mempool objects and
remove the requirement to expose the rte_security_session
and rte_cryptodev_sym_session structures.
Design methodology is explained in the patch description.

Similar work will need to be done for asymmetric sessions
as well. Asymmetric session need another rework and is
postponed to next release. Since it is still in experimental
stage, we can modify the APIs in next release as well.

The patches are compilable with all affected PMDs
and tested with dpdk-test and ipsec-secgw app on CN9k platform.

Changes in v2:
- Added new parameter iova in PMD session configure APIs for
  session priv pointer to be used in QAT/CNXK/etc PMDs.
- Hide rte_cryptodev_sym_session and rte_security_session structs.
- Added compilation workaround for net PMDs(ixgbe/txgbe)
  for inline ipsec.
  Patches with actual fix is beynd the scope of this patchset.
- Added inline APIs to access the opaque data and fast metadata.
- Remove commented code.
TODO
- Release notes/deprecation notice removal.
- Documentation updates.
- Asym APIs - postponed for next release.

Akhil Goyal (7):
  security: rework session framework
  security: hide security session struct
  net/cnxk: rework security session framework
  security: pass session iova in PMD sess create
  cryptodev: rework session framework
  cryptodev: hide sym session structure
  cryptodev: pass session iova in configure session

 app/test-crypto-perf/cperf.h                  |   1 -
 app/test-crypto-perf/cperf_ops.c              |  46 ++--
 app/test-crypto-perf/cperf_ops.h              |   6 +-
 app/test-crypto-perf/cperf_test_latency.c     |   5 +-
 app/test-crypto-perf/cperf_test_latency.h     |   1 -
 .../cperf_test_pmd_cyclecount.c               |   7 +-
 .../cperf_test_pmd_cyclecount.h               |   1 -
 app/test-crypto-perf/cperf_test_throughput.c  |   5 +-
 app/test-crypto-perf/cperf_test_throughput.h  |   1 -
 app/test-crypto-perf/cperf_test_verify.c      |   5 +-
 app/test-crypto-perf/cperf_test_verify.h      |   1 -
 app/test-crypto-perf/main.c                   |  29 +--
 app/test/test_cryptodev.c                     | 147 ++++---------
 app/test/test_cryptodev.h                     |   1 -
 app/test/test_cryptodev_asym.c                |   1 -
 app/test/test_cryptodev_blockcipher.c         |   6 +-
 app/test/test_event_crypto_adapter.c          |  28 +--
 app/test/test_ipsec.c                         |  34 +--
 app/test/test_ipsec_perf.c                    |   4 +-
 app/test/test_security.c                      | 196 ++++--------------
 drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c  |  33 +--
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c    |   5 +-
 .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  65 ++----
 drivers/crypto/armv8/rte_armv8_pmd_ops.c      |  34 +--
 drivers/crypto/bcmfs/bcmfs_sym_session.c      |  36 +---
 drivers/crypto/bcmfs/bcmfs_sym_session.h      |   6 +-
 drivers/crypto/caam_jr/caam_jr.c              |  65 ++----
 drivers/crypto/ccp/ccp_pmd_ops.c              |  32 +--
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |  24 +--
 drivers/crypto/cnxk/cn10k_ipsec.c             |  53 +----
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |  20 +-
 drivers/crypto/cnxk/cn9k_ipsec.c              |  75 +++----
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c      |  61 ++----
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h      |  14 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  69 ++----
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  67 ++----
 drivers/crypto/kasumi/rte_kasumi_pmd_ops.c    |  34 +--
 drivers/crypto/mlx5/mlx5_crypto.c             |  25 +--
 drivers/crypto/mvsam/rte_mrvl_pmd.c           |   3 +-
 drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  48 +----
 drivers/crypto/nitrox/nitrox_sym.c            |  33 +--
 drivers/crypto/null/null_crypto_pmd_ops.c     |  34 +--
 .../crypto/octeontx/otx_cryptodev_hw_access.h |   1 -
 drivers/crypto/octeontx/otx_cryptodev_ops.c   |  68 +++---
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  63 +++---
 .../octeontx2/otx2_cryptodev_ops_helper.h     |  16 +-
 drivers/crypto/octeontx2/otx2_cryptodev_sec.c |  77 +++----
 drivers/crypto/openssl/rte_openssl_pmd_ops.c  |  35 +---
 drivers/crypto/qat/qat_sym.c                  |   3 +-
 drivers/crypto/qat/qat_sym.h                  |   8 +-
 drivers/crypto/qat/qat_sym_session.c          |  66 ++----
 drivers/crypto/qat/qat_sym_session.h          |  14 +-
 drivers/crypto/scheduler/scheduler_pmd_ops.c  |  10 +-
 drivers/crypto/snow3g/rte_snow3g_pmd_ops.c    |  34 +--
 drivers/crypto/virtio/virtio_cryptodev.c      |  32 +--
 drivers/crypto/zuc/rte_zuc_pmd_ops.c          |  35 +---
 .../octeontx2/otx2_evdev_crypto_adptr_rx.h    |   3 +-
 drivers/net/cnxk/cn10k_ethdev_sec.c           |  64 +++---
 drivers/net/cnxk/cn9k_ethdev_sec.c            |  59 ++----
 drivers/net/cnxk/cnxk_ethdev.c                |   6 +-
 drivers/net/cnxk/cnxk_ethdev.h                |   6 -
 drivers/net/cnxk/cnxk_ethdev_sec.c            |  21 --
 drivers/net/ixgbe/ixgbe_ipsec.c               |  38 +---
 drivers/net/octeontx2/otx2_ethdev_sec.c       |  52 ++---
 drivers/net/octeontx2/otx2_ethdev_sec_tx.h    |   2 +-
 drivers/net/txgbe/txgbe_ipsec.c               |  38 +---
 examples/fips_validation/fips_dev_self_test.c |  32 +--
 examples/fips_validation/main.c               |  20 +-
 examples/ipsec-secgw/ipsec-secgw.c            |  40 ----
 examples/ipsec-secgw/ipsec.c                  |  12 +-
 examples/ipsec-secgw/ipsec.h                  |   1 -
 examples/ipsec-secgw/ipsec_worker.c           |   4 -
 examples/l2fwd-crypto/main.c                  |  41 +---
 examples/vhost_crypto/main.c                  |  16 +-
 lib/cryptodev/cryptodev_pmd.h                 |  33 ++-
 lib/cryptodev/rte_crypto.h                    |   2 +-
 lib/cryptodev/rte_crypto_sym.h                |   2 +-
 lib/cryptodev/rte_cryptodev.c                 |  88 +++++---
 lib/cryptodev/rte_cryptodev.h                 |  70 +++----
 lib/cryptodev/rte_cryptodev_trace.h           |  16 +-
 lib/ipsec/rte_ipsec.h                         |   4 +-
 lib/ipsec/rte_ipsec_group.h                   |  13 +-
 lib/ipsec/ses.c                               |   6 +-
 lib/pipeline/rte_table_action.c               |   8 +-
 lib/pipeline/rte_table_action.h               |   2 +-
 lib/security/rte_security.c                   |  32 +--
 lib/security/rte_security.h                   |  85 +++++---
 lib/security/rte_security_driver.h            |  31 ++-
 lib/vhost/rte_vhost_crypto.h                  |   3 -
 lib/vhost/vhost_crypto.c                      |   7 +-
 90 files changed, 816 insertions(+), 1864 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH v2 1/7] security: rework session framework
  2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework Akhil Goyal
@ 2021-10-13 19:22   ` Akhil Goyal
  2021-10-18 21:34     ` [dpdk-dev] [PATCH v3 0/8] crypto/security session framework rework Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 2/7] security: hide security session struct Akhil Goyal
                     ` (6 subsequent siblings)
  7 siblings, 1 reply; 49+ messages in thread
From: Akhil Goyal @ 2021-10-13 19:22 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, haiyue.wang, jiawenwu, jianwang,
	Akhil Goyal

As per current design, rte_security_session_create()
unnecesarily use 2 mempool objects for a single session.
And structure rte_security_session is not directly used
by the application, it may cause ABI breakage if the structure
is modified in future.

To address these two issues, the API will now take only 1 mempool
object instead of 2 and return a void pointer directly
to the session private data. With this change, the library layer
will get the object from mempool and pass session_private_data
to the PMD for filling the PMD data.
Since set and get pkt metadata for security sessions are now
made inline for Inline crypto/proto mode, a new member fast_mdata
is added to the rte_security_session.
To access opaque data and fast_mdata will be accessed via inline
APIs which can do pointer manipulations inside library from
session_private_data pointer coming from application.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test-crypto-perf/cperf_ops.c              |  13 +-
 .../cperf_test_pmd_cyclecount.c               |   2 +-
 app/test/test_cryptodev.c                     |  17 +-
 app/test/test_ipsec.c                         |  11 +-
 app/test/test_security.c                      | 193 ++++--------------
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c    |   5 +-
 .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  30 +--
 drivers/crypto/caam_jr/caam_jr.c              |  32 +--
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |   6 +-
 drivers/crypto/cnxk/cn10k_ipsec.c             |  53 +----
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |   2 +-
 drivers/crypto/cnxk/cn9k_ipsec.c              |  50 +----
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  39 +---
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  34 +--
 drivers/crypto/mvsam/rte_mrvl_pmd.c           |   3 +-
 drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  11 +-
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c |   2 +-
 drivers/crypto/octeontx2/otx2_cryptodev_sec.c |  54 +----
 drivers/crypto/qat/qat_sym.c                  |   3 +-
 drivers/crypto/qat/qat_sym.h                  |   8 +-
 drivers/crypto/qat/qat_sym_session.c          |  21 +-
 drivers/crypto/qat/qat_sym_session.h          |   4 +-
 drivers/net/ixgbe/ixgbe_ipsec.c               |  38 +---
 drivers/net/meson.build                       |   2 +-
 drivers/net/octeontx2/otx2_ethdev_sec.c       |  51 ++---
 drivers/net/octeontx2/otx2_ethdev_sec_tx.h    |   2 +-
 drivers/net/txgbe/txgbe_ipsec.c               |  38 +---
 examples/ipsec-secgw/ipsec.c                  |   9 +-
 lib/security/rte_security.c                   |  28 +--
 lib/security/rte_security.h                   |  41 ++--
 lib/security/rte_security_driver.h            |  16 +-
 31 files changed, 203 insertions(+), 615 deletions(-)

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 263841c339..6c3aa77dec 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -67,8 +67,6 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
 
 	for (i = 0; i < nb_ops; i++) {
 		struct rte_crypto_sym_op *sym_op = ops[i]->sym;
-		struct rte_security_session *sec_sess =
-			(struct rte_security_session *)sess;
 		uint32_t buf_sz;
 
 		uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ops[i],
@@ -76,7 +74,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
 		*per_pkt_hfn = options->pdcp_ses_hfn_en ? 0 : PDCP_DEFAULT_HFN;
 
 		ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
-		rte_security_attach_session(ops[i], sec_sess);
+		rte_security_attach_session(ops[i], (void *)sess);
 		sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] +
 							src_buf_offset);
 
@@ -608,7 +606,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 
 static struct rte_cryptodev_sym_session *
 create_ipsec_session(struct rte_mempool *sess_mp,
-		struct rte_mempool *priv_mp,
 		uint8_t dev_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -720,7 +717,7 @@ create_ipsec_session(struct rte_mempool *sess_mp,
 
 	/* Create security session */
 	return (void *)rte_security_session_create(ctx,
-				&sess_conf, sess_mp, priv_mp);
+				&sess_conf, sess_mp);
 }
 
 static struct rte_cryptodev_sym_session *
@@ -831,11 +828,11 @@ cperf_create_session(struct rte_mempool *sess_mp,
 
 		/* Create security session */
 		return (void *)rte_security_session_create(ctx,
-					&sess_conf, sess_mp, priv_mp);
+					&sess_conf, sess_mp);
 	}
 
 	if (options->op_type == CPERF_IPSEC) {
-		return create_ipsec_session(sess_mp, priv_mp, dev_id,
+		return create_ipsec_session(sess_mp, dev_id,
 				options, test_vector, iv_offset);
 	}
 
@@ -880,7 +877,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 
 		/* Create security session */
 		return (void *)rte_security_session_create(ctx,
-					&sess_conf, sess_mp, priv_mp);
+					&sess_conf, sess_mp);
 	}
 #endif
 	sess = rte_cryptodev_sym_session_create(sess_mp);
diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
index fda97e8ab9..e43e2a3b96 100644
--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
@@ -70,7 +70,7 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)
 				(struct rte_security_ctx *)
 				rte_cryptodev_get_sec_ctx(ctx->dev_id);
 			rte_security_session_destroy(sec_ctx,
-				(struct rte_security_session *)ctx->sess);
+				(void *)ctx->sess);
 		} else
 #endif
 		{
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 65b64e1af0..79019eb766 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -83,7 +83,7 @@ struct crypto_unittest_params {
 	union {
 		struct rte_cryptodev_sym_session *sess;
 #ifdef RTE_LIB_SECURITY
-		struct rte_security_session *sec_session;
+		void *sec_session;
 #endif
 	};
 #ifdef RTE_LIB_SECURITY
@@ -8278,8 +8278,7 @@ static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx,
-				&sess_conf, ts_params->session_mpool,
-				ts_params->session_priv_mpool);
+				&sess_conf, ts_params->session_mpool);
 
 	if (!ut_params->sec_session) {
 		printf("TestCase %s()-%d line %d failed %s: ",
@@ -8539,8 +8538,7 @@ test_pdcp_proto_SGL(int i, int oop,
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx,
-				&sess_conf, ts_params->session_mpool,
-				ts_params->session_priv_mpool);
+				&sess_conf, ts_params->session_mpool);
 
 	if (!ut_params->sec_session) {
 		printf("TestCase %s()-%d line %d failed %s: ",
@@ -9024,8 +9022,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
-					ts_params->session_mpool,
-					ts_params->session_priv_mpool);
+					ts_params->session_mpool);
 
 	if (ut_params->sec_session == NULL)
 		return TEST_SKIPPED;
@@ -9446,8 +9443,7 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td)
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
-					ts_params->session_mpool,
-					ts_params->session_priv_mpool);
+					ts_params->session_mpool);
 
 	if (!ut_params->sec_session) {
 		printf("TestCase %s(%d) line %d: %s\n",
@@ -9622,8 +9618,7 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td)
 
 	/* Create security session */
 	ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
-					ts_params->session_mpool,
-					ts_params->session_priv_mpool);
+					ts_params->session_mpool);
 
 	if (!ut_params->sec_session) {
 		printf("TestCase %s(%d) line %d: %s\n",
diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
index c6d6b88d6d..2ffa2a8e79 100644
--- a/app/test/test_ipsec.c
+++ b/app/test/test_ipsec.c
@@ -148,18 +148,16 @@ const struct supported_auth_algo auth_algos[] = {
 
 static int
 dummy_sec_create(void *device, struct rte_security_session_conf *conf,
-	struct rte_security_session *sess, struct rte_mempool *mp)
+	void *sess)
 {
 	RTE_SET_USED(device);
 	RTE_SET_USED(conf);
-	RTE_SET_USED(mp);
-
-	sess->sess_private_data = NULL;
+	RTE_SET_USED(sess);
 	return 0;
 }
 
 static int
-dummy_sec_destroy(void *device, struct rte_security_session *sess)
+dummy_sec_destroy(void *device, void *sess)
 {
 	RTE_SET_USED(device);
 	RTE_SET_USED(sess);
@@ -631,8 +629,7 @@ create_dummy_sec_session(struct ipsec_unitest_params *ut,
 	static struct rte_security_session_conf conf;
 
 	ut->ss[j].security.ses = rte_security_session_create(&dummy_sec_ctx,
-					&conf, qp->mp_session,
-					qp->mp_session_private);
+					&conf, qp->mp_session);
 
 	if (ut->ss[j].security.ses == NULL)
 		return -ENOMEM;
diff --git a/app/test/test_security.c b/app/test/test_security.c
index 060cf1ffa8..1cea756880 100644
--- a/app/test/test_security.c
+++ b/app/test/test_security.c
@@ -200,25 +200,6 @@
 			expected_mempool_usage, mempool_usage);		\
 } while (0)
 
-/**
- * Verify usage of mempool by checking if number of allocated objects matches
- * expectations. The mempool is used to manage objects for sessions priv data.
- * A single object is acquired from mempool during session_create
- * and put back in session_destroy.
- *
- * @param   expected_priv_mp_usage	expected number of used priv mp objects
- */
-#define TEST_ASSERT_PRIV_MP_USAGE(expected_priv_mp_usage) do {		\
-	struct security_testsuite_params *ts_params = &testsuite_params;\
-	unsigned int priv_mp_usage;					\
-	priv_mp_usage = rte_mempool_in_use_count(			\
-			ts_params->session_priv_mpool);			\
-	TEST_ASSERT_EQUAL(expected_priv_mp_usage, priv_mp_usage,	\
-			"Expecting %u priv mempool allocations, "	\
-			"but there are %u allocated objects",		\
-			expected_priv_mp_usage, priv_mp_usage);		\
-} while (0)
-
 /**
  * Mockup structures and functions for rte_security_ops;
  *
@@ -253,39 +234,28 @@
 static struct mock_session_create_data {
 	void *device;
 	struct rte_security_session_conf *conf;
-	struct rte_security_session *sess;
+	void *sess;
 	struct rte_mempool *mp;
-	struct rte_mempool *priv_mp;
 
 	int ret;
 
 	int called;
 	int failed;
-} mock_session_create_exp = {NULL, NULL, NULL, NULL, NULL, 0, 0, 0};
+} mock_session_create_exp = {NULL, NULL, NULL, NULL, 0, 0, 0};
 
 static int
 mock_session_create(void *device,
 		struct rte_security_session_conf *conf,
-		struct rte_security_session *sess,
-		struct rte_mempool *priv_mp)
+		void *sess)
 {
-	void *sess_priv;
-	int ret;
 
 	mock_session_create_exp.called++;
 
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, device);
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, conf);
-	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, priv_mp);
 
-	if (mock_session_create_exp.ret == 0) {
-		ret = rte_mempool_get(priv_mp, &sess_priv);
-		TEST_ASSERT_EQUAL(0, ret,
-			"priv mempool does not have enough objects");
-
-		set_sec_session_private_data(sess, sess_priv);
+	if (mock_session_create_exp.ret == 0)
 		mock_session_create_exp.sess = sess;
-	}
 
 	return mock_session_create_exp.ret;
 }
@@ -297,7 +267,7 @@ mock_session_create(void *device,
  */
 static struct mock_session_update_data {
 	void *device;
-	struct rte_security_session *sess;
+	void *sess;
 	struct rte_security_session_conf *conf;
 
 	int ret;
@@ -308,7 +278,7 @@ static struct mock_session_update_data {
 
 static int
 mock_session_update(void *device,
-		struct rte_security_session *sess,
+		void *sess,
 		struct rte_security_session_conf *conf)
 {
 	mock_session_update_exp.called++;
@@ -351,7 +321,7 @@ mock_session_get_size(void *device)
  */
 static struct mock_session_stats_get_data {
 	void *device;
-	struct rte_security_session *sess;
+	void *sess;
 	struct rte_security_stats *stats;
 
 	int ret;
@@ -362,7 +332,7 @@ static struct mock_session_stats_get_data {
 
 static int
 mock_session_stats_get(void *device,
-		struct rte_security_session *sess,
+		void *sess,
 		struct rte_security_stats *stats)
 {
 	mock_session_stats_get_exp.called++;
@@ -381,7 +351,7 @@ mock_session_stats_get(void *device,
  */
 static struct mock_session_destroy_data {
 	void *device;
-	struct rte_security_session *sess;
+	void *sess;
 
 	int ret;
 
@@ -390,15 +360,9 @@ static struct mock_session_destroy_data {
 } mock_session_destroy_exp = {NULL, NULL, 0, 0, 0};
 
 static int
-mock_session_destroy(void *device, struct rte_security_session *sess)
+mock_session_destroy(void *device, void *sess)
 {
-	void *sess_priv = get_sec_session_private_data(sess);
-
 	mock_session_destroy_exp.called++;
-	if ((mock_session_destroy_exp.ret == 0) && (sess_priv != NULL)) {
-		rte_mempool_put(rte_mempool_from_obj(sess_priv), sess_priv);
-		set_sec_session_private_data(sess, NULL);
-	}
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, device);
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, sess);
 
@@ -412,7 +376,7 @@ mock_session_destroy(void *device, struct rte_security_session *sess)
  */
 static struct mock_set_pkt_metadata_data {
 	void *device;
-	struct rte_security_session *sess;
+	void *sess;
 	struct rte_mbuf *m;
 	void *params;
 
@@ -424,7 +388,7 @@ static struct mock_set_pkt_metadata_data {
 
 static int
 mock_set_pkt_metadata(void *device,
-		struct rte_security_session *sess,
+		void *sess,
 		struct rte_mbuf *m,
 		void *params)
 {
@@ -536,7 +500,6 @@ struct rte_security_ops mock_ops = {
  */
 static struct security_testsuite_params {
 	struct rte_mempool *session_mpool;
-	struct rte_mempool *session_priv_mpool;
 } testsuite_params = { NULL };
 
 /**
@@ -549,7 +512,7 @@ static struct security_testsuite_params {
 static struct security_unittest_params {
 	struct rte_security_ctx ctx;
 	struct rte_security_session_conf conf;
-	struct rte_security_session *sess;
+	void *sess;
 } unittest_params = {
 	.ctx = {
 		.device = NULL,
@@ -563,7 +526,7 @@ static struct security_unittest_params {
 #define SECURITY_TEST_PRIV_MEMPOOL_NAME "SecurityTestPrivMp"
 #define SECURITY_TEST_MEMPOOL_SIZE 15
 #define SECURITY_TEST_SESSION_OBJ_SZ sizeof(struct rte_security_session)
-#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 64
+#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 1024
 
 /**
  * testsuite_setup initializes whole test suite parameters.
@@ -577,27 +540,13 @@ testsuite_setup(void)
 	ts_params->session_mpool = rte_mempool_create(
 			SECURITY_TEST_MEMPOOL_NAME,
 			SECURITY_TEST_MEMPOOL_SIZE,
-			SECURITY_TEST_SESSION_OBJ_SZ,
+			SECURITY_TEST_SESSION_OBJ_SZ +
+			SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
 			0, 0, NULL, NULL, NULL, NULL,
 			SOCKET_ID_ANY, 0);
 	TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
 			"Cannot create mempool %s\n", rte_strerror(rte_errno));
 
-	ts_params->session_priv_mpool = rte_mempool_create(
-			SECURITY_TEST_PRIV_MEMPOOL_NAME,
-			SECURITY_TEST_MEMPOOL_SIZE,
-			SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
-			0, 0, NULL, NULL, NULL, NULL,
-			SOCKET_ID_ANY, 0);
-	if (ts_params->session_priv_mpool == NULL) {
-		RTE_LOG(ERR, USER1, "TestCase %s() line %d failed (null): "
-				"Cannot create priv mempool %s\n",
-				__func__, __LINE__, rte_strerror(rte_errno));
-		rte_mempool_free(ts_params->session_mpool);
-		ts_params->session_mpool = NULL;
-		return TEST_FAILED;
-	}
-
 	return TEST_SUCCESS;
 }
 
@@ -612,10 +561,6 @@ testsuite_teardown(void)
 		rte_mempool_free(ts_params->session_mpool);
 		ts_params->session_mpool = NULL;
 	}
-	if (ts_params->session_priv_mpool) {
-		rte_mempool_free(ts_params->session_priv_mpool);
-		ts_params->session_priv_mpool = NULL;
-	}
 }
 
 /**
@@ -704,7 +649,7 @@ ut_setup_with_session(void)
 {
 	struct security_unittest_params *ut_params = &unittest_params;
 	struct security_testsuite_params *ts_params = &testsuite_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	int ret = ut_setup();
 	if (ret != TEST_SUCCESS)
@@ -713,12 +658,11 @@ ut_setup_with_session(void)
 	mock_session_create_exp.device = NULL;
 	mock_session_create_exp.conf = &ut_params->conf;
 	mock_session_create_exp.mp = ts_params->session_mpool;
-	mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
 	mock_session_create_exp.ret = 0;
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
+	mock_session_get_size_exp.called = 0;
 	TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
 			sess);
 	TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
@@ -757,16 +701,14 @@ test_session_create_inv_context(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	sess = rte_security_session_create(NULL, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -781,18 +723,16 @@ test_session_create_inv_context_ops(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	ut_params->ctx.ops = NULL;
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -807,18 +747,16 @@ test_session_create_inv_context_ops_fun(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	ut_params->ctx.ops = &empty_ops;
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -832,16 +770,14 @@ test_session_create_inv_configuration(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	sess = rte_security_session_create(&ut_params->ctx, NULL,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -855,39 +791,14 @@ static int
 test_session_create_inv_mempool(void)
 {
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct security_testsuite_params *ts_params = &testsuite_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			NULL, ts_params->session_priv_mpool);
+			NULL);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
-	TEST_ASSERT_SESSION_COUNT(0);
-
-	return TEST_SUCCESS;
-}
-
-/**
- * Test execution of rte_security_session_create with NULL session
- * priv mempool
- */
-static int
-test_session_create_inv_sess_priv_mempool(void)
-{
-	struct security_unittest_params *ut_params = &unittest_params;
-	struct security_testsuite_params *ts_params = &testsuite_params;
-	struct rte_security_session *sess;
-
-	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool, NULL);
-	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
-			sess, NULL, "%p");
-	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
-	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -902,9 +813,8 @@ test_session_create_mempool_empty(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *tmp[SECURITY_TEST_MEMPOOL_SIZE];
-	void *tmp1[SECURITY_TEST_MEMPOOL_SIZE];
-	struct rte_security_session *sess;
+	void *tmp[SECURITY_TEST_MEMPOOL_SIZE];
+	void *sess;
 
 	/* Get all available objects from mempool. */
 	int i, ret;
@@ -914,34 +824,23 @@ test_session_create_mempool_empty(void)
 		TEST_ASSERT_EQUAL(0, ret,
 				"Expect getting %d object from mempool"
 				" to succeed", i);
-		ret = rte_mempool_get(ts_params->session_priv_mpool,
-				(void **)(&tmp1[i]));
-		TEST_ASSERT_EQUAL(0, ret,
-				"Expect getting %d object from priv mempool"
-				" to succeed", i);
 	}
 	TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
-	TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
-	TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	/* Put objects back to the pool. */
 	for (i = 0; i < SECURITY_TEST_MEMPOOL_SIZE; ++i) {
 		rte_mempool_put(ts_params->session_mpool,
 				(void *)(tmp[i]));
-		rte_mempool_put(ts_params->session_priv_mpool,
-				(tmp1[i]));
 	}
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 
 	return TEST_SUCCESS;
 }
@@ -955,22 +854,19 @@ test_session_create_ops_failure(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	mock_session_create_exp.device = NULL;
 	mock_session_create_exp.conf = &ut_params->conf;
 	mock_session_create_exp.mp = ts_params->session_mpool;
-	mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
 	mock_session_create_exp.ret = -1;	/* Return failure status. */
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
 			sess, NULL, "%p");
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	return TEST_SUCCESS;
@@ -984,17 +880,15 @@ test_session_create_success(void)
 {
 	struct security_testsuite_params *ts_params = &testsuite_params;
 	struct security_unittest_params *ut_params = &unittest_params;
-	struct rte_security_session *sess;
+	void *sess;
 
 	mock_session_create_exp.device = NULL;
 	mock_session_create_exp.conf = &ut_params->conf;
 	mock_session_create_exp.mp = ts_params->session_mpool;
-	mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
 	mock_session_create_exp.ret = 0;	/* Return success status. */
 
 	sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
-			ts_params->session_mpool,
-			ts_params->session_priv_mpool);
+			ts_params->session_mpool);
 	TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
 			sess);
 	TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
@@ -1003,7 +897,6 @@ test_session_create_success(void)
 			sess, mock_session_create_exp.sess);
 	TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	/*
@@ -1389,7 +1282,6 @@ test_session_destroy_inv_context(void)
 	struct security_unittest_params *ut_params = &unittest_params;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(NULL, ut_params->sess);
@@ -1397,7 +1289,6 @@ test_session_destroy_inv_context(void)
 			ret, -EINVAL, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1414,7 +1305,6 @@ test_session_destroy_inv_context_ops(void)
 	ut_params->ctx.ops = NULL;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1423,7 +1313,6 @@ test_session_destroy_inv_context_ops(void)
 			ret, -EINVAL, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1440,7 +1329,6 @@ test_session_destroy_inv_context_ops_fun(void)
 	ut_params->ctx.ops = &empty_ops;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1449,7 +1337,6 @@ test_session_destroy_inv_context_ops_fun(void)
 			ret, -ENOTSUP, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1464,7 +1351,6 @@ test_session_destroy_inv_session(void)
 	struct security_unittest_params *ut_params = &unittest_params;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx, NULL);
@@ -1472,7 +1358,6 @@ test_session_destroy_inv_session(void)
 			ret, -EINVAL, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1492,7 +1377,6 @@ test_session_destroy_ops_failure(void)
 	mock_session_destroy_exp.ret = -1;
 
