fixes for v4.4

Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/queue-4.4/nfs-remove-superfluous-kmap-in-nfs_readdir_xdr_to_ar.patch b/queue-4.4/nfs-remove-superfluous-kmap-in-nfs_readdir_xdr_to_ar.patch
new file mode 100644 (file)
index 0000000..0a71695
--- /dev/null
+++ b/queue-4.4/nfs-remove-superfluous-kmap-in-nfs_readdir_xdr_to_ar.patch
@@ -0,0 +1,36 @@
+From 5ca602b609551fb8de192d17c1e319650fcdda3d Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 13 Mar 2020 21:24:43 +0100
+Subject: NFS: Remove superfluous kmap in nfs_readdir_xdr_to_array
+
+From: Petr Malat <oss@malat.biz>
+
+Array is mapped by nfs_readdir_get_array(), the further kmap is a result
+of a bad merge and should be removed.
+
+This resource leakage can be exploited for DoS by receptively reading
+a content of a directory on NFS (e.g. by running ls).
+
+Fixes: 67a56e9743171 ("NFS: Fix memory leaks and corruption in readdir")
+Signed-off-by: Petr Malat <oss@malat.biz>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/nfs/dir.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
+index 2ac3d2527ad20..21e5fcbcb2272 100644
+--- a/fs/nfs/dir.c
++++ b/fs/nfs/dir.c
+@@ -657,8 +657,6 @@ int nfs_readdir_xdr_to_array(nfs_readdir_descriptor_t *desc, struct page *page,
+               goto out_label_free;
+       }
+ 
+-      array = kmap(page);
+-
+       status = nfs_readdir_alloc_pages(pages, array_size);
+       if (status < 0)
+               goto out_release_array;
+-- 
+2.20.1
+

diff --git a/queue-4.4/series b/queue-4.4/series
new file mode 100644 (file)
index 0000000..48d01d4
--- /dev/null
+++ b/queue-4.4/series
@@ -0,0 +1 @@
+nfs-remove-superfluous-kmap-in-nfs_readdir_xdr_to_ar.patch