From: Raed Salem <raeds@mellanox.com>
Date: Wed, 22 Apr 2020 09:19:08 +0300
Subject: net/mlx5: IPsec, Fix coverity issue
Patch-mainline: v5.8-rc1
Git-commit: 72d3fef16158b9c1852855a3846757ec165c16e1
References: jsc#SLE-15172

The cited commit introduced the following coverity issue at functions
mlx5_fpga_is_ipsec_device() and mlx5_fpga_ipsec_release_sa_ctx():
- bit_and_with_zero:
  accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT is always 0.

As MLX5_ACCEL_ESP_ACTION_DECRYPT is not a bitwise flag and was wrongly
used with bitwise operation, the above expression is always zero value
as MLX5_ACCEL_ESP_ACTION_DECRYPT is zero.

Fix by using "==" comparison operator instead.

Fixes: 7dfee4b1d79e ("net/mlx5: IPsec, Refactor SA handle creation and destruction")
Signed-off-by: Raed Salem <raeds@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Acked-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
---
 drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fpga/ipsec.c
@@ -708,7 +708,7 @@ void *mlx5_fpga_ipsec_create_sa_ctx(stru
 		goto exists;
 	}
 
-	if (accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT) {
+	if (accel_xfrm->attrs.action == MLX5_ACCEL_ESP_ACTION_DECRYPT) {
 		err = ida_simple_get(&fipsec->halloc, 1, 0, GFP_KERNEL);
 		if (err < 0) {
 			context = ERR_PTR(err);
@@ -759,7 +759,7 @@ delete_hash:
 				       rhash_sa));
 unlock_hash:
 	mutex_unlock(&fipsec->sa_hash_lock);
-	if (accel_xfrm->attrs.action & MLX5_ACCEL_ESP_ACTION_DECRYPT)
+	if (accel_xfrm->attrs.action == MLX5_ACCEL_ESP_ACTION_DECRYPT)
 		ida_simple_remove(&fipsec->halloc, sa_ctx->sa_handle);
 exists:
 	mutex_unlock(&fpga_xfrm->lock);