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1501,7 +1385,6 @@ test_session_destroy_ops_failure(void)
 			ret, -1, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	return TEST_SUCCESS;
@@ -1519,7 +1402,6 @@ test_session_destroy_success(void)
 	mock_session_destroy_exp.sess = ut_params->sess;
 	mock_session_destroy_exp.ret = 0;
 	TEST_ASSERT_MEMPOOL_USAGE(1);
-	TEST_ASSERT_PRIV_MP_USAGE(1);
 	TEST_ASSERT_SESSION_COUNT(1);
 
 	int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1528,7 +1410,6 @@ test_session_destroy_success(void)
 			ret, 0, "%d");
 	TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
 	TEST_ASSERT_MEMPOOL_USAGE(0);
-	TEST_ASSERT_PRIV_MP_USAGE(0);
 	TEST_ASSERT_SESSION_COUNT(0);
 
 	/*
@@ -2495,8 +2376,6 @@ static struct unit_test_suite security_testsuite  = {
 				test_session_create_inv_configuration),
 		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_session_create_inv_mempool),
-		TEST_CASE_ST(ut_setup, ut_teardown,
-				test_session_create_inv_sess_priv_mempool),
 		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_session_create_mempool_empty),
 		TEST_CASE_ST(ut_setup, ut_teardown,
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index bbf310166e..e8da9ea9e1 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -1021,8 +1021,7 @@ get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op)
 	} else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
 		if (likely(op->sym->sec_session != NULL))
 			sess = (struct aesni_mb_session *)
-					get_sec_session_private_data(
-						op->sym->sec_session);
+					(op->sym->sec_session);
 #endif
 	} else {
 		void *_sess = rte_cryptodev_sym_session_create(qp->sess_mp);
@@ -1638,7 +1637,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)
 		 * this is for DOCSIS
 		 */
 		is_docsis_sec = 1;
-		sess = get_sec_session_private_data(op->sym->sec_session);
+		sess = (struct aesni_mb_session *)(op->sym->sec_session);
 	} else
 #endif
 	{
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 48a8f91868..39c67e3952 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -1056,10 +1056,8 @@ struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops = &aesni_mb_pmd_ops;
  */
 static int
 aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
-		struct rte_security_session *sess,
-		struct rte_mempool *mempool)
+			     void *sess)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
@@ -1069,40 +1067,22 @@ aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		AESNI_MB_LOG(ERR, "Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,
-			sess_private_data);
-
+	ret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf, sess);
 	if (ret != 0) {
 		AESNI_MB_LOG(ERR, "Failed to configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static int
-aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,
-		struct rte_security_session *sess)
+aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused, void *sess)
 {
-	void *sess_priv = get_sec_session_private_data(sess);
+	if (sess)
+		memset(sess, 0, sizeof(struct aesni_mb_session));
 
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		memset(sess_priv, 0, sizeof(struct aesni_mb_session));
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
 	return 0;
 }
 
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 258750afe7..ce7a100778 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -1361,9 +1361,7 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 					cryptodev_driver_id);
 		break;
 	case RTE_CRYPTO_OP_SECURITY_SESSION:
-		ses = (struct caam_jr_session *)
-			get_sec_session_private_data(
-					op->sym->sec_session);
+		ses = (struct caam_jr_session *)(op->sym->sec_session);
 		break;
 	default:
 		CAAM_JR_DP_ERR("sessionless crypto op not supported");
@@ -1911,22 +1909,14 @@ caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 static int
 caam_jr_security_session_create(void *dev,
 				struct rte_security_session_conf *conf,
-				struct rte_security_session *sess,
-				struct rte_mempool *mempool)
+				void *sess)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CAAM_JR_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	switch (conf->protocol) {
 	case RTE_SECURITY_PROTOCOL_IPSEC:
-		ret = caam_jr_set_ipsec_session(cdev, conf,
-				sess_private_data);
+		ret = caam_jr_set_ipsec_session(cdev, conf, sess);
 		break;
 	case RTE_SECURITY_PROTOCOL_MACSEC:
 		return -ENOTSUP;
@@ -1935,34 +1925,24 @@ caam_jr_security_session_create(void *dev,
 	}
 	if (ret != 0) {
 		CAAM_JR_ERR("failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 /* Clear the memory of session so it doesn't leave key material behind */
 static int
-caam_jr_security_session_destroy(void *dev __rte_unused,
-				 struct rte_security_session *sess)
+caam_jr_security_session_destroy(void *dev __rte_unused, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = get_sec_session_private_data(sess);
 
-	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
-
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+	struct caam_jr_session *s = (struct caam_jr_session *)sess;
 
+	if (sess) {
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 		memset(sess, 0, sizeof(struct caam_jr_session));
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 	return 0;
 }
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index c25c8e67b2..de2eebd507 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -122,8 +122,8 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 
 	if (op->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
 		if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
-			sec_sess = get_sec_session_private_data(
-				sym_op->sec_session);
+			sec_sess = (struct cn10k_sec_session *)
+				(sym_op->sec_session);
 			ret = cpt_sec_inst_fill(op, sec_sess, infl_req,
 						&inst[0]);
 			if (unlikely(ret))
@@ -360,7 +360,7 @@ cn10k_cpt_sec_ucc_process(struct rte_crypto_op *cop,
 	if (!(infl_req->op_flags & CPT_OP_FLAGS_IPSEC_DIR_INBOUND))
 		return;
 
-	sess = get_sec_session_private_data(cop->sym->sec_session);
+	sess = (struct cn10k_sec_session *)(cop->sym->sec_session);
 	sa = &sess->sa;
 
 	mbuf = cop->sym->m_src;
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 27df1dcd64..425fe599e0 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -35,17 +35,15 @@ static int
 cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
 			   struct rte_security_ipsec_xform *ipsec_xfrm,
 			   struct rte_crypto_sym_xform *crypto_xfrm,
-			   struct rte_security_session *sec_sess)
+			   struct cn10k_sec_session *sess)
 {
 	union roc_ot_ipsec_outb_param1 param1;
 	struct roc_ot_ipsec_outb_sa *out_sa;
 	struct cnxk_ipsec_outb_rlens rlens;
-	struct cn10k_sec_session *sess;
 	struct cn10k_ipsec_sa *sa;
 	union cpt_inst_w4 inst_w4;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	out_sa = &sa->out_sa;
 
@@ -114,16 +112,14 @@ static int
 cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,
 			  struct rte_security_ipsec_xform *ipsec_xfrm,
 			  struct rte_crypto_sym_xform *crypto_xfrm,
-			  struct rte_security_session *sec_sess)
+			  struct cn10k_sec_session *sess)
 {
 	union roc_ot_ipsec_inb_param1 param1;
 	struct roc_ot_ipsec_inb_sa *in_sa;
-	struct cn10k_sec_session *sess;
 	struct cn10k_ipsec_sa *sa;
 	union cpt_inst_w4 inst_w4;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	in_sa = &sa->in_sa;
 
@@ -175,7 +171,7 @@ static int
 cn10k_ipsec_session_create(void *dev,
 			   struct rte_security_ipsec_xform *ipsec_xfrm,
 			   struct rte_crypto_sym_xform *crypto_xfrm,
-			   struct rte_security_session *sess)
+			   struct cn10k_sec_session *sess)
 {
 	struct rte_cryptodev *crypto_dev = dev;
 	struct roc_cpt *roc_cpt;
@@ -204,55 +200,28 @@ cn10k_ipsec_session_create(void *dev,
 
 static int
 cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,
-			 struct rte_security_session *sess,
-			 struct rte_mempool *mempool)
+			 void *sess)
 {
-	struct cn10k_sec_session *priv;
-	int ret;
+	struct cn10k_sec_session *priv = sess;
 
 	if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
 		return -EINVAL;
 
-	if (rte_mempool_get(mempool, (void **)&priv)) {
-		plt_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
-	set_sec_session_private_data(sess, priv);
-
 	if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {
-		ret = -ENOTSUP;
-		goto mempool_put;
+		return -ENOTSUP;
 	}
-	ret = cn10k_ipsec_session_create(device, &conf->ipsec,
-					 conf->crypto_xform, sess);
-	if (ret)
-		goto mempool_put;
-
-	return 0;
-
-mempool_put:
-	rte_mempool_put(mempool, priv);
-	set_sec_session_private_data(sess, NULL);
-	return ret;
+	return cn10k_ipsec_session_create(device, &conf->ipsec,
+					 conf->crypto_xform, priv);
 }
 
 static int
-cn10k_sec_session_destroy(void *device __rte_unused,
-			  struct rte_security_session *sess)
+cn10k_sec_session_destroy(void *device __rte_unused, void *sess)
 {
-	struct cn10k_sec_session *priv;
-	struct rte_mempool *sess_mp;
-
-	priv = get_sec_session_private_data(sess);
+	struct cn10k_sec_session *priv = sess;
 
 	if (priv == NULL)
 		return 0;
-
-	sess_mp = rte_mempool_from_obj(priv);
-
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
+	memset(priv, 0, sizeof(*priv));
 
 	return 0;
 }
diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
index 75277936b0..4c2dc5b080 100644
--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
@@ -56,7 +56,7 @@ cn9k_cpt_sec_inst_fill(struct rte_crypto_op *op,
 		return -ENOTSUP;
 	}
 
-	priv = get_sec_session_private_data(op->sym->sec_session);
+	priv = (struct cn9k_sec_session *)(op->sym->sec_session);
 	sa = &priv->sa;
 
 	if (sa->dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index 53fb793654..a602d38a11 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -275,14 +275,13 @@ static int
 cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 			  struct rte_security_ipsec_xform *ipsec,
 			  struct rte_crypto_sym_xform *crypto_xform,
-			  struct rte_security_session *sec_sess)
+			  struct cn9k_sec_session *sess)
 {
 	struct rte_crypto_sym_xform *auth_xform = crypto_xform->next;
 	struct roc_ie_on_ip_template *template = NULL;
 	struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
 	struct cnxk_cpt_inst_tmpl *inst_tmpl;
 	struct roc_ie_on_outb_sa *out_sa;
-	struct cn9k_sec_session *sess;
 	struct roc_ie_on_sa_ctl *ctl;
 	struct cn9k_ipsec_sa *sa;
 	struct rte_ipv6_hdr *ip6;
@@ -294,7 +293,6 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 	size_t ctx_len;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	out_sa = &sa->out_sa;
 	ctl = &out_sa->common_sa.ctl;
@@ -422,13 +420,12 @@ static int
 cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 			 struct rte_security_ipsec_xform *ipsec,
 			 struct rte_crypto_sym_xform *crypto_xform,
-			 struct rte_security_session *sec_sess)
+			 struct cn9k_sec_session *sess)
 {
 	struct rte_crypto_sym_xform *auth_xform = crypto_xform;
 	struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
 	struct cnxk_cpt_inst_tmpl *inst_tmpl;
 	struct roc_ie_on_inb_sa *in_sa;
-	struct cn9k_sec_session *sess;
 	struct cn9k_ipsec_sa *sa;
 	const uint8_t *auth_key;
 	union cpt_inst_w4 w4;
@@ -437,7 +434,6 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 	size_t ctx_len = 0;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	in_sa = &sa->in_sa;
 
@@ -501,7 +497,7 @@ static int
 cn9k_ipsec_session_create(void *dev,
 			  struct rte_security_ipsec_xform *ipsec_xform,
 			  struct rte_crypto_sym_xform *crypto_xform,
-			  struct rte_security_session *sess)
+			  struct cn9k_sec_session *sess)
 {
 	struct rte_cryptodev *crypto_dev = dev;
 	struct cnxk_cpt_qp *qp;
@@ -532,53 +528,32 @@ cn9k_ipsec_session_create(void *dev,
 
 static int
 cn9k_sec_session_create(void *device, struct rte_security_session_conf *conf,
-			struct rte_security_session *sess,
-			struct rte_mempool *mempool)
+			void *sess)
 {
-	struct cn9k_sec_session *priv;
-	int ret;
+	struct cn9k_sec_session *priv = sess;
 
 	if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
 		return -EINVAL;
 
-	if (rte_mempool_get(mempool, (void **)&priv)) {
-		plt_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
 	memset(priv, 0, sizeof(*priv));
 
-	set_sec_session_private_data(sess, priv);
-
 	if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {
-		ret = -ENOTSUP;
-		goto mempool_put;
+		return -ENOTSUP;
 	}
 
-	ret = cn9k_ipsec_session_create(device, &conf->ipsec,
-					conf->crypto_xform, sess);
-	if (ret)
-		goto mempool_put;
-
-	return 0;
-
-mempool_put:
-	rte_mempool_put(mempool, priv);
-	set_sec_session_private_data(sess, NULL);
-	return ret;
+	return cn9k_ipsec_session_create(device, &conf->ipsec,
+					conf->crypto_xform, priv);
 }
 
 static int
-cn9k_sec_session_destroy(void *device __rte_unused,
-			 struct rte_security_session *sess)
+cn9k_sec_session_destroy(void *device __rte_unused, void *sess)
 {
 	struct roc_ie_on_outb_sa *out_sa;
 	struct cn9k_sec_session *priv;
-	struct rte_mempool *sess_mp;
 	struct roc_ie_on_sa_ctl *ctl;
 	struct cn9k_ipsec_sa *sa;
 
-	priv = get_sec_session_private_data(sess);
+	priv = sess;
 	if (priv == NULL)
 		return 0;
 
@@ -590,13 +565,8 @@ cn9k_sec_session_destroy(void *device __rte_unused,
 
 	rte_io_wmb();
 
-	sess_mp = rte_mempool_from_obj(priv);
-
 	memset(priv, 0, sizeof(*priv));
 
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
-
 	return 0;
 }
 
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index dfa72f3f93..176f1a27a0 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1358,8 +1358,7 @@ build_sec_fd(struct rte_crypto_op *op,
 				op->sym->session, cryptodev_driver_id);
 #ifdef RTE_LIB_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
-		sess = (dpaa2_sec_session *)get_sec_session_private_data(
-				op->sym->sec_session);
+		sess = (dpaa2_sec_session *)(op->sym->sec_session);
 #endif
 	else
 		return -ENOTSUP;
@@ -1532,7 +1531,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	struct rte_crypto_op *op;
 	uint16_t len = DPAA2_GET_FD_LEN(fd);
 	int16_t diff = 0;
-	dpaa2_sec_session *sess_priv __rte_unused;
+	dpaa2_sec_session *sess_priv;
 
 	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
 		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
@@ -1545,8 +1544,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	mbuf->buf_iova = op->sym->aead.digest.phys_addr;
 	op->sym->aead.digest.phys_addr = 0L;
 
-	sess_priv = (dpaa2_sec_session *)get_sec_session_private_data(
-				op->sym->sec_session);
+	sess_priv = (dpaa2_sec_session *)(op->sym->sec_session);
 	if (sess_priv->dir == DIR_ENC)
 		mbuf->data_off += SEC_FLC_DHR_OUTBOUND;
 	else
@@ -3395,63 +3393,44 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 static int
 dpaa2_sec_security_session_create(void *dev,
 				  struct rte_security_session_conf *conf,
-				  struct rte_security_session *sess,
-				  struct rte_mempool *mempool)
+				  void *sess)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		DPAA2_SEC_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	switch (conf->protocol) {
 	case RTE_SECURITY_PROTOCOL_IPSEC:
-		ret = dpaa2_sec_set_ipsec_session(cdev, conf,
-				sess_private_data);
+		ret = dpaa2_sec_set_ipsec_session(cdev, conf, sess);
 		break;
 	case RTE_SECURITY_PROTOCOL_MACSEC:
 		return -ENOTSUP;
 	case RTE_SECURITY_PROTOCOL_PDCP:
-		ret = dpaa2_sec_set_pdcp_session(cdev, conf,
-				sess_private_data);
+		ret = dpaa2_sec_set_pdcp_session(cdev, conf, sess);
 		break;
 	default:
 		return -EINVAL;
 	}
 	if (ret != 0) {
 		DPAA2_SEC_ERR("Failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static int
-dpaa2_sec_security_session_destroy(void *dev __rte_unused,
-		struct rte_security_session *sess)
+dpaa2_sec_security_session_destroy(void *dev __rte_unused, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = get_sec_session_private_data(sess);
 
-	dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
-
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+	dpaa2_sec_session *s = (dpaa2_sec_session *)sess;
 
+	if (sess) {
 		rte_free(s->ctxt);
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 		memset(s, 0, sizeof(dpaa2_sec_session));
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 	return 0;
 }
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index d5aa2748d6..832b6e64ec 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -1793,8 +1793,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 #ifdef RTE_LIB_SECURITY
 			case RTE_CRYPTO_OP_SECURITY_SESSION:
 				ses = (dpaa_sec_session *)
-					get_sec_session_private_data(
-							op->sym->sec_session);
+					(op->sym->sec_session);
 				break;
 #endif
 			default:
@@ -2572,7 +2571,6 @@ static inline void
 free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)
 {
 	struct dpaa_sec_dev_private *qi = dev->data->dev_private;
-	struct rte_mempool *sess_mp = rte_mempool_from_obj((void *)s);
 	uint8_t i;
 
 	for (i = 0; i < MAX_DPAA_CORES; i++) {
@@ -2582,7 +2580,6 @@ free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)
 		s->qp[i] = NULL;
 	}
 	free_session_data(s);
-	rte_mempool_put(sess_mp, (void *)s);
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
@@ -3117,26 +3114,17 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev,
 static int
 dpaa_sec_security_session_create(void *dev,
 				 struct rte_security_session_conf *conf,
-				 struct rte_security_session *sess,
-				 struct rte_mempool *mempool)
+				 void *sess)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		DPAA_SEC_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	switch (conf->protocol) {
 	case RTE_SECURITY_PROTOCOL_IPSEC:
-		ret = dpaa_sec_set_ipsec_session(cdev, conf,
-				sess_private_data);
+		ret = dpaa_sec_set_ipsec_session(cdev, conf, sess);
 		break;
 	case RTE_SECURITY_PROTOCOL_PDCP:
-		ret = dpaa_sec_set_pdcp_session(cdev, conf,
-				sess_private_data);
+		ret = dpaa_sec_set_pdcp_session(cdev, conf, sess);
 		break;
 	case RTE_SECURITY_PROTOCOL_MACSEC:
 		return -ENOTSUP;
@@ -3145,29 +3133,21 @@ dpaa_sec_security_session_create(void *dev,
 	}
 	if (ret != 0) {
 		DPAA_SEC_ERR("failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static int
-dpaa_sec_security_session_destroy(void *dev __rte_unused,
-		struct rte_security_session *sess)
+dpaa_sec_security_session_destroy(void *dev __rte_unused, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	void *sess_priv = get_sec_session_private_data(sess);
-	dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
+	dpaa_sec_session *s = (dpaa_sec_session *)sess;
 
-	if (sess_priv) {
+	if (sess)
 		free_session_memory((struct rte_cryptodev *)dev, s);
-		set_sec_session_private_data(sess, NULL);
-	}
 	return 0;
 }
 #endif
diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd.c b/drivers/crypto/mvsam/rte_mrvl_pmd.c
index a72642a772..245a4ad353 100644
--- a/drivers/crypto/mvsam/rte_mrvl_pmd.c
+++ b/drivers/crypto/mvsam/rte_mrvl_pmd.c
@@ -773,8 +773,7 @@ mrvl_request_prepare_sec(struct sam_cio_ipsec_params *request,
 		return -EINVAL;
 	}
 
-	sess = (struct mrvl_crypto_session *)get_sec_session_private_data(
-			op->sym->sec_session);
+	sess = (struct mrvl_crypto_session *)(op->sym->sec_session);
 	if (unlikely(sess == NULL)) {
 		MRVL_LOG(ERR, "Session was not created for this device! %d",
 			 cryptodev_driver_id);
diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
index 3064b1f136..e04a2c88c7 100644
--- a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
+++ b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
@@ -913,16 +913,12 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static int
-mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,
-		struct rte_security_session *sess)
+mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused, void *sess)
 {
-	void *sess_priv = get_sec_session_private_data(sess);
-
 	/* Zero out the whole structure */
-	if (sess_priv) {
+	if (sess) {
 		struct mrvl_crypto_session *mrvl_sess =
 			(struct mrvl_crypto_session *)sess_priv;
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
 
 		if (mrvl_sess->sam_sess &&
 		    sam_session_destroy(mrvl_sess->sam_sess) < 0) {
@@ -932,9 +928,6 @@ mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,
 		rte_free(mrvl_sess->sam_sess_params.cipher_key);
 		rte_free(mrvl_sess->sam_sess_params.auth_key);
 		rte_free(mrvl_sess->sam_sess_params.cipher_iv);
-		memset(sess, 0, sizeof(struct rte_security_session));
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 	return 0;
 }
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
index 37fad11d91..7b744cd4b4 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
@@ -702,7 +702,7 @@ otx2_cpt_enqueue_sec(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
 	uint8_t esn;
 	int ret;
 
-	priv = get_sec_session_private_data(op->sym->sec_session);
+	priv = (struct otx2_sec_session *)(op->sym->sec_session);
 	sess = &priv->ipsec.lp;
 	sa = &sess->in_sa;
 
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_sec.c b/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
index a5db40047d..56900e3187 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
@@ -203,7 +203,7 @@ static int
 crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
 				     struct rte_security_ipsec_xform *ipsec,
 				     struct rte_crypto_sym_xform *crypto_xform,
-				     struct rte_security_session *sec_sess)
+				     struct otx2_sec_session *sess)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	struct otx2_ipsec_po_ip_template *template = NULL;
@@ -212,13 +212,11 @@ crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
 	struct otx2_ipsec_po_sa_ctl *ctl;
 	int cipher_key_len, auth_key_len;
 	struct otx2_ipsec_po_out_sa *sa;
-	struct otx2_sec_session *sess;
 	struct otx2_cpt_inst_s inst;
 	struct rte_ipv6_hdr *ip6;
 	struct rte_ipv4_hdr *ip;
 	int ret, ctx_len;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sess->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;
 	lp = &sess->ipsec.lp;
 
@@ -398,7 +396,7 @@ static int
 crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
 				    struct rte_security_ipsec_xform *ipsec,
 				    struct rte_crypto_sym_xform *crypto_xform,
-				    struct rte_security_session *sec_sess)
+				    struct otx2_sec_session *sess)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	const uint8_t *cipher_key, *auth_key;
@@ -406,11 +404,9 @@ crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
 	struct otx2_ipsec_po_sa_ctl *ctl;
 	int cipher_key_len, auth_key_len;
 	struct otx2_ipsec_po_in_sa *sa;
-	struct otx2_sec_session *sess;
 	struct otx2_cpt_inst_s inst;
 	int ret;
 
-	sess = get_sec_session_private_data(sec_sess);
 	sess->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;
 	lp = &sess->ipsec.lp;
 
@@ -512,7 +508,7 @@ static int
 crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,
 				struct rte_security_ipsec_xform *ipsec,
 				struct rte_crypto_sym_xform *crypto_xform,
-				struct rte_security_session *sess)
+				struct otx2_sec_session *sess)
 {
 	int ret;
 
@@ -536,10 +532,9 @@ crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,
 static int
 otx2_crypto_sec_session_create(void *device,
 			       struct rte_security_session_conf *conf,
-			       struct rte_security_session *sess,
-			       struct rte_mempool *mempool)
+			       void *sess)
 {
-	struct otx2_sec_session *priv;
+	struct otx2_sec_session *priv = sess;
 	int ret;
 
 	if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
@@ -548,51 +543,25 @@ otx2_crypto_sec_session_create(void *device,
 	if (rte_security_dynfield_register() < 0)
 		return -rte_errno;
 
-	if (rte_mempool_get(mempool, (void **)&priv)) {
-		otx2_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
-	set_sec_session_private_data(sess, priv);
-
 	priv->userdata = conf->userdata;
 
 	if (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)
 		ret = crypto_sec_ipsec_session_create(device, &conf->ipsec,
 						      conf->crypto_xform,
-						      sess);
+						      priv);
 	else
 		ret = -ENOTSUP;
 
-	if (ret)
-		goto mempool_put;
-
-	return 0;
-
-mempool_put:
-	rte_mempool_put(mempool, priv);
-	set_sec_session_private_data(sess, NULL);
 	return ret;
 }
 
 static int
-otx2_crypto_sec_session_destroy(void *device __rte_unused,
-				struct rte_security_session *sess)
+otx2_crypto_sec_session_destroy(void *device __rte_unused, void *sess)
 {
-	struct otx2_sec_session *priv;
-	struct rte_mempool *sess_mp;
+	struct otx2_sec_session *priv = sess;
 
-	priv = get_sec_session_private_data(sess);
-
-	if (priv == NULL)
-		return 0;
-
-	sess_mp = rte_mempool_from_obj(priv);
-
-	memset(priv, 0, sizeof(*priv));
-
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
+	if (priv)
+		memset(priv, 0, sizeof(*priv));
 
 	return 0;
 }
@@ -604,8 +573,7 @@ otx2_crypto_sec_session_get_size(void *device __rte_unused)
 }
 
 static int
-otx2_crypto_sec_set_pkt_mdata(void *device __rte_unused,
-			      struct rte_security_session *session,
+otx2_crypto_sec_set_pkt_mdata(void *device __rte_unused, void *session,
 			      struct rte_mbuf *m, void *params __rte_unused)
 {
 	/* Set security session as the pkt metadata */
diff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c
index 93b257522b..fbb17e61ff 100644
--- a/drivers/crypto/qat/qat_sym.c
+++ b/drivers/crypto/qat/qat_sym.c
@@ -250,8 +250,7 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg,
 				op->sym->session, qat_sym_driver_id);
 #ifdef RTE_LIB_SECURITY
 	} else {
-		ctx = (struct qat_sym_session *)get_sec_session_private_data(
-				op->sym->sec_session);
+		ctx = (struct qat_sym_session *)(op->sym->sec_session);
 		if (likely(ctx)) {
 			if (unlikely(ctx->bpi_ctx == NULL)) {
 				QAT_DP_LOG(ERR, "QAT PMD only supports security"
diff --git a/drivers/crypto/qat/qat_sym.h b/drivers/crypto/qat/qat_sym.h
index e3ec7f0de4..8904aabd3d 100644
--- a/drivers/crypto/qat/qat_sym.h
+++ b/drivers/crypto/qat/qat_sym.h
@@ -202,9 +202,7 @@ qat_sym_preprocess_requests(void **ops, uint16_t nb_ops)
 		op = (struct rte_crypto_op *)ops[i];
 
 		if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
-			ctx = (struct qat_sym_session *)
-				get_sec_session_private_data(
-					op->sym->sec_session);
+			ctx = (struct qat_sym_session *)(op->sym->sec_session);
 
 			if (ctx == NULL || ctx->bpi_ctx == NULL)
 				continue;
@@ -243,9 +241,7 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie)
 		 * Assuming at this point that if it's a security
 		 * op, that this is for DOCSIS
 		 */
-		sess = (struct qat_sym_session *)
-				get_sec_session_private_data(
-				rx_op->sym->sec_session);
+		sess = (struct qat_sym_session *)(rx_op->sym->sec_session);
 		is_docsis_sec = 1;
 	} else
 #endif
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 3f2f6736fc..2a22347c7f 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -2283,10 +2283,8 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
 int
 qat_security_session_create(void *dev,
 				struct rte_security_session_conf *conf,
-				struct rte_security_session *sess,
-				struct rte_mempool *mempool)
+				void *sess_private_data)
 {
-	void *sess_private_data;
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
 
