From: Bruce Richardson <bruce.richardson@intel.com>
To: "Burakov, Anatoly" <anatoly.burakov@intel.com>
Cc: <dev@dpdk.org>, Vladimir Medvedkin <vladimir.medvedkin@intel.com>,
"Declan Doherty" <declan.doherty@intel.com>,
Radu Nicolau <radu.nicolau@intel.com>
Subject: Re: [PATCH v5 02/12] net/ixgbe: fix memory leak in security flows
Date: Fri, 13 Feb 2026 08:50:46 +0000 [thread overview]
Message-ID: <aY7l5korgdyG4qcd@bricha3-mobl1.ger.corp.intel.com> (raw)
In-Reply-To: <6cdb4c37-0e01-42d5-a2a4-e80bb7c4d390@intel.com>
On Fri, Feb 13, 2026 at 09:44:49AM +0100, Burakov, Anatoly wrote:
> On 2/12/2026 6:10 PM, Bruce Richardson wrote:
> > On Thu, Feb 12, 2026 at 12:53:25PM +0000, Anatoly Burakov wrote:
> > > Currently, security flows are implemented as a special case and do not go
> > > through the normal flow create/destroy infrastructure. However, because of
> > > that, it is impossible to destroy such flows once created. Fix it by adding
> > > a flag to rte_flow indicating that it is a security flow, so that it can be
> > > destroyed later.
> > >
> > > Additionally, security flows return pointer to allocated `rte_flow` struct
> > > unconditionally, even though the underlying call to ipsec code might have
> > > failed. Fix that by checking the return value from the filter function
> > > before returning.
> > >
> > > Fixes: 9a0752f498d2 ("net/ixgbe: enable inline IPsec")
> > > Cc: radu.nicolau@intel.com
> > > Cc: stable@dpdk.org
> > >
> > > Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
>
> <snip>
>
> > > @@ -3350,6 +3354,12 @@ ixgbe_flow_destroy(struct rte_eth_dev *dev,
> > > IXGBE_DEV_PRIVATE_TO_FDIR_INFO(dev->data->dev_private);
> > > struct ixgbe_rss_conf_ele *rss_filter_ptr;
> > > + /* Special case for SECURITY flows */
> > > + if (flow->is_security) {
> > > + ret = 0;
> >
> > Rather than assigning ret explicitly here, I think it might be better just
> > to set it = 0 at definition, and leaving this as a simple goto free. [It
> > would also head off any future compiler warnings about ret being
> > uninitialized :-)]
> >
>
> I actually remember a lot of commits *removing* that sort of thing, with the
> idea being that we *want* to have these warnings to make sure every path is
> covered. Additionally, I personally prefer it this way for clarity (i.e.
> explicitly indicating success).
>
> I can still fix it if you have strong feelings on it, but I'd rather leave
> it as is.
>
True. It was just fresh in my mind having had to fix an issue with the hash
gfni code where the compiler had failed to realise that the variable had
to have been initialized and so was giving a false positive warning.
If you prefer it this way, I'm ok to keep as-is.
/Bruce
next prev parent reply other threads:[~2026-02-13 8:50 UTC|newest]
Thread overview: 83+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-09 12:58 [PATCH v1 1/4] net/ixgbe: add missing E610 MAC type checks Anatoly Burakov
2026-02-09 12:58 ` [PATCH v1 2/4] net/i40e: move FDIR config to flow create Anatoly Burakov
2026-02-09 12:58 ` [PATCH v1 3/4] net/iavf: fix memory leak on egress IPsec flows Anatoly Burakov
2026-02-09 14:40 ` Radu Nicolau
2026-02-09 12:58 ` [PATCH v1 4/4] net/iavf: fix memory leak on uninit Anatoly Burakov
2026-02-09 14:40 ` Radu Nicolau
2026-02-10 15:52 ` [PATCH v2 1/7] net/ixgbe: add missing E610 MAC type checks Anatoly Burakov
2026-02-10 15:52 ` [PATCH v2 2/7] net/i40e: move FDIR config to flow create Anatoly Burakov
2026-02-10 15:52 ` [PATCH v2 3/7] net/iavf: fix memory leak on egress IPsec flows Anatoly Burakov
2026-02-10 15:52 ` [PATCH v2 4/7] net/iavf: fix memory leak on uninit Anatoly Burakov
2026-02-10 15:52 ` [PATCH v2 5/7] net/i40e: fix IPv6 GTPU handling Anatoly Burakov
2026-02-10 15:52 ` [PATCH v2 6/7] net/iavf: fix IPv4 flow subscription Anatoly Burakov
2026-02-10 15:52 ` [PATCH v2 7/7] net/ice: fix memory leak in DCF QoS bandwidth config Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 0/8] Assortment of bug fixes for Intel PMD's Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 1/8] net/ixgbe: add missing E610 MAC type checks Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 2/8] net/i40e: move FDIR config to flow create Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 3/8] net/iavf: fix memory leak on egress IPsec flows Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 4/8] net/iavf: fix memory leak on uninit Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 5/8] net/i40e: fix IPv6 GTPU handling Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 6/8] net/iavf: fix IPv4 flow subscription Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 7/8] net/ice: fix memory leak in DCF QoS bandwidth config Anatoly Burakov
2026-02-11 13:03 ` [PATCH v3 8/8] net/ice: fix memory leak in FDIR flow parsing Anatoly Burakov
