[PATCH 4.14 40/41] cls_flower: Fix incorrect idr release when failing to modify rule

From: Greg Kroah-Hartman
Date: Sat Jun 09 2018 - 11:38:44 EST

4.14-stable review patch. If anyone has any objections, please let me know.


From: Paul Blakey <paulb@xxxxxxxxxxxx>

[ Upstream commit 8258d2da9f9f521dce7019e018360c28d116354e ]

When we fail to modify a rule, we incorrectly release the idr handle
of the unmodified old rule.

Fix that by checking if we need to release it.

Fixes: fe2502e49b58 ("net_sched: remove cls_flower idr on failure")
Reported-by: Vlad Buslov <vladbu@xxxxxxxxxxxx>
Reviewed-by: Roi Dayan <roid@xxxxxxxxxxxx>
Acked-by: Jiri Pirko <jiri@xxxxxxxxxxxx>
Signed-off-by: Paul Blakey <paulb@xxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
net/sched/cls_flower.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -1007,7 +1007,7 @@ static int fl_change(struct net *net, st
return 0;

- if (fnew->handle)
+ if (!fold)
idr_remove_ext(&head->handle_idr, fnew->handle);