@@ -2296,40 +2294,25 @@ qat_security_session_create(void *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		QAT_LOG(ERR, "Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = qat_sec_session_set_docsis_parameters(cdev, conf,
 			sess_private_data);
 	if (ret != 0) {
 		QAT_LOG(ERR, "Failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sec_session_private_data(sess, sess_private_data);
-
 	return ret;
 }
 
 int
-qat_security_session_destroy(void *dev __rte_unused,
-				 struct rte_security_session *sess)
+qat_security_session_destroy(void *dev __rte_unused, void *sess_priv)
 {
-	void *sess_priv = get_sec_session_private_data(sess);
 	struct qat_sym_session *s = (struct qat_sym_session *)sess_priv;
 
 	if (sess_priv) {
 		if (s->bpi_ctx)
 			bpi_cipher_ctx_free(s->bpi_ctx);
 		memset(s, 0, qat_sym_session_get_private_size(dev));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
-		set_sec_session_private_data(sess, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 	return 0;
 }
diff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h
index 6ebc176729..7fcc1d6f7b 100644
--- a/drivers/crypto/qat/qat_sym_session.h
+++ b/drivers/crypto/qat/qat_sym_session.h
@@ -166,9 +166,9 @@ qat_sym_validate_zuc_key(int key_len, enum icp_qat_hw_cipher_algo *alg);
 #ifdef RTE_LIB_SECURITY
 int
 qat_security_session_create(void *dev, struct rte_security_session_conf *conf,
-		struct rte_security_session *sess, struct rte_mempool *mempool);
+		void *sess);
 int
-qat_security_session_destroy(void *dev, struct rte_security_session *sess);
+qat_security_session_destroy(void *dev, void *sess);
 #endif
 
 #endif /* _QAT_SYM_SESSION_H_ */
diff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c
index e45c5501e6..cd54a3beee 100644
--- a/drivers/net/ixgbe/ixgbe_ipsec.c
+++ b/drivers/net/ixgbe/ixgbe_ipsec.c
@@ -369,24 +369,17 @@ ixgbe_crypto_remove_sa(struct rte_eth_dev *dev,
 static int
 ixgbe_crypto_create_session(void *device,
 		struct rte_security_session_conf *conf,
-		struct rte_security_session *session,
-		struct rte_mempool *mempool)
+		void *session)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
-	struct ixgbe_crypto_session *ic_session = NULL;
+	struct ixgbe_crypto_session *ic_session = session;
 	struct rte_crypto_aead_xform *aead_xform;
 	struct rte_eth_conf *dev_conf = &eth_dev->data->dev_conf;
 
-	if (rte_mempool_get(mempool, (void **)&ic_session)) {
-		PMD_DRV_LOG(ERR, "Cannot get object from ic_session mempool");
-		return -ENOMEM;
-	}
-
 	if (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||
 			conf->crypto_xform->aead.algo !=
 					RTE_CRYPTO_AEAD_AES_GCM) {
 		PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
-		rte_mempool_put(mempool, (void *)ic_session);
 		return -ENOTSUP;
 	}
 	aead_xform = &conf->crypto_xform->aead;
@@ -396,7 +389,6 @@ ixgbe_crypto_create_session(void *device,
 			ic_session->op = IXGBE_OP_AUTHENTICATED_DECRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	} else {
@@ -404,7 +396,6 @@ ixgbe_crypto_create_session(void *device,
 			ic_session->op = IXGBE_OP_AUTHENTICATED_ENCRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	}
@@ -416,12 +407,9 @@ ixgbe_crypto_create_session(void *device,
 	ic_session->spi = conf->ipsec.spi;
 	ic_session->dev = eth_dev;
 
-	set_sec_session_private_data(session, ic_session);
-
 	if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		if (ixgbe_crypto_add_sa(ic_session)) {
 			PMD_DRV_LOG(ERR, "Failed to add SA\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -EPERM;
 		}
 	}
@@ -436,14 +424,11 @@ ixgbe_crypto_session_get_size(__rte_unused void *device)
 }
 
 static int
-ixgbe_crypto_remove_session(void *device,
-		struct rte_security_session *session)
+ixgbe_crypto_remove_session(void *device, void *session)
 {
 	struct rte_eth_dev *eth_dev = device;
 	struct ixgbe_crypto_session *ic_session =
-		(struct ixgbe_crypto_session *)
-		get_sec_session_private_data(session);
-	struct rte_mempool *mempool = rte_mempool_from_obj(ic_session);
+		(struct ixgbe_crypto_session *)session;
 
 	if (eth_dev != ic_session->dev) {
 		PMD_DRV_LOG(ERR, "Session not bound to this device\n");
@@ -455,8 +440,6 @@ ixgbe_crypto_remove_session(void *device,
 		return -EFAULT;
 	}
 
-	rte_mempool_put(mempool, (void *)ic_session);
-
 	return 0;
 }
 
@@ -476,12 +459,11 @@ ixgbe_crypto_compute_pad_len(struct rte_mbuf *m)
 }
 
 static int
-ixgbe_crypto_update_mb(void *device __rte_unused,
-		struct rte_security_session *session,
+ixgbe_crypto_update_mb(void *device __rte_unused, void *session,
 		       struct rte_mbuf *m, void *params __rte_unused)
 {
-	struct ixgbe_crypto_session *ic_session =
-			get_sec_session_private_data(session);
+	struct ixgbe_crypto_session *ic_session = session;
+
 	if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		union ixgbe_crypto_tx_desc_md *mdata =
 			(union ixgbe_crypto_tx_desc_md *)
@@ -685,8 +667,10 @@ ixgbe_crypto_add_ingress_sa_from_flow(const void *sess,
 				      const void *ip_spec,
 				      uint8_t is_ipv6)
 {
-	struct ixgbe_crypto_session *ic_session
-		= get_sec_session_private_data(sess);
+	uint64_t sess_ptr = (uint64_t)sess;
+	struct ixgbe_crypto_session *ic_session =
+			(struct ixgbe_crypto_session *)sess_ptr;
+	/* TODO: A proper fix need to be added to remove above typecasting. */
 
 	if (ic_session->op == IXGBE_OP_AUTHENTICATED_DECRYPTION) {
 		if (is_ipv6) {
diff --git a/drivers/net/meson.build b/drivers/net/meson.build
index bcf488f203..7a09f7183d 100644
--- a/drivers/net/meson.build
+++ b/drivers/net/meson.build
@@ -12,7 +12,7 @@ drivers = [
         'bnx2x',
         'bnxt',
         'bonding',
-        'cnxk',
+#        'cnxk',
         'cxgbe',
         'dpaa',
         'dpaa2',
diff --git a/drivers/net/octeontx2/otx2_ethdev_sec.c b/drivers/net/octeontx2/otx2_ethdev_sec.c
index c2a36883cb..ef851fe52c 100644
--- a/drivers/net/octeontx2/otx2_ethdev_sec.c
+++ b/drivers/net/octeontx2/otx2_ethdev_sec.c
@@ -350,7 +350,7 @@ static int
 eth_sec_ipsec_out_sess_create(struct rte_eth_dev *eth_dev,
 			      struct rte_security_ipsec_xform *ipsec,
 			      struct rte_crypto_sym_xform *crypto_xform,
-			      struct rte_security_session *sec_sess)
+			      struct otx2_sec_session *sec_sess)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	struct otx2_sec_session_ipsec_ip *sess;
@@ -363,7 +363,7 @@ eth_sec_ipsec_out_sess_create(struct rte_eth_dev *eth_dev,
 	struct otx2_cpt_inst_s inst;
 	struct otx2_cpt_qp *qp;
 
-	priv = get_sec_session_private_data(sec_sess);
+	priv = sec_sess;
 	priv->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;
 	sess = &priv->ipsec.ip;
 
@@ -468,7 +468,7 @@ static int
 eth_sec_ipsec_in_sess_create(struct rte_eth_dev *eth_dev,
 			     struct rte_security_ipsec_xform *ipsec,
 			     struct rte_crypto_sym_xform *crypto_xform,
-			     struct rte_security_session *sec_sess)
+			     struct otx2_sec_session *sec_sess)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	struct otx2_eth_dev *dev = otx2_eth_pmd_priv(eth_dev);
@@ -495,7 +495,7 @@ eth_sec_ipsec_in_sess_create(struct rte_eth_dev *eth_dev,
 
 	ctl = &sa->ctl;
 
-	priv = get_sec_session_private_data(sec_sess);
+	priv = sec_sess;
 	priv->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;
 	sess = &priv->ipsec.ip;
 
@@ -619,7 +619,7 @@ static int
 eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,
 			  struct rte_security_ipsec_xform *ipsec,
 			  struct rte_crypto_sym_xform *crypto_xform,
-			  struct rte_security_session *sess)
+			  struct otx2_sec_session *sess)
 {
 	int ret;
 
@@ -638,22 +638,14 @@ eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,
 static int
 otx2_eth_sec_session_create(void *device,
 			    struct rte_security_session_conf *conf,
-			    struct rte_security_session *sess,
-			    struct rte_mempool *mempool)
+			    void *sess)
 {
-	struct otx2_sec_session *priv;
+	struct otx2_sec_session *priv = sess;
 	int ret;
 
 	if (conf->action_type != RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL)
 		return -ENOTSUP;
 
-	if (rte_mempool_get(mempool, (void **)&priv)) {
-		otx2_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
-	set_sec_session_private_data(sess, priv);
-
 	/*
 	 * Save userdata provided by the application. For ingress packets, this
 	 * could be used to identify the SA.
@@ -663,19 +655,14 @@ otx2_eth_sec_session_create(void *device,
 	if (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)
 		ret = eth_sec_ipsec_sess_create(device, &conf->ipsec,
 						conf->crypto_xform,
-						sess);
+						priv);
 	else
 		ret = -ENOTSUP;
 
 	if (ret)
-		goto mempool_put;
+		return ret;
 
 	return 0;
-
-mempool_put:
-	rte_mempool_put(mempool, priv);
-	set_sec_session_private_data(sess, NULL);
-	return ret;
 }
 
 static void
@@ -688,20 +675,14 @@ otx2_eth_sec_free_anti_replay(struct otx2_ipsec_fp_in_sa *sa)
 }
 
 static int
-otx2_eth_sec_session_destroy(void *device,
-			     struct rte_security_session *sess)
+otx2_eth_sec_session_destroy(void *device, void *sess)
 {
 	struct otx2_eth_dev *dev = otx2_eth_pmd_priv(device);
 	struct otx2_sec_session_ipsec_ip *sess_ip;
 	struct otx2_ipsec_fp_in_sa *sa;
-	struct otx2_sec_session *priv;
-	struct rte_mempool *sess_mp;
+	struct otx2_sec_session *priv = sess;
 	int ret;
 
-	priv = get_sec_session_private_data(sess);
-	if (priv == NULL)
-		return -EINVAL;
-
 	sess_ip = &priv->ipsec.ip;
 
 	if (priv->ipsec.dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
@@ -727,11 +708,6 @@ otx2_eth_sec_session_destroy(void *device,
 			return ret;
 	}
 
-	sess_mp = rte_mempool_from_obj(priv);
-
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
-
 	return 0;
 }
 
@@ -742,9 +718,8 @@ otx2_eth_sec_session_get_size(void *device __rte_unused)
 }
 
 static int
-otx2_eth_sec_set_pkt_mdata(void *device __rte_unused,
-			    struct rte_security_session *session,
-			    struct rte_mbuf *m, void *params __rte_unused)
+otx2_eth_sec_set_pkt_mdata(void *device __rte_unused, void *session,
+		struct rte_mbuf *m, void *params __rte_unused)
 {
 	/* Set security session as the pkt metadata */
 	*rte_security_dynfield(m) = (rte_security_dynfield_t)session;
diff --git a/drivers/net/octeontx2/otx2_ethdev_sec_tx.h b/drivers/net/octeontx2/otx2_ethdev_sec_tx.h
index 623a2a841e..9ecb786947 100644
--- a/drivers/net/octeontx2/otx2_ethdev_sec_tx.h
+++ b/drivers/net/octeontx2/otx2_ethdev_sec_tx.h
@@ -54,7 +54,7 @@ otx2_sec_event_tx(uint64_t base, struct rte_event *ev, struct rte_mbuf *m,
 		struct nix_iova_s nix_iova;
 	} *sd;
 
-	priv = get_sec_session_private_data((void *)(*rte_security_dynfield(m)));
+	priv = (void *)(*rte_security_dynfield(m));
 	sess = &priv->ipsec.ip;
 	sa = &sess->out_sa;
 
diff --git a/drivers/net/txgbe/txgbe_ipsec.c b/drivers/net/txgbe/txgbe_ipsec.c
index ccd747973b..444da5b8f3 100644
--- a/drivers/net/txgbe/txgbe_ipsec.c
+++ b/drivers/net/txgbe/txgbe_ipsec.c
@@ -349,24 +349,17 @@ txgbe_crypto_remove_sa(struct rte_eth_dev *dev,
 static int
 txgbe_crypto_create_session(void *device,
 		struct rte_security_session_conf *conf,
-		struct rte_security_session *session,
-		struct rte_mempool *mempool)
+		void *session)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
-	struct txgbe_crypto_session *ic_session = NULL;
+	struct txgbe_crypto_session *ic_session = session;
 	struct rte_crypto_aead_xform *aead_xform;
 	struct rte_eth_conf *dev_conf = &eth_dev->data->dev_conf;
 
-	if (rte_mempool_get(mempool, (void **)&ic_session)) {
-		PMD_DRV_LOG(ERR, "Cannot get object from ic_session mempool");
-		return -ENOMEM;
-	}
-
 	if (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||
 			conf->crypto_xform->aead.algo !=
 					RTE_CRYPTO_AEAD_AES_GCM) {
 		PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
-		rte_mempool_put(mempool, (void *)ic_session);
 		return -ENOTSUP;
 	}
 	aead_xform = &conf->crypto_xform->aead;
@@ -376,7 +369,6 @@ txgbe_crypto_create_session(void *device,
 			ic_session->op = TXGBE_OP_AUTHENTICATED_DECRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	} else {
@@ -384,7 +376,6 @@ txgbe_crypto_create_session(void *device,
 			ic_session->op = TXGBE_OP_AUTHENTICATED_ENCRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	}
@@ -396,12 +387,9 @@ txgbe_crypto_create_session(void *device,
 	ic_session->spi = conf->ipsec.spi;
 	ic_session->dev = eth_dev;
 
-	set_sec_session_private_data(session, ic_session);
-
 	if (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		if (txgbe_crypto_add_sa(ic_session)) {
 			PMD_DRV_LOG(ERR, "Failed to add SA\n");
-			rte_mempool_put(mempool, (void *)ic_session);
 			return -EPERM;
 		}
 	}
@@ -416,14 +404,11 @@ txgbe_crypto_session_get_size(__rte_unused void *device)
 }
 
 static int
-txgbe_crypto_remove_session(void *device,
-		struct rte_security_session *session)
+txgbe_crypto_remove_session(void *device, void *session)
 {
 	struct rte_eth_dev *eth_dev = device;
 	struct txgbe_crypto_session *ic_session =
-		(struct txgbe_crypto_session *)
-		get_sec_session_private_data(session);
-	struct rte_mempool *mempool = rte_mempool_from_obj(ic_session);
+		(struct txgbe_crypto_session *)session;
 
 	if (eth_dev != ic_session->dev) {
 		PMD_DRV_LOG(ERR, "Session not bound to this device\n");
@@ -435,8 +420,6 @@ txgbe_crypto_remove_session(void *device,
 		return -EFAULT;
 	}
 
-	rte_mempool_put(mempool, (void *)ic_session);
-
 	return 0;
 }
 
@@ -456,12 +439,11 @@ txgbe_crypto_compute_pad_len(struct rte_mbuf *m)
 }
 
 static int
-txgbe_crypto_update_mb(void *device __rte_unused,
-		struct rte_security_session *session,
-		       struct rte_mbuf *m, void *params __rte_unused)
+txgbe_crypto_update_mb(void *device __rte_unused, void *session,
+		struct rte_mbuf *m, void *params __rte_unused)
 {
-	struct txgbe_crypto_session *ic_session =
-			get_sec_session_private_data(session);
+	struct txgbe_crypto_session *ic_session = session;
+
 	if (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		union txgbe_crypto_tx_desc_md *mdata =
 			(union txgbe_crypto_tx_desc_md *)
@@ -661,8 +643,10 @@ txgbe_crypto_add_ingress_sa_from_flow(const void *sess,
 				      const void *ip_spec,
 				      uint8_t is_ipv6)
 {
+	uint64_t sess_ptr = (uint64_t)sess;
 	struct txgbe_crypto_session *ic_session =
-			get_sec_session_private_data(sess);
+			(struct txgbe_crypto_session *)sess_ptr;
+	/* TODO: A proper fix need to be added to remove above typecasting. */
 
 	if (ic_session->op == TXGBE_OP_AUTHENTICATED_DECRYPTION) {
 		if (is_ipv6) {
diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 6817139663..03d907cba8 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -117,8 +117,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa,
 			set_ipsec_conf(sa, &(sess_conf.ipsec));
 
 			ips->security.ses = rte_security_session_create(ctx,
-					&sess_conf, ipsec_ctx->session_pool,
-					ipsec_ctx->session_priv_pool);
+					&sess_conf, ipsec_ctx->session_pool);
 			if (ips->security.ses == NULL) {
 				RTE_LOG(ERR, IPSEC,
 				"SEC Session init failed: err: %d\n", ret);
@@ -199,8 +198,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
 		}
 
 		ips->security.ses = rte_security_session_create(sec_ctx,
-				&sess_conf, skt_ctx->session_pool,
-				skt_ctx->session_priv_pool);
+				&sess_conf, skt_ctx->session_pool);
 		if (ips->security.ses == NULL) {
 			RTE_LOG(ERR, IPSEC,
 				"SEC Session init failed: err: %d\n", ret);
@@ -380,8 +378,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
 		sess_conf.userdata = (void *) sa;
 
 		ips->security.ses = rte_security_session_create(sec_ctx,
-					&sess_conf, skt_ctx->session_pool,
-					skt_ctx->session_priv_pool);
+					&sess_conf, skt_ctx->session_pool);
 		if (ips->security.ses == NULL) {
 			RTE_LOG(ERR, IPSEC,
 				"SEC Session init failed: err: %d\n", ret);
diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c
index fe81ed3e4c..06560b9cba 100644
--- a/lib/security/rte_security.c
+++ b/lib/security/rte_security.c
@@ -39,35 +39,37 @@ rte_security_dynfield_register(void)
 	return rte_security_dynfield_offset;
 }
 
-struct rte_security_session *
+void *
 rte_security_session_create(struct rte_security_ctx *instance,
 			    struct rte_security_session_conf *conf,
-			    struct rte_mempool *mp,
-			    struct rte_mempool *priv_mp)
+			    struct rte_mempool *mp)
 {
 	struct rte_security_session *sess = NULL;
 
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
 	RTE_PTR_OR_ERR_RET(conf, NULL);
 	RTE_PTR_OR_ERR_RET(mp, NULL);
-	RTE_PTR_OR_ERR_RET(priv_mp, NULL);
+
+	if (mp->elt_size < sizeof(struct rte_security_session) +
+			instance->ops->session_get_size(instance->device))
+		return NULL;
 
 	if (rte_mempool_get(mp, (void **)&sess))
 		return NULL;
 
 	if (instance->ops->session_create(instance->device, conf,
-				sess, priv_mp)) {
+				sess->sess_private_data)) {
 		rte_mempool_put(mp, (void *)sess);
 		return NULL;
 	}
 	instance->sess_cnt++;
 
-	return sess;
+	return sess->sess_private_data;
 }
 
 int
 rte_security_session_update(struct rte_security_ctx *instance,
-			    struct rte_security_session *sess,
+			    void *sess,
 			    struct rte_security_session_conf *conf)
 {
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
@@ -88,8 +90,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance)
 
 int
 rte_security_session_stats_get(struct rte_security_ctx *instance,
-			       struct rte_security_session *sess,
-			       struct rte_security_stats *stats)
+			       void *sess, struct rte_security_stats *stats)
 {
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
 			-ENOTSUP);
@@ -100,9 +101,9 @@ rte_security_session_stats_get(struct rte_security_ctx *instance,
 }
 
 int
-rte_security_session_destroy(struct rte_security_ctx *instance,
-			     struct rte_security_session *sess)
+rte_security_session_destroy(struct rte_security_ctx *instance, void *sess)
 {
+	struct rte_security_session *s;
 	int ret;
 
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
@@ -113,7 +114,8 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
 	if (ret != 0)
 		return ret;
 
-	rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
+	s = container_of(sess, struct rte_security_session, sess_private_data);
+	rte_mempool_put(rte_mempool_from_obj(s), (void *)s);
 
 	if (instance->sess_cnt)
 		instance->sess_cnt--;
@@ -123,7 +125,7 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
 
 int
 __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
-				struct rte_security_session *sess,
+				void *sess,
 				struct rte_mbuf *m, void *params)
 {
 #ifdef RTE_DEBUG
diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
index c0ea13892e..2c8e78c4c7 100644
--- a/lib/security/rte_security.h
+++ b/lib/security/rte_security.h
@@ -491,10 +491,12 @@ struct rte_security_session_conf {
 };
 
 struct rte_security_session {
-	void *sess_private_data;
-	/**< Private session material */
 	uint64_t opaque_data;
 	/**< Opaque user defined data */
+	uint64_t fast_mdata;
+	/**< Fast metadata to be used for inline path */
+	__extension__ void *sess_private_data[0];
+	/**< Private session material */
 };
 
 /**
@@ -508,11 +510,10 @@ struct rte_security_session {
  *  - On success, pointer to session
  *  - On failure, NULL
  */
-struct rte_security_session *
+void *
 rte_security_session_create(struct rte_security_ctx *instance,
 			    struct rte_security_session_conf *conf,
-			    struct rte_mempool *mp,
-			    struct rte_mempool *priv_mp);
+			    struct rte_mempool *mp);
 
 /**
  * Update security session as specified by the session configuration
@@ -527,7 +528,7 @@ rte_security_session_create(struct rte_security_ctx *instance,
 __rte_experimental
 int
 rte_security_session_update(struct rte_security_ctx *instance,
-			    struct rte_security_session *sess,
+			    void *sess,
 			    struct rte_security_session_conf *conf);
 
 /**
@@ -558,7 +559,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance);
  */
 int
 rte_security_session_destroy(struct rte_security_ctx *instance,
-			     struct rte_security_session *sess);
+			     void *sess);
 
 /** Device-specific metadata field type */
 typedef uint64_t rte_security_dynfield_t;
@@ -604,7 +605,7 @@ static inline bool rte_security_dynfield_is_registered(void)
 /** Function to call PMD specific function pointer set_pkt_metadata() */
 __rte_experimental
 extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
-					   struct rte_security_session *sess,
+					   void *sess,
 					   struct rte_mbuf *m, void *params);
 
 /**
@@ -622,13 +623,13 @@ extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
  */
 static inline int
 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
-			      struct rte_security_session *sess,
+			      void *sess,
 			      struct rte_mbuf *mb, void *params)
 {
 	/* Fast Path */
 	if (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {
 		*rte_security_dynfield(mb) =
-			(rte_security_dynfield_t)(sess->sess_private_data);
+			(rte_security_dynfield_t)(sess);
 		return 0;
 	}
 
@@ -678,26 +679,13 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
  */
 static inline int
 __rte_security_attach_session(struct rte_crypto_sym_op *sym_op,
-			      struct rte_security_session *sess)
+			      void *sess)
 {
 	sym_op->sec_session = sess;
 
 	return 0;
 }
 
-static inline void *
-get_sec_session_private_data(const struct rte_security_session *sess)
-{
-	return sess->sess_private_data;
-}
-
-static inline void
-set_sec_session_private_data(struct rte_security_session *sess,
-			     void *private_data)
-{
-	sess->sess_private_data = private_data;
-}
-
 /**
  * Attach a session to a crypto operation.
  * This API is needed only in case of RTE_SECURITY_SESS_CRYPTO_PROTO_OFFLOAD
@@ -708,8 +696,7 @@ set_sec_session_private_data(struct rte_security_session *sess,
  * @param	sess	security session
  */
 static inline int
-rte_security_attach_session(struct rte_crypto_op *op,
-			    struct rte_security_session *sess)
+rte_security_attach_session(struct rte_crypto_op *op, void *sess)
 {
 	if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))
 		return -EINVAL;
@@ -771,7 +758,7 @@ struct rte_security_stats {
 __rte_experimental
 int
 rte_security_session_stats_get(struct rte_security_ctx *instance,
-			       struct rte_security_session *sess,
+			       void *sess,
 			       struct rte_security_stats *stats);
 
 /**
diff --git a/lib/security/rte_security_driver.h b/lib/security/rte_security_driver.h
index b0253e962e..5a177d72d7 100644
--- a/lib/security/rte_security_driver.h
+++ b/lib/security/rte_security_driver.h
@@ -35,8 +35,7 @@ extern "C" {
  */
 typedef int (*security_session_create_t)(void *device,
 		struct rte_security_session_conf *conf,
-		struct rte_security_session *sess,
-		struct rte_mempool *mp);
+		void *sess);
 
 /**
  * Free driver private session data.
@@ -44,8 +43,7 @@ typedef int (*security_session_create_t)(void *device,
  * @param	device		Crypto/eth device pointer
  * @param	sess		Security session structure
  */
-typedef int (*security_session_destroy_t)(void *device,
-		struct rte_security_session *sess);
+typedef int (*security_session_destroy_t)(void *device, void *sess);
 
 /**
  * Update driver private session data.
@@ -60,8 +58,7 @@ typedef int (*security_session_destroy_t)(void *device,
  *  - Returns -ENOTSUP if crypto device does not support the crypto transform.
  */
 typedef int (*security_session_update_t)(void *device,
-		struct rte_security_session *sess,
-		struct rte_security_session_conf *conf);
+		void *sess, struct rte_security_session_conf *conf);
 
 /**
  * Get the size of a security session
@@ -86,8 +83,7 @@ typedef unsigned int (*security_session_get_size)(void *device);
  *  - Returns -EINVAL if session parameters are invalid.
  */
 typedef int (*security_session_stats_get_t)(void *device,
-		struct rte_security_session *sess,
-		struct rte_security_stats *stats);
+		void *sess, struct rte_security_stats *stats);
 
 __rte_internal
 int rte_security_dynfield_register(void);
@@ -96,7 +92,7 @@ int rte_security_dynfield_register(void);
  * Update the mbuf with provided metadata.
  *
  * @param	device		Crypto/eth device pointer
- * @param	sess		Security session structure
+ * @param	sess		Security session
  * @param	mb		Packet buffer
  * @param	params		Metadata
  *
@@ -105,7 +101,7 @@ int rte_security_dynfield_register(void);
  *  - Returns -ve value for errors.
  */
 typedef int (*security_set_pkt_metadata_t)(void *device,
-		struct rte_security_session *sess, struct rte_mbuf *mb,
+		void *sess, struct rte_mbuf *mb,
 		void *params);
 
