diff mbox series

[v2,4/4] crypto: modify return value for asym session create

Message ID 20220124150339.280090-5-ciara.power@intel.com (mailing list archive)
State Superseded, archived
Delegated to: akhil goyal
Headers show
Series crypto: improve asym session usage | expand

Checks

Context Check Description
ci/intel-Testing success Testing PASS
ci/Intel-compilation success Compilation OK
ci/checkpatch success coding style OK

Commit Message

Power, Ciara Jan. 24, 2022, 3:03 p.m. UTC
Rather than the asym session create function returning a session on
success, and a NULL value on error, it is modified to now return int
values - 0 on success or -EINVAL/-ENOTSUP/-ENOMEM on failure.
The session to be used is passed as input.

This adds clarity on the failure of the create function, which enables
treating the -ENOTSUP return as TEST_SKIPPED in test apps.

Signed-off-by: Ciara Power <ciara.power@intel.com>
---
 app/test-crypto-perf/cperf_ops.c |  12 ++-
 app/test/test_cryptodev_asym.c   | 122 +++++++++++++++++--------------
 lib/cryptodev/rte_cryptodev.c    |  27 +++----
 lib/cryptodev/rte_cryptodev.h    |  11 ++-
 4 files changed, 97 insertions(+), 75 deletions(-)

Comments

Zhang, Roy Fan Jan. 27, 2022, 11:06 a.m. UTC | #1
> -----Original Message-----
> From: Power, Ciara <ciara.power@intel.com>
> Sent: Monday, January 24, 2022 3:04 PM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; gakhil@marvell.com;
> anoobj@marvell.com; mdr@ashroe.eu; Power, Ciara
> <ciara.power@intel.com>; Doherty, Declan <declan.doherty@intel.com>
> Subject: [PATCH v2 4/4] crypto: modify return value for asym session create
> 
> Rather than the asym session create function returning a session on
> success, and a NULL value on error, it is modified to now return int
> values - 0 on success or -EINVAL/-ENOTSUP/-ENOMEM on failure.
> The session to be used is passed as input.
> 
> This adds clarity on the failure of the create function, which enables
> treating the -ENOTSUP return as TEST_SKIPPED in test apps.
> 
> Signed-off-by: Ciara Power <ciara.power@intel.com>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Anoob Joseph Jan. 31, 2022, 2:35 p.m. UTC | #2
Hi Ciara,

Minor nits. Please see inline.

With the fixes,
Acked-by: Anoob Joseph <anoobj@marvell.com>

Thanks,
Anoob

> -----Original Message-----
> From: Ciara Power <ciara.power@intel.com>
> Sent: Monday, January 24, 2022 8:34 PM
> To: dev@dpdk.org
> Cc: roy.fan.zhang@intel.com; Akhil Goyal <gakhil@marvell.com>; Anoob Joseph
> <anoobj@marvell.com>; mdr@ashroe.eu; Ciara Power
> <ciara.power@intel.com>; Declan Doherty <declan.doherty@intel.com>
> Subject: [EXT] [PATCH v2 4/4] crypto: modify return value for asym session
> create
> 
> External Email
> 
> ----------------------------------------------------------------------
> Rather than the asym session create function returning a session on success, and
> a NULL value on error, it is modified to now return int values - 0 on success or -
> EINVAL/-ENOTSUP/-ENOMEM on failure.
> The session to be used is passed as input.
> 
> This adds clarity on the failure of the create function, which enables treating the
> -ENOTSUP return as TEST_SKIPPED in test apps.
> 
> Signed-off-by: Ciara Power <ciara.power@intel.com>
> ---

[snip]

> @@ -744,11 +746,13 @@ cperf_create_session(struct rte_mempool *sess_mp,
>  		xform.modex.exponent.data = perf_mod_e;
>  		xform.modex.exponent.length = sizeof(perf_mod_e);
> 
> -		sess = (void *)rte_cryptodev_asym_session_create(sess_mp,
> dev_id, &xform);
> -		if (sess == NULL)
> +		ret = rte_cryptodev_asym_session_create(&asym_sess,
> +				sess_mp, dev_id, &xform);
> +		if (ret < 0) {
> +			RTE_LOG(ERR, USER1, "Asym session create failed");

[Anoob] Don't we need \n at the end?

[snip]
 
> @@ -644,9 +645,9 @@ test_rsa_sign_verify(void)
>  	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
>  	struct rte_mempool *sess_mpool = ts_params->session_mpool;
>  	uint8_t dev_id = ts_params->valid_devs[0];
> -	void *sess;
> +	void *sess = NULL;
>  	struct rte_cryptodev_info dev_info;
> -	int status = TEST_SUCCESS;
> +	int status = TEST_SUCCESS, ret;

[Anoob] May be move status to the end? Here and in other places.
https://doc.dpdk.org/guides/contributing/coding_style.html#local-variables
 
> 
>  	/* Test case supports op with exponent key only,
>  	 * Check in PMD feature flag for RSA exponent key type support.
> @@ -659,12 +660,12 @@ test_rsa_sign_verify(void)
>  		return TEST_SKIPPED;
>  	}
> 
> -	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id,
> &rsa_xform);
> -
> -	if (!sess) {
> +	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
> +			dev_id, &rsa_xform);
> +	if (ret < 0) {
>  		RTE_LOG(ERR, USER1, "Session creation failed for "
>  			"sign_verify\n");
> -		status = TEST_FAILED;
> +		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
>  		goto error_exit;
>  	}
> 

[snip]

> diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h index
> 6a4d6d9934..89739def91 100644
> --- a/lib/cryptodev/rte_cryptodev.h
> +++ b/lib/cryptodev/rte_cryptodev.h
> @@ -990,18 +990,21 @@ rte_cryptodev_sym_session_create(struct
> rte_mempool *mempool);
>  /**
>   * Create asymmetric crypto session header (generic with no private data)
>   *
> + * @param   session    void ** for session to be used
>   * @param   mempool    mempool to allocate asymmetric session
>   *                     objects from
>   * @param   dev_id   ID of device that we want the session to be used on
>   * @param   xforms   Asymmetric crypto transform operations to apply on flow
>   *                   processed with this session
>   * @return
> - *  - On success return pointer to asym-session
> - *  - On failure returns NULL
> + *  - 0 on success.
> + *  - -EINVAL on invalid device ID, or invalid mempool.

[Anoob] PMD can also return an -EINVAL if some invalid configuration is requested. May be better to leave this open, like,

"- EINVAL Invalid arguments"

> + *  - -ENOMEM on memory error for session allocation.
> + *  - -ENOTSUP if device doesn't support session configuration.
>   */
>  __rte_experimental
> -void *
> -rte_cryptodev_asym_session_create(struct rte_mempool *mempool,
> +int
> +rte_cryptodev_asym_session_create(void **session, struct rte_mempool
> +*mempool,
>  		uint8_t dev_id, struct rte_crypto_asym_xform *xforms);
> 
>  /**
> --
> 2.25.1
diff mbox series

Patch

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 948dc0f608..737a47150d 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -734,7 +734,9 @@  cperf_create_session(struct rte_mempool *sess_mp,
 	struct rte_crypto_sym_xform auth_xform;
 	struct rte_crypto_sym_xform aead_xform;
 	struct rte_cryptodev_sym_session *sess = NULL;
+	void *asym_sess = NULL;
 	struct rte_crypto_asym_xform xform = {0};
+	int ret;
 
 	if (options->op_type == CPERF_ASYM_MODEX) {
 		xform.next = NULL;
@@ -744,11 +746,13 @@  cperf_create_session(struct rte_mempool *sess_mp,
 		xform.modex.exponent.data = perf_mod_e;
 		xform.modex.exponent.length = sizeof(perf_mod_e);
 
-		sess = (void *)rte_cryptodev_asym_session_create(sess_mp, dev_id, &xform);
-		if (sess == NULL)
+		ret = rte_cryptodev_asym_session_create(&asym_sess,
+				sess_mp, dev_id, &xform);
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Asym session create failed");
 			return NULL;
-
-		return sess;
+		}
+		return asym_sess;
 	}
 #ifdef RTE_LIB_SECURITY
 	/*
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index a81d6292f6..f47d3555b5 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -314,6 +314,7 @@  test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,
 	uint8_t dev_id = ts_params->valid_devs[0];
 	uint8_t input[TEST_DATA_SIZE] = {0};
 	uint8_t *result = NULL;
+	int ret;
 
 	int status = TEST_SUCCESS;
 
@@ -450,14 +451,14 @@  test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,
 	}
 
 	if (!sessionless) {
-		sess = rte_cryptodev_asym_session_create(ts_params->session_mpool,
-				dev_id, &xform_tc);
-		if (!sess) {
+		ret = rte_cryptodev_asym_session_create(&sess,
+				ts_params->session_mpool, dev_id, &xform_tc);
+		if (ret < 0) {
 			snprintf(test_msg, ASYM_TEST_MSG_LEN,
 					"line %u "
 					"FAILED: %s", __LINE__,
 					"Session creation failed");
-			status = TEST_FAILED;
+			status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 			goto error_exit;
 		}
 
@@ -644,9 +645,9 @@  test_rsa_sign_verify(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int status = TEST_SUCCESS, ret;
 
 	/* Test case supports op with exponent key only,
 	 * Check in PMD feature flag for RSA exponent key type support.
@@ -659,12 +660,12 @@  test_rsa_sign_verify(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"sign_verify\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -685,9 +686,9 @@  test_rsa_enc_dec(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int status = TEST_SUCCESS, ret;
 
 	/* Test case supports op with exponent key only,
 	 * Check in PMD feature flag for RSA exponent key type support.
@@ -700,11 +701,11 @@  test_rsa_enc_dec(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for enc_dec\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -726,9 +727,9 @@  test_rsa_sign_verify_crt(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int status = TEST_SUCCESS, ret;
 
 	/* Test case supports op with quintuple format key only,
 	 * Check im PMD feature flag for RSA quintuple key type support.
@@ -740,12 +741,12 @@  test_rsa_sign_verify_crt(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform_crt);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform_crt);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"sign_verify_crt\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -767,9 +768,10 @@  test_rsa_enc_dec_crt(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
 	int status = TEST_SUCCESS;
+	int ret;
 
 	/* Test case supports op with quintuple format key only,
 	 * Check in PMD feature flag for RSA quintuple key type support.
@@ -781,12 +783,12 @@  test_rsa_enc_dec_crt(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform_crt);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform_crt);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"enc_dec_crt\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1054,6 +1056,7 @@  test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
 	uint8_t peer[] = "01234567890123456789012345678901234567890123456789";
+	int ret;
 
 	/* set up crypto op data structure */
 	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
@@ -1077,12 +1080,13 @@  test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.shared_secret.data = output;
 	asym_op->dh.shared_secret.length = sizeof(output);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1138,6 +1142,7 @@  test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
 	int status = TEST_SUCCESS;
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
+	int ret;
 
 	/* set up crypto op data structure */
 	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
@@ -1157,12 +1162,13 @@  test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.priv_key.data = output;
 	asym_op->dh.priv_key.length = sizeof(output);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1221,6 +1227,7 @@  test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
 	int status = TEST_SUCCESS;
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
+	int ret;
 
 	/* set up crypto op data structure */
 	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
@@ -1248,12 +1255,13 @@  test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
 					0);
 	asym_op->dh.priv_key = dh_test_params.priv_key;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1314,6 +1322,7 @@  test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
 	uint8_t out_prv_key[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform pub_key_xform;
 	struct rte_crypto_asym_xform xform = *xfrm;
+	int ret;
 
 	/* set up crypto op data structure */
 	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
@@ -1339,12 +1348,13 @@  test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.priv_key.data = out_prv_key;
 	asym_op->dh.priv_key.length = sizeof(out_prv_key);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1430,12 +1440,13 @@  test_mod_inv(void)
 				return TEST_SKIPPED;
 		}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &modinv_xform);
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &modinv_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "line %u "
 				"FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1556,13 +1567,14 @@  test_mod_exp(void)
 		goto error_exit;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &modex_xform);
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &modex_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				 "line %u "
 				"FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1668,13 +1680,14 @@  test_dsa_sign(void)
 	uint8_t r[TEST_DH_MOD_LEN];
 	uint8_t s[TEST_DH_MOD_LEN];
 	uint8_t dgst[] = "35d81554afaad2cf18f3a1770d5fedc4ea5be344";
+	int ret;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &dsa_xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool, dev_id, &dsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				 "line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 	/* set up crypto op data structure */
@@ -1850,12 +1863,13 @@  test_ecdsa_sign_verify(enum curve curve_id)
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA;
 	xform.ec.curve_id = input_params.curve;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto exit;
 	}
 
@@ -2054,12 +2068,12 @@  test_ecpm(enum curve curve_id)
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECPM;
 	xform.ec.curve_id = input_params.curve;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool, dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto exit;
 	}
 
