From: Raed Salem <ra...@mellanox.com>
The cited commit introduced the following coverity issue at functions
mlx5_fpga_is_ipsec_device() and mlx5_fpga_ipsec_release_sa_ctx():
- bit_and_with_zero:
accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT is always 0.
As MLX5_ACCEL_ESP_ACTION_DECRYPT is not a bitwise flag and was wrongly
used with bitwise operation, the above expression is always zero value
as MLX5_ACCEL_ESP_ACTION_DECRYPT is zero.
Fix by using "==" comparison operator instead.
Fixes: 7dfee4b1d79e ("net/mlx5: IPsec, Refactor SA handle creation and
destruction")
Signed-off-by: Raed Salem <ra...@mellanox.com>
Signed-off-by: Saeed Mahameed <sae...@mellanox.com>
---
drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c
b/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c
index 0604216eb94f..b463787d6ca1 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c
@@ -708,7 +708,7 @@ void *mlx5_fpga_ipsec_create_sa_ctx(struct mlx5_core_dev
*mdev,
goto exists;
}
- if (accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT) {
+ if (accel_xfrm->attrs.action == MLX5_ACCEL_ESP_ACTION_DECRYPT) {
err = ida_simple_get(&fipsec->halloc, 1, 0, GFP_KERNEL);
if (err < 0) {
context = ERR_PTR(err);
@@ -759,7 +759,7 @@ void *mlx5_fpga_ipsec_create_sa_ctx(struct mlx5_core_dev
*mdev,
rhash_sa));
unlock_hash:
mutex_unlock(&fipsec->sa_hash_lock);
- if (accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT)
+ if (accel_xfrm->attrs.action == MLX5_ACCEL_ESP_ACTION_DECRYPT)
ida_simple_remove(&fipsec->halloc, sa_ctx->sa_handle);
exists:
mutex_unlock(&fpga_xfrm->lock);
--
2.25.4