 /**
-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH v2 2/7] security: hide security session struct
  2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 1/7] security: rework session framework Akhil Goyal
@ 2021-10-13 19:22   ` Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 3/7] net/cnxk: rework security session framework Akhil Goyal
                     ` (5 subsequent siblings)
  7 siblings, 0 replies; 49+ messages in thread
From: Akhil Goyal @ 2021-10-13 19:22 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, haiyue.wang, jiawenwu, jianwang,
	Akhil Goyal

rte_security_session struct is now hidden in the library.
application can access the opaque data and fast_mdata
using the set/get APIs introduced in this patch.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 lib/ipsec/rte_ipsec.h              |  2 +-
 lib/ipsec/rte_ipsec_group.h        |  5 +--
 lib/ipsec/ses.c                    |  3 +-
 lib/security/rte_security.h        | 54 ++++++++++++++++++++++++------
 lib/security/rte_security_driver.h | 13 +++++++
 5 files changed, 63 insertions(+), 14 deletions(-)

diff --git a/lib/ipsec/rte_ipsec.h b/lib/ipsec/rte_ipsec.h
index dd60d95915..50d8e5098d 100644
--- a/lib/ipsec/rte_ipsec.h
+++ b/lib/ipsec/rte_ipsec.h
@@ -70,7 +70,7 @@ struct rte_ipsec_session {
 			uint8_t dev_id;
 		} crypto;
 		struct {
-			struct rte_security_session *ses;
+			void *ses;
 			struct rte_security_ctx *ctx;
 			uint32_t ol_flags;
 		} security;
diff --git a/lib/ipsec/rte_ipsec_group.h b/lib/ipsec/rte_ipsec_group.h
index ea3bdfad95..0cc5fedbf1 100644
--- a/lib/ipsec/rte_ipsec_group.h
+++ b/lib/ipsec/rte_ipsec_group.h
@@ -44,12 +44,13 @@ struct rte_ipsec_group {
 static inline struct rte_ipsec_session *
 rte_ipsec_ses_from_crypto(const struct rte_crypto_op *cop)
 {
-	const struct rte_security_session *ss;
+	void *ss;
 	const struct rte_cryptodev_sym_session *cs;
 
 	if (cop->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
 		ss = cop->sym[0].sec_session;
-		return (void *)(uintptr_t)ss->opaque_data;
+		return (void *)(uintptr_t)
+			rte_security_session_opaque_data_get(ss);
 	} else if (cop->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 		cs = cop->sym[0].session;
 		return (void *)(uintptr_t)cs->opaque_data;
diff --git a/lib/ipsec/ses.c b/lib/ipsec/ses.c
index 3d51ac4986..b12114269f 100644
--- a/lib/ipsec/ses.c
+++ b/lib/ipsec/ses.c
@@ -47,7 +47,8 @@ rte_ipsec_session_prepare(struct rte_ipsec_session *ss)
 	if (ss->type == RTE_SECURITY_ACTION_TYPE_NONE)
 		ss->crypto.ses->opaque_data = (uintptr_t)ss;
 	else
-		ss->security.ses->opaque_data = (uintptr_t)ss;
+		rte_security_session_opaque_data_set(ss->security.ses,
+				(uintptr_t)ss);
 
 	return 0;
 }
diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
index 2c8e78c4c7..51fe1abb00 100644
--- a/lib/security/rte_security.h
+++ b/lib/security/rte_security.h
@@ -490,14 +490,47 @@ struct rte_security_session_conf {
 	/**< Application specific userdata to be saved with session */
 };
 
-struct rte_security_session {
-	uint64_t opaque_data;
-	/**< Opaque user defined data */
-	uint64_t fast_mdata;
-	/**< Fast metadata to be used for inline path */
-	__extension__ void *sess_private_data[0];
-	/**< Private session material */
-};
+#define SESS_FAST_MDATA_OFF 1
+#define SESS_OPAQUE_DATA_OFF 2
+/**
+ * Get opaque data from session handle
+ */
+static inline uint64_t
+rte_security_session_opaque_data_get(void *sess)
+{
+	return *((uint64_t *)sess - SESS_OPAQUE_DATA_OFF);
+}
+
+/**
+ * Get fast mdata from session handle
+ */
+static inline uint64_t
+rte_security_session_fast_mdata_get(void *sess)
+{
+	return *((uint64_t *)sess - SESS_FAST_MDATA_OFF);
+}
+
+/**
+ * Set opaque data in session handle
+ */
+static inline void
+rte_security_session_opaque_data_set(void *sess, uint64_t opaque)
+{
+	uint64_t *data;
+	data = (((uint64_t *)sess) - SESS_OPAQUE_DATA_OFF);
+	*data = opaque;
+}
+
+/**
+ * Set fast mdata in session handle
+ */
+static inline void
+rte_security_session_fast_mdata_set(void *sess, uint64_t fdata)
+{
+	uint64_t *data;
+	data = (((uint64_t *)sess) - SESS_FAST_MDATA_OFF);
+	*data = fdata;
+}
 
 /**
  * Create security session as specified by the session configuration
@@ -628,8 +661,9 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
 {
 	/* Fast Path */
 	if (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {
-		*rte_security_dynfield(mb) =
-			(rte_security_dynfield_t)(sess);
+		uint64_t mdata = rte_security_session_fast_mdata_get(sess);
+
+		*rte_security_dynfield(mb) = (rte_security_dynfield_t)(mdata);
 		return 0;
 	}
 
diff --git a/lib/security/rte_security_driver.h b/lib/security/rte_security_driver.h
index 5a177d72d7..13f2f9da32 100644
--- a/lib/security/rte_security_driver.h
+++ b/lib/security/rte_security_driver.h
@@ -19,6 +19,19 @@ extern "C" {
 
 #include "rte_security.h"
 
+/**
+ * @internal
+ * Security session to be used by library for internal usage
+ */
+struct rte_security_session {
+	/** Opaque user defined data */
+	uint64_t opaque_data;
+	/** Fast metadata to be used for inline path */
+	uint64_t fast_mdata;
+	/** Private session material */
+	__extension__ void *sess_private_data[0];
+};
+
 /**
  * Configure a security session on a device.
  *
-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH v2 3/7] net/cnxk: rework security session framework
  2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 1/7] security: rework session framework Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 2/7] security: hide security session struct Akhil Goyal
@ 2021-10-13 19:22   ` Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 4/7] security: pass session iova in PMD sess create Akhil Goyal
                     ` (4 subsequent siblings)
  7 siblings, 0 replies; 49+ messages in thread
From: Akhil Goyal @ 2021-10-13 19:22 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, haiyue.wang, jiawenwu, jianwang,
	Akhil Goyal, Nithin Dabilpuram

Aligned the security session create and destroy
as per the recent changes in rte_security
and used the fast mdata field introduced in
rte_security. Enabled compilation of cnxk driver.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 drivers/net/cnxk/cn10k_ethdev_sec.c | 64 +++++++++++------------------
 drivers/net/cnxk/cn9k_ethdev_sec.c  | 59 ++++++++++----------------
 drivers/net/cnxk/cnxk_ethdev.c      |  6 +--
 drivers/net/cnxk/cnxk_ethdev.h      |  6 ---
 drivers/net/cnxk/cnxk_ethdev_sec.c  | 21 ----------
 drivers/net/meson.build             |  2 +-
 6 files changed, 48 insertions(+), 110 deletions(-)

diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c
index 82dc6367dd..3d0f4044d9 100644
--- a/drivers/net/cnxk/cn10k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
@@ -228,15 +228,14 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
 static int
 cn10k_eth_sec_session_create(void *device,
 			     struct rte_security_session_conf *conf,
-			     struct rte_security_session *sess,
-			     struct rte_mempool *mempool)
+			     void *sess_priv)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
+	struct cnxk_eth_sec_sess *eth_sec = sess_priv;
 	struct rte_security_ipsec_xform *ipsec;
-	struct cn10k_sec_sess_priv sess_priv;
+	struct cn10k_sec_sess_priv fast_mdata;
 	struct rte_crypto_sym_xform *crypto;
-	struct cnxk_eth_sec_sess *eth_sec;
 	bool inbound, inl_dev;
 	int rc = 0;
 
@@ -264,13 +263,8 @@ cn10k_eth_sec_session_create(void *device,
 		return -EEXIST;
 	}
 
-	if (rte_mempool_get(mempool, (void **)&eth_sec)) {
-		plt_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
 	memset(eth_sec, 0, sizeof(struct cnxk_eth_sec_sess));
-	sess_priv.u64 = 0;
+	fast_mdata.u64 = 0;
 
 	/* Acquire lock on inline dev for inbound */
 	if (inbound && inl_dev)
@@ -290,11 +284,11 @@ cn10k_eth_sec_session_create(void *device,
 			plt_err("Failed to create ingress sa, inline dev "
 				"not found or spi not in range");
 			rc = -ENOTSUP;
-			goto mempool_put;
+			goto err;
 		} else if (!sa) {
 			plt_err("Failed to create ingress sa");
 			rc = -EFAULT;
-			goto mempool_put;
+			goto err;
 		}
 
 		inb_sa = (struct roc_ot_ipsec_inb_sa *)sa;
@@ -304,7 +298,7 @@ cn10k_eth_sec_session_create(void *device,
 			plt_err("Inbound SA with SPI %u already in use",
 				ipsec->spi);
 			rc = -EBUSY;
-			goto mempool_put;
+			goto err;
 		}
 
 		memset(inb_sa, 0, sizeof(struct roc_ot_ipsec_inb_sa));
@@ -313,7 +307,7 @@ cn10k_eth_sec_session_create(void *device,
 		rc = cnxk_ot_ipsec_inb_sa_fill(inb_sa, ipsec, crypto);
 		if (rc) {
 			plt_err("Failed to init inbound sa, rc=%d", rc);
-			goto mempool_put;
+			goto err;
 		}
 
 		inb_priv = roc_nix_inl_ot_ipsec_inb_sa_sw_rsvd(inb_sa);
@@ -326,12 +320,11 @@ cn10k_eth_sec_session_create(void *device,
 		inb_sa->w1.s.cookie = rte_cpu_to_be_32(ipsec->spi);
 
 		/* Prepare session priv */
-		sess_priv.inb_sa = 1;
-		sess_priv.sa_idx = ipsec->spi;
+		fast_mdata.inb_sa = 1;
+		fast_mdata.sa_idx = ipsec->spi;
 
 		/* Pointer from eth_sec -> inb_sa */
 		eth_sec->sa = inb_sa;
-		eth_sec->sess = sess;
 		eth_sec->sa_idx = ipsec->spi;
 		eth_sec->spi = ipsec->spi;
 		eth_sec->inl_dev = !!dev->inb.inl_dev;
@@ -352,7 +345,7 @@ cn10k_eth_sec_session_create(void *device,
 		/* Alloc an sa index */
 		rc = cnxk_eth_outb_sa_idx_get(dev, &sa_idx);
 		if (rc)
-			goto mempool_put;
+			goto err;
 
 		outb_sa = roc_nix_inl_ot_ipsec_outb_sa(sa_base, sa_idx);
 		outb_priv = roc_nix_inl_ot_ipsec_outb_sa_sw_rsvd(outb_sa);
@@ -365,7 +358,7 @@ cn10k_eth_sec_session_create(void *device,
 		if (rc) {
 			plt_err("Failed to init outbound sa, rc=%d", rc);
 			rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
-			goto mempool_put;
+			goto err;
 		}
 
 		/* Save userdata */
@@ -377,16 +370,15 @@ cn10k_eth_sec_session_create(void *device,
 		cnxk_ipsec_outb_rlens_get(rlens, ipsec, crypto);
 
 		/* Prepare session priv */
-		sess_priv.sa_idx = outb_priv->sa_idx;
-		sess_priv.roundup_byte = rlens->roundup_byte;
-		sess_priv.roundup_len = rlens->roundup_len;
-		sess_priv.partial_len = rlens->partial_len;
-		sess_priv.mode = outb_sa->w2.s.ipsec_mode;
-		sess_priv.outer_ip_ver = outb_sa->w2.s.outer_ip_ver;
+		fast_mdata.sa_idx = outb_priv->sa_idx;
+		fast_mdata.roundup_byte = rlens->roundup_byte;
+		fast_mdata.roundup_len = rlens->roundup_len;
+		fast_mdata.partial_len = rlens->partial_len;
+		fast_mdata.mode = outb_sa->w2.s.ipsec_mode;
+		fast_mdata.outer_ip_ver = outb_sa->w2.s.outer_ip_ver;
 
 		/* Pointer from eth_sec -> outb_sa */
 		eth_sec->sa = outb_sa;
-		eth_sec->sess = sess;
 		eth_sec->sa_idx = sa_idx;
 		eth_sec->spi = ipsec->spi;
 
@@ -407,29 +399,23 @@ cn10k_eth_sec_session_create(void *device,
 	/*
 	 * Update fast path info in priv area.
 	 */
-	set_sec_session_private_data(sess, (void *)sess_priv.u64);
+	rte_security_session_fast_mdata_set(sess_priv, fast_mdata.u64);
 
 	return 0;
-mempool_put:
+err:
 	if (inbound && inl_dev)
 		roc_nix_inl_dev_unlock();
-	rte_mempool_put(mempool, eth_sec);
 	return rc;
 }
 
 static int
-cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
+cn10k_eth_sec_session_destroy(void *device, void *sess_priv)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
-	struct roc_ot_ipsec_inb_sa *inb_sa;
+	struct cnxk_eth_sec_sess *eth_sec = sess_priv;
 	struct roc_ot_ipsec_outb_sa *outb_sa;
-	struct cnxk_eth_sec_sess *eth_sec;
-	struct rte_mempool *mp;
-
-	eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess);
-	if (!eth_sec)
-		return -ENOENT;
+	struct roc_ot_ipsec_inb_sa *inb_sa;
 
 	if (eth_sec->inl_dev)
 		roc_nix_inl_dev_lock();
@@ -464,9 +450,7 @@ cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
 		    eth_sec->sa_idx, eth_sec->inl_dev);
 
 	/* Put eth_sec object back to pool */
-	mp = rte_mempool_from_obj(eth_sec);
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(mp, eth_sec);
+	rte_security_session_fast_mdata_set(sess_priv, 0);
 	return 0;
 }
 
diff --git a/drivers/net/cnxk/cn9k_ethdev_sec.c b/drivers/net/cnxk/cn9k_ethdev_sec.c
index b070ad57fc..8a6fa75b37 100644
--- a/drivers/net/cnxk/cn9k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn9k_ethdev_sec.c
@@ -137,15 +137,14 @@ ar_window_init(struct cn9k_inb_priv_data *inb_priv)
 static int
 cn9k_eth_sec_session_create(void *device,
 			    struct rte_security_session_conf *conf,
-			    struct rte_security_session *sess,
-			    struct rte_mempool *mempool)
+			    void *sess_priv)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
+	struct cnxk_eth_sec_sess *eth_sec = sess_priv;
 	struct rte_security_ipsec_xform *ipsec;
-	struct cn9k_sec_sess_priv sess_priv;
+	struct cn9k_sec_sess_priv fast_mdata;
 	struct rte_crypto_sym_xform *crypto;
-	struct cnxk_eth_sec_sess *eth_sec;
 	bool inbound;
 	int rc = 0;
 
@@ -169,13 +168,8 @@ cn9k_eth_sec_session_create(void *device,
 		return -EEXIST;
 	}
 
-	if (rte_mempool_get(mempool, (void **)&eth_sec)) {
-		plt_err("Could not allocate security session private data");
-		return -ENOMEM;
-	}
-
 	memset(eth_sec, 0, sizeof(struct cnxk_eth_sec_sess));
-	sess_priv.u64 = 0;
+	fast_mdata.u64 = 0;
 
 	if (inbound) {
 		struct cn9k_inb_priv_data *inb_priv;
@@ -192,7 +186,7 @@ cn9k_eth_sec_session_create(void *device,
 		if (!inb_sa) {
 			plt_err("Failed to create ingress sa");
 			rc = -EFAULT;
-			goto mempool_put;
+			goto err;
 		}
 
 		/* Check if SA is already in use */
@@ -200,7 +194,7 @@ cn9k_eth_sec_session_create(void *device,
 			plt_err("Inbound SA with SPI %u already in use",
 				ipsec->spi);
 			rc = -EBUSY;
-			goto mempool_put;
+			goto err;
 		}
 
 		memset(inb_sa, 0, sizeof(struct roc_onf_ipsec_inb_sa));
@@ -209,7 +203,7 @@ cn9k_eth_sec_session_create(void *device,
 		rc = cnxk_onf_ipsec_inb_sa_fill(inb_sa, ipsec, crypto);
 		if (rc) {
 			plt_err("Failed to init inbound sa, rc=%d", rc);
-			goto mempool_put;
+			goto err;
 		}
 
 		inb_priv = roc_nix_inl_onf_ipsec_inb_sa_sw_rsvd(inb_sa);
@@ -223,16 +217,15 @@ cn9k_eth_sec_session_create(void *device,
 		if (inb_priv->replay_win_sz) {
 			rc = ar_window_init(inb_priv);
 			if (rc)
-				goto mempool_put;
+				goto err;
 		}
 
 		/* Prepare session priv */
-		sess_priv.inb_sa = 1;
-		sess_priv.sa_idx = ipsec->spi;
+		fast_mdata.inb_sa = 1;
+		fast_mdata.sa_idx = ipsec->spi;
 
 		/* Pointer from eth_sec -> inb_sa */
 		eth_sec->sa = inb_sa;
-		eth_sec->sess = sess;
 		eth_sec->sa_idx = ipsec->spi;
 		eth_sec->spi = ipsec->spi;
 		eth_sec->inb = true;
@@ -252,7 +245,7 @@ cn9k_eth_sec_session_create(void *device,
 		/* Alloc an sa index */
 		rc = cnxk_eth_outb_sa_idx_get(dev, &sa_idx);
 		if (rc)
-			goto mempool_put;
+			goto err;
 
 		outb_sa = roc_nix_inl_onf_ipsec_outb_sa(sa_base, sa_idx);
 		outb_priv = roc_nix_inl_onf_ipsec_outb_sa_sw_rsvd(outb_sa);
@@ -265,7 +258,7 @@ cn9k_eth_sec_session_create(void *device,
 		if (rc) {
 			plt_err("Failed to init outbound sa, rc=%d", rc);
 			rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
-			goto mempool_put;
+			goto err;
 		}
 
 		/* Save userdata */
@@ -282,14 +275,13 @@ cn9k_eth_sec_session_create(void *device,
 		/* Save rlen info */
 		cnxk_ipsec_outb_rlens_get(rlens, ipsec, crypto);
 
-		sess_priv.sa_idx = outb_priv->sa_idx;
-		sess_priv.roundup_byte = rlens->roundup_byte;
-		sess_priv.roundup_len = rlens->roundup_len;
-		sess_priv.partial_len = rlens->partial_len;
+		fast_mdata.sa_idx = outb_priv->sa_idx;
+		fast_mdata.roundup_byte = rlens->roundup_byte;
+		fast_mdata.roundup_len = rlens->roundup_len;
+		fast_mdata.partial_len = rlens->partial_len;
 
 		/* Pointer from eth_sec -> outb_sa */
 		eth_sec->sa = outb_sa;
-		eth_sec->sess = sess;
 		eth_sec->sa_idx = sa_idx;
 		eth_sec->spi = ipsec->spi;
 
@@ -306,27 +298,21 @@ cn9k_eth_sec_session_create(void *device,
 	/*
 	 * Update fast path info in priv area.
 	 */
-	set_sec_session_private_data(sess, (void *)sess_priv.u64);
+	rte_security_session_fast_mdata_set(sess_priv, fast_mdata.u64);
 
 	return 0;
-mempool_put:
-	rte_mempool_put(mempool, eth_sec);
+err:
 	return rc;
 }
 
 static int
-cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
+cn9k_eth_sec_session_destroy(void *device, void *sess_priv)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
+	struct cnxk_eth_sec_sess *eth_sec = sess_priv;
 	struct roc_onf_ipsec_outb_sa *outb_sa;
 	struct roc_onf_ipsec_inb_sa *inb_sa;
-	struct cnxk_eth_sec_sess *eth_sec;
-	struct rte_mempool *mp;
-
-	eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess);
-	if (!eth_sec)
-		return -ENOENT;
 
 	if (eth_sec->inb) {
 		inb_sa = eth_sec->sa;
@@ -353,10 +339,7 @@ cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
 		    eth_sec->inb ? "inbound" : "outbound", eth_sec->spi,
 		    eth_sec->sa_idx);
 
-	/* Put eth_sec object back to pool */
-	mp = rte_mempool_from_obj(eth_sec);
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(mp, eth_sec);
+	rte_security_session_fast_mdata_set(sess_priv, 0);
 	return 0;
 }
 
diff --git a/drivers/net/cnxk/cnxk_ethdev.c b/drivers/net/cnxk/cnxk_ethdev.c
index 966bd23c7f..572b40e11b 100644
--- a/drivers/net/cnxk/cnxk_ethdev.c
+++ b/drivers/net/cnxk/cnxk_ethdev.c
@@ -154,8 +154,7 @@ nix_security_release(struct cnxk_eth_dev *dev)
 		/* Destroy inbound sessions */
 		tvar = NULL;
 		RTE_TAILQ_FOREACH_SAFE(eth_sec, &dev->inb.list, entry, tvar)
-			cnxk_eth_sec_ops.session_destroy(eth_dev,
-							 eth_sec->sess);
+			cnxk_eth_sec_ops.session_destroy(eth_dev, eth_sec);
 
 		/* Clear lookup mem */
 		cnxk_nix_lookup_mem_sa_base_clear(dev);
@@ -172,8 +171,7 @@ nix_security_release(struct cnxk_eth_dev *dev)
 		/* Destroy outbound sessions */
 		tvar = NULL;
 		RTE_TAILQ_FOREACH_SAFE(eth_sec, &dev->outb.list, entry, tvar)
-			cnxk_eth_sec_ops.session_destroy(eth_dev,
-							 eth_sec->sess);
+			cnxk_eth_sec_ops.session_destroy(eth_dev, eth_sec);
 
 		rc = roc_nix_inl_outb_fini(nix);
 		if (rc)
diff --git a/drivers/net/cnxk/cnxk_ethdev.h b/drivers/net/cnxk/cnxk_ethdev.h
index ff21b977b7..eca6c77e7a 100644
--- a/drivers/net/cnxk/cnxk_ethdev.h
+++ b/drivers/net/cnxk/cnxk_ethdev.h
@@ -174,9 +174,6 @@ struct cnxk_eth_sec_sess {
 	/* SPI */
 	uint32_t spi;
 
-	/* Back pointer to session */
-	struct rte_security_session *sess;
-
 	/* Inbound */
 	bool inb;
 
@@ -497,9 +494,6 @@ __rte_internal
 int cnxk_nix_inb_mode_set(struct cnxk_eth_dev *dev, bool use_inl_dev);
 struct cnxk_eth_sec_sess *cnxk_eth_sec_sess_get_by_spi(struct cnxk_eth_dev *dev,
 						       uint32_t spi, bool inb);
-struct cnxk_eth_sec_sess *
-cnxk_eth_sec_sess_get_by_sess(struct cnxk_eth_dev *dev,
-			      struct rte_security_session *sess);
 
 /* Other private functions */
 int nix_recalc_mtu(struct rte_eth_dev *eth_dev);
diff --git a/drivers/net/cnxk/cnxk_ethdev_sec.c b/drivers/net/cnxk/cnxk_ethdev_sec.c
index ae3e49cc82..b220f4d2cf 100644
--- a/drivers/net/cnxk/cnxk_ethdev_sec.c
+++ b/drivers/net/cnxk/cnxk_ethdev_sec.c
@@ -87,27 +87,6 @@ cnxk_eth_sec_sess_get_by_spi(struct cnxk_eth_dev *dev, uint32_t spi, bool inb)
 	return NULL;
 }
 
-struct cnxk_eth_sec_sess *
-cnxk_eth_sec_sess_get_by_sess(struct cnxk_eth_dev *dev,
-			      struct rte_security_session *sess)
-{
-	struct cnxk_eth_sec_sess *eth_sec = NULL;
-
-	/* Search in inbound list */
-	TAILQ_FOREACH(eth_sec, &dev->inb.list, entry) {
-		if (eth_sec->sess == sess)
-			return eth_sec;
-	}
-
-	/* Search in outbound list */
-	TAILQ_FOREACH(eth_sec, &dev->outb.list, entry) {
-		if (eth_sec->sess == sess)
-			return eth_sec;
-	}
-
-	return NULL;
-}
-
 static unsigned int
 cnxk_eth_sec_session_get_size(void *device __rte_unused)
 {
diff --git a/drivers/net/meson.build b/drivers/net/meson.build
index 7a09f7183d..bcf488f203 100644
--- a/drivers/net/meson.build
+++ b/drivers/net/meson.build
@@ -12,7 +12,7 @@ drivers = [
         'bnx2x',
         'bnxt',
         'bonding',
-#        'cnxk',
+        'cnxk',
         'cxgbe',
         'dpaa',
         'dpaa2',
-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH v2 4/7] security: pass session iova in PMD sess create
  2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework Akhil Goyal
                     ` (2 preceding siblings ...)
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 3/7] net/cnxk: rework security session framework Akhil Goyal
@ 2021-10-13 19:22   ` Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 5/7] cryptodev: rework session framework Akhil Goyal
                     ` (3 subsequent siblings)
  7 siblings, 0 replies; 49+ messages in thread
From: Akhil Goyal @ 2021-10-13 19:22 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, haiyue.wang, jiawenwu, jianwang,
	Akhil Goyal

Some PMDs need session physical address which can be passed
to the hardware. But since security_session_create
does not allow PMD to get mempool object, the PMD cannot
call rte_mempool_virt2iova().
Hence the library layer need to calculate the iova for session
private data and pass it to the PMD.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test/test_ipsec.c                         |  3 +-
 app/test/test_security.c                      |  5 +--
 .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  2 +-
 drivers/crypto/caam_jr/caam_jr.c              |  3 +-
 drivers/crypto/cnxk/cn10k_ipsec.c             |  2 +-
 drivers/crypto/cnxk/cn9k_ipsec.c              | 35 +++++++++++--------
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  3 +-
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  3 +-
 drivers/crypto/octeontx2/otx2_cryptodev_sec.c | 33 +++++++++--------
 drivers/crypto/qat/qat_sym_session.c          | 10 +++---
 drivers/crypto/qat/qat_sym_session.h          |  2 +-
 drivers/net/cnxk/cn10k_ethdev_sec.c           |  2 +-
 drivers/net/cnxk/cn9k_ethdev_sec.c            |  2 +-
 drivers/net/ixgbe/ixgbe_ipsec.c               |  2 +-
 drivers/net/octeontx2/otx2_ethdev_sec.c       |  3 +-
 drivers/net/txgbe/txgbe_ipsec.c               |  2 +-
 lib/security/rte_security.c                   |  6 +++-
 lib/security/rte_security_driver.h            |  4 +--
 18 files changed, 71 insertions(+), 51 deletions(-)

diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
index 2ffa2a8e79..3b49a0b13a 100644
--- a/app/test/test_ipsec.c
+++ b/app/test/test_ipsec.c
@@ -148,11 +148,12 @@ const struct supported_auth_algo auth_algos[] = {
 
 static int
 dummy_sec_create(void *device, struct rte_security_session_conf *conf,
-	void *sess)
+	void *sess, rte_iova_t sess_iova)
 {
 	RTE_SET_USED(device);
 	RTE_SET_USED(conf);
 	RTE_SET_USED(sess);
+	RTE_SET_USED(sess_iova);
 	return 0;
 }
 
diff --git a/app/test/test_security.c b/app/test/test_security.c
index 1cea756880..50981f62fa 100644
--- a/app/test/test_security.c
+++ b/app/test/test_security.c
@@ -246,9 +246,10 @@ static struct mock_session_create_data {
 static int
 mock_session_create(void *device,
 		struct rte_security_session_conf *conf,
-		void *sess)
+		void *sess,
+		rte_iova_t sess_iova)
 {
-
+	RTE_SET_USED(sess_iova);
 	mock_session_create_exp.called++;
 
