From f72848021d603846be8aed662bd23372c7d6688e Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Thu, 21 Nov 2013 19:11:47 +0000 Subject: [PATCH] sfc: Allow filter removal only with exactly matching priority Currently a higher priority client can remove a lower priority client's filter with equal match-expression. This might happen if (a) the higher priority client has a double-free bug, or (b) another client with sufficient priority replaced and then removed an equal filter, allowing the low priority client to insert an equal filter. In neither case does it actually make sense to carry out the removal; we should say the filter doesn't exist, as the filter currently present is not the one that the high-priority client is referring to. Signed-off-by: Ben Hutchings --- drivers/net/ethernet/sfc/ef10.c | 2 +- drivers/net/ethernet/sfc/farch.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/sfc/ef10.c b/drivers/net/ethernet/sfc/ef10.c index 2adc8e4..155602c 100644 --- a/drivers/net/ethernet/sfc/ef10.c +++ b/drivers/net/ethernet/sfc/ef10.c @@ -2563,7 +2563,7 @@ static int efx_ef10_filter_remove_internal(struct efx_nic *efx, goto out_unlock; } - if (spec->priority > priority) { + if (spec->priority != priority) { rc = -ENOENT; goto out_unlock; } diff --git a/drivers/net/ethernet/sfc/farch.c b/drivers/net/ethernet/sfc/farch.c index 378d6b9..eed0741 100644 --- a/drivers/net/ethernet/sfc/farch.c +++ b/drivers/net/ethernet/sfc/farch.c @@ -2543,7 +2543,7 @@ static int efx_farch_filter_remove(struct efx_nic *efx, struct efx_farch_filter_spec *spec = &table->spec[filter_idx]; if (!test_bit(filter_idx, table->used_bitmap) || - spec->priority > priority) + spec->priority != priority) return -ENOENT; if (spec->flags & EFX_FILTER_FLAG_RX_OVER_AUTO) { -- 2.7.4