[PATCH] net/iavf: fix IPsec flow create error check
Radu Nicolau
radu.nicolau at intel.com
Tue Oct 11 11:44:21 CEST 2022
Fix an error check where the return code was assigned to a
unsigned integer which can hide negative error codes.
Fixes: 6bc987ecb860 ("net/iavf: support IPsec inline crypto")
Cc: stable at dpdk.org
Signed-off-by: Radu Nicolau <radu.nicolau at intel.com>
---
drivers/net/iavf/iavf_ipsec_crypto.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/drivers/net/iavf/iavf_ipsec_crypto.c b/drivers/net/iavf/iavf_ipsec_crypto.c
index afd7f8f467..b50149c0ce 100644
--- a/drivers/net/iavf/iavf_ipsec_crypto.c
+++ b/drivers/net/iavf/iavf_ipsec_crypto.c
@@ -1851,6 +1851,7 @@ iavf_ipsec_flow_create(struct iavf_adapter *ad,
struct rte_flow_error *error)
{
struct iavf_ipsec_flow_item *ipsec_flow = meta;
+ int flow_id = -1;
if (!ipsec_flow) {
rte_flow_error_set(error, EINVAL,
RTE_FLOW_ERROR_TYPE_HANDLE, NULL,
@@ -1859,8 +1860,7 @@ iavf_ipsec_flow_create(struct iavf_adapter *ad,
}
if (ipsec_flow->is_ipv4) {
- ipsec_flow->id =
- iavf_ipsec_crypto_inbound_security_policy_add(ad,
+ flow_id = iavf_ipsec_crypto_inbound_security_policy_add(ad,
ipsec_flow->spi,
1,
ipsec_flow->ipv4_hdr.dst_addr,
@@ -1869,8 +1869,7 @@ iavf_ipsec_flow_create(struct iavf_adapter *ad,
ipsec_flow->is_udp,
ipsec_flow->udp_hdr.dst_port);
} else {
- ipsec_flow->id =
- iavf_ipsec_crypto_inbound_security_policy_add(ad,
+ flow_id = iavf_ipsec_crypto_inbound_security_policy_add(ad,
ipsec_flow->spi,
0,
0,
@@ -1880,13 +1879,14 @@ iavf_ipsec_flow_create(struct iavf_adapter *ad,
ipsec_flow->udp_hdr.dst_port);
}
- if (ipsec_flow->id < 1) {
+ if (flow_id < 1) {
rte_flow_error_set(error, EINVAL,
RTE_FLOW_ERROR_TYPE_UNSPECIFIED, NULL,
"Failed to add SA.");
return -rte_errno;
}
+ ipsec_flow->id = flow_id;
flow->rule = ipsec_flow;
return 0;
--
2.25.1
More information about the stable
mailing list