 	MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, device);
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 39c67e3952..8ae6d18f36 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -1056,7 +1056,7 @@ struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops = &aesni_mb_pmd_ops;
  */
 static int
 aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
-			     void *sess)
+			     void *sess, rte_iova_t sess_iova __rte_unused)
 {
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index ce7a100778..0567f1e066 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -1909,7 +1909,8 @@ caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 static int
 caam_jr_security_session_create(void *dev,
 				struct rte_security_session_conf *conf,
-				void *sess)
+				void *sess,
+				rte_iova_t sess_iova __rte_unused)
 {
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 425fe599e0..b0dcd71e35 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -200,7 +200,7 @@ cn10k_ipsec_session_create(void *dev,
 
 static int
 cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,
-			 void *sess)
+			 void *sess, rte_iova_t sess_iova __rte_unused)
 {
 	struct cn10k_sec_session *priv = sess;
 
diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index a602d38a11..b3d2f8c012 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -16,8 +16,8 @@
 #include "roc_api.h"
 
 static inline int
-cn9k_cpt_enq_sa_write(struct cn9k_ipsec_sa *sa, struct cnxk_cpt_qp *qp,
-		      uint8_t opcode, size_t ctx_len)
+cn9k_cpt_enq_sa_write(struct cnxk_cpt_qp *qp, uint8_t opcode,
+		      size_t ctx_len, rte_iova_t sess_iova)
 {
 	struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
 	uint64_t lmtline = qp->lmtline.lmt_base;
@@ -39,9 +39,9 @@ cn9k_cpt_enq_sa_write(struct cn9k_ipsec_sa *sa, struct cnxk_cpt_qp *qp,
 	inst.w4.s.param1 = 0;
 	inst.w4.s.param2 = 0;
 	inst.w4.s.dlen = ctx_len;
-	inst.dptr = rte_mempool_virt2iova(sa);
+	inst.dptr = sess_iova;
 	inst.rptr = 0;
-	inst.w7.s.cptr = rte_mempool_virt2iova(sa);
+	inst.w7.s.cptr = sess_iova;
 	inst.w7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];
 
 	inst.w0.u64 = 0;
@@ -275,7 +275,8 @@ static int
 cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 			  struct rte_security_ipsec_xform *ipsec,
 			  struct rte_crypto_sym_xform *crypto_xform,
-			  struct cn9k_sec_session *sess)
+			  struct cn9k_sec_session *sess,
+			  rte_iova_t sess_iova)
 {
 	struct rte_crypto_sym_xform *auth_xform = crypto_xform->next;
 	struct roc_ie_on_ip_template *template = NULL;
@@ -409,18 +410,20 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 
 	w7.u64 = 0;
 	w7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];
-	w7.s.cptr = rte_mempool_virt2iova(out_sa);
+	w7.s.cptr = sess_iova;
 	inst_tmpl->w7 = w7.u64;
 
 	return cn9k_cpt_enq_sa_write(
-		sa, qp, ROC_IE_ON_MAJOR_OP_WRITE_IPSEC_OUTBOUND, ctx_len);
+		qp, ROC_IE_ON_MAJOR_OP_WRITE_IPSEC_OUTBOUND,
+		ctx_len, sess_iova);
 }
 
 static int
 cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 			 struct rte_security_ipsec_xform *ipsec,
 			 struct rte_crypto_sym_xform *crypto_xform,
-			 struct cn9k_sec_session *sess)
+			 struct cn9k_sec_session *sess,
+			 rte_iova_t sess_iova)
 {
 	struct rte_crypto_sym_xform *auth_xform = crypto_xform;
 	struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
@@ -474,11 +477,12 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 
 	w7.u64 = 0;
 	w7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];
-	w7.s.cptr = rte_mempool_virt2iova(in_sa);
+	w7.s.cptr = sess_iova;
 	inst_tmpl->w7 = w7.u64;
 
 	return cn9k_cpt_enq_sa_write(
-		sa, qp, ROC_IE_ON_MAJOR_OP_WRITE_IPSEC_INBOUND, ctx_len);
+		qp, ROC_IE_ON_MAJOR_OP_WRITE_IPSEC_INBOUND,
+		ctx_len, sess_iova);
 }
 
 static inline int
@@ -497,7 +501,8 @@ static int
 cn9k_ipsec_session_create(void *dev,
 			  struct rte_security_ipsec_xform *ipsec_xform,
 			  struct rte_crypto_sym_xform *crypto_xform,
-			  struct cn9k_sec_session *sess)
+			  struct cn9k_sec_session *sess,
+			  rte_iova_t sess_iova)
 {
 	struct rte_cryptodev *crypto_dev = dev;
 	struct cnxk_cpt_qp *qp;
@@ -520,15 +525,15 @@ cn9k_ipsec_session_create(void *dev,
 
 	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
 		return cn9k_ipsec_inb_sa_create(qp, ipsec_xform, crypto_xform,
-						sess);
+						sess, sess_iova);
 	else
 		return cn9k_ipsec_outb_sa_create(qp, ipsec_xform, crypto_xform,
-						 sess);
+						 sess, sess_iova);
 }
 
 static int
 cn9k_sec_session_create(void *device, struct rte_security_session_conf *conf,
-			void *sess)
+			void *sess, rte_iova_t sess_iova)
 {
 	struct cn9k_sec_session *priv = sess;
 
@@ -542,7 +547,7 @@ cn9k_sec_session_create(void *device, struct rte_security_session_conf *conf,
 	}
 
 	return cn9k_ipsec_session_create(device, &conf->ipsec,
-					conf->crypto_xform, priv);
+					conf->crypto_xform, priv, sess_iova);
 }
 
 static int
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 176f1a27a0..15ea5de18d 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -3393,7 +3393,8 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 static int
 dpaa2_sec_security_session_create(void *dev,
 				  struct rte_security_session_conf *conf,
-				  void *sess)
+				  void *sess,
+				  rte_iova_t sess_iova __rte_unused)
 {
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 832b6e64ec..0497931c67 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -3114,7 +3114,8 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev,
 static int
 dpaa_sec_security_session_create(void *dev,
 				 struct rte_security_session_conf *conf,
-				 void *sess)
+				 void *sess,
+				 rte_iova_t sess_iova __rte_unused)
 {
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_sec.c b/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
index 56900e3187..5a8be84444 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_sec.c
@@ -87,7 +87,8 @@ ipsec_lp_len_precalc(struct rte_security_ipsec_xform *ipsec,
 
 static int
 otx2_cpt_enq_sa_write(struct otx2_sec_session_ipsec_lp *lp,
-		      struct otx2_cpt_qp *qptr, uint8_t opcode)
+		      struct otx2_cpt_qp *qptr, uint8_t opcode,
+		      rte_iova_t sess_iova)
 {
 	uint64_t lmt_status, time_out;
 	void *lmtline = qptr->lmtline;
@@ -107,9 +108,9 @@ otx2_cpt_enq_sa_write(struct otx2_sec_session_ipsec_lp *lp,
 	inst.param1 = 0;
 	inst.param2 = 0;
 	inst.dlen = lp->ctx_len << 3;
-	inst.dptr = rte_mempool_virt2iova(lp);
+	inst.dptr = sess_iova;
 	inst.rptr = 0;
-	inst.cptr = rte_mempool_virt2iova(lp);
+	inst.cptr = sess_iova;
 	inst.egrp  = OTX2_CPT_EGRP_SE;
 
 	inst.u64[0] = 0;
@@ -203,7 +204,8 @@ static int
 crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
 				     struct rte_security_ipsec_xform *ipsec,
 				     struct rte_crypto_sym_xform *crypto_xform,
-				     struct otx2_sec_session *sess)
+				     struct otx2_sec_session *sess,
+				     rte_iova_t sess_iova)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	struct otx2_ipsec_po_ip_template *template = NULL;
@@ -379,7 +381,7 @@ crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
 
 	inst.u64[7] = 0;
 	inst.egrp = OTX2_CPT_EGRP_SE;
-	inst.cptr = rte_mempool_virt2iova(sa);
+	inst.cptr = sess_iova;
 
 	lp->cpt_inst_w7 = inst.u64[7];
 	lp->ucmd_opcode = (lp->ctx_len << 8) |
@@ -389,14 +391,15 @@ crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
 				    auth_xform, cipher_xform);
 
 	return otx2_cpt_enq_sa_write(lp, crypto_dev->data->queue_pairs[0],
-				     OTX2_IPSEC_PO_WRITE_IPSEC_OUTB);
+				     OTX2_IPSEC_PO_WRITE_IPSEC_OUTB, sess_iova);
 }
 
 static int
 crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
 				    struct rte_security_ipsec_xform *ipsec,
 				    struct rte_crypto_sym_xform *crypto_xform,
-				    struct otx2_sec_session *sess)
+				    struct otx2_sec_session *sess,
+				    rte_iova_t sess_iova)
 {
 	struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
 	const uint8_t *cipher_key, *auth_key;
@@ -473,7 +476,7 @@ crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
 
 	inst.u64[7] = 0;
 	inst.egrp = OTX2_CPT_EGRP_SE;
-	inst.cptr = rte_mempool_virt2iova(sa);
+	inst.cptr = sess_iova;
 
 	lp->cpt_inst_w7 = inst.u64[7];
 	lp->ucmd_opcode = (lp->ctx_len << 8) |
@@ -501,14 +504,15 @@ crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
 	}
 
 	return otx2_cpt_enq_sa_write(lp, crypto_dev->data->queue_pairs[0],
-				     OTX2_IPSEC_PO_WRITE_IPSEC_INB);
+				     OTX2_IPSEC_PO_WRITE_IPSEC_INB, sess_iova);
 }
 
 static int
 crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,
 				struct rte_security_ipsec_xform *ipsec,
 				struct rte_crypto_sym_xform *crypto_xform,
-				struct otx2_sec_session *sess)
+				struct otx2_sec_session *sess,
+				rte_iova_t sess_iova)
 {
 	int ret;
 
@@ -523,16 +527,17 @@ crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,
 
 	if (ipsec->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
 		return crypto_sec_ipsec_inb_session_create(crypto_dev, ipsec,
-							   crypto_xform, sess);
+						crypto_xform, sess, sess_iova);
 	else
 		return crypto_sec_ipsec_outb_session_create(crypto_dev, ipsec,
-							    crypto_xform, sess);
+						crypto_xform, sess, sess_iova);
 }
 
 static int
 otx2_crypto_sec_session_create(void *device,
 			       struct rte_security_session_conf *conf,
-			       void *sess)
+			       void *sess,
+			       rte_iova_t sess_iova)
 {
 	struct otx2_sec_session *priv = sess;
 	int ret;
@@ -548,7 +553,7 @@ otx2_crypto_sec_session_create(void *device,
 	if (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)
 		ret = crypto_sec_ipsec_session_create(device, &conf->ipsec,
 						      conf->crypto_xform,
-						      priv);
+						      priv, sess_iova);
 	else
 		ret = -ENOTSUP;
 
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 2a22347c7f..2c0e44dff4 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -2232,7 +2232,8 @@ qat_sec_session_check_docsis(struct rte_security_session_conf *conf)
 
 static int
 qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
-		struct rte_security_session_conf *conf, void *session_private)
+		struct rte_security_session_conf *conf, void *session_private,
+		rte_iova_t session_paddr)
 {
 	int ret;
 	int qat_cmd_id;
@@ -2251,7 +2252,6 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
 	xform = conf->crypto_xform;
 
 	/* Verify the session physical address is known */
-	rte_iova_t session_paddr = rte_mempool_virt2iova(session);
 	if (session_paddr == 0 || session_paddr == RTE_BAD_IOVA) {
 		QAT_LOG(ERR,
 			"Session physical address unknown. Bad memory pool.");
@@ -2282,8 +2282,8 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
 
 int
 qat_security_session_create(void *dev,
-				struct rte_security_session_conf *conf,
-				void *sess_private_data)
+			struct rte_security_session_conf *conf,
+			void *sess_private_data, rte_iova_t sess_priv_iova)
 {
 	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
 	int ret;
@@ -2295,7 +2295,7 @@ qat_security_session_create(void *dev,
 	}
 
 	ret = qat_sec_session_set_docsis_parameters(cdev, conf,
-			sess_private_data);
+			sess_private_data, sess_priv_iova);
 	if (ret != 0) {
 		QAT_LOG(ERR, "Failed to configure session parameters");
 		return ret;
diff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h
index 7fcc1d6f7b..b93dc549ef 100644
--- a/drivers/crypto/qat/qat_sym_session.h
+++ b/drivers/crypto/qat/qat_sym_session.h
@@ -166,7 +166,7 @@ qat_sym_validate_zuc_key(int key_len, enum icp_qat_hw_cipher_algo *alg);
 #ifdef RTE_LIB_SECURITY
 int
 qat_security_session_create(void *dev, struct rte_security_session_conf *conf,
-		void *sess);
+		void *sess, rte_iova_t sess_iova);
 int
 qat_security_session_destroy(void *dev, void *sess);
 #endif
diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c
index 3d0f4044d9..ee0847e35c 100644
--- a/drivers/net/cnxk/cn10k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
@@ -228,7 +228,7 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
 static int
 cn10k_eth_sec_session_create(void *device,
 			     struct rte_security_session_conf *conf,
-			     void *sess_priv)
+			     void *sess_priv, rte_iova_t sess_iova __rte_unused)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
diff --git a/drivers/net/cnxk/cn9k_ethdev_sec.c b/drivers/net/cnxk/cn9k_ethdev_sec.c
index 8a6fa75b37..7c10339295 100644
--- a/drivers/net/cnxk/cn9k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn9k_ethdev_sec.c
@@ -137,7 +137,7 @@ ar_window_init(struct cn9k_inb_priv_data *inb_priv)
 static int
 cn9k_eth_sec_session_create(void *device,
 			    struct rte_security_session_conf *conf,
-			    void *sess_priv)
+			    void *sess_priv, rte_iova_t sess_iova __rte_unused)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
diff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c
index cd54a3beee..f2d4cfa2ba 100644
--- a/drivers/net/ixgbe/ixgbe_ipsec.c
+++ b/drivers/net/ixgbe/ixgbe_ipsec.c
@@ -369,7 +369,7 @@ ixgbe_crypto_remove_sa(struct rte_eth_dev *dev,
 static int
 ixgbe_crypto_create_session(void *device,
 		struct rte_security_session_conf *conf,
-		void *session)
+		void *session, rte_iova_t sess_iova __rte_unused)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct ixgbe_crypto_session *ic_session = session;
diff --git a/drivers/net/octeontx2/otx2_ethdev_sec.c b/drivers/net/octeontx2/otx2_ethdev_sec.c
index ef851fe52c..c1901f8f34 100644
--- a/drivers/net/octeontx2/otx2_ethdev_sec.c
+++ b/drivers/net/octeontx2/otx2_ethdev_sec.c
@@ -638,7 +638,8 @@ eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,
 static int
 otx2_eth_sec_session_create(void *device,
 			    struct rte_security_session_conf *conf,
-			    void *sess)
+			    void *sess,
+			    rte_iova_t sess_iova __rte_unused)
 {
 	struct otx2_sec_session *priv = sess;
 	int ret;
diff --git a/drivers/net/txgbe/txgbe_ipsec.c b/drivers/net/txgbe/txgbe_ipsec.c
index 444da5b8f3..6187e84063 100644
--- a/drivers/net/txgbe/txgbe_ipsec.c
+++ b/drivers/net/txgbe/txgbe_ipsec.c
@@ -349,7 +349,7 @@ txgbe_crypto_remove_sa(struct rte_eth_dev *dev,
 static int
 txgbe_crypto_create_session(void *device,
 		struct rte_security_session_conf *conf,
-		void *session)
+		void *session, rte_iova_t sess_iova __rte_unused)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct txgbe_crypto_session *ic_session = session;
diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c
index 06560b9cba..93eaf395bb 100644
--- a/lib/security/rte_security.c
+++ b/lib/security/rte_security.c
@@ -45,6 +45,7 @@ rte_security_session_create(struct rte_security_ctx *instance,
 			    struct rte_mempool *mp)
 {
 	struct rte_security_session *sess = NULL;
+	rte_iova_t sess_priv_iova;
 
 	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
 	RTE_PTR_OR_ERR_RET(conf, NULL);
@@ -57,8 +58,11 @@ rte_security_session_create(struct rte_security_ctx *instance,
 	if (rte_mempool_get(mp, (void **)&sess))
 		return NULL;
 
+	sess_priv_iova = rte_mempool_virt2iova(sess) +
+		offsetof(struct rte_security_session, sess_private_data);
+
 	if (instance->ops->session_create(instance->device, conf,
-				sess->sess_private_data)) {
+				sess->sess_private_data, sess_priv_iova)) {
 		rte_mempool_put(mp, (void *)sess);
 		return NULL;
 	}
diff --git a/lib/security/rte_security_driver.h b/lib/security/rte_security_driver.h
index 13f2f9da32..04c418a893 100644
--- a/lib/security/rte_security_driver.h
+++ b/lib/security/rte_security_driver.h
@@ -38,7 +38,7 @@ struct rte_security_session {
  * @param	device		Crypto/eth device pointer
  * @param	conf		Security session configuration
  * @param	sess		Pointer to Security private session structure
- * @param	mp		Mempool where the private session is allocated
+ * @param	sess_iova	Private session IOVA
  *
  * @return
  *  - Returns 0 if private session structure have been created successfully.
@@ -48,7 +48,7 @@ struct rte_security_session {
  */
 typedef int (*security_session_create_t)(void *device,
 		struct rte_security_session_conf *conf,
-		void *sess);
+		void *sess, rte_iova_t sess_iova);
 
 /**
  * Free driver private session data.
-- 
2.25.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* [dpdk-dev] [PATCH v2 5/7] cryptodev: rework session framework
  2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework Akhil Goyal
                     ` (3 preceding siblings ...)
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 4/7] security: pass session iova in PMD sess create Akhil Goyal
@ 2021-10-13 19:22   ` Akhil Goyal
  2021-10-13 19:22   ` [dpdk-dev] [PATCH v2 6/7] cryptodev: hide sym session structure Akhil Goyal
                     ` (2 subsequent siblings)
  7 siblings, 0 replies; 49+ messages in thread
From: Akhil Goyal @ 2021-10-13 19:22 UTC (permalink / raw)
  To: dev
  Cc: thomas, david.marchand, hemant.agrawal, anoobj,
	pablo.de.lara.guarch, fiona.trahe, declan.doherty, matan,
	g.singh, roy.fan.zhang, jianjay.zhou, asomalap, ruifeng.wang,
	konstantin.ananyev, radu.nicolau, ajit.khaparde, rnagadheeraj,
	adwivedi, ciara.power, haiyue.wang, jiawenwu, jianwang,
	Akhil Goyal

As per current design, rte_cryptodev_sym_session_create() and
rte_cryptodev_sym_session_init() use separate mempool objects
for a single session.
And structure rte_cryptodev_sym_session is not directly used
by the application, it may cause ABI breakage if the structure
is modified in future.

To address these two issues, the rte_cryptodev_sym_session_create
will take one mempool object for both the session and session
private data. The API rte_cryptodev_sym_session_init will now not
take mempool object.
rte_cryptodev_sym_session_create will now return an opaque session
pointer which will be used by the app in rte_cryptodev_sym_session_init
and other APIs.

With this change, rte_cryptodev_sym_session_init will send
pointer to session private data of corresponding driver to the PMD
based on the driver_id for filling the PMD data.

In data path, opaque session pointer is attached to rte_crypto_op
and the PMD can call an internal library API to get the session
private data pointer based on the driver id.

Note: currently nb_drivers are getting updated in RTE_INIT which
result in increasing the memory requirements for session.
User can compile off drivers which are not in use to reduce the
memory consumption of a session.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test-crypto-perf/cperf.h                  |   1 -
 app/test-crypto-perf/cperf_ops.c              |  33 ++---
 app/test-crypto-perf/cperf_ops.h              |   6 +-
 app/test-crypto-perf/cperf_test_latency.c     |   5 +-
 app/test-crypto-perf/cperf_test_latency.h     |   1 -
 .../cperf_test_pmd_cyclecount.c               |   5 +-
 .../cperf_test_pmd_cyclecount.h               |   1 -
 app/test-crypto-perf/cperf_test_throughput.c  |   5 +-
 app/test-crypto-perf/cperf_test_throughput.h  |   1 -
 app/test-crypto-perf/cperf_test_verify.c      |   5 +-
 app/test-crypto-perf/cperf_test_verify.h      |   1 -
 app/test-crypto-perf/main.c                   |  29 +---
 app/test/test_cryptodev.c                     | 130 +++++-------------
 app/test/test_cryptodev.h                     |   1 -
 app/test/test_cryptodev_asym.c                |   1 -
 app/test/test_cryptodev_blockcipher.c         |   6 +-
 app/test/test_event_crypto_adapter.c          |  28 +---
 app/test/test_ipsec.c                         |  22 +--
 drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c  |  33 +----
 .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  34 +----
 drivers/crypto/armv8/rte_armv8_pmd_ops.c      |  34 +----
 drivers/crypto/bcmfs/bcmfs_sym_session.c      |  36 +----
 drivers/crypto/bcmfs/bcmfs_sym_session.h      |   6 +-
 drivers/crypto/caam_jr/caam_jr.c              |  32 ++---
 drivers/crypto/ccp/ccp_pmd_ops.c              |  32 +----
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |  18 ++-
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |  18 +--
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c      |  61 +++-----
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h      |  13 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  29 +---
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  31 +----
 drivers/crypto/kasumi/rte_kasumi_pmd_ops.c    |  34 +----
 drivers/crypto/mlx5/mlx5_crypto.c             |  24 +---
 drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  36 ++---
 drivers/crypto/nitrox/nitrox_sym.c            |  31 +----
 drivers/crypto/null/null_crypto_pmd_ops.c     |  34 +----
 .../crypto/octeontx/otx_cryptodev_hw_access.h |   1 -
 drivers/crypto/octeontx/otx_cryptodev_ops.c   |  60 +++-----
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  52 +++----
 .../octeontx2/otx2_cryptodev_ops_helper.h     |  16 +--
 drivers/crypto/openssl/rte_openssl_pmd_ops.c  |  35 +----
 drivers/crypto/qat/qat_sym_session.c          |  29 +---
 drivers/crypto/qat/qat_sym_session.h          |   6 +-
 drivers/crypto/scheduler/scheduler_pmd_ops.c  |   9 +-
 drivers/crypto/snow3g/rte_snow3g_pmd_ops.c    |  34 +----
 drivers/crypto/virtio/virtio_cryptodev.c      |  31 ++---
 drivers/crypto/zuc/rte_zuc_pmd_ops.c          |  35 +----
 .../octeontx2/otx2_evdev_crypto_adptr_rx.h    |   3 +-
 examples/fips_validation/fips_dev_self_test.c |  32 ++---
 examples/fips_validation/main.c               |  20 +--
 examples/ipsec-secgw/ipsec-secgw.c            |  40 ------
 examples/ipsec-secgw/ipsec.c                  |   3 +-
 examples/ipsec-secgw/ipsec.h                  |   1 -
 examples/ipsec-secgw/ipsec_worker.c           |   4 -
 examples/l2fwd-crypto/main.c                  |  41 +-----
 examples/vhost_crypto/main.c                  |  16 +--
 lib/cryptodev/cryptodev_pmd.h                 |   7 +-
 lib/cryptodev/rte_crypto.h                    |   2 +-
 lib/cryptodev/rte_crypto_sym.h                |   2 +-
 lib/cryptodev/rte_cryptodev.c                 |  73 ++++++----
 lib/cryptodev/rte_cryptodev.h                 |  23 ++--
 lib/cryptodev/rte_cryptodev_trace.h           |   5 +-
 lib/pipeline/rte_table_action.c               |   8 +-
 lib/pipeline/rte_table_action.h               |   2 +-
 lib/vhost/rte_vhost_crypto.h                  |   3 -
 lib/vhost/vhost_crypto.c                      |   7 +-
 66 files changed, 366 insertions(+), 1051 deletions(-)

diff --git a/app/test-crypto-perf/cperf.h b/app/test-crypto-perf/cperf.h
index 2b0aad095c..db58228dce 100644
--- a/app/test-crypto-perf/cperf.h
+++ b/app/test-crypto-perf/cperf.h
@@ -15,7 +15,6 @@ struct cperf_op_fns;
 
 typedef void  *(*cperf_constructor_t)(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 6c3aa77dec..ec867b0174 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -13,7 +13,7 @@ static int
 cperf_set_ops_asym(struct rte_crypto_op **ops,
 		   uint32_t src_buf_offset __rte_unused,
 		   uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
-		   struct rte_cryptodev_sym_session *sess,
+		   void *sess,
 		   const struct cperf_options *options __rte_unused,
 		   const struct cperf_test_vector *test_vector __rte_unused,
 		   uint16_t iv_offset __rte_unused,
@@ -56,7 +56,7 @@ static int
 cperf_set_ops_security(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset __rte_unused,
 		uint32_t dst_buf_offset __rte_unused,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -141,7 +141,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -181,7 +181,7 @@ cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_null_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector __rte_unused,
 		uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
@@ -221,7 +221,7 @@ cperf_set_ops_null_auth(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_cipher(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -278,7 +278,7 @@ cperf_set_ops_cipher(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -379,7 +379,7 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -495,7 +495,7 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 static int
 cperf_set_ops_aead(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
@@ -720,9 +720,8 @@ create_ipsec_session(struct rte_mempool *sess_mp,
 				&sess_conf, sess_mp);
 }
 
-static struct rte_cryptodev_sym_session *
+static void *
 cperf_create_session(struct rte_mempool *sess_mp,
-	struct rte_mempool *priv_mp,
 	uint8_t dev_id,
 	const struct cperf_options *options,
 	const struct cperf_test_vector *test_vector,
@@ -747,7 +746,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 		if (sess == NULL)
 			return NULL;
 		rc = rte_cryptodev_asym_session_init(dev_id, (void *)sess,
-						     &xform, priv_mp);
+						     &xform, sess_mp);
 		if (rc < 0) {
 			if (sess != NULL) {
 				rte_cryptodev_asym_session_clear(dev_id,
@@ -905,8 +904,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 			cipher_xform.cipher.iv.length = 0;
 		}
 		/* create crypto session */
-		rte_cryptodev_sym_session_init(dev_id, sess, &cipher_xform,
-				priv_mp);
+		rte_cryptodev_sym_session_init(dev_id, sess, &cipher_xform);
 	/*
 	 *  auth only
 	 */
@@ -933,8 +931,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 			auth_xform.auth.iv.length = 0;
 		}
 		/* create crypto session */
-		rte_cryptodev_sym_session_init(dev_id, sess, &auth_xform,
-				priv_mp);
+		rte_cryptodev_sym_session_init(dev_id, sess, &auth_xform);
 	/*
 	 * cipher and auth
 	 */
@@ -993,12 +990,12 @@ cperf_create_session(struct rte_mempool *sess_mp,
 			cipher_xform.next = &auth_xform;
 			/* create crypto session */
 			rte_cryptodev_sym_session_init(dev_id,
-					sess, &cipher_xform, priv_mp);
+					sess, &cipher_xform);
 		} else { /* auth then cipher */
 			auth_xform.next = &cipher_xform;
 			/* create crypto session */
 			rte_cryptodev_sym_session_init(dev_id,
-					sess, &auth_xform, priv_mp);
+					sess, &auth_xform);
 		}
 	} else { /* options->op_type == CPERF_AEAD */
 		aead_xform.type = RTE_CRYPTO_SYM_XFORM_AEAD;
@@ -1019,7 +1016,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
 
