From 71b26cf7638190342299458b393ae08d88c7b377 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 21 Oct 2025 20:17:08 +0200 Subject: [PATCH] drop 5.4 patches that shouldn't have been there. --- ...-policy-check-from-check_nfsd_access.patch | 186 ------------------ ...-are-powered-for-config-reads-part-2.patch | 71 ------- queue-5.4/series | 2 - 3 files changed, 259 deletions(-) delete mode 100644 queue-5.4/nfsd-decouple-the-xprtsec-policy-check-from-check_nfsd_access.patch delete mode 100644 queue-5.4/pci-sysfs-ensure-devices-are-powered-for-config-reads-part-2.patch diff --git a/queue-5.4/nfsd-decouple-the-xprtsec-policy-check-from-check_nfsd_access.patch b/queue-5.4/nfsd-decouple-the-xprtsec-policy-check-from-check_nfsd_access.patch deleted file mode 100644 index ad38340935..0000000000 --- a/queue-5.4/nfsd-decouple-the-xprtsec-policy-check-from-check_nfsd_access.patch +++ /dev/null @@ -1,186 +0,0 @@ -From smayhew@redhat.com Tue Oct 21 20:11:20 2025 -From: Scott Mayhew -Date: Mon, 20 Oct 2025 16:50:04 -0400 -Subject: nfsd: decouple the xprtsec policy check from check_nfsd_access() -To: stable@vger.kernel.org -Cc: chuck.lever@oracle.com -Message-ID: <20251020205004.1034718-1-smayhew@redhat.com> - -From: Scott Mayhew - -[ Upstream commit e4f574ca9c6dfa66695bb054ff5df43ecea873ec ] - -This is a backport of e4f574ca9c6d specifically for the 6.6-stable -kernel. It differs from the upstream version mainly in that it's -working around the absence of some 6.12-era commits: -- 1459ad57673b nfsd: Move error code mapping to per-version proc code. -- 0a183f24a7ae NFSD: Handle @rqstp == NULL in check_nfsd_access() -- 5e66d2d92a1c nfsd: factor out __fh_verify to allow NULL rqstp to be - passed - -A while back I had reported that an NFSv3 client could successfully -mount using '-o xprtsec=none' an export that had been exported with -'xprtsec=tls:mtls'. By "successfully" I mean that the mount command -would succeed and the mount would show up in /proc/mount. Attempting -to do anything futher with the mount would be met with NFS3ERR_ACCES. - -Transport Layer Security isn't an RPC security flavor or pseudo-flavor, -so we shouldn't be conflating them when determining whether the access -checks can be bypassed. Split check_nfsd_access() into two helpers, and -have fh_verify() call the helpers directly since fh_verify() has -logic that allows one or both of the checks to be skipped. All other -sites will continue to call check_nfsd_access(). - -Link: https://lore.kernel.org/linux-nfs/ZjO3Qwf_G87yNXb2@aion/ -Fixes: 9280c5774314 ("NFSD: Handle new xprtsec= export option") -Signed-off-by: Scott Mayhew -Acked-by: Chuck Lever -Signed-off-by: Greg Kroah-Hartman ---- - fs/nfsd/export.c | 60 +++++++++++++++++++++++++++++++++++++++++------- - fs/nfsd/export.h | 2 ++ - fs/nfsd/nfsfh.c | 12 +++++++++- - 3 files changed, 65 insertions(+), 9 deletions(-) - -diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c -index 4b5d998cbc2f..f4e77859aa85 100644 ---- a/fs/nfsd/export.c -+++ b/fs/nfsd/export.c -@@ -1071,28 +1071,62 @@ static struct svc_export *exp_find(struct cache_detail *cd, - return exp; - } - --__be32 check_nfsd_access(struct svc_export *exp, struct svc_rqst *rqstp) -+/** -+ * check_xprtsec_policy - check if access to export is allowed by the -+ * xprtsec policy -+ * @exp: svc_export that is being accessed. -+ * @rqstp: svc_rqst attempting to access @exp. -+ * -+ * Helper function for check_nfsd_access(). Note that callers should be -+ * using check_nfsd_access() instead of calling this function directly. The -+ * one exception is fh_verify() since it has logic that may result in one -+ * or both of the helpers being