diff mbox series

net/iavf: fix IPsec flow create error check

Message ID	20221011094421.3410963-1-radu.nicolau@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	Qi Zhang
Headers	From: Radu Nicolau <radu.nicolau@intel.com> To: Jingjing Wu <jingjing.wu@intel.com>, Beilei Xing <beilei.xing@intel.com> Cc: dev@dpdk.org, qi.z.zhang@intel.com, Radu Nicolau <radu.nicolau@intel.com>, stable@dpdk.org Subject: [PATCH] net/iavf: fix IPsec flow create error check Date: Tue, 11 Oct 2022 10:44:21 +0100 Message-Id: <20221011094421.3410963-1-radu.nicolau@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: dev-bounces@dpdk.org
Series	net/iavf: fix IPsec flow create error check \| net/iavf: fix IPsec flow create error check

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK
ci/intel-Testing	success	Testing PASS
ci/github-robot: build	success	github build: passed
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/iol-aarch64-unit-testing	success	Testing PASS
ci/iol-x86_64-unit-testing	success	Testing PASS
ci/iol-aarch64-compile-testing	success	Testing PASS
ci/iol-x86_64-compile-testing	success	Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-intel-Performance	success	Performance Testing PASS

Commit Message

Radu Nicolau Oct. 11, 2022, 9:44 a.m. UTC

  Fix an error check where the return code was assigned to a
unsigned integer which can hide negative error codes.

Fixes: 6bc987ecb860 ("net/iavf: support IPsec inline crypto")
Cc: stable@dpdk.org

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
 drivers/net/iavf/iavf_ipsec_crypto.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

Comments

Qi Zhang Oct. 13, 2022, 3:44 a.m. UTC | #1

> -----Original Message-----
> From: Nicolau, Radu <radu.nicolau@intel.com>
> Sent: Tuesday, October 11, 2022 5:44 PM
> To: Wu, Jingjing <jingjing.wu@intel.com>; Xing, Beilei <beilei.xing@intel.com>
> Cc: dev@dpdk.org; Zhang, Qi Z <qi.z.zhang@intel.com>; Nicolau, Radu
> <radu.nicolau@intel.com>; stable@dpdk.org
> Subject: [PATCH] net/iavf: fix IPsec flow create error check
> 
> Fix an error check where the return code was assigned to a unsigned integer
> which can hide negative error codes.
> 
> Fixes: 6bc987ecb860 ("net/iavf: support IPsec inline crypto")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>

Acked-by: Qi Zhang <qi.z.zhang@intel.com>

Applied to dpdk-next-net-intel.

Thanks
Qi

diff mbox series

Patch

diff --git a/drivers/net/iavf/iavf_ipsec_crypto.c b/drivers/net/iavf/iavf_ipsec_crypto.c
index afd7f8f467..b50149c0ce 100644
--- a/drivers/net/iavf/iavf_ipsec_crypto.c
+++ b/drivers/net/iavf/iavf_ipsec_crypto.c
@@ -1851,6 +1851,7 @@  iavf_ipsec_flow_create(struct iavf_adapter *ad,
 		struct rte_flow_error *error)
 {
 	struct iavf_ipsec_flow_item *ipsec_flow = meta;
+	int flow_id = -1;
 	if (!ipsec_flow) {
 		rte_flow_error_set(error, EINVAL,
 				RTE_FLOW_ERROR_TYPE_HANDLE, NULL,
@@ -1859,8 +1860,7 @@  iavf_ipsec_flow_create(struct iavf_adapter *ad,
 	}
 
 	if (ipsec_flow->is_ipv4) {
-		ipsec_flow->id =
-			iavf_ipsec_crypto_inbound_security_policy_add(ad,
+		flow_id = iavf_ipsec_crypto_inbound_security_policy_add(ad,
 			ipsec_flow->spi,
 			1,
 			ipsec_flow->ipv4_hdr.dst_addr,
@@ -1869,8 +1869,7 @@  iavf_ipsec_flow_create(struct iavf_adapter *ad,
 			ipsec_flow->is_udp,
 			ipsec_flow->udp_hdr.dst_port);
 	} else {
-		ipsec_flow->id =
-			iavf_ipsec_crypto_inbound_security_policy_add(ad,
+		flow_id = iavf_ipsec_crypto_inbound_security_policy_add(ad,
 			ipsec_flow->spi,
 			0,
 			0,
@@ -1880,13 +1879,14 @@  iavf_ipsec_flow_create(struct iavf_adapter *ad,
 			ipsec_flow->udp_hdr.dst_port);
 	}
 
-	if (ipsec_flow->id < 1) {
+	if (flow_id < 1) {
 		rte_flow_error_set(error, EINVAL,
 				RTE_FLOW_ERROR_TYPE_UNSPECIFIED, NULL,
 				"Failed to add SA.");
 		return -rte_errno;
 	}
 
+	ipsec_flow->id = flow_id;
 	flow->rule = ipsec_flow;
 
 	return 0;