 		/* Create crypto session */
 		rte_cryptodev_sym_session_init(dev_id,
-					sess, &aead_xform, priv_mp);
+					sess, &aead_xform);
 	}
 
 	return sess;
diff --git a/app/test-crypto-perf/cperf_ops.h b/app/test-crypto-perf/cperf_ops.h
index 30d38f90e3..d3513590f1 100644
--- a/app/test-crypto-perf/cperf_ops.h
+++ b/app/test-crypto-perf/cperf_ops.h
@@ -12,15 +12,15 @@
 #include "cperf_test_vectors.h"
 
 
-typedef struct rte_cryptodev_sym_session *(*cperf_sessions_create_t)(
-		struct rte_mempool *sess_mp, struct rte_mempool *sess_priv_mp,
+typedef void *(*cperf_sessions_create_t)(
+		struct rte_mempool *sess_mp,
 		uint8_t dev_id, const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset);
 
 typedef int (*cperf_populate_ops_t)(struct rte_crypto_op **ops,
 		uint32_t src_buf_offset, uint32_t dst_buf_offset,
-		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+		uint16_t nb_ops, void *sess,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
 		uint16_t iv_offset, uint32_t *imix_idx,
diff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c
index 69f55de50a..63d520ee66 100644
--- a/app/test-crypto-perf/cperf_test_latency.c
+++ b/app/test-crypto-perf/cperf_test_latency.c
@@ -24,7 +24,7 @@ struct cperf_latency_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
@@ -59,7 +59,6 @@ cperf_latency_test_free(struct cperf_latency_ctx *ctx)
 
 void *
 cperf_latency_test_constructor(struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id, uint16_t qp_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -84,7 +83,7 @@ cperf_latency_test_constructor(struct rte_mempool *sess_mp,
 		sizeof(struct rte_crypto_sym_op) +
 		sizeof(struct cperf_op_result *);
 
-	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
 			test_vector, iv_offset);
 	if (ctx->sess == NULL)
 		goto err;
diff --git a/app/test-crypto-perf/cperf_test_latency.h b/app/test-crypto-perf/cperf_test_latency.h
index ed5b0a07bb..d3fc3218d7 100644
--- a/app/test-crypto-perf/cperf_test_latency.h
+++ b/app/test-crypto-perf/cperf_test_latency.h
@@ -17,7 +17,6 @@
 void *
 cperf_latency_test_constructor(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
index e43e2a3b96..11083ea141 100644
--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c
@@ -27,7 +27,7 @@ struct cperf_pmd_cyclecount_ctx {
 	struct rte_crypto_op **ops;
 	struct rte_crypto_op **ops_processed;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
@@ -93,7 +93,6 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)
 
 void *
 cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id, uint16_t qp_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -120,7 +119,7 @@ cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,
 	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
 			sizeof(struct rte_crypto_sym_op);
 
-	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
 			test_vector, iv_offset);
 	if (ctx->sess == NULL)
 		goto err;
diff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h b/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
index 3084038a18..beb4419910 100644
--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.h
@@ -18,7 +18,6 @@
 void *
 cperf_pmd_cyclecount_test_constructor(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c
index 739ed9e573..887f42c532 100644
--- a/app/test-crypto-perf/cperf_test_throughput.c
+++ b/app/test-crypto-perf/cperf_test_throughput.c
@@ -18,7 +18,7 @@ struct cperf_throughput_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
@@ -65,7 +65,6 @@ cperf_throughput_test_free(struct cperf_throughput_ctx *ctx)
 
 void *
 cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id, uint16_t qp_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -88,7 +87,7 @@ cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
 	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
 		sizeof(struct rte_crypto_sym_op);
 
-	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
 			test_vector, iv_offset);
 	if (ctx->sess == NULL)
 		goto err;
diff --git a/app/test-crypto-perf/cperf_test_throughput.h b/app/test-crypto-perf/cperf_test_throughput.h
index 91e1a4b708..439ec8e559 100644
--- a/app/test-crypto-perf/cperf_test_throughput.h
+++ b/app/test-crypto-perf/cperf_test_throughput.h
@@ -18,7 +18,6 @@
 void *
 cperf_throughput_test_constructor(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c
index 1962438034..0b3d4f7c59 100644
--- a/app/test-crypto-perf/cperf_test_verify.c
+++ b/app/test-crypto-perf/cperf_test_verify.c
@@ -18,7 +18,7 @@ struct cperf_verify_ctx {
 
 	struct rte_mempool *pool;
 
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 
 	cperf_populate_ops_t populate_ops;
 
@@ -51,7 +51,6 @@ cperf_verify_test_free(struct cperf_verify_ctx *ctx)
 
 void *
 cperf_verify_test_constructor(struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id, uint16_t qp_id,
 		const struct cperf_options *options,
 		const struct cperf_test_vector *test_vector,
@@ -74,7 +73,7 @@ cperf_verify_test_constructor(struct rte_mempool *sess_mp,
 	uint16_t iv_offset = sizeof(struct rte_crypto_op) +
 		sizeof(struct rte_crypto_sym_op);
 
-	ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+	ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
 			test_vector, iv_offset);
 	if (ctx->sess == NULL)
 		goto err;
diff --git a/app/test-crypto-perf/cperf_test_verify.h b/app/test-crypto-perf/cperf_test_verify.h
index ac2192ba99..9f70ad87ba 100644
--- a/app/test-crypto-perf/cperf_test_verify.h
+++ b/app/test-crypto-perf/cperf_test_verify.h
@@ -18,7 +18,6 @@
 void *
 cperf_verify_test_constructor(
 		struct rte_mempool *sess_mp,
-		struct rte_mempool *sess_priv_mp,
 		uint8_t dev_id,
 		uint16_t qp_id,
 		const struct cperf_options *options,
diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c
index 6fdb92fb7c..7a9fb9a64d 100644
--- a/app/test-crypto-perf/main.c
+++ b/app/test-crypto-perf/main.c
@@ -119,35 +119,14 @@ fill_session_pool_socket(int32_t socket_id, uint32_t session_priv_size,
 	char mp_name[RTE_MEMPOOL_NAMESIZE];
 	struct rte_mempool *sess_mp;
 
-	if (session_pool_socket[socket_id].priv_mp == NULL) {
-		snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
-			"priv_sess_mp_%u", socket_id);
-
-		sess_mp = rte_mempool_create(mp_name,
-					nb_sessions,
-					session_priv_size,
-					0, 0, NULL, NULL, NULL,
-					NULL, socket_id,
-					0);
-
-		if (sess_mp == NULL) {
-			printf("Cannot create pool \"%s\" on socket %d\n",
-				mp_name, socket_id);
-			return -ENOMEM;
-		}
-
-		printf("Allocated pool \"%s\" on socket %d\n",
-			mp_name, socket_id);
-		session_pool_socket[socket_id].priv_mp = sess_mp;
-	}
-
 	if (session_pool_socket[socket_id].sess_mp == NULL) {
 
 		snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
 			"sess_mp_%u", socket_id);
 
 		sess_mp = rte_cryptodev_sym_session_pool_create(mp_name,
-					nb_sessions, 0, 0, 0, socket_id);
+					nb_sessions, session_priv_size,
+					0, 0, socket_id);
 
 		if (sess_mp == NULL) {
 			printf("Cannot create pool \"%s\" on socket %d\n",
@@ -345,12 +324,9 @@ cperf_initialize_cryptodev(struct cperf_options *opts, uint8_t *enabled_cdevs)
 			return ret;
 
 		qp_conf.mp_session = session_pool_socket[socket_id].sess_mp;
-		qp_conf.mp_session_private =
-				session_pool_socket[socket_id].priv_mp;
 
 		if (opts->op_type == CPERF_ASYM_MODEX) {
 			qp_conf.mp_session = NULL;
-			qp_conf.mp_session_private = NULL;
 		}
 
 		ret = rte_cryptodev_configure(cdev_id, &conf);
@@ -705,7 +681,6 @@ main(int argc, char **argv)
 
 		ctx[i] = cperf_testmap[opts.test].constructor(
 				session_pool_socket[socket_id].sess_mp,
-				session_pool_socket[socket_id].priv_mp,
 				cdev_id, qp_id,
 				&opts, t_vec, &op_fns);
 		if (ctx[i] == NULL) {
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 79019eb766..ac408863dc 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -81,7 +81,7 @@ struct crypto_unittest_params {
 #endif
 
 	union {
-		struct rte_cryptodev_sym_session *sess;
+		void *sess;
 #ifdef RTE_LIB_SECURITY
 		void *sec_session;
 #endif
@@ -121,7 +121,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 		uint8_t *hmac_key);
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_param,
 		const uint8_t *cipher,
@@ -598,23 +598,11 @@ testsuite_setup(void)
 	}
 
 	ts_params->session_mpool = rte_cryptodev_sym_session_pool_create(
-			"test_sess_mp", MAX_NB_SESSIONS, 0, 0, 0,
+			"test_sess_mp", MAX_NB_SESSIONS, session_size, 0, 0,
 			SOCKET_ID_ANY);
 	TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
 			"session mempool allocation failed");
 
-	ts_params->session_priv_mpool = rte_mempool_create(
-			"test_sess_mp_priv",
-			MAX_NB_SESSIONS,
-			session_size,
-			0, 0, NULL, NULL, NULL,
-			NULL, SOCKET_ID_ANY,
-			0);
-	TEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,
-			"session mempool allocation failed");
-
-
-
 	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,
 			&ts_params->conf),
 			"Failed to configure cryptodev %u with %u qps",
@@ -622,7 +610,6 @@ testsuite_setup(void)
 
 	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	ts_params->qp_conf.mp_session = ts_params->session_mpool;
-	ts_params->qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
 		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
@@ -652,11 +639,6 @@ testsuite_teardown(void)
 	}
 
 	/* Free session mempools */
-	if (ts_params->session_priv_mpool != NULL) {
-		rte_mempool_free(ts_params->session_priv_mpool);
-		ts_params->session_priv_mpool = NULL;
-	}
-
 	if (ts_params->session_mpool != NULL) {
 		rte_mempool_free(ts_params->session_mpool);
 		ts_params->session_mpool = NULL;
@@ -1332,7 +1314,6 @@ dev_configure_and_start(uint64_t ff_disable)
 	ts_params->conf.ff_disable = ff_disable;
 	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	ts_params->qp_conf.mp_session = ts_params->session_mpool;
-	ts_params->qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0],
 			&ts_params->conf),
@@ -1554,7 +1535,6 @@ test_queue_pair_descriptor_setup(void)
 	 */
 	qp_conf.nb_descriptors = MIN_NUM_OPS_INFLIGHT; /* min size*/
 	qp_conf.mp_session = ts_params->session_mpool;
-	qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) {
 		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
@@ -2148,8 +2128,7 @@ test_AES_CBC_HMAC_SHA1_encrypt_digest(void)
 
 	/* Create crypto session*/
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->cipher_xform);
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
 	/* Generate crypto op data structure */
@@ -2249,7 +2228,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 		uint8_t *hmac_key);
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_params,
 		const uint8_t *cipher,
@@ -2290,7 +2269,7 @@ test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(
 
 
 static int
-test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess,
+test_AES_CBC_HMAC_SHA512_decrypt_perform(void *sess,
 		struct crypto_unittest_params *ut_params,
 		struct crypto_testsuite_params *ts_params,
 		const uint8_t *cipher,
@@ -2403,8 +2382,7 @@ create_wireless_algo_hash_session(uint8_t dev_id,
 			ts_params->session_mpool);
 
 	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->auth_xform);
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
 
@@ -2445,8 +2423,7 @@ create_wireless_algo_cipher_session(uint8_t dev_id,
 			ts_params->session_mpool);
 
 	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->cipher_xform);
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
 
@@ -2568,8 +2545,7 @@ create_wireless_algo_cipher_auth_session(uint8_t dev_id,
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
 	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->cipher_xform);
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
 
@@ -2631,8 +2607,7 @@ create_wireless_cipher_auth_session(uint8_t dev_id,
 			ts_params->session_mpool);
 
 	status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->cipher_xform);
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
 
@@ -2701,13 +2676,11 @@ create_wireless_algo_auth_cipher_session(uint8_t dev_id,
 		ut_params->auth_xform.next = NULL;
 		ut_params->cipher_xform.next = &ut_params->auth_xform;
 		status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-				&ut_params->cipher_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->cipher_xform);
 
 	} else
 		status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-				&ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->auth_xform);
 
 	if (status == -ENOTSUP)
 		return TEST_SKIPPED;
@@ -7840,8 +7813,7 @@ create_aead_session(uint8_t dev_id, enum rte_crypto_aead_algorithm algo,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->aead_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->aead_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -11018,8 +10990,7 @@ static int MD5_HMAC_create_session(struct crypto_testsuite_params *ts_params,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->auth_xform);
 
 	if (ut_params->sess == NULL)
 		return TEST_FAILED;
@@ -11232,7 +11203,7 @@ test_multi_session(void)
 	struct crypto_unittest_params *ut_params = &unittest_params;
 
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session **sessions;
+	void **sessions;
 
 	uint16_t i;
 
@@ -11255,9 +11226,7 @@ test_multi_session(void)
 
 	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
-	sessions = rte_malloc(NULL,
-			sizeof(struct rte_cryptodev_sym_session *) *
-			(MAX_NB_SESSIONS + 1), 0);
+	sessions = rte_malloc(NULL, sizeof(void *) * (MAX_NB_SESSIONS + 1), 0);
 
 	/* Create multiple crypto sessions*/
 	for (i = 0; i < MAX_NB_SESSIONS; i++) {
@@ -11266,8 +11235,7 @@ test_multi_session(void)
 				ts_params->session_mpool);
 
 		rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-				sessions[i], &ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				sessions[i], &ut_params->auth_xform);
 		TEST_ASSERT_NOT_NULL(sessions[i],
 				"Session creation failed at session number %u",
 				i);
@@ -11305,8 +11273,7 @@ test_multi_session(void)
 	sessions[i] = NULL;
 	/* Next session create should fail */
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			sessions[i], &ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			sessions[i], &ut_params->auth_xform);
 	TEST_ASSERT_NULL(sessions[i],
 			"Session creation succeeded unexpectedly!");
 
@@ -11337,7 +11304,7 @@ test_multi_session_random_usage(void)
 {
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session **sessions;
+	void **sessions;
 	uint32_t i, j;
 	struct multi_session_params ut_paramz[] = {
 
@@ -11381,8 +11348,7 @@ test_multi_session_random_usage(void)
 	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
 
 	sessions = rte_malloc(NULL,
-			(sizeof(struct rte_cryptodev_sym_session *)
-					* MAX_NB_SESSIONS) + 1, 0);
+			(sizeof(void *) * MAX_NB_SESSIONS) + 1, 0);
 
 	for (i = 0; i < MB_SESSION_NUMBER; i++) {
 		sessions[i] = rte_cryptodev_sym_session_create(
@@ -11399,8 +11365,7 @@ test_multi_session_random_usage(void)
 		rte_cryptodev_sym_session_init(
 				ts_params->valid_devs[0],
 				sessions[i],
-				&ut_paramz[i].ut_params.auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_paramz[i].ut_params.auth_xform);
 
 		TEST_ASSERT_NOT_NULL(sessions[i],
 				"Session creation failed at session number %u",
@@ -11483,8 +11448,7 @@ test_null_invalid_operation(void)
 
 	/* Create Crypto session*/
 	ret = rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->cipher_xform);
 	TEST_ASSERT(ret < 0,
 			"Session creation succeeded unexpectedly");
 
@@ -11501,8 +11465,7 @@ test_null_invalid_operation(void)
 
 	/* Create Crypto session*/
 	ret = rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->auth_xform);
 	TEST_ASSERT(ret < 0,
 			"Session creation succeeded unexpectedly");
 
@@ -11547,8 +11510,7 @@ test_null_burst_operation(void)
 
 	/* Create Crypto session*/
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
-			ut_params->sess, &ut_params->cipher_xform,
-			ts_params->session_priv_mpool);
+			ut_params->sess, &ut_params->cipher_xform);
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
 	TEST_ASSERT_EQUAL(rte_crypto_op_bulk_alloc(ts_params->op_mpool,
@@ -11660,7 +11622,6 @@ test_enq_callback_setup(void)
 
 	qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	qp_conf.mp_session = ts_params->session_mpool;
-	qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
 			ts_params->valid_devs[0], qp_id, &qp_conf,
@@ -11760,7 +11721,6 @@ test_deq_callback_setup(void)
 
 	qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	qp_conf.mp_session = ts_params->session_mpool;
-	qp_conf.mp_session_private = ts_params->session_priv_mpool;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
 			ts_params->valid_devs[0], qp_id, &qp_conf,
@@ -11969,8 +11929,7 @@ static int create_gmac_session(uint8_t dev_id,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-			&ut_params->auth_xform,
-			ts_params->session_priv_mpool);
+			&ut_params->auth_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -12614,8 +12573,7 @@ create_auth_session(struct crypto_unittest_params *ut_params,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-				&ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->auth_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -12667,8 +12625,7 @@ create_auth_cipher_session(struct crypto_unittest_params *ut_params,
 			ts_params->session_mpool);
 
 	rte_cryptodev_sym_session_init(dev_id, ut_params->sess,
-				&ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->auth_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -13175,8 +13132,7 @@ test_authenticated_encrypt_with_esn(
 
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
 				ut_params->sess,
-				&ut_params->cipher_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->cipher_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -13307,8 +13263,7 @@ test_authenticated_decrypt_with_esn(
 
 	rte_cryptodev_sym_session_init(ts_params->valid_devs[0],
 				ut_params->sess,
-				&ut_params->auth_xform,
-				ts_params->session_priv_mpool);
+				&ut_params->auth_xform);
 
 	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
 
@@ -14029,11 +13984,6 @@ test_scheduler_attach_worker_op(void)
 			rte_mempool_free(ts_params->session_mpool);
 			ts_params->session_mpool = NULL;
 		}
-		if (ts_params->session_priv_mpool) {
-			rte_mempool_free(ts_params->session_priv_mpool);
-			ts_params->session_priv_mpool = NULL;
-		}
-
 		if (info.sym.max_nb_sessions != 0 &&
 				info.sym.max_nb_sessions < MAX_NB_SESSIONS) {
 			RTE_LOG(ERR, USER1,
@@ -14050,32 +14000,14 @@ test_scheduler_attach_worker_op(void)
 			ts_params->session_mpool =
 				rte_cryptodev_sym_session_pool_create(
 						"test_sess_mp",
-						MAX_NB_SESSIONS, 0, 0, 0,
+						MAX_NB_SESSIONS,
+						session_size, 0, 0,
 						SOCKET_ID_ANY);
 			TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
 					"session mempool allocation failed");
 		}
 
-		/*
-		 * Create mempool with maximum number of sessions,
-		 * to include device specific session private data
-		 */
-		if (ts_params->session_priv_mpool == NULL) {
-			ts_params->session_priv_mpool = rte_mempool_create(
-					"test_sess_mp_priv",
-					MAX_NB_SESSIONS,
-					session_size,
-					0, 0, NULL, NULL, NULL,
-					NULL, SOCKET_ID_ANY,
-					0);
-
-			TEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,
-					"session mempool allocation failed");
-		}
-
 		ts_params->qp_conf.mp_session = ts_params->session_mpool;
-		ts_params->qp_conf.mp_session_private =
-				ts_params->session_priv_mpool;
 
 		ret = rte_cryptodev_scheduler_worker_attach(sched_id,
 				(uint8_t)i);
diff --git a/app/test/test_cryptodev.h b/app/test/test_cryptodev.h
index 1cdd84d01f..a3a10d484b 100644
--- a/app/test/test_cryptodev.h
+++ b/app/test/test_cryptodev.h
@@ -89,7 +89,6 @@ struct crypto_testsuite_params {
 	struct rte_mempool *large_mbuf_pool;
 	struct rte_mempool *op_mpool;
 	struct rte_mempool *session_mpool;
-	struct rte_mempool *session_priv_mpool;
 	struct rte_cryptodev_config conf;
 	struct rte_cryptodev_qp_conf qp_conf;
 
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 603b2e4609..2152b89180 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -924,7 +924,6 @@ testsuite_setup(void)
 	/* configure qp */
 	ts_params->qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;
 	ts_params->qp_conf.mp_session = ts_params->session_mpool;
-	ts_params->qp_conf.mp_session_private = ts_params->session_mpool;
 	for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
 		TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
 			dev_id, qp_id, &ts_params->qp_conf,
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 3cdb2c96e8..9417803f18 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -68,7 +68,6 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 	struct rte_mempool *mbuf_pool,
 	struct rte_mempool *op_mpool,
 	struct rte_mempool *sess_mpool,
-	struct rte_mempool *sess_priv_mpool,
 	uint8_t dev_id,
 	char *test_msg)
 {
@@ -81,7 +80,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 	struct rte_crypto_sym_op *sym_op = NULL;
 	struct rte_crypto_op *op = NULL;
 	struct rte_cryptodev_info dev_info;
-	struct rte_cryptodev_sym_session *sess = NULL;
+	void *sess = NULL;
 
 	int status = TEST_SUCCESS;
 	const struct blockcipher_test_data *tdata = t->test_data;
@@ -514,7 +513,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 		sess = rte_cryptodev_sym_session_create(sess_mpool);
 
 		status = rte_cryptodev_sym_session_init(dev_id, sess,
-				init_xform, sess_priv_mpool);
+				init_xform);
 		if (status == -ENOTSUP) {
 			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "UNSUPPORTED");
 			status = TEST_SKIPPED;
@@ -831,7 +830,6 @@ blockcipher_test_case_run(const void *data)
 			p_testsuite_params->mbuf_pool,
 			p_testsuite_params->op_mpool,
 			p_testsuite_params->session_mpool,
-			p_testsuite_params->session_priv_mpool,
 			p_testsuite_params->valid_devs[0],
 			test_msg);
 	return status;
diff --git a/app/test/test_event_crypto_adapter.c b/app/test/test_event_crypto_adapter.c
index 0c7ebe6981..76d2aeab6d 100644
--- a/app/test/test_event_crypto_adapter.c
+++ b/app/test/test_event_crypto_adapter.c
@@ -61,7 +61,6 @@ struct event_crypto_adapter_test_params {
 	struct rte_mempool *mbuf_pool;
 	struct rte_mempool *op_mpool;
 	struct rte_mempool *session_mpool;
-	struct rte_mempool *session_priv_mpool;
 	struct rte_cryptodev_config *config;
 	uint8_t crypto_event_port_id;
 	uint8_t internal_port_op_fwd;
@@ -167,7 +166,7 @@ static int
 test_op_forward_mode(uint8_t session_less)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	union rte_event_crypto_metadata m_data;
 	struct rte_crypto_sym_op *sym_op;
 	struct rte_crypto_op *op;
@@ -203,7 +202,7 @@ test_op_forward_mode(uint8_t session_less)
 
 		/* Create Crypto session*/
 		ret = rte_cryptodev_sym_session_init(TEST_CDEV_ID, sess,
-				&cipher_xform, params.session_priv_mpool);
+				&cipher_xform);
 		TEST_ASSERT_SUCCESS(ret, "Failed to init session\n");
 
 		ret = rte_event_crypto_adapter_caps_get(evdev, TEST_CDEV_ID,
@@ -366,7 +365,7 @@ static int
 test_op_new_mode(uint8_t session_less)
 {
 	struct rte_crypto_sym_xform cipher_xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	union rte_event_crypto_metadata m_data;
 	struct rte_crypto_sym_op *sym_op;
 	struct rte_crypto_op *op;
@@ -409,7 +408,7 @@ test_op_new_mode(uint8_t session_less)
 						&m_data, sizeof(m_data));
 		}
 		ret = rte_cryptodev_sym_session_init(TEST_CDEV_ID, sess,
-				&cipher_xform, params.session_priv_mpool);
+				&cipher_xform);
 		TEST_ASSERT_SUCCESS(ret, "Failed to init session\n");
 
 		rte_crypto_op_attach_sym_session(op, sess);
@@ -550,22 +549,12 @@ configure_cryptodev(void)
 
 	params.session_mpool = rte_cryptodev_sym_session_pool_create(
 			"CRYPTO_ADAPTER_SESSION_MP",
-			MAX_NB_SESSIONS, 0, 0,
+			MAX_NB_SESSIONS, session_size, 0,
 			sizeof(union rte_event_crypto_metadata),
 			SOCKET_ID_ANY);
 	TEST_ASSERT_NOT_NULL(params.session_mpool,
 			"session mempool allocation failed\n");
 
-	params.session_priv_mpool = rte_mempool_create(
-				"CRYPTO_AD_SESS_MP_PRIV",
-				MAX_NB_SESSIONS,
-				session_size,
-				0, 0, NULL, NULL, NULL,
-				NULL, SOCKET_ID_ANY,
-				0);
-	TEST_ASSERT_NOT_NULL(params.session_priv_mpool,
-			"session mempool allocation failed\n");
-
 	rte_cryptodev_info_get(TEST_CDEV_ID, &info);
 	conf.nb_queue_pairs = info.max_nb_queue_pairs;
 	conf.socket_id = SOCKET_ID_ANY;
@@ -577,7 +566,6 @@ configure_cryptodev(void)
 
 	qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;
 	qp_conf.mp_session = params.session_mpool;
-	qp_conf.mp_session_private = params.session_priv_mpool;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
 			TEST_CDEV_ID, TEST_CDEV_QP_ID, &qp_conf,
@@ -931,12 +919,6 @@ crypto_teardown(void)
 		rte_mempool_free(params.session_mpool);
 		params.session_mpool = NULL;
 	}
-	if (params.session_priv_mpool != NULL) {
-		rte_mempool_avail_count(params.session_priv_mpool);
-		rte_mempool_free(params.session_priv_mpool);
-		params.session_priv_mpool = NULL;
-	}
-
 	/* Free ops mempool */
 	if (params.op_mpool != NULL) {
 		RTE_LOG(DEBUG, USER1, "EVENT_CRYPTO_SYM_OP_POOL count %u\n",
diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
index 3b49a0b13a..1e3913489d 100644
--- a/app/test/test_ipsec.c
+++ b/app/test/test_ipsec.c
@@ -356,20 +356,9 @@ testsuite_setup(void)
 		return TEST_FAILED;
 	}
 
-	ts_params->qp_conf.mp_session_private = rte_mempool_create(
-				"test_priv_sess_mp",
-				MAX_NB_SESSIONS,
-				sess_sz,
-				0, 0, NULL, NULL, NULL,
-				NULL, SOCKET_ID_ANY,
-				0);
-
-	TEST_ASSERT_NOT_NULL(ts_params->qp_conf.mp_session_private,
-			"private session mempool allocation failed");
-
 	ts_params->qp_conf.mp_session =
 		rte_cryptodev_sym_session_pool_create("test_sess_mp",
-			MAX_NB_SESSIONS, 0, 0, 0, SOCKET_ID_ANY);
+			MAX_NB_SESSIONS, sess_sz, 0, 0, SOCKET_ID_ANY);
 
 	TEST_ASSERT_NOT_NULL(ts_params->qp_conf.mp_session,
 			"session mempool allocation failed");
@@ -414,11 +403,6 @@ testsuite_teardown(void)
 		rte_mempool_free(ts_params->qp_conf.mp_session);
 		ts_params->qp_conf.mp_session = NULL;
 	}
-
-	if (ts_params->qp_conf.mp_session_private != NULL) {
-		rte_mempool_free(ts_params->qp_conf.mp_session_private);
-		ts_params->qp_conf.mp_session_private = NULL;
-	}
 }
 
 static int
@@ -645,7 +629,7 @@ create_crypto_session(struct ipsec_unitest_params *ut,
 	struct rte_cryptodev_qp_conf *qp, uint8_t dev_id, uint32_t j)
 {
 	int32_t rc;
-	struct rte_cryptodev_sym_session *s;
+	void *s;
 
 	s = rte_cryptodev_sym_session_create(qp->mp_session);
 	if (s == NULL)
@@ -653,7 +637,7 @@ create_crypto_session(struct ipsec_unitest_params *ut,
 