2026-02-11 13:49 ` [PATCH v4 0/9] Assortment of bug fixes for Intel PMD's Anatoly Burakov
2026-02-11 13:49 ` [PATCH v4 1/9] net/ixgbe: add missing E610 MAC type checks Anatoly Burakov
2026-02-11 15:17 ` Medvedkin, Vladimir
2026-02-11 21:57 ` Kwapulinski, Piotr
2026-02-11 13:49 ` [PATCH v4 2/9] net/ixgbe: fix memory leak in security flows Anatoly Burakov
2026-02-11 15:28 ` Medvedkin, Vladimir
2026-02-11 13:49 ` [PATCH v4 3/9] net/i40e: move FDIR config to flow create Anatoly Burakov
2026-02-11 15:38 ` Medvedkin, Vladimir
2026-02-11 13:49 ` [PATCH v4 4/9] net/i40e: fix IPv6 GTPU handling Anatoly Burakov
2026-02-11 15:40 ` Medvedkin, Vladimir
2026-02-11 13:49 ` [PATCH v4 5/9] net/iavf: fix memory leak on egress IPsec flows Anatoly Burakov
2026-02-11 15:45 ` Medvedkin, Vladimir
2026-02-11 13:49 ` [PATCH v4 6/9] net/iavf: fix memory leak on uninit Anatoly Burakov
2026-02-11 15:52 ` Medvedkin, Vladimir
2026-02-11 13:49 ` [PATCH v4 7/9] net/iavf: fix IPv4 flow subscription Anatoly Burakov
2026-02-11 15:53 ` Medvedkin, Vladimir
2026-02-11 13:49 ` [PATCH v4 8/9] net/ice: fix memory leak in DCF QoS bandwidth config Anatoly Burakov
2026-02-11 15:56 ` Medvedkin, Vladimir
2026-02-11 13:49 ` [PATCH v4 9/9] net/ice: fix memory leak in FDIR flow parsing Anatoly Burakov
2026-02-11 16:06 ` Medvedkin, Vladimir
2026-02-12 12:53 ` [PATCH v5 00/12] Assortment of bug fixes for Intel PMD's Anatoly Burakov
2026-02-12 12:53 ` [PATCH v5 01/12] net/ixgbe: add missing E610 MAC type checks Anatoly Burakov
2026-02-12 12:53 ` [PATCH v5 02/12] net/ixgbe: fix memory leak in security flows Anatoly Burakov
2026-02-12 17:10 ` Bruce Richardson
2026-02-12 17:14 ` Bruce Richardson
2026-02-13 8:44 ` Burakov, Anatoly
2026-02-13 8:50 ` Bruce Richardson [this message]
2026-02-12 17:19 ` Radu Nicolau
2026-02-12 12:53 ` [PATCH v5 03/12] net/ixgbe: fix potential null dereference in IPsec Anatoly Burakov
2026-02-12 17:13 ` Bruce Richardson
2026-02-12 17:19 ` Radu Nicolau
2026-02-12 12:53 ` [PATCH v5 04/12] " Anatoly Burakov
2026-02-12 17:15 ` Bruce Richardson
2026-02-12 17:19 ` Radu Nicolau
2026-02-12 12:53 ` [PATCH v5 05/12] net/ixgbe: fix wrong pointer handling " Anatoly Burakov
2026-02-12 14:50 ` Burakov, Anatoly
2026-02-12 17:17 ` Bruce Richardson
2026-02-12 17:21 ` Radu Nicolau
2026-02-13 8:40 ` Burakov, Anatoly
2026-02-12 17:18 ` Radu Nicolau
2026-02-12 12:53 ` [PATCH v5 06/12] net/i40e: move FDIR config to flow create Anatoly Burakov
2026-02-12 12:53 ` [PATCH v5 07/12] net/i40e: fix IPv6 GTPU handling Anatoly Burakov
2026-02-12 12:53 ` [PATCH v5 08/12] net/iavf: fix memory leak on egress IPsec flows Anatoly Burakov
2026-02-12 12:53 ` [PATCH v5 09/12] net/iavf: fix memory leak on uninit Anatoly Burakov
2026-02-12 12:53 ` [PATCH v5 10/12] net/iavf: fix IPv4 flow subscription Anatoly Burakov
2026-02-12 12:53 ` [PATCH v5 11/12] net/ice: fix memory leak in DCF QoS bandwidth config Anatoly Burakov
2026-02-12 12:53 ` [PATCH v5 12/12] net/ice: fix memory leak in FDIR flow parsing Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 00/12] Assortment of bug fixes for Intel PMD's Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 01/12] net/ixgbe: add missing E610 MAC type checks Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 02/12] net/ixgbe: fix memory leak in security flows Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 03/12] net/ixgbe: fix potential null dereference in IPsec Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 04/12] " Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 05/12] net/ixgbe: fix wrong pointer handling " Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 06/12] net/i40e: move FDIR config to flow create Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 07/12] net/i40e: fix IPv6 GTPU handling Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 08/12] net/iavf: fix memory leak on egress IPsec flows Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 09/12] net/iavf: fix memory leak on uninit Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 10/12] net/iavf: fix IPv4 flow subscription Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 11/12] net/ice: fix memory leak in DCF QoS bandwidth config Anatoly Burakov
2026-02-13 9:10 ` [PATCH v6 12/12] net/ice: fix memory leak in FDIR flow parsing Anatoly Burakov
2026-02-13 10:10 ` [PATCH v6 00/12] Assortment of bug fixes for Intel PMD's Bruce Richardson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aY7l5korgdyG4qcd@bricha3-mobl1.ger.corp.intel.com \
--to=bruce.richardson@intel.com \
--cc=anatoly.burakov@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=radu.nicolau@intel.com \
--cc=vladimir.medvedkin@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox