From 6c7431ea5a4f6bd3ca9e42a89cb26ebbd653e567 Mon Sep 17 00:00:00 2001
From: Yousaf Kaukab <ykaukab@suse.de>
Date: Apr 05 2023 14:10:41 +0000
Subject: Merge remote-tracking branch 'origin/users/nfbrown/SLE15-SP5-GA/for-next' into SLE15-SP5-GA


Pull nfsd fix from NeilBrown

---

diff --git a/patches.suse/NFSD-fix-use-after-free-in-nfsd4_ssc_setup_dul.patch b/patches.suse/NFSD-fix-use-after-free-in-nfsd4_ssc_setup_dul.patch
new file mode 100644
index 0000000..ad82532
--- /dev/null
+++ b/patches.suse/NFSD-fix-use-after-free-in-nfsd4_ssc_setup_dul.patch
@@ -0,0 +1,32 @@
+From: Xingyuan Mo <hdthky0@gmail.com>
+Date: Thu, 12 Jan 2023 00:24:53 +0800
+Subject: [PATCH] NFSD: fix use-after-free in nfsd4_ssc_setup_dul()
+Git-commit: e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd
+Patch-mainline: v6.2
+References: git-fixes bsc#1209788 CVE-2023-1652
+
+If signal_pending() returns true, schedule_timeout() will not be executed,
+causing the waiting task to remain in the wait queue.
+Fixed by adding a call to finish_wait(), which ensures that the waiting
+task will always be removed from the wait queue.
+
+Fixes: f4e44b393389 ("NFSD: delay unmount source's export after inter-server copy completed.")
+Signed-off-by: Xingyuan Mo <hdthky0@gmail.com>
+Reviewed-by: Jeff Layton <jlayton@kernel.org>
+Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
+Acked-by: NeilBrown <neilb@suse.com>
+
+---
+ fs/nfsd/nfs4proc.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/fs/nfsd/nfs4proc.c
++++ b/fs/nfsd/nfs4proc.c
+@@ -1205,6 +1205,7 @@ try_again:
+ 			/* allow 20secs for mount/unmount for now - revisit */
+ 			if (signal_pending(current) ||
+ 					(schedule_timeout(20*HZ) == 0)) {
++				finish_wait(&nn->nfsd_ssc_waitq, &wait);
+ 				kfree(work);
+ 				return nfserr_eagain;
+ 			}
diff --git a/series.conf b/series.conf
index 7dde8c6..007771c 100644
--- a/series.conf
+++ b/series.conf
@@ -36801,6 +36801,7 @@
 	patches.suse/cifs-fix-potential-memory-leaks-in-session-setup.patch
 	patches.suse/cifs-Fix-uninitialized-memory-read-for-smb311-posix-symlink-create.patch
 	patches.suse/tomoyo-fix-broken-dependency-on-.conf.default.patch
+	patches.suse/NFSD-fix-use-after-free-in-nfsd4_ssc_setup_dul.patch
 	patches.suse/HID-intel_ish-hid-Add-check-for-ishtp_dma_tx_map.patch
 	patches.suse/HID-check-empty-report_list-in-hid_validate_values.patch
 	patches.suse/HID-check-empty-report_list-in-bigben_probe.patch