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index 2a591930de..a26a025f9d 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -1911,9 +1911,9 @@  rte_cryptodev_sym_session_create(struct rte_mempool *mp)
 	return sess;
 }
 
-void *
-rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
-		struct rte_crypto_asym_xform *xforms)
+int
+rte_cryptodev_asym_session_create(void **session, struct rte_mempool *mp,
+		uint8_t dev_id, struct rte_crypto_asym_xform *xforms)
 {
 	struct rte_cryptodev_asym_session *sess;
 	uint32_t session_priv_data_sz;
@@ -1925,18 +1925,18 @@  rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 
 	if (!rte_cryptodev_is_valid_dev(dev_id)) {
 		CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id);
-		return NULL;
+		return -EINVAL;
 	}
 	session_priv_data_sz = rte_cryptodev_asym_get_private_session_size(
 			dev_id);
 	dev = rte_cryptodev_pmd_get_dev(dev_id);
 
 	if (dev == NULL)
-		return NULL;
+		return -EINVAL;
 
 	if (!mp) {
 		CDEV_LOG_ERR("invalid mempool\n");
-		return NULL;
+		return -EINVAL;
 	}
 
 	pool_priv = rte_mempool_get_priv(mp);
@@ -1944,22 +1944,23 @@  rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 	if (pool_priv->max_priv_session_sz < session_priv_data_sz) {
 		CDEV_LOG_DEBUG(
 			"The private session data size used when creating the mempool is smaller than this device's private session data.");
-		return NULL;
+		return -EINVAL;
 	}
 
 	/* Verify if provided mempool can hold elements big enough. */
 	if (mp->elt_size < session_header_size + session_priv_data_sz) {
 		CDEV_LOG_ERR(
 			"mempool elements too small to hold session objects");
-		return NULL;
+		return -EINVAL;
 	}
 
 	/* Allocate a session structure from the session pool */
-	if (rte_mempool_get(mp, (void **)&sess)) {
+	if (rte_mempool_get(mp, session)) {
 		CDEV_LOG_ERR("couldn't get object from session mempool");
-		return NULL;
+		return -ENOMEM;
 	}
 
+	sess = *session;
 	sess->driver_id = dev->driver_id;
 	sess->user_data_sz = pool_priv->user_data_sz;
 	sess->max_priv_session_sz = pool_priv->max_priv_session_sz;
@@ -1969,7 +1970,7 @@  rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 	 */
 	memset(sess->sess_private_data, 0, session_priv_data_sz + sess->user_data_sz);
 
-	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_session_configure, NULL);
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_session_configure, -ENOTSUP);
 
 	if (sess->sess_private_data[0] == 0) {
 		ret = dev->dev_ops->asym_session_configure(dev,
@@ -1979,12 +1980,12 @@  rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 			CDEV_LOG_ERR(
 				"dev_id %d failed to configure session details",
 				dev_id);
-			return NULL;
+			return ret;
 		}
 	}
 
 	rte_cryptodev_trace_asym_session_create(mp, sess);
-	return sess;
+	return 0;
 }
 
 int
diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
index 6a4d6d9934..89739def91 100644
--- a/lib/cryptodev/rte_cryptodev.h
+++ b/lib/cryptodev/rte_cryptodev.h
@@ -990,18 +990,21 @@  rte_cryptodev_sym_session_create(struct rte_mempool *mempool);
 /**
  * Create asymmetric crypto session header (generic with no private data)
  *
+ * @param   session    void ** for session to be used
  * @param   mempool    mempool to allocate asymmetric session
  *                     objects from
  * @param   dev_id   ID of device that we want the session to be used on
  * @param   xforms   Asymmetric crypto transform operations to apply on flow
  *                   processed with this session
  * @return
- *  - On success return pointer to asym-session
- *  - On failure returns NULL
+ *  - 0 on success.
+ *  - -EINVAL on invalid device ID, or invalid mempool.
+ *  - -ENOMEM on memory error for session allocation.
+ *  - -ENOTSUP if device doesn't support session configuration.
  */
 __rte_experimental
-void *
-rte_cryptodev_asym_session_create(struct rte_mempool *mempool,
+int
+rte_cryptodev_asym_session_create(void **session, struct rte_mempool *mempool,
 		uint8_t dev_id, struct rte_crypto_asym_xform *xforms);
 
 /**