diff mbox series

examples/ipsec-secgw: add check for unprotected port mask

Message ID	20220209115213.3918784-1-vfialko@marvell.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Volodymyr Fialko <vfialko@marvell.com> To: <dev@dpdk.org>, Radu Nicolau <radu.nicolau@intel.com>, Akhil Goyal <gakhil@marvell.com> CC: <jerinj@marvell.com>, <konstantin.ananyev@intel.com>, Volodymyr Fialko <vfialko@marvell.com> Subject: [PATCH] examples/ipsec-secgw: add check for unprotected port mask Date: Wed, 9 Feb 2022 12:52:13 +0100 Message-ID: <20220209115213.3918784-1-vfialko@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	examples/ipsec-secgw: add check for unprotected port mask \| examples/ipsec-secgw: add check for unprotected port mask

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK
ci/intel-Testing	success	Testing PASS
ci/github-robot: build	success	github build: passed
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-broadcom-Functional	success	Functional Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-intel-Performance	success	Performance Testing PASS
ci/iol-aarch64-unit-testing	success	Testing PASS
ci/iol-x86_64-compile-testing	success	Testing PASS
ci/iol-aarch64-compile-testing	success	Testing PASS
ci/iol-abi-testing	success	Testing PASS
ci/iol-x86_64-unit-testing	success	Testing PASS

Commit Message

Volodymyr Fialko Feb. 9, 2022, 11:52 a.m. UTC

  Usage of unprotected port mask without any configured SA inbound, will
cause use of uninitialized SA context, so disallow such configuration.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>

---
 examples/ipsec-secgw/ipsec-secgw.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Anoob Joseph Feb. 18, 2022, 11:27 a.m. UTC | #1

> ----------------------------------------------------------------------
> Usage of unprotected port mask without any configured SA inbound, will cause
> use of uninitialized SA context, so disallow such configuration.
> 
> Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
> 
> ---
>  examples/ipsec-secgw/ipsec-secgw.c | 3 +++
>  1 file changed, 3 insertions(+)
> 

Acked-by: Anoob Joseph <anoobj@marvell.com>

Akhil Goyal Feb. 23, 2022, 9:22 a.m. UTC | #2

> > Usage of unprotected port mask without any configured SA inbound, will
> cause
> > use of uninitialized SA context, so disallow such configuration.
> >
> > Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
> >
> > ---
> >  examples/ipsec-secgw/ipsec-secgw.c | 3 +++
> >  1 file changed, 3 insertions(+)
> >
> 
> Acked-by: Anoob Joseph <anoobj@marvell.com>

Applied to dpdk-next-crypto
Thanks.

diff mbox series

Patch

diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index a643eb3aa7..602e170c96 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -3321,6 +3321,9 @@  main(int32_t argc, char **argv)
 		rte_exit(EXIT_FAILURE, "Invalid unprotected portmask 0x%x\n",
 				unprotected_port_mask);
 
+	if (unprotected_port_mask && !nb_sa_in)
+		rte_exit(EXIT_FAILURE, "Cannot use unprotected portmask without configured SA inbound\n");
+
 	if (check_poll_mode_params(eh_conf) < 0)
 		rte_exit(EXIT_FAILURE, "check_poll_mode_params failed\n");