Usage of unprotected port mask without any configured SA inbound, will
cause use of uninitialized SA context, so disallow such configuration.
Signed-off-by: Volodymyr Fialko <vfia...@marvell.com>
---
examples/ipsec-secgw/ipsec-secgw.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/examples/ipsec-secgw/ipsec-secgw.c
b/examples/ipsec-secgw/ipsec-secgw.c
index a643eb3aa7..602e170c96 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -3321,6 +3321,9 @@ main(int32_t argc, char **argv)
rte_exit(EXIT_FAILURE, "Invalid unprotected portmask 0x%x\n",
unprotected_port_mask);
+ if (unprotected_port_mask && !nb_sa_in)
+ rte_exit(EXIT_FAILURE, "Cannot use unprotected portmask without
configured SA inbound\n");
+
if (check_poll_mode_params(eh_conf) < 0)
rte_exit(EXIT_FAILURE, "check_poll_mode_params failed\n");
--
2.25.1
