[PATCH v5 05/12] net/ixgbe: fix wrong pointer handling in IPsec

[Bruce Richardson]

On Thu, Feb 12, 2026 at 03:50:26PM +0100, Burakov, Anatoly wrote:
> On 2/12/2026 1:53 PM, Anatoly Burakov wrote:
> > The original IPsec "add SA from flow" function expected a void* pointer to
> > security session as its first argument. However, the actual code was not
> > passing that, instead it passed `rte_flow_action_security` which was a
> > *container* for security session pointer.
> > 
> > Fix it by passing correct pointer type, as well as make typing more
> > explicit to let compiler catch such bugs in the future.
> > 
> > Fixes: 9a0752f498d2 ("net/ixgbe: enable inline IPsec")
> > Cc: radu.nicolau at intel.com
> > Cc: stable at dpdk.org
> > 
> > Signed-off-by: Anatoly Burakov <anatoly.burakov at intel.com>
> > ---
> 
> <snip>
> 
> > +		const struct ip_spec *spec)
> >   {
> > -	/**
> > -	 * FIXME Updating the session priv data when the session is const.
> > -	 * Typecasting done here is wrong and the implementation need to be corrected.
> > -	 */
> > -	struct ixgbe_crypto_session *ic_session = (void *)(uintptr_t)
> > -			((const struct rte_security_session *)sess)->driver_priv_data;
> > +	struct ixgbe_crypto_session *ic_session =
> > +			RTE_CAST_PTR(struct ixgbe_crypto_session *, sess->driver_priv_data);
> 
> Despite being removed, the comment is still true. This is an artifact of how
> we get the crypto session (it comes from security rte_flow action, which is
> const).
> 
Why not keep the comment then?