On Thu, Feb 12, 2026 at 05:10:54PM +0000, Bruce Richardson wrote:
> On Thu, Feb 12, 2026 at 12:53:25PM +0000, Anatoly Burakov wrote:
> > Currently, security flows are implemented as a special case and do not go
> > through the normal flow create/destroy infrastructure. However, because of
> > that, it is impossible to destroy such flows once created. Fix it by adding
> > a flag to rte_flow indicating that it is a security flow, so that it can be
> > destroyed later.
> >
> > Additionally, security flows return pointer to allocated `rte_flow` struct
> > unconditionally, even though the underlying call to ipsec code might have
> > failed. Fix that by checking the return value from the filter function
> > before returning.
> >
> > Fixes: 9a0752f498d2 ("net/ixgbe: enable inline IPsec")
> > Cc: [email protected]
> > Cc: [email protected]
> >
> > Signed-off-by: Anatoly Burakov <[email protected]>
>
> Not an expert in these security flows but the patch looks ok to me. One
> minor nit inline below which you can take if you do a respin.
>
Correction :-): Wrong shortcut used!
Acked-by: Bruce Richardson <[email protected]>
