From patchwork Mon Jan 24 15:03:39 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Power, Ciara" <ciara.power@intel.com>
X-Patchwork-Id: 106352
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 62CA5A04A8;
	Mon, 24 Jan 2022 16:04:24 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id D7ECD427C7;
	Mon, 24 Jan 2022 16:04:23 +0100 (CET)
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 by mails.dpdk.org (Postfix) with ESMTP id 9282940040
 for <dev@dpdk.org>; Mon, 24 Jan 2022 16:04:22 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1643036662; x=1674572662;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=g6L/ri2eghrjFmve/nHxWThzHUlekELsNQctQO6lZYo=;
 b=Y61ihas/izYftS6DrdkIqP1zVv4m3BqlPWYyZRv/BETAQ/Xb3Zdg2y4A
 mLu1PthI9mjU9nAcKbT0HzQpgVsA7DRlXFj+PjGTndoO5C0ZQzvrB6IVP
 Vq17BVMDx/zDf1YT08Wh97hioNHCgH5t4lg7wP+ciyOmrZ9eYF43a8Wqz
 MecfRBa3XIZScGN2WJk1U/EQL0iDjcQGnDIcPkBg65D1k3hupDx4iBrXu
 gyoxoFkJQibM5anfWfyjiXpKqpfDlOpla41btn63EiJRcKjYTn5jAadfe
 Gx0zXDg1ezP5sRvo2nxPS0BjxJ8DxuM5+S9Siaxbr15YwT2tgK/HMjsTT Q==;
X-IronPort-AV: E=McAfee;i="6200,9189,10236"; a="233424045"
X-IronPort-AV: E=Sophos;i="5.88,311,1635231600"; d="scan'208";a="233424045"
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 24 Jan 2022 07:03:59 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.88,311,1635231600"; d="scan'208";a="476744151"
Received: from silpixa00400355.ir.intel.com (HELO
 silpixa00400355.ger.corp.intel.com) ([10.237.222.49])
 by orsmga003.jf.intel.com with ESMTP; 24 Jan 2022 07:03:57 -0800
From: Ciara Power <ciara.power@intel.com>
To: dev@dpdk.org
Cc: roy.fan.zhang@intel.com, gakhil@marvell.com, anoobj@marvell.com,
 mdr@ashroe.eu, Ciara Power <ciara.power@intel.com>,
 Declan Doherty <declan.doherty@intel.com>
Subject: [PATCH v2 4/4] crypto: modify return value for asym session create
Date: Mon, 24 Jan 2022 15:03:39 +0000
Message-Id: <20220124150339.280090-5-ciara.power@intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20220124150339.280090-1-ciara.power@intel.com>
References: <20220124150339.280090-1-ciara.power@intel.com>
MIME-Version: 1.0
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Rather than the asym session create function returning a session on
success, and a NULL value on error, it is modified to now return int
values - 0 on success or -EINVAL/-ENOTSUP/-ENOMEM on failure.
The session to be used is passed as input.

This adds clarity on the failure of the create function, which enables
treating the -ENOTSUP return as TEST_SKIPPED in test apps.

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
---
 app/test-crypto-perf/cperf_ops.c |  12 ++-
 app/test/test_cryptodev_asym.c   | 122 +++++++++++++++++--------------
 lib/cryptodev/rte_cryptodev.c    |  27 +++----
 lib/cryptodev/rte_cryptodev.h    |  11 ++-
 4 files changed, 97 insertions(+), 75 deletions(-)

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 948dc0f608..737a47150d 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -734,7 +734,9 @@ cperf_create_session(struct rte_mempool *sess_mp,
 	struct rte_crypto_sym_xform auth_xform;
 	struct rte_crypto_sym_xform aead_xform;
 	struct rte_cryptodev_sym_session *sess = NULL;
+	void *asym_sess = NULL;
 	struct rte_crypto_asym_xform xform = {0};
+	int ret;
 
 	if (options->op_type == CPERF_ASYM_MODEX) {
 		xform.next = NULL;
@@ -744,11 +746,13 @@ cperf_create_session(struct rte_mempool *sess_mp,
 		xform.modex.exponent.data = perf_mod_e;
 		xform.modex.exponent.length = sizeof(perf_mod_e);
 
-		sess = (void *)rte_cryptodev_asym_session_create(sess_mp, dev_id, &xform);
-		if (sess == NULL)
+		ret = rte_cryptodev_asym_session_create(&asym_sess,
+				sess_mp, dev_id, &xform);
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Asym session create failed");
 			return NULL;
-
-		return sess;
+		}
+		return asym_sess;
 	}
 #ifdef RTE_LIB_SECURITY
 	/*
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index a81d6292f6..f47d3555b5 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -314,6 +314,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,
 	uint8_t dev_id = ts_params->valid_devs[0];
 	uint8_t input[TEST_DATA_SIZE] = {0};
 	uint8_t *result = NULL;
+	int ret;
 
 	int status = TEST_SUCCESS;
 
