On 2/17/2026 12:13 PM, Anatoly Burakov wrote:
These filters are mashed together even though they almost do not share any
code at all between each other. Separate security filter from ntuple filter
and parse it separately.
Signed-off-by: Anatoly Burakov <[email protected]>
---
drivers/net/intel/ixgbe/ixgbe_flow.c | 194 ++++++++++++++++-----------
1 file changed, 114 insertions(+), 80 deletions(-)
<snip>
+
+ /*
+ * we get pointer to security session from security action,
+ * which is const. however, we do need to act on the session, so
+ * either we do some kind of pointer based lookup to get session
+ * pointer internally (which quickly gets unwieldy for lots of
+ * flows case), or we simply cast away constness.
+ */
+ session = RTE_CAST_PTR(struct rte_security_session *,
security->security_session);
+ return ixgbe_crypto_add_ingress_sa_from_flow(session, &spec);
nit: I'd recommend to handle error here in the same way it is handled in
this function, i.e. if (ret) {rte_flow_error_set() ... }
apart from this
Acked-by: Vladimir Medvedkin <[email protected]>
+}
+
/* a specific function for ixgbe because the flags is specific */
static int
ixgbe_parse_ntuple_filter(struct rte_eth_dev *dev,
<snip>
--
Regards,
Vladimir
