From 0a644a1a5d417e190a96cf7a788fcaf7d0557873 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Fri, 16 Feb 2024 16:54:42 +0100
Subject: [PATCH] 5.4-stable patches

added patches:
	netfilter-nft_set_rbtree-skip-end-interval-element-from-gc.patch
---
 ...ee-skip-end-interval-element-from-gc.patch | 52 +++++++++++++++++++
 queue-5.4/series                              |  1 +
 2 files changed, 53 insertions(+)
 create mode 100644 queue-5.4/netfilter-nft_set_rbtree-skip-end-interval-element-from-gc.patch

diff --git a/queue-5.4/netfilter-nft_set_rbtree-skip-end-interval-element-from-gc.patch b/queue-5.4/netfilter-nft_set_rbtree-skip-end-interval-element-from-gc.patch
new file mode 100644
index 00000000000..9e3c6e0219f
--- /dev/null
+++ b/queue-5.4/netfilter-nft_set_rbtree-skip-end-interval-element-from-gc.patch
@@ -0,0 +1,52 @@
+From 60c0c230c6f046da536d3df8b39a20b9a9fd6af0 Mon Sep 17 00:00:00 2001
+From: Pablo Neira Ayuso <pablo@netfilter.org>
+Date: Wed, 7 Feb 2024 18:49:51 +0100
+Subject: netfilter: nft_set_rbtree: skip end interval element from gc
+
+From: Pablo Neira Ayuso <pablo@netfilter.org>
+
+commit 60c0c230c6f046da536d3df8b39a20b9a9fd6af0 upstream.
+
+rbtree lazy gc on insert might collect an end interval element that has
+been just added in this transactions, skip end interval elements that
+are not yet active.
+
+Fixes: f718863aca46 ("netfilter: nft_set_rbtree: fix overlap expiration walk")
+Cc: stable@vger.kernel.org
+Reported-by: lonial con <kongln9170@gmail.com>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/netfilter/nft_set_rbtree.c |    7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+--- a/net/netfilter/nft_set_rbtree.c
++++ b/net/netfilter/nft_set_rbtree.c
+@@ -237,8 +237,7 @@ static void nft_rbtree_gc_remove(struct
+ 
+ static int nft_rbtree_gc_elem(const struct nft_set *__set,
+ 			      struct nft_rbtree *priv,
+-			      struct nft_rbtree_elem *rbe,
+-			      u8 genmask)
++			      struct nft_rbtree_elem *rbe)
+ {
+ 	struct nft_set *set = (struct nft_set *)__set;
+ 	struct rb_node *prev = rb_prev(&rbe->node);
+@@ -257,7 +256,7 @@ static int nft_rbtree_gc_elem(const stru
+ 	while (prev) {
+ 		rbe_prev = rb_entry(prev, struct nft_rbtree_elem, node);
+ 		if (nft_rbtree_interval_end(rbe_prev) &&
+-		    nft_set_elem_active(&rbe_prev->ext, genmask))
++		    nft_set_elem_active(&rbe_prev->ext, NFT_GENMASK_ANY))
+ 			break;
+ 
+ 		prev = rb_prev(prev);
+@@ -365,7 +364,7 @@ static int __nft_rbtree_insert(const str
+ 		 */
+ 		if (nft_set_elem_expired(&rbe->ext) &&
+ 		    nft_set_elem_active(&rbe->ext, cur_genmask)) {
+-			err = nft_rbtree_gc_elem(set, priv, rbe, genmask);
++			err = nft_rbtree_gc_elem(set, priv, rbe);
+ 			if (err < 0)
+ 				return err;
+ 
diff --git a/queue-5.4/series b/queue-5.4/series
index 29bab991a66..82c3b879c41 100644
--- a/queue-5.4/series
+++ b/queue-5.4/series
@@ -200,3 +200,4 @@ input-atkbd-skip-atkbd_cmd_setleds-when-skipping-atkbd_cmd_getid.patch
 vhost-use-kzalloc-instead-of-kmalloc-followed-by-memset.patch
 net-stmmac-xgmac-use-define-for-string-constants.patch
 net-stmmac-xgmac-fix-a-typo-of-register-name-in-dpp-safety-handling.patch
+netfilter-nft_set_rbtree-skip-end-interval-element-from-gc.patch
-- 
2.47.3