From 72d3fef16158b9c1852855a3846757ec165c16e1 Mon Sep 17 00:00:00 2001 From: Raed Salem Date: Wed, 22 Apr 2020 09:19:08 +0300 Subject: [PATCH] net/mlx5: IPsec, Fix coverity issue The cited commit introduced the following coverity issue at functions mlx5_fpga_is_ipsec_device() and mlx5_fpga_ipsec_release_sa_ctx(): - bit_and_with_zero: accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT is always 0. As MLX5_ACCEL_ESP_ACTION_DECRYPT is not a bitwise flag and was wrongly used with bitwise operation, the above expression is always zero value as MLX5_ACCEL_ESP_ACTION_DECRYPT is zero. Fix by using "==" comparison operator instead. Fixes: 7dfee4b1d79e ("net/mlx5: IPsec, Refactor SA handle creation and destruction") Signed-off-by: Raed Salem Signed-off-by: Saeed Mahameed --- drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c b/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c index 0604216eb94f..b463787d6ca1 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c @@ -708,7 +708,7 @@ void *mlx5_fpga_ipsec_create_sa_ctx(struct mlx5_core_dev *mdev, goto exists; } - if (accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT) { + if (accel_xfrm->attrs.action == MLX5_ACCEL_ESP_ACTION_DECRYPT) { err = ida_simple_get(&fipsec->halloc, 1, 0, GFP_KERNEL); if (err < 0) { context = ERR_PTR(err); @@ -759,7 +759,7 @@ void *mlx5_fpga_ipsec_create_sa_ctx(struct mlx5_core_dev *mdev, rhash_sa)); unlock_hash: mutex_unlock(&fipsec->sa_hash_lock); - if (accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT) + if (accel_xfrm->attrs.action == MLX5_ACCEL_ESP_ACTION_DECRYPT) ida_simple_remove(&fipsec->halloc, sa_ctx->sa_handle); exists: mutex_unlock(&fpga_xfrm->lock);