skipped. -+ * -+ * Return values: -+ * %nfs_ok if access is granted, or -+ * %nfserr_acces or %nfserr_wrongsec if access is denied -+ */ -+__be32 check_xprtsec_policy(struct svc_export *exp, struct svc_rqst *rqstp) - { -- struct exp_flavor_info *f, *end = exp->ex_flavors + exp->ex_nflavors; - struct svc_xprt *xprt = rqstp->rq_xprt; - - if (exp->ex_xprtsec_modes & NFSEXP_XPRTSEC_NONE) { - if (!test_bit(XPT_TLS_SESSION, &xprt->xpt_flags)) -- goto ok; -+ return nfs_ok; - } - if (exp->ex_xprtsec_modes & NFSEXP_XPRTSEC_TLS) { - if (test_bit(XPT_TLS_SESSION, &xprt->xpt_flags) && - !test_bit(XPT_PEER_AUTH, &xprt->xpt_flags)) -- goto ok; -+ return nfs_ok; - } - if (exp->ex_xprtsec_modes & NFSEXP_XPRTSEC_MTLS) { - if (test_bit(XPT_TLS_SESSION, &xprt->xpt_flags) && - test_bit(XPT_PEER_AUTH, &xprt->xpt_flags)) -- goto ok; -+ return nfs_ok; - } -- goto denied; - --ok: -+ return rqstp->rq_vers < 4 ? nfserr_acces : nfserr_wrongsec; -+} -+ -+/** -+ * check_security_flavor - check if access to export is allowed by the -+ * xprtsec policy -+ * @exp: svc_export that is being accessed. -+ * @rqstp: svc_rqst attempting to access @exp. -+ * -+ * Helper function for check_nfsd_access(). Note that callers should be -+ * using check_nfsd_access() instead of calling this function directly. The -+ * one exception is fh_verify() since it has logic that may result in one -+ * or both of the helpers being skipped. -+ * -+ * Return values: -+ * %nfs_ok if access is granted, or -+ * %nfserr_acces or %nfserr_wrongsec if access is denied -+ */ -+__be32 check_security_flavor(struct svc_export *exp, struct svc_rqst *rqstp) -+{ -+ struct exp_flavor_info *f, *end = exp->ex_flavors + exp->ex_nflavors; -+ - /* legacy gss-only clients are always OK: */ - if (exp->ex_client == rqstp->rq_gssclient) - return 0; -@@ -1117,10 +1151,20 @@ __be32 check_nfsd_access(struct svc_export *exp, struct svc_rqst *rqstp) - if (nfsd4_spo_must_allow(rqstp)) - return 0; - --denied: - return rqstp->rq_vers < 4 ? nfserr_acces : nfserr_wrongsec; - } - -+__be32 check_nfsd_access(struct svc_export *exp, struct svc_rqst *rqstp) -+{ -+ __be32 status; -+ -+ status = check_xprtsec_policy(exp, rqstp); -+ if (status != nfs_ok) -+ return status; -+ -+ return check_security_flavor(exp, rqstp); -+} -+ - /* - * Uses rq_client and rq_gssclient to find an export; uses rq_client (an - * auth_unix client) if it's available and has secinfo information; -diff --git a/fs/nfsd/export.h b/fs/nfsd/export.h -index ca9dc230ae3d..4a48b2ad5606 100644 ---- a/fs/nfsd/export.h -+++ b/fs/nfsd/export.h -@@ -100,6 +100,8 @@ struct svc_expkey { - #define EX_WGATHER(exp) ((exp)->ex_flags & NFSEXP_GATHERED_WRITES) - - int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp); -+__be32 check_xprtsec_policy(struct svc_export *exp, struct svc_rqst *rqstp); -+__be32 check_security_flavor(struct svc_export *exp, struct svc_rqst *rqstp); - __be32 check_nfsd_access(struct svc_export *exp, struct svc_rqst *rqstp); - - /* -diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c -index c2495d98c189..283c1a60c846 100644 ---- a/fs/nfsd/nfsfh.c -+++ b/fs/nfsd/nfsfh.c -@@ -370,6 +370,16 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, umode_t type, int access) - if (error) - goto out; - -+ /* -+ * NLM is allowed to bypass the xprtsec policy check because lockd -+ * doesn't support xprtsec. -+ */ -+ if (!