 	/* initiliaze SA crypto session for device */
 	rc = rte_cryptodev_sym_session_init(dev_id, s,
-			ut->crypto_xforms, qp->mp_session_private);
+			ut->crypto_xforms);
 	if (rc == 0) {
 		ut->ss[j].crypto.ses = s;
 		return 0;
diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
index edb7275e76..75330292af 100644
--- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
+++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
@@ -235,7 +235,6 @@ aesni_gcm_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 		goto qp_setup_cleanup;
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -259,10 +258,8 @@ aesni_gcm_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 aesni_gcm_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 	struct aesni_gcm_private *internals = dev->data->dev_private;
 
@@ -271,42 +268,24 @@ aesni_gcm_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		AESNI_GCM_LOG(ERR,
-				"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
 	ret = aesni_gcm_set_session_parameters(internals->ops,
-				sess_private_data, xform);
+				sess, xform);
 	if (ret != 0) {
 		AESNI_GCM_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-aesni_gcm_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+aesni_gcm_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct aesni_gcm_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct aesni_gcm_session));
 }
 
 struct rte_cryptodev_ops aesni_gcm_pmd_ops = {
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 8ae6d18f36..997c4f330d 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -944,7 +944,6 @@ aesni_mb_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->stats, 0, sizeof(qp->stats));
 
@@ -974,11 +973,8 @@ aesni_mb_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 /** Configure a aesni multi-buffer session from a crypto xform chain */
 static int
 aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,
-		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		struct rte_crypto_sym_xform *xform, void *sess)
 {
-	void *sess_private_data;
 	struct aesni_mb_private *internals = dev->data->dev_private;
 	int ret;
 
@@ -987,43 +983,25 @@ aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		AESNI_MB_LOG(ERR,
-				"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = aesni_mb_set_session_parameters(internals->mb_mgr,
-			sess_private_data, xform);
+			sess, xform);
 	if (ret != 0) {
 		AESNI_MB_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
+	RTE_SET_USED(dev);
 
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct aesni_mb_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct aesni_mb_session));
 }
 
 struct rte_cryptodev_ops aesni_mb_pmd_ops = {
diff --git a/drivers/crypto/armv8/rte_armv8_pmd_ops.c b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
index 1b2749fe62..2d3b54b063 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd_ops.c
+++ b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
@@ -244,7 +244,6 @@ armv8_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 		goto qp_setup_cleanup;
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->stats, 0, sizeof(qp->stats));
 
@@ -268,10 +267,8 @@ armv8_crypto_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 armv8_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -279,42 +276,23 @@ armv8_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CDEV_LOG_ERR(
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = armv8_crypto_set_session_parameters(sess_private_data, xform);
+	ret = armv8_crypto_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		ARMV8_CRYPTO_LOG_ERR("failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-armv8_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+armv8_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct armv8_crypto_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct armv8_crypto_session));
 }
 
 struct rte_cryptodev_ops armv8_crypto_pmd_ops = {
diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.c b/drivers/crypto/bcmfs/bcmfs_sym_session.c
index 675ed0ad55..b4b167d0c2 100644
--- a/drivers/crypto/bcmfs/bcmfs_sym_session.c
+++ b/drivers/crypto/bcmfs/bcmfs_sym_session.c
@@ -224,10 +224,9 @@ bcmfs_sym_get_session(struct rte_crypto_op *op)
 int
 bcmfs_sym_session_configure(struct rte_cryptodev *dev,
 			    struct rte_crypto_sym_xform *xform,
-			    struct rte_cryptodev_sym_session *sess,
-			    struct rte_mempool *mempool)
+			    void *sess)
 {
-	void *sess_private_data;
+	RTE_SET_USED(dev);
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -235,44 +234,23 @@ bcmfs_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		BCMFS_DP_LOG(ERR,
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = crypto_set_session_parameters(sess_private_data, xform);
+	ret = crypto_set_session_parameters(sess, xform);
 
 	if (ret != 0) {
 		BCMFS_DP_LOG(ERR, "Failed configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-				     sess_private_data);
-
 	return 0;
 }
 
 /* Clear the memory of session so it doesn't leave key material behind */
 void
-bcmfs_sym_session_clear(struct rte_cryptodev *dev,
-			struct rte_cryptodev_sym_session  *sess)
+bcmfs_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
-	if (sess_priv) {
-		struct rte_mempool *sess_mp;
-
-		memset(sess_priv, 0, sizeof(struct bcmfs_sym_session));
-		sess_mp = rte_mempool_from_obj(sess_priv);
-
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	RTE_SET_USED(dev);
+	if (sess)
+		memset(sess, 0, sizeof(struct bcmfs_sym_session));
 }
 
 unsigned int
diff --git a/drivers/crypto/bcmfs/bcmfs_sym_session.h b/drivers/crypto/bcmfs/bcmfs_sym_session.h
index d40595b4bd..7faafe2fd5 100644
--- a/drivers/crypto/bcmfs/bcmfs_sym_session.h
+++ b/drivers/crypto/bcmfs/bcmfs_sym_session.h
@@ -93,12 +93,10 @@ bcmfs_process_crypto_op(struct rte_crypto_op *op,
 int
 bcmfs_sym_session_configure(struct rte_cryptodev *dev,
 			    struct rte_crypto_sym_xform *xform,
-			    struct rte_cryptodev_sym_session *sess,
-			    struct rte_mempool *mempool);
+			    void *sess);
 
 void
-bcmfs_sym_session_clear(struct rte_cryptodev *dev,
-			struct rte_cryptodev_sym_session  *sess);
+bcmfs_sym_session_clear(struct rte_cryptodev *dev, void *sess);
 
 unsigned int
 bcmfs_sym_session_get_private_size(struct rte_cryptodev *dev __rte_unused);
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 0567f1e066..a1fd6d996a 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -1692,52 +1692,36 @@ caam_jr_set_session_parameters(struct rte_cryptodev *dev,
 static int
 caam_jr_sym_session_configure(struct rte_cryptodev *dev,
 			      struct rte_crypto_sym_xform *xform,
-			      struct rte_cryptodev_sym_session *sess,
-			      struct rte_mempool *mempool)
+			      void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	PMD_INIT_FUNC_TRACE();
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CAAM_JR_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
-	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
+	memset(sess, 0, sizeof(struct caam_jr_session));
+	ret = caam_jr_set_session_parameters(dev, xform, sess);
 	if (ret != 0) {
 		CAAM_JR_ERR("failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
-
 	return 0;
 }
 
 /* Clear the memory of session so it doesn't leave key material behind */
 static void
-caam_jr_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+caam_jr_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+	RTE_SET_USED(dev);
+
+	struct caam_jr_session *s = (struct caam_jr_session *)sess;
 
 	PMD_INIT_FUNC_TRACE();
 
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
+	if (sess) {
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 		memset(s, 0, sizeof(struct caam_jr_session));
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 }
 
diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c
index 0d615d311c..cac1268130 100644
--- a/drivers/crypto/ccp/ccp_pmd_ops.c
+++ b/drivers/crypto/ccp/ccp_pmd_ops.c
@@ -727,7 +727,6 @@ ccp_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	/* mempool for batch info */
 	qp->batch_mp = rte_mempool_create(
@@ -758,11 +757,9 @@ ccp_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 ccp_pmd_sym_session_configure(struct rte_cryptodev *dev,
 			  struct rte_crypto_sym_xform *xform,
-			  struct rte_cryptodev_sym_session *sess,
-			  struct rte_mempool *mempool)
+			  void *sess)
 {
 	int ret;
-	void *sess_private_data;
 	struct ccp_private *internals;
 
 	if (unlikely(sess == NULL || xform == NULL)) {
@@ -770,39 +767,22 @@ ccp_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CCP_LOG_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
 	internals = (struct ccp_private *)dev->data->dev_private;
-	ret = ccp_set_session_parameters(sess_private_data, xform, internals);
+	ret = ccp_set_session_parameters(sess, xform, internals);
 	if (ret != 0) {
 		CCP_LOG_ERR("failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
-	set_sym_session_private_data(sess, dev->driver_id,
-				 sess_private_data);
 
 	return 0;
 }
 
 static void
-ccp_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		      struct rte_cryptodev_sym_session *sess)
+ccp_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
-	if (sess_priv) {
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
-		rte_mempool_put(sess_mp, sess_priv);
-		memset(sess_priv, 0, sizeof(struct ccp_session));
-		set_sym_session_private_data(sess, index, NULL);
-	}
+	RTE_SET_USED(dev);
+	if (sess)
+		memset(sess, 0, sizeof(struct ccp_session));
 }
 
 struct rte_cryptodev_ops ccp_ops = {
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index de2eebd507..76c992858f 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -32,17 +32,18 @@ cn10k_cpt_sym_temp_sess_create(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op)
 	if (sess == NULL)
 		return NULL;
 
-	ret = sym_session_configure(qp->lf.roc_cpt, driver_id, sym_op->xform,
-				    sess, qp->sess_mp_priv);
+	sess->sess_data[driver_id].data =
+			(void *)((uint8_t *)sess +
+			rte_cryptodev_sym_get_header_session_size() +
+			(driver_id * sess->priv_sz));
+	priv = get_sym_session_private_data(sess, driver_id);
+	ret = sym_session_configure(qp->lf.roc_cpt, sym_op->xform, (void *)priv);
 	if (ret)
 		goto sess_put;
 
-	priv = get_sym_session_private_data(sess, driver_id);
-
 	sym_op->session = sess;
 
 	return priv;
-
 sess_put:
 	rte_mempool_put(qp->sess_mp, sess);
 	return NULL;
@@ -147,9 +148,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 			ret = cpt_sym_inst_fill(qp, op, sess, infl_req,
 						&inst[0]);
 			if (unlikely(ret)) {
-				sym_session_clear(cn10k_cryptodev_driver_id,
-						  op->sym->session);
-				rte_mempool_put(qp->sess_mp, op->sym->session);
+				sym_session_clear(op->sym->session);
 				return 0;
 			}
 			w7 = sess->cpt_inst_w7;
@@ -474,8 +473,7 @@ cn10k_cpt_dequeue_post_process(struct cnxk_cpt_qp *qp,
 temp_sess_free:
 	if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
 		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
-			sym_session_clear(cn10k_cryptodev_driver_id,
-					  cop->sym->session);
+			sym_session_clear(cop->sym->session);
 			sz = rte_cryptodev_sym_get_existing_header_session_size(
 				cop->sym->session);
 			memset(cop->sym->session, 0, sz);
diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
index 4c2dc5b080..5f83581131 100644
--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
@@ -81,17 +81,19 @@ cn9k_cpt_sym_temp_sess_create(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op)
 	if (sess == NULL)
 		return NULL;
 
-	ret = sym_session_configure(qp->lf.roc_cpt, driver_id, sym_op->xform,
-				    sess, qp->sess_mp_priv);
+	sess->sess_data[driver_id].data =
+			(void *)((uint8_t *)sess +
+			rte_cryptodev_sym_get_header_session_size() +
+			(driver_id * sess->priv_sz));
+	priv = get_sym_session_private_data(sess, driver_id);
+	ret = sym_session_configure(qp->lf.roc_cpt, sym_op->xform,
+			(void *)priv);
 	if (ret)
 		goto sess_put;
 
-	priv = get_sym_session_private_data(sess, driver_id);
-
 	sym_op->session = sess;
 
 	return priv;
-
 sess_put:
 	rte_mempool_put(qp->sess_mp, sess);
 	return NULL;
@@ -126,8 +128,7 @@ cn9k_cpt_inst_prep(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
 			ret = cn9k_cpt_sym_inst_fill(qp, op, sess, infl_req,
 						     inst);
 			if (unlikely(ret)) {
-				sym_session_clear(cn9k_cryptodev_driver_id,
-						  op->sym->session);
+				sym_session_clear(op->sym->session);
 				rte_mempool_put(qp->sess_mp, op->sym->session);
 			}
 			inst->w7.u64 = sess->cpt_inst_w7;
@@ -484,8 +485,7 @@ cn9k_cpt_dequeue_post_process(struct cnxk_cpt_qp *qp, struct rte_crypto_op *cop,
 temp_sess_free:
 	if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
 		if (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
-			sym_session_clear(cn9k_cryptodev_driver_id,
-					  cop->sym->session);
+			sym_session_clear(cop->sym->session);
 			sz = rte_cryptodev_sym_get_existing_header_session_size(
 				cop->sym->session);
 			memset(cop->sym->session, 0, sz);
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index 41d8fe49e1..52d9cf0cf3 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -379,7 +379,6 @@ cnxk_cpt_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = conf->mp_session;
-	qp->sess_mp_priv = conf->mp_session_private;
 	dev->data->queue_pairs[qp_id] = qp;
 
 	return 0;
@@ -493,27 +492,20 @@ cnxk_cpt_inst_w7_get(struct cnxk_se_sess *sess, struct roc_cpt *roc_cpt)
 }
 
 int
-sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
+sym_session_configure(struct roc_cpt *roc_cpt,
 		      struct rte_crypto_sym_xform *xform,
-		      struct rte_cryptodev_sym_session *sess,
-		      struct rte_mempool *pool)
+		      void *sess) 
 {
 	struct cnxk_se_sess *sess_priv;
-	void *priv;
 	int ret;
 
 	ret = sym_xform_verify(xform);
 	if (unlikely(ret < 0))
 		return ret;
 
-	if (unlikely(rte_mempool_get(pool, &priv))) {
-		plt_dp_err("Could not allocate session private data");
-		return -ENOMEM;
-	}
+	memset(sess, 0, sizeof(struct cnxk_se_sess));
 
-	memset(priv, 0, sizeof(struct cnxk_se_sess));
-
-	sess_priv = priv;
+	sess_priv = sess;
 
 	switch (ret) {
 	case CNXK_CPT_CIPHER:
@@ -547,7 +539,7 @@ sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
 	}
 
 	if (ret)
-		goto priv_put;
+		return -ENOTSUP;
 
 	if ((sess_priv->roc_se_ctx.fc_type == ROC_SE_HASH_HMAC) &&
 	    cpt_mac_len_verify(&xform->auth)) {
@@ -557,66 +549,45 @@ sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
 			sess_priv->roc_se_ctx.auth_key = NULL;
 		}
 
-		ret = -ENOTSUP;
-		goto priv_put;
+		return -ENOTSUP;
 	}
 
 	sess_priv->cpt_inst_w7 = cnxk_cpt_inst_w7_get(sess_priv, roc_cpt);
 
-	set_sym_session_private_data(sess, driver_id, sess_priv);
-
 	return 0;
-
-priv_put:
-	rte_mempool_put(pool, priv);
-
-	return -ENOTSUP;
 }
 
 int
 cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
 			       struct rte_crypto_sym_xform *xform,
-			       struct rte_cryptodev_sym_session *sess,
-			       struct rte_mempool *pool)
+			       void *sess)
 {
 	struct cnxk_cpt_vf *vf = dev->data->dev_private;
 	struct roc_cpt *roc_cpt = &vf->cpt;
-	uint8_t driver_id;
 
-	driver_id = dev->driver_id;
-
-	return sym_session_configure(roc_cpt, driver_id, xform, sess, pool);
+	return sym_session_configure(roc_cpt, xform, sess);
 }
 
 void
-sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
+sym_session_clear(void *sess)
 {
-	void *priv = get_sym_session_private_data(sess, driver_id);
-	struct cnxk_se_sess *sess_priv;
-	struct rte_mempool *pool;
+	struct cnxk_se_sess *sess_priv = sess;
 
-	if (priv == NULL)
+	if (sess == NULL)
 		return;
 
-	sess_priv = priv;
-
 	if (sess_priv->roc_se_ctx.auth_key != NULL)
 		plt_free(sess_priv->roc_se_ctx.auth_key);
 
-	memset(priv, 0, cnxk_cpt_sym_session_get_size(NULL));
-
-	pool = rte_mempool_from_obj(priv);
-
-	set_sym_session_private_data(sess, driver_id, NULL);
-
-	rte_mempool_put(pool, priv);
+	memset(sess_priv, 0, cnxk_cpt_sym_session_get_size(NULL));
 }
 
 void
-cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
-			   struct rte_cryptodev_sym_session *sess)
+cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	return sym_session_clear(dev->driver_id, sess);
+	RTE_SET_USED(dev);
+
+	return sym_session_clear(sess);
 }
 
 unsigned int
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
index c5332dec53..3c09d10582 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
@@ -111,18 +111,15 @@ unsigned int cnxk_cpt_sym_session_get_size(struct rte_cryptodev *dev);
 
 int cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
 				   struct rte_crypto_sym_xform *xform,
-				   struct rte_cryptodev_sym_session *sess,
-				   struct rte_mempool *pool);
+				   void *sess);
 
-int sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
+int sym_session_configure(struct roc_cpt *roc_cpt,
 			  struct rte_crypto_sym_xform *xform,
-			  struct rte_cryptodev_sym_session *sess,
-			  struct rte_mempool *pool);
+			  void *sess);
 
-void cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
-				struct rte_cryptodev_sym_session *sess);
+void cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev, void *sess);
 
-void sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess);
+void sym_session_clear(void *sess);
 
 unsigned int cnxk_ae_session_size_get(struct rte_cryptodev *dev __rte_unused);
 
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 15ea5de18d..d4f223f2f9 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -3439,49 +3439,32 @@ dpaa2_sec_security_session_destroy(void *dev __rte_unused, void *sess)
 static int
 dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		DPAA2_SEC_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = dpaa2_sec_set_session_parameters(dev, xform, sess_private_data);
+	ret = dpaa2_sec_set_session_parameters(dev, xform, sess);
 	if (ret != 0) {
 		DPAA2_SEC_ERR("Failed to configure session parameters");
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+dpaa2_sec_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-	dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
+	RTE_SET_USED(dev);
+	dpaa2_sec_session *s = (dpaa2_sec_session *)sess;
 
-	if (sess_priv) {
+	if (sess) {
 		rte_free(s->ctxt);
 		rte_free(s->cipher_key.data);
 		rte_free(s->auth_key.data);
 		memset(s, 0, sizeof(dpaa2_sec_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 }
 
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 0497931c67..a9295eb154 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2537,33 +2537,18 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
 
 static int
 dpaa_sec_sym_session_configure(struct rte_cryptodev *dev,
-		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		struct rte_crypto_sym_xform *xform, void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	PMD_INIT_FUNC_TRACE();
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		DPAA_SEC_ERR("Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = dpaa_sec_set_session_parameters(dev, xform, sess_private_data);
+	ret = dpaa_sec_set_session_parameters(dev, xform, sess);
 	if (ret != 0) {
 		DPAA_SEC_ERR("failed to configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
-
 	return 0;
 }
 
@@ -2584,18 +2569,14 @@ free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+dpaa_sec_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	PMD_INIT_FUNC_TRACE();
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-	dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
+	RTE_SET_USED(dev);
+	dpaa_sec_session *s = (dpaa_sec_session *)sess;
 
-	if (sess_priv) {
+	if (sess)
 		free_session_memory(dev, s);
-		set_sym_session_private_data(sess, index, NULL);
-	}
 }
 
 #ifdef RTE_LIB_SECURITY
diff --git a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
index f075054807..b2e5c92598 100644
--- a/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
+++ b/drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
@@ -220,7 +220,6 @@ kasumi_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 
 	qp->mgr = internals->mgr;
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -243,10 +242,8 @@ kasumi_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 	struct kasumi_private *internals = dev->data->dev_private;
 
@@ -255,43 +252,24 @@ kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		KASUMI_LOG(ERR,
-				"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = kasumi_set_session_parameters(internals->mgr,
-					sess_private_data, xform);
+					sess, xform);
 	if (ret != 0) {
 		KASUMI_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-kasumi_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+kasumi_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct kasumi_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct kasumi_session));
 }
 
 struct rte_cryptodev_ops kasumi_pmd_ops = {
diff --git a/drivers/crypto/mlx5/mlx5_crypto.c b/drivers/crypto/mlx5/mlx5_crypto.c
index 6a2f8b6ac6..9c60c3d117 100644
--- a/drivers/crypto/mlx5/mlx5_crypto.c
+++ b/drivers/crypto/mlx5/mlx5_crypto.c
@@ -165,14 +165,12 @@ mlx5_crypto_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
 				  struct rte_crypto_sym_xform *xform,
-				  struct rte_cryptodev_sym_session *session,
-				  struct rte_mempool *mp)
+				  void *session)
 {
 	struct mlx5_crypto_priv *priv = dev->data->dev_private;
-	struct mlx5_crypto_session *sess_private_data;
+	struct mlx5_crypto_session *sess_private_data = session;
 	struct rte_crypto_cipher_xform *cipher;
 	uint8_t encryption_order;
-	int ret;
 
 	if (unlikely(xform->next != NULL)) {
 		DRV_LOG(ERR, "Xform next is not supported.");
@@ -183,17 +181,9 @@ mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
 		DRV_LOG(ERR, "Only AES-XTS algorithm is supported.");
 		return -ENOTSUP;
 	}
-	ret = rte_mempool_get(mp, (void *)&sess_private_data);
-	if (ret != 0) {
-		DRV_LOG(ERR,
-			"Failed to get session %p private data from mempool.",
-			sess_private_data);
-		return -ENOMEM;
-	}
 	cipher = &xform->cipher;
 	sess_private_data->dek = mlx5_crypto_dek_prepare(priv, cipher);
 	if (sess_private_data->dek == NULL) {
-		rte_mempool_put(mp, sess_private_data);
 		DRV_LOG(ERR, "Failed to prepare dek.");
 		return -ENOMEM;
 	}
@@ -228,27 +218,21 @@ mlx5_crypto_sym_session_configure(struct rte_cryptodev *dev,
 	sess_private_data->dek_id =
 			rte_cpu_to_be_32(sess_private_data->dek->obj->id &
 					 0xffffff);
-	set_sym_session_private_data(session, dev->driver_id,
-				     sess_private_data);
 	DRV_LOG(DEBUG, "Session %p was configured.", sess_private_data);
 	return 0;
 }
 
 static void
-mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev,
-			      struct rte_cryptodev_sym_session *sess)
+mlx5_crypto_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	struct mlx5_crypto_priv *priv = dev->data->dev_private;
-	struct mlx5_crypto_session *spriv = get_sym_session_private_data(sess,
-								dev->driver_id);
+	struct mlx5_crypto_session *spriv = sess;
 
 	if (unlikely(spriv == NULL)) {
 		DRV_LOG(ERR, "Failed to get session %p private data.", spriv);
 		return;
 	}
 	mlx5_crypto_dek_destroy(priv, spriv->dek);
-	set_sym_session_private_data(sess, dev->driver_id, NULL);
-	rte_mempool_put(rte_mempool_from_obj(spriv), spriv);
 	DRV_LOG(DEBUG, "Session %p was cleared.", spriv);
 }
 
diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
index e04a2c88c7..2e4b27ea21 100644
--- a/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
+++ b/drivers/crypto/mvsam/rte_mrvl_pmd_ops.c
@@ -704,7 +704,6 @@ mrvl_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 			break;
 
 		qp->sess_mp = qp_conf->mp_session;
-		qp->sess_mp_priv = qp_conf->mp_session_private;
 
 		memset(&qp->stats, 0, sizeof(qp->stats));
 		dev->data->queue_pairs[qp_id] = qp;
@@ -735,12 +734,9 @@ mrvl_crypto_pmd_sym_session_get_size(__rte_unused struct rte_cryptodev *dev)
  */
 static int
 mrvl_crypto_pmd_sym_session_configure(__rte_unused struct rte_cryptodev *dev,
-		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mp)
+		struct rte_crypto_sym_xform *xform, void *sess)
 {
 	struct mrvl_crypto_session *mrvl_sess;
-	void *sess_private_data;
 	int ret;
 
 	if (sess == NULL) {
@@ -748,25 +744,16 @@ mrvl_crypto_pmd_sym_session_configure(__rte_unused struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mp, &sess_private_data)) {
-		CDEV_LOG_ERR("Couldn't get object from session mempool.");
-		return -ENOMEM;
-	}
+	memset(sess, 0, sizeof(struct mrvl_crypto_session));
 
-	memset(sess_private_data, 0, sizeof(struct mrvl_crypto_session));
-
-	ret = mrvl_crypto_set_session_parameters(sess_private_data, xform);
+	ret = mrvl_crypto_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		MRVL_LOG(ERR, "Failed to configure session parameters!");
-
-		/* Return session to mempool */
-		rte_mempool_put(mp, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
 
-	mrvl_sess = (struct mrvl_crypto_session *)sess_private_data;
+	mrvl_sess = (struct mrvl_crypto_session *)sess;
 	if (sam_session_create(&mrvl_sess->sam_sess_params,
 				&mrvl_sess->sam_sess) < 0) {
 		MRVL_LOG(DEBUG, "Failed to create session!");
@@ -789,17 +776,13 @@ mrvl_crypto_pmd_sym_session_configure(__rte_unused struct rte_cryptodev *dev,
  * @returns 0. Always.
  */
 static void
-mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
+	if (sess) {
 		struct mrvl_crypto_session *mrvl_sess =
-			(struct mrvl_crypto_session *)sess_priv;
+			(struct mrvl_crypto_session *)sess;
 
 		if (mrvl_sess->sam_sess &&
 		    sam_session_destroy(mrvl_sess->sam_sess) < 0) {
@@ -807,9 +790,6 @@ mrvl_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
 		}
 
 		memset(mrvl_sess, 0, sizeof(struct mrvl_crypto_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 }
 
diff --git a/drivers/crypto/nitrox/nitrox_sym.c b/drivers/crypto/nitrox/nitrox_sym.c
index f8b7edcd69..0c9bbfef46 100644
--- a/drivers/crypto/nitrox/nitrox_sym.c
+++ b/drivers/crypto/nitrox/nitrox_sym.c
@@ -532,22 +532,16 @@ configure_aead_ctx(struct rte_crypto_aead_xform *xform,
 static int
 nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev,
 			      struct rte_crypto_sym_xform *xform,
-			      struct rte_cryptodev_sym_session *sess,
-			      struct rte_mempool *mempool)
+			      void *sess)
 {
-	void *mp_obj;
 	struct nitrox_crypto_ctx *ctx;
 	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	struct rte_crypto_auth_xform *auth_xform = NULL;
 	struct rte_crypto_aead_xform *aead_xform = NULL;
 	int ret = -EINVAL;
 
