[PATCH v5 05/12] net/ixgbe: fix wrong pointer handling in IPsec

[Radu Nicolau]

On 12-Feb-26 5:17 PM, Bruce Richardson wrote:
> On Thu, Feb 12, 2026 at 03:50:26PM +0100, Burakov, Anatoly wrote:
>> On 2/12/2026 1:53 PM, Anatoly Burakov wrote:
>>> The original IPsec "add SA from flow" function expected a void* pointer to
>>> security session as its first argument. However, the actual code was not
>>> passing that, instead it passed `rte_flow_action_security` which was a
>>> *container* for security session pointer.
>>>
>>> Fix it by passing correct pointer type, as well as make typing more
>>> explicit to let compiler catch such bugs in the future.
>>>
>>> Fixes: 9a0752f498d2 ("net/ixgbe: enable inline IPsec")
>>> Cc: radu.nicolau at intel.com
>>> Cc: stable at dpdk.org
>>>
>>> Signed-off-by: Anatoly Burakov <anatoly.burakov at intel.com>
>>> ---
>> <snip>
>>
>>> +		const struct ip_spec *spec)
>>>    {
>>> -	/**
>>> -	 * FIXME Updating the session priv data when the session is const.
>>> -	 * Typecasting done here is wrong and the implementation need to be corrected.
>>> -	 */
>>> -	struct ixgbe_crypto_session *ic_session = (void *)(uintptr_t)
>>> -			((const struct rte_security_session *)sess)->driver_priv_data;
>>> +	struct ixgbe_crypto_session *ic_session =
>>> +			RTE_CAST_PTR(struct ixgbe_crypto_session *, sess->driver_priv_data);
>> Despite being removed, the comment is still true. This is an artifact of how
>> we get the crypto session (it comes from security rte_flow action, which is
>> const).
>>
> Why not keep the comment then?
Probably it's best to explain why we cast away the const, but not 
include the FIXME or TODO tag anymore.