(access & NFSD_MAY_LOCK)) { -+ error = check_xprtsec_policy(exp, rqstp); -+ if (error) -+ goto out; -+ } -+ - /* - * pseudoflavor restrictions are not enforced on NLM, - * which clients virtually always use auth_sys for, -@@ -386,7 +396,7 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, umode_t type, int access) - && exp->ex_path.dentry == dentry) - goto skip_pseudoflavor_check; - -- error = check_nfsd_access(exp, rqstp); -+ error = check_security_flavor(exp, rqstp); - if (error) - goto out; - --- -2.47.3 - diff --git a/queue-5.4/pci-sysfs-ensure-devices-are-powered-for-config-reads-part-2.patch b/queue-5.4/pci-sysfs-ensure-devices-are-powered-for-config-reads-part-2.patch deleted file mode 100644 index 7e81ab5c6d..0000000000 --- a/queue-5.4/pci-sysfs-ensure-devices-are-powered-for-config-reads-part-2.patch +++ /dev/null @@ -1,71 +0,0 @@ -From briannorris@chromium.org Tue Oct 21 20:12:10 2025 -From: Brian Norris -Date: Mon, 20 Oct 2025 13:41:36 -0700 -Subject: PCI/sysfs: Ensure devices are powered for config reads (part 2) -To: stable@vger.kernel.org -Cc: bhelgaas@google.com, Brian Norris , Brian Norris -Message-ID: <20251020204146.3193844-1-briannorris@chromium.org> - -From: Brian Norris - -Commit 48991e493507 ("PCI/sysfs: Ensure devices are powered for config -reads") was applied to various linux-stable trees. However, prior to -6.12.y, we do not have commit d2bd39c0456b ("PCI: Store all PCIe -Supported Link Speeds"). Therefore, we also need to apply the change to -max_link_speed_show(). - -This was pointed out here: - - Re: Patch "PCI/sysfs: Ensure devices are powered for config reads" has been added to the 6.6-stable tree - https://lore.kernel.org/all/aPEMIreBYZ7yk3cm@google.com/ - -Original change description follows: - - The "max_link_width", "current_link_speed", "current_link_width", - "secondary_bus_number", and "subordinate_bus_number" sysfs files all access - config registers, but they don't check the runtime PM state. If the device - is in D3cold or a parent bridge is suspended, we may see -EINVAL, bogus - values, or worse, depending on implementation details. - - Wrap these access in pci_config_pm_runtime_{get,put}() like most of the - rest of the similar sysfs attributes. - - Notably, "max_link_speed" does not access config registers; it returns a - cached value since d2bd39c0456b ("PCI: Store all PCIe Supported Link - Speeds"). - -Fixes: 56c1af4606f0 ("PCI: Add sysfs max_link_speed/width, current_link_speed/width, etc") -Link: https://lore.kernel.org/all/aPEMIreBYZ7yk3cm@google.com/ -Signed-off-by: Brian Norris -Signed-off-by: Brian Norris -Cc: stable@vger.kernel.org -Signed-off-by: Greg Kroah-Hartman ---- - drivers/pci/pci-sysfs.c | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c -index 449d42744d33..300caafcfa10 100644 ---- a/drivers/pci/pci-sysfs.c -+++ b/drivers/pci/pci-sysfs.c -@@ -186,9 +186,15 @@ static ssize_t max_link_speed_show(struct device *dev, - struct device_attribute *attr, char *buf) - { - struct pci_dev *pdev = to_pci_dev(dev); -+ ssize_t ret; -+ -+ /* We read PCI_EXP_LNKCAP, so we need the device to be accessible. */ -+ pci_config_pm_runtime_get(pdev); -+ ret = sysfs_emit(buf, "%s\n", -+ pci_speed_string(pcie_get_speed_cap(pdev))); -+ pci_config_pm_runtime_put(pdev); - -- return sysfs_emit(buf, "%s\n", -- pci_speed_string(pcie_get_speed_cap(pdev))); -+ return ret; - } - static DEVICE_ATTR_RO(max_link_speed); - --- -2.51.0.869.ge66316f041-goog - diff --git a/queue-5.4/series b/queue-5.4/series index 7f48b1ae7a..9b8bb00864 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -170,5 +170,3 @@ sched-balancing-rename-newidle_balance-sched_balance.patch sched-fair-fix-pelt-lost-idle-time-detection.patch alsa-firewire-amdtp-stream-fix-enum-kernel-doc-warni.patch hfsplus-fix-slab-out-of-bounds-read-in-hfsplus_strcasecmp.patch -pci-sysfs-ensure-devices-are-powered-for-config-reads-part-2.patch -nfsd-decouple-the-xprtsec-policy-check-from-check_nfsd_access.patch -- 2.47.3