-	if (rte_mempool_get(mempool, &mp_obj)) {
-		NITROX_LOG(ERR, "Couldn't allocate context\n");
-		return -ENOMEM;
-	}
-
-	ctx = mp_obj;
+	RTE_SET_USED(cdev);
+	ctx = sess;
 	ctx->nitrox_chain = get_crypto_chain_order(xform);
 	switch (ctx->nitrox_chain) {
 	case NITROX_CHAIN_CIPHER_ONLY:
@@ -586,28 +580,17 @@ nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev,
 	}
 
 	ctx->iova = rte_mempool_virt2iova(ctx);
-	set_sym_session_private_data(sess, cdev->driver_id, ctx);
 	return 0;
 err:
-	rte_mempool_put(mempool, mp_obj);
 	return ret;
 }
 
 static void
-nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev,
-			  struct rte_cryptodev_sym_session *sess)
+nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev, void *sess)
 {
-	struct nitrox_crypto_ctx *ctx = get_sym_session_private_data(sess,
-							cdev->driver_id);
-	struct rte_mempool *sess_mp;
-
-	if (!ctx)
-		return;
-
-	memset(ctx, 0, sizeof(*ctx));
-	sess_mp = rte_mempool_from_obj(ctx);
-	set_sym_session_private_data(sess, cdev->driver_id, NULL);
-	rte_mempool_put(sess_mp, ctx);
+	RTE_SET_USED(cdev);
+	if (sess)
+		memset(sess, 0, sizeof(struct nitrox_crypto_ctx));
 }
 
 static struct nitrox_crypto_ctx *
diff --git a/drivers/crypto/null/null_crypto_pmd_ops.c b/drivers/crypto/null/null_crypto_pmd_ops.c
index a8b5a06e7f..65bfa8dcf7 100644
--- a/drivers/crypto/null/null_crypto_pmd_ops.c
+++ b/drivers/crypto/null/null_crypto_pmd_ops.c
@@ -234,7 +234,6 @@ null_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -258,10 +257,8 @@ null_crypto_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 null_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mp)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -269,42 +266,23 @@ null_crypto_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mp, &sess_private_data)) {
-		NULL_LOG(ERR,
-				"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = null_crypto_set_session_parameters(sess_private_data, xform);
+	ret = null_crypto_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		NULL_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mp, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-null_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+null_crypto_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct null_crypto_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct null_crypto_session));
 }
 
 static struct rte_cryptodev_ops pmd_ops = {
diff --git a/drivers/crypto/octeontx/otx_cryptodev_hw_access.h b/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
index e48805fb09..4647d568de 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
+++ b/drivers/crypto/octeontx/otx_cryptodev_hw_access.h
@@ -49,7 +49,6 @@ struct cpt_instance {
 	uint32_t queue_id;
 	uintptr_t rsvd;
 	struct rte_mempool *sess_mp;
-	struct rte_mempool *sess_mp_priv;
 	struct cpt_qp_meta_info meta_info;
 	uint8_t ca_enabled;
 };
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index 9e8fd495cf..abd0963be0 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -171,7 +171,6 @@ otx_cpt_que_pair_setup(struct rte_cryptodev *dev,
 
 	instance->queue_id = que_pair_id;
 	instance->sess_mp = qp_conf->mp_session;
-	instance->sess_mp_priv = qp_conf->mp_session_private;
 	dev->data->queue_pairs[que_pair_id] = instance;
 
 	return 0;
@@ -243,29 +242,22 @@ sym_xform_verify(struct rte_crypto_sym_xform *xform)
 }
 
 static int
-sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
-		      struct rte_cryptodev_sym_session *sess,
-		      struct rte_mempool *pool)
+sym_session_configure(struct rte_crypto_sym_xform *xform,
+		      void *sess)
 {
 	struct rte_crypto_sym_xform *temp_xform = xform;
 	struct cpt_sess_misc *misc;
 	vq_cmd_word3_t vq_cmd_w3;
-	void *priv;
 	int ret;
 
 	ret = sym_xform_verify(xform);
 	if (unlikely(ret))
 		return ret;
 
-	if (unlikely(rte_mempool_get(pool, &priv))) {
-		CPT_LOG_ERR("Could not allocate session private data");
-		return -ENOMEM;
-	}
-
-	memset(priv, 0, sizeof(struct cpt_sess_misc) +
+	memset(sess, 0, sizeof(struct cpt_sess_misc) +
 			offsetof(struct cpt_ctx, mc_ctx));
 
-	misc = priv;
+	misc = sess;
 
 	for ( ; xform != NULL; xform = xform->next) {
 		switch (xform->type) {
@@ -301,8 +293,6 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 		goto priv_put;
 	}
 
-	set_sym_session_private_data(sess, driver_id, priv);
-
 	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
 			     sizeof(struct cpt_sess_misc);
 
@@ -316,56 +306,46 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 	return 0;
 
 priv_put:
-	if (priv)
-		rte_mempool_put(pool, priv);
 	return -ENOTSUP;
 }
 
 static void
-sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
+sym_session_clear(void *sess)
 {
-	void *priv = get_sym_session_private_data(sess, driver_id);
 	struct cpt_sess_misc *misc;
-	struct rte_mempool *pool;
 	struct cpt_ctx *ctx;
 
-	if (priv == NULL)
+	if (sess == NULL)
 		return;
 
-	misc = priv;
+	misc = sess;
 	ctx = SESS_PRIV(misc);
 
 	if (ctx->auth_key != NULL)
 		rte_free(ctx->auth_key);
 
-	memset(priv, 0, cpt_get_session_size());
-
-	pool = rte_mempool_from_obj(priv);
-
-	set_sym_session_private_data(sess, driver_id, NULL);
-
-	rte_mempool_put(pool, priv);
+	memset(sess, 0, cpt_get_session_size());
 }
 
 static int
 otx_cpt_session_cfg(struct rte_cryptodev *dev,
 		    struct rte_crypto_sym_xform *xform,
-		    struct rte_cryptodev_sym_session *sess,
-		    struct rte_mempool *pool)
+		    void *sess)
 {
 	CPT_PMD_INIT_FUNC_TRACE();
+	RTE_SET_USED(dev);
 
-	return sym_session_configure(dev->driver_id, xform, sess, pool);
+	return sym_session_configure(xform, sess);
 }
 
 
 static void
-otx_cpt_session_clear(struct rte_cryptodev *dev,
-		  struct rte_cryptodev_sym_session *sess)
+otx_cpt_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	CPT_PMD_INIT_FUNC_TRACE();
+	RTE_SET_USED(dev);
 
-	return sym_session_clear(dev->driver_id, sess);
+	return sym_session_clear(sess);
 }
 
 static unsigned int
@@ -576,7 +556,6 @@ static __rte_always_inline void * __rte_hot
 otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
 				struct rte_crypto_op *op)
 {
-	const int driver_id = otx_cryptodev_driver_id;
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct rte_cryptodev_sym_session *sess;
 	void *req;
@@ -589,8 +568,12 @@ otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
 		return NULL;
 	}
 
-	ret = sym_session_configure(driver_id, sym_op->xform, sess,
-				    instance->sess_mp_priv);
+	sess->sess_data[otx_cryptodev_driver_id].data =
+			(void *)((uint8_t *)sess +
+			rte_cryptodev_sym_get_header_session_size() +
+			(otx_cryptodev_driver_id * sess->priv_sz));
+	ret = sym_session_configure(sym_op->xform,
+			sess->sess_data[otx_cryptodev_driver_id].data);
 	if (ret)
 		goto sess_put;
 
@@ -604,7 +587,7 @@ otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
 	return req;
 
 priv_put:
-	sym_session_clear(driver_id, sess);
+	sym_session_clear(sess);
 sess_put:
 	rte_mempool_put(instance->sess_mp, sess);
 	return NULL;
@@ -913,7 +896,6 @@ free_sym_session_data(const struct cpt_instance *instance,
 	memset(cop->sym->session, 0,
 	       rte_cryptodev_sym_get_existing_header_session_size(
 		       cop->sym->session));
-	rte_mempool_put(instance->sess_mp_priv, sess_private_data_t);
 	rte_mempool_put(instance->sess_mp, cop->sym->session);
 	cop->sym->session = NULL;
 }
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
index 7b744cd4b4..dcfbc49996 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
@@ -371,29 +371,21 @@ sym_xform_verify(struct rte_crypto_sym_xform *xform)
 }
 
 static int
-sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
-		      struct rte_cryptodev_sym_session *sess,
-		      struct rte_mempool *pool)
+sym_session_configure(struct rte_crypto_sym_xform *xform, void *sess)
 {
 	struct rte_crypto_sym_xform *temp_xform = xform;
 	struct cpt_sess_misc *misc;
 	vq_cmd_word3_t vq_cmd_w3;
-	void *priv;
 	int ret;
 
 	ret = sym_xform_verify(xform);
 	if (unlikely(ret))
 		return ret;
 
-	if (unlikely(rte_mempool_get(pool, &priv))) {
-		CPT_LOG_ERR("Could not allocate session private data");
-		return -ENOMEM;
-	}
-
-	memset(priv, 0, sizeof(struct cpt_sess_misc) +
+	memset(sess, 0, sizeof(struct cpt_sess_misc) +
 			offsetof(struct cpt_ctx, mc_ctx));
 
-	misc = priv;
+	misc = sess;
 
 	for ( ; xform != NULL; xform = xform->next) {
 		switch (xform->type) {
@@ -414,7 +406,7 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 		}
 
 		if (ret)
-			goto priv_put;
+			return -ENOTSUP;
 	}
 
 	if ((GET_SESS_FC_TYPE(misc) == HASH_HMAC) &&
@@ -425,12 +417,9 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 			rte_free(ctx->auth_key);
 			ctx->auth_key = NULL;
 		}
-		ret = -ENOTSUP;
-		goto priv_put;
+		return -ENOTSUP;
 	}
 
-	set_sym_session_private_data(sess, driver_id, misc);
-
 	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
 			     sizeof(struct cpt_sess_misc);
 
@@ -451,11 +440,6 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 	misc->cpt_inst_w7 = vq_cmd_w3.u64;
 
 	return 0;
-
-priv_put:
-	rte_mempool_put(pool, priv);
-
-	return -ENOTSUP;
 }
 
 static __rte_always_inline int32_t __rte_hot
@@ -765,7 +749,6 @@ otx2_cpt_enqueue_sym_sessless(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
 			      struct pending_queue *pend_q,
 			      unsigned int burst_index)
 {
-	const int driver_id = otx2_cryptodev_driver_id;
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct rte_cryptodev_sym_session *sess;
 	int ret;
@@ -775,8 +758,12 @@ otx2_cpt_enqueue_sym_sessless(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
 	if (sess == NULL)
 		return -ENOMEM;
 
-	ret = sym_session_configure(driver_id, sym_op->xform, sess,
-				    qp->sess_mp_priv);
+	sess->sess_data[otx2_cryptodev_driver_id].data =
+			(void *)((uint8_t *)sess +
+			rte_cryptodev_sym_get_header_session_size() +
+			(otx2_cryptodev_driver_id * sess->priv_sz));
+	ret = sym_session_configure(sym_op->xform,
+			sess->sess_data[otx2_cryptodev_driver_id].data);
 	if (ret)
 		goto sess_put;
 
@@ -790,7 +777,7 @@ otx2_cpt_enqueue_sym_sessless(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
 	return 0;
 
 priv_put:
-	sym_session_clear(driver_id, sess);
+	sym_session_clear(sess);
 sess_put:
 	rte_mempool_put(qp->sess_mp, sess);
 	return ret;
@@ -1035,8 +1022,7 @@ otx2_cpt_dequeue_post_process(struct otx2_cpt_qp *qp, struct rte_crypto_op *cop,
 		}
 
 		if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
-			sym_session_clear(otx2_cryptodev_driver_id,
-					  cop->sym->session);
+			sym_session_clear(cop->sym->session);
 			sz = rte_cryptodev_sym_get_existing_header_session_size(
 					cop->sym->session);
 			memset(cop->sym->session, 0, sz);
@@ -1291,7 +1277,6 @@ otx2_cpt_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	}
 
 	qp->sess_mp = conf->mp_session;
-	qp->sess_mp_priv = conf->mp_session_private;
 	dev->data->queue_pairs[qp_id] = qp;
 
 	return 0;
@@ -1330,21 +1315,22 @@ otx2_cpt_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 otx2_cpt_sym_session_configure(struct rte_cryptodev *dev,
 			       struct rte_crypto_sym_xform *xform,
-			       struct rte_cryptodev_sym_session *sess,
-			       struct rte_mempool *pool)
+			       void *sess)
 {
 	CPT_PMD_INIT_FUNC_TRACE();
+	RTE_SET_USED(dev);
 
-	return sym_session_configure(dev->driver_id, xform, sess, pool);
+	return sym_session_configure(xform, sess);
 }
 
 static void
 otx2_cpt_sym_session_clear(struct rte_cryptodev *dev,
-			   struct rte_cryptodev_sym_session *sess)
+			   void *sess)
 {
 	CPT_PMD_INIT_FUNC_TRACE();
+	RTE_SET_USED(dev);
 
-	return sym_session_clear(dev->driver_id, sess);
+	return sym_session_clear(sess);
 }
 
 static unsigned int
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h b/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
index 01c081a216..5f63eaf7b7 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops_helper.h
@@ -8,29 +8,21 @@
 #include "cpt_pmd_logs.h"
 
 static void
-sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
+sym_session_clear(void *sess)
 {
-	void *priv = get_sym_session_private_data(sess, driver_id);
 	struct cpt_sess_misc *misc;
-	struct rte_mempool *pool;
 	struct cpt_ctx *ctx;
 
-	if (priv == NULL)
+	if (sess == NULL)
 		return;
 
-	misc = priv;
+	misc = sess;
 	ctx = SESS_PRIV(misc);
 
 	if (ctx->auth_key != NULL)
 		rte_free(ctx->auth_key);
 
-	memset(priv, 0, cpt_get_session_size());
-
-	pool = rte_mempool_from_obj(priv);
-
-	set_sym_session_private_data(sess, driver_id, NULL);
-
-	rte_mempool_put(pool, priv);
+	memset(sess, 0, cpt_get_session_size());
 }
 
 static __rte_always_inline uint8_t
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 52715f86f8..1b48a6b400 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -741,7 +741,6 @@ openssl_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 		goto qp_setup_cleanup;
 
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->stats, 0, sizeof(qp->stats));
 
@@ -772,10 +771,8 @@ openssl_pmd_asym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 openssl_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -783,24 +780,12 @@ openssl_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		OPENSSL_LOG(ERR,
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	ret = openssl_set_session_parameters(sess_private_data, xform);
+	ret = openssl_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		OPENSSL_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-			sess_private_data);
-
 	return 0;
 }
 
@@ -1154,19 +1139,13 @@ openssl_pmd_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-openssl_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+openssl_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		openssl_reset_session(sess_priv);
-		memset(sess_priv, 0, sizeof(struct openssl_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
+	if (sess) {
+		openssl_reset_session(sess);
+		memset(sess, 0, sizeof(struct openssl_session));
 	}
 }
 
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 2c0e44dff4..3bca88385a 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -172,21 +172,14 @@ qat_is_auth_alg_supported(enum rte_crypto_auth_algorithm algo,
 }
 
 void
-qat_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+qat_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-	struct qat_sym_session *s = (struct qat_sym_session *)sess_priv;
+	struct qat_sym_session *s = (struct qat_sym_session *)sess;
 
-	if (sess_priv) {
+	if (sess) {
 		if (s->bpi_ctx)
 			bpi_cipher_ctx_free(s->bpi_ctx);
 		memset(s, 0, qat_sym_session_get_private_size(dev));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
 	}
 }
 
@@ -458,31 +451,17 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
 int
 qat_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess_private_data)
 {
-	void *sess_private_data;
 	int ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CDEV_LOG_ERR(
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = qat_sym_session_set_parameters(dev, xform, sess_private_data);
 	if (ret != 0) {
 		QAT_LOG(ERR,
 		    "Crypto QAT PMD: failed to configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
diff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h
index b93dc549ef..c7dceb2add 100644
--- a/drivers/crypto/qat/qat_sym_session.h
+++ b/drivers/crypto/qat/qat_sym_session.h
@@ -112,8 +112,7 @@ struct qat_sym_session {
 int
 qat_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool);
+		void *sess);
 
 int
 qat_sym_session_set_parameters(struct rte_cryptodev *dev,
@@ -135,8 +134,7 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev,
 				struct qat_sym_session *session);
 
 void
-qat_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *session);
+qat_sym_session_clear(struct rte_cryptodev *dev, void *session);
 
 unsigned int
 qat_sym_session_get_private_size(struct rte_cryptodev *dev);
diff --git a/drivers/crypto/scheduler/scheduler_pmd_ops.c b/drivers/crypto/scheduler/scheduler_pmd_ops.c
index 465b88ade8..87260b5a22 100644
--- a/drivers/crypto/scheduler/scheduler_pmd_ops.c
+++ b/drivers/crypto/scheduler/scheduler_pmd_ops.c
@@ -476,9 +476,7 @@ scheduler_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 
 static int
 scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
-	struct rte_crypto_sym_xform *xform,
-	struct rte_cryptodev_sym_session *sess,
-	struct rte_mempool *mempool)
+	struct rte_crypto_sym_xform *xform, void *sess)
 {
 	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
 	uint32_t i;
@@ -488,7 +486,7 @@ scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		struct scheduler_worker *worker = &sched_ctx->workers[i];
 
 		ret = rte_cryptodev_sym_session_init(worker->dev_id, sess,
-					xform, mempool);
+					xform);
 		if (ret < 0) {
 			CR_SCHED_LOG(ERR, "unable to config sym session");
 			return ret;
@@ -500,8 +498,7 @@ scheduler_pmd_sym_session_configure(struct rte_cryptodev *dev,
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+scheduler_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
 	struct scheduler_ctx *sched_ctx = dev->data->dev_private;
 	uint32_t i;
diff --git a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
index 3f46014b7d..b0f8f6d86a 100644
--- a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
+++ b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
@@ -226,7 +226,6 @@ snow3g_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 
 	qp->mgr = internals->mgr;
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -250,10 +249,8 @@ snow3g_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 snow3g_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 	struct snow3g_private *internals = dev->data->dev_private;
 
@@ -262,43 +259,24 @@ snow3g_pmd_sym_session_configure(struct rte_cryptodev *dev,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		SNOW3G_LOG(ERR,
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
 	ret = snow3g_set_session_parameters(internals->mgr,
-					sess_private_data, xform);
+					sess, xform);
 	if (ret != 0) {
 		SNOW3G_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-snow3g_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+snow3g_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct snow3g_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct snow3g_session));
 }
 
 struct rte_cryptodev_ops snow3g_pmd_ops = {
diff --git a/drivers/crypto/virtio/virtio_cryptodev.c b/drivers/crypto/virtio/virtio_cryptodev.c
index 8faa39df4a..de52fec32e 100644
--- a/drivers/crypto/virtio/virtio_cryptodev.c
+++ b/drivers/crypto/virtio/virtio_cryptodev.c
@@ -37,11 +37,10 @@ static void virtio_crypto_dev_free_mbufs(struct rte_cryptodev *dev);
 static unsigned int virtio_crypto_sym_get_session_private_size(
 		struct rte_cryptodev *dev);
 static void virtio_crypto_sym_clear_session(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess);
+		void *sess);
 static int virtio_crypto_sym_configure_session(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *session,
-		struct rte_mempool *mp);
+		void *session);
 
 /*
  * The set of PCI devices this driver supports
@@ -927,7 +926,7 @@ virtio_crypto_check_sym_clear_session_paras(
 static void
 virtio_crypto_sym_clear_session(
 		struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+		void *sess)
 {
 	struct virtio_crypto_hw *hw;
 	struct virtqueue *vq;
@@ -1290,11 +1289,9 @@ static int
 virtio_crypto_check_sym_configure_session_paras(
 		struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sym_sess,
-		struct rte_mempool *mempool)
+		void *sym_sess)
 {
-	if (unlikely(xform == NULL) || unlikely(sym_sess == NULL) ||
-		unlikely(mempool == NULL)) {
+	if (unlikely(xform == NULL) || unlikely(sym_sess == NULL)) {
 		VIRTIO_CRYPTO_SESSION_LOG_ERR("NULL pointer");
 		return -1;
 	}
@@ -1309,12 +1306,9 @@ static int
 virtio_crypto_sym_configure_session(
 		struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
 	int ret;
-	struct virtio_crypto_session crypto_sess;
-	void *session_private = &crypto_sess;
 	struct virtio_crypto_session *session;
 	struct virtio_crypto_op_ctrl_req *ctrl_req;
 	enum virtio_crypto_cmd_id cmd_id;
@@ -1326,19 +1320,13 @@ virtio_crypto_sym_configure_session(
 	PMD_INIT_FUNC_TRACE();
 
 	ret = virtio_crypto_check_sym_configure_session_paras(dev, xform,
-			sess, mempool);
+			sess);
 	if (ret < 0) {
 		VIRTIO_CRYPTO_SESSION_LOG_ERR("Invalid parameters");
 		return ret;
 	}
 
-	if (rte_mempool_get(mempool, &session_private)) {
-		VIRTIO_CRYPTO_SESSION_LOG_ERR(
-			"Couldn't get object from session mempool");
-		return -ENOMEM;
-	}
-
-	session = (struct virtio_crypto_session *)session_private;
+	session = (struct virtio_crypto_session *)sess;
 	memset(session, 0, sizeof(struct virtio_crypto_session));
 	ctrl_req = &session->ctrl;
 	ctrl_req->header.opcode = VIRTIO_CRYPTO_CIPHER_CREATE_SESSION;
@@ -1401,9 +1389,6 @@ virtio_crypto_sym_configure_session(
 		goto error_out;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		session_private);
-
 	return 0;
 
 error_out:
diff --git a/drivers/crypto/zuc/rte_zuc_pmd_ops.c b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
index 38642d45ab..04126c8a04 100644
--- a/drivers/crypto/zuc/rte_zuc_pmd_ops.c
+++ b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
@@ -226,7 +226,6 @@ zuc_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 
 	qp->mb_mgr = internals->mb_mgr;
 	qp->sess_mp = qp_conf->mp_session;
-	qp->sess_mp_priv = qp_conf->mp_session_private;
 
 	memset(&qp->qp_stats, 0, sizeof(qp->qp_stats));
 
@@ -250,10 +249,8 @@ zuc_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 static int
 zuc_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		struct rte_crypto_sym_xform *xform,
-		struct rte_cryptodev_sym_session *sess,
-		struct rte_mempool *mempool)
+		void *sess)
 {
-	void *sess_private_data;
 	int ret;
 
 	if (unlikely(sess == NULL)) {
@@ -261,43 +258,23 @@ zuc_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
 		return -EINVAL;
 	}
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		ZUC_LOG(ERR,
-			"Couldn't get object from session mempool");
-
-		return -ENOMEM;
-	}
-
-	ret = zuc_set_session_parameters(sess_private_data, xform);
+	ret = zuc_set_session_parameters(sess, xform);
 	if (ret != 0) {
 		ZUC_LOG(ERR, "failed configure session parameters");
-
-		/* Return session to mempool */
-		rte_mempool_put(mempool, sess_private_data);
 		return ret;
 	}
 
-	set_sym_session_private_data(sess, dev->driver_id,
-		sess_private_data);
-
 	return 0;
 }
 
 /** Clear the memory of session so it doesn't leave key material behind */
 static void
-zuc_pmd_sym_session_clear(struct rte_cryptodev *dev,
-		struct rte_cryptodev_sym_session *sess)
+zuc_pmd_sym_session_clear(struct rte_cryptodev *dev, void *sess)
 {
-	uint8_t index = dev->driver_id;
-	void *sess_priv = get_sym_session_private_data(sess, index);
-
+	RTE_SET_USED(dev);
 	/* Zero out the whole structure */
-	if (sess_priv) {
-		memset(sess_priv, 0, sizeof(struct zuc_session));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, index, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+	if (sess)
+		memset(sess, 0, sizeof(struct zuc_session));
 }
 
 struct rte_cryptodev_ops zuc_pmd_ops = {
diff --git a/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h b/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
index b33cb7e139..8522f2dfda 100644
--- a/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
+++ b/drivers/event/octeontx2/otx2_evdev_crypto_adptr_rx.h
@@ -38,8 +38,7 @@ otx2_ca_deq_post_process(const struct otx2_cpt_qp *qp,
 		}
 
 		if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
-			sym_session_clear(otx2_cryptodev_driver_id,
-					  cop->sym->session);
+			sym_session_clear(cop->sym->session);
 			memset(cop->sym->session, 0,
 			rte_cryptodev_sym_get_existing_header_session_size(
 				cop->sym->session));
diff --git a/examples/fips_validation/fips_dev_self_test.c b/examples/fips_validation/fips_dev_self_test.c
index b4eab05a98..bbc27a1b6f 100644
--- a/examples/fips_validation/fips_dev_self_test.c
+++ b/examples/fips_validation/fips_dev_self_test.c
@@ -969,7 +969,6 @@ struct fips_dev_auto_test_env {
 	struct rte_mempool *mpool;
 	struct rte_mempool *op_pool;
 	struct rte_mempool *sess_pool;
-	struct rte_mempool *sess_priv_pool;
 	struct rte_mbuf *mbuf;
 	struct rte_crypto_op *op;
 };
@@ -981,7 +980,7 @@ typedef int (*fips_dev_self_test_prepare_xform_t)(uint8_t,
 		uint32_t);
 
 typedef int (*fips_dev_self_test_prepare_op_t)(struct rte_crypto_op *,
-		struct rte_mbuf *, struct rte_cryptodev_sym_session *,
+		struct rte_mbuf *, void *,
 		uint32_t, struct fips_dev_self_test_vector *);
 
 typedef int (*fips_dev_self_test_check_result_t)(struct rte_crypto_op *,
@@ -1173,7 +1172,7 @@ prepare_aead_xform(uint8_t dev_id,
 static int
 prepare_cipher_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1212,7 +1211,7 @@ prepare_cipher_op(struct rte_crypto_op *op,
 static int
 prepare_auth_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1251,7 +1250,7 @@ prepare_auth_op(struct rte_crypto_op *op,
 static int
 prepare_aead_op(struct rte_crypto_op *op,
 		struct rte_mbuf *mbuf,
-		struct rte_cryptodev_sym_session *session,
+		void *session,
 		uint32_t dir,
 		struct fips_dev_self_test_vector *vec)
 {
@@ -1464,7 +1463,7 @@ run_single_test(uint8_t dev_id,
 		uint32_t negative_test)
 {
 	struct rte_crypto_sym_xform xform;
-	struct rte_cryptodev_sym_session *sess;
+	void *sess;
 	uint16_t n_deqd;
 	uint8_t key[256];
 	int ret;
@@ -1484,8 +1483,7 @@ run_single_test(uint8_t dev_id,
 	if (!sess)
 		return -ENOMEM;
 
-	ret = rte_cryptodev_sym_session_init(dev_id,
-			sess, &xform, env->sess_priv_pool);
+	ret = rte_cryptodev_sym_session_init(dev_id, sess, &xform);
 	if (ret < 0) {
 		RTE_LOG(ERR, PMD, "Error %i: Init session\n", ret);
 		return ret;
@@ -1533,8 +1531,6 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
 		rte_mempool_free(env->op_pool);
 	if (env->sess_pool)
 		rte_mempool_free(env->sess_pool);
-	if (env->sess_priv_pool)
-		rte_mempool_free(env->sess_priv_pool);
 
 	rte_cryptodev_stop(dev_id);
 }
@@ -1542,7 +1538,7 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
 static int
 fips_dev_auto_test_init(uint8_t dev_id, struct fips_dev_auto_test_env *env)
 {
-	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
+	struct rte_cryptodev_qp_conf qp_conf = {128, NULL};
 	uint32_t sess_sz = rte_cryptodev_sym_get_private_session_size(dev_id);
 	struct rte_cryptodev_config conf;
 	char name[128];
@@ -1586,25 +1582,13 @@ fips_dev_auto_test_init(uint8_t dev_id, struct fips_dev_auto_test_env *env)
 	snprintf(name, 128, "%s%u", "SELF_TEST_SESS_POOL", dev_id);
 
 	env->sess_pool = rte_cryptodev_sym_session_pool_create(name,
-			128, 0, 0, 0, rte_cryptodev_socket_id(dev_id));
+			128, sess_sz, 0, 0, rte_cryptodev_socket_id(dev_id));
 	if (!env->sess_pool) {
 		ret = -ENOMEM;
 		goto error_exit;
 	}
 
-	memset(name, 0, 128);
-	snprintf(name, 128, "%s%u", "SELF_TEST_SESS_PRIV_POOL", dev_id);
-
-	env->sess_priv_pool = rte_mempool_create(name,
-			128, sess_sz, 0, 0, NULL, NULL, NULL,
-			NULL, rte_cryptodev_socket_id(dev_id), 0);
-	if (!env->sess_priv_pool) {
-		ret = -ENOMEM;
-		goto error_exit;
-	}
-
 	qp_conf.mp_session = env->sess