sfc: Allow filter removal only with exactly matching priority

Currently a higher priority client can remove a lower priority
client's filter with equal match-expression.  This might happen if (a)
the higher priority client has a double-free bug, or (b) another
client with sufficient priority replaced and then removed an equal
filter, allowing the low priority client to insert an equal filter.

In neither case does it actually make sense to carry out the removal;
we should say the filter doesn't exist, as the filter currently
present is not the one that the high-priority client is referring to.

Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>

diff --git a/drivers/net/ethernet/sfc/ef10.c b/drivers/net/ethernet/sfc/ef10.c
index 2adc8e4..155602c 100644 (file)
--- a/drivers/net/ethernet/sfc/ef10.c
+++ b/drivers/net/ethernet/sfc/ef10.c
@@ -2563,7 +2563,7 @@ static int efx_ef10_filter_remove_internal(struct efx_nic *efx,
                goto out_unlock;
        }
 
-       if (spec->priority > priority) {
+       if (spec->priority != priority) {
                rc = -ENOENT;
                goto out_unlock;
        }

diff --git a/drivers/net/ethernet/sfc/farch.c b/drivers/net/ethernet/sfc/farch.c
index 378d6b9..eed0741 100644 (file)
--- a/drivers/net/ethernet/sfc/farch.c
+++ b/drivers/net/ethernet/sfc/farch.c
@@ -2543,7 +2543,7 @@ static int efx_farch_filter_remove(struct efx_nic *efx,
        struct efx_farch_filter_spec *spec = &table->spec[filter_idx];
 
        if (!test_bit(filter_idx, table->used_bitmap) ||
-           spec->priority > priority)
+           spec->priority != priority)
                return -ENOENT;
 
        if (spec->flags & EFX_FILTER_FLAG_RX_OVER_AUTO) {