@@ -450,14 +451,14 @@ test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,
 	}
 
 	if (!sessionless) {
-		sess = rte_cryptodev_asym_session_create(ts_params->session_mpool,
-				dev_id, &xform_tc);
-		if (!sess) {
+		ret = rte_cryptodev_asym_session_create(&sess,
+				ts_params->session_mpool, dev_id, &xform_tc);
+		if (ret < 0) {
 			snprintf(test_msg, ASYM_TEST_MSG_LEN,
 					"line %u "
 					"FAILED: %s", __LINE__,
 					"Session creation failed");
-			status = TEST_FAILED;
+			status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 			goto error_exit;
 		}
 
@@ -644,9 +645,9 @@ test_rsa_sign_verify(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int status = TEST_SUCCESS, ret;
 
 	/* Test case supports op with exponent key only,
 	 * Check in PMD feature flag for RSA exponent key type support.
@@ -659,12 +660,12 @@ test_rsa_sign_verify(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"sign_verify\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -685,9 +686,9 @@ test_rsa_enc_dec(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int status = TEST_SUCCESS, ret;
 
 	/* Test case supports op with exponent key only,
 	 * Check in PMD feature flag for RSA exponent key type support.
@@ -700,11 +701,11 @@ test_rsa_enc_dec(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for enc_dec\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -726,9 +727,9 @@ test_rsa_sign_verify_crt(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
-	int status = TEST_SUCCESS;
+	int status = TEST_SUCCESS, ret;
 
 	/* Test case supports op with quintuple format key only,
 	 * Check im PMD feature flag for RSA quintuple key type support.
@@ -740,12 +741,12 @@ test_rsa_sign_verify_crt(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform_crt);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform_crt);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"sign_verify_crt\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -767,9 +768,10 @@ test_rsa_enc_dec_crt(void)
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct rte_mempool *sess_mpool = ts_params->session_mpool;
 	uint8_t dev_id = ts_params->valid_devs[0];
-	void *sess;
+	void *sess = NULL;
 	struct rte_cryptodev_info dev_info;
 	int status = TEST_SUCCESS;
+	int ret;
 
 	/* Test case supports op with quintuple format key only,
 	 * Check in PMD feature flag for RSA quintuple key type support.
@@ -781,12 +783,12 @@ test_rsa_enc_dec_crt(void)
 		return TEST_SKIPPED;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &rsa_xform_crt);
-
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &rsa_xform_crt);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Session creation failed for "
 			"enc_dec_crt\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1054,6 +1056,7 @@ test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
 	uint8_t peer[] = "01234567890123456789012345678901234567890123456789";
+	int ret;
 
 	/* set up crypto op data structure */
 	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
@@ -1077,12 +1080,13 @@ test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.shared_secret.data = output;
 	asym_op->dh.shared_secret.length = sizeof(output);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1138,6 +1142,7 @@ test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
 	int status = TEST_SUCCESS;
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
+	int ret;
 
 	/* set up crypto op data structure */
 	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
@@ -1157,12 +1162,13 @@ test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.priv_key.data = output;
 	asym_op->dh.priv_key.length = sizeof(output);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1221,6 +1227,7 @@ test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
 	int status = TEST_SUCCESS;
 	uint8_t output[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform xform = *xfrm;
+	int ret;
 
 	/* set up crypto op data structure */
 	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
@@ -1248,12 +1255,13 @@ test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
 					0);
 	asym_op->dh.priv_key = dh_test_params.priv_key;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1314,6 +1322,7 @@ test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
 	uint8_t out_prv_key[TEST_DH_MOD_LEN];
 	struct rte_crypto_asym_xform pub_key_xform;
 	struct rte_crypto_asym_xform xform = *xfrm;
+	int ret;
 
 	/* set up crypto op data structure */
 	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
@@ -1339,12 +1348,13 @@ test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
 	asym_op->dh.priv_key.data = out_prv_key;
 	asym_op->dh.priv_key.length = sizeof(out_prv_key);
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1430,12 +1440,13 @@ test_mod_inv(void)
 				return TEST_SKIPPED;
 		}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &modinv_xform);
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &modinv_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "line %u "
 				"FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1556,13 +1567,14 @@ test_mod_exp(void)
 		goto error_exit;
 	}
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &modex_xform);
-	if (!sess) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &modex_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				 "line %u "
 				"FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 
@@ -1668,13 +1680,14 @@ test_dsa_sign(void)
 	uint8_t r[TEST_DH_MOD_LEN];
 	uint8_t s[TEST_DH_MOD_LEN];
 	uint8_t dgst[] = "35d81554afaad2cf18f3a1770d5fedc4ea5be344";
+	int ret;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &dsa_xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool, dev_id, &dsa_xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				 "line %u FAILED: %s", __LINE__,
 				"Session creation failed");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto error_exit;
 	}
 	/* set up crypto op data structure */
@@ -1850,12 +1863,13 @@ test_ecdsa_sign_verify(enum curve curve_id)
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA;
 	xform.ec.curve_id = input_params.curve;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool,
+			dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto exit;
 	}
 
