On 12-Feb-26 5:17 PM, Bruce Richardson wrote:
On Thu, Feb 12, 2026 at 03:50:26PM +0100, Burakov, Anatoly wrote:
On 2/12/2026 1:53 PM, Anatoly Burakov wrote:
The original IPsec "add SA from flow" function expected a void* pointer to
security session as its first argument. However, the actual code was not
passing that, instead it passed `rte_flow_action_security` which was a
*container* for security session pointer.
Fix it by passing correct pointer type, as well as make typing more
explicit to let compiler catch such bugs in the future.
Fixes: 9a0752f498d2 ("net/ixgbe: enable inline IPsec")
Cc: [email protected]
Cc: [email protected]
Signed-off-by: Anatoly Burakov <[email protected]>
---
<snip>
+ const struct ip_spec *spec)
{
- /**
- * FIXME Updating the session priv data when the session is const.
- * Typecasting done here is wrong and the implementation need to be
corrected.
- */
- struct ixgbe_crypto_session *ic_session = (void *)(uintptr_t)
- ((const struct rte_security_session
*)sess)->driver_priv_data;
+ struct ixgbe_crypto_session *ic_session =
+ RTE_CAST_PTR(struct ixgbe_crypto_session *,
sess->driver_priv_data);
Despite being removed, the comment is still true. This is an artifact of how
we get the crypto session (it comes from security rte_flow action, which is
const).
Why not keep the comment then?
Probably it's best to explain why we cast away the const, but not
include the FIXME or TODO tag anymore.
