[PATCH v5 02/12] net/ixgbe: fix memory leak in security flows

[Bruce Richardson]

On Thu, Feb 12, 2026 at 05:10:54PM +0000, Bruce Richardson wrote:
> On Thu, Feb 12, 2026 at 12:53:25PM +0000, Anatoly Burakov wrote:
> > Currently, security flows are implemented as a special case and do not go
> > through the normal flow create/destroy infrastructure. However, because of
> > that, it is impossible to destroy such flows once created. Fix it by adding
> > a flag to rte_flow indicating that it is a security flow, so that it can be
> > destroyed later.
> > 
> > Additionally, security flows return pointer to allocated `rte_flow` struct
> > unconditionally, even though the underlying call to ipsec code might have
> > failed. Fix that by checking the return value from the filter function
> > before returning.
> > 
> > Fixes: 9a0752f498d2 ("net/ixgbe: enable inline IPsec")
> > Cc: radu.nicolau at intel.com
> > Cc: stable at dpdk.org
> > 
> > Signed-off-by: Anatoly Burakov <anatoly.burakov at intel.com>
> 
> Not an expert in these security flows but the patch looks ok to me. One
> minor nit inline below which you can take if you do a respin.
> 
Correction :-): Wrong shortcut used!

Acked-by: Bruce Richardson <bruce.richardson at intel.com>