@@ -2054,12 +2068,12 @@ test_ecpm(enum curve curve_id)
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECPM;
 	xform.ec.curve_id = input_params.curve;
 
-	sess = rte_cryptodev_asym_session_create(sess_mpool, dev_id, &xform);
-	if (sess == NULL) {
+	ret = rte_cryptodev_asym_session_create(&sess, sess_mpool, dev_id, &xform);
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1,
 				"line %u FAILED: %s", __LINE__,
 				"Session creation failed\n");
-		status = TEST_FAILED;
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
 		goto exit;
 	}
 
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index 2a591930de..a26a025f9d 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -1911,9 +1911,9 @@ rte_cryptodev_sym_session_create(struct rte_mempool *mp)
 	return sess;
 }
 
-void *
-rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
-		struct rte_crypto_asym_xform *xforms)
+int
+rte_cryptodev_asym_session_create(void **session, struct rte_mempool *mp,
+		uint8_t dev_id, struct rte_crypto_asym_xform *xforms)
 {
 	struct rte_cryptodev_asym_session *sess;
 	uint32_t session_priv_data_sz;
@@ -1925,18 +1925,18 @@ rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 
 	if (!rte_cryptodev_is_valid_dev(dev_id)) {
 		CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id);
-		return NULL;
+		return -EINVAL;
 	}
 	session_priv_data_sz = rte_cryptodev_asym_get_private_session_size(
 			dev_id);
 	dev = rte_cryptodev_pmd_get_dev(dev_id);
 
 	if (dev == NULL)
-		return NULL;
+		return -EINVAL;
 
 	if (!mp) {
 		CDEV_LOG_ERR("invalid mempool\n");
-		return NULL;
+		return -EINVAL;
 	}
 
 	pool_priv = rte_mempool_get_priv(mp);
@@ -1944,22 +1944,23 @@ rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 	if (pool_priv->max_priv_session_sz < session_priv_data_sz) {
 		CDEV_LOG_DEBUG(
 			"The private session data size used when creating the mempool is smaller than this device's private session data.");
-		return NULL;
+		return -EINVAL;
 	}
 
 	/* Verify if provided mempool can hold elements big enough. */
 	if (mp->elt_size < session_header_size + session_priv_data_sz) {
 		CDEV_LOG_ERR(
 			"mempool elements too small to hold session objects");
-		return NULL;
+		return -EINVAL;
 	}
 
 	/* Allocate a session structure from the session pool */
-	if (rte_mempool_get(mp, (void **)&sess)) {
+	if (rte_mempool_get(mp, session)) {
 		CDEV_LOG_ERR("couldn't get object from session mempool");
-		return NULL;
+		return -ENOMEM;
 	}
 
+	sess = *session;
 	sess->driver_id = dev->driver_id;
 	sess->user_data_sz = pool_priv->user_data_sz;
 	sess->max_priv_session_sz = pool_priv->max_priv_session_sz;
@@ -1969,7 +1970,7 @@ rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 	 */
 	memset(sess->sess_private_data, 0, session_priv_data_sz + sess->user_data_sz);
 
-	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_session_configure, NULL);
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_session_configure, -ENOTSUP);
 
 	if (sess->sess_private_data[0] == 0) {
 		ret = dev->dev_ops->asym_session_configure(dev,
@@ -1979,12 +1980,12 @@ rte_cryptodev_asym_session_create(struct rte_mempool *mp, uint8_t dev_id,
 			CDEV_LOG_ERR(
 				"dev_id %d failed to configure session details",
 				dev_id);
-			return NULL;
+			return ret;
 		}
 	}
 
 	rte_cryptodev_trace_asym_session_create(mp, sess);
-	return sess;
+	return 0;
 }
 
 int
diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
index 6a4d6d9934..89739def91 100644
--- a/lib/cryptodev/rte_cryptodev.h
+++ b/lib/cryptodev/rte_cryptodev.h
@@ -990,18 +990,21 @@ rte_cryptodev_sym_session_create(struct rte_mempool *mempool);
 /**
  * Create asymmetric crypto session header (generic with no private data)
  *
+ * @param   session    void ** for session to be used
  * @param   mempool    mempool to allocate asymmetric session
  *                     objects from
  * @param   dev_id   ID of device that we want the session to be used on
  * @param   xforms   Asymmetric crypto transform operations to apply on flow
  *                   processed with this session
  * @return
- *  - On success return pointer to asym-session
- *  - On failure returns NULL
+ *  - 0 on success.
+ *  - -EINVAL on invalid device ID, or invalid mempool.
+ *  - -ENOMEM on memory error for session allocation.
+ *  - -ENOTSUP if device doesn't support session configuration.
  */
 __rte_experimental
-void *
-rte_cryptodev_asym_session_create(struct rte_mempool *mempool,
+int
+rte_cryptodev_asym_session_create(void **session, struct rte_mempool *mempool,
 		uint8_t dev_id, struct rte_crypto_asym_xform *xforms);
 
 /**